Fix: Minor overflows found by Holiman.
OnError();
return;
}
- cmd_send(CMD_ACK,1,0,0,resp,len);
+ cmd_send(CMD_ACK,1,len,0,resp,len);
OnSuccess();
real_cmd[2] = AUTHENTICATE_AES;
real_cmd[3] = keyno;
- AppendCrc14443a(real_cmd, 2);
+ AppendCrc14443a(real_cmd, 4);
ReaderTransmit(real_cmd, sizeof(real_cmd), NULL);
int len = ReaderReceive(resp);
real_cmd_A[1] = ADDITIONAL_FRAME;
memcpy(real_cmd_A+2, encBoth, sizeof(encBoth) );
- AppendCrc14443a(real_cmd_A, sizeof(real_cmd_A));
+ AppendCrc14443a(real_cmd_A, 34);
ReaderTransmit(real_cmd_A, sizeof(real_cmd_A), NULL);
len = ReaderReceive(resp);
if (len == 11){
if (MF_DBGLEVEL >= 1) {
- Dbprintf("Auth2 Resp: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
+ Dbprintf("Auth2 Resp: %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x",
buffer[0],buffer[1],buffer[2],buffer[3],buffer[4],
buffer[5],buffer[6],buffer[7],buffer[8],buffer[9],
buffer[10]);
}
uint8_t isOK = resp.arg[0] & 0xff;
if ( !isOK ){
- PrintAndLog("Command unsuccessfull");
+ PrintAndLog("Command unsuccessful");
return 0;
}
PrintAndLog(" Free memory on card : %d bytes", le24toh( tmp ));
PrintAndLog("-------------------------------------------------------------");
+
/*
- Card Master key (CMK) 0x00 on AID = 00 00 00 (card level)
- 0x1
-
+ Card Master key (CMK) 0x00 on AID = 00 00 00 (card level) 0x1
Application Master Key (AMK) 0x00 on AID != 00 00 00
Application keys (APK) = 0x01-0x0D
Application free = 0x0E
keys 8,9,10,11 W
keys 12,13,14,15 R
- KEY Versioning.
- Se GetKeyVersion (samma nyckel kan ha olika versionen?)
-
Session key:
16 : RndA(byte0-byte3) + RndB(byte0-byte3) + RndA(byte4-byte7) + RndB(byte4-byte7)
8 : RndA(byte0-byte3) + RndB(byte0-byte3)
}
int CmdHF14ADesEnumApplications(const char *Cmd){
+
+ UsbCommand c = {CMD_MIFARE_DESFIRE, { 0x01, 0x01 }};
+ c.d.asBytes[0] = GET_APPLICATION_IDS;
+ SendCommand(&c);
+ UsbCommand resp;
+
+ if ( !WaitForResponseTimeout(CMD_ACK,&resp,1500) ) {
+ return 0;
+ }
+
+ uint8_t isOK = resp.arg[0] & 0xff;
+ if ( !isOK ){
+ PrintAndLog("Command unsuccessful");
+ return 0;
+ }
+
+ PrintAndLog("---Desfire Enum Applications --------------------------------");
+ PrintAndLog("-------------------------------------------------------------");
+
+ //UsbCommand respFiles;
+
+ uint8_t num = 0;
+ int max = resp.arg[1] -3 -2;
+
+ for(int i=3; i<=max; i+=3){
+ PrintAndLog(" Aid %d : %s ",num ,sprint_hex(resp.d.asBytes+i,3));
+ num++;
+
+ // UsbCommand cFiles = {CMD_MIFARE_DESFIRE, { 0x01, 0x04 }};
+ // cFiles.d.asBytes[0] = GET_FILE_IDS;
+ // cFiles.d.asBytes[1] = resp.d.asBytes+i;
+ // cFiles.d.asBytes[2] = resp.d.asBytes+i+1;
+ // cFiles.d.asBytes[3] = resp.d.asBytes+i+2;
+ // SendCommand(&cFiles);
+
+ // if ( !WaitForResponseTimeout(CMD_ACK,&respFiles,1500) ) {
+ // PrintAndLog(" No files found");
+ // break;
+ // }
+
+ }
+ PrintAndLog("-------------------------------------------------------------");
+
+
return 1;
}
#define GET_KEY_SETTINGS 0x45
#define CHANGE_KEY 0xc4
#define GET_KEY_VERSION 0x64
-#define AUTHENTICATION_FRAME 0xAF
\ No newline at end of file
+#define AUTHENTICATION_FRAME 0xAF
+
+
+#define MAX_APPLICATION_COUNT 28
+#define MAX_FILE_COUNT 16
+#define MAX_FRAME_SIZE 60
+#define NOT_YET_AUTHENTICATED 255
+#define FRAME_PAYLOAD_SIZE (MAX_FRAME_SIZE - 5)
\ No newline at end of file
projects / proxmark3-svn / commitdiff