Merge remote-tracking branch 'pr3822/nestednonces' into dev

2026-05-12 16:58:36 -07:00 · 2024-10-11 10:18:18 -04:00
parent 619445da4b 540478855c
commit a96a49dc64
8 changed files with 61 additions and 77 deletions
--- a/applications/main/nfc/nfc_app_i.h
+++ b/applications/main/nfc/nfc_app_i.h
@@ -97,9 +97,9 @@ typedef struct {
    bool is_key_attack;
    uint8_t key_attack_current_sector;
    bool is_card_present;
-    uint8_t nested_phase;
-    uint8_t prng_type;
-    uint8_t backdoor;
+    MfClassicNestedPhase nested_phase;
+    MfClassicPrngType prng_type;
+    MfClassicBackdoor backdoor;
    uint16_t nested_target_key;
    uint16_t msb_count;
    bool enhanced_dict;
--- a/applications/main/nfc/plugins/supported_cards/clipper.c
+++ b/applications/main/nfc/plugins/supported_cards/clipper.c
@@ -106,7 +106,7 @@ static const IdMapping bart_zones[] = {
    {.id = 0x0023, .name = "South Hayward"},
    {.id = 0x0024, .name = "Union City"},
    {.id = 0x0025, .name = "Fremont"},
-    {.id = 0x0026, .name = "Daly City(2)?"},
+    {.id = 0x0026, .name = "Castro Valley"},
    {.id = 0x0027, .name = "Dublin/Pleasanton"},
    {.id = 0x0028, .name = "South San Francisco"},
    {.id = 0x0029, .name = "San Bruno"},
@@ -115,6 +115,8 @@ static const IdMapping bart_zones[] = {
    {.id = 0x002c, .name = "West Dublin/Pleasanton"},
    {.id = 0x002d, .name = "OAK Airport"},
    {.id = 0x002e, .name = "Warm Springs/South Fremont"},
+    {.id = 0x002f, .name = "Milpitas"},
+    {.id = 0x0030, .name = "Berryessa/North San Jose"},
 };
 static const size_t kNumBARTZones = COUNT(bart_zones);

--- a/applications/main/nfc/scenes/nfc_scene_mf_classic_dict_attack.c
+++ b/applications/main/nfc/scenes/nfc_scene_mf_classic_dict_attack.c
@@ -2,7 +2,6 @@

 #include <bit_lib/bit_lib.h>
 #include <dolphin/dolphin.h>
-#include <lib/nfc/protocols/mf_classic/mf_classic_poller.h>

 #define TAG "NfcMfClassicDictAttack"

@@ -141,14 +140,14 @@ static void nfc_scene_mf_classic_dict_attack_prepare_view(NfcApp* instance) {
    uint32_t state =
        scene_manager_get_scene_state(instance->scene_manager, NfcSceneMfClassicDictAttack);
    if(state == DictAttackStateCUIDDictInProgress) {
-        do {
-            size_t cuid_len = 0;
-            const uint8_t* cuid = nfc_device_get_uid(instance->nfc_device, &cuid_len);
-            FuriString* cuid_dict_path = furi_string_alloc_printf(
-                "%s/mf_classic_dict_%08lx.nfc",
-                EXT_PATH("nfc/assets"),
-                (uint32_t)bit_lib_bytes_to_num_be(cuid + (cuid_len - 4), 4));
+        size_t cuid_len = 0;
+        const uint8_t* cuid = nfc_device_get_uid(instance->nfc_device, &cuid_len);
+        FuriString* cuid_dict_path = furi_string_alloc_printf(
+            "%s/mf_classic_dict_%08lx.nfc",
+            EXT_PATH("nfc/assets"),
+            (uint32_t)bit_lib_bytes_to_num_be(cuid + (cuid_len - 4), 4));

+        do {
            if(!keys_dict_check_presence(furi_string_get_cstr(cuid_dict_path))) {
                state = DictAttackStateUserDictInProgress;
                break;
@@ -159,8 +158,6 @@ static void nfc_scene_mf_classic_dict_attack_prepare_view(NfcApp* instance) {
                KeysDictModeOpenExisting,
                sizeof(MfClassicKey));

-            furi_string_free(cuid_dict_path);
-
            if(keys_dict_get_total_keys(instance->nfc_dict_context.dict) == 0) {
                keys_dict_free(instance->nfc_dict_context.dict);
                state = DictAttackStateUserDictInProgress;
@@ -169,6 +166,8 @@ static void nfc_scene_mf_classic_dict_attack_prepare_view(NfcApp* instance) {

            dict_attack_set_header(instance->dict_attack, "MF Classic CUID Dictionary");
        } while(false);
+
+        furi_string_free(cuid_dict_path);
    }
    if(state == DictAttackStateUserDictInProgress) {
        do {
--- a/applications/main/nfc/views/dict_attack.c
+++ b/applications/main/nfc/views/dict_attack.c
@@ -316,21 +316,21 @@ void dict_attack_reset_key_attack(DictAttack* instance) {
        instance->view, DictAttackViewModel * model, { model->is_key_attack = false; }, true);
 }

-void dict_attack_set_nested_phase(DictAttack* instance, uint8_t nested_phase) {
+void dict_attack_set_nested_phase(DictAttack* instance, MfClassicNestedPhase nested_phase) {
    furi_assert(instance);

    with_view_model(
        instance->view, DictAttackViewModel * model, { model->nested_phase = nested_phase; }, true);
 }

-void dict_attack_set_prng_type(DictAttack* instance, uint8_t prng_type) {
+void dict_attack_set_prng_type(DictAttack* instance, MfClassicPrngType prng_type) {
    furi_assert(instance);

    with_view_model(
        instance->view, DictAttackViewModel * model, { model->prng_type = prng_type; }, true);
 }

-void dict_attack_set_backdoor(DictAttack* instance, uint8_t backdoor) {
+void dict_attack_set_backdoor(DictAttack* instance, MfClassicBackdoor backdoor) {
    furi_assert(instance);

    with_view_model(
--- a/applications/main/nfc/views/dict_attack.h
+++ b/applications/main/nfc/views/dict_attack.h
@@ -2,6 +2,7 @@

 #include <stdint.h>
 #include <gui/view.h>
+#include <lib/nfc/protocols/mf_classic/mf_classic_poller.h>

 #ifdef __cplusplus
 extern "C" {
@@ -9,32 +10,6 @@ extern "C" {

 typedef struct DictAttack DictAttack;

-typedef enum {
-    MfClassicNestedPhaseNone,
-    MfClassicNestedPhaseAnalyzePRNG,
-    MfClassicNestedPhaseDictAttack,
-    MfClassicNestedPhaseDictAttackResume,
-    MfClassicNestedPhaseCalibrate,
-    MfClassicNestedPhaseRecalibrate,
-    MfClassicNestedPhaseCollectNtEnc,
-    MfClassicNestedPhaseFinished,
-} MfClassicNestedPhase;
-
-typedef enum {
-    MfClassicPrngTypeUnknown, // Tag not yet tested
-    MfClassicPrngTypeNoTag, // No tag detected during test
-    MfClassicPrngTypeWeak, // Weak PRNG, standard Nested
-    MfClassicPrngTypeHard, // Hard PRNG, Hardnested
-} MfClassicPrngType;
-
-typedef enum {
-    MfClassicBackdoorUnknown, // Tag not yet tested
-    MfClassicBackdoorNone, // No observed backdoor
-    MfClassicBackdoorAuth1, // Tag responds to v1 auth backdoor
-    MfClassicBackdoorAuth2, // Tag responds to v2 auth backdoor
-    MfClassicBackdoorAuth3, // Tag responds to v3 auth backdoor (static encrypted nonce)
-} MfClassicBackdoor;
-
 typedef enum {
    DictAttackEventSkipPressed,
 } DictAttackEvent;
@@ -71,11 +46,11 @@ void dict_attack_set_key_attack(DictAttack* instance, uint8_t sector);

 void dict_attack_reset_key_attack(DictAttack* instance);

-void dict_attack_set_nested_phase(DictAttack* instance, uint8_t nested_phase);
+void dict_attack_set_nested_phase(DictAttack* instance, MfClassicNestedPhase nested_phase);

-void dict_attack_set_prng_type(DictAttack* instance, uint8_t prng_type);
+void dict_attack_set_prng_type(DictAttack* instance, MfClassicPrngType prng_type);

-void dict_attack_set_backdoor(DictAttack* instance, uint8_t backdoor);
+void dict_attack_set_backdoor(DictAttack* instance, MfClassicBackdoor backdoor);

 void dict_attack_set_nested_target_key(DictAttack* instance, uint16_t target_key);