Class desfire::protocol_default

• Defined in File protocol.hpp

Inheritance Relationships

Base Type

• public desfire::protocol (Class desfire::protocol)

Class Documentation

class protocol_default : public desfire::protocol

Mode of operation of 3K3DES, AES128 ciphers.

Public Functions

explicit protocol_default(std::unique_ptr<crypto_with_cmac> crypto)

Creates a new protocol using crypto as a underlying crypto primitive.

Parameters:

crypto – Cryptographic primitive wrapper, which supports CMAC generation.

virtual void prepare_tx(bin_data &data, std::size_t offset, comm_mode mode) override

See protocol::prepare_tx for a generic description. This implementation does the following:

• comm_mode::plain : passes the whole data through crypto_with_cmac::do_cmac, but does not modify data. If the CMAC generation is stateful, this means that CMAC codes generated later on will depend on all commands, including plain text commands, executed through the session.

• comm_mode::maced : passes the whole data through crypto_with_cmac::do_cmac and then appends the CMAC to data.

• comm_mode::ciphered : calculates a 32-bit CRC on data (all of it), and appends it to data. It then proceeds as in:

• comm_mode::ciphered_no_crc : pads data with zeroes (ignoring everything before offset for the purpose of padding and length computation) to the next multiple of crypto_with_cmac::block_size, and runs a crypto_operation::encrypt on data, starting at offset.

virtual bool confirm_rx(bin_data &data, comm_mode mode) override

See protocol::confirm_rx for a generic description. This implementation does the following:

• comm_mode::plain : passes the whole data (including the status byte) through crypto_with_cmac::do_cmac, but does not modify data. If the CMAC generation is stateful, this means that CMAC codes generated later on will depend on all commands, including plain text commands, executed through the session, as well as the status bytes obtained in the response.

• comm_mode::maced : expects thata in the form [message] [cmac] [status]; it then rotates it to [message] [status] [cmac]. It computes a CMAC on message and status, and compares it to the last 8 bytes of the sequence. If it matches, drops the CMAC and returns message followed by status.

• comm_mode::ciphered : pops the last status byte, then runs a crypto_operation::decrypt on the whole remaining data. It then expects that the plaintext is a sequence [message] [32-bit CRC] [padding]. It searches for the last sequence of 4 bytes that is a CRC on the previous data, and is following only by padding zeroes. If it finds any, and the CRC checks out, it removes the CRC and the padding, returning the message and the status byte.

• comm_mode::ciphered_no_crc : runs a crypto_operation::decrypt on data (excluding the last status byte).

virtual void init_session(bin_data const &random_data) override

Sets up the session symmetric key used for further communication. This is the first operation that follows a successful authentication. This method calls crypto::init_session with random_data.

Parameters:

random_data – Random data obtained via key exchange

virtual bool is_legacy() const override

No, this is not a legacy protocol.

Public Static Attributes

static constexpr std::size_t mac_size = 8

8-bytes MAC.

static constexpr std::size_t crc_size = 4

32-bits CRC.