33 #include "target-subr.h"
49 struct card_atqa const_ca[] = {
51 0x0044, 0xffff,
"MIFARE Ultralight",
55 0x0044, 0xffff,
"MIFARE Ultralight C",
59 0x0004, 0xff0f,
"MIFARE Mini 0.3K",
63 0x0004, 0xff0f,
"MIFARE Classic 1K",
67 0x0002, 0xff0f,
"MIFARE Classic 4K",
71 0x0004, 0xffff,
"MIFARE Plus (4 Byte UID or 4 Byte RID)",
72 {4, 5, 6, 7, 8, 9, -1}
75 0x0002, 0xffff,
"MIFARE Plus (4 Byte UID or 4 Byte RID)",
76 {4, 5, 6, 7, 8, 9, -1}
79 0x0044, 0xffff,
"MIFARE Plus (7 Byte UID)",
80 {4, 5, 6, 7, 8, 9, -1}
83 0x0042, 0xffff,
"MIFARE Plus (7 Byte UID)",
84 {4, 5, 6, 7, 8, 9, -1}
87 0x0344, 0xffff,
"MIFARE DESFire",
91 0x0044, 0xffff,
"P3SR008",
95 0x0004, 0xf0ff,
"SmartMX with MIFARE 1K emulation",
99 0x0002, 0xf0ff,
"SmartMX with MIFARE 4K emulation",
103 0x0048, 0xf0ff,
"SmartMX with 7 Byte UID",
108 struct card_sak const_cs[] = {
113 {0x08, 0xff,
" 2K, Security level 1" },
114 {0x18, 0xff,
" 4K, Security level 1" },
115 {0x10, 0xff,
" 2K, Security level 2" },
116 {0x11, 0xff,
" 4K, Security level 2" },
117 {0x20, 0xff,
" 2K, Security level 3" },
118 {0x20, 0xff,
" 4K, Security level 3" },
119 {0x20, 0xff,
" 4K" },
120 {0x20, 0xff,
" EV1 2K/4K/8K" },
125 snprint_hex(
char *dst,
size_t size,
const uint8_t *pbtData,
const size_t szBytes)
129 for (szPos = 0; szPos < szBytes; szPos++) {
130 res += snprintf(dst + res, size - res,
"%02x ", pbtData[szPos]);
132 res += snprintf(dst + res, size - res,
"\n");
136 #define SAK_UID_NOT_COMPLETE 0x04
137 #define SAK_ISO14443_4_COMPLIANT 0x20
138 #define SAK_ISO18092_COMPLIANT 0x40
141 snprint_nfc_iso14443a_info(
char *dst,
size_t size,
const nfc_iso14443a_info *pnai,
bool verbose)
144 off += snprintf(dst + off, size - off,
" ATQA (SENS_RES): ");
145 off += snprint_hex(dst + off, size - off, pnai->abtAtqa, 2);
147 off += snprintf(dst + off, size - off,
"* UID size: ");
148 switch ((pnai->abtAtqa[1] & 0xc0) >> 6) {
150 off += snprintf(dst + off, size - off,
"single\n");
153 off += snprintf(dst + off, size - off,
"double\n");
156 off += snprintf(dst + off, size - off,
"triple\n");
159 off += snprintf(dst + off, size - off,
"RFU\n");
162 off += snprintf(dst + off, size - off,
"* bit frame anticollision ");
163 switch (pnai->abtAtqa[1] & 0x1f) {
169 off += snprintf(dst + off, size - off,
"supported\n");
172 off += snprintf(dst + off, size - off,
"not supported\n");
176 off += snprintf(dst + off, size - off,
" UID (NFCID%c): ", (pnai->abtUid[0] == 0x08 ?
'3' :
'1'));
177 off += snprint_hex(dst + off, size - off, pnai->abtUid, pnai->szUidLen);
179 if (pnai->abtUid[0] == 0x08) {
180 off += snprintf(dst + off, size - off,
"* Random UID\n");
183 off += snprintf(dst + off, size - off,
" SAK (SEL_RES): ");
184 off += snprint_hex(dst + off, size - off, &pnai->btSak, 1);
186 if (pnai->btSak & SAK_UID_NOT_COMPLETE) {
187 off += snprintf(dst + off, size - off,
"* Warning! Cascade bit set: UID not complete\n");
189 if (pnai->btSak & SAK_ISO14443_4_COMPLIANT) {
190 off += snprintf(dst + off, size - off,
"* Compliant with ISO/IEC 14443-4\n");
192 off += snprintf(dst + off, size - off,
"* Not compliant with ISO/IEC 14443-4\n");
194 if (pnai->btSak & SAK_ISO18092_COMPLIANT) {
195 off += snprintf(dst + off, size - off,
"* Compliant with ISO/IEC 18092\n");
197 off += snprintf(dst + off, size - off,
"* Not compliant with ISO/IEC 18092\n");
200 if (pnai->szAtsLen) {
201 off += snprintf(dst + off, size - off,
" ATS: ");
202 off += snprint_hex(dst + off, size - off, pnai->abtAts, pnai->szAtsLen);
204 if (pnai->szAtsLen && verbose) {
206 const int iMaxFrameSizes[] = { 16, 24, 32, 40, 48, 64, 96, 128, 256 };
207 off += snprintf(dst + off, size - off,
"* Max Frame Size accepted by PICC: %d bytes\n", iMaxFrameSizes[pnai->abtAts[0] & 0x0F]);
210 if (pnai->abtAts[0] & 0x10) {
211 uint8_t TA = pnai->abtAts[offset];
213 off += snprintf(dst + off, size - off,
"* Bit Rate Capability:\n");
215 off += snprintf(dst + off, size - off,
" * PICC supports only 106 kbits/s in both directions\n");
218 off += snprintf(dst + off, size - off,
" * Same bitrate in both directions mandatory\n");
221 off += snprintf(dst + off, size - off,
" * PICC to PCD, DS=2, bitrate 212 kbits/s supported\n");
224 off += snprintf(dst + off, size - off,
" * PICC to PCD, DS=4, bitrate 424 kbits/s supported\n");
227 off += snprintf(dst + off, size - off,
" * PICC to PCD, DS=8, bitrate 847 kbits/s supported\n");
230 off += snprintf(dst + off, size - off,
" * PCD to PICC, DR=2, bitrate 212 kbits/s supported\n");
233 off += snprintf(dst + off, size - off,
" * PCD to PICC, DR=4, bitrate 424 kbits/s supported\n");
236 off += snprintf(dst + off, size - off,
" * PCD to PICC, DR=8, bitrate 847 kbits/s supported\n");
239 off += snprintf(dst + off, size - off,
" * ERROR unknown value\n");
242 if (pnai->abtAts[0] & 0x20) {
243 uint8_t TB = pnai->abtAts[offset];
245 off += snprintf(dst + off, size - off,
"* Frame Waiting Time: %.4g ms\n", 256.0 * 16.0 * (1 << ((TB & 0xf0) >> 4)) / 13560.0);
246 if ((TB & 0x0f) == 0) {
247 off += snprintf(dst + off, size - off,
"* No Start-up Frame Guard Time required\n");
249 off += snprintf(dst + off, size - off,
"* Start-up Frame Guard Time: %.4g ms\n", 256.0 * 16.0 * (1 << (TB & 0x0f)) / 13560.0);
252 if (pnai->abtAts[0] & 0x40) {
253 uint8_t TC = pnai->abtAts[offset];
256 off += snprintf(dst + off, size - off,
"* Node Address supported\n");
258 off += snprintf(dst + off, size - off,
"* Node Address not supported\n");
261 off += snprintf(dst + off, size - off,
"* Card IDentifier supported\n");
263 off += snprintf(dst + off, size - off,
"* Card IDentifier not supported\n");
266 if (pnai->szAtsLen > offset) {
267 off += snprintf(dst + off, size - off,
"* Historical bytes Tk: ");
268 off += snprint_hex(dst + off, size - off, pnai->abtAts + offset, (pnai->szAtsLen - offset));
269 uint8_t CIB = pnai->abtAts[offset];
271 if (CIB != 0x00 && CIB != 0x10 && (CIB & 0xf0) != 0x80) {
272 off += snprintf(dst + off, size - off,
" * Proprietary format\n");
274 off += snprintf(dst + off, size - off,
" * Tag byte: Mifare or virtual cards of various types\n");
275 uint8_t L = pnai->abtAts[offset];
277 if (L != (pnai->szAtsLen - offset)) {
278 off += snprintf(dst + off, size - off,
" * Warning: Type Identification Coding length (%i)", L);
279 off += snprintf(dst + off, size - off,
" not matching Tk length (%" PRIdPTR
")\n", (pnai->szAtsLen - offset));
281 if ((pnai->szAtsLen - offset - 2) > 0) {
282 uint8_t CTC = pnai->abtAts[offset];
284 off += snprintf(dst + off, size - off,
" * Chip Type: ");
285 switch (CTC & 0xf0) {
287 off += snprintf(dst + off, size - off,
"(Multiple) Virtual Cards\n");
290 off += snprintf(dst + off, size - off,
"Mifare DESFire\n");
293 off += snprintf(dst + off, size - off,
"Mifare Plus\n");
296 off += snprintf(dst + off, size - off,
"RFU\n");
299 off += snprintf(dst + off, size - off,
" * Memory size: ");
300 switch (CTC & 0x0f) {
302 off += snprintf(dst + off, size - off,
"<1 kbyte\n");
305 off += snprintf(dst + off, size - off,
"1 kbyte\n");
308 off += snprintf(dst + off, size - off,
"2 kbyte\n");
311 off += snprintf(dst + off, size - off,
"4 kbyte\n");
314 off += snprintf(dst + off, size - off,
"8 kbyte\n");
317 off += snprintf(dst + off, size - off,
"Unspecified\n");
320 off += snprintf(dst + off, size - off,
"RFU\n");
324 if ((pnai->szAtsLen - offset) > 0) {
325 uint8_t CVC = pnai->abtAts[offset];
327 off += snprintf(dst + off, size - off,
" * Chip Status: ");
328 switch (CVC & 0xf0) {
330 off += snprintf(dst + off, size - off,
"Engineering sample\n");
333 off += snprintf(dst + off, size - off,
"Released\n");
336 off += snprintf(dst + off, size - off,
"RFU\n");
339 off += snprintf(dst + off, size - off,
" * Chip Generation: ");
340 switch (CVC & 0x0f) {
342 off += snprintf(dst + off, size - off,
"Generation 1\n");
345 off += snprintf(dst + off, size - off,
"Generation 2\n");
348 off += snprintf(dst + off, size - off,
"Generation 3\n");
351 off += snprintf(dst + off, size - off,
"Unspecified\n");
354 off += snprintf(dst + off, size - off,
"RFU\n");
358 if ((pnai->szAtsLen - offset) > 0) {
359 uint8_t VCS = pnai->abtAts[offset];
361 off += snprintf(dst + off, size - off,
" * Specifics (Virtual Card Selection):\n");
362 if ((VCS & 0x09) == 0x00) {
363 off += snprintf(dst + off, size - off,
" * Only VCSL supported\n");
364 }
else if ((VCS & 0x09) == 0x01) {
365 off += snprintf(dst + off, size - off,
" * VCS, VCSL and SVC supported\n");
367 if ((VCS & 0x0e) == 0x00) {
368 off += snprintf(dst + off, size - off,
" * SL1, SL2(?), SL3 supported\n");
369 }
else if ((VCS & 0x0e) == 0x02) {
370 off += snprintf(dst + off, size - off,
" * SL3 only card\n");
371 }
else if ((VCS & 0x0f) == 0x0e) {
372 off += snprintf(dst + off, size - off,
" * No VCS command supported\n");
373 }
else if ((VCS & 0x0f) == 0x0f) {
374 off += snprintf(dst + off, size - off,
" * Unspecified\n");
376 off += snprintf(dst + off, size - off,
" * RFU\n");
382 off += snprintf(dst + off, size - off,
" * Tk after 0x00 consist of optional consecutive COMPACT-TLV data objects\n");
383 off += snprintf(dst + off, size - off,
" followed by a mandatory status indicator (the last three bytes, not in TLV)\n");
384 off += snprintf(dst + off, size - off,
" See ISO/IEC 7816-4 8.1.1.3 for more info\n");
387 off += snprintf(dst + off, size - off,
" * DIR data reference: %02x\n", pnai->abtAts[offset]);
390 if (pnai->szAtsLen == offset) {
391 off += snprintf(dst + off, size - off,
" * No COMPACT-TLV objects found, no status found\n");
393 off += snprintf(dst + off, size - off,
" * Tk after 0x80 consist of optional consecutive COMPACT-TLV data objects;\n");
394 off += snprintf(dst + off, size - off,
" the last data object may carry a status indicator of one, two or three bytes.\n");
395 off += snprintf(dst + off, size - off,
" See ISO/IEC 7816-4 8.1.1.3 for more info\n");
402 off += snprintf(dst + off, size - off,
"\nFingerprinting based on MIFARE type Identification Procedure:\n");
406 bool found_possible_match =
false;
408 atqa = (((uint16_t)pnai->abtAtqa[0] & 0xff) << 8);
409 atqa += (((uint16_t)pnai->abtAtqa[1] & 0xff));
410 sak = ((uint8_t)pnai->btSak & 0xff);
412 for (i = 0; i <
sizeof(const_ca) /
sizeof(const_ca[0]); i++) {
413 if ((atqa & const_ca[i].mask) == const_ca[i].atqa) {
414 for (j = 0; (j <
sizeof(const_ca[i].saklist)) && (const_ca[i].saklist[j] >= 0); j++) {
415 int sakindex = const_ca[i].saklist[j];
416 if ((sak & const_cs[sakindex].mask) == const_cs[sakindex].sak) {
417 off += snprintf(dst + off, size - off,
"* %s%s\n", const_ca[i].type, const_cs[sakindex].type);
418 found_possible_match =
true;
426 off += snprintf(dst + off, size - off,
"Other possible matches based on ATQA & SAK values:\n");
427 uint32_t atqasak = 0;
428 atqasak += (((uint32_t)pnai->abtAtqa[0] & 0xff) << 16);
429 atqasak += (((uint32_t)pnai->abtAtqa[1] & 0xff) << 8);
430 atqasak += ((uint32_t)pnai->btSak & 0xff);
433 off += snprintf(dst + off, size - off,
"* Mifare Classic 1K Infineon\n");
434 found_possible_match =
true;
437 off += snprintf(dst + off, size - off,
"* Gemplus MPCOS\n");
438 found_possible_match =
true;
441 off += snprintf(dst + off, size - off,
"* JCOP31\n");
442 found_possible_match =
true;
445 off += snprintf(dst + off, size - off,
"* JCOP31 v2.4.1\n");
446 off += snprintf(dst + off, size - off,
"* JCOP31 v2.2\n");
447 found_possible_match =
true;
450 off += snprintf(dst + off, size - off,
"* JCOP31 v2.3.1\n");
451 found_possible_match =
true;
454 off += snprintf(dst + off, size - off,
"* Fudan FM1208SH01\n");
455 found_possible_match =
true;
458 off += snprintf(dst + off, size - off,
"* Fudan FM1208\n");
459 found_possible_match =
true;
462 off += snprintf(dst + off, size - off,
"* MFC 4K emulated by Nokia 6212 Classic\n");
463 found_possible_match =
true;
466 off += snprintf(dst + off, size - off,
"* MFC 4K emulated by Nokia 6131 NFC\n");
467 found_possible_match =
true;
470 if (! found_possible_match) {
471 snprintf(dst + off, size - off,
"* Unknown card, sorry\n");
477 snprint_nfc_felica_info(
char *dst,
size_t size,
const nfc_felica_info *pnfi,
bool verbose)
481 off += snprintf(dst + off, size - off,
" ID (NFCID2): ");
482 off += snprint_hex(dst + off, size - off, pnfi->abtId, 8);
483 off += snprintf(dst + off, size - off,
" Parameter (PAD): ");
484 off += snprint_hex(dst + off, size - off, pnfi->abtPad, 8);
485 off += snprintf(dst + off, size - off,
" System Code (SC): ");
486 snprint_hex(dst + off, size - off, pnfi->abtSysCode, 2);
490 snprint_nfc_jewel_info(
char *dst,
size_t size,
const nfc_jewel_info *pnji,
bool verbose)
494 off += snprintf(dst + off, size - off,
" ATQA (SENS_RES): ");
495 off += snprint_hex(dst + off, size - off, pnji->btSensRes, 2);
496 off += snprintf(dst + off, size - off,
" 4-LSB JEWELID: ");
497 snprint_hex(dst + off, size - off, pnji->btId, 4);
500 #define PI_ISO14443_4_SUPPORTED 0x01
501 #define PI_NAD_SUPPORTED 0x01
502 #define PI_CID_SUPPORTED 0x02
504 snprint_nfc_iso14443b_info(
char *dst,
size_t size,
const nfc_iso14443b_info *pnbi,
bool verbose)
507 off += snprintf(dst + off, size - off,
" PUPI: ");
508 off += snprint_hex(dst + off, size - off, pnbi->
abtPupi, 4);
509 off += snprintf(dst + off, size - off,
" Application Data: ");
511 off += snprintf(dst + off, size - off,
" Protocol Info: ");
514 off += snprintf(dst + off, size - off,
"* Bit Rate Capability:\n");
516 off += snprintf(dst + off, size - off,
" * PICC supports only 106 kbits/s in both directions\n");
519 off += snprintf(dst + off, size - off,
" * Same bitrate in both directions mandatory\n");
522 off += snprintf(dst + off, size - off,
" * PICC to PCD, 1etu=64/fc, bitrate 212 kbits/s supported\n");
525 off += snprintf(dst + off, size - off,
" * PICC to PCD, 1etu=32/fc, bitrate 424 kbits/s supported\n");
528 off += snprintf(dst + off, size - off,
" * PICC to PCD, 1etu=16/fc, bitrate 847 kbits/s supported\n");
531 off += snprintf(dst + off, size - off,
" * PCD to PICC, 1etu=64/fc, bitrate 212 kbits/s supported\n");
534 off += snprintf(dst + off, size - off,
" * PCD to PICC, 1etu=32/fc, bitrate 424 kbits/s supported\n");
537 off += snprintf(dst + off, size - off,
" * PCD to PICC, 1etu=16/fc, bitrate 847 kbits/s supported\n");
540 off += snprintf(dst + off, size - off,
" * ERROR unknown value\n");
543 const int iMaxFrameSizes[] = { 16, 24, 32, 40, 48, 64, 96, 128, 256 };
544 off += snprintf(dst + off, size - off,
"* Maximum frame sizes: %d bytes\n", iMaxFrameSizes[((pnbi->
abtProtocolInfo[1] & 0xf0) >> 4)]);
547 off += snprintf(dst + off, size - off,
"* Protocol types supported: ISO/IEC 14443-4\n");
549 off += snprintf(dst + off, size - off,
"* Frame Waiting Time: %.4g ms\n", 256.0 * 16.0 * (1 << ((pnbi->
abtProtocolInfo[2] & 0xf0) >> 4)) / 13560.0);
550 if ((pnbi->
abtProtocolInfo[2] & (PI_NAD_SUPPORTED | PI_CID_SUPPORTED)) != 0) {
551 off += snprintf(dst + off, size - off,
"* Frame options supported: ");
552 if ((pnbi->
abtProtocolInfo[2] & PI_NAD_SUPPORTED) != 0) off += snprintf(dst + off, size - off,
"NAD ");
553 if ((pnbi->
abtProtocolInfo[2] & PI_CID_SUPPORTED) != 0) off += snprintf(dst + off, size - off,
"CID ");
554 snprintf(dst + off, size - off,
"\n");
560 snprint_nfc_iso14443bi_info(
char *dst,
size_t size,
const nfc_iso14443bi_info *pnii,
bool verbose)
563 off += snprintf(dst + off, size - off,
" DIV: ");
564 off += snprint_hex(dst + off, size - off, pnii->
abtDIV, 4);
566 int version = (pnii->
btVerLog & 0x1e) >> 1;
567 off += snprintf(dst + off, size - off,
" Software Version: ");
569 off += snprintf(dst + off, size - off,
"Undefined\n");
571 off += snprintf(dst + off, size - off,
"%i\n", version);
575 off += snprintf(dst + off, size - off,
" Wait Enable: yes");
579 off += snprintf(dst + off, size - off,
" ATS: ");
580 snprint_hex(dst + off, size - off, pnii->abtAtr, pnii->
szAtrLen);
585 snprint_nfc_iso14443b2sr_info(
char *dst,
size_t size,
const nfc_iso14443b2sr_info *pnsi,
bool verbose)
589 off += snprintf(dst + off, size - off,
" UID: ");
590 snprint_hex(dst + off, size - off, pnsi->abtUID, 8);
594 snprint_nfc_iso14443b2ct_info(
char *dst,
size_t size,
const nfc_iso14443b2ct_info *pnci,
bool verbose)
599 uid = (pnci->abtUID[3] << 24) + (pnci->abtUID[2] << 16) + (pnci->abtUID[1] << 8) + pnci->abtUID[0];
600 off += snprintf(dst + off, size - off,
" UID: ");
601 off += snprint_hex(dst + off, size - off, pnci->abtUID,
sizeof(pnci->abtUID));
602 off += snprintf(dst + off, size - off,
" UID (decimal): %010u\n", uid);
603 off += snprintf(dst + off, size - off,
" Product Code: %02X\n", pnci->btProdCode);
604 snprintf(dst + off, size - off,
" Fab Code: %02X\n", pnci->btFabCode);
608 snprint_nfc_dep_info(
char *dst,
size_t size,
const nfc_dep_info *pndi,
bool verbose)
612 off += snprintf(dst + off, size - off,
" NFCID3: ");
613 off += snprint_hex(dst + off, size - off, pndi->
abtNFCID3, 10);
614 off += snprintf(dst + off, size - off,
" BS: %02x\n", pndi->
btBS);
615 off += snprintf(dst + off, size - off,
" BR: %02x\n", pndi->
btBR);
616 off += snprintf(dst + off, size - off,
" TO: %02x\n", pndi->
btTO);
617 off += snprintf(dst + off, size - off,
" PP: %02x\n", pndi->
btPP);
619 off += snprintf(dst + off, size - off,
"General Bytes: ");
620 snprint_hex(dst + off, size - off, pndi->
abtGB, pndi->szGB);
625 snprint_nfc_target(
char *dst,
size_t size,
const nfc_target *pnt,
bool verbose)
629 off += snprintf(dst + off, size - off,
"%s (%s%s) target:\n",
str_nfc_modulation_type(pnt->nm.nmt),
str_nfc_baud_rate(pnt->nm.nbr), (pnt->nm.nmt != NMT_DEP) ?
"" : (pnt->nti.ndi.
ndm == NDM_ACTIVE) ?
"active mode" :
"passive mode");
630 switch (pnt->nm.nmt) {
632 snprint_nfc_iso14443a_info(dst + off, size - off, &pnt->nti.nai, verbose);
635 snprint_nfc_jewel_info(dst + off, size - off, &pnt->nti.nji, verbose);
638 snprint_nfc_felica_info(dst + off, size - off, &pnt->nti.nfi, verbose);
641 snprint_nfc_iso14443b_info(dst + off, size - off, &pnt->nti.nbi, verbose);
644 snprint_nfc_iso14443bi_info(dst + off, size - off, &pnt->nti.nii, verbose);
646 case NMT_ISO14443B2SR:
647 snprint_nfc_iso14443b2sr_info(dst + off, size - off, &pnt->nti.nsi, verbose);
649 case NMT_ISO14443B2CT:
650 snprint_nfc_iso14443b2ct_info(dst + off, size - off, &pnt->nti.nci, verbose);
653 snprint_nfc_dep_info(dst + off, size - off, &pnt->nti.ndi, verbose);