Add support for latest SAM AV3 key types and classes

Upgrade to LLA v3
leosac · Jan 12, 2024 · 8e0a857 · 8e0a857
1 parent 7ab5ebe
commit 8e0a857
Show file tree

Hide file tree

Showing 7 changed files with 57 additions and 12 deletions.
diff --git a/KeyManager.Library.KeyStore.NXP_SAM.UI/Domain/SAMKeyStoreToolsControlViewModel.cs b/KeyManager.Library.KeyStore.NXP_SAM.UI/Domain/SAMKeyStoreToolsControlViewModel.cs
@@ -14,7 +14,7 @@ public SAMKeyStoreToolsControlViewModel()
  {
  _samAuthKey = new KeyVersion { Name = "Key" };
  _samAuthKeyId = 0;
- _samAuthKeyType = LibLogicalAccess.Card.SAMKeyType.SAM_KEY_AES;
+ _samAuthKeyType = LibLogicalAccess.Card.SAMKeyType.SAM_KEY_AES128;
 
  _samUnlockKey = new KeyVersion { Name = "Key", Key = new Key(null, 16, "") };
  _samUnlockKeyId = 1;
@@ -143,7 +143,7 @@ private void SAMAuthenticate()
  {
  key.setKeyType(LibLogicalAccess.Card.DESFireKeyType.DF_KEY_DES);
  }
- else if (SAMAuthKeyType == LibLogicalAccess.Card.SAMKeyType.SAM_KEY_AES)
+ else if (SAMAuthKeyType == LibLogicalAccess.Card.SAMKeyType.SAM_KEY_AES128)
  {
  key.setKeyType(LibLogicalAccess.Card.DESFireKeyType.DF_KEY_AES);
  }

diff --git a/KeyManager.Library.KeyStore.NXP_SAM/KeyManager.Library.KeyStore.NXP_SAM.csproj b/KeyManager.Library.KeyStore.NXP_SAM/KeyManager.Library.KeyStore.NXP_SAM.csproj
@@ -9,7 +9,7 @@
  </PropertyGroup>
 
  <ItemGroup>
- <PackageReference Include="LibLogicalAccessNetCE" Version="2.5.0" />
+ <PackageReference Include="LibLogicalAccessNetCE" Version="3.0.0" />
  <PackageReference Include="log4net" Version="2.0.15">
  <ExcludeAssets>runtime</ExcludeAssets>
  </PackageReference>

diff --git a/KeyManager.Library.KeyStore.NXP_SAM/SAMKeyEntryType.cs b/KeyManager.Library.KeyStore.NXP_SAM/SAMKeyEntryType.cs
@@ -5,6 +5,8 @@ public enum SAMKeyEntryType : byte
  Host = 0x00,
  PICC = 0x01,
  OfflineChange = 0x02,
- OfflineCrypto = 0x04
+ OfflineCrypto = 0x04,
+ OfflineUpload = 0x05,
+ OfflinePerso = 0x06
  }
 }
diff --git a/KeyManager.Library.KeyStore.NXP_SAM/SAMKeyStore.cs b/KeyManager.Library.KeyStore.NXP_SAM/SAMKeyStore.cs
@@ -1,4 +1,6 @@
-namespace Leosac.KeyManager.Library.KeyStore.NXP_SAM
+using LibLogicalAccess;
+
+namespace Leosac.KeyManager.Library.KeyStore.NXP_SAM
 {
  public class SAMKeyStore : KeyStore
  {
@@ -95,7 +97,7 @@ public override Task Open()
 
  var cmd = chip.getCommands();
  LibLogicalAccess.Card.SAMVersion? version = null;
- if (cmd is LibLogicalAccess.Reader.SAMAV2ISO7816Commands av1cmd)
+ if (cmd is LibLogicalAccess.Reader.SAMAV1ISO7816Commands av1cmd)
  {
  version = av1cmd.getVersion();
  }
@@ -308,6 +310,7 @@ internal static void ParseKeyEntryProperties(LibLogicalAccess.Card.KeyEntryAV2In
  properties.AuthenticateHost = Convert.ToBoolean(set.authkey);
  properties.AllowDumpSecretKey = Convert.ToBoolean(infoav2.ExtSET & 0x08);
  properties.AllowDumpSecretKeyWithDiv = Convert.ToBoolean(infoav2.ExtSET & 0x10);
+ properties.ReservedForPerso = Convert.ToBoolean(infoav2.ExtSET & 0x20);
  }
  }
 
@@ -318,10 +321,18 @@ private static SAMSymmetricKeyEntry CreateKeyEntryFromKeyType(LibLogicalAccess.C
  {
  keyEntry.SetVariant("DES");
  }
- else if (keyType == LibLogicalAccess.Card.SAMKeyType.SAM_KEY_AES)
+ else if (keyType == LibLogicalAccess.Card.SAMKeyType.SAM_KEY_AES128)
  {
  keyEntry.SetVariant("AES128");
  }
+ else if (keyType == LibLogicalAccess.Card.SAMKeyType.SAM_KEY_AES192)
+ {
+ keyEntry.SetVariant("AES192");
+ }
+ else if (keyType == LibLogicalAccess.Card.SAMKeyType.SAM_KEY_AES256)
+ {
+ keyEntry.SetVariant("AES256");
+ }
  else
  {
  keyEntry.SetVariant("TK3DES");
@@ -367,6 +378,24 @@ public override async Task Store(IList<IChangeKeyEntry> changes)
  throw new KeyStoreException("Inserted SAM is AV1 mode and Auto Switch to AV2 wasn't enabled.");
  }
  }
+ else if (cmd is LibLogicalAccess.Reader.SAMAV2ISO7816Commands av2cmd)
+ {
+ try
+ {
+ if (GetSAMProperties().AutoSwitchToAV2)
+ {
+ var version = av2cmd.getVersion();
+ if (version != null && version.manufacture.modecompatibility == 0x03) // Unactivated MIFARE SAM AV3
+ {
+ ActivateMifareSAM(av2cmd);
+ }
+ }
+ }
+ catch(LibLogicalAccessException ex)
+ {
+ log.Error("SAM automatic activation failed.", ex);
+ }
+ }
 
  // We sort the changes to update change key reference last
  var ochanges = changes.Order(new SAMKeyEntryComparer(GetSAMProperties()));
@@ -419,6 +448,7 @@ public override Task Update(IChangeKeyEntry change, bool ignoreIfMissing)
 
  infoav2.ExtSET |= (byte)(Convert.ToByte(samkey.SAMProperties.AllowDumpSecretKey) << 3);
  infoav2.ExtSET |= (byte)(Convert.ToByte(samkey.SAMProperties.AllowDumpSecretKeyWithDiv) << 4);
+ infoav2.ExtSET |= (byte)(Convert.ToByte(samkey.SAMProperties.ReservedForPerso) << 5);
  }
 
  var updateSettings = new LibLogicalAccess.Card.KeyEntryUpdateSettings
@@ -477,7 +507,18 @@ public override Task Update(IChangeKeyEntry change, bool ignoreIfMissing)
  var samkt = LibLogicalAccess.Card.SAMKeyType.SAM_KEY_DES;
  if (containers[0].Key.Tags.Contains("AES"))
  {
- samkt = LibLogicalAccess.Card.SAMKeyType.SAM_KEY_AES;
+ if (containers[0].Key.KeySize == 32)
+ {
+ samkt = LibLogicalAccess.Card.SAMKeyType.SAM_KEY_AES256;
+ }
+ else if (containers[0].Key.KeySize == 24)
+ {
+ samkt = LibLogicalAccess.Card.SAMKeyType.SAM_KEY_AES192;
+ }
+ else
+ {
+ samkt = LibLogicalAccess.Card.SAMKeyType.SAM_KEY_AES128;
+ }
  }
  else
  {
@@ -548,7 +589,7 @@ public static void SwitchSAMToAV2(LibLogicalAccess.Reader.SAMAV1ISO7816Commands
  keyType = keyav1entry.getKeyType() switch
  {
  LibLogicalAccess.Card.SAMKeyType.SAM_KEY_3K3DES => LibLogicalAccess.Card.DESFireKeyType.DF_KEY_3K3DES,
- LibLogicalAccess.Card.SAMKeyType.SAM_KEY_AES => LibLogicalAccess.Card.DESFireKeyType.DF_KEY_AES,
+ LibLogicalAccess.Card.SAMKeyType.SAM_KEY_AES128 => LibLogicalAccess.Card.DESFireKeyType.DF_KEY_AES,
  _ => LibLogicalAccess.Card.DESFireKeyType.DF_KEY_DES,
  };
  }
@@ -563,7 +604,7 @@ public static void SwitchSAMToAV2(LibLogicalAccess.Reader.SAMAV1ISO7816Commands
  new LibLogicalAccess.ByteVector(kb)
  };
 
- keyav1entry.setKeysData(keys, LibLogicalAccess.Card.SAMKeyType.SAM_KEY_AES);
+ keyav1entry.setKeysData(keys, LibLogicalAccess.Card.SAMKeyType.SAM_KEY_AES128);
  var keyInfo = keyav1entry.getKeyEntryInformation();
  keyInfo.vera = keyVersion;
  keyInfo.verb = keyVersion;

diff --git a/KeyManager.Library.KeyStore.NXP_SAM/SAMSymmetricKeyEntryProperties.cs b/KeyManager.Library.KeyStore.NXP_SAM/SAMSymmetricKeyEntryProperties.cs
@@ -30,6 +30,8 @@ public class SAMSymmetricKeyEntryProperties : KeyEntryProperties
 
  public bool AllowDumpSecretKeyWithDiv { get; set; }
 
+ public bool ReservedForPerso { get; set; }
+
  public byte[] DESFireAID { get; set; } = new byte[3];
 
  public byte DESFireKeyNum { get; set; }

diff --git a/KeyManager.Library.UI/KeyManager.Library.UI.csproj b/KeyManager.Library.UI/KeyManager.Library.UI.csproj
@@ -35,7 +35,7 @@
  <PackageReference Include="MaterialDesignThemes" Version="4.9.0" />
  <PackageReference Include="Net.Codecrete.QrCodeGenerator" Version="2.0.4" />
  <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
- <PackageReference Include="SkiaSharp" Version="2.88.6" />
+ <PackageReference Include="SkiaSharp" Version="2.88.7" />
  </ItemGroup>
 
  <ItemGroup>

diff --git a/KeyManager.Library/KeyManager.Library.csproj b/KeyManager.Library/KeyManager.Library.csproj
@@ -41,7 +41,7 @@
  <PackageReference Include="Crc32.NET" Version="1.2.0" />
  <PackageReference Include="log4net" Version="2.0.15" />
  <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
- <PackageReference Include="SecretSharingDotNet" Version="0.10.2" />
+ <PackageReference Include="SecretSharingDotNet" Version="0.11.0" />
  </ItemGroup>
 
 </Project>