Mifare Classic emulation fixes (#1566)
* Add fix for field * More small bugfixes * Clean up
This commit is contained in:
parent
ca23d0c207
commit
01eb92db06
@ -341,13 +341,13 @@ void furi_hal_nfc_listen_start(FuriHalNfcDevData* nfc_data) {
|
|||||||
if(nfc_data->uid_len == 4) {
|
if(nfc_data->uid_len == 4) {
|
||||||
pt_memory[12] = nfc_data->sak & ~FURI_HAL_NFC_UID_INCOMPLETE;
|
pt_memory[12] = nfc_data->sak & ~FURI_HAL_NFC_UID_INCOMPLETE;
|
||||||
} else {
|
} else {
|
||||||
pt_memory[12] = nfc_data->sak | FURI_HAL_NFC_UID_INCOMPLETE;
|
pt_memory[12] = FURI_HAL_NFC_UID_INCOMPLETE;
|
||||||
}
|
}
|
||||||
pt_memory[13] = nfc_data->sak & ~FURI_HAL_NFC_UID_INCOMPLETE;
|
pt_memory[13] = nfc_data->sak & ~FURI_HAL_NFC_UID_INCOMPLETE;
|
||||||
pt_memory[14] = nfc_data->sak & ~FURI_HAL_NFC_UID_INCOMPLETE;
|
pt_memory[14] = nfc_data->sak & ~FURI_HAL_NFC_UID_INCOMPLETE;
|
||||||
|
|
||||||
st25r3916WritePTMem(pt_memory, sizeof(pt_memory));
|
st25r3916WritePTMem(pt_memory, sizeof(pt_memory));
|
||||||
// Go to sence
|
// Go to sense
|
||||||
st25r3916ExecuteCommand(ST25R3916_CMD_GOTO_SENSE);
|
st25r3916ExecuteCommand(ST25R3916_CMD_GOTO_SENSE);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -507,6 +507,9 @@ static bool furi_hal_nfc_transparent_tx_rx(FuriHalNfcTxRxContext* tx_rx, uint16_
|
|||||||
uint8_t rxe = 0;
|
uint8_t rxe = 0;
|
||||||
uint32_t start = DWT->CYCCNT;
|
uint32_t start = DWT->CYCCNT;
|
||||||
while(true) {
|
while(true) {
|
||||||
|
if(!rfalIsExtFieldOn()) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
if(furi_hal_gpio_read(&gpio_nfc_irq_rfid_pull) == true) {
|
if(furi_hal_gpio_read(&gpio_nfc_irq_rfid_pull) == true) {
|
||||||
st25r3916ReadRegister(ST25R3916_REG_IRQ_MAIN, &rxe);
|
st25r3916ReadRegister(ST25R3916_REG_IRQ_MAIN, &rxe);
|
||||||
if(rxe & (1 << 4)) {
|
if(rxe & (1 << 4)) {
|
||||||
|
@ -771,6 +771,7 @@ bool mf_classic_emulator(MfClassicEmulator* emulator, FuriHalNfcTxRxContext* tx_
|
|||||||
// Read command
|
// Read command
|
||||||
while(!command_processed) {
|
while(!command_processed) {
|
||||||
if(!is_encrypted) {
|
if(!is_encrypted) {
|
||||||
|
crypto1_reset(&emulator->crypto);
|
||||||
memcpy(plain_data, tx_rx->rx_data, tx_rx->rx_bits / 8);
|
memcpy(plain_data, tx_rx->rx_data, tx_rx->rx_bits / 8);
|
||||||
} else {
|
} else {
|
||||||
if(!furi_hal_nfc_tx_rx(tx_rx, 300)) {
|
if(!furi_hal_nfc_tx_rx(tx_rx, 300)) {
|
||||||
@ -803,7 +804,7 @@ bool mf_classic_emulator(MfClassicEmulator* emulator, FuriHalNfcTxRxContext* tx_
|
|||||||
access_key = MfClassicKeyB;
|
access_key = MfClassicKeyB;
|
||||||
}
|
}
|
||||||
|
|
||||||
uint32_t nonce = prng_successor(DWT->CYCCNT, 32);
|
uint32_t nonce = prng_successor(DWT->CYCCNT, 32) ^ 0xAA;
|
||||||
uint8_t nt[4];
|
uint8_t nt[4];
|
||||||
uint8_t nt_keystream[4];
|
uint8_t nt_keystream[4];
|
||||||
nfc_util_num2bytes(nonce, 4, nt);
|
nfc_util_num2bytes(nonce, 4, nt);
|
||||||
@ -858,7 +859,7 @@ bool mf_classic_emulator(MfClassicEmulator* emulator, FuriHalNfcTxRxContext* tx_
|
|||||||
uint32_t cardRr = ar ^ crypto1_word(&emulator->crypto, 0, 0);
|
uint32_t cardRr = ar ^ crypto1_word(&emulator->crypto, 0, 0);
|
||||||
if(cardRr != prng_successor(nonce, 64)) {
|
if(cardRr != prng_successor(nonce, 64)) {
|
||||||
FURI_LOG_T(TAG, "Wrong AUTH! %08X != %08X", cardRr, prng_successor(nonce, 64));
|
FURI_LOG_T(TAG, "Wrong AUTH! %08X != %08X", cardRr, prng_successor(nonce, 64));
|
||||||
// Don't send NACK, as tag don't send it
|
// Don't send NACK, as the tag doesn't send it
|
||||||
command_processed = true;
|
command_processed = true;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -897,7 +898,18 @@ bool mf_classic_emulator(MfClassicEmulator* emulator, FuriHalNfcTxRxContext* tx_
|
|||||||
} else {
|
} else {
|
||||||
if(!mf_classic_is_allowed_access(
|
if(!mf_classic_is_allowed_access(
|
||||||
emulator, block, access_key, MfClassicActionDataRead)) {
|
emulator, block, access_key, MfClassicActionDataRead)) {
|
||||||
memset(block_data, 0, 16);
|
// Send NACK
|
||||||
|
uint8_t nack = 0x04;
|
||||||
|
if(is_encrypted) {
|
||||||
|
mf_crypto1_encrypt(
|
||||||
|
&emulator->crypto, NULL, &nack, 4, tx_rx->tx_data, tx_rx->tx_parity);
|
||||||
|
} else {
|
||||||
|
tx_rx->tx_data[0] = nack;
|
||||||
|
}
|
||||||
|
tx_rx->tx_rx_type = FuriHalNfcTxRxTransparent;
|
||||||
|
tx_rx->tx_bits = 4;
|
||||||
|
furi_hal_nfc_tx_rx(tx_rx, 300);
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
nfca_append_crc16(block_data, 16);
|
nfca_append_crc16(block_data, 16);
|
||||||
|
Loading…
Reference in New Issue
Block a user