From 54e7713a9adec8386d344af098b9c72af89a89db Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Sat, 29 May 2021 21:46:22 +0300 Subject: [PATCH] auth refactoring --- client/src/cipurse/cipursecore.c | 55 ++++++++++++++++++++++++++++++++ client/src/cipurse/cipursecore.h | 2 ++ client/src/cmdhfcipurse.c | 43 ++++++------------------- 3 files changed, 66 insertions(+), 34 deletions(-) diff --git a/client/src/cipurse/cipursecore.c b/client/src/cipurse/cipursecore.c index 553e5ba68..54f90bd52 100644 --- a/client/src/cipurse/cipursecore.c +++ b/client/src/cipurse/cipursecore.c @@ -99,3 +99,58 @@ int CIPURSEChallenge(uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, ui int CIPURSEMutalAuthenticate(uint8_t keyIndex, uint8_t *params, uint8_t paramslen, uint8_t *Result, size_t MaxResultLen, size_t *ResultLen, uint16_t *sw) { return CIPURSEExchangeEx(false, true, (sAPDU) {0x00, 0x82, 0x00, keyIndex, paramslen, params}, true, 0x10, Result, MaxResultLen, ResultLen, sw); } + +bool CIPURSEChannelAuthenticate(uint8_t keyIndex, uint8_t *key, bool verbose) { + uint8_t buf[APDU_RES_LEN] = {0}; + size_t len = 0; + uint16_t sw = 0; + + CipurseContext cpc = {0}; + CipurseCSetKey(&cpc, keyIndex, key); + + // get RP, rP + int res = CIPURSEChallenge(buf, sizeof(buf), &len, &sw); + if (res != 0 || len != 0x16) { + if (verbose) + PrintAndLogEx(ERR, "Cipurse get challenge " _RED_("error") ". Card returns 0x%04x.", sw); + + return false; + } + CipurseCSetRandomFromPICC(&cpc, buf); + + // make auth data + uint8_t authparams[16 + 16 + 6] = {0}; + CipurseCAuthenticateHost(&cpc, authparams); + + // authenticate + res = CIPURSEMutalAuthenticate(keyIndex, authparams, sizeof(authparams), buf, sizeof(buf), &len, &sw); + if (res != 0 || sw != 0x9000 || len != 16) { + if (sw == 0x6988) { + if (verbose) + PrintAndLogEx(ERR, "Cipurse authentication " _RED_("error") ". Wrong key."); + } else if ((sw == 0x6A88)) { + if (verbose) + PrintAndLogEx(ERR, "Cipurse authentication " _RED_("error") ". Wrong key number."); + } else { + if (verbose) + PrintAndLogEx(ERR, "Cipurse authentication " _RED_("error") ". Card returns 0x%04x.", sw); + } + + CipurseCClearContext(&cipurseContext); + return false; + } + + if (CipurseCCheckCT(&cpc, buf)) { + if (verbose) + PrintAndLogEx(INFO, "Authentication " _GREEN_("OK")); + + memcpy(&cipurseContext, &cpc, sizeof(CipurseContext)); + return true; + } else { + if (verbose) + PrintAndLogEx(ERR, "Authentication " _RED_("ERROR") " card returned wrong CT"); + + CipurseCClearContext(&cipurseContext); + return false; + } +} \ No newline at end of file diff --git a/client/src/cipurse/cipursecore.h b/client/src/cipurse/cipursecore.h index 47671d0c8..4555b4c1f 100644 --- a/client/src/cipurse/cipursecore.h +++ b/client/src/cipurse/cipursecore.h @@ -31,4 +31,6 @@ int CIPURSEReadFileAttributes(uint8_t *data, uint16_t *datalen); int CIPURSEReadBinary(uint16_t offset, uint8_t *data, uint16_t *datalen); int CIPURSEUpdateBinary(uint16_t offset, uint8_t *data, uint16_t datalen); +bool CIPURSEChannelAuthenticate(uint8_t keyIndex, uint8_t *key, bool verbose); + #endif /* __CIPURSECORE_H__ */ diff --git a/client/src/cmdhfcipurse.c b/client/src/cmdhfcipurse.c index 8839bcda1..39ea9cdc7 100644 --- a/client/src/cmdhfcipurse.c +++ b/client/src/cmdhfcipurse.c @@ -121,7 +121,7 @@ static int CmdHFCipurseAuth(const char *Cmd) { SetAPDULogging(APDULogging); - CLIParserFree(ctx); + CLIParserFree(ctx); int res = CIPURSESelect(true, true, buf, sizeof(buf), &len, &sw); if (res != 0 || sw != 0x9000) { @@ -129,48 +129,23 @@ static int CmdHFCipurseAuth(const char *Cmd) { DropField(); return PM3_ESOFT; } - - CipurseContext cpc = {0}; - CipurseCSetKey(&cpc, keyId, key); - + uint8_t kvv[CIPURSE_KVV_LENGTH] = {0}; CipurseCGetKVV(key, kvv); if (verbose) PrintAndLogEx(INFO, "Key id: %d key: %s KVV: %s", keyId, sprint_hex(key, CIPURSE_AES_KEY_LENGTH), sprint_hex_inrow(kvv, CIPURSE_KVV_LENGTH)); - // get RP, rP - res = CIPURSEChallenge(buf, sizeof(buf), &len, &sw); - if (res != 0 || len != 0x16) { - PrintAndLogEx(ERR, "Cipurse get challenge " _RED_("error") ". Card returns 0x%04x.", sw); - DropField(); - return PM3_ESOFT; - } - CipurseCSetRandomFromPICC(&cpc, buf); - - // make auth data - uint8_t authparams[16 + 16 + 6] = {0}; - CipurseCAuthenticateHost(&cpc, authparams); + bool bres = CIPURSEChannelAuthenticate(keyId, key, verbose); - // authenticate - res = CIPURSEMutalAuthenticate(keyId, authparams, sizeof(authparams), buf, sizeof(buf), &len, &sw); - if (res != 0 || sw != 0x9000 || len != 16) { - if (sw == 0x6988) - PrintAndLogEx(ERR, "Cipurse authentication " _RED_("error") ". Wrong key."); - else if ((sw == 0x6A88)) - PrintAndLogEx(ERR, "Cipurse authentication " _RED_("error") ". Wrong key number."); - else PrintAndLogEx(ERR, "Cipurse authentication " _RED_("error") ". Card returns 0x%04x.", sw); - - DropField(); - return PM3_ESOFT; + if (verbose == false) { + if (bres) + PrintAndLogEx(INFO, "Authentication " _GREEN_("OK")); + else + PrintAndLogEx(ERR, "Authentication " _RED_("ERROR")); } - if (CipurseCCheckCT(&cpc, buf)) - PrintAndLogEx(INFO, "Authentication " _GREEN_("OK")); - else - PrintAndLogEx(ERR, "Authentication " _RED_("ERROR") " card returned wrong CT"); - DropField(); - return PM3_SUCCESS; + return bres ? PM3_SUCCESS : PM3_ESOFT; }