From e78c563e454bd9877a8559b2f7f13930cc51f051 Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Wed, 4 Aug 2021 20:01:11 +0300 Subject: [PATCH] encode with padding sketch --- client/src/cmdhfmfdes.c | 2 -- client/src/mifare/desfirecore.c | 11 ++++++----- client/src/mifare/desfirecrypto.c | 1 + client/src/mifare/desfirecrypto.h | 1 + client/src/mifare/desfiresecurechan.c | 13 +++++++++++-- 5 files changed, 19 insertions(+), 9 deletions(-) diff --git a/client/src/cmdhfmfdes.c b/client/src/cmdhfmfdes.c index 0dd003987..ee0f3e190 100644 --- a/client/src/cmdhfmfdes.c +++ b/client/src/cmdhfmfdes.c @@ -2628,14 +2628,12 @@ static int CmdHF14ADesSetConfiguration(const char *Cmd) { return res; } - DesfireSetCommMode(&dctx, DCMEncryptedPlain); res = DesfireSetConfiguration(&dctx, paramid, param, paramlen); if (res == PM3_SUCCESS) { PrintAndLogEx(SUCCESS, "Set configuration 0x%02x " _GREEN_("ok") " ", paramid); } else { PrintAndLogEx(FAILED, "Set configuration 0x%02x " _RED_("failed") " ", paramid); } - DesfireSetCommMode(&dctx, DCMEncrypted); DropField(); return res; diff --git a/client/src/mifare/desfirecore.c b/client/src/mifare/desfirecore.c index fda847a6d..10c4dff42 100644 --- a/client/src/mifare/desfirecore.c +++ b/client/src/mifare/desfirecore.c @@ -2545,7 +2545,7 @@ int DesfireSetConfiguration(DesfireContext *dctx, uint8_t paramid, uint8_t *para size_t datalen = 1 + paramlen; - // add crc + /*// add crc if (dctx->secureChannel == DACd40) { iso14443a_crc_append(&data[1], datalen - 1); datalen += 2; @@ -2553,11 +2553,12 @@ int DesfireSetConfiguration(DesfireContext *dctx, uint8_t paramid, uint8_t *para desfire_crc32_append(cdata, datalen + 1); datalen += 4; } - +*/ // dynamic length - if (paramid == 0x02) { - data[datalen] = 0x80; - datalen++; + if (paramid == 0x02 && dctx->commMode == DCMEncrypted) { + dctx->commMode = DCMEncryptedWithPadding; + //data[datalen] = 0x80; + //datalen++; } // send command diff --git a/client/src/mifare/desfirecrypto.c b/client/src/mifare/desfirecrypto.c index 8feecd39c..366995a06 100644 --- a/client/src/mifare/desfirecrypto.c +++ b/client/src/mifare/desfirecrypto.c @@ -429,6 +429,7 @@ uint8_t DesfireCommModeToFileCommMode(DesfireCommunicationMode comm_mode) { fmode = 0x01; break; case DCMEncrypted: + case DCMEncryptedWithPadding: case DCMEncryptedPlain: fmode = 0x11; break; diff --git a/client/src/mifare/desfirecrypto.h b/client/src/mifare/desfirecrypto.h index f336a2448..9fa379049 100644 --- a/client/src/mifare/desfirecrypto.h +++ b/client/src/mifare/desfirecrypto.h @@ -58,6 +58,7 @@ typedef enum { DCMPlain, DCMMACed, DCMEncrypted, + DCMEncryptedWithPadding, DCMEncryptedPlain } DesfireCommunicationMode; diff --git a/client/src/mifare/desfiresecurechan.c b/client/src/mifare/desfiresecurechan.c index b33287a00..383e8fdf9 100644 --- a/client/src/mifare/desfiresecurechan.c +++ b/client/src/mifare/desfiresecurechan.c @@ -260,16 +260,24 @@ static void DesfireSecureChannelEncodeEV1(DesfireContext *ctx, uint8_t cmd, uint memcpy(&dstdata[srcdatalen], cmac, DesfireGetMACLength(ctx)); *dstdatalen = srcdatalen + DesfireGetMACLength(ctx); } - } else if (ctx->commMode == DCMEncrypted) { - rlen = padded_data_length(srcdatalen + 4 - hdrlen, desfire_get_key_block_length(ctx->keyType)); + } else if (ctx->commMode == DCMEncrypted || ctx->commMode == DCMEncryptedWithPadding) { + uint8_t paddinglen = (ctx->commMode == DCMEncryptedWithPadding) ? 1 : 0; + rlen = padded_data_length(srcdatalen + 4 + paddinglen - hdrlen, desfire_get_key_block_length(ctx->keyType)); data[0] = cmd; + + // crc memcpy(&data[1], srcdata, srcdatalen); desfire_crc32_append(data, srcdatalen + 1); + + // add padding + if (paddinglen > 0) + data[srcdatalen + 1 + 4] = 0x80; memcpy(dstdata, srcdata, hdrlen); DesfireCryptoEncDec(ctx, DCOSessionKeyEnc, &data[1 + hdrlen], rlen, &dstdata[hdrlen], true); *dstdatalen = hdrlen + rlen; + ctx->commMode = DCMEncrypted; } else if (ctx->commMode == DCMEncryptedPlain) { if (srcdatalen <= hdrlen) return; @@ -374,6 +382,7 @@ static void DesfireSecureChannelDecodeD40(DesfireContext *ctx, uint8_t *srcdata, break; } case DCMEncrypted: + case DCMEncryptedWithPadding: if (srcdatalen < desfire_get_key_block_length(ctx->keyType)) { memcpy(dstdata, srcdata, srcdatalen); *dstdatalen = srcdatalen;