]>
git.zerfleddert.de Git - proxmark3-svn/blob - tools/nonce2key/nonce2key.c
9cee06d67767c47652716f5f40ecb1cb737d41d3
1 #include "crapto1/crapto1.h"
4 typedef unsigned char byte_t
;
6 int main(const int argc
, const char* argv
[]) {
7 struct Crypto1State
*state
;
8 uint32_t pos
, uid
, nt
, nr
, rr
, nr_diff
;
9 byte_t bt
, i
, ks3x
[8], par
[8][8];
10 uint64_t key_recovered
;
16 printf("\nsyntax: %s <uid> <nt> <par> <ks>\n\n",argv
[0]);
19 sscanf(argv
[1],"%08x",&uid
);
20 sscanf(argv
[2],"%08x",&nt
);
21 sscanf(argv
[3],"%016" SCNx64
,&par_info
);
22 sscanf(argv
[4],"%016" SCNx64
,&ks_info
);
24 // Reset the last three significant bits of the reader nonce
27 printf("\nuid(%08x) nt(%08x) par(%016" PRIx64
") ks(%016" PRIx64
")\n\n",uid
,nt
,par_info
,ks_info
);
29 for (pos
=0; pos
<8; pos
++)
31 ks3x
[7-pos
] = (ks_info
>> (pos
*8)) & 0x0f;
32 bt
= (par_info
>> (pos
*8)) & 0xff;
35 par
[7-pos
][i
] = (bt
>> i
) & 0x01;
39 printf("|diff|{nr} |ks3|ks3^5|parity |\n");
40 printf("+----+--------+---+-----+---------------+\n");
43 nr_diff
= nr
| i
<< 5;
44 printf("| %02x |%08x|",i
<< 5, nr_diff
);
45 printf(" %01x | %01x |",ks3x
[i
], ks3x
[i
]^5);
46 for (pos
=0; pos
<7; pos
++) printf("%01x,",par
[i
][pos
]);
47 printf("%01x|\n",par
[i
][7]);
50 state
= lfsr_common_prefix(nr
,rr
,ks3x
,par
,0);
51 lfsr_rollback_word(state
,uid
^nt
,0);
52 crypto1_get_lfsr(state
,&key_recovered
);
53 printf("\nkey recovered: %012" PRIx64
"\n\n",key_recovered
);
54 crypto1_destroy(state
);