1 /* librfid-tool - a small command-line tool for librfid testing
3 * (C) 2005-2006 by Harald Welte <laforge@gnumonks.org>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2
7 * as published by the Free Software Foundation
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 /*#include <libgen.h>*/
29 #include <librfid/rfid.h>
30 #include <librfid/rfid_scan.h>
31 #include <librfid/rfid_reader.h>
32 #include <librfid/rfid_layer2.h>
33 #include <librfid/rfid_protocol.h>
35 #include <librfid/rfid_protocol_mifare_classic.h>
36 #include <librfid/rfid_protocol_mifare_ul.h>
38 #include "librfid-tool.h"
41 static int select_mf(void)
43 unsigned char cmd[] = { 0x00, 0xa4, 0x00, 0x00, 0x02, 0x3f, 0x00, 0x00 };
44 unsigned char ret[256];
45 unsigned int rlen = sizeof(ret);
49 rv = rfid_protocol_transceive(ph, cmd, sizeof(cmd), ret, &rlen, 0, 0);
53 printf("%d: [%s]\n", rlen, hexdump(ret, rlen));
59 static int iso7816_get_challenge(unsigned char len)
61 unsigned char cmd[] = { 0x00, 0x84, 0x00, 0x00, 0x08 };
62 unsigned char ret[256];
63 unsigned int rlen = sizeof(ret);
69 rv = rfid_protocol_transceive(ph, cmd, sizeof(cmd), ret, &rlen, 0, 0);
73 printf("%d: [%s]\n", rlen, hexdump(ret, rlen));
79 iso7816_select_application(void)
81 unsigned char cmd[] = { 0x00, 0xa4, 0x04, 0x0c, 0x07,
82 0xa0, 0x00, 0x00, 0x02, 0x47, 0x10, 0x01 };
83 unsigned char resp[7];
84 unsigned int rlen = sizeof(resp);
88 rv = rfid_protocol_transceive(ph, cmd, sizeof(cmd), resp, &rlen, 0, 0);
92 /* FIXME: parse response */
93 printf("%s\n", hexdump(resp, rlen));
99 iso7816_select_ef(u_int16_t fid)
101 unsigned char cmd[7] = { 0x00, 0xa4, 0x02, 0x0c, 0x02, 0x00, 0x00 };
102 unsigned char resp[7];
103 unsigned int rlen = sizeof(resp);
107 cmd[5] = (fid >> 8) & 0xff;
110 rv = rfid_protocol_transceive(ph, cmd, sizeof(cmd), resp, &rlen, 0, 0);
114 /* FIXME: parse response */
115 printf("%s\n", hexdump(resp, rlen));
121 iso7816_read_binary(unsigned char *buf, unsigned int *len)
123 unsigned char cmd[] = { 0x00, 0xb0, 0x00, 0x00, 0x00 };
124 unsigned char resp[256];
125 unsigned int rlen = sizeof(resp);
129 rv = rfid_protocol_transceive(ph, cmd, sizeof(cmd), resp, &rlen, 0, 0);
133 printf("%s\n", hexdump(resp, rlen));
135 /* FIXME: parse response, determine whether we need additional reads */
137 /* FIXME: copy 'len' number of response bytes to 'buf' */
141 /* wrapper function around SELECT EF and READ BINARY */
143 iso7816_read_ef(u_int16_t fid, unsigned char *buf, unsigned int *len)
147 rv = iso7816_select_ef(fid);
151 return iso7816_read_binary(buf, len);
154 /* mifare ultralight helpers */
156 mifare_ulight_write(struct rfid_protocol_handle *ph)
158 unsigned char buf[4] = { 0xa1, 0xa2, 0xa3, 0xa4 };
160 return rfid_protocol_write(ph, 10, buf, 4);
164 mifare_ulight_blank(struct rfid_protocol_handle *ph)
166 unsigned char buf[4] = { 0x00, 0x00, 0x00, 0x00 };
169 for (i = 4; i <= MIFARE_UL_PAGE_MAX; i++) {
170 ret = rfid_protocol_write(ph, i, buf, 4);
178 mifare_ulight_read(struct rfid_protocol_handle *ph)
180 unsigned char buf[20];
181 unsigned int len = sizeof(buf);
185 for (i = 0; i <= MIFARE_UL_PAGE_MAX; i++) {
186 ret = rfid_protocol_read(ph, i, buf, &len);
190 printf("Page 0x%x: %s\n", i, hexdump(buf, 4));
195 /* mifare classic helpers */
197 mifare_classic_read_sector(struct rfid_protocol_handle *ph, int sector)
199 unsigned char buf[20];
200 unsigned int len = sizeof(buf);
204 /* FIXME: make this work for sectors > 31 */
205 printf("Reading sector %u\n", sector);
207 for (block = sector*4; block < sector*4+4; block++) {
208 printf("Reading block %u: ", block);
209 ret = rfid_protocol_read(ph, block, buf, &len);
210 if(ret == -ETIMEDOUT)
211 fprintf(stderr, "TIMEOUT\n");
213 printf("Error %d reading\n", ret);
217 printf("Page 0x%x: %s\n", block, hexdump(buf, len));
222 static char *proto_names[] = {
223 [RFID_PROTOCOL_TCL] = "tcl",
224 [RFID_PROTOCOL_MIFARE_UL] = "mifare-ultralight",
225 [RFID_PROTOCOL_MIFARE_CLASSIC] = "mifare-classic",
228 static int proto_by_name(const char *name)
232 for (i = 0; i < ARRAY_SIZE(proto_names); i++) {
233 if (proto_names[i] == NULL)
235 if (!strcasecmp(name, proto_names[i]))
241 static char *l2_names[] = {
242 [RFID_LAYER2_ISO14443A] = "iso14443a",
243 [RFID_LAYER2_ISO14443B] = "iso14443b",
244 [RFID_LAYER2_ISO15693] = "iso15693",
247 static int l2_by_name(const char *name)
251 for (i = 0; i < ARRAY_SIZE(l2_names); i++) {
252 if (l2_names[i] == NULL)
254 if (!strcasecmp(name, l2_names[i]))
260 static void do_scan(void)
264 unsigned int size_len = sizeof(size);
266 printf("scanning for RFID token...\n");
267 rc = rfid_scan(rh, &l2h, &ph);
269 unsigned char uid_buf[16];
270 unsigned int uid_len = sizeof(uid_buf);
271 rfid_layer2_getopt(l2h, RFID_OPT_LAYER2_UID, &uid_buf,
273 printf("Layer 2 success (%s): %s\n", rfid_layer2_name(l2h),
274 hexdump(uid_buf, uid_len));
277 printf("Protocol success (%s)\n", rfid_protocol_name(ph));
279 if (rfid_protocol_getopt(ph, RFID_OPT_PROTO_SIZE,
280 &size, &size_len) == 0)
281 printf("Size: %u bytes\n", size);
285 #define OPTION_OFFSET 256
287 static struct option original_opts[] = {
288 { "help", 0, 0, 'h' },
289 { "layer2", 1, 0, 'l' },
290 { "protocol", 1, 0, 'p' },
291 { "scan", 0, 0, 's' },
292 { "scan-loop", 0, 0, 'S' },
296 /* module / option merging code */
297 static struct option *opts = original_opts;
298 static unsigned int global_option_offset = 0;
300 static char *program_name;
301 static char *program_version = LIBRFID_TOOL_VERSION;
303 static void free_opts(int reset_offset)
305 if (opts != original_opts) {
307 opts = original_opts;
309 global_option_offset = 0;
313 static struct option *
314 merge_options(struct option *oldopts, const struct option *newopts,
315 unsigned int *option_offset)
317 unsigned int num_old, num_new, i;
318 struct option *merge;
320 for (num_old = 0; oldopts[num_old].name; num_old++);
321 for (num_new = 0; oldopts[num_new].name; num_new++);
323 global_option_offset += OPTION_OFFSET;
324 *option_offset = global_option_offset;
326 merge = malloc(sizeof(struct option) * (num_new + num_old + 1));
327 memcpy(merge, oldopts, num_old * sizeof(struct option));
328 free_opts(0); /* Release previous options merged if any */
329 for (i = 0; i < num_new; i++) {
330 merge[num_old + i] = newopts[i];
331 merge[num_old + i].val += *option_offset;
333 memset(merge + num_old + num_new, 0, sizeof(struct option));
338 struct rfidtool_module *find_module(const char *name)
343 void register_module(struct rfidtool_module *me)
345 struct rfidtool_module *old;
347 if (strcmp(me->version, program_version) != 0) {
348 fprintf(stderr, "%s: target `%s' v%s (I'm v%s).\n",
349 program_name, me->name, me->version, program_version);
353 old = find_module(me->name);
355 fprintf(stderr, "%s: target `%s' already registered.\n",
356 program_name, me->name);
361 static void help(void)
363 printf( " -s --scan scan until first RFID tag is found\n"
364 " -S --scan-loop endless scanning loop\n"
365 " -p --protocol {tcl,mifare-ultralight,mifare-classic}\n"
366 " -l --layer2 {iso14443a,iso14443b,iso15693}\n"
370 int main(int argc, char **argv)
374 int i, len, protocol = -1, layer2 = -1;
377 program_name = argv[0];
378 #else /*__MINGW32__*/
379 program_name = basename(argv[0]);
380 #endif/*__MINGW32__*/
382 printf("%s - (C) 2006 by Harald Welte\n"
383 "This program is Free Software and has "
384 "ABSOLUTELY NO WARRANTY\n\n", program_name);
386 printf("initializing librfid\n");
390 int c, option_index = 0;
391 c = getopt_long(argc, argv, "hp:l:sS", opts, &option_index);
397 if (reader_init() < 0)
403 if (reader_init() < 0)
410 protocol = proto_by_name(optarg);
412 fprintf(stderr, "unknown protocol `%s'\n",
418 layer2 = l2_by_name(optarg);
420 fprintf(stderr, "unknown layer2 `%s'\n",
433 case RFID_PROTOCOL_MIFARE_UL:
434 case RFID_PROTOCOL_MIFARE_CLASSIC:
435 layer2 = RFID_LAYER2_ISO14443A;
438 fprintf(stderr, "you have to specify --protocol\n");
443 fprintf(stderr, "you have to specify --layer2\n");
447 if (reader_init() < 0)
450 if (l2_init(layer2) < 0)
453 if (l3_init(protocol) < 0)
458 case RFID_PROTOCOL_TCL:
459 printf("Protocol T=CL\n");
460 /* we've established T=CL at this point */
461 printf("selecting Master File\n");
464 printf("error selecting MF\n");
468 printf("Getting random challenge, length 255\n");
469 rc = iso7816_get_challenge(0xff);
471 printf("error getting random challenge\n");
475 printf("selecting Passport application\n");
476 rc = iso7816_select_application();
478 printf("error selecting passport application\n");
482 printf("selecting EF 0x1e\n");
483 rc = iso7816_select_ef(0x011e);
485 printf("error selecting EF 0x1e\n");
489 printf("selecting EF 0x01\n");
490 rc = iso7816_select_ef(0x0101);
492 printf("error selecting EF 0x01\n");
497 printf("reading EF1\n");
499 printf("reading ef\n");
500 rc = iso7816_read_binary(buf, &len);
502 printf("error reading EF\n");
507 for (i = 0; i < 4; i++)
508 iso7816_get_challenge(0xff);
511 case RFID_PROTOCOL_MIFARE_UL:
512 printf("Protocol Mifare Ultralight\n");
513 mifare_ulight_read(ph);
515 mifare_ulight_blank(ph);
516 mifare_ulight_write(ph);
517 mifare_ulight_read(ph);
520 case RFID_PROTOCOL_MIFARE_CLASSIC:
521 printf("Protocol Mifare Classic\n");
524 for (sector = 0; sector < 31; sector++) {
525 printf("Authenticating sector %u: ", sector);
527 rc = mfcl_set_key(ph, MIFARE_CL_KEYA_DEFAULT_INFINEON);
529 printf("key format error\n");
532 rc = mfcl_auth(ph, RFID_CMD_MIFARE_AUTH1A, sector*4);
534 printf("mifare auth error\n");
537 printf("mifare auth succeeded!\n");
539 mifare_classic_read_sector(ph, sector);
544 printf("unknown protocol\n");
549 rfid_reader_close(rh);