diff --git a/CHANGELOG.md b/CHANGELOG.md index 9e2359f72..9f92d755e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,10 @@ All notable changes to this project will be documented in this file. This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... ## [unreleased][unreleased] + - Changed `hf_mf_uidbruteforce` - added support for S70, enhance UID length management (@cactuschibre) + - Fixed build issues that may happen from building `mfd_aes_brute` (@linuxgemini) + - Added silicon data parsing logic for NXP chips in `hf mfu info` (@linuxgemini) + - Addes luascript `hf_mf_em_util.lua` - Script for emulator configuration (@nisgola) - Fixes `hf mf restore` - now takes bin/eml/json as dump files (@iceman1001) - Fixes `script run some_python_script` segfault on armhf architecture (@doegox) - Added `trace extract` - extract authentication parts from trace (@iceman1001) diff --git a/client/luascripts/hf_mf_em_util.lua b/client/luascripts/hf_mf_em_util.lua new file mode 100644 index 000000000..69537d7dd --- /dev/null +++ b/client/luascripts/hf_mf_em_util.lua @@ -0,0 +1,108 @@ +local getopt = require('getopt') +local ansicolors = require('ansicolors') + +--Copyright +copyright = '' +author = 'nisgola' +version = 'v1' + +-- Script description +desc = [[ +This is a script that write Sector Trailers to the emulator memory. + +By default, both keys A and B are set to 0xFFFFFFFFFFFF. +The Access Bytes are set to 0xFF0780 and User Bytes to 0x00. +]] +example = [[ + -- Use default formatting + 1. script run hf_mf_em_util + + -- Change keys A and B + 2. script run hf_mf_em_util -a 112233445566 -b AABBCCDDEEFF + + -- Define access bits and User byte + 3. script run hf_mf_em_util -x 00f0ff -u 12 +]] +-- Usage info +usage = [[ +script run hf_mf_em_util [-h] [-4] [-a ] [-b ] [-x ] [-u ] +]] +-- Arguments +arguments = [[ + -h this help + -4 format as 4K card + -a define key A + -b define key B + -x define Access Bytes + -u define User Byte +]] +-- Help function +local function help() + print(copyright) + print(author) + print(version) + print(desc) + print(ansicolors.cyan..'Usage'..ansicolors.reset) + print(usage) + print(ansicolors.cyan..'Arguments'..ansicolors.reset) + print(arguments) + print(ansicolors.cyan..'Example usage'..ansicolors.reset) + print(example) +end +-- Print error +local function oops(err) + print('ERROR:', err) + return nil,err +end + +-- Memory formatting +local function card_format(key_a,key_b,ab,user,s70) + local blocks = {3,7,11,15,19,23,27,31,35,39,43,47,51,55,59,63,67,71,75,79,83,87,91,95,99,103,107,111,115,119,123,127,143,159,175,191,207,223,239,255} + for k,v in ipairs(blocks) do + local cmd = string.format("hf mf esetblk --blk %s -d %s%s%s%s",v,key_a,ab,user,key_b) + core.console(cmd) + print(cmd) + core.clearCommandBuffer() + if s70 == false and k > 15 then + return + end + end +end + +local function main(args) + -- Receive parameters + for o, a in getopt.getopt(args, 'ha:b:x:u:4') do + if o == 'h' then return help() end + if o == 'a' then KeyA = a end + if o == 'b' then KeyB = a end + if o == 'x' then Accessbit = a end + if o == 'u' then User = a end + if o == '4' then kkkk = true end + end + + local KeyA = KeyA or 'FFFFFFFFFFFF' + if #(KeyA) ~= 12 then + return oops( string.format('Wrong length of the Key A, receveid %d, expected 12', #KeyA)) + end + + local KeyB = KeyB or 'FFFFFFFFFFFF' + if #(KeyB) ~= 12 then + return oops( string.format('Wrong length of the Key B, received %d, expected 12', #KeyB)) + end + + local Accessbit = Accessbit or 'FF0780' + if #(Accessbit) ~= 6 then + return oops( string.format('Wrong length of the Access bit, received %d, expected 6', #Accessbit)) + end + + local User = User or '00' + if #(User) ~= 2 then + return oops( string.format('Wrong lenght for the user defined byte, received %d, expected 2', #User)) + end + + local kkkk = kkkk or false + + -- Call card_format function + card_format(KeyA,KeyB,Accessbit,User,kkkk) +end +main (args) diff --git a/client/luascripts/hf_mf_uidbruteforce.lua b/client/luascripts/hf_mf_uidbruteforce.lua index 548898606..62872e2a3 100644 --- a/client/luascripts/hf_mf_uidbruteforce.lua +++ b/client/luascripts/hf_mf_uidbruteforce.lua @@ -11,11 +11,11 @@ desc =[[ This script bruteforces 4 or 7 byte UID Mifare classic card numbers. ]] example =[[ -Bruteforce a 4 byte UID Mifare classic card number, starting at 11223344, ending at 11223346. +Bruteforce a 4 bytes UID Mifare classic card number, starting at 11223344, ending at 11223346. script run hf_mf_uidbruteforce -s 0x11223344 -e 0x11223346 -t 1000 -x mfc -Bruteforce a 7 byte UID Mifare Ultralight card number, starting at 11223344556677, ending at 11223344556679. +Bruteforce a 7 bytes UID Mifare Ultralight card number, starting at 11223344556677, ending at 11223344556679. script run hf_mf_uidbruteforce -s 0x11223344556677 -e 0x11223344556679 -t 1000 -x mfu ]] @@ -28,8 +28,9 @@ arguments = [[ -e 0-0xFFFFFFFF end id -t 0-99999, pause timeout (ms) between cards (use the word 'pause' to wait for user input) - -x mfc, mfu mifare type: + -x mfc, mfc4, mfu mifare type: mfc for Mifare Classic (default) + mfc4 for Mifare Classic 4K mfu for Mifare Ultralight EV1 ]] @@ -86,23 +87,32 @@ local function main(args) local start_id = 0 local end_id = 0xFFFFFFFFFFFFFF local mftype = 'mfc' + local uid_format = '%14x' for o, a in getopt.getopt(args, 'e:s:t:x:h') do if o == 's' then start_id = a end if o == 'e' then end_id = a end if o == 't' then timeout = a end if o == 'x' then mftype = a end - if o == 'h' then return print(usage) end + if o == 'h' then return help() end end -- template local command = '' + -- if the end_id is equals or inferior to 0xFFFFFFFF then use the 4 bytes UID format by default + if string.len(end_id) <= 10 then + uid_format = '%08x' + end + if mftype == 'mfc' then - command = 'hf 14a sim -t 1 -u %014x' + command = 'hf 14a sim -t 1 -u ' .. uid_format msg('Bruteforcing Mifare Classic card numbers') + elseif mftype == 'mfc4' then + command = 'hf 14a sim -t 8 -u ' .. uid_format + msg('Bruteforcing Mifare Classic 4K card numbers') elseif mftype == 'mfu' then - command = 'hf 14a sim -t 2 -u %014x' + command = 'hf 14a sim -t 2 -u ' .. uid_format msg('Bruteforcing Mifare Ultralight card numbers') else return print(usage) diff --git a/client/src/cmdhfcipurse.c b/client/src/cmdhfcipurse.c index 9241a084e..9f462e40b 100644 --- a/client/src/cmdhfcipurse.c +++ b/client/src/cmdhfcipurse.c @@ -200,25 +200,30 @@ static int CLIParseCommandParametersEx(CLIParserContext *ctx, size_t keyid, size uint8_t hdata[250] = {0}; int hdatalen = sizeof(hdata); if (keyid) { - if (CLIParamHexToBuf(arg_get_str(ctx, keyid), hdata, hdatalen, &hdatalen)) + if (CLIParamHexToBuf(arg_get_str(ctx, keyid), hdata, hdatalen, &hdatalen)) { return PM3_ESOFT; + } if (hdatalen && hdatalen != 16) { PrintAndLogEx(ERR, _RED_("ERROR:") " key length for AES128 must be 16 bytes only"); return PM3_EINVARG; } + if (hdatalen) memcpy(key, hdata, CIPURSE_AES_KEY_LENGTH); else memcpy(key, defaultKey, sizeof(defaultKey)); } - if (useaid) + if (useaid) { *useaid = false; + } + if (aidid && aid && aidlen) { hdatalen = sizeof(hdata); - if (CLIParamHexToBuf(arg_get_str(ctx, aidid), hdata, hdatalen, &hdatalen)) + if (CLIParamHexToBuf(arg_get_str(ctx, aidid), hdata, hdatalen, &hdatalen)) { return PM3_ESOFT; + } if (hdatalen && (hdatalen < 1 || hdatalen > 16)) { PrintAndLogEx(ERR, _RED_("ERROR:") " application id length must be 1-16 bytes only"); @@ -229,16 +234,19 @@ static int CLIParseCommandParametersEx(CLIParserContext *ctx, size_t keyid, size if (hdatalen) { memcpy(aid, hdata, hdatalen); *aidlen = hdatalen; - if (useaid) + if (useaid) { *useaid = true; + } } else { memcpy(aid, defaultAID, defaultAIDLength); *aidlen = defaultAIDLength; } } - if (usefid) + if (usefid) { *usefid = false; + } + if (fidid && fid) { hdatalen = sizeof(hdata); if (CLIParamHexToBuf(arg_get_str(ctx, fidid), hdata, hdatalen, &hdatalen)) @@ -337,56 +345,75 @@ static int SelectCommandEx(bool selectDefaultFile, bool useAID, uint8_t *aid, si int res = 0; if (verbose && selChildFile) PrintAndLogEx(INFO, "Select top level application/file"); + if (useAID && aidLen > 0) { + res = CIPURSESelectAID(true, true, aid, aidLen, buf, bufSize, len, sw); if (res != 0 || *sw != 0x9000) { - if (verbose) + if (verbose) { PrintAndLogEx(ERR, "Cipurse select application " _GREEN_("%s ") _RED_("error") ". Card returns 0x%04x", sprint_hex_inrow(aid, aidLen), *sw); + } return PM3_ESOFT; } - if (verbose) + if (verbose) { PrintAndLogEx(INFO, "Cipurse select application " _CYAN_("%s ") _GREEN_("OK"), sprint_hex_inrow(aid, aidLen)); + } + } else if (useFID) { + res = CIPURSESelectFileEx(true, true, fileId, buf, bufSize, len, sw); if (res != 0 || *sw != 0x9000) { - if (verbose) + if (verbose) { PrintAndLogEx(ERR, "Cipurse select file 0x%04x " _RED_("error") ". Card returns 0x%04x", fileId, *sw); + } return PM3_ESOFT; } - if (verbose) + if (verbose) { PrintAndLogEx(INFO, "Cipurse select file " _CYAN_("0x%04x ") _GREEN_("OK"), fileId); + } + } else if (selectDefaultFile) { + res = CIPURSESelectMFDefaultFileEx(true, true, buf, bufSize, len, sw); if (res != 0 || *sw != 0x9000) { - if (verbose) + if (verbose) { PrintAndLogEx(ERR, "Cipurse select default file " _RED_("error") ". Card returns 0x%04x", *sw); + } return PM3_ESOFT; } - if (verbose) + if (verbose) { PrintAndLogEx(INFO, "Cipurse select default file " _GREEN_("OK")); + } + } else { + res = CIPURSESelect(true, true, buf, bufSize, len, sw); if (res != 0 || *sw != 0x9000) { - if (verbose) + if (verbose) { PrintAndLogEx(ERR, "Cipurse select default application " _RED_("error") ". Card returns 0x%04x", *sw); + } return PM3_ESOFT; } - if (verbose) + if (verbose) { PrintAndLogEx(INFO, "Cipurse select default application " _GREEN_("OK")); + } } if (selChildFile) { - if (verbose) + if (verbose) { PrintAndLogEx(INFO, "Select child file"); + } res = CIPURSESelectFileEx(false, true, childFileId, buf, bufSize, len, sw); if (res != 0 || *sw != 0x9000) { - if (verbose) + if (verbose) { PrintAndLogEx(ERR, "Select child file 0x%04x " _RED_("error") ". Card returns 0x%04x", childFileId, *sw); + } return PM3_ESOFT; } - if (verbose) + if (verbose) { PrintAndLogEx(INFO, "Select child file " _CYAN_("0x%04x ") _GREEN_("OK"), childFileId); + } } return PM3_SUCCESS; @@ -408,13 +435,13 @@ static int CmdHFCipurseSelect(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), arg_lit0("t", "tlv", "TLV decode returned data"), - arg_str0(NULL, "aid", "", "application ID (AID)"), - arg_str0(NULL, "fid", "", "top level file (or application) ID (FID)"), - arg_lit0(NULL, "mfd", "select masterfile by empty id"), - arg_str0(NULL, "chfid", "", "child file ID (EF under application/master file)"), + arg_str0(NULL, "aid", "", "Application ID (AID) 1..16 bytes"), + arg_str0(NULL, "fid", "", "Top level file (or application) ID (FID) 2 bytes"), + arg_lit0(NULL, "mfd", "Select masterfile by empty id"), + arg_str0(NULL, "chfid", "", "Child file ID (EF under application/master file) 2 bytes"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -474,12 +501,12 @@ static int CmdHFCipurseAuth(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_str0(NULL, "aid", "", "application ID (AID)"), - arg_str0(NULL, "fid", "", "top file/application ID (FID)"), - arg_lit0(NULL, "mfd", "select masterfile by empty id"), - arg_int0("n", NULL, "", "key ID"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_str0(NULL, "aid", "", "Application ID (AID) ( 1..16 bytes )"), + arg_str0(NULL, "fid", "", "Top file/application ID (FID) ( 2 bytes )"), + arg_lit0(NULL, "mfd", "Select masterfile by empty id"), + arg_int0("n", NULL, "", "Key ID"), arg_str0("k", "key", "", "Auth key"), arg_param_end }; @@ -545,21 +572,21 @@ static int CmdHFCipurseReadFile(const char *Cmd) { CLIParserInit(&ctx, "hf cipurse read", "Read file in the application by file ID with key ID and key. If no key is supplied, default key of 737373...7373 will be used", "hf cipurse read --fid 2ff7 -> Authenticate with keyID 1, read file with id 2ff7\n" - "hf cipurse read -n 2 -k 65656565656565656565656565656565 --fid 2ff7 -> Authenticate keyID 2 and read file\n" - "hf cipurse read --aid 4144204631 --fid 0102 -> read file with id 0102 from application 4144204631\n"); + "hf cipurse read -n 2 -k 65656565656565656565656565656565 --fid 2ff7 -> Authenticate keyID 2 and read file\n" + "hf cipurse read --aid 4144204631 --fid 0102 -> read file with id 0102 from application 4144204631\n"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", NULL, "", "key ID"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", NULL, "", "Key ID"), arg_str0("k", "key", "", "Auth key"), - arg_str0(NULL, "aid", "", "application ID (AID)"), - arg_str0(NULL, "fid", "", "file ID"), - arg_int0("o", "offset", "", "offset for reading data from file"), - arg_lit0(NULL, "noauth", "read file without authentication"), - arg_str0(NULL, "sreq", "", "communication reader-PICC security level"), - arg_str0(NULL, "sresp", "", "communication PICC-reader security level"), + arg_str0(NULL, "aid", "", "Application ID (AID) ( 1..16 bytes )"), + arg_str0(NULL, "fid", "", "File ID"), + arg_int0("o", "offset", "", "Offset for reading data from file"), + arg_lit0(NULL, "noauth", "Read file without authentication"), + arg_str0(NULL, "sreq", "", "Communication reader-PICC security level (def: mac)"), + arg_str0(NULL, "sresp", "", "Communication PICC-reader security level (def: mac)"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -660,18 +687,18 @@ static int CmdHFCipurseWriteFile(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", NULL, "", "key ID"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", NULL, "", "Key ID"), arg_str0("k", "key", "", "Auth key"), - arg_str0(NULL, "aid", "", "application ID (AID)"), - arg_str0(NULL, "fid", "", "file ID"), - arg_int0("o", "offset", "", "offset for reading data from file"), - arg_lit0(NULL, "noauth", "read file without authentication"), - arg_str0(NULL, "sreq", "", "communication reader-PICC security level"), - arg_str0(NULL, "sresp", "", "communication PICC-reader security level"), - arg_str0("d", "data", "", "hex data to write to new file"), - arg_lit0(NULL, "commit", "need commit after write"), + arg_str0(NULL, "aid", "", "Application ID (AID) ( 1..16 bytes )"), + arg_str0(NULL, "fid", "", "File ID"), + arg_int0("o", "offset", "", "Offset for reading data from file"), + arg_lit0(NULL, "noauth", "Read file without authentication"), + arg_str0(NULL, "sreq", "", "communication reader-PICC security level (def: mac)"), + arg_str0(NULL, "sresp", "", "communication PICC-reader security level (def: mac)"), + arg_str0("d", "data", "", "Data to write to new file"), + arg_lit0(NULL, "commit", "Commit after write"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -797,17 +824,17 @@ static int CmdHFCipurseReadFileAttr(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", NULL, "", "key ID"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", NULL, "", "Key ID"), arg_str0("k", "key", "", "Auth key"), - arg_lit0(NULL, "mfd", "show info about master file"), - arg_str0(NULL, "aid", "", "select application ID (AID)"), - arg_str0(NULL, "fid", "", "file ID"), - arg_str0(NULL, "chfid", "", "child file ID (EF under application/master file)"), - arg_lit0(NULL, "noauth", "read file attributes without authentication"), - arg_str0(NULL, "sreq", "", "communication reader-PICC security level"), - arg_str0(NULL, "sresp", "", "communication PICC-reader security level"), + arg_lit0(NULL, "mfd", "Show info about master file"), + arg_str0(NULL, "aid", "", "Select application ID (AID) ( 1..16 bytes )"), + arg_str0(NULL, "fid", "", "File ID"), + arg_str0(NULL, "chfid", "", "Child file ID (EF under application/master file) ( 2 bytes )"), + arg_lit0(NULL, "noauth", "Read file attributes without authentication"), + arg_str0(NULL, "sreq", "", "Communication reader-PICC security level (def: mac)"), + arg_str0(NULL, "sresp", "", "Communication PICC-reader security level (def: mac)"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -909,26 +936,26 @@ static int CmdHFCipurseWriteFileAttr(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf cipurse awrite", "Write file attributes by file ID with key ID and key. If no key is supplied, default key of 737373...7373 will be used", - "hf cipurse awrite --fid 2ff7 -d 080000C1C1C1C1C1C1C1C1C1 -> write default file attributes with id 2ff7\n" - "hf cipurse awrite --mfd -d 080000FFFFFFFFFFFFFFFFFF86023232 --commit -> write file attributes for master file (MF)\n" + "hf cipurse awrite --fid 2ff7 -d 080000C1C1C1C1C1C1C1C1C1 -> write default file attributes with id 2ff7\n" + "hf cipurse awrite --mfd -d 080000FFFFFFFFFFFFFFFFFF86023232 --commit -> write file attributes for master file (MF)\n" "hf cipurse awrite --chfid 0102 -d 020000ffffff -> write file 0102 attributes in the default application to full access\n" "hf cipurse awrite --chfid 0102 -d 02000040ffff -> write file 0102 attributes in the default application to full access with keys 1 and 2\n"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", NULL, "", "key ID"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", NULL, "", "Key ID"), arg_str0("k", "key", "", "Auth key"), - arg_lit0(NULL, "mfd", "show info about master file"), - arg_str0(NULL, "aid", "", "select application ID (AID)"), - arg_str0(NULL, "fid", "", "file ID"), - arg_str0(NULL, "chfid", "", "child file ID (EF under application/master file)"), - arg_lit0(NULL, "noauth", "read file attributes without authentication"), - arg_str0(NULL, "sreq", "", "communication reader-PICC security level"), - arg_str0(NULL, "sresp", "", "communication PICC-reader security level"), - arg_str0("d", "data", "", "file attributes"), - arg_lit0(NULL, "commit", "need commit after write"), + arg_lit0(NULL, "mfd", "Show info about master file"), + arg_str0(NULL, "aid", "", "Select application ID (AID) ( 1..16 bytes )"), + arg_str0(NULL, "fid", "", "File ID"), + arg_str0(NULL, "chfid", "", "Child file ID (EF under application/master file) ( 2 bytes )"), + arg_lit0(NULL, "noauth", "Read file attributes without authentication"), + arg_str0(NULL, "sreq", "", "Communication reader-PICC security level (def: mac)"), + arg_str0(NULL, "sresp", "", "Communication PICC-reader security level (def: mac)"), + arg_str0("d", "data", "", "File attributes"), + arg_lit0(NULL, "commit", "Commit after write"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -1053,13 +1080,13 @@ static int CmdHFCipurseFormatAll(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", NULL, "", "key ID"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", NULL, "", "Key ID"), arg_str0("k", "key", "", "Auth key"), - arg_str0(NULL, "sreq", "", "communication reader-PICC security level"), - arg_str0(NULL, "sresp", "", "communication PICC-reader security level"), - arg_lit0(NULL, "no-auth", "execute without authentication"), + arg_str0(NULL, "sreq", "", "Communication reader-PICC security level (def: mac)"), + arg_str0(NULL, "sresp", "", "Communication PICC-reader security level (def: mac)"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -1138,20 +1165,20 @@ static int CmdHFCipurseCreateDGI(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", NULL, "", "key ID"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", NULL, "", "Key ID"), arg_str0("k", "key", "", "Auth key"), - arg_str0(NULL, "aid", "", "application ID (AID)"), - arg_str0(NULL, "fid", "", "file ID (FID)"), - arg_lit0(NULL, "mfd", "select masterfile by empty id"), + arg_str0(NULL, "aid", "", "Application ID (AID) ( 1..16 bytes )"), + arg_str0(NULL, "fid", "", "file ID (FID) ( 2 bytes )"), + arg_lit0(NULL, "mfd", "Select masterfile by empty id"), - arg_str0("d", "data", "", "data with DGI for create"), - arg_str0(NULL, "sreq", "", "communication reader-PICC security level"), - arg_str0(NULL, "sresp", "", "communication PICC-reader security level"), - arg_lit0(NULL, "no-auth", "execute without authentication"), - arg_lit0(NULL, "commit", "need commit after create"), + arg_str0("d", "data", "", "Data with DGI for create"), + arg_str0(NULL, "sreq", "", "Communication reader-PICC security level (def: mac)"), + arg_str0(NULL, "sresp", "", "Communication PICC-reader security level (def: mac)"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), + arg_lit0(NULL, "commit", "Commit after create"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -1272,17 +1299,17 @@ static int CmdHFCipurseDeleteFile(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", NULL, "", "key ID"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", NULL, "", "Key ID"), arg_str0("k", "key", "", "Auth key"), - arg_str0(NULL, "fid", "", "file/application ID under MF for delete"), - arg_str0(NULL, "aid", "", "application ID (AID) for delete"), - arg_str0(NULL, "chfid", "", "child file ID (EF under application/master file)"), - arg_str0(NULL, "sreq", "", "communication reader-PICC security level"), - arg_str0(NULL, "sresp", "", "communication PICC-reader security level"), - arg_lit0(NULL, "no-auth", "execute without authentication"), - arg_lit0(NULL, "commit", "commit "), + arg_str0(NULL, "fid", "", "File/application ID under MF for delete"), + arg_str0(NULL, "aid", "", "Application ID (AID) for delete ( 1..16 bytes )"), + arg_str0(NULL, "chfid", "", "Child file ID (EF under application/master file) ( 2 bytes )"), + arg_str0(NULL, "sreq", "", "Communication reader-PICC security level (def: mac)"), + arg_str0(NULL, "sresp", "", "Communication PICC-reader security level (def: mac)"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), + arg_lit0(NULL, "commit", "commit after delete"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -1582,11 +1609,11 @@ static int CmdHFCipurseDefault(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0(NULL, "clear", "resets to defaults"), + arg_lit0(NULL, "clear", "Resets to defaults"), arg_int0("n", NULL, "", "Key ID"), arg_str0("k", "key", "", "Authentication key"), - arg_str0(NULL, "aid", "", "application ID (AID)"), - arg_str0(NULL, "fid", "", "File ID"), + arg_str0(NULL, "aid", "", "Application ID (AID) ( 1..16 bytes )"), + arg_str0(NULL, "fid", "", "File ID ( 2 bytes )"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); diff --git a/client/src/cmdhffido.c b/client/src/cmdhffido.c index 1698ac8a5..f518be172 100644 --- a/client/src/cmdhffido.c +++ b/client/src/cmdhffido.c @@ -137,22 +137,22 @@ static int CmdHFFidoRegister(const char *cmd) { "challenge parameter (32b) and application parameter (32b).\n" "The default config filename is `fido2_defparams.json`\n" "\n", - "hf fido reg -> execute command with 2 parameters, filled 0x00\n" - "hf fido reg --cp s0 --ap s1 -> execute command with plain parameters\n" + "hf fido reg -> execute command with 2 parameters, filled 0x00\n" + "hf fido reg --cp s0 --ap s1 -> execute command with plain parameters\n" "hf fido reg --cpx 000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f --apx 000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f\n" - "hf fido reg -f fido2-params -> execute command with custom config file\n" + "hf fido reg -f fido2-params -> execute command with custom config file\n" ); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_litn("v", "verbose", 0, 2, "show technical data. vv - show full certificates data"), - arg_lit0("t", "tlv", "Show DER certificate contents in TLV representation"), - arg_str0("f", "file", "", "JSON input file name for parameters"), - arg_str0(NULL, "cp", "", "challenge parameter (1..16 chars)"), - arg_str0(NULL, "ap", "", "application parameter (1..16 chars)"), - arg_str0(NULL, "cpx", "", "challenge parameter (32 bytes hex)"), - arg_str0(NULL, "apx", "", "application parameter (32 bytes hex)"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_litn("v", "verbose", 0, 2, "Verbose mode. vv - show full certificates data"), + arg_lit0("t", "tlv", "Show DER certificate contents in TLV representation"), + arg_str0("f", "file", "", "JSON input file name for parameters"), + arg_str0(NULL, "cp", "", "Challenge parameter (1..16 chars)"), + arg_str0(NULL, "ap", "", "Application parameter (1..16 chars)"), + arg_str0(NULL, "cpx", "", "Challenge parameter (32 bytes hex)"), + arg_str0(NULL, "apx", "", "Application parameter (32 bytes hex)"), arg_param_end }; CLIExecWithReturn(ctx, cmd, argtable, true); @@ -409,18 +409,18 @@ static int CmdHFFidoAuthenticate(const char *cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU reqests and responses"), - arg_lit0("v", "verbose", "show technical data"), + arg_lit0("a", "apdu", "Show APDU reqests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), arg_rem("default mode:", "dont-enforce-user-presence-and-sign"), arg_lit0("u", "user", "mode: enforce-user-presence-and-sign"), arg_lit0("c", "check", "mode: check-only"), - arg_str0("f", "file", "", "JSON input file name for parameters"), - arg_str0("k", "key", "", "public key to verify signature"), - arg_str0(NULL, "kh", "", "key handle (var 0..255b)"), - arg_str0(NULL, "cp", "", "challenge parameter (1..16 chars)"), - arg_str0(NULL, "ap", "", "application parameter (1..16 chars)"), - arg_str0(NULL, "cpx", "", "challenge parameter (32 bytes hex)"), - arg_str0(NULL, "apx", "", "application parameter (32 bytes hex)"), + arg_str0("f", "file", "", "JSON file name for parameters"), + arg_str0("k", "key", "", "Public key to verify signature"), + arg_str0(NULL, "kh", "", "Key handle (var 0..255b)"), + arg_str0(NULL, "cp", "", "Challenge parameter (1..16 chars)"), + arg_str0(NULL, "ap", "", "Application parameter (1..16 chars)"), + arg_str0(NULL, "cpx", "", "Challenge parameter (32 bytes hex)"), + arg_str0(NULL, "apx", "", "Application parameter (32 bytes hex)"), arg_param_end }; CLIExecWithReturn(ctx, cmd, argtable, true); @@ -671,11 +671,11 @@ static int CmdHFFido2MakeCredential(const char *cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU reqests and responses"), - arg_litn("v", "verbose", 0, 2, "show technical data. vv - show full certificates data"), - arg_lit0("t", "tlv", "Show DER certificate contents in TLV representation"), - arg_lit0("c", "cbor", "show CBOR decoded data"), - arg_str0("f", "file", "", "parameter JSON file name"), + arg_lit0("a", "apdu", "Show APDU reqests and responses"), + arg_litn("v", "verbose", 0, 2, "Verbose mode. vv - show full certificates data"), + arg_lit0("t", "tlv", "Show DER certificate contents in TLV representation"), + arg_lit0("c", "cbor", "Show CBOR decoded data"), + arg_str0("f", "file", "", "Parameter JSON file name"), arg_param_end }; CLIExecWithReturn(ctx, cmd, argtable, true); @@ -790,11 +790,11 @@ static int CmdHFFido2GetAssertion(const char *cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU reqests and responses"), - arg_litn("v", "verbose", 0, 2, "show technical data. vv - show full certificates data"), - arg_lit0("c", "cbor", "show CBOR decoded data"), - arg_lit0("l", "list", "add CredentialId from json to allowList"), - arg_str0("f", "file", "", "parameter JSON file name"), + arg_lit0("a", "apdu", "Show APDU reqests and responses"), + arg_litn("v", "verbose", 0, 2, "Verbose mode. vv - show full certificates data"), + arg_lit0("c", "cbor", "Show CBOR decoded data"), + arg_lit0("l", "list", "Add CredentialId from json to allowList"), + arg_str0("f", "file", "", "Parameter JSON file name"), arg_param_end }; CLIExecWithReturn(ctx, cmd, argtable, true); diff --git a/client/src/cmdhfmf.c b/client/src/cmdhfmf.c index e67afdff0..8fe003c4c 100644 --- a/client/src/cmdhfmf.c +++ b/client/src/cmdhfmf.c @@ -3008,7 +3008,7 @@ static int CmdHF14AMfChk(const char *Cmd) { arg_param_begin, arg_strx0("k", "key", "", "Key specified as 12 hex symbols"), arg_int0(NULL, "blk", "", "Input block number"), - arg_lit0("a", NULL, "Target Key A, if found also check Key B for duplicate"), + arg_lit0("a", NULL, "Target Key A"), arg_lit0("b", NULL, "Target Key B"), arg_lit0("*", "all", "Target both key A & B (default)"), arg_lit0(NULL, "mini", "MIFARE Classic Mini / S20"), @@ -3017,7 +3017,7 @@ static int CmdHF14AMfChk(const char *Cmd) { arg_lit0(NULL, "4k", "MIFARE Classic 4k / S70"), arg_lit0(NULL, "emu", "Fill simulator keys from found keys"), arg_lit0(NULL, "dump", "Dump found keys to binary file"), - arg_str0("f", "file", "", "filename of dictionary"), + arg_str0("f", "file", "", "Filename of dictionary"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); diff --git a/client/src/cmdhfmfdes.c b/client/src/cmdhfmfdes.c index b75b2161d..5b7438c8c 100644 --- a/client/src/cmdhfmfdes.c +++ b/client/src/cmdhfmfdes.c @@ -442,33 +442,41 @@ static int CmdDesGetSessionParameters(CLIParserContext *ctx, DesfireContext_t *d } if (algoid) { - if (CLIGetOptionList(arg_get_str(ctx, algoid), DesfireAlgoOpts, &algores)) + if (CLIGetOptionList(arg_get_str(ctx, algoid), DesfireAlgoOpts, &algores)) { return PM3_ESOFT; + } } if (keyid) { int keylen = 0; uint8_t keydata[200] = {0}; - if (CLIParamHexToBuf(arg_get_str(ctx, keyid), keydata, sizeof(keydata), &keylen)) + if (CLIParamHexToBuf(arg_get_str(ctx, keyid), keydata, sizeof(keydata), &keylen)) { return PM3_ESOFT; + } + if (keylen && keylen != desfire_get_key_length(algores)) { PrintAndLogEx(ERR, "%s key must have %d bytes length instead of %d.", CLIGetOptionListStr(DesfireAlgoOpts, algores), desfire_get_key_length(algores), keylen); return PM3_EINVARG; } - if (keylen) + + if (keylen) { memcpy(key, keydata, keylen); + } } if (kdfid) { - if (CLIGetOptionList(arg_get_str(ctx, kdfid), DesfireKDFAlgoOpts, &kdfAlgo)) + if (CLIGetOptionList(arg_get_str(ctx, kdfid), DesfireKDFAlgoOpts, &kdfAlgo)) { return PM3_ESOFT; + } } if (kdfiid) { int datalen = kdfInputLen; uint8_t data[200] = {0}; - if (CLIParamHexToBuf(arg_get_str(ctx, kdfiid), data, sizeof(data), &datalen)) + if (CLIParamHexToBuf(arg_get_str(ctx, kdfiid), data, sizeof(data), &datalen)) { return PM3_ESOFT; + } + if (datalen) { kdfInputLen = datalen; memcpy(kdfInput, data, datalen); @@ -525,19 +533,19 @@ static int CmdDesGetSessionParameters(CLIParserContext *ctx, DesfireContext_t *d static int CmdHF14ADesDefault(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfdes default", - "Set default parameters for access to desfire card.", - "hf mfdes default -n 0 -t des -k 0000000000000000 -f none -> save to the default parameters"); + "Set default parameters for access to MIFARE DESfire card.", + "hf mfdes default -n 0 -t des -k 0000000000000000 --kdf none -> save to the default parameters"); void *argtable[] = { arg_param_begin, - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -1059,25 +1067,25 @@ static int CmdHF14aDesChk(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfdes chk", "Checks keys with MIFARE DESFire card.", - "hf mfdes chk -a 123456 -k 000102030405060708090a0b0c0d0e0f -> check key on aid 0x123456\n" - "hf mfdes chk -d mfdes_default_keys -> check keys from dictionary against all existing aid on card\n" - "hf mfdes chk -d mfdes_default_keys -a 123456 -> check keys from dictionary against aid 0x123456\n" - "hf mfdes chk -a 123456 --pattern1b -j keys -> check all 1-byte keys pattern on aid 0x123456 and save found keys to json\n" - "hf mfdes chk -a 123456 --pattern2b --startp2b FA00 -> check all 2-byte keys pattern on aid 0x123456. Start from key FA00FA00...FA00"); + "hf mfdes chk -a 123456 -k 000102030405060708090a0b0c0d0e0f -> check key on aid 0x123456\n" + "hf mfdes chk -d mfdes_default_keys -> check keys from dictionary against all existing aid on card\n" + "hf mfdes chk -d mfdes_default_keys -a 123456 -> check keys from dictionary against aid 0x123456\n" + "hf mfdes chk -a 123456 --pattern1b -j keys -> check all 1-byte keys pattern on aid 0x123456 and save found keys to json\n" + "hf mfdes chk -a 123456 --pattern2b --startp2b FA00 -> check all 2-byte keys pattern on aid 0x123456. Start from key FA00FA00...FA00"); void *argtable[] = { arg_param_begin, - arg_str0(NULL, "aid", "", "Use specific AID (3 hex bytes, big endian)"), - arg_str0("k", "key", "", "Key for checking (HEX 16 bytes)"), - arg_str0("d", "dict", "", "File with keys dictionary"), - arg_lit0(NULL, "pattern1b", "Check all 1-byte combinations of key (0000...0000, 0101...0101, 0202...0202, ...)"), - arg_lit0(NULL, "pattern2b", "Check all 2-byte combinations of key (0000...0000, 0001...0001, 0002...0002, ...)"), - arg_str0(NULL, "startp2b", "", "Start key (2-byte HEX) for 2-byte search (use with `--pattern2b`)"), - arg_str0("j", "json", "", "Json file to save keys"), - arg_lit0("v", "verbose", "Verbose mode."), - arg_int0("f", "kdf", "", "Key Derivation Function (KDF) (0=None, 1=AN10922, 2=Gallagher)"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_lit0("a", "apdu", "show APDU requests and responses"), + arg_str0(NULL, "aid", "", "Use specific AID (3 hex bytes, big endian)"), + arg_str0("k", "key", "", "Key for checking (HEX 16 bytes)"), + arg_str0("d", "dict", "", "Dictionary file with keys"), + arg_lit0(NULL, "pattern1b", "Check all 1-byte combinations of key (0000...0000, 0101...0101, 0202...0202, ...)"), + arg_lit0(NULL, "pattern2b", "Check all 2-byte combinations of key (0000...0000, 0001...0001, 0002...0002, ...)"), + arg_str0(NULL, "startp2b", "", "Start key (2-byte HEX) for 2-byte search (use with `--pattern2b`)"), + arg_str0("j", "json", "", "Json file name to save keys"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0(NULL, "kdf", "<0|1|2>", "Key Derivation Function (KDF) (0=None, 1=AN10922, 2=Gallagher)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -1160,9 +1168,10 @@ static int CmdHF14aDesChk(const char *Cmd) { bool verbose = arg_get_lit(ctx, 8); // Get KDF input + uint8_t cmdKDFAlgo = arg_get_int_def(ctx, 9, 0); + uint8_t kdfInput[31] = {0}; int kdfInputLen = 0; - uint8_t cmdKDFAlgo = arg_get_int_def(ctx, 9, 0); CLIGetHexWithReturn(ctx, 10, kdfInput, &kdfInputLen); CLIParserFree(ctx); @@ -1370,28 +1379,28 @@ static int CmdHF14aDesDetect(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfdes detect", "Detect key type and tries to find one from the list.", - "hf mfdes detect -> detect key 0 from PICC level\n" - "hf mfdes detect -s d40 -> detect key 0 from PICC level via secure channel D40\n" - "hf mfdes detect --dict mfdes_default_keys -> detect key 0 from PICC level with help of the standard dictionary\n" - "hf mfdes detect --aid 123456 -n 2 --save -> detect key 2 from app 123456 and if succeed - save params to defaults (`default` command)\n" - "hf mfdes detect --appisoid df01 --save -> detect key 0 and save to defaults with card in the LRP mode"); + "hf mfdes detect -> detect key 0 from PICC level\n" + "hf mfdes detect --schann d40 -> detect key 0 from PICC level via secure channel D40\n" + "hf mfdes detect --dict mfdes_default_keys -> detect key 0 from PICC level with help of the standard dictionary\n" + "hf mfdes detect --aid 123456 -n 2 --save -> detect key 2 from app 123456 and if succeed - save params to defaults (`default` command)\n" + "hf mfdes detect --isoid df01 --save -> detect key 0 and save to defaults with card in the LRP mode"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), - arg_str0(NULL, "appisoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), - arg_str0(NULL, "dict", "", "File with keys dictionary"), - arg_lit0(NULL, "save", "save found key and parameters to defaults"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_str0(NULL, "isoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), + arg_str0(NULL, "dict", "", "Dictionary file name with keys"), + arg_lit0(NULL, "save", "Save found key and parameters to defaults"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -1645,17 +1654,17 @@ static int CmdHF14aDesMAD(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID of issuer info file, (non-standard feature!) (3 hex bytes, big endian)"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID of issuer info file, (3 hex bytes, big endian), (non-standard feature!)"), arg_lit0(NULL, "auth", "Authenticate to get info from GetApplicationIDs command (non-standard feature!)"), arg_param_end }; @@ -1779,30 +1788,30 @@ static int CmdHF14ADesSelectApp(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfdes selectapp", "Select application on the card. It selects app if it is a valid one or returns an error.", - "hf mfdes selectapp --aid 123456 -> select application 123456\n" - "hf mfdes selectapp --mf -> select master file (PICC level)\n" + "hf mfdes selectapp --aid 123456 -> select application 123456\n" + "hf mfdes selectapp --mf -> select master file (PICC level)\n" "hf mfdes selectapp --dfname aid123456 -> select application aid123456 by DF name\n" - "hf mfdes selectapp --isoid 1111 -> select application 1111 by ISO ID\n" - "hf mfdes selectapp --isoid 1111 --fileisoid 2222 -> select application 1111 file 2222 by ISO ID\n" - "hf mfdes selectapp --isoid 01df --fileisoid 00ef -> select file 00 on the Desfire Light"); + "hf mfdes selectapp --isoid 1111 -> select application 1111 by ISO ID\n" + "hf mfdes selectapp --isoid 1111 --fileisoid 2222 -> select application 1111 file 2222 by ISO ID\n" + "hf mfdes selectapp --isoid 01df --fileisoid 00ef -> select file 00 on the Desfire Light"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID of application for some parameters (3 hex bytes, big endian)"), - arg_str0(NULL, "dfname", "", "Application DF Name (string, max 16 chars). Selects application via ISO SELECT command"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID of application for some parameters (3 hex bytes, big endian)"), + arg_str0(NULL, "dfname", "", "Application DF Name (string, max 16 chars). Selects application via ISO SELECT command"), arg_lit0(NULL, "mf", "Select MF (master file) via ISO channel"), - arg_str0(NULL, "isoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)"), - arg_str0(NULL, "fileisoid", "", "Select file inside application by ISO ID (ISO DF ID) (2 hex bytes, big endian)."), + arg_str0(NULL, "isoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)"), + arg_str0(NULL, "fileisoid", "", "Select file inside application by ISO ID (ISO DF ID) (2 hex bytes, big endian)."), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -1921,14 +1930,14 @@ static int CmdHF14ADesBruteApps(const char *Cmd) { "Recover AIDs by bruteforce.\n" "WARNING: This command takes a loooong time", "hf mfdes bruteaid -> Search all apps\n" - "hf mfdes bruteaid -s F0000F -i 16 -> Search MAD range manually"); + "hf mfdes bruteaid --start F0000F -i 16 -> Search MAD range manually"); void *argtable[] = { arg_param_begin, - arg_str0("s", "start", "", "Starting App ID as hex bytes (3 bytes, big endian)"), - arg_str0("e", "end", "", "Last App ID as hex bytes (3 bytes, big endian)"), - arg_int0("i", "step", "", "Increment step when bruteforcing"), - arg_lit0("m", "mad", "Only bruteforce the MAD range"), + arg_str0(NULL, "start", "", "Starting App ID as hex bytes (3 bytes, big endian)"), + arg_str0(NULL, "end", "", "Last App ID as hex bytes (3 bytes, big endian)"), + arg_int0("i", "step", "", "Increment step when bruteforcing"), + arg_lit0("m", "mad", "Only bruteforce the MAD range"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -2007,25 +2016,25 @@ static int CmdHF14ADesAuth(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfdes auth", "Select application on the card. It selects app if it is a valid one or returns an error.", - "hf mfdes auth -n 0 -t des -k 0000000000000000 -f none -> select PICC level and authenticate with key num=0, key type=des, key=00..00 and key derivation = none\n" - "hf mfdes auth -n 0 -t aes -k 00000000000000000000000000000000 -> select PICC level and authenticate with key num=0, key type=aes, key=00..00 and key derivation = none\n" - "hf mfdes auth -n 0 -t des -k 0000000000000000 --save -> select PICC level and authenticate and in case of successful authentication - save channel parameters to defaults\n" - "hf mfdes auth --aid 123456 -> select application 123456 and authenticate via parameters from `default` command"); + "hf mfdes auth -n 0 -t des -k 0000000000000000 --kdf none -> select PICC level and authenticate with key num=0, key type=des, key=00..00 and key derivation = none\n" + "hf mfdes auth -n 0 -t aes -k 00000000000000000000000000000000 -> select PICC level and authenticate with key num=0, key type=aes, key=00..00 and key derivation = none\n" + "hf mfdes auth -n 0 -t des -k 0000000000000000 --save -> select PICC level and authenticate and in case of successful authentication - save channel parameters to defaults\n" + "hf mfdes auth --aid 123456 -> select application 123456 and authenticate via parameters from `default` command"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), arg_str0(NULL, "aid", "", "Application ID of application for some parameters (3 hex bytes, big endian)"), - arg_str0(NULL, "appisoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), + arg_str0(NULL, "isoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)"), arg_lit0(NULL, "save", "saves channels parameters to defaults if authentication succeeds"), arg_param_end }; @@ -2085,41 +2094,44 @@ static int CmdHF14ADesAuth(const char *Cmd) { static int CmdHF14ADesSetConfiguration(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfdes setconfig", - "Set card configuration. WARNING! Danger zone! Needs to provide card's master key and works if not blocked by config.", - "More about options MF2DLHX0.pdf. Options list:\n" - "00h PICC configuration.\n" - "02h ATS update.\n" - "03h SAK update\n" - "04h Secure Messaging Configuration.\n" - "05h Capability data. (here change for LRP in the Desfire Light [enable 00000000010000000000])\n" - "06h DF Name renaming (one-time)\n" - "08h File renaming (one-time)\n" - "09h Value file configuration (one-time)\n" - "0Ah Failed authentication counter setting [disable 00ffffffff]\n" - "0Bh HW configuration\n" + "Set card configuration. \n" + "WARNING! Danger zone!\n" + "Needs to provide card's master key and works if not blocked by config.", + "More about options MF2DLHX0.pdf.\n" + "Options list:\n" + " 00h PICC configuration.\n" + " 02h ATS update.\n" + " 03h SAK update\n" + " 04h Secure Messaging Configuration.\n" + " 05h Capability data. (here change for LRP in the Desfire Light [enable 00000000010000000000])\n" + " 06h DF Name renaming (one-time)\n" + " 08h File renaming (one-time)\n" + " 09h Value file configuration (one-time)\n" + " 0Ah Failed authentication counter setting [disable 00ffffffff]\n" + " 0Bh HW configuration\n" "\n" - "hf mfdes setconfig --param 03 --data 0428 -> set SAK\n" - "hf mfdes setconfig --param 02 --data 0875778102637264 -> set ATS (first byte - length)\n" - "hf mfdes setconfig --appisoid df01 -t aes -s ev2 --param 05 --data 00000000020000000000 -> set LRP mode enable for Desfire Light\n" - "hf mfdes setconfig --appisoid df01 -t aes -s ev2 --param 0a --data 00ffffffff -> Disable failed auth counters for Desfire Light\n" - "hf mfdes setconfig --appisoid df01 -t aes -s lrp --param 0a --data 00ffffffff -> Disable failed auth counters for Desfire Light via lrp channel"); + "hf mfdes setconfig --param 03 --data 0428 -> set SAK\n" + "hf mfdes setconfig --param 02 --data 0875778102637264 -> set ATS (first byte - length)\n" + "hf mfdes setconfig --isoid df01 -t aes -s ev2 --param 05 --data 00000000020000000000 -> set LRP mode enable for Desfire Light\n" + "hf mfdes setconfig --isoid df01 -t aes -s ev2 --param 0a --data 00ffffffff -> Disable failed auth counters for Desfire Light\n" + "hf mfdes setconfig --isoid df01 -t aes -s lrp --param 0a --data 00ffffffff -> Disable failed auth counters for Desfire Light via lrp"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID of application for some parameters (3 hex bytes, big endian)"), - arg_str0(NULL, "appisoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), - arg_str0("p", "param", "", "Parameter id (HEX 1 byte)"), - arg_str0("d", "data", "", "Data for parameter (HEX 1..30 bytes)"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID of application for some parameters (3 hex bytes, big endian)"), + arg_str0(NULL, "isoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), + arg_str0("p", "param", "", "Parameter id (1 hex byte)"), + arg_str0("d", "data", "", "Data for parameter (1..30 hex bytes)"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -2189,35 +2201,36 @@ static int CmdHF14ADesChangeKey(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfdes changekey", "Change PICC/Application key. Needs to provide keynum/key for a valid authentication (may get from default parameters).", - "Change crypto algorithm for PICC key is possible, but for APP keys crypto algorithm is set by createapp command and can't be changed wo application delete\n" + "Change crypto algorithm for PICC key is possible, \n" + "but for APP keys crypto algorithm is set by createapp command and can't be changed wo application delete\n" "\n" - "hf mfdes changekey --aid 123456 -> execute with default factory setup. change des key 0 in the app 123456 from 00..00 to 00..00\n" - "hf mfdes changekey --appisoid df01 -t aes -s lrp --newkeyno 01 -> change key 01 via lrp channel" - "hf mfdes changekey -t des --newalgo aes --newkey 11223344556677889900112233445566 --newver a5 -> change card master key to AES one\n" + "hf mfdes changekey --aid 123456 -> execute with default factory setup. change des key 0 in the app 123456 from 00..00 to 00..00\n" + "hf mfdes changekey --isoid df01 -t aes -s lrp --newkeyno 01 -> change key 01 via lrp channel" + "hf mfdes changekey -t des --newalgo aes --newkey 11223344556677889900112233445566 --newver a5 -> change card master key to AES one\n" "hf mfdes changekey --aid 123456 -t aes --key 00000000000000000000000000000000 --newkey 11223344556677889900112233445566 -> change app master key\n" - "hf mfdes changekey --aid 123456 -t des -n 0 --newkeyno 1 --oldkey 5555555555555555 --newkey 1122334455667788 -> change key 1 with auth from key 0\n" - "hf mfdes changekey --aid 123456 -t 3tdea --newkey 112233445566778899001122334455667788990011223344-> change 3tdea key 0 from default 00..00 to provided"); + "hf mfdes changekey --aid 123456 -t des -n 0 --newkeyno 1 --oldkey 5555555555555555 --newkey 1122334455667788 -> change key 1 with auth from key 0\n" + "hf mfdes changekey --aid 123456 -t 3tdea --newkey 112233445566778899001122334455667788990011223344 -> change 3tdea key 0 from default 00..00 to provided"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID of application (3 hex bytes, big endian)"), - arg_str0(NULL, "appisoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), - arg_str0(NULL, "oldalgo", "", "Old key crypto algorithm: DES, 2TDEA, 3TDEA, AES"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID of application (3 hex bytes, big endian)"), + arg_str0(NULL, "isoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), + arg_str0(NULL, "oldalgo", "", "Old key crypto algorithm"), arg_str0(NULL, "oldkey", "", "Old key (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_int0(NULL, "newkeyno", "", "Key number for change"), - arg_str0(NULL, "newalgo", "", "New key crypto algorithm: DES, 2TDEA, 3TDEA, AES"), - arg_str0(NULL, "newkey", "", "New key (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0(NULL, "newver", "", "New key's version (1 hex byte)"), + arg_int0(NULL, "newkeyno", "", "Key number for change"), + arg_str0(NULL, "newalgo", "", "New key crypto algorithm"), + arg_str0(NULL, "newkey", "", "New key (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "newver", "", "Version of new key (1 hex byte)"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -2362,24 +2375,24 @@ static int CmdHF14ADesCreateApp(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), + arg_str0("t", "algo", "", "Crypt algo"), arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), arg_str0(NULL, "rawdata", "", "Raw data that sends to command"), arg_str0(NULL, "aid", "", "Application ID for create. Mandatory. (3 hex bytes, big endian)"), - arg_str0(NULL, "fid", "", "ISO file ID. Forbidden values: 0000 3F00, 3FFF, FFFF. (2 hex bytes, big endian). If specified - enable iso file id over all the files in the app."), - arg_str0(NULL, "dfname", "", "ISO DF Name 1..16 chars string"), - arg_str0(NULL, "ks1", "", "Key settings 1 (HEX 1 byte). Application Master Key Settings. default 0x0f"), - arg_str0(NULL, "ks2", "", "Key settings 2 (HEX 1 byte). default 0x0e"), - arg_str0(NULL, "dstalgo", "", "Application key crypt algo: DES, 2TDEA, 3TDEA, AES. default DES"), - arg_int0(NULL, "numkeys", "", "Number of keys 0x00..0x0e. default 0x0e"), + arg_str0(NULL, "fid", "", "ISO file ID. Forbidden values: 0000 3F00, 3FFF, FFFF. (2 hex bytes, big endian)"), + arg_str0(NULL, "dfname", "", "ISO DF Name (1..16 chars)"), + arg_str0(NULL, "ks1", "", "Key settings 1 (1 hex byte). Application Master Key Settings (def: 0x0F)"), + arg_str0(NULL, "ks2", "", "Key settings 2 (1 hex byte). (def: 0x0E)"), + arg_str0(NULL, "dstalgo", "", "Application key crypt algo (def: DES)"), + arg_int0(NULL, "numkeys", "", "Number of keys 0x00..0x0e (def: 0x0E)"), arg_lit0(NULL, "no-auth", "Execute without authentication"), arg_param_end }; @@ -2524,21 +2537,21 @@ static int CmdHF14ADesDeleteApp(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfdes deleteapp", "Delete application by its 3-byte AID. Master key needs to be provided. ", - "hf mfdes deleteapp --aid 123456 -> execute with default factory setup"); + "hf mfdes deleteapp --aid 123456 -> execute with default factory setup"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID of delegated application (3 hex bytes, big endian)"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID of delegated application (3 hex bytes, big endian)"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -2586,23 +2599,23 @@ static int CmdHF14ADesGetUID(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfdes getuid", "Get UID from card. Get the real UID if the random UID bit is on and get the same UID as in anticollision if not. Any card's key needs to be provided. ", - "hf mfdes getuid -> execute with default factory setup\n" - "hf mfdes getuid --appisoid df01 -t aes -s lrp -> for desfire lights default settings"); + "hf mfdes getuid -> execute with default factory setup\n" + "hf mfdes getuid --isoid df01 -t aes -s lrp -> for desfire lights default settings"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), - arg_str0(NULL, "appisoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_str0(NULL, "isoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -2667,21 +2680,21 @@ static int CmdHF14ADesFormatPICC(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfdes formatpicc", "Format card. Can be done only if enabled in the configuration. Master key needs to be provided. ", - "hf mfdes formatpicc -> execute with default factory setup"); + "hf mfdes formatpicc -> execute with default factory setup"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID of delegated application (3 hex bytes, big endian)"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID of delegated application (3 hex bytes, big endian)"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -2724,21 +2737,21 @@ static int CmdHF14ADesGetFreeMem(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfdes getfreemem", "Get card's free memory. Can be done with or without authentication. Master key may be provided.", - "hf mfdes getfreemem -> execute with default factory setup"); + "hf mfdes getfreemem -> execute with default factory setup"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_lit0(NULL, "no-auth", "execute without authentication"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -2783,24 +2796,25 @@ static int CmdHF14ADesGetFreeMem(const char *Cmd) { static int CmdHF14ADesChKeySettings(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfdes chkeysettings", - "Change key settings for card level or application level. WARNING: card level changes may block the card!", - "hf mfdes chkeysettings -d 0f -> set picc key settings with default key/channel setup\n"\ - "hf mfdes chkeysettings --aid 123456 -d 0f -> set app 123456 key settings with default key/channel setup"); + "Change key settings for card level or application level.\n" + "WARNING: card level changes may block the card!", + "hf mfdes chkeysettings -d 0f -> set picc key settings with default key/channel setup\n"\ + "hf mfdes chkeysettings --aid 123456 -d 0f -> set app 123456 key settings with default key/channel setup"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), - arg_str0("d", "data", "", "Key settings (HEX 1 byte)"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_str0("d", "data", "", "Key settings (1 hex byte)"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -2856,27 +2870,27 @@ static int CmdHF14ADesGetKeyVersions(const char *Cmd) { CLIParserInit(&ctx, "hf mfdes getkeyversions", "Get key versions for card level or application level.", "--keynum parameter: App level: key number. PICC level: 00..0d - keys count, 21..23 vc keys, default 0x00.\n"\ - "hf mfdes getkeyversions --keynum 00 -> get picc master key version with default key/channel setup\n"\ - "hf mfdes getkeyversions --aid 123456 --keynum 0d -> get app 123456 all key versions with default key/channel setup\n" - "hf mfdes getkeyversions --aid 123456 --keynum 0d --no-auth -> get key version without authentication"); + "hf mfdes getkeyversions --keynum 00 -> get picc master key version with default key/channel setup\n"\ + "hf mfdes getkeyversions --aid 123456 --keynum 0d -> get app 123456 all key versions with default key/channel setup\n" + "hf mfdes getkeyversions --aid 123456 --keynum 0d --no-auth -> get key version without authentication"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number for authentication"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), - arg_str0(NULL, "appisoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), - arg_str0(NULL, "keynum", "", "Key number/count (HEX 1 byte). Default 0x00."), - arg_str0(NULL, "keyset", "", "Keyset number (HEX 1 byte)"), - arg_lit0(NULL, "no-auth", "execute without authentication"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number for authentication"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_str0(NULL, "isoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), + arg_str0(NULL, "keynum", "", "Key number/count (1 hex byte). (def: 0x00)"), + arg_str0(NULL, "keyset", "", "Keyset number (1 hex byte)"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -2964,17 +2978,17 @@ static int CmdHF14ADesGetKeySettings(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -3038,21 +3052,21 @@ static int CmdHF14ADesGetAIDs(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfdes getaids", "Get Application IDs list from card. Master key needs to be provided or flag --no-auth set.", - "hf mfdes getaids -n 0 -t des -k 0000000000000000 -f none -> execute with default factory setup"); + "hf mfdes getaids -n 0 -t des -k 0000000000000000 --kdf none -> execute with default factory setup"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_lit0(NULL, "no-auth", "execute without authentication"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -3109,21 +3123,21 @@ static int CmdHF14ADesGetAppNames(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfdes getappnames", "Get Application IDs, ISO IDs and DF names from card. Master key needs to be provided or flag --no-auth set.", - "hf mfdes getappnames -n 0 -t des -k 0000000000000000 -f none -> execute with default factory setup"); + "hf mfdes getappnames -n 0 -t des -k 0000000000000000 --kdf none -> execute with default factory setup"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_lit0(NULL, "no-auth", "execute without authentication"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -3181,23 +3195,23 @@ static int CmdHF14ADesGetFileIDs(const char *Cmd) { CLIParserInit(&ctx, "hf mfdes getfileids", "Get File IDs list from card. Master key needs to be provided or flag --no-auth set.", "hf mfdes getfileids --aid 123456 -> execute with defaults from `default` command\n" - "hf mfdes getfileids -n 0 -t des -k 0000000000000000 -f none --aid 123456 -> execute with default factory setup"); + "hf mfdes getfileids -n 0 -t des -k 0000000000000000 --kdf none --aid 123456 -> execute with default factory setup"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), - arg_str0(NULL, "appisoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), - arg_lit0(NULL, "no-auth", "execute without authentication"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_str0(NULL, "isoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), + arg_lit0(NULL, "no-auth", "Execute without authentication"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -3252,26 +3266,26 @@ static int CmdHF14ADesGetFileISOIDs(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfdes getfileisoids", "Get File IDs list from card. Master key needs to be provided or flag --no-auth set.", - "hf mfdes getfileisoids --aid 123456 -> execute with defaults from `default` command\n" - "hf mfdes getfileisoids -n 0 -t des -k 0000000000000000 -f none --aid 123456 -> execute with default factory setup\n" - "hf mfdes getfileisoids --appisoid df01 -> get iso file ids from Desfire Light with factory card settings\n" - "hf mfdes getfileisoids --appisoid df01 -s lrp -t aes -> get iso file ids from Desfire Light via lrp channel with default key authentication"); + "hf mfdes getfileisoids --aid 123456 -> execute with defaults from `default` command\n" + "hf mfdes getfileisoids -n 0 -t des -k 0000000000000000 --kdf none --aid 123456 -> execute with default factory setup\n" + "hf mfdes getfileisoids --isoid df01 -> get iso file ids from Desfire Light with factory card settings\n" + "hf mfdes getfileisoids --isoid df01 -s lrp -t aes -> get iso file ids from Desfire Light via lrp channel with default key authentication"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), - arg_str0(NULL, "appisoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), - arg_lit0(NULL, "no-auth", "execute without authentication"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_str0(NULL, "isoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), + arg_lit0(NULL, "no-auth", "Execute without authentication"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -3326,26 +3340,26 @@ static int CmdHF14ADesGetFileSettings(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfdes getfilesettings", "Get File Settings from file from application. Master key needs to be provided or flag --no-auth set (depend on cards settings).", - "hf mfdes getfilesettings --aid 123456 --fid 01 -> execute with defaults from `default` command\n" - "hf mfdes getfilesettings --appisoid df01 --fid 00 --no-auth -> get file settings with select by iso id\n" - "hf mfdes getfilesettings -n 0 -t des -k 0000000000000000 -f none --aid 123456 --fid 01 -> execute with default factory setup"); + "hf mfdes getfilesettings --aid 123456 --fid 01 -> execute with defaults from `default` command\n" + "hf mfdes getfilesettings --isoid df01 --fid 00 --no-auth -> get file settings with select by iso id\n" + "hf mfdes getfilesettings -n 0 -t des -k 0000000000000000 --kdf none --aid 123456 --fid 01 -> execute with default factory setup"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), - arg_str0(NULL, "appisoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), - arg_str0(NULL, "fid", "", "File ID (1 hex byte). default: 1"), - arg_lit0(NULL, "no-auth", "execute without authentication"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_str0(NULL, "isoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)"), + arg_str0(NULL, "fid", "", "File ID (1 hex byte). (def: 1)"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -3495,33 +3509,33 @@ static int CmdHF14ADesChFileSettings(const char *Cmd) { CLIParserInit(&ctx, "hf mfdes chfilesettings", "Get File Settings from file from application. Master key needs to be provided or flag --no-auth set (depend on cards settings).", "hf mfdes chfilesettings --aid 123456 --fid 01 --amode plain --rrights free --wrights free --rwrights free --chrights key0 -> change file settings app=123456, file=01 with defaults from `default` command\n" - "hf mfdes chfilesettings -n 0 -t des -k 0000000000000000 -f none --aid 123456 --fid 01 --rawdata 00EEEE -> execute with default factory setup\n" + "hf mfdes chfilesettings -n 0 -t des -k 0000000000000000 --kdf none --aid 123456 --fid 01 --rawdata 00EEEE -> execute with default factory setup\n" "hf mfdes chfilesettings --aid 123456 --fid 01 --rawdata 810000021f112f22 -> change file settings with additional rights for keys 1 and 2\n" - "hf mfdes chfilesettings --appisoid df01 --fid 00 --amode plain --rawrights eee0 -s lrp -t aes -> change file settings via lrp channel"); + "hf mfdes chfilesettings --isoid df01 --fid 00 --amode plain --rawrights eee0 -s lrp -t aes -> change file settings via lrp channel"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), - arg_str0(NULL, "appisoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), - arg_str0(NULL, "fid", "", "File ID (1 hex byte)"), - arg_str0(NULL, "rawdata", "", "File settings (HEX > 5 bytes). Have priority over the other settings."), - arg_str0(NULL, "amode", "", "File access mode: plain/mac/encrypt"), - arg_str0(NULL, "rawrights", "", "Access rights for file (HEX 2 byte) R/W/RW/Chg, 0x0 - 0xD Key, 0xE Free, 0xF Denied"), - arg_str0(NULL, "rrights", "", "Read file access mode: the specified key, free, deny"), - arg_str0(NULL, "wrights", "", "Write file access mode: the specified key, free, deny"), - arg_str0(NULL, "rwrights", "", "Read/Write file access mode: the specified key, free, deny"), - arg_str0(NULL, "chrights", "", "Change file settings access mode: the specified key, free, deny"), - arg_lit0(NULL, "no-auth", "execute without authentication"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_str0(NULL, "isoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)"), + arg_str0(NULL, "fid", "", "File ID (1 hex byte)"), + arg_str0(NULL, "rawdata", "", "File settings (HEX > 5 bytes). Have priority over the other settings"), + arg_str0(NULL, "amode", "", "File access mode"), + arg_str0(NULL, "rawrights", "", "Access rights for file (2 hex bytes) R/W/RW/Chg, 0x0 - 0xD Key, 0xE Free, 0xF Denied"), + arg_str0(NULL, "rrights", "", "Read file access mode: the specified key, free, deny"), + arg_str0(NULL, "wrights", "", "Write file access mode: the specified key, free, deny"), + arg_str0(NULL, "rwrights", "", "Read/Write file access mode: the specified key, free, deny"), + arg_str0(NULL, "chrights", "", "Change file settings access mode: the specified key, free, deny"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -3640,32 +3654,32 @@ static int CmdHF14ADesCreateFile(const char *Cmd) { "hf mfdes createfile --aid 123456 --fid 01 --isofid 0001 --size 000010 -> create file with iso id. Authentication with defaults from `default` command\n" "hf mfdes createfile --aid 123456 --fid 01 --rawtype 01 --rawdata 000100EEEE000100 -> create file via sending rawdata to the card. Can be used to create any type of file. Authentication with defaults from `default` command\n" "hf mfdes createfile --aid 123456 --fid 01 --amode plain --rrights free --wrights free --rwrights free --chrights key0 -> create file app=123456, file=01 and mentioned rights with defaults from `default` command\n" - "hf mfdes createfile -n 0 -t des -k 0000000000000000 -f none --aid 123456 --fid 01 --rawtype 00 --rawdata 00EEEE000100 -> execute with default factory setup"); + "hf mfdes createfile -n 0 -t des -k 0000000000000000 --kdf none --aid 123456 --fid 01 --rawtype 00 --rawdata 00EEEE000100 -> execute with default factory setup"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), - arg_str0(NULL, "fid", "", "File ID (1 hex byte)"), - arg_str0(NULL, "isofid", "", "ISO File ID (2 hex bytes)"), - arg_str0(NULL, "rawtype", "", "Raw file type (HEX 1 byte)"), - arg_str0(NULL, "rawdata", "", "Raw file settings (HEX > 5 bytes)"), - arg_str0(NULL, "amode", "", "File access mode: plain/mac/encrypt"), - arg_str0(NULL, "rawrights", "", "Access rights for file (HEX 2 byte) R/W/RW/Chg, 0x0 - 0xD Key, 0xE Free, 0xF Denied"), - arg_str0(NULL, "rrights", "", "Read file access mode: the specified key, free, deny"), - arg_str0(NULL, "wrights", "", "Write file access mode: the specified key, free, deny"), - arg_str0(NULL, "rwrights", "", "Read/Write file access mode: the specified key, free, deny"), - arg_str0(NULL, "chrights", "", "Change file settings access mode: the specified key, free, deny"), - arg_lit0(NULL, "no-auth", "execute without authentication"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_str0(NULL, "fid", "", "File ID (1 hex byte)"), + arg_str0(NULL, "isofid", "", "ISO File ID (2 hex bytes)"), + arg_str0(NULL, "rawtype", "", "Raw file type (1 hex byte)"), + arg_str0(NULL, "rawdata", "", "Raw file settings (hex > 5 bytes)"), + arg_str0(NULL, "amode", "", "File access mode"), + arg_str0(NULL, "rawrights", "", "Access rights for file (2 hex bytes) R/W/RW/Chg, 0x0 - 0xD Key, 0xE Free, 0xF Denied"), + arg_str0(NULL, "rrights", "", "Read file access mode: the specified key, free, deny"), + arg_str0(NULL, "wrights", "", "Write file access mode: the specified key, free, deny"), + arg_str0(NULL, "rwrights", "", "Read/Write file access mode: the specified key, free, deny"), + arg_str0(NULL, "chrights", "", "Change file settings access mode: the specified key, free, deny"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), arg_str0(NULL, "size", "", "File size (3 hex bytes, big endian)"), arg_lit0(NULL, "backup", "Create backupfile instead of standard file"), arg_param_end @@ -3778,29 +3792,29 @@ static int CmdHF14ADesCreateValueFile(const char *Cmd) { "Key/mode/etc of the authentication depends on application settings\n" "hf mfdes createvaluefile --aid 123456 --fid 01 --lower 00000010 --upper 00010000 --value 00000100 -> create file with parameters. Rights from default. Authentication with defaults from `default` command\n" "hf mfdes createvaluefile --aid 123456 --fid 01 --amode plain --rrights free --wrights free --rwrights free --chrights key0 -> create file app=123456, file=01 and mentioned rights with defaults from `default` command\n" - "hf mfdes createvaluefile -n 0 -t des -k 0000000000000000 -f none --aid 123456 --fid 01 -> execute with default factory setup"); + "hf mfdes createvaluefile -n 0 -t des -k 0000000000000000 --kdf none --aid 123456 --fid 01 -> execute with default factory setup"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), - arg_str0(NULL, "fid", "", "File ID (1 hex byte)"), - arg_str0(NULL, "amode", "", "File access mode: plain/mac/encrypt"), - arg_str0(NULL, "rawrights", "", "Access rights for file (HEX 2 byte) R/W/RW/Chg, 0x0 - 0xD Key, 0xE Free, 0xF Denied"), - arg_str0(NULL, "rrights", "", "Read file access mode: the specified key, free, deny"), - arg_str0(NULL, "wrights", "", "Write file access mode: the specified key, free, deny"), - arg_str0(NULL, "rwrights", "", "Read/Write file access mode: the specified key, free, deny"), - arg_str0(NULL, "chrights", "", "Change file settings access mode: the specified key, free, deny"), - arg_lit0(NULL, "no-auth", "execute without authentication"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_str0(NULL, "fid", "", "File ID (1 hex byte)"), + arg_str0(NULL, "amode", "", "File access mode"), + arg_str0(NULL, "rawrights", "", "Access rights for file (2 hex bytes) R/W/RW/Chg, 0x0 - 0xD Key, 0xE Free, 0xF Denied"), + arg_str0(NULL, "rrights", "", "Read file access mode: the specified key, free, deny"), + arg_str0(NULL, "wrights", "", "Write file access mode: the specified key, free, deny"), + arg_str0(NULL, "rwrights", "", "Read/Write file access mode: the specified key, free, deny"), + arg_str0(NULL, "chrights", "", "Change file settings access mode: the specified key, free, deny"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), arg_str0(NULL, "lower", "", "Lower limit (4 hex bytes, big endian)"), arg_str0(NULL, "upper", "", "Upper limit (4 hex bytes, big endian)"), arg_str0(NULL, "value", "", "Value (4 hex bytes, big endian)"), @@ -3904,31 +3918,31 @@ static int CmdHF14ADesCreateRecordFile(const char *Cmd) { "Key/mode/etc of the authentication depends on application settings\n" "hf mfdes createrecordfile --aid 123456 --fid 01 --size 000010 --maxrecord 000010 --cyclic -> create cyclic record file with parameters. Rights from default. Authentication with defaults from `default` command\n" "hf mfdes createrecordfile --aid 123456 --fid 01 --amode plain --rrights free --wrights free --rwrights free --chrights key0 --size 000010 --maxrecord 000010 -> create linear record file app=123456, file=01 and mentioned rights with defaults from `default` command\n" - "hf mfdes createrecordfile -n 0 -t des -k 0000000000000000 -f none --aid 123456 --fid 01 --size 000010 --maxrecord 000010 -> execute with default factory setup"); + "hf mfdes createrecordfile -n 0 -t des -k 0000000000000000 --kdf none --aid 123456 --fid 01 --size 000010 --maxrecord 000010 -> execute with default factory setup"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), - arg_str0(NULL, "fid", "", "File ID (1 hex byte)"), - arg_str0(NULL, "isofid", "", "ISO File ID (2 hex bytes)"), - arg_str0(NULL, "amode", "", "File access mode: plain/mac/encrypt"), - arg_str0(NULL, "rawrights", "", "Access rights for file (HEX 2 byte) R/W/RW/Chg, 0x0 - 0xD Key, 0xE Free, 0xF Denied"), - arg_str0(NULL, "rrights", "", "Read file access mode: the specified key, free, deny"), - arg_str0(NULL, "wrights", "", "Write file access mode: the specified key, free, deny"), - arg_str0(NULL, "rwrights", "", "Read/Write file access mode: the specified key, free, deny"), - arg_str0(NULL, "chrights", "", "Change file settings access mode: the specified key, free, deny"), - arg_lit0(NULL, "no-auth", "execute without authentication"), - arg_str0(NULL, "size", "", "Record size (3 hex bytes, big endian, 000001 to FFFFFF)"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_str0(NULL, "fid", "", "File ID (1 hex byte)"), + arg_str0(NULL, "isofid", "", "ISO File ID (2 hex bytes)"), + arg_str0(NULL, "amode", "", "File access mode"), + arg_str0(NULL, "rawrights", "", "Access rights for file (2 hex bytes) R/W/RW/Chg, 0x0 - 0xD Key, 0xE Free, 0xF Denied"), + arg_str0(NULL, "rrights", "", "Read file access mode: the specified key, free, deny"), + arg_str0(NULL, "wrights", "", "Write file access mode: the specified key, free, deny"), + arg_str0(NULL, "rwrights", "", "Read/Write file access mode: the specified key, free, deny"), + arg_str0(NULL, "chrights", "", "Change file settings access mode: the specified key, free, deny"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), + arg_str0(NULL, "size", "", "Record size (3 hex bytes, big endian, 000001 to FFFFFF)"), arg_str0(NULL, "maxrecord", "", "Max. Number of Records (3 hex bytes, big endian)"), arg_lit0(NULL, "cyclic", "Create cyclic record file instead of linear record file"), arg_param_end @@ -4021,34 +4035,34 @@ static int CmdHF14ADesCreateTrMACFile(const char *Cmd) { "\n" "hf mfdes createmacfile --aid 123456 --fid 01 --rawrights 0FF0 --mackey 00112233445566778899aabbccddeeff --mackeyver 01 -> create transaction mac file with parameters. Rights from default. Authentication with defaults from `default` command\n" "hf mfdes createmacfile --aid 123456 --fid 01 --amode plain --rrights free --wrights deny --rwrights free --chrights key0 --mackey 00112233445566778899aabbccddeeff -> create file app=123456, file=01, with key, and mentioned rights with defaults from `default` command\n" - "hf mfdes createmacfile -n 0 -t des -k 0000000000000000 -f none --aid 123456 --fid 01 -> execute with default factory setup. key and keyver == 0x00..00\n" - "hf mfdes createmacfile --appisoid df01 --fid 0f -s lrp -t aes --rawrights 0FF0 --mackey 00112233445566778899aabbccddeeff --mackeyver 01 -> create transaction mac file via lrp channel\n" - "hf mfdes createmacfile --appisoid df01 --fid 0f -s lrp -t aes --rawrights 0F10 --mackey 00112233445566778899aabbccddeeff --mackeyver 01 -> create transaction mac file via lrp channel with CommitReaderID command enable"); + "hf mfdes createmacfile -n 0 -t des -k 0000000000000000 --kdf none --aid 123456 --fid 01 -> execute with default factory setup. key and keyver == 0x00..00\n" + "hf mfdes createmacfile --isoid df01 --fid 0f -s lrp -t aes --rawrights 0FF0 --mackey 00112233445566778899aabbccddeeff --mackeyver 01 -> create transaction mac file via lrp channel\n" + "hf mfdes createmacfile --isoid df01 --fid 0f -s lrp -t aes --rawrights 0F10 --mackey 00112233445566778899aabbccddeeff --mackeyver 01 -> create transaction mac file via lrp channel with CommitReaderID command enable"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), - arg_str0(NULL, "appisoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), - arg_str0(NULL, "fid", "", "File ID (1 hex byte)"), - arg_str0(NULL, "amode", "", "File access mode: plain/mac/encrypt"), - arg_str0(NULL, "rawrights", "", "Access rights for file (HEX 2 byte) R/W/RW/Chg, 0x0 - 0xD Key, 0xE Free, 0xF Denied"), - arg_str0(NULL, "rrights", "", "Read file access mode: the specified key, free, deny"), - arg_str0(NULL, "wrights", "", "Write file access mode: the specified key, free, deny"), - arg_str0(NULL, "rwrights", "", "Read/Write file access mode: the specified key, free, deny"), - arg_str0(NULL, "chrights", "", "Change file settings access mode: the specified key, free, deny"), - arg_lit0(NULL, "no-auth", "execute without authentication"), - arg_str0(NULL, "mackey", "", "AES-128 key for MAC (16 hex bytes, big endian). Default 0x00..00"), - arg_str0(NULL, "mackeyver", "", "AES key version for MAC (1 hex byte). Default 0x00"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_str0(NULL, "isoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)"), + arg_str0(NULL, "fid", "", "File ID (1 hex byte)"), + arg_str0(NULL, "amode", "", "File access mode"), + arg_str0(NULL, "rawrights", "", "Access rights for file (2 hex bytes) R/W/RW/Chg, 0x0 - 0xD Key, 0xE Free, 0xF Denied"), + arg_str0(NULL, "rrights", "", "Read file access mode: the specified key, free, deny"), + arg_str0(NULL, "wrights", "", "Write file access mode: the specified key, free, deny"), + arg_str0(NULL, "rwrights", "", "Read/Write file access mode: the specified key, free, deny"), + arg_str0(NULL, "chrights", "", "Change file settings access mode: the specified key, free, deny"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), + arg_str0(NULL, "mackey", "", "AES-128 key for MAC (16 hex bytes, big endian). (def: all zeros)"), + arg_str0(NULL, "mackeyver", "", "AES key version for MAC (1 hex byte). (def: 0x0)"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -4140,24 +4154,24 @@ static int CmdHF14ADesDeleteFile(const char *Cmd) { CLIParserInit(&ctx, "hf mfdes deletefile", "Delete file from application. Master key needs to be provided or flag --no-auth set (depend on cards settings).", "hf mfdes deletefile --aid 123456 --fid 01 -> delete file for: app=123456, file=01 with defaults from `default` command\n" - "hf mfdes deletefile --appisoid df01 --fid 0f -s lrp -t aes -> delete file for lrp channel"); + "hf mfdes deletefile --isoid df01 --fid 0f -s lrp -t aes -> delete file for lrp channel"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), - arg_str0(NULL, "appisoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), - arg_str0(NULL, "fid", "", "File ID (1 hex byte)"), - arg_lit0(NULL, "no-auth", "execute without authentication"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_str0(NULL, "isoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)"), + arg_str0(NULL, "fid", "", "File ID (1 hex byte)"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -4216,28 +4230,28 @@ static int CmdHF14ADesValueOperations(const char *Cmd) { "Get File Settings from file from application. Master key needs to be provided or flag --no-auth set (depend on cards settings).", "hf mfdes value --aid 123456 --fid 01 -> get value app=123456, file=01 with defaults from `default` command\n" "hf mfdes value --aid 123456 --fid 01 --op credit -d 00000001 -> credit value app=123456, file=01 with defaults from `default` command\n" - "hf mfdes value -n 0 -t des -k 0000000000000000 -f none --aid 123456 --fid 01 -> get value with default factory setup\n" - "hf mfdes val --appisoid df01 --fid 03 -s lrp -t aes -n 1 --op credit --d 00000001 -m encrypt -> credit value in the lrp encrypted mode\n" - "hf mfdes val --appisoid df01 --fid 03 -s lrp -t aes -n 1 --op get -m plain -> get value in plain (nevertheless of mode) works for desfire light (look SetConfiguration option 0x09)"); + "hf mfdes value -n 0 -t des -k 0000000000000000 --kdf none --aid 123456 --fid 01 -> get value with default factory setup\n" + "hf mfdes val --isoid df01 --fid 03 -s lrp -t aes -n 1 --op credit --d 00000001 -m encrypt -> credit value in the lrp encrypted mode\n" + "hf mfdes val --isoid df01 --fid 03 -s lrp -t aes -n 1 --op get -m plain -> get value in plain (nevertheless of mode) works for desfire light (look SetConfiguration option 0x09)"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), - arg_str0(NULL, "appisoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), - arg_str0(NULL, "fid", "", "File ID (1 hex byte)"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_str0(NULL, "isoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)"), + arg_str0(NULL, "fid", "", "File ID (1 hex byte)"), arg_str0("o", "op", "", "Operation: get(default)/credit/limcredit(limited credit)/debit/clear. Operation clear: get-getopt-debit to min value"), - arg_str0("d", "data", "", "Value for operation (HEX 4 bytes)"), - arg_lit0(NULL, "no-auth", "execute without authentication"), + arg_str0("d", "data", "", "Value for operation (HEX 4 bytes)"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -4390,24 +4404,24 @@ static int CmdHF14ADesClearRecordFile(const char *Cmd) { CLIParserInit(&ctx, "hf mfdes clearrecfile", "Clear record file. Master key needs to be provided or flag --no-auth set (depend on cards settings).", "hf mfdes clearrecfile --aid 123456 --fid 01 -> clear record file for: app=123456, file=01 with defaults from `default` command\n" - "hf mfdes clearrecfile --appisoid df01 --fid 01 -s lrp -t aes -n 3 -> clear record file for lrp channel with key number 3"); + "hf mfdes clearrecfile --isoid df01 --fid 01 -s lrp -t aes -n 3 -> clear record file for lrp channel with key number 3"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), - arg_str0(NULL, "appisoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), - arg_str0(NULL, "fid", "", "File ID for clearing (1 hex byte)"), - arg_lit0(NULL, "no-auth", "execute without authentication"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_str0(NULL, "isoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)"), + arg_str0(NULL, "fid", "", "File ID for clearing (1 hex byte)"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -4786,32 +4800,32 @@ static int CmdHF14ADesReadData(const char *Cmd) { "hf mfdes read --aid 123456 --fid 01 --type record --offset 000000 --length 000001 -> read one last record from record file. use default channel settings from `default` command\n" "hf mfdes read --aid 123456 --fid 10 --type data -c iso -> read file via ISO channel: app=123456, short iso id=10, offset=0.\n" "hf mfdes read --aid 123456 --fileisoid 1000 --type data -c iso -> read file via ISO channel: app=123456, iso id=1000, offset=0. Select via native ISO wrapper\n" - "hf mfdes read --appisoid 0102 --fileisoid 1000 --type data -c iso -> read file via ISO channel: app iso id=0102, iso id=1000, offset=0. Select via ISO commands\n" - "hf mfdes read --appisoid 0102 --fileisoid 1100 --type record -c iso --offset 000005 --length 000001 -> get one record (number 5) from file 1100 via iso commands\n" - "hf mfdes read --appisoid 0102 --fileisoid 1100 --type record -c iso --offset 000005 --length 000000 -> get all record (from 5 to 1) from file 1100 via iso commands\n" - "hf mfdes read --appisoid df01 --fid 00 -s lrp -t aes --length 000010 -> read via lrp channel\n" - "hf mfdes read --appisoid df01 --fid 00 -s ev2 -t aes --length 000010 --isochain -> read Desfire Light via ev2 channel"); + "hf mfdes read --isoid 0102 --fileisoid 1000 --type data -c iso -> read file via ISO channel: app iso id=0102, iso id=1000, offset=0. Select via ISO commands\n" + "hf mfdes read --isoid 0102 --fileisoid 1100 --type record -c iso --offset 000005 --length 000001 -> get one record (number 5) from file 1100 via iso commands\n" + "hf mfdes read --isoid 0102 --fileisoid 1100 --type record -c iso --offset 000005 --length 000000 -> get all record (from 5 to 1) from file 1100 via iso commands\n" + "hf mfdes read --isoid df01 --fid 00 -s lrp -t aes --length 000010 -> read via lrp channel\n" + "hf mfdes read --isoid df01 --fid 00 -s ev2 -t aes --length 000010 --isochain -> read Desfire Light via ev2 channel"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), - arg_str0(NULL, "fid", "", "File ID (1 hex byte)"), - arg_lit0(NULL, "no-auth", "execute without authentication"), - arg_str0(NULL, "type", "", "File Type auto/data(Standard/Backup)/value/record(linear/cyclic)/mac). Auto - check file settings and then read. Default: auto"), - arg_str0("o", "offset", "", "File Offset (3 hex bytes, big endian). For records - record number (0 - lastest record). Default 0"), - arg_str0("l", "length", "", "Length to read (3 hex bytes, big endian -> 000000 = Read all data). For records - records count (0 - all). Default 0."), - arg_str0(NULL, "appisoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), - arg_str0(NULL, "fileisoid", "", "File ISO ID (ISO DF ID) (2 hex bytes, big endian). Works only for ISO read commands."), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_str0(NULL, "fid", "", "File ID (1 hex byte)"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), + arg_str0(NULL, "type", "", "File Type, Auto - check file settings and then read. (def: auto)"), + arg_str0("o", "offset", "", "File Offset (3 hex bytes, big endian). For records - record number (0 - lastest record). (def: 0)"), + arg_str0("l", "length", "", "Length to read (3 hex bytes, big endian -> 000000 = Read all data). For records - records count (0 - all). (def: 0)"), + arg_str0(NULL, "isoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)"), + arg_str0(NULL, "fileisoid", "", "File ISO ID (ISO DF ID) (2 hex bytes, big endian). Works only for ISO read commands"), arg_lit0(NULL, "isochain", "use iso chaining commands. Switched on by default if secure channel = lrp"), arg_param_end }; @@ -4958,36 +4972,36 @@ static int CmdHF14ADesWriteData(const char *Cmd) { "hf mfdes write --aid 123456 --fid 01 --type record -d 01020304 -> write data to record file\n" "hf mfdes write --aid 123456 --fid 01 --type record -d 01020304 --updaterec 0 -> update record in the record file. record 0 - lastest record.\n" "hf mfdes write --aid 123456 --fid 01 --type record --offset 000000 -d 11223344 -> write record to record file. use default channel settings from `default` command\n" - "hf mfdes write --appisoid 1234 --fileisoid 1000 --type data -c iso -d 01020304 -> write data to std/backup file via iso commandset\n" - "hf mfdes write --appisoid 1234 --fileisoid 2000 --type record -c iso -d 01020304 -> send record to record file via iso commandset\n" + "hf mfdes write --isoid 1234 --fileisoid 1000 --type data -c iso -d 01020304 -> write data to std/backup file via iso commandset\n" + "hf mfdes write --isoid 1234 --fileisoid 2000 --type record -c iso -d 01020304 -> send record to record file via iso commandset\n" "hf mfdes write --aid 123456 --fid 01 -d 01020304 --readerid 010203 -> write data to file with CommitReaderID command before write and CommitTransaction after write\n" - "hf mfdes write --appisoid df01 --fid 04 -d 01020304 --trkey 00112233445566778899aabbccddeeff --readerid 5532 -t aes -s lrp -> advanced CommitReaderID via lrp channel sample"); + "hf mfdes write --isoid df01 --fid 04 -d 01020304 --trkey 00112233445566778899aabbccddeeff --readerid 5532 -t aes -s lrp -> advanced CommitReaderID via lrp channel sample"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), - arg_str0(NULL, "fid", "", "File ID (1 hex byte)"), - arg_lit0(NULL, "no-auth", "execute without authentication"), - arg_str0(NULL, "type", "", "File Type auto/data(Standard/Backup)/value/record(linear/cyclic)/mac). Auto - check file settings and then write. Default: auto"), - arg_str0("o", "offset", "", "File Offset (3 hex bytes, big endian). For records - record number (0 - lastest record). Default 0"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_str0(NULL, "fid", "", "File ID (1 hex byte)"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), + arg_str0(NULL, "type", "", "File Type, Auto - check file settings and then write. (def: auto)"), + arg_str0("o", "offset", "", "File Offset (3 hex bytes, big endian). For records - record number (0 - lastest record). (def: 0)"), arg_str0("d", "data", "", "data for write (data/record file), credit/debit(value file)"), arg_lit0(NULL, "debit", "use for value file debit operation instead of credit"), - arg_lit0(NULL, "commit", "commit needs for backup file only. For the other file types and in the `auto` mode - command set it automatically."), - arg_int0(NULL, "updaterec", "", "Record number for update record command. Updates record instead of write. Lastest record - 0"), - arg_str0(NULL, "appisoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), - arg_str0(NULL, "fileisoid", "", "File ISO ID (ISO DF ID) (2 hex bytes, big endian). Works only for ISO write commands."), - arg_str0(NULL, "readerid", "", "reader id for CommitReaderID command. If present - the command issued before write command."), - arg_str0(NULL, "trkey", "", "key for decode previous reader id."), + arg_lit0(NULL, "commit", "commit needs for backup file only. For the other file types and in the `auto` mode - command set it automatically"), + arg_int0(NULL, "updaterec", "", "Record number for update record command. Updates record instead of write. Lastest record - 0"), + arg_str0(NULL, "isoid" , "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)"), + arg_str0(NULL, "fileisoid", "", "File ISO ID (ISO DF ID) (2 hex bytes, big endian). Works only for ISO write commands"), + arg_str0(NULL, "readerid", "", "reader id for CommitReaderID command. If present - the command issued before write command"), + arg_str0(NULL, "trkey", "", "key for decode previous reader id"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -5298,24 +5312,24 @@ static int CmdHF14ADesLsFiles(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfdes lsfiles", "Show file list. Master key needs to be provided or flag --no-auth set (depend on cards settings).", - "hf mfdes lsfiles --aid 123456 -> show file list for: app=123456 with defaults from `default` command" - "hf mfdes lsfiles --appisoid df01 --no-auth -> show files from desfire light"); + "hf mfdes lsfiles --aid 123456 -> show file list for: app=123456 with defaults from `default` command" + "hf mfdes lsfiles --isoid df01 --no-auth -> show files from desfire light"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), - arg_str0(NULL, "appisoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), - arg_lit0(NULL, "no-auth", "execute without authentication"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_str0(NULL, "isoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -5371,24 +5385,24 @@ static int CmdHF14ADesLsApp(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfdes lsapp", "Show application list. Master key needs to be provided or flag --no-auth set (depend on cards settings).", - "hf mfdes lsapp -> show application list with defaults from `default` command\n" - "hf mfdes lsapp --files -> show application list and show each file type/settings/etc for each application"); + "hf mfdes lsapp -> show application list with defaults from `default` command\n" + "hf mfdes lsapp --files -> show application list and show each file type/settings/etc"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_lit0(NULL, "no-auth", "execute without authentication"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), arg_lit0(NULL, "no-deep", "not to check authentication commands that avail for any application"), - arg_lit0(NULL, "files", "scan files and print file settings for each application"), + arg_lit0(NULL, "files", "scan files and print file settings"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -5437,25 +5451,25 @@ static int CmdHF14ADesDump(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfdes dump", "For each application show fil list and then file content. Key needs to be provided for authentication or flag --no-auth set (depend on cards settings).", - "hf mfdes dump --aid 123456 -> show file dump for: app=123456 with channel defaults from `default` command/n" - "hf mfdes dump --appisoid df01 -s lrp -t aes --length 000090 -> lrp default settings with length limit"); + "hf mfdes dump --aid 123456 -> show file dump for: app=123456 with channel defaults from `default` command/n" + "hf mfdes dump --isoid df01 -s lrp -t aes --length 000090 -> lrp default settings with length limit"); void *argtable[] = { arg_param_begin, - arg_lit0("a", "apdu", "show APDU requests and responses"), - arg_lit0("v", "verbose", "show technical data"), - arg_int0("n", "keyno", "", "Key number"), - arg_str0("t", "algo", "", "Crypt algo: DES, 2TDEA, 3TDEA, AES"), - arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), - arg_str0("f", "kdf", "", "Key Derivation Function (KDF): None, AN10922, Gallagher"), - arg_str0("i", "kdfi", "", "KDF input (HEX 1-31 bytes)"), - arg_str0("m", "cmode", "", "Communicaton mode: plain/mac/encrypt"), - arg_str0("c", "ccset", "", "Communicaton command set: native/niso/iso"), - arg_str0("s", "schann", "", "Secure channel: d40/ev1/ev2/lrp"), - arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), - arg_str0(NULL, "appisoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)."), - arg_str0("l", "length", "", "Maximum length for read data files (3 hex bytes, big endian)."), - arg_lit0(NULL, "no-auth", "execute without authentication"), + arg_lit0("a", "apdu", "Show APDU requests and responses"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "keyno", "", "Key number"), + arg_str0("t", "algo", "", "Crypt algo"), + arg_str0("k", "key", "", "Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes)"), + arg_str0(NULL, "kdf", "", "Key Derivation Function (KDF)"), + arg_str0("i", "kdfi", "", "KDF input (1-31 hex bytes)"), + arg_str0("m", "cmode", "", "Communicaton mode"), + arg_str0("c", "ccset", "", "Communicaton command set"), + arg_str0(NULL, "schann", "", "Secure channel"), + arg_str0(NULL, "aid", "", "Application ID (3 hex bytes, big endian)"), + arg_str0(NULL, "isoid", "", "Application ISO ID (ISO DF ID) (2 hex bytes, big endian)"), + arg_str0("l", "length", "", "Maximum length for read data files (3 hex bytes, big endian)"), + arg_lit0(NULL, "no-auth", "Execute without authentication"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); diff --git a/client/src/cmdhfmfp.c b/client/src/cmdhfmfp.c index 279d6e270..b90f1b9bc 100644 --- a/client/src/cmdhfmfp.c +++ b/client/src/cmdhfmfp.c @@ -461,9 +461,9 @@ static int CmdHFMFPWritePerso(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("v", "verbose", "show internal data."), - arg_str1(NULL, "ki", "", " key number, 2 hex bytes"), - arg_str0(NULL, "key", "", " key, 16 hex bytes"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_str1(NULL, "ki", "", " Key number, 2 hex bytes"), + arg_str0(NULL, "key", "", " Key, 16 hex bytes"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -527,8 +527,8 @@ static int CmdHFMFPInitPerso(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_litn("v", "verbose", 0, 2, "show internal data."), - arg_str0("k", "key", "", "key, 16 hex bytes"), + arg_litn("v", "verbose", 0, 2, "Verbose mode"), + arg_str0("k", "key", "", "Key, 16 hex bytes"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -602,7 +602,7 @@ static int CmdHFMFPCommitPerso(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("v", "verbose", "show internal data."), + arg_lit0("v", "verbose", "Verbose mode"), // arg_int0(NULL, "sl", "", "SL mode"), arg_param_end }; @@ -649,9 +649,9 @@ static int CmdHFMFPAuth(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("v", "verbose", "show internal data."), - arg_str1(NULL, "ki", "", "key number, 2 hex bytes"), - arg_str1(NULL, "key", "", "key, 16 hex bytes"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_str1(NULL, "ki", "", "Key number, 2 hex bytes"), + arg_str1(NULL, "key", "", "Key, 16 hex bytes"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -683,11 +683,11 @@ static int CmdHFMFPRdbl(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("v", "verbose", "show internal data"), - arg_int0("n", "count", "", "blocks count (by default 1)"), - arg_lit0("b", "keyb", "use key B (by default keyA)"), - arg_lit0("p", "plain", "plain communication mode between reader and card"), - arg_int1(NULL, "blk", "", "block number (0..255)"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_int0("n", "count", "", "Blocks count (def: 1)"), + arg_lit0("b", "keyb", "Use key B (def: keyA)"), + arg_lit0("p", "plain", "Plain communication mode between reader and card"), + arg_int1(NULL, "blk", "<0..255>", "Block number"), arg_str0(NULL, "key", "", "Key, 16 hex bytes"), arg_param_end }; @@ -790,17 +790,17 @@ static int CmdHFMFPRdbl(const char *Cmd) { static int CmdHFMFPRdsc(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfp rdsc", - "Reads one sector from Mifare Plus card", + "Reads one sector from MIFARE Plus card", "hf mfp rdsc -s 0 --key 000102030405060708090a0b0c0d0e0f -> executes authentication and read sector 0 data\n" "hf mfp rdsc -s 1 -v -> executes authentication and shows sector 1 data with default key"); void *argtable[] = { arg_param_begin, - arg_lit0("v", "verbose", "show internal data."), - arg_lit0("b", "keyb", "use key B (by default keyA)."), - arg_lit0("p", "plain", "plain communication mode between reader and card."), - arg_int1("s", "sn", "", "sector number (0..255)"), - arg_str0("k", "key", "", "key, 16 hex bytes"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_lit0("b", "keyb", "Use key B (def: keyA)"), + arg_lit0("p", "plain", "Plain communication mode between reader and card"), + arg_int1("s", "sn", "<0..255>", "Sector number"), + arg_str0("k", "key", "", "Key, 16 hex bytes"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -893,11 +893,11 @@ static int CmdHFMFPWrbl(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("v", "verbose", "show internal data."), - arg_lit0("b", "keyb", "use key B (by default keyA)."), - arg_int1(NULL, "blk", "", "block number (0..255)"), - arg_str1("d", "data", "", "data, 16 hex bytes"), - arg_str0("k", "key", "", "key, 16 hex bytes"), + arg_lit0("v", "verbose", "Verbose mode"), + arg_lit0("b", "keyb", "Use key B (def: keyA)"), + arg_int1(NULL, "blk", "<0..255>", "Block number"), + arg_str1("d", "data", "", "Data, 16 hex bytes"), + arg_str0("k", "key", "", "Key, 16 hex bytes"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, false); @@ -1097,7 +1097,7 @@ static int CmdHFMFPChk(const char *Cmd) { CLIParserContext *ctx; CLIParserInit(&ctx, "hf mfp chk", - "Checks keys with Mifare Plus card.", + "Checks keys on MIFARE Plus card", "hf mfp chk -k 000102030405060708090a0b0c0d0e0f -> check key on sector 0 as key A and B\n" "hf mfp chk -s 2 -a -> check default key list on sector 2, key A\n" "hf mfp chk -d mfp_default_keys -s0 -e6 -> check keys from dictionary against sectors 0-6\n" @@ -1106,17 +1106,17 @@ static int CmdHFMFPChk(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("a", "keya", "check only key A (by default check all keys)."), - arg_lit0("b", "keyb", "check only key B (by default check all keys)."), - arg_int0("s", "startsec", "Start sector Num (0..255)", NULL), - arg_int0("e", "endsec", "End sector Num (0..255)", NULL), - arg_str0("k", "key", "", "Key for checking (HEX 16 bytes)"), - arg_str0("d", "dict", "", "file with keys dictionary"), - arg_lit0(NULL, "pattern1b", "check all 1-byte combinations of key (0000...0000, 0101...0101, 0202...0202, ...)"), - arg_lit0(NULL, "pattern2b", "check all 2-byte combinations of key (0000...0000, 0001...0001, 0002...0002, ...)"), - arg_str0(NULL, "startp2b", "", "Start key (2-byte HEX) for 2-byte search (use with `--pattern2b`)"), - arg_str0("j", "json", "", "json file to save keys"), - arg_lit0("v", "verbose", "verbose mode."), + arg_lit0("a", "keya", "Check only key A (def: check all keys)"), + arg_lit0("b", "keyb", "Check only key B (def: check all keys)"), + arg_int0("s", "startsec", "<0..255>", "Start sector number"), + arg_int0("e", "endsec", "<0..255>", "End sector number"), + arg_str0("k", "key", "", "Key for checking (HEX 16 bytes)"), + arg_str0("d", "dict", "", "Dictionary file with keys"), + arg_lit0(NULL, "pattern1b", "Check all 1-byte combinations of key (0000...0000, 0101...0101, 0202...0202, ...)"), + arg_lit0(NULL, "pattern2b", "Check all 2-byte combinations of key (0000...0000, 0001...0001, 0002...0002, ...)"), + arg_str0(NULL, "startp2b", "", "Start key (2-byte HEX) for 2-byte search (use with `--pattern2b`)"), + arg_str0("j", "json", "", "Json filename to save keys"), + arg_lit0("v", "verbose", "Verbose mode"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -1339,12 +1339,12 @@ static int CmdHFMFPMAD(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("v", "verbose", "show technical data"), - arg_str0(NULL, "aid", "", "print all sectors with aid"), - arg_str0("k", "key", "", "key for printing sectors"), - arg_lit0("b", "keyb", "use key B for access printing sectors (by default: key A)"), - arg_lit0(NULL, "be", "(optional, BigEndian)"), - arg_lit0(NULL, "dch", "decode Card Holder information"), + arg_lit0("v", "verbose", "Show technical data"), + arg_str0(NULL, "aid", "", "Print all sectors with aid"), + arg_str0("k", "key", "", "Key for printing sectors"), + arg_lit0("b", "keyb", "Use key B for access printing sectors (def: key A)"), + arg_lit0(NULL, "be", "(optional: BigEndian)"), + arg_lit0(NULL, "dch", "Decode Card Holder information"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); diff --git a/client/src/cmdhfmfu.c b/client/src/cmdhfmfu.c index ac333df6f..3a19c4ade 100644 --- a/client/src/cmdhfmfu.c +++ b/client/src/cmdhfmfu.c @@ -123,6 +123,39 @@ static char *getProductTypeStr(uint8_t id) { return buf; } +static int ul_print_nxp_silicon_info(uint8_t *card_uid) { + + if (card_uid[0] != 0x04) { + return PM3_SUCCESS; + } + + uint8_t uid[7]; + memcpy(&uid, card_uid, 7); + + uint16_t waferCoordX = ((uid[6] & 3) << 8) | uid[1]; + uint16_t waferCoordY = ((uid[6] & 12) << 6) | uid[2]; + uint32_t waferCounter = ( + (uid[4] << 5) | + ((uid[6] & 0xF0) << 17) | + (uid[5] << 13) | + (uid[3] >> 3) + ); + uint8_t testSite = uid[3] & 7; + + PrintAndLogEx(NORMAL, ""); + PrintAndLogEx(INFO, "--- " _CYAN_("Tag Silicon Information")); + PrintAndLogEx(INFO, " Wafer Counter: %" PRId32 " ( 0x%02" PRIX32 " )", waferCounter, waferCounter); + PrintAndLogEx(INFO, " Wafer Coordinates: x %" PRId16 ", y %" PRId16 " (0x%02" PRIX16 ", 0x%02" PRIX16 ")" + , waferCoordX + , waferCoordY + , waferCoordX + , waferCoordY + ); + PrintAndLogEx(INFO, " Test Site: %u", testSite); + return PM3_SUCCESS; +} + + /* The 7 MSBits (=n) code the storage size itself based on 2^n, the LSBit is set to '0' if the size is exactly 2^n @@ -456,16 +489,16 @@ static int ul_print_default(uint8_t *data, uint8_t *real_uid) { // CT (cascade tag byte) 0x88 xor SN0 xor SN1 xor SN2 int crc0 = 0x88 ^ uid[0] ^ uid[1] ^ uid[2]; if (data[3] == crc0) - PrintAndLogEx(SUCCESS, " BCC0: %02X (" _GREEN_("ok") ")", data[3]); + PrintAndLogEx(SUCCESS, " BCC0: %02X ( " _GREEN_("ok") " )", data[3]); else PrintAndLogEx(NORMAL, " BCC0: %02X, crc should be %02X", data[3], crc0); int crc1 = uid[3] ^ uid[4] ^ uid[5] ^ uid[6]; if (data[8] == crc1) - PrintAndLogEx(SUCCESS, " BCC1: %02X (" _GREEN_("ok") ")", data[8]); + PrintAndLogEx(SUCCESS, " BCC1: %02X ( " _GREEN_("ok") " )", data[8]); else PrintAndLogEx(NORMAL, " BCC1: %02X, crc should be %02X", data[8], crc1); - PrintAndLogEx(SUCCESS, " Internal: %02X (%s)", data[9], (data[9] == 0x48) ? _GREEN_("default") : _RED_("not default")); + PrintAndLogEx(SUCCESS, " Internal: %02X ( %s )", data[9], (data[9] == 0x48) ? _GREEN_("default") : _RED_("not default")); } else { PrintAndLogEx(SUCCESS, "Blocks 0-2: %s", sprint_hex(data + 0, 12)); } @@ -579,10 +612,10 @@ static int ndef_print_CC(uint8_t *data) { PrintAndLogEx(SUCCESS, " Additional feature information"); PrintAndLogEx(SUCCESS, " %02X", data[3]); PrintAndLogEx(SUCCESS, " 00000000"); - PrintAndLogEx(SUCCESS, " xxx - %02X: RFU (%s)", msb3, (msb3 == 0) ? _GREEN_("ok") : _RED_("fail")); + PrintAndLogEx(SUCCESS, " xxx - %02X: RFU ( %s )", msb3, (msb3 == 0) ? _GREEN_("ok") : _RED_("fail")); PrintAndLogEx(SUCCESS, " x - %02X: %s special frame", sf, (sf) ? "support" : "don\'t support"); PrintAndLogEx(SUCCESS, " x - %02X: %s lock block", lb, (lb) ? "support" : "don\'t support"); - PrintAndLogEx(SUCCESS, " xx - %02X: RFU (%s)", mlrule, (mlrule == 0) ? _GREEN_("ok") : _RED_("fail")); + PrintAndLogEx(SUCCESS, " xx - %02X: RFU ( %s )", mlrule, (mlrule == 0) ? _GREEN_("ok") : _RED_("fail")); PrintAndLogEx(SUCCESS, " x - %02X: IC %s multiple block reads", mbread, (mbread) ? "support" : "don\'t support"); return PM3_SUCCESS; } @@ -1644,6 +1677,9 @@ static int CmdHF14AMfUInfo(const char *Cmd) { } } + // print silicon info + ul_print_nxp_silicon_info(card.uid); + // Get Version uint8_t version[10] = {0x00}; status = ulev1_getVersion(version, sizeof(version)); diff --git a/client/src/cmdtrace.c b/client/src/cmdtrace.c index dfe7146ea..0ddd6cf71 100644 --- a/client/src/cmdtrace.c +++ b/client/src/cmdtrace.c @@ -97,6 +97,27 @@ static uint8_t extract_epurse[8] = {0}; #define SKIP_TO_NEXT(a) (TRACELOG_HDR_LEN + (a)->data_len + TRACELOG_PARITY_LEN((a))) +static uint16_t extractChall_ev2(uint16_t tracepos, uint8_t *trace, uint8_t cmdpos, uint8_t long_jmp) { + tracelog_hdr_t *next_hdr = (tracelog_hdr_t *)(trace + tracepos); + if (next_hdr->data_len != 21) { + return 0; + } + + tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr); + + PrintAndLogEx(INFO, "1499999999 %s " NOLF, sprint_hex_inrow(next_hdr->frame + 1, 16)); + + next_hdr = (tracelog_hdr_t *)(trace + tracepos); + tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr); + + if (next_hdr->frame[cmdpos] == MFDES_ADDITIONAL_FRAME) { + PrintAndLogEx(NORMAL, "%s", sprint_hex_inrow(next_hdr->frame + cmdpos + long_jmp, 32)); + } else { + PrintAndLogEx(NORMAL, ""); + } + return tracepos; +} + static uint16_t extractChallenges(uint16_t tracepos, uint16_t traceLen, uint8_t *trace) { // sanity check @@ -270,6 +291,10 @@ static uint16_t extractChallenges(uint16_t tracepos, uint16_t traceLen, uint8_t return tracepos; } + if (hdr->isResponse) { + return tracepos; + } + // PCB [CID] [NAD] [INF] CRC CRC uint8_t pos = calc_pos(frame); uint8_t long_jmp = (data_len > 6) ? 4 : 1; @@ -279,93 +304,103 @@ static uint16_t extractChallenges(uint16_t tracepos, uint16_t traceLen, uint8_t switch (frame[pos]) { case MFDES_AUTHENTICATE: { + // Assume wrapped or unwrapped PrintAndLogEx(INFO, "AUTH NATIVE (keyNo %d)", frame[pos + long_jmp]); - - if (hdr->isResponse == false && next_record_is_response(tracepos, trace)) { - - tracelog_hdr_t *next_hdr = (tracelog_hdr_t *)(trace + tracepos); - tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr); - if (next_hdr->data_len < 7) { - break; - } - - PrintAndLogEx(INFO, "DES 1499999999 %s " NOLF, sprint_hex_inrow(next_hdr->frame + 1, 8)); - - next_hdr = (tracelog_hdr_t *)(trace + tracepos); - tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr); - - if (next_hdr->frame[pos] == MFDES_ADDITIONAL_FRAME) { - PrintAndLogEx(NORMAL, "%s", sprint_hex_inrow(next_hdr->frame + pos + long_jmp, 16)); - } - return tracepos; + if (next_record_is_response(tracepos, trace) == false) { + break; } - break; // AUTHENTICATE_NATIVE + + tracelog_hdr_t *next_hdr = (tracelog_hdr_t *)(trace + tracepos); + if (next_hdr->data_len < 7) { + break; + } + tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr); + + PrintAndLogEx(INFO, "DES 1499999999 %s " NOLF, sprint_hex_inrow(next_hdr->frame + 1, 8)); + + next_hdr = (tracelog_hdr_t *)(trace + tracepos); + tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr); + + if (next_hdr->frame[pos] == MFDES_ADDITIONAL_FRAME) { + PrintAndLogEx(NORMAL, "%s", sprint_hex_inrow(next_hdr->frame + pos + long_jmp, 16)); + } else { + PrintAndLogEx(NORMAL, ""); + } + return tracepos; // AUTHENTICATE_NATIVE } case MFDES_AUTHENTICATE_ISO: { - // Assume wrapped or unwrapped PrintAndLogEx(INFO, "AUTH ISO (keyNo %d)", frame[pos + long_jmp]); - if (hdr->isResponse == false && next_record_is_response(tracepos, trace)) { - - tracelog_hdr_t *next_hdr = (tracelog_hdr_t *)(trace + tracepos); - tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr); - if (next_hdr->data_len < 7) { - break; - } - - uint8_t tdea = 8; - if (next_hdr->data_len > 20) { - tdea = 16; - PrintAndLogEx(INFO, "3TDEA 1499999999 %s " NOLF, sprint_hex_inrow(next_hdr->frame + 1, tdea)); - } else { - PrintAndLogEx(INFO, "2TDEA 1499999999 %s " NOLF, sprint_hex_inrow(next_hdr->frame + 1, tdea)); - } - - next_hdr = (tracelog_hdr_t *)(trace + tracepos); - tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr); - - if (next_hdr->frame[pos] == MFDES_ADDITIONAL_FRAME) { - PrintAndLogEx(NORMAL, "%s", sprint_hex_inrow(next_hdr->frame + pos + long_jmp, (tdea << 1))); - } - return tracepos; + if (next_record_is_response(tracepos, trace) == false) { + break; } - break; // AUTHENTICATE_STANDARD + tracelog_hdr_t *next_hdr = (tracelog_hdr_t *)(trace + tracepos); + tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr); + if (next_hdr->data_len < 7) { + break; + } + + uint8_t tdea = 8; + if (next_hdr->data_len > 20) { + tdea = 16; + PrintAndLogEx(INFO, "3TDEA 1499999999 %s " NOLF, sprint_hex_inrow(next_hdr->frame + 1, tdea)); + } else { + PrintAndLogEx(INFO, "2TDEA 1499999999 %s " NOLF, sprint_hex_inrow(next_hdr->frame + 1, tdea)); + } + + next_hdr = (tracelog_hdr_t *)(trace + tracepos); + tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr); + + if (next_hdr->frame[pos] == MFDES_ADDITIONAL_FRAME) { + PrintAndLogEx(NORMAL, "%s", sprint_hex_inrow(next_hdr->frame + pos + long_jmp, (tdea << 1))); + } else { + PrintAndLogEx(NORMAL, ""); + } + return tracepos; // AUTHENTICATE_STANDARD } case MFDES_AUTHENTICATE_AES: { // Assume wrapped or unwrapped PrintAndLogEx(INFO, "AUTH AES (keyNo %d)", frame[pos + long_jmp]); - if (hdr->isResponse == false && next_record_is_response(tracepos, trace)) { - - tracelog_hdr_t *next_hdr = (tracelog_hdr_t *)(trace + tracepos); - tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr); - if (next_hdr->data_len < 7) { - break; - } - PrintAndLogEx(INFO, "AES 1499999999 %s " NOLF, sprint_hex_inrow(next_hdr->frame + 1, 8)); - - next_hdr = (tracelog_hdr_t *)(trace + tracepos); - tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr); - - if (next_hdr->frame[pos] == MFDES_ADDITIONAL_FRAME) { - PrintAndLogEx(NORMAL, "%s", sprint_hex_inrow(next_hdr->frame + pos + long_jmp, 16)); - } - return tracepos; + if (next_record_is_response(tracepos, trace)) { + break; } - break; + + tracelog_hdr_t *next_hdr = (tracelog_hdr_t *)(trace + tracepos); + tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr); + if (next_hdr->data_len < 7) { + break; + } + + PrintAndLogEx(INFO, "AES 1499999999 %s " NOLF, sprint_hex_inrow(next_hdr->frame + 1, 8)); + + next_hdr = (tracelog_hdr_t *)(trace + tracepos); + tracepos += TRACELOG_HDR_LEN + next_hdr->data_len + TRACELOG_PARITY_LEN(next_hdr); + + if (next_hdr->frame[pos] == MFDES_ADDITIONAL_FRAME) { + PrintAndLogEx(NORMAL, "%s", sprint_hex_inrow(next_hdr->frame + pos + long_jmp, 16)); + } else { + PrintAndLogEx(NORMAL, ""); + } + return tracepos; } case MFDES_AUTHENTICATE_EV2F: { - if (hdr->isResponse == false) { - PrintAndLogEx(INFO, "AUTH EV2 First"); - } - break; + PrintAndLogEx(INFO, "AUTH EV2 First"); + uint16_t tmp = extractChall_ev2(tracepos, trace, pos, long_jmp); + if (tmp == 0) + break; + else + return tmp; + } case MFDES_AUTHENTICATE_EV2NF: { - if (hdr->isResponse == false) { - PrintAndLogEx(INFO, "AUTH EV2 Non First"); - } - break; + PrintAndLogEx(INFO, "AUTH EV2 Non First"); + uint16_t tmp = extractChall_ev2(tracepos, trace, pos, long_jmp); + if (tmp == 0) + break; + else + return tmp; } } } diff --git a/client/src/emv/cmdemv.c b/client/src/emv/cmdemv.c index 837f4619e..a855b672f 100644 --- a/client/src/emv/cmdemv.c +++ b/client/src/emv/cmdemv.c @@ -87,11 +87,11 @@ static int CmdEMVSelect(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("sS", "select", "activate field and select card"), - arg_lit0("kK", "keep", "keep field for next command"), - arg_lit0("aA", "apdu", "show APDU requests and responses"), + arg_lit0("sS", "select", "Activate field and select card"), + arg_lit0("kK", "keep", "Keep field for next command"), + arg_lit0("aA", "apdu", "Show APDU requests and responses"), arg_lit0("tT", "tlv", "TLV decode results"), - arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. Contactless interface set by default."), + arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. (def: Contactless interface)"), arg_str1(NULL, NULL, "", "Applet AID"), arg_param_end }; @@ -138,11 +138,11 @@ static int CmdEMVSearch(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("sS", "select", "activate field and select card"), - arg_lit0("kK", "keep", "keep field ON for next command"), - arg_lit0("aA", "apdu", "show APDU reqests and responses"), + arg_lit0("sS", "select", "Activate field and select card"), + arg_lit0("kK", "keep", "Keep field ON for next command"), + arg_lit0("aA", "apdu", "Show APDU reqests and responses"), arg_lit0("tT", "tlv", "TLV decode results of selected applets"), - arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. Contactless interface set by default."), + arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. (def: Contactless interface)"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -192,13 +192,13 @@ static int CmdEMVPPSE(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("sS", "select", "activate field and select card"), - arg_lit0("kK", "keep", "keep field ON for next command"), - arg_lit0("1", "pse", "pse (1PAY.SYS.DDF01) mode"), - arg_lit0("2", "ppse", "ppse (2PAY.SYS.DDF01) mode (default mode)"), - arg_lit0("aA", "apdu", "show APDU reqests and responses"), + arg_lit0("sS", "select", "Activate field and select card"), + arg_lit0("kK", "keep", "Keep field ON for next command"), + arg_lit0("1", "pse", "PSE (1PAY.SYS.DDF01) mode"), + arg_lit0("2", "ppse", "PPSE (2PAY.SYS.DDF01) mode (def)"), + arg_lit0("aA", "apdu", "Show APDU reqests and responses"), arg_lit0("tT", "tlv", "TLV decode results of selected applets"), - arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. Contactless interface set by default."), + arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. (def: Contactless interface)"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -252,12 +252,12 @@ static int CmdEMVGPO(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("kK", "keep", "keep field ON for next command"), - arg_lit0("pP", "params", "load parameters from `emv_defparams.json` file for PDOLdata making from PDOL and parameters"), - arg_lit0("mM", "make", "make PDOLdata from PDOL (tag 9F38) and parameters (by default uses default parameters)"), - arg_lit0("aA", "apdu", "show APDU reqests and responses"), + arg_lit0("kK", "keep", "Keep field ON for next command"), + arg_lit0("pP", "params", "Load parameters from `emv_defparams.json` file for PDOLdata making from PDOL and parameters"), + arg_lit0("mM", "make", "Make PDOLdata from PDOL (tag 9F38) and parameters (def: uses default parameters)"), + arg_lit0("aA", "apdu", "Show APDU reqests and responses"), arg_lit0("tT", "tlv", "TLV decode results of selected applets"), - arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. Contactless interface set by default."), + arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. (def: Contactless interface)"), arg_strx0(NULL, NULL, "", "PDOLdata/PDOL"), arg_param_end }; @@ -361,10 +361,10 @@ static int CmdEMVReadRecord(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("kK", "keep", "keep field ON for next command"), - arg_lit0("aA", "apdu", "show APDU reqests and responses"), + arg_lit0("kK", "keep", "Keep field ON for next command"), + arg_lit0("aA", "apdu", "Show APDU reqests and responses"), arg_lit0("tT", "tlv", "TLV decode results of selected applets"), - arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. Contactless interface set by default."), + arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. (def: Contactless interface)"), arg_strx1(NULL, NULL, "", "", "Terminal decision. aac - declined, tc - approved, arqc - online authorisation requested"), - arg_lit0("pP", "params", "load parameters from `emv_defparams.json` file for CDOLdata making from CDOL and parameters"), - arg_lit0("mM", "make", "make CDOLdata from CDOL (tag 8C and 8D) and parameters (by default uses default parameters)"), - arg_lit0("aA", "apdu", "show APDU reqests and responses"), + arg_lit0("pP", "params", "Load parameters from `emv_defparams.json` file for CDOLdata making from CDOL and parameters"), + arg_lit0("mM", "make", "Make CDOLdata from CDOL (tag 8C and 8D) and parameters (def: use default parameters)"), + arg_lit0("aA", "apdu", "Show APDU reqests and responses"), arg_lit0("tT", "tlv", "TLV decode results of selected applets"), - arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. Contactless interface set by default."), + arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. (def: Contactless interface)"), arg_strx1(NULL, NULL, "", "CDOLdata/CDOL"), arg_param_end }; @@ -543,9 +543,9 @@ static int CmdEMVGenerateChallenge(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("kK", "keep", "keep field ON for next command"), - arg_lit0("aA", "apdu", "show APDU reqests and responses"), - arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. Contactless interface set by default."), + arg_lit0("kK", "keep", "Keep field ON for next command"), + arg_lit0("aA", "apdu", "Show APDU reqests and responses"), + arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. (def: Contactless interface)"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -595,12 +595,12 @@ static int CmdEMVInternalAuthenticate(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("kK", "keep", "keep field ON for next command"), - arg_lit0("pP", "params", "load parameters from `emv_defparams.json` file for DDOLdata making from DDOL and parameters"), - arg_lit0("mM", "make", "make DDOLdata from DDOL (tag 9F49) and parameters (by default uses default parameters)"), - arg_lit0("aA", "apdu", "show APDU reqests and responses"), + arg_lit0("kK", "keep", "Keep field ON for next command"), + arg_lit0("pP", "params", "Load parameters from `emv_defparams.json` file for DDOLdata making from DDOL and parameters"), + arg_lit0("mM", "make", "Make DDOLdata from DDOL (tag 9F49) and parameters (def: use default parameters)"), + arg_lit0("aA", "apdu", "Show APDU reqests and responses"), arg_lit0("tT", "tlv", "TLV decode results of selected applets"), - arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. Contactless interface set by default."), + arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. (def: Contactless interface)"), arg_strx1(NULL, NULL, "", "DDOLdata/DDOL"), arg_param_end }; @@ -822,17 +822,17 @@ static int CmdEMVExec(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("sS", "select", "activate field and select card."), - arg_lit0("aA", "apdu", "show APDU reqests and responses."), - arg_lit0("tT", "tlv", "TLV decode results."), - arg_lit0("jJ", "jload", "Load transaction parameters from `emv_defparams.json` file."), - arg_lit0("fF", "forceaid", "Force search AID. Search AID instead of execute PPSE."), + arg_lit0("sS", "select", "Activate field and select card"), + arg_lit0("aA", "apdu", "Show APDU reqests and responses"), + arg_lit0("tT", "tlv", "TLV decode results"), + arg_lit0("jJ", "jload", "Load transaction parameters from `emv_defparams.json` file"), + arg_lit0("fF", "forceaid", "Force search AID. Search AID instead of execute PPSE"), arg_rem("By default:", "Transaction type - MSD"), - arg_lit0("vV", "qvsdc", "Transaction type - qVSDC or M/Chip."), - arg_lit0("cC", "qvsdccda", "Transaction type - qVSDC or M/Chip plus CDA (SDAD generation)."), - arg_lit0("xX", "vsdc", "Transaction type - VSDC. For test only. Not a standard behavior."), - arg_lit0("gG", "acgpo", "VISA. generate AC from GPO."), - arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. Contactless interface set by default."), + arg_lit0("vV", "qvsdc", "Transaction type - qVSDC or M/Chip"), + arg_lit0("cC", "qvsdccda", "Transaction type - qVSDC or M/Chip plus CDA (SDAD generation)"), + arg_lit0("xX", "vsdc", "Transaction type - VSDC. For test only. Not a standard behavior"), + arg_lit0("gG", "acgpo", "VISA. generate AC from GPO"), + arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. (def: Contactless interface)"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -1448,17 +1448,17 @@ static int CmdEMVScan(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("aA", "apdu", "show APDU reqests and responses."), - arg_lit0("tT", "tlv", "TLV decode results."), + arg_lit0("aA", "apdu", "Show APDU reqests and responses"), + arg_lit0("tT", "tlv", "TLV decode results"), arg_lit0("eE", "extract", "Extract TLV elements and fill Application Data"), - arg_lit0("jJ", "jload", "Load transaction parameters from `emv_defparams.json` file."), + arg_lit0("jJ", "jload", "Load transaction parameters from `emv_defparams.json` file"), arg_rem("By default:", "Transaction type - MSD"), - arg_lit0("vV", "qvsdc", "Transaction type - qVSDC or M/Chip."), - arg_lit0("cC", "qvsdccda", "Transaction type - qVSDC or M/Chip plus CDA (SDAD generation)."), - arg_lit0("xX", "vsdc", "Transaction type - VSDC. For test only. Not a standard behavior."), - arg_lit0("gG", "acgpo", "VISA. generate AC from GPO."), + arg_lit0("vV", "qvsdc", "Transaction type - qVSDC or M/Chip"), + arg_lit0("cC", "qvsdccda", "Transaction type - qVSDC or M/Chip plus CDA (SDAD generation)"), + arg_lit0("xX", "vsdc", "Transaction type - VSDC. For test only. Not a standard behavior"), + arg_lit0("gG", "acgpo", "VISA. generate AC from GPO"), arg_lit0("mM", "merge", "Merge output file with card's data. (warning: the file may be corrupted!)"), - arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. Contactless interface set by default."), + arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. (def: Contactless interface)"), arg_str1(NULL, NULL, "", "JSON output filename"), arg_param_end }; @@ -1839,8 +1839,8 @@ static int CmdEMVTest(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("i", "ignore", "ignore timing tests for VM"), - arg_lit0("l", "long", "run long tests too"), + arg_lit0("i", "ignore", "Ignore timing tests for VM"), + arg_lit0("l", "long", "Run long tests too"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -1871,9 +1871,9 @@ static int CmdEMVRoca(const char *Cmd) { void *argtable[] = { arg_param_begin, - arg_lit0("tT", "selftest", "self test"), - arg_lit0("aA", "apdu", "show APDU reqests and responses"), - arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. Contactless interface set by default"), + arg_lit0("tT", "selftest", "Self test"), + arg_lit0("aA", "apdu", "Show APDU reqests and responses"), + arg_lit0("wW", "wired", "Send data via contact (iso7816) interface. (def: Contactless interface)"), arg_param_end }; CLIExecWithReturn(ctx, Cmd, argtable, true); @@ -2124,17 +2124,17 @@ out: static command_t CommandTable[] = { {"help", CmdHelp, AlwaysAvailable, "This help"}, - {"exec", CmdEMVExec, IfPm3Iso14443, "Executes EMV contactless transaction."}, - {"pse", CmdEMVPPSE, IfPm3Iso14443, "Execute PPSE. It selects 2PAY.SYS.DDF01 or 1PAY.SYS.DDF01 directory."}, - {"search", CmdEMVSearch, IfPm3Iso14443, "Try to select all applets from applets list and print installed applets."}, - {"select", CmdEMVSelect, IfPm3Iso14443, "Select applet."}, - {"gpo", CmdEMVGPO, IfPm3Iso14443, "Execute GetProcessingOptions."}, - {"readrec", CmdEMVReadRecord, IfPm3Iso14443, "Read files from card."}, - {"genac", CmdEMVAC, IfPm3Iso14443, "Generate ApplicationCryptogram."}, - {"challenge", CmdEMVGenerateChallenge, IfPm3Iso14443, "Generate challenge."}, - {"intauth", CmdEMVInternalAuthenticate, IfPm3Iso14443, "Internal authentication."}, - {"scan", CmdEMVScan, IfPm3Iso14443, "Scan EMV card and save it contents to json file for emulator."}, - {"test", CmdEMVTest, AlwaysAvailable, "Crypto logic test."}, + {"exec", CmdEMVExec, IfPm3Iso14443, "Executes EMV contactless transaction"}, + {"pse", CmdEMVPPSE, IfPm3Iso14443, "Execute PPSE. It selects 2PAY.SYS.DDF01 or 1PAY.SYS.DDF01 directory"}, + {"search", CmdEMVSearch, IfPm3Iso14443, "Try to select all applets from applets list and print installed applets"}, + {"select", CmdEMVSelect, IfPm3Iso14443, "Select applet"}, + {"gpo", CmdEMVGPO, IfPm3Iso14443, "Execute GetProcessingOptions"}, + {"readrec", CmdEMVReadRecord, IfPm3Iso14443, "Read files from card"}, + {"genac", CmdEMVAC, IfPm3Iso14443, "Generate ApplicationCryptogram"}, + {"challenge", CmdEMVGenerateChallenge, IfPm3Iso14443, "Generate challenge"}, + {"intauth", CmdEMVInternalAuthenticate, IfPm3Iso14443, "Internal authentication"}, + {"scan", CmdEMVScan, IfPm3Iso14443, "Scan EMV card and save it contents to json file for emulator"}, + {"test", CmdEMVTest, AlwaysAvailable, "Crypto logic test"}, /* {"getrng", CmdEMVGetrng, IfPm3Iso14443, "get random number from terminal"}, {"eload", CmdEmvELoad, IfPm3Iso14443, "load EMV tag into device"}, @@ -2142,7 +2142,7 @@ static command_t CommandTable[] = { {"sim", CmdEmvSim, IfPm3Iso14443, "simulate EMV tag"}, {"clone", CmdEmvClone, IfPm3Iso14443, "clone an EMV tag"}, */ - {"list", CmdEMVList, AlwaysAvailable, "List ISO7816 history"}, + {"list", CmdEMVList, AlwaysAvailable, "List ISO7816 history"}, {"roca", CmdEMVRoca, IfPm3Iso14443, "Extract public keys and run ROCA test"}, {NULL, NULL, NULL, NULL} }; diff --git a/client/src/mifare/desfirecore.c b/client/src/mifare/desfirecore.c index b4047c264..386f528e2 100644 --- a/client/src/mifare/desfirecore.c +++ b/client/src/mifare/desfirecore.c @@ -2252,10 +2252,11 @@ static const DesfireCreateFileCommands_t DesfireFileCommands[] = { }; const DesfireCreateFileCommands_t *GetDesfireFileCmdRec(uint8_t type) { - for (int i = 0; i < ARRAYLEN(DesfireFileCommands); i++) - if (DesfireFileCommands[i].id == type) + for (int i = 0; i < ARRAYLEN(DesfireFileCommands); i++) { + if (DesfireFileCommands[i].id == type) { return &DesfireFileCommands[i]; - + } + } return NULL; } @@ -2303,6 +2304,7 @@ const char *GetDesfireAccessRightStr(uint8_t right) { sprintf(int_access_str, "key 0x%02x", right); return int_access_str; } + if (right == 0x0e) return DesfireFreeStr; @@ -2332,8 +2334,9 @@ const char *AccessRightShortStr[] = { }; const char *GetDesfireAccessRightShortStr(uint8_t right) { - if (right > 0x0f) + if (right > 0x0F) { return DesfireNAStr; + } return AccessRightShortStr[right]; } @@ -2346,23 +2349,20 @@ void DesfireEncodeFileAcessMode(uint8_t *mode, uint8_t r, uint8_t w, uint8_t rw, void DesfireDecodeFileAcessMode(const uint8_t *mode, uint8_t *r, uint8_t *w, uint8_t *rw, uint8_t *ch) { // read if (r) - *r = (mode[1] >> 4) & 0x0f; // hi 2b + *r = (mode[1] >> 4) & 0x0F; // hi 2b // write if (w) - *w = mode[1] & 0x0f; + *w = mode[1] & 0x0F; // read/write if (rw) - *rw = (mode[0] >> 4) & 0x0f; // low 2b + *rw = (mode[0] >> 4) & 0x0F; // low 2b // change if (ch) - *ch = mode[0] & 0x0f; + *ch = mode[0] & 0x0F; } void DesfirePrintAccessRight(uint8_t *data) { - uint8_t r = 0; - uint8_t w = 0; - uint8_t rw = 0; - uint8_t ch = 0; + uint8_t r = 0, w = 0, rw = 0, ch = 0; DesfireDecodeFileAcessMode(data, &r, &w, &rw, &ch); PrintAndLogEx(SUCCESS, "read : %s", GetDesfireAccessRightStr(r)); PrintAndLogEx(SUCCESS, "write : %s", GetDesfireAccessRightStr(w));