diff --git a/picopass/picopass_device.c b/picopass/picopass_device.c index 66831e0e..8a40248f 100644 --- a/picopass/picopass_device.c +++ b/picopass/picopass_device.c @@ -20,10 +20,17 @@ const char unknown_block[] = "?? ?? ?? ?? ?? ?? ?? ??"; PicopassDevice* picopass_device_alloc() { PicopassDevice* picopass_dev = malloc(sizeof(PicopassDevice)); + picopass_dev->dev_data.auth = PicopassDeviceAuthMethodUnset; picopass_dev->dev_data.pacs.legacy = false; picopass_dev->dev_data.pacs.se_enabled = false; + picopass_dev->dev_data.pacs.sio = false; + picopass_dev->dev_data.pacs.biometrics = false; + memset(picopass_dev->dev_data.pacs.key, 0, sizeof(picopass_dev->dev_data.pacs.key)); picopass_dev->dev_data.pacs.elite_kdf = false; picopass_dev->dev_data.pacs.pin_length = 0; + picopass_dev->dev_data.pacs.bitLength = 0; + memset( + picopass_dev->dev_data.pacs.credential, 0, sizeof(picopass_dev->dev_data.pacs.credential)); picopass_dev->storage = furi_record_open(RECORD_STORAGE); picopass_dev->dialogs = furi_record_open(RECORD_DIALOGS); picopass_dev->load_path = furi_string_alloc(); @@ -422,8 +429,8 @@ void picopass_device_data_clear(PicopassDeviceData* dev_data) { memset(dev_data->card_data[i].data, 0, sizeof(dev_data->card_data[i].data)); dev_data->card_data[i].valid = false; } - memset(dev_data->pacs.credential, 0, sizeof(dev_data->pacs.credential)); + dev_data->auth = PicopassDeviceAuthMethodUnset; dev_data->pacs.legacy = false; dev_data->pacs.se_enabled = false; dev_data->pacs.elite_kdf = false; diff --git a/picopass/picopass_device.h b/picopass/picopass_device.h index 53edcd71..78ed6645 100644 --- a/picopass/picopass_device.h +++ b/picopass/picopass_device.h @@ -74,6 +74,14 @@ typedef enum { PicopassDeviceSaveFormatPartial, } PicopassDeviceSaveFormat; +typedef enum { + PicopassDeviceAuthMethodUnset, + PicopassDeviceAuthMethodNone, // unsecured picopass + PicopassDeviceAuthMethodKey, + PicopassDeviceAuthMethodNrMac, + PicopassDeviceAuthMethodFailed, +} PicopassDeviceAuthMethod; + typedef enum { PicopassEmulatorStateHalt, PicopassEmulatorStateIdle, @@ -105,6 +113,7 @@ typedef struct { typedef struct { PicopassBlock card_data[PICOPASS_MAX_APP_LIMIT]; PicopassPacs pacs; + PicopassDeviceAuthMethod auth; } PicopassDeviceData; typedef struct { diff --git a/picopass/protocol/picopass_poller.c b/picopass/protocol/picopass_poller.c index 4c9b74d2..eafb26ed 100644 --- a/picopass/protocol/picopass_poller.c +++ b/picopass/protocol/picopass_poller.c @@ -162,6 +162,7 @@ NfcCommand picopass_poller_check_security(PicopassPoller* instance) { case PICOPASS_FUSE_CRYPT0: FURI_LOG_D(TAG, "Non-secured page, skipping auth"); instance->secured = false; + instance->data->auth = PicopassDeviceAuthMethodNone; picopass_poller_prepare_read(instance); instance->state = PicopassPollerStateReadBlock; return command; @@ -193,6 +194,8 @@ NfcCommand picopass_poller_check_security(PicopassPoller* instance) { FURI_LOG_D(TAG, "SE enabled"); } + // Assume failure since we must auth, correct value will be set on success + instance->data->auth = PicopassDeviceAuthMethodFailed; if(instance->mode == PicopassPollerModeRead) { // Always try the NR-MAC auth in case we have the file. instance->state = PicopassPollerStateNrMacAuth; @@ -295,6 +298,7 @@ NfcCommand picopass_poller_nr_mac_auth(PicopassPoller* instance) { PicopassCheckResp check_resp = {}; error = picopass_poller_check(instance, nr_mac, &mac, &check_resp); if(error == PicopassErrorNone) { + instance->data->auth = PicopassDeviceAuthMethodNrMac; memcpy(instance->mac.data, mac.data, sizeof(PicopassMac)); if(instance->mode == PicopassPollerModeRead) { picopass_poller_prepare_read(instance); @@ -383,6 +387,7 @@ NfcCommand picopass_poller_auth_handler(PicopassPoller* instance) { error = picopass_poller_check(instance, NULL, &mac, &check_resp); if(error == PicopassErrorNone) { FURI_LOG_I(TAG, "Found key"); + instance->data->auth = PicopassDeviceAuthMethodKey; memcpy(instance->mac.data, mac.data, sizeof(PicopassMac)); if(instance->mode == PicopassPollerModeRead) { memcpy( diff --git a/picopass/scenes/picopass_scene_read_card_success.c b/picopass/scenes/picopass_scene_read_card_success.c index 6c303374..a6d9ba2a 100644 --- a/picopass/scenes/picopass_scene_read_card_success.c +++ b/picopass/scenes/picopass_scene_read_card_success.c @@ -2,6 +2,8 @@ #include #include +#define TAG "PicopassSceneReadCardSuccess" + void picopass_scene_read_card_success_widget_callback( GuiButtonType result, InputType type, @@ -27,6 +29,28 @@ void picopass_scene_read_card_success_on_enter(void* context) { // Send notification notification_message(picopass->notifications, &sequence_success); + // For initial testing, print auth method + switch(picopass->dev->dev_data.auth) { + case PicopassDeviceAuthMethodUnset: + FURI_LOG_D(TAG, "Auth: Unset"); + break; + case PicopassDeviceAuthMethodNone: + FURI_LOG_D(TAG, "Auth: None"); + break; + case PicopassDeviceAuthMethodKey: + FURI_LOG_D(TAG, "Auth: Key"); + break; + case PicopassDeviceAuthMethodNrMac: + FURI_LOG_D(TAG, "Auth: NR-MAC"); + break; + case PicopassDeviceAuthMethodFailed: + FURI_LOG_D(TAG, "Auth: Failed"); + break; + default: + FURI_LOG_D(TAG, "Auth: Unknown"); + break; + }; + // Setup view PicopassBlock* card_data = picopass->dev->dev_data.card_data; PicopassPacs* pacs = &picopass->dev->dev_data.pacs;