From 71d90e54cdfbe625c70185b2db53e4d87d68ec14 Mon Sep 17 00:00:00 2001 From: "Merlokbr@gmail.com" Date: Tue, 17 Jul 2012 15:19:15 +0000 Subject: [PATCH] `hf mf sniff` transfered parity from arm to decoding procedure --- armsrc/iso14443a.c | 4 ++-- armsrc/mifaresniff.c | 8 ++++---- armsrc/mifaresniff.h | 2 +- client/cmdhfmf.c | 7 +++++-- client/mifarehost.c | 8 +++++++- client/mifarehost.h | 2 +- 6 files changed, 20 insertions(+), 11 deletions(-) diff --git a/armsrc/iso14443a.c b/armsrc/iso14443a.c index d2d79bda..6b481df2 100644 --- a/armsrc/iso14443a.c +++ b/armsrc/iso14443a.c @@ -2455,7 +2455,7 @@ void RAMFUNC SniffMifare(uint8_t param) { if(MillerDecoding((data[0] & 0xF0) >> 4)) { LED_C_INV(); // check - if there is a short 7bit request from reader - if (MfSniffLogic(receivedCmd, Uart.byteCnt, Uart.bitCnt, TRUE)) break; + if (MfSniffLogic(receivedCmd, Uart.byteCnt, Uart.parityBits, Uart.bitCnt, TRUE)) break; /* And ready to receive another command. */ Uart.state = STATE_UNSYNCD; @@ -2467,7 +2467,7 @@ void RAMFUNC SniffMifare(uint8_t param) { if(ManchesterDecoding(data[0] & 0x0F)) { LED_C_INV(); - if (MfSniffLogic(receivedResponse, Demod.len, Uart.bitCnt, FALSE)) break; + if (MfSniffLogic(receivedResponse, Demod.len, Demod.parityBits, Demod.bitCount, FALSE)) break; // And ready to receive another response. memset(&Demod, 0, sizeof(Demod)); diff --git a/armsrc/mifaresniff.c b/armsrc/mifaresniff.c index 31e0287d..fc5156fd 100644 --- a/armsrc/mifaresniff.c +++ b/armsrc/mifaresniff.c @@ -40,7 +40,7 @@ int MfSniffEnd(void){ return 0; } -int RAMFUNC MfSniffLogic(const uint8_t * data, int len, int bitCnt, int reader) { +int RAMFUNC MfSniffLogic(const uint8_t * data, int len, uint32_t parity, int bitCnt, int reader) { if ((len == 1) && (bitCnt = 9) && (data[0] > 0x0F)) { sniffState = SNF_INIT; @@ -121,18 +121,18 @@ int RAMFUNC MfSniffLogic(const uint8_t * data, int len, int bitCnt, int reader) sniffBuf[11] = sniffSAK; sniffBuf[12] = 0xFF; sniffBuf[13] = 0xFF; - LogTrace(sniffBuf, 14, 0, 0, true); + LogTrace(sniffBuf, 14, 0, parity, true); timerData = GetTickCount(); } case SNF_CARD_CMD:{ - LogTrace(data, len, 0, 0, true); + LogTrace(data, len, 0, parity, true); sniffState = SNF_CARD_RESP; timerData = GetTickCount(); break; } case SNF_CARD_RESP:{ - LogTrace(data, len, 0, 0, false); + LogTrace(data, len, 0, parity, false); sniffState = SNF_CARD_CMD; timerData = GetTickCount(); diff --git a/armsrc/mifaresniff.h b/armsrc/mifaresniff.h index 2012f9d7..db5af9a8 100644 --- a/armsrc/mifaresniff.h +++ b/armsrc/mifaresniff.h @@ -39,7 +39,7 @@ #define SNF_UID_7 0 int MfSniffInit(void); -int RAMFUNC MfSniffLogic(const uint8_t * data, int len, int bitCnt, int reader); +int RAMFUNC MfSniffLogic(const uint8_t * data, int len, uint32_t parity, int bitCnt, int reader); int RAMFUNC MfSniffSend(int maxTimeoutMs); int intMfSniffSend(); int MfSniffEnd(void); diff --git a/client/cmdhfmf.c b/client/cmdhfmf.c index c7f51ed8..9624ce9a 100644 --- a/client/cmdhfmf.c +++ b/client/cmdhfmf.c @@ -1558,6 +1558,7 @@ int CmdHF14AMfSniff(const char *Cmd){ uint8_t atqa[2]; uint8_t sak; bool isTag; + uint32_t parity; uint8_t buf[3000]; uint8_t * bufPtr = buf; memset(buf, 0x00, 3000); @@ -1625,7 +1626,9 @@ int CmdHF14AMfSniff(const char *Cmd){ num = 0; while (bufPtr - buf + 9 < blockLen) { isTag = bufPtr[3] & 0x80 ? true:false; - bufPtr += 8; + bufPtr += 4; + parity = *((uint32_t *)(bufPtr)); + bufPtr += 4; len = bufPtr[0]; bufPtr++; if ((len == 14) && (bufPtr[0] = 0xff) && (bufPtr[1] = 0xff)) { @@ -1642,7 +1645,7 @@ int CmdHF14AMfSniff(const char *Cmd){ } else { PrintAndLog("%s(%d):%s", isTag ? "TAG":"RDR", num, sprint_hex(bufPtr, len)); if (wantLogToFile) AddLogHex(logHexFileName, isTag ? "TAG: ":"RDR: ", bufPtr, len); - if (wantDecrypt) mfTraceDecode(bufPtr, len, wantSaveToEmlFile); + if (wantDecrypt) mfTraceDecode(bufPtr, len, parity, wantSaveToEmlFile); } bufPtr += len; num++; diff --git a/client/mifarehost.c b/client/mifarehost.c index 70d2413a..f34759df 100644 --- a/client/mifarehost.c +++ b/client/mifarehost.c @@ -295,9 +295,12 @@ uint32_t ks3; uint32_t uid; // serial number uint32_t nt; // tag challenge +uint32_t nt_par; uint32_t nr_enc; // encrypted reader challenge uint32_t ar_enc; // encrypted reader response +uint32_t nr_ar_par; uint32_t at_enc; // encrypted tag response +uint32_t at_par; int isTraceCardEmpty(void) { return ((traceCard[0] == 0) && (traceCard[1] == 0) && (traceCard[2] == 0) && (traceCard[3] == 0)); @@ -401,7 +404,7 @@ void mf_crypto1_decrypt(struct Crypto1State *pcs, uint8_t *data, int len, bool i } -int mfTraceDecode(uint8_t *data_src, int len, bool wantSaveToEmlFile) { +int mfTraceDecode(uint8_t *data_src, int len, uint32_t parity, bool wantSaveToEmlFile) { uint8_t data[64]; if (traceState == TRACE_ERROR) return 1; @@ -504,6 +507,7 @@ int mfTraceDecode(uint8_t *data_src, int len, bool wantSaveToEmlFile) { traceState = TRACE_AUTH2; nt = bytes_to_num(data, 4); + nt_par = parity; return 0; } else { traceState = TRACE_ERROR; @@ -517,6 +521,7 @@ int mfTraceDecode(uint8_t *data_src, int len, bool wantSaveToEmlFile) { nr_enc = bytes_to_num(data, 4); ar_enc = bytes_to_num(data + 4, 4); + nr_ar_par = parity; return 0; } else { traceState = TRACE_ERROR; @@ -529,6 +534,7 @@ int mfTraceDecode(uint8_t *data_src, int len, bool wantSaveToEmlFile) { traceState = TRACE_IDLE; at_enc = bytes_to_num(data, 4); + at_par = parity; // decode key here) if (!traceCrypto1) { diff --git a/client/mifarehost.h b/client/mifarehost.h index d74f3f0e..a264002f 100644 --- a/client/mifarehost.h +++ b/client/mifarehost.h @@ -73,7 +73,7 @@ int mfCSetBlock(uint8_t blockNo, uint8_t *data, uint8_t *uid, int wantWipe, uint int mfCGetBlock(uint8_t blockNo, uint8_t *data, uint8_t params); int mfTraceInit(uint8_t *tuid, uint8_t *atqa, uint8_t sak, bool wantSaveToEmlFile); -int mfTraceDecode(uint8_t *data_src, int len, bool wantSaveToEmlFile); +int mfTraceDecode(uint8_t *data_src, int len, uint32_t parity, bool wantSaveToEmlFile); int isTraceCardEmpty(void); int isBlockEmpty(int blockN); -- 2.39.2