2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License version 2
4 * as published by the Free Software Foundation
6 * This program is distributed in the hope that it will be useful,
7 * but WITHOUT ANY WARRANTY; without even the implied warranty of
8 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
9 * GNU General Public License for more details.
11 * You should have received a copy of the GNU General Public License
12 * along with this program; if not, write to the Free Software
13 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
25 #include <librfid/rfid.h>
26 #include <librfid/rfid_reader.h>
27 #include <librfid/rfid_layer2.h>
28 #include <librfid/rfid_protocol.h>
30 #include <librfid/rfid_protocol_mifare_classic.h>
31 #include <librfid/rfid_protocol_mifare_ul.h>
33 #define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
36 hexdump(const void *data, unsigned int len)
38 static char string[1024];
39 unsigned char *d = (unsigned char *) data;
43 left = sizeof(string);
44 for (i = 0; len--; i += 3) {
45 if (i >= sizeof(string) -4)
47 snprintf(string+i, 4, " %02x", *d++);
52 static struct rfid_reader_handle *rh;
53 static struct rfid_layer2_handle *l2h;
54 static struct rfid_protocol_handle *ph;
58 unsigned char buf[0x3f];
61 printf("initializing librfid\n");
64 printf("opening reader handle\n");
65 rh = rfid_reader_open(NULL, RFID_READER_CM5121);
67 fprintf(stderr, "error, no cm5121 handle\n");
71 printf("opening layer2 handle\n");
72 l2h = rfid_layer2_init(rh, RFID_LAYER2_ISO14443A);
73 //l2h = rfid_layer2_init(rh, RFID_LAYER2_ISO14443B);
75 fprintf(stderr, "error during iso14443a_init\n");
79 //rc632_register_dump(rh->ah, buf);
81 printf("running layer2 anticol\n");
82 rc = rfid_layer2_open(l2h);
84 fprintf(stderr, "error during layer2_open\n");
91 static int l3(int protocol)
93 printf("running layer3 (ats)\n");
94 ph = rfid_protocol_init(l2h, protocol);
96 fprintf(stderr, "error during protocol_init\n");
99 if (rfid_protocol_open(ph) < 0) {
100 fprintf(stderr, "error during protocol_open\n");
104 printf("we now have layer3 up and running\n");
109 static int select_mf(void)
111 unsigned char cmd[] = { 0x00, 0xa4, 0x00, 0x00, 0x02, 0x3f, 0x00, 0x00 };
112 unsigned char ret[256];
113 unsigned int rlen = sizeof(ret);
117 rv = rfid_protocol_transcieve(ph, cmd, sizeof(cmd), ret, &rlen, 0, 0);
121 printf("%d: [%s]\n", rlen, hexdump(ret, rlen));
127 static int iso7816_get_challenge(unsigned char len)
129 unsigned char cmd[] = { 0x00, 0x84, 0x00, 0x00, 0x08 };
130 unsigned char ret[256];
131 unsigned int rlen = sizeof(ret);
137 rv = rfid_protocol_transcieve(ph, cmd, sizeof(cmd), ret, &rlen, 0, 0);
141 printf("%d: [%s]\n", rlen, hexdump(ret, rlen));
147 iso7816_select_application(void)
149 unsigned char cmd[] = { 0x00, 0xa4, 0x04, 0x0c, 0x07,
150 0xa0, 0x00, 0x00, 0x02, 0x47, 0x10, 0x01 };
151 unsigned char resp[7];
152 unsigned int rlen = sizeof(resp);
156 rv = rfid_protocol_transcieve(ph, cmd, sizeof(cmd), resp, &rlen, 0, 0);
160 /* FIXME: parse response */
161 printf("%s\n", hexdump(resp, rlen));
167 iso7816_select_ef(u_int16_t fid)
169 unsigned char cmd[7] = { 0x00, 0xa4, 0x02, 0x0c, 0x02, 0x00, 0x00 };
170 unsigned char resp[7];
171 unsigned int rlen = sizeof(resp);
175 cmd[5] = (fid >> 8) & 0xff;
178 rv = rfid_protocol_transcieve(ph, cmd, sizeof(cmd), resp, &rlen, 0, 0);
182 /* FIXME: parse response */
183 printf("%s\n", hexdump(resp, rlen));
189 iso7816_read_binary(unsigned char *buf, unsigned int *len)
191 unsigned char cmd[] = { 0x00, 0xb0, 0x00, 0x00, 0x00 };
192 unsigned char resp[256];
193 unsigned int rlen = sizeof(resp);
197 rv = rfid_protocol_transcieve(ph, cmd, sizeof(cmd), resp, &rlen, 0, 0);
201 printf("%s\n", hexdump(resp, rlen));
203 /* FIXME: parse response, determine whether we need additional reads */
205 /* FIXME: copy 'len' number of response bytes to 'buf' */
209 /* wrapper function around SELECT EF and READ BINARY */
211 iso7816_read_ef(u_int16_t fid, unsigned char *buf, unsigned int *len)
215 rv = iso7816_select_ef(fid);
219 return iso7816_read_binary(buf, len);
222 /* mifare ultralight helpers */
224 mifare_ulight_write(struct rfid_protocol_handle *ph)
226 unsigned char buf[4] = { 0xa1, 0xa2, 0xa3, 0xa4 };
228 return rfid_protocol_write(ph, 10, buf, 4);
232 mifare_ulight_blank(struct rfid_protocol_handle *ph)
234 unsigned char buf[4] = { 0x00, 0x00, 0x00, 0x00 };
237 for (i = 4; i <= MIFARE_UL_PAGE_MAX; i++) {
238 ret = rfid_protocol_write(ph, i, buf, 4);
246 mifare_ulight_read(struct rfid_protocol_handle *ph)
248 unsigned char buf[20];
249 unsigned int len = sizeof(buf);
253 for (i = 0; i <= MIFARE_UL_PAGE_MAX; i++) {
254 ret = rfid_protocol_read(ph, i, buf, &len);
258 printf("Page 0x%x: %s\n", i, hexdump(buf, 4));
263 /* mifare classic helpers */
265 mifare_classic_read_sector(struct rfid_protocol_handle *ph, int sector)
267 unsigned char buf[20];
268 unsigned int len = sizeof(buf);
272 /* FIXME: make this work for sectors > 31 */
273 printf("reading sector %u\n", sector);
275 for (block = sector*4; block < sector*4+4; block++) {
276 printf("reading block %u\n", block);
277 ret = rfid_protocol_read(ph, block, buf, &len);
278 if(ret == -ETIMEDOUT)
279 fprintf(stderr, "TIMEOUT\n");
283 printf("Page 0x%x: %s\n", block, hexdump(buf, len));
288 static char *proto_names[] = {
289 [RFID_PROTOCOL_TCL] = "tcl",
290 [RFID_PROTOCOL_MIFARE_UL] = "mifare-ultralight",
291 [RFID_PROTOCOL_MIFARE_CLASSIC] = "mifare-classic",
294 static int proto_by_name(const char *name)
298 for (i = 0; i < ARRAY_SIZE(proto_names); i++) {
299 if (proto_names[i] == NULL)
301 if (!strcasecmp(name, proto_names[i]))
307 static void help(void)
309 printf(" -p --protocol {tcl,mifare-ultralight,mifare-classic}\n");
312 static struct option opts[] = {
313 { "help", 0, 0, 'h' },
314 { "protocol", 1, 0, 'p' },
318 int main(int argc, char **argv)
322 int i, protocol = -1;
324 printf("librfid_tool - (C) 2006 by Harald Welte\n"
325 "This program is Free Software and has ABSOLUTELY NO WARRANTY\n\n");
328 int c, option_index = 0;
329 c = getopt_long(argc, argv, "hp:", opts, &option_index);
335 protocol = proto_by_name(optarg);
337 fprintf(stderr, "unknown protocol `%s'\n", optarg);
349 fprintf(stderr, "you have to specify --protocol\n");
356 if (l3(protocol) < 0)
363 case RFID_PROTOCOL_TCL:
364 printf("Protocol T=CL\n");
365 /* we've established T=CL at this point */
366 printf("selecting Master File\n");
369 printf("error selecting MF\n");
373 printf("Getting random challenge, length 255\n");
374 rc = iso7816_get_challenge(0xff);
376 printf("error getting random challenge\n");
380 printf("selecting Passport application\n");
381 rc = iso7816_select_application();
383 printf("error selecting passport application\n");
387 printf("selecting EF 0x1e\n");
388 rc = iso7816_select_ef(0x011e);
390 printf("error selecting EF 0x1e\n");
394 printf("selecting EF 0x01\n");
395 rc = iso7816_select_ef(0x0101);
397 printf("error selecting EF 0x01\n");
402 printf("reading EF1\n");
404 printf("reading ef\n");
405 rc = iso7816_read_binary(buf, &len);
407 printf("error reading EF\n");
412 for (i = 0; i < 4; i++)
413 iso7816_get_challenge(0xff);
416 case RFID_PROTOCOL_MIFARE_UL:
417 printf("Protocol Mifare Ultralight\n");
418 mifare_ulight_read(ph);
420 mifare_ulight_blank(ph);
421 mifare_ulight_write(ph);
422 mifare_ulight_read(ph);
425 case RFID_PROTOCOL_MIFARE_CLASSIC:
426 printf("Protocol Mifare Classic\n");
429 for (sector = 1; sector < 31; sector++) {
430 rc = mfcl_set_key(ph, MIFARE_CL_KEYA_DEFAULT_INFINEON);
432 printf("key format error\n");
435 rc = mfcl_auth(ph, RFID_CMD_MIFARE_AUTH1A, sector*4);
437 printf("mifare auth error\n");
440 printf("mifare authe succeeded!\n");
442 mifare_classic_read_sector(ph, sector);
447 printf("unknown protocol\n");
452 rfid_reader_close(rh);