text and style

Author: iceman1001

CHANGELOG.md

@@ -3,6 +3,8 @@ All notable changes to this project will be documented in this file.
 This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...
 
 ## [unreleased][unreleased]
+- Added support for Ultralight AES secure messaing in `hf 14a raw` (@iceman1001)
+- Added support for Ultralight AES secure messaging in `hf mfu info/rdbl/wrbl/dump/ndefread/wipe/setkey` (@iceman1001)
 - Added support for Ultralight AES auth in `hf mfu info/rdbl/wrbl/dump/ndefread/wipe/setkey` (@doegox)
 - Added Ultralight AES basic DataProtKey emulation support (@doegox)
 - Changed `mem info` and how the signature handling is done (@iceman1001)

armsrc/cmac_calc.c

@@ -29,8 +29,8 @@ static ulaes_key_t g_secure_session = {
     .use_schann = false,
 };
 
-// init clears all 
-void init_secure_session(void) {    
+// init clears all
+void init_secure_session(void) {
     g_secure_session.counter = 0;
     g_secure_session.use_schann = false;
     memset(g_secure_session.cmac_sk1, 0, sizeof(g_secure_session.cmac_sk1));
@@ -75,7 +75,7 @@ static void generate_subkeys(mbedtls_aes_context *ctx, uint8_t *K1, uint8_t *K2)
 
     // Step 2: K1 = L << 1 (with conditional XOR with 0x87)
     left_shift_128(L, K1);
-    if (L[0] & 0x80) {        
+    if (L[0] & 0x80) {
         // If MSB is 1
         K1[15] ^= 0x87;
     }

armsrc/mifareutil.c

@@ -575,7 +575,7 @@ int mifare_ultra_aes_auth(uint8_t keyno, uint8_t *keybytes, bool schann) {
         rb[6], rb[7], rb[8], rb[9], rb[10], rb[11], rb[12], rb[13], rb[14], rb[15],
         ra[8], ra[9], ra[10], ra[11], ra[12], ra[13], ra[14], ra[15]
     };
-    
+
     // session key is the CMAC of  session_vec  using the KEY
     ulaes_cmac(key, sizeof(key), session_vec, sizeof(session_vec), sobj->sessionkey);
     return 1;

doc/commands.json

@@ -1344,9 +1344,10 @@
                 "-w, --wait <us> Wait in microseconds between select and command",
                 "--topaz Use Topaz protocol to send command",
                 "--crypto1 Use crypto1 session",
+                "--schann use secure channel. Must have key",
                 "<hex> Raw bytes to send"
             ],
-            "usage": "hf 14a raw [-hack3rsv] [-t <ms>] [-b <dec>] [-w <us>] [--topaz] [--crypto1] <hex> [<hex>]..."
+            "usage": "hf 14a raw [-hack3rsv] [-t <ms>] [-b <dec>] [-w <us>] [--topaz] [--crypto1] [--schann] <hex> [<hex>]..."
         },
         "hf 14a reader": {
             "command": "hf 14a reader",
@@ -7155,17 +7156,19 @@
             "description": "Tests AES key on Mifare Ultralight AES tags. If no key is specified, null key will be tried. Key index 0... DataProtKey (default) Key index 1... UIDRetrKey Key index 2... OriginalityKey",
             "notes": [
                 "hf mfu aesauth",
-                "hf mfu aesauth --key <16 hex bytes> --idx <0..2>"
+                "hf mfu aesauth --key <16 hex bytes> --idx <0..2>",
+                "hf mfu aesauth --key <16 hex bytes> --idx <0..2> --schann"
             ],
             "offline": false,
             "options": [
                 "-h, --help This help",
                 "--key <hex> AES key (16 hex bytes)",
                 "-i, --idx <0..2> Key index (def: 0)",
                 "-l Swap entered key's endianness",
-                "-k Keep field on (only if a key is provided)"
+                "-k Keep field on (only if a key is provided)",
+                "--schann use secure channel. Must have key"
             ],
-            "usage": "hf mfu aesauth [-hlk] [--key <hex>] [-i <0..2>]"
+            "usage": "hf mfu aesauth [-hlk] [--key <hex>] [-i <0..2>] [--schann]"
         },
         "hf mfu amiibo": {
             "command": "hf mfu amiibo",
@@ -7220,9 +7223,10 @@
                 "-p, --page <dec> Manually set start page number to start from",
                 "-q, --qty <dec> Manually set number of pages to dump",
                 "--ns no save to file",
-                "-z, --dense dense dump output style"
+                "-z, --dense dense dump output style",
+                "--schann use secure channel. Must have key"
             ],
-            "usage": "hf mfu dump [-hlz] [-f <fn>] [-k <hex>] [-p <dec>] [-q <dec>] [--ns]"
+            "usage": "hf mfu dump [-hlz] [-f <fn>] [-k <hex>] [-p <dec>] [-q <dec>] [--ns] [--schann]"
         },
         "hf mfu eload": {
             "command": "hf mfu eload",
@@ -7321,9 +7325,10 @@
                 "-h, --help This help",
                 "-k, --key <hex> Authentication key (UL-C 16 bytes, EV1/NTAG 4 bytes)",
                 "-l Swap entered key's endianness",
-                "--force override `hw dbg` settings"
+                "--force override `hw dbg` settings",
+                "--schann use secure channel. Must have key"
             ],
-            "usage": "hf mfu info [-hl] [-k <hex>] [--force]"
+            "usage": "hf mfu info [-hl] [-k <hex>] [--force] [--schann]"
         },
         "hf mfu keygen": {
             "command": "hf mfu keygen",
@@ -7354,9 +7359,10 @@
                 "-h, --help This help",
                 "-l Swap entered key's endianness",
                 "-f, --file <fn> Save raw NDEF to file",
-                "-v, --verbose Verbose output"
+                "-v, --verbose Verbose output",
+                "--schann use secure channel. Must have key"
             ],
-            "usage": "hf mfu ndefread [-hlv] [-k Replace default key for NDEF] [-f <fn>]"
+            "usage": "hf mfu ndefread [-hlv] [-k Replace default key for NDEF] [-f <fn>] [--schann]"
         },
         "hf mfu otptear": {
             "command": "hf mfu otptear",
@@ -7404,17 +7410,19 @@
             "notes": [
                 "hf mfu rdbl -b 0",
                 "hf mfu rdbl -b 0 -k AABBCCDD",
-                "hf mfu rdbl -b 0 --key 00112233445566778899AABBCCDDEEFF"
+                "hf mfu rdbl -b 0 --key 00112233445566778899AABBCCDDEEFF",
+                "hf mfu rdbl -b 0 --key 00112233445566778899AABBCCDDEEFF --schann"
             ],
             "offline": false,
             "options": [
                 "-h, --help This help",
                 "-k, --key <hex> Authentication key (UL-C/UL-AES 16 bytes, EV1/NTAG 4 bytes)",
                 "-l Swap entered key's endianness",
                 "-b, --block <dec> Block number to read",
-                "--force Force operation even if address is out of range"
+                "--force Force operation even if address is out of range",
+                "--schann use secure channel. Must have key"
             ],
-            "usage": "hf mfu rdbl [-hl] [-k <hex>] -b <dec> [--force]"
+            "usage": "hf mfu rdbl [-hl] [-k <hex>] -b <dec> [--force] [--schann]"
         },
         "hf mfu restore": {
             "command": "hf mfu restore",
@@ -7528,23 +7536,26 @@
             "description": "Wipe card to zeros. It will ignore block0,1,2,3 you will need to call it with password in order to wipe the config and sett default pwd/pack Abort by pressing a key New password.... FFFFFFFF New 3-DES key... 49454D4B41455242214E4143554F5946 New AES keys... 00000000000000000000000000000000",
             "notes": [
                 "hf mfu wipe",
-                "hf mfu wipe -k 49454D4B41455242214E4143554F5946"
+                "hf mfu wipe -k 49454D4B41455242214E4143554F5946",
+                "hf mfu wipe -k 49454D4B41455242214E4143554F5946 --schann"
             ],
             "offline": false,
             "options": [
                 "-h, --help This help",
                 "-k, --key <hex> Key for authentication (UL-C 16 bytes, EV1/NTAG 4 bytes)",
-                "-l Swap entered key's endianness"
+                "-l Swap entered key's endianness",
+                "--schann use secure channel. Must have key"
             ],
-            "usage": "hf mfu wipe [-hl] [-k <hex>]"
+            "usage": "hf mfu wipe [-hl] [-k <hex>] [--schann]"
         },
         "hf mfu wrbl": {
             "command": "hf mfu wrbl",
             "description": "Write a block. It autodetects card type.",
             "notes": [
                 "hf mfu wrbl -b 0 -d 01234567",
                 "hf mfu wrbl -b 0 -d 01234567 -k AABBCCDD",
-                "hf mfu wrbl -b 0 -d 01234567 -k 00112233445566778899AABBCCDDEEFF"
+                "hf mfu wrbl -b 0 -d 01234567 -k 00112233445566778899AABBCCDDEEFF",
+                "hf mfu wrbl -b 0 -d 01234567 -k 00112233445566778899AABBCCDDEEFF --schann"
             ],
             "offline": false,
             "options": [
@@ -7553,9 +7564,10 @@
                 "-l Swap entered key's endianness",
                 "-b, --block <dec> Block number to write",
                 "-d, --data <hex> Block data (4 or 16 hex bytes, 16 hex bytes will do a compatibility write)",
-                "--force Force operation even if address is out of range"
+                "--force Force operation even if address is out of range",
+                "--schann use secure channel. Must have key"
             ],
-            "usage": "hf mfu wrbl [-hl] [-k <hex>] -b <dec> -d <hex> [--force]"
+            "usage": "hf mfu wrbl [-hl] [-k <hex>] -b <dec> -d <hex> [--force] [--schann]"
         },
         "hf ntag424 auth": {
             "command": "hf ntag424 auth",
@@ -12745,9 +12757,10 @@
                 "-h, --help This help",
                 "-l Swap entered key's endianness",
                 "-f, --file <fn> Save raw NDEF to file",
-                "-v, --verbose Verbose output"
+                "-v, --verbose Verbose output",
+                "--schann use secure channel. Must have key"
             ],
-            "usage": "hf mfu ndefread [-hlv] [-k Replace default key for NDEF] [-f <fn>]"
+            "usage": "hf mfu ndefread [-hlv] [-k Replace default key for NDEF] [-f <fn>] [--schann]"
         },
         "nfc type1 read": {
             "command": "nfc type1 read",
@@ -13670,6 +13683,6 @@
     "metadata": {
         "commands_extracted": 784,
         "extracted_by": "PM3Help2JSON v1.00",
-        "extracted_on": "2025-10-14T07:50:15"
+        "extracted_on": "2025-10-17T11:36:43"
     }
 }