1 /* librfid-tool - a small command-line tool for librfid testing
3 * (C) 2005-2006 by Harald Welte <laforge@gnumonks.org>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2
7 * as published by the Free Software Foundation
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
28 #include <librfid/rfid.h>
29 #include <librfid/rfid_scan.h>
30 #include <librfid/rfid_reader.h>
31 #include <librfid/rfid_layer2.h>
32 #include <librfid/rfid_protocol.h>
34 #include <librfid/rfid_protocol_mifare_classic.h>
35 #include <librfid/rfid_protocol_mifare_ul.h>
37 #define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
40 hexdump(const void *data, unsigned int len)
42 static char string[1024];
43 unsigned char *d = (unsigned char *) data;
47 left = sizeof(string);
48 for (i = 0; len--; i += 3) {
49 if (i >= sizeof(string) -4)
51 snprintf(string+i, 4, " %02x", *d++);
56 static struct rfid_reader_handle *rh;
57 static struct rfid_layer2_handle *l2h;
58 static struct rfid_protocol_handle *ph;
61 printf("opening reader handle\n");
62 rh = rfid_reader_open(NULL, RFID_READER_CM5121);
64 fprintf(stderr, "No Omnikey Cardman 5121 found\n");
65 rh = rfid_reader_open(NULL, RFID_READER_OPENPCD);
67 fprintf(stderr, "No OpenPCD found either\n");
73 static int init(int layer2)
75 unsigned char buf[0x3f];
79 printf("opening layer2 handle\n");
80 l2h = rfid_layer2_init(rh, layer2);
82 fprintf(stderr, "error during iso14443a_init\n");
86 //rc632_register_dump(rh->ah, buf);
88 printf("running layer2 anticol\n");
89 rc = rfid_layer2_open(l2h);
91 fprintf(stderr, "error during layer2_open\n");
98 static int l3(int protocol)
100 printf("running layer3 (ats)\n");
101 ph = rfid_protocol_init(l2h, protocol);
103 fprintf(stderr, "error during protocol_init\n");
106 if (rfid_protocol_open(ph) < 0) {
107 fprintf(stderr, "error during protocol_open\n");
111 printf("we now have layer3 up and running\n");
116 static int select_mf(void)
118 unsigned char cmd[] = { 0x00, 0xa4, 0x00, 0x00, 0x02, 0x3f, 0x00, 0x00 };
119 unsigned char ret[256];
120 unsigned int rlen = sizeof(ret);
124 rv = rfid_protocol_transceive(ph, cmd, sizeof(cmd), ret, &rlen, 0, 0);
128 printf("%d: [%s]\n", rlen, hexdump(ret, rlen));
134 static int iso7816_get_challenge(unsigned char len)
136 unsigned char cmd[] = { 0x00, 0x84, 0x00, 0x00, 0x08 };
137 unsigned char ret[256];
138 unsigned int rlen = sizeof(ret);
144 rv = rfid_protocol_transceive(ph, cmd, sizeof(cmd), ret, &rlen, 0, 0);
148 printf("%d: [%s]\n", rlen, hexdump(ret, rlen));
154 iso7816_select_application(void)
156 unsigned char cmd[] = { 0x00, 0xa4, 0x04, 0x0c, 0x07,
157 0xa0, 0x00, 0x00, 0x02, 0x47, 0x10, 0x01 };
158 unsigned char resp[7];
159 unsigned int rlen = sizeof(resp);
163 rv = rfid_protocol_transceive(ph, cmd, sizeof(cmd), resp, &rlen, 0, 0);
167 /* FIXME: parse response */
168 printf("%s\n", hexdump(resp, rlen));
174 iso7816_select_ef(u_int16_t fid)
176 unsigned char cmd[7] = { 0x00, 0xa4, 0x02, 0x0c, 0x02, 0x00, 0x00 };
177 unsigned char resp[7];
178 unsigned int rlen = sizeof(resp);
182 cmd[5] = (fid >> 8) & 0xff;
185 rv = rfid_protocol_transceive(ph, cmd, sizeof(cmd), resp, &rlen, 0, 0);
189 /* FIXME: parse response */
190 printf("%s\n", hexdump(resp, rlen));
196 iso7816_read_binary(unsigned char *buf, unsigned int *len)
198 unsigned char cmd[] = { 0x00, 0xb0, 0x00, 0x00, 0x00 };
199 unsigned char resp[256];
200 unsigned int rlen = sizeof(resp);
204 rv = rfid_protocol_transceive(ph, cmd, sizeof(cmd), resp, &rlen, 0, 0);
208 printf("%s\n", hexdump(resp, rlen));
210 /* FIXME: parse response, determine whether we need additional reads */
212 /* FIXME: copy 'len' number of response bytes to 'buf' */
216 /* wrapper function around SELECT EF and READ BINARY */
218 iso7816_read_ef(u_int16_t fid, unsigned char *buf, unsigned int *len)
222 rv = iso7816_select_ef(fid);
226 return iso7816_read_binary(buf, len);
229 /* mifare ultralight helpers */
231 mifare_ulight_write(struct rfid_protocol_handle *ph)
233 unsigned char buf[4] = { 0xa1, 0xa2, 0xa3, 0xa4 };
235 return rfid_protocol_write(ph, 10, buf, 4);
239 mifare_ulight_blank(struct rfid_protocol_handle *ph)
241 unsigned char buf[4] = { 0x00, 0x00, 0x00, 0x00 };
244 for (i = 4; i <= MIFARE_UL_PAGE_MAX; i++) {
245 ret = rfid_protocol_write(ph, i, buf, 4);
253 mifare_ulight_read(struct rfid_protocol_handle *ph)
255 unsigned char buf[20];
256 unsigned int len = sizeof(buf);
260 for (i = 0; i <= MIFARE_UL_PAGE_MAX; i++) {
261 ret = rfid_protocol_read(ph, i, buf, &len);
265 printf("Page 0x%x: %s\n", i, hexdump(buf, 4));
270 /* mifare classic helpers */
272 mifare_classic_read_sector(struct rfid_protocol_handle *ph, int sector)
274 unsigned char buf[20];
275 unsigned int len = sizeof(buf);
279 /* FIXME: make this work for sectors > 31 */
280 printf("reading sector %u\n", sector);
282 for (block = sector*4; block < sector*4+4; block++) {
283 printf("reading block %u\n", block);
284 ret = rfid_protocol_read(ph, block, buf, &len);
285 if(ret == -ETIMEDOUT)
286 fprintf(stderr, "TIMEOUT\n");
290 printf("Page 0x%x: %s\n", block, hexdump(buf, len));
295 static char *proto_names[] = {
296 [RFID_PROTOCOL_TCL] = "tcl",
297 [RFID_PROTOCOL_MIFARE_UL] = "mifare-ultralight",
298 [RFID_PROTOCOL_MIFARE_CLASSIC] = "mifare-classic",
301 static int proto_by_name(const char *name)
305 for (i = 0; i < ARRAY_SIZE(proto_names); i++) {
306 if (proto_names[i] == NULL)
308 if (!strcasecmp(name, proto_names[i]))
314 static char *l2_names[] = {
315 [RFID_LAYER2_ISO14443A] = "iso14443a",
316 [RFID_LAYER2_ISO14443B] = "iso14443b",
317 [RFID_LAYER2_ISO15693] = "iso15693",
320 static int l2_by_name(const char *name)
324 for (i = 0; i < ARRAY_SIZE(l2_names); i++) {
325 if (l2_names[i] == NULL)
327 if (!strcasecmp(name, l2_names[i]))
333 static void help(void)
335 printf( " -s --scan\n"
336 " -p --protocol {tcl,mifare-ultralight,mifare-classic}\n"
337 " -l --layer2 {iso14443a,iso14443b,iso15693}\n"
341 static struct option opts[] = {
342 { "help", 0, 0, 'h' },
343 { "layer2", 1, 0, 'l' },
344 { "protocol", 1, 0, 'p' },
348 int main(int argc, char **argv)
352 int i, protocol = -1, layer2 = -1;
354 printf("librfid_tool - (C) 2006 by Harald Welte\n"
355 "This program is Free Software and has "
356 "ABSOLUTELY NO WARRANTY\n\n");
358 printf("initializing librfid\n");
362 int c, option_index = 0;
363 c = getopt_long(argc, argv, "hp:l:s", opts, &option_index);
371 printf("scanning for RFID token...\n");
372 i = rfid_scan(rh, &l2h, &ph);
376 protocol = proto_by_name(optarg);
378 fprintf(stderr, "unknown protocol `%s'\n",
384 layer2 = l2_by_name(optarg);
386 fprintf(stderr, "unknown layer2 `%s'\n",
399 case RFID_PROTOCOL_MIFARE_UL:
400 case RFID_PROTOCOL_MIFARE_CLASSIC:
401 layer2 = RFID_LAYER2_ISO14443A;
404 fprintf(stderr, "you have to specify --protocol\n");
409 fprintf(stderr, "you have to specify --layer2\n");
416 if (init(layer2) < 0)
419 if (l3(protocol) < 0)
426 case RFID_PROTOCOL_TCL:
427 printf("Protocol T=CL\n");
428 /* we've established T=CL at this point */
429 printf("selecting Master File\n");
432 printf("error selecting MF\n");
436 printf("Getting random challenge, length 255\n");
437 rc = iso7816_get_challenge(0xff);
439 printf("error getting random challenge\n");
443 printf("selecting Passport application\n");
444 rc = iso7816_select_application();
446 printf("error selecting passport application\n");
450 printf("selecting EF 0x1e\n");
451 rc = iso7816_select_ef(0x011e);
453 printf("error selecting EF 0x1e\n");
457 printf("selecting EF 0x01\n");
458 rc = iso7816_select_ef(0x0101);
460 printf("error selecting EF 0x01\n");
465 printf("reading EF1\n");
467 printf("reading ef\n");
468 rc = iso7816_read_binary(buf, &len);
470 printf("error reading EF\n");
475 for (i = 0; i < 4; i++)
476 iso7816_get_challenge(0xff);
479 case RFID_PROTOCOL_MIFARE_UL:
480 printf("Protocol Mifare Ultralight\n");
481 mifare_ulight_read(ph);
483 mifare_ulight_blank(ph);
484 mifare_ulight_write(ph);
485 mifare_ulight_read(ph);
488 case RFID_PROTOCOL_MIFARE_CLASSIC:
489 printf("Protocol Mifare Classic\n");
492 for (sector = 1; sector < 31; sector++) {
493 rc = mfcl_set_key(ph, MIFARE_CL_KEYA_DEFAULT_INFINEON);
495 printf("key format error\n");
498 rc = mfcl_auth(ph, RFID_CMD_MIFARE_AUTH1A, sector*4);
500 printf("mifare auth error\n");
503 printf("mifare authe succeeded!\n");
505 mifare_classic_read_sector(ph, sector);
510 printf("unknown protocol\n");
515 rfid_reader_close(rh);