From: Martin Holst Swende <martin@swende.se>
Date: Thu, 19 Feb 2015 09:48:33 +0000 (+0100)
Subject: More work on iclass full simulation, and some work on iclass tag dump parsing
X-Git-Tag: v2.0.0-rc1~8
X-Git-Url: http://cvs.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/commitdiff_plain/1defcf606f59d93d80fe45dc91d28cc552db0c51?ds=inline;hp=-c

More work on iclass full simulation, and some work on iclass tag dump parsing
---

1defcf606f59d93d80fe45dc91d28cc552db0c51
diff --git a/armsrc/cipherutils.c b/armsrc/cipherutils.c
index a734ea7a..c00e2be2 100644
--- a/armsrc/cipherutils.c
+++ b/armsrc/cipherutils.c
@@ -39,8 +39,10 @@
 #include <stdint.h>
 #include <stdio.h>
 #include <string.h>
-#include "fileutils.h"
 #include "cipherutils.h"
+#ifndef ON_DEVICE
+#include "fileutils.h"
+#endif
 /**
  *
  * @brief Return and remove the first bit (x0) in the stream : <x0 x1 x2 x3 ... xn >
diff --git a/client/Makefile b/client/Makefile
index e63581ba..20e17d7d 100644
--- a/client/Makefile
+++ b/client/Makefile
@@ -94,6 +94,7 @@ CMDSRCS = 	nonce2key/crapto1.c\
 			cmdscript.c\
 			pm3_bitlib.c\
 			aes.c\
+			protocols.c\
 
 
 COREOBJS = $(CORESRCS:%.c=$(OBJDIR)/%.o)
diff --git a/client/cmdhficlass.c b/client/cmdhficlass.c
index 7bc23e9b..31f7ba97 100644
--- a/client/cmdhficlass.c
+++ b/client/cmdhficlass.c
@@ -29,6 +29,7 @@
 #include "loclass/ikeys.h"
 #include "loclass/elite_crack.h"
 #include "loclass/fileutils.h"
+#include "protocols.h"
 
 static int CmdHelp(const char *Cmd);
 
@@ -75,10 +76,9 @@ int CmdHFiClassSim(const char *Cmd)
 	uint8_t CSN[8] = {0, 0, 0, 0, 0, 0, 0, 0};
 
 	if (strlen(Cmd)<1) {
-		usage_hf_iclass_sim();
+		return usage_hf_iclass_sim();
 	}
-
-	simType = param_get8(Cmd, 0);
+	simType = param_get8ex(Cmd, 0, 0, 10);
 
 	if(simType == 0)
 	{
@@ -322,7 +322,7 @@ int CmdHFiClassReader_Dump(const char *Cmd)
 	PrintAndLog("Hash0, a.k.a diversified key, that is computed using Ksel and stored in the card (Block 3):");
 	printvar("Div key", div_key, 8);
 	printvar("CC_NR:",CCNR,12);
-	doMAC(CCNR,12,div_key, MAC);
+	doMAC(CCNR,div_key, MAC);
 	printvar("MAC", MAC, 4);
 
 	uint8_t iclass_data[32000] = {0};
@@ -421,9 +421,12 @@ int CmdHFiClassELoad(const char *Cmd)
 	fseek(f, 0, SEEK_SET);
 
 	uint8_t *dump = malloc(fsize);
+
+
 	size_t bytes_read = fread(dump, 1, fsize, f);
 	fclose(f);
 
+	printIclassDumpInfo(dump);
 	//Validate
 
 	if (bytes_read < fsize)
@@ -456,7 +459,7 @@ int usage_hf_iclass_decrypt()
 	PrintAndLog("OBS! In order to use this function, the file 'iclass_decryptionkey.bin' must reside");
 	PrintAndLog("in the working directory. The file should be 16 bytes binary data");
 	PrintAndLog("");
-	PrintAndLog("example: hf iclass decrypt tagdump_12312342343.bin");
+	PrintAndLog("example: hf iclass decrypt f tagdump_12312342343.bin");
 	PrintAndLog("");
 	PrintAndLog("OBS! This is pretty stupid implementation, it tries to decrypt every block after block 6. ");
 	PrintAndLog("Correct behaviour would be to decrypt only the application areas where the key is valid,");
@@ -604,7 +607,7 @@ int CmdHFiClass_iso14443A_write(const char *Cmd)
 	diversifyKey(CSN,KEY, div_key);
 
 	PrintAndLog("Div Key: %s",sprint_hex(div_key,8));
-	doMAC(CCNR, 12,div_key, MAC);
+	doMAC(CCNR, div_key, MAC);
 
 	UsbCommand c2 = {CMD_ICLASS_ISO14443A_WRITE, {readerType,blockNo}};
 	memcpy(c2.d.asBytes, bldata, 8);
diff --git a/client/loclass/elite_crack.c b/client/loclass/elite_crack.c
index a8ab869e..c824eaa1 100644
--- a/client/loclass/elite_crack.c
+++ b/client/loclass/elite_crack.c
@@ -394,7 +394,7 @@ int bruteforceItem(dumpdata item, uint16_t keytable[])
 		//Diversify
 		diversifyKey(item.csn, key_sel_p, div_key);
 		//Calc mac
-        doMAC(item.cc_nr,12, div_key,calculated_MAC);
+		doMAC(item.cc_nr, div_key,calculated_MAC);
 
 		if(memcmp(calculated_MAC, item.mac, 4) == 0)
 		{
diff --git a/common/protocols.c b/common/protocols.c
index bdaff3f1..6a4c9a10 100644
--- a/common/protocols.c
+++ b/common/protocols.c
@@ -1,7 +1,14 @@
 #include <stdio.h>
 #include <strings.h>
+#include <string.h>
 #include <stdint.h>
 #include <stdarg.h>
+#include "protocols.h"
+#ifndef ON_DEVICE
+#include "ui.h"
+#define prnt PrintAndLog
+#endif
+
 
 
 typedef struct {
@@ -25,17 +32,9 @@ typedef struct {
 
 }picopass_hdr;
 
-#define FUSE_FPERS   0x80
-#define FUSE_CODING1 0x40
-#define FUSE_CODING0 0x20
-#define FUSE_CRYPT1  0x10
-#define FUSE_CRYPT0  0x08
-#define FUSE_FPROD1  0x04
-#define FUSE_FPROD0  0x02
-#define FUSE_RA      0x01
 
 //#define prnt printf
-void prnt(char *fmt,...)
+/*void prnt(char *fmt,...)
 {
 	va_list argptr;
 	va_start(argptr, fmt);
@@ -44,7 +43,7 @@ void prnt(char *fmt,...)
 	va_end(argptr);
 	printf("\n");
 }
-
+*/
 uint8_t isset(uint8_t val, uint8_t mask)
 {
 	return (val & mask);
@@ -95,6 +94,14 @@ void print_picopass_info(const picopass_hdr *hdr)
 	mem_config(hdr);
 	applimit_config(hdr);
 }
+void printIclassDumpInfo(uint8_t* iclass_dump)
+{
+//	picopass_hdr hdr;
+//	memcpy(&hdr, iclass_dump, sizeof(picopass_hdr));
+	print_picopass_info((picopass_hdr *) iclass_dump);
+}
+
+/*
 void test()
 {
 	picopass_hdr hdr = {0x27,0xaf,0x48,0x01,0xf9,0xff,0x12,0xe0,0x12,0xff,0xff,0xff,0x7f,0x1f,0xff,0x3c};
@@ -106,3 +113,4 @@ int main(int argc, char *argv[])
 	test();
 	return 0;
 }
+*/
diff --git a/common/protocols.h b/common/protocols.h
index af165c3a..1dd66185 100644
--- a/common/protocols.h
+++ b/common/protocols.h
@@ -170,5 +170,17 @@ NXP/Philips CUSTOM COMMANDS
 #define ICLASS     1
 #define ISO_14443B 2
 
+//-- Picopass fuses
+#define FUSE_FPERS   0x80
+#define FUSE_CODING1 0x40
+#define FUSE_CODING0 0x20
+#define FUSE_CRYPT1  0x10
+#define FUSE_CRYPT0  0x08
+#define FUSE_FPROD1  0x04
+#define FUSE_FPROD0  0x02
+#define FUSE_RA      0x01
+
+
+void printIclassDumpInfo(uint8_t* iclass_dump);
 
 #endif // PROTOCOLS_H