From 225ccb910e9de6c38b6d1c81d4fc025d05c13570 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Wed, 7 Jan 2015 17:42:57 +0100 Subject: [PATCH] ADD: new defines: iso14443_CMD_AUTH_KEYA, iso14443_CMD_AUTH_KEYB, iso14443_CMD_AUTH_RESPONSE, iso14443_CMD_AUTH_STEP1, iso14443_CMD_AUTH_STEP2, CHINESE_BACKDOOR_INIT, CHINESE_BACKDOOR_STEP2, REM: removed old comments in bootrom.c CHG: mifare ultralight & desfire commands inside arm has been cleaned up. Next step is to refactor it into armsrc/mifaredesfire.c --- armsrc/apps.h | 2 +- armsrc/mifarecmd.c | 140 ++++++++++++++++----------------- armsrc/mifaredesfire.c | 52 ++++++------ armsrc/mifareutil.c | 174 +++++++++++++++++++++-------------------- bootrom/bootrom.c | 21 +---- client/Makefile | 2 +- client/cmdhf.c | 37 ++++++--- client/cmdhfmf.c | 2 +- client/cmdhfmfu.c | 96 +++++++++++++---------- client/flasher.c | 3 - 10 files changed, 267 insertions(+), 262 deletions(-) diff --git a/armsrc/apps.h b/armsrc/apps.h index 81124a1a..30010f1b 100644 --- a/armsrc/apps.h +++ b/armsrc/apps.h @@ -227,7 +227,7 @@ void ReaderMifareDES(uint32_t param, uint32_t param2, uint8_t * datain); int DesfireAPDU(uint8_t *cmd, size_t cmd_len, uint8_t *dataout); size_t CreateAPDU( uint8_t *datain, size_t len, uint8_t *dataout); void OnSuccess(); -void OnError(); +void OnError(uint8_t reason); diff --git a/armsrc/mifarecmd.c b/armsrc/mifarecmd.c index d2497977..27c0ce13 100644 --- a/armsrc/mifarecmd.c +++ b/armsrc/mifarecmd.c @@ -148,48 +148,40 @@ void MifareUC_Auth2(uint32_t arg0, uint8_t *datain){ void MifareUReadBlock(uint8_t arg0,uint8_t *datain) { - // params uint8_t blockNo = arg0; - - // variables - byte_t isOK = 0; - byte_t dataoutbuf[16] = {0x00}; + byte_t dataout[16] = {0x00}; uint8_t uid[10] = {0x00}; uint32_t cuid; - // clear trace - iso14a_clear_trace(); - iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); - LED_A_ON(); LED_B_OFF(); LED_C_OFF(); + + iso14a_clear_trace(); + iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); - while (true) { - if(!iso14443a_select_card(uid, NULL, &cuid)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); - break; - }; - - if(mifare_ultra_readblock(cuid, blockNo, dataoutbuf)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Read block error"); - break; - }; - - if(mifare_ultra_halt(cuid)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); - break; - }; - - isOK = 1; - break; - } + int len = iso14443a_select_card(uid, NULL, &cuid); + if(!len) { + if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card"); + OnError(1); + return; + }; - if (MF_DBGLEVEL >= 2) DbpString("READ BLOCK FINISHED"); - - LED_B_ON(); - cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,16); - LED_B_OFF(); + len = mifare_ultra_readblock(cuid, blockNo, dataout); + if(len) { + if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Read block error"); + OnError(2); + return; + }; + + len = mifare_ultra_halt(cuid); + if(len) { + if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Halt error"); + OnError(3); + return; + }; + + cmd_send(CMD_ACK,1,0,0,dataout,16); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); LEDsoff(); } @@ -268,58 +260,62 @@ void MifareUReadCard(uint8_t arg0, int arg1, uint8_t *datain) uint8_t sectorNo = arg0; int Pages = arg1; int count_Pages = 0; - byte_t dataoutbuf[176] = {0x00};; + byte_t dataout[176] = {0x00};; uint8_t uid[10] = {0x00}; uint32_t cuid; - - iso14a_clear_trace(); - iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); - + LED_A_ON(); LED_B_OFF(); LED_C_OFF(); - + if (MF_DBGLEVEL >= MF_DBG_ALL) Dbprintf("Pages %d",Pages); - if (!iso14443a_select_card(uid, NULL, &cuid)) { + iso14a_clear_trace(); + iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); + + int len = iso14443a_select_card(uid, NULL, &cuid); + + if (!len) { if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card"); - OnError(); + OnError(1); return; } for (int i = 0; i < Pages; i++){ - if (mifare_ultra_readblock(cuid, sectorNo * 4 + i, dataoutbuf + 4 * i)) { + + len = mifare_ultra_readblock(cuid, sectorNo * 4 + i, dataout + 4 * i); + + if (len) { if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Read block %d error",i); - OnError(); + OnError(2); return; } else { count_Pages++; } } - if (mifare_ultra_halt(cuid)) { + len = mifare_ultra_halt(cuid); + if (len) { if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Halt error"); - OnError(); + OnError(3); return; } if (MF_DBGLEVEL >= MF_DBG_ALL) { - Dbprintf("Pages read %d",count_Pages); - DbpString("Read card finished"); + Dbprintf("Pages read %d", count_Pages); } - int len = 16*4; //64 bytes + len = 16*4; //64 bytes // Read a UL-C if (Pages == 44 && count_Pages > 16) len = 176; - cmd_send(CMD_ACK, 1, 0, 0, dataoutbuf, len); - + cmd_send(CMD_ACK, 1, 0, 0, dataout, len); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); LEDsoff(); } @@ -1132,13 +1128,12 @@ void MifareCIdent(){ cmd_send(CMD_ACK,isOK,0,0,0,0); } - // +// // DESFIRE // void Mifare_DES_Auth1(uint8_t arg0, uint8_t *datain){ - // variables - byte_t isOK = 0; + byte_t dataout[11] = {0x00}; uint8_t uid[10] = {0x00}; uint32_t cuid; @@ -1146,19 +1141,24 @@ void Mifare_DES_Auth1(uint8_t arg0, uint8_t *datain){ iso14a_clear_trace(); iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); - if(!iso14443a_select_card(uid, NULL, &cuid)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card, something went wrong before auth"); + int len = iso14443a_select_card(uid, NULL, &cuid); + if(!len) { + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("Can't select card"); + OnError(1); + return; }; if(mifare_desfire_des_auth1(cuid, dataout)){ - if (MF_DBGLEVEL >= 1) - Dbprintf("Authentication part1: Fail."); + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("Authentication part1: Fail."); + OnError(4); + return; } - isOK = 1; - if (MF_DBGLEVEL >= 2) DbpString("AUTH 1 FINISHED"); + if (MF_DBGLEVEL >= MF_DBG_EXTENDED) DbpString("AUTH 1 FINISHED"); - cmd_send(CMD_ACK,isOK,cuid,0,dataout, sizeof(dataout)); + cmd_send(CMD_ACK,1,cuid,0,dataout, sizeof(dataout)); } void Mifare_DES_Auth2(uint32_t arg0, uint8_t *datain){ @@ -1169,24 +1169,20 @@ void Mifare_DES_Auth2(uint32_t arg0, uint8_t *datain){ byte_t dataout[12] = {0x00}; memcpy(key, datain, 16); - - LED_A_ON(); - LED_B_OFF(); - LED_C_OFF(); isOK = mifare_desfire_des_auth2(cuid, key, dataout); - if(isOK){ - if (MF_DBGLEVEL >= 2) - DbpString("AUTH 2 FINISHED"); - cmd_send(CMD_ACK,isOK,0,0,dataout,sizeof(dataout)); - } - else { - if (MF_DBGLEVEL >= 2) + if( isOK) { + if (MF_DBGLEVEL >= MF_DBG_EXTENDED) Dbprintf("Authentication part2: Failed"); - OnError(); + OnError(4); + return; } + if (MF_DBGLEVEL >= MF_DBG_EXTENDED) + DbpString("AUTH 2 FINISHED"); + + cmd_send(CMD_ACK, isOK, 0, 0, dataout, sizeof(dataout)); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); LEDsoff(); } \ No newline at end of file diff --git a/armsrc/mifaredesfire.c b/armsrc/mifaredesfire.c index e064c33a..57376151 100644 --- a/armsrc/mifaredesfire.c +++ b/armsrc/mifaredesfire.c @@ -29,8 +29,9 @@ bool InitDesfireCard(){ int len = iso14443a_select_card(NULL,card,NULL); if (!len) { - if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); - OnError(); + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("Can't select card"); + OnError(1); return false; } return true; @@ -78,7 +79,7 @@ void MifareSendCommand(uint8_t arg0, uint8_t arg1, uint8_t *datain){ } if ( !len ) { - OnError(); + OnError(2); return; } @@ -116,10 +117,10 @@ void MifareDesfireGetInformation(){ iso14a_card_select_t *card = (iso14a_card_select_t*)cardbuf; byte_t isOK = iso14443a_select_card(NULL, card, NULL); if ( isOK == 0) { - if (MF_DBGLEVEL >= 1) { + if (MF_DBGLEVEL >= MF_DBG_ERROR) { Dbprintf("Can't select card"); } - OnError(); + OnError(1); return; } @@ -135,7 +136,7 @@ void MifareDesfireGetInformation(){ len = DesfireAPDU(cmd, cmd_len, resp); if ( !len ) { print_result("ERROR <--: ", resp, len); - OnError(); + OnError(2); return; } @@ -148,7 +149,7 @@ void MifareDesfireGetInformation(){ len = DesfireAPDU(cmd, cmd_len, resp); if ( !len ) { print_result("ERROR <--: ", resp, len); - OnError(); + OnError(2); return; } @@ -160,7 +161,7 @@ void MifareDesfireGetInformation(){ len = DesfireAPDU(cmd, cmd_len, resp); if ( !len ) { print_result("ERROR <--: ", resp, len); - OnError(); + OnError(2); return; } @@ -196,10 +197,6 @@ void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain uint8_t encBoth[32] = {0x00}; InitDesfireCard(); - - LED_A_ON(); - LED_B_OFF(); - LED_C_OFF(); // 3 olika sätt att authenticera. AUTH (CRC16) , AUTH_ISO (CRC32) , AUTH_AES (CRC32) // 4 olika crypto algo DES, 3DES, 3K3DES, AES @@ -228,17 +225,17 @@ void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain cmd[1] = keyno; //keynumber len = DesfireAPDU(cmd, 2, resp); if ( !len ) { - if (MF_DBGLEVEL >= 1) { + if (MF_DBGLEVEL >= MF_DBG_ERROR) { DbpString("Authentication failed. Card timeout."); } - OnError(); + OnError(3); return; } if ( resp[2] == 0xaf ){ } else { DbpString("Authetication failed. Invalid key number."); - OnError(); + OnError(3); return; } @@ -270,10 +267,10 @@ void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain len = DesfireAPDU(cmd, 17, resp); if ( !len ) { - if (MF_DBGLEVEL >= 1) { + if (MF_DBGLEVEL >= MF_DBG_ERROR) { DbpString("Authentication failed. Card timeout."); } - OnError(); + OnError(3); return; } @@ -290,7 +287,7 @@ void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain for (int x = 0; x < 8; x++) { if (decRndA[x] != encRndA[x]) { DbpString("Authetication failed. Cannot varify PICC."); - OnError(); + OnError(4); return; } } @@ -343,7 +340,7 @@ void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain } else { DbpString("Authetication failed."); - OnError(); + OnError(6); return; } @@ -372,7 +369,7 @@ void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain if( MF_DBGLEVEL >= 4) { Dbprintf("AES context failed to init"); } - OnError(); + OnError(7); return; } @@ -380,10 +377,10 @@ void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain cmd[1] = 0x00; //keynumber len = DesfireAPDU(cmd, 2, resp); if ( !len ) { - if (MF_DBGLEVEL >= 1) { + if (MF_DBGLEVEL >= MF_DBG_ERROR) { DbpString("Authentication failed. Card timeout."); } - OnError(); + OnError(3); return; } @@ -401,10 +398,10 @@ void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain len = DesfireAPDU(cmd, 33, resp); // 1 + 32 == 33 if ( !len ) { - if (MF_DBGLEVEL >= 1) { + if (MF_DBGLEVEL >= MF_DBG_ERROR) { DbpString("Authentication failed. Card timeout."); } - OnError(); + OnError(3); return; } @@ -416,10 +413,9 @@ void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain print_result("SESSION : ", skey->data, 16); } else { DbpString("Authetication failed."); - OnError(); + OnError(7); return; } - break; } } @@ -502,10 +498,10 @@ void OnSuccess(){ LEDsoff(); } -void OnError(){ +void OnError(uint8_t reason){ pcb_blocknum = 0; ReaderTransmit(deselect_cmd, 3 , NULL); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); - cmd_send(CMD_ACK,0,0,0,0,0); + cmd_send(CMD_ACK,0,reason,0,0,0); LEDsoff(); } diff --git a/armsrc/mifareutil.c b/armsrc/mifareutil.c index d51da21c..e91a87c1 100644 --- a/armsrc/mifareutil.c +++ b/armsrc/mifareutil.c @@ -84,7 +84,7 @@ int mifare_sendcmd_short(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, int mifare_sendcmd_short_special(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t* data, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing) { uint8_t dcmd[8]; - dcmd[0] = cmd; + dcmd[0] = cmd; dcmd[1] = data[0]; dcmd[2] = data[1]; dcmd[3] = data[2]; @@ -111,11 +111,11 @@ int mifare_sendcmd_short_mfucauth(struct Crypto1State *pcs, uint8_t crypted, uin ReaderTransmit(dcmd, sizeof(dcmd), timing); len = ReaderReceive(answer, answer_parity); if(!len) { - if (MF_DBGLEVEL >= 1) Dbprintf("Authentication failed. Card timeout."); + if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Authentication failed. Card timeout."); len = ReaderReceive(answer,answer_parity); } if(len==1) { - if (MF_DBGLEVEL >= 1) Dbprintf("NAK - Authentication failed."); + if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("NAK - Authentication failed."); return 1; } return len; @@ -169,7 +169,7 @@ int mifare_sendcmd_shortex(struct Crypto1State *pcs, uint8_t crypted, uint8_t cm return len; } -// mifare commands +// mifare classic commands int mifare_classic_auth(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo, uint8_t keyType, uint64_t ui64Key, uint8_t isNested) { return mifare_classic_authex(pcs, uid, blockNo, keyType, ui64Key, isNested, NULL, NULL); @@ -298,81 +298,83 @@ int mifare_classic_readblock(struct Crypto1State *pcs, uint32_t uid, uint8_t blo return 0; } +// mifare ultralight commands int mifare_ultra_auth1(uint32_t uid, uint8_t *blockData){ - // variables + uint16_t len; + uint8_t *receivedAnswer = get_bigbufptr_recvrespbuf(); + uint8_t *receivedAnswerPar = receivedAnswer + MAX_FRAME_SIZE; - uint8_t* receivedAnswer = get_bigbufptr_recvrespbuf(); - uint8_t* receivedAnswerPar = receivedAnswer + MAX_FRAME_SIZE; - - // command MIFARE_CLASSIC_READBLOCK len = mifare_sendcmd_short(NULL, 1, 0x1A, 0x00, receivedAnswer,receivedAnswerPar ,NULL); if (len == 1) { - if (MF_DBGLEVEL >= 1) Dbprintf("Cmd Error: %02x", receivedAnswer[0]); + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("Cmd Error: %02x", receivedAnswer[0]); return 1; } - if (len == 11) { - if (MF_DBGLEVEL >= 1) Dbprintf("Auth1 Resp: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", - receivedAnswer[0],receivedAnswer[1],receivedAnswer[2],receivedAnswer[3],receivedAnswer[4], - receivedAnswer[5],receivedAnswer[6],receivedAnswer[7],receivedAnswer[8],receivedAnswer[9], - receivedAnswer[10]); - memcpy(blockData, receivedAnswer, 11); - return 0; - } - //else something went wrong??? - return 1; + if (len != 11) + return 1; + + if (MF_DBGLEVEL >= MF_DBG_EXTENDED) { + Dbprintf("Auth1 Resp: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", + receivedAnswer[0],receivedAnswer[1],receivedAnswer[2],receivedAnswer[3],receivedAnswer[4], + receivedAnswer[5],receivedAnswer[6],receivedAnswer[7],receivedAnswer[8],receivedAnswer[9], + receivedAnswer[10]); + } + memcpy(blockData, receivedAnswer, 11); + return 0; } int mifare_ultra_auth2(uint32_t uid, uint8_t *key, uint8_t *blockData){ - // variables + uint16_t len; + uint8_t *receivedAnswer = get_bigbufptr_recvrespbuf(); + uint8_t *receivedAnswerPar = receivedAnswer + MAX_FRAME_SIZE; - uint8_t* receivedAnswer = get_bigbufptr_recvrespbuf(); - uint8_t* receivedAnswerPar = receivedAnswer + MAX_FRAME_SIZE; - - // command MIFARE_CLASSIC_READBLOCK len = mifare_sendcmd_short_mfucauth(NULL, 1, 0xAF, key, receivedAnswer, receivedAnswerPar, NULL); if (len == 1) { - if (MF_DBGLEVEL >= 1) Dbprintf("Cmd Error: %02x", receivedAnswer[0]); + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("Cmd Error: %02x", receivedAnswer[0]); return 1; } - if (len == 11){ - if (MF_DBGLEVEL >= 1) Dbprintf("Auth2 Resp: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", - receivedAnswer[0],receivedAnswer[1],receivedAnswer[2],receivedAnswer[3],receivedAnswer[4], - receivedAnswer[5],receivedAnswer[6],receivedAnswer[7],receivedAnswer[8],receivedAnswer[9], - receivedAnswer[10]); - memcpy(blockData, receivedAnswer, 11); - return 0; + if (len != 11) + return 1; + + if (MF_DBGLEVEL >= MF_DBG_EXTENDED) { + Dbprintf("Auth2 Resp: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", + receivedAnswer[0],receivedAnswer[1],receivedAnswer[2],receivedAnswer[3],receivedAnswer[4], + receivedAnswer[5],receivedAnswer[6],receivedAnswer[7],receivedAnswer[8],receivedAnswer[9], + receivedAnswer[10]); } - //something went wrong? - return 1; + memcpy(blockData, receivedAnswer, 11); + return 0; } int mifare_ultra_readblock(uint32_t uid, uint8_t blockNo, uint8_t *blockData) { - // variables uint16_t len; uint8_t bt[2]; - - uint8_t* receivedAnswer = get_bigbufptr_recvrespbuf(); - uint8_t* receivedAnswerPar = receivedAnswer + MAX_FRAME_SIZE; + uint8_t *receivedAnswer = get_bigbufptr_recvrespbuf(); + uint8_t *receivedAnswerPar = receivedAnswer + MAX_FRAME_SIZE; // command MIFARE_CLASSIC_READBLOCK len = mifare_sendcmd_short(NULL, 1, 0x30, blockNo, receivedAnswer, receivedAnswerPar, NULL); if (len == 1) { - if (MF_DBGLEVEL >= 1) Dbprintf("Cmd Error: %02x", receivedAnswer[0]); + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("Cmd Error: %02x", receivedAnswer[0]); return 1; } if (len != 18) { - if (MF_DBGLEVEL >= 1) Dbprintf("Cmd Error: card timeout. len: %x", len); + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("Cmd Error: card timeout. len: %x", len); return 2; } memcpy(bt, receivedAnswer + 16, 2); AppendCrc14443a(receivedAnswer, 16); if (bt[0] != receivedAnswer[16] || bt[1] != receivedAnswer[17]) { - if (MF_DBGLEVEL >= 1) Dbprintf("Cmd CRC response error."); + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("Cmd CRC response error."); return 3; } @@ -430,56 +432,53 @@ int mifare_classic_writeblock(struct Crypto1State *pcs, uint32_t uid, uint8_t bl int mifare_ultra_writeblock(uint32_t uid, uint8_t blockNo, uint8_t *blockData) { - // variables uint16_t len; uint8_t par[3] = {0}; // enough for 18 parity bits - uint8_t d_block[18]; - uint8_t* receivedAnswer = get_bigbufptr_recvrespbuf(); - uint8_t* receivedAnswerPar = receivedAnswer + MAX_FRAME_SIZE; + uint8_t d_block[18] = {0x00}; + uint8_t *receivedAnswer = get_bigbufptr_recvrespbuf(); + uint8_t *receivedAnswerPar = receivedAnswer + MAX_FRAME_SIZE; // command MIFARE_CLASSIC_WRITEBLOCK len = mifare_sendcmd_short(NULL, true, 0xA0, blockNo, receivedAnswer, receivedAnswerPar, NULL); if ((len != 1) || (receivedAnswer[0] != 0x0A)) { // 0x0a - ACK - if (MF_DBGLEVEL >= 1) Dbprintf("Cmd Addr Error: %02x", receivedAnswer[0]); - return 1; + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("Cmd Addr Error: %02x", receivedAnswer[0]); + return 1; } - memset(d_block,'\0',18); memcpy(d_block, blockData, 16); AppendCrc14443a(d_block, 16); ReaderTransmitPar(d_block, sizeof(d_block), par, NULL); - // Receive the response len = ReaderReceive(receivedAnswer, receivedAnswerPar); if ((len != 1) || (receivedAnswer[0] != 0x0A)) { // 0x0a - ACK - if (MF_DBGLEVEL >= 1) Dbprintf("Cmd Data Error: %02x %d", receivedAnswer[0],len); + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("Cmd Data Error: %02x %d", receivedAnswer[0],len); return 2; } - return 0; } int mifare_ultra_special_writeblock(uint32_t uid, uint8_t blockNo, uint8_t *blockData) { uint16_t len; - uint8_t d_block[8]; - uint8_t* receivedAnswer = get_bigbufptr_recvrespbuf(); + uint8_t d_block[8] = {0x00}; + uint8_t *receivedAnswer = get_bigbufptr_recvrespbuf(); uint8_t *receivedAnswerPar = receivedAnswer + MAX_FRAME_SIZE; // command MIFARE_CLASSIC_WRITEBLOCK - memset(d_block,'\0',8); d_block[0]= blockNo; memcpy(d_block+1,blockData,4); AppendCrc14443a(d_block, 6); - //i know the data send here is correct len = mifare_sendcmd_short_special(NULL, 1, 0xA2, d_block, receivedAnswer, receivedAnswerPar, NULL); if (receivedAnswer[0] != 0x0A) { // 0x0a - ACK - if (MF_DBGLEVEL >= 1) Dbprintf("Cmd Send Error: %02x %d", receivedAnswer[0],len); + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("Cmd Send Error: %02x %d", receivedAnswer[0],len); return 1; } return 0; @@ -493,7 +492,8 @@ int mifare_classic_halt(struct Crypto1State *pcs, uint32_t uid) len = mifare_sendcmd_short(pcs, pcs == NULL ? false:true, 0x50, 0x00, receivedAnswer, receivedAnswerPar, NULL); if (len != 0) { - if (MF_DBGLEVEL >= 1) Dbprintf("halt error. response len: %x", len); + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("halt error. response len: %x", len); return 1; } @@ -503,15 +503,15 @@ int mifare_classic_halt(struct Crypto1State *pcs, uint32_t uid) int mifare_ultra_halt(uint32_t uid) { uint16_t len; - uint8_t* receivedAnswer = get_bigbufptr_recvrespbuf(); + uint8_t *receivedAnswer = get_bigbufptr_recvrespbuf(); uint8_t *receivedAnswerPar = receivedAnswer + MAX_FRAME_SIZE; len = mifare_sendcmd_short(NULL, true, 0x50, 0x00, receivedAnswer, receivedAnswerPar, NULL); if (len != 0) { - if (MF_DBGLEVEL >= 1) Dbprintf("halt error. response len: %x", len); + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("halt error. response len: %x", len); return 1; - } - + } return 0; } @@ -624,9 +624,8 @@ void emlClearMem(void) { return; } -// -//DESFIRE -// + +// Mifare desfire commands int mifare_sendcmd_special(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t* data, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing) { uint8_t dcmd[5] = {0x00}; @@ -637,8 +636,9 @@ int mifare_sendcmd_special(struct Crypto1State *pcs, uint8_t crypted, uint8_t cm ReaderTransmit(dcmd, sizeof(dcmd), NULL); int len = ReaderReceive(answer, answer_parity); if(!len) { - if (MF_DBGLEVEL >= 1) Dbprintf("Authentication failed. Card timeout."); - return 1; + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("Authentication failed. Card timeout."); + return 1; } return len; } @@ -653,40 +653,43 @@ int mifare_sendcmd_special2(struct Crypto1State *pcs, uint8_t crypted, uint8_t c ReaderTransmit(dcmd, sizeof(dcmd), NULL); int len = ReaderReceive(answer, answer_parity); if(!len){ - if (MF_DBGLEVEL >= 1) Dbprintf("Authentication failed. Card timeout."); - return 1; + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("Authentication failed. Card timeout."); + return 1; } return len; } int mifare_desfire_des_auth1(uint32_t uid, uint8_t *blockData){ - // variables + int len; // load key, keynumber uint8_t data[2]={0x0a, 0x00}; uint8_t* receivedAnswer = get_bigbufptr_recvrespbuf(); uint8_t *receivedAnswerPar = receivedAnswer + MAX_FRAME_SIZE; - // command MIFARE_CLASSIC_READBLOCK len = mifare_sendcmd_special(NULL, 1, 0x02, data, receivedAnswer,receivedAnswerPar,NULL); if (len == 1) { - if (MF_DBGLEVEL >= 1) Dbprintf("Cmd Error: %02x", receivedAnswer[0]); + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("Cmd Error: %02x", receivedAnswer[0]); return 1; } if (len == 12) { - if (MF_DBGLEVEL >= 1) Dbprintf("Auth1 Resp: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", - receivedAnswer[0],receivedAnswer[1],receivedAnswer[2],receivedAnswer[3],receivedAnswer[4], - receivedAnswer[5],receivedAnswer[6],receivedAnswer[7],receivedAnswer[8],receivedAnswer[9], - receivedAnswer[10],receivedAnswer[11]); - memcpy(blockData, receivedAnswer, 12); + if (MF_DBGLEVEL >= MF_DBG_EXTENDED) { + Dbprintf("Auth1 Resp: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", + receivedAnswer[0],receivedAnswer[1],receivedAnswer[2],receivedAnswer[3],receivedAnswer[4], + receivedAnswer[5],receivedAnswer[6],receivedAnswer[7],receivedAnswer[8],receivedAnswer[9], + receivedAnswer[10],receivedAnswer[11]); + } + memcpy(blockData, receivedAnswer, 12); return 0; } return 1; } int mifare_desfire_des_auth2(uint32_t uid, uint8_t *key, uint8_t *blockData){ - // variables + int len; uint8_t data[17] = {0x00}; data[0] = 0xAF; @@ -695,18 +698,21 @@ int mifare_desfire_des_auth2(uint32_t uid, uint8_t *key, uint8_t *blockData){ uint8_t* receivedAnswer = get_bigbufptr_recvrespbuf(); uint8_t *receivedAnswerPar = receivedAnswer + MAX_FRAME_SIZE; - // command MIFARE_CLASSIC_READBLOCK len = mifare_sendcmd_special2(NULL, 1, 0x03, data, receivedAnswer, receivedAnswerPar ,NULL); if ((receivedAnswer[0] == 0x03) && (receivedAnswer[1] == 0xae)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Auth Error: %02x %02x", receivedAnswer[0], receivedAnswer[1]); + if (MF_DBGLEVEL >= MF_DBG_ERROR) + Dbprintf("Auth Error: %02x %02x", receivedAnswer[0], receivedAnswer[1]); return 1; } + if (len == 12){ - if (MF_DBGLEVEL >= 1) Dbprintf("Auth2 Resp: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", - receivedAnswer[0],receivedAnswer[1],receivedAnswer[2],receivedAnswer[3],receivedAnswer[4], - receivedAnswer[5],receivedAnswer[6],receivedAnswer[7],receivedAnswer[8],receivedAnswer[9], - receivedAnswer[10],receivedAnswer[11]); + if (MF_DBGLEVEL >= MF_DBG_EXTENDED) { + Dbprintf("Auth2 Resp: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", + receivedAnswer[0],receivedAnswer[1],receivedAnswer[2],receivedAnswer[3],receivedAnswer[4], + receivedAnswer[5],receivedAnswer[6],receivedAnswer[7],receivedAnswer[8],receivedAnswer[9], + receivedAnswer[10],receivedAnswer[11]); + } memcpy(blockData, receivedAnswer, 12); return 0; } diff --git a/bootrom/bootrom.c b/bootrom/bootrom.c index 0c4831c8..7f4aa178 100644 --- a/bootrom/bootrom.c +++ b/bootrom/bootrom.c @@ -103,13 +103,11 @@ void UsbPacketReceived(uint8_t *packet, int len) { switch(c->cmd) { case CMD_DEVICE_INFO: { dont_ack = 1; -// c->cmd = CMD_DEVICE_INFO; arg0 = DEVICE_INFO_FLAG_BOOTROM_PRESENT | DEVICE_INFO_FLAG_CURRENT_MODE_BOOTROM | DEVICE_INFO_FLAG_UNDERSTANDS_START_FLASH; if(common_area.flags.osimage_present) { arg0 |= DEVICE_INFO_FLAG_OSIMAGE_PRESENT; } -// UsbSendPacket(packet, len); cmd_send(CMD_DEVICE_INFO,arg0,1,2,0,0); } break; @@ -125,10 +123,8 @@ void UsbPacketReceived(uint8_t *packet, int len) { case CMD_FINISH_WRITE: { uint32_t* flash_mem = (uint32_t*)(&_flash_start); -// p = (volatile uint32_t *)&_flash_start; for (size_t j=0; j<2; j++) { for(i = 0+(64*j); i < 64+(64*j); i++) { - //p[i+60] = c->d.asDwords[i]; flash_mem[i] = c->d.asDwords[i]; } @@ -138,8 +134,6 @@ void UsbPacketReceived(uint8_t *packet, int len) { if( ((flash_address+AT91C_IFLASH_PAGE_SIZE-1) >= end_addr) || (flash_address < start_addr) ) { /* Disallow write */ dont_ack = 1; - // c->cmd = CMD_NACK; - // UsbSendPacket(packet, len); cmd_send(CMD_NACK,0,0,0,0,0); } else { uint32_t page_n = (flash_address - ((uint32_t)flash_mem)) / AT91C_IFLASH_PAGE_SIZE; @@ -147,7 +141,6 @@ void UsbPacketReceived(uint8_t *packet, int len) { AT91C_BASE_EFC0->EFC_FCR = MC_FLASH_COMMAND_KEY | MC_FLASH_COMMAND_PAGEN(page_n) | AT91C_MC_FCMD_START_PROG; - // arg0 = (address - ((uint32_t)flash_s)); } // Wait until flashing of page finishes @@ -155,15 +148,12 @@ void UsbPacketReceived(uint8_t *packet, int len) { while(!((sr = AT91C_BASE_EFC0->EFC_FSR) & AT91C_MC_FRDY)); if(sr & (AT91C_MC_LOCKE | AT91C_MC_PROGE)) { dont_ack = 1; - // c->cmd = CMD_NACK; cmd_send(CMD_NACK,0,0,0,0,0); - // UsbSendPacket(packet, len); } } } break; case CMD_HARDWARE_RESET: { -// USB_D_PLUS_PULLUP_OFF(); usb_disable(); AT91C_BASE_RSTC->RSTC_RCR = RST_CONTROL_KEY | AT91C_RSTC_PROCRST; } break; @@ -189,8 +179,6 @@ void UsbPacketReceived(uint8_t *packet, int len) { } else { start_addr = end_addr = 0; dont_ack = 1; -// c->cmd = CMD_NACK; -// UsbSendPacket(packet, len); cmd_send(CMD_NACK,0,0,0,0,0); } } @@ -202,8 +190,6 @@ void UsbPacketReceived(uint8_t *packet, int len) { } if(!dont_ack) { -// c->cmd = CMD_ACK; -// UsbSendPacket(packet, len); cmd_send(CMD_ACK,arg0,0,0,0,0); } } @@ -219,24 +205,19 @@ static void flash_mode(int externally_entered) usb_enable(); for (volatile size_t i=0; i<0x100000; i++); -// UsbStart(); for(;;) { WDT_HIT(); if (usb_poll()) { rx_len = usb_read(rx,sizeof(UsbCommand)); if (rx_len) { -// DbpString("starting to flash"); UsbPacketReceived(rx,rx_len); } } -// UsbPoll(TRUE); - if(!externally_entered && !BUTTON_PRESS()) { /* Perform a reset to leave flash mode */ -// USB_D_PLUS_PULLUP_OFF(); - usb_disable(); + usb_disable(); LED_B_ON(); AT91C_BASE_RSTC->RSTC_RCR = RST_CONTROL_KEY | AT91C_RSTC_PROCRST; for(;;); diff --git a/client/Makefile b/client/Makefile index ecbbc16c..24b97670 100644 --- a/client/Makefile +++ b/client/Makefile @@ -15,7 +15,7 @@ OBJDIR = obj LDLIBS = -L/mingw/lib -L/opt/local/lib -L/usr/local/lib ../liblua/liblua.a -lm -lreadline -lpthread -lcrypto -lgdi32 LDFLAGS = $(COMMON_FLAGS) -CFLAGS = -std=c99 -I. -I../include -I../common -I/mingw/include -I/opt/local/include -I../liblua -Wall $(COMMON_FLAGS) -g -O4 +CFLAGS = -std=c99 -lcrypto -I. -I../include -I../common -I/mingw/include -I/opt/local/include -I../liblua -Wall $(COMMON_FLAGS) -g -O4 LUAPLATFORM = generic ifneq (,$(findstring MINGW,$(platform))) diff --git a/client/cmdhf.c b/client/cmdhf.c index 0ed3f013..a2d7511c 100644 --- a/client/cmdhf.c +++ b/client/cmdhf.c @@ -50,9 +50,11 @@ int CmdHFTune(const char *Cmd) #define iso14443_CMD_WUPA 0x52 #define iso14443_CMD_SELECT 0x93 #define iso14443_CMD_SELECT_2 0x95 +#define iso14443_CMD_SELECT_3 0x97 #define iso14443_CMD_REQ 0x26 #define iso14443_CMD_READBLOCK 0x30 #define iso14443_CMD_WRITEBLOCK 0xA0 +#define iso14443_CMD_WRITE 0xA2 #define iso14443_CMD_INC 0xC0 #define iso14443_CMD_DEC 0xC1 #define iso14443_CMD_RESTORE 0xC2 @@ -60,6 +62,15 @@ int CmdHFTune(const char *Cmd) #define iso14443_CMD_HALT 0x50 #define iso14443_CMD_RATS 0xE0 +#define iso14443_CMD_AUTH_KEYA 0x60 +#define iso14443_CMD_AUTH_KEYB 0x61 + +#define iso14443_CMD_AUTH_STEP1 0x1A +#define iso14443_CMD_AUTH_STEP2 0xAA +#define iso14443_CMD_AUTH_RESPONSE 0xAF + +#define CHINESE_BACKDOOR_INIT 0x40 +#define CHINESE_BACKDOOR_STEP2 0x43 void annotateIso14443a(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize) { @@ -79,12 +90,22 @@ void annotateIso14443a(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize) case iso14443_CMD_REQ: snprintf(exp,size,"REW"); break; case iso14443_CMD_READBLOCK: snprintf(exp,size,"READBLOCK(%d)",cmd[1]); break; case iso14443_CMD_WRITEBLOCK: snprintf(exp,size,"WRITEBLOCK(%d)",cmd[1]); break; + case iso14443_CMD_WRITE: snprintf(exp,size,"WRITE"); break; case iso14443_CMD_INC: snprintf(exp,size,"INC(%d)",cmd[1]); break; case iso14443_CMD_DEC: snprintf(exp,size,"DEC(%d)",cmd[1]); break; case iso14443_CMD_RESTORE: snprintf(exp,size,"RESTORE(%d)",cmd[1]); break; case iso14443_CMD_TRANSFER: snprintf(exp,size,"TRANSFER(%d)",cmd[1]); break; case iso14443_CMD_HALT: snprintf(exp,size,"HALT"); break; case iso14443_CMD_RATS: snprintf(exp,size,"RATS"); break; + + case iso14443_CMD_AUTH_KEYA: snprintf(exp,size,"AUTH KEY A"); break; + case iso14443_CMD_AUTH_KEYB: snprintf(exp,size,"AUTH KEY B"); break; + case iso14443_CMD_AUTH_STEP1: snprintf(exp,size,"AUTH REQ NONCE"); break; + case iso14443_CMD_AUTH_STEP2: snprintf(exp,size,"AUTH STEP 2"); break; + case iso14443_CMD_AUTH_RESPONSE: snprintf(exp,size,"AUTH RESPONSE"); break; + + case CHINESE_BACKDOOR_INIT: snprintf(exp,size,"BACKDOOR INIT");break; + case CHINESE_BACKDOOR_STEP2: snprintf(exp,size,"BACKDOOR STEP2");break; default: snprintf(exp,size,"?"); break; } return; @@ -92,7 +113,6 @@ void annotateIso14443a(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize) void annotateIclass(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize) { - if(cmdsize > 1 && cmd[0] == ICLASS_CMD_READ) { snprintf(exp,size,"READ(%d)",cmd[1]); @@ -115,7 +135,6 @@ void annotateIclass(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize) } - uint16_t printTraceLine(uint16_t tracepos, uint8_t* trace, bool iclass, bool showWaitCycles) { bool isResponse; @@ -181,8 +200,7 @@ uint16_t printTraceLine(uint16_t tracepos, uint8_t* trace, bool iclass, bool sho // Rough guess that this is a command from the reader // For iClass the command byte is not part of the CRC ComputeCrc14443(CRC_ICLASS, &frame[1], data_len-3, &b1, &b2); - } - else { + } else { // For other data.. CRC might not be applicable (UPDATE commands etc.) ComputeCrc14443(CRC_ICLASS, frame, data_len-2, &b1, &b2); } @@ -191,7 +209,7 @@ uint16_t printTraceLine(uint16_t tracepos, uint8_t* trace, bool iclass, bool sho crcError = true; } - }else{//Iso 14443a + } else {//Iso 14443a ComputeCrc14443(CRC_14443_A, frame, data_len-2, &b1, &b2); @@ -202,7 +220,6 @@ uint16_t printTraceLine(uint16_t tracepos, uint8_t* trace, bool iclass, bool sho } } } - } char *crc = crcError ? "!crc" :" "; @@ -210,8 +227,10 @@ uint16_t printTraceLine(uint16_t tracepos, uint8_t* trace, bool iclass, bool sho if(!isResponse) { - if(iclass) annotateIclass(explanation,sizeof(explanation),frame,data_len); - else annotateIso14443a(explanation,sizeof(explanation),frame,data_len); + if(iclass) + annotateIclass(explanation,sizeof(explanation),frame,data_len); + else + annotateIso14443a(explanation,sizeof(explanation),frame,data_len); } int num_lines = (data_len - 1)/16 + 1; @@ -227,7 +246,7 @@ uint16_t printTraceLine(uint16_t tracepos, uint8_t* trace, bool iclass, bool sho } else { PrintAndLog(" | | | %-64s| %s| %s", line[j], - (j == num_lines-1)?crc:" ", + (j == num_lines-1) ? crc : " ", (j == num_lines-1) ? explanation : ""); } } diff --git a/client/cmdhfmf.c b/client/cmdhfmf.c index 47b0a4ab..0229c947 100644 --- a/client/cmdhfmf.c +++ b/client/cmdhfmf.c @@ -1956,7 +1956,7 @@ int GetCardSize() if ( ((atqa & 0xffff) == 0x0008) && (sak == 0x38) ) return 4; - PrintAndLog("BEFOOO 1K %02X", (atqa & 0xff0f)); + //PrintAndLog("BEFOOO 1K %02X", (atqa & 0xff0f)); // MIFARE Plus (4 Byte UID or 4 Byte RID) // MIFARE Plus (7 Byte UID) diff --git a/client/cmdhfmfu.c b/client/cmdhfmfu.c index a0af6887..e236be33 100644 --- a/client/cmdhfmfu.c +++ b/client/cmdhfmfu.c @@ -88,12 +88,12 @@ int CmdHF14AMfUWrBl(const char *Cmd){ UsbCommand resp; if (strlen(Cmd)<3) { - PrintAndLog("Usage: hf mfu uwrbl [w]"); + PrintAndLog("Usage: hf mfu wrbl [w]"); PrintAndLog(" [block number] "); PrintAndLog(" [block data] - (8 hex symbols)"); PrintAndLog(" [w] - Chinese magic ultralight-c tag "); PrintAndLog(""); - PrintAndLog(" sample: hf mfu uwrbl 0 01020304"); + PrintAndLog(" sample: hf mfu wrbl 0 01020304"); return 0; } blockNo = param_get8(Cmd, 0); @@ -198,8 +198,8 @@ int CmdHF14AMfURdBl(const char *Cmd){ uint8_t blockNo = 0; if (strlen(Cmd)<1) { - PrintAndLog("Usage: hf mfu urdbl "); - PrintAndLog(" sample: hfu mfu urdbl 0"); + PrintAndLog("Usage: hf mfu rdbl "); + PrintAndLog(" sample: hfu mfu rdbl 0"); return 0; } @@ -436,60 +436,70 @@ int CmdHF14AMfucAuth(const char *Cmd){ DES_key_schedule ks1,ks2; DES_cblock key1,key2; + char cmdp = param_getchar(Cmd, 0); // memset(iv, 0, 8); - if (strlen(Cmd)<1) { + if (cmdp == 'h' || cmdp == 'H') { PrintAndLog("Usage: hf mfu auth k "); - PrintAndLog(" sample: hf mfu auth k 0"); + PrintAndLog(" 1 = all zeros key"); + PrintAndLog(" 2 = 0x00-0x0F key"); + PrintAndLog(" 3 = nfc key"); + PrintAndLog(" 4 = all ones key"); + PrintAndLog(" defaults to 3DES standard key"); + PrintAndLog(" sample : hf mfu auth k"); + PrintAndLog(" : hf mfu auth k 3"); return 0; } //Change key to user defined one - if (strchr(Cmd,'k') != 0){ - //choose a key - keyNo = param_get8(Cmd, 1); - switch(keyNo){ + if (cmdp == 'k' || cmdp == 'K'){ + + keyNo = param_get8(Cmd, 1); + + switch(keyNo){ case 0: memcpy(key,key1_blnk_data,16); break; case 1: memcpy(key,key2_defa_data,16); break; - case 2: + case 2: memcpy(key,key4_nfc_data,16); break; - case 3: + case 3: memcpy(key,key5_ones_data,16); break; default: memcpy(key,key3_3des_data,16); break; } - }else{ + } else { memcpy(key,key3_3des_data,16); } + memcpy(key1,key,8); memcpy(key2,key+8,8); DES_set_key((DES_cblock *)key1,&ks1); DES_set_key((DES_cblock *)key2,&ks2); - //Auth1 - UsbCommand c = {CMD_MIFAREUC_AUTH1, {blockNo}}; - SendCommand(&c); - UsbCommand resp; - if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) { - uint8_t isOK = resp.arg[0] & 0xff; - cuid = resp.arg[1]; - uint8_t * data= resp.d.asBytes; - - if (isOK){ - PrintAndLog("enc(RndB):%s", sprint_hex(data+1, 8)); - memcpy(e_RndB,data+1,8); + //Auth1 + UsbCommand c = {CMD_MIFAREUC_AUTH1, {blockNo}}; + SendCommand(&c); + UsbCommand resp; + if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) { + uint8_t isOK = resp.arg[0] & 0xff; + cuid = resp.arg[1]; + uint8_t * data= resp.d.asBytes; + + if (isOK){ + PrintAndLog("enc(RndB):%s", sprint_hex(data+1, 8)); + memcpy(e_RndB,data+1,8); + } + } else { + PrintAndLog("Command execute timeout"); + return 0; } - } else { - PrintAndLog("Command execute timeout"); - } //Do crypto magic DES_random_key(&RndA); @@ -508,18 +518,18 @@ int CmdHF14AMfucAuth(const char *Cmd){ memcpy(d.d.asBytes,RndARndB, 16); SendCommand(&d); - UsbCommand respb; - if (WaitForResponseTimeout(CMD_ACK,&respb,1500)) { - uint8_t isOK = respb.arg[0] & 0xff; - uint8_t * data2= respb.d.asBytes; + UsbCommand respb; + if (WaitForResponseTimeout(CMD_ACK,&respb,1500)) { + uint8_t isOK = respb.arg[0] & 0xff; + uint8_t * data2= respb.d.asBytes; - if (isOK){ - PrintAndLog("enc(RndA'):%s", sprint_hex(data2+1, 8)); - } - - } else { - PrintAndLog("Command execute timeout"); - } + if (isOK){ + PrintAndLog("enc(RndA'):%s", sprint_hex(data2+1, 8)); + } + } else { + PrintAndLog("Command execute timeout"); + return 0; + } return 1; } @@ -531,8 +541,8 @@ int CmdHF14AMfUCRdBl(const char *Cmd) uint8_t blockNo = 0; if (strlen(Cmd)<1) { - PrintAndLog("Usage: hf mfu ucrdbl "); - PrintAndLog(" sample: hf mfu ucrdbl 0"); + PrintAndLog("Usage: hf mfu crdbl "); + PrintAndLog(" sample: hf mfu crdbl 0"); return 0; } @@ -571,8 +581,8 @@ int CmdHF14AMfUCWrBl(const char *Cmd){ UsbCommand resp; if (strlen(Cmd)<3) { - PrintAndLog("Usage: hf mfu ucwrbl [w]"); - PrintAndLog(" sample: hf mfu uwrbl 0 01020304"); + PrintAndLog("Usage: hf mfu cwrbl [w]"); + PrintAndLog(" sample: hf mfu wrbl 0 01020304"); return 0; } blockNo = param_get8(Cmd, 0); diff --git a/client/flasher.c b/client/flasher.c index 1390d817..e982ecf1 100644 --- a/client/flasher.c +++ b/client/flasher.c @@ -52,11 +52,8 @@ void ReceiveCommand(UsbCommand* rxcmd) { while (true) { rxlen = sizeof(UsbCommand) - (prx-prxcmd); if (uart_receive(sp,prx,&rxlen)) { -// printf("received [%zd] bytes\n",rxlen); prx += rxlen; if ((prx-prxcmd) >= sizeof(UsbCommand)) { -// printf("received: "); -// cmd_debug(rxcmd); return; } } -- 2.39.5