github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-19 13:00:42 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

cleaning up redundant functions. the extra checks in bigbuff might affect simulation

Browse source
This commit is contained in:
iceman1001 2024-01-24 23:41:48 +01:00
commit 6c1ebc3398
6 changed files with 59 additions and 66 deletions
Download patch file Download diff file Expand all files Collapse all files

14
armsrc/BigBuf.c
View file

@ -315,27 +315,29 @@ bool RAMFUNC LogTraceBits(const uint8_t *btBytes, uint16_t bitLen, uint32_t time
}
// Emulator memory
uint8_t emlSet(const uint8_t *data, uint32_t offset, uint32_t length) {
int emlSet(const uint8_t *data, uint32_t offset, uint32_t length) {
uint8_t *mem = BigBuf_get_EM_addr();
if (offset + length <= CARD_MEMORY_SIZE) {
memcpy(mem + offset, data, length);
return 0;
return PM3_SUCCESS;
}
Dbprintf("Error, trying to set memory outside of bounds! " _RED_("%d") " > %d", (offset + length), CARD_MEMORY_SIZE);
return 1;
return PM3_EOUTOFBOUND;
}
uint8_t emlGet(uint8_t *out, uint32_t offset, uint32_t length) {
int emlGet(uint8_t *out, uint32_t offset, uint32_t length) {
uint8_t *mem = BigBuf_get_EM_addr();
if (offset + length <= CARD_MEMORY_SIZE) {
memcpy(out, mem + offset, length);
return 0;
return PM3_SUCCESS;
}
Dbprintf("Error, trying to read memory outside of bounds! " _RED_("%d") " > %d", (offset + length), CARD_MEMORY_SIZE);
return 1;
return PM3_EOUTOFBOUND;
}
// get the address of the ToSend buffer. Allocate part of Bigbuf for it, if not yet done
tosend_t *get_tosend(void) {

4
armsrc/BigBuf.h
View file

@ -58,8 +58,8 @@ bool RAMFUNC LogTrace(const uint8_t *btBytes, uint16_t iLen, uint32_t timestamp_
bool RAMFUNC LogTraceBits(const uint8_t *btBytes, uint16_t bitLen, uint32_t timestamp_start, uint32_t timestamp_end, bool reader2tag);
bool LogTrace_ISO15693(const uint8_t *bytes, uint16_t len, uint32_t ts_start, uint32_t ts_end, const uint8_t *parity, bool reader2tag);
uint8_t emlSet(const uint8_t *data, uint32_t offset, uint32_t length);
uint8_t emlGet(uint8_t *out, uint32_t offset, uint32_t length);
int emlSet(const uint8_t *data, uint32_t offset, uint32_t length);
int emlGet(uint8_t *out, uint32_t offset, uint32_t length);
typedef struct {
int max;

18
armsrc/iso14443a.c
View file

@ -1190,12 +1190,12 @@ bool SimulateIso14443aInit(uint8_t tagType, uint16_t flags, uint8_t *data, tag_r
if (tagType == 2 || tagType == 7) {
uint16_t start = MFU_DUMP_PREFIX_LENGTH;
uint8_t emdata[8];
emlGetMemBt(emdata, start, sizeof(emdata));
emlGet(emdata, start, sizeof(emdata));
memcpy(data, emdata, 3); // uid bytes 0-2
memcpy(data + 3, emdata + 4, 4); // uid bytes 3-7
flags |= FLAG_7B_UID_IN_DATA;
} else {
emlGetMemBt(data, 0, 4);
emlGet(data, 0, 4);
flags |= FLAG_4B_UID_IN_DATA;
}
}
@ -1285,8 +1285,8 @@ bool SimulateIso14443aInit(uint8_t tagType, uint16_t flags, uint8_t *data, tag_r
if (tagType == 7) {
uint8_t pwd[4] = {0, 0, 0, 0};
uint8_t gen_pwd[4] = {0, 0, 0, 0};
emlGetMemBt(pwd, (*pages - 1) * 4 + MFU_DUMP_PREFIX_LENGTH, sizeof(pwd));
emlGetMemBt(rPACK, (*pages) * 4 + MFU_DUMP_PREFIX_LENGTH, sizeof(rPACK));
emlGet(pwd, (*pages - 1) * 4 + MFU_DUMP_PREFIX_LENGTH, sizeof(pwd));
emlGet(rPACK, (*pages) * 4 + MFU_DUMP_PREFIX_LENGTH, sizeof(rPACK));
Uint4byteToMemBe(gen_pwd, ul_ev1_pwdgenB(data));
if (memcmp(pwd, gen_pwd, sizeof(pwd)) == 0) {
@ -1569,7 +1569,7 @@ void SimulateIso14443aTag(uint8_t tagType, uint16_t flags, uint8_t *data, uint8_
// first blocks of emu are header
uint16_t start = block * 4 + MFU_DUMP_PREFIX_LENGTH;
uint8_t emdata[MAX_MIFARE_FRAME_SIZE];
emlGetMemBt(emdata, start, 16);
emlGet(emdata, start, 16);
AddCrc14A(emdata, 16);
EmSendCmd(emdata, sizeof(emdata));
numReads++; // Increment number of times reader requested a block
@ -1588,7 +1588,7 @@ void SimulateIso14443aTag(uint8_t tagType, uint16_t flags, uint8_t *data, uint8_
p_response = &responses[RESP_INDEX_UIDC1];
} else { // all other tags (16 byte block tags)
uint8_t emdata[MAX_MIFARE_FRAME_SIZE] = {0};
emlGetMemBt(emdata, block, 16);
emlGet(emdata, block, 16);
AddCrc14A(emdata, 16);
EmSendCmd(emdata, sizeof(emdata));
// We already responded, do not send anything with the EmSendCmd14443aRaw() that is called below
@ -1605,7 +1605,7 @@ void SimulateIso14443aTag(uint8_t tagType, uint16_t flags, uint8_t *data, uint8_
// first blocks of emu are header
int start = block1 * 4 + MFU_DUMP_PREFIX_LENGTH;
len = (block2 - block1 + 1) * 4;
emlGetMemBt(emdata, start, len);
emlGet(emdata, start, len);
AddCrc14A(emdata, len);
EmSendCmd(emdata, len + 2);
}
@ -1723,7 +1723,7 @@ void SimulateIso14443aTag(uint8_t tagType, uint16_t flags, uint8_t *data, uint8_
p_response = NULL;
} else if (receivedCmd[0] == MIFARE_ULEV1_AUTH && len == 7 && tagType == 7) { // NTAG / EV-1
uint8_t pwd[4] = {0, 0, 0, 0};
emlGetMemBt(pwd, (pages - 1) * 4 + MFU_DUMP_PREFIX_LENGTH, sizeof(pwd));
emlGet(pwd, (pages - 1) * 4 + MFU_DUMP_PREFIX_LENGTH, sizeof(pwd));
if (g_dbglevel >= DBG_DEBUG) {
Dbprintf("Reader sent password: ");
Dbhexdump(4, receivedCmd + 1, 0);
@ -1747,7 +1747,7 @@ void SimulateIso14443aTag(uint8_t tagType, uint16_t flags, uint8_t *data, uint8_
} else if (receivedCmd[0] == MIFARE_ULEV1_VCSL && len == 23 && tagType == 7) {
uint8_t cmd[3] = {0, 0, 0};
emlGetMemBt(cmd, (pages - 2) * 4 + 1 + MFU_DUMP_PREFIX_LENGTH, 1);
emlGet(cmd, (pages - 2) * 4 + 1 + MFU_DUMP_PREFIX_LENGTH, 1);
AddCrc14A(cmd, sizeof(cmd) - 2);
EmSendCmd(cmd, sizeof(cmd));
p_response = NULL;

18
armsrc/mifaresim.c
View file

@ -238,7 +238,7 @@ static bool MifareSimInit(uint16_t flags, uint8_t *datain, uint16_t atqa, uint8_
// Get UID, SAK, ATQA from EMUL
if ((flags & FLAG_UID_IN_EMUL) == FLAG_UID_IN_EMUL) {
uint8_t block0[16];
emlGetMemBt(block0, 0, 16);
emlGet(block0, 0, 16);
// If uid size defined, copy only uid from EMUL to use, backward compatibility for 'hf_colin.c', 'hf_mattyrun.c'
if ((flags & (FLAG_4B_UID_IN_DATA | FLAG_7B_UID_IN_DATA | FLAG_10B_UID_IN_DATA)) != 0) {
@ -1020,7 +1020,7 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1
if (receivedCmd_len == 4 && (receivedCmd_dec[0] == MIFARE_CMD_INC || receivedCmd_dec[0] == MIFARE_CMD_DEC || receivedCmd_dec[0] == MIFARE_CMD_RESTORE)) {
blockNo = receivedCmd_dec[1];
if (g_dbglevel >= DBG_EXTENDED) Dbprintf("[MFEMUL_WORK] RECV 0x%02x inc(0xC1)/dec(0xC0)/restore(0xC2) block %d (%02x)", receivedCmd_dec[0], blockNo, blockNo);
if (emlCheckValBl(blockNo)) {
if (emlCheckValBl(blockNo) == false) {
if (g_dbglevel >= DBG_ERROR) Dbprintf("[MFEMUL_WORK] Reader tried to operate on block, but emlCheckValBl failed, nacking");
EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA));
FpgaDisableTracing();
@ -1056,11 +1056,8 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1
if (receivedCmd_len == 4 && receivedCmd_dec[0] == MIFARE_CMD_TRANSFER) {
blockNo = receivedCmd_dec[1];
if (g_dbglevel >= DBG_EXTENDED) Dbprintf("[MFEMUL_WORK] RECV 0x%02x transfer block %d (%02x)", receivedCmd_dec[0], blockNo, blockNo);
if (emlSetValBl(cardINTREG, cardINTBLOCK, receivedCmd_dec[1]))
EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA));
else
emlSetValBl(cardINTREG, cardINTBLOCK, receivedCmd_dec[1]);
EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_ACK));
FpgaDisableTracing();
break;
}
@ -1072,8 +1069,9 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1
LED_C_OFF();
cardSTATE = MFEMUL_HALTED;
cardAUTHKEY = AUTHKEYNONE;
if (g_dbglevel >= DBG_EXTENDED)
if (g_dbglevel >= DBG_EXTENDED) {
Dbprintf("[MFEMUL_WORK] cardSTATE = MFEMUL_HALTED");
}
break;
}
@ -1291,7 +1289,7 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1
case MFEMUL_INTREG_INC: {
if (receivedCmd_len == 6) {
mf_crypto1_decryptEx(pcs, receivedCmd, receivedCmd_len, (uint8_t *)&ans);
if (emlGetValBl(&cardINTREG, &cardINTBLOCK, cardWRBL)) {
if (emlGetValBl(&cardINTREG, &cardINTBLOCK, cardWRBL) != PM3_SUCCESS) {
EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA));
FpgaDisableTracing();
@ -1312,7 +1310,7 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1
if (receivedCmd_len == 6) { // Data is encrypted
// Decrypted cmd
mf_crypto1_decryptEx(pcs, receivedCmd, receivedCmd_len, (uint8_t *)&ans);
if (emlGetValBl(&cardINTREG, &cardINTBLOCK, cardWRBL)) {
if (emlGetValBl(&cardINTREG, &cardINTBLOCK, cardWRBL) != PM3_SUCCESS) {
EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA));
FpgaDisableTracing();
@ -1330,7 +1328,7 @@ void Mifare1ksim(uint16_t flags, uint8_t exitAfterNReads, uint8_t *datain, uint1
// REST
case MFEMUL_INTREG_REST: {
mf_crypto1_decryptEx(pcs, receivedCmd, receivedCmd_len, (uint8_t *)&ans);
if (emlGetValBl(&cardINTREG, &cardINTBLOCK, cardWRBL)) {
if (emlGetValBl(&cardINTREG, &cardINTBLOCK, cardWRBL) != PM3_SUCCESS) {
EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA));
FpgaDisableTracing();

64
armsrc/mifareutil.c
View file

@ -629,56 +629,50 @@ void emlSetMem_xt(uint8_t *data, int blockNum, int blocksCount, int block_width)
}
void emlGetMem(uint8_t *data, int blockNum, int blocksCount) {
uint8_t *mem = BigBuf_get_EM_addr();
memcpy(data, mem + blockNum * 16, blocksCount * 16);
emlGet(data, (blockNum * 16), (blocksCount * 16));
}
void emlGetMemBt(uint8_t *data, int offset, int byteCount) {
bool emlCheckValBl(int blockNum) {
uint8_t *mem = BigBuf_get_EM_addr();
memcpy(data, mem + offset, byteCount);
}
uint8_t *d = mem + (blockNum * 16);
int emlCheckValBl(int blockNum) {
uint8_t *mem = BigBuf_get_EM_addr();
uint8_t *data = mem + blockNum * 16;
if ((data[0] != (data[4] ^ 0xff)) || (data[0] != data[8]) ||
(data[1] != (data[5] ^ 0xff)) || (data[1] != data[9]) ||
(data[2] != (data[6] ^ 0xff)) || (data[2] != data[10]) ||
(data[3] != (data[7] ^ 0xff)) || (data[3] != data[11]) ||
(data[12] != (data[13] ^ 0xff)) || (data[12] != data[14]) ||
(data[12] != (data[15] ^ 0xff))
)
return 1;
return 0;
if ((d[0] != (d[4] ^ 0xff)) || (d[0] != d[8]) ||
(d[1] != (d[5] ^ 0xff)) || (d[1] != d[9]) ||
(d[2] != (d[6] ^ 0xff)) || (d[2] != d[10]) ||
(d[3] != (d[7] ^ 0xff)) || (d[3] != d[11]) ||
(d[12] != (d[13] ^ 0xff)) || (d[12] != d[14]) ||
(d[12] != (d[15] ^ 0xff))) {
return false;
}
return true;
}
int emlGetValBl(uint32_t *blReg, uint8_t *blBlock, int blockNum) {
uint8_t *mem = BigBuf_get_EM_addr();
uint8_t *data = mem + blockNum * 16;
uint8_t *d = mem + blockNum * 16;
if (emlCheckValBl(blockNum))
return 1;
if (emlCheckValBl(blockNum) == false) {
return PM3_ESOFT;
}
memcpy(blReg, data, 4);
*blBlock = data[12];
return 0;
memcpy(blReg, d, 4);
*blBlock = d[12];
return PM3_SUCCESS;
}
int emlSetValBl(uint32_t blReg, uint8_t blBlock, int blockNum) {
void emlSetValBl(uint32_t blReg, uint8_t blBlock, int blockNum) {
uint8_t *mem = BigBuf_get_EM_addr();
uint8_t *data = mem + blockNum * 16;
uint8_t *d = mem + blockNum * 16;
memcpy(data + 0, &blReg, 4);
memcpy(data + 8, &blReg, 4);
blReg = blReg ^ 0xffffffff;
memcpy(data + 4, &blReg, 4);
memcpy(d + 0, &blReg, 4);
memcpy(d + 8, &blReg, 4);
blReg = blReg ^ 0xFFFFFFFF;
memcpy(d + 4, &blReg, 4);
data[12] = blBlock;
data[13] = blBlock ^ 0xff;
data[14] = blBlock;
data[15] = blBlock ^ 0xff;
return 0;
d[12] = blBlock;
d[13] = blBlock ^ 0xFF;
d[14] = blBlock;
d[15] = blBlock ^ 0xFF;
}
uint64_t emlGetKey(int sectorNum, int keyType) {

5
armsrc/mifareutil.h
View file

@ -117,10 +117,9 @@ uint8_t SectorTrailer(uint8_t blockNo);
void emlClearMem(void);
void emlSetMem_xt(uint8_t *data, int blockNum, int blocksCount, int block_width);
void emlGetMem(uint8_t *data, int blockNum, int blocksCount);
void emlGetMemBt(uint8_t *data, int offset, int byteCount);
uint64_t emlGetKey(int sectorNum, int keyType);
int emlGetValBl(uint32_t *blReg, uint8_t *blBlock, int blockNum);
int emlSetValBl(uint32_t blReg, uint8_t blBlock, int blockNum);
int emlCheckValBl(int blockNum);
void emlSetValBl(uint32_t blReg, uint8_t blBlock, int blockNum);
bool emlCheckValBl(int blockNum);
#endif