github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-21 13:53:55 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #1356 from merlokk/desf_update2

Browse source 
desfire coverity + crypto refactoring
This commit is contained in:
Oleg Moiseenko 2021-07-06 12:17:38 +03:00 committed by GitHub
commit f74e5db6f0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
18 changed files with 495 additions and 352 deletions
Download patch file Download diff file Expand all files Collapse all files

1
client/CMakeLists.txt
View file

@ -226,6 +226,7 @@ set (TARGET_SOURCES
${PM3_ROOT}/client/src/mifare/mifarehost.c ${PM3_ROOT}/client/src/mifare/mifarehost.c
${PM3_ROOT}/client/src/nfc/ndef.c ${PM3_ROOT}/client/src/nfc/ndef.c
${PM3_ROOT}/client/src/mifare/desfire_crypto.c ${PM3_ROOT}/client/src/mifare/desfire_crypto.c
${PM3_ROOT}/client/src/mifare/desfiresecurechan.c
${PM3_ROOT}/client/src/mifare/desfirecore.c ${PM3_ROOT}/client/src/mifare/desfirecore.c
${PM3_ROOT}/client/src/uart/uart_posix.c ${PM3_ROOT}/client/src/uart/uart_posix.c
${PM3_ROOT}/client/src/uart/uart_win32.c ${PM3_ROOT}/client/src/uart/uart_win32.c

1
client/Makefile
View file

@ -590,6 +590,7 @@ SRCS = aiddesfire.c \
loclass/ikeys.c \ loclass/ikeys.c \
mifare/desfire_crypto.c \ mifare/desfire_crypto.c \
mifare/desfirecore.c \ mifare/desfirecore.c \
mifare/desfiresecurechan.c \
mifare/mad.c \ mifare/mad.c \
mifare/mfkey.c \ mifare/mfkey.c \
mifare/mifare4.c \ mifare/mifare4.c \

23
client/src/cipurse/cipursecrypto.c
View file

@ -40,11 +40,6 @@ uint8_t CipurseCSecurityLevelEnc(CipurseChannelSecurityLevel lvl) {
} }
} }
static void bin_xor(uint8_t *d1, uint8_t *d2, size_t len) {
for (size_t i = 0; i < len; i++)
d1[i] = d1[i] ^ d2[i];
}
static void bin_ext(uint8_t *dst, size_t dstlen, uint8_t *src, size_t srclen) { static void bin_ext(uint8_t *dst, size_t dstlen, uint8_t *src, size_t srclen) {
if (srclen > dstlen) if (srclen > dstlen)
memcpy(dst, &src[srclen - dstlen], dstlen); memcpy(dst, &src[srclen - dstlen], dstlen);
@ -218,24 +213,6 @@ bool CipurseCCheckCT(CipurseContext *ctx, uint8_t *CT) {
return (memcmp(CT, ctx->CT, CIPURSE_AES_KEY_LENGTH) == 0); return (memcmp(CT, ctx->CT, CIPURSE_AES_KEY_LENGTH) == 0);
} }
void AddISO9797M2Padding(uint8_t *ddata, size_t *ddatalen, uint8_t *sdata, size_t sdatalen, size_t blocklen) {
*ddatalen = sdatalen + 1;
*ddatalen += blocklen - *ddatalen % blocklen;
memset(ddata, 0, *ddatalen);
memcpy(ddata, sdata, sdatalen);
ddata[sdatalen] = ISO9797_M2_PAD_BYTE;
}
size_t FindISO9797M2PaddingDataLen(uint8_t *data, size_t datalen) {
for (int i = datalen; i > 0; i--) {
if (data[i - 1] == 0x80)
return i - 1;
if (data[i - 1] != 0x00)
return 0;
}
return 0;
}
static uint16_t CipurseCComputeMICCRC(uint8_t *data, size_t len) { static uint16_t CipurseCComputeMICCRC(uint8_t *data, size_t len) {
uint16_t initCRC = 0x6363; uint16_t initCRC = 0x6363;
for (size_t i = 0; i < len; i++) { for (size_t i = 0; i < len; i++) {

4
client/src/cipurse/cipursecrypto.h
View file

@ -21,7 +21,6 @@
#define CIPURSE_MAC_LENGTH 8 #define CIPURSE_MAC_LENGTH 8
#define CIPURSE_MIC_LENGTH 4 #define CIPURSE_MIC_LENGTH 4
#define CIPURSE_POLY 0x35b088cce172UL #define CIPURSE_POLY 0x35b088cce172UL
#define ISO9797_M2_PAD_BYTE 0x80
#define member_size(type, member) sizeof(((type *)0)->member) #define member_size(type, member) sizeof(((type *)0)->member)
@ -66,9 +65,6 @@ bool CipurseCCheckCT(CipurseContext *ctx, uint8_t *CT);
void CipurseCChannelSetSecurityLevels(CipurseContext *ctx, CipurseChannelSecurityLevel req, CipurseChannelSecurityLevel resp); void CipurseCChannelSetSecurityLevels(CipurseContext *ctx, CipurseChannelSecurityLevel req, CipurseChannelSecurityLevel resp);
bool isCipurseCChannelSecuritySet(CipurseContext *ctx); bool isCipurseCChannelSecuritySet(CipurseContext *ctx);
void AddISO9797M2Padding(uint8_t *ddata, size_t *ddatalen, uint8_t *sdata, size_t sdatalen, size_t blocklen);
size_t FindISO9797M2PaddingDataLen(uint8_t *data, size_t datalen);
void CipurseCGenerateMAC(CipurseContext *ctx, uint8_t *data, size_t datalen, uint8_t *mac); void CipurseCGenerateMAC(CipurseContext *ctx, uint8_t *data, size_t datalen, uint8_t *mac);
void CipurseCCalcMACPadded(CipurseContext *ctx, uint8_t *data, size_t datalen, uint8_t *mac); void CipurseCCalcMACPadded(CipurseContext *ctx, uint8_t *data, size_t datalen, uint8_t *mac);
bool CipurseCCheckMACPadded(CipurseContext *ctx, uint8_t *data, size_t datalen, uint8_t *mac); bool CipurseCCheckMACPadded(CipurseContext *ctx, uint8_t *data, size_t datalen, uint8_t *mac);

1
client/src/cipurse/cipursetest.c
View file

@ -14,6 +14,7 @@
#include <string.h> // memcpy memset #include <string.h> // memcpy memset
#include "fileutils.h" #include "fileutils.h"
#include "crypto/libpcrypto.h"
#include "cipurse/cipursecrypto.h" #include "cipurse/cipursecrypto.h"
#include "cipurse/cipursecore.h" #include "cipurse/cipursecore.h"

2
client/src/cmdhfemrtd.c
View file

@ -1424,7 +1424,7 @@ static int emrtd_print_ef_dg2_info(uint8_t *data, size_t datalen) {
bool is_jpg = (data[offset] == 0xFF); bool is_jpg = (data[offset] == 0xFF);
char *fn = calloc( strlen(dg_table[EF_DG2].filename) + 4 + 1, sizeof(uint8_t)); char *fn = calloc(strlen(dg_table[EF_DG2].filename) + 4 + 1, sizeof(uint8_t));
if (fn == NULL) if (fn == NULL)
return PM3_EMALLOC; return PM3_EMALLOC;

6
client/src/cmdhfmfdes.c
View file

@ -5198,7 +5198,7 @@ static int CmdHF14ADesGetAIDs(const char *Cmd) {
if (DesfireIsAuthenticated(&dctx)) { if (DesfireIsAuthenticated(&dctx)) {
if (verbose) if (verbose)
PrintAndLogEx(ERR, "Desfire " _GREEN_("authenticated") , res); PrintAndLogEx(ERR, "Desfire " _GREEN_("authenticated"));
} else { } else {
return PM3_ESOFT; return PM3_ESOFT;
} }
@ -5278,7 +5278,7 @@ static int CmdHF14ADesGetAppNames(const char *Cmd) {
if (DesfireIsAuthenticated(&dctx)) { if (DesfireIsAuthenticated(&dctx)) {
if (verbose) if (verbose)
PrintAndLogEx(ERR, "Desfire " _GREEN_("authenticated") , res); PrintAndLogEx(ERR, "Desfire " _GREEN_("authenticated"));
} else { } else {
return PM3_ESOFT; return PM3_ESOFT;
} }
@ -5297,7 +5297,7 @@ static int CmdHF14ADesGetAppNames(const char *Cmd) {
if (buflen > 0) { if (buflen > 0) {
PrintAndLogEx(INFO, "----------------------- " _CYAN_("File list") " -----------------------"); PrintAndLogEx(INFO, "----------------------- " _CYAN_("File list") " -----------------------");
for (int i = 0; i < buflen; i++) for (int i = 0; i < buflen; i++)
PrintAndLogEx(INFO, "AID: %06x ISO file id: %02x%02x ISO DF name[%d]: %s", PrintAndLogEx(INFO, "AID: %06x ISO file id: %02x%02x ISO DF name[%" PRIu32 "]: %s",
DesfireAIDByteToUint(&buf[i * 24 + 1]), DesfireAIDByteToUint(&buf[i * 24 + 1]),
buf[i * 24 + 1 + 3], buf[i * 24 + 1 + 4], buf[i * 24 + 1 + 3], buf[i * 24 + 1 + 4],
strlen((char *)&buf[i * 24 + 1 + 5]), strlen((char *)&buf[i * 24 + 1 + 5]),

23
client/src/crypto/libpcrypto.c
View file

@ -536,3 +536,26 @@ exit:
PrintAndLogEx(NORMAL, _RED_("failed\n")); PrintAndLogEx(NORMAL, _RED_("failed\n"));
return res; return res;
} }
void bin_xor(uint8_t *d1, uint8_t *d2, size_t len) {
for (size_t i = 0; i < len; i++)
d1[i] = d1[i] ^ d2[i];
}
void AddISO9797M2Padding(uint8_t *ddata, size_t *ddatalen, uint8_t *sdata, size_t sdatalen, size_t blocklen) {
*ddatalen = sdatalen + 1;
*ddatalen += blocklen - *ddatalen % blocklen;
memset(ddata, 0, *ddatalen);
memcpy(ddata, sdata, sdatalen);
ddata[sdatalen] = ISO9797_M2_PAD_BYTE;
}
size_t FindISO9797M2PaddingDataLen(uint8_t *data, size_t datalen) {
for (int i = datalen; i > 0; i--) {
if (data[i - 1] == 0x80)
return i - 1;
if (data[i - 1] != 0x00)
return 0;
}
return 0;
}

7
client/src/crypto/libpcrypto.h
View file

@ -42,4 +42,11 @@ char *ecdsa_get_error(int ret);
int ecdsa_nist_test(bool verbose); int ecdsa_nist_test(bool verbose);
void bin_xor(uint8_t *d1, uint8_t *d2, size_t len);
#define ISO9797_M2_PAD_BYTE 0x80
void AddISO9797M2Padding(uint8_t *ddata, size_t *ddatalen, uint8_t *sdata, size_t sdatalen, size_t blocklen);
size_t FindISO9797M2PaddingDataLen(uint8_t *data, size_t datalen);
#endif /* libpcrypto.h */ #endif /* libpcrypto.h */

12
client/src/mifare/desfire_crypto.c
View file

@ -55,10 +55,14 @@ static inline void update_key_schedules(desfirekey_t key) {
int desfire_get_key_length(enum DESFIRE_CRYPTOALGO key_type) { int desfire_get_key_length(enum DESFIRE_CRYPTOALGO key_type) {
switch (key_type) { switch (key_type) {
case T_DES: return 8; case T_DES:
case T_3DES: return 16; return 8;
case T_3K3DES: return 24; case T_3DES:
case T_AES: return 16; return 16;
case T_3K3DES:
return 24;
case T_AES:
return 16;
} }
return 0; return 0;
} }

2
client/src/mifare/desfire_crypto.h
View file

@ -18,7 +18,7 @@
* $Id$ * $Id$
*/ */
#ifndef __DESFIRE_CRYPTO_H #ifndef __DESFIRE_CRYPTO_H
#define __DESFIRE_CRYPTO_H #define __DESFIRE_CRYPTO_H
#include "common.h" #include "common.h"

177
client/src/mifare/desfirecore.c
View file

@ -31,6 +31,7 @@
#include "iso7816/iso7816core.h" // APDU logging #include "iso7816/iso7816core.h" // APDU logging
#include "util_posix.h" // msleep #include "util_posix.h" // msleep
#include "mifare/desfire_crypto.h" #include "mifare/desfire_crypto.h"
#include "desfiresecurechan.h"
const CLIParserOption DesfireAlgoOpts[] = { const CLIParserOption DesfireAlgoOpts[] = {
{T_DES, "des"}, {T_DES, "des"},
@ -255,7 +256,7 @@ void DesfirePrintContext(DesfireContext *ctx) {
sprint_hex(ctx->sessionKeyEnc, desfire_get_key_block_length(ctx->keyType))); sprint_hex(ctx->sessionKeyEnc, desfire_get_key_block_length(ctx->keyType)));
} }
} }
void DesfireSetKey(DesfireContext *ctx, uint8_t keyNum, enum DESFIRE_CRYPTOALGO keyType, uint8_t *key) { void DesfireSetKey(DesfireContext *ctx, uint8_t keyNum, enum DESFIRE_CRYPTOALGO keyType, uint8_t *key) {
DesfireClearContext(ctx); DesfireClearContext(ctx);
@ -543,166 +544,10 @@ static int DesfireExchangeISO(bool activate_field, DesfireContext *ctx, uint8_t
return PM3_SUCCESS; return PM3_SUCCESS;
} }
static void DesfireCryptoEncDec(DesfireContext *ctx, uint8_t *srcdata, size_t srcdatalen, uint8_t *dstdata, bool encode) {
uint8_t data[1024] = {0};
switch(ctx->keyType) {
case T_DES:
if (ctx->secureChannel == DACd40) {
if (encode)
des_encrypt_ecb(data, srcdata, srcdatalen, ctx->key);
else
des_decrypt_ecb(data, srcdata, srcdatalen, ctx->key);
} if (ctx->secureChannel == DACEV1) {
if (encode)
des_encrypt_cbc(data, srcdata, srcdatalen, ctx->key, ctx->IV);
else
des_decrypt_cbc(data, srcdata, srcdatalen, ctx->key, ctx->IV);
}
if (dstdata)
memcpy(dstdata, data, srcdatalen);
break;
case T_3DES:
break;
case T_3K3DES:
break;
case T_AES:
if (encode)
aes_encode(ctx->IV, ctx->key, srcdata, data, srcdatalen);
else
aes_decode(ctx->IV, ctx->key, srcdata, data, srcdatalen);
if (dstdata)
memcpy(dstdata, data, srcdatalen);
break;
}
}
static void DesfireSecureChannelEncodeD40(DesfireContext *ctx, uint8_t cmd, uint8_t *srcdata, size_t srcdatalen, uint8_t *dstdata, size_t *dstdatalen) {
memcpy(dstdata, srcdata, srcdatalen);
*dstdatalen = srcdatalen;
uint8_t data[1024] = {0};
size_t rlen = 0;
switch(ctx->commMode) {
case DCMPlain:
memcpy(dstdata, srcdata, srcdatalen);
*dstdatalen = srcdatalen;
break;
case DCMMACed:
if (srcdatalen == 0)
break;
rlen = padded_data_length(srcdatalen, desfire_get_key_block_length(ctx->keyType));
memcpy(data, srcdata, srcdatalen);
DesfireCryptoEncDec(ctx, data, rlen, NULL, true);
memcpy(dstdata, srcdata, srcdatalen);
memcpy(&dstdata[srcdatalen], ctx->IV, desfire_get_key_block_length(ctx->keyType));
*dstdatalen = rlen;
break;
case DCMEncrypted:
rlen = padded_data_length(srcdatalen + 2, desfire_get_key_block_length(ctx->keyType)); // 2 - crc16
memcpy(data, srcdata, srcdatalen);
compute_crc(CRC_14443_A, data, srcdatalen, &data[srcdatalen], &data[srcdatalen + 1]);
DesfireCryptoEncDec(ctx, data, rlen, dstdata, true);
*dstdatalen = rlen;
break;
case DCMNone:;
}
}
static void DesfireSecureChannelEncodeEV1(DesfireContext *ctx, uint8_t cmd, uint8_t *srcdata, size_t srcdatalen, uint8_t *dstdata, size_t *dstdatalen) {
memcpy(dstdata, srcdata, srcdatalen);
*dstdatalen = srcdatalen;
switch(ctx->commMode) {
case DCMPlain:
case DCMMACed:
break;
case DCMEncrypted:
break;
case DCMNone:;
}
}
static void DesfireSecureChannelEncode(DesfireContext *ctx, uint8_t cmd, uint8_t *srcdata, size_t srcdatalen, uint8_t *dstdata, size_t *dstdatalen) {
switch(ctx->secureChannel) {
case DACd40:
DesfireSecureChannelEncodeD40(ctx, cmd, srcdata, srcdatalen, dstdata, dstdatalen);
break;
case DACEV1:
DesfireSecureChannelEncodeEV1(ctx, cmd, srcdata, srcdatalen, dstdata, dstdatalen);
break;
case DACEV2:
break;
case DACNone:
memcpy(dstdata, srcdata, srcdatalen);
*dstdatalen = srcdatalen;
break;
}
}
static void DesfireSecureChannelDecodeD40(DesfireContext *ctx, uint8_t *srcdata, size_t srcdatalen, uint8_t respcode, uint8_t *dstdata, size_t *dstdatalen) {
memcpy(dstdata, srcdata, srcdatalen);
*dstdatalen = srcdatalen;
switch(ctx->commMode) {
case DCMMACed:
break;
case DCMEncrypted:
break;
case DCMPlain:
case DACNone:
memcpy(dstdata, srcdata, srcdatalen);
*dstdatalen = srcdatalen;
break;
}
}
static void DesfireSecureChannelDecodeEV1(DesfireContext *ctx, uint8_t *srcdata, size_t srcdatalen, uint8_t respcode, uint8_t *dstdata, size_t *dstdatalen) {
memcpy(dstdata, srcdata, srcdatalen);
*dstdatalen = srcdatalen;
switch(ctx->commMode) {
case DCMPlain:
case DCMMACed:
memcpy(dstdata, srcdata, srcdatalen - 8);
*dstdatalen = srcdatalen - 8;
break;
case DCMEncrypted:
break;
case DACNone:
memcpy(dstdata, srcdata, srcdatalen);
*dstdatalen = srcdatalen;
break;
}
}
static void DesfireSecureChannelDecode(DesfireContext *ctx, uint8_t *srcdata, size_t srcdatalen, uint8_t respcode, uint8_t *dstdata, size_t *dstdatalen) {
switch(ctx->secureChannel) {
case DACd40:
DesfireSecureChannelDecodeD40(ctx, srcdata, srcdatalen, respcode, dstdata, dstdatalen);
break;
case DACEV1:
DesfireSecureChannelDecodeEV1(ctx, srcdata, srcdatalen, respcode, dstdata, dstdatalen);
break;
case DACEV2:
break;
case DACNone:
memcpy(dstdata, srcdata, srcdatalen);
*dstdatalen = srcdatalen;
break;
}
}
// move data from blockdata [format: <length, data><length, data>...] to single data block // move data from blockdata [format: <length, data><length, data>...] to single data block
static void DesfireJoinBlockToBytes(uint8_t *blockdata, size_t blockdatacount, size_t blockdatasize, uint8_t *dstdata, size_t *dstdatalen) { static void DesfireJoinBlockToBytes(uint8_t *blockdata, size_t blockdatacount, size_t blockdatasize, uint8_t *dstdata, size_t *dstdatalen) {
*dstdatalen = 0; *dstdatalen = 0;
for(int i = 0; i < blockdatacount; i++) { for (int i = 0; i < blockdatacount; i++) {
memcpy(&dstdata[*dstdatalen], &blockdata[i * blockdatasize + 1], blockdata[i * blockdatasize]); memcpy(&dstdata[*dstdatalen], &blockdata[i * blockdatasize + 1], blockdata[i * blockdatasize]);
*dstdatalen += blockdata[i * blockdatasize]; *dstdatalen += blockdata[i * blockdatasize];
} }
@ -712,7 +557,7 @@ static void DesfireJoinBlockToBytes(uint8_t *blockdata, size_t blockdatacount, s
// lengths in the blockdata is not changed. result - in the blockdata // lengths in the blockdata is not changed. result - in the blockdata
static void DesfireSplitBytesToBlock(uint8_t *blockdata, size_t *blockdatacount, size_t blockdatasize, uint8_t *dstdata, size_t dstdatalen) { static void DesfireSplitBytesToBlock(uint8_t *blockdata, size_t *blockdatacount, size_t blockdatasize, uint8_t *dstdata, size_t dstdatalen) {
size_t len = 0; size_t len = 0;
for(int i = 0; i < *blockdatacount; i++) { for (int i = 0; i < *blockdatacount; i++) {
size_t tlen = len + blockdata[i * blockdatasize]; size_t tlen = len + blockdata[i * blockdatasize];
if (tlen > dstdatalen) if (tlen > dstdatalen)
tlen = dstdatalen; tlen = dstdatalen;
@ -731,7 +576,7 @@ int DesfireExchangeEx(bool activate_field, DesfireContext *ctx, uint8_t cmd, uin
uint8_t databuf[250 * 5] = {0}; uint8_t databuf[250 * 5] = {0};
size_t databuflen = 0; size_t databuflen = 0;
switch(ctx->cmdSet) { switch (ctx->cmdSet) {
case DCCNative: case DCCNative:
case DCCNativeISO: case DCCNativeISO:
DesfireSecureChannelEncode(ctx, cmd, data, datalen, databuf, &databuflen); DesfireSecureChannelEncode(ctx, cmd, data, datalen, databuf, &databuflen);
@ -1028,9 +873,9 @@ int DesfireAuthenticate(DesfireContext *dctx, DesfireSecureChannel secureChannel
Desfire_session_key_new(RndA, RndB, key, &sesskey); Desfire_session_key_new(RndA, RndB, key, &sesskey);
memcpy(dctx->sessionKeyEnc, sesskey.data, desfire_get_key_length(dctx->keyType)); memcpy(dctx->sessionKeyEnc, sesskey.data, desfire_get_key_length(dctx->keyType));
PrintAndLogEx(INFO, "encRndA : %s", sprint_hex(encRndA, rndlen)); PrintAndLogEx(INFO, "encRndA : %s", sprint_hex(encRndA, rndlen));
PrintAndLogEx(INFO, "IV : %s", sprint_hex(IV, rndlen)); PrintAndLogEx(INFO, "IV : %s", sprint_hex(IV, rndlen));
if (dctx->keyType == T_DES){ if (dctx->keyType == T_DES) {
if (secureChannel == DACd40) if (secureChannel == DACd40)
des_decrypt(encRndA, encRndA, key->data); des_decrypt(encRndA, encRndA, key->data);
if (secureChannel == DACEV1) if (secureChannel == DACEV1)
@ -1047,8 +892,8 @@ PrintAndLogEx(INFO, "IV : %s", sprint_hex(IV, rndlen));
} }
rol(RndA, rndlen); rol(RndA, rndlen);
PrintAndLogEx(INFO, "Expected_RndA : %s", sprint_hex(RndA, rndlen)); PrintAndLogEx(INFO, "Expected_RndA : %s", sprint_hex(RndA, rndlen));
PrintAndLogEx(INFO, "Generated_RndA : %s", sprint_hex(encRndA, rndlen)); PrintAndLogEx(INFO, "Generated_RndA : %s", sprint_hex(encRndA, rndlen));
for (uint32_t x = 0; x < rndlen; x++) { for (uint32_t x = 0; x < rndlen; x++) {
if (RndA[x] != encRndA[x]) { if (RndA[x] != encRndA[x]) {
if (g_debugMode > 1) { if (g_debugMode > 1) {
@ -1074,7 +919,7 @@ PrintAndLogEx(INFO, "Generated_RndA : %s", sprint_hex(encRndA, rndlen));
dctx->secureChannel = secureChannel; dctx->secureChannel = secureChannel;
memcpy(dctx->sessionKeyMAC, dctx->sessionKeyEnc, desfire_get_key_length(dctx->keyType)); memcpy(dctx->sessionKeyMAC, dctx->sessionKeyEnc, desfire_get_key_length(dctx->keyType));
PrintAndLogEx(INFO, "sessionKeyEnc : %s", sprint_hex(dctx->sessionKeyEnc, desfire_get_key_length(dctx->keyType))); PrintAndLogEx(INFO, "sessionKeyEnc : %s", sprint_hex(dctx->sessionKeyEnc, desfire_get_key_length(dctx->keyType)));
return PM3_SUCCESS; return PM3_SUCCESS;
} }

2
client/src/mifare/desfirecore.h
View file

@ -81,7 +81,7 @@ void DesfireClearSession(DesfireContext *ctx);
void DesfireSetKey(DesfireContext *ctx, uint8_t keyNum, enum DESFIRE_CRYPTOALGO keyType, uint8_t *key); void DesfireSetKey(DesfireContext *ctx, uint8_t keyNum, enum DESFIRE_CRYPTOALGO keyType, uint8_t *key);
void DesfireSetCommandSet(DesfireContext *ctx, DesfireCommandSet cmdSet); void DesfireSetCommandSet(DesfireContext *ctx, DesfireCommandSet cmdSet);
void DesfireSetCommMode(DesfireContext *ctx, DesfireCommunicationMode commMode); void DesfireSetCommMode(DesfireContext *ctx, DesfireCommunicationMode commMode);
void DesfireSetKdf(DesfireContext *ctx, uint8_t kdfAlgo,uint8_t *kdfInput, uint8_t kdfInputLen); void DesfireSetKdf(DesfireContext *ctx, uint8_t kdfAlgo, uint8_t *kdfInput, uint8_t kdfInputLen);
const char *DesfireGetErrorString(int res, uint16_t *sw); const char *DesfireGetErrorString(int res, uint16_t *sw);
uint32_t DesfireAIDByteToUint(uint8_t *data); uint32_t DesfireAIDByteToUint(uint8_t *data);

194
client/src/mifare/desfiresecurechan.c Normal file
View file

@ -0,0 +1,194 @@
//-----------------------------------------------------------------------------
// Copyright (C) 2010 Romain Tartiere.
// Copyright (C) 2014 Iceman
// Copyright (C) 2021 Merlok
//
// This code is licensed to you under the terms of the GNU GPL, version 2 or,
// at your option, any later version. See the LICENSE.txt file for the text of
// the license.
//-----------------------------------------------------------------------------
// High frequency Desfire secure channel functions
//-----------------------------------------------------------------------------
#include "desfiresecurechan.h"
#include <stdlib.h>
#include <string.h>
#include <util.h>
#include "ui.h"
#include "crc.h"
#include "crc16.h" // crc16 ccitt
#include "crc32.h"
#include "commonutil.h"
#include "mifare/desfire_crypto.h"
void DesfireCryptoEncDec(DesfireContext *ctx, uint8_t *srcdata, size_t srcdatalen, uint8_t *dstdata, bool encode) {
uint8_t data[1024] = {0};
switch (ctx->keyType) {
case T_DES:
if (ctx->secureChannel == DACd40) {
if (encode)
des_encrypt_ecb(data, srcdata, srcdatalen, ctx->key);
else
des_decrypt_ecb(data, srcdata, srcdatalen, ctx->key);
}
if (ctx->secureChannel == DACEV1) {
if (encode)
des_encrypt_cbc(data, srcdata, srcdatalen, ctx->key, ctx->IV);
else
des_decrypt_cbc(data, srcdata, srcdatalen, ctx->key, ctx->IV);
}
if (dstdata)
memcpy(dstdata, data, srcdatalen);
break;
case T_3DES:
break;
case T_3K3DES:
break;
case T_AES:
if (encode)
aes_encode(ctx->IV, ctx->key, srcdata, data, srcdatalen);
else
aes_decode(ctx->IV, ctx->key, srcdata, data, srcdatalen);
if (dstdata)
memcpy(dstdata, data, srcdatalen);
break;
}
}
static void DesfireSecureChannelEncodeD40(DesfireContext *ctx, uint8_t cmd, uint8_t *srcdata, size_t srcdatalen, uint8_t *dstdata, size_t *dstdatalen) {
memcpy(dstdata, srcdata, srcdatalen);
*dstdatalen = srcdatalen;
uint8_t data[1024] = {0};
size_t rlen = 0;
switch (ctx->commMode) {
case DCMPlain:
memcpy(dstdata, srcdata, srcdatalen);
*dstdatalen = srcdatalen;
break;
case DCMMACed:
if (srcdatalen == 0)
break;
rlen = padded_data_length(srcdatalen, desfire_get_key_block_length(ctx->keyType));
memcpy(data, srcdata, srcdatalen);
DesfireCryptoEncDec(ctx, data, rlen, NULL, true);
memcpy(dstdata, srcdata, srcdatalen);
memcpy(&dstdata[srcdatalen], ctx->IV, 4);
*dstdatalen = rlen;
break;
case DCMEncrypted:
rlen = padded_data_length(srcdatalen + 2, desfire_get_key_block_length(ctx->keyType)); // 2 - crc16
memcpy(data, srcdata, srcdatalen);
compute_crc(CRC_14443_A, data, srcdatalen, &data[srcdatalen], &data[srcdatalen + 1]);
DesfireCryptoEncDec(ctx, data, rlen, dstdata, true);
*dstdatalen = rlen;
break;
case DCMNone:
;
}
}
static void DesfireSecureChannelEncodeEV1(DesfireContext *ctx, uint8_t cmd, uint8_t *srcdata, size_t srcdatalen, uint8_t *dstdata, size_t *dstdatalen) {
uint8_t data[1024] = {0};
size_t rlen = 0;
memcpy(dstdata, srcdata, srcdatalen);
*dstdatalen = srcdatalen;
switch (ctx->commMode) {
case DCMPlain:
case DCMMACed:
data[0] = cmd;
rlen = padded_data_length(srcdatalen + 1, desfire_get_key_block_length(ctx->keyType));
memcpy(&data[1], srcdata, srcdatalen);
DesfireCryptoEncDec(ctx, data, rlen, NULL, true);
memcpy(dstdata, srcdata, srcdatalen);
if (srcdatalen != 0 && ctx->commMode == DCMMACed) {
memcpy(&dstdata[srcdatalen], ctx->IV, 4);
*dstdatalen = rlen;
}
break;
case DCMEncrypted:
break;
case DCMNone:
;
}
}
void DesfireSecureChannelEncode(DesfireContext *ctx, uint8_t cmd, uint8_t *srcdata, size_t srcdatalen, uint8_t *dstdata, size_t *dstdatalen) {
switch (ctx->secureChannel) {
case DACd40:
DesfireSecureChannelEncodeD40(ctx, cmd, srcdata, srcdatalen, dstdata, dstdatalen);
break;
case DACEV1:
DesfireSecureChannelEncodeEV1(ctx, cmd, srcdata, srcdatalen, dstdata, dstdatalen);
break;
case DACEV2:
break;
case DACNone:
memcpy(dstdata, srcdata, srcdatalen);
*dstdatalen = srcdatalen;
break;
}
}
static void DesfireSecureChannelDecodeD40(DesfireContext *ctx, uint8_t *srcdata, size_t srcdatalen, uint8_t respcode, uint8_t *dstdata, size_t *dstdatalen) {
memcpy(dstdata, srcdata, srcdatalen);
*dstdatalen = srcdatalen;
switch (ctx->commMode) {
case DCMMACed:
break;
case DCMEncrypted:
break;
case DCMPlain:
case DACNone:
memcpy(dstdata, srcdata, srcdatalen);
*dstdatalen = srcdatalen;
break;
}
}
static void DesfireSecureChannelDecodeEV1(DesfireContext *ctx, uint8_t *srcdata, size_t srcdatalen, uint8_t respcode, uint8_t *dstdata, size_t *dstdatalen) {
memcpy(dstdata, srcdata, srcdatalen);
*dstdatalen = srcdatalen;
switch (ctx->commMode) {
case DCMPlain:
case DCMMACed:
memcpy(dstdata, srcdata, srcdatalen - 8);
*dstdatalen = srcdatalen - 8;
break;
case DCMEncrypted:
break;
case DACNone:
memcpy(dstdata, srcdata, srcdatalen);
*dstdatalen = srcdatalen;
break;
}
}
void DesfireSecureChannelDecode(DesfireContext *ctx, uint8_t *srcdata, size_t srcdatalen, uint8_t respcode, uint8_t *dstdata, size_t *dstdatalen) {
switch (ctx->secureChannel) {
case DACd40:
DesfireSecureChannelDecodeD40(ctx, srcdata, srcdatalen, respcode, dstdata, dstdatalen);
break;
case DACEV1:
DesfireSecureChannelDecodeEV1(ctx, srcdata, srcdatalen, respcode, dstdata, dstdatalen);
break;
case DACEV2:
break;
case DACNone:
memcpy(dstdata, srcdata, srcdatalen);
*dstdatalen = srcdatalen;
break;
}
}

27
client/src/mifare/desfiresecurechan.h Normal file
View file

@ -0,0 +1,27 @@
//-----------------------------------------------------------------------------
// Copyright (C) 2010 Romain Tartiere.
// Copyright (C) 2014 Iceman
// Copyright (C) 2021 Merlok
//
// This code is licensed to you under the terms of the GNU GPL, version 2 or,
// at your option, any later version. See the LICENSE.txt file for the text of
// the license.
//-----------------------------------------------------------------------------
// High frequency Desfire secure channel functions
//-----------------------------------------------------------------------------
#ifndef __DESFIRESECURECHAN_H
#define __DESFIRESECURECHAN_H
#include "common.h"
#include "mifare/desfirecore.h"
#include "mifare/desfire_crypto.h"
#include "mifare/mifare4.h"
void DesfireCryptoEncDec(DesfireContext *ctx, uint8_t *srcdata, size_t srcdatalen, uint8_t *dstdata, bool encode);
void DesfireSecureChannelEncode(DesfireContext *ctx, uint8_t cmd, uint8_t *srcdata, size_t srcdatalen, uint8_t *dstdata, size_t *dstdatalen);
void DesfireSecureChannelDecode(DesfireContext *ctx, uint8_t *srcdata, size_t srcdatalen, uint8_t respcode, uint8_t *dstdata, size_t *dstdatalen);
#endif // __DESFIRESECURECHAN_H

102
doc/commands.json
View file

@ -973,7 +973,7 @@
}, },
"help": { "help": {
"command": "help", "command": "help",
"description": "help use `<command> help` for details of a command prefs { edit client/device preferences... } -------- ----------------------- technology ----------------------- analyse { analyse utils... } data { plot window / data buffer manipulation... } emv { emv iso-14443 / iso-7816... } hf { high frequency commands... } hw { hardware commands... } lf { low frequency commands... } nfc { nfc commands... } reveng { crc calculations from reveng software... } smart { smart card iso-7816 commands... } script { scripting commands... } trace { trace manipulation... } wiegand { wiegand format manipulation... } -------- ----------------------- general ----------------------- clear clear screen hints turn hints on / off msleep add a pause in milliseconds rem add a text line in log file quit exit exit program [=] session log e:\\proxspace\\pm3/.proxmark3/logs/log_20210630.txt --------------------------------------------------------------------------------------- auto available offline: no run lf search / hf search / data plot / data save", "description": "help use `<command> help` for details of a command prefs { edit client/device preferences... } -------- ----------------------- technology ----------------------- analyse { analyse utils... } data { plot window / data buffer manipulation... } emv { emv iso-14443 / iso-7816... } hf { high frequency commands... } hw { hardware commands... } lf { low frequency commands... } nfc { nfc commands... } reveng { crc calculations from reveng software... } smart { smart card iso-7816 commands... } script { scripting commands... } trace { trace manipulation... } wiegand { wiegand format manipulation... } -------- ----------------------- general ----------------------- clear clear screen hints turn hints on / off msleep add a pause in milliseconds rem add a text line in log file quit exit exit program [=] session log e:\\proxspace\\pm3/.proxmark3/logs/log_20210706.txt --------------------------------------------------------------------------------------- auto available offline: no run lf search / hf search / data plot / data save",
"notes": [ "notes": [
"auto" "auto"
], ],
@ -3938,6 +3938,31 @@
], ],
"usage": "hf mf wrbl [-hab] --blk <dec> [-k <hex>] [-d <hex>]" "usage": "hf mf wrbl [-hab] --blk <dec> [-k <hex>] [-d <hex>]"
}, },
"hf mfdes auth": {
"command": "hf mfdes auth",
"description": "authenticates mifare desfire using key",
"notes": [
"hf mfdes auth -m 3 -t 4 -a 808301 -n 0 -k 00000000000000000000000000000000 -> aes,keynumber 0, aid 0x803201",
"hf mfdes auth -m 2 -t 2 -a 000000 -n 1 -k 00000000000000000000000000000000 -> 3des,keynumber 1, aid 0x000000",
"hf mfdes auth -m 1 -t 1 -a 000000 -n 2 -k 0000000000000000 -> des,keynumber 2, aid 0x000000",
"hf mfdes auth -m 1 -t 1 -a 000000 -n 0 -> des, defaultkey, aid 0x000000",
"hf mfdes auth -m 2 -t 2 -a 000000 -n 0 -> 3des, defaultkey, aid 0x000000",
"hf mfdes auth -m 3 -t 4 -a 000000 -n 0 -> 3k3des, defaultkey, aid 0x000000",
"hf mfdes auth -m 3 -t 4 -a 000000 -n 0 -> aes, defaultkey, aid 0x000000"
],
"offline": false,
"options": [
"-h, --help this help",
"-m, --type <type> auth type (1=normal, 2=iso, 3=aes)",
"-t, --algo <algo> crypt algo (1=des, 2=3des(2k2des), 3=3k3des, 4=aes)",
"-a, --aid <aid> aid used for authentification (hex 3 bytes)",
"-n, --keyno <keyno> key number used for authentification",
"-k, --key <key> key for checking (hex 8-24 bytes)",
"-d, --kdf <kdf> key derivation function (kdf) (0=none, 1=an10922, 2=gallagher)",
"-i, --kdfi <kdfi> kdf input (hex 1-31 bytes)"
],
"usage": "hf mfdes auth [-h] [-m <type>] [-t <algo>] [-a <aid>]... [-n <keyno>] [-k <key>] [-d <kdf>] [-i <kdfi>]"
},
"hf mfdes bruteaid": { "hf mfdes bruteaid": {
"command": "hf mfdes bruteaid", "command": "hf mfdes bruteaid",
"description": "recover aids by bruteforce. warning: this command takes a long time", "description": "recover aids by bruteforce. warning: this command takes a long time",
@ -4168,6 +4193,50 @@
], ],
"usage": "hf mfdes formatpicc [-h]" "usage": "hf mfdes formatpicc [-h]"
}, },
"hf mfdes getaids": {
"command": "hf mfdes getaids",
"description": "get application ids list from card. master key needs to be provided.",
"notes": [
"hf mfdes getaids -n 0 -t des -k 0000000000000000 -f none -> execute with default factory setup"
],
"offline": false,
"options": [
"-h, --help this help",
"-a, --apdu show apdu requests and responses",
"-v, --verbose show technical data",
"-n, --keyno <keyno> key number",
"-t, --algo <des/2tdea/3tdea/aes> crypt algo: des, 2tdea, 3tdea, aes",
"-k, --key <key> key for authenticate (hex 8(des), 16(2tdea or aes) or 24(3tdea) bytes)",
"-f, --kdf <none/an10922/gallagher> key derivation function (kdf): none, an10922, gallagher",
"-i, --kdfi <kdfi> kdf input (hex 1-31 bytes)",
"-m, --cmode <plain/mac/encrypt> communicaton mode: plain/mac/encrypt",
"-c, --ccset <native/niso/iso> communicaton command set: native/niso/iso",
"-s, --schann <d40/ev1/ev2> secure channel: d40/ev1/ev2"
],
"usage": "hf mfdes getaids [-hav] [-n <keyno>] [-t <des/2tdea/3tdea/aes>] [-k <key>] [-f <none/an10922/gallagher>] [-i <kdfi>] [-m <plain/mac/encrypt>] [-c <native/niso/iso>] [-s <d40/ev1/ev2>]"
},
"hf mfdes getappnames": {
"command": "hf mfdes getappnames",
"description": "get application ids, iso ids and df names from card. master key needs to be provided.",
"notes": [
"hf mfdes getappnames -n 0 -t des -k 0000000000000000 -f none -> execute with default factory setup"
],
"offline": false,
"options": [
"-h, --help this help",
"-a, --apdu show apdu requests and responses",
"-v, --verbose show technical data",
"-n, --keyno <keyno> key number",
"-t, --algo <des/2tdea/3tdea/aes> crypt algo: des, 2tdea, 3tdea, aes",
"-k, --key <key> key for authenticate (hex 8(des), 16(2tdea or aes) or 24(3tdea) bytes)",
"-f, --kdf <none/an10922/gallagher> key derivation function (kdf): none, an10922, gallagher",
"-i, --kdfi <kdfi> kdf input (hex 1-31 bytes)",
"-m, --cmode <plain/mac/encrypt> communicaton mode: plain/mac/encrypt",
"-c, --ccset <native/niso/iso> communicaton command set: native/niso/iso",
"-s, --schann <d40/ev1/ev2> secure channel: d40/ev1/ev2"
],
"usage": "hf mfdes getappnames [-hav] [-n <keyno>] [-t <des/2tdea/3tdea/aes>] [-k <key>] [-f <none/an10922/gallagher>] [-i <kdfi>] [-m <plain/mac/encrypt>] [-c <native/niso/iso>] [-s <d40/ev1/ev2>]"
},
"hf mfdes getuid": { "hf mfdes getuid": {
"command": "hf mfdes getuid", "command": "hf mfdes getuid",
"description": "get uid from a mifare desfire tag", "description": "get uid from a mifare desfire tag",
@ -4196,28 +4265,23 @@
}, },
"hf mfdes help": { "hf mfdes help": {
"command": "hf mfdes help", "command": "hf mfdes help",
"description": "help this help list list desfire (iso 14443a) history --------------------------------------------------------------------------------------- hf mfdes auth available offline: no authenticates mifare desfire using key", "description": "help this help list list desfire (iso 14443a) history --------------------------------------------------------------------------------------- hf mfdes default available offline: no get application ids, iso ids and df names from card. master key needs to be provided.",
"notes": [ "notes": [
"hf mfdes auth -m 3 -t 4 -a 808301 -n 0 -k 00000000000000000000000000000000 -> aes,keynumber 0, aid 0x803201", "hf mfdes getappnames -n 0 -t des -k 0000000000000000 -f none -> execute with default factory setup"
"hf mfdes auth -m 2 -t 2 -a 000000 -n 1 -k 00000000000000000000000000000000 -> 3des,keynumber 1, aid 0x000000",
"hf mfdes auth -m 1 -t 1 -a 000000 -n 2 -k 0000000000000000 -> des,keynumber 2, aid 0x000000",
"hf mfdes auth -m 1 -t 1 -a 000000 -n 0 -> des, defaultkey, aid 0x000000",
"hf mfdes auth -m 2 -t 2 -a 000000 -n 0 -> 3des, defaultkey, aid 0x000000",
"hf mfdes auth -m 3 -t 4 -a 000000 -n 0 -> 3k3des, defaultkey, aid 0x000000",
"hf mfdes auth -m 3 -t 4 -a 000000 -n 0 -> aes, defaultkey, aid 0x000000"
], ],
"offline": true, "offline": true,
"options": [ "options": [
"-h, --help this help", "-h, --help this help",
"-m, --type <type> auth type (1=normal, 2=iso, 3=aes)", "-n, --keyno <keyno> key number",
"-t, --algo <algo> crypt algo (1=des, 2=3des(2k2des), 3=3k3des, 4=aes)", "-t, --algo <des/2tdea/3tdea/aes> crypt algo: des, 2tdea, 3tdea, aes",
"-a, --aid <aid> aid used for authentification (hex 3 bytes)", "-k, --key <key> key for authenticate (hex 8(des), 16(2tdea or aes) or 24(3tdea) bytes)",
"-n, --keyno <keyno> key number used for authentification", "-f, --kdf <none/an10922/gallagher> key derivation function (kdf): none, an10922, gallagher",
"-k, --key <key> key for checking (hex 8-24 bytes)", "-i, --kdfi <kdfi> kdf input (hex 1-31 bytes)",
"-d, --kdf <kdf> key derivation function (kdf) (0=none, 1=an10922, 2=gallagher)", "-m, --cmode <plain/mac/encrypt> communicaton mode: plain/mac/encrypt",
"-i, --kdfi <kdfi> kdf input (hex 1-31 bytes)" "-c, --ccset <native/niso/iso> communicaton command set: native/niso/iso",
"-s, --schann <d40/ev1/ev2> secure channel: d40/ev1/ev2"
], ],
"usage": "hf mfdes auth [-h] [-m <type>] [-t <algo>] [-a <aid>]... [-n <keyno>] [-k <key>] [-d <kdf>] [-i <kdfi>]" "usage": "hf mfdes default [-h] [-n <keyno>] [-t <des/2tdea/3tdea/aes>] [-k <key>] [-f <none/an10922/gallagher>] [-i <kdfi>] [-m <plain/mac/encrypt>] [-c <native/niso/iso>] [-s <d40/ev1/ev2>]"
}, },
"hf mfdes info": { "hf mfdes info": {
"command": "hf mfdes info", "command": "hf mfdes info",
@ -9217,8 +9281,8 @@
} }
}, },
"metadata": { "metadata": {
"commands_extracted": 572, "commands_extracted": 575,
"extracted_by": "PM3Help2JSON v1.00", "extracted_by": "PM3Help2JSON v1.00",
"extracted_on": "2021-06-30T09:30:39" "extracted_on": "2021-07-06T09:14:57"
} }
} }

3
doc/commands.md
View file

@ -501,6 +501,7 @@ Check column "offline" for their availability.
|command |offline |description |command |offline |description
|------- |------- |----------- |------- |------- |-----------
|`hf mfdes help `|Y |`This help` |`hf mfdes help `|Y |`This help`
|`hf mfdes default `|N |`[new]Set defaults for all the commands`
|`hf mfdes auth `|N |`Tries a MIFARE DesFire Authentication` |`hf mfdes auth `|N |`Tries a MIFARE DesFire Authentication`
|`hf mfdes changekey `|N |`Change Key` |`hf mfdes changekey `|N |`Change Key`
|`hf mfdes chk `|N |`Check keys` |`hf mfdes chk `|N |`Check keys`
@ -513,6 +514,8 @@ Check column "offline" for their availability.
|`hf mfdes createaid `|N |`Create Application ID` |`hf mfdes createaid `|N |`Create Application ID`
|`hf mfdes deleteaid `|N |`Delete Application ID` |`hf mfdes deleteaid `|N |`Delete Application ID`
|`hf mfdes selectaid `|N |`Select Application ID` |`hf mfdes selectaid `|N |`Select Application ID`
|`hf mfdes getaids `|N |`[new]Get Application IDs list`
|`hf mfdes getappnames `|N |`[new]Get Applications list`
|`hf mfdes changevalue `|N |`Write value of a value file (credit/debit/clear)` |`hf mfdes changevalue `|N |`Write value of a value file (credit/debit/clear)`
|`hf mfdes clearfile `|N |`Clear record File` |`hf mfdes clearfile `|N |`Clear record File`
|`hf mfdes createfile `|N |`Create Standard/Backup File` |`hf mfdes createfile `|N |`Create Standard/Backup File`