search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge pull request #2593 from Akury83/master
[RRG-proxmark3.git] / include / mifare.h
blob4082b174e0f55689e14f0dab54a61132fd784233
1 //-----------------------------------------------------------------------------
2 // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details.
3 //
4 // This program is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // This program is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
13 //
14 // See LICENSE.txt for the text of the license.
15 //-----------------------------------------------------------------------------
16 // MIFARE type prototyping
17 //-----------------------------------------------------------------------------
18
19 #ifndef _MIFARE_H_
20 #define _MIFARE_H_
21
22 #include "common.h"
23
24 #define MF_KEY_A 0
25 #define MF_KEY_B 1
26 #define MF_KEY_BD08S 2
27 #define MF_KEY_BD08 3
28 #define MF_KEY_BD32 4
29
30 #define MF_MAD1_SECTOR 0x00
31 #define MF_MAD2_SECTOR 0x10
32
33 //-----------------------------------------------------------------------------
34 // Common types, used by client and ARM
35 //-----------------------------------------------------------------------------
36 // New Ultralight/NTAG dump file format
37 // Length must be aligned to 4 bytes (UL/NTAG page)
38 #define MFU_DUMP_PREFIX_LENGTH 56
39
40 typedef struct {
41 uint8_t version[8];
42 uint8_t tbo[2];
43 uint8_t tbo1[1];
44 uint8_t pages; // max page number in dump
45 uint8_t signature[32];
46 uint8_t counter_tearing[3][4]; // 3 bytes counter, 1 byte tearing flag
47 uint8_t data[1024];
48 } PACKED mfu_dump_t;
49
50 //-----------------------------------------------------------------------------
51 // ISO 14443A
52 //-----------------------------------------------------------------------------
53 typedef struct {
54 uint8_t uid[10];
55 uint8_t uidlen;
56 uint8_t atqa[2];
57 uint8_t sak;
58 uint8_t ats_len;
59 uint8_t ats[256];
60 } PACKED iso14a_card_select_t;
61
62 typedef struct {
63 uint8_t uid[10];
64 uint8_t uidlen;
65 uint8_t atqa[2];
66 uint8_t sak;
67 uint8_t ats_len;
68 uint8_t ats[256];
69 uint8_t signature[32];
70 } PACKED iso14a_card_select_ev1_t;
71
72 typedef struct {
73 iso14a_card_select_t card_info;
74 uint16_t dumplen;
75 uint8_t *dump;
76 } iso14a_mf_extdump_t;
77
78 typedef struct {
79 union {
80 iso14a_card_select_t mfc;
81 iso14a_card_select_ev1_t ev1;
82 } card;
83 uint16_t dumplen;
84 uint8_t *dump;
85 } iso14a_mf_dump_ev1_t;
86
87 typedef struct {
88 uint8_t nt[17][2][4];
89 uint8_t nt_enc[17][2][4];
90 uint8_t par_err[17][2];
91 uint8_t blocks[64][16]; // [MIFARE_1K_MAXSECTOR * 4][MFBLOCK_SIZE]
92 } iso14a_fm11rf08s_nonces_with_data_t;
93
94 typedef enum ISO14A_COMMAND {
95 ISO14A_CONNECT = (1 << 0),
96 ISO14A_NO_DISCONNECT = (1 << 1),
97 ISO14A_APDU = (1 << 2),
98 ISO14A_RAW = (1 << 3),
99 ISO14A_REQUEST_TRIGGER = (1 << 4),
100 ISO14A_APPEND_CRC = (1 << 5),
101 ISO14A_SET_TIMEOUT = (1 << 6),
102 ISO14A_NO_SELECT = (1 << 7),
103 ISO14A_TOPAZMODE = (1 << 8),
104 ISO14A_NO_RATS = (1 << 9),
105 ISO14A_SEND_CHAINING = (1 << 10),
106 ISO14A_USE_ECP = (1 << 11),
107 ISO14A_USE_MAGSAFE = (1 << 12),
108 ISO14A_USE_CUSTOM_POLLING = (1 << 13),
109 ISO14A_CRYPTO1MODE = (1 << 14)
110 } iso14a_command_t;
111
112 // Defines a frame that will be used in a polling sequence
113 // ECP Frames are up to (7 + 16) bytes long, 24 bytes should cover future and other cases
114 typedef struct {
115 uint8_t frame[24];
116 uint8_t frame_length;
117 uint8_t last_byte_bits;
118 uint16_t extra_delay;
119 } PACKED iso14a_polling_frame_t;
120
121 // Defines polling sequence configuration
122 // 6 would be enough for 4 magsafe, 1 wupa, 1 ecp,
123 typedef struct {
124 iso14a_polling_frame_t frames[6];
125 uint8_t frame_count;
126 uint16_t extra_timeout;
127 } PACKED iso14a_polling_parameters_t;
128
129 typedef struct {
130 uint8_t *response;
131 uint8_t *modulation;
132 uint16_t response_n;
133 uint16_t modulation_n;
134 uint32_t ProxToAirDuration;
135 uint8_t par; // enough for precalculated parity of 8 Byte responses
136 } PACKED tag_response_info_t;
137
138 // DESFIRE_RAW flag enums
139 typedef enum DESFIRE_COMMAND {
140 NONE = 0x00,
141 INIT = 0x01,
142 DISCONNECT = 0x02,
143 CLEARTRACE = 0x04,
144 BAR = 0x10,
145 } desfire_command_t;
146
147 typedef enum {
148 MFDES_AUTH_DES = 1,
149 MFDES_AUTH_ISO = 2,
150 MFDES_AUTH_AES = 3,
151 MFDES_AUTH_PICC = 4
152 } mifare_des_authmode_t;
153
154 typedef enum {
155 MFDES_ALGO_DES = 1,
156 MFDES_ALGO_3DES = 2,
157 MFDES_ALGO_3K3DES = 3,
158 MFDES_ALGO_AES = 4
159 } mifare_des_authalgo_t;
160
161 typedef enum {
162 MFDES_KDF_ALGO_NONE = 0,
163 MFDES_KDF_ALGO_AN10922 = 1,
164 MFDES_KDF_ALGO_GALLAGHER = 2,
165 } mifare_des_kdf_algo_t;
166
167 //-----------------------------------------------------------------------------
168 // "hf 14a sim -x", "hf mf sim -x" attacks
169 //-----------------------------------------------------------------------------
170 typedef enum {
171 EMPTY,
172 FIRST,
173 SECOND,
174 NESTED
175 } nonce_state;
176
177 typedef struct {
178 uint32_t cuid;
179 uint32_t nonce;
180 uint32_t ar;
181 uint32_t nr;
182 uint32_t at;
183 uint32_t nonce2;
184 uint32_t ar2;
185 uint32_t nr2;
186 uint8_t sector;
187 uint8_t keytype;
188 uint8_t state;
189 } PACKED nonces_t;
190
191 #endif // _MIFARE_H_
Proxmark3 - the RFID research Swiss army knife. Iceman firmware