client/src/mifare/desfirecrypto.h

   1 //-----------------------------------------------------------------------------
   2 // Borrowed initially from https://github.com/nfc-tools/libfreefare
   3 // Copyright (C) 2010, Romain Tartiere.
   4 // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details.
   5 //
   6 // This program is free software: you can redistribute it and/or modify
   7 // it under the terms of the GNU General Public License as published by
   8 // the Free Software Foundation, either version 3 of the License, or
   9 // (at your option) any later version.
  10 //
  11 // This program is distributed in the hope that it will be useful,
  12 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14 // GNU General Public License for more details.
  15 //
  16 // See LICENSE.txt for the text of the license.
  17 //-----------------------------------------------------------------------------
  18
  19 #ifndef __DESFIRECRYPTO_H
  20 #define __DESFIRECRYPTO_H
  21
  22 #include "common.h"
  23 #include "desfire.h"
  24 #include "crypto/libpcrypto.h"
  25 #include "mifare/lrpcrypto.h"
  26
  27 #define DESFIRE_GET_ISO_STATUS(x) ( ((uint16_t)(0x91<<8)) + (uint16_t)x )
  28
  29 typedef enum {
  30     DACNone,
  31     DACd40,
  32     DACEV1,
  33     DACEV2,
  34     DACLRP,
  35 } DesfireSecureChannel;
  36
  37 typedef enum {
  38     DCCNative,
  39     DCCNativeISO,
  40     DCCISO
  41 } DesfireCommandSet;
  42
  43 typedef enum {
  44     DCMNone,
  45     DCMPlain,
  46     DCMMACed,
  47     DCMEncrypted,
  48     DCMEncryptedWithPadding,
  49     DCMEncryptedPlain
  50 } DesfireCommunicationMode;
  51
  52 typedef enum {
  53     DCOMasterKey,
  54     DCOMainKey,
  55     DCOSessionKeyMac,
  56     DCOSessionKeyEnc
  57 } DesfireCryptoOpKeyType;
  58
  59 typedef struct {
  60     uint8_t keyNum;
  61     DesfireCryptoAlgorithm keyType;   // des/2tdea/3tdea/aes
  62     uint8_t key[DESFIRE_MAX_KEY_SIZE];
  63     uint8_t masterKey[DESFIRE_MAX_KEY_SIZE]; // source for kdf
  64
  65     // KDF function
  66     uint8_t kdfAlgo;
  67     uint8_t kdfInputLen;
  68     uint8_t kdfInput[31];
  69
  70     DesfireSecureChannel secureChannel; // none/d40/ev1/ev2
  71     DesfireCommandSet cmdSet;           // native/nativeiso/iso
  72     DesfireCommunicationMode commMode;  // plain/mac/enc
  73
  74     bool isoChaining;
  75     bool appSelected; // for iso auth
  76     uint32_t selectedAID;
  77
  78     uint8_t uid[10];
  79     uint8_t uidlen;
  80
  81     uint8_t IV[DESFIRE_MAX_KEY_SIZE];
  82     uint8_t sessionKeyMAC[DESFIRE_MAX_KEY_SIZE];
  83     uint8_t sessionKeyEnc[DESFIRE_MAX_KEY_SIZE];  // look at mifare4.h - mf4Session_t
  84     uint8_t lastIV[DESFIRE_MAX_KEY_SIZE];
  85     uint8_t lastCommand;
  86     bool lastRequestZeroLen;
  87     uint16_t cmdCntr;   // for AES
  88     uint8_t TI[4];      // for AES
  89 } DesfireContext_t;
  90
  91 void DesfireClearContext(DesfireContext_t *ctx);
  92 void DesfireClearSession(DesfireContext_t *ctx);
  93 void DesfireClearIV(DesfireContext_t *ctx);
  94 void DesfireSetKey(DesfireContext_t *ctx, uint8_t keyNum, DesfireCryptoAlgorithm keyType, uint8_t *key);
  95 void DesfireSetKeyNoClear(DesfireContext_t *ctx, uint8_t keyNum, DesfireCryptoAlgorithm keyType, uint8_t *key);
  96 void DesfireSetCommandSet(DesfireContext_t *ctx, DesfireCommandSet cmdSet);
  97 void DesfireSetCommMode(DesfireContext_t *ctx, DesfireCommunicationMode commMode);
  98 void DesfireSetKdf(DesfireContext_t *ctx, uint8_t kdfAlgo, uint8_t *kdfInput, uint8_t kdfInputLen);
  99 bool DesfireIsAuthenticated(DesfireContext_t *dctx);
 100 size_t DesfireGetMACLength(DesfireContext_t *ctx);
 101
 102 size_t DesfireSearchCRCPos(uint8_t *data, size_t datalen, uint8_t respcode, uint8_t crclen);
 103
 104 uint8_t *DesfireGetKey(DesfireContext_t *ctx, DesfireCryptoOpKeyType key_type);
 105 void DesfireCryptoEncDec(DesfireContext_t *ctx, DesfireCryptoOpKeyType key_type, uint8_t *srcdata, size_t srcdatalen, uint8_t *dstdata, bool encode);
 106 void DesfireCryptoEncDecEx(DesfireContext_t *ctx, DesfireCryptoOpKeyType key_type, uint8_t *srcdata, size_t srcdatalen, uint8_t *dstdata, bool dir_to_send, bool encode, uint8_t *iv);
 107 void DesfireCMACGenerateSubkeys(DesfireContext_t *ctx, DesfireCryptoOpKeyType key_type, uint8_t *sk1, uint8_t *sk2);
 108 void DesfireCryptoCMAC(DesfireContext_t *ctx, uint8_t *data, size_t len, uint8_t *cmac);
 109 void DesfireCryptoCMACEx(DesfireContext_t *ctx, DesfireCryptoOpKeyType key_type, uint8_t *data, size_t len, size_t minlen, uint8_t *cmac);
 110 void MifareKdfAn10922(DesfireContext_t *ctx, DesfireCryptoOpKeyType key_type, const uint8_t *data, size_t len);
 111
 112 void DesfireGenSessionKeyLRP(uint8_t *key, uint8_t *rndA, uint8_t *rndB, bool enckey, uint8_t *sessionkey);
 113
 114 void DesfireDESKeySetVersion(uint8_t *key, DesfireCryptoAlgorithm keytype, uint8_t version);
 115 uint8_t DesfireDESKeyGetVersion(const uint8_t *key);
 116
 117 DesfireCryptoAlgorithm DesfireKeyTypeToAlgo(uint8_t keyType);
 118 uint8_t DesfireKeyAlgoToType(DesfireCryptoAlgorithm keyType);
 119 void DesfirePrintCardKeyType(uint8_t keyType);
 120
 121 DesfireCommunicationMode DesfireFileCommModeToCommMode(uint8_t file_comm_mode);
 122 uint8_t DesfireCommModeToFileCommMode(DesfireCommunicationMode comm_mode);
 123
 124 void DesfireGenSessionKeyEV1(const uint8_t rnda[], const uint8_t rndb[], DesfireCryptoAlgorithm keytype, uint8_t *key);
 125 void DesfireGenSessionKeyEV2(uint8_t *key, uint8_t *rndA, uint8_t *rndB, bool enckey, uint8_t *sessionkey);
 126 void DesfireEV2FillIV(DesfireContext_t *ctx, bool ivforcommand, uint8_t *iv);
 127 int DesfireEV2CalcCMAC(DesfireContext_t *ctx, uint8_t cmd, uint8_t *data, size_t datalen, uint8_t *mac);
 128
 129 void DesfireGenTransSessionKeyEV2(uint8_t *key, uint32_t trCntr, uint8_t *uid, bool forMAC, uint8_t *sessionkey);
 130 void DesfireGenTransSessionKeyLRP(uint8_t *key, uint32_t trCntr, uint8_t *uid, bool forMAC, uint8_t *sessionkey);
 131 void DesfireDecodePrevReaderID(DesfireContext_t *ctx, uint8_t *key, uint32_t trCntr, uint8_t *encPrevReaderID, uint8_t *prevReaderID);
 132
 133 int DesfireLRPCalcCMAC(DesfireContext_t *ctx, uint8_t cmd, uint8_t *data, size_t datalen, uint8_t *mac);
 134
 135 int desfire_get_key_length(DesfireCryptoAlgorithm key_type);
 136 size_t desfire_get_key_block_length(DesfireCryptoAlgorithm key_type);
 137 size_t padded_data_length(const size_t nbytes, const size_t block_size);
 138
 139 void desfire_crc32(const uint8_t *data, const size_t len, uint8_t *crc);
 140 void desfire_crc32_append(uint8_t *data, const size_t len);
 141 bool desfire_crc32_check(uint8_t *data, const size_t len, uint8_t *crc);
 142 void iso14443a_crc_append(uint8_t *data, size_t len);
 143 void iso14443a_crc(uint8_t *data, size_t len, uint8_t *pbtCrc);
 144 bool iso14443a_crc_check(uint8_t *data, const size_t len, uint8_t *crc);
 145
 146 #endif // __DESFIRECRYPTO_H