]> cvs.zerfleddert.de Git - proxmark3-svn/blobdiff - client/mifarehost.c
FIX: maybe I should actually send the uid bytes with the command request....
[proxmark3-svn] / client / mifarehost.c
index 03951e2de071bdbcb6f8133855082566999ec5c9..ed62bcee78f03ee1f8831aa04a14f33365793480 100644 (file)
@@ -41,11 +41,11 @@ typedef
                union {\r
                        struct Crypto1State *slhead;\r
                        uint64_t *keyhead;\r
                union {\r
                        struct Crypto1State *slhead;\r
                        uint64_t *keyhead;\r
-               };\r
+               } head;\r
                union {\r
                        struct Crypto1State *sltail;\r
                        uint64_t *keytail;\r
                union {\r
                        struct Crypto1State *sltail;\r
                        uint64_t *keytail;\r
-               };\r
+               } tail;\r
                uint32_t len;\r
                uint32_t uid;\r
                uint32_t blockNo;\r
                uint32_t len;\r
                uint32_t uid;\r
                uint32_t blockNo;\r
@@ -61,13 +61,13 @@ void* nested_worker_thread(void *arg)
        struct Crypto1State *p1;\r
        StateList_t *statelist = arg;\r
 \r
        struct Crypto1State *p1;\r
        StateList_t *statelist = arg;\r
 \r
-       statelist->slhead = lfsr_recovery32(statelist->ks1, statelist->nt ^ statelist->uid);\r
-       for (p1 = statelist->slhead; *(uint64_t *)p1 != 0; p1++);\r
-       statelist->len = p1 - statelist->slhead;\r
-       statelist->sltail = --p1;\r
-       qsort(statelist->slhead, statelist->len, sizeof(uint64_t), Compare16Bits);\r
+       statelist->head.slhead = lfsr_recovery32(statelist->ks1, statelist->nt ^ statelist->uid);\r
+       for (p1 = statelist->head.slhead; *(uint64_t *)p1 != 0; p1++);\r
+       statelist->len = p1 - statelist->head.slhead;\r
+       statelist->tail.sltail = --p1;\r
+       qsort(statelist->head.slhead, statelist->len, sizeof(uint64_t), Compare16Bits);\r
        \r
        \r
-       return statelist->slhead;\r
+       return statelist->head.slhead;\r
 }\r
 \r
 \r
 }\r
 \r
 \r
@@ -122,27 +122,27 @@ int mfnested(uint8_t blockNo, uint8_t keyType, uint8_t * key, uint8_t trgBlockNo
        \r
        // wait for threads to terminate:\r
        for (i = 0; i < 2; i++) {\r
        \r
        // wait for threads to terminate:\r
        for (i = 0; i < 2; i++) {\r
-               pthread_join(thread_id[i], (void*)&statelists[i].slhead);\r
+               pthread_join(thread_id[i], (void*)&statelists[i].head.slhead);\r
        }\r
 \r
 \r
        // the first 16 Bits of the cryptostate already contain part of our key.\r
        // Create the intersection of the two lists based on these 16 Bits and\r
        // roll back the cryptostate\r
        }\r
 \r
 \r
        // the first 16 Bits of the cryptostate already contain part of our key.\r
        // Create the intersection of the two lists based on these 16 Bits and\r
        // roll back the cryptostate\r
-       p1 = p3 = statelists[0].slhead; \r
-       p2 = p4 = statelists[1].slhead;\r
-       while (p1 <= statelists[0].sltail && p2 <= statelists[1].sltail) {\r
+       p1 = p3 = statelists[0].head.slhead; \r
+       p2 = p4 = statelists[1].head.slhead;\r
+       while (p1 <= statelists[0].tail.sltail && p2 <= statelists[1].tail.sltail) {\r
                if (Compare16Bits(p1, p2) == 0) {\r
                        struct Crypto1State savestate, *savep = &savestate;\r
                        savestate = *p1;\r
                if (Compare16Bits(p1, p2) == 0) {\r
                        struct Crypto1State savestate, *savep = &savestate;\r
                        savestate = *p1;\r
-                       while(Compare16Bits(p1, savep) == 0 && p1 <= statelists[0].sltail) {\r
+                       while(Compare16Bits(p1, savep) == 0 && p1 <= statelists[0].tail.sltail) {\r
                                *p3 = *p1;\r
                                lfsr_rollback_word(p3, statelists[0].nt ^ statelists[0].uid, 0);\r
                                p3++;\r
                                p1++;\r
                        }\r
                        savestate = *p2;\r
                                *p3 = *p1;\r
                                lfsr_rollback_word(p3, statelists[0].nt ^ statelists[0].uid, 0);\r
                                p3++;\r
                                p1++;\r
                        }\r
                        savestate = *p2;\r
-                       while(Compare16Bits(p2, savep) == 0 && p2 <= statelists[1].sltail) {\r
+                       while(Compare16Bits(p2, savep) == 0 && p2 <= statelists[1].tail.sltail) {\r
                                *p4 = *p2;\r
                                lfsr_rollback_word(p4, statelists[1].nt ^ statelists[1].uid, 0);\r
                                p4++;\r
                                *p4 = *p2;\r
                                lfsr_rollback_word(p4, statelists[1].nt ^ statelists[1].uid, 0);\r
                                p4++;\r
@@ -156,20 +156,20 @@ int mfnested(uint8_t blockNo, uint8_t keyType, uint8_t * key, uint8_t trgBlockNo
        }\r
        p3->even = 0; p3->odd = 0;\r
        p4->even = 0; p4->odd = 0;\r
        }\r
        p3->even = 0; p3->odd = 0;\r
        p4->even = 0; p4->odd = 0;\r
-       statelists[0].len = p3 - statelists[0].slhead;\r
-       statelists[1].len = p4 - statelists[1].slhead;\r
-       statelists[0].sltail=--p3;\r
-       statelists[1].sltail=--p4;\r
+       statelists[0].len = p3 - statelists[0].head.slhead;\r
+       statelists[1].len = p4 - statelists[1].head.slhead;\r
+       statelists[0].tail.sltail=--p3;\r
+       statelists[1].tail.sltail=--p4;\r
 \r
        // the statelists now contain possible keys. The key we are searching for must be in the\r
        // intersection of both lists. Create the intersection:\r
 \r
        // the statelists now contain possible keys. The key we are searching for must be in the\r
        // intersection of both lists. Create the intersection:\r
-       qsort(statelists[0].keyhead, statelists[0].len, sizeof(uint64_t), compar_int);\r
-       qsort(statelists[1].keyhead, statelists[1].len, sizeof(uint64_t), compar_int);\r
+       qsort(statelists[0].head.keyhead, statelists[0].len, sizeof(uint64_t), compar_int);\r
+       qsort(statelists[1].head.keyhead, statelists[1].len, sizeof(uint64_t), compar_int);\r
 \r
        uint64_t *p5, *p6, *p7;\r
 \r
        uint64_t *p5, *p6, *p7;\r
-       p5 = p7 = statelists[0].keyhead; \r
-       p6 = statelists[1].keyhead;\r
-       while (p5 <= statelists[0].keytail && p6 <= statelists[1].keytail) {\r
+       p5 = p7 = statelists[0].head.keyhead; \r
+       p6 = statelists[1].head.keyhead;\r
+       while (p5 <= statelists[0].tail.keytail && p6 <= statelists[1].tail.keytail) {\r
                if (compar_int(p5, p6) == 0) {\r
                        *p7++ = *p5++;\r
                        p6++;\r
                if (compar_int(p5, p6) == 0) {\r
                        *p7++ = *p5++;\r
                        p6++;\r
@@ -179,15 +179,15 @@ int mfnested(uint8_t blockNo, uint8_t keyType, uint8_t * key, uint8_t trgBlockNo
                        while (compar_int(p5, p6) == 1) p6++;\r
                }\r
        }\r
                        while (compar_int(p5, p6) == 1) p6++;\r
                }\r
        }\r
-       statelists[0].len = p7 - statelists[0].keyhead;\r
-       statelists[0].keytail=--p7;\r
+       statelists[0].len = p7 - statelists[0].head.keyhead;\r
+       statelists[0].tail.keytail=--p7;\r
 \r
        memset(resultKey, 0, 6);\r
        // The list may still contain several key candidates. Test each of them with mfCheckKeys\r
        for (i = 0; i < statelists[0].len; i++) {\r
                uint8_t keyBlock[6];\r
                uint64_t key64;\r
 \r
        memset(resultKey, 0, 6);\r
        // The list may still contain several key candidates. Test each of them with mfCheckKeys\r
        for (i = 0; i < statelists[0].len; i++) {\r
                uint8_t keyBlock[6];\r
                uint64_t key64;\r
-               crypto1_get_lfsr(statelists[0].slhead + i, &key64);\r
+               crypto1_get_lfsr(statelists[0].head.slhead + i, &key64);\r
                num_to_bytes(key64, 6, keyBlock);\r
                key64 = 0;\r
                if (!mfCheckKeys(statelists[0].blockNo, statelists[0].keyType, 1, keyBlock, &key64)) {\r
                num_to_bytes(key64, 6, keyBlock);\r
                key64 = 0;\r
                if (!mfCheckKeys(statelists[0].blockNo, statelists[0].keyType, 1, keyBlock, &key64)) {\r
@@ -196,8 +196,8 @@ int mfnested(uint8_t blockNo, uint8_t keyType, uint8_t * key, uint8_t trgBlockNo
                }\r
        }\r
        \r
                }\r
        }\r
        \r
-       free(statelists[0].slhead);\r
-       free(statelists[1].slhead);\r
+       free(statelists[0].head.slhead);\r
+       free(statelists[1].head.slhead);\r
        \r
        return 0;\r
 }\r
        \r
        return 0;\r
 }\r
@@ -296,7 +296,7 @@ static uint8_t trailerAccessBytes[4] = {0x08, 0x77, 0x8F, 0x00};
 // variables\r
 char logHexFileName[200] = {0x00};\r
 static uint8_t traceCard[4096] = {0x00};\r
 // variables\r
 char logHexFileName[200] = {0x00};\r
 static uint8_t traceCard[4096] = {0x00};\r
-static char traceFileName[20];\r
+static char traceFileName[200] = {0x00};\r
 static int traceState = TRACE_IDLE;\r
 static uint8_t traceCurBlock = 0;\r
 static uint8_t traceCurKey = 0;\r
 static int traceState = TRACE_IDLE;\r
 static uint8_t traceCurBlock = 0;\r
 static uint8_t traceCurKey = 0;\r
@@ -449,7 +449,7 @@ int mfTraceDecode(uint8_t *data_src, int len, uint32_t parity, bool wantSaveToEm
                }\r
                \r
                // AUTHENTICATION\r
                }\r
                \r
                // AUTHENTICATION\r
-               if ((len ==4) && ((data[0] == 0x60) || (data[0] == 0x61))) {\r
+               if ((len == 4) && ((data[0] == 0x60) || (data[0] == 0x61))) {\r
                        traceState = TRACE_AUTH1;\r
                        traceCurBlock = data[1];\r
                        traceCurKey = data[0] == 60 ? 1:0;\r
                        traceState = TRACE_AUTH1;\r
                        traceCurBlock = data[1];\r
                        traceCurKey = data[0] == 60 ? 1:0;\r
@@ -497,7 +497,7 @@ int mfTraceDecode(uint8_t *data_src, int len, uint32_t parity, bool wantSaveToEm
        break;\r
 \r
        case TRACE_WRITE_OK: \r
        break;\r
 \r
        case TRACE_WRITE_OK: \r
-               if ((len == 1) && (data[0] = 0x0a)) {\r
+               if ((len == 1) && (data[0] == 0x0a)) {\r
                        traceState = TRACE_WRITE_DATA;\r
 \r
                        return 0;\r
                        traceState = TRACE_WRITE_DATA;\r
 \r
                        return 0;\r
@@ -555,23 +555,14 @@ int mfTraceDecode(uint8_t *data_src, int len, uint32_t parity, bool wantSaveToEm
                        at_par = parity;\r
                        \r
                        //  decode key here)\r
                        at_par = parity;\r
                        \r
                        //  decode key here)\r
-                       if (!traceCrypto1) {\r
-                               ks2 = ar_enc ^ prng_successor(nt, 64);\r
-                               ks3 = at_enc ^ prng_successor(nt, 96);\r
-                               revstate = lfsr_recovery64(ks2, ks3);\r
-                               lfsr_rollback_word(revstate, 0, 0);\r
-                               lfsr_rollback_word(revstate, 0, 0);\r
-                               lfsr_rollback_word(revstate, nr_enc, 1);\r
-                               lfsr_rollback_word(revstate, uid ^ nt, 0);\r
-                       }else{\r
-                               ks2 = ar_enc ^ prng_successor(nt, 64);\r
-                               ks3 = at_enc ^ prng_successor(nt, 96);\r
-                               revstate = lfsr_recovery64(ks2, ks3);\r
-                               lfsr_rollback_word(revstate, 0, 0);\r
-                               lfsr_rollback_word(revstate, 0, 0);\r
-                               lfsr_rollback_word(revstate, nr_enc, 1);\r
-                               lfsr_rollback_word(revstate, uid ^ nt, 0);\r
-                       }\r
+                       ks2 = ar_enc ^ prng_successor(nt, 64);\r
+                       ks3 = at_enc ^ prng_successor(nt, 96);\r
+                       revstate = lfsr_recovery64(ks2, ks3);\r
+                       lfsr_rollback_word(revstate, 0, 0);\r
+                       lfsr_rollback_word(revstate, 0, 0);\r
+                       lfsr_rollback_word(revstate, nr_enc, 1);\r
+                       lfsr_rollback_word(revstate, uid ^ nt, 0);\r
+\r
                        crypto1_get_lfsr(revstate, &lfsr);\r
                        printf("key> %x%x\n", (unsigned int)((lfsr & 0xFFFFFFFF00000000) >> 32), (unsigned int)(lfsr & 0xFFFFFFFF));\r
                        AddLogUint64(logHexFileName, "key> ", lfsr); \r
                        crypto1_get_lfsr(revstate, &lfsr);\r
                        printf("key> %x%x\n", (unsigned int)((lfsr & 0xFFFFFFFF00000000) >> 32), (unsigned int)(lfsr & 0xFFFFFFFF));\r
                        AddLogUint64(logHexFileName, "key> ", lfsr); \r
Impressum, Datenschutz