+ clock_t t1 = clock();
+
+ state = lfsr_common_prefix(nr, rr, ks3x, par);
+ lfsr_rollback_word(state, uid ^ nt, 0);
+ crypto1_get_lfsr(state, key);
+ crypto1_destroy(state);
+
+ t1 = clock() - t1;
+ if ( t1 > 0 ) PrintAndLog("Time in nonce2key: %.0f ticks \n", (float)t1);
+ return 0;
+}
+
+int compar_intA(const void * a, const void * b) {
+ if (*(int64_t*)b == *(int64_t*)a) return 0;
+ if (*(int64_t*)b > *(int64_t*)a) return 1;
+ return -1;
+}
+
+// call when PAR == 0, special attack? It seems to need two calls. with same uid, block, keytype
+int nonce2key_ex(uint8_t blockno, uint8_t keytype, uint32_t uid, uint32_t nt, uint32_t nr, uint64_t ks_info, uint64_t * key) {
+
+ struct Crypto1State *state;
+ uint32_t i, pos, key_count;
+ uint8_t ks3x[8];
+ uint64_t key_recovered;
+ int64_t *state_s;
+ static uint8_t last_blockno;
+ static uint8_t last_keytype;
+ static uint32_t last_uid;
+ static int64_t *last_keylist;