[proxmark3-svn] / armsrc / mifaredesfire.c

#include "mifaredesfire.h"

#define MAX_APPLICATION_COUNT 28
#define MAX_FILE_COUNT 16
#define MAX_FRAME_SIZE 60
#define NOT_YET_AUTHENTICATED 255
#define FRAME_PAYLOAD_SIZE (MAX_FRAME_SIZE - 5)

// the block number for the ISO14443-4 PCB
uint8_t pcb_blocknum = 0;
// Deselect card by sending a s-block. the crc is precalced for speed
static  uint8_t deselect_cmd[] = {0xc2,0xe0,0xb4};

//static uint8_t __msg[MAX_FRAME_SIZE] = { 0x0A, 0x00, 0x00, /* ..., */ 0x00 };
/*                                       PCB   CID   CMD    PAYLOAD    */
//static uint8_t __res[MAX_FRAME_SIZE];

bool InitDesfireCard(){

	// Make sure it is off.
//	FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
//	SpinDelay(300);
	
	byte_t cardbuf[USB_CMD_DATA_SIZE];
	memset(cardbuf,0,sizeof(cardbuf));
	
	iso14a_set_tracing(TRUE);
	iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
	
	iso14a_card_select_t *card = (iso14a_card_select_t*)cardbuf;
	int len = iso14443a_select_card(NULL,card,NULL);

	if (!len) {
		if (MF_DBGLEVEL >= 1) {
			Dbprintf("Can't select card");
		}
		OnError();
		return false;
	}
	return true;
}

void MifareSendCommand(uint8_t arg0, uint8_t arg1, uint8_t *datain){
	
	/* ARG0 contains flags.
		0x01 = init card.
		0x02 =
		0x03
	*/
	uint8_t flags = arg0;
	size_t datalen = arg1;
	uint8_t resp[RECV_RES_SIZE];
	memset(resp,0,sizeof(resp));
	
	if (MF_DBGLEVEL >= 4) {
		Dbprintf(" flags: %02X", flags);
		Dbprintf(" len  : %02X", datalen);
		print_result("to send: ", datain, datalen);
	}
	
	if ( flags & 0x01 ){
		if ( !InitDesfireCard() )
			return;
	}
	
	int len = DesfireAPDU(datain, datalen, resp);
	if ( !len ) {
		if (MF_DBGLEVEL >= 4) {
			print_result("ERR <--: ", resp, len);	
		}
		OnError();
		return;
	}
	cmd_send(CMD_ACK,1,0,0,resp,len);
	

	OnSuccess();
}

void MifareDesfireGetInformation(){
		
	int len = 0;
	uint8_t resp[USB_CMD_DATA_SIZE];
	uint8_t dataout[USB_CMD_DATA_SIZE];
	byte_t cardbuf[USB_CMD_DATA_SIZE];
	
	memset(resp,0,sizeof(resp));
	memset(dataout,0, sizeof(dataout));
	memset(cardbuf,0,sizeof(cardbuf));
	
	/*
		1 = PCB					1
		2 = cid					2
		3 = desfire command		3 
		4-5 = crc				4  key
								5-6 crc								
		PCB == 0x0A because sending CID byte.
		CID == 0x00 first card?		
	*/
	iso14a_clear_trace();
	iso14a_set_tracing(TRUE);
	iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);

	// card select - information
	iso14a_card_select_t *card = (iso14a_card_select_t*)cardbuf;
	byte_t isOK = iso14443a_select_card(NULL, card, NULL);
	if (isOK != 1) {
		if (MF_DBGLEVEL >= 1) {
			Dbprintf("Can't select card");
		}
		OnError();
		return;
	}

	memcpy(dataout,card->uid,7);

	LED_A_ON();
	LED_B_OFF();
	LED_C_OFF();
	
	uint8_t cmd[] = {GET_VERSION};	
	size_t cmd_len = sizeof(cmd);
	
	len =  DesfireAPDU(cmd, cmd_len, resp);
	if ( !len ) {
		print_result("ERROR <--: ", resp, len);	
		OnError();
		return;
	}
	
	LED_A_OFF();
	LED_B_ON();
	memcpy(dataout+7,resp+3,7);
	
	// ADDITION_FRAME 1
	cmd[0] = ADDITIONAL_FRAME;
	len =  DesfireAPDU(cmd, cmd_len, resp);
	if ( !len ) {
		print_result("ERROR <--: ", resp, len);	
		OnError();
		return;
	}	
	
	LED_B_OFF();
	LED_C_ON();
	memcpy(dataout+7+7,resp+3,7);

	// ADDITION_FRAME 2
	len =  DesfireAPDU(cmd, cmd_len, resp);
	if ( !len ) {
		print_result("ERROR <--: ", resp, len);	
		OnError();
		return;
	}
	
	memcpy(dataout+7+7+7,resp+3,14);
	
	cmd_send(CMD_ACK,1,0,0,dataout,sizeof(dataout));
		
	// reset the pcb_blocknum,
	pcb_blocknum = 0;
	OnSuccess();
}

void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno,  uint8_t *datain){

	uint8_t null_key_data[8] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
	//uint8_t new_key_data[8]  = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 };
	int res = 0;
	
	desfirekey_t default_key = Desfire_des_key_new_with_version (null_key_data);

	// res = Desfire_select_application (tags[i], aid);
	if (res < 0) {
		print_result("default key: ", default_key->data, 24 );
		return;
	}
				
	return;
	//                pcb  cid  cmd               key   crc1  cr2   	
	//uint8_t cmd2[] = {0x02,0x00,GET_KEY_VERSION, 0x00, 0x00, 0x00 };

	//uint8_t* bigbuffer = mifare_get_bigbufptr();
	byte_t isOK = 1;
	uint8_t resp[256];
	uint8_t key[24];
	uint8_t IV[16];
Commit	Line	Data
f38a1528	1	#include "mifaredesfire.h"
	2
	3	#define MAX_APPLICATION_COUNT 28
	4	#define MAX_FILE_COUNT 16
	5	#define MAX_FRAME_SIZE 60
	6	#define NOT_YET_AUTHENTICATED 255
	7	#define FRAME_PAYLOAD_SIZE (MAX_FRAME_SIZE - 5)
	8
313ee67e	9	// the block number for the ISO14443-4 PCB
	10	uint8_t pcb_blocknum = 0;
	11	// Deselect card by sending a s-block. the crc is precalced for speed
	12	static uint8_t deselect_cmd[] = {0xc2,0xe0,0xb4};
	13
f38a1528	14	//static uint8_t __msg[MAX_FRAME_SIZE] = { 0x0A, 0x00, 0x00, /* ..., */ 0x00 };
	15	/* PCB CID CMD PAYLOAD */
	16	//static uint8_t __res[MAX_FRAME_SIZE];
	17
313ee67e	18	bool InitDesfireCard(){
	19
	20	// Make sure it is off.
	21	// FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
	22	// SpinDelay(300);
	23
	24	byte_t cardbuf[USB_CMD_DATA_SIZE];
	25	memset(cardbuf,0,sizeof(cardbuf));
	26
	27	iso14a_set_tracing(TRUE);
	28	iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
f38a1528	29
313ee67e	30	iso14a_card_select_t card = (iso14a_card_select_t)cardbuf;
313ee67e	31	int len = iso14443a_select_card(NULL,card,NULL);
f38a1528	32
313ee67e	33	if (!len) {
	34	if (MF_DBGLEVEL >= 1) {
	35	Dbprintf("Can't select card");
	36	}
	37	OnError();
	38	return false;
	39	}
	40	return true;
	41	}
	42
	43	void MifareSendCommand(uint8_t arg0, uint8_t arg1, uint8_t *datain){
	44
	45	/* ARG0 contains flags.
	46	0x01 = init card.
	47	0x02 =
	48	0x03
	49	*/
	50	uint8_t flags = arg0;
	51	size_t datalen = arg1;
f38a1528	52	uint8_t resp[RECV_RES_SIZE];
313ee67e	53	memset(resp,0,sizeof(resp));
	54
	55	if (MF_DBGLEVEL >= 4) {
	56	Dbprintf(" flags: %02X", flags);
	57	Dbprintf(" len : %02X", datalen);
	58	print_result("to send: ", datain, datalen);
	59	}
	60
	61	if ( flags & 0x01 ){
	62	if ( !InitDesfireCard() )
	63	return;
	64	}
	65
	66	int len = DesfireAPDU(datain, datalen, resp);
	67	if ( !len ) {
	68	if (MF_DBGLEVEL >= 4) {
	69	print_result("ERR <--: ", resp, len);
	70	}
	71	OnError();
	72	return;
	73	}
	74	cmd_send(CMD_ACK,1,0,0,resp,len);
	75
	76
	77	OnSuccess();
	78	}
	79
	80	void MifareDesfireGetInformation(){
	81
	82	int len = 0;
	83	uint8_t resp[USB_CMD_DATA_SIZE];
	84	uint8_t dataout[USB_CMD_DATA_SIZE];
	85	byte_t cardbuf[USB_CMD_DATA_SIZE];
f38a1528	86
	87	memset(resp,0,sizeof(resp));
	88	memset(dataout,0, sizeof(dataout));
313ee67e	89	memset(cardbuf,0,sizeof(cardbuf));
f38a1528	90
	91	/*
	92	1 = PCB 1
	93	2 = cid 2
	94	3 = desfire command 3
	95	4-5 = crc 4 key
313ee67e	96	5-6 crc
f38a1528	97	PCB == 0x0A because sending CID byte.
313ee67e	98	CID == 0x00 first card?
f38a1528	99	*/
f38a1528	100	iso14a_clear_trace();
	101	iso14a_set_tracing(TRUE);
	102	iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
	103
	104	// card select - information
313ee67e	105	iso14a_card_select_t card = (iso14a_card_select_t)cardbuf;
f38a1528	106	byte_t isOK = iso14443a_select_card(NULL, card, NULL);
	107	if (isOK != 1) {
	108	if (MF_DBGLEVEL >= 1) {
	109	Dbprintf("Can't select card");
	110	}
	111	OnError();
	112	return;
	113	}
	114
f38a1528	115	memcpy(dataout,card->uid,7);
	116
	117	LED_A_ON();
	118	LED_B_OFF();
	119	LED_C_OFF();
	120
313ee67e	121	uint8_t cmd[] = {GET_VERSION};
	122	size_t cmd_len = sizeof(cmd);
	123
	124	len = DesfireAPDU(cmd, cmd_len, resp);
	125	if ( !len ) {
f38a1528	126	print_result("ERROR <--: ", resp, len);
	127	OnError();
	128	return;
	129	}
313ee67e	130
	131	LED_A_OFF();
	132	LED_B_ON();
f38a1528	133	memcpy(dataout+7,resp+3,7);
	134
	135	// ADDITION_FRAME 1
313ee67e	136	cmd[0] = ADDITIONAL_FRAME;
	137	len = DesfireAPDU(cmd, cmd_len, resp);
	138	if ( !len ) {
f38a1528	139	print_result("ERROR <--: ", resp, len);
	140	OnError();
	141	return;
	142	}
313ee67e	143
	144	LED_B_OFF();
	145	LED_C_ON();
f38a1528	146	memcpy(dataout+7+7,resp+3,7);
	147
	148	// ADDITION_FRAME 2
313ee67e	149	len = DesfireAPDU(cmd, cmd_len, resp);
313ee67e	150	if ( !len ) {
f38a1528	151	print_result("ERROR <--: ", resp, len);
	152	OnError();
	153	return;
	154	}
	155
	156	memcpy(dataout+7+7+7,resp+3,14);
	157
f38a1528	158	cmd_send(CMD_ACK,1,0,0,dataout,sizeof(dataout));
313ee67e	159
	160	// reset the pcb_blocknum,
	161	pcb_blocknum = 0;
f38a1528	162	OnSuccess();
	163	}
	164
	165	void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain){
	166
	167	uint8_t null_key_data[8] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
b44e5233	168	//uint8_t new_key_data[8] = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 };
b44e5233	169	int res = 0;
f38a1528	170
b44e5233	171	desfirekey_t default_key = Desfire_des_key_new_with_version (null_key_data);
f38a1528	172
b44e5233	173	// res = Desfire_select_application (tags[i], aid);
f38a1528	174	if (res < 0) {
b44e5233	175	print_result("default key: ", default_key->data, 24 );
b44e5233	176	return;
f38a1528	177	}
	178
	179	return;
	180	// pcb cid cmd key crc1 cr2
	181	//uint8_t cmd2[] = {0x02,0x00,GET_KEY_VERSION, 0x00, 0x00, 0x00 };
	182
	183	//uint8_t* bigbuffer = mifare_get_bigbufptr();
	184	byte_t isOK = 1;
	185	uint8_t resp[256];
	186	uint8_t key[24];
	187	uint8_t IV[16];
	188
	189