github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-22 22:33:48 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #666 from bkerler/authtest

Browse source 
Rewrite and fix hf mfdes auth
This commit is contained in:
Iceman 2020-04-11 11:52:09 +02:00 committed by GitHub
commit b387196cf2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 680 additions and 593 deletions
Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file.
This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log... This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...
## [unreleased][unreleased] ## [unreleased][unreleased]
- Port 'hf mfdes' Authentification to CommandNG structure, fix auth session key (@bkerler)
- Updates `hf mfdes` functions, improved logging and added new commands (@bkerler) - Updates `hf mfdes` functions, improved logging and added new commands (@bkerler)
- Updated 'legic.lua' and 'legic_clone.lua' script - works with current command set (@Pizza_4u) - Updated 'legic.lua' and 'legic_clone.lua' script - works with current command set (@Pizza_4u)
- Rewrote `hf mfdes` functions and added apdu debugging (@bkerler) - Rewrote `hf mfdes` functions and added apdu debugging (@bkerler)

4
armsrc/appmain.c
View file

@ -1271,7 +1271,7 @@ static void PacketReceived(PacketCommandNG *packet) {
break; break;
} }
case CMD_HF_DESFIRE_AUTH1: { case CMD_HF_DESFIRE_AUTH1: {
MifareDES_Auth1(packet->oldarg[0], packet->oldarg[1], packet->oldarg[2], packet->data.asBytes); MifareDES_Auth1(packet->data.asBytes);
break; break;
} }
case CMD_HF_DESFIRE_AUTH2: { case CMD_HF_DESFIRE_AUTH2: {
@ -1287,7 +1287,7 @@ static void PacketReceived(PacketCommandNG *packet) {
break; break;
} }
case CMD_HF_DESFIRE_COMMAND: { case CMD_HF_DESFIRE_COMMAND: {
MifareSendCommand(packet->oldarg[0], packet->oldarg[1], packet->data.asBytes); MifareSendCommand(packet->data.asBytes);
break; break;
} }
case CMD_HF_MIFARE_NACK_DETECT: { case CMD_HF_MIFARE_NACK_DETECT: {

100
armsrc/des.c
View file

@ -388,30 +388,6 @@ void tdes_dec(void *out, void *in, const uint8_t *key) {
des_dec(out, out, (uint8_t *)key + 0); des_dec(out, out, (uint8_t *)key + 0);
} }
void tdes_2key_enc(void *out, const void *in, size_t length, const void *key, unsigned char iv[8]) {
if (length % 8) return;
uint8_t i;
uint8_t *tin = (uint8_t *) in;
uint8_t *tout = (uint8_t *) out;
while (length > 0) {
for (i = 0; i < 8; i++)
tout[i] = (unsigned char)(tin[i] ^ iv[i]);
des_enc(tout, tin, (uint8_t *)key + 0);
des_dec(tout, tout, (uint8_t *)key + 8);
des_enc(tout, tout, (uint8_t *)key + 0);
memcpy(iv, tout, 8);
tin += 8;
tout += 8;
length -= 8;
}
}
void tdes_2key_dec(void *out, const void *in, size_t length, const void *key, unsigned char iv[8]) { void tdes_2key_dec(void *out, const void *in, size_t length, const void *key, unsigned char iv[8]) {
if (length % 8) return; if (length % 8) return;
@ -439,6 +415,82 @@ void tdes_2key_dec(void *out, const void *in, size_t length, const void *key, un
} }
} }
void tdes_2key_enc(void *out, const void *in, size_t length, const void *key, unsigned char iv[8]) {
if (length % 8) return;
uint8_t i;
uint8_t *tin = (uint8_t *) in;
uint8_t *tout = (uint8_t *) out;
while (length > 0) {
for (i = 0; i < 8; i++)
tout[i] = (unsigned char)(tin[i] ^ iv[i]);
des_enc(tout, tin, (uint8_t *)key + 0);
des_dec(tout, tout, (uint8_t *)key + 8);
des_enc(tout, tout, (uint8_t *)key + 0);
memcpy(iv, tout, 8);
tin += 8;
tout += 8;
length -= 8;
}
}
void tdes_3key_enc(void *out, const void *in, size_t length, const void *key, unsigned char iv[8]) {
if (length % 8) return;
uint8_t i;
uint8_t *tin = (uint8_t *) in;
uint8_t *tout = (uint8_t *) out;
while (length > 0) {
for (i = 0; i < 8; i++)
tout[i] = (unsigned char)(tin[i] ^ iv[i]);
des_enc(tout, tin, (uint8_t *)key + 0);
des_dec(tout, tout, (uint8_t *)key + 8);
des_enc(tout, tout, (uint8_t *)key + 16);
memcpy(iv, tout, 8);
tin += 8;
tout += 8;
length -= 8;
}
}
void tdes_3key_dec(void *out, const void *in, size_t length, const void *key, unsigned char iv[8]) {
if (length % 8) return;
uint8_t i;
unsigned char temp[8];
uint8_t *tin = (uint8_t *) in;
uint8_t *tout = (uint8_t *) out;
while (length > 0) {
memcpy(temp, tin, 8);
des_dec(tout, tin, (uint8_t *)key + 0);
des_enc(tout, tout, (uint8_t *)key + 8);
des_dec(tout, tout, (uint8_t *)key + 16);
for (i = 0; i < 8; i++)
tout[i] = (unsigned char)(tout[i] ^ iv[i]);
memcpy(iv, temp, 8);
tin += 8;
tout += 8;
length -= 8;
}
}
/******************************************************************************/ /******************************************************************************/

2
armsrc/des.h
View file

@ -104,6 +104,8 @@ void tdes_dec(void *out, void *in, const uint8_t *key);
void tdes_2key_enc(void *out, const void *in, size_t length, const void *key, unsigned char iv[8]); void tdes_2key_enc(void *out, const void *in, size_t length, const void *key, unsigned char iv[8]);
void tdes_2key_dec(void *out, const void *in, size_t length, const void *key, unsigned char iv[8]); void tdes_2key_dec(void *out, const void *in, size_t length, const void *key, unsigned char iv[8]);
void tdes_3key_enc(void *out, const void *in, size_t length, const void *key, unsigned char iv[8]);
void tdes_3key_dec(void *out, const void *in, size_t length, const void *key, unsigned char iv[8]);
// Copied from des.h in desfire imp. // Copied from des.h in desfire imp.
typedef unsigned long DES_KS[16][2]; /* Single-key DES key schedule */ typedef unsigned long DES_KS[16][2]; /* Single-key DES key schedule */

3
armsrc/desfire.h
View file

@ -61,7 +61,8 @@ enum DESFIRE_CRYPTOALGO {
T_DES = 0x00, T_DES = 0x00,
T_3DES = 0x01, T_3DES = 0x01,
T_3K3DES = 0x02, T_3K3DES = 0x02,
T_AES = 0x03 T_AES = 0x03,
T_2K3DES = 0x04
}; };

16
armsrc/desfire_key.c
View file

@ -19,6 +19,7 @@
#include "desfire_key.h" #include "desfire_key.h"
#include "string.h" #include "string.h"
#include "dbprint.h"
static inline void update_key_schedules(desfirekey_t key); static inline void update_key_schedules(desfirekey_t key);
@ -74,6 +75,14 @@ void Desfire_3k3des_key_new(const uint8_t value[24], desfirekey_t key) {
Desfire_3k3des_key_new_with_version(data, key); Desfire_3k3des_key_new_with_version(data, key);
} }
void Desfire_2k3des_key_new_with_version(const uint8_t value[16], desfirekey_t key) {
if (key != NULL) {
key->type = T_2K3DES;
memcpy(key->data, value, 16);
update_key_schedules(key);
}
}
void Desfire_3k3des_key_new_with_version(const uint8_t value[24], desfirekey_t key) { void Desfire_3k3des_key_new_with_version(const uint8_t value[24], desfirekey_t key) {
if (key != NULL) { if (key != NULL) {
key->type = T_3K3DES; key->type = T_3K3DES;
@ -136,6 +145,13 @@ void Desfire_session_key_new(const uint8_t rnda[], const uint8_t rndb[], desfire
memcpy(buffer + 12, rndb + 4, 4); memcpy(buffer + 12, rndb + 4, 4);
Desfire_3des_key_new_with_version(buffer, key); Desfire_3des_key_new_with_version(buffer, key);
break; break;
case T_2K3DES:
memcpy(buffer, rnda, 4);
memcpy(buffer + 4, rndb, 4);
memcpy(buffer + 8, rnda + 4, 4);
memcpy(buffer + 12, rndb + 4, 4);
Desfire_2k3des_key_new_with_version(buffer, key);
break;
case T_3K3DES: case T_3K3DES:
memcpy(buffer, rnda, 4); memcpy(buffer, rnda, 4);
memcpy(buffer + 4, rndb, 4); memcpy(buffer + 4, rndb, 4);

1
armsrc/desfire_key.h
View file

@ -9,6 +9,7 @@ void Desfire_des_key_new_with_version(const uint8_t value[8], desfirekey_t key);
void Desfire_3des_key_new_with_version(const uint8_t value[16], desfirekey_t key); void Desfire_3des_key_new_with_version(const uint8_t value[16], desfirekey_t key);
void Desfire_3k3des_key_new(const uint8_t value[24], desfirekey_t key); void Desfire_3k3des_key_new(const uint8_t value[24], desfirekey_t key);
void Desfire_3k3des_key_new_with_version(const uint8_t value[24], desfirekey_t key); void Desfire_3k3des_key_new_with_version(const uint8_t value[24], desfirekey_t key);
void Desfire_2k3des_key_new_with_version(const uint8_t value[16], desfirekey_t key);
void Desfire_aes_key_new(const uint8_t value[16], desfirekey_t key); void Desfire_aes_key_new(const uint8_t value[16], desfirekey_t key);
void Desfire_aes_key_new_with_version(const uint8_t value[16], uint8_t version, desfirekey_t key); void Desfire_aes_key_new_with_version(const uint8_t value[16], uint8_t version, desfirekey_t key);
uint8_t Desfire_key_get_version(desfirekey_t key); uint8_t Desfire_key_get_version(desfirekey_t key);

647
armsrc/mifaredesfire.c
View file

@ -52,29 +52,38 @@ bool InitDesfireCard() {
return true; return true;
} }
void MifareSendCommand(uint8_t arg0, uint8_t arg1, uint8_t *datain) { typedef struct {
uint8_t len;
uint8_t data[RECEIVE_SIZE];
} cmdres_t;
void MifareSendCommand(uint8_t *datain) {
struct p {
uint8_t flags;
uint8_t datalen;
uint8_t datain[FRAME_PAYLOAD_SIZE];
} PACKED;
struct p *payload = (struct p *) datain;
uint8_t flags = arg0;
size_t datalen = arg1;
uint8_t resp[RECEIVE_SIZE]; uint8_t resp[RECEIVE_SIZE];
memset(resp, 0, sizeof(resp)); memset(resp, 0, sizeof(resp));
if (DBGLEVEL >= DBG_EXTENDED) { if (DBGLEVEL >= DBG_EXTENDED) {
Dbprintf(" flags : %02X", flags); Dbprintf(" flags : %02X", payload->flags);
Dbprintf(" len : %02X", datalen); Dbprintf(" len : %02X", payload->datalen);
print_result(" RX : ", datain, datalen); print_result(" RX : ", payload->datain, payload->datalen);
} }
if (flags & CLEARTRACE) if (payload->flags & CLEARTRACE)
clear_trace(); clear_trace();
if (flags & INIT) { if (payload->flags & INIT) {
if (!InitDesfireCard()) { if (!InitDesfireCard()) {
return; return;
} }
} }
int len = DesfireAPDU(datain, datalen, resp); int len = DesfireAPDU(payload->datain, payload->datalen, resp);
if (DBGLEVEL >= DBG_EXTENDED) if (DBGLEVEL >= DBG_EXTENDED)
print_result("RESP <--: ", resp, len); print_result("RESP <--: ", resp, len);
@ -83,10 +92,18 @@ void MifareSendCommand(uint8_t arg0, uint8_t arg1, uint8_t *datain) {
return; return;
} }
if (flags & DISCONNECT) if (payload->flags & DISCONNECT)
OnSuccess(); OnSuccess();
reply_mix(CMD_ACK, 1, len, 0, resp, len); //reply_mix(CMD_ACK, 1, len, 0, resp, len);
LED_B_ON();
cmdres_t rpayload;
rpayload.len = len;
memcpy(rpayload.data, resp, rpayload.len);
reply_ng(CMD_HF_DESFIRE_COMMAND, PM3_SUCCESS, (uint8_t *)&rpayload, sizeof(rpayload));
LED_B_OFF();
} }
void MifareDesfireGetInformation() { void MifareDesfireGetInformation() {
@ -188,176 +205,323 @@ void MifareDesfireGetInformation() {
OnSuccess(); OnSuccess();
} }
void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain) { typedef struct {
// mode = arg0 uint8_t sessionkeylen;
// algo = arg1 uint8_t sessionkey[24];
// keyno = arg2 } authres_t;
void MifareDES_Auth1(uint8_t *datain) {
int len = 0; int len = 0;
//uint8_t PICC_MASTER_KEY8[8] = { 0x40,0x41,0x42,0x43,0x44,0x45,0x46,0x47}; struct p {
uint8_t PICC_MASTER_KEY16[16] = { 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f }; uint8_t mode;
//uint8_t null_key_data16[16] = {0x00}; uint8_t algo;
//uint8_t new_key_data8[8] = { 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77}; uint8_t keyno;
//uint8_t new_key_data16[16] = { 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,0x99,0xAA,0xBB,0xCC,0xDD,0xEE,0xFF}; uint8_t keylen;
uint8_t key[24];
uint8_t resp[256] = {0x00}; } PACKED;
struct p *payload = (struct p *) datain;
size_t datalen = datain[0];
uint8_t cmd[40] = {0x00};
uint8_t encRndB[16] = {0x00};
uint8_t decRndB[16] = {0x00};
uint8_t both[32] = {0x00};
//InitDesfireCard();
LED_A_ON();
LED_B_OFF();
LED_C_OFF();
// 3 different way to authenticate AUTH (CRC16) , AUTH_ISO (CRC32) , AUTH_AES (CRC32) // 3 different way to authenticate AUTH (CRC16) , AUTH_ISO (CRC32) , AUTH_AES (CRC32)
// 4 different crypto arg1 DES, 3DES, 3K3DES, AES // 4 different crypto arg1 DES, 3DES, 3K3DES, AES
// 3 different communication modes, PLAIN,MAC,CRYPTO // 3 different communication modes, PLAIN,MAC,CRYPTO
// des, key 0, mbedtls_aes_context ctx;
switch (arg0) {
case 1: {
uint8_t keybytes[16];
uint8_t RndA[8] = {0x00};
uint8_t RndB[8] = {0x00};
if (arg1 == 2) { uint8_t keybytes[24];
if (datain[1] == 0xff) { uint8_t resp[256] = {0x00};
uint8_t cmd[40] = {0x00};
// Crypt constants
uint8_t IV[16] = {0x00};
uint8_t RndA[16] = {0x00};
uint8_t RndB[16] = {0x00};
uint8_t encRndB[16] = {0x00};
uint8_t rotRndB[16] = {0x00}; //RndB'
uint8_t both[32] = {0x00}; // ek/dk_keyNo(RndA+RndB')
// Generate Random Value
uint32_t value = prng_successor(GetTickCount(), 32);
num_to_bytes(value, 4, &RndA[0]);
value = prng_successor(GetTickCount(), 32);
num_to_bytes(value, 4, &RndA[4]);
value = prng_successor(GetTickCount(), 32);
num_to_bytes(value, 4, &RndA[8]);
value = prng_successor(GetTickCount(), 32);
num_to_bytes(value, 4, &RndA[12]);
// Default Keys
uint8_t PICC_MASTER_KEY8[8] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
uint8_t PICC_MASTER_KEY16[16] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
uint8_t PICC_MASTER_KEY24[24] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
//uint8_t null_key_data16[16] = {0x00};
//uint8_t new_key_data8[8] = { 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77};
//uint8_t new_key_data16[16] = { 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,0x99,0xAA,0xBB,0xCC,0xDD,0xEE,0xFF};
//InitDesfireCard();
// Part 1
LED_A_ON();
LED_B_OFF();
LED_C_OFF();
if (payload->key == NULL) {
if (payload->algo == MFDES_AUTH_DES) {
memcpy(keybytes, PICC_MASTER_KEY8, 8);
} else if (payload->algo == MFDES_ALGO_AES || payload->algo == MFDES_ALGO_3DES || payload->algo == MFDES_ALGO_2K3DES) {
memcpy(keybytes, PICC_MASTER_KEY16, 16); memcpy(keybytes, PICC_MASTER_KEY16, 16);
} else { } else if (payload->algo == MFDES_ALGO_3DES) {
memcpy(keybytes, datain + 1, datalen); memcpy(keybytes, PICC_MASTER_KEY24, 24);
} }
} else { } else {
if (arg1 == 1) { memcpy(keybytes, payload->key, payload->keylen);
if (datain[1] == 0xff) {
uint8_t null_key_data8[8] = {0x00};
memcpy(keybytes, null_key_data8, 8);
} else {
memcpy(keybytes, datain + 1, datalen);
}
}
} }
struct desfire_key defaultkey = {0}; struct desfire_key defaultkey = {0};
desfirekey_t key = &defaultkey; desfirekey_t key = &defaultkey;
if (arg1 == 2) if (payload->algo == MFDES_ALGO_AES) {
mbedtls_aes_init(&ctx);
Desfire_aes_key_new(keybytes, key);
} else if (payload->algo == MFDES_ALGO_3DES) {
Desfire_3des_key_new_with_version(keybytes, key); Desfire_3des_key_new_with_version(keybytes, key);
else if (arg1 == 1) } else if (payload->algo == MFDES_ALGO_DES) {
Desfire_des_key_new(keybytes, key); Desfire_des_key_new(keybytes, key);
} else if (payload->algo == MFDES_ALGO_2K3DES) {
Desfire_2k3des_key_new_with_version(keybytes, key);
} else if (payload->algo == MFDES_ALGO_3K3DES) {
Desfire_3k3des_key_new_with_version(keybytes, key);
}
uint8_t subcommand = AUTHENTICATE;
if (payload->mode == MFDES_AUTH_AES)
subcommand = AUTHENTICATE_AES;
else if (payload->mode == MFDES_AUTH_ISO)
subcommand = AUTHENTICATE_ISO;
if (payload->mode != MFDES_AUTH_PICC) {
// Let's send our auth command
cmd[0] = 0x90; cmd[0] = 0x90;
cmd[1] = AUTHENTICATE; cmd[1] = subcommand;
cmd[2] = 0x0; cmd[2] = 0x0;
cmd[3] = 0x0; cmd[3] = 0x0;
cmd[4] = 0x1; cmd[4] = 0x1;
cmd[5] = arg2; //keynumber cmd[5] = payload->keyno;
cmd[6] = 0x0; cmd[6] = 0x0;
len = DesfireAPDU(cmd, 7, resp); len = DesfireAPDU(cmd, 7, resp);
} else {
cmd[0] = AUTHENTICATE;
cmd[1] = payload->keyno;
len = DesfireAPDU(cmd, 2, resp);
}
if (!len) { if (!len) {
if (DBGLEVEL >= DBG_ERROR) { if (DBGLEVEL >= DBG_ERROR) {
DbpString("Authentication failed. Card timeout."); DbpString("Authentication failed. Card timeout.");
} }
OnError(3); OnErrorNG(CMD_HF_DESFIRE_AUTH1, 3);
return; return;
} }
if (resp[2] == (uint8_t)0xaf) { if (resp[2] == (uint8_t)0xaf) {
DbpString("Authentication failed. Invalid key number."); DbpString("Authentication failed. Invalid key number.");
OnError(3); OnErrorNG(CMD_HF_DESFIRE_AUTH1, 3);
return; return;
} }
memcpy(encRndB, resp + 1, 8); int expectedlen = 1 + 8 + 2 + 2;
if (arg1 == 2) if (payload->algo == MFDES_ALGO_AES || payload->algo == MFDES_ALGO_3K3DES) {
tdes_dec(&decRndB, &encRndB, key->data); expectedlen = 1 + 16 + 2 + 2;
else if (arg1 == 1)
des_dec(&decRndB, &encRndB, key->data);
memcpy(RndB, decRndB, 8);
rol(decRndB, 8);
// This should be random
uint8_t decRndA[8] = {0x00};
uint32_t value = prng_successor(GetTickCount(), 32);
num_to_bytes(value, 4, &decRndA[0]);
value = prng_successor(GetTickCount(), 32);
num_to_bytes(value, 4, &decRndA[4]);
memcpy(RndA, decRndA, 8);
uint8_t encRndA[8] = {0x00};
if (arg1 == 2)
tdes_dec(&encRndA, &decRndA, key->data);
else if (arg1 == 1)
des_dec(&encRndA, &decRndA, key->data);
memcpy(both, encRndA, 8);
for (int x = 0; x < 8; x++) {
decRndB[x] = decRndB[x] ^ encRndA[x];
} }
if (arg1 == 2) if (len != expectedlen) {
tdes_dec(&encRndB, &decRndB, key->data); if (DBGLEVEL >= DBG_ERROR) {
else if (arg1 == 1) DbpString("Authentication failed. Length of answer doesn't match algo.");
des_dec(&encRndB, &decRndB, key->data); print_result("Res-Buffer: ", resp, len);
}
OnErrorNG(CMD_HF_DESFIRE_AUTH1, 3);
return;
}
// Part 2
if (payload->mode != MFDES_AUTH_PICC) {
memcpy(encRndB, resp + 1, payload->keylen);
} else {
memcpy(encRndB, resp + 2, payload->keylen);
}
// Part 3
if (payload->algo == MFDES_ALGO_AES) {
if (mbedtls_aes_setkey_dec(&ctx, key->data, 128) != 0) {
if (DBGLEVEL >= DBG_EXTENDED) {
DbpString("mbedtls_aes_setkey_dec failed");
}
OnErrorNG(CMD_HF_DESFIRE_AUTH1, 7);
return;
}
mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_DECRYPT, 16, IV, encRndB, RndB);
} else if (payload->algo == MFDES_ALGO_3DES)
tdes_dec(RndB, encRndB, key->data);
else if (payload->algo == MFDES_ALGO_DES)
des_dec(RndB, encRndB, key->data);
else if (payload->algo == MFDES_ALGO_2K3DES)
tdes_2key_dec(RndB, encRndB, 8, key->data, IV);
else if (payload->algo == MFDES_ALGO_3K3DES)
tdes_3key_dec(RndB, encRndB, 16, key->data, IV);
// - Rotate RndB by 8 bits
memcpy(rotRndB, RndB, payload->keylen);
rol(rotRndB, payload->keylen);
uint8_t encRndA[16] = {0x00};
// - Encrypt our response
if (payload->mode == MFDES_AUTH_DES || payload->mode == MFDES_AUTH_ISO || payload->mode == MFDES_AUTH_PICC) {
if (payload->algo == MFDES_ALGO_3DES) {
tdes_dec(encRndA, RndA, key->data);
memcpy(both, encRndA, 8);
} else if (payload->algo == MFDES_ALGO_DES) {
des_dec(encRndA, RndA, key->data);
memcpy(both, encRndA, 8);
} else if (payload->algo == MFDES_ALGO_2K3DES) {
tdes_2key_dec(encRndA, RndA, 8, key->data, IV);
memcpy(both, encRndA, 8);
} else if (payload->algo == MFDES_ALGO_3K3DES) {
tdes_3key_dec(encRndA, RndA, 16, key->data, IV);
memcpy(both, encRndA, 16);
}
for (int x = 0; x < 8; x++) {
rotRndB[x] = rotRndB[x] ^ encRndA[x];
}
if (payload->algo == MFDES_ALGO_3DES) {
tdes_dec(encRndB, rotRndB, key->data);
memcpy(both + 8, encRndB, 8); memcpy(both + 8, encRndB, 8);
} else if (payload->algo == MFDES_ALGO_DES) {
des_dec(encRndB, rotRndB, key->data);
memcpy(both + 8, encRndB, 8);
} else if (payload->algo == MFDES_ALGO_2K3DES) {
tdes_2key_dec(encRndB, rotRndB, 8, key->data, IV);
memcpy(both + 8, encRndB, 8);
} else if (payload->algo == MFDES_ALGO_3K3DES) {
tdes_3key_dec(encRndB, rotRndB, 16, key->data, IV);
memcpy(both + 16, encRndB, 16);
}
} else if (payload->mode == MFDES_AUTH_AES) {
uint8_t tmp[32] = {0x00};
memcpy(tmp, RndA, 16);
memcpy(tmp + 16, rotRndB, 16);
if (payload->algo == MFDES_ALGO_AES) {
if (mbedtls_aes_setkey_enc(&ctx, key->data, 128) != 0) {
if (DBGLEVEL >= DBG_EXTENDED) {
DbpString("mbedtls_aes_setkey_enc failed");
}
OnErrorNG(CMD_HF_DESFIRE_AUTH1, 7);
return;
}
mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_ENCRYPT, 32, IV, tmp, both);
}
}
int bothlen = 16;
if (payload->algo == MFDES_ALGO_AES || payload->algo == MFDES_ALGO_3K3DES) {
bothlen = 32;
}
if (payload->mode != MFDES_AUTH_PICC) {
cmd[0] = 0x90; cmd[0] = 0x90;
cmd[1] = ADDITIONAL_FRAME; cmd[1] = ADDITIONAL_FRAME;
cmd[2] = 0x00; cmd[2] = 0x00;
cmd[3] = 0x00; cmd[3] = 0x00;
cmd[4] = 0x10; cmd[4] = bothlen;
memcpy(cmd + 5, both, 16); memcpy(cmd + 5, both, bothlen);
cmd[16 + 5] = 0x0; cmd[bothlen + 5] = 0x0;
len = DesfireAPDU(cmd, 5 + 16 + 1, resp); len = DesfireAPDU(cmd, 5 + bothlen + 1, resp);
} else {
cmd[0] = ADDITIONAL_FRAME;
memcpy(cmd + 1, both, 16);
len = DesfireAPDU(cmd, 1 + 16, resp);
}
if (!len) { if (!len) {
if (DBGLEVEL >= DBG_ERROR) { if (DBGLEVEL >= DBG_ERROR) {
DbpString("Authentication failed. Card timeout."); DbpString("Authentication failed. Card timeout.");
} }
OnError(3); OnErrorNG(CMD_HF_DESFIRE_AUTH1, 3);
return; return;
} }
if (resp[len - 3] == 0x00) { if (payload->mode != MFDES_AUTH_PICC) {
if ((resp[len - 4] != 0x91) || (resp[len - 3] != 0x00)) {
DbpString("Authentication failed.");
OnErrorNG(CMD_HF_DESFIRE_AUTH1, 6);
return;
}
} else {
if (resp[1] != 0x00) {
DbpString("Authentication failed.");
OnErrorNG(CMD_HF_DESFIRE_AUTH1, 6);
return;
}
}
// Part 4
struct desfire_key sessionKey = {0}; struct desfire_key sessionKey = {0};
desfirekey_t skey = &sessionKey; desfirekey_t skey = &sessionKey;
Desfire_session_key_new(RndA, RndB, key, skey); Desfire_session_key_new(RndA, RndB, key, skey);
//print_result("SESSION : ", skey->data, 8); if (DBGLEVEL >= DBG_EXTENDED)
print_result("SESSIONKEY : ", sessionKey.data, payload->keylen);
memcpy(encRndA, resp + 1, 8); if (payload->mode != MFDES_AUTH_PICC) {
memcpy(encRndA, resp + 1, payload->keylen);
} else {
memcpy(encRndA, resp + 2, payload->keylen);
}
if (arg1 == 2) if (payload->mode == MFDES_AUTH_DES || payload->mode == MFDES_AUTH_PICC) {
tdes_dec(&encRndA, &encRndA, key->data); if (payload->algo == MFDES_ALGO_3DES)
else if (arg1 == 1) tdes_dec(encRndA, encRndA, key->data);
des_dec(&encRndA, &encRndA, key->data); else if (payload->algo == MFDES_ALGO_DES)
des_dec(encRndA, encRndA, key->data);
else if (payload->algo == MFDES_ALGO_2K3DES)
tdes_2key_dec(encRndA, encRndA, 8, key->data, IV);
else if (payload->algo == MFDES_ALGO_3K3DES)
tdes_3key_dec(encRndA, encRndA, 16, key->data, IV);
} else if (payload->mode == MFDES_AUTH_AES) {
if (mbedtls_aes_setkey_dec(&ctx, key->data, 128) != 0) {
if (DBGLEVEL >= DBG_EXTENDED) {
DbpString("mbedtls_aes_setkey_dec failed");
}
OnErrorNG(CMD_HF_DESFIRE_AUTH1, 7);
return;
}
mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_DECRYPT, 16, IV, encRndA, encRndA);
}
rol(decRndA, 8); rol(RndA, payload->keylen);
for (int x = 0; x < 8; x++) { if (DBGLEVEL >= DBG_EXTENDED) {
if (decRndA[x] != encRndA[x]) { print_result("RndA : ", RndA, payload->keylen);
DbpString("Authentication failed. Cannot verify PICC."); print_result("RndB: ", RndB, payload->keylen);
OnError(4); print_result("encRndA : ", encRndA, payload->keylen);
}
for (int x = 0; x < payload->keylen; x++) {
if (RndA[x] != encRndA[x]) {
DbpString("Authentication failed. Cannot verify Session Key.");
OnErrorNG(CMD_HF_DESFIRE_AUTH1, 4);
return; return;
} }
} }
//Change the selected key to a new value. //Change the selected key to a new value.
/* /*
// Current key is a 3DES key, change it to a DES key // Current key is a 3DES key, change it to a DES key
if (arg1 == 2) { if (payload->algo == 2) {
cmd[0] = 0x90; cmd[0] = 0x90;
cmd[1] = CHANGE_KEY; cmd[1] = CHANGE_KEY;
cmd[2] = arg2; cmd[2] = payload->keyno;
uint8_t newKey[16] = {0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77}; uint8_t newKey[16] = {0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77};
@ -397,10 +561,10 @@ void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
} else { } else {
// Current key is a DES key, change it to a 3DES key // Current key is a DES key, change it to a 3DES key
if (arg1 == 1) { if (payload->algo == 1) {
cmd[0] = 0x90; cmd[0] = 0x90;
cmd[1] = CHANGE_KEY; cmd[1] = CHANGE_KEY;
cmd[2] = arg2; cmd[2] = payload->keyno;
uint8_t newKey[16] = {0x40,0x41,0x42,0x43,0x44,0x45,0x46,0x47,0x48,0x49,0x4a,0x4b,0x4c,0x4d,0x4e,0x4f}; uint8_t newKey[16] = {0x40,0x41,0x42,0x43,0x44,0x45,0x46,0x47,0x48,0x49,0x4a,0x4b,0x4c,0x4d,0x4e,0x4f};
@ -441,251 +605,17 @@ void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
} }
*/ */
//OnSuccess();
if (arg1 == 2)
reply_old(CMD_ACK, 1, 0, 0, skey->data, 16);
else if (arg1 == 1)
reply_old(CMD_ACK, 1, 0, 0, skey->data, 8);
} else {
DbpString("Authentication failed.");
OnError(6);
return;
}
}
break;
case 2: {
//SendDesfireCommand(AUTHENTICATE_ISO, &arg2, resp);
uint8_t keybytes[16];
uint8_t RndA[8] = {0x00};
uint8_t RndB[8] = {0x00};
if (arg1 == 2) {
if (datain[1] == 0xff) {
memcpy(keybytes, PICC_MASTER_KEY16, 16);
} else {
memcpy(keybytes, datain + 1, datalen);
}
} else {
if (arg1 == 1) {
if (datain[1] == 0xff) {
uint8_t null_key_data8[8] = {0x00};
memcpy(keybytes, null_key_data8, 8);
} else {
memcpy(keybytes, datain + 1, datalen);
}
}
}
struct desfire_key defaultkey = {0};
desfirekey_t key = &defaultkey;
if (arg1 == 2)
Desfire_3des_key_new_with_version(keybytes, key);
else if (arg1 == 1)
Desfire_des_key_new(keybytes, key);
cmd[0] = AUTHENTICATE;
cmd[1] = arg2; //keynumber
len = DesfireAPDU(cmd, 2, resp);
if (!len) {
if (DBGLEVEL >= DBG_ERROR) {
DbpString("Authentication failed. Card timeout.");
}
OnError(3);
return;
}
if (resp[2] == (uint8_t)0xaf) {
DbpString("Authentication failed. Invalid key number.");
OnError(3);
return;
}
memcpy(encRndB, resp + 2, 8);
if (arg1 == 2)
tdes_dec(&decRndB, &encRndB, key->data);
else if (arg1 == 1)
des_dec(&decRndB, &encRndB, key->data);
memcpy(RndB, decRndB, 8);
rol(decRndB, 8);
// This should be random
uint8_t decRndA[8] = {0x00};
uint32_t value = prng_successor(GetTickCount(), 32);
num_to_bytes(value, 4, &decRndA[0]);
value = prng_successor(GetTickCount(), 32);
num_to_bytes(value, 4, &decRndA[4]);
memcpy(RndA, decRndA, 8);
uint8_t encRndA[8] = {0x00};
if (arg1 == 2)
tdes_dec(&encRndA, &decRndA, key->data);
else if (arg1 == 1)
des_dec(&encRndA, &decRndA, key->data);
memcpy(both, encRndA, 8);
for (int x = 0; x < 8; x++) {
decRndB[x] = decRndB[x] ^ encRndA[x];
}
if (arg1 == 2)
tdes_dec(&encRndB, &decRndB, key->data);
else if (arg1 == 1)
des_dec(&encRndB, &decRndB, key->data);
memcpy(both + 8, encRndB, 8);
cmd[0] = ADDITIONAL_FRAME;
memcpy(cmd + 1, both, 16);
len = DesfireAPDU(cmd, 1 + 16, resp);
if (!len) {
if (DBGLEVEL >= DBG_ERROR) {
DbpString("Authentication failed. Card timeout.");
}
OnError(3);
return;
}
if (resp[1] == 0x00) {
struct desfire_key sessionKey = {0};
desfirekey_t skey = &sessionKey;
Desfire_session_key_new(RndA, RndB, key, skey);
//print_result("SESSION : ", skey->data, 8);
memcpy(encRndA, resp + 2, 8);
if (arg1 == 2)
tdes_dec(&encRndA, &encRndA, key->data);
else if (arg1 == 1)
des_dec(&encRndA, &encRndA, key->data);
rol(decRndA, 8);
for (int x = 0; x < 8; x++) {
if (decRndA[x] != encRndA[x]) {
DbpString("Authentication failed. Cannot verify PICC.");
OnError(4);
return;
}
}
//OnSuccess(); //OnSuccess();
if (arg1 == 2) //reply_old(CMD_ACK, 1, 0, 0, skey->data, payload->keylen);
reply_old(CMD_ACK, 1, 0, 0, skey->data, 16); //reply_mix(CMD_ACK, 1, len, 0, resp, len);
else if (arg1 == 1)
reply_old(CMD_ACK, 1, 0, 0, skey->data, 8);
} else {
DbpString("Authentication failed.");
OnError(6);
return;
}
}
break;
case 3: {
//defaultkey
uint8_t keybytes[16] = {0x00};
if (datain[1] == 0xff) {
memcpy(keybytes, PICC_MASTER_KEY16, 16);
} else {
memcpy(keybytes, datain + 1, datalen);
}
struct desfire_key defaultkey = {0x00}; LED_B_ON();
desfirekey_t key = &defaultkey; authres_t rpayload;
Desfire_aes_key_new(keybytes, key); rpayload.sessionkeylen = payload->keylen;
memcpy(rpayload.sessionkey, sessionKey.data, rpayload.sessionkeylen);
mbedtls_aes_context ctx; reply_ng(CMD_HF_DESFIRE_AUTH1, PM3_SUCCESS, (uint8_t *)&rpayload, sizeof(rpayload));
uint8_t IV[16] = {0x00}; LED_B_OFF();
mbedtls_aes_init(&ctx);
cmd[0] = 0x90;
cmd[1] = AUTHENTICATE_AES;
cmd[2] = 0x0;
cmd[3] = 0x0;
cmd[4] = 0x1;
cmd[5] = arg2; //keynumber
cmd[6] = 0x0;
len = DesfireAPDU(cmd, 7, resp);
if (!len) {
if (DBGLEVEL >= DBG_ERROR) {
DbpString("Authentication failed. Card timeout.");
}
OnError(3);
return;
}
memcpy(encRndB, resp + 1, 16);
// dekryptera tagnonce.
if (mbedtls_aes_setkey_dec(&ctx, key->data, 128) != 0) {
if (DBGLEVEL >= DBG_EXTENDED) {
DbpString("mbedtls_aes_setkey_dec failed");
}
OnError(7);
return;
}
mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_DECRYPT, 16, IV, encRndB, decRndB);
rol(decRndB, 16);
uint8_t nonce[16] = {0x00};
uint32_t val = prng_successor(GetTickCount(), 32);
num_to_bytes(val, 4, &nonce[0]);
val = prng_successor(GetTickCount(), 32);
num_to_bytes(val, 4, &nonce[4]);
val = prng_successor(GetTickCount(), 32);
num_to_bytes(val, 4, &nonce[8]);
val = prng_successor(GetTickCount(), 32);
num_to_bytes(val, 4, &nonce[12]);
memcpy(both, nonce, 16);
memcpy(both + 16, decRndB, 16);
uint8_t encBoth[32] = {0x00};
if (mbedtls_aes_setkey_enc(&ctx, key->data, 128) != 0) {
if (DBGLEVEL >= DBG_EXTENDED) {
DbpString("mbedtls_aes_setkey_enc failed");
}
OnError(7);
return;
}
mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_ENCRYPT, 32, IV, both, encBoth);
cmd[0] = 0x90;
cmd[1] = ADDITIONAL_FRAME;
cmd[2] = 0x00;
cmd[3] = 0x00;
cmd[4] = 0x20;
memcpy(cmd + 5, encBoth, 32);
cmd[32 + 5] = 0x0;
len = DesfireAPDU(cmd, 5 + 32 + 1, resp);
if (!len) {
if (DBGLEVEL >= DBG_ERROR) {
DbpString("Authentication failed. Card timeout.");
}
OnError(3);
return;
}
if ((resp[1 + 16] == 0x91) && (resp[1 + 16 + 1] == 0x00)) {
// Create AES Session key
struct desfire_key sessionKey = {0};
desfirekey_t skey = &sessionKey;
Desfire_session_key_new(nonce, decRndB, key, skey);
print_result("SESSION : ", skey->data, 16);
} else {
DbpString("Authentication failed.");
OnError(7);
return;
}
break;
}
}
//OnSuccess();
reply_mix(CMD_ACK, 1, len, 0, resp, len);
} }
// 3 different ISO ways to send data to a DESFIRE (direct, capsuled, capsuled ISO) // 3 different ISO ways to send data to a DESFIRE (direct, capsuled, capsuled ISO)
@ -770,3 +700,8 @@ void OnError(uint8_t reason) {
reply_mix(CMD_ACK, 0, reason, 0, 0, 0); reply_mix(CMD_ACK, 0, reason, 0, 0, 0);
OnSuccess(); OnSuccess();
} }
void OnErrorNG(uint16_t cmd, uint8_t reason) {
reply_ng(cmd, reason, NULL, 0);
OnSuccess();
}

5
armsrc/mifaredesfire.h
View file

@ -14,13 +14,14 @@
#include "common.h" #include "common.h"
bool InitDesfireCard(); bool InitDesfireCard();
void MifareSendCommand(uint8_t arg0, uint8_t arg1, uint8_t *datain); void MifareSendCommand(uint8_t *datain);
void MifareDesfireGetInformation(); void MifareDesfireGetInformation();
void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain); void MifareDES_Auth1(uint8_t *datain);
void ReaderMifareDES(uint32_t param, uint32_t param2, uint8_t *datain); void ReaderMifareDES(uint32_t param, uint32_t param2, uint8_t *datain);
int DesfireAPDU(uint8_t *cmd, size_t cmd_len, uint8_t *dataout); int DesfireAPDU(uint8_t *cmd, size_t cmd_len, uint8_t *dataout);
size_t CreateAPDU(uint8_t *datain, size_t len, uint8_t *dataout); size_t CreateAPDU(uint8_t *datain, size_t len, uint8_t *dataout);
void OnSuccess(); void OnSuccess();
void OnError(uint8_t reason); void OnError(uint8_t reason);
void OnErrorNG(uint16_t cmd, uint8_t reason);
#endif #endif

208
client/cmdhfmfdes.c
View file

@ -34,6 +34,19 @@ uint8_t key_ones_data[16] = { 0x01 };
uint8_t key_defa_data[16] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }; uint8_t key_defa_data[16] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f };
uint8_t key_picc_data[16] = { 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f }; uint8_t key_picc_data[16] = { 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f };
typedef struct {
uint8_t mode;
uint8_t algo;
uint8_t keyno;
uint8_t keylen;
uint8_t key[24];
} mfdes_authinput_t;
typedef struct mfdes_auth_res {
uint8_t sessionkeylen;
uint8_t sessionkey[24];
} mfdes_auth_res_t;
#define status(x) ( ((uint16_t)(0x91<<8)) + x ) #define status(x) ( ((uint16_t)(0x91<<8)) + x )
typedef enum { typedef enum {
@ -222,7 +235,7 @@ static char *getstatus(uint16_t *sw) {
return "Application count is limited to 28, not addition CreateApplication possible"; return "Application count is limited to 28, not addition CreateApplication possible";
case MFDES_E_DUPLICATE: case MFDES_E_DUPLICATE:
return "Duplicate entry: File/Application does already exist"; return "Duplicate entry: File/Application/ISO Text does already exist";
case MFDES_E_EEPROM: case MFDES_E_EEPROM:
return "Eeprom error due to loss of power, internal backup/rollback mechanism activated"; return "Eeprom error due to loss of power, internal backup/rollback mechanism activated";
@ -297,10 +310,10 @@ static int send_desfire_cmd(sAPDU *apdu, bool select, uint8_t *dest, int *recv_l
PrintAndLogEx(DEBUG, "APDU=NULL"); PrintAndLogEx(DEBUG, "APDU=NULL");
return PM3_EINVARG; return PM3_EINVARG;
} }
if (dest == NULL) { /*if (dest == NULL) {
PrintAndLogEx(DEBUG, "DEST=NULL"); PrintAndLogEx(DEBUG, "DEST=NULL");
return PM3_EINVARG; return PM3_EINVARG;
} }*/
if (sw == NULL) { if (sw == NULL) {
PrintAndLogEx(DEBUG, "SW=NULL"); PrintAndLogEx(DEBUG, "SW=NULL");
return PM3_EINVARG; return PM3_EINVARG;
@ -661,9 +674,9 @@ static int get_desfire_select_application(uint8_t *aid) {
sAPDU apdu = {0x90, MFDES_SELECT_APPLICATION, 0x00, 0x00, 0x03, aid}; //0x5a sAPDU apdu = {0x90, MFDES_SELECT_APPLICATION, 0x00, 0x00, 0x03, aid}; //0x5a
int recv_len = 0; int recv_len = 0;
uint16_t sw = 0; uint16_t sw = 0;
int res = send_desfire_cmd(&apdu, true, NULL, &recv_len, &sw, sizeof(dfname_t), true); int res = send_desfire_cmd(&apdu, true, NONE, &recv_len, &sw, sizeof(dfname_t), true);
if (res != PM3_SUCCESS) { if (res != PM3_SUCCESS) {
PrintAndLogEx(WARNING, _RED_(" Can't select AID 0x%X -> %s"), (aid[0] << 16) + (aid[1] << 8) + aid[2], GetErrorString(res, &sw)); PrintAndLogEx(WARNING, _RED_(" Can't select AID 0x%X -> %s"), (aid[2] << 16) + (aid[1] << 8) + aid[0], GetErrorString(res, &sw));
DropField(); DropField();
return res; return res;
} }
@ -854,26 +867,37 @@ int getKeySettings(uint8_t *aid) {
return PM3_SUCCESS; return PM3_SUCCESS;
} }
static void swap24(uint8_t *data) {
if (data == NULL) return;
uint8_t tmp = data[0];
data[0] = data[2];
data[2] = tmp;
};
static void swap16(uint8_t *data) {
if (data == NULL) return;
uint8_t tmp = data[0];
data[0] = data[1];
data[1] = tmp;
};
static int CmdHF14ADesCreateApp(const char *Cmd) { static int CmdHF14ADesCreateApp(const char *Cmd) {
clearCommandBuffer();
CLIParserInit("hf mfdes createaid", CLIParserInit("hf mfdes createaid",
"Create Application ID", "Create Application ID",
"Usage:\n\t-m Auth type (1=normal, 2=iso, 3=aes)\n\t-t Crypt algo (1=DES, 2=3DES, 3=3K3DES, 4=aes)\n\t-a aid (3 bytes)\n\t-n keyno\n\t-k key (8-24 bytes)\n\n" "Usage:\n\thf mfdes createaid -a 123456 -f 1122 -k 0F -l 2E -n AppName\n"
"Example:\n\thf mfdes createaid -a 123456 -f 1122 -k 0F -l 2E -n AppName\n"
); );
void *argtable[] = { void *argtable[] = {
arg_param_begin, arg_param_begin,
arg_strx0("aA", "aid", "<aid>", "App ID to create"), arg_strx0("aA", "aid", "<aid>", "App ID to create as hex bytes ("),
arg_strx0("fF", "fid", "<fid>", "File ID"), arg_strx0("fF", "fid", "<fid>", "File ID to create"),
arg_strx0("kK", "keysetting1", "<keysetting1>", "Key Setting 1 (Application Master Key Settings)"), arg_strx0("kK", "keysetting1", "<keysetting1>", "Key Setting 1 (Application Master Key Settings)"),
arg_strx0("lL", "keysetting2", "<keysetting2>", "Key Setting 2"), arg_strx0("lL", "keysetting2", "<keysetting2>", "Key Setting 2"),
arg_str0("nN", "name", "<name>", "App ISO-4 Name"), arg_str0("nN", "name", "<name>", "App ISO-4 Name"),
arg_param_end arg_param_end
}; };
CLIExecWithReturn(Cmd, argtable, true); CLIExecWithReturn(Cmd, argtable, false);
/* KeySetting 1 (AMK Setting): /* KeySetting 1 (AMK Setting):
0: Allow change master key 0: Allow change master key
1: Free Directory list access without master key 1: Free Directory list access without master key
@ -913,7 +937,9 @@ static int CmdHF14ADesCreateApp(const char *Cmd) {
int keylen2 = 1; int keylen2 = 1;
int namelen = 16; int namelen = 16;
CLIGetHexWithReturn(1, aid, &aidlength); CLIGetHexWithReturn(1, aid, &aidlength);
swap24(aid);
CLIGetHexWithReturn(2, fid, &fidlength); CLIGetHexWithReturn(2, fid, &fidlength);
swap16(fid);
CLIGetHexWithReturn(3, &keysetting1, &keylen1); CLIGetHexWithReturn(3, &keysetting1, &keylen1);
CLIGetHexWithReturn(4, &keysetting2, &keylen2); CLIGetHexWithReturn(4, &keysetting2, &keylen2);
CLIGetStrWithReturn(5, name, &namelen); CLIGetStrWithReturn(5, name, &namelen);
@ -971,8 +997,6 @@ static int CmdHF14ADesCreateApp(const char *Cmd) {
} }
static int CmdHF14ADesDeleteApp(const char *Cmd) { static int CmdHF14ADesDeleteApp(const char *Cmd) {
clearCommandBuffer();
CLIParserInit("hf mfdes deleteaid", CLIParserInit("hf mfdes deleteaid",
"Delete Application ID", "Delete Application ID",
"Usage:\n\t-a aid (3 bytes)\n\n" "Usage:\n\t-a aid (3 bytes)\n\n"
@ -984,7 +1008,7 @@ static int CmdHF14ADesDeleteApp(const char *Cmd) {
arg_strx0("aA", "aid", "<aid>", "App ID to delete"), arg_strx0("aA", "aid", "<aid>", "App ID to delete"),
arg_param_end arg_param_end
}; };
CLIExecWithReturn(Cmd, argtable, true); CLIExecWithReturn(Cmd, argtable, false);
int aidlength = 3; int aidlength = 3;
uint8_t aid[3] = {0}; uint8_t aid[3] = {0};
CLIGetHexWithReturn(1, aid, &aidlength); CLIGetHexWithReturn(1, aid, &aidlength);
@ -1008,7 +1032,6 @@ static int CmdHF14ADesDeleteApp(const char *Cmd) {
static int CmdHF14ADesFormatPICC(const char *Cmd) { static int CmdHF14ADesFormatPICC(const char *Cmd) {
(void) Cmd; // Cmd is not used so far
CLIParserInit("hf mfdes formatpicc", CLIParserInit("hf mfdes formatpicc",
"Formats MIFARE DESFire PICC to factory state", "Formats MIFARE DESFire PICC to factory state",
"Usage:\n\t-k PICC key (8 bytes)\n\n" "Usage:\n\t-k PICC key (8 bytes)\n\n"
@ -1020,7 +1043,7 @@ static int CmdHF14ADesFormatPICC(const char *Cmd) {
arg_str0("kK", "key", "<Key>", "Key for checking (HEX 16 bytes)"), arg_str0("kK", "key", "<Key>", "Key for checking (HEX 16 bytes)"),
arg_param_end arg_param_end
}; };
CLIExecWithReturn(Cmd, argtable, true); CLIExecWithReturn(Cmd, argtable, false);
uint8_t key[8] = {0}; uint8_t key[8] = {0};
int keylen = 8; int keylen = 8;
@ -1029,36 +1052,51 @@ static int CmdHF14ADesFormatPICC(const char *Cmd) {
if ((keylen < 8) || (keylen > 8)) { if ((keylen < 8) || (keylen > 8)) {
PrintAndLogEx(ERR, "Specified key must have 8 bytes length."); PrintAndLogEx(ERR, "Specified key must have 8 bytes length.");
//SetAPDULogging(false);
return PM3_EINVARG; return PM3_EINVARG;
} }
clearCommandBuffer();
DropField(); DropField();
uint8_t aid[3] = {0}; uint8_t aid[3] = {0};
int res = get_desfire_select_application(aid); int res = get_desfire_select_application(aid);
if (res != PM3_SUCCESS) return res; if (res != PM3_SUCCESS) return res;
uint8_t data[25] = {keylen}; // max length: 1 + 24 (3k3DES)
memcpy(data + 1, key, keylen); mfdes_authinput_t payload;
SendCommandOLD(CMD_HF_DESFIRE_AUTH1, 2, 1, 0, data, keylen + 1); payload.keylen = keylen;
memcpy(payload.key, key, keylen);
payload.mode = MFDES_AUTH_PICC;
payload.algo = MFDES_ALGO_DES;
payload.keyno = 0;
SendCommandNG(CMD_HF_DESFIRE_AUTH1, (uint8_t *)&payload, sizeof(payload));
PacketResponseNG resp; PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 3000)) { if (!WaitForResponseTimeout(CMD_HF_DESFIRE_AUTH1, &resp, 3000)) {
PrintAndLogEx(WARNING, "Client command execute timeout"); PrintAndLogEx(WARNING, "Client command execute timeout");
DropField(); DropField();
return PM3_ETIMEOUT; return PM3_ETIMEOUT;
} }
uint8_t isOK = resp.oldarg[0] & 0xff; uint8_t isOK = (resp.status == PM3_SUCCESS);
if (isOK) { if (isOK) {
uint8_t rdata[] = {0xFC}; // 0xFC struct {
SendCommandMIX(CMD_HF_DESFIRE_COMMAND, NONE, sizeof(rdata), 0, rdata, sizeof(rdata)); uint8_t flags;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 3000)) { uint8_t datalen;
uint8_t datain[FRAME_PAYLOAD_SIZE];
} PACKED payload;
payload.datain[0] = 0xFC;
payload.flags = NONE;
payload.datalen = 1;
SendCommandNG(CMD_HF_DESFIRE_COMMAND, (uint8_t *)&payload, sizeof(payload));
if (!WaitForResponseTimeout(CMD_HF_DESFIRE_COMMAND, &resp, 3000)) {
PrintAndLogEx(WARNING, "Client reset command execute timeout"); PrintAndLogEx(WARNING, "Client reset command execute timeout");
DropField(); DropField();
return PM3_ETIMEOUT; return PM3_ETIMEOUT;
} }
if (resp.oldarg[0] & 0xFF) { if (resp.status == PM3_SUCCESS) {
/*struct r {
uint8_t len;
uint8_t data[RECEIVE_SIZE];
} PACKED;
struct r *rpayload = (struct r *)&resp.data.asBytes;*/
PrintAndLogEx(INFO, "Card successfully reset"); PrintAndLogEx(INFO, "Card successfully reset");
return PM3_SUCCESS; return PM3_SUCCESS;
} }
@ -1072,7 +1110,7 @@ static int CmdHF14ADesFormatPICC(const char *Cmd) {
static int CmdHF14ADesInfo(const char *Cmd) { static int CmdHF14ADesInfo(const char *Cmd) {
(void)Cmd; // Cmd is not used so far (void)Cmd; // Cmd is not used so far
DropField();
SendCommandNG(CMD_HF_DESFIRE_INFO, NULL, 0); SendCommandNG(CMD_HF_DESFIRE_INFO, NULL, 0);
PacketResponseNG resp; PacketResponseNG resp;
@ -1314,13 +1352,22 @@ static int DecodeFileSettings(uint8_t *src, int src_len, int maclen) {
DecodeAccessRights(accrights); DecodeAccessRights(accrights);
PrintAndLogEx(INFO, " Lower limit: %d - Upper limit: %d - limited credit value: %d - limited credit enabled: %d", lowerlimit, upperlimit, limitcredvalue, limited_credit_enabled); PrintAndLogEx(INFO, " Lower limit: %d - Upper limit: %d - limited credit value: %d - limited credit enabled: %d", lowerlimit, upperlimit, limitcredvalue, limited_credit_enabled);
return PM3_SUCCESS; return PM3_SUCCESS;
} else if (src_len == 1 + 1 + 2 + 3 + 3 + 3 + maclen) {
int recordsize = (src[7] << 16) + (src[6] << 8) + src[5];
int maxrecords = (src[10] << 16) + (src[9] << 8) + src[8];
int currentrecord = (src[13] << 16) + (src[12] << 8) + src[11];
DecodeFileType(filetype);
DecodeComSet(comset);
DecodeAccessRights(accrights);
PrintAndLogEx(INFO, " Record size: %d - MaxNumberRecords: %d - Current Number Records: %d", recordsize, maxrecords, currentrecord);
return PM3_SUCCESS;
} }
return PM3_ESOFT; return PM3_ESOFT;
} }
static int CmdHF14ADesEnumApplications(const char *Cmd) { static int CmdHF14ADesEnumApplications(const char *Cmd) {
(void)Cmd; // Cmd is not used so far (void)Cmd; // Cmd is not used so far
DropField();
// uint8_t isOK = 0x00; // uint8_t isOK = 0x00;
uint8_t aid[3] = {0}; uint8_t aid[3] = {0};
uint8_t app_ids[78] = {0}; uint8_t app_ids[78] = {0};
@ -1366,10 +1413,10 @@ static int CmdHF14ADesEnumApplications(const char *Cmd) {
PrintAndLogEx(SUCCESS, "--- " _CYAN_("AMK - Application Master Key settings")); PrintAndLogEx(SUCCESS, "--- " _CYAN_("AMK - Application Master Key settings"));
} }
PrintAndLogEx(SUCCESS, " AID : " _GREEN_("%02X %02X %02X"), aid[0], aid[1], aid[2]); PrintAndLogEx(SUCCESS, " AID : " _GREEN_("%02X%02X%02X"), aid[2], aid[1], aid[0]);
for (int m = 0; m < dfname_count; m++) { for (int m = 0; m < dfname_count; m++) {
if (dfnames[m].aid[0] == aid[0] && dfnames[m].aid[1] == aid[1] && dfnames[m].aid[2] == aid[2]) { if (dfnames[m].aid[0] == aid[0] && dfnames[m].aid[1] == aid[1] && dfnames[m].aid[2] == aid[2]) {
PrintAndLogEx(SUCCESS, " - DF " _YELLOW_("%02X %02X") " Name : " _YELLOW_("%s"), dfnames[m].fid[0], dfnames[m].fid[1], dfnames[m].name); PrintAndLogEx(SUCCESS, " - DF " _YELLOW_("%02X%02X") " Name : " _YELLOW_("%s"), dfnames[m].fid[1], dfnames[m].fid[0], dfnames[m].name);
} }
} }
@ -1431,32 +1478,30 @@ static int CmdHF14ADesEnumApplications(const char *Cmd) {
static int CmdHF14ADesAuth(const char *Cmd) { static int CmdHF14ADesAuth(const char *Cmd) {
int res = 0; int res = 0;
DropField(); DropField();
clearCommandBuffer();
// NR DESC KEYLENGHT // NR DESC KEYLENGHT
// ------------------------ // ------------------------
// 1 = DES 8 // 1 = DES 8
// 2 = 3DES 16 // 2 = 3DES 16
// 3 = 3K 3DES 24 // 3 = 3K 3DES 24
// 4 = AES 16 // 4 = AES 16
//SetAPDULogging(true);
uint8_t keylength = 8; uint8_t keylength = 8;
CLIParserInit("hf mfdes auth", CLIParserInit("hf mfdes auth",
"Authenticates Mifare DESFire using Key", "Authenticates Mifare DESFire using Key",
"Usage:\n\t-m Auth type (1=normal, 2=iso, 3=aes)\n\t-t Crypt algo (1=DES, 2=3DES, 3=3K3DES, 4=aes)\n\t-a aid (3 bytes)\n\t-n keyno\n\t-k key (8-24 bytes)\n\n" "Usage:\n\t-m Auth type (1=normal, 2=iso, 3=aes)\n\t-t Crypt algo (1=DES, 2=3DES, 3=2K3DES, 4=3K3DES, 5=AES)\n\t-a aid (3 bytes)\n\t-n keyno\n\t-k key (8-24 bytes)\n\n"
"Example:\n\thf mfdes auth -m 3 -t 4 -a 018380 -n 0 -k 404142434445464748494a4b4c4d4e4f\n" "Example:\n\thf mfdes auth -m 3 -t 5 -a 838001 -n 0 -k 00000000000000000000000000000000\n"
); );
void *argtable[] = { void *argtable[] = {
arg_param_begin, arg_param_begin,
arg_int0("mM", "type", "Auth type (1=normal, 2=iso, 3=aes)", NULL), arg_int0("mM", "type", "Auth type (1=normal, 2=iso, 3=aes, 4=picc)", NULL),
arg_int0("tT", "algo", "Crypt algo (1=DES, 2=3DES, 3=3K3DES, 4=aes)", NULL), arg_int0("tT", "algo", "Crypt algo (1=DES, 2=3DES, 3=2K3DES, 4=3K3DES, 5=AES)", NULL),
arg_strx0("aA", "aid", "<aid>", "AID used for authentification"), arg_strx0("aA", "aid", "<aid>", "AID used for authentification (HEX 3 bytes)"),
arg_int0("nN", "keyno", "Key number used for authentification", NULL), arg_int0("nN", "keyno", "Key number used for authentification", NULL),
arg_str0("kK", "key", "<Key>", "Key for checking (HEX 16 bytes)"), arg_str0("kK", "key", "<Key>", "Key for checking (HEX 16 bytes)"),
arg_param_end arg_param_end
}; };
CLIExecWithReturn(Cmd, argtable, true); CLIExecWithReturn(Cmd, argtable, false);
uint8_t cmdAuthMode = arg_get_int_def(1, 0); uint8_t cmdAuthMode = arg_get_int_def(1, 0);
uint8_t cmdAuthAlgo = arg_get_int_def(2, 0); uint8_t cmdAuthAlgo = arg_get_int_def(2, 0);
@ -1464,7 +1509,7 @@ static int CmdHF14ADesAuth(const char *Cmd) {
int aidlength = 3; int aidlength = 3;
uint8_t aid[3] = {0}; uint8_t aid[3] = {0};
CLIGetHexWithReturn(3, aid, &aidlength); CLIGetHexWithReturn(3, aid, &aidlength);
swap24(aid);
uint8_t cmdKeyNo = arg_get_int_def(4, 0); uint8_t cmdKeyNo = arg_get_int_def(4, 0);
uint8_t key[24] = {0}; uint8_t key[24] = {0};
@ -1473,61 +1518,65 @@ static int CmdHF14ADesAuth(const char *Cmd) {
CLIParserFree(); CLIParserFree();
if ((keylen < 8) || (keylen > 24)) { if ((keylen < 8) || (keylen > 24)) {
PrintAndLogEx(ERR, "Specified key must have 16 bytes length."); PrintAndLogEx(ERR, "Specified key must have %d bytes length.", keylen);
//SetAPDULogging(false);
return PM3_EINVARG; return PM3_EINVARG;
} }
// AID // AID
if (aidlength != 3) { if (aidlength != 3) {
PrintAndLogEx(WARNING, "aid must include %d HEX symbols", 3); PrintAndLogEx(WARNING, "aid must include %d HEX symbols", 3);
//SetAPDULogging(false);
return PM3_EINVARG; return PM3_EINVARG;
} }
switch (cmdAuthMode) { switch (cmdAuthMode) {
case 1: case MFDES_AUTH_DES:
if (cmdAuthAlgo != 1 && cmdAuthAlgo != 2) { if (cmdAuthAlgo != MFDES_ALGO_DES && cmdAuthAlgo != MFDES_ALGO_3DES) {
PrintAndLogEx(NORMAL, "Crypto algo not valid for the auth mode"); PrintAndLogEx(NORMAL, "Crypto algo not valid for the auth des mode");
//SetAPDULogging(false);
return PM3_EINVARG; return PM3_EINVARG;
} }
break; break;
case 2: case MFDES_AUTH_ISO:
if (cmdAuthAlgo != 1 && cmdAuthAlgo != 2 && cmdAuthAlgo != 3) { if (cmdAuthAlgo != MFDES_ALGO_2K3DES && cmdAuthAlgo != MFDES_ALGO_3K3DES) {
PrintAndLogEx(NORMAL, "Crypto algo not valid for the auth mode"); PrintAndLogEx(NORMAL, "Crypto algo not valid for the auth iso mode");
//SetAPDULogging(false);
return PM3_EINVARG; return PM3_EINVARG;
} }
break; break;
case 3: case MFDES_AUTH_AES:
if (cmdAuthAlgo != 4) { if (cmdAuthAlgo != MFDES_ALGO_AES) {
PrintAndLogEx(NORMAL, "Crypto algo not valid for the auth mode"); PrintAndLogEx(NORMAL, "Crypto algo not valid for the auth aes mode");
//SetAPDULogging(false); return PM3_EINVARG;
}
break;
case MFDES_AUTH_PICC:
if (cmdAuthAlgo != MFDES_AUTH_DES) {
PrintAndLogEx(NORMAL, "Crypto algo not valid for the auth picc mode");
return PM3_EINVARG; return PM3_EINVARG;
} }
break; break;
default: default:
PrintAndLogEx(WARNING, "Wrong Auth mode (%d) -> (1=normal, 2=iso, 3=aes)", cmdAuthMode); PrintAndLogEx(WARNING, "Wrong Auth mode (%d) -> (1=normal, 2=iso, 3=aes)", cmdAuthMode);
//SetAPDULogging(false);
return PM3_EINVARG; return PM3_EINVARG;
} }
switch (cmdAuthAlgo) { switch (cmdAuthAlgo) {
case 2: case MFDES_ALGO_2K3DES:
keylength = 16;
PrintAndLogEx(NORMAL, "2 key 3DES selected");
break;
case MFDES_ALGO_3DES:
keylength = 16; keylength = 16;
PrintAndLogEx(NORMAL, "3DES selected"); PrintAndLogEx(NORMAL, "3DES selected");
break; break;
case 3: case MFDES_ALGO_3K3DES:
keylength = 24; keylength = 24;
PrintAndLogEx(NORMAL, "3 key 3DES selected"); PrintAndLogEx(NORMAL, "3 key 3DES selected");
break; break;
case 4: case MFDES_ALGO_AES:
keylength = 16; keylength = 16;
PrintAndLogEx(NORMAL, "AES selected"); PrintAndLogEx(NORMAL, "AES selected");
break; break;
default: default:
cmdAuthAlgo = 1; cmdAuthAlgo = MFDES_ALGO_DES;
keylength = 8; keylength = 8;
PrintAndLogEx(NORMAL, "DES selected"); PrintAndLogEx(NORMAL, "DES selected");
break; break;
@ -1550,28 +1599,30 @@ static int CmdHF14ADesAuth(const char *Cmd) {
if (res != PM3_SUCCESS) return res; if (res != PM3_SUCCESS) return res;
} }
// algo, keylength, mfdes_authinput_t payload;
uint8_t data[25] = {keylength}; // max length: 1 + 24 (3k3DES) payload.keylen = keylength;
memcpy(data + 1, key, keylength); memcpy(payload.key, key, keylength);
SendCommandOLD(CMD_HF_DESFIRE_AUTH1, cmdAuthMode, cmdAuthAlgo, cmdKeyNo, data, keylength + 1); payload.mode = cmdAuthMode;
payload.algo = cmdAuthAlgo;
payload.keyno = cmdKeyNo;
SendCommandNG(CMD_HF_DESFIRE_AUTH1, (uint8_t *)&payload, sizeof(payload));
PacketResponseNG resp; PacketResponseNG resp;
if (!WaitForResponseTimeout(CMD_ACK, &resp, 3000)) { if (!WaitForResponseTimeout(CMD_HF_DESFIRE_AUTH1, &resp, 3000)) {
PrintAndLogEx(WARNING, "Client command execute timeout"); PrintAndLogEx(WARNING, "Client command execute timeout");
DropField(); DropField();
return PM3_ETIMEOUT; return PM3_ETIMEOUT;
} }
uint8_t isOK = resp.oldarg[0] & 0xff; uint8_t isOK = (resp.status == PM3_SUCCESS);
if (isOK) { if (isOK) {
uint8_t *session_key = resp.data.asBytes; struct mfdes_auth_res *rpayload = (struct mfdes_auth_res *)&resp.data.asBytes;
PrintAndLogEx(SUCCESS, " Key : " _GREEN_("%s"), sprint_hex(key, keylength)); PrintAndLogEx(SUCCESS, " Key : " _GREEN_("%s"), sprint_hex(key, keylength));
PrintAndLogEx(SUCCESS, " SESSION : " _GREEN_("%s"), sprint_hex(session_key, keylength)); PrintAndLogEx(SUCCESS, " SESSION : " _GREEN_("%s"), sprint_hex(rpayload->sessionkey, keylength));
PrintAndLogEx(INFO, "-------------------------------------------------------------"); PrintAndLogEx(INFO, "-------------------------------------------------------------");
//PrintAndLogEx(NORMAL, " Expected :B5 21 9E E8 1A A7 49 9D 21 96 68 7E 13 97 38 56");
} else { } else {
PrintAndLogEx(WARNING, _RED_("Client command failed.")); PrintAndLogEx(WARNING, _RED_("Auth command failed, reason: %d."), resp.status);
} }
PrintAndLogEx(INFO, "-------------------------------------------------------------"); PrintAndLogEx(INFO, "-------------------------------------------------------------");
return PM3_SUCCESS; return PM3_SUCCESS;
@ -1593,6 +1644,18 @@ static command_t CommandTable[] = {
{"formatpicc", CmdHF14ADesFormatPICC, IfPm3Iso14443a, "Format PICC"}, {"formatpicc", CmdHF14ADesFormatPICC, IfPm3Iso14443a, "Format PICC"},
// {"rdbl", CmdHF14ADesRb, IfPm3Iso14443a, "Read MIFARE DesFire block"}, // {"rdbl", CmdHF14ADesRb, IfPm3Iso14443a, "Read MIFARE DesFire block"},
// {"wrbl", CmdHF14ADesWb, IfPm3Iso14443a, "write MIFARE DesFire block"}, // {"wrbl", CmdHF14ADesWb, IfPm3Iso14443a, "write MIFARE DesFire block"},
/*
ISO/IEC 7816 Cmds
'A4' Select
'B0' Read Binary
'D6' Update Binary
'B2' Read Records
'E2' Append Records
'84' Get Challenge
'88' Internal Authenticate
'82' External Authenticate
*/
{NULL, NULL, NULL, NULL} {NULL, NULL, NULL, NULL}
}; };
@ -1603,7 +1666,6 @@ static int CmdHelp(const char *Cmd) {
} }
int CmdHFMFDes(const char *Cmd) { int CmdHFMFDes(const char *Cmd) {
// flush
clearCommandBuffer(); clearCommandBuffer();
return CmdsParse(CommandTable, Cmd); return CmdsParse(CommandTable, Cmd);
} }

16
include/mifare.h
View file

@ -80,6 +80,22 @@ typedef enum DESFIRE_COMMAND {
BAR = 0x10, BAR = 0x10,
} desfire_command_t; } desfire_command_t;
typedef enum {
MFDES_AUTH_DES = 1,
MFDES_AUTH_ISO = 2,
MFDES_AUTH_AES = 3,
MFDES_AUTH_PICC = 4
} mifare_des_authmode_t;
typedef enum {
MFDES_ALGO_DES = 1,
MFDES_ALGO_3DES = 2,
MFDES_ALGO_2K3DES = 3,
MFDES_ALGO_3K3DES = 4,
MFDES_ALGO_AES = 5
} mifare_des_authalgo_t;
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
// ISO 14443B // ISO 14443B
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------