static int CmdHelp(const char *Cmd);
-#define SESSION_IV 0x55
#define MAX_LENGTH 1024
int usage_legic_calccrc8(void){
PrintAndLog("Missing help text.");
return 0;
}
-
+int usage_legic_info(void){
+ PrintAndLog("Read info from a legic tag.");
+ PrintAndLog("Usage: hf legic info [h]");
+ PrintAndLog("Options:");
+ PrintAndLog(" h : this help");
+ PrintAndLog("");
+ PrintAndLog("Samples:");
+ PrintAndLog(" hf legic info");
+ return 0;
+}
/*
* Output BigBuf and deobfuscate LEGIC RF tag data.
* This is based on information given in the talk held
sscanf(Cmd, "%x %x %x", &offset, &len, &IV);
// OUT-OF-BOUNDS check
- if(len + offset > MAX_LENGTH) len = MAX_LENGTH - offset;
+ if ( len + offset > MAX_LENGTH ) {
+ len = MAX_LENGTH - offset;
+ PrintAndLog("Out-of-bound, shorten len to %d",len);
+ }
if ( (IV & 0x7F) != IV ){
IV &= 0x7F;
PrintAndLog("Truncating IV to 7bits");
}
+
if ( (IV & 1) == 0 ){
- IV |= 0x01; // IV must be odd
+ IV |= 0x01;
PrintAndLog("LSB of IV must be SET");
}
- PrintAndLog("Current IV: 0x%02x", IV);
-
- // get some prng bytes from
- uint8_t temp[12];
- legic_prng_init(IV);
- for ( uint8_t j = 0; j < sizeof(temp); ++j)
- temp[j] = legic_prng_get_bits(8);
- PrintAndLog("PRNG: %s", sprint_hex(temp, sizeof(temp)));
+ PrintAndLog("Using IV: 0x%02x", IV);
UsbCommand c = {CMD_READER_LEGIC_RF, {offset, len, IV}};
clearCommandBuffer();
SendCommand(&c);
UsbCommand resp;
- if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
+ if (WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {
uint8_t isOK = resp.arg[0] & 0xFF;
uint16_t len = resp.arg[1] & 0x3FF;
- if ( isOK ) {
- PrintAndLog("OK : %d", isOK);
- PrintAndLog("use 'hf legic decode' or");
- PrintAndLog("'data hexsamples %d' to view results", len);
- }
+ if ( isOK ) {
+ PrintAndLog("use 'hf legic decode'");
+ }
+ uint8_t *data = resp.d.asBytes;
+ PrintAndLog("\nData |");
+ PrintAndLog("-----------------------------");
+ PrintAndLog(" %s|\n", sprint_hex(data, len));
+ // }
} else {
PrintAndLog("command execution time out");
return 1;
}
-
- //uint8_t got[12000];
- //GetFromBigBuf(got,sizeof(got),0);
- //WaitForResponse(CMD_ACK,NULL);
return 0;
}
return 0;
}
+void static calc4(uint8_t *cmd, uint8_t len){
+ crc_t crc;
+ //crc_init_ref(&crc, 4, 0x19 >> 1, 0x5, 0, TRUE, TRUE);
+ crc_init(&crc, 4, 0x19 >> 1, 0x5, 0);
+
+ crc_clear(&crc);
+ crc_update(&crc, 1, 1); /* CMD_READ */
+ crc_update(&crc, cmd[0], 8);
+ crc_update(&crc, cmd[1], 8);
+ printf("crc4 %X\n", reflect(crc_finish(&crc), 4) ) ;
+
+ crc_clear(&crc);
+ crc_update(&crc, 1, 1); /* CMD_READ */
+ crc_update(&crc, cmd[0], 8);
+ crc_update(&crc, cmd[1], 8);
+ printf("crc4 %X\n", crc_finish(&crc) ) ;
+
+ printf("---- old ---\n");
+ crc_update2(&crc, 1, 1); /* CMD_READ */
+ crc_update2(&crc, cmd[0], 8);
+ crc_update2(&crc, cmd[1], 8);
+ printf("crc4 %X \n", reflect(crc_finish(&crc), 4) ) ;
+
+
+ crc_clear(&crc);
+ crc_update2(&crc, 1, 1); /* CMD_READ */
+ crc_update2(&crc, cmd[0], 8);
+ crc_update2(&crc, cmd[1], 8);
+ printf("crc4 %X\n", crc_finish(&crc) ) ;
+}
+
int CmdLegicCalcCrc8(const char *Cmd){
uint8_t *data = NULL;
switch (type){
case 16:
- PrintAndLog("LEGIC CRC16: %X", CRC16Legic(data, len, uidcrc));
+ PrintAndLog("Legic crc16: %X", CRC16Legic(data, len, uidcrc));
+ break;
+ case 4:
+ calc4(data, 0);
break;
default:
- PrintAndLog("LEGIC CRC8: %X", CRC8Legic(data, len) );
+ PrintAndLog("Legic crc8: %X", CRC8Legic(data, len) );
break;
}
return 0;
}
+int HFLegicInfo(const char *Cmd, bool verbose) {
+
+ char cmdp = param_getchar(Cmd, 0);
+ if ( cmdp == 'H' || cmdp == 'h' ) return usage_legic_info();
+
+ UsbCommand c = {CMD_LEGIC_INFO, {0,0,0}};
+ clearCommandBuffer();
+ SendCommand(&c);
+ UsbCommand resp;
+ if (!WaitForResponseTimeout(CMD_ACK, &resp, 500)) {
+ if ( verbose ) PrintAndLog("command execution time out");
+ return 1;
+ }
+
+ uint8_t isOK = resp.arg[0] & 0xFF;
+ if ( !isOK ) {
+ if ( verbose ) PrintAndLog("legic card select failed");
+ return 1;
+ }
+
+ legic_card_select_t card;
+ memcpy(&card, (legic_card_select_t *)resp.d.asBytes, sizeof(legic_card_select_t));
+
+ PrintAndLog(" UID : %s", sprint_hex(card.uid, sizeof(card.uid)));
+ switch(card.cardsize) {
+ case 22:
+ case 256:
+ case 1024:
+ PrintAndLog(" TYPE : MIM%d card (%d bytes)", card.cardsize, card.cardsize); break;
+ default: {
+ PrintAndLog("Unknown card format: %d", card.cardsize);
+ return 1;
+ }
+ }
+ return 0;
+}
+int CmdLegicInfo(const char *Cmd){
+ return HFLegicInfo(Cmd, TRUE);
+}
+
static command_t CommandTable[] = {
{"help", CmdHelp, 1, "This help"},
{"decode", CmdLegicDecode, 0, "Display deobfuscated and decoded LEGIC RF tag data (use after hf legic reader)"},
{"writeraw",CmdLegicRfRawWrite, 0, "<address> <value> <iv> -- Write direct to address"},
{"fill", CmdLegicRfFill, 0, "<offset> <length> <value> -- Fill/Write tag with constant value"},
{"crc8", CmdLegicCalcCrc8, 1, "Calculate Legic CRC8 over given hexbytes"},
+ {"info", CmdLegicInfo, 1, "Information"},
{NULL, NULL, 0, NULL}
};
projects / proxmark3-svn / blobdiff