From 49aa198c88655ccc139fe1297a61e529cf5aca23 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Sun, 16 Aug 2020 09:59:41 +0200 Subject: [PATCH] annotate cryptorf --- client/src/cmdhfcryptorf.c | 32 ++++-------------------- client/src/cmdhflist.c | 43 +++++++++++++++++++++++++++++++- client/src/cmdhflist.h | 1 + client/src/cmdtrace.c | 51 ++++++++++++++++++++++---------------- include/protocols.h | 10 ++++---- 5 files changed, 83 insertions(+), 54 deletions(-) diff --git a/client/src/cmdhfcryptorf.c b/client/src/cmdhfcryptorf.c index 7f727d4bf..cd3bc93a4 100644 --- a/client/src/cmdhfcryptorf.c +++ b/client/src/cmdhfcryptorf.c @@ -58,11 +58,10 @@ static int usage_hf_cryptorf_sniff(void) { return PM3_SUCCESS; } static int usage_hf_cryptorf_sim(void) { - PrintAndLogEx(NORMAL, "Emulating CryptoRF tag with 4 UID / PUPI\n" - "Usage: hf cryptorf sim [h] [u ]\n" + PrintAndLogEx(NORMAL, "Emulating CryptoRF tag with emulator memory\n" + "Usage: hf cryptorf sim [h] \n" "Options:\n" " h this help\n" - " u 4byte UID/PUPI\n" "\n" "Example:\n" _YELLOW_(" hf cryptorf sim") @@ -116,7 +115,7 @@ static int switch_off_field_cryptorf(void) { static int CmdHFCryptoRFList(const char *Cmd) { (void)Cmd; // Cmd is not used so far - CmdTraceList("14b"); + CmdTraceList("cryptorf"); return PM3_SUCCESS; } @@ -124,13 +123,8 @@ static int CmdHFCryptoRFSim(const char *Cmd) { char cmdp = tolower(param_getchar(Cmd, 0)); if (cmdp == 'h') return usage_hf_cryptorf_sim(); - uint32_t pupi = 0; - if (cmdp == 'u') { - pupi = param_get32ex(Cmd, 1, 0, 16); - } - clearCommandBuffer(); - SendCommandMIX(CMD_HF_ISO14443B_SIMULATE, pupi, 0, 0, NULL, 0); + SendCommandMIX(CMD_HF_CRYPTORF_SIM, 0, 0, 0, NULL, 0); return PM3_SUCCESS; } @@ -152,23 +146,7 @@ static bool get_14b_UID(iso14b_card_select_t *card) { int8_t retry = 3; PacketResponseNG resp; - // test for 14b SR - while (retry--) { - - clearCommandBuffer(); - SendCommandMIX(CMD_HF_ISO14443B_COMMAND, ISO14B_CONNECT | ISO14B_SELECT_SR | ISO14B_DISCONNECT, 0, 0, NULL, 0); - if (WaitForResponseTimeout(CMD_ACK, &resp, TIMEOUT)) { - - uint8_t status = resp.oldarg[0]; - if (status == 0) { - memcpy(card, (iso14b_card_select_t *)resp.data.asBytes, sizeof(iso14b_card_select_t)); - return true; - } - } - } // retry - - // test 14b standard - retry = 3; + // test while (retry--) { clearCommandBuffer(); diff --git a/client/src/cmdhflist.c b/client/src/cmdhflist.c index 3c519cbe5..02abfef20 100644 --- a/client/src/cmdhflist.c +++ b/client/src/cmdhflist.c @@ -857,7 +857,7 @@ void annotateMfDesfire(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize) { **/ void annotateIso14443b(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize) { switch (cmd[0]) { - case ISO14443B_REQB : { + case ISO14443B_REQB : { switch (cmd[2] & 0x07) { case 0: @@ -924,6 +924,47 @@ void annotateIso14443b(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize) { } } +// CryptoRF which is based on ISO-14443B +void annotateCryptoRF(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize) { + + switch (cmd[0]) { + case CRYPTORF_SET_USER_ZONE: + snprintf(exp, size, "SET USR ZONE"); + break; + case CRYPTORF_READ_USER_ZONE: + snprintf(exp, size, "READ USR ZONE"); + break; + case CRYPTORF_WRITE_USER_ZONE: + snprintf(exp, size, "WRITE USR ZONE"); + break; + case CRYPTORF_WRITE_SYSTEM_ZONE: + snprintf(exp, size, "WRITE SYSTEM ZONE"); + break; + case CRYPTORF_READ_SYSTEM_ZONE: + snprintf(exp, size, "READ SYSTEM ZONE"); + break; + case CRYPTORF_VERIFY_CRYPTO: + snprintf(exp, size, "VERIFY CRYPTO"); + break; + case CRYPTORF_SEND_CHECKSUM: + snprintf(exp, size, "SEND CHKSUM"); + break; + case CRYPTORF_DESELECT: + snprintf(exp, size, "DESELECT"); + break; + case CRYPTORF_IDLE: + snprintf(exp, size, "IDLE"); + break; + case CRYPTORF_CHECK_PASSWORD: + snprintf(exp, size, "CHECK PWD"); + break; + default: + snprintf(exp, size, "?"); + break; + } +} + + // LEGIC // 1 = read // 0 = write diff --git a/client/src/cmdhflist.h b/client/src/cmdhflist.h index fbc8700d6..6a7a60bbe 100644 --- a/client/src/cmdhflist.h +++ b/client/src/cmdhflist.h @@ -49,6 +49,7 @@ void annotateIso14443a(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize); void annotateMfDesfire(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize); void annotateMifare(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize, uint8_t *parity, uint8_t paritysize, bool isResponse); void annotateLTO(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize); +void annotateCryptoRF(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize); bool DecodeMifareData(uint8_t *cmd, uint8_t cmdsize, uint8_t *parity, bool isResponse, uint8_t *mfData, size_t *mfDataLen); bool NTParityChk(TAuthData *ad, uint32_t ntx); diff --git a/client/src/cmdtrace.c b/client/src/cmdtrace.c index 567e1f9ab..d426e9c75 100644 --- a/client/src/cmdtrace.c +++ b/client/src/cmdtrace.c @@ -53,6 +53,7 @@ static int usage_trace_list(void) { PrintAndLogEx(NORMAL, " hitag2 - interpret data as Hitag2 communications"); PrintAndLogEx(NORMAL, " hitags - interpret data as HitagS communications"); PrintAndLogEx(NORMAL, " lto - interpret data as LTO-CM communications"); + PrintAndLogEx(NORMAL, " cryptorf - interpret data as CryptoRF communitcations"); PrintAndLogEx(NORMAL, ""); PrintAndLogEx(NORMAL, "Examples:"); PrintAndLogEx(NORMAL, _YELLOW_(" trace list 14a f")); @@ -258,6 +259,7 @@ static uint16_t printTraceLine(uint16_t tracepos, uint16_t traceLen, uint8_t *tr case ISO_15693: crcStatus = iso15693_CRC_check(frame, data_len); break; + case PROTO_CRYPTORF: case ISO_7816_4: case PROTO_HITAG1: case PROTO_HITAG2: @@ -297,6 +299,7 @@ static uint16_t printTraceLine(uint16_t tracepos, uint16_t traceLen, uint8_t *tr && protocol != THINFILM && protocol != FELICA && protocol != LTO + && protocol != PROTO_CRYPTORF && (hdr->isResponse || protocol == ISO_14443A) && (oddparity8(frame[j]) != ((parityBits >> (7 - (j & 0x0007))) & 0x01))) { @@ -346,28 +349,30 @@ static uint16_t printTraceLine(uint16_t tracepos, uint16_t traceLen, uint8_t *tr if (prev_eot) *prev_eot = end_of_transmission_timestamp; - // Always annotate LEGIC read/tag - if (protocol == LEGIC) - annotateLegic(explanation, sizeof(explanation), frame, data_len); - - if (protocol == PROTO_MIFARE) - annotateMifare(explanation, sizeof(explanation), frame, data_len, parityBytes, TRACELOG_PARITY_LEN(hdr), hdr->isResponse); - - if (protocol == FELICA) - annotateFelica(explanation, sizeof(explanation), frame, data_len); - - if (protocol == PROTO_HITAG1) { - annotateHitag1(explanation, sizeof(explanation), frame, data_len, hdr->isResponse); - } - if (protocol == PROTO_HITAG2) { - annotateHitag2(explanation, sizeof(explanation), frame, data_len, hdr->isResponse); - } - if (protocol == PROTO_HITAGS) { - annotateHitagS(explanation, sizeof(explanation), frame, data_len, hdr->isResponse); + // Always annotate these protocols both reader/tag messages + switch (protocol) { + case PROTO_MIFARE: + annotateMifare(explanation, sizeof(explanation), frame, data_len, parityBytes, TRACELOG_PARITY_LEN(hdr), hdr->isResponse); + break; + case PROTO_HITAG1: + annotateHitag1(explanation, sizeof(explanation), frame, data_len, hdr->isResponse); + break; + case PROTO_HITAG2: + annotateHitag2(explanation, sizeof(explanation), frame, data_len, hdr->isResponse); + break; + case PROTO_HITAGS: + annotateHitagS(explanation, sizeof(explanation), frame, data_len, hdr->isResponse); + break; + default: + break; } if (hdr->isResponse == false) { + switch (protocol) { + case LEGIC: + annotateLegic(explanation, sizeof(explanation), frame, data_len); + break; case ICLASS: annotateIclass(explanation, sizeof(explanation), frame, data_len); break; @@ -395,6 +400,9 @@ static uint16_t printTraceLine(uint16_t tracepos, uint16_t traceLen, uint8_t *tr case LTO: annotateLTO(explanation, sizeof(explanation), frame, data_len); break; + case PROTO_CRYPTORF: + annotateCryptoRF(explanation, sizeof(explanation), frame, data_len); + break; default: break; } @@ -645,10 +653,11 @@ int CmdTraceList(const char *Cmd) { else if (strcmp(type, "felica") == 0) protocol = FELICA; else if (strcmp(type, "mf") == 0) protocol = PROTO_MIFARE; else if (strcmp(type, "hitag1") == 0) protocol = PROTO_HITAG1; - else if (strcmp(type, "hitag2") == 0) protocol = PROTO_HITAG2; - else if (strcmp(type, "hitags") == 0) protocol = PROTO_HITAGS; + else if (strcmp(type, "hitag2") == 0) protocol = PROTO_HITAG2; + else if (strcmp(type, "hitags") == 0) protocol = PROTO_HITAGS; else if (strcmp(type, "thinfilm") == 0) protocol = THINFILM; else if (strcmp(type, "lto") == 0) protocol = LTO; + else if (strcmp(type, "cryptorf") == 0) protocol = PROTO_CRYPTORF; else if (strcmp(type, "raw") == 0) protocol = -1; //No crc, no annotations else errors = true; @@ -714,7 +723,7 @@ int CmdTraceList(const char *Cmd) { PrintAndLogEx(INFO, _YELLOW_("LEGIC") " - Reader Mode: Timings are in ticks (1us == 1.5ticks)\n" " Tag Mode: Timings are in sub carrier periods (1/212 kHz == 4.7us)"); - if (protocol == ISO_14443B) { + if (protocol == ISO_14443B || protocol == PROTO_CRYPTORF) { if (use_us) PrintAndLogEx(INFO, _YELLOW_("ISO14443B") " - all times are in microseconds"); else diff --git a/include/protocols.h b/include/protocols.h index 527e326a3..add711563 100644 --- a/include/protocols.h +++ b/include/protocols.h @@ -240,9 +240,9 @@ ISO 7816-4 Basic interindustry commands. For command APDU's. #define ISO14443B_PING 0xBA #define ISO14443B_PONG 0xAB -//meltem -//defined crypto RF commands -//only interpreting channel 1 communication + +// defined crypto RF commands +// only interpreting channel 1 communication #define CRYPTORF_SET_USER_ZONE 0x11 #define CRYPTORF_READ_USER_ZONE 0x12 #define CRYPTORF_WRITE_USER_ZONE 0x13 @@ -254,8 +254,7 @@ ISO 7816-4 Basic interindustry commands. For command APDU's. #define CRYPTORF_IDLE 0x1B #define CRYPTORF_CHECK_PASSWORD 0x1C -//meltem -//defined Crypto RF errors +// defined Crypto RF errors #define CRYPTORF_ERR_ACCESS_DENIED_ZONE 0x99 #define CRYPTORF_ERR_PARAM_INVALID 0xA1 #define CRYPTORF_ERR_ADDRES_INVALID 0xA2 @@ -348,6 +347,7 @@ ISO 7816-4 Basic interindustry commands. For command APDU's. #define LTO 12 #define PROTO_HITAG2 13 #define PROTO_HITAGS 14 +#define PROTO_CRYPTORF 15 // Picopass fuses #define FUSE_FPERS 0x80