X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/6b23be6b7ecd1660922d53c8c1c0522f69389dc6..af17926620a2537d165d8b00d97ce8a88d2944d2:/armsrc/iso14443a.c diff --git a/armsrc/iso14443a.c b/armsrc/iso14443a.c index f9dfebd9..642e8899 100644 --- a/armsrc/iso14443a.c +++ b/armsrc/iso14443a.c @@ -867,10 +867,10 @@ void SimulateIso14443aTag(int tagType, int flags, byte_t* data) { uint8_t cardAUTHKEY = 0xff; // no authentication // allow collecting up to 8 sets of nonces to allow recovery of up to 8 keys #define ATTACK_KEY_COUNT 8 // keep same as define in cmdhfmf.c -> readerAttack() - nonces_t ar_nr_resp[ATTACK_KEY_COUNT*2]; //*2 for 2 separate attack types (nml, moebius) + nonces_t ar_nr_resp[ATTACK_KEY_COUNT*2]; // for 2 separate attack types (nml, moebius) memset(ar_nr_resp, 0x00, sizeof(ar_nr_resp)); - uint8_t ar_nr_collected[ATTACK_KEY_COUNT*2]; //*2 for 2nd attack type (moebius) + uint8_t ar_nr_collected[ATTACK_KEY_COUNT*2]; // for 2nd attack type (moebius) memset(ar_nr_collected, 0x00, sizeof(ar_nr_collected)); uint8_t nonce1_count = 0; uint8_t nonce2_count = 0; @@ -2175,8 +2175,9 @@ int32_t dist_nt(uint32_t nt1, uint32_t nt2) { // Cloning MiFare Classic Rail and Building Passes, Anywhere, Anytime" // (article by Nicolas T. Courtois, 2009) //----------------------------------------------------------------------------- -void ReaderMifare(bool first_try, uint8_t block ) { - uint8_t mf_auth[] = { MIFARE_AUTH_KEYA, block, 0x00, 0x00 }; +void ReaderMifare(bool first_try, uint8_t block, uint8_t keytype ) { + + uint8_t mf_auth[] = { keytype, block, 0x00, 0x00 }; uint8_t mf_nr_ar[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }; uint8_t uid[10] = {0,0,0,0,0,0,0,0,0,0}; uint8_t par_list[8] = {0,0,0,0,0,0,0,0}; @@ -2209,17 +2210,19 @@ void ReaderMifare(bool first_try, uint8_t block ) { #define PRNG_SEQUENCE_LENGTH (1 << 16) #define MAX_UNEXPECTED_RANDOM 4 // maximum number of unexpected (i.e. real) random numbers when trying to sync. Then give up. #define MAX_SYNC_TRIES 32 - + + AppendCrc14443a(mf_auth, 2); + BigBuf_free(); BigBuf_Clear_ext(false); clear_trace(); set_tracing(TRUE); iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD); - AppendCrc14443a(mf_auth, 2); - - if (first_try) { - sync_time = GetCountSspClk() & 0xfffffff8; - sync_cycles = PRNG_SEQUENCE_LENGTH + 1130; //65536; //0x10000 // Mifare Classic's random generator repeats every 2^16 cycles (and so do the nonces). + sync_time = GetCountSspClk() & 0xfffffff8; + // iceman, i add 1130 because during my observations this makse the syncronization much fast to sync. + sync_cycles = PRNG_SEQUENCE_LENGTH + 1130; //65536; // Mifare Classic's random generator repeats every 2^16 cycles (and so do the nonces). + + if (first_try) { mf_nr_ar3 = 0; nt_attacked = 0; par_low = 0; @@ -2292,7 +2295,9 @@ void ReaderMifare(bool first_try, uint8_t block ) { WDT_HIT(); LED_B_ON(); - if (first_try && previous_nt && !nt_attacked) { // we didn't calibrate our clock yet + // we didn't calibrate our clock yet, + // iceman: has to be calibrated every time. + if (previous_nt && !nt_attacked) { nt_distance = dist_nt(previous_nt, nt);