X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/480e2f239421563263d07f6d11f2c929d7f14d1f..a5d824656811693c9f31cf41766e419b2dd799f9:/client/nonce2key/crapto1.c

diff --git a/client/nonce2key/crapto1.c b/client/nonce2key/crapto1.c
index 36e21a1c..9f6f7f6b 100644
--- a/client/nonce2key/crapto1.c
+++ b/client/nonce2key/crapto1.c
@@ -26,7 +26,7 @@ static void __attribute__((constructor)) fill_lut()
 {
 	uint32_t i;
 	for(i = 0; i < 1 << 20; ++i)
-			filterlut[i] = filter(i);
+		filterlut[i] = filter(i);
 }
 #define filter(x) (filterlut[(x) & 0xfffff])
 #endif
@@ -158,7 +158,14 @@ struct Crypto1State* lfsr_recovery32(uint32_t ks2, uint32_t in)
 	// allocate memory for out of place bucket_sort
 	bucket_array_t bucket;
 	
-	if ( !bucket_malloc(bucket) ) goto out;
+	for (uint32_t i = 0; i < 2; i++) {
+		for (uint32_t j = 0; j <= 0xff; j++) {
+			bucket[i][j].head = malloc(sizeof(uint32_t)<<14);
+			if (!bucket[i][j].head) {
+				 goto out;
+			}
+		}
+	}
 
 	// initialize statelists: add all possible states which would result into the rightmost 2 bits of the keystream
 	for(i = 1 << 20; i >= 0; --i) {
@@ -181,13 +188,15 @@ struct Crypto1State* lfsr_recovery32(uint32_t ks2, uint32_t in)
 	recover(odd_head, odd_tail, oks, even_head, even_tail, eks, 11, statelist, in << 1, bucket);
 
 out:
+	for (uint32_t i = 0; i < 2; i++)
+		for (uint32_t j = 0; j <= 0xff; j++)
+			free(bucket[i][j].head);
 	free(odd_head);
 	free(even_head);
-	bucket_free(bucket);
 	return statelist;
 }
 
-static const uint32_t S1[] = {     0x62141, 0x310A0, 0x18850, 0x0C428, 0x06214,
+static const uint32_t S1[] = { 0x62141, 0x310A0, 0x18850, 0x0C428, 0x06214,
 	0x0310A, 0x85E30, 0xC69AD, 0x634D6, 0xB5CDE, 0xDE8DA, 0x6F46D, 0xB3C83,
 	0x59E41, 0xA8995, 0xD027F, 0x6813F, 0x3409F, 0x9E6FA};
 static const uint32_t S2[] = {  0x3A557B00, 0x5D2ABD80, 0x2E955EC0, 0x174AAF60,
@@ -458,6 +467,21 @@ static struct Crypto1State* check_pfx_parity(uint32_t prefix, uint32_t rresp, ui
 
 	return sl + good;
 }
+static struct Crypto1State* check_pfx_parity_ex(uint32_t prefix, uint32_t odd, uint32_t even, struct Crypto1State* sl) {
+	
+	uint32_t c = 0;
+
+	sl->odd = odd ^ fastfwd[1][c];
+	sl->even = even ^ fastfwd[0][c];
+	
+	lfsr_rollback_bit(sl, 0, 0);
+	lfsr_rollback_bit(sl, 0, 0);
+	lfsr_rollback_bit(sl, 0, 0);
+	lfsr_rollback_word(sl, 0, 0);
+	lfsr_rollback_word(sl, prefix | c << 5, 1);
+	
+	return ++sl;
+}
 
 /** lfsr_common_prefix
  * Implentation of the common prefix attack.
@@ -477,12 +501,11 @@ struct Crypto1State* lfsr_common_prefix(uint32_t pfx, uint32_t rr, uint8_t ks[8]
 	odd = lfsr_prefix_ks(ks, 1);
 	even = lfsr_prefix_ks(ks, 0);
 
-	s = statelist = malloc((sizeof *statelist) << 21);
+	s = statelist = malloc((sizeof *statelist) << 20);
 	if(!s || !odd || !even) {
 		free(statelist);
-		free(odd);
-		free(even);
-		return 0;
+		statelist = 0;
+		goto out;
 	}
 
 	for(o = odd; *o + 1; ++o)
@@ -494,7 +517,39 @@ struct Crypto1State* lfsr_common_prefix(uint32_t pfx, uint32_t rr, uint8_t ks[8]
 			}
 
 	s->odd = s->even = 0;
+out:
+	free(odd);
+	free(even);
+	return statelist;
+}
+
+struct Crypto1State* lfsr_common_prefix_ex(uint32_t pfx, uint8_t ks[8])
+{
+	struct Crypto1State *statelist, *s;
+	uint32_t *odd, *even, *o, *e, top;
+
+	odd = lfsr_prefix_ks(ks, 1);
+	even = lfsr_prefix_ks(ks, 0);
+
+	s = statelist = malloc((sizeof *statelist) << 20);
+	if(!s || !odd || !even) {
+		free(statelist);
+		statelist = 0;
+		goto out;
+	}
 
+	for(o = odd; *o + 1; ++o)
+		for(e = even; *e + 1; ++e)
+			for(top = 0; top < 64; ++top) {
+				*o += 1 << 21;
+				*e += (!(top & 7) + 1) << 21;
+				s = check_pfx_parity_ex(pfx, *o, *e, s);
+			}
+
+	// in this version, -1 signifies end of states 
+	s->odd = s->even = -1;
+
+out:
 	free(odd);
 	free(even);
 	return statelist;