00001
00002
00003
00004
00005
00006
00007 #include <ccid.h>
00008 #include <list.h>
00009 #include <emv.h>
00010 #include <ber.h>
00011 #include <ctype.h>
00012 #include "emv-internal.h"
00013
00014 static const struct _emv_tag unknown_soldier = {
00015 .t_tag = 0x00,
00016 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BINARY,
00017 .t_label = "UNKNOWN",
00018 };
00019
00020 static const struct _emv_tag tags[] = {
00021 {.t_tag = EMV_TAG_MAGSTRIP_TRACK2,
00022 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BINARY,
00023 .t_label = "Magnetic Strip Track 2 Equivalent"},
00024 {.t_tag = EMV_TAG_PAN,
00025 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BCD,
00026 .t_min = 0, .t_max = 10,
00027 .t_label = "Primary Account Number"},
00028 {.t_tag = EMV_TAG_RECORD,
00029 .t_type = EMV_DATA_BINARY,
00030 .t_label = "Application Record"},
00031 {.t_tag = EMV_TAG_CDOL1,
00032 .t_type = EMV_DATA_ATOMIC | EMV_DATA_DOL | EMV_DATA_BINARY,
00033 .t_label = "Card Risk Management DOL1"},
00034 {.t_tag = EMV_TAG_CDOL2,
00035 .t_type = EMV_DATA_ATOMIC | EMV_DATA_DOL | EMV_DATA_BINARY,
00036 .t_label = "Card Risk Management DOL2"},
00037 {.t_tag = EMV_TAG_CVM_LIST,
00038 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BINARY,
00039 .t_label = "Cardholder Verification Method List"},
00040 {.t_tag = EMV_TAG_CA_PK_INDEX,
00041 .t_type = EMV_DATA_ATOMIC | EMV_DATA_INT,
00042 .t_min = 1, .t_max = 1,
00043 .t_label = "CA Public Key Index"},
00044 {.t_tag = EMV_TAG_ISS_PK_CERT,
00045 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BINARY,
00046 .t_label = "Issuer Public Key Certificate"},
00047 {.t_tag = EMV_TAG_ISS_PK_R,
00048 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BINARY,
00049 .t_label = "Issuer Public Key Remainder"},
00050 {.t_tag = EMV_TAG_SSA_DATA,
00051 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BINARY,
00052 .t_label = "Signed Static Authentication Data"},
00053 {.t_tag = EMV_TAG_CARDHOLDER_NAME,
00054 .t_type = EMV_DATA_ATOMIC | EMV_DATA_TEXT,
00055 .t_label = "Cardholder Name"},
00056 {.t_tag = EMV_TAG_DATE_EXP,
00057 .t_type = EMV_DATA_ATOMIC | EMV_DATA_DATE,
00058 .t_min = 3, .t_max = 3,
00059 .t_label = "Card Expiry Date"},
00060 {.t_tag = EMV_TAG_DATE_EFF,
00061 .t_type = EMV_DATA_ATOMIC | EMV_DATA_DATE,
00062 .t_min = 3, .t_max = 3,
00063 .t_label = "Card Effective Date"},
00064 {.t_tag = EMV_TAG_ISSUER_COUNTRY,
00065 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BCD,
00066 .t_min = 2, .t_max = 2,
00067 .t_label = "Issuer Country Code"},
00068 {.t_tag = EMV_TAG_SERVICE_CODE,
00069 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BCD,
00070 .t_min = 2, .t_max = 2,
00071 .t_label = "Service Code"},
00072 {.t_tag = EMV_TAG_PAN_SEQ,
00073 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BCD,
00074 .t_min = 1, .t_max = 1,
00075 .t_label = "PAN Sequence Number"},
00076 {.t_tag = EMV_TAG_USAGE_CONTROL,
00077 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BINARY,
00078 .t_min = 2, .t_max = 2,
00079 .t_label = "Application Usage Control"},
00080 {.t_tag = EMV_TAG_APP_VER,
00081 .t_type = EMV_DATA_ATOMIC | EMV_DATA_INT,
00082 .t_min = 2, .t_max = 2,
00083 .t_label = "Application Version Number"},
00084 {.t_tag = EMV_TAG_IAC_DEFAULT,
00085 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BINARY,
00086 .t_min = 5, .t_max = 5,
00087 .t_label = "Issuer Action Code (Default)"},
00088 {.t_tag = EMV_TAG_IAC_DENY,
00089 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BINARY,
00090 .t_min = 5, .t_max = 5,
00091 .t_label = "Issuer Action Code (Deny)"},
00092 {.t_tag = EMV_TAG_IAC_ONLINE,
00093 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BINARY,
00094 .t_min = 5, .t_max = 5,
00095 .t_label = "Issuer Action Code (Online)"},
00096 {.t_tag = EMV_TAG_MAGSTRIP_TRACK1,
00097 .t_type = EMV_DATA_ATOMIC | EMV_DATA_TEXT,
00098 .t_label = "Magnetic Strip Track 1 Discretionary"},
00099 {.t_tag = EMV_TAG_ISS_PK_EXP,
00100 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BINARY,
00101 .t_min = 1,
00102 .t_label = "Issuer Public Key Exponent"},
00103 {.t_tag = EMV_TAG_CURRENCY_EXP,
00104 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BINARY,
00105 .t_label = "Application Currency Exponent"},
00106 {.t_tag = EMV_TAG_ICC_PK_CERT,
00107 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BINARY,
00108 .t_label = "ICC Public Key Certificate"},
00109 {.t_tag = EMV_TAG_ICC_PK_EXP,
00110 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BINARY,
00111 .t_min = 1,
00112 .t_label = "ICC Public Key Exponent"},
00113 {.t_tag = EMV_TAG_ICC_PK_R,
00114 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BINARY,
00115 .t_label = "ICC Public Key Remainder"},
00116 {.t_tag = EMV_TAG_DDOL,
00117 .t_type = EMV_DATA_ATOMIC | EMV_DATA_DOL | EMV_DATA_BINARY,
00118 .t_label = "Dynamic Data Object List"},
00119 {.t_tag = EMV_TAG_SDA_TAG_LIST,
00120 .t_type = EMV_DATA_ATOMIC | EMV_DATA_BINARY,
00121 .t_label = "SDA Tag List"},
00122 };
00123 static const unsigned int num_tags = sizeof(tags)/sizeof(*tags);
00124
00125 static const struct _emv_tag *find_tag(uint16_t id)
00126 {
00127 const struct _emv_tag *t = tags;
00128 unsigned int n = num_tags;
00129
00130 while ( n ) {
00131 unsigned int i;
00132 int cmp;
00133
00134 i = n / 2U;
00135 cmp = id - t[i].t_tag;
00136 if ( cmp < 0 ) {
00137 n = i;
00138 }else if ( cmp > 0 ) {
00139 t = t + (i + 1U);
00140 n = n - (i + 1U);
00141 }else
00142 return t + i;
00143 }
00144
00145 return &unknown_soldier;
00146 }
00147
00148 static const struct _emv_data *find_data(struct _emv_data **db,
00149 unsigned int num, uint16_t id)
00150 {
00151 struct _emv_data **d = db;
00152 unsigned int n = num_tags;
00153
00154 while ( n ) {
00155 unsigned int i;
00156 int cmp;
00157
00158 i = n / 2U;
00159 cmp = id - d[i]->d_id;
00160 if ( cmp < 0 ) {
00161 n = i;
00162 }else if ( cmp > 0 ) {
00163 d = d + (i + 1U);
00164 n = n - (i + 1U);
00165 }else
00166 return d[i];
00167 }
00168
00169 return NULL;
00170 }
00171
00172 const struct _emv_data *_emv_retrieve_data(emv_t e, uint16_t id)
00173 {
00174 return find_data(e->e_db.db_elem, e->e_db.db_nmemb, id);
00175 }
00176
00177 emv_data_t emv_retrieve_data(emv_t e, uint16_t id)
00178 {
00179 return find_data(e->e_db.db_elem, e->e_db.db_nmemb, id);
00180 }
00181
00182 emv_data_t *emv_data_children(emv_data_t d, unsigned int *nmemb)
00183 {
00184 *nmemb = d->d_nmemb;
00185 return (emv_data_t *)d->d_elem;
00186 }
00187
00188 emv_data_t *emv_retrieve_records(emv_t e, unsigned int *nmemb)
00189 {
00190 *nmemb = e->e_db.db_numrec;
00191 return (emv_data_t *)e->e_db.db_rec;
00192 }
00193
00194 const uint8_t *emv_data(emv_data_t d, size_t *len)
00195 {
00196 *len = d->d_len;
00197 return d->d_data;
00198 }
00199
00200 unsigned int emv_data_type(emv_data_t d)
00201 {
00202 return d->d_tag->t_type & EMV_DATA_TYPE_MASK;
00203 }
00204
00205 uint16_t emv_data_tag(emv_data_t d)
00206 {
00207 return d->d_id;
00208 }
00209
00210 const char *emv_data_tag_label(emv_data_t d)
00211 {
00212 return (d->d_tag == &unknown_soldier) ? NULL : d->d_tag->t_label;
00213 }
00214
00215 int emv_data_int(emv_data_t d)
00216 {
00217 unsigned int i;
00218 int ret;
00219
00220 if ( (d->d_tag->t_type & EMV_DATA_TYPE_MASK) != EMV_DATA_INT )
00221 return -1;
00222 if ( d->d_len > sizeof(ret) || d->d_data[0] & 0x80 )
00223 return -1;
00224
00225 for(ret = i = 0; i < d->d_len; i++)
00226 ret = (ret << 8) | d->d_data[i];
00227
00228 return ret;
00229 }
00230
00231 int emv_data_sda(emv_data_t d)
00232 {
00233 return !!(d->d_flags & EMV_DATA_SDA);
00234 }
00235
00236 struct db_state {
00237 struct _emv *e;
00238 struct _emv_db *db;
00239 struct _emv_data **rec;
00240 struct _emv_data **sda;
00241 };
00242
00243 static int composite(emv_t e, struct _emv_data *d)
00244 {
00245 const uint8_t *ptr, *end;
00246 struct _emv_data **elem;
00247 size_t num_tags;
00248 size_t i;
00249
00250 ptr = d->d_data;
00251 end = ptr + d->d_len;
00252
00253 for(num_tags = 0; ptr < end; num_tags++) {
00254 const uint8_t *tag;
00255 size_t tag_len;
00256 size_t clen;
00257
00258 tag = ber_decode_tag(&ptr, end, &tag_len);
00259 if ( ptr >= end ) {
00260 _emv_error(e, EMV_ERR_BER_DECODE);
00261 return 0;
00262 }
00263
00264 clen = ber_decode_len(&ptr, end);
00265 if ( ptr + clen > end ) {
00266 _emv_error(e, EMV_ERR_BER_DECODE);
00267 return 0;
00268 }
00269
00270 ptr += clen;
00271 }
00272
00273 elem = gang_alloc(e->e_files, num_tags * sizeof(*elem));
00274 if ( NULL == elem ) {
00275 _emv_sys_error(e);
00276 return 0;
00277 }
00278
00279 for(ptr = d->d_data, i = 0; ptr < end; i++) {
00280 const uint8_t *tag;
00281 size_t tag_len;
00282 size_t clen;
00283 uint16_t t;
00284
00285 tag = ber_decode_tag(&ptr, end, &tag_len);
00286 if ( ptr >= end ) {
00287 _emv_error(e, EMV_ERR_BER_DECODE);
00288 return 0;
00289 }
00290
00291 clen = ber_decode_len(&ptr, end);
00292 if ( ptr + clen > end ) {
00293 _emv_error(e, EMV_ERR_BER_DECODE);
00294 return 0;
00295 }
00296
00297 switch(tag_len) {
00298 case 1:
00299 t = tag[0];
00300 break;
00301 case 2:
00302 t = (tag[0] << 8) | tag[1];
00303 break;
00304 default:
00305 _emv_error(e, EMV_ERR_BER_DECODE);
00306 return 0;
00307 }
00308
00309 elem[i] = mpool_alloc(e->e_data);
00310 elem[i]->d_tag = find_tag(t);
00311
00312 elem[i]->d_flags = d->d_flags;
00313 elem[i]->d_id = t;
00314 elem[i]->d_data = ptr;
00315 elem[i]->d_len = clen;
00316 if ( emv_data_composite(elem[i]) ) {
00317 if ( !composite(e, elem[i]) )
00318 return 0;
00319 }else {
00320 elem[i]->d_elem = NULL;
00321 elem[i]->d_nmemb = 0;
00322 }
00323
00324 ptr += clen;
00325 }
00326
00327 d->d_nmemb = num_tags;
00328 d->d_elem = elem;
00329
00330 return 1;
00331 }
00332
00333 static int decode_record(struct db_state *s, const uint8_t *ptr,
00334 size_t len, int sda)
00335 {
00336 const uint8_t *end = ptr + len;
00337 uint8_t *tmp;
00338 struct _emv_data *d;
00339
00340 if ( len < 2 || ptr[0] != EMV_TAG_RECORD ) {
00341 printf("emv: bad application data format\n");
00342 _emv_error(s->e, EMV_ERR_BER_DECODE);
00343 return 0;
00344 }
00345
00346 ptr++;
00347 len--;
00348
00349 len = ber_decode_len(&ptr, end);
00350 if ( ptr + len > end ) {
00351 _emv_error(s->e, EMV_ERR_BER_DECODE);
00352 return 0;
00353 }
00354
00355 d = mpool_alloc(s->e->e_data);
00356 if ( NULL == d ) {
00357 _emv_sys_error(s->e);
00358 return 0;
00359 }
00360
00361 tmp = gang_alloc(s->e->e_files, len);
00362 if ( NULL == ptr ) {
00363 _emv_sys_error(s->e);
00364 return 0;
00365 }
00366
00367 memcpy(tmp, ptr, len);
00368
00369 d->d_tag = find_tag(EMV_TAG_RECORD);
00370 d->d_id = EMV_TAG_RECORD;
00371 d->d_flags = (sda) ? EMV_DATA_SDA : 0;
00372 d->d_data = tmp;
00373 d->d_len = len;
00374
00375 *s->rec = d;
00376 s->rec++;
00377
00378 if ( sda ) {
00379 *s->sda = d;
00380 s->sda++;
00381 }
00382
00383 return composite(s->e, d);
00384 }
00385
00386 #if 0
00387 static void hex_dump_r(const uint8_t *tmp, size_t len,
00388 size_t llen, unsigned int depth)
00389 {
00390 size_t i, j;
00391 size_t line;
00392
00393 for(j = 0; j < len; j += line, tmp += line) {
00394 if ( j + llen > len ) {
00395 line = len - j;
00396 }else{
00397 line = llen;
00398 }
00399
00400 printf("%*c%05x : ", depth, ' ', j);
00401
00402 for(i = 0; i < line; i++) {
00403 if ( isprint(tmp[i]) ) {
00404 printf("%c", tmp[i]);
00405 }else{
00406 printf(".");
00407 }
00408 }
00409
00410 for(; i < llen; i++)
00411 printf(" ");
00412
00413 for(i=0; i < line; i++)
00414 printf(" %02x", tmp[i]);
00415
00416 printf("\n");
00417 }
00418 printf("\n");
00419 }
00420
00421 static const char *label(struct _emv_data *d)
00422 {
00423 static char buf[20];
00424
00425 if ( d->d_tag == &unknown_soldier ) {
00426 snprintf(buf, sizeof(buf),
00427 "Unknown tag: 0x%.4x", d->d_id);
00428 return buf;
00429 }else
00430 return d->d_tag->t_label;
00431 }
00432
00433 static void dump_records(struct _emv_data **d, size_t num, unsigned depth)
00434 {
00435 unsigned int i;
00436
00437 for(i = 0; i < num; i++) {
00438 if ( emv_data_composite(d[i]) ) {
00439 printf("%*c%s {\n", depth, ' ', label(d[i]));
00440
00441 dump_records(d[i]->d_elem,
00442 d[i]->d_nmemb, depth + 1);
00443 printf("%*c}\n\n", depth, ' ');
00444 continue;
00445 }
00446
00447 printf("%*c%s\n", depth, ' ', label(d[i]));
00448 hex_dump_r(d[i]->d_data,
00449 d[i]->d_len, 16, depth);
00450 }
00451 }
00452 #endif
00453
00454 static int cmp(const void *A, const void *B)
00455 {
00456 const struct _emv_data * const *a = A, * const *b = B;
00457 return (*a)->d_id - (*b)->d_id;
00458 }
00459
00460 static void count_elements(struct _emv_data **d, size_t num,
00461 unsigned int *cnt)
00462 {
00463 unsigned int i;
00464
00465 for(i = 0; i < num; i++) {
00466 if ( emv_data_composite(d[i]) ) {
00467 (*cnt)++;
00468 qsort(d[i]->d_elem, d[i]->d_nmemb,
00469 sizeof(d[i]->d_elem), cmp);
00470
00471
00472
00473 count_elements(d[i]->d_elem,
00474 d[i]->d_nmemb, cnt);
00475 continue;
00476 }
00477 (*cnt)++;
00478 }
00479 }
00480
00481 static void add_elements(struct _emv_data **d, size_t num,
00482 struct _emv_data ***db)
00483 {
00484 unsigned int i;
00485
00486 for(i = 0; i < num; i++) {
00487 if ( emv_data_composite(d[i]) ) {
00488 (**db) = d[i];
00489 (*db)++;
00490 add_elements(d[i]->d_elem,
00491 d[i]->d_nmemb, db);
00492 continue;
00493 }
00494 (**db) = d[i];
00495 (*db)++;
00496 }
00497 }
00498
00499 static int read_sfi(struct db_state *s, uint8_t sfi,
00500 uint8_t begin, uint8_t end, uint8_t num_sda)
00501 {
00502 const uint8_t *res;
00503 unsigned int i, sda;
00504 size_t len;
00505
00506 for(i = begin; i <= end; i++ ) {
00507 if ( !_emv_read_record(s->e, sfi, i) )
00508 return 0;
00509
00510 res = xfr_rx_data(s->e->e_xfr, &len);
00511 if ( NULL == res )
00512 return 0;
00513
00514 sda = ( num_sda && i < begin + num_sda ) ? 1 : 0;
00515 if ( !decode_record(s, res, len, sda) )
00516 return 0;
00517 }
00518
00519 return 1;
00520 }
00521
00522 int emv_read_app_data(struct _emv *e)
00523 {
00524 struct _emv_db *db = &e->e_db;
00525 struct db_state s;
00526 struct _emv_data **pps;
00527 uint8_t *ptr, *end;
00528 unsigned int i;
00529
00530 mpool_free(e->e_data);
00531 gang_free(e->e_files);
00532 memset(&e->e_db, 0, sizeof(e->e_db));
00533
00534 e->e_data = mpool_new(sizeof(struct _emv_data), 0);
00535 if ( NULL == e->e_data ) {
00536 _emv_sys_error(e);
00537 return 0;
00538 }
00539
00540 e->e_files = gang_new(0, 0);
00541 if ( NULL == e->e_files ) {
00542 _emv_sys_error(e);
00543 return 0;
00544 }
00545
00546 for(ptr = e->e_afl, end = e->e_afl + e->e_afl_len;
00547 ptr + 4 <= end; ptr += 4) {
00548
00549
00550 db->db_numsda += ptr[3];
00551 db->db_numrec += (ptr[2] + 1) - ptr[1];
00552 }
00553
00554 pps = gang_alloc(e->e_files,
00555 (db->db_numrec + db->db_numsda) * sizeof(*pps));
00556 if ( NULL == pps ) {
00557 _emv_sys_error(e);
00558 return 0;
00559 }
00560
00561 db->db_rec = pps;
00562 db->db_sda = pps + db->db_numrec;
00563
00564 s.e = e;
00565 s.db = db;
00566 s.rec = db->db_rec;
00567 s.sda = db->db_sda;
00568
00569 for(ptr = e->e_afl, end = e->e_afl + e->e_afl_len;
00570 ptr + 4 <= end; ptr += 4) {
00571 if ( !read_sfi(&s, ptr[0] >> 3, ptr[1], ptr[2], ptr[3]) )
00572 return 0;
00573 }
00574
00575 for(i = 0; i < db->db_numrec; i++) {
00576 count_elements(db->db_rec[i]->d_elem,
00577 db->db_rec[i]->d_nmemb,
00578 &db->db_nmemb);
00579 }
00580
00581 pps = db->db_elem = gang_alloc(e->e_files,
00582 db->db_nmemb * sizeof(*db->db_elem));
00583 if ( NULL == pps ) {
00584 _emv_sys_error(e);
00585 return 0;
00586 }
00587
00588 for(i = 0; i < db->db_numrec; i++) {
00589 add_elements(db->db_rec[i]->d_elem,
00590 db->db_rec[i]->d_nmemb,
00591 &pps);
00592 }
00593 qsort(db->db_elem, db->db_nmemb, sizeof(*db->db_elem), cmp);
00594
00595
00596
00597
00598 _emv_success(e);
00599 return 1;
00600 }