diff --git a/armsrc/Standalone/hf_colin.c b/armsrc/Standalone/hf_colin.c
index acbf043c1..f65b499af 100644
--- a/armsrc/Standalone/hf_colin.c
+++ b/armsrc/Standalone/hf_colin.c
@@ -56,7 +56,7 @@ void RunMod() {
Dbprintf("...Waiting For Tag...");
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
- while (!iso14443a_select_card(cjuid, NULL, &cjcuid)) {
+ while (!iso14443a_select_card(cjuid, NULL, &cjcuid, true, 0, true)) {
WDT_HIT();
}
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
@@ -328,7 +328,7 @@ int cjat91_saMifareChkKeys(uint8_t blockNo, uint8_t keyType, bool clearTrace, ui
for (i = 0; i < keyCount; ++i) {
/* no need for anticollision. just verify tag is still here */
- if (!iso14443a_select_card(uid, NULL, &cuid)) {
+ if (!iso14443a_select_card(uid, NULL, &cuid, true, 0 , true)) {
cjat91_printf("FATAL : E_MF_LOSTTAG");
return -1;
}
diff --git a/armsrc/Standalone/hf_young.c b/armsrc/Standalone/hf_young.c
index 948680e81..ef41bc64d 100644
--- a/armsrc/Standalone/hf_young.c
+++ b/armsrc/Standalone/hf_young.c
@@ -68,7 +68,7 @@ void RunMod() {
}
}
- if (!iso14443a_select_card(NULL, &card[selected], NULL, true, 0)) {
+ if (!iso14443a_select_card(NULL, &card[selected], NULL, true, 0, true)) {
continue;
} else {
Dbprintf("Read UID:");
@@ -123,7 +123,7 @@ void RunMod() {
// wait for button to be released
// Delay cloning until card is in place
- while(BUTTON_PRESS())
+ while (BUTTON_PRESS())
WDT_HIT();
Dbprintf("Starting clone. [Bank: %d]", selected);
diff --git a/armsrc/emvcmd.c b/armsrc/emvcmd.c
index dd57fe1ee..84b135051 100644
--- a/armsrc/emvcmd.c
+++ b/armsrc/emvcmd.c
@@ -491,7 +491,7 @@ void EMVTransaction(void)
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
while(true) {
- if(!iso14443a_select_card(uid, NULL, &cuid, true, 0)) {
+ if(!iso14443a_select_card(uid, NULL, &cuid, true, 0, false)) {
if(MF_DBGLEVEL >= 1) Dbprintf("Can't select card");
break;
}
@@ -572,7 +572,7 @@ void EMVClone(uint8_t maxsfi, uint8_t maxrecord)
LED_C_OFF();
while(true) {
- if(!iso14443a_select_card(uid, &hi14a_card, &cuid, true, 0)) {
+ if(!iso14443a_select_card(uid, &hi14a_card, &cuid, true, 0, false)) {
if(MF_DBGLEVEL >= 1) Dbprintf("Can't select card");
break;
}
diff --git a/armsrc/epa.c b/armsrc/epa.c
index 7018a7f94..5a8fdc8bb 100644
--- a/armsrc/epa.c
+++ b/armsrc/epa.c
@@ -526,7 +526,7 @@ int EPA_Setup()
// power up the field
iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD);
// select the card
- return_code = iso14443a_select_card(uid, &card_a_info, NULL, true, 0);
+ return_code = iso14443a_select_card(uid, &card_a_info, NULL, true, 0, false);
if (return_code == 1) {
// send the PPS request
ReaderTransmit((uint8_t *)pps, sizeof(pps), NULL);
diff --git a/armsrc/iso14443a.c b/armsrc/iso14443a.c
index e23041528..01abb5a54 100644
--- a/armsrc/iso14443a.c
+++ b/armsrc/iso14443a.c
@@ -1806,7 +1806,7 @@ int ReaderReceive(uint8_t *receivedAnswer, uint8_t *parity) {
// fills the card info record unless NULL
// if anticollision is false, then the UID must be provided in uid_ptr[]
// and num_cascades must be set (1: 4 Byte UID, 2: 7 Byte UID, 3: 10 Byte UID)
-int iso14443a_select_card(byte_t *uid_ptr, iso14a_card_select_t *p_card, uint32_t *cuid_ptr, bool anticollision, uint8_t num_cascades) {
+int iso14443a_select_card(byte_t *uid_ptr, iso14a_card_select_t *p_card, uint32_t *cuid_ptr, bool anticollision, uint8_t num_cascades, bool no_rats) {
uint8_t wupa[] = { ISO14443A_CMD_WUPA }; // 0x26 - ISO14443A_CMD_REQA 0x52 - ISO14443A_CMD_WUPA
uint8_t sel_all[] = { ISO14443A_CMD_ANTICOLL_OR_SELECT,0x20 };
uint8_t sel_uid[] = { ISO14443A_CMD_ANTICOLL_OR_SELECT,0x70,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
@@ -1837,9 +1837,6 @@ int iso14443a_select_card(byte_t *uid_ptr, iso14a_card_select_t *p_card, uint32_
if (uid_ptr)
memset(uid_ptr, 0, 10);
}
-
- // reset the PCB block number
- iso14_pcb_blocknum = 0;
// check for proprietary anticollision:
if ((resp[0] & 0x1F) == 0) return 3;
@@ -1941,19 +1938,26 @@ int iso14443a_select_card(byte_t *uid_ptr, iso14a_card_select_t *p_card, uint32_
// non iso14443a compliant tag
if( (sak & 0x20) == 0) return 2;
- // Request for answer to select
- AppendCrc14443a(rats, 2);
- ReaderTransmit(rats, sizeof(rats), NULL);
+ // RATS, Request for answer to select
+ if ( !no_rats ) {
+ AppendCrc14443a(rats, 2);
+ ReaderTransmit(rats, sizeof(rats), NULL);
+ len = ReaderReceive(resp, resp_par);
+
+ if (!len) return 0;
- if (!(len = ReaderReceive(resp, resp_par))) return 0;
-
- if(p_card) {
- memcpy(p_card->ats, resp, sizeof(p_card->ats));
- p_card->ats_len = len;
+ if(p_card) {
+ memcpy(p_card->ats, resp, sizeof(p_card->ats));
+ p_card->ats_len = len;
+ }
+
+ // reset the PCB block number
+ iso14_pcb_blocknum = 0;
+
+ //set default timeout based on ATS
+ iso14a_set_ATS_timeout(resp);
}
-
- // set default timeout based on ATS
- iso14a_set_ATS_timeout(resp);
+
return 1;
}
@@ -2046,7 +2050,7 @@ void ReaderIso14443a(UsbCommand *c) {
// if failed selecting, turn off antenna and quite.
if( !(param & ISO14A_NO_SELECT) ) {
iso14a_card_select_t *card = (iso14a_card_select_t*)buf;
- arg0 = iso14443a_select_card(NULL, card, NULL, true, 0);
+ arg0 = iso14443a_select_card(NULL, card, NULL, true, 0, param & ISO14A_NO_RATS );
cmd_send(CMD_ACK, arg0, card->uidlen, 0, buf, sizeof(iso14a_card_select_t));
if ( arg0 == 0 )
goto OUT;
@@ -2237,7 +2241,7 @@ void ReaderMifare(bool first_try, uint8_t block, uint8_t keytype ) {
// this part is from Piwi's faster nonce collecting part in Hardnested.
if (!have_uid) { // need a full select cycle to get the uid first
iso14a_card_select_t card_info;
- if(!iso14443a_select_card(uid, &card_info, &cuid, true, 0)) {
+ if(!iso14443a_select_card(uid, &card_info, &cuid, true, 0, true)) {
if (MF_DBGLEVEL >= 4) Dbprintf("Mifare: Can't select card (ALL)");
break;
}
@@ -2249,7 +2253,7 @@ void ReaderMifare(bool first_try, uint8_t block, uint8_t keytype ) {
}
have_uid = true;
} else { // no need for anticollision. We can directly select the card
- if(!iso14443a_select_card(uid, NULL, &cuid, false, cascade_levels)) {
+ if(!iso14443a_select_card(uid, NULL, &cuid, false, cascade_levels, true)) {
if (MF_DBGLEVEL >= 4) Dbprintf("Mifare: Can't select card (UID)");
continue;
}
diff --git a/armsrc/iso14443a.h b/armsrc/iso14443a.h
index 6441b4844..953132d13 100644
--- a/armsrc/iso14443a.h
+++ b/armsrc/iso14443a.h
@@ -93,7 +93,7 @@ extern int ReaderReceive(uint8_t *receivedAnswer, uint8_t *par);
extern void iso14443a_setup(uint8_t fpga_minor_mode);
extern int iso14_apdu(uint8_t *cmd, uint16_t cmd_len, void *data);
-extern int iso14443a_select_card(uint8_t *uid_ptr, iso14a_card_select_t *resp_data, uint32_t *cuid_ptr, bool anticollision, uint8_t num_cascades);
+extern int iso14443a_select_card(uint8_t *uid_ptr, iso14a_card_select_t *resp_data, uint32_t *cuid_ptr, bool anticollision, uint8_t num_cascades, bool no_rats);
extern void iso14a_set_trigger(bool enable);
int EmSendCmd14443aRaw(uint8_t *resp, uint16_t respLen);
diff --git a/armsrc/mifarecmd.c b/armsrc/mifarecmd.c
index b7ae8b433..73ea24e68 100644
--- a/armsrc/mifarecmd.c
+++ b/armsrc/mifarecmd.c
@@ -46,7 +46,7 @@ void MifareReadBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
LED_C_OFF();
while (true) {
- if(!iso14443a_select_card(uid, NULL, &cuid, true, 0)) {
+ if(!iso14443a_select_card(uid, NULL, &cuid, true, 0, true)) {
if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");
break;
};
@@ -93,7 +93,7 @@ void MifareUC_Auth(uint8_t arg0, uint8_t *keybytes){
clear_trace();
set_tracing(true);
- if(!iso14443a_select_card(NULL, NULL, NULL, true, 0)) {
+ if(!iso14443a_select_card(NULL, NULL, NULL, true, 0, true)) {
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card");
OnError(0);
return;
@@ -129,7 +129,7 @@ void MifareUReadBlock(uint8_t arg0, uint8_t arg1, uint8_t *datain)
clear_trace();
set_tracing(true);
- int len = iso14443a_select_card(NULL, NULL, NULL, true, 0);
+ int len = iso14443a_select_card(NULL, NULL, NULL, true, 0, true);
if(!len) {
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card (RC:%02X)",len);
OnError(1);
@@ -206,7 +206,7 @@ void MifareReadSector(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
LED_C_OFF();
isOK = 1;
- if(!iso14443a_select_card(uid, NULL, &cuid, true, 0)) {
+ if(!iso14443a_select_card(uid, NULL, &cuid, true, 0, true)) {
isOK = 0;
if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");
}
@@ -270,7 +270,7 @@ void MifareUReadCard(uint8_t arg0, uint16_t arg1, uint8_t arg2, uint8_t *datain)
return;
}
- int len = iso14443a_select_card(NULL, NULL, NULL, true, 0);
+ int len = iso14443a_select_card(NULL, NULL, NULL, true, 0, true);
if (!len) {
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card (RC:%d)",len);
OnError(1);
@@ -374,7 +374,7 @@ void MifareWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
LED_C_OFF();
while (true) {
- if(!iso14443a_select_card(uid, NULL, &cuid, true, 0)) {
+ if(!iso14443a_select_card(uid, NULL, &cuid, true, 0, true)) {
if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");
break;
};
@@ -425,7 +425,7 @@ void MifareUWriteBlockCompat(uint8_t arg0, uint8_t *datain)
set_tracing(true);
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
- if(!iso14443a_select_card(uid, NULL, NULL, true, 0)) {
+ if(!iso14443a_select_card(uid, NULL, NULL, true, 0, true)) {
if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");
OnError(0);
return;
@@ -472,7 +472,7 @@ void MifareUWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t *datain)
clear_trace();
set_tracing(true);
- if(!iso14443a_select_card(NULL, NULL, NULL, true, 0)) {
+ if(!iso14443a_select_card(NULL, NULL, NULL, true, 0, true)) {
if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");
OnError(0);
return;
@@ -533,7 +533,7 @@ void MifareUSetPwd(uint8_t arg0, uint8_t *datain){
clear_trace();
set_tracing(true);
- if(!iso14443a_select_card(NULL, NULL, NULL, true, 0)) {
+ if(!iso14443a_select_card(NULL, NULL, NULL, true, 0, true)) {
if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");
OnError(0);
return;
@@ -643,7 +643,7 @@ void MifareAcquireNonces(uint32_t arg0, uint32_t arg1, uint32_t flags, uint8_t *
if (!have_uid) { // need a full select cycle to get the uid first
iso14a_card_select_t card_info;
- if(!iso14443a_select_card(uid, &card_info, &cuid, true, 0)) {
+ if(!iso14443a_select_card(uid, &card_info, &cuid, true, 0, true)) {
if (MF_DBGLEVEL >= 1) Dbprintf("AcquireNonces: Can't select card (ALL)");
continue;
}
@@ -655,7 +655,7 @@ void MifareAcquireNonces(uint32_t arg0, uint32_t arg1, uint32_t flags, uint8_t *
}
have_uid = true;
} else { // no need for anticollision. We can directly select the card
- if(!iso14443a_select_card(uid, NULL, NULL, false, cascade_levels)) {
+ if(!iso14443a_select_card(uid, NULL, NULL, false, cascade_levels, true)) {
if (MF_DBGLEVEL >= 1) Dbprintf("AcquireNonces: Can't select card (UID)");
continue;
}
@@ -761,7 +761,7 @@ void MifareAcquireEncryptedNonces(uint32_t arg0, uint32_t arg1, uint32_t flags,
if (!have_uid) { // need a full select cycle to get the uid first
iso14a_card_select_t card_info;
- if(!iso14443a_select_card(uid, &card_info, &cuid, true, 0)) {
+ if(!iso14443a_select_card(uid, &card_info, &cuid, true, 0, true)) {
if (MF_DBGLEVEL >= 1) Dbprintf("AcquireNonces: Can't select card (ALL)");
continue;
}
@@ -773,7 +773,7 @@ void MifareAcquireEncryptedNonces(uint32_t arg0, uint32_t arg1, uint32_t flags,
}
have_uid = true;
} else { // no need for anticollision. We can directly select the card
- if(!iso14443a_select_card(uid, NULL, NULL, false, cascade_levels)) {
+ if(!iso14443a_select_card(uid, NULL, NULL, false, cascade_levels, true)) {
if (MF_DBGLEVEL >= 1) Dbprintf("AcquireNonces: Can't select card (UID)");
continue;
}
@@ -903,7 +903,7 @@ void MifareNested(uint32_t arg0, uint32_t arg1, uint32_t calibrate, uint8_t *dat
continue;
}
- if(!iso14443a_select_card(uid, NULL, &cuid, true, 0)) {
+ if(!iso14443a_select_card(uid, NULL, &cuid, true, 0, true)) {
if (MF_DBGLEVEL >= 1) Dbprintf("Nested: Can't select card");
rtr--;
continue;
@@ -972,7 +972,7 @@ void MifareNested(uint32_t arg0, uint32_t arg1, uint32_t calibrate, uint8_t *dat
continue;
}
- if(!iso14443a_select_card(uid, NULL, &cuid, true, 0)) {
+ if(!iso14443a_select_card(uid, NULL, &cuid, true, 0, true)) {
if (MF_DBGLEVEL >= 1) Dbprintf("Nested: Can't select card");
continue;
};
@@ -1093,7 +1093,7 @@ void MifareChkKeys(uint16_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) {
// Iceman: use piwi's faster nonce collecting part in hardnested.
if (!have_uid) { // need a full select cycle to get the uid first
iso14a_card_select_t card_info;
- if(!iso14443a_select_card(uid, &card_info, &cuid, true, 0)) {
+ if(!iso14443a_select_card(uid, &card_info, &cuid, true, 0, true)) {
//if (MF_DBGLEVEL >= 1) Dbprintf("ChkKeys: Can't select card (ALL)");
--i; // try same key once again
continue;
@@ -1106,7 +1106,7 @@ void MifareChkKeys(uint16_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) {
}
have_uid = true;
} else { // no need for anticollision. We can directly select the card
- if(!iso14443a_select_card(uid, NULL, NULL, false, cascade_levels)) {
+ if(!iso14443a_select_card(uid, NULL, NULL, false, cascade_levels, true)) {
//if (MF_DBGLEVEL >= 1) Dbprintf("ChkKeys: Can't select card (UID)");
--i; // try same key once again
continue;
@@ -1208,7 +1208,7 @@ void MifareECardLoad(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datai
bool isOK = true;
- if(!iso14443a_select_card(uid, NULL, &cuid, true, 0)) {
+ if(!iso14443a_select_card(uid, NULL, &cuid, true, 0, true)) {
isOK = false;
if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");
}
@@ -1312,7 +1312,7 @@ void MifareCSetBlock(uint32_t arg0, uint32_t arg1, uint8_t *datain){
while (true) {
// read UID and return to client with write
if (workFlags & MAGIC_UID) {
- if(!iso14443a_select_card(uid, NULL, &cuid, true, 0)) {
+ if(!iso14443a_select_card(uid, NULL, &cuid, true, 0, true)) {
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card");
errormsg = MAGIC_UID;
}
@@ -1493,20 +1493,18 @@ void MifareCIdent(){
TEST2:;
/*
// Generation 2 test
- struct Crypto1State mpcs = {0, 0};
- struct Crypto1State *pcs = &mpcs;
// halt previous.
mifare_classic_halt(NULL, 0);
//select
- if (!iso14443a_select_card(NULL, NULL, NULL, true, 0)) {
+ if (!iso14443a_select_card(NULL, NULL, NULL, true, 0, true)) {
goto OUT;
};
// MIFARE_CLASSIC_WRITEBLOCK 0xA0
// ACK 0x0a
- uint16_t len = mifare_sendcmd_short(pcs, 1, 0xA0, 0, rec, recpar, NULL);
+ uint16_t len = mifare_sendcmd_short(null, 1, 0xA0, 0, rec, recpar, NULL);
if ((len != 1) || (rec[0] != 0x0A)) {
isGen = GEN_2;
};
@@ -1551,7 +1549,7 @@ void MifareSetMod(uint8_t mod, uint8_t *key) {
LED_C_OFF();
while (true) {
- if(!iso14443a_select_card(uid, NULL, &cuid, true, 0)) {
+ if(!iso14443a_select_card(uid, NULL, &cuid, true, 0, true)) {
if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");
break;
}
@@ -1597,7 +1595,7 @@ void Mifare_DES_Auth1(uint8_t arg0, uint8_t *datain){
clear_trace();
set_tracing(true);
- int len = iso14443a_select_card(uid, NULL, &cuid, true, 0);
+ int len = iso14443a_select_card(uid, NULL, &cuid, true, 0, false);
if(!len) {
if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card");
OnError(1);
diff --git a/armsrc/mifaredesfire.c b/armsrc/mifaredesfire.c
index b59a8fbe0..d5ec4e42e 100644
--- a/armsrc/mifaredesfire.c
+++ b/armsrc/mifaredesfire.c
@@ -23,7 +23,7 @@ bool InitDesfireCard(){
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
set_tracing(true);
- if (!iso14443a_select_card(NULL, &card, NULL, true, 0)) {
+ if (!iso14443a_select_card(NULL, &card, NULL, true, 0, false)) {
if (MF_DBGLEVEL >= MF_DBG_ERROR) DbpString("Can't select card");
OnError(1);
return false;
@@ -105,7 +105,7 @@ void MifareDesfireGetInformation(){
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
// card select - information
- if ( !iso14443a_select_card(NULL, &card, NULL, true, 0) ) {
+ if ( !iso14443a_select_card(NULL, &card, NULL, true, 0, false) ) {
if (MF_DBGLEVEL >= MF_DBG_ERROR) DbpString("Can't select card");
OnError(1);
return;
diff --git a/client/cmdhf14a.c b/client/cmdhf14a.c
index ca4350bb6..9fd8a954f 100644
--- a/client/cmdhf14a.c
+++ b/client/cmdhf14a.c
@@ -157,6 +157,7 @@ int usage_hf_14a_raw(void){
PrintAndLog(" -b number of bits to send. Useful for send partial byte");
PrintAndLog(" -t timeout in ms");
PrintAndLog(" -T use Topaz protocol to send command");
+ PrintAndLog(" -3 ISO14443-3 select only (skip RATS)");
return 0;
}
@@ -435,7 +436,7 @@ int CmdHF14ACUIDs(const char *Cmd) {
}
// execute anticollision procedure
- UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT, 0, 0}};
+ UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_RATS, 0, 0}};
SendCommand(&c);
UsbCommand resp;
@@ -567,22 +568,23 @@ int CmdHF14ASniff(const char *Cmd) {
int CmdHF14ACmdRaw(const char *cmd) {
UsbCommand c = {CMD_READER_ISO_14443a, {0, 0, 0}};
- bool reply=1;
+ bool reply = 1;
bool crc = false;
bool power = false;
bool active = false;
bool active_select = false;
- uint16_t numbits=0;
+ uint16_t numbits = 0;
bool bTimeout = false;
- uint32_t timeout=0;
+ uint32_t timeout = 0;
bool topazmode = false;
+ bool no_rats = false;
char buf[5]="";
- int i=0;
+ int i = 0;
uint8_t data[USB_CMD_DATA_SIZE];
- uint16_t datalen=0;
+ uint16_t datalen = 0;
uint32_t temp;
- if (strlen(cmd)<2) return usage_hf_14a_raw();
+ if (strlen(cmd) < 2) return usage_hf_14a_raw();
// strip
while (*cmd==' ' || *cmd=='\t') cmd++;
@@ -610,7 +612,7 @@ int CmdHF14ACmdRaw(const char *cmd) {
active_select = true;
break;
case 'b':
- sscanf(cmd+i+2,"%d",&temp);
+ sscanf(cmd+i+2, "%d", &temp);
numbits = temp & 0xFFFF;
i+=3;
while(cmd[i]!=' ' && cmd[i]!='\0') { i++; }
@@ -618,7 +620,7 @@ int CmdHF14ACmdRaw(const char *cmd) {
break;
case 't':
bTimeout = true;
- sscanf(cmd+i+2,"%d",&temp);
+ sscanf(cmd+i+2, "%d", &temp);
timeout = temp;
i+=3;
while(cmd[i]!=' ' && cmd[i]!='\0') { i++; }
@@ -627,10 +629,13 @@ int CmdHF14ACmdRaw(const char *cmd) {
case 'T':
topazmode = true;
break;
+ case '3':
+ no_rats = true;
+ break;
default:
return usage_hf_14a_raw();
}
- i+=2;
+ i += 2;
continue;
}
if ((cmd[i]>='0' && cmd[i]<='9') ||
@@ -656,8 +661,7 @@ int CmdHF14ACmdRaw(const char *cmd) {
return 0;
}
- if(crc && datalen>0 && datalen<sizeof(data)-2)
- {
+ if (crc && datalen>0 && datalen<sizeof(data)-2) {
uint8_t first, second;
if (topazmode) {
ComputeCrc14443(CRC_14443_B, data, datalen, &first, &second);
@@ -668,14 +672,13 @@ int CmdHF14ACmdRaw(const char *cmd) {
data[datalen++] = second;
}
- if(active || active_select)
- {
+ if (active || active_select) {
c.arg[0] |= ISO14A_CONNECT;
if(active)
c.arg[0] |= ISO14A_NO_SELECT;
}
- if(bTimeout){
+ if (bTimeout){
#define MAX_TIMEOUT 40542464 // = (2^32-1) * (8*16) / 13560000Hz * 1000ms/s
c.arg[0] |= ISO14A_SET_TIMEOUT;
if(timeout > MAX_TIMEOUT) {
@@ -685,17 +688,20 @@ int CmdHF14ACmdRaw(const char *cmd) {
c.arg[2] = 13560000 / 1000 / (8*16) * timeout; // timeout in ETUs (time to transfer 1 bit, approx. 9.4 us)
}
- if(power) {
+ if (power) {
c.arg[0] |= ISO14A_NO_DISCONNECT;
}
- if(datalen>0) {
+ if (datalen>0) {
c.arg[0] |= ISO14A_RAW;
}
- if(topazmode) {
+ if (topazmode) {
c.arg[0] |= ISO14A_TOPAZMODE;
}
+ if (no_rats) {
+ c.arg[0] |= ISO14A_NO_RATS;
+ }
// Max buffer is USB_CMD_DATA_SIZE
datalen = (datalen > USB_CMD_DATA_SIZE) ? USB_CMD_DATA_SIZE : datalen;
@@ -707,11 +713,11 @@ int CmdHF14ACmdRaw(const char *cmd) {
SendCommand(&c);
if (reply) {
- if(active_select)
+ if (active_select)
waitCmd(1);
- if(datalen>0)
+ if (datalen > 0)
waitCmd(0);
- } // if reply
+ }
return 0;
}
diff --git a/client/cmdhfmfu.c b/client/cmdhfmfu.c
index 798ddbab9..7dcc0617e 100644
--- a/client/cmdhfmfu.c
+++ b/client/cmdhfmfu.c
@@ -1,20 +1,13 @@
//-----------------------------------------------------------------------------
// Ultralight Code (c) 2013,2014 Midnitesnake & Andy Davies of Pentura
-//
+// 2015,2016,2017 Iceman, Marshmellow
// This code is licensed to you under the terms of the GNU GPL, version 2 or,
// at your option, any later version. See the LICENSE.txt file for the text of
// the license.
//-----------------------------------------------------------------------------
// High frequency MIFARE ULTRALIGHT (C) commands
//-----------------------------------------------------------------------------
-#include "loclass/des.h"
#include "cmdhfmfu.h"
-#include "cmdhfmf.h"
-#include "cmdhf14a.h"
-#include "mifare.h"
-#include "util.h"
-#include "protocols.h"
-#include "data.h"
#define MAX_UL_BLOCKS 0x0f
#define MAX_ULC_BLOCKS 0x2b
@@ -30,6 +23,15 @@
#define MAX_MY_D_MOVE 0x25
#define MAX_MY_D_MOVE_LEAN 0x0f
+#define PUBLIC_ECDA_KEYLEN 33
+uint8_t public_ecda_key[PUBLIC_ECDA_KEYLEN] = {
+ 0x04, 0x49, 0x4e, 0x1a, 0x38, 0x6d, 0x3d, 0x3c,
+ 0xfe, 0x3d, 0xc1, 0x0e, 0x5d, 0xe6, 0x8a, 0x49,
+ 0x9b, 0x1c, 0x20, 0x2d, 0xb5, 0xb1, 0x32, 0x39,
+ 0x3e, 0x89, 0xed, 0x19, 0xfe, 0x5b, 0xe8, 0xbc,
+ 0x61
+};
+
#define KEYS_3DES_COUNT 7
uint8_t default_3des_keys[KEYS_3DES_COUNT][16] = {
{ 0x42,0x52,0x45,0x41,0x4b,0x4d,0x45,0x49,0x46,0x59,0x4f,0x55,0x43,0x41,0x4e,0x21 },// 3des std key
@@ -186,7 +188,7 @@ char *getUlev1CardSizeStr( uint8_t fsize ){
}
static void ul_switch_on_field(void) {
- UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_DISCONNECT, 0, 0}};
+ UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_DISCONNECT | ISO14A_NO_RATS, 0, 0}};
clearCommandBuffer();
SendCommand(&c);
}
@@ -198,7 +200,7 @@ void ul_switch_off_field(void) {
}
static int ul_send_cmd_raw( uint8_t *cmd, uint8_t cmdlen, uint8_t *response, uint16_t responseLength ) {
- UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_APPEND_CRC, cmdlen, 0}};
+ UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_APPEND_CRC | ISO14A_NO_RATS, cmdlen, 0}};
memcpy(c.d.asBytes, cmd, cmdlen);
clearCommandBuffer();
SendCommand(&c);
@@ -352,7 +354,7 @@ static int ul_fudan_check( void ){
if ( !ul_select(&card) )
return UL_ERROR;
- UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT, 4, 0}};
+ UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_NO_RATS, 4, 0}};
uint8_t cmd[4] = {0x30,0x00,0x02,0xa7}; //wrong crc on purpose should be 0xa8
memcpy(c.d.asBytes, cmd, 4);
@@ -577,11 +579,12 @@ static int ulev1_print_counters(){
static int ulev1_print_signature( uint8_t *data, uint8_t len){
PrintAndLog("\n--- Tag Signature");
- //PrintAndLog("IC signature public key name : NXP NTAG21x 2013"); // don't know if there is other NXP public keys.. :(
- PrintAndLog("IC signature public key value : 04494e1a386d3d3cfe3dc10e5de68a499b1c202db5b132393e89ed19fe5be8bc61");
+ PrintAndLog("IC signature public key name : NXP NTAG21x (2013)");
+ PrintAndLog("IC signature public key value : %s", sprint_hex(public_ecda_key, PUBLIC_ECDA_KEYLEN) );
PrintAndLog(" Elliptic curve parameters : secp128r1");
PrintAndLog(" Tag ECC Signature : %s", sprint_hex(data, len));
//to do: verify if signature is valid
+ // only UID is signed.
//PrintAndLog("IC signature status: %s valid", (iseccvalid() )?"":"not");
return 0;
}
@@ -1926,6 +1929,7 @@ int CmdHF14AMfURestore(const char *Cmd){
SendCommand(&c);
wait4response(b);
printf(".");
+ fflush(stdout);
}
printf("\n");
@@ -2213,7 +2217,7 @@ int CmdHF14AMfuGenDiverseKeys(const char *Cmd){
if ( cmdp == 'r' || cmdp == 'R') {
// read uid from tag
- UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT, 0, 0}};
+ UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_RATS, 0, 0}};
clearCommandBuffer();
SendCommand(&c);
UsbCommand resp;
@@ -2323,7 +2327,7 @@ int CmdHF14AMfuPwdGen(const char *Cmd){
if ( cmdp == 'r' || cmdp == 'R') {
// read uid from tag
- UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT, 0, 0}};
+ UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_RATS, 0, 0}};
clearCommandBuffer();
SendCommand(&c);
UsbCommand resp;
diff --git a/client/cmdhfmfu.h b/client/cmdhfmfu.h
index 77719a6a2..c12629e8a 100644
--- a/client/cmdhfmfu.h
+++ b/client/cmdhfmfu.h
@@ -1,9 +1,15 @@
-#include "cmdhfmf.h"
-#include "cmdhf14a.h"
-
#ifndef CMDHFMFU_H__
#define CMDHFMFU_H__
+#include <stdint.h>
+#include <stdio.h>
+#include "loclass/des.h"
+#include "cmdhfmf.h"
+#include "cmdhf14a.h"
+#include "mifare.h"
+#include "util.h"
+#include "protocols.h"
+#include "data.h"
typedef struct {
uint8_t version[8];
uint8_t tbo[2];
diff --git a/client/cmdhftopaz.c b/client/cmdhftopaz.c
index 0985340b1..f4d8927d5 100644
--- a/client/cmdhftopaz.c
+++ b/client/cmdhftopaz.c
@@ -46,7 +46,7 @@ static struct {
static void topaz_switch_on_field(void)
{
- UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_SELECT | ISO14A_NO_DISCONNECT | ISO14A_TOPAZMODE, 0, 0}};
+ UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_SELECT | ISO14A_NO_DISCONNECT | ISO14A_TOPAZMODE | ISO14A_NO_RATS, 0, 0}};
SendCommand(&c);
}
@@ -61,7 +61,7 @@ static void topaz_switch_off_field(void)
// send a raw topaz command, returns the length of the response (0 in case of error)
static int topaz_send_cmd_raw(uint8_t *cmd, uint8_t len, uint8_t *response)
{
- UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_TOPAZMODE, len, 0}};
+ UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_TOPAZMODE | ISO14A_NO_RATS, len, 0}};
memcpy(c.d.asBytes, cmd, len);
SendCommand(&c);
diff --git a/client/mifarehost.c b/client/mifarehost.c
index 09d73a412..319f62edd 100644
--- a/client/mifarehost.c
+++ b/client/mifarehost.c
@@ -830,7 +830,7 @@ bool detect_classic_prng(){
UsbCommand resp, respA;
uint8_t cmd[] = {MIFARE_AUTH_KEYA, 0x00};
- uint32_t flags = ISO14A_CONNECT | ISO14A_RAW | ISO14A_APPEND_CRC;
+ uint32_t flags = ISO14A_CONNECT | ISO14A_RAW | ISO14A_APPEND_CRC | ISO14A_NO_RATS;
UsbCommand c = {CMD_READER_ISO_14443a, {flags, sizeof(cmd), 0}};
memcpy(c.d.asBytes, cmd, sizeof(cmd));
diff --git a/include/mifare.h b/include/mifare.h
index 803a6df16..facf81d57 100644
--- a/include/mifare.h
+++ b/include/mifare.h
@@ -34,7 +34,8 @@ typedef enum ISO14A_COMMAND {
ISO14A_APPEND_CRC = (1 << 5),
ISO14A_SET_TIMEOUT = (1 << 6),
ISO14A_NO_SELECT = (1 << 7),
- ISO14A_TOPAZMODE = (1 << 8)
+ ISO14A_TOPAZMODE = (1 << 8),
+ ISO14A_NO_RATS = (1 << 9)
} iso14a_command_t;
typedef struct {