Adjusting hf_msdsal standalone module

armsrc/Standalone/hf_msdsal.c

@@ -168,7 +168,7 @@ void RunMod(void) {
     //Expiration date: 17/11
     //Service code: 201
     //Discretionary data: 0000030000991
-    //char token[19] = {0x44,0x12,0x34,0x56,0x05,0x78,0x12,0x34,0xd1,0x71,0x12,0x01,0x00,0x00,0x03,0x00,0x00,0x99,0x1f};
+    //char token[19] = {0x44,0x12,0x34,0x56,0x05,0x78,0x56,0x78,0xd1,0x71,0x12,0x01,0x00,0x00,0x03,0x00,0x00,0x99,0x1f};
     //
     // It is possible to initialize directly the emulation mode, having "token" with data and set "chktoken" = true ;)
     //
@@ -185,11 +185,11 @@ void RunMod(void) {
     // in case there is a read command received we shouldn't break
     uint8_t data[PM3_CMD_DATA_SIZE] = {0x00};
 
-    uint8_t visauid[7] = {0x01, 0x02, 0x03, 0x04};
+    uint8_t visauid[7] = {0x05, 0x06, 0x07, 0x08};
     memcpy(data, visauid, 4);
 
     // to initialize the emulation
-    uint8_t tagType = 4; // 4 = ISO/IEC 14443-4 - javacard (JCOP)
+    uint8_t tagType = 11; // 11 = ISO/IEC 14443-4 - javacard (JCOP)
     tag_response_info_t *responses;
     uint32_t cuid = 0;
     uint32_t counters[3] = { 0x00, 0x00, 0x00 };
@@ -377,6 +377,7 @@ void RunMod(void) {
                 // dynamic_response_info will be in charge of responses
                 dynamic_response_info.response_n = 0;
                 
+                //Dbprintf("receivedCmd: %02x\n", receivedCmd);
                 // received a REQUEST
                 if (receivedCmd[0] == ISO14443A_CMD_REQA && len == 1) {
                     odd_reply = !odd_reply;
@@ -407,9 +408,14 @@ void RunMod(void) {
 
                     // received a RATS request
                 } else if (receivedCmd[0] == ISO14443A_CMD_RATS && len == 4) {
-//                    DbpString(_YELLOW_("+") "Request for RATS");
+                    DbpString(_YELLOW_("+") "Request for RATS");
                     prevCmd = 0;
-                    p_response = &responses[RESP_INDEX_RATS];
+                    //p_response = &responses[RESP_INDEX_RATS];
+
+                    static uint8_t rRATS[] = { 0x13, 0x78, 0x80, 0x72, 0x02, 0x80, 0x31, 0x80, 0x66, 0xb1, 0x84, 0x0c, 0x01, 0x6e, 0x01, 0x83, 0x00, 0x90, 0x00 };                    
+
+                    memcpy(&dynamic_response_info.response[0], rRATS, sizeof(rRATS));
+                    dynamic_response_info.response_n = sizeof(rRATS);
 
                 } else {
                     DbpString(_YELLOW_("[ ") "Card reader command" _YELLOW_(" ]"));
@@ -483,6 +489,7 @@ void RunMod(void) {
                         }
                     }
                 }
+
                 if (dynamic_response_info.response_n > 0) {
                     DbpString(_GREEN_("[ ") "Proxmark3 answer" _GREEN_(" ]"));
                     Dbhexdump(dynamic_response_info.response_n, dynamic_response_info.response, false);

armsrc/iso14443a.c

@@ -1151,6 +1151,11 @@ bool SimulateIso14443aInit(uint8_t tagType, uint16_t flags, uint8_t *data, tag_r
             sak = 0x20;
         }
         break;
+        case 11: { // ISO/IEC 14443-4 - javacard (JCOP)
+            rATQA[0] = 0x04;
+            sak = 0x20;
+        }
+        break;
 
         default: {
             if (g_dbglevel >= DBG_ERROR) Dbprintf("Error: unknown tagtype (%d)", tagType);
@@ -1183,7 +1188,15 @@ bool SimulateIso14443aInit(uint8_t tagType, uint16_t flags, uint8_t *data, tag_r
 
         // Configure the ATQA and SAK accordingly
         rATQA[0] &= 0xBF;
+
+        if(tagType == 11){
+            rSAKc1[0] = sak & 0xFC & 0X70;
+            DbpString(_YELLOW_("[ ") "Passando no Sak Penegui" _YELLOW_(" ]"));
+        }else{
             rSAKc1[0] = sak & 0xFB;
+            //DbpString(_YELLOW_("[ ") "Passando no Sak Antigo" _YELLOW_(" ]"));
+        }
+        
         AddCrc14A(rSAKc1, sizeof(rSAKc1) - 2);
 
         *cuid = bytes_to_num(data, 4);