diff --git a/tools/hitag2crack/crack2/HardwareProfile.h b/tools/hitag2crack/common/HardwareProfile.h similarity index 100% rename from tools/hitag2crack/crack2/HardwareProfile.h rename to tools/hitag2crack/common/HardwareProfile.h diff --git a/tools/hitag2crack/crack2/hitagcrypto.c b/tools/hitag2crack/common/hitagcrypto.c similarity index 100% rename from tools/hitag2crack/crack2/hitagcrypto.c rename to tools/hitag2crack/common/hitagcrypto.c diff --git a/tools/hitag2crack/crack2/hitagcrypto.h b/tools/hitag2crack/common/hitagcrypto.h similarity index 100% rename from tools/hitag2crack/crack2/hitagcrypto.h rename to tools/hitag2crack/common/hitagcrypto.h diff --git a/tools/hitag2crack/crack2/ht2crack2utils.c b/tools/hitag2crack/common/ht2crackutils.c similarity index 99% rename from tools/hitag2crack/crack2/ht2crack2utils.c rename to tools/hitag2crack/common/ht2crackutils.c index 75d4c27a9..69061759c 100644 --- a/tools/hitag2crack/crack2/ht2crack2utils.c +++ b/tools/hitag2crack/common/ht2crackutils.c @@ -1,4 +1,4 @@ -#include "ht2crack2utils.h" +#include "ht2crackutils.h" // writes a value into a buffer as a series of bytes void writebuf(unsigned char *buf, uint64_t val, unsigned int len) { diff --git a/tools/hitag2crack/crack2/ht2crack2utils.h b/tools/hitag2crack/common/ht2crackutils.h similarity index 100% rename from tools/hitag2crack/crack2/ht2crack2utils.h rename to tools/hitag2crack/common/ht2crackutils.h diff --git a/tools/hitag2crack/crack2/rfidler.h b/tools/hitag2crack/common/rfidler.h similarity index 100% rename from tools/hitag2crack/crack2/rfidler.h rename to tools/hitag2crack/common/rfidler.h diff --git a/tools/hitag2crack/crack3/util.h b/tools/hitag2crack/common/util.h similarity index 100% rename from tools/hitag2crack/crack3/util.h rename to tools/hitag2crack/common/util.h diff --git a/tools/hitag2crack/crack2/utilpart.c b/tools/hitag2crack/common/utilpart.c similarity index 100% rename from tools/hitag2crack/crack2/utilpart.c rename to tools/hitag2crack/common/utilpart.c diff --git a/tools/hitag2crack/crack2/Makefile b/tools/hitag2crack/crack2/Makefile index cacb6abd1..63ba045b4 100644 --- a/tools/hitag2crack/crack2/Makefile +++ b/tools/hitag2crack/crack2/Makefile @@ -3,20 +3,22 @@ CFLAGS?=-Wall LIBS=-pthread -D_GNU_SOURCE # Mac libs # LIBS= +VPATH=../common +INC=-I ../common -all: ht2crack2buildtable.c ht2crack2search.c ht2crack2gentest.c hitagcrypto.o utilpart.o ht2crack2utils.o - $(CC) $(CFLAGS) -o ht2crack2buildtable ht2crack2buildtable.c hitagcrypto.o ht2crack2utils.o $(LIBS) - $(CC) $(CFLAGS) -o ht2crack2search ht2crack2search.c hitagcrypto.o utilpart.o ht2crack2utils.o $(LIBS) - $(CC) $(CFLAGS) -o ht2crack2gentest ht2crack2gentest.c hitagcrypto.o utilpart.o ht2crack2utils.o $(LIBS) +all: ht2crack2buildtable.c ht2crack2search.c ht2crack2gentest.c hitagcrypto.o utilpart.o ht2crackutils.o + $(CC) $(CFLAGS) $(INC) -o ht2crack2buildtable ht2crack2buildtable.c hitagcrypto.o ht2crackutils.o $(LIBS) + $(CC) $(CFLAGS) $(INC) -o ht2crack2search ht2crack2search.c hitagcrypto.o utilpart.o ht2crackutils.o $(LIBS) + $(CC) $(CFLAGS) $(INC) -o ht2crack2gentest ht2crack2gentest.c hitagcrypto.o utilpart.o ht2crackutils.o $(LIBS) -ht2crack2utils.o: ht2crack2utils.c ht2crack2utils.h - $(CC) $(CFLAGS) -c ht2crack2utils.c +ht2crackutils.o: ht2crackutils.c ht2crackutils.h + $(CC) $(CFLAGS) -c $< hitagcrypto.o: hitagcrypto.c hitagcrypto.h - $(CC) $(CFLAGS) -c hitagcrypto.c + $(CC) $(CFLAGS) -c $< utilpart.o: utilpart.c util.h - $(CC) $(CFLAGS) -c utilpart.c + $(CC) $(CFLAGS) -c $< clean: rm -rf *.o ht2crack2buildtable ht2crack2search ht2crack2gentest diff --git a/tools/hitag2crack/crack2/ht2crack2buildtable.c b/tools/hitag2crack/crack2/ht2crack2buildtable.c index 0aca200ef..8bf67a8ac 100644 --- a/tools/hitag2crack/crack2/ht2crack2buildtable.c +++ b/tools/hitag2crack/crack2/ht2crack2buildtable.c @@ -3,7 +3,7 @@ * This builds the 1.2TB table and sorts it. */ -#include "ht2crack2utils.h" +#include "ht2crackutils.h" // DATAMAX is the size of each bucket (bytes). There are 65536 buckets so choose a value such that diff --git a/tools/hitag2crack/crack2/ht2crack2gentest.c b/tools/hitag2crack/crack2/ht2crack2gentest.c index 7034d10d3..0393d7f23 100644 --- a/tools/hitag2crack/crack2/ht2crack2gentest.c +++ b/tools/hitag2crack/crack2/ht2crack2gentest.c @@ -3,7 +3,7 @@ * this uses the RFIDler hitag2 PRNG code to generate test cases to test the tables */ -#include "ht2crack2utils.h" +#include "ht2crackutils.h" int makerandom(char *hex, unsigned int len, int fd) { diff --git a/tools/hitag2crack/crack2/ht2crack2search.c b/tools/hitag2crack/crack2/ht2crack2search.c index 8d93066b3..7570df652 100644 --- a/tools/hitag2crack/crack2/ht2crack2search.c +++ b/tools/hitag2crack/crack2/ht2crack2search.c @@ -4,7 +4,7 @@ * PRNG state, checks it is correct, and then rolls back the PRNG to recover the key */ -#include "ht2crack2utils.h" +#include "ht2crackutils.h" #define INPUTFILE "sorted/%02x/%02x.bin" diff --git a/tools/hitag2crack/crack2/util.h b/tools/hitag2crack/crack2/util.h deleted file mode 100644 index c20fdf3c2..000000000 --- a/tools/hitag2crack/crack2/util.h +++ /dev/null @@ -1,206 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2015 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: Adam Laurie - -#define CRC16_MASK_CCITT 0x1021 // CRC-CCITT mask (ISO 3309, used in X25, HDLC) -#define CRC16_MASK_ISO_11785 0x8408 // ISO 11785 animal tags -#define CRC16_MASK_CRC16 0xA001 // standard CRC16 mask (used in ARC files) - -/* - * Hitag Crypto support macros - * These macros reverse the bit order in a byte, or *within* each byte of a - * 16 , 32 or 64 bit unsigned integer. (Not across the whole 16 etc bits.) - */ -#define rev8(X) ((((X) >> 7) &1) + (((X) >> 5) &2) + (((X) >> 3) &4) \ - + (((X) >> 1) &8) + (((X) << 1) &16) + (((X) << 3) &32) \ - + (((X) << 5) &64) + (((X) << 7) &128) ) -#define rev16(X) (rev8 (X) + (rev8 (X >> 8) << 8)) -#define rev32(X) (rev16(X) + (rev16(X >> 16) << 16)) -#define rev64(X) (rev32(X) + (rev32(X >> 32) << 32)) - - -BYTE approx(unsigned long number, unsigned long target, unsigned char percentage); -unsigned int bcdtouint(BYTE *bcd, BYTE length); -unsigned long long bcdtoulonglong(BYTE *bcd, BYTE length); -void inttobinarray(BYTE *target, unsigned int source, unsigned int bits); -void ulongtobinarray(BYTE *target, unsigned long source, unsigned int bits); -void ulonglongtobinarray(BYTE *target, unsigned long long source, unsigned int bits); -void inttobinstring(BYTE *target, unsigned int source, unsigned int bits); -void ulongtobinstring(BYTE *target, unsigned long source, unsigned int bits); -BOOL ulongtohex(BYTE *target, unsigned long source); -unsigned int binarraytoint(BYTE *bin, BYTE length); -unsigned long long binarraytolonglong(BYTE *bin, BYTE length); -unsigned long binarraytoulong(BYTE *bin, BYTE length); -BYTE hextobyte(BYTE *hex); -void printhexreadable(BYTE *hex, BYTE maxlength); -unsigned long hextoulong(BYTE *hex); -unsigned long hexreversetoulong(BYTE *hex); -unsigned long long hextoulonglong(BYTE *hex); -unsigned long long hexreversetoulonglong(BYTE *hex); -char hextolonglong(unsigned long long *out, unsigned char *hex); -unsigned int hextobinarray(unsigned char *target, unsigned char *source); -unsigned int hextobinstring(unsigned char *target, unsigned char *source); -unsigned int binarraytohex(unsigned char *target, unsigned char *source, unsigned int length); -void hexprintbinarray(BYTE *bin, unsigned int length); -unsigned int binstringtohex(unsigned char *target, unsigned char *source); -unsigned int binstringtobinarray(BYTE *target, BYTE *source); -void binstringtobyte(BYTE *target, unsigned char *source, BYTE length); -void binarraytobinstring(BYTE *target, BYTE *source, unsigned int length); -void printhexasbin(unsigned char *hex); -void printbinashex(unsigned char *bin); -void invertbinarray(BYTE *target, BYTE *source, unsigned int length); -void invertbinstring(BYTE *target, BYTE *source); -void printbinarray(unsigned char *bin, unsigned int length); -unsigned char getbit(unsigned char byte, unsigned char bit); -void bytestohex(unsigned char *target, unsigned char *source, unsigned int length); -unsigned int manchester_encode(unsigned char *target, unsigned char *source, unsigned int length); -unsigned int manchester_decode(unsigned char *target, unsigned char *source, unsigned int length); -char *strip_newline(char *buff); -BOOL command_ack(BOOL data); -BOOL command_nack(BYTE *reason); -BOOL command_unknown(void); -void ToUpper(char *string); -void string_reverse(unsigned char *string, unsigned int length); -BOOL string_byteswap(unsigned char *string, unsigned int length); -BYTE parity(unsigned char *string, BYTE type, unsigned int length); -unsigned long get_reader_pulse(unsigned int timeout_us); -unsigned long get_reader_gap(unsigned int timeout_us); -unsigned int crc_ccitt(BYTE *data, unsigned int length); -unsigned int crc16(unsigned int crc, BYTE *data, unsigned int length, unsigned int mask); -void space_indent(BYTE count); -void xml_version(void); -void xml_header(BYTE *item, BYTE *indent); -void xml_footer(BYTE *item, BYTE *indent, BOOL newline); -void xml_indented_text(BYTE *data, BYTE indent); -void xml_item_text(BYTE *item, BYTE *data, BYTE *indent); -void xml_item_decimal(BYTE *item, BYTE num, BYTE *indent); -void xml_indented_array(BYTE *data, BYTE mask, unsigned int length, BYTE indent); -void xml_item_array(BYTE *item, BYTE *data, BYTE mask, unsigned int length, BYTE *indent); - diff --git a/tools/hitag2crack/crack3/HardwareProfile.h b/tools/hitag2crack/crack3/HardwareProfile.h deleted file mode 100644 index bce139042..000000000 --- a/tools/hitag2crack/crack3/HardwareProfile.h +++ /dev/null @@ -1,524 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2014 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: Adam Laurie - - - -#ifndef HARDWARE_PROFILE_UBW32_H -#define HARDWARE_PROFILE_UBW32_H - -//#include "plib.h" -typedef char BOOL; -typedef char BYTE; -typedef int rtccTime; -typedef int rtccDate; - - -#ifndef __PIC32MX__ -#define __PIC32MX__ -#endif - -#define GetSystemClock() (80000000ul) -#define GetPeripheralClock() (GetSystemClock()) -#define GetInstructionClock() (GetSystemClock()) - -//#define USE_SELF_POWER_SENSE_IO -#define tris_self_power TRISAbits.TRISA2 // Input -#define self_power 1 - -//#define USE_USB_BUS_SENSE_IO -#define tris_usb_bus_sense TRISBbits.TRISB5 // Input -#define USB_BUS_SENSE 1 - -// LEDs -#define mLED_1 LATEbits.LATE3 - -#define mLED_2 LATEbits.LATE2 -#define mLED_Comms mLED_2 - -#define mLED_3 LATEbits.LATE1 -#define mLED_Clock mLED_3 - -#define mLED_4 LATEbits.LATE0 -#define mLED_Emulate mLED_4 - -#define mLED_5 LATGbits.LATG6 -#define mLED_Read mLED_5 - -#define mLED_6 LATAbits.LATA15 -#define mLED_User mLED_6 - -#define mLED_7 LATDbits.LATD11 -#define mLED_Error mLED_7 - -// active low -#define mLED_ON 0 -#define mLED_OFF 1 - -#define mGetLED_1() mLED_1 -#define mGetLED_USB() mLED_1 -#define mGetLED_2() mLED_2 -#define mGetLED_Comms() mLED_2 -#define mGetLED_3() mLED_3 -#define mGetLED_Clock() mLED_3 -#define mGetLED_4() mLED_4 -#define mGetLED_Emulate() mLED_4 -#define mGetLED_5() mLED_5 -#define mGetLED_Read() mLED_5 -#define mGetLED_6() mLED_6 -#define mGetLED_User() mLED_6 -#define mGetLED_7() mLED_7 -#define mGetLED_Error() mLED_7 - -#define mLED_1_On() mLED_1 = mLED_ON -#define mLED_USB_On() mLED_1_On() -#define mLED_2_On() mLED_2 = mLED_ON -#define mLED_Comms_On() mLED_2_On() -#define mLED_3_On() mLED_3 = mLED_ON -#define mLED_Clock_On() mLED_3_On() -#define mLED_4_On() mLED_4 = mLED_ON -#define mLED_Emulate_On() mLED_4_On() -#define mLED_5_On() mLED_5 = mLED_ON -#define mLED_Read_On() mLED_5_On() -#define mLED_6_On() mLED_6 = mLED_ON -#define mLED_User_On() mLED_6_On() -#define mLED_7_On() mLED_7 = mLED_ON -#define mLED_Error_On() mLED_7_On() - -#define mLED_1_Off() mLED_1 = mLED_OFF -#define mLED_USB_Off() mLED_1_Off() -#define mLED_2_Off() mLED_2 = mLED_OFF -#define mLED_Comms_Off() mLED_2_Off() -#define mLED_3_Off() mLED_3 = mLED_OFF -#define mLED_Clock_Off() mLED_3_Off() -#define mLED_4_Off() mLED_4 = mLED_OFF -#define mLED_Emulate_Off() mLED_4_Off() -#define mLED_5_Off() mLED_5 = mLED_OFF -#define mLED_Read_Off() mLED_5_Off() -#define mLED_6_Off() mLED_6 = mLED_OFF -#define mLED_User_Off() mLED_6_Off() -#define mLED_7_Off() mLED_7 = mLED_OFF -#define mLED_Error_Off() mLED_7_Off() - -#define mLED_1_Toggle() mLED_1 = !mLED_1 -#define mLED_USB_Toggle() mLED_1_Toggle() -#define mLED_2_Toggle() mLED_2 = !mLED_2 -#define mLED_Comms_Toggle() mLED_2_Toggle() -#define mLED_3_Toggle() mLED_3 = !mLED_3 -#define mLED_Clock_Toggle() mLED_3_Toggle() -#define mLED_4_Toggle() mLED_4 = !mLED_4 -#define mLED_Emulate_Toggle() mLED_4_Toggle() -#define mLED_5_Toggle() mLED_5 = !mLED_5 -#define mLED_Read_Toggle( ) mLED_5_Toggle() -#define mLED_6_Toggle() mLED_6 = !mLED_6 -#define mLED_User_Toggle() mLED_6_Toggle() -#define mLED_7_Toggle() mLED_7 = !mLED_7 -#define mLED_Error_Toggle() mLED_7_Toggle() - -#define mLED_All_On() { mLED_1_On(); mLED_2_On(); mLED_3_On(); mLED_4_On(); mLED_5_On(); mLED_6_On(); mLED_7_On(); } -#define mLED_All_Off() { mLED_1_Off(); mLED_2_Off(); mLED_3_Off(); mLED_4_Off(); mLED_5_Off(); mLED_6_Off(); mLED_7_Off(); } - -// usb status lights -#define mLED_Both_Off() {mLED_USB_Off();mLED_Comms_Off();} -#define mLED_Both_On() {mLED_USB_On();mLED_Comms_On();} -#define mLED_Only_USB_On() {mLED_USB_On();mLED_Comms_Off();} -#define mLED_Only_Comms_On() {mLED_USB_Off();mLED_Comms_On();} - -/** SWITCH *********************************************************/ -#define swBootloader PORTEbits.RE7 -#define swUser PORTEbits.RE6 - -/** I/O pin definitions ********************************************/ -#define INPUT_PIN 1 -#define OUTPUT_PIN 0 - -#define TRUE 1 -#define FALSE 0 - -#define ENABLE 1 -#define DISABE 0 - -#define EVEN 0 -#define ODD 1 - -#define LOW FALSE -#define HIGH TRUE - -#define CLOCK_ON LOW -#define CLOCK_OFF HIGH - -// output coil control - select between reader/emulator circuits -#define COIL_MODE LATBbits.LATB4 -#define COIL_MODE_READER() COIL_MODE= LOW -#define COIL_MODE_EMULATOR() COIL_MODE= HIGH - -// coil for emulation -#define COIL_OUT LATGbits.LATG9 -#define COIL_OUT_HIGH() COIL_OUT=HIGH -#define COIL_OUT_LOW() COIL_OUT=LOW - -// door relay (active low) -#define DOOR_RELAY LATAbits.LATA14 -#define DOOR_RELAY_OPEN() DOOR_RELAY= HIGH -#define DOOR_RELAY_CLOSE() DOOR_RELAY= LOW - -// inductance/capacitance freq -#define IC_FREQUENCY PORTAbits.RA2 - -#define SNIFFER_COIL PORTDbits.RD12 // external reader clock detect -#define READER_ANALOGUE PORTBbits.RB11 // reader coil analogue -#define DIV_LOW_ANALOGUE PORTBbits.RB12 // voltage divider LOW analogue -#define DIV_HIGH_ANALOGUE PORTBbits.RB13 // voltage divider HIGH analogue - -// clock coil (normally controlled by OC Module, but defined here so we can force it high or low) -#define CLOCK_COIL PORTDbits.RD4 -#define CLOCK_COIL_MOVED PORTDbits.RD0 // temporary for greenwire - -// digital output after analogue reader circuit -#define READER_DATA PORTDbits.RD8 - -// trace / debug -#define DEBUG_PIN_1 LATCbits.LATC1 -#define DEBUG_PIN_1_TOGGLE() DEBUG_PIN_1= !DEBUG_PIN_1 -#define DEBUG_PIN_2 LATCbits.LATC2 -#define DEBUG_PIN_2_TOGGLE() DEBUG_PIN_2= !DEBUG_PIN_2 -#define DEBUG_PIN_3 LATCbits.LATC3 -#define DEBUG_PIN_3_TOGGLE() DEBUG_PIN_3= !DEBUG_PIN_3 -#define DEBUG_PIN_4 LATEbits.LATE5 -#define DEBUG_PIN_4_TOGGLE() DEBUG_PIN_4= !DEBUG_PIN_4 - -// spi (sdi1) for sd card (not directly referenced) -//#define SD_CARD_RX LATCbits.LATC4 -//#define SD_CARD_TX LATDbits.LATD0 -//#define SD_CARD_CLK LATDbits.LATD10 -//#define SD_CARD_SS LATDbits.LATD9 -// spi for SD card -#define SD_CARD_DET LATFbits.LATF0 -#define SD_CARD_WE LATFbits.LATF1 // write enable - unused for microsd but allocated anyway as library checks it -// (held LOW by default - cut solder bridge to GND to free pin if required) -#define SPI_SD SPI_CHANNEL1 -#define SPI_SD_BUFF SPI1BUF -#define SPI_SD_STAT SPI1STATbits -// see section below for more defines! - -// iso 7816 smartcard -// microchip SC module defines pins so we don't need to, but -// they are listed here to help avoid conflicts -#define ISO_7816_RX LATBbits.LATF2 // RX -#define ISO_7816_TX LATBbits.LATF8 // TX -#define ISO_7816_VCC LATBbits.LATB9 // Power -#define ISO_7816_CLK LATCbits.LATD1 // Clock -#define ISO_7816_RST LATEbits.LATE8 // Reset - -// user LED -#define USER_LED LATDbits.LATD7 -#define USER_LED_ON() LATDbits.LATD7=1 -#define USER_LED_OFF() LATDbits.LATD7=0 - -// LCR -#define LCR_CALIBRATE LATBbits.LATB5 - -// wiegand / clock & data -#define WIEGAND_IN_0 PORTDbits.RD5 -#define WIEGAND_IN_0_PULLUP CNPUEbits.CNPUE14 -#define WIEGAND_IN_0_PULLDOWN CNPDbits.CNPD14 -#define WIEGAND_IN_1 PORTDbits.RD6 -#define WIEGAND_IN_1_PULLUP CNPUEbits.CNPUE15 -#define WIEGAND_IN_1_PULLDOWN CNPDbits.CNPD15 -#define CAND_IN_DATA WIEGAND_IN_0 -#define CAND_IN_CLOCK WIEGAND_IN_1 - -#define WIEGAND_OUT_0 LATDbits.LATD3 -#define WIEGAND_OUT_1 LATDbits.LATD2 -#define WIEGAND_OUT_0_TRIS TRISDbits.TRISD3 -#define WIEGAND_OUT_1_TRIS TRISDbits.TRISD2 -#define CAND_OUT_DATA WIEGAND_OUT_0 -#define CAND_OUT_CLOCK WIEGAND_OUT_1 - -// connect/disconnect reader clock from coil - used to send RWD signals by creating gaps in carrier -#define READER_CLOCK_ENABLE LATEbits.LATE9 -#define READER_CLOCK_ENABLE_ON() READER_CLOCK_ENABLE=CLOCK_ON -#define READER_CLOCK_ENABLE_OFF(x) {READER_CLOCK_ENABLE=CLOCK_OFF; COIL_OUT=x;} - -// these input pins must NEVER bet set to output or they will cause short circuits! -// they can be used to see data from reader before it goes into or gate -#define OR_IN_A PORTAbits.RA4 -#define OR_IN_B PORTAbits.RA5 - - -// CNCON and CNEN are set to allow wiegand input pin weak pullups to be switched on -#define Init_GPIO() { \ - CNCONbits.ON= TRUE; \ - CNENbits.CNEN14= TRUE; \ - CNENbits.CNEN15= TRUE; \ - TRISAbits.TRISA2= INPUT_PIN; \ - TRISAbits.TRISA4= INPUT_PIN; \ - TRISAbits.TRISA5= INPUT_PIN; \ - TRISAbits.TRISA14= OUTPUT_PIN; \ - TRISAbits.TRISA15= OUTPUT_PIN; \ - TRISBbits.TRISB4= OUTPUT_PIN; \ - TRISBbits.TRISB5= OUTPUT_PIN; \ - TRISBbits.TRISB9= OUTPUT_PIN; \ - TRISBbits.TRISB11= INPUT_PIN; \ - TRISBbits.TRISB12= INPUT_PIN; \ - TRISBbits.TRISB13= INPUT_PIN; \ - TRISCbits.TRISC1= OUTPUT_PIN; \ - TRISCbits.TRISC2= OUTPUT_PIN; \ - TRISCbits.TRISC3= OUTPUT_PIN; \ - TRISCbits.TRISC4= INPUT_PIN; \ - TRISDbits.TRISD0= INPUT_PIN; \ - TRISDbits.TRISD1= OUTPUT_PIN; \ - TRISDbits.TRISD2= OUTPUT_PIN; \ - TRISDbits.TRISD3= OUTPUT_PIN; \ - TRISDbits.TRISD4= OUTPUT_PIN; \ - TRISDbits.TRISD5= INPUT_PIN; \ - TRISDbits.TRISD6= INPUT_PIN; \ - TRISDbits.TRISD7= OUTPUT_PIN; \ - TRISDbits.TRISD8= INPUT_PIN; \ - TRISDbits.TRISD11= OUTPUT_PIN; \ - TRISDbits.TRISD12= INPUT_PIN; \ - TRISEbits.TRISE0= OUTPUT_PIN; \ - TRISEbits.TRISE1= OUTPUT_PIN; \ - TRISEbits.TRISE2= OUTPUT_PIN; \ - TRISEbits.TRISE3= OUTPUT_PIN; \ - TRISEbits.TRISE5= OUTPUT_PIN; \ - TRISEbits.TRISE6= INPUT_PIN; \ - TRISEbits.TRISE7= INPUT_PIN; \ - TRISEbits.TRISE8= OUTPUT_PIN; \ - TRISEbits.TRISE9= OUTPUT_PIN; \ - TRISFbits.TRISF0= INPUT_PIN; \ - TRISFbits.TRISF1= INPUT_PIN; \ - TRISFbits.TRISF2= INPUT_PIN; \ - TRISFbits.TRISF8= OUTPUT_PIN; \ - TRISGbits.TRISG6= OUTPUT_PIN; \ - TRISGbits.TRISG12= INPUT_PIN; \ - TRISGbits.TRISG13= INPUT_PIN; \ - TRISGbits.TRISG9= OUTPUT_PIN; \ - LATBbits.LATB9= LOW; \ - LATCbits.LATC1= LOW; \ - LATCbits.LATC2= LOW; \ - LATCbits.LATC3= LOW; \ - LATDbits.LATD2= WIEGAND_IN_1; \ - LATDbits.LATD3= WIEGAND_IN_0; \ - LATEbits.LATE5= LOW; \ - LATEbits.LATE9= HIGH; \ - } - -// uart3 (CLI/API) speed -#define BAUDRATE3 115200UL -#define BRG_DIV3 4 -#define BRGH3 1 - -// spi for potentiometer -#define SPI_POT SPI_CHANNEL4 -#define SPI_POT_BUFF SPI4BUF -#define SPI_POT_STAT SPI4STATbits - -// spi for sd card - defines required for Microchip SD-SPI libs -// define interface type -#define USE_SD_INTERFACE_WITH_SPI - -#define MDD_USE_SPI_1 -#define SPI_START_CFG_1 (PRI_PRESCAL_64_1 | SEC_PRESCAL_8_1 | MASTER_ENABLE_ON | SPI_CKE_ON | SPI_SMP_ON) -#define SPI_START_CFG_2 (SPI_ENABLE) -// Define the SPI frequency -#define SPI_FREQUENCY (20000000) -// Description: SD-SPI Card Detect Input bit -#define SD_CD PORTFbits.RF0 -// Description: SD-SPI Card Detect TRIS bit -#define SD_CD_TRIS TRISFbits.TRISF0 -// Description: SD-SPI Write Protect Check Input bit -#define SD_WE PORTFbits.RF1 -// Description: SD-SPI Write Protect Check TRIS bit -#define SD_WE_TRIS TRISFbits.TRISF1 -// Description: The main SPI control register -#define SPICON1 SPI1CON -// Description: The SPI status register -#define SPISTAT SPI1STAT -// Description: The SPI Buffer -#define SPIBUF SPI1BUF -// Description: The receive buffer full bit in the SPI status register -#define SPISTAT_RBF SPI1STATbits.SPIRBF -// Description: The bitwise define for the SPI control register (i.e. _____bits) -#define SPICON1bits SPI1CONbits -// Description: The bitwise define for the SPI status register (i.e. _____bits) -#define SPISTATbits SPI1STATbits -// Description: The enable bit for the SPI module -#define SPIENABLE SPICON1bits.ON -// Description: The definition for the SPI baud rate generator register (PIC32) -#define SPIBRG SPI1BRG -// Description: The TRIS bit for the SCK pin -#define SPICLOCK TRISDbits.TRISD10 -// Description: The TRIS bit for the SDI pin -#define SPIIN TRISCbits.TRISC4 -// Description: The TRIS bit for the SDO pin -#define SPIOUT TRISDbits.TRISD0 -#define SD_CS LATDbits.LATD9 -// Description: SD-SPI Chip Select TRIS bit -#define SD_CS_TRIS TRISDbits.TRISD9 -//SPI library functions -#define putcSPI putcSPI1 -#define getcSPI getcSPI1 -#define OpenSPI(config1, config2) OpenSPI1(config1, config2) - -// Define setup parameters for OpenADC10 function -// Turn module on | Ouput in integer format | Trigger mode auto | Enable autosample -#define ADC_CONFIG1 (ADC_FORMAT_INTG | ADC_CLK_AUTO | ADC_AUTO_SAMPLING_ON) -// ADC ref external | Disable offset test | Disable scan mode | Perform 2 samples | Use dual buffers | Use alternate mode -#define ADC_CONFIG2 (ADC_VREF_AVDD_AVSS | ADC_OFFSET_CAL_DISABLE | ADC_SCAN_OFF | ADC_SAMPLES_PER_INT_1 | ADC_ALT_BUF_ON | ADC_ALT_INPUT_ON) - -// Use ADC internal clock | Set sample time -#define ADC_CONFIG3 (ADC_CONV_CLK_INTERNAL_RC | ADC_SAMPLE_TIME_0) - -// slow sample rate for tuning coils -#define ADC_CONFIG2_SLOW (ADC_VREF_AVDD_AVSS | ADC_OFFSET_CAL_DISABLE | ADC_SCAN_OFF | ADC_SAMPLES_PER_INT_16 | ADC_ALT_BUF_ON | ADC_ALT_INPUT_ON) -#define ADC_CONFIG3_SLOW (ADC_CONV_CLK_INTERNAL_RC | ADC_SAMPLE_TIME_31) - -// use AN11 -#define ADC_CONFIGPORT ENABLE_AN11_ANA -// Do not assign channels to scan -#define ADC_CONFIGSCAN SKIP_SCAN_ALL - -#define ADC_TO_VOLTS 0.003208F - - -// flash memory - int myvar = *(int*)(myflashmemoryaddress); - -// memory is 0x9D005000 to 0x9D07FFFF - -#define NVM_MEMORY_END 0x9D07FFFF -#define NVM_PAGE_SIZE 4096 -#define NVM_PAGES 2 // config & VTAG -#define RFIDLER_NVM_ADDRESS (NVM_MEMORY_END - (NVM_PAGE_SIZE * NVM_PAGES)) - -// UART timeout in us -#define SERIAL_TIMEOUT 100 - -#endif diff --git a/tools/hitag2crack/crack3/Makefile b/tools/hitag2crack/crack3/Makefile index 04965b55f..ebd4aca83 100644 --- a/tools/hitag2crack/crack3/Makefile +++ b/tools/hitag2crack/crack3/Makefile @@ -1,15 +1,17 @@ CFLAGS?=-Wall LIBS= +VPATH=../common +INC=-I ../common all: ht2crack3.c ht2test.c hitagcrypto.o utilpart.o - $(CC) $(CFLAGS) -o ht2crack3 ht2crack3.c hitagcrypto.o utilpart.o -lpthread $(LIBS) - $(CC) $(CFLAGS) -o ht2test ht2test.c hitagcrypto.o utilpart.o $(LIBS) + $(CC) $(CFLAGS) $(INC) -o ht2crack3 $< hitagcrypto.o utilpart.o -lpthread $(LIBS) + $(CC) $(CFLAGS) $(INC) -o ht2test ht2test.c hitagcrypto.o utilpart.o $(LIBS) hitagcrypto.o: hitagcrypto.c hitagcrypto.h - $(CC) $(CFLAGS) -c hitagcrypto.c + $(CC) $(CFLAGS) -c $< utilpart.o: utilpart.c util.h - $(CC) $(CFLAGS) -c utilpart.c + $(CC) $(CFLAGS) -c $< clean: rm -rf *.o ht2crack3 ht2test diff --git a/tools/hitag2crack/crack3/hitagcrypto.c b/tools/hitag2crack/crack3/hitagcrypto.c deleted file mode 100644 index 47449c3e3..000000000 --- a/tools/hitag2crack/crack3/hitagcrypto.c +++ /dev/null @@ -1,373 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2015 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: unknown. -// Modifications for RFIDler: Tony Naggs , Adam Laurie - -// uncomment this to build file as a standalone crypto test program -// #define UNIT_TEST -// also uncomment to include verbose debug prints -// #define TEST_DEBUG - -//#include -#include "HardwareProfile.h" -#include "rfidler.h" -#include "hitagcrypto.h" -#include "util.h" - -#ifdef UNIT_TEST -#include -#endif - -#if defined(UNIT_TEST) && defined(TEST_DEBUG) -// Note that printf format %I64x prints 64 bit ints in MS Visual C/C++. -// This may need changing for other compilers/platforms. -#define DEBUG_PRINTF(...) printf(__VA_ARGS__) -#else -#define DEBUG_PRINTF(...) -#endif - - -/* Brief info about NXP Hitag 1, Hitag 2, Hitag S and Hitag u (mu) - - Hitag 125kHz RFID was created by a company called Mikron (Mikron Gesellschaft - fur Integrierte Mikroelektronik Mbh), of Austria, for micropayment applications. - At about the same time, late 1980s to early 1990s, Mikron developed the - similarly featured Mifare micropayment card for 13.56MHz RFID. - (Mikron's European Patent EP 0473569 A2 was filed 23 August 1991, with a - priority date of 23 Aug 1990.) - Mikron was subsequently acquired by Philips Semiconductors in 1995. - Philips Semiconductors divsion subsequently became NXP. - - + Modulation read/write device -> transponder: 100 % ASK and binary pulse - length coding - + Modulation transponder -> read/write device: Strong ASK modulation, - selectable Manchester or Biphase coding - + Hitag S, Hitag u; anti-collision procedure - + Fast anti-collision protocol - + Hitag u; optional Cyclic Redundancy Check (CRC) - + Reader Talks First mode - + Hitag 2 & later; Transponder Talks First (TTF) mode - + Temporary switch from Transponder Talks First into Reader Talks First - (RTF) Mode - + Data rate read/write device to transponder: 5.2 kbit/s - + Data rates transponder to read/write device: 2 kbit/s, 4 kbit/s, 8 kbit/s - + 32-bit password feature - + Hitag 2, S = 32-bit Unique Identifier - + Hitag u = 48-bit Unique Identifier - + Selectable password modes for reader / tag mutual authentication - (Hitag 1 has 2 pairs of keys, later versions have 1 pair) - + Hitag 2 & Hitag S; Selectable encrypted mode, 48 bit key - - Known tag types: - - HITAG 1 2048 bits total memory - - HITAG 2 256 Bit total memory Read/Write - 8 pages of 32 bits, inc UID (32), - secret key (64), password (24), config (8) - - HITAG S 32 32 bits Unique Identifier Read Only - HITAG S 256 256 bits total memory Read/Write - HITAG S 2048 2048 bits total memory Read/Write - - HITAG u RO64 64 bits total memory Read Only - HITAG u 128 bits total memory Read/Write - HITAG u Advanced 512 bits total memory Read/Write - HITAG u Advanced+ 1760 bits total memory Read/Write - - Default 48-bit key for Hitag 2, S encryption: - "MIKRON" = O N M I K R - Key = 4F 4E 4D 49 4B 52 - -*/ - - -// We want the crypto functions to be as fast as possible, so optimize! -// The best compiler optimization in Microchip's free XC32 edition is -O1 -#pragma GCC optimize("O1") - -// private, nonlinear function to generate 1 crypto bit -static uint32_t hitag2_crypt(uint64_t x); - - -// macros to pick out 4 bits in various patterns of 1s & 2s & make a new number -#define pickbits2_2(S, A, B) ( ((S >> A) & 3) | ((S >> (B - 2)) & 0xC) ) -#define pickbits1x4(S, A, B, C, D) ( ((S >> A) & 1) | ((S >> (B - 1)) & 2) | \ - ((S >> (C - 2)) & 4) | ((S >> (D - 3)) & 8) ) -#define pickbits1_1_2(S, A, B, C) ( ((S >> A) & 1) | ((S >> (B - 1)) & 2) | \ - ((S >> (C - 2)) & 0xC) ) -#define pickbits2_1_1(S, A, B, C) ( ((S >> A) & 3) | ((S >> (B - 2)) & 4) | \ - ((S >> (C - 3)) & 8) ) -#define pickbits1_2_1(S, A, B, C) ( ((S >> A) & 1) | ((S >> (B - 1)) & 6) | \ - ((S >> (C - 3)) & 8) ) - - -static uint32_t hitag2_crypt(uint64_t x) { - const uint32_t ht2_function4a = 0x2C79; // 0010 1100 0111 1001 - const uint32_t ht2_function4b = 0x6671; // 0110 0110 0111 0001 - const uint32_t ht2_function5c = 0x7907287B; // 0111 1001 0000 0111 0010 1000 0111 1011 - uint32_t bitindex; - - bitindex = (ht2_function4a >> pickbits2_2(x, 1, 4)) & 1; - bitindex |= ((ht2_function4b << 1) >> pickbits1_1_2(x, 7, 11, 13)) & 0x02; - bitindex |= ((ht2_function4b << 2) >> pickbits1x4(x, 16, 20, 22, 25)) & 0x04; - bitindex |= ((ht2_function4b << 3) >> pickbits2_1_1(x, 27, 30, 32)) & 0x08; - bitindex |= ((ht2_function4a << 4) >> pickbits1_2_1(x, 33, 42, 45)) & 0x10; - - DEBUG_PRINTF("hitag2_crypt bitindex = %02x\n", bitindex); - return (ht2_function5c >> bitindex) & 1; -} - -/* - * Parameters: - * Hitag_State* pstate - output, internal state after initialisation - * uint64_t sharedkey - 48 bit key shared between reader & tag - * uint32_t serialnum - 32 bit tag serial number - * uint32_t initvector - 32 bit random IV from reader, part of tag authentication - */ -void hitag2_init(Hitag_State *pstate, uint64_t sharedkey, uint32_t serialnum, uint32_t initvector) { - // init state, from serial number and lowest 16 bits of shared key - uint64_t state = ((sharedkey & 0xFFFF) << 32) | serialnum; - - // mix the initialisation vector and highest 32 bits of the shared key - initvector ^= (uint32_t)(sharedkey >> 16); - - // move 16 bits from (IV xor Shared Key) to top of uint64_t state - // these will be XORed in turn with output of the crypto function - state |= (uint64_t) initvector << 48; - initvector >>= 16; - - // unrolled loop is faster on PIC32 (MIPS), do 32 times - // shift register, then calc new bit - state >>= 1; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - - // highest 16 bits of IV XOR Shared Key - state |= (uint64_t) initvector << 47; - - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state ^= (uint64_t) hitag2_crypt(state) << 47; - - DEBUG_PRINTF("hitag2_init result = %012I64x\n", state); - pstate->shiftreg = state; - /* naive version for reference, LFSR has 16 taps - pstate->lfsr = state ^ (state >> 2) ^ (state >> 3) ^ (state >> 6) - ^ (state >> 7) ^ (state >> 8) ^ (state >> 16) ^ (state >> 22) - ^ (state >> 23) ^ (state >> 26) ^ (state >> 30) ^ (state >> 41) - ^ (state >> 42) ^ (state >> 43) ^ (state >> 46) ^ (state >> 47); - */ - { - // optimise with one 64-bit intermediate - uint64_t temp = state ^ (state >> 1); - pstate->lfsr = state ^ (state >> 6) ^ (state >> 16) - ^ (state >> 26) ^ (state >> 30) ^ (state >> 41) - ^ (temp >> 2) ^ (temp >> 7) ^ (temp >> 22) - ^ (temp >> 42) ^ (temp >> 46); - } -} - - -/* - * Return up to 32 crypto bits. - * Last bit is in least significant bit, earlier bits are shifted left. - * Note that the Hitag transmission protocol is least significant bit, - * so we may want to change this, or add a function, that returns the - * crypto output bits in the other order. - * - * Parameters: - * Hitag_State* pstate - in/out, internal cipher state after initialisation - * uint32_t steps - number of bits requested, (capped at 32) - */ -uint32_t hitag2_nstep(Hitag_State *pstate, uint32_t steps) { - uint64_t state = pstate->shiftreg; - uint32_t result = 0; - uint64_t lfsr = pstate->lfsr; - - if (steps == 0) - return 0; - -// if (steps > 32) -// steps = 32; - - do { - // update shift registers - if (lfsr & 1) { - state = (state >> 1) | 0x800000000000; - lfsr = (lfsr >> 1) ^ 0xB38083220073; - - // accumulate next bit of crypto - result = (result << 1) | hitag2_crypt(state); - } else { - state >>= 1; - lfsr >>= 1; - - result = (result << 1) | hitag2_crypt(state); - } - } while (--steps); - - DEBUG_PRINTF("hitag2_nstep state = %012I64x, result %02x\n", state, result); - pstate->shiftreg = state; - pstate->lfsr = lfsr; - return result; -} - -// end of crypto core, revert to default optimization level -#pragma GCC reset_options diff --git a/tools/hitag2crack/crack3/hitagcrypto.h b/tools/hitag2crack/crack3/hitagcrypto.h deleted file mode 100644 index 274d3d82c..000000000 --- a/tools/hitag2crack/crack3/hitagcrypto.h +++ /dev/null @@ -1,167 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2014 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: unknown. -// Modifications for RFIDler: Tony Naggs , Adam Laurie - - -#ifndef HITAGCRYPTO_H -#define HITAGCRYPTO_H - -#include - -/* - Our model of Hitag 2 crypto uses 2 parallel shift registers: - a. 48 bit Feedback Shift Register, required for inputs to the nonlinear function. - b. 48 bit Linear Feedback Shift Register (LFSR). - A transform of initial register (a) value, which is then run in parallel. - Enables much faster calculation of the feedback values. - - API: - void hitag2_init(Hitag_State* pstate, uint64_t sharedkey, uint32_t serialnum, - uint32_t initvector); - Initialise state from 48 bit shared (secret) reader/tag key, - 32 bit tag serial number and 32 bit initialisation vector from reader. - - uint32_t hitag2_nstep(Hitag_State* pstate, uint32_t steps); - update shift register state and generate N cipher bits (N should be <= 32) - */ - - -typedef struct { - uint64_t shiftreg; // naive shift register, required for nonlinear fn input - uint64_t lfsr; // fast lfsr, used to make software faster -} Hitag_State; - -void hitag2_init(Hitag_State *pstate, uint64_t sharedkey, uint32_t serialnum, uint32_t initvector); - -uint32_t hitag2_nstep(Hitag_State *pstate, uint32_t steps); - -#endif /* HITAGCRYPTO_H */ - diff --git a/tools/hitag2crack/crack3/rfidler.h b/tools/hitag2crack/crack3/rfidler.h deleted file mode 100644 index 933547e6b..000000000 --- a/tools/hitag2crack/crack3/rfidler.h +++ /dev/null @@ -1,412 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2015 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: Adam Laurie - -#include -#include - -// BCD hardware revision for usb descriptor (usb_descriptors.c) -#define RFIDLER_HW_VERSION 0x020 - -// max sizes in BITS -#define MAXBLOCKSIZE 512 -#define MAXTAGSIZE 4096 -#define MAXUID 512 - -#define TMP_LARGE_BUFF_LEN 2048 -#define TMP_SMALL_BUFF_LEN 256 -#define ANALOGUE_BUFF_LEN 8192 - -#define COMMS_BUFFER_SIZE 128 - -#define DETECT_BUFFER_SIZE 512 - -#define SAMPLEMASK ~(BIT_1 | BIT_0) // mask to remove two bottom bits from analogue sample - we will then use those for reader & bit period - -// globals - -extern BOOL WiegandOutput; // Output wiegand data whenenver UID is read -extern BYTE *EMU_Reset_Data; // Pointer to full array of bits as bytes, stored as 0x00/0x01, '*' terminated -extern BYTE *EMU_Data; // Pointer to current location in EMU_Reset_Data -extern BYTE EMU_ThisBit; // The next data bit to transmit -extern BYTE EMU_SubCarrier_T0; // Number of Frame Clocks for sub-carrier '0' -extern BYTE EMU_SubCarrier_T1; // Number of Frame Clocks for sub-carrier '1' -extern unsigned int EMU_Repeat; // Number of times to transmit full data set -extern BOOL EMU_Background; // Emulate in the background until told to stop -extern unsigned int EMU_DataBitRate; // Number of Frame Clocks per bit -extern BYTE TmpBits[TMP_LARGE_BUFF_LEN]; // Shared scratchpad -extern BYTE ReaderPeriod; // Flag for sample display -extern unsigned char Comms_In_Buffer[COMMS_BUFFER_SIZE]; // USB/Serial buffer -extern BYTE Interface; // user interface - CLI or API -extern BYTE CommsChannel; // user comms channel - USB or UART -extern BOOL FakeRead; // flag for analogue sampler to signal it wants access to buffers during read -extern BOOL PWD_Mode; // is this tag password protected? -extern BYTE Password[9]; // 32 bits as HEX string set with LOGIN -extern unsigned int Led_Count; // LED status counter, also used for entropy -extern unsigned long Reader_Bit_Count; // Reader ISR bit counter -extern char Previous; // Reader ISR previous bit type - -// RWD (read/write device) coil state -extern BYTE RWD_State; // current state of RWD coil -extern unsigned int RWD_Fc; // field clock in uS -extern unsigned int RWD_Gap_Period; // length of command gaps in OC5 ticks -extern unsigned int RWD_Zero_Period; // length of '0' in OC5 ticks -extern unsigned int RWD_One_Period; // length of '1' in OC5 ticks -extern unsigned int RWD_Sleep_Period; // length of initial sleep to reset tag in OC5 ticks -extern unsigned int RWD_Wake_Period; // length required for tag to restart in OC5 ticks -extern unsigned int RWD_Wait_Switch_TX_RX; // length to wait when switching from TX to RX in OC5 ticks -extern unsigned int RWD_Wait_Switch_RX_TX; // length to wait when switching from RX to TX in OC5 ticks -extern unsigned int RWD_Post_Wait; // low level ISR wait period in OC5 ticks -extern unsigned int RWD_OC5_config; // Output Compare Module settings -extern unsigned int RWD_OC5_r; // Output Compare Module primary compare value -extern unsigned int RWD_OC5_rs; // Output Compare Module secondary compare value -extern BYTE RWD_Command_Buff[TMP_SMALL_BUFF_LEN]; // Command buffer, array of bits as bytes, stored as 0x00/0x01, '*' terminated -extern BYTE *RWD_Command_ThisBit; // Current command bit -extern BOOL Reader_ISR_State; // current state of reader ISR - -// NVM variables -// timings etc. that want to survive a reboot should go here -typedef struct { - BYTE Name[7]; // will be set to "RFIDler" so we can test for new device - BYTE AutoRun[128]; // optional command to run at startup - unsigned char TagType; - unsigned int PSK_Quality; - unsigned int Timeout; - unsigned int Wiegand_Pulse; - unsigned int Wiegand_Gap; - BOOL Wiegand_IdleState; - unsigned int FrameClock; - unsigned char Modulation; - unsigned int DataRate; - unsigned int DataRateSub0; - unsigned int DataRateSub1; - unsigned int DataBits; - unsigned int DataBlocks; - unsigned int BlockSize; - unsigned char SyncBits; - BYTE Sync[4]; - BOOL BiPhase; - BOOL Invert; - BOOL Manchester; - BOOL HalfDuplex; - unsigned int Repeat; - unsigned int PotLow; - unsigned int PotHigh; - unsigned int RWD_Gap_Period; - unsigned int RWD_Zero_Period; - unsigned int RWD_One_Period; - unsigned int RWD_Sleep_Period; - unsigned int RWD_Wake_Period; - unsigned int RWD_Wait_Switch_TX_RX; - unsigned int RWD_Wait_Switch_RX_TX; -} StoredConfig; - -// somewhere to store TAG data. this will be interpreted according to the TAG -// type. -typedef struct { - BYTE TagType; // raw tag type - BYTE EmulatedTagType; // tag type this tag is configured to emulate - BYTE UID[MAXUID + 1]; // Null-terminated HEX string - BYTE Data[MAXTAGSIZE]; // raw data - unsigned char DataBlocks; // number of blocks in Data field - unsigned int BlockSize; // blocksize in bits -} VirtualTag; - -extern StoredConfig RFIDlerConfig; -extern VirtualTag RFIDlerVTag; -extern BYTE TmpBuff[NVM_PAGE_SIZE]; -extern BYTE DataBuff[ANALOGUE_BUFF_LEN]; -extern unsigned int DataBuffCount; -extern const BYTE *ModulationSchemes[]; -extern const BYTE *OnOff[]; -extern const BYTE *HighLow[]; -extern const BYTE *TagTypes[]; - -// globals for ISRs -extern BYTE EmulationMode; -extern unsigned long HW_Bits; -extern BYTE HW_Skip_Bits; -extern unsigned int PSK_Min_Pulse; -extern BOOL PSK_Read_Error; -extern BOOL Manchester_Error; -extern BOOL SnifferMode; -extern unsigned int Clock_Tick_Counter; -extern BOOL Clock_Tick_Counter_Reset; - -// smart card lib -#define MAX_ATR_LEN (BYTE)33 -extern BYTE scCardATR[MAX_ATR_LEN]; -extern BYTE scATRLength; - -// RTC -extern rtccTime RTC_time; // time structure -extern rtccDate RTC_date; // date structure - -// digital pots -#define POTLOW_DEFAULT 100 -#define POTHIGH_DEFAULT 150 -#define DC_OFFSET 60 // analogue circuit DC offset (as close as we can get without using 2 LSB) -#define VOLTS_TO_POT 0.019607843F - -// RWD/clock states -#define RWD_STATE_INACTIVE 0 // RWD not in use -#define RWD_STATE_GO_TO_SLEEP 1 // RWD coil shutdown request -#define RWD_STATE_SLEEPING 2 // RWD coil shutdown for sleep period -#define RWD_STATE_WAKING 3 // RWD active for pre-determined period after reset -#define RWD_STATE_START_SEND 4 // RWD starting send of data -#define RWD_STATE_SENDING_GAP 5 // RWD sending a gap -#define RWD_STATE_SENDING_BIT 6 // RWD sending a data bit -#define RWD_STATE_POST_WAIT 7 // RWD finished sending data, now in forced wait period -#define RWD_STATE_ACTIVE 8 // RWD finished, now just clocking a carrier - -// reader ISR states -#define READER_STOPPED 0 // reader not in use -#define READER_IDLING 1 // reader ISR running to preserve timing, but not reading -#define READER_RUNNING 2 // reader reading bits - - -// user interface types -#define INTERFACE_API 0 -#define INTERFACE_CLI 1 - -// comms channel -#define COMMS_NONE 0 -#define COMMS_USB 1 -#define COMMS_UART 2 - -#define MAX_HISTORY 2 // disable most of history for now - memory issue - -// tag write retries -#define TAG_WRITE_RETRY 5 - -// modulation modes - uppdate ModulationSchemes[] in tags.c if you change this -#define MOD_MODE_NONE 0 -#define MOD_MODE_ASK_OOK 1 -#define MOD_MODE_FSK1 2 -#define MOD_MODE_FSK2 3 -#define MOD_MODE_PSK1 4 -#define MOD_MODE_PSK2 5 -#define MOD_MODE_PSK3 6 - -// TAG types - update TagTypes[] in tags.c if you add to this list -#define TAG_TYPE_NONE 0 -#define TAG_TYPE_ASK_RAW 1 -#define TAG_TYPE_FSK1_RAW 2 -#define TAG_TYPE_FSK2_RAW 3 -#define TAG_TYPE_PSK1_RAW 4 -#define TAG_TYPE_PSK2_RAW 5 -#define TAG_TYPE_PSK3_RAW 6 -#define TAG_TYPE_HITAG1 7 -#define TAG_TYPE_HITAG2 8 -#define TAG_TYPE_EM4X02 9 -#define TAG_TYPE_Q5 10 -#define TAG_TYPE_HID_26 11 -#define TAG_TYPE_INDALA_64 12 -#define TAG_TYPE_INDALA_224 13 -#define TAG_TYPE_UNIQUE 14 -#define TAG_TYPE_FDXB 15 -#define TAG_TYPE_T55X7 16 // same as Q5 but different timings and no modulation-defeat -#define TAG_TYPE_AWID_26 17 -#define TAG_TYPE_EM4X05 18 -#define TAG_TYPE_TAMAGOTCHI 19 -#define TAG_TYPE_HDX 20 // same underlying data as FDX-B, but different modulation & telegram - -// various - -#define BINARY 0 -#define HEX 1 - -#define NO_ADDRESS -1 - -#define ACK TRUE -#define NO_ACK FALSE - -#define BLOCK TRUE -#define NO_BLOCK FALSE - -#define DATA TRUE -#define NO_DATA FALSE - -#define DEBUG_PIN_ON HIGH -#define DEBUG_PIN_OFF LOW - -#define FAST FALSE -#define SLOW TRUE - -#define NO_TRIGGER 0 - -#define LOCK TRUE -#define NO_LOCK FALSE - -#define NFC_MODE TRUE -#define NO_NFC_MODE FALSE - -#define ONESHOT_READ TRUE -#define NO_ONESHOT_READ FALSE - -#define RESET TRUE -#define NO_RESET FALSE - -#define SHUTDOWN_CLOCK TRUE -#define NO_SHUTDOWN_CLOCK FALSE - -#define SYNC TRUE -#define NO_SYNC FALSE - -#define VERIFY TRUE -#define NO_VERIFY FALSE - -#define VOLATILE FALSE -#define NON_VOLATILE TRUE - -#define NEWLINE TRUE -#define NO_NEWLINE FALSE - -#define WAIT TRUE -#define NO_WAIT FALSE - -#define WIPER_HIGH 0 -#define WIPER_LOW 1 - -// conversion for time to ticks -#define US_TO_TICKS 1000000L -#define US_OVER_10_TO_TICKS 10000000L -#define US_OVER_100_TO_TICKS 100000000L -// we can't get down to this level on pic, but we want to standardise on timings, so for now we fudge it -#define CONVERT_TO_TICKS(x) ((x / 10) * (GetSystemClock() / US_OVER_10_TO_TICKS)) -#define CONVERT_TICKS_TO_US(x) (x / (GetSystemClock() / US_TO_TICKS)) -#define TIMER5_PRESCALER 16 -#define MAX_TIMER5_TICKS (65535 * TIMER5_PRESCALER) - -// other conversions - -// bits to hex digits -#define HEXDIGITS(x) (x / 4) -#define HEXTOBITS(x) (x * 4) diff --git a/tools/hitag2crack/crack3/utilpart.c b/tools/hitag2crack/crack3/utilpart.c deleted file mode 100644 index c46148491..000000000 --- a/tools/hitag2crack/crack3/utilpart.c +++ /dev/null @@ -1,180 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2014 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: Adam Laurie - - -#include -#include -#include "HardwareProfile.h" -#include "util.h" -#include "rfidler.h" -//#include "comms.h" - -// rtc -rtccTime RTC_time; // time structure -rtccDate RTC_date; // date structure - -// convert byte-reversed 8 digit hex to unsigned long -unsigned long hexreversetoulong(BYTE *hex) { - unsigned long ret = 0L; - unsigned int x; - BYTE i; - - if (strlen(hex) != 8) - return 0L; - - for (i = 0 ; i < 4 ; ++i) { - if (sscanf(hex, "%2X", &x) != 1) - return 0L; - ret += ((unsigned long) x) << i * 8; - hex += 2; - } - return ret; -} - -// convert byte-reversed 12 digit hex to unsigned long -unsigned long long hexreversetoulonglong(BYTE *hex) { - unsigned long long ret = 0LL; - BYTE tmp[9]; - - // this may seem an odd way to do it, but weird compiler issues were - // breaking direct conversion! - - tmp[8] = '\0'; - memset(tmp + 4, '0', 4); - memcpy(tmp, hex + 8, 4); - ret = hexreversetoulong(tmp); - ret <<= 32; - memcpy(tmp, hex, 8); - ret += hexreversetoulong(tmp); - return ret; -} - - diff --git a/tools/hitag2crack/crack4/HardwareProfile.h b/tools/hitag2crack/crack4/HardwareProfile.h deleted file mode 100644 index bce139042..000000000 --- a/tools/hitag2crack/crack4/HardwareProfile.h +++ /dev/null @@ -1,524 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2014 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: Adam Laurie - - - -#ifndef HARDWARE_PROFILE_UBW32_H -#define HARDWARE_PROFILE_UBW32_H - -//#include "plib.h" -typedef char BOOL; -typedef char BYTE; -typedef int rtccTime; -typedef int rtccDate; - - -#ifndef __PIC32MX__ -#define __PIC32MX__ -#endif - -#define GetSystemClock() (80000000ul) -#define GetPeripheralClock() (GetSystemClock()) -#define GetInstructionClock() (GetSystemClock()) - -//#define USE_SELF_POWER_SENSE_IO -#define tris_self_power TRISAbits.TRISA2 // Input -#define self_power 1 - -//#define USE_USB_BUS_SENSE_IO -#define tris_usb_bus_sense TRISBbits.TRISB5 // Input -#define USB_BUS_SENSE 1 - -// LEDs -#define mLED_1 LATEbits.LATE3 - -#define mLED_2 LATEbits.LATE2 -#define mLED_Comms mLED_2 - -#define mLED_3 LATEbits.LATE1 -#define mLED_Clock mLED_3 - -#define mLED_4 LATEbits.LATE0 -#define mLED_Emulate mLED_4 - -#define mLED_5 LATGbits.LATG6 -#define mLED_Read mLED_5 - -#define mLED_6 LATAbits.LATA15 -#define mLED_User mLED_6 - -#define mLED_7 LATDbits.LATD11 -#define mLED_Error mLED_7 - -// active low -#define mLED_ON 0 -#define mLED_OFF 1 - -#define mGetLED_1() mLED_1 -#define mGetLED_USB() mLED_1 -#define mGetLED_2() mLED_2 -#define mGetLED_Comms() mLED_2 -#define mGetLED_3() mLED_3 -#define mGetLED_Clock() mLED_3 -#define mGetLED_4() mLED_4 -#define mGetLED_Emulate() mLED_4 -#define mGetLED_5() mLED_5 -#define mGetLED_Read() mLED_5 -#define mGetLED_6() mLED_6 -#define mGetLED_User() mLED_6 -#define mGetLED_7() mLED_7 -#define mGetLED_Error() mLED_7 - -#define mLED_1_On() mLED_1 = mLED_ON -#define mLED_USB_On() mLED_1_On() -#define mLED_2_On() mLED_2 = mLED_ON -#define mLED_Comms_On() mLED_2_On() -#define mLED_3_On() mLED_3 = mLED_ON -#define mLED_Clock_On() mLED_3_On() -#define mLED_4_On() mLED_4 = mLED_ON -#define mLED_Emulate_On() mLED_4_On() -#define mLED_5_On() mLED_5 = mLED_ON -#define mLED_Read_On() mLED_5_On() -#define mLED_6_On() mLED_6 = mLED_ON -#define mLED_User_On() mLED_6_On() -#define mLED_7_On() mLED_7 = mLED_ON -#define mLED_Error_On() mLED_7_On() - -#define mLED_1_Off() mLED_1 = mLED_OFF -#define mLED_USB_Off() mLED_1_Off() -#define mLED_2_Off() mLED_2 = mLED_OFF -#define mLED_Comms_Off() mLED_2_Off() -#define mLED_3_Off() mLED_3 = mLED_OFF -#define mLED_Clock_Off() mLED_3_Off() -#define mLED_4_Off() mLED_4 = mLED_OFF -#define mLED_Emulate_Off() mLED_4_Off() -#define mLED_5_Off() mLED_5 = mLED_OFF -#define mLED_Read_Off() mLED_5_Off() -#define mLED_6_Off() mLED_6 = mLED_OFF -#define mLED_User_Off() mLED_6_Off() -#define mLED_7_Off() mLED_7 = mLED_OFF -#define mLED_Error_Off() mLED_7_Off() - -#define mLED_1_Toggle() mLED_1 = !mLED_1 -#define mLED_USB_Toggle() mLED_1_Toggle() -#define mLED_2_Toggle() mLED_2 = !mLED_2 -#define mLED_Comms_Toggle() mLED_2_Toggle() -#define mLED_3_Toggle() mLED_3 = !mLED_3 -#define mLED_Clock_Toggle() mLED_3_Toggle() -#define mLED_4_Toggle() mLED_4 = !mLED_4 -#define mLED_Emulate_Toggle() mLED_4_Toggle() -#define mLED_5_Toggle() mLED_5 = !mLED_5 -#define mLED_Read_Toggle( ) mLED_5_Toggle() -#define mLED_6_Toggle() mLED_6 = !mLED_6 -#define mLED_User_Toggle() mLED_6_Toggle() -#define mLED_7_Toggle() mLED_7 = !mLED_7 -#define mLED_Error_Toggle() mLED_7_Toggle() - -#define mLED_All_On() { mLED_1_On(); mLED_2_On(); mLED_3_On(); mLED_4_On(); mLED_5_On(); mLED_6_On(); mLED_7_On(); } -#define mLED_All_Off() { mLED_1_Off(); mLED_2_Off(); mLED_3_Off(); mLED_4_Off(); mLED_5_Off(); mLED_6_Off(); mLED_7_Off(); } - -// usb status lights -#define mLED_Both_Off() {mLED_USB_Off();mLED_Comms_Off();} -#define mLED_Both_On() {mLED_USB_On();mLED_Comms_On();} -#define mLED_Only_USB_On() {mLED_USB_On();mLED_Comms_Off();} -#define mLED_Only_Comms_On() {mLED_USB_Off();mLED_Comms_On();} - -/** SWITCH *********************************************************/ -#define swBootloader PORTEbits.RE7 -#define swUser PORTEbits.RE6 - -/** I/O pin definitions ********************************************/ -#define INPUT_PIN 1 -#define OUTPUT_PIN 0 - -#define TRUE 1 -#define FALSE 0 - -#define ENABLE 1 -#define DISABE 0 - -#define EVEN 0 -#define ODD 1 - -#define LOW FALSE -#define HIGH TRUE - -#define CLOCK_ON LOW -#define CLOCK_OFF HIGH - -// output coil control - select between reader/emulator circuits -#define COIL_MODE LATBbits.LATB4 -#define COIL_MODE_READER() COIL_MODE= LOW -#define COIL_MODE_EMULATOR() COIL_MODE= HIGH - -// coil for emulation -#define COIL_OUT LATGbits.LATG9 -#define COIL_OUT_HIGH() COIL_OUT=HIGH -#define COIL_OUT_LOW() COIL_OUT=LOW - -// door relay (active low) -#define DOOR_RELAY LATAbits.LATA14 -#define DOOR_RELAY_OPEN() DOOR_RELAY= HIGH -#define DOOR_RELAY_CLOSE() DOOR_RELAY= LOW - -// inductance/capacitance freq -#define IC_FREQUENCY PORTAbits.RA2 - -#define SNIFFER_COIL PORTDbits.RD12 // external reader clock detect -#define READER_ANALOGUE PORTBbits.RB11 // reader coil analogue -#define DIV_LOW_ANALOGUE PORTBbits.RB12 // voltage divider LOW analogue -#define DIV_HIGH_ANALOGUE PORTBbits.RB13 // voltage divider HIGH analogue - -// clock coil (normally controlled by OC Module, but defined here so we can force it high or low) -#define CLOCK_COIL PORTDbits.RD4 -#define CLOCK_COIL_MOVED PORTDbits.RD0 // temporary for greenwire - -// digital output after analogue reader circuit -#define READER_DATA PORTDbits.RD8 - -// trace / debug -#define DEBUG_PIN_1 LATCbits.LATC1 -#define DEBUG_PIN_1_TOGGLE() DEBUG_PIN_1= !DEBUG_PIN_1 -#define DEBUG_PIN_2 LATCbits.LATC2 -#define DEBUG_PIN_2_TOGGLE() DEBUG_PIN_2= !DEBUG_PIN_2 -#define DEBUG_PIN_3 LATCbits.LATC3 -#define DEBUG_PIN_3_TOGGLE() DEBUG_PIN_3= !DEBUG_PIN_3 -#define DEBUG_PIN_4 LATEbits.LATE5 -#define DEBUG_PIN_4_TOGGLE() DEBUG_PIN_4= !DEBUG_PIN_4 - -// spi (sdi1) for sd card (not directly referenced) -//#define SD_CARD_RX LATCbits.LATC4 -//#define SD_CARD_TX LATDbits.LATD0 -//#define SD_CARD_CLK LATDbits.LATD10 -//#define SD_CARD_SS LATDbits.LATD9 -// spi for SD card -#define SD_CARD_DET LATFbits.LATF0 -#define SD_CARD_WE LATFbits.LATF1 // write enable - unused for microsd but allocated anyway as library checks it -// (held LOW by default - cut solder bridge to GND to free pin if required) -#define SPI_SD SPI_CHANNEL1 -#define SPI_SD_BUFF SPI1BUF -#define SPI_SD_STAT SPI1STATbits -// see section below for more defines! - -// iso 7816 smartcard -// microchip SC module defines pins so we don't need to, but -// they are listed here to help avoid conflicts -#define ISO_7816_RX LATBbits.LATF2 // RX -#define ISO_7816_TX LATBbits.LATF8 // TX -#define ISO_7816_VCC LATBbits.LATB9 // Power -#define ISO_7816_CLK LATCbits.LATD1 // Clock -#define ISO_7816_RST LATEbits.LATE8 // Reset - -// user LED -#define USER_LED LATDbits.LATD7 -#define USER_LED_ON() LATDbits.LATD7=1 -#define USER_LED_OFF() LATDbits.LATD7=0 - -// LCR -#define LCR_CALIBRATE LATBbits.LATB5 - -// wiegand / clock & data -#define WIEGAND_IN_0 PORTDbits.RD5 -#define WIEGAND_IN_0_PULLUP CNPUEbits.CNPUE14 -#define WIEGAND_IN_0_PULLDOWN CNPDbits.CNPD14 -#define WIEGAND_IN_1 PORTDbits.RD6 -#define WIEGAND_IN_1_PULLUP CNPUEbits.CNPUE15 -#define WIEGAND_IN_1_PULLDOWN CNPDbits.CNPD15 -#define CAND_IN_DATA WIEGAND_IN_0 -#define CAND_IN_CLOCK WIEGAND_IN_1 - -#define WIEGAND_OUT_0 LATDbits.LATD3 -#define WIEGAND_OUT_1 LATDbits.LATD2 -#define WIEGAND_OUT_0_TRIS TRISDbits.TRISD3 -#define WIEGAND_OUT_1_TRIS TRISDbits.TRISD2 -#define CAND_OUT_DATA WIEGAND_OUT_0 -#define CAND_OUT_CLOCK WIEGAND_OUT_1 - -// connect/disconnect reader clock from coil - used to send RWD signals by creating gaps in carrier -#define READER_CLOCK_ENABLE LATEbits.LATE9 -#define READER_CLOCK_ENABLE_ON() READER_CLOCK_ENABLE=CLOCK_ON -#define READER_CLOCK_ENABLE_OFF(x) {READER_CLOCK_ENABLE=CLOCK_OFF; COIL_OUT=x;} - -// these input pins must NEVER bet set to output or they will cause short circuits! -// they can be used to see data from reader before it goes into or gate -#define OR_IN_A PORTAbits.RA4 -#define OR_IN_B PORTAbits.RA5 - - -// CNCON and CNEN are set to allow wiegand input pin weak pullups to be switched on -#define Init_GPIO() { \ - CNCONbits.ON= TRUE; \ - CNENbits.CNEN14= TRUE; \ - CNENbits.CNEN15= TRUE; \ - TRISAbits.TRISA2= INPUT_PIN; \ - TRISAbits.TRISA4= INPUT_PIN; \ - TRISAbits.TRISA5= INPUT_PIN; \ - TRISAbits.TRISA14= OUTPUT_PIN; \ - TRISAbits.TRISA15= OUTPUT_PIN; \ - TRISBbits.TRISB4= OUTPUT_PIN; \ - TRISBbits.TRISB5= OUTPUT_PIN; \ - TRISBbits.TRISB9= OUTPUT_PIN; \ - TRISBbits.TRISB11= INPUT_PIN; \ - TRISBbits.TRISB12= INPUT_PIN; \ - TRISBbits.TRISB13= INPUT_PIN; \ - TRISCbits.TRISC1= OUTPUT_PIN; \ - TRISCbits.TRISC2= OUTPUT_PIN; \ - TRISCbits.TRISC3= OUTPUT_PIN; \ - TRISCbits.TRISC4= INPUT_PIN; \ - TRISDbits.TRISD0= INPUT_PIN; \ - TRISDbits.TRISD1= OUTPUT_PIN; \ - TRISDbits.TRISD2= OUTPUT_PIN; \ - TRISDbits.TRISD3= OUTPUT_PIN; \ - TRISDbits.TRISD4= OUTPUT_PIN; \ - TRISDbits.TRISD5= INPUT_PIN; \ - TRISDbits.TRISD6= INPUT_PIN; \ - TRISDbits.TRISD7= OUTPUT_PIN; \ - TRISDbits.TRISD8= INPUT_PIN; \ - TRISDbits.TRISD11= OUTPUT_PIN; \ - TRISDbits.TRISD12= INPUT_PIN; \ - TRISEbits.TRISE0= OUTPUT_PIN; \ - TRISEbits.TRISE1= OUTPUT_PIN; \ - TRISEbits.TRISE2= OUTPUT_PIN; \ - TRISEbits.TRISE3= OUTPUT_PIN; \ - TRISEbits.TRISE5= OUTPUT_PIN; \ - TRISEbits.TRISE6= INPUT_PIN; \ - TRISEbits.TRISE7= INPUT_PIN; \ - TRISEbits.TRISE8= OUTPUT_PIN; \ - TRISEbits.TRISE9= OUTPUT_PIN; \ - TRISFbits.TRISF0= INPUT_PIN; \ - TRISFbits.TRISF1= INPUT_PIN; \ - TRISFbits.TRISF2= INPUT_PIN; \ - TRISFbits.TRISF8= OUTPUT_PIN; \ - TRISGbits.TRISG6= OUTPUT_PIN; \ - TRISGbits.TRISG12= INPUT_PIN; \ - TRISGbits.TRISG13= INPUT_PIN; \ - TRISGbits.TRISG9= OUTPUT_PIN; \ - LATBbits.LATB9= LOW; \ - LATCbits.LATC1= LOW; \ - LATCbits.LATC2= LOW; \ - LATCbits.LATC3= LOW; \ - LATDbits.LATD2= WIEGAND_IN_1; \ - LATDbits.LATD3= WIEGAND_IN_0; \ - LATEbits.LATE5= LOW; \ - LATEbits.LATE9= HIGH; \ - } - -// uart3 (CLI/API) speed -#define BAUDRATE3 115200UL -#define BRG_DIV3 4 -#define BRGH3 1 - -// spi for potentiometer -#define SPI_POT SPI_CHANNEL4 -#define SPI_POT_BUFF SPI4BUF -#define SPI_POT_STAT SPI4STATbits - -// spi for sd card - defines required for Microchip SD-SPI libs -// define interface type -#define USE_SD_INTERFACE_WITH_SPI - -#define MDD_USE_SPI_1 -#define SPI_START_CFG_1 (PRI_PRESCAL_64_1 | SEC_PRESCAL_8_1 | MASTER_ENABLE_ON | SPI_CKE_ON | SPI_SMP_ON) -#define SPI_START_CFG_2 (SPI_ENABLE) -// Define the SPI frequency -#define SPI_FREQUENCY (20000000) -// Description: SD-SPI Card Detect Input bit -#define SD_CD PORTFbits.RF0 -// Description: SD-SPI Card Detect TRIS bit -#define SD_CD_TRIS TRISFbits.TRISF0 -// Description: SD-SPI Write Protect Check Input bit -#define SD_WE PORTFbits.RF1 -// Description: SD-SPI Write Protect Check TRIS bit -#define SD_WE_TRIS TRISFbits.TRISF1 -// Description: The main SPI control register -#define SPICON1 SPI1CON -// Description: The SPI status register -#define SPISTAT SPI1STAT -// Description: The SPI Buffer -#define SPIBUF SPI1BUF -// Description: The receive buffer full bit in the SPI status register -#define SPISTAT_RBF SPI1STATbits.SPIRBF -// Description: The bitwise define for the SPI control register (i.e. _____bits) -#define SPICON1bits SPI1CONbits -// Description: The bitwise define for the SPI status register (i.e. _____bits) -#define SPISTATbits SPI1STATbits -// Description: The enable bit for the SPI module -#define SPIENABLE SPICON1bits.ON -// Description: The definition for the SPI baud rate generator register (PIC32) -#define SPIBRG SPI1BRG -// Description: The TRIS bit for the SCK pin -#define SPICLOCK TRISDbits.TRISD10 -// Description: The TRIS bit for the SDI pin -#define SPIIN TRISCbits.TRISC4 -// Description: The TRIS bit for the SDO pin -#define SPIOUT TRISDbits.TRISD0 -#define SD_CS LATDbits.LATD9 -// Description: SD-SPI Chip Select TRIS bit -#define SD_CS_TRIS TRISDbits.TRISD9 -//SPI library functions -#define putcSPI putcSPI1 -#define getcSPI getcSPI1 -#define OpenSPI(config1, config2) OpenSPI1(config1, config2) - -// Define setup parameters for OpenADC10 function -// Turn module on | Ouput in integer format | Trigger mode auto | Enable autosample -#define ADC_CONFIG1 (ADC_FORMAT_INTG | ADC_CLK_AUTO | ADC_AUTO_SAMPLING_ON) -// ADC ref external | Disable offset test | Disable scan mode | Perform 2 samples | Use dual buffers | Use alternate mode -#define ADC_CONFIG2 (ADC_VREF_AVDD_AVSS | ADC_OFFSET_CAL_DISABLE | ADC_SCAN_OFF | ADC_SAMPLES_PER_INT_1 | ADC_ALT_BUF_ON | ADC_ALT_INPUT_ON) - -// Use ADC internal clock | Set sample time -#define ADC_CONFIG3 (ADC_CONV_CLK_INTERNAL_RC | ADC_SAMPLE_TIME_0) - -// slow sample rate for tuning coils -#define ADC_CONFIG2_SLOW (ADC_VREF_AVDD_AVSS | ADC_OFFSET_CAL_DISABLE | ADC_SCAN_OFF | ADC_SAMPLES_PER_INT_16 | ADC_ALT_BUF_ON | ADC_ALT_INPUT_ON) -#define ADC_CONFIG3_SLOW (ADC_CONV_CLK_INTERNAL_RC | ADC_SAMPLE_TIME_31) - -// use AN11 -#define ADC_CONFIGPORT ENABLE_AN11_ANA -// Do not assign channels to scan -#define ADC_CONFIGSCAN SKIP_SCAN_ALL - -#define ADC_TO_VOLTS 0.003208F - - -// flash memory - int myvar = *(int*)(myflashmemoryaddress); - -// memory is 0x9D005000 to 0x9D07FFFF - -#define NVM_MEMORY_END 0x9D07FFFF -#define NVM_PAGE_SIZE 4096 -#define NVM_PAGES 2 // config & VTAG -#define RFIDLER_NVM_ADDRESS (NVM_MEMORY_END - (NVM_PAGE_SIZE * NVM_PAGES)) - -// UART timeout in us -#define SERIAL_TIMEOUT 100 - -#endif diff --git a/tools/hitag2crack/crack4/Makefile b/tools/hitag2crack/crack4/Makefile index 0c3e6ec3f..fff1dfb64 100644 --- a/tools/hitag2crack/crack4/Makefile +++ b/tools/hitag2crack/crack4/Makefile @@ -1,17 +1,19 @@ CFLAGS?=-Wall LIBS=-lpthread +VPATH=../common +INC=-I ../common -all: ht2crack4.c HardwareProfile.h rfidler.h util.h utilpart.o hitagcrypto.o ht2crack2utils.o - $(CC) $(CFLAGS) -o ht2crack4 ht2crack4.c utilpart.o hitagcrypto.o ht2crack2utils.o $(LIBS) +all: ht2crack4.c HardwareProfile.h rfidler.h util.h utilpart.o hitagcrypto.o ht2crackutils.o + $(CC) $(CFLAGS) $(INC) -o ht2crack4 $< utilpart.o hitagcrypto.o ht2crackutils.o $(LIBS) utilpart.o: utilpart.c util.h - $(CC) $(CFLAGS) -c utilpart.c + $(CC) $(CFLAGS) -c $< hitagcrypto.o: hitagcrypto.c hitagcrypto.h - $(CC) $(CFLAGS) -c hitagcrypto.c + $(CC) $(CFLAGS) -c $< -ht2crack2utils.o: ht2crack2utils.c ht2crack2utils.h - $(CC) $(CFLAGS) -c ht2crack2utils.c +ht2crackutils.o: ht2crackutils.c ht2crackutils.h + $(CC) $(CFLAGS) -c $< clean: rm -rf *.o ht2crack4 diff --git a/tools/hitag2crack/crack4/hitagcrypto.c b/tools/hitag2crack/crack4/hitagcrypto.c deleted file mode 100644 index 47449c3e3..000000000 --- a/tools/hitag2crack/crack4/hitagcrypto.c +++ /dev/null @@ -1,373 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2015 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: unknown. -// Modifications for RFIDler: Tony Naggs , Adam Laurie - -// uncomment this to build file as a standalone crypto test program -// #define UNIT_TEST -// also uncomment to include verbose debug prints -// #define TEST_DEBUG - -//#include -#include "HardwareProfile.h" -#include "rfidler.h" -#include "hitagcrypto.h" -#include "util.h" - -#ifdef UNIT_TEST -#include -#endif - -#if defined(UNIT_TEST) && defined(TEST_DEBUG) -// Note that printf format %I64x prints 64 bit ints in MS Visual C/C++. -// This may need changing for other compilers/platforms. -#define DEBUG_PRINTF(...) printf(__VA_ARGS__) -#else -#define DEBUG_PRINTF(...) -#endif - - -/* Brief info about NXP Hitag 1, Hitag 2, Hitag S and Hitag u (mu) - - Hitag 125kHz RFID was created by a company called Mikron (Mikron Gesellschaft - fur Integrierte Mikroelektronik Mbh), of Austria, for micropayment applications. - At about the same time, late 1980s to early 1990s, Mikron developed the - similarly featured Mifare micropayment card for 13.56MHz RFID. - (Mikron's European Patent EP 0473569 A2 was filed 23 August 1991, with a - priority date of 23 Aug 1990.) - Mikron was subsequently acquired by Philips Semiconductors in 1995. - Philips Semiconductors divsion subsequently became NXP. - - + Modulation read/write device -> transponder: 100 % ASK and binary pulse - length coding - + Modulation transponder -> read/write device: Strong ASK modulation, - selectable Manchester or Biphase coding - + Hitag S, Hitag u; anti-collision procedure - + Fast anti-collision protocol - + Hitag u; optional Cyclic Redundancy Check (CRC) - + Reader Talks First mode - + Hitag 2 & later; Transponder Talks First (TTF) mode - + Temporary switch from Transponder Talks First into Reader Talks First - (RTF) Mode - + Data rate read/write device to transponder: 5.2 kbit/s - + Data rates transponder to read/write device: 2 kbit/s, 4 kbit/s, 8 kbit/s - + 32-bit password feature - + Hitag 2, S = 32-bit Unique Identifier - + Hitag u = 48-bit Unique Identifier - + Selectable password modes for reader / tag mutual authentication - (Hitag 1 has 2 pairs of keys, later versions have 1 pair) - + Hitag 2 & Hitag S; Selectable encrypted mode, 48 bit key - - Known tag types: - - HITAG 1 2048 bits total memory - - HITAG 2 256 Bit total memory Read/Write - 8 pages of 32 bits, inc UID (32), - secret key (64), password (24), config (8) - - HITAG S 32 32 bits Unique Identifier Read Only - HITAG S 256 256 bits total memory Read/Write - HITAG S 2048 2048 bits total memory Read/Write - - HITAG u RO64 64 bits total memory Read Only - HITAG u 128 bits total memory Read/Write - HITAG u Advanced 512 bits total memory Read/Write - HITAG u Advanced+ 1760 bits total memory Read/Write - - Default 48-bit key for Hitag 2, S encryption: - "MIKRON" = O N M I K R - Key = 4F 4E 4D 49 4B 52 - -*/ - - -// We want the crypto functions to be as fast as possible, so optimize! -// The best compiler optimization in Microchip's free XC32 edition is -O1 -#pragma GCC optimize("O1") - -// private, nonlinear function to generate 1 crypto bit -static uint32_t hitag2_crypt(uint64_t x); - - -// macros to pick out 4 bits in various patterns of 1s & 2s & make a new number -#define pickbits2_2(S, A, B) ( ((S >> A) & 3) | ((S >> (B - 2)) & 0xC) ) -#define pickbits1x4(S, A, B, C, D) ( ((S >> A) & 1) | ((S >> (B - 1)) & 2) | \ - ((S >> (C - 2)) & 4) | ((S >> (D - 3)) & 8) ) -#define pickbits1_1_2(S, A, B, C) ( ((S >> A) & 1) | ((S >> (B - 1)) & 2) | \ - ((S >> (C - 2)) & 0xC) ) -#define pickbits2_1_1(S, A, B, C) ( ((S >> A) & 3) | ((S >> (B - 2)) & 4) | \ - ((S >> (C - 3)) & 8) ) -#define pickbits1_2_1(S, A, B, C) ( ((S >> A) & 1) | ((S >> (B - 1)) & 6) | \ - ((S >> (C - 3)) & 8) ) - - -static uint32_t hitag2_crypt(uint64_t x) { - const uint32_t ht2_function4a = 0x2C79; // 0010 1100 0111 1001 - const uint32_t ht2_function4b = 0x6671; // 0110 0110 0111 0001 - const uint32_t ht2_function5c = 0x7907287B; // 0111 1001 0000 0111 0010 1000 0111 1011 - uint32_t bitindex; - - bitindex = (ht2_function4a >> pickbits2_2(x, 1, 4)) & 1; - bitindex |= ((ht2_function4b << 1) >> pickbits1_1_2(x, 7, 11, 13)) & 0x02; - bitindex |= ((ht2_function4b << 2) >> pickbits1x4(x, 16, 20, 22, 25)) & 0x04; - bitindex |= ((ht2_function4b << 3) >> pickbits2_1_1(x, 27, 30, 32)) & 0x08; - bitindex |= ((ht2_function4a << 4) >> pickbits1_2_1(x, 33, 42, 45)) & 0x10; - - DEBUG_PRINTF("hitag2_crypt bitindex = %02x\n", bitindex); - return (ht2_function5c >> bitindex) & 1; -} - -/* - * Parameters: - * Hitag_State* pstate - output, internal state after initialisation - * uint64_t sharedkey - 48 bit key shared between reader & tag - * uint32_t serialnum - 32 bit tag serial number - * uint32_t initvector - 32 bit random IV from reader, part of tag authentication - */ -void hitag2_init(Hitag_State *pstate, uint64_t sharedkey, uint32_t serialnum, uint32_t initvector) { - // init state, from serial number and lowest 16 bits of shared key - uint64_t state = ((sharedkey & 0xFFFF) << 32) | serialnum; - - // mix the initialisation vector and highest 32 bits of the shared key - initvector ^= (uint32_t)(sharedkey >> 16); - - // move 16 bits from (IV xor Shared Key) to top of uint64_t state - // these will be XORed in turn with output of the crypto function - state |= (uint64_t) initvector << 48; - initvector >>= 16; - - // unrolled loop is faster on PIC32 (MIPS), do 32 times - // shift register, then calc new bit - state >>= 1; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - - // highest 16 bits of IV XOR Shared Key - state |= (uint64_t) initvector << 47; - - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state ^= (uint64_t) hitag2_crypt(state) << 47; - - DEBUG_PRINTF("hitag2_init result = %012I64x\n", state); - pstate->shiftreg = state; - /* naive version for reference, LFSR has 16 taps - pstate->lfsr = state ^ (state >> 2) ^ (state >> 3) ^ (state >> 6) - ^ (state >> 7) ^ (state >> 8) ^ (state >> 16) ^ (state >> 22) - ^ (state >> 23) ^ (state >> 26) ^ (state >> 30) ^ (state >> 41) - ^ (state >> 42) ^ (state >> 43) ^ (state >> 46) ^ (state >> 47); - */ - { - // optimise with one 64-bit intermediate - uint64_t temp = state ^ (state >> 1); - pstate->lfsr = state ^ (state >> 6) ^ (state >> 16) - ^ (state >> 26) ^ (state >> 30) ^ (state >> 41) - ^ (temp >> 2) ^ (temp >> 7) ^ (temp >> 22) - ^ (temp >> 42) ^ (temp >> 46); - } -} - - -/* - * Return up to 32 crypto bits. - * Last bit is in least significant bit, earlier bits are shifted left. - * Note that the Hitag transmission protocol is least significant bit, - * so we may want to change this, or add a function, that returns the - * crypto output bits in the other order. - * - * Parameters: - * Hitag_State* pstate - in/out, internal cipher state after initialisation - * uint32_t steps - number of bits requested, (capped at 32) - */ -uint32_t hitag2_nstep(Hitag_State *pstate, uint32_t steps) { - uint64_t state = pstate->shiftreg; - uint32_t result = 0; - uint64_t lfsr = pstate->lfsr; - - if (steps == 0) - return 0; - -// if (steps > 32) -// steps = 32; - - do { - // update shift registers - if (lfsr & 1) { - state = (state >> 1) | 0x800000000000; - lfsr = (lfsr >> 1) ^ 0xB38083220073; - - // accumulate next bit of crypto - result = (result << 1) | hitag2_crypt(state); - } else { - state >>= 1; - lfsr >>= 1; - - result = (result << 1) | hitag2_crypt(state); - } - } while (--steps); - - DEBUG_PRINTF("hitag2_nstep state = %012I64x, result %02x\n", state, result); - pstate->shiftreg = state; - pstate->lfsr = lfsr; - return result; -} - -// end of crypto core, revert to default optimization level -#pragma GCC reset_options diff --git a/tools/hitag2crack/crack4/hitagcrypto.h b/tools/hitag2crack/crack4/hitagcrypto.h deleted file mode 100644 index 274d3d82c..000000000 --- a/tools/hitag2crack/crack4/hitagcrypto.h +++ /dev/null @@ -1,167 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2014 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: unknown. -// Modifications for RFIDler: Tony Naggs , Adam Laurie - - -#ifndef HITAGCRYPTO_H -#define HITAGCRYPTO_H - -#include - -/* - Our model of Hitag 2 crypto uses 2 parallel shift registers: - a. 48 bit Feedback Shift Register, required for inputs to the nonlinear function. - b. 48 bit Linear Feedback Shift Register (LFSR). - A transform of initial register (a) value, which is then run in parallel. - Enables much faster calculation of the feedback values. - - API: - void hitag2_init(Hitag_State* pstate, uint64_t sharedkey, uint32_t serialnum, - uint32_t initvector); - Initialise state from 48 bit shared (secret) reader/tag key, - 32 bit tag serial number and 32 bit initialisation vector from reader. - - uint32_t hitag2_nstep(Hitag_State* pstate, uint32_t steps); - update shift register state and generate N cipher bits (N should be <= 32) - */ - - -typedef struct { - uint64_t shiftreg; // naive shift register, required for nonlinear fn input - uint64_t lfsr; // fast lfsr, used to make software faster -} Hitag_State; - -void hitag2_init(Hitag_State *pstate, uint64_t sharedkey, uint32_t serialnum, uint32_t initvector); - -uint32_t hitag2_nstep(Hitag_State *pstate, uint32_t steps); - -#endif /* HITAGCRYPTO_H */ - diff --git a/tools/hitag2crack/crack4/ht2crack2utils.c b/tools/hitag2crack/crack4/ht2crack2utils.c deleted file mode 100644 index 75d4c27a9..000000000 --- a/tools/hitag2crack/crack4/ht2crack2utils.c +++ /dev/null @@ -1,172 +0,0 @@ -#include "ht2crack2utils.h" - -// writes a value into a buffer as a series of bytes -void writebuf(unsigned char *buf, uint64_t val, unsigned int len) { - int i; - char c; - - for (i = len - 1; i >= 0; i--) { - c = val & 0xff; - buf[i] = c; - val = val >> 8; - } - -} - - -/* simple hexdump for testing purposes */ -void shexdump(unsigned char *data, int data_len) { - int i; - - if (!data || (data_len <= 0)) { - printf("shexdump: invalid parameters\n"); - return; - } - - printf("Hexdump from %p:\n", data); - - for (i = 0; i < data_len; i++) { - if ((i % HEX_PER_ROW) == 0) { - printf("\n0x%04x: ", i); - } - printf("%02x ", data[i]); - } - printf("\n\n"); -} - - - -void printbin(unsigned char *c) { - int i, j; - unsigned char x; - - if (!c) { - printf("printbin: invalid params\n"); - return; - } - - for (i = 0; i < 6; i++) { - x = c[i]; - for (j = 0; j < 8; j++) { - printf("%d", (x & 0x80) >> 7); - x = x << 1; - } - } - printf("\n"); -} - - -void printbin2(uint64_t val, unsigned int size) { - int i; - uint64_t mask = 1; - - mask = mask << (size - 1); - - for (i = 0; i < size; i++) { - if (val & mask) { - printf("1"); - } else { - printf("0"); - } - val = val << 1; - } -} - - -void printstate(Hitag_State *hstate) { - printf("shiftreg =\t"); - printbin2(hstate->shiftreg, 48); - printf("\n"); -} - - - - -// convert hex char to binary -unsigned char hex2bin(unsigned char c) { - if ((c >= '0') && (c <= '9')) { - return (c - '0'); - } else if ((c >= 'a') && (c <= 'f')) { - return (c - 'a' + 10); - } else if ((c >= 'A') && (c <= 'F')) { - return (c - 'A' + 10); - } else { - return 0; - } -} - -// return a single bit from a value -int bitn(uint64_t x, int bit) { - uint64_t bitmask = 1; - - bitmask = bitmask << bit; - - if (x & bitmask) { - return 1; - } else { - return 0; - } -} - - -// the sub-function R that rollback depends upon -int fnR(uint64_t x) { - // renumbered bits because my state is 0-47, not 1-48 - return (bitn(x, 1) ^ bitn(x, 2) ^ bitn(x, 5) ^ bitn(x, 6) ^ bitn(x, 7) ^ - bitn(x, 15) ^ bitn(x, 21) ^ bitn(x, 22) ^ bitn(x, 25) ^ bitn(x, 29) ^ bitn(x, 40) ^ - bitn(x, 41) ^ bitn(x, 42) ^ bitn(x, 45) ^ bitn(x, 46) ^ bitn(x, 47)); -} - -// the rollback function that lets us go backwards in time -void rollback(Hitag_State *hstate, unsigned int steps) { - int i; - - for (i = 0; i < steps; i++) { - hstate->shiftreg = ((hstate->shiftreg << 1) & 0xffffffffffff) | fnR(hstate->shiftreg); - } - -} - - -// the three filter sub-functions that feed fnf -int fa(unsigned int i) { - return bitn(0x2C79, i); -} - -int fb(unsigned int i) { - return bitn(0x6671, i); -} - -int fc(unsigned int i) { - return bitn(0x7907287B, i); -} - -// the filter function that generates a bit of output from the prng state -int fnf(uint64_t s) { - unsigned int x1, x2, x3, x4, x5, x6; - - x1 = (bitn(s, 2) << 0) | (bitn(s, 3) << 1) | (bitn(s, 5) << 2) | (bitn(s, 6) << 3); - x2 = (bitn(s, 8) << 0) | (bitn(s, 12) << 1) | (bitn(s, 14) << 2) | (bitn(s, 15) << 3); - x3 = (bitn(s, 17) << 0) | (bitn(s, 21) << 1) | (bitn(s, 23) << 2) | (bitn(s, 26) << 3); - x4 = (bitn(s, 28) << 0) | (bitn(s, 29) << 1) | (bitn(s, 31) << 2) | (bitn(s, 33) << 3); - x5 = (bitn(s, 34) << 0) | (bitn(s, 43) << 1) | (bitn(s, 44) << 2) | (bitn(s, 46) << 3); - - x6 = (fa(x1) << 0) | (fb(x2) << 1) | (fb(x3) << 2) | (fb(x4) << 3) | (fa(x5) << 4); - - return fc(x6); -} - -// builds the lfsr for the prng (quick calcs for hitag2_nstep()) -void buildlfsr(Hitag_State *hstate) { - uint64_t state = hstate->shiftreg; - uint64_t temp; - - temp = state ^ (state >> 1); - hstate->lfsr = state ^ (state >> 6) ^ (state >> 16) - ^ (state >> 26) ^ (state >> 30) ^ (state >> 41) - ^ (temp >> 2) ^ (temp >> 7) ^ (temp >> 22) - ^ (temp >> 42) ^ (temp >> 46); -} - - - diff --git a/tools/hitag2crack/crack4/ht2crack2utils.h b/tools/hitag2crack/crack4/ht2crack2utils.h deleted file mode 100644 index 14eea840c..000000000 --- a/tools/hitag2crack/crack4/ht2crack2utils.h +++ /dev/null @@ -1,34 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "HardwareProfile.h" -#include "rfidler.h" -#include "util.h" - -#include "hitagcrypto.h" - -#define HEX_PER_ROW 16 - - - -void writebuf(unsigned char *buf, uint64_t val, unsigned int len); -void shexdump(unsigned char *data, int data_len); -void printbin(unsigned char *c); -void printbin2(uint64_t val, unsigned int size); -void printstate(Hitag_State *hstate); -unsigned char hex2bin(unsigned char c); -int bitn(uint64_t x, int bit); -int fnR(uint64_t x); -void rollback(Hitag_State *hstate, unsigned int steps); -int fa(unsigned int i); -int fb(unsigned int i); -int fc(unsigned int i); -int fnf(uint64_t s); -void buildlfsr(Hitag_State *hstate); diff --git a/tools/hitag2crack/crack4/ht2crack4.c b/tools/hitag2crack/crack4/ht2crack4.c index 54e23d550..4c923737f 100644 --- a/tools/hitag2crack/crack4/ht2crack4.c +++ b/tools/hitag2crack/crack4/ht2crack4.c @@ -49,7 +49,7 @@ #include #include #include -#include "ht2crack2utils.h" +#include "ht2crackutils.h" /* you could have more than 32 traces, but you shouldn't really need * more than 16. You can still win with 8 if you're lucky. */ diff --git a/tools/hitag2crack/crack4/rfidler.h b/tools/hitag2crack/crack4/rfidler.h deleted file mode 100644 index 933547e6b..000000000 --- a/tools/hitag2crack/crack4/rfidler.h +++ /dev/null @@ -1,412 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2015 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: Adam Laurie - -#include -#include - -// BCD hardware revision for usb descriptor (usb_descriptors.c) -#define RFIDLER_HW_VERSION 0x020 - -// max sizes in BITS -#define MAXBLOCKSIZE 512 -#define MAXTAGSIZE 4096 -#define MAXUID 512 - -#define TMP_LARGE_BUFF_LEN 2048 -#define TMP_SMALL_BUFF_LEN 256 -#define ANALOGUE_BUFF_LEN 8192 - -#define COMMS_BUFFER_SIZE 128 - -#define DETECT_BUFFER_SIZE 512 - -#define SAMPLEMASK ~(BIT_1 | BIT_0) // mask to remove two bottom bits from analogue sample - we will then use those for reader & bit period - -// globals - -extern BOOL WiegandOutput; // Output wiegand data whenenver UID is read -extern BYTE *EMU_Reset_Data; // Pointer to full array of bits as bytes, stored as 0x00/0x01, '*' terminated -extern BYTE *EMU_Data; // Pointer to current location in EMU_Reset_Data -extern BYTE EMU_ThisBit; // The next data bit to transmit -extern BYTE EMU_SubCarrier_T0; // Number of Frame Clocks for sub-carrier '0' -extern BYTE EMU_SubCarrier_T1; // Number of Frame Clocks for sub-carrier '1' -extern unsigned int EMU_Repeat; // Number of times to transmit full data set -extern BOOL EMU_Background; // Emulate in the background until told to stop -extern unsigned int EMU_DataBitRate; // Number of Frame Clocks per bit -extern BYTE TmpBits[TMP_LARGE_BUFF_LEN]; // Shared scratchpad -extern BYTE ReaderPeriod; // Flag for sample display -extern unsigned char Comms_In_Buffer[COMMS_BUFFER_SIZE]; // USB/Serial buffer -extern BYTE Interface; // user interface - CLI or API -extern BYTE CommsChannel; // user comms channel - USB or UART -extern BOOL FakeRead; // flag for analogue sampler to signal it wants access to buffers during read -extern BOOL PWD_Mode; // is this tag password protected? -extern BYTE Password[9]; // 32 bits as HEX string set with LOGIN -extern unsigned int Led_Count; // LED status counter, also used for entropy -extern unsigned long Reader_Bit_Count; // Reader ISR bit counter -extern char Previous; // Reader ISR previous bit type - -// RWD (read/write device) coil state -extern BYTE RWD_State; // current state of RWD coil -extern unsigned int RWD_Fc; // field clock in uS -extern unsigned int RWD_Gap_Period; // length of command gaps in OC5 ticks -extern unsigned int RWD_Zero_Period; // length of '0' in OC5 ticks -extern unsigned int RWD_One_Period; // length of '1' in OC5 ticks -extern unsigned int RWD_Sleep_Period; // length of initial sleep to reset tag in OC5 ticks -extern unsigned int RWD_Wake_Period; // length required for tag to restart in OC5 ticks -extern unsigned int RWD_Wait_Switch_TX_RX; // length to wait when switching from TX to RX in OC5 ticks -extern unsigned int RWD_Wait_Switch_RX_TX; // length to wait when switching from RX to TX in OC5 ticks -extern unsigned int RWD_Post_Wait; // low level ISR wait period in OC5 ticks -extern unsigned int RWD_OC5_config; // Output Compare Module settings -extern unsigned int RWD_OC5_r; // Output Compare Module primary compare value -extern unsigned int RWD_OC5_rs; // Output Compare Module secondary compare value -extern BYTE RWD_Command_Buff[TMP_SMALL_BUFF_LEN]; // Command buffer, array of bits as bytes, stored as 0x00/0x01, '*' terminated -extern BYTE *RWD_Command_ThisBit; // Current command bit -extern BOOL Reader_ISR_State; // current state of reader ISR - -// NVM variables -// timings etc. that want to survive a reboot should go here -typedef struct { - BYTE Name[7]; // will be set to "RFIDler" so we can test for new device - BYTE AutoRun[128]; // optional command to run at startup - unsigned char TagType; - unsigned int PSK_Quality; - unsigned int Timeout; - unsigned int Wiegand_Pulse; - unsigned int Wiegand_Gap; - BOOL Wiegand_IdleState; - unsigned int FrameClock; - unsigned char Modulation; - unsigned int DataRate; - unsigned int DataRateSub0; - unsigned int DataRateSub1; - unsigned int DataBits; - unsigned int DataBlocks; - unsigned int BlockSize; - unsigned char SyncBits; - BYTE Sync[4]; - BOOL BiPhase; - BOOL Invert; - BOOL Manchester; - BOOL HalfDuplex; - unsigned int Repeat; - unsigned int PotLow; - unsigned int PotHigh; - unsigned int RWD_Gap_Period; - unsigned int RWD_Zero_Period; - unsigned int RWD_One_Period; - unsigned int RWD_Sleep_Period; - unsigned int RWD_Wake_Period; - unsigned int RWD_Wait_Switch_TX_RX; - unsigned int RWD_Wait_Switch_RX_TX; -} StoredConfig; - -// somewhere to store TAG data. this will be interpreted according to the TAG -// type. -typedef struct { - BYTE TagType; // raw tag type - BYTE EmulatedTagType; // tag type this tag is configured to emulate - BYTE UID[MAXUID + 1]; // Null-terminated HEX string - BYTE Data[MAXTAGSIZE]; // raw data - unsigned char DataBlocks; // number of blocks in Data field - unsigned int BlockSize; // blocksize in bits -} VirtualTag; - -extern StoredConfig RFIDlerConfig; -extern VirtualTag RFIDlerVTag; -extern BYTE TmpBuff[NVM_PAGE_SIZE]; -extern BYTE DataBuff[ANALOGUE_BUFF_LEN]; -extern unsigned int DataBuffCount; -extern const BYTE *ModulationSchemes[]; -extern const BYTE *OnOff[]; -extern const BYTE *HighLow[]; -extern const BYTE *TagTypes[]; - -// globals for ISRs -extern BYTE EmulationMode; -extern unsigned long HW_Bits; -extern BYTE HW_Skip_Bits; -extern unsigned int PSK_Min_Pulse; -extern BOOL PSK_Read_Error; -extern BOOL Manchester_Error; -extern BOOL SnifferMode; -extern unsigned int Clock_Tick_Counter; -extern BOOL Clock_Tick_Counter_Reset; - -// smart card lib -#define MAX_ATR_LEN (BYTE)33 -extern BYTE scCardATR[MAX_ATR_LEN]; -extern BYTE scATRLength; - -// RTC -extern rtccTime RTC_time; // time structure -extern rtccDate RTC_date; // date structure - -// digital pots -#define POTLOW_DEFAULT 100 -#define POTHIGH_DEFAULT 150 -#define DC_OFFSET 60 // analogue circuit DC offset (as close as we can get without using 2 LSB) -#define VOLTS_TO_POT 0.019607843F - -// RWD/clock states -#define RWD_STATE_INACTIVE 0 // RWD not in use -#define RWD_STATE_GO_TO_SLEEP 1 // RWD coil shutdown request -#define RWD_STATE_SLEEPING 2 // RWD coil shutdown for sleep period -#define RWD_STATE_WAKING 3 // RWD active for pre-determined period after reset -#define RWD_STATE_START_SEND 4 // RWD starting send of data -#define RWD_STATE_SENDING_GAP 5 // RWD sending a gap -#define RWD_STATE_SENDING_BIT 6 // RWD sending a data bit -#define RWD_STATE_POST_WAIT 7 // RWD finished sending data, now in forced wait period -#define RWD_STATE_ACTIVE 8 // RWD finished, now just clocking a carrier - -// reader ISR states -#define READER_STOPPED 0 // reader not in use -#define READER_IDLING 1 // reader ISR running to preserve timing, but not reading -#define READER_RUNNING 2 // reader reading bits - - -// user interface types -#define INTERFACE_API 0 -#define INTERFACE_CLI 1 - -// comms channel -#define COMMS_NONE 0 -#define COMMS_USB 1 -#define COMMS_UART 2 - -#define MAX_HISTORY 2 // disable most of history for now - memory issue - -// tag write retries -#define TAG_WRITE_RETRY 5 - -// modulation modes - uppdate ModulationSchemes[] in tags.c if you change this -#define MOD_MODE_NONE 0 -#define MOD_MODE_ASK_OOK 1 -#define MOD_MODE_FSK1 2 -#define MOD_MODE_FSK2 3 -#define MOD_MODE_PSK1 4 -#define MOD_MODE_PSK2 5 -#define MOD_MODE_PSK3 6 - -// TAG types - update TagTypes[] in tags.c if you add to this list -#define TAG_TYPE_NONE 0 -#define TAG_TYPE_ASK_RAW 1 -#define TAG_TYPE_FSK1_RAW 2 -#define TAG_TYPE_FSK2_RAW 3 -#define TAG_TYPE_PSK1_RAW 4 -#define TAG_TYPE_PSK2_RAW 5 -#define TAG_TYPE_PSK3_RAW 6 -#define TAG_TYPE_HITAG1 7 -#define TAG_TYPE_HITAG2 8 -#define TAG_TYPE_EM4X02 9 -#define TAG_TYPE_Q5 10 -#define TAG_TYPE_HID_26 11 -#define TAG_TYPE_INDALA_64 12 -#define TAG_TYPE_INDALA_224 13 -#define TAG_TYPE_UNIQUE 14 -#define TAG_TYPE_FDXB 15 -#define TAG_TYPE_T55X7 16 // same as Q5 but different timings and no modulation-defeat -#define TAG_TYPE_AWID_26 17 -#define TAG_TYPE_EM4X05 18 -#define TAG_TYPE_TAMAGOTCHI 19 -#define TAG_TYPE_HDX 20 // same underlying data as FDX-B, but different modulation & telegram - -// various - -#define BINARY 0 -#define HEX 1 - -#define NO_ADDRESS -1 - -#define ACK TRUE -#define NO_ACK FALSE - -#define BLOCK TRUE -#define NO_BLOCK FALSE - -#define DATA TRUE -#define NO_DATA FALSE - -#define DEBUG_PIN_ON HIGH -#define DEBUG_PIN_OFF LOW - -#define FAST FALSE -#define SLOW TRUE - -#define NO_TRIGGER 0 - -#define LOCK TRUE -#define NO_LOCK FALSE - -#define NFC_MODE TRUE -#define NO_NFC_MODE FALSE - -#define ONESHOT_READ TRUE -#define NO_ONESHOT_READ FALSE - -#define RESET TRUE -#define NO_RESET FALSE - -#define SHUTDOWN_CLOCK TRUE -#define NO_SHUTDOWN_CLOCK FALSE - -#define SYNC TRUE -#define NO_SYNC FALSE - -#define VERIFY TRUE -#define NO_VERIFY FALSE - -#define VOLATILE FALSE -#define NON_VOLATILE TRUE - -#define NEWLINE TRUE -#define NO_NEWLINE FALSE - -#define WAIT TRUE -#define NO_WAIT FALSE - -#define WIPER_HIGH 0 -#define WIPER_LOW 1 - -// conversion for time to ticks -#define US_TO_TICKS 1000000L -#define US_OVER_10_TO_TICKS 10000000L -#define US_OVER_100_TO_TICKS 100000000L -// we can't get down to this level on pic, but we want to standardise on timings, so for now we fudge it -#define CONVERT_TO_TICKS(x) ((x / 10) * (GetSystemClock() / US_OVER_10_TO_TICKS)) -#define CONVERT_TICKS_TO_US(x) (x / (GetSystemClock() / US_TO_TICKS)) -#define TIMER5_PRESCALER 16 -#define MAX_TIMER5_TICKS (65535 * TIMER5_PRESCALER) - -// other conversions - -// bits to hex digits -#define HEXDIGITS(x) (x / 4) -#define HEXTOBITS(x) (x * 4) diff --git a/tools/hitag2crack/crack4/util.h b/tools/hitag2crack/crack4/util.h deleted file mode 100644 index c2399c37c..000000000 --- a/tools/hitag2crack/crack4/util.h +++ /dev/null @@ -1,147 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2015 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: Adam Laurie - -/* - * Hitag Crypto support macros - * These macros reverse the bit order in a byte, or *within* each byte of a - * 16 , 32 or 64 bit unsigned integer. (Not across the whole 16 etc bits.) - */ -#define rev8(X) ((((X) >> 7) &1) + (((X) >> 5) &2) + (((X) >> 3) &4) \ - + (((X) >> 1) &8) + (((X) << 1) &16) + (((X) << 3) &32) \ - + (((X) << 5) &64) + (((X) << 7) &128) ) -#define rev16(X) (rev8 (X) + (rev8 (X >> 8) << 8)) -#define rev32(X) (rev16(X) + (rev16(X >> 16) << 16)) -#define rev64(X) (rev32(X) + (rev32(X >> 32) << 32)) - - -unsigned long hexreversetoulong(BYTE *hex); -unsigned long long hexreversetoulonglong(BYTE *hex); - diff --git a/tools/hitag2crack/crack4/utilpart.c b/tools/hitag2crack/crack4/utilpart.c deleted file mode 100644 index c46148491..000000000 --- a/tools/hitag2crack/crack4/utilpart.c +++ /dev/null @@ -1,180 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2014 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: Adam Laurie - - -#include -#include -#include "HardwareProfile.h" -#include "util.h" -#include "rfidler.h" -//#include "comms.h" - -// rtc -rtccTime RTC_time; // time structure -rtccDate RTC_date; // date structure - -// convert byte-reversed 8 digit hex to unsigned long -unsigned long hexreversetoulong(BYTE *hex) { - unsigned long ret = 0L; - unsigned int x; - BYTE i; - - if (strlen(hex) != 8) - return 0L; - - for (i = 0 ; i < 4 ; ++i) { - if (sscanf(hex, "%2X", &x) != 1) - return 0L; - ret += ((unsigned long) x) << i * 8; - hex += 2; - } - return ret; -} - -// convert byte-reversed 12 digit hex to unsigned long -unsigned long long hexreversetoulonglong(BYTE *hex) { - unsigned long long ret = 0LL; - BYTE tmp[9]; - - // this may seem an odd way to do it, but weird compiler issues were - // breaking direct conversion! - - tmp[8] = '\0'; - memset(tmp + 4, '0', 4); - memcpy(tmp, hex + 8, 4); - ret = hexreversetoulong(tmp); - ret <<= 32; - memcpy(tmp, hex, 8); - ret += hexreversetoulong(tmp); - return ret; -} - - diff --git a/tools/hitag2crack/crack5/.gitignore b/tools/hitag2crack/crack5/.gitignore new file mode 100644 index 000000000..0e7066a3d --- /dev/null +++ b/tools/hitag2crack/crack5/.gitignore @@ -0,0 +1,3 @@ +ht2crack5 + +ht2crack5.exe diff --git a/tools/hitag2crack/crack5/HardwareProfile.h b/tools/hitag2crack/crack5/HardwareProfile.h deleted file mode 100644 index bce139042..000000000 --- a/tools/hitag2crack/crack5/HardwareProfile.h +++ /dev/null @@ -1,524 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2014 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: Adam Laurie - - - -#ifndef HARDWARE_PROFILE_UBW32_H -#define HARDWARE_PROFILE_UBW32_H - -//#include "plib.h" -typedef char BOOL; -typedef char BYTE; -typedef int rtccTime; -typedef int rtccDate; - - -#ifndef __PIC32MX__ -#define __PIC32MX__ -#endif - -#define GetSystemClock() (80000000ul) -#define GetPeripheralClock() (GetSystemClock()) -#define GetInstructionClock() (GetSystemClock()) - -//#define USE_SELF_POWER_SENSE_IO -#define tris_self_power TRISAbits.TRISA2 // Input -#define self_power 1 - -//#define USE_USB_BUS_SENSE_IO -#define tris_usb_bus_sense TRISBbits.TRISB5 // Input -#define USB_BUS_SENSE 1 - -// LEDs -#define mLED_1 LATEbits.LATE3 - -#define mLED_2 LATEbits.LATE2 -#define mLED_Comms mLED_2 - -#define mLED_3 LATEbits.LATE1 -#define mLED_Clock mLED_3 - -#define mLED_4 LATEbits.LATE0 -#define mLED_Emulate mLED_4 - -#define mLED_5 LATGbits.LATG6 -#define mLED_Read mLED_5 - -#define mLED_6 LATAbits.LATA15 -#define mLED_User mLED_6 - -#define mLED_7 LATDbits.LATD11 -#define mLED_Error mLED_7 - -// active low -#define mLED_ON 0 -#define mLED_OFF 1 - -#define mGetLED_1() mLED_1 -#define mGetLED_USB() mLED_1 -#define mGetLED_2() mLED_2 -#define mGetLED_Comms() mLED_2 -#define mGetLED_3() mLED_3 -#define mGetLED_Clock() mLED_3 -#define mGetLED_4() mLED_4 -#define mGetLED_Emulate() mLED_4 -#define mGetLED_5() mLED_5 -#define mGetLED_Read() mLED_5 -#define mGetLED_6() mLED_6 -#define mGetLED_User() mLED_6 -#define mGetLED_7() mLED_7 -#define mGetLED_Error() mLED_7 - -#define mLED_1_On() mLED_1 = mLED_ON -#define mLED_USB_On() mLED_1_On() -#define mLED_2_On() mLED_2 = mLED_ON -#define mLED_Comms_On() mLED_2_On() -#define mLED_3_On() mLED_3 = mLED_ON -#define mLED_Clock_On() mLED_3_On() -#define mLED_4_On() mLED_4 = mLED_ON -#define mLED_Emulate_On() mLED_4_On() -#define mLED_5_On() mLED_5 = mLED_ON -#define mLED_Read_On() mLED_5_On() -#define mLED_6_On() mLED_6 = mLED_ON -#define mLED_User_On() mLED_6_On() -#define mLED_7_On() mLED_7 = mLED_ON -#define mLED_Error_On() mLED_7_On() - -#define mLED_1_Off() mLED_1 = mLED_OFF -#define mLED_USB_Off() mLED_1_Off() -#define mLED_2_Off() mLED_2 = mLED_OFF -#define mLED_Comms_Off() mLED_2_Off() -#define mLED_3_Off() mLED_3 = mLED_OFF -#define mLED_Clock_Off() mLED_3_Off() -#define mLED_4_Off() mLED_4 = mLED_OFF -#define mLED_Emulate_Off() mLED_4_Off() -#define mLED_5_Off() mLED_5 = mLED_OFF -#define mLED_Read_Off() mLED_5_Off() -#define mLED_6_Off() mLED_6 = mLED_OFF -#define mLED_User_Off() mLED_6_Off() -#define mLED_7_Off() mLED_7 = mLED_OFF -#define mLED_Error_Off() mLED_7_Off() - -#define mLED_1_Toggle() mLED_1 = !mLED_1 -#define mLED_USB_Toggle() mLED_1_Toggle() -#define mLED_2_Toggle() mLED_2 = !mLED_2 -#define mLED_Comms_Toggle() mLED_2_Toggle() -#define mLED_3_Toggle() mLED_3 = !mLED_3 -#define mLED_Clock_Toggle() mLED_3_Toggle() -#define mLED_4_Toggle() mLED_4 = !mLED_4 -#define mLED_Emulate_Toggle() mLED_4_Toggle() -#define mLED_5_Toggle() mLED_5 = !mLED_5 -#define mLED_Read_Toggle( ) mLED_5_Toggle() -#define mLED_6_Toggle() mLED_6 = !mLED_6 -#define mLED_User_Toggle() mLED_6_Toggle() -#define mLED_7_Toggle() mLED_7 = !mLED_7 -#define mLED_Error_Toggle() mLED_7_Toggle() - -#define mLED_All_On() { mLED_1_On(); mLED_2_On(); mLED_3_On(); mLED_4_On(); mLED_5_On(); mLED_6_On(); mLED_7_On(); } -#define mLED_All_Off() { mLED_1_Off(); mLED_2_Off(); mLED_3_Off(); mLED_4_Off(); mLED_5_Off(); mLED_6_Off(); mLED_7_Off(); } - -// usb status lights -#define mLED_Both_Off() {mLED_USB_Off();mLED_Comms_Off();} -#define mLED_Both_On() {mLED_USB_On();mLED_Comms_On();} -#define mLED_Only_USB_On() {mLED_USB_On();mLED_Comms_Off();} -#define mLED_Only_Comms_On() {mLED_USB_Off();mLED_Comms_On();} - -/** SWITCH *********************************************************/ -#define swBootloader PORTEbits.RE7 -#define swUser PORTEbits.RE6 - -/** I/O pin definitions ********************************************/ -#define INPUT_PIN 1 -#define OUTPUT_PIN 0 - -#define TRUE 1 -#define FALSE 0 - -#define ENABLE 1 -#define DISABE 0 - -#define EVEN 0 -#define ODD 1 - -#define LOW FALSE -#define HIGH TRUE - -#define CLOCK_ON LOW -#define CLOCK_OFF HIGH - -// output coil control - select between reader/emulator circuits -#define COIL_MODE LATBbits.LATB4 -#define COIL_MODE_READER() COIL_MODE= LOW -#define COIL_MODE_EMULATOR() COIL_MODE= HIGH - -// coil for emulation -#define COIL_OUT LATGbits.LATG9 -#define COIL_OUT_HIGH() COIL_OUT=HIGH -#define COIL_OUT_LOW() COIL_OUT=LOW - -// door relay (active low) -#define DOOR_RELAY LATAbits.LATA14 -#define DOOR_RELAY_OPEN() DOOR_RELAY= HIGH -#define DOOR_RELAY_CLOSE() DOOR_RELAY= LOW - -// inductance/capacitance freq -#define IC_FREQUENCY PORTAbits.RA2 - -#define SNIFFER_COIL PORTDbits.RD12 // external reader clock detect -#define READER_ANALOGUE PORTBbits.RB11 // reader coil analogue -#define DIV_LOW_ANALOGUE PORTBbits.RB12 // voltage divider LOW analogue -#define DIV_HIGH_ANALOGUE PORTBbits.RB13 // voltage divider HIGH analogue - -// clock coil (normally controlled by OC Module, but defined here so we can force it high or low) -#define CLOCK_COIL PORTDbits.RD4 -#define CLOCK_COIL_MOVED PORTDbits.RD0 // temporary for greenwire - -// digital output after analogue reader circuit -#define READER_DATA PORTDbits.RD8 - -// trace / debug -#define DEBUG_PIN_1 LATCbits.LATC1 -#define DEBUG_PIN_1_TOGGLE() DEBUG_PIN_1= !DEBUG_PIN_1 -#define DEBUG_PIN_2 LATCbits.LATC2 -#define DEBUG_PIN_2_TOGGLE() DEBUG_PIN_2= !DEBUG_PIN_2 -#define DEBUG_PIN_3 LATCbits.LATC3 -#define DEBUG_PIN_3_TOGGLE() DEBUG_PIN_3= !DEBUG_PIN_3 -#define DEBUG_PIN_4 LATEbits.LATE5 -#define DEBUG_PIN_4_TOGGLE() DEBUG_PIN_4= !DEBUG_PIN_4 - -// spi (sdi1) for sd card (not directly referenced) -//#define SD_CARD_RX LATCbits.LATC4 -//#define SD_CARD_TX LATDbits.LATD0 -//#define SD_CARD_CLK LATDbits.LATD10 -//#define SD_CARD_SS LATDbits.LATD9 -// spi for SD card -#define SD_CARD_DET LATFbits.LATF0 -#define SD_CARD_WE LATFbits.LATF1 // write enable - unused for microsd but allocated anyway as library checks it -// (held LOW by default - cut solder bridge to GND to free pin if required) -#define SPI_SD SPI_CHANNEL1 -#define SPI_SD_BUFF SPI1BUF -#define SPI_SD_STAT SPI1STATbits -// see section below for more defines! - -// iso 7816 smartcard -// microchip SC module defines pins so we don't need to, but -// they are listed here to help avoid conflicts -#define ISO_7816_RX LATBbits.LATF2 // RX -#define ISO_7816_TX LATBbits.LATF8 // TX -#define ISO_7816_VCC LATBbits.LATB9 // Power -#define ISO_7816_CLK LATCbits.LATD1 // Clock -#define ISO_7816_RST LATEbits.LATE8 // Reset - -// user LED -#define USER_LED LATDbits.LATD7 -#define USER_LED_ON() LATDbits.LATD7=1 -#define USER_LED_OFF() LATDbits.LATD7=0 - -// LCR -#define LCR_CALIBRATE LATBbits.LATB5 - -// wiegand / clock & data -#define WIEGAND_IN_0 PORTDbits.RD5 -#define WIEGAND_IN_0_PULLUP CNPUEbits.CNPUE14 -#define WIEGAND_IN_0_PULLDOWN CNPDbits.CNPD14 -#define WIEGAND_IN_1 PORTDbits.RD6 -#define WIEGAND_IN_1_PULLUP CNPUEbits.CNPUE15 -#define WIEGAND_IN_1_PULLDOWN CNPDbits.CNPD15 -#define CAND_IN_DATA WIEGAND_IN_0 -#define CAND_IN_CLOCK WIEGAND_IN_1 - -#define WIEGAND_OUT_0 LATDbits.LATD3 -#define WIEGAND_OUT_1 LATDbits.LATD2 -#define WIEGAND_OUT_0_TRIS TRISDbits.TRISD3 -#define WIEGAND_OUT_1_TRIS TRISDbits.TRISD2 -#define CAND_OUT_DATA WIEGAND_OUT_0 -#define CAND_OUT_CLOCK WIEGAND_OUT_1 - -// connect/disconnect reader clock from coil - used to send RWD signals by creating gaps in carrier -#define READER_CLOCK_ENABLE LATEbits.LATE9 -#define READER_CLOCK_ENABLE_ON() READER_CLOCK_ENABLE=CLOCK_ON -#define READER_CLOCK_ENABLE_OFF(x) {READER_CLOCK_ENABLE=CLOCK_OFF; COIL_OUT=x;} - -// these input pins must NEVER bet set to output or they will cause short circuits! -// they can be used to see data from reader before it goes into or gate -#define OR_IN_A PORTAbits.RA4 -#define OR_IN_B PORTAbits.RA5 - - -// CNCON and CNEN are set to allow wiegand input pin weak pullups to be switched on -#define Init_GPIO() { \ - CNCONbits.ON= TRUE; \ - CNENbits.CNEN14= TRUE; \ - CNENbits.CNEN15= TRUE; \ - TRISAbits.TRISA2= INPUT_PIN; \ - TRISAbits.TRISA4= INPUT_PIN; \ - TRISAbits.TRISA5= INPUT_PIN; \ - TRISAbits.TRISA14= OUTPUT_PIN; \ - TRISAbits.TRISA15= OUTPUT_PIN; \ - TRISBbits.TRISB4= OUTPUT_PIN; \ - TRISBbits.TRISB5= OUTPUT_PIN; \ - TRISBbits.TRISB9= OUTPUT_PIN; \ - TRISBbits.TRISB11= INPUT_PIN; \ - TRISBbits.TRISB12= INPUT_PIN; \ - TRISBbits.TRISB13= INPUT_PIN; \ - TRISCbits.TRISC1= OUTPUT_PIN; \ - TRISCbits.TRISC2= OUTPUT_PIN; \ - TRISCbits.TRISC3= OUTPUT_PIN; \ - TRISCbits.TRISC4= INPUT_PIN; \ - TRISDbits.TRISD0= INPUT_PIN; \ - TRISDbits.TRISD1= OUTPUT_PIN; \ - TRISDbits.TRISD2= OUTPUT_PIN; \ - TRISDbits.TRISD3= OUTPUT_PIN; \ - TRISDbits.TRISD4= OUTPUT_PIN; \ - TRISDbits.TRISD5= INPUT_PIN; \ - TRISDbits.TRISD6= INPUT_PIN; \ - TRISDbits.TRISD7= OUTPUT_PIN; \ - TRISDbits.TRISD8= INPUT_PIN; \ - TRISDbits.TRISD11= OUTPUT_PIN; \ - TRISDbits.TRISD12= INPUT_PIN; \ - TRISEbits.TRISE0= OUTPUT_PIN; \ - TRISEbits.TRISE1= OUTPUT_PIN; \ - TRISEbits.TRISE2= OUTPUT_PIN; \ - TRISEbits.TRISE3= OUTPUT_PIN; \ - TRISEbits.TRISE5= OUTPUT_PIN; \ - TRISEbits.TRISE6= INPUT_PIN; \ - TRISEbits.TRISE7= INPUT_PIN; \ - TRISEbits.TRISE8= OUTPUT_PIN; \ - TRISEbits.TRISE9= OUTPUT_PIN; \ - TRISFbits.TRISF0= INPUT_PIN; \ - TRISFbits.TRISF1= INPUT_PIN; \ - TRISFbits.TRISF2= INPUT_PIN; \ - TRISFbits.TRISF8= OUTPUT_PIN; \ - TRISGbits.TRISG6= OUTPUT_PIN; \ - TRISGbits.TRISG12= INPUT_PIN; \ - TRISGbits.TRISG13= INPUT_PIN; \ - TRISGbits.TRISG9= OUTPUT_PIN; \ - LATBbits.LATB9= LOW; \ - LATCbits.LATC1= LOW; \ - LATCbits.LATC2= LOW; \ - LATCbits.LATC3= LOW; \ - LATDbits.LATD2= WIEGAND_IN_1; \ - LATDbits.LATD3= WIEGAND_IN_0; \ - LATEbits.LATE5= LOW; \ - LATEbits.LATE9= HIGH; \ - } - -// uart3 (CLI/API) speed -#define BAUDRATE3 115200UL -#define BRG_DIV3 4 -#define BRGH3 1 - -// spi for potentiometer -#define SPI_POT SPI_CHANNEL4 -#define SPI_POT_BUFF SPI4BUF -#define SPI_POT_STAT SPI4STATbits - -// spi for sd card - defines required for Microchip SD-SPI libs -// define interface type -#define USE_SD_INTERFACE_WITH_SPI - -#define MDD_USE_SPI_1 -#define SPI_START_CFG_1 (PRI_PRESCAL_64_1 | SEC_PRESCAL_8_1 | MASTER_ENABLE_ON | SPI_CKE_ON | SPI_SMP_ON) -#define SPI_START_CFG_2 (SPI_ENABLE) -// Define the SPI frequency -#define SPI_FREQUENCY (20000000) -// Description: SD-SPI Card Detect Input bit -#define SD_CD PORTFbits.RF0 -// Description: SD-SPI Card Detect TRIS bit -#define SD_CD_TRIS TRISFbits.TRISF0 -// Description: SD-SPI Write Protect Check Input bit -#define SD_WE PORTFbits.RF1 -// Description: SD-SPI Write Protect Check TRIS bit -#define SD_WE_TRIS TRISFbits.TRISF1 -// Description: The main SPI control register -#define SPICON1 SPI1CON -// Description: The SPI status register -#define SPISTAT SPI1STAT -// Description: The SPI Buffer -#define SPIBUF SPI1BUF -// Description: The receive buffer full bit in the SPI status register -#define SPISTAT_RBF SPI1STATbits.SPIRBF -// Description: The bitwise define for the SPI control register (i.e. _____bits) -#define SPICON1bits SPI1CONbits -// Description: The bitwise define for the SPI status register (i.e. _____bits) -#define SPISTATbits SPI1STATbits -// Description: The enable bit for the SPI module -#define SPIENABLE SPICON1bits.ON -// Description: The definition for the SPI baud rate generator register (PIC32) -#define SPIBRG SPI1BRG -// Description: The TRIS bit for the SCK pin -#define SPICLOCK TRISDbits.TRISD10 -// Description: The TRIS bit for the SDI pin -#define SPIIN TRISCbits.TRISC4 -// Description: The TRIS bit for the SDO pin -#define SPIOUT TRISDbits.TRISD0 -#define SD_CS LATDbits.LATD9 -// Description: SD-SPI Chip Select TRIS bit -#define SD_CS_TRIS TRISDbits.TRISD9 -//SPI library functions -#define putcSPI putcSPI1 -#define getcSPI getcSPI1 -#define OpenSPI(config1, config2) OpenSPI1(config1, config2) - -// Define setup parameters for OpenADC10 function -// Turn module on | Ouput in integer format | Trigger mode auto | Enable autosample -#define ADC_CONFIG1 (ADC_FORMAT_INTG | ADC_CLK_AUTO | ADC_AUTO_SAMPLING_ON) -// ADC ref external | Disable offset test | Disable scan mode | Perform 2 samples | Use dual buffers | Use alternate mode -#define ADC_CONFIG2 (ADC_VREF_AVDD_AVSS | ADC_OFFSET_CAL_DISABLE | ADC_SCAN_OFF | ADC_SAMPLES_PER_INT_1 | ADC_ALT_BUF_ON | ADC_ALT_INPUT_ON) - -// Use ADC internal clock | Set sample time -#define ADC_CONFIG3 (ADC_CONV_CLK_INTERNAL_RC | ADC_SAMPLE_TIME_0) - -// slow sample rate for tuning coils -#define ADC_CONFIG2_SLOW (ADC_VREF_AVDD_AVSS | ADC_OFFSET_CAL_DISABLE | ADC_SCAN_OFF | ADC_SAMPLES_PER_INT_16 | ADC_ALT_BUF_ON | ADC_ALT_INPUT_ON) -#define ADC_CONFIG3_SLOW (ADC_CONV_CLK_INTERNAL_RC | ADC_SAMPLE_TIME_31) - -// use AN11 -#define ADC_CONFIGPORT ENABLE_AN11_ANA -// Do not assign channels to scan -#define ADC_CONFIGSCAN SKIP_SCAN_ALL - -#define ADC_TO_VOLTS 0.003208F - - -// flash memory - int myvar = *(int*)(myflashmemoryaddress); - -// memory is 0x9D005000 to 0x9D07FFFF - -#define NVM_MEMORY_END 0x9D07FFFF -#define NVM_PAGE_SIZE 4096 -#define NVM_PAGES 2 // config & VTAG -#define RFIDLER_NVM_ADDRESS (NVM_MEMORY_END - (NVM_PAGE_SIZE * NVM_PAGES)) - -// UART timeout in us -#define SERIAL_TIMEOUT 100 - -#endif diff --git a/tools/hitag2crack/crack5/Makefile b/tools/hitag2crack/crack5/Makefile index e38c821d1..1b40e2141 100644 --- a/tools/hitag2crack/crack5/Makefile +++ b/tools/hitag2crack/crack5/Makefile @@ -1,17 +1,19 @@ CFLAGS?=-Wall LIBS=-lpthread +VPATH=../common +INC=-I ../common -all: ht2crack5.c utilpart.o ht2crack2utils.o hitagcrypto.o - $(CC) $(CFLAGS) -O3 ht2crack5.c -o ht2crack5 utilpart.o ht2crack2utils.o hitagcrypto.o $(LIBS) +all: ht2crack5.c utilpart.o ht2crackutils.o hitagcrypto.o + $(CC) $(CFLAGS) $(INC) -O3 $< -o ht2crack5 utilpart.o ht2crackutils.o hitagcrypto.o $(LIBS) -utilpart.o: util.h utilpart.c - $(CC) $(CFLAGS) -c utilpart.c +utilpart.o: utilpart.c util.h + $(CC) $(CFLAGS) -c $< -hitagcrypto.o: hitagcrypto.h hitagcrypto.c - $(CC) $(CFLAGS) -c hitagcrypto.c +hitagcrypto.o: hitagcrypto.c hitagcrypto.h + $(CC) $(CFLAGS) -c $< -ht2crack2utils.o: ht2crack2utils.h ht2crack2utils.c - $(CC) $(CFLAGS) -c ht2crack2utils.c +ht2crackutils.o: ht2crackutils.c ht2crackutils.h + $(CC) $(CFLAGS) -c $< clean: rm -f *.o ht2crack5 diff --git a/tools/hitag2crack/crack5/hitagcrypto.c b/tools/hitag2crack/crack5/hitagcrypto.c deleted file mode 100644 index 47449c3e3..000000000 --- a/tools/hitag2crack/crack5/hitagcrypto.c +++ /dev/null @@ -1,373 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2015 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: unknown. -// Modifications for RFIDler: Tony Naggs , Adam Laurie - -// uncomment this to build file as a standalone crypto test program -// #define UNIT_TEST -// also uncomment to include verbose debug prints -// #define TEST_DEBUG - -//#include -#include "HardwareProfile.h" -#include "rfidler.h" -#include "hitagcrypto.h" -#include "util.h" - -#ifdef UNIT_TEST -#include -#endif - -#if defined(UNIT_TEST) && defined(TEST_DEBUG) -// Note that printf format %I64x prints 64 bit ints in MS Visual C/C++. -// This may need changing for other compilers/platforms. -#define DEBUG_PRINTF(...) printf(__VA_ARGS__) -#else -#define DEBUG_PRINTF(...) -#endif - - -/* Brief info about NXP Hitag 1, Hitag 2, Hitag S and Hitag u (mu) - - Hitag 125kHz RFID was created by a company called Mikron (Mikron Gesellschaft - fur Integrierte Mikroelektronik Mbh), of Austria, for micropayment applications. - At about the same time, late 1980s to early 1990s, Mikron developed the - similarly featured Mifare micropayment card for 13.56MHz RFID. - (Mikron's European Patent EP 0473569 A2 was filed 23 August 1991, with a - priority date of 23 Aug 1990.) - Mikron was subsequently acquired by Philips Semiconductors in 1995. - Philips Semiconductors divsion subsequently became NXP. - - + Modulation read/write device -> transponder: 100 % ASK and binary pulse - length coding - + Modulation transponder -> read/write device: Strong ASK modulation, - selectable Manchester or Biphase coding - + Hitag S, Hitag u; anti-collision procedure - + Fast anti-collision protocol - + Hitag u; optional Cyclic Redundancy Check (CRC) - + Reader Talks First mode - + Hitag 2 & later; Transponder Talks First (TTF) mode - + Temporary switch from Transponder Talks First into Reader Talks First - (RTF) Mode - + Data rate read/write device to transponder: 5.2 kbit/s - + Data rates transponder to read/write device: 2 kbit/s, 4 kbit/s, 8 kbit/s - + 32-bit password feature - + Hitag 2, S = 32-bit Unique Identifier - + Hitag u = 48-bit Unique Identifier - + Selectable password modes for reader / tag mutual authentication - (Hitag 1 has 2 pairs of keys, later versions have 1 pair) - + Hitag 2 & Hitag S; Selectable encrypted mode, 48 bit key - - Known tag types: - - HITAG 1 2048 bits total memory - - HITAG 2 256 Bit total memory Read/Write - 8 pages of 32 bits, inc UID (32), - secret key (64), password (24), config (8) - - HITAG S 32 32 bits Unique Identifier Read Only - HITAG S 256 256 bits total memory Read/Write - HITAG S 2048 2048 bits total memory Read/Write - - HITAG u RO64 64 bits total memory Read Only - HITAG u 128 bits total memory Read/Write - HITAG u Advanced 512 bits total memory Read/Write - HITAG u Advanced+ 1760 bits total memory Read/Write - - Default 48-bit key for Hitag 2, S encryption: - "MIKRON" = O N M I K R - Key = 4F 4E 4D 49 4B 52 - -*/ - - -// We want the crypto functions to be as fast as possible, so optimize! -// The best compiler optimization in Microchip's free XC32 edition is -O1 -#pragma GCC optimize("O1") - -// private, nonlinear function to generate 1 crypto bit -static uint32_t hitag2_crypt(uint64_t x); - - -// macros to pick out 4 bits in various patterns of 1s & 2s & make a new number -#define pickbits2_2(S, A, B) ( ((S >> A) & 3) | ((S >> (B - 2)) & 0xC) ) -#define pickbits1x4(S, A, B, C, D) ( ((S >> A) & 1) | ((S >> (B - 1)) & 2) | \ - ((S >> (C - 2)) & 4) | ((S >> (D - 3)) & 8) ) -#define pickbits1_1_2(S, A, B, C) ( ((S >> A) & 1) | ((S >> (B - 1)) & 2) | \ - ((S >> (C - 2)) & 0xC) ) -#define pickbits2_1_1(S, A, B, C) ( ((S >> A) & 3) | ((S >> (B - 2)) & 4) | \ - ((S >> (C - 3)) & 8) ) -#define pickbits1_2_1(S, A, B, C) ( ((S >> A) & 1) | ((S >> (B - 1)) & 6) | \ - ((S >> (C - 3)) & 8) ) - - -static uint32_t hitag2_crypt(uint64_t x) { - const uint32_t ht2_function4a = 0x2C79; // 0010 1100 0111 1001 - const uint32_t ht2_function4b = 0x6671; // 0110 0110 0111 0001 - const uint32_t ht2_function5c = 0x7907287B; // 0111 1001 0000 0111 0010 1000 0111 1011 - uint32_t bitindex; - - bitindex = (ht2_function4a >> pickbits2_2(x, 1, 4)) & 1; - bitindex |= ((ht2_function4b << 1) >> pickbits1_1_2(x, 7, 11, 13)) & 0x02; - bitindex |= ((ht2_function4b << 2) >> pickbits1x4(x, 16, 20, 22, 25)) & 0x04; - bitindex |= ((ht2_function4b << 3) >> pickbits2_1_1(x, 27, 30, 32)) & 0x08; - bitindex |= ((ht2_function4a << 4) >> pickbits1_2_1(x, 33, 42, 45)) & 0x10; - - DEBUG_PRINTF("hitag2_crypt bitindex = %02x\n", bitindex); - return (ht2_function5c >> bitindex) & 1; -} - -/* - * Parameters: - * Hitag_State* pstate - output, internal state after initialisation - * uint64_t sharedkey - 48 bit key shared between reader & tag - * uint32_t serialnum - 32 bit tag serial number - * uint32_t initvector - 32 bit random IV from reader, part of tag authentication - */ -void hitag2_init(Hitag_State *pstate, uint64_t sharedkey, uint32_t serialnum, uint32_t initvector) { - // init state, from serial number and lowest 16 bits of shared key - uint64_t state = ((sharedkey & 0xFFFF) << 32) | serialnum; - - // mix the initialisation vector and highest 32 bits of the shared key - initvector ^= (uint32_t)(sharedkey >> 16); - - // move 16 bits from (IV xor Shared Key) to top of uint64_t state - // these will be XORed in turn with output of the crypto function - state |= (uint64_t) initvector << 48; - initvector >>= 16; - - // unrolled loop is faster on PIC32 (MIPS), do 32 times - // shift register, then calc new bit - state >>= 1; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - - // highest 16 bits of IV XOR Shared Key - state |= (uint64_t) initvector << 47; - - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state ^= (uint64_t) hitag2_crypt(state) << 47; - - DEBUG_PRINTF("hitag2_init result = %012I64x\n", state); - pstate->shiftreg = state; - /* naive version for reference, LFSR has 16 taps - pstate->lfsr = state ^ (state >> 2) ^ (state >> 3) ^ (state >> 6) - ^ (state >> 7) ^ (state >> 8) ^ (state >> 16) ^ (state >> 22) - ^ (state >> 23) ^ (state >> 26) ^ (state >> 30) ^ (state >> 41) - ^ (state >> 42) ^ (state >> 43) ^ (state >> 46) ^ (state >> 47); - */ - { - // optimise with one 64-bit intermediate - uint64_t temp = state ^ (state >> 1); - pstate->lfsr = state ^ (state >> 6) ^ (state >> 16) - ^ (state >> 26) ^ (state >> 30) ^ (state >> 41) - ^ (temp >> 2) ^ (temp >> 7) ^ (temp >> 22) - ^ (temp >> 42) ^ (temp >> 46); - } -} - - -/* - * Return up to 32 crypto bits. - * Last bit is in least significant bit, earlier bits are shifted left. - * Note that the Hitag transmission protocol is least significant bit, - * so we may want to change this, or add a function, that returns the - * crypto output bits in the other order. - * - * Parameters: - * Hitag_State* pstate - in/out, internal cipher state after initialisation - * uint32_t steps - number of bits requested, (capped at 32) - */ -uint32_t hitag2_nstep(Hitag_State *pstate, uint32_t steps) { - uint64_t state = pstate->shiftreg; - uint32_t result = 0; - uint64_t lfsr = pstate->lfsr; - - if (steps == 0) - return 0; - -// if (steps > 32) -// steps = 32; - - do { - // update shift registers - if (lfsr & 1) { - state = (state >> 1) | 0x800000000000; - lfsr = (lfsr >> 1) ^ 0xB38083220073; - - // accumulate next bit of crypto - result = (result << 1) | hitag2_crypt(state); - } else { - state >>= 1; - lfsr >>= 1; - - result = (result << 1) | hitag2_crypt(state); - } - } while (--steps); - - DEBUG_PRINTF("hitag2_nstep state = %012I64x, result %02x\n", state, result); - pstate->shiftreg = state; - pstate->lfsr = lfsr; - return result; -} - -// end of crypto core, revert to default optimization level -#pragma GCC reset_options diff --git a/tools/hitag2crack/crack5/hitagcrypto.h b/tools/hitag2crack/crack5/hitagcrypto.h deleted file mode 100644 index 274d3d82c..000000000 --- a/tools/hitag2crack/crack5/hitagcrypto.h +++ /dev/null @@ -1,167 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2014 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: unknown. -// Modifications for RFIDler: Tony Naggs , Adam Laurie - - -#ifndef HITAGCRYPTO_H -#define HITAGCRYPTO_H - -#include - -/* - Our model of Hitag 2 crypto uses 2 parallel shift registers: - a. 48 bit Feedback Shift Register, required for inputs to the nonlinear function. - b. 48 bit Linear Feedback Shift Register (LFSR). - A transform of initial register (a) value, which is then run in parallel. - Enables much faster calculation of the feedback values. - - API: - void hitag2_init(Hitag_State* pstate, uint64_t sharedkey, uint32_t serialnum, - uint32_t initvector); - Initialise state from 48 bit shared (secret) reader/tag key, - 32 bit tag serial number and 32 bit initialisation vector from reader. - - uint32_t hitag2_nstep(Hitag_State* pstate, uint32_t steps); - update shift register state and generate N cipher bits (N should be <= 32) - */ - - -typedef struct { - uint64_t shiftreg; // naive shift register, required for nonlinear fn input - uint64_t lfsr; // fast lfsr, used to make software faster -} Hitag_State; - -void hitag2_init(Hitag_State *pstate, uint64_t sharedkey, uint32_t serialnum, uint32_t initvector); - -uint32_t hitag2_nstep(Hitag_State *pstate, uint32_t steps); - -#endif /* HITAGCRYPTO_H */ - diff --git a/tools/hitag2crack/crack5/ht2crack2utils.c b/tools/hitag2crack/crack5/ht2crack2utils.c deleted file mode 100644 index 75d4c27a9..000000000 --- a/tools/hitag2crack/crack5/ht2crack2utils.c +++ /dev/null @@ -1,172 +0,0 @@ -#include "ht2crack2utils.h" - -// writes a value into a buffer as a series of bytes -void writebuf(unsigned char *buf, uint64_t val, unsigned int len) { - int i; - char c; - - for (i = len - 1; i >= 0; i--) { - c = val & 0xff; - buf[i] = c; - val = val >> 8; - } - -} - - -/* simple hexdump for testing purposes */ -void shexdump(unsigned char *data, int data_len) { - int i; - - if (!data || (data_len <= 0)) { - printf("shexdump: invalid parameters\n"); - return; - } - - printf("Hexdump from %p:\n", data); - - for (i = 0; i < data_len; i++) { - if ((i % HEX_PER_ROW) == 0) { - printf("\n0x%04x: ", i); - } - printf("%02x ", data[i]); - } - printf("\n\n"); -} - - - -void printbin(unsigned char *c) { - int i, j; - unsigned char x; - - if (!c) { - printf("printbin: invalid params\n"); - return; - } - - for (i = 0; i < 6; i++) { - x = c[i]; - for (j = 0; j < 8; j++) { - printf("%d", (x & 0x80) >> 7); - x = x << 1; - } - } - printf("\n"); -} - - -void printbin2(uint64_t val, unsigned int size) { - int i; - uint64_t mask = 1; - - mask = mask << (size - 1); - - for (i = 0; i < size; i++) { - if (val & mask) { - printf("1"); - } else { - printf("0"); - } - val = val << 1; - } -} - - -void printstate(Hitag_State *hstate) { - printf("shiftreg =\t"); - printbin2(hstate->shiftreg, 48); - printf("\n"); -} - - - - -// convert hex char to binary -unsigned char hex2bin(unsigned char c) { - if ((c >= '0') && (c <= '9')) { - return (c - '0'); - } else if ((c >= 'a') && (c <= 'f')) { - return (c - 'a' + 10); - } else if ((c >= 'A') && (c <= 'F')) { - return (c - 'A' + 10); - } else { - return 0; - } -} - -// return a single bit from a value -int bitn(uint64_t x, int bit) { - uint64_t bitmask = 1; - - bitmask = bitmask << bit; - - if (x & bitmask) { - return 1; - } else { - return 0; - } -} - - -// the sub-function R that rollback depends upon -int fnR(uint64_t x) { - // renumbered bits because my state is 0-47, not 1-48 - return (bitn(x, 1) ^ bitn(x, 2) ^ bitn(x, 5) ^ bitn(x, 6) ^ bitn(x, 7) ^ - bitn(x, 15) ^ bitn(x, 21) ^ bitn(x, 22) ^ bitn(x, 25) ^ bitn(x, 29) ^ bitn(x, 40) ^ - bitn(x, 41) ^ bitn(x, 42) ^ bitn(x, 45) ^ bitn(x, 46) ^ bitn(x, 47)); -} - -// the rollback function that lets us go backwards in time -void rollback(Hitag_State *hstate, unsigned int steps) { - int i; - - for (i = 0; i < steps; i++) { - hstate->shiftreg = ((hstate->shiftreg << 1) & 0xffffffffffff) | fnR(hstate->shiftreg); - } - -} - - -// the three filter sub-functions that feed fnf -int fa(unsigned int i) { - return bitn(0x2C79, i); -} - -int fb(unsigned int i) { - return bitn(0x6671, i); -} - -int fc(unsigned int i) { - return bitn(0x7907287B, i); -} - -// the filter function that generates a bit of output from the prng state -int fnf(uint64_t s) { - unsigned int x1, x2, x3, x4, x5, x6; - - x1 = (bitn(s, 2) << 0) | (bitn(s, 3) << 1) | (bitn(s, 5) << 2) | (bitn(s, 6) << 3); - x2 = (bitn(s, 8) << 0) | (bitn(s, 12) << 1) | (bitn(s, 14) << 2) | (bitn(s, 15) << 3); - x3 = (bitn(s, 17) << 0) | (bitn(s, 21) << 1) | (bitn(s, 23) << 2) | (bitn(s, 26) << 3); - x4 = (bitn(s, 28) << 0) | (bitn(s, 29) << 1) | (bitn(s, 31) << 2) | (bitn(s, 33) << 3); - x5 = (bitn(s, 34) << 0) | (bitn(s, 43) << 1) | (bitn(s, 44) << 2) | (bitn(s, 46) << 3); - - x6 = (fa(x1) << 0) | (fb(x2) << 1) | (fb(x3) << 2) | (fb(x4) << 3) | (fa(x5) << 4); - - return fc(x6); -} - -// builds the lfsr for the prng (quick calcs for hitag2_nstep()) -void buildlfsr(Hitag_State *hstate) { - uint64_t state = hstate->shiftreg; - uint64_t temp; - - temp = state ^ (state >> 1); - hstate->lfsr = state ^ (state >> 6) ^ (state >> 16) - ^ (state >> 26) ^ (state >> 30) ^ (state >> 41) - ^ (temp >> 2) ^ (temp >> 7) ^ (temp >> 22) - ^ (temp >> 42) ^ (temp >> 46); -} - - - diff --git a/tools/hitag2crack/crack5/ht2crack2utils.h b/tools/hitag2crack/crack5/ht2crack2utils.h deleted file mode 100644 index 33e0e3036..000000000 --- a/tools/hitag2crack/crack5/ht2crack2utils.h +++ /dev/null @@ -1,35 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "HardwareProfile.h" -#include "rfidler.h" -#include "util.h" - -#include "hitagcrypto.h" - -#define HEX_PER_ROW 16 - - - -void writebuf(unsigned char *buf, uint64_t val, unsigned int len); -void shexdump(unsigned char *data, int data_len); -void printbin(unsigned char *c); -void printbin2(uint64_t val, unsigned int size); -void printstate(Hitag_State *hstate); -unsigned char hex2bin(unsigned char c); -int bitn(uint64_t x, int bit); -int fnR(uint64_t x); -void rollback(Hitag_State *hstate, unsigned int steps); -int fa(unsigned int i); -int fb(unsigned int i); -int fc(unsigned int i); -int fnf(uint64_t s); -void buildlfsr(Hitag_State *hstate); diff --git a/tools/hitag2crack/crack5/ht2crack5.c b/tools/hitag2crack/crack5/ht2crack5.c index 38e57ffa7..42afbde88 100644 --- a/tools/hitag2crack/crack5/ht2crack5.c +++ b/tools/hitag2crack/crack5/ht2crack5.c @@ -18,7 +18,7 @@ #include #include #include -#include "ht2crack2utils.h" +#include "ht2crackutils.h" const uint8_t bits[9] = {20, 14, 4, 3, 1, 1, 1, 1, 1}; #define lfsr_inv(state) (((state)<<1) | (__builtin_parityll((state) & ((0xce0044c101cd>>1)|(1ull<<(47)))))) diff --git a/tools/hitag2crack/crack5/rfidler.h b/tools/hitag2crack/crack5/rfidler.h deleted file mode 100644 index 933547e6b..000000000 --- a/tools/hitag2crack/crack5/rfidler.h +++ /dev/null @@ -1,412 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2015 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: Adam Laurie - -#include -#include - -// BCD hardware revision for usb descriptor (usb_descriptors.c) -#define RFIDLER_HW_VERSION 0x020 - -// max sizes in BITS -#define MAXBLOCKSIZE 512 -#define MAXTAGSIZE 4096 -#define MAXUID 512 - -#define TMP_LARGE_BUFF_LEN 2048 -#define TMP_SMALL_BUFF_LEN 256 -#define ANALOGUE_BUFF_LEN 8192 - -#define COMMS_BUFFER_SIZE 128 - -#define DETECT_BUFFER_SIZE 512 - -#define SAMPLEMASK ~(BIT_1 | BIT_0) // mask to remove two bottom bits from analogue sample - we will then use those for reader & bit period - -// globals - -extern BOOL WiegandOutput; // Output wiegand data whenenver UID is read -extern BYTE *EMU_Reset_Data; // Pointer to full array of bits as bytes, stored as 0x00/0x01, '*' terminated -extern BYTE *EMU_Data; // Pointer to current location in EMU_Reset_Data -extern BYTE EMU_ThisBit; // The next data bit to transmit -extern BYTE EMU_SubCarrier_T0; // Number of Frame Clocks for sub-carrier '0' -extern BYTE EMU_SubCarrier_T1; // Number of Frame Clocks for sub-carrier '1' -extern unsigned int EMU_Repeat; // Number of times to transmit full data set -extern BOOL EMU_Background; // Emulate in the background until told to stop -extern unsigned int EMU_DataBitRate; // Number of Frame Clocks per bit -extern BYTE TmpBits[TMP_LARGE_BUFF_LEN]; // Shared scratchpad -extern BYTE ReaderPeriod; // Flag for sample display -extern unsigned char Comms_In_Buffer[COMMS_BUFFER_SIZE]; // USB/Serial buffer -extern BYTE Interface; // user interface - CLI or API -extern BYTE CommsChannel; // user comms channel - USB or UART -extern BOOL FakeRead; // flag for analogue sampler to signal it wants access to buffers during read -extern BOOL PWD_Mode; // is this tag password protected? -extern BYTE Password[9]; // 32 bits as HEX string set with LOGIN -extern unsigned int Led_Count; // LED status counter, also used for entropy -extern unsigned long Reader_Bit_Count; // Reader ISR bit counter -extern char Previous; // Reader ISR previous bit type - -// RWD (read/write device) coil state -extern BYTE RWD_State; // current state of RWD coil -extern unsigned int RWD_Fc; // field clock in uS -extern unsigned int RWD_Gap_Period; // length of command gaps in OC5 ticks -extern unsigned int RWD_Zero_Period; // length of '0' in OC5 ticks -extern unsigned int RWD_One_Period; // length of '1' in OC5 ticks -extern unsigned int RWD_Sleep_Period; // length of initial sleep to reset tag in OC5 ticks -extern unsigned int RWD_Wake_Period; // length required for tag to restart in OC5 ticks -extern unsigned int RWD_Wait_Switch_TX_RX; // length to wait when switching from TX to RX in OC5 ticks -extern unsigned int RWD_Wait_Switch_RX_TX; // length to wait when switching from RX to TX in OC5 ticks -extern unsigned int RWD_Post_Wait; // low level ISR wait period in OC5 ticks -extern unsigned int RWD_OC5_config; // Output Compare Module settings -extern unsigned int RWD_OC5_r; // Output Compare Module primary compare value -extern unsigned int RWD_OC5_rs; // Output Compare Module secondary compare value -extern BYTE RWD_Command_Buff[TMP_SMALL_BUFF_LEN]; // Command buffer, array of bits as bytes, stored as 0x00/0x01, '*' terminated -extern BYTE *RWD_Command_ThisBit; // Current command bit -extern BOOL Reader_ISR_State; // current state of reader ISR - -// NVM variables -// timings etc. that want to survive a reboot should go here -typedef struct { - BYTE Name[7]; // will be set to "RFIDler" so we can test for new device - BYTE AutoRun[128]; // optional command to run at startup - unsigned char TagType; - unsigned int PSK_Quality; - unsigned int Timeout; - unsigned int Wiegand_Pulse; - unsigned int Wiegand_Gap; - BOOL Wiegand_IdleState; - unsigned int FrameClock; - unsigned char Modulation; - unsigned int DataRate; - unsigned int DataRateSub0; - unsigned int DataRateSub1; - unsigned int DataBits; - unsigned int DataBlocks; - unsigned int BlockSize; - unsigned char SyncBits; - BYTE Sync[4]; - BOOL BiPhase; - BOOL Invert; - BOOL Manchester; - BOOL HalfDuplex; - unsigned int Repeat; - unsigned int PotLow; - unsigned int PotHigh; - unsigned int RWD_Gap_Period; - unsigned int RWD_Zero_Period; - unsigned int RWD_One_Period; - unsigned int RWD_Sleep_Period; - unsigned int RWD_Wake_Period; - unsigned int RWD_Wait_Switch_TX_RX; - unsigned int RWD_Wait_Switch_RX_TX; -} StoredConfig; - -// somewhere to store TAG data. this will be interpreted according to the TAG -// type. -typedef struct { - BYTE TagType; // raw tag type - BYTE EmulatedTagType; // tag type this tag is configured to emulate - BYTE UID[MAXUID + 1]; // Null-terminated HEX string - BYTE Data[MAXTAGSIZE]; // raw data - unsigned char DataBlocks; // number of blocks in Data field - unsigned int BlockSize; // blocksize in bits -} VirtualTag; - -extern StoredConfig RFIDlerConfig; -extern VirtualTag RFIDlerVTag; -extern BYTE TmpBuff[NVM_PAGE_SIZE]; -extern BYTE DataBuff[ANALOGUE_BUFF_LEN]; -extern unsigned int DataBuffCount; -extern const BYTE *ModulationSchemes[]; -extern const BYTE *OnOff[]; -extern const BYTE *HighLow[]; -extern const BYTE *TagTypes[]; - -// globals for ISRs -extern BYTE EmulationMode; -extern unsigned long HW_Bits; -extern BYTE HW_Skip_Bits; -extern unsigned int PSK_Min_Pulse; -extern BOOL PSK_Read_Error; -extern BOOL Manchester_Error; -extern BOOL SnifferMode; -extern unsigned int Clock_Tick_Counter; -extern BOOL Clock_Tick_Counter_Reset; - -// smart card lib -#define MAX_ATR_LEN (BYTE)33 -extern BYTE scCardATR[MAX_ATR_LEN]; -extern BYTE scATRLength; - -// RTC -extern rtccTime RTC_time; // time structure -extern rtccDate RTC_date; // date structure - -// digital pots -#define POTLOW_DEFAULT 100 -#define POTHIGH_DEFAULT 150 -#define DC_OFFSET 60 // analogue circuit DC offset (as close as we can get without using 2 LSB) -#define VOLTS_TO_POT 0.019607843F - -// RWD/clock states -#define RWD_STATE_INACTIVE 0 // RWD not in use -#define RWD_STATE_GO_TO_SLEEP 1 // RWD coil shutdown request -#define RWD_STATE_SLEEPING 2 // RWD coil shutdown for sleep period -#define RWD_STATE_WAKING 3 // RWD active for pre-determined period after reset -#define RWD_STATE_START_SEND 4 // RWD starting send of data -#define RWD_STATE_SENDING_GAP 5 // RWD sending a gap -#define RWD_STATE_SENDING_BIT 6 // RWD sending a data bit -#define RWD_STATE_POST_WAIT 7 // RWD finished sending data, now in forced wait period -#define RWD_STATE_ACTIVE 8 // RWD finished, now just clocking a carrier - -// reader ISR states -#define READER_STOPPED 0 // reader not in use -#define READER_IDLING 1 // reader ISR running to preserve timing, but not reading -#define READER_RUNNING 2 // reader reading bits - - -// user interface types -#define INTERFACE_API 0 -#define INTERFACE_CLI 1 - -// comms channel -#define COMMS_NONE 0 -#define COMMS_USB 1 -#define COMMS_UART 2 - -#define MAX_HISTORY 2 // disable most of history for now - memory issue - -// tag write retries -#define TAG_WRITE_RETRY 5 - -// modulation modes - uppdate ModulationSchemes[] in tags.c if you change this -#define MOD_MODE_NONE 0 -#define MOD_MODE_ASK_OOK 1 -#define MOD_MODE_FSK1 2 -#define MOD_MODE_FSK2 3 -#define MOD_MODE_PSK1 4 -#define MOD_MODE_PSK2 5 -#define MOD_MODE_PSK3 6 - -// TAG types - update TagTypes[] in tags.c if you add to this list -#define TAG_TYPE_NONE 0 -#define TAG_TYPE_ASK_RAW 1 -#define TAG_TYPE_FSK1_RAW 2 -#define TAG_TYPE_FSK2_RAW 3 -#define TAG_TYPE_PSK1_RAW 4 -#define TAG_TYPE_PSK2_RAW 5 -#define TAG_TYPE_PSK3_RAW 6 -#define TAG_TYPE_HITAG1 7 -#define TAG_TYPE_HITAG2 8 -#define TAG_TYPE_EM4X02 9 -#define TAG_TYPE_Q5 10 -#define TAG_TYPE_HID_26 11 -#define TAG_TYPE_INDALA_64 12 -#define TAG_TYPE_INDALA_224 13 -#define TAG_TYPE_UNIQUE 14 -#define TAG_TYPE_FDXB 15 -#define TAG_TYPE_T55X7 16 // same as Q5 but different timings and no modulation-defeat -#define TAG_TYPE_AWID_26 17 -#define TAG_TYPE_EM4X05 18 -#define TAG_TYPE_TAMAGOTCHI 19 -#define TAG_TYPE_HDX 20 // same underlying data as FDX-B, but different modulation & telegram - -// various - -#define BINARY 0 -#define HEX 1 - -#define NO_ADDRESS -1 - -#define ACK TRUE -#define NO_ACK FALSE - -#define BLOCK TRUE -#define NO_BLOCK FALSE - -#define DATA TRUE -#define NO_DATA FALSE - -#define DEBUG_PIN_ON HIGH -#define DEBUG_PIN_OFF LOW - -#define FAST FALSE -#define SLOW TRUE - -#define NO_TRIGGER 0 - -#define LOCK TRUE -#define NO_LOCK FALSE - -#define NFC_MODE TRUE -#define NO_NFC_MODE FALSE - -#define ONESHOT_READ TRUE -#define NO_ONESHOT_READ FALSE - -#define RESET TRUE -#define NO_RESET FALSE - -#define SHUTDOWN_CLOCK TRUE -#define NO_SHUTDOWN_CLOCK FALSE - -#define SYNC TRUE -#define NO_SYNC FALSE - -#define VERIFY TRUE -#define NO_VERIFY FALSE - -#define VOLATILE FALSE -#define NON_VOLATILE TRUE - -#define NEWLINE TRUE -#define NO_NEWLINE FALSE - -#define WAIT TRUE -#define NO_WAIT FALSE - -#define WIPER_HIGH 0 -#define WIPER_LOW 1 - -// conversion for time to ticks -#define US_TO_TICKS 1000000L -#define US_OVER_10_TO_TICKS 10000000L -#define US_OVER_100_TO_TICKS 100000000L -// we can't get down to this level on pic, but we want to standardise on timings, so for now we fudge it -#define CONVERT_TO_TICKS(x) ((x / 10) * (GetSystemClock() / US_OVER_10_TO_TICKS)) -#define CONVERT_TICKS_TO_US(x) (x / (GetSystemClock() / US_TO_TICKS)) -#define TIMER5_PRESCALER 16 -#define MAX_TIMER5_TICKS (65535 * TIMER5_PRESCALER) - -// other conversions - -// bits to hex digits -#define HEXDIGITS(x) (x / 4) -#define HEXTOBITS(x) (x * 4) diff --git a/tools/hitag2crack/crack5/util.h b/tools/hitag2crack/crack5/util.h deleted file mode 100644 index c2399c37c..000000000 --- a/tools/hitag2crack/crack5/util.h +++ /dev/null @@ -1,147 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2015 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: Adam Laurie - -/* - * Hitag Crypto support macros - * These macros reverse the bit order in a byte, or *within* each byte of a - * 16 , 32 or 64 bit unsigned integer. (Not across the whole 16 etc bits.) - */ -#define rev8(X) ((((X) >> 7) &1) + (((X) >> 5) &2) + (((X) >> 3) &4) \ - + (((X) >> 1) &8) + (((X) << 1) &16) + (((X) << 3) &32) \ - + (((X) << 5) &64) + (((X) << 7) &128) ) -#define rev16(X) (rev8 (X) + (rev8 (X >> 8) << 8)) -#define rev32(X) (rev16(X) + (rev16(X >> 16) << 16)) -#define rev64(X) (rev32(X) + (rev32(X >> 32) << 32)) - - -unsigned long hexreversetoulong(BYTE *hex); -unsigned long long hexreversetoulonglong(BYTE *hex); - diff --git a/tools/hitag2crack/crack5/utilpart.c b/tools/hitag2crack/crack5/utilpart.c deleted file mode 100644 index c46148491..000000000 --- a/tools/hitag2crack/crack5/utilpart.c +++ /dev/null @@ -1,180 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2014 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: Adam Laurie - - -#include -#include -#include "HardwareProfile.h" -#include "util.h" -#include "rfidler.h" -//#include "comms.h" - -// rtc -rtccTime RTC_time; // time structure -rtccDate RTC_date; // date structure - -// convert byte-reversed 8 digit hex to unsigned long -unsigned long hexreversetoulong(BYTE *hex) { - unsigned long ret = 0L; - unsigned int x; - BYTE i; - - if (strlen(hex) != 8) - return 0L; - - for (i = 0 ; i < 4 ; ++i) { - if (sscanf(hex, "%2X", &x) != 1) - return 0L; - ret += ((unsigned long) x) << i * 8; - hex += 2; - } - return ret; -} - -// convert byte-reversed 12 digit hex to unsigned long -unsigned long long hexreversetoulonglong(BYTE *hex) { - unsigned long long ret = 0LL; - BYTE tmp[9]; - - // this may seem an odd way to do it, but weird compiler issues were - // breaking direct conversion! - - tmp[8] = '\0'; - memset(tmp + 4, '0', 4); - memcpy(tmp, hex + 8, 4); - ret = hexreversetoulong(tmp); - ret <<= 32; - memcpy(tmp, hex, 8); - ret += hexreversetoulong(tmp); - return ret; -} - - diff --git a/tools/hitag2crack/crack5gpu/.gitignore b/tools/hitag2crack/crack5gpu/.gitignore new file mode 100644 index 000000000..ffa667731 --- /dev/null +++ b/tools/hitag2crack/crack5gpu/.gitignore @@ -0,0 +1,3 @@ +ht2crack5gpu + +ht2crack5gpu.exe diff --git a/tools/hitag2crack/crack5gpu/HardwareProfile.h b/tools/hitag2crack/crack5gpu/HardwareProfile.h deleted file mode 100644 index bce139042..000000000 --- a/tools/hitag2crack/crack5gpu/HardwareProfile.h +++ /dev/null @@ -1,524 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2014 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: Adam Laurie - - - -#ifndef HARDWARE_PROFILE_UBW32_H -#define HARDWARE_PROFILE_UBW32_H - -//#include "plib.h" -typedef char BOOL; -typedef char BYTE; -typedef int rtccTime; -typedef int rtccDate; - - -#ifndef __PIC32MX__ -#define __PIC32MX__ -#endif - -#define GetSystemClock() (80000000ul) -#define GetPeripheralClock() (GetSystemClock()) -#define GetInstructionClock() (GetSystemClock()) - -//#define USE_SELF_POWER_SENSE_IO -#define tris_self_power TRISAbits.TRISA2 // Input -#define self_power 1 - -//#define USE_USB_BUS_SENSE_IO -#define tris_usb_bus_sense TRISBbits.TRISB5 // Input -#define USB_BUS_SENSE 1 - -// LEDs -#define mLED_1 LATEbits.LATE3 - -#define mLED_2 LATEbits.LATE2 -#define mLED_Comms mLED_2 - -#define mLED_3 LATEbits.LATE1 -#define mLED_Clock mLED_3 - -#define mLED_4 LATEbits.LATE0 -#define mLED_Emulate mLED_4 - -#define mLED_5 LATGbits.LATG6 -#define mLED_Read mLED_5 - -#define mLED_6 LATAbits.LATA15 -#define mLED_User mLED_6 - -#define mLED_7 LATDbits.LATD11 -#define mLED_Error mLED_7 - -// active low -#define mLED_ON 0 -#define mLED_OFF 1 - -#define mGetLED_1() mLED_1 -#define mGetLED_USB() mLED_1 -#define mGetLED_2() mLED_2 -#define mGetLED_Comms() mLED_2 -#define mGetLED_3() mLED_3 -#define mGetLED_Clock() mLED_3 -#define mGetLED_4() mLED_4 -#define mGetLED_Emulate() mLED_4 -#define mGetLED_5() mLED_5 -#define mGetLED_Read() mLED_5 -#define mGetLED_6() mLED_6 -#define mGetLED_User() mLED_6 -#define mGetLED_7() mLED_7 -#define mGetLED_Error() mLED_7 - -#define mLED_1_On() mLED_1 = mLED_ON -#define mLED_USB_On() mLED_1_On() -#define mLED_2_On() mLED_2 = mLED_ON -#define mLED_Comms_On() mLED_2_On() -#define mLED_3_On() mLED_3 = mLED_ON -#define mLED_Clock_On() mLED_3_On() -#define mLED_4_On() mLED_4 = mLED_ON -#define mLED_Emulate_On() mLED_4_On() -#define mLED_5_On() mLED_5 = mLED_ON -#define mLED_Read_On() mLED_5_On() -#define mLED_6_On() mLED_6 = mLED_ON -#define mLED_User_On() mLED_6_On() -#define mLED_7_On() mLED_7 = mLED_ON -#define mLED_Error_On() mLED_7_On() - -#define mLED_1_Off() mLED_1 = mLED_OFF -#define mLED_USB_Off() mLED_1_Off() -#define mLED_2_Off() mLED_2 = mLED_OFF -#define mLED_Comms_Off() mLED_2_Off() -#define mLED_3_Off() mLED_3 = mLED_OFF -#define mLED_Clock_Off() mLED_3_Off() -#define mLED_4_Off() mLED_4 = mLED_OFF -#define mLED_Emulate_Off() mLED_4_Off() -#define mLED_5_Off() mLED_5 = mLED_OFF -#define mLED_Read_Off() mLED_5_Off() -#define mLED_6_Off() mLED_6 = mLED_OFF -#define mLED_User_Off() mLED_6_Off() -#define mLED_7_Off() mLED_7 = mLED_OFF -#define mLED_Error_Off() mLED_7_Off() - -#define mLED_1_Toggle() mLED_1 = !mLED_1 -#define mLED_USB_Toggle() mLED_1_Toggle() -#define mLED_2_Toggle() mLED_2 = !mLED_2 -#define mLED_Comms_Toggle() mLED_2_Toggle() -#define mLED_3_Toggle() mLED_3 = !mLED_3 -#define mLED_Clock_Toggle() mLED_3_Toggle() -#define mLED_4_Toggle() mLED_4 = !mLED_4 -#define mLED_Emulate_Toggle() mLED_4_Toggle() -#define mLED_5_Toggle() mLED_5 = !mLED_5 -#define mLED_Read_Toggle( ) mLED_5_Toggle() -#define mLED_6_Toggle() mLED_6 = !mLED_6 -#define mLED_User_Toggle() mLED_6_Toggle() -#define mLED_7_Toggle() mLED_7 = !mLED_7 -#define mLED_Error_Toggle() mLED_7_Toggle() - -#define mLED_All_On() { mLED_1_On(); mLED_2_On(); mLED_3_On(); mLED_4_On(); mLED_5_On(); mLED_6_On(); mLED_7_On(); } -#define mLED_All_Off() { mLED_1_Off(); mLED_2_Off(); mLED_3_Off(); mLED_4_Off(); mLED_5_Off(); mLED_6_Off(); mLED_7_Off(); } - -// usb status lights -#define mLED_Both_Off() {mLED_USB_Off();mLED_Comms_Off();} -#define mLED_Both_On() {mLED_USB_On();mLED_Comms_On();} -#define mLED_Only_USB_On() {mLED_USB_On();mLED_Comms_Off();} -#define mLED_Only_Comms_On() {mLED_USB_Off();mLED_Comms_On();} - -/** SWITCH *********************************************************/ -#define swBootloader PORTEbits.RE7 -#define swUser PORTEbits.RE6 - -/** I/O pin definitions ********************************************/ -#define INPUT_PIN 1 -#define OUTPUT_PIN 0 - -#define TRUE 1 -#define FALSE 0 - -#define ENABLE 1 -#define DISABE 0 - -#define EVEN 0 -#define ODD 1 - -#define LOW FALSE -#define HIGH TRUE - -#define CLOCK_ON LOW -#define CLOCK_OFF HIGH - -// output coil control - select between reader/emulator circuits -#define COIL_MODE LATBbits.LATB4 -#define COIL_MODE_READER() COIL_MODE= LOW -#define COIL_MODE_EMULATOR() COIL_MODE= HIGH - -// coil for emulation -#define COIL_OUT LATGbits.LATG9 -#define COIL_OUT_HIGH() COIL_OUT=HIGH -#define COIL_OUT_LOW() COIL_OUT=LOW - -// door relay (active low) -#define DOOR_RELAY LATAbits.LATA14 -#define DOOR_RELAY_OPEN() DOOR_RELAY= HIGH -#define DOOR_RELAY_CLOSE() DOOR_RELAY= LOW - -// inductance/capacitance freq -#define IC_FREQUENCY PORTAbits.RA2 - -#define SNIFFER_COIL PORTDbits.RD12 // external reader clock detect -#define READER_ANALOGUE PORTBbits.RB11 // reader coil analogue -#define DIV_LOW_ANALOGUE PORTBbits.RB12 // voltage divider LOW analogue -#define DIV_HIGH_ANALOGUE PORTBbits.RB13 // voltage divider HIGH analogue - -// clock coil (normally controlled by OC Module, but defined here so we can force it high or low) -#define CLOCK_COIL PORTDbits.RD4 -#define CLOCK_COIL_MOVED PORTDbits.RD0 // temporary for greenwire - -// digital output after analogue reader circuit -#define READER_DATA PORTDbits.RD8 - -// trace / debug -#define DEBUG_PIN_1 LATCbits.LATC1 -#define DEBUG_PIN_1_TOGGLE() DEBUG_PIN_1= !DEBUG_PIN_1 -#define DEBUG_PIN_2 LATCbits.LATC2 -#define DEBUG_PIN_2_TOGGLE() DEBUG_PIN_2= !DEBUG_PIN_2 -#define DEBUG_PIN_3 LATCbits.LATC3 -#define DEBUG_PIN_3_TOGGLE() DEBUG_PIN_3= !DEBUG_PIN_3 -#define DEBUG_PIN_4 LATEbits.LATE5 -#define DEBUG_PIN_4_TOGGLE() DEBUG_PIN_4= !DEBUG_PIN_4 - -// spi (sdi1) for sd card (not directly referenced) -//#define SD_CARD_RX LATCbits.LATC4 -//#define SD_CARD_TX LATDbits.LATD0 -//#define SD_CARD_CLK LATDbits.LATD10 -//#define SD_CARD_SS LATDbits.LATD9 -// spi for SD card -#define SD_CARD_DET LATFbits.LATF0 -#define SD_CARD_WE LATFbits.LATF1 // write enable - unused for microsd but allocated anyway as library checks it -// (held LOW by default - cut solder bridge to GND to free pin if required) -#define SPI_SD SPI_CHANNEL1 -#define SPI_SD_BUFF SPI1BUF -#define SPI_SD_STAT SPI1STATbits -// see section below for more defines! - -// iso 7816 smartcard -// microchip SC module defines pins so we don't need to, but -// they are listed here to help avoid conflicts -#define ISO_7816_RX LATBbits.LATF2 // RX -#define ISO_7816_TX LATBbits.LATF8 // TX -#define ISO_7816_VCC LATBbits.LATB9 // Power -#define ISO_7816_CLK LATCbits.LATD1 // Clock -#define ISO_7816_RST LATEbits.LATE8 // Reset - -// user LED -#define USER_LED LATDbits.LATD7 -#define USER_LED_ON() LATDbits.LATD7=1 -#define USER_LED_OFF() LATDbits.LATD7=0 - -// LCR -#define LCR_CALIBRATE LATBbits.LATB5 - -// wiegand / clock & data -#define WIEGAND_IN_0 PORTDbits.RD5 -#define WIEGAND_IN_0_PULLUP CNPUEbits.CNPUE14 -#define WIEGAND_IN_0_PULLDOWN CNPDbits.CNPD14 -#define WIEGAND_IN_1 PORTDbits.RD6 -#define WIEGAND_IN_1_PULLUP CNPUEbits.CNPUE15 -#define WIEGAND_IN_1_PULLDOWN CNPDbits.CNPD15 -#define CAND_IN_DATA WIEGAND_IN_0 -#define CAND_IN_CLOCK WIEGAND_IN_1 - -#define WIEGAND_OUT_0 LATDbits.LATD3 -#define WIEGAND_OUT_1 LATDbits.LATD2 -#define WIEGAND_OUT_0_TRIS TRISDbits.TRISD3 -#define WIEGAND_OUT_1_TRIS TRISDbits.TRISD2 -#define CAND_OUT_DATA WIEGAND_OUT_0 -#define CAND_OUT_CLOCK WIEGAND_OUT_1 - -// connect/disconnect reader clock from coil - used to send RWD signals by creating gaps in carrier -#define READER_CLOCK_ENABLE LATEbits.LATE9 -#define READER_CLOCK_ENABLE_ON() READER_CLOCK_ENABLE=CLOCK_ON -#define READER_CLOCK_ENABLE_OFF(x) {READER_CLOCK_ENABLE=CLOCK_OFF; COIL_OUT=x;} - -// these input pins must NEVER bet set to output or they will cause short circuits! -// they can be used to see data from reader before it goes into or gate -#define OR_IN_A PORTAbits.RA4 -#define OR_IN_B PORTAbits.RA5 - - -// CNCON and CNEN are set to allow wiegand input pin weak pullups to be switched on -#define Init_GPIO() { \ - CNCONbits.ON= TRUE; \ - CNENbits.CNEN14= TRUE; \ - CNENbits.CNEN15= TRUE; \ - TRISAbits.TRISA2= INPUT_PIN; \ - TRISAbits.TRISA4= INPUT_PIN; \ - TRISAbits.TRISA5= INPUT_PIN; \ - TRISAbits.TRISA14= OUTPUT_PIN; \ - TRISAbits.TRISA15= OUTPUT_PIN; \ - TRISBbits.TRISB4= OUTPUT_PIN; \ - TRISBbits.TRISB5= OUTPUT_PIN; \ - TRISBbits.TRISB9= OUTPUT_PIN; \ - TRISBbits.TRISB11= INPUT_PIN; \ - TRISBbits.TRISB12= INPUT_PIN; \ - TRISBbits.TRISB13= INPUT_PIN; \ - TRISCbits.TRISC1= OUTPUT_PIN; \ - TRISCbits.TRISC2= OUTPUT_PIN; \ - TRISCbits.TRISC3= OUTPUT_PIN; \ - TRISCbits.TRISC4= INPUT_PIN; \ - TRISDbits.TRISD0= INPUT_PIN; \ - TRISDbits.TRISD1= OUTPUT_PIN; \ - TRISDbits.TRISD2= OUTPUT_PIN; \ - TRISDbits.TRISD3= OUTPUT_PIN; \ - TRISDbits.TRISD4= OUTPUT_PIN; \ - TRISDbits.TRISD5= INPUT_PIN; \ - TRISDbits.TRISD6= INPUT_PIN; \ - TRISDbits.TRISD7= OUTPUT_PIN; \ - TRISDbits.TRISD8= INPUT_PIN; \ - TRISDbits.TRISD11= OUTPUT_PIN; \ - TRISDbits.TRISD12= INPUT_PIN; \ - TRISEbits.TRISE0= OUTPUT_PIN; \ - TRISEbits.TRISE1= OUTPUT_PIN; \ - TRISEbits.TRISE2= OUTPUT_PIN; \ - TRISEbits.TRISE3= OUTPUT_PIN; \ - TRISEbits.TRISE5= OUTPUT_PIN; \ - TRISEbits.TRISE6= INPUT_PIN; \ - TRISEbits.TRISE7= INPUT_PIN; \ - TRISEbits.TRISE8= OUTPUT_PIN; \ - TRISEbits.TRISE9= OUTPUT_PIN; \ - TRISFbits.TRISF0= INPUT_PIN; \ - TRISFbits.TRISF1= INPUT_PIN; \ - TRISFbits.TRISF2= INPUT_PIN; \ - TRISFbits.TRISF8= OUTPUT_PIN; \ - TRISGbits.TRISG6= OUTPUT_PIN; \ - TRISGbits.TRISG12= INPUT_PIN; \ - TRISGbits.TRISG13= INPUT_PIN; \ - TRISGbits.TRISG9= OUTPUT_PIN; \ - LATBbits.LATB9= LOW; \ - LATCbits.LATC1= LOW; \ - LATCbits.LATC2= LOW; \ - LATCbits.LATC3= LOW; \ - LATDbits.LATD2= WIEGAND_IN_1; \ - LATDbits.LATD3= WIEGAND_IN_0; \ - LATEbits.LATE5= LOW; \ - LATEbits.LATE9= HIGH; \ - } - -// uart3 (CLI/API) speed -#define BAUDRATE3 115200UL -#define BRG_DIV3 4 -#define BRGH3 1 - -// spi for potentiometer -#define SPI_POT SPI_CHANNEL4 -#define SPI_POT_BUFF SPI4BUF -#define SPI_POT_STAT SPI4STATbits - -// spi for sd card - defines required for Microchip SD-SPI libs -// define interface type -#define USE_SD_INTERFACE_WITH_SPI - -#define MDD_USE_SPI_1 -#define SPI_START_CFG_1 (PRI_PRESCAL_64_1 | SEC_PRESCAL_8_1 | MASTER_ENABLE_ON | SPI_CKE_ON | SPI_SMP_ON) -#define SPI_START_CFG_2 (SPI_ENABLE) -// Define the SPI frequency -#define SPI_FREQUENCY (20000000) -// Description: SD-SPI Card Detect Input bit -#define SD_CD PORTFbits.RF0 -// Description: SD-SPI Card Detect TRIS bit -#define SD_CD_TRIS TRISFbits.TRISF0 -// Description: SD-SPI Write Protect Check Input bit -#define SD_WE PORTFbits.RF1 -// Description: SD-SPI Write Protect Check TRIS bit -#define SD_WE_TRIS TRISFbits.TRISF1 -// Description: The main SPI control register -#define SPICON1 SPI1CON -// Description: The SPI status register -#define SPISTAT SPI1STAT -// Description: The SPI Buffer -#define SPIBUF SPI1BUF -// Description: The receive buffer full bit in the SPI status register -#define SPISTAT_RBF SPI1STATbits.SPIRBF -// Description: The bitwise define for the SPI control register (i.e. _____bits) -#define SPICON1bits SPI1CONbits -// Description: The bitwise define for the SPI status register (i.e. _____bits) -#define SPISTATbits SPI1STATbits -// Description: The enable bit for the SPI module -#define SPIENABLE SPICON1bits.ON -// Description: The definition for the SPI baud rate generator register (PIC32) -#define SPIBRG SPI1BRG -// Description: The TRIS bit for the SCK pin -#define SPICLOCK TRISDbits.TRISD10 -// Description: The TRIS bit for the SDI pin -#define SPIIN TRISCbits.TRISC4 -// Description: The TRIS bit for the SDO pin -#define SPIOUT TRISDbits.TRISD0 -#define SD_CS LATDbits.LATD9 -// Description: SD-SPI Chip Select TRIS bit -#define SD_CS_TRIS TRISDbits.TRISD9 -//SPI library functions -#define putcSPI putcSPI1 -#define getcSPI getcSPI1 -#define OpenSPI(config1, config2) OpenSPI1(config1, config2) - -// Define setup parameters for OpenADC10 function -// Turn module on | Ouput in integer format | Trigger mode auto | Enable autosample -#define ADC_CONFIG1 (ADC_FORMAT_INTG | ADC_CLK_AUTO | ADC_AUTO_SAMPLING_ON) -// ADC ref external | Disable offset test | Disable scan mode | Perform 2 samples | Use dual buffers | Use alternate mode -#define ADC_CONFIG2 (ADC_VREF_AVDD_AVSS | ADC_OFFSET_CAL_DISABLE | ADC_SCAN_OFF | ADC_SAMPLES_PER_INT_1 | ADC_ALT_BUF_ON | ADC_ALT_INPUT_ON) - -// Use ADC internal clock | Set sample time -#define ADC_CONFIG3 (ADC_CONV_CLK_INTERNAL_RC | ADC_SAMPLE_TIME_0) - -// slow sample rate for tuning coils -#define ADC_CONFIG2_SLOW (ADC_VREF_AVDD_AVSS | ADC_OFFSET_CAL_DISABLE | ADC_SCAN_OFF | ADC_SAMPLES_PER_INT_16 | ADC_ALT_BUF_ON | ADC_ALT_INPUT_ON) -#define ADC_CONFIG3_SLOW (ADC_CONV_CLK_INTERNAL_RC | ADC_SAMPLE_TIME_31) - -// use AN11 -#define ADC_CONFIGPORT ENABLE_AN11_ANA -// Do not assign channels to scan -#define ADC_CONFIGSCAN SKIP_SCAN_ALL - -#define ADC_TO_VOLTS 0.003208F - - -// flash memory - int myvar = *(int*)(myflashmemoryaddress); - -// memory is 0x9D005000 to 0x9D07FFFF - -#define NVM_MEMORY_END 0x9D07FFFF -#define NVM_PAGE_SIZE 4096 -#define NVM_PAGES 2 // config & VTAG -#define RFIDLER_NVM_ADDRESS (NVM_MEMORY_END - (NVM_PAGE_SIZE * NVM_PAGES)) - -// UART timeout in us -#define SERIAL_TIMEOUT 100 - -#endif diff --git a/tools/hitag2crack/crack5gpu/Makefile b/tools/hitag2crack/crack5gpu/Makefile index adcf61113..cda40abee 100644 --- a/tools/hitag2crack/crack5gpu/Makefile +++ b/tools/hitag2crack/crack5gpu/Makefile @@ -6,18 +6,20 @@ INCLUDE=-I/opt/nvidia/cuda/include LIBS=-L/opt/nvidia/cuda/lib64 -lOpenCL #Mac #LIBS=-framework OpenCL +VPATH=../common +INC=-I ../common -all: ht2crack5.c utilpart.o ht2crack2utils.o hitagcrypto.o - $(CC) $(CFLAGS) ht2crack5.c -o ht2crack5gpu utilpart.o ht2crack2utils.o hitagcrypto.o $(LIBS) -lpthread +all: ht2crack5.c utilpart.o ht2crackutils.o hitagcrypto.o + $(CC) $(CFLAGS) $(INC) -o ht2crack5gpu $< utilpart.o ht2crackutils.o hitagcrypto.o $(LIBS) -lpthread -utilpart.o: util.h utilpart.c - $(CC) $(CFLAGS) $(INCLUDE) -c utilpart.c +utilpart.o: utilpart.c util.h + $(CC) $(CFLAGS) $(INCLUDE) -c $< -hitagcrypto.o: hitagcrypto.h hitagcrypto.c - $(CC) $(CFLAGS) $(INCLUDE) -c hitagcrypto.c +hitagcrypto.o: hitagcrypto.c hitagcrypto.h + $(CC) $(CFLAGS) $(INCLUDE) -c $< -ht2crack2utils.o: ht2crack2utils.h ht2crack2utils.c - $(CC) $(CFLAGS) $(INCLUDE) -c ht2crack2utils.c +ht2crackutils.o: ht2crackutils.c ht2crackutils.h + $(CC) $(CFLAGS) $(INCLUDE) -c $< clean: rm -f *.o ht2crack5gpu diff --git a/tools/hitag2crack/crack5gpu/hitagcrypto.c b/tools/hitag2crack/crack5gpu/hitagcrypto.c deleted file mode 100644 index 47449c3e3..000000000 --- a/tools/hitag2crack/crack5gpu/hitagcrypto.c +++ /dev/null @@ -1,373 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2015 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: unknown. -// Modifications for RFIDler: Tony Naggs , Adam Laurie - -// uncomment this to build file as a standalone crypto test program -// #define UNIT_TEST -// also uncomment to include verbose debug prints -// #define TEST_DEBUG - -//#include -#include "HardwareProfile.h" -#include "rfidler.h" -#include "hitagcrypto.h" -#include "util.h" - -#ifdef UNIT_TEST -#include -#endif - -#if defined(UNIT_TEST) && defined(TEST_DEBUG) -// Note that printf format %I64x prints 64 bit ints in MS Visual C/C++. -// This may need changing for other compilers/platforms. -#define DEBUG_PRINTF(...) printf(__VA_ARGS__) -#else -#define DEBUG_PRINTF(...) -#endif - - -/* Brief info about NXP Hitag 1, Hitag 2, Hitag S and Hitag u (mu) - - Hitag 125kHz RFID was created by a company called Mikron (Mikron Gesellschaft - fur Integrierte Mikroelektronik Mbh), of Austria, for micropayment applications. - At about the same time, late 1980s to early 1990s, Mikron developed the - similarly featured Mifare micropayment card for 13.56MHz RFID. - (Mikron's European Patent EP 0473569 A2 was filed 23 August 1991, with a - priority date of 23 Aug 1990.) - Mikron was subsequently acquired by Philips Semiconductors in 1995. - Philips Semiconductors divsion subsequently became NXP. - - + Modulation read/write device -> transponder: 100 % ASK and binary pulse - length coding - + Modulation transponder -> read/write device: Strong ASK modulation, - selectable Manchester or Biphase coding - + Hitag S, Hitag u; anti-collision procedure - + Fast anti-collision protocol - + Hitag u; optional Cyclic Redundancy Check (CRC) - + Reader Talks First mode - + Hitag 2 & later; Transponder Talks First (TTF) mode - + Temporary switch from Transponder Talks First into Reader Talks First - (RTF) Mode - + Data rate read/write device to transponder: 5.2 kbit/s - + Data rates transponder to read/write device: 2 kbit/s, 4 kbit/s, 8 kbit/s - + 32-bit password feature - + Hitag 2, S = 32-bit Unique Identifier - + Hitag u = 48-bit Unique Identifier - + Selectable password modes for reader / tag mutual authentication - (Hitag 1 has 2 pairs of keys, later versions have 1 pair) - + Hitag 2 & Hitag S; Selectable encrypted mode, 48 bit key - - Known tag types: - - HITAG 1 2048 bits total memory - - HITAG 2 256 Bit total memory Read/Write - 8 pages of 32 bits, inc UID (32), - secret key (64), password (24), config (8) - - HITAG S 32 32 bits Unique Identifier Read Only - HITAG S 256 256 bits total memory Read/Write - HITAG S 2048 2048 bits total memory Read/Write - - HITAG u RO64 64 bits total memory Read Only - HITAG u 128 bits total memory Read/Write - HITAG u Advanced 512 bits total memory Read/Write - HITAG u Advanced+ 1760 bits total memory Read/Write - - Default 48-bit key for Hitag 2, S encryption: - "MIKRON" = O N M I K R - Key = 4F 4E 4D 49 4B 52 - -*/ - - -// We want the crypto functions to be as fast as possible, so optimize! -// The best compiler optimization in Microchip's free XC32 edition is -O1 -#pragma GCC optimize("O1") - -// private, nonlinear function to generate 1 crypto bit -static uint32_t hitag2_crypt(uint64_t x); - - -// macros to pick out 4 bits in various patterns of 1s & 2s & make a new number -#define pickbits2_2(S, A, B) ( ((S >> A) & 3) | ((S >> (B - 2)) & 0xC) ) -#define pickbits1x4(S, A, B, C, D) ( ((S >> A) & 1) | ((S >> (B - 1)) & 2) | \ - ((S >> (C - 2)) & 4) | ((S >> (D - 3)) & 8) ) -#define pickbits1_1_2(S, A, B, C) ( ((S >> A) & 1) | ((S >> (B - 1)) & 2) | \ - ((S >> (C - 2)) & 0xC) ) -#define pickbits2_1_1(S, A, B, C) ( ((S >> A) & 3) | ((S >> (B - 2)) & 4) | \ - ((S >> (C - 3)) & 8) ) -#define pickbits1_2_1(S, A, B, C) ( ((S >> A) & 1) | ((S >> (B - 1)) & 6) | \ - ((S >> (C - 3)) & 8) ) - - -static uint32_t hitag2_crypt(uint64_t x) { - const uint32_t ht2_function4a = 0x2C79; // 0010 1100 0111 1001 - const uint32_t ht2_function4b = 0x6671; // 0110 0110 0111 0001 - const uint32_t ht2_function5c = 0x7907287B; // 0111 1001 0000 0111 0010 1000 0111 1011 - uint32_t bitindex; - - bitindex = (ht2_function4a >> pickbits2_2(x, 1, 4)) & 1; - bitindex |= ((ht2_function4b << 1) >> pickbits1_1_2(x, 7, 11, 13)) & 0x02; - bitindex |= ((ht2_function4b << 2) >> pickbits1x4(x, 16, 20, 22, 25)) & 0x04; - bitindex |= ((ht2_function4b << 3) >> pickbits2_1_1(x, 27, 30, 32)) & 0x08; - bitindex |= ((ht2_function4a << 4) >> pickbits1_2_1(x, 33, 42, 45)) & 0x10; - - DEBUG_PRINTF("hitag2_crypt bitindex = %02x\n", bitindex); - return (ht2_function5c >> bitindex) & 1; -} - -/* - * Parameters: - * Hitag_State* pstate - output, internal state after initialisation - * uint64_t sharedkey - 48 bit key shared between reader & tag - * uint32_t serialnum - 32 bit tag serial number - * uint32_t initvector - 32 bit random IV from reader, part of tag authentication - */ -void hitag2_init(Hitag_State *pstate, uint64_t sharedkey, uint32_t serialnum, uint32_t initvector) { - // init state, from serial number and lowest 16 bits of shared key - uint64_t state = ((sharedkey & 0xFFFF) << 32) | serialnum; - - // mix the initialisation vector and highest 32 bits of the shared key - initvector ^= (uint32_t)(sharedkey >> 16); - - // move 16 bits from (IV xor Shared Key) to top of uint64_t state - // these will be XORed in turn with output of the crypto function - state |= (uint64_t) initvector << 48; - initvector >>= 16; - - // unrolled loop is faster on PIC32 (MIPS), do 32 times - // shift register, then calc new bit - state >>= 1; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - - // highest 16 bits of IV XOR Shared Key - state |= (uint64_t) initvector << 47; - - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state = (state >> 1) ^ (uint64_t) hitag2_crypt(state) << 46; - state ^= (uint64_t) hitag2_crypt(state) << 47; - - DEBUG_PRINTF("hitag2_init result = %012I64x\n", state); - pstate->shiftreg = state; - /* naive version for reference, LFSR has 16 taps - pstate->lfsr = state ^ (state >> 2) ^ (state >> 3) ^ (state >> 6) - ^ (state >> 7) ^ (state >> 8) ^ (state >> 16) ^ (state >> 22) - ^ (state >> 23) ^ (state >> 26) ^ (state >> 30) ^ (state >> 41) - ^ (state >> 42) ^ (state >> 43) ^ (state >> 46) ^ (state >> 47); - */ - { - // optimise with one 64-bit intermediate - uint64_t temp = state ^ (state >> 1); - pstate->lfsr = state ^ (state >> 6) ^ (state >> 16) - ^ (state >> 26) ^ (state >> 30) ^ (state >> 41) - ^ (temp >> 2) ^ (temp >> 7) ^ (temp >> 22) - ^ (temp >> 42) ^ (temp >> 46); - } -} - - -/* - * Return up to 32 crypto bits. - * Last bit is in least significant bit, earlier bits are shifted left. - * Note that the Hitag transmission protocol is least significant bit, - * so we may want to change this, or add a function, that returns the - * crypto output bits in the other order. - * - * Parameters: - * Hitag_State* pstate - in/out, internal cipher state after initialisation - * uint32_t steps - number of bits requested, (capped at 32) - */ -uint32_t hitag2_nstep(Hitag_State *pstate, uint32_t steps) { - uint64_t state = pstate->shiftreg; - uint32_t result = 0; - uint64_t lfsr = pstate->lfsr; - - if (steps == 0) - return 0; - -// if (steps > 32) -// steps = 32; - - do { - // update shift registers - if (lfsr & 1) { - state = (state >> 1) | 0x800000000000; - lfsr = (lfsr >> 1) ^ 0xB38083220073; - - // accumulate next bit of crypto - result = (result << 1) | hitag2_crypt(state); - } else { - state >>= 1; - lfsr >>= 1; - - result = (result << 1) | hitag2_crypt(state); - } - } while (--steps); - - DEBUG_PRINTF("hitag2_nstep state = %012I64x, result %02x\n", state, result); - pstate->shiftreg = state; - pstate->lfsr = lfsr; - return result; -} - -// end of crypto core, revert to default optimization level -#pragma GCC reset_options diff --git a/tools/hitag2crack/crack5gpu/hitagcrypto.h b/tools/hitag2crack/crack5gpu/hitagcrypto.h deleted file mode 100644 index 274d3d82c..000000000 --- a/tools/hitag2crack/crack5gpu/hitagcrypto.h +++ /dev/null @@ -1,167 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2014 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: unknown. -// Modifications for RFIDler: Tony Naggs , Adam Laurie - - -#ifndef HITAGCRYPTO_H -#define HITAGCRYPTO_H - -#include - -/* - Our model of Hitag 2 crypto uses 2 parallel shift registers: - a. 48 bit Feedback Shift Register, required for inputs to the nonlinear function. - b. 48 bit Linear Feedback Shift Register (LFSR). - A transform of initial register (a) value, which is then run in parallel. - Enables much faster calculation of the feedback values. - - API: - void hitag2_init(Hitag_State* pstate, uint64_t sharedkey, uint32_t serialnum, - uint32_t initvector); - Initialise state from 48 bit shared (secret) reader/tag key, - 32 bit tag serial number and 32 bit initialisation vector from reader. - - uint32_t hitag2_nstep(Hitag_State* pstate, uint32_t steps); - update shift register state and generate N cipher bits (N should be <= 32) - */ - - -typedef struct { - uint64_t shiftreg; // naive shift register, required for nonlinear fn input - uint64_t lfsr; // fast lfsr, used to make software faster -} Hitag_State; - -void hitag2_init(Hitag_State *pstate, uint64_t sharedkey, uint32_t serialnum, uint32_t initvector); - -uint32_t hitag2_nstep(Hitag_State *pstate, uint32_t steps); - -#endif /* HITAGCRYPTO_H */ - diff --git a/tools/hitag2crack/crack5gpu/ht2crack2utils.c b/tools/hitag2crack/crack5gpu/ht2crack2utils.c deleted file mode 100644 index 75d4c27a9..000000000 --- a/tools/hitag2crack/crack5gpu/ht2crack2utils.c +++ /dev/null @@ -1,172 +0,0 @@ -#include "ht2crack2utils.h" - -// writes a value into a buffer as a series of bytes -void writebuf(unsigned char *buf, uint64_t val, unsigned int len) { - int i; - char c; - - for (i = len - 1; i >= 0; i--) { - c = val & 0xff; - buf[i] = c; - val = val >> 8; - } - -} - - -/* simple hexdump for testing purposes */ -void shexdump(unsigned char *data, int data_len) { - int i; - - if (!data || (data_len <= 0)) { - printf("shexdump: invalid parameters\n"); - return; - } - - printf("Hexdump from %p:\n", data); - - for (i = 0; i < data_len; i++) { - if ((i % HEX_PER_ROW) == 0) { - printf("\n0x%04x: ", i); - } - printf("%02x ", data[i]); - } - printf("\n\n"); -} - - - -void printbin(unsigned char *c) { - int i, j; - unsigned char x; - - if (!c) { - printf("printbin: invalid params\n"); - return; - } - - for (i = 0; i < 6; i++) { - x = c[i]; - for (j = 0; j < 8; j++) { - printf("%d", (x & 0x80) >> 7); - x = x << 1; - } - } - printf("\n"); -} - - -void printbin2(uint64_t val, unsigned int size) { - int i; - uint64_t mask = 1; - - mask = mask << (size - 1); - - for (i = 0; i < size; i++) { - if (val & mask) { - printf("1"); - } else { - printf("0"); - } - val = val << 1; - } -} - - -void printstate(Hitag_State *hstate) { - printf("shiftreg =\t"); - printbin2(hstate->shiftreg, 48); - printf("\n"); -} - - - - -// convert hex char to binary -unsigned char hex2bin(unsigned char c) { - if ((c >= '0') && (c <= '9')) { - return (c - '0'); - } else if ((c >= 'a') && (c <= 'f')) { - return (c - 'a' + 10); - } else if ((c >= 'A') && (c <= 'F')) { - return (c - 'A' + 10); - } else { - return 0; - } -} - -// return a single bit from a value -int bitn(uint64_t x, int bit) { - uint64_t bitmask = 1; - - bitmask = bitmask << bit; - - if (x & bitmask) { - return 1; - } else { - return 0; - } -} - - -// the sub-function R that rollback depends upon -int fnR(uint64_t x) { - // renumbered bits because my state is 0-47, not 1-48 - return (bitn(x, 1) ^ bitn(x, 2) ^ bitn(x, 5) ^ bitn(x, 6) ^ bitn(x, 7) ^ - bitn(x, 15) ^ bitn(x, 21) ^ bitn(x, 22) ^ bitn(x, 25) ^ bitn(x, 29) ^ bitn(x, 40) ^ - bitn(x, 41) ^ bitn(x, 42) ^ bitn(x, 45) ^ bitn(x, 46) ^ bitn(x, 47)); -} - -// the rollback function that lets us go backwards in time -void rollback(Hitag_State *hstate, unsigned int steps) { - int i; - - for (i = 0; i < steps; i++) { - hstate->shiftreg = ((hstate->shiftreg << 1) & 0xffffffffffff) | fnR(hstate->shiftreg); - } - -} - - -// the three filter sub-functions that feed fnf -int fa(unsigned int i) { - return bitn(0x2C79, i); -} - -int fb(unsigned int i) { - return bitn(0x6671, i); -} - -int fc(unsigned int i) { - return bitn(0x7907287B, i); -} - -// the filter function that generates a bit of output from the prng state -int fnf(uint64_t s) { - unsigned int x1, x2, x3, x4, x5, x6; - - x1 = (bitn(s, 2) << 0) | (bitn(s, 3) << 1) | (bitn(s, 5) << 2) | (bitn(s, 6) << 3); - x2 = (bitn(s, 8) << 0) | (bitn(s, 12) << 1) | (bitn(s, 14) << 2) | (bitn(s, 15) << 3); - x3 = (bitn(s, 17) << 0) | (bitn(s, 21) << 1) | (bitn(s, 23) << 2) | (bitn(s, 26) << 3); - x4 = (bitn(s, 28) << 0) | (bitn(s, 29) << 1) | (bitn(s, 31) << 2) | (bitn(s, 33) << 3); - x5 = (bitn(s, 34) << 0) | (bitn(s, 43) << 1) | (bitn(s, 44) << 2) | (bitn(s, 46) << 3); - - x6 = (fa(x1) << 0) | (fb(x2) << 1) | (fb(x3) << 2) | (fb(x4) << 3) | (fa(x5) << 4); - - return fc(x6); -} - -// builds the lfsr for the prng (quick calcs for hitag2_nstep()) -void buildlfsr(Hitag_State *hstate) { - uint64_t state = hstate->shiftreg; - uint64_t temp; - - temp = state ^ (state >> 1); - hstate->lfsr = state ^ (state >> 6) ^ (state >> 16) - ^ (state >> 26) ^ (state >> 30) ^ (state >> 41) - ^ (temp >> 2) ^ (temp >> 7) ^ (temp >> 22) - ^ (temp >> 42) ^ (temp >> 46); -} - - - diff --git a/tools/hitag2crack/crack5gpu/ht2crack2utils.h b/tools/hitag2crack/crack5gpu/ht2crack2utils.h deleted file mode 100644 index 33e0e3036..000000000 --- a/tools/hitag2crack/crack5gpu/ht2crack2utils.h +++ /dev/null @@ -1,35 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "HardwareProfile.h" -#include "rfidler.h" -#include "util.h" - -#include "hitagcrypto.h" - -#define HEX_PER_ROW 16 - - - -void writebuf(unsigned char *buf, uint64_t val, unsigned int len); -void shexdump(unsigned char *data, int data_len); -void printbin(unsigned char *c); -void printbin2(uint64_t val, unsigned int size); -void printstate(Hitag_State *hstate); -unsigned char hex2bin(unsigned char c); -int bitn(uint64_t x, int bit); -int fnR(uint64_t x); -void rollback(Hitag_State *hstate, unsigned int steps); -int fa(unsigned int i); -int fb(unsigned int i); -int fc(unsigned int i); -int fnf(uint64_t s); -void buildlfsr(Hitag_State *hstate); diff --git a/tools/hitag2crack/crack5gpu/ht2crack5.c b/tools/hitag2crack/crack5gpu/ht2crack5.c index 82a80c3ea..37df9df65 100644 --- a/tools/hitag2crack/crack5gpu/ht2crack5.c +++ b/tools/hitag2crack/crack5gpu/ht2crack5.c @@ -29,7 +29,7 @@ #define CL_USE_DEPRECATED_OPENCL_1_2_APIS #include #endif -#include "ht2crack2utils.h" +#include "ht2crackutils.h" const uint8_t bits[9] = {20, 14, 4, 3, 1, 1, 1, 1, 1}; #define lfsr_inv(state) (((state)<<1) | (__builtin_parityll((state) & ((0xce0044c101cd>>1)|(1ull<<(47)))))) diff --git a/tools/hitag2crack/crack5gpu/rfidler.h b/tools/hitag2crack/crack5gpu/rfidler.h deleted file mode 100644 index 933547e6b..000000000 --- a/tools/hitag2crack/crack5gpu/rfidler.h +++ /dev/null @@ -1,412 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2015 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: Adam Laurie - -#include -#include - -// BCD hardware revision for usb descriptor (usb_descriptors.c) -#define RFIDLER_HW_VERSION 0x020 - -// max sizes in BITS -#define MAXBLOCKSIZE 512 -#define MAXTAGSIZE 4096 -#define MAXUID 512 - -#define TMP_LARGE_BUFF_LEN 2048 -#define TMP_SMALL_BUFF_LEN 256 -#define ANALOGUE_BUFF_LEN 8192 - -#define COMMS_BUFFER_SIZE 128 - -#define DETECT_BUFFER_SIZE 512 - -#define SAMPLEMASK ~(BIT_1 | BIT_0) // mask to remove two bottom bits from analogue sample - we will then use those for reader & bit period - -// globals - -extern BOOL WiegandOutput; // Output wiegand data whenenver UID is read -extern BYTE *EMU_Reset_Data; // Pointer to full array of bits as bytes, stored as 0x00/0x01, '*' terminated -extern BYTE *EMU_Data; // Pointer to current location in EMU_Reset_Data -extern BYTE EMU_ThisBit; // The next data bit to transmit -extern BYTE EMU_SubCarrier_T0; // Number of Frame Clocks for sub-carrier '0' -extern BYTE EMU_SubCarrier_T1; // Number of Frame Clocks for sub-carrier '1' -extern unsigned int EMU_Repeat; // Number of times to transmit full data set -extern BOOL EMU_Background; // Emulate in the background until told to stop -extern unsigned int EMU_DataBitRate; // Number of Frame Clocks per bit -extern BYTE TmpBits[TMP_LARGE_BUFF_LEN]; // Shared scratchpad -extern BYTE ReaderPeriod; // Flag for sample display -extern unsigned char Comms_In_Buffer[COMMS_BUFFER_SIZE]; // USB/Serial buffer -extern BYTE Interface; // user interface - CLI or API -extern BYTE CommsChannel; // user comms channel - USB or UART -extern BOOL FakeRead; // flag for analogue sampler to signal it wants access to buffers during read -extern BOOL PWD_Mode; // is this tag password protected? -extern BYTE Password[9]; // 32 bits as HEX string set with LOGIN -extern unsigned int Led_Count; // LED status counter, also used for entropy -extern unsigned long Reader_Bit_Count; // Reader ISR bit counter -extern char Previous; // Reader ISR previous bit type - -// RWD (read/write device) coil state -extern BYTE RWD_State; // current state of RWD coil -extern unsigned int RWD_Fc; // field clock in uS -extern unsigned int RWD_Gap_Period; // length of command gaps in OC5 ticks -extern unsigned int RWD_Zero_Period; // length of '0' in OC5 ticks -extern unsigned int RWD_One_Period; // length of '1' in OC5 ticks -extern unsigned int RWD_Sleep_Period; // length of initial sleep to reset tag in OC5 ticks -extern unsigned int RWD_Wake_Period; // length required for tag to restart in OC5 ticks -extern unsigned int RWD_Wait_Switch_TX_RX; // length to wait when switching from TX to RX in OC5 ticks -extern unsigned int RWD_Wait_Switch_RX_TX; // length to wait when switching from RX to TX in OC5 ticks -extern unsigned int RWD_Post_Wait; // low level ISR wait period in OC5 ticks -extern unsigned int RWD_OC5_config; // Output Compare Module settings -extern unsigned int RWD_OC5_r; // Output Compare Module primary compare value -extern unsigned int RWD_OC5_rs; // Output Compare Module secondary compare value -extern BYTE RWD_Command_Buff[TMP_SMALL_BUFF_LEN]; // Command buffer, array of bits as bytes, stored as 0x00/0x01, '*' terminated -extern BYTE *RWD_Command_ThisBit; // Current command bit -extern BOOL Reader_ISR_State; // current state of reader ISR - -// NVM variables -// timings etc. that want to survive a reboot should go here -typedef struct { - BYTE Name[7]; // will be set to "RFIDler" so we can test for new device - BYTE AutoRun[128]; // optional command to run at startup - unsigned char TagType; - unsigned int PSK_Quality; - unsigned int Timeout; - unsigned int Wiegand_Pulse; - unsigned int Wiegand_Gap; - BOOL Wiegand_IdleState; - unsigned int FrameClock; - unsigned char Modulation; - unsigned int DataRate; - unsigned int DataRateSub0; - unsigned int DataRateSub1; - unsigned int DataBits; - unsigned int DataBlocks; - unsigned int BlockSize; - unsigned char SyncBits; - BYTE Sync[4]; - BOOL BiPhase; - BOOL Invert; - BOOL Manchester; - BOOL HalfDuplex; - unsigned int Repeat; - unsigned int PotLow; - unsigned int PotHigh; - unsigned int RWD_Gap_Period; - unsigned int RWD_Zero_Period; - unsigned int RWD_One_Period; - unsigned int RWD_Sleep_Period; - unsigned int RWD_Wake_Period; - unsigned int RWD_Wait_Switch_TX_RX; - unsigned int RWD_Wait_Switch_RX_TX; -} StoredConfig; - -// somewhere to store TAG data. this will be interpreted according to the TAG -// type. -typedef struct { - BYTE TagType; // raw tag type - BYTE EmulatedTagType; // tag type this tag is configured to emulate - BYTE UID[MAXUID + 1]; // Null-terminated HEX string - BYTE Data[MAXTAGSIZE]; // raw data - unsigned char DataBlocks; // number of blocks in Data field - unsigned int BlockSize; // blocksize in bits -} VirtualTag; - -extern StoredConfig RFIDlerConfig; -extern VirtualTag RFIDlerVTag; -extern BYTE TmpBuff[NVM_PAGE_SIZE]; -extern BYTE DataBuff[ANALOGUE_BUFF_LEN]; -extern unsigned int DataBuffCount; -extern const BYTE *ModulationSchemes[]; -extern const BYTE *OnOff[]; -extern const BYTE *HighLow[]; -extern const BYTE *TagTypes[]; - -// globals for ISRs -extern BYTE EmulationMode; -extern unsigned long HW_Bits; -extern BYTE HW_Skip_Bits; -extern unsigned int PSK_Min_Pulse; -extern BOOL PSK_Read_Error; -extern BOOL Manchester_Error; -extern BOOL SnifferMode; -extern unsigned int Clock_Tick_Counter; -extern BOOL Clock_Tick_Counter_Reset; - -// smart card lib -#define MAX_ATR_LEN (BYTE)33 -extern BYTE scCardATR[MAX_ATR_LEN]; -extern BYTE scATRLength; - -// RTC -extern rtccTime RTC_time; // time structure -extern rtccDate RTC_date; // date structure - -// digital pots -#define POTLOW_DEFAULT 100 -#define POTHIGH_DEFAULT 150 -#define DC_OFFSET 60 // analogue circuit DC offset (as close as we can get without using 2 LSB) -#define VOLTS_TO_POT 0.019607843F - -// RWD/clock states -#define RWD_STATE_INACTIVE 0 // RWD not in use -#define RWD_STATE_GO_TO_SLEEP 1 // RWD coil shutdown request -#define RWD_STATE_SLEEPING 2 // RWD coil shutdown for sleep period -#define RWD_STATE_WAKING 3 // RWD active for pre-determined period after reset -#define RWD_STATE_START_SEND 4 // RWD starting send of data -#define RWD_STATE_SENDING_GAP 5 // RWD sending a gap -#define RWD_STATE_SENDING_BIT 6 // RWD sending a data bit -#define RWD_STATE_POST_WAIT 7 // RWD finished sending data, now in forced wait period -#define RWD_STATE_ACTIVE 8 // RWD finished, now just clocking a carrier - -// reader ISR states -#define READER_STOPPED 0 // reader not in use -#define READER_IDLING 1 // reader ISR running to preserve timing, but not reading -#define READER_RUNNING 2 // reader reading bits - - -// user interface types -#define INTERFACE_API 0 -#define INTERFACE_CLI 1 - -// comms channel -#define COMMS_NONE 0 -#define COMMS_USB 1 -#define COMMS_UART 2 - -#define MAX_HISTORY 2 // disable most of history for now - memory issue - -// tag write retries -#define TAG_WRITE_RETRY 5 - -// modulation modes - uppdate ModulationSchemes[] in tags.c if you change this -#define MOD_MODE_NONE 0 -#define MOD_MODE_ASK_OOK 1 -#define MOD_MODE_FSK1 2 -#define MOD_MODE_FSK2 3 -#define MOD_MODE_PSK1 4 -#define MOD_MODE_PSK2 5 -#define MOD_MODE_PSK3 6 - -// TAG types - update TagTypes[] in tags.c if you add to this list -#define TAG_TYPE_NONE 0 -#define TAG_TYPE_ASK_RAW 1 -#define TAG_TYPE_FSK1_RAW 2 -#define TAG_TYPE_FSK2_RAW 3 -#define TAG_TYPE_PSK1_RAW 4 -#define TAG_TYPE_PSK2_RAW 5 -#define TAG_TYPE_PSK3_RAW 6 -#define TAG_TYPE_HITAG1 7 -#define TAG_TYPE_HITAG2 8 -#define TAG_TYPE_EM4X02 9 -#define TAG_TYPE_Q5 10 -#define TAG_TYPE_HID_26 11 -#define TAG_TYPE_INDALA_64 12 -#define TAG_TYPE_INDALA_224 13 -#define TAG_TYPE_UNIQUE 14 -#define TAG_TYPE_FDXB 15 -#define TAG_TYPE_T55X7 16 // same as Q5 but different timings and no modulation-defeat -#define TAG_TYPE_AWID_26 17 -#define TAG_TYPE_EM4X05 18 -#define TAG_TYPE_TAMAGOTCHI 19 -#define TAG_TYPE_HDX 20 // same underlying data as FDX-B, but different modulation & telegram - -// various - -#define BINARY 0 -#define HEX 1 - -#define NO_ADDRESS -1 - -#define ACK TRUE -#define NO_ACK FALSE - -#define BLOCK TRUE -#define NO_BLOCK FALSE - -#define DATA TRUE -#define NO_DATA FALSE - -#define DEBUG_PIN_ON HIGH -#define DEBUG_PIN_OFF LOW - -#define FAST FALSE -#define SLOW TRUE - -#define NO_TRIGGER 0 - -#define LOCK TRUE -#define NO_LOCK FALSE - -#define NFC_MODE TRUE -#define NO_NFC_MODE FALSE - -#define ONESHOT_READ TRUE -#define NO_ONESHOT_READ FALSE - -#define RESET TRUE -#define NO_RESET FALSE - -#define SHUTDOWN_CLOCK TRUE -#define NO_SHUTDOWN_CLOCK FALSE - -#define SYNC TRUE -#define NO_SYNC FALSE - -#define VERIFY TRUE -#define NO_VERIFY FALSE - -#define VOLATILE FALSE -#define NON_VOLATILE TRUE - -#define NEWLINE TRUE -#define NO_NEWLINE FALSE - -#define WAIT TRUE -#define NO_WAIT FALSE - -#define WIPER_HIGH 0 -#define WIPER_LOW 1 - -// conversion for time to ticks -#define US_TO_TICKS 1000000L -#define US_OVER_10_TO_TICKS 10000000L -#define US_OVER_100_TO_TICKS 100000000L -// we can't get down to this level on pic, but we want to standardise on timings, so for now we fudge it -#define CONVERT_TO_TICKS(x) ((x / 10) * (GetSystemClock() / US_OVER_10_TO_TICKS)) -#define CONVERT_TICKS_TO_US(x) (x / (GetSystemClock() / US_TO_TICKS)) -#define TIMER5_PRESCALER 16 -#define MAX_TIMER5_TICKS (65535 * TIMER5_PRESCALER) - -// other conversions - -// bits to hex digits -#define HEXDIGITS(x) (x / 4) -#define HEXTOBITS(x) (x * 4) diff --git a/tools/hitag2crack/crack5gpu/util.h b/tools/hitag2crack/crack5gpu/util.h deleted file mode 100644 index c2399c37c..000000000 --- a/tools/hitag2crack/crack5gpu/util.h +++ /dev/null @@ -1,147 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2015 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: Adam Laurie - -/* - * Hitag Crypto support macros - * These macros reverse the bit order in a byte, or *within* each byte of a - * 16 , 32 or 64 bit unsigned integer. (Not across the whole 16 etc bits.) - */ -#define rev8(X) ((((X) >> 7) &1) + (((X) >> 5) &2) + (((X) >> 3) &4) \ - + (((X) >> 1) &8) + (((X) << 1) &16) + (((X) << 3) &32) \ - + (((X) << 5) &64) + (((X) << 7) &128) ) -#define rev16(X) (rev8 (X) + (rev8 (X >> 8) << 8)) -#define rev32(X) (rev16(X) + (rev16(X >> 16) << 16)) -#define rev64(X) (rev32(X) + (rev32(X >> 32) << 32)) - - -unsigned long hexreversetoulong(BYTE *hex); -unsigned long long hexreversetoulonglong(BYTE *hex); - diff --git a/tools/hitag2crack/crack5gpu/utilpart.c b/tools/hitag2crack/crack5gpu/utilpart.c deleted file mode 100644 index c46148491..000000000 --- a/tools/hitag2crack/crack5gpu/utilpart.c +++ /dev/null @@ -1,180 +0,0 @@ -/*************************************************************************** - * A copy of the GNU GPL is appended to this file. * - * * - * This licence is based on the nmap licence, and we express our gratitude * - * for the work that went into producing it. There is no other connection * - * between RFIDler and nmap either expressed or implied. * - * * - ********************** IMPORTANT RFIDler LICENSE TERMS ******************** - * * - * * - * All references to RFIDler herein imply all it's derivatives, namely: * - * * - * o RFIDler-LF Standard * - * o RFIDler-LF Lite * - * o RFIDler-LF Nekkid * - * * - * * - * RFIDler is (C) 2013-2014 Aperture Labs Ltd. * - * * - * This program is free software; you may redistribute and/or modify it * - * under the terms of the GNU General Public License as published by the * - * Free Software Foundation; Version 2 ("GPL"), BUT ONLY WITH ALL OF THE * - * CLARIFICATIONS AND EXCEPTIONS DESCRIBED HEREIN. This guarantees your * - * right to use, modify, and redistribute this software under certain * - * conditions. If you wish to embed RFIDler technology into proprietary * - * software or hardware, we sell alternative licenses * - * (contact sales@aperturelabs.com). * - * * - * Note that the GPL places important restrictions on "derivative works", * - * yet it does not provide a detailed definition of that term. To avoid * - * misunderstandings, we interpret that term as broadly as copyright law * - * allows. For example, we consider an application to constitute a * - * derivative work for the purpose of this license if it does any of the * - * following with any software or content covered by this license * - * ("Covered Software"): * - * * - * o Integrates source code from Covered Software. * - * * - * o Is designed specifically to execute Covered Software and parse the * - * results (as opposed to typical shell or execution-menu apps, which will * - * execute anything you tell them to). * - * * - * o Includes Covered Software in a proprietary executable installer. The * - * installers produced by InstallShield are an example of this. Including * - * RFIDler with other software in compressed or archival form does not * - * trigger this provision, provided appropriate open source decompression * - * or de-archiving software is widely available for no charge. For the * - * purposes of this license, an installer is considered to include Covered * - * Software even if it actually retrieves a copy of Covered Software from * - * another source during runtime (such as by downloading it from the * - * Internet). * - * * - * o Links (statically or dynamically) to a library which does any of the * - * above. * - * * - * o Executes a helper program, module, or script to do any of the above. * - * * - * This list is not exclusive, but is meant to clarify our interpretation * - * of derived works with some common examples. Other people may interpret * - * the plain GPL differently, so we consider this a special exception to * - * the GPL that we apply to Covered Software. Works which meet any of * - * these conditions must conform to all of the terms of this license, * - * particularly including the GPL Section 3 requirements of providing * - * source code and allowing free redistribution of the work as a whole. * - * * - * As another special exception to the GPL terms, Aperture Labs Ltd. grants* - * permission to link the code of this program with any version of the * - * OpenSSL library which is distributed under a license identical to that * - * listed in the included docs/licenses/OpenSSL.txt file, and distribute * - * linked combinations including the two. * - * * - * Any redistribution of Covered Software, including any derived works, * - * must obey and carry forward all of the terms of this license, including * - * obeying all GPL rules and restrictions. For example, source code of * - * the whole work must be provided and free redistribution must be * - * allowed. All GPL references to "this License", are to be treated as * - * including the terms and conditions of this license text as well. * - * * - * Because this license imposes special exceptions to the GPL, Covered * - * Work may not be combined (even as part of a larger work) with plain GPL * - * software. The terms, conditions, and exceptions of this license must * - * be included as well. This license is incompatible with some other open * - * source licenses as well. In some cases we can relicense portions of * - * RFIDler or grant special permissions to use it in other open source * - * software. Please contact sales@aperturelabs.com with any such requests.* - * Similarly, we don't incorporate incompatible open source software into * - * Covered Software without special permission from the copyright holders. * - * * - * If you have any questions about the licensing restrictions on using * - * RFIDler in other works, are happy to help. As mentioned above, we also * - * offer alternative license to integrate RFIDler into proprietary * - * applications and appliances. These contracts have been sold to dozens * - * of software vendors, and generally include a perpetual license as well * - * as providing for priority support and updates. They also fund the * - * continued development of RFIDler. Please email sales@aperturelabs.com * - * for further information. * - * If you have received a written license agreement or contract for * - * Covered Software stating terms other than these, you may choose to use * - * and redistribute Covered Software under those terms instead of these. * - * * - * Source is provided to this software because we believe users have a * - * right to know exactly what a program is going to do before they run it. * - * This also allows you to audit the software for security holes (none * - * have been found so far). * - * * - * Source code also allows you to port RFIDler to new platforms, fix bugs, * - * and add new features. You are highly encouraged to send your changes * - * to the RFIDler mailing list for possible incorporation into the * - * main distribution. By sending these changes to Aperture Labs Ltd. or * - * one of the Aperture Labs Ltd. development mailing lists, or checking * - * them into the RFIDler source code repository, it is understood (unless * - * you specify otherwise) that you are offering the RFIDler Project * - * (Aperture Labs Ltd.) the unlimited, non-exclusive right to reuse, * - * modify, and relicense the code. RFIDler will always be available Open * - * Source, but this is important because the inability to relicense code * - * has caused devastating problems for other Free Software projects (such * - * as KDE and NASM). We also occasionally relicense the code to third * - * parties as discussed above. If you wish to specify special license * - * conditions of your contributions, just say so when you send them. * - * * - * This program is distributed in the hope that it will be useful, but * - * WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the RFIDler * - * license file for more details (it's in a COPYING file included with * - * RFIDler, and also available from * - * https://github.com/ApertureLabsLtd/RFIDler/COPYING * - * * - ***************************************************************************/ - -// Author: Adam Laurie - - -#include -#include -#include "HardwareProfile.h" -#include "util.h" -#include "rfidler.h" -//#include "comms.h" - -// rtc -rtccTime RTC_time; // time structure -rtccDate RTC_date; // date structure - -// convert byte-reversed 8 digit hex to unsigned long -unsigned long hexreversetoulong(BYTE *hex) { - unsigned long ret = 0L; - unsigned int x; - BYTE i; - - if (strlen(hex) != 8) - return 0L; - - for (i = 0 ; i < 4 ; ++i) { - if (sscanf(hex, "%2X", &x) != 1) - return 0L; - ret += ((unsigned long) x) << i * 8; - hex += 2; - } - return ret; -} - -// convert byte-reversed 12 digit hex to unsigned long -unsigned long long hexreversetoulonglong(BYTE *hex) { - unsigned long long ret = 0LL; - BYTE tmp[9]; - - // this may seem an odd way to do it, but weird compiler issues were - // breaking direct conversion! - - tmp[8] = '\0'; - memset(tmp + 4, '0', 4); - memcpy(tmp, hex + 8, 4); - ret = hexreversetoulong(tmp); - ret <<= 32; - memcpy(tmp, hex, 8); - ret += hexreversetoulong(tmp); - return ret; -} - -