From 84d89b248071499311b5b26b4bae10c685a45713 Mon Sep 17 00:00:00 2001
From: merlokk <807634+merlokk@users.noreply.github.com>
Date: Sat, 31 Jul 2021 12:36:49 +0300
Subject: [PATCH] iso auth works for app and picc level

---
 client/src/mifare/desfirecore.c   | 6 ++++--
 client/src/mifare/desfirecrypto.c | 2 ++
 client/src/mifare/desfirecrypto.h | 2 ++
 3 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/client/src/mifare/desfirecore.c b/client/src/mifare/desfirecore.c
index d24cd99d5..51ad6172d 100644
--- a/client/src/mifare/desfirecore.c
+++ b/client/src/mifare/desfirecore.c
@@ -774,6 +774,7 @@ int DesfireSelectAID(DesfireContext *ctx, uint8_t *aid1, uint8_t *aid2) {
             return PM3_EAPDU_FAIL;
 
         DesfireClearSession(ctx);
+        ctx->appSelected = (aid1[0] != 0x00 || aid1[1] != 0x00 || aid1[2] != 0x00);
         
         return PM3_SUCCESS;
     }
@@ -1297,14 +1298,14 @@ static int DesfireAuthenticateISO(DesfireContext *dctx, DesfireSecureChannel sec
     DesfireCryptoEncDec(dctx, false, both, rndlen * 2, both, true); // error 303
     
     // external authenticate
-    res = DesfireISOExternalAuth(dctx, true, dctx->keyNum, dctx->keyType, both);
+    res = DesfireISOExternalAuth(dctx, dctx->appSelected, dctx->keyNum, dctx->keyType, both);
     if (res != PM3_SUCCESS)
         return 304;
     
     // internal authenticate
     uint8_t rnddata[64] = {0};
     xlen = 0;
-    res = DesfireISOInternalAuth(dctx, true, dctx->keyNum, dctx->keyType, hostrnd2, rnddata, &xlen);
+    res = DesfireISOInternalAuth(dctx, dctx->appSelected, dctx->keyNum, dctx->keyType, hostrnd2, rnddata, &xlen);
     if (res != PM3_SUCCESS)
         return 305;
 
@@ -2233,6 +2234,7 @@ int DesfireISOSelect(DesfireContext *dctx, DesfireISOSelectControl cntr, uint8_t
     }
     
     DesfireClearSession(dctx);
+    dctx->appSelected = !( (cntr == ISSMFDFEF && datalen == 0) || (cntr == ISSEFByFileID && datalen == 2 && data[0] == 0 && data[1] == 0) );
     
     return res;
 }
diff --git a/client/src/mifare/desfirecrypto.c b/client/src/mifare/desfirecrypto.c
index a8ddcdf46..e1670ada2 100644
--- a/client/src/mifare/desfirecrypto.c
+++ b/client/src/mifare/desfirecrypto.c
@@ -41,6 +41,8 @@ void DesfireClearContext(DesfireContext *ctx) {
     ctx->secureChannel = DACNone;
     ctx->cmdSet = DCCNative;
     ctx->commMode = DCMNone;
+    
+    ctx->appSelected = false;
 
     ctx->kdfAlgo = 0;
     ctx->kdfInputLen = 0;
diff --git a/client/src/mifare/desfirecrypto.h b/client/src/mifare/desfirecrypto.h
index 49e18edfa..b24b8a3ac 100644
--- a/client/src/mifare/desfirecrypto.h
+++ b/client/src/mifare/desfirecrypto.h
@@ -75,6 +75,8 @@ typedef struct DesfireContextS {
     DesfireSecureChannel secureChannel; // none/d40/ev1/ev2
     DesfireCommandSet cmdSet;           // native/nativeiso/iso
     DesfireCommunicationMode commMode;  // plain/mac/enc
+    
+    bool appSelected; // for iso auth
 
     uint8_t IV[DESFIRE_MAX_KEY_SIZE];
     uint8_t sessionKeyMAC[DESFIRE_MAX_KEY_SIZE];