Merge pull request #1331 from Guilhem7/master
[RRG-proxmark3.git] / tools / mfkey / mfkey32.c
blobd88c3c74d50fbe703992d5435742ef0a2860d02e
1 #define __STDC_FORMAT_MACROS
2 #include <inttypes.h>
3 #include <stdbool.h>
4 #include <stdio.h>
5 #include <stdlib.h>
6 #include "crapto1/crapto1.h"
7 #include "util_posix.h"
9 int main(int argc, char *argv[]) {
10 struct Crypto1State *s, *t;
11 uint64_t key; // recovered key
12 uint32_t uid; // serial number
13 uint32_t nt; // tag challenge
14 uint32_t nr0_enc; // first encrypted reader challenge
15 uint32_t ar0_enc; // first encrypted reader response
16 uint32_t nr1_enc; // second encrypted reader challenge
17 uint32_t ar1_enc; // second encrypted reader response
18 uint32_t ks2; // keystream used to encrypt reader response
20 printf("MIFARE Classic key recovery - based on 32 bits of keystream\n");
21 printf("Recover key from two 32-bit reader authentication answers only!\n\n");
23 if (argc < 7) {
24 printf(" syntax: %s <uid> <nt> <nr_0> <ar_0> <nr_1> <ar_1>\n\n", argv[0]);
25 return 1;
28 sscanf(argv[1], "%x", &uid);
29 sscanf(argv[2], "%x", &nt);
30 sscanf(argv[3], "%x", &nr0_enc);
31 sscanf(argv[4], "%x", &ar0_enc);
32 sscanf(argv[5], "%x", &nr1_enc);
33 sscanf(argv[6], "%x", &ar1_enc);
35 printf("Recovering key for:\n");
36 printf(" uid: %08x\n", uid);
37 printf(" nt: %08x\n", nt);
38 printf(" {nr_0}: %08x\n", nr0_enc);
39 printf(" {ar_0}: %08x\n", ar0_enc);
40 printf(" {nr_1}: %08x\n", nr1_enc);
41 printf(" {ar_1}: %08x\n", ar1_enc);
43 // Generate lfsr succesors of the tag challenge
44 printf("\nLFSR succesors of the tag challenge:\n");
45 uint32_t p64 = prng_successor(nt, 64);
46 printf(" nt': %08x\n", p64);
47 printf(" nt'': %08x\n", prng_successor(p64, 32));
49 // Extract the keystream from the messages
50 printf("\nKeystream used to generate {ar} and {at}:\n");
51 ks2 = ar0_enc ^ p64;
52 printf(" ks2: %08x\n", ks2);
54 s = lfsr_recovery32(ar0_enc ^ p64, 0);
56 for (t = s; t->odd | t->even; ++t) {
57 lfsr_rollback_word(t, 0, 0);
58 lfsr_rollback_word(t, nr0_enc, 1);
59 lfsr_rollback_word(t, uid ^ nt, 0);
60 crypto1_get_lfsr(t, &key);
61 crypto1_word(t, uid ^ nt, 0);
62 crypto1_word(t, nr1_enc, 1);
63 if (ar1_enc == (crypto1_word(t, 0, 0) ^ p64)) {
64 printf("\nFound Key: [%012" PRIx64 "]\n\n", key);
65 break;
68 free(s);
69 return 0;