X-Git-Url: http://cvs.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/6b5105bea972d055bb2069bf8ca2c6d105b2ee8f..7afa751a9673c0427d75116eac14dce2d19adedb:/client/emv/emvcore.c

diff --git a/client/emv/emvcore.c b/client/emv/emvcore.c
index 510e9850..46fc1b1e 100644
--- a/client/emv/emvcore.c
+++ b/client/emv/emvcore.c
@@ -9,13 +9,27 @@
 //-----------------------------------------------------------------------------
 
 #include "emvcore.h"
+
+#include <string.h>
 #include "emvjson.h"
 #include "util_posix.h"
 #include "protocols.h"
+#include "ui.h"
+#include "util.h"
+#include "emv_tags.h"
+#include "emv_pk.h"
+#include "emv_pki.h"
+#include "cmdhf14a.h"
+#include "apduinfo.h"
+#include "tlv.h"
+#include "dump.h"
+#include "dol.h"
+
 #ifdef WITH_SMARTCARD
 #include "cmdsmartcard.h"
 #endif
 
+
 // Got from here. Thanks)
 // https://eftlab.co.uk/index.php/site-map/knowledge-base/211-emv-aid-rid-pix
 static const char *PSElist [] = {
@@ -38,38 +52,39 @@ typedef struct {
 
 static const TAIDList AIDlist [] = {
 	// Visa International
-	{ CV_VISA, 	"A00000000305076010"},			// VISA ELO Credit
-	{ CV_VISA, 	"A0000000031010" },				// VISA Debit/Credit (Classic)
-	{ CV_VISA, 	"A000000003101001" },			// VISA Credit
-	{ CV_VISA, 	"A000000003101002" },			// VISA Debit
-	{ CV_VISA, 	"A0000000032010" },				// VISA Electron
-	{ CV_VISA, 	"A0000000032020" },				// VISA
-	{ CV_VISA, 	"A0000000033010" },				// VISA Interlink
-	{ CV_VISA, 	"A0000000034010" },				// VISA Specific
-	{ CV_VISA, 	"A0000000035010" },				// VISA Specific
-	{ CV_VISA, 	"A0000000036010" },				// Domestic Visa Cash Stored Value
-	{ CV_VISA, 	"A0000000036020" },				// International Visa Cash Stored Value
-	{ CV_VISA, 	"A0000000038002" },				// VISA Auth, VisaRemAuthen EMV-CAP (DPA)
-	{ CV_VISA, 	"A0000000038010" },				// VISA Plus
-	{ CV_VISA, 	"A0000000039010" },				// VISA Loyalty
-	{ CV_VISA, 	"A000000003999910" },			// VISA Proprietary ATM
+	{ CV_VISA,  "A00000000305076010"},          // VISA ELO Credit
+	{ CV_VISA,  "A0000000031010" },             // VISA Debit/Credit (Classic)
+	{ CV_VISA,  "A000000003101001" },           // VISA Credit
+	{ CV_VISA,  "A000000003101002" },           // VISA Debit
+	{ CV_VISA,  "A0000000032010" },             // VISA Electron
+	{ CV_VISA,  "A0000000032020" },             // VISA
+	{ CV_VISA,  "A0000000033010" },             // VISA Interlink
+	{ CV_VISA,  "A0000000034010" },             // VISA Specific
+	{ CV_VISA,  "A0000000035010" },             // VISA Specific
+	{ CV_VISA,  "A0000000036010" },             // Domestic Visa Cash Stored Value
+	{ CV_VISA,  "A0000000036020" },             // International Visa Cash Stored Value
+	{ CV_VISA,  "A0000000038002" },             // VISA Auth, VisaRemAuthen EMV-CAP (DPA)
+	{ CV_VISA,  "A0000000038010" },             // VISA Plus
+	{ CV_VISA,  "A0000000039010" },             // VISA Loyalty
+	{ CV_VISA,  "A000000003999910" },           // VISA Proprietary ATM
 	// Visa USA
-	{ CV_VISA, 	"A000000098" },					// Debit Card
-	{ CV_VISA, 	"A0000000980848" },				// Debit Card
+	{ CV_VISA,  "A000000098" },                 // Debit Card
+	{ CV_VISA,  "A0000000980848" },             // Debit Card
 	// Mastercard International
-	{ CV_MASTERCARD, "A00000000401" },			// MasterCard PayPass
-	{ CV_MASTERCARD, "A0000000041010" },		// MasterCard Credit
-	{ CV_MASTERCARD, "A00000000410101213" },	// MasterCard Credit
-	{ CV_MASTERCARD, "A00000000410101215" },	// MasterCard Credit
-	{ CV_MASTERCARD, "A0000000042010" },		// MasterCard Specific
-	{ CV_MASTERCARD, "A0000000043010" },		// MasterCard Specific
-	{ CV_MASTERCARD, "A0000000043060" },		// Maestro (Debit)
-	{ CV_MASTERCARD, "A000000004306001" },		// Maestro (Debit)
-	{ CV_MASTERCARD, "A0000000044010" },		// MasterCard Specific
-	{ CV_MASTERCARD, "A0000000045010" },		// MasterCard Specific
-	{ CV_MASTERCARD, "A0000000046000" },		// Cirrus
-	{ CV_MASTERCARD, "A0000000048002" },		// SecureCode Auth EMV-CAP
-	{ CV_MASTERCARD, "A0000000049999" },		// MasterCard PayPass
+	{ CV_MASTERCARD, "A00000000401" },          // MasterCard PayPass
+	{ CV_MASTERCARD, "A0000000041010" },        // MasterCard Credit
+	{ CV_MASTERCARD, "A00000000410101213" },    // MasterCard Credit
+	{ CV_MASTERCARD, "A00000000410101215" },    // MasterCard Credit
+	{ CV_MASTERCARD, "A0000000042010" },        // MasterCard Specific
+	{ CV_MASTERCARD, "A0000000043010" },        // MasterCard Specific
+	{ CV_MASTERCARD, "A0000000043060" },        // Maestro (Debit)
+	{ CV_MASTERCARD, "A000000004306001" },      // Maestro (Debit)
+	{ CV_MASTERCARD, "A0000000044010" },        // MasterCard Specific
+	{ CV_MASTERCARD, "A0000000045010" },        // MasterCard Specific
+	{ CV_MASTERCARD, "A0000000046000" },        // Cirrus
+	{ CV_MASTERCARD, "A0000000048002" },        // SecureCode Auth EMV-CAP
+	{ CV_MASTERCARD, "A0000000049999" },        // MasterCard PayPass
+	{ CV_MASTERCARD, "B012345678" },            // Maestro TEST Used for development
 	// American Express
 	{ CV_AMERICANEXPRESS, "A000000025" },
 	{ CV_AMERICANEXPRESS, "A0000000250000" },
@@ -78,19 +93,48 @@ static const TAIDList AIDlist [] = {
 	{ CV_AMERICANEXPRESS, "A000000025010701" },
 	{ CV_AMERICANEXPRESS, "A000000025010801" },
 	// Groupement des Cartes Bancaires "CB"
-	{ CV_CB, "A0000000421010" },				// Cartes Bancaire EMV Card
+	{ CV_CB, "A0000000421010" },                // Cartes Bancaire EMV Card
 	{ CV_CB, "A0000000422010" },
 	{ CV_CB, "A0000000423010" },
 	{ CV_CB, "A0000000424010" },
 	{ CV_CB, "A0000000425010" },
 	// JCB CO., LTD.
-	{ CV_JCB, "A00000006510" },					// JCB
-	{ CV_JCB, "A0000000651010" },				// JCB J Smart Credit
+	{ CV_JCB, "A00000006510" },                 // JCB
+	{ CV_JCB, "A0000000651010" },               // JCB J Smart Credit
+	// Switch Card Services Ltd.
+	{ CV_SWITCH, "A0000000050001" },            // Maestro UK
+	{ CV_SWITCH, "A0000000050002" },            // Solo
+	// Diners Club International Ltd.
+	{ CV_DINERS, "A0000001523010" },            // Discover, Pulse D Pas Discover Card
+	{ CV_DINERS, "A0000001524010" },            // Discover, Discover Debit Common Card
 	// Other
-	{ CV_OTHER, "A0000001544442" },				// Banricompras Debito - Banrisul - Banco do Estado do Rio Grande do SUL - S.A.
-	{ CV_OTHER, "F0000000030001" },				// BRADESCO
-	{ CV_OTHER, "A0000005241010" },				// RuPay - RuPay
-	{ CV_OTHER, "D5780000021010" }				// Bankaxept - Bankaxept
+	{ CV_OTHER, "A00000002401" },               // Midland Bank Plc - Self Service
+	{ CV_OTHER, "A0000000291010" },             // LINK Interchange Network Ltd - Link / American Express
+	{ CV_OTHER, "A00000006900" },               // Société Européenne de Monnaie Electronique SEME - Moneo
+	{ CV_OTHER, "A000000077010000021000000000003B" },  // Oberthur Technologies France - Visa AEPN
+	{ CV_OTHER, "A0000001211010" },             // PBS Danmark A/S - Denmark - Dankort (VISA GEM Vision) - Danish domestic debit card
+	{ CV_OTHER, "A0000001410001" },             // Associazione Bancaria Italiana - Italy - PagoBANCOMAT - CoGeBan Consorzio BANCOMAT (Italian domestic debit card)
+	{ CV_OTHER, "A0000001544442" },             // Banricompras Debito - Banrisul - Banco do Estado do Rio Grande do SUL - S.A.
+	{ CV_OTHER, "A000000172950001" },           // Financial Information Service Co. Ltd. - Taiwan - BAROC Financial Application Taiwan- The Bankers Association of the Republic of China
+	{ CV_OTHER, "A0000001850002" },             // Post Office Limited - United Kingdom - UK Post Office Account card
+	{ CV_OTHER, "A0000002281010" },             // Saudi Arabian Monetary Agency (SAMA) - Kingdom of Saudi Arabia - SPAN (M/Chip) - SPAN2 (Saudi Payments Network) - Saudi Arabia domestic credit/debit card (Saudi Arabia Monetary Agency)
+	{ CV_OTHER, "A0000002282010" },             // Saudi Arabian Monetary Agency (SAMA) - Kingdom of Saudi Arabia - SPAN (VIS) - SPAN2 (Saudi Payments Network) - Saudi Arabia domestic credit/debit card (Saudi Arabia Monetary Agency)
+	{ CV_OTHER, "A0000002771010" },             // Interac Association - Canada - INTERAC - Canadian domestic credit/debit card
+	{ CV_OTHER, "A00000031510100528" },         // Currence Holding/PIN BV - The Netherlands- Currence PuC
+	{ CV_OTHER, "A0000003156020" },             // Currence Holding/PIN BV - The Netherlands - Chipknip
+	{ CV_OTHER, "A0000003591010028001" },       // Euro Alliance of Payment Schemes s.c.r.l. (EAPS) - Belgium - Girocard EAPS - ZKA (Germany)
+	{ CV_OTHER, "A0000003710001" },             // Verve - Nigeria - InterSwitch Verve Card - Nigerian local switch company
+	{ CV_OTHER, "A0000004540010" },             // eTranzact - Nigeria - Etranzact Genesis Card - Nigerian local switch company
+	{ CV_OTHER, "A0000004540011" },             // eTranzact - Nigeria - Etranzact Genesis Card 2 - Nigerian local switch company
+	{ CV_OTHER, "A0000004766C" },               // Google - United States - GOOGLE_PAYMENT_AID
+	{ CV_OTHER, "A0000005241010" },             // RuPay - India - RuPay - RuPay (India)
+	{ CV_OTHER, "A0000006723010" },             // TROY - Turkey - TROY chip credit card - Turkey's Payment Method
+	{ CV_OTHER, "A0000006723020" },             // TROY - Turkey - TROY chip debit card - Turkey's Payment Method
+	{ CV_OTHER, "A0000007705850" },             // Indian Oil Corporation Limited - India - XTRAPOWER Fleet Card Program - Indian Oil’s Pre Paid Program
+	{ CV_OTHER, "D27600002545500100" },         // ZKA - Germany - Girocard - ZKA Girocard (Geldkarte) (Germany)
+	{ CV_OTHER, "D5280050218002" },             // The Netherlands - ? - (Netherlands)
+	{ CV_OTHER, "D5780000021010" },             // Bankaxept    Norway  Bankaxept   Norwegian domestic debit card
+	{ CV_OTHER, "F0000000030001" },             // BRADESCO - Brazilian Bank Banco Bradesco
 };
 static const size_t AIDlistLen = sizeof(AIDlist)/sizeof(TAIDList);
 
@@ -99,6 +143,12 @@ void SetAPDULogging(bool logging) {
 	APDULogging = logging;
 }
 
+void DropFieldEx(EMVCommandChannel channel) {
+	if (channel == ECC_CONTACTLESS) {
+		DropField();
+	}
+}
+
 enum CardPSVendor GetCardPSVendor(uint8_t * AID, size_t AIDlen) {
 	char buf[100] = {0};
 	if (AIDlen < 1)
@@ -237,39 +287,38 @@ struct tlvdb *GetdCVVRawFromTrack2(const struct tlv *track2) {
 }
 
 
-static int EMVExchangeEx(EMVCommandChannel channel, bool ActivateField, bool LeaveFieldON, uint8_t *apdu, int apdu_len, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) 
+int EMVExchangeEx(EMVCommandChannel channel, bool ActivateField, bool LeaveFieldON, uint8_t *apdu, int apdu_len, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) 
 {
 	*ResultLen = 0;
 	if (sw)	*sw = 0;
 	uint16_t isw = 0;
 	int res = 0;
 
-	if (ActivateField && channel == ECC_CONTACTLESS) {
-		DropField();
+	if (ActivateField) {
+		DropFieldEx( channel );
 		msleep(50);
 	}
 
 	if (APDULogging)
 		PrintAndLogEx(SUCCESS, ">>>> %s", sprint_hex(apdu, apdu_len));
 
+#ifdef WITH_SMARTCARD
 	switch(channel) {
 		case ECC_CONTACTLESS:
 			// 6 byes + data = INS + CLA + P1 + P2 + Lc + <data = Nc> + Le(?IncludeLe)
 			res = ExchangeAPDU14a(apdu, apdu_len, ActivateField, LeaveFieldON, Result, (int)MaxResultLen, (int *)ResultLen);
-			if (res) {
-				return res;
-			}
 			break;
 		case ECC_CONTACT:
-			//int ExchangeAPDUSC(uint8_t *datain, int datainlen, bool activateCard, bool leaveSignalON, uint8_t *dataout, int maxdataoutlen, int *dataoutlen);
-#ifdef WITH_SMARTCARD
 			res = ExchangeAPDUSC(apdu, apdu_len, ActivateField, LeaveFieldON, Result, (int)MaxResultLen, (int *)ResultLen);
-			if (res) {
-				return res;
-			}
-#endif
 			break;
 	}
+#else
+	res = ExchangeAPDU14a(apdu, apdu_len, ActivateField, LeaveFieldON, Result, (int)MaxResultLen, (int *)ResultLen);
+#endif	
+
+	if (res) {
+		return res;
+	}
 
 	if (APDULogging)
 		PrintAndLogEx(SUCCESS, "<<<< %s", sprint_hex(Result, *ResultLen));
@@ -281,10 +330,15 @@ static int EMVExchangeEx(EMVCommandChannel channel, bool ActivateField, bool Lea
 	if (Result[*ResultLen-2] == 0x61) {
 		uint8_t La = Result[*ResultLen-1];
 		uint8_t get_response[5] = {apdu[0], ISO7816_GET_RESPONSE, 0x00, 0x00, La};
-		return EMVExchangeEx(channel, false, LeaveFieldON, get_response, sizeof(get_response), Result, MaxResultLen, ResultLen, sw, tlv);
+		size_t oldlen = *ResultLen;
+		res = EMVExchangeEx(channel, false, LeaveFieldON, get_response, sizeof(get_response), &Result[oldlen-2], MaxResultLen-oldlen+2, ResultLen, sw, tlv);
+		*ResultLen += oldlen;
 	}
 
+	if (res) return res;
+
 	*ResultLen -= 2;
+	
 	isw = Result[*ResultLen] * 0x0100 + Result[*ResultLen + 1];
 	if (sw)
 		*sw = isw;
@@ -305,14 +359,14 @@ static int EMVExchangeEx(EMVCommandChannel channel, bool ActivateField, bool Lea
 	return 0;
 }
 
-int EMVExchange(EMVCommandChannel channel, bool LeaveFieldON, uint8_t *apdu, int apdu_len, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) 
+static int EMVExchange(EMVCommandChannel channel, bool LeaveFieldON, uint8_t *apdu, int apdu_len, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) 
 {
 	uint8_t APDU[APDU_COMMAND_LEN];
 	memcpy(APDU, apdu, apdu_len);
 	APDU[apdu_len] = 0x00; 
 	if (channel == ECC_CONTACTLESS) {
-		if (apdu_len == 5 && apdu[4] == 0) {
-			// there is no Lc but an Le == 0 already
+		if (apdu_len == 5) {
+			// there is no Lc but an Le already
 		} else if (apdu_len > 5 && apdu_len == 5 + apdu[4] + 1) {
 			// there is Lc, data and Le
 		} else {
@@ -356,11 +410,76 @@ int EMVSelectPSE(EMVCommandChannel channel, bool ActivateField, bool LeaveFieldO
 	return res;
 }
 
+
+int EMVSelectWithRetry(EMVCommandChannel channel, bool ActivateField, bool LeaveFieldON, uint8_t *AID, size_t AIDLen, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) {
+	int retrycnt = 0;
+	int res = 0;
+	do {
+		res = EMVSelect(channel, false, true, AID, AIDLen, Result, MaxResultLen, ResultLen, sw, tlv);
+
+		// retry if error and not returned sw error
+		if (res && res != 5) {
+			if (++retrycnt < 3){
+				continue;
+			} else {
+				// card select error, proxmark error
+				if (res == 1) {
+					PrintAndLogEx(WARNING, "Exit...");
+					return 1;
+				}
+				
+				retrycnt = 0;
+				PrintAndLogEx(NORMAL, "Retry failed [%s]. Skiped...", sprint_hex_inrow(AID, AIDLen));
+				return res;
+			}	
+		}
+	} while (res && res != 5);
+
+	return res;
+}
+
+
+int EMVCheckAID(EMVCommandChannel channel, bool decodeTLV, struct tlvdb *tlvdbelm, struct tlvdb *tlv){
+	uint8_t data[APDU_RESPONSE_LEN] = {0};
+	size_t datalen = 0;
+	int res = 0;
+	uint16_t sw = 0;
+
+	while (tlvdbelm) {
+		const struct tlv *tgAID = tlvdb_get_inchild(tlvdbelm, 0x4f, NULL);
+		if (tgAID) {
+			res = EMVSelectWithRetry(channel, false, true, (uint8_t *)tgAID->value, tgAID->len, data, sizeof(data), &datalen, &sw, tlv);
+
+			// if returned sw error
+			if (res == 5) {
+				// next element
+				tlvdbelm = tlvdb_find_next(tlvdbelm, 0x61);
+				continue;
+			}
+			
+			if (res)
+				break;
+
+			// all is ok
+			if (decodeTLV){
+				PrintAndLogEx(NORMAL, "%s:", sprint_hex_inrow(tgAID->value, tgAID->len));
+				TLVPrintFromBuffer(data, datalen);
+			}
+		}
+		tlvdbelm = tlvdb_find_next(tlvdbelm, 0x61);
+	}
+	return res;
+}
+
+
 int EMVSearchPSE(EMVCommandChannel channel, bool ActivateField, bool LeaveFieldON, uint8_t PSENum, bool decodeTLV, struct tlvdb *tlv) {
 	uint8_t data[APDU_RESPONSE_LEN] = {0};
 	size_t datalen = 0;
+	uint8_t sfidata[0x11][APDU_RESPONSE_LEN] = {0};
+	size_t sfidatalen[0x11] = {0};
 	uint16_t sw = 0;
 	int res;
+	bool fileFound = false;
 
 	char *PSE_or_PPSE = PSENum == 1 ? "PSE" : "PPSE";
 	
@@ -368,49 +487,72 @@ int EMVSearchPSE(EMVCommandChannel channel, bool ActivateField, bool LeaveFieldO
 	res = EMVSelectPSE(channel, ActivateField, true, PSENum, data, sizeof(data), &datalen, &sw);
 
 	if (!res){
+		if (sw != 0x9000) {
+			PrintAndLogEx(FAILED, "Select PSE error. APDU error: %04x.", sw);
+			return 1;
+		}
+		
 		struct tlvdb *t = NULL;
 		t = tlvdb_parse_multi(data, datalen);
 		if (t) {
-			int retrycnt = 0;
-			struct tlvdb *ttmp = tlvdb_find_path(t, (tlv_tag_t[]){0x6f, 0xa5, 0xbf0c, 0x61, 0x00});
-			if (!ttmp)
-				PrintAndLogEx(FAILED, "%s doesn't have any records.", PSE_or_PPSE);
-
-			while (ttmp) {
-				const struct tlv *tgAID = tlvdb_get_inchild(ttmp, 0x4f, NULL);
-				if (tgAID) {
-					res = EMVSelect(channel, false, true, (uint8_t *)tgAID->value, tgAID->len, data, sizeof(data), &datalen, &sw, tlv);
-
-					// retry if error and not returned sw error
-					if (res && res != 5) {
-						if (++retrycnt < 3){
-							continue;
-						} else {
-							// card select error, proxmark error
-							if (res == 1) {
-								PrintAndLogEx(WARNING, "Exit...");
-								return 1;
-							}
-
-							retrycnt = 0;
-							PrintAndLogEx(NORMAL, "Retry failed [%s]. Skiped...", sprint_hex_inrow(tgAID->value, tgAID->len));
-						}
-
-						// next element
-						ttmp = tlvdb_find_next(ttmp, 0x61);
-						continue;
+			// PSE/PPSE with SFI
+			struct tlvdb *tsfi = tlvdb_find_path(t, (tlv_tag_t[]){0x6f, 0xa5, 0x88, 0x00});
+			if (tsfi) {
+				uint8_t sfin = 0;
+				tlv_get_uint8(tlvdb_get_tlv(tsfi), &sfin);
+				PrintAndLogEx(INFO, "* PPSE get SFI: 0x%02x.", sfin);
+				
+				for (uint8_t ui = 0x01; ui <= 0x10; ui++) {
+					PrintAndLogEx(INFO, "* * Get SFI: 0x%02x. num: 0x%02x", sfin, ui);
+					res = EMVReadRecord(channel, true, sfin, ui, sfidata[ui], APDU_RESPONSE_LEN, &sfidatalen[ui], &sw, NULL);
+					
+					// end of records
+					if (sw == 0x6a83) {
+						sfidatalen[ui] = 0;
+						PrintAndLogEx(INFO, "* * PPSE get SFI. End of records.");
+						break;
+					}
+					
+					// error catch!
+					if (sw != 0x9000) {
+						sfidatalen[ui] = 0;
+						PrintAndLogEx(FAILED, "PPSE get Error. APDU error: %04x.", sw);
+						break;
 					}
-					retrycnt = 0;
 
-					// all is ok
 					if (decodeTLV){
-						PrintAndLogEx(NORMAL, "%s:", sprint_hex_inrow(tgAID->value, tgAID->len));
-						TLVPrintFromBuffer(data, datalen);
+						TLVPrintFromBuffer(sfidata[ui], sfidatalen[ui]);
+					}
+				}
+
+				for (uint8_t ui = 0x01; ui <= 0x10; ui++) {
+					if (sfidatalen[ui]) {
+						struct tlvdb *tsfi = NULL;
+						tsfi = tlvdb_parse_multi(sfidata[ui], sfidatalen[ui]);
+						if (tsfi) {
+							struct tlvdb *tsfitmp = tlvdb_find_path(tsfi, (tlv_tag_t[]){0x70, 0x61, 0x00});
+							if (!tsfitmp) {
+								PrintAndLogEx(FAILED, "SFI 0x%02d doesn't have any records.", sfidatalen[ui]);
+								continue;
+							}
+							res = EMVCheckAID(channel, decodeTLV, tsfitmp, tlv);							
+							fileFound = true;
+						}
+						tlvdb_free(tsfi);
 					}
 				}
+			}
+
 
-				ttmp = tlvdb_find_next(ttmp, 0x61);
+			// PSE/PPSE plain (wo SFI)
+			struct tlvdb *ttmp = tlvdb_find_path(t, (tlv_tag_t[]){0x6f, 0xa5, 0xbf0c, 0x61, 0x00});
+			if (ttmp) {
+				res = EMVCheckAID(channel, decodeTLV, ttmp, tlv);
+				fileFound = true;
 			}
+			
+			if (!fileFound)
+				PrintAndLogEx(FAILED, "PPSE doesn't have any records.");
 
 			tlvdb_free(t);
 		} else {
@@ -420,8 +562,8 @@ int EMVSearchPSE(EMVCommandChannel channel, bool ActivateField, bool LeaveFieldO
 		PrintAndLogEx(WARNING, "%s ERROR: Can't select PPSE AID. Error: %d", PSE_or_PPSE, res);
 	}
 
-	if(!LeaveFieldON && channel == ECC_CONTACTLESS)
-		DropField();
+	if (!LeaveFieldON)
+		DropFieldEx( channel );
 
 	return res;
 }
@@ -512,7 +654,7 @@ int EMVSelectApplication(struct tlvdb *tlv, uint8_t *AID, size_t *AIDlen) {
 
 int EMVGPO(EMVCommandChannel channel, bool LeaveFieldON, uint8_t *PDOL, size_t PDOLLen, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) 
 {
-	uint8_t GPO_APDU[APDU_COMMAND_LEN] = {0x80, 0xa8, 0x00, 0x00, PDOLLen, 0x00};
+	uint8_t GPO_APDU[APDU_COMMAND_LEN] = {0x80, ISO7816_GET_PROCESSING_OPTIONS, 0x00, 0x00, PDOLLen, 0x00};
 	memcpy(GPO_APDU + 5, PDOL, PDOLLen);
 	int apdulen = 5 + PDOLLen;
 	
@@ -553,7 +695,7 @@ int EMVGenerateChallenge(EMVCommandChannel channel, bool LeaveFieldON, uint8_t *
 
 int EMVInternalAuthenticate(EMVCommandChannel channel, bool LeaveFieldON, uint8_t *DDOL, size_t DDOLLen, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw, struct tlvdb *tlv) 
 {
-	uint8_t authenticate_APDU[APDU_COMMAND_LEN] = {0x00, ISO7816_INTERNAL_AUTHENTICATION, 0x00, 0x00, DDOLLen, 0x00};
+	uint8_t authenticate_APDU[APDU_COMMAND_LEN] = {0x00, ISO7816_INTERNAL_AUTHENTICATE, 0x00, 0x00, DDOLLen, 0x00};
 	memcpy(authenticate_APDU + 5, DDOL, DDOLLen);
 	int apdulen = 5 + DDOLLen;
 	
@@ -577,7 +719,7 @@ struct emv_pk *get_ca_pk(struct tlvdb *db) {
 	if (!df_tlv || !caidx_tlv || df_tlv->len < 6 || caidx_tlv->len != 1)
 		return NULL;
 
-	PrintAndLogEx(NORMAL, "CA public key index 0x%0x", caidx_tlv->value[0]);
+	PrintAndLogEx(NORMAL, "CA Public Key index 0x%0x", caidx_tlv->value[0]);
 	return emv_pk_get_ca_pk(df_tlv->value, caidx_tlv->value[0]);
 }
 
@@ -619,7 +761,7 @@ int trSDA(struct tlvdb *tlv) {
 	struct tlvdb *dac_db = emv_pki_recover_dac(issuer_pk, tlv, sda_tlv);
 	if (dac_db) {
 		const struct tlv *dac_tlv = tlvdb_get(dac_db, 0x9f45, NULL);
-		PrintAndLogEx(NORMAL, "SDA verified OK. (%02hhx:%02hhx)\n", dac_tlv->value[0], dac_tlv->value[1]);
+		PrintAndLogEx(NORMAL, "SDA verified OK. (Data Authentication Code: %02hhx:%02hhx)\n", dac_tlv->value[0], dac_tlv->value[1]);
 		tlvdb_add(tlv, dac_db);
 	} else {
 		emv_pk_free(issuer_pk);
@@ -648,12 +790,12 @@ int trDDA(EMVCommandChannel channel, bool decodeTLV, struct tlvdb *tlv) {
 	}
 
 	const struct tlv *sda_tlv = tlvdb_get(tlv, 0x21, NULL);
-	if (!sda_tlv || sda_tlv->len < 1) {
+/*	if (!sda_tlv || sda_tlv->len < 1) { it may be 0!!!!
 		emv_pk_free(pk);
 		PrintAndLogEx(WARNING, "Error: Can't find input list for Offline Data Authentication. Exit.");
 		return 3;
 	}
-
+*/
 	struct emv_pk *issuer_pk = emv_pki_recover_issuer_cert(pk, tlv);
 	if (!issuer_pk) {
 		emv_pk_free(pk);
@@ -676,7 +818,7 @@ int trDDA(EMVCommandChannel channel, bool decodeTLV, struct tlvdb *tlv) {
 	if (!icc_pk) {
 		emv_pk_free(pk);
 		emv_pk_free(issuer_pk);
-		PrintAndLogEx(WARNING, "Error: ICC setrificate not found. Exit.");
+		PrintAndLogEx(WARNING, "Error: ICC certificate not found. Exit.");
 		return 2;
 	}
 	PrintAndLogEx(SUCCESS, "ICC PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx\n",
@@ -691,21 +833,25 @@ int trDDA(EMVCommandChannel channel, bool decodeTLV, struct tlvdb *tlv) {
 			icc_pk->serial[2]
 			);
 
-	struct emv_pk *icc_pe_pk = emv_pki_recover_icc_pe_cert(issuer_pk, tlv);
-	if (!icc_pe_pk) {
-		PrintAndLogEx(WARNING, "WARNING: ICC PE PK recover error. ");
+	if (tlvdb_get(tlv, 0x9f2d, NULL)) {
+		struct emv_pk *icc_pe_pk = emv_pki_recover_icc_pe_cert(issuer_pk, tlv);
+		if (!icc_pe_pk) {
+			PrintAndLogEx(WARNING, "WARNING: ICC PE PK recover error. ");
+		} else {
+			PrintAndLogEx(SUCCESS, "ICC PE PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx\n",
+					icc_pe_pk->rid[0],
+					icc_pe_pk->rid[1],
+					icc_pe_pk->rid[2],
+					icc_pe_pk->rid[3],
+					icc_pe_pk->rid[4],
+					icc_pe_pk->index,
+					icc_pe_pk->serial[0],
+					icc_pe_pk->serial[1],
+					icc_pe_pk->serial[2]
+					);
+		}
 	} else {
-		PrintAndLogEx(SUCCESS, "ICC PE PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx\n",
-				icc_pe_pk->rid[0],
-				icc_pe_pk->rid[1],
-				icc_pe_pk->rid[2],
-				icc_pe_pk->rid[3],
-				icc_pe_pk->rid[4],
-				icc_pe_pk->index,
-				icc_pe_pk->serial[0],
-				icc_pe_pk->serial[1],
-				icc_pe_pk->serial[2]
-				);
+		PrintAndLogEx(INFO, "ICC PE PK (PIN Encipherment Public Key Certificate) not found.\n");
 	}
 
 	// 9F4B: Signed Dynamic Application Data
@@ -747,7 +893,7 @@ int trDDA(EMVCommandChannel channel, bool decodeTLV, struct tlvdb *tlv) {
 		struct tlvdb *dac_db = emv_pki_recover_dac(issuer_pk, tlv, sda_tlv);
 		if (dac_db) {
 			const struct tlv *dac_tlv = tlvdb_get(dac_db, 0x9f45, NULL);
-			PrintAndLogEx(NORMAL, "SDA verified OK. (%02hhx:%02hhx)\n", dac_tlv->value[0], dac_tlv->value[1]);
+			PrintAndLogEx(NORMAL, "SDAD verified OK. (Data Authentication Code: %02hhx:%02hhx)\n", dac_tlv->value[0], dac_tlv->value[1]);
 			tlvdb_add(tlv, dac_db);
 		} else {
 			PrintAndLogEx(WARNING, "Error: SSAD verify error");
@@ -791,9 +937,16 @@ int trDDA(EMVCommandChannel channel, bool decodeTLV, struct tlvdb *tlv) {
 			if (len < 3 ) {
 				PrintAndLogEx(WARNING, "Error: Internal Authenticate format1 parsing error. length=%d", len);
 			} else {
+				// parse response 0x80
+				struct tlvdb *t80 = tlvdb_parse_multi(buf, len);
+				const struct tlv * t80tlv = tlvdb_get_tlv(t80);
+				
 				// 9f4b Signed Dynamic Application Data
-				dda_db = tlvdb_fixed(0x9f4b, len - 2, buf + 2);
+				dda_db = tlvdb_fixed(0x9f4b, t80tlv->len, t80tlv->value);
 				tlvdb_add(tlv, dda_db);
+				
+				tlvdb_free(t80);
+				
 				if (decodeTLV){
 					PrintAndLogEx(NORMAL, "* * Decode response format 1:");
 					TLVPrintFromTLV(dda_db);
@@ -886,7 +1039,7 @@ int trCDA(struct tlvdb *tlv, struct tlvdb *ac_tlv, struct tlv *pdol_data_tlv, st
 
 	struct emv_pk *icc_pk = emv_pki_recover_icc_cert(issuer_pk, tlv, sda_tlv);
 	if (!icc_pk) {
-		PrintAndLogEx(WARNING, "Error: ICC setrificate not found. Exit.");
+		PrintAndLogEx(WARNING, "Error: ICC certificate not found. Exit.");
 		emv_pk_free(pk);
 		emv_pk_free(issuer_pk);
 		return 2;