X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/7bc95e2e43c0b00b72fc794b18c26a880ac19d1c..fbceacc5b80254eb4381102d44e78aad7490876f:/armsrc/mifarecmd.c diff --git a/armsrc/mifarecmd.c b/armsrc/mifarecmd.c index c934a280..7e3e9293 100644 --- a/armsrc/mifarecmd.c +++ b/armsrc/mifarecmd.c @@ -2,6 +2,9 @@ // Merlok - June 2011, 2012 // Gerhard de Koning Gans - May 2008 // Hagen Fritsch - June 2010 +// Midnitesnake - Dec 2013 +// Andy Davies - Apr 2014 +// Iceman - May 2014 // // This code is licensed to you under the terms of the GNU GPL, version 2 or, // at your option, any later version. See the LICENSE.txt file for the text of @@ -12,6 +15,9 @@ #include "mifarecmd.h" #include "apps.h" +#include "util.h" +#include "desfire.h" +#include "../common/crc.h" //----------------------------------------------------------------------------- // Select, Authenticaate, Read an MIFARE tag. @@ -35,9 +41,7 @@ void MifareReadBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) pcs = &mpcs; // clear trace - iso14a_clear_trace(); -// iso14a_set_tracing(false); - + iso14a_clear_trace(); iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); LED_A_ON(); @@ -46,22 +50,22 @@ void MifareReadBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) while (true) { if(!iso14443a_select_card(uid, NULL, &cuid)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); + if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); break; }; if(mifare_classic_auth(pcs, cuid, blockNo, keyType, ui64Key, AUTH_FIRST)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Auth error"); + if (MF_DBGLEVEL >= 1) Dbprintf("Auth error"); break; }; if(mifare_classic_readblock(pcs, cuid, blockNo, dataoutbuf)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Read block error"); + if (MF_DBGLEVEL >= 1) Dbprintf("Read block error"); break; }; if(mifare_classic_halt(pcs, cuid)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); + if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); break; }; @@ -74,83 +78,128 @@ void MifareReadBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) if (MF_DBGLEVEL >= 2) DbpString("READ BLOCK FINISHED"); - // add trace trailer - memset(uid, 0x44, 4); - LogTrace(uid, 4, 0, 0, TRUE); - -// UsbCommand ack = {CMD_ACK, {isOK, 0, 0}}; -// memcpy(ack.d.asBytes, dataoutbuf, 16); - LED_B_ON(); - cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,16); -// UsbSendPacket((uint8_t *)&ack, sizeof(UsbCommand)); + cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,16); LED_B_OFF(); + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + LEDsoff(); +} + - // Thats it... +void MifareUC_Auth1(uint8_t arg0, uint8_t *datain){ + // variables + byte_t isOK = 0; + byte_t dataoutbuf[16]; + uint8_t uid[10]; + uint32_t cuid; + + // clear trace + iso14a_clear_trace(); + iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); + + LED_A_ON(); + LED_B_OFF(); + LED_C_OFF(); + + + if(!iso14443a_select_card(uid, NULL, &cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card, something went wrong before auth"); + }; + + if(mifare_ultra_auth1(cuid, dataoutbuf)){ + if (MF_DBGLEVEL >= 1) Dbprintf("Authentication part1: Fail."); + } + + isOK=1; + if (MF_DBGLEVEL >= 2) DbpString("AUTH 1 FINISHED"); + + LED_B_ON(); + cmd_send(CMD_ACK,isOK,cuid,0,dataoutbuf,11); + LED_B_OFF(); + + // Thats it... + LEDsoff(); +} +void MifareUC_Auth2(uint32_t arg0, uint8_t *datain){ + // params + uint32_t cuid = arg0; + uint8_t key[16]={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}; + // variables + byte_t isOK = 0; + byte_t dataoutbuf[16]; + + memcpy(key, datain, 16); + + LED_A_ON(); + LED_B_OFF(); + LED_C_OFF(); + + if(mifare_ultra_auth2(cuid, key, dataoutbuf)){ + if (MF_DBGLEVEL >= 1) Dbprintf("Authentication part2: Fail..."); + } + isOK=1; + if (MF_DBGLEVEL >= 2) DbpString("AUTH 2 FINISHED"); + + LED_B_ON(); + cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,11); + LED_B_OFF(); + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); LEDsoff(); -// iso14a_set_tracing(TRUE); - -} - -void MifareUReadBlock(uint8_t arg0,uint8_t *datain) -{ - // params - uint8_t blockNo = arg0; - - // variables - byte_t isOK = 0; - byte_t dataoutbuf[16]; - uint8_t uid[10]; - uint32_t cuid; - - // clear trace - iso14a_clear_trace(); +} + +void MifareUReadBlock(uint8_t arg0,uint8_t *datain) +{ + // params + uint8_t blockNo = arg0; + + // variables + byte_t isOK = 0; + byte_t dataoutbuf[16]; + uint8_t uid[10]; + uint32_t cuid; + + // clear trace + iso14a_clear_trace(); iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); - - LED_A_ON(); - LED_B_OFF(); - LED_C_OFF(); - - while (true) { - if(!iso14443a_select_card(uid, NULL, &cuid)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); - break; - }; - - if(mifare_ultra_readblock(cuid, blockNo, dataoutbuf)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Read block error"); - break; - }; - - if(mifare_ultra_halt(cuid)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); - break; - }; - - isOK = 1; - break; - } - - if (MF_DBGLEVEL >= 2) DbpString("READ BLOCK FINISHED"); - - // add trace trailer - memset(uid, 0x44, 4); - LogTrace(uid, 4, 0, 0, TRUE); - LED_B_ON(); - cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,16); - LED_B_OFF(); - - - // Thats it... - FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); - LEDsoff(); -} - -//----------------------------------------------------------------------------- -// Select, Authenticaate, Read an MIFARE tag. -// read sector (data = 4 x 16 bytes = 64 bytes) + + LED_A_ON(); + LED_B_OFF(); + LED_C_OFF(); + + while (true) { + if(!iso14443a_select_card(uid, NULL, &cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); + break; + }; + + if(mifare_ultra_readblock(cuid, blockNo, dataoutbuf)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Read block error"); + break; + }; + + if(mifare_ultra_halt(cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); + break; + }; + + isOK = 1; + break; + } + + if (MF_DBGLEVEL >= 2) DbpString("READ BLOCK FINISHED"); + + LED_B_ON(); + cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,16); + LED_B_OFF(); + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + LEDsoff(); +} + +//----------------------------------------------------------------------------- +// Select, Authenticate, Read a MIFARE tag. +// read sector (data = 4 x 16 bytes = 64 bytes, or 16 x 16 bytes = 256 bytes) //----------------------------------------------------------------------------- void MifareReadSector(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) { @@ -162,7 +211,7 @@ void MifareReadSector(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) // variables byte_t isOK = 0; - byte_t dataoutbuf[16 * 4]; + byte_t dataoutbuf[16 * 16]; uint8_t uid[10]; uint32_t cuid; struct Crypto1State mpcs = {0, 0}; @@ -170,8 +219,7 @@ void MifareReadSector(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) pcs = &mpcs; // clear trace - iso14a_clear_trace(); -// iso14a_set_tracing(false); + iso14a_clear_trace(); iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); @@ -179,135 +227,105 @@ void MifareReadSector(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) LED_B_OFF(); LED_C_OFF(); - while (true) { - if(!iso14443a_select_card(uid, NULL, &cuid)) { + isOK = 1; + if(!iso14443a_select_card(uid, NULL, &cuid)) { + isOK = 0; if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); - break; - }; + } - if(mifare_classic_auth(pcs, cuid, sectorNo * 4, keyType, ui64Key, AUTH_FIRST)) { + + if(isOK && mifare_classic_auth(pcs, cuid, FirstBlockOfSector(sectorNo), keyType, ui64Key, AUTH_FIRST)) { + isOK = 0; if (MF_DBGLEVEL >= 1) Dbprintf("Auth error"); + } + + for (uint8_t blockNo = 0; isOK && blockNo < NumBlocksPerSector(sectorNo); blockNo++) { + if(mifare_classic_readblock(pcs, cuid, FirstBlockOfSector(sectorNo) + blockNo, dataoutbuf + 16 * blockNo)) { + isOK = 0; + if (MF_DBGLEVEL >= 1) Dbprintf("Read sector %2d block %2d error", sectorNo, blockNo); break; - }; - - if(mifare_classic_readblock(pcs, cuid, sectorNo * 4 + 0, dataoutbuf + 16 * 0)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Read block 0 error"); - break; - }; - if(mifare_classic_readblock(pcs, cuid, sectorNo * 4 + 1, dataoutbuf + 16 * 1)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Read block 1 error"); - break; - }; - if(mifare_classic_readblock(pcs, cuid, sectorNo * 4 + 2, dataoutbuf + 16 * 2)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Read block 2 error"); - break; - }; - if(mifare_classic_readblock(pcs, cuid, sectorNo * 4 + 3, dataoutbuf + 16 * 3)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Read block 3 error"); - break; - }; + } + } - if(mifare_classic_halt(pcs, cuid)) { + if(mifare_classic_halt(pcs, cuid)) { if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); - break; - }; - - isOK = 1; - break; } - + // ----------------------------- crypto1 destroy crypto1_destroy(pcs); if (MF_DBGLEVEL >= 2) DbpString("READ SECTOR FINISHED"); - // add trace trailer - memset(uid, 0x44, 4); - LogTrace(uid, 4, 0, 0, TRUE); - -// UsbCommand ack = {CMD_ACK, {isOK, 0, 0}}; -// memcpy(ack.d.asBytes, dataoutbuf, 16 * 2); - LED_B_ON(); - cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,32); -// UsbSendPacket((uint8_t *)&ack, sizeof(UsbCommand)); -// SpinDelay(100); - -// memcpy(ack.d.asBytes, dataoutbuf + 16 * 2, 16 * 2); -// UsbSendPacket((uint8_t *)&ack, sizeof(UsbCommand)); - cmd_send(CMD_ACK,isOK,0,0,dataoutbuf+32, 32); + cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,16*NumBlocksPerSector(sectorNo)); LED_B_OFF(); // Thats it... FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); LEDsoff(); -// iso14a_set_tracing(TRUE); - -} - -void MifareUReadCard(uint8_t arg0, uint8_t *datain) -{ - // params - uint8_t sectorNo = arg0; - - // variables - byte_t isOK = 0; - byte_t dataoutbuf[16 * 4]; - uint8_t uid[10]; - uint32_t cuid; - - // clear trace - iso14a_clear_trace(); -// iso14a_set_tracing(false); - +} + +void MifareUReadCard(uint8_t arg0, int arg1, uint8_t *datain) +{ + // params + uint8_t sectorNo = arg0; + int Pages=arg1; + int count_Pages=0; + // variables + byte_t isOK = 0; + byte_t dataoutbuf[44 * 4]; + uint8_t uid[10]; + uint32_t cuid; + + // clear trace + iso14a_clear_trace(); + iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); - - LED_A_ON(); - LED_B_OFF(); - LED_C_OFF(); - - while (true) { - if(!iso14443a_select_card(uid, NULL, &cuid)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); - break; - }; - for(int sec=0;sec<16;sec++){ - if(mifare_ultra_readblock(cuid, sectorNo * 4 + sec, dataoutbuf + 4 * sec)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Read block %d error",sec); - break; - }; - } - if(mifare_ultra_halt(cuid)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); - break; - }; - - isOK = 1; - break; - } - - if (MF_DBGLEVEL >= 2) DbpString("READ CARD FINISHED"); - - // add trace trailer - memset(uid, 0x44, 4); - LogTrace(uid, 4, 0, 0, TRUE); - - LED_B_ON(); - cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,64); - //cmd_send(CMD_ACK,isOK,0,0,dataoutbuf+32, 32); - LED_B_OFF(); - - // Thats it... - FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); - LEDsoff(); -// iso14a_set_tracing(TRUE); - -} - - -//----------------------------------------------------------------------------- -// Select, Authenticaate, Read an MIFARE tag. -// read block + + LED_A_ON(); + LED_B_OFF(); + LED_C_OFF(); + Dbprintf("Pages %d",Pages); + while (true) { + if(!iso14443a_select_card(uid, NULL, &cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); + break; + }; + for(int sec=0;sec= 1) Dbprintf("Read block %d error",sec); + break; + }else{ + count_Pages++; + }; + } + if(mifare_ultra_halt(cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); + break; + }; + + isOK = 1; + break; + } + Dbprintf("Pages read %d",count_Pages); + if (MF_DBGLEVEL >= 2) DbpString("READ CARD FINISHED"); + + LED_B_ON(); + if (Pages==16) cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,64); + if (Pages==44 && count_Pages==16) cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,64); + if (Pages==44 && count_Pages>16) cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,176); + LED_B_OFF(); + + // Thats it... + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + LEDsoff(); + +} + + +//----------------------------------------------------------------------------- +// Select, Authenticate, Write a MIFARE tag. +// read block //----------------------------------------------------------------------------- void MifareWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) { @@ -330,7 +348,6 @@ void MifareWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) // clear trace iso14a_clear_trace(); -// iso14a_set_tracing(false); iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); @@ -368,159 +385,133 @@ void MifareWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) if (MF_DBGLEVEL >= 2) DbpString("WRITE BLOCK FINISHED"); - // add trace trailer - memset(uid, 0x44, 4); - LogTrace(uid, 4, 0, 0, TRUE); - -// UsbCommand ack = {CMD_ACK, {isOK, 0, 0}}; - LED_B_ON(); cmd_send(CMD_ACK,isOK,0,0,0,0); -// UsbSendPacket((uint8_t *)&ack, sizeof(UsbCommand)); LED_B_OFF(); // Thats it... FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); LEDsoff(); -// iso14a_set_tracing(TRUE); - -} - -void MifareUWriteBlock(uint8_t arg0, uint8_t *datain) -{ - // params - uint8_t blockNo = arg0; - byte_t blockdata[16]; - - memset(blockdata,'\0',16); - memcpy(blockdata, datain,16); - - // variables - byte_t isOK = 0; - uint8_t uid[10]; - uint32_t cuid; - - // clear trace - iso14a_clear_trace(); - // iso14a_set_tracing(false); - - iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); - - LED_A_ON(); - LED_B_OFF(); - LED_C_OFF(); - - while (true) { - if(!iso14443a_select_card(uid, NULL, &cuid)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); - break; - }; - - if(mifare_ultra_writeblock(cuid, blockNo, blockdata)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Write block error"); - break; - }; - - if(mifare_ultra_halt(cuid)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); - break; - }; - - isOK = 1; - break; - } - - if (MF_DBGLEVEL >= 2) DbpString("WRITE BLOCK FINISHED"); - - // add trace trailer - memset(uid, 0x44, 4); - LogTrace(uid, 4, 0, 0, TRUE); - - LED_B_ON(); - cmd_send(CMD_ACK,isOK,0,0,0,0); -// UsbSendPacket((uint8_t *)&ack, sizeof(UsbCommand)); - LED_B_OFF(); - - - // Thats it... - FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); - LEDsoff(); -// iso14a_set_tracing(TRUE); - -} - -void MifareUWriteBlock_Special(uint8_t arg0, uint8_t *datain) -{ - // params - uint8_t blockNo = arg0; - byte_t blockdata[4]; - - memcpy(blockdata, datain,4); - - // variables - byte_t isOK = 0; - uint8_t uid[10]; - uint32_t cuid; - - // clear trace - iso14a_clear_trace(); - // iso14a_set_tracing(false); - +} + +void MifareUWriteBlock(uint8_t arg0, uint8_t *datain) +{ + // params + uint8_t blockNo = arg0; + byte_t blockdata[16]; + + memset(blockdata,'\0',16); + memcpy(blockdata, datain,16); + + // variables + byte_t isOK = 0; + uint8_t uid[10]; + uint32_t cuid; + + // clear trace + iso14a_clear_trace(); + iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); - - LED_A_ON(); - LED_B_OFF(); - LED_C_OFF(); - - while (true) { - if(!iso14443a_select_card(uid, NULL, &cuid)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); - break; - }; - - if(mifare_ultra_special_writeblock(cuid, blockNo, blockdata)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Write block error"); - break; - }; - - if(mifare_ultra_halt(cuid)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); - break; - }; - - isOK = 1; - break; - } - - if (MF_DBGLEVEL >= 2) DbpString("WRITE BLOCK FINISHED"); - - // add trace trailer - memset(uid, 0x44, 4); - LogTrace(uid, 4, 0, 0, TRUE); - - LED_B_ON(); - cmd_send(CMD_ACK,isOK,0,0,0,0); -// UsbSendPacket((uint8_t *)&ack, sizeof(UsbCommand)); - LED_B_OFF(); - - - // Thats it... - FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); - LEDsoff(); -// iso14a_set_tracing(TRUE); - -} - -// Return 1 if the nonce is invalid else return 0 -int valid_nonce(uint32_t Nt, uint32_t NtEnc, uint32_t Ks1, byte_t * parity) { - return ((oddparity((Nt >> 24) & 0xFF) == ((parity[0]) ^ oddparity((NtEnc >> 24) & 0xFF) ^ BIT(Ks1,16))) & \ + + LED_A_ON(); + LED_B_OFF(); + LED_C_OFF(); + + while (true) { + if(!iso14443a_select_card(uid, NULL, &cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); + break; + }; + + if(mifare_ultra_writeblock(cuid, blockNo, blockdata)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Write block error"); + break; + }; + + if(mifare_ultra_halt(cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); + break; + }; + + isOK = 1; + break; + } + + if (MF_DBGLEVEL >= 2) DbpString("WRITE BLOCK FINISHED"); + + LED_B_ON(); + cmd_send(CMD_ACK,isOK,0,0,0,0); + LED_B_OFF(); + + + // Thats it... + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + LEDsoff(); +// iso14a_set_tracing(TRUE); +} + +void MifareUWriteBlock_Special(uint8_t arg0, uint8_t *datain) +{ + // params + uint8_t blockNo = arg0; + byte_t blockdata[4]; + + memcpy(blockdata, datain,4); + + // variables + byte_t isOK = 0; + uint8_t uid[10]; + uint32_t cuid; + + // clear trace + iso14a_clear_trace(); + + iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); + + LED_A_ON(); + LED_B_OFF(); + LED_C_OFF(); + + while (true) { + if(!iso14443a_select_card(uid, NULL, &cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); + break; + }; + + if(mifare_ultra_special_writeblock(cuid, blockNo, blockdata)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Write block error"); + break; + }; + + if(mifare_ultra_halt(cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); + break; + }; + + isOK = 1; + break; + } + + if (MF_DBGLEVEL >= 2) DbpString("WRITE BLOCK FINISHED"); + + LED_B_ON(); + cmd_send(CMD_ACK,isOK,0,0,0,0); + LED_B_OFF(); + + // Thats it... + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + LEDsoff(); +} + +// Return 1 if the nonce is invalid else return 0 +int valid_nonce(uint32_t Nt, uint32_t NtEnc, uint32_t Ks1, byte_t * parity) { + return ((oddparity((Nt >> 24) & 0xFF) == ((parity[0]) ^ oddparity((NtEnc >> 24) & 0xFF) ^ BIT(Ks1,16))) & \ (oddparity((Nt >> 16) & 0xFF) == ((parity[1]) ^ oddparity((NtEnc >> 16) & 0xFF) ^ BIT(Ks1,8))) & \ (oddparity((Nt >> 8) & 0xFF) == ((parity[2]) ^ oddparity((NtEnc >> 8) & 0xFF) ^ BIT(Ks1,0)))) ? 1 : 0; } - //----------------------------------------------------------------------------- // MIFARE nested authentication. // @@ -769,18 +760,11 @@ void MifareChkKeys(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) LED_B_OFF(); LED_C_OFF(); -// SpinDelay(300); for (i = 0; i < keyCount; i++) { -// FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); -// SpinDelay(100); -// FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_ISO14443A | FPGA_HF_ISO14443A_READER_MOD); - // prepare next select by sending a HALT. There is no need to power down the card. if(mifare_classic_halt(pcs, cuid)) { if (MF_DBGLEVEL >= 1) Dbprintf("ChkKeys: Halt error"); } - // SpinDelay(50); - if(!iso14443a_select_card(uid, NULL, &cuid)) { if (OLD_MF_DBGLEVEL >= 1) Dbprintf("ChkKeys: Can't select card"); break; @@ -798,10 +782,6 @@ void MifareChkKeys(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) // ----------------------------- crypto1 destroy crypto1_destroy(pcs); - // add trace trailer - memset(uid, 0x44, 4); - LogTrace(uid, 4, 0, 0, TRUE); - LED_B_ON(); cmd_send(CMD_ACK,isOK,0,0,datain + i * 6,6); LED_B_OFF(); @@ -836,14 +816,11 @@ void MifareEMemSet(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain) } void MifareEMemGet(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain){ -// UsbCommand ack = {CMD_ACK, {arg0, arg1, 0}}; - - byte_t buf[48]; - emlGetMem(buf, arg0, arg1); // data, block num, blocks count + byte_t buf[48]; + emlGetMem(buf, arg0, arg1); // data, block num, blocks count (max 4) LED_B_ON(); - cmd_send(CMD_ACK,arg0,arg1,0,buf,48); -// UsbSendPacket((uint8_t *)&ack, sizeof(UsbCommand)); + cmd_send(CMD_ACK,arg0,arg1,0,buf,48); LED_B_OFF(); } @@ -852,8 +829,7 @@ void MifareEMemGet(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain) // //----------------------------------------------------------------------------- void MifareECardLoad(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain){ - int i; - uint8_t sectorNo = 0; + uint8_t numSectors = arg0; uint8_t keyType = arg1; uint64_t ui64Key = 0; uint32_t cuid; @@ -876,63 +852,51 @@ void MifareECardLoad(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datai LED_B_OFF(); LED_C_OFF(); - while (true) { - if(!iso14443a_select_card(uid, NULL, &cuid)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); - break; - }; - - for (i = 0; i < 16; i++) { - sectorNo = i; - ui64Key = emlGetKey(sectorNo, keyType); - - if (!i){ - if(mifare_classic_auth(pcs, cuid, sectorNo * 4, keyType, ui64Key, AUTH_FIRST)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Sector[%d]. Auth error", i); - break; - } - } else { - if(mifare_classic_auth(pcs, cuid, sectorNo * 4, keyType, ui64Key, AUTH_NESTED)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Sector[%d]. Auth nested error", i); - break; - } - } + bool isOK = true; + + if(!iso14443a_select_card(uid, NULL, &cuid)) { + isOK = false; + if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card"); + } - if(mifare_classic_readblock(pcs, cuid, sectorNo * 4 + 0, dataoutbuf)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Read block 0 error"); - break; - }; - emlSetMem(dataoutbuf, sectorNo * 4 + 0, 1); - - if(mifare_classic_readblock(pcs, cuid, sectorNo * 4 + 1, dataoutbuf)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Read block 1 error"); + for (uint8_t sectorNo = 0; isOK && sectorNo < numSectors; sectorNo++) { + ui64Key = emlGetKey(sectorNo, keyType); + if (sectorNo == 0){ + if(isOK && mifare_classic_auth(pcs, cuid, FirstBlockOfSector(sectorNo), keyType, ui64Key, AUTH_FIRST)) { + isOK = false; + if (MF_DBGLEVEL >= 1) Dbprintf("Sector[%2d]. Auth error", sectorNo); break; - }; - emlSetMem(dataoutbuf, sectorNo * 4 + 1, 1); - - if(mifare_classic_readblock(pcs, cuid, sectorNo * 4 + 2, dataoutbuf)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Read block 2 error"); + } + } else { + if(isOK && mifare_classic_auth(pcs, cuid, FirstBlockOfSector(sectorNo), keyType, ui64Key, AUTH_NESTED)) { + isOK = false; + if (MF_DBGLEVEL >= 1) Dbprintf("Sector[%2d]. Auth nested error", sectorNo); break; - }; - emlSetMem(dataoutbuf, sectorNo * 4 + 2, 1); - - // get block 3 bytes 6-9 - if(mifare_classic_readblock(pcs, cuid, sectorNo * 4 + 3, dataoutbuf)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Read block 3 error"); + } + } + + for (uint8_t blockNo = 0; isOK && blockNo < NumBlocksPerSector(sectorNo); blockNo++) { + if(isOK && mifare_classic_readblock(pcs, cuid, FirstBlockOfSector(sectorNo) + blockNo, dataoutbuf)) { + isOK = false; + if (MF_DBGLEVEL >= 1) Dbprintf("Error reading sector %2d block %2d", sectorNo, blockNo); break; }; - emlGetMem(dataoutbuf2, sectorNo * 4 + 3, 1); - memcpy(&dataoutbuf2[6], &dataoutbuf[6], 4); - emlSetMem(dataoutbuf2, sectorNo * 4 + 3, 1); + if (isOK) { + if (blockNo < NumBlocksPerSector(sectorNo) - 1) { + emlSetMem(dataoutbuf, FirstBlockOfSector(sectorNo) + blockNo, 1); + } else { // sector trailer, keep the keys, set only the AC + emlGetMem(dataoutbuf2, FirstBlockOfSector(sectorNo) + blockNo, 1); + memcpy(&dataoutbuf2[6], &dataoutbuf[6], 4); + emlSetMem(dataoutbuf2, FirstBlockOfSector(sectorNo) + blockNo, 1); + } + } } - if(mifare_classic_halt(pcs, cuid)) { - if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); - break; - }; - - break; - } + } + + if(mifare_classic_halt(pcs, cuid)) { + if (MF_DBGLEVEL >= 1) Dbprintf("Halt error"); + }; // ----------------------------- crypto1 destroy crypto1_destroy(pcs); @@ -942,16 +906,8 @@ void MifareECardLoad(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datai if (MF_DBGLEVEL >= 2) DbpString("EMUL FILL SECTORS FINISHED"); - // add trace trailer - memset(uid, 0x44, 4); - LogTrace(uid, 4, 0, 0, TRUE); } -//----------------------------------------------------------------------------- -// MIFARE 1k emulator -// -//----------------------------------------------------------------------------- - //----------------------------------------------------------------------------- // Work with "magic Chinese" card (email him: ouyangweidaxian@live.cn) @@ -1074,22 +1030,8 @@ void MifareCSetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datai break; } -// UsbCommand ack = {CMD_ACK, {isOK, 0, 0}}; -// if (isOK) memcpy(ack.d.asBytes, uid, 4); - - // add trace trailer - /** - * Removed by Martin, the uid is overwritten with 0x44, - * which can 't be intended. - * - * memset(uid, 0x44, 4); - * LogTrace(uid, 4, 0, 0, TRUE); - **/ - - LED_B_ON(); - cmd_send(CMD_ACK,isOK,0,0,uid,4); -// UsbSendPacket((uint8_t *)&ack, sizeof(UsbCommand)); + cmd_send(CMD_ACK,isOK,0,0,uid,4); LED_B_OFF(); if ((workFlags & 0x10) || (!isOK)) { @@ -1099,6 +1041,7 @@ void MifareCSetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datai } } + void MifareCGetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain){ // params @@ -1171,20 +1114,8 @@ void MifareCGetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datai break; } -// UsbCommand ack = {CMD_ACK, {isOK, 0, 0}}; -// if (isOK) memcpy(ack.d.asBytes, data, 18); - - // add trace trailer - /* - * Removed by Martin, this piece of overwrites the 'data' variable - * which is sent two lines down, and is obviously not correct. - * - * memset(data, 0x44, 4); - * LogTrace(data, 4, 0, 0, TRUE); - */ LED_B_ON(); - cmd_send(CMD_ACK,isOK,0,0,data,18); -// UsbSendPacket((uint8_t *)&ack, sizeof(UsbCommand)); + cmd_send(CMD_ACK,isOK,0,0,data,18); LED_B_OFF(); if ((workFlags & 0x10) || (!isOK)) {