X-Git-Url: https://hackdaworld.org/gitweb/?p=rfid%2Flibrfid.git;a=blobdiff_plain;f=gemtag%2Fgemtag.c;h=48dc427f47d7fd46da21be1c96a540505584c091;hp=9656f019614340014e29fde2c4ad931a744cb8f5;hb=d72a365a0f044de71ae7c13dd7782895f531a944;hpb=52d5cce98a304aff9e9e1f98e345432d7bf62a8d diff --git a/gemtag/gemtag.c b/gemtag/gemtag.c index 9656f01..48dc427 100644 --- a/gemtag/gemtag.c +++ b/gemtag/gemtag.c @@ -1,5 +1,5 @@ /* - * (C) 2006 by Frank Zirkelbach + * (C) 2006 by Frank Zirkelbach * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 @@ -24,12 +24,22 @@ #include #include "gemtag.h" +int asciidump(unsigned char *data,int len) { + int i; + + for(i=0;i0x19)&&(data[i]<0x7f)) printf("%c",data[i]); + else printf("_"); + //printf("\n"); + + return 0; +} + int hexdump(unsigned char *data,int len) { int i; - printf("dump: "); for(i=0;istart=0xa5; txhdr->seq=++(gh->seq); txhdr->cmd=cmd; - txhdr->len=htons(tx_len); + txhdr->len=tx_len; size=sizeof(struct gemtag_cmd_hdr); memcpy(txbuf+size,tx,tx_len); + size+=tx_len; /* crc check */ - gh->capabilities=GEMTAG_CAP_CRC; - if(gh->capabilities&GEMTAG_CAP_CRC) { - size+=tx_len; + if(gh->caps&GEMTAG_CAP_CRC) { crcptr=(u_int16_t *)(txbuf+size); - *crcptr=gemtag_calc_crc(txbuf,size); + crc=gemtag_calc_crc(txbuf,size); + //*crcptr=(crc>>8)|(crc<<8); + *crcptr=crc; size+=2; } /* usb write */ - hexdump(txbuf,size); - ret=usb_bulk_write(gh->handle,0x02,txbuf,size,0); - if(ret<0) { - perror("usb bulk write"); + if(gh->caps&GEMTAG_CAP_VERB_TRANSMIT) { + printf("(%02d) -> ",size); + hexdump(txbuf,size); + } + ret=usb_interrupt_write(gh->handle,0x02,txbuf,size,0); + if(ret<=0) { + perror("usb interrupt write"); return ret; } - printf("write of %d bytes successfull\n",ret); /* usb read */ - ret=usb_bulk_read(gh->handle,0x81,rxbuf,sizeof(rxbuf),0); - size=ret; - if(ret<0) { - perror("usb bulk read"); + ret=usb_interrupt_read(gh->handle,0x81,rxbuf,32,0); + if(ret<=0) { + perror("usb interrupt read"); return ret; } - printf("received %d bytes\n",ret); - - if(rxhdr->seq!=txhdr->seq) - puts("transmitted/recieved header are not equal"); + if(ret<5) { + if(gh->caps&GEMTAG_CAP_VERB_TRANSMIT) + return -SHORT_ANSWER; + } + + *rx_len=rxbuf[3]|(rxbuf[4]<<8); + size=*rx_len+sizeof(struct gemtag_cmd_hdr); + if(gh->caps&GEMTAG_CAP_CRC) size+=2; + + i=1; + rest=size-ret; + while(rest>=0) { + ret=usb_interrupt_read(gh->handle,0x81,rxbuf+i*32,32,0); + if(ret<=0) { + perror("usb interrupt read (missing bytes)"); + return ret; + } + i++; + rest-=ret; + } + + if(gh->caps&GEMTAG_CAP_VERB_TRANSMIT) { + printf("(%02d) <- ",size); + hexdump(rxbuf,size); + } /* crc check */ - + if(gh->caps&GEMTAG_CAP_CRC) { + size-=2; + crcptr=(u_int16_t *)(rxbuf+size); + crc=gemtag_calc_crc(rxbuf,size); + if(((crc>>8)!=rxbuf[size+1])||((crc&0xff)!=rxbuf[size])) + return -BAD_CRC; + } + + /* check sequence number */ + if(rxhdr->seq!=txhdr->seq) return -SEQ_MISMATCH; - *rx_len=ntohs(rxhdr->len); - memcpy(rx,rxbuf+sizeof(struct gemtag_cmd_hdr), - ret-sizeof(struct gemtag_cmd_hdr)+2); - hexdump(rxbuf,ret+2); + /* check return code */ + if(rxbuf[2]) return -CMD_FAILED; + + memcpy(rx,rxbuf+sizeof(struct gemtag_cmd_hdr),*rx_len); return 0; } struct gemtag_handle *gemtag_open(void) { struct usb_device *gemtag; - unsigned char rbuf[16]; - unsigned int rlen; - unsigned int i,numconf; - unsigned int j,numint; + unsigned int i; struct gemtag_handle *gh; - - rlen=sizeof(rbuf); + char info[64]; usb_init(); usb_find_busses(); usb_find_devices(); - gemtag=find_device(USB_VENDOR_GEMTAG, USB_DEVICE_X501); + gemtag=find_device(USB_VENDOR_GEMTAG,USB_DEVICE_X501); if(!gemtag) return NULL; gh=malloc(sizeof(struct gemtag_handle)); @@ -160,46 +198,34 @@ struct gemtag_handle *gemtag_open(void) { memset(gh,0,sizeof(struct gemtag_handle)); - numconf=gemtag->descriptor.bNumConfigurations; - printf("found gemtag, %u configuration(s)\n",numconf); - for(i=0;iconfig[i].bNumInterfaces; - printf("config %u [nr %u] has %u interface(s)\n", - i,gemtag->config[i].bConfigurationValue, - numint); - for(j=0;jconfig[i].interface[j].num_altsetting); - } - } - gh->handle=usb_open(gemtag); if(!gh->handle) goto out_free; - puts("usb_open successfull"); + + for(i=1;i<4;i++) { + memset(info,0,sizeof(info)); + usb_get_string_simple(gh->handle,i,info,sizeof(info)); + printf("%s ",info); + } + printf("opened successfully\n"); if(usb_set_configuration(gh->handle,1)) { perror("set config"); goto out_free; } - puts("configuration 1 successfully set"); + printf("set configuration 1, "); if(usb_claim_interface(gh->handle,0)) { perror("claim interface"); goto out_free; } - puts("interface 0 claimed"); + printf("claimed interface 0\n"); -/* if(usb_set_altinterface(gh->handle,1)) { + /* + if(usb_set_altinterface(gh->handle,0)) perror("set alt interface"); - goto out_free; - } - puts("alt setting 1 selected"); -*/ - - gh->capabilities|=GEMTAG_CAP_CRC; - - gemtag_transcieve(gh,0x22,NULL,0,rbuf,&rlen); + printf("activated alt setting 0\n"); + */ return gh; @@ -207,13 +233,125 @@ out_free: free(gh); return NULL; } + +int gemtag_close(struct gemtag_handle *gh) { + + if(gh->handle) usb_close(gh->handle); + if(gh) free(gh); + + return 0; +} + +int gemtag_transform_mifare_key(struct gemtag_handle *gh, + unsigned char *key6,unsigned char *key12) { + + unsigned int len; + + gemtag_transceive(gh,GEMTAG_CMD_HOST_CODE_KEY,key6,6,key12,&len); + + return 0; +} + +int gemtag_auth_mifare_key(struct gemtag_handle *gh, + unsigned char *key6,int sector) { + + unsigned char key12[12]; + unsigned char buf[32]; + unsigned int len,ret; + + gemtag_transform_mifare_key(gh,key6,key12); + + buf[0]=0x60; /* auth mode */ + memcpy(buf+1,gh->serial,4); /* sreial */ + memcpy(buf+5,key12,12); /* transformed key */ + buf[17]=sector; /* sector */ + ret=gemtag_transceive(gh,GEMTAG_CMD_PICC_AUTH_KEY,buf,18, + buf,&len); + if(ret) return -AUTH_FAILED; + + return 0; +} + +int gemtag_read16(struct gemtag_handle *gh,int sector, + unsigned char *data) { + + unsigned char buf[32]; + int len,ret; + + buf[0]=sector; + ret=gemtag_transceive(gh,GEMTAG_CMD_PICC_READ, + buf,1,data,&len); + if(ret) return -READ_FAILED; + + return 0; +} + +int gemtag_pick_picc(struct gemtag_handle *gh) { + + unsigned char buf[16]; + unsigned int len; + int ret; + + buf[0]=GEMTAG_PICC_REQIDL; + ret=gemtag_transceive(gh,GEMTAG_CMD_PICC_REQUEST,buf,1,buf,&len); + if(ret) return -NO_PICC; + + buf[0]=GEMTAG_PICC_STD_SELECT_CODE; + memset(buf+1,0,5); + ret=gemtag_transceive(gh,GEMTAG_CMD_PICC_CASC_ANTICOLL,buf,6,buf,&len); + if(ret) return -NO_PICC; + memcpy(gh->serial,buf,4); + + buf[0]=GEMTAG_PICC_STD_SELECT_CODE; + memcpy(buf+1,gh->serial,4); + ret=gemtag_transceive(gh,GEMTAG_CMD_PICC_CASC_SELECT,buf,5,buf,&len); + if(ret) return -PICC_SELECT_ERROR; + + return 0; +} int main(int argc, char **argv) { struct gemtag_handle *gh; + unsigned char buf[256]; + unsigned char key6[6]; + int i; gh=gemtag_open(); - return 1; + gh->caps|=GEMTAG_CAP_CRC; + //gh->caps|=GEMTAG_CAP_VERB_TRANSMIT; + + /* + printf("Device:\n"); + gemtag_transceive(gh,GEMTAG_CMD_GET_FW_VERSION, + NULL,0,buf,&buflen); + asciidump(buf,buflen); + printf("\n"); + */ + + if(gemtag_pick_picc(gh)) { + printf("no card found!\n"); + return -NO_PICC; + } + + memset(key6,0xff,6); + printf("\nreading sectors ... (serial: %02x %02x %02x %02x)\n\n", + gh->serial[3],gh->serial[2],gh->serial[1],gh->serial[0]); + for(i=0;i<256;i++) { + gemtag_auth_mifare_key(gh,key6,i); + if(!gemtag_read16(gh,i,buf)) { + printf("%02x: ",i++); + hexdump(buf,16); + printf(" | "); + asciidump(buf,16); + printf("\n"); + } + else return 0; + } + + gemtag_close(gh); + + return 0; }