mfrc522 1.0.2 → 3.0.0

data/lib/mifare/key.rb

@@ -1,4 +1,4 @@
-module Mifare
+module MIFARE
   class Key
     attr_reader :type
     attr_reader :cipher_suite
@@ -12,25 +12,52 @@ module Mifare
       init_cipher
     end
 
+    # Padding Method according to ISO-9797
+    def padding_mode(mode)
+      if mode != 1 && mode != 2
+        raise UsageError, 'Unknown padding mode'
+      end
+      @padding_mode = mode
+    end
+
     def key
       @key.bytes
     end
 
-    def encrypt(data, cbc_mode = :send)
+    def encrypt(data, cbc_mode: :send, data_length: nil)
       @cipher.encrypt
 
       # Add padding if not a complete block
-      until data.size % @block_size == 0
-        data << 0x00
+      if data.size % @block_size != 0
+        raise UsageError, 'Padding mode not set' unless @padding_mode
+        data << 0x80 if @padding_mode == 2
+        until data.size % @block_size == 0
+          data << 0x00
+        end
       end
       
       cbc_crypt(data, cbc_mode)
     end
 
-    def decrypt(data, cbc_mode = :receive)
+    def decrypt(data, cbc_mode: :receive, data_length: nil)
       @cipher.decrypt
 
-      cbc_crypt(data, cbc_mode)
+      data = cbc_crypt(data, cbc_mode)
+      if @padding_mode == 1
+        data[0...data_length]
+      elsif @padding_mode == 2
+        str = data.pack('C*')
+        str.sub! /#{0x80.chr}#{0x00.chr}*\z/, ''
+        str.bytes
+      else
+        raise UsageError, 'Padding mode not set'
+      end
+    end
+
+    def set_iv(iv)
+      iv = iv.pack('C*')
+      raise UsageError, 'Incorrect IV length' if iv.size != @block_size
+      @cipher_iv = iv
     end
 
     def clear_iv
@@ -42,7 +69,7 @@ module Mifare
       data = Array.new(@block_size, 0)
 
       clear_iv
-      data = encrypt(data, :receive)
+      data = encrypt(data, cbc_mode: :receive)
 
       @cmac_subkey1 = bit_shift_left(data)
       @cmac_subkey1[-1] ^= r if data[0] & 0x80 != 0
@@ -53,7 +80,7 @@ module Mifare
 
     def calculate_cmac(data)
       if @cmac_subkey1.nil? || @cmac_subkey2.nil?
-        raise 'Generate subkeys before calculating CMAC'
+        raise UsageError, 'Generate subkeys before calculating CMAC'
       end
 
       # Separate from input object
@@ -92,7 +119,7 @@ module Mifare
 
       if key_type == :des
         if @key_size != 8 && @key_size != 16 && @key_size != 24
-          raise UnexpectedDataError, 'Incorrect key length'
+          raise UsageError, 'Incorrect key length'
         end
 
         # Data block size for DES is 8 bytes
@@ -114,7 +141,7 @@ module Mifare
 
       elsif key_type == :aes
         if @key_size != 16
-          raise UnexpectedDataError, 'Incorrect key length'
+          raise UsageError, 'Incorrect key length'
         end
 
         # data block size for AES is 16 bytes
@@ -122,7 +149,7 @@ module Mifare
         @key = key
         @cipher_suite = 'aes-128-cbc'
       else
-        raise UnexpectedDataError, 'Unknown key type'
+        raise UsageError, 'Unknown key type'
       end
 
       @key = @key.pack('C*')
@@ -162,7 +189,7 @@ module Mifare
 
         output_data.bytes
       else
-        raise UnexpectedDataError, 'Unknown CBC mode'
+        raise UsageError, 'Unknown CBC mode'
       end
     end
 

data/lib/mifare/plus.rb

@@ -0,0 +1,124 @@
+module MIFARE
+  class Plus < ::PICC
+    CMD_WRITE_PERSO       = 0xA8
+    CMD_COMMIT_PERSO      = 0xAA
+    CMD_MULTI_BLOCK_READ  = 0x38
+    CMD_MULTI_BLOCK_WRITE = 0xA8
+    CMD_FIRST_AUTH        = 0x70
+    CMD_SECOND_AUTH       = 0x72
+    CMD_FOLLOWING_AUTH    = 0x76
+    CMD_RESET_AUTH        = 0x78
+    CMD_VC_DESELECT       = 0x48
+    MF_ACK                = 0x0A
+
+    def initialize(pcd, uid, sak)
+      super
+      invalid_auth
+      reset_counter
+    end
+
+    def authed?
+      !@transaction_identifier.empty?
+    end
+
+    def transceive(cmd: , plain_data: [], data: [], tx: nil, rx: nil)
+      raise UsageError, 'Call `iso_select` before using commands' unless @iso_selected
+      iso_transceive(send_data)
+    end
+
+    def auth(key_number, auth_key)
+      cmd = authed? ? CMD_FOLLOWING_AUTH : CMD_FIRST_AUTH
+      auth_key.padding_mode(2)
+
+      buffer = [cmd].append_uint(key_number, 2)
+      buffer << 0x00 unless authed? # No PCDCaps2 to send
+
+      # Ask for authentication
+      received_data = iso_transceive(buffer)
+
+      # Receive challenge
+      auth_key.clear_iv
+      auth_key.set_iv(generate_iv(:decrypt)) if authed?
+      challenge = auth_key.decrypt(received_data)
+      challenge_rot = challenge.rotate
+
+      # Generate random number and encrypt it with rotated challenge
+      random_number = SecureRandom.random_bytes(received_data.size).bytes
+      auth_key.clear_iv
+      auth_key.set_iv(generate_iv(:encrypt)) if authed?
+      response = auth_key.encrypt(random_number + challenge_rot)
+
+      # Send challenge response
+      received_data = iso_transceive([CMD_SECOND_AUTH, *response])
+
+      # Check if verification matches rotated random_number
+      auth_key.clear_iv
+      auth_key.set_iv(generate_iv(:decrypt)) if authed?
+      verification = auth_key.decrypt(received_data)
+      @transaction_identifier = verification.shift(4)
+      response_rot = verification.shift(16)
+
+      if random_number.rotate != response_rot
+        raise ReceiptIntegrityError, 'Authentication Failed'
+      end
+
+      byte_a = random_number[11..15]
+      byte_b = challenge[11..15]
+      byte_c = random_number[4..8]
+      byte_d = challenge[4..8]
+      byte_e = random_number[7..11]
+      byte_f = challenge[7..11]
+      byte_g = random_number[0..4]
+      byte_h = challenge[0..4]
+      byte_i = byte_c.xor(byte_d)
+      byte_j = byte_g.xor(byte_h)
+
+      enc_key_base = byte_a + byte_b + byte_i + [0x11]
+      mac_key_base = byte_e + byte_f + byte_j + [0x22]
+
+      auth_key.clear_iv
+      auth_key.set_iv(generate_iv(:encrypt)) if authed?
+      enc_key = auth_key.encrypt(enc_key_base)
+      @enc_key = Key.new(:aes, enc_key)
+
+      auth_key.clear_iv
+      auth_key.set_iv(generate_iv(:encrypt)) if authed?
+      mac_key = auth_key.encrypt(mac_key_base)
+      @mac_key = Key.new(:aes, mac_key)
+
+      reset_counter
+    end
+
+    protected
+
+    def generate_iv(operation)
+      buffer = [].append_uint(@read_counter, 2).append_uint(@write_counter, 2)
+      buffer.concat(buffer, buffer)
+
+      if operation == :encrypt
+        buffer.unshift(@transaction_identifier)
+      elsif operation == :decrypt
+        buffer.concat(@transaction_identifier)
+      else
+        raise UsageError, 'Unknown operation mode'
+      end
+    end
+
+    def generate_mac_payload
+      
+    end
+
+    def reset_counter
+      @session_read_counter = 0
+      @read_counter = 0
+      @write_counter = 0
+    end
+
+    def invalid_auth
+      reset_counter
+      @transaction_identifier = []
+      @enc_key = nil
+      @mac_key = nil
+    end
+  end
+end

data/lib/mifare/plus_sl0.rb

@@ -0,0 +1,11 @@
+module MIFARE
+  module PlusSL0
+    def write_perso(block_addr, data)
+      transceive(cmd: CMD_WRITE_PERSO, data: [block_addr, *data])
+    end
+
+    def commit_perso
+      transceive(cmd: CMD_COMMIT_PERSO)
+    end
+  end
+end

data/lib/mifare/plus_sl3.rb

@@ -0,0 +1,11 @@
+module MIFARE
+  module PlusSL3
+    def read(addr, tx, rx)
+      
+    end
+
+    def write(addr, data, tx, rx)
+      
+    end
+  end
+end

data/lib/mifare/ultralight.rb

@@ -1,35 +1,77 @@
-module Mifare
+module MIFARE
   class Ultralight < ::PICC
-    CMD_READ        = 0x30  # Reads 4 pages(16 bytes) from the PICC.
-    CMD_WRITE       = 0xA2  # Writes 1 page(4 bytes) to the PICC.
-    CMD_3DES_AUTH   = 0x1A  # Ultralight C 3DES Authentication.
+    CMD_READ                = 0x30  # Reads 4 pages(16 bytes) from the PICC.
+    CMD_FAST_READ           = 0x3A  # Reads pages within requested range
+    CMD_WRITE               = 0xA2  # Writes 1 page(4 bytes) to the PICC.
+    CMD_COMP_WRITE          = 0xA0
+    CMD_READ_CNT            = 0x39
+    CMD_INCR_CNT            = 0xA5
+    CMD_PWD_AUTH            = 0x1B
+    CMD_3DES_AUTH           = 0x1A  # Ultralight C 3DES Authentication.
+    CMD_GET_VERSION         = 0x60
+    CMD_READ_SIG            = 0x3C
+    CMD_VCSL                = 0x4B
+    CMD_CHECK_TEARING_EVENT = 0x3E
+    MF_ACK                  = 0x0A  # Mifare Acknowledge
+
+    CARD_VERSION = Struct.new(
+      :vendor_id, :type, :subtype, :major_ver, :minor_ver, :storage_size, :protocol_type
+    )
 
     def initialize(pcd, uid, sak)
       super
-      @model_c = false
+      # Set transceive timeout to 15ms
+      @pcd.internal_timer(50)
+
+      # Maximum fast read range
+      @max_range = ((@pcd.buffer_size - 2) / 4).to_i
 
       # Check if Ultralight C
-      if support_3des_auth?
+      if @model_c = support_3des_auth?
         extend UltralightC
-        @model_c = true
+      end
+
+      unless @version = check_version
+        if version[:major_ver] == 0x01
+          extend UltralightEV1
+        end
       end
     end
 
-    def read(block_addr)
-      buffer = [CMD_READ, block_addr]
+    def transceive(send_data)
+      received_data, valid_bits = picc_transceive(send_data, false, true)
+      unless valid_bits == 0
+        raise UnexpectedDataError, 'Incorrect Mifare ACK format' if received_data.size != 1 || valid_bits != 4 # ACK is 4 bits long
+        raise MifareNakError, "Mifare NAK detected: 0x#{received_data[0].to_bytehex}" if received_data[0] != MF_ACK
+      end
+      received_data
+    end
 
-      @pcd.picc_transceive(buffer)
+    def read(block_addr)
+      transceive([CMD_READ, block_addr])
     end
 
     def write(page, send_data)
       if send_data.size != 4
-        raise UnexpectedDataError, "Expect 4 bytes data, got: #{send_data.size} byte"
+        raise UsageError, "Expect 4 bytes data, got: #{send_data.size} byte"
       end
 
-      buffer = [CMD_WRITE, page]
-      buffer.concat(send_data)
+      transceive([CMD_WRITE, page, *send_data])
+    end
+
+    def get_version
+      version = transceive([CMD_GET_VERSION])
+
+      expo = (version[6] >> 1) & 0x0F
+      if version[6] & 0x01 == 0
+        size = 1 << expo
+      else
+        size = (1 << expo) | (1 << (expo - 1))
+      end
 
-      @pcd.picc_transceive(buffer)
+      CARD_VERSION.new(
+        version[1], version[2], version[3], version[4], version[5], size, version[7]
+      )
     end
 
     def model_c?
@@ -38,20 +80,29 @@ module Mifare
 
     private
 
+    def check_version
+      begin
+        version = get_version
+      rescue CommunicationError
+        restart_communication
+        return nil
+      end
+      version
+    end
+
     # Check if PICC support Ultralight 3DES command
     def support_3des_auth?
       # Ask for authentication
       buffer = [CMD_3DES_AUTH, 0x00]
 
       begin
-        @pcd.picc_transceive(buffer)
+        transceive(buffer)
         result = true
       rescue CommunicationError
         result = false
       end
 
-      resume_communication
-
+      restart_communication
       result
     end
   end

data/lib/mifare/ultralight_c.rb

@@ -1,19 +1,18 @@
-module Mifare
+module MIFARE
   module UltralightC
-    CMD_3DES_AUTH = 0x1A # Ultralight C 3DES Authentication.
-
     def auth(auth_key)
       if auth_key.cipher_suite != 'des-ede-cbc'
-        raise UnexpectedDataError, 'Incorrect Auth Key Type'
+        raise UsageError, 'Incorrect Auth Key Type'
       end
 
       auth_key.clear_iv
+      auth_key.padding_mode(1)
 
       # Ask for authentication
       buffer = [CMD_3DES_AUTH, 0x00]
-      received_data = @pcd.picc_transceive(buffer)
+      received_data = transceive(buffer)
       card_status = received_data.shift
-      raise UnexpectedDataError, 'Incorrect response' if card_status != 0xAF
+      raise UnexpectedDataError, 'Auth failed: stage 1' if card_status != 0xAF
 
       challenge = auth_key.decrypt(received_data)
       challenge_rot = challenge.rotate
@@ -24,15 +23,15 @@ module Mifare
 
       # Send challenge response
       buffer = [0xAF] + response
-      received_data = @pcd.picc_transceive(buffer)
+      received_data = transceive(buffer)
       card_status = received_data.shift
-      raise UnexpectedDataError, 'Incorrect response' if card_status != 0x00
+      raise UnexpectedDataError, 'Auth failed: stage 2' if card_status != 0x00
 
       # Check if verification matches rotated random_number
       verification = auth_key.decrypt(received_data)
 
       if random_number.rotate != verification
-        halt
+        restart_communication
         return @authed = false
       end
 
@@ -40,14 +39,14 @@ module Mifare
     end
 
     def authed?
-      @authed
+      @authed || false
     end
 
     def write_des_key(key)
       # key should be 16 bytes long
       bytes = [key].pack('H*').bytes
       if bytes.size != 16
-        raise UnexpectedDataError, "Expect 16 bytes 3DES key, got: #{bytes.size} byte"
+        raise UsageError, "Expect 16 bytes 3DES key, got: #{bytes.size} byte"
       end
 
       # Key1
@@ -60,7 +59,7 @@ module Mifare
 
     def counter_increment(value)
       if value < 0
-        raise UnexpectedDataError, 'Expect positive integer for counter'
+        raise UsageError, 'Expect positive integer for counter'
       end
       # you can set any value between 0x0000 to 0xFFFF on the first write (initialize)
       # after initialized, counter can only be incremented by 0x01 ~ 0x0F
@@ -68,8 +67,8 @@ module Mifare
     end
 
     def enable_protection_from(block_addr)
-      if block_addr >= 0x03 && block_addr <= 0x30
-        raise UnexpectedDataError, 'Requested block beyond memory limit'
+      if block_addr < 0x03 || block_addr > 0x30
+        raise UsageError, 'Requested block beyond memory limit'
       end
       # authentication will be required from `block_addr` to 0x2F
       # valid value are from 0x03 to 0x30