armsrc/desfire_crypto.h

   1 #ifndef __DESFIRE_CRYPTO_H
   2 #define __DESFIRE_CRYPTO_H
   3
   4 #include "common.h"
   5 #include "mifare.h"
   6 #include "mbedtls/aes.h"
   7 #include "mbedtls/des.h"
   8 //#include "../../armsrc/printf.h"
   9 //#include "../../armsrc/desfire.h"
  10 //#include "../../armsrc/iso14443a.h"
  11
  12
  13 #define MAX_CRYPTO_BLOCK_SIZE 16
  14 /* Mifare DESFire EV1 Application crypto operations */
  15 #define APPLICATION_CRYPTO_DES    0x00
  16 #define APPLICATION_CRYPTO_3K3DES 0x40
  17 #define APPLICATION_CRYPTO_AES    0x80
  18
  19 #define MAC_LENGTH 4
  20 #define CMAC_LENGTH 8
  21
  22 typedef enum {
  23     MCD_SEND,
  24     MCD_RECEIVE
  25 } MifareCryptoDirection;
  26
  27 typedef enum {
  28     MCO_ENCYPHER,
  29     MCO_DECYPHER
  30 } MifareCryptoOperation;
  31
  32 #define MDCM_MASK 0x000F
  33
  34 #define CMAC_NONE 0
  35
  36 // Data send to the PICC is used to update the CMAC
  37 #define CMAC_COMMAND 0x010
  38 // Data received from the PICC is used to update the CMAC
  39 #define CMAC_VERIFY  0x020
  40
  41 // MAC the command (when MDCM_MACED)
  42 #define MAC_COMMAND 0x100
  43 // The command returns a MAC to verify (when MDCM_MACED)
  44 #define MAC_VERIFY  0x200
  45
  46 #define ENC_COMMAND 0x1000
  47 #define NO_CRC      0x2000
  48
  49 #define MAC_MASK   0x0F0
  50 #define CMAC_MACK  0xF00
  51
  52 /* Communication mode */
  53 #define MDCM_PLAIN      0x00
  54 #define MDCM_MACED      0x01
  55 #define MDCM_ENCIPHERED 0x03
  56
  57 /* Error code managed by the library */
  58 #define CRYPTO_ERROR            0x01
  59
  60 enum DESFIRE_CRYPTOALGO {
  61     T_DES = 0x00,
  62     T_3DES = 0x01, //aka 2K3DES
  63     T_3K3DES = 0x02,
  64     T_AES = 0x03
  65 };
  66
  67 enum DESFIRE_AUTH_SCHEME {
  68     AS_LEGACY,
  69     AS_NEW
  70 };
  71
  72 #define DESFIRE_KEY(key) ((struct desfire_key *) key)
  73 struct desfire_key {
  74     enum DESFIRE_CRYPTOALGO type;
  75     uint8_t data[24];
  76     uint8_t cmac_sk1[24];
  77     uint8_t cmac_sk2[24];
  78     uint8_t aes_version;
  79 };
  80 typedef struct desfire_key *desfirekey_t;
  81
  82 #define DESFIRE(tag) ((struct desfire_tag *) tag)
  83 struct desfire_tag {
  84     iso14a_card_select_t info;
  85     int active;
  86     uint8_t last_picc_error;
  87     uint8_t last_internal_error;
  88     uint8_t last_pcd_error;
  89     desfirekey_t session_key;
  90     enum DESFIRE_AUTH_SCHEME authentication_scheme;
  91     uint8_t authenticated_key_no;
  92
  93     uint8_t ivect[MAX_CRYPTO_BLOCK_SIZE];
  94     uint8_t cmac[16];
  95     uint8_t *crypto_buffer;
  96     size_t crypto_buffer_size;
  97     uint32_t selected_application;
  98 };
  99 typedef struct desfire_tag *desfiretag_t;
 100 void des_encrypt(void *out, const void *in, const void *key);
 101 void des_decrypt(void *out, const void *in, const void *key);
 102 void tdes_nxp_receive(const void *in, void *out, size_t length, const void *key, unsigned char iv[8], int keymode);
 103 void tdes_nxp_send(const void *in, void *out, size_t length, const void *key, unsigned char iv[8], int keymode);
 104 void Desfire_des_key_new(const uint8_t value[8], desfirekey_t key);
 105 void Desfire_3des_key_new(const uint8_t value[16], desfirekey_t key);
 106 void Desfire_des_key_new_with_version(const uint8_t value[8], desfirekey_t key);
 107 void Desfire_3des_key_new_with_version(const uint8_t value[16], desfirekey_t key);
 108 void Desfire_3k3des_key_new(const uint8_t value[24], desfirekey_t key);
 109 void Desfire_3k3des_key_new_with_version(const uint8_t value[24], desfirekey_t key);
 110 void Desfire_2k3des_key_new_with_version(const uint8_t value[16], desfirekey_t key);
 111 void Desfire_aes_key_new(const uint8_t value[16], desfirekey_t key);
 112 void Desfire_aes_key_new_with_version(const uint8_t value[16], uint8_t version, desfirekey_t key);
 113 uint8_t Desfire_key_get_version(desfirekey_t key);
 114 void Desfire_key_set_version(desfirekey_t key, uint8_t version);
 115 void Desfire_session_key_new(const uint8_t rnda[], const uint8_t rndb[], desfirekey_t authkey, desfirekey_t key);
 116
 117 void *mifare_cryto_preprocess_data(desfiretag_t tag, void *data, size_t *nbytes, size_t offset, int communication_settings);
 118 void *mifare_cryto_postprocess_data(desfiretag_t tag, void *data, size_t *nbytes, int communication_settings);
 119 void mifare_cypher_single_block(desfirekey_t  key, uint8_t *data, uint8_t *ivect, MifareCryptoDirection direction, MifareCryptoOperation operation, size_t block_size);
 120 void mifare_cypher_blocks_chained(desfiretag_t tag, desfirekey_t key, uint8_t *ivect, uint8_t *data, size_t data_size, MifareCryptoDirection direction, MifareCryptoOperation operation);
 121 size_t key_block_size(const desfirekey_t  key);
 122 size_t padded_data_length(const size_t nbytes, const size_t block_size);
 123 size_t maced_data_length(const desfirekey_t  key, const size_t nbytes);
 124 size_t enciphered_data_length(const desfiretag_t tag, const size_t nbytes, int communication_settings);
 125 void cmac_generate_subkeys(desfirekey_t key);
 126 void cmac(const desfirekey_t  key, uint8_t *ivect, const uint8_t *data, size_t len, uint8_t *cmac);
 127
 128 #endif