ADD: @marshmellow42's decrypt crypto-1 method,

ADD:  @piwi's latest commit to PM3 Master, aiming at the WDR in "hf mf mifare".

client/cmdhfmf.c

@@ -59,7 +59,8 @@ start:
 				case -1 : PrintAndLog("Button pressed. Aborted.\n"); break;
 				case -2 : PrintAndLog("Card is not vulnerable to Darkside attack (doesn't send NACK on authentication requests).\n"); break;
 				case -3 : PrintAndLog("Card is not vulnerable to Darkside attack (its random number generator is not predictable).\n"); break;
-				case -4 : PrintAndLog("The card's random number generator is vulnerable but behaves somewhat weird (Mifare clone?). This needs to be fixed.\n"); break;
+				case -4 : PrintAndLog("Card is not vulnerable to Darkside attack (its random number generator seems to be based on the wellknown");
+							PrintAndLog("generating polynomial with 16 effective bits only, but shows unexpected behaviour.\n"); break;
 				default: ;
 			}
 			break;
@@ -1983,9 +1984,21 @@ int CmdHF14AMfSniff(const char *Cmd){
 //needs nt, ar, at, Data to decrypt
 int CmdDecryptTraceCmds(const char *Cmd){
 	uint8_t data[50];
+	
+	uint32_t nt 	= param_get32ex(Cmd,0,0,16);
+	uint32_t ar_enc = param_get32ex(Cmd,1,0,16);
+	uint32_t at_enc = param_get32ex(Cmd,2,0,16);
+
 	int len = 0;
-	param_gethex_ex(Cmd,3,data,&len);
-	return tryDecryptWord(param_get32ex(Cmd,0,0,16),param_get32ex(Cmd,1,0,16),param_get32ex(Cmd,2,0,16),data,len/2);
+	param_gethex_ex(Cmd, 3, data, &len);
+	
+	len /= 2;	
+	int limit = sizeof(data) / 2;
+	
+	if ( len >= limit )
+		len = limit;
+	
+	return tryDecryptWord( nt, ar_enc, at_enc, data, len);
 }
 
 static command_t CommandTable[] =

client/mifarehost.c

@@ -634,19 +634,25 @@ int mfTraceDecode(uint8_t *data_src, int len, bool wantSaveToEmlFile) {
 int tryDecryptWord(uint32_t nt, uint32_t ar_enc, uint32_t at_enc, uint8_t *data, int len){
 	/*
 	uint32_t nt;      // tag challenge
+	uint32_t nr_enc;  // encrypted reader challenge
 	uint32_t ar_enc;  // encrypted reader response
 	uint32_t at_enc;  // encrypted tag response
 	*/
-	if (traceCrypto1) {
-		crypto1_destroy(traceCrypto1);
-	}
+
+	struct Crypto1State *pcs = NULL;
+	
 	ks2 = ar_enc ^ prng_successor(nt, 64);
 	ks3 = at_enc ^ prng_successor(nt, 96);
-	traceCrypto1 = lfsr_recovery64(ks2, ks3);
-
-	mf_crypto1_decrypt(traceCrypto1, data, len, 0);
+	
+	PrintAndLog("Decrypting data with:");
+	PrintAndLog("      nt: %08x",nt);
+	PrintAndLog("  ar_enc: %08x",ar_enc);
+	PrintAndLog("  at_enc: %08x",at_enc);
+	PrintAndLog("\nEncrypted data: [%s]", sprint_hex(data,len) );
 
+	pcs = lfsr_recovery64(ks2, ks3);
+	mf_crypto1_decrypt(pcs, data, len, FALSE);
 	PrintAndLog("Decrypted data: [%s]", sprint_hex(data,len) );
-	crypto1_destroy(traceCrypto1);
+	crypto1_destroy(pcs);
 	return 0;
 }

client/scripts/mifare_autopwn.lua

@@ -113,7 +113,7 @@ function mfcrack_inner()
 			elseif isOK == 0xFFFFFFFD then
 				return nil, "Card is not vulnerable to Darkside attack (its random number generator is not predictable). You can try 'script run mfkeys' or 'hf mf chk' to test various known keys."
 			elseif isOK == 0xFFFFFFFC then
-				return nil, "The card's random number generator is vulnerable but behaves somewhat weird (Mifare clone?). You can try 'script run mfkeys' or 'hf mf chk' to test various known keys."
+				return nil, "The card's random number generator behaves somewhat weird (Mifare clone?). You can try 'script run mfkeys' or 'hf mf chk' to test various known keys."
 			elseif isOK ~= 1 then 
 				return nil, "Error occurred" 
 			end

client/util.c

@@ -20,7 +20,6 @@ int ukbhit(void)
   int error;
   static struct termios Otty, Ntty;
 
-
   tcgetattr( 0, &Otty);
   Ntty = Otty;
 
@@ -347,7 +346,7 @@ int param_gethex_ex(const char *line, int paramnum, uint8_t * data, int *hexcnt)
 		return 1;
 
 	for(i = 0; i < *hexcnt; i += 2) {
-		if (!(isxdigit(line[bg + i]) && isxdigit(line[bg + i + 1])) )	return 1;
+		if (!(isxdigit(line[bg + i]) && isxdigit(line[bg + i + 1])) ) return 1;
 		
 		sscanf((char[]){line[bg + i], line[bg + i + 1], 0}, "%X", &temp);
 		data[i / 2] = temp & 0xff;