ADD: Started a "collect nonces" concept to be able to analyse the tag generated nonces.

diff --git a/armsrc/appmain.c b/armsrc/appmain.c
index f3136fa06cd38336f1f3ddd7b160c86b3a9cc2fa..f5989bd64c60b5a208bfc3500dd8be53fef74f94 100644 (file)
--- a/armsrc/appmain.c
+++ b/armsrc/appmain.c
@@ -919,6 +919,9 @@ void UsbPacketReceived(uint8_t *packet, int len)
                        MifareSendCommand(c->arg[0], c->arg[1], c->d.asBytes);
                        break;
 
+               case CMD_MIFARE_COLLECT_NONCES:
+                       MifareCollectNonces(c->arg[0], c->[1]);
+                       break;
 #endif
 
 #ifdef WITH_ICLASS

diff --git a/armsrc/apps.h b/armsrc/apps.h
index 84376ed6d0078ea9a3961cd9fa571f579b1fd596..81203001c1af698ecb384cb2d722ec4e5f71f2a6 100644 (file)
--- a/armsrc/apps.h
+++ b/armsrc/apps.h
@@ -19,6 +19,7 @@
 #include <string.h>
 #include <strings.h>
 #include "../common/crc32.h"
+#include "../common/lfdemod.h"
 #include "BigBuf.h"
 #include "../include/hitag2.h"
 #include "../include/mifare.h"
@@ -196,6 +197,8 @@ void MifareCGetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datai
 void MifareCIdent();  // is "magic chinese" card?
 void MifareUSetPwd(uint8_t arg0, uint8_t *datain);
 
+void MifareCollectNonces(uint32_t arg0, uint32_t arg1);
+
 //desfire
 void Mifare_DES_Auth1(uint8_t arg0,uint8_t *datain);
 void Mifare_DES_Auth2(uint32_t arg0, uint8_t *datain);                                    

diff --git a/armsrc/mifarecmd.c b/armsrc/mifarecmd.c
index a240bed4fa85efe222f8b0e08f23c9d9e6083163..ef536d96f3fb4e56677aff0bfbef3aebdf660e50 100644 (file)
--- a/armsrc/mifarecmd.c
+++ b/armsrc/mifarecmd.c
@@ -1218,7 +1218,75 @@ void MifareCIdent(){
        cmd_send(CMD_ACK,isOK,0,0,0,0);\r
 }\r
 \r
-                       //\r
+void MifareCollectNonces(uint32_t arg0, uint32_t arg1){\r
+\r
+       BigBuf_free();\r
+\r
+       uint32_t iterations = arg0;\r
+       uint8_t uid[10] = {0x00};\r
+\r
+       uint8_t *response = BigBuf_malloc(MAX_MIFARE_FRAME_SIZE);\r
+       uint8_t *responsePar = BigBuf_malloc(MAX_MIFARE_PARITY_SIZE);\r
+\r
+       uint8_t mf_auth[] = { 0x60,0x00,0xf5,0x7b };\r
+       \r
+       // get memory from BigBuf.\r
+       uint8_t *nonces = BigBuf_malloc(iterations * 4);\r
+\r
+       LED_A_ON();\r
+       LED_B_OFF();\r
+       LED_C_OFF();\r
+\r
+       clear_trace();\r
+       set_tracing(TRUE);\r
+       iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
+       \r
+       for (int i = 0; i < iterations; i++) {\r
+                                               \r
+               WDT_HIT();\r
+\r
+               // Test if the action was cancelled\r
+               if(BUTTON_PRESS()) break;\r
+               \r
+               //              if(mifare_classic_halt(pcs, cuid)) {\r
+               //                      if (MF_DBGLEVEL >= 1) Dbprintf("Halt error");\r
+               //}\r
+\r
+               if(!iso14443a_select_card(uid, NULL, NULL)) {\r
+                       if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");\r
+                       continue;\r
+               };\r
+\r
+               // Transmit MIFARE_CLASSIC_AUTH.\r
+               ReaderTransmit(mf_auth, sizeof(mf_auth), NULL);\r
+\r
+               // Receive the (4 Byte) "random" nonce\r
+               if (!ReaderReceive(response, responsePar)) {\r
+                       if (MF_DBGLEVEL >= 1)   Dbprintf("Couldn't receive tag nonce");\r
+                       continue;\r
+               }       \r
+               \r
+               nonces[i*4] = bytes_to_num(response, 4);\r
+       }\r
+               \r
+       int packLen =  iterations * 4;\r
+       int packSize = 0;\r
+       int packNum = 0;\r
+       while (packLen > 0) {\r
+               packSize = MIN(USB_CMD_DATA_SIZE, packLen);\r
+               LED_B_ON();\r
+               cmd_send(CMD_ACK, 77, 0, packSize, nonces - packLen, packSize);\r
+               LED_B_OFF();\r
+\r
+               packLen -= packSize;\r
+               packNum++;\r
+       }\r
+\r
+       FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
+       LEDsoff();\r
+}\r
+\r
+//\r
 // DESFIRE\r
 //\r
 \r

diff --git a/armsrc/mifaredesfire.c b/armsrc/mifaredesfire.c
index 979e2f39cd2d04b2184d01a74a6f07938ca918dc..e7632c96a2c1e1158d7740b7f9e908b1e8dc5613 100644 (file)
--- a/armsrc/mifaredesfire.c
+++ b/armsrc/mifaredesfire.c
@@ -433,7 +433,7 @@ int DesfireAPDU(uint8_t *cmd, size_t cmd_len, uint8_t *dataout){
 
        size_t len = 0;
        size_t wrappedLen = 0;
-       uint8_t wCmd[USB_CMD_DATA_SIZE] = {0};
+       uint8_t wCmd[USB_CMD_DATA_SIZE] = {0x00};
        
        uint8_t resp[MAX_FRAME_SIZE];
     uint8_t par[MAX_PARITY_SIZE];

diff --git a/armsrc/mifareutil.c b/armsrc/mifareutil.c
index 8fa5e498062e57f5e5e8795687c36e0c1a0f5a94..987a858cfcb3d5dc0ba3458b35c4ed39decdd331 100644 (file)
--- a/armsrc/mifareutil.c
+++ b/armsrc/mifareutil.c
@@ -365,9 +365,9 @@ int mifare_classic_writeblock(struct Crypto1State *pcs, uint32_t uid, uint8_t bl
 {\r
        // variables\r
        uint16_t len, i;        \r
-       uint32_t pos;\r
-       uint8_t par[3] = {0};           // enough for 18 Bytes to send\r
-       byte_t res;\r
+       uint32_t pos = 0;\r
+       uint8_t par[3] = {0x00};                // enough for 18 Bytes to send\r
+       byte_t res = 0;\r
        \r
        uint8_t d_block[18], d_block_enc[18];\r
        uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE];\r

diff --git a/include/usb_cmd.h b/include/usb_cmd.h
index 74d494c276ab41ca1d5ce15890985717d4c148f8..d61a255899aea2105cfcadb8d81ae534a66410b1 100644 (file)
--- a/include/usb_cmd.h
+++ b/include/usb_cmd.h
@@ -193,6 +193,8 @@ typedef struct{
 #define CMD_MIFARE_DESFIRE_INFO                                           0x072d
 #define CMD_MIFARE_DESFIRE                                                0x072e
 
+#define CMD_MIFARE_COLLECT_NONCES                                                                                0x072f
+
 #define CMD_UNKNOWN                                                       0xFFFF