mirror of
https://github.com/Next-Flip/Momentum-Firmware.git
synced 2026-05-13 12:08:35 -07:00
Clean up duplicated picopass command definitions.
This commit is contained in:
Tiernan Messmer
22
applications/external/picopass/picopass_device.c
vendored
22
applications/external/picopass/picopass_device.c
vendored
@@ -67,13 +67,14 @@ static bool picopass_device_save_file(
|
|||||||
if(!flipper_format_write_uint32(file, "Facility Code", &fc, 1)) break;
|
if(!flipper_format_write_uint32(file, "Facility Code", &fc, 1)) break;
|
||||||
if(!flipper_format_write_uint32(file, "Card Number", &cn, 1)) break;
|
if(!flipper_format_write_uint32(file, "Card Number", &cn, 1)) break;
|
||||||
if(!flipper_format_write_hex(
|
if(!flipper_format_write_hex(
|
||||||
file, "Credential", pacs->credential, PICOPASS_BLOCK_LEN))
|
file, "Credential", pacs->credential, RFAL_PICOPASS_BLOCK_LEN))
|
||||||
break;
|
break;
|
||||||
if(pacs->pin_length > 0) {
|
if(pacs->pin_length > 0) {
|
||||||
if(!flipper_format_write_hex(file, "PIN\t\t", pacs->pin0, PICOPASS_BLOCK_LEN))
|
if(!flipper_format_write_hex(
|
||||||
|
file, "PIN\t\t", pacs->pin0, RFAL_PICOPASS_BLOCK_LEN))
|
||||||
break;
|
break;
|
||||||
if(!flipper_format_write_hex(
|
if(!flipper_format_write_hex(
|
||||||
file, "PIN(cont.)\t", pacs->pin1, PICOPASS_BLOCK_LEN))
|
file, "PIN(cont.)\t", pacs->pin1, RFAL_PICOPASS_BLOCK_LEN))
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -86,7 +87,10 @@ static bool picopass_device_save_file(
|
|||||||
for(size_t i = 0; i < app_limit; i++) {
|
for(size_t i = 0; i < app_limit; i++) {
|
||||||
furi_string_printf(temp_str, "Block %d", i);
|
furi_string_printf(temp_str, "Block %d", i);
|
||||||
if(!flipper_format_write_hex(
|
if(!flipper_format_write_hex(
|
||||||
file, furi_string_get_cstr(temp_str), AA1[i].data, PICOPASS_BLOCK_LEN)) {
|
file,
|
||||||
|
furi_string_get_cstr(temp_str),
|
||||||
|
AA1[i].data,
|
||||||
|
RFAL_PICOPASS_BLOCK_LEN)) {
|
||||||
block_saved = false;
|
block_saved = false;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@@ -160,7 +164,7 @@ static bool picopass_device_load_data(PicopassDevice* dev, FuriString* path, boo
|
|||||||
for(size_t i = 0; i < 6; i++) {
|
for(size_t i = 0; i < 6; i++) {
|
||||||
furi_string_printf(temp_str, "Block %d", i);
|
furi_string_printf(temp_str, "Block %d", i);
|
||||||
if(!flipper_format_read_hex(
|
if(!flipper_format_read_hex(
|
||||||
file, furi_string_get_cstr(temp_str), AA1[i].data, PICOPASS_BLOCK_LEN)) {
|
file, furi_string_get_cstr(temp_str), AA1[i].data, RFAL_PICOPASS_BLOCK_LEN)) {
|
||||||
block_read = false;
|
block_read = false;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@@ -172,7 +176,7 @@ static bool picopass_device_load_data(PicopassDevice* dev, FuriString* path, boo
|
|||||||
for(size_t i = 6; i < app_limit; i++) {
|
for(size_t i = 6; i < app_limit; i++) {
|
||||||
furi_string_printf(temp_str, "Block %d", i);
|
furi_string_printf(temp_str, "Block %d", i);
|
||||||
if(!flipper_format_read_hex(
|
if(!flipper_format_read_hex(
|
||||||
file, furi_string_get_cstr(temp_str), AA1[i].data, PICOPASS_BLOCK_LEN)) {
|
file, furi_string_get_cstr(temp_str), AA1[i].data, RFAL_PICOPASS_BLOCK_LEN)) {
|
||||||
block_read = false;
|
block_read = false;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@@ -335,9 +339,9 @@ ReturnCode picopass_device_parse_credential(PicopassBlock* AA1, PicopassPacs* pa
|
|||||||
}
|
}
|
||||||
} else if(pacs->encryption == PicopassDeviceEncryptionNone) {
|
} else if(pacs->encryption == PicopassDeviceEncryptionNone) {
|
||||||
FURI_LOG_D(TAG, "No Encryption");
|
FURI_LOG_D(TAG, "No Encryption");
|
||||||
memcpy(pacs->credential, AA1[7].data, PICOPASS_BLOCK_LEN);
|
memcpy(pacs->credential, AA1[7].data, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
memcpy(pacs->pin0, AA1[8].data, PICOPASS_BLOCK_LEN);
|
memcpy(pacs->pin0, AA1[8].data, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
memcpy(pacs->pin1, AA1[9].data, PICOPASS_BLOCK_LEN);
|
memcpy(pacs->pin1, AA1[9].data, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
} else if(pacs->encryption == PicopassDeviceEncryptionDES) {
|
} else if(pacs->encryption == PicopassDeviceEncryptionDES) {
|
||||||
FURI_LOG_D(TAG, "DES Encrypted");
|
FURI_LOG_D(TAG, "DES Encrypted");
|
||||||
} else {
|
} else {
|
||||||
|
|||||||
49
applications/external/picopass/picopass_device.h
vendored
49
applications/external/picopass/picopass_device.h
vendored
@@ -14,16 +14,19 @@
|
|||||||
|
|
||||||
#define PICOPASS_DEV_NAME_MAX_LEN 22
|
#define PICOPASS_DEV_NAME_MAX_LEN 22
|
||||||
#define PICOPASS_READER_DATA_MAX_SIZE 64
|
#define PICOPASS_READER_DATA_MAX_SIZE 64
|
||||||
#define PICOPASS_BLOCK_LEN 8
|
|
||||||
#define PICOPASS_MAX_APP_LIMIT 32
|
#define PICOPASS_MAX_APP_LIMIT 32
|
||||||
|
|
||||||
#define PICOPASS_CSN_BLOCK_INDEX 0
|
#define PICOPASS_CSN_BLOCK_INDEX 0
|
||||||
#define PICOPASS_CONFIG_BLOCK_INDEX 1
|
#define PICOPASS_CONFIG_BLOCK_INDEX 1
|
||||||
#define PICOPASS_EPURSE_BLOCK_INDEX 2
|
// These definitions for blocks above 2 only hold for secure cards.
|
||||||
#define PICOPASS_KD_BLOCK_INDEX 3
|
#define PICOPASS_SECURE_EPURSE_BLOCK_INDEX 2
|
||||||
#define PICOPASS_KC_BLOCK_INDEX 4
|
#define PICOPASS_SECURE_KD_BLOCK_INDEX 3
|
||||||
#define PICOPASS_AIA_BLOCK_INDEX 5
|
#define PICOPASS_SECURE_KC_BLOCK_INDEX 4
|
||||||
#define PICOPASS_PACS_CFG_BLOCK_INDEX 6
|
#define PICOPASS_SECURE_AIA_BLOCK_INDEX 5
|
||||||
|
// Non-secure cards instead have an AIA at block 2
|
||||||
|
#define PICOPASS_NONSECURE_AIA_BLOCK_INDEX 2
|
||||||
|
// Only iClass cards
|
||||||
|
#define PICOPASS_ICLASS_PACS_CFG_BLOCK_INDEX 6
|
||||||
|
|
||||||
// Personalization Mode
|
// Personalization Mode
|
||||||
#define PICOPASS_FUSE_PERS 0x80
|
#define PICOPASS_FUSE_PERS 0x80
|
||||||
@@ -35,38 +38,6 @@
|
|||||||
// Read Access, 1 meanns anonymous read enabled, 0 means must auth to read applicaion
|
// Read Access, 1 meanns anonymous read enabled, 0 means must auth to read applicaion
|
||||||
#define PICOPASS_FUSE_RA 0x01
|
#define PICOPASS_FUSE_RA 0x01
|
||||||
|
|
||||||
// PicoPass command bytes:
|
|
||||||
// Low nibble used for command
|
|
||||||
// High nibble used for options and checksum (MSB)
|
|
||||||
// The only option we care about in 15693 mode is the key
|
|
||||||
// which is only used by READCHECK, so for simplicity we
|
|
||||||
// don't bother breaking down the command and flags into parts
|
|
||||||
// READ: ADDRESS(1) CRC16(2) -> DATA(8) CRC16(2)
|
|
||||||
// IDENTIFY: No args -> ASNB(8) CRC16(2)
|
|
||||||
#define PICOPASS_CMD_READ_OR_IDENTIFY 0x0C
|
|
||||||
// ADDRESS(1) CRC16(2) -> DATA(32) CRC16(2)
|
|
||||||
#define PICOPASS_CMD_READ4 0x06
|
|
||||||
// ADDRESS(1) DATA(8) SIGN(4)|CRC16(2) -> DATA(8) CRC16(2)
|
|
||||||
#define PICOPASS_CMD_UPDATE 0x87
|
|
||||||
// ADDRESS(1) -> DATA(8)
|
|
||||||
#define PICOPASS_CMD_READCHECK_KD 0x88
|
|
||||||
// ADDRESS(1) -> DATA(8)
|
|
||||||
#define PICOPASS_CMD_READCHECK_KC 0x18
|
|
||||||
// CHALLENGE(4) READERSIGNATURE(4) -> CHIPRESPONSE(4)
|
|
||||||
#define PICOPASS_CMD_CHECK 0x05
|
|
||||||
// No args -> SOF
|
|
||||||
#define PICOPASS_CMD_ACTALL 0x0A
|
|
||||||
// No args -> SOF
|
|
||||||
#define PICOPASS_CMD_ACT 0x8E
|
|
||||||
// ASNB(8)|SERIALNB(8) -> SERIALNB(8) CRC16(2)
|
|
||||||
#define PICOPASS_CMD_SELECT 0x81
|
|
||||||
// No args -> SERIALNB(8) CRC16(2)
|
|
||||||
#define PICOPASS_CMD_DETECT 0x0F
|
|
||||||
// No args -> SOF
|
|
||||||
#define PICOPASS_CMD_HALT 0x00
|
|
||||||
// PAGE(1) CRC16(2) -> BLOCK1(8) CRC16(2)
|
|
||||||
#define PICOPASS_CMD_PAGESEL 0x84
|
|
||||||
|
|
||||||
#define PICOPASS_APP_FOLDER ANY_PATH("picopass")
|
#define PICOPASS_APP_FOLDER ANY_PATH("picopass")
|
||||||
#define PICOPASS_APP_EXTENSION ".picopass"
|
#define PICOPASS_APP_EXTENSION ".picopass"
|
||||||
#define PICOPASS_APP_SHADOW_EXTENSION ".pas"
|
#define PICOPASS_APP_SHADOW_EXTENSION ".pas"
|
||||||
@@ -122,7 +93,7 @@ typedef struct {
|
|||||||
} PicopassPacs;
|
} PicopassPacs;
|
||||||
|
|
||||||
typedef struct {
|
typedef struct {
|
||||||
uint8_t data[PICOPASS_BLOCK_LEN];
|
uint8_t data[RFAL_PICOPASS_BLOCK_LEN];
|
||||||
} PicopassBlock;
|
} PicopassBlock;
|
||||||
|
|
||||||
typedef struct {
|
typedef struct {
|
||||||
|
|||||||
12
applications/external/picopass/picopass_keys.h
vendored
12
applications/external/picopass/picopass_keys.h
vendored
@@ -2,9 +2,9 @@
|
|||||||
|
|
||||||
#include "picopass_device.h"
|
#include "picopass_device.h"
|
||||||
|
|
||||||
extern const uint8_t picopass_iclass_key[PICOPASS_BLOCK_LEN];
|
extern const uint8_t picopass_iclass_key[RFAL_PICOPASS_BLOCK_LEN];
|
||||||
extern const uint8_t picopass_factory_credit_key[PICOPASS_BLOCK_LEN];
|
extern const uint8_t picopass_factory_credit_key[RFAL_PICOPASS_BLOCK_LEN];
|
||||||
extern const uint8_t picopass_factory_debit_key[PICOPASS_BLOCK_LEN];
|
extern const uint8_t picopass_factory_debit_key[RFAL_PICOPASS_BLOCK_LEN];
|
||||||
extern const uint8_t picopass_xice_key[PICOPASS_BLOCK_LEN];
|
extern const uint8_t picopass_xice_key[RFAL_PICOPASS_BLOCK_LEN];
|
||||||
extern const uint8_t picopass_xicl_key[PICOPASS_BLOCK_LEN];
|
extern const uint8_t picopass_xicl_key[RFAL_PICOPASS_BLOCK_LEN];
|
||||||
extern const uint8_t picopass_xics_key[PICOPASS_BLOCK_LEN];
|
extern const uint8_t picopass_xics_key[RFAL_PICOPASS_BLOCK_LEN];
|
||||||
|
|||||||
193
applications/external/picopass/picopass_worker.c
vendored
193
applications/external/picopass/picopass_worker.c
vendored
@@ -8,7 +8,7 @@
|
|||||||
#define HAS_MASK(x, b) ((x & b) == b)
|
#define HAS_MASK(x, b) ((x & b) == b)
|
||||||
|
|
||||||
// CSNs from Proxmark3 repo
|
// CSNs from Proxmark3 repo
|
||||||
static const uint8_t loclass_csns[LOCLASS_NUM_CSNS][PICOPASS_BLOCK_LEN] = {
|
static const uint8_t loclass_csns[LOCLASS_NUM_CSNS][RFAL_PICOPASS_BLOCK_LEN] = {
|
||||||
{0x01, 0x0A, 0x0F, 0xFF, 0xF7, 0xFF, 0x12, 0xE0},
|
{0x01, 0x0A, 0x0F, 0xFF, 0xF7, 0xFF, 0x12, 0xE0},
|
||||||
{0x0C, 0x06, 0x0C, 0xFE, 0xF7, 0xFF, 0x12, 0xE0},
|
{0x0C, 0x06, 0x0C, 0xFE, 0xF7, 0xFF, 0x12, 0xE0},
|
||||||
{0x10, 0x97, 0x83, 0x7B, 0xF7, 0xFF, 0x12, 0xE0},
|
{0x10, 0x97, 0x83, 0x7B, 0xF7, 0xFF, 0x12, 0xE0},
|
||||||
@@ -184,19 +184,19 @@ ReturnCode picopass_read_preauth(PicopassBlock* AA1) {
|
|||||||
AA1[PICOPASS_CONFIG_BLOCK_INDEX].data[7]);
|
AA1[PICOPASS_CONFIG_BLOCK_INDEX].data[7]);
|
||||||
|
|
||||||
rfalPicoPassReadBlockRes aia;
|
rfalPicoPassReadBlockRes aia;
|
||||||
rfalPicoPassPollerReadBlock(PICOPASS_AIA_BLOCK_INDEX, &aia);
|
rfalPicoPassPollerReadBlock(PICOPASS_SECURE_AIA_BLOCK_INDEX, &aia);
|
||||||
memcpy(AA1[PICOPASS_AIA_BLOCK_INDEX].data, aia.data, sizeof(aia.data));
|
memcpy(AA1[PICOPASS_SECURE_AIA_BLOCK_INDEX].data, aia.data, sizeof(aia.data));
|
||||||
FURI_LOG_D(
|
FURI_LOG_D(
|
||||||
TAG,
|
TAG,
|
||||||
"aia %02x%02x%02x%02x%02x%02x%02x%02x",
|
"aia %02x%02x%02x%02x%02x%02x%02x%02x",
|
||||||
AA1[PICOPASS_AIA_BLOCK_INDEX].data[0],
|
AA1[PICOPASS_SECURE_AIA_BLOCK_INDEX].data[0],
|
||||||
AA1[PICOPASS_AIA_BLOCK_INDEX].data[1],
|
AA1[PICOPASS_SECURE_AIA_BLOCK_INDEX].data[1],
|
||||||
AA1[PICOPASS_AIA_BLOCK_INDEX].data[2],
|
AA1[PICOPASS_SECURE_AIA_BLOCK_INDEX].data[2],
|
||||||
AA1[PICOPASS_AIA_BLOCK_INDEX].data[3],
|
AA1[PICOPASS_SECURE_AIA_BLOCK_INDEX].data[3],
|
||||||
AA1[PICOPASS_AIA_BLOCK_INDEX].data[4],
|
AA1[PICOPASS_SECURE_AIA_BLOCK_INDEX].data[4],
|
||||||
AA1[PICOPASS_AIA_BLOCK_INDEX].data[5],
|
AA1[PICOPASS_SECURE_AIA_BLOCK_INDEX].data[5],
|
||||||
AA1[PICOPASS_AIA_BLOCK_INDEX].data[6],
|
AA1[PICOPASS_SECURE_AIA_BLOCK_INDEX].data[6],
|
||||||
AA1[PICOPASS_AIA_BLOCK_INDEX].data[7]);
|
AA1[PICOPASS_SECURE_AIA_BLOCK_INDEX].data[7]);
|
||||||
|
|
||||||
return ERR_NONE;
|
return ERR_NONE;
|
||||||
}
|
}
|
||||||
@@ -212,7 +212,7 @@ static ReturnCode
|
|||||||
PicopassPacs* pacs = &dev_data->pacs;
|
PicopassPacs* pacs = &dev_data->pacs;
|
||||||
|
|
||||||
uint8_t* csn = AA1[PICOPASS_CSN_BLOCK_INDEX].data;
|
uint8_t* csn = AA1[PICOPASS_CSN_BLOCK_INDEX].data;
|
||||||
uint8_t* div_key = AA1[PICOPASS_KD_BLOCK_INDEX].data;
|
uint8_t* div_key = AA1[PICOPASS_SECURE_KD_BLOCK_INDEX].data;
|
||||||
|
|
||||||
ReturnCode err = ERR_PARAM;
|
ReturnCode err = ERR_PARAM;
|
||||||
|
|
||||||
@@ -220,7 +220,7 @@ static ReturnCode
|
|||||||
uint8_t ccnr[12] = {0};
|
uint8_t ccnr[12] = {0};
|
||||||
|
|
||||||
size_t index = 0;
|
size_t index = 0;
|
||||||
uint8_t key[PICOPASS_BLOCK_LEN] = {0};
|
uint8_t key[RFAL_PICOPASS_BLOCK_LEN] = {0};
|
||||||
|
|
||||||
if(!iclass_elite_dict_check_presence(dict_type)) {
|
if(!iclass_elite_dict_check_presence(dict_type)) {
|
||||||
FURI_LOG_E(TAG, "Dictionary not found");
|
FURI_LOG_E(TAG, "Dictionary not found");
|
||||||
@@ -261,7 +261,7 @@ static ReturnCode
|
|||||||
|
|
||||||
err = rfalPicoPassPollerCheck(mac, &chkRes);
|
err = rfalPicoPassPollerCheck(mac, &chkRes);
|
||||||
if(err == ERR_NONE) {
|
if(err == ERR_NONE) {
|
||||||
memcpy(pacs->key, key, PICOPASS_BLOCK_LEN);
|
memcpy(pacs->key, key, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -305,7 +305,7 @@ ReturnCode picopass_read_card(PicopassBlock* AA1) {
|
|||||||
PICOPASS_MAX_APP_LIMIT;
|
PICOPASS_MAX_APP_LIMIT;
|
||||||
|
|
||||||
for(size_t i = 2; i < app_limit; i++) {
|
for(size_t i = 2; i < app_limit; i++) {
|
||||||
if(i == PICOPASS_KD_BLOCK_INDEX) {
|
if(i == PICOPASS_SECURE_KD_BLOCK_INDEX) {
|
||||||
// Skip over Kd block which is populated earlier (READ of Kd returns all FF's)
|
// Skip over Kd block which is populated earlier (READ of Kd returns all FF's)
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
@@ -380,7 +380,7 @@ ReturnCode picopass_write_card(PicopassBlock* AA1) {
|
|||||||
FURI_LOG_D(TAG, "rfalPicoPassPollerWriteBlock %d", i);
|
FURI_LOG_D(TAG, "rfalPicoPassPollerWriteBlock %d", i);
|
||||||
uint8_t data[9] = {0};
|
uint8_t data[9] = {0};
|
||||||
data[0] = i;
|
data[0] = i;
|
||||||
memcpy(data + 1, AA1[i].data, RFAL_PICOPASS_MAX_BLOCK_LEN);
|
memcpy(data + 1, AA1[i].data, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
loclass_doMAC_N(data, sizeof(data), div_key, mac);
|
loclass_doMAC_N(data, sizeof(data), div_key, mac);
|
||||||
FURI_LOG_D(
|
FURI_LOG_D(
|
||||||
TAG,
|
TAG,
|
||||||
@@ -439,12 +439,12 @@ ReturnCode picopass_write_block(PicopassBlock* AA1, uint8_t blockNo, uint8_t* ne
|
|||||||
}
|
}
|
||||||
memcpy(ccnr, rcRes.CCNR, sizeof(rcRes.CCNR)); // last 4 bytes left 0
|
memcpy(ccnr, rcRes.CCNR, sizeof(rcRes.CCNR)); // last 4 bytes left 0
|
||||||
|
|
||||||
if(memcmp(selRes.CSN, AA1[PICOPASS_CSN_BLOCK_INDEX].data, PICOPASS_BLOCK_LEN) != 0) {
|
if(memcmp(selRes.CSN, AA1[PICOPASS_CSN_BLOCK_INDEX].data, RFAL_PICOPASS_BLOCK_LEN) != 0) {
|
||||||
FURI_LOG_E(TAG, "Wrong CSN for write");
|
FURI_LOG_E(TAG, "Wrong CSN for write");
|
||||||
return ERR_REQUEST;
|
return ERR_REQUEST;
|
||||||
}
|
}
|
||||||
|
|
||||||
loclass_opt_doReaderMAC(ccnr, AA1[PICOPASS_KD_BLOCK_INDEX].data, mac);
|
loclass_opt_doReaderMAC(ccnr, AA1[PICOPASS_SECURE_KD_BLOCK_INDEX].data, mac);
|
||||||
err = rfalPicoPassPollerCheck(mac, &chkRes);
|
err = rfalPicoPassPollerCheck(mac, &chkRes);
|
||||||
if(err != ERR_NONE) {
|
if(err != ERR_NONE) {
|
||||||
FURI_LOG_E(TAG, "rfalPicoPassPollerCheck error %d", err);
|
FURI_LOG_E(TAG, "rfalPicoPassPollerCheck error %d", err);
|
||||||
@@ -462,7 +462,7 @@ ReturnCode picopass_write_block(PicopassBlock* AA1, uint8_t blockNo, uint8_t* ne
|
|||||||
newBlock[5],
|
newBlock[5],
|
||||||
newBlock[6],
|
newBlock[6],
|
||||||
newBlock[7]};
|
newBlock[7]};
|
||||||
loclass_doMAC_N(data, sizeof(data), AA1[PICOPASS_KD_BLOCK_INDEX].data, mac);
|
loclass_doMAC_N(data, sizeof(data), AA1[PICOPASS_SECURE_KD_BLOCK_INDEX].data, mac);
|
||||||
FURI_LOG_D(
|
FURI_LOG_D(
|
||||||
TAG,
|
TAG,
|
||||||
"loclass_doMAC_N %d %02x%02x%02x%02x%02x%02x%02x%02x %02x%02x%02x%02x",
|
"loclass_doMAC_N %d %02x%02x%02x%02x%02x%02x%02x%02x %02x%02x%02x%02x",
|
||||||
@@ -515,7 +515,7 @@ void picopass_worker_elite_dict_attack(PicopassWorker* picopass_worker) {
|
|||||||
uint8_t ccnr[12] = {0};
|
uint8_t ccnr[12] = {0};
|
||||||
|
|
||||||
size_t index = 0;
|
size_t index = 0;
|
||||||
uint8_t key[PICOPASS_BLOCK_LEN] = {0};
|
uint8_t key[RFAL_PICOPASS_BLOCK_LEN] = {0};
|
||||||
|
|
||||||
// Load dictionary
|
// Load dictionary
|
||||||
IclassEliteDict* dict = dict_attack_data->dict;
|
IclassEliteDict* dict = dict_attack_data->dict;
|
||||||
@@ -572,7 +572,7 @@ void picopass_worker_elite_dict_attack(PicopassWorker* picopass_worker) {
|
|||||||
memcpy(ccnr, rcRes.CCNR, sizeof(rcRes.CCNR)); // last 4 bytes left 0
|
memcpy(ccnr, rcRes.CCNR, sizeof(rcRes.CCNR)); // last 4 bytes left 0
|
||||||
|
|
||||||
uint8_t* csn = AA1[PICOPASS_CSN_BLOCK_INDEX].data;
|
uint8_t* csn = AA1[PICOPASS_CSN_BLOCK_INDEX].data;
|
||||||
uint8_t* div_key = AA1[PICOPASS_KD_BLOCK_INDEX].data;
|
uint8_t* div_key = AA1[PICOPASS_SECURE_KD_BLOCK_INDEX].data;
|
||||||
|
|
||||||
loclass_iclass_calc_div_key(csn, key, div_key, elite);
|
loclass_iclass_calc_div_key(csn, key, div_key, elite);
|
||||||
loclass_opt_doReaderMAC(ccnr, div_key, mac);
|
loclass_opt_doReaderMAC(ccnr, div_key, mac);
|
||||||
@@ -580,7 +580,7 @@ void picopass_worker_elite_dict_attack(PicopassWorker* picopass_worker) {
|
|||||||
err = rfalPicoPassPollerCheck(mac, &chkRes);
|
err = rfalPicoPassPollerCheck(mac, &chkRes);
|
||||||
if(err == ERR_NONE) {
|
if(err == ERR_NONE) {
|
||||||
FURI_LOG_I(TAG, "Found key");
|
FURI_LOG_I(TAG, "Found key");
|
||||||
memcpy(pacs->key, key, PICOPASS_BLOCK_LEN);
|
memcpy(pacs->key, key, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
err = picopass_read_card(AA1);
|
err = picopass_read_card(AA1);
|
||||||
if(err != ERR_NONE) {
|
if(err != ERR_NONE) {
|
||||||
FURI_LOG_E(TAG, "picopass_read_card error %d", err);
|
FURI_LOG_E(TAG, "picopass_read_card error %d", err);
|
||||||
@@ -755,9 +755,9 @@ void picopass_worker_write_key(PicopassWorker* picopass_worker) {
|
|||||||
uint8_t* csn = AA1[PICOPASS_CSN_BLOCK_INDEX].data;
|
uint8_t* csn = AA1[PICOPASS_CSN_BLOCK_INDEX].data;
|
||||||
uint8_t* configBlock = AA1[PICOPASS_CONFIG_BLOCK_INDEX].data;
|
uint8_t* configBlock = AA1[PICOPASS_CONFIG_BLOCK_INDEX].data;
|
||||||
uint8_t fuses = configBlock[7];
|
uint8_t fuses = configBlock[7];
|
||||||
uint8_t* oldKey = AA1[PICOPASS_KD_BLOCK_INDEX].data;
|
uint8_t* oldKey = AA1[PICOPASS_SECURE_KD_BLOCK_INDEX].data;
|
||||||
|
|
||||||
uint8_t newKey[PICOPASS_BLOCK_LEN] = {0};
|
uint8_t newKey[RFAL_PICOPASS_BLOCK_LEN] = {0};
|
||||||
loclass_iclass_calc_div_key(csn, pacs->key, newKey, false);
|
loclass_iclass_calc_div_key(csn, pacs->key, newKey, false);
|
||||||
|
|
||||||
if((fuses & 0x80) == 0x80) {
|
if((fuses & 0x80) == 0x80) {
|
||||||
@@ -765,14 +765,14 @@ void picopass_worker_write_key(PicopassWorker* picopass_worker) {
|
|||||||
} else {
|
} else {
|
||||||
FURI_LOG_D(TAG, "XOR write for application mode key change");
|
FURI_LOG_D(TAG, "XOR write for application mode key change");
|
||||||
// XOR when in application mode
|
// XOR when in application mode
|
||||||
for(size_t i = 0; i < PICOPASS_BLOCK_LEN; i++) {
|
for(size_t i = 0; i < RFAL_PICOPASS_BLOCK_LEN; i++) {
|
||||||
newKey[i] ^= oldKey[i];
|
newKey[i] ^= oldKey[i];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
while(picopass_worker->state == PicopassWorkerStateWriteKey) {
|
while(picopass_worker->state == PicopassWorkerStateWriteKey) {
|
||||||
if(picopass_detect_card(1000) == ERR_NONE) {
|
if(picopass_detect_card(1000) == ERR_NONE) {
|
||||||
err = picopass_write_block(AA1, PICOPASS_KD_BLOCK_INDEX, newKey);
|
err = picopass_write_block(AA1, PICOPASS_SECURE_KD_BLOCK_INDEX, newKey);
|
||||||
if(err != ERR_NONE) {
|
if(err != ERR_NONE) {
|
||||||
FURI_LOG_E(TAG, "picopass_write_block error %d", err);
|
FURI_LOG_E(TAG, "picopass_write_block error %d", err);
|
||||||
nextState = PicopassWorkerEventFail;
|
nextState = PicopassWorkerEventFail;
|
||||||
@@ -808,7 +808,9 @@ static inline void picopass_emu_read_blocks(
|
|||||||
uint8_t block_num,
|
uint8_t block_num,
|
||||||
uint8_t block_count) {
|
uint8_t block_count) {
|
||||||
memcpy(
|
memcpy(
|
||||||
buf, nfcv_data->data + (block_num * PICOPASS_BLOCK_LEN), block_count * PICOPASS_BLOCK_LEN);
|
buf,
|
||||||
|
nfcv_data->data + (block_num * RFAL_PICOPASS_BLOCK_LEN),
|
||||||
|
block_count * RFAL_PICOPASS_BLOCK_LEN);
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline void picopass_emu_write_blocks(
|
static inline void picopass_emu_write_blocks(
|
||||||
@@ -817,14 +819,16 @@ static inline void picopass_emu_write_blocks(
|
|||||||
uint8_t block_num,
|
uint8_t block_num,
|
||||||
uint8_t block_count) {
|
uint8_t block_count) {
|
||||||
memcpy(
|
memcpy(
|
||||||
nfcv_data->data + (block_num * PICOPASS_BLOCK_LEN), buf, block_count * PICOPASS_BLOCK_LEN);
|
nfcv_data->data + (block_num * RFAL_PICOPASS_BLOCK_LEN),
|
||||||
|
buf,
|
||||||
|
block_count * RFAL_PICOPASS_BLOCK_LEN);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void picopass_init_cipher_state(NfcVData* nfcv_data, PicopassEmulatorCtx* ctx) {
|
static void picopass_init_cipher_state(NfcVData* nfcv_data, PicopassEmulatorCtx* ctx) {
|
||||||
uint8_t cc[PICOPASS_BLOCK_LEN];
|
uint8_t cc[RFAL_PICOPASS_BLOCK_LEN];
|
||||||
uint8_t key[PICOPASS_BLOCK_LEN];
|
uint8_t key[RFAL_PICOPASS_BLOCK_LEN];
|
||||||
|
|
||||||
picopass_emu_read_blocks(nfcv_data, cc, PICOPASS_EPURSE_BLOCK_INDEX, 1);
|
picopass_emu_read_blocks(nfcv_data, cc, PICOPASS_SECURE_EPURSE_BLOCK_INDEX, 1);
|
||||||
picopass_emu_read_blocks(nfcv_data, key, ctx->key_block_num, 1);
|
picopass_emu_read_blocks(nfcv_data, key, ctx->key_block_num, 1);
|
||||||
|
|
||||||
ctx->cipher_state = loclass_opt_doTagMAC_1(cc, key);
|
ctx->cipher_state = loclass_opt_doTagMAC_1(cc, key);
|
||||||
@@ -834,7 +838,7 @@ static void
|
|||||||
loclass_update_csn(FuriHalNfcDevData* nfc_data, NfcVData* nfcv_data, PicopassEmulatorCtx* ctx) {
|
loclass_update_csn(FuriHalNfcDevData* nfc_data, NfcVData* nfcv_data, PicopassEmulatorCtx* ctx) {
|
||||||
// collect two nonces in a row for each CSN
|
// collect two nonces in a row for each CSN
|
||||||
uint8_t csn_num = (ctx->key_block_num / 2) % LOCLASS_NUM_CSNS;
|
uint8_t csn_num = (ctx->key_block_num / 2) % LOCLASS_NUM_CSNS;
|
||||||
memcpy(nfc_data->uid, loclass_csns[csn_num], PICOPASS_BLOCK_LEN);
|
memcpy(nfc_data->uid, loclass_csns[csn_num], RFAL_PICOPASS_BLOCK_LEN);
|
||||||
picopass_emu_write_blocks(nfcv_data, loclass_csns[csn_num], PICOPASS_CSN_BLOCK_INDEX, 1);
|
picopass_emu_write_blocks(nfcv_data, loclass_csns[csn_num], PICOPASS_CSN_BLOCK_INDEX, 1);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -846,7 +850,7 @@ static void picopass_emu_handle_packet(
|
|||||||
PicopassEmulatorCtx* ctx = nfcv_data->emu_protocol_ctx;
|
PicopassEmulatorCtx* ctx = nfcv_data->emu_protocol_ctx;
|
||||||
uint8_t response[34];
|
uint8_t response[34];
|
||||||
uint8_t response_length = 0;
|
uint8_t response_length = 0;
|
||||||
uint8_t key_block_num = PICOPASS_KD_BLOCK_INDEX;
|
uint8_t key_block_num = PICOPASS_SECURE_KD_BLOCK_INDEX;
|
||||||
|
|
||||||
const uint8_t block_ff[8] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
|
const uint8_t block_ff[8] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
|
||||||
|
|
||||||
@@ -855,7 +859,7 @@ static void picopass_emu_handle_packet(
|
|||||||
}
|
}
|
||||||
|
|
||||||
switch(nfcv_data->frame[0]) {
|
switch(nfcv_data->frame[0]) {
|
||||||
case PICOPASS_CMD_ACTALL: // No args
|
case RFAL_PICOPASS_CMD_ACTALL: // No args
|
||||||
if(nfcv_data->frame_length != 1) {
|
if(nfcv_data->frame_length != 1) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@@ -866,14 +870,14 @@ static void picopass_emu_handle_packet(
|
|||||||
|
|
||||||
// Send SOF only
|
// Send SOF only
|
||||||
break;
|
break;
|
||||||
case PICOPASS_CMD_ACT: // No args
|
case RFAL_PICOPASS_CMD_ACT: // No args
|
||||||
if(nfcv_data->frame_length != 1 || ctx->state != PicopassEmulatorStateActive) {
|
if(nfcv_data->frame_length != 1 || ctx->state != PicopassEmulatorStateActive) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Send SOF only
|
// Send SOF only
|
||||||
break;
|
break;
|
||||||
case PICOPASS_CMD_HALT: // No args
|
case RFAL_PICOPASS_CMD_HALT: // No args
|
||||||
if(nfcv_data->frame_length != 1 || ctx->state != PicopassEmulatorStateSelected) {
|
if(nfcv_data->frame_length != 1 || ctx->state != PicopassEmulatorStateSelected) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@@ -883,13 +887,13 @@ static void picopass_emu_handle_packet(
|
|||||||
|
|
||||||
// Send SOF only
|
// Send SOF only
|
||||||
break;
|
break;
|
||||||
case PICOPASS_CMD_READ_OR_IDENTIFY:
|
case RFAL_PICOPASS_CMD_READ_OR_IDENTIFY:
|
||||||
if(nfcv_data->frame_length == 1 &&
|
if(nfcv_data->frame_length == 1 &&
|
||||||
ctx->state == PicopassEmulatorStateActive) { // PICOPASS_CMD_IDENTIFY
|
ctx->state == PicopassEmulatorStateActive) { // PICOPASS_CMD_IDENTIFY
|
||||||
// ASNB(8) CRC16(2)
|
// ASNB(8) CRC16(2)
|
||||||
picopass_anticoll_csn(response, nfc_data->uid);
|
picopass_anticoll_csn(response, nfc_data->uid);
|
||||||
picopass_append_crc(response, PICOPASS_BLOCK_LEN);
|
picopass_append_crc(response, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
response_length = PICOPASS_BLOCK_LEN + 2;
|
response_length = RFAL_PICOPASS_BLOCK_LEN + 2;
|
||||||
break;
|
break;
|
||||||
} else if(
|
} else if(
|
||||||
nfcv_data->frame_length == 4 &&
|
nfcv_data->frame_length == 4 &&
|
||||||
@@ -902,20 +906,20 @@ static void picopass_emu_handle_packet(
|
|||||||
// TODO: Check auth?
|
// TODO: Check auth?
|
||||||
|
|
||||||
// DATA(8) CRC16(2)
|
// DATA(8) CRC16(2)
|
||||||
if(nfcv_data->frame[1] == PICOPASS_KD_BLOCK_INDEX ||
|
if(nfcv_data->frame[1] == PICOPASS_SECURE_KD_BLOCK_INDEX ||
|
||||||
nfcv_data->frame[1] == PICOPASS_KC_BLOCK_INDEX) {
|
nfcv_data->frame[1] == PICOPASS_SECURE_KC_BLOCK_INDEX) {
|
||||||
// Reading Kd or Kc blocks always returns FF's
|
// Reading Kd or Kc blocks always returns FF's
|
||||||
memcpy(response, block_ff, PICOPASS_BLOCK_LEN);
|
memcpy(response, block_ff, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
} else {
|
} else {
|
||||||
picopass_emu_read_blocks(nfcv_data, response, nfcv_data->frame[1], 1);
|
picopass_emu_read_blocks(nfcv_data, response, nfcv_data->frame[1], 1);
|
||||||
}
|
}
|
||||||
picopass_append_crc(response, PICOPASS_BLOCK_LEN);
|
picopass_append_crc(response, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
response_length = PICOPASS_BLOCK_LEN + 2;
|
response_length = RFAL_PICOPASS_BLOCK_LEN + 2;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
return;
|
return;
|
||||||
case PICOPASS_CMD_READ4: // ADDRESS(1) CRC16(2)
|
case RFAL_PICOPASS_CMD_READ4: // ADDRESS(1) CRC16(2)
|
||||||
if(nfcv_data->frame_length != 4 || ctx->state != PicopassEmulatorStateSelected ||
|
if(nfcv_data->frame_length != 4 || ctx->state != PicopassEmulatorStateSelected ||
|
||||||
nfcv_data->frame[1] + 4 >= PICOPASS_MAX_APP_LIMIT) {
|
nfcv_data->frame[1] + 4 >= PICOPASS_MAX_APP_LIMIT) {
|
||||||
return;
|
return;
|
||||||
@@ -930,32 +934,32 @@ static void picopass_emu_handle_packet(
|
|||||||
picopass_emu_read_blocks(nfcv_data, response, blockNum, 4);
|
picopass_emu_read_blocks(nfcv_data, response, blockNum, 4);
|
||||||
if(blockNum == 4) {
|
if(blockNum == 4) {
|
||||||
// Kc is block 4, so just redact first block of response
|
// Kc is block 4, so just redact first block of response
|
||||||
memcpy(response, block_ff, PICOPASS_BLOCK_LEN);
|
memcpy(response, block_ff, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
} else if(blockNum < 4) {
|
} else if(blockNum < 4) {
|
||||||
// Kd is block 3
|
// Kd is block 3
|
||||||
uint8_t* kdOffset = response + ((3 - blockNum) * PICOPASS_BLOCK_LEN);
|
uint8_t* kdOffset = response + ((3 - blockNum) * RFAL_PICOPASS_BLOCK_LEN);
|
||||||
memcpy(kdOffset, block_ff, PICOPASS_BLOCK_LEN);
|
memcpy(kdOffset, block_ff, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
if(blockNum != 0) {
|
if(blockNum != 0) {
|
||||||
// Redact Kc
|
// Redact Kc
|
||||||
memcpy(kdOffset + PICOPASS_BLOCK_LEN, block_ff, PICOPASS_BLOCK_LEN);
|
memcpy(kdOffset + RFAL_PICOPASS_BLOCK_LEN, block_ff, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
picopass_append_crc(response, PICOPASS_BLOCK_LEN * 4);
|
picopass_append_crc(response, RFAL_PICOPASS_BLOCK_LEN * 4);
|
||||||
response_length = (PICOPASS_BLOCK_LEN * 4) + 2;
|
response_length = (RFAL_PICOPASS_BLOCK_LEN * 4) + 2;
|
||||||
break;
|
break;
|
||||||
case PICOPASS_CMD_SELECT: // ASNB(8)|SERIALNB(8)
|
case RFAL_PICOPASS_CMD_SELECT: // ASNB(8)|SERIALNB(8)
|
||||||
if(nfcv_data->frame_length != 9) {
|
if(nfcv_data->frame_length != 9) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
uint8_t select_csn[PICOPASS_BLOCK_LEN];
|
uint8_t select_csn[RFAL_PICOPASS_BLOCK_LEN];
|
||||||
if(ctx->state == PicopassEmulatorStateHalt || ctx->state == PicopassEmulatorStateIdle) {
|
if(ctx->state == PicopassEmulatorStateHalt || ctx->state == PicopassEmulatorStateIdle) {
|
||||||
memcpy(select_csn, nfc_data->uid, PICOPASS_BLOCK_LEN);
|
memcpy(select_csn, nfc_data->uid, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
} else {
|
} else {
|
||||||
picopass_anticoll_csn(select_csn, nfc_data->uid);
|
picopass_anticoll_csn(select_csn, nfc_data->uid);
|
||||||
}
|
}
|
||||||
|
|
||||||
if(memcmp(nfcv_data->frame + 1, select_csn, PICOPASS_BLOCK_LEN)) {
|
if(memcmp(nfcv_data->frame + 1, select_csn, RFAL_PICOPASS_BLOCK_LEN)) {
|
||||||
if(ctx->state == PicopassEmulatorStateActive) {
|
if(ctx->state == PicopassEmulatorStateActive) {
|
||||||
ctx->state = PicopassEmulatorStateIdle;
|
ctx->state = PicopassEmulatorStateIdle;
|
||||||
} else if(ctx->state == PicopassEmulatorStateSelected) {
|
} else if(ctx->state == PicopassEmulatorStateSelected) {
|
||||||
@@ -969,16 +973,17 @@ static void picopass_emu_handle_packet(
|
|||||||
ctx->state = PicopassEmulatorStateSelected;
|
ctx->state = PicopassEmulatorStateSelected;
|
||||||
|
|
||||||
// SERIALNB(8) CRC16(2)
|
// SERIALNB(8) CRC16(2)
|
||||||
memcpy(response, nfc_data->uid, PICOPASS_BLOCK_LEN);
|
memcpy(response, nfc_data->uid, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
picopass_append_crc(response, PICOPASS_BLOCK_LEN);
|
picopass_append_crc(response, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
|
|
||||||
response_length = PICOPASS_BLOCK_LEN + 2;
|
response_length = RFAL_PICOPASS_BLOCK_LEN + 2;
|
||||||
break;
|
break;
|
||||||
case PICOPASS_CMD_READCHECK_KC: // ADDRESS(1)
|
case RFAL_PICOPASS_CMD_READCHECK_KC: // ADDRESS(1)
|
||||||
key_block_num = PICOPASS_KC_BLOCK_INDEX;
|
key_block_num = PICOPASS_SECURE_KC_BLOCK_INDEX;
|
||||||
// fallthrough
|
// fallthrough
|
||||||
case PICOPASS_CMD_READCHECK_KD: // ADDRESS(1)
|
case RFAL_PICOPASS_CMD_READCHECK_KD: // ADDRESS(1)
|
||||||
if(nfcv_data->frame_length != 2 || nfcv_data->frame[1] != PICOPASS_EPURSE_BLOCK_INDEX ||
|
if(nfcv_data->frame_length != 2 ||
|
||||||
|
nfcv_data->frame[1] != PICOPASS_SECURE_EPURSE_BLOCK_INDEX ||
|
||||||
ctx->state != PicopassEmulatorStateSelected) {
|
ctx->state != PicopassEmulatorStateSelected) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@@ -990,9 +995,9 @@ static void picopass_emu_handle_packet(
|
|||||||
|
|
||||||
// DATA(8)
|
// DATA(8)
|
||||||
picopass_emu_read_blocks(nfcv_data, response, nfcv_data->frame[1], 1);
|
picopass_emu_read_blocks(nfcv_data, response, nfcv_data->frame[1], 1);
|
||||||
response_length = PICOPASS_BLOCK_LEN;
|
response_length = RFAL_PICOPASS_BLOCK_LEN;
|
||||||
break;
|
break;
|
||||||
case PICOPASS_CMD_CHECK: // CHALLENGE(4) READERSIGNATURE(4)
|
case RFAL_PICOPASS_CMD_CHECK: // CHALLENGE(4) READERSIGNATURE(4)
|
||||||
if(nfcv_data->frame_length != 9 || ctx->state != PicopassEmulatorStateSelected) {
|
if(nfcv_data->frame_length != 9 || ctx->state != PicopassEmulatorStateSelected) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@@ -1001,11 +1006,11 @@ static void picopass_emu_handle_packet(
|
|||||||
// LOCLASS Reader attack mode
|
// LOCLASS Reader attack mode
|
||||||
|
|
||||||
// Copy EPURSE
|
// Copy EPURSE
|
||||||
uint8_t cc[PICOPASS_BLOCK_LEN];
|
uint8_t cc[RFAL_PICOPASS_BLOCK_LEN];
|
||||||
picopass_emu_read_blocks(nfcv_data, cc, PICOPASS_EPURSE_BLOCK_INDEX, 1);
|
picopass_emu_read_blocks(nfcv_data, cc, PICOPASS_SECURE_EPURSE_BLOCK_INDEX, 1);
|
||||||
|
|
||||||
// Check if the nonce is from a standard key
|
// Check if the nonce is from a standard key
|
||||||
uint8_t key[PICOPASS_BLOCK_LEN];
|
uint8_t key[RFAL_PICOPASS_BLOCK_LEN];
|
||||||
loclass_iclass_calc_div_key(nfc_data->uid, picopass_iclass_key, key, false);
|
loclass_iclass_calc_div_key(nfc_data->uid, picopass_iclass_key, key, false);
|
||||||
ctx->cipher_state = loclass_opt_doTagMAC_1(cc, key);
|
ctx->cipher_state = loclass_opt_doTagMAC_1(cc, key);
|
||||||
|
|
||||||
@@ -1042,7 +1047,7 @@ static void picopass_emu_handle_packet(
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
uint8_t key[PICOPASS_BLOCK_LEN];
|
uint8_t key[RFAL_PICOPASS_BLOCK_LEN];
|
||||||
picopass_emu_read_blocks(nfcv_data, key, ctx->key_block_num, 1);
|
picopass_emu_read_blocks(nfcv_data, key, ctx->key_block_num, 1);
|
||||||
|
|
||||||
uint8_t rmac[4];
|
uint8_t rmac[4];
|
||||||
@@ -1057,7 +1062,7 @@ static void picopass_emu_handle_packet(
|
|||||||
// CHIPRESPONSE(4)
|
// CHIPRESPONSE(4)
|
||||||
response_length = 4;
|
response_length = 4;
|
||||||
break;
|
break;
|
||||||
case PICOPASS_CMD_UPDATE: // ADDRESS(1) DATA(8) SIGN(4)|CRC16(2)
|
case RFAL_PICOPASS_CMD_UPDATE: // ADDRESS(1) DATA(8) SIGN(4)|CRC16(2)
|
||||||
if((nfcv_data->frame_length != 12 && nfcv_data->frame_length != 14) ||
|
if((nfcv_data->frame_length != 12 && nfcv_data->frame_length != 14) ||
|
||||||
ctx->state != PicopassEmulatorStateSelected) {
|
ctx->state != PicopassEmulatorStateSelected) {
|
||||||
return;
|
return;
|
||||||
@@ -1067,7 +1072,7 @@ static void picopass_emu_handle_packet(
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
uint8_t cfgBlock[PICOPASS_BLOCK_LEN];
|
uint8_t cfgBlock[RFAL_PICOPASS_BLOCK_LEN];
|
||||||
picopass_emu_read_blocks(nfcv_data, cfgBlock, PICOPASS_CONFIG_BLOCK_INDEX, 1);
|
picopass_emu_read_blocks(nfcv_data, cfgBlock, PICOPASS_CONFIG_BLOCK_INDEX, 1);
|
||||||
bool persMode = HAS_MASK(cfgBlock[7], PICOPASS_FUSE_PERS);
|
bool persMode = HAS_MASK(cfgBlock[7], PICOPASS_FUSE_PERS);
|
||||||
|
|
||||||
@@ -1077,10 +1082,10 @@ static void picopass_emu_handle_packet(
|
|||||||
!HAS_MASK(cfgBlock[3], 0x80)) // Chip is in RO mode, no updated possible (even ePurse)
|
!HAS_MASK(cfgBlock[3], 0x80)) // Chip is in RO mode, no updated possible (even ePurse)
|
||||||
|| (!persMode &&
|
|| (!persMode &&
|
||||||
nfcv_data->frame[1] ==
|
nfcv_data->frame[1] ==
|
||||||
PICOPASS_AIA_BLOCK_INDEX) // AIA can only be set in personalisation mode
|
PICOPASS_SECURE_AIA_BLOCK_INDEX) // AIA can only be set in personalisation mode
|
||||||
|| (!persMode &&
|
|| (!persMode &&
|
||||||
(nfcv_data->frame[1] == PICOPASS_KD_BLOCK_INDEX ||
|
(nfcv_data->frame[1] == PICOPASS_SECURE_KD_BLOCK_INDEX ||
|
||||||
nfcv_data->frame[1] == PICOPASS_KC_BLOCK_INDEX) &&
|
nfcv_data->frame[1] == PICOPASS_SECURE_KC_BLOCK_INDEX) &&
|
||||||
(!HAS_MASK(cfgBlock[7], PICOPASS_FUSE_CRYPT10)))) {
|
(!HAS_MASK(cfgBlock[7], PICOPASS_FUSE_CRYPT10)))) {
|
||||||
return; // TODO: Is this the right response?
|
return; // TODO: Is this the right response?
|
||||||
}
|
}
|
||||||
@@ -1102,7 +1107,7 @@ static void picopass_emu_handle_packet(
|
|||||||
// -> must auth with that key to change it
|
// -> must auth with that key to change it
|
||||||
|
|
||||||
uint8_t blockOffset = nfcv_data->frame[1];
|
uint8_t blockOffset = nfcv_data->frame[1];
|
||||||
uint8_t block[PICOPASS_BLOCK_LEN];
|
uint8_t block[RFAL_PICOPASS_BLOCK_LEN];
|
||||||
switch(nfcv_data->frame[1]) {
|
switch(nfcv_data->frame[1]) {
|
||||||
case PICOPASS_CONFIG_BLOCK_INDEX:
|
case PICOPASS_CONFIG_BLOCK_INDEX:
|
||||||
block[0] = cfgBlock[0]; // Applications Limit
|
block[0] = cfgBlock[0]; // Applications Limit
|
||||||
@@ -1125,50 +1130,50 @@ static void picopass_emu_handle_packet(
|
|||||||
block[7] &= nfcv_data->frame[9] | ~PICOPASS_FUSE_CRYPT10;
|
block[7] &= nfcv_data->frame[9] | ~PICOPASS_FUSE_CRYPT10;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case PICOPASS_EPURSE_BLOCK_INDEX:
|
case PICOPASS_SECURE_EPURSE_BLOCK_INDEX:
|
||||||
// ePurse updates swap first and second half of the block each update
|
// ePurse updates swap first and second half of the block each update
|
||||||
memcpy(block + 4, nfcv_data->frame + 2, 4);
|
memcpy(block + 4, nfcv_data->frame + 2, 4);
|
||||||
memcpy(block, nfcv_data->frame + 6, 4);
|
memcpy(block, nfcv_data->frame + 6, 4);
|
||||||
break;
|
break;
|
||||||
case PICOPASS_KD_BLOCK_INDEX:
|
case PICOPASS_SECURE_KD_BLOCK_INDEX:
|
||||||
// fallthrough
|
// fallthrough
|
||||||
case PICOPASS_KC_BLOCK_INDEX:
|
case PICOPASS_SECURE_KC_BLOCK_INDEX:
|
||||||
if(!persMode) {
|
if(!persMode) {
|
||||||
picopass_emu_read_blocks(nfcv_data, block, blockOffset, 1);
|
picopass_emu_read_blocks(nfcv_data, block, blockOffset, 1);
|
||||||
for(uint8_t i = 0; i < sizeof(PICOPASS_BLOCK_LEN); i++)
|
for(uint8_t i = 0; i < sizeof(RFAL_PICOPASS_BLOCK_LEN); i++)
|
||||||
block[i] ^= nfcv_data->frame[i + 2];
|
block[i] ^= nfcv_data->frame[i + 2];
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
// Use default case when in personalisation mode
|
// Use default case when in personalisation mode
|
||||||
// fallthrough
|
// fallthrough
|
||||||
default:
|
default:
|
||||||
memcpy(block, nfcv_data->frame + 2, PICOPASS_BLOCK_LEN);
|
memcpy(block, nfcv_data->frame + 2, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
picopass_emu_write_blocks(nfcv_data, block, blockOffset, 1);
|
picopass_emu_write_blocks(nfcv_data, block, blockOffset, 1);
|
||||||
|
|
||||||
if((nfcv_data->frame[1] == ctx->key_block_num ||
|
if((nfcv_data->frame[1] == ctx->key_block_num ||
|
||||||
nfcv_data->frame[1] == PICOPASS_EPURSE_BLOCK_INDEX) &&
|
nfcv_data->frame[1] == PICOPASS_SECURE_EPURSE_BLOCK_INDEX) &&
|
||||||
!ctx->loclass_mode)
|
!ctx->loclass_mode)
|
||||||
picopass_init_cipher_state(nfcv_data, ctx);
|
picopass_init_cipher_state(nfcv_data, ctx);
|
||||||
|
|
||||||
// DATA(8) CRC16(2)
|
// DATA(8) CRC16(2)
|
||||||
if(nfcv_data->frame[1] == PICOPASS_KD_BLOCK_INDEX ||
|
if(nfcv_data->frame[1] == PICOPASS_SECURE_KD_BLOCK_INDEX ||
|
||||||
nfcv_data->frame[1] == PICOPASS_KD_BLOCK_INDEX) {
|
nfcv_data->frame[1] == PICOPASS_SECURE_KD_BLOCK_INDEX) {
|
||||||
// Key updates always return FF's
|
// Key updates always return FF's
|
||||||
memcpy(response, block_ff, PICOPASS_BLOCK_LEN);
|
memcpy(response, block_ff, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
} else {
|
} else {
|
||||||
memcpy(response, block, PICOPASS_BLOCK_LEN);
|
memcpy(response, block, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
}
|
}
|
||||||
picopass_append_crc(response, PICOPASS_BLOCK_LEN);
|
picopass_append_crc(response, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
response_length = PICOPASS_BLOCK_LEN + 2;
|
response_length = RFAL_PICOPASS_BLOCK_LEN + 2;
|
||||||
break;
|
break;
|
||||||
case PICOPASS_CMD_PAGESEL: // PAGE(1) CRC16(2)
|
case RFAL_PICOPASS_CMD_PAGESEL: // PAGE(1) CRC16(2)
|
||||||
// Chips with a single page do not answer to this command
|
// Chips with a single page do not answer to this command
|
||||||
// BLOCK1(8) CRC16(2)
|
// BLOCK1(8) CRC16(2)
|
||||||
return;
|
return;
|
||||||
case PICOPASS_CMD_DETECT:
|
case RFAL_PICOPASS_CMD_DETECT:
|
||||||
// TODO - not used by iClass though
|
// TODO - not used by iClass though
|
||||||
return;
|
return;
|
||||||
default:
|
default:
|
||||||
@@ -1193,16 +1198,16 @@ void picopass_worker_emulate(PicopassWorker* picopass_worker, bool loclass_mode)
|
|||||||
FuriHalNfcTxRxContext tx_rx = {};
|
FuriHalNfcTxRxContext tx_rx = {};
|
||||||
PicopassEmulatorCtx emu_ctx = {
|
PicopassEmulatorCtx emu_ctx = {
|
||||||
.state = PicopassEmulatorStateIdle,
|
.state = PicopassEmulatorStateIdle,
|
||||||
.key_block_num = PICOPASS_KD_BLOCK_INDEX,
|
.key_block_num = PICOPASS_SECURE_KD_BLOCK_INDEX,
|
||||||
.loclass_mode = loclass_mode,
|
.loclass_mode = loclass_mode,
|
||||||
.loclass_got_std_key = false,
|
.loclass_got_std_key = false,
|
||||||
.loclass_writer = NULL,
|
.loclass_writer = NULL,
|
||||||
};
|
};
|
||||||
FuriHalNfcDevData nfc_data = {
|
FuriHalNfcDevData nfc_data = {
|
||||||
.uid_len = PICOPASS_BLOCK_LEN,
|
.uid_len = RFAL_PICOPASS_UID_LEN,
|
||||||
};
|
};
|
||||||
NfcVData* nfcv_data = malloc(sizeof(NfcVData));
|
NfcVData* nfcv_data = malloc(sizeof(NfcVData));
|
||||||
nfcv_data->block_size = PICOPASS_BLOCK_LEN;
|
nfcv_data->block_size = RFAL_PICOPASS_BLOCK_LEN;
|
||||||
nfcv_data->emu_protocol_ctx = &emu_ctx;
|
nfcv_data->emu_protocol_ctx = &emu_ctx;
|
||||||
nfcv_data->emu_protocol_handler = &picopass_emu_handle_packet;
|
nfcv_data->emu_protocol_handler = &picopass_emu_handle_packet;
|
||||||
|
|
||||||
@@ -1218,15 +1223,15 @@ void picopass_worker_emulate(PicopassWorker* picopass_worker, bool loclass_mode)
|
|||||||
picopass_emu_write_blocks(nfcv_data, conf, PICOPASS_CONFIG_BLOCK_INDEX, 1);
|
picopass_emu_write_blocks(nfcv_data, conf, PICOPASS_CONFIG_BLOCK_INDEX, 1);
|
||||||
|
|
||||||
uint8_t epurse[8] = {0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
|
uint8_t epurse[8] = {0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
|
||||||
picopass_emu_write_blocks(nfcv_data, epurse, PICOPASS_EPURSE_BLOCK_INDEX, 1);
|
picopass_emu_write_blocks(nfcv_data, epurse, PICOPASS_SECURE_EPURSE_BLOCK_INDEX, 1);
|
||||||
|
|
||||||
uint8_t aia[8] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
|
uint8_t aia[8] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
|
||||||
picopass_emu_write_blocks(nfcv_data, aia, PICOPASS_AIA_BLOCK_INDEX, 1);
|
picopass_emu_write_blocks(nfcv_data, aia, PICOPASS_SECURE_AIA_BLOCK_INDEX, 1);
|
||||||
|
|
||||||
emu_ctx.loclass_writer = loclass_writer_alloc();
|
emu_ctx.loclass_writer = loclass_writer_alloc();
|
||||||
loclass_writer_write_start_stop(emu_ctx.loclass_writer, true);
|
loclass_writer_write_start_stop(emu_ctx.loclass_writer, true);
|
||||||
} else {
|
} else {
|
||||||
memcpy(nfc_data.uid, blocks[PICOPASS_CSN_BLOCK_INDEX].data, PICOPASS_BLOCK_LEN);
|
memcpy(nfc_data.uid, blocks[PICOPASS_CSN_BLOCK_INDEX].data, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
memcpy(nfcv_data->data, blocks, sizeof(dev_data->AA1));
|
memcpy(nfcv_data->data, blocks, sizeof(dev_data->AA1));
|
||||||
picopass_init_cipher_state(nfcv_data, &emu_ctx);
|
picopass_init_cipher_state(nfcv_data, &emu_ctx);
|
||||||
}
|
}
|
||||||
|
|||||||
10
applications/external/picopass/rfal_picopass.c
vendored
10
applications/external/picopass/rfal_picopass.c
vendored
@@ -72,7 +72,7 @@ FuriHalNfcReturn rfalPicoPassPollerCheckPresence(void) {
|
|||||||
FuriHalNfcReturn rfalPicoPassPollerIdentify(rfalPicoPassIdentifyRes* idRes) {
|
FuriHalNfcReturn rfalPicoPassPollerIdentify(rfalPicoPassIdentifyRes* idRes) {
|
||||||
FuriHalNfcReturn ret;
|
FuriHalNfcReturn ret;
|
||||||
|
|
||||||
uint8_t txBuf[1] = {RFAL_PICOPASS_CMD_IDENTIFY};
|
uint8_t txBuf[1] = {RFAL_PICOPASS_CMD_READ_OR_IDENTIFY};
|
||||||
uint16_t recvLen = 0;
|
uint16_t recvLen = 0;
|
||||||
uint32_t flags = RFAL_PICOPASS_TXRX_FLAGS;
|
uint32_t flags = RFAL_PICOPASS_TXRX_FLAGS;
|
||||||
uint32_t fwt = furi_hal_nfc_ll_ms2fc(20);
|
uint32_t fwt = furi_hal_nfc_ll_ms2fc(20);
|
||||||
@@ -118,7 +118,7 @@ FuriHalNfcReturn rfalPicoPassPollerSelect(uint8_t* csn, rfalPicoPassSelectRes* s
|
|||||||
|
|
||||||
FuriHalNfcReturn rfalPicoPassPollerReadCheck(rfalPicoPassReadCheckRes* rcRes) {
|
FuriHalNfcReturn rfalPicoPassPollerReadCheck(rfalPicoPassReadCheckRes* rcRes) {
|
||||||
FuriHalNfcReturn ret;
|
FuriHalNfcReturn ret;
|
||||||
uint8_t txBuf[2] = {RFAL_PICOPASS_CMD_READCHECK, 0x02};
|
uint8_t txBuf[2] = {RFAL_PICOPASS_CMD_READCHECK_KD, 0x02};
|
||||||
uint16_t recvLen = 0;
|
uint16_t recvLen = 0;
|
||||||
uint32_t flags = RFAL_PICOPASS_TXRX_FLAGS;
|
uint32_t flags = RFAL_PICOPASS_TXRX_FLAGS;
|
||||||
uint32_t fwt = furi_hal_nfc_ll_ms2fc(20);
|
uint32_t fwt = furi_hal_nfc_ll_ms2fc(20);
|
||||||
@@ -170,7 +170,7 @@ FuriHalNfcReturn rfalPicoPassPollerCheck(uint8_t* mac, rfalPicoPassCheckRes* chk
|
|||||||
FuriHalNfcReturn rfalPicoPassPollerReadBlock(uint8_t blockNum, rfalPicoPassReadBlockRes* readRes) {
|
FuriHalNfcReturn rfalPicoPassPollerReadBlock(uint8_t blockNum, rfalPicoPassReadBlockRes* readRes) {
|
||||||
FuriHalNfcReturn ret;
|
FuriHalNfcReturn ret;
|
||||||
|
|
||||||
uint8_t txBuf[4] = {RFAL_PICOPASS_CMD_READ, 0, 0, 0};
|
uint8_t txBuf[4] = {RFAL_PICOPASS_CMD_READ_OR_IDENTIFY, 0, 0, 0};
|
||||||
txBuf[1] = blockNum;
|
txBuf[1] = blockNum;
|
||||||
uint16_t crc = rfalPicoPassCalculateCcitt(0xE012, txBuf + 1, 1);
|
uint16_t crc = rfalPicoPassCalculateCcitt(0xE012, txBuf + 1, 1);
|
||||||
memcpy(txBuf + 2, &crc, sizeof(uint16_t));
|
memcpy(txBuf + 2, &crc, sizeof(uint16_t));
|
||||||
@@ -193,8 +193,8 @@ FuriHalNfcReturn rfalPicoPassPollerReadBlock(uint8_t blockNum, rfalPicoPassReadB
|
|||||||
FuriHalNfcReturn rfalPicoPassPollerWriteBlock(uint8_t blockNum, uint8_t data[8], uint8_t mac[4]) {
|
FuriHalNfcReturn rfalPicoPassPollerWriteBlock(uint8_t blockNum, uint8_t data[8], uint8_t mac[4]) {
|
||||||
FuriHalNfcReturn ret;
|
FuriHalNfcReturn ret;
|
||||||
|
|
||||||
uint8_t txBuf[14] = {RFAL_PICOPASS_CMD_WRITE, blockNum, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
|
uint8_t txBuf[14] = {RFAL_PICOPASS_CMD_UPDATE, blockNum, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
|
||||||
memcpy(txBuf + 2, data, RFAL_PICOPASS_MAX_BLOCK_LEN);
|
memcpy(txBuf + 2, data, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
memcpy(txBuf + 10, mac, 4);
|
memcpy(txBuf + 10, mac, 4);
|
||||||
|
|
||||||
uint16_t recvLen = 0;
|
uint16_t recvLen = 0;
|
||||||
|
|||||||
41
applications/external/picopass/rfal_picopass.h
vendored
41
applications/external/picopass/rfal_picopass.h
vendored
@@ -3,16 +3,41 @@
|
|||||||
#include <furi_hal_nfc.h>
|
#include <furi_hal_nfc.h>
|
||||||
|
|
||||||
#define RFAL_PICOPASS_UID_LEN 8
|
#define RFAL_PICOPASS_UID_LEN 8
|
||||||
#define RFAL_PICOPASS_MAX_BLOCK_LEN 8
|
#define RFAL_PICOPASS_BLOCK_LEN 8
|
||||||
|
|
||||||
enum {
|
enum {
|
||||||
RFAL_PICOPASS_CMD_ACTALL = 0x0A,
|
// PicoPass command bytes:
|
||||||
RFAL_PICOPASS_CMD_IDENTIFY = 0x0C,
|
// Low nibble used for command
|
||||||
RFAL_PICOPASS_CMD_SELECT = 0x81,
|
// High nibble used for options and checksum (MSB)
|
||||||
RFAL_PICOPASS_CMD_READCHECK = 0x88,
|
// The only option we care about in 15693 mode is the key
|
||||||
|
// which is only used by READCHECK, so for simplicity we
|
||||||
|
// don't bother breaking down the command and flags into parts
|
||||||
|
|
||||||
|
// READ: ADDRESS(1) CRC16(2) -> DATA(8) CRC16(2)
|
||||||
|
// IDENTIFY: No args -> ASNB(8) CRC16(2)
|
||||||
|
RFAL_PICOPASS_CMD_READ_OR_IDENTIFY = 0x0C,
|
||||||
|
// ADDRESS(1) CRC16(2) -> DATA(32) CRC16(2)
|
||||||
|
RFAL_PICOPASS_CMD_READ4 = 0x06,
|
||||||
|
// ADDRESS(1) DATA(8) SIGN(4)|CRC16(2) -> DATA(8) CRC16(2)
|
||||||
|
RFAL_PICOPASS_CMD_UPDATE = 0x87,
|
||||||
|
// ADDRESS(1) -> DATA(8)
|
||||||
|
RFAL_PICOPASS_CMD_READCHECK_KD = 0x88,
|
||||||
|
// ADDRESS(1) -> DATA(8)
|
||||||
|
RFAL_PICOPASS_CMD_READCHECK_KC = 0x18,
|
||||||
|
// CHALLENGE(4) READERSIGNATURE(4) -> CHIPRESPONSE(4)
|
||||||
RFAL_PICOPASS_CMD_CHECK = 0x05,
|
RFAL_PICOPASS_CMD_CHECK = 0x05,
|
||||||
RFAL_PICOPASS_CMD_READ = 0x0C,
|
// No args -> SOF
|
||||||
RFAL_PICOPASS_CMD_WRITE = 0x87,
|
RFAL_PICOPASS_CMD_ACTALL = 0x0A,
|
||||||
|
// No args -> SOF
|
||||||
|
RFAL_PICOPASS_CMD_ACT = 0x8E,
|
||||||
|
// ASNB(8)|SERIALNB(8) -> SERIALNB(8) CRC16(2)
|
||||||
|
RFAL_PICOPASS_CMD_SELECT = 0x81,
|
||||||
|
// No args -> SERIALNB(8) CRC16(2)
|
||||||
|
RFAL_PICOPASS_CMD_DETECT = 0x0F,
|
||||||
|
// No args -> SOF
|
||||||
|
RFAL_PICOPASS_CMD_HALT = 0x00,
|
||||||
|
// PAGE(1) CRC16(2) -> BLOCK1(8) CRC16(2)
|
||||||
|
RFAL_PICOPASS_CMD_PAGESEL = 0x84,
|
||||||
};
|
};
|
||||||
|
|
||||||
typedef struct {
|
typedef struct {
|
||||||
@@ -34,7 +59,7 @@ typedef struct {
|
|||||||
} rfalPicoPassCheckRes;
|
} rfalPicoPassCheckRes;
|
||||||
|
|
||||||
typedef struct {
|
typedef struct {
|
||||||
uint8_t data[RFAL_PICOPASS_MAX_BLOCK_LEN];
|
uint8_t data[RFAL_PICOPASS_BLOCK_LEN];
|
||||||
uint8_t crc[2];
|
uint8_t crc[2];
|
||||||
} rfalPicoPassReadBlockRes;
|
} rfalPicoPassReadBlockRes;
|
||||||
|
|
||||||
|
|||||||
@@ -26,9 +26,9 @@ void picopass_scene_device_info_on_enter(void* context) {
|
|||||||
PicopassPacs* pacs = &picopass->dev->dev_data.pacs;
|
PicopassPacs* pacs = &picopass->dev->dev_data.pacs;
|
||||||
Widget* widget = picopass->widget;
|
Widget* widget = picopass->widget;
|
||||||
|
|
||||||
uint8_t csn[PICOPASS_BLOCK_LEN] = {0};
|
uint8_t csn[RFAL_PICOPASS_BLOCK_LEN] = {0};
|
||||||
memcpy(csn, AA1[PICOPASS_CSN_BLOCK_INDEX].data, PICOPASS_BLOCK_LEN);
|
memcpy(csn, AA1[PICOPASS_CSN_BLOCK_INDEX].data, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
for(uint8_t i = 0; i < PICOPASS_BLOCK_LEN; i++) {
|
for(uint8_t i = 0; i < RFAL_PICOPASS_BLOCK_LEN; i++) {
|
||||||
furi_string_cat_printf(csn_str, "%02X ", csn[i]);
|
furi_string_cat_printf(csn_str, "%02X ", csn[i]);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -42,7 +42,7 @@ void picopass_scene_device_info_on_enter(void* context) {
|
|||||||
bytesLength++;
|
bytesLength++;
|
||||||
}
|
}
|
||||||
furi_string_set(credential_str, "");
|
furi_string_set(credential_str, "");
|
||||||
for(uint8_t i = PICOPASS_BLOCK_LEN - bytesLength; i < PICOPASS_BLOCK_LEN; i++) {
|
for(uint8_t i = RFAL_PICOPASS_BLOCK_LEN - bytesLength; i < RFAL_PICOPASS_BLOCK_LEN; i++) {
|
||||||
furi_string_cat_printf(credential_str, " %02X", pacs->credential[i]);
|
furi_string_cat_printf(credential_str, " %02X", pacs->credential[i]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -59,25 +59,25 @@ bool picopass_scene_key_menu_on_event(void* context, SceneManagerEvent event) {
|
|||||||
if(event.event == SubmenuIndexWriteStandard) {
|
if(event.event == SubmenuIndexWriteStandard) {
|
||||||
scene_manager_set_scene_state(
|
scene_manager_set_scene_state(
|
||||||
picopass->scene_manager, PicopassSceneKeyMenu, SubmenuIndexWriteStandard);
|
picopass->scene_manager, PicopassSceneKeyMenu, SubmenuIndexWriteStandard);
|
||||||
memcpy(picopass->dev->dev_data.pacs.key, picopass_iclass_key, PICOPASS_BLOCK_LEN);
|
memcpy(picopass->dev->dev_data.pacs.key, picopass_iclass_key, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
scene_manager_next_scene(picopass->scene_manager, PicopassSceneWriteKey);
|
scene_manager_next_scene(picopass->scene_manager, PicopassSceneWriteKey);
|
||||||
consumed = true;
|
consumed = true;
|
||||||
} else if(event.event == SubmenuIndexWriteiCE) {
|
} else if(event.event == SubmenuIndexWriteiCE) {
|
||||||
scene_manager_set_scene_state(
|
scene_manager_set_scene_state(
|
||||||
picopass->scene_manager, PicopassSceneKeyMenu, SubmenuIndexWriteiCE);
|
picopass->scene_manager, PicopassSceneKeyMenu, SubmenuIndexWriteiCE);
|
||||||
memcpy(picopass->dev->dev_data.pacs.key, picopass_xice_key, PICOPASS_BLOCK_LEN);
|
memcpy(picopass->dev->dev_data.pacs.key, picopass_xice_key, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
scene_manager_next_scene(picopass->scene_manager, PicopassSceneWriteKey);
|
scene_manager_next_scene(picopass->scene_manager, PicopassSceneWriteKey);
|
||||||
consumed = true;
|
consumed = true;
|
||||||
} else if(event.event == SubmenuIndexWriteiCL) {
|
} else if(event.event == SubmenuIndexWriteiCL) {
|
||||||
scene_manager_set_scene_state(
|
scene_manager_set_scene_state(
|
||||||
picopass->scene_manager, PicopassSceneKeyMenu, SubmenuIndexWriteiCE);
|
picopass->scene_manager, PicopassSceneKeyMenu, SubmenuIndexWriteiCE);
|
||||||
memcpy(picopass->dev->dev_data.pacs.key, picopass_xicl_key, PICOPASS_BLOCK_LEN);
|
memcpy(picopass->dev->dev_data.pacs.key, picopass_xicl_key, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
scene_manager_next_scene(picopass->scene_manager, PicopassSceneWriteKey);
|
scene_manager_next_scene(picopass->scene_manager, PicopassSceneWriteKey);
|
||||||
consumed = true;
|
consumed = true;
|
||||||
} else if(event.event == SubmenuIndexWriteiCS) {
|
} else if(event.event == SubmenuIndexWriteiCS) {
|
||||||
scene_manager_set_scene_state(
|
scene_manager_set_scene_state(
|
||||||
picopass->scene_manager, PicopassSceneKeyMenu, SubmenuIndexWriteiCE);
|
picopass->scene_manager, PicopassSceneKeyMenu, SubmenuIndexWriteiCE);
|
||||||
memcpy(picopass->dev->dev_data.pacs.key, picopass_xics_key, PICOPASS_BLOCK_LEN);
|
memcpy(picopass->dev->dev_data.pacs.key, picopass_xics_key, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
scene_manager_next_scene(picopass->scene_manager, PicopassSceneWriteKey);
|
scene_manager_next_scene(picopass->scene_manager, PicopassSceneWriteKey);
|
||||||
consumed = true;
|
consumed = true;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -38,7 +38,7 @@ bool picopass_scene_read_card_on_event(void* context, SceneManagerEvent event) {
|
|||||||
if(memcmp(
|
if(memcmp(
|
||||||
picopass->dev->dev_data.pacs.key,
|
picopass->dev->dev_data.pacs.key,
|
||||||
picopass_factory_debit_key,
|
picopass_factory_debit_key,
|
||||||
PICOPASS_BLOCK_LEN) == 0) {
|
RFAL_PICOPASS_BLOCK_LEN) == 0) {
|
||||||
scene_manager_next_scene(picopass->scene_manager, PicopassSceneReadFactorySuccess);
|
scene_manager_next_scene(picopass->scene_manager, PicopassSceneReadFactorySuccess);
|
||||||
} else {
|
} else {
|
||||||
scene_manager_next_scene(picopass->scene_manager, PicopassSceneReadCardSuccess);
|
scene_manager_next_scene(picopass->scene_manager, PicopassSceneReadCardSuccess);
|
||||||
|
|||||||
@@ -31,15 +31,15 @@ void picopass_scene_read_card_success_on_enter(void* context) {
|
|||||||
PicopassPacs* pacs = &picopass->dev->dev_data.pacs;
|
PicopassPacs* pacs = &picopass->dev->dev_data.pacs;
|
||||||
Widget* widget = picopass->widget;
|
Widget* widget = picopass->widget;
|
||||||
|
|
||||||
uint8_t csn[PICOPASS_BLOCK_LEN] = {0};
|
uint8_t csn[RFAL_PICOPASS_BLOCK_LEN] = {0};
|
||||||
memcpy(csn, AA1[PICOPASS_CSN_BLOCK_INDEX].data, PICOPASS_BLOCK_LEN);
|
memcpy(csn, AA1[PICOPASS_CSN_BLOCK_INDEX].data, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
for(uint8_t i = 0; i < PICOPASS_BLOCK_LEN; i++) {
|
for(uint8_t i = 0; i < RFAL_PICOPASS_BLOCK_LEN; i++) {
|
||||||
furi_string_cat_printf(csn_str, "%02X", csn[i]);
|
furi_string_cat_printf(csn_str, "%02X", csn[i]);
|
||||||
}
|
}
|
||||||
|
|
||||||
bool no_key = picopass_is_memset(pacs->key, 0x00, PICOPASS_BLOCK_LEN);
|
bool no_key = picopass_is_memset(pacs->key, 0x00, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
bool empty =
|
bool empty = picopass_is_memset(
|
||||||
picopass_is_memset(AA1[PICOPASS_PACS_CFG_BLOCK_INDEX].data, 0xFF, PICOPASS_BLOCK_LEN);
|
AA1[PICOPASS_ICLASS_PACS_CFG_BLOCK_INDEX].data, 0xFF, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
|
|
||||||
if(no_key) {
|
if(no_key) {
|
||||||
furi_string_cat_printf(wiegand_str, "Read Failed");
|
furi_string_cat_printf(wiegand_str, "Read Failed");
|
||||||
@@ -78,7 +78,7 @@ void picopass_scene_read_card_success_on_enter(void* context) {
|
|||||||
} else {
|
} else {
|
||||||
size_t bytesLength = 1 + pacs->record.bitLength / 8;
|
size_t bytesLength = 1 + pacs->record.bitLength / 8;
|
||||||
furi_string_set(credential_str, "");
|
furi_string_set(credential_str, "");
|
||||||
for(uint8_t i = PICOPASS_BLOCK_LEN - bytesLength; i < PICOPASS_BLOCK_LEN; i++) {
|
for(uint8_t i = RFAL_PICOPASS_BLOCK_LEN - bytesLength; i < RFAL_PICOPASS_BLOCK_LEN; i++) {
|
||||||
furi_string_cat_printf(credential_str, " %02X", pacs->credential[i]);
|
furi_string_cat_printf(credential_str, " %02X", pacs->credential[i]);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -99,9 +99,9 @@ void picopass_scene_read_card_success_on_enter(void* context) {
|
|||||||
}
|
}
|
||||||
furi_string_cat_printf(sio_str, "Key: ");
|
furi_string_cat_printf(sio_str, "Key: ");
|
||||||
|
|
||||||
uint8_t key[PICOPASS_BLOCK_LEN];
|
uint8_t key[RFAL_PICOPASS_BLOCK_LEN];
|
||||||
memcpy(key, &pacs->key, PICOPASS_BLOCK_LEN);
|
memcpy(key, &pacs->key, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
for(uint8_t i = 0; i < PICOPASS_BLOCK_LEN; i++) {
|
for(uint8_t i = 0; i < RFAL_PICOPASS_BLOCK_LEN; i++) {
|
||||||
furi_string_cat_printf(sio_str, "%02X", key[i]);
|
furi_string_cat_printf(sio_str, "%02X", key[i]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -64,7 +64,7 @@ bool picopass_scene_read_factory_success_on_event(void* context, SceneManagerEve
|
|||||||
if(event.event == GuiButtonTypeLeft) {
|
if(event.event == GuiButtonTypeLeft) {
|
||||||
consumed = scene_manager_previous_scene(picopass->scene_manager);
|
consumed = scene_manager_previous_scene(picopass->scene_manager);
|
||||||
} else if(event.event == GuiButtonTypeCenter) {
|
} else if(event.event == GuiButtonTypeCenter) {
|
||||||
memcpy(picopass->dev->dev_data.pacs.key, picopass_iclass_key, PICOPASS_BLOCK_LEN);
|
memcpy(picopass->dev->dev_data.pacs.key, picopass_iclass_key, RFAL_PICOPASS_BLOCK_LEN);
|
||||||
scene_manager_next_scene(picopass->scene_manager, PicopassSceneWriteKey);
|
scene_manager_next_scene(picopass->scene_manager, PicopassSceneWriteKey);
|
||||||
consumed = true;
|
consumed = true;
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user