annotate cryptorf

client/src/cmdhfcryptorf.c

@@ -58,11 +58,10 @@ static int usage_hf_cryptorf_sniff(void) {
     return PM3_SUCCESS;
 }
 static int usage_hf_cryptorf_sim(void) {
-    PrintAndLogEx(NORMAL, "Emulating CryptoRF tag with 4 UID / PUPI\n"
+    PrintAndLogEx(NORMAL, "Emulating CryptoRF tag with emulator memory\n"
-                  "Usage: hf cryptorf sim [h] [u <uid>]\n"
+            "Usage: hf cryptorf sim [h] \n"
                   "Options:\n"
                   "    h    this help\n"
-                  "    u    4byte UID/PUPI\n"
                   "\n"
                   "Example:\n"
                   _YELLOW_("    hf cryptorf sim")
@@ -116,7 +115,7 @@ static int switch_off_field_cryptorf(void) {
 
 static int CmdHFCryptoRFList(const char *Cmd) {
     (void)Cmd; // Cmd is not used so far
-    CmdTraceList("14b");
+    CmdTraceList("cryptorf");
     return PM3_SUCCESS;
 }
 
@@ -124,13 +123,8 @@ static int CmdHFCryptoRFSim(const char *Cmd) {
     char cmdp = tolower(param_getchar(Cmd, 0));
     if (cmdp == 'h') return usage_hf_cryptorf_sim();
 
-    uint32_t pupi = 0;
-    if (cmdp == 'u') {
-        pupi = param_get32ex(Cmd, 1, 0, 16);
-    }
-
     clearCommandBuffer();
-    SendCommandMIX(CMD_HF_ISO14443B_SIMULATE, pupi, 0, 0, NULL, 0);
+    SendCommandMIX(CMD_HF_CRYPTORF_SIM, 0, 0, 0, NULL, 0);
     return PM3_SUCCESS;
 }
 
@@ -152,23 +146,7 @@ static bool get_14b_UID(iso14b_card_select_t *card) {
     int8_t retry = 3;
     PacketResponseNG resp;
 
-    // test for 14b SR
+    // test
-    while (retry--) {
-
-        clearCommandBuffer();
-        SendCommandMIX(CMD_HF_ISO14443B_COMMAND, ISO14B_CONNECT | ISO14B_SELECT_SR | ISO14B_DISCONNECT, 0, 0, NULL, 0);
-        if (WaitForResponseTimeout(CMD_ACK, &resp, TIMEOUT)) {
-
-            uint8_t status = resp.oldarg[0];
-            if (status == 0) {
-                memcpy(card, (iso14b_card_select_t *)resp.data.asBytes, sizeof(iso14b_card_select_t));
-                return true;
-            }
-        }
-    } // retry
-
-    // test 14b standard
-    retry = 3;
     while (retry--) {
 
         clearCommandBuffer();

client/src/cmdhflist.c

@@ -857,7 +857,7 @@ void annotateMfDesfire(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize) {
 **/
 void annotateIso14443b(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize) {
     switch (cmd[0]) {
-        case ISO14443B_REQB           : {
+        case ISO14443B_REQB : {
 
             switch (cmd[2] & 0x07) {
                 case 0:
@@ -924,6 +924,47 @@ void annotateIso14443b(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize) {
     }
 }
 
+// CryptoRF which is based on ISO-14443B
+void annotateCryptoRF(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize) {
+
+    switch (cmd[0]) {
+        case CRYPTORF_SET_USER_ZONE:
+            snprintf(exp, size, "SET USR ZONE");
+            break;
+        case CRYPTORF_READ_USER_ZONE:
+            snprintf(exp, size, "READ USR ZONE");
+            break;
+        case CRYPTORF_WRITE_USER_ZONE:
+            snprintf(exp, size, "WRITE USR ZONE");
+            break;
+        case CRYPTORF_WRITE_SYSTEM_ZONE:
+            snprintf(exp, size, "WRITE SYSTEM ZONE");
+            break;
+        case CRYPTORF_READ_SYSTEM_ZONE:
+            snprintf(exp, size, "READ SYSTEM ZONE");
+            break;
+        case CRYPTORF_VERIFY_CRYPTO:
+            snprintf(exp, size, "VERIFY CRYPTO");
+            break;
+        case CRYPTORF_SEND_CHECKSUM:
+            snprintf(exp, size, "SEND CHKSUM");
+            break;
+        case CRYPTORF_DESELECT:
+            snprintf(exp, size, "DESELECT");
+            break;  
+        case CRYPTORF_IDLE:
+            snprintf(exp, size, "IDLE");
+            break;              
+        case CRYPTORF_CHECK_PASSWORD:
+            snprintf(exp, size, "CHECK PWD");
+            break;  
+        default:
+            snprintf(exp, size, "?");
+            break;
+    }
+}
+
+
 // LEGIC
 // 1 = read
 // 0 = write

client/src/cmdhflist.h

@@ -49,6 +49,7 @@ void annotateIso14443a(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize);
 void annotateMfDesfire(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize);
 void annotateMifare(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize, uint8_t *parity, uint8_t paritysize, bool isResponse);
 void annotateLTO(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize);
+void annotateCryptoRF(char *exp, size_t size, uint8_t *cmd, uint8_t cmdsize);
 
 bool DecodeMifareData(uint8_t *cmd, uint8_t cmdsize, uint8_t *parity, bool isResponse, uint8_t *mfData, size_t *mfDataLen);
 bool NTParityChk(TAuthData *ad, uint32_t ntx);

client/src/cmdtrace.c

@@ -53,6 +53,7 @@ static int usage_trace_list(void) {
     PrintAndLogEx(NORMAL, "    hitag2   - interpret data as Hitag2 communications");
     PrintAndLogEx(NORMAL, "    hitags   - interpret data as HitagS communications");
     PrintAndLogEx(NORMAL, "    lto      - interpret data as LTO-CM communications");
+    PrintAndLogEx(NORMAL, "    cryptorf - interpret data as CryptoRF communitcations");
     PrintAndLogEx(NORMAL, "");
     PrintAndLogEx(NORMAL, "Examples:");
     PrintAndLogEx(NORMAL, _YELLOW_("        trace list 14a f"));
@@ -258,6 +259,7 @@ static uint16_t printTraceLine(uint16_t tracepos, uint16_t traceLen, uint8_t *tr
             case ISO_15693:
                 crcStatus = iso15693_CRC_check(frame, data_len);
                 break;
+            case PROTO_CRYPTORF:
             case ISO_7816_4:
             case PROTO_HITAG1:
             case PROTO_HITAG2:
@@ -297,6 +299,7 @@ static uint16_t printTraceLine(uint16_t tracepos, uint16_t traceLen, uint8_t *tr
                 && protocol != THINFILM
                 && protocol != FELICA
                 && protocol != LTO
+                && protocol != PROTO_CRYPTORF
                 && (hdr->isResponse || protocol == ISO_14443A)
                 && (oddparity8(frame[j]) != ((parityBits >> (7 - (j & 0x0007))) & 0x01))) {
 
@@ -346,28 +349,30 @@ static uint16_t printTraceLine(uint16_t tracepos, uint16_t traceLen, uint8_t *tr
     if (prev_eot)
         *prev_eot = end_of_transmission_timestamp;
 
-    // Always annotate LEGIC read/tag
+    // Always annotate these protocols both reader/tag messages
-    if (protocol == LEGIC)
+    switch (protocol) {
-        annotateLegic(explanation, sizeof(explanation), frame, data_len);
+        case PROTO_MIFARE:
-
+            annotateMifare(explanation, sizeof(explanation), frame, data_len, parityBytes, TRACELOG_PARITY_LEN(hdr), hdr->isResponse);
-    if (protocol == PROTO_MIFARE)
+            break;
-        annotateMifare(explanation, sizeof(explanation), frame, data_len, parityBytes, TRACELOG_PARITY_LEN(hdr), hdr->isResponse);
+        case PROTO_HITAG1:
-
+            annotateHitag1(explanation, sizeof(explanation), frame, data_len, hdr->isResponse);
-    if (protocol == FELICA)
+            break;
-        annotateFelica(explanation, sizeof(explanation), frame, data_len);
+        case PROTO_HITAG2:
-
+            annotateHitag2(explanation, sizeof(explanation), frame, data_len, hdr->isResponse);
-    if (protocol == PROTO_HITAG1) {
+            break;
-        annotateHitag1(explanation, sizeof(explanation), frame, data_len, hdr->isResponse);
+        case PROTO_HITAGS:
-    }
+            annotateHitagS(explanation, sizeof(explanation), frame, data_len, hdr->isResponse);
-    if (protocol == PROTO_HITAG2) {
+            break;
-        annotateHitag2(explanation, sizeof(explanation), frame, data_len, hdr->isResponse);
+        default:
-    }
+            break;
-    if (protocol == PROTO_HITAGS) {
-        annotateHitagS(explanation, sizeof(explanation), frame, data_len, hdr->isResponse);
     }
 
     if (hdr->isResponse == false) {
+
         switch (protocol) {
+            case LEGIC:
+                annotateLegic(explanation, sizeof(explanation), frame, data_len);
+                break;
             case ICLASS:
                 annotateIclass(explanation, sizeof(explanation), frame, data_len);
                 break;
@@ -395,6 +400,9 @@ static uint16_t printTraceLine(uint16_t tracepos, uint16_t traceLen, uint8_t *tr
             case LTO:
                 annotateLTO(explanation, sizeof(explanation), frame, data_len);
                 break;
+            case PROTO_CRYPTORF:
+                annotateCryptoRF(explanation, sizeof(explanation), frame, data_len);
+                break;
             default:
                 break;
         }
@@ -645,10 +653,11 @@ int CmdTraceList(const char *Cmd) {
             else if (strcmp(type, "felica") == 0)   protocol = FELICA;
             else if (strcmp(type, "mf") == 0)       protocol = PROTO_MIFARE;
             else if (strcmp(type, "hitag1") == 0)   protocol = PROTO_HITAG1;
-            else if (strcmp(type, "hitag2") == 0)    protocol = PROTO_HITAG2;
+            else if (strcmp(type, "hitag2") == 0)   protocol = PROTO_HITAG2;
-            else if (strcmp(type, "hitags") == 0)    protocol = PROTO_HITAGS;
+            else if (strcmp(type, "hitags") == 0)   protocol = PROTO_HITAGS;
             else if (strcmp(type, "thinfilm") == 0) protocol = THINFILM;
             else if (strcmp(type, "lto") == 0)      protocol = LTO;
+            else if (strcmp(type, "cryptorf") == 0) protocol = PROTO_CRYPTORF;
             else if (strcmp(type, "raw") == 0)      protocol = -1; //No crc, no annotations
             else errors = true;
 
@@ -714,7 +723,7 @@ int CmdTraceList(const char *Cmd) {
             PrintAndLogEx(INFO, _YELLOW_("LEGIC") " - Reader Mode: Timings are in ticks (1us == 1.5ticks)\n"
                           "        Tag Mode: Timings are in sub carrier periods (1/212 kHz == 4.7us)");
 
-        if (protocol == ISO_14443B) {
+        if (protocol == ISO_14443B || protocol == PROTO_CRYPTORF) {
             if (use_us)
                 PrintAndLogEx(INFO, _YELLOW_("ISO14443B") " - all times are in microseconds");
             else

include/protocols.h

@@ -240,9 +240,9 @@ ISO 7816-4 Basic interindustry commands. For command APDU's.
 #define ISO14443B_PING         0xBA
 #define ISO14443B_PONG         0xAB
 
-//meltem
+
-//defined crypto RF commands
+// defined crypto RF commands
-//only interpreting channel 1 communication
+// only interpreting channel 1 communication
 #define CRYPTORF_SET_USER_ZONE      0x11
 #define CRYPTORF_READ_USER_ZONE     0x12
 #define CRYPTORF_WRITE_USER_ZONE    0x13
@@ -254,8 +254,7 @@ ISO 7816-4 Basic interindustry commands. For command APDU's.
 #define CRYPTORF_IDLE               0x1B
 #define CRYPTORF_CHECK_PASSWORD     0x1C
 
-//meltem
+// defined Crypto RF errors
-//defined Crypto RF errors
 #define CRYPTORF_ERR_ACCESS_DENIED_ZONE               0x99
 #define CRYPTORF_ERR_PARAM_INVALID                    0xA1
 #define CRYPTORF_ERR_ADDRES_INVALID                   0xA2
@@ -348,6 +347,7 @@ ISO 7816-4 Basic interindustry commands. For command APDU's.
 #define LTO             12
 #define PROTO_HITAG2    13
 #define PROTO_HITAGS    14
+#define PROTO_CRYPTORF  15
 
 // Picopass fuses
 #define FUSE_FPERS   0x80