github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-21 05:43:48 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

chg, printf

Browse source
This commit is contained in:
iceman1001 2020-05-29 08:39:13 +02:00
commit 691c1735a4
1 changed files with 31 additions and 39 deletions
Download patch file Download diff file Expand all files Collapse all files

70
client/src/emv/emv_pki.c
View file

@ -26,6 +26,7 @@
#include "crypto.h" #include "crypto.h"
#include "dump.h" #include "dump.h"
#include "util.h" #include "util.h"
#include "ui.h"
static bool strictExecution = true; static bool strictExecution = true;
void PKISetStrictExecution(bool se) { void PKISetStrictExecution(bool se) {
@ -53,12 +54,12 @@ static unsigned char *emv_pki_decode_message(const struct emv_pk *enc_pk,
return NULL; return NULL;
if (!cert_tlv) { if (!cert_tlv) {
printf("ERROR: Can't find certificate\n"); PrintAndLogEx(WARNING, "ERROR: Can't find certificate");
return NULL; return NULL;
} }
if (cert_tlv->len != enc_pk->mlen) { if (cert_tlv->len != enc_pk->mlen) {
printf("ERROR: Certificate length (%zu) not equal key length (%zu)\n", cert_tlv->len, enc_pk->mlen); PrintAndLogEx(WARNING, "ERROR: Certificate length (%zu) not equal key length (%zu)", cert_tlv->len, enc_pk->mlen);
return NULL; return NULL;
} }
kcp = crypto_pk_open(enc_pk->pk_algo, kcp = crypto_pk_open(enc_pk->pk_algo,
@ -71,19 +72,19 @@ static unsigned char *emv_pki_decode_message(const struct emv_pk *enc_pk,
crypto_pk_close(kcp); crypto_pk_close(kcp);
/* if (true){ /* if (true){
printf("Recovered data:\n"); PrintAndLogEx(SUCCESS, "Recovered data:\n");
dump_buffer(data, data_len, stdout, 0); dump_buffer(data, data_len, stdout, 0);
}*/ }*/
if (data[data_len - 1] != 0xbc || data[0] != 0x6a || data[1] != msgtype) { if (data[data_len - 1] != 0xbc || data[0] != 0x6a || data[1] != msgtype) {
printf("ERROR: Certificate format\n"); PrintAndLogEx(WARNING, "ERROR: Certificate format");
free(data); free(data);
return NULL; return NULL;
} }
size_t hash_pos = emv_pki_hash_psn[msgtype]; size_t hash_pos = emv_pki_hash_psn[msgtype];
if (hash_pos == 0 || hash_pos > data_len) { if (hash_pos == 0 || hash_pos > data_len) {
printf("ERROR: Cant get hash position in the certificate\n"); PrintAndLogEx(WARNING, "ERROR: Cant get hash position in the certificate");
free(data); free(data);
return NULL; return NULL;
} }
@ -91,7 +92,7 @@ static unsigned char *emv_pki_decode_message(const struct emv_pk *enc_pk,
struct crypto_hash *ch; struct crypto_hash *ch;
ch = crypto_hash_open(data[hash_pos]); ch = crypto_hash_open(data[hash_pos]);
if (!ch) { if (!ch) {
printf("ERROR: Cant do hash\n"); PrintAndLogEx(WARNING, "ERROR: Cant do hash");
free(data); free(data);
return NULL; return NULL;
} }
@ -113,9 +114,9 @@ static unsigned char *emv_pki_decode_message(const struct emv_pk *enc_pk,
memset(hash, 0, hash_len); memset(hash, 0, hash_len);
memcpy(hash, crypto_hash_read(ch), hash_len); memcpy(hash, crypto_hash_read(ch), hash_len);
if (memcmp(data + data_len - 1 - hash_len, hash, hash_len)) { if (memcmp(data + data_len - 1 - hash_len, hash, hash_len)) {
printf("ERROR: Calculated wrong hash\n"); PrintAndLogEx(WARNING, "ERROR: Calculated wrong hash");
printf("decoded: %s\n", sprint_hex(data + data_len - 1 - hash_len, hash_len)); PrintAndLogEx(WARNING, "decoded: " _YELLOW_("%s"), sprint_hex(data + data_len - 1 - hash_len, hash_len));
printf("calculated: %s\n", sprint_hex(hash, hash_len)); PrintAndLogEx(WARNING, "calculated: " _YELLOW_("%s"), sprint_hex(hash, hash_len));
if (strictExecution) { if (strictExecution) {
crypto_hash_close(ch); crypto_hash_close(ch);
@ -125,16 +126,12 @@ static unsigned char *emv_pki_decode_message(const struct emv_pk *enc_pk,
} }
crypto_hash_close(ch); crypto_hash_close(ch);
*len = data_len - hash_len - 1; *len = data_len - hash_len - 1;
return data; return data;
} }
static unsigned emv_cn_length(const struct tlv *tlv) { static unsigned emv_cn_length(const struct tlv *tlv) {
int i; for (int i = 0; i < tlv->len; i++) {
for (i = 0; i < tlv->len; i++) {
unsigned char c = tlv->value[i]; unsigned char c = tlv->value[i];
if (c >> 4 == 0xf) if (c >> 4 == 0xf)
@ -143,7 +140,6 @@ static unsigned emv_cn_length(const struct tlv *tlv) {
if ((c & 0xf) == 0xf) if ((c & 0xf) == 0xf)
return 2 * i + 1; return 2 * i + 1;
} }
return 2 * tlv->len; return 2 * tlv->len;
} }
@ -185,7 +181,7 @@ static struct emv_pk *emv_pki_decode_key_ex(const struct emv_pk *enc_pk,
else if (msgtype == 4) else if (msgtype == 4)
pan_length = 10; pan_length = 10;
else { else {
printf("ERROR: Message type must be 2 or 4\n"); PrintAndLogEx(WARNING, "ERROR: Message type must be 2 or 4");
return NULL; return NULL;
} }
@ -198,12 +194,12 @@ static struct emv_pk *emv_pki_decode_key_ex(const struct emv_pk *enc_pk,
sdatl_tlv, sdatl_tlv,
NULL); NULL);
if (!data || data_len < 11 + pan_length) { if (!data || data_len < 11 + pan_length) {
printf("ERROR: Can't decode message\n"); PrintAndLogEx(WARNING, "ERROR: Can't decode message");
return NULL; return NULL;
} }
if (showData) { if (showData) {
printf("Recovered data:\n"); PrintAndLogEx(SUCCESS, "Recovered data:");
dump_buffer(data, data_len, stdout, 0); dump_buffer(data, data_len, stdout, 0);
} }
@ -219,7 +215,7 @@ static struct emv_pk *emv_pki_decode_key_ex(const struct emv_pk *enc_pk,
if (((msgtype == 2) && (pan2_len < 4 || pan2_len > pan_len)) || if (((msgtype == 2) && (pan2_len < 4 || pan2_len > pan_len)) ||
((msgtype == 4) && (pan2_len != pan_len))) { ((msgtype == 4) && (pan2_len != pan_len))) {
printf("ERROR: Invalid PAN lengths\n"); PrintAndLogEx(WARNING, "ERROR: Invalid PAN lengths");
free(data); free(data);
return NULL; return NULL;
@ -228,9 +224,9 @@ static struct emv_pk *emv_pki_decode_key_ex(const struct emv_pk *enc_pk,
unsigned i; unsigned i;
for (i = 0; i < pan2_len; i++) for (i = 0; i < pan2_len; i++)
if (emv_cn_get(pan_tlv, i) != emv_cn_get(&pan2_tlv, i)) { if (emv_cn_get(pan_tlv, i) != emv_cn_get(&pan2_tlv, i)) {
printf("ERROR: PAN data mismatch\n"); PrintAndLogEx(WARNING, "ERROR: PAN data mismatch");
printf("tlv pan=%s\n", sprint_hex(pan_tlv->value, pan_tlv->len)); PrintAndLogEx(WARNING, "tlv pan " _YELLOW_("%s"), sprint_hex(pan_tlv->value, pan_tlv->len));
printf("cert pan=%s\n", sprint_hex(pan2_tlv.value, pan2_tlv.len)); PrintAndLogEx(WARNING, "cert pan " _YELLOW_("%s"), sprint_hex(pan2_tlv.value, pan2_tlv.len));
free(data); free(data);
return NULL; return NULL;
@ -238,7 +234,7 @@ static struct emv_pk *emv_pki_decode_key_ex(const struct emv_pk *enc_pk,
pk_len = data[9 + pan_length]; pk_len = data[9 + pan_length];
if (pk_len > data_len - 11 - pan_length + rem_tlv->len) { if (pk_len > data_len - 11 - pan_length + rem_tlv->len) {
printf("ERROR: Invalid pk length\n"); PrintAndLogEx(WARNING, "ERROR: Invalid pk length");
free(data); free(data);
return NULL; return NULL;
} }
@ -268,7 +264,6 @@ static struct emv_pk *emv_pki_decode_key_ex(const struct emv_pk *enc_pk,
memcpy(pk->exp, exp_tlv->value, exp_tlv->len); memcpy(pk->exp, exp_tlv->value, exp_tlv->len);
free(data); free(data);
return pk; return pk;
} }
@ -354,7 +349,6 @@ unsigned char *emv_pki_sdatl_fill(const struct tlvdb *db, size_t *sdatl_len) {
return NULL; return NULL;
} }
struct tlvdb *emv_pki_recover_dac_ex(const struct emv_pk *enc_pk, const struct tlvdb *db, const struct tlv *sda_tlv, bool showData) { struct tlvdb *emv_pki_recover_dac_ex(const struct emv_pk *enc_pk, const struct tlvdb *db, const struct tlv *sda_tlv, bool showData) {
size_t data_len; size_t data_len;
@ -380,16 +374,15 @@ struct tlvdb *emv_pki_recover_dac_ex(const struct emv_pk *enc_pk, const struct t
return NULL; return NULL;
if (showData) { if (showData) {
printf("Recovered data:\n"); PrintAndLogEx(SUCCESS, "Recovered data:");
dump_buffer(data, data_len, stdout, 0); dump_buffer(data, data_len, stdout, 0);
} }
struct tlvdb *dac_db = tlvdb_fixed(0x9f45, 2, data + 3); struct tlvdb *dac_db = tlvdb_fixed(0x9f45, 2, data + 3);
free(data); free(data);
return dac_db; return dac_db;
} }
struct tlvdb *emv_pki_recover_dac(const struct emv_pk *enc_pk, const struct tlvdb *db, const struct tlv *sda_tlv) { struct tlvdb *emv_pki_recover_dac(const struct emv_pk *enc_pk, const struct tlvdb *db, const struct tlv *sda_tlv) {
return emv_pki_recover_dac_ex(enc_pk, db, sda_tlv, false); return emv_pki_recover_dac_ex(enc_pk, db, sda_tlv, false);
} }
@ -415,7 +408,7 @@ struct tlvdb *emv_pki_recover_idn_ex(const struct emv_pk *enc_pk, const struct t
} }
if (showData) { if (showData) {
printf("Recovered data:\n"); PrintAndLogEx(SUCCESS, "Recovered data:");
dump_buffer(data, data_len, stdout, 0); dump_buffer(data, data_len, stdout, 0);
} }
@ -427,9 +420,7 @@ struct tlvdb *emv_pki_recover_idn_ex(const struct emv_pk *enc_pk, const struct t
// 9f4c ICC Dynamic Number // 9f4c ICC Dynamic Number
struct tlvdb *idn_db = tlvdb_fixed(0x9f4c, idn_len, data + 5); struct tlvdb *idn_db = tlvdb_fixed(0x9f4c, idn_len, data + 5);
free(data); free(data);
return idn_db; return idn_db;
} }
@ -453,7 +444,7 @@ struct tlvdb *emv_pki_recover_atc_ex(const struct emv_pk *enc_pk, const struct t
} }
if (showData) { if (showData) {
printf("Recovered data:\n"); PrintAndLogEx(SUCCESS, "Recovered data:");
dump_buffer(data, data_len, stdout, 0); dump_buffer(data, data_len, stdout, 0);
} }
@ -496,6 +487,7 @@ struct tlvdb *emv_pki_perform_cda(const struct emv_pk *enc_pk, const struct tlvd
const struct tlv *crm2_tlv) { const struct tlv *crm2_tlv) {
return emv_pki_perform_cda_ex(enc_pk, db, this_db, pdol_data_tlv, crm1_tlv, crm2_tlv, false); return emv_pki_perform_cda_ex(enc_pk, db, this_db, pdol_data_tlv, crm1_tlv, crm2_tlv, false);
} }
struct tlvdb *emv_pki_perform_cda_ex(const struct emv_pk *enc_pk, const struct tlvdb *db, struct tlvdb *emv_pki_perform_cda_ex(const struct emv_pk *enc_pk, const struct tlvdb *db,
const struct tlvdb *this_db, // AC TLV result const struct tlvdb *this_db, // AC TLV result
const struct tlv *pdol_data_tlv, // PDOL const struct tlv *pdol_data_tlv, // PDOL
@ -515,23 +507,23 @@ struct tlvdb *emv_pki_perform_cda_ex(const struct emv_pk *enc_pk, const struct t
un_tlv, un_tlv,
NULL); NULL);
if (!data || data_len < 3) { if (!data || data_len < 3) {
printf("ERROR: can't decode message. len %zu\n", data_len); PrintAndLogEx(WARNING, "ERROR: can't decode message. [%zu bytes]", data_len);
return NULL; return NULL;
} }
if (showData) { if (showData) {
printf("Recovered data:\n"); PrintAndLogEx(SUCCESS, "Recovered data:");
dump_buffer(data, data_len, stdout, 0); dump_buffer(data, data_len, stdout, 0);
} }
if (data[3] < 30 || data[3] > data_len - 4) { if (data[3] < 30 || data[3] > data_len - 4) {
printf("ERROR: Invalid data length\n"); PrintAndLogEx(WARNING, "ERROR: Invalid data length");
free(data); free(data);
return NULL; return NULL;
} }
if (!cid_tlv || cid_tlv->len != 1 || cid_tlv->value[0] != data[5 + data[4]]) { if (!cid_tlv || cid_tlv->len != 1 || cid_tlv->value[0] != data[5 + data[4]]) {
printf("ERROR: CID mismatch\n"); PrintAndLogEx(WARNING, "ERROR: CID mismatch");
free(data); free(data);
return NULL; return NULL;
} }
@ -539,7 +531,7 @@ struct tlvdb *emv_pki_perform_cda_ex(const struct emv_pk *enc_pk, const struct t
struct crypto_hash *ch; struct crypto_hash *ch;
ch = crypto_hash_open(enc_pk->hash_algo); ch = crypto_hash_open(enc_pk->hash_algo);
if (!ch) { if (!ch) {
printf("ERROR: can't create hash\n"); PrintAndLogEx(WARNING, "ERROR: can't create hash");
free(data); free(data);
return NULL; return NULL;
} }
@ -554,7 +546,7 @@ struct tlvdb *emv_pki_perform_cda_ex(const struct emv_pk *enc_pk, const struct t
tlvdb_visit(this_db, tlv_hash, ch, 0); tlvdb_visit(this_db, tlv_hash, ch, 0);
if (memcmp(data + 5 + data[4] + 1 + 8, crypto_hash_read(ch), 20)) { if (memcmp(data + 5 + data[4] + 1 + 8, crypto_hash_read(ch), 20)) {
printf("ERROR: calculated hash error\n"); PrintAndLogEx(WARNING, "ERROR: calculated hash error");
crypto_hash_close(ch); crypto_hash_close(ch);
free(data); free(data);
return NULL; return NULL;
@ -563,7 +555,7 @@ struct tlvdb *emv_pki_perform_cda_ex(const struct emv_pk *enc_pk, const struct t
size_t idn_len = data[4]; size_t idn_len = data[4];
if (idn_len > data[3] - 1) { if (idn_len > data[3] - 1) {
printf("ERROR: Invalid IDN length\n"); PrintAndLogEx(WARNING, "ERROR: Invalid IDN length");
free(data); free(data);
return NULL; return NULL;
} }