From 5d643cc03337448602b9ea7aee4d9c4581ca9434 Mon Sep 17 00:00:00 2001 From: grauerfuchs <42082416+grauerfuchs@users.noreply.github.com> Date: Tue, 28 Aug 2018 13:34:21 -0400 Subject: [PATCH] lf hid: Added encode/decode support for Issue Level Issue Level added to encode/decode support By default, invalid parity will not show on decode (with option to show) Added two new 36-bit formats including first format to use issue level --- client/cmdlfhid.c | 18 ++-- client/hidcardformats.c | 160 ++++++++++++++++++++++++++++-------- client/hidcardformats.h | 2 +- client/hidcardformatutils.c | 2 +- client/hidcardformatutils.h | 2 +- 5 files changed, 142 insertions(+), 42 deletions(-) diff --git a/client/cmdlfhid.c b/client/cmdlfhid.c index d8e151b9..66dfae8b 100644 --- a/client/cmdlfhid.c +++ b/client/cmdlfhid.c @@ -98,7 +98,7 @@ int CmdFSKdemodHID(const char *Cmd) ); hidproxmessage_t packed = initialize_proxmessage_object(hi2, hi, lo); - bool ret = HIDTryUnpack(&packed); + bool ret = HIDTryUnpack(&packed, false); if (!ret) { PrintAndLog("Invalid or unsupported tag length."); @@ -164,20 +164,26 @@ int CmdHIDClone(const char *Cmd) int CmdHIDDecode(const char *Cmd){ if (strlen(Cmd)<3) { - PrintAndLog("Usage: lf hid decode "); + PrintAndLog("Usage: lf hid decode {p}"); + PrintAndLog(" (optional) p: Ignore invalid parity"); PrintAndLog(" sample: lf hid decode 2006f623ae"); return 0; } uint32_t top = 0, mid = 0, bot = 0; + bool ignoreParity = false; hexstring_to_int96(&top, &mid, &bot, Cmd); hidproxmessage_t packed = initialize_proxmessage_object(top, mid, bot); - HIDTryUnpack(&packed); + + char opt = param_getchar(Cmd, 1); + if (opt == 'p') ignoreParity = true; + + HIDTryUnpack(&packed, ignoreParity); return 0; } int CmdHIDEncode(const char *Cmd) { if (strlen(Cmd) == 0) { - PrintAndLog("Usage: lf hid encode "); + PrintAndLog("Usage: lf hid encode [issue level (decimal)]"); PrintAndLog(" sample: lf hid encode H10301 123 4567"); return 0; } @@ -201,6 +207,7 @@ int CmdHIDEncode(const char *Cmd) { memset(&card, 0, sizeof(hidproxcard_t)); card.FacilityCode = param_get32ex(Cmd, 1, 0, 10); card.CardNumber = param_get64ex(Cmd, 2, 0, 10); + card.IssueLevel = param_get32ex(Cmd, 3, 0, 10); card.ParitySupported = true; // Try to encode parity if supported. hidproxmessage_t packed; @@ -221,7 +228,7 @@ int CmdHIDEncode(const char *Cmd) { int CmdHIDWrite(const char *Cmd) { if (strlen(Cmd) == 0) { - PrintAndLog("Usage: lf hid write "); + PrintAndLog("Usage: lf hid write [issue level (decimal)]"); PrintAndLog(" sample: lf hid write H10301 123 4567"); return 0; } @@ -245,6 +252,7 @@ int CmdHIDWrite(const char *Cmd) { memset(&card, 0, sizeof(hidproxcard_t)); card.FacilityCode = param_get32ex(Cmd, 1, 0, 10); card.CardNumber = param_get64ex(Cmd, 2, 0, 10); + card.IssueLevel = param_get32ex(Cmd, 3, 0, 10); card.ParitySupported = true; // Try to encode parity if supported. hidproxmessage_t packed; diff --git a/client/hidcardformats.c b/client/hidcardformats.c index 379eb68f..4d0c2a50 100644 --- a/client/hidcardformats.c +++ b/client/hidcardformats.c @@ -11,6 +11,7 @@ #include #include #include +#include #include "cmddata.h" #include "hidcardformats.h" #include "hidcardformatutils.h" @@ -21,7 +22,8 @@ bool Pack_H10301(/*in*/hidproxcard_t* card, /*out*/hidproxmessage_t* packed){ memset(packed, 0, sizeof(hidproxmessage_t)); if (card->FacilityCode > 0xFF) return false; // Can't encode FC. if (card->CardNumber > 0xFFFF) return false; // Can't encode CN. - + if (card->IssueLevel > 0) return false; // Not used in this format + packed->Length = 26; // Set number of bits packed->bot |= (card->CardNumber & 0xFFFF) << 1; packed->bot |= (card->FacilityCode & 0xFF) << 17; @@ -47,6 +49,8 @@ bool Pack_Tecom27(/*in*/hidproxcard_t* card, /*out*/hidproxmessage_t* packed){ memset(packed, 0, sizeof(hidproxmessage_t)); if (card->FacilityCode > 0x7FF) return false; // Can't encode FC. if (card->CardNumber > 0xFFFF) return false; // Can't encode CN. + if (card->IssueLevel > 0) return false; // Not used in this format + packed->Length = 27; set_nonlinear_field(packed, card->FacilityCode, 10, (uint8_t[]){15, 19, 24, 23, 22, 18, 6, 10, 14, 3, 2}); set_nonlinear_field(packed, card->CardNumber, 16, (uint8_t[]){0, 1, 13, 12, 9, 26, 20, 16, 17, 21, 25, 7, 8, 11, 4, 5}); @@ -65,6 +69,8 @@ bool Pack_2804W(/*in*/hidproxcard_t* card, /*out*/hidproxmessage_t* packed){ memset(packed, 0, sizeof(hidproxmessage_t)); if (card->FacilityCode > 0x0FF) return false; // Can't encode FC. if (card->CardNumber > 0x7FFF) return false; // Can't encode CN. + if (card->IssueLevel > 0) return false; // Not used in this format + packed->Length = 28; set_linear_field(packed, card->FacilityCode, 4, 8); set_linear_field(packed, card->CardNumber, 12, 15); @@ -98,6 +104,8 @@ bool Pack_ATSW30(/*in*/hidproxcard_t* card, /*out*/hidproxmessage_t* packed){ memset(packed, 0, sizeof(hidproxmessage_t)); if (card->FacilityCode > 0xFFF) return false; // Can't encode FC. if (card->CardNumber > 0xFFFF) return false; // Can't encode CN. + if (card->IssueLevel > 0) return false; // Not used in this format + packed->Length = 30; set_linear_field(packed, card->FacilityCode, 1, 12); set_linear_field(packed, card->CardNumber, 13, 16); @@ -126,6 +134,8 @@ bool Pack_ADT31(/*in*/hidproxcard_t* card, /*out*/hidproxmessage_t* packed){ memset(packed, 0, sizeof(hidproxmessage_t)); if (card->FacilityCode > 0x0F) return false; // Can't encode FC. if (card->CardNumber > 0x7FFFFF) return false; // Can't encode CN. + if (card->IssueLevel > 0) return false; // Not used in this format + packed->Length = 31; set_linear_field(packed, card->FacilityCode, 1, 4); set_linear_field(packed, card->CardNumber, 5, 23); @@ -145,7 +155,8 @@ bool Pack_D10202(/*in*/hidproxcard_t* card, /*out*/hidproxmessage_t* packed){ memset(packed, 0, sizeof(hidproxmessage_t)); if (card->FacilityCode > 0x007F) return false; // Can't encode FC. if (card->CardNumber > 0x00FFFFFF) return false; // Can't encode CN. - + if (card->IssueLevel > 0) return false; // Not used in this format + packed->Length = 33; // Set number of bits set_linear_field(packed, card->FacilityCode, 1, 7); set_linear_field(packed, card->CardNumber, 8, 24); @@ -174,7 +185,8 @@ bool Pack_H10306(/*in*/hidproxcard_t* card, /*out*/hidproxmessage_t* packed){ memset(packed, 0, sizeof(hidproxmessage_t)); if (card->FacilityCode > 0xFFFF) return false; // Can't encode FC. if (card->CardNumber > 0xFFFF) return false; // Can't encode CN. - + if (card->IssueLevel > 0) return false; // Not used in this format + packed->Length = 34; // Set number of bits packed->bot |= (card->CardNumber & 0xFFFF) << 1; packed->bot |= (card->FacilityCode & 0x7FFF) << 17; @@ -201,7 +213,8 @@ bool Pack_N1002(/*in*/hidproxcard_t* card, /*out*/hidproxmessage_t* packed){ memset(packed, 0, sizeof(hidproxmessage_t)); if (card->FacilityCode > 0xFF) return false; // Can't encode FC. if (card->CardNumber > 0xFFFF) return false; // Can't encode CN. - + if (card->IssueLevel > 0) return false; // Not used in this format + packed->Length = 34; // Set number of bits set_linear_field(packed, card->FacilityCode, 9, 8); set_linear_field(packed, card->CardNumber, 17, 16); @@ -222,7 +235,8 @@ bool Pack_C1k35s(/*in*/hidproxcard_t* card, /*out*/hidproxmessage_t* packed){ memset(packed, 0, sizeof(hidproxmessage_t)); if (card->FacilityCode > 0xFFF) return false; // Can't encode FC. if (card->CardNumber > 0xFFFFF) return false; // Can't encode CN. - + if (card->IssueLevel > 0) return false; // Not used in this format + packed->Length = 35; // Set number of bits packed->bot |= (card->CardNumber & 0x000FFFFF) << 1; packed->bot |= (card->FacilityCode & 0x000007FF) << 21; @@ -252,17 +266,13 @@ bool Pack_H10320(/*in*/hidproxcard_t* card, /*out*/hidproxmessage_t* packed){ memset(packed, 0, sizeof(hidproxmessage_t)); if (card->FacilityCode > 0) return false; // Can't encode FC. (none in this format) if (card->CardNumber > 99999999) return false; // Can't encode CN. - + if (card->IssueLevel > 0) return false; // Not used in this format + packed->Length = 36; // Set number of bits // This card is BCD-encoded rather than binary. Set the 4-bit groups independently. - set_linear_field(packed, (card->CardNumber / 10000000) % 10, 0, 4); - set_linear_field(packed, (card->CardNumber / 1000000) % 10, 4, 4); - set_linear_field(packed, (card->CardNumber / 100000) % 10, 8, 4); - set_linear_field(packed, (card->CardNumber / 10000) % 10, 12, 4); - set_linear_field(packed, (card->CardNumber / 1000) % 10, 16, 4); - set_linear_field(packed, (card->CardNumber / 100) % 10, 20, 4); - set_linear_field(packed, (card->CardNumber / 10) % 10, 24, 4); - set_linear_field(packed, (card->CardNumber / 1) % 10, 28, 4); + for (uint32_t idx = 0; idx < 8; idx++){ + set_linear_field(packed, (uint64_t)(card->CardNumber / pow(10, 7-idx)) % 10, idx * 4, 4); + } if (card->ParitySupported){ set_bit_by_position(packed, evenparity32( get_nonlinear_field(packed, 8, (uint8_t[]){0, 4, 8, 12, 16, 20, 24, 28}) @@ -283,14 +293,16 @@ bool Unpack_H10320(/*in*/hidproxmessage_t* packed, /*out*/hidproxcard_t* card){ memset(card, 0, sizeof(hidproxcard_t)); if (packed->Length != 36) return false; // Wrong length? Stop here. // This card is BCD-encoded rather than binary. Get the 4-bit groups independently. - card->CardNumber += get_linear_field(packed, 0, 4) * 10000000; - card->CardNumber += get_linear_field(packed, 4, 4) * 1000000; - card->CardNumber += get_linear_field(packed, 8, 4) * 100000; - card->CardNumber += get_linear_field(packed, 12, 4) * 10000; - card->CardNumber += get_linear_field(packed, 16, 4) * 1000; - card->CardNumber += get_linear_field(packed, 20, 4) * 100; - card->CardNumber += get_linear_field(packed, 24, 4) * 10; - card->CardNumber += get_linear_field(packed, 28, 4); + for (uint32_t idx = 0; idx < 8; idx++){ + uint64_t val = get_linear_field(packed, idx * 4, 4); + if (val > 9){ + // Violation of BCD; Zero and exit. + card->CardNumber = 0; + return false; + } else { + card->CardNumber += val * pow(10, 7-idx); + } + } card->ParitySupported = true; card->ParityValid = (get_bit_by_position(packed, 32) == evenparity32(get_nonlinear_field(packed, 8, (uint8_t[]){0, 4, 8, 12, 16, 20, 24, 28}))) && @@ -300,12 +312,84 @@ bool Unpack_H10320(/*in*/hidproxmessage_t* packed, /*out*/hidproxcard_t* card){ return true; } +bool Pack_S12906(/*in*/hidproxcard_t* card, /*out*/hidproxmessage_t* packed){ + memset(packed, 0, sizeof(hidproxmessage_t)); + if (card->FacilityCode > 0xFF) return false; // Can't encode FC. + if (card->IssueLevel > 0x03) return false; // Can't encode IL. + if (card->CardNumber > 0x00FFFFFF) return false; // Can't encode CN. + + packed->Length = 36; // Set number of bits + set_linear_field(packed, card->FacilityCode, 1, 8); + set_linear_field(packed, card->IssueLevel, 9, 2); + set_linear_field(packed, card->CardNumber, 11, 24); + if (card->ParitySupported){ + set_bit_by_position(packed, + oddparity32(get_linear_field(packed, 1, 17)) + , 0); + set_bit_by_position(packed, + oddparity32(get_linear_field(packed, 17, 18)) + , 35); + } + return add_HID_header(packed); +} +bool Unpack_S12906(/*in*/hidproxmessage_t* packed, /*out*/hidproxcard_t* card){ + memset(card, 0, sizeof(hidproxcard_t)); + if (packed->Length != 36) return false; // Wrong length? Stop here. + + card->FacilityCode = get_linear_field(packed, 1, 8); + card->IssueLevel = get_linear_field(packed, 9, 2); + card->CardNumber = get_linear_field(packed, 11, 24); + + card->ParitySupported = true; + card->ParityValid = + (get_bit_by_position(packed, 0) == oddparity32(get_linear_field(packed, 1, 17))) && + (get_bit_by_position(packed, 35) == oddparity32(get_linear_field(packed, 17, 18))); + + return true; +} + +bool Pack_Sie36(/*in*/hidproxcard_t* card, /*out*/hidproxmessage_t* packed){ + memset(packed, 0, sizeof(hidproxmessage_t)); + if (card->FacilityCode > 0x0003FFFF) return false; // Can't encode FC. + if (card->IssueLevel > 0x00) return false; // Can't encode IL. + if (card->CardNumber > 0x0000FFFF) return false; // Can't encode CN. + if (card->IssueLevel > 0) return false; // Not used in this format + + packed->Length = 36; // Set number of bits + set_linear_field(packed, card->FacilityCode, 1, 18); + set_linear_field(packed, card->CardNumber, 19, 16); + if (card->ParitySupported){ + set_bit_by_position(packed, + oddparity32(get_nonlinear_field(packed, 23, (uint8_t[]){1, 3, 4, 6, 7, 9, 10, 12, 13, 15, 16, 18, 19, 21, 22, 24, 25, 27, 28, 30, 31, 33, 34})) + , 0); + set_bit_by_position(packed, + evenparity32(get_nonlinear_field(packed, 23, (uint8_t[]){1, 2, 4, 5, 7, 8, 10, 11, 13, 14, 16, 17, 19, 20, 22, 23, 25, 26, 28, 29, 31, 32, 34})) + , 35); + } + return add_HID_header(packed); +} +bool Unpack_Sie36(/*in*/hidproxmessage_t* packed, /*out*/hidproxcard_t* card){ + memset(card, 0, sizeof(hidproxcard_t)); + if (packed->Length != 36) return false; // Wrong length? Stop here. + + card->FacilityCode = get_linear_field(packed, 1, 18); + card->CardNumber = get_linear_field(packed, 19, 16); + + card->ParitySupported = true; + card->ParityValid = + (get_bit_by_position(packed, 0) == oddparity32(get_nonlinear_field(packed, 23, (uint8_t[]){1, 3, 4, 6, 7, 9, 10, 12, 13, 15, 16, 18, 19, 21, 22, 24, 25, 27, 28, 30, 31, 33, 34}))) && + (get_bit_by_position(packed, 35) == oddparity32(get_nonlinear_field(packed, 23, (uint8_t[]){1, 2, 4, 5, 7, 8, 10, 11, 13, 14, 16, 17, 19, 20, 22, 23, 25, 26, 28, 29, 31, 32, 34}))); + + return true; +} + bool Pack_H10302(/*in*/hidproxcard_t* card, /*out*/hidproxmessage_t* packed){ memset(packed, 0, sizeof(hidproxmessage_t)); if (card->FacilityCode > 0) return false; // Can't encode FC. (none in this format) if (card->CardNumber > 0x00000007FFFFFFFF) return false; // Can't encode CN. - + if (card->IssueLevel > 0) return false; // Not used in this format + packed->Length = 37; // Set number of bits set_linear_field(packed, card->CardNumber, 1, 35); if (card->ParitySupported){ @@ -335,7 +419,8 @@ bool Pack_H10304(/*in*/hidproxcard_t* card, /*out*/hidproxmessage_t* packed){ memset(packed, 0, sizeof(hidproxmessage_t)); if (card->FacilityCode > 0x0000FFFF) return false; // Can't encode FC. if (card->CardNumber > 0x0007FFFF) return false; // Can't encode CN. - + if (card->IssueLevel > 0) return false; // Not used in this format + packed->Length = 37; // Set number of bits packed->bot |= (card->CardNumber & 0x0007FFFF) << 1; packed->bot |= (card->FacilityCode & 0x00000FFF) << 20; @@ -364,7 +449,8 @@ bool Pack_P10001(/*in*/hidproxcard_t* card, /*out*/hidproxmessage_t* packed){ memset(packed, 0, sizeof(hidproxmessage_t)); if (card->FacilityCode > 0xFFF) return false; // Can't encode FC. if (card->CardNumber > 0xFFFF) return false; // Can't encode CN. - + if (card->IssueLevel > 0) return false; // Not used in this format + packed->Length = 40; // Set number of bits set_linear_field(packed, 0xF, 0, 4); set_linear_field(packed, card->FacilityCode, 4, 12); @@ -401,7 +487,8 @@ bool Pack_C1k48s(/*in*/hidproxcard_t* card, /*out*/hidproxmessage_t* packed){ memset(packed, 0, sizeof(hidproxmessage_t)); if (card->FacilityCode > 0x003FFFFF) return false; // Can't encode FC. if (card->CardNumber > 0x007FFFFF) return false; // Can't encode CN. - + if (card->IssueLevel > 0) return false; // Not used in this format + packed->Length = 48; // Set number of bits packed->bot |= (card->CardNumber & 0x007FFFFF) << 1; packed->bot |= (card->FacilityCode & 0x000000FF) << 24; @@ -437,6 +524,8 @@ static const hidcardformat_t FormatTable[] = { {"H10306", Pack_H10306, Unpack_H10306, "HID H10306 34-bit"}, // imported from old pack/unpack {"N1002", Pack_N1002, Unpack_N1002, "HID N1002 34-bit"}, // from cardinfo.barkweb.com.au {"C1k35s", Pack_C1k35s, Unpack_C1k35s, "HID Corporate 1000 35-bit standard layout"}, // imported from old pack/unpack + {"S12906", Pack_S12906, Unpack_S12906, "HID Simplex 36-bit"}, // from cardinfo.barkweb.com.au + {"Sie36", Pack_Sie36, Unpack_Sie36, "HID 36-bit Siemens"}, // from cardinfo.barkweb.com.au {"H10320", Pack_H10320, Unpack_H10320, "HID H10320 36-bit BCD, Card num only"}, // from Proxmark forums {"H10302", Pack_H10302, Unpack_H10302, "HID H10302 37-bit huge, Card num only"}, // from Proxmark forums {"H10304", Pack_H10304, Unpack_H10304, "HID H10304 37-bit"}, // imported from old pack/unpack @@ -487,7 +576,7 @@ bool HIDPack(/* in */int FormatIndex, /* in */hidproxcard_t* card, /* out */hidp return FormatTable[FormatIndex].Pack(card, packed); } -bool HIDTryUnpack(/* in */hidproxmessage_t* packed){ +bool HIDTryUnpack(/* in */hidproxmessage_t* packed, /* in */bool ignoreParity){ if (FormatTable[0].Name == NULL) return false; @@ -498,13 +587,16 @@ bool HIDTryUnpack(/* in */hidproxmessage_t* packed){ while (FormatTable[i].Name) { if (FormatTable[i].Unpack(packed, &card)){ - result = true; - PrintAndLog("%-16s FC: %u, Card %"PRIu64", Parity %s", - FormatTable[i].Name, - card.FacilityCode, - card.CardNumber, - (card.ParitySupported) ? ((card.ParityValid) ? "valid" : "invalid") : "n/a" - ); + if (ignoreParity || !card.ParitySupported || card.ParityValid){ + result = true; + PrintAndLog("%-16s FC: %u, Card: %"PRIu64", IL: %u, Parity %s", + FormatTable[i].Name, + card.FacilityCode, + card.CardNumber, + card.IssueLevel, + (card.ParitySupported) ? ((card.ParityValid) ? "valid" : "invalid") : "n/a" + ); + } } ++i; } diff --git a/client/hidcardformats.h b/client/hidcardformats.h index 8ff887f7..b8c6afb4 100644 --- a/client/hidcardformats.h +++ b/client/hidcardformats.h @@ -27,6 +27,6 @@ void HIDListFormats(); int HIDFindCardFormat(const char *format); hidcardformat_t HIDGetCardFormat(int idx); bool HIDPack(/* in */int FormatIndex, /* in */hidproxcard_t* card, /* out */hidproxmessage_t* packed); -bool HIDTryUnpack(/* in */hidproxmessage_t* packed); +bool HIDTryUnpack(/* in */hidproxmessage_t* packed, /* in */bool ignoreParity); #endif diff --git a/client/hidcardformatutils.c b/client/hidcardformatutils.c index d7c159cd..3abee223 100644 --- a/client/hidcardformatutils.c +++ b/client/hidcardformatutils.c @@ -61,7 +61,7 @@ bool set_bit_by_position(/* inout */hidproxmessage_t* data, /* in */bool value, * mean it won't eventually contain one, however. To prevent memory leaks and erroneous * aliasing, perform the copy function manually instead. Hence, this function. * - * If the definition of the hid_proxmessage struct changes, this function must also + * If the definition of the hidproxmessage struct changes, this function must also * be updated to match. */ void proxmessage_datacopy(/*in*/hidproxmessage_t* src, /*out*/hidproxmessage_t* dest){ diff --git a/client/hidcardformatutils.h b/client/hidcardformatutils.h index afb76f1d..821fc9ad 100644 --- a/client/hidcardformatutils.h +++ b/client/hidcardformatutils.h @@ -29,7 +29,7 @@ typedef struct hidproxcard_s{ uint32_t FacilityCode; uint64_t CardNumber; uint8_t IssueLevel; - bool ParitySupported; // Only valid for responses + bool ParitySupported; bool ParityValid; // Only valid for responses } hidproxcard_t; -- 2.39.5