Topic: Authentication with Mifare Classic using libnfc
Hi,
Has anyone here tried using API functions nfc_initiator_transceive_bits() or nfc_initiator_transceive_bytes() functions (not nfc_initiator_mifare_cmd) to program an authentication for a Mifare Classic tag using a known key and crapto1?
I have tried extending builtin anticol by sending {Nr} and {Ar} with parity bits, but the tag does not respond with {At}.. Here is my code snippet (pardon me as I am not proficient in C):
//I have made Crypto1State a static struct, so let's assume crypto1_create() instantiates it
crypto1_create(key);
nt = abtNT[0]<<24|abtNT[1]<<16|abtNT[2]<<8|abtNT[3];
uid = abtUid[0]<<24|abtUid[1]<<16|abtUid[2]<<8|abtUid[3];
ks0 = crypto1_word(uid^nt, 0);
ks1 = crypto1_word(nr_enc,1); //nr_enc is encrypted Nr
ks2 = crypto1_word(0,0);
ks3 = crypto1_word(0,0);
ar = prng_successor(nt,64);
nr = ks1^nr_enc;
//I am reusing the parity() function from crapto1
abtRNandRPar[0] = parity((nr >> 24)&0xff)^1;
abtRNandRPar[1] = parity((nr >> 16)&0xff)^1;
abtRNandRPar[2] = parity((nr >> 8)&0xff)^1;
abtRNandRPar[3] = parity(nr&0xff)^1;
abtRNandRPar[4] = parity((ar >> 24)&0xff)^1;
abtRNandRPar[5] = parity((ar >> 16)&0xff)^1;
abtRNandRPar[6] = parity((ar >> 8)&0xff)^1;
abtRNandRPar[7] = parity(ar&0xff)^1;
ar_enc = ar^ks2;
//abtRNandR[0] to [3] already contains my nr_enc, so only update [4] to [7]
abtRNandR[4]=ar_enc>>24&0xff;
abtRNandR[5]=ar_enc>>16&0xff;
abtRNandR[6]=ar_enc>>8&0xff;
abtRNandR[7]=ar_enc&0xff;
// Calculate parity bits and store in byte array abtRNandRPar
abtRNandRPar[0] ^= BIT(ks1,23);
abtRNandRPar[1] ^= BIT(ks1,15);
abtRNandRPar[2] ^= BIT(ks1,7);
abtRNandRPar[3] ^= BIT(ks2,31);
abtRNandRPar[4] ^= BIT(ks2,23);
abtRNandRPar[5] ^= BIT(ks2,15);
abtRNandRPar[6] ^= BIT(ks2,7);
abtRNandRPar[7] ^= BIT(ks3,31);
//turn off handling parity bits
nfc_configure(pdi,DCO_HANDLE_PARITY,false);
if (!nfc_reader_transceive_bits(pdi,abtRNandR,64,abtRNandRPar,abtRx,&uiRxBits,abtRxPar)) {
printf("No response from Tag for {At} message\n");
return 1;
}
I suspect my parity bits are calculated wrongly, but I have verified them manually by hand, unless my understanding is wrong in the first place. Is there someone here kind enough to help me on this? Thank you!