diff --git a/applications/main/nfc/helpers/protocol_support/st25tb/mykey.c b/applications/main/nfc/helpers/protocol_support/st25tb/mykey.c new file mode 100644 index 000000000..5b75e10f2 --- /dev/null +++ b/applications/main/nfc/helpers/protocol_support/st25tb/mykey.c @@ -0,0 +1,48 @@ +#include "mykey.h" + +uint32_t encode_decode_block(uint32_t input) { + /* + * Swap all values using XOR + * 32 bit: 1111222233334444 + */ + input ^= (input & 0x00C00000) << 6 | (input & 0x0000C000) << 12 | (input & 0x000000C0) << 18 | + (input & 0x000C0000) >> 6 | (input & 0x00030000) >> 12 | (input & 0x00000300) >> 6; + input ^= (input & 0x30000000) >> 6 | (input & 0x0C000000) >> 12 | (input & 0x03000000) >> 18 | + (input & 0x00003000) << 6 | (input & 0x00000030) << 12 | (input & 0x0000000C) << 6; + input ^= (input & 0x00C00000) << 6 | (input & 0x0000C000) << 12 | (input & 0x000000C0) << 18 | + (input & 0x000C0000) >> 6 | (input & 0x00030000) >> 12 | (input & 0x00000300) >> 6; + return input; +} + + + +void endian_swap_uint8_array(uint8_t *array, size_t size) { + size_t i; + uint8_t temp; + + for (i = 0; i < size / 2; i++) { + temp = array[i]; + array[i] = array[size - 1 - i]; + array[size - 1 - i] = temp; + } +} + +/* Bytewise LITTLE ENDIAN */ +uint32_t st25tb_get_block_value(uint32_t block) { + uint8_t byte0 = (block >> 24) & 0xFF; + uint8_t byte1 = (block >> 16) & 0xFF; + uint8_t byte2 = (block >> 8) & 0xFF; + uint8_t byte3 = block & 0xFF; + + return (byte3 << 24) | (byte2 << 16) | (byte1 << 8) | byte0; +} + +//Ottengo il blocco effetto un bytewise e lo decodo +uint32_t get_block(uint32_t block) { + return encode_decode_block(st25tb_get_block_value(block)); +} + +//decode for credit +uint32_t get_xored_block(uint32_t block, uint32_t key) { + return encode_decode_block(st25tb_get_block_value(block) ^ key); +} \ No newline at end of file diff --git a/applications/main/nfc/helpers/protocol_support/st25tb/mykey.h b/applications/main/nfc/helpers/protocol_support/st25tb/mykey.h new file mode 100644 index 000000000..70d3d4403 --- /dev/null +++ b/applications/main/nfc/helpers/protocol_support/st25tb/mykey.h @@ -0,0 +1,31 @@ +#pragma once +#include + +enum { + MYKEY_BLOCK_KEY_ID = 0x07, + MYKEY_BLOCK_PRODUCTION_DATE = 0x08, + MYKEY_BLOCK_VENDOR_ID_1 = 0x18, + MYKEY_BLOCK_VENDOR_ID_2 = 0x19, + MYKEY_BLOCK_CURRENT_CREDIT = 0x21, + MYKEY_BLOCK_PREVIOUS_CREDIT = 0x23, + MYKEY_DEFAULT_VENDOR_ID = 0xFEDC0123, + MYKEY_DEFAULT_VENDOR_ID_1 = 0xFEDC, + MYKEY_DEFAULT_VENDOR_ID_2 = 0x0123, +}; + +typedef enum { + LockIdStatusNone, + LockIdStatusActive, +} LockIdStatus; + +#define get_uid(uid) ((uid)[7] | ((uid)[6] << 8) | ((uid)[5] << 16) | ((uid)[4] << 24)) +#define new_get_count_down_counter(b6) (~(b6 << 24 | (b6 & 0x0000FF00) << 8 | (b6 & 0x00FF0000) >> 8 | b6 >> 24)) +#define get_vendor(b1, b2) (get_block(b1) << 16 | (get_block(b2) & 0x0000FFFF)) +#define get_master_key(uid, vendor_id) ((uid) * ((vendor_id) + 1)) +#define get_is_bound(vendor_id) ((vendor_id) != MYKEY_DEFAULT_VENDOR_ID) +#define get_encryption_key(master_key, count_down_counter)((master_key) * ((count_down_counter) + 1)) + +uint32_t encode_decode_block(uint32_t input); +uint32_t st25tb_get_block_value(uint32_t block); +uint32_t get_block(uint32_t block); +uint32_t get_xored_block(uint32_t block, uint32_t key); \ No newline at end of file diff --git a/applications/main/nfc/helpers/protocol_support/st25tb/st25tb_render.c b/applications/main/nfc/helpers/protocol_support/st25tb/st25tb_render.c index e3a0f3c50..7d6fa9eda 100644 --- a/applications/main/nfc/helpers/protocol_support/st25tb/st25tb_render.c +++ b/applications/main/nfc/helpers/protocol_support/st25tb/st25tb_render.c @@ -1,22 +1,40 @@ #include "st25tb_render.h" #include +#include "mykey.h" void nfc_render_st25tb_info( const St25tbData* data, NfcProtocolFormatType format_type, FuriString* str) { - furi_string_cat_printf(str, "UID"); - - for(size_t i = 0; i < ST25TB_UID_SIZE; i++) { + furi_string_cat_printf(str, "UID:"); + for(size_t i = 0; i < 8; i++) { furi_string_cat_printf(str, " %02X", data->uid[i]); } + uint32_t _uid = get_uid(data->uid); + uint32_t _count_down_counter_new = new_get_count_down_counter(st25tb_get_block_value(data->blocks[6])); + uint32_t _vendor_id = get_vendor(data->blocks[MYKEY_BLOCK_VENDOR_ID_1], data->blocks[MYKEY_BLOCK_VENDOR_ID_2]); + uint32_t _master_key = get_master_key(_uid, _vendor_id); + uint32_t _encryption_key = get_encryption_key(_master_key, _count_down_counter_new); + uint16_t credit = get_xored_block(data->blocks[MYKEY_BLOCK_CURRENT_CREDIT], _encryption_key); + uint16_t _previous_credit = get_block(data->blocks[MYKEY_BLOCK_PREVIOUS_CREDIT]); + bool _is_bound = get_is_bound(_vendor_id); + furi_string_cat_printf(str, "\nCurrent Credit: %d.%02d E", credit / 100, credit % 100); + furi_string_cat_printf(str, "\nPrevius Credit: %d.%02d E", _previous_credit / 100, _previous_credit % 100); + furi_string_cat_printf(str, "\nIs Bound: %s \n", _is_bound ? "Yes" : "No"); + if(format_type == NfcProtocolFormatTypeFull) { - furi_string_cat_printf(str, "\nSys. OTP: %08lX", data->system_otp_block); + //info data + furi_string_cat_printf(str, "UID: %08lX\n", _uid); + furi_string_cat_printf(str, "ID: %08lX\n", st25tb_get_block_value(data->blocks[7])); + furi_string_cat_printf(str, "\nCounter New: %08lX", _count_down_counter_new); + furi_string_cat_printf(str, "\nVendor ID: %08lX", _vendor_id); + furi_string_cat_printf(str, "\nMaster Key: %08lX", _master_key); + furi_string_cat_printf(str, "\nEncryption Key: %08lX", _encryption_key); furi_string_cat_printf(str, "\nBlocks:"); for(size_t i = 0; i < st25tb_get_block_count(data->type); i += 2) { furi_string_cat_printf( - str, "\n %02X %08lX %08lX", i, data->blocks[i], data->blocks[i + 1]); + str, "\n %02X %08lX %08lX", i, st25tb_get_block_value(data->blocks[i]), st25tb_get_block_value(data->blocks[i + 1])); } } }