## [unreleased][unreleased]
### Changed
+- Adjusted `lf cmdread` to respond to client when complete and the client will then automatically call `data samples`
- Improved backdoor detection missbehaving magic s50/1k tag (Fl0-0)
- Deleted wipe functionality from `hf mf csetuid` (Merlok)
- Changed `hf mf nested` logic (Merlok)
- Changed start sequence in Qt mode (fix: short commands hangs main Qt thread) (Merlok)
### Added
+- Added a bitbang mode to `lf cmdread` if delay is 0 the cmd bits turn off and on the antenna with 0 and 1 respectively (marshmellow)
- Added PAC/Stanley detection to lf search (marshmellow)
- Added lf pac demod and lf pac read - extracts the raw blocks from a PAC/Stanley tag (marshmellow)
- Added hf mf c* commands compatibity for 4k and gen1b backdoor (Fl0-0)
- Added to `hf emv exec` MSD path for VISA and Mastercard and some other compatible EMV cards (Merlok)
- Added to `hf emv exec` SDA, DDA, fast DDA, CDA calculations for VISA and Mastercard and some other compatible EMV cards (Merlok)
- Added `hf emv test` - crypto tests for DES, AES, SHA, RSA, SDA, DDA, CDA and some other crypto functions (Merlok)
+- Added `hf list mf` - deciphers crypto1 stream and works with first authentication and weak nested authentications (Merlok)
## [3.0.1][2017-06-08]
uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE];
uint8_t receivedAnswerPar[MAX_MIFARE_PARITY_SIZE];
- if (first_try) {
- iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD);
- }
+ iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD);
// free eventually allocated BigBuf memory. We want all for tracing.
BigBuf_free();
clear_trace();
set_tracing(true);
- byte_t nt_diff = 0;
+ uint8_t nt_diff = 0;
uint8_t par[1] = {0}; // maximum 8 Bytes to be sent here, 1 byte parity is therefore enough
- static byte_t par_low = 0;
+ static uint8_t par_low = 0;
bool led_on = true;
uint8_t uid[10] ={0};
uint32_t cuid;
uint32_t nt = 0;
uint32_t previous_nt = 0;
static uint32_t nt_attacked = 0;
- byte_t par_list[8] = {0x00};
- byte_t ks_list[8] = {0x00};
+ uint8_t par_list[8] = {0x00};
+ uint8_t ks_list[8] = {0x00};
#define PRNG_SEQUENCE_LENGTH (1 << 16);
- static uint32_t sync_time;
+ uint32_t sync_time = GetCountSspClk() & 0xfffffff8;
static int32_t sync_cycles;
int catch_up_cycles = 0;
int last_catch_up = 0;
if (first_try) {
mf_nr_ar3 = 0;
- sync_time = GetCountSspClk() & 0xfffffff8;
+ par[0] = par_low = 0;
sync_cycles = PRNG_SEQUENCE_LENGTH; // theory: Mifare Classic's random generator repeats every 2^16 cycles (and so do the tag nonces).
nt_attacked = 0;
- par[0] = 0;
}
else {
// we were unsuccessful on a previous call. Try another READER nonce (first 3 parity bits remain the same)
#define MAX_UNEXPECTED_RANDOM 4 // maximum number of unexpected (i.e. real) random numbers when trying to sync. Then give up.
#define MAX_SYNC_TRIES 32
+ #define SYNC_TIME_BUFFER 16 // if there is only SYNC_TIME_BUFFER left before next planned sync, wait for next PRNG cycle
#define NUM_DEBUG_INFOS 8 // per strategy
#define MAX_STRATEGY 3
uint16_t unexpected_random = 0;
sync_time = (sync_time & 0xfffffff8) + sync_cycles + catch_up_cycles;
catch_up_cycles = 0;
- // if we missed the sync time already, advance to the next nonce repeat
- while(GetCountSspClk() > sync_time) {
+ // if we missed the sync time already or are about to miss it, advance to the next nonce repeat
+ while(sync_time < GetCountSspClk() + SYNC_TIME_BUFFER) {
elapsed_prng_sequences++;
sync_time = (sync_time & 0xfffffff8) + sync_cycles;
}
}
}
- byte_t buf[28];
+ uint8_t buf[32];
memcpy(buf + 0, uid, 4);
num_to_bytes(nt, 4, buf + 4);
memcpy(buf + 8, par_list, 8);
memcpy(buf + 16, ks_list, 8);
- memcpy(buf + 24, mf_nr_ar, 4);
+ memcpy(buf + 24, mf_nr_ar, 8);
- cmd_send(CMD_ACK, isOK, 0, 0, buf, 28);
+ cmd_send(CMD_ACK, isOK, 0, 0, buf, 32);
// Thats it...
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
// the license.
//-----------------------------------------------------------------------------
// Miscellaneous routines for low frequency tag operations.
-// Tags supported here so far are Texas Instruments (TI), HID
+// Tags supported here so far are Texas Instruments (TI), HID, EM4x05, EM410x
// Also routines for raw mode reading/simulating of LF waveform
//-----------------------------------------------------------------------------
*/
void ModThenAcquireRawAdcSamples125k(uint32_t delay_off, uint32_t period_0, uint32_t period_1, uint8_t *command)
{
+ // start timer
+ StartTicks();
- int divisor_used = 95; // 125 KHz
- // see if 'h' was specified
-
- if (command[strlen((char *) command) - 1] == 'h')
- divisor_used = 88; // 134.8 KHz
-
- sample_config sc = { 0,0,1, divisor_used, 0};
- setSamplingConfig(&sc);
- //clear read buffer
- BigBuf_Clear_keep_EM();
+ // use lf config settings
+ sample_config *sc = getSamplingConfig();
- /* Make sure the tag is reset */
+ // Make sure the tag is reset
FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
- SpinDelay(2500);
+ WaitMS(2500);
+
+ // clear read buffer (after fpga bitstream loaded...)
+ BigBuf_Clear_keep_EM();
- LFSetupFPGAForADC(sc.divisor, 1);
+ // power on
+ LFSetupFPGAForADC(sc->divisor, 1);
// And a little more time for the tag to fully power up
- SpinDelay(2000);
-
+ WaitMS(2000);
+ // if delay_off = 0 then just bitbang 1 = antenna on 0 = off for respective periods.
+ bool bitbang = delay_off == 0;
// now modulate the reader field
- while(*command != '\0' && *command != ' ') {
+
+ if (bitbang) {
+ // HACK it appears the loop and if statements take up about 7us so adjust waits accordingly...
+ uint8_t hack_cnt = 7;
+ if (period_0 < hack_cnt || period_1 < hack_cnt) {
+ DbpString("Warning periods cannot be less than 7us in bit bang mode");
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
+ LED_D_OFF();
+ return;
+ }
+
+ // hack2 needed--- it appears to take about 8-16us to turn the antenna back on
+ // leading to ~ 1 to 2 125khz samples extra in every off period
+ // so we should test for last 0 before next 1 and reduce period_0 by this extra amount...
+ // but is this time different for every antenna or other hw builds??? more testing needed
+
+ // prime cmd_len to save time comparing strings while modulating
+ int cmd_len = 0;
+ while(command[cmd_len] != '\0' && command[cmd_len] != ' ')
+ cmd_len++;
+
+ int counter = 0;
+ bool off = false;
+ for (counter = 0; counter < cmd_len; counter++) {
+ // if cmd = 0 then turn field off
+ if (command[counter] == '0') {
+ // if field already off leave alone (affects timing otherwise)
+ if (off == false) {
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
+ LED_D_OFF();
+ off = true;
+ }
+ // note we appear to take about 7us to switch over (or run the if statements/loop...)
+ WaitUS(period_0-hack_cnt);
+ // else if cmd = 1 then turn field on
+ } else {
+ // if field already on leave alone (affects timing otherwise)
+ if (off) {
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC | FPGA_LF_ADC_READER_FIELD);
+ LED_D_ON();
+ off = false;
+ }
+ // note we appear to take about 7us to switch over (or run the if statements/loop...)
+ WaitUS(period_1-hack_cnt);
+ }
+ }
+ } else { // old mode of cmd read using delay as off period
+ while(*command != '\0' && *command != ' ') {
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
+ LED_D_OFF();
+ WaitUS(delay_off);
+ FpgaSendCommand(FPGA_CMD_SET_DIVISOR, sc->divisor);
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC | FPGA_LF_ADC_READER_FIELD);
+ LED_D_ON();
+ if(*(command++) == '0') {
+ WaitUS(period_0);
+ } else {
+ WaitUS(period_1);
+ }
+ }
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
LED_D_OFF();
- SpinDelayUs(delay_off);
- FpgaSendCommand(FPGA_CMD_SET_DIVISOR, sc.divisor);
-
- FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC | FPGA_LF_ADC_READER_FIELD);
- LED_D_ON();
- if(*(command++) == '0')
- SpinDelayUs(period_0);
- else
- SpinDelayUs(period_1);
+ WaitUS(delay_off);
+ FpgaSendCommand(FPGA_CMD_SET_DIVISOR, sc->divisor);
}
- FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
- LED_D_OFF();
- SpinDelayUs(delay_off);
- FpgaSendCommand(FPGA_CMD_SET_DIVISOR, sc.divisor);
FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC | FPGA_LF_ADC_READER_FIELD);
// now do the read
DoAcquisition_config(false, 0);
+
+ // Turn off antenna
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
+ // tell client we are done
+ cmd_send(CMD_ACK,0,0,0,0,0);
}
/* blank r/w tag data stream
}
/**
-* acquisition of Cotag LF signal. Similart to other LF, since the Cotag has such long datarate RF/384
+* acquisition of Cotag LF signal. Similar to other LF, since the Cotag has such long datarate RF/384
* and is Manchester?, we directly gather the manchester data into bigbuff
**/
#define COTAG_T1 384
#include "proxmark3.h"\r
#include "apps.h"\r
#include "util.h"\r
-#include "string.h"\r
\r
#include "iso14443crc.h"\r
#include "iso14443a.h"\r
sniffState = SNF_CARD_CMD;
} // intentionally no break;
case SNF_CARD_CMD:{
- LogTrace(data, len, 0, 0, NULL, reader);
+ LogTrace(data, len, 0, 0, parity, reader);
timerData = GetTickCount();
break;
}
emv/test/cda_test.c\
emv/cmdemv.c\
cmdhf.c \
+ cmdhflist.c \
cmdhf14a.c \
cmdhf14b.c \
cmdhf15.c \
//-----------------------------------------------------------------------------
// Copyright (C) 2010 iZsh <izsh at fail0verflow.com>
+// Merlok - 2017
//
// This code is licensed to you under the terms of the GNU GPL, version 2 or,
// at your option, any later version. See the LICENSE.txt file for the text of
#include "cmdhftopaz.h"
#include "protocols.h"
#include "emv/cmdemv.h"
+#include "cmdhflist.h"
static int CmdHelp(const char *Cmd);
return 0;
}
-
-void annotateIso14443a(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize)
-{
- switch(cmd[0])
- {
- case ISO14443A_CMD_WUPA: snprintf(exp,size,"WUPA"); break;
- case ISO14443A_CMD_ANTICOLL_OR_SELECT:{
- // 93 20 = Anticollision (usage: 9320 - answer: 4bytes UID+1byte UID-bytes-xor)
- // 93 70 = Select (usage: 9370+5bytes 9320 answer - answer: 1byte SAK)
- if(cmd[1] == 0x70)
- {
- snprintf(exp,size,"SELECT_UID"); break;
- }else
- {
- snprintf(exp,size,"ANTICOLL"); break;
- }
- }
- case ISO14443A_CMD_ANTICOLL_OR_SELECT_2:{
- //95 20 = Anticollision of cascade level2
- //95 70 = Select of cascade level2
- if(cmd[2] == 0x70)
- {
- snprintf(exp,size,"SELECT_UID-2"); break;
- }else
- {
- snprintf(exp,size,"ANTICOLL-2"); break;
- }
- }
- case ISO14443A_CMD_REQA: snprintf(exp,size,"REQA"); break;
- case ISO14443A_CMD_READBLOCK: snprintf(exp,size,"READBLOCK(%d)",cmd[1]); break;
- case ISO14443A_CMD_WRITEBLOCK: snprintf(exp,size,"WRITEBLOCK(%d)",cmd[1]); break;
- case ISO14443A_CMD_HALT: snprintf(exp,size,"HALT"); break;
- case ISO14443A_CMD_RATS: snprintf(exp,size,"RATS"); break;
- case MIFARE_CMD_INC: snprintf(exp,size,"INC(%d)",cmd[1]); break;
- case MIFARE_CMD_DEC: snprintf(exp,size,"DEC(%d)",cmd[1]); break;
- case MIFARE_CMD_RESTORE: snprintf(exp,size,"RESTORE(%d)",cmd[1]); break;
- case MIFARE_CMD_TRANSFER: snprintf(exp,size,"TRANSFER(%d)",cmd[1]); break;
- case MIFARE_AUTH_KEYA:{
- if ( cmdsize > 3)
- snprintf(exp,size,"AUTH-A(%d)",cmd[1]);
- else
- // case MIFARE_ULEV1_VERSION : both 0x60.
- snprintf(exp,size,"EV1 VERSION");
- break;
- }
- case MIFARE_AUTH_KEYB: snprintf(exp,size,"AUTH-B(%d)",cmd[1]); break;
- case MIFARE_MAGICWUPC1: snprintf(exp,size,"MAGIC WUPC1"); break;
- case MIFARE_MAGICWUPC2: snprintf(exp,size,"MAGIC WUPC2"); break;
- case MIFARE_MAGICWIPEC: snprintf(exp,size,"MAGIC WIPEC"); break;
- case MIFARE_ULC_AUTH_1: snprintf(exp,size,"AUTH "); break;
- case MIFARE_ULC_AUTH_2: snprintf(exp,size,"AUTH_ANSW"); break;
- case MIFARE_ULEV1_AUTH:
- if ( cmdsize == 7 )
- snprintf(exp,size,"PWD-AUTH KEY: 0x%02x%02x%02x%02x", cmd[1], cmd[2], cmd[3], cmd[4] );
- else
- snprintf(exp,size,"PWD-AUTH");
- break;
- case MIFARE_ULEV1_FASTREAD:{
- if ( cmdsize >=3 && cmd[2] <= 0xE6)
- snprintf(exp,size,"READ RANGE (%d-%d)",cmd[1],cmd[2]);
- else
- snprintf(exp,size,"?");
- break;
- }
- case MIFARE_ULC_WRITE:{
- if ( cmd[1] < 0x21 )
- snprintf(exp,size,"WRITEBLOCK(%d)",cmd[1]);
- else
- snprintf(exp,size,"?");
- break;
- }
- case MIFARE_ULEV1_READ_CNT:{
- if ( cmd[1] < 5 )
- snprintf(exp,size,"READ CNT(%d)",cmd[1]);
- else
- snprintf(exp,size,"?");
- break;
- }
- case MIFARE_ULEV1_INCR_CNT:{
- if ( cmd[1] < 5 )
- snprintf(exp,size,"INCR(%d)",cmd[1]);
- else
- snprintf(exp,size,"?");
- break;
- }
- case MIFARE_ULEV1_READSIG: snprintf(exp,size,"READ_SIG"); break;
- case MIFARE_ULEV1_CHECKTEAR: snprintf(exp,size,"CHK_TEARING(%d)",cmd[1]); break;
- case MIFARE_ULEV1_VCSL: snprintf(exp,size,"VCSL"); break;
- default: snprintf(exp,size,"?"); break;
- }
- return;
-}
-
-void annotateIclass(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize)
-{
- switch(cmd[0])
- {
- case ICLASS_CMD_ACTALL: snprintf(exp,size,"ACTALL"); break;
- case ICLASS_CMD_READ_OR_IDENTIFY:{
- if(cmdsize > 1){
- snprintf(exp,size,"READ(%d)",cmd[1]);
- }else{
- snprintf(exp,size,"IDENTIFY");
- }
- break;
- }
- case ICLASS_CMD_SELECT: snprintf(exp,size,"SELECT"); break;
- case ICLASS_CMD_PAGESEL: snprintf(exp,size,"PAGESEL(%d)", cmd[1]); break;
- case ICLASS_CMD_READCHECK_KC:snprintf(exp,size,"READCHECK[Kc](%d)", cmd[1]); break;
- case ICLASS_CMD_READCHECK_KD:snprintf(exp,size,"READCHECK[Kd](%d)", cmd[1]); break;
- case ICLASS_CMD_CHECK: snprintf(exp,size,"CHECK"); break;
- case ICLASS_CMD_DETECT: snprintf(exp,size,"DETECT"); break;
- case ICLASS_CMD_HALT: snprintf(exp,size,"HALT"); break;
- case ICLASS_CMD_UPDATE: snprintf(exp,size,"UPDATE(%d)",cmd[1]); break;
- case ICLASS_CMD_ACT: snprintf(exp,size,"ACT"); break;
- case ICLASS_CMD_READ4: snprintf(exp,size,"READ4(%d)",cmd[1]); break;
- default: snprintf(exp,size,"?"); break;
- }
- return;
-}
-
-void annotateIso15693(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize)
-{
-
- if(cmd[0] == 0x26)
- {
- switch(cmd[1]){
- case ISO15693_INVENTORY :snprintf(exp, size, "INVENTORY");break;
- case ISO15693_STAYQUIET :snprintf(exp, size, "STAY_QUIET");break;
- default: snprintf(exp,size,"?"); break;
-
- }
- }else if(cmd[0] == 0x02)
- {
- switch(cmd[1])
- {
- case ISO15693_READBLOCK :snprintf(exp, size, "READBLOCK");break;
- case ISO15693_WRITEBLOCK :snprintf(exp, size, "WRITEBLOCK");break;
- case ISO15693_LOCKBLOCK :snprintf(exp, size, "LOCKBLOCK");break;
- case ISO15693_READ_MULTI_BLOCK :snprintf(exp, size, "READ_MULTI_BLOCK");break;
- case ISO15693_SELECT :snprintf(exp, size, "SELECT");break;
- case ISO15693_RESET_TO_READY :snprintf(exp, size, "RESET_TO_READY");break;
- case ISO15693_WRITE_AFI :snprintf(exp, size, "WRITE_AFI");break;
- case ISO15693_LOCK_AFI :snprintf(exp, size, "LOCK_AFI");break;
- case ISO15693_WRITE_DSFID :snprintf(exp, size, "WRITE_DSFID");break;
- case ISO15693_LOCK_DSFID :snprintf(exp, size, "LOCK_DSFID");break;
- case ISO15693_GET_SYSTEM_INFO :snprintf(exp, size, "GET_SYSTEM_INFO");break;
- case ISO15693_READ_MULTI_SECSTATUS :snprintf(exp, size, "READ_MULTI_SECSTATUS");break;
- default: snprintf(exp,size,"?"); break;
- }
- }
-}
-
-
-void annotateTopaz(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize)
-{
- switch(cmd[0]) {
- case TOPAZ_REQA :snprintf(exp, size, "REQA");break;
- case TOPAZ_WUPA :snprintf(exp, size, "WUPA");break;
- case TOPAZ_RID :snprintf(exp, size, "RID");break;
- case TOPAZ_RALL :snprintf(exp, size, "RALL");break;
- case TOPAZ_READ :snprintf(exp, size, "READ");break;
- case TOPAZ_WRITE_E :snprintf(exp, size, "WRITE-E");break;
- case TOPAZ_WRITE_NE :snprintf(exp, size, "WRITE-NE");break;
- case TOPAZ_RSEG :snprintf(exp, size, "RSEG");break;
- case TOPAZ_READ8 :snprintf(exp, size, "READ8");break;
- case TOPAZ_WRITE_E8 :snprintf(exp, size, "WRITE-E8");break;
- case TOPAZ_WRITE_NE8 :snprintf(exp, size, "WRITE-NE8");break;
- default: snprintf(exp,size,"?"); break;
- }
-}
-
-
-/**
-06 00 = INITIATE
-0E xx = SELECT ID (xx = Chip-ID)
-0B = Get UID
-08 yy = Read Block (yy = block number)
-09 yy dd dd dd dd = Write Block (yy = block number; dd dd dd dd = data to be written)
-0C = Reset to Inventory
-0F = Completion
-0A 11 22 33 44 55 66 = Authenticate (11 22 33 44 55 66 = data to authenticate)
-**/
-
-void annotateIso14443b(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize)
-{
- switch(cmd[0]){
- case ISO14443B_REQB : snprintf(exp,size,"REQB");break;
- case ISO14443B_ATTRIB : snprintf(exp,size,"ATTRIB");break;
- case ISO14443B_HALT : snprintf(exp,size,"HALT");break;
- case ISO14443B_INITIATE : snprintf(exp,size,"INITIATE");break;
- case ISO14443B_SELECT : snprintf(exp,size,"SELECT(%d)",cmd[1]);break;
- case ISO14443B_GET_UID : snprintf(exp,size,"GET UID");break;
- case ISO14443B_READ_BLK : snprintf(exp,size,"READ_BLK(%d)", cmd[1]);break;
- case ISO14443B_WRITE_BLK : snprintf(exp,size,"WRITE_BLK(%d)",cmd[1]);break;
- case ISO14443B_RESET : snprintf(exp,size,"RESET");break;
- case ISO14443B_COMPLETION : snprintf(exp,size,"COMPLETION");break;
- case ISO14443B_AUTHENTICATE : snprintf(exp,size,"AUTHENTICATE");break;
- default : snprintf(exp,size ,"?");break;
- }
-
-}
-
-/**
- * @brief iso14443A_CRC_check Checks CRC in command or response
- * @param isResponse
- * @param data
- * @param len
- * @return 0 : CRC-command, CRC not ok
- * 1 : CRC-command, CRC ok
- * 2 : Not crc-command
- */
-
-uint8_t iso14443A_CRC_check(bool isResponse, uint8_t* data, uint8_t len)
-{
- uint8_t b1,b2;
-
- if(len <= 2) return 2;
-
- if(isResponse & (len < 6)) return 2;
-
- ComputeCrc14443(CRC_14443_A, data, len-2, &b1, &b2);
- if (b1 != data[len-2] || b2 != data[len-1]) {
- return 0;
- } else {
- return 1;
- }
-}
-
-
/**
* @brief iso14443B_CRC_check Checks CRC in command or response
* @param isResponse
uint8_t topaz_reader_command[9];
uint32_t timestamp, first_timestamp, EndOfTransmissionTimestamp;
char explanation[30] = {0};
+ uint8_t mfData[32] = {0};
+ size_t mfDataLen = 0;
if (tracepos + sizeof(uint32_t) + sizeof(uint16_t) + sizeof(uint16_t) > traceLen) return traceLen;
case TOPAZ:
crcStatus = iso14443B_CRC_check(isResponse, frame, data_len);
break;
+ case PROTO_MIFARE:
+ crcStatus = mifare_CRC_check(isResponse, frame, data_len);
+ break;
case ISO_14443A:
crcStatus = iso14443A_CRC_check(isResponse, frame, data_len);
break;
EndOfTransmissionTimestamp = timestamp + duration;
+ if (protocol == PROTO_MIFARE)
+ annotateMifare(explanation, sizeof(explanation), frame, data_len, parityBytes, parity_len, isResponse);
+
if(!isResponse)
{
switch(protocol) {
(j == num_lines-1) ? explanation : "");
}
}
+
+ if (DecodeMifareData(frame, data_len, parityBytes, isResponse, mfData, &mfDataLen)) {
+ memset(explanation, 0x00, sizeof(explanation));
+ if (!isResponse) {
+ explanation[0] = '>';
+ annotateIso14443a(&explanation[1], sizeof(explanation) - 1, mfData, mfDataLen);
+ }
+ uint8_t crcc = iso14443A_CRC_check(isResponse, mfData, mfDataLen);
+ PrintAndLog(" | * | dec |%-64s | %-4s| %s",
+ sprint_hex(mfData, mfDataLen),
+ (crcc == 0 ? "!crc" : (crcc == 1 ? " ok " : " ")),
+ (true) ? explanation : "");
+ };
if (is_last_record(tracepos, trace, traceLen)) return traceLen;
if(!errors) {
if(strcmp(type, "iclass") == 0) {
protocol = ICLASS;
+ } else if(strcmp(type, "mf") == 0) {
+ protocol = PROTO_MIFARE;
} else if(strcmp(type, "14a") == 0) {
protocol = ISO_14443A;
} else if(strcmp(type, "14b") == 0) {
PrintAndLog("Supported <protocol> values:");
PrintAndLog(" raw - just show raw data without annotations");
PrintAndLog(" 14a - interpret data as iso14443a communications");
+ PrintAndLog(" mf - interpret data as iso14443a communications and decrypt crypto1 stream");
PrintAndLog(" 14b - interpret data as iso14443b communications");
PrintAndLog(" iclass - interpret data as iclass communications");
PrintAndLog(" topaz - interpret data as topaz communications");
PrintAndLog(" Start | End | Src | Data (! denotes parity error) | CRC | Annotation |");
PrintAndLog("------------|------------|-----|-----------------------------------------------------------------|-----|--------------------|");
+ ClearAuthData();
while(tracepos < traceLen)
{
tracepos = printTraceLine(tracepos, traceLen, trace, protocol, showWaitCycles, markCRCBytes);
--- /dev/null
+//-----------------------------------------------------------------------------
+// Copyright (C) Merlok - 2017
+//
+// This code is licensed to you under the terms of the GNU GPL, version 2 or,
+// at your option, any later version. See the LICENSE.txt file for the text of
+// the license.
+//-----------------------------------------------------------------------------
+// Command: hf mf list. It shows data from arm buffer.
+//-----------------------------------------------------------------------------
+
+#include "cmdhflist.h"
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <stdint.h>
+#include <stdbool.h>
+#include "util.h"
+#include "data.h"
+#include "ui.h"
+#include "iso14443crc.h"
+#include "parity.h"
+#include "protocols.h"
+#include "crapto1/crapto1.h"
+#include "mifarehost.h"
+#include "mifaredefault.h"
+
+
+enum MifareAuthSeq {
+ masNone,
+ masNt,
+ masNrAr,
+ masAt,
+ masAuthComplete,
+ masFirstData,
+ masData,
+ masError,
+};
+static enum MifareAuthSeq MifareAuthState;
+static TAuthData AuthData;
+
+void ClearAuthData() {
+ AuthData.uid = 0;
+ AuthData.nt = 0;
+ AuthData.first_auth = true;
+ AuthData.ks2 = 0;
+ AuthData.ks3 = 0;
+}
+
+/**
+ * @brief iso14443A_CRC_check Checks CRC in command or response
+ * @param isResponse
+ * @param data
+ * @param len
+ * @return 0 : CRC-command, CRC not ok
+ * 1 : CRC-command, CRC ok
+ * 2 : Not crc-command
+ */
+uint8_t iso14443A_CRC_check(bool isResponse, uint8_t* data, uint8_t len)
+{
+ uint8_t b1,b2;
+
+ if(len <= 2) return 2;
+
+ if(isResponse & (len < 6)) return 2;
+
+ ComputeCrc14443(CRC_14443_A, data, len-2, &b1, &b2);
+ if (b1 != data[len-2] || b2 != data[len-1]) {
+ return 0;
+ } else {
+ return 1;
+ }
+}
+
+uint8_t mifare_CRC_check(bool isResponse, uint8_t* data, uint8_t len)
+{
+ switch(MifareAuthState) {
+ case masNone:
+ case masError:
+ return iso14443A_CRC_check(isResponse, data, len);
+ default:
+ return 2;
+ }
+}
+
+void annotateIclass(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize)
+{
+ switch(cmd[0])
+ {
+ case ICLASS_CMD_ACTALL: snprintf(exp,size,"ACTALL"); break;
+ case ICLASS_CMD_READ_OR_IDENTIFY:{
+ if(cmdsize > 1){
+ snprintf(exp,size,"READ(%d)",cmd[1]);
+ }else{
+ snprintf(exp,size,"IDENTIFY");
+ }
+ break;
+ }
+ case ICLASS_CMD_SELECT: snprintf(exp,size,"SELECT"); break;
+ case ICLASS_CMD_PAGESEL: snprintf(exp,size,"PAGESEL(%d)", cmd[1]); break;
+ case ICLASS_CMD_READCHECK_KC:snprintf(exp,size,"READCHECK[Kc](%d)", cmd[1]); break;
+ case ICLASS_CMD_READCHECK_KD:snprintf(exp,size,"READCHECK[Kd](%d)", cmd[1]); break;
+ case ICLASS_CMD_CHECK: snprintf(exp,size,"CHECK"); break;
+ case ICLASS_CMD_DETECT: snprintf(exp,size,"DETECT"); break;
+ case ICLASS_CMD_HALT: snprintf(exp,size,"HALT"); break;
+ case ICLASS_CMD_UPDATE: snprintf(exp,size,"UPDATE(%d)",cmd[1]); break;
+ case ICLASS_CMD_ACT: snprintf(exp,size,"ACT"); break;
+ case ICLASS_CMD_READ4: snprintf(exp,size,"READ4(%d)",cmd[1]); break;
+ default: snprintf(exp,size,"?"); break;
+ }
+ return;
+}
+
+void annotateIso15693(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize)
+{
+
+ if(cmd[0] == 0x26)
+ {
+ switch(cmd[1]){
+ case ISO15693_INVENTORY :snprintf(exp, size, "INVENTORY");break;
+ case ISO15693_STAYQUIET :snprintf(exp, size, "STAY_QUIET");break;
+ default: snprintf(exp,size,"?"); break;
+
+ }
+ }else if(cmd[0] == 0x02)
+ {
+ switch(cmd[1])
+ {
+ case ISO15693_READBLOCK :snprintf(exp, size, "READBLOCK");break;
+ case ISO15693_WRITEBLOCK :snprintf(exp, size, "WRITEBLOCK");break;
+ case ISO15693_LOCKBLOCK :snprintf(exp, size, "LOCKBLOCK");break;
+ case ISO15693_READ_MULTI_BLOCK :snprintf(exp, size, "READ_MULTI_BLOCK");break;
+ case ISO15693_SELECT :snprintf(exp, size, "SELECT");break;
+ case ISO15693_RESET_TO_READY :snprintf(exp, size, "RESET_TO_READY");break;
+ case ISO15693_WRITE_AFI :snprintf(exp, size, "WRITE_AFI");break;
+ case ISO15693_LOCK_AFI :snprintf(exp, size, "LOCK_AFI");break;
+ case ISO15693_WRITE_DSFID :snprintf(exp, size, "WRITE_DSFID");break;
+ case ISO15693_LOCK_DSFID :snprintf(exp, size, "LOCK_DSFID");break;
+ case ISO15693_GET_SYSTEM_INFO :snprintf(exp, size, "GET_SYSTEM_INFO");break;
+ case ISO15693_READ_MULTI_SECSTATUS :snprintf(exp, size, "READ_MULTI_SECSTATUS");break;
+ default: snprintf(exp,size,"?"); break;
+ }
+ }
+}
+
+
+void annotateTopaz(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize)
+{
+ switch(cmd[0]) {
+ case TOPAZ_REQA :snprintf(exp, size, "REQA");break;
+ case TOPAZ_WUPA :snprintf(exp, size, "WUPA");break;
+ case TOPAZ_RID :snprintf(exp, size, "RID");break;
+ case TOPAZ_RALL :snprintf(exp, size, "RALL");break;
+ case TOPAZ_READ :snprintf(exp, size, "READ");break;
+ case TOPAZ_WRITE_E :snprintf(exp, size, "WRITE-E");break;
+ case TOPAZ_WRITE_NE :snprintf(exp, size, "WRITE-NE");break;
+ case TOPAZ_RSEG :snprintf(exp, size, "RSEG");break;
+ case TOPAZ_READ8 :snprintf(exp, size, "READ8");break;
+ case TOPAZ_WRITE_E8 :snprintf(exp, size, "WRITE-E8");break;
+ case TOPAZ_WRITE_NE8 :snprintf(exp, size, "WRITE-NE8");break;
+ default: snprintf(exp,size,"?"); break;
+ }
+}
+
+
+/**
+06 00 = INITIATE
+0E xx = SELECT ID (xx = Chip-ID)
+0B = Get UID
+08 yy = Read Block (yy = block number)
+09 yy dd dd dd dd = Write Block (yy = block number; dd dd dd dd = data to be written)
+0C = Reset to Inventory
+0F = Completion
+0A 11 22 33 44 55 66 = Authenticate (11 22 33 44 55 66 = data to authenticate)
+**/
+
+void annotateIso14443b(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize)
+{
+ switch(cmd[0]){
+ case ISO14443B_REQB : snprintf(exp,size,"REQB");break;
+ case ISO14443B_ATTRIB : snprintf(exp,size,"ATTRIB");break;
+ case ISO14443B_HALT : snprintf(exp,size,"HALT");break;
+ case ISO14443B_INITIATE : snprintf(exp,size,"INITIATE");break;
+ case ISO14443B_SELECT : snprintf(exp,size,"SELECT(%d)",cmd[1]);break;
+ case ISO14443B_GET_UID : snprintf(exp,size,"GET UID");break;
+ case ISO14443B_READ_BLK : snprintf(exp,size,"READ_BLK(%d)", cmd[1]);break;
+ case ISO14443B_WRITE_BLK : snprintf(exp,size,"WRITE_BLK(%d)",cmd[1]);break;
+ case ISO14443B_RESET : snprintf(exp,size,"RESET");break;
+ case ISO14443B_COMPLETION : snprintf(exp,size,"COMPLETION");break;
+ case ISO14443B_AUTHENTICATE : snprintf(exp,size,"AUTHENTICATE");break;
+ default : snprintf(exp,size ,"?");break;
+ }
+
+}
+
+void annotateIso14443a(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize)
+{
+ switch(cmd[0])
+ {
+ case ISO14443A_CMD_WUPA:
+ snprintf(exp,size,"WUPA");
+ break;
+ case ISO14443A_CMD_ANTICOLL_OR_SELECT:{
+ // 93 20 = Anticollision (usage: 9320 - answer: 4bytes UID+1byte UID-bytes-xor)
+ // 93 70 = Select (usage: 9370+5bytes 9320 answer - answer: 1byte SAK)
+ if(cmd[1] == 0x70)
+ {
+ snprintf(exp,size,"SELECT_UID"); break;
+ }else
+ {
+ snprintf(exp,size,"ANTICOLL"); break;
+ }
+ }
+ case ISO14443A_CMD_ANTICOLL_OR_SELECT_2:{
+ //95 20 = Anticollision of cascade level2
+ //95 70 = Select of cascade level2
+ if(cmd[2] == 0x70)
+ {
+ snprintf(exp,size,"SELECT_UID-2"); break;
+ }else
+ {
+ snprintf(exp,size,"ANTICOLL-2"); break;
+ }
+ }
+ case ISO14443A_CMD_REQA:
+ snprintf(exp,size,"REQA");
+ break;
+ case ISO14443A_CMD_READBLOCK: snprintf(exp,size,"READBLOCK(%d)",cmd[1]); break;
+ case ISO14443A_CMD_WRITEBLOCK: snprintf(exp,size,"WRITEBLOCK(%d)",cmd[1]); break;
+ case ISO14443A_CMD_HALT:
+ snprintf(exp,size,"HALT");
+ MifareAuthState = masNone;
+ break;
+ case ISO14443A_CMD_RATS: snprintf(exp,size,"RATS"); break;
+ case MIFARE_CMD_INC: snprintf(exp,size,"INC(%d)",cmd[1]); break;
+ case MIFARE_CMD_DEC: snprintf(exp,size,"DEC(%d)",cmd[1]); break;
+ case MIFARE_CMD_RESTORE: snprintf(exp,size,"RESTORE(%d)",cmd[1]); break;
+ case MIFARE_CMD_TRANSFER: snprintf(exp,size,"TRANSFER(%d)",cmd[1]); break;
+ case MIFARE_AUTH_KEYA:
+ if ( cmdsize > 3) {
+ snprintf(exp,size,"AUTH-A(%d)",cmd[1]);
+ MifareAuthState = masNt;
+ } else {
+ // case MIFARE_ULEV1_VERSION : both 0x60.
+ snprintf(exp,size,"EV1 VERSION");
+ }
+ break;
+ case MIFARE_AUTH_KEYB:
+ MifareAuthState = masNt;
+ snprintf(exp,size,"AUTH-B(%d)",cmd[1]);
+ break;
+ case MIFARE_MAGICWUPC1: snprintf(exp,size,"MAGIC WUPC1"); break;
+ case MIFARE_MAGICWUPC2: snprintf(exp,size,"MAGIC WUPC2"); break;
+ case MIFARE_MAGICWIPEC: snprintf(exp,size,"MAGIC WIPEC"); break;
+ case MIFARE_ULC_AUTH_1: snprintf(exp,size,"AUTH "); break;
+ case MIFARE_ULC_AUTH_2: snprintf(exp,size,"AUTH_ANSW"); break;
+ case MIFARE_ULEV1_AUTH:
+ if ( cmdsize == 7 )
+ snprintf(exp,size,"PWD-AUTH KEY: 0x%02x%02x%02x%02x", cmd[1], cmd[2], cmd[3], cmd[4] );
+ else
+ snprintf(exp,size,"PWD-AUTH");
+ break;
+ case MIFARE_ULEV1_FASTREAD:{
+ if ( cmdsize >=3 && cmd[2] <= 0xE6)
+ snprintf(exp,size,"READ RANGE (%d-%d)",cmd[1],cmd[2]);
+ else
+ snprintf(exp,size,"?");
+ break;
+ }
+ case MIFARE_ULC_WRITE:{
+ if ( cmd[1] < 0x21 )
+ snprintf(exp,size,"WRITEBLOCK(%d)",cmd[1]);
+ else
+ snprintf(exp,size,"?");
+ break;
+ }
+ case MIFARE_ULEV1_READ_CNT:{
+ if ( cmd[1] < 5 )
+ snprintf(exp,size,"READ CNT(%d)",cmd[1]);
+ else
+ snprintf(exp,size,"?");
+ break;
+ }
+ case MIFARE_ULEV1_INCR_CNT:{
+ if ( cmd[1] < 5 )
+ snprintf(exp,size,"INCR(%d)",cmd[1]);
+ else
+ snprintf(exp,size,"?");
+ break;
+ }
+ case MIFARE_ULEV1_READSIG: snprintf(exp,size,"READ_SIG"); break;
+ case MIFARE_ULEV1_CHECKTEAR: snprintf(exp,size,"CHK_TEARING(%d)",cmd[1]); break;
+ case MIFARE_ULEV1_VCSL: snprintf(exp,size,"VCSL"); break;
+ default: snprintf(exp,size,"?"); break;
+ }
+ return;
+}
+
+void annotateMifare(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize, uint8_t* parity, uint8_t paritysize, bool isResponse) {
+ if (!isResponse && cmdsize == 1) {
+ switch(cmd[0]) {
+ case ISO14443A_CMD_WUPA:
+ case ISO14443A_CMD_REQA:
+ MifareAuthState = masNone;
+ break;
+ default:
+ break;
+ }
+ }
+
+ // get UID
+ if (MifareAuthState == masNone) {
+ if (cmdsize == 9 && cmd[0] == ISO14443A_CMD_ANTICOLL_OR_SELECT && cmd[1] == 0x70) {
+ ClearAuthData();
+ AuthData.uid = bytes_to_num(&cmd[2], 4);
+ }
+ if (cmdsize == 9 && cmd[0] == ISO14443A_CMD_ANTICOLL_OR_SELECT_2 && cmd[1] == 0x70) {
+ ClearAuthData();
+ AuthData.uid = bytes_to_num(&cmd[2], 4);
+ }
+ }
+
+ switch(MifareAuthState) {
+ case masNt:
+ if (cmdsize == 4 && isResponse) {
+ snprintf(exp,size,"AUTH: nt %s", (AuthData.first_auth) ? "" : "(enc)");
+ MifareAuthState = masNrAr;
+ if (AuthData.first_auth) {
+ AuthData.nt = bytes_to_num(cmd, 4);
+ } else {
+ AuthData.nt_enc = bytes_to_num(cmd, 4);
+ AuthData.nt_enc_par = parity[0];
+ }
+ return;
+ } else {
+ MifareAuthState = masError;
+ }
+ break;
+ case masNrAr:
+ if (cmdsize == 8 && !isResponse) {
+ snprintf(exp,size,"AUTH: nr ar (enc)");
+ MifareAuthState = masAt;
+ AuthData.nr_enc = bytes_to_num(cmd, 4);
+ AuthData.ar_enc = bytes_to_num(&cmd[4], 4);
+ AuthData.ar_enc_par = parity[0] << 4;
+ return;
+ } else {
+ MifareAuthState = masError;
+ }
+ break;
+ case masAt:
+ if (cmdsize == 4 && isResponse) {
+ snprintf(exp,size,"AUTH: at (enc)");
+ MifareAuthState = masAuthComplete;
+ AuthData.at_enc = bytes_to_num(cmd, 4);
+ AuthData.at_enc_par = parity[0];
+ return;
+ } else {
+ MifareAuthState = masError;
+ }
+ break;
+ default:
+ break;
+ }
+
+ if (!isResponse && ((MifareAuthState == masNone) || (MifareAuthState == masError)))
+ annotateIso14443a(exp, size, cmd, cmdsize);
+
+}
+
+bool DecodeMifareData(uint8_t *cmd, uint8_t cmdsize, uint8_t *parity, bool isResponse, uint8_t *mfData, size_t *mfDataLen) {
+ static struct Crypto1State *traceCrypto1;
+ static uint64_t mfLastKey;
+
+ *mfDataLen = 0;
+
+ if (MifareAuthState == masAuthComplete) {
+ if (traceCrypto1) {
+ crypto1_destroy(traceCrypto1);
+ traceCrypto1 = NULL;
+ }
+
+ MifareAuthState = masFirstData;
+ return false;
+ }
+
+ if (cmdsize > 32)
+ return false;
+
+ if (MifareAuthState == masFirstData) {
+ if (AuthData.first_auth) {
+ AuthData.ks2 = AuthData.ar_enc ^ prng_successor(AuthData.nt, 64);
+ AuthData.ks3 = AuthData.at_enc ^ prng_successor(AuthData.nt, 96);
+
+ mfLastKey = GetCrypto1ProbableKey(&AuthData);
+ PrintAndLog(" | * | key | probable key:%012"PRIx64" Prng:%s ks2:%08x ks3:%08x | |",
+ mfLastKey,
+ validate_prng_nonce(AuthData.nt) ? "WEAK": "HARD",
+ AuthData.ks2,
+ AuthData.ks3);
+
+ AuthData.first_auth = false;
+
+ traceCrypto1 = lfsr_recovery64(AuthData.ks2, AuthData.ks3);
+ } else {
+ if (traceCrypto1) {
+ crypto1_destroy(traceCrypto1);
+ traceCrypto1 = NULL;
+ }
+
+ // check last used key
+ if (mfLastKey) {
+ if (NestedCheckKey(mfLastKey, &AuthData, cmd, cmdsize, parity)) {
+ PrintAndLog(" | * | key | last used key:%012"PRIx64" ks2:%08x ks3:%08x | |",
+ mfLastKey,
+ AuthData.ks2,
+ AuthData.ks3);
+
+ traceCrypto1 = lfsr_recovery64(AuthData.ks2, AuthData.ks3);
+ };
+ }
+
+ // check default keys
+ if (!traceCrypto1) {
+ for (int defaultKeyCounter = 0; defaultKeyCounter < MifareDefaultKeysSize; defaultKeyCounter++){
+ if (NestedCheckKey(MifareDefaultKeys[defaultKeyCounter], &AuthData, cmd, cmdsize, parity)) {
+ PrintAndLog(" | * | key | default key:%012"PRIx64" ks2:%08x ks3:%08x | |",
+ MifareDefaultKeys[defaultKeyCounter],
+ AuthData.ks2,
+ AuthData.ks3);
+
+ mfLastKey = MifareDefaultKeys[defaultKeyCounter];
+ traceCrypto1 = lfsr_recovery64(AuthData.ks2, AuthData.ks3);
+ break;
+ };
+ }
+ }
+
+ // nested
+ if (!traceCrypto1 && validate_prng_nonce(AuthData.nt)) {
+ uint32_t ntx = prng_successor(AuthData.nt, 90);
+ for (int i = 0; i < 16383; i++) {
+ ntx = prng_successor(ntx, 1);
+ if (NTParityChk(&AuthData, ntx)){
+
+ uint32_t ks2 = AuthData.ar_enc ^ prng_successor(ntx, 64);
+ uint32_t ks3 = AuthData.at_enc ^ prng_successor(ntx, 96);
+ struct Crypto1State *pcs = lfsr_recovery64(ks2, ks3);
+ memcpy(mfData, cmd, cmdsize);
+ mf_crypto1_decrypt(pcs, mfData, cmdsize, 0);
+
+ crypto1_destroy(pcs);
+ if (CheckCrypto1Parity(cmd, cmdsize, mfData, parity) && CheckCrc14443(CRC_14443_A, mfData, cmdsize)) {
+ AuthData.ks2 = ks2;
+ AuthData.ks3 = ks3;
+
+ AuthData.nt = ntx;
+ mfLastKey = GetCrypto1ProbableKey(&AuthData);
+ PrintAndLog(" | * | key | nested probable key:%012"PRIx64" ks2:%08x ks3:%08x | |",
+ mfLastKey,
+ AuthData.ks2,
+ AuthData.ks3);
+
+ traceCrypto1 = lfsr_recovery64(AuthData.ks2, AuthData.ks3);
+ break;
+ }
+ }
+ }
+ }
+
+ //hardnested
+ if (!traceCrypto1) {
+ printf("hardnested not implemented. uid:%x nt:%x ar_enc:%x at_enc:%x\n", AuthData.uid, AuthData.nt, AuthData.ar_enc, AuthData.at_enc);
+ MifareAuthState = masError;
+
+ /* TOO SLOW( needs to have more strong filter. with this filter - aprox 4 mln tests
+ uint32_t t = msclock();
+ uint32_t t1 = t;
+ int n = 0;
+ for (uint32_t i = 0; i < 0xFFFFFFFF; i++) {
+ if (NTParityChk(&AuthData, i)){
+
+ uint32_t ks2 = AuthData.ar_enc ^ prng_successor(i, 64);
+ uint32_t ks3 = AuthData.at_enc ^ prng_successor(i, 96);
+ struct Crypto1State *pcs = lfsr_recovery64(ks2, ks3);
+
+
+
+
+ n++;
+
+ if (!(n % 100000)) {
+ printf("delta=%d n=%d ks2=%x ks3=%x \n", msclock() - t1 , n, ks2, ks3);
+ t1 = msclock();
+ }
+
+ }
+ }
+ printf("delta=%d n=%d\n", msclock() - t, n);
+ */
+ }
+ }
+
+
+
+ MifareAuthState = masData;
+ }
+
+ if (MifareAuthState == masData && traceCrypto1) {
+ memcpy(mfData, cmd, cmdsize);
+ mf_crypto1_decrypt(traceCrypto1, mfData, cmdsize, 0);
+ *mfDataLen = cmdsize;
+ }
+
+ return *mfDataLen > 0;
+}
+
+bool NTParityChk(TAuthData *ad, uint32_t ntx) {
+ if (
+ (oddparity8(ntx >> 8 & 0xff) ^ (ntx & 0x01) ^ ((ad->nt_enc_par >> 5) & 0x01) ^ (ad->nt_enc & 0x01)) ||
+ (oddparity8(ntx >> 16 & 0xff) ^ (ntx >> 8 & 0x01) ^ ((ad->nt_enc_par >> 6) & 0x01) ^ (ad->nt_enc >> 8 & 0x01)) ||
+ (oddparity8(ntx >> 24 & 0xff) ^ (ntx >> 16 & 0x01) ^ ((ad->nt_enc_par >> 7) & 0x01) ^ (ad->nt_enc >> 16 & 0x01))
+ )
+ return false;
+
+ uint32_t ar = prng_successor(ntx, 64);
+ if (
+ (oddparity8(ar >> 8 & 0xff) ^ (ar & 0x01) ^ ((ad->ar_enc_par >> 5) & 0x01) ^ (ad->ar_enc & 0x01)) ||
+ (oddparity8(ar >> 16 & 0xff) ^ (ar >> 8 & 0x01) ^ ((ad->ar_enc_par >> 6) & 0x01) ^ (ad->ar_enc >> 8 & 0x01)) ||
+ (oddparity8(ar >> 24 & 0xff) ^ (ar >> 16 & 0x01) ^ ((ad->ar_enc_par >> 7) & 0x01) ^ (ad->ar_enc >> 16 & 0x01))
+ )
+ return false;
+
+ uint32_t at = prng_successor(ntx, 96);
+ if (
+ (oddparity8(ar & 0xff) ^ (at >> 24 & 0x01) ^ ((ad->ar_enc_par >> 4) & 0x01) ^ (ad->at_enc >> 24 & 0x01)) ||
+ (oddparity8(at >> 8 & 0xff) ^ (at & 0x01) ^ ((ad->at_enc_par >> 5) & 0x01) ^ (ad->at_enc & 0x01)) ||
+ (oddparity8(at >> 16 & 0xff) ^ (at >> 8 & 0x01) ^ ((ad->at_enc_par >> 6) & 0x01) ^ (ad->at_enc >> 8 & 0x01)) ||
+ (oddparity8(at >> 24 & 0xff) ^ (at >> 16 & 0x01) ^ ((ad->at_enc_par >> 7) & 0x01) ^ (ad->at_enc >> 16 & 0x01))
+ )
+ return false;
+
+ return true;
+}
+
+bool NestedCheckKey(uint64_t key, TAuthData *ad, uint8_t *cmd, uint8_t cmdsize, uint8_t *parity) {
+ uint8_t buf[32] = {0};
+ struct Crypto1State *pcs;
+
+ AuthData.ks2 = 0;
+ AuthData.ks3 = 0;
+
+ pcs = crypto1_create(key);
+ uint32_t nt1 = crypto1_word(pcs, ad->nt_enc ^ ad->uid, 1) ^ ad->nt_enc;
+ uint32_t ar = prng_successor(nt1, 64);
+ uint32_t at = prng_successor(nt1, 96);
+
+ crypto1_word(pcs, ad->nr_enc, 1);
+// uint32_t nr1 = crypto1_word(pcs, ad->nr_enc, 1) ^ ad->nr_enc; // if needs deciphered nr
+ uint32_t ar1 = crypto1_word(pcs, 0, 0) ^ ad->ar_enc;
+ uint32_t at1 = crypto1_word(pcs, 0, 0) ^ ad->at_enc;
+
+ if (!(ar == ar1 && at == at1 && NTParityChk(ad, nt1)))
+ return false;
+
+ memcpy(buf, cmd, cmdsize);
+ mf_crypto1_decrypt(pcs, buf, cmdsize, 0);
+
+ crypto1_destroy(pcs);
+
+ if (!CheckCrypto1Parity(cmd, cmdsize, buf, parity))
+ return false;
+
+ if(!CheckCrc14443(CRC_14443_A, buf, cmdsize))
+ return false;
+
+ AuthData.nt = nt1;
+ AuthData.ks2 = AuthData.ar_enc ^ ar;
+ AuthData.ks3 = AuthData.at_enc ^ at;
+
+ return true;
+}
+
+bool CheckCrypto1Parity(uint8_t *cmd_enc, uint8_t cmdsize, uint8_t *cmd, uint8_t *parity_enc) {
+ for (int i = 0; i < cmdsize - 1; i++) {
+ if (oddparity8(cmd[i]) ^ (cmd[i + 1] & 0x01) ^ ((parity_enc[i / 8] >> (7 - i % 8)) & 0x01) ^ (cmd_enc[i + 1] & 0x01))
+ return false;
+ }
+
+ return true;
+}
+
+uint64_t GetCrypto1ProbableKey(TAuthData *ad) {
+ struct Crypto1State *revstate = lfsr_recovery64(ad->ks2, ad->ks3);
+ lfsr_rollback_word(revstate, 0, 0);
+ lfsr_rollback_word(revstate, 0, 0);
+ lfsr_rollback_word(revstate, ad->nr_enc, 1);
+ lfsr_rollback_word(revstate, ad->uid ^ ad->nt, 0);
+
+ uint64_t lfsr = 0;
+ crypto1_get_lfsr(revstate, &lfsr);
+ crypto1_destroy(revstate);
+
+ return lfsr;
+}
--- /dev/null
+//-----------------------------------------------------------------------------
+// Copyright (C) Merlok - 2017
+//
+// This code is licensed to you under the terms of the GNU GPL, version 2 or,
+// at your option, any later version. See the LICENSE.txt file for the text of
+// the license.
+//-----------------------------------------------------------------------------
+// Command: hf mf list. It shows data from arm buffer.
+//-----------------------------------------------------------------------------
+#ifndef CMDHFLIST_H
+#define CMDHFLIST_H
+
+#include <stdlib.h>
+#include <stdint.h>
+#include <stdbool.h>
+
+typedef struct {
+ uint32_t uid; // UID
+ uint32_t nt; // tag challenge
+ uint32_t nt_enc; // encrypted tag challenge
+ uint8_t nt_enc_par; // encrypted tag challenge parity
+ uint32_t nr_enc; // encrypted reader challenge
+ uint32_t ar_enc; // encrypted reader response
+ uint8_t ar_enc_par; // encrypted reader response parity
+ uint32_t at_enc; // encrypted tag response
+ uint8_t at_enc_par; // encrypted tag response parity
+ bool first_auth; // is first authentication
+ uint32_t ks2; // ar ^ ar_enc
+ uint32_t ks3; // at ^ at_enc
+} TAuthData;
+extern void ClearAuthData();
+
+extern uint8_t iso14443A_CRC_check(bool isResponse, uint8_t* data, uint8_t len);
+extern uint8_t mifare_CRC_check(bool isResponse, uint8_t* data, uint8_t len);
+extern void annotateIclass(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize);
+extern void annotateIso15693(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize);
+extern void annotateTopaz(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize);
+extern void annotateIso14443b(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize);
+extern void annotateIso14443a(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize);
+extern void annotateMifare(char *exp, size_t size, uint8_t* cmd, uint8_t cmdsize, uint8_t* parity, uint8_t paritysize, bool isResponse);
+extern bool DecodeMifareData(uint8_t *cmd, uint8_t cmdsize, uint8_t *parity, bool isResponse, uint8_t *mfData, size_t *mfDataLen);
+extern bool NTParityChk(TAuthData *ad, uint32_t ntx);
+extern bool NestedCheckKey(uint64_t key, TAuthData *ad, uint8_t *cmd, uint8_t cmdsize, uint8_t *parity);
+extern bool CheckCrypto1Parity(uint8_t *cmd_enc, uint8_t cmdsize, uint8_t *cmd, uint8_t *parity_enc);
+extern uint64_t GetCrypto1ProbableKey(TAuthData *ad);
+
+#endif // CMDHFLIST
#include "proxmark3.h"\r
#include "cmdmain.h"\r
#include "cmdhfmfhard.h"\r
+#include "parity.h"\r
#include "util.h"\r
#include "util_posix.h"\r
#include "usb_cmd.h"\r
//var\r
int res = 0;\r
int len = 0;\r
+ int parlen = 0;\r
int blockLen = 0;\r
int pckNum = 0;\r
int num = 0;\r
uint8_t *buf = NULL;\r
uint16_t bufsize = 0;\r
uint8_t *bufPtr = NULL;\r
+ uint8_t parity[16];\r
\r
char ctmp = param_getchar(Cmd, 0);\r
if ( ctmp == 'h' || ctmp == 'H' ) {\r
} else {\r
isTag = false;\r
}\r
+ parlen = (len - 1) / 8 + 1;\r
bufPtr += 2;\r
if ((len == 14) && (bufPtr[0] == 0xff) && (bufPtr[1] == 0xff) && (bufPtr[12] == 0xff) && (bufPtr[13] == 0xff)) {\r
memcpy(uid, bufPtr + 2, 7);\r
if (wantDecrypt)\r
mfTraceInit(uid, atqa, sak, wantSaveToEmlFile);\r
} else {\r
- PrintAndLog("%s(%d):%s", isTag ? "TAG":"RDR", num, sprint_hex(bufPtr, len));\r
+ oddparitybuf(bufPtr, len, parity);\r
+ PrintAndLog("%s(%d):%s [%s] c[%s]%c", \r
+ isTag ? "TAG":"RDR", \r
+ num, \r
+ sprint_hex(bufPtr, len), \r
+ printBitsPar(bufPtr + len, len), \r
+ printBitsPar(parity, len),\r
+ memcmp(bufPtr + len, parity, len / 8 + 1) ? '!' : ' ');\r
if (wantLogToFile)\r
AddLogHex(logHexFileName, isTag ? "TAG: ":"RDR: ", bufPtr, len);\r
if (wantDecrypt)\r
- mfTraceDecode(bufPtr, len, wantSaveToEmlFile);\r
+ mfTraceDecode(bufPtr, len, bufPtr[len], wantSaveToEmlFile);\r
num++;\r
}\r
bufPtr += len;\r
- bufPtr += ((len-1)/8+1); // ignore parity\r
+ bufPtr += parlen; // ignore parity\r
}\r
pckNum = 0;\r
}\r
int usage_lf_cmdread(void)
{
- PrintAndLog("Usage: lf cmdread d <delay period> z <zero period> o <one period> c <cmdbytes> [H] ");
+ PrintAndLog("Usage: lf cmdread d <delay period> z <zero period> o <one period> c <cmdbytes> ");
PrintAndLog("Options: ");
PrintAndLog(" h This help");
- PrintAndLog(" L Low frequency (125 KHz)");
- PrintAndLog(" H High frequency (134 KHz)");
- PrintAndLog(" d <delay> delay OFF period");
- PrintAndLog(" z <zero> time period ZERO");
- PrintAndLog(" o <one> time period ONE");
+ PrintAndLog(" d <delay> delay OFF period between bits (0 for bitbang mode)");
+ PrintAndLog(" z <zero> time period ZERO (antenna off in bitbang mode)");
+ PrintAndLog(" o <one> time period ONE (antenna on in bitbang mode)");
PrintAndLog(" c <cmd> Command bytes");
PrintAndLog(" ************* All periods in microseconds");
+ PrintAndLog(" ************* Use lf config to configure options.");
PrintAndLog("Examples:");
PrintAndLog(" lf cmdread d 80 z 100 o 200 c 11000");
- PrintAndLog(" lf cmdread d 80 z 100 o 100 c 11000 H");
+ PrintAndLog(" lf cmdread d 80 z 100 o 100 c 11000");
return 0;
}
/* send a command before reading */
int CmdLFCommandRead(const char *Cmd)
{
- static char dummy[3] = {0x20,0x00,0x00};
UsbCommand c = {CMD_MOD_THEN_ACQUIRE_RAW_ADC_SAMPLES_125K};
bool errors = false;
//uint8_t divisor = 95; //125khz
{
case 'h':
return usage_lf_cmdread();
- case 'H':
- //divisor = 88;
- dummy[1]='h';
- cmdp++;
- break;
- case 'L':
- cmdp++;
- break;
case 'c':
param_getstr(Cmd, cmdp+1, (char *)&c.d.asBytes, sizeof(c.d.asBytes));
cmdp+=2;
//Validations
if(errors) return usage_lf_cmdread();
- // in case they specified 'H'
- strcpy((char *)&c.d.asBytes + strlen((char *)c.d.asBytes), dummy);
-
clearCommandBuffer();
SendCommand(&c);
+
+ WaitForResponse(CMD_ACK,NULL);
+ getSamples(0, true);
+
+
return 0;
}
}
if (msclock() - start_time > 2000 && show_warning) {
PrintAndLog("Waiting for a response from the proxmark...");
- PrintAndLog("Don't forget to cancel its operation first by pressing on the button");
+ PrintAndLog("You can cancel this operation by pressing the pm3 button");
show_warning = false;
}
}
#include "usb_cmd.h"\r
#include "cmdmain.h"\r
#include "ui.h"\r
+#include "parity.h"\r
#include "util.h"\r
#include "iso14443crc.h"\r
\r
\r
\r
// Darkside attack (hf mf mifare)\r
-static uint32_t nonce2key(uint32_t uid, uint32_t nt, uint32_t nr, uint64_t par_info, uint64_t ks_info, uint64_t **keys) {\r
+static uint32_t nonce2key(uint32_t uid, uint32_t nt, uint32_t nr, uint32_t ar, uint64_t par_info, uint64_t ks_info, uint64_t **keys) {\r
struct Crypto1State *states;\r
- uint32_t i, pos, rr; //nr_diff;\r
+ uint32_t i, pos;\r
uint8_t bt, ks3x[8], par[8][8];\r
uint64_t key_recovered;\r
- static uint64_t *keylist;\r
- rr = 0;\r
+ uint64_t *keylist;\r
\r
// Reset the last three significant bits of the reader nonce\r
nr &= 0xffffff1f;\r
}\r
}\r
\r
- states = lfsr_common_prefix(nr, rr, ks3x, par, (par_info == 0));\r
+ states = lfsr_common_prefix(nr, ar, ks3x, par, (par_info == 0));\r
\r
if (states == NULL) {\r
*keys = NULL;\r
int mfDarkside(uint64_t *key)\r
{\r
uint32_t uid = 0;\r
- uint32_t nt = 0, nr = 0;\r
+ uint32_t nt = 0, nr = 0, ar = 0;\r
uint64_t par_list = 0, ks_list = 0;\r
uint64_t *keylist = NULL, *last_keylist = NULL;\r
uint32_t keycount = 0;\r
nt = (uint32_t)bytes_to_num(resp.d.asBytes + 4, 4);\r
par_list = bytes_to_num(resp.d.asBytes + 8, 8);\r
ks_list = bytes_to_num(resp.d.asBytes + 16, 8);\r
- nr = bytes_to_num(resp.d.asBytes + 24, 4);\r
+ nr = (uint32_t)bytes_to_num(resp.d.asBytes + 24, 4);\r
+ ar = (uint32_t)bytes_to_num(resp.d.asBytes + 28, 4);\r
break;\r
}\r
}\r
\r
if (par_list == 0 && c.arg[0] == true) {\r
PrintAndLog("Parity is all zero. Most likely this card sends NACK on every failed authentication.");\r
- PrintAndLog("Attack will take a few seconds longer because we need two consecutive successful runs.");\r
}\r
c.arg[0] = false;\r
\r
- keycount = nonce2key(uid, nt, nr, par_list, ks_list, &keylist);\r
+ keycount = nonce2key(uid, nt, nr, ar, par_list, ks_list, &keylist);\r
\r
if (keycount == 0) {\r
PrintAndLog("Key not found (lfsr_common_prefix list is null). Nt=%08x", nt);\r
int size = keycount - i > max_keys ? max_keys : keycount - i;\r
for (int j = 0; j < size; j++) {\r
if (par_list == 0) {\r
- num_to_bytes(last_keylist[i*max_keys + j], 6, keyBlock);\r
+ num_to_bytes(last_keylist[i*max_keys + j], 6, keyBlock+(j*6));\r
} else {\r
- num_to_bytes(keylist[i*max_keys + j], 6, keyBlock);\r
+ num_to_bytes(keylist[i*max_keys + j], 6, keyBlock+(j*6));\r
}\r
}\r
if (!mfCheckKeys(0, 0, false, size, keyBlock, key)) {\r
\r
struct Crypto1State *revstate;\r
uint64_t lfsr;\r
+uint64_t ui64Key;\r
uint32_t ks2;\r
uint32_t ks3;\r
\r
-uint32_t uid; // serial number\r
-uint32_t nt; // tag challenge\r
-uint32_t nr_enc; // encrypted reader challenge\r
-uint32_t ar_enc; // encrypted reader response\r
-uint32_t at_enc; // encrypted tag response\r
+uint32_t uid; // serial number\r
+uint32_t nt; // tag challenge\r
+uint32_t nt_enc; // encrypted tag challenge\r
+uint8_t nt_enc_par; // encrypted tag challenge parity\r
+uint32_t nr_enc; // encrypted reader challenge\r
+uint32_t ar_enc; // encrypted reader response\r
+uint8_t ar_enc_par; // encrypted reader response parity\r
+uint32_t at_enc; // encrypted tag response\r
+uint8_t at_enc_par; // encrypted tag response parity\r
\r
int isTraceCardEmpty(void) {\r
return ((traceCard[0] == 0) && (traceCard[1] == 0) && (traceCard[2] == 0) && (traceCard[3] == 0));\r
return;\r
}\r
\r
+bool NTParityCheck(uint32_t ntx) {\r
+ if (\r
+ (oddparity8(ntx >> 8 & 0xff) ^ (ntx & 0x01) ^ ((nt_enc_par >> 5) & 0x01) ^ (nt_enc & 0x01)) ||\r
+ (oddparity8(ntx >> 16 & 0xff) ^ (ntx >> 8 & 0x01) ^ ((nt_enc_par >> 6) & 0x01) ^ (nt_enc >> 8 & 0x01)) ||\r
+ (oddparity8(ntx >> 24 & 0xff) ^ (ntx >> 16 & 0x01) ^ ((nt_enc_par >> 7) & 0x01) ^ (nt_enc >> 16 & 0x01))\r
+ )\r
+ return false;\r
+ \r
+ uint32_t ar = prng_successor(ntx, 64);\r
+ if (\r
+ (oddparity8(ar >> 8 & 0xff) ^ (ar & 0x01) ^ ((ar_enc_par >> 5) & 0x01) ^ (ar_enc & 0x01)) ||\r
+ (oddparity8(ar >> 16 & 0xff) ^ (ar >> 8 & 0x01) ^ ((ar_enc_par >> 6) & 0x01) ^ (ar_enc >> 8 & 0x01)) ||\r
+ (oddparity8(ar >> 24 & 0xff) ^ (ar >> 16 & 0x01) ^ ((ar_enc_par >> 7) & 0x01) ^ (ar_enc >> 16 & 0x01))\r
+ )\r
+ return false;\r
+\r
+ uint32_t at = prng_successor(ntx, 96);\r
+ if (\r
+ (oddparity8(ar & 0xff) ^ (at >> 24 & 0x01) ^ ((ar_enc_par >> 4) & 0x01) ^ (at_enc >> 24 & 0x01)) ||\r
+ (oddparity8(at >> 8 & 0xff) ^ (at & 0x01) ^ ((at_enc_par >> 5) & 0x01) ^ (at_enc & 0x01)) ||\r
+ (oddparity8(at >> 16 & 0xff) ^ (at >> 8 & 0x01) ^ ((at_enc_par >> 6) & 0x01) ^ (at_enc >> 8 & 0x01)) ||\r
+ (oddparity8(at >> 24 & 0xff) ^ (at >> 16 & 0x01) ^ ((at_enc_par >> 7) & 0x01) ^ (at_enc >> 16 & 0x01))\r
+ )\r
+ return false;\r
+ \r
+ return true;\r
+}\r
\r
-int mfTraceDecode(uint8_t *data_src, int len, bool wantSaveToEmlFile) {\r
+\r
+int mfTraceDecode(uint8_t *data_src, int len, uint8_t parity, bool wantSaveToEmlFile) {\r
uint8_t data[64];\r
\r
if (traceState == TRACE_ERROR) return 1;\r
memcpy(data, data_src, len);\r
if ((traceCrypto1) && ((traceState == TRACE_IDLE) || (traceState > TRACE_AUTH_OK))) {\r
mf_crypto1_decrypt(traceCrypto1, data, len, 0);\r
- PrintAndLog("dec> %s", sprint_hex(data, len));\r
+ uint8_t parity[16];\r
+ oddparitybuf(data, len, parity);\r
+ PrintAndLog("dec> %s [%s]", sprint_hex(data, len), printBitsPar(parity, len));\r
AddLogHex(logHexFileName, "dec> ", data, len);\r
}\r
\r
case TRACE_AUTH1:\r
if (len == 4) {\r
traceState = TRACE_AUTH2;\r
- nt = bytes_to_num(data, 4);\r
+ if (!traceCrypto1) {\r
+ nt = bytes_to_num(data, 4);\r
+ } else {\r
+ nt_enc = bytes_to_num(data, 4);\r
+ nt_enc_par = parity;\r
+ }\r
return 0;\r
} else {\r
traceState = TRACE_ERROR;\r
\r
nr_enc = bytes_to_num(data, 4);\r
ar_enc = bytes_to_num(data + 4, 4);\r
+ ar_enc_par = parity << 4;\r
return 0;\r
} else {\r
traceState = TRACE_ERROR;\r
if (len ==4) {\r
traceState = TRACE_IDLE;\r
\r
+ at_enc = bytes_to_num(data, 4);\r
+ at_enc_par = parity;\r
if (!traceCrypto1) {\r
- at_enc = bytes_to_num(data, 4);\r
\r
// decode key here)\r
ks2 = ar_enc ^ prng_successor(nt, 64);\r
lfsr_rollback_word(revstate, uid ^ nt, 0);\r
\r
crypto1_get_lfsr(revstate, &lfsr);\r
- printf("key> %x%x\n", (unsigned int)((lfsr & 0xFFFFFFFF00000000) >> 32), (unsigned int)(lfsr & 0xFFFFFFFF));\r
+ crypto1_destroy(revstate);\r
+ ui64Key = lfsr;\r
+ printf("key> probable key:%x%x Prng:%s ks2:%08x ks3:%08x\n", \r
+ (unsigned int)((lfsr & 0xFFFFFFFF00000000) >> 32), (unsigned int)(lfsr & 0xFFFFFFFF), \r
+ validate_prng_nonce(nt) ? "WEAK": "HARDEND",\r
+ ks2,\r
+ ks3);\r
AddLogUint64(logHexFileName, "key> ", lfsr);\r
} else {\r
- printf("key> nested not implemented!\n");\r
- at_enc = bytes_to_num(data, 4);\r
+ if (validate_prng_nonce(nt)) {\r
+ struct Crypto1State *pcs;\r
+ pcs = crypto1_create(ui64Key);\r
+ uint32_t nt1 = crypto1_word(pcs, nt_enc ^ uid, 1) ^ nt_enc;\r
+ uint32_t ar = prng_successor(nt1, 64);\r
+ uint32_t at = prng_successor(nt1, 96);\r
+ printf("key> nested auth uid: %08x nt: %08x nt_parity: %s ar: %08x at: %08x\n", uid, nt1, printBitsPar(&nt_enc_par, 4), ar, at);\r
+ uint32_t nr1 = crypto1_word(pcs, nr_enc, 1) ^ nr_enc;\r
+ uint32_t ar1 = crypto1_word(pcs, 0, 0) ^ ar_enc;\r
+ uint32_t at1 = crypto1_word(pcs, 0, 0) ^ at_enc;\r
+ printf("key> the same key test. nr1: %08x ar1: %08x at1: %08x \n", nr1, ar1, at1);\r
+\r
+ if (NTParityCheck(nt1))\r
+ printf("key> the same key test OK. key=%x%x\n", (unsigned int)((ui64Key & 0xFFFFFFFF00000000) >> 32), (unsigned int)(ui64Key & 0xFFFFFFFF));\r
+ else\r
+ printf("key> the same key test. check nt parity error.\n");\r
+ \r
+ uint32_t ntc = prng_successor(nt, 90);\r
+ uint32_t ntx = 0;\r
+ int ntcnt = 0;\r
+ for (int i = 0; i < 16383; i++) {\r
+ ntc = prng_successor(ntc, 1);\r
+ if (NTParityCheck(ntc)){\r
+ if (!ntcnt)\r
+ ntx = ntc;\r
+ ntcnt++;\r
+ } \r
+ }\r
+ if (ntcnt)\r
+ printf("key> nt candidate=%08x nonce distance=%d candidates count=%d\n", ntx, nonce_distance(nt, ntx), ntcnt);\r
+ else\r
+ printf("key> don't have any nt candidate( \n");\r
+\r
+ nt = ntx;\r
+ ks2 = ar_enc ^ prng_successor(ntx, 64);\r
+ ks3 = at_enc ^ prng_successor(ntx, 96);\r
+\r
+ // decode key\r
+ revstate = lfsr_recovery64(ks2, ks3);\r
+ lfsr_rollback_word(revstate, 0, 0);\r
+ lfsr_rollback_word(revstate, 0, 0);\r
+ lfsr_rollback_word(revstate, nr_enc, 1);\r
+ lfsr_rollback_word(revstate, uid ^ nt, 0);\r
+\r
+ crypto1_get_lfsr(revstate, &lfsr);\r
+ crypto1_destroy(revstate);\r
+ ui64Key = lfsr;\r
+ printf("key> probable key:%x%x ks2:%08x ks3:%08x\n", \r
+ (unsigned int)((lfsr & 0xFFFFFFFF00000000) >> 32), (unsigned int)(lfsr & 0xFFFFFFFF),\r
+ ks2,\r
+ ks3);\r
+ AddLogUint64(logHexFileName, "key> ", lfsr);\r
+ } else { \r
+ printf("key> hardnested not implemented!\n");\r
\r
- crypto1_destroy(traceCrypto1);\r
+ crypto1_destroy(traceCrypto1);\r
\r
- // not implemented\r
- traceState = TRACE_ERROR;\r
+ // not implemented\r
+ traceState = TRACE_ERROR;\r
+ }\r
}\r
\r
int blockShift = ((traceCurBlock & 0xFC) + 3) * 16;\r
#include <stdint.h>\r
#include <stdbool.h>\r
#include "data.h"\r
+#include "crapto1/crapto1.h"\r
\r
// defaults\r
// timeout in units. (ms * 106)/10 or us*0.0106\r
extern int mfCGetBlock(uint8_t blockNo, uint8_t *data, uint8_t params);\r
\r
extern int mfTraceInit(uint8_t *tuid, uint8_t *atqa, uint8_t sak, bool wantSaveToEmlFile);\r
-extern int mfTraceDecode(uint8_t *data_src, int len, bool wantSaveToEmlFile);\r
+extern int mfTraceDecode(uint8_t *data_src, int len, uint8_t parity, bool wantSaveToEmlFile);\r
\r
extern int isTraceCardEmpty(void);\r
extern int isBlockEmpty(int blockN);\r
\r
extern int mfCIdentify();\r
extern int DetectClassicPrng(void);\r
+extern bool validate_prng_nonce(uint32_t nonce);\r
+extern void mf_crypto1_decrypt(struct Crypto1State *pcs, uint8_t *data, int len, bool isEncrypted);\r
\r
#endif\r
char *tmp = (char *)buf;
size_t i;
+ memset(tmp, 0x00, hex_max_len);
int maxLen = ( hex_len > hex_max_len) ? hex_max_len : hex_len;
return buf;
}
+char * printBitsPar(const uint8_t *b, size_t len) {
+ static char buf1[512] = {0};
+ static char buf2[512] = {0};
+ static char *buf;
+ if (buf != buf1)
+ buf = buf1;
+ else
+ buf = buf2;
+ memset(buf, 0x00, 512);
+
+ for (int i = 0; i < len; i++) {
+ buf[i] = ((b[i / 8] << (i % 8)) & 0x80) ? '1':'0';
+ }
+ return buf;
+}
+
+
// -------------------------------------------------------------------------
// string parameters lib
// -------------------------------------------------------------------------
extern void num_to_bytebits(uint64_t n, size_t len, uint8_t *dest);
extern void num_to_bytebitsLSBF(uint64_t n, size_t len, uint8_t *dest);
extern char *printBits(size_t const size, void const * const ptr);
+extern char * printBitsPar(const uint8_t *b, size_t len);
extern uint32_t SwapBits(uint32_t value, int nrbits);
extern uint8_t *SwapEndian64(const uint8_t *src, const size_t len, const uint8_t blockSize);
extern void SwapEndian64ex(const uint8_t *src, const size_t len, const uint8_t blockSize, uint8_t *dest);
#include <stdint.h>
#include <stdbool.h>
+#include "string.h"
extern const uint8_t OddByteParity[256];
return OddByteParity[x];
}
+static inline void oddparitybuf(const uint8_t *x, size_t len, uint8_t *parity) {
+ memset(parity, 0x00, (len - 1) / 8 + 1);
+ for (int i = 0; i < len; i++)
+ parity[i / 8] |= oddparity8(x[i]) << (7 - (i % 8));
+}
static inline bool evenparity8(const uint8_t x) {
return !OddByteParity[x];
#define TOPAZ_WRITE_NE8 0x1B // Write-no-erase (eight bytes)
-#define ISO_14443A 0
-#define ICLASS 1
-#define ISO_14443B 2
-#define TOPAZ 3
+#define ISO_14443A 0
+#define ICLASS 1
+#define ISO_14443B 2
+#define TOPAZ 3
+#define PROTO_MIFARE 4
//-- Picopass fuses
#define FUSE_FPERS 0x80
projects / proxmark3-svn / commitdiff