From 39fd6b1910daff03811d4a4e5da70068250d8605 Mon Sep 17 00:00:00 2001 From: Philippe Teuwen Date: Fri, 18 Oct 2019 16:58:24 +0200 Subject: [PATCH] coverity: separate crypto1 fcts ARM<>host into create/destroy and init/deinit --- armsrc/Standalone/hf_colin.c | 6 +++--- armsrc/Standalone/hf_mattyrun.c | 4 ++-- armsrc/mifarecmd.c | 18 ++++++++--------- armsrc/mifaresim.c | 6 +++--- armsrc/mifareutil.c | 4 ++-- common/crapto1/crapto1.c | 7 ++++++- common/crapto1/crapto1.h | 12 ++++++----- common/crapto1/crypto1.c | 35 ++++++++++++++++----------------- 8 files changed, 49 insertions(+), 43 deletions(-) diff --git a/armsrc/Standalone/hf_colin.c b/armsrc/Standalone/hf_colin.c index 6a0d9a19d..8efcb1003 100644 --- a/armsrc/Standalone/hf_colin.c +++ b/armsrc/Standalone/hf_colin.c @@ -857,7 +857,7 @@ int e_MifareECardLoad(uint32_t numofsectors, uint8_t keytype) { DbprintfEx(FLAG_NEWLINE, "Halt error"); }; - crypto1_destroy(pcs); + crypto1_deinit(pcs); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); @@ -894,12 +894,12 @@ int cjat91_saMifareChkKeys(uint8_t blockNo, uint8_t keyType, bool clearTrace, ui SpinDelayUs(AUTHENTICATION_TIMEOUT); continue; } - crypto1_destroy(pcs); + crypto1_deinit(pcs); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); *key = ui64Key; return i; } - crypto1_destroy(pcs); + crypto1_deinit(pcs); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); return -1; diff --git a/armsrc/Standalone/hf_mattyrun.c b/armsrc/Standalone/hf_mattyrun.c index bf13a39c0..9fff4a226 100644 --- a/armsrc/Standalone/hf_mattyrun.c +++ b/armsrc/Standalone/hf_mattyrun.c @@ -195,12 +195,12 @@ static int saMifareChkKeys(uint8_t blockNo, uint8_t keyType, bool clearTrace, ui SpinDelayUs(AUTHENTICATION_TIMEOUT); continue; } - crypto1_destroy(pcs); + crypto1_deinit(pcs); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); *key = ui64Key; return i; } - crypto1_destroy(pcs); + crypto1_deinit(pcs); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); return -1; diff --git a/armsrc/mifarecmd.c b/armsrc/mifarecmd.c index b0b7c95ab..f5e3fe961 100644 --- a/armsrc/mifarecmd.c +++ b/armsrc/mifarecmd.c @@ -103,7 +103,7 @@ void MifareReadBlock(uint8_t blockNo, uint8_t keyType, uint8_t *datain) { break; } - crypto1_destroy(pcs); + crypto1_deinit(pcs); if (DBGLEVEL >= 2) DbpString("READ BLOCK FINISHED"); @@ -264,7 +264,7 @@ void MifareReadSector(uint8_t arg0, uint8_t arg1, uint8_t *datain) { if (DBGLEVEL >= 2) DbpString("READ SECTOR FINISHED"); - crypto1_destroy(pcs); + crypto1_deinit(pcs); LED_B_ON(); reply_old(CMD_ACK, isOK, 0, 0, dataoutbuf, 16 * NumBlocksPerSector(sectorNo)); @@ -430,7 +430,7 @@ void MifareWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t *datain) { break; } - crypto1_destroy(pcs); + crypto1_deinit(pcs); if (DBGLEVEL >= 2) DbpString("WRITE BLOCK FINISHED"); @@ -847,7 +847,7 @@ void MifareAcquireEncryptedNonces(uint32_t arg0, uint32_t arg1, uint32_t flags, } LED_C_OFF(); - crypto1_destroy(pcs); + crypto1_deinit(pcs); LED_B_ON(); reply_old(CMD_ACK, isOK, cuid, num_nonces, buf, sizeof(buf)); LED_B_OFF(); @@ -1061,7 +1061,7 @@ void MifareNested(uint8_t blockNo, uint8_t keyType, uint8_t targetBlockNo, uint8 LED_C_OFF(); - crypto1_destroy(pcs); + crypto1_deinit(pcs); struct p { int16_t isOK; @@ -1510,7 +1510,7 @@ void MifareChkKeys_fast(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *da OUT: LEDsoff(); - crypto1_destroy(pcs); + crypto1_deinit(pcs); // All keys found, send to client, or last keychunk from client if (foundkeys == allkeys || lastchunk) { @@ -1660,7 +1660,7 @@ void MifareChkKeys(uint8_t *datain) { LEDsoff(); set_tracing(false); - crypto1_destroy(pcs); + crypto1_deinit(pcs); } //----------------------------------------------------------------------------- @@ -1780,7 +1780,7 @@ int MifareECardLoad(uint8_t numSectors, uint8_t keyType) { if (DBGLEVEL >= DBG_INFO) DbpString("Emulator fill sectors finished"); out: - crypto1_destroy(pcs); + crypto1_deinit(pcs); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); LEDsoff(); set_tracing(false); @@ -2110,7 +2110,7 @@ void MifareSetMod(uint8_t *datain) { break; } - crypto1_destroy(pcs); + crypto1_deinit(pcs); LED_B_ON(); reply_ng(CMD_HF_MIFARE_SETMOD, isOK, NULL, 0); diff --git a/armsrc/mifaresim.c b/armsrc/mifaresim.c index cdd8b556d..b055be6c7 100644 --- a/armsrc/mifaresim.c +++ b/armsrc/mifaresim.c @@ -571,7 +571,7 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1 EmSendPrecompiledCmd(&responses[ATQA]); // init crypto block - crypto1_destroy(pcs); + crypto1_deinit(pcs); cardAUTHKEY = AUTHKEYNONE; nonce = prng_successor(selTimer, 32); // prepare NT for nested authentication @@ -743,10 +743,10 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1 if (DBGLEVEL >= DBG_EXTENDED) Dbprintf("[MFEMUL_WORK] KEY %c: %012" PRIx64, (cardAUTHKEY == 0) ? 'A' : 'B', emlGetKey(cardAUTHSC, cardAUTHKEY)); // first authentication - crypto1_destroy(pcs); + crypto1_deinit(pcs); // Load key into crypto - crypto1_create(pcs, emlGetKey(cardAUTHSC, cardAUTHKEY)); + crypto1_init(pcs, emlGetKey(cardAUTHSC, cardAUTHKEY)); if (!encrypted_data) { // Receive Cmd in clear txt diff --git a/armsrc/mifareutil.c b/armsrc/mifareutil.c index ca112f1f8..e36199bac 100644 --- a/armsrc/mifareutil.c +++ b/armsrc/mifareutil.c @@ -149,10 +149,10 @@ int mifare_classic_authex(struct Crypto1State *pcs, uint32_t uid, uint8_t blockN // ----------------------------- crypto1 create if (isNested) - crypto1_destroy(pcs); + crypto1_deinit(pcs); // Init cipher with key - crypto1_create(pcs, ui64Key); + crypto1_init(pcs, ui64Key); if (isNested == AUTH_NESTED) { // decrypt nt with help of new key diff --git a/common/crapto1/crapto1.c b/common/crapto1/crapto1.c index 66af2f41c..43e45c3db 100644 --- a/common/crapto1/crapto1.c +++ b/common/crapto1/crapto1.c @@ -124,6 +124,9 @@ recover(uint32_t *o_head, uint32_t *o_tail, uint32_t oks, return sl; } + + +#if !defined(__arm__) || defined(__linux__) || defined(_WIN32) || defined(__APPLE__) // bare metal ARM Proxmark lacks malloc()/free() /** lfsr_recovery * recover the state of the lfsr given 32 bits of the keystream * additionally you can use the in parameter to specify the value @@ -286,6 +289,7 @@ continue2: } return statelist; } +#endif /** lfsr_rollback_bit * Rollback the shift register in order to get previous states @@ -465,7 +469,7 @@ static struct Crypto1State *check_pfx_parity(uint32_t prefix, uint32_t rresp, ui return sl + good; } - +#if !defined(__arm__) || defined(__linux__) || defined(_WIN32) || defined(__APPLE__) // bare metal ARM Proxmark lacks malloc()/free() /** lfsr_common_prefix * Implentation of the common prefix attack. * Requires the 28 bit constant prefix used as reader nonce (pfx) @@ -504,3 +508,4 @@ out: free(even); return statelist; } +#endif diff --git a/common/crapto1/crapto1.h b/common/crapto1/crapto1.h index ab061e2e7..7fa16539e 100644 --- a/common/crapto1/crapto1.h +++ b/common/crapto1/crapto1.h @@ -25,23 +25,25 @@ #include struct Crypto1State {uint32_t odd, even;}; -#if defined(__arm__) && !defined(__linux__) && !defined(_WIN32) && !defined(__APPLE__) // bare metal ARM Proxmark lacks malloc()/free() -void crypto1_create(struct Crypto1State *s, uint64_t key); -#else +void crypto1_init(struct Crypto1State *s, uint64_t key); +void crypto1_deinit(struct Crypto1State *); +#if !defined(__arm__) || defined(__linux__) || defined(_WIN32) || defined(__APPLE__) // bare metal ARM Proxmark lacks malloc()/free() struct Crypto1State *crypto1_create(uint64_t key); -#endif void crypto1_destroy(struct Crypto1State *); +#endif void crypto1_get_lfsr(struct Crypto1State *, uint64_t *); uint8_t crypto1_bit(struct Crypto1State *, uint8_t, int); uint8_t crypto1_byte(struct Crypto1State *, uint8_t, int); uint32_t crypto1_word(struct Crypto1State *, uint32_t, int); uint32_t prng_successor(uint32_t x, uint32_t n); +#if !defined(__arm__) || defined(__linux__) || defined(_WIN32) || defined(__APPLE__) // bare metal ARM Proxmark lacks malloc()/free() struct Crypto1State *lfsr_recovery32(uint32_t ks2, uint32_t in); struct Crypto1State *lfsr_recovery64(uint32_t ks2, uint32_t ks3); -uint32_t *lfsr_prefix_ks(uint8_t ks[8], int isodd); struct Crypto1State * lfsr_common_prefix(uint32_t pfx, uint32_t rr, uint8_t ks[8], uint8_t par[8][8], uint32_t no_par); +#endif +uint32_t *lfsr_prefix_ks(uint8_t ks[8], int isodd); uint8_t lfsr_rollback_bit(struct Crypto1State *s, uint32_t in, int fb); diff --git a/common/crapto1/crypto1.c b/common/crapto1/crypto1.c index 9df30b356..bb501cd58 100644 --- a/common/crapto1/crypto1.c +++ b/common/crapto1/crypto1.c @@ -25,38 +25,37 @@ #define SWAPENDIAN(x)\ (x = (x >> 8 & 0xff00ff) | (x & 0xff00ff) << 8, x = x >> 16 | x << 16) -#if defined(__arm__) && !defined(__linux__) && !defined(_WIN32) && !defined(__APPLE__) // bare metal ARM Proxmark lacks malloc()/free() -void crypto1_create(struct Crypto1State *s, uint64_t key) { +void crypto1_init(struct Crypto1State *state, uint64_t key) { + state->odd = 0; + state->even = 0; + int i; - for (i = 47; s && i > 0; i -= 2) { - s->odd = s->odd << 1 | BIT(key, (i - 1) ^ 7); - s->even = s->even << 1 | BIT(key, i ^ 7); + for (i = 47; state && i > 0; i -= 2) { + state->odd = state->odd << 1 | BIT(key, (i - 1) ^ 7); + state->even = state->even << 1 | BIT(key, i ^ 7); } return; } -void crypto1_destroy(struct Crypto1State *state) { + +void crypto1_deinit(struct Crypto1State *state) { state->odd = 0; state->even = 0; } -#else + +#if !defined(__arm__) || defined(__linux__) || defined(_WIN32) || defined(__APPLE__) // bare metal ARM Proxmark lacks malloc()/free() struct Crypto1State *crypto1_create(uint64_t key) { - struct Crypto1State *s = malloc(sizeof(*s)); - if (!s) return NULL; - - s->odd = s->even = 0; - - int i; - for (i = 47; i > 0; i -= 2) { - s->odd = s->odd << 1 | BIT(key, (i - 1) ^ 7); - s->even = s->even << 1 | BIT(key, i ^ 7); - } - return s; + struct Crypto1State *state = malloc(sizeof(*state)); + if (!state) return NULL; + crypto1_init(state, key); + return state; } + void crypto1_destroy(struct Crypto1State *state) { free(state); } #endif + void crypto1_get_lfsr(struct Crypto1State *state, uint64_t *lfsr) { int i; for (*lfsr = 0, i = 23; i >= 0; --i) {