From 041f6244cb2fc61b3d14bf15e50c344cf74512a5 Mon Sep 17 00:00:00 2001
From: Antiklesys <syselkitna@gmail.com>
Date: Mon, 9 Sep 2024 17:54:57 +0800
Subject: [PATCH 1/4] Fixed AA2 dump with Kc only

Fixed issue preventing iclass dump to dump AA2 only when only using Kc
---
 client/src/cmdhficlass.c | 30 ++++++++++++++++--------------
 1 file changed, 16 insertions(+), 14 deletions(-)

diff --git a/client/src/cmdhficlass.c b/client/src/cmdhficlass.c
index 2c900fffc..a43dd1e63 100644
--- a/client/src/cmdhficlass.c
+++ b/client/src/cmdhficlass.c
@@ -2029,6 +2029,21 @@ static int CmdHFiClassDump(const char *Cmd) {
         payload.start_block = 5;
     }
 
+    struct p_resp {
+        bool isOK;
+        uint16_t block_cnt;
+        uint32_t bb_offset;
+    } PACKED;
+    struct p_resp *packet = (struct p_resp *)resp.data.asBytes;
+
+    uint32_t startindex = packet->bb_offset;
+    uint32_t blocks_read = packet->block_cnt;
+
+    uint8_t tempbuf[0x100 * 8];
+    uint16_t bytes_got = (app_limit1 + 1) * 8;
+
+    if(key_len > 0 && deb_key_nr >= 0){
+
     clearCommandBuffer();
     SendCommandNG(CMD_HF_ICLASS_DUMP, (uint8_t *)&payload, sizeof(payload));
 
@@ -2051,23 +2066,11 @@ static int CmdHFiClassDump(const char *Cmd) {
         return resp.status;
     }
 
-    struct p_resp {
-        bool isOK;
-        uint16_t block_cnt;
-        uint32_t bb_offset;
-    } PACKED;
-    struct p_resp *packet = (struct p_resp *)resp.data.asBytes;
-
     if (packet->isOK == false) {
         PrintAndLogEx(WARNING, "read AA1 blocks failed");
         return PM3_ESOFT;
     }
 
-    uint32_t startindex = packet->bb_offset;
-    uint32_t blocks_read = packet->block_cnt;
-
-    uint8_t tempbuf[0x100 * 8];
-
     // response ok - now get bigbuf content of the dump
     if (!GetFromDevice(BIG_BUF, tempbuf, sizeof(tempbuf), startindex, NULL, 0, NULL, 2500, false)) {
         PrintAndLogEx(WARNING, "command execution time out");
@@ -2083,8 +2086,7 @@ static int CmdHFiClassDump(const char *Cmd) {
     memcpy(tag_data + (PICOPASS_BLOCK_SIZE * payload.start_block),
            tempbuf + (PICOPASS_BLOCK_SIZE * payload.start_block),
            blocks_read * PICOPASS_BLOCK_SIZE);
-
-    uint16_t bytes_got = (app_limit1 + 1) * 8;
+    }
 
     // try AA2 Kc, Credit
     bool aa2_success = false;

From 96b1b6d72cc03c8303b329213bd883e6d20843b6 Mon Sep 17 00:00:00 2001
From: Antiklesys <syselkitna@gmail.com>
Date: Mon, 9 Sep 2024 17:58:47 +0800
Subject: [PATCH 2/4] Fixed indent

Fixed indent
---
 client/src/cmdhficlass.c | 66 ++++++++++++++++++++--------------------
 1 file changed, 33 insertions(+), 33 deletions(-)

diff --git a/client/src/cmdhficlass.c b/client/src/cmdhficlass.c
index a43dd1e63..967316ff9 100644
--- a/client/src/cmdhficlass.c
+++ b/client/src/cmdhficlass.c
@@ -2044,46 +2044,46 @@ static int CmdHFiClassDump(const char *Cmd) {
 
     if(key_len > 0 && deb_key_nr >= 0){
 
-    clearCommandBuffer();
-    SendCommandNG(CMD_HF_ICLASS_DUMP, (uint8_t *)&payload, sizeof(payload));
+        clearCommandBuffer();
+        SendCommandNG(CMD_HF_ICLASS_DUMP, (uint8_t *)&payload, sizeof(payload));
 
-    while (true) {
+        while (true) {
 
-        PrintAndLogEx(NORMAL, "." NOLF);
-        if (kbd_enter_pressed()) {
-            PrintAndLogEx(WARNING, "\naborted via keyboard!\n");
-            DropField();
-            return PM3_EOPABORTED;
+            PrintAndLogEx(NORMAL, "." NOLF);
+            if (kbd_enter_pressed()) {
+                PrintAndLogEx(WARNING, "\naborted via keyboard!\n");
+                DropField();
+                return PM3_EOPABORTED;
+            }
+
+            if (WaitForResponseTimeout(CMD_HF_ICLASS_DUMP, &resp, 2000))
+                break;
         }
 
-        if (WaitForResponseTimeout(CMD_HF_ICLASS_DUMP, &resp, 2000))
-            break;
-    }
+        PrintAndLogEx(NORMAL, "");
+        if (resp.status != PM3_SUCCESS) {
+            PrintAndLogEx(ERR, "failed to communicate with card");
+            return resp.status;
+        }
 
-    PrintAndLogEx(NORMAL, "");
-    if (resp.status != PM3_SUCCESS) {
-        PrintAndLogEx(ERR, "failed to communicate with card");
-        return resp.status;
-    }
+        if (packet->isOK == false) {
+            PrintAndLogEx(WARNING, "read AA1 blocks failed");
+            return PM3_ESOFT;
+        }
 
-    if (packet->isOK == false) {
-        PrintAndLogEx(WARNING, "read AA1 blocks failed");
-        return PM3_ESOFT;
-    }
+        // response ok - now get bigbuf content of the dump
+        if (!GetFromDevice(BIG_BUF, tempbuf, sizeof(tempbuf), startindex, NULL, 0, NULL, 2500, false)) {
+            PrintAndLogEx(WARNING, "command execution time out");
+            return PM3_ETIMEOUT;
+        }
 
-    // response ok - now get bigbuf content of the dump
-    if (!GetFromDevice(BIG_BUF, tempbuf, sizeof(tempbuf), startindex, NULL, 0, NULL, 2500, false)) {
-        PrintAndLogEx(WARNING, "command execution time out");
-        return PM3_ETIMEOUT;
-    }
-
-    if (pagemap != PICOPASS_NON_SECURE_PAGEMODE) {
-        // div key KD
-        memcpy(tag_data + (PICOPASS_BLOCK_SIZE * 3),
-               tempbuf + (PICOPASS_BLOCK_SIZE * 3), PICOPASS_BLOCK_SIZE);
-    }
-    // all memory available
-    memcpy(tag_data + (PICOPASS_BLOCK_SIZE * payload.start_block),
+        if (pagemap != PICOPASS_NON_SECURE_PAGEMODE) {
+            // div key KD
+            memcpy(tag_data + (PICOPASS_BLOCK_SIZE * 3),
+            tempbuf + (PICOPASS_BLOCK_SIZE * 3), PICOPASS_BLOCK_SIZE);
+        }
+        // all memory available
+        memcpy(tag_data + (PICOPASS_BLOCK_SIZE * payload.start_block),
            tempbuf + (PICOPASS_BLOCK_SIZE * payload.start_block),
            blocks_read * PICOPASS_BLOCK_SIZE);
     }

From 8e961aaa04d13a8bd63fdc344dc71d0d4c7a0075 Mon Sep 17 00:00:00 2001
From: Antiklesys <syselkitna@gmail.com>
Date: Mon, 9 Sep 2024 18:01:02 +0800
Subject: [PATCH 3/4] Re-fixed indent

---
 client/src/cmdhficlass.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/client/src/cmdhficlass.c b/client/src/cmdhficlass.c
index 967316ff9..647cf189f 100644
--- a/client/src/cmdhficlass.c
+++ b/client/src/cmdhficlass.c
@@ -2080,12 +2080,12 @@ static int CmdHFiClassDump(const char *Cmd) {
         if (pagemap != PICOPASS_NON_SECURE_PAGEMODE) {
             // div key KD
             memcpy(tag_data + (PICOPASS_BLOCK_SIZE * 3),
-            tempbuf + (PICOPASS_BLOCK_SIZE * 3), PICOPASS_BLOCK_SIZE);
+                tempbuf + (PICOPASS_BLOCK_SIZE * 3), PICOPASS_BLOCK_SIZE);
         }
         // all memory available
         memcpy(tag_data + (PICOPASS_BLOCK_SIZE * payload.start_block),
-           tempbuf + (PICOPASS_BLOCK_SIZE * payload.start_block),
-           blocks_read * PICOPASS_BLOCK_SIZE);
+            tempbuf + (PICOPASS_BLOCK_SIZE * payload.start_block),
+            blocks_read * PICOPASS_BLOCK_SIZE);
     }
 
     // try AA2 Kc, Credit

From c7c56c41b9375b1dedd6adaea5fae4274f214a34 Mon Sep 17 00:00:00 2001
From: Antiklesys <syselkitna@gmail.com>
Date: Mon, 9 Sep 2024 18:10:13 +0800
Subject: [PATCH 4/4] Update CHANGELOG.md

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1583b1c9f..b76c41939 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file.
 This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...
 
 ## [unreleased][unreleased]
+- Fixed `hf iclass dump` to dump AA2 when only providing Kc (@antiklesys)
 - Fixed `hf felica raw -s` - dont check crc for select tag response,  thanks @RebornedBrian! (@iceman1001)
 - Added a multi-threaded of ht2crack2search (@iceman1001)
 - Fixed ISO14443a bounds-checking because @doegex found cards not following ISO14443a when fuzzed (@iceman1001)