cleanup access condition traler and mark possible usage of key b for data

[perl-Mifare-MAD.git] / mifare-mad.pl

diff --git a/mifare-mad.pl b/mifare-mad.pl
index 6a1012c..027e6fc 100755 (executable)
--- a/mifare-mad.pl
+++ b/mifare-mad.pl
@@ -44,14 +44,14 @@ my $access_condition_data = {
 };
 
 my $access_condition_trailer = {
-0b000 => 'R/W: KEYSECXA:-/A ACCESS COND:A-/- KEYSECXB:A/A',
-0b010 => 'R/W: KEYSECXA:-/- ACCESS COND:A-/- KEYSECXB:A/-',
-0b100 => 'R/W: KEYSECXA:-/B ACCESS COND:AB/- KEYSECXB:-/B',
-0b110 => 'R/W: KEYSECXA:-/- ACCESS COND:AB/- KEYSECXB:-/-',
-0b001 => 'R/W: KEYSECXA:-/A ACCESS COND:A-/A KEYSECXB:A/A',
-0b011 => 'R/W: KEYSECXA:-/B ACCESS COND:AB/B KEYSECXB:-/B',
-0b101 => 'R/W: KEYSECXA:-/- ACCESS COND:AB/B KEYSECXB:-/-',
-0b111 => 'R/W: KEYSECXA:-/- ACCESS COND:AB/- KEYSECXB:-/-',
+0b000 => 'R/W: KEYA:-/A ACCESS:A-/- DATB:A/A ?',
+0b010 => 'R/W: KEYA:-/- ACCESS:A-/- DATB:A/- ?'.
+0b100 => 'R/W: KEYA:-/B ACCESS:AB/- KEYB:-/B',
+0b110 => 'R/W: KEYA:-/- ACCESS:AB/- KEYB:-/-',
+0b001 => 'R/W: KEYA:-/A ACCESS:A-/A DATB:A/A ?',
+0b011 => 'R/W: KEYA:-/B ACCESS:AB/B KEYB:-/B',
+0b101 => 'R/W: KEYA:-/- ACCESS:AB/B KEYB:-/-',
+0b111 => 'R/W: KEYA:-/- ACCESS:AB/- KEYB:-/-',
 };
 
 
@@ -66,17 +66,65 @@ my $card = <>;
 die "expected 4096 bytes, got ",length($card), " bytes\n"
        unless length $card == 4096;
 
+my ( $ADV, $MA, $DA );
+
 foreach my $i ( 0 .. 15 ) {
-       my $v = unpack('v',(substr($card, 0x10 + ( $i * 2 ), 2)));
-       my $cluster_id = unpack('HH', (( $v & 0xff00 ) >> 8) );
-       my $full_id = sprintf "%04x",$v;
-       printf "MAD sector %-2d %04x [%s]\n%s\n", $i, $v
-               , $function_clusters->{ $cluster_id }
-               , $mad_id->{$full_id} || "FIXME: add $full_id from MAD_overview.pdf to __DATA__ at end of $0"
-               ;
 
        my $pos = 0x40 * $i;
 
+       if ( $i == 0 ) {
+               printf "manufacturer block\nSerial number: %s\nCB: %s\nmanufacturer data: %s\n"
+                       , unpack('H*',substr($card,0,4))
+                       , unpack('H*',substr($card,4,1))
+                       , unpack('H*',substr($card,5,11))
+                       ;
+               # General purpose byte (GPB)
+               my $gdp = ord(substr($card,0x39,1));
+               $ADV = $gdp & 0b00000011;
+               $MA  = $gdp & 0b01000000;
+               $DA  = $gdp & 0b10000000;
+               printf "ADV (MAD version code): %d\n", $ADV;
+               printf "MA (multiapplication): %s\n",  $MA ? 'yes' : 'monoaplication';
+               printf "DA (MAD available): %s\n",     $DA ? 'yes' : 'no';
+
+               printf "Info byte (publisher sector): %x\n", ord(substr($card,0x11,1));
+       } elsif ( $DA ) {
+               my $mad_offset = 0x10 + ( $i * 2 );
+               my $v = unpack('v',(substr($card, $mad_offset, 2)));
+               my $cluster_id = unpack('HH', (( $v & 0xff00 ) >> 8) );
+               my $full_id = sprintf "%04x",$v;
+               printf "MAD sector %-2d@%x %04x [%s]\n%s\n", $i, $mad_offset, $v
+                       , $function_clusters->{ $cluster_id }
+                       , $mad_id->{$full_id} || "FIXME: add $full_id from MAD_overview.pdf to __DATA__ at end of $0"
+                       ;
+
+               if ( $v == 0x0004 ) {
+                       # RLE encoded card holder information
+                       my $data = substr( $card, $pos, 0x30);
+                       my $o = 0;
+                       my $types = {
+                               0b00 => 'surname',
+                               0b01 => 'given name',
+                               0b10 => 'sex',
+                               0b11 => 'any',
+                       };
+                       while ( substr($data,$o,1) ne "\x00" ) {
+                               my $len = ord(substr($data,$o,1));
+                               my $type = ( $len & 0b11000000 ) >> 6;
+                               $len     =   $len & 0b00111111;
+                               my $dump = substr($data,$o+1,$len-1);
+                               $dump = '0x' . unpack('H*', $dump) if $type == 0b11; # any
+                               printf "%-10s %2d %s\n", $types->{$type}, $len, $dump;
+                               $o += $len + 1;
+                       }
+               } elsif ( $v == 0x0015 ) {
+                       printf "Card number: %s\n", unpack('h*',substr($card,$pos + 0x04,6));
+               }
+
+       } else {
+               printf "# sector %-2d\n", $i;
+       }
+
        my $c1 = ( ord(substr($card,$pos+0x37,1)) & 0xf0 ) >> 4;
        my $c2 = ( ord(substr($card,$pos+0x38,1)) & 0x0f );
        my $c3 = ( ord(substr($card,$pos+0x38,1)) & 0xf0 ) >> 4;
@@ -92,42 +140,29 @@ foreach my $i ( 0 .. 15 ) {
                        ;
                $cond >>= $j;
 
-               printf "%04x %s %03b %s\n", $offset, unpack('H*',$block)
+               my $hex = unpack('H*',$block);
+               $hex =~ s/(....)/$1 /g;
+
+               if ( $ENV{SWAP} && $j < 3 ) {
+                       my $hex_sw = unpack('h*',$block);
+                       $hex_sw =~ s/(....)/$1 /g;
+                       $hex .= " | $hex_sw";
+               }
+
+               printf "%04x  %s %03b %s\n", $offset, $hex
                        , $cond
                        , $j < 3 ? $access_condition_data->{$cond} : $access_condition_trailer->{$cond}
                        ;
        }
 
 
-       printf "KEY A:%s | %s | B:%s\n"
+       printf "KEY A:%s | %s GDP: %s | B:%s\n"
                ,unpack('H*',substr($card,$pos+0x30   ,6))
-               ,unpack('H*',substr($card,$pos+0x30+6 ,4))
+               ,unpack('H*',substr($card,$pos+0x30+6 ,3))
+               ,unpack('H*',substr($card,$pos+0x30+9 ,1))
                ,unpack('H*',substr($card,$pos+0x30+10,6))
                ;
 
-       if ( $v == 0x0004 ) {
-               # RLE encoded card holder information
-               my $data = substr( $card, $pos, 0x30);
-               my $o = 0;
-               my $types = {
-                       0b00 => 'surname',
-                       0b01 => 'given name',
-                       0b10 => 'sex',
-                       0b11 => 'any',
-               };
-               while ( substr($data,$o,1) ne "\x00" ) {
-                       my $len = ord(substr($data,$o,1));
-                       my $type = ( $len & 0b11000000 ) >> 6;
-                       $len     =   $len & 0b00111111;
-                       my $dump = substr($data,$o+1,$len-1);
-                       $dump = '0x' . unpack('H*', $dump) if $type == 0b11; # any
-                       printf "%-10s %2d %s\n", $types->{$type}, $len, $dump;
-                       $o += $len + 1;
-               }
-       } elsif ( $v == 0x0015 ) {
-               printf "Card number: %s\n", unpack('h*',substr($card,$pos + 0x04,6));
-       }
-
        print "\n";
 
 }
@@ -184,11 +219,12 @@ E8    computer
 F0    mail
 F8-FF miscellaneous applications
 
-0000   sector free
-0001   sector defective
-0002   sector reserved
-0003   DIR continuted
-0004   card holder
+0000   sector is free
+0001   sector is defect, e.g. access keys are destroyed or unknown
+0002   sector is reserved
+0003   sector contains additional directory info (useful only for future cards)
+0004   sector contains card holder information in ASCII format.
+0005   sector not applicable (above memory size)
 
 0015 - card administration MIKROELEKTRONIKA spol.s.v.MIKROELEKTRONIKA spol.s.v.o. worldwide 1 01.02.2007 Card publisher info
 0016 - card administration Mikroelektronika spol.s.r.o., Kpt.Mikroelektronika spol.s.r.o., Kpt. PoEurope    1 10.10.2007 Issuer information