dash/proxmark3
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ADD: started with adding a LF AWID26 write function. not done yet.

Browse Source 
ADD: latest pwpiwi & holiman changes.
This commit is contained in:
iceman1001
2014-12-19 13:46:02 +01:00
parent d3499d369d
commit f5ed4d12de
18 changed files with 368 additions and 464 deletions
Download Patch File Download Diff File Expand all files Collapse all files

100
armsrc/epa.c
View File

@@ -108,9 +108,9 @@ size_t EPA_Parse_CardAccess(uint8_t *data,
if (data[index] == 0x31 || data[index] == 0x30) {
// enter the set (skip tag + length)
index += 2;
// extended length
// check for extended length
if ((data[index - 1] & 0x80) != 0) {
index += (data[index] & 0x7F);
index += (data[index-1] & 0x7F);
}
}
// OID
@@ -423,89 +423,31 @@ int EPA_PACE_MSE_Set_AT(pace_version_info_t pace_version_info, uint8_t password)
//-----------------------------------------------------------------------------
int EPA_Setup()
{
// return code
//int return_code = 0;
// card UID
//uint8_t uid[10] = {0x00};
int return_code = 0;
uint8_t uid[10];
uint8_t pps_response[3];
uint8_t pps_response_par[1];
iso14a_card_select_t card_select_info;
// power up the field
iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD);
iso14a_clear_trace();
iso14a_set_tracing(TRUE);
iso14a_set_timeout(10500);
// card select information
byte_t cardbuf[USB_CMD_DATA_SIZE];
memset(cardbuf,0,USB_CMD_DATA_SIZE);
iso14a_card_select_t *card = (iso14a_card_select_t*)cardbuf;
// select the card
// if (!iso14443a_select_card(uid, &card_info, NULL)) {
// Dbprintf("Epa: Can't select card");
// return -1;
// }
uint8_t wupa[] = { 0x26 }; // 0x26 - REQA 0x52 - WAKE-UP
uint8_t sel_all[] = { 0x93,0x20 };
uint8_t sel_uid[] = { 0x93,0x70,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
uint8_t rats[] = { 0xE0,0x81,0x00,0x00 }; // FSD=256, FSDI=8, CID=1
uint8_t *resp = ((uint8_t *)BigBuf) + RECV_RESP_OFFSET;
uint8_t *resp_par = ((uint8_t *)BigBuf) + RECV_RESP_PAR_OFFSET;
byte_t uid_resp[4];
size_t uid_resp_len = 4;
return_code = iso14443a_select_card(uid, &card_select_info, NULL);
if (return_code != 1) {
Dbprintf("Epa: Can't select card");
return 1;
}
uint8_t sak = 0x04; // cascade uid
int len;
// Broadcast for a card, WUPA (0x52) will force response from all cards in the field
ReaderTransmitBitsPar(wupa,7,0, NULL);
// Receive the ATQA
if(!ReaderReceive(resp, resp_par)) return -1;
// SELECT_ALL
ReaderTransmit(sel_all,sizeof(sel_all), NULL);
if (!ReaderReceive(resp, resp_par)) return -1;
// uid response from tag
memcpy(uid_resp,resp,uid_resp_len);
// Construct SELECT UID command
// transmitting a full UID (1 Byte cmd, 1 Byte NVB, 4 Byte UID, 1 Byte BCC, 2 Bytes CRC)
memcpy(sel_uid+2,uid_resp,4); // the UID
sel_uid[6] = sel_uid[2] ^ sel_uid[3] ^ sel_uid[4] ^ sel_uid[5]; // calculate and add BCC
AppendCrc14443a(sel_uid,7); // calculate and add CRC
ReaderTransmit(sel_uid,sizeof(sel_uid), NULL);
// Receive the SAK
if (!ReaderReceive(resp, resp_par)) return -1;
sak = resp[0];
// Request for answer to select
AppendCrc14443a(rats, 2);
ReaderTransmit(rats, sizeof(rats), NULL);
if ( !(len = ReaderReceive(resp, resp_par) )) return -1;
// populate the collected data.
memcpy( card->uid, uid_resp, uid_resp_len);
card->uidlen += uid_resp_len;
card->sak = sak;
card->ats_len = len;
memcpy(card->ats, resp, sizeof(card->ats));
// send the PPS request
// ReaderTransmit((uint8_t *)pps, sizeof(pps), NULL);
// uint8_t pps_response[3];
// uint8_t pps_response_par[1];
// return_code = ReaderReceive(pps_response,pps_response_par);
// if (return_code != 3 || pps_response[0] != 0xD0) {
// return return_code == 0 ? 2 : return_code;
// }
ReaderTransmit((uint8_t *)pps, sizeof(pps), NULL);
return_code = ReaderReceive(pps_response, pps_response_par);
if (return_code != 3 || pps_response[0] != 0xD0) {
return return_code == 0 ? 2 : return_code;
}
return -1;
return 0;
}

2
armsrc/hitag2.c
View File

@@ -1158,7 +1158,7 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
case RHT2F_CRYPTO: {
DbpString("Authenticating using key:");
memcpy(key,htd->crypto.key,6);
memcpy(key,htd->crypto.key,6); // 4 or 6 ??
Dbhexdump(6,key,false);
blocknr = 0;
bQuiet = false;

12
armsrc/iclass.c
View File

@@ -549,7 +549,7 @@ static RAMFUNC int ManchesterDecoding(int v)
// Tag response does not need to be a complete byte!
if(Demod.len > 0 || Demod.bitCount > 0) {
if(Demod.bitCount > 1) { // was > 0, do not interpret last closing bit, is part of EOF
Demod.shiftReg >>= (9 - Demod.bitCount); // rright align data
Demod.shiftReg >>= (9 - Demod.bitCount); // right align data
Demod.output[Demod.len] = Demod.shiftReg & 0xff;
Demod.len++;
}
@@ -1145,7 +1145,8 @@ int doIClassSimulation(uint8_t csn[], int breakAfterMacReceived, uint8_t *reader
respsize = 0;
if (breakAfterMacReceived){
// dbprintf:ing ...
Dbprintf("CSN: %02x %02x %02x %02x %02x %02x %02x %02x",csn[0],csn[1],csn[2],csn[3],csn[4],csn[5],csn[6],csn[7]);
Dbprintf("CSN: %02x %02x %02x %02x %02x %02x %02x %02x"
,csn[0],csn[1],csn[2],csn[3],csn[4],csn[5],csn[6],csn[7]);
Dbprintf("RDR: (len=%02d): %02x %02x %02x %02x %02x %02x %02x %02x %02x",len,
receivedCmd[0], receivedCmd[1], receivedCmd[2],
receivedCmd[3], receivedCmd[4], receivedCmd[5],
@@ -1264,8 +1265,8 @@ static void TransmitIClassCommand(const uint8_t *cmd, int len, int *samples, int
FpgaSetupSsc();
if (wait)
if(*wait < 10)
*wait = 10;
{
if(*wait < 10) *wait = 10;
for(c = 0; c < *wait;) {
if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {
@@ -1279,6 +1280,9 @@ static void TransmitIClassCommand(const uint8_t *cmd, int len, int *samples, int
WDT_HIT();
}
}
uint8_t sendbyte;
bool firstpart = TRUE;
c = 0;

3
armsrc/iso14443.c
View File

@@ -293,8 +293,7 @@ static int GetIso14443CommandFromReader(uint8_t *received, int *len, int maxLen)
// only, since we are receiving, not transmitting).
// Signal field is off with the appropriate LED
LED_D_OFF();
FpgaWriteConfWord(
FPGA_MAJOR_MODE_HF_SIMULATOR | FPGA_HF_SIMULATOR_NO_MODULATION);
FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_SIMULATOR | FPGA_HF_SIMULATOR_NO_MODULATION);
// Now run a `software UART' on the stream of incoming samples.

22
armsrc/iso14443a.c
View File

@@ -310,10 +310,11 @@ static RAMFUNC bool MillerDecoding(uint8_t bit, uint32_t non_real_time)
if (Uart.state == STATE_UNSYNCD) { // not yet synced
if (Uart.highCnt < 7) { // wait for a stable unmodulated signal
if (Uart.twoBits == 0xffff)
if (Uart.twoBits == 0xffff) {
Uart.highCnt++;
else
} else {
Uart.highCnt = 0;
}
} else {
Uart.syncBit = 0xFFFF; // not set
// look for 00xx1111 (the start bit)
@@ -1602,8 +1603,7 @@ int EmSendCmdPar(uint8_t *resp, uint16_t respLen, uint8_t *par){
bool EmLogTrace(uint8_t *reader_data, uint16_t reader_len, uint32_t reader_StartTime, uint32_t reader_EndTime, uint8_t *reader_Parity,
uint8_t *tag_data, uint16_t tag_len, uint32_t tag_StartTime, uint32_t tag_EndTime, uint8_t *tag_Parity)
{
if (!tracing) return true;
if (tracing) {
// we cannot exactly measure the end and start of a received command from reader. However we know that the delay from
// end of the received command to start of the tag's (simulated by us) answer is n*128+20 or n*128+84 resp.
// with n >= 9. The start of the tags answer can be measured and therefore the end of the received command be calculated:
@@ -1614,8 +1614,10 @@ bool EmLogTrace(uint8_t *reader_data, uint16_t reader_len, uint32_t reader_Start
reader_StartTime = reader_EndTime - reader_modlen;
if (!LogTrace(reader_data, reader_len, reader_StartTime, reader_EndTime, reader_Parity, TRUE)) {
return FALSE;
} else
return(!LogTrace(tag_data, tag_len, tag_StartTime, tag_EndTime, tag_Parity, FALSE));
} else return(!LogTrace(tag_data, tag_len, tag_StartTime, tag_EndTime, tag_Parity, FALSE));
} else {
return TRUE;
}
}
//-----------------------------------------------------------------------------
@@ -1703,7 +1705,6 @@ int ReaderReceiveOffset(uint8_t* receivedAnswer, uint16_t offset, uint8_t *parit
int ReaderReceive(uint8_t *receivedAnswer, uint8_t *parity)
{
if (!GetIso14443aAnswerFromTag(receivedAnswer, parity, 0)) return FALSE;
if (tracing) {
LogTrace(receivedAnswer, Demod.len, Demod.startTime*16 - DELAY_AIR2ARM_AS_READER, Demod.endTime*16 - DELAY_AIR2ARM_AS_READER, parity, FALSE);
}
@@ -1714,7 +1715,7 @@ int ReaderReceive(uint8_t *receivedAnswer, uint8_t *parity)
* fills the uid pointer unless NULL
* fills resp_data unless NULL */
int iso14443a_select_card(byte_t* uid_ptr, iso14a_card_select_t* p_hi14a_card, uint32_t* cuid_ptr) {
//uint8_t halt[] = { 0x50 }; // HALT
//uint8_t halt[] = { 0x50, 0x00, 0x57, 0xCD }; // HALT
uint8_t wupa[] = { 0x52 }; // WAKE-UP
//uint8_t reqa[] = { 0x26 }; // REQUEST A
uint8_t sel_all[] = { 0x93,0x20 };
@@ -1731,6 +1732,7 @@ int iso14443a_select_card(byte_t* uid_ptr, iso14a_card_select_t* p_hi14a_card, u
// test for the SKYLANDERS TOY.
//ReaderTransmit(halt,sizeof(halt), NULL);
//len = ReaderReceive(resp, resp_par);
// Broadcast for a card, WUPA (0x52) will force response from all cards in the field
ReaderTransmitBitsPar(wupa,7,0, NULL);
@@ -1808,7 +1810,6 @@ int iso14443a_select_card(byte_t* uid_ptr, iso14a_card_select_t* p_hi14a_card, u
// Receive the SAK
if (!ReaderReceive(resp, resp_par)) return 0;
sak = resp[0];
// Test if more parts of the uid are coming
if ((sak & 0x04) /* && uid_resp[0] == 0x88 */) {
@@ -1844,7 +1845,8 @@ int iso14443a_select_card(byte_t* uid_ptr, iso14a_card_select_t* p_hi14a_card, u
AppendCrc14443a(rats, 2);
ReaderTransmit(rats, sizeof(rats), NULL);
if (!(len = ReaderReceive(resp, resp_par))) return 2;
len = ReaderReceive(resp, resp_par);
if(!len) return 0;
if(p_hi14a_card) {
memcpy(p_hi14a_card->ats, resp, sizeof(p_hi14a_card->ats));

79
armsrc/lfops.c
View File

@@ -769,7 +769,7 @@ size_t aggregate_bits(uint8_t *dest,size_t size, uint8_t h2l_crossing_value,uint
continue;
}
//if lastval was 1, we have a 1->0 crossing
if ( dest[idx-1]==1 ) {
if ( dest[idx-1] ) {
n=(n+1) / h2l_crossing_value;
} else {// 0->1 crossing
n=(n+1) / l2h_crossing_value;
@@ -814,11 +814,13 @@ void CmdHIDdemodFSK(int findone, int *high, int *low, int ledcontrol)
size = fsk_demod(dest, FREE_BUFFER_SIZE);
// we now have a set of cycle counts, loop over previous results and aggregate data into bit patterns
// 1->0 : fc/8 in sets of 6
// 0->1 : fc/10 in sets of 5
// 1->0 : fc/8 in sets of 6 (RF/50 / 8 = 6.25)
// 0->1 : fc/10 in sets of 5 (RF/50 / 10= 5)
// do not invert
size = aggregate_bits(dest,size, 6,5,5,0);
WDT_HIT();
// final loop, go over previously decoded manchester data and decode into usable tag ID
// 111000 bit pattern represent start of frame, 01 pattern represents a 1 and 10 represents a 0
uint8_t frame_marker_mask[] = {1,1,1,0,0,0};
@@ -851,17 +853,64 @@ void CmdHIDdemodFSK(int findone, int *high, int *low, int ledcontrol)
{
if ( memcmp(dest+idx, frame_marker_mask, sizeof(frame_marker_mask)) == 0)
{
if (hi2 != 0){
if (hi2 != 0){ //extra large HID tags
Dbprintf("TAG ID: %x%08x%08x (%d)",
(unsigned int) hi2, (unsigned int) hi, (unsigned int) lo, (unsigned int) (lo>>1) & 0xFFFF);
}
else {
Dbprintf("TAG ID: %x%08x (%d)",
(unsigned int) hi, (unsigned int) lo, (unsigned int) (lo>>1) & 0xFFFF);
else { //standard HID tags <38 bits
//Dbprintf("TAG ID: %x%08x (%d)",(unsigned int) hi, (unsigned int) lo, (unsigned int) (lo>>1) & 0xFFFF); //old print cmd
uint8_t bitlen = 0;
uint32_t fc = 0;
uint32_t cardnum = 0;
if (((hi>>5)&1)==1){//if bit 38 is set then < 37 bit format is used
uint32_t lo2=0;
lo2=(((hi & 31) << 12) | (lo>>20)); //get bits 21-37 to check for format len bit
uint8_t idx3 = 1;
while(lo2>1){ //find last bit set to 1 (format len bit)
lo2=lo2>>1;
idx3++;
}
bitlen =idx3+19;
fc =0;
cardnum=0;
if(bitlen==26){
cardnum = (lo>>1)&0xFFFF;
fc = (lo>>17)&0xFF;
}
if(bitlen==37){
cardnum = (lo>>1)&0x7FFFF;
fc = ((hi&0xF)<<12)|(lo>>20);
}
if(bitlen==34){
cardnum = (lo>>1)&0xFFFF;
fc= ((hi&1)<<15)|(lo>>17);
}
if(bitlen==35){
cardnum = (lo>>1)&0xFFFFF;
fc = ((hi&1)<<11)|(lo>>21);
}
}
else { //if bit 38 is not set then 37 bit format is used
bitlen= 37;
fc =0;
cardnum=0;
if(bitlen==37){
cardnum = (lo>>1)&0x7FFFF;
fc = ((hi&0xF)<<12)|(lo>>20);
}
}
//Dbprintf("TAG ID: %x%08x (%d)",
// (unsigned int) hi, (unsigned int) lo, (unsigned int) (lo>>1) & 0xFFFF);
Dbprintf("TAG ID: %x%08x (%d) - Format Len: %dbit - FC: %d - Card: %d",
(unsigned int) hi, (unsigned int) lo, (unsigned int) (lo>>1) & 0xFFFF,
(unsigned int) bitlen, (unsigned int) fc, (unsigned int) cardnum);
}
if (findone){
if (ledcontrol) LED_A_OFF();
return;
}
}
}
// reset
hi2 = hi = lo = 0;
numshifts = 0;
@@ -890,8 +939,7 @@ uint32_t bytebits_to_byte(uint8_t* src, int numbits)
void CmdIOdemodFSK(int findone, int *high, int *low, int ledcontrol)
{
uint8_t *dest = get_bigbufptr_recvrespbuf();
uint8_t *dest = (uint8_t *)BigBuf;
size_t size=0, idx=0;
uint32_t code=0, code2=0;
uint8_t isFinish = 0;
@@ -906,13 +954,13 @@ void CmdIOdemodFSK(int findone, int *high, int *low, int ledcontrol)
if (ledcontrol) LED_A_ON();
DoAcquisition125k_internal(-1,true);
size = sizeof(BigBuf);
// FSK demodulator
size = fsk_demod(dest, FREE_BUFFER_SIZE);
size = fsk_demod(dest, size);
// we now have a set of cycle counts, loop over previous results and aggregate data into bit patterns
// 1->0 : fc/8 in sets of 7
// 0->1 : fc/10 in sets of 6
// 1->0 : fc/8 in sets of 7 (RF/64 / 8 = 8)
// 0->1 : fc/10 in sets of 6 (RF/64 / 10 = 6.4)
size = aggregate_bits(dest, size, 7,6,13,1); //13 max Consecutive should be ok as most 0s in row should be 10 for init seq - invert bits
//Index map
@@ -1601,9 +1649,12 @@ int DemodPCF7931(uint8_t **outBlocks) {
block_done = 0;
half_switch = 0;
}
if(i < GraphTraceLen)
{
if (GraphBuffer[i-1] > GraphBuffer[i]) dir=0;
else dir = 1;
}
}
if(bitidx==255)
bitidx=0;
warnings = 0;

44
armsrc/mifarecmd.c
View File

@@ -20,7 +20,7 @@
#include "../common/crc.h"
//-----------------------------------------------------------------------------
// Select, Authenticaate, Read an MIFARE tag.
// Select, Authenticate, Read a MIFARE tag.
// read block
//-----------------------------------------------------------------------------
void MifareReadBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
@@ -267,25 +267,25 @@ void MifareReadSector(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
void MifareUReadCard(uint8_t arg0, int arg1, uint8_t *datain)
{
// params
uint8_t sectorNo = arg0;
int Pages=arg1;
// params
uint8_t sectorNo = arg0;
int Pages=arg1;
int count_Pages=0;
// variables
byte_t isOK = 0;
byte_t dataoutbuf[44 * 4];
uint8_t uid[10];
uint32_t cuid;
// variables
byte_t isOK = 0;
byte_t dataoutbuf[176];
uint8_t uid[10];
uint32_t cuid;
// clear trace
iso14a_clear_trace();
// clear trace
iso14a_clear_trace();
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);
LED_A_ON();
LED_B_OFF();
LED_C_OFF();
Dbprintf("Pages %d",Pages);
LED_A_ON();
LED_B_OFF();
LED_C_OFF();
Dbprintf("Pages %d",Pages);
while (true) {
if(!iso14443a_select_card(uid, NULL, &cuid)) {
if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");
@@ -307,8 +307,8 @@ void MifareUReadCard(uint8_t arg0, int arg1, uint8_t *datain)
isOK = 1;
break;
}
Dbprintf("Pages read %d",count_Pages);
if (MF_DBGLEVEL >= 2) DbpString("READ CARD FINISHED");
Dbprintf("Pages read %d",count_Pages);
if (MF_DBGLEVEL >= 2) DbpString("READ CARD FINISHED");
LED_B_ON();
if (Pages==16) cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,64);
@@ -316,9 +316,9 @@ void MifareUReadCard(uint8_t arg0, int arg1, uint8_t *datain)
if (Pages==44 && count_Pages>16) cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,176);
LED_B_OFF();
// Thats it...
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
LEDsoff();
// Thats it...
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
LEDsoff();
}
@@ -792,7 +792,6 @@ void MifareChkKeys(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain)
cmd_send(CMD_ACK,isOK,0,0,datain + i * 6,6);
LED_B_OFF();
// Thats it...
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
LEDsoff();
@@ -1127,7 +1126,6 @@ void MifareCGetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datai
LED_B_OFF();
if ((workFlags & 0x10) || (!isOK)) {
// Thats it...
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
LEDsoff();
}

22
armsrc/mifaredesfire.c
View File

@@ -78,9 +78,9 @@ void MifareSendCommand(uint8_t arg0, uint8_t arg1, uint8_t *datain){
}
int len = DesfireAPDU(datain, datalen, resp);
if (MF_DBGLEVEL >= 4) {
print_result("ERR <--: ", resp, len);
}
if (MF_DBGLEVEL >= 4) {
print_result("ERR <--: ", resp, len);
}
if ( !len ) {
OnError();
@@ -124,7 +124,7 @@ void MifareDesfireGetInformation(){
// card select - information
iso14a_card_select_t *card = (iso14a_card_select_t*)cardbuf;
byte_t isOK = iso14443a_select_card(NULL, card, NULL);
if (isOK != 1) {
if ( isOK == 0) {
if (MF_DBGLEVEL >= 1) {
Dbprintf("Can't select card");
}
@@ -306,7 +306,7 @@ void MifareDES_Auth1(uint8_t mode, uint8_t algo, uint8_t keyno, uint8_t *datain
// dataout = pointer to response data array
int DesfireAPDU(uint8_t *cmd, size_t cmd_len, uint8_t *dataout){
uint32_t status = 0;
size_t len = 0;
size_t wrappedLen = 0;
uint8_t wCmd[USB_CMD_DATA_SIZE] = {0};
@@ -320,9 +320,9 @@ int DesfireAPDU(uint8_t *cmd, size_t cmd_len, uint8_t *dataout){
}
ReaderTransmit( wCmd, wrappedLen, NULL);
status = ReaderReceive(resp, resp_par);
len = ReaderReceive(resp, resp_par);
if( status == 0x00){
if( len == 0x00 ){
if (MF_DBGLEVEL >= 4) {
Dbprintf("fukked");
}
@@ -330,16 +330,16 @@ int DesfireAPDU(uint8_t *cmd, size_t cmd_len, uint8_t *dataout){
}
// if we received an I- or R(ACK)-Block with a block number equal to the
// current block number, toggle the current block number
else if (status >= 4 // PCB+CID+CRC = 4 bytes
else if (len >= 4 // PCB+CID+CRC = 4 bytes
&& ((resp[0] & 0xC0) == 0 // I-Block
|| (resp[0] & 0xD0) == 0x80) // R-Block with ACK bit set to 0
&& (resp[0] & 0x01) == pcb_blocknum) // equal block numbers
{
pcb_blocknum ^= 1; //toggle next block
}
// copy response to
dataout = resp;
return status;
memcpy(dataout, resp, len);
return len;
}
// CreateAPDU

9
armsrc/mifareutil.c
View File

@@ -85,8 +85,11 @@ int mifare_sendcmd_short_special(struct Crypto1State *pcs, uint8_t crypted, uint
{
uint8_t dcmd[8];
dcmd[0] = cmd;
memcpy(dcmd+1,data,5);
dcmd[1] = data[0];
dcmd[2] = data[1];
dcmd[3] = data[2];
dcmd[4] = data[3];
dcmd[5] = data[4];
AppendCrc14443a(dcmd, 6);
ReaderTransmit(dcmd, sizeof(dcmd), NULL);
int len = ReaderReceive(answer, answer_parity);
@@ -383,7 +386,7 @@ int mifare_classic_writeblock(struct Crypto1State *pcs, uint32_t uid, uint8_t bl
// variables
uint16_t len, i;
uint32_t pos;
uint8_t par[3] = {0x00};
uint8_t par[3] = {0}; // enough for 18 Bytes to send
byte_t res;
uint8_t d_block[18], d_block_enc[18];