X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/74a3880283e26a957b61221028792a868daa7f05..70dbfc3fc7a177a81331bd8c86c9d993900f056b:/client/loclass/ikeys.c diff --git a/client/loclass/ikeys.c b/client/loclass/ikeys.c index 2bedad8d..a40d563a 100644 --- a/client/loclass/ikeys.c +++ b/client/loclass/ikeys.c @@ -1,20 +1,28 @@ /***************************************************************************** - * This file is part of iClassCipher. It is a reconstructon of the cipher engine + * WARNING + * + * THIS CODE IS CREATED FOR EXPERIMENTATION AND EDUCATIONAL USE ONLY. + * + * USAGE OF THIS CODE IN OTHER WAYS MAY INFRINGE UPON THE INTELLECTUAL + * PROPERTY OF OTHER PARTIES, SUCH AS INSIDE SECURE AND HID GLOBAL, + * AND MAY EXPOSE YOU TO AN INFRINGEMENT ACTION FROM THOSE PARTIES. + * + * THIS CODE SHOULD NEVER BE USED TO INFRINGE PATENTS OR INTELLECTUAL PROPERTY RIGHTS. + * + ***************************************************************************** + * + * This file is part of loclass. It is a reconstructon of the cipher engine * used in iClass, and RFID techology. * * The implementation is based on the work performed by * Flavio D. Garcia, Gerhard de Koning Gans, Roel Verdult and * Milosch Meriac in the paper "Dismantling IClass". * - * This is a reference implementation of iclass key diversification. I'm sure it can be - * optimized heavily. It is written for ease of understanding and correctness, please take it - * and tweak it and make a super fast version instead, using this for testing and verification. - * Copyright (C) 2014 Martin Holst Swende * * This is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 as published - * by the Free Software Foundation. + * by the Free Software Foundation, or, at your option, any later version. * * This file is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of @@ -22,8 +30,11 @@ * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with IClassCipher. If not, see . + * along with loclass. If not, see . + * + * ****************************************************************************/ + /** @@ -57,12 +68,12 @@ From "Dismantling iclass": #include #include "fileutils.h" #include "cipherutils.h" -#include "des.h" +#include "mbedtls/des.h" uint8_t pi[35] = {0x0F,0x17,0x1B,0x1D,0x1E,0x27,0x2B,0x2D,0x2E,0x33,0x35,0x39,0x36,0x3A,0x3C,0x47,0x4B,0x4D,0x4E,0x53,0x55,0x56,0x59,0x5A,0x5C,0x63,0x65,0x66,0x69,0x6A,0x6C,0x71,0x72,0x74,0x78}; -static des_context ctx_enc = {DES_ENCRYPT,{0}}; -static des_context ctx_dec = {DES_DECRYPT,{0}}; +static mbedtls_des_context ctx_enc = { {0} }; +static mbedtls_des_context ctx_dec = { {0} }; static int debug_print = 0; @@ -382,16 +393,16 @@ void diversifyKey(uint8_t csn[8], uint8_t key[8], uint8_t div_key[8]) { // Prepare the DES key - des_setkey_enc( &ctx_enc, key); + mbedtls_des_setkey_enc( &ctx_enc, key); uint8_t crypted_csn[8] = {0}; // Calculate DES(CSN, KEY) - des_crypt_ecb(&ctx_enc,csn, crypted_csn); + mbedtls_des_crypt_ecb(&ctx_enc,csn, crypted_csn); //Calculate HASH0(DES)) - uint64_t crypt_csn = x_bytes_to_num(crypted_csn, 8); - uint64_t crypted_csn_swapped = swapZvalues(crypt_csn); + uint64_t crypt_csn = x_bytes_to_num(crypted_csn, 8); + //uint64_t crypted_csn_swapped = swapZvalues(crypt_csn); hash0(crypt_csn,div_key); } @@ -455,13 +466,13 @@ typedef struct } Testcase; -int testDES(Testcase testcase, des_context ctx_enc, des_context ctx_dec) +int testDES(Testcase testcase, mbedtls_des_context ctx_enc, mbedtls_des_context ctx_dec) { uint8_t des_encrypted_csn[8] = {0}; uint8_t decrypted[8] = {0}; uint8_t div_key[8] = {0}; - int retval = des_crypt_ecb(&ctx_enc,testcase.uid,des_encrypted_csn); - retval |= des_crypt_ecb(&ctx_dec,des_encrypted_csn,decrypted); + int retval = mbedtls_des_crypt_ecb(&ctx_enc,testcase.uid,des_encrypted_csn); + retval |= mbedtls_des_crypt_ecb(&ctx_dec,des_encrypted_csn,decrypted); if(memcmp(testcase.uid,decrypted,8) != 0) { @@ -667,7 +678,7 @@ int testDES2(uint64_t csn, uint64_t expected) print64bits(" csn ", csn); x_num_to_bytes(csn, 8,input); - des_crypt_ecb(&ctx_enc,input, result); + mbedtls_des_crypt_ecb(&ctx_enc,input, result); uint64_t crypt_csn = x_bytes_to_num(result, 8); print64bits(" {csn} ", crypt_csn ); @@ -698,7 +709,7 @@ int doTestsWithKnownInputs() prnlog("[+] Testing foo"); uint8_t key[8] = {0x6c,0x8d,0x44,0xf9,0x2a,0x2d,0x01,0xbf}; - des_setkey_enc( &ctx_enc, key); + mbedtls_des_setkey_enc( &ctx_enc, key); testDES2(0xbbbbaaaabbbbeeee,0xd6ad3ca619659e6b); prnlog("[+] Testing hashing algorithm"); @@ -725,19 +736,19 @@ int doTestsWithKnownInputs() int readKeyFile(uint8_t key[8]) { - FILE *f; - + int retval = 1; f = fopen("iclass_key.bin", "rb"); - if (f) - { - if(fread(key, sizeof(key), 1, f) == 1) return 0; + if (!f) + return retval; + + if (fread(key, sizeof(uint8_t), 8, f) == 8) { + retval = 0; } - return 1; - + fclose(f); + return retval; } - int doKeyTests(uint8_t debuglevel) { debug_print = debuglevel; @@ -765,8 +776,8 @@ int doKeyTests(uint8_t debuglevel) prnlog("[+] Checking key parity..."); des_checkParity(key); - des_setkey_enc( &ctx_enc, key); - des_setkey_dec( &ctx_dec, key); + mbedtls_des_setkey_enc( &ctx_enc, key); + mbedtls_des_setkey_dec( &ctx_dec, key); // Test hashing functions prnlog("[+] The following tests require the correct 8-byte master key"); testKeyDiversificationWithMasterkeyTestcases();