From 7aad0087625d2e36b6554d3209bd985140b6c280 Mon Sep 17 00:00:00 2001 From: merlokk <807634+merlokk@users.noreply.github.com> Date: Sat, 7 Aug 2021 16:27:39 +0300 Subject: [PATCH] fix key path for cmac subkeys --- client/src/mifare/desfirecrypto.c | 32 ++++++++++++++++++++----------- client/src/mifare/desfirecrypto.h | 3 ++- client/src/mifare/desfiretest.c | 3 +-- 3 files changed, 24 insertions(+), 14 deletions(-) diff --git a/client/src/mifare/desfirecrypto.c b/client/src/mifare/desfirecrypto.c index 2df705dd2..86d0a9bac 100644 --- a/client/src/mifare/desfirecrypto.c +++ b/client/src/mifare/desfirecrypto.c @@ -151,6 +151,17 @@ size_t DesfireSearchCRCPos(uint8_t *data, size_t datalen, uint8_t respcode, uint return crcposfound; } +uint8_t *DesfireGetKey(DesfireContext *ctx, DesfireCryptoOpKeyType key_type) { + if (key_type == DCOSessionKeyMac) { + return ctx->sessionKeyMAC; + } else if (key_type == DCOSessionKeyEnc) { + return ctx->sessionKeyEnc; + } + + return ctx->key; +} + + static void DesfireCryptoEncDecSingleBlock(uint8_t *key, DesfireCryptoAlgorythm keyType, uint8_t *data, uint8_t *dstdata, uint8_t *ivect, bool dir_to_send, bool encode) { size_t block_size = desfire_get_key_block_length(keyType); uint8_t sdata[MAX_CRYPTO_BLOCK_SIZE] = {0}; @@ -232,15 +243,14 @@ void DesfireCryptoEncDecEx(DesfireContext *ctx, DesfireCryptoOpKeyType key_type, else memcpy(xiv, iv, block_size); + uint8_t *key = DesfireGetKey(ctx, key_type); + if (key == NULL) + return; + size_t offset = 0; while (offset < srcdatalen) { - if (key_type == DCOSessionKeyMac) { - DesfireCryptoEncDecSingleBlock(ctx->sessionKeyMAC, ctx->keyType, srcdata + offset, data + offset, xiv, dir_to_send, encode); - } else if (key_type == DCOSessionKeyEnc) { - DesfireCryptoEncDecSingleBlock(ctx->sessionKeyEnc, ctx->keyType, srcdata + offset, data + offset, xiv, dir_to_send, encode); - } else { - DesfireCryptoEncDecSingleBlock(ctx->key, ctx->keyType, srcdata + offset, data + offset, xiv, dir_to_send, encode); - } + DesfireCryptoEncDecSingleBlock(key, ctx->keyType, srcdata + offset, data + offset, xiv, dir_to_send, encode); + offset += block_size; } @@ -262,7 +272,7 @@ void DesfireCryptoEncDec(DesfireContext *ctx, DesfireCryptoOpKeyType key_type, u DesfireCryptoEncDecEx(ctx, key_type, srcdata, srcdatalen, dstdata, dir_to_send, xencode, NULL); } -void DesfireCMACGenerateSubkeys(DesfireContext *ctx, uint8_t *sk1, uint8_t *sk2) { +void DesfireCMACGenerateSubkeys(DesfireContext *ctx, DesfireCryptoOpKeyType key_type, uint8_t *sk1, uint8_t *sk2) { int kbs = desfire_get_key_block_length(ctx->keyType); const uint8_t R = (kbs == 8) ? 0x1B : 0x87; @@ -272,7 +282,7 @@ void DesfireCMACGenerateSubkeys(DesfireContext *ctx, uint8_t *sk1, uint8_t *sk2) uint8_t ivect[kbs]; memset(ivect, 0, kbs); - DesfireCryptoEncDecEx(ctx, DCOSessionKeyMac, l, kbs, l, true, true, ivect); + DesfireCryptoEncDecEx(ctx, key_type, l, kbs, l, true, true, ivect); bool txor = false; @@ -303,7 +313,7 @@ void DesfireCryptoCMAC(DesfireContext *ctx, uint8_t *data, size_t len, uint8_t * uint8_t sk1[DESFIRE_MAX_CRYPTO_BLOCK_SIZE] = {0}; uint8_t sk2[DESFIRE_MAX_CRYPTO_BLOCK_SIZE] = {0}; - DesfireCMACGenerateSubkeys(ctx, sk1, sk2); + DesfireCMACGenerateSubkeys(ctx, DCOSessionKeyMac, sk1, sk2); memcpy(buffer, data, len); @@ -337,7 +347,7 @@ void MifareKdfAn10922(DesfireContext *ctx, const uint8_t *data, size_t len) { uint8_t sk1[DESFIRE_MAX_CRYPTO_BLOCK_SIZE] = {0}; uint8_t sk2[DESFIRE_MAX_CRYPTO_BLOCK_SIZE] = {0}; - DesfireCMACGenerateSubkeys(ctx, sk1, sk2); + DesfireCMACGenerateSubkeys(ctx, DCOMainKey, sk1, sk2); // reserv atleast 32bytes. uint8_t buffer[DESFIRE_MAX_CRYPTO_BLOCK_SIZE * 2] = {0}; diff --git a/client/src/mifare/desfirecrypto.h b/client/src/mifare/desfirecrypto.h index 9ac0b5c71..e28c14cb6 100644 --- a/client/src/mifare/desfirecrypto.h +++ b/client/src/mifare/desfirecrypto.h @@ -108,9 +108,10 @@ size_t DesfireGetMACLength(DesfireContext *ctx); size_t DesfireSearchCRCPos(uint8_t *data, size_t datalen, uint8_t respcode, uint8_t crclen); +uint8_t *DesfireGetKey(DesfireContext *ctx, DesfireCryptoOpKeyType key_type); void DesfireCryptoEncDec(DesfireContext *ctx, DesfireCryptoOpKeyType key_type, uint8_t *srcdata, size_t srcdatalen, uint8_t *dstdata, bool encode); void DesfireCryptoEncDecEx(DesfireContext *ctx, DesfireCryptoOpKeyType key_type, uint8_t *srcdata, size_t srcdatalen, uint8_t *dstdata, bool dir_to_send, bool encode, uint8_t *iv); -void DesfireCMACGenerateSubkeys(DesfireContext *ctx, uint8_t *sk1, uint8_t *sk2); +void DesfireCMACGenerateSubkeys(DesfireContext *ctx, DesfireCryptoOpKeyType key_type, uint8_t *sk1, uint8_t *sk2); void DesfireCryptoCMAC(DesfireContext *ctx, uint8_t *srcdata, size_t srcdatalen, uint8_t *cmac); void MifareKdfAn10922(DesfireContext *ctx, const uint8_t *data, size_t len); diff --git a/client/src/mifare/desfiretest.c b/client/src/mifare/desfiretest.c index 8720961ad..b0a720e92 100644 --- a/client/src/mifare/desfiretest.c +++ b/client/src/mifare/desfiretest.c @@ -87,9 +87,8 @@ static bool TestCMACSubkeys(void) { uint8_t sk2[DESFIRE_MAX_CRYPTO_BLOCK_SIZE] = {0}; DesfireContext dctx; DesfireSetKey(&dctx, 0, T_AES, key); - memcpy(dctx.sessionKeyMAC, key, sizeof(key)); - DesfireCMACGenerateSubkeys(&dctx, sk1, sk2); + DesfireCMACGenerateSubkeys(&dctx, DCOMainKey, sk1, sk2); uint8_t sk1test[] = {0xFB, 0xC9, 0xF7, 0x5C, 0x94, 0x13, 0xC0, 0x41, 0xDF, 0xEE, 0x45, 0x2D, 0x3F, 0x07, 0x06, 0xD1}; uint8_t sk2test[] = {0xF7, 0x93, 0xEE, 0xB9, 0x28, 0x27, 0x80, 0x83, 0xBF, 0xDC, 0x8A, 0x5A, 0x7E, 0x0E, 0x0D, 0x25};