clean up mfu device side code

+ add xor calc to util (prep for desfire)
commented out MifareUWriteBlockCompat as it isn't used in client
currently (it is a command we could support..  but why?)
relabeled a few device side mfu functions to be clearer.

armsrc/appmain.c

@@ -841,11 +841,11 @@ void UsbPacketReceived(uint8_t *packet, int len)
 		case CMD_MIFARE_WRITEBL:
 			MifareWriteBlock(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes);
 			break;
-		case CMD_MIFAREU_WRITEBL_COMPAT:
-			MifareUWriteBlock(c->arg[0], c->d.asBytes);
-			break;
+		//case CMD_MIFAREU_WRITEBL_COMPAT:
+			//MifareUWriteBlockCompat(c->arg[0], c->d.asBytes);
+			//break;
 		case CMD_MIFAREU_WRITEBL:
-			MifareUWriteBlock_Special(c->arg[0], c->arg[1], c->d.asBytes);
+			MifareUWriteBlock(c->arg[0], c->arg[1], c->d.asBytes);
 			break;
 		case CMD_MIFARE_NESTED:
 			MifareNested(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes);

armsrc/apps.h

@@ -170,8 +170,8 @@ void MifareUC_Auth(uint8_t arg0, uint8_t *datain);
 void MifareUReadCard(uint8_t arg0, uint16_t arg1, uint8_t arg2, uint8_t *datain);
 void MifareReadSector(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain);
 void MifareWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain);
-void MifareUWriteBlock(uint8_t arg0,uint8_t *datain);
-void MifareUWriteBlock_Special(uint8_t arg0, uint8_t arg1, uint8_t *datain);
+//void MifareUWriteBlockCompat(uint8_t arg0,uint8_t *datain);
+void MifareUWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t *datain);
 void MifareNested(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain);
 void MifareChkKeys(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain);
 void Mifare1ksim(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain);

armsrc/mifarecmd.c

@@ -254,7 +254,6 @@ void MifareUReadCard(uint8_t arg0, uint16_t arg1, uint8_t arg2, uint8_t *datain)
 {
 	// free eventually allocated BigBuf memory
 	BigBuf_free();
-	// clear trace
 	clear_trace();
 
 	// params
@@ -416,7 +415,8 @@ void MifareWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
 	LEDsoff();
 }
 
-void MifareUWriteBlock(uint8_t arg0, uint8_t *datain)
+/* // Command not needed but left for future testing 
+void MifareUWriteBlockCompat(uint8_t arg0, uint8_t *datain)
 {
 	uint8_t blockNo = arg0;
 	byte_t blockdata[16] = {0x00};
@@ -436,7 +436,7 @@ void MifareUWriteBlock(uint8_t arg0, uint8_t *datain)
 		return;
 	};
 
-	if(mifare_ultra_writeblock(blockNo, blockdata)) {
+	if(mifare_ultra_writeblock_compat(blockNo, blockdata)) {
 		if (MF_DBGLEVEL >= 1)   Dbprintf("Write block error");
 		OnError(0);
 		return;	};
@@ -453,6 +453,7 @@ void MifareUWriteBlock(uint8_t arg0, uint8_t *datain)
 	FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
 	LEDsoff();
 }
+*/
 
 // Arg0   : Block to write to.
 // Arg1   : 0 = use no authentication.
@@ -460,7 +461,7 @@ void MifareUWriteBlock(uint8_t arg0, uint8_t *datain)
 //          2 = use 0x1B authentication.
 // datain : 4 first bytes is data to be written.
 //        : 4/16 next bytes is authentication key.
-void MifareUWriteBlock_Special(uint8_t arg0, uint8_t arg1, uint8_t *datain)
+void MifareUWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t *datain)
 {
 	uint8_t blockNo = arg0;
 	bool useKey = (arg1 == 1); //UL_C
@@ -502,7 +503,7 @@ void MifareUWriteBlock_Special(uint8_t arg0, uint8_t arg1, uint8_t *datain)
 		}
 	}
 
-	if(mifare_ultra_special_writeblock(blockNo, blockdata)) {
+	if(mifare_ultra_writeblock(blockNo, blockdata)) {
 		if (MF_DBGLEVEL >= 1) Dbprintf("Write block error");
 		OnError(0);
 		return;
@@ -542,7 +543,7 @@ void MifareUSetPwd(uint8_t arg0, uint8_t *datain){
 	blockdata[1] = pwd[6];
 	blockdata[2] = pwd[5];
 	blockdata[3] = pwd[4];
-	if(mifare_ultra_special_writeblock( 44, blockdata)) {
+	if(mifare_ultra_writeblock( 44, blockdata)) {
 		if (MF_DBGLEVEL >= 1) Dbprintf("Write block error");
 		OnError(44);
 		return;
@@ -552,7 +553,7 @@ void MifareUSetPwd(uint8_t arg0, uint8_t *datain){
 	blockdata[1] = pwd[2];
 	blockdata[2] = pwd[1];
 	blockdata[3] = pwd[0];
-	if(mifare_ultra_special_writeblock( 45, blockdata)) {
+	if(mifare_ultra_writeblock( 45, blockdata)) {
 		if (MF_DBGLEVEL >= 1) Dbprintf("Write block error");
 		OnError(45);
 		return;
@@ -562,7 +563,7 @@ void MifareUSetPwd(uint8_t arg0, uint8_t *datain){
 	blockdata[1] = pwd[14];
 	blockdata[2] = pwd[13];
 	blockdata[3] = pwd[12];
-	if(mifare_ultra_special_writeblock( 46, blockdata)) {
+	if(mifare_ultra_writeblock( 46, blockdata)) {
 		if (MF_DBGLEVEL >= 1) Dbprintf("Write block error");
 		OnError(46);
 		return;
@@ -572,7 +573,7 @@ void MifareUSetPwd(uint8_t arg0, uint8_t *datain){
 	blockdata[1] = pwd[10];
 	blockdata[2] = pwd[9];
 	blockdata[3] = pwd[8];
-	if(mifare_ultra_special_writeblock( 47, blockdata)) {
+	if(mifare_ultra_writeblock( 47, blockdata)) {
 		if (MF_DBGLEVEL >= 1) Dbprintf("Write block error");
 		OnError(47);
 		return;
@@ -1265,14 +1266,12 @@ void Mifare_DES_Auth2(uint32_t arg0, uint8_t *datain){
 	isOK = mifare_desfire_des_auth2(cuid, key, dataout);
 	
 	if( isOK) {
-	    if (MF_DBGLEVEL >= MF_DBG_EXTENDED) 
-			Dbprintf("Authentication part2: Failed");  
-		//OnError(4);
+		if (MF_DBGLEVEL >= MF_DBG_EXTENDED) Dbprintf("Authentication part2: Failed");  
+		OnError(4);
 		return;
 	}
 
-	if (MF_DBGLEVEL >= MF_DBG_EXTENDED) 
-		DbpString("AUTH 2 FINISHED");
+	if (MF_DBGLEVEL >= MF_DBG_EXTENDED) DbpString("AUTH 2 FINISHED");
 
 	cmd_send(CMD_ACK, isOK, 0, 0, dataout, sizeof(dataout));
 	FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);

armsrc/mifareutil.c

@@ -65,31 +65,30 @@ uint8_t mf_crypto1_encrypt4bit(struct Crypto1State *pcs, uint8_t data) {
 	return bt;
 }
 
-// send commands
+// send 2 byte commands
 int mifare_sendcmd_short(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t data, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing)
 {
 	return mifare_sendcmd_shortex(pcs, crypted, cmd, data, answer, answer_parity, timing);
 }
 
-int mifare_sendcmd_short_special(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t* data, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing)
+// send X byte basic commands
+int mifare_sendcmd(uint8_t cmd, uint8_t* data, uint8_t data_size, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing)
 {
-	uint8_t dcmd[8];
+	uint8_t dcmd[data_size+3];
 	dcmd[0] = cmd;
-    dcmd[1] = data[0];
-	dcmd[2] = data[1];
-	dcmd[3] = data[2];
-	dcmd[4] = data[3];
-	dcmd[5] = data[4];
-	AppendCrc14443a(dcmd, 6);
-	ReaderTransmit(dcmd, sizeof(dcmd), NULL);
+	memcpy(dcmd+1,data,data_size);
+	AppendCrc14443a(dcmd, data_size+1);
+	ReaderTransmit(dcmd, sizeof(dcmd), timing);
 	int len = ReaderReceive(answer, answer_parity);
 	if(!len) {
-                if (MF_DBGLEVEL >= 1)   Dbprintf("Authentication failed. Card timeout.");
-                return 2;
+		if (MF_DBGLEVEL >= MF_DBG_ERROR)   Dbprintf("%02X Cmd failed. Card timeout.", cmd);
+			len = ReaderReceive(answer,answer_parity);
+		//return 0;
 	}
 	return len;
 }
 
+/*
 int mifare_sendcmd_short_mfucauth(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t *data, uint8_t *answer, uint8_t *answer_parity, uint32_t *timing)
 {
 	uint8_t dcmd[19];
@@ -131,7 +130,9 @@ int mifare_sendcmd_short_mfuev1auth(struct Crypto1State *pcs, uint8_t crypted, u
 	}
 	return len;
 }
+*/
 
+// send 2 byte commands
 int mifare_sendcmd_shortex(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t data, uint8_t *answer, uint8_t *answer_parity, uint32_t *timing)
 {
 	uint8_t dcmd[4], ecmd[4];
@@ -319,7 +320,8 @@ int mifare_ul_ev1_auth(uint8_t *keybytes, uint8_t *pack){
 	memcpy(key, keybytes, 4);
 
 	Dbprintf("EV1 Auth : %02x%02x%02x%02x",	key[0], key[1], key[2], key[3]);
-	len = mifare_sendcmd_short_mfuev1auth(NULL, 0, 0x1B, key, resp, respPar, NULL);
+	len = mifare_sendcmd(0x1B, key, sizeof(key), resp, respPar, NULL);
+	//len = mifare_sendcmd_short_mfuev1auth(NULL, 0, 0x1B, key, resp, respPar, NULL);
 	if (len != 4) {
 		if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Cmd Error: %02x %u", resp[0], len);
 		return 0;
@@ -380,8 +382,8 @@ int mifare_ultra_auth(uint8_t *keybytes){
 
 	// encrypt    out, in, length, key, iv
 	tdes_2key_enc(rnd_ab, rnd_ab, sizeof(rnd_ab), key, enc_random_b);
-
-	len = mifare_sendcmd_short_mfucauth(NULL, 1, 0xAF, rnd_ab, resp, respPar, NULL);
+	//len = mifare_sendcmd_short_mfucauth(NULL, 1, 0xAF, rnd_ab, resp, respPar, NULL);
+	len = mifare_sendcmd(0xAF, rnd_ab, sizeof(rnd_ab), resp, respPar, NULL);
 	if (len != 11) {
 		if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Cmd Error: %02x", resp[0]);
 		return 0;
@@ -425,6 +427,7 @@ int mifare_ultra_readblock(uint8_t blockNo, uint8_t *blockData)
 	uint8_t receivedAnswer[MAX_FRAME_SIZE];
 	uint8_t receivedAnswerPar[MAX_PARITY_SIZE];
 	
+
 	len = mifare_sendcmd_short(NULL, 1, 0x30, blockNo, receivedAnswer, receivedAnswerPar, NULL);
 	if (len == 1) {
 		if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Cmd Error: %02x", receivedAnswer[0]);
@@ -493,7 +496,8 @@ int mifare_classic_writeblock(struct Crypto1State *pcs, uint32_t uid, uint8_t bl
 	return 0;
 }
 
-int mifare_ultra_writeblock(uint8_t blockNo, uint8_t *blockData) 
+/* // command not needed, but left for future testing
+int mifare_ultra_writeblock_compat(uint8_t blockNo, uint8_t *blockData) 
 {
 	uint16_t len;
 	uint8_t par[3] = {0};  // enough for 18 parity bits
@@ -501,7 +505,6 @@ int mifare_ultra_writeblock(uint8_t blockNo, uint8_t *blockData)
 	uint8_t receivedAnswer[MAX_FRAME_SIZE];
 	uint8_t receivedAnswerPar[MAX_PARITY_SIZE];
 
-	// command MIFARE_CLASSIC_WRITEBLOCK
 	len = mifare_sendcmd_short(NULL, true, 0xA0, blockNo, receivedAnswer, receivedAnswerPar, NULL);
 
 	if ((len != 1) || (receivedAnswer[0] != 0x0A)) {   //  0x0a - ACK
@@ -524,20 +527,21 @@ int mifare_ultra_writeblock(uint8_t blockNo, uint8_t *blockData)
 	}
 	return 0;
 }
+*/
 
-int mifare_ultra_special_writeblock(uint8_t blockNo, uint8_t *blockData)
+int mifare_ultra_writeblock(uint8_t blockNo, uint8_t *blockData)
 {
 	uint16_t len;
-	uint8_t d_block[8] = {0x00};
+	uint8_t d_block[5] = {0x00};
 	uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE];
 	uint8_t receivedAnswerPar[MAX_MIFARE_PARITY_SIZE];
 
 	// command MIFARE_CLASSIC_WRITEBLOCK
 	d_block[0]= blockNo;
 	memcpy(d_block+1,blockData,4);
-	AppendCrc14443a(d_block, 6);
+	//AppendCrc14443a(d_block, 6);
 
-	len = mifare_sendcmd_short_special(NULL, 1, 0xA2, d_block, receivedAnswer, receivedAnswerPar, NULL);
+	len = mifare_sendcmd(0xA2, d_block, sizeof(d_block), receivedAnswer, receivedAnswerPar, NULL);
 
 	if (receivedAnswer[0] != 0x0A) {   //  0x0a - ACK
 		if (MF_DBGLEVEL >= MF_DBG_ERROR)

armsrc/mifareutil.h

@@ -54,22 +54,24 @@ extern int MF_DBGLEVEL;
 
 //functions
 int mifare_sendcmd_short(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t data, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing);
-int mifare_sendcmd_short_special(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t *data, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing);
-
-int mifare_sendcmd_short_mfucauth(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t *data, uint8_t *answer, uint8_t *answer_parity, uint32_t *timing);
-int mifare_sendcmd_short_mfuev1auth(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t *data, uint8_t *answer, uint8_t *answer_parity, uint32_t *timing);
+int mifare_sendcmd(uint8_t cmd, uint8_t *data, uint8_t data_size, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing);
+//int mifare_sendcmd_short_mfucauth(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t *data, uint8_t *answer, uint8_t *answer_parity, uint32_t *timing);
+//int mifare_sendcmd_short_mfuev1auth(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t *data, uint8_t *answer, uint8_t *answer_parity, uint32_t *timing);
 int mifare_sendcmd_shortex(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t data, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing);
 
+// mifare classic
 int mifare_classic_auth(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo, uint8_t keyType, uint64_t ui64Key, uint8_t isNested);
 int mifare_classic_authex(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo, uint8_t keyType, uint64_t ui64Key, uint8_t isNested, uint32_t * ntptr, uint32_t *timing);
 int mifare_classic_readblock(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo, uint8_t *blockData);
+int mifare_classic_halt(struct Crypto1State *pcs, uint32_t uid); 
+int mifare_classic_writeblock(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo, uint8_t *blockData);
+
+// Ultralight/NTAG...
 int mifare_ul_ev1_auth(uint8_t *key, uint8_t *pack);
 int mifare_ultra_auth(uint8_t *key);
 int mifare_ultra_readblock(uint8_t blockNo, uint8_t *blockData);
-int mifare_classic_writeblock(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo, uint8_t *blockData);
+//int mifare_ultra_writeblock_compat(uint8_t blockNo, uint8_t *blockData);
 int mifare_ultra_writeblock(uint8_t blockNo, uint8_t *blockData);
-int mifare_ultra_special_writeblock(uint8_t blockNo, uint8_t *blockData);
-int mifare_classic_halt(struct Crypto1State *pcs, uint32_t uid); 
 int mifare_ultra_halt();
 
 // desfire

client/util.c

@@ -108,12 +108,12 @@ void print_hex(const uint8_t * data, const size_t len)
 	printf("\n");
 }
 
-char * sprint_hex(const uint8_t * data, const size_t len) {
+char *sprint_hex(const uint8_t *data, const size_t len) {
 	
 	int maxLen = ( len > 1024/3) ? 1024/3 : len;
 	static char buf[1024];
 	memset(buf, 0x00, 1024);
-	char * tmp = buf;
+	char *tmp = buf;
 	size_t i;
 
 	for (i=0; i < maxLen; ++i, tmp += 3)
@@ -444,3 +444,12 @@ void wiegand_add_parity(char *target, char *source, char length)
     target += length;
     *(target)= GetParity(source + length / 2, ODD, length / 2);
 }
+
+void xor(unsigned char *dst, unsigned char *src, size_t len) {
+   for( ; len > 0; len--,dst++,src++)
+       *dst ^= *src;
+}
+
+int32_t le24toh (uint8_t data[3]) {
+    return (data[2] << 16) | (data[1] << 8) | data[0];
+}

client/util.h

@@ -63,3 +63,5 @@ void binarraytobinstring(char *target,  char *source,  int length);
 uint8_t GetParity( char *string, uint8_t type,  int length);
 void wiegand_add_parity(char *target, char *source, char length);
 
+void xor(unsigned char *dst, unsigned char *src, size_t len);
+int32_t le24toh(uint8_t data[3]);