git.zerfleddert.de Git - proxmark3-svn/blob - tools/nonce2key/nonce2key.c

   1 #include "crapto1.h"
   2 #define __STDC_FORMAT_MACROS
   3 #include <inttypes.h>
   4 #define llx PRIx64
   5 #include <stdio.h>
   6 #include <time.h>
   7 typedef unsigned char byte_t;
   8
   9 int main(const int argc, const char* argv[]) {
  10         struct Crypto1State *state;
  11         uint32_t pos, uid, nt, nr, rr, nr_diff, ks1, ks2;
  12         byte_t bt, i, ks3x[8], par[8][8];
  13         uint64_t key, key_recovered;
  14         uint64_t par_info;
  15         uint64_t ks_info;
  16         nr = rr = 0;
  17
  18         if (argc < 5) {
  19                 printf("\nsyntax: %s <uid> <nt> <par> <ks>\n\n",argv[0]);
  20                 return 1;
  21         }
  22         sscanf(argv[1],"%08x",&uid);
  23         sscanf(argv[2],"%08x",&nt);
  24         sscanf(argv[3],"%016"llx,&par_info);
  25         sscanf(argv[4],"%016"llx,&ks_info);
  26
  27         // Reset the last three significant bits of the reader nonce
  28         nr &= 0xffffff1f;
  29
  30         printf("\nuid(%08x) nt(%08x) par(%016"llx") ks(%016"llx")\n\n",uid,nt,par_info,ks_info);
  31
  32         for ( pos = 0; pos < 8; pos++ ) {
  33                 ks3x[7-pos] = (ks_info >> (pos*8)) & 0x0f;
  34                 bt = (par_info >> (pos*8)) & 0xff;
  35
  36                 for ( i = 0; i < 8; i++) {
  37                         par[7-pos][i] = (bt >> i) & 0x01;
  38                 }
  39         }
  40
  41         printf("|diff|{nr}    |ks3|ks3^5|parity         |\n");
  42         printf("+----+--------+---+-----+---------------+\n");
  43
  44         for ( i = 0; i < 8; i++) {
  45                 nr_diff = nr | i << 5;
  46                 printf("| %02x |%08x| %01x |  %01x  |", i << 5, nr_diff, ks3x[i], ks3x[i]^5);
  47
  48                 for ( pos = 0; pos < 7; pos++)
  49                         printf("%01x,", par[i][pos]);
  50                 printf("%01x|\n", par[i][7]);
  51         }
  52         printf("+----+--------+---+-----+---------------+\n");
  53
  54         clock_t t1 = clock();
  55
  56         state = lfsr_common_prefix(nr,rr,ks3x,par);
  57         lfsr_rollback_word(state,uid^nt,0);
  58         crypto1_get_lfsr(state,&key_recovered);
  59         printf("\nkey recovered: %012"llx"\n\n",key_recovered);
  60         crypto1_destroy(state);
  61
  62         t1 = clock() - t1;
  63         if ( t1 > 0 ) printf("Time in nonce2key: %.0f ticks \n", (float)t1);
  64         return 0;
  65 }