- Renamed project and binary to mfcuk (instead of mfcuk_keyrecovery_…

…darkside)

 - Fixed fingerprint related bugs
 - Moved Template data to correct path relative to where mfcuk binary is built

AUTHORS

@@ -1 +1,7 @@
+= Author
 Andrei Costin <[email protected]>, http://andreicostin.com
+
+= Contributors
+
+Romuald Conty <[email protected]> - porting to libnfc 1.3.x, 1.4.x, 1.5.x
+Nethemba Core Team	<[email protected]> - core AC, AM, configure and packaging

README

@@ -1,6 +1,15 @@
 README
 ======
 
+Compiling:
+    automake
+    autoconf
+    ./configure
+    make
+
+Running (most basic):
+    ./mfcuk -C -R 0:A -v 2
+
 PACKAGE
 -------
 MiFare Classic Universal toolKit (MFCUK)

configure.ac

@@ -1,73 +1,32 @@
-AC_INIT([mfcuk], [0.3.2], [[email protected]])
+AC_INIT([mfcuk], [0.3.3], [[email protected]])
 
 AC_CONFIG_MACRO_DIR([m4])
 
 AC_PROG_CC
 
 AC_CONFIG_HEADERS([config.h])
 
+AC_CONFIG_SRCDIR([src/mfcuk.c])
+
 AM_INIT_AUTOMAKE
 
 m4_ifdef([AM_SILENT_RULES],[AM_SILENT_RULES([yes])])
 
-# Checks for libnfc.
-WITH_NFC=0
-## Search libnfc with command line option (default prefix: auto)
-LIBNFC_PREFIX="auto"
-AC_ARG_WITH(libnfc,[--with-libnfc=DIR     	location of the libnfc],
-	[if test "$withval" != no; then
-		if test "$withval" != yes; then
-			LIBNFC_PREFIX=$withval
-		fi
-	 fi])
-if test x"$LIBNFC_PREFIX" != "xauto"; then
-  LIBNFC_CFLAGS="-L$LIBNFC_PREFIX/lib/ -I$LIBNFC_PREFIX/include/"
-  LIBNFC_LIBS="-lnfc"
-fi
-
-# Search using pkg-config
-AC_PATH_PROG(PKG_CONFIG, pkg-config, [AC_MSG_WARN([pkg-config not found.])])
-if test x"$WITH_NFC" = "x0"; then
-  if test x"$PKG_CONFIG" != "x"; then
-    LIBNFC_REQUIRED_VERSION=1.5.1
-    PKG_CHECK_MODULES([LIBNFC], [libnfc >= $LIBNFC_REQUIRED_VERSION], [WITH_NFC=1], [WITH_NFC=0])
-  fi
-fi
-CFLAGS="$CFLAGS $LIBNFC_CFLAGS"
-AC_CHECK_HEADERS([nfc/nfc.h],[WITH_NFC=1], AC_MSG_ERROR([A version of libnfc greater than or equal to $LIBNFC_REQUIRED_VERSION is required]))
-
-if test x"$WITH_NFC" = "x0"; then
-  AC_MSG_ERROR([A version of libnfc greater than or equal to $LIBNFC_REQUIRED_VERSION is required.])
-fi
-
-# Checks for programs.
-AC_PROG_CC
-
-# Checks for libraries.
-AC_CHECK_LIB([nfc], [nfc_version])
+# Checks for pkg-config modules.
+LIBNFC_REQUIRED_VERSION=1.5.1
+PKG_CHECK_MODULES([LIBNFC], [libnfc >= $LIBNFC_REQUIRED_VERSION], [], [AC_MSG_ERROR([libnfc >= $LIBNFC_REQUIRED_VERSION is mandatory.])])
 
-# Checks for header files.
-AC_CHECK_HEADERS([byteswap.h])
-AC_CHECK_HEADERS([endian.h sys/endian.h CoreFoundation/CoreFoundation.h])
-AC_CHECK_HEADERS([stdint.h stdlib.h string.h sys/time.h unistd.h])
-
-AC_DEFINE(_XOPEN_SOURCE, 600, [Enable POSIX extensions if present])
+PKG_CONFIG_REQUIRES="libnfc"
+AC_SUBST([PKG_CONFIG_REQUIRES])
 
 # Checks for typedefs, structures, and compiler characteristics.
 AC_HEADER_STDBOOL
-AC_TYPE_SIZE_T
-AC_TYPE_UINT16_T
 AC_TYPE_UINT32_T
 AC_TYPE_UINT64_T
-AC_TYPE_UINT8_T
 
 # Checks for library functions.
 AC_FUNC_MALLOC
 AC_FUNC_REALLOC
-AC_CHECK_FUNCS([memset strchr])
-
-# Help us to write great code ;-)
-CFLAGS="$CFLAGS -Wall -pedantic -Wextra -std=c99"
 
 AC_CONFIG_FILES([Makefile
                  src/Makefile])

src/Makefile.am

@@ -1,26 +1,9 @@
-bin_PROGRAMS = mfcuk_keyrecovery_darkside
+AM_CFLAGS  = @LIBNFC_CFLAGS@
+AM_LDFLAGS = @LIBNFC_LIBS@
 
-noinst_HEADERS = \
-		 crapto1.h \
-		 mfcuk_finger.h \
-		 mfcuk_keyrecovery_darkside.h \
-		 mfcuk_mifare.h \
-		 mfcuk_utils.h \
-		 mifare.h \
-		 nfc-utils.h \
-		 xgetopt.h
+bin_PROGRAMS = mfcuk
 
-# set the include path found by configure
-mfcuk_keyrecovery_darkside_SOURCES = 	\
-					crapto1.c \
-					crypto1.c \
-					mfcuk_finger.c \
-					mfcuk_keyrecovery_darkside.c \
-					mfcuk_mifare.c \
-					mfcuk_utils.c \
-					mifare.c \
-					nfc-utils.c
+noinst_HEADERS = crapto1.h mifare.h nfc-utils.h mfcuk_mifare.h mfcuk_finger.h mfcuk_utils.h xgetopt.h mfcuk.h
+mfcuk_SOURCES = crapto1.c crypto1.c mifare.c nfc-utils.c mfcuk_mifare.c mfcuk_finger.c mfcuk_utils.c xgetopt.c mfcuk.c 
 
-mfcuk_keyrecovery_darkside_LDADD = -lnfc -lusb -lpcsclite
-
-# dist_man_MANS = mfcuk_keyrecovery_darkside.1
+# dist_man_MANS = mfcuk.1

src/crapto1.c

@@ -57,7 +57,7 @@ static void quicksort(uint32_t* const start, uint32_t* const stop)
 /** binsearch
  * Binary search for the first occurence of *stop's MSB in sorted [start,stop]
  */
-static /*inline*/ uint32_t*
+static inline uint32_t*
 binsearch(uint32_t *start, uint32_t *stop)
 {
 	uint32_t mid, val = *stop & 0xff000000;
@@ -73,7 +73,7 @@ binsearch(uint32_t *start, uint32_t *stop)
 /** update_contribution
  * helper, calculates the partial linear feedback contributions and puts in MSB
  */
-static /*inline*/ void
+static inline void
 update_contribution(uint32_t *item, const uint32_t mask1, const uint32_t mask2)
 {
 	uint32_t p = *item >> 25;
@@ -86,7 +86,7 @@ update_contribution(uint32_t *item, const uint32_t mask1, const uint32_t mask2)
 /** extend_table
  * using a bit of the keystream extend the table of possible lfsr states
  */
-static /*inline*/ void
+static inline void
 extend_table(uint32_t *tbl, uint32_t **end, int bit, int m1, int m2, uint32_t in)
 {
 	in <<= 24;
@@ -108,7 +108,7 @@ extend_table(uint32_t *tbl, uint32_t **end, int bit, int m1, int m2, uint32_t in
 /** extend_table_simple
  * using a bit of the keystream extend the table of possible lfsr states
  */
-static /*inline*/ void
+static inline void
 extend_table_simple(uint32_t *tbl, uint32_t **end, int bit)
 {
 	for(*tbl <<= 1; tbl <= *end; *++tbl <<= 1)

src/crapto1.h

@@ -15,7 +15,7 @@
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
     MA  02110-1301, US$
 
-    Copyright (C) 2008-2008 bla <[email protected]>
+    Copyright (C) 2008-2009 bla <[email protected]>
 */
 #ifndef CRAPTO1_INCLUDED
 #define CRAPTO1_INCLUDED
@@ -35,12 +35,8 @@ uint32_t prng_successor(uint32_t x, uint32_t n);
 
 struct Crypto1State* lfsr_recovery32(uint32_t ks2, uint32_t in);
 struct Crypto1State* lfsr_recovery64(uint32_t ks2, uint32_t ks3);
-uint32_t *lfsr_prefix_ks(uint8_t ks[8], int isodd);
-struct Crypto1State* lfsr_common_prefix(uint32_t pfx, uint32_t rr, uint8_t ks[8], uint8_t par[8][8]);
 
-uint8_t lfsr_rollback_bit(struct Crypto1State* s, uint32_t in, int fb);
-uint8_t lfsr_rollback_byte(struct Crypto1State* s, uint32_t in, int fb);
-uint32_t lfsr_rollback_word(struct Crypto1State* s, uint32_t in, int fb);
+void lfsr_rollback(struct Crypto1State* s, uint32_t in, int fb);
 int nonce_distance(uint32_t from, uint32_t to);
 #define FOREACH_VALID_NONCE(N, FILTER, FSIZE)\
 	uint32_t __n = 0,__M = 0, N = 0;\
@@ -57,25 +53,25 @@ int nonce_distance(uint32_t from, uint32_t to);
 #define LF_POLY_EVEN (0x870804)
 #define BIT(x, n) ((x) >> (n) & 1)
 #define BEBIT(x, n) BIT(x, (n) ^ 24)
-static /*inline*/ int parity(uint32_t x)
+static inline int parity(uint32_t x)
 {
 #if !defined __i386__ || !defined __GNUC__
 	x ^= x >> 16;
 	x ^= x >> 8;
 	x ^= x >> 4;
 	return BIT(0x6996, x & 0xf);
 #else
-        asm(    "movl %1, %%eax\n"
+	asm(    "movl %1, %%eax\n"
 		"mov %%ax, %%cx\n"
 		"shrl $0x10, %%eax\n"
 		"xor %%ax, %%cx\n"
-                "xor %%ch, %%cl\n"
-                "setpo %%al\n"
-                "movzx %%al, %0\n": "=r"(x) : "r"(x): "eax","ecx");
+		"xor %%ch, %%cl\n"
+		"setpo %%al\n"
+		"movzx %%al, %0\n": "=r"(x) : "r"(x): "eax","ecx");
 	return x;
 #endif
 }
-static /*inline*/ int filter(uint32_t const x)
+static inline int filter(uint32_t const x)
 {
 	uint32_t f;
 

src/mfcuk_keyrecovery_darkside.c → src/mfcuk.c

@@ -132,7 +132,31 @@
 #endif
 
 #if defined(HAVE_BYTESWAP_H)
-#  include <byteswap.h>
+
+#include <byteswap.h>
+
+#elif __GNUC__ * 100 + __GNUC_MINOR__ >= 430
+
+#warning "NO byteswap.h found! But since GCC >= 4.30, using __builtin_bswapXX() alternatives..."
+#define bswap_16 __builtin_bswap16
+#define bswap_32 __builtin_bswap32
+#define bswap_64 __builtin_bswap64
+
+#else
+
+#warning "NO byteswap.h found! Using untested alternatives..."
+
+static inline unsigned short bswap_16(unsigned short x) {
+  return (x>>8) | (x<<8);
+}
+
+static inline unsigned int bswap_32(unsigned int x) {
+  return (bswap_16(x&0xffff)<<16) | (bswap_16(x>>16));
+}
+
+static inline unsigned long long bswap_64(unsigned long long x) {
+  return (((unsigned long long)bswap_32(x&0xffffffffull))<<32) | (bswap_32(x>>32));
+}
 #endif
 
 #include <stdio.h>
@@ -171,7 +195,7 @@
 #include "mfcuk_mifare.h"
 #include "mfcuk_utils.h"
 #include "mfcuk_finger.h"
-#include "mfcuk_keyrecovery_darkside.h"
+#include "mfcuk.h"
 
 #define MAX_FRAME_LEN       264
 
@@ -1293,7 +1317,7 @@ int main(int argc, char* argv[])
                 }
                 break;
             case 'I':
-                // // Input extended dump file of type mifare_classic_tag_ext, Options i and I are autoexclusive
+                // Input extended dump file of type mifare_classic_tag_ext, Options i and I are autoexclusive
                 if (!bfOpts['i'] && !bfOpts['I'])
                 {
                     if ( !mfcuk_load_tag_dump_ext(optarg, &(dump_loaded_tag)) )
@@ -1308,7 +1332,7 @@ int main(int argc, char* argv[])
                 break;
             case 'o':
             case 'O':
-                // // Output simple/extended dump file, Options o and O are autoexclusive
+                // Output simple/extended dump file, Options o and O are autoexclusive
                 if (!bfOpts['o'] && !bfOpts['O'])
                 {
                     strncpy( strOutputFilename, optarg, sizeof(strOutputFilename) );

src/mfcuk_finger.c

@@ -42,7 +42,7 @@ mfcuk_finger_tmpl_entry mfcuk_finger_db[] =
 {
     { "./data/tmpls_fingerprints/mfcuk_tmpl_skgt.mfd", "Sofia SKGT", mfcuk_finger_default_comparator, mfcuk_finger_skgt_decoder, NULL },
     { "./data/tmpls_fingerprints/mfcuk_tmpl_ratb.mfd", "Bucharest RATB", mfcuk_finger_default_comparator, mfcuk_finger_default_decoder, NULL },
-    { "./data/tmpls_fingerprints/mfcuk_tmpl_oyster.mfd", "London OYSTER", mfcuk_finger_default_comparator, mfcuk_finger_default_decoder, NULL }
+    { "./data/tmpls_fingerprints/mfcuk_tmpl_oyster.mfd", "London OYSTER", mfcuk_finger_default_comparator, mfcuk_finger_default_decoder, NULL },
 };
 
 int mfcuk_finger_db_entries = sizeof(mfcuk_finger_db)/sizeof(mfcuk_finger_db[0]);
@@ -172,13 +172,13 @@ int mfcuk_finger_load()
             fclose(fp);
             continue;
         }
-        fclose(fp);
 
         if (mfcuk_finger_db[i].tmpl_data == NULL)
         {
             if ( (tmpl_new = (mfcuk_finger_template *) malloc(sizeof(mfcuk_finger_template))) == NULL)
             {
                 fprintf(stderr, "WARN: cannot allocate memory to template record %d\n", i);
+                fclose(fp);
                 continue;
             }
 
@@ -188,9 +188,14 @@ int mfcuk_finger_load()
             mfcuk_finger_db[i].tmpl_data = tmpl_new;
             template_loaded_count++;
         }
+
+        if (fp)
+        {
+            fclose(fp);
+            fp = NULL;
+        }
     }
 
-
     return template_loaded_count;
 }
 

src/mifare.c

@@ -100,12 +100,14 @@ nfc_initiator_mifare_cmd (nfc_device_t * pnd, const mifare_cmd mc, const uint8_t
     return false;
   }
   // Fire the mifare command
-  if (!nfc_initiator_transceive_bytes (pnd, abtCmd, 2 + szParamLen, abtRx, &szRx, NULL)) {
+  if (!nfc_initiator_transceive_bytes (pnd, abtCmd, 2 + szParamLen, abtRx, &szRx)) {
     if (pnd->iLastError == EINVRXFRAM) {
       // "Invalid received frame" AKA EINVRXFRAM,  usual means we are
       // authenticated on a sector but the requested MIFARE cmd (read, write)
       // is not permitted by current acces bytes;
       // So there is nothing to do here.
+    } else if (pnd->iLastError == EMFAUTH) {
+      // In MFOC, we have to hide authentication errors :)
     } else {
       nfc_perror (pnd, "nfc_initiator_transceive_bytes");
     }