diff --git a/armsrc/desfire_crypto.c b/armsrc/desfire_crypto.c index 6bfc19416..a99a9a547 100644 --- a/armsrc/desfire_crypto.c +++ b/armsrc/desfire_crypto.c @@ -119,55 +119,24 @@ void tdes_nxp_send(const void *in, void *out, size_t length, const void *key, un } } -void aes128_nxp_receive(const void *in, void *out, size_t length, const void *key, unsigned char iv[8]) { +void aes128_nxp_receive(const void *in, void *out, size_t length, const void *key, unsigned char iv[16]) { if (length % 8) return; + uint8_t *tin = (uint8_t *) in; + uint8_t *tout = (uint8_t *) out; + mbedtls_aes_setkey_dec(&actx, key, 128); - - uint8_t i; - unsigned char temp[8]; - uint8_t *tin = (uint8_t *) in; - uint8_t *tout = (uint8_t *) out; - - while (length > 0) { - memcpy(temp, tin, 8); - - mbedtls_aes_crypt_ecb(&actx, MBEDTLS_AES_DECRYPT, tin, tout); - - for (i = 0; i < 8; i++) { - tout[i] = (unsigned char)(tout[i] ^ iv[i]); - } - - memcpy(iv, temp, 8); - - tin += 8; - tout += 8; - length -= 8; - } + mbedtls_aes_crypt_cbc(&actx, MBEDTLS_AES_DECRYPT, length, iv, tin, tout); } -void aes128_nxp_send(const void *in, void *out, size_t length, const void *key, unsigned char iv[8]) { +void aes128_nxp_send(const void *in, void *out, size_t length, const void *key, unsigned char iv[16]) { if (length % 8) return; - mbedtls_aes_setkey_enc(&actx, key, 128); - - uint8_t i; uint8_t *tin = (uint8_t *) in; uint8_t *tout = (uint8_t *) out; - while (length > 0) { - for (i = 0; i < 8; i++) { - tin[i] = (unsigned char)(tin[i] ^ iv[i]); - } - - mbedtls_aes_crypt_ecb(&actx, MBEDTLS_AES_ENCRYPT, tin, tout); - - memcpy(iv, tout, 8); - - tin += 8; - tout += 8; - length -= 8; - } + mbedtls_aes_setkey_enc(&actx, key, 128); + mbedtls_aes_crypt_cbc(&actx, MBEDTLS_AES_ENCRYPT, length, iv, tin, tout); } void Desfire_des_key_new(const uint8_t value[8], desfirekey_t key) { diff --git a/armsrc/mifareutil.c b/armsrc/mifareutil.c index e6569d12a..795e3ad36 100644 --- a/armsrc/mifareutil.c +++ b/armsrc/mifareutil.c @@ -381,17 +381,17 @@ int mifare_ultra_auth(uint8_t *keybytes) { int mifare_ultra_aes_auth(uint8_t keyno, uint8_t *keybytes) { /// aes-128 - uint8_t random_a[16] = {1, 1, 1, 1, 1, 1, 1, 1}; - uint8_t random_b[16] = {0x00}; - uint8_t enc_random_b[16] = {0x00}; - uint8_t rnd_ab[32] = {0x00}; - uint8_t IV[16] = {0x00}; - uint8_t key[16] = {0x00}; + uint8_t random_a[16] = {1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1}; + uint8_t random_b[16] = { 0 }; + uint8_t enc_random_b[16] = { 0 }; + uint8_t rnd_ab[32] = { 0 }; + uint8_t IV[16] = { 0 }; + uint8_t key[16] = { 0 }; memcpy(key, keybytes, sizeof(key)); uint16_t len = 0; uint8_t resp[19] = {0x00}; - uint8_t respPar[5] = {0, 0, 0}; + uint8_t respPar[5] = {0}; // REQUEST AUTHENTICATION len = mifare_sendcmd_short(NULL, CRYPT_NONE, MIFARE_ULAES_AUTH_1, keyno, resp, respPar, NULL); @@ -414,7 +414,7 @@ int mifare_ultra_aes_auth(uint8_t keyno, uint8_t *keybytes) { Dbprintf("enc_B:"); Dbhexdump(16, enc_random_b, false); - Dbprintf(" B:"); + Dbprintf("B:"); Dbhexdump(16, random_b, false); Dbprintf("rnd_ab:"); @@ -430,12 +430,13 @@ int mifare_ultra_aes_auth(uint8_t keyno, uint8_t *keybytes) { return 0; } - uint8_t enc_resp[16] = { 0, 0, 0, 0, 0, 0, 0, 0 }; - uint8_t resp_random_a[16] = { 0, 0, 0, 0, 0, 0, 0, 0 }; + uint8_t enc_resp[16] = { 0 }; + uint8_t resp_random_a[16] = { 0 }; memcpy(enc_resp, resp + 1, 16); // decrypt out, in, length, key, iv aes128_nxp_receive(enc_resp, resp_random_a, 16, key, enc_random_b); + if (memcmp(resp_random_a, random_a, 16) != 0) { if (g_dbglevel >= DBG_ERROR) Dbprintf("failed authentication"); return 0; @@ -446,10 +447,10 @@ int mifare_ultra_aes_auth(uint8_t keyno, uint8_t *keybytes) { Dbprintf("e_AB:"); Dbhexdump(32, rnd_ab, false); - Dbprintf(" a:"); + Dbprintf("A:"); Dbhexdump(16, random_a, false); - Dbprintf(" b:"); + Dbprintf("B:"); Dbhexdump(16, resp_random_a, false); } return 1;