From 16ae154b4289642a1b0d79c2f72acde837a66fc1 Mon Sep 17 00:00:00 2001 From: Romain Tartiere Date: Sat, 20 Nov 2010 02:22:37 +0000 Subject: [PATCH] Don't swap the status byte in the received data. This have been done for consistency with other targets support, but cryptographic operations with Mifare DESFire EV1 tags would require to swap again this byte because MACing is performed on the following data (in this order): - Plain data - Status - Padding --- libfreefare/mifare_desfire.c | 52 ++++++++++++++++++------------------ 1 file changed, 26 insertions(+), 26 deletions(-) diff --git a/libfreefare/mifare_desfire.c b/libfreefare/mifare_desfire.c index d683b46..ed3b243 100644 --- a/libfreefare/mifare_desfire.c +++ b/libfreefare/mifare_desfire.c @@ -171,11 +171,11 @@ static uint8_t __res[MAX_FRAME_SIZE]; return errno = EIO, -1; \ } \ DEBUG_XFER (__res, __##res##_n, "<=== "); \ - res[0] = __res[__##res##_n-1]; \ - __##res##_n--; \ - memcpy (res + 1, __res, __##res##_n - 1); \ - if ((1 == __##res##_n) && (OPERATION_OK != res[0]) && (ADDITIONAL_FRAME != res[0])) { \ - return MIFARE_DESFIRE (tag)->last_picc_error = res[0], -1; \ + memcpy (res, __res, __##res##_n - 2); \ + res[__##res##_n-2] = __res[__##res##_n-1]; \ + __##res##_n-=1; \ + if ((1 == __##res##_n) && (OPERATION_OK != res[__##res##_n-1]) && (ADDITIONAL_FRAME != res[__##res##_n-1])) { \ + return MIFARE_DESFIRE (tag)->last_picc_error = res[__##res##_n-1], -1; \ } \ } while (0) @@ -346,7 +346,7 @@ mifare_desfire_authenticate (MifareTag tag, uint8_t key_no, MifareDESFireKey key uint8_t PICC_E_RndB[8]; - memcpy (PICC_E_RndB, res+1, 8); + memcpy (PICC_E_RndB, res, 8); uint8_t PICC_RndB[8]; memcpy (PICC_RndB, PICC_E_RndB, 8); @@ -373,7 +373,7 @@ mifare_desfire_authenticate (MifareTag tag, uint8_t key_no, MifareDESFireKey key DESFIRE_TRANSCEIVE (tag, cmd2, res); uint8_t PICC_E_RndA_s[8]; - memcpy (PICC_E_RndA_s, res+1, 8); + memcpy (PICC_E_RndA_s, res, 8); uint8_t PICC_RndA_s[8]; memcpy (PICC_RndA_s, PICC_E_RndA_s, 8); @@ -436,9 +436,9 @@ mifare_desfire_get_key_settings (MifareTag tag, uint8_t *settings, uint8_t *max_ DESFIRE_TRANSCEIVE (tag, cmd, res); if (settings) - *settings = res[1]; + *settings = res[0]; if (max_keys) - *max_keys = res[2]; + *max_keys = res[1]; return 0; } @@ -514,7 +514,7 @@ mifare_desfire_get_key_version (MifareTag tag, uint8_t key_no, uint8_t *version) DESFIRE_TRANSCEIVE (tag, cmd, res); - *version = res[1]; + *version = res[0]; return 0; } @@ -572,10 +572,10 @@ mifare_desfire_get_application_ids (MifareTag tag, MifareDESFireAID *aids[], siz *count = (BUFFER_SIZE (res)-1)/3; *aids = malloc ((*count + 1) * sizeof (MifareDESFireAID)); for (size_t i = 0; (3*i + 1) < BUFFER_SIZE (res); i++) { - (*aids)[i] = memdup (res + 3*i + 1, 3); + (*aids)[i] = memdup (res + 3*i, 3); } - if (res[0] == 0xAF) { + if (res[__res_n-1] == 0xAF) { cmd[0] = 0xAF; DESFIRE_TRANSCEIVE (tag, cmd, res); *count += (BUFFER_SIZE (res)-1) / 3; @@ -584,8 +584,8 @@ mifare_desfire_get_application_ids (MifareTag tag, MifareDESFireAID *aids[], siz if ((p = realloc (*aids, (*count + 1) * sizeof (MifareDESFireAID)))) { *aids = p; - for (size_t i = 0; (3*i + 1) < BUFFER_SIZE (res); i++) { - (*aids)[19+i] = memdup (res + 3*i + 1, 3); + for (size_t i = 0; (3*i) < BUFFER_SIZE (res); i++) { + (*aids)[19+i] = memdup (res + 3*i, 3); } } } @@ -667,14 +667,14 @@ mifare_desfire_get_version (MifareTag tag, struct mifare_desfire_version_info *v BUFFER_APPEND (cmd, 0x60); DESFIRE_TRANSCEIVE (tag, cmd, res); - memcpy (&(version_info->hardware), res+1, 7); + memcpy (&(version_info->hardware), res, 7); cmd[0] = 0xAF; DESFIRE_TRANSCEIVE (tag, cmd, res); - memcpy (&(version_info->software), res+1, 7); + memcpy (&(version_info->software), res, 7); DESFIRE_TRANSCEIVE (tag, cmd, res); - memcpy (&(version_info->uid), res+1, 14); + memcpy (&(version_info->uid), res, 14); return 0; } @@ -702,7 +702,7 @@ mifare_desfire_get_file_ids (MifareTag tag, uint8_t *files[], size_t *count) errno = ENOMEM; return -1; } - memcpy (*files, res+1, *count); + memcpy (*files, res, *count); return 0; } @@ -727,7 +727,7 @@ mifare_desfire_get_file_settings (MifareTag tag, uint8_t file_no, struct mifare_ DESFIRE_TRANSCEIVE (tag, cmd, res); struct mifare_desfire_raw_file_settings raw_settings; - memcpy (&raw_settings, res+1, BUFFER_SIZE (res)-1); + memcpy (&raw_settings, res, BUFFER_SIZE (res)); settings->file_type = raw_settings.file_type; settings->communication_settings = raw_settings.communication_settings; @@ -951,10 +951,10 @@ read_data (MifareTag tag, uint8_t command, uint8_t file_no, off_t offset, size_t DESFIRE_TRANSCEIVE (tag, cmd, res); frame_bytes = BUFFER_SIZE (res) - 1; - memcpy ((uint8_t *)p + bytes_read, res + 1, frame_bytes); + memcpy ((uint8_t *)p + bytes_read, res, frame_bytes); bytes_read += frame_bytes; - if (res[0] == 0xAF) { + if (res[__res_n-1] == 0xAF) { if (p != data) { // If we are handling memory, request more for next frame. if (!(p = assert_crypto_buffer_size (tag, bytes_read + MAX_FRAME_SIZE - 1))) @@ -965,7 +965,7 @@ read_data (MifareTag tag, uint8_t command, uint8_t file_no, off_t offset, size_t BUFFER_APPEND (cmd, 0xAF); } - } while (res[0] != 0x00); + } while (res[__res_n-1] != 0x00); if (cs) { if (mifare_cryto_postprocess_data (tag, p, &bytes_read, cs)) @@ -1020,7 +1020,7 @@ write_data (MifareTag tag, uint8_t command, uint8_t file_no, off_t offset, size_ bytes_send += frame_bytes; - if (0x00 == res[0]) + if (0x00 == res[__res_n-1]) break; // PICC returned 0xAF and expects more data @@ -1029,9 +1029,9 @@ write_data (MifareTag tag, uint8_t command, uint8_t file_no, off_t offset, size_ bytes_left = FRAME_PAYLOAD_SIZE - 1; } - if (0x00 != res[0]) { + if (0x00 != res[__res_n-1]) { // 0xAF (additionnal Frame) failure can happen here (wrong crypto method). - MIFARE_DESFIRE (tag)->last_picc_error = res[0]; + MIFARE_DESFIRE (tag)->last_picc_error = res[__res_n-1]; bytes_send = -1; } @@ -1077,7 +1077,7 @@ mifare_desfire_get_value_ex (MifareTag tag, uint8_t file_no, int32_t *value, int DESFIRE_TRANSCEIVE (tag, cmd, res); - p = (uint8_t *)res + 1; + p = (uint8_t *)res; if (cs) { ssize_t rdl = BUFFER_SIZE (res) - 1;