From 3c55b8746b4f5a899642757608c914ae0ae0c4ec Mon Sep 17 00:00:00 2001
From: Unknown <gelotus@gmail.com>
Date: Fri, 26 Jun 2020 01:50:11 +0200
Subject: [PATCH] swap 0 block write and other blocks write

when writing to gen2 and possible on gen3, it writes first block 3 wich is the trailing sector before writing to block 0, so the last write to block 0 fails because authenticate to old keyset
---
 utils/nfc-mfclassic.c | 109 +++++++++++++++++++++---------------------
 1 file changed, 55 insertions(+), 54 deletions(-)

diff --git a/utils/nfc-mfclassic.c b/utils/nfc-mfclassic.c
index b3e1b1f..f39dbe2 100644
--- a/utils/nfc-mfclassic.c
+++ b/utils/nfc-mfclassic.c
@@ -436,6 +436,61 @@ write_card(int write_block_zero)
   }
 
   printf("Writing %d blocks |", uiBlocks + write_block_zero);
+  //Write Block 0 if requested to do so
+  if (write_block_zero) {
+    uiBlock = 0;
+    is_first_block(0);
+    if (bFailure) {
+      // When a failure occured we need to redo the anti-collision
+      if (nfc_initiator_select_passive_target(pnd, nmMifare, NULL, 0, &nt) <= 0) {
+        printf("!\nError: tag was removed\n");
+        return false;
+      }
+      bFailure = false;
+    }
+
+    fflush(stdout);
+    // Try to authenticate for the current sector
+    // If we are are writing to a chinese magic card, we've already unlocked
+    // If we're writing to a One Time Write, we need to authenticate
+    // If we're writing something else, we'll need to authenticate
+    if ((write_block_zero && (magic2 || magic3)) || !write_block_zero) {
+      if (!authenticate(0) && !bTolerateFailures) {
+        printf("!\nError: authentication failed for block 00\n");
+        return false;
+      }
+    }
+
+    // Make sure a earlier write did not fail
+    if (!bFailure) {
+      // Try to write the data block
+      if (bFormatCard && uiBlock)
+        memset(mp.mpd.abtData, 0x00, sizeof(mp.mpd.abtData));
+      else
+        memcpy(mp.mpd.abtData, mtDump.amb[uiBlock].mbd.abtData, sizeof(mp.mpd.abtData));
+      // do not write a block 0 with incorrect BCC - card will be made invalid!
+      if ((mp.mpd.abtData[0] ^ mp.mpd.abtData[1] ^ mp.mpd.abtData[2] ^ mp.mpd.abtData[3] ^ mp.mpd.abtData[4]) != 0x00 && !magic2) {
+        printf("!\nError: incorrect BCC in MFD file!\n");
+        printf("Expecting BCC=%02X\n", mp.mpd.abtData[0] ^ mp.mpd.abtData[1] ^ mp.mpd.abtData[2] ^ mp.mpd.abtData[3]);
+        return false;
+      }
+      if (!nfc_initiator_mifare_cmd(pnd, MC_WRITE, uiBlock, &mp)) {
+        bFailure = true;
+        printf("Failure to write to data block 0\n");
+      }
+
+    }
+    else {
+      printf("Failure during write process.\n");
+    }
+
+    // Show if the write went well for block 0
+    print_success_or_failure(bFailure, &uiWriteBlocks);
+    if ((!bTolerateFailures) && bFailure)
+      return false;
+
+  }
+
   // Completely write the card, but skipping block 0
   for (uiBlock = 1; uiBlock <= uiBlocks; uiBlock++) {
     // Authenticate everytime we reach the first sector of a new block
@@ -506,60 +561,6 @@ write_card(int write_block_zero)
       return false;
   }
 
-  //Write Block 0 if requested to do so
-  if (write_block_zero) {
-    uiBlock = 0;
-    is_first_block(0);
-    if (bFailure) {
-        // When a failure occured we need to redo the anti-collision
-        if (nfc_initiator_select_passive_target(pnd, nmMifare, NULL, 0, &nt) <= 0) {
-            printf("!\nError: tag was removed\n");
-            return false;
-        }
-        bFailure = false;
-    }
-
-        fflush(stdout);
-        // Try to authenticate for the current sector
-        // If we are are writing to a chinese magic card, we've already unlocked
-        // If we're writing to a One Time Write, we need to authenticate
-        // If we're writing something else, we'll need to authenticate
-        if ((write_block_zero && (magic2 || magic3)) || !write_block_zero) {
-          if (!authenticate(0) && !bTolerateFailures) {
-            printf("!\nError: authentication failed for block 00\n");
-            return false;
-          }
-        }
-
-      // Make sure a earlier write did not fail
-      if (!bFailure) {
-        // Try to write the data block
-        if (bFormatCard && uiBlock)
-          memset(mp.mpd.abtData, 0x00, sizeof(mp.mpd.abtData));
-        else
-          memcpy(mp.mpd.abtData, mtDump.amb[uiBlock].mbd.abtData, sizeof(mp.mpd.abtData));
-        // do not write a block 0 with incorrect BCC - card will be made invalid!
-          if ((mp.mpd.abtData[0] ^ mp.mpd.abtData[1] ^ mp.mpd.abtData[2] ^ mp.mpd.abtData[3] ^ mp.mpd.abtData[4]) != 0x00 && !magic2) {
-            printf("!\nError: incorrect BCC in MFD file!\n");
-            printf("Expecting BCC=%02X\n", mp.mpd.abtData[0] ^ mp.mpd.abtData[1] ^ mp.mpd.abtData[2] ^ mp.mpd.abtData[3]);
-            return false;
-          }
-        if (!nfc_initiator_mifare_cmd(pnd, MC_WRITE, uiBlock, &mp)) {
-          bFailure = true;
-          printf("Failure to write to data block 0\n");
-        }
-
-      } else {
-        printf("Failure during write process.\n");
-      }
-
-      // Show if the write went well for block 0
-      print_success_or_failure(bFailure, &uiWriteBlocks);
-      if ((! bTolerateFailures) && bFailure)
-        return false;
-
-    }
-
   printf("|\n");
   printf("Done, %d of %d blocks written.\n", uiWriteBlocks, uiBlocks + 1);
   fflush(stdout);