robin.thoni
/
rfid-mfcuk
Obserwuj 1
Gwiazdka 0
Forkuj 0
Kod Problemy 0 Pull Requests 0 Wydania 0 Wiki Aktywność
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Gałąź
Drzewo: 16faebfce6
Gałęzie Tagi
${ item.name }
Utwórz gałąź ${ searchTerm }
z '16faebfce6'
${ noResults }
rfid-mfcuk/src/mfcuk.h

mfcuk.h 6.2KB
Historia Czysty

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119 
  1. /*

  2.  Package:

  3.     MiFare Classic Universal toolKit (MFCUK)

  4. 

  5.  Filename:

  6.     mfcuk_keyrecovery_darkside.h

  7. 

  8.  Description:

  9.     MFCUK DarkSide Key Recovery specific typedefs and defines

  10. 

  11.  Contact, bug-reports:

  12.     http://andreicostin.com/

  13.     mailto:zveriu@gmail.com

  14. 

  15.  License:

  16.     GPL2 (see below), Copyright (C) 2009, Andrei Costin

  17. 

  18.  * @file mfcuk_keyrecovery_darkside.h

  19.  * @brief

  20. */

  21. 

  22. /*

  23.  VERSION HISTORY

  24. --------------------------------------------------------------------------------

  25. | Number     : 0.1

  26. | dd/mm/yyyy : 23/11/2009

  27. | Author     : zveriu@gmail.com, http://andreicostin.com

  28. | Description: Moved bulk of defines and things from "mfcuk_keyrecovery_darkside.c"

  29. --------------------------------------------------------------------------------

  30. */

  31. 

  32. /*

  33.  LICENSE

  34. 

  35.  This program is free software: you can redistribute it and/or modify

  36.  it under the terms of the GNU General Public License as published by

  37.  the Free Software Foundation, either version 2 of the License, or

  38.  (at your option) any later version.

  39. 

  40.  This program is distributed in the hope that it will be useful,

  41.  but WITHOUT ANY WARRANTY; without even the implied warranty of

  42.  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  43.  GNU General Public License for more details.

  44. 

  45.  You should have received a copy of the GNU General Public License

  46.  along with this program.  If not, see <http://www.gnu.org/licenses/>.

  47. */

  48. 

  49. #ifndef _MFCUK_KEYRECOVERY_DARKSIDE_H_

  50. #define _MFCUK_KEYRECOVERY_DARKSIDE_H_

  51. 

  52. // Define package and executable related info

  53. #define BUILD_NAME      "Mifare Classic DarkSide Key Recovery Tool"

  54. #define BUILD_VERSION   "0.3"

  55. #define BUILD_AUTHOR    "Andrei Costin, zveriu@gmail.com, http://andreicostin.com"

  56. 

  57. // Define return statuses

  58. #define MFCUK_SUCCESS                 0x0

  59. #define MFCUK_OK_KEY_RECOVERED        (MFCUK_SUCCESS+1)

  60. #define MFCUK_FAIL_AUTH               (MFCUK_OK_KEY_RECOVERED+1)

  61. #define MFCUK_FAIL_CRAPTO             (MFCUK_FAIL_AUTH+1)

  62. #define MFCUK_FAIL_TAGTYPE_INVALID    (MFCUK_FAIL_CRAPTO+1)

  63. #define MFCUK_FAIL_KEYTYPE_INVALID    (MFCUK_FAIL_TAGTYPE_INVALID+1)

  64. #define MFCUK_FAIL_BLOCK_INVALID      (MFCUK_FAIL_KEYTYPE_INVALID+1)

  65. #define MFCUK_FAIL_SECTOR_INVALID     (MFCUK_FAIL_BLOCK_INVALID+1)

  66. #define MFCUK_FAIL_COMM               (MFCUK_FAIL_SECTOR_INVALID+1)

  67. #define MFCUK_FAIL_MEMORY             (MFCUK_FAIL_COMM+1)

  68. 

  69. // There are 4 bytes in ACBITS, use each byte as below

  70. #define ACTIONS_KEY_A           0 // Specifies the byte index where actions for key A are stored

  71. #define RESULTS_KEY_A           1 // Specifies the byte index where results for key A are stored

  72. #define ACTIONS_KEY_B           2 // Specifies the byte index where actions for key B are stored

  73. #define RESULTS_KEY_B           3 // Specifies the byte index where results for key B are stored

  74. 

  75. // The action/result byte can contain any combination of these

  76. #define ACTIONS_VERIFY          0x1 // Specifies whether the key should be first verified

  77. #define ACTIONS_RECOVER         0x2 // Specifies whether the key should be recovered. If a key has verify action and the key was verified, RESULTS_ byte will indicate that and recovery will not take place

  78. #define ACTIONS_KEYSET          0x4 // Specifies whether the key was set from command line rather that should be loaded from the eventual -i/-I dump

  79. 

  80. // Implementation specific, since we are not 100% sure we can fix the tag nonce

  81. // Suppose from 2^32, only MAX 2^16 tag nonces will appear given current SLEEP_ values

  82. #define MAX_TAG_NONCES                  65536

  83. // Maximum possible states allocated and returned by lsfr_common_prefix(). Used this value in the looping

  84. #define MAX_COMMON_PREFIX_STATES        (1<<20)

  85. // 10 ms, though {WPMCC09} claims 30 us is enough

  86. #define SLEEP_AT_FIELD_OFF              10

  87. // 50 ms, seems pretty good constant, though if you don't like it - make it even 3.1415..., we don't care

  88. #define SLEEP_AFTER_FIELD_ON            50

  89. // Since the 29 bits of {Nr} are constant, darkside varies only "last" (0xFFFFFF1F) 3 bits, thus we have 8 possible parity bits arrays

  90. #define MFCUK_DARKSIDE_MAX_LEVELS       8

  91. 

  92. #define MFCUK_DARKSIDE_START_NR         0xDEADBEEF

  93. #define MFCUK_DARKSIDE_START_AR         0xFACECAFE

  94. 

  95. typedef struct tag_nonce_entry {

  96.   uint32_t tagNonce; // Tag nonce we target for fixation

  97.   uint8_t spoofFlag; // No spoofing until we have a successful auth with this tagNonce. Once we have, we want to spoof to get the encrypted 0x5 value

  98.   uint32_t num_of_appearances; // For statistics, how many times this tag nonce appeared for the given SLEEP_ values

  99. 

  100.   // STAGE1 data for "dark side" and lsfr_common_prefix()

  101.   uint32_t spoofNrPfx; // PARAM: used as pfx, calculated from (spoofNrEnc & 0xFFFFFF1F). BUG: weird way to denote "first 29 prefix bits" in "dark side" paper. Perhaps I see the world different

  102.   uint32_t spoofNrEnc; // {Nr} value which we will be using to make the tag respond with 4 bits

  103.   uint32_t spoofArEnc; // PARAM: used as rr

  104.   uint8_t spoofParBitsEnc; // parity bits we are trying to guess for the first time

  105.   uint8_t spoofNackEnc; // store here the encrypted NACK returned first time we match the parity bits

  106.   uint8_t spoofKs; // store here the keystream ks used for encryptying spoofNackEnc, specifically spoofKs = spoofNackEnc ^ 0x5

  107. 

  108.   // STAGE2 data for "dark side" and lsfr_common_prefix()

  109.   int current_out_of_8; // starting from -1 until we find parity for chosen spoofNrEnc,spoofArEnc

  110.   uint8_t parBitsCrntCombination[MFCUK_DARKSIDE_MAX_LEVELS]; // Loops over 32 combinations of the last 5 parity bits which generated the 4 bit NACK in STAGE1

  111.   uint32_t nrEnc[MFCUK_DARKSIDE_MAX_LEVELS]; // the 29 bits constant prefix, varying only 3 bits, thus 8 possible values

  112.   uint32_t arEnc[MFCUK_DARKSIDE_MAX_LEVELS]; // the same reader response as spoofArEnc; redundant but... :)

  113.   uint8_t ks[MFCUK_DARKSIDE_MAX_LEVELS]; // PARAM: used as ks, obtained as (ks[i] = nackEnc[i] ^ 0x5)

  114.   uint8_t nackEnc[MFCUK_DARKSIDE_MAX_LEVELS]; // store here the encrypted 4 bits values which tag responded

  115.   uint8_t parBits[MFCUK_DARKSIDE_MAX_LEVELS]; // store here the values based on spoofParBitsEnc, varying only last 5 bits

  116.   uint8_t parBitsArr[MFCUK_DARKSIDE_MAX_LEVELS][8]; // PARAM: used as par, contains value of parBits byte-bit values just splitted out one bit per byte thus second pair of braces [8]

  117. } tag_nonce_entry_t;

  118. 

  119. #endif // _MFCUK_KEYRECOVERY_DARKSIDE_H_