]> cvs.zerfleddert.de Git - proxmark3-svn/blobdiff - client/mifarehost.c
FIX: The input handling for "hf 14b write" is now correct. Thanks Asper for spotting...
[proxmark3-svn] / client / mifarehost.c
index fe8b8b2682a3d28b46bd469a369c1c6303c93e07..d025918d9130aac580d0b564e32082243cdfa526 100644 (file)
@@ -26,8 +26,6 @@ int compar_int(const void * a, const void * b) {
        else return -1;\r
 }\r
 \r
-\r
-\r
 // Compare 16 Bits out of cryptostate\r
 int Compare16Bits(const void * a, const void * b) {\r
        if ((*(uint64_t*)b & 0x00ff000000ff0000) == (*(uint64_t*)a & 0x00ff000000ff0000)) return 0;\r
@@ -35,7 +33,6 @@ int Compare16Bits(const void * a, const void * b) {
        else return -1;\r
 }\r
 \r
-\r
 typedef \r
        struct {\r
                union {\r
@@ -70,16 +67,12 @@ void* nested_worker_thread(void *arg)
        return statelist->head.slhead;\r
 }\r
 \r
-\r
-\r
-\r
 int mfnested(uint8_t blockNo, uint8_t keyType, uint8_t * key, uint8_t trgBlockNo, uint8_t trgKeyType, uint8_t * resultKey, bool calibrate) \r
 {\r
        uint16_t i, len;\r
        uint32_t uid;\r
        UsbCommand resp;\r
 \r
-       \r
        StateList_t statelists[2];\r
        struct Crypto1State *p1, *p2, *p3, *p4;\r
        \r
@@ -238,23 +231,22 @@ int mfEmlSetMem(uint8_t *data, int blockNum, int blocksCount) {
 \r
 // "MAGIC" CARD\r
 \r
-int mfCSetUID(uint8_t *uid, uint8_t *oldUID, int wantWipe) {\r
-       uint8_t block0[16];\r
-       memset(block0, 0, 16);\r
+int mfCSetUID(uint8_t *uid, uint8_t *oldUID, bool wantWipe) {\r
+       uint8_t block0[16] = {0x00};\r
        memcpy(block0, uid, 4); \r
        block0[4] = block0[0]^block0[1]^block0[2]^block0[3]; // Mifare UID BCC\r
        // mifare classic SAK(byte 5) and ATQA(byte 6 and 7)\r
-       block0[5] = 0x88;\r
+       block0[5] = 0x08;\r
        block0[6] = 0x04;\r
        block0[7] = 0x00;\r
        \r
        return mfCSetBlock(0, block0, oldUID, wantWipe, CSETBLOCK_SINGLE_OPER);\r
 }\r
 \r
-int mfCSetBlock(uint8_t blockNo, uint8_t *data, uint8_t *uid, int wantWipe, uint8_t params) {\r
-       uint8_t isOK = 0;\r
+int mfCSetBlock(uint8_t blockNo, uint8_t *data, uint8_t *uid, bool wantWipe, uint8_t params) {\r
 \r
-       UsbCommand c = {CMD_MIFARE_EML_CSETBLOCK, {wantWipe, params & (0xFE | (uid == NULL ? 0:1)), blockNo}};\r
+       uint8_t isOK = 0;\r
+       UsbCommand c = {CMD_MIFARE_CSETBLOCK, {wantWipe, params & (0xFE | (uid == NULL ? 0:1)), blockNo}};\r
        memcpy(c.d.asBytes, data, 16); \r
        SendCommand(&c);\r
 \r
@@ -273,7 +265,7 @@ int mfCSetBlock(uint8_t blockNo, uint8_t *data, uint8_t *uid, int wantWipe, uint
 int mfCGetBlock(uint8_t blockNo, uint8_t *data, uint8_t params) {\r
        uint8_t isOK = 0;\r
 \r
-       UsbCommand c = {CMD_MIFARE_EML_CGETBLOCK, {params, 0, blockNo}};\r
+       UsbCommand c = {CMD_MIFARE_CGETBLOCK, {params, 0, blockNo}};\r
        SendCommand(&c);\r
 \r
   UsbCommand resp;\r
@@ -296,7 +288,7 @@ static uint8_t trailerAccessBytes[4] = {0x08, 0x77, 0x8F, 0x00};
 // variables\r
 char logHexFileName[200] = {0x00};\r
 static uint8_t traceCard[4096] = {0x00};\r
-static char traceFileName[20];\r
+static char traceFileName[200] = {0x00};\r
 static int traceState = TRACE_IDLE;\r
 static uint8_t traceCurBlock = 0;\r
 static uint8_t traceCurKey = 0;\r
@@ -310,12 +302,9 @@ uint32_t ks3;
 \r
 uint32_t uid;     // serial number\r
 uint32_t nt;      // tag challenge\r
-uint32_t nt_par; \r
 uint32_t nr_enc;  // encrypted reader challenge\r
 uint32_t ar_enc;  // encrypted reader response\r
-uint32_t nr_ar_par; \r
 uint32_t at_enc;  // encrypted tag response\r
-uint32_t at_par; \r
 \r
 int isTraceCardEmpty(void) {\r
        return ((traceCard[0] == 0) && (traceCard[1] == 0) && (traceCard[2] == 0) && (traceCard[3] == 0));\r
@@ -350,13 +339,15 @@ int loadTraceCard(uint8_t *tuid) {
        while(!feof(f)){\r
                memset(buf, 0, sizeof(buf));\r
                if (fgets(buf, sizeof(buf), f) == NULL) {\r
-      PrintAndLog("File reading error.");\r
+                       PrintAndLog("File reading error.");\r
+                       fclose(f);\r
                        return 2;\r
-    }\r
+       }\r
 \r
                if (strlen(buf) < 32){\r
                        if (feof(f)) break;\r
                        PrintAndLog("File content error. Block data must include 32 HEX symbols");\r
+                       fclose(f);\r
                        return 2;\r
                }\r
                for (i = 0; i < 32; i += 2)\r
@@ -422,7 +413,7 @@ void mf_crypto1_decrypt(struct Crypto1State *pcs, uint8_t *data, int len, bool i
 }\r
 \r
 \r
-int mfTraceDecode(uint8_t *data_src, int len, uint32_t parity, bool wantSaveToEmlFile) {\r
+int mfTraceDecode(uint8_t *data_src, int len, bool wantSaveToEmlFile) {\r
        uint8_t data[64];\r
 \r
        if (traceState == TRACE_ERROR) return 1;\r
@@ -497,7 +488,7 @@ int mfTraceDecode(uint8_t *data_src, int len, uint32_t parity, bool wantSaveToEm
        break;\r
 \r
        case TRACE_WRITE_OK: \r
-               if ((len == 1) && (data[0] = 0x0a)) {\r
+               if ((len == 1) && (data[0] == 0x0a)) {\r
                        traceState = TRACE_WRITE_DATA;\r
 \r
                        return 0;\r
@@ -523,9 +514,7 @@ int mfTraceDecode(uint8_t *data_src, int len, uint32_t parity, bool wantSaveToEm
        case TRACE_AUTH1: \r
                if (len == 4) {\r
                        traceState = TRACE_AUTH2;\r
-\r
                        nt = bytes_to_num(data, 4);\r
-                       nt_par = parity;\r
                        return 0;\r
                } else {\r
                        traceState = TRACE_ERROR;\r
@@ -539,7 +528,6 @@ int mfTraceDecode(uint8_t *data_src, int len, uint32_t parity, bool wantSaveToEm
 \r
                        nr_enc = bytes_to_num(data, 4);\r
                        ar_enc = bytes_to_num(data + 4, 4);\r
-                       nr_ar_par = parity;\r
                        return 0;\r
                } else {\r
                        traceState = TRACE_ERROR;\r
@@ -552,26 +540,16 @@ int mfTraceDecode(uint8_t *data_src, int len, uint32_t parity, bool wantSaveToEm
                        traceState = TRACE_IDLE;\r
 \r
                        at_enc = bytes_to_num(data, 4);\r
-                       at_par = parity;\r
                        \r
                        //  decode key here)\r
-                       if (!traceCrypto1) {\r
-                               ks2 = ar_enc ^ prng_successor(nt, 64);\r
-                               ks3 = at_enc ^ prng_successor(nt, 96);\r
-                               revstate = lfsr_recovery64(ks2, ks3);\r
-                               lfsr_rollback_word(revstate, 0, 0);\r
-                               lfsr_rollback_word(revstate, 0, 0);\r
-                               lfsr_rollback_word(revstate, nr_enc, 1);\r
-                               lfsr_rollback_word(revstate, uid ^ nt, 0);\r
-                       }else{\r
-                               ks2 = ar_enc ^ prng_successor(nt, 64);\r
-                               ks3 = at_enc ^ prng_successor(nt, 96);\r
-                               revstate = lfsr_recovery64(ks2, ks3);\r
-                               lfsr_rollback_word(revstate, 0, 0);\r
-                               lfsr_rollback_word(revstate, 0, 0);\r
-                               lfsr_rollback_word(revstate, nr_enc, 1);\r
-                               lfsr_rollback_word(revstate, uid ^ nt, 0);\r
-                       }\r
+                       ks2 = ar_enc ^ prng_successor(nt, 64);\r
+                       ks3 = at_enc ^ prng_successor(nt, 96);\r
+                       revstate = lfsr_recovery64(ks2, ks3);\r
+                       lfsr_rollback_word(revstate, 0, 0);\r
+                       lfsr_rollback_word(revstate, 0, 0);\r
+                       lfsr_rollback_word(revstate, nr_enc, 1);\r
+                       lfsr_rollback_word(revstate, uid ^ nt, 0);\r
+\r
                        crypto1_get_lfsr(revstate, &lfsr);\r
                        printf("key> %x%x\n", (unsigned int)((lfsr & 0xFFFFFFFF00000000) >> 32), (unsigned int)(lfsr & 0xFFFFFFFF));\r
                        AddLogUint64(logHexFileName, "key> ", lfsr); \r
Impressum, Datenschutz