Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /**
- *
- * @param {Number} keyNo
- * @param {String} key
- * @returns
- */
- authenticateEV2First = async (keyNo, key) => {
- let cmd = DESFIRE_INS.AUTH_EV2_FIRST;
- let _keyNo = DesfireUtils.intToHexArray(keyNo, 1);
- let auth_key = key;
- let _lenCap = [0x02];
- let _pcdCap = [0xC0, 0x00];
- cmd = cmd.concat(_keyNo).concat(_lenCap).concat(_pcdCap);
- let response = await this.sendCommand(cmd);
- let randB_enc = response.data;
- console.log("Auth EV2 First RandB Enc: ", randB_enc);
- let randB = DesfireUtils.aesDecryptor(randB_enc, auth_key);
- console.log("Auth EV2 First RandB: ", randB);
- let randB_rotate = await DesfireUtils.rotateLeft(randB);
- console.log("Auth EV2 First RandB Rotate: ", randB_rotate);
- // Generate random 16-byte RndA
- const randA = CryptoJS.lib.WordArray.random(16).toString(CryptoJS.enc.Hex);
- console.log("Auth EV2 First RandA: ", randA);
- let randAB = randA.concat(randB_rotate);
- let iv = CryptoJS.enc.Hex.parse(randB_enc);
- let randAB_enc = DesfireUtils.aesEncryptor(randAB, auth_key, iv);
- dataToSend = randAB_enc;
- let instructionByte = "AF";
- let cmdString = instructionByte.concat(dataToSend).toUpperCase();
- let byteArray = cmdString.match(/.{1,2}/g).map(hex => parseInt(hex, 16));
- cmd = byteArray;
- response = await this.sendCommand(cmd);
- console.log("First part response: ", response);
- const status = response.status;
- if (status != DESFIRE_STATUS.SUCCESS) {
- console.log(status);
- console.log("RandB' is wrong!\n");
- return false;
- }
- let data_enc = response.data;
- iv = CryptoJS.enc.Hex.parse(dataToSend.slice(-32));
- // decrypt response
- // response contains TI (4 bytes) + randA' (16 bytes) + PDcap related (12 bytes)
- let data = DesfireUtils.aesDecryptor(data_enc, auth_key, iv);
- console.log("Data received: ", data);
- let ti = data.slice(0, 8);
- let newRandA = data.slice(8, 40);
- let pcdcap_returned = data.slice(40);
- console.log("TI: ", ti);
- console.log("RandA: ", newRandA);
- console.log("PCDcap: ", pcdcap_returned);
- // rotate right
- let newRandA_rotate = DesfireUtils.rotateRight(newRandA);
- if (newRandA_rotate.toUpperCase() !== randA.toUpperCase()) {
- console.log("RandA' is not identical to original RandA. Authentication failed!\n");
- return false;
- }
- console.log("Auth successful!");
- // generate AuthSessionKeys
- const session_label_enc = [0xA5, 0x5A];
- const session_label_mac = [0x5A, 0xA5];
- const session_counter = [0x00, 0x01];
- const session_length = [0x00, 0x80];
- const session_context = new Uint8Array(26);
- // xor some values in randA and randB
- // create SessionKey
- const randABytes = DesfireUtils.hexStringToByteArray(randA);
- const randBBytes = DesfireUtils.hexStringToByteArray(randB);
- console.log("RandA Bytes: ", randABytes);
- console.log("RandB Bytes: ", randBBytes);
- const randA_15_14 = randABytes.slice(0, 2);
- const randA_13_8 = randABytes.slice(2, 8);
- const randB_15_10 = randBBytes.slice(0, 6);
- const randB_9_0 = randBBytes.slice(6, 16);
- const randA_7_0 = randABytes.slice(8, 16);
- console.log("RandA_15_14:", randA_15_14);
- console.log("RandA_13_8:", randA_13_8);
- console.log("RandB_15_10:", randB_15_10);
- console.log("RandB_9_0:", randB_9_0);
- console.log("RandA_7_0:", randA_7_0);
- const randA_13_8_string = DesfireUtils.getHexFromDecArray(Array.from(randA_13_8));
- const randB_15_10_string = DesfireUtils.getHexFromDecArray(Array.from(randB_15_10));
- const xoredValues = DesfireUtils.xorHexStrings(randA_13_8_string, randB_15_10_string);
- const xored_bytes = DesfireUtils.hexStringToByte(xoredValues);
- console.log("XORed Value: ", xoredValues);
- console.log("XORed Bytes: ", xored_bytes);
- session_context.set(randA_15_14, 0);
- session_context.set(xored_bytes, 2);
- session_context.set(randB_9_0, 8);
- session_context.set(randA_7_0, 18);
- const session_context_array = Array.from(session_context);
- const sv1 = session_label_enc.concat(session_counter).concat(session_length).concat(session_context_array);
- const sv2 = session_label_mac.concat(session_counter).concat(session_length).concat(session_context_array);
- const session_key_enc_string = Array.from(sv1).map(byte => {
- // Convert each byte to its hexadecimal representation
- return ('0' + byte.toString(16)).slice(-2); // Ensure two characters for each byte
- }).join('');
- const session_key_mac_string = Array.from(sv2).map(byte => {
- // Convert each byte to its hexadecimal representation
- return ('0' + byte.toString(16)).slice(-2); // Ensure two characters for each byte
- }).join('');
- console.log("SV1: ", sv1);
- console.log("SV2: ", sv2);
- console.log("session_key_enc_string: ", session_key_enc_string)
- console.log("session_key_mac_string: ", session_key_mac_string)
- const sessionAuthMac = CMAC.calculateCmac(key, session_key_mac_string);
- const sessionAuthEnc = CMAC.calculateCmac(key, session_key_enc_string);
- this.sessionAuthMac = sessionAuthMac;
- this.sessionAuthEnc = sessionAuthEnc;
- this.CmdCounter = 0;
- this.TransactionIdentifier = ti;
- this.authenticateEV2FirstSucess = true;
- console.log("\n");
- return true;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement