From 6c1ebc339894b4ef318fcceb8512b8d69a2399f8 Mon Sep 17 00:00:00 2001 From: iceman1001 Date: Wed, 24 Jan 2024 23:41:48 +0100 Subject: [PATCH] cleaning up redundant functions. the extra checks in bigbuff might affect simulation --- armsrc/BigBuf.c | 14 +++++----- armsrc/BigBuf.h | 4 +-- armsrc/iso14443a.c | 18 ++++++------- armsrc/mifaresim.c | 20 +++++++------- armsrc/mifareutil.c | 64 ++++++++++++++++++++------------------------- armsrc/mifareutil.h | 5 ++-- 6 files changed, 59 insertions(+), 66 deletions(-) diff --git a/armsrc/BigBuf.c b/armsrc/BigBuf.c index 1dd9e13d3..dc4bda955 100644 --- a/armsrc/BigBuf.c +++ b/armsrc/BigBuf.c @@ -315,27 +315,29 @@ bool RAMFUNC LogTraceBits(const uint8_t *btBytes, uint16_t bitLen, uint32_t time } // Emulator memory -uint8_t emlSet(const uint8_t *data, uint32_t offset, uint32_t length) { +int emlSet(const uint8_t *data, uint32_t offset, uint32_t length) { uint8_t *mem = BigBuf_get_EM_addr(); if (offset + length <= CARD_MEMORY_SIZE) { memcpy(mem + offset, data, length); - return 0; + return PM3_SUCCESS; } Dbprintf("Error, trying to set memory outside of bounds! " _RED_("%d") " > %d", (offset + length), CARD_MEMORY_SIZE); - return 1; + return PM3_EOUTOFBOUND; } -uint8_t emlGet(uint8_t *out, uint32_t offset, uint32_t length) { + +int emlGet(uint8_t *out, uint32_t offset, uint32_t length) { uint8_t *mem = BigBuf_get_EM_addr(); if (offset + length <= CARD_MEMORY_SIZE) { memcpy(out, mem + offset, length); - return 0; + return PM3_SUCCESS; } Dbprintf("Error, trying to read memory outside of bounds! " _RED_("%d") " > %d", (offset + length), CARD_MEMORY_SIZE); - return 1; + return PM3_EOUTOFBOUND; } + // get the address of the ToSend buffer. Allocate part of Bigbuf for it, if not yet done tosend_t *get_tosend(void) { diff --git a/armsrc/BigBuf.h b/armsrc/BigBuf.h index eda9d4817..f73af3818 100644 --- a/armsrc/BigBuf.h +++ b/armsrc/BigBuf.h @@ -58,8 +58,8 @@ bool RAMFUNC LogTrace(const uint8_t *btBytes, uint16_t iLen, uint32_t timestamp_ bool RAMFUNC LogTraceBits(const uint8_t *btBytes, uint16_t bitLen, uint32_t timestamp_start, uint32_t timestamp_end, bool reader2tag); bool LogTrace_ISO15693(const uint8_t *bytes, uint16_t len, uint32_t ts_start, uint32_t ts_end, const uint8_t *parity, bool reader2tag); -uint8_t emlSet(const uint8_t *data, uint32_t offset, uint32_t length); -uint8_t emlGet(uint8_t *out, uint32_t offset, uint32_t length); +int emlSet(const uint8_t *data, uint32_t offset, uint32_t length); +int emlGet(uint8_t *out, uint32_t offset, uint32_t length); typedef struct { int max; diff --git a/armsrc/iso14443a.c b/armsrc/iso14443a.c index c06e2af48..f1980723a 100644 --- a/armsrc/iso14443a.c +++ b/armsrc/iso14443a.c @@ -1190,12 +1190,12 @@ bool SimulateIso14443aInit(uint8_t tagType, uint16_t flags, uint8_t *data, tag_r if (tagType == 2 || tagType == 7) { uint16_t start = MFU_DUMP_PREFIX_LENGTH; uint8_t emdata[8]; - emlGetMemBt(emdata, start, sizeof(emdata)); + emlGet(emdata, start, sizeof(emdata)); memcpy(data, emdata, 3); // uid bytes 0-2 memcpy(data + 3, emdata + 4, 4); // uid bytes 3-7 flags |= FLAG_7B_UID_IN_DATA; } else { - emlGetMemBt(data, 0, 4); + emlGet(data, 0, 4); flags |= FLAG_4B_UID_IN_DATA; } } @@ -1285,8 +1285,8 @@ bool SimulateIso14443aInit(uint8_t tagType, uint16_t flags, uint8_t *data, tag_r if (tagType == 7) { uint8_t pwd[4] = {0, 0, 0, 0}; uint8_t gen_pwd[4] = {0, 0, 0, 0}; - emlGetMemBt(pwd, (*pages - 1) * 4 + MFU_DUMP_PREFIX_LENGTH, sizeof(pwd)); - emlGetMemBt(rPACK, (*pages) * 4 + MFU_DUMP_PREFIX_LENGTH, sizeof(rPACK)); + emlGet(pwd, (*pages - 1) * 4 + MFU_DUMP_PREFIX_LENGTH, sizeof(pwd)); + emlGet(rPACK, (*pages) * 4 + MFU_DUMP_PREFIX_LENGTH, sizeof(rPACK)); Uint4byteToMemBe(gen_pwd, ul_ev1_pwdgenB(data)); if (memcmp(pwd, gen_pwd, sizeof(pwd)) == 0) { @@ -1569,7 +1569,7 @@ void SimulateIso14443aTag(uint8_t tagType, uint16_t flags, uint8_t *data, uint8_ // first blocks of emu are header uint16_t start = block * 4 + MFU_DUMP_PREFIX_LENGTH; uint8_t emdata[MAX_MIFARE_FRAME_SIZE]; - emlGetMemBt(emdata, start, 16); + emlGet(emdata, start, 16); AddCrc14A(emdata, 16); EmSendCmd(emdata, sizeof(emdata)); numReads++; // Increment number of times reader requested a block @@ -1588,7 +1588,7 @@ void SimulateIso14443aTag(uint8_t tagType, uint16_t flags, uint8_t *data, uint8_ p_response = &responses[RESP_INDEX_UIDC1]; } else { // all other tags (16 byte block tags) uint8_t emdata[MAX_MIFARE_FRAME_SIZE] = {0}; - emlGetMemBt(emdata, block, 16); + emlGet(emdata, block, 16); AddCrc14A(emdata, 16); EmSendCmd(emdata, sizeof(emdata)); // We already responded, do not send anything with the EmSendCmd14443aRaw() that is called below @@ -1605,7 +1605,7 @@ void SimulateIso14443aTag(uint8_t tagType, uint16_t flags, uint8_t *data, uint8_ // first blocks of emu are header int start = block1 * 4 + MFU_DUMP_PREFIX_LENGTH; len = (block2 - block1 + 1) * 4; - emlGetMemBt(emdata, start, len); + emlGet(emdata, start, len); AddCrc14A(emdata, len); EmSendCmd(emdata, len + 2); } @@ -1723,7 +1723,7 @@ void SimulateIso14443aTag(uint8_t tagType, uint16_t flags, uint8_t *data, uint8_ p_response = NULL; } else if (receivedCmd[0] == MIFARE_ULEV1_AUTH && len == 7 && tagType == 7) { // NTAG / EV-1 uint8_t pwd[4] = {0, 0, 0, 0}; - emlGetMemBt(pwd, (pages - 1) * 4 + MFU_DUMP_PREFIX_LENGTH, sizeof(pwd)); + emlGet(pwd, (pages - 1) * 4 + MFU_DUMP_PREFIX_LENGTH, sizeof(pwd)); if (g_dbglevel >= DBG_DEBUG) { Dbprintf("Reader sent password: "); Dbhexdump(4, receivedCmd + 1, 0); @@ -1747,7 +1747,7 @@ void SimulateIso14443aTag(uint8_t tagType, uint16_t flags, uint8_t *data, uint8_ } else if (receivedCmd[0] == MIFARE_ULEV1_VCSL && len == 23 && tagType == 7) { uint8_t cmd[3] = {0, 0, 0}; - emlGetMemBt(cmd, (pages - 2) * 4 + 1 + MFU_DUMP_PREFIX_LENGTH, 1); + emlGet(cmd, (pages - 2) * 4 + 1 + MFU_DUMP_PREFIX_LENGTH, 1); AddCrc14A(cmd, sizeof(cmd) - 2); EmSendCmd(cmd, sizeof(cmd)); p_response = NULL; diff --git a/armsrc/mifaresim.c b/armsrc/mifaresim.c index eddb59dc0..3bee070d4 100644 --- a/armsrc/mifaresim.c +++ b/armsrc/mifaresim.c @@ -238,7 +238,7 @@ static bool MifareSimInit(uint16_t flags, uint8_t *datain, uint16_t atqa, uint8_ // Get UID, SAK, ATQA from EMUL if ((flags & FLAG_UID_IN_EMUL) == FLAG_UID_IN_EMUL) { uint8_t block0[16]; - emlGetMemBt(block0, 0, 16); + emlGet(block0, 0, 16); // If uid size defined, copy only uid from EMUL to use, backward compatibility for 'hf_colin.c', 'hf_mattyrun.c' if ((flags & (FLAG_4B_UID_IN_DATA | FLAG_7B_UID_IN_DATA | FLAG_10B_UID_IN_DATA)) != 0) { @@ -1020,7 +1020,7 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1 if (receivedCmd_len == 4 && (receivedCmd_dec[0] == MIFARE_CMD_INC || receivedCmd_dec[0] == MIFARE_CMD_DEC || receivedCmd_dec[0] == MIFARE_CMD_RESTORE)) { blockNo = receivedCmd_dec[1]; if (g_dbglevel >= DBG_EXTENDED) Dbprintf("[MFEMUL_WORK] RECV 0x%02x inc(0xC1)/dec(0xC0)/restore(0xC2) block %d (%02x)", receivedCmd_dec[0], blockNo, blockNo); - if (emlCheckValBl(blockNo)) { + if (emlCheckValBl(blockNo) == false) { if (g_dbglevel >= DBG_ERROR) Dbprintf("[MFEMUL_WORK] Reader tried to operate on block, but emlCheckValBl failed, nacking"); EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA)); FpgaDisableTracing(); @@ -1056,11 +1056,8 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1 if (receivedCmd_len == 4 && receivedCmd_dec[0] == MIFARE_CMD_TRANSFER) { blockNo = receivedCmd_dec[1]; if (g_dbglevel >= DBG_EXTENDED) Dbprintf("[MFEMUL_WORK] RECV 0x%02x transfer block %d (%02x)", receivedCmd_dec[0], blockNo, blockNo); - if (emlSetValBl(cardINTREG, cardINTBLOCK, receivedCmd_dec[1])) - EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA)); - else - EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_ACK)); - + emlSetValBl(cardINTREG, cardINTBLOCK, receivedCmd_dec[1]); + EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_ACK)); FpgaDisableTracing(); break; } @@ -1072,8 +1069,9 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1 LED_C_OFF(); cardSTATE = MFEMUL_HALTED; cardAUTHKEY = AUTHKEYNONE; - if (g_dbglevel >= DBG_EXTENDED) + if (g_dbglevel >= DBG_EXTENDED) { Dbprintf("[MFEMUL_WORK] cardSTATE = MFEMUL_HALTED"); + } break; } @@ -1291,7 +1289,7 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1 case MFEMUL_INTREG_INC: { if (receivedCmd_len == 6) { mf_crypto1_decryptEx(pcs, receivedCmd, receivedCmd_len, (uint8_t *)&ans); - if (emlGetValBl(&cardINTREG, &cardINTBLOCK, cardWRBL)) { + if (emlGetValBl(&cardINTREG, &cardINTBLOCK, cardWRBL) != PM3_SUCCESS) { EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA)); FpgaDisableTracing(); @@ -1312,7 +1310,7 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1 if (receivedCmd_len == 6) { // Data is encrypted // Decrypted cmd mf_crypto1_decryptEx(pcs, receivedCmd, receivedCmd_len, (uint8_t *)&ans); - if (emlGetValBl(&cardINTREG, &cardINTBLOCK, cardWRBL)) { + if (emlGetValBl(&cardINTREG, &cardINTBLOCK, cardWRBL) != PM3_SUCCESS) { EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA)); FpgaDisableTracing(); @@ -1330,7 +1328,7 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1 // REST case MFEMUL_INTREG_REST: { mf_crypto1_decryptEx(pcs, receivedCmd, receivedCmd_len, (uint8_t *)&ans); - if (emlGetValBl(&cardINTREG, &cardINTBLOCK, cardWRBL)) { + if (emlGetValBl(&cardINTREG, &cardINTBLOCK, cardWRBL) != PM3_SUCCESS) { EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA)); FpgaDisableTracing(); diff --git a/armsrc/mifareutil.c b/armsrc/mifareutil.c index 3258007e3..47e71abcc 100644 --- a/armsrc/mifareutil.c +++ b/armsrc/mifareutil.c @@ -629,56 +629,50 @@ void emlSetMem_xt(uint8_t *data, int blockNum, int blocksCount, int block_width) } void emlGetMem(uint8_t *data, int blockNum, int blocksCount) { - uint8_t *mem = BigBuf_get_EM_addr(); - memcpy(data, mem + blockNum * 16, blocksCount * 16); + emlGet(data, (blockNum * 16), (blocksCount * 16)); } -void emlGetMemBt(uint8_t *data, int offset, int byteCount) { +bool emlCheckValBl(int blockNum) { uint8_t *mem = BigBuf_get_EM_addr(); - memcpy(data, mem + offset, byteCount); -} + uint8_t *d = mem + (blockNum * 16); -int emlCheckValBl(int blockNum) { - uint8_t *mem = BigBuf_get_EM_addr(); - uint8_t *data = mem + blockNum * 16; - - if ((data[0] != (data[4] ^ 0xff)) || (data[0] != data[8]) || - (data[1] != (data[5] ^ 0xff)) || (data[1] != data[9]) || - (data[2] != (data[6] ^ 0xff)) || (data[2] != data[10]) || - (data[3] != (data[7] ^ 0xff)) || (data[3] != data[11]) || - (data[12] != (data[13] ^ 0xff)) || (data[12] != data[14]) || - (data[12] != (data[15] ^ 0xff)) - ) - return 1; - return 0; + if ((d[0] != (d[4] ^ 0xff)) || (d[0] != d[8]) || + (d[1] != (d[5] ^ 0xff)) || (d[1] != d[9]) || + (d[2] != (d[6] ^ 0xff)) || (d[2] != d[10]) || + (d[3] != (d[7] ^ 0xff)) || (d[3] != d[11]) || + (d[12] != (d[13] ^ 0xff)) || (d[12] != d[14]) || + (d[12] != (d[15] ^ 0xff))) { + return false; + } + return true; } int emlGetValBl(uint32_t *blReg, uint8_t *blBlock, int blockNum) { uint8_t *mem = BigBuf_get_EM_addr(); - uint8_t *data = mem + blockNum * 16; + uint8_t *d = mem + blockNum * 16; - if (emlCheckValBl(blockNum)) - return 1; + if (emlCheckValBl(blockNum) == false) { + return PM3_ESOFT; + } - memcpy(blReg, data, 4); - *blBlock = data[12]; - return 0; + memcpy(blReg, d, 4); + *blBlock = d[12]; + return PM3_SUCCESS; } -int emlSetValBl(uint32_t blReg, uint8_t blBlock, int blockNum) { +void emlSetValBl(uint32_t blReg, uint8_t blBlock, int blockNum) { uint8_t *mem = BigBuf_get_EM_addr(); - uint8_t *data = mem + blockNum * 16; + uint8_t *d = mem + blockNum * 16; - memcpy(data + 0, &blReg, 4); - memcpy(data + 8, &blReg, 4); - blReg = blReg ^ 0xffffffff; - memcpy(data + 4, &blReg, 4); + memcpy(d + 0, &blReg, 4); + memcpy(d + 8, &blReg, 4); + blReg = blReg ^ 0xFFFFFFFF; + memcpy(d + 4, &blReg, 4); - data[12] = blBlock; - data[13] = blBlock ^ 0xff; - data[14] = blBlock; - data[15] = blBlock ^ 0xff; - return 0; + d[12] = blBlock; + d[13] = blBlock ^ 0xFF; + d[14] = blBlock; + d[15] = blBlock ^ 0xFF; } uint64_t emlGetKey(int sectorNum, int keyType) { diff --git a/armsrc/mifareutil.h b/armsrc/mifareutil.h index fd0749058..792d5dd27 100644 --- a/armsrc/mifareutil.h +++ b/armsrc/mifareutil.h @@ -117,10 +117,9 @@ uint8_t SectorTrailer(uint8_t blockNo); void emlClearMem(void); void emlSetMem_xt(uint8_t *data, int blockNum, int blocksCount, int block_width); void emlGetMem(uint8_t *data, int blockNum, int blocksCount); -void emlGetMemBt(uint8_t *data, int offset, int byteCount); uint64_t emlGetKey(int sectorNum, int keyType); int emlGetValBl(uint32_t *blReg, uint8_t *blBlock, int blockNum); -int emlSetValBl(uint32_t blReg, uint8_t blBlock, int blockNum); -int emlCheckValBl(int blockNum); +void emlSetValBl(uint32_t blReg, uint8_t blBlock, int blockNum); +bool emlCheckValBl(int blockNum); #endif