Fix inconsistent assignment of known key and known key type/sector

2024-11-25 23:05:30 +03:00 · 2024-10-18 00:33:49 -04:00 · 2024-10-18 00:33:49 -04:00 · 897817a829
commit 897817a829
parent 2be0cfb04b
4 changed files with 24 additions and 2 deletions
--- a/lib/nfc/protocols/mf_classic/mf_classic.c
+++ b/lib/nfc/protocols/mf_classic/mf_classic.c
@ -543,6 +543,22 @@ void mf_classic_set_key_not_found(
    }
 }

+MfClassicKey
+    mf_classic_get_key(const MfClassicData* data, uint8_t sector_num, MfClassicKeyType key_type) {
+    furi_check(data);
+    furi_check(sector_num < mf_classic_get_total_sectors_num(data->type));
+    furi_check(key_type == MfClassicKeyTypeA || key_type == MfClassicKeyTypeB);
+
+    const MfClassicSectorTrailer* sector_trailer =
+        mf_classic_get_sector_trailer_by_sector(data, sector_num);
+
+    if(key_type == MfClassicKeyTypeA) {
+        return sector_trailer->key_a;
+    } else {
+        return sector_trailer->key_b;
+    }
+}
+
 bool mf_classic_is_block_read(const MfClassicData* data, uint8_t block_num) {
    furi_check(data);

--- a/lib/nfc/protocols/mf_classic/mf_classic.h
+++ b/lib/nfc/protocols/mf_classic/mf_classic.h
@ -213,6 +213,9 @@ void mf_classic_set_key_not_found(
    uint8_t sector_num,
    MfClassicKeyType key_type);

+MfClassicKey
+    mf_classic_get_key(const MfClassicData* data, uint8_t sector_num, MfClassicKeyType key_type);
+
 bool mf_classic_is_block_read(const MfClassicData* data, uint8_t block_num);

 void mf_classic_set_block_read(MfClassicData* data, uint8_t block_num, MfClassicBlock* block_data);
--- a/lib/nfc/protocols/mf_classic/mf_classic_poller.c
+++ b/lib/nfc/protocols/mf_classic/mf_classic_poller.c
@ -10,6 +10,7 @@
 // TODO: Store target key in CUID dictionary
 // TODO: Dead code for malloc returning NULL?
 // TODO: Auth1 static encrypted exists (rare)
+// TODO: Use keys found by NFC plugins, cached keys

 #define MF_CLASSIC_MAX_BUFF_SIZE (64)

@ -1817,12 +1818,13 @@ NfcCommand mf_classic_poller_handler_nested_controller(MfClassicPoller* instance
    bool initial_dict_attack_iter = false;
    if(dict_attack_ctx->nested_phase == MfClassicNestedPhaseNone) {
        dict_attack_ctx->auth_passed = true;
-        dict_attack_ctx->nested_known_key = dict_attack_ctx->current_key;
        bool backdoor_present = (dict_attack_ctx->backdoor != MfClassicBackdoorNone);
        if(!(backdoor_present)) {
            for(uint8_t sector = 0; sector < instance->sectors_total; sector++) {
                for(uint8_t key_type = 0; key_type < 2; key_type++) {
                    if(mf_classic_is_key_found(instance->data, sector, key_type)) {
+                        dict_attack_ctx->nested_known_key =
+                            mf_classic_get_key(instance->data, sector, key_type);
                        dict_attack_ctx->nested_known_key_sector = sector;
                        dict_attack_ctx->nested_known_key_type = key_type;
                        break;
--- a/targets/f7/api_symbols.csv
+++ b/targets/f7/api_symbols.csv
@ -1,5 +1,5 @@
 entry,status,name,type,params
-Version,+,77.2,,
+Version,+,77.3,,
 Header,+,applications/drivers/subghz/cc1101_ext/cc1101_ext_interconnect.h,,
 Header,+,applications/services/bt/bt_service/bt.h,,
 Header,+,applications/services/bt/bt_service/bt_keys_storage.h,,
@ -2512,6 +2512,7 @@ Function,+,mf_classic_get_base_data,Iso14443_3aData*,const MfClassicData*
 Function,+,mf_classic_get_blocks_num_in_sector,uint8_t,uint8_t
 Function,+,mf_classic_get_device_name,const char*,"const MfClassicData*, NfcDeviceNameType"
 Function,+,mf_classic_get_first_block_num_of_sector,uint8_t,uint8_t
+Function,+,mf_classic_get_key,MfClassicKey,"const MfClassicData*, uint8_t, MfClassicKeyType"
 Function,+,mf_classic_get_read_sectors_and_keys,void,"const MfClassicData*, uint8_t*, uint8_t*"
 Function,+,mf_classic_get_sector_by_block,uint8_t,uint8_t
 Function,+,mf_classic_get_sector_trailer_by_sector,MfClassicSectorTrailer*,"const MfClassicData*, uint8_t"