// at your option, any later version. See the LICENSE.txt file for the text of
// the license.
//-----------------------------------------------------------------------------
-// Routines to support the German eletronic "Personalausweis" (ID card)
+// Routines to support the German electronic "Personalausweis" (ID card)
// Note that the functions which do not implement USB commands do NOT initialize
// the card (with iso14443a_select_card etc.). If You want to use these
// functions, You need to do the setup before calling them!
#include "iso14443a.h"
#include "epa.h"
-#include "../common/cmd.h"
+#include "cmd.h"
// Protocol and Parameter Selection Request
// use regular (1x) speed in both directions
0x04 // id-PACE
};
+// APDUs for replaying:
+// MSE: Set AT (initiate PACE)
+static uint8_t apdu_replay_mse_set_at_pace[41];
+// General Authenticate (Get Nonce)
+static uint8_t apdu_replay_general_authenticate_pace_get_nonce[8];
+// General Authenticate (Map Nonce)
+static uint8_t apdu_replay_general_authenticate_pace_map_nonce[75];
+// General Authenticate (Mutual Authenticate)
+static uint8_t apdu_replay_general_authenticate_pace_mutual_authenticate[75];
+// General Authenticate (Perform Key Agreement)
+static uint8_t apdu_replay_general_authenticate_pace_perform_key_agreement[18];
+// pointers to the APDUs (for iterations)
+static struct {
+ uint8_t len;
+ uint8_t *data;
+} const apdus_replay[] = {
+ {sizeof(apdu_replay_mse_set_at_pace), apdu_replay_mse_set_at_pace},
+ {sizeof(apdu_replay_general_authenticate_pace_get_nonce), apdu_replay_general_authenticate_pace_get_nonce},
+ {sizeof(apdu_replay_general_authenticate_pace_map_nonce), apdu_replay_general_authenticate_pace_map_nonce},
+ {sizeof(apdu_replay_general_authenticate_pace_mutual_authenticate), apdu_replay_general_authenticate_pace_mutual_authenticate},
+ {sizeof(apdu_replay_general_authenticate_pace_perform_key_agreement), apdu_replay_general_authenticate_pace_perform_key_agreement}
+};
+
+// lengths of the replay APDUs
+static uint8_t apdu_lengths_replay[5];
+
//-----------------------------------------------------------------------------
// Closes the communication channel and turns off the field
//-----------------------------------------------------------------------------
pace_version_info_t *pace_info)
{
size_t index = 0;
-
+
while (index <= length - 2) {
// determine type of element
// SET or SEQUENCE
if (data[index] == 0x31 || data[index] == 0x30) {
// enter the set (skip tag + length)
index += 2;
- // extended length
+ // check for extended length
if ((data[index - 1] & 0x80) != 0) {
- index += (data[index] & 0x7F);
+ index += (data[index-1] & 0x7F);
}
}
// OID
index += 2 + data[index + 1];
}
}
-
+
// TODO: We should check whether we reached the end in error, but for that
// we need a better parser (e.g. with states like IN_SET or IN_PACE_INFO)
return 0;
// we reserve 262 bytes here just to be safe (256-byte APDU + SW + ISO frame)
uint8_t response_apdu[262];
int rapdu_length = 0;
-
+
// select the file EF.CardAccess
rapdu_length = iso14_apdu((uint8_t *)apdu_select_binary_cardaccess,
sizeof(apdu_select_binary_cardaccess),
Dbprintf("epa - no select cardaccess");
return -1;
}
-
+
// read the file
rapdu_length = iso14_apdu((uint8_t *)apdu_read_binary,
sizeof(apdu_read_binary),
Dbprintf("epa - no read cardaccess");
return -1;
}
-
+
// copy the content into the buffer
// length of data available: apdu_length - 4 (ISO frame) - 2 (SW)
size_t to_copy = rapdu_length - 6;
//-----------------------------------------------------------------------------
static void EPA_PACE_Collect_Nonce_Abort(uint8_t step, int func_return)
{
-// // step in which the failure occured
-// ack->arg[0] = step;
-// // last return code
-// ack->arg[1] = func_return;
-
// power down the field
EPA_Finish();
-
+
// send the USB packet
cmd_send(CMD_ACK,step,func_return,0,0,0);
}
// return value of a function
int func_return = 0;
-// // initialize ack with 0s
-// memset(ack->arg, 0, 12);
-// memset(ack->d.asBytes, 0, 48);
-
// set up communication
func_return = EPA_Setup();
if (func_return != 0) {
EPA_PACE_Collect_Nonce_Abort(1, func_return);
- Dbprintf("epa: setup fucked up! %d", func_return);
return;
}
- // increase the timeout (at least some cards really do need this!)
- iso14a_set_timeout(0x0002FFFF);
- Dbprintf("epa: Epic!");
-
// read the CardAccess file
// this array will hold the CardAccess file
uint8_t card_access[256] = {0};
int card_access_length = EPA_Read_CardAccess(card_access, 256);
// the response has to be at least this big to hold the OID
if (card_access_length < 18) {
- Dbprintf("epa: Too small!");
EPA_PACE_Collect_Nonce_Abort(2, card_access_length);
return;
}
- Dbprintf("epa: foo!");
-
// this will hold the PACE info of the card
pace_version_info_t pace_version_info;
// search for the PACE OID
EPA_PACE_Collect_Nonce_Abort(3, func_return);
return;
}
-
- Dbprintf("epa: bar!");
-
+
// initiate the PACE protocol
// use the CAN for the password since that doesn't change
func_return = EPA_PACE_MSE_Set_AT(pace_version_info, 2);
-
+
// now get the nonce
uint8_t nonce[256] = {0};
uint8_t requested_size = (uint8_t)c->arg[0];
EPA_PACE_Collect_Nonce_Abort(4, func_return);
return;
}
-
- // all done, return
+
+ // all done, return
EPA_Finish();
-
+
// save received information
-// ack->arg[1] = func_return;
-// memcpy(ack->d.asBytes, nonce, func_return);
cmd_send(CMD_ACK,0,func_return,0,nonce,func_return);
}
sizeof(apdu_general_authenticate_pace_get_nonce));
// append Le (requested length + 2 due to tag/length taking 2 bytes) in RAPDU
apdu[sizeof(apdu_general_authenticate_pace_get_nonce)] = requested_length + 4;
-
+
// send it
uint8_t response_apdu[262];
int send_return = iso14_apdu(apdu,
{
return -1;
}
-
+
// if there is no nonce in the RAPDU, return here
if (send_return < 10)
{
}
// copy the nonce
memcpy(nonce, response_apdu + 6, nonce_length);
-
+
return nonce_length;
}
return 0;
}
+//-----------------------------------------------------------------------------
+// Perform the PACE protocol by replaying given APDUs
+//-----------------------------------------------------------------------------
+void EPA_PACE_Replay(UsbCommand *c)
+{
+ uint32_t timings[sizeof(apdu_lengths_replay) / sizeof(apdu_lengths_replay[0])] = {0};
+
+ // if an APDU has been passed, save it
+ if (c->arg[0] != 0) {
+ // make sure it's not too big
+ if(c->arg[2] > apdus_replay[c->arg[0] - 1].len)
+ {
+ cmd_send(CMD_ACK, 1, 0, 0, NULL, 0);
+ }
+ memcpy(apdus_replay[c->arg[0] - 1].data + c->arg[1],
+ c->d.asBytes,
+ c->arg[2]);
+ // save/update APDU length
+ if (c->arg[1] == 0) {
+ apdu_lengths_replay[c->arg[0] - 1] = c->arg[2];
+ } else {
+ apdu_lengths_replay[c->arg[0] - 1] += c->arg[2];
+ }
+ cmd_send(CMD_ACK, 0, 0, 0, NULL, 0);
+ return;
+ }
+
+ // return value of a function
+ int func_return;
+
+ // set up communication
+ func_return = EPA_Setup();
+ if (func_return != 0) {
+ EPA_Finish();
+ cmd_send(CMD_ACK, 2, func_return, 0, NULL, 0);
+ return;
+ }
+
+ // increase the timeout (at least some cards really do need this!)/////////////
+ // iso14a_set_timeout(0x0003FFFF);
+
+ // response APDU
+ uint8_t response_apdu[300] = {0};
+
+ // now replay the data and measure the timings
+ for (int i = 0; i < sizeof(apdu_lengths_replay); i++) {
+ StartCountUS();
+ func_return = iso14_apdu(apdus_replay[i].data,
+ apdu_lengths_replay[i],
+ response_apdu);
+ timings[i] = GetCountUS();
+ // every step but the last one should succeed
+ if (i < sizeof(apdu_lengths_replay) - 1
+ && (func_return < 6
+ || response_apdu[func_return - 4] != 0x90
+ || response_apdu[func_return - 3] != 0x00))
+ {
+ EPA_Finish();
+ cmd_send(CMD_ACK, 3 + i, func_return, 0, timings, 20);
+ return;
+ }
+ }
+ EPA_Finish();
+ cmd_send(CMD_ACK,0,0,0,timings,20);
+ return;
+}
+
//-----------------------------------------------------------------------------
// Set up a communication channel (Card Select, PPS)
// Returns 0 on success or a non-zero error code on failure
//-----------------------------------------------------------------------------
int EPA_Setup()
{
- // return code
- //int return_code = 0;
-
- // card UID
- //uint8_t uid[10] = {0x00};
-
+ int return_code = 0;
+ uint8_t uid[10];
+ uint8_t pps_response[3];
+ uint8_t pps_response_par[1];
+ iso14a_card_select_t card_select_info;
+
// power up the field
iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD);
- iso14a_clear_trace();
- iso14a_set_tracing(TRUE);
- iso14a_set_timeout(10500);
-
- // card select information
- byte_t cardbuf[USB_CMD_DATA_SIZE];
- memset(cardbuf,0,USB_CMD_DATA_SIZE);
- iso14a_card_select_t *card = (iso14a_card_select_t*)cardbuf;
-
// select the card
- // if (!iso14443a_select_card(uid, &card_info, NULL)) {
- // Dbprintf("Epa: Can't select card");
- // return -1;
- // }
-
- uint8_t wupa[] = { 0x26 }; // 0x26 - REQA 0x52 - WAKE-UP
- uint8_t sel_all[] = { 0x93,0x20 };
- uint8_t sel_uid[] = { 0x93,0x70,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
- uint8_t rats[] = { 0xE0,0x81,0x00,0x00 }; // FSD=256, FSDI=8, CID=1
-
- uint8_t *resp = ((uint8_t *)BigBuf) + RECV_RESP_OFFSET;
- uint8_t *resp_par = ((uint8_t *)BigBuf) + RECV_RESP_PAR_OFFSET;
-
- byte_t uid_resp[4];
- size_t uid_resp_len = 4;
-
- uint8_t sak = 0x04; // cascade uid
- int len;
-
- // Broadcast for a card, WUPA (0x52) will force response from all cards in the field
- ReaderTransmitBitsPar(wupa,7,0, NULL);
-
- // Receive the ATQA
- if(!ReaderReceive(resp, resp_par)) return -1;
-
- // SELECT_ALL
- ReaderTransmit(sel_all,sizeof(sel_all), NULL);
- if (!ReaderReceive(resp, resp_par)) return -1;
-
- // uid response from tag
- memcpy(uid_resp,resp,uid_resp_len);
-
- // Construct SELECT UID command
- // transmitting a full UID (1 Byte cmd, 1 Byte NVB, 4 Byte UID, 1 Byte BCC, 2 Bytes CRC)
- memcpy(sel_uid+2,uid_resp,4); // the UID
- sel_uid[6] = sel_uid[2] ^ sel_uid[3] ^ sel_uid[4] ^ sel_uid[5]; // calculate and add BCC
- AppendCrc14443a(sel_uid,7); // calculate and add CRC
- ReaderTransmit(sel_uid,sizeof(sel_uid), NULL);
-
- // Receive the SAK
- if (!ReaderReceive(resp, resp_par)) return -1;
- sak = resp[0];
-
- // Request for answer to select
- AppendCrc14443a(rats, 2);
- ReaderTransmit(rats, sizeof(rats), NULL);
-
- if ( !(len = ReaderReceive(resp, resp_par) )) return -1;
-
- // populate the collected data.
- memcpy( card->uid, uid_resp, uid_resp_len);
- card->uidlen += uid_resp_len;
- card->sak = sak;
- card->ats_len = len;
- memcpy(card->ats, resp, sizeof(card->ats));
-
-
+ return_code = iso14443a_select_card(uid, &card_select_info, NULL);
+ if (return_code != 1) {
+ return 1;
+ }
// send the PPS request
- // ReaderTransmit((uint8_t *)pps, sizeof(pps), NULL);
- // uint8_t pps_response[3];
- // uint8_t pps_response_par[1];
- // return_code = ReaderReceive(pps_response,pps_response_par);
- // if (return_code != 3 || pps_response[0] != 0xD0) {
- // return return_code == 0 ? 2 : return_code;
- // }
-
- return -1;
-}
\ No newline at end of file
+ ReaderTransmit((uint8_t *)pps, sizeof(pps), NULL);
+ return_code = ReaderReceive(pps_response, pps_response_par);
+ if (return_code != 3 || pps_response[0] != 0xD0) {
+ return return_code == 0 ? 2 : return_code;
+ }
+ return 0;
+}