github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-20 05:13:46 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

chg: hf iclass decrypt -d - now also reads enccrypted blockdata as param to decrypt

Browse source
This commit is contained in:
iceman1001 2019-09-05 22:39:30 +02:00
commit 1ca235e58f
1 changed files with 60 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

44
client/cmdhficlass.c
View file

@ -76,14 +76,17 @@ static int usage_hf_iclass_decrypt(void) {
PrintAndLogEx(NORMAL, "OBS! In order to use this function, the file 'iclass_decryptionkey.bin' must reside"); PrintAndLogEx(NORMAL, "OBS! In order to use this function, the file 'iclass_decryptionkey.bin' must reside");
PrintAndLogEx(NORMAL, "in the resources directory. The file should be 16 bytes binary data"); PrintAndLogEx(NORMAL, "in the resources directory. The file should be 16 bytes binary data");
PrintAndLogEx(NORMAL, ""); PrintAndLogEx(NORMAL, "");
PrintAndLogEx(NORMAL, "Usage: hf iclass decrypt f <tagdump> k <transport key>"); PrintAndLogEx(NORMAL, "Usage: hf iclass decrypt d <enc data> f <tagdump> k <transport key>");
PrintAndLogEx(NORMAL, " options"); PrintAndLogEx(NORMAL, " options");
PrintAndLogEx(NORMAL, " d <encrypted block> 16 bytes hex")
PrintAndLogEx(NORMAL, " f <filename> filename of dump"); PrintAndLogEx(NORMAL, " f <filename> filename of dump");
PrintAndLogEx(NORMAL, " k <transport key> 16 bytes hex"); PrintAndLogEx(NORMAL, " k <transport key> 16 bytes hex");
PrintAndLogEx(NORMAL, ""); PrintAndLogEx(NORMAL, "");
PrintAndLogEx(NORMAL, "Examples:"); PrintAndLogEx(NORMAL, "Examples:");
PrintAndLogEx(NORMAL, "S hf iclass decrypt f tagdump_1.bin"); PrintAndLogEx(NORMAL, "S hf iclass decrypt f tagdump_1.bin");
PrintAndLogEx(NORMAL, "S hf iclass decrypt f tagdump_1.bin k 000102030405060708090a0b0c0d0e0f"); PrintAndLogEx(NORMAL, "S hf iclass decrypt f tagdump_1.bin k 000102030405060708090a0b0c0d0e0f");
PrintAndLogEx(NORMAL, "S hf iclass decrypt d 1122334455667788 k 000102030405060708090a0b0c0d0e0f");
return PM3_SUCCESS; return PM3_SUCCESS;
} }
static int usage_hf_iclass_encrypt(void) { static int usage_hf_iclass_encrypt(void) {
@ -796,8 +799,12 @@ static int CmdHFiClassDecrypt(const char *Cmd) {
bool errors = false; bool errors = false;
bool have_key = false; bool have_key = false;
bool have_data = false;
bool have_file = false;
uint8_t cmdp = 0; uint8_t cmdp = 0;
uint8_t enc_data[8] = {0};
size_t keylen = 0; size_t keylen = 0;
uint8_t key[32] = {0}; uint8_t key[32] = {0};
uint8_t *keyptr = NULL; uint8_t *keyptr = NULL;
@ -810,6 +817,15 @@ static int CmdHFiClassDecrypt(const char *Cmd) {
switch (tolower(param_getchar(Cmd, cmdp))) { switch (tolower(param_getchar(Cmd, cmdp))) {
case 'h': case 'h':
return usage_hf_iclass_decrypt(); return usage_hf_iclass_decrypt();
case 'd':
if (param_gethex(Cmd, cmdp + 1, enc_data, 16)) {
PrintAndLogEx(ERR, "data must be 16 HEX symbols");
errors = true;
break;
}
have_data = true;
cmdp += 2;
break;
case 'f': case 'f':
if (param_getstr(Cmd, cmdp + 1, filename, sizeof(filename)) == 0) { if (param_getstr(Cmd, cmdp + 1, filename, sizeof(filename)) == 0) {
PrintAndLogEx(WARNING, "no filename found after f"); PrintAndLogEx(WARNING, "no filename found after f");
@ -821,6 +837,7 @@ static int CmdHFiClassDecrypt(const char *Cmd) {
errors = true; errors = true;
break; break;
} }
have_file = true;
cmdp += 2; cmdp += 2;
break; break;
case 'k': case 'k':
@ -848,6 +865,18 @@ static int CmdHFiClassDecrypt(const char *Cmd) {
memcpy(key, keyptr, sizeof(key)); memcpy(key, keyptr, sizeof(key));
} }
// tripledes
mbedtls_des3_context ctx;
mbedtls_des3_set2key_dec(&ctx, key);
uint8_t dec_data[8] = {0};
if ( have_data ) {
mbedtls_des3_crypt_ecb(&ctx, enc_data, dec_data);
PrintAndLogEx(SUCCESS, "Data: %s", sprint_hex(dec_data, sizeof(dec_data)));
}
if ( have_file ) {
picopass_hdr *hdr = (picopass_hdr *)decrypted; picopass_hdr *hdr = (picopass_hdr *)decrypted;
uint8_t mem = hdr->conf.mem_config; uint8_t mem = hdr->conf.mem_config;
@ -858,20 +887,16 @@ static int CmdHFiClassDecrypt(const char *Cmd) {
uint8_t max_blk = 31; uint8_t max_blk = 31;
getMemConfig(mem, chip, &max_blk, &app_areas, &kb); getMemConfig(mem, chip, &max_blk, &app_areas, &kb);
// tripledes
mbedtls_des3_context ctx;
mbedtls_des3_set2key_dec(&ctx, key);
uint8_t enc_dump[8] = {0};
uint8_t empty[8] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; uint8_t empty[8] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
for (uint16_t blocknum = 0; blocknum < applimit; ++blocknum) { for (uint16_t blocknum = 0; blocknum < applimit; ++blocknum) {
uint8_t idx = blocknum * 8; uint8_t idx = blocknum * 8;
memcpy(enc_dump, decrypted + idx, 8); memcpy(enc_data, decrypted + idx, 8);
// block 7 or higher, and not empty 0xFF // block 7 or higher, and not empty 0xFF
if (blocknum > 6 && memcmp(enc_dump, empty, 8) != 0) { if (blocknum > 6 && memcmp(enc_data, empty, 8) != 0) {
mbedtls_des3_crypt_ecb(&ctx, enc_dump, decrypted + idx); mbedtls_des3_crypt_ecb(&ctx, enc_data, decrypted + idx);
} }
} }
@ -887,6 +912,7 @@ static int CmdHFiClassDecrypt(const char *Cmd) {
printIclassDumpContents(decrypted, 1, (decryptedlen / 8), decryptedlen); printIclassDumpContents(decrypted, 1, (decryptedlen / 8), decryptedlen);
free(decrypted); free(decrypted);
free(fptr); free(fptr);
}
return PM3_SUCCESS; return PM3_SUCCESS;
} }