More progress towards PM3 compatible auth

Author: maxieds

Firmware/Chameleon-Mini/Application/DESFire/DESFireISO7816Support.c

@@ -34,17 +34,16 @@ bool Iso7816FileSelected = false;
 uint8_t Iso7816FileOffset = 0;
 uint8_t Iso7816EfIdNumber = ISO7816_EF_NOT_SPECIFIED;
 
-bool IsWrappedISO7816CommandType(uint8_t *Buffer, uint16_t ByteCount) {
-    if (ByteCount <= ISO7816_PROLOGUE_SIZE + ISO14443A_CRCA_SIZE + 2) {
-        return ISO7816_WRAPPED_CMD_TYPE_NONE;
-    } else if (!ISO14443ACheckCRCA(&Buffer[0], ByteCount - 2)) {
-        return ISO7816_WRAPPED_CMD_TYPE_NONE;
-    } else if (ByteCount >= 6 && Buffer[3] == ByteCount - 6) {
+Iso7816WrappedCommandType_t IsWrappedISO7816CommandType(uint8_t *Buffer, uint16_t ByteCount) {
+    if (ByteCount >= 6 && Buffer[3] == ByteCount - 6) {
         return ISO7816_WRAPPED_CMD_TYPE_PM3RAW;
+    } else if (ByteCount <= ISO7816_PROLOGUE_SIZE + ISO14443A_CRCA_SIZE + 2) {
+        return ISO7816_WRAPPED_CMD_TYPE_NONE;
     } else if (!Iso7816CLA(Buffer[2])) {
         return ISO7816_WRAPPED_CMD_TYPE_NONE;
+    } else {
+        return ISO7816_WRAPPED_CMD_TYPE_STANDARD;
     }
-    return ISO7816_WRAPPED_CMD_TYPE_STANDARD;
 }
 
 uint16_t SetIso7816WrappedParametersType(uint8_t *Buffer, uint16_t ByteCount) {

Firmware/Chameleon-Mini/Application/DESFire/DESFireISO7816Support.h

@@ -84,13 +84,13 @@ extern uint8_t Iso7816FileOffset;
 extern uint8_t Iso7816EfIdNumber;
 
 typedef enum {
-    ISO7816_WRAPPED_CMD_TYPE_NONE = 0,
-    ISO7816_WRAPPED_CMD_TYPE_STANDARD,
-    ISO7816_WRAPPED_CMD_TYPE_PM3RAW,
+    ISO7816_WRAPPED_CMD_TYPE_NONE     = 0,
+    ISO7816_WRAPPED_CMD_TYPE_STANDARD = 1,
+    ISO7816_WRAPPED_CMD_TYPE_PM3RAW   = 2,
     /* Others ??? */
 } Iso7816WrappedCommandType_t;
 
-bool IsWrappedISO7816CommandType(uint8_t *Buffer, uint16_t ByteCount);
+Iso7816WrappedCommandType_t IsWrappedISO7816CommandType(uint8_t *Buffer, uint16_t ByteCount);
 uint16_t SetIso7816WrappedParametersType(uint8_t *Buffer, uint16_t ByteCount);
 
 #endif

Firmware/Chameleon-Mini/Application/DESFire/DESFireInstructions.c

@@ -326,7 +326,7 @@ uint16_t CallInstructionHandler(uint8_t *Buffer, uint16_t ByteCount) {
     while (curInsUpper >= curInsLower) {
         curInsIndex = curInsLower + (curInsUpper + 1 - curInsLower) / 2;
         dfCmd = DESFireCommandSet[curInsIndex];
-	if (dfCmd.insCode == insCode) {
+        if (dfCmd.insCode == insCode) {
             if (dfCmd.insFunc == NULL) {
                 return CmdNotImplemented(Buffer, ByteCount);
             }
@@ -1713,6 +1713,7 @@ uint16_t DesfireCmdAuthenticate3KTDEA1(uint8_t *Buffer, uint16_t ByteCount) {
 
     BYTE KeyId, Status;
     BYTE keySize;
+    BYTE CryptoChallengeResponseBytesSize;
     BYTE *Key;
 
     /* Validate command length */
@@ -1728,10 +1729,10 @@ uint16_t DesfireCmdAuthenticate3KTDEA1(uint8_t *Buffer, uint16_t ByteCount) {
      * in the event of an error.
      */
     KeyId = Buffer[1];
-    if (!Authenticated || !AuthenticatedWithPICCMasterKey) {
+    if (!AuthenticatedWithPICCMasterKey && KeyId != DESFIRE_MASTER_KEY_ID) {
         Buffer[0] = STATUS_PERMISSION_DENIED;
         return DESFIRE_STATUS_RESPONSE_SIZE;
-    } else if (AuthenticatedWithKey != KeyId) {
+    } else if ((Authenticated || AuthenticatedWithPICCMasterKey) && AuthenticatedWithKey != KeyId) {
         Buffer[0] = STATUS_NO_SUCH_KEY;
         return DESFIRE_STATUS_RESPONSE_SIZE;
     } else {
@@ -1750,21 +1751,28 @@ uint16_t DesfireCmdAuthenticate3KTDEA1(uint8_t *Buffer, uint16_t ByteCount) {
         return DESFIRE_STATUS_RESPONSE_SIZE;
     }
 
-    keySize = GetDefaultCryptoMethodKeySize(CRYPTO_TYPE_3K3DES);
+    /* Update state */
     Key = SessionKey;
-
-    /* Indicate that we are in AES key authentication land */
     DesfireCommandState.KeyId = KeyId;
-    DesfireCommandState.CryptoMethodType = CRYPTO_TYPE_3K3DES;
-    DesfireCommandState.ActiveCommMode = GetCryptoMethodCommSettings(CRYPTO_TYPE_3K3DES);
+    if (!AuthenticatedWithPICCMasterKey) {
+        keySize = GetDefaultCryptoMethodKeySize(CRYPTO_TYPE_DES);
+        DesfireCommandState.CryptoMethodType = CRYPTO_TYPE_DES;
+        DesfireCommandState.ActiveCommMode = GetCryptoMethodCommSettings(CRYPTO_TYPE_DES);
+
+    } else {
+        keySize = GetDefaultCryptoMethodKeySize(CRYPTO_TYPE_3K3DES);
+        DesfireCommandState.CryptoMethodType = CRYPTO_TYPE_3K3DES;
+        DesfireCommandState.ActiveCommMode = GetCryptoMethodCommSettings(CRYPTO_TYPE_3K3DES);
+    }
+    CryptoChallengeResponseBytesSize = keySize;
 
     /* Fetch the key */
     ReadAppKey(SelectedApp.Slot, KeyId, Key, keySize);
     LogEntry(LOG_APP_AUTH_KEY, (const void *) Key, keySize);
 
     /* Generate the nonce B (RndB / Challenge response) */
     if (LocalTestingMode == 0) {
-        RandomGetBuffer(DesfireCommandState.RndB, CRYPTO_CHALLENGE_RESPONSE_BYTES);
+        RandomGetBuffer(DesfireCommandState.RndB, CryptoChallengeResponseBytesSize);
     } else {
         /* Fixed nonce for testing */
         DesfireCommandState.RndB[0] = 0xCA;
@@ -1784,10 +1792,10 @@ uint16_t DesfireCmdAuthenticate3KTDEA1(uint8_t *Buffer, uint16_t ByteCount) {
         DesfireCommandState.RndB[14] = 0x22;
         DesfireCommandState.RndB[15] = 0x33;
     }
-    LogEntry(LOG_APP_NONCE_B, DesfireCommandState.RndB, CRYPTO_CHALLENGE_RESPONSE_BYTES);
+    LogEntry(LOG_APP_NONCE_B, DesfireCommandState.RndB, CryptoChallengeResponseBytesSize);
 
     /* Encrypt RndB with the selected key and transfer it back to the PCD */
-    Encrypt3DESBuffer(CRYPTO_CHALLENGE_RESPONSE_BYTES, DesfireCommandState.RndB,
+    Encrypt3DESBuffer(CryptoChallengeResponseBytesSize, DesfireCommandState.RndB,
                       &Buffer[1], NULL, Key);
 
     /* Scrub the key */
@@ -1796,54 +1804,57 @@ uint16_t DesfireCmdAuthenticate3KTDEA1(uint8_t *Buffer, uint16_t ByteCount) {
     /* Done */
     DesfireState = DESFIRE_ISO_AUTHENTICATE2;
     Buffer[0] = STATUS_ADDITIONAL_FRAME;
-    return DESFIRE_STATUS_RESPONSE_SIZE + CRYPTO_CHALLENGE_RESPONSE_BYTES;
+    return DESFIRE_STATUS_RESPONSE_SIZE + CryptoChallengeResponseBytesSize;
 
 }
 
 uint16_t DesfireCmdAuthenticate3KTDEA2(uint8_t *Buffer, uint16_t ByteCount) {
     BYTE KeyId;
     BYTE cryptoKeyType, keySize;
+    BYTE CryptoChallengeResponseBytesSize;
     BYTE *Key;
 
+    cryptoKeyType = DesfireCommandState.CryptoMethodType;
+    keySize = GetDefaultCryptoMethodKeySize(cryptoKeyType);
+    CryptoChallengeResponseBytesSize = keySize;
+
     /* Set status for the next incoming command on error */
     DesfireState = DESFIRE_IDLE;
     /* Validate command length */
-    if (ByteCount != 2 * CRYPTO_CHALLENGE_RESPONSE_BYTES + 1) {
+    if (ByteCount != 2 * CryptoChallengeResponseBytesSize + 1) {
         Buffer[0] = STATUS_LENGTH_ERROR;
         return DESFIRE_STATUS_RESPONSE_SIZE;
     }
 
     /* Reset parameters for authentication from the first exchange */
     KeyId = DesfireCommandState.KeyId;
-    cryptoKeyType = DesfireCommandState.CryptoMethodType;
-    keySize = GetDefaultCryptoMethodKeySize(CRYPTO_TYPE_3K3DES);
     Key = SessionKey;
     ReadAppKey(SelectedApp.Slot, KeyId, Key, keySize);
 
     /* Decrypt the challenge sent back to get RndA and a shifted RndB */
-    BYTE challengeRndAB[2 * CRYPTO_CHALLENGE_RESPONSE_BYTES];
-    BYTE challengeRndA[CRYPTO_CHALLENGE_RESPONSE_BYTES];
-    BYTE challengeRndB[CRYPTO_CHALLENGE_RESPONSE_BYTES];
-    Decrypt3DESBuffer(2 * CRYPTO_CHALLENGE_RESPONSE_BYTES, challengeRndAB,
+    BYTE challengeRndAB[2 * CryptoChallengeResponseBytesSize];
+    BYTE challengeRndA[CryptoChallengeResponseBytesSize];
+    BYTE challengeRndB[CryptoChallengeResponseBytesSize];
+    Decrypt3DESBuffer(2 * CryptoChallengeResponseBytesSize, challengeRndAB,
                       &Buffer[1], NULL, Key);
-    RotateArrayRight(challengeRndAB + CRYPTO_CHALLENGE_RESPONSE_BYTES, challengeRndB,
-                     CRYPTO_CHALLENGE_RESPONSE_BYTES);
-    memcpy(challengeRndA, challengeRndAB, CRYPTO_CHALLENGE_RESPONSE_BYTES);
+    RotateArrayRight(challengeRndAB + CryptoChallengeResponseBytesSize, challengeRndB,
+                     CryptoChallengeResponseBytesSize);
+    memcpy(challengeRndA, challengeRndAB, CryptoChallengeResponseBytesSize);
 
     /* Check that the returned RndB matches what we sent in the previous round */
-    if (memcmp(DesfireCommandState.RndB, challengeRndB, CRYPTO_CHALLENGE_RESPONSE_BYTES)) {
-        LogEntry(LOG_ERR_DESFIRE_GENERIC_ERROR, (const void *) challengeRndB, CRYPTO_CHALLENGE_RESPONSE_BYTES);
+    if (memcmp(DesfireCommandState.RndB, challengeRndB, CryptoChallengeResponseBytesSize)) {
+        LogEntry(LOG_ERR_DESFIRE_GENERIC_ERROR, (const void *) challengeRndB, CryptoChallengeResponseBytesSize);
         Buffer[0] = STATUS_AUTHENTICATION_ERROR;
         return DESFIRE_STATUS_RESPONSE_SIZE;
     }
 
     /* Encrypt and send back the once rotated RndA buffer to the PCD */
-    RotateArrayLeft(challengeRndA, challengeRndAB, CRYPTO_CHALLENGE_RESPONSE_BYTES);
-    Encrypt3DESBuffer(CRYPTO_CHALLENGE_RESPONSE_BYTES, challengeRndAB,
+    RotateArrayLeft(challengeRndA, challengeRndAB, CryptoChallengeResponseBytesSize);
+    Encrypt3DESBuffer(CryptoChallengeResponseBytesSize, challengeRndAB,
                       &Buffer[1], NULL, Key);
 
     /* Create the session key based on the previous exchange */
-    generateSessionKey(SessionKey, challengeRndA, challengeRndB, CRYPTO_TYPE_3K3DES);
+    generateSessionKey(SessionKey, challengeRndA, challengeRndB, cryptoKeyType);
 
     /* Now that we have auth'ed with the legacy command, a ChangeKey command will
      * allow for subsequent authentication with the ISO or AES routines
@@ -1855,7 +1866,7 @@ uint16_t DesfireCmdAuthenticate3KTDEA2(uint8_t *Buffer, uint16_t ByteCount) {
 
     /* Return the status on success */
     Buffer[0] = STATUS_OPERATION_OK;
-    return DESFIRE_STATUS_RESPONSE_SIZE + CRYPTO_CHALLENGE_RESPONSE_BYTES;
+    return DESFIRE_STATUS_RESPONSE_SIZE + CryptoChallengeResponseBytesSize;
 
 }
 
@@ -1990,7 +2001,6 @@ uint16_t DesfireCmdAuthenticateAES2(uint8_t *Buffer, uint16_t ByteCount) {
     if (memcmp(DesfireCommandState.RndB, challengeRndB, CRYPTO_CHALLENGE_RESPONSE_BYTES)) {
         memcpy(challengeRndAB, DesfireCommandState.RndB, CRYPTO_CHALLENGE_RESPONSE_BYTES);
         memcpy(challengeRndAB + CRYPTO_CHALLENGE_RESPONSE_BYTES, challengeRndB, CRYPTO_CHALLENGE_RESPONSE_BYTES);
-        LogEntry(LOG_APP_NONCE_B, challengeRndAB, 2 * CRYPTO_CHALLENGE_RESPONSE_BYTES);
         Buffer[0] = STATUS_AUTHENTICATION_ERROR;
         return DESFIRE_STATUS_RESPONSE_SIZE;
     }

Firmware/Chameleon-Mini/Application/ISO14443-3A.c

@@ -20,7 +20,7 @@ bool ISO14443ASelectDesfire(void *Buffer, uint16_t *BitCount, uint8_t *UidCL, ui
 
     switch (NVB) {
         case 0x00:
-        case ISO14443A_CMD_HLTA:        
+        case ISO14443A_CMD_HLTA:
         case ISO14443A_NVB_AC_START:
             /* Start of anticollision procedure.
              * Send whole UID CLn + BCC          */

Firmware/Chameleon-Mini/Application/MifareDESFire.c

@@ -57,6 +57,7 @@ static bool AnticolNoResp = false;
 /* Dispatching routines */
 void MifareDesfireReset(void) {
     AnticolNoResp = false;
+    //DesfireState = DESFIRE_IDLE;
 }
 
 static void MifareDesfireAppInitLocal(uint8_t StorageSize, uint8_t Version, bool FormatPICC) {
@@ -178,9 +179,9 @@ uint16_t MifareDesfireProcess(uint8_t *Buffer, uint16_t BitCount) {
     if (BitCount == 0) {
         LogEntry(LOG_INFO_DESFIRE_INCOMING_DATA, Buffer, ByteCount);
         return ISO14443A_APP_NO_RESPONSE;
-    } else if ((ByteCount >= 8 && DesfireCLA(Buffer[0]) && Buffer[2] == 0x00 &&
-                Buffer[3] == 0x00 && (Buffer[4] == ByteCount - 6 || Buffer[4] == ByteCount - 8)) || 
-                Iso7816CLA(DesfireCmdCLA)) {
+    } else if (((ByteCount >= 8 && Buffer[4] == ByteCount - 8) || (ByteCount >= 5 && Buffer[4] == ByteCount - 5)) &&
+               DesfireCLA(Buffer[0]) && Buffer[2] == 0x00 &&
+               Buffer[3] == 0x00 || Iso7816CLA(DesfireCmdCLA)) {
         /* Wrapped native command structure or ISO7816: */
         if (Iso7816CLA(DesfireCmdCLA)) {
             uint16_t iso7816ParamsStatus = SetIso7816WrappedParametersType(Buffer, ByteCount);
@@ -193,10 +194,12 @@ uint16_t MifareDesfireProcess(uint8_t *Buffer, uint16_t BitCount) {
         }
         ByteCount = Buffer[4];
         Buffer[0] = Buffer[1];
-        memmove(&Buffer[1], &Buffer[5], ByteCount);
+        if (ByteCount > 0) {
+            memmove(&Buffer[1], &Buffer[5], ByteCount);
+        }
         /* Process the command */
         ByteCount = MifareDesfireProcessCommand(Buffer, ByteCount + 1);
-        if ((ByteCount != 0 && !Iso7816CLA(DesfireCmdCLA)) || (ByteCount == 1)) {
+        if ((ByteCount != 0 && !Iso7816CLA(DesfireCmdCLA))) {
             /* Re-wrap into padded APDU form */
             Buffer[ByteCount] = Buffer[0];
             memmove(&Buffer[0], &Buffer[1], ByteCount - 1);
@@ -205,7 +208,6 @@ uint16_t MifareDesfireProcess(uint8_t *Buffer, uint16_t BitCount) {
         } else {
             /* Re-wrap into ISO 7816-4 -- Done below by prepending the prologue back to the buffer */
         }
-        LogEntry(LOG_INFO_DESFIRE_OUTGOING_DATA, Buffer, ByteCount);
         return ByteCount * BITS_PER_BYTE;
     } else {
         /* ISO/IEC 14443-4 PDUs: No extra work */
@@ -217,43 +219,53 @@ uint16_t MifareDesfireProcess(uint8_t *Buffer, uint16_t BitCount) {
 uint16_t MifareDesfireAppProcess(uint8_t *Buffer, uint16_t BitCount) {
     uint16_t ByteCount = (BitCount + BITS_PER_BYTE - 1) / BITS_PER_BYTE;
     uint16_t ReturnedBytes = 0;
+    LogEntry(LOG_INFO_DESFIRE_INCOMING_DATA, Buffer, ByteCount);
     if (ByteCount >= 8 && DesfireCLA(Buffer[0]) && Buffer[2] == 0x00 &&
             Buffer[3] == 0x00 && Buffer[4] == ByteCount - 8) {
         DesfireCmdCLA = Buffer[0];
         uint16_t IncomingByteCount = (BitCount + BITS_PER_BYTE - 1) / BITS_PER_BYTE;
         uint16_t UnwrappedBitCount = DesfirePreprocessAPDU(ActiveCommMode, Buffer, IncomingByteCount) * BITS_PER_BYTE;
         uint16_t ProcessedBitCount = MifareDesfireProcess(Buffer, UnwrappedBitCount);
         uint16_t ProcessedByteCount = (ProcessedBitCount + BITS_PER_BYTE - 1) / BITS_PER_BYTE;
-        return ISO14443AStoreLastDataFrameAndReturn(Buffer, 
-               DesfirePostprocessAPDU(ActiveCommMode, Buffer, ProcessedByteCount) * BITS_PER_BYTE);
-    } else if ((Iso7816CmdType = IsWrappedISO7816CommandType(Buffer, ByteCount)) && Iso7816CmdType != ISO7816_WRAPPED_CMD_TYPE_NONE) {
-        DesfireCmdCLA = (Iso7816CmdType == ISO7816_WRAPPED_CMD_TYPE_STANDARD) ? Buffer[2] : DESFIRE_ISO7816_CLA;
+        ProcessedByteCount = DesfirePostprocessAPDU(ActiveCommMode, Buffer, ProcessedByteCount);
+        LogEntry(LOG_INFO_DESFIRE_OUTGOING_DATA, Buffer, ProcessedByteCount);
+        return ISO14443AStoreLastDataFrameAndReturn(Buffer, ProcessedByteCount * BITS_PER_BYTE);
+    }
+    Iso7816CmdType = IsWrappedISO7816CommandType(Buffer, ByteCount);
+    if (Iso7816CmdType != ISO7816_WRAPPED_CMD_TYPE_NONE) {
+        DesfireCmdCLA = (Iso7816CmdType == ISO7816_WRAPPED_CMD_TYPE_STANDARD) ? Buffer[2] : DESFIRE_NATIVE_CLA;
         uint8_t ISO7816PrologueBytes[2];
         memcpy(&ISO7816PrologueBytes[0], Buffer, 2);
         if (Iso7816CmdType == ISO7816_WRAPPED_CMD_TYPE_STANDARD) {
             memmove(&Buffer[0], &Buffer[2], ByteCount - 2);
             ByteCount = ByteCount - 2;
         } else if (Iso7816CmdType == ISO7816_WRAPPED_CMD_TYPE_PM3RAW) {
-            /* Something like the following (for PM3 raw ISO auth): 
-             * 0a 00 1a 00 CRC1 CRC2 -- first two are prologue -- last two are checksum 
+            /* Something like the following (for PM3 raw ISO auth):
+             * 0a 00 1a 00 CRC1 CRC2 -- first two are prologue -- last two are checksum
              */
             Buffer[0] = DesfireCmdCLA;
             Buffer[1] = Buffer[2];
             memmove(&Buffer[5], &Buffer[3], ByteCount - 3);
             Buffer[2] = 0x00;
             Buffer[3] = 0x00;
             Buffer[4] = ByteCount - 5;
-            ByteCount = ByteCount + 3;
         }
         uint16_t IncomingByteCount = DesfirePreprocessAPDU(ActiveCommMode, Buffer, ByteCount);
-        uint16_t UnwrappedBitCount = (IncomingByteCount - 2) * BITS_PER_BYTE;
+        uint16_t UnwrappedBitCount = IncomingByteCount * BITS_PER_BYTE;
         uint16_t ProcessedBitCount = MifareDesfireProcess(Buffer, UnwrappedBitCount);
         uint16_t ProcessedByteCount = (ProcessedBitCount + BITS_PER_BYTE - 1) / BITS_PER_BYTE;
+        /* Undo the leading 0x91 and shift for the PM3 raw wrapped commands: */
+        if (Iso7816CmdType != ISO7816_WRAPPED_CMD_TYPE_NONE) {
+            memmove(&Buffer[1], &Buffer[0], ProcessedByteCount);
+            Buffer[0] = Buffer[ProcessedByteCount];
+            --ProcessedByteCount;
+        }
         /* Append the same ISO7816 prologue bytes to the response: */
         memmove(&Buffer[2], &Buffer[0], ProcessedByteCount);
         memcpy(&Buffer[0], &ISO7816PrologueBytes[0], 2);
-        ProcessedBitCount = DesfirePostprocessAPDU(ActiveCommMode, Buffer, ProcessedByteCount + 2) * BITS_PER_BYTE;
-        return ISO14443AStoreLastDataFrameAndReturn(Buffer, ProcessedBitCount);
+        ProcessedByteCount = DesfirePostprocessAPDU(ActiveCommMode, Buffer, ProcessedByteCount + 2);
+        LogEntry(LOG_INFO_DESFIRE_OUTGOING_DATA, Buffer, ProcessedByteCount);
+        return ISO14443AStoreLastDataFrameAndReturn(Buffer, ProcessedByteCount * BITS_PER_BYTE);
     } else if ((ReturnedBytes = CallInstructionHandler(Buffer, ByteCount)) != ISO14443A_APP_NO_RESPONSE) {
         /* This case should handle non-wrappped native commands. No pre/postprocessing afterwards: */
         LogEntry(LOG_INFO_DESFIRE_OUTGOING_DATA, Buffer, ReturnedBytes);

Firmware/Chameleon-Mini/Makefile

@@ -96,12 +96,12 @@ SETTINGS	+= -DENABLE_EEPROM_SETTINGS
 
 #Set a default logging mode for debugging with the DESFire
 #emulation code:
-#SETTINGS  += -DDESFIRE_DEFAULT_LOGGING_MODE=DEBUGGING
-SETTINGS += -DDESFIRE_DEFAULT_LOGGING_MODE=OFF
+SETTINGS  += -DDESFIRE_DEFAULT_LOGGING_MODE=DEBUGGING
+#SETTINGS += -DDESFIRE_DEFAULT_LOGGING_MODE=OFF
 
 #Set a default testing mode setting (0 = OFF, non-NULL = ON):
-SETTINGS  += -DDESFIRE_DEFAULT_TESTING_MODE=0
-#SETTINGS  += -DDESFIRE_DEFAULT_TESTING_MODE=1
+#SETTINGS  += -DDESFIRE_DEFAULT_TESTING_MODE=0
+SETTINGS  += -DDESFIRE_DEFAULT_TESTING_MODE=1
 
 #Feature: Use randomized UIDs that mask the actual secret UID until
 #the tag has been issued a successful authentication sequence:
@@ -173,7 +173,8 @@ SRC         += Terminal/Terminal.c Terminal/Commands.c Terminal/XModem.c Termina
 SRC         += Codec/Codec.c Codec/ISO14443-2A.c Codec/Reader14443-2A.c Codec/SniffISO14443-2A.c Codec/Reader14443-ISR.S
 SRC         += Application/MifareUltralight.c Application/MifareClassic.c Application/ISO14443-3A.c \
 			Application/Crypto1.c Application/Reader14443A.c Application/Sniff14443A.c \
-			Application/CryptoTDEA-HWAccelerated.S Application/CryptoTDEA.c Application/CryptoAES128.c Application/CryptoCMAC.c \
+			Application/CryptoTDEA-HWAccelerated.S Application/CryptoTDEA.c \
+			Application/CryptoAES128.c Application/CryptoCMAC.c \
 			Tests/CryptoTests.c Tests/ChameleonTerminal.c
 SRC         += Application/NTAG215.c
 SRC         += Codec/ISO15693.c
@@ -302,8 +303,8 @@ local-clean:
 	@mkdir $(OBJDIR)
 
 git-add-dev:
-	@git add Makefile ./*.{c,h} ./*/*.{c,h} ./*/*/*.{c,h}
-	@cd ../../Software/DESFireLibNFCTesting && \
+	@make style && git add Makefile ./*.{c,h} ./*/*.{c,h} ./*/*/*.{c,h}
+	@cd ../../Software/DESFireLibNFCTesting && make style && \
 	git add Makefile LocalInclude/*.h Source/*.c SampleOutputDumps/*.dump
 
 ## Defining custom targets for the DESFire build (normal/user mode) and