]> git.zerfleddert.de Git - proxmark3-svn/blob - armsrc/optimized_cipher.h
fix for swapped parity bits
[proxmark3-svn] / armsrc / optimized_cipher.h
1 /*****************************************************************************
2 * WARNING
3 *
4 * THIS CODE IS CREATED FOR EXPERIMENTATION AND EDUCATIONAL USE ONLY.
5 *
6 * USAGE OF THIS CODE IN OTHER WAYS MAY INFRINGE UPON THE INTELLECTUAL
7 * PROPERTY OF OTHER PARTIES, SUCH AS INSIDE SECURE AND HID GLOBAL,
8 * AND MAY EXPOSE YOU TO AN INFRINGEMENT ACTION FROM THOSE PARTIES.
9 *
10 * THIS CODE SHOULD NEVER BE USED TO INFRINGE PATENTS OR INTELLECTUAL PROPERTY RIGHTS.
11 *
12 *****************************************************************************
13 *
14 * This file is part of loclass. It is a reconstructon of the cipher engine
15 * used in iClass, and RFID techology.
16 *
17 * The implementation is based on the work performed by
18 * Flavio D. Garcia, Gerhard de Koning Gans, Roel Verdult and
19 * Milosch Meriac in the paper "Dismantling IClass".
20 *
21 * Copyright (C) 2014 Martin Holst Swende
22 *
23 * This is free software: you can redistribute it and/or modify
24 * it under the terms of the GNU General Public License version 2 as published
25 * by the Free Software Foundation, or, at your option, any later version.
26 *
27 * This file is distributed in the hope that it will be useful,
28 * but WITHOUT ANY WARRANTY; without even the implied warranty of
29 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
30 * GNU General Public License for more details.
31 *
32 * You should have received a copy of the GNU General Public License
33 * along with loclass. If not, see <http://www.gnu.org/licenses/>.
34 *
35 *
36 ****************************************************************************/
37
38 #ifndef OPTIMIZED_CIPHER_H
39 #define OPTIMIZED_CIPHER_H
40 #include <stdint.h>
41
42 /**
43 * Definition 1 (Cipher state). A cipher state of iClass s is an element of F 40/2
44 * consisting of the following four components:
45 * 1. the left register l = (l 0 . . . l 7 ) ∈ F 8/2 ;
46 * 2. the right register r = (r 0 . . . r 7 ) ∈ F 8/2 ;
47 * 3. the top register t = (t 0 . . . t 15 ) ∈ F 16/2 .
48 * 4. the bottom register b = (b 0 . . . b 7 ) ∈ F 8/2 .
49 **/
50 typedef struct {
51 uint8_t l;
52 uint8_t r;
53 uint8_t b;
54 uint16_t t;
55 } State;
56
57 /** The reader MAC is MAC(key, CC * NR )
58 **/
59 void opt_doReaderMAC(uint8_t *cc_nr_p, uint8_t *div_key_p, uint8_t mac[4]);
60 /**
61 * The tag MAC is MAC(key, CC * NR * 32x0))
62 */
63 void opt_doTagMAC(uint8_t *cc_p, const uint8_t *div_key_p, uint8_t mac[4]);
64
65 /**
66 * The tag MAC can be divided (both can, but no point in dividing the reader mac) into
67 * two functions, since the first 8 bytes are known, we can pre-calculate the state
68 * reached after feeding CC to the cipher.
69 * @param cc_p
70 * @param div_key_p
71 * @return the cipher state
72 */
73 State opt_doTagMAC_1(uint8_t *cc_p, const uint8_t *div_key_p);
74 /**
75 * The second part of the tag MAC calculation, since the CC is already calculated into the state,
76 * this function is fed only the NR, and internally feeds the remaining 32 0-bits to generate the tag
77 * MAC response.
78 * @param _init - precalculated cipher state
79 * @param nr - the reader challenge
80 * @param mac - where to store the MAC
81 * @param div_key_p - the key to use
82 */
83 void opt_doTagMAC_2(State _init, uint8_t* nr, uint8_t mac[4], const uint8_t* div_key_p);
84
85 #endif // OPTIMIZED_CIPHER_H
Impressum, Datenschutz