search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
recover_pk.py: replace secp192r1 by prime192v1
[RRG-proxmark3.git] / client / src / scripting.c
blob0657ae8d67f0d307cf496fe23b3d370513b03c06
1 //-----------------------------------------------------------------------------
2 // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details.
3 //
4 // This program is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // This program is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
13 //
14 // See LICENSE.txt for the text of the license.
15 //-----------------------------------------------------------------------------
16 // Some lua scripting glue to proxmark core.
17 //-----------------------------------------------------------------------------
18 #include "scripting.h"
19
20 #include <stdlib.h>
21 #include <string.h>
22 #include <errno.h>
23
24 #include "lauxlib.h"
25 #include "lua_bitlib.h"
26 #include "cmdmain.h"
27 #include "proxmark3.h"
28 #include "comms.h"
29 #include "mifare/mifarehost.h"
30 #include "crc.h"
31 #include "crc64.h"
32 #include "sha1.h"
33 #include "aes.h"
34 #include "cmdcrc.h"
35 #include "cmdhfmfhard.h"
36 #include "cmdhfmfu.h"
37 #include "cmdlft55xx.h" // read t55xx etc
38 #include "nfc/ndef.h" // ndef parsing
39 #include "commonutil.h"
40 #include "ui.h"
41
42 #include "crc16.h"
43 #include "protocols.h"
44 #include "fileutils.h" // searchfile
45 #include "cmdlf.h" // lf_config
46 #include "generator.h"
47 #include "cmdlfem4x05.h" // read 4305
48 #include "cmdlfem4x50.h" // read 4350
49 #include "em4x50.h" // 4x50 structs
50 #include "iso7816/iso7816core.h" // ISODEPSTATE
51
52 static int returnToLuaWithError(lua_State *L, const char *fmt, ...) {
53 char buffer[1024];
54 va_list args;
55 va_start(args, fmt);
56 vsnprintf(buffer, sizeof(buffer), fmt, args);
57 va_end(args);
58
59 lua_pushnil(L);
60 lua_pushstring(L, buffer);
61 return 2;
62 }
63
64 static int l_clearCommandBuffer(lua_State *L) {
65 clearCommandBuffer();
66 return 0;
67 }
68
69 /**
70 * Enable / Disable fast push mode for lua scripts like hf_mf_keycheck
71 * The following params expected:
72 *
73 *@brief l_fast_push_mode
74 * @param L
75 * @return
76 */
77 static int l_fast_push_mode(lua_State *L) {
78
79 luaL_checktype(L, 1, LUA_TBOOLEAN);
80
81 bool enable = lua_toboolean(L, 1);
82
83 g_conn.block_after_ACK = enable;
84
85 // Disable fast mode and send a dummy command to make it effective
86 if (enable == false) {
87 SendCommandNG(CMD_PING, NULL, 0);
88 if (WaitForResponseTimeout(CMD_PING, NULL, 1000) == false) {
89 PrintAndLogEx(WARNING, "command execution time out");
90 return returnToLuaWithError(L, "command execution time out");
91 }
92 }
93
94 //Push the retval on the stack
95 lua_pushboolean(L, enable);
96 return 1;
97 }
98
99 /**
100 * The following params expected:
101 * @brief l_SendCommandMIX
102 * @param L - a lua string with the following five params.
103 * @param cmd must be hexstring, max u64
104 * @param arg0 must be hexstring, max u64
105 * @param arg1 must be hexstring, max u64
106 * @param arg2 must be hexstring, max u64
107 * @param data must be hexstring less than 1024 chars(512bytes)
108 * @return
109 */
110 static int l_SendCommandMIX(lua_State *L) {
111
112 uint64_t cmd, arg0, arg1, arg2;
113 uint8_t data[PM3_CMD_DATA_SIZE] = {0};
114 size_t len = 0, size;
115
116 // check number of arguments
117 int n = lua_gettop(L);
118 if (n != 5) {
119 return returnToLuaWithError(L, "You need to supply five parameters");
120 }
121
122 // parse input
123 cmd = luaL_checknumber(L, 1);
124 arg0 = luaL_checknumber(L, 2);
125 arg1 = luaL_checknumber(L, 3);
126 arg2 = luaL_checknumber(L, 4);
127
128 // data
129 const char *p_data = luaL_checklstring(L, 5, &size);
130 if (size) {
131 if (size > 1024)
132 size = 1024;
133
134 uint32_t tmp;
135 for (int i = 0; i < size; i += 2) {
136 sscanf(&p_data[i], "%02x", &tmp);
137 data[i >> 1] = tmp & 0xFF;
138 len++;
139 }
140 }
141
142 clearCommandBuffer();
143 SendCommandMIX(cmd, arg0, arg1, arg2, data, len);
144 lua_pushboolean(L, true);
145 return 1;
146 }
147 /**
148 * The following params expected:
149 * @brief l_SendCommandMIX
150 * @param L - a lua string with the following two params.
151 * @param cmd must be hexstring, max u64
152 * @param data must be hexstring less than 1024 chars(512bytes)
153 * @return
154 */
155 static int l_SendCommandNG(lua_State *L) {
156
157 uint8_t data[PM3_CMD_DATA_SIZE] = {0};
158 size_t len = 0, size;
159
160 // check number of arguments
161 int n = lua_gettop(L);
162 if (n != 2)
163 return returnToLuaWithError(L, "You need to supply two parameters");
164
165 // parse input
166 uint16_t cmd = luaL_checknumber(L, 1);
167
168 // data
169 const char *p_data = luaL_checklstring(L, 2, &size);
170 if (size) {
171 if (size > 1024)
172 size = 1024;
173
174 uint32_t tmp;
175 for (int i = 0; i < size; i += 2) {
176 sscanf(&p_data[i], "%02x", &tmp);
177 data[i >> 1] = tmp & 0xFF;
178 len++;
179 }
180 }
181
182 clearCommandBuffer();
183 SendCommandNG(cmd, data, len);
184 lua_pushboolean(L, true);
185 return 1;
186 }
187
188
189 /**
190 * @brief The following params expected:
191 * uint8_t *dest
192 * int bytes
193 * int start_index
194 * @param L
195 * @return
196 */
197 static int l_GetFromBigBuf(lua_State *L) {
198
199 int len = 0, startindex = 0;
200
201 //Check number of arguments
202 int n = lua_gettop(L);
203 if (n == 0) {
204 return returnToLuaWithError(L, "You need to supply number of bytes and startindex");
205 }
206
207 if (n >= 2) {
208 startindex = luaL_checknumber(L, 1);
209 len = luaL_checknumber(L, 2);
210 }
211
212 if (len == 0) {
213 return returnToLuaWithError(L, "You need to supply number of bytes larger than zero");
214 }
215
216 uint8_t *data = calloc(len, sizeof(uint8_t));
217 if (!data) {
218 return returnToLuaWithError(L, "Allocating memory failed");
219 }
220
221 if (!GetFromDevice(BIG_BUF, data, len, startindex, NULL, 0, NULL, 2500, false)) {
222 free(data);
223 return returnToLuaWithError(L, "command execution time out");
224 }
225
226 //Push it as a string
227 lua_pushlstring(L, (const char *)data, len);
228 free(data);
229 return 1; // return 1 to signal one return value
230 }
231
232 /**
233 * @brief The following params expected:
234 * uint8_t *dest
235 * int bytes
236 * int start_index
237 * @param L
238 * @return
239 */
240 static int l_GetFromFlashMem(lua_State *L) {
241
242 if (IfPm3Flash()) {
243 int len = 0, startindex = 0;
244
245 int n = lua_gettop(L);
246 if (n == 0)
247 return returnToLuaWithError(L, "You need to supply number of bytes and startindex");
248
249 if (n >= 2) {
250 startindex = luaL_checknumber(L, 1);
251 len = luaL_checknumber(L, 2);
252 }
253
254 if (len == 0)
255 return returnToLuaWithError(L, "You need to supply number of bytes larger than zero");
256
257 uint8_t *data = calloc(len, sizeof(uint8_t));
258 if (!data)
259 return returnToLuaWithError(L, "Allocating memory failed");
260
261 if (!GetFromDevice(FLASH_MEM, data, len, startindex, NULL, 0, NULL, -1, false)) {
262 free(data);
263 return returnToLuaWithError(L, "command execution time out");
264 }
265
266 lua_pushlstring(L, (const char *)data, len);
267 free(data);
268 return 1;
269 } else {
270 return returnToLuaWithError(L, "No FLASH MEM support");
271 }
272 }
273
274 /**
275 * @brief The following params expected:
276 * uint8_t *destfilename
277 * @param L
278 * @return
279 */
280 static int l_GetFromFlashMemSpiffs(lua_State *L) {
281
282 if (IfPm3Flash() == false) {
283 return returnToLuaWithError(L, "No FLASH MEM support");
284 }
285
286 uint32_t start_index = 0, len = 0x40000; //FLASH_MEM_MAX_SIZE
287 char destfilename[32] = {0};
288 size_t size;
289
290 int n = lua_gettop(L);
291 if (n == 0)
292 return returnToLuaWithError(L, "You need to supply the destination filename");
293
294 if (n >= 1) {
295 const char *p_filename = luaL_checklstring(L, 1, &size);
296 if (size != 0)
297 memcpy(destfilename, p_filename, 31);
298 }
299
300 if (destfilename[0] == '\0')
301 return returnToLuaWithError(L, "Filename missing or invalid");
302
303 // get size from spiffs itself !
304 SendCommandNG(CMD_SPIFFS_STAT, (uint8_t *)destfilename, 32);
305 PacketResponseNG resp;
306 if (!WaitForResponseTimeout(CMD_SPIFFS_STAT, &resp, 2000))
307 return returnToLuaWithError(L, "No response from the device");
308
309 len = resp.data.asDwords[0];
310
311 if (len == 0)
312 return returnToLuaWithError(L, "Filename invalid or empty");
313
314 uint8_t *data = calloc(len, sizeof(uint8_t));
315 if (!data)
316 return returnToLuaWithError(L, "Allocating memory failed");
317
318 if (!GetFromDevice(SPIFFS, data, len, start_index, (uint8_t *)destfilename, 32, NULL, -1, true)) {
319 free(data);
320 return returnToLuaWithError(L, "ERROR; downloading from spiffs(flashmemory)");
321 }
322
323 lua_pushlstring(L, (const char *)data, len);
324 lua_pushinteger(L, len);
325 free(data);
326 return 2;
327 }
328
329 /**
330 * @brief The following params expected:
331 * uint32_t cmd
332 * size_t ms_timeout
333 * @param L
334 * @return struct of PacketResponseNG
335 */
336 static int l_WaitForResponseTimeout(lua_State *L) {
337
338 uint32_t cmd = 0;
339 size_t ms_timeout = -1;
340
341 //Check number of arguments
342 int n = lua_gettop(L);
343 if (n == 0)
344 return returnToLuaWithError(L, "You need to supply at least command to wait for");
345
346 // extract first param. cmd byte to look for
347 if (n >= 1)
348 cmd = (uint32_t)luaL_checkinteger(L, 1);
349
350 // extract second param. timeout value
351 if (n >= 2)
352 ms_timeout = luaL_checkinteger(L, 2);
353
354 PacketResponseNG resp;
355 if (WaitForResponseTimeout(cmd, &resp, ms_timeout) == false) {
356 return returnToLuaWithError(L, "No response from the device");
357 }
358
359 char foo[sizeof(PacketResponseNG)];
360 n = 0;
361
362 memcpy(foo + n, &resp.cmd, sizeof(resp.cmd));
363 n += sizeof(resp.cmd);
364
365 memcpy(foo + n, &resp.length, sizeof(resp.length));
366 n += sizeof(resp.length);
367
368 memcpy(foo + n, &resp.magic, sizeof(resp.magic));
369 n += sizeof(resp.magic);
370
371 memcpy(foo + n, &resp.status, sizeof(resp.status));
372 n += sizeof(resp.status);
373
374 memcpy(foo + n, &resp.reason, sizeof(resp.reason));
375 n += sizeof(resp.reason);
376
377 memcpy(foo + n, &resp.crc, sizeof(resp.crc));
378 n += sizeof(resp.crc);
379
380 memcpy(foo + n, &resp.oldarg[0], sizeof(resp.oldarg[0]));
381 n += sizeof(resp.oldarg[0]);
382
383 memcpy(foo + n, &resp.oldarg[1], sizeof(resp.oldarg[1]));
384 n += sizeof(resp.oldarg[1]);
385
386 memcpy(foo + n, &resp.oldarg[2], sizeof(resp.oldarg[2]));
387 n += sizeof(resp.oldarg[2]);
388
389 memcpy(foo + n, resp.data.asBytes, sizeof(resp.data));
390 n += sizeof(resp.data);
391
392 memcpy(foo + n, &resp.ng, sizeof(resp.ng));
393 n += sizeof(resp.ng);
394 (void) n;
395
396 //Push it as a string
397 lua_pushlstring(L, (const char *)&foo, sizeof(foo));
398 return 1;
399 }
400
401 static int l_mfDarkside(lua_State *L) {
402
403 uint32_t blockno = 0;
404 uint32_t keytype = MIFARE_AUTH_KEYA;
405 uint64_t key = 0;
406 size_t size;
407
408 //Check number of arguments
409 int n = lua_gettop(L);
410 switch (n) {
411 case 2: {
412 const char *p_keytype = luaL_checklstring(L, 2, &size);
413 if (size != 2) return returnToLuaWithError(L, "Wrong size of keytype, got %d bytes, expected 1", (int) size);
414 sscanf(p_keytype, "%x", &keytype);
415 }
416 case 1: {
417 const char *p_blockno = luaL_checklstring(L, 1, &size);
418 if (size != 2) return returnToLuaWithError(L, "Wrong size of blockno, got %d bytes, expected 2", (int) size);
419 sscanf(p_blockno, "%02x", &blockno);
420 break;
421 }
422 default :
423 break;
424 }
425
426 int retval = mf_dark_side(blockno & 0xFF, keytype & 0xFF, &key);
427
428 uint8_t dest_key[8];
429 num_to_bytes(key, sizeof(dest_key), dest_key);
430
431 //Push the retval on the stack
432 lua_pushinteger(L, retval);
433 lua_pushlstring(L, (const char *) dest_key, sizeof(dest_key));
434 return 2;
435 }
436
437 /**
438 * @brief l_foobar is a dummy function to test lua-integration with
439 * @param L
440 * @return
441 */
442 static int l_foobar(lua_State *L) {
443 //Check number of arguments
444 int n = lua_gettop(L);
445 PrintAndLogEx(INFO, "foobar called with %d arguments", n);
446 lua_settop(L, 0);
447 PrintAndLogEx(INFO, "Arguments discarded, stack now contains %d elements", lua_gettop(L));
448
449 // todo: this is not used, where was it intended for?
450 // PacketCommandOLD response = {CMD_HF_MIFARE_READBL, {1337, 1338, 1339}, {{0}}};
451
452 PrintAndLogEx(INFO, "Now returning a uint64_t as a string");
453 uint64_t x = 0xDEADC0DE;
454 uint8_t destination[8];
455 num_to_bytes(x, sizeof(x), destination);
456 lua_pushlstring(L, (const char *)&x, sizeof(x));
457 lua_pushlstring(L, (const char *)destination, sizeof(destination));
458 return 2;
459 }
460
461 /**
462 * @brief Utility to check if a key has been pressed by the user. This method does not block.
463 * @param L
464 * @return boolean, true if kbhit, false otherwise.
465 */
466 static int l_kbd_enter_pressed(lua_State *L) {
467 lua_pushboolean(L, kbd_enter_pressed() ? true : false);
468 return 1;
469 }
470
471 /**
472 * @brief Calls the command line parser to deal with the command. This enables
473 * lua-scripts to do stuff like "core.console('hf mf mifare')"
474 * @param L
475 * @return
476 */
477 static int l_CmdConsole(lua_State *L) {
478 CommandReceived((char *)luaL_checkstring(L, 1));
479 return 0;
480 }
481
482 static int l_iso15693_crc(lua_State *L) {
483 uint32_t tmp;
484 unsigned char buf[PM3_CMD_DATA_SIZE] = {0x00};
485 size_t size = 0;
486 const char *data = luaL_checklstring(L, 1, &size);
487
488 for (int i = 0; i < size; i += 2) {
489 sscanf(&data[i], "%02x", &tmp);
490 buf[i / 2] = tmp & 0xFF;
491 }
492
493 size /= 2;
494 compute_crc(CRC_15693, buf, size, &buf[size], &buf[size + 1]);
495 lua_pushlstring(L, (const char *)&buf, size + 2);
496 return 1;
497 }
498
499 static int l_iso14443b_crc(lua_State *L) {
500 uint32_t tmp;
501 unsigned char buf[PM3_CMD_DATA_SIZE] = {0x00};
502 size_t size = 0;
503 const char *data = luaL_checklstring(L, 1, &size);
504
505 for (int i = 0; i < size; i += 2) {
506 sscanf(&data[i], "%02x", &tmp);
507 buf[i / 2] = tmp & 0xFF;
508 }
509
510 size /= 2;
511 compute_crc(CRC_14443_B, buf, size, &buf[size], &buf[size + 1]);
512 lua_pushlstring(L, (const char *)&buf, size + 2);
513 return 1;
514 }
515
516 /*
517 Simple AES 128 cbc hook up to OpenSSL.
518 params: key, input
519 */
520 static int l_aes128decrypt_cbc(lua_State *L) {
521 //Check number of arguments
522 int i;
523 uint32_t tmp;
524 size_t size;
525 const char *p_key = luaL_checklstring(L, 1, &size);
526 if (size != 32)
527 return returnToLuaWithError(L, "Wrong size of key, got %d bytes, expected 32", (int) size);
528
529 const char *p_encTxt = luaL_checklstring(L, 2, &size);
530
531 unsigned char indata[16] = {0x00};
532 unsigned char outdata[16] = {0x00};
533 unsigned char aes_key[16] = {0x00};
534 unsigned char iv[16] = {0x00};
535
536 // convert key to bytearray and convert input to bytearray
537 for (i = 0; i < 32; i += 2) {
538 sscanf(&p_encTxt[i], "%02x", &tmp);
539 indata[i / 2] = tmp & 0xFF;
540 sscanf(&p_key[i], "%02x", &tmp);
541 aes_key[i / 2] = tmp & 0xFF;
542 }
543
544 mbedtls_aes_context ctx;
545 mbedtls_aes_init(&ctx);
546 mbedtls_aes_setkey_dec(&ctx, aes_key, 128);
547 mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_DECRYPT, sizeof(indata), iv, indata, outdata);
548 //Push decrypted array as a string
549 lua_pushlstring(L, (const char *)&outdata, sizeof(outdata));
550 return 1;// return 1 to signal one return value
551 }
552 static int l_aes128decrypt_ecb(lua_State *L) {
553 //Check number of arguments
554 int i;
555 uint32_t tmp;
556 size_t size;
557 const char *p_key = luaL_checklstring(L, 1, &size);
558 if (size != 32)
559 return returnToLuaWithError(L, "Wrong size of key, got %d bytes, expected 32", (int) size);
560
561 const char *p_encTxt = luaL_checklstring(L, 2, &size);
562
563 unsigned char indata[16] = {0x00};
564 unsigned char outdata[16] = {0x00};
565 unsigned char aes_key[16] = {0x00};
566
567 // convert key to bytearray and convert input to bytearray
568 for (i = 0; i < 32; i += 2) {
569 sscanf(&p_encTxt[i], "%02x", &tmp);
570 indata[i / 2] = tmp & 0xFF;
571 sscanf(&p_key[i], "%02x", &tmp);
572 aes_key[i / 2] = tmp & 0xFF;
573 }
574 mbedtls_aes_context ctx;
575 mbedtls_aes_init(&ctx);
576 mbedtls_aes_setkey_dec(&ctx, aes_key, 128);
577 mbedtls_aes_crypt_ecb(&ctx, MBEDTLS_AES_DECRYPT, indata, outdata);
578
579 //Push decrypted array as a string
580 lua_pushlstring(L, (const char *)&outdata, sizeof(outdata));
581 return 1;// return 1 to signal one return value
582 }
583
584 static int l_aes128encrypt_cbc(lua_State *L) {
585 //Check number of arguments
586 int i;
587 uint32_t tmp;
588 size_t size;
589 const char *p_key = luaL_checklstring(L, 1, &size);
590 if (size != 32)
591 return returnToLuaWithError(L, "Wrong size of key, got %d bytes, expected 32", (int) size);
592
593 const char *p_txt = luaL_checklstring(L, 2, &size);
594
595 unsigned char indata[16] = {0x00};
596 unsigned char outdata[16] = {0x00};
597 unsigned char aes_key[16] = {0x00};
598 unsigned char iv[16] = {0x00};
599
600 for (i = 0; i < 32; i += 2) {
601 sscanf(&p_txt[i], "%02x", &tmp);
602 indata[i / 2] = tmp & 0xFF;
603 sscanf(&p_key[i], "%02x", &tmp);
604 aes_key[i / 2] = tmp & 0xFF;
605 }
606
607 mbedtls_aes_context ctx;
608 mbedtls_aes_init(&ctx);
609 mbedtls_aes_setkey_enc(&ctx, aes_key, 128);
610 mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_ENCRYPT, sizeof(indata), iv, indata, outdata);
611 //Push encrypted array as a string
612 lua_pushlstring(L, (const char *)&outdata, sizeof(outdata));
613 return 1;// return 1 to signal one return value
614 }
615
616 static int l_aes128encrypt_ecb(lua_State *L) {
617 //Check number of arguments
618 int i;
619 uint32_t tmp;
620 size_t size;
621 const char *p_key = luaL_checklstring(L, 1, &size);
622 if (size != 32)
623 return returnToLuaWithError(L, "Wrong size of key, got %d bytes, expected 32", (int) size);
624
625 const char *p_txt = luaL_checklstring(L, 2, &size);
626
627 unsigned char indata[16] = {0x00};
628 unsigned char outdata[16] = {0x00};
629 unsigned char aes_key[16] = {0x00};
630
631 for (i = 0; i < 32; i += 2) {
632 sscanf(&p_txt[i], "%02x", &tmp);
633 indata[i / 2] = tmp & 0xFF;
634 sscanf(&p_key[i], "%02x", &tmp);
635 aes_key[i / 2] = tmp & 0xFF;
636 }
637 mbedtls_aes_context ctx;
638 mbedtls_aes_init(&ctx);
639 mbedtls_aes_setkey_enc(&ctx, aes_key, 128);
640 mbedtls_aes_crypt_ecb(&ctx, MBEDTLS_AES_ENCRYPT, indata, outdata);
641 //Push encrypted array as a string
642 lua_pushlstring(L, (const char *)&outdata, sizeof(outdata));
643 return 1;// return 1 to signal one return value
644 }
645
646 static int l_crc8legic(lua_State *L) {
647 size_t size;
648 const char *p_hexstr = luaL_checklstring(L, 1, &size);
649 uint16_t retval = CRC8Legic((uint8_t *)p_hexstr, size);
650 lua_pushinteger(L, retval);
651 return 1;
652 }
653
654 static int l_crc16legic(lua_State *L) {
655 size_t hexsize, uidsize;
656
657 // data as hex string
658 const char *p_hexstr = luaL_checklstring(L, 1, &hexsize);
659
660 // calc uid crc based on uid hex
661 const char *p_uid = luaL_checklstring(L, 2, &uidsize);
662 uint16_t uidcrc = CRC8Legic((uint8_t *)p_uid, uidsize);
663
664 init_table(CRC_LEGIC_16);
665 uint16_t retval = crc16_legic((uint8_t *)p_hexstr, hexsize, uidcrc);
666 lua_pushinteger(L, retval);
667 return 1;
668 }
669
670
671 static int l_crc16(lua_State *L) {
672 size_t size;
673 const char *p_str = luaL_checklstring(L, 1, &size);
674
675 uint16_t checksum = Crc16ex(CRC_CCITT, (uint8_t *) p_str, size);
676 lua_pushinteger(L, checksum);
677 return 1;
678 }
679
680 static int l_crc64(lua_State *L) {
681 size_t size;
682 uint64_t crc = 0;
683 unsigned char outdata[8] = {0x00};
684
685 const char *p_str = luaL_checklstring(L, 1, &size);
686
687 crc64((uint8_t *) p_str, size, &crc);
688
689 outdata[0] = (uint8_t)(crc >> 56) & 0xff;
690 outdata[1] = (uint8_t)(crc >> 48) & 0xff;
691 outdata[2] = (uint8_t)(crc >> 40) & 0xff;
692 outdata[3] = (uint8_t)(crc >> 32) & 0xff;
693 outdata[4] = (uint8_t)(crc >> 24) & 0xff;
694 outdata[5] = (uint8_t)(crc >> 16) & 0xff;
695 outdata[6] = (uint8_t)(crc >> 8) & 0xff;
696 outdata[7] = crc & 0xff;
697 lua_pushlstring(L, (const char *)&outdata, sizeof(outdata));
698 return 1;
699 }
700
701 // TO BE IMPLEMENTED
702 static int l_crc64_ecma182(lua_State *L) {
703 //size_t size;
704 uint64_t crc = 0;
705 unsigned char outdata[8] = {0x00};
706 //const char *p_str = luaL_checklstring(L, 1, &size);
707
708 //init
709 //crc64_ecma182(NULL, 0, &crc);
710 crc = 0x338103260CC4;
711
712 // calc hash
713 //crc64_ecma182((uint8_t*) p_str, size, &crc);
714
715 outdata[0] = (uint8_t)(crc >> 56) & 0xff;
716 outdata[1] = (uint8_t)(crc >> 48) & 0xff;
717 outdata[2] = (uint8_t)(crc >> 40) & 0xff;
718 outdata[3] = (uint8_t)(crc >> 32) & 0xff;
719 outdata[4] = (uint8_t)(crc >> 24) & 0xff;
720 outdata[5] = (uint8_t)(crc >> 16) & 0xff;
721 outdata[6] = (uint8_t)(crc >> 8) & 0xff;
722 outdata[7] = crc & 0xff;
723 lua_pushlstring(L, (const char *)&outdata, sizeof(outdata));
724 return 1;
725 }
726
727 static int l_sha1(lua_State *L) {
728 size_t size;
729 const char *p_str = luaL_checklstring(L, 1, &size);
730 unsigned char outdata[20] = {0x00};
731 mbedtls_sha1((uint8_t *) p_str, size, outdata);
732 lua_pushlstring(L, (const char *)&outdata, sizeof(outdata));
733 return 1;
734 }
735
736 static int l_reveng_models(lua_State *L) {
737
738 // This array needs to be adjusted if RevEng adds more crc-models.
739 #define NMODELS 106
740
741 int count = 0;
742 uint8_t in_width = (uint8_t)luaL_checkinteger(L, 1);
743 if (in_width > 89)
744 return returnToLuaWithError(L, "Width cannot exceed 89, got %d", in_width);
745
746 uint8_t width[NMODELS];
747 memset(width, 0, sizeof(width));
748 char *models[NMODELS];
749
750 width[0] = in_width;
751
752 if (!GetModels(models, &count, width))
753 return returnToLuaWithError(L, "didn't find any models");
754
755 lua_newtable(L);
756 for (int i = 0; i < count; i++) {
757 lua_pushstring(L, (const char *)models[i]);
758 lua_rawseti(L, -2, i + 1);
759 free(models[i]);
760 }
761 return 1;
762 }
763
764 //Called with 4 parameters.
765 // inModel ,string containing the crc model name: 'CRC-8'
766 // inHexStr ,string containing the hex representation of the data that will be used for CRC calculations.
767 // reverse ,int 0/1 (bool) if 1, calculate the reverse CRC
768 // endian ,char, 'B','b','L','l','t','r' describing if Big-Endian or Little-Endian should be used in different combinations.
769 //
770 // outputs: string with hex representation of the CRC result
771 static int l_reveng_runmodel(lua_State *L) {
772 //-c || -v
773 //inModel = valid model name string - CRC-8
774 //inHexStr = input hex string to calculate crc on
775 //reverse = reverse calc option if true
776 //endian = {0 = calc default endian input and output, b = big endian input and output, B = big endian output, r = right justified
777 // l = little endian input and output, L = little endian output only, t = left justified}
778 //result = calculated crc hex string
779 char result[50];
780 memset(result, 0x00, sizeof(result));
781
782 const char *inModel = luaL_checkstring(L, 1);
783 const char *inHexStr = luaL_checkstring(L, 2);
784 bool reverse = lua_toboolean(L, 3);
785 const char endian = luaL_checkstring(L, 4)[0];
786
787 int ans = RunModel((char *)inModel, (char *)inHexStr, reverse, endian, result);
788 if (!ans)
789 return returnToLuaWithError(L, "Reveng failed");
790
791 lua_pushstring(L, result);
792 return 1;
793 }
794
795 static int l_hardnested(lua_State *L) {
796
797 bool haveTarget = true;
798 size_t size;
799 uint32_t tmp;
800 const char *p_blockno = luaL_checklstring(L, 1, &size);
801 if (size != 2)
802 return returnToLuaWithError(L, "Wrong size of blockNo, got %d bytes, expected 2", (int) size);
803
804 const char *p_keytype = luaL_checklstring(L, 2, &size);
805 if (size != 1)
806 return returnToLuaWithError(L, "Wrong size of keyType, got %d bytes, expected 1", (int) size);
807
808 const char *p_key = luaL_checklstring(L, 3, &size);
809 if (size != 12)
810 return returnToLuaWithError(L, "Wrong size of key, got %d bytes, expected 12", (int) size);
811
812 const char *p_trg_blockno = luaL_checklstring(L, 4, &size);
813 if (size != 2)
814 return returnToLuaWithError(L, "Wrong size of trgBlockNo, got %d bytes, expected 2", (int) size);
815
816 const char *p_trg_keytype = luaL_checklstring(L, 5, &size);
817 if (size != 1)
818 return returnToLuaWithError(L, "Wrong size of trgKeyType, got %d bytes, expected 1", (int) size);
819
820 const char *p_trgkey = luaL_checklstring(L, 6, &size);
821 if (size != 12)
822 haveTarget = false;
823
824 const char *p_nonce_file_read = luaL_checklstring(L, 7, &size);
825 if (size != 1)
826 return returnToLuaWithError(L, "Wrong size of nonce_file_read, got %d bytes, expected 1", (int) size);
827
828 const char *p_nonce_file_write = luaL_checklstring(L, 8, &size);
829 if (size != 1)
830 return returnToLuaWithError(L, "Wrong size of nonce_file_write, got %d bytes, expected 1", (int) size);
831
832 const char *p_slow = luaL_checklstring(L, 9, &size);
833 if (size != 1)
834 return returnToLuaWithError(L, "Wrong size of slow, got %d bytes, expected 1", (int) size);
835
836 const char *p_tests = luaL_checklstring(L, 10, &size);
837 if (size != 1)
838 return returnToLuaWithError(L, "Wrong size of tests, got %d bytes, expected 1", (int) size);
839
840 char filename[FILE_PATH_SIZE] = "nonces.bin";
841 const char *p_filename = luaL_checklstring(L, 11, &size);
842 if (size != 0)
843 memcpy(filename, p_filename, FILE_PATH_SIZE - 1);
844
845 uint32_t blockNo = 0, keyType = 0;
846 uint32_t trgBlockNo = 0, trgKeyType = 0;
847 uint32_t slow = 0, tests = 0;
848 uint32_t nonce_file_read = 0, nonce_file_write = 0;
849 sscanf(p_blockno, "%02x", &blockNo);
850 sscanf(p_keytype, "%x", &keyType);
851 sscanf(p_trg_blockno, "%02x", &trgBlockNo);
852 sscanf(p_trg_keytype, "%x", &trgKeyType);
853 sscanf(p_nonce_file_read, "%x", &nonce_file_read);
854 sscanf(p_nonce_file_write, "%x", &nonce_file_write);
855
856 sscanf(p_slow, "%x", &slow);
857 sscanf(p_tests, "%x", &tests);
858
859 uint8_t key[6] = {0, 0, 0, 0, 0, 0};
860 uint8_t trgkey[6] = {0, 0, 0, 0, 0, 0};
861 for (int i = 0; i < 12; i += 2) {
862 sscanf(&p_key[i], "%02x", &tmp);
863 key[i / 2] = tmp & 0xFF;
864 if (haveTarget) {
865 sscanf(&p_trgkey[i], "%02x", &tmp);
866 trgkey[i / 2] = tmp & 0xFF;
867 }
868 }
869
870 uint64_t foundkey = 0;
871 int retval = mfnestedhard(blockNo, keyType, key, trgBlockNo, trgKeyType, haveTarget ? trgkey : NULL, nonce_file_read, nonce_file_write, slow, tests, &foundkey, filename);
872 DropField();
873
874 //Push the key onto the stack
875 uint8_t dest_key[6];
876 num_to_bytes(foundkey, sizeof(dest_key), dest_key);
877
878 //Push the retval on the stack
879 lua_pushinteger(L, retval);
880 lua_pushlstring(L, (const char *) dest_key, sizeof(dest_key));
881 return 2; //Two return values
882 }
883
884 /**
885 * @brief l_validate_prng is a function to test is a nonce is using the weak PRNG
886 * detection = 1 == weak, 0 == hard , -1 = failed
887 * @param L
888 * @return
889 */
890 static int l_detect_prng(lua_State *L) {
891 int res = detect_classic_prng();
892 lua_pushinteger(L, res);
893 return 1;
894 }
895 /*
896 * @brief l_keygen_algoB is a function to calculate pwd/pack using UID, by algo B
897 * @param L
898 * @return
899 */
900 static int l_keygen_algoB(lua_State *L) {
901 //Check number of arguments
902 int n = lua_gettop(L);
903 if (n != 1) {
904 return returnToLuaWithError(L, "Only UID");
905 }
906
907 size_t size;
908 uint32_t tmp;
909 const char *p_uid = luaL_checklstring(L, 1, &size);
910 if (size != 14)
911 return returnToLuaWithError(L, "Wrong size of UID, got %d bytes, expected 14", (int) size);
912
913 uint8_t uid[7] = {0, 0, 0, 0, 0, 0, 0};
914
915 for (int i = 0; i < 14; i += 2) {
916 sscanf(&p_uid[i], "%02x", &tmp);
917 uid[i / 2] = tmp & 0xFF;
918 }
919
920 uint32_t pwd = ul_ev1_pwdgenB(uid);
921 uint16_t pack = ul_ev1_packgenB(uid);
922
923 lua_pushinteger(L, pwd);
924 lua_pushinteger(L, pack);
925 return 2;
926 }
927
928 /*
929 * @brief l_keygen_algoD is a function to calculate pwd/pack using UID, by algo D
930 * @param L
931 * @return
932 */
933 static int l_keygen_algoD(lua_State *L) {
934 //Check number of arguments
935 int n = lua_gettop(L);
936 if (n != 1) {
937 return returnToLuaWithError(L, "Only UID");
938 }
939
940 size_t size;
941 uint32_t tmp;
942 const char *p_uid = luaL_checklstring(L, 1, &size);
943 if (size != 14)
944 return returnToLuaWithError(L, "Wrong size of UID, got %d bytes, expected 14", (int) size);
945
946 uint8_t uid[7] = {0, 0, 0, 0, 0, 0, 0};
947
948 for (int i = 0; i < 14; i += 2) {
949 sscanf(&p_uid[i], "%02x", &tmp);
950 uid[i / 2] = tmp & 0xFF;
951 }
952
953 uint32_t pwd = ul_ev1_pwdgenD(uid);
954 uint16_t pack = ul_ev1_packgenD(uid);
955
956 lua_pushinteger(L, pwd);
957 lua_pushinteger(L, pack);
958 return 2;
959 }
960
961 /*
962 Read T55Xx block.
963 param1 uint8_t block
964 param2 bool page1
965 param3 bool override
966 param4 uint32_t password
967 */
968 static int l_T55xx_readblock(lua_State *L) {
969
970 //Check number of arguments
971 int n = lua_gettop(L);
972 if (n != 4)
973 return returnToLuaWithError(L, "Wrong number of arguments, got %d bytes, expected 4", n);
974
975 uint32_t block, usepage1, override, password = 0;
976 bool usepwd;
977 size_t size;
978
979 const char *p_blockno = luaL_checklstring(L, 1, &size);
980 if (size < 1 || size > 2)
981 return returnToLuaWithError(L, "Wrong size of blockNo, got %d, expected 1 or 2", (int) size);
982
983 sscanf(p_blockno, "%x", &block);
984
985 const char *p_usepage1 = luaL_checklstring(L, 2, &size);
986 if (size != 1)
987 return returnToLuaWithError(L, "Wrong size of usePage1, got %d, expected 1", (int) size);
988
989 sscanf(p_usepage1, "%x", &usepage1);
990
991 const char *p_override = luaL_checklstring(L, 3, &size);
992 if (size != 1)
993 return returnToLuaWithError(L, "Wrong size of override, got %d, expected 1", (int) size);
994
995 sscanf(p_override, "%x", &override);
996
997 const char *p_pwd = luaL_checklstring(L, 4, &size);
998 if (size == 0) {
999 usepwd = false;
1000 } else {
1001
1002 if (size != 8)
1003 return returnToLuaWithError(L, "Wrong size of pwd, got %d , expected 8", (int) size);
1004
1005 sscanf(p_pwd, "%08x", &password);
1006 usepwd = true;
1007 }
1008
1009 //Password mode
1010 if (usepwd) {
1011 // try reading the config block and verify that PWD bit is set before doing this!
1012 if (!override) {
1013
1014 if (!AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, false, 0, 0)) {
1015 return returnToLuaWithError(L, "Failed to read config block");
1016 }
1017
1018 if (!t55xxTryDetectModulation(0, true)) { // Default to prev. behaviour (default dl mode and print config)
1019 PrintAndLogEx(NORMAL, "Safety Check: Could not detect if PWD bit is set in config block. Exits.");
1020 return 0;
1021 } else {
1022 PrintAndLogEx(NORMAL, "Safety Check: PWD bit is NOT set in config block. Reading without password...");
1023 usepwd = false;
1024 usepage1 = false;
1025 }
1026 } else {
1027 PrintAndLogEx(NORMAL, "Safety Check Overridden - proceeding despite risk");
1028 }
1029 }
1030
1031 if (!AcquireData(usepage1, block, usepwd, password, 0)) {
1032 return returnToLuaWithError(L, "Failed to acquire data from card");
1033 }
1034
1035 if (!DecodeT55xxBlock()) {
1036 return returnToLuaWithError(L, "Failed to decode signal");
1037 }
1038
1039 uint32_t blockData = 0;
1040 if (GetT55xxBlockData(&blockData) == false) {
1041 return returnToLuaWithError(L, "Failed to get actual data");
1042 }
1043
1044 lua_pushinteger(L, blockData);
1045 return 1;
1046 }
1047
1048 // arg 1 = pwd
1049 // arg 2 = use GB
1050 static int l_T55xx_detect(lua_State *L) {
1051 bool useGB = false, usepwd = false, isok;
1052 uint32_t gb, password = 0;
1053 size_t size;
1054
1055 //Check number of arguments
1056 int n = lua_gettop(L);
1057
1058 switch (n) {
1059 case 2: {
1060 const char *p_gb = luaL_checklstring(L, 2, &size);
1061 if (size != 1)
1062 return returnToLuaWithError(L, "Wrong size of useGB, got %d , expected 1", (int) size);
1063
1064 sscanf(p_gb, "%u", &gb);
1065 useGB = (gb) ? true : false;
1066 PrintAndLogEx(INFO, "p_gb size %zu | %c", size, useGB ? 'Y' : 'N');
1067 }
1068 case 1: {
1069 const char *p_pwd = luaL_checklstring(L, 1, &size);
1070 if (size == 0) {
1071 usepwd = false;
1072 } else {
1073
1074 if (size != 8)
1075 return returnToLuaWithError(L, "Wrong size of pwd, got %d , expected 8", (int) size);
1076
1077 sscanf(p_pwd, "%08x", &password);
1078 usepwd = true;
1079 }
1080 break;
1081 }
1082 default :
1083 break;
1084 }
1085
1086 if (!useGB) {
1087
1088 isok = AcquireData(T55x7_PAGE0, T55x7_CONFIGURATION_BLOCK, usepwd, password, 0);
1089 if (isok == false) {
1090 return returnToLuaWithError(L, "Failed to acquire LF signal data");
1091 }
1092 }
1093
1094 isok = t55xxTryDetectModulation(0, true); // Default to prev. behaviour (default dl mode and print config)
1095 if (isok == false) {
1096 return returnToLuaWithError(L, "Could not detect modulation automatically. Try setting it manually with \'lf t55xx config\'");
1097 }
1098
1099 lua_pushinteger(L, isok);
1100 lua_pushstring(L, "Success");
1101 return 2;
1102 }
1103
1104 // 4305
1105 static int l_em4x05_read(lua_State *L) {
1106
1107 bool use_pwd = false;
1108 uint32_t addr, password = 0;
1109
1110 //Check number of arguments
1111 //int n = lua_gettop(L);
1112
1113 // get addr
1114 size_t size = 0;
1115 const char *p_addr = luaL_checklstring(L, 1, &size);
1116 sscanf(p_addr, "%u", &addr);
1117
1118 // get password
1119 const char *p_pwd = luaL_checkstring(L, 2);
1120 if (p_pwd == NULL || strlen(p_pwd) == 0) {
1121 use_pwd = false;
1122 } else {
1123 if (strlen(p_pwd) != 8)
1124 return returnToLuaWithError(L, "Wrong size of password, got %zu , expected 8", strlen(p_pwd));
1125
1126 sscanf(p_pwd, "%08x", &password);
1127 use_pwd = true;
1128 }
1129
1130 PrintAndLogEx(DEBUG, "Addr %u", addr);
1131 if (use_pwd)
1132 PrintAndLogEx(DEBUG, " Pwd %08X", password);
1133
1134 uint32_t word = 0;
1135 int res = em4x05_read_word_ext(addr, password, use_pwd, &word);
1136 if (res != PM3_SUCCESS) {
1137 return returnToLuaWithError(L, "Failed to read EM4x05 data");
1138 }
1139
1140 lua_pushinteger(L, word);
1141 return 1;
1142 }
1143
1144 // 4350
1145 static int l_em4x50_read(lua_State *L) {
1146
1147 // get addr
1148 size_t size = 0;
1149 const char *p_addr = luaL_checklstring(L, 1, &size);
1150 uint32_t addr = 0;
1151 sscanf(p_addr, "%u", &addr);
1152
1153 if (addr > 31)
1154 return returnToLuaWithError(L, "Address out-of-range (0..31) got %u", addr);
1155
1156 // setting up structures
1157 em4x50_data_t etd;
1158 memset(&etd, 0x00, sizeof(em4x50_data_t));
1159 etd.addr_given = true;
1160 etd.addresses = addr & 0xFF;
1161
1162 // get password
1163 const char *p_pwd = luaL_checkstring(L, 2);
1164 if (p_pwd == NULL || strlen(p_pwd) == 0) {
1165 etd.pwd_given = false;
1166 } else {
1167 if (strlen(p_pwd) != 8)
1168 return returnToLuaWithError(L, "Wrong size of password, got %zu , expected 8", strlen(p_pwd));
1169
1170 uint32_t pwd = 0;
1171 sscanf(p_pwd, "%08x", &pwd);
1172
1173 PrintAndLogEx(DEBUG, " Pwd %08X", pwd);
1174
1175 etd.password1 = pwd;
1176 etd.pwd_given = true;
1177 }
1178
1179 PrintAndLogEx(DEBUG, "Addr %u", etd.addresses & 0xFF);
1180 if (etd.pwd_given)
1181 PrintAndLogEx(DEBUG, " Pwd %08x", etd.password1);
1182
1183 em4x50_word_t words[EM4X50_NO_WORDS];
1184
1185 int res = em4x50_read(&etd, words);
1186 if (res != PM3_SUCCESS) {
1187 return returnToLuaWithError(L, "Failed to read EM4x50 data");
1188 }
1189
1190 uint32_t word = (
1191 words[etd.addresses & 0xFF].byte[0] << 24 |
1192 words[etd.addresses & 0xFF].byte[1] << 16 |
1193 words[etd.addresses & 0xFF].byte[2] << 8 |
1194 words[etd.addresses & 0xFF].byte[3]
1195 );
1196 lua_pushinteger(L, word);
1197 return 1;
1198 }
1199
1200 //
1201 static int l_ndefparse(lua_State *L) {
1202
1203 //Check number of arguments
1204 int n = lua_gettop(L);
1205 if (n != 3) {
1206 return returnToLuaWithError(L, "You need to supply three parameters");
1207 }
1208
1209 size_t datalen = luaL_checknumber(L, 1);
1210 bool verbose = luaL_checknumber(L, 2);
1211
1212 uint8_t *data = calloc(datalen, sizeof(uint8_t));
1213 if (data == 0) {
1214 return returnToLuaWithError(L, "Allocating memory failed");
1215 }
1216
1217 // data
1218 size_t size;
1219 const char *p_data = luaL_checklstring(L, 3, &size);
1220 if (size) {
1221 if (size > (datalen << 1))
1222 size = (datalen << 1);
1223
1224 uint32_t tmp;
1225 for (int i = 0; i < size; i += 2) {
1226 sscanf(&p_data[i], "%02x", &tmp);
1227 data[i >> 1] = tmp & 0xFF;
1228 }
1229 }
1230
1231 int res = NDEFDecodeAndPrint(data, datalen, verbose);
1232 lua_pushinteger(L, res);
1233 return 1;
1234 }
1235
1236 static int l_ul_read_uid(lua_State *L) {
1237 uint8_t uid[7] = { 0, 0, 0, 0, 0, 0, 0 };
1238 int res = ul_read_uid(uid);
1239 if (res != PM3_SUCCESS) {
1240 return returnToLuaWithError(L, "Failed to read Ultralight/NTAG UID");
1241 }
1242 char buf[15];
1243 memset(buf, 0, sizeof(buf));
1244 snprintf(buf, sizeof(buf), "%02X%02X%02X%02X%02X%02X%02X", uid[0], uid[1], uid[2], uid[3], uid[4], uid[5], uid[6]);
1245 lua_pushstring(L, buf);
1246 return 1;
1247 }
1248
1249 static int l_remark(lua_State *L) {
1250 //Check number of arguments
1251 int n = lua_gettop(L);
1252 if (n != 1) {
1253 return returnToLuaWithError(L, "Only one string allowed");
1254 }
1255
1256 size_t size;
1257 const char *s = luaL_checklstring(L, 1, &size);
1258 int res = CmdRem(s);
1259 lua_pushinteger(L, res);
1260 return 1;
1261 }
1262
1263 static int l_set_iso_dep_state(lua_State *L) {
1264
1265 //Check number of arguments
1266 int n = lua_gettop(L);
1267 if (n != 1) {
1268 return returnToLuaWithError(L, "Only one value allowed");
1269 }
1270
1271 size_t state = luaL_checknumber(L, 1);
1272 switch (state) {
1273 case 0:
1274 SetISODEPState(ISODEP_INACTIVE);
1275 break;
1276 case 1:
1277 SetISODEPState(ISODEP_NFCA);
1278 break;
1279 case 2:
1280 SetISODEPState(ISODEP_NFCB);
1281 break;
1282 case 3:
1283 SetISODEPState(ISODEP_NFCV);
1284 break;
1285 default:
1286 return returnToLuaWithError(L, "Wrong ISODEP STATE value");
1287 }
1288 return 1;
1289 }
1290
1291 // 1. filename
1292 // 2. extension
1293 // output: full search path to file
1294 static int l_searchfile(lua_State *L) {
1295 // Check number of arguments
1296 int n = lua_gettop(L);
1297 if (n != 2) {
1298 return returnToLuaWithError(L, "Only filename and extension");
1299 }
1300
1301 size_t size;
1302 // data
1303 const char *filename = luaL_checklstring(L, 1, &size);
1304 if (size == 0) {
1305 return returnToLuaWithError(L, "Must specify filename");
1306 }
1307
1308 const char *suffix = luaL_checklstring(L, 2, &size);
1309 char *path;
1310 int res = searchFile(&path, "", filename, suffix, false);
1311 if (res != PM3_SUCCESS) {
1312 return returnToLuaWithError(L, "Failed to find file");
1313 }
1314
1315 lua_pushstring(L, path);
1316 free(path);
1317 return 1;
1318 }
1319
1320 static int l_ud(lua_State *L) {
1321 const char *ud = get_my_user_directory();
1322 lua_pushstring(L, ud);
1323 return 1;
1324 }
1325 static int l_ewd(lua_State *L) {
1326 const char *ewd = get_my_executable_directory();
1327 lua_pushstring(L, ewd);
1328 return 1;
1329 }
1330 static int l_cwd(lua_State *L) {
1331
1332 uint16_t path_len = FILENAME_MAX; // should be a good starting point
1333 char *cwd = (char *)calloc(path_len, sizeof(uint8_t));
1334 if (cwd == NULL) {
1335 return returnToLuaWithError(L, "Failed to allocate memory");
1336 }
1337
1338 while (GetCurrentDir(cwd, path_len) == NULL) {
1339 if (errno == ERANGE) { // Need bigger buffer
1340 path_len += 10; // if buffer was too small add 10 characters and try again
1341 char *cwdNew = realloc(cwd, path_len);
1342 if (cwdNew == NULL) {
1343 free(cwd);
1344 return returnToLuaWithError(L, "Failed to allocate memory");
1345 }
1346 cwd = cwdNew;
1347 } else {
1348 free(cwd);
1349 return returnToLuaWithError(L, "Failed to get current working directory");
1350 }
1351 }
1352 lua_pushstring(L, cwd);
1353 free(cwd);
1354 return 1;
1355 }
1356
1357 // ref: https://github.com/RfidResearchGroup/proxmark3/issues/891
1358 // redirect LUA's print to Proxmark3 PrintAndLogEx
1359 static int l_printandlogex(lua_State *L) {
1360 int n = lua_gettop(L);
1361 for (int i = 1; i <= n; i++) {
1362 if (lua_isstring(L, i)) {
1363 PrintAndLogEx(NORMAL, "%s\t" NOLF, lua_tostring(L, i));
1364 }
1365 }
1366 PrintAndLogEx(NORMAL, "");
1367 return 0;
1368 }
1369
1370 /**
1371 * @brief Sets the lua path to include "./lualibs/?.lua", in order for a script to be
1372 * able to do "require('foobar')" if foobar.lua is within lualibs folder.
1373 * Taken from http://stackoverflow.com/questions/4125971/setting-the-global-lua-path-variable-from-c-c
1374 * @param L
1375 * @param path
1376 * @return
1377 */
1378 static int setLuaPath(lua_State *L, const char *path) {
1379 lua_getglobal(L, "package");
1380 lua_getfield(L, -1, "path"); // get field "path" from table at top of stack (-1)
1381 const char *cur_path = lua_tostring(L, -1); // grab path string from top of stack
1382 int requiredLength = strlen(cur_path) + strlen(path) + 10; //A few bytes too many, whatever we can afford it
1383 char *buf = calloc(requiredLength, sizeof(char));
1384 snprintf(buf, requiredLength, "%s;%s", cur_path, path);
1385 lua_pop(L, 1); // get rid of the string on the stack we just pushed on line 5
1386 lua_pushstring(L, buf); // push the new one
1387 lua_setfield(L, -2, "path"); // set the field "path" in table at -2 with value at top of stack
1388 lua_pop(L, 1); // get rid of package table from top of stack
1389 free(buf);
1390 return 0; // all done!
1391 }
1392
1393 int set_pm3_libraries(lua_State *L) {
1394 static const luaL_Reg libs[] = {
1395 {"SendCommandMIX", l_SendCommandMIX},
1396 {"SendCommandNG", l_SendCommandNG},
1397 {"GetFromBigBuf", l_GetFromBigBuf},
1398 {"GetFromFlashMem", l_GetFromFlashMem},
1399 {"GetFromFlashMemSpiffs", l_GetFromFlashMemSpiffs},
1400 {"WaitForResponseTimeout", l_WaitForResponseTimeout},
1401 {"mfDarkside", l_mfDarkside},
1402 {"foobar", l_foobar},
1403 {"kbd_enter_pressed", l_kbd_enter_pressed},
1404 {"clearCommandBuffer", l_clearCommandBuffer},
1405 {"console", l_CmdConsole},
1406 {"iso15693_crc", l_iso15693_crc},
1407 {"iso14443b_crc", l_iso14443b_crc},
1408 {"aes128_decrypt", l_aes128decrypt_cbc},
1409 {"aes128_decrypt_ecb", l_aes128decrypt_ecb},
1410 {"aes128_encrypt", l_aes128encrypt_cbc},
1411 {"aes128_encrypt_ecb", l_aes128encrypt_ecb},
1412 {"crc8legic", l_crc8legic},
1413 {"crc16legic", l_crc16legic},
1414 {"crc16", l_crc16},
1415 {"crc64", l_crc64},
1416 {"crc64_ecma182", l_crc64_ecma182},
1417 {"sha1", l_sha1},
1418 {"reveng_models", l_reveng_models},
1419 {"reveng_runmodel", l_reveng_runmodel},
1420 {"hardnested", l_hardnested},
1421 {"detect_prng", l_detect_prng},
1422 // {"keygen.algoA", l_keygen_algoA},
1423 {"keygen_algo_b", l_keygen_algoB},
1424 // {"keygen.algoC", l_keygen_algoC},
1425 {"keygen_algo_d", l_keygen_algoD},
1426 {"t55xx_readblock", l_T55xx_readblock},
1427 {"t55xx_detect", l_T55xx_detect},
1428 {"ndefparse", l_ndefparse},
1429 {"fast_push_mode", l_fast_push_mode},
1430 {"search_file", l_searchfile},
1431 {"cwd", l_cwd},
1432 {"ewd", l_ewd},
1433 {"ud", l_ud},
1434 {"rem", l_remark},
1435 {"em4x05_read", l_em4x05_read},
1436 {"em4x50_read", l_em4x50_read},
1437 {"ul_read_uid", l_ul_read_uid},
1438 {"set_isodepstate", l_set_iso_dep_state},
1439 {NULL, NULL}
1440 };
1441
1442 lua_pushglobaltable(L);
1443
1444 // bit32 compatibility shim
1445 register_bit32_lib(L);
1446
1447 // Core module
1448 luaL_newlib(L, libs);
1449 lua_setfield(L, -2, "core");
1450
1451 // remove the global environment table from the stack
1452 lua_pop(L, 1);
1453
1454 // print redirect here
1455 lua_register(L, "print", l_printandlogex);
1456
1457 // add to the LUA_PATH (package.path in lua)
1458 // so we can load scripts from various places:
1459 const char *exec_path = get_my_executable_directory();
1460 if (exec_path != NULL) {
1461 // from the ./luascripts/ directory
1462 char scripts_path[strlen(exec_path) + strlen(LUA_SCRIPTS_SUBDIR) + strlen(LUA_LIBRARIES_WILDCARD) + 1];
1463 strcpy(scripts_path, exec_path);
1464 strcat(scripts_path, LUA_SCRIPTS_SUBDIR);
1465 strcat(scripts_path, LUA_LIBRARIES_WILDCARD);
1466 setLuaPath(L, scripts_path);
1467 // from the ./lualib/ directory
1468 char libraries_path[strlen(exec_path) + strlen(LUA_LIBRARIES_SUBDIR) + strlen(LUA_LIBRARIES_WILDCARD) + 1];
1469 strcpy(libraries_path, exec_path);
1470 strcat(libraries_path, LUA_LIBRARIES_SUBDIR);
1471 strcat(libraries_path, LUA_LIBRARIES_WILDCARD);
1472 setLuaPath(L, libraries_path);
1473 }
1474 const char *user_path = get_my_user_directory();
1475 if (user_path != NULL) {
1476 // from the $HOME/.proxmark3/luascripts/ directory
1477 char scripts_path[strlen(user_path) + strlen(PM3_USER_DIRECTORY) + strlen(LUA_SCRIPTS_SUBDIR) + strlen(LUA_LIBRARIES_WILDCARD) + 1];
1478 strcpy(scripts_path, user_path);
1479 strcat(scripts_path, PM3_USER_DIRECTORY);
1480 strcat(scripts_path, LUA_SCRIPTS_SUBDIR);
1481 strcat(scripts_path, LUA_LIBRARIES_WILDCARD);
1482 setLuaPath(L, scripts_path);
1483
1484 // from the $HOME/.proxmark3/lualib/ directory
1485 char libraries_path[strlen(user_path) + strlen(PM3_USER_DIRECTORY) + strlen(LUA_LIBRARIES_SUBDIR) + strlen(LUA_LIBRARIES_WILDCARD) + 1];
1486 strcpy(libraries_path, user_path);
1487 strcat(libraries_path, PM3_USER_DIRECTORY);
1488 strcat(libraries_path, LUA_LIBRARIES_SUBDIR);
1489 strcat(libraries_path, LUA_LIBRARIES_WILDCARD);
1490 setLuaPath(L, libraries_path);
1491 }
1492
1493 if (exec_path != NULL) {
1494 // from the $PREFIX/share/proxmark3/luascripts/ directory
1495 char scripts_path[strlen(exec_path) + strlen(PM3_SHARE_RELPATH) + strlen(LUA_SCRIPTS_SUBDIR) + strlen(LUA_LIBRARIES_WILDCARD) + 1];
1496 strcpy(scripts_path, exec_path);
1497 strcat(scripts_path, PM3_SHARE_RELPATH);
1498 strcat(scripts_path, LUA_SCRIPTS_SUBDIR);
1499 strcat(scripts_path, LUA_LIBRARIES_WILDCARD);
1500 setLuaPath(L, scripts_path);
1501 // from the $PREFIX/share/proxmark3/lualib/ directory
1502 char libraries_path[strlen(exec_path) + strlen(PM3_SHARE_RELPATH) + strlen(LUA_LIBRARIES_SUBDIR) + strlen(LUA_LIBRARIES_WILDCARD) + 1];
1503 strcpy(libraries_path, exec_path);
1504 strcat(libraries_path, PM3_SHARE_RELPATH);
1505 strcat(libraries_path, LUA_LIBRARIES_SUBDIR);
1506 strcat(libraries_path, LUA_LIBRARIES_WILDCARD);
1507 setLuaPath(L, libraries_path);
1508 }
1509 return 1;
1510 }
Proxmark3 - the RFID research Swiss army knife. Iceman firmware