]> cvs.zerfleddert.de Git - proxmark3-svn/blob - armsrc/epa.c
FIX: LF TI WRITE inparameters didn't get copied by sscanf. This removes the "PRIu64...
[proxmark3-svn] / armsrc / epa.c
1 //-----------------------------------------------------------------------------
2 // Frederik Möllers - August 2012
3 //
4 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
5 // at your option, any later version. See the LICENSE.txt file for the text of
6 // the license.
7 //-----------------------------------------------------------------------------
8 // Routines to support the German eletronic "Personalausweis" (ID card)
9 // Note that the functions which do not implement USB commands do NOT initialize
10 // the card (with iso14443a_select_card etc.). If You want to use these
11 // functions, You need to do the setup before calling them!
12 //-----------------------------------------------------------------------------
13
14 #include "iso14443a.h"
15 #include "epa.h"
16 #include "../common/cmd.h"
17
18
19 // Protocol and Parameter Selection Request
20 // use regular (1x) speed in both directions
21 // CRC is already included
22 static const uint8_t pps[] = {0xD0, 0x11, 0x00, 0x52, 0xA6};
23
24 // APDUs for communication with German Identification Card
25
26 // General Authenticate (request encrypted nonce) WITHOUT the Le at the end
27 static const uint8_t apdu_general_authenticate_pace_get_nonce[] = {
28 0x10, // CLA
29 0x86, // INS
30 0x00, // P1
31 0x00, // P2
32 0x02, // Lc
33 0x7C, // Type: Dynamic Authentication Data
34 0x00, // Length: 0 bytes
35 };
36
37 // MSE: Set AT (only CLA, INS, P1 and P2)
38 static const uint8_t apdu_mse_set_at_start[] = {
39 0x00, // CLA
40 0x22, // INS
41 0xC1, // P1
42 0xA4, // P2
43 };
44
45 // SELECT BINARY with the ID for EF.CardAccess
46 static const uint8_t apdu_select_binary_cardaccess[] = {
47 0x00, // CLA
48 0xA4, // INS
49 0x02, // P1
50 0x0C, // P2
51 0x02, // Lc
52 0x01, // ID
53 0x1C // ID
54 };
55
56 // READ BINARY
57 static const uint8_t apdu_read_binary[] = {
58 0x00, // CLA
59 0xB0, // INS
60 0x00, // P1
61 0x00, // P2
62 0x38 // Le
63 };
64
65
66 // the leading bytes of a PACE OID
67 static const uint8_t oid_pace_start[] = {
68 0x04, // itu-t, identified-organization
69 0x00, // etsi
70 0x7F, // reserved
71 0x00, // etsi-identified-organization
72 0x07, // bsi-de
73 0x02, // protocols
74 0x02, // smartcard
75 0x04 // id-PACE
76 };
77
78 //-----------------------------------------------------------------------------
79 // Closes the communication channel and turns off the field
80 //-----------------------------------------------------------------------------
81 void EPA_Finish()
82 {
83 FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
84 LEDsoff();
85 }
86
87 //-----------------------------------------------------------------------------
88 // Parses DER encoded data, e.g. from EF.CardAccess and fills out the given
89 // structs. If a pointer is 0, it is ignored.
90 // The function returns 0 on success and if an error occured, it returns the
91 // offset where it occured.
92 //
93 // TODO: This function can access memory outside of the given data if the DER
94 // encoding is broken
95 // TODO: Support skipping elements with a length > 0x7F
96 // TODO: Support OIDs with a length > 7F
97 // TODO: Support elements with long tags (tag is longer than 1 byte)
98 // TODO: Support proprietary PACE domain parameters
99 //-----------------------------------------------------------------------------
100 size_t EPA_Parse_CardAccess(uint8_t *data,
101 size_t length,
102 pace_version_info_t *pace_info)
103 {
104 size_t index = 0;
105
106 while (index <= length - 2) {
107 // determine type of element
108 // SET or SEQUENCE
109 if (data[index] == 0x31 || data[index] == 0x30) {
110 // enter the set (skip tag + length)
111 index += 2;
112 // check for extended length
113 if ((data[index - 1] & 0x80) != 0) {
114 index += (data[index-1] & 0x7F);
115 }
116 }
117 // OID
118 else if (data[index] == 0x06) {
119 // is this a PACE OID?
120 if (data[index + 1] == 0x0A // length matches
121 && memcmp(data + index + 2,
122 oid_pace_start,
123 sizeof(oid_pace_start)) == 0 // content matches
124 && pace_info != NULL)
125 {
126 // first, clear the pace_info struct
127 memset(pace_info, 0, sizeof(pace_version_info_t));
128 memcpy(pace_info->oid, data + index + 2, sizeof(pace_info->oid));
129 // a PACE OID is followed by the version
130 index += data[index + 1] + 2;
131 if (data[index] == 02 && data[index + 1] == 01) {
132 pace_info->version = data[index + 2];
133 index += 3;
134 }
135 else {
136 return index;
137 }
138 // after that there might(!) be the parameter ID
139 if (data[index] == 02 && data[index + 1] == 01) {
140 pace_info->parameter_id = data[index + 2];
141 index += 3;
142 }
143 }
144 else {
145 // skip this OID
146 index += 2 + data[index + 1];
147 }
148 }
149 // if the length is 0, something is wrong
150 // TODO: This needs to be extended to support long tags
151 else if (data[index + 1] == 0) {
152 return index;
153 }
154 else {
155 // skip this part
156 // TODO: This needs to be extended to support long tags
157 // TODO: This needs to be extended to support unknown elements with
158 // a size > 0x7F
159 index += 2 + data[index + 1];
160 }
161 }
162
163 // TODO: We should check whether we reached the end in error, but for that
164 // we need a better parser (e.g. with states like IN_SET or IN_PACE_INFO)
165 return 0;
166 }
167
168 //-----------------------------------------------------------------------------
169 // Read the file EF.CardAccess and save it into a buffer (at most max_length bytes)
170 // Returns -1 on failure or the length of the data on success
171 // TODO: for the moment this sends only 1 APDU regardless of the requested length
172 //-----------------------------------------------------------------------------
173 int EPA_Read_CardAccess(uint8_t *buffer, size_t max_length)
174 {
175 // the response APDU of the card
176 // since the card doesn't always care for the expected length we send it,
177 // we reserve 262 bytes here just to be safe (256-byte APDU + SW + ISO frame)
178 uint8_t response_apdu[262];
179 int rapdu_length = 0;
180
181 // select the file EF.CardAccess
182 rapdu_length = iso14_apdu((uint8_t *)apdu_select_binary_cardaccess,
183 sizeof(apdu_select_binary_cardaccess),
184 response_apdu);
185 if (rapdu_length != 6
186 || response_apdu[rapdu_length - 4] != 0x90
187 || response_apdu[rapdu_length - 3] != 0x00)
188 {
189 Dbprintf("epa - no select cardaccess");
190 return -1;
191 }
192
193 // read the file
194 rapdu_length = iso14_apdu((uint8_t *)apdu_read_binary,
195 sizeof(apdu_read_binary),
196 response_apdu);
197 if (rapdu_length <= 6
198 || response_apdu[rapdu_length - 4] != 0x90
199 || response_apdu[rapdu_length - 3] != 0x00)
200 {
201 Dbprintf("epa - no read cardaccess");
202 return -1;
203 }
204
205 // copy the content into the buffer
206 // length of data available: apdu_length - 4 (ISO frame) - 2 (SW)
207 size_t to_copy = rapdu_length - 6;
208 to_copy = to_copy < max_length ? to_copy : max_length;
209 memcpy(buffer, response_apdu+2, to_copy);
210 return to_copy;
211 }
212
213 //-----------------------------------------------------------------------------
214 // Abort helper function for EPA_PACE_Collect_Nonce
215 // sets relevant data in ack, sends the response
216 //-----------------------------------------------------------------------------
217 static void EPA_PACE_Collect_Nonce_Abort(uint8_t step, int func_return)
218 {
219 // // step in which the failure occured
220 // ack->arg[0] = step;
221 // // last return code
222 // ack->arg[1] = func_return;
223
224 // power down the field
225 EPA_Finish();
226
227 // send the USB packet
228 cmd_send(CMD_ACK,step,func_return,0,0,0);
229 }
230
231 //-----------------------------------------------------------------------------
232 // Acquire one encrypted PACE nonce
233 //-----------------------------------------------------------------------------
234 void EPA_PACE_Collect_Nonce(UsbCommand *c)
235 {
236 /*
237 * ack layout:
238 * arg:
239 * 1. element
240 * step where the error occured or 0 if no error occured
241 * 2. element
242 * return code of the last executed function
243 * d:
244 * Encrypted nonce
245 */
246
247 // return value of a function
248 int func_return = 0;
249
250 // // initialize ack with 0s
251 // memset(ack->arg, 0, 12);
252 // memset(ack->d.asBytes, 0, 48);
253
254 // set up communication
255 func_return = EPA_Setup();
256 if (func_return != 0) {
257 EPA_PACE_Collect_Nonce_Abort(1, func_return);
258 Dbprintf("epa: setup fucked up! %d", func_return);
259 return;
260 }
261
262 // increase the timeout (at least some cards really do need this!)
263 iso14a_set_timeout(0x0002FFFF);
264 Dbprintf("epa: Epic!");
265
266 // read the CardAccess file
267 // this array will hold the CardAccess file
268 uint8_t card_access[256] = {0};
269 int card_access_length = EPA_Read_CardAccess(card_access, 256);
270 // the response has to be at least this big to hold the OID
271 if (card_access_length < 18) {
272 Dbprintf("epa: Too small!");
273 EPA_PACE_Collect_Nonce_Abort(2, card_access_length);
274 return;
275 }
276
277 Dbprintf("epa: foo!");
278
279 // this will hold the PACE info of the card
280 pace_version_info_t pace_version_info;
281 // search for the PACE OID
282 func_return = EPA_Parse_CardAccess(card_access,
283 card_access_length,
284 &pace_version_info);
285 if (func_return != 0 || pace_version_info.version == 0) {
286 EPA_PACE_Collect_Nonce_Abort(3, func_return);
287 return;
288 }
289
290 Dbprintf("epa: bar!");
291
292 // initiate the PACE protocol
293 // use the CAN for the password since that doesn't change
294 func_return = EPA_PACE_MSE_Set_AT(pace_version_info, 2);
295
296 // now get the nonce
297 uint8_t nonce[256] = {0};
298 uint8_t requested_size = (uint8_t)c->arg[0];
299 func_return = EPA_PACE_Get_Nonce(requested_size, nonce);
300 // check if the command succeeded
301 if (func_return < 0)
302 {
303 EPA_PACE_Collect_Nonce_Abort(4, func_return);
304 return;
305 }
306
307 // all done, return
308 EPA_Finish();
309
310 // save received information
311 // ack->arg[1] = func_return;
312 // memcpy(ack->d.asBytes, nonce, func_return);
313 cmd_send(CMD_ACK,0,func_return,0,nonce,func_return);
314 }
315
316 //-----------------------------------------------------------------------------
317 // Performs the "Get Nonce" step of the PACE protocol and saves the returned
318 // nonce. The caller is responsible for allocating enough memory to store the
319 // nonce. Note that the returned size might be less or than or greater than the
320 // requested size!
321 // Returns the actual size of the nonce on success or a less-than-zero error
322 // code on failure.
323 //-----------------------------------------------------------------------------
324 int EPA_PACE_Get_Nonce(uint8_t requested_length, uint8_t *nonce)
325 {
326 // build the APDU
327 uint8_t apdu[sizeof(apdu_general_authenticate_pace_get_nonce) + 1];
328 // copy the constant part
329 memcpy(apdu,
330 apdu_general_authenticate_pace_get_nonce,
331 sizeof(apdu_general_authenticate_pace_get_nonce));
332 // append Le (requested length + 2 due to tag/length taking 2 bytes) in RAPDU
333 apdu[sizeof(apdu_general_authenticate_pace_get_nonce)] = requested_length + 4;
334
335 // send it
336 uint8_t response_apdu[262];
337 int send_return = iso14_apdu(apdu,
338 sizeof(apdu),
339 response_apdu);
340 // check if the command succeeded
341 if (send_return < 6
342 || response_apdu[send_return - 4] != 0x90
343 || response_apdu[send_return - 3] != 0x00)
344 {
345 return -1;
346 }
347
348 // if there is no nonce in the RAPDU, return here
349 if (send_return < 10)
350 {
351 // no error
352 return 0;
353 }
354 // get the actual length of the nonce
355 uint8_t nonce_length = response_apdu[5];
356 if (nonce_length > send_return - 10)
357 {
358 nonce_length = send_return - 10;
359 }
360 // copy the nonce
361 memcpy(nonce, response_apdu + 6, nonce_length);
362
363 return nonce_length;
364 }
365
366 //-----------------------------------------------------------------------------
367 // Initializes the PACE protocol by performing the "MSE: Set AT" step
368 // Returns 0 on success or a non-zero error code on failure
369 //-----------------------------------------------------------------------------
370 int EPA_PACE_MSE_Set_AT(pace_version_info_t pace_version_info, uint8_t password)
371 {
372 // create the MSE: Set AT APDU
373 uint8_t apdu[23];
374 // the minimum length (will be increased as more data is added)
375 size_t apdu_length = 20;
376 // copy the constant part
377 memcpy(apdu,
378 apdu_mse_set_at_start,
379 sizeof(apdu_mse_set_at_start));
380 // type: OID
381 apdu[5] = 0x80;
382 // length of the OID
383 apdu[6] = sizeof(pace_version_info.oid);
384 // copy the OID
385 memcpy(apdu + 7,
386 pace_version_info.oid,
387 sizeof(pace_version_info.oid));
388 // type: password
389 apdu[17] = 0x83;
390 // length: 1
391 apdu[18] = 1;
392 // password
393 apdu[19] = password;
394 // if standardized domain parameters are used, copy the ID
395 if (pace_version_info.parameter_id != 0) {
396 apdu_length += 3;
397 // type: domain parameter
398 apdu[20] = 0x84;
399 // length: 1
400 apdu[21] = 1;
401 // copy the parameter ID
402 apdu[22] = pace_version_info.parameter_id;
403 }
404 // now set Lc to the actual length
405 apdu[4] = apdu_length - 5;
406 // send it
407 uint8_t response_apdu[6];
408 int send_return = iso14_apdu(apdu,
409 apdu_length,
410 response_apdu);
411 // check if the command succeeded
412 if (send_return != 6
413 || response_apdu[send_return - 4] != 0x90
414 || response_apdu[send_return - 3] != 0x00)
415 {
416 return 1;
417 }
418 return 0;
419 }
420
421 //-----------------------------------------------------------------------------
422 // Set up a communication channel (Card Select, PPS)
423 // Returns 0 on success or a non-zero error code on failure
424 //-----------------------------------------------------------------------------
425 int EPA_Setup()
426 {
427
428 int return_code = 0;
429 uint8_t uid[10];
430 uint8_t pps_response[3];
431 uint8_t pps_response_par[1];
432 iso14a_card_select_t card_select_info;
433
434 // power up the field
435 iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD);
436
437 iso14a_set_timeout(10500);
438
439 iso14a_set_timeout(10500);
440
441 // select the card
442 return_code = iso14443a_select_card(uid, &card_select_info, NULL);
443 if (return_code != 1) {
444 Dbprintf("Epa: Can't select card");
445 return 1;
446 }
447
448 // send the PPS request
449 ReaderTransmit((uint8_t *)pps, sizeof(pps), NULL);
450 return_code = ReaderReceive(pps_response, pps_response_par);
451 if (return_code != 3 || pps_response[0] != 0xD0) {
452 return return_code == 0 ? 2 : return_code;
453 }
454
455 return 0;
456 }
Impressum, Datenschutz