First check in.

Author: iceman1001

armsrc/LCD.c

@@ -6,7 +6,7 @@
 // LCD code
 //-----------------------------------------------------------------------------
 
-#include "proxmark3.h"
+#include "../include/proxmark3.h"
 #include "apps.h"
 #include "LCD.h"
 #include "fonts.h"

armsrc/Makefile

@@ -10,21 +10,23 @@ APP_INCLUDES = apps.h
 
 #remove one of the following defines and comment out the relevant line
 #in the next section to remove that particular feature from compilation  
-APP_CFLAGS	= -DWITH_LF -DWITH_ISO15693 -DWITH_ISO14443a -DWITH_ISO14443b -DWITH_ICLASS -DWITH_LEGICRF -DWITH_HITAG
+APP_CFLAGS	= -DWITH_LF -DWITH_ISO15693 -DWITH_ISO14443a -DWITH_ISO14443b -DWITH_ICLASS -DWITH_LEGICRF -DWITH_HITAG  -DWITH_CRC -fno-strict-aliasing
 #-DWITH_LCD 
 
 #SRC_LCD = fonts.c LCD.c
 SRC_LF = lfops.c hitag2.c
 SRC_ISO15693 = iso15693.c iso15693tools.c 
 SRC_ISO14443a = epa.c iso14443a.c mifareutil.c mifarecmd.c mifaresniff.c
 SRC_ISO14443b = iso14443.c
-SRC_CRAPTO1 = crapto1.c crypto1.c
+SRC_CRAPTO1 = crapto1.c crypto1.c des.c aes.c 
+SRC_CRC = iso14443crc.c crc.c crc16.c crc32.c
 
 THUMBSRC = start.c \
 	$(SRC_LCD) \
 	$(SRC_ISO15693) \
 	$(SRC_LF) \
-	appmain.c printf.c \
+	appmain.c \
+	printf.c \
 	util.c \
 	string.c \
 	usb_cdc.c \
@@ -33,14 +35,15 @@ THUMBSRC = start.c \
 # These are to be compiled in ARM mode
 ARMSRC = fpgaloader.c \
 	legicrf.c \
-	iso14443crc.c \
-	crc16.c \
 	$(SRC_ISO14443a) \
 	$(SRC_ISO14443b) \
 	$(SRC_CRAPTO1) \
+	$(SRC_CRC) \
 	legic_prng.c \
 	iclass.c \
-	crc.c
+	mifaredesfire.c \
+	desfire_crypto.c \
+	desfire_key.c
 
 # stdint.h provided locally until GCC 4.5 becomes C99 compliant
 APP_CFLAGS += -I.

armsrc/aes.c

@@ -0,0 +1,30 @@
+/*
+* AES Cryptographic Algorithm Header File. Include this header file in
+* your source which uses these given APIs. (This source is kept under
+* public domain)
+*/
+
+// AES context structure
+typedef struct {
+ unsigned int Ek[60];
+ unsigned int Dk[60];
+ unsigned int Iv[4];
+ unsigned char Nr;
+ unsigned char Mode;
+} AesCtx;
+
+// key length in bytes
+#define KEY128 16
+#define KEY192 24
+#define KEY256 32
+// block size in bytes
+#define BLOCKSZ 16
+// mode
+#define EBC 0
+#define CBC 1
+
+// AES API function prototype
+
+int AesCtxIni(AesCtx *pCtx, unsigned char *pIV, unsigned char *pKey, unsigned int KeyLen, unsigned char Mode);
+int AesEncrypt(AesCtx *pCtx, unsigned char *pData, unsigned char *pCipher, unsigned int DataLen);
+int AesDecrypt(AesCtx *pCtx, unsigned char *pCipher, unsigned char *pData, unsigned int CipherLen);

armsrc/aes.h

@@ -10,10 +10,10 @@
 // executes.
 //-----------------------------------------------------------------------------
 
-#include "usb_cdc.h"
-#include "cmd.h"
+#include "../common/usb_cdc.h"
+#include "../common/cmd.h"
 
-#include "proxmark3.h"
+#include "../include/proxmark3.h"
 #include "apps.h"
 #include "util.h"
 #include "printf.h"
@@ -22,7 +22,7 @@
 #include <stdarg.h>
 
 #include "legicrf.h"
-#include <hitag2.h>
+#include "../include/hitag2.h"
 
 #ifdef WITH_LCD
  #include "LCD.h"
@@ -81,40 +81,12 @@ void DbpString(char *str)
 {
   byte_t len = strlen(str);
   cmd_send(CMD_DEBUG_PRINT_STRING,len,0,0,(byte_t*)str,len);
-//	/* this holds up stuff unless we're connected to usb */
-//	if (!UsbConnected())
-//		return;
-//
-//	UsbCommand c;
-//	c.cmd = CMD_DEBUG_PRINT_STRING;
-//	c.arg[0] = strlen(str);
-//	if(c.arg[0] > sizeof(c.d.asBytes)) {
-//		c.arg[0] = sizeof(c.d.asBytes);
-//	}
-//	memcpy(c.d.asBytes, str, c.arg[0]);
-//
-//	UsbSendPacket((uint8_t *)&c, sizeof(c));
-//	// TODO fix USB so stupid things like this aren't req'd
-//	SpinDelay(50);
 }
 
 #if 0
 void DbpIntegers(int x1, int x2, int x3)
 {
   cmd_send(CMD_DEBUG_PRINT_INTEGERS,x1,x2,x3,0,0);
-//	/* this holds up stuff unless we're connected to usb */
-//	if (!UsbConnected())
-//		return;
-//
-//	UsbCommand c;
-//	c.cmd = CMD_DEBUG_PRINT_INTEGERS;
-//	c.arg[0] = x1;
-//	c.arg[1] = x2;
-//	c.arg[2] = x3;
-//
-//	UsbSendPacket((uint8_t *)&c, sizeof(c));
-//	// XXX
-//	SpinDelay(50);
 }
 #endif
 
@@ -199,8 +171,6 @@ void MeasureAntennaTuning(void)
 	int i, adcval = 0, peak = 0, peakv = 0, peakf = 0; //ptr = 0 
 	int vLf125 = 0, vLf134 = 0, vHf = 0;	// in mV
 
-//	UsbCommand c;
-
   LED_B_ON();
 	DbpString("Measuring antenna characteristics, please wait...");
 	memset(dest,0,sizeof(FREE_BUFFER_SIZE));
@@ -692,7 +662,6 @@ void UsbPacketReceived(uint8_t *packet, int len)
 		case CMD_PCF7931_READ: // Read PCF7931 tag
 			ReadPCF7931();
 			cmd_send(CMD_ACK,0,0,0,0,0);
-//      	UsbSendPacket((uint8_t*)&ack, sizeof(ack));
 			break;
 		case CMD_EM4X_READ_WORD:
 			EM4xReadWord(c->arg[1], c->arg[2],c->d.asBytes[0]);
@@ -800,8 +769,17 @@ void UsbPacketReceived(uint8_t *packet, int len)
 		case CMD_MIFAREU_READBL:
 			MifareUReadBlock(c->arg[0],c->d.asBytes);
 			break;
+		case CMD_MIFAREUC_AUTH1:
+			MifareUC_Auth1(c->arg[0],c->d.asBytes);
+			break;
+		case CMD_MIFAREUC_AUTH2:
+			MifareUC_Auth2(c->arg[0],c->d.asBytes);
+			break;
 		case CMD_MIFAREU_READCARD:
-			MifareUReadCard(c->arg[0],c->d.asBytes);
+			MifareUReadCard(c->arg[0],c->arg[1],c->d.asBytes);
+                        break;
+		case CMD_MIFAREUC_READCARD:
+			MifareUReadCard(c->arg[0],c->arg[1],c->d.asBytes);
                         break;
 		case CMD_MIFARE_READSC:
 			MifareReadSector(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes);
@@ -854,6 +832,24 @@ void UsbPacketReceived(uint8_t *packet, int len)
 		case CMD_MIFARE_SNIFFER:
 			SniffMifare(c->arg[0]);
 			break;
+			
+		// mifare desfire
+		case CMD_MIFARE_DESFIRE_READBL:
+			break;
+		case CMD_MIFARE_DESFIRE_WRITEBL:
+			break;
+		case CMD_MIFARE_DESFIRE_AUTH1:
+			MifareDES_Auth1(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes);
+			break;
+		case CMD_MIFARE_DESFIRE_AUTH2:
+			MifareDES_Auth2(c->arg[0],c->d.asBytes);
+			break;
+		// case CMD_MIFARE_DES_READER:
+			// ReaderMifareDES(c->arg[0], c->arg[1], c->d.asBytes);
+			break;
+		case CMD_MIFARE_DESFIRE_INFO:
+			MifareDesfireGetInformation();
+			break;
 #endif
 
 #ifdef WITH_ICLASS
@@ -867,6 +863,9 @@ void UsbPacketReceived(uint8_t *packet, int len)
 		case CMD_READER_ICLASS:
 			ReaderIClass(c->arg[0]);
 			break;
+		case CMD_READER_ICLASS_REPLAY:
+		        ReaderIClass_Replay(c->arg[0], c->d.asBytes);
+			break;
 #endif
 
 		case CMD_SIMULATE_TAG_HF_LISTEN:
@@ -896,18 +895,6 @@ void UsbPacketReceived(uint8_t *packet, int len)
 			break;
 
 		case CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K:
-//			UsbCommand n;
-//			if(c->cmd == CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K) {
-//				n.cmd = CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K;
-//			} else {
-//				n.cmd = CMD_DOWNLOADED_RAW_BITS_TI_TYPE;
-//			}
-//			n.arg[0] = c->arg[0];
-      //			memcpy(n.d.asBytes, BigBuf+c->arg[0], 48); // 12*sizeof(uint32_t)
-      //			LED_B_ON();
-      //      usb_write((uint8_t *)&n, sizeof(n));
-      //			UsbSendPacket((uint8_t *)&n, sizeof(n));
-      //			LED_B_OFF();
 
 			LED_B_ON();
 			for(size_t i=0; i<c->arg[1]; i += USB_CMD_DATA_SIZE) {
@@ -923,7 +910,6 @@ void UsbPacketReceived(uint8_t *packet, int len)
 			uint8_t *b = (uint8_t *)BigBuf;
 			memcpy(b+c->arg[0], c->d.asBytes, 48);
 			//Dbprintf("copied 48 bytes to %i",b+c->arg[0]);
-//			UsbSendPacket((uint8_t*)&ack, sizeof(ack));
 			cmd_send(CMD_ACK,0,0,0,0,0);
 			break;
 		}	
@@ -981,7 +967,6 @@ void UsbPacketReceived(uint8_t *packet, int len)
 		case CMD_DEVICE_INFO: {
 			uint32_t dev_info = DEVICE_INFO_FLAG_OSIMAGE_PRESENT | DEVICE_INFO_FLAG_CURRENT_MODE_OS;
 			if(common_area.flags.bootrom_present) dev_info |= DEVICE_INFO_FLAG_BOOTROM_PRESENT;
-//			UsbSendPacket((uint8_t*)&c, sizeof(c));
 			cmd_send(CMD_DEVICE_INFO,dev_info,0,0,0,0);	
 			break;
 		}
@@ -1010,7 +995,6 @@ void  __attribute__((noreturn)) AppMain(void)
 
   // Init USB device`
   usb_enable();
-//	UsbStart();
 
 	// The FPGA gets its clock from us from PCK0 output, so set that up.
 	AT91C_BASE_PIOA->PIO_BSR = GPIO_PCK0;
@@ -1046,8 +1030,6 @@ void  __attribute__((noreturn)) AppMain(void)
         UsbPacketReceived(rx,rx_len);
       }
     }
-//		UsbPoll(FALSE);
-
 		WDT_HIT();
 
 #ifdef WITH_LF

armsrc/appmain.c

@@ -14,9 +14,27 @@
 
 #include <stdint.h>
 #include <stddef.h>
-#include "common.h"
-#include "hitag2.h"
-#include "mifare.h"
+#include <sys/types.h>
+
+#include <stdlib.h>
+#include <string.h>
+#include <strings.h>
+
+
+#include "../include/common.h"
+#include "../include/hitag2.h"
+#include "../include/mifare.h"
+
+//#include <openssl/des.h>
+//#include <openssl/aes.h>
+
+//#include "des.h"
+//#include "aes.h"
+#include "../common/desfire.h"
+#include "../common/crc32.h"
+//#include "desfire_crypto.h"
+//#include "desfire_key.h"
+
 
 // The large multi-purpose buffer, typically used to hold A/D samples,
 // maybe processed in some way.
@@ -172,7 +190,9 @@ void ReaderMifare(bool first_try);
 int32_t dist_nt(uint32_t nt1, uint32_t nt2);
 void MifareReadBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *data);
 void MifareUReadBlock(uint8_t arg0,uint8_t *datain);
-void MifareUReadCard(uint8_t arg0,uint8_t *datain);
+void MifareUC_Auth1(uint8_t arg0, uint8_t *datain);
+void MifareUC_Auth2(uint32_t arg0, uint8_t *datain);
+void MifareUReadCard(uint8_t arg0,int Pages,uint8_t *datain);
 void MifareReadSector(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain);
 void MifareWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain);
 void MifareUWriteBlock(uint8_t arg0,uint8_t *datain);
@@ -188,6 +208,47 @@ void MifareECardLoad(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datai
 void MifareCSetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain);  // Work with "magic Chinese" card
 void MifareCGetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain);
 
+// mifaredesfire.h
+void 		MifareDesfireGetInformation();
+void 		MifareDES_Auth1(uint8_t arg0,uint8_t arg1,uint8_t arg2, uint8_t *datain);
+void 		MifareDES_Auth2(uint32_t arg0, uint8_t *datain);
+int 		mifare_des_auth2(uint32_t uid, uint8_t *key, uint8_t *blockData);
+void 		ReaderMifareDES(uint32_t param, uint32_t param2, uint8_t * datain);
+int 		SendDesfireCommand(enum DESFIRE_CMD desfire_cmd, uint8_t *dataout, uint8_t fromscratch);
+uint8_t* 	CreateAPDU( uint8_t *datain, size_t len);
+void 		OnSuccess();
+void 		OnError();
+
+// desfire_key.h
+desfirekey_t 		Desfire_des_key_new (const uint8_t value[8]);
+desfirekey_t 		Desfire_3des_key_new (const uint8_t value[16]);
+desfirekey_t 		Desfire_des_key_new_with_version (const uint8_t value[8]);
+desfirekey_t 		Desfire_3des_key_new_with_version (const uint8_t value[16]);
+desfirekey_t 		Desfire_3k3des_key_new (const uint8_t value[24]);
+desfirekey_t 		Desfire_3k3des_key_new_with_version (const uint8_t value[24]);
+desfirekey_t 		Desfire_aes_key_new (const uint8_t value[16]);
+desfirekey_t 		Desfire_aes_key_new_with_version (const uint8_t value[16], uint8_t version);
+uint8_t          	Desfire_key_get_version (desfirekey_t key);
+void             	Desfire_key_set_version (desfirekey_t key, uint8_t version);
+desfirekey_t 		Desfire_session_key_new (const uint8_t rnda[], const uint8_t rndb[], desfirekey_t authkey);
+
+// desfire_crypto.h
+void	            *mifare_cryto_preprocess_data (desfiretag_t tag, void *data, size_t *nbytes, off_t offset, int communication_settings);
+void    	        *mifare_cryto_postprocess_data (desfiretag_t tag, void *data, ssize_t *nbytes, int communication_settings);
+void        	    mifare_cypher_single_block (desfirekey_t  key, uint8_t *data, uint8_t *ivect, MifareCryptoDirection direction, MifareCryptoOperation operation, size_t block_size);
+void            	mifare_cypher_blocks_chained (desfiretag_t tag, desfirekey_t key, uint8_t *ivect, uint8_t *data, size_t data_size, MifareCryptoDirection direction, MifareCryptoOperation operation);
+size_t           	key_block_size (const desfirekey_t  key);
+size_t           	padded_data_length (const size_t nbytes, const size_t block_size);
+size_t           	maced_data_length (const desfirekey_t  key, const size_t nbytes);
+size_t           	enciphered_data_length (const desfiretag_t tag, const size_t nbytes, int communication_settings);
+void             	cmac_generate_subkeys (desfirekey_t key);
+void             	cmac (const desfirekey_t  key, uint8_t *ivect, const uint8_t *data, size_t len, uint8_t *cmac);
+
+
+
+
+
+
 /// iso15693.h
 void RecordRawAdcSamplesIso15693(void);
 void AcquireRawAdcSamplesIso15693(void);
@@ -201,7 +262,9 @@ void SetDebugIso15693(uint32_t flag);
 void RAMFUNC SnoopIClass(void);
 void SimulateIClass(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain);
 void ReaderIClass(uint8_t arg0);
-//int doIClassSimulation(uint8_t csn[], int breakAfterMacReceived);
+void ReaderIClass_Replay(uint8_t arg0,uint8_t *MAC);
+void IClass_iso14443A_GetPublic(uint8_t arg0);
+ 
 // hitag2.h
 void SnoopHitag(uint32_t type);
 void SimulateHitagTag(bool tag_mem_supplied, byte_t* data);