X-Git-Url: http://cvs.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/f07ffa7672ccff152875a5560fd7d2e3edbd6165..d06c81b7c89b610a5fee5e1f200c65d93f4320f6:/client/cmdhfmfhard.c

diff --git a/client/cmdhfmfhard.c b/client/cmdhfmfhard.c
index 58bfbf04..3fed7c95 100644
--- a/client/cmdhfmfhard.c
+++ b/client/cmdhfmfhard.c
@@ -165,14 +165,17 @@ static int add_nonce(uint32_t nonce_enc, uint8_t par_enc)
 		} else {					// add new entry at end of existing list.
 			p2 = p2->next = malloc(sizeof(noncelistentry_t));
 		}
-	} else if ((p1->nonce_enc & 0x00ff0000) != (nonce_enc & 0x00ff0000)) {				// found distinct 2nd byte. Need to insert.
+		if (p2 == NULL) return 0;							// memory allocation failed
+	}
+	else if ((p1->nonce_enc & 0x00ff0000) != (nonce_enc & 0x00ff0000)) {			// found distinct 2nd byte. Need to insert.
 		if (p2 == NULL) {			// need to insert at start of list
 			p2 = nonces[first_byte].first = malloc(sizeof(noncelistentry_t));
 		} else {
 			p2 = p2->next = malloc(sizeof(noncelistentry_t));
 		}
-	} else {											// we have seen this 2nd byte before. Nothing to add or insert. 
-		return (0);
+		if (p2 == NULL) return 0;							// memory allocation failed
+	} else {
+		return 0;									// we have seen this 2nd byte before. Nothing to add or insert.
 	}
 
 	// add or insert new data
@@ -189,7 +192,7 @@ static int add_nonce(uint32_t nonce_enc, uint8_t par_enc)
 	nonces[first_byte].Sum += evenparity32((nonce_enc & 0x00ff0000) | (par_enc & 0x04));
 	nonces[first_byte].updated = true;   // indicates that we need to recalculate the Sum(a8) probability for this first byte
 
-	return (1);				// new nonce added
+	return 1;				// new nonce added
 }
 
 static void init_nonce_memory(void)
@@ -762,20 +765,8 @@ static void simulate_acquire_nonces()
 		
 }
 
-static void	free_candidates_memory(statelist_t *sl)
-{
-	if (sl == NULL) {
-		return;
-	} else {
-		free_candidates_memory(sl->next);
-		free(sl);
-	}
-}
-
 static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBlockNo, uint8_t trgKeyType, bool nonce_file_write, bool slow)
 {
-	uint8_t three_in_row = 0;
-	uint8_t prev_best = 0;
 	clock_t time1 = clock();
 	bool initialize = true;
 	bool finished = false;
@@ -786,6 +777,7 @@ static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_
 	uint32_t next_fivehundred = 500;
 	uint32_t total_added_nonces = 0;
 	uint32_t idx = 1;
+	uint32_t timeout  = 0;
 	FILE *fnonces = NULL;
 	field_off = false;
 	UsbCommand resp;
@@ -798,8 +790,7 @@ static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_
 	do {
 	
 		flags = 0;
-		//flags |= initialize ? 0x0001 : 0;
-		flags |= 0x0001;
+		flags |= initialize ? 0x0001 : 0;
 		flags |= slow ? 0x0002 : 0;
 		flags |= field_off ? 0x0004 : 0;
 		c.arg[2] = flags;
@@ -809,10 +800,15 @@ static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_
 		
 		if (field_off) break;
 
-		if (!WaitForResponseTimeout(CMD_ACK, &resp, 6000)) {
-			if (fnonces) fclose(fnonces);
-			return 1;
-		}
+		while(!WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {
+			timeout++;
+			printf(".");
+			if (timeout > 3) {
+				PrintAndLog("\nNo response from Proxmark. Aborting...");
+				if (fnonces) fclose(fnonces);
+				return 1;
+			}
+		}		
 
 		if (resp.arg[0]) {
 			if (fnonces) fclose(fnonces);
@@ -878,31 +874,14 @@ static int acquire_nonces(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_
 					);				
 			}
 			
-			if ( num_good_first_bytes > 0 ) {
-				
-				if ( prev_best == best_first_bytes[0] ){
-					++three_in_row;
-				} else {
-					three_in_row = 0;
-				}
-				prev_best = best_first_bytes[0];
-				
-				//printf("GOOD BYTES: %s \n", sprint_hex(best_first_bytes, num_good_first_bytes) );
-				if ( total_added_nonces >= (NONCES_THRESHOLD * idx) || three_in_row >= 3) {
-					
-					bool cracking = generate_candidates(first_byte_Sum, nonces[best_first_bytes[0]].Sum8_guess);
-					if (cracking || known_target_key != -1) {
-						
-						UsbCommand cOff = {CMD_FPGA_MAJOR_MODE_OFF, {0,0,0} };
-						SendCommand(&cOff);
-						field_off = brute_force();
+			if (total_added_nonces >= (NONCES_THRESHOLD * idx)) {
+				if (num_good_first_bytes > 0) {
+					if (generate_candidates(first_byte_Sum, nonces[best_first_bytes[0]].Sum8_guess) || known_target_key != -1) {
+						field_off = brute_force(); // switch off field with next SendCommand and then finish
 					}
-					three_in_row = 0;
 				}
+				idx++;
 			}
-			
-			if ( total_added_nonces >= (NONCES_THRESHOLD * idx)) 
-					++idx;
 		}
 	} while (!finished);
 
@@ -1269,11 +1248,7 @@ static bool TestIfKeyExists(uint64_t key)
 	uint32_t state_odd = pcs->odd & 0x00ffffff;
 	uint32_t state_even = pcs->even & 0x00ffffff;
 	//printf("Tests: searching for key %llx after first byte 0x%02x (state_odd = 0x%06x, state_even = 0x%06x) ...\n", key, best_first_bytes[0], state_odd, state_even);
-	printf("Validating keysearch space\n");
-	if ( candidates == NULL ) {
-			printf("candidates list is NULL\n");
-			return false;
-	}
+	printf("Validating key search space\n");
 	uint64_t count = 0;
 	for (statelist_t *p = candidates; p != NULL; p = p->next) {
 		bool found_odd = false;
@@ -1400,6 +1375,16 @@ static bool generate_candidates(uint16_t sum_a0, uint16_t sum_a8)
 	return false;
 }
 
+static void free_candidates_memory(statelist_t *sl)
+{
+	if (sl == NULL) {
+		return;
+	} else {
+		free_candidates_memory(sl->next);
+		free(sl);
+	}
+}
+
 static void free_statelist_cache(void)
 {
 	for (uint16_t i = 0; i < 17; i+=2) {
@@ -1649,19 +1634,23 @@ static void* crack_states_thread(void* x){
             const uint64_t key = crack_states_bitsliced(bucket);
 
 			if (keys_found) break;
-			else if(key != -1 && TestIfKeyExists(key)) {
+			else if(key != -1) {
+				if (TestIfKeyExists(key)) {
                 __sync_fetch_and_add(&keys_found, 1);
 				__sync_fetch_and_add(&foundkey, key);
+					printf("*");
+					fflush(stdout);
                 break;
+				}
+				printf("!");
+				fflush(stdout);
             } else {				
                 printf(".");
 				fflush(stdout);
             }
         }
-
         current_bucket += thread_count;
     }
-
     return NULL;
 }
 
@@ -1740,12 +1729,14 @@ static bool brute_force(void) {
 	return ret;
 }
 
-int mfnestedhard(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBlockNo, uint8_t trgKeyType, uint8_t *trgkey, bool nonce_file_read, bool nonce_file_write, bool slow, int tests) 
+int mfnestedhard(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBlockNo, uint8_t trgKeyType, uint8_t *trgkey, bool nonce_file_read, bool nonce_file_write, bool slow, int tests, uint64_t *found_key) 
 {
 	// initialize Random number generator
 	time_t t;
 	srand((unsigned) time(&t));
 	
+	*found_key = 0;
+	
 	if (trgkey != NULL) {
 		known_target_key = bytes_to_num(trgkey, 6);
 	} else {
@@ -1797,6 +1788,10 @@ int mfnestedhard(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBloc
 		} else { // acquire nonces.
 			uint16_t is_OK = acquire_nonces(blockNo, keyType, key, trgBlockNo, trgKeyType, nonce_file_write, slow);
 			if (is_OK != 0) {
+				free_nonces_memory();
+				//free_statelist_cache();
+				free_candidates_memory(candidates);
+				candidates = NULL;
 				return is_OK;
 			}
 		}
@@ -1807,5 +1802,6 @@ int mfnestedhard(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBloc
 		free_candidates_memory(candidates);
 		candidates = NULL;
 	}
+	*found_key = foundkey;
 	return 0;
-}
+}
\ No newline at end of file