github/proxmark3
1
0
Fork 0
mirror of https://github.com/Proxmark/proxmark3.git synced 2025-08-20 21:33:19 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

added fido2 info

Browse source
This commit is contained in:
merlokk 2018-10-26 16:44:48 +03:00
commit 528c3c6fc2
1 changed files with 39 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

50
client/cmdhffido.c
View file

@ -70,6 +70,11 @@ int FIDOAuthentication(uint8_t *params, uint8_t paramslen, uint8_t controlb, uin
return FIDOExchange((sAPDU){0x00, 0x02, controlb, 0x00, paramslen, params}, Result, MaxResultLen, ResultLen, sw); return FIDOExchange((sAPDU){0x00, 0x02, controlb, 0x00, paramslen, params}, Result, MaxResultLen, ResultLen, sw);
} }
int FIDO2GetInfo(uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw) {
uint8_t data[] = {0x04};
return FIDOExchange((sAPDU){0x80, 0x10, 0x00, 0x00, sizeof(data), data}, Result, MaxResultLen, ResultLen, sw);
}
int CmdHFFidoInfo(const char *cmd) { int CmdHFFidoInfo(const char *cmd) {
if (cmd && strlen(cmd) > 0) if (cmd && strlen(cmd) > 0)
@ -85,10 +90,12 @@ int CmdHFFidoInfo(const char *cmd) {
uint8_t buf[APDU_RES_LEN] = {0}; uint8_t buf[APDU_RES_LEN] = {0};
size_t len = 0; size_t len = 0;
uint16_t sw = 0; uint16_t sw = 0;
int res = FIDOSelect(true, false, buf, sizeof(buf), &len, &sw); int res = FIDOSelect(true, true, buf, sizeof(buf), &len, &sw);
if (res) if (res) {
DropField();
return res; return res;
}
if (sw != 0x9000) { if (sw != 0x9000) {
if (sw) if (sw)
@ -96,19 +103,35 @@ int CmdHFFidoInfo(const char *cmd) {
else else
PrintAndLog("APDU exchange error. Card returns 0x0000."); PrintAndLog("APDU exchange error. Card returns 0x0000.");
DropField();
return 0; return 0;
} }
if (!strncmp((char *)buf, "U2F_V2", 7)) { if (!strncmp((char *)buf, "U2F_V2", 7)) {
PrintAndLog("FIDO authenricator detected."); if (!strncmp((char *)buf, "FIDO_2_0", 8)) {
PrintAndLog("WARNING: strange version:"); PrintAndLog("FIDO2 authenricator detected. Version: %.*s", len, buf);
dump_buffer((const unsigned char *)buf, len, NULL, 0); } else {
PrintAndLog("FIDO authenricator detected (not standard U2F).");
PrintAndLog("Non U2F authenticator version:");
dump_buffer((const unsigned char *)buf, len, NULL, 0);
}
} else {
PrintAndLog("FIDO U2F authenricator detected. Version: %.*s", len, buf);
}
res = FIDO2GetInfo(buf, sizeof(buf), &len, &sw);
DropField();
if (res) {
return res;
}
if (sw != 0x9000) {
PrintAndLog("FIDO2 version not exists (%04x - %s).", sw, GetAPDUCodeDescription(sw >> 8, sw & 0xff));
return 0; return 0;
} }
PrintAndLog("FIDO authenricator detected. Version: %.*s", len, buf); PrintAndLog("FIDO2 version: (%d)", len);
dump_buffer((const unsigned char *)buf, len, NULL, 0);
DropField();
return 0; return 0;
} }
@ -191,15 +214,18 @@ int CmdHFFidoRegister(const char *cmd) {
if (res) { if (res) {
PrintAndLog("Can't select authenticator. res=%x. Exit...", res); PrintAndLog("Can't select authenticator. res=%x. Exit...", res);
DropField();
return res; return res;
} }
if (sw != 0x9000) { if (sw != 0x9000) {
PrintAndLog("Can't select FIDO application. APDU response status: %04x - %s", sw, GetAPDUCodeDescription(sw >> 8, sw & 0xff)); PrintAndLog("Can't select FIDO application. APDU response status: %04x - %s", sw, GetAPDUCodeDescription(sw >> 8, sw & 0xff));
DropField();
return 2; return 2;
} }
res = FIDORegister(data, buf, sizeof(buf), &len, &sw); res = FIDORegister(data, buf, sizeof(buf), &len, &sw);
DropField();
if (res) { if (res) {
PrintAndLog("Can't execute register command. res=%x. Exit...", res); PrintAndLog("Can't execute register command. res=%x. Exit...", res);
return res; return res;
@ -247,14 +273,13 @@ int CmdHFFidoRegister(const char *cmd) {
// check ANSI X9.62 format ECDSA signature (on P-256) // check ANSI X9.62 format ECDSA signature (on P-256)
PrintAndLog("\nauth command: "); PrintAndLog("\nauth command: ");
printf("hf fido auth %s %s", paramsPlain?"-p":"", sprint_hex_inrow(&buf[67], keyHandleLen)); printf("hf fido auth %s%s", paramsPlain?"-p ":"", sprint_hex_inrow(&buf[67], keyHandleLen));
if(chlen || applen) if(chlen || applen)
printf(" %s", paramsPlain?(char *)cdata:sprint_hex_inrow(cdata, 32)); printf(" %s", paramsPlain?(char *)cdata:sprint_hex_inrow(cdata, 32));
if(applen) if(applen)
printf(" %s", paramsPlain?(char *)adata:sprint_hex_inrow(adata, 32)); printf(" %s", paramsPlain?(char *)adata:sprint_hex_inrow(adata, 32));
printf("\n"); printf("\n");
DropField();
return 0; return 0;
}; };
@ -360,15 +385,18 @@ int CmdHFFidoAuthenticate(const char *cmd) {
if (res) { if (res) {
PrintAndLog("Can't select authenticator. res=%x. Exit...", res); PrintAndLog("Can't select authenticator. res=%x. Exit...", res);
DropField();
return res; return res;
} }
if (sw != 0x9000) { if (sw != 0x9000) {
PrintAndLog("Can't select FIDO application. APDU response status: %04x - %s", sw, GetAPDUCodeDescription(sw >> 8, sw & 0xff)); PrintAndLog("Can't select FIDO application. APDU response status: %04x - %s", sw, GetAPDUCodeDescription(sw >> 8, sw & 0xff));
DropField();
return 2; return 2;
} }
res = FIDOAuthentication(data, datalen, controlByte, buf, sizeof(buf), &len, &sw); res = FIDOAuthentication(data, datalen, controlByte, buf, sizeof(buf), &len, &sw);
DropField();
if (res) { if (res) {
PrintAndLog("Can't execute authentication command. res=%x. Exit...", res); PrintAndLog("Can't execute authentication command. res=%x. Exit...", res);
return res; return res;
@ -385,8 +413,6 @@ int CmdHFFidoAuthenticate(const char *cmd) {
PrintAndLog("Counter: %d", cntr); PrintAndLog("Counter: %d", cntr);
PrintAndLog("Hash[%d]: %s", len - 5, sprint_hex(&buf[5], len - 5)); PrintAndLog("Hash[%d]: %s", len - 5, sprint_hex(&buf[5], len - 5));
DropField();
return 0; return 0;
}; };