/* Calls to mifare_read_block to get sector trailer */
static int mifare_check_rights(uint8_t *resp, int length, void *data)
{
struct mifare_cookie *mf_ck = data;
int err;
err = mifare_read_block(mf_ck->rws_block_start, mf_ck,
mifare_check_rights_cb);
if (err < 0)
return mifare_release(err, mf_ck);
return err;
}
static int mifare_read_sector_cb(uint8_t *resp, int length, void *data)
{
struct mifare_cookie *mf_ck = data;
int err = -1;
if (length < 0) {
err = length;
goto out_err;
}
/* Save the data */
length = length - 1; /* ignore first byte - Reader byte */
/* save the length: */
mf_ck->rs_length = mf_ck->rs_length + length;
memcpy(mf_ck->rs_pmem + mf_ck->rws_completed * DEFAULT_BLOCK_SIZE,
resp + 1,/* ignore reader byte */
length);
/* Next block */
mf_ck->rws_completed = mf_ck->rws_completed + 1;
if ((mf_ck->rws_block_start + mf_ck->rws_completed)
< mf_ck->rws_block_end)
err = mifare_read_block(
(mf_ck->rws_block_start + mf_ck->rws_completed),
data,
mifare_read_sector_cb);
else {
/* Now Process the callback ! */
err = (*mf_ck->rws_next_fct)(mf_ck->rs_pmem,
mf_ck->rs_length, data);
}
if (err < 0)
goto out_err;
return err;
out_err:
return mifare_release(err, mf_ck);
}
static int mifare_read_sector_unlocked(uint8_t *resp, int length, void *data)
{
struct mifare_cookie *mf_ck = data;
int err;
if (length < 0) {
err = length;
goto out_err;
}
/* And run the read process on the first block of the sector */
err = mifare_read_block(mf_ck->rws_block_start, data,
mifare_read_sector_cb);
if (err < 0)
goto out_err;
return err;
out_err:
return mifare_release(err, mf_ck);
}
int id_read(int handle, const id_desc_t *desc, mifare_tag_t *tag,
void *id, int32_t *counter)
{
int i, block = desc->sector * 4;
/* Generate per card key */
uint8_t aes_key[32];
memcpy(aes_key, desc->aes_key, 32);
for (i = 0; i < 32; i++)
aes_key[i] ^= tag->serial[i & 3];
uint8_t buf[16];
if (mifare_select(handle, tag))
return ID_ERROR_SELECT;
if (mifare_login(handle, desc->sector, desc->key_type, desc->key))
return ID_ERROR_LOGIN;
if (mifare_read_block(handle, block + 1, buf))
return ID_ERROR_READ_BLOCK;
/* Decrypt block */
aes256_context ctx;
aes256_init(&ctx, aes_key);
aes256_decrypt_ecb(&ctx, buf);
aes256_done(&ctx);
if (memcmp(buf, desc->magic, 4) != 0)
return ID_ERROR_INVALID_MAGIC;
if (mifare_dec_value(handle, block + 2, 1))
return ID_ERROR_DEC_VALUE;
if (mifare_read_value(handle, block + 2, counter))
return ID_ERROR_READ_VALUE;
memcpy(id, &buf[4], 12);
return ID_OK;
}
void loop_clone_rfid(uint8_t *menu, uint8_t *opmode)
{
uint8_t data[80];
uint8_t keyindex = 0;
uint8_t block = 0;
uint8_t tries = 0;
int res, oid;
get_firmware_version();
while (block < BLOCKS) {
if ( READ != *menu) { break; }
res = mifare_reader_init(data, sizeof(data));
if (tries >= KEYS) {
tries = 0;
block += 1;
}
if (res >= 0) {
res = initiator_init(data, sizeof(data));
if (res >= 11) {
if (0x00 == data[3] && data[6] >= 0x04) {
memcpy(&oid, &data[7], sizeof(oid));
if (0x00 == block) {
debug_printf("MIFARE_CARD_ID:");
rfid_hexdump(&oid, sizeof(oid));
}
set_uid(data, oid);
set_key(data, keyindex);
res = mifare_authenticate_block(data, sizeof(data), block);
/*
debug_printf("res:");
rfid_hexdump(&res, sizeof(res));
debug_printf("data:");
rfid_hexdump(&data[0], sizeof(data));
*/
if (0x41 == data[0] && 0x00 == data[1]) {
debug_printf("Auth Succeeded.\n");
tries = 0;
switch (*opmode) {
case READ:
res = mifare_read_block(data, sizeof(data), block);
if (res == 18) {
debug_printf("Block:");
rfid_hexdump(&block, sizeof(block));
debug_printf("Data:");
rfid_hexdump(&data[2], BLOCK_SIZE);
debug_printf("Key:");
rfid_hexdump(&default_keys[keyindex], MIFARE_KEY_SIZE);
memcpy(&mifare_card[block*BLOCK_SIZE], &data[2], BLOCK_SIZE);
if (0x00 == (block+1) % 4) {
memcpy(&mifare_card[block*BLOCK_SIZE], &default_keys[keyindex], MIFARE_KEY_SIZE);
memcpy(&mifare_card[block*BLOCK_SIZE+6], &access_bytes[0], ACCESS_BYTES);
memcpy(&mifare_card[block*BLOCK_SIZE+10], &key_b[0], MIFARE_KEY_SIZE);
}
}
break;
case WRITE:
memcpy(&data[4], &mifare_card[block*BLOCK_SIZE], BLOCK_SIZE);
res = mifare_write_block(data, sizeof(data), block);
debug_printf("res:");
rfid_hexdump(&res, sizeof(res));
break;
}
block += 1;
} else if (0x41 == data[0] && 0x14 == data[1]) {
debug_printf("Auth Failed.\n");
keyindex = (keyindex + 1) % KEYS;
tries += 1;
}
}
}
} else {
turn_rf_off(data, sizeof(data));
}
}
*menu = LIBNFC;
}
