[proxmark3-svn] / client / cmdhflist.c

//-----------------------------------------------------------------------------
// Copyright (C) Merlok - 2017
//
// This code is licensed to you under the terms of the GNU GPL, version 2 or,
// at your option, any later version. See the LICENSE.txt file for the text of
// the license.
//-----------------------------------------------------------------------------
// Command: hf mf list. It shows data from arm buffer.
//-----------------------------------------------------------------------------

#include "cmdhflist.h"

#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <stdint.h>
#include <stdbool.h>
#include "util.h"
#include "data.h"
#include "ui.h"
#include "iso14443crc.h"
#include "parity.h"
#include "protocols.h"


enum MifareAuthSeq {
	masNone,
	masNt,
	masNrAr,
	masAt,
	masData,
	masDataNested,
	masError,
};
static enum MifareAuthSeq MifareAuthState;

/**
 * @brief iso14443A_CRC_check Checks CRC in command or response
 * @param isResponse
 * @param data
 * @param len
 * @return  0 : CRC-command, CRC not ok
 *          1 : CRC-command, CRC ok
 *          2 : Not crc-command
 */
uint8_t iso14443A_CRC_check(bool isResponse, uint8_t* data, uint8_t len)
{
	uint8_t b1,b2;

	if(len <= 2) return 2;

	if(isResponse & (len < 6)) return 2;
	
	ComputeCrc14443(CRC_14443_A, data, len-2, &b1, &b2);
	if (b1 != data[len-2] || b2 != data[len-1]) {
		return 0;
	} else {
		return 1;
	}
}

uint8_t mifare_CRC_check(bool isResponse, uint8_t* data, uint8_t len)
{
	switch(MifareAuthState) {
		case masNone:
		case masData:
		case masDataNested:
		case masError:
			return iso14443A_CRC_check(isResponse, data, len);
		default:
			return 2;
	}
}

void annotateIso14443a(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize)
{
	switch(cmd[0])
	{
	case ISO14443A_CMD_WUPA:        snprintf(exp,size,"WUPA"); break;
	case ISO14443A_CMD_ANTICOLL_OR_SELECT:{
		// 93 20 = Anticollision (usage: 9320 - answer: 4bytes UID+1byte UID-bytes-xor)
		// 93 70 = Select (usage: 9370+5bytes 9320 answer - answer: 1byte SAK)
		if(cmd[1] == 0x70)
		{
			snprintf(exp,size,"SELECT_UID"); break;
		}else
		{
			snprintf(exp,size,"ANTICOLL"); break;
		}
	}
	case ISO14443A_CMD_ANTICOLL_OR_SELECT_2:{
		//95 20 = Anticollision of cascade level2
		//95 70 = Select of cascade level2
		if(cmd[2] == 0x70)
		{
			snprintf(exp,size,"SELECT_UID-2"); break;
		}else
		{
			snprintf(exp,size,"ANTICOLL-2"); break;
		}
	}
	case ISO14443A_CMD_REQA:		snprintf(exp,size,"REQA"); break;
	case ISO14443A_CMD_READBLOCK:	snprintf(exp,size,"READBLOCK(%d)",cmd[1]); break;
	case ISO14443A_CMD_WRITEBLOCK:	snprintf(exp,size,"WRITEBLOCK(%d)",cmd[1]); break;
	case ISO14443A_CMD_HALT:		
		snprintf(exp,size,"HALT"); 
		MifareAuthState = masNone;
		break;
	case ISO14443A_CMD_RATS:		snprintf(exp,size,"RATS"); break;
	case MIFARE_CMD_INC:			snprintf(exp,size,"INC(%d)",cmd[1]); break;
	case MIFARE_CMD_DEC:			snprintf(exp,size,"DEC(%d)",cmd[1]); break;
	case MIFARE_CMD_RESTORE:		snprintf(exp,size,"RESTORE(%d)",cmd[1]); break;
	case MIFARE_CMD_TRANSFER:		snprintf(exp,size,"TRANSFER(%d)",cmd[1]); break;
	case MIFARE_AUTH_KEYA:
		if ( cmdsize > 3) {
			snprintf(exp,size,"AUTH-A(%d)",cmd[1]); 
			MifareAuthState = masNt;
		} else {
			//	case MIFARE_ULEV1_VERSION :  both 0x60.
			snprintf(exp,size,"EV1 VERSION");
		}
		break;
	case MIFARE_AUTH_KEYB:
		MifareAuthState = masNt;
		snprintf(exp,size,"AUTH-B(%d)",cmd[1]); 
		break;
	case MIFARE_MAGICWUPC1:			snprintf(exp,size,"MAGIC WUPC1"); break;
	case MIFARE_MAGICWUPC2:			snprintf(exp,size,"MAGIC WUPC2"); break;
	case MIFARE_MAGICWIPEC:			snprintf(exp,size,"MAGIC WIPEC"); break;
	case MIFARE_ULC_AUTH_1:		snprintf(exp,size,"AUTH "); break;
	case MIFARE_ULC_AUTH_2:		snprintf(exp,size,"AUTH_ANSW"); break;
	case MIFARE_ULEV1_AUTH:
		if ( cmdsize == 7 )
			snprintf(exp,size,"PWD-AUTH KEY: 0x%02x%02x%02x%02x", cmd[1], cmd[2], cmd[3], cmd[4] );
		else
			snprintf(exp,size,"PWD-AUTH");
		break;
	case MIFARE_ULEV1_FASTREAD:{
		if ( cmdsize >=3 && cmd[2] <= 0xE6)
			snprintf(exp,size,"READ RANGE (%d-%d)",cmd[1],cmd[2]); 
		else
			snprintf(exp,size,"?");
		break;
	}
	case MIFARE_ULC_WRITE:{
		if ( cmd[1] < 0x21 )
			snprintf(exp,size,"WRITEBLOCK(%d)",cmd[1]); 
		else
			snprintf(exp,size,"?");
		break;
	}
	case MIFARE_ULEV1_READ_CNT:{
		if ( cmd[1] < 5 )
			snprintf(exp,size,"READ CNT(%d)",cmd[1]);
		else
			snprintf(exp,size,"?");
		break;
	}
	case MIFARE_ULEV1_INCR_CNT:{
		if ( cmd[1] < 5 )
			snprintf(exp,size,"INCR(%d)",cmd[1]);
		else
			snprintf(exp,size,"?");
		break;
	}
	case MIFARE_ULEV1_READSIG:		snprintf(exp,size,"READ_SIG"); break;
	case MIFARE_ULEV1_CHECKTEAR:	snprintf(exp,size,"CHK_TEARING(%d)",cmd[1]); break;
	case MIFARE_ULEV1_VCSL:		snprintf(exp,size,"VCSL"); break;
	default:						snprintf(exp,size,"?"); break;
	}
	return;
}

void annotateMifare(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize, bool isResponse) {
//	uint32_t uid;       // UID
	static uint32_t nt;        // tag challenge
//	uint32_t nt_enc;    // encrypted tag challenge
//	uint8_t nt_enc_par; // encrypted tag challenge parity
	static uint32_t nr_enc;    // encrypted reader challenge
	static uint32_t ar_enc;    // encrypted reader response
//	uint8_t ar_enc_par; // encrypted reader response parity
	static uint32_t at_enc;    // encrypted tag response
//	uint8_t at_enc_par; // encrypted tag response parity

	switch(MifareAuthState) {
		case masNt:
			if (cmdsize == 4 && isResponse) {
				snprintf(exp,size,"AUTH: nt %s", (nt) ? "(enc)" : "");
				MifareAuthState = masNrAr;
				nt = bytes_to_num(cmd, cmdsize);
				return;
			} else {
				MifareAuthState = masError;
			}
			break;
		case masNrAr:
			if (cmdsize == 8 && !isResponse) {
				snprintf(exp,size,"AUTH: nr ar (enc)");
				MifareAuthState = masAt;
				nr_enc = bytes_to_num(cmd, cmdsize);
				ar_enc = bytes_to_num(&cmd[3], cmdsize);
				return;
			} else {
				MifareAuthState = masError;
			}
			break;
		case masAt:
			if (cmdsize == 4 && isResponse) {
				snprintf(exp,size,"AUTH: at (enc)");
				MifareAuthState = masData;
				at_enc = bytes_to_num(cmd, cmdsize);
				return;
			} else {
				MifareAuthState = masError;
			}
			break;
		default:
			break;
	}
	
	if (!isResponse)
		annotateIso14443a(exp, size, cmd, cmdsize);
	
}
Commit	Line	Data
4f131b53	1	//-----------------------------------------------------------------------------
	2	// Copyright (C) Merlok - 2017
	3	//
	4	// This code is licensed to you under the terms of the GNU GPL, version 2 or,
	5	// at your option, any later version. See the LICENSE.txt file for the text of
	6	// the license.
	7	//-----------------------------------------------------------------------------
	8	// Command: hf mf list. It shows data from arm buffer.
	9	//-----------------------------------------------------------------------------
	10
	11	#include "cmdhflist.h"
	12
	13	#include <stdlib.h>
	14	#include <stdio.h>
	15	#include <string.h>
6612a5a2	16	#include <stdint.h>
	17	#include <stdbool.h>
	18	#include "util.h"
	19	#include "data.h"
	20	#include "ui.h"
	21	#include "iso14443crc.h"
	22	#include "parity.h"
	23	#include "protocols.h"
4f131b53	24
4f131b53	25
6612a5a2	26	enum MifareAuthSeq {
	27	masNone,
	28	masNt,
	29	masNrAr,
	30	masAt,
	31	masData,
	32	masDataNested,
	33	masError,
	34	};
	35	static enum MifareAuthSeq MifareAuthState;
	36
	37	/**
	38	* @brief iso14443A_CRC_check Checks CRC in command or response
	39	* @param isResponse
	40	* @param data
	41	* @param len
	42	* @return 0 : CRC-command, CRC not ok
	43	* 1 : CRC-command, CRC ok
	44	* 2 : Not crc-command
	45	*/
	46	uint8_t iso14443A_CRC_check(bool isResponse, uint8_t* data, uint8_t len)
	47	{
	48	uint8_t b1,b2;
	49
	50	if(len <= 2) return 2;
	51
	52	if(isResponse & (len < 6)) return 2;
	53
	54	ComputeCrc14443(CRC_14443_A, data, len-2, &b1, &b2);
	55	if (b1 != data[len-2] \|\| b2 != data[len-1]) {
	56	return 0;
	57	} else {
	58	return 1;
	59	}
	60	}
	61
	62	uint8_t mifare_CRC_check(bool isResponse, uint8_t* data, uint8_t len)
	63	{
	64	switch(MifareAuthState) {
	65	case masNone:
	66	case masData:
	67	case masDataNested:
	68	case masError:
	69	return iso14443A_CRC_check(isResponse, data, len);
	70	default:
	71	return 2;
	72	}
6612a5a2	73	}
	74
	75	void annotateIso14443a(char exp, size_t size, uint8_t cmd, uint8_t cmdsize)
	76	{
	77	switch(cmd[0])
	78	{
	79	case ISO14443A_CMD_WUPA: snprintf(exp,size,"WUPA"); break;
	80	case ISO14443A_CMD_ANTICOLL_OR_SELECT:{
	81	// 93 20 = Anticollision (usage: 9320 - answer: 4bytes UID+1byte UID-bytes-xor)
	82	// 93 70 = Select (usage: 9370+5bytes 9320 answer - answer: 1byte SAK)
	83	if(cmd[1] == 0x70)
	84	{
	85	snprintf(exp,size,"SELECT_UID"); break;
	86	}else
	87	{
	88	snprintf(exp,size,"ANTICOLL"); break;
	89	}
	90	}
	91	case ISO14443A_CMD_ANTICOLL_OR_SELECT_2:{
	92	//95 20 = Anticollision of cascade level2
	93	//95 70 = Select of cascade level2
	94	if(cmd[2] == 0x70)
	95	{
	96	snprintf(exp,size,"SELECT_UID-2"); break;
	97	}else
	98	{
	99	snprintf(exp,size,"ANTICOLL-2"); break;
	100	}
	101	}
	102	case ISO14443A_CMD_REQA: snprintf(exp,size,"REQA"); break;
	103	case ISO14443A_CMD_READBLOCK: snprintf(exp,size,"READBLOCK(%d)",cmd[1]); break;
	104	case ISO14443A_CMD_WRITEBLOCK: snprintf(exp,size,"WRITEBLOCK(%d)",cmd[1]); break;
	105	case ISO14443A_CMD_HALT:
	106	snprintf(exp,size,"HALT");
	107	MifareAuthState = masNone;
	108	break;
	109	case ISO14443A_CMD_RATS: snprintf(exp,size,"RATS"); break;
	110	case MIFARE_CMD_INC: snprintf(exp,size,"INC(%d)",cmd[1]); break;
	111	case MIFARE_CMD_DEC: snprintf(exp,size,"DEC(%d)",cmd[1]); break;
	112	case MIFARE_CMD_RESTORE: snprintf(exp,size,"RESTORE(%d)",cmd[1]); break;
	113	case MIFARE_CMD_TRANSFER: snprintf(exp,size,"TRANSFER(%d)",cmd[1]); break;
	114	case MIFARE_AUTH_KEYA:
	115	if ( cmdsize > 3) {
	116	snprintf(exp,size,"AUTH-A(%d)",cmd[1]);
	117	MifareAuthState = masNt;
	118	} else {
	119	// case MIFARE_ULEV1_VERSION : both 0x60.
	120	snprintf(exp,size,"EV1 VERSION");
	121	}
	122	break;
	123	case MIFARE_AUTH_KEYB:
	124	MifareAuthState = masNt;
	125	snprintf(exp,size,"AUTH-B(%d)",cmd[1]);
	126	break;
	127	case MIFARE_MAGICWUPC1: snprintf(exp,size,"MAGIC WUPC1"); break;
	128	case MIFARE_MAGICWUPC2: snprintf(exp,size,"MAGIC WUPC2"); break;
	129	case MIFARE_MAGICWIPEC: snprintf(exp,size,"MAGIC WIPEC"); break;
	130	case MIFARE_ULC_AUTH_1: snprintf(exp,size,"AUTH "); break;
	131	case MIFARE_ULC_AUTH_2: snprintf(exp,size,"AUTH_ANSW"); break;
	132	case MIFARE_ULEV1_AUTH:
	133	if ( cmdsize == 7 )
	134	snprintf(exp,size,"PWD-AUTH KEY: 0x%02x%02x%02x%02x", cmd[1], cmd[2], cmd[3], cmd[4] );
	135	else
	136	snprintf(exp,size,"PWD-AUTH");
137	break;
138	case MIFARE_ULEV1_FASTREAD:{
139	if ( cmdsize >=3 && cmd[2] <= 0xE6)
140	snprintf(exp,size,"READ RANGE (%d-%d)",cmd[1],cmd[2]);
141	else
142	snprintf(exp,size,"?");
143	break;
144	}
145	case MIFARE_ULC_WRITE:{
146	if ( cmd[1] < 0x21 )
147	snprintf(exp,size,"WRITEBLOCK(%d)",cmd[1]);
148	else
149	snprintf(exp,size,"?");
150	break;
151	}
152	case MIFARE_ULEV1_READ_CNT:{
153	if ( cmd[1] < 5 )
154	snprintf(exp,size,"READ CNT(%d)",cmd[1]);
155	else
156	snprintf(exp,size,"?");
157	break;
158	}
159	case MIFARE_ULEV1_INCR_CNT:{
160	if ( cmd[1] < 5 )
161	snprintf(exp,size,"INCR(%d)",cmd[1]);
162	else
163	snprintf(exp,size,"?");
164	break;
165	}
166	case MIFARE_ULEV1_READSIG: snprintf(exp,size,"READ_SIG"); break;
167	case MIFARE_ULEV1_CHECKTEAR: snprintf(exp,size,"CHK_TEARING(%d)",cmd[1]); break;
168	case MIFARE_ULEV1_VCSL: snprintf(exp,size,"VCSL"); break;
169	default: snprintf(exp,size,"?"); break;
170	}
171	return;
172	}
173
174	void annotateMifare(char exp, size_t size, uint8_t cmd, uint8_t cmdsize, bool isResponse) {
6c30a244	175	// uint32_t uid; // UID
	176	static uint32_t nt; // tag challenge
	177	// uint32_t nt_enc; // encrypted tag challenge
	178	// uint8_t nt_enc_par; // encrypted tag challenge parity
	179	static uint32_t nr_enc; // encrypted reader challenge
	180	static uint32_t ar_enc; // encrypted reader response
	181	// uint8_t ar_enc_par; // encrypted reader response parity
	182	static uint32_t at_enc; // encrypted tag response
	183	// uint8_t at_enc_par; // encrypted tag response parity
	184
6612a5a2	185	switch(MifareAuthState) {
6612a5a2	186	case masNt:
fb30f5a1	187	if (cmdsize == 4 && isResponse) {
fb30f5a1	188	snprintf(exp,size,"AUTH: nt %s", (nt) ? "(enc)" : "");
6612a5a2	189	MifareAuthState = masNrAr;
6c30a244	190	nt = bytes_to_num(cmd, cmdsize);
6612a5a2	191	return;
	192	} else {
	193	MifareAuthState = masError;
6612a5a2	194	}
	195	break;
	196	case masNrAr:
fb30f5a1	197	if (cmdsize == 8 && !isResponse) {
6c30a244	198	snprintf(exp,size,"AUTH: nr ar (enc)");
6612a5a2	199	MifareAuthState = masAt;
6c30a244	200	nr_enc = bytes_to_num(cmd, cmdsize);
6c30a244	201	ar_enc = bytes_to_num(&cmd[3], cmdsize);
6612a5a2	202	return;
	203	} else {
	204	MifareAuthState = masError;
	205	}
	206	break;
	207	case masAt:
fb30f5a1	208	if (cmdsize == 4 && isResponse) {
6c30a244	209	snprintf(exp,size,"AUTH: at (enc)");
6612a5a2	210	MifareAuthState = masData;
6c30a244	211	at_enc = bytes_to_num(cmd, cmdsize);
6612a5a2	212	return;
	213	} else {
	214	MifareAuthState = masError;
	215	}
	216	break;
	217	default:
	218	break;
	219	}
	220
	221	if (!isResponse)
	222	annotateIso14443a(exp, size, cmd, cmdsize);
	223
	224	}