]> git.zerfleddert.de Git - proxmark3-svn/blobdiff - armsrc/mifarecmd.c
projects / proxmark3-svn / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add needed header files to proxguiqt
[proxmark3-svn] / armsrc / mifarecmd.c
diff --git a/armsrc/mifarecmd.c b/armsrc/mifarecmd.c
index a3d6609db3413a136b6d5415e3296e103f90a28a..6f57c11319c87d185f003a96d55a2f606f7e2f3d 100644 (file)
--- a/armsrc/mifarecmd.c
+++ b/armsrc/mifarecmd.c
@@ -14,12 +14,18 @@
 //-----------------------------------------------------------------------------\r
 \r
 #include "mifarecmd.h"\r
+\r
 #include "apps.h"\r
 #include "util.h"\r
+#include "parity.h"\r
 #include "crc.h"\r
 \r
+#define AUTHENTICATION_TIMEOUT 848                     // card times out 1ms after wrong authentication (according to NXP documentation)\r
+#define PRE_AUTHENTICATION_LEADTIME 400                // some (non standard) cards need a pause after select before they are ready for first authentication \r
+       \r
+\r
 // the block number for the ISO14443-4 PCB\r
-uint8_t pcb_blocknum = 0;\r
+static uint8_t pcb_blocknum = 0;\r
 // Deselect card by sending a s-block. the crc is precalced for speed\r
 static  uint8_t deselect_cmd[] = {0xc2,0xe0,0xb4};\r
 \r
@@ -53,7 +59,7 @@ void MifareReadBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
        LED_C_OFF();\r
 \r
        while (true) {\r
-               if(!iso14443a_select_card(uid, NULL, &cuid)) {\r
+               if(!iso14443a_select_card(uid, NULL, &cuid, true, 0)) {\r
                        if (MF_DBGLEVEL >= 1)   Dbprintf("Can't select card");\r
                        break;\r
                };\r
@@ -100,7 +106,7 @@ void MifareUC_Auth(uint8_t arg0, uint8_t *keybytes){
 \r
        clear_trace();\r
 \r
-       if(!iso14443a_select_card(NULL, NULL, NULL)) {\r
+       if(!iso14443a_select_card(NULL, NULL, NULL, true, 0)) {\r
                if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card");\r
                OnError(0);\r
                return;\r
@@ -135,7 +141,7 @@ void MifareUReadBlock(uint8_t arg0, uint8_t arg1, uint8_t *datain)
 \r
        clear_trace();\r
 \r
-       int len = iso14443a_select_card(NULL, NULL, NULL);\r
+       int len = iso14443a_select_card(NULL, NULL, NULL, true, 0);\r
        if(!len) {\r
                if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card (RC:%02X)",len);\r
                OnError(1);\r
@@ -211,7 +217,7 @@ void MifareReadSector(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
        LED_C_OFF();\r
 \r
        isOK = 1;\r
-       if(!iso14443a_select_card(uid, NULL, &cuid)) {\r
+       if(!iso14443a_select_card(uid, NULL, &cuid, true, 0)) {\r
                isOK = 0;\r
                if (MF_DBGLEVEL >= 1)   Dbprintf("Can't select card");\r
        }\r
@@ -275,7 +281,7 @@ void MifareUReadCard(uint8_t arg0, uint16_t arg1, uint8_t arg2, uint8_t *datain)
                return;\r
        }\r
 \r
-       int len = iso14443a_select_card(NULL, NULL, NULL);\r
+       int len = iso14443a_select_card(NULL, NULL, NULL, true, 0);\r
        if (!len) {\r
                if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card (RC:%d)",len);\r
                OnError(1);\r
@@ -377,7 +383,7 @@ void MifareWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
        LED_C_OFF();\r
 \r
        while (true) {\r
-                       if(!iso14443a_select_card(uid, NULL, &cuid)) {\r
+                       if(!iso14443a_select_card(uid, NULL, &cuid, true, 0)) {\r
                        if (MF_DBGLEVEL >= 1)   Dbprintf("Can't select card");\r
                        break;\r
                };\r
@@ -431,7 +437,7 @@ void MifareUWriteBlockCompat(uint8_t arg0, uint8_t *datain)
        clear_trace();\r
        iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
 \r
-       if(!iso14443a_select_card(uid, NULL, NULL)) {\r
+       if(!iso14443a_select_card(uid, NULL, NULL, true, 0)) {\r
                if (MF_DBGLEVEL >= 1)   Dbprintf("Can't select card");\r
                OnError(0);\r
                return;\r
@@ -477,7 +483,7 @@ void MifareUWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t *datain)
 \r
        clear_trace();\r
 \r
-       if(!iso14443a_select_card(NULL, NULL, NULL)) {\r
+       if(!iso14443a_select_card(NULL, NULL, NULL, true, 0)) {\r
                if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");\r
                OnError(0);\r
                return;\r
@@ -536,7 +542,7 @@ void MifareUSetPwd(uint8_t arg0, uint8_t *datain){
 \r
        clear_trace();\r
 \r
-       if(!iso14443a_select_card(NULL, NULL, NULL)) {\r
+       if(!iso14443a_select_card(NULL, NULL, NULL, true, 0)) {\r
                if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");\r
                OnError(0);\r
                return;\r
@@ -595,9 +601,138 @@ void MifareUSetPwd(uint8_t arg0, uint8_t *datain){
 \r
 // Return 1 if the nonce is invalid else return 0\r
 int valid_nonce(uint32_t Nt, uint32_t NtEnc, uint32_t Ks1, uint8_t *parity) {\r
-       return ((oddparity((Nt >> 24) & 0xFF) == ((parity[0]) ^ oddparity((NtEnc >> 24) & 0xFF) ^ BIT(Ks1,16))) & \\r
-       (oddparity((Nt >> 16) & 0xFF) == ((parity[1]) ^ oddparity((NtEnc >> 16) & 0xFF) ^ BIT(Ks1,8))) & \\r
-       (oddparity((Nt >> 8) & 0xFF) == ((parity[2]) ^ oddparity((NtEnc >> 8) & 0xFF) ^ BIT(Ks1,0)))) ? 1 : 0;\r
+       return ((oddparity8((Nt >> 24) & 0xFF) == ((parity[0]) ^ oddparity8((NtEnc >> 24) & 0xFF) ^ BIT(Ks1,16))) & \\r
+       (oddparity8((Nt >> 16) & 0xFF) == ((parity[1]) ^ oddparity8((NtEnc >> 16) & 0xFF) ^ BIT(Ks1,8))) & \\r
+       (oddparity8((Nt >> 8) & 0xFF) == ((parity[2]) ^ oddparity8((NtEnc >> 8) & 0xFF) ^ BIT(Ks1,0)))) ? 1 : 0;\r
+}\r
+\r
+\r
+//-----------------------------------------------------------------------------\r
+// acquire encrypted nonces in order to perform the attack described in\r
+// Carlo Meijer, Roel Verdult, "Ciphertext-only Cryptanalysis on Hardened\r
+// Mifare Classic Cards" in Proceedings of the 22nd ACM SIGSAC Conference on \r
+// Computer and Communications Security, 2015\r
+//-----------------------------------------------------------------------------\r
+void MifareAcquireEncryptedNonces(uint32_t arg0, uint32_t arg1, uint32_t flags, uint8_t *datain)\r
+{\r
+       uint64_t ui64Key = 0;\r
+       uint8_t uid[10];\r
+       uint32_t cuid;\r
+       uint8_t cascade_levels = 0;\r
+       struct Crypto1State mpcs = {0, 0};\r
+       struct Crypto1State *pcs;\r
+       pcs = &mpcs;\r
+       uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE];\r
+       int16_t isOK = 0;\r
+       uint8_t par_enc[1];\r
+       uint8_t nt_par_enc = 0;\r
+       uint8_t buf[USB_CMD_DATA_SIZE];\r
+       uint32_t timeout;\r
+       \r
+       uint8_t blockNo = arg0 & 0xff;\r
+       uint8_t keyType = (arg0 >> 8) & 0xff;\r
+       uint8_t targetBlockNo = arg1 & 0xff;\r
+       uint8_t targetKeyType = (arg1 >> 8) & 0xff;\r
+       ui64Key = bytes_to_num(datain, 6);\r
+       bool initialize = flags & 0x0001;\r
+       bool slow = flags & 0x0002;\r
+       bool field_off = flags & 0x0004;\r
+       \r
+       LED_A_ON();\r
+       LED_C_OFF();\r
+\r
+       if (initialize) {\r
+               iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
+               clear_trace();\r
+               set_tracing(true);\r
+       }\r
+       \r
+       LED_C_ON();\r
+       \r
+       uint16_t num_nonces = 0;\r
+       bool have_uid = false;\r
+       for (uint16_t i = 0; i <= USB_CMD_DATA_SIZE - 9; ) {\r
+\r
+               // Test if the action was cancelled\r
+               if(BUTTON_PRESS()) {\r
+                       isOK = 2;\r
+                       field_off = true;\r
+                       break;\r
+               }\r
+\r
+               if (!have_uid) { // need a full select cycle to get the uid first\r
+                       iso14a_card_select_t card_info;         \r
+                       if(!iso14443a_select_card(uid, &card_info, &cuid, true, 0)) {\r
+                               if (MF_DBGLEVEL >= 1)   Dbprintf("AcquireNonces: Can't select card (ALL)");\r
+                               continue;\r
+                       }\r
+                       switch (card_info.uidlen) {\r
+                               case 4 : cascade_levels = 1; break;\r
+                               case 7 : cascade_levels = 2; break;\r
+                               case 10: cascade_levels = 3; break;\r
+                               default: break;\r
+                       }\r
+                       have_uid = true;        \r
+               } else { // no need for anticollision. We can directly select the card\r
+                       if(!iso14443a_select_card(uid, NULL, NULL, false, cascade_levels)) {\r
+                               if (MF_DBGLEVEL >= 1)   Dbprintf("AcquireNonces: Can't select card (UID)");\r
+                               continue;\r
+                       }\r
+               }\r
+               \r
+               if (slow) {\r
+                       timeout = GetCountSspClk() + PRE_AUTHENTICATION_LEADTIME;\r
+                       while(GetCountSspClk() < timeout);\r
+               }\r
+\r
+               uint32_t nt1;\r
+               if (mifare_classic_authex(pcs, cuid, blockNo, keyType, ui64Key, AUTH_FIRST, &nt1, NULL)) {\r
+                       if (MF_DBGLEVEL >= 1)   Dbprintf("AcquireNonces: Auth1 error");\r
+                       continue;\r
+               }\r
+\r
+               // nested authentication\r
+               uint16_t len = mifare_sendcmd_short(pcs, AUTH_NESTED, 0x60 + (targetKeyType & 0x01), targetBlockNo, receivedAnswer, par_enc, NULL);\r
+               if (len != 4) {\r
+                       if (MF_DBGLEVEL >= 1)   Dbprintf("AcquireNonces: Auth2 error len=%d", len);\r
+                       continue;\r
+               }\r
+       \r
+               // send a dummy byte as reader response in order to trigger the cards authentication timeout\r
+               uint8_t dummy_answer = 0;\r
+               ReaderTransmit(&dummy_answer, 1, NULL);\r
+               timeout = GetCountSspClk() + AUTHENTICATION_TIMEOUT;\r
+               \r
+               num_nonces++;\r
+               if (num_nonces % 2) {\r
+                       memcpy(buf+i, receivedAnswer, 4);\r
+                       nt_par_enc = par_enc[0] & 0xf0;\r
+               } else {\r
+                       nt_par_enc |= par_enc[0] >> 4;\r
+                       memcpy(buf+i+4, receivedAnswer, 4);\r
+                       memcpy(buf+i+8, &nt_par_enc, 1);\r
+                       i += 9;\r
+               }\r
+\r
+               // wait for the card to become ready again\r
+               while(GetCountSspClk() < timeout);\r
+       \r
+       }\r
+\r
+       LED_C_OFF();\r
+       \r
+       crypto1_destroy(pcs);\r
+       \r
+       LED_B_ON();\r
+       cmd_send(CMD_ACK, isOK, cuid, num_nonces, buf, sizeof(buf));\r
+       LED_B_OFF();\r
+\r
+       if (MF_DBGLEVEL >= 3)   DbpString("AcquireEncryptedNonces finished");\r
+\r
+       if (field_off) {\r
+               FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
+               LEDsoff();\r
+       }\r
 }\r
 \r
 \r
@@ -672,7 +807,7 @@ void MifareNested(uint32_t arg0, uint32_t arg1, uint32_t calibrate, uint8_t *dat
                                continue;\r
                        }\r
 \r
-                       if(!iso14443a_select_card(uid, NULL, &cuid)) {\r
+                       if(!iso14443a_select_card(uid, NULL, &cuid, true, 0)) {\r
                                if (MF_DBGLEVEL >= 1)   Dbprintf("Nested: Can't select card");\r
                                rtr--;\r
                                continue;\r
@@ -746,7 +881,7 @@ void MifareNested(uint32_t arg0, uint32_t arg1, uint32_t calibrate, uint8_t *dat
                                continue;\r
                        }\r
 \r
-                       if(!iso14443a_select_card(uid, NULL, &cuid)) {\r
+                       if(!iso14443a_select_card(uid, NULL, &cuid, true, 0)) {\r
                                if (MF_DBGLEVEL >= 1)   Dbprintf("Nested: Can't select card");\r
                                continue;\r
                        };\r
@@ -770,7 +905,7 @@ void MifareNested(uint32_t arg0, uint32_t arg1, uint32_t calibrate, uint8_t *dat
                        \r
                        // Parity validity check\r
                        for (j = 0; j < 4; j++) {\r
-                               par_array[j] = (oddparity(receivedAnswer[j]) != ((par[0] >> (7-j)) & 0x01));\r
+                               par_array[j] = (oddparity8(receivedAnswer[j]) != ((par[0] >> (7-j)) & 0x01));\r
                        }\r
                        \r
                        ncount = 0;\r
@@ -828,14 +963,15 @@ void MifareNested(uint32_t arg0, uint32_t arg1, uint32_t calibrate, uint8_t *dat
 //-----------------------------------------------------------------------------\r
 void MifareChkKeys(uint16_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)\r
 {\r
-  // params\r
        uint8_t blockNo = arg0 & 0xff;\r
        uint8_t keyType = (arg0 >> 8) & 0xff;\r
        bool clearTrace = arg1;\r
        uint8_t keyCount = arg2;\r
        uint64_t ui64Key = 0;\r
        \r
-       // variables\r
+       bool have_uid = false;\r
+       uint8_t cascade_levels = 0;\r
+       uint32_t timeout = 0;\r
        int i;\r
        byte_t isOK = 0;\r
        uint8_t uid[10];\r
@@ -854,30 +990,51 @@ void MifareChkKeys(uint16_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
        iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
 \r
        if (clearTrace) clear_trace();\r
-       set_tracing(TRUE);\r
+       set_tracing(true);\r
 \r
        for (i = 0; i < keyCount; i++) {\r
-               if(mifare_classic_halt(pcs, cuid)) {\r
-                       if (MF_DBGLEVEL >= 1)   Dbprintf("ChkKeys: Halt error");\r
+//             if(mifare_classic_halt(pcs, cuid)) {\r
+//                     if (MF_DBGLEVEL >= 1)   Dbprintf("ChkKeys: Halt error");\r
+//             }\r
+\r
+               // Iceman: use piwi's faster nonce collecting part in hardnested.\r
+               if (!have_uid) { // need a full select cycle to get the uid first\r
+                       iso14a_card_select_t card_info;         \r
+                       if(!iso14443a_select_card(uid, &card_info, &cuid, true, 0)) {\r
+                               if (OLD_MF_DBGLEVEL >= 1)       Dbprintf("ChkKeys: Can't select card");\r
+                               --i; // try same key once again\r
+                               continue;\r
+                       }\r
+                       switch (card_info.uidlen) {\r
+                               case 4 : cascade_levels = 1; break;\r
+                               case 7 : cascade_levels = 2; break;\r
+                               case 10: cascade_levels = 3; break;\r
+                               default: break;\r
+                       }\r
+                       have_uid = true;        \r
+               } else { // no need for anticollision. We can directly select the card\r
+                       if(!iso14443a_select_card(uid, NULL, NULL, false, cascade_levels)) {\r
+                               if (OLD_MF_DBGLEVEL >= 1)       Dbprintf("ChkKeys: Can't select card (UID)");\r
+                               --i; // try same key once again\r
+                               continue;\r
+                       }\r
                }\r
 \r
-               if(!iso14443a_select_card(uid, NULL, &cuid)) {\r
-                       if (OLD_MF_DBGLEVEL >= 1)       Dbprintf("ChkKeys: Can't select card");\r
-                       break;\r
-               };\r
-\r
                ui64Key = bytes_to_num(datain + i * 6, 6);\r
                if(mifare_classic_auth(pcs, cuid, blockNo, keyType, ui64Key, AUTH_FIRST)) {\r
+                       uint8_t dummy_answer = 0;\r
+                       ReaderTransmit(&dummy_answer, 1, NULL);\r
+                       timeout = GetCountSspClk() + AUTHENTICATION_TIMEOUT;\r
+                       \r
+                       // wait for the card to become ready again\r
+                       while(GetCountSspClk() < timeout);\r
                        continue;\r
-               };\r
+               }\r
                \r
                isOK = 1;\r
                break;\r
        }\r
        \r
-       //  ----------------------------- crypto1 destroy\r
-       crypto1_destroy(pcs);\r
-       \r
        LED_B_ON();\r
     cmd_send(CMD_ACK,isOK,0,0,datain + i * 6,6);\r
        LED_B_OFF();\r
@@ -954,7 +1111,7 @@ void MifareECardLoad(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datai
        \r
        bool isOK = true;\r
 \r
-       if(!iso14443a_select_card(uid, NULL, &cuid)) {\r
+       if(!iso14443a_select_card(uid, NULL, &cuid, true, 0)) {\r
                isOK = false;\r
                if (MF_DBGLEVEL >= 1)   Dbprintf("Can't select card");\r
        }\r
@@ -1047,14 +1204,14 @@ void MifareCSetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datai
                iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
        \r
                clear_trace();\r
-               set_tracing(TRUE);\r
+               set_tracing(true);\r
        }\r
 \r
        while (true) {\r
 \r
                // get UID from chip\r
                if (workFlags & 0x01) {\r
-                       if(!iso14443a_select_card(uid, NULL, &cuid)) {\r
+                       if(!iso14443a_select_card(uid, NULL, &cuid, true, 0)) {\r
                                if (MF_DBGLEVEL >= 1)   Dbprintf("Can't select card");\r
                                break;\r
                        };\r
@@ -1166,7 +1323,7 @@ void MifareCGetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datai
                iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
 \r
                clear_trace();\r
-               set_tracing(TRUE);\r
+               set_tracing(true);\r
        }\r
 \r
        while (true) {\r
@@ -1259,7 +1416,7 @@ void Mifare_DES_Auth1(uint8_t arg0, uint8_t *datain){
        iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
        clear_trace();\r
 \r
-       int len = iso14443a_select_card(uid, NULL, &cuid);\r
+       int len = iso14443a_select_card(uid, NULL, &cuid, true, 0);\r
        if(!len) {\r
                if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card");\r
                OnError(1);\r
Proxmark3 GIT tracking
Impressum, Datenschutz