From a1db6836733ba5e2c317cb112e3ba290515bfbb2 Mon Sep 17 00:00:00 2001
From: Matt Moran <mattmoran2000@gmail.com>
Date: Wed, 29 Dec 2021 23:42:06 +1300
Subject: [PATCH] Add basic structure for `hf gallagher`

---
 client/CMakeLists.txt                  |   1 +
 client/Makefile                        |   1 +
 client/android/CMakeLists.txt          |   1 +
 client/experimental_lib/CMakeLists.txt |   1 +
 client/src/cmdhf.c                     |   2 +
 client/src/cmdhfgallagher.c            | 139 +++++++++++++++++++++++++
 client/src/cmdhfgallagher.h            |  20 ++++
 7 files changed, 165 insertions(+)
 create mode 100644 client/src/cmdhfgallagher.c
 create mode 100644 client/src/cmdhfgallagher.h

diff --git a/client/CMakeLists.txt b/client/CMakeLists.txt
index 471046545..574303188 100644
--- a/client/CMakeLists.txt
+++ b/client/CMakeLists.txt
@@ -255,6 +255,7 @@ set (TARGET_SOURCES
         ${PM3_ROOT}/client/src/cmdhfepa.c
         ${PM3_ROOT}/client/src/cmdhffelica.c
         ${PM3_ROOT}/client/src/cmdhffido.c
+        ${PM3_ROOT}/client/src/cmdhfgallagher.c
         ${PM3_ROOT}/client/src/cmdhfcipurse.c
         ${PM3_ROOT}/client/src/cmdhficlass.c
         ${PM3_ROOT}/client/src/cmdhfjooki.c
diff --git a/client/Makefile b/client/Makefile
index 8389e95df..2bbc72af6 100644
--- a/client/Makefile
+++ b/client/Makefile
@@ -506,6 +506,7 @@ SRCS =  mifare/aiddesfire.c \
 		cmdhfemrtd.c \
 		cmdhffelica.c \
 		cmdhffido.c \
+		cmdhfgallagher.c \
 		cmdhfksx6924.c \
 		cmdhfcipurse.c \
 		cmdhficlass.c \
diff --git a/client/android/CMakeLists.txt b/client/android/CMakeLists.txt
index 374979103..9bc0f59cd 100644
--- a/client/android/CMakeLists.txt
+++ b/client/android/CMakeLists.txt
@@ -120,6 +120,7 @@ add_library(pm3rrg_rdv4 SHARED
         ${PM3_ROOT}/client/src/cmdhfepa.c
         ${PM3_ROOT}/client/src/cmdhffelica.c
         ${PM3_ROOT}/client/src/cmdhffido.c
+        ${PM3_ROOT}/client/src/cmdhfgallagher.c
         ${PM3_ROOT}/client/src/cmdhfcipurse.c
         ${PM3_ROOT}/client/src/cmdhficlass.c
         ${PM3_ROOT}/client/src/cmdhfjooki.c
diff --git a/client/experimental_lib/CMakeLists.txt b/client/experimental_lib/CMakeLists.txt
index 8d3ed3adf..c4ab858f7 100644
--- a/client/experimental_lib/CMakeLists.txt
+++ b/client/experimental_lib/CMakeLists.txt
@@ -254,6 +254,7 @@ set (TARGET_SOURCES
         ${PM3_ROOT}/client/src/cmdhfepa.c
         ${PM3_ROOT}/client/src/cmdhffelica.c
         ${PM3_ROOT}/client/src/cmdhffido.c
+        ${PM3_ROOT}/client/src/cmdhfgallagher.c
         ${PM3_ROOT}/client/src/cmdhfcipurse.c
         ${PM3_ROOT}/client/src/cmdhficlass.c
         ${PM3_ROOT}/client/src/cmdhfjooki.c
diff --git a/client/src/cmdhf.c b/client/src/cmdhf.c
index 9b5841d71..ce87a5e62 100644
--- a/client/src/cmdhf.c
+++ b/client/src/cmdhf.c
@@ -33,6 +33,7 @@
 #include "cmdhftopaz.h"     // TOPAZ
 #include "cmdhffelica.h"    // ISO18092 / FeliCa
 #include "cmdhffido.h"      // FIDO authenticators
+#include "cmdhfgallagher.h" // Gallagher DESFire cards
 #include "cmdhfksx6924.h"   // KS X 6924
 #include "cmdhfcipurse.h"   // CIPURSE transport cards
 #include "cmdhfthinfilm.h"  // Thinfilm
@@ -414,6 +415,7 @@ static command_t CommandTable[] = {
     {"emrtd",       CmdHFeMRTD,       AlwaysAvailable, "{ Machine Readable Travel Document... }"},
     {"felica",      CmdHFFelica,      AlwaysAvailable, "{ ISO18092 / FeliCa RFIDs...          }"},
     {"fido",        CmdHFFido,        AlwaysAvailable, "{ FIDO and FIDO2 authenticators...    }"},
+    {"gallagher",   CmdHFGallagher,   AlwaysAvailable, "{ Gallagher DESFire RFIDs...          }"},
     {"ksx6924",     CmdHFKSX6924,     AlwaysAvailable, "{ KS X 6924 (T-Money, Snapper+) RFIDs }"},
     {"jooki",       CmdHF_Jooki,      AlwaysAvailable, "{ Jooki RFIDs...                      }"},
     {"iclass",      CmdHFiClass,      AlwaysAvailable, "{ ICLASS RFIDs...                     }"},
diff --git a/client/src/cmdhfgallagher.c b/client/src/cmdhfgallagher.c
new file mode 100644
index 000000000..90fff183c
--- /dev/null
+++ b/client/src/cmdhfgallagher.c
@@ -0,0 +1,139 @@
+/**
+ * Matt Moran (@DarkMatterMatt), 2021
+ * -----------------------------------------------------------------------------
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published by the
+ * Free Software Foundation, either version 3 of the License, or (at your
+ * option) any later version.
+ * -----------------------------------------------------------------------------
+ * High frequency GALLAGHER tag commands.
+ * MIFARE DESFire, AIDs 2081F4-2F81F4
+ */
+
+#include "cmdhfgallagher.h"
+#include "mifare/gallaghercore.h"
+#include <stdio.h>
+#include "common.h"
+#include "cmdparser.h"
+#include "cliparser.h"
+#include "ui.h"
+
+static int CmdHelp(const char *Cmd);
+
+static int CmdGallagherReader(const char *Cmd) {
+    CLIParserContext *ctx;
+    CLIParserInit(&ctx, "hf gallagher reader",
+                    "read a GALLAGHER tag",
+                    "hf gallagher reader -@   -> continuous reader mode"
+                );
+
+    void *argtable[] = {
+        arg_param_begin,
+        arg_lit0("@", NULL, "optional - continuous reader mode"),
+        arg_param_end
+    };
+    CLIExecWithReturn(ctx, Cmd, argtable, true);
+    bool cm = arg_get_lit(ctx, 1);
+    CLIParserFree(ctx);
+
+    if (cm) {
+        PrintAndLogEx(INFO, "Press " _GREEN_("<Enter>") " to exit");
+    }
+
+    do {
+        // read
+    } while (cm && !kbd_enter_pressed());
+    return PM3_SUCCESS;
+}
+
+static int CmdGallagherClone(const char *Cmd) {
+    CLIParserContext *ctx;
+    CLIParserInit(&ctx, "hf gallagher clone",
+                    "clone a GALLAGHER card to a blank DESFire card.",
+                    "hf gallagher clone --rc 1 --fc 22 --cn 3333 --il 4"
+                );
+
+    void *argtable[] = {
+        arg_param_begin,
+        arg_u64_1(NULL, "rc", "<decimal>", "Region code. 4 bits max"),
+        arg_u64_1(NULL, "fc", "<decimal>", "Facility code. 2 bytes max"),
+        arg_u64_1(NULL, "cn", "<decimal>", "Card number. 3 bytes max"),
+        arg_u64_1(NULL, "il", "<decimal>", "Issue level. 4 bits max"),
+        arg_param_end
+    };
+    CLIExecWithReturn(ctx, Cmd, argtable, false);
+
+    uint64_t region_code = arg_get_u64(ctx, 1); // uint16, will be validated later
+    uint64_t facility_code = arg_get_u64(ctx, 2); // uint32, will be validated later
+    uint64_t card_number = arg_get_u64(ctx, 3); // uint64
+    uint64_t issue_level = arg_get_u64(ctx, 4); // uint32, will be validated later
+    CLIParserFree(ctx);
+
+    if (!isValidGallagherCredentials(region_code, facility_code, card_number, issue_level)) {
+        return PM3_EINVARG;
+    }
+
+    // TODO: create data
+
+    PrintAndLogEx(INFO, "Preparing to clone Gallagher from specified data.");
+
+    // TODO: write data
+
+    PrintAndLogEx(SUCCESS, "Done");
+    PrintAndLogEx(HINT, "Hint: try " _YELLOW_("`hf gallagher reader`") " to verify");
+    return PM3_ENOTIMPL;
+}
+
+static int CmdGallagherSim(const char *Cmd) {
+    CLIParserContext *ctx;
+    CLIParserInit(&ctx, "hf gallagher sim",
+                  "Enables simulation of GALLAGHER card with specified card number.\n"
+                  "Simulation runs until the button is pressed or another USB command is issued.\n",
+                  "hf gallagher sim --rc 1 --fc 22 --cn 3333 --il 4"
+                );
+
+    void *argtable[] = {
+        arg_param_begin,
+        arg_u64_1(NULL, "rc", "<decimal>", "Region code. 4 bits max"),
+        arg_u64_1(NULL, "fc", "<decimal>", "Facility code. 2 bytes max"),
+        arg_u64_1(NULL, "cn", "<decimal>", "Card number. 3 bytes max"),
+        arg_u64_1(NULL, "il", "<decimal>", "Issue level. 4 bits max"),
+        arg_param_end
+    };
+    CLIExecWithReturn(ctx, Cmd, argtable, false);
+
+    uint64_t region_code = arg_get_u64(ctx, 1); // uint16, will be validated later
+    uint64_t facility_code = arg_get_u64(ctx, 2); // uint32, will be validated later
+    uint64_t card_number = arg_get_u64(ctx, 3); // uint64
+    uint64_t issue_level = arg_get_u64(ctx, 4); // uint32, will be validated later
+    CLIParserFree(ctx);
+
+    if (!isValidGallagherCredentials(region_code, facility_code, card_number, issue_level)) {
+        return PM3_EINVARG;
+    }
+
+    // TODO: create data
+
+    // TODO: simulate
+
+    return PM3_ENOTIMPL;
+}
+
+static command_t CommandTable[] = {
+    {"help",   CmdHelp,            AlwaysAvailable, "This help"},
+    {"reader", CmdGallagherReader, IfPm3Iso14443,   "attempt to read and extract tag data"},
+    {"clone",  CmdGallagherClone,  IfPm3Iso14443,   "clone GALLAGHER tag to a blank DESFire card"},
+    {"sim",    CmdGallagherSim,    IfPm3Iso14443,   "simulate GALLAGHER tag"},
+    {NULL, NULL, NULL, NULL}
+};
+
+static int CmdHelp(const char *Cmd) {
+    (void) Cmd; // Cmd is not used so far
+    CmdsHelp(CommandTable);
+    return PM3_SUCCESS;
+}
+
+int CmdHFGallagher(const char *Cmd) {
+    clearCommandBuffer();
+    return CmdsParse(CommandTable, Cmd);
+}
diff --git a/client/src/cmdhfgallagher.h b/client/src/cmdhfgallagher.h
new file mode 100644
index 000000000..26faa11b0
--- /dev/null
+++ b/client/src/cmdhfgallagher.h
@@ -0,0 +1,20 @@
+/**
+ * Matt Moran (@DarkMatterMatt), 2021
+ * -----------------------------------------------------------------------------
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published by the
+ * Free Software Foundation, either version 3 of the License, or (at your
+ * option) any later version.
+ * -----------------------------------------------------------------------------
+ * High frequency GALLAGHER tag commands.
+ * MIFARE DESFire, AIDs 2081F4-2F81F4
+ */
+#ifndef CMDHFGALLAGHER_H__
+#define CMDHFGALLAGHER_H__
+
+#include "common.h"
+
+int CmdHFGallagher(const char *Cmd);
+
+#endif
+