github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-25 23:55:25 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

auth refactoring

Browse source
This commit is contained in:
merlokk 2021-05-29 21:46:22 +03:00
commit 54e7713a9a
3 changed files with 66 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

55
client/src/cipurse/cipursecore.c
View file

@ -99,3 +99,58 @@ int CIPURSEChallenge(uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, ui
int CIPURSEMutalAuthenticate(uint8_t keyIndex, uint8_t *params, uint8_t paramslen, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw) { int CIPURSEMutalAuthenticate(uint8_t keyIndex, uint8_t *params, uint8_t paramslen, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw) {
return CIPURSEExchangeEx(false, true, (sAPDU) {0x00, 0x82, 0x00, keyIndex, paramslen, params}, true, 0x10, Result, MaxResultLen, ResultLen, sw); return CIPURSEExchangeEx(false, true, (sAPDU) {0x00, 0x82, 0x00, keyIndex, paramslen, params}, true, 0x10, Result, MaxResultLen, ResultLen, sw);
} }
bool CIPURSEChannelAuthenticate(uint8_t keyIndex, uint8_t *key, bool verbose) {
uint8_t buf[APDU_RES_LEN] = {0};
size_t len = 0;
uint16_t sw = 0;
CipurseContext cpc = {0};
CipurseCSetKey(&cpc, keyIndex, key);
// get RP, rP
int res = CIPURSEChallenge(buf, sizeof(buf), &len, &sw);
if (res != 0 || len != 0x16) {
if (verbose)
PrintAndLogEx(ERR, "Cipurse get challenge " _RED_("error") ". Card returns 0x%04x.", sw);
return false;
}
CipurseCSetRandomFromPICC(&cpc, buf);
// make auth data
uint8_t authparams[16 + 16 + 6] = {0};
CipurseCAuthenticateHost(&cpc, authparams);
// authenticate
res = CIPURSEMutalAuthenticate(keyIndex, authparams, sizeof(authparams), buf, sizeof(buf), &len, &sw);
if (res != 0 || sw != 0x9000 || len != 16) {
if (sw == 0x6988) {
if (verbose)
PrintAndLogEx(ERR, "Cipurse authentication " _RED_("error") ". Wrong key.");
} else if ((sw == 0x6A88)) {
if (verbose)
PrintAndLogEx(ERR, "Cipurse authentication " _RED_("error") ". Wrong key number.");
} else {
if (verbose)
PrintAndLogEx(ERR, "Cipurse authentication " _RED_("error") ". Card returns 0x%04x.", sw);
}
CipurseCClearContext(&cipurseContext);
return false;
}
if (CipurseCCheckCT(&cpc, buf)) {
if (verbose)
PrintAndLogEx(INFO, "Authentication " _GREEN_("OK"));
memcpy(&cipurseContext, &cpc, sizeof(CipurseContext));
return true;
} else {
if (verbose)
PrintAndLogEx(ERR, "Authentication " _RED_("ERROR") " card returned wrong CT");
CipurseCClearContext(&cipurseContext);
return false;
}
}

2
client/src/cipurse/cipursecore.h
View file

@ -31,4 +31,6 @@ int CIPURSEReadFileAttributes(uint8_t *data, uint16_t *datalen);
int CIPURSEReadBinary(uint16_t offset, uint8_t *data, uint16_t *datalen); int CIPURSEReadBinary(uint16_t offset, uint8_t *data, uint16_t *datalen);
int CIPURSEUpdateBinary(uint16_t offset, uint8_t *data, uint16_t datalen); int CIPURSEUpdateBinary(uint16_t offset, uint8_t *data, uint16_t datalen);
bool CIPURSEChannelAuthenticate(uint8_t keyIndex, uint8_t *key, bool verbose);
#endif /* __CIPURSECORE_H__ */ #endif /* __CIPURSECORE_H__ */

37
client/src/cmdhfcipurse.c
View file

@ -130,47 +130,22 @@ static int CmdHFCipurseAuth(const char *Cmd) {
return PM3_ESOFT; return PM3_ESOFT;
} }
CipurseContext cpc = {0};
CipurseCSetKey(&cpc, keyId, key);
uint8_t kvv[CIPURSE_KVV_LENGTH] = {0}; uint8_t kvv[CIPURSE_KVV_LENGTH] = {0};
CipurseCGetKVV(key, kvv); CipurseCGetKVV(key, kvv);
if (verbose) if (verbose)
PrintAndLogEx(INFO, "Key id: %d key: %s KVV: %s", keyId, sprint_hex(key, CIPURSE_AES_KEY_LENGTH), sprint_hex_inrow(kvv, CIPURSE_KVV_LENGTH)); PrintAndLogEx(INFO, "Key id: %d key: %s KVV: %s", keyId, sprint_hex(key, CIPURSE_AES_KEY_LENGTH), sprint_hex_inrow(kvv, CIPURSE_KVV_LENGTH));
// get RP, rP bool bres = CIPURSEChannelAuthenticate(keyId, key, verbose);
res = CIPURSEChallenge(buf, sizeof(buf), &len, &sw);
if (res != 0 || len != 0x16) {
PrintAndLogEx(ERR, "Cipurse get challenge " _RED_("error") ". Card returns 0x%04x.", sw);
DropField();
return PM3_ESOFT;
}
CipurseCSetRandomFromPICC(&cpc, buf);
// make auth data if (verbose == false) {
uint8_t authparams[16 + 16 + 6] = {0}; if (bres)
CipurseCAuthenticateHost(&cpc, authparams);
// authenticate
res = CIPURSEMutalAuthenticate(keyId, authparams, sizeof(authparams), buf, sizeof(buf), &len, &sw);
if (res != 0 || sw != 0x9000 || len != 16) {
if (sw == 0x6988)
PrintAndLogEx(ERR, "Cipurse authentication " _RED_("error") ". Wrong key.");
else if ((sw == 0x6A88))
PrintAndLogEx(ERR, "Cipurse authentication " _RED_("error") ". Wrong key number.");
else PrintAndLogEx(ERR, "Cipurse authentication " _RED_("error") ". Card returns 0x%04x.", sw);
DropField();
return PM3_ESOFT;
}
if (CipurseCCheckCT(&cpc, buf))
PrintAndLogEx(INFO, "Authentication " _GREEN_("OK")); PrintAndLogEx(INFO, "Authentication " _GREEN_("OK"));
else else
PrintAndLogEx(ERR, "Authentication " _RED_("ERROR") " card returned wrong CT"); PrintAndLogEx(ERR, "Authentication " _RED_("ERROR"));
}
DropField(); DropField();
return PM3_SUCCESS; return bres ? PM3_SUCCESS : PM3_ESOFT;
} }