* prevent WDT crash on repeated tries
* comes with faster execution as side effect
* use uint8_t instead of byte_t
* populate ar instead of (correctly) assuming that it is zero
* remove the "will take a few seconds longer" message because it is no longer true
* allow additional 2 ssp_frame cycles to detect SOF
* use only respective functions to get/set iso14a_timeout
* remove waiting time in MifareAcquireEncryptedNonces(). This is covered by GetATQA() now.
* more timing fixes
* correctly determine correction bit (taken from iceman's fork)
* add checking of Access Conditions for Read command
* never allow reading KeyA
* move to separate files mifaresim.[ch]
* check CRC of commands
* don't execute commands without successfull authentication
* ensure correct timing of REQA, WUPA, ANTICOL and SELECT responses
* trace reader commands immediately, only fix start time after tag response. Decreases time to be ready for next reader command.
* remove iso14443-4 remnants
* trace raw reader commands instead of decrypted ones
* some refactoring
* fix hf mf sim
* timing: decrease time to get ready for new reader commands
- Check button press when there is NOFIELD, so we can exit also without FIELD
- struct nonces_t is moved to include/mifare.h so client and arm has the same definition
- Don't increment the nonce when random mode is disabled (this breaks the
standard attack).
- Don't attempt the standard attack when random mode is enabled (there's no
point as it won't work, per comments from @pwpiwi).
- Attempt the moebius attack if the standard attack fails.
This makes the PM3 generate pseudo-random nonces rather than sequential
nonces, to make it act a bit more like a "real" MFC card. A reader would
otherwise be able to detect the PM3 probing based on the predictable nonces
and throw different authentication challenges (or refuse to authenticate at
all).
The code includes an implementation of a rand-like function (prand), similar
to the one from libc, which is seeded automatically based on the time it
takes between the PM3 starting up and the first call to the RNG.
This isn't cryptographically random, but should be "good enough" to be able
to evade basic detection.
also cleaned up some comments
note previous update added the creation of a stats.txt file to generate
statistics of the differences between std mfkey32 and the moebius
version.
any memory from BigBuf[]. This is required because FpgaDownloadAndGo() might
allocate, use, and free most of BigBuf[] when decompressing FPGA configs.
- cleanup: remove rests of deprecated "end of trace markers" (0x44)