]> git.zerfleddert.de Git - proxmark3-svn/blame - client/mifare4.c
Update list of Certificate Authorities Public Keys (source: https://www.eftlab.co...
[proxmark3-svn] / client / mifare4.c
CommitLineData
ae3340a0
OM
1//-----------------------------------------------------------------------------
2// Copyright (C) 2018 Merlok
4b5d696c 3// Copyright (C) 2018 drHatson
ae3340a0
OM
4//
5// This code is licensed to you under the terms of the GNU GPL, version 2 or,
6// at your option, any later version. See the LICENSE.txt file for the text of
7// the license.
8//-----------------------------------------------------------------------------
9// iso14443-4 mifare commands
10//-----------------------------------------------------------------------------
11
12#include "mifare4.h"
13#include <ctype.h>
14#include <string.h>
15#include "cmdhf14a.h"
16#include "util.h"
17#include "ui.h"
700d8687 18#include "crypto/libpcrypto.h"
ae3340a0 19
ac4ecfe3
OM
20AccessConditions_t MFAccessConditions[] = {
21 {0x00, "read AB; write AB; increment AB; decrement transfer restore AB"},
22 {0x01, "read AB; decrement transfer restore AB"},
23 {0x02, "read AB"},
24 {0x03, "read B; write B"},
25 {0x04, "read AB; writeB"},
26 {0x05, "read B"},
27 {0x06, "read AB; write B; increment B; decrement transfer restore AB"},
28 {0x07, "none"}
29};
30
31AccessConditions_t MFAccessConditionsTrailer[] = {
32 {0x00, "read A by A; read ACCESS by A; read B by A; write B by A"},
33 {0x01, "write A by A; read ACCESS by A write ACCESS by A; read B by A; write B by A"},
34 {0x02, "read ACCESS by A; read B by A"},
35 {0x03, "write A by B; read ACCESS by AB; write ACCESS by B; write B by B"},
36 {0x04, "write A by B; read ACCESS by AB; write B by B"},
37 {0x05, "read ACCESS by AB; write ACCESS by B"},
38 {0x06, "read ACCESS by AB"},
39 {0x07, "read ACCESS by AB"}
40};
41
42char *mfGetAccessConditionsDesc(uint8_t blockn, uint8_t *data) {
43 static char StaticNone[] = "none";
44
45 uint8_t data1 = ((data[1] >> 4) & 0x0f) >> blockn;
46 uint8_t data2 = ((data[2]) & 0x0f) >> blockn;
47 uint8_t data3 = ((data[2] >> 4) & 0x0f) >> blockn;
48
49 uint8_t cond = (data1 & 0x01) << 2 | (data2 & 0x01) << 1 | (data3 & 0x01);
50
51 if (blockn == 3) {
52 for (int i = 0; i < ARRAYLEN(MFAccessConditionsTrailer); i++)
53 if (MFAccessConditionsTrailer[i].cond == cond) {
54 return MFAccessConditionsTrailer[i].description;
55 }
56 } else {
57 for (int i = 0; i < ARRAYLEN(MFAccessConditions); i++)
58 if (MFAccessConditions[i].cond == cond) {
59 return MFAccessConditions[i].description;
60 }
61 };
62
63 return StaticNone;
64};
65
4b5d696c 66int CalculateEncIVCommand(mf4Session *session, uint8_t *iv, bool verbose) {
67 memcpy(&iv[0], session->TI, 4);
68 memcpy(&iv[4], &session->R_Ctr, 2);
69 memcpy(&iv[6], &session->W_Ctr, 2);
70 memcpy(&iv[8], &session->R_Ctr, 2);
71 memcpy(&iv[10], &session->W_Ctr, 2);
72 memcpy(&iv[12], &session->R_Ctr, 2);
73 memcpy(&iv[14], &session->W_Ctr, 2);
74
75 return 0;
76}
77
78int CalculateEncIVResponse(mf4Session *session, uint8_t *iv, bool verbose) {
79 memcpy(&iv[0], &session->R_Ctr, 2);
80 memcpy(&iv[2], &session->W_Ctr, 2);
81 memcpy(&iv[4], &session->R_Ctr, 2);
82 memcpy(&iv[6], &session->W_Ctr, 2);
83 memcpy(&iv[8], &session->R_Ctr, 2);
84 memcpy(&iv[10], &session->W_Ctr, 2);
85 memcpy(&iv[12], session->TI, 4);
86
87 return 0;
88}
89
90
91int CalculateMAC(mf4Session *session, MACType_t mtype, uint8_t blockNum, uint8_t blockCount, uint8_t *data, int datalen, uint8_t *mac, bool verbose) {
92 if (!session || !session->Authenticated || !mac || !data || !datalen || datalen < 1)
c8a0f550
OM
93 return 1;
94
95 memset(mac, 0x00, 8);
4b5d696c 96
97 uint16_t ctr = session->R_Ctr;
98 switch(mtype) {
99 case mtypWriteCmd:
100 case mtypWriteResp:
101 ctr = session->W_Ctr;
102 break;
103 case mtypReadCmd:
104 case mtypReadResp:
105 break;
106 }
107
108 uint8_t macdata[2049] = {data[0], (ctr & 0xFF), (ctr >> 8), 0};
109 int macdatalen = datalen;
110 memcpy(&macdata[3], session->TI, 4);
111
112 switch(mtype) {
113 case mtypReadCmd:
114 memcpy(&macdata[7], &data[1], datalen - 1);
115 macdatalen = datalen + 6;
116 break;
117 case mtypReadResp:
118 macdata[7] = blockNum;
119 macdata[8] = 0;
120 macdata[9] = blockCount;
121 memcpy(&macdata[10], &data[1], datalen - 1);
122 macdatalen = datalen + 9;
123 break;
124 case mtypWriteCmd:
125 memcpy(&macdata[7], &data[1], datalen - 1);
126 macdatalen = datalen + 6;
127 break;
128 case mtypWriteResp:
129 macdatalen = 1 + 6;
130 break;
131 }
c8a0f550
OM
132
133 if (verbose)
4b5d696c 134 PrintAndLog("MAC data[%d]: %s", macdatalen, sprint_hex(macdata, macdatalen));
c8a0f550 135
4b5d696c 136 return aes_cmac8(NULL, session->Kmac, macdata, mac, macdatalen);
c8a0f550
OM
137}
138
ae3340a0
OM
139int MifareAuth4(mf4Session *session, uint8_t *keyn, uint8_t *key, bool activateField, bool leaveSignalON, bool verbose) {
140 uint8_t data[257] = {0};
141 int datalen = 0;
142
4b5d696c 143 uint8_t RndA[17] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x00};
144 uint8_t RndB[17] = {0};
ae3340a0
OM
145
146 if (session)
147 session->Authenticated = false;
148
149 uint8_t cmd1[] = {0x70, keyn[1], keyn[0], 0x00};
150 int res = ExchangeRAW14a(cmd1, sizeof(cmd1), activateField, true, data, sizeof(data), &datalen);
151 if (res) {
152 PrintAndLog("ERROR exchande raw error: %d", res);
153 DropField();
154 return 2;
155 }
156
157 if (verbose)
158 PrintAndLog("<phase1: %s", sprint_hex(data, datalen));
159
160 if (datalen < 1) {
161 PrintAndLog("ERROR: card response length: %d", datalen);
162 DropField();
163 return 3;
164 }
165
166 if (data[0] != 0x90) {
167 PrintAndLog("ERROR: card response error: %02x", data[2]);
168 DropField();
169 return 3;
170 }
171
172 if (datalen != 19) { // code 1b + 16b + crc 2b
173 PrintAndLog("ERROR: card response must be 19 bytes long instead of: %d", datalen);
174 DropField();
175 return 3;
176 }
177
4b5d696c 178 aes_decode(NULL, key, &data[1], RndB, 16);
179 RndB[16] = RndB[0];
ae3340a0 180 if (verbose)
4b5d696c 181 PrintAndLog("RndB: %s", sprint_hex(RndB, 16));
ae3340a0
OM
182
183 uint8_t cmd2[33] = {0};
184 cmd2[0] = 0x72;
185
186 uint8_t raw[32] = {0};
4b5d696c 187 memmove(raw, RndA, 16);
188 memmove(&raw[16], &RndB[1], 16);
ae3340a0
OM
189
190 aes_encode(NULL, key, raw, &cmd2[1], 32);
191 if (verbose)
192 PrintAndLog(">phase2: %s", sprint_hex(cmd2, 33));
193
c8a0f550 194 res = ExchangeRAW14a(cmd2, sizeof(cmd2), false, true, data, sizeof(data), &datalen);
ae3340a0
OM
195 if (res) {
196 PrintAndLog("ERROR exchande raw error: %d", res);
197 DropField();
198 return 4;
199 }
200
201 if (verbose)
202 PrintAndLog("<phase2: %s", sprint_hex(data, datalen));
203
204 aes_decode(NULL, key, &data[1], raw, 32);
205
206 if (verbose) {
207 PrintAndLog("res: %s", sprint_hex(raw, 32));
4b5d696c 208 PrintAndLog("RndA`: %s", sprint_hex(&raw[4], 16));
ae3340a0
OM
209 }
210
4b5d696c 211 if (memcmp(&raw[4], &RndA[1], 16)) {
ae3340a0
OM
212 PrintAndLog("\nERROR: Authentication FAILED. rnd not equal");
213 if (verbose) {
4b5d696c 214 PrintAndLog("RndA reader: %s", sprint_hex(&RndA[1], 16));
215 PrintAndLog("RndA card: %s", sprint_hex(&raw[4], 16));
ae3340a0
OM
216 }
217 DropField();
218 return 5;
219 }
220
4b5d696c 221 if (verbose) {
222 PrintAndLog(" TI: %s", sprint_hex(raw, 4));
223 PrintAndLog("pic: %s", sprint_hex(&raw[20], 6));
224 PrintAndLog("pcd: %s", sprint_hex(&raw[26], 6));
225 }
226
227 uint8_t kenc[16] = {0};
228 memcpy(&kenc[0], &RndA[11], 5);
229 memcpy(&kenc[5], &RndB[11], 5);
230 for(int i = 0; i < 5; i++)
231 kenc[10 + i] = RndA[4 + i] ^ RndB[4 + i];
232 kenc[15] = 0x11;
233
234 aes_encode(NULL, key, kenc, kenc, 16);
235 if (verbose) {
236 PrintAndLog("kenc: %s", sprint_hex(kenc, 16));
237 }
238
239 uint8_t kmac[16] = {0};
240 memcpy(&kmac[0], &RndA[7], 5);
241 memcpy(&kmac[5], &RndB[7], 5);
242 for(int i = 0; i < 5; i++)
243 kmac[10 + i] = RndA[0 + i] ^ RndB[0 + i];
244 kmac[15] = 0x22;
245
246 aes_encode(NULL, key, kmac, kmac, 16);
247 if (verbose) {
248 PrintAndLog("kmac: %s", sprint_hex(kmac, 16));
249 }
250
ae3340a0
OM
251 if (!leaveSignalON)
252 DropField();
253
254 if (verbose)
255 PrintAndLog("");
256
257 if (session) {
258 session->Authenticated = true;
4b5d696c 259 session->R_Ctr = 0;
260 session->W_Ctr = 0;
ae3340a0 261 session->KeyNum = keyn[1] + (keyn[0] << 8);
4b5d696c 262 memmove(session->RndA, RndA, 16);
263 memmove(session->RndB, RndB, 16);
c8a0f550 264 memmove(session->Key, key, 16);
4b5d696c 265 memmove(session->TI, raw, 4);
266 memmove(session->PICCap2, &raw[20], 6);
267 memmove(session->PCDCap2, &raw[26], 6);
268 memmove(session->Kenc, kenc, 16);
269 memmove(session->Kmac, kmac, 16);
ae3340a0
OM
270 }
271
272 PrintAndLog("Authentication OK");
273
274 return 0;
275}
276
c8a0f550
OM
277// Mifare Memory Structure: up to 32 Sectors with 4 blocks each (1k and 2k cards),
278// plus evtl. 8 sectors with 16 blocks each (4k cards)
279uint8_t mfNumBlocksPerSector(uint8_t sectorNo) {
280 if (sectorNo < 32)
281 return 4;
282 else
283 return 16;
284}
285
286uint8_t mfFirstBlockOfSector(uint8_t sectorNo) {
287 if (sectorNo < 32)
288 return sectorNo * 4;
289 else
290 return 32 * 4 + (sectorNo - 32) * 16;
291}
292
293uint8_t mfSectorTrailer(uint8_t blockNo) {
294 if (blockNo < 32*4) {
295 return (blockNo | 0x03);
296 } else {
297 return (blockNo | 0x0f);
298 }
299}
300
301bool mfIsSectorTrailer(uint8_t blockNo) {
302 return (blockNo == mfSectorTrailer(blockNo));
303}
304
305uint8_t mfSectorNum(uint8_t blockNo) {
306 if (blockNo < 32 * 4)
307 return blockNo / 4;
308 else
309 return 32 + (blockNo - 32 * 4) / 16;
310
311}
Impressum, Datenschutz