From f34dafeecc75c5ae2844202ccb2ebfd3b0a64521 Mon Sep 17 00:00:00 2001 From: MX <10697207+xMasterX@users.noreply.github.com> Date: Fri, 9 Sep 2022 01:32:50 +0300 Subject: [PATCH] revert picopass OFW PR 37 bit card is read as 255 bit and saving is broken --- applications/picopass/picopass_device.c | 6 +- applications/picopass/picopass_device.h | 1 - applications/picopass/picopass_worker.c | 102 +++--------------- applications/picopass/picopass_worker.h | 1 - .../scenes/picopass_scene_read_card_success.c | 32 +++--- 5 files changed, 33 insertions(+), 109 deletions(-) diff --git a/applications/picopass/picopass_device.c b/applications/picopass/picopass_device.c index f39bfeec1..4cd6faaab 100644 --- a/applications/picopass/picopass_device.c +++ b/applications/picopass/picopass_device.c @@ -310,6 +310,10 @@ ReturnCode picopass_device_decrypt(uint8_t* enc_data, uint8_t* dec_data) { ReturnCode picopass_device_parse_credential(PicopassBlock* AA1, PicopassPacs* pacs) { ReturnCode err; + // Thank you proxmark! + pacs->legacy = (memcmp(AA1[5].data, "\xff\xff\xff\xff\xff\xff\xff\xff", 8) == 0); + pacs->se_enabled = (memcmp(AA1[5].data, "\xff\xff\xff\x00\x06\xff\xff\xff", 8) == 0); + pacs->biometrics = AA1[6].data[4]; pacs->pin_length = AA1[6].data[6] & 0x0F; pacs->encryption = AA1[6].data[7]; @@ -344,8 +348,6 @@ ReturnCode picopass_device_parse_credential(PicopassBlock* AA1, PicopassPacs* pa FURI_LOG_D(TAG, "Unknown encryption"); } - pacs->sio = (AA1[10].data[0] == 0x30); // rough check - return ERR_NONE; } diff --git a/applications/picopass/picopass_device.h b/applications/picopass/picopass_device.h index 0e133a749..0415b8794 100644 --- a/applications/picopass/picopass_device.h +++ b/applications/picopass/picopass_device.h @@ -48,7 +48,6 @@ typedef struct { typedef struct { bool legacy; bool se_enabled; - bool sio; bool biometrics; uint8_t pin_length; PicopassEncryption encryption; diff --git a/applications/picopass/picopass_worker.c b/applications/picopass/picopass_worker.c index 5bdb74b38..359f19495 100644 --- a/applications/picopass/picopass_worker.c +++ b/applications/picopass/picopass_worker.c @@ -112,13 +112,18 @@ ReturnCode picopass_detect_card(int timeout) { return ERR_NONE; } -ReturnCode picopass_read_preauth(PicopassBlock* AA1) { +ReturnCode picopass_read_card(PicopassBlock* AA1) { rfalPicoPassIdentifyRes idRes; rfalPicoPassSelectRes selRes; rfalPicoPassReadCheckRes rcRes; + rfalPicoPassCheckRes chkRes; ReturnCode err; + uint8_t div_key[8] = {0}; + uint8_t mac[4] = {0}; + uint8_t ccnr[12] = {0}; + err = rfalPicoPassPollerIdentify(&idRes); if(err != ERR_NONE) { FURI_LOG_E(TAG, "rfalPicoPassPollerIdentify error %d", err); @@ -131,68 +136,6 @@ ReturnCode picopass_read_preauth(PicopassBlock* AA1) { return err; } - err = rfalPicoPassPollerReadCheck(&rcRes); - if(err != ERR_NONE) { - FURI_LOG_E(TAG, "rfalPicoPassPollerReadCheck error %d", err); - return err; - } - - memcpy(AA1[PICOPASS_CSN_BLOCK_INDEX].data, selRes.CSN, sizeof(selRes.CSN)); - FURI_LOG_D( - TAG, - "csn %02x%02x%02x%02x%02x%02x%02x%02x", - AA1[PICOPASS_CSN_BLOCK_INDEX].data[0], - AA1[PICOPASS_CSN_BLOCK_INDEX].data[1], - AA1[PICOPASS_CSN_BLOCK_INDEX].data[2], - AA1[PICOPASS_CSN_BLOCK_INDEX].data[3], - AA1[PICOPASS_CSN_BLOCK_INDEX].data[4], - AA1[PICOPASS_CSN_BLOCK_INDEX].data[5], - AA1[PICOPASS_CSN_BLOCK_INDEX].data[6], - AA1[PICOPASS_CSN_BLOCK_INDEX].data[7]); - - rfalPicoPassReadBlockRes cfg; - err = rfalPicoPassPollerReadBlock(PICOPASS_CONFIG_BLOCK_INDEX, &cfg); - memcpy(AA1[PICOPASS_CONFIG_BLOCK_INDEX].data, cfg.data, sizeof(cfg.data)); - FURI_LOG_D( - TAG, - "config %02x%02x%02x%02x%02x%02x%02x%02x", - AA1[PICOPASS_CONFIG_BLOCK_INDEX].data[0], - AA1[PICOPASS_CONFIG_BLOCK_INDEX].data[1], - AA1[PICOPASS_CONFIG_BLOCK_INDEX].data[2], - AA1[PICOPASS_CONFIG_BLOCK_INDEX].data[3], - AA1[PICOPASS_CONFIG_BLOCK_INDEX].data[4], - AA1[PICOPASS_CONFIG_BLOCK_INDEX].data[5], - AA1[PICOPASS_CONFIG_BLOCK_INDEX].data[6], - AA1[PICOPASS_CONFIG_BLOCK_INDEX].data[7]); - - rfalPicoPassReadBlockRes aia; - err = rfalPicoPassPollerReadBlock(PICOPASS_AIA_BLOCK_INDEX, &aia); - memcpy(AA1[PICOPASS_AIA_BLOCK_INDEX].data, aia.data, sizeof(aia.data)); - FURI_LOG_D( - TAG, - "aia %02x%02x%02x%02x%02x%02x%02x%02x", - AA1[PICOPASS_AIA_BLOCK_INDEX].data[0], - AA1[PICOPASS_AIA_BLOCK_INDEX].data[1], - AA1[PICOPASS_AIA_BLOCK_INDEX].data[2], - AA1[PICOPASS_AIA_BLOCK_INDEX].data[3], - AA1[PICOPASS_AIA_BLOCK_INDEX].data[4], - AA1[PICOPASS_AIA_BLOCK_INDEX].data[5], - AA1[PICOPASS_AIA_BLOCK_INDEX].data[6], - AA1[PICOPASS_AIA_BLOCK_INDEX].data[7]); - - return ERR_NONE; -} - -ReturnCode picopass_read_card(PicopassBlock* AA1) { - rfalPicoPassReadCheckRes rcRes; - rfalPicoPassCheckRes chkRes; - - ReturnCode err; - - uint8_t div_key[8] = {0}; - uint8_t mac[4] = {0}; - uint8_t ccnr[12] = {0}; - err = rfalPicoPassPollerReadCheck(&rcRes); if(err != ERR_NONE) { FURI_LOG_E(TAG, "rfalPicoPassPollerReadCheck error %d", err); @@ -200,7 +143,7 @@ ReturnCode picopass_read_card(PicopassBlock* AA1) { } memcpy(ccnr, rcRes.CCNR, sizeof(rcRes.CCNR)); // last 4 bytes left 0 - loclass_diversifyKey(AA1[PICOPASS_CSN_BLOCK_INDEX].data, picopass_iclass_key, div_key); + loclass_diversifyKey(selRes.CSN, picopass_iclass_key, div_key); loclass_opt_doReaderMAC(ccnr, div_key, mac); err = rfalPicoPassPollerCheck(mac, &chkRes); @@ -209,9 +152,15 @@ ReturnCode picopass_read_card(PicopassBlock* AA1) { return err; } - size_t app_limit = AA1[PICOPASS_CONFIG_BLOCK_INDEX].data[0] < PICOPASS_MAX_APP_LIMIT ? - AA1[PICOPASS_CONFIG_BLOCK_INDEX].data[0] : - PICOPASS_MAX_APP_LIMIT; + rfalPicoPassReadBlockRes csn; + err = rfalPicoPassPollerReadBlock(PICOPASS_CSN_BLOCK_INDEX, &csn); + memcpy(AA1[PICOPASS_CSN_BLOCK_INDEX].data, csn.data, sizeof(csn.data)); + + rfalPicoPassReadBlockRes cfg; + err = rfalPicoPassPollerReadBlock(PICOPASS_CONFIG_BLOCK_INDEX, &cfg); + memcpy(AA1[PICOPASS_CONFIG_BLOCK_INDEX].data, cfg.data, sizeof(cfg.data)); + + size_t app_limit = cfg.data[0] < PICOPASS_MAX_APP_LIMIT ? cfg.data[0] : PICOPASS_MAX_APP_LIMIT; for(size_t i = 2; i < app_limit; i++) { FURI_LOG_D(TAG, "rfalPicoPassPollerReadBlock block %d", i); @@ -338,30 +287,11 @@ void picopass_worker_detect(PicopassWorker* picopass_worker) { PicopassPacs* pacs = &dev_data->pacs; ReturnCode err; - // reset device data - for(size_t i = 0; i < PICOPASS_MAX_APP_LIMIT; i++) { - memset(AA1[i].data, 0, sizeof(AA1[i].data)); - } - memset(pacs, 0, sizeof(PicopassPacs)); - PicopassWorkerEvent nextState = PicopassWorkerEventSuccess; while(picopass_worker->state == PicopassWorkerStateDetect) { if(picopass_detect_card(1000) == ERR_NONE) { // Process first found device - err = picopass_read_preauth(AA1); - if(err != ERR_NONE) { - FURI_LOG_E(TAG, "picopass_read_preauth error %d", err); - nextState = PicopassWorkerEventFail; - } - - // Thank you proxmark! - pacs->legacy = (memcmp(AA1[5].data, "\xff\xff\xff\xff\xff\xff\xff\xff", 8) == 0); - pacs->se_enabled = (memcmp(AA1[5].data, "\xff\xff\xff\x00\x06\xff\xff\xff", 8) == 0); - if(pacs->se_enabled) { - FURI_LOG_D(TAG, "SE enabled"); - } - err = picopass_read_card(AA1); if(err != ERR_NONE) { FURI_LOG_E(TAG, "picopass_read_card error %d", err); diff --git a/applications/picopass/picopass_worker.h b/applications/picopass/picopass_worker.h index 29a890a18..6ad709058 100644 --- a/applications/picopass/picopass_worker.h +++ b/applications/picopass/picopass_worker.h @@ -24,7 +24,6 @@ typedef enum { PicopassWorkerEventSuccess, PicopassWorkerEventFail, PicopassWorkerEventNoCardDetected, - PicopassWorkerEventSeEnabled, PicopassWorkerEventStartReading, } PicopassWorkerEvent; diff --git a/applications/picopass/scenes/picopass_scene_read_card_success.c b/applications/picopass/scenes/picopass_scene_read_card_success.c index 785f3a7dd..c281b32ca 100644 --- a/applications/picopass/scenes/picopass_scene_read_card_success.c +++ b/applications/picopass/scenes/picopass_scene_read_card_success.c @@ -17,10 +17,8 @@ void picopass_scene_read_card_success_on_enter(void* context) { Picopass* picopass = context; string_t credential_str; string_t wiegand_str; - string_t sio_str; string_init(credential_str); string_init(wiegand_str); - string_init(sio_str); DOLPHIN_DEED(DolphinDeedNfcReadSuccess); @@ -34,10 +32,6 @@ void picopass_scene_read_card_success_on_enter(void* context) { if(pacs->record.bitLength == 0) { string_cat_printf(wiegand_str, "Read Failed"); - if(pacs->se_enabled) { - string_cat_printf(credential_str, "SE enabled"); - } - widget_add_button_element( widget, GuiButtonTypeLeft, @@ -45,6 +39,8 @@ void picopass_scene_read_card_success_on_enter(void* context) { picopass_scene_read_card_success_widget_callback, picopass); + widget_add_string_element( + widget, 64, 12, AlignCenter, AlignCenter, FontPrimary, string_get_cstr(wiegand_str)); } else { size_t bytesLength = 1 + pacs->record.bitLength / 8; string_set_str(credential_str, ""); @@ -59,10 +55,6 @@ void picopass_scene_read_card_success_on_enter(void* context) { string_cat_printf(wiegand_str, "%d bits", pacs->record.bitLength); } - if(pacs->sio) { - string_cat_printf(sio_str, "+SIO"); - } - widget_add_button_element( widget, GuiButtonTypeLeft, @@ -76,18 +68,20 @@ void picopass_scene_read_card_success_on_enter(void* context) { "More", picopass_scene_read_card_success_widget_callback, picopass); + + widget_add_string_element( + widget, 64, 12, AlignCenter, AlignCenter, FontPrimary, string_get_cstr(wiegand_str)); + widget_add_string_element( + widget, + 64, + 32, + AlignCenter, + AlignCenter, + FontSecondary, + string_get_cstr(credential_str)); } - - widget_add_string_element( - widget, 64, 12, AlignCenter, AlignCenter, FontPrimary, string_get_cstr(wiegand_str)); - widget_add_string_element( - widget, 64, 32, AlignCenter, AlignCenter, FontSecondary, string_get_cstr(credential_str)); - widget_add_string_element( - widget, 64, 42, AlignCenter, AlignCenter, FontSecondary, string_get_cstr(sio_str)); - string_clear(credential_str); string_clear(wiegand_str); - string_clear(sio_str); view_dispatcher_switch_to_view(picopass->view_dispatcher, PicopassViewWidget); }