highperfocused/unleashed-firmware
1
0
Fork 0
mirror of https://github.com/DarkFlippers/unleashed-firmware.git synced 2025-10-09 16:22:31 +02:00
Code Issues Packages Projects Releases Wiki Activity

Attempt to auth with default 3DES key

Browse Source
This commit is contained in:
Mykhailo Shevchuk
2025-04-29 02:31:41 +03:00
parent ef3d17ea4e
commit c0e169a229
4 changed files with 65 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
lib/nfc/protocols/mf_ultralight/mf_ultralight_poller.c
View File

@@ -445,25 +445,35 @@ static NfcCommand mf_ultralight_poller_handler_auth(MfUltralightPoller* instance
static NfcCommand mf_ultralight_poller_handler_auth_ultralight_c(MfUltralightPoller* instance) { static NfcCommand mf_ultralight_poller_handler_auth_ultralight_c(MfUltralightPoller* instance) {
NfcCommand command = NfcCommandContinue; NfcCommand command = NfcCommandContinue;
FURI_LOG_D(TAG, "MfulC auth"); FURI_LOG_D(TAG, "MfulC auth");
if(mf_ultralight_support_feature(
instance->feature_set, MfUltralightFeatureSupportAuthenticate)) {
instance->mfu_event.type = MfUltralightPollerEventTypeAuthRequest;
command = instance->callback(instance->general_event, instance->context); do {
if(!instance->mfu_event.data->auth_context.skip_auth) { if(mf_ultralight_support_feature(
FURI_LOG_D(TAG, "Trying to authenticate with 3des key"); instance->feature_set, MfUltralightFeatureSupportAuthenticate)) {
instance->auth_context.tdes_key = instance->mfu_event.data->auth_context.tdes_key; instance->mfu_event.type = MfUltralightPollerEventTypeAuthRequest;
instance->error = mf_ultralight_poller_auth_tdes(instance, &instance->auth_context);
if(instance->error == MfUltralightErrorNone && instance->auth_context.auth_success) { command = instance->callback(instance->general_event, instance->context);
FURI_LOG_D(TAG, "Auth success"); if(!instance->mfu_event.data->auth_context.skip_auth) {
FURI_LOG_D(TAG, "Trying to authenticate with 3des key");
instance->auth_context.tdes_key = instance->mfu_event.data->auth_context.tdes_key;
instance->error =
mf_ultralight_poller_auth_tdes(instance, &instance->auth_context);
if(instance->error == MfUltralightErrorNone &&
instance->auth_context.auth_success) {
FURI_LOG_D(TAG, "Auth success");
} else {
FURI_LOG_D(TAG, "Auth failed");
iso14443_3a_poller_halt(instance->iso14443_3a_poller);
}
} else { } else {
FURI_LOG_D(TAG, "Auth failed"); // We assume here that it is card read without explicitly provided key
iso14443_3a_poller_halt(instance->iso14443_3a_poller); // So we try to auth with default one
instance->state = MfUltralightPollerStateTryDefaultMfulCKey;
break;
} }
} }
} instance->state = MfUltralightPollerStateReadPages;
instance->state = MfUltralightPollerStateReadPages; } while(false);
return command; return command;
} }
@@ -560,6 +570,40 @@ static NfcCommand mf_ultralight_poller_handler_try_default_pass(MfUltralightPoll
return NfcCommandContinue; return NfcCommandContinue;
} }
static NfcCommand
mf_ultralight_poller_handler_try_default_ultralight_c_key(MfUltralightPoller* instance) {
do {
if(!mf_ultralight_support_feature(
instance->feature_set, MfUltralightFeatureSupportAuthenticate)) {
break;
}
if(instance->auth_context.auth_success) {
break;
}
FURI_LOG_D(TAG, "Trying authentication with default 3DES key");
memcpy(
&instance->auth_context.tdes_key.data,
MF_ULTRALIGHT_C_DEFAULT_KEY,
MF_ULTRALIGHT_C_AUTH_DES_KEY_SIZE);
instance->error = mf_ultralight_poller_auth_tdes(instance, &instance->auth_context);
if(instance->error == MfUltralightErrorNone && instance->auth_context.auth_success) {
FURI_LOG_D(TAG, "Default 3DES key detected");
} else {
FURI_LOG_D(TAG, "Authentication attempt with default 3DES key failed");
iso14443_3a_poller_halt(instance->iso14443_3a_poller);
}
} while(false);
instance->state = MfUltralightPollerStateReadPages;
return NfcCommandContinue;
}
static NfcCommand static NfcCommand
mf_ultralight_poller_handler_check_mfuc_auth_status(MfUltralightPoller* instance) { mf_ultralight_poller_handler_check_mfuc_auth_status(MfUltralightPoller* instance) {
instance->state = MfUltralightPollerStateReadSuccess; instance->state = MfUltralightPollerStateReadSuccess;
@@ -724,6 +768,8 @@ static const MfUltralightPollerReadHandler
mf_ultralight_poller_handler_read_tearing_flags, mf_ultralight_poller_handler_read_tearing_flags,
[MfUltralightPollerStateAuth] = mf_ultralight_poller_handler_auth, [MfUltralightPollerStateAuth] = mf_ultralight_poller_handler_auth,
[MfUltralightPollerStateTryDefaultPass] = mf_ultralight_poller_handler_try_default_pass, [MfUltralightPollerStateTryDefaultPass] = mf_ultralight_poller_handler_try_default_pass,
[MfUltralightPollerStateTryDefaultMfulCKey] =
mf_ultralight_poller_handler_try_default_ultralight_c_key,
[MfUltralightPollerStateCheckMfulCAuthStatus] = [MfUltralightPollerStateCheckMfulCAuthStatus] =
mf_ultralight_poller_handler_check_mfuc_auth_status, mf_ultralight_poller_handler_check_mfuc_auth_status,
[MfUltralightPollerStateAuthMfulC] = mf_ultralight_poller_handler_auth_ultralight_c, [MfUltralightPollerStateAuthMfulC] = mf_ultralight_poller_handler_auth_ultralight_c,

6
lib/nfc/protocols/mf_ultralight/mf_ultralight_poller_i.c
View File

@@ -167,7 +167,7 @@ MfUltralightError mf_ultralight_poller_authenticate_start(
uint8_t* RndB = output + MF_ULTRALIGHT_C_AUTH_RND_B_BLOCK_OFFSET; uint8_t* RndB = output + MF_ULTRALIGHT_C_AUTH_RND_B_BLOCK_OFFSET;
mf_ultralight_3des_decrypt( mf_ultralight_3des_decrypt(
&instance->des_context, &instance->des_context,
instance->mfu_event.data->auth_context.tdes_key.data, instance->auth_context.tdes_key.data,
iv, iv,
encRndB, encRndB,
sizeof(encRndB), sizeof(encRndB),
@@ -178,7 +178,7 @@ MfUltralightError mf_ultralight_poller_authenticate_start(
mf_ultralight_3des_encrypt( mf_ultralight_3des_encrypt(
&instance->des_context, &instance->des_context,
instance->mfu_event.data->auth_context.tdes_key.data, instance->auth_context.tdes_key.data,
encRndB, encRndB,
output, output,
MF_ULTRALIGHT_C_AUTH_DATA_SIZE, MF_ULTRALIGHT_C_AUTH_DATA_SIZE,
@@ -212,7 +212,7 @@ MfUltralightError mf_ultralight_poller_authenticate_end(
mf_ultralight_3des_decrypt( mf_ultralight_3des_decrypt(
&instance->des_context, &instance->des_context,
instance->mfu_event.data->auth_context.tdes_key.data, instance->auth_context.tdes_key.data,
RndB, RndB,
bit_buffer_get_data(instance->rx_buffer) + 1, bit_buffer_get_data(instance->rx_buffer) + 1,
MF_ULTRALIGHT_C_AUTH_RND_BLOCK_SIZE, MF_ULTRALIGHT_C_AUTH_RND_BLOCK_SIZE,

1
lib/nfc/protocols/mf_ultralight/mf_ultralight_poller_i.h
View File

@@ -59,6 +59,7 @@ typedef enum {
MfUltralightPollerStateAuthMfulC, MfUltralightPollerStateAuthMfulC,
MfUltralightPollerStateReadPages, MfUltralightPollerStateReadPages,
MfUltralightPollerStateTryDefaultPass, MfUltralightPollerStateTryDefaultPass,
MfUltralightPollerStateTryDefaultMfulCKey,
MfUltralightPollerStateCheckMfulCAuthStatus, MfUltralightPollerStateCheckMfulCAuthStatus,
MfUltralightPollerStateReadFailed, MfUltralightPollerStateReadFailed,
MfUltralightPollerStateReadSuccess, MfUltralightPollerStateReadSuccess,

2
targets/f7/api_symbols.csv
View File

@@ -1,5 +1,5 @@
entry,status,name,type,params entry,status,name,type,params
Version,+,86.2,, Version,+,86.0,,
Header,+,applications/drivers/subghz/cc1101_ext/cc1101_ext_interconnect.h,, Header,+,applications/drivers/subghz/cc1101_ext/cc1101_ext_interconnect.h,,
Header,+,applications/services/bt/bt_service/bt.h,, Header,+,applications/services/bt/bt_service/bt.h,,
Header,+,applications/services/bt/bt_service/bt_keys_storage.h,, Header,+,applications/services/bt/bt_service/bt_keys_storage.h,,
1 entry status name type params
2 Version + 86.2 86.0
3 Header + applications/drivers/subghz/cc1101_ext/cc1101_ext_interconnect.h
4 Header + applications/services/bt/bt_service/bt.h
5 Header + applications/services/bt/bt_service/bt_keys_storage.h