NFC Magic: Direct write to block 0 mode management added, code cleanup

Leptopt1los · Leptopt1los · commit f4dc0baaade9 · 2024-01-01T20:22:09.000+09:00
diff --git a/nfc_magic/.catalog/changelog.md b/nfc_magic/.catalog/changelog.md
@@ -2,6 +2,7 @@
 
  - Get revision, get config moved into main Gen4 menu
  - New function: Set Gen4 card shadow mode
+ - New function: Set Gen4 card direct write to block 0 mode
  - Fixed: back button did not allow to exit from some scenes while the card is next to the Flipper HF RFID antenna
 
 ## 1.4 
diff --git a/nfc_magic/lib/magic/protocols/gen4/gen4_poller.c b/nfc_magic/lib/magic/protocols/gen4/gen4_poller.c
@@ -181,6 +181,8 @@ NfcCommand gen4_poller_request_mode_handler(Gen4Poller* instance) {
         instance->state = Gen4PollerStateGetRevision;
     } else if(instance->gen4_event_data.request_mode.mode == Gen4PollerModeSetShadowMode) {
         instance->state = Gen4PollerStateSetShadowMode;
+    } else if(instance->gen4_event_data.request_mode.mode == Gen4PollerModeSetDirectWriteBlock0Mode) {
+        instance->state = Gen4PollerStateSetDirectWriteBlock0;
     } else {
         instance->state = Gen4PollerStateFail;
     }
@@ -273,13 +275,13 @@ static NfcCommand gen4_poller_write_mf_classic(Gen4Poller* instance) {
                 break;
             }
 
-            instance->config[6] = Gen4PollerShadowModeIgnore;
+            instance->config[6] = Gen4PollerShadowModeDisabled;
             instance->config[24] = iso3_data->atqa[0];
             instance->config[25] = iso3_data->atqa[1];
             instance->config[26] = iso3_data->sak;
             instance->config[27] = 0x00;
             instance->config[28] = instance->total_blocks;
-            instance->config[29] = 0x01;
+            instance->config[29] = Gen4PollerDirectWriteBlock0ModeDeactivated;
 
             Gen4PollerError error = gen4_poller_set_config(
                 instance, instance->password, instance->config, sizeof(instance->config), false);
@@ -352,13 +354,13 @@ static NfcCommand gen4_poller_write_mf_ultralight(Gen4Poller* instance) {
                 break;
             }
 
-            instance->config[6] = Gen4PollerShadowModeHighSpeedIgnore;
+            instance->config[6] = Gen4PollerShadowModeHighSpeedDisabled;
             instance->config[24] = iso3_data->atqa[0];
             instance->config[25] = iso3_data->atqa[1];
             instance->config[26] = iso3_data->sak;
             instance->config[27] = 0x00;
             instance->config[28] = instance->total_blocks;
-            instance->config[29] = 0x01;
+            instance->config[29] = Gen4PollerDirectWriteBlock0ModeDeactivated;
 
             Gen4PollerError error = gen4_poller_set_config(
                 instance, instance->password, instance->config, sizeof(instance->config), false);
@@ -557,6 +559,25 @@ NfcCommand gen4_poller_set_shadow_mode_handler(Gen4Poller* instance) {
     return command;
 }
 
+NfcCommand gen4_poller_set_direct_write_block_0_mode_handler(Gen4Poller* instance) {
+    NfcCommand command = NfcCommandContinue;
+
+    do {
+        Gen4PollerError error = gen4_poller_set_direct_write_block_0_mode(
+            instance, instance->password, instance->direct_write_block_0_mode);
+
+        if(error != Gen4PollerErrorNone) {
+            FURI_LOG_E(TAG, "Failed to set direct write to block 0 mode: %d", error);
+            instance->state = Gen4PollerStateFail;
+            break;
+        }
+
+        instance->state = Gen4PollerStateSuccess;
+    } while(false);
+
+    return command;
+}
+
 NfcCommand gen4_poller_success_handler(Gen4Poller* instance) {
     NfcCommand command = NfcCommandContinue;
 
@@ -592,6 +613,7 @@ static const Gen4PollerStateHandler gen4_poller_state_handlers[Gen4PollerStateNu
     [Gen4PollerStateGetCurrentConfig] = gen4_poller_get_current_cfg_handler,
     [Gen4PollerStateGetRevision] = gen4_poller_get_revision_handler,
     [Gen4PollerStateSetShadowMode] = gen4_poller_set_shadow_mode_handler,
+    [Gen4PollerStateSetDirectWriteBlock0] = gen4_poller_set_direct_write_block_0_mode_handler,
     [Gen4PollerStateSuccess] = gen4_poller_success_handler,
     [Gen4PollerStateFail] = gen4_poller_fail_handler,
 
diff --git a/nfc_magic/lib/magic/protocols/gen4/gen4_poller.h b/nfc_magic/lib/magic/protocols/gen4/gen4_poller.h
@@ -42,6 +42,7 @@ typedef enum {
     Gen4PollerModeGetCfg,
     Gen4PollerModeGetRevision,
     Gen4PollerModeSetShadowMode,
+    Gen4PollerModeSetDirectWriteBlock0Mode
 } Gen4PollerMode;
 
 typedef struct {
diff --git a/nfc_magic/lib/magic/protocols/gen4/gen4_poller_i.c b/nfc_magic/lib/magic/protocols/gen4/gen4_poller_i.c
@@ -13,6 +13,7 @@
 #define GEN4_CMD_GET_REVISION (0xCC)
 #define GEN4_CMD_WRITE (0xCD)
 #define GEN4_CMD_READ (0xCE)
+#define GEN4_CMD_SET_DW_BLOCK_0 (0xCF)
 #define GEN4_CMD_SET_CFG (0xF0)
 #define GEN4_CMD_FUSE_CFG (0xF1)
 #define GEN4_CMD_SET_PWD (0xFE)
@@ -33,8 +34,10 @@ static Gen4PollerError gen4_poller_process_error(Iso14443_3aError error) {
     return ret;
 }
 
-Gen4PollerError
-    gen4_poller_set_shadow_mode(Gen4Poller* instance, uint32_t password, uint8_t mode) {
+Gen4PollerError gen4_poller_set_shadow_mode(
+    Gen4Poller* instance,
+    uint32_t password,
+    Gen4PollerShadowMode mode) {
     Gen4PollerError ret = Gen4PollerErrorNone;
     bit_buffer_reset(instance->tx_buffer);
 
@@ -68,6 +71,43 @@ Gen4PollerError
     return ret;
 }
 
+Gen4PollerError gen4_poller_set_direct_write_block_0_mode(
+    Gen4Poller* instance,
+    uint32_t password,
+    Gen4PollerDirectWriteBlock0Mode mode) {
+    Gen4PollerError ret = Gen4PollerErrorNone;
+    bit_buffer_reset(instance->tx_buffer);
+
+    do {
+        uint8_t password_arr[4] = {};
+        nfc_util_num2bytes(password, COUNT_OF(password_arr), password_arr);
+        bit_buffer_append_byte(instance->tx_buffer, GEN4_CMD_PREFIX);
+        bit_buffer_append_bytes(instance->tx_buffer, password_arr, COUNT_OF(password_arr));
+        bit_buffer_append_byte(instance->tx_buffer, GEN4_CMD_SET_DW_BLOCK_0);
+        bit_buffer_append_byte(instance->tx_buffer, mode);
+
+        Iso14443_3aError error = iso14443_3a_poller_send_standard_frame(
+            instance->iso3_poller, instance->tx_buffer, instance->rx_buffer, GEN4_POLLER_MAX_FWT);
+
+        if(error != Iso14443_3aErrorNone) {
+            ret = gen4_poller_process_error(error);
+            break;
+        }
+
+        // size_t rx_bytes = bit_buffer_get_size_bytes(instance->rx_buffer);
+        // if(rx_bytes != SHD_MODE_RESPONSE_SIZE) {
+        //     ret = Gen4PollerErrorProtocol;
+        //     break;
+        // }
+        uint16_t response = bit_buffer_get_size_bytes(instance->rx_buffer);
+
+        FURI_LOG_D(TAG, "Card response: %X, Direct write to block 0 mode set: %u", response, mode);
+
+    } while(false);
+
+    return ret;
+}
+
 Gen4PollerError
     gen4_poller_get_config(Gen4Poller* instance, uint32_t password, uint8_t* config_result) {
     Gen4PollerError ret = Gen4PollerErrorNone;
diff --git a/nfc_magic/lib/magic/protocols/gen4/gen4_poller_i.h b/nfc_magic/lib/magic/protocols/gen4/gen4_poller_i.h
@@ -37,12 +37,23 @@ typedef enum {
     Gen4PollerShadowModePreWrite = 0x00,
     // written data can be read once before restored to original
     Gen4PollerShadowModeRestore = 0x01,
-    // written data is discarded
-    Gen4PollerShadowModeIgnore = 0x02,
+    // shadow mode disabled
+    Gen4PollerShadowModeDisabled = 0x02,
     // apparently for UL?
-    Gen4PollerShadowModeHighSpeedIgnore = 0x03
+    Gen4PollerShadowModeHighSpeedDisabled = 0x03,
+    // work with new UMC. With old UMC is untested
+    Gen4PollerShadowModeSplit = 0x04,
 } Gen4PollerShadowMode;
 
+typedef enum {
+    // gen2 card behavour
+    Gen4PollerDirectWriteBlock0ModeActivated = 0x00,
+    // common card behavour
+    Gen4PollerDirectWriteBlock0ModeDeactivated = 0x01,
+    // default mode. same behavour as Gen4PollerDirectWriteBlock0ModeActivate
+    Gen4PollerDirectWriteBlock0ModeDefault = 0x02,
+} Gen4PollerDirectWriteBlock0Mode;
+
 typedef enum {
     Gen4PollerStateIdle,
     Gen4PollerStateRequestMode,
@@ -55,6 +66,7 @@ typedef enum {
     Gen4PollerStateGetCurrentConfig,
     Gen4PollerStateGetRevision,
     Gen4PollerStateSetShadowMode,
+    Gen4PollerStateSetDirectWriteBlock0,
 
     Gen4PollerStateSuccess,
     Gen4PollerStateFail,
@@ -80,7 +92,8 @@ struct Gen4Poller {
 
     uint8_t config[GEN4_POLLER_CONFIG_SIZE_MAX];
 
-    uint8_t shadow_mode;
+    Gen4PollerShadowMode shadow_mode;
+    Gen4PollerDirectWriteBlock0Mode direct_write_block_0_mode;
 
     Gen4PollerEvent gen4_event;
     Gen4PollerEventData gen4_event_data;
@@ -111,7 +124,13 @@ Gen4PollerError
 Gen4PollerError
     gen4_poller_get_config(Gen4Poller* instance, uint32_t password, uint8_t* config_result);
 
-Gen4PollerError gen4_poller_set_shadow_mode(Gen4Poller* instance, uint32_t password, uint8_t mode);
+Gen4PollerError
+    gen4_poller_set_shadow_mode(Gen4Poller* instance, uint32_t password, Gen4PollerShadowMode mode);
+
+Gen4PollerError gen4_poller_set_direct_write_block_0_mode(
+    Gen4Poller* instance,
+    uint32_t password,
+    Gen4PollerDirectWriteBlock0Mode mode);
 
 #ifdef __cplusplus
 }
diff --git a/nfc_magic/scenes/nfc_magic_scene_config.h b/nfc_magic/scenes/nfc_magic_scene_config.h
@@ -12,6 +12,8 @@ ADD_SCENE(nfc_magic, gen4_show_rev, Gen4ShowRev)
 ADD_SCENE(nfc_magic, gen4_show_cfg, Gen4ShowCfg)
 ADD_SCENE(nfc_magic, gen4_select_shd_mode, Gen4SelectShdMode)
 ADD_SCENE(nfc_magic, gen4_set_shd_mode, Gen4SetShdMode)
+ADD_SCENE(nfc_magic, gen4_select_direct_write_block_0_mode, Gen4SelectDirectWriteBlock0Mode)
+ADD_SCENE(nfc_magic, gen4_set_direct_write_block_0_mode, Gen4SetDirectWriteBlock0Mode)
 ADD_SCENE(nfc_magic, gen4_fail, Gen4Fail)
 ADD_SCENE(nfc_magic, wipe, Wipe)
 ADD_SCENE(nfc_magic, wipe_fail, WipeFail)
diff --git a/nfc_magic/scenes/nfc_magic_scene_gen4_menu.c b/nfc_magic/scenes/nfc_magic_scene_gen4_menu.c
@@ -5,6 +5,7 @@ enum SubmenuIndex {
     SubmenuIndexWrite,
     SubmenuIndexChangePassword,
     SubmenuIndexSetShadowMode,
+    SubmenuIndexSetDirectWriteBlock0Mode,
     SubmenuIndexGetRevision,
     SubmenuIndexGetConfig,
     SubmenuIndexWipe,
@@ -34,6 +35,12 @@ void nfc_magic_scene_gen4_menu_on_enter(void* context) {
         SubmenuIndexSetShadowMode,
         nfc_magic_scene_gen4_menu_submenu_callback,
         instance);
+    submenu_add_item(
+        submenu,
+        "Set Direct Write To Block 0 Mode",
+        SubmenuIndexSetDirectWriteBlock0Mode,
+        nfc_magic_scene_gen4_menu_submenu_callback,
+        instance);
     submenu_add_item(
         submenu,
         "Get Revision",
@@ -79,6 +86,10 @@ bool nfc_magic_scene_gen4_menu_on_event(void* context, SceneManagerEvent event)
         } else if(event.event == SubmenuIndexSetShadowMode) {
             scene_manager_next_scene(instance->scene_manager, NfcMagicSceneGen4SelectShdMode);
             consumed = true;
+        } else if(event.event == SubmenuIndexSetDirectWriteBlock0Mode) {
+            scene_manager_next_scene(
+                instance->scene_manager, NfcMagicSceneGen4SelectDirectWriteBlock0Mode);
+            consumed = true;
         }
 
         scene_manager_set_scene_state(instance->scene_manager, NfcMagicSceneGen4Menu, event.event);
diff --git a/nfc_magic/scenes/nfc_magic_scene_gen4_select_direct_write_block_0_mode.c b/nfc_magic/scenes/nfc_magic_scene_gen4_select_direct_write_block_0_mode.c
@@ -0,0 +1,96 @@
+#include "../nfc_magic_app_i.h"
+#include "furi_hal_rtc.h"
+#include "protocols/gen4/gen4_poller_i.h"
+
+enum SubmenuIndex {
+    SubmenuIndexActivate,
+    SubmenuIndexDeactivate,
+    SubmenuIndexDefault,
+};
+
+void nfc_magic_scene_gen4_select_direct_write_block_0_mode_submenu_callback(
+    void* context,
+    uint32_t index) {
+    NfcMagicApp* instance = context;
+
+    view_dispatcher_send_custom_event(instance->view_dispatcher, index);
+}
+
+void nfc_magic_scene_gen4_select_direct_write_block_0_mode_on_enter(void* context) {
+    NfcMagicApp* instance = context;
+
+    Submenu* submenu = instance->submenu;
+    submenu_add_item(
+        submenu,
+        "Activate",
+        SubmenuIndexActivate,
+        nfc_magic_scene_gen4_select_direct_write_block_0_mode_submenu_callback,
+        instance);
+    submenu_add_item(
+        submenu,
+        "Deactivate",
+        SubmenuIndexDeactivate,
+        nfc_magic_scene_gen4_select_direct_write_block_0_mode_submenu_callback,
+        instance);
+    if(furi_hal_rtc_is_flag_set(FuriHalRtcFlagDebug)) {
+        submenu_add_item(
+            submenu,
+            "Default",
+            SubmenuIndexDefault,
+            nfc_magic_scene_gen4_select_direct_write_block_0_mode_submenu_callback,
+            instance);
+    }
+    submenu_set_selected_item(
+        submenu,
+        scene_manager_get_scene_state(
+            instance->scene_manager, NfcMagicSceneGen4SelectDirectWriteBlock0Mode));
+    view_dispatcher_switch_to_view(instance->view_dispatcher, NfcMagicAppViewMenu);
+}
+
+bool nfc_magic_scene_gen4_select_direct_write_block_0_mode_on_event(
+    void* context,
+    SceneManagerEvent event) {
+    NfcMagicApp* instance = context;
+    bool consumed = false;
+
+    if(event.type == SceneManagerEventTypeCustom) {
+        if(event.event == SubmenuIndexActivate) {
+            scene_manager_set_scene_state(
+                instance->scene_manager,
+                NfcMagicSceneGen4SetDirectWriteBlock0Mode,
+                Gen4PollerDirectWriteBlock0ModeActivated);
+            scene_manager_next_scene(
+                instance->scene_manager, NfcMagicSceneGen4SetDirectWriteBlock0Mode);
+            consumed = true;
+        } else if(event.event == SubmenuIndexDeactivate) {
+            scene_manager_set_scene_state(
+                instance->scene_manager,
+                NfcMagicSceneGen4SetDirectWriteBlock0Mode,
+                Gen4PollerDirectWriteBlock0ModeDeactivated);
+            scene_manager_next_scene(
+                instance->scene_manager, NfcMagicSceneGen4SetDirectWriteBlock0Mode);
+            consumed = true;
+        } else if(event.event == SubmenuIndexDefault) {
+            scene_manager_set_scene_state(
+                instance->scene_manager,
+                NfcMagicSceneGen4SetDirectWriteBlock0Mode,
+                Gen4PollerDirectWriteBlock0ModeDefault);
+            scene_manager_next_scene(
+                instance->scene_manager, NfcMagicSceneGen4SetDirectWriteBlock0Mode);
+            consumed = true;
+        }
+        scene_manager_set_scene_state(
+            instance->scene_manager, NfcMagicSceneGen4SelectDirectWriteBlock0Mode, event.event);
+    } else if(event.type == SceneManagerEventTypeBack) {
+        consumed = scene_manager_search_and_switch_to_previous_scene(
+            instance->scene_manager, NfcMagicSceneGen4ActionsMenu);
+    }
+
+    return consumed;
+}
+
+void nfc_magic_scene_gen4_select_direct_write_block_0_mode_on_exit(void* context) {
+    NfcMagicApp* instance = context;
+
+    submenu_reset(instance->submenu);
+}
diff --git a/nfc_magic/scenes/nfc_magic_scene_gen4_select_shd_mode.c b/nfc_magic/scenes/nfc_magic_scene_gen4_select_shd_mode.c
diff --git a/nfc_magic/scenes/nfc_magic_scene_gen4_set_direct_write_block_0_mode.c b/nfc_magic/scenes/nfc_magic_scene_gen4_set_direct_write_block_0_mode.c
diff --git a/nfc_magic/scenes/nfc_magic_scene_gen4_set_shd_mode.c b/nfc_magic/scenes/nfc_magic_scene_gen4_set_shd_mode.c
diff --git a/nfc_magic/scenes/nfc_magic_scene_gen4_show_cfg.c b/nfc_magic/scenes/nfc_magic_scene_gen4_show_cfg.c
