More randomness on nested auth (for hardnested recovery) and change d…

…efault GCC location Nobody will have GCC in this default location, /usr/bin/ will target way more users
Foxushka · Aug 19, 2023 · 04bc29a · 04bc29a
1 parent 9f615be
commit 04bc29a
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 7 deletions.
diff --git a/firmware/application/src/rfid/nfctag/hf/nfc_mf1.c b/firmware/application/src/rfid/nfctag/hf/nfc_mf1.c
@@ -309,11 +309,18 @@ void ValueToBlock(uint8_t *Block, uint32_t Value) {
 /** @brief mf1获取一个随机数
  * @param nonce      随机数的Buffer
  */
-void nfc_tag_mf1_random_nonce(uint8_t nonce[4]) {
+void nfc_tag_mf1_random_nonce(uint8_t nonce[4], bool isNested) {
     // 使用rand进行快速产生随机数，性能损耗较小 
-    uint64_t result = (uint64_t)rand();
-    result |= ((uint64_t)rand()) << 16;
-    num_to_bytes(result, 4, nonce);
+    // isNested provides more randomness for hardnested attack
+    if (isNested) {
+        nonce[0] = rand() & 0xff;
+        nonce[1] = rand() & 0xff;
+        nonce[2] = rand() & 0xff;
+        nonce[3] = rand() & 0xff;
+    } else {
+        // fast for most readers
+        num_to_bytes(rand(), 4, nonce);
+    }
 }
 
 /** 
@@ -494,7 +501,7 @@ void nfc_tag_mf1_state_handler(uint8_t* p_data, uint16_t szDataBits) {
                             m_tag_trailer_info = (nfc_tag_mf1_trailer_info_t*)m_tag_information->memory[BlockEnd];
 
                             // 生成随机数
-                            nfc_tag_mf1_random_nonce(CardNonce);
+                            nfc_tag_mf1_random_nonce(CardNonce, false);
 
                             // 根据卡随机数预先计算读卡器应答
                             for (uint8_t i = 0; i < sizeof(ReaderResponse); i++) {
@@ -823,7 +830,7 @@ void nfc_tag_mf1_state_handler(uint8_t* p_data, uint16_t szDataBits) {
                             m_tag_trailer_info = (nfc_tag_mf1_trailer_info_t*)m_tag_information->memory[BlockEnd];
 
                             // 生成随机数
-                            nfc_tag_mf1_random_nonce(CardNonce);
+                            nfc_tag_mf1_random_nonce(CardNonce, true);
 
                             // 根据卡随机数预先计算读卡器响应
                             for (uint8_t i = 0; i < sizeof(ReaderResponse); i++) {

diff --git a/firmware/nrf52_sdk/components/toolchain/gcc/Makefile.posix b/firmware/nrf52_sdk/components/toolchain/gcc/Makefile.posix
@@ -1,3 +1,3 @@
-GNU_INSTALL_ROOT ?= /usr/local/gcc-arm-none-eabi-10.3-2021.10/bin/
+GNU_INSTALL_ROOT ?= /usr/bin/
 GNU_VERSION ?= 9.3.1
 GNU_PREFIX ?= arm-none-eabi