search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Release v4.9237 - Ice Coffee :coffee:
[RRG-proxmark3.git] / include / mifare.h
blob1066b2d2b6ec40db23d1e9eb4d6d5766f8aa3599
1 //-----------------------------------------------------------------------------
2 // (c) 2012 Roel Verdult
3 //
4 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
5 // at your option, any later version. See the LICENSE.txt file for the text of
6 // the license.
7 //-----------------------------------------------------------------------------
8 // MIFARE type prototyping
9 //-----------------------------------------------------------------------------
10
11 #ifndef _MIFARE_H_
12 #define _MIFARE_H_
13
14 #include "common.h"
15
16 #define MF_KEY_A 0
17 #define MF_KEY_B 1
18
19 #define MF_MAD1_SECTOR 0x00
20 #define MF_MAD2_SECTOR 0x10
21
22 //-----------------------------------------------------------------------------
23 // Common types, used by client and ARM
24 //-----------------------------------------------------------------------------
25 // New Ultralight/NTAG dump file format
26 // Length must be aligned to 4 bytes (UL/NTAG page)
27 #define MFU_DUMP_PREFIX_LENGTH 56
28
29 typedef struct {
30 uint8_t version[8];
31 uint8_t tbo[2];
32 uint8_t tbo1[1];
33 uint8_t pages; // max page number in dump
34 uint8_t signature[32];
35 uint8_t counter_tearing[3][4]; // 3 bytes counter, 1 byte tearing flag
36 uint8_t data[1024];
37 } PACKED mfu_dump_t;
38
39 //-----------------------------------------------------------------------------
40 // ISO 14443A
41 //-----------------------------------------------------------------------------
42 typedef struct {
43 uint8_t uid[10];
44 uint8_t uidlen;
45 uint8_t atqa[2];
46 uint8_t sak;
47 uint8_t ats_len;
48 uint8_t ats[256];
49 } PACKED iso14a_card_select_t;
50
51 typedef enum ISO14A_COMMAND {
52 ISO14A_CONNECT = (1 << 0),
53 ISO14A_NO_DISCONNECT = (1 << 1),
54 ISO14A_APDU = (1 << 2),
55 ISO14A_RAW = (1 << 3),
56 ISO14A_REQUEST_TRIGGER = (1 << 4),
57 ISO14A_APPEND_CRC = (1 << 5),
58 ISO14A_SET_TIMEOUT = (1 << 6),
59 ISO14A_NO_SELECT = (1 << 7),
60 ISO14A_TOPAZMODE = (1 << 8),
61 ISO14A_NO_RATS = (1 << 9),
62 ISO14A_SEND_CHAINING = (1 << 10)
63 } iso14a_command_t;
64
65 typedef struct {
66 uint8_t *response;
67 uint8_t *modulation;
68 uint16_t response_n;
69 uint16_t modulation_n;
70 uint32_t ProxToAirDuration;
71 uint8_t par; // enough for precalculated parity of 8 Byte responses
72 } PACKED tag_response_info_t;
73
74 // DESFIRE_RAW flag enums
75 typedef enum DESFIRE_COMMAND {
76 NONE = 0x00,
77 INIT = 0x01,
78 DISCONNECT = 0x02,
79 CLEARTRACE = 0x04,
80 BAR = 0x10,
81 } desfire_command_t;
82
83 typedef enum {
84 MFDES_AUTH_DES = 1,
85 MFDES_AUTH_ISO = 2,
86 MFDES_AUTH_AES = 3,
87 MFDES_AUTH_PICC = 4
88 } mifare_des_authmode_t;
89
90 typedef enum {
91 MFDES_ALGO_DES = 1,
92 MFDES_ALGO_3DES = 2,
93 MFDES_ALGO_3K3DES = 3,
94 MFDES_ALGO_AES = 4
95 } mifare_des_authalgo_t;
96
97
98 //-----------------------------------------------------------------------------
99 // ISO 14443B
100 //-----------------------------------------------------------------------------
101 typedef struct {
102 uint8_t uid[10];
103 uint8_t uidlen;
104 uint8_t atqb[7];
105 uint8_t chipid;
106 uint8_t cid;
107 } PACKED iso14b_card_select_t;
108
109 typedef enum ISO14B_COMMAND {
110 ISO14B_CONNECT = (1 << 0),
111 ISO14B_DISCONNECT = (1 << 1),
112 ISO14B_APDU = (1 << 2),
113 ISO14B_RAW = (1 << 3),
114 ISO14B_REQUEST_TRIGGER = (1 << 4),
115 ISO14B_APPEND_CRC = (1 << 5),
116 ISO14B_SELECT_STD = (1 << 6),
117 ISO14B_SELECT_SR = (1 << 7),
118 ISO14B_SET_TIMEOUT = (1 << 8),
119 } iso14b_command_t;
120
121 typedef enum ISO15_COMMAND {
122 ISO15_CONNECT = (1 << 0),
123 ISO15_NO_DISCONNECT = (1 << 1),
124 ISO15_RAW = (1 << 2),
125 ISO15_APPEND_CRC = (1 << 3),
126 ISO15_HIGH_SPEED = (1 << 4),
127 ISO15_READ_RESPONSE = (1 << 5)
128 } iso15_command_t;
129
130 //-----------------------------------------------------------------------------
131 // "hf 14a sim x", "hf mf sim x" attacks
132 //-----------------------------------------------------------------------------
133 typedef struct {
134 uint32_t cuid;
135 uint32_t nonce;
136 uint32_t ar;
137 uint32_t nr;
138 uint32_t at;
139 uint32_t nonce2;
140 uint32_t ar2;
141 uint32_t nr2;
142 uint8_t sector;
143 uint8_t keytype;
144 enum {
145 EMPTY,
146 FIRST,
147 SECOND,
148 } state;
149 } PACKED nonces_t;
150
151 //-----------------------------------------------------------------------------
152 // ISO 7618 Smart Card
153 //-----------------------------------------------------------------------------
154 typedef struct {
155 uint8_t atr_len;
156 uint8_t atr[30];
157 } PACKED smart_card_atr_t;
158
159 typedef enum SMARTCARD_COMMAND {
160 SC_CONNECT = (1 << 0),
161 SC_NO_DISCONNECT = (1 << 1),
162 SC_RAW = (1 << 2),
163 SC_SELECT = (1 << 3),
164 SC_RAW_T0 = (1 << 4),
165 } smartcard_command_t;
166
167 //-----------------------------------------------------------------------------
168 // FeliCa
169 //-----------------------------------------------------------------------------
170 // IDm = ID manufacturer
171 // mc = manufactureCode
172 // mc1 mc2 u1 u2 u3 u4 u5 u6
173 // PMm = Product manufacturer
174 // icCode =
175 // ic1 = ROM
176 // ic2 = IC
177 // maximum response time =
178 // B3(request service)
179 // B4(request response)
180 // B5(authenticate)
181 // B6(read)
182 // B7(write)
183 // B8()
184
185 // ServiceCode 2bytes (access-rights)
186 // FileSystem = 1 Block = 16 bytes
187 typedef struct {
188 uint8_t IDm[8];
189 uint8_t code[2];
190 uint8_t uid[6];
191 uint8_t PMm[8];
192 uint8_t iccode[2];
193 uint8_t mrt[6];
194 uint8_t servicecode[2];
195 } PACKED felica_card_select_t;
196
197 typedef struct {
198 uint8_t sync[2];
199 uint8_t length[1];
200 uint8_t cmd_code[1];
201 uint8_t IDm[8];
202 } PACKED felica_frame_response_t;
203
204 typedef struct {
205 uint8_t status_flag1[1];
206 uint8_t status_flag2[1];
207 } PACKED felica_status_flags_t;
208
209 typedef struct {
210 felica_frame_response_t frame_response;
211 uint8_t node_number[1];
212 uint8_t node_key_versions[2];
213 } PACKED felica_request_service_response_t;
214
215 typedef struct {
216 felica_frame_response_t frame_response;
217 uint8_t mode[1];
218 } PACKED felica_request_request_response_t;
219
220 typedef struct {
221 felica_frame_response_t frame_response;
222 felica_status_flags_t status_flags;
223 uint8_t number_of_block[1];
224 uint8_t block_data[16];
225 uint8_t block_element_number[1];
226 } PACKED felica_read_without_encryption_response_t;
227
228 typedef struct {
229 felica_frame_response_t frame_response;
230 felica_status_flags_t status_flags;
231 } PACKED felica_status_response_t;
232
233 typedef struct {
234 felica_frame_response_t frame_response;
235 uint8_t number_of_systems[1];
236 uint8_t system_code_list[32];
237 } PACKED felica_syscode_response_t;
238
239 typedef struct {
240 felica_frame_response_t frame_response;
241 felica_status_flags_t status_flags;
242 uint8_t format_version[1];
243 uint8_t basic_version[2];
244 uint8_t number_of_option[1];
245 uint8_t option_version_list[4];
246 } PACKED felica_request_spec_response_t;
247
248 typedef struct {
249 felica_frame_response_t frame_response;
250 uint8_t m2c[8];
251 uint8_t m3c[8];
252 } PACKED felica_auth1_response_t;
253
254 typedef struct {
255 uint8_t code[1];
256 uint8_t IDtc[8];
257 uint8_t IDi[8];
258 uint8_t PMi[8];
259 } PACKED felica_auth2_response_t;
260
261
262 typedef enum FELICA_COMMAND {
263 FELICA_CONNECT = (1 << 0),
264 FELICA_NO_DISCONNECT = (1 << 1),
265 FELICA_RAW = (1 << 3),
266 FELICA_APPEND_CRC = (1 << 5),
267 FELICA_NO_SELECT = (1 << 6),
268 } felica_command_t;
269
270 #endif // _MIFARE_H_
Proxmark3 - the RFID research Swiss army knife. Iceman firmware