[proxmark3-svn] / client / cmdanalyse.c

//-----------------------------------------------------------------------------
// Copyright (C) 2016 iceman
//
// This code is licensed to you under the terms of the GNU GPL, version 2 or,
// at your option, any later version. See the LICENSE.txt file for the text of
// the license.
//-----------------------------------------------------------------------------
// Analyse bytes commands
//-----------------------------------------------------------------------------
#include "cmdanalyse.h"
#include "nonce2key/nonce2key.h"

static int CmdHelp(const char *Cmd);

int usage_analyse_lcr(void) {
	PrintAndLog("Specifying the bytes of a UID with a known LRC will find the last byte value");
	PrintAndLog("needed to generate that LRC with a rolling XOR. All bytes should be specified in HEX.");
	PrintAndLog("");
	PrintAndLog("Usage:  analyse lcr [h] <bytes>");
	PrintAndLog("Options:");
	PrintAndLog("           h          This help");
	PrintAndLog("           <bytes>    bytes to calc missing XOR in a LCR");
	PrintAndLog("");
	PrintAndLog("Samples:");
	PrintAndLog("           analyse lcr 04008064BA");
	PrintAndLog("expected output: Target (BA) requires final LRC XOR byte value: 5A");
	return 0;
}
int usage_analyse_checksum(void) {
	PrintAndLog("The bytes will be added with eachother and than limited with the applied mask");
	PrintAndLog("Finally compute ones' complement of the least significant bytes");
	PrintAndLog("");
	PrintAndLog("Usage:  analyse chksum [h] b <bytes> m <mask>");
	PrintAndLog("Options:");
	PrintAndLog("           h          This help");
	PrintAndLog("           b <bytes>  bytes to calc missing XOR in a LCR");
	PrintAndLog("           m <mask>   bit mask to limit the outpuyt");
	PrintAndLog("");
	PrintAndLog("Samples:");
	PrintAndLog("           analyse chksum b 137AF00A0A0D m FF");
	PrintAndLog("expected output: 0x61");
	return 0;
}
int usage_analyse_crc(void){
	PrintAndLog("A stub method to test different crc implementations inside the PM3 sourcecode. Just because you figured out the poly, doesn't mean you get the desired output");
	PrintAndLog("");
	PrintAndLog("Usage:  analyse crc [h] <bytes>");
	PrintAndLog("Options:");
	PrintAndLog("           h          This help");
	PrintAndLog("           <bytes>    bytes to calc crc");
	PrintAndLog("");
	PrintAndLog("Samples:");
	PrintAndLog("           analyse crc 137AF00A0A0D");
	return 0;
}
int usage_analyse_hid(void){
	PrintAndLog("Permute function from 'heart of darkness' paper.");
	PrintAndLog("");
	PrintAndLog("Usage:  analyse hid [h] <r|f> <bytes>");
	PrintAndLog("Options:");
	PrintAndLog("           h          This help");
	PrintAndLog("           r          reverse permuted key");
	PrintAndLog("           f          permute key");
	PrintAndLog("           <bytes>    input bytes");
	PrintAndLog("");
	PrintAndLog("Samples:");
	PrintAndLog("           analyse hid r 0123456789abcdef");
	return 0;
}

static uint8_t calculateLRC( uint8_t* bytes, uint8_t len) {
    uint8_t LRC = 0;
    for (uint8_t i = 0; i < len; i++)
        LRC ^= bytes[i];
    return LRC;
}

static uint8_t calcSumCrumbAdd( uint8_t* bytes, uint8_t len, uint32_t mask) {
    uint8_t sum = 0;
    for (uint8_t i = 0; i < len; i++) {
        sum += CRUMB(bytes[i], 0);
		sum += CRUMB(bytes[i], 2);
		sum += CRUMB(bytes[i], 4);
		sum += CRUMB(bytes[i], 6);
	}
	sum &= mask;	
    return sum;
}
static uint8_t calcSumCrumbAddOnes( uint8_t* bytes, uint8_t len, uint32_t mask) {
	return ~calcSumCrumbAdd(bytes, len, mask);
}
static uint8_t calcSumNibbleAdd( uint8_t* bytes, uint8_t len, uint32_t mask) {
    uint8_t sum = 0;
    for (uint8_t i = 0; i < len; i++) {
        sum += NIBBLE_LOW(bytes[i]);
		sum += NIBBLE_HIGH(bytes[i]);
	}
	sum &= mask;	
    return sum;
}
static uint8_t calcSumNibbleAddOnes( uint8_t* bytes, uint8_t len, uint32_t mask){
	return ~calcSumNibbleAdd(bytes, len, mask);
}
static uint8_t calcSumCrumbXor(  uint8_t* bytes, uint8_t len, uint32_t mask) {
    uint8_t sum = 0;
    for (uint8_t i = 0; i < len; i++) {
        sum ^= CRUMB(bytes[i], 0);
		sum ^= CRUMB(bytes[i], 2);
		sum ^= CRUMB(bytes[i], 4);
		sum ^= CRUMB(bytes[i], 6);
	}	
	sum &= mask;
    return sum;
}
static uint8_t calcSumNibbleXor( uint8_t* bytes, uint8_t len, uint32_t mask) {
    uint8_t sum = 0;
    for (uint8_t i = 0; i < len; i++) {
        sum ^= NIBBLE_LOW(bytes[i]);
		sum ^= NIBBLE_HIGH(bytes[i]);
	}
	sum &= mask;
    return sum;
}
static uint8_t calcSumByteXor( uint8_t* bytes, uint8_t len, uint32_t mask) {
    uint8_t sum = 0;
    for (uint8_t i = 0; i < len; i++)
        sum ^= bytes[i];
	sum &= mask;	
    return sum;
}

static uint8_t calcSumByteAdd( uint8_t* bytes, uint8_t len, uint32_t mask) {
    uint8_t sum = 0;
    for (uint8_t i = 0; i < len; i++)
        sum += bytes[i];
	sum &= mask;	
    return sum;
}
// Ones complement
static uint8_t calcSumByteAddOnes( uint8_t* bytes, uint8_t len, uint32_t mask) {
	return ~calcSumByteAdd(bytes, len, mask);
}


static uint8_t calcSumByteSub( uint8_t* bytes, uint8_t len, uint32_t mask) {
    uint8_t sum = 0;
    for (uint8_t i = 0; i < len; i++)
        sum -= bytes[i];
	sum &= mask;	
    return sum;
}
static uint8_t calcSumByteSubOnes( uint8_t* bytes, uint8_t len, uint32_t mask){
	return ~calcSumByteSub(bytes, len, mask);
}
static uint8_t calcSumNibbleSub( uint8_t* bytes, uint8_t len, uint32_t mask) {
    uint8_t sum = 0;
    for (uint8_t i = 0; i < len; i++) {
        sum -= NIBBLE_LOW(bytes[i]);
		sum -= NIBBLE_HIGH(bytes[i]);
	}
	sum &= mask;	
    return sum;
}
static uint8_t calcSumNibbleSubOnes( uint8_t* bytes, uint8_t len, uint32_t mask) {
	return ~calcSumNibbleSub(bytes, len, mask);
}

// measuring LFSR maximum length
int CmdAnalyseLfsr(const char *Cmd){

    uint16_t start_state = 0;  /* Any nonzero start state will work. */
    uint16_t lfsr = start_state;
    //uint32_t period = 0;

	uint8_t iv = param_get8ex(Cmd, 0, 0, 16);
	uint8_t find = param_get8ex(Cmd, 1, 0, 16);
	
	printf("LEGIC LFSR IV 0x%02X: \n", iv);
	printf(" bit# | lfsr | ^0x40 |  0x%02X ^ lfsr \n",find);
	
	for (uint8_t i = 0x01; i < 0x30; i += 1) {
		//period = 0;
		legic_prng_init(iv);
		legic_prng_forward(i);
		lfsr = legic_prng_get_bits(12);

		printf(" %02X | %03X | %03X | %03X \n",i, lfsr, 0x40 ^ lfsr, find ^ lfsr);
	}
	return 0;
}
int CmdAnalyseLCR(const char *Cmd) {
	uint8_t data[50];
	char cmdp = param_getchar(Cmd, 0);
	if (strlen(Cmd) == 0|| cmdp == 'h' || cmdp == 'H') return usage_analyse_lcr();
	
	int len = 0;
	param_gethex_ex(Cmd, 0, data, &len);
	if ( len%2 ) return usage_analyse_lcr();
	len >>= 1;	
	uint8_t finalXor = calculateLRC(data, len);
	PrintAndLog("Target [%02X] requires final LRC XOR byte value: 0x%02X",data[len-1] ,finalXor);
	return 0;
}
int CmdAnalyseCRC(const char *Cmd) {

	char cmdp = param_getchar(Cmd, 0);
	if (strlen(Cmd) == 0 || cmdp == 'h' || cmdp == 'H') return usage_analyse_crc();
	
	int len = strlen(Cmd);
	if ( len & 1 ) return usage_analyse_crc();
	
	// add 1 for null terminator.
	uint8_t *data = malloc(len+1);
	if ( data == NULL ) return 1;

	if ( param_gethex(Cmd, 0, data, len)) {
		free(data);
		return usage_analyse_crc();
	}
	len >>= 1;	

	//PrintAndLog("\nTests with '%s' hex bytes", sprint_hex(data, len));
	
	PrintAndLog("\nTests of reflection. Two current methods in source code");	
	PrintAndLog("   reflect(0x3e23L,3) is %04X == 0x3e26", reflect(0x3e23L,3) );
	PrintAndLog("  SwapBits(0x3e23L,3) is %04X == 0x3e26", SwapBits(0x3e23L,3) );
	PrintAndLog("  0xB400 == %04X", reflect( (1 << 16 | 0xb400),16) );

	//
	// Test of CRC16,  '123456789' string.
	//
	PrintAndLog("\nTests with '123456789' string");
	uint8_t dataStr[] = { 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,0x39 };
	uint8_t legic8 = CRC8Legic(dataStr, sizeof(dataStr));
	
	PrintAndLog("LEGIC: CRC16: %X", CRC16Legic(dataStr, sizeof(dataStr), legic8));

	//these below has been tested OK.
	PrintAndLog("Confirmed CRC Implementations");
	PrintAndLog("LEGIC: CRC8 : %X (0xC6 expected)", legic8);
	PrintAndLog("MAXIM: CRC8 : %X (0xA1 expected)", CRC8Maxim(dataStr, sizeof(dataStr)));
	PrintAndLog("DNP  : CRC16: %X (0x82EA expected)", CRC16_DNP(dataStr, sizeof(dataStr)));	
	PrintAndLog("CCITT: CRC16: %X (0xE5CC expected)", CRC16_CCITT(dataStr, sizeof(dataStr)));

	PrintAndLog("ICLASS org: CRC16: %X (0x expected)",iclass_crc16( (char*)dataStr, sizeof(dataStr)));
	PrintAndLog("ICLASS ice: CRC16: %X (0x expected)",CRC16_ICLASS(dataStr, sizeof(dataStr)));


	uint8_t dataStr1234[] = { 0x1,0x2,0x3,0x4};
	PrintAndLog("ISO15693 org:  : CRC16: %X (0xF0B8 expected)", Iso15693Crc(dataStr1234, sizeof(dataStr1234)));
	PrintAndLog("ISO15693 ice:  : CRC16: %X (0xF0B8 expected)", CRC16_Iso15693(dataStr1234, sizeof(dataStr1234)));

	free(data);
	return 0;
}
int CmdAnalyseCHKSUM(const char *Cmd){
	
	uint8_t data[50];
	uint8_t cmdp = 0;
	uint32_t mask = 0xFFFF;
	bool errors = false;
	int len = 0;
	memset(data, 0x0, sizeof(data));
	
	while(param_getchar(Cmd, cmdp) != 0x00) {
		switch(param_getchar(Cmd, cmdp)) {
		case 'b':
		case 'B':
			param_gethex_ex(Cmd, cmdp+1, data, &len);
			if ( len%2 ) errors = true;
			len >>= 1;	
			cmdp += 2;
			break;
		case 'm':
		case 'M':		 
			mask = param_get32ex(Cmd, cmdp+1, 0, 16);
			cmdp += 2;
			break;
		case 'h':
		case 'H':
			return usage_analyse_checksum();
		default:
			PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
			errors = true;
			break;
		}
		if(errors) break;
	}
	//Validations
	if(errors) return usage_analyse_checksum();
	
	PrintAndLog("     add          | sub         | add 1's compl    | sub 1's compl   | xor");
	PrintAndLog("byte nibble crumb | byte nibble | byte nibble cumb | byte nibble     | byte nibble cumb");
	PrintAndLog("------------------+-------------+------------------+-----------------+--------------------");
	PrintAndLog("0x%02X 0x%02X   0x%02X  | 0x%02X 0x%02X   | 0x%02X 0x%02X   0x%02X | 0x%02X 0x%02X       | 0x%02X 0x%02X   0x%02X",
				  calcSumByteAdd(data, len, mask)
				, calcSumNibbleAdd(data, len, mask)
				, calcSumCrumbAdd(data, len, mask)
				, calcSumByteSub(data, len, mask)
				, calcSumNibbleSub(data, len, mask)
				, calcSumByteAddOnes(data, len, mask)
				, calcSumNibbleAddOnes(data, len, mask)
				, calcSumCrumbAddOnes(data, len, mask)
				, calcSumByteSubOnes(data, len, mask)
				, calcSumNibbleSubOnes(data, len, mask)
				, calcSumByteXor(data, len, mask)
				, calcSumNibbleXor(data, len, mask)
				, calcSumCrumbXor(data, len, mask)
			);	
	return 0;
}

int CmdAnalyseDates(const char *Cmd){
	// look for datestamps in a given array of bytes
	PrintAndLog("To be implemented. Feel free to contribute!");
	return 0;
}
int CmdAnalyseTEASelfTest(const char *Cmd){
	
	uint8_t v[8], v_le[8];
	memset(v, 0x00, sizeof(v));
	memset(v_le, 0x00, sizeof(v_le));
	uint8_t* v_ptr = v_le;

	uint8_t cmdlen = strlen(Cmd);
	cmdlen = ( sizeof(v)<<2 < cmdlen ) ? sizeof(v)<<2 : cmdlen;
	
	if ( param_gethex(Cmd, 0, v, cmdlen) > 0 ){
		PrintAndLog("can't read hex chars, uneven? :: %u", cmdlen);
		return 1;
	}
	
	SwapEndian64ex(v , 8, 4, v_ptr);
	
	// ENCRYPTION KEY:	
	uint8_t key[16] = {0x55,0xFE,0xF6,0x30,0x62,0xBF,0x0B,0xC1,0xC9,0xB3,0x7C,0x34,0x97,0x3E,0x29,0xFB };
	uint8_t keyle[16];
	uint8_t* key_ptr = keyle;
	SwapEndian64ex(key , sizeof(key), 4, key_ptr);
	
	PrintAndLog("TEST LE enc| %s", sprint_hex(v_ptr, 8));
	
	tea_decrypt(v_ptr, key_ptr);	
	PrintAndLog("TEST LE dec | %s", sprint_hex_ascii(v_ptr, 8));
	
	tea_encrypt(v_ptr, key_ptr);	
	tea_encrypt(v_ptr, key_ptr);
	PrintAndLog("TEST enc2 | %s", sprint_hex_ascii(v_ptr, 8));

	return 0;
}

int CmdAnalyseA(const char *Cmd){
/*	
piwi
// uid(2e086b1a) nt(230736f6) ks(0b0008000804000e) nr(000000000)
// uid(2e086b1a) nt(230736f6) ks(0e0b0e0b090c0d02) nr(000000001)
// uid(2e086b1a) nt(230736f6) ks(0e05060e01080b08) nr(000000002)
uint64_t d1[] = {0x2e086b1a, 0x230736f6, 0x0000001, 0x0e0b0e0b090c0d02};
uint64_t d2[] = {0x2e086b1a, 0x230736f6, 0x0000002, 0x0e05060e01080b08};
	
// uid(17758822) nt(c0c69e59) ks(080105020705040e) nr(00000001)
// uid(17758822) nt(c0c69e59) ks(01070a05050c0705) nr(00000002)
uint64_t d1[] = {0x17758822, 0xc0c69e59, 0x0000001, 0x080105020705040e};
uint64_t d2[] = {0x17758822, 0xc0c69e59, 0x0000002, 0x01070a05050c0705};
	
// uid(6e442129) nt(8f699195) ks(090d0b0305020f02) nr(00000001)
// uid(6e442129) nt(8f699195) ks(03030508030b0c0e) nr(00000002)
// uid(6e442129) nt(8f699195) ks(02010f030c0d050d) nr(00000003)
// uid(6e442129) nt(8f699195) ks(00040f0f0305030e) nr(00000004)
uint64_t d1[] = {0x6e442129, 0x8f699195, 0x0000001, 0x090d0b0305020f02};
uint64_t d2[] = {0x6e442129, 0x8f699195, 0x0000004, 0x00040f0f0305030e};
	
uid(3e172b29) nt(039b7bd2) ks(0c0e0f0505080800) nr(00000001)
uid(3e172b29) nt(039b7bd2) ks(0e06090d03000b0f) nr(00000002)
*/
	uint64_t key = 0;
	uint64_t d1[] = {0x3e172b29, 0x039b7bd2, 0x0000001, 0x0c0e0f0505080800};
	uint64_t d2[] = {0x3e172b29, 0x039b7bd2, 0x0000002, 0x0e06090d03000b0f};
	
	nonce2key_ex(0, 0 , d1[0], d1[1], d1[2], d1[3], &key);
	nonce2key_ex(0, 0 , d2[0], d2[1], d2[2], d2[3], &key);
	return 0;
}

static void permute(uint8_t *data, uint8_t len, uint8_t *output){	
#define KEY_SIZE 8

	if ( len > KEY_SIZE ) {
		for(uint8_t m = 0; m < len; m += KEY_SIZE){
			permute(data+m, KEY_SIZE, output+m);
		}
		return;
	}
	if ( len != KEY_SIZE ) {
		printf("wrong key size\n");
		return;
	}
	uint8_t i,j,p, mask;
	for( i=0; i < KEY_SIZE; ++i){
		p = 0;
		mask = 0x80 >> i;
		for( j=0; j < KEY_SIZE; ++j){
			p >>= 1;
			if (data[j] & mask) 
				p |= 0x80;
		}
		output[i] = p;
	}
}
static void permute_rev(uint8_t *data, uint8_t len, uint8_t *output){
	permute(data, len, output);
	permute(output, len, data);
	permute(data, len, output);
}
static void simple_crc(uint8_t *data, uint8_t len, uint8_t *output){
	uint8_t crc = 0;
	for( uint8_t i=0; i < len; ++i){
		// seventh byte contains the crc.
		if ( (i & 0x7) == 0x7 ) {
			output[i] = crc ^ 0xFF;
			crc = 0;
		} else {
			output[i] = data[i];
			crc ^= data[i];
		}
	}
}
// DES doesn't use the MSB.
static void shave(uint8_t *data, uint8_t len){
	for (uint8_t i=0; i<len; ++i)
		data[i] &= 0xFE;
}
static void generate_rev(uint8_t *data, uint8_t len) {
	uint8_t *key = calloc(len,1);	
	printf("input permuted key | %s \n", sprint_hex(data, len));
	permute_rev(data, len, key);
	printf("    unpermuted key | %s \n", sprint_hex(key, len));
	shave(key, len);
	printf("               key | %s \n", sprint_hex(key, len));
	free(key);	
}
static void generate(uint8_t *data, uint8_t len) {
	uint8_t *key = calloc(len,1);
	uint8_t *pkey = calloc(len,1);	
	printf("    input key | %s \n", sprint_hex(data, len));
	permute(data, len, pkey);
	printf(" permuted key | %s \n", sprint_hex(pkey, len));
	simple_crc(pkey, len, key );
	printf("   CRC'ed key | %s \n", sprint_hex(key, len));
	free(key);
	free(pkey);
}
int CmdAnalyseHid(const char *Cmd){

	uint8_t key[8] = {0};	
	uint8_t key_std_format[8] = {0};
	uint8_t key_iclass_format[8] = {0};
	uint8_t data[16] = {0};
	bool isReverse = FALSE;
	int len = 0;
	char cmdp = param_getchar(Cmd, 0);
	if (strlen(Cmd) == 0|| cmdp == 'h' || cmdp == 'H') return usage_analyse_hid();
		
	if ( cmdp == 'r' || cmdp == 'R' ) 
		isReverse = TRUE;
	
	param_gethex_ex(Cmd, 1, data, &len);
	if ( len%2 ) return usage_analyse_hid();
	
	len >>= 1;	

	memcpy(key, data, 8);

	if ( isReverse ) {
		generate_rev(data, len);
		permutekey_rev(key, key_std_format);
		printf(" holiman iclass key | %s \n", sprint_hex(key_std_format, 8));
	}
	else {
		generate(data, len);
		permutekey(key, key_iclass_format);		
		printf(" holiman std key | %s \n", sprint_hex(key_iclass_format, 8));
	}
	return 0;
}

static command_t CommandTable[] = {
	{"help",	CmdHelp,            1, "This help"},
	{"lcr",		CmdAnalyseLCR,		1, "Generate final byte for XOR LRC"},
	{"crc",		CmdAnalyseCRC,		1, "Stub method for CRC evaluations"},
	{"chksum",	CmdAnalyseCHKSUM,	1, "Checksum with adding, masking and one's complement"},
	{"dates",	CmdAnalyseDates,	1, "Look for datestamps in a given array of bytes"},
	{"tea",   	CmdAnalyseTEASelfTest,	1, "Crypto TEA test"},
	{"lfsr",	CmdAnalyseLfsr,		1,	"LFSR tests"},
	{"a",		CmdAnalyseA,		1,	"num bits test"},
	{"hid",		CmdAnalyseHid,		1,	"Permute function from 'heart of darkness' paper"},
	{NULL, NULL, 0, NULL}
};

int CmdAnalyse(const char *Cmd) {
	clearCommandBuffer();
	CmdsParse(CommandTable, Cmd);
	return 0;
}

int CmdHelp(const char *Cmd) {
	CmdsHelp(CommandTable);
	return 0;
}
Commit	Line	Data
812513bf	1	//-----------------------------------------------------------------------------
	2	// Copyright (C) 2016 iceman
	3	//
	4	// This code is licensed to you under the terms of the GNU GPL, version 2 or,
	5	// at your option, any later version. See the LICENSE.txt file for the text of
	6	// the license.
	7	//-----------------------------------------------------------------------------
	8	// Analyse bytes commands
	9	//-----------------------------------------------------------------------------
	10	#include "cmdanalyse.h"
b403c300	11	#include "nonce2key/nonce2key.h"
812513bf	12
	13	static int CmdHelp(const char *Cmd);
	14
	15	int usage_analyse_lcr(void) {
	16	PrintAndLog("Specifying the bytes of a UID with a known LRC will find the last byte value");
	17	PrintAndLog("needed to generate that LRC with a rolling XOR. All bytes should be specified in HEX.");
	18	PrintAndLog("");
	19	PrintAndLog("Usage: analyse lcr [h] <bytes>");
	20	PrintAndLog("Options:");
	21	PrintAndLog(" h This help");
	22	PrintAndLog(" <bytes> bytes to calc missing XOR in a LCR");
	23	PrintAndLog("");
	24	PrintAndLog("Samples:");
	25	PrintAndLog(" analyse lcr 04008064BA");
	26	PrintAndLog("expected output: Target (BA) requires final LRC XOR byte value: 5A");
	27	return 0;
	28	}
53b3c3e8	29	int usage_analyse_checksum(void) {
	30	PrintAndLog("The bytes will be added with eachother and than limited with the applied mask");
	31	PrintAndLog("Finally compute ones' complement of the least significant bytes");
	32	PrintAndLog("");
	33	PrintAndLog("Usage: analyse chksum [h] b <bytes> m <mask>");
	34	PrintAndLog("Options:");
	35	PrintAndLog(" h This help");
	36	PrintAndLog(" b <bytes> bytes to calc missing XOR in a LCR");
	37	PrintAndLog(" m <mask> bit mask to limit the outpuyt");
	38	PrintAndLog("");
	39	PrintAndLog("Samples:");
	40	PrintAndLog(" analyse chksum b 137AF00A0A0D m FF");
	41	PrintAndLog("expected output: 0x61");
	42	return 0;
	43	}
53b3c3e8	44	int usage_analyse_crc(void){
	45	PrintAndLog("A stub method to test different crc implementations inside the PM3 sourcecode. Just because you figured out the poly, doesn't mean you get the desired output");
	46	PrintAndLog("");
	47	PrintAndLog("Usage: analyse crc [h] <bytes>");
	48	PrintAndLog("Options:");
	49	PrintAndLog(" h This help");
	50	PrintAndLog(" <bytes> bytes to calc crc");
	51	PrintAndLog("");
	52	PrintAndLog("Samples:");
	53	PrintAndLog(" analyse crc 137AF00A0A0D");
	54	return 0;
	55	}
09bb01c7	56	int usage_analyse_hid(void){
	57	PrintAndLog("Permute function from 'heart of darkness' paper.");
	58	PrintAndLog("");
	59	PrintAndLog("Usage: analyse hid [h] <r\|f> <bytes>");
	60	PrintAndLog("Options:");
	61	PrintAndLog(" h This help");
	62	PrintAndLog(" r reverse permuted key");
	63	PrintAndLog(" f permute key");
	64	PrintAndLog(" <bytes> input bytes");
	65	PrintAndLog("");
	66	PrintAndLog("Samples:");
	67	PrintAndLog(" analyse hid r 0123456789abcdef");
	68	return 0;
	69	}
53b3c3e8	70
812513bf	71	static uint8_t calculateLRC( uint8_t* bytes, uint8_t len) {
	72	uint8_t LRC = 0;
	73	for (uint8_t i = 0; i < len; i++)
	74	LRC ^= bytes[i];
	75	return LRC;
	76	}
53b3c3e8	77
	78	static uint8_t calcSumCrumbAdd( uint8_t* bytes, uint8_t len, uint32_t mask) {
	79	uint8_t sum = 0;
	80	for (uint8_t i = 0; i < len; i++) {
	81	sum += CRUMB(bytes[i], 0);
	82	sum += CRUMB(bytes[i], 2);
	83	sum += CRUMB(bytes[i], 4);
	84	sum += CRUMB(bytes[i], 6);
	85	}
6c283951	86	sum &= mask;
53b3c3e8	87	return sum;
	88	}
	89	static uint8_t calcSumCrumbAddOnes( uint8_t* bytes, uint8_t len, uint32_t mask) {
	90	return ~calcSumCrumbAdd(bytes, len, mask);
	91	}
	92	static uint8_t calcSumNibbleAdd( uint8_t* bytes, uint8_t len, uint32_t mask) {
	93	uint8_t sum = 0;
	94	for (uint8_t i = 0; i < len; i++) {
	95	sum += NIBBLE_LOW(bytes[i]);
	96	sum += NIBBLE_HIGH(bytes[i]);
	97	}
6c283951	98	sum &= mask;
53b3c3e8	99	return sum;
	100	}
	101	static uint8_t calcSumNibbleAddOnes( uint8_t* bytes, uint8_t len, uint32_t mask){
	102	return ~calcSumNibbleAdd(bytes, len, mask);
	103	}
2c601080	104	static uint8_t calcSumCrumbXor( uint8_t* bytes, uint8_t len, uint32_t mask) {
	105	uint8_t sum = 0;
	106	for (uint8_t i = 0; i < len; i++) {
	107	sum ^= CRUMB(bytes[i], 0);
	108	sum ^= CRUMB(bytes[i], 2);
	109	sum ^= CRUMB(bytes[i], 4);
	110	sum ^= CRUMB(bytes[i], 6);
	111	}
	112	sum &= mask;
	113	return sum;
	114	}
32da0a46	115	static uint8_t calcSumNibbleXor( uint8_t* bytes, uint8_t len, uint32_t mask) {
	116	uint8_t sum = 0;
	117	for (uint8_t i = 0; i < len; i++) {
	118	sum ^= NIBBLE_LOW(bytes[i]);
	119	sum ^= NIBBLE_HIGH(bytes[i]);
	120	}
2c601080	121	sum &= mask;
32da0a46	122	return sum;
	123	}
	124	static uint8_t calcSumByteXor( uint8_t* bytes, uint8_t len, uint32_t mask) {
	125	uint8_t sum = 0;
	126	for (uint8_t i = 0; i < len; i++)
	127	sum ^= bytes[i];
	128	sum &= mask;
	129	return sum;
	130	}
53b3c3e8	131
	132	static uint8_t calcSumByteAdd( uint8_t* bytes, uint8_t len, uint32_t mask) {
	133	uint8_t sum = 0;
	134	for (uint8_t i = 0; i < len; i++)
	135	sum += bytes[i];
6c283951	136	sum &= mask;
53b3c3e8	137	return sum;
	138	}
	139	// Ones complement
	140	static uint8_t calcSumByteAddOnes( uint8_t* bytes, uint8_t len, uint32_t mask) {
	141	return ~calcSumByteAdd(bytes, len, mask);
	142	}
	143
32da0a46	144
32da0a46	145
53b3c3e8	146	static uint8_t calcSumByteSub( uint8_t* bytes, uint8_t len, uint32_t mask) {
	147	uint8_t sum = 0;
	148	for (uint8_t i = 0; i < len; i++)
	149	sum -= bytes[i];
6c283951	150	sum &= mask;
53b3c3e8	151	return sum;
	152	}
	153	static uint8_t calcSumByteSubOnes( uint8_t* bytes, uint8_t len, uint32_t mask){
	154	return ~calcSumByteSub(bytes, len, mask);
	155	}
	156	static uint8_t calcSumNibbleSub( uint8_t* bytes, uint8_t len, uint32_t mask) {
	157	uint8_t sum = 0;
	158	for (uint8_t i = 0; i < len; i++) {
	159	sum -= NIBBLE_LOW(bytes[i]);
	160	sum -= NIBBLE_HIGH(bytes[i]);
	161	}
6c283951	162	sum &= mask;
53b3c3e8	163	return sum;
	164	}
	165	static uint8_t calcSumNibbleSubOnes( uint8_t* bytes, uint8_t len, uint32_t mask) {
	166	return ~calcSumNibbleSub(bytes, len, mask);
	167	}
	168
b403c300	169	// measuring LFSR maximum length
	170	int CmdAnalyseLfsr(const char *Cmd){
	171
	172	uint16_t start_state = 0; /* Any nonzero start state will work. */
	173	uint16_t lfsr = start_state;
	174	//uint32_t period = 0;
	175
	176	uint8_t iv = param_get8ex(Cmd, 0, 0, 16);
	177	uint8_t find = param_get8ex(Cmd, 1, 0, 16);
	178
	179	printf("LEGIC LFSR IV 0x%02X: \n", iv);
	180	printf(" bit# \| lfsr \| ^0x40 \| 0x%02X ^ lfsr \n",find);
	181
	182	for (uint8_t i = 0x01; i < 0x30; i += 1) {
	183	//period = 0;
	184	legic_prng_init(iv);
	185	legic_prng_forward(i);
	186	lfsr = legic_prng_get_bits(12);
	187
	188	printf(" %02X \| %03X \| %03X \| %03X \n",i, lfsr, 0x40 ^ lfsr, find ^ lfsr);
	189	}
	190	return 0;
	191	}
812513bf	192	int CmdAnalyseLCR(const char *Cmd) {
	193	uint8_t data[50];
	194	char cmdp = param_getchar(Cmd, 0);
	195	if (strlen(Cmd) == 0\|\| cmdp == 'h' \|\| cmdp == 'H') return usage_analyse_lcr();
	196
	197	int len = 0;
	198	param_gethex_ex(Cmd, 0, data, &len);
	199	if ( len%2 ) return usage_analyse_lcr();
	200	len >>= 1;
	201	uint8_t finalXor = calculateLRC(data, len);
	202	PrintAndLog("Target [%02X] requires final LRC XOR byte value: 0x%02X",data[len-1] ,finalXor);
	203	return 0;
	204	}
53b3c3e8	205	int CmdAnalyseCRC(const char *Cmd) {
	206
	207	char cmdp = param_getchar(Cmd, 0);
	208	if (strlen(Cmd) == 0 \|\| cmdp == 'h' \|\| cmdp == 'H') return usage_analyse_crc();
	209
	210	int len = strlen(Cmd);
	211	if ( len & 1 ) return usage_analyse_crc();
	212
	213	// add 1 for null terminator.
	214	uint8_t *data = malloc(len+1);
	215	if ( data == NULL ) return 1;
	216
	217	if ( param_gethex(Cmd, 0, data, len)) {
	218	free(data);
	219	return usage_analyse_crc();
	220	}
	221	len >>= 1;
	222
6c283951	223	//PrintAndLog("\nTests with '%s' hex bytes", sprint_hex(data, len));
53b3c3e8	224
	225	PrintAndLog("\nTests of reflection. Two current methods in source code");
	226	PrintAndLog(" reflect(0x3e23L,3) is %04X == 0x3e26", reflect(0x3e23L,3) );
	227	PrintAndLog(" SwapBits(0x3e23L,3) is %04X == 0x3e26", SwapBits(0x3e23L,3) );
	228	PrintAndLog(" 0xB400 == %04X", reflect( (1 << 16 \| 0xb400),16) );
	229
	230	//
	231	// Test of CRC16, '123456789' string.
	232	//
	233	PrintAndLog("\nTests with '123456789' string");
	234	uint8_t dataStr[] = { 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,0x39 };
	235	uint8_t legic8 = CRC8Legic(dataStr, sizeof(dataStr));
	236
53b3c3e8	237	PrintAndLog("LEGIC: CRC16: %X", CRC16Legic(dataStr, sizeof(dataStr), legic8));
	238
	239	//these below has been tested OK.
	240	PrintAndLog("Confirmed CRC Implementations");
	241	PrintAndLog("LEGIC: CRC8 : %X (0xC6 expected)", legic8);
	242	PrintAndLog("MAXIM: CRC8 : %X (0xA1 expected)", CRC8Maxim(dataStr, sizeof(dataStr)));
	243	PrintAndLog("DNP : CRC16: %X (0x82EA expected)", CRC16_DNP(dataStr, sizeof(dataStr)));
df007486	244	PrintAndLog("CCITT: CRC16: %X (0xE5CC expected)", CRC16_CCITT(dataStr, sizeof(dataStr)));
	245
	246	PrintAndLog("ICLASS org: CRC16: %X (0x expected)",iclass_crc16( (char*)dataStr, sizeof(dataStr)));
	247	PrintAndLog("ICLASS ice: CRC16: %X (0x expected)",CRC16_ICLASS(dataStr, sizeof(dataStr)));
	248
	249
	250
	251	uint8_t dataStr1234[] = { 0x1,0x2,0x3,0x4};
	252	PrintAndLog("ISO15693 org: : CRC16: %X (0xF0B8 expected)", Iso15693Crc(dataStr1234, sizeof(dataStr1234)));
	253	PrintAndLog("ISO15693 ice: : CRC16: %X (0xF0B8 expected)", CRC16_Iso15693(dataStr1234, sizeof(dataStr1234)));
53b3c3e8	254
	255	free(data);
	256	return 0;
	257	}
	258	int CmdAnalyseCHKSUM(const char *Cmd){
	259
	260	uint8_t data[50];
	261	uint8_t cmdp = 0;
2c601080	262	uint32_t mask = 0xFFFF;
53b3c3e8	263	bool errors = false;
53b3c3e8	264	int len = 0;
5f7e30f8	265	memset(data, 0x0, sizeof(data));
53b3c3e8	266
	267	while(param_getchar(Cmd, cmdp) != 0x00) {
	268	switch(param_getchar(Cmd, cmdp)) {
	269	case 'b':
	270	case 'B':
	271	param_gethex_ex(Cmd, cmdp+1, data, &len);
	272	if ( len%2 ) errors = true;
	273	len >>= 1;
	274	cmdp += 2;
	275	break;
	276	case 'm':
	277	case 'M':
	278	mask = param_get32ex(Cmd, cmdp+1, 0, 16);
	279	cmdp += 2;
	280	break;
	281	case 'h':
	282	case 'H':
	283	return usage_analyse_checksum();
	284	default:
	285	PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
	286	errors = true;
	287	break;
	288	}
	289	if(errors) break;
	290	}
	291	//Validations
	292	if(errors) return usage_analyse_checksum();
	293
2c601080	294	PrintAndLog(" add \| sub \| add 1's compl \| sub 1's compl \| xor");
	295	PrintAndLog("byte nibble crumb \| byte nibble \| byte nibble cumb \| byte nibble \| byte nibble cumb");
	296	PrintAndLog("------------------+-------------+------------------+-----------------+--------------------");
	297	PrintAndLog("0x%02X 0x%02X 0x%02X \| 0x%02X 0x%02X \| 0x%02X 0x%02X 0x%02X \| 0x%02X 0x%02X \| 0x%02X 0x%02X 0x%02X",
	298	calcSumByteAdd(data, len, mask)
	299	, calcSumNibbleAdd(data, len, mask)
	300	, calcSumCrumbAdd(data, len, mask)
	301	, calcSumByteSub(data, len, mask)
	302	, calcSumNibbleSub(data, len, mask)
	303	, calcSumByteAddOnes(data, len, mask)
	304	, calcSumNibbleAddOnes(data, len, mask)
	305	, calcSumCrumbAddOnes(data, len, mask)
	306	, calcSumByteSubOnes(data, len, mask)
	307	, calcSumNibbleSubOnes(data, len, mask)
	308	, calcSumByteXor(data, len, mask)
	309	, calcSumNibbleXor(data, len, mask)
	310	, calcSumCrumbXor(data, len, mask)
	311	);
53b3c3e8	312	return 0;
53b3c3e8	313	}
812513bf	314
5558d935	315	int CmdAnalyseDates(const char *Cmd){
5558d935	316	// look for datestamps in a given array of bytes
53b3c3e8	317	PrintAndLog("To be implemented. Feel free to contribute!");
5558d935	318	return 0;
5558d935	319	}
16658b1f	320	int CmdAnalyseTEASelfTest(const char *Cmd){
	321
	322	uint8_t v[8], v_le[8];
	323	memset(v, 0x00, sizeof(v));
	324	memset(v_le, 0x00, sizeof(v_le));
	325	uint8_t* v_ptr = v_le;
	326
	327	uint8_t cmdlen = strlen(Cmd);
	328	cmdlen = ( sizeof(v)<<2 < cmdlen ) ? sizeof(v)<<2 : cmdlen;
	329
	330	if ( param_gethex(Cmd, 0, v, cmdlen) > 0 ){
	331	PrintAndLog("can't read hex chars, uneven? :: %u", cmdlen);
	332	return 1;
	333	}
	334
	335	SwapEndian64ex(v , 8, 4, v_ptr);
	336
	337	// ENCRYPTION KEY:
	338	uint8_t key[16] = {0x55,0xFE,0xF6,0x30,0x62,0xBF,0x0B,0xC1,0xC9,0xB3,0x7C,0x34,0x97,0x3E,0x29,0xFB };
	339	uint8_t keyle[16];
	340	uint8_t* key_ptr = keyle;
	341	SwapEndian64ex(key , sizeof(key), 4, key_ptr);
	342
	343	PrintAndLog("TEST LE enc\| %s", sprint_hex(v_ptr, 8));
	344
	345	tea_decrypt(v_ptr, key_ptr);
	346	PrintAndLog("TEST LE dec \| %s", sprint_hex_ascii(v_ptr, 8));
	347
	348	tea_encrypt(v_ptr, key_ptr);
	349	tea_encrypt(v_ptr, key_ptr);
	350	PrintAndLog("TEST enc2 \| %s", sprint_hex_ascii(v_ptr, 8));
	351
	352	return 0;
	353	}
5558d935	354
b403c300	355	int CmdAnalyseA(const char *Cmd){
09bb01c7	356	/*
	357	piwi
	358	// uid(2e086b1a) nt(230736f6) ks(0b0008000804000e) nr(000000000)
	359	// uid(2e086b1a) nt(230736f6) ks(0e0b0e0b090c0d02) nr(000000001)
	360	// uid(2e086b1a) nt(230736f6) ks(0e05060e01080b08) nr(000000002)
	361	uint64_t d1[] = {0x2e086b1a, 0x230736f6, 0x0000001, 0x0e0b0e0b090c0d02};
	362	uint64_t d2[] = {0x2e086b1a, 0x230736f6, 0x0000002, 0x0e05060e01080b08};
b403c300	363
09bb01c7	364	// uid(17758822) nt(c0c69e59) ks(080105020705040e) nr(00000001)
	365	// uid(17758822) nt(c0c69e59) ks(01070a05050c0705) nr(00000002)
	366	uint64_t d1[] = {0x17758822, 0xc0c69e59, 0x0000001, 0x080105020705040e};
	367	uint64_t d2[] = {0x17758822, 0xc0c69e59, 0x0000002, 0x01070a05050c0705};
	368
	369	// uid(6e442129) nt(8f699195) ks(090d0b0305020f02) nr(00000001)
	370	// uid(6e442129) nt(8f699195) ks(03030508030b0c0e) nr(00000002)
	371	// uid(6e442129) nt(8f699195) ks(02010f030c0d050d) nr(00000003)
	372	// uid(6e442129) nt(8f699195) ks(00040f0f0305030e) nr(00000004)
	373	uint64_t d1[] = {0x6e442129, 0x8f699195, 0x0000001, 0x090d0b0305020f02};
	374	uint64_t d2[] = {0x6e442129, 0x8f699195, 0x0000004, 0x00040f0f0305030e};
	375
	376	uid(3e172b29) nt(039b7bd2) ks(0c0e0f0505080800) nr(00000001)
	377	uid(3e172b29) nt(039b7bd2) ks(0e06090d03000b0f) nr(00000002)
	378	*/
	379	uint64_t key = 0;
	380	uint64_t d1[] = {0x3e172b29, 0x039b7bd2, 0x0000001, 0x0c0e0f0505080800};
	381	uint64_t d2[] = {0x3e172b29, 0x039b7bd2, 0x0000002, 0x0e06090d03000b0f};
	382
	383	nonce2key_ex(0, 0 , d1[0], d1[1], d1[2], d1[3], &key);
	384	nonce2key_ex(0, 0 , d2[0], d2[1], d2[2], d2[3], &key);
	385	return 0;
	386	}
b403c300	387
09bb01c7	388	static void permute(uint8_t data, uint8_t len, uint8_t output){
09bb01c7	389	#define KEY_SIZE 8
b403c300	390
09bb01c7	391	if ( len > KEY_SIZE ) {
	392	for(uint8_t m = 0; m < len; m += KEY_SIZE){
	393	permute(data+m, KEY_SIZE, output+m);
	394	}
	395	return;
	396	}
	397	if ( len != KEY_SIZE ) {
	398	printf("wrong key size\n");
	399	return;
	400	}
	401	uint8_t i,j,p, mask;
	402	for( i=0; i < KEY_SIZE; ++i){
	403	p = 0;
	404	mask = 0x80 >> i;
	405	for( j=0; j < KEY_SIZE; ++j){
	406	p >>= 1;
	407	if (data[j] & mask)
	408	p \|= 0x80;
	409	}
	410	output[i] = p;
	411	}
	412	}
	413	static void permute_rev(uint8_t data, uint8_t len, uint8_t output){
	414	permute(data, len, output);
	415	permute(output, len, data);
	416	permute(data, len, output);
	417	}
	418	static void simple_crc(uint8_t data, uint8_t len, uint8_t output){
	419	uint8_t crc = 0;
	420	for( uint8_t i=0; i < len; ++i){
	421	// seventh byte contains the crc.
	422	if ( (i & 0x7) == 0x7 ) {
	423	output[i] = crc ^ 0xFF;
	424	crc = 0;
	425	} else {
	426	output[i] = data[i];
	427	crc ^= data[i];
	428	}
	429	}
	430	}
	431	// DES doesn't use the MSB.
	432	static void shave(uint8_t *data, uint8_t len){
	433	for (uint8_t i=0; i<len; ++i)
	434	data[i] &= 0xFE;
	435	}
	436	static void generate_rev(uint8_t *data, uint8_t len) {
	437	uint8_t *key = calloc(len,1);
	438	printf("input permuted key \| %s \n", sprint_hex(data, len));
	439	permute_rev(data, len, key);
	440	printf(" unpermuted key \| %s \n", sprint_hex(key, len));
	441	shave(key, len);
	442	printf(" key \| %s \n", sprint_hex(key, len));
	443	free(key);
	444	}
	445	static void generate(uint8_t *data, uint8_t len) {
	446	uint8_t *key = calloc(len,1);
	447	uint8_t *pkey = calloc(len,1);
	448	printf(" input key \| %s \n", sprint_hex(data, len));
	449	permute(data, len, pkey);
	450	printf(" permuted key \| %s \n", sprint_hex(pkey, len));
	451	simple_crc(pkey, len, key );
	452	printf(" CRC'ed key \| %s \n", sprint_hex(key, len));
	453	free(key);
	454	free(pkey);
455	}
456	int CmdAnalyseHid(const char *Cmd){
b403c300	457
ea1c1ca6	458	uint8_t key[8] = {0};
	459	uint8_t key_std_format[8] = {0};
	460	uint8_t key_iclass_format[8] = {0};
09bb01c7	461	uint8_t data[16] = {0};
	462	bool isReverse = FALSE;
	463	int len = 0;
	464	char cmdp = param_getchar(Cmd, 0);
	465	if (strlen(Cmd) == 0\|\| cmdp == 'h' \|\| cmdp == 'H') return usage_analyse_hid();
	466
	467	if ( cmdp == 'r' \|\| cmdp == 'R' )
	468	isReverse = TRUE;
	469
	470	param_gethex_ex(Cmd, 1, data, &len);
	471	if ( len%2 ) return usage_analyse_hid();
	472
ea1c1ca6	473	len >>= 1;
	474
	475	memcpy(key, data, 8);
	476
	477	if ( isReverse ) {
09bb01c7	478	generate_rev(data, len);
ea1c1ca6	479	permutekey_rev(key, key_std_format);
	480	printf(" holiman iclass key \| %s \n", sprint_hex(key_std_format, 8));
	481	}
	482	else {
09bb01c7	483	generate(data, len);
ea1c1ca6	484	permutekey(key, key_iclass_format);
	485	printf(" holiman std key \| %s \n", sprint_hex(key_iclass_format, 8));
	486	}
b403c300	487	return 0;
	488	}
	489
812513bf	490	static command_t CommandTable[] = {
5558d935	491	{"help", CmdHelp, 1, "This help"},
53b3c3e8	492	{"lcr", CmdAnalyseLCR, 1, "Generate final byte for XOR LRC"},
	493	{"crc", CmdAnalyseCRC, 1, "Stub method for CRC evaluations"},
	494	{"chksum", CmdAnalyseCHKSUM, 1, "Checksum with adding, masking and one's complement"},
	495	{"dates", CmdAnalyseDates, 1, "Look for datestamps in a given array of bytes"},
16658b1f	496	{"tea", CmdAnalyseTEASelfTest, 1, "Crypto TEA test"},
b403c300	497	{"lfsr", CmdAnalyseLfsr, 1, "LFSR tests"},
b403c300	498	{"a", CmdAnalyseA, 1, "num bits test"},
09bb01c7	499	{"hid", CmdAnalyseHid, 1, "Permute function from 'heart of darkness' paper"},
812513bf	500	{NULL, NULL, 0, NULL}
	501	};
	502
	503	int CmdAnalyse(const char *Cmd) {
	504	clearCommandBuffer();
	505	CmdsParse(CommandTable, Cmd);
	506	return 0;
	507	}
	508
	509	int CmdHelp(const char *Cmd) {
	510	CmdsHelp(CommandTable);
	511	return 0;
	512	}