This commit fixes issue #91.
[AN10922][] specifies the key diversification algorithms used by the
MIFARE SAM AV3. Support for these algorithms was added to
`libfreefare` via pull-request #79.
However, while every attempt was made to write a faithful
implementation, the implemented code did not properly handle cases
where the diversification data was less than or equal to the block
size of the cipher: 16 bytes for AES, and 8 bytes for DES. This
bug was identified in issue #91.
This commit addresses this problem while providing a way to revert to
the previous behavior in cases where it is necessary to maintain
previous deployments. This was accomplished by introducing a new
`flags` parameter to the `mifare_key_deriver_new_an10922` method.
Normally, `flags` should simply be set to `AN10922_FLAG_DEFAULT`.
However, if the previous behavior is required, it should be set to
`AN10922_FLAG_EMULATE_ISSUE_91`.
[AN10922][] does not include any test vectors that might have helped to
identify this problem earlier. However, [AN10957][] (pages 13-14) was
found to have a suitable example usage of [AN10922][] with an
appropriately short value for *M* that we are using as a test vector
to verify correct behavior.
Note that the issue being addressed here is not a security issue:
using the `AN10922_FLAG_EMULATE_ISSUE_91` should not be any less
secure than using `AN10922_FLAG_DEFAULT`.
[AN10922]: https://www.nxp.com/docs/en/application-note/AN10922.pdf
[AN10957]: https://www.nxp.com/docs/en/application-note/AN10957.pdf
- Change default tag from NTAG_213 to NTAG_UNKNOWN so unknown tags can
be detected. ntag_get_info() MUST be called after connect;
- Fix reuse function which used to reset all tag info;
- Introduce ntag21x error reporting through freefare_error(3);
In addition to adding tests for the bugs addressed via #70,
this commit also addresses a key corruption bug that would
occur on 3DES keys when `mifare_desfire_key_set_version()`
was called.
Depending on the communication settings, mifare_desfire_read_data() may
write more than the provided "length" bytes to the "data" buffer,
possibly causing data corruption or crashes if no special care is taken.
Since the test suite is precisely a "no special care is taken" example,
assume only "length" bytes can be written to the "data" buffer and rely
on a temporary buffer for cryptographic operations.
Fixes issue 28.
Fixes issue 57
New API functions:
* mifare_desfire_create_application_iso()
* mifare_desfire_create_application_3k3des_iso()
* mifare_desfire_create_application_aes_iso()
* mifare_desfire_get_df_names()
Plus unit test to check this.
Because in some circumstances the crypto is skipped regardless of the
communication settings by the Mifare DESFire (e.g. when reading a file which is
writable with any key), do not abort if the crypto fail, and make it possible
to the user to catch such an event to fix his code accordingly.
Only display crypto diagnostic if compiled with debug support.
