From 1a565ae953583fe5a45149cee3a28174e9a52883 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 5 Apr 2019 07:39:07 +0200 Subject: [PATCH 01/27] fix uninitialised --- client/scripting.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/client/scripting.c b/client/scripting.c index f3afb18d4..cf9b5c590 100644 --- a/client/scripting.c +++ b/client/scripting.c @@ -785,8 +785,7 @@ static int l_T55xx_readblock(lua_State *L) { // arg 2 = use GB static int l_T55xx_detect(lua_State *L) { bool useGB = false, usepwd = false, isok; - uint32_t password; - uint32_t gb; + uint32_t gb, password = 0; size_t size; //Check number of arguments From a499e30608bc716f878674ee4fbee3e3e20eb6fe Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 5 Apr 2019 08:21:10 +0200 Subject: [PATCH 02/27] chg: 'script run test_t55x7' - more modulations and better wipe card --- client/scripts/test_t55x7.lua | 185 +++++++++++++++++++++++++++------- 1 file changed, 146 insertions(+), 39 deletions(-) diff --git a/client/scripts/test_t55x7.lua b/client/scripts/test_t55x7.lua index 3b7ea2e02..0d89147c6 100644 --- a/client/scripts/test_t55x7.lua +++ b/client/scripts/test_t55x7.lua @@ -89,23 +89,134 @@ local function exitMsg(msg) print(msg) print() end +--- +-- ask/fsk/psk configuration blocks to test +local function GetConfigs( modulation ) + local t = {} + + t['ASK'] = { + [1] = '00008040', + [2] = '00048040', + [3] = '00088040', + [4] = '000c8040', + [5] = '00108040', + [6] = '00148040', + [7] = '00188040', + [8] = '001c8040', + } + + t['BI'] = { + [1] = '00010040', + [2] = '00050040', + [3] = '00090040', + [4] = '000d0040', + [5] = '00110040', + [6] = '00150040', + [7] = '00190040', + [8] = '001d0040', + } + + t['FSK2A'] = { + [1] = '00007040', + [2] = '00047040', + [3] = '00087040', + [4] = '000c7040', + [5] = '00107040', + [6] = '00147040', + [7] = '00187040', + [8] = '001c7040', + } + + t['FSK1A'] = { + [1] = '00006040', + [2] = '00046040', + [3] = '00086040', + [4] = '000c6040', + [5] = '00106040', + [6] = '00146040', + [7] = '00186040', + [8] = '001c6040', + } + + t['FSK2'] = { + [1] = '00005040', + [2] = '00045040', + [3] = '00085040', + [4] = '000c5040', + [5] = '00105040', + [6] = '00145040', + [7] = '00185040', + [8] = '001c5040', + } + + t['FSK1'] = { + [1] = '00004040', + [2] = '00004040', + [3] = '00044040', + [4] = '00084040', + [5] = '000c4040', + [6] = '00104040', + [7] = '00144040', + [8] = '00184040', + [9] = '001c4040', + } + + t['PSK1'] = { + [1] = '00001040', + [2] = '00041040', + [3] = '00081040', + [4] = '000c1040', + [5] = '00101040', + [6] = '00141040', + [7] = '00181040', + [8] = '001c1040', + } + + t['PSK2'] = { + [1] = '00002040', + [2] = '00042040', + [3] = '00082040', + [4] = '000c2040', + [5] = '00102040', + [6] = '00142040', + [7] = '00182040', + [8] = '001c2040', + } + + t['PSK3'] = { + [1] = '00003040', + [2] = '00043040', + [3] = '00083040', + [4] = '000c3040', + [5] = '00103040', + [6] = '00143040', + [7] = '00183040', + [8] = '001c3040', + } + return t[modulation] +end +--- +-- lf t55xx wipe local function WipeCard() - local wipe_cmds = { - [1] = 'lf t55xx wipe', - [2] = 'lf t55xx detect', - } - for _ = 1, #wipe_cmds do - local c = wipe_cmds[_] - dbg(c); core.console(c) - end + print('Wiping card') + core.console('lf t55xx wipe') - local wipe_data_cmd = "lf t55xx write b %s d %s" - for _ = 1, #data_blocks_cmds do - local val = data_blocks_cmds[_] - local c = string.format(wipe_data_cmd, _, val); - core.console(c) + print('Detecting card'); + local res, msg = core.t55xx_detect() + if not res then + oops("can't detect modulation. Test failed."); + core.console("rem Failed to detect"); + return false + else + local wipe_data_cmd = "lf t55xx write b %s d %s" + for _ = 1, #data_blocks_cmds do + local val = data_blocks_cmds[_] + local c = string.format(wipe_data_cmd, _, val); + core.console(c) + end + return true end end --- @@ -120,23 +231,18 @@ local function CheckReadBlock(block) return ('%08X'):format(data) end -local function test() +local function test(modulation) - -- PSK1 Modulations to test. (2blocks) - local process_block0_cmds = { - [1] = '00001040', - [2] = '00041040', - [3] = '00081040', - [4] = '000c1040', - [5] = '00101040', - [6] = '00141040', - [7] = '00181040', - [8] = '001c1040', - } - + local process_block0_cmds = {} local y local block = "00" - + + local s = ('Start test of %s'):format(modulation) + print(s) + core.console('rem '..s) + + process_block0_cmds = GetConfigs(modulation) + for _ = 1, #process_block0_cmds do local p_config_cmd = process_block0_cmds[_] @@ -181,19 +287,20 @@ local function main(args) end core.clearCommandBuffer() - - print('Starting test, wiping card') - WipeCard() - print('Detecting card') - local res, msg = core.t55xx_detect() - if res then - print('Starting test') - test() - else - print("can't detect modulation. Test failed. Ending.") - end + local res --- test() + res = WipeCard() + if res then test("ASK") end + +-- res = WipeCard() +-- if res then test("FSK1") end + +-- res = WipeCard() +-- if res then test("FSK2") end + +-- res = WipeCard() +-- if res then test("PSK1") end + exitMsg('Tests finished') end From 229452719a09753382ee3239c7611be3a11a1afd Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 5 Apr 2019 08:36:12 +0200 Subject: [PATCH 03/27] chg: compare with low case --- client/scripts/test_t55x7.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/scripts/test_t55x7.lua b/client/scripts/test_t55x7.lua index 0d89147c6..c1cbd214e 100644 --- a/client/scripts/test_t55x7.lua +++ b/client/scripts/test_t55x7.lua @@ -265,7 +265,7 @@ local function test(modulation) for _ = 1, #data_blocks_cmds do local val = data_blocks_cmds[_] local blockdata, msg = CheckReadBlock(_) - if blockdata ~= val then + if blockdata:lower() ~= val:lower() then print( ('Test %s == %s Failed'):format(val, blockdata)) core.console( format('rem -- block %d value %s failed', _, val)) else From 774cbc5cb9f4e920988dc78aa1611d12e17532b0 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 5 Apr 2019 08:58:12 +0200 Subject: [PATCH 04/27] chg: 'script run test_t55x7' - better test loops --- client/scripts/test_t55x7.lua | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/client/scripts/test_t55x7.lua b/client/scripts/test_t55x7.lua index c1cbd214e..015b578c0 100644 --- a/client/scripts/test_t55x7.lua +++ b/client/scripts/test_t55x7.lua @@ -194,7 +194,7 @@ local function GetConfigs( modulation ) [7] = '00183040', [8] = '001c3040', } - return t[modulation] + return t[modulation:upper()] end --- -- lf t55xx wipe @@ -243,6 +243,8 @@ local function test(modulation) process_block0_cmds = GetConfigs(modulation) + if process_block0_cmds == nil then return oops('Cant find modulation '..modulation) end + for _ = 1, #process_block0_cmds do local p_config_cmd = process_block0_cmds[_] @@ -289,17 +291,14 @@ local function main(args) core.clearCommandBuffer() local res - res = WipeCard() - if res then test("ASK") end - --- res = WipeCard() --- if res then test("FSK1") end - --- res = WipeCard() --- if res then test("FSK2") end - --- res = WipeCard() --- if res then test("PSK1") end + -- Adjust this table to set which configurations should be tested + local test_modes = { 'ASK', 'PSK1' } + + for _ = 1, #test_modes do + res = WipeCard() + print (test_modes[_]) + if res then test(test_modes[_]) end + end exitMsg('Tests finished') From 5b0eed26b58249a8566adfd0cdaac7099c4028e0 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 5 Apr 2019 09:14:40 +0200 Subject: [PATCH 05/27] style --- client/emv/emv_tags.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/client/emv/emv_tags.c b/client/emv/emv_tags.c index 605707a65..ee6824b32 100644 --- a/client/emv/emv_tags.c +++ b/client/emv/emv_tags.c @@ -537,7 +537,7 @@ static void emv_tag_dump_numeric(const struct tlv *tlv, const struct emv_tag *ta static void emv_tag_dump_yymmdd(const struct tlv *tlv, const struct emv_tag *tag, FILE *f, int level) { PRINT_INDENT(level); - fprintf(f, "\tDate: 20%02ld.%ld.%ld\n", + fprintf(f, "\tDate: 20%02lu.%lu.%lu\n", emv_value_numeric(tlv, 0, 2), emv_value_numeric(tlv, 2, 4), emv_value_numeric(tlv, 4, 6)); @@ -667,9 +667,9 @@ static void emv_tag_dump_cvm_list(const struct tlv *tlv, const struct emv_tag *t Y = emv_get_binary(tlv->value + 4); PRINT_INDENT(level); - fprintf(f, "\tX: %d\n", X); + fprintf(f, "\tX: %u\n", X); PRINT_INDENT(level); - fprintf(f, "\tY: %d\n", Y); + fprintf(f, "\tY: %u\n", Y); for (i = 8; i < tlv->len; i += 2) { const char *method; From 632e80e9b142f9187b7e28c80be1204f9ee607d0 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 5 Apr 2019 09:16:01 +0200 Subject: [PATCH 06/27] style --- client/hid-flasher/flash.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/client/hid-flasher/flash.c b/client/hid-flasher/flash.c index 020be9e87..edfc6b776 100644 --- a/client/hid-flasher/flash.c +++ b/client/hid-flasher/flash.c @@ -413,7 +413,7 @@ int flash_write(flash_file_t *ctx) { uint32_t blocks = (length + BLOCK_SIZE - 1) / BLOCK_SIZE; uint32_t end = seg->start + length; - fprintf(stderr, " 0x%08x..0x%08x [0x%x / %d blocks]", + fprintf(stderr, " 0x%08x..0x%08x [0x%x / %u blocks]", seg->start, end - 1, length, blocks); int block = 0; @@ -427,7 +427,7 @@ int flash_write(flash_file_t *ctx) { if (write_block(baddr, data, block_size) < 0) { fprintf(stderr, " ERROR\n"); - fprintf(stderr, "Error writing block %d of %d\n", block, blocks); + fprintf(stderr, "Error writing block %d of %u\n", block, blocks); return -1; } From 647dcc596f40b63bd9f869af3930c51c7b5362a8 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 5 Apr 2019 09:18:52 +0200 Subject: [PATCH 07/27] style --- client/cmdhfmfu.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/client/cmdhfmfu.c b/client/cmdhfmfu.c index 956cc1a70..ac1391c47 100644 --- a/client/cmdhfmfu.c +++ b/client/cmdhfmfu.c @@ -1134,8 +1134,6 @@ int CmdHF14AMfUInfo(const char *Cmd) { // hasAuthKey, if we was called with key, skip test. if (!authlim && !hasAuthKey) { PrintAndLogEx(NORMAL, "\n--- Known EV1/NTAG passwords."); - len = 0; - // test pwd gen A num_to_bytes(ul_ev1_pwdgenA(card.uid), 4, key); len = ulev1_requestAuthentication(key, pack, sizeof(pack)); From 6404c974b63bd730346e46f112eea6d3a441e7c3 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 5 Apr 2019 09:20:37 +0200 Subject: [PATCH 08/27] style --- client/cmdlfem4x.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/client/cmdlfem4x.c b/client/cmdlfem4x.c index e6da5da33..8d5ebb68b 100644 --- a/client/cmdlfem4x.c +++ b/client/cmdlfem4x.c @@ -1225,9 +1225,8 @@ int CmdEM4x05Write(const char *Cmd) { if (strlen(Cmd) == 0 || ctmp == 'h') return usage_lf_em4x05_write(); bool usePwd = false; - uint8_t addr = 50; // default to invalid address - uint32_t data = 0; // default to blank data - uint32_t pwd = 1; // default to blank password + uint8_t addr; + uint32_t data, pwd; addr = param_get8ex(Cmd, 0, 50, 10); data = param_get32ex(Cmd, 1, 0, 16); From 82f4388abed041270627b1eeaed8491447479921 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 5 Apr 2019 09:22:12 +0200 Subject: [PATCH 09/27] style --- client/hid-flasher/flash.c | 2 +- client/hid-flasher/proxusb.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/client/hid-flasher/flash.c b/client/hid-flasher/flash.c index edfc6b776..967888e17 100644 --- a/client/hid-flasher/flash.c +++ b/client/hid-flasher/flash.c @@ -180,7 +180,7 @@ static int check_segs(flash_file_t *ctx, int can_write_bl) { // Load an ELF file and prepare it for flashing int flash_load(flash_file_t *ctx, const char *name, int can_write_bl) { - FILE *fd = NULL; + FILE *fd; Elf32_Ehdr ehdr; Elf32_Phdr *phdrs = NULL; int num_phdrs; diff --git a/client/hid-flasher/proxusb.c b/client/hid-flasher/proxusb.c index f7ff5d489..7563429d8 100644 --- a/client/hid-flasher/proxusb.c +++ b/client/hid-flasher/proxusb.c @@ -166,7 +166,7 @@ usb_dev_handle *findProxmark(int verbose, unsigned int *iface) { usb_dev_handle *OpenProxmark(int verbose) { int ret; - usb_dev_handle *handle = NULL; + usb_dev_handle *handle; unsigned int iface; handle = findProxmark(verbose, &iface); From ea5dddafef732107ec081097efed554109f94c72 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 5 Apr 2019 18:47:36 +0200 Subject: [PATCH 10/27] fix: invalidPrintfArg --- client/emv/crypto_polarssl.c | 4 ++-- client/emv/emv_pk.c | 2 +- client/emv/emv_roca.c | 2 +- client/flasher.c | 10 +++++----- uart/uart_posix.c | 2 +- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/client/emv/crypto_polarssl.c b/client/emv/crypto_polarssl.c index 3b0a7d801..ff5a867a9 100644 --- a/client/emv/crypto_polarssl.c +++ b/client/emv/crypto_polarssl.c @@ -208,7 +208,7 @@ static unsigned char *crypto_pk_polarssl_encrypt(const struct crypto_pk *_cp, co res = mbedtls_rsa_public(&cp->ctx, buf, result); if (res) { - printf("RSA encrypt failed. Error: %x data len: %zd key len: %zd\n", res * -1, len, keylen); + printf("RSA encrypt failed. Error: %x data len: %zu key len: %zu\n", res * -1, len, keylen); free(result); return NULL; } @@ -234,7 +234,7 @@ static unsigned char *crypto_pk_polarssl_decrypt(const struct crypto_pk *_cp, co res = mbedtls_rsa_private(&cp->ctx, NULL, NULL, buf, result); // CHECK??? if (res) { - printf("RSA decrypt failed. Error: %x data len: %zd key len: %zd\n", res * -1, len, keylen); + printf("RSA decrypt failed. Error: %x data len: %zu key len: %zu\n", res * -1, len, keylen); free(result); return NULL; } diff --git a/client/emv/emv_pk.c b/client/emv/emv_pk.c index 4c6afa88e..9b5f2e714 100644 --- a/client/emv/emv_pk.c +++ b/client/emv/emv_pk.c @@ -483,7 +483,7 @@ struct emv_pk *emv_pk_get_ca_pk(const unsigned char *rid, unsigned char idx) { if (!pk) return NULL; - printf("Verifying CA PK for %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx %zd bits...", + printf("Verifying CA PK for %02hhx:%02hhx:%02hhx:%02hhx:%02hhx IDX %02hhx %zu bits...", pk->rid[0], pk->rid[1], pk->rid[2], diff --git a/client/emv/emv_roca.c b/client/emv/emv_roca.c index 3a89020c7..c0d0d419d 100644 --- a/client/emv/emv_roca.c +++ b/client/emv/emv_roca.c @@ -84,7 +84,7 @@ void print_mpi(const char *msg, int radix, const mbedtls_mpi *X) { size_t len = 0; mbedtls_mpi_write_string(X, radix, Xchar, sizeof(Xchar), &len); - printf("%s[%ld] %s\n", msg, len, Xchar); + printf("%s[%zu] %s\n", msg, len, Xchar); } bool emv_rocacheck(const unsigned char *buf, size_t buflen, bool verbose) { diff --git a/client/flasher.c b/client/flasher.c index bc744b339..cb77ce719 100644 --- a/client/flasher.c +++ b/client/flasher.c @@ -23,11 +23,11 @@ void cmd_debug(UsbCommand *c) { // Debug printf("UsbCommand length[len=%zd]\n", sizeof(UsbCommand)); - printf(" cmd[len=%zd]: %016" PRIx64"\n", sizeof(c->cmd), c->cmd); - printf(" arg0[len=%zd]: %016" PRIx64"\n", sizeof(c->arg[0]), c->arg[0]); - printf(" arg1[len=%zd]: %016" PRIx64"\n", sizeof(c->arg[1]), c->arg[1]); - printf(" arg2[len=%zd]: %016" PRIx64"\n", sizeof(c->arg[2]), c->arg[2]); - printf(" data[len=%zd]: ", sizeof(c->d.asBytes)); + printf(" cmd[len=%zu]: %016" PRIx64"\n", sizeof(c->cmd), c->cmd); + printf(" arg0[len=%zu]: %016" PRIx64"\n", sizeof(c->arg[0]), c->arg[0]); + printf(" arg1[len=%zu]: %016" PRIx64"\n", sizeof(c->arg[1]), c->arg[1]); + printf(" arg2[len=%zu]: %016" PRIx64"\n", sizeof(c->arg[2]), c->arg[2]); + printf(" data[len=%zu]: ", sizeof(c->d.asBytes)); for (size_t i = 0; i < 16; i++) printf("%02x", c->d.asBytes[i]); diff --git a/uart/uart_posix.c b/uart/uart_posix.c index 92af6774a..4c9e8b990 100644 --- a/uart/uart_posix.c +++ b/uart/uart_posix.c @@ -206,7 +206,7 @@ serial_port uart_open(const char *pcPortName, uint32_t speed) { } } } - printf("[=] UART Setting serial baudrate %i\n", speed); + printf("[=] UART Setting serial baudrate %u\n", speed); return sp; } From 1773cfcf390bb7e7142f0a462f9d729df751694f Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 5 Apr 2019 18:51:19 +0200 Subject: [PATCH 11/27] style --- armsrc/Standalone/hf_young.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/armsrc/Standalone/hf_young.c b/armsrc/Standalone/hf_young.c index 4b7a87e99..866b13e0c 100644 --- a/armsrc/Standalone/hf_young.c +++ b/armsrc/Standalone/hf_young.c @@ -158,7 +158,7 @@ void RunMod() { Bytes 5-7 are reserved SAK and ATQA for mifare classic -Use mfCSetBlock(0, block0, oldUID, wantWipe, MAGIC_SINGLE) to write it */ - uint8_t oldBlock0[16] = {0}, newBlock0[16] = {0}, testBlock0[16] = {0}; + uint8_t oldBlock0[16] = {0}, newBlock0[16], testBlock0[16] = {0}; // arg0 = Flags, arg1=blockNo MifareCGetBlock(params, 0, oldBlock0); if (oldBlock0[0] == 0 && oldBlock0[0] == oldBlock0[1] && oldBlock0[1] == oldBlock0[2] && oldBlock0[2] == oldBlock0[3]) { From e7406de2191d8d508fccd6ee4cafcc35fd862137 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 5 Apr 2019 18:53:17 +0200 Subject: [PATCH 12/27] redundant. --- client/cmdlfhid.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/client/cmdlfhid.c b/client/cmdlfhid.c index c0d55f977..b44a5e68a 100644 --- a/client/cmdlfhid.c +++ b/client/cmdlfhid.c @@ -459,8 +459,8 @@ int CmdHIDWiegand(const char *Cmd) { uint8_t *bs = bits; memset(bs, 0, sizeof(bits)); - uint8_t ctmp = param_getchar(Cmd, 0); - if (strlen(Cmd) == 0 || strlen(Cmd) < 3 || ctmp == 'H' || ctmp == 'h') return usage_lf_hid_wiegand(); + uint8_t ctmp = tolower(param_getchar(Cmd, 0)); + if (strlen(Cmd) < 3 || ctmp == 'h') return usage_lf_hid_wiegand(); oem = param_get8(Cmd, 0); fc = param_get32ex(Cmd, 1, 0, 10); From d42b779cbe484891c05cf02cfc31e841e6fbe6b5 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 5 Apr 2019 18:55:31 +0200 Subject: [PATCH 13/27] style --- client/crypto/asn1dump.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/crypto/asn1dump.c b/client/crypto/asn1dump.c index b62d83cbc..c55244286 100644 --- a/client/crypto/asn1dump.c +++ b/client/crypto/asn1dump.c @@ -323,7 +323,7 @@ bool asn1_tag_dump(const struct tlv *tlv, FILE *f, int level, bool *candump) { const struct asn1_tag *tag = asn1_get_tag(tlv); PRINT_INDENT(level); - fprintf(f, "--%2hx[%02zx] '%s':", tlv->tag, tlv->len, tag->name); + fprintf(f, "--%2x[%02zx] '%s':", tlv->tag, tlv->len, tag->name); switch (tag->type) { case ASN1_TAG_GENERIC: From ffdfe09659a571b5e2d22531b4a3685ebf0a1355 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 5 Apr 2019 18:57:05 +0200 Subject: [PATCH 14/27] style --- client/emv/emv_tags.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/client/emv/emv_tags.c b/client/emv/emv_tags.c index ee6824b32..dc6503f4b 100644 --- a/client/emv/emv_tags.c +++ b/client/emv/emv_tags.c @@ -490,7 +490,7 @@ static void emv_tag_dump_dol(const struct tlv *tlv, const struct emv_tag *tag, F doltag = emv_get_tag(&doltlv); PRINT_INDENT(level); - fprintf(f, "\tTag %4hx len %02zx ('%s')\n", doltlv.tag, doltlv.len, doltag->name); + fprintf(f, "\tTag %4x len %02zx ('%s')\n", doltlv.tag, doltlv.len, doltag->name); } } @@ -773,7 +773,7 @@ bool emv_tag_dump(const struct tlv *tlv, FILE *f, int level) { const struct emv_tag *tag = emv_get_tag(tlv); PRINT_INDENT(level); - fprintf(f, "--%2hx[%02zx] '%s':", tlv->tag, tlv->len, tag->name); + fprintf(f, "--%2x[%02zx] '%s':", tlv->tag, tlv->len, tag->name); switch (tag->type) { case EMV_TAG_GENERIC: From 4be92f129a0b8816b4ce11000c51b5f33a775327 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 5 Apr 2019 19:13:03 +0200 Subject: [PATCH 15/27] style --- client/flasher.c | 2 +- client/fpga_compress.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/client/flasher.c b/client/flasher.c index cb77ce719..be74ef8e6 100644 --- a/client/flasher.c +++ b/client/flasher.c @@ -22,7 +22,7 @@ void cmd_debug(UsbCommand *c) { // Debug - printf("UsbCommand length[len=%zd]\n", sizeof(UsbCommand)); + printf("UsbCommand length[len=%zu]\n", sizeof(UsbCommand)); printf(" cmd[len=%zu]: %016" PRIx64"\n", sizeof(c->cmd), c->cmd); printf(" arg0[len=%zu]: %016" PRIx64"\n", sizeof(c->arg[0]), c->arg[0]); printf(" arg1[len=%zu]: %016" PRIx64"\n", sizeof(c->arg[1]), c->arg[1]); diff --git a/client/fpga_compress.c b/client/fpga_compress.c index 0f4220632..3a06a62d3 100644 --- a/client/fpga_compress.c +++ b/client/fpga_compress.c @@ -98,12 +98,12 @@ int zlib_compress(FILE *infile[], uint8_t num_infiles, FILE *outfile, bool hardn #if __WORDSIZE == 64 "Input file too big (> %" PRIu64 " bytes). This is probably not a hardnested bitflip state table.\n" #else - "Input file too big (> %lu bytes). This is probably not a hardnested bitflip state table.\n" + "Input file too big (> %zu bytes). This is probably not a hardnested bitflip state table.\n" #endif , HARDNESTED_TABLE_SIZE); } else { - fprintf(stderr, "Input files too big (total > %lu bytes). These are probably not PM3 FPGA config files.\n", num_infiles * FPGA_CONFIG_SIZE); + fprintf(stderr, "Input files too big (total > %zu bytes). These are probably not PM3 FPGA config files.\n", num_infiles * FPGA_CONFIG_SIZE); } for (uint16_t j = 0; j < num_infiles; j++) { fclose(infile[j]); From fa0a2914f657c60571a2f3ef23095f8f2a595651 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 5 Apr 2019 19:29:16 +0200 Subject: [PATCH 16/27] style --- client/cmdsmartcard.c | 2 +- client/fpga_compress.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/client/cmdsmartcard.c b/client/cmdsmartcard.c index 2a0216aa7..b1c3c3797 100644 --- a/client/cmdsmartcard.c +++ b/client/cmdsmartcard.c @@ -1107,7 +1107,7 @@ int CmdSmartBruteforceSFI(const char *Cmd) { //Validations if (errors) return usage_sm_brute(); - const char *SELECT = "00a40400%02x%s"; + const char *SELECT = "00a40400%02zu%s"; // uint8_t GENERATE_AC[] = {0x80, 0xAE}; // uint8_t GET_CHALLENGE[] = {0x00, 0x84, 0x00}; diff --git a/client/fpga_compress.c b/client/fpga_compress.c index 3a06a62d3..00e62d74b 100644 --- a/client/fpga_compress.c +++ b/client/fpga_compress.c @@ -98,12 +98,12 @@ int zlib_compress(FILE *infile[], uint8_t num_infiles, FILE *outfile, bool hardn #if __WORDSIZE == 64 "Input file too big (> %" PRIu64 " bytes). This is probably not a hardnested bitflip state table.\n" #else - "Input file too big (> %zu bytes). This is probably not a hardnested bitflip state table.\n" + "Input file too big (> %li bytes). This is probably not a hardnested bitflip state table.\n" #endif , HARDNESTED_TABLE_SIZE); } else { - fprintf(stderr, "Input files too big (total > %zu bytes). These are probably not PM3 FPGA config files.\n", num_infiles * FPGA_CONFIG_SIZE); + fprintf(stderr, "Input files too big (total > %li bytes). These are probably not PM3 FPGA config files.\n", num_infiles * FPGA_CONFIG_SIZE); } for (uint16_t j = 0; j < num_infiles; j++) { fclose(infile[j]); From 841f20c5e5129a057970b3bf6594ae87f3bfb1b3 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Fri, 5 Apr 2019 19:34:05 +0200 Subject: [PATCH 17/27] test_t55x7 logs & stats --- client/scripts/test_t55x7.lua | 177 +++++++++++++++++++--------------- 1 file changed, 99 insertions(+), 78 deletions(-) diff --git a/client/scripts/test_t55x7.lua b/client/scripts/test_t55x7.lua index 015b578c0..3d21cc9e5 100644 --- a/client/scripts/test_t55x7.lua +++ b/client/scripts/test_t55x7.lua @@ -40,7 +40,9 @@ Arguments: ]] local TIMEOUT = 2000 -- Shouldn't take longer than 2 seconds -local DEBUG = true -- the debug flag +local DEBUG = false -- the debug flag +local total_tests = 0 +local total_pass = 0 local data_blocks_cmds = { [1] = '00000000', @@ -95,73 +97,6 @@ local function GetConfigs( modulation ) local t = {} - t['ASK'] = { - [1] = '00008040', - [2] = '00048040', - [3] = '00088040', - [4] = '000c8040', - [5] = '00108040', - [6] = '00148040', - [7] = '00188040', - [8] = '001c8040', - } - - t['BI'] = { - [1] = '00010040', - [2] = '00050040', - [3] = '00090040', - [4] = '000d0040', - [5] = '00110040', - [6] = '00150040', - [7] = '00190040', - [8] = '001d0040', - } - - t['FSK2A'] = { - [1] = '00007040', - [2] = '00047040', - [3] = '00087040', - [4] = '000c7040', - [5] = '00107040', - [6] = '00147040', - [7] = '00187040', - [8] = '001c7040', - } - - t['FSK1A'] = { - [1] = '00006040', - [2] = '00046040', - [3] = '00086040', - [4] = '000c6040', - [5] = '00106040', - [6] = '00146040', - [7] = '00186040', - [8] = '001c6040', - } - - t['FSK2'] = { - [1] = '00005040', - [2] = '00045040', - [3] = '00085040', - [4] = '000c5040', - [5] = '00105040', - [6] = '00145040', - [7] = '00185040', - [8] = '001c5040', - } - - t['FSK1'] = { - [1] = '00004040', - [2] = '00004040', - [3] = '00044040', - [4] = '00084040', - [5] = '000c4040', - [6] = '00104040', - [7] = '00144040', - [8] = '00184040', - [9] = '001c4040', - } - t['PSK1'] = { [1] = '00001040', [2] = '00041040', @@ -193,7 +128,75 @@ local function GetConfigs( modulation ) [6] = '00143040', [7] = '00183040', [8] = '001c3040', - } + } + + t['FSK1'] = { + [1] = '00004040', + [2] = '00004040', + [3] = '00044040', + [4] = '00084040', + [5] = '000c4040', + [6] = '00104040', + [7] = '00144040', + [8] = '00184040', + [9] = '001c4040', + } + + t['FSK2'] = { + [1] = '00005040', + [2] = '00045040', + [3] = '00085040', + [4] = '000c5040', + [5] = '00105040', + [6] = '00145040', + [7] = '00185040', + [8] = '001c5040', + } + + t['FSK1A'] = { + [1] = '00006040', + [2] = '00046040', + [3] = '00086040', + [4] = '000c6040', + [5] = '00106040', + [6] = '00146040', + [7] = '00186040', + [8] = '001c6040', + } + + t['FSK2A'] = { + [1] = '00007040', + [2] = '00047040', + [3] = '00087040', + [4] = '000c7040', + [5] = '00107040', + [6] = '00147040', + [7] = '00187040', + [8] = '001c7040', + } + + t['ASK'] = { + [1] = '00008040', + [2] = '00048040', + [3] = '00088040', + [4] = '000c8040', + [5] = '00108040', + [6] = '00148040', + [7] = '00188040', + [8] = '001c8040', + } + + t['BI'] = { + [1] = '00010040', + [2] = '00050040', + [3] = '00090040', + [4] = '000d0040', + [5] = '00110040', + [6] = '00150040', + [7] = '00190040', + [8] = '001d0040', + } + return t[modulation:upper()] end --- @@ -203,17 +206,17 @@ local function WipeCard() print('Wiping card') core.console('lf t55xx wipe') - print('Detecting card'); + print('Detecting card') local res, msg = core.t55xx_detect() if not res then - oops("can't detect modulation. Test failed."); - core.console("rem Failed to detect"); + oops("Can't detect modulation. Test failed.") + core.console("rem [ERR:DETECT:WIPED] Failed to detect after wipe") return false else local wipe_data_cmd = "lf t55xx write b %s d %s" for _ = 1, #data_blocks_cmds do local val = data_blocks_cmds[_] - local c = string.format(wipe_data_cmd, _, val); + local c = string.format(wipe_data_cmd, _, val) core.console(c) end return true @@ -239,7 +242,6 @@ local function test(modulation) local s = ('Start test of %s'):format(modulation) print(s) - core.console('rem '..s) process_block0_cmds = GetConfigs(modulation) @@ -248,6 +250,7 @@ local function test(modulation) for _ = 1, #process_block0_cmds do local p_config_cmd = process_block0_cmds[_] + local errors = 0 core.clearCommandBuffer() -- Write Config block @@ -262,19 +265,30 @@ local function test(modulation) local res, msg = core.t55xx_detect() if not res then print("can't detect modulation, skip to next config") + core.console(format("rem [ERR:DETECT:%s] Failed to detect modulation", p_config_cmd)) + core.console(format('rem [SUMMARY:%s] FAIL detection', p_config_cmd)) + total_tests = total_tests + #data_blocks_cmds else -- Loop block1-2 for _ = 1, #data_blocks_cmds do + total_tests = total_tests + 1 local val = data_blocks_cmds[_] local blockdata, msg = CheckReadBlock(_) if blockdata:lower() ~= val:lower() then print( ('Test %s == %s Failed'):format(val, blockdata)) - core.console( format('rem -- block %d value %s failed', _, val)) + core.console( format('rem [ERR:READ:%s:%d] block %d: read %s instead of %s', p_config_cmd, _, _, blockdata, val)) + errors = errors+1 else print( ('Test %s == %s OK'):format(val, blockdata)) + total_pass = total_pass + 1 end end - end + if errors >0 then + core.console( format('rem [SUMMARY:%s] FAIL %d test%s', p_config_cmd, errors, errors > 1 and "s" or "")) + else + core.console( format('rem [SUMMARY:%s] PASS all tests', p_config_cmd)) + end + end end end @@ -292,15 +306,22 @@ local function main(args) local res -- Adjust this table to set which configurations should be tested +-- local test_modes = { 'PSK1', 'PSK2', 'PSK3', 'FSK1', 'FSK2', 'FSK1A', 'FSK2A', 'ASK', 'BI' } local test_modes = { 'ASK', 'PSK1' } for _ = 1, #test_modes do res = WipeCard() - print (test_modes[_]) - if res then test(test_modes[_]) end + if res then + print (test_modes[_]) + test(test_modes[_]) + else + exitMsg('Abort!') + return + end end exitMsg('Tests finished') + core.console( format('rem [SUMMARY] Success rate: %d/%d tests passed%s', total_pass, total_tests, total_pass < total_tests and ", help me improving that number!" or " \\o/")) end main(args) From 8c017157d40958db8b5ef3a0c5183d0fa40ec236 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Fri, 5 Apr 2019 20:28:58 +0200 Subject: [PATCH 18/27] chg: better strong wave detection for biphase --- common/lfdemod.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/common/lfdemod.c b/common/lfdemod.c index cfac0a0b5..a0dea9d9d 100644 --- a/common/lfdemod.c +++ b/common/lfdemod.c @@ -445,11 +445,11 @@ int ManchesterEncode(uint8_t *bits, size_t size) { // by marshmellow // to detect a wave that has heavily clipped (clean) samples -// loop 512 samples, if 250 of them is deemed maxed out, we assume the wave is clipped. +// loop 1024 samples, if 250 of them is deemed maxed out, we assume the wave is clipped. bool DetectCleanAskWave(uint8_t *dest, size_t size, uint8_t high, uint8_t low) { bool allArePeaks = true; uint16_t cntPeaks = 0; - size_t loopEnd = 512 + 160; + size_t loopEnd = 1024 + 160; // sanity check if (loopEnd > size) loopEnd = size; @@ -463,7 +463,8 @@ bool DetectCleanAskWave(uint8_t *dest, size_t size, uint8_t high, uint8_t low) { } if (!allArePeaks) { - if (cntPeaks > 250) return true; + if (g_debugMode == 2) prnt("DEBUG DetectCleanAskWave: peaks (200) %u", cntPeaks); + if (cntPeaks > 200) return true; } return allArePeaks; } From 84753b91c041643b02dbba15948982d0df38aeed Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Fri, 5 Apr 2019 21:12:32 +0200 Subject: [PATCH 19/27] fix %u <> size_t compilation warning --- client/scripting.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/scripting.c b/client/scripting.c index cf9b5c590..d4efac99f 100644 --- a/client/scripting.c +++ b/client/scripting.c @@ -797,7 +797,7 @@ static int l_T55xx_detect(lua_State *L) { if (size != 1) return returnToLuaWithError(L, "Wrong size of useGB, got %d , expected 1", (int) size); sscanf(p_gb, "%u", &gb); useGB = ( gb ) ? true : false; - printf("p_gb size %u | %c \n", size, useGB ? 'Y':'N'); + printf("p_gb size %zu | %c \n", size, useGB ? 'Y':'N'); } case 1: { const char *p_pwd = luaL_checklstring(L, 1, &size); From 404e92a0b1808c4119fe36d74c0d93b22ad61884 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Fri, 5 Apr 2019 22:37:41 +0200 Subject: [PATCH 20/27] utf8 Chinese... we might just translate it appropriately... --- common/i2c.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/common/i2c.c b/common/i2c.c index 80fb2690c..ad0f8964c 100644 --- a/common/i2c.c +++ b/common/i2c.c @@ -26,7 +26,7 @@ volatile unsigned long c; -// 直接使用循环来延时,一个循环 6 条指令,48M, Delay=1 大概为 200kbps +// 鐩存帴浣跨敤寰幆鏉ュ欢鏃讹紝涓涓惊鐜 6 鏉℃寚浠わ紝48M锛 Delay=1 澶ф涓 200kbps // timer. // I2CSpinDelayClk(4) = 12.31us // I2CSpinDelayClk(1) = 3.07us @@ -467,8 +467,7 @@ int16_t I2C_BufferRead(uint8_t *data, uint8_t len, uint8_t device_cmd, uint8_t d *data = (uint8_t)tmp & 0xFF; len--; - - // 读取的第一个字节为后续长度 + // 璇诲彇鐨勭涓涓瓧鑺備负鍚庣画闀垮害 // The first byte in response is the message length if (!readcount && (len > *data)) { len = *data; From a738cdcdb2bf59c081c041b1be4ac373bc1dd11d Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Fri, 5 Apr 2019 22:44:50 +0200 Subject: [PATCH 21/27] Detecting weird codepages --- Makefile | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 2ad01ba5f..53bb2d559 100644 --- a/Makefile +++ b/Makefile @@ -56,7 +56,7 @@ recovery/%: FORCE $(MAKE) -C recovery $(patsubst recovery/%,%,$@) FORCE: # Dummy target to force remake in the subdirectories, even if files exist (this Makefile doesn't know about the prerequisites) -.PHONY: all clean help _test bootrom flash-bootrom os flash-os flash-all recovery client mfkey nounce2key style FORCE +.PHONY: all clean help _test bootrom flash-bootrom os flash-os flash-all recovery client mfkey nounce2key style checks FORCE help: @echo "Multi-OS Makefile" @@ -76,6 +76,8 @@ help: @echo "+ mfkey - Make tools/mfkey" @echo "+ nounce2key - Make tools/nounce2key" @echo + @echo "+ style - Apply some automated source code formatting rules" + @echo "+ checks - Detect various encoding issues in source code" @echo "Possible platforms: try \"make PLATFORM=\" for more info, default is PM3RDV4" client: client/all @@ -138,5 +140,10 @@ style: --style=google --pad-oper --unpad-paren --pad-header \ --align-pointer=name {} \; +# Detecting weird codepages. +checks: + find . \( -name "*.[ch]" -or -name "*.cpp" -or -name "*.lua" -or -name "*.py" -or -name "*.pl" -or -name "Makefile" \) \ + -exec sh -c "cat {} |recode utf8.. >/dev/null || echo {}" \; + # Dummy target to test for GNU make availability _test: From 7fa4b86df6868234728c30c3f4511688a8d46104 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Fri, 5 Apr 2019 22:45:42 +0200 Subject: [PATCH 22/27] textual --- Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/Makefile b/Makefile index 53bb2d559..77c205e68 100644 --- a/Makefile +++ b/Makefile @@ -78,6 +78,7 @@ help: @echo @echo "+ style - Apply some automated source code formatting rules" @echo "+ checks - Detect various encoding issues in source code" + @echo @echo "Possible platforms: try \"make PLATFORM=\" for more info, default is PM3RDV4" client: client/all From 9ff5a4e2fa318c63ea0410f866db2fec4fc25903 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Fri, 5 Apr 2019 23:17:16 +0200 Subject: [PATCH 23/27] style --- client/ui.c | 21 ++++++++------------- 1 file changed, 8 insertions(+), 13 deletions(-) diff --git a/client/ui.c b/client/ui.c index d0318dba5..216fbccff 100644 --- a/client/ui.c +++ b/client/ui.c @@ -21,6 +21,8 @@ bool showDemod = true; pthread_mutex_t print_lock = PTHREAD_MUTEX_INITIALIZER; static char *logfilename = "proxmark3.log"; +float complex cexpf(float complex Z); + void PrintAndLogOptions(char *str[][2], size_t size, size_t space) { char buff[2000] = "Options:\n"; char format[2000] = ""; @@ -53,7 +55,6 @@ void PrintAndLogEx(logLevel_t level, char *fmt, ...) { char buffer[MAX_PRINT_BUFFER] = {0}; char buffer2[MAX_PRINT_BUFFER + 20] = {0}; char *token = NULL; - int size = 0; // {NORMAL, SUCCESS, INFO, FAILED, WARNING, ERR, DEBUG} static char *prefixes[7] = { "", "[+] ", "[=] ", "[-] ", "[!] ", "[!!] ", "[#] "}; @@ -101,7 +102,7 @@ void PrintAndLogEx(logLevel_t level, char *fmt, ...) { while (token != NULL) { - size = strlen(buffer2); + size_t size = strlen(buffer2); if (strlen(token)) snprintf(buffer2 + size, sizeof(buffer2) - size, "%s%s\n", prefix, token); @@ -210,13 +211,11 @@ void iceIIR_Butterworth(int *data, const size_t len) { float b[3] = {0.003621681514929, 0.007243363029857, 0.003621681514929}; float a[3] = {1.000000000000000, -1.822694925196308, 0.837181651256023}; - float sample = 0; // input sample read from array - float complex x_prime = 1.0f; // save sample for estimating frequency - float complex x; - for (i = 0; i < adjustedLen; ++i) { - sample = data[i]; + float sample = data[i]; // input sample read from array + float complex x_prime = 1.0f; // save sample for estimating frequency + float complex x; // remove DC offset and mix to complex baseband x = (sample - 127.5f) * cexpf(_Complex_I * 2 * M_PI * fc * i); @@ -251,18 +250,14 @@ void iceSimple_Filter(int *data, const size_t len, uint8_t k) { #define FILTER_SHIFT 4 int32_t filter_reg = 0; - int16_t input, output; int8_t shift = (k <= 8) ? k : FILTER_SHIFT; for (int i = 0; i < len; ++i) { - - input = data[i]; // Update filter with current sample - filter_reg = filter_reg - (filter_reg >> shift) + input; + filter_reg = filter_reg - (filter_reg >> shift) + data[i]; // Scale output for unity gain - output = filter_reg >> shift; - data[i] = output; + data[i] = filter_reg >> shift; } } From 7effdfc2751cc8edee3039e111f93cad62ce1bf4 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Fri, 5 Apr 2019 23:29:19 +0200 Subject: [PATCH 24/27] style --- uart/uart_posix.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/uart/uart_posix.c b/uart/uart_posix.c index 4c9e8b990..fc5eced7f 100644 --- a/uart/uart_posix.c +++ b/uart/uart_posix.c @@ -231,7 +231,6 @@ void uart_close(const serial_port sp) { } bool uart_receive(const serial_port sp, uint8_t *pbtRx, size_t pszMaxRxLen, size_t *pszRxLen) { - int res; int byteCount; fd_set rfds; struct timeval tv; @@ -244,7 +243,7 @@ bool uart_receive(const serial_port sp, uint8_t *pbtRx, size_t pszMaxRxLen, size FD_ZERO(&rfds); FD_SET(((serial_port_unix *)sp)->fd, &rfds); tv = timeout; - res = select(((serial_port_unix *)sp)->fd + 1, &rfds, NULL, NULL, &tv); + int res = select(((serial_port_unix *)sp)->fd + 1, &rfds, NULL, NULL, &tv); // Read error if (res < 0) { @@ -290,7 +289,6 @@ bool uart_receive(const serial_port sp, uint8_t *pbtRx, size_t pszMaxRxLen, size } bool uart_send(const serial_port sp, const uint8_t *pbtTx, const size_t len) { - int32_t res; size_t pos = 0; fd_set rfds; struct timeval tv; @@ -300,7 +298,7 @@ bool uart_send(const serial_port sp, const uint8_t *pbtTx, const size_t len) { FD_ZERO(&rfds); FD_SET(((serial_port_unix *)sp)->fd, &rfds); tv = timeout; - res = select(((serial_port_unix *)sp)->fd + 1, NULL, &rfds, NULL, &tv); + int res = select(((serial_port_unix *)sp)->fd + 1, NULL, &rfds, NULL, &tv); // Write error if (res < 0) { From 366c1ec901a021b1c3ad10428406585aae0e6bf8 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sat, 6 Apr 2019 00:07:48 +0200 Subject: [PATCH 25/27] style --- client/mifare/mifarehost.c | 53 ++++++++++++++------------------------ client/mifare/mifarehost.h | 2 +- tools/nonce2key/crapto1.c | 35 ++++++++++++------------- tools/nonce2key/crypto1.c | 2 +- 4 files changed, 37 insertions(+), 55 deletions(-) diff --git a/client/mifare/mifarehost.c b/client/mifare/mifarehost.c index 905fdcc82..de2ac2cfa 100644 --- a/client/mifare/mifarehost.c +++ b/client/mifare/mifarehost.c @@ -15,8 +15,6 @@ int mfDarkside(uint8_t blockno, uint8_t key_type, uint64_t *key) { uint32_t nt = 0, nr = 0, ar = 0; uint64_t par_list = 0, ks_list = 0; uint64_t *keylist = NULL, *last_keylist = NULL; - uint32_t keycount = 0; - int16_t isOK = 0; UsbCommand c = {CMD_READER_MIFARE, {true, blockno, key_type}}; @@ -49,7 +47,7 @@ int mfDarkside(uint8_t blockno, uint8_t key_type, uint64_t *key) { UsbCommand resp; if (WaitForResponseTimeout(CMD_ACK, &resp, 2000)) { - isOK = resp.arg[0]; + int16_t isOK = resp.arg[0]; if (isOK < 0) return isOK; @@ -69,7 +67,7 @@ int mfDarkside(uint8_t blockno, uint8_t key_type, uint64_t *key) { } c.arg[0] = false; - keycount = nonce2key(uid, nt, nr, ar, par_list, ks_list, &keylist); + uint32_t keycount = nonce2key(uid, nt, nr, ar, par_list, ks_list, &keylist); if (keycount == 0) { PrintAndLogEx(FAILED, "key not found (lfsr_common_prefix list is null). Nt=%08x", nt); @@ -502,14 +500,13 @@ int mfCSetUID(uint8_t *uid, uint8_t *atqa, uint8_t *sak, uint8_t *oldUID, uint8_ int mfCSetBlock(uint8_t blockNo, uint8_t *data, uint8_t *uid, uint8_t params) { - uint8_t isOK = 0; UsbCommand c = {CMD_MIFARE_CSETBLOCK, {params, blockNo, 0}}; memcpy(c.d.asBytes, data, 16); clearCommandBuffer(); SendCommand(&c); UsbCommand resp; if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) { - isOK = resp.arg[0] & 0xff; + uint8_t isOK = resp.arg[0] & 0xff; if (uid != NULL) memcpy(uid, resp.d.asBytes, 4); if (!isOK) @@ -522,13 +519,12 @@ int mfCSetBlock(uint8_t blockNo, uint8_t *data, uint8_t *uid, uint8_t params) { } int mfCGetBlock(uint8_t blockNo, uint8_t *data, uint8_t params) { - uint8_t isOK = 0; UsbCommand c = {CMD_MIFARE_CGETBLOCK, {params, blockNo, 0}}; clearCommandBuffer(); SendCommand(&c); UsbCommand resp; if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) { - isOK = resp.arg[0] & 0xff; + uint8_t isOK = resp.arg[0] & 0xff; if (!isOK) return 2; memcpy(data, resp.d.asBytes, 16); @@ -555,15 +551,8 @@ static uint8_t traceCurKey = 0; struct Crypto1State *traceCrypto1 = NULL; struct Crypto1State *revstate = NULL; -uint64_t key = 0; -uint32_t ks2 = 0; -uint32_t ks3 = 0; uint32_t cuid = 0; // uid part used for crypto1. -uint32_t nt = 0; // tag challenge -uint32_t nr_enc = 0; // encrypted reader challenge -uint32_t ar_enc = 0; // encrypted reader response -uint32_t at_enc = 0; // encrypted tag response int isTraceCardEmpty(void) { return ((traceCard[0] == 0) && (traceCard[1] == 0) && (traceCard[2] == 0) && (traceCard[3] == 0)); @@ -605,18 +594,14 @@ int loadTraceCard(uint8_t *tuid, uint8_t uidlen) { memset(buf, 0, sizeof(buf)); if (fgets(buf, sizeof(buf), f) == NULL) { PrintAndLogEx(FAILED, "No trace file found or reading error."); - if (f) { - fclose(f); - } + fclose(f); return 2; } if (strlen(buf) < 32) { if (feof(f)) break; PrintAndLogEx(FAILED, "File content error. Block data must include 32 HEX symbols"); - if (f) { - fclose(f); - } + fclose(f); return 2; } for (i = 0; i < 32; i += 2) { @@ -628,9 +613,7 @@ int loadTraceCard(uint8_t *tuid, uint8_t uidlen) { blockNum++; } - if (f) { - fclose(f); - } + fclose(f); return 0; } @@ -677,14 +660,11 @@ int mfTraceInit(uint8_t *tuid, uint8_t uidlen, uint8_t *atqa, uint8_t sak, bool } void mf_crypto1_decrypt(struct Crypto1State *pcs, uint8_t *data, int len, bool isEncrypted) { - uint8_t bt = 0; - int i; - if (len != 1) { - for (i = 0; i < len; i++) + for (int i = 0; i < len; i++) data[i] = crypto1_byte(pcs, 0x00, isEncrypted) ^ data[i]; } else { - bt = 0; + uint8_t bt = 0; bt |= (crypto1_bit(pcs, 0, isEncrypted) ^ BIT(data[0], 0)) << 0; bt |= (crypto1_bit(pcs, 0, isEncrypted) ^ BIT(data[0], 1)) << 1; bt |= (crypto1_bit(pcs, 0, isEncrypted) ^ BIT(data[0], 2)) << 2; @@ -694,7 +674,10 @@ void mf_crypto1_decrypt(struct Crypto1State *pcs, uint8_t *data, int len, bool i } int mfTraceDecode(uint8_t *data_src, int len, bool wantSaveToEmlFile) { - + uint32_t nt = 0; // tag challenge + uint32_t nr_enc = 0; // encrypted reader challenge + uint32_t ar_enc = 0; // encrypted reader response + uint32_t at_enc = 0; // encrypted tag response if (traceState == TRACE_ERROR) return 1; @@ -813,11 +796,13 @@ int mfTraceDecode(uint8_t *data_src, int len, bool wantSaveToEmlFile) { case TRACE_AUTH_OK: if (len == 4) { traceState = TRACE_IDLE; + // encrypted tag response at_enc = bytes_to_num(data, 4); // mfkey64 recover key. - ks2 = ar_enc ^ prng_successor(nt, 64); - ks3 = at_enc ^ prng_successor(nt, 96); + uint64_t key = 0; + uint32_t ks2 = ar_enc ^ prng_successor(nt, 64); + uint32_t ks3 = at_enc ^ prng_successor(nt, 96); revstate = lfsr_recovery64(ks2, ks3); lfsr_rollback_word(revstate, 0, 0); lfsr_rollback_word(revstate, 0, 0); @@ -865,8 +850,8 @@ int mfTraceDecode(uint8_t *data_src, int len, bool wantSaveToEmlFile) { int tryDecryptWord(uint32_t nt, uint32_t ar_enc, uint32_t at_enc, uint8_t *data, int len) { PrintAndLogEx(SUCCESS, "\nencrypted data: [%s]", sprint_hex(data, len)); struct Crypto1State *s; - ks2 = ar_enc ^ prng_successor(nt, 64); - ks3 = at_enc ^ prng_successor(nt, 96); + uint32_t ks2 = ar_enc ^ prng_successor(nt, 64); + uint32_t ks3 = at_enc ^ prng_successor(nt, 96); s = lfsr_recovery64(ks2, ks3); mf_crypto1_decrypt(s, data, len, false); PrintAndLogEx(SUCCESS, "decrypted data: [%s]", sprint_hex(data, len)); diff --git a/client/mifare/mifarehost.h b/client/mifare/mifarehost.h index 626d2cd07..7481647ad 100644 --- a/client/mifare/mifarehost.h +++ b/client/mifare/mifarehost.h @@ -70,7 +70,7 @@ typedef struct { extern char logHexFileName[FILE_PATH_SIZE]; extern int mfDarkside(uint8_t blockno, uint8_t key_type, uint64_t *key); -extern int mfnested(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBlockNo, uint8_t trgKeyType, uint8_t *ResultKeys, bool calibrate); +extern int mfnested(uint8_t blockNo, uint8_t keyType, uint8_t *key, uint8_t trgBlockNo, uint8_t trgKeyType, uint8_t *resultKeys, bool calibrate); extern int mfCheckKeys(uint8_t blockNo, uint8_t keyType, bool clear_trace, uint8_t keycnt, uint8_t *keyBlock, uint64_t *key); extern int mfCheckKeys_fast(uint8_t sectorsCnt, uint8_t firstChunk, uint8_t lastChunk, uint8_t strategy, uint32_t size, uint8_t *keyBlock, sector_t *e_sector, bool use_flashmemory); diff --git a/tools/nonce2key/crapto1.c b/tools/nonce2key/crapto1.c index 559e12872..9026a57bb 100644 --- a/tools/nonce2key/crapto1.c +++ b/tools/nonce2key/crapto1.c @@ -77,10 +77,9 @@ static void bucket_sort_intersect(uint32_t *const estart, uint32_t *const estop, // write back intersecting buckets as sorted list. // fill in bucket_info with head and tail of the bucket contents in the list and number of non-empty buckets. - uint32_t nonempty_bucket; for (uint32_t i = 0; i < 2; i++) { p1 = start[i]; - nonempty_bucket = 0; + uint32_t nonempty_bucket = 0; for (uint32_t j = 0x00; j <= 0xff; j++) { if (bucket[0][j].bp != bucket[0][j].head && bucket[1][j].bp != bucket[1][j].head) { // non-empty intersecting buckets only bucket_info->bucket_info[i][nonempty_bucket].head = p1; @@ -146,13 +145,12 @@ static struct Crypto1State * recover(uint32_t *o_head, uint32_t *o_tail, uint32_t oks, uint32_t *e_head, uint32_t *e_tail, uint32_t eks, int rem, struct Crypto1State *sl, uint32_t in, bucket_array_t bucket) { - uint32_t *o, *e; bucket_info_t bucket_info; if (rem == -1) { - for (e = e_head; e <= e_tail; ++e) { - *e = *e << 1 ^ parity(*e & LF_POLY_EVEN) ^ !!(in & 4); - for (o = o_head; o <= o_tail; ++o, ++sl) { + for (uint32_t *e = e_head; e <= e_tail; ++e) { + *e = *e << 1 ^ parity(*e & LF_POLY_EVEN) ^ (!!(in & 4)); + for (uint32_t *o = o_head; o <= o_tail; ++o, ++sl) { sl->even = *o; sl->odd = *e ^ parity(*o & LF_POLY_ODD); sl[1].odd = sl[1].even = 0; @@ -193,12 +191,11 @@ struct Crypto1State *lfsr_recovery32(uint32_t ks2, uint32_t in) { struct Crypto1State *statelist; uint32_t *odd_head = 0, *odd_tail = 0, oks = 0; uint32_t *even_head = 0, *even_tail = 0, eks = 0; - int i; // split the keystream into an odd and even part - for (i = 31; i >= 0; i -= 2) + for (int i = 31; i >= 0; i -= 2) oks = oks << 1 | BEBIT(ks2, i); - for (i = 30; i >= 0; i -= 2) + for (int i = 30; i >= 0; i -= 2) eks = eks << 1 | BEBIT(ks2, i); odd_head = odd_tail = malloc(sizeof(uint32_t) << 21); @@ -225,7 +222,7 @@ struct Crypto1State *lfsr_recovery32(uint32_t ks2, uint32_t in) { } // initialize statelists: add all possible states which would result into the rightmost 2 bits of the keystream - for (i = 1 << 20; i >= 0; --i) { + for (int i = 1 << 20; i >= 0; --i) { if (filter(i) == (oks & 1)) *++odd_tail = i; if (filter(i) == (eks & 1)) @@ -233,7 +230,7 @@ struct Crypto1State *lfsr_recovery32(uint32_t ks2, uint32_t in) { } // extend the statelists. Look at the next 8 Bits of the keystream (4 Bit each odd and even): - for (i = 0; i < 4; i++) { + for (uint8_t i = 0; i < 4; i++) { extend_table_simple(odd_head, &odd_tail, (oks >>= 1) & 1); extend_table_simple(even_head, &even_tail, (eks >>= 1) & 1); } @@ -362,7 +359,7 @@ uint8_t lfsr_rollback_bit(struct Crypto1State *s, uint32_t in, int fb) { out ^= LF_POLY_EVEN & (s->even >>= 1); out ^= LF_POLY_ODD & s->odd; out ^= !!in; - out ^= (ret = filter(s->odd)) & !!fb; + out ^= (ret = filter(s->odd)) & (!!fb); s->even |= parity(out) << 23; return ret; @@ -498,21 +495,21 @@ uint32_t *lfsr_prefix_ks(uint8_t ks[8], int isodd) { * helper function which eliminates possible secret states using parity bits */ static struct Crypto1State *check_pfx_parity(uint32_t prefix, uint32_t rresp, uint8_t parities[8][8], uint32_t odd, uint32_t even, struct Crypto1State *sl) { - uint32_t ks1, nr, ks2, rr, ks3, c, good = 1; + uint32_t good = 1; - for (c = 0; good && c < 8; ++c) { + for (uint32_t c = 0; good && c < 8; ++c) { sl->odd = odd ^ fastfwd[1][c]; sl->even = even ^ fastfwd[0][c]; lfsr_rollback_bit(sl, 0, 0); lfsr_rollback_bit(sl, 0, 0); - ks3 = lfsr_rollback_bit(sl, 0, 0); - ks2 = lfsr_rollback_word(sl, 0, 0); - ks1 = lfsr_rollback_word(sl, prefix | c << 5, 1); + uint32_t ks3 = lfsr_rollback_bit(sl, 0, 0); + uint32_t ks2 = lfsr_rollback_word(sl, 0, 0); + uint32_t ks1 = lfsr_rollback_word(sl, prefix | c << 5, 1); - nr = ks1 ^ (prefix | c << 5); - rr = ks2 ^ rresp; + uint32_t nr = ks1 ^ (prefix | c << 5); + uint32_t rr = ks2 ^ rresp; good &= parity(nr & 0x000000ff) ^ parities[c][3] ^ BIT(ks2, 24); good &= parity(rr & 0xff000000) ^ parities[c][4] ^ BIT(ks2, 16); diff --git a/tools/nonce2key/crypto1.c b/tools/nonce2key/crypto1.c index cdb0ffc14..0c3f97b88 100644 --- a/tools/nonce2key/crypto1.c +++ b/tools/nonce2key/crypto1.c @@ -49,7 +49,7 @@ uint8_t crypto1_bit(struct Crypto1State *s, uint8_t in, int is_encrypted) { uint32_t tmp; uint8_t ret = filter(s->odd); - feedin = ret & !!is_encrypted; + feedin = ret & (!!is_encrypted); feedin ^= !!in; feedin ^= LF_POLY_ODD & s->odd; feedin ^= LF_POLY_EVEN & s->even; From 38f6fd037f7246b6ba5828c1c83a98e8342b912f Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sat, 6 Apr 2019 00:14:07 +0200 Subject: [PATCH 26/27] style --- common/wiegand.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/common/wiegand.c b/common/wiegand.c index 3e90c61b6..cd4fb3eb6 100644 --- a/common/wiegand.c +++ b/common/wiegand.c @@ -72,20 +72,20 @@ size_t removeParity(uint8_t *bits, size_t startIdx, uint8_t pLen, uint8_t pType, // Make sure *dest is long enough to store original sourceLen + #_of_parities_to_be_added /* * @brief addParity -* @param bits pointer to the source bitstream of binary values +* @param src pointer to the source bitstream of binary values * @param dest pointer to the destination where parities together with bits are added. * @param sourceLen number of * @param pLen length bits to be checked * @param pType EVEN|ODD|2 (always 1's)|3 (always 0's) * @return */ -size_t addParity(uint8_t *bits, uint8_t *dest, uint8_t sourceLen, uint8_t pLen, uint8_t pType) { +size_t addParity(uint8_t *src, uint8_t *dest, uint8_t sourceLen, uint8_t pLen, uint8_t pType) { uint32_t parityWd = 0; size_t j = 0, bitCnt = 0; for (int word = 0; word < sourceLen; word += pLen - 1) { for (int bit = 0; bit < pLen - 1; ++bit) { - parityWd = (parityWd << 1) | bits[word + bit]; - dest[j++] = (bits[word + bit]); + parityWd = (parityWd << 1) | src[word + bit]; + dest[j++] = (src[word + bit]); } // if parity fails then return 0 From 682f23440deae5306503de929b5549c116a4d1e6 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Sat, 6 Apr 2019 00:23:01 +0200 Subject: [PATCH 27/27] style --- common/lfdemod.c | 26 +++++++++++++------------- common/lfdemod.h | 2 +- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/common/lfdemod.c b/common/lfdemod.c index a0dea9d9d..17e38caa7 100644 --- a/common/lfdemod.c +++ b/common/lfdemod.c @@ -521,12 +521,12 @@ int DetectStrongAskClock(uint8_t *dest, size_t size, int high, int low, int *clo int foo = getClosestClock(minClk); if (foo > 0) { - for (uint8_t i = 0; i < 10; i++) { - if (tmpclk[i][0] == foo) { - tmpclk[i][1]++; + for (uint8_t j = 0; j < 10; j++) { + if (tmpclk[j][0] == foo) { + tmpclk[j][1]++; - if (tmpclk[i][2] == 0) { - tmpclk[i][2] = shortestWaveIdx; + if (tmpclk[j][2] == 0) { + tmpclk[j][2] = shortestWaveIdx; } break; } @@ -536,18 +536,18 @@ int DetectStrongAskClock(uint8_t *dest, size_t size, int high, int low, int *clo // find the clock with most hits and it the first index it was encountered. int max = 0; - for (uint8_t i = 0; i < 10; i++) { + for (uint8_t j = 0; j < 10; j++) { if (g_debugMode == 2) { prnt("DEBUG, ASK, clocks %u | hits %u | idx %u" - , tmpclk[i][0] - , tmpclk[i][1] - , tmpclk[i][2] + , tmpclk[j][0] + , tmpclk[j][1] + , tmpclk[j][2] ); } - if (max < tmpclk[i][1]) { - *clock = tmpclk[i][0]; - shortestWaveIdx = tmpclk[i][2]; - max = tmpclk[i][1]; + if (max < tmpclk[j][1]) { + *clock = tmpclk[j][0]; + shortestWaveIdx = tmpclk[j][2]; + max = tmpclk[j][1]; } } diff --git a/common/lfdemod.h b/common/lfdemod.h index 6256aa0bc..9a807a02c 100644 --- a/common/lfdemod.h +++ b/common/lfdemod.h @@ -79,7 +79,7 @@ extern size_t removeParity(uint8_t *bits, size_t startIdx, uint8_t pLen, uint8 //tag specific extern int detectAWID(uint8_t *dest, size_t *size, int *waveStartIdx); -extern int Em410xDecode(uint8_t *dest, size_t *size, size_t *startIdx, uint32_t *hi, uint64_t *lo); +extern int Em410xDecode(uint8_t *bits, size_t *size, size_t *start_idx, uint32_t *hi, uint64_t *lo); extern int HIDdemodFSK(uint8_t *dest, size_t *size, uint32_t *hi2, uint32_t *hi, uint32_t *lo, int *waveStartIdx); extern int detectIdteck(uint8_t *dest, size_t *size); extern int detectIOProx(uint8_t *dest, size_t *size, int *waveStartIdx);