]> git.zerfleddert.de Git - proxmark3-svn/commitdiff
1. fixed (it seems) readline behavior. Now there is no proxmark3 prompts on the data.
authorMerlokbr@gmail.com <Merlokbr@gmail.com@ef4ab9da-24cd-11de-8aaa-f3a34680c41f>
Thu, 23 Jun 2011 16:49:39 +0000 (16:49 +0000)
committerMerlokbr@gmail.com <Merlokbr@gmail.com@ef4ab9da-24cd-11de-8aaa-f3a34680c41f>
Thu, 23 Jun 2011 16:49:39 +0000 (16:49 +0000)
2. emulator goes into beta stage.
works:
- work with 4BUID and 7BUID dumps
- load/save/grab dumps
- emulate select
- emulate authentication (with nested)
- emulate read/write blocks
- emulate NACK-ACK ping-pong

armsrc/iso14443a.c
client/cmdhfmf.c
client/proxmark3.c
client/ui.c

index 74e269da11c92f60e62e82046c3e4ec16ca275fd..e66a64f5892dbb13e558f06fe6772edb8279a7e2 100644 (file)
@@ -2008,7 +2008,7 @@ void Mifare1ksim(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
        int vHf = 0;    // in mV
        int nextCycleTimeout = 0;
        int res;
-       uint32_t timer = 0;
+//     uint32_t timer = 0;
        uint32_t selTimer = 0;
        uint32_t authTimer = 0;
        uint32_t par = 0;
@@ -2016,13 +2016,15 @@ void Mifare1ksim(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
        uint8_t cardWRBL = 0;
        uint8_t cardAUTHSC = 0;
        uint8_t cardAUTHKEY = 0xff;  // no authentication
+       uint32_t cardRn = 0;
+       uint32_t cardRr = 0;
        uint32_t cuid = 0;
+       uint32_t rn_enc = 0;
+       uint32_t ans = 0;
        struct Crypto1State mpcs = {0, 0};
        struct Crypto1State *pcs;
        pcs = &mpcs;
        
-       uint64_t key64 = 0xffffffffffffULL;
-       
        uint8_t* receivedCmd = eml_get_bigbufptr_recbuf();
        uint8_t *response = eml_get_bigbufptr_sendbuf();
        
@@ -2040,6 +2042,9 @@ void Mifare1ksim(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
        // clear trace
        traceLen = 0;
        tracing = true;
+
+  // Authenticate response - nonce
+       uint32_t nonce = bytes_to_num(rAUTH_NT, 4);
        
        // get UID from emul memory
        emlGetMemBt(receivedCmd, 7, 1);
@@ -2061,30 +2066,6 @@ void Mifare1ksim(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
 
 // --------------------------------------      test area
 
-   // Authenticate response - nonce
-    uint8_t *resp1 = (((uint8_t *)BigBuf) + EML_RESPONSES);
-    int resp1Len;
-//    uint8_t *resp2 = (((uint8_t *)BigBuf) + EML_RESPONSES + 200);
-//    int resp2Len;
-       CodeIso14443aAsTag(rAUTH_NT, sizeof(rAUTH_NT));
-    memcpy(resp1, ToSend, ToSendMax); resp1Len = ToSendMax;
-               
-       timer = GetTickCount();
-       uint32_t nonce = bytes_to_num(rAUTH_NT, 4);
-       uint32_t rn_enc = 0x98d76b77; // !!!!!!!!!!!!!!!!!
-       uint32_t ans = 0;
-       cuid = bytes_to_num(rUIDBCC1, 4);
-/*     
-       crypto1_create(pcs, key64);
-  crypto1_word(pcs, cuid ^ nonce, 0);
-  crypto1_word(pcs, rn_enc , 1);
-  crypto1_word(pcs, 0, 0);
-  ans = prng_successor(nonce, 96) ^ crypto1_word(pcs, 0, 0);
-       num_to_bytes(ans, 4, rAUTH_AT);
-       CodeIso14443aAsTag(rAUTH_AT, sizeof(rAUTH_AT));
-  memcpy(resp2, ToSend, ToSendMax); resp2Len = ToSendMax;
-       Dbprintf("crypto auth time: %d", GetTickCount() - timer);
-*/
 // --------------------------------------      END test area
        // start mkseconds counter
        StartCountUS();
@@ -2178,7 +2159,7 @@ void Mifare1ksim(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
                                                break;
                                        }
                                        LED_B_ON();
-                                       Dbprintf("--> WORK. anticol1 time: %d", GetTickCount() - selTimer);
+                                       if (MF_DBGLEVEL >= 4)   Dbprintf("--> WORK. anticol1 time: %d", GetTickCount() - selTimer);
                                }
                                
                                break;
@@ -2205,16 +2186,22 @@ void Mifare1ksim(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
                        }
                        case MFEMUL_AUTH1:{
                                if (len == 8) {
-// ---------------------------------
-       rn_enc = bytes_to_num(receivedCmd, 4);
-       crypto1_create(pcs, key64);
-  crypto1_word(pcs, cuid ^ nonce, 0);
-  crypto1_word(pcs, rn_enc , 1);
-  crypto1_word(pcs, 0, 0);
-  ans = prng_successor(nonce, 96) ^ crypto1_word(pcs, 0, 0);
-       num_to_bytes(ans, 4, rAUTH_AT);
-// ---------------------------------
-                               EmSendCmd(rAUTH_AT, sizeof(rAUTH_AT));
+                                       // --- crypto
+                                       rn_enc = bytes_to_num(receivedCmd, 4);
+                                       cardRn = rn_enc ^ crypto1_word(pcs, rn_enc , 1);
+                                       cardRr = bytes_to_num(&receivedCmd[4], 4) ^ crypto1_word(pcs, 0, 0);
+                                       // test if auth OK
+                                       if (cardRr != prng_successor(nonce, 64)){
+                                               Dbprintf("AUTH FAILED. cardRr=%08x, suc=%08x", cardRr, prng_successor(nonce, 64));
+                                               cardSTATE = MFEMUL_IDLE;
+                                               LED_B_OFF();
+                                               LED_C_OFF();
+                                               break;
+                                       }
+                                       ans = prng_successor(nonce, 96) ^ crypto1_word(pcs, 0, 0);
+                                       num_to_bytes(ans, 4, rAUTH_AT);
+                                       // --- crypto
+                                       EmSendCmd(rAUTH_AT, sizeof(rAUTH_AT));
                                        cardSTATE = MFEMUL_AUTH2;
                                } else {
                                        cardSTATE = MFEMUL_IDLE;
@@ -2228,34 +2215,58 @@ void Mifare1ksim(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
 
                                LED_C_ON();
                                cardSTATE = MFEMUL_WORK;
-Dbprintf("AUTH COMPLETED. sec=%d, key=%d time=%d", cardAUTHSC, cardAUTHKEY, GetTickCount() - authTimer);
+                               Dbprintf("AUTH COMPLETED. sec=%d, key=%d time=%d", cardAUTHSC, cardAUTHKEY, GetTickCount() - authTimer);
                                break;
                        }
                        case MFEMUL_WORK:{
-                               // auth
-                               if (len == 4 && (receivedCmd[0] == 0x60 || receivedCmd[0] == 0x61)) {
-authTimer = GetTickCount();
-//                                     EmSendCmd(rAUTH_NT, sizeof(rAUTH_NT));
-//SpinDelayUs(190);
-                                       EmSendCmd14443aRaw(resp1, resp1Len, 0);
-LogTrace(NULL, 0, GetDeltaCountUS(), 0, TRUE);
-//                                     crypto1_create(pcs, key64);
-//                                     if (cardAUTHKEY == 0xff) { // first auth
-//                                     crypto1_word(pcs, cuid ^ bytes_to_num(rAUTH_NT, 4), 0); // uid ^ nonce
-//                                     } else { // nested auth
-//                                     }
-
-                                       cardAUTHSC = receivedCmd[1] / 4;  // received block num
-                                       cardAUTHKEY = receivedCmd[0] - 0x60;
-                                       cardSTATE = MFEMUL_AUTH1;
-                                       nextCycleTimeout = 10;
-                                       break;
-                               }
-                               
                                if (len == 0) break;
                                
-                               // decrypt seqence
-                               if (cardAUTHKEY != 0xff) mf_crypto1_decrypt(pcs, receivedCmd, len);
+                               if (cardAUTHKEY == 0xff) {
+                                       // first authentication
+                                       if (len == 4 && (receivedCmd[0] == 0x60 || receivedCmd[0] == 0x61)) {
+                                               authTimer = GetTickCount();
+
+                                               cardAUTHSC = receivedCmd[1] / 4;  // received block num
+                                               cardAUTHKEY = receivedCmd[0] - 0x60;
+
+                                               // --- crypto
+                                               crypto1_create(pcs, emlGetKey(cardAUTHSC, cardAUTHKEY));
+                                               ans = nonce ^ crypto1_word(pcs, cuid ^ nonce, 0); 
+                                               num_to_bytes(nonce, 4, rAUTH_AT);
+                                               EmSendCmd(rAUTH_AT, sizeof(rAUTH_AT));
+                                               // --- crypto
+                                               
+//   last working revision 
+//                                             EmSendCmd14443aRaw(resp1, resp1Len, 0);
+//                                             LogTrace(NULL, 0, GetDeltaCountUS(), 0, true);
+
+                                               cardSTATE = MFEMUL_AUTH1;
+                                               nextCycleTimeout = 10;
+                                               break;
+                                       }
+                               } else {
+                                       // decrypt seqence
+                                       mf_crypto1_decrypt(pcs, receivedCmd, len);
+                                       
+                                       // nested authentication
+                                       if (len == 4 && (receivedCmd[0] == 0x60 || receivedCmd[0] == 0x61)) {
+                                               authTimer = GetTickCount();
+
+                                               cardAUTHSC = receivedCmd[1] / 4;  // received block num
+                                               cardAUTHKEY = receivedCmd[0] - 0x60;
+
+                                               // --- crypto
+                                               crypto1_create(pcs, emlGetKey(cardAUTHSC, cardAUTHKEY));
+                                               ans = nonce ^ crypto1_word(pcs, cuid ^ nonce, 0); 
+                                               num_to_bytes(ans, 4, rAUTH_AT);
+                                               EmSendCmd(rAUTH_AT, sizeof(rAUTH_AT));
+                                               // --- crypto
+
+                                               cardSTATE = MFEMUL_AUTH1;
+                                               nextCycleTimeout = 10;
+                                               break;
+                                       }
+                               }
                                
                                // rule 13 of 7.5.3. in ISO 14443-4. chaining shall be continued
                                // BUT... ACK --> NACK
@@ -2272,7 +2283,7 @@ LogTrace(NULL, 0, GetDeltaCountUS(), 0, TRUE);
                                
                                // read block
                                if (len == 4 && receivedCmd[0] == 0x30) {
-                                       if (receivedCmd[1] >= 16 * 4) {
+                                       if (receivedCmd[1] >= 16 * 4 || receivedCmd[1] / 4 != cardAUTHSC) {
                                                EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA));
                                                break;
                                        }
@@ -2285,7 +2296,7 @@ LogTrace(NULL, 0, GetDeltaCountUS(), 0, TRUE);
                                
                                // write block
                                if (len == 4 && receivedCmd[0] == 0xA0) {
-                                       if (receivedCmd[1] >= 16 * 4) {
+                                       if (receivedCmd[1] >= 16 * 4 || receivedCmd[1] / 4 != cardAUTHSC) {
                                                EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA));
                                                break;
                                        }
@@ -2304,13 +2315,15 @@ LogTrace(NULL, 0, GetDeltaCountUS(), 0, TRUE);
                                        Dbprintf("--> HALTED. Selected time: %d ms",  GetTickCount() - selTimer);
                                        break;
                                }
-                               break;
-
+                               
                                // command not allowed
                                if (len == 4) {
                                        EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA));
                                        break;
                                }
+
+                               // case break
+                               break;
                        }
                        case MFEMUL_WRITEBL2:{
                                if (len == 18){
@@ -2319,8 +2332,12 @@ LogTrace(NULL, 0, GetDeltaCountUS(), 0, TRUE);
                                        EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_ACK));
                                        cardSTATE = MFEMUL_WORK;
                                        break;
+                               } else {
+                                       cardSTATE = MFEMUL_IDLE;
+                                       LED_B_OFF();
+                                       LED_C_OFF();
+                                       break;
                                }
-Dbprintf("err write block: %d len:%d", cardWRBL, len);
                                break;
                        }
                
index b46c33b02831edd5eb671c9e7e852b6f145a5a7f..130e280201c1b88d021bdbc401c5fb0a40823c9d 100644 (file)
@@ -796,8 +796,8 @@ static command_t CommandTable[] =
   {"nested",   CmdHF14AMfNested,               0, "Test nested authentication"},\r
   {"sim",                      CmdHF14AMf1kSim,                0, "Simulate MIFARE 1k card"},\r
   {"eclr",     CmdHF14AMfEClear,               0, "Clear simulator memory block"},\r
-  {"eget",             CmdHF14AMfEGet,                 0, "Set simulator memory block"},\r
-  {"eset",             CmdHF14AMfESet,                 0, "Get simulator memory block"},\r
+  {"eget",             CmdHF14AMfEGet,                 0, "Get simulator memory block"},\r
+  {"eset",             CmdHF14AMfESet,                 0, "Set simulator memory block"},\r
   {"eload",            CmdHF14AMfELoad,                0, "Load from file emul dump"},\r
   {"esave",            CmdHF14AMfESave,                0, "Save to file emul dump"},\r
   {"ecfill",   CmdHF14AMfECFill,               0, "Fill simulator memory with help of keys from simulator"},\r
index 209e132c6f683e08d9291f4a6051e32ef74b24b8..9105ca62b8acc7ce1f808de59477a291537b1550 100644 (file)
@@ -38,15 +38,7 @@ static void *usb_receiver(void *targ)
 
   while (arg->run) {
     if (ReceiveCommandPoll(&cmdbuf)) {
-      for (int i = 0; i < strlen(PROXPROMPT); i++)
-        putchar(0x08);
       UsbCommandReceived(&cmdbuf);
-                       // there is a big bug )
-                       if (cmdbuf.cmd >= 0x0100 && cmdbuf.cmd <= 0x0110) { // debug commands
-                               printf(">");
-//                             rl_on_new_line_with_prompt();
-//                             rl_forced_update_display();
-                       }
       fflush(NULL);
     }
   }
@@ -76,7 +68,6 @@ static void *main_loop(void *targ)
                        
                        if (cmd[0] != 0x00) {
                                if (strncmp(cmd, "quit", 4) == 0) {
-                                       write_history(".history");
                                        break;
                                }
                                
@@ -90,6 +81,8 @@ static void *main_loop(void *targ)
                }
        }
 
+       write_history(".history");
+
   if (arg->usb_present == 1) {
     rarg.run = 0;
     pthread_join(reader_thread, NULL);
index da21049e7b0a67ca00aad87c90d2f5434770730a..1eb877d84e1a8875f203f53910bd5d1d910f1de4 100644 (file)
 //-----------------------------------------------------------------------------
 
 #include <stdarg.h>
+#include <stdlib.h>
 #include <stdio.h>
 #include <time.h>
+#include <readline/readline.h>
 
 #include "ui.h"
 
@@ -23,6 +25,8 @@ static char *logfilename = "proxmark3.log";
 
 void PrintAndLog(char *fmt, ...)
 {
+       char *saved_line;
+       int saved_point;
   va_list argptr, argptr2;
   static FILE *logfile = NULL;
   static int logging=1;
@@ -34,12 +38,32 @@ void PrintAndLog(char *fmt, ...)
       logging=0;
     }
   }
+       
+       int need_hack = (rl_readline_state & RL_STATE_READCMD) > 0;
 
+       if (need_hack) {
+               saved_point = rl_point;
+               saved_line = rl_copy_text(0, rl_end);
+               rl_save_prompt();
+               rl_replace_line("", 0);
+               rl_redisplay();
+       }
+       
   va_start(argptr, fmt);
   va_copy(argptr2, argptr);
   vprintf(fmt, argptr);
+  vprintf("          ", 0); // cleaning prompt
   va_end(argptr);
   printf("\n");
+
+       if (need_hack) {
+               rl_restore_prompt();
+               rl_replace_line(saved_line, 0);
+               rl_point = saved_point;
+               rl_redisplay();
+               free(saved_line);
+       }
+       
   if (logging && logfile) {
     vfprintf(logfile, fmt, argptr2);
     fprintf(logfile,"\n");
Impressum, Datenschutz