From 54e81967742b688e98148a14b21db306b70b8e0d Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Mon, 4 Mar 2019 20:04:24 +0200 Subject: [PATCH 01/16] `hf mfp ndef` sketch --- client/cmdhfmfp.c | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/client/cmdhfmfp.c b/client/cmdhfmfp.c index 725dbca04..ce31ff03a 100644 --- a/client/cmdhfmfp.c +++ b/client/cmdhfmfp.c @@ -733,6 +733,49 @@ int CmdHFMFPMAD(const char *cmd) { return 0; } +int CmdHFMFPNDEF(const char *cmd) { + + CLIParserInit("hf mfp ndef", + "Prints NFC Data Exchange Format (NDEF)", + "Usage:\n\thf mfp ndef -> shows NDEF data\n" + "\thf mfp ndef -a 03e1 -k d3f7d3f7d3f7d3f7d3f7d3f7d3f7d3f7 -> shows NDEF data with custom AID and key\n"); + + void* argtable[] = { + arg_param_begin, + arg_lit0("vV", "verbose", "show technical data"), + arg_str0("aA", "aid", "replace default aid for NDEF", NULL), + arg_str0("kK", "key", "replace default key for NDEF", NULL), + arg_lit0("bB", "keyb", "use key B for access sectors (by default: key A)"), + arg_param_end + }; + CLIExecWithReturn(cmd, argtable, true); + + bool verbose = arg_get_lit(1); + uint8_t aid[2] = {0}; + int aidlen; + CLIGetHexWithReturn(2, aid, &aidlen); + uint8_t key[16] = {0}; + int keylen; + CLIGetHexWithReturn(3, key, &keylen); + bool keyB = arg_get_lit(4); + + CLIParserFree(); + + uint16_t ndefAID = 0x03e1; + if (aidlen == 2) + ndefAID = (aid[0] << 8) + aid[1]; + + uint8_t ndefkey[16] = {0}; + memcpy(ndefkey, g_mifarep_ndef_key, 16); + if (keylen == 16) { + memcpy(ndefkey, key, 16); + } + + uint8_t data[4096] = {0}; + int datalen = 0; + + return 0; +} static command_t CommandTable[] = { {"help", CmdHelp, 1, "This help"}, @@ -745,6 +788,7 @@ static command_t CommandTable[] = {"rdsc", CmdHFMFPRdsc, 0, "Read sectors"}, {"wrbl", CmdHFMFPWrbl, 0, "Write blocks"}, {"mad", CmdHFMFPMAD, 0, "Checks and prints MAD"}, + {"ndef", CmdHFMFPNDEF, 0, "Prints NDEF"}, {NULL, NULL, 0, NULL} }; From e191219d8a8f0cee34159167815c93edfe9fdede Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Mon, 4 Mar 2019 20:22:25 +0200 Subject: [PATCH 02/16] reading NDEF data from card --- client/cmdhfmfp.c | 57 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) diff --git a/client/cmdhfmfp.c b/client/cmdhfmfp.c index ce31ff03a..de47d9865 100644 --- a/client/cmdhfmfp.c +++ b/client/cmdhfmfp.c @@ -26,6 +26,7 @@ #include "mifare/mad.h" #include "cliparser/cliparser.h" #include "crypto/libpcrypto.h" +#include "emv/dump.h" static const uint8_t DefaultKey[16] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; @@ -771,9 +772,65 @@ int CmdHFMFPNDEF(const char *cmd) { memcpy(ndefkey, key, 16); } + uint8_t sector0[16 * 4] = {0}; + uint8_t sector10[16 * 4] = {0}; uint8_t data[4096] = {0}; int datalen = 0; + + PrintAndLogEx(NORMAL, ""); + if (mfpReadSector(MF_MAD1_SECTOR, MF_KEY_A, (uint8_t *)g_mifarep_mad_key, sector0, verbose)) { + PrintAndLogEx(ERR, "read sector 0 error. card don't have MAD or don't have MAD on default keys."); + return 2; + } + + bool haveMAD2 = false; + int res = MADCheck(sector0, NULL, verbose, &haveMAD2); + if (res) { + PrintAndLogEx(ERR, "MAD error %d.", res); + return res; + } + + if (haveMAD2) { + if (mfpReadSector(MF_MAD2_SECTOR, MF_KEY_A, (uint8_t *)g_mifarep_mad_key, sector10, verbose)) { + PrintAndLogEx(ERR, "read sector 0x10 error. card don't have MAD or don't have MAD on default keys."); + return 2; + } + } + + uint16_t mad[7 + 8 + 8 + 8 + 8] = {0}; + size_t madlen = 0; + if (MADDecode(sector0, (haveMAD2 ? sector10 : NULL), mad, &madlen)) { + PrintAndLogEx(ERR, "can't decode mad."); + return 10; + } + + printf("data reading:"); + for (int i = 0; i < madlen; i++) { + if (ndefAID == mad[i]) { + uint8_t vsector[16 * 4] = {0}; + if (mfpReadSector(i + 1, keyB ? MF_KEY_B : MF_KEY_A, ndefkey, vsector, false)) { + PrintAndLogEx(ERR, "read sector %d error.", i + 1); + return 2; + } + + memcpy(&data[datalen], vsector, 16 * 3); + datalen += 16 * 3; + + printf("."); + } + } + printf(" OK\n"); + + if (!datalen) { + PrintAndLogEx(ERR, "no NDEF data."); + return 11; + } + +// if (verbose) + PrintAndLogEx(NORMAL, "NDEF data:"); + dump_buffer(data, datalen, stdout, 1); + return 0; } static command_t CommandTable[] = From cbe25f48328a1dd856db1b739097f3026b005b29 Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Tue, 5 Mar 2019 00:11:31 +0200 Subject: [PATCH 03/16] add ndef.c/h --- client/Makefile | 1 + client/cmdhfmfp.c | 9 +++++++-- client/mifare/ndef.c | 16 ++++++++++++++++ client/mifare/ndef.h | 19 +++++++++++++++++++ 4 files changed, 43 insertions(+), 2 deletions(-) create mode 100644 client/mifare/ndef.c create mode 100644 client/mifare/ndef.h diff --git a/client/Makefile b/client/Makefile index 051468ba9..d83fbff5f 100644 --- a/client/Makefile +++ b/client/Makefile @@ -158,6 +158,7 @@ CMDSRCS = crapto1/crapto1.c \ emv/emv_roca.c \ mifare/mifare4.c \ mifare/mad.c \ + mifare/ndef.c \ cmdanalyse.c \ cmdhf.c \ cmdhflist.c \ diff --git a/client/cmdhfmfp.c b/client/cmdhfmfp.c index de47d9865..20b6d0fce 100644 --- a/client/cmdhfmfp.c +++ b/client/cmdhfmfp.c @@ -24,6 +24,7 @@ #include "mifare.h" #include "mifare/mifare4.h" #include "mifare/mad.h" +#include "mifare/ndef.h" #include "cliparser/cliparser.h" #include "crypto/libpcrypto.h" #include "emv/dump.h" @@ -743,7 +744,7 @@ int CmdHFMFPNDEF(const char *cmd) { void* argtable[] = { arg_param_begin, - arg_lit0("vV", "verbose", "show technical data"), + arg_litn("vV", "verbose", 0, 2, "show technical data"), arg_str0("aA", "aid", "replace default aid for NDEF", NULL), arg_str0("kK", "key", "replace default key for NDEF", NULL), arg_lit0("bB", "keyb", "use key B for access sectors (by default: key A)"), @@ -752,6 +753,7 @@ int CmdHFMFPNDEF(const char *cmd) { CLIExecWithReturn(cmd, argtable, true); bool verbose = arg_get_lit(1); + bool verbose2 = arg_get_lit(1) > 1; uint8_t aid[2] = {0}; int aidlen; CLIGetHexWithReturn(2, aid, &aidlen); @@ -827,9 +829,12 @@ int CmdHFMFPNDEF(const char *cmd) { return 11; } -// if (verbose) + if (verbose2) { PrintAndLogEx(NORMAL, "NDEF data:"); dump_buffer(data, datalen, stdout, 1); + } + + NDEFDecodeAndPrint(data, datalen, verbose); return 0; } diff --git a/client/mifare/ndef.c b/client/mifare/ndef.c new file mode 100644 index 000000000..22deb0809 --- /dev/null +++ b/client/mifare/ndef.c @@ -0,0 +1,16 @@ +//----------------------------------------------------------------------------- +// Copyright (C) 2019 Merlok +// +// This code is licensed to you under the terms of the GNU GPL, version 2 or, +// at your option, any later version. See the LICENSE.txt file for the text of +// the license. +//----------------------------------------------------------------------------- +// NFC Data Exchange Format (NDEF) functions +//----------------------------------------------------------------------------- + +#include "ndef.h" + +int NDEFDecodeAndPrint(uint8_t *ndef, size_t ndefLen, bool verbose) { + + return 0; +} diff --git a/client/mifare/ndef.h b/client/mifare/ndef.h new file mode 100644 index 000000000..6e79887ee --- /dev/null +++ b/client/mifare/ndef.h @@ -0,0 +1,19 @@ +//----------------------------------------------------------------------------- +// Copyright (C) 2019 Merlok +// +// This code is licensed to you under the terms of the GNU GPL, version 2 or, +// at your option, any later version. See the LICENSE.txt file for the text of +// the license. +//----------------------------------------------------------------------------- +// NFC Data Exchange Format (NDEF) functions +//----------------------------------------------------------------------------- + +#ifndef _NDEF_H_ +#define _NDEF_H_ + +#include +#include + +extern int NDEFDecodeAndPrint(uint8_t *ndef, size_t ndefLen, bool verbose); + +#endif // _NDEF_H_ From 0a30e03aaf2102532db9f37384fd26caae0564f9 Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Tue, 5 Mar 2019 00:13:01 +0200 Subject: [PATCH 04/16] add header --- client/mifare/ndef.h | 1 + 1 file changed, 1 insertion(+) diff --git a/client/mifare/ndef.h b/client/mifare/ndef.h index 6e79887ee..0aa4cca27 100644 --- a/client/mifare/ndef.h +++ b/client/mifare/ndef.h @@ -13,6 +13,7 @@ #include #include +#include extern int NDEFDecodeAndPrint(uint8_t *ndef, size_t ndefLen, bool verbose); From a2f8f0628c02c79cae965bbf35f5ab93fa7d83b0 Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Tue, 5 Mar 2019 00:48:02 +0200 Subject: [PATCH 05/16] added ndef tlv parsing --- client/mifare/ndef.c | 58 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) diff --git a/client/mifare/ndef.c b/client/mifare/ndef.c index 22deb0809..e5ce5fe11 100644 --- a/client/mifare/ndef.c +++ b/client/mifare/ndef.c @@ -9,8 +9,66 @@ //----------------------------------------------------------------------------- #include "ndef.h" +#include "ui.h" + +uint16_t ndefTLVGetLength(uint8_t *data, size_t *indx) { + uint16_t len = 0; + if (data[0] == 0xff) { + len = (data[1] << 8) + data[2]; + *indx += 3; + } else { + len = data[0]; + *indx += 1; + } + + return len; +} int NDEFDecodeAndPrint(uint8_t *ndef, size_t ndefLen, bool verbose) { + size_t indx = 0; + + while (indx < ndefLen) { + switch (ndef[indx]) { + case 0x00: { + indx++; + uint16_t len = ndefTLVGetLength(&ndef[indx], &indx); + PrintAndLogEx(INFO, "NDEF NULL block."); + if (len) + PrintAndLogEx(WARNING, "NDEF NULL block size must be 0 instead of %d.", len); + indx += len; + break; + } + case 0x03: { + indx++; + uint16_t len = ndefTLVGetLength(&ndef[indx], &indx); + PrintAndLogEx(INFO, "NDEF message. len: %d", len); + + // ndef decode + + + + indx += len; + break; + } + case 0xfd: { + indx++; + uint16_t len = ndefTLVGetLength(&ndef[indx], &indx); + PrintAndLogEx(INFO, "NDEF proprietary info. Skipped %d bytes.", len); + indx += len; + break; + } + case 0xfe: { + PrintAndLogEx(INFO, "NDEF Terminator. Done."); + return 0; + break; + } + default: { + PrintAndLogEx(ERR, "unknown tag 0x%02x", ndef[indx]); + return 1; + } + } + } + return 0; } From 64a5b355b5ae336669814d98c49319db716095fd Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Tue, 5 Mar 2019 00:51:32 +0200 Subject: [PATCH 06/16] added ndef record parse sketch --- client/mifare/ndef.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/client/mifare/ndef.c b/client/mifare/ndef.c index e5ce5fe11..f827eb5a7 100644 --- a/client/mifare/ndef.c +++ b/client/mifare/ndef.c @@ -24,6 +24,14 @@ uint16_t ndefTLVGetLength(uint8_t *data, size_t *indx) { return len; } +int ndefRecordDecodeAndPrint(uint8_t *ndefRecord, size_t ndefRecordLen) { + + + + + return 0; +} + int NDEFDecodeAndPrint(uint8_t *ndef, size_t ndefLen, bool verbose) { size_t indx = 0; @@ -44,9 +52,9 @@ int NDEFDecodeAndPrint(uint8_t *ndef, size_t ndefLen, bool verbose) { uint16_t len = ndefTLVGetLength(&ndef[indx], &indx); PrintAndLogEx(INFO, "NDEF message. len: %d", len); - // ndef decode - - + int res = ndefRecordDecodeAndPrint(&ndef[indx], len); + if (res) + return res; indx += len; break; From 3bf618ca563fc9b64f76673c80a09f35f9257978 Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Tue, 5 Mar 2019 00:54:45 +0200 Subject: [PATCH 07/16] log structure --- client/mifare/ndef.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/client/mifare/ndef.c b/client/mifare/ndef.c index f827eb5a7..a4c5332eb 100644 --- a/client/mifare/ndef.c +++ b/client/mifare/ndef.c @@ -36,12 +36,13 @@ int NDEFDecodeAndPrint(uint8_t *ndef, size_t ndefLen, bool verbose) { size_t indx = 0; + PrintAndLogEx(INFO, "NDEF decoding:"); while (indx < ndefLen) { switch (ndef[indx]) { case 0x00: { indx++; uint16_t len = ndefTLVGetLength(&ndef[indx], &indx); - PrintAndLogEx(INFO, "NDEF NULL block."); + PrintAndLogEx(INFO, "-- NDEF NULL block."); if (len) PrintAndLogEx(WARNING, "NDEF NULL block size must be 0 instead of %d.", len); indx += len; @@ -50,7 +51,7 @@ int NDEFDecodeAndPrint(uint8_t *ndef, size_t ndefLen, bool verbose) { case 0x03: { indx++; uint16_t len = ndefTLVGetLength(&ndef[indx], &indx); - PrintAndLogEx(INFO, "NDEF message. len: %d", len); + PrintAndLogEx(INFO, "-- NDEF message. len: %d", len); int res = ndefRecordDecodeAndPrint(&ndef[indx], len); if (res) @@ -62,12 +63,12 @@ int NDEFDecodeAndPrint(uint8_t *ndef, size_t ndefLen, bool verbose) { case 0xfd: { indx++; uint16_t len = ndefTLVGetLength(&ndef[indx], &indx); - PrintAndLogEx(INFO, "NDEF proprietary info. Skipped %d bytes.", len); + PrintAndLogEx(INFO, "-- NDEF proprietary info. Skipped %d bytes.", len); indx += len; break; } case 0xfe: { - PrintAndLogEx(INFO, "NDEF Terminator. Done."); + PrintAndLogEx(INFO, "-- NDEF Terminator. Done."); return 0; break; } From 34a133451e011acc91afde4104af4f58becf41e5 Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Tue, 5 Mar 2019 01:02:54 +0200 Subject: [PATCH 08/16] small addon --- client/mifare/ndef.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/client/mifare/ndef.c b/client/mifare/ndef.c index a4c5332eb..4923b0081 100644 --- a/client/mifare/ndef.c +++ b/client/mifare/ndef.c @@ -24,7 +24,7 @@ uint16_t ndefTLVGetLength(uint8_t *data, size_t *indx) { return len; } -int ndefRecordDecodeAndPrint(uint8_t *ndefRecord, size_t ndefRecordLen) { +int ndefRecordsDecodeAndPrint(uint8_t *ndefRecord, size_t ndefRecordLen) { @@ -53,7 +53,7 @@ int NDEFDecodeAndPrint(uint8_t *ndef, size_t ndefLen, bool verbose) { uint16_t len = ndefTLVGetLength(&ndef[indx], &indx); PrintAndLogEx(INFO, "-- NDEF message. len: %d", len); - int res = ndefRecordDecodeAndPrint(&ndef[indx], len); + int res = ndefRecordsDecodeAndPrint(&ndef[indx], len); if (res) return res; From fffa921aa04bf1b73e639fb93ffca4b32b73cd64 Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Tue, 5 Mar 2019 16:41:20 +0200 Subject: [PATCH 09/16] ndef record decode OK --- client/mifare/ndef.c | 123 ++++++++++++++++++++++++++++++++++++++++++- client/mifare/ndef.h | 24 +++++++++ 2 files changed, 145 insertions(+), 2 deletions(-) diff --git a/client/mifare/ndef.c b/client/mifare/ndef.c index 4923b0081..4dd200759 100644 --- a/client/mifare/ndef.c +++ b/client/mifare/ndef.c @@ -10,6 +10,20 @@ #include "ndef.h" #include "ui.h" +#include "emv/dump.h" + +#define STRBOOL(p) ((p) ? "+" : "-") + +static const char *TypeNameFormat_s[] = { + "Empty Record", + "Well Known Record", + "MIME Media Record", + "Absolute URI Record", + "External Record", + "Unknown Record", + "Unchanged Record" + "n/a" +}; uint16_t ndefTLVGetLength(uint8_t *data, size_t *indx) { uint16_t len = 0; @@ -24,10 +38,115 @@ uint16_t ndefTLVGetLength(uint8_t *data, size_t *indx) { return len; } +int ndefDecodeHeader(uint8_t *data, size_t datalen, NDEFHeader_t *header) { + header->MessageBegin = data[0] & 0x80; + header->MessageEnd = data[0] & 0x40; + header->ChunkFlag = data[0] & 0x20; + header->ShortRecordBit = data[0] & 0x10; + header->IDLenPresent = data[0] & 0x08; + header->TypeNameFormat = data[0] & 0x07; + header->len = 1 + 1 + (header->ShortRecordBit ? 1 : 4) + (header->IDLenPresent ? 1 : 0); // header + typelen + payloadlen + idlen + if (header->len > datalen) + return 1; + + header->TypeLen = data[1]; + + header->PayloadLen = (header->ShortRecordBit ? (data[2]) : ((data[2] << 24) + (data[3] << 16) + (data[4] << 8) + data[5])); + + if (header->IDLenPresent) + header->IDLen = (header->ShortRecordBit ? (data[3]) : (data[6])); + else + header->IDLen = 0; + + header->RecLen = header->len + header->TypeLen + header->PayloadLen + header->IDLen; + + if (header->RecLen > datalen) + return 3; + + return 0; +} + +int ndefPrintHeader(NDEFHeader_t *header) { + PrintAndLogEx(INFO, "Header:"); + + PrintAndLogEx(NORMAL, "\tMessage Begin: %s", STRBOOL(header->MessageBegin)); + PrintAndLogEx(NORMAL, "\tMessage End: %s", STRBOOL(header->MessageEnd)); + PrintAndLogEx(NORMAL, "\tChunk Flag: %s", STRBOOL(header->ChunkFlag)); + PrintAndLogEx(NORMAL, "\tShort Record Bit: %s", STRBOOL(header->ShortRecordBit)); + PrintAndLogEx(NORMAL, "\tID Len Present: %s", STRBOOL(header->IDLenPresent)); + PrintAndLogEx(NORMAL, "\tType Name Format: [0x%02x] %s", header->TypeNameFormat, TypeNameFormat_s[header->TypeNameFormat]); + + PrintAndLogEx(NORMAL, "\tHeader length : %d", header->len); + PrintAndLogEx(NORMAL, "\tType length : %d", header->TypeLen); + PrintAndLogEx(NORMAL, "\tPayload length : %d", header->PayloadLen); + PrintAndLogEx(NORMAL, "\tID length : %d", header->IDLen); + PrintAndLogEx(NORMAL, "\tRecord length : %d", header->RecLen); + + return 0; +} + +int ndefRecordDecodeAndPrint(uint8_t *ndefRecord, size_t ndefRecordLen) { + + NDEFHeader_t NDEFHeader = {0}; + int res = ndefDecodeHeader(ndefRecord, ndefRecordLen, &NDEFHeader); + if (res) + return res; + + ndefPrintHeader(&NDEFHeader); + + size_t indx = NDEFHeader.len; + if (NDEFHeader.TypeLen) { + PrintAndLogEx(INFO, "Type data:"); + dump_buffer(&ndefRecord[indx], NDEFHeader.TypeLen, stdout, 1); + + indx += NDEFHeader.TypeLen; + } + if (NDEFHeader.IDLen) { + PrintAndLogEx(INFO, "ID data:"); + dump_buffer(&ndefRecord[indx], NDEFHeader.IDLen, stdout, 1); + + indx += NDEFHeader.IDLen; + } + if (NDEFHeader.PayloadLen) { + PrintAndLogEx(INFO, "Payload data:"); + dump_buffer(&ndefRecord[indx], NDEFHeader.PayloadLen, stdout, 1); + + indx += NDEFHeader.PayloadLen; + } + + return 0; +} + int ndefRecordsDecodeAndPrint(uint8_t *ndefRecord, size_t ndefRecordLen) { + bool firstRec = true; + size_t len = 0; - - + while (len < ndefRecordLen) { + NDEFHeader_t NDEFHeader = {0}; + int res = ndefDecodeHeader(&ndefRecord[len], ndefRecordLen - len, &NDEFHeader); + if (res) + return res; + + if (firstRec) { + if (!NDEFHeader.MessageBegin) { + PrintAndLogEx(ERR, "NDEF first record have MessageBegin=false!"); + return 1; + } + firstRec = false; + } + + if (NDEFHeader.MessageEnd && len + NDEFHeader.RecLen != ndefRecordLen) { + PrintAndLogEx(ERR, "NDEF records have wrong length. Must be %d, calculated %d", ndefRecordLen, len + NDEFHeader.RecLen); + return 1; + } + + ndefRecordDecodeAndPrint(&ndefRecord[len], NDEFHeader.RecLen); + + len += NDEFHeader.len + NDEFHeader.TypeLen + NDEFHeader.PayloadLen + NDEFHeader.IDLen; + + if (NDEFHeader.MessageEnd) + break; + } return 0; } diff --git a/client/mifare/ndef.h b/client/mifare/ndef.h index 0aa4cca27..25723158c 100644 --- a/client/mifare/ndef.h +++ b/client/mifare/ndef.h @@ -15,6 +15,30 @@ #include #include +typedef enum { + tnfEmptyRecord = 0x00, + tnfWellKnownRecord = 0x01, + tnfMIMEMediaRecord = 0x02, + tnfAbsoluteURIRecord = 0x03, + tnfExternalRecord = 0x04, + tnfUnknownRecord = 0x05, + tnfUnchangedRecord = 0x06 +} TypeNameFormat_t; + +typedef struct { + bool MessageBegin; + bool MessageEnd; + bool ChunkFlag; + bool ShortRecordBit; + bool IDLenPresent; + TypeNameFormat_t TypeNameFormat; + size_t TypeLen; + size_t PayloadLen; + size_t IDLen; + size_t len; + size_t RecLen; +} NDEFHeader_t; + extern int NDEFDecodeAndPrint(uint8_t *ndef, size_t ndefLen, bool verbose); #endif // _NDEF_H_ From 7003783c089160015f83f4aa2bf1d893a49a765f Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Tue, 5 Mar 2019 16:43:13 +0200 Subject: [PATCH 10/16] refactoring --- client/mifare/ndef.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/mifare/ndef.c b/client/mifare/ndef.c index 4dd200759..15a7292c3 100644 --- a/client/mifare/ndef.c +++ b/client/mifare/ndef.c @@ -142,7 +142,7 @@ int ndefRecordsDecodeAndPrint(uint8_t *ndefRecord, size_t ndefRecordLen) { ndefRecordDecodeAndPrint(&ndefRecord[len], NDEFHeader.RecLen); - len += NDEFHeader.len + NDEFHeader.TypeLen + NDEFHeader.PayloadLen + NDEFHeader.IDLen; + len += NDEFHeader.RecLen; if (NDEFHeader.MessageEnd) break; From c7c97d35b55b316b52196a1097b8c68dec8fda1c Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Tue, 5 Mar 2019 17:25:11 +0200 Subject: [PATCH 11/16] some code to decoding payload --- client/mifare/ndef.c | 66 +++++++++++++++++++++++++++++++++----------- client/mifare/ndef.h | 3 ++ 2 files changed, 53 insertions(+), 16 deletions(-) diff --git a/client/mifare/ndef.c b/client/mifare/ndef.c index 15a7292c3..f6d7f5c15 100644 --- a/client/mifare/ndef.c +++ b/client/mifare/ndef.c @@ -39,6 +39,10 @@ uint16_t ndefTLVGetLength(uint8_t *data, size_t *indx) { } int ndefDecodeHeader(uint8_t *data, size_t datalen, NDEFHeader_t *header) { + header->Type = NULL; + header->Payload = NULL; + header->ID = NULL; + header->MessageBegin = data[0] & 0x80; header->MessageEnd = data[0] & 0x40; header->ChunkFlag = data[0] & 0x20; @@ -49,16 +53,21 @@ int ndefDecodeHeader(uint8_t *data, size_t datalen, NDEFHeader_t *header) { if (header->len > datalen) return 1; - header->TypeLen = data[1]; + header->TypeLen = data[1]; + header->Type = data + header->len; - header->PayloadLen = (header->ShortRecordBit ? (data[2]) : ((data[2] << 24) + (data[3] << 16) + (data[4] << 8) + data[5])); + header->PayloadLen = (header->ShortRecordBit ? (data[2]) : ((data[2] << 24) + (data[3] << 16) + (data[4] << 8) + data[5])); - if (header->IDLenPresent) + if (header->IDLenPresent) { header->IDLen = (header->ShortRecordBit ? (data[3]) : (data[6])); - else + header->Payload = header->Type + header->TypeLen; + } else { header->IDLen = 0; + } + + header->Payload = header->Type + header->TypeLen + header->IDLen; - header->RecLen = header->len + header->TypeLen + header->PayloadLen + header->IDLen; + header->RecLen = header->len + header->TypeLen + header->PayloadLen + header->IDLen; if (header->RecLen > datalen) return 3; @@ -85,8 +94,38 @@ int ndefPrintHeader(NDEFHeader_t *header) { return 0; } -int ndefRecordDecodeAndPrint(uint8_t *ndefRecord, size_t ndefRecordLen) { +int ndefDecodePayload(NDEFHeader_t *ndef) { + switch(ndef->TypeNameFormat) { + case tnfWellKnownRecord: + PrintAndLogEx(INFO, "Well Known Record"); + PrintAndLogEx(NORMAL, "\ttype: %.*s", ndef->TypeLen, ndef->Type); + + if (!strncmp((char *)ndef->Type, "T", ndef->TypeLen)) { + PrintAndLogEx(NORMAL, "\ttext : %.*s", ndef->PayloadLen, ndef->Payload); + } + + if (!strncmp((char *)ndef->Type, "U", ndef->TypeLen)) { + PrintAndLogEx(NORMAL, "\turi : %.*s", ndef->PayloadLen, ndef->Payload); + } + + if (!strncmp((char *)ndef->Type, "Sig", ndef->TypeLen)) { + printf("--sig\n"); + } + + break; + case tnfAbsoluteURIRecord: + PrintAndLogEx(INFO, "Absolute URI Record"); + PrintAndLogEx(NORMAL, "\ttype: %.*s", ndef->TypeLen, ndef->Type); + PrintAndLogEx(NORMAL, "\tpayload: %.*s", ndef->PayloadLen, ndef->Payload); + break; + default: + break; + } + return 0; +} + +int ndefRecordDecodeAndPrint(uint8_t *ndefRecord, size_t ndefRecordLen) { NDEFHeader_t NDEFHeader = {0}; int res = ndefDecodeHeader(ndefRecord, ndefRecordLen, &NDEFHeader); if (res) @@ -94,24 +133,19 @@ int ndefRecordDecodeAndPrint(uint8_t *ndefRecord, size_t ndefRecordLen) { ndefPrintHeader(&NDEFHeader); - size_t indx = NDEFHeader.len; if (NDEFHeader.TypeLen) { PrintAndLogEx(INFO, "Type data:"); - dump_buffer(&ndefRecord[indx], NDEFHeader.TypeLen, stdout, 1); - - indx += NDEFHeader.TypeLen; + dump_buffer(NDEFHeader.Type, NDEFHeader.TypeLen, stdout, 1); } if (NDEFHeader.IDLen) { PrintAndLogEx(INFO, "ID data:"); - dump_buffer(&ndefRecord[indx], NDEFHeader.IDLen, stdout, 1); - - indx += NDEFHeader.IDLen; + dump_buffer(NDEFHeader.ID, NDEFHeader.IDLen, stdout, 1); } if (NDEFHeader.PayloadLen) { PrintAndLogEx(INFO, "Payload data:"); - dump_buffer(&ndefRecord[indx], NDEFHeader.PayloadLen, stdout, 1); - - indx += NDEFHeader.PayloadLen; + dump_buffer(NDEFHeader.Payload, NDEFHeader.PayloadLen, stdout, 1); + if (NDEFHeader.TypeLen) + ndefDecodePayload(&NDEFHeader); } return 0; diff --git a/client/mifare/ndef.h b/client/mifare/ndef.h index 25723158c..35a589602 100644 --- a/client/mifare/ndef.h +++ b/client/mifare/ndef.h @@ -37,6 +37,9 @@ typedef struct { size_t IDLen; size_t len; size_t RecLen; + uint8_t *Type; + uint8_t *Payload; + uint8_t *ID; } NDEFHeader_t; extern int NDEFDecodeAndPrint(uint8_t *ndef, size_t ndefLen, bool verbose); From a2be59db25ab065efb92c000a676168d7c96c167 Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Tue, 5 Mar 2019 17:50:51 +0200 Subject: [PATCH 12/16] URI decode --- client/mifare/ndef.c | 54 ++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 52 insertions(+), 2 deletions(-) diff --git a/client/mifare/ndef.c b/client/mifare/ndef.c index f6d7f5c15..cacc0c9c4 100644 --- a/client/mifare/ndef.c +++ b/client/mifare/ndef.c @@ -25,6 +25,45 @@ static const char *TypeNameFormat_s[] = { "n/a" }; +static const char *URI_s[] = { + "", // 0x00 + "http://www.", // 0x01 + "https://www.", // 0x02 + "http://", // 0x03 + "https://", // 0x04 + "tel:", // 0x05 + "mailto:", // 0x06 + "ftp://anonymous:anonymous@", // 0x07 + "ftp://ftp.", // 0x08 + "ftps://", // 0x09 + "sftp://", // 0x0A + "smb://", // 0x0B + "nfs://", // 0x0C + "ftp://", // 0x0D + "dav://", // 0x0E + "news:", // 0x0F + "telnet://", // 0x10 + "imap:", // 0x11 + "rtsp://", // 0x12 + "urn:", // 0x13 + "pop:", // 0x14 + "sip:", // 0x15 + "sips:", // 0x16 + "tftp:", // 0x17 + "btspp://", // 0x18 + "btl2cap://", // 0x19 + "btgoep://", // 0x1A + "tcpobex://", // 0x1B + "irdaobex://", // 0x1C + "file://", // 0x1D + "urn:epc:id:", // 0x1E + "urn:epc:tag:", // 0x1F + "urn:epc:pat:", // 0x20 + "urn:epc:raw:", // 0x21 + "urn:epc:", // 0x22 + "urn:nfc:" // 0x23 +}; + uint16_t ndefTLVGetLength(uint8_t *data, size_t *indx) { uint16_t len = 0; if (data[0] == 0xff) { @@ -94,6 +133,17 @@ int ndefPrintHeader(NDEFHeader_t *header) { return 0; } +int ndefDecodeSig(uint8_t *sig, size_t siglen) { + PrintAndLogEx(NORMAL, "\tsignature version: 0x%02x", sig[0]); + if (sig[0] != 0x01) { + PrintAndLogEx(ERR, "signature version unknown."); + return 1; + } + + + return 0; +}; + int ndefDecodePayload(NDEFHeader_t *ndef) { switch(ndef->TypeNameFormat) { @@ -106,11 +156,11 @@ int ndefDecodePayload(NDEFHeader_t *ndef) { } if (!strncmp((char *)ndef->Type, "U", ndef->TypeLen)) { - PrintAndLogEx(NORMAL, "\turi : %.*s", ndef->PayloadLen, ndef->Payload); + PrintAndLogEx(NORMAL, "\turi : %s%.*s", (ndef->Payload[0] <= 0x23 ? URI_s[ndef->Payload[0]] : "[err]"), ndef->PayloadLen, &ndef->Payload[1]); } if (!strncmp((char *)ndef->Type, "Sig", ndef->TypeLen)) { - printf("--sig\n"); + ndefDecodeSig(ndef->Payload, ndef->PayloadLen); } break; From 581fe408ba793af8f3b578b6939203681e6a6b0b Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Tue, 5 Mar 2019 18:14:30 +0200 Subject: [PATCH 13/16] ndef `sig` decoding --- client/mifare/ndef.c | 34 +++++++++++++++++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) diff --git a/client/mifare/ndef.c b/client/mifare/ndef.c index cacc0c9c4..96911f607 100644 --- a/client/mifare/ndef.c +++ b/client/mifare/ndef.c @@ -11,6 +11,7 @@ #include "ndef.h" #include "ui.h" #include "emv/dump.h" +#include "crypto/asn1utils.h" #define STRBOOL(p) ((p) ? "+" : "-") @@ -134,13 +135,44 @@ int ndefPrintHeader(NDEFHeader_t *header) { } int ndefDecodeSig(uint8_t *sig, size_t siglen) { + size_t indx = 0; PrintAndLogEx(NORMAL, "\tsignature version: 0x%02x", sig[0]); if (sig[0] != 0x01) { PrintAndLogEx(ERR, "signature version unknown."); return 1; } + indx++; - + while (indx < siglen) { + if (sig[indx] == 0x04) { + size_t intsiglen = (sig[indx + 1] << 8) + sig[indx + 2]; + indx += 3; + PrintAndLogEx(NORMAL, "\tsignature [%d]: %s", intsiglen, sprint_hex_inrow(&sig[indx], intsiglen)); + + uint8_t rval[300] = {0}; + uint8_t sval[300] = {0}; + int res = ecdsa_asn1_get_signature(&sig[indx], intsiglen, rval, sval); + if (!res) { + PrintAndLogEx(NORMAL ,"\t\tr: %s", sprint_hex(rval, 32)); + PrintAndLogEx(NORMAL ,"\t\ts: %s", sprint_hex(sval, 32)); + } + + indx += intsiglen; + continue; + } + + if (sig[indx] == 0x80) { + size_t intchainlen = (sig[indx + 1] << 8) + sig[indx + 2]; + indx += 3; + PrintAndLogEx(NORMAL, "\tchain [%d]: %.*s", intchainlen, intchainlen, &sig[indx]); + indx += intchainlen; + continue; + } + + size_t skiplen = (sig[indx + 1] << 8) + sig[indx + 2]; + indx += skiplen; + } + return 0; }; From 04a6a634270356d1f654f42763785a0f7d19d237 Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Tue, 5 Mar 2019 18:43:12 +0200 Subject: [PATCH 14/16] rename --- client/mifare/ndef.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/client/mifare/ndef.c b/client/mifare/ndef.c index 96911f607..dbb4a7bd2 100644 --- a/client/mifare/ndef.c +++ b/client/mifare/ndef.c @@ -162,10 +162,10 @@ int ndefDecodeSig(uint8_t *sig, size_t siglen) { } if (sig[indx] == 0x80) { - size_t intchainlen = (sig[indx + 1] << 8) + sig[indx + 2]; + size_t inturilen = (sig[indx + 1] << 8) + sig[indx + 2]; indx += 3; - PrintAndLogEx(NORMAL, "\tchain [%d]: %.*s", intchainlen, intchainlen, &sig[indx]); - indx += intchainlen; + PrintAndLogEx(NORMAL, "\tsignature uri [%d]: %.*s", inturilen, inturilen, &sig[indx]); + indx += inturilen; continue; } From 53e0d030985574e30189288ebf228aea9a052402 Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Tue, 5 Mar 2019 19:41:50 +0200 Subject: [PATCH 15/16] ndef cert right decode. https://github.com/skjolber/ndef-tools-for-android/blob/master/ndeftools/src/org/ndeftools/wellknown/SignatureRecord.java https://github.com/nfcpy/ndeflib/blob/master/src/ndef/signature.py --- client/mifare/ndef.c | 91 +++++++++++++++++++++++++++++++------------- client/mifare/ndef.h | 15 ++++++++ 2 files changed, 80 insertions(+), 26 deletions(-) diff --git a/client/mifare/ndef.c b/client/mifare/ndef.c index dbb4a7bd2..13a793725 100644 --- a/client/mifare/ndef.c +++ b/client/mifare/ndef.c @@ -26,6 +26,21 @@ static const char *TypeNameFormat_s[] = { "n/a" }; +static const char *ndefSigType_s[] = { + "Not present", // No signature present + "RSASSA_PSS_SHA_1", // PKCS_1 + "RSASSA_PKCS1_v1_5_WITH_SHA_1", // PKCS_1 + "DSA", + "ECDSA", + "n/a" +}; + +static const char *ndefCertificateFormat_s[] = { + "X_509", + "X9_68", + "n/a" +}; + static const char *URI_s[] = { "", // 0x00 "http://www.", // 0x01 @@ -143,36 +158,60 @@ int ndefDecodeSig(uint8_t *sig, size_t siglen) { } indx++; - while (indx < siglen) { - if (sig[indx] == 0x04) { - size_t intsiglen = (sig[indx + 1] << 8) + sig[indx + 2]; - indx += 3; - PrintAndLogEx(NORMAL, "\tsignature [%d]: %s", intsiglen, sprint_hex_inrow(&sig[indx], intsiglen)); - - uint8_t rval[300] = {0}; - uint8_t sval[300] = {0}; - int res = ecdsa_asn1_get_signature(&sig[indx], intsiglen, rval, sval); - if (!res) { - PrintAndLogEx(NORMAL ,"\t\tr: %s", sprint_hex(rval, 32)); - PrintAndLogEx(NORMAL ,"\t\ts: %s", sprint_hex(sval, 32)); - } - - indx += intsiglen; - continue; - } + uint8_t sigType = sig[indx] & 0x7f; + bool sigURI = sig[indx] & 0x80; - if (sig[indx] == 0x80) { - size_t inturilen = (sig[indx + 1] << 8) + sig[indx + 2]; - indx += 3; - PrintAndLogEx(NORMAL, "\tsignature uri [%d]: %.*s", inturilen, inturilen, &sig[indx]); - indx += inturilen; - continue; - } + PrintAndLogEx(NORMAL, "\tsignature type: %s", ((sigType < stNA) ? ndefSigType_s[sigType] : ndefSigType_s[stNA])); + PrintAndLogEx(NORMAL, "\tsignature uri: %s", (sigURI ? "present" : "not present")); + + size_t intsiglen = (sig[indx + 1] << 8) + sig[indx + 2]; + // ecdsa 0x04 + if (sigType == stECDSA) { + indx += 3; + PrintAndLogEx(NORMAL, "\tsignature [%d]: %s", intsiglen, sprint_hex_inrow(&sig[indx], intsiglen)); - size_t skiplen = (sig[indx + 1] << 8) + sig[indx + 2]; - indx += skiplen; + uint8_t rval[300] = {0}; + uint8_t sval[300] = {0}; + int res = ecdsa_asn1_get_signature(&sig[indx], intsiglen, rval, sval); + if (!res) { + PrintAndLogEx(NORMAL ,"\t\tr: %s", sprint_hex(rval, 32)); + PrintAndLogEx(NORMAL ,"\t\ts: %s", sprint_hex(sval, 32)); + } + } + indx += intsiglen; + + if (sigURI) { + size_t intsigurilen = (sig[indx] << 8) + sig[indx + 1]; + indx += 2; + PrintAndLogEx(NORMAL, "\tsignature uri [%d]: %.*s", intsigurilen, intsigurilen, &sig[indx]); + indx += intsigurilen; + } + + uint8_t certFormat = (sig[indx] >> 4) & 0x07; + uint8_t certCount = sig[indx] & 0x0f; + bool certURI = sig[indx] & 0x80; + + PrintAndLogEx(NORMAL, "\tcertificate format: %s", ((certFormat < sfNA) ? ndefCertificateFormat_s[certFormat] : ndefCertificateFormat_s[sfNA])); + PrintAndLogEx(NORMAL, "\tcertificates count: %d", certCount); + + // print certificates + indx++; + for (int i = 0; i < certCount; i++) { + size_t intcertlen = (sig[indx + 1] << 8) + sig[indx + 2]; + indx += 2; + + PrintAndLogEx(NORMAL, "\tcertificate %d [%d]: %s", i + 1, intcertlen, sprint_hex_inrow(&sig[indx], intcertlen)); + indx += intcertlen; } + // have certificate uri + if ((indx <= siglen) && certURI) { + size_t inturilen = (sig[indx] << 8) + sig[indx + 1]; + indx += 2; + PrintAndLogEx(NORMAL, "\tcertificate uri [%d]: %.*s", inturilen, inturilen, &sig[indx]); + indx += inturilen; + } + return 0; }; diff --git a/client/mifare/ndef.h b/client/mifare/ndef.h index 35a589602..ca16fecd3 100644 --- a/client/mifare/ndef.h +++ b/client/mifare/ndef.h @@ -25,6 +25,21 @@ typedef enum { tnfUnchangedRecord = 0x06 } TypeNameFormat_t; +typedef enum { + stNotPresent = 0x00, + stRSASSA_PSS_SHA_1 = 0x01, + stRSASSA_PKCS1_v1_5_WITH_SHA_1 = 0x02, + stDSA = 0x03, + stECDSA = 0x04, + stNA = 0x05 +} ndefSigType_t; + +typedef enum { + sfX_509 = 0x00, + sfX9_68 = 0x01, + sfNA = 0x02 +} ndefCertificateFormat_t; + typedef struct { bool MessageBegin; bool MessageEnd; From 2e8771d7a33a37aa56cfbf93cc70f15eb49b9777 Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Tue, 5 Mar 2019 19:57:08 +0200 Subject: [PATCH 16/16] added `hf mf ndef` --- client/cmdhfmf.c | 109 +++++++++++++++++++++++++++++++++++++++++++++- client/cmdhfmfp.c | 3 +- 2 files changed, 109 insertions(+), 3 deletions(-) diff --git a/client/cmdhfmf.c b/client/cmdhfmf.c index 8823ea2d9..fbd128bf4 100644 --- a/client/cmdhfmf.c +++ b/client/cmdhfmf.c @@ -11,6 +11,7 @@ #include "cmdhfmf.h" #include "mifare/mifare4.h" #include "mifare/mad.h" +#include "mifare/ndef.h" #define MFBLOCK_SIZE 16 @@ -3220,7 +3221,7 @@ int CmdHF14AMfMAD(const char *cmd) { CLIParserInit("hf mf mad", "Checks and prints Mifare Application Directory (MAD)", "Usage:\n\thf mf mad -> shows MAD if exists\n" - "\thf mf mad -a 03e1 -k d3f7d3f7d3f7 -> shows NDEF data if exists\n"); + "\thf mf mad -a 03e1 -k ffffffffffff -b -> shows NDEF data if exists. read card with custom key and key B\n"); void* argtable[] = { arg_param_begin, @@ -3305,6 +3306,110 @@ int CmdHF14AMfMAD(const char *cmd) { return 0; } +int CmdHFMFNDEF(const char *cmd) { + + CLIParserInit("hf mf ndef", + "Prints NFC Data Exchange Format (NDEF)", + "Usage:\n\thf mf ndef -> shows NDEF data\n" + "\thf mf ndef -a 03e1 -k ffffffffffff -b -> shows NDEF data with custom AID, key and with key B\n"); + + void* argtable[] = { + arg_param_begin, + arg_litn("vV", "verbose", 0, 2, "show technical data"), + arg_str0("aA", "aid", "replace default aid for NDEF", NULL), + arg_str0("kK", "key", "replace default key for NDEF", NULL), + arg_lit0("bB", "keyb", "use key B for access sectors (by default: key A)"), + arg_param_end + }; + CLIExecWithReturn(cmd, argtable, true); + + bool verbose = arg_get_lit(1); + bool verbose2 = arg_get_lit(1) > 1; + uint8_t aid[2] = {0}; + int aidlen; + CLIGetHexWithReturn(2, aid, &aidlen); + uint8_t key[6] = {0}; + int keylen; + CLIGetHexWithReturn(3, key, &keylen); + bool keyB = arg_get_lit(4); + + CLIParserFree(); + + uint16_t ndefAID = 0x03e1; + if (aidlen == 2) + ndefAID = (aid[0] << 8) + aid[1]; + + uint8_t ndefkey[6] = {0}; + memcpy(ndefkey, g_mifare_ndef_key, 6); + if (keylen == 6) { + memcpy(ndefkey, key, 6); + } + + uint8_t sector0[16 * 4] = {0}; + uint8_t sector10[16 * 4] = {0}; + uint8_t data[4096] = {0}; + int datalen = 0; + + PrintAndLogEx(NORMAL, ""); + + if (mfReadSector(MF_MAD1_SECTOR, MF_KEY_A, (uint8_t *)g_mifare_mad_key, sector0)) { + PrintAndLogEx(ERR, "read sector 0 error. card don't have MAD or don't have MAD on default keys."); + return 2; + } + + bool haveMAD2 = false; + int res = MADCheck(sector0, NULL, verbose, &haveMAD2); + if (res) { + PrintAndLogEx(ERR, "MAD error %d.", res); + return res; + } + + if (haveMAD2) { + if (mfReadSector(MF_MAD2_SECTOR, MF_KEY_A, (uint8_t *)g_mifare_mad_key, sector10)) { + PrintAndLogEx(ERR, "read sector 0x10 error. card don't have MAD or don't have MAD on default keys."); + return 2; + } + } + + uint16_t mad[7 + 8 + 8 + 8 + 8] = {0}; + size_t madlen = 0; + if (MADDecode(sector0, (haveMAD2 ? sector10 : NULL), mad, &madlen)) { + PrintAndLogEx(ERR, "can't decode mad."); + return 10; + } + + printf("data reading:"); + for (int i = 0; i < madlen; i++) { + if (ndefAID == mad[i]) { + uint8_t vsector[16 * 4] = {0}; + if (mfReadSector(i + 1, keyB ? MF_KEY_B : MF_KEY_A, ndefkey, vsector)) { + PrintAndLogEx(ERR, "read sector %d error.", i + 1); + return 2; + } + + memcpy(&data[datalen], vsector, 16 * 3); + datalen += 16 * 3; + + printf("."); + } + } + printf(" OK\n"); + + if (!datalen) { + PrintAndLogEx(ERR, "no NDEF data."); + return 11; + } + + if (verbose2) { + PrintAndLogEx(NORMAL, "NDEF data:"); + dump_buffer(data, datalen, stdout, 1); + } + + NDEFDecodeAndPrint(data, datalen, verbose); + + return 0; +} + int CmdHF14AMfList(const char *Cmd) { CmdTraceList("mf"); return 0; @@ -3349,7 +3454,7 @@ static command_t CommandTable[] = { {"csave", CmdHF14AMfCSave, 0, "Save dump from magic Chinese card into file or emulator"}, {"-----------", CmdHelp, 1, ""}, {"mad", CmdHF14AMfMAD, 0, "Checks and prints MAD"}, -// {"ndef", CmdHF14AMfHDEF, 0, "Checks and prints NDEF records from card"}, + {"ndef", CmdHFMFNDEF, 0, "Prints NDEF records from card"}, {"ice", CmdHF14AMfice, 0, "collect Mifare Classic nonces to file"}, {NULL, NULL, 0, NULL} diff --git a/client/cmdhfmfp.c b/client/cmdhfmfp.c index 20b6d0fce..348a4a9c9 100644 --- a/client/cmdhfmfp.c +++ b/client/cmdhfmfp.c @@ -838,6 +838,7 @@ int CmdHFMFPNDEF(const char *cmd) { return 0; } + static command_t CommandTable[] = { {"help", CmdHelp, 1, "This help"}, @@ -850,7 +851,7 @@ static command_t CommandTable[] = {"rdsc", CmdHFMFPRdsc, 0, "Read sectors"}, {"wrbl", CmdHFMFPWrbl, 0, "Write blocks"}, {"mad", CmdHFMFPMAD, 0, "Checks and prints MAD"}, - {"ndef", CmdHFMFPNDEF, 0, "Prints NDEF"}, + {"ndef", CmdHFMFPNDEF, 0, "Prints NDEF records from card"}, {NULL, NULL, 0, NULL} };