* move to separate files mifaresim.[ch]
* check CRC of commands
* don't execute commands without successfull authentication
* ensure correct timing of REQA, WUPA, ANTICOL and SELECT responses
* trace reader commands immediately, only fix start time after tag response. Decreases time to be ready for next reader command.
* remove iso14443-4 remnants
* trace raw reader commands instead of decrypted ones
* some refactoring
* fix hf mf sim
* timing: decrease time to get ready for new reader commands
- Check button press when there is NOFIELD, so we can exit also without FIELD
- struct nonces_t is moved to include/mifare.h so client and arm has the same definition
- Don't increment the nonce when random mode is disabled (this breaks the
standard attack).
- Don't attempt the standard attack when random mode is enabled (there's no
point as it won't work, per comments from @pwpiwi).
- Attempt the moebius attack if the standard attack fails.
This makes the PM3 generate pseudo-random nonces rather than sequential
nonces, to make it act a bit more like a "real" MFC card. A reader would
otherwise be able to detect the PM3 probing based on the predictable nonces
and throw different authentication challenges (or refuse to authenticate at
all).
The code includes an implementation of a rand-like function (prand), similar
to the one from libc, which is seeded automatically based on the time it
takes between the PM3 starting up and the first call to the RNG.
This isn't cryptographically random, but should be "good enough" to be able
to evade basic detection.
also cleaned up some comments
note previous update added the creation of a stats.txt file to generate
statistics of the differences between std mfkey32 and the moebius
version.
any memory from BigBuf[]. This is required because FpgaDownloadAndGo() might
allocate, use, and free most of BigBuf[] when decompressing FPGA configs.
- cleanup: remove rests of deprecated "end of trace markers" (0x44)
chg: use -O2 instead of -Os when compiling ARM sources
chg: don't clear the Miller decoders input buffer on reset
chg: be more specific for the Miller decoders start bit pattern
add: new option c in hf list: mark CRC bytes (default is off)
refactored Startbit detection in MillerDecoding()
relaxed startbit detection in MillerDecoding()
fixed CRC checking and CRC bytes marking in hf list
fixed topaz multi frame command listing in hf list topaz
fix: reduce length of expected unmodulated signal in Miller decoder in order
to allow decoding of NFC reader communications
add: hf list nfc: aggregate reader commands into one line
add: hf list nfc: CRC check for NFC communications
- hf 14a reader now exits gracefully in case of proprietary anticollision sequence
- changed miller decoder to handle Topaz 8 data bits/no parity frames from reader
- started to implement hf list topaz
In Miller Decoder: don't wait too long for a stable signal
In Miller Decoder: Don't accept sequences of four or more zeroes as start bit
In EmSendCmd14443aRaw: don't wait for emptying the FPGA delay queue if it isn't filled
- provided a BigBuf_malloc() function to dynamically allocate parts of BigBuf
e.g. for DMA-Buffers, Frame-Buffers, Emulator-Memory
- the whole rest of BigBuf is now available for traces (instead of a small fixed amount)
- send actual traceLen together with trace data
- changed client side to cope with varying traceLen
- changed small buffers to automatic variables instead of parts of BigBuf
