2 #define __STDC_FORMAT_MACROS
6 typedef unsigned char byte_t
;
8 int main(const int argc
, const char* argv
[]) {
9 struct Crypto1State
*state
;
10 uint32_t pos
, uid
, nt
, nr
, rr
, nr_diff
, ks1
, ks2
;
11 byte_t bt
, i
, ks3x
[8], par
[8][8];
12 uint64_t key
, key_recovered
;
18 printf("\nsyntax: %s <uid> <nt> <par> <ks>\n\n",argv
[0]);
21 sscanf(argv
[1],"%08x",&uid
);
22 sscanf(argv
[2],"%08x",&nt
);
23 sscanf(argv
[3],"%016"llx
,&par_info
);
24 sscanf(argv
[4],"%016"llx
,&ks_info
);
26 // Reset the last three significant bits of the reader nonce
29 printf("\nuid(%08x) nt(%08x) par(%016"llx
") ks(%016"llx
")\n\n",uid
,nt
,par_info
,ks_info
);
31 for (pos
=0; pos
<8; pos
++)
33 ks3x
[7-pos
] = (ks_info
>> (pos
*8)) & 0x0f;
34 bt
= (par_info
>> (pos
*8)) & 0xff;
37 par
[7-pos
][i
] = (bt
>> i
) & 0x01;
41 printf("|diff|{nr} |ks3|ks3^5|parity |\n");
42 printf("+----+--------+---+-----+---------------+\n");
45 nr_diff
= nr
| i
<< 5;
46 printf("| %02x |%08x|",i
<< 5, nr_diff
);
47 printf(" %01x | %01x |",ks3x
[i
], ks3x
[i
]^5);
48 for (pos
=0; pos
<7; pos
++) printf("%01x,",par
[i
][pos
]);
49 printf("%01x|\n",par
[i
][7]);
52 state
= lfsr_common_prefix(nr
,rr
,ks3x
,par
);
53 lfsr_rollback_word(state
,uid
^nt
,0);
54 crypto1_get_lfsr(state
,&key_recovered
);
55 printf("\nkey recovered: %012"llx
"\n\n",key_recovered
);
56 crypto1_destroy(state
);