X-Git-Url: http://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/cee5a30d53c7aff4c4830eae53eaf58414ecf806..873014de8a4be0f68524531cc90fe6c1dfdffded:/armsrc/iso14443a.c diff --git a/armsrc/iso14443a.c b/armsrc/iso14443a.c index 1c5e9265..9e1eea54 100644 --- a/armsrc/iso14443a.c +++ b/armsrc/iso14443a.c @@ -1,4 +1,5 @@ //----------------------------------------------------------------------------- +// Merlok - June 2011 // Gerhard de Koning Gans - May 2008 // Hagen Fritsch - June 2010 // @@ -16,6 +17,8 @@ #include "iso14443crc.h" #include "iso14443a.h" +#include "crapto1.h" +#include "mifareutil.h" static uint8_t *trace = (uint8_t *) BigBuf; static int traceLen = 0; @@ -73,6 +76,11 @@ void iso14a_set_trigger(int enable) { // Generate the parity value for a byte sequence // //----------------------------------------------------------------------------- +byte_t oddparity (const byte_t bt) +{ + return OddByteParity[bt]; +} + uint32_t GetParity(const uint8_t * pbtCmd, int iLen) { int i; @@ -1140,10 +1148,11 @@ ComputeCrc14443(CRC_14443_A, response3a, 1, &response3a[1], &response3a[2]); receivedCmd[0], receivedCmd[1], receivedCmd[2]); } else { // Never seen this command before - Dbprintf("Unknown command received from reader: %x %x %x %x %x %x %x %x %x", + Dbprintf("Unknown command received from reader (len=%d): %x %x %x %x %x %x %x %x %x", + len, receivedCmd[0], receivedCmd[1], receivedCmd[2], - receivedCmd[3], receivedCmd[3], receivedCmd[4], - receivedCmd[5], receivedCmd[6], receivedCmd[7]); + receivedCmd[3], receivedCmd[4], receivedCmd[5], + receivedCmd[6], receivedCmd[7], receivedCmd[8]); // Do not respond resp = resp1; respLen = 0; order = 0; } @@ -1478,8 +1487,18 @@ void ReaderTransmit(uint8_t* frame, int len) int ReaderReceive(uint8_t* receivedAnswer) { int samples = 0; - if (!GetIso14443aAnswerFromTag(receivedAnswer,100,&samples,0)) return FALSE; + if (!GetIso14443aAnswerFromTag(receivedAnswer,160,&samples,0)) return FALSE; + if (tracing) LogTrace(receivedAnswer,Demod.len,samples,Demod.parityBits,FALSE); + if(samples == 0) return FALSE; + return Demod.len; +} + +int ReaderReceivePar(uint8_t* receivedAnswer, uint32_t * parptr) +{ + int samples = 0; + if (!GetIso14443aAnswerFromTag(receivedAnswer,160,&samples,0)) return FALSE; if (tracing) LogTrace(receivedAnswer,Demod.len,samples,Demod.parityBits,FALSE); + *parptr = Demod.parityBits; if(samples == 0) return FALSE; return Demod.len; } @@ -1487,19 +1506,21 @@ int ReaderReceive(uint8_t* receivedAnswer) /* performs iso14443a anticolision procedure * fills the uid pointer unless NULL * fills resp_data unless NULL */ -int iso14443a_select_card(uint8_t * uid_ptr, iso14a_card_select_t * resp_data) { - uint8_t wupa[] = { 0x52 }; +int iso14443a_select_card(uint8_t * uid_ptr, iso14a_card_select_t * resp_data, uint32_t * cuid_ptr) { + uint8_t wupa[] = { 0x52 }; // 0x26 - REQA 0x52 - WAKE-UP uint8_t sel_all[] = { 0x93,0x20 }; uint8_t sel_uid[] = { 0x93,0x70,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }; uint8_t rats[] = { 0xE0,0x80,0x00,0x00 }; // FSD=256, FSDI=8, CID=0 uint8_t* resp = (((uint8_t *)BigBuf) + 3560); // was 3560 - tied to other size changes - uint8_t* uid = resp + 7; uint8_t sak = 0x04; // cascade uid int cascade_level = 0; int len; + + // clear uid + memset(uid_ptr, 0, 8); // Broadcast for a card, WUPA (0x52) will force response from all cards in the field ReaderTransmitShort(wupa); @@ -1509,9 +1530,6 @@ int iso14443a_select_card(uint8_t * uid_ptr, iso14a_card_select_t * resp_data) { if(resp_data) memcpy(resp_data->atqa, resp, 2); - ReaderTransmit(sel_all,sizeof(sel_all)); - if(!ReaderReceive(uid)) return 0; - // OK we will select at least at cascade 1, lets see if first byte of UID was 0x88 in // which case we need to make a cascade 2 request and select - this is a long UID // While the UID is not complete, the 3nd bit (from the right) is set in the SAK. @@ -1524,6 +1542,9 @@ int iso14443a_select_card(uint8_t * uid_ptr, iso14a_card_select_t * resp_data) { ReaderTransmit(sel_all,sizeof(sel_all)); if (!ReaderReceive(resp)) return 0; if(uid_ptr) memcpy(uid_ptr + cascade_level*4, resp, 4); + + // calculate crypto UID + if(cuid_ptr) *cuid_ptr = bytes_to_num(resp, 4); // Construct SELECT UID command memcpy(sel_uid+2,resp,5); @@ -1538,19 +1559,26 @@ int iso14443a_select_card(uint8_t * uid_ptr, iso14a_card_select_t * resp_data) { resp_data->sak = sak; resp_data->ats_len = 0; } + //-- this byte not UID, it CT. http://www.nxp.com/documents/application_note/AN10927.pdf page 3 + if (uid_ptr[0] == 0x88) { + memcpy(uid_ptr, uid_ptr + 1, 7); + uid_ptr[7] = 0; + } if( (sak & 0x20) == 0) return 2; // non iso14443a compliant tag // Request for answer to select - AppendCrc14443a(rats, 2); - ReaderTransmit(rats, sizeof(rats)); - if (!(len = ReaderReceive(resp))) return 0; - if(resp_data) { + if(resp_data) { // JCOP cards - if reader sent RATS then there is no MIFARE session at all!!! + AppendCrc14443a(rats, 2); + ReaderTransmit(rats, sizeof(rats)); + + if (!(len = ReaderReceive(resp))) return 0; + memcpy(resp_data->ats, resp, sizeof(resp_data->ats)); resp_data->ats_len = len; } - + return 1; } @@ -1604,7 +1632,7 @@ void ReaderIso14443a(UsbCommand * c, UsbCommand * ack) if(param & ISO14A_CONNECT) { iso14443a_setup(); - ack->arg[0] = iso14443a_select_card(ack->d.asBytes, (iso14a_card_select_t *) (ack->d.asBytes+12)); + ack->arg[0] = iso14443a_select_card(ack->d.asBytes, (iso14a_card_select_t *) (ack->d.asBytes+12), NULL); UsbSendPacket((void *)ack, sizeof(UsbCommand)); } @@ -1647,11 +1675,146 @@ void ReaderMifare(uint32_t parameter) { // Mifare AUTH uint8_t mf_auth[] = { 0x60,0x00,0xf5,0x7b }; - uint8_t mf_nr_ar[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }; + uint8_t mf_nr_ar[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }; - uint8_t* receivedAnswer = (((uint8_t *)BigBuf) + 3560); // was 3560 - tied to other size changes - traceLen = 0; - tracing = false; + uint8_t* receivedAnswer = (((uint8_t *)BigBuf) + 3560); // was 3560 - tied to other size changes + traceLen = 0; + tracing = false; + + iso14443a_setup(); + + LED_A_ON(); + LED_B_OFF(); + LED_C_OFF(); + + byte_t nt_diff = 0; + LED_A_OFF(); + byte_t par = 0; + byte_t par_mask = 0xff; + byte_t par_low = 0; + int led_on = TRUE; + uint8_t uid[8]; + uint32_t cuid; + + tracing = FALSE; + byte_t nt[4] = {0,0,0,0}; + byte_t nt_attacked[4], nt_noattack[4]; + byte_t par_list[8] = {0,0,0,0,0,0,0,0}; + byte_t ks_list[8] = {0,0,0,0,0,0,0,0}; + num_to_bytes(parameter, 4, nt_noattack); + int isOK = 0, isNULL = 0; + + while(TRUE) + { + LED_C_ON(); + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + SpinDelay(200); + FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_ISO14443A | FPGA_HF_ISO14443A_READER_MOD); + LED_C_OFF(); + + // Test if the action was cancelled + if(BUTTON_PRESS()) { + break; + } + + if(!iso14443a_select_card(uid, NULL, &cuid)) continue; + + // Transmit MIFARE_CLASSIC_AUTH + ReaderTransmit(mf_auth, sizeof(mf_auth)); + + // Receive the (16 bit) "random" nonce + if (!ReaderReceive(receivedAnswer)) continue; + memcpy(nt, receivedAnswer, 4); + + // Transmit reader nonce and reader answer + ReaderTransmitPar(mf_nr_ar, sizeof(mf_nr_ar),par); + + // Receive 4 bit answer + if (ReaderReceive(receivedAnswer)) + { + if ( (parameter != 0) && (memcmp(nt, nt_noattack, 4) == 0) ) continue; + + isNULL = (nt_attacked[0] = 0) && (nt_attacked[1] = 0) && (nt_attacked[2] = 0) && (nt_attacked[3] = 0); + if ( (isNULL != 0 ) && (memcmp(nt, nt_attacked, 4) != 0) ) continue; + + if (nt_diff == 0) + { + LED_A_ON(); + memcpy(nt_attacked, nt, 4); + par_mask = 0xf8; + par_low = par & 0x07; + } + + led_on = !led_on; + if(led_on) LED_B_ON(); else LED_B_OFF(); + par_list[nt_diff] = par; + ks_list[nt_diff] = receivedAnswer[0] ^ 0x05; + + // Test if the information is complete + if (nt_diff == 0x07) { + isOK = 1; + break; + } + + nt_diff = (nt_diff + 1) & 0x07; + mf_nr_ar[3] = nt_diff << 5; + par = par_low; + } else { + if (nt_diff == 0) + { + par++; + } else { + par = (((par >> 3) + 1) << 3) | par_low; + } + } + } + + LogTrace(nt, 4, 0, GetParity(nt, 4), TRUE); + LogTrace(par_list, 8, 0, GetParity(par_list, 8), TRUE); + LogTrace(ks_list, 8, 0, GetParity(ks_list, 8), TRUE); + + UsbCommand ack = {CMD_ACK, {isOK, 0, 0}}; + memcpy(ack.d.asBytes + 0, uid, 4); + memcpy(ack.d.asBytes + 4, nt, 4); + memcpy(ack.d.asBytes + 8, par_list, 8); + memcpy(ack.d.asBytes + 16, ks_list, 8); + + LED_B_ON(); + UsbSendPacket((uint8_t *)&ack, sizeof(UsbCommand)); + LED_B_OFF(); + + // Thats it... + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + LEDsoff(); + tracing = TRUE; + + if (MF_DBGLEVEL >= 1) DbpString("COMMAND mifare FINISHED"); +} + +//----------------------------------------------------------------------------- +// Select, Authenticaate, Read an MIFARE tag. +// read block +//----------------------------------------------------------------------------- +void MifareReadBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) +{ + // params + uint8_t blockNo = arg0; + uint8_t keyType = arg1; + uint64_t ui64Key = 0; + ui64Key = bytes_to_num(datain, 6); + + // variables + byte_t isOK = 0; + byte_t dataoutbuf[16]; + uint8_t uid[8]; + uint32_t cuid; + struct Crypto1State mpcs = {0, 0}; + struct Crypto1State *pcs; + pcs = &mpcs; + + // clear trace + traceLen = 0; +// tracing = false; iso14443a_setup(); @@ -1659,24 +1822,302 @@ void ReaderMifare(uint32_t parameter) LED_B_OFF(); LED_C_OFF(); - byte_t nt_diff = 0; - LED_A_OFF(); - byte_t par = 0; - byte_t par_mask = 0xff; - byte_t par_low = 0; - int led_on = TRUE; - - tracing = FALSE; - byte_t nt[4]; - byte_t nt_attacked[4]; - byte_t par_list[8]; - byte_t ks_list[8]; - num_to_bytes(parameter,4,nt_attacked); - - while(TRUE) - { + while (true) { + if(!iso14443a_select_card(uid, NULL, &cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); + break; + }; + + if(mifare_classic_auth(pcs, cuid, blockNo, keyType, ui64Key, AUTH_FIRST)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Auth error"); + break; + }; + + if(mifare_classic_readblock(pcs, cuid, blockNo, dataoutbuf)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Read block error"); + break; + }; + + if(mifare_classic_halt(pcs, cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); + break; + }; + + isOK = 1; + break; + } + + // ----------------------------- crypto1 destroy + crypto1_destroy(pcs); + + if (MF_DBGLEVEL >= 2) DbpString("READ BLOCK FINISHED"); + + // add trace trailer + uid[0] = 0xff; + uid[1] = 0xff; + uid[2] = 0xff; + uid[3] = 0xff; + LogTrace(uid, 4, 0, 0, TRUE); + + UsbCommand ack = {CMD_ACK, {isOK, 0, 0}}; + memcpy(ack.d.asBytes, dataoutbuf, 16); + + LED_B_ON(); + UsbSendPacket((uint8_t *)&ack, sizeof(UsbCommand)); + LED_B_OFF(); + + + // Thats it... + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + LEDsoff(); +// tracing = TRUE; + +} + +//----------------------------------------------------------------------------- +// Select, Authenticaate, Read an MIFARE tag. +// read sector (data = 4 x 16 bytes = 64 bytes) +//----------------------------------------------------------------------------- +void MifareReadSector(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) +{ + // params + uint8_t sectorNo = arg0; + uint8_t keyType = arg1; + uint64_t ui64Key = 0; + ui64Key = bytes_to_num(datain, 6); + + // variables + byte_t isOK = 0; + byte_t dataoutbuf[16 * 4]; + uint8_t uid[8]; + uint32_t cuid; + struct Crypto1State mpcs = {0, 0}; + struct Crypto1State *pcs; + pcs = &mpcs; + + // clear trace + traceLen = 0; +// tracing = false; + + iso14443a_setup(); + + LED_A_ON(); + LED_B_OFF(); + LED_C_OFF(); + + while (true) { + if(!iso14443a_select_card(uid, NULL, &cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); + break; + }; + + if(mifare_classic_auth(pcs, cuid, sectorNo * 4, keyType, ui64Key, AUTH_FIRST)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Auth error"); + break; + }; + + if(mifare_classic_readblock(pcs, cuid, sectorNo * 4 + 0, dataoutbuf + 16 * 0)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Read block 0 error"); + break; + }; + if(mifare_classic_readblock(pcs, cuid, sectorNo * 4 + 1, dataoutbuf + 16 * 1)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Read block 1 error"); + break; + }; + if(mifare_classic_readblock(pcs, cuid, sectorNo * 4 + 2, dataoutbuf + 16 * 2)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Read block 2 error"); + break; + }; + if(mifare_classic_readblock(pcs, cuid, sectorNo * 4 + 3, dataoutbuf + 16 * 3)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Read block 3 error"); + break; + }; + + if(mifare_classic_halt(pcs, cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); + break; + }; + + isOK = 1; + break; + } + + // ----------------------------- crypto1 destroy + crypto1_destroy(pcs); + + if (MF_DBGLEVEL >= 2) DbpString("READ SECTOR FINISHED"); + + // add trace trailer + uid[0] = 0xff; + uid[1] = 0xff; + uid[2] = 0xff; + uid[3] = 0xff; + LogTrace(uid, 4, 0, 0, TRUE); + + UsbCommand ack = {CMD_ACK, {isOK, 0, 0}}; + memcpy(ack.d.asBytes, dataoutbuf, 16 * 2); + + LED_B_ON(); + UsbSendPacket((uint8_t *)&ack, sizeof(UsbCommand)); + + SpinDelay(100); + + memcpy(ack.d.asBytes, dataoutbuf + 16 * 2, 16 * 2); + UsbSendPacket((uint8_t *)&ack, sizeof(UsbCommand)); + LED_B_OFF(); + + // Thats it... + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + LEDsoff(); +// tracing = TRUE; + +} + +//----------------------------------------------------------------------------- +// Select, Authenticaate, Read an MIFARE tag. +// read block +//----------------------------------------------------------------------------- +void MifareWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) +{ + // params + uint8_t blockNo = arg0; + uint8_t keyType = arg1; + uint64_t ui64Key = 0; + byte_t blockdata[16]; + + ui64Key = bytes_to_num(datain, 6); + memcpy(blockdata, datain + 10, 16); + + // variables + byte_t isOK = 0; + uint8_t uid[8]; + uint32_t cuid; + struct Crypto1State mpcs = {0, 0}; + struct Crypto1State *pcs; + pcs = &mpcs; + + // clear trace + traceLen = 0; +// tracing = false; + + iso14443a_setup(); + + LED_A_ON(); + LED_B_OFF(); + LED_C_OFF(); + + while (true) { + if(!iso14443a_select_card(uid, NULL, &cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); + break; + }; + + if(mifare_classic_auth(pcs, cuid, blockNo, keyType, ui64Key, AUTH_FIRST)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Auth error"); + break; + }; + + if(mifare_classic_writeblock(pcs, cuid, blockNo, blockdata)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Write block error"); + break; + }; + + if(mifare_classic_halt(pcs, cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); + break; + }; + + isOK = 1; + break; + } + + // ----------------------------- crypto1 destroy + crypto1_destroy(pcs); + + if (MF_DBGLEVEL >= 2) DbpString("WRITE BLOCK FINISHED"); + + // add trace trailer + uid[0] = 0xff; + uid[1] = 0xff; + uid[2] = 0xff; + uid[3] = 0xff; + LogTrace(uid, 4, 0, 0, TRUE); + + UsbCommand ack = {CMD_ACK, {isOK, 0, 0}}; + + LED_B_ON(); + UsbSendPacket((uint8_t *)&ack, sizeof(UsbCommand)); + LED_B_OFF(); + + + // Thats it... + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + LEDsoff(); +// tracing = TRUE; + +} + +// Return 1 if the nonce is invalid else return 0 +int valid_nonce(uint32_t Nt, uint32_t NtEnc, uint32_t Ks1, byte_t * parity) { + return ((oddparity((Nt >> 24) & 0xFF) == ((parity[0]) ^ oddparity((NtEnc >> 24) & 0xFF) ^ BIT(Ks1,16))) & \ + (oddparity((Nt >> 16) & 0xFF) == ((parity[1]) ^ oddparity((NtEnc >> 16) & 0xFF) ^ BIT(Ks1,8))) & \ + (oddparity((Nt >> 8) & 0xFF) == ((parity[2]) ^ oddparity((NtEnc >> 8) & 0xFF) ^ BIT(Ks1,0)))) ? 1 : 0; +} + + +//----------------------------------------------------------------------------- +// MIFARE nested authentication. +// +//----------------------------------------------------------------------------- +void MifareNested(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain) +{ + // params + uint8_t blockNo = arg0; + uint8_t keyType = arg1; + uint8_t targetBlockNo = arg2 & 0xff; + uint8_t targetKeyType = (arg2 >> 8) & 0xff; + uint64_t ui64Key = 0; + + ui64Key = bytes_to_num(datain, 6); + + // variables + int rtr, i, j, m, len; + int davg, dmin, dmax; + uint8_t uid[8]; + uint32_t cuid, nt1, nt2, nttmp, nttest, par, ks1; + uint8_t par_array[4]; + nestedVector nvector[NES_MAX_INFO + 1][10]; + int nvectorcount[NES_MAX_INFO + 1]; + int ncount = 0; + UsbCommand ack = {CMD_ACK, {0, 0, 0}}; + struct Crypto1State mpcs = {0, 0}; + struct Crypto1State *pcs; + pcs = &mpcs; + uint8_t* receivedAnswer = mifare_get_bigbufptr(); + + //init + for (i = 0; i < NES_MAX_INFO + 1; i++) nvectorcount[i] = 11; // 11 - empty block; + + // clear trace + traceLen = 0; + tracing = false; + + iso14443a_setup(); + + LED_A_ON(); + LED_B_ON(); + LED_C_OFF(); + + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + SpinDelay(200); + + davg = dmax = 0; + dmin = 2000; + + // test nonce distance + for (rtr = 0; rtr < 10; rtr++) { FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); - SpinDelay(200); + SpinDelay(100); FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_ISO14443A | FPGA_HF_ISO14443A_READER_MOD); // Test if the action was cancelled @@ -1684,58 +2125,303 @@ void ReaderMifare(uint32_t parameter) break; } - if(!iso14443a_select_card(NULL, NULL)) continue; + if(!iso14443a_select_card(uid, NULL, &cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); + break; + }; + + if(mifare_classic_authex(pcs, cuid, blockNo, keyType, ui64Key, AUTH_FIRST, &nt1)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Auth1 error"); + break; + }; + + if(mifare_classic_authex(pcs, cuid, blockNo, keyType, ui64Key, AUTH_NESTED, &nt2)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Auth2 error"); + break; + }; + + nttmp = prng_successor(nt1, 500); + for (i = 501; i < 2000; i++) { + nttmp = prng_successor(nttmp, 1); + if (nttmp == nt2) break; + } + + if (i != 2000) { + davg += i; + if (dmin > i) dmin = i; + if (dmax < i) dmax = i; + if (MF_DBGLEVEL >= 4) Dbprintf("r=%d nt1=%08x nt2=%08x distance=%d", rtr, nt1, nt2, i); + } + } + + if (rtr == 0) return; - // Transmit MIFARE_CLASSIC_AUTH - ReaderTransmit(mf_auth,sizeof(mf_auth)); + davg = davg / rtr; + if (MF_DBGLEVEL >= 3) Dbprintf("distance: min=%d max=%d avg=%d", dmin, dmax, davg); - // Receive the (16 bit) "random" nonce - if (!ReaderReceive(receivedAnswer)) continue; - memcpy(nt,receivedAnswer,4); + LED_B_OFF(); - // Transmit reader nonce and reader answer - ReaderTransmitPar(mf_nr_ar,sizeof(mf_nr_ar),par); +// ------------------------------------------------------------------------------------------------- + + LED_C_ON(); - // Receive 4 bit answer - if (ReaderReceive(receivedAnswer)) - { - if (nt_diff == 0) - { - LED_A_ON(); - memcpy(nt_attacked,nt,4); - par_mask = 0xf8; - par_low = par & 0x07; - } + // get crypted nonces for target sector + for (rtr = 0; rtr < NS_RETRIES_GETNONCE; rtr++) { + if (MF_DBGLEVEL >= 4) Dbprintf("------------------------------"); - if (memcmp(nt,nt_attacked,4) != 0) continue; + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + SpinDelay(100); + FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_ISO14443A | FPGA_HF_ISO14443A_READER_MOD); - led_on = !led_on; - if(led_on) LED_B_ON(); else LED_B_OFF(); - par_list[nt_diff] = par; - ks_list[nt_diff] = receivedAnswer[0]^0x05; + // Test if the action was cancelled + if(BUTTON_PRESS()) { + break; + } - // Test if the information is complete - if (nt_diff == 0x07) break; + if(!iso14443a_select_card(uid, NULL, &cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); + break; + }; + + if(mifare_classic_authex(pcs, cuid, blockNo, keyType, ui64Key, AUTH_FIRST, &nt1)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Auth1 error"); + break; + }; + + // nested authentication + len = mifare_sendcmd_shortex(pcs, AUTH_NESTED, 0x60 + (targetKeyType & 0x01), targetBlockNo, receivedAnswer, &par); + if (len != 4) { + if (MF_DBGLEVEL >= 1) Dbprintf("Auth2 error len=%d", len); + break; + }; + + nt2 = bytes_to_num(receivedAnswer, 4); + if (MF_DBGLEVEL >= 4) Dbprintf("r=%d nt1=%08x nt2enc=%08x nt2par=%08x", rtr, nt1, nt2, par); + + // Parity validity check + for (i = 0; i < 4; i++) { + par_array[i] = (oddparity(receivedAnswer[i]) != ((par & 0x08) >> 3)); + par = par << 1; + } + + ncount = 0; + for (m = dmin - NS_TOLERANCE; m < dmax + NS_TOLERANCE; m++) { + nttest = prng_successor(nt1, m); + ks1 = nt2 ^ nttest; + + if (valid_nonce(nttest, nt2, ks1, par_array) && (ncount < 11)){ + + nvector[NES_MAX_INFO][ncount].nt = nttest; + nvector[NES_MAX_INFO][ncount].ks1 = ks1; + ncount++; + nvectorcount[NES_MAX_INFO] = ncount; + if (MF_DBGLEVEL >= 4) Dbprintf("valid m=%d ks1=%08x nttest=%08x", m, ks1, nttest); + } - nt_diff = (nt_diff+1) & 0x07; - mf_nr_ar[3] = nt_diff << 5; - par = par_low; - } else { - if (nt_diff == 0) - { - par++; - } else { - par = (((par>>3)+1) << 3) | par_low; - } - } - } + } + + // select vector with length less than got + if (nvectorcount[NES_MAX_INFO] != 0) { + m = NES_MAX_INFO; + + for (i = 0; i < NES_MAX_INFO; i++) + if (nvectorcount[i] > 10) { + m = i; + break; + } + + if (m == NES_MAX_INFO) + for (i = 0; i < NES_MAX_INFO; i++) + if (nvectorcount[NES_MAX_INFO] < nvectorcount[i]) { + m = i; + break; + } + + if (m != NES_MAX_INFO) { + for (i = 0; i < nvectorcount[m]; i++) { + nvector[m][i] = nvector[NES_MAX_INFO][i]; + } + nvectorcount[m] = nvectorcount[NES_MAX_INFO]; + } + } + } + + LED_C_OFF(); + + // ----------------------------- crypto1 destroy + crypto1_destroy(pcs); + + // add trace trailer + uid[0] = 0xff; + uid[1] = 0xff; + uid[2] = 0xff; + uid[3] = 0xff; + LogTrace(uid, 4, 0, 0, TRUE); + + for (i = 0; i < NES_MAX_INFO; i++) { + if (nvectorcount[i] > 10) continue; + + for (j = 0; j < nvectorcount[i]; j += 5) { + ncount = nvectorcount[i] - j; + if (ncount > 5) ncount = 5; + + ack.arg[0] = 0; // isEOF = 0 + ack.arg[1] = ncount; + ack.arg[2] = targetBlockNo + (targetKeyType * 0x100); + memset(ack.d.asBytes, 0x00, sizeof(ack.d.asBytes)); + + memcpy(ack.d.asBytes, &cuid, 4); + for (m = 0; m < ncount; m++) { + memcpy(ack.d.asBytes + 8 + m * 8 + 0, &nvector[i][m + j].nt, 4); + memcpy(ack.d.asBytes + 8 + m * 8 + 4, &nvector[i][m + j].ks1, 4); + } + + LED_B_ON(); + SpinDelay(100); + UsbSendPacket((uint8_t *)&ack, sizeof(UsbCommand)); + LED_B_OFF(); + } + } - LogTrace(nt,4,0,GetParity(nt,4),TRUE); - LogTrace(par_list,8,0,GetParity(par_list,8),TRUE); - LogTrace(ks_list,8,0,GetParity(ks_list,8),TRUE); + // finalize list + ack.arg[0] = 1; // isEOF = 1 + ack.arg[1] = 0; + ack.arg[2] = 0; + memset(ack.d.asBytes, 0x00, sizeof(ack.d.asBytes)); + + LED_B_ON(); + SpinDelay(300); + UsbSendPacket((uint8_t *)&ack, sizeof(UsbCommand)); + LED_B_OFF(); - // Thats it... + if (MF_DBGLEVEL >= 4) DbpString("NESTED FINISHED"); + + // Thats it... FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); LEDsoff(); + + tracing = TRUE; +} + +//----------------------------------------------------------------------------- +// MIFARE check keys. key count up to 8. +// +//----------------------------------------------------------------------------- +void MifareChkKeys(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) +{ + // params + uint8_t blockNo = arg0; + uint8_t keyType = arg1; + uint8_t keyCount = arg2; + uint64_t ui64Key = 0; + + // variables + int i; + byte_t isOK = 0; + uint8_t uid[8]; + uint32_t cuid; + struct Crypto1State mpcs = {0, 0}; + struct Crypto1State *pcs; + pcs = &mpcs; + + // clear debug level + int OLD_MF_DBGLEVEL = MF_DBGLEVEL; + MF_DBGLEVEL = MF_DBG_NONE; + + // clear trace + traceLen = 0; tracing = TRUE; + + iso14443a_setup(); + + LED_A_ON(); + LED_B_OFF(); + LED_C_OFF(); + + SpinDelay(300); + for (i = 0; i < keyCount; i++) { + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + SpinDelay(100); + FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_ISO14443A | FPGA_HF_ISO14443A_READER_MOD); + + if(!iso14443a_select_card(uid, NULL, &cuid)) { + if (OLD_MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); + break; + }; + + ui64Key = bytes_to_num(datain + i * 6, 6); + if(mifare_classic_auth(pcs, cuid, blockNo, keyType, ui64Key, AUTH_FIRST)) { + continue; + }; + + isOK = 1; + break; + } + + // ----------------------------- crypto1 destroy + crypto1_destroy(pcs); + + // add trace trailer + uid[0] = 0xff; + uid[1] = 0xff; + uid[2] = 0xff; + uid[3] = 0xff; + LogTrace(uid, 4, 0, 0, TRUE); + + UsbCommand ack = {CMD_ACK, {isOK, 0, 0}}; + if (isOK) memcpy(ack.d.asBytes, datain + i * 6, 6); + + LED_B_ON(); + UsbSendPacket((uint8_t *)&ack, sizeof(UsbCommand)); + LED_B_OFF(); + + // Thats it... + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + LEDsoff(); + + // restore debug level + MF_DBGLEVEL = OLD_MF_DBGLEVEL; +} + +//----------------------------------------------------------------------------- +// MIFARE 1K simulate. +// +//----------------------------------------------------------------------------- +void Mifare1ksim(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) +{ + int cardSTATE = MFEMUL_NOFIELD; + + while (true) { + + if(BUTTON_PRESS()) { + break; + } + + switch (cardSTATE) { + case MFEMUL_NOFIELD:{ + break; + } + case MFEMUL_IDLE:{ + break; + } + case MFEMUL_SELECT1:{ + break; + } + case MFEMUL_SELECT2:{ + break; + } + case MFEMUL_AUTH1:{ + break; + } + case MFEMUL_AUTH2:{ + break; + } + case MFEMUL_HALTED:{ + break; + } + + } + + } + }