projects / proxmark3-svn / blame
| Commit | Line | Data |
|---|---|---|
| ae3340a0 OM |
1 | //----------------------------------------------------------------------------- |
| 2 | // Copyright (C) 2018 Merlok | |
| 3 | // | |
| 4 | // This code is licensed to you under the terms of the GNU GPL, version 2 or, | |
| 5 | // at your option, any later version. See the LICENSE.txt file for the text of | |
| 6 | // the license. | |
| 7 | //----------------------------------------------------------------------------- | |
| 8 | // iso14443-4 mifare commands | |
| 9 | //----------------------------------------------------------------------------- | |
| 10 | ||
| 11 | #include "mifare4.h" | |
| 12 | #include <ctype.h> | |
| 13 | #include <string.h> | |
| 14 | #include "cmdhf14a.h" | |
| 15 | #include "util.h" | |
| 16 | #include "ui.h" | |
| 17 | #include "polarssl/libpcrypto.h" | |
| 18 | ||
| c8a0f550 OM |
19 | int CalculateMAC(mf4Session *session, uint8_t *data, int datalen, uint8_t *mac, bool verbose) { |
| 20 | if (!session || !session->Authenticated || !mac || !data || !datalen) | |
| 21 | return 1; | |
| 22 | ||
| 23 | memset(mac, 0x00, 8); | |
| 24 | ||
| 25 | if (verbose) | |
| 26 | PrintAndLog("MAC data[%d]: %s", datalen, sprint_hex(data, datalen)); | |
| 27 | ||
| 28 | return aes_cmac8(NULL, session->Key, data, mac, datalen); | |
| 29 | } | |
| 30 | ||
| ae3340a0 OM |
31 | int MifareAuth4(mf4Session *session, uint8_t *keyn, uint8_t *key, bool activateField, bool leaveSignalON, bool verbose) { |
| 32 | uint8_t data[257] = {0}; | |
| 33 | int datalen = 0; | |
| 34 | ||
| 35 | uint8_t Rnd1[17] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x00}; | |
| 36 | uint8_t Rnd2[17] = {0}; | |
| 37 | ||
| 38 | if (session) | |
| 39 | session->Authenticated = false; | |
| 40 | ||
| 41 | uint8_t cmd1[] = {0x70, keyn[1], keyn[0], 0x00}; | |
| 42 | int res = ExchangeRAW14a(cmd1, sizeof(cmd1), activateField, true, data, sizeof(data), &datalen); | |
| 43 | if (res) { | |
| 44 | PrintAndLog("ERROR exchande raw error: %d", res); | |
| 45 | DropField(); | |
| 46 | return 2; | |
| 47 | } | |
| 48 | ||
| 49 | if (verbose) | |
| 50 | PrintAndLog("<phase1: %s", sprint_hex(data, datalen)); | |
| 51 | ||
| 52 | if (datalen < 1) { | |
| 53 | PrintAndLog("ERROR: card response length: %d", datalen); | |
| 54 | DropField(); | |
| 55 | return 3; | |
| 56 | } | |
| 57 | ||
| 58 | if (data[0] != 0x90) { | |
| 59 | PrintAndLog("ERROR: card response error: %02x", data[2]); | |
| 60 | DropField(); | |
| 61 | return 3; | |
| 62 | } | |
| 63 | ||
| 64 | if (datalen != 19) { // code 1b + 16b + crc 2b | |
| 65 | PrintAndLog("ERROR: card response must be 19 bytes long instead of: %d", datalen); | |
| 66 | DropField(); | |
| 67 | return 3; | |
| 68 | } | |
| 69 | ||
| 70 | aes_decode(NULL, key, &data[1], Rnd2, 16); | |
| 71 | Rnd2[16] = Rnd2[0]; | |
| 72 | if (verbose) | |
| 73 | PrintAndLog("Rnd2: %s", sprint_hex(Rnd2, 16)); | |
| 74 | ||
| 75 | uint8_t cmd2[33] = {0}; | |
| 76 | cmd2[0] = 0x72; | |
| 77 | ||
| 78 | uint8_t raw[32] = {0}; | |
| 79 | memmove(raw, Rnd1, 16); | |
| 80 | memmove(&raw[16], &Rnd2[1], 16); | |
| 81 | ||
| 82 | aes_encode(NULL, key, raw, &cmd2[1], 32); | |
| 83 | if (verbose) | |
| 84 | PrintAndLog(">phase2: %s", sprint_hex(cmd2, 33)); | |
| 85 | ||
| c8a0f550 | 86 | res = ExchangeRAW14a(cmd2, sizeof(cmd2), false, true, data, sizeof(data), &datalen); |
| ae3340a0 OM |
87 | if (res) { |
| 88 | PrintAndLog("ERROR exchande raw error: %d", res); | |
| 89 | DropField(); | |
| 90 | return 4; | |
| 91 | } | |
| 92 | ||
| 93 | if (verbose) | |
| 94 | PrintAndLog("<phase2: %s", sprint_hex(data, datalen)); | |
| 95 | ||
| 96 | aes_decode(NULL, key, &data[1], raw, 32); | |
| 97 | ||
| 98 | if (verbose) { | |
| 99 | PrintAndLog("res: %s", sprint_hex(raw, 32)); | |
| 100 | PrintAndLog("Rnd1`: %s", sprint_hex(&raw[4], 16)); | |
| 101 | } | |
| 102 | ||
| 103 | if (memcmp(&raw[4], &Rnd1[1], 16)) { | |
| 104 | PrintAndLog("\nERROR: Authentication FAILED. rnd not equal"); | |
| 105 | if (verbose) { | |
| 106 | PrintAndLog("rnd1 reader: %s", sprint_hex(&Rnd1[1], 16)); | |
| 107 | PrintAndLog("rnd1 card: %s", sprint_hex(&raw[4], 16)); | |
| 108 | } | |
| 109 | DropField(); | |
| 110 | return 5; | |
| 111 | } | |
| 112 | ||
| 113 | if (!leaveSignalON) | |
| 114 | DropField(); | |
| 115 | ||
| 116 | if (verbose) | |
| 117 | PrintAndLog(""); | |
| 118 | ||
| 119 | if (session) { | |
| 120 | session->Authenticated = true; | |
| 121 | session->KeyNum = keyn[1] + (keyn[0] << 8); | |
| 122 | memmove(session->Rnd1, Rnd1, 16); | |
| 123 | memmove(session->Rnd2, Rnd2, 16); | |
| c8a0f550 | 124 | memmove(session->Key, key, 16); |
| ae3340a0 OM |
125 | } |
| 126 | ||
| 127 | PrintAndLog("Authentication OK"); | |
| 128 | ||
| 129 | return 0; | |
| 130 | } | |
| 131 | ||
| c8a0f550 OM |
132 | // Mifare Memory Structure: up to 32 Sectors with 4 blocks each (1k and 2k cards), |
| 133 | // plus evtl. 8 sectors with 16 blocks each (4k cards) | |
| 134 | uint8_t mfNumBlocksPerSector(uint8_t sectorNo) { | |
| 135 | if (sectorNo < 32) | |
| 136 | return 4; | |
| 137 | else | |
| 138 | return 16; | |
| 139 | } | |
| 140 | ||
| 141 | uint8_t mfFirstBlockOfSector(uint8_t sectorNo) { | |
| 142 | if (sectorNo < 32) | |
| 143 | return sectorNo * 4; | |
| 144 | else | |
| 145 | return 32 * 4 + (sectorNo - 32) * 16; | |
| 146 | } | |
| 147 | ||
| 148 | uint8_t mfSectorTrailer(uint8_t blockNo) { | |
| 149 | if (blockNo < 32*4) { | |
| 150 | return (blockNo | 0x03); | |
| 151 | } else { | |
| 152 | return (blockNo | 0x0f); | |
| 153 | } | |
| 154 | } | |
| 155 | ||
| 156 | bool mfIsSectorTrailer(uint8_t blockNo) { | |
| 157 | return (blockNo == mfSectorTrailer(blockNo)); | |
| 158 | } | |
| 159 | ||
| 160 | uint8_t mfSectorNum(uint8_t blockNo) { | |
| 161 | if (blockNo < 32 * 4) | |
| 162 | return blockNo / 4; | |
| 163 | else | |
| 164 | return 32 + (blockNo - 32 * 4) / 16; | |
| 165 | ||
| 166 | } |