diff --git a/armsrc/LCD_disabled.c b/armsrc/LCD_disabled.c index 32a917928..97bf6da71 100644 --- a/armsrc/LCD_disabled.c +++ b/armsrc/LCD_disabled.c @@ -5,7 +5,7 @@ //----------------------------------------------------------------------------- // LCD code //----------------------------------------------------------------------------- -#include "LCD.h" +#include "LCD_disabled.h" void LCDSend(unsigned int data) { // 9th bit set for data, clear for command diff --git a/armsrc/buzzer_disabled.c b/armsrc/buzzer_disabled.c index 708b7d3f7..579ffaa4e 100644 --- a/armsrc/buzzer_disabled.c +++ b/armsrc/buzzer_disabled.c @@ -1,4 +1,4 @@ -#include "buzzer.h" +#include "buzzer_disabled.h" void Ring_BEE_ONCE(uint16_t music_note) { BEE_ON(); diff --git a/armsrc/desfire_crypto_disabled.c b/armsrc/desfire_crypto_disabled.c index d835a55d4..02896afa8 100644 --- a/armsrc/desfire_crypto_disabled.c +++ b/armsrc/desfire_crypto_disabled.c @@ -26,9 +26,7 @@ * May 2005 */ #include - -#include "desfire_crypto.h" - +#include "desfire_crypto_disabled.h" #include "crc32.h" #include "printf.h" #include "desfire.h" diff --git a/armsrc/fonts_disabled.c b/armsrc/fonts_disabled.c index 97079f48a..45a85e679 100644 --- a/armsrc/fonts_disabled.c +++ b/armsrc/fonts_disabled.c @@ -6,7 +6,7 @@ // Fonts for the LCD //----------------------------------------------------------------------------- -#include "fonts.h" +#include "fonts_disabled.h" const char FONT6x8[97][8] = { {0x06, 0x08, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00}, // columns, rows, bytes per char diff --git a/armsrc/hitag2crack.c b/armsrc/hitag2crack.c index d66f740bc..34d35ada6 100644 --- a/armsrc/hitag2crack.c +++ b/armsrc/hitag2crack.c @@ -11,7 +11,7 @@ // hitag2 attack functions //----------------------------------------------------------------------------- -#include "hitagcrypto.h" +#include "hitag2_crypto.h" #include "hitag2crack.h" #define READP0CMD "1100000111" diff --git a/armsrc/lfadc.c b/armsrc/lfadc.c index 32d1e73b6..0a85312bc 100644 --- a/armsrc/lfadc.c +++ b/armsrc/lfadc.c @@ -58,7 +58,7 @@ void lf_sample_mean(void) { periods++; } } - // division by 32 + // division by 32 adc_avg = adc_sum >> 5; if (DBGLEVEL >= DBG_EXTENDED) @@ -74,16 +74,16 @@ size_t lf_count_edge_periods_ex(size_t max, bool wait, bool detect_gap) { while (!BUTTON_PRESS()) { // only every 100th times, in order to save time when collecting samples. -/* - if (checked == 1000) { - if (data_available()) { - break; - } else { - checked = 0; - } - } - ++checked; -*/ + /* + if (checked == 1000) { + if (data_available()) { + break; + } else { + checked = 0; + } + } + ++checked; + */ WDT_HIT(); if (AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) { @@ -136,12 +136,12 @@ void lf_reset_counter() { // TODO: find out the correct reset settings for tag and reader mode // if (reader_mode) { - // Reset values for reader mode - rising_edge = false; - previous_adc_val = 0xFF; + // Reset values for reader mode + rising_edge = false; + previous_adc_val = 0xFF; // } else { - // Reset values for tag/transponder mode + // Reset values for tag/transponder mode // rising_edge = false; // previous_adc_val = 0xFF; // } @@ -179,7 +179,8 @@ void lf_init(bool reader, bool simulate) { // FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_EDGE_DETECT); FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC); else - FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC); + // Sniff + FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_EDGE_DETECT | FPGA_LF_EDGE_DETECT_TOGGLE_MODE); } @@ -249,18 +250,18 @@ size_t lf_detect_field_drop(size_t max) { while (!BUTTON_PRESS()) { -/* - // only every 1000th times, in order to save time when collecting samples. - if (checked == 1000) { - if (data_available()) { - checked = -1; - break; - } else { - checked = 0; - } - } - ++checked; -*/ + /* + // only every 1000th times, in order to save time when collecting samples. + if (checked == 1000) { + if (data_available()) { + checked = -1; + break; + } else { + checked = 0; + } + } + ++checked; + */ WDT_HIT(); diff --git a/armsrc/mifaredesfire.c b/armsrc/mifaredesfire.c index 06a3f3f8c..5b8ed289e 100644 --- a/armsrc/mifaredesfire.c +++ b/armsrc/mifaredesfire.c @@ -134,7 +134,7 @@ void MifareDesfireGetInformation() { return; } // add uid. - memcpy(payload.uid, card.uid, sizeof(card.uid)); + memcpy(payload.uid, card.uid, sizeof(payload.uid)); LED_A_ON(); uint8_t cmd[] = {GET_VERSION, 0x00, 0x00, 0x00}; diff --git a/armsrc/mifaresniff_disabled.c b/armsrc/mifaresniff_disabled.c index 799fd62be..6ccdc8e6c 100644 --- a/armsrc/mifaresniff_disabled.c +++ b/armsrc/mifaresniff_disabled.c @@ -8,7 +8,7 @@ // Routines to support mifare classic sniffer. //----------------------------------------------------------------------------- -#include "mifaresniff.h" +#include "mifaresniff_disabled.h" #ifndef CheckCrc14A # define CheckCrc14A(data, len) check_crc(CRC_14443_A, (data), (len)) diff --git a/client/cmdhfmfdes.c b/client/cmdhfmfdes.c index 5ab35a12d..7209a5a71 100644 --- a/client/cmdhfmfdes.c +++ b/client/cmdhfmfdes.c @@ -26,8 +26,32 @@ uint8_t key_ones_data[16] = { 0x01 }; uint8_t key_defa_data[16] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }; uint8_t key_picc_data[16] = { 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f }; + +typedef enum { + UNKNOWN = 0, + MF3ICD40, + EV1, + EV2, + LIGHT, +} desfire_cardtype_t; + + static int CmdHelp(const char *Cmd); +static desfire_cardtype_t getCardType(uint8_t major, uint8_t minor) { + + if (major == 0x00) + return MF3ICD40; + else if (major == 0x01 && minor == 0x00) + return EV1; + else if (major == 0x12 && minor == 0x00) + return EV2; + else if (major == 0x30 && minor == 0x00) + return LIGHT; + else + return UNKNOWN; +} + //ICEMAN: Turn on field method? //none static int test_desfire_authenticate() { @@ -95,11 +119,20 @@ static int get_desfire_freemem(uint32_t *free_mem) { // --- GET SIGNATURE -static int desfire_print_signature(uint8_t *uid, uint8_t *signature, size_t signature_len) { +static int desfire_print_signature(uint8_t *uid, uint8_t *signature, size_t signature_len, desfire_cardtype_t card_type) { + + uint8_t public_key; + if (card_type == LIGHT) + public_key = 0; + else if (card_type == EV2) + public_key = 1; + else + return PM3_EINVARG; + #define PUBLIC_DESFIRE_ECDA_KEYLEN 57 // ref: MIFARE Desfire Originality Signature Validation - uint8_t nxp_desfire_keys[1][PUBLIC_DESFIRE_ECDA_KEYLEN] = { + uint8_t nxp_desfire_keys[2][PUBLIC_DESFIRE_ECDA_KEYLEN] = { // DESFire Light { 0x04, 0x0E, 0x98, 0xE1, 0x17, 0xAA, 0xA3, 0x64, @@ -109,17 +142,26 @@ static int desfire_print_signature(uint8_t *uid, uint8_t *signature, size_t sign 0x7B, 0x94, 0x2A, 0x97, 0x74, 0xA1, 0xD9, 0x4A, 0xD0, 0x25, 0x72, 0x42, 0x7E, 0x5A, 0xE0, 0xA2, 0xDD, 0x36, 0x59, 0x1B, 0x1F, 0xB3, 0x4F, 0xCF, 0x3D - } + }, // DESFire Ev2 + { + 0x04, 0x8A, 0x9B, 0x38, 0x0A, 0xF2, 0xEE, 0x1B, + 0x98, 0xDC, 0x41, 0x7F, 0xEC, 0xC2, 0x63, 0xF8, + 0x44, 0x9C, 0x76, 0x25, 0xCE, 0xCE, 0x82, 0xD9, + 0xB9, 0x16, 0xC9, 0x92, 0xDA, 0x20, 0x9D, 0x68, + 0x42, 0x2B, 0x81, 0xEC, 0x20, 0xB6, 0x5A, 0x66, + 0xB5, 0x10, 0x2A, 0x61, 0x59, 0x6A, 0xF3, 0x37, + 0x92, 0x00, 0x59, 0x93, 0x16, 0xA0, 0x0A, 0x14, 0x10 + } }; - uint8_t public_key = 0; + int res = ecdsa_signature_r_s_verify(MBEDTLS_ECP_DP_SECP224R1, nxp_desfire_keys[public_key], uid, 7, signature, signature_len, false); bool is_valid = (res == 0); PrintAndLogEx(INFO, " Tag Signature"); - PrintAndLogEx(INFO, " IC signature public key name : NXP DESFire Light"); + PrintAndLogEx(INFO, " IC signature public key name : %s", (card_type == LIGHT) ? "NXP DESFire Light" : "NXP DESFire Ev2"); PrintAndLogEx(INFO, " IC signature public key value : %s", sprint_hex(nxp_desfire_keys[public_key], 16)); PrintAndLogEx(INFO, " : %s", sprint_hex(nxp_desfire_keys[public_key] + 16, 16)); PrintAndLogEx(INFO, " : %s", sprint_hex(nxp_desfire_keys[public_key] + 32, 16)); @@ -423,9 +465,10 @@ static int CmdHF14ADesInfo(const char *Cmd) { // Signature originality check uint8_t signature[56] = {0}; size_t signature_len = 0; + desfire_cardtype_t cardtype = getCardType(package->versionHW[3], package->versionHW[4]); if (get_desfire_signature(signature, &signature_len) == PM3_SUCCESS) - desfire_print_signature(package->uid, signature, signature_len); + desfire_print_signature(package->uid, signature, signature_len, cardtype); // Master Key settings uint8_t master_aid[3] = {0x00, 0x00, 0x00}; @@ -514,9 +557,6 @@ char *getVersionStr(uint8_t major, uint8_t minor) { void getKeySettings(uint8_t *aid) { - char messStr[512] = {0x00}; - const char *str = messStr; - if (memcmp(aid, "\x00\x00\x00", 3) == 0) { // CARD MASTER KEY @@ -544,9 +584,7 @@ void getKeySettings(uint8_t *aid) { PrintAndLogEx(WARNING, _RED_(" Can't read Application Master key settings")); } - - memset(messStr, 0x00, sizeof(messStr)); - str = " Operation of PICC master key : " _YELLOW_("%s"); + const char *str = " Operation of PICC master key : " _YELLOW_("%s"); // 2 MSB denotes switch (num_keys >> 6) { @@ -666,8 +704,8 @@ static int CmdHF14ADesEnumApplications(const char *Cmd) { // Get File IDs if (get_desfire_fileids(file_ids, &file_ids_len) == PM3_SUCCESS) { PrintAndLogEx(SUCCESS, " Tag report " _GREEN_("%d") "file%c", file_ids_len, (file_ids_len == 1) ? ' ' : 's'); - for (int i = 0; i < file_ids_len; ++i) { - PrintAndLogEx(SUCCESS, " Fileid %d (0x%02x)", file_ids[i], file_ids[i]); + for (int j = 0; j < file_ids_len; ++j) { + PrintAndLogEx(SUCCESS, " Fileid %d (0x%02x)", file_ids[j], file_ids[j]); } } diff --git a/client/cmdhfmfdesfire_disabled.c b/client/cmdhfmfdesfire_disabled.c index fc123667b..e2d43630f 100644 --- a/client/cmdhfmfdesfire_disabled.c +++ b/client/cmdhfmfdesfire_disabled.c @@ -8,7 +8,7 @@ // High frequency MIFARE commands //----------------------------------------------------------------------------- -#include "cmdhfmfdesfire.h" +#include "cmdhfmfdesfire_disabled.h" #include "cmdparser.h" // command_t diff --git a/client/cmdlfkeri.c b/client/cmdlfkeri.c index 1299d767a..a77f3c477 100644 --- a/client/cmdlfkeri.c +++ b/client/cmdlfkeri.c @@ -128,7 +128,7 @@ static int CmdKeriMSScramble (KeriMSScramble_t Action, uint32_t *FC, uint32_t *I *CardID = *CardID | Parity; // Bit 31 was fixed but not in check/parity bits - *CardID |= (uint32_t)(1 << 31); + *CardID |= 1UL << 31; PrintAndLogEx(SUCCESS, "Scrambled MS : FC %d - CN %d to RAW : E0000000%08X",*FC,*ID,*CardID); } diff --git a/client/cmdlft55xx.c b/client/cmdlft55xx.c index fafb5d2da..574030f01 100644 --- a/client/cmdlft55xx.c +++ b/client/cmdlft55xx.c @@ -482,12 +482,16 @@ static bool t55xxProtect(bool lock, bool usepwd, uint8_t override, uint32_t pass int res = T55xxReadBlockEx(T55x7_CONFIGURATION_BLOCK, T55x7_PAGE0, usepwd, override, password, downlink_mode, false); if (res != PM3_SUCCESS) { - PrintAndLogEx(WARNING, "Failed to read block0, use `p` password parameter?"); + PrintAndLogEx(WARNING, "Failed to read block0, use " _YELLOW_("`p`") "password parameter?"); return false; } - if (GetT55xxBlockData(&block0) == false) + if (GetT55xxBlockData(&block0) == false) { + PrintAndLogEx(DEBUG, "ERROR decoded block0 == %08x", block0); return false; + } + PrintAndLogEx(DEBUG, "OK read block0 == %08x", block0); + bool isPwdBitAlreadySet = (block0 >> (32 - 28) & 1); if (isPwdBitAlreadySet) { @@ -3679,7 +3683,7 @@ static int CmdT55xxProtect(const char *Cmd) { // lock if (t55xxProtect(true, usepwd, override, password, downlink_mode, new_password) == false) { - PrintAndLogEx(WARNING, "Command failed. Did you run `lf t55xx detect` before?"); + PrintAndLogEx(WARNING, "Command failed. Did you run " _YELLOW_("`lf t55xx detect`") "before?"); return PM3_ESOFT; } return PM3_SUCCESS; diff --git a/client/resources/aidlist.json b/client/resources/aidlist.json index 13e140e49..e427e34bf 100644 --- a/client/resources/aidlist.json +++ b/client/resources/aidlist.json @@ -2128,27 +2128,35 @@ "Type": "EMV" }, { - "AID": "7465736C6153746F7265303032", + "AID": "7465736C6153746F7265", "Vendor": "Tesla", "Country": "", - "Name": "teslaStore002", - "Description": "Tesla car key", + "Name": "teslaStore", + "Description": "Undocumented AID associated with official Tesla Key Cards", "Type": "Tesla" }, { - "AID": "7465736C614C6F67696330303201", + "AID": "7465736C614C6F6769633", "Vendor": "Tesla", "Country": "", - "Name": "teslaLogic002", - "Description": "Tesla car key", + "Name": "teslaLogic (Original AID)", + "Description": "Key for Tesla vehicles", "Type": "Tesla" }, { - "AID": "7465736C61", + "AID": "F465736C614C6F6769633", "Vendor": "Tesla", "Country": "", - "Name": "tesla", - "Description": "Tesla car key generic AID", + "Name": "teslaLogic (Alternate AID)", + "Description": "Key for Tesla vehicles", + "Type": "Tesla" + }, + { + "AID": "5465736c61444150", + "Vendor": "Tesla", + "Country": "", + "Name": "TeslaDAP", + "Description": "Undocumented AID associated with official Tesla BTLE Key Fobs", "Type": "Tesla" } -] \ No newline at end of file +] diff --git a/client/tinycbor/cborpretty.c b/client/tinycbor/cborpretty.c index 775d90925..71f05522f 100644 --- a/client/tinycbor/cborpretty.c +++ b/client/tinycbor/cborpretty.c @@ -488,14 +488,14 @@ static CborError value_to_pretty(CborStreamFunction stream, void *out, CborValue case CborFloatType: cbor_value_get_float(it, &f); val = f; - suffix = flags & CborPrettyNumericEncodingIndicators ? "_2" : "f"; + suffix = (flags & CborPrettyNumericEncodingIndicators) ? "_2" : "f"; } else if (false) { uint16_t f16; case CborHalfFloatType: #ifndef CBOR_NO_HALF_FLOAT_TYPE cbor_value_get_half_float(it, &f16); val = decode_half(f16); - suffix = flags & CborPrettyNumericEncodingIndicators ? "_1" : "f16"; + suffix = (flags & CborPrettyNumericEncodingIndicators) ? "_1" : "f16"; #else (void)f16; err = CborErrorUnsupportedType; diff --git a/client/tinycbor/cbortojson.c b/client/tinycbor/cbortojson.c index 3ea90cee8..8d39303bc 100644 --- a/client/tinycbor/cbortojson.c +++ b/client/tinycbor/cbortojson.c @@ -146,7 +146,7 @@ * the keys for the metadata clash with existing keys in the JSON map. */ -extern FILE *open_memstream(char **bufptr, size_t *sizeptr); +extern FILE *open_memstream(char **bufptr, size_t *lenptr); enum ConversionStatusFlags { TypeWasNotNative = 0x100, /* anything but strings, boolean, null, arrays and maps */ diff --git a/client/ui.c b/client/ui.c index df62b9bff..bac8b2956 100644 --- a/client/ui.c +++ b/client/ui.c @@ -159,6 +159,7 @@ void PrintAndLogEx(logLevel_t level, const char *fmt, ...) { break; case DEBUG: strncpy(prefix, _BLUE_("[#]"), sizeof(prefix) - 1); + break; case HINT: case SUCCESS: strncpy(prefix, _GREEN_("[+]"), sizeof(prefix) - 1); diff --git a/client/wiegand_formatutils.c b/client/wiegand_formatutils.c index ba446957a..836da717d 100644 --- a/client/wiegand_formatutils.c +++ b/client/wiegand_formatutils.c @@ -36,21 +36,21 @@ bool set_bit_by_position(wiegand_message_t *data, bool value, uint8_t pos) { return false; } else if (pos > 63) { if (value) - data->Top |= (1 << (pos - 64)); + data->Top |= (1UL << (pos - 64)); else - data->Top &= ~(1 << (pos - 64)); + data->Top &= ~(1UL << (pos - 64)); return true; } else if (pos > 31) { if (value) - data->Mid |= (1 << (pos - 32)); + data->Mid |= (1UL << (pos - 32)); else - data->Mid &= ~(1 << (pos - 32)); + data->Mid &= ~(1UL << (pos - 32)); return true; } else { if (value) - data->Bot |= (1 << pos); + data->Bot |= (1UL << pos); else - data->Bot &= ~(1 << pos); + data->Bot &= ~(1UL << pos); return true; } } diff --git a/tools/hitag2crack/crack3/ht2crack3.c b/tools/hitag2crack/crack3/ht2crack3.c index da35bbd14..9e39a8e09 100644 --- a/tools/hitag2crack/crack3/ht2crack3.c +++ b/tools/hitag2crack/crack3/ht2crack3.c @@ -214,15 +214,15 @@ void *crack(void *d) { uint64_t y; uint64_t ytmp; uint64_t klowery; - unsigned int count = 0; + unsigned int count; uint64_t bit; uint64_t b; uint64_t z; uint64_t foundkey; uint64_t revkey; int ret; - unsigned int found = 0; - unsigned int badguess = 0; + unsigned int found; + unsigned int badguess; struct Tklower *Tk = NULL; @@ -312,7 +312,7 @@ void *crack(void *d) { // normalise foundkey revkey = rev64(foundkey); foundkey = ((revkey >> 40) & 0xff) | ((revkey >> 24) & 0xff00) | ((revkey >> 8) & 0xff0000) | ((revkey << 8) & 0xff000000) | ((revkey << 24) & 0xff00000000) | ((revkey << 40) & 0xff0000000000); - printf("\n\nSuccess - key = %012lX\n", foundkey); + printf("\n\nSuccess - key = %012"PRIx64"\n", foundkey); exit(0); return (void *)foundkey; @@ -446,7 +446,7 @@ int main(int argc, char *argv[]) { } printf("thread %i finished\n", i); if (status) { - printf("Key = %012lX\n", (uint64_t)status); + printf("Key = %012"PRIx64"\n", (uint64_t)status); exit(0); } }