X-Git-Url: http://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/c9ad641b61c6fc5e4b77b181ad9b58b8723f56c6..930763e86d35df9e1cdd88b0ab6f034c3428c4a1:/armsrc/mifareutil.c diff --git a/armsrc/mifareutil.c b/armsrc/mifareutil.c index 48fcd57a..fdead5ee 100644 --- a/armsrc/mifareutil.c +++ b/armsrc/mifareutil.c @@ -9,16 +9,17 @@ // Work with mifare cards. //----------------------------------------------------------------------------- +#include #include "mifareutil.h" #include "proxmark3.h" #include "apps.h" #include "util.h" -#include "string.h" +#include "parity.h" #include "iso14443crc.h" #include "iso14443a.h" #include "crapto1/crapto1.h" -#include "des.h" +#include "polarssl/des.h" int MF_DBGLEVEL = MF_DBG_ALL; @@ -50,7 +51,7 @@ void mf_crypto1_encrypt(struct Crypto1State *pcs, uint8_t *data, uint16_t len, u data[i] = crypto1_byte(pcs, 0x00, 0) ^ data[i]; if((i&0x0007) == 0) par[i>>3] = 0; - par[i>>3] |= (((filter(pcs->odd) ^ oddparity(bt)) & 0x01)<<(7-(i&0x0007))); + par[i>>3] |= (((filter(pcs->odd) ^ oddparity8(bt)) & 0x01)<<(7-(i&0x0007))); } return; } @@ -99,7 +100,7 @@ int mifare_sendcmd_short(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, for (pos = 0; pos < 4; pos++) { ecmd[pos] = crypto1_byte(pcs, 0x00, 0) ^ dcmd[pos]; - par[0] |= (((filter(pcs->odd) ^ oddparity(dcmd[pos])) & 0x01) << (7-pos)); + par[0] |= (((filter(pcs->odd) ^ oddparity8(dcmd[pos])) & 0x01) << (7-pos)); } ReaderTransmitPar(ecmd, sizeof(ecmd), par, timing); @@ -193,7 +194,7 @@ int mifare_classic_authex(struct Crypto1State *pcs, uint32_t uid, uint8_t blockN for (pos = 0; pos < 4; pos++) { mf_nr_ar[pos] = crypto1_byte(pcs, nr[pos], 0) ^ nr[pos]; - par[0] |= (((filter(pcs->odd) ^ oddparity(nr[pos])) & 0x01) << (7-pos)); + par[0] |= (((filter(pcs->odd) ^ oddparity8(nr[pos])) & 0x01) << (7-pos)); } // Skip 32 bits in pseudo random generator @@ -204,7 +205,7 @@ int mifare_classic_authex(struct Crypto1State *pcs, uint32_t uid, uint8_t blockN { nt = prng_successor(nt,8); mf_nr_ar[pos] = crypto1_byte(pcs,0x00,0) ^ (nt & 0xff); - par[0] |= (((filter(pcs->odd) ^ oddparity(nt & 0xff)) & 0x01) << (7-pos)); + par[0] |= (((filter(pcs->odd) ^ oddparity8(nt)) & 0x01) << (7-pos)); } // Transmit reader nonce and reader answer @@ -289,6 +290,7 @@ int mifare_ultra_auth(uint8_t *keybytes){ /// 3des2k + des3_context ctx = { 0x00 }; uint8_t random_a[8] = {1,1,1,1,1,1,1,1}; uint8_t random_b[8] = {0x00}; uint8_t enc_random_b[8] = {0x00}; @@ -312,7 +314,16 @@ int mifare_ultra_auth(uint8_t *keybytes){ memcpy(enc_random_b,resp+1,8); // decrypt nonce. - tdes_2key_dec(random_b, enc_random_b, sizeof(random_b), key, IV ); + // tdes_2key_dec(random_b, enc_random_b, sizeof(random_b), key, IV ); + des3_set2key_dec(&ctx, key); + des3_crypt_cbc(&ctx // des3_context + , DES_DECRYPT // int mode + , sizeof(random_b) // length + , IV // iv[8] + , enc_random_b // input + , random_b // output + ); + rol(random_b,8); memcpy(rnd_ab ,random_a,8); memcpy(rnd_ab+8,random_b,8); @@ -332,7 +343,16 @@ int mifare_ultra_auth(uint8_t *keybytes){ } // encrypt out, in, length, key, iv - tdes_2key_enc(rnd_ab, rnd_ab, sizeof(rnd_ab), key, enc_random_b); + //tdes_2key_enc(rnd_ab, rnd_ab, sizeof(rnd_ab), key, enc_random_b); + des3_set2key_enc(&ctx, key); + des3_crypt_cbc(&ctx // des3_context + , DES_ENCRYPT // int mode + , sizeof(rnd_ab) // length + , enc_random_b // iv[8] + , rnd_ab // input + , rnd_ab // output + ); + //len = mifare_sendcmd_short_mfucauth(NULL, 1, 0xAF, rnd_ab, resp, respPar, NULL); len = mifare_sendcmd(0xAF, rnd_ab, sizeof(rnd_ab), resp, respPar, NULL); if (len != 11) { @@ -345,7 +365,15 @@ int mifare_ultra_auth(uint8_t *keybytes){ memcpy(enc_resp, resp+1, 8); // decrypt out, in, length, key, iv - tdes_2key_dec(resp_random_a, enc_resp, 8, key, enc_random_b); + // tdes_2key_dec(resp_random_a, enc_resp, 8, key, enc_random_b); + des3_set2key_dec(&ctx, key); + des3_crypt_cbc(&ctx // des3_context + , DES_DECRYPT // int mode + , 8 // length + , enc_random_b // iv[8] + , enc_resp // input + , resp_random_a // output + ); if ( memcmp(resp_random_a, random_a, 8) != 0 ) { if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("failed authentication"); return 0; @@ -427,7 +455,7 @@ int mifare_classic_writeblock(struct Crypto1State *pcs, uint32_t uid, uint8_t bl for (pos = 0; pos < 18; pos++) { d_block_enc[pos] = crypto1_byte(pcs, 0x00, 0) ^ d_block[pos]; - par[pos>>3] |= (((filter(pcs->odd) ^ oddparity(d_block[pos])) & 0x01) << (7 - (pos&0x0007))); + par[pos>>3] |= (((filter(pcs->odd) ^ oddparity8(d_block[pos])) & 0x01) << (7 - (pos&0x0007))); } ReaderTransmitPar(d_block_enc, sizeof(d_block_enc), par, NULL);