X-Git-Url: http://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/b19bd5d6898f929de30e9110e011204a6c5622ad..7314995a5a3979452d5a104dc243460dfa945ffd:/client/nonce2key/nonce2key.c diff --git a/client/nonce2key/nonce2key.c b/client/nonce2key/nonce2key.c index 7c63722d..9abc814b 100644 --- a/client/nonce2key/nonce2key.c +++ b/client/nonce2key/nonce2key.c @@ -38,7 +38,7 @@ int nonce2key(uint32_t uid, uint32_t nt, uint32_t nr, uint64_t par_info, uint64_ static int64_t *last_keylist; rr = 0; - if (last_uid != uid) + if (last_uid != uid && last_keylist != NULL) { free(last_keylist); last_keylist = NULL; @@ -48,7 +48,7 @@ int nonce2key(uint32_t uid, uint32_t nt, uint32_t nr, uint64_t par_info, uint64_ // Reset the last three significant bits of the reader nonce nr &= 0xffffff1f; - PrintAndLog("\nuid(%08x) nt(%08x) par(%016"llx") ks(%016"llx")\n\n",uid,nt,par_info,ks_info); + PrintAndLog("\nuid(%08x) nt(%08x) par(%016"llx") ks(%016"llx") nr(%08"llx")\n\n",uid,nt,par_info,ks_info,nr); for (pos=0; pos<8; pos++) { @@ -105,7 +105,7 @@ int nonce2key(uint32_t uid, uint32_t nt, uint32_t nr, uint64_t par_info, uint64_ p2 = state_s; while ( *p1 != -1 && *p2 != -1 ) { if (compar_state(p1, p2) == 0) { - printf("p1:%d p2:%d p3:%d key:%012llx\n",p1-last_keylist, p2-state_s, p3-last_keylist,*p1); + printf("p1:%"llx" p2:%"llx" p3:%"llx" key:%012"llx"\n",(uint64_t)(p1-last_keylist),(uint64_t)(p2-state_s),(uint64_t)(p3-last_keylist),*p1); *p3++ = *p1++; p2++; } @@ -125,7 +125,7 @@ int nonce2key(uint32_t uid, uint32_t nt, uint32_t nr, uint64_t par_info, uint64_ } printf("key_count:%d\n", key_count); - + // The list may still contain several key candidates. Test each of them with mfCheckKeys for (i = 0; i < key_count; i++) { uint8_t keyBlock[6]; @@ -133,7 +133,7 @@ int nonce2key(uint32_t uid, uint32_t nt, uint32_t nr, uint64_t par_info, uint64_ key64 = *(last_keylist + i); num_to_bytes(key64, 6, keyBlock); key64 = 0; - if (!mfCheckKeys(0, 0, 1, keyBlock, &key64)) { + if (!mfCheckKeys(0, 0, false, 1, keyBlock, &key64)) { *key = key64; free(last_keylist); last_keylist = NULL; @@ -149,3 +149,45 @@ int nonce2key(uint32_t uid, uint32_t nt, uint32_t nr, uint64_t par_info, uint64_ return 1; } + +// 32 bit recover key from 2 nonces +uint64_t mfkey32(uint32_t uid, uint32_t nt, uint32_t nr0_enc, uint32_t ar0_enc, uint32_t nr1_enc, uint32_t ar1_enc) { + struct Crypto1State *s,*t; + uint64_t key=0; // recovered key + /*uint32_t uid; // serial number + uint32_t nt; // tag challenge + uint32_t nr0_enc; // first encrypted reader challenge + uint32_t ar0_enc; // first encrypted reader response + uint32_t nr1_enc; // second encrypted reader challenge + uint32_t ar1_enc; // second encrypted reader response + */ + uint8_t found=0; + //uint32_t ks2; // keystream used to encrypt reader response + + // Generate lfsr succesors of the tag challenge + prng_successor(nt, 64); + prng_successor(nt, 96); + + // Extract the keystream from the messages + //ks2 = ar0_enc ^ prng_successor(nt, 64); + + s = lfsr_recovery32(ar0_enc ^ prng_successor(nt, 64), 0); + + for(t = s; t->odd | t->even; ++t) { + lfsr_rollback_word(t, 0, 0); + lfsr_rollback_word(t, nr0_enc, 1); + lfsr_rollback_word(t, uid ^ nt, 0); + crypto1_get_lfsr(t, &key); + crypto1_word(t, uid ^ nt, 0); + crypto1_word(t, nr1_enc, 1); + if (ar1_enc == (crypto1_word(t, 0, 0) ^ prng_successor(nt, 64))) { + //printf("\nFound Key: [%012"llx"]\n\n",key); + found = 1; + break; + } + } + free(s); + + if (found) return key; + return 0; +}