Comments (8)
lvandenb
commented on June 17, 2024
1
I think there is an issue now. PM3 hf mfdes info can't select card, and green led goes out.
also by just putting on the Omnikey reader .. flashes, and Chameleon green led is out.
also some remark for CMAC (nist.sp.800-38b.pdf). I do calculate K1,K2 only on authentication, not for every cmac.. There also should be a CMAC function, just calculating it, without appending ( sometimes we just calculate cmac without using it, (like on status answers without data), only to get the IV up to date)
from chameleonmini.
lvandenb
commented on June 17, 2024
1
the behavior of R(NAK) answered by R(ACK) is documented in 14443-part 4
7.5.4 Block handling rules
: 7.5.4.3 PICC rules:
: Rule 12. When an R(NAK) block is received, if its block number is not equal to the PICCβs current block number, an
R(ACK) block shall be sent.
and it seems to be used a lot.
from chameleonmini.
maxieds
commented on June 17, 2024
Does this concern a particular CONFIG, or is it something that would be handled in the codec code?
from chameleonmini.
lvandenb
commented on June 17, 2024
it is a general issue voor 14443A-4
There is a R block with a Nack.
But it could be done in DESFireISO14443Support.c
from chameleonmini.
maxieds
commented on June 17, 2024
@lvandenb
You can test this new functionality out in the latest commit to my local testing branch (linked in #313).
Pardon my expression, but as a software person, I am in hell. I spent more than six hours today hacking on code to get the standard CommMode combinations happening (MAC'ed, CMAC'ed, Enciphered), and it turns out that all this extra code bloat crashes the firmware. I'm going to have to think about where and what to mix up and remove to get all this to fit. This was the initial pandemic problem challenge to minimize bloat of structures. And now four functions #if'defed out are the difference in reliably authing, and nothing happening.
At any rate, the ACK/NAK functionality you suggested should now work in the DESFire configurations. You can spot check my handy work on these lines if you like.
from chameleonmini.
lvandenb
commented on June 17, 2024
ok, I'm using pm3 witht the right antenna settings, doing hf sniff 14a, then trace list -u -r.
using a omnikey 5022, with diagnostics from hid global tool,
really smooth ..
Now it dies on this
the readers sends DESELECT , and it's game over for this session.
from chameleonmini.
maxieds
commented on June 17, 2024
Ok. I think I'm understanding what could be happening. If you look at this code, the ISO14443A state gets reset periodically. This will cause the stored last data frame size to be zero which is the same as sending out a ISO14443A_APP_NO_RESPONSE. It could also be happening in the DESFire processing commands directly (see here).
It would be tough to figure it out from the image you posted without some corresponding correlated logs coming out of the Chameleon. Have you tried using my Android app with LOGMODE=LIVE so that it prints string formatted debugging messages to the phone's console over USB in real time? If you can pin point what the Chameleon logs are doing when this happens, I will try to look into this more.
Also, I pushed another (smaller) commit to the testing branch about 20 minutes ago. It turns out that some bad choices of sizes/alignments for structures stored in an array (ConfigMap) can be resized to remove some space requirements. This let me reenable the MAC/CMAC/Enciphered CommMode exchanges I have been working on. It all seems to be testing well with the three (Legacy/ISO/AES128) authentication commands with the LibNFC code I have. I should be able to test it more thoroughly when I get my PM3 next week. Can you confirm that the auth commands work with you PM? Also, have you seen these projects added yesterday afternoon?
from chameleonmini.
maxieds
commented on June 17, 2024
@lvandenb
I am traveling this week. I hope to get my PM3 in the mail to bring back with me before I leave. I will try to figure out what's killing the light on card selection when it arrives. When that happens, usually it means memory overflowed somewhere it shouldn't have. This could be too much data getting pushed onto the stack, as in the space issues I tried to fix yesterday, or be another legitimate bug in the code that needs to get fixed. Space is (as usual with the DESFire config code) REALLY tight. And making this harder to trace is that there is not really a good software based way to step through the sequence of execution that triggers the error like we can do in C on Linux (that I'm aware of). I am going to have to see whether it makes sense to store a new CMAC and MAC buffer in the state structure, or whether it is better space saving wise to just recompute them every time.
For the RNAK and ISO14443 processing bugs, it is probably going to be on the back burner for a couple of weeks. My first priority is to get the basic auth schemes working and file a PR to get those crashes fixed. For now, I am going to file your suggestions in the last two posts in the DESFire project space @david-oswald gave me access to.
from chameleonmini.
Related Issues (20)
- Desfire adpu processing for real iso-8716 HOT 77
- Create a project to keep track of misc DESFire support TODO tasks? HOT 5
- Emulation mode - Responding to external readers HOT 3
- Problems with external USB readers running ``CONFIG=MF_DESFIRE`` HOT 3
- Where to download the firmware binaries built with the emsec/ChameleonMini actions scripts? HOT 2
- Lost ability to store card data to FRAM in all releases after Jul 08, 2022 HOT 2
- Some Questions about the ChameleonMini
- DESFire: Unable to auth to apps unless authed to the PICC master app first HOT 3
- LED not showing after flashing upgraded firmware HOT 12
- Mifare Ultralight EV1 Emulation Support HOT 4
- cannot access device at all HOT 2
- Issues with Mifare DES-Fire Emulation HOT 3
- Connect device to the LabVIEW HOT 2
- No communication between old NFC reader and ChameleonTiny Pro HOT 6
- Datasheets and other information about debugging with the ChameleonMini HOT 3
- Set new UID HOT 3
- MIFARE DESFire EV1 8K HOT 2
- How can I emulate MIFARE DESFire EV1 8K with Proxmark3 HOT 1
- Conflict in 'Uid' Variable Definitions Across Different Files HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from chameleonmini.