From 0d8a53308c48f470025a5640eb2c34be5c066533 Mon Sep 17 00:00:00 2001 From: Romain Tartiere Date: Fri, 24 Dec 2010 11:41:15 +0000 Subject: [PATCH] Change the mifare_cbc_des() internal function prototype. --- libfreefare/freefare_internal.h | 2 +- libfreefare/mifare_desfire.c | 6 ++--- libfreefare/mifare_desfire_crypto.c | 38 ++++++++++++++++++++++------- test/test_mifare_desfire_des.c | 4 +-- 4 files changed, 35 insertions(+), 15 deletions(-) diff --git a/libfreefare/freefare_internal.h b/libfreefare/freefare_internal.h index 15eba31..a806ce0 100644 --- a/libfreefare/freefare_internal.h +++ b/libfreefare/freefare_internal.h @@ -146,7 +146,7 @@ typedef enum { void *mifare_cryto_preprocess_data (MifareTag tag, void *data, size_t *nbytes, off_t offset, int communication_settings); void *mifare_cryto_postprocess_data (MifareTag tag, void *data, ssize_t *nbytes, int communication_settings); -void mifare_cbc_des (MifareDESFireKey key, uint8_t *ivect, uint8_t *data, size_t data_size, MifareCryptoDirection direction, MifareCryptoOperation operation); +void mifare_cbc_des (MifareTag tag, MifareDESFireKey key, uint8_t *ivect, uint8_t *data, size_t data_size, MifareCryptoDirection direction, MifareCryptoOperation operation); void rol (uint8_t *data, const size_t len); void desfire_crc32 (const uint8_t *data, const size_t len, uint8_t *crc); void desfire_crc32_append (uint8_t *data, const size_t len); diff --git a/libfreefare/mifare_desfire.c b/libfreefare/mifare_desfire.c index 90b569b..2169e5e 100644 --- a/libfreefare/mifare_desfire.c +++ b/libfreefare/mifare_desfire.c @@ -349,7 +349,7 @@ authenticate (MifareTag tag, uint8_t cmd, uint8_t key_no, MifareDESFireKey key) uint8_t PICC_RndB[16]; memcpy (PICC_RndB, PICC_E_RndB, key_length); - mifare_cbc_des (key, MIFARE_DESFIRE (tag)->ivect, PICC_RndB, key_length, MCD_RECEIVE, MCO_DECYPHER); + mifare_cbc_des (tag, key, MIFARE_DESFIRE (tag)->ivect, PICC_RndB, key_length, MCD_RECEIVE, MCO_DECYPHER); uint8_t PCD_RndA[16]; RAND_bytes (PCD_RndA, 16); @@ -362,7 +362,7 @@ authenticate (MifareTag tag, uint8_t cmd, uint8_t key_no, MifareDESFireKey key) memcpy (token, PCD_RndA, key_length); memcpy (token+key_length, PCD_r_RndB, key_length); - mifare_cbc_des (key, MIFARE_DESFIRE (tag)->ivect, token, 2 * key_length, MCD_SEND, (0x0A == cmd) ? MCO_DECYPHER : MCO_ENCYPHER); + mifare_cbc_des (tag, key, MIFARE_DESFIRE (tag)->ivect, token, 2 * key_length, MCD_SEND, (0x0A == cmd) ? MCO_DECYPHER : MCO_ENCYPHER); BUFFER_INIT (cmd2, 33); @@ -376,7 +376,7 @@ authenticate (MifareTag tag, uint8_t cmd, uint8_t key_no, MifareDESFireKey key) uint8_t PICC_RndA_s[16]; memcpy (PICC_RndA_s, PICC_E_RndA_s, key_length); - mifare_cbc_des (key, MIFARE_DESFIRE (tag)->ivect, PICC_RndA_s, key_length, MCD_RECEIVE, MCO_DECYPHER); + mifare_cbc_des (tag, key, MIFARE_DESFIRE (tag)->ivect, PICC_RndA_s, key_length, MCD_RECEIVE, MCO_DECYPHER); uint8_t PCD_RndA_s[key_length]; memcpy (PCD_RndA_s, PCD_RndA, key_length); diff --git a/libfreefare/mifare_desfire_crypto.c b/libfreefare/mifare_desfire_crypto.c index 18c8ada..557a870 100644 --- a/libfreefare/mifare_desfire_crypto.c +++ b/libfreefare/mifare_desfire_crypto.c @@ -114,7 +114,7 @@ cmac_generate_subkeys (MifareDESFireKey key) uint8_t ivect[kbs]; bzero (ivect, kbs); - mifare_cbc_des (key, ivect, l, kbs, MCD_RECEIVE, MCO_ENCYPHER); + mifare_cbc_des (NULL, key, ivect, l, kbs, MCD_RECEIVE, MCO_ENCYPHER); bool xor = false; @@ -154,7 +154,7 @@ cmac (const MifareDESFireKey key, uint8_t *ivect, const uint8_t *data, size_t le xor (key->cmac_sk1, buffer + len - kbs, kbs); } - mifare_cbc_des (key, ivect, buffer, len, MCD_SEND, MCO_ENCYPHER); + mifare_cbc_des (NULL, key, ivect, buffer, len, MCD_SEND, MCO_ENCYPHER); memcpy (cmac, ivect, kbs); @@ -345,7 +345,7 @@ mifare_cryto_preprocess_data (MifareTag tag, void *data, size_t *nbytes, off_t o // ... and 0 padding memset ((uint8_t *)res + *nbytes, 0, edl - *nbytes); - mifare_cbc_des (MIFARE_DESFIRE (tag)->session_key, MIFARE_DESFIRE (tag)->ivect, (uint8_t *) res + offset, edl - offset, MCD_SEND, MCO_ENCYPHER); + mifare_cbc_des (tag, NULL, NULL, (uint8_t *) res + offset, edl - offset, MCD_SEND, MCO_ENCYPHER); memcpy (mac, (uint8_t *)res + edl - 8, 4); @@ -433,7 +433,7 @@ mifare_cryto_preprocess_data (MifareTag tag, void *data, size_t *nbytes, off_t o *nbytes = edl; - mifare_cbc_des (MIFARE_DESFIRE (tag)->session_key, MIFARE_DESFIRE (tag)->ivect, (uint8_t *) res + offset, *nbytes - offset, MCD_SEND, (key->type == T_3K3DES) ? MCO_ENCYPHER : MCO_DECYPHER); + mifare_cbc_des (tag, NULL, NULL, (uint8_t *) res + offset, *nbytes - offset, MCD_SEND, (key->type == T_3K3DES) ? MCO_ENCYPHER : MCO_DECYPHER); break; case T_AES: @@ -452,7 +452,7 @@ mifare_cryto_preprocess_data (MifareTag tag, void *data, size_t *nbytes, off_t o pdl = padded_data_length (*nbytes - offset, key_block_size (MIFARE_DESFIRE (tag)->session_key)); bzero ((uint8_t *)res + *nbytes, (offset + pdl) - (*nbytes)); } - mifare_cbc_des (key, MIFARE_DESFIRE (tag)->ivect, (uint8_t *)res + offset, pdl, MCD_SEND, MCO_ENCYPHER); + mifare_cbc_des (tag, NULL, NULL, (uint8_t *)res + offset, pdl, MCD_SEND, MCO_ENCYPHER); *nbytes = offset + pdl; break; @@ -509,7 +509,7 @@ mifare_cryto_postprocess_data (MifareTag tag, void *data, ssize_t *nbytes, int c memcpy (edata, data, *nbytes - 1); memset ((uint8_t *)edata + *nbytes - 1, 0, edl - *nbytes + 1); - mifare_cbc_des (MIFARE_DESFIRE (tag)->session_key, MIFARE_DESFIRE (tag)->ivect, edata, edl, MCD_SEND, MCO_ENCYPHER); + mifare_cbc_des (tag, NULL, NULL, edata, edl, MCD_SEND, MCO_ENCYPHER); if (0 != memcmp ((uint8_t *)data + *nbytes - 1, (uint8_t *)edata + edl - 8, 4)) { warnx ("MACing not verified"); @@ -566,7 +566,7 @@ mifare_cryto_postprocess_data (MifareTag tag, void *data, ssize_t *nbytes, int c case T_DES: case T_3DES: (*nbytes)--; - mifare_cbc_des (MIFARE_DESFIRE (tag)->session_key, MIFARE_DESFIRE (tag)->ivect, res, *nbytes, MCD_RECEIVE, MCO_DECYPHER); + mifare_cbc_des (tag, NULL, NULL, res, *nbytes, MCD_RECEIVE, MCO_DECYPHER); /* * Look for the CRC and ensure it is followed by NULL padding. We @@ -608,7 +608,7 @@ mifare_cryto_postprocess_data (MifareTag tag, void *data, ssize_t *nbytes, int c case T_3K3DES: case T_AES: (*nbytes)--; - mifare_cbc_des (MIFARE_DESFIRE (tag)->session_key, MIFARE_DESFIRE (tag)->ivect, res, *nbytes, MCD_RECEIVE, MCO_DECYPHER); + mifare_cbc_des (tag, NULL, NULL, res, *nbytes, MCD_RECEIVE, MCO_DECYPHER); uint8_t *p = ((uint8_t *)res) + *nbytes - 1; while (!*p) { p--; @@ -727,11 +727,31 @@ mifare_des (MifareDESFireKey key, uint8_t *data, uint8_t *ivect, MifareCryptoDir } } +/* + * This function performs all CBC cyphering / deciphering. + * + * The tag argument may be NULL, in which case both key and ivect shall be set. + * When using the tag session_key and ivect for processing data, these + * arguments should be set to NULL. + * + * Because the tag may contain additional data, one may need to call this + * function with tag, key and ivect defined. + */ void -mifare_cbc_des (MifareDESFireKey key, uint8_t *ivect, uint8_t *data, size_t data_size, MifareCryptoDirection direction, MifareCryptoOperation operation) +mifare_cbc_des (MifareTag tag, MifareDESFireKey key, uint8_t *ivect, uint8_t *data, size_t data_size, MifareCryptoDirection direction, MifareCryptoOperation operation) { size_t block_size; + if (tag) { + if (!key) + key = MIFARE_DESFIRE (tag)->session_key; + if (!ivect) + ivect = MIFARE_DESFIRE (tag)->ivect; + } + + if (!key || !ivect) + abort(); + switch (key->type) { case T_DES: case T_3DES: diff --git a/test/test_mifare_desfire_des.c b/test/test_mifare_desfire_des.c index 541051d..f4b68d0 100644 --- a/test/test_mifare_desfire_des.c +++ b/test/test_mifare_desfire_des.c @@ -45,7 +45,7 @@ test_mifare_desfire_des_receive (void) uint8_t expected_data[8] = { 0x73, 0x0d, 0xdf, 0xad, 0xa4, 0xd2, 0x07, 0x89 }; uint8_t expected_key[8] = { 1, 1, 1, 1, 1, 1, 1, 1 }; - mifare_cbc_des (key, null_ivect, data, 8, MCD_RECEIVE, MCO_DECYPHER); + mifare_cbc_des (NULL, key, null_ivect, data, 8, MCD_RECEIVE, MCO_DECYPHER); cut_assert_equal_memory (&expected_data, 8, &data, 8, cut_message ("Wrong data")); cut_assert_equal_memory (&expected_key, 8, key->data, 8, cut_message ("Wrong key")); @@ -64,7 +64,7 @@ test_mifare_desfire_des_send (void) uint8_t expected_data[8] = { 0xd6, 0x59, 0xe1, 0x70, 0x43, 0xa8, 0x40, 0x68 }; uint8_t expected_key[8] = { 1, 1, 1, 1, 1, 1, 1, 1 }; - mifare_cbc_des (key, null_ivect, data, 8, MCD_SEND, MCO_DECYPHER); + mifare_cbc_des (NULL, key, null_ivect, data, 8, MCD_SEND, MCO_DECYPHER); cut_assert_equal_memory (&expected_data, 8, &data, 8, cut_message ("Wrong data")); cut_assert_equal_memory (&expected_key, 8, key->data, 8, cut_message ("Wrong key"));