github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-21 22:03:42 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

rework desfire declarations

Browse source
This commit is contained in:
Philippe Teuwen 2021-08-22 13:56:35 +02:00
commit b63dcb707e
8 changed files with 125 additions and 252 deletions
Download patch file Download diff file Expand all files Collapse all files

173
armsrc/desfire.h
View file

@ -1,173 +0,0 @@
#ifndef __DESFIRE_H
#define __DESFIRE_H
#include "common.h"
#include "mifare.h"
#define MAX_CRYPTO_BLOCK_SIZE 16
/* Mifare DESFire EV1 Application crypto operations */
#define APPLICATION_CRYPTO_DES 0x00
#define APPLICATION_CRYPTO_3K3DES 0x40
#define APPLICATION_CRYPTO_AES 0x80
#define MAC_LENGTH 4
#define CMAC_LENGTH 8
typedef enum {
MCD_SEND,
MCD_RECEIVE
} MifareCryptoDirection;
typedef enum {
MCO_ENCYPHER,
MCO_DECYPHER
} MifareCryptoOperation;
#define MDCM_MASK 0x000F
#define CMAC_NONE 0
// Data send to the PICC is used to update the CMAC
#define CMAC_COMMAND 0x010
// Data received from the PICC is used to update the CMAC
#define CMAC_VERIFY 0x020
// MAC the command (when MDCM_MACED)
#define MAC_COMMAND 0x100
// The command returns a MAC to verify (when MDCM_MACED)
#define MAC_VERIFY 0x200
#define ENC_COMMAND 0x1000
#define NO_CRC 0x2000
#define MAC_MASK 0x0F0
#define CMAC_MACK 0xF00
/* Communication mode */
#define MDCM_PLAIN 0x00
#define MDCM_MACED 0x01
#define MDCM_ENCIPHERED 0x03
/* Error code managed by the library */
#define CRYPTO_ERROR 0x01
enum DESFIRE_AUTH_SCHEME {
AS_LEGACY,
AS_NEW
};
enum DESFIRE_CRYPTOALGO {
T_DES = 0x00,
T_3DES = 0x01,
T_3K3DES = 0x02,
T_AES = 0x03,
T_2K3DES = 0x04
};
#define DESFIRE_KEY(key) ((struct desfire_key *) key)
struct desfire_key {
enum DESFIRE_CRYPTOALGO type;
uint8_t data[24];
uint8_t cmac_sk1[24];
uint8_t cmac_sk2[24];
uint8_t aes_version;
};
typedef struct desfire_key *desfirekey_t;
#define DESFIRE(tag) ((struct desfire_tag *) tag)
struct desfire_tag {
iso14a_card_select_t info;
int active;
uint8_t last_picc_error;
uint8_t last_internal_error;
uint8_t last_pcd_error;
desfirekey_t session_key;
enum DESFIRE_AUTH_SCHEME authentication_scheme;
uint8_t authenticated_key_no;
uint8_t ivect[MAX_CRYPTO_BLOCK_SIZE];
uint8_t cmac[16];
uint8_t *crypto_buffer;
size_t crypto_buffer_size;
uint32_t selected_application;
};
typedef struct desfire_tag *desfiretag_t;
/* File types */
enum DESFIRE_FILE_TYPES {
MDFT_STANDARD_DATA_FILE = 0x00,
MDFT_BACKUP_DATA_FILE = 0x01,
MDFT_VALUE_FILE_WITH_BACKUP = 0x02,
MDFT_LINEAR_RECORD_FILE_WITH_BACKUP = 0x03,
MDFT_CYCLIC_RECORD_FILE_WITH_BACKUP = 0x04
};
enum DESFIRE_STATUS {
OPERATION_OK = 0x00,
NO_CHANGES = 0x0c,
OUT_OF_EEPROM_ERROR = 0x0e,
ILLEGAL_COMMAND_CODE = 0x1c,
INTEGRITY_ERROR = 0x1e,
NO_SUCH_KEY = 0x40,
LENGTH_ERROR = 0x7e,
PERMISSION_DENIED = 0x9d,
PARAMETER_ERROR = 0x9e,
APPLICATION_NOT_FOUND = 0xa0,
APPL_INTEGRITY_ERROR = 0xa1,
AUTHENTICATION_ERROR = 0xae,
ADDITIONAL_FRAME = 0xaf,
BOUNDARY_ERROR = 0xbe,
PICC_INTEGRITY_ERROR = 0xc1,
COMMAND_ABORTED = 0xca,
PICC_DISABLED_ERROR = 0xcd,
COUNT_ERROR = 0xce,
DUPLICATE_ERROR = 0xde,
EEPROM_ERROR = 0xee,
FILE_NOT_FOUND = 0xf0,
FILE_INTEGRITY_ERROR = 0xf1
};
enum DESFIRE_CMD {
CREATE_APPLICATION = 0xca,
DELETE_APPLICATION = 0xda,
GET_APPLICATION_IDS = 0x6a,
SELECT_APPLICATION = 0x5a,
FORMAT_PICC = 0xfc,
GET_VERSION = 0x60,
READ_DATA = 0xbd,
WRITE_DATA = 0x3d,
GET_VALUE = 0x6c,
CREDIT = 0x0c,
DEBIT = 0xdc,
LIMITED_CREDIT = 0x1c,
WRITE_RECORD = 0x3b,
READ_RECORDS = 0xbb,
CLEAR_RECORD_FILE = 0xeb,
COMMIT_TRANSACTION = 0xc7,
ABORT_TRANSACTION = 0xa7,
GET_FREE_MEMORY = 0x6e,
GET_FILE_IDS = 0x6f,
GET_FILE_SETTINGS = 0xf5,
GET_DF_NAMES = 0x6d,
CHANGE_FILE_SETTINGS = 0x5f,
CREATE_STD_DATA_FILE = 0xcd,
CREATE_BACKUP_DATA_FILE = 0xcb,
CREATE_VALUE_FILE = 0xcc,
CREATE_LINEAR_RECORD_FILE = 0xc1,
CREATE_CYCLIC_RECORD_FILE = 0xc0,
DELETE_FILE = 0xdf,
AUTHENTICATE = 0x0a, // AUTHENTICATE_NATIVE
AUTHENTICATE_ISO = 0x1a, // AUTHENTICATE_STANDARD
AUTHENTICATE_AES = 0xaa,
CHANGE_KEY_SETTINGS = 0x54,
GET_KEY_SETTINGS = 0x45,
CHANGE_KEY = 0xc4,
GET_KEY_VERSION = 0x64,
AUTHENTICATION_FRAME = 0xAF
};
#endif

16
armsrc/desfire_crypto.c
View file

@ -342,15 +342,15 @@ size_t key_block_size(const desfirekey_t key) {
* Size of MACing produced with the key. * Size of MACing produced with the key.
*/ */
static size_t key_macing_length(const desfirekey_t key) { static size_t key_macing_length(const desfirekey_t key) {
size_t mac_length = MAC_LENGTH; size_t mac_length = DESFIRE_MAC_LENGTH;
switch (key->type) { switch (key->type) {
case T_DES: case T_DES:
case T_3DES: case T_3DES:
mac_length = MAC_LENGTH; mac_length = DESFIRE_MAC_LENGTH;
break; break;
case T_3K3DES: case T_3K3DES:
case T_AES: case T_AES:
mac_length = CMAC_LENGTH; mac_length = DESFIRE_CMAC_LENGTH;
break; break;
} }
return mac_length; return mac_length;
@ -461,8 +461,8 @@ void *mifare_cryto_preprocess_data(desfiretag_t tag, void *data, size_t *nbytes,
size_t len = maced_data_length(key, *nbytes); size_t len = maced_data_length(key, *nbytes);
(void)++len; (void)++len;
memcpy(res, data, *nbytes); memcpy(res, data, *nbytes);
memcpy(res + *nbytes, DESFIRE(tag)->cmac, CMAC_LENGTH); memcpy(res + *nbytes, DESFIRE(tag)->cmac, DESFIRE_CMAC_LENGTH);
*nbytes += CMAC_LENGTH; *nbytes += DESFIRE_CMAC_LENGTH;
} }
break; break;
} }
@ -746,14 +746,14 @@ void *mifare_cryto_postprocess_data(desfiretag_t tag, void *data, size_t *nbytes
void mifare_cypher_single_block(desfirekey_t key, uint8_t *data, uint8_t *ivect, MifareCryptoDirection direction, MifareCryptoOperation operation, size_t block_size) { void mifare_cypher_single_block(desfirekey_t key, uint8_t *data, uint8_t *ivect, MifareCryptoDirection direction, MifareCryptoOperation operation, size_t block_size) {
uint8_t ovect[MAX_CRYPTO_BLOCK_SIZE]; uint8_t ovect[DESFIRE_MAX_CRYPTO_BLOCK_SIZE];
if (direction == MCD_SEND) { if (direction == MCD_SEND) {
xor(ivect, data, block_size); xor(ivect, data, block_size);
} else { } else {
memcpy(ovect, data, block_size); memcpy(ovect, data, block_size);
} }
uint8_t edata[MAX_CRYPTO_BLOCK_SIZE]; uint8_t edata[DESFIRE_MAX_CRYPTO_BLOCK_SIZE];
switch (key->type) { switch (key->type) {
case T_DES: case T_DES:
@ -855,7 +855,7 @@ void mifare_cypher_blocks_chained(desfiretag_t tag, desfirekey_t key, uint8_t *i
switch (DESFIRE(tag)->authentication_scheme) { switch (DESFIRE(tag)->authentication_scheme) {
case AS_LEGACY: case AS_LEGACY:
memset(ivect, 0, MAX_CRYPTO_BLOCK_SIZE); memset(ivect, 0, DESFIRE_MAX_CRYPTO_BLOCK_SIZE);
break; break;
case AS_NEW: case AS_NEW:
break; break;

106
armsrc/desfire_crypto.h
View file

@ -3,21 +3,14 @@
#include "common.h" #include "common.h"
#include "mifare.h" #include "mifare.h"
#include "desfire.h"
#include "mbedtls/aes.h" #include "mbedtls/aes.h"
#include "mbedtls/des.h" #include "mbedtls/des.h"
//#include "../../armsrc/printf.h"
//#include "../../armsrc/desfire.h"
//#include "../../armsrc/iso14443a.h"
#define MAX_CRYPTO_BLOCK_SIZE 16
/* Mifare DESFire EV1 Application crypto operations */ /* Mifare DESFire EV1 Application crypto operations */
#define APPLICATION_CRYPTO_DES 0x00 //#define APPLICATION_CRYPTO_DES 0x00
#define APPLICATION_CRYPTO_3K3DES 0x40 //#define APPLICATION_CRYPTO_3K3DES 0x40
#define APPLICATION_CRYPTO_AES 0x80 //#define APPLICATION_CRYPTO_AES 0x80
#define MAC_LENGTH 4
#define CMAC_LENGTH 8
typedef enum { typedef enum {
MCD_SEND, MCD_SEND,
@ -57,21 +50,88 @@ typedef enum {
/* Error code managed by the library */ /* Error code managed by the library */
#define CRYPTO_ERROR 0x01 #define CRYPTO_ERROR 0x01
enum DESFIRE_CRYPTOALGO { typedef enum {
T_DES = 0x00,
T_3DES = 0x01, //aka 2K3DES
T_3K3DES = 0x02,
T_AES = 0x03
};
enum DESFIRE_AUTH_SCHEME {
AS_LEGACY, AS_LEGACY,
AS_NEW AS_NEW
}; } DesfireAuthScheme;
/*
typedef enum {
MDFT_STANDARD_DATA_FILE = 0x00,
MDFT_BACKUP_DATA_FILE = 0x01,
MDFT_VALUE_FILE_WITH_BACKUP = 0x02,
MDFT_LINEAR_RECORD_FILE_WITH_BACKUP = 0x03,
MDFT_CYCLIC_RECORD_FILE_WITH_BACKUP = 0x04
} DesfireFileType;
typedef enum {
OPERATION_OK = 0x00,
NO_CHANGES = 0x0c,
OUT_OF_EEPROM_ERROR = 0x0e,
ILLEGAL_COMMAND_CODE = 0x1c,
INTEGRITY_ERROR = 0x1e,
NO_SUCH_KEY = 0x40,
LENGTH_ERROR = 0x7e,
PERMISSION_DENIED = 0x9d,
PARAMETER_ERROR = 0x9e,
APPLICATION_NOT_FOUND = 0xa0,
APPL_INTEGRITY_ERROR = 0xa1,
AUTHENTICATION_ERROR = 0xae,
ADDITIONAL_FRAME = 0xaf,
BOUNDARY_ERROR = 0xbe,
PICC_INTEGRITY_ERROR = 0xc1,
COMMAND_ABORTED = 0xca,
PICC_DISABLED_ERROR = 0xcd,
COUNT_ERROR = 0xce,
DUPLICATE_ERROR = 0xde,
EEPROM_ERROR = 0xee,
FILE_NOT_FOUND = 0xf0,
FILE_INTEGRITY_ERROR = 0xf1
} DesfireStatus;
typedef enum {
CREATE_APPLICATION = 0xca,
DELETE_APPLICATION = 0xda,
GET_APPLICATION_IDS = 0x6a,
SELECT_APPLICATION = 0x5a,
FORMAT_PICC = 0xfc,
GET_VERSION = 0x60,
READ_DATA = 0xbd,
WRITE_DATA = 0x3d,
GET_VALUE = 0x6c,
CREDIT = 0x0c,
DEBIT = 0xdc,
LIMITED_CREDIT = 0x1c,
WRITE_RECORD = 0x3b,
READ_RECORDS = 0xbb,
CLEAR_RECORD_FILE = 0xeb,
COMMIT_TRANSACTION = 0xc7,
ABORT_TRANSACTION = 0xa7,
GET_FREE_MEMORY = 0x6e,
GET_FILE_IDS = 0x6f,
GET_FILE_SETTINGS = 0xf5,
GET_DF_NAMES = 0x6d,
CHANGE_FILE_SETTINGS = 0x5f,
CREATE_STD_DATA_FILE = 0xcd,
CREATE_BACKUP_DATA_FILE = 0xcb,
CREATE_VALUE_FILE = 0xcc,
CREATE_LINEAR_RECORD_FILE = 0xc1,
CREATE_CYCLIC_RECORD_FILE = 0xc0,
DELETE_FILE = 0xdf,
AUTHENTICATE = 0x0a, // AUTHENTICATE_NATIVE
AUTHENTICATE_ISO = 0x1a, // AUTHENTICATE_STANDARD
AUTHENTICATE_AES = 0xaa,
CHANGE_KEY_SETTINGS = 0x54,
GET_KEY_SETTINGS = 0x45,
CHANGE_KEY = 0xc4,
GET_KEY_VERSION = 0x64,
AUTHENTICATION_FRAME = 0xAF
} DesfireCmd;
*/
#define DESFIRE_KEY(key) ((struct desfire_key *) key) #define DESFIRE_KEY(key) ((struct desfire_key *) key)
struct desfire_key { struct desfire_key {
enum DESFIRE_CRYPTOALGO type; DesfireCryptoAlgorithm type;
uint8_t data[24]; uint8_t data[24];
uint8_t cmac_sk1[24]; uint8_t cmac_sk1[24];
uint8_t cmac_sk2[24]; uint8_t cmac_sk2[24];
@ -87,10 +147,10 @@ struct desfire_tag {
uint8_t last_internal_error; uint8_t last_internal_error;
uint8_t last_pcd_error; uint8_t last_pcd_error;
desfirekey_t session_key; desfirekey_t session_key;
enum DESFIRE_AUTH_SCHEME authentication_scheme; DesfireAuthScheme authentication_scheme;
uint8_t authenticated_key_no; uint8_t authenticated_key_no;
uint8_t ivect[MAX_CRYPTO_BLOCK_SIZE]; uint8_t ivect[DESFIRE_MAX_CRYPTO_BLOCK_SIZE];
uint8_t cmac[16]; uint8_t cmac[16];
uint8_t *crypto_buffer; uint8_t *crypto_buffer;
size_t crypto_buffer_size; size_t crypto_buffer_size;

2
client/src/cmdhfmfdes.c
View file

@ -370,7 +370,7 @@ static void swap24(uint8_t *data) {
// default parameters // default parameters
static uint8_t defaultKeyNum = 0; static uint8_t defaultKeyNum = 0;
static enum DESFIRE_CRYPTOALGO defaultAlgoId = T_DES; static DesfireCryptoAlgorithm defaultAlgoId = T_DES;
static uint8_t defaultKey[DESFIRE_MAX_KEY_SIZE] = {0}; static uint8_t defaultKey[DESFIRE_MAX_KEY_SIZE] = {0};
static int defaultKdfAlgo = MFDES_KDF_ALGO_NONE; static int defaultKdfAlgo = MFDES_KDF_ALGO_NONE;
static int defaultKdfInputLen = 0; static int defaultKdfInputLen = 0;

14
client/src/mifare/desfirecore.c
View file

@ -350,7 +350,7 @@ void DesfireAIDUintToByte(uint32_t aid, uint8_t *data) {
data[2] = (aid >> 16) & 0xff; data[2] = (aid >> 16) & 0xff;
} }
static uint8_t DesfireKeyToISOKey(DesfireCryptoAlgorythm keytype) { static uint8_t DesfireKeyToISOKey(DesfireCryptoAlgorithm keytype) {
switch (keytype) { switch (keytype) {
case T_DES: case T_DES:
return 0x02; return 0x02;
@ -364,7 +364,7 @@ static uint8_t DesfireKeyToISOKey(DesfireCryptoAlgorythm keytype) {
return 0x00; return 0x00;
} }
static uint8_t DesfireGetRndLenForKey(DesfireCryptoAlgorythm keytype) { static uint8_t DesfireGetRndLenForKey(DesfireCryptoAlgorithm keytype) {
switch (keytype) { switch (keytype) {
case T_DES: case T_DES:
return 0x08; return 0x08;
@ -1592,7 +1592,7 @@ static bool DesfireCheckAuthCmd(uint32_t appAID, uint8_t keyNum, uint8_t authcmd
return (res == PM3_SUCCESS && respcode == 0xaf); return (res == PM3_SUCCESS && respcode == 0xaf);
} }
static bool DesfireCheckISOAuthCmd(uint32_t appAID, char *dfname, uint8_t keyNum, DesfireCryptoAlgorythm keytype) { static bool DesfireCheckISOAuthCmd(uint32_t appAID, char *dfname, uint8_t keyNum, DesfireCryptoAlgorithm keytype) {
DesfireContext_t dctx = {0}; DesfireContext_t dctx = {0};
dctx.keyNum = keyNum; dctx.keyNum = keyNum;
@ -2683,7 +2683,7 @@ void DesfirePrintCreateFileSettings(uint8_t filetype, uint8_t *data, size_t len)
xlen += reclen; xlen += reclen;
} }
int DesfireChangeKey(DesfireContext_t *dctx, bool change_master_key, uint8_t newkeynum, DesfireCryptoAlgorythm newkeytype, uint32_t newkeyver, uint8_t *newkey, DesfireCryptoAlgorythm oldkeytype, uint8_t *oldkey, bool verbose) { int DesfireChangeKey(DesfireContext_t *dctx, bool change_master_key, uint8_t newkeynum, DesfireCryptoAlgorithm newkeytype, uint32_t newkeyver, uint8_t *newkey, DesfireCryptoAlgorithm oldkeytype, uint8_t *oldkey, bool verbose) {
uint8_t okeybuf[DESFIRE_MAX_KEY_SIZE] = {0}; uint8_t okeybuf[DESFIRE_MAX_KEY_SIZE] = {0};
uint8_t nkeybuf[DESFIRE_MAX_KEY_SIZE] = {0}; uint8_t nkeybuf[DESFIRE_MAX_KEY_SIZE] = {0};
@ -2829,7 +2829,7 @@ int DesfireISOSelectDF(DesfireContext_t *dctx, char *dfname, uint8_t *resp, size
return DesfireISOSelect(dctx, ISSDFName, (uint8_t *)dfname, strnlen(dfname, 16), resp, resplen); return DesfireISOSelect(dctx, ISSDFName, (uint8_t *)dfname, strnlen(dfname, 16), resp, resplen);
} }
int DesfireISOGetChallenge(DesfireContext_t *dctx, DesfireCryptoAlgorythm keytype, uint8_t *resp, size_t *resplen) { int DesfireISOGetChallenge(DesfireContext_t *dctx, DesfireCryptoAlgorithm keytype, uint8_t *resp, size_t *resplen) {
uint16_t sw = 0; uint16_t sw = 0;
int res = DesfireExchangeISO(false, dctx, (sAPDU_t) {0x00, ISO7816_GET_CHALLENGE, 0x00, 0x00, 0x00, NULL}, DesfireGetRndLenForKey(keytype), resp, resplen, &sw); int res = DesfireExchangeISO(false, dctx, (sAPDU_t) {0x00, ISO7816_GET_CHALLENGE, 0x00, 0x00, 0x00, NULL}, DesfireGetRndLenForKey(keytype), resp, resplen, &sw);
if (res == PM3_SUCCESS && sw != 0x9000) if (res == PM3_SUCCESS && sw != 0x9000)
@ -2838,7 +2838,7 @@ int DesfireISOGetChallenge(DesfireContext_t *dctx, DesfireCryptoAlgorythm keytyp
return res; return res;
} }
int DesfireISOExternalAuth(DesfireContext_t *dctx, bool app_level, uint8_t keynum, DesfireCryptoAlgorythm keytype, uint8_t *data) { int DesfireISOExternalAuth(DesfireContext_t *dctx, bool app_level, uint8_t keynum, DesfireCryptoAlgorithm keytype, uint8_t *data) {
uint8_t p1 = DesfireKeyToISOKey(keytype); uint8_t p1 = DesfireKeyToISOKey(keytype);
uint8_t p2 = ((app_level) ? 0x80 : 0x00) | keynum; uint8_t p2 = ((app_level) ? 0x80 : 0x00) | keynum;
@ -2853,7 +2853,7 @@ int DesfireISOExternalAuth(DesfireContext_t *dctx, bool app_level, uint8_t keynu
return res; return res;
} }
int DesfireISOInternalAuth(DesfireContext_t *dctx, bool app_level, uint8_t keynum, DesfireCryptoAlgorythm keytype, uint8_t *data, uint8_t *resp, size_t *resplen) { int DesfireISOInternalAuth(DesfireContext_t *dctx, bool app_level, uint8_t keynum, DesfireCryptoAlgorithm keytype, uint8_t *data, uint8_t *resp, size_t *resplen) {
uint8_t keylen = DesfireGetRndLenForKey(keytype); uint8_t keylen = DesfireGetRndLenForKey(keytype);
uint8_t p1 = DesfireKeyToISOKey(keytype); uint8_t p1 = DesfireKeyToISOKey(keytype);
uint8_t p2 = ((app_level) ? 0x80 : 0x00) | keynum; uint8_t p2 = ((app_level) ? 0x80 : 0x00) | keynum;

10
client/src/mifare/desfirecore.h
View file

@ -110,7 +110,7 @@ typedef struct {
uint8_t numKeysRaw; uint8_t numKeysRaw;
bool isoFileIDEnabled; // from numKeysRaw bool isoFileIDEnabled; // from numKeysRaw
uint8_t numberOfKeys; // from numKeysRaw uint8_t numberOfKeys; // from numKeysRaw
DesfireCryptoAlgorythm keyType; // from numKeysRaw DesfireCryptoAlgorithm keyType; // from numKeysRaw
uint8_t keyVersions[16]; uint8_t keyVersions[16];
@ -205,7 +205,7 @@ int DesfireChangeKeySettings(DesfireContext_t *dctx, uint8_t *data, size_t len);
void PrintKeySettings(uint8_t keysettings, uint8_t numkeys, bool applevel, bool print2ndbyte); void PrintKeySettings(uint8_t keysettings, uint8_t numkeys, bool applevel, bool print2ndbyte);
int DesfireChangeKeyCmd(DesfireContext_t *dctx, uint8_t *data, size_t datalen, uint8_t *resp, size_t *resplen); int DesfireChangeKeyCmd(DesfireContext_t *dctx, uint8_t *data, size_t datalen, uint8_t *resp, size_t *resplen);
int DesfireChangeKey(DesfireContext_t *dctx, bool change_master_key, uint8_t newkeynum, DesfireCryptoAlgorythm newkeytype, uint32_t newkeyver, uint8_t *newkey, DesfireCryptoAlgorythm oldkeytype, uint8_t *oldkey, bool verbose); int DesfireChangeKey(DesfireContext_t *dctx, bool change_master_key, uint8_t newkeynum, DesfireCryptoAlgorithm newkeytype, uint32_t newkeyver, uint8_t *newkey, DesfireCryptoAlgorithm oldkeytype, uint8_t *oldkey, bool verbose);
int DesfireSetConfigurationCmd(DesfireContext_t *dctx, uint8_t *data, size_t len, uint8_t *resp, size_t *resplen); int DesfireSetConfigurationCmd(DesfireContext_t *dctx, uint8_t *data, size_t len, uint8_t *resp, size_t *resplen);
int DesfireSetConfiguration(DesfireContext_t *dctx, uint8_t paramid, uint8_t *param, size_t paramlen); int DesfireSetConfiguration(DesfireContext_t *dctx, uint8_t paramid, uint8_t *param, size_t paramlen);
@ -253,9 +253,9 @@ int DesfireISOSelectDF(DesfireContext_t *dctx, char *dfname, uint8_t *resp, size
int DesfireISOSelect(DesfireContext_t *dctx, DesfireISOSelectControl cntr, uint8_t *data, uint8_t datalen, uint8_t *resp, size_t *resplen); int DesfireISOSelect(DesfireContext_t *dctx, DesfireISOSelectControl cntr, uint8_t *data, uint8_t datalen, uint8_t *resp, size_t *resplen);
int DesfireISOSelectFile(DesfireContext_t *dctx, char *appdfname, uint16_t appid, uint16_t fileid); int DesfireISOSelectFile(DesfireContext_t *dctx, char *appdfname, uint16_t appid, uint16_t fileid);
int DesfireISOSelectEx(DesfireContext_t *dctx, bool fieldon, DesfireISOSelectControl cntr, uint8_t *data, uint8_t datalen, uint8_t *resp, size_t *resplen); int DesfireISOSelectEx(DesfireContext_t *dctx, bool fieldon, DesfireISOSelectControl cntr, uint8_t *data, uint8_t datalen, uint8_t *resp, size_t *resplen);
int DesfireISOGetChallenge(DesfireContext_t *dctx, DesfireCryptoAlgorythm keytype, uint8_t *resp, size_t *resplen); int DesfireISOGetChallenge(DesfireContext_t *dctx, DesfireCryptoAlgorithm keytype, uint8_t *resp, size_t *resplen);
int DesfireISOExternalAuth(DesfireContext_t *dctx, bool app_level, uint8_t keynum, DesfireCryptoAlgorythm keytype, uint8_t *data); int DesfireISOExternalAuth(DesfireContext_t *dctx, bool app_level, uint8_t keynum, DesfireCryptoAlgorithm keytype, uint8_t *data);
int DesfireISOInternalAuth(DesfireContext_t *dctx, bool app_level, uint8_t keynum, DesfireCryptoAlgorythm keytype, uint8_t *data, uint8_t *resp, size_t *resplen); int DesfireISOInternalAuth(DesfireContext_t *dctx, bool app_level, uint8_t keynum, DesfireCryptoAlgorithm keytype, uint8_t *data, uint8_t *resp, size_t *resplen);
int DesfireISOReadBinary(DesfireContext_t *dctx, bool use_file_id, uint8_t fileid, uint16_t offset, uint8_t length, uint8_t *resp, size_t *resplen); int DesfireISOReadBinary(DesfireContext_t *dctx, bool use_file_id, uint8_t fileid, uint16_t offset, uint8_t length, uint8_t *resp, size_t *resplen);
int DesfireISOUpdateBinary(DesfireContext_t *dctx, bool use_file_id, uint8_t fileid, uint16_t offset, uint8_t *data, size_t datalen); int DesfireISOUpdateBinary(DesfireContext_t *dctx, bool use_file_id, uint8_t fileid, uint16_t offset, uint8_t *data, size_t datalen);

22
client/src/mifare/desfirecrypto.c
View file

@ -72,12 +72,12 @@ void DesfireClearIV(DesfireContext_t *ctx) {
memset(ctx->IV, 0, sizeof(ctx->IV)); memset(ctx->IV, 0, sizeof(ctx->IV));
} }
void DesfireSetKey(DesfireContext_t *ctx, uint8_t keyNum, enum DESFIRE_CRYPTOALGO keyType, uint8_t *key) { void DesfireSetKey(DesfireContext_t *ctx, uint8_t keyNum, DesfireCryptoAlgorithm keyType, uint8_t *key) {
DesfireClearContext(ctx); DesfireClearContext(ctx);
DesfireSetKeyNoClear(ctx, keyNum, keyType, key); DesfireSetKeyNoClear(ctx, keyNum, keyType, key);
} }
void DesfireSetKeyNoClear(DesfireContext_t *ctx, uint8_t keyNum, enum DESFIRE_CRYPTOALGO keyType, uint8_t *key) { void DesfireSetKeyNoClear(DesfireContext_t *ctx, uint8_t keyNum, DesfireCryptoAlgorithm keyType, uint8_t *key) {
ctx->keyNum = keyNum; ctx->keyNum = keyNum;
ctx->keyType = keyType; ctx->keyType = keyType;
memcpy(ctx->key, key, desfire_get_key_length(keyType)); memcpy(ctx->key, key, desfire_get_key_length(keyType));
@ -175,15 +175,15 @@ uint8_t *DesfireGetKey(DesfireContext_t *ctx, DesfireCryptoOpKeyType key_type) {
} }
static void DesfireCryptoEncDecSingleBlock(uint8_t *key, DesfireCryptoAlgorythm keyType, uint8_t *data, uint8_t *dstdata, uint8_t *ivect, bool dir_to_send, bool encode) { static void DesfireCryptoEncDecSingleBlock(uint8_t *key, DesfireCryptoAlgorithm keyType, uint8_t *data, uint8_t *dstdata, uint8_t *ivect, bool dir_to_send, bool encode) {
size_t block_size = desfire_get_key_block_length(keyType); size_t block_size = desfire_get_key_block_length(keyType);
uint8_t sdata[MAX_CRYPTO_BLOCK_SIZE] = {0}; uint8_t sdata[DESFIRE_MAX_CRYPTO_BLOCK_SIZE] = {0};
memcpy(sdata, data, block_size); memcpy(sdata, data, block_size);
if (dir_to_send) { if (dir_to_send) {
bin_xor(sdata, ivect, block_size); bin_xor(sdata, ivect, block_size);
} }
uint8_t edata[MAX_CRYPTO_BLOCK_SIZE] = {0}; uint8_t edata[DESFIRE_MAX_CRYPTO_BLOCK_SIZE] = {0};
switch (keyType) { switch (keyType) {
case T_DES: case T_DES:
@ -414,7 +414,7 @@ void MifareKdfAn10922(DesfireContext_t *ctx, DesfireCryptoOpKeyType key_type, co
} }
} }
void DesfireDESKeySetVersion(uint8_t *key, DesfireCryptoAlgorythm keytype, uint8_t version) { void DesfireDESKeySetVersion(uint8_t *key, DesfireCryptoAlgorithm keytype, uint8_t version) {
if (keytype == T_AES) if (keytype == T_AES)
return; return;
@ -447,7 +447,7 @@ uint8_t DesfireDESKeyGetVersion(uint8_t *key) {
return version; return version;
} }
DesfireCryptoAlgorythm DesfireKeyTypeToAlgo(uint8_t keyType) { DesfireCryptoAlgorithm DesfireKeyTypeToAlgo(uint8_t keyType) {
switch (keyType) { switch (keyType) {
case 00: case 00:
return T_3DES; return T_3DES;
@ -460,7 +460,7 @@ DesfireCryptoAlgorythm DesfireKeyTypeToAlgo(uint8_t keyType) {
} }
} }
uint8_t DesfireKeyAlgoToType(DesfireCryptoAlgorythm keyType) { uint8_t DesfireKeyAlgoToType(DesfireCryptoAlgorithm keyType) {
switch (keyType) { switch (keyType) {
case T_DES: case T_DES:
return 0x00; return 0x00;
@ -530,7 +530,7 @@ uint8_t DesfireCommModeToFileCommMode(DesfireCommunicationMode comm_mode) {
return fmode; return fmode;
} }
void DesfireGenSessionKeyEV1(const uint8_t rnda[], const uint8_t rndb[], DesfireCryptoAlgorythm keytype, uint8_t *key) { void DesfireGenSessionKeyEV1(const uint8_t rnda[], const uint8_t rndb[], DesfireCryptoAlgorithm keytype, uint8_t *key) {
switch (keytype) { switch (keytype) {
case T_DES: case T_DES:
memcpy(key, rnda, 4); memcpy(key, rnda, 4);
@ -724,7 +724,7 @@ int DesfireLRPCalcCMAC(DesfireContext_t *ctx, uint8_t cmd, uint8_t *data, size_t
return 0; return 0;
} }
int desfire_get_key_length(DesfireCryptoAlgorythm key_type) { int desfire_get_key_length(DesfireCryptoAlgorithm key_type) {
switch (key_type) { switch (key_type) {
case T_DES: case T_DES:
return 8; return 8;
@ -738,7 +738,7 @@ int desfire_get_key_length(DesfireCryptoAlgorythm key_type) {
return 0; return 0;
} }
size_t desfire_get_key_block_length(DesfireCryptoAlgorythm key_type) { size_t desfire_get_key_block_length(DesfireCryptoAlgorithm key_type) {
size_t block_size = 8; size_t block_size = 8;
switch (key_type) { switch (key_type) {
case T_DES: case T_DES:

34
client/src/mifare/desfirecrypto.h
View file

@ -22,26 +22,12 @@
#define __DESFIRECRYPTO_H #define __DESFIRECRYPTO_H
#include "common.h" #include "common.h"
#include "desfire.h"
#include "crypto/libpcrypto.h" #include "crypto/libpcrypto.h"
#include "mifare/lrpcrypto.h" #include "mifare/lrpcrypto.h"
#define MAX_CRYPTO_BLOCK_SIZE 16
#define DESFIRE_MAX_CRYPTO_BLOCK_SIZE 16
#define DESFIRE_MAX_KEY_SIZE 24
#define DESFIRE_MAC_LENGTH 4
#define DESFIRE_CMAC_LENGTH 8
#define DESFIRE_GET_ISO_STATUS(x) ( ((uint16_t)(0x91<<8)) + (uint16_t)x ) #define DESFIRE_GET_ISO_STATUS(x) ( ((uint16_t)(0x91<<8)) + (uint16_t)x )
enum DESFIRE_CRYPTOALGO {
T_DES = 0x00,
T_3DES = 0x01, //aka 2K3DES
T_3K3DES = 0x02,
T_AES = 0x03,
};
typedef enum DESFIRE_CRYPTOALGO DesfireCryptoAlgorythm;
typedef enum { typedef enum {
DACNone, DACNone,
DACd40, DACd40,
@ -74,7 +60,7 @@ typedef enum {
typedef struct { typedef struct {
uint8_t keyNum; uint8_t keyNum;
DesfireCryptoAlgorythm keyType; // des/2tdea/3tdea/aes DesfireCryptoAlgorithm keyType; // des/2tdea/3tdea/aes
uint8_t key[DESFIRE_MAX_KEY_SIZE]; uint8_t key[DESFIRE_MAX_KEY_SIZE];
uint8_t masterKey[DESFIRE_MAX_KEY_SIZE]; // source for kdf uint8_t masterKey[DESFIRE_MAX_KEY_SIZE]; // source for kdf
@ -107,8 +93,8 @@ typedef struct {
void DesfireClearContext(DesfireContext_t *ctx); void DesfireClearContext(DesfireContext_t *ctx);
void DesfireClearSession(DesfireContext_t *ctx); void DesfireClearSession(DesfireContext_t *ctx);
void DesfireClearIV(DesfireContext_t *ctx); void DesfireClearIV(DesfireContext_t *ctx);
void DesfireSetKey(DesfireContext_t *ctx, uint8_t keyNum, enum DESFIRE_CRYPTOALGO keyType, uint8_t *key); void DesfireSetKey(DesfireContext_t *ctx, uint8_t keyNum, DesfireCryptoAlgorithm keyType, uint8_t *key);
void DesfireSetKeyNoClear(DesfireContext_t *ctx, uint8_t keyNum, enum DESFIRE_CRYPTOALGO keyType, uint8_t *key); void DesfireSetKeyNoClear(DesfireContext_t *ctx, uint8_t keyNum, DesfireCryptoAlgorithm keyType, uint8_t *key);
void DesfireSetCommandSet(DesfireContext_t *ctx, DesfireCommandSet cmdSet); void DesfireSetCommandSet(DesfireContext_t *ctx, DesfireCommandSet cmdSet);
void DesfireSetCommMode(DesfireContext_t *ctx, DesfireCommunicationMode commMode); void DesfireSetCommMode(DesfireContext_t *ctx, DesfireCommunicationMode commMode);
void DesfireSetKdf(DesfireContext_t *ctx, uint8_t kdfAlgo, uint8_t *kdfInput, uint8_t kdfInputLen); void DesfireSetKdf(DesfireContext_t *ctx, uint8_t kdfAlgo, uint8_t *kdfInput, uint8_t kdfInputLen);
@ -127,17 +113,17 @@ void MifareKdfAn10922(DesfireContext_t *ctx, DesfireCryptoOpKeyType key_type, co
void DesfireGenSessionKeyLRP(uint8_t *key, uint8_t *rndA, uint8_t *rndB, bool enckey, uint8_t *sessionkey); void DesfireGenSessionKeyLRP(uint8_t *key, uint8_t *rndA, uint8_t *rndB, bool enckey, uint8_t *sessionkey);
void DesfireDESKeySetVersion(uint8_t *key, DesfireCryptoAlgorythm keytype, uint8_t version); void DesfireDESKeySetVersion(uint8_t *key, DesfireCryptoAlgorithm keytype, uint8_t version);
uint8_t DesfireDESKeyGetVersion(uint8_t *key); uint8_t DesfireDESKeyGetVersion(uint8_t *key);
DesfireCryptoAlgorythm DesfireKeyTypeToAlgo(uint8_t keyType); DesfireCryptoAlgorithm DesfireKeyTypeToAlgo(uint8_t keyType);
uint8_t DesfireKeyAlgoToType(DesfireCryptoAlgorythm keyType); uint8_t DesfireKeyAlgoToType(DesfireCryptoAlgorithm keyType);
void DesfirePrintCardKeyType(uint8_t keyType); void DesfirePrintCardKeyType(uint8_t keyType);
DesfireCommunicationMode DesfireFileCommModeToCommMode(uint8_t file_comm_mode); DesfireCommunicationMode DesfireFileCommModeToCommMode(uint8_t file_comm_mode);
uint8_t DesfireCommModeToFileCommMode(DesfireCommunicationMode comm_mode); uint8_t DesfireCommModeToFileCommMode(DesfireCommunicationMode comm_mode);
void DesfireGenSessionKeyEV1(const uint8_t rnda[], const uint8_t rndb[], DesfireCryptoAlgorythm keytype, uint8_t *key); void DesfireGenSessionKeyEV1(const uint8_t rnda[], const uint8_t rndb[], DesfireCryptoAlgorithm keytype, uint8_t *key);
void DesfireGenSessionKeyEV2(uint8_t *key, uint8_t *rndA, uint8_t *rndB, bool enckey, uint8_t *sessionkey); void DesfireGenSessionKeyEV2(uint8_t *key, uint8_t *rndA, uint8_t *rndB, bool enckey, uint8_t *sessionkey);
void DesfireEV2FillIV(DesfireContext_t *ctx, bool ivforcommand, uint8_t *iv); void DesfireEV2FillIV(DesfireContext_t *ctx, bool ivforcommand, uint8_t *iv);
int DesfireEV2CalcCMAC(DesfireContext_t *ctx, uint8_t cmd, uint8_t *data, size_t datalen, uint8_t *mac); int DesfireEV2CalcCMAC(DesfireContext_t *ctx, uint8_t cmd, uint8_t *data, size_t datalen, uint8_t *mac);
@ -148,8 +134,8 @@ void DesfireDecodePrevReaderID(DesfireContext_t *ctx, uint8_t *key, uint32_t trC
int DesfireLRPCalcCMAC(DesfireContext_t *ctx, uint8_t cmd, uint8_t *data, size_t datalen, uint8_t *mac); int DesfireLRPCalcCMAC(DesfireContext_t *ctx, uint8_t cmd, uint8_t *data, size_t datalen, uint8_t *mac);
int desfire_get_key_length(DesfireCryptoAlgorythm key_type); int desfire_get_key_length(DesfireCryptoAlgorithm key_type);
size_t desfire_get_key_block_length(DesfireCryptoAlgorythm key_type); size_t desfire_get_key_block_length(DesfireCryptoAlgorithm key_type);
size_t padded_data_length(const size_t nbytes, const size_t block_size); size_t padded_data_length(const size_t nbytes, const size_t block_size);
void desfire_crc32(const uint8_t *data, const size_t len, uint8_t *crc); void desfire_crc32(const uint8_t *data, const size_t len, uint8_t *crc);