[FL-2245] Introduce Mifare Classic Emulation (#1242)

* digital signal: introduce digital signal * nfca: add nfca signal encoder * nfc: add mifare classic emulation scene * nfca: add classic emulation support to lib and hal * mifare classic: support basic read commands * nfc: add mifare classic menu scene * mifare classic: start parsing commands in emulation * mifare classic: add nested auth * nfc: fix errors * mifare classic: add encrypt function * nfc: fix mifare classic save * lib hex: add hex uint64_t ASCII parser * flipper format: add uint64 hex format support * nfc: add mifare classic key map * nfc: hide mifare classic keys on emulation * mifare classic: add NACK responce * nfc: add partial bytes support in transparent mode * nfc: mifare classic add shadow file support * digital signal: move arr buffer from BSS to heap * mifare classic: process access bits more careful * nfca: fix memory leack * nfc: format sources * mifare classic: cleun up Co-authored-by: あく <alleteam@gmail.com>
2022-05-24 17:00:15 +03:00
parent 2017baac48
commit d31578508a
28 changed files with 1150 additions and 28 deletions
--- a/applications/nfc/nfc.c
+++ b/applications/nfc/nfc.c
@@ -173,6 +173,8 @@ int32_t nfc_app(void* p) {
        if(nfc_device_load(nfc->dev, p)) {
            if(nfc->dev->format == NfcDeviceSaveFormatMifareUl) {
                scene_manager_next_scene(nfc->scene_manager, NfcSceneEmulateMifareUl);
+            } else if(nfc->dev->format == NfcDeviceSaveFormatMifareClassic) {
+                scene_manager_next_scene(nfc->scene_manager, NfcSceneEmulateMifareClassic);
            } else {
                scene_manager_next_scene(nfc->scene_manager, NfcSceneEmulateUid);
            }
--- a/applications/nfc/nfc_device.c
+++ b/applications/nfc/nfc_device.c
@@ -7,6 +7,9 @@
 static const char* nfc_file_header = "Flipper NFC device";
 static const uint32_t nfc_file_version = 2;

+// Protocols format versions
+static const uint32_t nfc_mifare_classic_data_format_version = 1;
+
 NfcDevice* nfc_device_alloc() {
    NfcDevice* nfc_dev = malloc(sizeof(NfcDevice));
    nfc_dev->storage = furi_record_open("storage");
@@ -624,6 +627,7 @@ static bool nfc_device_save_mifare_classic_data(FlipperFormat* file, NfcDevice*
    // Save Mifare Classic specific data
    do {
        if(!flipper_format_write_comment_cstr(file, "Mifare Classic specific data")) break;
+
        if(data->type == MfClassicType1k) {
            if(!flipper_format_write_string_cstr(file, "Mifare Classic type", "1K")) break;
            blocks = 64;
@@ -631,8 +635,17 @@ static bool nfc_device_save_mifare_classic_data(FlipperFormat* file, NfcDevice*
            if(!flipper_format_write_string_cstr(file, "Mifare Classic type", "4K")) break;
            blocks = 256;
        }
-        if(!flipper_format_write_comment_cstr(file, "Mifare Classic blocks")) break;
+        if(!flipper_format_write_uint32(
+               file, "Data format version", &nfc_mifare_classic_data_format_version, 1))
+            break;

+        if(!flipper_format_write_comment_cstr(
+               file, "Key map is the bit mask indicating valid key in each sector"))
+            break;
+        if(!flipper_format_write_hex_uint64(file, "Key A map", &data->key_a_mask, 1)) break;
+        if(!flipper_format_write_hex_uint64(file, "Key B map", &data->key_b_mask, 1)) break;
+
+        if(!flipper_format_write_comment_cstr(file, "Mifare Classic blocks")) break;
        bool block_saved = true;
        for(size_t i = 0; i < blocks; i++) {
            string_printf(temp_str, "Block %d", i);
@@ -654,6 +667,7 @@ static bool nfc_device_load_mifare_classic_data(FlipperFormat* file, NfcDevice*
    bool parsed = false;
    MfClassicData* data = &dev->dev_data.mf_classic_data;
    string_t temp_str;
+    uint32_t data_format_version = 0;
    string_init(temp_str);
    uint16_t data_blocks = 0;

@@ -669,6 +683,19 @@ static bool nfc_device_load_mifare_classic_data(FlipperFormat* file, NfcDevice*
        } else {
            break;
        }
+
+        // Read Mifare Classic format version
+        if(!flipper_format_read_uint32(file, "Data format version", &data_format_version, 1)) {
+            // Load unread sectors with zero keys access for backward compatability
+            if(!flipper_format_rewind(file)) break;
+            data->key_a_mask = 0xffffffffffffffff;
+            data->key_b_mask = 0xffffffffffffffff;
+        } else {
+            if(data_format_version != nfc_mifare_classic_data_format_version) break;
+            if(!flipper_format_read_hex_uint64(file, "Key A map", &data->key_a_mask, 1)) break;
+            if(!flipper_format_read_hex_uint64(file, "Key B map", &data->key_b_mask, 1)) break;
+        }
+
        // Read Mifare Classic blocks
        bool block_read = true;
        for(size_t i = 0; i < data_blocks; i++) {
--- a/applications/nfc/nfc_worker.c
+++ b/applications/nfc/nfc_worker.c
@@ -7,6 +7,7 @@
 #include <lib/nfc_protocols/mifare_ultralight.h>
 #include <lib/nfc_protocols/mifare_classic.h>
 #include <lib/nfc_protocols/mifare_desfire.h>
+#include <lib/nfc_protocols/nfca.h>

 #include "helpers/nfc_mf_classic_dict.h"

@@ -104,6 +105,8 @@ int32_t nfc_worker_task(void* context) {
        nfc_worker_emulate_mifare_ul(nfc_worker);
    } else if(nfc_worker->state == NfcWorkerStateReadMifareClassic) {
        nfc_worker_mifare_classic_dict_attack(nfc_worker);
+    } else if(nfc_worker->state == NfcWorkerStateEmulateMifareClassic) {
+        nfc_worker_emulate_mifare_classic(nfc_worker);
    } else if(nfc_worker->state == NfcWorkerStateReadMifareDesfire) {
        nfc_worker_read_mifare_desfire(nfc_worker);
    }
@@ -474,6 +477,34 @@ void nfc_worker_mifare_classic_dict_attack(NfcWorker* nfc_worker) {
    stream_free(nfc_worker->dict_stream);
 }

+void nfc_worker_emulate_mifare_classic(NfcWorker* nfc_worker) {
+    FuriHalNfcTxRxContext tx_rx;
+    FuriHalNfcDevData* nfc_data = &nfc_worker->dev_data->nfc_data;
+    MfClassicEmulator emulator = {
+        .cuid = nfc_util_bytes2num(&nfc_data->uid[nfc_data->uid_len - 4], 4),
+        .data = nfc_worker->dev_data->mf_classic_data,
+        .data_changed = false,
+    };
+    NfcaSignal* nfca_signal = nfca_signal_alloc();
+    tx_rx.nfca_signal = nfca_signal;
+
+    while(nfc_worker->state == NfcWorkerStateEmulateMifareClassic) {
+        if(furi_hal_nfc_listen(
+               nfc_data->uid, nfc_data->uid_len, nfc_data->atqa, nfc_data->sak, true, 300)) {
+            mf_classic_emulator(&emulator, &tx_rx);
+        }
+    }
+    if(emulator.data_changed) {
+        nfc_worker->dev_data->mf_classic_data = emulator.data;
+        if(nfc_worker->callback) {
+            nfc_worker->callback(NfcWorkerEventSuccess, nfc_worker->context);
+        }
+        emulator.data_changed = false;
+    }
+
+    nfca_signal_free(nfca_signal);
+}
+
 void nfc_worker_read_mifare_desfire(NfcWorker* nfc_worker) {
    ReturnCode err;
    uint8_t tx_buff[64] = {};
--- a/applications/nfc/nfc_worker.h
+++ b/applications/nfc/nfc_worker.h
@@ -19,6 +19,7 @@ typedef enum {
    NfcWorkerStateReadMifareUltralight,
    NfcWorkerStateEmulateMifareUltralight,
    NfcWorkerStateReadMifareClassic,
+    NfcWorkerStateEmulateMifareClassic,
    NfcWorkerStateReadMifareDesfire,
    // Transition
    NfcWorkerStateStop,
--- a/applications/nfc/scenes/nfc_scene_config.h
+++ b/applications/nfc/scenes/nfc_scene_config.h
@@ -34,4 +34,6 @@ ADD_SCENE(nfc, restore_original, RestoreOriginal)
 ADD_SCENE(nfc, debug, Debug)
 ADD_SCENE(nfc, field, Field)
 ADD_SCENE(nfc, read_mifare_classic, ReadMifareClassic)
+ADD_SCENE(nfc, emulate_mifare_classic, EmulateMifareClassic)
+ADD_SCENE(nfc, mifare_classic_menu, MifareClassicMenu)
 ADD_SCENE(nfc, dict_not_found, DictNotFound)
--- a/applications/nfc/scenes/nfc_scene_emulate_mifare_classic.c
+++ b/applications/nfc/scenes/nfc_scene_emulate_mifare_classic.c
@@ -0,0 +1,64 @@
+#include "../nfc_i.h"
+#include <dolphin/dolphin.h>
+
+#define NFC_MF_CLASSIC_DATA_NOT_CHANGED (0UL)
+#define NFC_MF_CLASSIC_DATA_CHANGED (1UL)
+
+void nfc_emulate_mifare_classic_worker_callback(NfcWorkerEvent event, void* context) {
+    UNUSED(event);
+    Nfc* nfc = context;
+
+    scene_manager_set_scene_state(
+        nfc->scene_manager, NfcSceneEmulateMifareClassic, NFC_MF_CLASSIC_DATA_CHANGED);
+}
+
+void nfc_scene_emulate_mifare_classic_on_enter(void* context) {
+    Nfc* nfc = context;
+    DOLPHIN_DEED(DolphinDeedNfcEmulate);
+
+    // Setup view
+    Popup* popup = nfc->popup;
+    if(strcmp(nfc->dev->dev_name, "")) {
+        nfc_text_store_set(nfc, "%s", nfc->dev->dev_name);
+    }
+    popup_set_icon(popup, 0, 3, &I_RFIDDolphinSend_97x61);
+    popup_set_header(popup, "Emulating\nMf Classic", 56, 31, AlignLeft, AlignTop);
+
+    // Setup and start worker
+    view_dispatcher_switch_to_view(nfc->view_dispatcher, NfcViewPopup);
+    nfc_worker_start(
+        nfc->worker,
+        NfcWorkerStateEmulateMifareClassic,
+        &nfc->dev->dev_data,
+        nfc_emulate_mifare_classic_worker_callback,
+        nfc);
+}
+
+bool nfc_scene_emulate_mifare_classic_on_event(void* context, SceneManagerEvent event) {
+    Nfc* nfc = context;
+    bool consumed = false;
+
+    if(event.type == SceneManagerEventTypeTick) {
+        notification_message(nfc->notifications, &sequence_blink_blue_10);
+        consumed = true;
+    } else if(event.type == SceneManagerEventTypeBack) {
+        // Stop worker
+        nfc_worker_stop(nfc->worker);
+        // Check if data changed and save in shadow file
+        if(scene_manager_get_scene_state(nfc->scene_manager, NfcSceneEmulateMifareClassic) ==
+           NFC_MF_CLASSIC_DATA_CHANGED) {
+            scene_manager_set_scene_state(
+                nfc->scene_manager, NfcSceneEmulateMifareClassic, NFC_MF_CLASSIC_DATA_NOT_CHANGED);
+            nfc_device_save_shadow(nfc->dev, nfc->dev->dev_name);
+        }
+        consumed = false;
+    }
+    return consumed;
+}
+
+void nfc_scene_emulate_mifare_classic_on_exit(void* context) {
+    Nfc* nfc = context;
+
+    // Clear view
+    popup_reset(nfc->popup);
+}
--- a/applications/nfc/scenes/nfc_scene_mifare_classic_menu.c
+++ b/applications/nfc/scenes/nfc_scene_mifare_classic_menu.c
@@ -0,0 +1,64 @@
+#include "../nfc_i.h"
+
+enum SubmenuIndex {
+    SubmenuIndexSave,
+    SubmenuIndexEmulate,
+};
+
+void nfc_scene_mifare_classic_menu_submenu_callback(void* context, uint32_t index) {
+    Nfc* nfc = context;
+
+    view_dispatcher_send_custom_event(nfc->view_dispatcher, index);
+}
+
+void nfc_scene_mifare_classic_menu_on_enter(void* context) {
+    Nfc* nfc = context;
+    Submenu* submenu = nfc->submenu;
+
+    submenu_add_item(
+        submenu, "Save", SubmenuIndexSave, nfc_scene_mifare_classic_menu_submenu_callback, nfc);
+    submenu_add_item(
+        submenu,
+        "Emulate",
+        SubmenuIndexEmulate,
+        nfc_scene_mifare_classic_menu_submenu_callback,
+        nfc);
+    submenu_set_selected_item(
+        nfc->submenu, scene_manager_get_scene_state(nfc->scene_manager, NfcSceneMifareUlMenu));
+
+    view_dispatcher_switch_to_view(nfc->view_dispatcher, NfcViewMenu);
+}
+
+bool nfc_scene_mifare_classic_menu_on_event(void* context, SceneManagerEvent event) {
+    Nfc* nfc = context;
+    bool consumed = false;
+
+    if(event.type == SceneManagerEventTypeCustom) {
+        if(event.event == SubmenuIndexSave) {
+            scene_manager_set_scene_state(
+                nfc->scene_manager, NfcSceneMifareUlMenu, SubmenuIndexSave);
+            nfc->dev->format = NfcDeviceSaveFormatMifareClassic;
+            // Clear device name
+            nfc_device_set_name(nfc->dev, "");
+            scene_manager_next_scene(nfc->scene_manager, NfcSceneSaveName);
+            consumed = true;
+        } else if(event.event == SubmenuIndexEmulate) {
+            scene_manager_set_scene_state(
+                nfc->scene_manager, NfcSceneMifareUlMenu, SubmenuIndexEmulate);
+            scene_manager_next_scene(nfc->scene_manager, NfcSceneEmulateMifareClassic);
+            consumed = true;
+        }
+    } else if(event.type == SceneManagerEventTypeBack) {
+        consumed =
+            scene_manager_search_and_switch_to_previous_scene(nfc->scene_manager, NfcSceneStart);
+    }
+
+    return consumed;
+}
+
+void nfc_scene_mifare_classic_menu_on_exit(void* context) {
+    Nfc* nfc = context;
+
+    // Clear view
+    submenu_reset(nfc->submenu);
+}
--- a/applications/nfc/scenes/nfc_scene_read_mifare_classic.c
+++ b/applications/nfc/scenes/nfc_scene_read_mifare_classic.c
@@ -47,7 +47,7 @@ bool nfc_scene_read_mifare_classic_on_event(void* context, SceneManagerEvent eve
        consumed = true;
    } else if(event.type == SceneManagerEventTypeCustom) {
        if(event.event == NfcCustomEventDictAttackDone) {
-            scene_manager_next_scene(nfc->scene_manager, NfcSceneSaveName);
+            scene_manager_next_scene(nfc->scene_manager, NfcSceneMifareClassicMenu);
            consumed = true;
        } else if(event.event == NfcWorkerEventDetectedClassic1k) {
            dict_attack_card_detected(nfc->dict_attack, MfClassicType1k);
@@ -71,7 +71,6 @@ bool nfc_scene_read_mifare_classic_on_event(void* context, SceneManagerEvent eve
            scene_manager_set_scene_state(
                nfc->scene_manager, NfcSceneReadMifareClassic, NfcSceneReadMifareClassicStateDone);
            notification_message(nfc->notifications, &sequence_success);
-            nfc->dev->format = NfcDeviceSaveFormatMifareClassic;
            dict_attack_set_result(nfc->dict_attack, true);
            consumed = true;
        } else if(event.event == NfcWorkerEventFail) {
--- a/applications/nfc/scenes/nfc_scene_saved_menu.c
+++ b/applications/nfc/scenes/nfc_scene_saved_menu.c
@@ -27,13 +27,11 @@ void nfc_scene_saved_menu_on_enter(void* context) {
            SubmenuIndexEmulate,
            nfc_scene_saved_menu_submenu_callback,
            nfc);
-    } else if(nfc->dev->format == NfcDeviceSaveFormatMifareUl) {
+    } else if(
+        nfc->dev->format == NfcDeviceSaveFormatMifareUl ||
+        nfc->dev->format == NfcDeviceSaveFormatMifareClassic) {
        submenu_add_item(
-            submenu,
-            "Emulate Ultralight",
-            SubmenuIndexEmulate,
-            nfc_scene_saved_menu_submenu_callback,
-            nfc);
+            submenu, "Emulate", SubmenuIndexEmulate, nfc_scene_saved_menu_submenu_callback, nfc);
    }
    submenu_add_item(
        submenu, "Edit UID and Name", SubmenuIndexEdit, nfc_scene_saved_menu_submenu_callback, nfc);
@@ -64,6 +62,8 @@ bool nfc_scene_saved_menu_on_event(void* context, SceneManagerEvent event) {
        if(event.event == SubmenuIndexEmulate) {
            if(nfc->dev->format == NfcDeviceSaveFormatMifareUl) {
                scene_manager_next_scene(nfc->scene_manager, NfcSceneEmulateMifareUl);
+            } else if(nfc->dev->format == NfcDeviceSaveFormatMifareClassic) {
+                scene_manager_next_scene(nfc->scene_manager, NfcSceneEmulateMifareClassic);
            } else {
                scene_manager_next_scene(nfc->scene_manager, NfcSceneEmulateUid);
            }
--- a/applications/nfc/views/dict_attack.c
+++ b/applications/nfc/views/dict_attack.c
@@ -46,7 +46,7 @@ static void dict_attack_draw_callback(Canvas* canvas, void* model) {
            canvas_draw_str_aligned(canvas, 64, 2, AlignCenter, AlignTop, draw_str);
        } else if(m->state == DictAttackStateSuccess) {
            canvas_draw_str_aligned(canvas, 64, 2, AlignCenter, AlignTop, "Complete!");
-            elements_button_right(canvas, "Save");
+            elements_button_right(canvas, "More");
        } else if(m->state == DictAttackStateFail) {
            canvas_draw_str_aligned(
                canvas, 64, 2, AlignCenter, AlignTop, "Failed to read any sector");