search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
fix workflow yaml
[RRG-proxmark3.git] / include / mifare.h
blob69665cdc82abf203fb25d7b8f2506d6018e0f1e6
1 //-----------------------------------------------------------------------------
2 // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details.
3 //
4 // This program is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // This program is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
13 //
14 // See LICENSE.txt for the text of the license.
15 //-----------------------------------------------------------------------------
16 // MIFARE type prototyping
17 //-----------------------------------------------------------------------------
18
19 #ifndef _MIFARE_H_
20 #define _MIFARE_H_
21
22 #include "common.h"
23
24 // These are also used to construct AUTH commands (60+x)
25 #define MF_KEY_A 0
26 #define MF_KEY_B 1
27 #define MF_KEY_BD 4
28
29 #define MF_MAD1_SECTOR 0x00
30 #define MF_MAD2_SECTOR 0x10
31
32 //-----------------------------------------------------------------------------
33 // Common types, used by client and ARM
34 //-----------------------------------------------------------------------------
35 // New Ultralight/NTAG dump file format
36 // Length must be aligned to 4 bytes (UL/NTAG page)
37 #define MFU_DUMP_PREFIX_LENGTH 56
38
39 typedef struct {
40 uint8_t version[8];
41 uint8_t tbo[2];
42 uint8_t tbo1[1];
43 uint8_t pages; // max page number in dump
44 uint8_t signature[32];
45 uint8_t counter_tearing[3][4]; // 3 bytes counter, 1 byte tearing flag
46 uint8_t data[1024];
47 } PACKED mfu_dump_t;
48
49 //-----------------------------------------------------------------------------
50 // ISO 14443A
51 //-----------------------------------------------------------------------------
52 typedef struct {
53 uint8_t uid[10];
54 uint8_t uidlen;
55 uint8_t atqa[2];
56 uint8_t sak;
57 uint8_t ats_len;
58 uint8_t ats[256];
59 } PACKED iso14a_card_select_t;
60
61 typedef struct {
62 uint8_t uid[10];
63 uint8_t uidlen;
64 uint8_t atqa[2];
65 uint8_t sak;
66 uint8_t ats_len;
67 uint8_t ats[256];
68 uint8_t signature[32];
69 } PACKED iso14a_card_select_ev1_t;
70
71 typedef struct {
72 iso14a_card_select_t card_info;
73 uint16_t dumplen;
74 uint8_t *dump;
75 } iso14a_mf_extdump_t;
76
77 typedef struct {
78 union {
79 iso14a_card_select_t mfc;
80 iso14a_card_select_ev1_t ev1;
81 } card;
82 uint16_t dumplen;
83 uint8_t *dump;
84 } iso14a_mf_dump_ev1_t;
85
86 typedef struct {
87 uint8_t nt[17][2][4];
88 uint8_t nt_enc[17][2][4];
89 uint8_t par_err[17][2];
90 uint8_t blocks[64][16]; // [MIFARE_1K_MAXSECTOR * 4][MFBLOCK_SIZE]
91 } iso14a_fm11rf08s_nonces_with_data_t;
92
93 typedef enum ISO14A_COMMAND {
94 ISO14A_CONNECT = (1 << 0),
95 ISO14A_NO_DISCONNECT = (1 << 1),
96 ISO14A_APDU = (1 << 2),
97 ISO14A_RAW = (1 << 3),
98 ISO14A_REQUEST_TRIGGER = (1 << 4),
99 ISO14A_APPEND_CRC = (1 << 5),
100 ISO14A_SET_TIMEOUT = (1 << 6),
101 ISO14A_NO_SELECT = (1 << 7),
102 ISO14A_TOPAZMODE = (1 << 8),
103 ISO14A_NO_RATS = (1 << 9),
104 ISO14A_SEND_CHAINING = (1 << 10),
105 ISO14A_USE_ECP = (1 << 11),
106 ISO14A_USE_MAGSAFE = (1 << 12),
107 ISO14A_USE_CUSTOM_POLLING = (1 << 13),
108 ISO14A_CRYPTO1MODE = (1 << 14)
109 } iso14a_command_t;
110
111 // Defines a frame that will be used in a polling sequence
112 // ECP Frames are up to (7 + 16) bytes long, 24 bytes should cover future and other cases
113 typedef struct {
114 uint8_t frame[24];
115 uint8_t frame_length;
116 uint8_t last_byte_bits;
117 uint16_t extra_delay;
118 } PACKED iso14a_polling_frame_t;
119
120 // Defines polling sequence configuration
121 // 6 would be enough for 4 magsafe, 1 wupa, 1 ecp,
122 typedef struct {
123 iso14a_polling_frame_t frames[6];
124 uint8_t frame_count;
125 uint16_t extra_timeout;
126 } PACKED iso14a_polling_parameters_t;
127
128 typedef struct {
129 uint8_t *response;
130 uint8_t *modulation;
131 uint16_t response_n;
132 uint16_t modulation_n;
133 uint32_t ProxToAirDuration;
134 uint8_t par; // enough for precalculated parity of 8 Byte responses
135 } PACKED tag_response_info_t;
136
137 // DESFIRE_RAW flag enums
138 typedef enum DESFIRE_COMMAND {
139 NONE = 0x00,
140 INIT = 0x01,
141 DISCONNECT = 0x02,
142 CLEARTRACE = 0x04,
143 BAR = 0x10,
144 } desfire_command_t;
145
146 typedef enum {
147 MFDES_AUTH_DES = 1,
148 MFDES_AUTH_ISO = 2,
149 MFDES_AUTH_AES = 3,
150 MFDES_AUTH_PICC = 4
151 } mifare_des_authmode_t;
152
153 typedef enum {
154 MFDES_ALGO_DES = 1,
155 MFDES_ALGO_3DES = 2,
156 MFDES_ALGO_3K3DES = 3,
157 MFDES_ALGO_AES = 4
158 } mifare_des_authalgo_t;
159
160 typedef enum {
161 MFDES_KDF_ALGO_NONE = 0,
162 MFDES_KDF_ALGO_AN10922 = 1,
163 MFDES_KDF_ALGO_GALLAGHER = 2,
164 } mifare_des_kdf_algo_t;
165
166 //-----------------------------------------------------------------------------
167 // "hf 14a sim -x", "hf mf sim -x" attacks
168 //-----------------------------------------------------------------------------
169 typedef enum {
170 EMPTY,
171 FIRST,
172 SECOND,
173 NESTED
174 } nonce_state;
175
176 typedef struct {
177 uint32_t cuid;
178 uint32_t nonce;
179 uint32_t ar;
180 uint32_t nr;
181 uint32_t at;
182 uint32_t nonce2;
183 uint32_t ar2;
184 uint32_t nr2;
185 uint8_t sector;
186 uint8_t keytype;
187 uint8_t state;
188 } PACKED nonces_t;
189
190 #endif // _MIFARE_H_
Proxmark3 - the RFID research Swiss army knife. Iceman firmware