static void CodeIso14443aAsTag(const uint8_t *cmd, uint16_t len)
{
- uint8_t par[MAX_PARITY_SIZE];
+ uint8_t par[MAX_PARITY_SIZE] = {0};
GetParity(cmd, len, par);
CodeIso14443aAsTagPar(cmd, len, par);
// of bits specified in the delay parameter.
void PrepareDelayedTransfer(uint16_t delay)
{
+ delay &= 0x07;
+ if (!delay) return;
+
uint8_t bitmask = 0;
uint8_t bits_to_shift = 0;
uint8_t bits_shifted = 0;
+ uint16_t i = 0;
+
+ for (i = 0; i < delay; ++i)
+ bitmask |= (0x01 << i);
- delay &= 0x07;
- if (delay) {
- for (uint16_t i = 0; i < delay; i++) {
- bitmask |= (1 << i);
- }
ToSend[++ToSendMax] = 0x00;
- for (uint16_t i = 0; i < ToSendMax; i++) {
+
+ for (i = 0; i < ToSendMax; ++i) {
bits_to_shift = ToSend[i] & bitmask;
ToSend[i] = ToSend[i] >> delay;
ToSend[i] = ToSend[i] | (bits_shifted << (8 - delay));
bits_shifted = bits_to_shift;
}
}
-}
//-------------------------------------------------------------------------------------
uint32_t ThisTransferTime = 0;
if (timing) {
- if(*timing == 0) { // Measure time
+
+ if (*timing != 0)
+ // Delay transfer (fine tuning - up to 7 MF clock ticks)
+ PrepareDelayedTransfer(*timing & 0x00000007);
+ else
+ // Measure time
*timing = (GetCountSspClk() + 8) & 0xfffffff8;
- } else {
- PrepareDelayedTransfer(*timing & 0x00000007); // Delay transfer (fine tuning - up to 7 MF clock ticks)
- }
- if(MF_DBGLEVEL >= 4 && GetCountSspClk() >= (*timing & 0xfffffff8)) Dbprintf("TransmitFor14443a: Missed timing");
+
- while(GetCountSspClk() < (*timing & 0xfffffff8)); // Delay transfer (multiple of 8 MF clock ticks)
+ if (MF_DBGLEVEL >= 4 && GetCountSspClk() >= (*timing & 0xfffffff8))
+ Dbprintf("TransmitFor14443a: Missed timing");
+
+ // Delay transfer (multiple of 8 MF clock ticks)
+ while (GetCountSspClk() < (*timing & 0xfffffff8));
+
LastTimeProxToAirStart = *timing;
} else {
ThisTransferTime = ((MAX(NextTransferTime, GetCountSspClk()) & 0xfffffff8) + 8);
+
while(GetCountSspClk() < ThisTransferTime);
+
LastTimeProxToAirStart = ThisTransferTime;
}
if (nt1 == nt2) return 0;
+ uint16_t i;
uint32_t nttmp1 = nt1;
uint32_t nttmp2 = nt2;
- for (uint16_t i = 1; i < 0xFFFF; i += 8) {
- nttmp1 = prng_successor(nttmp1, 1); if (nttmp1 == nt2) return i;
- nttmp2 = prng_successor(nttmp2, 1); if (nttmp2 == nt1) return -i;
-
- nttmp1 = prng_successor(nttmp1, 2); if (nttmp1 == nt2) return i+1;
- nttmp2 = prng_successor(nttmp2, 2); if (nttmp2 == nt1) return -i-1;
-
- nttmp1 = prng_successor(nttmp1, 3); if (nttmp1 == nt2) return i+2;
- nttmp2 = prng_successor(nttmp2, 3); if (nttmp2 == nt1) return -i-2;
-
- nttmp1 = prng_successor(nttmp1, 4); if (nttmp1 == nt2) return i+3;
- nttmp2 = prng_successor(nttmp2, 4); if (nttmp2 == nt1) return -i-3;
+ for (i = 1; i < 0xFFFF; i += 8) {
+ nttmp1 = prng_successor_one(nttmp1); if (nttmp1 == nt2) return i;
+ nttmp2 = prng_successor_one(nttmp2); if (nttmp2 == nt1) return -i;
- nttmp1 = prng_successor(nttmp1, 5); if (nttmp1 == nt2) return i+4;
- nttmp2 = prng_successor(nttmp2, 5); if (nttmp2 == nt1) return -i-4;
-
- nttmp1 = prng_successor(nttmp1, 6); if (nttmp1 == nt2) return i+5;
- nttmp2 = prng_successor(nttmp2, 6); if (nttmp2 == nt1) return -i-5;
-
- nttmp1 = prng_successor(nttmp1, 7); if (nttmp1 == nt2) return i+6;
- nttmp2 = prng_successor(nttmp2, 7); if (nttmp2 == nt1) return -i-6;
-
- nttmp1 = prng_successor(nttmp1, 8); if (nttmp1 == nt2) return i+7;
- nttmp2 = prng_successor(nttmp2, 8); if (nttmp2 == nt1) return -i-7;
+ nttmp1 = prng_successor_one(nttmp1); if (nttmp1 == nt2) return i+1;
+ nttmp2 = prng_successor_one(nttmp2); if (nttmp2 == nt1) return -i+1;
+
+ nttmp1 = prng_successor_one(nttmp1); if (nttmp1 == nt2) return i+2;
+ nttmp2 = prng_successor_one(nttmp2); if (nttmp2 == nt1) return -i+2;
+
+ nttmp1 = prng_successor_one(nttmp1); if (nttmp1 == nt2) return i+3;
+ nttmp2 = prng_successor_one(nttmp2); if (nttmp2 == nt1) return -i+3;
+
+ nttmp1 = prng_successor_one(nttmp1); if (nttmp1 == nt2) return i+4;
+ nttmp2 = prng_successor_one(nttmp2); if (nttmp2 == nt1) return -i+4;
+
+ nttmp1 = prng_successor_one(nttmp1); if (nttmp1 == nt2) return i+5;
+ nttmp2 = prng_successor_one(nttmp2); if (nttmp2 == nt1) return -i+5;
+
+ nttmp1 = prng_successor_one(nttmp1); if (nttmp1 == nt2) return i+6;
+ nttmp2 = prng_successor_one(nttmp2); if (nttmp2 == nt1) return -i+6;
+
+ nttmp1 = prng_successor_one(nttmp1); if (nttmp1 == nt2) return i+7;
+ nttmp2 = prng_successor_one(nttmp2); if (nttmp2 == nt1) return -i+7;
+
+ nttmp1 = prng_successor_one(nttmp1); if (nttmp1 == nt2) return i+8;
+ nttmp2 = prng_successor_one(nttmp2); if (nttmp2 == nt1) return -i+8;
+/*
+ if ( prng_successor(nttmp1, i) == nt2) return i;
+ if ( prng_successor(nttmp2, i) == nt1) return -i;
+
+ if ( prng_successor(nttmp1, i+2) == nt2) return i+2;
+ if ( prng_successor(nttmp2, i+2) == nt1) return -(i+2);
+
+ if ( prng_successor(nttmp1, i+3) == nt2) return i+3;
+ if ( prng_successor(nttmp2, i+3) == nt1) return -(i+3);
+
+ if ( prng_successor(nttmp1, i+4) == nt2) return i+4;
+ if ( prng_successor(nttmp2, i+4) == nt1) return -(i+4);
+
+ if ( prng_successor(nttmp1, i+5) == nt2) return i+5;
+ if ( prng_successor(nttmp2, i+5) == nt1) return -(i+5);
+
+ if ( prng_successor(nttmp1, i+6) == nt2) return i+6;
+ if ( prng_successor(nttmp2, i+6) == nt1) return -(i+6);
+
+ if ( prng_successor(nttmp1, i+7) == nt2) return i+7;
+ if ( prng_successor(nttmp2, i+7) == nt1) return -(i+7);
+
+ if ( prng_successor(nttmp1, i+8) == nt2) return i+8;
+ if ( prng_successor(nttmp2, i+8) == nt1) return -(i+8);
+*/
}
return(-99999); // either nt1 or nt2 are invalid nonces
// if we missed the sync time already, advance to the next nonce repeat
while(GetCountSspClk() > sync_time) {
++elapsed_prng_sequences;
- sync_time = (sync_time & 0xfffffff8) + sync_cycles;
+ sync_time += sync_cycles;
}
// Transmit MIFARE_CLASSIC_AUTH at synctime. Should result in returning the same tag nonce (== nt_attacked)
ReaderTransmit(mf_auth, sizeof(mf_auth), &sync_time);
uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE] = {0x00};\r
\r
uint32_t auth1_time, auth2_time;\r
- static uint16_t delta_time;\r
+ static uint16_t delta_time = 0;\r
\r
LED_A_ON();\r
LED_C_OFF();\r
rtr--;\r
continue;\r
};\r
+ auth2_time = (delta_time) ? auth1_time + delta_time : 0;\r
\r
- if (delta_time) {\r
- auth2_time = auth1_time + delta_time;\r
- } else {\r
- auth2_time = 0;\r
- }\r
if(mifare_classic_authex(pcs, cuid, blockNo, keyType, ui64Key, AUTH_NESTED, &nt2, &auth2_time)) {\r
if (MF_DBGLEVEL >= 1) Dbprintf("Nested: Auth2 error");\r
rtr--;\r
\r
nttmp = prng_successor(nt1, 100); //NXP Mifare is typical around 840,but for some unlicensed/compatible mifare card this can be 160\r
for (i = 101; i < 1200; i++) {\r
- nttmp = prng_successor(nttmp, 1);\r
+ nttmp = prng_successor_one(nttmp);\r
if (nttmp == nt2) break;\r
}\r
\r
\r
// nested authentication\r
auth2_time = auth1_time + delta_time;\r
+\r
len = mifare_sendcmd_short(pcs, AUTH_NESTED, 0x60 + (targetKeyType & 0x01), targetBlockNo, receivedAnswer, par, &auth2_time);\r
if (len != 4) {\r
if (MF_DBGLEVEL >= 1) Dbprintf("Nested: Auth2 error len=%d", len);\r
if (MF_DBGLEVEL >= 3) Dbprintf("Nonce#%d: Testing nt1=%08x nt2enc=%08x nt2par=%02x", i+1, nt1, nt2, par[0]);\r
\r
// Parity validity check\r
- for (j = 0; j < 4; j++) {\r
- par_array[j] = (oddparity8(receivedAnswer[j]) != ((par[0] >> (7-j)) & 0x01));\r
- }\r
+// for (j = 0; j < 4; j++) {\r
+// par_array[j] = (oddparity8(receivedAnswer[j]) != ((par[0] >> (7-j)) & 0x01));\r
+// }\r
+ par_array[0] = (oddparity8(receivedAnswer[0]) != ((par[0] >> (7-0)) & 0x01));\r
+ par_array[1] = (oddparity8(receivedAnswer[1]) != ((par[0] >> (7-1)) & 0x01));\r
+ par_array[2] = (oddparity8(receivedAnswer[2]) != ((par[0] >> (7-2)) & 0x01));\r
+ par_array[3] = (oddparity8(receivedAnswer[3]) != ((par[0] >> (7-3)) & 0x01));\r
\r
ncount = 0;\r
nttest = prng_successor(nt1, dmin - 1);\r
for (j = dmin; j < dmax + 1; j++) {\r
- nttest = prng_successor(nttest, 1);\r
+ nttest = prng_successor_one(nttest);\r
ks1 = nt2 ^ nttest;\r
\r
if (valid_nonce(nttest, nt2, ks1, par_array)){\r
// ----------------------------- crypto1 destroy\r
crypto1_destroy(pcs);\r
\r
- byte_t buf[4 + 4 * 4];\r
- memcpy(buf, &cuid, 4);\r
+ byte_t buf[4 + 4 * 4] = {0};\r
+ num_to_bytes(cuid, 4, buf);\r
memcpy(buf+4, &target_nt[0], 4);\r
memcpy(buf+8, &target_ks[0], 4);\r
memcpy(buf+12, &target_nt[1], 4);\r
int OLD_MF_DBGLEVEL = MF_DBGLEVEL; \r
MF_DBGLEVEL = MF_DBG_NONE;\r
\r
+ LEDsoff();\r
LED_A_ON();\r
- LED_B_OFF();\r
- LED_C_OFF();\r
+ \r
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
\r
if (clearTrace) \r
int nonce2key(uint32_t uid, uint32_t nt, uint32_t nr, uint64_t par_info, uint64_t ks_info, uint64_t * key) {
+
struct Crypto1State *state;
uint32_t i, pos, rr = 0, nr_diff;
byte_t bt, ks3x[8], par[8][8];
for ( i = 0; i < 8; i++) {
nr_diff = nr | i << 5;
- printf("| %02x |%08x|", i << 5, nr_diff);
- printf(" %01x | %01x |", ks3x[i], ks3x[i]^5);
+ printf("| %02x |%08x| %01x | %01x |", i << 5, nr_diff, ks3x[i], ks3x[i]^5);
+
for (pos = 0; pos < 7; pos++) printf("%01x,", par[i][pos]);
printf("%01x|\n", par[i][7]);
}
printf("+----+--------+---+-----+---------------+\n");
+ clock_t t1 = clock();
+
state = lfsr_common_prefix(nr, rr, ks3x, par);
lfsr_rollback_word(state, uid^nt, 0);
crypto1_get_lfsr(state, key);
crypto1_destroy(state);
+
+ t1 = clock() - t1;
+ if ( t1 > 0 ) PrintAndLog("Time in nonce2key: %.0f ticks \n", (float)t1);
return 0;
}
pcs = &mpcs;
uid = myuid;//(uint32_t)bytes_to_num(data + 0, 4);
- nt = *(uint32_t*)(data+8);
- nr_enc = *(uint32_t*)(data+12);
- ar_enc = *(uint32_t*)(data+16);
+ nt = *(uint32_t*)(data+8);
+ nr_enc = *(uint32_t*)(data+12);
+ ar_enc = *(uint32_t*)(data+16);
crypto1_word(pcs, nr_enc , 1);
at_enc = prng_successor(nt, 96) ^ crypto1_word(pcs, 0, 0);
num_to_bytes(key, 6, outputkey);
crypto1_destroy(revstate);
return 0;
-}
\ No newline at end of file
+}
projects / proxmark3-svn / commitdiff