github/proxmark3
1
0
Fork 0
mirror of https://github.com/Proxmark/proxmark3.git synced 2025-08-22 06:13:27 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactoring and add key recovering

Browse source
This commit is contained in:
merlokk 2018-10-08 19:37:13 +03:00
commit 6777b377c3
4 changed files with 102 additions and 62 deletions
Download patch file Download diff file Expand all files Collapse all files

100
client/emv/cmdemv.c
View file

@ -565,6 +565,39 @@ int CmdHFEMVInternalAuthenticate(const char *cmd) {
#define dreturn(n) {free(pdol_data_tlv);tlvdb_free(tlvSelect);tlvdb_free(tlvRoot);DropField();return n;} #define dreturn(n) {free(pdol_data_tlv);tlvdb_free(tlvSelect);tlvdb_free(tlvRoot);DropField();return n;}
void InitTransactionParameters(struct tlvdb *tlvRoot, bool paramLoadJSON, enum TransactionType TrType, bool GenACGPO) {
ParamLoadDefaults(tlvRoot);
if (paramLoadJSON) {
PrintAndLog("* * Transaction parameters loading from JSON...");
ParamLoadFromJson(tlvRoot);
}
//9F66:(Terminal Transaction Qualifiers (TTQ)) len:4
char *qVSDC = "\x26\x00\x00\x00";
if (GenACGPO) {
qVSDC = "\x26\x80\x00\x00";
}
switch(TrType) {
case TT_MSD:
TLV_ADD(0x9F66, "\x86\x00\x00\x00"); // MSD
break;
// not standard for contactless. just for test.
case TT_VSDC:
TLV_ADD(0x9F66, "\x46\x00\x00\x00"); // VSDC
break;
case TT_QVSDCMCHIP:
TLV_ADD(0x9F66, qVSDC); // qVSDC
break;
case TT_CDA:
TLV_ADD(0x9F66, qVSDC); // qVSDC (VISA CDA not enabled)
break;
default:
break;
}
}
int CmdHFEMVExec(const char *cmd) { int CmdHFEMVExec(const char *cmd) {
uint8_t buf[APDU_RES_LEN] = {0}; uint8_t buf[APDU_RES_LEN] = {0};
size_t len = 0; size_t len = 0;
@ -677,37 +710,7 @@ int CmdHFEMVExec(const char *cmd) {
PrintAndLog("* Selected."); PrintAndLog("* Selected.");
PrintAndLog("\n* Init transaction parameters."); PrintAndLog("\n* Init transaction parameters.");
InitTransactionParameters(tlvRoot, paramLoadJSON, TrType, GenACGPO);
ParamLoadDefaults(tlvRoot);
if (paramLoadJSON) {
PrintAndLog("* * Transaction parameters loading from JSON...");
ParamLoadFromJson(tlvRoot);
}
//9F66:(Terminal Transaction Qualifiers (TTQ)) len:4
char *qVSDC = "\x26\x00\x00\x00";
if (GenACGPO) {
qVSDC = "\x26\x80\x00\x00";
}
switch(TrType) {
case TT_MSD:
TLV_ADD(0x9F66, "\x86\x00\x00\x00"); // MSD
break;
// not standard for contactless. just for test.
case TT_VSDC:
TLV_ADD(0x9F66, "\x46\x00\x00\x00"); // VSDC
break;
case TT_QVSDCMCHIP:
TLV_ADD(0x9F66, qVSDC); // qVSDC
break;
case TT_CDA:
TLV_ADD(0x9F66, qVSDC); // qVSDC (VISA CDA not enabled)
break;
default:
break;
}
TLVPrintFromTLV(tlvRoot); // TODO delete!!! TLVPrintFromTLV(tlvRoot); // TODO delete!!!
PrintAndLog("\n* Calc PDOL."); PrintAndLog("\n* Calc PDOL.");
@ -1236,36 +1239,7 @@ int CmdHFEMVScan(const char *cmd) {
// create transaction parameters // create transaction parameters
PrintAndLog("-->Init transaction parameters."); PrintAndLog("-->Init transaction parameters.");
InitTransactionParameters(tlvRoot, paramLoadJSON, TrType, GenACGPO);
ParamLoadDefaults(tlvRoot);
if (paramLoadJSON) {
PrintAndLog("-->Transaction parameters loading from JSON...");
ParamLoadFromJson(tlvRoot);
}
//9F66:(Terminal Transaction Qualifiers (TTQ)) len:4
char *qVSDC = "\x26\x00\x00\x00";
if (GenACGPO) {
qVSDC = "\x26\x80\x00\x00";
}
switch(TrType) {
case TT_MSD:
TLV_ADD(0x9F66, "\x86\x00\x00\x00"); // MSD
break;
// not standard for contactless. just for test.
case TT_VSDC:
TLV_ADD(0x9F66, "\x46\x00\x00\x00"); // VSDC
break;
case TT_QVSDCMCHIP:
TLV_ADD(0x9F66, qVSDC); // qVSDC
break;
case TT_CDA:
TLV_ADD(0x9F66, qVSDC); // qVSDC (VISA CDA not enabled)
break;
default:
break;
}
PrintAndLog("-->Calc PDOL."); PrintAndLog("-->Calc PDOL.");
struct tlv *pdol_data_tlv = dol_process(tlvdb_get(tlvRoot, 0x9f38, NULL), tlvRoot, 0x83); struct tlv *pdol_data_tlv = dol_process(tlvdb_get(tlvRoot, 0x9f38, NULL), tlvRoot, 0x83);
@ -1369,6 +1343,10 @@ int CmdHFEMVScan(const char *cmd) {
break; break;
} }
// getting certificates
PrintAndLog("-->Recovering certificates.");
RecoveryCertificates(tlvRoot, root);
// DropField // DropField
DropField(); DropField();

57
client/emv/emvcore.c
View file

@ -9,6 +9,7 @@
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
#include "emvcore.h" #include "emvcore.h"
#include "emvjson.h"
// Got from here. Thanks) // Got from here. Thanks)
// https://eftlab.co.uk/index.php/site-map/knowledge-base/211-emv-aid-rid-pix // https://eftlab.co.uk/index.php/site-map/knowledge-base/211-emv-aid-rid-pix
@ -849,3 +850,59 @@ int trCDA(struct tlvdb *tlv, struct tlvdb *ac_tlv, struct tlv *pdol_data_tlv, st
emv_pk_free(icc_pk); emv_pk_free(icc_pk);
return 0; return 0;
} }
int RecoveryCertificates(struct tlvdb *tlvRoot, json_t *root) {
struct emv_pk *pk = get_ca_pk(tlvRoot);
if (!pk) {
PrintAndLog("ERROR: Key not found. Exit.");
return 1;
}
struct emv_pk *issuer_pk = emv_pki_recover_issuer_cert(pk, tlvRoot);
if (!issuer_pk) {
emv_pk_free(pk);
PrintAndLog("ERROR: Issuer certificate not found. Exit.");
return 2;
}
PrintAndLog("Issuer PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx",
issuer_pk->rid[0],
issuer_pk->rid[1],
issuer_pk->rid[2],
issuer_pk->rid[3],
issuer_pk->rid[4],
issuer_pk->index,
issuer_pk->serial[0],
issuer_pk->serial[1],
issuer_pk->serial[2]
);
char *issuer_pk_c = emv_pk_dump_pk(issuer_pk);
JsonSaveStr(root, "$.ApplicationData.IssuerPublicKeyDec", issuer_pk_c);
JsonSaveBufAsHex(root, "$.ApplicationData.IssuerPublicKeyModulus", issuer_pk->modulus, issuer_pk->mlen);
free(issuer_pk_c);
struct emv_pk *icc_pk = emv_pki_recover_icc_cert(issuer_pk, tlvRoot, NULL);
if (!icc_pk) {
emv_pk_free(pk);
emv_pk_free(issuer_pk);
PrintAndLog("ERROR: ICC setrificate not found. Exit.");
return 2;
}
printf("ICC PK recovered. RID %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx CSN %02hhx:%02hhx:%02hhx\n",
icc_pk->rid[0],
icc_pk->rid[1],
icc_pk->rid[2],
icc_pk->rid[3],
icc_pk->rid[4],
icc_pk->index,
icc_pk->serial[0],
icc_pk->serial[1],
icc_pk->serial[2]
);
char *icc_pk_c = emv_pk_dump_pk(icc_pk);
JsonSaveStr(root, "$.ApplicationData.ICCPublicKeyDec", icc_pk_c);
JsonSaveBufAsHex(root, "$.ApplicationData.ICCPublicKeyModulus", icc_pk->modulus, icc_pk->mlen);
free(issuer_pk_c);
}

3
client/emv/emvcore.h
View file

@ -16,6 +16,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <inttypes.h> #include <inttypes.h>
#include <string.h> #include <string.h>
#include <jansson.h>
#include "util.h" #include "util.h"
#include "common.h" #include "common.h"
#include "ui.h" #include "ui.h"
@ -90,6 +91,8 @@ extern int trSDA(struct tlvdb *tlv);
extern int trDDA(bool decodeTLV, struct tlvdb *tlv); extern int trDDA(bool decodeTLV, struct tlvdb *tlv);
extern int trCDA(struct tlvdb *tlv, struct tlvdb *ac_tlv, struct tlv *pdol_data_tlv, struct tlv *ac_data_tlv); extern int trCDA(struct tlvdb *tlv, struct tlvdb *ac_tlv, struct tlv *pdol_data_tlv, struct tlv *ac_data_tlv);
extern int RecoveryCertificates(struct tlvdb *tlvRoot, json_t *root);
#endif #endif

2
client/emv/emvjson.h
View file

@ -30,4 +30,6 @@ extern int JsonSaveTLVTreeElm(json_t *elm, char *path, struct tlvdb *tlvdbelm, b
extern int JsonSaveTLVTree(json_t *root, json_t *elm, char *path, struct tlvdb *tlvdbelm); extern int JsonSaveTLVTree(json_t *root, json_t *elm, char *path, struct tlvdb *tlvdbelm);
extern bool ParamLoadFromJson(struct tlvdb *tlv);
#endif #endif