mirror of
https://github.com/RfidResearchGroup/proxmark3.git
synced 2024-09-21 15:56:21 +08:00
LRPEvalLRP ok
This commit is contained in:
parent
5df6732a1b
commit
c8813a0123
|
@ -530,6 +530,62 @@ static bool TestLRPUpdatedKeys(void) {
|
|||
return res;
|
||||
}
|
||||
|
||||
// https://www.nxp.com/docs/en/application-note/AN12304.pdf
|
||||
// 3.2 LRP Eval, page 13
|
||||
static bool TestLRPEval(void) {
|
||||
bool res = true;
|
||||
|
||||
LRPContext ctx = {0};
|
||||
|
||||
uint8_t y[CRYPTO_AES128_KEY_SIZE] = {0};
|
||||
uint8_t key[] = {0x56, 0x78, 0x26, 0xB8, 0xDA, 0x8E, 0x76, 0x84, 0x32, 0xA9, 0x54, 0x8D, 0xBE, 0x4A, 0xA3, 0xA0};
|
||||
uint8_t iv[] = {0x13, 0x59};
|
||||
LRPSetKey(&ctx, key, 2, false);
|
||||
LRPEvalLRP(&ctx, iv, sizeof(iv) * 2, true, y);
|
||||
|
||||
uint8_t y1[] = {0x1B, 0xA2, 0xC0, 0xC5, 0x78, 0x99, 0x6B, 0xC4, 0x97, 0xDD, 0x18, 0x1C, 0x68, 0x85, 0xA9, 0xDD};
|
||||
res = res && (memcmp(y, y1, sizeof(y1)) == 0);
|
||||
|
||||
uint8_t key2[] = {0xB6, 0x55, 0x57, 0xCE, 0x0E, 0x9B, 0x4C, 0x58, 0x86, 0xF2, 0x32, 0x20, 0x01, 0x13, 0x56, 0x2B};
|
||||
uint8_t iv2[] = {0xBB, 0x4F, 0xCF, 0x27, 0xC9, 0x40, 0x76, 0xF7, 0x56, 0xAB, 0x03, 0x0D};
|
||||
LRPSetKey(&ctx, key2, 1, false);
|
||||
LRPEvalLRP(&ctx, iv2, sizeof(iv2) * 2, false, y);
|
||||
|
||||
uint8_t y2[] = {0x6F, 0xDF, 0xA8, 0xD2, 0xA6, 0xAA, 0x84, 0x76, 0xBF, 0x94, 0xE7, 0x1F, 0x25, 0x63, 0x7F, 0x96};
|
||||
res = res && (memcmp(y, y2, sizeof(y2)) == 0);
|
||||
|
||||
uint8_t key3[] = {0xC4, 0x8A, 0x8E, 0x8B, 0x16, 0x57, 0x16, 0x45, 0xA1, 0x55, 0x78, 0x25, 0xAA, 0x66, 0xAC, 0x91};
|
||||
uint8_t iv3[] = {0x1F, 0x0B, 0x7C, 0x0D, 0xB1, 0x28, 0x89, 0xCA, 0x43, 0x6C, 0xAB, 0xB7, 0x8B, 0xE4, 0x2F, 0x90};
|
||||
LRPSetKey(&ctx, key3, 3, false);
|
||||
LRPEvalLRP(&ctx, iv3, sizeof(iv3) * 2 - 1, true, y);
|
||||
|
||||
uint8_t y3[] = {0x51, 0x29, 0x6B, 0x5E, 0x6D, 0x3B, 0x8D, 0xB8, 0xA1, 0xA7, 0x39, 0x97, 0x60, 0xA1, 0x91, 0x89};
|
||||
res = res && (memcmp(y, y3, sizeof(y3)) == 0);
|
||||
|
||||
uint8_t key4[] = {0x54, 0x9C, 0x67, 0xEC, 0xD6, 0x0E, 0x84, 0x8F, 0x77, 0x39, 0x90, 0x99, 0x0C, 0xAC, 0x68, 0x1E};
|
||||
uint8_t iv4[] = {0x47, 0x5B, 0xB4, 0x18, 0x78, 0xEB, 0x17, 0x46, 0x8F, 0x7A, 0x68, 0x84, 0x7D, 0xDD, 0x3B, 0xAC};
|
||||
LRPSetKey(&ctx, key4, 3, false);
|
||||
LRPEvalLRP(&ctx, iv4, sizeof(iv4) * 2, true, y);
|
||||
|
||||
uint8_t y4[] = {0xC3, 0xB5, 0xEE, 0x74, 0xA7, 0x22, 0xE7, 0x84, 0x88, 0x7C, 0x4C, 0x9F, 0xDB, 0x49, 0x78, 0x55};
|
||||
res = res && (memcmp(y, y4, sizeof(y4)) == 0);
|
||||
|
||||
uint8_t key5[] = {0x80, 0x6A, 0x50, 0x53, 0x0D, 0x77, 0x35, 0xB4, 0x0A, 0xC4, 0xEF, 0x16, 0x38, 0xE8, 0xAD, 0x6A};
|
||||
uint8_t iv5[] = {0xD4, 0x13, 0x77, 0x64, 0x71, 0x6D, 0xBC, 0x8C, 0x57, 0x9B, 0xEA, 0xB7, 0xE7, 0x67, 0x54, 0xE0};
|
||||
LRPSetKey(&ctx, key5, 3, false);
|
||||
LRPEvalLRP(&ctx, iv5, sizeof(iv5) * 2 - 1, false, y);
|
||||
|
||||
uint8_t y5[] = {0xCF, 0x99, 0x13, 0x92, 0xF0, 0x36, 0x93, 0x50, 0xA7, 0xE2, 0x1B, 0xE5, 0x2F, 0x74, 0x88, 0x21};
|
||||
res = res && (memcmp(y, y5, sizeof(y5)) == 0);
|
||||
|
||||
if (res)
|
||||
PrintAndLogEx(INFO, "LRP eval.......... " _GREEN_("passed"));
|
||||
else
|
||||
PrintAndLogEx(ERR, "LRP eval.......... " _RED_("fail"));
|
||||
|
||||
return res;
|
||||
}
|
||||
|
||||
bool DesfireTest(bool verbose) {
|
||||
bool res = true;
|
||||
|
||||
|
@ -550,6 +606,7 @@ bool DesfireTest(bool verbose) {
|
|||
res = res && TestTransSessionKeys();
|
||||
res = res && TestLRPPlaintexts();
|
||||
res = res && TestLRPUpdatedKeys();
|
||||
res = res && TestLRPEval();
|
||||
|
||||
PrintAndLogEx(INFO, "---------------------------");
|
||||
if (res)
|
||||
|
|
|
@ -28,6 +28,7 @@
|
|||
|
||||
static uint8_t constAA[] = {0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa};
|
||||
static uint8_t const55[] = {0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55};
|
||||
static uint8_t const00[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
|
||||
|
||||
void LRPClearContext(LRPContext *ctx) {
|
||||
memset(ctx->key, 0, CRYPTO_AES128_KEY_SIZE);
|
||||
|
@ -85,3 +86,17 @@ void LRPGenerateUpdatedKeys(LRPContext *ctx, size_t updatedKeysCount) {
|
|||
|
||||
ctx->updatedKeysCount = updatedKeysCount;
|
||||
}
|
||||
|
||||
// https://www.nxp.com/docs/en/application-note/AN12304.pdf
|
||||
// Algorithm 3
|
||||
void LRPEvalLRP(LRPContext *ctx, uint8_t *iv, size_t ivlen, bool final, uint8_t *y) {
|
||||
memcpy(y, ctx->updatedKeys[ctx->useUpdatedKeyNum], CRYPTO_AES128_KEY_SIZE);
|
||||
|
||||
for (int i = 0; i < ivlen; i++) {
|
||||
uint8_t nk = (i % 2) ? iv[i / 2] & 0x0f : (iv[i / 2] >> 4) & 0x0f;
|
||||
aes_encode(NULL, y, ctx->plaintexts[nk], y, CRYPTO_AES128_KEY_SIZE);
|
||||
}
|
||||
|
||||
if (final)
|
||||
aes_encode(NULL, y, const00, y, CRYPTO_AES128_KEY_SIZE);
|
||||
}
|
||||
|
|
|
@ -41,6 +41,6 @@ void LRPClearContext(LRPContext *ctx);
|
|||
void LRPSetKey(LRPContext *ctx, uint8_t *key, size_t updatedKeyNum, bool useBitPadding);
|
||||
void LRPGeneratePlaintexts(LRPContext *ctx, size_t plaintextsCount);
|
||||
void LRPGenerateUpdatedKeys(LRPContext *ctx, size_t updatedKeysCount);
|
||||
|
||||
void LRPEvalLRP(LRPContext *ctx, uint8_t *iv, size_t ivlen, bool final, uint8_t *y);
|
||||
|
||||
#endif // __LRPCRYPTO_H
|
||||
|
|
Loading…
Reference in a new issue