From 4a6c4b37a69db95c66331beae43939a22f550da9 Mon Sep 17 00:00:00 2001 From: Kai Jan Kriegel Date: Sat, 12 Mar 2022 10:52:16 +0100 Subject: [PATCH] disable the very verbose println! logging --- src/desfire/desfire.rs | 148 ++++++++++++++++++++--------------------- 1 file changed, 74 insertions(+), 74 deletions(-) diff --git a/src/desfire/desfire.rs b/src/desfire/desfire.rs index ec8a1d6..f81ce22 100644 --- a/src/desfire/desfire.rs +++ b/src/desfire/desfire.rs @@ -79,14 +79,14 @@ impl Desfire { let rnd_b_response_body = response.body.unwrap(); let rnd_b_enc = rnd_b_response_body.as_slice(); - println!("RND_B_ENC: {:x?}", rnd_b_enc); + // println!("RND_B_ENC: {:x?}", rnd_b_enc); let rnd_b = Tdes::decrypt(rnd_b_enc, key, vec![0 as u8; 8].as_slice()).unwrap(); - println!("RND_B: {:x?}", rnd_b); + // println!("RND_B: {:x?}", rnd_b); let mut rnd_b_rl = rnd_b.clone(); rnd_b_rl.rotate_left(1); - println!("RND_B_RL: {:x?}", rnd_b_rl); + // println!("RND_B_RL: {:x?}", rnd_b_rl); //FIXME: This is ugly, we should find a better way to make the function testable //TODO: Check if we need a CSPRNG here @@ -94,13 +94,13 @@ impl Desfire { None => { rand::random() } Some(i) => { i } }; - println!("RND_A: {:x?}", rnd_a); + // println!("RND_A: {:x?}", rnd_a); let rnd_ab = [&rnd_a, rnd_b_rl.as_slice()].concat(); - println!("RND_AB: {:x?}", rnd_ab); + // println!("RND_AB: {:x?}", rnd_ab); let rnd_ab_enc = Tdes::encrypt(rnd_ab.as_slice(), key, rnd_b_enc).unwrap(); - println!("RND_AB_ENC: {:x?}", rnd_ab_enc); + // println!("RND_AB_ENC: {:x?}", rnd_ab_enc); let cmd_challenge_response = APDUCommand { case: IsoCase::Case4Short, @@ -119,22 +119,22 @@ impl Desfire { let iv: &[u8] = util::extract_last_block(rnd_ab_enc.as_slice(), 8).unwrap(); let rnd_a_enc_from_card = response.body.unwrap(); - println!("RND_A_ENC_FROM_CARD: {:x?}", rnd_a_enc_from_card.as_slice()); + // println!("RND_A_ENC_FROM_CARD: {:x?}", rnd_a_enc_from_card.as_slice()); let mut rnd_a_rot_from_card = Tdes::decrypt(rnd_a_enc_from_card.as_slice(), key, iv).unwrap(); - println!("RND_A_ROT_FROM_CARD: {:x?}", rnd_a_rot_from_card); + // println!("RND_A_ROT_FROM_CARD: {:x?}", rnd_a_rot_from_card); rnd_a_rot_from_card.rotate_right(1); let rnd_a_from_card = rnd_a_rot_from_card.as_slice(); - println!("RND_A_FROM_CARD: {:x?}", rnd_a_from_card); + // println!("RND_A_FROM_CARD: {:x?}", rnd_a_from_card); if rnd_a != rnd_a_from_card { return Err(Error::InvalidPICCChallenge); } self.session_key = Some(generate_session_key_des(&rnd_a, rnd_b.as_slice()).unwrap()); - println!("SESSION_KEY: {:x?}", self.session_key.as_ref().unwrap()); + // println!("SESSION_KEY: {:x?}", self.session_key.as_ref().unwrap()); self.cbc_iv = Some(vec![0 as u8; 8]); - println!("CBC_IV: {:x?}", self.cbc_iv.as_ref().unwrap()); + // println!("CBC_IV: {:x?}", self.cbc_iv.as_ref().unwrap()); Ok(()) } @@ -157,21 +157,21 @@ impl Desfire { /// Generate response for aes auth challenge pub fn authenticate_iso_aes_response_cmd(&mut self, challenge: &[u8], key: &[u8], rnd_a: &[u8]) -> Result<(APDUCommand, Vec, Vec)> { - println!("RND_B_ENC: {:x?}", challenge); + // println!("RND_B_ENC: {:x?}", challenge); let rnd_b = AES::decrypt(challenge, key, vec![0 as u8; 16].as_slice()).unwrap(); - println!("RND_B: {:x?}", rnd_b); + // println!("RND_B: {:x?}", rnd_b); // auth_iv = rnd_b.clone(); let mut rnd_b_rl = rnd_b.clone(); rnd_b_rl.rotate_left(1); - println!("RND_B_RL: {:x?}", rnd_b_rl); + // println!("RND_B_RL: {:x?}", rnd_b_rl); let rnd_ab = [&rnd_a, rnd_b_rl.as_slice()].concat(); - println!("RND_AB: {:x?}", rnd_ab); + // println!("RND_AB: {:x?}", rnd_ab); let rnd_ab_enc = AES::encrypt(rnd_ab.as_slice(), key, challenge).unwrap(); - println!("RND_AB_ENC: {:x?}", rnd_ab_enc); + // println!("RND_AB_ENC: {:x?}", rnd_ab_enc); let iv: &[u8] = util::extract_last_block(rnd_ab_enc.as_slice(), 16)?; @@ -190,19 +190,19 @@ impl Desfire { pub fn authenticate_iso_aes_verify(&mut self, response: &[u8], expected_response: &[u8], challenge: &[u8], key: &[u8], iv: &[u8]) -> Result<()> { let mut rnd_a_rot_from_card = AES::decrypt(response, key, iv)?; rnd_a_rot_from_card.rotate_right(1); - println!("RND_A_ROT_FROM_CARD: {:x?}", rnd_a_rot_from_card); + // println!("RND_A_ROT_FROM_CARD: {:x?}", rnd_a_rot_from_card); let rnd_a_from_card = rnd_a_rot_from_card.as_slice(); - println!("RND_A_FROM_CARD: {:x?}", rnd_a_from_card); + // println!("RND_A_FROM_CARD: {:x?}", rnd_a_from_card); if expected_response != rnd_a_from_card { return Err(Error::InvalidPICCChallenge); } self.session_key = Some(generate_session_key_aes(expected_response, challenge).unwrap()); - println!("SESSION_KEY: {:x?}", self.session_key.as_ref().unwrap()); + // println!("SESSION_KEY: {:x?}", self.session_key.as_ref().unwrap()); self.cbc_iv = Some(vec![0 as u8; 16]); //FIXME: this should be a random value - println!("CBC_IV: {:x?}", self.cbc_iv.as_ref().unwrap()); + // println!("CBC_IV: {:x?}", self.cbc_iv.as_ref().unwrap()); Ok(()) } @@ -215,7 +215,7 @@ impl Desfire { /// !!! WARNING For Testing only !!! pub fn authenticate_iso_aes(&mut self, key_id: u8, key: &[u8], rnd_a: Option<[u8; 16]>) -> Result<()> { let cmd_challenge_request = self.authenticate_iso_aes_challenge_cmd(key_id)?; - println!("CMD_CHALLENGE_REQUEST: {}", cmd_challenge_request); + // println!("CMD_CHALLENGE_REQUEST: {}", cmd_challenge_request); let response = self.card.as_ref().unwrap().transmit(cmd_challenge_request)?; @@ -223,7 +223,7 @@ impl Desfire { Ok(_) => {} Err(e) => { return Err(e); } } - println!("RESPONSE: {}", response); + // println!("RESPONSE: {}", response); let rnd_b_response_body = response.body.unwrap(); let rnd_b_enc = rnd_b_response_body.as_slice(); @@ -234,7 +234,7 @@ impl Desfire { None => { rand::random() } Some(i) => { i } }; - println!("RND_A: {:x?}", rnd_a); + // println!("RND_A: {:x?}", rnd_a); let (cmd_challenge_response, rnd_b, iv) = self.authenticate_iso_aes_response_cmd(rnd_b_enc, key, &rnd_a)?; @@ -244,10 +244,10 @@ impl Desfire { Ok(_) => {} Err(e) => { return Err(e); } } - println!("RESPONSE: {}", response); + // println!("RESPONSE: {}", response); let rnd_a_enc_from_card = response.body.unwrap(); - println!("RND_A_ENC_FROM_CARD: {:x?}", rnd_a_enc_from_card.as_slice()); + // println!("RND_A_ENC_FROM_CARD: {:x?}", rnd_a_enc_from_card.as_slice()); self.authenticate_iso_aes_verify(rnd_a_enc_from_card.as_slice(), rnd_a.as_slice(), rnd_b.as_slice(), key, iv.as_slice()) } @@ -313,29 +313,29 @@ impl Desfire { command.extend(&header); command.extend(&key_and_version); - println!("HEADER: {:x?}", header); - println!("COMMAND: {:x?}", command); + // println!("HEADER: {:x?}", header); + // println!("COMMAND: {:x?}", command); let crc = crate::crypto::crc::crc32::calculate(command.as_slice()); - println!("CRC: {:x?}", crc); + // println!("CRC: {:x?}", crc); let mut plaintext: Vec = vec![]; plaintext.extend(key_and_version); plaintext.extend(crc); - println!("PLAINTEXT: {:x?}", plaintext); + // println!("PLAINTEXT: {:x?}", plaintext); let plaintext_pad = expand_to_blocksize(plaintext.as_mut_slice(), 16)?; - println!("PLAINTEXT_PAD: {:x?}", plaintext_pad); + // println!("PLAINTEXT_PAD: {:x?}", plaintext_pad); let cryptogram = AES::encrypt(plaintext_pad.as_slice(), self.session_key.as_ref().unwrap(), self.cbc_iv.as_ref().unwrap())?; - println!("CRYPTOGRAM: {:x?}", cryptogram); + // println!("CRYPTOGRAM: {:x?}", cryptogram); self.cbc_iv = Some(util::extract_last_block(cryptogram.as_slice(), 16)?.to_vec()); - println!("CBC_IV: {:x?}", self.cbc_iv.as_ref().unwrap()); + // println!("CBC_IV: {:x?}", self.cbc_iv.as_ref().unwrap()); let mut data: Vec = vec![key_id]; data.extend(cryptogram); - println!("DATA: {:x?}", data); + // println!("DATA: {:x?}", data); let cmd_change_key = APDUCommand { case: IsoCase::Case4Short, @@ -344,10 +344,10 @@ impl Desfire { data: Option::from(data), //FIXME: Which byteorder? ..Default::default() }; - println!("CMD_CHANGE_KEY: {}", cmd_change_key); + // println!("CMD_CHANGE_KEY: {}", cmd_change_key); let response = self.card.as_ref().unwrap().transmit(cmd_change_key).unwrap(); - println!("RESPONSE: {}", response); + // println!("RESPONSE: {}", response); response.check() } @@ -368,43 +368,43 @@ impl Desfire { } let header = vec![0xC4, key_id]; - println!("HEADER: {:x?}", header); + // println!("HEADER: {:x?}", header); let key_xor: Vec = new_key.iter().zip(old_key.iter()).map(|(&x1, &x2)| x1 ^ x2).collect(); - println!("KEY_XOR: {:x?}", key_xor); + // println!("KEY_XOR: {:x?}", key_xor); let key_and_version: Vec = [key_xor, vec![key_version]].concat(); - println!("KEY_AND_VERSION: {:x?}", key_and_version); + // println!("KEY_AND_VERSION: {:x?}", key_and_version); let mut command = vec![]; command.extend(&header); command.extend(&key_and_version); - println!("COMMAND: {:x?}", command); + // println!("COMMAND: {:x?}", command); let crc_cmd = crate::crypto::crc::crc32::calculate(command.as_slice()); - println!("CRC_CMD: {:x?}", crc_cmd); + // println!("CRC_CMD: {:x?}", crc_cmd); let crc_key = crate::crypto::crc::crc32::calculate(new_key); - println!("CRC_KEY: {:x?}", crc_key); + // println!("CRC_KEY: {:x?}", crc_key); let mut plaintext: Vec = vec![]; plaintext.extend(key_and_version); plaintext.extend(crc_cmd); plaintext.extend(crc_key); - println!("PLAINTEXT: {:x?}", plaintext); + // println!("PLAINTEXT: {:x?}", plaintext); let plaintext_pad = expand_to_blocksize(plaintext.as_mut_slice(), 16)?; - println!("PLAINTEXT_PAD: {:x?}", plaintext_pad); + // println!("PLAINTEXT_PAD: {:x?}", plaintext_pad); let cryptogram = AES::encrypt(plaintext_pad.as_slice(), self.session_key.as_ref().unwrap(), self.cbc_iv.as_ref().unwrap())?; - println!("CRYPTOGRAM: {:x?}", cryptogram); + // println!("CRYPTOGRAM: {:x?}", cryptogram); self.cbc_iv = Some(util::extract_last_block(cryptogram.as_slice(), 16)?.to_vec()); - println!("CBC_IV: {:x?}", self.cbc_iv.as_ref().unwrap()); + // println!("CBC_IV: {:x?}", self.cbc_iv.as_ref().unwrap()); let mut data: Vec = vec![key_id]; data.extend(cryptogram); - println!("DATA: {:x?}", data); + // println!("DATA: {:x?}", data); let cmd_change_key = APDUCommand { case: IsoCase::Case4Short, @@ -413,10 +413,10 @@ impl Desfire { data: Option::from(data), //FIXME: Which byteorder? ..Default::default() }; - println!("CMD_CHANGE_KEY: {}", cmd_change_key); + // println!("CMD_CHANGE_KEY: {}", cmd_change_key); let response = self.card.as_ref().unwrap().transmit(cmd_change_key).unwrap(); - println!("RESPONSE: {}", response); + // println!("RESPONSE: {}", response); response.check() } @@ -439,10 +439,10 @@ impl Desfire { data: Option::from(data), ..Default::default() }; - println!("CMD_CREATE_FILE_STANDARD: {}", cmd_create_file_standard); + // println!("CMD_CREATE_FILE_STANDARD: {}", cmd_create_file_standard); let response = self.card.as_ref().unwrap().transmit(cmd_create_file_standard).unwrap(); - println!("RESPONSE: {}", response); + // println!("RESPONSE: {}", response); response.check() } @@ -458,7 +458,7 @@ impl Desfire { return Err(InvalidFileID); } - println!("Writing data to file {}", file_id); + // println!("Writing data to file {}", file_id); let mut bytes_writen: usize = 0; @@ -478,8 +478,8 @@ impl Desfire { write_buffer.append(&mut data[bytes_writen..bytes_writen + bytes_towrite].to_vec()); bytes_writen += bytes_towrite; - println!("WRITE_BUFFER: {:x?}", write_buffer); - println!("BYTES_WRITEN: {}", bytes_writen); + // println!("WRITE_BUFFER: {:x?}", write_buffer); + // println!("BYTES_WRITEN: {}", bytes_writen); let cmd_write_data = APDUCommand { case: IsoCase::Case4Short, @@ -488,10 +488,10 @@ impl Desfire { data: Option::from(write_buffer), ..Default::default() }; - println!("CMD_WRITE_DATA: {}", cmd_write_data); + // println!("CMD_WRITE_DATA: {}", cmd_write_data); let response = self.card.as_ref().unwrap().transmit(cmd_write_data).unwrap(); - println!("RESPONSE: {}", response); + // println!("RESPONSE: {}", response); ret = response.check(); }; @@ -545,15 +545,15 @@ impl Desfire { }; let cmd_read_data = self.read_data_chunk_cmd(file_id, (offset as usize + bytes_read) as u32, bytes_toread).unwrap(); - println!("CMD_READ_DATA: {}", cmd_read_data); + // println!("CMD_READ_DATA: {}", cmd_read_data); bytes_read += bytes_toread; let response = self.card.as_ref().unwrap().transmit(cmd_read_data).unwrap(); - println!("RESPONSE: {}", response); + // println!("RESPONSE: {}", response); response.check().or_else(|e| return Err(e))?; - // println!("RESPONSE_DATA: {:x?}, WITHOUT_CMAC: {:x?}", response.body.as_ref().unwrap(), response.body.as_ref().unwrap()[..bytes_toread].to_vec()); + // // println!("RESPONSE_DATA: {:x?}, WITHOUT_CMAC: {:x?}", response.body.as_ref().unwrap(), response.body.as_ref().unwrap()[..bytes_toread].to_vec()); read_buffer.append(&mut response.body.unwrap()[..bytes_toread].to_vec()); }; @@ -669,7 +669,7 @@ mod tests { self.card = match self.ctx.connect(&self.reader, ShareMode::Shared, Protocols::ANY) { Ok(card) => Some(card), Err(err) => { - eprintln!("Failed to connect to card: {}", err); + // eprintln!("Failed to connect to card: {}", err); return Err(CardError) } }; @@ -682,13 +682,13 @@ mod tests { } fn transmit(&self, apdu_cmd: APDUCommand) -> Result { - println!("{}", apdu_cmd); + // println!("{}", apdu_cmd); let apdu = Vec::::try_from(apdu_cmd).unwrap(); let mut rapdu_buf = [0; MAX_BUFFER_SIZE]; let rapdu = match self.card.as_ref().as_ref().unwrap().transmit(apdu.as_slice(), &mut rapdu_buf) { Ok(rapdu) => rapdu, Err(err) => { - eprintln!("Failed to transmit APDU command to card: {}", err); + // eprintln!("Failed to transmit APDU command to card: {}", err); return Err(CardError) } }; @@ -705,8 +705,8 @@ mod tests { let sessionkey = generate_session_key_des(&rndA, &rndB).unwrap(); - println!("expected sessionkey: {:X?}", expected_sessionkey); - println!("actual sessionkey: {:X?}", sessionkey.as_slice()); + // println!("expected sessionkey: {:X?}", expected_sessionkey); + // println!("actual sessionkey: {:X?}", sessionkey.as_slice()); assert_eq!(expected_sessionkey, sessionkey.as_slice()); } @@ -720,8 +720,8 @@ mod tests { let sessionkey = generate_session_key_aes(&rndA, &rndB).unwrap(); - println!("expected sessionkey: {:X?}", expected_sessionkey); - println!("actual sessionkey: {:X?}", sessionkey.as_slice()); + // println!("expected sessionkey: {:X?}", expected_sessionkey); + // println!("actual sessionkey: {:X?}", sessionkey.as_slice()); assert_eq!(expected_sessionkey, sessionkey.as_slice()); } @@ -819,7 +819,7 @@ mod tests { let ctx = match Context::establish(Scope::User) { Ok(ctx) => ctx, Err(err) => { - eprintln!("Failed to establish context: {}", err); + // eprintln!("Failed to establish context: {}", err); std::process::exit(1); } }; @@ -829,7 +829,7 @@ mod tests { let mut readers = match ctx.list_readers(&mut readers_buf) { Ok(readers) => readers, Err(err) => { - eprintln!("Failed to list readers: {}", err); + // eprintln!("Failed to list readers: {}", err); std::process::exit(1); } }; @@ -838,7 +838,7 @@ mod tests { let reader = match readers.next() { Some(reader) => reader, None => { - println!("No readers are connected."); + // println!("No readers are connected."); return; } }; @@ -877,7 +877,7 @@ mod tests { let rndA = hex!("5f7d1dd12d979173"); let mut key = CipherKey::new_empty(CipherType::TDES).unwrap(); - println!("{:x?}", key.key.deref()); + // println!("{:x?}", key.key.deref()); let mut desfire = Desfire{ card: Some(Box::new(mock)), @@ -916,7 +916,7 @@ mod tests { let ctx = match Context::establish(Scope::User) { Ok(ctx) => ctx, Err(err) => { - eprintln!("Failed to establish context: {}", err); + // eprintln!("Failed to establish context: {}", err); std::process::exit(1); } }; @@ -926,7 +926,7 @@ mod tests { let mut readers = match ctx.list_readers(&mut readers_buf) { Ok(readers) => readers, Err(err) => { - eprintln!("Failed to list readers: {}", err); + // eprintln!("Failed to list readers: {}", err); std::process::exit(1); } }; @@ -935,7 +935,7 @@ mod tests { let reader = match readers.next() { Some(reader) => reader, None => { - println!("No readers are connected."); + // println!("No readers are connected."); return; } }; @@ -960,7 +960,7 @@ mod tests { match desfire.authenticate_iso_des(0x00, key.key.as_ref(), None) { Ok(_) => {}, Err(err) => { - eprintln!("Failed to authenticate: {}", err); + // eprintln!("Failed to authenticate: {}", err); panic!("Failed to authenticate"); } } @@ -983,7 +983,7 @@ mod tests { let rndA = hex!("2176770e7a6eb4bef00d5e4b201d1e57"); let mut key = CipherKey::new_empty(CipherType::AES).unwrap(); - println!("{:x?}", key.key.deref()); + // println!("{:x?}", key.key.deref()); let mut desfire = Desfire{ card: Some(Box::new(mock)),