github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-21 05:43:48 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Merge branch 'master' into allin

Browse source 
update 201111
This commit is contained in:
tharexde 2020-11-11 22:39:02 +01:00
commit e444c2e942
5 changed files with 51 additions and 57 deletions
Download patch file Download diff file Expand all files Collapse all files

26
client/src/cmdhf14a.c
View file

@ -1027,7 +1027,7 @@ static int CmdExchangeAPDU(bool chainingin, uint8_t *datain, int datainlen, bool
return 4; return 4;
} }
return 0; return PM3_SUCCESS;
} }
int ExchangeAPDU14a(uint8_t *datain, int datainlen, bool activateField, bool leaveSignalON, uint8_t *dataout, int maxdataoutlen, int *dataoutlen) { int ExchangeAPDU14a(uint8_t *datain, int datainlen, bool activateField, bool leaveSignalON, uint8_t *dataout, int maxdataoutlen, int *dataoutlen) {
@ -1146,7 +1146,7 @@ static int CmdHF14AAPDU(const char *Cmd) {
if (makeAPDU && headerlen != 4) { if (makeAPDU && headerlen != 4) {
PrintAndLogEx(ERR, "header length must be 4 bytes instead of %d", headerlen); PrintAndLogEx(ERR, "header length must be 4 bytes instead of %d", headerlen);
CLIParserFree(ctx); CLIParserFree(ctx);
return 1; return PM3_EINVARG;
} }
extendedAPDU = arg_get_lit(ctx, 6); extendedAPDU = arg_get_lit(ctx, 6);
le = arg_get_int_def(ctx, 7, 0); le = arg_get_int_def(ctx, 7, 0);
@ -1172,19 +1172,19 @@ static int CmdHF14AAPDU(const char *Cmd) {
if (APDUEncode(&apdu, data, &datalen)) { if (APDUEncode(&apdu, data, &datalen)) {
PrintAndLogEx(ERR, "can't make apdu with provided parameters."); PrintAndLogEx(ERR, "can't make apdu with provided parameters.");
CLIParserFree(ctx); CLIParserFree(ctx);
return 2; return PM3_EINVARG;
} }
} else { } else {
if (extendedAPDU) { if (extendedAPDU) {
PrintAndLogEx(ERR, "make mode not set but here `e` option."); PrintAndLogEx(ERR, "make mode not set but here `e` option.");
CLIParserFree(ctx); CLIParserFree(ctx);
return 3; return PM3_EINVARG;
} }
if (le > 0) { if (le > 0) {
PrintAndLogEx(ERR, "make mode not set but here `l` option."); PrintAndLogEx(ERR, "make mode not set but here `l` option.");
CLIParserFree(ctx); CLIParserFree(ctx);
return 3; return PM3_EINVARG;
} }
// len = data + PCB(1b) + CRC(2b) // len = data + PCB(1b) + CRC(2b)
@ -1192,7 +1192,12 @@ static int CmdHF14AAPDU(const char *Cmd) {
} }
CLIParserFree(ctx); CLIParserFree(ctx);
PrintAndLogEx(NORMAL, ">>>>[%s%s%s] %s", activateField ? "sel " : "", leaveSignalON ? "keep " : "", decodeTLV ? "TLV" : "", sprint_hex(data, datalen)); PrintAndLogEx(SUCCESS, "( " _YELLOW_("%s%s%s")" )",
activateField ? "select" : "",
leaveSignalON ? ", keep" : "",
decodeTLV ? ", TLV" : ""
);
PrintAndLogEx(SUCCESS, ">>> %s", sprint_hex_inrow(data, datalen));
if (decodeAPDU) { if (decodeAPDU) {
APDUStruct apdu; APDUStruct apdu;
@ -1208,16 +1213,15 @@ static int CmdHF14AAPDU(const char *Cmd) {
if (res) if (res)
return res; return res;
PrintAndLogEx(NORMAL, "<<<< %s", sprint_hex(data, datalen)); PrintAndLogEx(SUCCESS, "<<< %s | %s", sprint_hex_inrow(data, datalen), sprint_ascii(data, datalen));
PrintAndLogEx(SUCCESS, "<<< status: %02x %02x - %s", data[datalen - 2], data[datalen - 1], GetAPDUCodeDescription(data[datalen - 2], data[datalen - 1]));
PrintAndLogEx(SUCCESS, "APDU response: %02x %02x - %s", data[datalen - 2], data[datalen - 1], GetAPDUCodeDescription(data[datalen - 2], data[datalen - 1]));
// TLV decoder // TLV decoder
if (decodeTLV && datalen > 4) { if (decodeTLV && datalen > 4) {
TLVPrintFromBuffer(data, datalen - 2); TLVPrintFromBuffer(data, datalen - 2);
} }
return 0; return PM3_SUCCESS;
} }
static int CmdHF14ACmdRaw(const char *Cmd) { static int CmdHF14ACmdRaw(const char *Cmd) {
@ -2038,7 +2042,7 @@ int infoHF14A(bool verbose, bool do_nack_test, bool do_aid_search) {
break; break;
} }
} else { } else {
dump_buffer(&card.ats[pos], calen, NULL, 1); PrintAndLogEx(SUCCESS, " %s", sprint_hex_inrow(card.ats + pos, calen));
} }
} }

43
client/src/cmdhffido.c
View file

@ -292,7 +292,7 @@ static int cmd_hf_fido_register(const char *cmd) {
if (APDULogging) if (APDULogging)
PrintAndLogEx(INFO, "---------------------------------------------------------------"); PrintAndLogEx(INFO, "---------------------------------------------------------------");
PrintAndLogEx(NORMAL, "data len: %zu", len); PrintAndLogEx(INFO, "data len: %zu", len);
if (verbose2) { if (verbose2) {
PrintAndLogEx(INFO, "------------ " _CYAN_("data") " ----------------------"); PrintAndLogEx(INFO, "------------ " _CYAN_("data") " ----------------------");
@ -312,13 +312,14 @@ static int cmd_hf_fido_register(const char *cmd) {
int derp = 67 + keyHandleLen; int derp = 67 + keyHandleLen;
int derLen = (buf[derp + 2] << 8) + buf[derp + 3] + 4; int derLen = (buf[derp + 2] << 8) + buf[derp + 3] + 4;
if (verbose2) { if (verbose2) {
PrintAndLogEx(NORMAL, "DER certificate[%d]:\n------------------DER-------------------", derLen); PrintAndLogEx(INFO, "DER certificate[%d]:", derLen);
dump_buffer_simple((const unsigned char *)&buf[derp], derLen, NULL); PrintAndLogEx(INFO, "------------------DER-------------------");
PrintAndLogEx(NORMAL, "\n----------------DER---------------------"); PrintAndLogEx(INFO, "%s", sprint_hex(buf + derp, derLen));
PrintAndLogEx(INFO, "----------------DER---------------------");
} else { } else {
if (verbose) if (verbose)
PrintAndLogEx(NORMAL, "------------------DER-------------------"); PrintAndLogEx(INFO, "------------------DER-------------------");
PrintAndLogEx(NORMAL, "DER certificate[%d]: %s...", derLen, sprint_hex(&buf[derp], 20)); PrintAndLogEx(INFO, "DER certificate[%d]: %s...", derLen, sprint_hex(&buf[derp], 20));
} }
// check and print DER certificate // check and print DER certificate
@ -326,9 +327,9 @@ static int cmd_hf_fido_register(const char *cmd) {
// print DER certificate in TLV view // print DER certificate in TLV view
if (showDERTLV) { if (showDERTLV) {
PrintAndLogEx(NORMAL, "----------------DER TLV-----------------"); PrintAndLogEx(INFO, "----------------DER TLV-----------------");
asn1_print(&buf[derp], derLen, " "); asn1_print(&buf[derp], derLen, " ");
PrintAndLogEx(NORMAL, "----------------DER TLV-----------------"); PrintAndLogEx(INFO, "----------------DER TLV-----------------");
} }
FIDOCheckDERAndGetKey(&buf[derp], derLen, verbose, public_key, sizeof(public_key)); FIDOCheckDERAndGetKey(&buf[derp], derLen, verbose, public_key, sizeof(public_key));
@ -343,8 +344,8 @@ static int cmd_hf_fido_register(const char *cmd) {
res = ecdsa_asn1_get_signature(&buf[hashp], len - hashp, rval, sval); res = ecdsa_asn1_get_signature(&buf[hashp], len - hashp, rval, sval);
if (!res) { if (!res) {
if (verbose) { if (verbose) {
PrintAndLogEx(NORMAL, " r: %s", sprint_hex(rval, 32)); PrintAndLogEx(INFO, " r: %s", sprint_hex(rval, 32));
PrintAndLogEx(NORMAL, " s: %s", sprint_hex(sval, 32)); PrintAndLogEx(INFO, " s: %s", sprint_hex(sval, 32));
} }
uint8_t xbuf[4096] = {0}; uint8_t xbuf[4096] = {0};
@ -357,7 +358,7 @@ static int cmd_hf_fido_register(const char *cmd) {
&buf[1], 65, // user public key &buf[1], 65, // user public key
NULL, 0); NULL, 0);
(void)res; (void)res;
//PrintAndLogEx(NORMAL, "--xbuf(%d)[%d]: %s", res, xbuflen, sprint_hex(xbuf, xbuflen)); //PrintAndLogEx(INFO, "--xbuf(%d)[%d]: %s", res, xbuflen, sprint_hex(xbuf, xbuflen));
res = ecdsa_signature_verify(MBEDTLS_ECP_DP_SECP256R1, public_key, xbuf, xbuflen, &buf[hashp], len - hashp, true); res = ecdsa_signature_verify(MBEDTLS_ECP_DP_SECP256R1, public_key, xbuf, xbuflen, &buf[hashp], len - hashp, true);
if (res) { if (res) {
if (res == MBEDTLS_ERR_ECP_VERIFY_FAILED) { if (res == MBEDTLS_ERR_ECP_VERIFY_FAILED) {
@ -574,7 +575,7 @@ static int cmd_hf_fido_authenticate(const char *cmd) {
return PM3_ESOFT; return PM3_ESOFT;
} }
PrintAndLogEx(NORMAL, "---------------------------------------------------------------"); PrintAndLogEx(INFO, "---------------------------------------------------------------");
PrintAndLogEx(SUCCESS, "User presence: %s", (buf[0] ? "verified" : "not verified")); PrintAndLogEx(SUCCESS, "User presence: %s", (buf[0] ? "verified" : "not verified"));
uint32_t cntr = (uint32_t)bytes_to_num(&buf[1], 4); uint32_t cntr = (uint32_t)bytes_to_num(&buf[1], 4);
PrintAndLogEx(SUCCESS, "Counter: %d", cntr); PrintAndLogEx(SUCCESS, "Counter: %d", cntr);
@ -586,8 +587,8 @@ static int cmd_hf_fido_authenticate(const char *cmd) {
res = ecdsa_asn1_get_signature(&buf[5], len - 5, rval, sval); res = ecdsa_asn1_get_signature(&buf[5], len - 5, rval, sval);
if (!res) { if (!res) {
if (verbose) { if (verbose) {
PrintAndLogEx(NORMAL, " r: %s", sprint_hex(rval, 32)); PrintAndLogEx(INFO, " r: %s", sprint_hex(rval, 32));
PrintAndLogEx(NORMAL, " s: %s", sprint_hex(sval, 32)); PrintAndLogEx(INFO, " s: %s", sprint_hex(sval, 32));
} }
if (public_key_loaded) { if (public_key_loaded) {
uint8_t xbuf[4096] = {0}; uint8_t xbuf[4096] = {0};
@ -599,7 +600,7 @@ static int cmd_hf_fido_authenticate(const char *cmd) {
data, 32, // challenge parameter data, 32, // challenge parameter
NULL, 0); NULL, 0);
(void)res; (void)res;
//PrintAndLogEx(NORMAL, "--xbuf(%d)[%d]: %s", res, xbuflen, sprint_hex(xbuf, xbuflen)); //PrintAndLogEx(INFO, "--xbuf(%d)[%d]: %s", res, xbuflen, sprint_hex(xbuf, xbuflen));
res = ecdsa_signature_verify(MBEDTLS_ECP_DP_SECP256R1, public_key, xbuf, xbuflen, &buf[5], len - 5, true); res = ecdsa_signature_verify(MBEDTLS_ECP_DP_SECP256R1, public_key, xbuf, xbuflen, &buf[5], len - 5, true);
if (res) { if (res) {
if (res == MBEDTLS_ERR_ECP_VERIFY_FAILED) { if (res == MBEDTLS_ERR_ECP_VERIFY_FAILED) {
@ -718,7 +719,7 @@ static int cmd_hf_fido_2make_credential(const char *cmd) {
PrintAndLogEx(ERR, "ERROR: Can't found the json file."); PrintAndLogEx(ERR, "ERROR: Can't found the json file.");
return res; return res;
} }
PrintAndLogEx(NORMAL, "fname: %s\n", fname); PrintAndLogEx(INFO, "fname: %s\n", fname);
json_t *root = json_load_file(fname, 0, &error); json_t *root = json_load_file(fname, 0, &error);
if (!root) { if (!root) {
PrintAndLogEx(ERR, "ERROR: json error on line %d: %s", error.line, error.text); PrintAndLogEx(ERR, "ERROR: json error on line %d: %s", error.line, error.text);
@ -843,7 +844,7 @@ static int cmd_hf_fido_2get_assertion(const char *cmd) {
PrintAndLogEx(ERR, "ERROR: Can't found the json file."); PrintAndLogEx(ERR, "ERROR: Can't found the json file.");
return res; return res;
} }
PrintAndLogEx(NORMAL, "fname: %s\n", fname); PrintAndLogEx(INFO, "fname: %s\n", fname);
json_t *root = json_load_file(fname, 0, &error); json_t *root = json_load_file(fname, 0, &error);
if (!root) { if (!root) {
PrintAndLogEx(ERR, "ERROR: json error on line %d: %s", error.line, error.text); PrintAndLogEx(ERR, "ERROR: json error on line %d: %s", error.line, error.text);
@ -876,9 +877,9 @@ static int cmd_hf_fido_2get_assertion(const char *cmd) {
if (showCBOR) { if (showCBOR) {
PrintAndLogEx(SUCCESS, "CBOR get assertion request:"); PrintAndLogEx(SUCCESS, "CBOR get assertion request:");
PrintAndLogEx(NORMAL, "---------------- " _CYAN_("CBOR") " ------------------"); PrintAndLogEx(INFO, "---------------- " _CYAN_("CBOR") " ------------------");
TinyCborPrintFIDOPackage(fido2CmdGetAssertion, false, data, datalen); TinyCborPrintFIDOPackage(fido2CmdGetAssertion, false, data, datalen);
PrintAndLogEx(NORMAL, "---------------- " _CYAN_("CBOR") " ------------------"); PrintAndLogEx(INFO, "---------------- " _CYAN_("CBOR") " ------------------");
} }
res = FIDO2GetAssertion(data, datalen, buf, sizeof(buf), &len, &sw); res = FIDO2GetAssertion(data, datalen, buf, sizeof(buf), &len, &sw);
@ -901,9 +902,9 @@ static int cmd_hf_fido_2get_assertion(const char *cmd) {
PrintAndLogEx(SUCCESS, "GetAssertion result (%zu b) OK.", len); PrintAndLogEx(SUCCESS, "GetAssertion result (%zu b) OK.", len);
if (showCBOR) { if (showCBOR) {
PrintAndLogEx(SUCCESS, "CBOR get assertion response:"); PrintAndLogEx(SUCCESS, "CBOR get assertion response:");
PrintAndLogEx(NORMAL, "---------------- " _CYAN_("CBOR") " ------------------"); PrintAndLogEx(INFO, "---------------- " _CYAN_("CBOR") " ------------------");
TinyCborPrintFIDOPackage(fido2CmdGetAssertion, true, &buf[1], len - 1); TinyCborPrintFIDOPackage(fido2CmdGetAssertion, true, &buf[1], len - 1);
PrintAndLogEx(NORMAL, "---------------- " _CYAN_("CBOR") " ------------------"); PrintAndLogEx(INFO, "---------------- " _CYAN_("CBOR") " ------------------");
} }
// parse returned cbor // parse returned cbor

14
client/src/emv/dump.c
View file

@ -23,23 +23,13 @@
# define PRINT_INDENT(level) {for (int myi = 0; myi < (level); myi++) fprintf(f, " ");} # define PRINT_INDENT(level) {for (int myi = 0; myi < (level); myi++) fprintf(f, " ");}
#endif #endif
void dump_buffer_simple(const unsigned char *ptr, size_t len, FILE *f) {
int i;
if (!f)
f = stdout;
for (i = 0; i < len; i ++)
fprintf(f, "%s%02hhX", i ? " " : "", ptr[i]);
}
void dump_buffer(const unsigned char *ptr, size_t len, FILE *f, int level) { void dump_buffer(const unsigned char *ptr, size_t len, FILE *f, int level) {
int i, j; int j;
if (!f) if (!f)
f = stdout; f = stdout;
for (i = 0; i < len; i += 16) { for (int i = 0; i < len; i += 16) {
PRINT_INDENT(level); PRINT_INDENT(level);
fprintf(f, "\t%02x:", i); fprintf(f, "\t%02x:", i);
for (j = 0; j < 16; j++) { for (j = 0; j < 16; j++) {

2
client/src/emv/dump.h
View file

@ -20,8 +20,6 @@
#include <stdio.h> // FILE #include <stdio.h> // FILE
void dump_buffer_simple(const unsigned char *ptr, size_t len, FILE *f);
void dump_buffer(const unsigned char *ptr, size_t len, FILE *f, int level); void dump_buffer(const unsigned char *ptr, size_t len, FILE *f, int level);
void dump_buffer_tab(const unsigned char *ptr, size_t len, FILE *f, int tabs);
#endif #endif

23
client/src/fido/fidocore.c
View file

@ -274,7 +274,7 @@ int FIDOCheckDERAndGetKey(uint8_t *der, size_t derLen, bool verbose, uint8_t *pu
} }
if (verbose) if (verbose)
PrintAndLogEx(NORMAL, "------------------DER-------------------"); PrintAndLogEx(INFO, "------------------DER-------------------");
mbedtls_x509_crt_free(&cert); mbedtls_x509_crt_free(&cert);
mbedtls_x509_crt_free(&cacert); mbedtls_x509_crt_free(&cacert);
@ -366,8 +366,8 @@ static int FIDO2CheckSignature(json_t *root, uint8_t *publickey, uint8_t *sign,
int res = ecdsa_asn1_get_signature(sign, signLen, rval, sval); int res = ecdsa_asn1_get_signature(sign, signLen, rval, sval);
if (!res) { if (!res) {
if (verbose) { if (verbose) {
PrintAndLogEx(NORMAL, " r: %s", sprint_hex(rval, 32)); PrintAndLogEx(INFO, " r: %s", sprint_hex(rval, 32));
PrintAndLogEx(NORMAL, " s: %s", sprint_hex(sval, 32)); PrintAndLogEx(INFO, " s: %s", sprint_hex(sval, 32));
} }
uint8_t clientDataHash[32] = {0}; uint8_t clientDataHash[32] = {0};
@ -488,9 +488,9 @@ int FIDO2MakeCredentionalParseRes(json_t *root, uint8_t *data, size_t dataLen, b
if (showCBOR) { if (showCBOR) {
PrintAndLogEx(INFO, "COSE structure:"); PrintAndLogEx(INFO, "COSE structure:");
PrintAndLogEx(NORMAL, "---------------- CBOR ------------------"); PrintAndLogEx(INFO, "---------------- CBOR ------------------");
TinyCborPrintFIDOPackage(fido2COSEKey, true, &ubuf[55 + cridlen], cplen); TinyCborPrintFIDOPackage(fido2COSEKey, true, &ubuf[55 + cridlen], cplen);
PrintAndLogEx(NORMAL, "---------------- CBOR ------------------"); PrintAndLogEx(INFO, "---------------- CBOR ------------------");
} }
res = COSEGetECDSAKey(&ubuf[55 + cridlen], cplen, verbose, coseKey); res = COSEGetECDSAKey(&ubuf[55 + cridlen], cplen, verbose, coseKey);
@ -542,11 +542,12 @@ int FIDO2MakeCredentionalParseRes(json_t *root, uint8_t *data, size_t dataLen, b
res = CborGetArrayBinStringValue(&mapsmt, der, sizeof(der), &derLen); res = CborGetArrayBinStringValue(&mapsmt, der, sizeof(der), &derLen);
cbor_check(res); cbor_check(res);
if (verbose2) { if (verbose2) {
PrintAndLogEx(NORMAL, "DER certificate[%zu]:\n------------------DER-------------------", derLen); PrintAndLogEx(INFO, "DER certificate[%zu]:", derLen);
dump_buffer_simple((const unsigned char *)der, derLen, NULL); PrintAndLogEx(INFO, "------------------DER-------------------");
PrintAndLogEx(NORMAL, "\n----------------DER---------------------"); PrintAndLogEx(INFO, "%s", sprint_hex(der, derLen));
PrintAndLogEx(INFO, "----------------DER---------------------");
} else { } else {
PrintAndLogEx(NORMAL, "DER [%zu]: %s...", derLen, sprint_hex(der, MIN(derLen, 16))); PrintAndLogEx(INFO, "DER [%zu]: %s...", derLen, sprint_hex(der, MIN(derLen, 16)));
} }
JsonSaveBufAsHexCompact(root, "$.AppData.DER", der, derLen); JsonSaveBufAsHexCompact(root, "$.AppData.DER", der, derLen);
} }
@ -558,9 +559,9 @@ int FIDO2MakeCredentionalParseRes(json_t *root, uint8_t *data, size_t dataLen, b
// print DER certificate in TLV view // print DER certificate in TLV view
if (showDERTLV) { if (showDERTLV) {
PrintAndLogEx(NORMAL, "----------------DER TLV-----------------"); PrintAndLogEx(INFO, "----------------DER TLV-----------------");
asn1_print(der, derLen, " "); asn1_print(der, derLen, " ");
PrintAndLogEx(NORMAL, "----------------DER TLV-----------------"); PrintAndLogEx(INFO, "----------------DER TLV-----------------");
} }
FIDOCheckDERAndGetKey(der, derLen, verbose, public_key, sizeof(public_key)); FIDOCheckDERAndGetKey(der, derLen, verbose, public_key, sizeof(public_key));
JsonSaveBufAsHexCompact(root, "$.AppData.DERPublicKey", public_key, sizeof(public_key)); JsonSaveBufAsHexCompact(root, "$.AppData.DERPublicKey", public_key, sizeof(public_key));