chg: lf psksim - uses NG

armsrc/appmain.c

@@ -784,17 +784,19 @@ static void PacketReceived(PacketCommandNG *packet) {
             break;
         case CMD_FSK_SIM_TAG: {
             lf_fsksim_t *payload = (lf_fsksim_t *)packet->data.asBytes;
-            CmdFSKsimTAG(payload->fchigh, payload->fclow, payload->separator, payload->clock, packet->length - sizeof(lf_fsksim_t), payload->data, 1);
+            CmdFSKsimTAG(payload->fchigh, payload->fclow, payload->separator, payload->clock, packet->length - sizeof(lf_fsksim_t), payload->data, true);
             break;
             }
         case CMD_ASK_SIM_TAG: {
             lf_asksim_t *payload = (lf_asksim_t *)packet->data.asBytes;
-            CmdASKsimTAG(payload->encoding, payload->invert, payload->separator, payload->clock, packet->length - sizeof(lf_asksim_t), payload->data, 1);
+            CmdASKsimTAG(payload->encoding, payload->invert, payload->separator, payload->clock, packet->length - sizeof(lf_asksim_t), payload->data, true);
             break;
             }
-        case CMD_PSK_SIM_TAG:
+        case CMD_PSK_SIM_TAG: {
-            CmdPSKsimTag(packet->oldarg[0], packet->oldarg[1], packet->oldarg[2], packet->data.asBytes, 1);
+            lf_psksim_t *payload = (lf_psksim_t *)packet->data.asBytes;
+            CmdPSKsimTag(payload->carrier, payload->invert, payload->clock, packet->length - sizeof(lf_psksim_t), payload->data, true);
             break;
+            }
         case CMD_HID_CLONE_TAG:
             CopyHIDtoT55x7(packet->oldarg[0], packet->oldarg[1], packet->oldarg[2], packet->data.asBytes[0]);
             break;

armsrc/apps.h

@@ -81,16 +81,16 @@ void WriteTItag(uint32_t idhi, uint32_t idlo, uint16_t crc);
 
 void AcquireTiType(void);
 void AcquireRawBitsTI(void);
-void SimulateTagLowFrequencyEx(int period, int gap, int ledcontrol, int numcycles);
+void SimulateTagLowFrequencyEx(int period, int gap, bool ledcontrol, int numcycles);
-void SimulateTagLowFrequency(int period, int gap, int ledcontrol);
+void SimulateTagLowFrequency(int period, int gap, bool ledcontrol);
 void SimulateTagLowFrequencyBidir(int divisor, int max_bitlen);
-void CmdHIDsimTAGEx(uint32_t hi, uint32_t lo, int ledcontrol, int numcycles);
-void CmdHIDsimTAG(uint32_t hi, uint32_t lo, int ledcontrol);
 
-void CmdFSKsimTAG(uint8_t fchigh, uint8_t fclow, uint8_t separator, uint8_t clock, uint16_t bitslen, uint8_t *bits, int ledcontrol);
+void CmdHIDsimTAGEx(uint32_t hi, uint32_t lo, bool ledcontrol, int numcycles);
-void CmdASKsimTAG(uint8_t encoding, uint8_t invert, uint8_t separator, uint8_t clk, size_t size, uint8_t *bits, int ledcontrol);
+void CmdHIDsimTAG(uint32_t hi, uint32_t lo, bool ledcontrol);
 
-void CmdPSKsimTag(uint16_t arg1, uint16_t arg2, size_t size, uint8_t *bits, int ledcontrol);
+void CmdFSKsimTAG(uint8_t fchigh, uint8_t fclow, uint8_t separator, uint8_t clk, uint16_t bitslen, uint8_t *bits, bool ledcontrol);
+void CmdASKsimTAG(uint8_t encoding, uint8_t invert, uint8_t separator, uint8_t clk, uint16_t size, uint8_t *bits, bool ledcontrol);
+void CmdPSKsimTag(uint8_t carrier, uint8_t invert, uint8_t clk, uint16_t size, uint8_t *bits, bool ledcontrol);
 
 void CmdHIDdemodFSK(int findone, uint32_t *high, uint32_t *low, int ledcontrol);
 void CmdAWIDdemodFSK(int findone, uint32_t *high, uint32_t *low, int ledcontrol); // Realtime demodulation mode for AWID26

armsrc/lfops.c

@@ -561,7 +561,7 @@ void WriteTItag(uint32_t idhi, uint32_t idlo, uint16_t crc) {
 
 // note:   a call to FpgaDownloadAndGo(FPGA_BITSTREAM_LF) must be done before, but
 //  this may destroy the bigbuf so be sure this is called before calling SimulateTagLowFrequencyEx
-void SimulateTagLowFrequencyEx(int period, int gap, int ledcontrol, int numcycles) {
+void SimulateTagLowFrequencyEx(int period, int gap, bool ledcontrol, int numcycles) {
 
     // start us timer
     StartTicks();
@@ -649,7 +649,7 @@ OUT:
     LED_D_OFF();
 }
 
-void SimulateTagLowFrequency(int period, int gap, int ledcontrol) {
+void SimulateTagLowFrequency(int period, int gap, bool ledcontrol) {
     SimulateTagLowFrequencyEx(period, gap, ledcontrol, -1);
 }
 
@@ -757,7 +757,7 @@ static void fcAll(uint8_t fc, int *n, uint8_t clock, uint16_t *modCnt) {
 
 // prepare a waveform pattern in the buffer based on the ID given then
 // simulate a HID tag until the button is pressed
-void CmdHIDsimTAGEx(uint32_t hi, uint32_t lo, int ledcontrol, int numcycles) {
+void CmdHIDsimTAGEx(uint32_t hi, uint32_t lo, bool ledcontrol, int numcycles) {
 
     if (hi > 0xFFF) {
         DbpString("[!] tags can only have 44 bits. - USE lf simfsk for larger tags");
@@ -820,7 +820,7 @@ void CmdHIDsimTAGEx(uint32_t hi, uint32_t lo, int ledcontrol, int numcycles) {
     if (ledcontrol) LED_A_OFF();
 }
 
-void CmdHIDsimTAG(uint32_t hi, uint32_t lo, int ledcontrol) {
+void CmdHIDsimTAG(uint32_t hi, uint32_t lo, bool ledcontrol) {
     CmdHIDsimTAGEx(hi, lo, ledcontrol, -1);
     reply_ng(CMD_HID_SIM_TAG, PM3_EOPABORTED, NULL, 0);
 }
@@ -828,8 +828,8 @@ void CmdHIDsimTAG(uint32_t hi, uint32_t lo, int ledcontrol) {
 // prepare a waveform pattern in the buffer based on the ID given then
 // simulate a FSK tag until the button is pressed
 // arg1 contains fcHigh and fcLow, arg2 contains STT marker and clock
-void CmdFSKsimTAG(uint8_t fchigh, uint8_t fclow, uint8_t separator, uint8_t clock, uint16_t bitslen, uint8_t *bits, int ledcontrol) {
+void CmdFSKsimTAG(uint8_t fchigh, uint8_t fclow, uint8_t separator, uint8_t clk, uint16_t bitslen, uint8_t *bits, bool ledcontrol) {
-//void CmdFSKsimTAG(uint16_t arg1, uint16_t arg2, size_t size, uint8_t *bits, int ledcontrol) {
+
     FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
 
     // free eventually allocated BigBuf memory
@@ -848,14 +848,14 @@ void CmdFSKsimTAG(uint8_t fchigh, uint8_t fclow, uint8_t separator, uint8_t cloc
 
     for (i = 0; i < bitslen; i++) {
         if (bits[i])
-            fcAll(fclow, &n, clock, &modCnt);
+            fcAll(fclow, &n, clk, &modCnt);
         else
-            fcAll(fchigh, &n, clock, &modCnt);
+            fcAll(fchigh, &n, clk, &modCnt);
     }
 
     WDT_HIT();
 
-    Dbprintf("Simulating with fcHigh: %d, fcLow: %d, clk: %d, STT: %d, n: %d", fchigh, fclow, clock, separator, n);
+    Dbprintf("Simulating with fcHigh: %d, fcLow: %d, clk: %d, STT: %d, n: %d", fchigh, fclow, clk, separator, n);
 
     if (ledcontrol) LED_A_ON();
     SimulateTagLowFrequency(n, 0, ledcontrol);
@@ -903,7 +903,7 @@ static void stAskSimBit(int *n, uint8_t clock) {
 }
 
 // args clock, ask/man or askraw, invert, transmission separator
-void CmdASKsimTAG(uint8_t encoding, uint8_t invert, uint8_t separator, uint8_t clk, size_t size, uint8_t *bits, int ledcontrol) {
+void CmdASKsimTAG(uint8_t encoding, uint8_t invert, uint8_t separator, uint8_t clk, uint16_t size, uint8_t *bits, bool ledcontrol) {
     FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
     set_tracing(false);
 
@@ -967,14 +967,11 @@ static void pskSimBit(uint8_t waveLen, int *n, uint8_t clk, uint8_t *curPhase, b
 }
 
 // args clock, carrier, invert,
-void CmdPSKsimTag(uint16_t arg1, uint16_t arg2, size_t size, uint8_t *bits, int ledcontrol) {
+void CmdPSKsimTag(uint8_t carrier, uint8_t invert, uint8_t clk, uint16_t size, uint8_t *bits, bool ledcontrol) {
     FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
     set_tracing(false);
 
     int n = 0, i = 0;
-    uint8_t clk = arg1 >> 8;
-    uint8_t carrier = arg1 & 0xFF;
-    uint8_t invert = arg2 & 0xFF;
     uint8_t curPhase = 0;
     for (i = 0; i < size; i++) {
         if (bits[i] == curPhase) {

client/cmdlf.c

@@ -831,14 +831,23 @@ int CmdLFpskSim(const char *Cmd) {
         }
     }
     size_t size = DemodBufferLen;
-    if (size > PM3_CMD_DATA_SIZE) {
+    if (size > (PM3_CMD_DATA_SIZE - sizeof(lf_psksim_t))) {
-        PrintAndLogEx(NORMAL, "DemodBuffer too long for current implementation - length: %d - max: %d", size, PM3_CMD_DATA_SIZE);
+        PrintAndLogEx(NORMAL, "DemodBuffer too long for current implementation - length: %d - max: %d", size, PM3_CMD_DATA_SIZE - sizeof(lf_psksim_t));
-        size = PM3_CMD_DATA_SIZE;
+        size = PM3_CMD_DATA_SIZE - sizeof(lf_psksim_t);
     }
-    PrintAndLogEx(DEBUG, "DEBUG: Sending DemodBuffer Length: %d", size);
+
+    lf_psksim_t *payload = calloc(1, sizeof(lf_psksim_t) + size);
+    payload->carrier =  carrier;
+    payload->invert = invert;
+    payload->clock = clk;
+    memcpy(payload->data, DemodBuffer, size);
+
+    PrintAndLogEx(INFO, "Simulating");
 
     clearCommandBuffer();
-    SendCommandOLD(CMD_PSK_SIM_TAG, clk << 8 | carrier, invert, size, DemodBuffer, size);
+    SendCommandNG(CMD_PSK_SIM_TAG, (uint8_t *)payload,  sizeof(lf_psksim_t) + size);
+    free(payload);
+
     PacketResponseNG resp;
     WaitForResponse(CMD_PSK_SIM_TAG, &resp);
 

client/cmdlfawid.c

@@ -332,13 +332,14 @@ static int CmdAWIDSim(const char *Cmd) {
 
     verify_values(&fmtlen, &fc, &cn);
 
-    PrintAndLogEx(SUCCESS, "Simulating AWID %u -- FC: %u; CN: %u\n", fmtlen, fc, cn);
-    PrintAndLogEx(SUCCESS, "Press pm3-button to abort simulation or run another command");
-
     if ( getAWIDBits(fmtlen, fc, cn, bs) != PM3_SUCCESS ) {
         PrintAndLogEx(WARNING, "Error with tag bitstream generation.");
         return PM3_ESOFT;
     }
+
+    PrintAndLogEx(SUCCESS, "Simulating AWID %u -- FC: %u; CN: %u\n", fmtlen, fc, cn);
+    PrintAndLogEx(SUCCESS, "Press pm3-button to abort simulation or run another command");
+
     // AWID uses: FSK2a fcHigh: 10, fcLow: 8, clk: 50, invert: 1
     // arg1 --- fcHigh<<8 + fcLow
     // arg2 --- Inversion and clk setting

client/cmdlfindala.c

@@ -372,8 +372,8 @@ static int CmdIndalaSim(const char *Cmd) {
     char cmdp = tolower(param_getchar(Cmd, 0));
     if (strlen(Cmd) == 0 || cmdp == 'h') return usage_lf_indala_sim();
 
-    uint8_t bits[224];
+    uint8_t bs[224];
-    memset(bits, 0x00, sizeof(bits));
+    memset(bs, 0x00, sizeof(bs));
 
     // uid
     uint8_t hexuid[100];
@@ -386,24 +386,35 @@ static int CmdIndalaSim(const char *Cmd) {
     uint8_t counter = 223;
     for (uint8_t i = 0; i < len; i++) {
         for (uint8_t j = 0; j < 8; j++) {
-            bits[counter--] = hexuid[i] & 1;
+            bs[counter--] = hexuid[i] & 1;
             hexuid[i] >>= 1;
         }
     }
 
     // indala PSK
-    uint8_t clk = 32, carrier = 2, invert = 0;
-
     // It has to send either 64bits (8bytes) or 224bits (28bytes).  Zero padding needed if not.
     // lf simpsk 1 c 32 r 2 d 0102030405060708
 
     PrintAndLogEx(SUCCESS, "Simulating Indala UID: %s",  sprint_hex(hexuid, len));
     PrintAndLogEx(SUCCESS, "Press pm3-button to abort simulation or run another command");
 
+    // indala PSK,  clock 32, carrier 0
+    lf_psksim_t *payload = calloc(1, sizeof(lf_psksim_t) + sizeof(bs));
+    payload->carrier =  2;
+    payload->invert = 0;
+    payload->clock = 32;
+    memcpy(payload->data, bs, sizeof(bs));
+
+    PrintAndLogEx(INFO, "Simulating");
+
     clearCommandBuffer();
-    SendCommandOLD(CMD_PSK_SIM_TAG, clk << 8 | carrier, invert, sizeof(bits), bits, sizeof(bits));
+    SendCommandNG(CMD_PSK_SIM_TAG, (uint8_t *)payload,  sizeof(lf_psksim_t) + sizeof(bs));
+    free(payload);
+
     PacketResponseNG resp;
     WaitForResponse(CMD_PSK_SIM_TAG, &resp);
+
+    PrintAndLogEx(INFO, "Done");
     if (resp.status != PM3_EOPABORTED)
         return resp.status;
     return PM3_SUCCESS;

client/cmdlfkeri.c

@@ -175,28 +175,39 @@ static int CmdKeriClone(const char *Cmd) {
 static int CmdKeriSim(const char *Cmd) {
 
     char cmdp = tolower(param_getchar(Cmd, 0));
-    if (strlen(Cmd) == 0 || cmdp == 'h') return usage_lf_keri_sim();
+    if (strlen(Cmd) == 0 || cmdp == 'h') 
+        return usage_lf_keri_sim();
 
     uint64_t internalid = param_get32ex(Cmd, 0, 0, 10);
     internalid |= 0x80000000;
     internalid <<= 3;
     internalid += 7;
 
-    uint8_t bits[64] = {0x00};
+    uint8_t bs[64] = {0x00};
     // loop to bits
     uint8_t j = 0;
     for (int8_t i = 63; i >= 0; --i) {
-        bits[j++] = ((internalid >> i) & 1);
+        bs[j++] = ((internalid >> i) & 1);
     }
 
-    uint8_t clk = 32, carrier = 2, invert = 0;
-
     PrintAndLogEx(SUCCESS, "Simulating KERI - Internal Id: %u", internalid);
 
+    lf_psksim_t *payload = calloc(1, sizeof(lf_psksim_t) + sizeof(bs));
+    payload->carrier =  2;
+    payload->invert = 0;
+    payload->clock = 32;
+    memcpy(payload->data, bs, sizeof(bs));
+
+    PrintAndLogEx(INFO, "Simulating");
+
     clearCommandBuffer();
-    SendCommandOLD(CMD_PSK_SIM_TAG, clk << 8 | carrier, invert, sizeof(bits), bits, sizeof(bits));
+    SendCommandNG(CMD_PSK_SIM_TAG, (uint8_t *)payload,  sizeof(lf_psksim_t) + sizeof(bs));
+    free(payload);
+
     PacketResponseNG resp;
     WaitForResponse(CMD_PSK_SIM_TAG, &resp);
+
+    PrintAndLogEx(INFO, "Done");
     if (resp.status != PM3_EOPABORTED)
         return resp.status;
     return PM3_SUCCESS;

include/pm3_cmd.h

@@ -176,7 +176,7 @@ typedef struct {
     uint8_t flags;
 } PACKED t55xx_write_block_t;
 
-// For CMD_FSK_SIM_TAG
+// For CMD_FSK_SIM_TAG (FSK)
 typedef struct {
     uint8_t fchigh;
     uint8_t fclow;
@@ -185,7 +185,7 @@ typedef struct {
     uint8_t data[];
 } PACKED lf_fsksim_t;
 
-// For CMD_ASK_SIM_TAG
+// For CMD_ASK_SIM_TAG (ASK)
 typedef struct {
     uint8_t encoding;
     uint8_t invert;
@@ -194,6 +194,15 @@ typedef struct {
     uint8_t data[];
 } PACKED lf_asksim_t;
 
+// For CMD_PSK_SIM_TAG (PSK)
+typedef struct {
+    uint8_t carrier;
+    uint8_t invert;
+    uint8_t clock;
+    uint8_t data[];
+} PACKED lf_psksim_t;
+
+
 // For the bootloader
 #define CMD_DEVICE_INFO                                                   0x0000
 #define CMD_SETUP_WRITE                                                   0x0001