whywilson
diff --git a/‎.github/workflows/pyinstaller.yml‎
Lines changed: 38 additions & 0 deletions b/‎.github/workflows/pyinstaller.yml‎
Lines changed: 38 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 14 additions & 0 deletions b/‎README.md‎
Lines changed: 14 additions & 0 deletions
diff --git a/‎script/build_helpers.sh‎
Lines changed: 72 additions & 0 deletions b/‎script/build_helpers.sh‎
Lines changed: 72 additions & 0 deletions
@@ -32,6 +32,16 @@ jobs:
     - name: Checkout repository
       uses: actions/checkout@v3
 
+    - name: Install MSYS2 toolchain
+      if: runner.os == 'Windows'
+      uses: msys2/setup-msys2@v2
+      with:
+        update: true
+        install: >-
+          base-devel
+          mingw-w64-x86_64-toolchain
+        path-type: inherit
+
     - name: Set up Python
       uses: actions/setup-python@v4
       with:
@@ -43,10 +53,38 @@ jobs:
         pip install -r script/requirements.txt
         pip install pyinstaller
 
+    - name: Build mfkey tools (Linux/macOS)
+      if: runner.os != 'Windows'
+      run: |
+        chmod +x script/build_helpers.sh
+        ./script/build_helpers.sh
+
+    - name: Build mfkey tools (Windows)
+      if: runner.os == 'Windows'
+      shell: msys2 {0}
+      env:
+        CC: gcc
+      run: |
+        chmod +x script/build_helpers.sh
+        ./script/build_helpers.sh
+
     - name: Run PyInstaller
       run: |
         pyinstaller script/pyinstaller.spec
 
+    - name: Bundle mfkey binaries (Linux/macOS)
+      if: runner.os != 'Windows'
+      run: |
+        mkdir -p dist/pn532_cli_main/mfkey
+        cp build/mfkey32v2 build/mfkey64 build/staticnested dist/pn532_cli_main/mfkey/
+
+    - name: Bundle mfkey binaries (Windows)
+      if: runner.os == 'Windows'
+      shell: pwsh
+      run: |
+        New-Item -ItemType Directory -Force -Path "dist/pn532_cli_main/mfkey" | Out-Null
+        Copy-Item -Path "build/mfkey32v2","build/mfkey64","build/staticnested" -Destination "dist/pn532_cli_main/mfkey" -Force
+
     - name: Package artifact (Linux)
       if: runner.os == 'Linux'
       run: |
 
@@ -30,6 +30,20 @@ pn532_cli_main.exe --debug
 ./pn532_cli_main --debug
 ```
 
+### PN532Killer MFkey workflow
+1. Build the standalone mfkey helpers once via `script/build_helpers.sh` (creates `build/mfkey32v2` and `build/mfkey64`).
+2. Switch PN532Killer to sniffer mode and capture an authentication:
+	- Card present → run `hf mf mfkey64` to parse the sniff buffer and feed `mfkey64` automatically.
+	- No card (UID emulation) → run `hf mf mfkey32v2` to pair nonce captures and call `mfkey32v2`.
+3. Use `--show-raw` to see the NT/NR/AR(/AT) tuples that were forwarded to the tools.
+4. The CLI leaves the PN532Killer sniff buffer untouched; run `hf sniff clear` manually when you want to discard captured frames.
+
+### PN532Killer staticnested workflow
+1. Build the helper binaries via `script/build_helpers.sh` (creates `build/staticnested`).
+2. Authenticate to a sector with a known key and immediately to the target sector using `hf mf staticnested --known-key <hex> --known-block <dec> --target-block <dec>`.
+3. Optional flags: `--known-key-type`, `--target-key-type`, and `--show-raw` to display nonce/keystream details plus the `staticnested` stdout; the CLI auto-derives the required 8-byte datakey as `0x0000 || known-key` per the firmware spec.
+4. The command fetches nonce pairs via PN532Killer's `ReadUserDefData` helper and calls the bundled `staticnested` binary automatically; recovered keys are printed in-line.
+
 ## Features
 ### PN532
 - [x] Read and write Mifare Classic Mini, 1K, 4K
 
@@ -0,0 +1,72 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}" )" && pwd)"
+ROOT_DIR="$(cd "$SCRIPT_DIR/.." && pwd)"
+OUT_DIR="${OUT_DIR:-$ROOT_DIR/build}"
+CC="${CC:-cc}"
+
+UNAME=$(uname | tr '[:upper:]' '[:lower:]')
+if [[ "$UNAME" == *mingw* || "$UNAME" == *msys* || "$UNAME" == *cygwin* ]]; then
+  EXE_SUFFIX=".exe"
+else
+  EXE_SUFFIX=""
+fi
+
+if ! command -v "$CC" >/dev/null 2>&1; then
+  echo "error: compiler '$CC' not found" >&2
+  exit 1
+fi
+
+mkdir -p "$OUT_DIR"
+
+COMMON_FLAGS=(
+  -std=c99 -O2
+  -I"$ROOT_DIR/third_party/proxmark_mfkey/include"
+  -I"$ROOT_DIR/third_party/proxmark_mfkey/common"
+  -I"$ROOT_DIR/third_party/proxmark_mfkey/common/crapto1"
+  -I"$ROOT_DIR/third_party/proxmark_mfkey/tools/mfc/card_reader"
+)
+
+COMMON_SRCS=(
+  "$ROOT_DIR/third_party/proxmark_mfkey/tools/mfc/card_reader/util_posix.c"
+  "$ROOT_DIR/third_party/proxmark_mfkey/tools/mfc/card_reader/sleep.c"
+  "$ROOT_DIR/third_party/proxmark_mfkey/common/bucketsort.c"
+  "$ROOT_DIR/third_party/proxmark_mfkey/common/crapto1/crapto1.c"
+  "$ROOT_DIR/third_party/proxmark_mfkey/common/crapto1/crypto1.c"
+)
+
+LIBS=( -lpthread )
+
+build_tool() {
+  local target="$1"
+  local src="$ROOT_DIR/third_party/proxmark_mfkey/tools/mfc/card_reader/${target}.c"
+  local output="$OUT_DIR/${target}${EXE_SUFFIX}"
+  echo "Building $target -> $output"
+  "$CC" "${COMMON_FLAGS[@]}" "$src" "${COMMON_SRCS[@]}" "${LIBS[@]}" -o "$output"
+}
+
+build_tool mfkey32v2
+build_tool mfkey64
+
+STATIC_FLAGS=(
+  -std=c99 -O2
+  -I"$ROOT_DIR/third_party/proxmark_mfkey/include"
+  -I"$ROOT_DIR/third_party/proxmark_mfkey/common"
+  -I"$ROOT_DIR/third_party/proxmark_mfkey/common/crapto1"
+  -I"$ROOT_DIR/third_party/proxmark_mfkey/tools/mfc/card_only"
+)
+
+STATIC_SRCS=(
+  "$ROOT_DIR/third_party/proxmark_mfkey/tools/mfc/card_only/staticnested_2nt.c"
+  "$ROOT_DIR/third_party/proxmark_mfkey/tools/mfc/card_only/nested_util.c"
+  "$ROOT_DIR/third_party/proxmark_mfkey/common/bucketsort.c"
+  "$ROOT_DIR/third_party/proxmark_mfkey/common/crapto1/crapto1.c"
+  "$ROOT_DIR/third_party/proxmark_mfkey/common/crapto1/crypto1.c"
+)
+
+STATIC_OUTPUT="$OUT_DIR/staticnested${EXE_SUFFIX}"
+echo "Building staticnested -> $STATIC_OUTPUT"
+"$CC" "${STATIC_FLAGS[@]}" "${STATIC_SRCS[@]}" -lpthread -o "$STATIC_OUTPUT"
+
+echo "Build artifacts are in $OUT_DIR"