RfidResearchGroup/proxmark3
1
1
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-02-19 05:33:17 +08:00
Code Issues Projects Releases Packages Wiki Activity

emv roca select app

Browse source
This commit is contained in:
merlokk 2018-12-28 16:43:15 +02:00
parent ab41b4a991
commit 8e5133582d
1 changed files with 75 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

81
client/emv/cmdemv.c
View file

@ -1464,6 +1464,12 @@ int CmdEMVTest(const char *cmd) {
} }
int CmdEMVRoca(const char *cmd) { int CmdEMVRoca(const char *cmd) {
uint8_t AID[APDU_AID_LEN] = {0};
size_t AIDlen = 0;
uint8_t buf[APDU_RES_LEN] = {0};
size_t len = 0;
uint16_t sw = 0;
int res;
CLIParserInit("emv roca", CLIParserInit("emv roca",
"Tries to extract public keys and run the ROCA test against them.\n", "Tries to extract public keys and run the ROCA test against them.\n",
@ -1481,16 +1487,71 @@ int CmdEMVRoca(const char *cmd) {
if (arg_get_lit(1)) if (arg_get_lit(1))
channel = ECC_CONTACT; channel = ECC_CONTACT;
// select card
uint8_t psenum = (channel == ECC_CONTACT) ? 1 : 2;
// init applets list tree
const char *al = "Applets list";
struct tlvdb *tlvSelect = tlvdb_fixed(1, strlen(al), (const unsigned char *)al);
// EMV PPSE
PrintAndLogEx(NORMAL, "--> PPSE.");
res = EMVSelectPSE(channel, true, true, psenum, buf, sizeof(buf), &len, &sw);
if (!res && sw == 0x9000){
struct tlvdb *fci = tlvdb_parse_multi(buf, len);
tlvdb_free(fci);
}
SetAPDULogging(false);
res = EMVSearchPSE(channel, false, true, false, tlvSelect);
// check PPSE and select application id
if (!res) {
TLVPrintAIDlistFromSelectTLV(tlvSelect);
} else {
// EMV SEARCH with AID list
PrintAndLogEx(NORMAL, "--> AID search.");
if (EMVSearch(channel, false, true, false, tlvSelect)) {
PrintAndLogEx(ERR, "Can't found any of EMV AID. Exit...");
tlvdb_free(tlvSelect);
DropField();
return 3;
}
// check search and select application id
TLVPrintAIDlistFromSelectTLV(tlvSelect);
}
// EMV SELECT application
SetAPDULogging(false);
EMVSelectApplication(tlvSelect, AID, &AIDlen);
tlvdb_free(tlvSelect);
if (!AIDlen) {
PrintAndLogEx(INFO, "Can't select AID. EMV AID not found. Exit...");
DropField();
return 4;
}
// Init TLV tree // Init TLV tree
const char *alr = "Root terminal TLV tree"; const char *alr = "Root terminal TLV tree";
struct tlvdb *tlvRoot = tlvdb_fixed(1, strlen(alr), (const unsigned char *)alr); struct tlvdb *tlvRoot = tlvdb_fixed(1, strlen(alr), (const unsigned char *)alr);
// select card // EMV SELECT applet
uint8_t buf[APDU_RES_LEN] = {0}; PrintAndLogEx(NORMAL, "\n-->Selecting AID:%s.", sprint_hex_inrow(AID, AIDlen));
size_t len = 0; res = EMVSelect(channel, false, true, AID, AIDlen, buf, sizeof(buf), &len, &sw, tlvRoot);
uint16_t sw = 0;
uint8_t psenum = (channel == ECC_CONTACT) ? 1: 2; if (res) {
int res = EMVSelectPSE(channel, true, true, psenum, buf, sizeof(buf), &len, &sw); PrintAndLogEx(ERR, "Can't select AID (%d). Exit...", res);
tlvdb_free(tlvRoot);
DropField();
return 5;
}
// getting certificates // getting certificates
if (tlvdb_get(tlvRoot, 0x90, NULL)) { if (tlvdb_get(tlvRoot, 0x90, NULL)) {
@ -1530,8 +1591,16 @@ int CmdEMVRoca(const char *cmd) {
sprint_hex(icc_pk->serial, 3) sprint_hex(icc_pk->serial, 3)
); );
// icc_pk->exp, icc_pk->elen // icc_pk->exp, icc_pk->elen
// icc_pk->modulus, icc_pk->mlen // icc_pk->modulus, icc_pk->mlen
if (icc_pk->elen > 0 && icc_pk->mlen > 0) {
if (emv_rocacheck(icc_pk->modulus, icc_pk->mlen)) {
PrintAndLogEx(INFO, "ICC pk is vulnerable by roca.");
} else {
PrintAndLogEx(INFO, "ICC pk is OK(");
}
}
PKISetStrictExecution(true); PKISetStrictExecution(true);