X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/5421396e7e6ee87db0a465a762b68c250f44eba3..5594c6215e9df0d8e9b77acc389be7ccdadd23e0:/client/cmdhficlass.c?ds=sidebyside diff --git a/client/cmdhficlass.c b/client/cmdhficlass.c index 37cf4dee..c97e433c 100644 --- a/client/cmdhficlass.c +++ b/client/cmdhficlass.c @@ -16,15 +16,14 @@ #include #include #include "iso14443crc.h" // Can also be used for iClass, using 0xE012 as CRC-type -#include "data.h" -#include "proxmark3.h" +#include "comms.h" #include "ui.h" #include "cmdparser.h" #include "cmdhficlass.h" #include "common.h" #include "util.h" #include "cmdmain.h" -#include "polarssl/des.h" +#include "mbedtls/des.h" #include "loclass/cipherutils.h" #include "loclass/cipher.h" #include "loclass/ikeys.h" @@ -54,10 +53,16 @@ typedef struct iclass_block { } iclass_block_t; int usage_hf_iclass_chk(void) { - PrintAndLog("Usage: hf iclass chk [h] "); + PrintAndLog("Checkkeys loads a dictionary text file with 8byte hex keys to test authenticating against a iClass tag"); + PrintAndLog("Usage: hf iclass chk [h|e|r] "); PrintAndLog("Options:"); PrintAndLog("h Show this help"); PrintAndLog("f Dictionary file with default iclass keys"); + PrintAndLog(" e target Elite / High security key scheme"); + PrintAndLog(" r interpret dictionary file as raw (diversified keys)"); + PrintAndLog("Samples:"); + PrintAndLog(" hf iclass chk f default_iclass_keys.dic"); + PrintAndLog(" hf iclass chk f default_iclass_keys.dic e"); return 0; } @@ -409,8 +414,8 @@ int CmdHFiClassDecrypt(const char *Cmd) { fseek(f, 0, SEEK_SET); uint8_t enc_dump[8] = {0}; uint8_t *decrypted = malloc(fsize); - des3_context ctx = { DES_DECRYPT ,{ 0 } }; - des3_set2key_dec( &ctx, key); + mbedtls_des3_context ctx = { 0 }; + mbedtls_des3_set2key_dec( &ctx, key); size_t bytes_read = fread(enc_dump, 1, 8, f); //Use the first block (CSN) for filename @@ -426,7 +431,7 @@ int CmdHFiClassDecrypt(const char *Cmd) { { memcpy(decrypted+(blocknum*8), enc_dump, 8); }else{ - des3_crypt_ecb(&ctx, enc_dump,decrypted +(blocknum*8) ); + mbedtls_des3_crypt_ecb(&ctx, enc_dump,decrypted +(blocknum*8) ); } printvar("decrypted block", decrypted +(blocknum*8), 8); bytes_read = fread(enc_dump, 1, 8, f); @@ -461,10 +466,10 @@ static int iClassEncryptBlkData(uint8_t *blkData) { uint8_t encryptedData[16]; uint8_t *encrypted = encryptedData; - des3_context ctx = { DES_DECRYPT ,{ 0 } }; - des3_set2key_enc( &ctx, key); + mbedtls_des3_context ctx = { 0 }; + mbedtls_des3_set2key_enc( &ctx, key); - des3_crypt_ecb(&ctx, blkData,encrypted); + mbedtls_des3_crypt_ecb(&ctx, blkData,encrypted); //printvar("decrypted block", decrypted, 8); memcpy(blkData,encrypted,8); @@ -744,8 +749,7 @@ int CmdHFiClassReader_Dump(const char *Cmd) { blocksRead = (sizeof(tag_data)/8) - blockno; } // response ok - now get bigbuf content of the dump - GetFromBigBuf(tag_data+(blockno*8), blocksRead*8, startindex); - WaitForResponse(CMD_ACK,NULL); + GetFromBigBuf(tag_data+(blockno*8), blocksRead*8, startindex, NULL, -1, false); size_t gotBytes = blocksRead*8 + blockno*8; // try AA2 @@ -787,8 +791,7 @@ int CmdHFiClassReader_Dump(const char *Cmd) { blocksRead = (sizeof(tag_data) - gotBytes)/8; } // get dumped data from bigbuf - GetFromBigBuf(tag_data+gotBytes, blocksRead*8, startindex); - WaitForResponse(CMD_ACK,NULL); + GetFromBigBuf(tag_data+gotBytes, blocksRead*8, startindex, NULL, -1, false); gotBytes += blocksRead*8; } else { //field is still on - turn it off... @@ -1711,37 +1714,58 @@ int CmdHFiClassManageKeys(const char *Cmd) { int CmdHFiClassCheckKeys(const char *Cmd) { - char ctmp = 0x00; - ctmp = param_getchar(Cmd, 0); - if (ctmp == 'h' || ctmp == 'H') return usage_hf_iclass_chk(); - uint8_t mac[4] = {0x00,0x00,0x00,0x00}; uint8_t key[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}; uint8_t div_key[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}; // elite key, raw key, standard key - bool elite = false; - bool rawkey = false; + bool use_elite = false; + bool use_raw = false; bool found_debit = false; bool found_credit = false; - + bool errors = false; + uint8_t cmdp = 0x00; FILE * f; char filename[FILE_PATH_SIZE] = {0}; + uint8_t fileNameLen = 0; char buf[17]; uint8_t *keyBlock = NULL, *p; int keyitems = 0, keycnt = 0; - - // May be a dictionary file - if ( param_getstr(Cmd, 1, filename, sizeof(filename)) >= FILE_PATH_SIZE ) { - PrintAndLog("File name too long"); - free(keyBlock); - return 2; + while (param_getchar(Cmd, cmdp) != 0x00 && !errors) { + switch (param_getchar(Cmd, cmdp)) { + case 'h': + case 'H': + return usage_hf_iclass_chk(); + case 'f': + case 'F': + fileNameLen = param_getstr(Cmd, cmdp+1, filename, sizeof(filename)); + if (fileNameLen < 1) { + PrintAndLog("No filename found after f"); + errors = true; + } + cmdp += 2; + break; + case 'e': + case 'E': + use_elite = true; + cmdp++; + break; + case 'r': + case 'R': + use_raw = true; + cmdp++; + break; + default: + PrintAndLog("Unknown parameter '%c'\n", param_getchar(Cmd, cmdp)); + errors = true; + break; + } } + if (errors) return usage_hf_iclass_chk(); if ( !(f = fopen( filename , "r")) ) { PrintAndLog("File: %s: not found or locked.", filename); - free(keyBlock); return 1; } @@ -1794,7 +1818,7 @@ int CmdHFiClassCheckKeys(const char *Cmd) { // debit key. try twice for (int foo = 0; foo < 2 && !found_debit; foo++) { - if (!select_and_auth(key, mac, div_key, false, elite, rawkey, false)) + if (!select_and_auth(key, mac, div_key, false, use_elite, use_raw, false)) continue; // key found. @@ -1805,7 +1829,7 @@ int CmdHFiClassCheckKeys(const char *Cmd) { // credit key. try twice for (int foo = 0; foo < 2 && !found_credit; foo++) { - if (!select_and_auth(key, mac, div_key, true, elite, rawkey, false)) + if (!select_and_auth(key, mac, div_key, true, use_elite, use_raw, false)) continue; // key found