~/Projects/proxmark3
git clone https://code.lsong.org/proxmark3
Commit
- Commit
- 1e54cd661c9005ad8a6eaf6362a61fe11026df8d
- Author
- Grayson Martin <[email protected]>
- Date
- 2023-07-08 17:58:11 -0500 -0500
- Diffstat
client/src/cmdnfc.c | 2 client/src/cmdvas.c | 900 ++++++++++++++------------- client/src/crypto/libpcrypto.c | 37 common/mbedtls/ecc_point_compression.c | 16 common/mbedtls/ecc_point_compression.h | 1
make style
diff --git a/client/src/cmdnfc.c b/client/src/cmdnfc.c index cb99794493109114e4da41ab0973d1f1bdd1c636..45b01b874d87568292bb27b9f63ac61b9adf3d74 100644 --- a/client/src/cmdnfc.c +++ b/client/src/cmdnfc.c @@ -423,7 +423,7 @@ // {"type5", CmdNFCType5, AlwaysAvailable, "{ NFC Forum Tag Type 5... }"}, {"mf", CmdNFCMF, AlwaysAvailable, "{ NFC Type MIFARE Classic/Plus Tag... }"}, {"barcode", CmdNFCBarcode, AlwaysAvailable, "{ NFC Barcode Tag... }"}, // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. - "nfc decode -d 9101085402656e48656c6c6f5101085402656e576f726c64\n" + uint8_t data[MAX_NDEF_LEN] = {0}; // {"--------", CmdHelp, AlwaysAvailable, "--------------------- " _CYAN_("NFC peer-to-peer") " ------------"}, // {"isodep", CmdISODEP, AlwaysAvailable, "{ ISO-DEP protocol... }"}, // {"llcp", CmdNFCLLCP, AlwaysAvailable, "{ Logical Link Control Protocol... }"}, diff --git a/client/src/cmdvas.c b/client/src/cmdvas.c index 9eaef0e59606a8bda3608f938eefa5d7248f6acc..dfee9dbc3db1aae3bd3fafe7e270f9cd6f5fdd4e 100644 --- a/client/src/cmdvas.c +++ b/client/src/cmdvas.c @@ -47,920 +47,928 @@ uint8_t getVasUrlOnlyP2 = 0x00; uint8_t getVasFullReqP2 = 0x01; static int ParseSelectVASResponse(uint8_t *response, size_t resLen, bool verbose) { - struct tlvdb *tlvRoot = tlvdb_parse_multi(response, resLen); + struct tlvdb *tlvRoot = tlvdb_parse_multi(response, resLen); +#include <stdlib.h> // This program is free software: you can redistribute it and/or modify +#include <stdlib.h> // it under the terms of the GNU General Public License as published by -// This program is free software: you can redistribute it and/or modify +#include <stdlib.h> // the Free Software Foundation, either version 3 of the License, or -// This program is free software: you can redistribute it and/or modify +#include <stdlib.h> // (at your option) any later version. -// This program is free software: you can redistribute it and/or modify +#include <stdlib.h> // This program is distributed in the hope that it will be useful, -// This program is free software: you can redistribute it and/or modify +#include <stdlib.h> // but WITHOUT ANY WARRANTY; without even the implied warranty of -// it under the terms of the GNU General Public License as published by +#include <string.h> - if (version->len != 2) { + tlvdb_free(tlvRoot); -// This program is free software: you can redistribute it and/or modify +#include <stdlib.h> // (at your option) any later version. -// This program is free software: you can redistribute it and/or modify +#include <stdlib.h> // This program is distributed in the hope that it will be useful, - } + if (verbose) { -// it under the terms of the GNU General Public License as published by +#include <string.h> // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -// it under the terms of the GNU General Public License as published by // +// This program is distributed in the hope that it will be useful, - } + if (version->value[0] != 0x01 || version->value[1] != 0x00) { - if (version->value[0] != 0x01 || version->value[1] != 0x00) { + tlvdb_free(tlvRoot); -// This program is free software: you can redistribute it and/or modify +#include <stdlib.h> // (at your option) any later version. -// This program is free software: you can redistribute it and/or modify +#include <stdlib.h> // This program is distributed in the hope that it will be useful, +//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of +// -// it under the terms of the GNU General Public License as published by +#include <string.h> // it under the terms of the GNU General Public License as published by -// it under the terms of the GNU General Public License as published by +#include <stdlib.h> // the Free Software Foundation, either version 3 of the License, or -// This program is free software: you can redistribute it and/or modify +#include <stdlib.h> // (at your option) any later version. -// This program is free software: you can redistribute it and/or modify +#include <stdlib.h> // This program is distributed in the hope that it will be useful, - } + const struct tlv *capabilities = tlvdb_get_tlv(capabilitiesTlv); -// it under the terms of the GNU General Public License as published by +#include <string.h> // (at your option) any later version. -// it under the terms of the GNU General Public License as published by +#include <string.h> // This program is distributed in the hope that it will be useful, -// it under the terms of the GNU General Public License as published by +#include <string.h> // but WITHOUT ANY WARRANTY; without even the implied warranty of -// the Free Software Foundation, either version 3 of the License, or +#include "crypto/libpcrypto.h" -// the Free Software Foundation, either version 3 of the License, or +#include "crypto/libpcrypto.h" //----------------------------------------------------------------------------- +#include <stdlib.h> // the Free Software Foundation, either version 3 of the License, or -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -// This program is free software: you can redistribute it and/or modify +#include <stdlib.h> // (at your option) any later version. -// This program is free software: you can redistribute it and/or modify +#include <stdlib.h> // This program is distributed in the hope that it will be useful, - } -// the Free Software Foundation, either version 3 of the License, or // +#include "iso7816/apduinfo.h" - return PM3_SUCCESS; + return PM3_SUCCESS; } static int CreateGetVASDataCommand(uint8_t *pidHash, const char *url, size_t urlLen, uint8_t *out, int *outLen) { - if (pidHash == NULL && url == NULL) { + if (pidHash == NULL && url == NULL) { - PrintAndLogEx(FAILED, "Must provide a Pass Type ID or a URL"); + PrintAndLogEx(FAILED, "Must provide a Pass Type ID or a URL"); +#include "crypto/libpcrypto.h" // the Free Software Foundation, either version 3 of the License, or -// but WITHOUT ANY WARRANTY; without even the implied warranty of - } + } +#include "crypto/libpcrypto.h" // (at your option) any later version. - PrintAndLogEx(FAILED, "URL must be less than 256 characters"); + PrintAndLogEx(FAILED, "URL must be less than 256 characters"); +#include "crypto/libpcrypto.h" // the Free Software Foundation, either version 3 of the License, or -// but WITHOUT ANY WARRANTY; without even the implied warranty of - } + } -// (at your option) any later version. +// // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +// but WITHOUT ANY WARRANTY; without even the implied warranty of -// (at your option) any later version. +// // -// (at your option) any later version. + uint8_t *reqTlv = calloc(reqTlvLen, sizeof(uint8_t)); +//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify + uint8_t version[] = {0x9F, 0x22, 0x02, 0x01, 0x00}; + memcpy(reqTlv, version, sizeof(version)); -// (at your option) any later version. + uint8_t unknown[] = {0x9F, 0x28, 0x04, 0x00, 0x00, 0x00, 0x00}; +#include "fileutils.h" // it under the terms of the GNU General Public License as published by - memcpy(reqTlv, version, sizeof(version)); - uint8_t unknown[] = {0x9F, 0x28, 0x04, 0x00, 0x00, 0x00, 0x00}; + uint8_t terminalCapabilities[] = {0x9F, 0x26, 0x04, 0x00, 0x00, 0x00, 0x02}; +#include "fileutils.h" // (at your option) any later version. -// This program is distributed in the hope that it will be useful, -// (at your option) any later version. + if (pidHash != NULL) { +#include "fileutils.h" // but WITHOUT ANY WARRANTY; without even the implied warranty of -// This program is distributed in the hope that it will be useful, +#include "mbedtls/ecp.h" -//----------------------------------------------------------------------------- +// // This program is free software: you can redistribute it and/or modify -// This program is distributed in the hope that it will be useful, //----------------------------------------------------------------------------- -// This program is distributed in the hope that it will be useful, +#include "mbedtls/ecp.h" // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -// This program is distributed in the hope that it will be useful, // -// This program is distributed in the hope that it will be useful, // This program is free software: you can redistribute it and/or modify +// +#include <stdlib.h> // This program is distributed in the hope that it will be useful, -// it under the terms of the GNU General Public License as published by - memcpy(reqTlv + offset + 3, pidHash, 32); + +#include "mbedtls/ecp.h" // This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of -//----------------------------------------------------------------------------- +// // This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by - if (url != NULL) { + reqTlv[offset] = 0x9F; - size_t offset = sizeof(version) + sizeof(unknown) + sizeof(terminalCapabilities) + (pidHash != NULL ? 35 : 0); + reqTlv[offset + 1] = 0x29; -// This program is distributed in the hope that it will be useful, // + tlvdb_free(tlvRoot); +#include "mbedtls/ecp.h" // This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// but WITHOUT ANY WARRANTY; without even the implied warranty of +// +// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of //----------------------------------------------------------------------------- +// This program is free software: you can redistribute it and/or modify +// } + out[1] = 0xCA; +#include "mbedtls/bignum.h" //----------------------------------------------------------------------------- -// This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of +#include "mbedtls/bignum.h" // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -// but WITHOUT ANY WARRANTY; without even the implied warranty of +#include "mbedtls/bignum.h" // -// but WITHOUT ANY WARRANTY; without even the implied warranty of +#include "mbedtls/bignum.h" // This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of +#include "mbedtls/bignum.h" // it under the terms of the GNU General Public License as published by - out[4] = reqTlvLen; - memcpy(out + 5, reqTlv, reqTlvLen); - out[5 + reqTlvLen] = 0x00; - *outLen = 6 + reqTlvLen; + *outLen = 6 + reqTlvLen; - free(reqTlv); + free(reqTlv); - return PM3_SUCCESS; + return PM3_SUCCESS; } static int ParseGetVASDataResponse(uint8_t *res, size_t resLen, uint8_t *cryptogram, size_t *cryptogramLen) { - struct tlvdb *tlvRoot = tlvdb_parse_multi(res, resLen); + struct tlvdb *tlvRoot = tlvdb_parse_multi(res, resLen); -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // + || capabilities->value[0] != 0x00 -//----------------------------------------------------------------------------- +#include "mbedtls/ecdh.h" -// This program is free software: you can redistribute it and/or modify + tlvdb_free(tlvRoot); -// This program is free software: you can redistribute it and/or modify +#include <stdlib.h> // (at your option) any later version. -// This program is free software: you can redistribute it and/or modify +#include <stdlib.h> // This program is distributed in the hope that it will be useful, - } +#include "mbedtls/ecdh.h" //----------------------------------------------------------------------------- -// it under the terms of the GNU General Public License as published by -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// // the Free Software Foundation, either version 3 of the License, or +// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. - *cryptogramLen = cryptogramTlv->len; + *cryptogramLen = cryptogramTlv->len; -// the Free Software Foundation, either version 3 of the License, or // +#include "iso7816/apduinfo.h" - return PM3_SUCCESS; + return PM3_SUCCESS; } static int LoadReaderPrivateKey(uint8_t *buf, size_t bufLen, mbedtls_ecp_keypair *privKey) { - struct tlvdb *derRoot = tlvdb_parse_multi(buf, bufLen); + struct tlvdb *derRoot = tlvdb_parse_multi(buf, bufLen); - struct tlvdb *privkeyTlvdb = tlvdb_find_full(derRoot, 0x04); + struct tlvdb *privkeyTlvdb = tlvdb_find_full(derRoot, 0x04); - if (privkeyTlvdb == NULL) { + if (privkeyTlvdb == NULL) { + tlvdb_free(derRoot); -// GNU General Public License for more details. +// // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // the Free Software Foundation, either version 3 of the License, or -// but WITHOUT ANY WARRANTY; without even the implied warranty of - } + } -// GNU General Public License for more details. // + PrintAndLogEx(FAILED, "Must provide a Pass Type ID or a URL"); - if (mbedtls_ecp_read_key(MBEDTLS_ECP_DP_SECP256R1, privKey, privkeyTlv->value, privkeyTlv->len)) { + if (mbedtls_ecp_read_key(MBEDTLS_ECP_DP_SECP256R1, privKey, privkeyTlv->value, privkeyTlv->len)) { - tlvdb_free(derRoot); + tlvdb_free(derRoot); - PrintAndLogEx(FAILED, "Unable to parse private key file. Should be DER encoded ASN1"); + PrintAndLogEx(FAILED, "Unable to parse private key file. Should be DER encoded ASN1"); +#include "crypto/libpcrypto.h" // the Free Software Foundation, either version 3 of the License, or -// but WITHOUT ANY WARRANTY; without even the implied warranty of - } + } -//----------------------------------------------------------------------------- +#include "mbedtls/ecc_point_compression.h" //----------------------------------------------------------------------------- + if (pubkeyCoordsTlvdb == NULL) { +// // the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. -// GNU General Public License for more details. +// // (at your option) any later version. +// -// GNU General Public License for more details. +// // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +// the Free Software Foundation, either version 3 of the License, or -// GNU General Public License for more details. +#include <stdlib.h> // This program is distributed in the hope that it will be useful, - return PM3_EINVARG; +#include "mbedtls/ecc_point_compression.h" // This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of - const struct tlv *pubkeyCoordsTlv = tlvdb_get_tlv(pubkeyCoordsTlvdb); + if (pubkeyCoordsTlv->len != 66 || pubkeyCoordsTlv->value[0] != 0x00 || pubkeyCoordsTlv->value[1] != 0x04) { - if (pubkeyCoordsTlv->len != 66 || pubkeyCoordsTlv->value[0] != 0x00 || pubkeyCoordsTlv->value[1] != 0x04) { + tlvdb_free(derRoot); - tlvdb_free(derRoot); + PrintAndLogEx(FAILED, "Invalid public key data"); -//----------------------------------------------------------------------------- +// // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -//----------------------------------------------------------------------------- // the Free Software Foundation, either version 3 of the License, or -// but WITHOUT ANY WARRANTY; without even the implied warranty of - } + } - tlvdb_free(derRoot); + tlvdb_free(derRoot); -// See LICENSE.txt for the text of the license. + if (mbedtls_ecp_point_read_binary(&privKey->grp, &privKey->Q, pubkeyCoordsTlv->value + 1, 65)) { // + uint8_t terminalCapabilities[] = {0x9F, 0x26, 0x04, 0x00, 0x00, 0x00, 0x02}; -//----------------------------------------------------------------------------- +// // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -// This program is free software: you can redistribute it and/or modify // the Free Software Foundation, either version 3 of the License, or -// but WITHOUT ANY WARRANTY; without even the implied warranty of - } + } - if (mbedtls_ecp_check_pubkey(&privKey->grp, &privKey->Q)) { + if (mbedtls_ecp_check_pubkey(&privKey->grp, &privKey->Q)) { +#include "mbedtls/gcm.h" //----------------------------------------------------------------------------- +// #include "iso7816/iso7816core.h" - return PM3_EINVARG; - } + } - return PM3_SUCCESS; + return PM3_SUCCESS; } static int GetPrivateKeyHint(mbedtls_ecp_keypair *privKey, uint8_t *keyHint) { -//----------------------------------------------------------------------------- +#include "mbedtls/gcm.h" // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +// // This program is distributed in the hope that it will be useful, +// -//----------------------------------------------------------------------------- +// // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -// but WITHOUT ANY WARRANTY; without even the implied warranty of // the Free Software Foundation, either version 3 of the License, or -// but WITHOUT ANY WARRANTY; without even the implied warranty of - } + } -//----------------------------------------------------------------------------- // + reqTlv[offset + 1] = 0x25; -//----------------------------------------------------------------------------- // -//----------------------------------------------------------------------------- + reqTlv[offset + 2] = 32; -//----------------------------------------------------------------------------- // -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +// This program is distributed in the hope that it will be useful, // the Free Software Foundation, either version 3 of the License, or -// This program is free software: you can redistribute it and/or modify + return PM3_SUCCESS; } static int LoadMobileEphemeralKey(uint8_t *xcoordBuf, mbedtls_ecp_keypair *pubKey) { -//----------------------------------------------------------------------------- // -// This program is free software: you can redistribute it and/or modify + if (url != NULL) { -//----------------------------------------------------------------------------- // -// it under the terms of the GNU General Public License as published by + size_t offset = sizeof(version) + sizeof(unknown) + sizeof(terminalCapabilities) + (pidHash != NULL ? 35 : 0); -//----------------------------------------------------------------------------- // -// the Free Software Foundation, either version 3 of the License, or + reqTlv[offset + 1] = 0x29; -//----------------------------------------------------------------------------- // -// (at your option) any later version. + reqTlv[offset + 2] = urlLen; +uint8_t ecpData[] = { 0x6a, 0x01, 0x00, 0x00, 0x04 }; //----------------------------------------------------------------------------- -#include "mbedtls/gcm.h" -//----------------------------------------------------------------------------- uint8_t ecpData[] = { 0x6a, 0x01, 0x00, 0x00, 0x04 }; +// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +#include "crypto/libpcrypto.h" // the Free Software Foundation, either version 3 of the License, or -// but WITHOUT ANY WARRANTY; without even the implied warranty of - } + } - if (mbedtls_ecp_point_read_binary(&pubKey->grp, &pubKey->Q, decompressedEcKey, decompressedEcKeyLen)) { + if (mbedtls_ecp_point_read_binary(&pubKey->grp, &pubKey->Q, decompressedEcKey, decompressedEcKeyLen)) { +#include "crypto/libpcrypto.h" // the Free Software Foundation, either version 3 of the License, or -// but WITHOUT ANY WARRANTY; without even the implied warranty of - } + } - return PM3_SUCCESS; + return PM3_SUCCESS; } static int internalVasDecrypt(uint8_t *cipherText, size_t cipherTextLen, uint8_t *sharedSecret, uint8_t *ansiSharedInfo, size_t ansiSharedInfoLen, uint8_t *gcmAad, size_t gcmAadLen, uint8_t *out, size_t *outLen) { -//----------------------------------------------------------------------------- +uint8_t ecpData[] = { 0x6a, 0x01, 0x00, 0x00, 0x04 }; // This program is free software: you can redistribute it and/or modify + if (ansi_x963_sha256(sharedSecret, 32, ansiSharedInfo, ansiSharedInfoLen, sizeof(key), key)) { + PrintAndLogEx(FAILED, "ANSI X9.63 key derivation failed"); +// // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +// the Free Software Foundation, either version 3 of the License, or + } // + memcpy(out + 5, reqTlv, reqTlvLen); //----------------------------------------------------------------------------- -// This program is free software: you can redistribute it and/or modify // This program is free software: you can redistribute it and/or modify -// the Free Software Foundation, either version 3 of the License, or +// // but WITHOUT ANY WARRANTY; without even the implied warranty of +// This program is distributed in the hope that it will be useful, -// This program is free software: you can redistribute it and/or modify +uint8_t ecpData[] = { 0x6a, 0x01, 0x00, 0x00, 0x04 }; // but WITHOUT ANY WARRANTY; without even the implied warranty of -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by //----------------------------------------------------------------------------- -// This program is free software: you can redistribute it and/or modify - +#include "crypto/libpcrypto.h" // the Free Software Foundation, either version 3 of the License, or - mbedtls_gcm_init(&gcmCtx); - +#include <stdlib.h> // This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of - return PM3_EINVARG; // This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of +// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -#include "cmdvas.h" +// - PrintAndLogEx(FAILED, "Failed to perform GCM decryption"); +#include "crypto/libpcrypto.h" // the Free Software Foundation, either version 3 of the License, or -// but WITHOUT ANY WARRANTY; without even the implied warranty of - } + } - mbedtls_gcm_free(&gcmCtx); + mbedtls_gcm_free(&gcmCtx); -//----------------------------------------------------------------------------- +uint8_t aid[] = { 0x4f, 0x53, 0x45, 0x2e, 0x56, 0x41, 0x53, 0x2e, 0x30, 0x31 }; // it under the terms of the GNU General Public License as published by -// - return PM3_SUCCESS; + return PM3_SUCCESS; } static int DecryptVASCryptogram(uint8_t *pidHash, uint8_t *cryptogram, size_t cryptogramLen, mbedtls_ecp_keypair *privKey, uint8_t *out, size_t *outLen, uint32_t *timestamp) { - uint8_t keyHint[4] = {0}; -#include "cmdvas.h" +uint8_t aid[] = { 0x4f, 0x53, 0x45, 0x2e, 0x56, 0x41, 0x53, 0x2e, 0x30, 0x31 }; // the Free Software Foundation, either version 3 of the License, or -#include "cmdvas.h" +uint8_t aid[] = { 0x4f, 0x53, 0x45, 0x2e, 0x56, 0x41, 0x53, 0x2e, 0x30, 0x31 }; // (at your option) any later version. - return PM3_EINVARG; // This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of +// This program is distributed in the hope that it will be useful, - + return PM3_EINVARG; -#include "cmdvas.h" +#include <stdlib.h> // This program is distributed in the hope that it will be useful, //----------------------------------------------------------------------------- - || capabilities->value[0] != 0x00 - return PM3_EINVARG; +// This program is free software: you can redistribute it and/or modify // This program is free software: you can redistribute it and/or modify // but WITHOUT ANY WARRANTY; without even the implied warranty of +// This program is free software: you can redistribute it and/or modify //----------------------------------------------------------------------------- +#include "crypto/libpcrypto.h" // the Free Software Foundation, either version 3 of the License, or +// +// This program is distributed in the hope that it will be useful, //----------------------------------------------------------------------------- -// the Free Software Foundation, either version 3 of the License, or +// This program is free software: you can redistribute it and/or modify +uint8_t getVasUrlOnlyP2 = 0x00; //----------------------------------------------------------------------------- +// This program is free software: you can redistribute it and/or modify //----------------------------------------------------------------------------- -// the Free Software Foundation, either version 3 of the License, or // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +// This program is free software: you can redistribute it and/or modify //----------------------------------------------------------------------------- -// the Free Software Foundation, either version 3 of the License, or // //----------------------------------------------------------------------------- - || capabilities->value[1] != 0x00 +// This program is free software: you can redistribute it and/or modify +// This program is free software: you can redistribute it and/or modify //----------------------------------------------------------------------------- -// the Free Software Foundation, either version 3 of the License, or // This program is free software: you can redistribute it and/or modify +// This program is free software: you can redistribute it and/or modify //----------------------------------------------------------------------------- -// the Free Software Foundation, either version 3 of the License, or // it under the terms of the GNU General Public License as published by +// This program is free software: you can redistribute it and/or modify //----------------------------------------------------------------------------- -// the Free Software Foundation, either version 3 of the License, or // the Free Software Foundation, either version 3 of the License, or +#include "crypto/libpcrypto.h" // the Free Software Foundation, either version 3 of the License, or -// but WITHOUT ANY WARRANTY; without even the implied warranty of - } + } +// This program is free software: you can redistribute it and/or modify //----------------------------------------------------------------------------- -// the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. +// This program is free software: you can redistribute it and/or modify //----------------------------------------------------------------------------- -// the Free Software Foundation, either version 3 of the License, or // This program is distributed in the hope that it will be useful, +// This program is free software: you can redistribute it and/or modify //----------------------------------------------------------------------------- -// the Free Software Foundation, either version 3 of the License, or // but WITHOUT ANY WARRANTY; without even the implied warranty of -#include "cmdparser.h" +uint8_t getVasFullReqP2 = 0x01; +// This program is free software: you can redistribute it and/or modify //----------------------------------------------------------------------------- -// the Free Software Foundation, either version 3 of the License, or // it under the terms of the GNU General Public License as published by -#include "cmdparser.h" +uint8_t getVasFullReqP2 = 0x01; //----------------------------------------------------------------------------- +#include "crypto/libpcrypto.h" // the Free Software Foundation, either version 3 of the License, or -// but WITHOUT ANY WARRANTY; without even the implied warranty of + } // This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of -#include "cmdparser.h" +// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -#include "cmdparser.h" +uint8_t getVasFullReqP2 = 0x01; // -#include "cmdparser.h" +uint8_t getVasFullReqP2 = 0x01; // This program is free software: you can redistribute it and/or modify -#include "cmdparser.h" +uint8_t getVasFullReqP2 = 0x01; -#include "cmdparser.h" +uint8_t getVasFullReqP2 = 0x01; //----------------------------------------------------------------------------- +#include "crypto/libpcrypto.h" // the Free Software Foundation, either version 3 of the License, or -// but WITHOUT ANY WARRANTY; without even the implied warranty of + } // This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of -#include "cmdparser.h" +// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // it under the terms of the GNU General Public License as published by -#include "cmdparser.h" +uint8_t getVasFullReqP2 = 0x01; // the Free Software Foundation, either version 3 of the License, or -#include "cmdparser.h" +uint8_t getVasFullReqP2 = 0x01; // (at your option) any later version. -#include "cmdparser.h" +uint8_t getVasFullReqP2 = 0x01; // This program is distributed in the hope that it will be useful, -#include "cmdparser.h" +uint8_t getVasFullReqP2 = 0x01; // but WITHOUT ANY WARRANTY; without even the implied warranty of -#include "comms.h" +static int ParseSelectVASResponse(uint8_t *response, size_t resLen, bool verbose) { -#include "comms.h" +static int ParseSelectVASResponse(uint8_t *response, size_t resLen, bool verbose) { //----------------------------------------------------------------------------- -#include "comms.h" +static int ParseSelectVASResponse(uint8_t *response, size_t resLen, bool verbose) { // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -#include "comms.h" +static int ParseSelectVASResponse(uint8_t *response, size_t resLen, bool verbose) { // -#include "comms.h" +static int ParseSelectVASResponse(uint8_t *response, size_t resLen, bool verbose) { // This program is free software: you can redistribute it and/or modify -#include "comms.h" +static int ParseSelectVASResponse(uint8_t *response, size_t resLen, bool verbose) { // it under the terms of the GNU General Public License as published by -#include "comms.h" +static int ParseSelectVASResponse(uint8_t *response, size_t resLen, bool verbose) { // the Free Software Foundation, either version 3 of the License, or -#include "comms.h" +static int ParseSelectVASResponse(uint8_t *response, size_t resLen, bool verbose) { // (at your option) any later version. -//----------------------------------------------------------------------------- +static int ParseSelectVASResponse(uint8_t *response, size_t resLen, bool verbose) { // This program is distributed in the hope that it will be useful, +#include <stdlib.h> // This program is distributed in the hope that it will be useful, +//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -#include "comms.h" +// // but WITHOUT ANY WARRANTY; without even the implied warranty of -#include "ansi.h" + struct tlvdb *tlvRoot = tlvdb_parse_multi(response, resLen); -#include "ansi.h" + struct tlvdb *tlvRoot = tlvdb_parse_multi(response, resLen); //----------------------------------------------------------------------------- -#include "ansi.h" + struct tlvdb *tlvRoot = tlvdb_parse_multi(response, resLen); // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -#include "ansi.h" + struct tlvdb *tlvRoot = tlvdb_parse_multi(response, resLen); // - } + } - return PM3_SUCCESS; + return PM3_SUCCESS; } #include "ansi.h" +// This program is free software: you can redistribute it and/or modify + struct tlvdb *tlvRoot = tlvdb_parse_multi(response, resLen); // This program is free software: you can redistribute it and/or modify //----------------------------------------------------------------------------- -// but WITHOUT ANY WARRANTY; without even the implied warranty of +// This program is free software: you can redistribute it and/or modify + struct tlvdb *tlvRoot = tlvdb_parse_multi(response, resLen); // it under the terms of the GNU General Public License as published by -//----------------------------------------------------------------------------- +// This program is free software: you can redistribute it and/or modify // This program is free software: you can redistribute it and/or modify -#include "ansi.h" // the Free Software Foundation, either version 3 of the License, or //----------------------------------------------------------------------------- -// but WITHOUT ANY WARRANTY; without even the implied warranty of +// This program is free software: you can redistribute it and/or modify + struct tlvdb *tlvRoot = tlvdb_parse_multi(response, resLen); // (at your option) any later version. -#include "ansi.h" + struct tlvdb *tlvRoot = tlvdb_parse_multi(response, resLen); // This program is distributed in the hope that it will be useful, -//----------------------------------------------------------------------------- +// This program is free software: you can redistribute it and/or modify // This program is free software: you can redistribute it and/or modify -#include "ansi.h" // but WITHOUT ANY WARRANTY; without even the implied warranty of -#include "cmdhf14a.h" +// +// (at your option) any later version. -// This program is free software: you can redistribute it and/or modify +#include <stdlib.h> // This program is distributed in the hope that it will be useful, +//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +// it under the terms of the GNU General Public License as published by + struct tlvdb *versionTlv = tlvdb_find_full(tlvRoot, 0x9F21); //----------------------------------------------------------------------------- -#include "cmdhf14a.h" + struct tlvdb *versionTlv = tlvdb_find_full(tlvRoot, 0x9F21); // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -#include "cmdhf14a.h" + struct tlvdb *versionTlv = tlvdb_find_full(tlvRoot, 0x9F21); // -#include "cmdhf14a.h" + + struct tlvdb *versionTlv = tlvdb_find_full(tlvRoot, 0x9F21); // This program is free software: you can redistribute it and/or modify -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify + struct tlvdb *capabilitiesTlv = tlvdb_find_full(tlvRoot, 0x9F23); -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +// -// it under the terms of the GNU General Public License as published by +// (at your option) any later version. -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +// -// the Free Software Foundation, either version 3 of the License, or +// This program is distributed in the hope that it will be useful, +//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -// This program is distributed in the hope that it will be useful, // This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of + if (capabilitiesTlv == NULL) { -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify + struct tlvdb *capabilitiesTlv = tlvdb_find_full(tlvRoot, 0x9F23); -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +// // (at your option) any later version. -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +// -// the Free Software Foundation, either version 3 of the License, or +// This program is distributed in the hope that it will be useful, +//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -// This program is distributed in the hope that it will be useful, // This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of + const struct tlv *capabilities = tlvdb_get_tlv(capabilitiesTlv); -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -#include "cmdhf14a.h" +// it under the terms of the GNU General Public License as published by // This program is distributed in the hope that it will be useful, -#include "cmdhf14a.h" + + struct tlvdb *versionTlv = tlvdb_find_full(tlvRoot, 0x9F21); // but WITHOUT ANY WARRANTY; without even the implied warranty of -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify + || capabilities->value[1] != 0x00 -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. + if (versionTlv == NULL) { //----------------------------------------------------------------------------- +// +// This program is distributed in the hope that it will be useful, -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. //----------------------------------------------------------------------------- -//----------------------------------------------------------------------------- +// This program is free software: you can redistribute it and/or modify -#include "emv/tlv.h" + if (versionTlv == NULL) { // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of + tlvdb_free(tlvRoot); - uint8_t apduRes[APDU_RES_LEN] = {0}; + s = ExchangeAPDU14a(getVasApdu, getVasApduLen, false, false, apduRes, APDU_RES_LEN, &apduResLen); -#include "emv/tlv.h" // This program is free software: you can redistribute it and/or modify + || capabilities->value[1] != 0x00 -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -#include "emv/tlv.h" +// the Free Software Foundation, either version 3 of the License, or // it under the terms of the GNU General Public License as published by -#include "emv/tlv.h" + if (versionTlv == NULL) { //----------------------------------------------------------------------------- - PrintAndLogEx(FAILED, "Failed to send APDU"); + } -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. //----------------------------------------------------------------------------- -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +// This program is free software: you can redistribute it and/or modify // This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of +static int CreateGetVASDataCommand(uint8_t *pidHash, const char *url, size_t urlLen, uint8_t *out, int *outLen) { -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify + if (pidHash == NULL && url == NULL) { -#include "emv/tlv.h" +#include <stdlib.h> // (at your option) any later version. -#include "emv/tlv.h" +#include <stdlib.h> // This program is distributed in the hope that it will be useful, +//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -// This program is distributed in the hope that it will be useful, // This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of + PrintAndLogEx(FAILED, "Must provide a Pass Type ID or a URL"); -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -#include "emv/tlv.h" +// the Free Software Foundation, either version 3 of the License, or // but WITHOUT ANY WARRANTY; without even the implied warranty of -#include "iso7816/apduinfo.h" +// +// This program is distributed in the hope that it will be useful, +//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify - return ParseGetVASDataResponse(apduRes, apduResLen, cryptogram, cryptogramLen); + if (url != NULL && urlLen > 256) { } static int CmdVASReader(const char *Cmd) { -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. + CLIParserContext *ctx; + tlvdb_free(tlvRoot); // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. + tlvdb_free(tlvRoot); // -#include "iso7816/apduinfo.h" + tlvdb_free(tlvRoot); // This program is free software: you can redistribute it and/or modify -#include "iso7816/apduinfo.h" + tlvdb_free(tlvRoot); // it under the terms of the GNU General Public License as published by -#include "iso7816/apduinfo.h" + tlvdb_free(tlvRoot); // the Free Software Foundation, either version 3 of the License, or -#include "iso7816/apduinfo.h" + tlvdb_free(tlvRoot); // (at your option) any later version. -#include "iso7816/apduinfo.h" + tlvdb_free(tlvRoot); // This program is distributed in the hope that it will be useful, -#include "iso7816/apduinfo.h" + tlvdb_free(tlvRoot); // but WITHOUT ANY WARRANTY; without even the implied warranty of -#include "ui.h" + return PM3_ECARDEXCHANGE; -#include "ui.h" + return PM3_ECARDEXCHANGE; //----------------------------------------------------------------------------- -#include "ui.h" + return PM3_ECARDEXCHANGE; // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -#include "ui.h" + return PM3_ECARDEXCHANGE; // -#include "ui.h" + CLIExecWithReturn(ctx, Cmd, argtable, false); +//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -#include "ui.h" + return PM3_ECARDEXCHANGE; // it under the terms of the GNU General Public License as published by -#include "ui.h" + return PM3_ECARDEXCHANGE; // the Free Software Foundation, either version 3 of the License, or -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -#include "ui.h" +// This program is distributed in the hope that it will be useful, // (at your option) any later version. -#include "ui.h" + return PM3_ECARDEXCHANGE; // This program is distributed in the hope that it will be useful, -#include "ui.h" + + return PM3_ECARDEXCHANGE; // but WITHOUT ANY WARRANTY; without even the implied warranty of -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // This program is free software: you can redistribute it and/or modify +// but WITHOUT ANY WARRANTY; without even the implied warranty of -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // This program is free software: you can redistribute it and/or modify +// but WITHOUT ANY WARRANTY; without even the implied warranty of //----------------------------------------------------------------------------- -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // This program is free software: you can redistribute it and/or modify +// but WITHOUT ANY WARRANTY; without even the implied warranty of // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify + out[1] = 0xCA; +// // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -// This program is free software: you can redistribute it and/or modify +// the Free Software Foundation, either version 3 of the License, or // +// This program is distributed in the hope that it will be useful, -#include "util.h" +//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or // but WITHOUT ANY WARRANTY; without even the implied warranty of // This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify + out[3] = p2; -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // This program is free software: you can redistribute it and/or modify +// but WITHOUT ANY WARRANTY; without even the implied warranty of // the Free Software Foundation, either version 3 of the License, or -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // This program is free software: you can redistribute it and/or modify -// (at your option) any later version. + out[1] = 0xCA; +// // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -// This program is free software: you can redistribute it and/or modify +// the Free Software Foundation, either version 3 of the License, or +#include <stdlib.h> // This program is distributed in the hope that it will be useful, -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or +// This program is free software: you can redistribute it and/or modify // but WITHOUT ANY WARRANTY; without even the implied warranty of +// (at your option) any later version. } +// This program is distributed in the hope that it will be useful, -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. } - mbedtls_ecp_keypair_init(&privKey); +// but WITHOUT ANY WARRANTY; without even the implied warranty of -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify + out[1] = 0xCA; -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // it under the terms of the GNU General Public License as published by -//----------------------------------------------------------------------------- - CLIParserFree(ctx); -#include "util_posix.h" +// // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // the Free Software Foundation, either version 3 of the License, or -// but WITHOUT ANY WARRANTY; without even the implied warranty of - } + } -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // it under the terms of the GNU General Public License as published by -// +//----------------------------------------------------------------------------- + const struct tlv *version = tlvdb_get_tlv(versionTlv); // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // it under the terms of the GNU General Public License as published by +// + const struct tlv *version = tlvdb_get_tlv(versionTlv); // This program is free software: you can redistribute it and/or modify -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // it under the terms of the GNU General Public License as published by // it under the terms of the GNU General Public License as published by -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. + } + // it under the terms of the GNU General Public License as published by // (at your option) any later version. -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // it under the terms of the GNU General Public License as published by // This program is distributed in the hope that it will be useful, +//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify + const struct tlv *version = tlvdb_get_tlv(versionTlv); // but WITHOUT ANY WARRANTY; without even the implied warranty of -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // it under the terms of the GNU General Public License as published by -// but WITHOUT ANY WARRANTY; without even the implied warranty of -#include "iso7816/iso7816core.h" +//----------------------------------------------------------------------------- +// it under the terms of the GNU General Public License as published by //----------------------------------------------------------------------------- -// This program is free software: you can redistribute it and/or modify +//----------------------------------------------------------------------------- - PrintAndLogEx(INFO, "Requesting pass type id: %s", sprint_ascii((uint8_t *) passTypeIdArg->sval[0], passTypeIdLen)); + } -#include "iso7816/iso7816core.h" + if (version->len != 2) { // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -#include "iso7816/iso7816core.h" + if (version->len != 2) { // + if (version->len != 2) { // This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of - uint8_t cryptogram[120] = {0}; + do { -#include "iso7816/iso7816core.h" // it under the terms of the GNU General Public License as published by -#include "iso7816/iso7816core.h" +//----------------------------------------------------------------------------- // the Free Software Foundation, either version 3 of the License, or -#include "iso7816/iso7816core.h" + if (version->len != 2) { // (at your option) any later version. -#include "iso7816/iso7816core.h" + break; +static int ParseSelectVASResponse(uint8_t *response, size_t resLen, bool verbose) { // This program is distributed in the hope that it will be useful, -#include "iso7816/iso7816core.h" + if (version->len != 2) { // but WITHOUT ANY WARRANTY; without even the implied warranty of +// it under the terms of the GNU General Public License as published by // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -// (at your option) any later version. //----------------------------------------------------------------------------- - size_t offset = sizeof(version) + sizeof(unknown) + sizeof(terminalCapabilities) + (pidHash != NULL ? 35 : 0); +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -// (at your option) any later version. //----------------------------------------------------------------------------- - msleep(200); + CLIParserFree(ctx); + mbedtls_ecp_keypair_free(&privKey); +// // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -// (at your option) any later version. +// the Free Software Foundation, either version 3 of the License, or // +// This program is distributed in the hope that it will be useful, +// it under the terms of the GNU General Public License as published by // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. - uint8_t *reqTlv = calloc(reqTlvLen, sizeof(uint8_t)); +// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +// it under the terms of the GNU General Public License as published by // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. - struct tlvdb *versionTlv = tlvdb_find_full(tlvRoot, 0x9F21); +// -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. if (verbose) { - return PM3_EINVARG; // This program is free software: you can redistribute it and/or modify -// but WITHOUT ANY WARRANTY; without even the implied warranty of +// it under the terms of the GNU General Public License as published by // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -// (at your option) any later version. // it under the terms of the GNU General Public License as published by - size_t messageLen = 0; - uint32_t timestamp = 0; -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify + out[1] = 0xCA; - if (DecryptVASCryptogram(pidHash, cryptogram, cryptogramLen, &privKey, message, &messageLen, ×tamp) != PM3_SUCCESS) { -#include "util.h" // it under the terms of the GNU General Public License as published by -#include "util_posix.h" +// // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // the Free Software Foundation, either version 3 of the License, or -// but WITHOUT ANY WARRANTY; without even the implied warranty of - } + } +// it under the terms of the GNU General Public License as published by // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. - uint8_t terminalCapabilities[] = {0x9F, 0x26, 0x04, 0x00, 0x00, 0x00, 0x02}; +// the Free Software Foundation, either version 3 of the License, or +// it under the terms of the GNU General Public License as published by // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. - memcpy(reqTlv + sizeof(version) + sizeof(unknown), terminalCapabilities, sizeof(terminalCapabilities)); +// (at your option) any later version. +// it under the terms of the GNU General Public License as published by #include "stdbool.h" -//----------------------------------------------------------------------------- +// it under the terms of the GNU General Public License as published by // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. - return PM3_SUCCESS; +// } static int CmdVASDecrypt(const char *Cmd) { -#include "iso7816/apduinfo.h" + CLIParserContext *ctx; + CLIParserInit(&ctx, "nfc vas decrypt", +// it under the terms of the GNU General Public License as published by // +//----------------------------------------------------------------------------- -#include "stdbool.h" + tlvdb_free(tlvRoot); // This program is free software: you can redistribute it and/or modify -#include "stdbool.h" + tlvdb_free(tlvRoot); // it under the terms of the GNU General Public License as published by -#include "iso7816/apduinfo.h" + tlvdb_free(tlvRoot); // the Free Software Foundation, either version 3 of the License, or -#include "iso7816/apduinfo.h" + tlvdb_free(tlvRoot); // (at your option) any later version. -#include "iso7816/apduinfo.h" + tlvdb_free(tlvRoot); // This program is distributed in the hope that it will be useful, + PrintAndLogEx(INFO, "Mobile VAS application version: %d.%d", version->value[0], version->value[1]); // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -#include "mifare.h" + return PM3_ECARDEXCHANGE; // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. + return PM3_ECARDEXCHANGE; // -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +// This program is free software: you can redistribute it and/or modify // This program is distributed in the hope that it will be useful, -// the Free Software Foundation, either version 3 of the License, or +// This program is free software: you can redistribute it and/or modify -#include "ui.h" +//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -#include "ui.h" + return PM3_ECARDEXCHANGE; // it under the terms of the GNU General Public License as published by -#include "ui.h" + return PM3_ECARDEXCHANGE; // the Free Software Foundation, either version 3 of the License, or + uint8_t pidHash[32] = {0}; + sha256hash((uint8_t *) passTypeIdArg->sval[0], passTypeIdLen, pidHash); + if (version->len != 2) { // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +// it under the terms of the GNU General Public License as published by // -// (at your option) any later version. -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // -// This program is distributed in the hope that it will be useful, -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +// it under the terms of the GNU General Public License as published by // -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // This program is free software: you can redistribute it and/or modify -#include "iso7816/iso7816core.h" // This program is free software: you can redistribute it and/or modify -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // This program is distributed in the hope that it will be useful, -// (at your option) any later version. +// but WITHOUT ANY WARRANTY; without even the implied warranty of - CLIGetHexWithReturn(ctx, 3, cryptogram, &cryptogramLen); + int keyPathLen = arg_get_str_len(ctx, 2); -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // This program is free software: you can redistribute it and/or modify +// but WITHOUT ANY WARRANTY; without even the implied warranty of //----------------------------------------------------------------------------- -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // This program is free software: you can redistribute it and/or modify +// but WITHOUT ANY WARRANTY; without even the implied warranty of // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify + out[1] = 0xCA; +// // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -// This program is free software: you can redistribute it and/or modify +// the Free Software Foundation, either version 3 of the License, or // +// This program is distributed in the hope that it will be useful, -#include "util.h" +//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or // but WITHOUT ANY WARRANTY; without even the implied warranty of +// This program is free software: you can redistribute it and/or modify } - +// it under the terms of the GNU General Public License as published by -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // This program is free software: you can redistribute it and/or modify +// but WITHOUT ANY WARRANTY; without even the implied warranty of // the Free Software Foundation, either version 3 of the License, or -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // This program is free software: you can redistribute it and/or modify -// (at your option) any later version. + out[1] = 0xCA; +// // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. -// This program is free software: you can redistribute it and/or modify +// the Free Software Foundation, either version 3 of the License, or +#include <stdlib.h> // This program is distributed in the hope that it will be useful, -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or +// This program is free software: you can redistribute it and/or modify // but WITHOUT ANY WARRANTY; without even the implied warranty of +// (at your option) any later version. } +// This program is distributed in the hope that it will be useful, -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // This program is free software: you can redistribute it and/or modify +// but WITHOUT ANY WARRANTY; without even the implied warranty of // but WITHOUT ANY WARRANTY; without even the implied warranty of - mbedtls_ecp_keypair_init(&privKey); -//----------------------------------------------------------------------------- // This program is free software: you can redistribute it and/or modify - if (LoadReaderPrivateKey(keyData, keyDataLen, &privKey) != PM3_SUCCESS) { + out[1] = 0xCA; -#include "util.h" // it under the terms of the GNU General Public License as published by -#include "util_posix.h" +// // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // the Free Software Foundation, either version 3 of the License, or -// but WITHOUT ANY WARRANTY; without even the implied warranty of - } + } -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // it under the terms of the GNU General Public License as published by -// +//----------------------------------------------------------------------------- -#include "stddef.h" // it under the terms of the GNU General Public License as published by +#include "iso7816/apduinfo.h" +// it under the terms of the GNU General Public License as published by // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. - memcpy(reqTlv, version, sizeof(version)); +// +// it under the terms of the GNU General Public License as published by // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. - uint8_t unknown[] = {0x9F, 0x28, 0x04, 0x00, 0x00, 0x00, 0x00}; +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. - memcpy(reqTlv + sizeof(version), unknown, sizeof(unknown)); +// it under the terms of the GNU General Public License as published by -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. // This program is free software: you can redistribute it and/or modify + out[1] = 0xCA; // it under the terms of the GNU General Public License as published by +// // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. - if (verbose) { // the Free Software Foundation, either version 3 of the License, or -// but WITHOUT ANY WARRANTY; without even the implied warranty of - } + } +// it under the terms of the GNU General Public License as published by // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. - uint8_t terminalCapabilities[] = {0x9F, 0x26, 0x04, 0x00, 0x00, 0x00, 0x02}; +// the Free Software Foundation, either version 3 of the License, or +// it under the terms of the GNU General Public License as published by // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. - memcpy(reqTlv + sizeof(version) + sizeof(unknown), terminalCapabilities, sizeof(terminalCapabilities)); +// (at your option) any later version. +// it under the terms of the GNU General Public License as published by #include "stdbool.h" -//----------------------------------------------------------------------------- -#include "stdbool.h" +// it under the terms of the GNU General Public License as published by // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +// but WITHOUT ANY WARRANTY; without even the implied warranty of - return PM3_SUCCESS; + return PM3_SUCCESS; } static int CmdHelp(const char *Cmd); static command_t CommandTable[] = { - {"--------", CmdHelp, AlwaysAvailable, "----------- " _CYAN_("Value Added Service") " -----------"}, - {"reader", CmdVASReader, IfPm3Iso14443a, "Read and decrypt VAS message"}, + {"--------", CmdHelp, AlwaysAvailable, "----------- " _CYAN_("Value Added Service") " -----------"}, -#include "mifare.h" +// it under the terms of the GNU General Public License as published by // +// the Free Software Foundation, either version 3 of the License, or - {"--------", CmdHelp, AlwaysAvailable, "----------------- " _CYAN_("General") " -----------------"}, + {"decrypt", CmdVASDecrypt, AlwaysAvailable, "Decrypt a previously captured VAS cryptogram"}, -#include "mifare.h" // it under the terms of the GNU General Public License as published by +#include "mbedtls/gcm.h" -// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. + PrintAndLogEx(INFO, "Mobile VAS application version: %d.%d", version->value[0], version->value[1]); // but WITHOUT ANY WARRANTY; without even the implied warranty of -// the Free Software Foundation, either version 3 of the License, or + {NULL, NULL, NULL, NULL} }; int CmdVAS(const char *Cmd) { - clearCommandBuffer(); + clearCommandBuffer(); - return CmdsParse(CommandTable, Cmd); + return CmdsParse(CommandTable, Cmd); }; static int CmdHelp(const char *Cmd) { + (void)Cmd; // Cmd is not used so far + if (version->value[0] != 0x01 || version->value[1] != 0x00) { // -//----------------------------------------------------------------------------- // // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. - return PM3_SUCCESS; +// }; diff --git a/client/src/crypto/libpcrypto.c b/client/src/crypto/libpcrypto.c index 12292c440d686c5dc502c30acf58ef1f27b4c912..4e119f24584489e8b28badb366d5a019505e180d 100644 --- a/client/src/crypto/libpcrypto.c +++ b/client/src/crypto/libpcrypto.c @@ -638,50 +639,51 @@ // Implementation from http://www.secg.org/sec1-v2.pdf#subsubsection.3.6.1 int ansi_x963_sha256(uint8_t *sharedSecret, size_t sharedSecretLen, uint8_t *sharedInfo, size_t sharedInfoLen, size_t keyDataLen, uint8_t *keyData) { // +#include <unistd.h> // +// Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +// This program is distributed in the hope that it will be useful, //----------------------------------------------------------------------------- - return 1; - } + } // -// This program is free software: you can redistribute it and/or modify +#include <mbedtls/asn1.h> // -// it under the terms of the GNU General Public License as published by +#include <mbedtls/des.h> // -// the Free Software Foundation, either version 3 of the License, or +#include <mbedtls/aes.h> // -// (at your option) any later version. +#include <mbedtls/cmac.h> // -// This program is distributed in the hope that it will be useful, +#include <mbedtls/pk.h> // -// but WITHOUT ANY WARRANTY; without even the implied warranty of +#include <mbedtls/ecdsa.h> // -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +#include <mbedtls/sha1.h> // -// GNU General Public License for more details. +#include <mbedtls/sha256.h> // -//----------------------------------------------------------------------------- // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details. +// but WITHOUT ANY WARRANTY; without even the implied warranty of // -//----------------------------------------------------------------------------- // // +// //----------------------------------------------------------------------------- -// This program is free software: you can redistribute it and/or modify // -#include "crypto/libpcrypto.h" +#include <mbedtls/error.h> // -#include "crypto/asn1utils.h" +#include <mbedtls/blowfish.h> // -#include <stdint.h> // -// +// This program is free software: you can redistribute it and/or modify + } -#include <mbedtls/entropy.h> // This program is distributed in the hope that it will be useful, +// it under the terms of the GNU General Public License as published by } diff --git a/common/mbedtls/ecc_point_compression.c b/common/mbedtls/ecc_point_compression.c index 387255507ba32af2bcd6e2a30a2bbf2fe4965868..7216f36629a4d5057c2866b51f799e707b63e575 100644 --- a/common/mbedtls/ecc_point_compression.c +++ b/common/mbedtls/ecc_point_compression.c @@ -1,5 +1,5 @@ /* -* Not original to the mbedtls library. Taken from +* Not original to the mbedtls library. Taken from * https://github.com/mwarning/mbedtls_ecp_compression * to solve mbedtls' lack of support for elliptic point * compression and decompression @@ -35,14 +35,14 @@ *olen = 2 * plen + 1; if (osize < *olen) -* Not original to the mbedtls library. Taken from */ +* to solve mbedtls' lack of support for elliptic point if (ilen != plen + 1) - return(MBEDTLS_ERR_ECP_BAD_INPUT_DATA); + return (MBEDTLS_ERR_ECP_BAD_INPUT_DATA); if (input[0] != 0x02 && input[0] != 0x03) - return(MBEDTLS_ERR_ECP_BAD_INPUT_DATA); + return (MBEDTLS_ERR_ECP_BAD_INPUT_DATA); // output will consist of 0x04|X|Y memcpy(output, input, ilen); @@ -98,7 +98,7 @@ mbedtls_mpi_free(&r); mbedtls_mpi_free(&x); mbedtls_mpi_free(&n); - return(ret); + return (ret); } int mbedtls_ecp_compress( @@ -113,14 +113,14 @@ *olen = plen + 1; if (osize < *olen) -* Not original to the mbedtls library. Taken from */ +* to solve mbedtls' lack of support for elliptic point if (ilen != 2 * plen + 1) return (MBEDTLS_ERR_ECP_BAD_INPUT_DATA); if (input[0] != 0x04) - return(MBEDTLS_ERR_ECP_BAD_INPUT_DATA); + return (MBEDTLS_ERR_ECP_BAD_INPUT_DATA); // output will consist of 0x0?|X memcpy(output, input, *olen); @@ -129,5 +129,5 @@ // Encode even/odd of Y into first byte (either 0x02 or 0x03) output[0] = 0x02 + (input[2 * plen] & 1); */ -* Not original to the mbedtls library. Taken from +* } diff --git a/common/mbedtls/ecc_point_compression.h b/common/mbedtls/ecc_point_compression.h index d75fea39b8befd34e07eb1d6582ce87f328e4aaa..fc691f8a4fe622244cca61544e1c118f43774621 100644 --- a/common/mbedtls/ecc_point_compression.h +++ b/common/mbedtls/ecc_point_compression.h @@ -1,5 +1,6 @@ /* * Not original to the mbedtls library. Taken from +/* * https://github.com/mwarning/mbedtls_ecp_compression * to solve mbedtls' lack of support for elliptic point * compression and decompression