From: Iceman Date: Fri, 23 Jun 2017 18:25:51 +0000 (+0200) Subject: Merge pull request #330 from marshmellow42/master X-Git-Tag: v3.1.0~205 X-Git-Url: http://cvs.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/commitdiff_plain/b4d321bbf306528f85f4cd08dd3bcb3c6a4d63fe?hp=c0a2ae50daa4857cbcfc4e702105d6bd5ce04883 Merge pull request #330 from marshmellow42/master bug fix for hf iclass reader and iclass detection --- diff --git a/armsrc/iclass.c b/armsrc/iclass.c index eb5a5a79..f69d0be2 100644 --- a/armsrc/iclass.c +++ b/armsrc/iclass.c @@ -1661,7 +1661,7 @@ uint8_t handshakeIclassTag_ext(uint8_t *card_data, bool use_credit_key) //Flag that we got to at least stage 1, read CSN read_status = 1; - // Card selected, now read e-purse (cc) + // Card selected, now read e-purse (cc) (only 8 bytes no CRC) ReaderTransmitIClass(readcheck_cc, sizeof(readcheck_cc)); if(ReaderReceiveIClass(resp) == 8) { //Save CC (e-purse) in response data @@ -1682,21 +1682,28 @@ void ReaderIClass(uint8_t arg0) { uint8_t card_data[6 * 8]={0}; memset(card_data, 0xFF, sizeof(card_data)); uint8_t last_csn[8]={0}; - + uint8_t resp[ICLASS_BUFFER_SIZE]; + memset(resp, 0xFF, sizeof(resp)); //Read conf block CRC(0x01) => 0xfa 0x22 uint8_t readConf[] = { ICLASS_CMD_READ_OR_IDENTIFY,0x01, 0xfa, 0x22}; - //Read conf block CRC(0x05) => 0xde 0x64 + //Read App Issuer Area block CRC(0x05) => 0xde 0x64 uint8_t readAA[] = { ICLASS_CMD_READ_OR_IDENTIFY,0x05, 0xde, 0x64}; - int read_status= 0; uint8_t result_status = 0; + // flag to read until one tag is found successfully bool abort_after_read = arg0 & FLAG_ICLASS_READER_ONLY_ONCE; + // flag to only try 5 times to find one tag then return bool try_once = arg0 & FLAG_ICLASS_READER_ONE_TRY; - bool use_credit_key = false; - if (arg0 & FLAG_ICLASS_READER_CEDITKEY) - use_credit_key = true; - set_tracing(TRUE); + // if neither abort_after_read nor try_once then continue reading until button pressed. + + bool use_credit_key = arg0 & FLAG_ICLASS_READER_CEDITKEY; + // test flags for what blocks to be sure to read + uint8_t flagReadConfig = arg0 & FLAG_ICLASS_READER_CONF; + uint8_t flagReadCC = arg0 & FLAG_ICLASS_READER_CC; + uint8_t flagReadAA = arg0 & FLAG_ICLASS_READER_AA; + + set_tracing(true); setupIclassReader(); uint16_t tryCnt=0; @@ -1721,21 +1728,22 @@ void ReaderIClass(uint8_t arg0) { // moving CC forward 8 bytes memcpy(card_data+16,card_data+8, 8); //Read block 1, config - if(arg0 & FLAG_ICLASS_READER_CONF) - { - if(sendCmdGetResponseWithRetries(readConf, sizeof(readConf),card_data+8, 10, 10)) + if(flagReadConfig) { + if(sendCmdGetResponseWithRetries(readConf, sizeof(readConf), resp, 10, 10)) { result_status |= FLAG_ICLASS_READER_CONF; + memcpy(card_data+8, resp, 8); } else { Dbprintf("Failed to dump config block"); } } //Read block 5, AA - if(arg0 & FLAG_ICLASS_READER_AA){ - if(sendCmdGetResponseWithRetries(readAA, sizeof(readAA),card_data+(8*4), 10, 10)) + if(flagReadAA) { + if(sendCmdGetResponseWithRetries(readAA, sizeof(readAA), resp, 10, 10)) { result_status |= FLAG_ICLASS_READER_AA; + memcpy(card_data+(8*5), resp, 8); } else { //Dbprintf("Failed to dump AA block"); } @@ -1747,16 +1755,15 @@ void ReaderIClass(uint8_t arg0) { // (3,4 write-only, kc and kd) // 5 Application issuer area // - //Then we can 'ship' back the 8 * 5 bytes of data, + //Then we can 'ship' back the 8 * 6 bytes of data, // with 0xFF:s in block 3 and 4. LED_B_ON(); //Send back to client, but don't bother if we already sent this if(memcmp(last_csn, card_data, 8) != 0) { - // If caller requires that we get CC, continue until we got it - if( (arg0 & read_status & FLAG_ICLASS_READER_CC) || !(arg0 & FLAG_ICLASS_READER_CC)) - { + // If caller requires that we get Conf, CC, AA, continue until we got it + if( (result_status ^ FLAG_ICLASS_READER_CSN ^ flagReadConfig ^ flagReadCC ^ flagReadAA) == 0) { cmd_send(CMD_ACK,result_status,0,0,card_data,sizeof(card_data)); if(abort_after_read) { LED_A_OFF(); diff --git a/client/cmdhficlass.c b/client/cmdhficlass.c index 55dd555a..05ca39e4 100644 --- a/client/cmdhficlass.c +++ b/client/cmdhficlass.c @@ -180,10 +180,10 @@ int CmdHFiClassSim(const char *Cmd) { int HFiClassReader(const char *Cmd, bool loop, bool verbose) { bool tagFound = false; - UsbCommand c = {CMD_READER_ICLASS, {FLAG_ICLASS_READER_CSN| - FLAG_ICLASS_READER_CONF|FLAG_ICLASS_READER_AA}}; + UsbCommand c = {CMD_READER_ICLASS, {FLAG_ICLASS_READER_CSN | + FLAG_ICLASS_READER_CC | FLAG_ICLASS_READER_CONF | FLAG_ICLASS_READER_AA | + FLAG_ICLASS_READER_ONLY_ONCE | FLAG_ICLASS_READER_ONE_TRY } }; // loop in client not device - else on windows have a communication error - c.arg[0] |= FLAG_ICLASS_READER_ONLY_ONCE | FLAG_ICLASS_READER_ONE_TRY; UsbCommand resp; while(!ukbhit()){ SendCommand(&c); @@ -191,27 +191,24 @@ int HFiClassReader(const char *Cmd, bool loop, bool verbose) { uint8_t readStatus = resp.arg[0] & 0xff; uint8_t *data = resp.d.asBytes; - if (verbose) - PrintAndLog("Readstatus:%02x", readStatus); - if( readStatus == 0){ - //Aborted - if (verbose) PrintAndLog("Quitting..."); - return 0; - } - if( readStatus & FLAG_ICLASS_READER_CSN){ + // no tag found + if( readStatus == 0) continue; + + if( readStatus & FLAG_ICLASS_READER_CSN) { PrintAndLog(" CSN: %s",sprint_hex(data,8)); tagFound = true; } - if( readStatus & FLAG_ICLASS_READER_CC) PrintAndLog(" CC: %s",sprint_hex(data+16,8)); - if( readStatus & FLAG_ICLASS_READER_CONF){ + if( readStatus & FLAG_ICLASS_READER_CC) { + PrintAndLog(" CC: %s",sprint_hex(data+16,8)); + } + if( readStatus & FLAG_ICLASS_READER_CONF) { printIclassDumpInfo(data); } - //TODO add iclass read block 05 and test iclass type.. if (readStatus & FLAG_ICLASS_READER_AA) { bool legacy = true; - PrintAndLog(" AppIA: %s",sprint_hex(data+8*4,8)); + PrintAndLog(" AppIA: %s",sprint_hex(data+8*5,8)); for (int i = 0; i<8; i++) { - if (data[8*4+i] != 0xFF) { + if (data[8*5+i] != 0xFF) { legacy = false; } }