/* Calls to mifare_read_block to get sector trailer */ static int mifare_check_rights(uint8_t *resp, int length, void *data) { struct mifare_cookie *mf_ck = data; int err; err = mifare_read_block(mf_ck->rws_block_start, mf_ck, mifare_check_rights_cb); if (err < 0) return mifare_release(err, mf_ck); return err; }
static int mifare_read_sector_cb(uint8_t *resp, int length, void *data) { struct mifare_cookie *mf_ck = data; int err = -1; if (length < 0) { err = length; goto out_err; } /* Save the data */ length = length - 1; /* ignore first byte - Reader byte */ /* save the length: */ mf_ck->rs_length = mf_ck->rs_length + length; memcpy(mf_ck->rs_pmem + mf_ck->rws_completed * DEFAULT_BLOCK_SIZE, resp + 1,/* ignore reader byte */ length); /* Next block */ mf_ck->rws_completed = mf_ck->rws_completed + 1; if ((mf_ck->rws_block_start + mf_ck->rws_completed) < mf_ck->rws_block_end) err = mifare_read_block( (mf_ck->rws_block_start + mf_ck->rws_completed), data, mifare_read_sector_cb); else { /* Now Process the callback ! */ err = (*mf_ck->rws_next_fct)(mf_ck->rs_pmem, mf_ck->rs_length, data); } if (err < 0) goto out_err; return err; out_err: return mifare_release(err, mf_ck); }
static int mifare_read_sector_unlocked(uint8_t *resp, int length, void *data) { struct mifare_cookie *mf_ck = data; int err; if (length < 0) { err = length; goto out_err; } /* And run the read process on the first block of the sector */ err = mifare_read_block(mf_ck->rws_block_start, data, mifare_read_sector_cb); if (err < 0) goto out_err; return err; out_err: return mifare_release(err, mf_ck); }
int id_read(int handle, const id_desc_t *desc, mifare_tag_t *tag, void *id, int32_t *counter) { int i, block = desc->sector * 4; /* Generate per card key */ uint8_t aes_key[32]; memcpy(aes_key, desc->aes_key, 32); for (i = 0; i < 32; i++) aes_key[i] ^= tag->serial[i & 3]; uint8_t buf[16]; if (mifare_select(handle, tag)) return ID_ERROR_SELECT; if (mifare_login(handle, desc->sector, desc->key_type, desc->key)) return ID_ERROR_LOGIN; if (mifare_read_block(handle, block + 1, buf)) return ID_ERROR_READ_BLOCK; /* Decrypt block */ aes256_context ctx; aes256_init(&ctx, aes_key); aes256_decrypt_ecb(&ctx, buf); aes256_done(&ctx); if (memcmp(buf, desc->magic, 4) != 0) return ID_ERROR_INVALID_MAGIC; if (mifare_dec_value(handle, block + 2, 1)) return ID_ERROR_DEC_VALUE; if (mifare_read_value(handle, block + 2, counter)) return ID_ERROR_READ_VALUE; memcpy(id, &buf[4], 12); return ID_OK; }
void loop_clone_rfid(uint8_t *menu, uint8_t *opmode) { uint8_t data[80]; uint8_t keyindex = 0; uint8_t block = 0; uint8_t tries = 0; int res, oid; get_firmware_version(); while (block < BLOCKS) { if ( READ != *menu) { break; } res = mifare_reader_init(data, sizeof(data)); if (tries >= KEYS) { tries = 0; block += 1; } if (res >= 0) { res = initiator_init(data, sizeof(data)); if (res >= 11) { if (0x00 == data[3] && data[6] >= 0x04) { memcpy(&oid, &data[7], sizeof(oid)); if (0x00 == block) { debug_printf("MIFARE_CARD_ID:"); rfid_hexdump(&oid, sizeof(oid)); } set_uid(data, oid); set_key(data, keyindex); res = mifare_authenticate_block(data, sizeof(data), block); /* debug_printf("res:"); rfid_hexdump(&res, sizeof(res)); debug_printf("data:"); rfid_hexdump(&data[0], sizeof(data)); */ if (0x41 == data[0] && 0x00 == data[1]) { debug_printf("Auth Succeeded.\n"); tries = 0; switch (*opmode) { case READ: res = mifare_read_block(data, sizeof(data), block); if (res == 18) { debug_printf("Block:"); rfid_hexdump(&block, sizeof(block)); debug_printf("Data:"); rfid_hexdump(&data[2], BLOCK_SIZE); debug_printf("Key:"); rfid_hexdump(&default_keys[keyindex], MIFARE_KEY_SIZE); memcpy(&mifare_card[block*BLOCK_SIZE], &data[2], BLOCK_SIZE); if (0x00 == (block+1) % 4) { memcpy(&mifare_card[block*BLOCK_SIZE], &default_keys[keyindex], MIFARE_KEY_SIZE); memcpy(&mifare_card[block*BLOCK_SIZE+6], &access_bytes[0], ACCESS_BYTES); memcpy(&mifare_card[block*BLOCK_SIZE+10], &key_b[0], MIFARE_KEY_SIZE); } } break; case WRITE: memcpy(&data[4], &mifare_card[block*BLOCK_SIZE], BLOCK_SIZE); res = mifare_write_block(data, sizeof(data), block); debug_printf("res:"); rfid_hexdump(&res, sizeof(res)); break; } block += 1; } else if (0x41 == data[0] && 0x14 == data[1]) { debug_printf("Auth Failed.\n"); keyindex = (keyindex + 1) % KEYS; tries += 1; } } } } else { turn_rf_off(data, sizeof(data)); } } *menu = LIBNFC; }