1 /*****************************************************************************
4 * THIS CODE IS CREATED FOR EXPERIMENTATION AND EDUCATIONAL USE ONLY.
6 * USAGE OF THIS CODE IN OTHER WAYS MAY INFRINGE UPON THE INTELLECTUAL
7 * PROPERTY OF OTHER PARTIES, SUCH AS INSIDE SECURE AND HID GLOBAL,
8 * AND MAY EXPOSE YOU TO AN INFRINGEMENT ACTION FROM THOSE PARTIES.
10 * THIS CODE SHOULD NEVER BE USED TO INFRINGE PATENTS OR INTELLECTUAL PROPERTY RIGHTS.
12 *****************************************************************************
14 * This file is part of loclass. It is a reconstructon of the cipher engine
15 * used in iClass, and RFID techology.
17 * The implementation is based on the work performed by
18 * Flavio D. Garcia, Gerhard de Koning Gans, Roel Verdult and
19 * Milosch Meriac in the paper "Dismantling IClass".
21 * Copyright (C) 2014 Martin Holst Swende
23 * This is free software: you can redistribute it and/or modify
24 * it under the terms of the GNU General Public License version 2 as published
25 * by the Free Software Foundation.
27 * This file is distributed in the hope that it will be useful,
28 * but WITHOUT ANY WARRANTY; without even the implied warranty of
29 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
30 * GNU General Public License for more details.
32 * You should have received a copy of the GNU General Public License
33 * along with loclass. If not, see <http://www.gnu.org/licenses/>.
37 ****************************************************************************/
42 #include "cipherutils.h"
44 #include "fileutils.h"
48 * @brief Return and remove the first bit (x0) in the stream : <x0 x1 x2 x3 ... xn >
52 bool headBit( BitstreamIn
*stream
)
54 int bytepos
= stream
->position
>> 3; // divide by 8
55 int bitpos
= (stream
->position
++) & 7; // mask out 00000111
56 return (*(stream
->buffer
+ bytepos
) >> (7-bitpos
)) & 1;
59 * @brief Return and remove the last bit (xn) in the stream: <x0 x1 x2 ... xn>
63 bool tailBit( BitstreamIn
*stream
)
65 int bitpos
= stream
->numbits
-1 - (stream
->position
++);
67 int bytepos
= bitpos
>> 3;
69 return (*(stream
->buffer
+ bytepos
) >> (7-bitpos
)) & 1;
72 * @brief Pushes bit onto the stream
76 void pushBit( BitstreamOut
* stream
, bool bit
)
78 int bytepos
= stream
->position
>> 3; // divide by 8
79 int bitpos
= stream
->position
& 7;
80 *(stream
->buffer
+bytepos
) |= (bit
& 1) << (7 - bitpos
);
86 * @brief Pushes the lower six bits onto the stream
87 * as b0 b1 b2 b3 b4 b5 b6
91 void push6bits( BitstreamOut
* stream
, uint8_t bits
)
93 pushBit(stream
, bits
& 0x20);
94 pushBit(stream
, bits
& 0x10);
95 pushBit(stream
, bits
& 0x08);
96 pushBit(stream
, bits
& 0x04);
97 pushBit(stream
, bits
& 0x02);
98 pushBit(stream
, bits
& 0x01);
104 * @return number of bits left in stream
106 int bitsLeft( BitstreamIn
*stream
)
108 return stream
->numbits
- stream
->position
;
113 * @return Number of bits stored in stream
115 int numBits(BitstreamOut
*stream
)
117 return stream
->numbits
;
120 void x_num_to_bytes(uint64_t n
, size_t len
, uint8_t* dest
)
123 dest
[len
] = (uint8_t) n
;
128 uint64_t x_bytes_to_num(uint8_t* src
, size_t len
)
133 num
= (num
<< 8) | (*src
);
138 uint8_t reversebytes(uint8_t b
) {
139 b
= (b
& 0xF0) >> 4 | (b
& 0x0F) << 4;
140 b
= (b
& 0xCC) >> 2 | (b
& 0x33) << 2;
141 b
= (b
& 0xAA) >> 1 | (b
& 0x55) << 1;
144 void reverse_arraybytes(uint8_t* arr
, size_t len
)
147 for( i
=0; i
< len
; i
++)
149 arr
[i
] = reversebytes(arr
[i
]);
152 void reverse_arraycopy(uint8_t* arr
, uint8_t* dest
, size_t len
)
155 for( i
=0; i
< len
; i
++)
157 dest
[i
] = reversebytes(arr
[i
]);
161 void printarr(char * name
, uint8_t* arr
, int len
)
164 size_t outsize
= 40+strlen(name
)+len
*5;
165 char* output
= malloc(outsize
);
166 memset(output
, 0,outsize
);
169 cx
= snprintf(output
,outsize
, "uint8_t %s[] = {", name
);
170 for(i
=0 ; i
< len
; i
++)
172 cx
+= snprintf(output
+cx
,outsize
-cx
,"0x%02x,",*(arr
+i
));//5 bytes per byte
174 cx
+= snprintf(output
+cx
,outsize
-cx
,"};");
178 void printvar(char * name
, uint8_t* arr
, int len
)
181 size_t outsize
= 40+strlen(name
)+len
*2;
182 char* output
= malloc(outsize
);
183 memset(output
, 0,outsize
);
186 cx
= snprintf(output
,outsize
,"%s = ", name
);
187 for(i
=0 ; i
< len
; i
++)
189 cx
+= snprintf(output
+cx
,outsize
-cx
,"%02x",*(arr
+i
));//2 bytes per byte
195 void printarr_human_readable(char * title
, uint8_t* arr
, int len
)
198 size_t outsize
= 100+strlen(title
)+len
*4;
199 char* output
= malloc(outsize
);
200 memset(output
, 0,outsize
);
204 cx
= snprintf(output
,outsize
, "\n\t%s\n", title
);
205 for(i
=0 ; i
< len
; i
++)
208 cx
+= snprintf(output
+cx
,outsize
-cx
,"\n%02x| ", i
);
209 cx
+= snprintf(output
+cx
,outsize
-cx
, "%02x ",*(arr
+i
));
215 //-----------------------------
216 // Code for testing below
217 //-----------------------------
222 uint8_t input
[] = {0xDE,0xAD,0xBE,0xEF,0xDE,0xAD,0xBE,0xEF};
223 uint8_t output
[] = {0,0,0,0,0,0,0,0};
224 BitstreamIn in
= { input
, sizeof(input
) * 8,0};
225 BitstreamOut out
={ output
, 0,0}
227 while(bitsLeft(&in
) > 0)
229 pushBit(&out
, headBit(&in
));
230 //printf("Bits left: %d\n", bitsLeft(&in));
231 //printf("Bits out: %d\n", numBits(&out));
233 if(memcmp(input
, output
, sizeof(input
)) == 0)
235 prnlog(" Bitstream test 1 ok");
238 prnlog(" Bitstream test 1 failed");
240 for(i
= 0 ; i
< sizeof(input
) ; i
++)
242 prnlog(" IN %02x, OUT %02x", input
[i
], output
[i
]);
249 int testReversedBitstream()
251 uint8_t input
[] = {0xDE,0xAD,0xBE,0xEF,0xDE,0xAD,0xBE,0xEF};
252 uint8_t reverse
[] = {0,0,0,0,0,0,0,0};
253 uint8_t output
[] = {0,0,0,0,0,0,0,0};
254 BitstreamIn in
= { input
, sizeof(input
) * 8,0};
255 BitstreamOut out
={ output
, 0,0};
256 BitstreamIn reversed_in
={ reverse
, sizeof(input
)*8,0};
257 BitstreamOut reversed_out
={ reverse
,0 ,0};
259 while(bitsLeft(&in
) > 0)
261 pushBit(&reversed_out
, tailBit(&in
));
263 while(bitsLeft(&reversed_in
) > 0)
265 pushBit(&out
, tailBit(&reversed_in
));
267 if(memcmp(input
, output
, sizeof(input
)) == 0)
269 prnlog(" Bitstream test 2 ok");
272 prnlog(" Bitstream test 2 failed");
274 for(i
= 0 ; i
< sizeof(input
) ; i
++)
276 prnlog(" IN %02x, MIDDLE: %02x, OUT %02x", input
[i
],reverse
[i
], output
[i
]);
284 int testCipherUtils(void)
286 prnlog("[+] Testing some internals...");
288 retval
|= testBitStream();
289 retval
|= testReversedBitstream();