From 74243fcb036240f53330c2450193f345cd36d26e Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Tue, 31 Mar 2020 18:09:41 +0300 Subject: [PATCH 1/3] signatures v1 and v2 --- client/mifare/ndef.c | 89 ++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 81 insertions(+), 8 deletions(-) diff --git a/client/mifare/ndef.c b/client/mifare/ndef.c index 5870fb1dd..dead65a8e 100644 --- a/client/mifare/ndef.c +++ b/client/mifare/ndef.c @@ -160,14 +160,8 @@ static int ndefPrintHeader(NDEFHeader_t *header) { return PM3_SUCCESS; } -static int ndefDecodeSig(uint8_t *sig, size_t siglen) { - size_t indx = 0; - PrintAndLogEx(NORMAL, "\tsignature version: 0x%02x", sig[0]); - if (sig[0] != 0x01 && sig[0] != 0x20) { - PrintAndLogEx(ERR, "signature version unknown."); - return PM3_ESOFT; - } - indx++; +static int ndefDecodeSig1(uint8_t *sig, size_t siglen) { + size_t indx = 1; uint8_t sigType = sig[indx] & 0x7f; bool sigURI = sig[indx] & 0x80; @@ -225,6 +219,85 @@ static int ndefDecodeSig(uint8_t *sig, size_t siglen) { return PM3_SUCCESS; }; +// https://github.com/nfcpy/ndeflib/blob/master/src/ndef/signature.py#L292 +static int ndefDecodeSig2(uint8_t *sig, size_t siglen) { + size_t indx = 1; + + uint8_t sigType = sig[indx] & 0x7f; + bool sigURI = sig[indx] & 0x80; + indx++; + + uint8_t hashType = sig[indx]; + indx++; + + PrintAndLogEx(NORMAL, "\tsignature type: %s", ((sigType < stNA) ? ndefSigType_s[sigType] : ndefSigType_s[stNA])); + PrintAndLogEx(NORMAL, "\tsignature uri: %s", (sigURI ? "present" : "not present")); + PrintAndLogEx(NORMAL, "\thash type: %s", ((hashType == 0x02) ? "SHA-256" : "unknown"); + + if (sigURI) { + size_t intsigurilen = (sig[indx] << 8) + sig[indx + 1]; + indx += 2; + PrintAndLogEx(NORMAL, "\tsignature uri [%zu]: %.*s", intsigurilen, (int)intsigurilen, &sig[indx]); + indx += intsigurilen; + } +return 0; + /* if (sigType == stECDSA_P192 || sigType == stECDSA_P256) { + indx += 3; + PrintAndLogEx(NORMAL, "\tsignature [%zu]: %s", intsiglen, sprint_hex_inrow(&sig[indx], intsiglen)); + + uint8_t rval[300] = {0}; + uint8_t sval[300] = {0}; + int res = ecdsa_asn1_get_signature(&sig[indx], intsiglen, rval, sval); + if (!res) { + PrintAndLogEx(NORMAL, "\t\tr: %s", sprint_hex(rval, 32)); + PrintAndLogEx(NORMAL, "\t\ts: %s", sprint_hex(sval, 32)); + } + } + indx += intsiglen;*/ + + uint8_t certFormat = (sig[indx] >> 4) & 0x07; + uint8_t certCount = sig[indx] & 0x0f; + bool certURI = sig[indx] & 0x80; + + PrintAndLogEx(NORMAL, "\tcertificate format: %s", ((certFormat < sfNA) ? ndefCertificateFormat_s[certFormat] : ndefCertificateFormat_s[sfNA])); + PrintAndLogEx(NORMAL, "\tcertificates count: %d", certCount); + + // print certificates + indx++; + for (int i = 0; i < certCount; i++) { + size_t intcertlen = (sig[indx + 1] << 8) + sig[indx + 2]; + indx += 2; + + PrintAndLogEx(NORMAL, "\tcertificate %d [%zu]: %s", i + 1, intcertlen, sprint_hex_inrow(&sig[indx], intcertlen)); + indx += intcertlen; + } + + // have certificate uri + if ((indx <= siglen) && certURI) { + size_t inturilen = (sig[indx] << 8) + sig[indx + 1]; + indx += 2; + PrintAndLogEx(NORMAL, "\tcertificate uri [%zu]: %.*s", inturilen, (int)inturilen, &sig[indx]); + } + + return PM3_SUCCESS; +}; + +static int ndefDecodeSig(uint8_t *sig, size_t siglen) { + PrintAndLogEx(NORMAL, "\tsignature version: 0x%02x", sig[0]); + if (sig[0] != 0x01 && sig[0] != 0x20) { + PrintAndLogEx(ERR, "signature version unknown."); + return PM3_ESOFT; + } + + if (sig[0] == 0x01) + return ndefDecodeSig1(sig, siglen); + + if (sig[0] == 0x20) + return ndefDecodeSig2(sig, siglen); + + return PM3_ESOFT; +} + static int ndefDecodePayload(NDEFHeader_t *ndef) { switch (ndef->TypeNameFormat) { From 38004f9db59cd1d88fed0e69f54956baf1008265 Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Tue, 31 Mar 2020 18:25:17 +0300 Subject: [PATCH 2/3] decode works --- client/mifare/ndef.c | 37 +++++++++++++++++++++---------------- 1 file changed, 21 insertions(+), 16 deletions(-) diff --git a/client/mifare/ndef.c b/client/mifare/ndef.c index dead65a8e..66b00a159 100644 --- a/client/mifare/ndef.c +++ b/client/mifare/ndef.c @@ -232,28 +232,33 @@ static int ndefDecodeSig2(uint8_t *sig, size_t siglen) { PrintAndLogEx(NORMAL, "\tsignature type: %s", ((sigType < stNA) ? ndefSigType_s[sigType] : ndefSigType_s[stNA])); PrintAndLogEx(NORMAL, "\tsignature uri: %s", (sigURI ? "present" : "not present")); - PrintAndLogEx(NORMAL, "\thash type: %s", ((hashType == 0x02) ? "SHA-256" : "unknown"); + PrintAndLogEx(NORMAL, "\thash type: %s", ((hashType == 0x02) ? "SHA-256" : "unknown")); + size_t intsiglen = (sig[indx] << 8) + sig[indx + 1]; + indx += 2; + if (sigURI) { - size_t intsigurilen = (sig[indx] << 8) + sig[indx + 1]; indx += 2; - PrintAndLogEx(NORMAL, "\tsignature uri [%zu]: %.*s", intsigurilen, (int)intsigurilen, &sig[indx]); - indx += intsigurilen; - } -return 0; - /* if (sigType == stECDSA_P192 || sigType == stECDSA_P256) { - indx += 3; + PrintAndLogEx(NORMAL, "\tsignature uri [%zu]: %.*s", intsiglen, (int)intsiglen, &sig[indx]); + indx += intsiglen; + } else { PrintAndLogEx(NORMAL, "\tsignature [%zu]: %s", intsiglen, sprint_hex_inrow(&sig[indx], intsiglen)); - - uint8_t rval[300] = {0}; - uint8_t sval[300] = {0}; - int res = ecdsa_asn1_get_signature(&sig[indx], intsiglen, rval, sval); - if (!res) { - PrintAndLogEx(NORMAL, "\t\tr: %s", sprint_hex(rval, 32)); - PrintAndLogEx(NORMAL, "\t\ts: %s", sprint_hex(sval, 32)); + if (sigType == stECDSA_P192 || sigType == stECDSA_P256) { + PrintAndLogEx(NORMAL, "\tsignature: ECDSA"); + uint8_t rval[300] = {0}; + uint8_t sval[300] = {0}; + int res = ecdsa_asn1_get_signature(&sig[indx], intsiglen, rval, sval); + if (!res) { + PrintAndLogEx(NORMAL, "\t\tr: %s", sprint_hex(rval, 32)); + PrintAndLogEx(NORMAL, "\t\ts: %s", sprint_hex(sval, 32)); + } else { + PrintAndLogEx(NORMAL, "\t\error signature decode"); + } + } else { + PrintAndLogEx(NORMAL, "\tsignature: unknown type"); } + indx += intsiglen; } - indx += intsiglen;*/ uint8_t certFormat = (sig[indx] >> 4) & 0x07; uint8_t certCount = sig[indx] & 0x0f; From 5b9c51fb7e3b7157a5cf15f10567952929296562 Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Tue, 31 Mar 2020 18:30:44 +0300 Subject: [PATCH 3/3] signature decode r and s works --- client/mifare/ndef.c | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/client/mifare/ndef.c b/client/mifare/ndef.c index 66b00a159..e2399b0fd 100644 --- a/client/mifare/ndef.c +++ b/client/mifare/ndef.c @@ -244,15 +244,12 @@ static int ndefDecodeSig2(uint8_t *sig, size_t siglen) { } else { PrintAndLogEx(NORMAL, "\tsignature [%zu]: %s", intsiglen, sprint_hex_inrow(&sig[indx], intsiglen)); if (sigType == stECDSA_P192 || sigType == stECDSA_P256) { - PrintAndLogEx(NORMAL, "\tsignature: ECDSA"); - uint8_t rval[300] = {0}; - uint8_t sval[300] = {0}; - int res = ecdsa_asn1_get_signature(&sig[indx], intsiglen, rval, sval); - if (!res) { - PrintAndLogEx(NORMAL, "\t\tr: %s", sprint_hex(rval, 32)); - PrintAndLogEx(NORMAL, "\t\ts: %s", sprint_hex(sval, 32)); - } else { - PrintAndLogEx(NORMAL, "\t\error signature decode"); + int slen = intsiglen / 2; + if (slen == 24 || slen == 32) { + PrintAndLogEx(NORMAL, "\tsignature: ECDSA-%d", slen * 8); + PrintAndLogEx(NORMAL, "\t\tr: %s", sprint_hex(&sig[indx], slen)); + indx += slen; + PrintAndLogEx(NORMAL, "\t\ts: %s", sprint_hex(&sig[indx], slen)); } } else { PrintAndLogEx(NORMAL, "\tsignature: unknown type");