hf iclass wrbl - the pagemap bit maps isnt the best to handle all fou…

…r cases. This atleast fixes one issue with them

CHANGELOG.md

@@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file.
 This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...
 
 ## [unreleased][unreleased]
+ - Fixed `hf iclass wrbl` - pagemap bit map for secured is now handled better (@iceman1001)
  - Changed `hf iclass view/decrypt` to detect SIO lengths better and show if legacy credentials are encrypted (@nvx)
  - Changed the json file formats for mfc, 14b, 15, legic, cryptorf, ndef (@iceman1001)
  - Depricated the EML file format when saving dump files. (@iceman1001)

armsrc/iclass.c

@@ -1784,14 +1784,14 @@ static bool iclass_writeblock_ext(uint8_t blockno, uint8_t *data, uint8_t *mac,
         return false;
     }
 
-    uint8_t all_ff[8] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
     if (blockno == 2) {
         // check response. e-purse update swaps first and second half
         if (memcmp(data + 4, resp, 4) || memcmp(data, resp + 4, 4)) {
             return false;
         }
     } else if (blockno == 3 || blockno == 4) {
         // check response. Key updates always return 0xffffffffffffffff
+        uint8_t all_ff[8] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
         if (memcmp(all_ff, resp, 8)) {
             return false;
         }
@@ -1821,7 +1821,7 @@ void iClass_WriteBlock(uint8_t *msg) {
     // select tag.
     uint32_t eof_time = 0;
     picopass_hdr_t hdr = {0};
-    uint8_t res = select_iclass_tag(&hdr, payload->req.use_credit_key, &eof_time, shallow_mod);
+    bool res = select_iclass_tag(&hdr, payload->req.use_credit_key, &eof_time, shallow_mod);
     if (res == false) {
         goto out;
     }
@@ -1881,8 +1881,9 @@ void iClass_WriteBlock(uint8_t *msg) {
         if (tearoff_hook() == PM3_ETEAROFF) { // tearoff occurred
             res = false;
             switch_off();
-            if (payload->req.send_reply)
-                reply_ng(CMD_HF_ICLASS_WRITEBL, PM3_ETEAROFF, (uint8_t *)&res, sizeof(uint8_t));
+            if (payload->req.send_reply) {
+                reply_ng(CMD_HF_ICLASS_WRITEBL, PM3_ETEAROFF, (uint8_t *)&res, sizeof(bool));
+            }
             return;
         } else {
 
@@ -1901,16 +1902,18 @@ void iClass_WriteBlock(uint8_t *msg) {
     }
 
     // verify write
-    uint8_t all_ff[8] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
     if (pagemap == PICOPASS_SECURE_PAGEMODE && payload->req.blockno == 2) {
         // check response. e-purse update swaps first and second half
         if (memcmp(payload->data + 4, resp, 4) || memcmp(payload->data, resp + 4, 4)) {
             res = false;
             goto out;
         }
-    } else if (pagemap == PICOPASS_SECURE_PAGEMODE && (payload->req.blockno == 3 || payload->req.blockno == 4)) {
+    } 
+
+    if (pagemap == PICOPASS_SECURE_PAGEMODE && (payload->req.blockno == 3 || payload->req.blockno == 4)) {
         // check response. Key updates always return 0xffffffffffffffff
-        if (memcmp(all_ff, resp, 8)) {
+        uint8_t all_ff[8] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
+        if (memcmp(all_ff, resp, sizeof(all_ff))) {
             res = false;
             goto out;
         }
@@ -1925,8 +1928,9 @@ void iClass_WriteBlock(uint8_t *msg) {
 out:
     switch_off();
 
-    if (payload->req.send_reply)
-        reply_ng(CMD_HF_ICLASS_WRITEBL, PM3_SUCCESS, (uint8_t *)&res, sizeof(uint8_t));
+    if (payload->req.send_reply) {
+        reply_ng(CMD_HF_ICLASS_WRITEBL, PM3_SUCCESS, (uint8_t *)&res, sizeof(bool));
+    }
 }
 
 void iclass_credit_epurse(iclass_credit_epurse_t *payload) {
@@ -1967,8 +1971,9 @@ void iclass_credit_epurse(iclass_credit_epurse_t *payload) {
     res = iclass_send_cmd_with_retries(cmd_read, sizeof(cmd_read), epurse, sizeof(epurse), 10, 3, &start_time, ICLASS_READER_TIMEOUT_OTHERS, &eof_time, shallow_mod);
     if (!res) {
         switch_off();
-        if (payload->req.send_reply)
+        if (payload->req.send_reply) {
             reply_ng(CMD_HF_ICLASS_CREDIT_EPURSE, PM3_ETIMEOUT, (uint8_t *)&res, sizeof(uint8_t));
+        }
         return;
     }
 
@@ -1977,7 +1982,7 @@ void iclass_credit_epurse(iclass_credit_epurse_t *payload) {
 
     uint8_t epurse_offset = 0;
     const uint8_t empty_epurse[] = {0xff, 0xff, 0xff, 0xff};
-    if (!memcmp(epurse, empty_epurse, 4)) {
+    if (memcmp(epurse, empty_epurse, 4) == 0) {
         // epurse data in stage 2
         epurse_offset = 4;
     }

client/src/cmdhficlass.c

@@ -2086,6 +2086,7 @@ static int iclass_write_block(uint8_t blockno, uint8_t *bldata, uint8_t *macdata
         if (verbose) PrintAndLogEx(ERR, "failed to communicate with card");
         return resp.status;
     }
+
     return (resp.data.asBytes[0] == 1) ? PM3_SUCCESS : PM3_ESOFT;
 }
 
@@ -2190,7 +2191,7 @@ static int CmdHFiClass_WriteBlock(const char *Cmd) {
     int isok = iclass_write_block(blockno, data, mac, key, use_credit_key, elite, rawkey, use_replay, verbose, auth, shallow_mod);
     switch (isok) {
         case PM3_SUCCESS:
-            PrintAndLogEx(SUCCESS, "Wrote block %3d/0x%02X successful", blockno, blockno);
+            PrintAndLogEx(SUCCESS, "Wrote block " _YELLOW_("%d") "/" _YELLOW_("0x%02X") " ( " _GREEN_("ok") " )", blockno, blockno);
             break;
         case PM3_ETEAROFF:
             if (verbose)

include/protocols.h

@@ -443,7 +443,7 @@ ISO 7816-4 Basic interindustry commands. For command APDU's.
 
 // Picopass Pagemode fuses
 #define PICOPASS_NON_SECURE_PAGEMODE 0x01
-#define PICOPASS_SECURE_PAGEMODE     0x11
+#define PICOPASS_SECURE_PAGEMODE     0x03
 
 
 // ISO 7816-4 Basic interindustry commands. For command APDU's.