diff --git a/client/src/mifare/desfirecrypto.c b/client/src/mifare/desfirecrypto.c index c43a856cb..dd9bbaec6 100644 --- a/client/src/mifare/desfirecrypto.c +++ b/client/src/mifare/desfirecrypto.c @@ -344,38 +344,34 @@ void MifareKdfAn10922(DesfireContext *ctx, const uint8_t *data, size_t len) { return; } - // AES uses 16 byte IV - if (kbs < CRYPTO_AES_BLOCK_SIZE) - kbs = CRYPTO_AES_BLOCK_SIZE; - int kbs2 = kbs * 2; - - uint8_t sk1[DESFIRE_MAX_CRYPTO_BLOCK_SIZE] = {0}; - uint8_t sk2[DESFIRE_MAX_CRYPTO_BLOCK_SIZE] = {0}; - DesfireCMACGenerateSubkeys(ctx, DCOMainKey, sk1, sk2); - - // reserv atleast 32bytes. + uint8_t cmac[DESFIRE_MAX_CRYPTO_BLOCK_SIZE] = {0}; uint8_t buffer[DESFIRE_MAX_CRYPTO_BLOCK_SIZE * 2] = {0}; - buffer[0] = 0x01; - memcpy(&buffer[1], data, len++); + if (ctx->keyType == T_AES) { + // AES uses 16 byte IV + if (kbs < CRYPTO_AES_BLOCK_SIZE) + kbs = CRYPTO_AES_BLOCK_SIZE; - uint8_t cmac[DESFIRE_MAX_CRYPTO_BLOCK_SIZE] = {0}; - DesfireCryptoCMACEx(ctx, buffer, len, kbs2, cmac); - memcpy(ctx->key, cmac, kbs); + buffer[0] = 0x01; + memcpy(&buffer[1], data, len++); - /*if (len != (kbs2)) { - buffer[len++] = 0x80; - while (len % kbs2) { - buffer[len++] = 0x00; - } - bin_xor(buffer + kbs, sk2, kbs); - } else { - bin_xor(buffer + kbs, sk1, kbs); + DesfireCryptoCMACEx(ctx, buffer, len, kbs * 2, cmac); + memcpy(ctx->key, cmac, kbs); + } else if (ctx->keyType == T_3DES) { + buffer[0] = 0x21; + memcpy(&buffer[1], data, len); + + DesfireClearIV(ctx); + DesfireCryptoCMACEx(ctx, buffer, len + 1, kbs * 2, cmac); + + buffer[0] = 0x22; + memcpy(&buffer[1], data, len); + + DesfireClearIV(ctx); + DesfireCryptoCMACEx(ctx, buffer, len + 1, kbs * 2, &cmac[kbs]); + + memcpy(ctx->key, cmac, kbs * 2); } - - aes_encode(NULL, ctx->key, buffer, buffer, kbs2); - - memcpy(ctx->key, buffer + kbs, kbs);*/ } void DesfireDESKeySetVersion(uint8_t *key, DesfireCryptoAlgorythm keytype, uint8_t version) { diff --git a/client/src/mifare/desfiretest.c b/client/src/mifare/desfiretest.c index 7e049bf8b..a74f8682f 100644 --- a/client/src/mifare/desfiretest.c +++ b/client/src/mifare/desfiretest.c @@ -154,6 +154,29 @@ static bool TestAn10922KDFAES(void) { return res; } +static bool TestAn10922KDF2TDEA(void) { + bool res = true; + + uint8_t key[] = {0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF}; + + DesfireContext dctx; + DesfireSetKey(&dctx, 0, T_3DES, key); + memcpy(dctx.sessionKeyMAC, key, sizeof(key)); + + uint8_t kdfInput[] = {0x04, 0x78, 0x2E, 0x21, 0x80, 0x1D, 0x80, 0x30, 0x42, 0xF5, 0x4E, 0x58, 0x50, 0x20, 0x41}; + MifareKdfAn10922(&dctx, kdfInput, sizeof(kdfInput)); + + uint8_t dkey[] = {0x16, 0xF8, 0x59, 0x7C, 0x9E, 0x89, 0x10, 0xC8, 0x6B, 0x96, 0x48, 0xD0, 0x06, 0x10, 0x7D, 0xD7}; + res = res && (memcmp(dctx.key, dkey, sizeof(dkey)) == 0); + + if (res) + PrintAndLogEx(INFO, "2TDEA An10922..... " _GREEN_("passed")); + else + PrintAndLogEx(ERR, "2TDEA An10922..... " _RED_("fail")); + + return res; +} + // https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/TDES_CMAC.pdf static bool TestCMAC3TDEA(void) { bool res = true; @@ -414,6 +437,7 @@ bool DesfireTest(bool verbose) { res = res && TestCRC32(); res = res && TestCMACSubkeys(); res = res && TestAn10922KDFAES(); + res = res && TestAn10922KDF2TDEA(); res = res && TestCMAC3TDEA(); res = res && TestCMAC2TDEA(); res = res && TestCMACDES();