mirror of
https://github.com/RfidResearchGroup/proxmark3.git
synced 2025-08-21 13:53:55 -07:00
cppcheck reduce variable scopes
This commit is contained in:
parent
d37547917e
commit
9f36ce1b9d
15 changed files with 102 additions and 140 deletions
|
@ -259,9 +259,8 @@ static int demodNexWatch(void) {
|
|||
// output
|
||||
Dbprintf(" NexWatch raw id : " _YELLOW_("0x%08"PRIx32), rawid);
|
||||
|
||||
uint8_t temp_checksum;
|
||||
for (; magic < 255; magic++) {
|
||||
temp_checksum = nexwatch_checksum(magic, cn, calc_parity);
|
||||
uint8_t temp_checksum = nexwatch_checksum(magic, cn, calc_parity);
|
||||
if (temp_checksum == chk) {
|
||||
Dbprintf(" Magic number : " _GREEN_("0x%X"), magic);
|
||||
break;
|
||||
|
|
|
@ -126,11 +126,10 @@ static void append(const char *filename, uint8_t *entry, size_t entry_len) {
|
|||
}
|
||||
|
||||
static void save_pwds(uint32_t *pwdlist, size_t no_pwd) {
|
||||
uint8_t entry[10] = {0};
|
||||
|
||||
if (no_pwd > 0) {
|
||||
Dbprintf("");
|
||||
for (int i = 0; i < no_pwd; i++) {
|
||||
uint8_t entry[10] = {0};
|
||||
sprintf((char *)entry, "%08"PRIx32"\n", pwdlist[i]);
|
||||
append(LF_EM4X50_LOGFILE_SIM, entry, strlen((char *)entry));
|
||||
Dbprintf("received password: %08"PRIx32"", pwdlist[i]);
|
||||
|
|
|
@ -296,8 +296,6 @@ bool hitag2crack_read_page(uint8_t *responsestr, uint8_t pagenum, uint8_t *nrar,
|
|||
uint8_t cmd[10];
|
||||
uint8_t e_cmd[10];
|
||||
uint8_t e_responsestr[9];
|
||||
uint8_t e_response[32];
|
||||
uint8_t response[32];
|
||||
|
||||
if (pagenum > 7) {
|
||||
UserMessage("hitag2crack_read_page:\r\n invalid pagenum\r\n");
|
||||
|
@ -326,6 +324,8 @@ bool hitag2crack_read_page(uint8_t *responsestr, uint8_t pagenum, uint8_t *nrar,
|
|||
if (hitag2crack_send_e_cmd(e_responsestr, nrar, e_cmd, 10)) {
|
||||
// check if it is valid
|
||||
if (strcmp(e_responsestr, ERROR_RESPONSE) != 0) {
|
||||
uint8_t e_response[32];
|
||||
uint8_t response[32];
|
||||
// convert to binarray
|
||||
hextobinarray(e_response, e_responsestr);
|
||||
// decrypt response
|
||||
|
@ -792,13 +792,12 @@ bool hitag2crack_extend_keystream(uint8_t *keybits, int *kslen, int ksoffset, ui
|
|||
|
||||
bool hitag2_reader(uint8_t *response, uint8_t *key, bool interactive) {
|
||||
uint8_t tmp[9];
|
||||
int i;
|
||||
|
||||
response[0] = '\0';
|
||||
// auth to tag
|
||||
if (hitag2_crypto_auth(tmp, key)) {
|
||||
// read tag, one page at a time
|
||||
for (i = 0; i <= 7; ++i) {
|
||||
for (int i = 0; i <= 7; ++i) {
|
||||
if (!read_tag(tmp, i, i)) {
|
||||
// if read fails, it could be because of auth,
|
||||
// so try to reauth
|
||||
|
|
|
@ -858,7 +858,6 @@ void SimulateHitagSTag(bool tag_mem_supplied, uint8_t *data) {
|
|||
|
||||
// int frame_count = 0;
|
||||
int response = 0, overflow = 0;
|
||||
int i, j;
|
||||
uint8_t rx[HITAG_FRAME_LEN];
|
||||
size_t rxlen = 0;
|
||||
bQuiet = false;
|
||||
|
@ -885,8 +884,8 @@ void SimulateHitagSTag(bool tag_mem_supplied, uint8_t *data) {
|
|||
|
||||
// read tag data into memory
|
||||
if (tag_mem_supplied) {
|
||||
for (i = 0; i < 16; i++)
|
||||
for (j = 0; j < 4; j++)
|
||||
for (int i = 0; i < 16; i++)
|
||||
for (int j = 0; j < 4; j++)
|
||||
tag.pages[i][j] = 0x0;
|
||||
|
||||
DbpString("Loading hitagS memory...");
|
||||
|
@ -912,7 +911,7 @@ void SimulateHitagSTag(bool tag_mem_supplied, uint8_t *data) {
|
|||
if ((tag.pages[1][0] & 0x2) == 0 && (tag.pages[1][0] & 0x1) == 0)
|
||||
tag.max_page = 0;
|
||||
if (g_dbglevel >= DBG_EXTENDED)
|
||||
for (i = 0; i < tag.max_page; i++)
|
||||
for (int i = 0; i < tag.max_page; i++)
|
||||
Dbprintf("Page[%2d]: %02X %02X %02X %02X", i,
|
||||
(tag.pages[i][3]) & 0xff,
|
||||
(tag.pages[i][2]) & 0xff,
|
||||
|
|
|
@ -1329,8 +1329,8 @@ void SimulateIso14443aTag(uint8_t tagType, uint8_t flags, uint8_t *data, uint8_t
|
|||
int retval = PM3_SUCCESS;
|
||||
|
||||
// Just to allow some checks
|
||||
int happened = 0;
|
||||
int happened2 = 0;
|
||||
// int happened = 0;
|
||||
// int happened2 = 0;
|
||||
int cmdsRecvd = 0;
|
||||
uint32_t numReads = 0; //Counts numer of times reader reads a block
|
||||
|
||||
|
@ -1781,8 +1781,8 @@ void SimulateIso14443aTag(uint8_t tagType, uint8_t flags, uint8_t *data, uint8_t
|
|||
BigBuf_free_keep_EM();
|
||||
|
||||
if (g_dbglevel >= DBG_EXTENDED) {
|
||||
Dbprintf("-[ Wake ups after halt [%d]", happened);
|
||||
Dbprintf("-[ Messages after halt [%d]", happened2);
|
||||
// Dbprintf("-[ Wake ups after halt [%d]", happened);
|
||||
// Dbprintf("-[ Messages after halt [%d]", happened2);
|
||||
Dbprintf("-[ Num of received cmd [%d]", cmdsRecvd);
|
||||
Dbprintf("-[ Num of moebius tries [%d]", moebius_count);
|
||||
}
|
||||
|
|
|
@ -1871,9 +1871,8 @@ void T55xxDangerousRawTest(uint8_t *data) {
|
|||
// Trigger T55x7 in mode.
|
||||
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
|
||||
WaitUS(T55xx_Timing.m[0].start_gap);
|
||||
uint8_t sendbits;
|
||||
for (uint8_t i = 0; i < len; i++) {
|
||||
sendbits = (bs[BITSTREAM_BYTE(i)] >> BITSTREAM_BIT(i));
|
||||
uint8_t sendbits = (bs[BITSTREAM_BYTE(i)] >> BITSTREAM_BIT(i));
|
||||
T55xxWriteBit(sendbits & 1, 0);
|
||||
}
|
||||
TurnReadLFOn(c->time);
|
||||
|
|
|
@ -539,10 +539,8 @@ int CmdEM4x05Dump(const char *Cmd) {
|
|||
uint32_t data[16];
|
||||
|
||||
int success = PM3_SUCCESS;
|
||||
int status, status14, status15;
|
||||
uint32_t lock_bits = 0x00; // no blocks locked
|
||||
bool gotLockBits = false;
|
||||
bool lockInPW2 = false;
|
||||
uint32_t word = 0;
|
||||
|
||||
const char *info[] = {"Info/User", "UID", "Password", "User", "Config", "User", "User", "User", "User", "User", "User", "User", "User", "User", "Lock", "Lock"};
|
||||
|
@ -555,7 +553,7 @@ int CmdEM4x05Dump(const char *Cmd) {
|
|||
|
||||
if (usePwd) {
|
||||
// Test first if the password is correct
|
||||
status = em4x05_login_ext(pwd);
|
||||
int status = em4x05_login_ext(pwd);
|
||||
if (status == PM3_SUCCESS) {
|
||||
PrintAndLogEx(INFO, "password is " _GREEN_("correct"));
|
||||
} else if (status == PM3_EFAILED) {
|
||||
|
@ -572,11 +570,10 @@ int CmdEM4x05Dump(const char *Cmd) {
|
|||
PrintAndLogEx(INFO, "-----+----------+-------+---+-----");
|
||||
|
||||
if (card_type == EM_4205 || card_type == EM_4305 || card_type == EM_UNKNOWN) {
|
||||
|
||||
|
||||
bool lockInPW2 = false;
|
||||
// To flag any blocks locked we need to read blocks 14 and 15 first
|
||||
// dont swap endian until we get block lock flags.
|
||||
status14 = em4x05_read_word_ext(EM4305_PROT1_BLOCK, pwd, usePwd, &word);
|
||||
int status14 = em4x05_read_word_ext(EM4305_PROT1_BLOCK, pwd, usePwd, &word);
|
||||
if (status14 == PM3_SUCCESS) {
|
||||
if ((word & 0x00008000) != 0x00) {
|
||||
lock_bits = word;
|
||||
|
@ -586,7 +583,7 @@ int CmdEM4x05Dump(const char *Cmd) {
|
|||
} else {
|
||||
success = PM3_ESOFT; // If any error ensure fail is set so not to save invalid data
|
||||
}
|
||||
status15 = em4x05_read_word_ext(EM4305_PROT2_BLOCK, pwd, usePwd, &word);
|
||||
int status15 = em4x05_read_word_ext(EM4305_PROT2_BLOCK, pwd, usePwd, &word);
|
||||
if (status15 == PM3_SUCCESS) {
|
||||
if ((word & 0x00008000) != 0x00) { // assume block 15 is the current lock block
|
||||
lock_bits = word;
|
||||
|
@ -612,7 +609,7 @@ int CmdEM4x05Dump(const char *Cmd) {
|
|||
}
|
||||
} else {
|
||||
// success &= em4x05_read_word_ext(addr, pwd, usePwd, &word);
|
||||
status = em4x05_read_word_ext(addr, pwd, usePwd, &word); // Get status for single read
|
||||
int status = em4x05_read_word_ext(addr, pwd, usePwd, &word); // Get status for single read
|
||||
if (status != PM3_SUCCESS)
|
||||
success = PM3_ESOFT; // If any error ensure fail is set so not to save invalid data
|
||||
data[addr] = BSWAP_32(word);
|
||||
|
@ -647,7 +644,7 @@ int CmdEM4x05Dump(const char *Cmd) {
|
|||
|
||||
// To flag any blocks locked we need to read block 3 first
|
||||
// dont swap endian until we get block lock flags.
|
||||
status14 = em4x05_read_word_ext(EM4469_PROT_BLOCK, pwd, usePwd, &word);
|
||||
int status14 = em4x05_read_word_ext(EM4469_PROT_BLOCK, pwd, usePwd, &word);
|
||||
if (status14 == PM3_SUCCESS) {
|
||||
lock_bits = word;
|
||||
gotLockBits = true;
|
||||
|
@ -656,10 +653,8 @@ int CmdEM4x05Dump(const char *Cmd) {
|
|||
success = PM3_ESOFT; // If any error ensure fail is set so not to save invalid data
|
||||
}
|
||||
|
||||
uint32_t lockbit;
|
||||
|
||||
for (; addr < 16; addr++) {
|
||||
lockbit = (lock_bits >> (addr * 2)) & 3;
|
||||
uint32_t lockbit = (lock_bits >> (addr * 2)) & 3;
|
||||
if (addr == 2) {
|
||||
if (usePwd) {
|
||||
data[addr] = BSWAP_32(pwd);
|
||||
|
@ -671,7 +666,7 @@ int CmdEM4x05Dump(const char *Cmd) {
|
|||
}
|
||||
} else {
|
||||
|
||||
status = em4x05_read_word_ext(addr, pwd, usePwd, &word);
|
||||
int status = em4x05_read_word_ext(addr, pwd, usePwd, &word);
|
||||
if (status != PM3_SUCCESS) {
|
||||
success = PM3_ESOFT; // If any error ensure fail is set so not to save invalid data
|
||||
}
|
||||
|
@ -1970,9 +1965,6 @@ uint32_t static em4x05_Sniff_GetBlock(char *bits, bool fwd) {
|
|||
|
||||
int CmdEM4x05Sniff(const char *Cmd) {
|
||||
|
||||
bool pwd = false, fwd = false;
|
||||
bool haveData, sampleData = true;
|
||||
|
||||
CLIParserContext *ctx;
|
||||
CLIParserInit(&ctx, "lf em 4x05 sniff",
|
||||
"Sniff EM4x05 commands sent from a programmer",
|
||||
|
@ -1988,8 +1980,8 @@ int CmdEM4x05Sniff(const char *Cmd) {
|
|||
arg_param_end
|
||||
};
|
||||
CLIExecWithReturn(ctx, Cmd, argtable, true);
|
||||
sampleData = (arg_get_lit(ctx, 1) == false);
|
||||
fwd = arg_get_lit(ctx, 2);
|
||||
bool sampleData = (arg_get_lit(ctx, 1) == false);
|
||||
bool fwd = arg_get_lit(ctx, 2);
|
||||
CLIParserFree(ctx);
|
||||
|
||||
char cmdText[100];
|
||||
|
@ -1999,9 +1991,7 @@ int CmdEM4x05Sniff(const char *Cmd) {
|
|||
int i, bitidx;
|
||||
int ZeroWidth; // 32-42 "1" is 32
|
||||
int CycleWidth;
|
||||
size_t idx = 0, pulseSamples, pktOffset;
|
||||
uint32_t tmpValue;
|
||||
bool eop = false;
|
||||
size_t pulseSamples;
|
||||
|
||||
// setup and sample data from Proxmark
|
||||
// if not directed to existing sample/graphbuffer
|
||||
|
@ -2019,15 +2009,16 @@ int CmdEM4x05Sniff(const char *Cmd) {
|
|||
PrintAndLogEx(SUCCESS, "offset | Command | Data | blk | raw");
|
||||
PrintAndLogEx(SUCCESS, "-------+-------------+----------+-----+------------------------------------------------------------");
|
||||
|
||||
idx = 0;
|
||||
size_t idx = 0;
|
||||
// loop though sample buffer
|
||||
while (idx < g_GraphTraceLen) {
|
||||
eop = false;
|
||||
haveData = false;
|
||||
pwd = false;
|
||||
bool eop = false;
|
||||
bool haveData = false;
|
||||
bool pwd = false;
|
||||
uint32_t tmpValue;
|
||||
|
||||
idx = em4x05_Sniff_GetNextBitStart(idx, g_GraphTraceLen, g_GraphBuffer, &pulseSamples);
|
||||
pktOffset = idx;
|
||||
size_t pktOffset = idx;
|
||||
if (pulseSamples >= 10) { // Should be 18 so a bit less to allow for processing
|
||||
|
||||
// Use first bit to get "0" bit samples as a reference
|
||||
|
|
|
@ -46,7 +46,7 @@ static uint8_t isEven_64_63(const uint8_t *data) { // 8
|
|||
//NEDAP demod - ASK/Biphase (or Diphase), RF/64 with preamble of 1111111110 (always a 128 bit data stream)
|
||||
int demodNedap(bool verbose) {
|
||||
(void) verbose; // unused so far
|
||||
uint8_t data[16], buffer[7], r0, r1, r2, r3, r4, r5, idxC1, idxC2, idxC3, idxC4, idxC5, fixed0, fixed1, unk1, unk2, subtype; // 4 bits
|
||||
uint8_t data[16], buffer[7], subtype; // 4 bits
|
||||
size_t size, offset = 0;
|
||||
uint16_t checksum, customerCode; // 12 bits
|
||||
uint32_t badgeId; // max 99999
|
||||
|
@ -118,19 +118,19 @@ int demodNedap(bool verbose) {
|
|||
ret = PM3_ESOFT;
|
||||
}
|
||||
|
||||
idxC1 = invTranslateTable[(data[3] & 0x1e) >> 1];
|
||||
idxC2 = invTranslateTable[(data[4] & 0x1e) >> 1];
|
||||
idxC3 = invTranslateTable[(data[5] & 0x1e) >> 1];
|
||||
idxC4 = invTranslateTable[(data[6] & 0x1e) >> 1];
|
||||
idxC5 = invTranslateTable[(data[7] & 0x1e) >> 1];
|
||||
uint8_t idxC1 = invTranslateTable[(data[3] & 0x1e) >> 1];
|
||||
uint8_t idxC2 = invTranslateTable[(data[4] & 0x1e) >> 1];
|
||||
uint8_t idxC3 = invTranslateTable[(data[5] & 0x1e) >> 1];
|
||||
uint8_t idxC4 = invTranslateTable[(data[6] & 0x1e) >> 1];
|
||||
uint8_t idxC5 = invTranslateTable[(data[7] & 0x1e) >> 1];
|
||||
|
||||
// validation
|
||||
if ((idxC1 != 0xFF) && (idxC2 != 0xFF) && (idxC3 != 0xFF) && (idxC4 != 0xFF) && (idxC5 != 0xFF)) {
|
||||
r1 = idxC1;
|
||||
r2 = ((10 + idxC2) - (idxC1 + 1)) % 10;
|
||||
r3 = ((10 + idxC3) - (idxC2 + 1)) % 10;
|
||||
r4 = ((10 + idxC4) - (idxC3 + 1)) % 10;
|
||||
r5 = ((10 + idxC5) - (idxC4 + 1)) % 10;
|
||||
uint8_t r1 = idxC1;
|
||||
uint8_t r2 = ((10 + idxC2) - (idxC1 + 1)) % 10;
|
||||
uint8_t r3 = ((10 + idxC3) - (idxC2 + 1)) % 10;
|
||||
uint8_t r4 = ((10 + idxC4) - (idxC3 + 1)) % 10;
|
||||
uint8_t r5 = ((10 + idxC5) - (idxC4 + 1)) % 10;
|
||||
|
||||
badgeId = r1 * 10000 + r2 * 1000 + r3 * 100 + r4 * 10 + r5;
|
||||
|
||||
|
@ -171,18 +171,18 @@ int demodNedap(bool verbose) {
|
|||
}
|
||||
|
||||
//
|
||||
r4 = (data[8] >> 3) & 0x0F;
|
||||
r5 = ((data[8] << 1) & 0x0F) | (data[9] >> 7);
|
||||
r2 = (data[9] >> 2) & 0x0F;
|
||||
r3 = ((data[9] << 2) & 0x0F) | (data[10] >> 6);
|
||||
r0 = ((data[10] >> 1) & 0x0F);
|
||||
r1 = ((data[10] << 3) & 0x0F) | (data[11] >> 5);
|
||||
uint8_t r4 = (data[8] >> 3) & 0x0F;
|
||||
uint8_t r5 = ((data[8] << 1) & 0x0F) | (data[9] >> 7);
|
||||
uint8_t r2 = (data[9] >> 2) & 0x0F;
|
||||
uint8_t r3 = ((data[9] << 2) & 0x0F) | (data[10] >> 6);
|
||||
uint8_t r0 = ((data[10] >> 1) & 0x0F);
|
||||
uint8_t r1 = ((data[10] << 3) & 0x0F) | (data[11] >> 5);
|
||||
|
||||
fixed0 = ((data[11] << 4) & 0xF0) | (data[12] >> 4);
|
||||
fixed1 = ((data[12] << 5) & 0xE0) | (data[13] >> 3);
|
||||
uint8_t fixed0 = ((data[11] << 4) & 0xF0) | (data[12] >> 4);
|
||||
uint8_t fixed1 = ((data[12] << 5) & 0xE0) | (data[13] >> 3);
|
||||
|
||||
unk1 = ((data[13] << 6) & 0xC0) | (data[14] >> 2);
|
||||
unk2 = ((data[14] << 7) & 0xC0) | (data[15] >> 1);
|
||||
uint8_t unk1 = ((data[13] << 6) & 0xC0) | (data[14] >> 2);
|
||||
uint8_t unk2 = ((data[14] << 7) & 0xC0) | (data[15] >> 1);
|
||||
|
||||
// validation 2
|
||||
if (!r0 && (r1 < 10) && (r2 < 10) && (r3 < 10) && (r4 < 10) && (r5 < 10)) {
|
||||
|
@ -293,21 +293,20 @@ static int CmdLFNedapReader(const char *Cmd) {
|
|||
}
|
||||
|
||||
static void NedapGen(uint8_t subType, uint16_t customerCode, uint32_t id, bool isLong, uint8_t *data) { // 8 or 16
|
||||
uint8_t buffer[7], r1, r2, r3, r4, r5, idxC1, idxC2, idxC3, idxC4, idxC5, i, tmp, carry, id2, id1, id0;
|
||||
uint16_t checksum;
|
||||
uint8_t buffer[7];
|
||||
|
||||
r1 = (uint8_t)(id / 10000);
|
||||
r2 = (uint8_t)((id % 10000) / 1000);
|
||||
r3 = (uint8_t)((id % 1000) / 100);
|
||||
r4 = (uint8_t)((id % 100) / 10);
|
||||
r5 = (uint8_t)(id % 10);
|
||||
uint8_t r1 = (uint8_t)(id / 10000);
|
||||
uint8_t r2 = (uint8_t)((id % 10000) / 1000);
|
||||
uint8_t r3 = (uint8_t)((id % 1000) / 100);
|
||||
uint8_t r4 = (uint8_t)((id % 100) / 10);
|
||||
uint8_t r5 = (uint8_t)(id % 10);
|
||||
|
||||
// first part
|
||||
idxC1 = r1;
|
||||
idxC2 = (idxC1 + 1 + r2) % 10;
|
||||
idxC3 = (idxC2 + 1 + r3) % 10;
|
||||
idxC4 = (idxC3 + 1 + r4) % 10;
|
||||
idxC5 = (idxC4 + 1 + r5) % 10;
|
||||
uint8_t idxC1 = r1;
|
||||
uint8_t idxC2 = (idxC1 + 1 + r2) % 10;
|
||||
uint8_t idxC3 = (idxC2 + 1 + r3) % 10;
|
||||
uint8_t idxC4 = (idxC3 + 1 + r4) % 10;
|
||||
uint8_t idxC5 = (idxC4 + 1 + r5) % 10;
|
||||
|
||||
buffer[0] = 0xc0 | (subType & 0x0F);
|
||||
buffer[1] = (customerCode & 0x0FF0) >> 4;
|
||||
|
@ -317,7 +316,7 @@ static void NedapGen(uint8_t subType, uint16_t customerCode, uint32_t id, bool i
|
|||
|
||||
// checksum
|
||||
init_table(CRC_XMODEM);
|
||||
checksum = crc16_xmodem(buffer, 5);
|
||||
uint16_t checksum = crc16_xmodem(buffer, 5);
|
||||
|
||||
buffer[6] = ((checksum & 0x000F) << 4) | (buffer[4] & 0x0F);
|
||||
buffer[5] = (checksum & 0x00F0) | ((buffer[4] & 0xF0) >> 4);
|
||||
|
@ -325,8 +324,9 @@ static void NedapGen(uint8_t subType, uint16_t customerCode, uint32_t id, bool i
|
|||
buffer[3] = ((checksum & 0xF000) >> 8) | ((buffer[3] & 0xF0) >> 4);
|
||||
|
||||
// carry calc
|
||||
for (i = 0, carry = 0; i < sizeof(buffer); i++) {
|
||||
tmp = buffer[sizeof(buffer) - 1 - i];
|
||||
uint8_t carry = 0;
|
||||
for (uint8_t i = 0; i < sizeof(buffer); i++) {
|
||||
uint8_t tmp = buffer[sizeof(buffer) - 1 - i];
|
||||
data[7 - i] = ((tmp & 0x7F) << 1) | carry;
|
||||
carry = (tmp & 0x80) >> 7;
|
||||
}
|
||||
|
@ -335,9 +335,9 @@ static void NedapGen(uint8_t subType, uint16_t customerCode, uint32_t id, bool i
|
|||
|
||||
// second part
|
||||
if (isLong) {
|
||||
id0 = r1;
|
||||
id1 = (r2 << 4) | r3;
|
||||
id2 = (r4 << 4) | r5;
|
||||
uint8_t id0 = r1;
|
||||
uint8_t id1 = (r2 << 4) | r3;
|
||||
uint8_t id2 = (r4 << 4) | r5;
|
||||
|
||||
data[8] = (id2 >> 1);
|
||||
data[9] = ((id2 & 0x01) << 7) | (id1 >> 2);
|
||||
|
|
|
@ -4047,7 +4047,6 @@ static int CmdT55xxSniff(const char *Cmd) {
|
|||
|
||||
int minWidth = 1000;
|
||||
int maxWidth = 0;
|
||||
uint16_t dataLen = 0;
|
||||
data[0] = 0;
|
||||
bool have_data = false;
|
||||
sprintf(modeText, "Default");
|
||||
|
@ -4125,7 +4124,7 @@ static int CmdT55xxSniff(const char *Cmd) {
|
|||
|
||||
// Fixed bit - Default
|
||||
if (have_data == false && (APPROX_EQ(pulseBuffer[0], maxWidth, tolerance))) {
|
||||
dataLen = t55sniff_get_packet(pulseBuffer, data, minWidth, maxWidth, tolerance);
|
||||
uint16_t dataLen = t55sniff_get_packet(pulseBuffer, data, minWidth, maxWidth, tolerance);
|
||||
|
||||
// if ((dataLen == 39) )
|
||||
// printf ("Fixed | Data end of 80 samples | offset : %llu - datalen %-2d - data : %s --- - Bit 0 width : %d\n",idx,dataLen,data,pulseBuffer[0]);
|
||||
|
@ -4209,7 +4208,7 @@ static int CmdT55xxSniff(const char *Cmd) {
|
|||
if (have_data == false && (APPROX_EQ(pulseBuffer[0], minWidth, tolerance))) {
|
||||
// leading 0 (should = 0 width)
|
||||
// 1 of 4 (leads with 00)
|
||||
dataLen = t55sniff_get_packet(pulseBuffer, data, minWidth, maxWidth, tolerance);
|
||||
uint16_t dataLen = t55sniff_get_packet(pulseBuffer, data, minWidth, maxWidth, tolerance);
|
||||
// **** Should check to 0 to be actual 0 as well i.e. 01 .... data ....
|
||||
if ((data[0] == '0') && (data[1] == '1')) {
|
||||
if (dataLen == 73) {
|
||||
|
|
|
@ -389,10 +389,9 @@ int EMVSearchPSE(Iso7816CommandChannel channel, bool ActivateField, bool LeaveFi
|
|||
return 1;
|
||||
}
|
||||
|
||||
bool fileFound = false;
|
||||
|
||||
struct tlvdb *t = tlvdb_parse_multi(data, datalen);
|
||||
if (t) {
|
||||
bool fileFound = false;
|
||||
// PSE/PPSE with SFI
|
||||
struct tlvdb *tsfi = tlvdb_find_path(t, (tlv_tag_t[]) {0x6f, 0xa5, 0x88, 0x00});
|
||||
if (tsfi) {
|
||||
|
@ -473,7 +472,6 @@ int EMVSearch(Iso7816CommandChannel channel, bool ActivateField, bool LeaveField
|
|||
size_t datalen = 0;
|
||||
uint16_t sw = 0;
|
||||
|
||||
int res = 0;
|
||||
int retrycnt = 0;
|
||||
for (int i = 0; i < ARRAYLEN(AIDlist); i ++) {
|
||||
|
||||
|
@ -483,7 +481,7 @@ int EMVSearch(Iso7816CommandChannel channel, bool ActivateField, bool LeaveField
|
|||
}
|
||||
|
||||
param_gethex_to_eol(AIDlist[i].aid, 0, aidbuf, sizeof(aidbuf), &aidlen);
|
||||
res = EMVSelect(channel, (i == 0) ? ActivateField : false, true, aidbuf, aidlen, data, sizeof(data), &datalen, &sw, tlv);
|
||||
int res = EMVSelect(channel, (i == 0) ? ActivateField : false, true, aidbuf, aidlen, data, sizeof(data), &datalen, &sw, tlv);
|
||||
// retry if error and not returned sw error
|
||||
if (res && res != 5) {
|
||||
if (++retrycnt < 3) {
|
||||
|
|
|
@ -329,10 +329,9 @@ static void *bf_thread(void *thread_arg) {
|
|||
memcpy(bytes_to_recover, targ->bytes_to_recover, sizeof(bytes_to_recover));
|
||||
memcpy(keytable, targ->keytable, sizeof(keytable));
|
||||
|
||||
int found;
|
||||
while (!(brute & endmask)) {
|
||||
|
||||
found = __atomic_load_n(&loclass_found, __ATOMIC_SEQ_CST);
|
||||
int found = __atomic_load_n(&loclass_found, __ATOMIC_SEQ_CST);
|
||||
|
||||
if (found != 0xFF) return NULL;
|
||||
|
||||
|
|
|
@ -100,16 +100,13 @@ static void create_tables(struct table *tt) {
|
|||
|
||||
// free the table memory
|
||||
static void free_tables(struct table *tt) {
|
||||
int i;
|
||||
struct table *ttmp;
|
||||
|
||||
if (!tt) {
|
||||
printf("free_tables: t is NULL\n");
|
||||
printf("free_tables: tt is NULL\n");
|
||||
exit(1);
|
||||
}
|
||||
|
||||
for (i = 0; i < 0x10000; i++) {
|
||||
ttmp = tt + i;
|
||||
for (int i = 0; i < 0x10000; i++) {
|
||||
struct table *ttmp = tt + i;
|
||||
free(ttmp->data);
|
||||
}
|
||||
}
|
||||
|
@ -279,10 +276,7 @@ static void jumpnsteps(Hitag_State *hstate, int table) {
|
|||
static void *buildtable(void *dd) {
|
||||
Hitag_State hstate;
|
||||
Hitag_State hstate2;
|
||||
unsigned long i;
|
||||
unsigned long maxentries = 1;
|
||||
uint32_t ks1;
|
||||
uint32_t ks2;
|
||||
int index = (int)(long)dd;
|
||||
int tnum = NUM_BUILD_THREADS;
|
||||
|
||||
|
@ -291,7 +285,7 @@ static void *buildtable(void *dd) {
|
|||
buildlfsr(&hstate);
|
||||
|
||||
/* jump to offset using jump table 2 (2048) */
|
||||
for (i = 0; i < index; i++) {
|
||||
for (unsigned long i = 0; i < index; i++) {
|
||||
jumpnsteps(&hstate, 2);
|
||||
}
|
||||
|
||||
|
@ -309,7 +303,7 @@ static void *buildtable(void *dd) {
|
|||
}
|
||||
|
||||
/* make the entries */
|
||||
for (i = 0; i < maxentries; i++) {
|
||||
for (unsigned long i = 0; i < maxentries; i++) {
|
||||
|
||||
// copy the current state
|
||||
hstate2.shiftreg = hstate.shiftreg;
|
||||
|
@ -317,8 +311,8 @@ static void *buildtable(void *dd) {
|
|||
|
||||
// get 48 bits of keystream from hstate2
|
||||
// this is split into 2 x 24 bit
|
||||
ks1 = hitag2_nstep(&hstate2, 24);
|
||||
ks2 = hitag2_nstep(&hstate2, 24);
|
||||
uint32_t ks1 = hitag2_nstep(&hstate2, 24);
|
||||
uint32_t ks2 = hitag2_nstep(&hstate2, 24);
|
||||
|
||||
write_ks_s(ks1, ks2, hstate.shiftreg);
|
||||
|
||||
|
@ -457,10 +451,6 @@ static void *sorttable(void *dd) {
|
|||
int main(int argc, char *argv[]) {
|
||||
pthread_t threads[NUM_BUILD_THREADS];
|
||||
void *status;
|
||||
long i;
|
||||
int ret;
|
||||
struct table *t1;
|
||||
|
||||
|
||||
// make the table of tables
|
||||
t = (struct table *)malloc(sizeof(struct table) * 65536);
|
||||
|
@ -482,8 +472,8 @@ int main(int argc, char *argv[]) {
|
|||
builddi(2048, 2);
|
||||
|
||||
// start the threads
|
||||
for (i = 0; i < NUM_BUILD_THREADS; i++) {
|
||||
ret = pthread_create(&(threads[i]), NULL, buildtable, (void *)(i));
|
||||
for (long i = 0; i < NUM_BUILD_THREADS; i++) {
|
||||
int ret = pthread_create(&(threads[i]), NULL, buildtable, (void *)(i));
|
||||
if (ret) {
|
||||
printf("cannot start buildtable thread %ld\n", i);
|
||||
exit(1);
|
||||
|
@ -493,8 +483,8 @@ int main(int argc, char *argv[]) {
|
|||
if (debug) printf("main, started buildtable threads\n");
|
||||
|
||||
// wait for threads to finish
|
||||
for (i = 0; i < NUM_BUILD_THREADS; i++) {
|
||||
ret = pthread_join(threads[i], &status);
|
||||
for (long i = 0; i < NUM_BUILD_THREADS; i++) {
|
||||
int ret = pthread_join(threads[i], &status);
|
||||
if (ret) {
|
||||
printf("cannot join buildtable thread %ld\n", i);
|
||||
exit(1);
|
||||
|
@ -503,8 +493,8 @@ int main(int argc, char *argv[]) {
|
|||
}
|
||||
|
||||
// write all remaining files
|
||||
for (i = 0; i < 0x10000; i++) {
|
||||
t1 = t + i;
|
||||
for (long i = 0; i < 0x10000; i++) {
|
||||
struct table *t1 = t + i;
|
||||
if (t1->ptr > t1->data) {
|
||||
writetable(t1);
|
||||
}
|
||||
|
@ -520,8 +510,8 @@ int main(int argc, char *argv[]) {
|
|||
|
||||
|
||||
// start the threads
|
||||
for (i = 0; i < NUM_SORT_THREADS; i++) {
|
||||
ret = pthread_create(&(threads[i]), NULL, sorttable, (void *)(i));
|
||||
for (long i = 0; i < NUM_SORT_THREADS; i++) {
|
||||
int ret = pthread_create(&(threads[i]), NULL, sorttable, (void *)(i));
|
||||
if (ret) {
|
||||
printf("cannot start sorttable thread %ld\n", i);
|
||||
exit(1);
|
||||
|
@ -531,8 +521,8 @@ int main(int argc, char *argv[]) {
|
|||
if (debug) printf("main, started sorttable threads\n");
|
||||
|
||||
// wait for threads to finish
|
||||
for (i = 0; i < NUM_SORT_THREADS; i++) {
|
||||
ret = pthread_join(threads[i], &status);
|
||||
for (long i = 0; i < NUM_SORT_THREADS; i++) {
|
||||
int ret = pthread_join(threads[i], &status);
|
||||
if (ret) {
|
||||
printf("cannot join sorttable thread %ld\n", i);
|
||||
exit(1);
|
||||
|
|
|
@ -124,9 +124,7 @@ static int is_kmiddle_badguess(uint64_t z, struct Tklower *Tk, int max, int aR0)
|
|||
// function to test if a partial key is valid
|
||||
static int testkey(uint64_t *out, uint64_t uid, uint64_t pkey, uint64_t nR, uint64_t aR) {
|
||||
uint64_t kupper;
|
||||
uint64_t key;
|
||||
Hitag_State hstate;
|
||||
uint64_t b;
|
||||
uint32_t revaR;
|
||||
uint32_t normaR;
|
||||
|
||||
|
@ -136,9 +134,9 @@ static int testkey(uint64_t *out, uint64_t uid, uint64_t pkey, uint64_t nR, uint
|
|||
|
||||
// search for remaining 14 bits
|
||||
for (kupper = 0; kupper < 0x3fff; kupper++) {
|
||||
key = (kupper << 34) | pkey;
|
||||
uint64_t key = (kupper << 34) | pkey;
|
||||
hitag2_init(&hstate, key, uid, nR);
|
||||
b = hitag2_nstep(&hstate, 32);
|
||||
uint64_t b = hitag2_nstep(&hstate, 32);
|
||||
if ((normaR ^ b) == 0xffffffff) {
|
||||
*out = key;
|
||||
return 1;
|
||||
|
@ -183,7 +181,6 @@ static void *crack(void *d) {
|
|||
uint64_t klower, kmiddle, klowery;
|
||||
uint64_t y, b, z, bit;
|
||||
uint64_t ytmp;
|
||||
unsigned int count;
|
||||
uint64_t foundkey, revkey;
|
||||
int ret;
|
||||
unsigned int found;
|
||||
|
@ -210,7 +207,7 @@ static void *crack(void *d) {
|
|||
for (klower = data->klowerstart; klower < (data->klowerstart + data->klowerrange); klower++) {
|
||||
printf("trying klower = 0x%05"PRIx64"\n", klower);
|
||||
// build table
|
||||
count = 0;
|
||||
unsigned int count = 0;
|
||||
for (y = 0; y < 0x40000; y++) {
|
||||
// create klowery
|
||||
klowery = (y << 16) | klower;
|
||||
|
|
|
@ -429,9 +429,6 @@ static double score(uint64_t s, unsigned int size, uint64_t ks, unsigned int kss
|
|||
|
||||
/* score_traces runs score for each encrypted nonce */
|
||||
static void score_traces(struct guess *g, unsigned int size) {
|
||||
uint64_t lfsr;
|
||||
unsigned int i;
|
||||
double sc;
|
||||
double total_score = 0.0;
|
||||
|
||||
// don't bother scoring traces that are already losers
|
||||
|
@ -439,12 +436,12 @@ static void score_traces(struct guess *g, unsigned int size) {
|
|||
return;
|
||||
}
|
||||
|
||||
for (i = 0; i < num_nRaR; i++) {
|
||||
for (unsigned int i = 0; i < num_nRaR; i++) {
|
||||
// calc next b
|
||||
// create lfsr - lower 32 bits is uid, upper 16 bits are lower 16 bits of key
|
||||
// then shift by size - 16, insert upper key XOR enc_nonce XOR bitstream,
|
||||
// and calc new bit b
|
||||
lfsr = (uid >> (size - 16)) | ((g->key << (48 - size)) ^
|
||||
uint64_t lfsr = (uid >> (size - 16)) | ((g->key << (48 - size)) ^
|
||||
((nonces[i].enc_nR ^ g->b0to31[i]) << (64 - size)));
|
||||
g->b0to31[i] = g->b0to31[i] | (ht2crypt(lfsr) << (size - 16));
|
||||
|
||||
|
@ -452,7 +449,7 @@ static void score_traces(struct guess *g, unsigned int size) {
|
|||
// bits 16-47 are upper bits of key XOR enc_nonce XOR bitstream
|
||||
lfsr = g->key ^ ((nonces[i].enc_nR ^ g->b0to31[i]) << 16);
|
||||
|
||||
sc = score(lfsr, size, nonces[i].ks, 32);
|
||||
double sc = score(lfsr, size, nonces[i].ks, 32);
|
||||
|
||||
// look out for losers
|
||||
if (sc == 0.0) {
|
||||
|
@ -616,17 +613,13 @@ static void execute_round(unsigned int size) {
|
|||
|
||||
/* crack is the main cracking algo; it executes the rounds */
|
||||
static void crack(void) {
|
||||
unsigned int i;
|
||||
uint64_t revkey;
|
||||
uint64_t foundkey;
|
||||
|
||||
for (i = 16; i <= 48; i++) {
|
||||
for (unsigned int i = 16; i <= 48; i++) {
|
||||
fprintf(stderr, "round %2u, size=%2u\n", i - 16, i);
|
||||
execute_round(i);
|
||||
|
||||
// print some metrics
|
||||
revkey = rev64(guesses[0].key);
|
||||
foundkey = ((revkey >> 40) & 0xff) | ((revkey >> 24) & 0xff00) | ((revkey >> 8) & 0xff0000) | ((revkey << 8) & 0xff000000) | ((revkey << 24) & 0xff00000000) | ((revkey << 40) & 0xff0000000000);
|
||||
uint64_t revkey = rev64(guesses[0].key);
|
||||
uint64_t foundkey = ((revkey >> 40) & 0xff) | ((revkey >> 24) & 0xff00) | ((revkey >> 8) & 0xff0000) | ((revkey << 8) & 0xff000000) | ((revkey << 24) & 0xff00000000) | ((revkey << 40) & 0xff0000000000);
|
||||
fprintf(stderr, " guess=%012" PRIx64 ", num_guesses = %u, top score=%1.10f, min score=%1.10f\n", foundkey, num_guesses, guesses[0].score, guesses[num_guesses - 1].score);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -802,7 +802,7 @@ static void *find_state(void *thread_d) {
|
|||
|
||||
static void try_state(uint64_t s) {
|
||||
Hitag_State hstate;
|
||||
uint64_t keyrev, key, nR1xk;
|
||||
uint64_t keyrev, nR1xk;
|
||||
uint32_t b = 0;
|
||||
|
||||
hstate.shiftreg = s;
|
||||
|
@ -820,7 +820,7 @@ static void try_state(uint64_t s) {
|
|||
hitag2_init(&hstate, keyrev, uid, nR2);
|
||||
if ((aR2 ^ hitag2_nstep(&hstate, 32)) == 0xffffffff) {
|
||||
|
||||
key = rev64(keyrev);
|
||||
uint64_t key = rev64(keyrev);
|
||||
|
||||
printf("Key: ");
|
||||
for (int i = 0; i < 6; i++) {
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue