fixed ndef parsing of signature version 1 records

2025-01-10 10:11:58 +08:00 · 2023-05-05 10:47:02 +02:00 · 2023-05-05 10:47:02 +02:00 · 52981476e2
commit 52981476e2
parent 0c9a64438f
2 changed files with 49 additions and 20 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file.
 This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...

 ## [unreleased][unreleased]
+ - Fixed `nfc decode` - now handles NDEF Signature version1 records better (@iceman1001)
 - Added new standalone mode `LF_MULTIHID` - HID26 (H1031) multi simulator (@flamebarke)
 - Changed `hf 14b dump --ns` - now supports `no save` of card memory (@iceman1001)
 - Changed `hf mfu dump --ns` - now supports `no save` of card memory (@iceman1001)
--- a/client/src/nfc/ndef.c
+++ b/client/src/nfc/ndef.c
@ -289,22 +289,35 @@ static int ndef_print_signature(uint8_t *data, uint8_t data_len, uint8_t *signat
 }

 static int ndefDecodeSig1(uint8_t *sig, size_t siglen) {
-    size_t indx = 1;

+    size_t indx = 1;
    uint8_t sigType = sig[indx] & 0x7f;
    bool sigURI = sig[indx] & 0x80;
+    indx++;

-    PrintAndLogEx(SUCCESS, "\tsignature type: %s", ((sigType < stNA) ? ndefSigType_s[sigType] : ndefSigType_s[stNA]));
-    PrintAndLogEx(SUCCESS, "\tsignature uri: %s", (sigURI ? "present" : "not present"));
+    PrintAndLogEx(SUCCESS, "\tSignature type... " _YELLOW_("%s"), ((sigType < stNA) ? ndefSigType_s[sigType] : ndefSigType_s[stNA]));
+    PrintAndLogEx(SUCCESS, "\tSignature URI.... " _YELLOW_("%s"), (sigURI ? "present" : "not present"));
+
+    if (sigType == 0 && sigURI == false) {
+        PrintAndLogEx(INFO, "\tRecord should be considered a start marker");
+    }
+    if (sigType == 0 && sigURI) {
+        PrintAndLogEx(INFO, _RED_("\tSignature record is invalid"));
+    }
+
+    uint16_t intsiglen = MemBeToUint2byte(sig + indx);
+    indx += 2;

-    size_t intsiglen = (sig[indx + 1] << 8) + sig[indx + 2];
    // ecdsa 0x04
    if (sigType == stECDSA_P192 || sigType == stECDSA_P256) {
-        indx += 3;
+
        int slen = 24;
-        if (sigType == stECDSA_P256)
+        if (sigType == stECDSA_P256) {
            slen = 32;
-        PrintAndLogEx(SUCCESS, "\tsignature [%zu]: %s", intsiglen, sprint_hex_inrow(&sig[indx], intsiglen));
+        }
+        
+        PrintAndLogEx(SUCCESS, "\tSignature [%u]...", intsiglen);
+        print_hex_noascii_break(&sig[indx], intsiglen, 32);

        uint8_t rval[300] = {0};
        uint8_t sval[300] = {0};
@ -313,38 +326,53 @@ static int ndefDecodeSig1(uint8_t *sig, size_t siglen) {
            PrintAndLogEx(SUCCESS, "\t\tr: %s", sprint_hex(rval + 32 - slen, slen));
            PrintAndLogEx(SUCCESS, "\t\ts: %s", sprint_hex(sval + 32 - slen, slen));
        }
+    } else {
+        PrintAndLogEx(SUCCESS, "\tSignature [%u]...", intsiglen);
+        print_hex_noascii_break(&sig[indx], intsiglen, 32);
    }
+
    indx += intsiglen;

    if (sigURI) {
-        size_t intsigurilen = (sig[indx] << 8) + sig[indx + 1];
+
+        uint16_t intsigurilen = MemBeToUint2byte(sig + indx);
        indx += 2;
-        PrintAndLogEx(SUCCESS, "\tsignature uri [%zu]: %.*s", intsigurilen, (int)intsigurilen, &sig[indx]);
+
+        PrintAndLogEx(SUCCESS, "\tSignature URI... " _YELLOW_("%.*s"), (int)intsigurilen, &sig[indx]);
        indx += intsigurilen;
    }

+    // CERTIFICATE SECTION
+    PrintAndLogEx(INFO, "");
+    PrintAndLogEx(INFO, _CYAN_("Certificate"));
+
    uint8_t certFormat = (sig[indx] >> 4) & 0x07;
    uint8_t certCount = sig[indx] & 0x0f;
    bool certURI = sig[indx] & 0x80;
+    indx++;

-    PrintAndLogEx(SUCCESS, "\tcertificate format: %s", ((certFormat < sfNA) ? ndefCertificateFormat_s[certFormat] : ndefCertificateFormat_s[sfNA]));
-    PrintAndLogEx(SUCCESS, "\tcertificates count: %d", certCount);
+    PrintAndLogEx(SUCCESS, "\tFormat............ " _YELLOW_("%s"), ((certFormat < sfNA) ? ndefCertificateFormat_s[certFormat] : ndefCertificateFormat_s[sfNA]));
+    if (certCount) {
+        PrintAndLogEx(SUCCESS, "\tNum of certs#..... " _YELLOW_("%d"), certCount);
+    }

    // print certificates
-    indx++;
-    for (int i = 0; i < certCount; i++) {
-        size_t intcertlen = (sig[indx + 1] << 8) + sig[indx + 2];
+    for (uint8_t i = 0; i < certCount; i++) {
+        uint16_t intcertlen = MemBeToUint2byte(sig + indx);
        indx += 2;

-        PrintAndLogEx(SUCCESS, "\tcertificate %d [%zu]: %s", i + 1, intcertlen, sprint_hex_inrow(&sig[indx], intcertlen));
+        PrintAndLogEx(INFO, "");
+        PrintAndLogEx(SUCCESS, "\tCertificate %u [%u]...", i + 1, intcertlen);
+        print_hex_noascii_break(&sig[indx], intcertlen, 32);
+
        indx += intcertlen;
    }

-    // have certificate uri
+    // print certificate uri
    if ((indx <= siglen) && certURI) {
-        size_t inturilen = (sig[indx] << 8) + sig[indx + 1];
+        uint16_t inturilen = MemBeToUint2byte(sig + indx);
        indx += 2;
-        PrintAndLogEx(SUCCESS, "\tcertificate uri [%zu]: %.*s", inturilen, (int)inturilen, &sig[indx]);
+        PrintAndLogEx(SUCCESS, "\tCertificate URI... " _YELLOW_("%.*s"), (int)inturilen, &sig[indx]);
    }

    return PM3_SUCCESS;
@ -417,9 +445,9 @@ static int ndefDecodeSig2(uint8_t *sig, size_t siglen) {
 }

 static int ndefDecodeSig(uint8_t *sig, size_t siglen) {
-    PrintAndLogEx(SUCCESS, "\tsignature version : \t" _GREEN_("0x%02x"), sig[0]);
+    PrintAndLogEx(SUCCESS, "\tVersion... " _GREEN_("0x%02x"), sig[0]);
    if (sig[0] != 0x01 && sig[0] != 0x20) {
-        PrintAndLogEx(ERR, "signature version unknown.");
+        PrintAndLogEx(ERR, _RED_("Version unknown"));
        return PM3_ESOFT;
    }