From 70eb1b13912c99f263113f997f67dc9a4265e047 Mon Sep 17 00:00:00 2001
From: merlokk <807634+merlokk@users.noreply.github.com>
Date: Sun, 5 Nov 2023 22:09:30 +0200
Subject: [PATCH] add low level g4 info commands

---
 client/src/mifare/mifarehost.c | 79 ++++++++++++++++++++++++++++++++++
 client/src/mifare/mifarehost.h |  3 ++
 2 files changed, 82 insertions(+)

diff --git a/client/src/mifare/mifarehost.c b/client/src/mifare/mifarehost.c
index 76c392490..6666aca8a 100644
--- a/client/src/mifare/mifarehost.c
+++ b/client/src/mifare/mifarehost.c
@@ -40,6 +40,7 @@
 #include "crypto/libpcrypto.h"
 #include "util.h" // xor
 #include "mbedtls/sha1.h"       // SHA1
+#include "gen4.h"
 
 int mfDarkside(uint8_t blockno, uint8_t key_type, uint64_t *key) {
     uint32_t uid = 0;
@@ -1173,6 +1174,84 @@ int mfGen3Freeze(void) {
     }
 }
 
+static int mfG4ExCommand(uint8_t cmd, uint8_t *pwd, uint8_t *data, size_t datalen, uint8_t *response, size_t *responselen) {
+    struct p {
+        uint8_t cmdheader;
+        uint8_t pwd[4];
+        uint8_t command;
+        uint8_t data[32];
+    } PACKED payload;
+    memset(&payload, 0, sizeof(payload));
+
+    if (datalen > sizeof(payload.data)) {
+        return PM3_EINVARG;
+    }
+
+    payload.cmdheader = 0xCF;
+    payload.command = cmd;
+    if (pwd != NULL) {
+        memcpy(payload.pwd, pwd, sizeof(payload.pwd));
+    }
+    if (data != NULL && datalen > 0) {
+        memcpy(payload.data, data, datalen);
+    }
+
+    clearCommandBuffer();
+    SendCommandNG(CMD_HF_MIFARE_G4_RDBL, (uint8_t *)&payload, 1 + 4 + 1 + datalen);
+    PacketResponseNG resp;
+    if (WaitForResponseTimeout(CMD_HF_MIFARE_G4_RDBL, &resp, 1500)) {
+        if (resp.status != PM3_SUCCESS) {
+            return PM3_EUNDEF;
+        }
+
+        if (response != NULL)
+            memcpy(response, resp.data.asBytes, resp.length);
+
+        if (responselen != NULL)
+            *responselen = resp.length;
+    } else {
+        PrintAndLogEx(WARNING, "command execute timeout");
+        return PM3_ETIMEOUT;
+    }
+    return PM3_SUCCESS;
+}
+
+int mfG4GetConfig(uint8_t *pwd, uint8_t *data, size_t *datalen) {
+    uint8_t resp[40] = {0};
+    size_t resplen = 0;
+
+    int res = mfG4ExCommand(GEN4_CMD_DUMP_CONFIG, pwd, NULL, 0, resp, &resplen);
+    if (res != PM3_SUCCESS) {
+        return PM3_EUNDEF;
+    }
+
+    if (data != NULL)
+        memcpy(data, resp, resplen);
+
+    if (datalen != NULL)
+        *datalen = resplen;
+
+    return PM3_SUCCESS;
+}
+
+int mfG4GetFactoryTest(uint8_t *pwd, uint8_t *data, size_t *datalen) {
+    uint8_t resp[40] = {0};
+    size_t resplen = 0;
+
+    int res = mfG4ExCommand(GEN4_CMD_FACTORY_TEST, pwd, NULL, 0, resp, &resplen);
+    if (res != PM3_SUCCESS) {
+        return PM3_EUNDEF;
+    }
+
+    if (data != NULL)
+        memcpy(data, resp, resplen);
+
+    if (datalen != NULL)
+        *datalen = resplen;
+
+    return PM3_SUCCESS;
+}
+
 int mfG4GetBlock(uint8_t *pwd, uint8_t blockno, uint8_t *data, uint8_t workFlags) {
     struct p {
         uint8_t blockno;
diff --git a/client/src/mifare/mifarehost.h b/client/src/mifare/mifarehost.h
index ccefbbd40..036770ddf 100644
--- a/client/src/mifare/mifarehost.h
+++ b/client/src/mifare/mifarehost.h
@@ -96,6 +96,9 @@ int mfGen3UID(uint8_t *uid, uint8_t uidlen, uint8_t *oldUid);
 int mfGen3Block(uint8_t *block, int blockLen, uint8_t *newBlock);
 int mfGen3Freeze(void);
 
+int mfG4GetConfig(uint8_t *pwd, uint8_t *data, size_t *datalen);
+int mfG4GetFactoryTest(uint8_t *pwd, uint8_t *data, size_t *datalen);
+
 int mfG4GetBlock(uint8_t *pwd, uint8_t blockno, uint8_t *data, uint8_t workFlags);
 int mfG4SetBlock(uint8_t *pwd, uint8_t blockno, uint8_t *data, uint8_t workFlags);