+ if(!iso14443a_select_card(uid, NULL, &cuid)) {
+ Dbprintf("Can't select card");
+ break;
+ };
+
+ if(mifare_classic_authex(pcs, cuid, blockNo, keyType, ui64Key, AUTH_FIRST, &nt1)) {
+ Dbprintf("Auth1 error");
+ break;
+ };
+
+ // nested authentication
+ len = mifare_sendcmd_shortex(pcs, AUTH_NESTED, 0x60 + (keyType & 0x01), targetBlockNo, receivedAnswer, &par);
+ if (len != 4) {
+ Dbprintf("Auth2 error len=%d", len);
+ break;
+ };
+
+ nt2 = bytes_to_num(receivedAnswer, 4);
+ Dbprintf("r=%d nt1=%08x nt2enc=%08x nt2par=%08x", rtr, nt1, nt2, par);
+
+// ----------------------- test
+/* uint32_t d_nt, d_ks1, d_ks2, d_ks3, reader_challenge;
+ byte_t ar[4];
+
+ ar[0] = 0x55;
+ ar[1] = 0x41;
+ ar[2] = 0x49;
+ ar[3] = 0x92;
+
+ crypto1_destroy(pcs);
+ crypto1_create(pcs, ui64Key);
+
+ // decrypt nt with help of new key
+ d_nt = crypto1_word(pcs, nt2 ^ cuid, 1) ^ nt2;
+
+ reader_challenge = d_nt;//(uint32_t)bytes_to_num(ar, 4);
+ d_ks1 = crypto1_word(pcs, reader_challenge, 0);
+ d_ks2 = crypto1_word(pcs, 0, 0);
+ d_ks3 = crypto1_word(pcs, 0,0);
+
+ Dbprintf("TST: ks1=%08x nt=%08x", d_ks1, d_nt);*/
+// ----------------------- test
+
+ // Parity validity check
+ for (i = 0; i < 4; i++) {
+ par_array[i] = (oddparity(receivedAnswer[i]) != ((par & 0x08) >> 3));
+ par = par << 1;
+ }
+
+ ncount = 0;
+ for (m = dmin - 10; m < dmax + 10; m++) {
+ nttest = prng_successor(nt1, m);
+ ks1 = nt2 ^ nttest;
+
+//-------------------------------------- test
+/* if (nttest == d_nt){
+ Dbprintf("nttest=d_nt! m=%d ks1=%08x nttest=%08x", m, ks1, nttest);
+ }*/
+//-------------------------------------- test
+ if (valid_nonce(nttest, nt2, ks1, par_array) && (ncount < 11)){
+
+ nvector[2][ncount].nt = nttest;
+ nvector[2][ncount].ks1 = ks1;
+ ncount++;
+ nvectorcount[2] = ncount;
+
+ Dbprintf("valid m=%d ks1=%08x nttest=%08x", m, ks1, nttest);
+ }