liz/flipperzero-firmware
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[FL-2369] NFC refactoring (#1095)

Browse Source 
* nfc: clean up scenes
* nfc worker: remove field on from worker
* nfc worker: move full data exchange to furi hal
* nfc_device: check UID length
* nfc protocol: introduce mifare common API
* nfc: move common data to furi hal nfc
* nfc: rename emv_decoder -> emv
* nfc: move emv data structure to emv lib
* nfc: remove deactivate after detection
* nfc: rework furi hal nfc detect
* nfc: clean up CLI commands and type
* nfc: remove unused includes and function
* nfc: add TxRxType enum
* nfc: read mifare ultralight refactoring
* nfc: refactore mifare ultralight start
* rfal: fix custom data exchange
* nfc: refactor read bank card
* nfc: refactor read emv application
* nfc: refactor emv test emulation
* nfc: refactor uid emulation
* nfc: add limit to uid emulation logger
* fix source formatting
* furi_hal_nfc: fix data exchange full
* nfc: fix mifare ultralight type load

Co-authored-by: あく <alleteam@gmail.com>
This commit is contained in:
gornekich
2022-04-19 18:23:58 +03:00
committed by GitHub
parent e55d1572da
commit 956788c09b
58 changed files with 1349 additions and 1601 deletions
Download Patch File Download Diff File Expand all files Collapse all files

298
lib/nfc_protocols/emv_decoder.c → lib/nfc_protocols/emv.c
View File

@@ -1,4 +1,8 @@
#include "emv_decoder.h"
#include "emv.h"
#include <furi/common_defines.h>
#define TAG "Emv"
const PDOLValue pdol_term_info = {0x9F59, {0xC8, 0x80, 0x00}}; // Terminal transaction information
const PDOLValue pdol_term_type = {0x9F5A, {0x00}}; // Terminal transaction type
@@ -69,19 +73,6 @@ static bool emv_decode_search_tag_u16_r(uint16_t tag, uint8_t* buff, uint16_t* i
return false;
}
uint16_t emv_prepare_select_ppse(uint8_t* dest) {
const uint8_t emv_select_ppse[] = {
0x00, 0xA4, // SELECT ppse
0x04, 0x00, // P1:By name, P2: empty
0x0e, // Lc: Data length
0x32, 0x50, 0x41, 0x59, 0x2e, 0x53, 0x59, // Data string:
0x53, 0x2e, 0x44, 0x44, 0x46, 0x30, 0x31, // 2PAY.SYS.DDF01 (PPSE)
0x00 // Le
};
memcpy(dest, emv_select_ppse, sizeof(emv_select_ppse));
return sizeof(emv_select_ppse);
}
bool emv_decode_ppse_response(uint8_t* buff, uint16_t len, EmvApplication* app) {
uint16_t i = 0;
bool app_aid_found = false;
@@ -89,7 +80,7 @@ bool emv_decode_ppse_response(uint8_t* buff, uint16_t len, EmvApplication* app)
while(i < len) {
if(buff[i] == EMV_TAG_APP_TEMPLATE) {
uint8_t app_len = buff[++i];
for(uint16_t j = i; j < i + app_len; j++) {
for(uint16_t j = i; j < MIN(i + app_len, len - 1); j++) {
if(buff[j] == EMV_TAG_AID) {
app_aid_found = true;
app->aid_len = buff[j + 1];
@@ -105,7 +96,59 @@ bool emv_decode_ppse_response(uint8_t* buff, uint16_t len, EmvApplication* app)
return app_aid_found;
}
uint16_t emv_prepare_select_app(uint8_t* dest, EmvApplication* app) {
bool emv_select_ppse(FuriHalNfcTxRxContext* tx_rx, EmvApplication* app) {
bool app_aid_found = false;
const uint8_t emv_select_ppse_cmd[] = {
0x00, 0xA4, // SELECT ppse
0x04, 0x00, // P1:By name, P2: empty
0x0e, // Lc: Data length
0x32, 0x50, 0x41, 0x59, 0x2e, 0x53, 0x59, // Data string:
0x53, 0x2e, 0x44, 0x44, 0x46, 0x30, 0x31, // 2PAY.SYS.DDF01 (PPSE)
0x00 // Le
};
memcpy(tx_rx->tx_data, emv_select_ppse_cmd, sizeof(emv_select_ppse_cmd));
tx_rx->tx_bits = sizeof(emv_select_ppse_cmd) * 8;
tx_rx->tx_rx_type = FuriHalNfcTxRxTypeDefault;
FURI_LOG_D(TAG, "Send select PPSE");
if(furi_hal_nfc_tx_rx(tx_rx, 300)) {
if(emv_decode_ppse_response(tx_rx->rx_data, tx_rx->rx_bits / 8, app)) {
app_aid_found = true;
} else {
FURI_LOG_E(TAG, "Failed to parse application");
}
} else {
FURI_LOG_E(TAG, "Failed select PPSE");
}
return app_aid_found;
}
static bool emv_decode_select_app_response(uint8_t* buff, uint16_t len, EmvApplication* app) {
uint16_t i = 0;
bool decode_success = false;
while(i < len) {
if(buff[i] == EMV_TAG_CARD_NAME) {
uint8_t name_len = buff[i + 1];
emv_parse_TLV((uint8_t*)app->name, buff, &i);
app->name[name_len] = '\0';
app->name_found = true;
decode_success = true;
} else if(((buff[i] << 8) | buff[i + 1]) == EMV_TAG_PDOL) {
i++;
app->pdol.size = emv_parse_TLV(app->pdol.data, buff, &i);
decode_success = true;
}
i++;
}
return decode_success;
}
bool emv_select_app(FuriHalNfcTxRxContext* tx_rx, EmvApplication* app) {
bool select_app_success = false;
const uint8_t emv_select_header[] = {
0x00,
0xA4, // SELECT application
@@ -113,33 +156,29 @@ uint16_t emv_prepare_select_app(uint8_t* dest, EmvApplication* app) {
0x00 // P1:By name, P2:First or only occurence
};
uint16_t size = sizeof(emv_select_header);
// Copy header
memcpy(dest, emv_select_header, size);
memcpy(tx_rx->tx_data, emv_select_header, size);
// Copy AID
dest[size++] = app->aid_len;
memcpy(&dest[size], app->aid, app->aid_len);
tx_rx->tx_data[size++] = app->aid_len;
memcpy(&tx_rx->tx_data[size], app->aid, app->aid_len);
size += app->aid_len;
dest[size++] = 0;
return size;
}
tx_rx->tx_data[size++] = 0x00;
tx_rx->tx_bits = size * 8;
tx_rx->tx_rx_type = FuriHalNfcTxRxTypeDefault;
bool emv_decode_select_app_response(uint8_t* buff, uint16_t len, EmvApplication* app) {
uint16_t i = 0;
bool found_name = false;
while(i < len) {
if(buff[i] == EMV_TAG_CARD_NAME) {
uint8_t name_len = buff[i + 1];
emv_parse_TLV((uint8_t*)app->name, buff, &i);
app->name[name_len] = '\0';
found_name = true;
} else if(((buff[i] << 8) | buff[i + 1]) == EMV_TAG_PDOL) {
i++;
app->pdol.size = emv_parse_TLV(app->pdol.data, buff, &i);
FURI_LOG_D(TAG, "Start application");
if(furi_hal_nfc_tx_rx(tx_rx, 300)) {
if(emv_decode_select_app_response(tx_rx->rx_data, tx_rx->rx_bits / 8, app)) {
select_app_success = true;
} else {
FURI_LOG_E(TAG, "Failed to read PAN or PDOL");
}
i++;
} else {
FURI_LOG_E(TAG, "Failed to start application");
}
return found_name;
return select_app_success;
}
static uint16_t emv_prepare_pdol(APDU* dest, APDU* src) {
@@ -175,53 +214,56 @@ static uint16_t emv_prepare_pdol(APDU* dest, APDU* src) {
return dest->size;
}
uint16_t emv_prepare_get_proc_opt(uint8_t* dest, EmvApplication* app) {
// Get processing option header
const uint8_t emv_gpo_header[] = {0x80, 0xA8, 0x00, 0x00};
uint16_t size = sizeof(emv_gpo_header);
// Copy header
memcpy(dest, emv_gpo_header, size);
APDU pdol_data = {0, {0}};
// Prepare and copy pdol parameters
emv_prepare_pdol(&pdol_data, &app->pdol);
dest[size++] = 0x02 + pdol_data.size;
dest[size++] = 0x83;
dest[size++] = pdol_data.size;
memcpy(dest + size, pdol_data.data, pdol_data.size);
size += pdol_data.size;
dest[size++] = 0;
return size;
}
static bool emv_decode_get_proc_opt(uint8_t* buff, uint16_t len, EmvApplication* app) {
bool card_num_read = false;
bool emv_decode_get_proc_opt(uint8_t* buff, uint16_t len, EmvApplication* app) {
for(uint16_t i = 0; i < len; i++) {
if(buff[i] == EMV_TAG_CARD_NUM) {
app->card_number_len = 8;
memcpy(app->card_number, &buff[i + 2], app->card_number_len);
return true;
card_num_read = true;
} else if(buff[i] == EMV_TAG_AFL) {
app->afl.size = emv_parse_TLV(app->afl.data, buff, &i);
}
}
return false;
return card_num_read;
}
uint16_t emv_prepare_read_sfi_record(uint8_t* dest, uint8_t sfi, uint8_t record_num) {
const uint8_t sfi_param = (sfi << 3) | (1 << 2);
const uint8_t emv_sfi_header[] = {
0x00,
0xB2, // READ RECORD
record_num,
sfi_param, // P1:record_number and P2:SFI
0x00 // Le
};
uint16_t size = sizeof(emv_sfi_header);
memcpy(dest, emv_sfi_header, size);
return size;
static bool emv_get_processing_options(FuriHalNfcTxRxContext* tx_rx, EmvApplication* app) {
bool card_num_read = false;
const uint8_t emv_gpo_header[] = {0x80, 0xA8, 0x00, 0x00};
uint16_t size = sizeof(emv_gpo_header);
// Copy header
memcpy(tx_rx->tx_data, emv_gpo_header, size);
APDU pdol_data = {0, {0}};
// Prepare and copy pdol parameters
emv_prepare_pdol(&pdol_data, &app->pdol);
tx_rx->tx_data[size++] = 0x02 + pdol_data.size;
tx_rx->tx_data[size++] = 0x83;
tx_rx->tx_data[size++] = pdol_data.size;
memcpy(tx_rx->tx_data + size, pdol_data.data, pdol_data.size);
size += pdol_data.size;
tx_rx->tx_data[size++] = 0;
tx_rx->tx_bits = size * 8;
tx_rx->tx_rx_type = FuriHalNfcTxRxTypeDefault;
FURI_LOG_D(TAG, "Get proccessing options");
if(furi_hal_nfc_tx_rx(tx_rx, 300)) {
if(emv_decode_get_proc_opt(tx_rx->rx_data, tx_rx->rx_bits / 8, app)) {
card_num_read = true;
}
} else {
FURI_LOG_E(TAG, "Failed to get processing options");
}
return card_num_read;
}
bool emv_decode_read_sfi_record(uint8_t* buff, uint16_t len, EmvApplication* app) {
static bool emv_decode_read_sfi_record(uint8_t* buff, uint16_t len, EmvApplication* app) {
bool pan_parsed = false;
for(uint16_t i = 0; i < len; i++) {
if(buff[i] == EMV_TAG_PAN) {
if(buff[i + 1] == 8 || buff[i + 1] == 10) {
@@ -240,20 +282,118 @@ bool emv_decode_read_sfi_record(uint8_t* buff, uint16_t len, EmvApplication* app
i += 2;
}
}
return pan_parsed;
}
uint16_t emv_select_ppse_ans(uint8_t* buff) {
memcpy(buff, select_ppse_ans, sizeof(select_ppse_ans));
return sizeof(select_ppse_ans);
static bool emv_read_sfi_record(
FuriHalNfcTxRxContext* tx_rx,
EmvApplication* app,
uint8_t sfi,
uint8_t record_num) {
bool card_num_read = false;
uint8_t sfi_param = (sfi << 3) | (1 << 2);
uint8_t emv_sfi_header[] = {
0x00,
0xB2, // READ RECORD
record_num, // P1:record_number
sfi_param, // P2:SFI
0x00 // Le
};
memcpy(tx_rx->tx_data, emv_sfi_header, sizeof(emv_sfi_header));
tx_rx->tx_bits = sizeof(emv_sfi_header) * 8;
tx_rx->tx_rx_type = FuriHalNfcTxRxTypeDefault;
if(furi_hal_nfc_tx_rx(tx_rx, 300)) {
if(emv_decode_read_sfi_record(tx_rx->rx_data, tx_rx->rx_bits / 8, app)) {
card_num_read = true;
}
} else {
FURI_LOG_E(TAG, "Failed to read SFI record %d", record_num);
}
return card_num_read;
}
uint16_t emv_select_app_ans(uint8_t* buff) {
memcpy(buff, select_app_ans, sizeof(select_app_ans));
return sizeof(select_app_ans);
static bool emv_read_files(FuriHalNfcTxRxContext* tx_rx, EmvApplication* app) {
bool card_num_read = false;
if(app->afl.size == 0) {
return false;
}
FURI_LOG_D(TAG, "Search PAN in SFI");
// Iterate through all files
for(size_t i = 0; i < app->afl.size; i += 4) {
uint8_t sfi = app->afl.data[i] >> 3;
uint8_t record_start = app->afl.data[i + 1];
uint8_t record_end = app->afl.data[i + 2];
// Iterate through all records in file
for(uint8_t record = record_start; record <= record_end; ++record) {
card_num_read |= emv_read_sfi_record(tx_rx, app, sfi, record);
}
}
return card_num_read;
}
uint16_t emv_get_proc_opt_ans(uint8_t* buff) {
memcpy(buff, pdol_ans, sizeof(pdol_ans));
return sizeof(pdol_ans);
bool emv_search_application(FuriHalNfcTxRxContext* tx_rx, EmvApplication* emv_app) {
furi_assert(tx_rx);
furi_assert(emv_app);
memset(emv_app, 0, sizeof(EmvApplication));
return emv_select_ppse(tx_rx, emv_app);
}
bool emv_read_bank_card(FuriHalNfcTxRxContext* tx_rx, EmvApplication* emv_app) {
furi_assert(tx_rx);
furi_assert(emv_app);
bool card_num_read = false;
memset(emv_app, 0, sizeof(EmvApplication));
do {
if(!emv_select_ppse(tx_rx, emv_app)) break;
if(!emv_select_app(tx_rx, emv_app)) break;
if(emv_get_processing_options(tx_rx, emv_app)) {
card_num_read = true;
} else {
card_num_read = emv_read_files(tx_rx, emv_app);
}
} while(false);
return card_num_read;
}
bool emv_card_emulation(FuriHalNfcTxRxContext* tx_rx) {
furi_assert(tx_rx);
bool emulation_complete = false;
memset(tx_rx, 0, sizeof(FuriHalNfcTxRxContext));
do {
FURI_LOG_D(TAG, "Read select PPSE command");
if(!furi_hal_nfc_tx_rx(tx_rx, 300)) break;
memcpy(tx_rx->tx_data, select_ppse_ans, sizeof(select_ppse_ans));
tx_rx->tx_bits = sizeof(select_ppse_ans) * 8;
tx_rx->tx_rx_type = FuriHalNfcTxRxTypeDefault;
FURI_LOG_D(TAG, "Send select PPSE answer and read select App command");
if(!furi_hal_nfc_tx_rx(tx_rx, 300)) break;
memcpy(tx_rx->tx_data, select_app_ans, sizeof(select_app_ans));
tx_rx->tx_bits = sizeof(select_app_ans) * 8;
tx_rx->tx_rx_type = FuriHalNfcTxRxTypeDefault;
FURI_LOG_D(TAG, "Send select App answer and read get PDOL command");
if(!furi_hal_nfc_tx_rx(tx_rx, 300)) break;
memcpy(tx_rx->tx_data, pdol_ans, sizeof(pdol_ans));
tx_rx->tx_bits = sizeof(pdol_ans) * 8;
tx_rx->tx_rx_type = FuriHalNfcTxRxTypeDefault;
FURI_LOG_D(TAG, "Send get PDOL answer");
if(!furi_hal_nfc_tx_rx(tx_rx, 300)) break;
emulation_complete = true;
} while(false);
return emulation_complete;
}

87
lib/nfc_protocols/emv.h Executable file
View File

@@ -0,0 +1,87 @@
#pragma once
#include <furi_hal_nfc.h>
#define MAX_APDU_LEN 255
#define EMV_TAG_APP_TEMPLATE 0x61
#define EMV_TAG_AID 0x4F
#define EMV_TAG_PRIORITY 0x87
#define EMV_TAG_PDOL 0x9F38
#define EMV_TAG_CARD_NAME 0x50
#define EMV_TAG_FCI 0xBF0C
#define EMV_TAG_LOG_CTRL 0x9F4D
#define EMV_TAG_CARD_NUM 0x57
#define EMV_TAG_PAN 0x5A
#define EMV_TAG_AFL 0x94
#define EMV_TAG_EXP_DATE 0x5F24
#define EMV_TAG_COUNTRY_CODE 0x5F28
#define EMV_TAG_CURRENCY_CODE 0x9F42
#define EMV_TAG_CARDHOLDER_NAME 0x5F20
typedef struct {
char name[32];
uint8_t aid[16];
uint16_t aid_len;
uint8_t number[10];
uint8_t number_len;
uint8_t exp_mon;
uint8_t exp_year;
uint16_t country_code;
uint16_t currency_code;
} EmvData;
typedef struct {
uint16_t tag;
uint8_t data[];
} PDOLValue;
typedef struct {
uint8_t size;
uint8_t data[MAX_APDU_LEN];
} APDU;
typedef struct {
uint8_t priority;
uint8_t aid[16];
uint8_t aid_len;
char name[32];
bool name_found;
uint8_t card_number[10];
uint8_t card_number_len;
uint8_t exp_month;
uint8_t exp_year;
uint16_t country_code;
uint16_t currency_code;
APDU pdol;
APDU afl;
} EmvApplication;
/** Read bank card data
* @note Search EMV Application, start it, try to read AID, PAN, card name,
* expiration date, currency and country codes
*
* @param tx_rx FuriHalNfcTxRxContext instance
* @param emv_app EmvApplication instance
*
* @return true on success
*/
bool emv_read_bank_card(FuriHalNfcTxRxContext* tx_rx, EmvApplication* emv_app);
/** Search for EMV Application
*
* @param tx_rx FuriHalNfcTxRxContext instance
* @param emv_app EmvApplication instance
*
* @return true on success
*/
bool emv_search_application(FuriHalNfcTxRxContext* tx_rx, EmvApplication* emv_app);
/** Emulate bank card
* @note Answer to application selection and PDOL
*
* @param tx_rx FuriHalNfcTxRxContext instance
*
* @return true on success
*/
bool emv_card_emulation(FuriHalNfcTxRxContext* tx_rx);

67
lib/nfc_protocols/emv_decoder.h
View File

@@ -1,67 +0,0 @@
#pragma once
#include <stdint.h>
#include <stdbool.h>
#include <string.h>
#define MAX_APDU_LEN 255
#define EMV_TAG_APP_TEMPLATE 0x61
#define EMV_TAG_AID 0x4F
#define EMV_TAG_PRIORITY 0x87
#define EMV_TAG_PDOL 0x9F38
#define EMV_TAG_CARD_NAME 0x50
#define EMV_TAG_FCI 0xBF0C
#define EMV_TAG_LOG_CTRL 0x9F4D
#define EMV_TAG_CARD_NUM 0x57
#define EMV_TAG_PAN 0x5A
#define EMV_TAG_AFL 0x94
#define EMV_TAG_EXP_DATE 0x5F24
#define EMV_TAG_COUNTRY_CODE 0x5F28
#define EMV_TAG_CURRENCY_CODE 0x9F42
#define EMV_TAG_CARDHOLDER_NAME 0x5F20
typedef struct {
uint16_t tag;
uint8_t data[];
} PDOLValue;
extern const PDOLValue* const pdol_values[];
typedef struct {
uint8_t size;
uint8_t data[MAX_APDU_LEN];
} APDU;
typedef struct {
uint8_t priority;
uint8_t aid[16];
uint8_t aid_len;
char name[32];
uint8_t card_number[10];
uint8_t card_number_len;
uint8_t exp_month;
uint8_t exp_year;
uint16_t country_code;
uint16_t currency_code;
APDU pdol;
APDU afl;
} EmvApplication;
/* Terminal emulation */
uint16_t emv_prepare_select_ppse(uint8_t* dest);
bool emv_decode_ppse_response(uint8_t* buff, uint16_t len, EmvApplication* app);
uint16_t emv_prepare_select_app(uint8_t* dest, EmvApplication* app);
bool emv_decode_select_app_response(uint8_t* buff, uint16_t len, EmvApplication* app);
uint16_t emv_prepare_get_proc_opt(uint8_t* dest, EmvApplication* app);
bool emv_decode_get_proc_opt(uint8_t* buff, uint16_t len, EmvApplication* app);
uint16_t emv_prepare_read_sfi_record(uint8_t* dest, uint8_t sfi, uint8_t record_num);
bool emv_decode_read_sfi_record(uint8_t* buff, uint16_t len, EmvApplication* app);
/* Card emulation */
uint16_t emv_select_ppse_ans(uint8_t* buff);
uint16_t emv_select_app_ans(uint8_t* buff);
uint16_t emv_get_proc_opt_ans(uint8_t* buff);

18
lib/nfc_protocols/mifare_classic.c
View File

@@ -116,17 +116,15 @@ static bool mf_classic_auth(
tx_rx->tx_data[0] = MF_CLASSIC_AUTH_KEY_B_CMD;
}
tx_rx->tx_data[1] = block;
tx_rx->tx_rx_type = FURI_HAL_NFC_TX_DEFAULT_RX_NO_CRC;
tx_rx->tx_rx_type = FuriHalNfcTxRxTypeRxNoCrc;
tx_rx->tx_bits = 2 * 8;
if(!furi_hal_nfc_tx_rx(tx_rx)) break;
if(!furi_hal_nfc_tx_rx(tx_rx, 4)) break;
uint32_t nt = (uint32_t)nfc_util_bytes2num(tx_rx->rx_data, 4);
crypto1_init(crypto, key);
crypto1_word(crypto, nt ^ cuid, 0);
uint8_t nr[4] = {};
// uint8_t parity = 0;
nfc_util_num2bytes(prng_successor(DWT->CYCCNT, 32), 4, nr);
// uint8_t nr_ar[8] = {};
for(uint8_t i = 0; i < 4; i++) {
tx_rx->tx_data[i] = crypto1_byte(crypto, nr[i], 0) ^ nr[i];
tx_rx->tx_parity[0] |=
@@ -140,9 +138,9 @@ static bool mf_classic_auth(
(((crypto1_filter(crypto->odd) ^ nfc_util_odd_parity8(nt & 0xff)) & 0x01)
<< (7 - i));
}
tx_rx->tx_rx_type = FURI_HAL_NFC_TXRX_RAW;
tx_rx->tx_rx_type = FuriHalNfcTxRxTypeRaw;
tx_rx->tx_bits = 8 * 8;
if(!furi_hal_nfc_tx_rx(tx_rx)) break;
if(!furi_hal_nfc_tx_rx(tx_rx, 4)) break;
if(tx_rx->rx_bits == 32) {
crypto1_word(crypto, 0, 0);
auth_success = true;
@@ -178,7 +176,7 @@ bool mf_classic_auth_attempt(
}
if(need_halt) {
furi_hal_nfc_deactivate();
furi_hal_nfc_sleep();
furi_hal_nfc_activate_nfca(300, &auth_ctx->cuid);
}
@@ -220,9 +218,9 @@ bool mf_classic_read_block(
((crypto1_filter(crypto->odd) ^ nfc_util_odd_parity8(plain_cmd[i])) & 0x01) << (7 - i);
}
tx_rx->tx_bits = 4 * 9;
tx_rx->tx_rx_type = FURI_HAL_NFC_TXRX_RAW;
tx_rx->tx_rx_type = FuriHalNfcTxRxTypeRaw;
if(furi_hal_nfc_tx_rx(tx_rx)) {
if(furi_hal_nfc_tx_rx(tx_rx, 4)) {
if(tx_rx->rx_bits == 8 * 18) {
for(uint8_t i = 0; i < 18; i++) {
block->value[i] = crypto1_byte(crypto, 0, 0) ^ tx_rx->rx_data[i];
@@ -248,7 +246,7 @@ bool mf_classic_read_sector(
uint8_t first_block;
bool sector_read = false;
furi_hal_nfc_deactivate();
furi_hal_nfc_sleep();
do {
// Activate card
if(!furi_hal_nfc_activate_nfca(200, &cuid)) break;

17
lib/nfc_protocols/mifare_common.c Normal file
View File

@@ -0,0 +1,17 @@
#include "mifare_common.h"
MifareType mifare_common_get_type(uint8_t ATQA0, uint8_t ATQA1, uint8_t SAK) {
MifareType type = MifareTypeUnknown;
if((ATQA0 == 0x44) && (ATQA1 == 0x00) && (SAK == 0x00)) {
type = MifareTypeUltralight;
} else if(
((ATQA0 == 0x44 || ATQA0 == 0x04) && (SAK == 0x08)) ||
((ATQA0 == 0x42 || ATQA0 == 0x02) && (SAK == 0x18))) {
type = MifareTypeClassic;
} else if(ATQA0 == 0x44 && ATQA1 == 0x03 && SAK == 0x20) {
type = MifareTypeDesfire;
}
return type;
}

12
lib/nfc_protocols/mifare_common.h Normal file
View File

@@ -0,0 +1,12 @@
#pragma once
#include <stdint.h>
typedef enum {
MifareTypeUnknown,
MifareTypeUltralight,
MifareTypeClassic,
MifareTypeDesfire,
} MifareType;
MifareType mifare_common_get_type(uint8_t ATQA0, uint8_t ATQA1, uint8_t SAK);

459
lib/nfc_protocols/mifare_ultralight.c
View File

@@ -1,6 +1,7 @@
#include "mifare_ultralight.h"
#include <furi.h>
#include <furi_hal_nfc.h>
#define TAG "MfUltralight"
bool mf_ul_check_card_type(uint8_t ATQA0, uint8_t ATQA1, uint8_t SAK) {
if((ATQA0 == 0x44) && (ATQA1 == 0x00) && (SAK == 0x00)) {
@@ -9,187 +10,204 @@ bool mf_ul_check_card_type(uint8_t ATQA0, uint8_t ATQA1, uint8_t SAK) {
return false;
}
uint16_t mf_ul_prepare_get_version(uint8_t* dest) {
dest[0] = MF_UL_GET_VERSION_CMD;
return 1;
static void mf_ul_set_default_version(MfUltralightReader* reader, MfUltralightData* data) {
data->type = MfUltralightTypeUnknown;
reader->pages_to_read = 16;
reader->support_fast_read = false;
}
void mf_ul_parse_get_version_response(uint8_t* buff, MifareUlDevice* mf_ul_read) {
MfUltralightVersion* version = (MfUltralightVersion*)buff;
memcpy(&mf_ul_read->data.version, version, sizeof(MfUltralightVersion));
if(version->storage_size == 0x0B || version->storage_size == 0x00) {
mf_ul_read->data.type = MfUltralightTypeUL11;
mf_ul_read->pages_to_read = 20;
mf_ul_read->support_fast_read = true;
} else if(version->storage_size == 0x0E) {
mf_ul_read->data.type = MfUltralightTypeUL21;
mf_ul_read->pages_to_read = 41;
mf_ul_read->support_fast_read = true;
} else if(version->storage_size == 0x0F) {
mf_ul_read->data.type = MfUltralightTypeNTAG213;
mf_ul_read->pages_to_read = 45;
mf_ul_read->support_fast_read = false;
} else if(version->storage_size == 0x11) {
mf_ul_read->data.type = MfUltralightTypeNTAG215;
mf_ul_read->pages_to_read = 135;
mf_ul_read->support_fast_read = false;
} else if(version->storage_size == 0x13) {
mf_ul_read->data.type = MfUltralightTypeNTAG216;
mf_ul_read->pages_to_read = 231;
mf_ul_read->support_fast_read = false;
bool mf_ultralight_read_version(
FuriHalNfcTxRxContext* tx_rx,
MfUltralightReader* reader,
MfUltralightData* data) {
bool version_read = false;
do {
FURI_LOG_D(TAG, "Reading version");
tx_rx->tx_data[0] = MF_UL_GET_VERSION_CMD;
tx_rx->tx_bits = 8;
tx_rx->tx_rx_type = FuriHalNfcTxRxTypeDefault;
if(!furi_hal_nfc_tx_rx(tx_rx, 4)) {
FURI_LOG_D(TAG, "Failed reading version");
mf_ul_set_default_version(reader, data);
furi_hal_nfc_sleep();
furi_hal_nfc_activate_nfca(300, NULL);
break;
}
MfUltralightVersion* version = (MfUltralightVersion*)tx_rx->rx_data;
data->version = *version;
if(version->storage_size == 0x0B || version->storage_size == 0x00) {
data->type = MfUltralightTypeUL11;
reader->pages_to_read = 20;
reader->support_fast_read = true;
} else if(version->storage_size == 0x0E) {
data->type = MfUltralightTypeUL21;
reader->pages_to_read = 41;
reader->support_fast_read = true;
} else if(version->storage_size == 0x0F) {
data->type = MfUltralightTypeNTAG213;
reader->pages_to_read = 45;
reader->support_fast_read = false;
} else if(version->storage_size == 0x11) {
data->type = MfUltralightTypeNTAG215;
reader->pages_to_read = 135;
reader->support_fast_read = false;
} else if(version->storage_size == 0x13) {
data->type = MfUltralightTypeNTAG216;
reader->pages_to_read = 231;
reader->support_fast_read = false;
} else {
mf_ul_set_default_version(reader, data);
break;
}
version_read = true;
} while(false);
return version_read;
}
bool mf_ultralight_read_pages(
FuriHalNfcTxRxContext* tx_rx,
MfUltralightReader* reader,
MfUltralightData* data) {
uint8_t pages_read_cnt = 0;
for(size_t i = 0; i < reader->pages_to_read; i += 4) {
FURI_LOG_D(TAG, "Reading pages %d - %d", i, i + 3);
tx_rx->tx_data[0] = MF_UL_READ_CMD;
tx_rx->tx_data[1] = i;
tx_rx->tx_bits = 16;
tx_rx->tx_rx_type = FuriHalNfcTxRxTypeDefault;
if(!furi_hal_nfc_tx_rx(tx_rx, 4)) {
FURI_LOG_D(TAG, "Failed to read pages %d - %d", i, i + 3);
break;
}
if(i + 4 <= reader->pages_to_read) {
pages_read_cnt = 4;
} else {
pages_read_cnt = reader->pages_to_read - reader->pages_read;
}
reader->pages_read += pages_read_cnt;
data->data_size = reader->pages_read * 4;
memcpy(&data->data[i * 4], tx_rx->rx_data, pages_read_cnt * 4);
}
return reader->pages_read == reader->pages_to_read;
}
bool mf_ultralight_fast_read_pages(
FuriHalNfcTxRxContext* tx_rx,
MfUltralightReader* reader,
MfUltralightData* data) {
FURI_LOG_D(TAG, "Reading pages 0 - %d", reader->pages_to_read);
tx_rx->tx_data[0] = MF_UL_FAST_READ_CMD;
tx_rx->tx_data[1] = 0;
tx_rx->tx_data[2] = reader->pages_to_read - 1;
tx_rx->tx_bits = 24;
tx_rx->tx_rx_type = FuriHalNfcTxRxTypeDefault;
if(furi_hal_nfc_tx_rx(tx_rx, 20)) {
reader->pages_read = reader->pages_to_read;
data->data_size = reader->pages_read * 4;
memcpy(data->data, tx_rx->rx_data, data->data_size);
} else {
mf_ul_set_default_version(mf_ul_read);
}
}
void mf_ul_set_default_version(MifareUlDevice* mf_ul_read) {
mf_ul_read->data.type = MfUltralightTypeUnknown;
mf_ul_read->pages_to_read = 16;
mf_ul_read->support_fast_read = false;
}
uint16_t mf_ul_prepare_read(uint8_t* dest, uint8_t start_page) {
dest[0] = MF_UL_READ_CMD;
dest[1] = start_page;
return 2;
}
void mf_ul_parse_read_response(uint8_t* buff, uint16_t page_addr, MifareUlDevice* mf_ul_read) {
uint8_t pages_read = 4;
uint8_t page_read_count = mf_ul_read->pages_read + pages_read;
if(page_read_count > mf_ul_read->pages_to_read) {
pages_read -= page_read_count - mf_ul_read->pages_to_read;
}
mf_ul_read->pages_read += pages_read;
mf_ul_read->data.data_size = mf_ul_read->pages_read * 4;
memcpy(&mf_ul_read->data.data[page_addr * 4], buff, pages_read * 4);
}
uint16_t mf_ul_prepare_fast_read(uint8_t* dest, uint8_t start_page, uint8_t end_page) {
dest[0] = MF_UL_FAST_READ_CMD;
dest[1] = start_page;
dest[2] = end_page;
return 3;
}
void mf_ul_parse_fast_read_response(
uint8_t* buff,
uint8_t start_page,
uint8_t end_page,
MifareUlDevice* mf_ul_read) {
mf_ul_read->pages_read = end_page - start_page + 1;
mf_ul_read->data.data_size = mf_ul_read->pages_read * 4;
memcpy(mf_ul_read->data.data, buff, mf_ul_read->data.data_size);
}
uint16_t mf_ul_prepare_read_signature(uint8_t* dest) {
dest[0] = MF_UL_READ_SIG;
dest[1] = 0;
return 2;
}
void mf_ul_parse_read_signature_response(uint8_t* buff, MifareUlDevice* mf_ul_read) {
memcpy(mf_ul_read->data.signature, buff, sizeof(mf_ul_read->data.signature));
}
uint16_t mf_ul_prepare_read_cnt(uint8_t* dest, uint8_t cnt_index) {
if(cnt_index > 2) {
return 0;
}
dest[0] = MF_UL_READ_CNT;
dest[1] = cnt_index;
return 2;
}
void mf_ul_parse_read_cnt_response(uint8_t* buff, uint8_t cnt_index, MifareUlDevice* mf_ul_read) {
// Reverse LSB sequence
if(cnt_index < 3) {
mf_ul_read->data.counter[cnt_index] = (buff[2] << 16) | (buff[1] << 8) | (buff[0]);
}
}
uint16_t mf_ul_prepare_inc_cnt(uint8_t* dest, uint8_t cnt_index, uint32_t value) {
if(cnt_index > 2) {
return 0;
}
dest[0] = MF_UL_INC_CNT;
dest[1] = cnt_index;
dest[2] = (uint8_t)value;
dest[3] = (uint8_t)(value >> 8);
dest[4] = (uint8_t)(value >> 16);
dest[5] = 0;
return 6;
}
uint16_t mf_ul_prepare_check_tearing(uint8_t* dest, uint8_t cnt_index) {
if(cnt_index > 2) {
return 0;
}
dest[0] = MF_UL_CHECK_TEARING;
dest[1] = cnt_index;
return 2;
}
void mf_ul_parse_check_tearing_response(
uint8_t* buff,
uint8_t cnt_index,
MifareUlDevice* mf_ul_read) {
if(cnt_index < 2) {
mf_ul_read->data.tearing[cnt_index] = buff[0];
}
}
uint16_t mf_ul_prepare_write(uint8_t* dest, uint16_t page_addr, uint32_t data) {
if(page_addr < 2) {
return 0;
}
dest[0] = MF_UL_WRITE;
dest[1] = page_addr;
dest[2] = (uint8_t)(data >> 24);
dest[3] = (uint8_t)(data >> 16);
dest[4] = (uint8_t)(data >> 8);
dest[5] = (uint8_t)data;
return 6;
}
void mf_ul_prepare_emulation(MifareUlDevice* mf_ul_emulate, MifareUlData* data) {
mf_ul_emulate->data = *data;
mf_ul_emulate->auth_data = NULL;
mf_ul_emulate->data_changed = false;
mf_ul_emulate->comp_write_cmd_started = false;
if(data->version.storage_size == 0) {
mf_ul_emulate->data.type = MfUltralightTypeUnknown;
mf_ul_emulate->support_fast_read = false;
} else if(data->version.storage_size == 0x0B) {
mf_ul_emulate->data.type = MfUltralightTypeUL11;
mf_ul_emulate->support_fast_read = true;
} else if(data->version.storage_size == 0x0E) {
mf_ul_emulate->data.type = MfUltralightTypeUL21;
mf_ul_emulate->support_fast_read = true;
} else if(data->version.storage_size == 0x0F) {
mf_ul_emulate->data.type = MfUltralightTypeNTAG213;
mf_ul_emulate->support_fast_read = true;
} else if(data->version.storage_size == 0x11) {
mf_ul_emulate->data.type = MfUltralightTypeNTAG215;
mf_ul_emulate->support_fast_read = true;
} else if(data->version.storage_size == 0x13) {
mf_ul_emulate->data.type = MfUltralightTypeNTAG216;
mf_ul_emulate->support_fast_read = true;
FURI_LOG_D(TAG, "Failed to read pages 0 - %d", reader->pages_to_read);
}
if(mf_ul_emulate->data.type >= MfUltralightTypeNTAG213) {
uint16_t pwd_page = (data->data_size / 4) - 2;
mf_ul_emulate->auth_data = (MifareUlAuthData*)&data->data[pwd_page * 4];
}
return reader->pages_read == reader->pages_to_read;
}
void mf_ul_protect_auth_data_on_read_command(
bool mf_ultralight_read_signature(FuriHalNfcTxRxContext* tx_rx, MfUltralightData* data) {
bool signature_read = false;
FURI_LOG_D(TAG, "Reading signature");
tx_rx->tx_data[0] = MF_UL_READ_SIG;
tx_rx->tx_data[1] = 0;
tx_rx->tx_bits = 16;
tx_rx->tx_rx_type = FuriHalNfcTxRxTypeDefault;
if(furi_hal_nfc_tx_rx(tx_rx, 7)) {
memcpy(data->signature, tx_rx->rx_data, sizeof(data->signature));
signature_read = true;
} else {
FURI_LOG_D(TAG, "Failed redaing signature");
}
return signature_read;
}
bool mf_ultralight_read_counters(FuriHalNfcTxRxContext* tx_rx, MfUltralightData* data) {
uint8_t counter_read = 0;
FURI_LOG_D(TAG, "Reading counters");
for(size_t i = 0; i < 3; i++) {
tx_rx->tx_data[0] = MF_UL_READ_CNT;
tx_rx->rx_data[1] = i;
tx_rx->tx_bits = 16;
tx_rx->tx_rx_type = FuriHalNfcTxRxTypeDefault;
if(!furi_hal_nfc_tx_rx(tx_rx, 4)) {
FURI_LOG_D(TAG, "Failed to read %d counter", i);
break;
}
data->counter[i] = (tx_rx->rx_data[2] << 16) | (tx_rx->rx_data[1] << 8) |
tx_rx->rx_data[0];
counter_read++;
}
return counter_read == 2;
}
bool mf_ultralight_read_tearing_flags(FuriHalNfcTxRxContext* tx_rx, MfUltralightData* data) {
uint8_t flag_read = 0;
FURI_LOG_D(TAG, "Reading tearing flags");
for(size_t i = 0; i < 3; i++) {
tx_rx->tx_data[0] = MF_UL_CHECK_TEARING;
tx_rx->rx_data[1] = i;
tx_rx->tx_bits = 16;
tx_rx->tx_rx_type = FuriHalNfcTxRxTypeDefault;
if(!furi_hal_nfc_tx_rx(tx_rx, 4)) {
FURI_LOG_D(TAG, "Failed to read %d tearing flag", i);
break;
}
data->tearing[i] = tx_rx->rx_data[0];
flag_read++;
}
return flag_read == 2;
}
bool mf_ul_read_card(
FuriHalNfcTxRxContext* tx_rx,
MfUltralightReader* reader,
MfUltralightData* data) {
furi_assert(tx_rx);
furi_assert(reader);
furi_assert(data);
bool card_read = false;
// Read Mifare Ultralight version
if(mf_ultralight_read_version(tx_rx, reader, data)) {
// Read Signature
mf_ultralight_read_signature(tx_rx, data);
}
// Read data blocks
if(reader->support_fast_read) {
mf_ultralight_read_counters(tx_rx, data);
mf_ultralight_read_tearing_flags(tx_rx, data);
}
card_read = mf_ultralight_read_pages(tx_rx, reader, data);
return card_read;
}
// TODO rework
static void mf_ul_protect_auth_data_on_read_command(
uint8_t* tx_buff,
uint8_t start_page,
uint8_t end_page,
MifareUlDevice* mf_ul_emulate) {
if(mf_ul_emulate->data.type >= MfUltralightTypeNTAG213) {
uint8_t pwd_page = (mf_ul_emulate->data.data_size / 4) - 2;
MfUltralightEmulator* emulator) {
if(emulator->data.type >= MfUltralightTypeNTAG213) {
uint8_t pwd_page = (emulator->data.data_size / 4) - 2;
uint8_t pack_page = pwd_page + 1;
if((start_page <= pwd_page) && (end_page >= pwd_page)) {
memset(&tx_buff[(pwd_page - start_page) * 4], 0, 4);
@@ -200,6 +218,31 @@ void mf_ul_protect_auth_data_on_read_command(
}
}
void mf_ul_prepare_emulation(MfUltralightEmulator* emulator, MfUltralightData* data) {
emulator->data = *data;
emulator->auth_data = NULL;
emulator->data_changed = false;
emulator->comp_write_cmd_started = false;
if(data->type == MfUltralightTypeUnknown) {
emulator->support_fast_read = false;
} else if(data->type == MfUltralightTypeUL11) {
emulator->support_fast_read = true;
} else if(data->type == MfUltralightTypeUL21) {
emulator->support_fast_read = true;
} else if(data->type == MfUltralightTypeNTAG213) {
emulator->support_fast_read = false;
} else if(data->type == MfUltralightTypeNTAG215) {
emulator->support_fast_read = false;
} else if(data->type == MfUltralightTypeNTAG216) {
emulator->support_fast_read = false;
}
if(data->type >= MfUltralightTypeNTAG213) {
uint16_t pwd_page = (data->data_size / 4) - 2;
emulator->auth_data = (MfUltralightAuth*)&data->data[pwd_page * 4];
}
}
bool mf_ul_prepare_emulation_response(
uint8_t* buff_rx,
uint16_t buff_rx_len,
@@ -208,30 +251,30 @@ bool mf_ul_prepare_emulation_response(
uint32_t* data_type,
void* context) {
furi_assert(context);
MifareUlDevice* mf_ul_emulate = context;
MfUltralightEmulator* emulator = context;
uint8_t cmd = buff_rx[0];
uint16_t page_num = mf_ul_emulate->data.data_size / 4;
uint16_t page_num = emulator->data.data_size / 4;
uint16_t tx_bytes = 0;
uint16_t tx_bits = 0;
bool command_parsed = false;
// Check composite commands
if(mf_ul_emulate->comp_write_cmd_started) {
if(emulator->comp_write_cmd_started) {
// Compatibility write is the only one composit command
if(buff_rx_len == 16) {
memcpy(&mf_ul_emulate->data.data[mf_ul_emulate->comp_write_page_addr * 4], buff_rx, 4);
mf_ul_emulate->data_changed = true;
memcpy(&emulator->data.data[emulator->comp_write_page_addr * 4], buff_rx, 4);
emulator->data_changed = true;
// Send ACK message
buff_tx[0] = 0x0A;
tx_bits = 4;
*data_type = FURI_HAL_NFC_TXRX_RAW;
command_parsed = true;
}
mf_ul_emulate->comp_write_cmd_started = false;
emulator->comp_write_cmd_started = false;
} else if(cmd == MF_UL_GET_VERSION_CMD) {
if(mf_ul_emulate->data.type != MfUltralightTypeUnknown) {
tx_bytes = sizeof(mf_ul_emulate->data.version);
memcpy(buff_tx, &mf_ul_emulate->data.version, tx_bytes);
if(emulator->data.type != MfUltralightTypeUnknown) {
tx_bytes = sizeof(emulator->data.version);
memcpy(buff_tx, &emulator->data.version, tx_bytes);
*data_type = FURI_HAL_NFC_TXRX_DEFAULT;
command_parsed = true;
}
@@ -242,28 +285,24 @@ bool mf_ul_prepare_emulation_response(
if(start_page + 4 > page_num) {
// Handle roll-over mechanism
uint8_t end_pages_num = page_num - start_page;
memcpy(buff_tx, &mf_ul_emulate->data.data[start_page * 4], end_pages_num * 4);
memcpy(
&buff_tx[end_pages_num * 4],
mf_ul_emulate->data.data,
(4 - end_pages_num) * 4);
memcpy(buff_tx, &emulator->data.data[start_page * 4], end_pages_num * 4);
memcpy(&buff_tx[end_pages_num * 4], emulator->data.data, (4 - end_pages_num) * 4);
} else {
memcpy(buff_tx, &mf_ul_emulate->data.data[start_page * 4], tx_bytes);
memcpy(buff_tx, &emulator->data.data[start_page * 4], tx_bytes);
}
mf_ul_protect_auth_data_on_read_command(
buff_tx, start_page, (start_page + 4), mf_ul_emulate);
buff_tx, start_page, (start_page + 4), emulator);
*data_type = FURI_HAL_NFC_TXRX_DEFAULT;
command_parsed = true;
}
} else if(cmd == MF_UL_FAST_READ_CMD) {
if(mf_ul_emulate->support_fast_read) {
if(emulator->support_fast_read) {
uint8_t start_page = buff_rx[1];
uint8_t end_page = buff_rx[2];
if((start_page < page_num) && (end_page < page_num) && (start_page < (end_page + 1))) {
tx_bytes = ((end_page + 1) - start_page) * 4;
memcpy(buff_tx, &mf_ul_emulate->data.data[start_page * 4], tx_bytes);
mf_ul_protect_auth_data_on_read_command(
buff_tx, start_page, end_page, mf_ul_emulate);
memcpy(buff_tx, &emulator->data.data[start_page * 4], tx_bytes);
mf_ul_protect_auth_data_on_read_command(buff_tx, start_page, end_page, emulator);
*data_type = FURI_HAL_NFC_TXRX_DEFAULT;
command_parsed = true;
}
@@ -271,8 +310,8 @@ bool mf_ul_prepare_emulation_response(
} else if(cmd == MF_UL_WRITE) {
uint8_t write_page = buff_rx[1];
if((write_page > 1) && (write_page < page_num - 2)) {
memcpy(&mf_ul_emulate->data.data[write_page * 4], &buff_rx[2], 4);
mf_ul_emulate->data_changed = true;
memcpy(&emulator->data.data[write_page * 4], &buff_rx[2], 4);
emulator->data_changed = true;
// ACK
buff_tx[0] = 0x0A;
tx_bits = 4;
@@ -282,8 +321,8 @@ bool mf_ul_prepare_emulation_response(
} else if(cmd == MF_UL_COMP_WRITE) {
uint8_t write_page = buff_rx[1];
if((write_page > 1) && (write_page < page_num - 2)) {
mf_ul_emulate->comp_write_cmd_started = true;
mf_ul_emulate->comp_write_page_addr = write_page;
emulator->comp_write_cmd_started = true;
emulator->comp_write_page_addr = write_page;
// ACK
buff_tx[0] = 0x0A;
tx_bits = 4;
@@ -293,9 +332,9 @@ bool mf_ul_prepare_emulation_response(
} else if(cmd == MF_UL_READ_CNT) {
uint8_t cnt_num = buff_rx[1];
if(cnt_num < 3) {
buff_tx[0] = mf_ul_emulate->data.counter[cnt_num] >> 16;
buff_tx[1] = mf_ul_emulate->data.counter[cnt_num] >> 8;
buff_tx[2] = mf_ul_emulate->data.counter[cnt_num];
buff_tx[0] = emulator->data.counter[cnt_num] >> 16;
buff_tx[1] = emulator->data.counter[cnt_num] >> 8;
buff_tx[2] = emulator->data.counter[cnt_num];
tx_bytes = 3;
*data_type = FURI_HAL_NFC_TXRX_DEFAULT;
command_parsed = true;
@@ -303,9 +342,9 @@ bool mf_ul_prepare_emulation_response(
} else if(cmd == MF_UL_INC_CNT) {
uint8_t cnt_num = buff_rx[1];
uint32_t inc = (buff_rx[2] | (buff_rx[3] << 8) | (buff_rx[4] << 16));
if((cnt_num < 3) && (mf_ul_emulate->data.counter[cnt_num] + inc < 0x00FFFFFF)) {
mf_ul_emulate->data.counter[cnt_num] += inc;
mf_ul_emulate->data_changed = true;
if((cnt_num < 3) && (emulator->data.counter[cnt_num] + inc < 0x00FFFFFF)) {
emulator->data.counter[cnt_num] += inc;
emulator->data_changed = true;
// ACK
buff_tx[0] = 0x0A;
tx_bits = 4;
@@ -313,14 +352,14 @@ bool mf_ul_prepare_emulation_response(
command_parsed = true;
}
} else if(cmd == MF_UL_AUTH) {
if(mf_ul_emulate->data.type >= MfUltralightTypeNTAG213) {
if(memcmp(&buff_rx[1], mf_ul_emulate->auth_data->pwd, 4) == 0) {
buff_tx[0] = mf_ul_emulate->auth_data->pack.raw[0];
buff_tx[1] = mf_ul_emulate->auth_data->pack.raw[1];
if(emulator->data.type >= MfUltralightTypeNTAG213) {
if(memcmp(&buff_rx[1], emulator->auth_data->pwd, 4) == 0) {
buff_tx[0] = emulator->auth_data->pack.raw[0];
buff_tx[1] = emulator->auth_data->pack.raw[1];
tx_bytes = 2;
*data_type = FURI_HAL_NFC_TXRX_DEFAULT;
command_parsed = true;
} else if(!mf_ul_emulate->auth_data->pack.value) {
} else if(!emulator->auth_data->pack.value) {
buff_tx[0] = 0x80;
buff_tx[1] = 0x80;
tx_bytes = 2;
@@ -331,15 +370,15 @@ bool mf_ul_prepare_emulation_response(
} else if(cmd == MF_UL_READ_SIG) {
// Check 2nd byte = 0x00 - RFU
if(buff_rx[1] == 0x00) {
tx_bytes = sizeof(mf_ul_emulate->data.signature);
memcpy(buff_tx, mf_ul_emulate->data.signature, tx_bytes);
tx_bytes = sizeof(emulator->data.signature);
memcpy(buff_tx, emulator->data.signature, tx_bytes);
*data_type = FURI_HAL_NFC_TXRX_DEFAULT;
command_parsed = true;
}
} else if(cmd == MF_UL_CHECK_TEARING) {
uint8_t cnt_num = buff_rx[1];
if(cnt_num < 3) {
buff_tx[0] = mf_ul_emulate->data.tearing[cnt_num];
buff_tx[0] = emulator->data.tearing[cnt_num];
tx_bytes = 1;
*data_type = FURI_HAL_NFC_TXRX_DEFAULT;
command_parsed = true;

61
lib/nfc_protocols/mifare_ultralight.h
View File

@@ -1,8 +1,6 @@
#pragma once
#include <stdint.h>
#include <stdbool.h>
#include <string.h>
#include <furi_hal_nfc.h>
#define MF_UL_MAX_DUMP_SIZE 1024
@@ -62,7 +60,7 @@ typedef struct {
uint8_t tearing[3];
uint16_t data_size;
uint8_t data[MF_UL_MAX_DUMP_SIZE];
} MifareUlData;
} MfUltralightData;
typedef struct {
uint8_t pwd[4];
@@ -70,52 +68,53 @@ typedef struct {
uint8_t raw[2];
uint16_t value;
} pack;
} MifareUlAuthData;
} MfUltralightAuth;
typedef struct {
uint8_t pages_to_read;
uint8_t pages_read;
bool support_fast_read;
} MfUltralightReader;
typedef struct {
MfUltralightData data;
bool support_fast_read;
bool data_changed;
MifareUlData data;
MifareUlAuthData* auth_data;
bool comp_write_cmd_started;
uint8_t comp_write_page_addr;
} MifareUlDevice;
MfUltralightAuth* auth_data;
} MfUltralightEmulator;
bool mf_ul_check_card_type(uint8_t ATQA0, uint8_t ATQA1, uint8_t SAK);
uint16_t mf_ul_prepare_get_version(uint8_t* dest);
void mf_ul_parse_get_version_response(uint8_t* buff, MifareUlDevice* mf_ul_read);
void mf_ul_set_default_version(MifareUlDevice* mf_ul_read);
bool mf_ultralight_read_version(
FuriHalNfcTxRxContext* tx_rx,
MfUltralightReader* reader,
MfUltralightData* data);
uint16_t mf_ul_prepare_read_signature(uint8_t* dest);
void mf_ul_parse_read_signature_response(uint8_t* buff, MifareUlDevice* mf_ul_read);
bool mf_ultralight_read_pages(
FuriHalNfcTxRxContext* tx_rx,
MfUltralightReader* reader,
MfUltralightData* data);
uint16_t mf_ul_prepare_read_cnt(uint8_t* dest, uint8_t cnt_index);
void mf_ul_parse_read_cnt_response(uint8_t* buff, uint8_t cnt_index, MifareUlDevice* mf_ul_read);
bool mf_ultralight_fast_read_pages(
FuriHalNfcTxRxContext* tx_rx,
MfUltralightReader* reader,
MfUltralightData* data);
uint16_t mf_ul_prepare_inc_cnt(uint8_t* dest, uint8_t cnt_index, uint32_t value);
bool mf_ultralight_read_signature(FuriHalNfcTxRxContext* tx_rx, MfUltralightData* data);
uint16_t mf_ul_prepare_check_tearing(uint8_t* dest, uint8_t cnt_index);
void mf_ul_parse_check_tearing_response(
uint8_t* buff,
uint8_t cnt_index,
MifareUlDevice* mf_ul_read);
bool mf_ultralight_read_counters(FuriHalNfcTxRxContext* tx_rx, MfUltralightData* data);
uint16_t mf_ul_prepare_read(uint8_t* dest, uint8_t start_page);
void mf_ul_parse_read_response(uint8_t* buff, uint16_t page_addr, MifareUlDevice* mf_ul_read);
bool mf_ultralight_read_tearing_flags(FuriHalNfcTxRxContext* tx_rx, MfUltralightData* data);
uint16_t mf_ul_prepare_fast_read(uint8_t* dest, uint8_t start_page, uint8_t end_page);
void mf_ul_parse_fast_read_response(
uint8_t* buff,
uint8_t start_page,
uint8_t end_page,
MifareUlDevice* mf_ul_read);
bool mf_ul_read_card(
FuriHalNfcTxRxContext* tx_rx,
MfUltralightReader* reader,
MfUltralightData* data);
uint16_t mf_ul_prepare_write(uint8_t* dest, uint16_t page_addr, uint32_t data);
void mf_ul_prepare_emulation(MfUltralightEmulator* emulator, MfUltralightData* data);
void mf_ul_prepare_emulation(MifareUlDevice* mf_ul_emulate, MifareUlData* data);
bool mf_ul_prepare_emulation_response(
uint8_t* buff_rx,
uint16_t buff_rx_len,