]> cvs.zerfleddert.de Git - proxmark3-svn/blame - client/scripting.c
Emv scan via contact interface (#789)
[proxmark3-svn] / client / scripting.c
CommitLineData
5b760b6c 1//-----------------------------------------------------------------------------
2// Copyright (C) 2013 m h swende <martin at swende.se>
3//
4// This code is licensed to you under the terms of the GNU GPL, version 2 or,
5// at your option, any later version. See the LICENSE.txt file for the text of
6// the license.
7//-----------------------------------------------------------------------------
8// Some lua scripting glue to proxmark core.
9//-----------------------------------------------------------------------------
10
7779d73c 11#include "scripting.h"
12
06919754 13#include <stdlib.h>
5b760b6c 14#include <lua.h>
15#include <lualib.h>
16#include <lauxlib.h>
17#include "proxmark3.h"
ad939de5 18#include "comms.h"
5b760b6c 19#include "usb_cmd.h"
20#include "cmdmain.h"
44fffc54 21#include "util.h"
7779d73c 22#include "mifarehost.h"
77cd612f 23#include "../common/iso15693tools.h"
be2d41b7 24#include "iso14443crc.h"
b915fda3 25#include "../common/crc16.h"
d730878d 26#include "../common/crc64.h"
700d8687
OM
27#include <mbedtls/sha1.h>
28#include <mbedtls/aes.h>
757221f5 29
5b760b6c 30/**
31 * The following params expected:
32 * UsbCommand c
33 *@brief l_SendCommand
34 * @param L
35 * @return
36 */
37static int l_SendCommand(lua_State *L){
38
d730878d 39 /*
40 *
41 The SendCommand (native) expects the following structure:
42
43 typedef struct {
44 uint64_t cmd; //8 bytes
45 uint64_t arg[3]; // 8*3 bytes = 24 bytes
46 union {
47 uint8_t asBytes[USB_CMD_DATA_SIZE]; // 1 byte * 512 = 512 bytes (OR)
48 uint32_t asDwords[USB_CMD_DATA_SIZE/4]; // 4 byte * 128 = 512 bytes
49 } d;
50 } PACKED UsbCommand;
51
52 ==> A 544 byte buffer will do.
53 **/
54 //Pop cmd
55 size_t size;
56 const char *data = luaL_checklstring(L, 1, &size);
57 if(size != sizeof(UsbCommand))
58 {
59 printf("Got data size %d, expected %d" , (int) size,(int) sizeof(UsbCommand));
60 lua_pushstring(L,"Wrong data size");
61 return 1;
62 }
96e7a3a5 63
64// UsbCommand c = (*data);
d730878d 65 SendCommand((UsbCommand* )data);
66 return 0; // no return values
5b760b6c 67}
68/**
69 * @brief The following params expected:
70 * uint32_t cmd
71 * size_t ms_timeout
72 * @param L
73 * @return
74 */
75static int l_WaitForResponseTimeout(lua_State *L){
76
d730878d 77 uint32_t cmd = 0;
78 size_t ms_timeout = -1;
79
80 //Check number of arguments
81 int n = lua_gettop(L);
82 if(n == 0)
83 {
84 //signal error by returning Nil, errorstring
85 lua_pushnil(L);
86 lua_pushstring(L,"You need to supply at least command to wait for");
87 return 2; // two return values
88 }
89 if(n >= 1)
90 {
91 //pop cmd
92 cmd = luaL_checkunsigned(L,1);
93 }
94 if(n >= 2)
95 {
96 //Did the user send a timeout ?
97 //Check if the current top of stack is an integer
98 ms_timeout = luaL_checkunsigned(L,2);
99 //printf("Timeout set to %dms\n" , (int) ms_timeout);
100 }
101
102 UsbCommand response;
103
104 if(WaitForResponseTimeout(cmd, &response, ms_timeout))
105 {
106 //Push it as a string
107 lua_pushlstring(L,(const char *)&response,sizeof(UsbCommand));
108
109 return 1;// return 1 to signal one return value
110 }else{
111 //Push a Nil instead
112 lua_pushnil(L);
113 return 1;// one return value
114 }
5b760b6c 115}
2dcdf1a6 116
117static int returnToLuaWithError(lua_State *L, const char* fmt, ...)
118{
d730878d 119 char buffer[200];
120 va_list args;
121 va_start(args,fmt);
122 vsnprintf(buffer, sizeof(buffer), fmt,args);
123 va_end(args);
124
125 lua_pushnil(L);
126 lua_pushstring(L,buffer);
127 return 2;
2dcdf1a6 128}
129
7779d73c 130static int l_mfDarkside(lua_State *L){
2dcdf1a6 131
7779d73c 132 uint64_t key;
133
134 int retval = mfDarkside(&key);
135
d730878d 136 //Push the retval on the stack
7779d73c 137 lua_pushinteger(L, retval);
2dcdf1a6 138
d730878d 139 //Push the key onto the stack
140 uint8_t dest_key[8];
7779d73c 141 num_to_bytes(key, sizeof(dest_key), dest_key);
b9697139 142
43534cba 143 //printf("Pushing to lua stack: %012" PRIx64 "\n",key);
7779d73c 144 lua_pushlstring(L,(const char *)dest_key, sizeof(dest_key));
2dcdf1a6 145
d730878d 146 return 2; //Two return values
2dcdf1a6 147}
7779d73c 148
42daa759 149//static int l_PrintAndLog(lua_State *L){ return CmdHF14AMfDump(luaL_checkstring(L, 1));}
7779d73c 150
44fffc54 151static int l_clearCommandBuffer(lua_State *L){
d730878d 152 clearCommandBuffer();
153 return 0;
44fffc54 154}
155/**
156 * @brief l_foobar is a dummy function to test lua-integration with
157 * @param L
158 * @return
159 */
160static int l_foobar(lua_State *L)
161{
d730878d 162 //Check number of arguments
163 int n = lua_gettop(L);
164 printf("foobar called with %d arguments" , n);
165 lua_settop(L, 0);
166 printf("Arguments discarded, stack now contains %d elements", lua_gettop(L));
167
168 // todo: this is not used, where was it intended for?
169 // UsbCommand response = {CMD_MIFARE_READBL, {1337, 1338, 1339}};
170
171 printf("Now returning a uint64_t as a string");
172 uint64_t x = 0xDEADBEEF;
173 uint8_t destination[8];
174 num_to_bytes(x,sizeof(x),destination);
175 lua_pushlstring(L,(const char *)&x,sizeof(x));
176 lua_pushlstring(L,(const char *)destination,sizeof(destination));
177
178 return 2;
44fffc54 179}
180
2dcdf1a6 181
44fffc54 182/**
183 * @brief Utility to check if a key has been pressed by the user. This method does not block.
184 * @param L
185 * @return boolean, true if kbhit, false otherwise.
186 */
187static int l_ukbhit(lua_State *L)
188{
d730878d 189 lua_pushboolean(L,ukbhit() ? true : false);
190 return 1;
44fffc54 191}
0a85b725 192/**
193 * @brief Calls the command line parser to deal with the command. This enables
194 * lua-scripts to do stuff like "core.console('hf mf mifare')"
195 * @param L
196 * @return
197 */
198static int l_CmdConsole(lua_State *L)
199{
d730878d 200 CommandReceived((char *)luaL_checkstring(L, 1));
201 return 0;
0a85b725 202}
203
77cd612f 204static int l_iso15693_crc(lua_State *L)
205{
d730878d 206 // uint16_t Iso15693Crc(uint8_t *v, int n);
207 size_t size;
208 const char *v = luaL_checklstring(L, 1, &size);
209 uint16_t retval = Iso15693Crc((uint8_t *) v, size);
210 lua_pushinteger(L, (int) retval);
211 return 1;
77cd612f 212}
5b760b6c 213
be2d41b7 214static int l_iso14443b_crc(lua_State *L)
215{
216 /* void ComputeCrc14443(int CrcType,
217 const unsigned char *Data, int Length,
218 unsigned char *TransmitFirst,
219 unsigned char *TransmitSecond)
220 */
221 unsigned char buf[USB_CMD_DATA_SIZE];
222 size_t len = 0;
223 const char *data = luaL_checklstring(L, 1, &len);
44964fd1 224 if (len > USB_CMD_DATA_SIZE-2)
be2d41b7 225 len = USB_CMD_DATA_SIZE-2;
226
227 for (int i = 0; i < len; i += 2) {
228 sscanf(&data[i], "%02x", (unsigned int *)&buf[i / 2]);
229 }
230 ComputeCrc14443(CRC_14443_B, buf, len, &buf[len], &buf[len+1]);
231
232 lua_pushlstring(L, (const char *)&buf, len+2);
233 return 1;
234}
b915fda3 235/*
236 Simple AES 128 cbc hook up to OpenSSL.
237 params: key, input
238*/
1c4c0b06 239static int l_aes128decrypt_cbc(lua_State *L)
b915fda3 240{
241 //Check number of arguments
242 int i;
d730878d 243 size_t size;
244 const char *p_key = luaL_checklstring(L, 1, &size);
245 if(size != 32) return returnToLuaWithError(L,"Wrong size of key, got %d bytes, expected 32", (int) size);
246
247 const char *p_encTxt = luaL_checklstring(L, 2, &size);
b915fda3 248
1f6417a9
MHS
249 unsigned char indata[16] = {0x00};
250 unsigned char outdata[16] = {0x00};
d730878d 251 unsigned char aes_key[16] = {0x00};
1f6417a9 252 unsigned char iv[16] = {0x00};
d730878d 253
254 // convert key to bytearray and convert input to bytearray
b915fda3 255 for (i = 0; i < 32; i += 2) {
256 sscanf(&p_encTxt[i], "%02x", (unsigned int *)&indata[i / 2]);
d730878d 257 sscanf(&p_key[i], "%02x", (unsigned int *)&aes_key[i / 2]);
b915fda3 258 }
d730878d 259
700d8687
OM
260 mbedtls_aes_context ctx;
261 mbedtls_aes_init(&ctx);
262 mbedtls_aes_setkey_dec(&ctx, aes_key, 128);
263 mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_DECRYPT, sizeof(indata), iv, indata,outdata );
d730878d 264 //Push decrypted array as a string
265 lua_pushlstring(L,(const char *)&outdata, sizeof(outdata));
266 return 1;// return 1 to signal one return value
267}
1c4c0b06 268static int l_aes128decrypt_ecb(lua_State *L)
269{
270 //Check number of arguments
271 int i;
272 size_t size;
273 const char *p_key = luaL_checklstring(L, 1, &size);
274 if(size != 32) return returnToLuaWithError(L,"Wrong size of key, got %d bytes, expected 32", (int) size);
275
276 const char *p_encTxt = luaL_checklstring(L, 2, &size);
277
278 unsigned char indata[16] = {0x00};
279 unsigned char outdata[16] = {0x00};
280 unsigned char aes_key[16] = {0x00};
281
282 // convert key to bytearray and convert input to bytearray
283 for (i = 0; i < 32; i += 2) {
284 sscanf(&p_encTxt[i], "%02x", (unsigned int *)&indata[i / 2]);
285 sscanf(&p_key[i], "%02x", (unsigned int *)&aes_key[i / 2]);
286 }
700d8687
OM
287 mbedtls_aes_context ctx;
288 mbedtls_aes_init(&ctx);
289 mbedtls_aes_setkey_dec(&ctx, aes_key, 128);
290 mbedtls_aes_crypt_ecb(&ctx, MBEDTLS_AES_DECRYPT, indata, outdata );
1c4c0b06 291
292 //Push decrypted array as a string
293 lua_pushlstring(L,(const char *)&outdata, sizeof(outdata));
294 return 1;// return 1 to signal one return value
295}
296
297static int l_aes128encrypt_cbc(lua_State *L)
d730878d 298{
299 //Check number of arguments
300 int i;
301 size_t size;
302 const char *p_key = luaL_checklstring(L, 1, &size);
303 if(size != 32) return returnToLuaWithError(L,"Wrong size of key, got %d bytes, expected 32", (int) size);
304
305 const char *p_txt = luaL_checklstring(L, 2, &size);
306
307 unsigned char indata[16] = {0x00};
308 unsigned char outdata[16] = {0x00};
309 unsigned char aes_key[16] = {0x00};
310 unsigned char iv[16] = {0x00};
b915fda3 311
b915fda3 312 for (i = 0; i < 32; i += 2) {
d730878d 313 sscanf(&p_txt[i], "%02x", (unsigned int *)&indata[i / 2]);
b915fda3 314 sscanf(&p_key[i], "%02x", (unsigned int *)&aes_key[i / 2]);
315 }
1f6417a9 316
700d8687
OM
317 mbedtls_aes_context ctx;
318 mbedtls_aes_init(&ctx);
319 mbedtls_aes_setkey_enc(&ctx, aes_key, 128);
320 mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_ENCRYPT, sizeof(indata), iv, indata, outdata );
d730878d 321 //Push encrypted array as a string
b915fda3 322 lua_pushlstring(L,(const char *)&outdata, sizeof(outdata));
323 return 1;// return 1 to signal one return value
324}
325
1c4c0b06 326static int l_aes128encrypt_ecb(lua_State *L)
327{
328 //Check number of arguments
329 int i;
330 size_t size;
331 const char *p_key = luaL_checklstring(L, 1, &size);
332 if(size != 32) return returnToLuaWithError(L,"Wrong size of key, got %d bytes, expected 32", (int) size);
333
334 const char *p_txt = luaL_checklstring(L, 2, &size);
335
336 unsigned char indata[16] = {0x00};
337 unsigned char outdata[16] = {0x00};
338 unsigned char aes_key[16] = {0x00};
339
340 for (i = 0; i < 32; i += 2) {
341 sscanf(&p_txt[i], "%02x", (unsigned int *)&indata[i / 2]);
342 sscanf(&p_key[i], "%02x", (unsigned int *)&aes_key[i / 2]);
343 }
700d8687
OM
344 mbedtls_aes_context ctx;
345 mbedtls_aes_init(&ctx);
346 mbedtls_aes_setkey_enc(&ctx, aes_key, 128);
347 mbedtls_aes_crypt_ecb(&ctx, MBEDTLS_AES_ENCRYPT, indata, outdata );
1c4c0b06 348 //Push encrypted array as a string
349 lua_pushlstring(L,(const char *)&outdata, sizeof(outdata));
350 return 1;// return 1 to signal one return value
351}
352
b915fda3 353static int l_crc16(lua_State *L)
354{
355 size_t size;
356 const char *p_str = luaL_checklstring(L, 1, &size);
d730878d 357
b915fda3 358 uint16_t retval = crc16_ccitt( (uint8_t*) p_str, size);
d730878d 359 lua_pushinteger(L, (int) retval);
360 return 1;
361}
362
363static int l_crc64(lua_State *L)
364{
365 size_t size;
366 uint64_t crc = 0;
367 unsigned char outdata[8] = {0x00};
368
369 const char *p_str = luaL_checklstring(L, 1, &size);
370
371 crc64( (uint8_t*) p_str, size, &crc);
372
373 outdata[0] = (uint8_t)(crc >> 56) & 0xff;
374 outdata[1] = (uint8_t)(crc >> 48) & 0xff;
375 outdata[2] = (uint8_t)(crc >> 40) & 0xff;
376 outdata[3] = (uint8_t)(crc >> 32) & 0xff;
377 outdata[4] = (uint8_t)(crc >> 24) & 0xff;
378 outdata[5] = (uint8_t)(crc >> 16) & 0xff;
379 outdata[6] = (uint8_t)(crc >> 8) & 0xff;
380 outdata[7] = crc & 0xff;
381 lua_pushlstring(L,(const char *)&outdata, sizeof(outdata));
382 return 1;
b915fda3 383}
384
1c4c0b06 385static int l_sha1(lua_State *L)
386{
387 size_t size;
388 const char *p_str = luaL_checklstring(L, 1, &size);
389 unsigned char outdata[20] = {0x00};
700d8687 390 mbedtls_sha1( (uint8_t*) p_str, size, outdata);
1c4c0b06 391 lua_pushlstring(L,(const char *)&outdata, sizeof(outdata));
392 return 1;
393}
394
686f0a17 395/**
396 * @brief Sets the lua path to include "./lualibs/?.lua", in order for a script to be
397 * able to do "require('foobar')" if foobar.lua is within lualibs folder.
398 * Taken from http://stackoverflow.com/questions/4125971/setting-the-global-lua-path-variable-from-c-c
399 * @param L
400 * @param path
401 * @return
402 */
403int setLuaPath( lua_State* L, const char* path )
404{
d730878d 405 lua_getglobal( L, "package" );
406 lua_getfield( L, -1, "path" ); // get field "path" from table at top of stack (-1)
407 const char* cur_path = lua_tostring( L, -1 ); // grab path string from top of stack
408 int requiredLength = strlen(cur_path)+ strlen(path)+10; //A few bytes too many, whatever we can afford it
409 char * buf = malloc(requiredLength);
410 snprintf(buf, requiredLength, "%s;%s", cur_path, path);
411 lua_pop( L, 1 ); // get rid of the string on the stack we just pushed on line 5
412 lua_pushstring( L, buf ); // push the new one
413 lua_setfield( L, -2, "path" ); // set the field "path" in table at -2 with value at top of stack
414 lua_pop( L, 1 ); // get rid of package table from top of stack
415 free(buf);
416 return 0; // all done!
686f0a17 417}
418
419
f057bddb 420int set_pm3_libraries(lua_State *L)
5b760b6c 421{
686f0a17 422
d730878d 423 static const luaL_Reg libs[] = {
424 {"SendCommand", l_SendCommand},
425 {"WaitForResponseTimeout", l_WaitForResponseTimeout},
7779d73c 426 {"mfDarkside", l_mfDarkside},
d730878d 427 //{"PrintAndLog", l_PrintAndLog},
428 {"foobar", l_foobar},
429 {"ukbhit", l_ukbhit},
430 {"clearCommandBuffer", l_clearCommandBuffer},
431 {"console", l_CmdConsole},
432 {"iso15693_crc", l_iso15693_crc},
be2d41b7 433 {"iso14443b_crc", l_iso14443b_crc},
1c4c0b06 434 {"aes128_decrypt", l_aes128decrypt_cbc},
435 {"aes128_decrypt_ecb", l_aes128decrypt_ecb},
436 {"aes128_encrypt", l_aes128encrypt_cbc},
437 {"aes128_encrypt_ecb", l_aes128encrypt_ecb},
b915fda3 438 {"crc16", l_crc16},
d730878d 439 {"crc64", l_crc64},
1c4c0b06 440 {"sha1", l_sha1},
d730878d 441 {NULL, NULL}
442 };
443
444 lua_pushglobaltable(L);
445 // Core library is in this table. Contains '
446 //this is 'pm3' table
447 lua_newtable(L);
448
449 //Put the function into the hash table.
450 for (int i = 0; libs[i].name; i++) {
451 lua_pushcfunction(L, libs[i].func);
452 lua_setfield(L, -2, libs[i].name);//set the name, pop stack
453 }
454 //Name of 'core'
455 lua_setfield(L, -2, "core");
456
457 //-- remove the global environment table from the stack
458 lua_pop(L, 1);
459
460 //-- Last but not least, add to the LUA_PATH (package.path in lua)
461 // so we can load libraries from the ./lualib/ - directory
4197a3f6 462 char libraries_path[strlen(get_my_executable_directory()) + strlen(LUA_LIBRARIES_DIRECTORY) + strlen(LUA_LIBRARIES_WILDCARD) + 1];
463 strcpy(libraries_path, get_my_executable_directory());
464 strcat(libraries_path, LUA_LIBRARIES_DIRECTORY);
465 strcat(libraries_path, LUA_LIBRARIES_WILDCARD);
466 setLuaPath(L, libraries_path);
d730878d 467
468 return 1;
5b760b6c 469}
Impressum, Datenschutz