From c11b129c2345a00d9fabcc8367791c167f83d04a Mon Sep 17 00:00:00 2001 From: merlokk Date: Wed, 1 Nov 2017 17:42:40 +0200 Subject: [PATCH] removed code from library --- client/cmdhf14a.c | 4 ++-- client/mifarehost.c | 26 ++++++++++++++++++++++++++ common/crapto1/crapto1.c | 12 ------------ common/crapto1/crapto1.h | 2 -- 4 files changed, 28 insertions(+), 16 deletions(-) diff --git a/client/cmdhf14a.c b/client/cmdhf14a.c index 66210812..928864a1 100644 --- a/client/cmdhf14a.c +++ b/client/cmdhf14a.c @@ -485,10 +485,10 @@ int CmdHF14AInfo(const char *Cmd) if (isMifareClassic) { switch(DetectClassicPrng()) { case 0: - PrintAndLog("Prng detection: WEAK"); + PrintAndLog("Prng detection: HARDEND (hardnested)"); break; case 1: - PrintAndLog("Prng detection: HARDEND (hardnested)"); + PrintAndLog("Prng detection: WEAK"); break; default: PrintAndLog("Prng detection error."); diff --git a/client/mifarehost.c b/client/mifarehost.c index 49541921..67277b59 100644 --- a/client/mifarehost.c +++ b/client/mifarehost.c @@ -903,6 +903,32 @@ int tryDecryptWord(uint32_t nt, uint32_t ar_enc, uint32_t at_enc, uint8_t *data, return 0; } +/** validate_prng_nonce + * Determine if nonce is deterministic. ie: Suspectable to Darkside attack. + * returns + * true = weak prng + * false = hardend prng + */ +bool validate_prng_nonce(uint32_t nonce) { + uint16_t *dist = 0; + uint16_t x, i; + + dist = malloc(2 << 16); + if(!dist) + return -1; + + // init prng table: + for (x = i = 1; i; ++i) { + dist[(x & 0xff) << 8 | x >> 8] = i; + x = x >> 1 | (x ^ x >> 2 ^ x >> 3 ^ x >> 5) << 15; + } + + uint32_t res = (65535 - dist[nonce >> 16] + dist[nonce & 0xffff]) % 65535; + + free(dist); + return (res == 16); +} + /* Detect Tag Prng, * function performs a partial AUTH, where it tries to authenticate against block0, key A, but only collects tag nonce. * the tag nonce is check to see if it has a predictable PRNG. diff --git a/common/crapto1/crapto1.c b/common/crapto1/crapto1.c index b77842e9..1edfca1b 100644 --- a/common/crapto1/crapto1.c +++ b/common/crapto1/crapto1.c @@ -426,18 +426,6 @@ int nonce_distance(uint32_t from, uint32_t to) return (65535 + dist[to >> 16] - dist[from >> 16]) % 65535; } -/** validate_prng_nonce - * Determine if nonce is deterministic. ie: Suspectable to Darkside attack. - * returns - * true = weak prng - * false = hardend prng - */ -bool validate_prng_nonce(uint32_t nonce) { - // init prng table: - nonce_distance(nonce, nonce); - return ((65535 - dist[nonce >> 16] + dist[nonce & 0xffff]) % 65535) == 16; -} - static uint32_t fastfwd[2][8] = { { 0, 0x4BC53, 0xECB1, 0x450E2, 0x25E29, 0x6E27A, 0x2B298, 0x60ECB}, { 0, 0x1D962, 0x4BC53, 0x56531, 0xECB1, 0x135D3, 0x450E2, 0x58980}}; diff --git a/common/crapto1/crapto1.h b/common/crapto1/crapto1.h index 154e4cc8..8e79d224 100644 --- a/common/crapto1/crapto1.h +++ b/common/crapto1/crapto1.h @@ -20,7 +20,6 @@ #ifndef CRAPTO1_INCLUDED #define CRAPTO1_INCLUDED #include -#include #ifdef __cplusplus extern "C" { #endif @@ -49,7 +48,6 @@ uint8_t lfsr_rollback_bit(struct Crypto1State* s, uint32_t in, int fb); uint8_t lfsr_rollback_byte(struct Crypto1State* s, uint32_t in, int fb); uint32_t lfsr_rollback_word(struct Crypto1State* s, uint32_t in, int fb); int nonce_distance(uint32_t from, uint32_t to); -extern bool validate_prng_nonce(uint32_t nonce); #define FOREACH_VALID_NONCE(N, FILTER, FSIZE)\ uint32_t __n = 0,__M = 0, N = 0;\ int __i;\