mirror of
https://github.com/RfidResearchGroup/proxmark3.git
synced 2025-08-20 21:33:47 -07:00
use CBC ...
This commit is contained in:
iceman1001
parent
e9891085c9
commit
3a76523276
2 changed files with 21 additions and 51 deletions
|
|
@ -119,55 +119,24 @@ void tdes_nxp_send(const void *in, void *out, size_t length, const void *key, un
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
void aes128_nxp_receive(const void *in, void *out, size_t length, const void *key, unsigned char iv[8]) {
|
void aes128_nxp_receive(const void *in, void *out, size_t length, const void *key, unsigned char iv[16]) {
|
||||||
if (length % 8) return;
|
if (length % 8) return;
|
||||||
|
|
||||||
|
uint8_t *tin = (uint8_t *) in;
|
||||||
|
uint8_t *tout = (uint8_t *) out;
|
||||||
|
|
||||||
mbedtls_aes_setkey_dec(&actx, key, 128);
|
mbedtls_aes_setkey_dec(&actx, key, 128);
|
||||||
|
mbedtls_aes_crypt_cbc(&actx, MBEDTLS_AES_DECRYPT, length, iv, tin, tout);
|
||||||
uint8_t i;
|
|
||||||
unsigned char temp[8];
|
|
||||||
uint8_t *tin = (uint8_t *) in;
|
|
||||||
uint8_t *tout = (uint8_t *) out;
|
|
||||||
|
|
||||||
while (length > 0) {
|
|
||||||
memcpy(temp, tin, 8);
|
|
||||||
|
|
||||||
mbedtls_aes_crypt_ecb(&actx, MBEDTLS_AES_DECRYPT, tin, tout);
|
|
||||||
|
|
||||||
for (i = 0; i < 8; i++) {
|
|
||||||
tout[i] = (unsigned char)(tout[i] ^ iv[i]);
|
|
||||||
}
|
|
||||||
|
|
||||||
memcpy(iv, temp, 8);
|
|
||||||
|
|
||||||
tin += 8;
|
|
||||||
tout += 8;
|
|
||||||
length -= 8;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
void aes128_nxp_send(const void *in, void *out, size_t length, const void *key, unsigned char iv[8]) {
|
void aes128_nxp_send(const void *in, void *out, size_t length, const void *key, unsigned char iv[16]) {
|
||||||
if (length % 8) return;
|
if (length % 8) return;
|
||||||
|
|
||||||
mbedtls_aes_setkey_enc(&actx, key, 128);
|
|
||||||
|
|
||||||
uint8_t i;
|
|
||||||
uint8_t *tin = (uint8_t *) in;
|
uint8_t *tin = (uint8_t *) in;
|
||||||
uint8_t *tout = (uint8_t *) out;
|
uint8_t *tout = (uint8_t *) out;
|
||||||
|
|
||||||
while (length > 0) {
|
mbedtls_aes_setkey_enc(&actx, key, 128);
|
||||||
for (i = 0; i < 8; i++) {
|
mbedtls_aes_crypt_cbc(&actx, MBEDTLS_AES_ENCRYPT, length, iv, tin, tout);
|
||||||
tin[i] = (unsigned char)(tin[i] ^ iv[i]);
|
|
||||||
}
|
|
||||||
|
|
||||||
mbedtls_aes_crypt_ecb(&actx, MBEDTLS_AES_ENCRYPT, tin, tout);
|
|
||||||
|
|
||||||
memcpy(iv, tout, 8);
|
|
||||||
|
|
||||||
tin += 8;
|
|
||||||
tout += 8;
|
|
||||||
length -= 8;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
void Desfire_des_key_new(const uint8_t value[8], desfirekey_t key) {
|
void Desfire_des_key_new(const uint8_t value[8], desfirekey_t key) {
|
||||||
|
|
|
||||||
|
|
@ -381,17 +381,17 @@ int mifare_ultra_auth(uint8_t *keybytes) {
|
||||||
int mifare_ultra_aes_auth(uint8_t keyno, uint8_t *keybytes) {
|
int mifare_ultra_aes_auth(uint8_t keyno, uint8_t *keybytes) {
|
||||||
|
|
||||||
/// aes-128
|
/// aes-128
|
||||||
uint8_t random_a[16] = {1, 1, 1, 1, 1, 1, 1, 1};
|
uint8_t random_a[16] = {1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1};
|
||||||
uint8_t random_b[16] = {0x00};
|
uint8_t random_b[16] = { 0 };
|
||||||
uint8_t enc_random_b[16] = {0x00};
|
uint8_t enc_random_b[16] = { 0 };
|
||||||
uint8_t rnd_ab[32] = {0x00};
|
uint8_t rnd_ab[32] = { 0 };
|
||||||
uint8_t IV[16] = {0x00};
|
uint8_t IV[16] = { 0 };
|
||||||
uint8_t key[16] = {0x00};
|
uint8_t key[16] = { 0 };
|
||||||
memcpy(key, keybytes, sizeof(key));
|
memcpy(key, keybytes, sizeof(key));
|
||||||
|
|
||||||
uint16_t len = 0;
|
uint16_t len = 0;
|
||||||
uint8_t resp[19] = {0x00};
|
uint8_t resp[19] = {0x00};
|
||||||
uint8_t respPar[5] = {0, 0, 0};
|
uint8_t respPar[5] = {0};
|
||||||
|
|
||||||
// REQUEST AUTHENTICATION
|
// REQUEST AUTHENTICATION
|
||||||
len = mifare_sendcmd_short(NULL, CRYPT_NONE, MIFARE_ULAES_AUTH_1, keyno, resp, respPar, NULL);
|
len = mifare_sendcmd_short(NULL, CRYPT_NONE, MIFARE_ULAES_AUTH_1, keyno, resp, respPar, NULL);
|
||||||
|
|
@ -414,7 +414,7 @@ int mifare_ultra_aes_auth(uint8_t keyno, uint8_t *keybytes) {
|
||||||
Dbprintf("enc_B:");
|
Dbprintf("enc_B:");
|
||||||
Dbhexdump(16, enc_random_b, false);
|
Dbhexdump(16, enc_random_b, false);
|
||||||
|
|
||||||
Dbprintf(" B:");
|
Dbprintf("B:");
|
||||||
Dbhexdump(16, random_b, false);
|
Dbhexdump(16, random_b, false);
|
||||||
|
|
||||||
Dbprintf("rnd_ab:");
|
Dbprintf("rnd_ab:");
|
||||||
|
|
@ -430,12 +430,13 @@ int mifare_ultra_aes_auth(uint8_t keyno, uint8_t *keybytes) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
uint8_t enc_resp[16] = { 0, 0, 0, 0, 0, 0, 0, 0 };
|
uint8_t enc_resp[16] = { 0 };
|
||||||
uint8_t resp_random_a[16] = { 0, 0, 0, 0, 0, 0, 0, 0 };
|
uint8_t resp_random_a[16] = { 0 };
|
||||||
memcpy(enc_resp, resp + 1, 16);
|
memcpy(enc_resp, resp + 1, 16);
|
||||||
|
|
||||||
// decrypt out, in, length, key, iv
|
// decrypt out, in, length, key, iv
|
||||||
aes128_nxp_receive(enc_resp, resp_random_a, 16, key, enc_random_b);
|
aes128_nxp_receive(enc_resp, resp_random_a, 16, key, enc_random_b);
|
||||||
|
|
||||||
if (memcmp(resp_random_a, random_a, 16) != 0) {
|
if (memcmp(resp_random_a, random_a, 16) != 0) {
|
||||||
if (g_dbglevel >= DBG_ERROR) Dbprintf("failed authentication");
|
if (g_dbglevel >= DBG_ERROR) Dbprintf("failed authentication");
|
||||||
return 0;
|
return 0;
|
||||||
|
|
@ -446,10 +447,10 @@ int mifare_ultra_aes_auth(uint8_t keyno, uint8_t *keybytes) {
|
||||||
Dbprintf("e_AB:");
|
Dbprintf("e_AB:");
|
||||||
Dbhexdump(32, rnd_ab, false);
|
Dbhexdump(32, rnd_ab, false);
|
||||||
|
|
||||||
Dbprintf(" a:");
|
Dbprintf("A:");
|
||||||
Dbhexdump(16, random_a, false);
|
Dbhexdump(16, random_a, false);
|
||||||
|
|
||||||
Dbprintf(" b:");
|
Dbprintf("B:");
|
||||||
Dbhexdump(16, resp_random_a, false);
|
Dbhexdump(16, resp_random_a, false);
|
||||||
}
|
}
|
||||||
return 1;
|
return 1;
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue