From: iceman1001 Date: Tue, 20 Jan 2015 19:59:24 +0000 (+0100) Subject: Merge branch 'master' of https://github.com/holiman/proxmark3 X-Git-Tag: v2.0.0-rc1~44^2~12 X-Git-Url: http://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/commitdiff_plain/c8b6da2295a35cda0232f147993a0ed6ff68b207?hp=-c Merge branch 'master' of https://github.com/holiman/proxmark3 Conflicts: armsrc/appmain.c armsrc/apps.h Step 1 for the Ultralight / Ultralight-c --- c8b6da2295a35cda0232f147993a0ed6ff68b207 diff --combined armsrc/apps.h index 27e08fa1,cc462dc1..376e52c8 --- a/armsrc/apps.h +++ b/armsrc/apps.h @@@ -39,25 -39,6 +39,25 @@@ uint32_t BigBuf[BIGBUF_SIZE / sizeof(ui #define FREE_BUFFER_OFFSET (CARD_MEMORY_OFFSET + CARD_MEMORY_SIZE) #define FREE_BUFFER_SIZE (BIGBUF_SIZE - FREE_BUFFER_OFFSET - 1) +/* +The statements above translates into this : +BIGBUF_SIZE = 40000 +TRACE_OFFSET = 0 +TRACE_SIZE = 3000 +RECV_CMD_OFFSET = 3000 +MAX_FRAME_SIZE = 256 +MAX_PARITY_SIZE = 32 +RECV_CMD_PAR_OFFSET = 3256 +RECV_RESP_OFFSET = 3288 +RECV_RESP_PAR_OFFSET= 3544 +CARD_MEMORY_OFFSET = 3576 +CARD_MEMORY_SIZE = 4096 +DMA_BUFFER_OFFSET = 3576 +DMA_BUFFER_SIZE = 4096 +FREE_BUFFER_OFFSET = 7672 +FREE_BUFFER_SIZE = 32327 + */ + extern const uint8_t OddByteParity[256]; extern uint8_t *trace; // = (uint8_t *) BigBuf; extern int traceLen; // = 0; @@@ -136,8 -117,6 +136,8 @@@ void SetAdcMuxFor(uint32_t whichGpio) #define FPGA_HF_SIMULATOR_MODULATE_BPSK (1<<0) #define FPGA_HF_SIMULATOR_MODULATE_212K (2<<0) #define FPGA_HF_SIMULATOR_MODULATE_424K (4<<0) +#define FPGA_HF_SIMULATOR_MODULATE_424K_8BIT 0x5//101 + // Options for ISO14443A #define FPGA_HF_ISO14443A_SNIFFER (0<<0) #define FPGA_HF_ISO14443A_TAGSIM_LISTEN (1<<0) @@@ -200,7 -179,9 +200,9 @@@ void ReaderMifare(bool first_try) int32_t dist_nt(uint32_t nt1, uint32_t nt2); void MifareReadBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *data); void MifareUReadBlock(uint8_t arg0,uint8_t *datain); - void MifareUReadCard(uint8_t arg0, int arg1, uint8_t *datain); + void MifareUC_Auth1(uint8_t arg0, uint8_t *datain); + void MifareUC_Auth2(uint32_t arg0, uint8_t *datain); + void MifareUReadCard(uint8_t arg0, int Pages, uint8_t *datain); void MifareReadSector(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain); void MifareWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain); void MifareUWriteBlock(uint8_t arg0,uint8_t *datain); diff --combined armsrc/iso14443a.c index d326be2c,cf55e606..2722ccb2 --- a/armsrc/iso14443a.c +++ b/armsrc/iso14443a.c @@@ -1001,10 -1001,10 +1001,11 @@@ void SimulateIso14443aTag(int tagType, } // The second response contains the (mandatory) first 24 bits of the UID -- uint8_t response2[5]; ++ uint8_t response2[5] = {0x00}; // Check if the uid uses the (optional) part -- uint8_t response2a[5]; ++ uint8_t response2a[5] = {0x00}; ++ if (uid_2nd) { response2[0] = 0x88; num_to_bytes(uid_1st,3,response2+1); @@@ -1025,12 -1025,12 +1026,12 @@@ response2[4] = response2[0] ^ response2[1] ^ response2[2] ^ response2[3]; // Prepare the mandatory SAK (for 4 and 7 byte UID) -- uint8_t response3[3]; ++ uint8_t response3[3] = {0x00}; response3[0] = sak; ComputeCrc14443(CRC_14443_A, response3, 1, &response3[1], &response3[2]); // Prepare the optional second SAK (for 7 byte UID), drop the cascade bit -- uint8_t response3a[3]; ++ uint8_t response3a[3] = {0x00}; response3a[0] = sak & 0xFB; ComputeCrc14443(CRC_14443_A, response3a, 1, &response3a[1], &response3a[2]); @@@ -1772,7 -1772,7 +1773,7 @@@ int iso14443a_select_card(byte_t *uid_p Dbprintf("Multiple tags detected. Collision after Bit %d", Demod.collisionPos); for (uint16_t i = collision_answer_offset; i < Demod.collisionPos; i++, uid_resp_bits++) { // add valid UID bits before collision point uint16_t UIDbit = (resp[i/8] >> (i % 8)) & 0x01; - uid_resp[uid_resp_bits & 0xf8] |= UIDbit << (uid_resp_bits % 8); + uid_resp[uid_resp_bits / 8] |= UIDbit << (uid_resp_bits % 8); } uid_resp[uid_resp_bits/8] |= 1 << (uid_resp_bits % 8); // next time select the card(s) with a 1 in the collision position uid_resp_bits++; diff --combined armsrc/mifarecmd.c index 22926dcf,22926dcf..a96164fc --- a/armsrc/mifarecmd.c +++ b/armsrc/mifarecmd.c @@@ -104,14 -104,14 +104,14 @@@ void MifareUC_Auth1(uint8_t arg0, uint8 if(!iso14443a_select_card(uid, NULL, &cuid)) { if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card"); -- OnError(0); ++ //OnError(0); return; }; if(mifare_ultra_auth1(cuid, dataoutbuf)){ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Authentication part1: Fail."); -- OnError(1); ++ //OnError(1); return; } @@@ -138,7 -138,7 +138,7 @@@ void MifareUC_Auth2(uint32_t arg0, uint if(mifare_ultra_auth2(cuid, key, dataoutbuf)){ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Authentication part2: Fail..."); -- OnError(1); ++ //OnError(1); return; } @@@ -1141,14 -1141,14 +1141,14 @@@ void Mifare_DES_Auth1(uint8_t arg0, uin if(!len) { if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card"); -- OnError(1); ++ //OnError(1); return; }; if(mifare_desfire_des_auth1(cuid, dataout)){ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Authentication part1: Fail."); -- OnError(4); ++ //OnError(4); return; } @@@ -1171,7 -1171,7 +1171,7 @@@ void Mifare_DES_Auth2(uint32_t arg0, ui if( isOK) { if (MF_DBGLEVEL >= MF_DBG_EXTENDED) Dbprintf("Authentication part2: Failed"); -- OnError(4); ++ //OnError(4); return; } @@@ -1181,4 -1181,4 +1181,4 @@@ cmd_send(CMD_ACK, isOK, 0, 0, dataout, sizeof(dataout)); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); LEDsoff(); --} ++} diff --combined armsrc/mifaresniff.c index fed12772,fed12772..9b6f5f04 --- a/armsrc/mifaresniff.c +++ b/armsrc/mifaresniff.c @@@ -13,10 -13,10 +13,10 @@@ static int sniffState = SNF_INIT; static uint8_t sniffUIDType; --static uint8_t sniffUID[8]; --static uint8_t sniffATQA[2]; ++static uint8_t sniffUID[8] = {0x00}; ++static uint8_t sniffATQA[2] = {0x00}; static uint8_t sniffSAK; --static uint8_t sniffBuf[16]; ++static uint8_t sniffBuf[16] = {0x00}; static uint32_t timerData = 0; diff --combined armsrc/mifareutil.c index 2b3a5fcf,2b3a5fcf..163eca79 --- a/armsrc/mifareutil.c +++ b/armsrc/mifareutil.c @@@ -623,3 -623,3 +623,98 @@@ void emlClearMem(void) emlSetMem((uint8_t *)uid, 0, 1); return; } ++ ++ ++// Mifare desfire commands ++int mifare_sendcmd_special(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t* data, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing) ++{ ++ uint8_t dcmd[5] = {0x00}; ++ dcmd[0] = cmd; ++ memcpy(dcmd+1,data,2); ++ AppendCrc14443a(dcmd, 3); ++ ++ ReaderTransmit(dcmd, sizeof(dcmd), NULL); ++ int len = ReaderReceive(answer, answer_parity); ++ if(!len) { ++ if (MF_DBGLEVEL >= MF_DBG_ERROR) ++ Dbprintf("Authentication failed. Card timeout."); ++ return 1; ++ } ++ return len; ++} ++ ++int mifare_sendcmd_special2(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t* data, uint8_t* answer,uint8_t *answer_parity, uint32_t *timing) ++{ ++ uint8_t dcmd[20] = {0x00}; ++ dcmd[0] = cmd; ++ memcpy(dcmd+1,data,17); ++ AppendCrc14443a(dcmd, 18); ++ ++ ReaderTransmit(dcmd, sizeof(dcmd), NULL); ++ int len = ReaderReceive(answer, answer_parity); ++ if(!len){ ++ if (MF_DBGLEVEL >= MF_DBG_ERROR) ++ Dbprintf("Authentication failed. Card timeout."); ++ return 1; ++ } ++ return len; ++} ++ ++int mifare_desfire_des_auth1(uint32_t uid, uint8_t *blockData){ ++ ++ int len; ++ // load key, keynumber ++ uint8_t data[2]={0x0a, 0x00}; ++ uint8_t* receivedAnswer = get_bigbufptr_recvrespbuf(); ++ uint8_t *receivedAnswerPar = receivedAnswer + MAX_FRAME_SIZE; ++ ++ len = mifare_sendcmd_special(NULL, 1, 0x02, data, receivedAnswer,receivedAnswerPar,NULL); ++ if (len == 1) { ++ if (MF_DBGLEVEL >= MF_DBG_ERROR) ++ Dbprintf("Cmd Error: %02x", receivedAnswer[0]); ++ return 1; ++ } ++ ++ if (len == 12) { ++ if (MF_DBGLEVEL >= MF_DBG_EXTENDED) { ++ Dbprintf("Auth1 Resp: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", ++ receivedAnswer[0],receivedAnswer[1],receivedAnswer[2],receivedAnswer[3],receivedAnswer[4], ++ receivedAnswer[5],receivedAnswer[6],receivedAnswer[7],receivedAnswer[8],receivedAnswer[9], ++ receivedAnswer[10],receivedAnswer[11]); ++ } ++ memcpy(blockData, receivedAnswer, 12); ++ return 0; ++ } ++ return 1; ++} ++ ++int mifare_desfire_des_auth2(uint32_t uid, uint8_t *key, uint8_t *blockData){ ++ ++ int len; ++ uint8_t data[17] = {0x00}; ++ data[0] = 0xAF; ++ memcpy(data+1,key,16); ++ ++ uint8_t* receivedAnswer = get_bigbufptr_recvrespbuf(); ++ uint8_t *receivedAnswerPar = receivedAnswer + MAX_FRAME_SIZE; ++ ++ len = mifare_sendcmd_special2(NULL, 1, 0x03, data, receivedAnswer, receivedAnswerPar ,NULL); ++ ++ if ((receivedAnswer[0] == 0x03) && (receivedAnswer[1] == 0xae)) { ++ if (MF_DBGLEVEL >= MF_DBG_ERROR) ++ Dbprintf("Auth Error: %02x %02x", receivedAnswer[0], receivedAnswer[1]); ++ return 1; ++ } ++ ++ if (len == 12){ ++ if (MF_DBGLEVEL >= MF_DBG_EXTENDED) { ++ Dbprintf("Auth2 Resp: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", ++ receivedAnswer[0],receivedAnswer[1],receivedAnswer[2],receivedAnswer[3],receivedAnswer[4], ++ receivedAnswer[5],receivedAnswer[6],receivedAnswer[7],receivedAnswer[8],receivedAnswer[9], ++ receivedAnswer[10],receivedAnswer[11]); ++ } ++ memcpy(blockData, receivedAnswer, 12); ++ return 0; ++ } ++ return 1; ++} diff --combined armsrc/mifareutil.h index a62a9f0b,a62a9f0b..2770a442 --- a/armsrc/mifareutil.h +++ b/armsrc/mifareutil.h @@@ -72,6 -72,6 +72,11 @@@ int mifare_ultra_special_writeblock(uin int mifare_classic_halt(struct Crypto1State *pcs, uint32_t uid); int mifare_ultra_halt(uint32_t uid); ++// desfire ++int mifare_sendcmd_special(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t* data, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing); ++int mifare_sendcmd_special2(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t* data, uint8_t* answer,uint8_t *answer_parity, uint32_t *timing); ++int mifare_desfire_des_auth1(uint32_t uid, uint8_t *blockData); ++int mifare_desfire_des_auth2(uint32_t uid, uint8_t *key, uint8_t *blockData); // crypto functions void mf_crypto1_decrypt(struct Crypto1State *pcs, uint8_t *receivedCmd, int len); diff --combined client/Makefile index 523a1ad1,523a1ad1..77fee4e6 --- a/client/Makefile +++ b/client/Makefile @@@ -13,11 -13,11 +13,10 @@@ CXX=g+ VPATH = ../common OBJDIR = obj --LDLIBS = -L/opt/local/lib -L/usr/local/lib ../liblua/liblua.a -lreadline -lpthread -lm ++LDLIBS = -L/opt/local/lib -L/usr/local/lib ../liblua/liblua.a -lreadline -lpthread -lm -lcrypto LDFLAGS = $(COMMON_FLAGS) --CFLAGS = -std=c99 -I. -I../include -I../common -I/opt/local/include -I../liblua -Wall $(COMMON_FLAGS) -g -O4 ++CFLAGS = -std=c99 -lcrypto -I. -I../include -I../common -I/opt/local/include -I../liblua -Wall $(COMMON_FLAGS) -g -O4 LUAPLATFORM = generic -- ifneq (,$(findstring MINGW,$(platform))) CXXFLAGS = -I$(QTDIR)/include -I$(QTDIR)/include/QtCore -I$(QTDIR)/include/QtGui QTLDLIBS = -L$(QTDIR)/lib -lQtCore4 -lQtGui4