]> cvs.zerfleddert.de Git - proxmark3-svn/blobdiff - client/cmdhfmfdes.c
CHG: syntax sugar
[proxmark3-svn] / client / cmdhfmfdes.c
index f3217df20e6364931057a606837d1d380f3e829f..a00592330e9d4ad37733128afce4997f3df53753 100644 (file)
@@ -12,7 +12,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <ctype.h>
 #include <stdlib.h>
 #include <string.h>
 #include <ctype.h>
-#include <openssl/des.h>
+#include "loclass/des.h"
 #include "cmdmain.h"
 #include "proxmark3.h"
 #include "../include/common.h"
 #include "cmdmain.h"
 #include "proxmark3.h"
 #include "../include/common.h"
 #include "cmdparser.h"
 #include "util.h"
 #include "cmdhfmfdes.h"
 #include "cmdparser.h"
 #include "util.h"
 #include "cmdhfmfdes.h"
+#include "cmdhf14a.h"
 
 
 
 
-uint8_t key_zero_data[16] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
-uint8_t key_defa_data[16] = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f };
-uint8_t key_ones_data[16] = { 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01 };
+uint8_t CMDPOS = 0;
+uint8_t LENPOS = 1;
 
 
+uint8_t key_zero_data[16] = { 0x00 };
+uint8_t key_ones_data[16] = { 0x01 };
+uint8_t key_defa_data[16] = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f };
+uint8_t key_picc_data[16] = { 0x40,0x41,0x42,0x43,0x44,0x45,0x46,0x47,0x48,0x49,0x4a,0x4b,0x4c,0x4d,0x4e,0x4f };
 
 static int CmdHelp(const char *Cmd);
 
 static int CmdHelp(const char *Cmd);
-static void xor(unsigned char * dst, unsigned char * src, size_t len);
-static int32_t le24toh (uint8_t data[3]);
-
 
 int CmdHF14ADesWb(const char *Cmd)
 {
 
 int CmdHF14ADesWb(const char *Cmd)
 {
@@ -147,23 +148,23 @@ int CmdHF14ADesInfo(const char *Cmd){
                PrintAndLog("Command unsuccessful");
                return 0;
        }  
                PrintAndLog("Command unsuccessful");
                return 0;
        }  
-       
-       PrintAndLog("---Desfire Information---------------------------------------");
+       PrintAndLog("");
+       PrintAndLog("-- Desfire Information --------------------------------------");
        PrintAndLog("-------------------------------------------------------------");
        PrintAndLog("  UID                : %s",sprint_hex(resp.d.asBytes, 7));
        PrintAndLog("  Batch number       : %s",sprint_hex(resp.d.asBytes+28,5));
        PrintAndLog("  Production date    : week %02x, 20%02x",resp.d.asBytes[33], resp.d.asBytes[34]);
        PrintAndLog("-------------------------------------------------------------");
        PrintAndLog("  UID                : %s",sprint_hex(resp.d.asBytes, 7));
        PrintAndLog("  Batch number       : %s",sprint_hex(resp.d.asBytes+28,5));
        PrintAndLog("  Production date    : week %02x, 20%02x",resp.d.asBytes[33], resp.d.asBytes[34]);
-       PrintAndLog("-------------------------------------------------------------");
+       PrintAndLog("  -----------------------------------------------------------");
        PrintAndLog("  Hardware Information");
        PrintAndLog("  Hardware Information");
-       PrintAndLog("      Vendor Id      : %s", GetVendorStr(resp.d.asBytes[7]));
+       PrintAndLog("      Vendor Id      : %s", getTagInfo(resp.d.asBytes[7]));
        PrintAndLog("      Type           : 0x%02X",resp.d.asBytes[8]);
        PrintAndLog("      Subtype        : 0x%02X",resp.d.asBytes[9]);
        PrintAndLog("      Type           : 0x%02X",resp.d.asBytes[8]);
        PrintAndLog("      Subtype        : 0x%02X",resp.d.asBytes[9]);
-       PrintAndLog("      Version        : %d.%d",resp.d.asBytes[10], resp.d.asBytes[11]);
+       PrintAndLog("      Version        : %s",GetVersionStr(resp.d.asBytes[10], resp.d.asBytes[11]) );
        PrintAndLog("      Storage size   : %s",GetCardSizeStr(resp.d.asBytes[12]));
        PrintAndLog("      Protocol       : %s",GetProtocolStr(resp.d.asBytes[13]));
        PrintAndLog("      Storage size   : %s",GetCardSizeStr(resp.d.asBytes[12]));
        PrintAndLog("      Protocol       : %s",GetProtocolStr(resp.d.asBytes[13]));
-       PrintAndLog("-------------------------------------------------------------");
+       PrintAndLog("  -----------------------------------------------------------");
        PrintAndLog("  Software Information");
        PrintAndLog("  Software Information");
-       PrintAndLog("      Vendor Id      : %s",GetVendorStr(resp.d.asBytes[14]));
+       PrintAndLog("      Vendor Id      : %s", getTagInfo(resp.d.asBytes[14]));
        PrintAndLog("      Type           : 0x%02X",resp.d.asBytes[15]);
        PrintAndLog("      Subtype        : 0x%02X",resp.d.asBytes[16]);
        PrintAndLog("      Version        : %d.%d",resp.d.asBytes[17], resp.d.asBytes[18]);
        PrintAndLog("      Type           : 0x%02X",resp.d.asBytes[15]);
        PrintAndLog("      Subtype        : 0x%02X",resp.d.asBytes[16]);
        PrintAndLog("      Version        : %d.%d",resp.d.asBytes[17], resp.d.asBytes[18]);
@@ -171,53 +172,15 @@ int CmdHF14ADesInfo(const char *Cmd){
        PrintAndLog("      Protocol       : %s", GetProtocolStr(resp.d.asBytes[20]));
        PrintAndLog("-------------------------------------------------------------");
        
        PrintAndLog("      Protocol       : %s", GetProtocolStr(resp.d.asBytes[20]));
        PrintAndLog("-------------------------------------------------------------");
        
+       // Master Key settings
+       GetKeySettings(NULL);
        
        
-       UsbCommand c1 = {CMD_MIFARE_DESFIRE, { 0x03, 0x01 }};
-       c1.d.asBytes[0] = GET_KEY_SETTINGS;
-    SendCommand(&c1);
-       if ( !WaitForResponseTimeout(CMD_ACK,&resp,1500) ) {
-               return 0;
-       }  
-       
-       PrintAndLog("  Master Key settings");
-       if (  resp.d.asBytes[3] & (1 << 3 ) )
-               PrintAndLog("     0x08 Configuration changeable");
-       else
-               PrintAndLog("     0x08 Configuration NOT changeable");
-
-       if (  resp.d.asBytes[3] & (1 << 2 ) )
-               PrintAndLog("     0x04 PICC Master Key not required for create / delete");
-       else 
-               PrintAndLog("     0x04 PICC Master Key required for create / delete");
-
-       if (  resp.d.asBytes[3] & (1 << 1 ) )
-               PrintAndLog("     0x02 Free directory list access without PICC Master Key");
-       else
-               PrintAndLog("     0x02 Directory list access with PICC Master Key");
-       
-       if (  resp.d.asBytes[3] & (1 << 0 ) )
-               PrintAndLog("     0x01 Allow changing the Master Key");
-       else
-               PrintAndLog("     0x01 Master Key is not changeable anymore");
-       
-       //                                      init   len
-       UsbCommand c2 = {CMD_MIFARE_DESFIRE, { 0x03, 0x02 }};
-    c2.d.asBytes[0] = GET_KEY_VERSION;
-       c2.d.asBytes[1] = 0x00;
-       SendCommand(&c2);
-       if ( !WaitForResponseTimeout(CMD_ACK,&resp,1500) ) {
-               return 0;
-       }
-       
-       PrintAndLog("");
-       PrintAndLog("     Max number of keys  : %d", resp.d.asBytes[4]);
-       PrintAndLog("     Master key Version  : %d (0x%02x)", resp.d.asBytes[3], resp.d.asBytes[3]);
-       PrintAndLog("-------------------------------------------------------------");
-       
-
-       UsbCommand c3 = {CMD_MIFARE_DESFIRE, { 0x03, 0x01 }};
-       c3.d.asBytes[0] = GET_FREE_MEMORY;
-    SendCommand(&c3);
+       // Free memory on card
+       c.cmd = CMD_MIFARE_DESFIRE;
+       c.arg[0] = (INIT | DISCONNECT);
+       c.arg[1] = 0x01;
+       c.d.asBytes[0] = GET_FREE_MEMORY;
+    SendCommand(&c);
        if ( !WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
                return 0;
        }  
        if ( !WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
                return 0;
        }  
@@ -225,7 +188,7 @@ int CmdHF14ADesInfo(const char *Cmd){
        uint8_t tmp[3];
        memcpy(tmp, resp.d.asBytes+3,3); 
 
        uint8_t tmp[3];
        memcpy(tmp, resp.d.asBytes+3,3); 
 
-       PrintAndLog("     Free memory on card : %d bytes", le24toh( tmp ));
+       PrintAndLog("   Available free memory on card       : %d bytes", le24toh( tmp ));
        PrintAndLog("-------------------------------------------------------------");
 
        /*
        PrintAndLog("-------------------------------------------------------------");
 
        /*
@@ -240,28 +203,12 @@ int CmdHF14ADesInfo(const char *Cmd){
                keys 4,5,6,7     RW
                keys 8,9,10,11   W
                keys 12,13,14,15 R
                keys 4,5,6,7     RW
                keys 8,9,10,11   W
                keys 12,13,14,15 R
-               
-               Session key:
-                       16 : RndA(byte0-byte3) + RndB(byte0-byte3) + RndA(byte4-byte7) + RndB(byte4-byte7)
-                       8  : RndA(byte0-byte3) + RndB(byte0-byte3) 
-                       
-                       AES 16 : RndA(byte0-byte3) + RndB(byte0-byte3) + RndA(byte12-byte15) + RndB(byte12-byte15)
+       
        */
        
     return 1;
 }
 
        */
        
     return 1;
 }
 
-char * GetVendorStr( uint8_t id){
-       static char buf[30];
-       char *retStr = buf;
-       
-       if ( id == 0x04 )
-               sprintf(retStr, "0x%02X (NXP)",id);
-       else 
-               sprintf(retStr,"0x%02X (Unknown)",id);
-       return buf;
-}
-
 /*
   The 7 MSBits (= n) code the storage size itself based on 2^n, 
   the LSBit is set to '0' if the size is exactly 2^n
 /*
   The 7 MSBits (= n) code the storage size itself based on 2^n, 
   the LSBit is set to '0' if the size is exactly 2^n
@@ -270,14 +217,14 @@ char * GetVendorStr( uint8_t id){
 */
 char * GetCardSizeStr( uint8_t fsize ){
  
 */
 char * GetCardSizeStr( uint8_t fsize ){
  
-       static char buf[30];
+       static char buf[30] = {0x00};
        char *retStr = buf;
 
        uint16_t usize = 1 << ((fsize >>1) + 1);
        uint16_t lsize = 1 << (fsize >>1);
        
        // is  LSB set?
        char *retStr = buf;
 
        uint16_t usize = 1 << ((fsize >>1) + 1);
        uint16_t lsize = 1 << (fsize >>1);
        
        // is  LSB set?
-       if (  fsize & (1 << 0 ) )
+       if (  fsize & 1 )
                sprintf(retStr, "0x%02X (%d - %d bytes)",fsize, usize, lsize);
        else 
                sprintf(retStr, "0x%02X (%d bytes)", fsize, lsize);             
                sprintf(retStr, "0x%02X (%d - %d bytes)",fsize, usize, lsize);
        else 
                sprintf(retStr, "0x%02X (%d bytes)", fsize, lsize);             
@@ -286,39 +233,228 @@ char * GetCardSizeStr( uint8_t fsize ){
 
 char * GetProtocolStr(uint8_t id){
 
 
 char * GetProtocolStr(uint8_t id){
 
-       static char buf[30];
+       static char buf[30] = {0x00};
        char *retStr = buf;
 
        if ( id == 0x05)
                sprintf(retStr,"0x%02X (ISO 14443-3, 14443-4)", id);
        else
        char *retStr = buf;
 
        if ( id == 0x05)
                sprintf(retStr,"0x%02X (ISO 14443-3, 14443-4)", id);
        else
-               sprintf(retStr,"0x%02X", id);   
+               sprintf(retStr,"0x%02X (Unknown)", id); 
        return buf;
 }
 
        return buf;
 }
 
-int CmdHF14ADesEnumApplications(const char *Cmd){
+char * GetVersionStr(uint8_t major, uint8_t minor){
+
+       static char buf[30] = {0x00};
+       char *retStr = buf;
+
+       if ( major == 0x00)
+               sprintf(retStr,"%d.%d (Desfire MF3ICD40)", major, minor);       
+       else if ( major == 0x01 && minor == 0x00)
+               sprintf(retStr,"%d.%d (Desfire EV1)", major, minor);
+       else if ( major == 0x12 && minor == 0x00)
+               sprintf(retStr,"%d.%d (Desfire EV2)", major, minor);
+       else
+               sprintf(retStr,"%d.%d (Unknown)", major, minor);
+       return buf;
+}
+
+void GetKeySettings( uint8_t *aid){
+       
+       char messStr[512] = {0x00};
+       char *str = messStr;
+       uint8_t isOK = 0;
+       uint32_t options = NONE;
+       UsbCommand c;
+       UsbCommand resp;
+
+       //memset(messStr, 0x00, 512);
+       
+       c.cmd = CMD_MIFARE_DESFIRE;
        
        
-       uint32_t options = 0x00;
+       if ( aid == NULL ){
+               PrintAndLog(" CMK - PICC, Card Master Key settings ");
+               PrintAndLog("");
+               c.arg[CMDPOS] = (INIT | DISCONNECT);
+               c.arg[LENPOS] =  0x01;
+               c.d.asBytes[0] = GET_KEY_SETTINGS;  // 0x45
+               SendCommand(&c);
+               if ( !WaitForResponseTimeout(CMD_ACK,&resp,1000) ) {return;}  
+               isOK  = resp.arg[0] & 0xff;
+               if ( !isOK ){
+                       PrintAndLog("   Can't select master application");      
+                       return;
+               }       
+
+               str = (resp.d.asBytes[3] & (1 << 3 )) ? "YES":"NO";     
+               PrintAndLog("   [0x08] Configuration changeable       : %s", str);
+               str = (resp.d.asBytes[3] & (1 << 2 )) ? "NO":"YES";
+               PrintAndLog("   [0x04] CMK required for create/delete : %s",str);
+               str = (resp.d.asBytes[3] & (1 << 1 )) ? "NO":"YES";
+               PrintAndLog("   [0x02] Directory list access with CMK : %s",str);
+               str = (resp.d.asBytes[3] & (1 << 0 )) ? "YES" : "NO";
+               PrintAndLog("   [0x01] CMK is changeable              : %s", str);
+                       
+               c.arg[LENPOS] = 0x02; //LEN
+               c.d.asBytes[0] = GET_KEY_VERSION; //0x64
+               c.d.asBytes[1] = 0x00;
+               SendCommand(&c);
+               if ( !WaitForResponseTimeout(CMD_ACK,&resp,1000) ) {
+                       return;
+               }
+               isOK  = resp.arg[0] & 0xff;
+               if ( !isOK ){
+                       PrintAndLog("   Can't read key-version");
+                       return;
+               }
+               PrintAndLog("");
+               PrintAndLog("   Max number of keys       : %d", resp.d.asBytes[4]);
+               PrintAndLog("   Master key Version       : %d (0x%02x)", resp.d.asBytes[3], resp.d.asBytes[3]);
+               PrintAndLog("   ----------------------------------------------------------");
+               
+               c.arg[LENPOS] = 0x02; //LEN
+               c.d.asBytes[0] = AUTHENTICATE; //0x0A
+               c.d.asBytes[1] = 0x00; // KEY 0
+               SendCommand(&c);
+               if ( !WaitForResponseTimeout(CMD_ACK,&resp,1000) ) {return;}
+               isOK  = resp.d.asBytes[2] & 0xff;
+               PrintAndLog("   [0x0A] Authenticate      : %s", ( isOK==0xAE ) ? "NO":"YES");
+
+               c.d.asBytes[0] = AUTHENTICATE_ISO; //0x1A
+               SendCommand(&c);
+               if ( !WaitForResponseTimeout(CMD_ACK,&resp,1000) ) {return;}
+               isOK  = resp.d.asBytes[2] & 0xff;
+               PrintAndLog("   [0x1A] Authenticate ISO  : %s", ( isOK==0xAE ) ? "NO":"YES");
+               
+               c.d.asBytes[0] = AUTHENTICATE_AES; //0xAA
+               SendCommand(&c);
+               if ( !WaitForResponseTimeout(CMD_ACK,&resp,1000) ) {return;}
+               isOK  = resp.d.asBytes[2] & 0xff;
+               PrintAndLog("   [0xAA] Authenticate AES  : %s", ( isOK==0xAE ) ? "NO":"YES");
+               PrintAndLog("");
+               PrintAndLog("   ----------------------------------------------------------");
+               
+       } else {
+               PrintAndLog(" AMK - Application Master Key settings");
+               
+               // SELECT AID
+               c.arg[0] = (INIT | CLEARTRACE);
+               c.arg[LENPOS] = 0x04;
+               c.d.asBytes[0] = SELECT_APPLICATION;  // 0x5a
+               memcpy(c.d.asBytes+1, aid, 3);
+               SendCommand(&c);
+               
+               if (!WaitForResponseTimeout(CMD_ACK,&resp,1500) ) {
+                       PrintAndLog("   Timed-out");
+                       return;
+               } 
+               isOK  = resp.arg[0] & 0xff;
+               if ( !isOK ){
+                       PrintAndLog("   Can't select AID: %s",sprint_hex(aid,3));       
+                       return;
+               }               
+               
+               // KEY SETTINGS
+               options = NONE;
+               c.arg[0] = options;
+               c.arg[LENPOS] = 0x01;
+               c.d.asBytes[0] = GET_KEY_SETTINGS; // 0x45              
+               SendCommand(&c);
+               if ( !WaitForResponseTimeout(CMD_ACK,&resp,1500) ) {
+                       return;
+               }
+               isOK  = resp.arg[0] & 0xff;
+               if ( !isOK ){
+                       PrintAndLog("   Can't read Application Master key settings");
+               } else {
+                       // Access rights.
+                       uint8_t rights = (resp.d.asBytes[3] >> 4 & 0xff);
+                       switch (rights){
+                               case 0x00:
+                                       str = "AMK authentication is necessary to change any key (default)";
+                                       break;
+                               case 0x0e:
+                                       str = "Authentication with the key to be changed (same KeyNo) is necessary to change a key";
+                                       break;
+                               case 0x0f:
+                                       str = "All keys (except AMK,see Bit0) within this application are frozen";
+                                       break;
+                               default:
+                                       str = "Authentication with the specified key is necessary to change any ley. A change key and a PICC master key (CMK) can only be changed after authentication with the master key. For keys other then the master or change key, an authentication with the same key is needed.";
+                                       break;
+                       }
+                       PrintAndLog("Changekey Access rights");
+                       PrintAndLog("-- %s",str);
+                       PrintAndLog("");        
+                       // same as CMK
+                       str = (resp.d.asBytes[3] & (1 << 3 )) ? "YES":"NO";     
+                       PrintAndLog("   0x08 Configuration changeable       : %s", str);
+                       str = (resp.d.asBytes[3] & (1 << 2 )) ? "NO":"YES";
+                       PrintAndLog("   0x04 AMK required for create/delete : %s",str);
+                       str = (resp.d.asBytes[3] & (1 << 1 )) ? "NO":"YES";
+                       PrintAndLog("   0x02 Directory list access with AMK : %s",str);
+                       str = (resp.d.asBytes[3] & (1 << 0 )) ? "YES" : "NO";
+                       PrintAndLog("   0x01 AMK is changeable              : %s", str);
+               }
+               
+               // KEY VERSION  - AMK 
+               c.arg[0] = NONE;
+               c.arg[LENPOS] = 0x02;
+               c.d.asBytes[0] = GET_KEY_VERSION; //0x64
+               c.d.asBytes[1] = 0x00;
+               SendCommand(&c);
+               if ( !WaitForResponseTimeout(CMD_ACK,&resp,1500) ) {
+                       PrintAndLog("   Timed-out");
+                       return;
+               }
+               
+               int numOfKeys;
+               
+               isOK  = resp.arg[0] & 0xff;
+               if ( !isOK ){
+                       PrintAndLog("   Can't read Application Master key version. Trying all keys");
+                       numOfKeys = MAX_NUM_KEYS;
+               }
+               else{
+                       numOfKeys = resp.d.asBytes[4];
+                       PrintAndLog("");
+                       PrintAndLog("     Max number of keys  : %d", numOfKeys );
+                       PrintAndLog("     Application Master key Version  : %d (0x%02x)", resp.d.asBytes[3], resp.d.asBytes[3]);
+                       PrintAndLog("-------------------------------------------------------------");                   
+               }
+               
+               // LOOP over numOfKeys that we got before. 
+               // From 0x01 to numOfKeys.  We already got 0x00. (AMK)
+               for(int i=0x01; i<=0x0f; ++i){
+                                       
+               }
+               
+               
+       }
+}
+
+int CmdHF14ADesEnumApplications(const char *Cmd){
        
        
-       options |= INIT;
-       options  |= DISCONNECT;
+       uint8_t isOK = 0x00;
+       uint8_t aid[3];
+       uint32_t options = (INIT | DISCONNECT);
        
        UsbCommand c = {CMD_MIFARE_DESFIRE, {options , 0x01 }};
        c.d.asBytes[0] = GET_APPLICATION_IDS;  //0x6a
        
        UsbCommand c = {CMD_MIFARE_DESFIRE, {options , 0x01 }};
        c.d.asBytes[0] = GET_APPLICATION_IDS;  //0x6a
+       
     SendCommand(&c);
        UsbCommand resp;
                
        if ( !WaitForResponseTimeout(CMD_ACK,&resp,1500) ) {
                return 0;
        }  
     SendCommand(&c);
        UsbCommand resp;
                
        if ( !WaitForResponseTimeout(CMD_ACK,&resp,1500) ) {
                return 0;
        }  
-       
-       uint8_t isOK  = resp.arg[0] & 0xff;
+       isOK  = resp.arg[0] & 0xff;
        if ( !isOK ){
                PrintAndLog("Command unsuccessful");
                return 0;
        } 
        if ( !isOK ){
                PrintAndLog("Command unsuccessful");
                return 0;
        } 
-       
-       PrintAndLog("---Desfire Enum Applications --------------------------------");
+       PrintAndLog("");        
+       PrintAndLog("-- Desfire Enumerate Applications ---------------------------");
        PrintAndLog("-------------------------------------------------------------");
 
        UsbCommand respAid;
        PrintAndLog("-------------------------------------------------------------");
 
        UsbCommand respAid;
@@ -331,47 +467,73 @@ int CmdHF14ADesEnumApplications(const char *Cmd){
                PrintAndLog(" Aid %d : %02X %02X %02X ",num ,resp.d.asBytes[i],resp.d.asBytes[i+1],resp.d.asBytes[i+2]);
                num++;
                
                PrintAndLog(" Aid %d : %02X %02X %02X ",num ,resp.d.asBytes[i],resp.d.asBytes[i+1],resp.d.asBytes[i+2]);
                num++;
                
-               options = INIT;
-
-               UsbCommand cAid = {CMD_MIFARE_DESFIRE, { options, 0x04 }};
-               cAid.d.asBytes[0] = SELECT_APPLICATION;  // 0x5a
-               cAid.d.asBytes[1] = resp.d.asBytes[i];
-               cAid.d.asBytes[2] = resp.d.asBytes[i+1];                
-               cAid.d.asBytes[3] = resp.d.asBytes[i+2];
-               SendCommand(&cAid);
+               aid[0] = resp.d.asBytes[i];
+               aid[1] = resp.d.asBytes[i+1];
+               aid[2] = resp.d.asBytes[i+2];
+               GetKeySettings(aid);
+               
+               // Select Application
+               c.arg[CMDPOS] = INIT;
+               c.arg[LENPOS] = 0x04; 
+               c.d.asBytes[0] = SELECT_APPLICATION;  // 0x5a
+               c.d.asBytes[1] = resp.d.asBytes[i];
+               c.d.asBytes[2] = resp.d.asBytes[i+1];           
+               c.d.asBytes[3] = resp.d.asBytes[i+2];
+               SendCommand(&c);
                
                if (!WaitForResponseTimeout(CMD_ACK,&respAid,1500) ) {
                        PrintAndLog("   Timed-out");
                        continue;
                } 
                
                if (!WaitForResponseTimeout(CMD_ACK,&respAid,1500) ) {
                        PrintAndLog("   Timed-out");
                        continue;
                } 
-               uint8_t isOK  = respAid.arg[0] & 0xff;
-               if ( !isOK ){
+               isOK  = respAid.d.asBytes[2] & 0xff;
+               if ( isOK != 0x00 ){
                        PrintAndLog("   Can't select AID: %s",sprint_hex(resp.d.asBytes+i,3));  
                        continue;
                }
        
                        PrintAndLog("   Can't select AID: %s",sprint_hex(resp.d.asBytes+i,3));  
                        continue;
                }
        
-               options = DISCONNECT;
-               UsbCommand cFiles = {CMD_MIFARE_DESFIRE, { options, 0x01 }};
-               cFiles.d.asBytes[0] = GET_FILE_IDS; // 0x6f
-               SendCommand(&cFiles);
+               // Get File IDs
+               c.arg[CMDPOS] = NONE;
+               c.arg[LENPOS] = 0x01;
+               c.d.asBytes[0] = GET_FILE_IDS; // 0x6f
+               SendCommand(&c);
                
                if ( !WaitForResponseTimeout(CMD_ACK,&respFiles,1500) ) {
                        PrintAndLog("   Timed-out");
                        continue;
                } else {
                
                if ( !WaitForResponseTimeout(CMD_ACK,&respFiles,1500) ) {
                        PrintAndLog("   Timed-out");
                        continue;
                } else {
-               
-                       uint8_t isOK  = respFiles.arg[0] & 0xff;
+                       isOK  = respFiles.d.asBytes[2] & 0xff;
                        if ( !isOK ){
                        if ( !isOK ){
-                               PrintAndLog("   No files found");
-                               continue;
+                               PrintAndLog("   Can't get file ids ");
+                       } else {                        
+                               int respfileLen = resp.arg[1]-3-2;                      
+                               for (int j=0; j< respfileLen; ++j){
+                                       PrintAndLog("   Fileid %d :", resp.d.asBytes[j+3]);
+                               }
                        }
                        }
+               }
+               
+               // Get ISO File IDs
+               c.arg[CMDPOS] = DISCONNECT;
+               c.arg[LENPOS] = 0x01;
+               c.d.asBytes[0] = GET_ISOFILE_IDS; // 0x61
+               SendCommand(&c);
                
                
-                       int respfileLen = resp.arg[1]-3-2;                      
-                       for (int j=0; j< respfileLen; ++j){
-                               PrintAndLog("   Fileid %d :", resp.d.asBytes[j+3]);
+               if ( !WaitForResponseTimeout(CMD_ACK,&respFiles,1500) ) {
+                       PrintAndLog("   Timed-out");
+                       continue;
+               } else {
+                       isOK  = respFiles.d.asBytes[2] & 0xff;
+                       if ( !isOK ){
+                               PrintAndLog("   Can't get ISO file ids ");
+                       } else {                        
+                               int respfileLen = resp.arg[1]-3-2;                      
+                               for (int j=0; j< respfileLen; ++j){
+                                       PrintAndLog(" ISO  Fileid %d :", resp.d.asBytes[j+3]);
+                               }
                        }
                }
                
                        }
                }
                
+               
        }
        PrintAndLog("-------------------------------------------------------------");
        
        }
        PrintAndLog("-------------------------------------------------------------");
        
@@ -379,14 +541,9 @@ int CmdHF14ADesEnumApplications(const char *Cmd){
        return 1;
 }
 
        return 1;
 }
 
-int CmdHF14ADesNonces(const char *Cmd){
-       return 1;
-}
-
-//
 // MIAFRE DesFire Authentication
 //
 // MIAFRE DesFire Authentication
 //
-#define BUFSIZE 64 
+#define BUFSIZE 256 
 int CmdHF14ADesAuth(const char *Cmd){
     
        // NR  DESC             KEYLENGHT
 int CmdHF14ADesAuth(const char *Cmd){
     
        // NR  DESC             KEYLENGHT
@@ -395,22 +552,19 @@ int CmdHF14ADesAuth(const char *Cmd){
        // 2 = 3DES             16
        // 3 = 3K 3DES  24
        // 4 = AES              16
        // 2 = 3DES             16
        // 3 = 3K 3DES  24
        // 4 = AES              16
-       
-       // AUTHENTICTION MODES:
-       // 1 Normal
-       // 2 ISO
-       // 3 AES
-       
+
        uint8_t keylength = 8;
        uint8_t keylength = 8;
-       //unsigned char testinput[] = { 0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,0x99,0xaa,0xbb,0xcc,0xdd,0xee,0xff,0x00};
-       unsigned char key[24]; // =       { 0x75,0x28,0x78,0x39,0x74,0x93,0xCB,0x70};   
+       unsigned char key[24];  
        
     if (strlen(Cmd)<3) {
         PrintAndLog("Usage:  hf mfdes auth <1|2|3> <1|2|3|4> <keyno> <key> ");
        
     if (strlen(Cmd)<3) {
         PrintAndLog("Usage:  hf mfdes auth <1|2|3> <1|2|3|4> <keyno> <key> ");
-               PrintAndLog("               AUTH modes 1 = normal, 2 = iso, 3 = aes");
-               PrintAndLog("               Crypto: 1 = DES 2 = 3DES 3 = 3K3DES 4 = AES");
-               PrintAndLog("               keynumber");
+               PrintAndLog("               Auth modes");
+               PrintAndLog("                 1 = normal, 2 = iso, 3 = aes");
+               PrintAndLog("               Crypto");
+               PrintAndLog("                 1 = DES 2 = 3DES 3 = 3K3DES 4 = AES");
+               PrintAndLog("");
         PrintAndLog("        sample: hf mfdes auth 1 1 0 11223344");
         PrintAndLog("        sample: hf mfdes auth 1 1 0 11223344");
+               PrintAndLog("        sample: hf mfdes auth 3 4 0 404142434445464748494a4b4c4d4e4f");
         return 0;
     } 
        uint8_t cmdAuthMode     = param_get8(Cmd,0);
         return 0;
     } 
        uint8_t cmdAuthMode     = param_get8(Cmd,0);
@@ -473,66 +627,51 @@ int CmdHF14ADesAuth(const char *Cmd){
        
        c.d.asBytes[0] = keylength;
        memcpy(c.d.asBytes+1, key, keylength);
        
        c.d.asBytes[0] = keylength;
        memcpy(c.d.asBytes+1, key, keylength);
-       //memcpy(c.d.asBytes + 30, testinput, keylength);
-       
+       clearCommandBuffer();
     SendCommand(&c);
        UsbCommand resp;
        
     SendCommand(&c);
        UsbCommand resp;
        
-       if (WaitForResponseTimeout(CMD_ACK,&resp,3000)) {
-               uint8_t isOK  = resp.arg[0] & 0xff;
-               PrintAndLog("isOk:%02x", isOK);
-
-       } else {
-               PrintAndLog("Command execute timeout");
+       if (!WaitForResponseTimeout(CMD_ACK,&resp,3000)) {
+               PrintAndLog("Client command execute timeout");
                return 0;
        }  
 
                return 0;
        }  
 
-       uint8_t * data= resp.d.asBytes;
+       uint8_t isOK  = resp.arg[0] & 0xff;
+       if ( isOK) {
+               uint8_t * data= resp.d.asBytes;
                
                
-       // PrintAndLog("-------------------------------------------------------------");
-        PrintAndLog("  Key        :%s",sprint_hex(key, keylength));
-       // PrintAndLog("  Plain      :%s",sprint_hex(testinput, keylength));
-       PrintAndLog("  Encoded    :%s",sprint_hex(data, keylength));
-       PrintAndLog("-------------------------------------------------------------");
-       //PrintAndLog("  Expected   :B5 21 9E E8 1A A7 49 9D 21 96 68 7E 13 97 38 56");
-       
+               PrintAndLog("  Key        :%s",sprint_hex(key, keylength));
+               PrintAndLog("  SESSION    :%s",sprint_hex(data, keylength));
+               PrintAndLog("-------------------------------------------------------------");
+               //PrintAndLog("  Expected   :B5 21 9E E8 1A A7 49 9D 21 96 68 7E 13 97 38 56");
+       } else{
+               PrintAndLog("Client command failed.");
+       }
+       PrintAndLog("-------------------------------------------------------------");   
     return 1;
 }
 
 
     return 1;
 }
 
 
-static void xor(unsigned char * dst, unsigned char * src, size_t len) {
-   for( ; len > 0; len--,dst++,src++)
-       *dst ^= *src;
-}
-
-static int32_t le24toh (uint8_t data[3]) {
-    return (data[2] << 16) | (data[1] << 8) | data[0];
-}
-
-static command_t CommandTable[] =
-{
+static command_t CommandTable[] = {
   {"help",             CmdHelp,                                        1, "This help"},
   {"help",             CmdHelp,                                        1, "This help"},
-  {"auth",             CmdHF14ADesAuth,                        0, "Tries a MIFARE DesFire Authentication"},
-  {"rb",               CmdHF14ADesRb,                          0, "Read MIFARE DesFire block"},
-  {"wb",               CmdHF14ADesWb,                          0, "write MIFARE DesFire block"},
   {"info",             CmdHF14ADesInfo,                        0, "Get MIFARE DesFire information"},
   {"enum",             CmdHF14ADesEnumApplications,0, "Tries enumerate all applications"},
   {"info",             CmdHF14ADesInfo,                        0, "Get MIFARE DesFire information"},
   {"enum",             CmdHF14ADesEnumApplications,0, "Tries enumerate all applications"},
-  {"nonce",            CmdHF14ADesNonces,                      0, "<n> Collect n>0 nonces"},
+  {"auth",             CmdHF14ADesAuth,                        0, "Tries a MIFARE DesFire Authentication"},
+  {"rdbl",             CmdHF14ADesRb,                          0, "Read MIFARE DesFire block"},
+  {"wrbl",             CmdHF14ADesWb,                          0, "write MIFARE DesFire block"},
   {NULL, NULL, 0, NULL}
 };
 
   {NULL, NULL, 0, NULL}
 };
 
-int CmdHFMFDes(const char *Cmd)
-{
+int CmdHFMFDes(const char *Cmd) {
    // flush
    // flush
-   WaitForResponseTimeout(CMD_ACK,NULL,100);
-   CmdsParse(CommandTable, Cmd);
-  return 0;
+       clearCommandBuffer();
+       CmdsParse(CommandTable, Cmd);
+       return 0;
 }
 
 }
 
-int CmdHelp(const char *Cmd)
-{
-  CmdsHelp(CommandTable);
-  return 0;
+int CmdHelp(const char *Cmd) {
+       CmdsHelp(CommandTable);
+       return 0;
 }
 
 
 }
 
 
Impressum, Datenschutz