github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-19 21:03:48 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

hf mfdes enum - fixes WIP

Browse source
This commit is contained in:
iceman1001 2020-03-17 11:37:38 +01:00
commit fe0d9c8d9f
4 changed files with 65 additions and 78 deletions
Download patch file Download diff file Expand all files Collapse all files

41
armsrc/mifaredesfire.c
View file

@ -15,6 +15,7 @@
#include "mbedtls/aes.h" #include "mbedtls/aes.h"
#include "commonutil.h" #include "commonutil.h"
#include "util.h" #include "util.h"
#include "mifare.h"
#define MAX_APPLICATION_COUNT 28 #define MAX_APPLICATION_COUNT 28
#define MAX_FILE_COUNT 16 #define MAX_FILE_COUNT 16
@ -35,6 +36,8 @@ static uint8_t deselect_cmd[] = {0xc2, 0xe0, 0xb4};
bool InitDesfireCard() { bool InitDesfireCard() {
pcb_blocknum = 0;
iso14a_card_select_t card; iso14a_card_select_t card;
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
@ -48,28 +51,14 @@ bool InitDesfireCard() {
return true; return true;
} }
// ARG0 flag enums
enum {
NONE = 0x00,
INIT = 0x01,
DISCONNECT = 0x02,
CLEARTRACE = 0x04,
BAR = 0x08,
} CmdOptions ;
void MifareSendCommand(uint8_t arg0, uint8_t arg1, uint8_t *datain) { void MifareSendCommand(uint8_t arg0, uint8_t arg1, uint8_t *datain) {
/* ARG0 contains flags.
0x01 = init card.
0x02 = Disconnect
0x03
*/
uint8_t flags = arg0; uint8_t flags = arg0;
size_t datalen = arg1; size_t datalen = arg1;
uint8_t resp[RECEIVE_SIZE]; uint8_t resp[RECEIVE_SIZE];
memset(resp, 0, sizeof(resp)); memset(resp, 0, sizeof(resp));
if (DBGLEVEL >= 4) { if (DBGLEVEL >= DBG_EXTENDED) {
Dbprintf(" flags : %02X", flags); Dbprintf(" flags : %02X", flags);
Dbprintf(" len : %02X", datalen); Dbprintf(" len : %02X", datalen);
print_result(" RX : ", datain, datalen); print_result(" RX : ", datain, datalen);
@ -79,12 +68,13 @@ void MifareSendCommand(uint8_t arg0, uint8_t arg1, uint8_t *datain) {
clear_trace(); clear_trace();
if (flags & INIT) { if (flags & INIT) {
if (!InitDesfireCard()) if (!InitDesfireCard()) {
return; return;
}
} }
int len = DesfireAPDU(datain, datalen, resp); int len = DesfireAPDU(datain, datalen, resp);
if (DBGLEVEL >= 4) if (DBGLEVEL >= DBG_EXTENDED)
print_result("RESP <--: ", resp, len); print_result("RESP <--: ", resp, len);
if (!len) { if (!len) {
@ -92,9 +82,6 @@ void MifareSendCommand(uint8_t arg0, uint8_t arg1, uint8_t *datain) {
return; return;
} }
// reset the pcb_blocknum,
pcb_blocknum = 0;
if (flags & DISCONNECT) if (flags & DISCONNECT)
OnSuccess(); OnSuccess();
@ -482,7 +469,7 @@ void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
// dekryptera tagnonce. // dekryptera tagnonce.
if (mbedtls_aes_setkey_dec(&ctx, key->data, 128) != 0) { if (mbedtls_aes_setkey_dec(&ctx, key->data, 128) != 0) {
if (DBGLEVEL >= 4) { if (DBGLEVEL >= DBG_EXTENDED) {
DbpString("mbedtls_aes_setkey_dec failed"); DbpString("mbedtls_aes_setkey_dec failed");
} }
OnError(7); OnError(7);
@ -495,7 +482,7 @@ void MifareDES_Auth1(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
memcpy(both + 16, decRndB, 16); memcpy(both + 16, decRndB, 16);
uint8_t encBoth[32] = {0x00}; uint8_t encBoth[32] = {0x00};
if (mbedtls_aes_setkey_enc(&ctx, key->data, 128) != 0) { if (mbedtls_aes_setkey_enc(&ctx, key->data, 128) != 0) {
if (DBGLEVEL >= 4) { if (DBGLEVEL >= DBG_EXTENDED) {
DbpString("mbedtls_aes_setkey_enc failed"); DbpString("mbedtls_aes_setkey_enc failed");
} }
OnError(7); OnError(7);
@ -549,23 +536,23 @@ int DesfireAPDU(uint8_t *cmd, size_t cmd_len, uint8_t *dataout) {
wrappedLen = CreateAPDU(cmd, cmd_len, wCmd); wrappedLen = CreateAPDU(cmd, cmd_len, wCmd);
if (DBGLEVEL >= 4) if (DBGLEVEL >= DBG_EXTENDED)
print_result("WCMD <--: ", wCmd, wrappedLen); print_result("WCMD <--: ", wCmd, wrappedLen);
ReaderTransmit(wCmd, wrappedLen, NULL); ReaderTransmit(wCmd, wrappedLen, NULL);
len = ReaderReceive(resp, par); len = ReaderReceive(resp, par);
if (!len) { if (!len) {
if (DBGLEVEL >= 4) Dbprintf("fukked"); if (DBGLEVEL >= DBG_EXTENDED) Dbprintf("fukked");
return false; //DATA LINK ERROR return false; //DATA LINK ERROR
} }
// if we received an I- or R(ACK)-Block with a block number equal to the // if we received an I- or R(ACK)-Block with a block number equal to the
// current block number, toggle the current block number // current block number, toggle the current block number
else if (len >= 4 // PCB+CID+CRC = 4 bytes if (len >= 4 // PCB+CID+CRC = 4 bytes
&& ((resp[0] & 0xC0) == 0 // I-Block && ((resp[0] & 0xC0) == 0 // I-Block
|| (resp[0] & 0xD0) == 0x80) // R-Block with ACK bit set to 0 || (resp[0] & 0xD0) == 0x80) // R-Block with ACK bit set to 0
&& (resp[0] & 0x01) == pcb_blocknum) { // equal block numbers && (resp[0] & 0x01) == pcb_blocknum) { // equal block numbers
pcb_blocknum ^= 1; //toggle next block pcb_blocknum ^= 1; //toggle next block
} }
memcpy(dataout, resp, len); memcpy(dataout, resp, len);
@ -583,6 +570,8 @@ size_t CreateAPDU(uint8_t *datain, size_t len, uint8_t *dataout) {
cmd[0] = 0x02; // 0x0A = send cid, 0x02 = no cid. cmd[0] = 0x02; // 0x0A = send cid, 0x02 = no cid.
cmd[0] |= pcb_blocknum; // OR the block number into the PCB cmd[0] |= pcb_blocknum; // OR the block number into the PCB
if (DBGLEVEL >= DBG_EXTENDED) Dbprintf("pcb_blocknum %d == %d ", pcb_blocknum, cmd[0] );
cmd[1] = 0x90; // CID: 0x00 //TODO: allow multiple selected cards cmd[1] = 0x90; // CID: 0x00 //TODO: allow multiple selected cards
memcpy(cmd + 2, datain, len); memcpy(cmd + 2, datain, len);

82
client/cmdhfmfdes.c
View file

@ -19,6 +19,7 @@
#include "mbedtls/des.h" #include "mbedtls/des.h"
#include "crypto/libpcrypto.h" #include "crypto/libpcrypto.h"
#include "protocols.h" #include "protocols.h"
#include "mifare.h" // desfire raw command options
uint8_t key_zero_data[16] = { 0x00 }; uint8_t key_zero_data[16] = { 0x00 };
uint8_t key_ones_data[16] = { 0x01 }; uint8_t key_ones_data[16] = { 0x01 };
@ -299,54 +300,49 @@ void getKeySettings(uint8_t *aid) {
PrintAndLogEx(SUCCESS, " Master key Version : " _YELLOW_("%d (0x%02x)"), resp.data.asBytes[3], resp.data.asBytes[3]); PrintAndLogEx(SUCCESS, " Master key Version : " _YELLOW_("%d (0x%02x)"), resp.data.asBytes[3], resp.data.asBytes[3]);
PrintAndLogEx(INFO, " ----------------------------------------------------------"); PrintAndLogEx(INFO, " ----------------------------------------------------------");
} }
{ {
// 0x0A
uint8_t data[] = {AUTHENTICATE, 0x00, 0x00, 0x01, 0x00, 0x00}; // 0x0A, KEY 0 uint8_t data[] = {AUTHENTICATE, 0x00, 0x00, 0x01, 0x00, 0x00}; // 0x0A, KEY 0
SendCommandMIX(CMD_HF_DESFIRE_COMMAND, INIT | DISCONNECT, sizeof(data), 0, data, sizeof(data)); SendCommandMIX(CMD_HF_DESFIRE_COMMAND, INIT | DISCONNECT, sizeof(data), 0, data, sizeof(data));
} }
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1000)) {return;} if (!WaitForResponseTimeout(CMD_ACK, &resp, 1000)) {return;}
isOK = resp.data.asBytes[2] & 0xff; PrintAndLogEx(SUCCESS, " [0x0A] Authenticate : %s", (resp.length == 13) ? _YELLOW_("YES") : "NO");
if (resp.length == 13)
PrintAndLogEx(SUCCESS, " [0x0A] Authenticate : %s", (isOK == 0xAE) ? "NO" : _YELLOW_("YES"));
{ {
// 0x1A
uint8_t data[] = {AUTHENTICATE_ISO, 0x00, 0x00, 0x01, 0x00, 0x00}; // 0x1A, KEY 0 uint8_t data[] = {AUTHENTICATE_ISO, 0x00, 0x00, 0x01, 0x00, 0x00}; // 0x1A, KEY 0
SendCommandMIX(CMD_HF_DESFIRE_COMMAND, INIT | DISCONNECT, sizeof(data), 0, data, sizeof(data)); SendCommandMIX(CMD_HF_DESFIRE_COMMAND, INIT | DISCONNECT, sizeof(data), 0, data, sizeof(data));
} }
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1000)) {return;} if (!WaitForResponseTimeout(CMD_ACK, &resp, 1000)) {return;}
isOK = resp.data.asBytes[2] & 0xff; PrintAndLogEx(SUCCESS, " [0x1A] Authenticate ISO : %s", (resp.length >= 13) ? _YELLOW_("YES") : "NO");
if (resp.length >= 13)
PrintAndLogEx(SUCCESS, " [0x1A] Authenticate ISO : %s", (isOK == 0xAE) ? "NO" : _YELLOW_("YES"));
{ {
// 0xAA
uint8_t data[] = {AUTHENTICATE_AES, 0x00, 0x00, 0x01, 0x00, 0x00}; // 0xAA, KEY 0 uint8_t data[] = {AUTHENTICATE_AES, 0x00, 0x00, 0x01, 0x00, 0x00}; // 0xAA, KEY 0
SendCommandMIX(CMD_HF_DESFIRE_COMMAND, INIT | DISCONNECT, sizeof(data), 0, data, sizeof(data)); SendCommandMIX(CMD_HF_DESFIRE_COMMAND, INIT | DISCONNECT, sizeof(data), 0, data, sizeof(data));
} }
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1000)) {return;} if (!WaitForResponseTimeout(CMD_ACK, &resp, 1000)) {return;}
isOK = resp.data.asBytes[2] & 0xff; PrintAndLogEx(SUCCESS, " [0xAA] Authenticate AES : %s", (resp.length >= 13) ? _YELLOW_("YES") : "NO");
if (resp.length == 13)
PrintAndLogEx(SUCCESS, " [0xAA] Authenticate AES : %s", (isOK == 0xAE) ? "NO" : _YELLOW_("YES"));
PrintAndLogEx(INFO, "-------------------------------------------------------------"); PrintAndLogEx(INFO, "-------------------------------------------------------------");
} else { } else {
// AID - APPLICATIO MASTER KEYS // AID - APPLICATION MASTER KEYS
PrintAndLogEx(SUCCESS, " AMK - Application Master Key settings"); PrintAndLogEx(SUCCESS, " AMK - Application Master Key settings");
PrintAndLogEx(INFO, " ----------------------------------------------------------"); PrintAndLogEx(INFO, " ----------------------------------------------------------");
PrintAndLogEx(INFO, "Selecting AID: %s", sprint_hex(aid, 3) ); PrintAndLogEx(INFO, " select AID: " _YELLOW_("%s"), sprint_hex(aid, 3) );
// SELECT AID // SELECT AID
{ {
uint8_t data[] = {SELECT_APPLICATION, 0x00, 0x00, 0x00}; // 0x5a uint8_t data[] = {SELECT_APPLICATION, 0x00, 0x00, 0x03, aid[0], aid[1], aid[2], 0x00}; // 0x5a
memcpy(data + 1, aid, 3); //memcpy(data + 1, aid, 3);
SendCommandMIX(CMD_HF_DESFIRE_COMMAND, INIT | CLEARTRACE, sizeof(data), 0, data, sizeof(data)); SendCommandMIX(CMD_HF_DESFIRE_COMMAND, INIT, sizeof(data), 0, data, sizeof(data));
} }
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) { if (!WaitForResponseTimeout(CMD_ACK, &resp, 3000)) {
PrintAndLogEx(WARNING, _RED_(" Timed-out")); PrintAndLogEx(WARNING, _RED_(" Timed-out"));
return; return;
} }
@ -362,7 +358,7 @@ void getKeySettings(uint8_t *aid) {
SendCommandMIX(CMD_HF_DESFIRE_COMMAND, NONE, sizeof(data), 0, data, sizeof(data)); SendCommandMIX(CMD_HF_DESFIRE_COMMAND, NONE, sizeof(data), 0, data, sizeof(data));
} }
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) { if (!WaitForResponseTimeout(CMD_ACK, &resp, 3000)) {
return; return;
} }
isOK = resp.oldarg[0] & 0xff; isOK = resp.oldarg[0] & 0xff;
@ -370,15 +366,15 @@ void getKeySettings(uint8_t *aid) {
PrintAndLogEx(WARNING, _RED_(" Can't read Application Master key settings")); PrintAndLogEx(WARNING, _RED_(" Can't read Application Master key settings"));
} else { } else {
// Access rights. // Access rights.
uint8_t rights = (resp.data.asBytes[3] >> 4 & 0xff); uint8_t rights = (resp.data.asBytes[1] >> 4 & 0x0F);
switch (rights) { switch (rights) {
case 0x00: case 0x0:
str = "AMK authentication is necessary to change any key (default)"; str = "AMK authentication is necessary to change any key (default)";
break; break;
case 0x0e: case 0xE:
str = "Authentication with the key to be changed (same KeyNo) is necessary to change a key"; str = "Authentication with the key to be changed (same KeyNo) is necessary to change a key";
break; break;
case 0x0f: case 0xF:
str = "All keys (except AMK,see Bit0) within this application are frozen"; str = "All keys (except AMK,see Bit0) within this application are frozen";
break; break;
default: default:
@ -389,20 +385,20 @@ void getKeySettings(uint8_t *aid) {
PrintAndLogEx(SUCCESS, "-- " _GREEN_("%s"), str); PrintAndLogEx(SUCCESS, "-- " _GREEN_("%s"), str);
PrintAndLogEx(SUCCESS, ""); PrintAndLogEx(SUCCESS, "");
// same as CMK // same as CMK
str = (resp.data.asBytes[3] & (1 << 3)) ? "YES" : "NO"; str = (resp.data.asBytes[1] & (1 << 3)) ? "YES" : "NO";
PrintAndLogEx(SUCCESS, " 0x08 Configuration changeable : %s", str); PrintAndLogEx(SUCCESS, " 0x08 Configuration changeable : %s", str);
str = (resp.data.asBytes[3] & (1 << 2)) ? "NO" : "YES"; str = (resp.data.asBytes[1] & (1 << 2)) ? "NO" : "YES";
PrintAndLogEx(SUCCESS, " 0x04 AMK required for create/delete : %s", str); PrintAndLogEx(SUCCESS, " 0x04 AMK required for create/delete : %s", str);
str = (resp.data.asBytes[3] & (1 << 1)) ? "NO" : "YES"; str = (resp.data.asBytes[1] & (1 << 1)) ? "NO" : "YES";
PrintAndLogEx(SUCCESS, " 0x02 Directory list access with AMK : %s", str); PrintAndLogEx(SUCCESS, " 0x02 Directory list access with AMK : %s", str);
str = (resp.data.asBytes[3] & (1 << 0)) ? "YES" : "NO"; str = (resp.data.asBytes[1] & (1 << 0)) ? "YES" : "NO";
PrintAndLogEx(SUCCESS, " 0x01 AMK is changeable : %s", str); PrintAndLogEx(SUCCESS, " 0x01 AMK is changeable : %s", str);
} }
// KEY VERSION - AMK // KEY VERSION - AMK
{ {
uint8_t data[] = {GET_KEY_VERSION, 0x00, 0x00, 0x00}; // 0x64 uint8_t data[] = {GET_KEY_VERSION, 0x00, 0x00, 0x01, 0x00, 0x00}; // 0x64
SendCommandMIX(CMD_HF_DESFIRE_COMMAND, NONE, sizeof(data), 0, data, sizeof(data)); SendCommandMIX(CMD_HF_DESFIRE_COMMAND, DISCONNECT, sizeof(data), 0, data, sizeof(data));
} }
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) { if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
@ -439,8 +435,8 @@ static int CmdHF14ADesEnumApplications(const char *Cmd) {
uint8_t isOK = 0x00; uint8_t isOK = 0x00;
uint8_t aid[3]; uint8_t aid[3];
{ {
uint8_t data[1] = {GET_APPLICATION_IDS}; //0x6a uint8_t data[] = {GET_APPLICATION_IDS, 0x00, 0x00, 0x00}; //0x6a
SendCommandMIX(CMD_HF_DESFIRE_COMMAND, INIT | DISCONNECT, sizeof(data), 0, data, sizeof(data)); SendCommandMIX(CMD_HF_DESFIRE_COMMAND, INIT | CLEARTRACE | DISCONNECT, sizeof(data), 0, data, sizeof(data));
} }
PacketResponseNG resp; PacketResponseNG resp;
@ -454,17 +450,18 @@ static int CmdHF14ADesEnumApplications(const char *Cmd) {
return PM3_ESOFT; return PM3_ESOFT;
} }
PrintAndLogEx(NORMAL, ""); PrintAndLogEx(NORMAL, "");
PrintAndLogEx(SUCCESS, "-- Desfire Enumerate Applications ---------------------------"); PrintAndLogEx(INFO, "-- Desfire Enumerate Applications ---------------------------");
PrintAndLogEx(INFO, "-------------------------------------------------------------"); PrintAndLogEx(INFO, "-------------------------------------------------------------");
PacketResponseNG respAid; // PacketResponseNG respAid;
PacketResponseNG respFiles; // PacketResponseNG respFiles;
uint8_t num = 0; uint8_t num = 0;
int max = resp.oldarg[1] - 3 - 2; int max = resp.oldarg[1] - 3 - 2;
PrintAndLogEx(INFO," MAX %d", max);
for (int i = 3; i <= max; i += 3) { for (int i = 1; i < max; i += 3) {
PrintAndLogEx(SUCCESS, " Aid %d : %02X %02X %02X ", num, resp.data.asBytes[i], resp.data.asBytes[i + 1], resp.data.asBytes[i + 2]); PrintAndLogEx(SUCCESS, " Aid %d : %02X %02X %02X ", num, resp.data.asBytes[i], resp.data.asBytes[i+1], resp.data.asBytes[i+2]);
num++; num++;
aid[0] = resp.data.asBytes[i]; aid[0] = resp.data.asBytes[i];
@ -472,11 +469,11 @@ static int CmdHF14ADesEnumApplications(const char *Cmd) {
aid[2] = resp.data.asBytes[i + 2]; aid[2] = resp.data.asBytes[i + 2];
getKeySettings(aid); getKeySettings(aid);
/*
// Select Application // Select Application
{ {
uint8_t data[4] = {SELECT_APPLICATION}; // 0x5a uint8_t data[] = {SELECT_APPLICATION, 0x00, 0x00, 0x03, aid[0], aid[1], aid[2], 0x00}; // 0x5a
memcpy(data + 1, &resp.data.asBytes[i], 3); SendCommandMIX(CMD_HF_DESFIRE_COMMAND, NONE, sizeof(data), 0, data, sizeof(data));
SendCommandMIX(CMD_HF_DESFIRE_COMMAND, INIT, sizeof(data), 0, data, sizeof(data));
} }
if (!WaitForResponseTimeout(CMD_ACK, &respAid, 1500)) { if (!WaitForResponseTimeout(CMD_ACK, &respAid, 1500)) {
@ -491,7 +488,7 @@ static int CmdHF14ADesEnumApplications(const char *Cmd) {
// Get File IDs // Get File IDs
{ {
uint8_t data[1] = {GET_FILE_IDS}; // 0x6f uint8_t data[] = {GET_FILE_IDS, 0x00, 0x00, 0x00}; // 0x6f
SendCommandMIX(CMD_HF_DESFIRE_COMMAND, NONE, sizeof(data), 0, data, sizeof(data)); SendCommandMIX(CMD_HF_DESFIRE_COMMAND, NONE, sizeof(data), 0, data, sizeof(data));
} }
@ -512,7 +509,7 @@ static int CmdHF14ADesEnumApplications(const char *Cmd) {
// Get ISO File IDs // Get ISO File IDs
{ {
uint8_t data[1] = {GET_ISOFILE_IDS}; // 0x61 uint8_t data[] = {GET_ISOFILE_IDS, 0x00, 0x00, 0x00}; // 0x61
SendCommandMIX(CMD_HF_DESFIRE_COMMAND, DISCONNECT, sizeof(data), 0, data, sizeof(data)); SendCommandMIX(CMD_HF_DESFIRE_COMMAND, DISCONNECT, sizeof(data), 0, data, sizeof(data));
} }
@ -530,6 +527,7 @@ static int CmdHF14ADesEnumApplications(const char *Cmd) {
} }
} }
} }
*/
} }
PrintAndLogEx(INFO, "-------------------------------------------------------------"); PrintAndLogEx(INFO, "-------------------------------------------------------------");
return PM3_SUCCESS; return PM3_SUCCESS;

10
client/cmdhfmfdes.h
View file

@ -19,16 +19,6 @@ char *getProtocolStr(uint8_t id);
char *getVersionStr(uint8_t major, uint8_t minor); char *getVersionStr(uint8_t major, uint8_t minor);
void getKeySettings(uint8_t *aid); void getKeySettings(uint8_t *aid);
// Command options for Desfire behavior.
enum {
NONE = 0x00,
INIT = 0x01,
DISCONNECT = 0x02,
CLEARTRACE = 0x04,
BAR = 0x08,
} CmdOptions ;
#define CREATE_APPLICATION 0xca #define CREATE_APPLICATION 0xca
#define DELETE_APPLICATION 0xda #define DELETE_APPLICATION 0xda
#define GET_APPLICATION_IDS 0x6a #define GET_APPLICATION_IDS 0x6a

10
include/mifare.h
View file

@ -70,6 +70,16 @@ typedef struct {
uint32_t ProxToAirDuration; uint32_t ProxToAirDuration;
uint8_t par; // enough for precalculated parity of 8 Byte responses uint8_t par; // enough for precalculated parity of 8 Byte responses
} PACKED tag_response_info_t; } PACKED tag_response_info_t;
// DESFIRE_RAW flag enums
typedef enum DESFIRE_COMMAND {
NONE = 0x00,
INIT = 0x01,
DISCONNECT = 0x02,
CLEARTRACE = 0x04,
BAR = 0x10,
} desfire_command_t;
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
// ISO 14443B // ISO 14443B
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------