github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-19 21:03:48 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'master' of https://github.com/Proxmark/proxmark3

Browse source
This commit is contained in:
iceman1001 2015-02-10 09:01:31 +01:00
commit 1e3a799d47
15 changed files with 1491 additions and 779 deletions
Download patch file Download diff file Expand all files Collapse all files

83
armsrc/appmain.c
View file

@ -135,12 +135,25 @@ static int ReadAdc(int ch)
AT91C_BASE_ADC->ADC_CR = AT91C_ADC_SWRST;
AT91C_BASE_ADC->ADC_MR =
ADC_MODE_PRESCALE(32) |
ADC_MODE_STARTUP_TIME(16) |
ADC_MODE_SAMPLE_HOLD_TIME(8);
ADC_MODE_PRESCALE(63 /* was 32 */) | // ADC_CLK = MCK / ((63+1) * 2) = 48MHz / 128 = 375kHz
ADC_MODE_STARTUP_TIME(1 /* was 16 */) | // Startup Time = (1+1) * 8 / ADC_CLK = 16 / 375kHz = 42,7us Note: must be > 20us
ADC_MODE_SAMPLE_HOLD_TIME(15 /* was 8 */); // Sample & Hold Time SHTIM = 15 / ADC_CLK = 15 / 375kHz = 40us
// Note: ADC_MODE_PRESCALE and ADC_MODE_SAMPLE_HOLD_TIME are set to the maximum allowed value.
// Both AMPL_LO and AMPL_HI are very high impedance (10MOhm) outputs, the input capacitance of the ADC is 12pF (typical). This results in a time constant
// of RC = 10MOhm * 12pF = 120us. Even after the maximum configurable sample&hold time of 40us the input capacitor will not be fully charged.
//
// The maths are:
// If there is a voltage v_in at the input, the voltage v_cap at the capacitor (this is what we are measuring) will be
//
// v_cap = v_in * (1 - exp(-RC/SHTIM)) = v_in * (1 - exp(-3)) = v_in * 0,95 (i.e. an error of 5%)
//
// Note: with the "historic" values in the comments above, the error was 34% !!!
AT91C_BASE_ADC->ADC_CHER = ADC_CHANNEL(ch);
AT91C_BASE_ADC->ADC_CR = AT91C_ADC_START;
while(!(AT91C_BASE_ADC->ADC_SR & ADC_END_OF_CONVERSION(ch)))
;
d = AT91C_BASE_ADC->ADC_CDR[ch];
@ -183,9 +196,7 @@ void MeasureAntennaTuning(void)
WDT_HIT();
FpgaSendCommand(FPGA_CMD_SET_DIVISOR, i);
SpinDelay(20);
// Vref = 3.3V, and a 10000:240 voltage divider on the input
// can measure voltages up to 137500 mV
adcval = ((137500 * AvgAdc(ADC_CHAN_LF)) >> 10);
adcval = ((MAX_ADC_LF_VOLTAGE * AvgAdc(ADC_CHAN_LF)) >> 10);
if (i==95) vLf125 = adcval; // voltage at 125Khz
if (i==89) vLf134 = adcval; // voltage at 134Khz
@ -205,9 +216,7 @@ void MeasureAntennaTuning(void)
FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_READER_RX_XCORR);
SpinDelay(20);
// Vref = 3300mV, and an 10:1 voltage divider on the input
// can measure voltages up to 33000 mV
vHf = (33000 * AvgAdc(ADC_CHAN_HF)) >> 10;
vHf = (MAX_ADC_HF_VOLTAGE * AvgAdc(ADC_CHAN_HF)) >> 10;
cmd_send(CMD_MEASURED_ANTENNA_TUNING, vLf125 | (vLf134<<16), vHf, peakf | (peakv<<16), LF_Results, 256);
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
@ -222,19 +231,21 @@ void MeasureAntennaTuningHf(void)
DbpString("Measuring HF antenna, press button to exit");
for (;;) {
// Let the FPGA drive the high-frequency antenna around 13.56 MHz.
FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_READER_RX_XCORR);
for (;;) {
SpinDelay(20);
// Vref = 3300mV, and an 10:1 voltage divider on the input
// can measure voltages up to 33000 mV
vHf = (33000 * AvgAdc(ADC_CHAN_HF)) >> 10;
vHf = (MAX_ADC_HF_VOLTAGE * AvgAdc(ADC_CHAN_HF)) >> 10;
Dbprintf("%d mV",vHf);
if (BUTTON_PRESS()) break;
}
DbpString("cancelled");
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
}
@ -512,26 +523,32 @@ static const int LIGHT_LEN = sizeof(LIGHT_SCHEME)/sizeof(LIGHT_SCHEME[0]);
void ListenReaderField(int limit)
{
int lf_av, lf_av_new, lf_baseline= 0, lf_count= 0, lf_max;
int hf_av, hf_av_new, hf_baseline= 0, hf_count= 0, hf_max;
int lf_av, lf_av_new, lf_baseline= 0, lf_max;
int hf_av, hf_av_new, hf_baseline= 0, hf_max;
int mode=1, display_val, display_max, i;
#define LF_ONLY 1
#define HF_ONLY 2
#define REPORT_CHANGE 10 // report new values only if they have changed at least by REPORT_CHANGE
// switch off FPGA - we don't want to measure our own signal
FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
LEDsoff();
lf_av=lf_max=ReadAdc(ADC_CHAN_LF);
lf_av = lf_max = AvgAdc(ADC_CHAN_LF);
if(limit != HF_ONLY) {
Dbprintf("LF 125/134 Baseline: %d", lf_av);
Dbprintf("LF 125/134kHz Baseline: %dmV", (MAX_ADC_LF_VOLTAGE * lf_av) >> 10);
lf_baseline = lf_av;
}
hf_av=hf_max=ReadAdc(ADC_CHAN_HF);
hf_av = hf_max = AvgAdc(ADC_CHAN_HF);
if (limit != LF_ONLY) {
Dbprintf("HF 13.56 Baseline: %d", hf_av);
Dbprintf("HF 13.56MHz Baseline: %dmV", (MAX_ADC_HF_VOLTAGE * hf_av) >> 10);
hf_baseline = hf_av;
}
@ -555,37 +572,37 @@ void ListenReaderField(int limit)
if (limit != HF_ONLY) {
if(mode == 1) {
if (abs(lf_av - lf_baseline) > 10) LED_D_ON();
else LED_D_OFF();
if (abs(lf_av - lf_baseline) > REPORT_CHANGE)
LED_D_ON();
else
LED_D_OFF();
}
++lf_count;
lf_av_new= ReadAdc(ADC_CHAN_LF);
lf_av_new = AvgAdc(ADC_CHAN_LF);
// see if there's a significant change
if(abs(lf_av - lf_av_new) > 10) {
Dbprintf("LF 125/134 Field Change: %x %x %x", lf_av, lf_av_new, lf_count);
if(abs(lf_av - lf_av_new) > REPORT_CHANGE) {
Dbprintf("LF 125/134kHz Field Change: %5dmV", (MAX_ADC_LF_VOLTAGE * lf_av_new) >> 10);
lf_av = lf_av_new;
if (lf_av > lf_max)
lf_max = lf_av;
lf_count= 0;
}
}
if (limit != LF_ONLY) {
if (mode == 1){
if (abs(hf_av - hf_baseline) > 10) LED_B_ON();
else LED_B_OFF();
if (abs(hf_av - hf_baseline) > REPORT_CHANGE)
LED_B_ON();
else
LED_B_OFF();
}
++hf_count;
hf_av_new= ReadAdc(ADC_CHAN_HF);
hf_av_new = AvgAdc(ADC_CHAN_HF);
// see if there's a significant change
if(abs(hf_av - hf_av_new) > 10) {
Dbprintf("HF 13.56 Field Change: %x %x %x", hf_av, hf_av_new, hf_count);
if(abs(hf_av - hf_av_new) > REPORT_CHANGE) {
Dbprintf("HF 13.56MHz Field Change: %5dmV", (MAX_ADC_HF_VOLTAGE * hf_av_new) >> 10);
hf_av = hf_av_new;
if (hf_av > hf_max)
hf_max = hf_av;
hf_count= 0;
}
}

4
armsrc/apps.h
View file

@ -40,6 +40,10 @@ void DbpString(char *str);
void Dbprintf(const char *fmt, ...);
void Dbhexdump(int len, uint8_t *d, bool bAsci);
// ADC Vref = 3300mV, and an (10M+1M):1M voltage divider on the HF input can measure voltages up to 36300 mV
#define MAX_ADC_HF_VOLTAGE 36300
// ADC Vref = 3300mV, and an (10000k+240k):240k voltage divider on the LF input can measure voltages up to 140800 mV
#define MAX_ADC_LF_VOLTAGE 140800
int AvgAdc(int ch);
void ToSendStuffBit(int b);

50
armsrc/iso14443a.c
View file

@ -312,7 +312,7 @@ static RAMFUNC bool MillerDecoding(uint8_t bit, uint32_t non_real_time)
if (Uart.state == STATE_UNSYNCD) { // not yet synced
if (Uart.highCnt < 7) { // wait for a stable unmodulated signal
if (Uart.highCnt < 2) { // wait for a stable unmodulated signal
if (Uart.twoBits == 0xffff) {
Uart.highCnt++;
} else {
@ -320,16 +320,17 @@ static RAMFUNC bool MillerDecoding(uint8_t bit, uint32_t non_real_time)
}
} else {
Uart.syncBit = 0xFFFF; // not set
// look for 00xx1111 (the start bit)
if ((Uart.twoBits & 0x6780) == 0x0780) Uart.syncBit = 7;
else if ((Uart.twoBits & 0x33C0) == 0x03C0) Uart.syncBit = 6;
else if ((Uart.twoBits & 0x19E0) == 0x01E0) Uart.syncBit = 5;
else if ((Uart.twoBits & 0x0CF0) == 0x00F0) Uart.syncBit = 4;
else if ((Uart.twoBits & 0x0678) == 0x0078) Uart.syncBit = 3;
else if ((Uart.twoBits & 0x033C) == 0x003C) Uart.syncBit = 2;
else if ((Uart.twoBits & 0x019E) == 0x001E) Uart.syncBit = 1;
else if ((Uart.twoBits & 0x00CF) == 0x000F) Uart.syncBit = 0;
if (Uart.syncBit != 0xFFFF) {
// we look for a ...1111111100x11111xxxxxx pattern (the start bit)
if ((Uart.twoBits & 0xDF00) == 0x1F00) Uart.syncBit = 8; // mask is 11x11111 xxxxxxxx,
// check for 00x11111 xxxxxxxx
else if ((Uart.twoBits & 0xEF80) == 0x8F80) Uart.syncBit = 7; // both masks shifted right one bit, left padded with '1'
else if ((Uart.twoBits & 0xF7C0) == 0xC7C0) Uart.syncBit = 6; // ...
else if ((Uart.twoBits & 0xFBE0) == 0xE3E0) Uart.syncBit = 5;
else if ((Uart.twoBits & 0xFDF0) == 0xF1F0) Uart.syncBit = 4;
else if ((Uart.twoBits & 0xFEF8) == 0xF8F8) Uart.syncBit = 3;
else if ((Uart.twoBits & 0xFF7C) == 0xFC7C) Uart.syncBit = 2;
else if ((Uart.twoBits & 0xFFBE) == 0xFE3E) Uart.syncBit = 1;
if (Uart.syncBit != 0xFFFF) { // found a sync bit
Uart.startTime = non_real_time?non_real_time:(GetCountSspClk() & 0xfffffff8);
Uart.startTime -= Uart.syncBit;
Uart.endTime = Uart.startTime;
@ -342,11 +343,9 @@ static RAMFUNC bool MillerDecoding(uint8_t bit, uint32_t non_real_time)
if (IsMillerModulationNibble1(Uart.twoBits >> Uart.syncBit)) {
if (IsMillerModulationNibble2(Uart.twoBits >> Uart.syncBit)) { // Modulation in both halves - error
UartReset();
Uart.highCnt = 6;
} else { // Modulation in first half = Sequence Z = logic "0"
if (Uart.state == STATE_MILLER_X) { // error - must not follow after X
UartReset();
Uart.highCnt = 6;
} else {
Uart.bitCount++;
Uart.shiftReg = (Uart.shiftReg >> 1); // add a 0 to the shiftreg
@ -401,12 +400,13 @@ static RAMFUNC bool MillerDecoding(uint8_t bit, uint32_t non_real_time)
if (Uart.len) {
return TRUE; // we are finished with decoding the raw data sequence
} else {
UartReset(); // Nothing receiver - start over
UartReset(); // Nothing received - start over
Uart.highCnt = 1;
}
}
if (Uart.state == STATE_START_OF_COMMUNICATION) { // error - must not follow directly after SOC
UartReset();
Uart.highCnt = 6;
Uart.highCnt = 1;
} else { // a logic "0"
Uart.bitCount++;
Uart.shiftReg = (Uart.shiftReg >> 1); // add a 0 to the shiftreg
@ -1425,6 +1425,7 @@ void CodeIso14443aAsReaderPar(const uint8_t *cmd, uint16_t len, const uint8_t *p
CodeIso14443aBitsAsReaderPar(cmd, len*8, parity);
}
//-----------------------------------------------------------------------------
// Wait for commands from reader
// Stop when button is pressed (return 1) or field was gone (return 2)
@ -1447,9 +1448,9 @@ static int EmGetCmd(uint8_t *received, uint16_t *len, uint8_t *parity)
// Set ADC to read field strength
AT91C_BASE_ADC->ADC_CR = AT91C_ADC_SWRST;
AT91C_BASE_ADC->ADC_MR =
ADC_MODE_PRESCALE(32) |
ADC_MODE_STARTUP_TIME(16) |
ADC_MODE_SAMPLE_HOLD_TIME(8);
ADC_MODE_PRESCALE(63) |
ADC_MODE_STARTUP_TIME(1) |
ADC_MODE_SAMPLE_HOLD_TIME(15);
AT91C_BASE_ADC->ADC_CHER = ADC_CHANNEL(ADC_CHAN_HF);
// start ADC
AT91C_BASE_ADC->ADC_CR = AT91C_ADC_START;
@ -1471,7 +1472,7 @@ static int EmGetCmd(uint8_t *received, uint16_t *len, uint8_t *parity)
analogAVG += AT91C_BASE_ADC->ADC_CDR[ADC_CHAN_HF];
AT91C_BASE_ADC->ADC_CR = AT91C_ADC_START;
if (analogCnt >= 32) {
if ((33000 * (analogAVG / analogCnt) >> 10) < MF_MINFIELDV) {
if ((MAX_ADC_HF_VOLTAGE * (analogAVG / analogCnt) >> 10) < MF_MINFIELDV) {
vtime = GetTickCount();
if (!timer) timer = vtime;
// 50ms no field --> card to idle state
@ -1546,7 +1547,8 @@ static int EmSendCmd14443aRaw(uint8_t *resp, uint16_t respLen, bool correctionNe
}
// Ensure that the FPGA Delay Queue is empty before we switch to TAGSIM_LISTEN again:
for (i = 0; i < 2 ; ) {
uint8_t fpga_queued_bits = FpgaSendQueueDelay >> 3;
for (i = 0; i <= fpga_queued_bits/8 + 1; ) {
if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {
AT91C_BASE_SSC->SSC_THR = SEC_F;
FpgaSendQueueDelay = (uint8_t)AT91C_BASE_SSC->SSC_RHR;
@ -2264,6 +2266,7 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
// free eventually allocated BigBuf memory but keep Emulator Memory
BigBuf_free_keep_EM();
// clear trace
iso14a_clear_trace();
iso14a_set_tracing(TRUE);
@ -2328,10 +2331,8 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
WDT_HIT();
// find reader field
// Vref = 3300mV, and an 10:1 voltage divider on the input
// can measure voltages up to 33000 mV
if (cardSTATE == MFEMUL_NOFIELD) {
vHf = (33000 * AvgAdc(ADC_CHAN_HF)) >> 10;
vHf = (MAX_ADC_HF_VOLTAGE * AvgAdc(ADC_CHAN_HF)) >> 10;
if (vHf > MF_MINFIELDV) {
cardSTATE_TO_IDLE();
LED_A_ON();
@ -2406,6 +2407,7 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
LogTrace(Uart.output, Uart.len, Uart.startTime*16 - DELAY_AIR2ARM_AS_TAG, Uart.endTime*16 - DELAY_AIR2ARM_AS_TAG, Uart.parity, TRUE);
break;
}
uint32_t ar = bytes_to_num(receivedCmd, 4);
uint32_t nr = bytes_to_num(&receivedCmd[4], 4);
@ -2512,6 +2514,7 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
ans = nonce ^ crypto1_word(pcs, cuid ^ nonce, 0);
num_to_bytes(ans, 4, rAUTH_AT);
}
EmSendCmd(rAUTH_AT, sizeof(rAUTH_AT));
//Dbprintf("Sending rAUTH %02x%02x%02x%02x", rAUTH_AT[0],rAUTH_AT[1],rAUTH_AT[2],rAUTH_AT[3]);
cardSTATE = MFEMUL_AUTH1;
@ -2712,6 +2715,7 @@ void Mifare1ksim(uint8_t flags, uint8_t exitAfterNReads, uint8_t arg2, uint8_t *
}
}
if (MF_DBGLEVEL >= 1) Dbprintf("Emulator stopped. Tracing: %d trace length: %d ", tracing, traceLen);
}

4
armsrc/lfops.c
View file

@ -640,7 +640,7 @@ void CmdEM410xdemod(int findone, int *high, int *low, int ledcontrol)
uint8_t *dest = BigBuf_get_addr();
size_t size=0, idx=0;
int clk=0, invert=0, errCnt=0;
int clk=0, invert=0, errCnt=0, maxErr=20;
uint64_t lo=0;
// Configure to go in 125Khz listen mode
LFSetupFPGAForADC(95, true);
@ -654,7 +654,7 @@ void CmdEM410xdemod(int findone, int *high, int *low, int ledcontrol)
size = BigBuf_max_traceLen();
//Dbprintf("DEBUG: Buffer got");
//askdemod and manchester decode
errCnt = askmandemod(dest, &size, &clk, &invert);
errCnt = askmandemod(dest, &size, &clk, &invert, maxErr);
//Dbprintf("DEBUG: ASK Got");
WDT_HIT();

463
client/cmddata.c
View file

@ -255,44 +255,113 @@ void printEM410x(uint64_t id)
}
//by marshmellow
//take binary from demod buffer and see if we can find an EM410x ID
int CmdEm410xDecode(const char *Cmd)
//takes 3 arguments - clock, invert and maxErr as integers
//attempts to demodulate ask while decoding manchester
//prints binary found and saves in graphbuffer for further commands
int CmdAskEM410xDemod(const char *Cmd)
{
uint64_t id=0;
size_t size = DemodBufferLen, idx=0;
id = Em410xDecode(DemodBuffer, &size, &idx);
if (id>0){
setDemodBuf(DemodBuffer, size, idx);
int invert=0;
int clk=0;
int maxErr=100;
char cmdp = param_getchar(Cmd, 0);
if (strlen(Cmd) > 10 || cmdp == 'h' || cmdp == 'H') {
PrintAndLog("Usage: data askem410xdemod [clock] <0|1> [maxError]");
PrintAndLog(" [set clock as integer] optional, if not set, autodetect.");
PrintAndLog(" <invert>, 1 for invert output");
PrintAndLog(" [set maximum allowed errors], default = 100.");
PrintAndLog("");
PrintAndLog(" sample: data askem410xdemod = demod an EM410x Tag ID from GraphBuffer");
PrintAndLog(" : data askem410xdemod 32 = demod an EM410x Tag ID from GraphBuffer using a clock of RF/32");
PrintAndLog(" : data askem410xdemod 32 1 = demod an EM410x Tag ID from GraphBuffer using a clock of RF/32 and inverting data");
PrintAndLog(" : data askem410xdemod 1 = demod an EM410x Tag ID from GraphBuffer while inverting data");
PrintAndLog(" : data askem410xdemod 64 1 0 = demod an EM410x Tag ID from GraphBuffer using a clock of RF/64 and inverting data and allowing 0 demod errors");
return 0;
}
uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
sscanf(Cmd, "%i %i %i", &clk, &invert, &maxErr);
if (invert != 0 && invert != 1) {
PrintAndLog("Invalid argument: %s", Cmd);
return 0;
}
size_t BitLen = getFromGraphBuf(BitStream);
if (g_debugMode==1) PrintAndLog("DEBUG: Bitlen from grphbuff: %d",BitLen);
if (BitLen==0) return 0;
int errCnt=0;
errCnt = askmandemod(BitStream, &BitLen, &clk, &invert, maxErr);
if (errCnt<0||BitLen<16){ //if fatal error (or -1)
if (g_debugMode==1) PrintAndLog("no data found %d, errors:%d, bitlen:%d, clock:%d",errCnt,invert,BitLen,clk);
return 0;
}
PrintAndLog("\nUsing Clock: %d - Invert: %d - Bits Found: %d",clk,invert,BitLen);
//output
if (errCnt>0){
PrintAndLog("# Errors during Demoding (shown as 77 in bit stream): %d",errCnt);
}
//PrintAndLog("ASK/Manchester decoded bitstream:");
// Now output the bitstream to the scrollback by line of 16 bits
setDemodBuf(BitStream,BitLen,0);
//printDemodBuff();
uint64_t lo =0;
size_t idx=0;
lo = Em410xDecode(BitStream, &BitLen, &idx);
if (lo>0){
//set GraphBuffer for clone or sim command
setDemodBuf(BitStream, BitLen, idx);
if (g_debugMode){
PrintAndLog("DEBUG: Printing demod buffer:");
PrintAndLog("DEBUG: idx: %d, Len: %d, Printing Demod Buffer:", idx, BitLen);
printDemodBuff();
}
printEM410x(id);
PrintAndLog("EM410x pattern found: ");
printEM410x(lo);
return 1;
}
return 0;
}
//by marshmellow
//takes 2 arguments - clock and invert both as integers
//takes 3 arguments - clock, invert, maxErr as integers
//attempts to demodulate ask while decoding manchester
//prints binary found and saves in graphbuffer for further commands
int Cmdaskmandemod(const char *Cmd)
{
int invert=0;
int clk=0;
int maxErr=100;
char cmdp = param_getchar(Cmd, 0);
if (strlen(Cmd) > 10 || cmdp == 'h' || cmdp == 'H') {
PrintAndLog("Usage: data askmandemod [clock] <0|1> [maxError]");
PrintAndLog(" [set clock as integer] optional, if not set, autodetect.");
PrintAndLog(" <invert>, 1 for invert output");
PrintAndLog(" [set maximum allowed errors], default = 100.");
PrintAndLog("");
PrintAndLog(" sample: data askmandemod = demod an ask/manchester tag from GraphBuffer");
PrintAndLog(" : data askmandemod 32 = demod an ask/manchester tag from GraphBuffer using a clock of RF/32");
PrintAndLog(" : data askmandemod 32 1 = demod an ask/manchester tag from GraphBuffer using a clock of RF/32 and inverting data");
PrintAndLog(" : data askmandemod 1 = demod an ask/manchester tag from GraphBuffer while inverting data");
PrintAndLog(" : data askmandemod 64 1 0 = demod an ask/manchester tag from GraphBuffer using a clock of RF/64, inverting data and allowing 0 demod errors");
return 0;
}
uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
sscanf(Cmd, "%i %i", &clk, &invert);
sscanf(Cmd, "%i %i %i", &clk, &invert, &maxErr);
if (invert != 0 && invert != 1) {
PrintAndLog("Invalid argument: %s", Cmd);
return 0;
}
if (clk==1){
invert=1;
clk=0;
}
size_t BitLen = getFromGraphBuf(BitStream);
if (g_debugMode==1) PrintAndLog("DEBUG: Bitlen from grphbuff: %d",BitLen);
if (BitLen==0) return 0;
int errCnt=0;
errCnt = askmandemod(BitStream, &BitLen,&clk,&invert);
errCnt = askmandemod(BitStream, &BitLen, &clk, &invert, maxErr);
if (errCnt<0||BitLen<16){ //if fatal error (or -1)
if (g_debugMode==1) PrintAndLog("no data found %d, errors:%d, bitlen:%d, clock:%d",errCnt,invert,BitLen,clk);
return 0;
@ -321,7 +390,7 @@ int Cmdaskmandemod(const char *Cmd)
printEM410x(lo);
return 1;
}
return 0;
return 1;
}
//by marshmellow
@ -332,6 +401,17 @@ int Cmdmandecoderaw(const char *Cmd)
int i =0;
int errCnt=0;
size_t size=0;
size_t maxErr = 20;
char cmdp = param_getchar(Cmd, 0);
if (strlen(Cmd) > 1 || cmdp == 'h' || cmdp == 'H') {
PrintAndLog("Usage: data manrawdecode");
PrintAndLog(" Takes 10 and 01 and converts to 0 and 1 respectively");
PrintAndLog(" --must have binary sequence in demodbuffer (run data askrawdemod first)");
PrintAndLog("");
PrintAndLog(" sample: data manrawdecode = decode manchester bitstream from the demodbuffer");
return 0;
}
if (DemodBufferLen==0) return 0;
uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
int high=0,low=0;
for (;i<DemodBufferLen;++i){
@ -345,7 +425,7 @@ int Cmdmandecoderaw(const char *Cmd)
}
size=i;
errCnt=manrawdecode(BitStream, &size);
if (errCnt>=20){
if (errCnt>=maxErr){
PrintAndLog("Too many errors: %d",errCnt);
return 0;
}
@ -383,7 +463,21 @@ int CmdBiphaseDecodeRaw(const char *Cmd)
int offset=0;
int invert=0;
int high=0, low=0;
char cmdp = param_getchar(Cmd, 0);
if (strlen(Cmd) > 3 || cmdp == 'h' || cmdp == 'H') {
PrintAndLog("Usage: data biphaserawdecode [offset] <invert>");
PrintAndLog(" Converts 10 or 01 to 0 and 11 or 00 to 1");
PrintAndLog(" --must have binary sequence in demodbuffer (run data askrawdemod first)");
PrintAndLog("");
PrintAndLog(" [offset <0|1>], set to 0 not to adjust start position or to 1 to adjust decode start position");
PrintAndLog(" [invert <0|1>], set to 1 to invert output");
PrintAndLog("");
PrintAndLog(" sample: data biphaserawdecode = decode biphase bitstream from the demodbuffer");
PrintAndLog(" sample: data biphaserawdecode 1 1 = decode biphase bitstream from the demodbuffer, set offset, and invert output");
return 0;
}
sscanf(Cmd, "%i %i", &offset, &invert);
if (DemodBufferLen==0) return 0;
uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
//get graphbuffer & high and low
for (;i<DemodBufferLen;++i){
@ -408,22 +502,48 @@ int CmdBiphaseDecodeRaw(const char *Cmd)
}
//by marshmellow
//takes 2 arguments - clock and invert both as integers
//takes 4 arguments - clock, invert, maxErr as integers and amplify as char
//attempts to demodulate ask only
//prints binary found and saves in graphbuffer for further commands
int Cmdaskrawdemod(const char *Cmd)
{
int invert=0;
int clk=0;
int maxErr=100;
uint8_t askAmp = 0;
char amp = param_getchar(Cmd, 0);
char cmdp = param_getchar(Cmd, 0);
if (strlen(Cmd) > 12 || cmdp == 'h' || cmdp == 'H') {
PrintAndLog("Usage: data askrawdemod [clock] <invert> [maxError] [amplify]");
PrintAndLog(" [set clock as integer] optional, if not set, autodetect");
PrintAndLog(" <invert>, 1 to invert output");
PrintAndLog(" [set maximum allowed errors], default = 100");
PrintAndLog(" <amplify>, 'a' to attempt demod with ask amplification, default = no amp");
PrintAndLog("");
PrintAndLog(" sample: data askrawdemod = demod an ask tag from GraphBuffer");
PrintAndLog(" : data askrawdemod a = demod an ask tag from GraphBuffer, amplified");
PrintAndLog(" : data askrawdemod 32 = demod an ask tag from GraphBuffer using a clock of RF/32");
PrintAndLog(" : data askrawdemod 32 1 = demod an ask tag from GraphBuffer using a clock of RF/32 and inverting data");
PrintAndLog(" : data askrawdemod 1 = demod an ask tag from GraphBuffer while inverting data");
PrintAndLog(" : data askrawdemod 64 1 0 = demod an ask tag from GraphBuffer using a clock of RF/64, inverting data and allowing 0 demod errors");
PrintAndLog(" : data askrawdemod 64 1 0 a = demod an ask tag from GraphBuffer using a clock of RF/64, inverting data and allowing 0 demod errors, and amp");
return 0;
}
uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
sscanf(Cmd, "%i %i", &clk, &invert);
sscanf(Cmd, "%i %i %i %c", &clk, &invert, &maxErr, &amp);
if (invert != 0 && invert != 1) {
PrintAndLog("Invalid argument: %s", Cmd);
return 0;
}
if (clk==1){
invert=1;
clk=0;
}
if (amp == 'a' || amp == 'A') askAmp=1;
size_t BitLen = getFromGraphBuf(BitStream);
if (BitLen==0) return 0;
int errCnt=0;
errCnt = askrawdemod(BitStream, &BitLen,&clk,&invert);
errCnt = askrawdemod(BitStream, &BitLen, &clk, &invert, maxErr, askAmp);
if (errCnt==-1||BitLen<16){ //throw away static - allow 1 and -1 (in case of threshold command first)
PrintAndLog("no data found");
if (g_debugMode==1) PrintAndLog("errCnt: %d, BitLen: %d, clk: %d, invert: %d", errCnt, BitLen, clk, invert);
@ -522,7 +642,7 @@ int CmdBitstream(const char *Cmd)
}
/* Get our clock */
clock = GetClock(Cmd, high, 1);
clock = GetAskClock(Cmd, high, 1);
gtl = ClearGraph(0);
bit = 0;
@ -636,20 +756,70 @@ int CmdGraphShiftZero(const char *Cmd)
return 0;
}
//by marshmellow
//use large jumps in read samples to identify edges of waves and then amplify that wave to max
//similar to dirtheshold, threshold, and askdemod commands
//takes a threshold length which is the measured length between two samples then determines an edge
int CmdAskEdgeDetect(const char *Cmd)
{
int thresLen = 25;
sscanf(Cmd, "%i", &thresLen);
int shift = 127;
int shiftedVal=0;
for(int i = 1; i<GraphTraceLen; i++){
if (GraphBuffer[i]-GraphBuffer[i-1]>=thresLen) //large jump up
shift=127;
else if(GraphBuffer[i]-GraphBuffer[i-1]<=-1*thresLen) //large jump down
shift=-127;
shiftedVal=GraphBuffer[i]+shift;
if (shiftedVal>127)
shiftedVal=127;
else if (shiftedVal<-127)
shiftedVal=-127;
GraphBuffer[i-1] = shiftedVal;
}
RepaintGraphWindow();
//CmdNorm("");
return 0;
}
/* Print our clock rate */
// uses data from graphbuffer
// adjusted to take char parameter for type of modulation to find the clock - by marshmellow.
int CmdDetectClockRate(const char *Cmd)
{
GetClock("",0,0);
//int clock = DetectASKClock(0);
//PrintAndLog("Auto-detected clock rate: %d", clock);
return 0;
char cmdp = param_getchar(Cmd, 0);
if (strlen(Cmd) > 3 || strlen(Cmd) == 0 || cmdp == 'h' || cmdp == 'H') {
PrintAndLog("Usage: data detectclock [modulation]");
PrintAndLog(" [modulation as char], specify the modulation type you want to detect the clock of");
PrintAndLog(" 'a' = ask, 'f' = fsk, 'n' = nrz/direct, 'p' = psk");
PrintAndLog("");
PrintAndLog(" sample: data detectclock a = detect the clock of an ask modulated wave in the GraphBuffer");
PrintAndLog(" data detectclock f = detect the clock of an fsk modulated wave in the GraphBuffer");
PrintAndLog(" data detectclock p = detect the clock of an psk modulated wave in the GraphBuffer");
PrintAndLog(" data detectclock n = detect the clock of an nrz/direct modulated wave in the GraphBuffer");
}
int ans=0;
if (cmdp == 'a'){
ans = GetAskClock("", true, false);
} else if (cmdp == 'f'){
ans = GetFskClock("", true, false);
} else if (cmdp == 'n'){
ans = GetNrzClock("", true, false);
} else if (cmdp == 'p'){
ans = GetPskClock("", true, false);
} else {
PrintAndLog ("Please specify a valid modulation to detect the clock of - see option h for help");
}
return ans;
}
//by marshmellow
//fsk raw demod and print binary
//takes 4 arguments - Clock, invert, rchigh, rclow
//defaults: clock = 50, invert=0, rchigh=10, rclow=8 (RF/10 RF/8 (fsk2a))
//takes 4 arguments - Clock, invert, fchigh, fclow
//defaults: clock = 50, invert=1, fchigh=10, fclow=8 (RF/10 RF/8 (fsk2a))
int CmdFSKrawdemod(const char *Cmd)
{
//raw fsk demod no manchester decoding no start bit finding just get binary from wave
@ -658,6 +828,23 @@ int CmdFSKrawdemod(const char *Cmd)
int invert=0;
int fchigh=0;
int fclow=0;
char cmdp = param_getchar(Cmd, 0);
if (strlen(Cmd) > 10 || cmdp == 'h' || cmdp == 'H') {
PrintAndLog("Usage: data fskrawdemod [clock] <invert> [fchigh] [fclow]");
PrintAndLog(" [set clock as integer] optional, omit for autodetect.");
PrintAndLog(" <invert>, 1 for invert output, can be used even if the clock is omitted");
PrintAndLog(" [fchigh], larger field clock length, omit for autodetect");
PrintAndLog(" [fclow], small field clock length, omit for autodetect");
PrintAndLog("");
PrintAndLog(" sample: data fskrawdemod = demod an fsk tag from GraphBuffer using autodetect");
PrintAndLog(" : data fskrawdemod 32 = demod an fsk tag from GraphBuffer using a clock of RF/32, autodetect fc");
PrintAndLog(" : data fskrawdemod 1 = demod an fsk tag from GraphBuffer using autodetect, invert output");
PrintAndLog(" : data fskrawdemod 32 1 = demod an fsk tag from GraphBuffer using a clock of RF/32, invert output, autodetect fc");
PrintAndLog(" : data fskrawdemod 64 0 8 5 = demod an fsk1 RF/64 tag from GraphBuffer");
PrintAndLog(" : data fskrawdemod 50 0 10 8 = demod an fsk2 RF/50 tag from GraphBuffer");
PrintAndLog(" : data fskrawdemod 50 1 10 8 = demod an fsk2a RF/50 tag from GraphBuffer");
return 0;
}
//set options from parameters entered with the command
sscanf(Cmd, "%i %i %i %i", &rfLen, &invert, &fchigh, &fclow);
@ -670,10 +857,12 @@ int CmdFSKrawdemod(const char *Cmd)
uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
size_t BitLen = getFromGraphBuf(BitStream);
if (BitLen==0) return 0;
//get field clock lengths
uint16_t fcs=0;
uint8_t dummy=0;
if (fchigh==0 || fclow == 0){
fcs=countFC(BitStream, BitLen);
fcs=countFC(BitStream, BitLen, &dummy);
if (fcs==0){
fchigh=10;
fclow=8;
@ -696,6 +885,7 @@ int CmdFSKrawdemod(const char *Cmd)
// Now output the bitstream to the scrollback by line of 16 bits
if(size > (8*32)+2) size = (8*32)+2; //only output a max of 8 blocks of 32 bits most tags will have full bit stream inside that sample size
printBitStream(BitStream,size);
return 1;
} else{
PrintAndLog("no FSK data found");
}
@ -712,6 +902,7 @@ int CmdFSKdemodHID(const char *Cmd)
uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
size_t BitLen = getFromGraphBuf(BitStream);
if (BitLen==0) return 0;
//get binary from fsk wave
int idx = HIDdemodFSK(BitStream,&BitLen,&hi2,&hi,&lo);
if (idx<0){
@ -797,6 +988,7 @@ int CmdFSKdemodParadox(const char *Cmd)
uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
size_t BitLen = getFromGraphBuf(BitStream);
if (BitLen==0) return 0;
//get binary from fsk wave
int idx = ParadoxdemodFSK(BitStream,&BitLen,&hi2,&hi,&lo);
if (idx<0){
@ -832,7 +1024,6 @@ int CmdFSKdemodParadox(const char *Cmd)
return 1;
}
//by marshmellow
//IO-Prox demod - FSK RF/64 with preamble of 000000001
//print ioprox ID and some format details
@ -848,6 +1039,7 @@ int CmdFSKdemodIO(const char *Cmd)
}
uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
size_t BitLen = getFromGraphBuf(BitStream);
if (BitLen==0) return 0;
//get binary from fsk wave
idx = IOdemodFSK(BitStream,BitLen);
@ -911,7 +1103,6 @@ int CmdFSKdemodIO(const char *Cmd)
return 1;
}
//by marshmellow
//AWID Prox demod - FSK RF/50 with preamble of 00000001 (always a 96 bit data stream)
//print full AWID Prox ID and some bit format details if found
@ -924,6 +1115,7 @@ int CmdFSKdemodAWID(const char *Cmd)
//raw fsk demod no manchester decoding no start bit finding just get binary from wave
uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
size_t size = getFromGraphBuf(BitStream);
if (size==0) return 0;
//get binary from fsk wave
int idx = AWIDdemodFSK(BitStream, &size);
@ -935,8 +1127,6 @@ int CmdFSKdemodAWID(const char *Cmd)
PrintAndLog("DEBUG: Error - only noise found");
else if (idx == -3)
PrintAndLog("DEBUG: Error - problem during FSK demod");
// else if (idx == -3)
// PrintAndLog("Error: thought we had a tag but the parity failed");
else if (idx == -4)
PrintAndLog("DEBUG: Error - AWID preamble not found");
else if (idx == -5)
@ -1023,6 +1213,7 @@ int CmdFSKdemodPyramid(const char *Cmd)
//raw fsk demod no manchester decoding no start bit finding just get binary from wave
uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
size_t size = getFromGraphBuf(BitStream);
if (size==0) return 0;
//get binary from fsk wave
int idx = PyramiddemodFSK(BitStream, &size);
@ -1257,64 +1448,40 @@ int CmdFSKdemod(const char *Cmd) //old CmdFSKdemod needs updating
}
//by marshmellow
//attempt to detect the field clock and bit clock for FSK
int CmdFSKfcDetect(const char *Cmd)
{
uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
size_t size = getFromGraphBuf(BitStream);
uint16_t ans = countFC(BitStream, size);
if (ans==0) {
if (g_debugMode) PrintAndLog("DEBUG: No data found");
return 0;
}
uint8_t fc1, fc2;
fc1 = (ans >> 8) & 0xFF;
fc2 = ans & 0xFF;
uint8_t rf1 = detectFSKClk(BitStream, size, fc1, fc2);
if (rf1==0) {
if (g_debugMode) PrintAndLog("DEBUG: Clock detect error");
return 0;
}
PrintAndLog("Detected Field Clocks: FC/%d, FC/%d - Bit Clock: RF/%d", fc1, fc2, rf1);
return 1;
}
//by marshmellow
//attempt to detect the bit clock for PSK or NRZ modulations
int CmdDetectNRZpskClockRate(const char *Cmd)
{
GetNRZpskClock("",0,0);
return 0;
}
//by marshmellow
//attempt to psk1 or nrz demod graph buffer
//NOTE CURRENTLY RELIES ON PEAKS :(
int PSKnrzDemod(const char *Cmd, uint8_t verbose)
//attempt to psk1 demod graph buffer
int PSKDemod(const char *Cmd, uint8_t verbose)
{
int invert=0;
int clk=0;
sscanf(Cmd, "%i %i", &clk, &invert);
int maxErr=100;
sscanf(Cmd, "%i %i %i", &clk, &invert, &maxErr);
if (clk==1){
invert=1;
clk=0;
}
if (invert != 0 && invert != 1) {
PrintAndLog("Invalid argument: %s", Cmd);
return -1;
}
uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
size_t BitLen = getFromGraphBuf(BitStream);
if (BitLen==0) return 0;
int errCnt=0;
errCnt = pskNRZrawDemod(BitStream, &BitLen,&clk,&invert);
errCnt = pskRawDemod(BitStream, &BitLen,&clk,&invert);
if (errCnt > maxErr){
if (g_debugMode==1) PrintAndLog("Too many errors found, clk: %d, invert: %d, numbits: %d, errCnt: %d",clk,invert,BitLen,errCnt);
return -1;
}
if (errCnt<0|| BitLen<16){ //throw away static - allow 1 and -1 (in case of threshold command first)
if (g_debugMode==1) PrintAndLog("no data found, clk: %d, invert: %d, numbits: %d, errCnt: %d",clk,invert,BitLen,errCnt);
return -1;
}
if (verbose) PrintAndLog("Tried PSK/NRZ Demod using Clock: %d - invert: %d - Bits Found: %d",clk,invert,BitLen);
if (verbose) PrintAndLog("Tried PSK Demod using Clock: %d - invert: %d - Bits Found: %d",clk,invert,BitLen);
//prime demod buffer for output
setDemodBuf(BitStream,BitLen,0);
return errCnt;
}
// Indala 26 bit decode
// by marshmellow
// optional arguments - same as CmdpskNRZrawDemod (clock & invert)
@ -1322,9 +1489,9 @@ int CmdIndalaDecode(const char *Cmd)
{
int ans;
if (strlen(Cmd)>0){
ans = PSKnrzDemod(Cmd, 0);
ans = PSKDemod(Cmd, 0);
} else{ //default to RF/32
ans = PSKnrzDemod("32", 0);
ans = PSKDemod("32", 0);
}
if (ans < 0){
@ -1397,53 +1564,123 @@ int CmdIndalaDecode(const char *Cmd)
}
// by marshmellow
//attempt to clean psk wave noise after a peak
//NOTE RELIES ON PEAKS :(
int CmdPskClean(const char *Cmd)
// takes 3 arguments - clock, invert, maxErr as integers
// attempts to demodulate nrz only
// prints binary found and saves in demodbuffer for further commands
int CmdNRZrawDemod(const char *Cmd)
{
uint8_t bitStream[MAX_GRAPH_TRACE_LEN]={0};
size_t bitLen = getFromGraphBuf(bitStream);
pskCleanWave(bitStream, bitLen);
setGraphBuf(bitStream, bitLen);
int invert=0;
int clk=0;
int maxErr=100;
char cmdp = param_getchar(Cmd, 0);
if (strlen(Cmd) > 10 || cmdp == 'h' || cmdp == 'H') {
PrintAndLog("Usage: data nrzrawdemod [clock] <0|1> [maxError]");
PrintAndLog(" [set clock as integer] optional, if not set, autodetect.");
PrintAndLog(" <invert>, 1 for invert output");
PrintAndLog(" [set maximum allowed errors], default = 100.");
PrintAndLog("");
PrintAndLog(" sample: data nrzrawdemod = demod a nrz/direct tag from GraphBuffer");
PrintAndLog(" : data nrzrawdemod 32 = demod a nrz/direct tag from GraphBuffer using a clock of RF/32");
PrintAndLog(" : data nrzrawdemod 32 1 = demod a nrz/direct tag from GraphBuffer using a clock of RF/32 and inverting data");
PrintAndLog(" : data nrzrawdemod 1 = demod a nrz/direct tag from GraphBuffer while inverting data");
PrintAndLog(" : data nrzrawdemod 64 1 0 = demod a nrz/direct tag from GraphBuffer using a clock of RF/64, inverting data and allowing 0 demod errors");
return 0;
}
sscanf(Cmd, "%i %i %i", &clk, &invert, &maxErr);
if (clk==1){
invert=1;
clk=0;
}
if (invert != 0 && invert != 1) {
PrintAndLog("Invalid argument: %s", Cmd);
return 0;
}
uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
size_t BitLen = getFromGraphBuf(BitStream);
if (BitLen==0) return 0;
int errCnt=0;
errCnt = nrzRawDemod(BitStream, &BitLen, &clk, &invert, maxErr);
if (errCnt > maxErr){
if (g_debugMode==1) PrintAndLog("Too many errors found, clk: %d, invert: %d, numbits: %d, errCnt: %d",clk,invert,BitLen,errCnt);
return 0;
}
if (errCnt<0|| BitLen<16){ //throw away static - allow 1 and -1 (in case of threshold command first)
if (g_debugMode==1) PrintAndLog("no data found, clk: %d, invert: %d, numbits: %d, errCnt: %d",clk,invert,BitLen,errCnt);
return 0;
}
PrintAndLog("Tried NRZ Demod using Clock: %d - invert: %d - Bits Found: %d",clk,invert,BitLen);
//prime demod buffer for output
setDemodBuf(BitStream,BitLen,0);
if (errCnt>0){
PrintAndLog("# Errors during Demoding (shown as 77 in bit stream): %d",errCnt);
}else{
}
PrintAndLog("NRZ demoded bitstream:");
// Now output the bitstream to the scrollback by line of 16 bits
printDemodBuff();
return 1;
}
// by marshmellow
// takes 2 arguments - clock and invert both as integers
// takes 3 arguments - clock, invert, maxErr as integers
// attempts to demodulate psk only
// prints binary found and saves in demodbuffer for further commands
int CmdpskNRZrawDemod(const char *Cmd)
int CmdPSK1rawDemod(const char *Cmd)
{
int errCnt;
errCnt = PSKnrzDemod(Cmd, 1);
char cmdp = param_getchar(Cmd, 0);
if (strlen(Cmd) > 10 || cmdp == 'h' || cmdp == 'H') {
PrintAndLog("Usage: data psk1rawdemod [clock] <0|1> [maxError]");
PrintAndLog(" [set clock as integer] optional, if not set, autodetect.");
PrintAndLog(" <invert>, 1 for invert output");
PrintAndLog(" [set maximum allowed errors], default = 100.");
PrintAndLog("");
PrintAndLog(" sample: data psk1rawdemod = demod a psk1 tag from GraphBuffer");
PrintAndLog(" : data psk1rawdemod 32 = demod a psk1 tag from GraphBuffer using a clock of RF/32");
PrintAndLog(" : data psk1rawdemod 32 1 = demod a psk1 tag from GraphBuffer using a clock of RF/32 and inverting data");
PrintAndLog(" : data psk1rawdemod 1 = demod a psk1 tag from GraphBuffer while inverting data");
PrintAndLog(" : data psk1rawdemod 64 1 0 = demod a psk1 tag from GraphBuffer using a clock of RF/64, inverting data and allowing 0 demod errors");
return 0;
}
errCnt = PSKDemod(Cmd, 1);
//output
if (errCnt<0){
if (g_debugMode) PrintAndLog("Error demoding: %d",errCnt);
return 0;
}
if (errCnt>0){
if (g_debugMode){
PrintAndLog("# Errors during Demoding (shown as 77 in bit stream): %d",errCnt);
PrintAndLog("PSK or NRZ demoded bitstream:");
// Now output the bitstream to the scrollback by line of 16 bits
printDemodBuff();
}
}else{
PrintAndLog("PSK or NRZ demoded bitstream:");
}
PrintAndLog("PSK demoded bitstream:");
// Now output the bitstream to the scrollback by line of 16 bits
printDemodBuff();
return 1;
}
return 0;
}
// by marshmellow
// takes same args as cmdpsknrzrawdemod
int CmdPSK2rawDemod(const char *Cmd)
{
int errCnt=0;
errCnt=PSKnrzDemod(Cmd, 1);
char cmdp = param_getchar(Cmd, 0);
if (strlen(Cmd) > 10 || cmdp == 'h' || cmdp == 'H') {
PrintAndLog("Usage: data psk2rawdemod [clock] <0|1> [maxError]");
PrintAndLog(" [set clock as integer] optional, if not set, autodetect.");
PrintAndLog(" <invert>, 1 for invert output");
PrintAndLog(" [set maximum allowed errors], default = 100.");
PrintAndLog("");
PrintAndLog(" sample: data psk2rawdemod = demod a psk2 tag from GraphBuffer, autodetect clock");
PrintAndLog(" : data psk2rawdemod 32 = demod a psk2 tag from GraphBuffer using a clock of RF/32");
PrintAndLog(" : data psk2rawdemod 32 1 = demod a psk2 tag from GraphBuffer using a clock of RF/32 and inverting output");
PrintAndLog(" : data psk2rawdemod 1 = demod a psk2 tag from GraphBuffer, autodetect clock and invert output");
PrintAndLog(" : data psk2rawdemod 64 1 0 = demod a psk2 tag from GraphBuffer using a clock of RF/64, inverting output and allowing 0 demod errors");
return 0;
}
errCnt=PSKDemod(Cmd, 1);
if (errCnt<0){
if (g_debugMode) PrintAndLog("Error demoding: %d",errCnt);
return 0;
@ -1643,23 +1880,30 @@ int CmdTuneSamples(const char *Cmd)
PrintAndLog("# LF antenna: %5.2f V @ 134.00 kHz", vLf134/1000.0);
PrintAndLog("# LF optimal: %5.2f V @%9.2f kHz", peakv/1000.0, 12000.0/(peakf+1));
PrintAndLog("# HF antenna: %5.2f V @ 13.56 MHz", vHf/1000.0);
if (peakv<2000)
#define LF_UNUSABLE_V 2948 // was 2000. Changed due to bugfix in voltage measurements. LF results are now 47% higher.
#define LF_MARGINAL_V 14739 // was 10000. Changed due to bugfix bug in voltage measurements. LF results are now 47% higher.
#define HF_UNUSABLE_V 3167 // was 2000. Changed due to bugfix in voltage measurements. HF results are now 58% higher.
#define HF_MARGINAL_V 7917 // was 5000. Changed due to bugfix in voltage measurements. HF results are now 58% higher.
if (peakv < LF_UNUSABLE_V)
PrintAndLog("# Your LF antenna is unusable.");
else if (peakv<10000)
else if (peakv < LF_MARGINAL_V)
PrintAndLog("# Your LF antenna is marginal.");
if (vHf<2000)
if (vHf < HF_UNUSABLE_V)
PrintAndLog("# Your HF antenna is unusable.");
else if (vHf<5000)
else if (vHf < HF_MARGINAL_V)
PrintAndLog("# Your HF antenna is marginal.");
if (peakv >= LF_UNUSABLE_V) {
for (int i = 0; i < 256; i++) {
GraphBuffer[i] = resp.d.asBytes[i] - 128;
}
PrintAndLog("Done! Divisor 89 is 134khz, 95 is 125khz.\n");
PrintAndLog("Displaying LF tuning graph. Divisor 89 is 134khz, 95 is 125khz.\n");
PrintAndLog("\n");
GraphTraceLen = 256;
ShowGraphWindow();
}
return 0;
}
@ -1772,7 +2016,7 @@ int CmdManchesterDemod(const char *Cmd)
}
/* Get our clock */
clock = GetClock(Cmd, high, 1);
clock = GetAskClock(Cmd, high, 1);
int tolerance = clock/4;
@ -1932,7 +2176,7 @@ int CmdManchesterMod(const char *Cmd)
int bit, lastbit, wave;
/* Get our clock */
clock = GetClock(Cmd, 0, 1);
clock = GetAskClock(Cmd, 0, 1);
wave = 0;
lastbit = 1;
@ -2101,7 +2345,9 @@ static command_t CommandTable[] =
{"help", CmdHelp, 1, "This help"},
{"amp", CmdAmp, 1, "Amplify peaks"},
{"askdemod", Cmdaskdemod, 1, "<0 or 1> -- Attempt to demodulate simple ASK tags"},
{"askmandemod", Cmdaskmandemod, 1, "[clock] [invert<0|1>] -- Attempt to demodulate ASK/Manchester tags and output binary (args optional)"},
{"askedgedetect", CmdAskEdgeDetect, 1, "[threshold] Adjust Graph for manual ask demod using length of sample differences to detect the edge of a wave - default = 25"},
{"askem410xdemod",CmdAskEM410xDemod, 1, "[clock] [invert<0|1>] [maxErr] -- Attempt to demodulate ASK/Manchester tags and output binary (args optional)"},
{"askmandemod", Cmdaskmandemod, 1, "[clock] [invert<0|1>] [maxErr] -- Attempt to demodulate ASK/Manchester tags and output binary (args optional)"},
{"askrawdemod", Cmdaskrawdemod, 1, "[clock] [invert<0|1>] -- Attempt to demodulate ASK tags and output bin (args optional)"},
{"autocorr", CmdAutoCorr, 1, "<window length> -- Autocorrelation over window"},
{"biphaserawdecode",CmdBiphaseDecodeRaw,1,"[offset] [invert<0|1>] Biphase decode bin stream in demod buffer (offset = 0|1 bits to shift the decode start)"},
@ -2109,10 +2355,10 @@ static command_t CommandTable[] =
{"bitstream", CmdBitstream, 1, "[clock rate] -- Convert waveform into a bitstream"},
{"buffclear", CmdBuffClear, 1, "Clear sample buffer and graph window"},
{"dec", CmdDec, 1, "Decimate samples"},
{"detectclock", CmdDetectClockRate, 1, "Detect ASK clock rate"},
{"detectclock", CmdDetectClockRate, 1, "[modulation] Detect clock rate (options: 'a','f','n','p' for ask, fsk, nrz, psk respectively)"},
{"fskdemod", CmdFSKdemod, 1, "Demodulate graph window as a HID FSK"},
{"fskawiddemod", CmdFSKdemodAWID, 1, "Demodulate graph window as an AWID FSK tag using raw"},
{"fskfcdetect", CmdFSKfcDetect, 1, "Try to detect the Field Clock of an FSK wave"},
//{"fskfcdetect", CmdFSKfcDetect, 1, "Try to detect the Field Clock of an FSK wave"},
{"fskhiddemod", CmdFSKdemodHID, 1, "Demodulate graph window as a HID FSK tag using raw"},
{"fskiodemod", CmdFSKdemodIO, 1, "Demodulate graph window as an IO Prox tag FSK using raw"},
{"fskpyramiddemod",CmdFSKdemodPyramid,1, "Demodulate graph window as a Pyramid FSK tag using raw"},
@ -2129,12 +2375,13 @@ static command_t CommandTable[] =
{"manrawdecode", Cmdmandecoderaw, 1, "Manchester decode binary stream already in graph buffer"},
{"manmod", CmdManchesterMod, 1, "[clock rate] -- Manchester modulate a binary stream"},
{"norm", CmdNorm, 1, "Normalize max/min to +/-128"},
//{"nrzdetectclock",CmdDetectNRZClockRate, 1, "Detect ASK, PSK, or NRZ clock rate"},
{"nrzrawdemod", CmdNRZrawDemod, 1, "[clock] [invert<0|1>] [maxErr] -- Attempt to demodulate nrz tags and output binary (args optional)"},
{"plot", CmdPlot, 1, "Show graph window (hit 'h' in window for keystroke help)"},
{"pskclean", CmdPskClean, 1, "Attempt to clean psk wave"},
{"pskdetectclock",CmdDetectNRZpskClockRate, 1, "Detect ASK, PSK, or NRZ clock rate"},
//{"pskdetectclock",CmdDetectPSKClockRate, 1, "Detect ASK, PSK, or NRZ clock rate"},
{"pskindalademod",CmdIndalaDecode, 1, "[clock] [invert<0|1>] -- Attempt to demodulate psk1 indala tags and output ID binary & hex (args optional)"},
{"psk1nrzrawdemod",CmdpskNRZrawDemod, 1, "[clock] [invert<0|1>] -- Attempt to demodulate psk1 or nrz tags and output binary (args optional)"},
{"psk2rawdemod", CmdPSK2rawDemod, 1, "[clock] [invert<0|1>] -- Attempt to demodulate psk2 tags and output binary (args optional)"},
{"psk1rawdemod", CmdPSK1rawDemod, 1, "[clock] [invert<0|1>] [maxErr] -- Attempt to demodulate psk1 tags and output binary (args optional)"},
{"psk2rawdemod", CmdPSK2rawDemod, 1, "[clock] [invert<0|1>] [maxErr] -- Attempt to demodulate psk2 tags and output binary (args optional)"},
{"samples", CmdSamples, 0, "[512 - 40000] -- Get raw samples for graph window"},
{"save", CmdSave, 1, "<filename> -- Save trace (from graph window)"},
{"scale", CmdScale, 1, "<int> -- Set cursor display scale"},

6
client/cmddata.h
View file

@ -19,6 +19,7 @@ void printDemodBuff();
void printBitStream(uint8_t BitStream[], uint32_t bitLen);
int CmdAmp(const char *Cmd);
int Cmdaskdemod(const char *Cmd);
int CmdAskEM410xDemod(const char *Cmd);
int Cmdaskrawdemod(const char *Cmd);
int Cmdaskmandemod(const char *Cmd);
int CmdAutoCorr(const char *Cmd);
@ -35,8 +36,8 @@ int CmdFSKdemodIO(const char *Cmd);
int CmdFSKdemodParadox(const char *Cmd);
int CmdFSKdemodPyramid(const char *Cmd);
int CmdFSKrawdemod(const char *Cmd);
int CmdDetectNRZpskClockRate(const char *Cmd);
int CmdpskNRZrawDemod(const char *Cmd);
int CmdPSK1rawDemod(const char *Cmd);
int CmdPSK2rawDemod(const char *Cmd);
int CmdGrid(const char *Cmd);
int CmdHexsamples(const char *Cmd);
int CmdHide(const char *Cmd);
@ -48,6 +49,7 @@ int Cmdmandecoderaw(const char *Cmd);
int CmdManchesterDemod(const char *Cmd);
int CmdManchesterMod(const char *Cmd);
int CmdNorm(const char *Cmd);
int CmdNRZrawDemod(const char *Cmd);
int CmdPlot(const char *Cmd);
int CmdSamples(const char *Cmd);
int CmdTuneSamples(const char *Cmd);

51
client/cmdhfmf.c
View file

@ -1433,27 +1433,60 @@ int CmdHF14AMfCSetUID(const char *Cmd)
uint8_t wipeCard = 0;
uint8_t uid[8] = {0x00};
uint8_t oldUid[8] = {0x00};
uint8_t atqa[2] = {0x00};
uint8_t sak[1] = {0x00};
uint8_t atqaPresent = 1;
int res;
char ctmp;
int argi=0;
if (strlen(Cmd) < 1 || param_getchar(Cmd, 0) == 'h') {
PrintAndLog("Usage: hf mf csetuid <UID 8 hex symbols> <w>");
PrintAndLog("sample: hf mf csetuid 01020304 w");
PrintAndLog("Set UID for magic Chinese card (only works with!!!)");
PrintAndLog("If you want wipe card then add 'w' into command line. \n");
if (strlen(Cmd) < 1 || param_getchar(Cmd, argi) == 'h') {
PrintAndLog("Usage: hf mf csetuid <UID 8 hex symbols> [ATQA 4 hex symbols SAK 2 hex symbols] [w]");
PrintAndLog("sample: hf mf csetuid 01020304");
PrintAndLog("sample: hf mf csetuid 01020304 0004 08 w");
PrintAndLog("Set UID, ATQA, and SAK for magic Chinese card (only works with such cards)");
PrintAndLog("If you also want to wipe the card then add 'w' at the end of the command line.");
return 0;
}
if (param_getchar(Cmd, 0) && param_gethex(Cmd, 0, uid, 8)) {
if (param_getchar(Cmd, argi) && param_gethex(Cmd, argi, uid, 8)) {
PrintAndLog("UID must include 8 HEX symbols");
return 1;
}
argi++;
char ctmp = param_getchar(Cmd, 1);
if (ctmp == 'w' || ctmp == 'W') wipeCard = 1;
ctmp = param_getchar(Cmd, argi);
if (ctmp == 'w' || ctmp == 'W') {
wipeCard = 1;
atqaPresent = 0;
}
if (atqaPresent) {
if (param_getchar(Cmd, argi)) {
if (param_gethex(Cmd, argi, atqa, 4)) {
PrintAndLog("ATQA must include 4 HEX symbols");
return 1;
}
argi++;
if (!param_getchar(Cmd, argi) || param_gethex(Cmd, argi, sak, 2)) {
PrintAndLog("SAK must include 2 HEX symbols");
return 1;
}
argi++;
} else
atqaPresent = 0;
}
if(!wipeCard) {
ctmp = param_getchar(Cmd, argi);
if (ctmp == 'w' || ctmp == 'W') {
wipeCard = 1;
}
}
PrintAndLog("--wipe card:%s uid:%s", (wipeCard)?"YES":"NO", sprint_hex(uid, 4));
res = mfCSetUID(uid, oldUid, wipeCard);
res = mfCSetUID(uid, (atqaPresent)?atqa:NULL, (atqaPresent)?sak:NULL, oldUid, wipeCard);
if (res) {
PrintAndLog("Can't set UID. error=%d", res);
return 1;

48
client/cmdlf.c
View file

@ -663,13 +663,17 @@ int CmdLFfind(const char *Cmd)
{
int ans=0;
char cmdp = param_getchar(Cmd, 0);
if (strlen(Cmd) > 1 || cmdp == 'h' || cmdp == 'H') {
PrintAndLog("Usage: lf search <0|1>");
char testRaw = param_getchar(Cmd, 1);
if (strlen(Cmd) > 2 || cmdp == 'h' || cmdp == 'H') {
PrintAndLog("Usage: lf search <0|1> [u]");
PrintAndLog(" <use data from Graphbuffer> , if not set, try reading data from tag.");
PrintAndLog(" [Search for Unknown tags] , if not set, reads only known tags.");
PrintAndLog("");
PrintAndLog(" sample: lf search");
PrintAndLog(" : lf search 1");
PrintAndLog(" sample: lf search = try reading data from tag & search for known tags");
PrintAndLog(" : lf search 1 = use data from GraphBuffer & search for known tags");
PrintAndLog(" : lf search u = try reading data from tag & search for known and unknown tags");
PrintAndLog(" : lf search 1 u = use data from GraphBuffer & search for known and unknown tags");
return 0;
}
@ -680,8 +684,9 @@ int CmdLFfind(const char *Cmd)
PrintAndLog("Data in Graphbuffer was too small.");
return 0;
}
if (cmdp == 'u' || cmdp == 'U') testRaw = 'u';
PrintAndLog("NOTE: some demods output possible binary\n if it finds something that looks like a tag");
PrintAndLog("False Positives ARE possible\n");
PrintAndLog("\nChecking for known tags:\n");
ans=CmdFSKdemodIO("");
if (ans>0) {
@ -714,12 +719,37 @@ int CmdLFfind(const char *Cmd)
PrintAndLog("\nValid Indala ID Found!");
return 1;
}
ans=Cmdaskmandemod("");
ans=CmdAskEM410xDemod("");
if (ans>0) {
PrintAndLog("\nValid EM410x ID Found!");
return 1;
}
PrintAndLog("No Known Tags Found!\n");
PrintAndLog("\nNo Known Tags Found!\n");
if (testRaw=='u' || testRaw=='U'){
//test unknown tag formats (raw mode)
PrintAndLog("\nChecking for Unknown tags:\n");
ans=CmdDetectClockRate("f");
if (ans != 0){ //fsk
ans=CmdFSKrawdemod("");
if (ans>0) {
PrintAndLog("\nUnknown FSK Modulated Tag Found!");
return 1;
}
}
ans=Cmdaskmandemod("");
if (ans>0) {
PrintAndLog("\nUnknown ASK Modulated and Manchester encoded Tag Found!");
return 1;
}
ans=CmdPSK1rawDemod("");
if (ans>0) {
PrintAndLog("Possible unknown PSK1 Modulated Tag Found above!\n\nCould also be PSK2 - try 'data psk2rawdemod'");
PrintAndLog("\nCould also be PSK3 - [currently not supported]");
PrintAndLog("\nCould also be NRZ - try 'data nrzrawdemod");
return 1;
}
PrintAndLog("\nNo Data Found!\n");
}
return 0;
}
@ -735,7 +765,7 @@ static command_t CommandTable[] =
{"indalademod", CmdIndalaDemod, 1, "['224'] -- Demodulate samples for Indala 64 bit UID (option '224' for 224 bit)"},
{"indalaclone", CmdIndalaClone, 0, "<UID> ['l']-- Clone Indala to T55x7 (tag must be in antenna)(UID in HEX)(option 'l' for 224 UID"},
{"read", CmdLFRead, 0, "Read 125/134 kHz LF ID-only tag. Do 'lf read h' for help"},
{"search", CmdLFfind, 1, "Read and Search for valid known tag (in offline mode it you can load first then search)"},
{"search", CmdLFfind, 1, "[offline] ['u'] Read and Search for valid known tag (in offline mode it you can load first then search) - 'u' to search for unknown tags"},
{"sim", CmdLFSim, 0, "[GAP] -- Simulate LF tag from buffer with optional GAP (in microseconds)"},
{"simbidir", CmdLFSimBidir, 0, "Simulate LF tag (with bidirectional data transmission between reader and tag)"},
{"simman", CmdLFSimManchester, 0, "<Clock> <Bitstream> [GAP] Simulate arbitrary Manchester LF tag"},

2
client/cmdlfem4x.c
View file

@ -61,7 +61,7 @@ int CmdEM410xRead(const char *Cmd)
}
/* get clock */
clock = GetClock(Cmd, high, 0);
clock = GetAskClock(Cmd, false, false);
/* parity for our 4 columns */
parity[0] = parity[1] = parity[2] = parity[3] = 0;

129
client/graph.c
View file

@ -67,7 +67,6 @@ void setGraphBuf(uint8_t *buff, size_t size)
size_t getFromGraphBuf(uint8_t *buff)
{
if (buff == NULL ) return 0;
uint32_t i;
for (i=0;i<GraphTraceLen;++i){
if (GraphBuffer[i]>127) GraphBuffer[i]=127; //trim
@ -77,33 +76,6 @@ size_t getFromGraphBuf(uint8_t *buff)
return i;
}
// Get or auto-detect clock rate
int GetClock(const char *str, int peak, int verbose)
{
int clock;
sscanf(str, "%i", &clock);
if (!strcmp(str, ""))
clock = 0;
// Auto-detect clock
if (!clock)
{
uint8_t grph[MAX_GRAPH_TRACE_LEN]={0};
size_t size = getFromGraphBuf(grph);
if ( size == 0 ) {
PrintAndLog("Failed to copy from graphbuffer");
return -1;
}
clock = DetectASKClock(grph,size,0);
// Only print this message if we're not looping something
if (!verbose){
PrintAndLog("Auto-detected clock rate: %d", clock);
}
}
return clock;
}
// A simple test to see if there is any data inside Graphbuffer.
bool HasGraphData(){
@ -136,27 +108,116 @@ void DetectHighLowInGraph(int *high, int *low, bool addFuzz) {
}
}
int GetNRZpskClock(const char *str, int peak, int verbose)
// Get or auto-detect ask clock rate
int GetAskClock(const char str[], bool printAns, bool verbose)
{
int clock;
sscanf(str, "%i", &clock);
if (!strcmp(str, ""))
clock = 0;
if (clock != 0)
return clock;
// Auto-detect clock
if (!clock)
{
uint8_t grph[MAX_GRAPH_TRACE_LEN]={0};
size_t size = getFromGraphBuf(grph);
if (size == 0) {
if (verbose)
PrintAndLog("Failed to copy from graphbuffer");
return -1;
}
clock = DetectpskNRZClock(grph,size,0);
DetectASKClock(grph, size, &clock, 20);
// Only print this message if we're not looping something
if (!verbose){
if (printAns){
PrintAndLog("Auto-detected clock rate: %d", clock);
}
}
return clock;
}
int GetPskClock(const char str[], bool printAns, bool verbose)
{
int clock;
sscanf(str, "%i", &clock);
if (!strcmp(str, ""))
clock = 0;
if (clock!=0)
return clock;
// Auto-detect clock
uint8_t grph[MAX_GRAPH_TRACE_LEN]={0};
size_t size = getFromGraphBuf(grph);
if ( size == 0 ) {
if (verbose)
PrintAndLog("Failed to copy from graphbuffer");
return -1;
}
clock = DetectPSKClock(grph,size,0);
// Only print this message if we're not looping something
if (printAns){
PrintAndLog("Auto-detected clock rate: %d", clock);
}
return clock;
}
uint8_t GetNrzClock(const char str[], bool printAns, bool verbose)
{
int clock;
sscanf(str, "%i", &clock);
if (!strcmp(str, ""))
clock = 0;
if (clock!=0)
return clock;
// Auto-detect clock
uint8_t grph[MAX_GRAPH_TRACE_LEN]={0};
size_t size = getFromGraphBuf(grph);
if ( size == 0 ) {
if (verbose)
PrintAndLog("Failed to copy from graphbuffer");
return -1;
}
clock = DetectNRZClock(grph, size, 0);
// Only print this message if we're not looping something
if (printAns){
PrintAndLog("Auto-detected clock rate: %d", clock);
}
return clock;
}
//by marshmellow
//attempt to detect the field clock and bit clock for FSK
uint8_t GetFskClock(const char str[], bool printAns, bool verbose)
{
int clock;
sscanf(str, "%i", &clock);
if (!strcmp(str, ""))
clock = 0;
if (clock != 0) return (uint8_t)clock;
uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
size_t size = getFromGraphBuf(BitStream);
if (size==0) return 0;
uint8_t dummy = 0;
uint16_t ans = countFC(BitStream, size, &dummy);
if (ans==0) {
if (verbose) PrintAndLog("DEBUG: No data found");
return 0;
}
uint8_t fc1, fc2;
fc1 = (ans >> 8) & 0xFF;
fc2 = ans & 0xFF;
uint8_t rf1 = detectFSKClk(BitStream, size, fc1, fc2);
if (rf1==0) {
if (verbose) PrintAndLog("DEBUG: Clock detect error");
return 0;
}
if ((fc1==10 && fc2==8) || (fc1==8 && fc2==5)){
if (printAns) PrintAndLog("Detected Field Clocks: FC/%d, FC/%d - Bit Clock: RF/%d", fc1, fc2, rf1);
return rf1;
}
if (verbose){
PrintAndLog("DEBUG: unknown fsk field clock detected");
PrintAndLog("Detected Field Clocks: FC/%d, FC/%d - Bit Clock: RF/%d", fc1, fc2, rf1);
}
return 0;
}

6
client/graph.h
View file

@ -16,8 +16,10 @@ void AppendGraph(int redraw, int clock, int bit);
int ClearGraph(int redraw);
//int DetectClock(int peak);
size_t getFromGraphBuf(uint8_t *buff);
int GetClock(const char *str, int peak, int verbose);
int GetNRZpskClock(const char *str, int peak, int verbose);
int GetAskClock(const char str[], bool printAns, bool verbose);
int GetPskClock(const char str[], bool printAns, bool verbose);
uint8_t GetNrzClock(const char str[], bool printAns, bool verbose);
uint8_t GetFskClock(const char str[], bool printAns, bool verbose);
void setGraphBuf(uint8_t *buff, size_t size);
bool HasGraphData();

31
client/mifarehost.c
View file

@ -230,28 +230,31 @@ int mfEmlSetMem(uint8_t *data, int blockNum, int blocksCount) {
// "MAGIC" CARD
int mfCSetUID(uint8_t *uid, uint8_t *oldUID, bool wantWipe) {
int mfCSetUID(uint8_t *uid, uint8_t *atqa, uint8_t *sak, uint8_t *oldUID, bool wantWipe) {
uint8_t oldblock0[16] = {0x00};
uint8_t block0[16] = {0x00};
memcpy(block0, uid, 4);
block0[4] = block0[0]^block0[1]^block0[2]^block0[3]; // Mifare UID BCC
// mifare classic SAK(byte 5) and ATQA(byte 6 and 7)
//block0[5] = 0x08;
//block0[6] = 0x04;
//block0[7] = 0x00;
block0[5] = 0x01; //sak
block0[6] = 0x01;
block0[7] = 0x0f;
int old = mfCGetBlock(0, oldblock0, CSETBLOCK_SINGLE_OPER);
if (old == 0) {
memcpy(block0+8, oldblock0+8, 8);
PrintAndLog("block 0: %s", sprint_hex(block0,16));
memcpy(block0, oldblock0, 16);
PrintAndLog("old block 0: %s", sprint_hex(block0,16));
} else {
PrintAndLog("Couldn't get old data. Will write over the last bytes of Block 0.");
}
// fill in the new values
// UID
memcpy(block0, uid, 4);
// Mifare UID BCC
block0[4] = block0[0]^block0[1]^block0[2]^block0[3];
// mifare classic SAK(byte 5) and ATQA(byte 6 and 7, reversed)
if (sak!=NULL)
block0[5]=sak[0];
if (atqa!=NULL) {
block0[6]=atqa[1];
block0[7]=atqa[0];
}
PrintAndLog("new block 0: %s", sprint_hex(block0,16));
return mfCSetBlock(0, block0, oldUID, wantWipe, CSETBLOCK_SINGLE_OPER);
}

2
client/mifarehost.h
View file

@ -55,7 +55,7 @@ int mfCheckKeys (uint8_t blockNo, uint8_t keyType, uint8_t keycnt, uint8_t * key
int mfEmlGetMem(uint8_t *data, int blockNum, int blocksCount);
int mfEmlSetMem(uint8_t *data, int blockNum, int blocksCount);
int mfCSetUID(uint8_t *uid, uint8_t *oldUID, bool wantWipe);
int mfCSetUID(uint8_t *uid, uint8_t *atqa, uint8_t *sak, uint8_t *oldUID, bool wantWipe);
int mfCSetBlock(uint8_t blockNo, uint8_t *data, uint8_t *uid, bool wantWipe, uint8_t params);
int mfCGetBlock(uint8_t blockNo, uint8_t *data, uint8_t params);

626
common/lfdemod.c
View file

@ -120,18 +120,19 @@ uint64_t Em410xDecode(uint8_t *BitStream, size_t *size, size_t *startIdx)
}
//by marshmellow
//takes 2 arguments - clock and invert both as integers
//takes 3 arguments - clock, invert, maxErr as integers
//attempts to demodulate ask while decoding manchester
//prints binary found and saves in graphbuffer for further commands
int askmandemod(uint8_t *BinStream, size_t *size, int *clk, int *invert)
int askmandemod(uint8_t *BinStream, size_t *size, int *clk, int *invert, int maxErr)
{
int i;
int clk2=*clk;
*clk=DetectASKClock(BinStream, *size, *clk); //clock default
//int clk2=*clk;
int start = DetectASKClock(BinStream, *size, clk, 20); //clock default
if (*clk==0) return -3;
if (start < 0) return -3;
// if autodetected too low then adjust //MAY NEED ADJUSTMENT
if (clk2==0 && *clk<8) *clk =64;
if (clk2==0 && *clk<32) *clk=32;
//if (clk2==0 && *clk<8) *clk =64;
//if (clk2==0 && *clk<32) *clk=32;
if (*invert != 0 && *invert != 1) *invert=0;
uint32_t initLoopMax = 200;
if (initLoopMax > *size) initLoopMax=*size;
@ -150,9 +151,9 @@ int askmandemod(uint8_t *BinStream, size_t *size, int *clk, int *invert)
uint32_t gLen = *size;
if (gLen > 3000) gLen=3000;
uint8_t errCnt =0;
uint16_t MaxBits = 500;
uint32_t bestStart = *size;
uint32_t bestErrCnt = (*size/1000);
uint32_t maxErr = (*size/1000);
int bestErrCnt = maxErr+1;
// PrintAndLog("DEBUG - lastbit - %d",lastBit);
// loop to find first wave that works
for (iii=0; iii < gLen; ++iii){
@ -179,10 +180,10 @@ int askmandemod(uint8_t *BinStream, size_t *size, int *clk, int *invert)
if (errCnt>(maxErr)) break; //allow 1 error for every 1000 samples else start over
}
}
if ((i-iii) >(400 * *clk)) break; //got plenty of bits
if ((i-iii) >(MaxBits * *clk)) break; //got plenty of bits
}
//we got more than 64 good bits and not all errors
if ((((i-iii)/ *clk) > (64+errCnt)) && (errCnt<maxErr)) {
if ((((i-iii)/ *clk) > (64)) && (errCnt<=maxErr)) {
//possible good read
if (errCnt==0){
bestStart=iii;
@ -196,7 +197,7 @@ int askmandemod(uint8_t *BinStream, size_t *size, int *clk, int *invert)
}
}
}
if (bestErrCnt<maxErr){
if (bestErrCnt<=maxErr){
//best run is good enough set to best run and set overwrite BinStream
iii=bestStart;
lastBit = bestStart - *clk;
@ -226,7 +227,7 @@ int askmandemod(uint8_t *BinStream, size_t *size, int *clk, int *invert)
lastBit+=*clk;//skip over error
}
}
if (bitnum >=400) break;
if (bitnum >=MaxBits) break;
}
*size=bitnum;
} else{
@ -258,12 +259,14 @@ int ManchesterEncode(uint8_t *BitStream, size_t size)
//run through 2 times and take least errCnt
int manrawdecode(uint8_t * BitStream, size_t *size)
{
int bitnum=0;
int errCnt =0;
int i=1;
int bestErr = 1000;
int bestRun = 0;
int ii=1;
uint16_t bitnum=0;
uint16_t MaxBits = 500;
uint16_t errCnt = 0;
size_t i=1;
uint16_t bestErr = 1000;
uint16_t bestRun = 0;
size_t ii=1;
if (size == 0) return -1;
for (ii=1;ii<3;++ii){
i=1;
for (i=i+ii;i<*size-2;i+=2){
@ -272,7 +275,7 @@ int manrawdecode(uint8_t * BitStream, size_t *size)
} else {
errCnt++;
}
if(bitnum>300) break;
if(bitnum>MaxBits) break;
}
if (bestErr>errCnt){
bestErr=errCnt;
@ -293,7 +296,7 @@ int manrawdecode(uint8_t * BitStream, size_t *size)
BitStream[bitnum++]=77;
//errCnt++;
}
if(bitnum>300) break;
if(bitnum>MaxBits) break;
}
*size=bitnum;
}
@ -304,10 +307,12 @@ int manrawdecode(uint8_t * BitStream, size_t *size)
//take 01 or 10 = 0 and 11 or 00 = 1
int BiphaseRawDecode(uint8_t *BitStream, size_t *size, int offset, int invert)
{
uint8_t bitnum=0;
uint16_t bitnum=0;
uint32_t errCnt =0;
uint32_t i;
uint16_t MaxBits=500;
i=offset;
if (size == 0) return -1;
for (;i<*size-2; i+=2){
if((BitStream[i]==1 && BitStream[i+1]==0) || (BitStream[i]==0 && BitStream[i+1]==1)){
BitStream[bitnum++]=1^invert;
@ -317,56 +322,76 @@ int BiphaseRawDecode(uint8_t *BitStream, size_t *size, int offset, int invert)
BitStream[bitnum++]=77;
errCnt++;
}
if(bitnum>250) break;
if(bitnum>MaxBits) break;
}
*size=bitnum;
return errCnt;
}
//by marshmellow
//takes 2 arguments - clock and invert both as integers
void askAmp(uint8_t *BitStream, size_t size)
{
int shift = 127;
int shiftedVal=0;
for(int i = 1; i<size; i++){
if (BitStream[i]-BitStream[i-1]>=30) //large jump up
shift=127;
else if(BitStream[i]-BitStream[i-1]<=-20) //large jump down
shift=-127;
shiftedVal=BitStream[i]+shift;
if (shiftedVal>255)
shiftedVal=255;
else if (shiftedVal<0)
shiftedVal=0;
BitStream[i-1] = shiftedVal;
}
return;
}
//by marshmellow
//takes 3 arguments - clock, invert and maxErr as integers
//attempts to demodulate ask only
//prints binary found and saves in graphbuffer for further commands
int askrawdemod(uint8_t *BinStream, size_t *size, int *clk, int *invert)
int askrawdemod(uint8_t *BinStream, size_t *size, int *clk, int *invert, int maxErr, uint8_t amp)
{
uint32_t i;
// int invert=0; //invert default
int clk2 = *clk;
*clk=DetectASKClock(BinStream, *size, *clk); //clock default
//uint8_t BitStream[502] = {0};
//HACK: if clock not detected correctly - default
if (clk2==0 && *clk<8) *clk =64;
if (clk2==0 && *clk<32 && clk2==0) *clk=32;
if (*size==0) return -1;
int start = DetectASKClock(BinStream, *size, clk, 20); //clock default
if (*clk==0) return -1;
if (start<0) return -1;
if (*invert != 0 && *invert != 1) *invert =0;
uint32_t initLoopMax = 200;
if (initLoopMax > *size) initLoopMax=*size;
// Detect high and lows
//25% fuzz in case highs and lows aren't clipped [marshmellow]
int high, low, ans;
if (amp==1) askAmp(BinStream, *size);
ans = getHiLo(BinStream, initLoopMax, &high, &low, 75, 75);
if (ans<1) return -2; //just noise
if (ans<1) return -1; //just noise
//PrintAndLog("DEBUG - valid high: %d - valid low: %d",high,low);
int lastBit = 0; //set first clock check
uint32_t bitnum = 0; //output counter
uint8_t tol = 0; //clock tolerance adjust - waves will be accepted as within the clock
// if they fall + or - this value + clock from last valid wave
if (*clk == 32) tol=1; //clock tolerance may not be needed anymore currently set to
if (*clk == 32) tol=0; //clock tolerance may not be needed anymore currently set to
// + or - 1 but could be increased for poor waves or removed entirely
uint32_t iii = 0;
uint32_t gLen = *size;
if (gLen > 500) gLen=500;
uint8_t errCnt =0;
uint32_t bestStart = *size;
uint32_t bestErrCnt = (*size/1000);
uint32_t maxErr = bestErrCnt;
uint32_t bestErrCnt = maxErr; //(*size/1000);
uint8_t midBit=0;
uint16_t MaxBits=1000;
//PrintAndLog("DEBUG - lastbit - %d",lastBit);
//loop to find first wave that works
for (iii=0; iii < gLen; ++iii){
for (iii=start; iii < gLen; ++iii){
if ((BinStream[iii]>=high) || (BinStream[iii]<=low)){
lastBit=iii-*clk;
errCnt=0;
//loop through to see if this start location works
for (i = iii; i < *size; ++i) {
if ((BinStream[i] >= high) && ((i-lastBit)>(*clk-tol))){
@ -395,16 +420,16 @@ int askrawdemod(uint8_t *BinStream, size_t *size, int *clk, int *invert)
errCnt++;
lastBit+=*clk;//skip over until hit too many errors
if (errCnt > ((*size/1000))){ //allow 1 error for every 1000 samples else start over
errCnt=0;
if (errCnt > maxErr){
//errCnt=0;
break;
}
}
}
if ((i-iii)>(500 * *clk)) break; //got enough bits
if ((i-iii)>(MaxBits * *clk)) break; //got enough bits
}
//we got more than 64 good bits and not all errors
if ((((i-iii)/ *clk) > (64+errCnt)) && (errCnt<(*size/1000))) {
if ((((i-iii)/ *clk) > (64)) && (errCnt<=maxErr)) {
//possible good read
if (errCnt==0){
bestStart=iii;
@ -418,7 +443,7 @@ int askrawdemod(uint8_t *BinStream, size_t *size, int *clk, int *invert)
}
}
}
if (bestErrCnt<maxErr){
if (bestErrCnt<=maxErr){
//best run is good enough - set to best run and overwrite BinStream
iii = bestStart;
lastBit = bestStart - *clk;
@ -462,11 +487,10 @@ int askrawdemod(uint8_t *BinStream, size_t *size, int *clk, int *invert)
BinStream[bitnum]=77;
bitnum++;
}
lastBit+=*clk;//skip over error
}
}
if (bitnum >=400) break;
if (bitnum >= MaxBits) break;
}
*size=bitnum;
} else{
@ -744,32 +768,71 @@ int PyramiddemodFSK(uint8_t *dest, size_t *size)
return (int)startIdx;
}
uint8_t DetectCleanAskWave(uint8_t dest[], size_t size, int high, int low)
{
uint8_t allPeaks=1;
uint16_t cntPeaks=0;
for (size_t i=20; i<255; i++){
if (dest[i]>low && dest[i]<high)
allPeaks=0;
else
cntPeaks++;
}
if (allPeaks==0){
if (cntPeaks>190) return 1;
}
return allPeaks;
}
// by marshmellow
// not perfect especially with lower clocks or VERY good antennas (heavy wave clipping)
// maybe somehow adjust peak trimming value based on samples to fix?
int DetectASKClock(uint8_t dest[], size_t size, int clock)
// return start index of best starting position for that clock and return clock (by reference)
int DetectASKClock(uint8_t dest[], size_t size, int *clock, int maxErr)
{
int i=0;
int clk[]={8,16,32,40,50,64,100,128,256};
int loopCnt = 256; //don't need to loop through entire array...
if (size == 0) return -1;
if (size<loopCnt) loopCnt = size;
//if we already have a valid clock quit
for (;i<8;++i)
if (clk[i] == clock) return clock;
if (clk[i] == *clock) return 0;
//get high and low peak
int peak, low;
getHiLo(dest, loopCnt, &peak, &low, 75, 75);
//test for large clean peaks
if (DetectCleanAskWave(dest, size, peak, low)==1){
uint16_t fcTest=0;
uint8_t mostFC=0;
fcTest=countFC(dest, size, &mostFC);
uint8_t fc1 = fcTest >> 8;
uint8_t fc2 = fcTest & 0xFF;
for (i=0; i<8; i++){
if (clk[i] == fc1) {
*clock=fc1;
return 0;
}
if (clk[i] == fc2) {
*clock=fc2;
return 0;
}
}
}
int ii;
int clkCnt;
int tol = 0;
int bestErr[]={1000,1000,1000,1000,1000,1000,1000,1000,1000};
int bestStart[]={0,0,0,0,0,0,0,0,0};
int errCnt=0;
//test each valid clock from smallest to greatest to see which lines up
for(clkCnt=0; clkCnt < 8; ++clkCnt){
for(clkCnt=0; clkCnt < 8; clkCnt++){
if (clk[clkCnt] == 32){
tol=1;
}else{
@ -777,7 +840,7 @@ int DetectASKClock(uint8_t dest[], size_t size, int clock)
}
bestErr[clkCnt]=1000;
//try lining up the peaks by moving starting point (try first 256)
for (ii=0; ii < loopCnt; ++ii){
for (ii=0; ii < loopCnt; ii++){
if ((dest[ii] >= peak) || (dest[ii] <= low)){
errCnt=0;
// now that we have the first one lined up test rest of wave array
@ -792,9 +855,15 @@ int DetectASKClock(uint8_t dest[], size_t size, int clock)
//if we found no errors then we can stop here
// this is correct one - return this clock
//PrintAndLog("DEBUG: clk %d, err %d, ii %d, i %d",clk[clkCnt],errCnt,ii,i);
if(errCnt==0 && clkCnt<6) return clk[clkCnt];
if(errCnt==0 && clkCnt<6) {
*clock = clk[clkCnt];
return ii;
}
//if we found errors see if it is lowest so far and save it as best run
if(errCnt<bestErr[clkCnt]) bestErr[clkCnt]=errCnt;
if(errCnt<bestErr[clkCnt]){
bestErr[clkCnt]=errCnt;
bestStart[clkCnt]=ii;
}
}
}
}
@ -809,20 +878,120 @@ int DetectASKClock(uint8_t dest[], size_t size, int clock)
}
}
}
if (bestErr[best]>maxErr) return -1;
*clock=clk[best];
return bestStart[best];
}
//by marshmellow
//detect psk clock by reading each phase shift
// a phase shift is determined by measuring the sample length of each wave
int DetectPSKClock(uint8_t dest[], size_t size, int clock)
{
uint8_t clk[]={255,16,32,40,50,64,100,128,255}; //255 is not a valid clock
uint16_t loopCnt = 4096; //don't need to loop through entire array...
if (size == 0) return 0;
if (size<loopCnt) loopCnt = size;
//if we already have a valid clock quit
size_t i=1;
for (; i < 8; ++i)
if (clk[i] == clock) return clock;
size_t waveStart=0, waveEnd=0, firstFullWave=0, lastClkBit=0;
uint8_t clkCnt, fc=0, fullWaveLen=0, tol=1;
uint16_t peakcnt=0, errCnt=0, waveLenCnt=0;
uint16_t bestErr[]={1000,1000,1000,1000,1000,1000,1000,1000,1000};
uint16_t peaksdet[]={0,0,0,0,0,0,0,0,0};
countFC(dest, size, &fc);
//PrintAndLog("DEBUG: FC: %d",fc);
//find first full wave
for (i=0; i<loopCnt; i++){
if (dest[i] < dest[i+1] && dest[i+1] >= dest[i+2]){
if (waveStart == 0) {
waveStart = i+1;
//PrintAndLog("DEBUG: waveStart: %d",waveStart);
} else {
waveEnd = i+1;
//PrintAndLog("DEBUG: waveEnd: %d",waveEnd);
waveLenCnt = waveEnd-waveStart;
if (waveLenCnt > fc){
firstFullWave = waveStart;
fullWaveLen=waveLenCnt;
break;
}
waveStart=0;
}
}
}
//PrintAndLog("DEBUG: firstFullWave: %d, waveLen: %d",firstFullWave,fullWaveLen);
//test each valid clock from greatest to smallest to see which lines up
for(clkCnt=7; clkCnt >= 1 ; clkCnt--){
lastClkBit = firstFullWave; //set end of wave as clock align
waveStart = 0;
errCnt=0;
peakcnt=0;
//PrintAndLog("DEBUG: clk: %d, lastClkBit: %d",clk[clkCnt],lastClkBit);
for (i = firstFullWave+fullWaveLen-1; i < loopCnt-2; i++){
//top edge of wave = start of new wave
if (dest[i] < dest[i+1] && dest[i+1] >= dest[i+2]){
if (waveStart == 0) {
waveStart = i+1;
waveLenCnt=0;
} else { //waveEnd
waveEnd = i+1;
waveLenCnt = waveEnd-waveStart;
if (waveLenCnt > fc){
//if this wave is a phase shift
//PrintAndLog("DEBUG: phase shift at: %d, len: %d, nextClk: %d, ii: %d, fc: %d",waveStart,waveLenCnt,lastClkBit+clk[clkCnt]-tol,ii+1,fc);
if (i+1 >= lastClkBit + clk[clkCnt] - tol){ //should be a clock bit
peakcnt++;
lastClkBit+=clk[clkCnt];
} else if (i<lastClkBit+8){
//noise after a phase shift - ignore
} else { //phase shift before supposed to based on clock
errCnt++;
}
} else if (i+1 > lastClkBit + clk[clkCnt] + tol + fc){
lastClkBit+=clk[clkCnt]; //no phase shift but clock bit
}
waveStart=i+1;
}
}
}
if (errCnt == 0){
return clk[clkCnt];
}
if (errCnt <= bestErr[clkCnt]) bestErr[clkCnt]=errCnt;
if (peakcnt > peaksdet[clkCnt]) peaksdet[clkCnt]=peakcnt;
}
//all tested with errors
//return the highest clk with the most peaks found
uint8_t best=7;
for (i=7; i>=1; i--){
if (peaksdet[i] > peaksdet[best]) {
best = i;
}
//PrintAndLog("DEBUG: Clk: %d, peaks: %d, errs: %d, bestClk: %d",clk[iii],peaksdet[iii],bestErr[iii],clk[best]);
}
return clk[best];
}
//by marshmellow
//detect psk clock by reading #peaks vs no peaks(or errors)
int DetectpskNRZClock(uint8_t dest[], size_t size, int clock)
//detect nrz clock by reading #peaks vs no peaks(or errors)
int DetectNRZClock(uint8_t dest[], size_t size, int clock)
{
int i=0;
int clk[]={16,32,40,50,64,100,128,256};
int loopCnt = 2048; //don't need to loop through entire array...
int clk[]={8,16,32,40,50,64,100,128,256};
int loopCnt = 4096; //don't need to loop through entire array...
if (size == 0) return 0;
if (size<loopCnt) loopCnt = size;
//if we already have a valid clock quit
for (; i < 7; ++i)
for (; i < 8; ++i)
if (clk[i] == clock) return clock;
//get high and low peak
@ -834,97 +1003,52 @@ int DetectpskNRZClock(uint8_t dest[], size_t size, int clock)
uint8_t clkCnt;
uint8_t tol = 0;
int peakcnt=0;
int errCnt=0;
int bestErr[]={1000,1000,1000,1000,1000,1000,1000,1000};
int peaksdet[]={0,0,0,0,0,0,0,0};
//test each valid clock from smallest to greatest to see which lines up
for(clkCnt=0; clkCnt < 7; ++clkCnt){
if (clk[clkCnt] <= 32){
tol=1;
int maxPeak=0;
//test for large clipped waves
for (i=0; i<loopCnt; i++){
if (dest[i] >= peak || dest[i] <= low){
peakcnt++;
} else {
tol=0;
if (peakcnt>0 && maxPeak < peakcnt){
maxPeak = peakcnt;
}
peakcnt=0;
}
}
peakcnt=0;
//test each valid clock from smallest to greatest to see which lines up
for(clkCnt=0; clkCnt < 8; ++clkCnt){
//ignore clocks smaller than largest peak
if (clk[clkCnt]<maxPeak) continue;
//try lining up the peaks by moving starting point (try first 256)
for (ii=0; ii< loopCnt; ++ii){
if ((dest[ii] >= peak) || (dest[ii] <= low)){
errCnt=0;
peakcnt=0;
// now that we have the first one lined up test rest of wave array
for (i=0; i < ((int)((size-ii-tol)/clk[clkCnt])-1); ++i){
if (dest[ii+(i*clk[clkCnt])]>=peak || dest[ii+(i*clk[clkCnt])]<=low){
peakcnt++;
}else if(dest[ii+(i*clk[clkCnt])-tol]>=peak || dest[ii+(i*clk[clkCnt])-tol]<=low){
peakcnt++;
}else if(dest[ii+(i*clk[clkCnt])+tol]>=peak || dest[ii+(i*clk[clkCnt])+tol]<=low){
peakcnt++;
}else{ //error no peak detected
errCnt++;
}
}
if(peakcnt>peaksdet[clkCnt]) {
peaksdet[clkCnt]=peakcnt;
bestErr[clkCnt]=errCnt;
}
}
}
}
int iii=0;
int iii=7;
int best=0;
//int ratio2; //debug
int ratio;
//int bits;
for (iii=0; iii < 7; ++iii){
ratio=1000;
//ratio2=1000; //debug
//bits=size/clk[iii]; //debug
if (peaksdet[iii] > 0){
ratio=bestErr[iii]/peaksdet[iii];
if (((bestErr[best]/peaksdet[best]) > (ratio)+1)){
for (iii=7; iii > 0; iii--){
if (peaksdet[iii] > peaksdet[best]){
best = iii;
}
//ratio2=bits/peaksdet[iii]; //debug
}
//PrintAndLog("DEBUG: Clk: %d, peaks: %d, errs: %d, bestClk: %d, ratio: %d, bits: %d, peakbitr: %d",clk[iii],peaksdet[iii],bestErr[iii],clk[best],ratio, bits,ratio2);
//PrintAndLog("DEBUG: Clk: %d, peaks: %d, errs: %d, bestClk: %d",clk[iii],peaksdet[iii],bestErr[iii],clk[best]);
}
return clk[best];
}
// by marshmellow (attempt to get rid of high immediately after a low)
void pskCleanWave(uint8_t *BitStream, size_t size)
{
int i;
int gap = 4;
int newLow=0;
int newHigh=0;
int high, low;
getHiLo(BitStream, size, &high, &low, 80, 90);
for (i=0; i < size; ++i){
if (newLow == 1){
if (BitStream[i]>low){
BitStream[i]=low+8;
gap--;
}
if (gap == 0){
newLow=0;
gap=4;
}
}else if (newHigh == 1){
if (BitStream[i]<high){
BitStream[i]=high-8;
gap--;
}
if (gap == 0){
newHigh=0;
gap=4;
}
}
if (BitStream[i] <= low) newLow=1;
if (BitStream[i] >= high) newHigh=1;
}
return;
}
// by marshmellow
// convert psk1 demod to psk2 demod
// only transition waves are 1s
@ -1007,56 +1131,71 @@ int indala26decode(uint8_t *bitStream, size_t *size, uint8_t *invert)
return 1;
}
// by marshmellow - demodulate PSK1 wave or NRZ wave (both similar enough)
// by marshmellow - demodulate NRZ wave (both similar enough)
// peaks invert bit (high=1 low=0) each clock cycle = 1 bit determined by last peak
int pskNRZrawDemod(uint8_t *dest, size_t *size, int *clk, int *invert)
// there probably is a much simpler way to do this....
int nrzRawDemod(uint8_t *dest, size_t *size, int *clk, int *invert, int maxErr)
{
if (justNoise(dest, *size)) return -1;
pskCleanWave(dest,*size);
int clk2 = DetectpskNRZClock(dest, *size, *clk);
*clk=clk2;
*clk = DetectNRZClock(dest, *size, *clk);
if (*clk==0) return -2;
uint32_t i;
int high, low, ans;
ans = getHiLo(dest, 1260, &high, &low, 75, 80); //25% fuzz on high 20% fuzz on low
ans = getHiLo(dest, 1260, &high, &low, 75, 75); //25% fuzz on high 25% fuzz on low
if (ans<1) return -2; //just noise
uint32_t gLen = *size;
//PrintAndLog("DEBUG - valid high: %d - valid low: %d",high,low);
uint32_t gLen = 256;
if (gLen>*size) gLen = *size;
int lastBit = 0; //set first clock check
uint32_t bitnum = 0; //output counter
uint8_t tol = 1; //clock tolerance adjust - waves will be accepted as within the clock if they fall + or - this value + clock from last valid wave
if (*clk==32) tol = 2; //clock tolerance may not be needed anymore currently set to + or - 1 but could be increased for poor waves or removed entirely
uint32_t iii = 0;
uint8_t errCnt =0;
uint32_t bestStart = *size;
uint32_t maxErr = (*size/1000);
uint32_t bestErrCnt = maxErr;
uint16_t errCnt =0;
uint16_t MaxBits = 1000;
uint32_t bestErrCnt = maxErr+1;
uint32_t bestPeakCnt = 0;
uint32_t bestPeakStart=0;
uint8_t curBit=0;
uint8_t bitHigh=0;
uint8_t ignorewin=*clk/8;
//PrintAndLog("DEBUG - lastbit - %d",lastBit);
uint8_t errBitHigh=0;
uint16_t peakCnt=0;
uint8_t ignoreWindow=4;
uint8_t ignoreCnt=ignoreWindow; //in case of noice near peak
//loop to find first wave that works - align to clock
for (iii=0; iii < gLen; ++iii){
if ((dest[iii]>=high) || (dest[iii]<=low)){
lastBit=iii-*clk;
peakCnt=0;
errCnt=0;
bitnum=0;
//loop through to see if this start location works
for (i = iii; i < *size; ++i) {
//if we found a high bar and we are at a clock bit
if ((dest[i]>=high ) && (i>=lastBit+*clk-tol && i<=lastBit+*clk+tol)){
bitHigh=1;
lastBit+=*clk;
ignorewin=*clk/8;
bitnum++;
peakCnt++;
errBitHigh=0;
ignoreCnt=ignoreWindow;
//else if low bar found and we are at a clock point
}else if ((dest[i]<=low ) && (i>=lastBit+*clk-tol && i<=lastBit+*clk+tol)){
bitHigh=1;
lastBit+=*clk;
ignorewin=*clk/8;
bitnum++;
peakCnt++;
errBitHigh=0;
ignoreCnt=ignoreWindow;
//else if no bars found
}else if(dest[i] < high && dest[i] > low) {
if (ignorewin==0){
if (ignoreCnt==0){
bitHigh=0;
}else ignorewin--;
if (errBitHigh==1){
errCnt++;
}
errBitHigh=0;
} else {
ignoreCnt--;
}
//if we are past a clock point
if (i >= lastBit+*clk+tol){ //clock val
lastBit+=*clk;
@ -1065,29 +1204,36 @@ int pskNRZrawDemod(uint8_t *dest, size_t *size, int *clk, int *invert)
//else if bar found but we are not at a clock bit and we did not just have a clock bit
}else if ((dest[i]>=high || dest[i]<=low) && (i<lastBit+*clk-tol || i>lastBit+*clk+tol) && (bitHigh==0)){
//error bar found no clock...
errCnt++;
errBitHigh=1;
}
if (bitnum>=1000) break;
if (bitnum>=MaxBits) break;
}
//we got more than 64 good bits and not all errors
if ((bitnum > (64+errCnt)) && (errCnt < (maxErr))) {
if (bitnum > (64) && (errCnt <= (maxErr))) {
//possible good read
if (errCnt == 0){
bestStart = iii;
//bestStart = iii;
bestErrCnt = errCnt;
bestPeakCnt = peakCnt;
bestPeakStart = iii;
break; //great read - finish
}
if (errCnt < bestErrCnt){ //set this as new best run
bestErrCnt = errCnt;
bestStart = iii;
//bestStart = iii;
}
if (peakCnt > bestPeakCnt){
bestPeakCnt=peakCnt;
bestPeakStart=iii;
}
}
}
}
if (bestErrCnt < maxErr){
//PrintAndLog("DEBUG: bestErrCnt: %d, maxErr: %d, bestStart: %d, bestPeakCnt: %d, bestPeakStart: %d",bestErrCnt,maxErr,bestStart,bestPeakCnt,bestPeakStart);
if (bestErrCnt <= maxErr){
//best run is good enough set to best run and set overwrite BinStream
iii=bestStart;
lastBit=bestStart-*clk;
iii=bestPeakStart;
lastBit=bestPeakStart-*clk;
bitnum=0;
for (i = iii; i < *size; ++i) {
//if we found a high bar and we are at a clock bit
@ -1096,21 +1242,32 @@ int pskNRZrawDemod(uint8_t *dest, size_t *size, int *clk, int *invert)
lastBit+=*clk;
curBit=1-*invert;
dest[bitnum]=curBit;
ignorewin=*clk/8;
bitnum++;
errBitHigh=0;
ignoreCnt=ignoreWindow;
//else if low bar found and we are at a clock point
}else if ((dest[i]<=low ) && (i>=lastBit+*clk-tol && i<=lastBit+*clk+tol)){
bitHigh=1;
lastBit+=*clk;
curBit=*invert;
dest[bitnum]=curBit;
ignorewin=*clk/8;
bitnum++;
errBitHigh=0;
ignoreCnt=ignoreWindow;
//else if no bars found
}else if(dest[i]<high && dest[i]>low) {
if (ignorewin==0){
if (ignoreCnt==0){
bitHigh=0;
}else ignorewin--;
//if peak is done was it an error peak?
if (errBitHigh==1){
dest[bitnum]=77;
bitnum++;
errCnt++;
}
errBitHigh=0;
} else {
ignoreCnt--;
}
//if we are past a clock point
if (i>=lastBit+*clk+tol){ //clock val
lastBit+=*clk;
@ -1120,17 +1277,13 @@ int pskNRZrawDemod(uint8_t *dest, size_t *size, int *clk, int *invert)
//else if bar found but we are not at a clock bit and we did not just have a clock bit
}else if ((dest[i]>=high || dest[i]<=low) && ((i<lastBit+*clk-tol) || (i>lastBit+*clk+tol)) && (bitHigh==0)){
//error bar found no clock...
bitHigh=1;
dest[bitnum]=77;
bitnum++;
errCnt++;
errBitHigh=1;
}
if (bitnum >=1000) break;
if (bitnum >= MaxBits) break;
}
*size=bitnum;
} else{
*size=bitnum;
*clk=bestStart;
return -1;
}
@ -1153,6 +1306,7 @@ uint8_t detectFSKClk(uint8_t *BitStream, size_t size, uint8_t fcHigh, uint8_t fc
uint16_t rfCounter = 0;
uint8_t firstBitFnd = 0;
size_t i;
if (size == 0) return 0;
uint8_t fcTol = (uint8_t)(0.5+(float)(fcHigh-fcLow)/2);
rfLensFnd=0;
@ -1249,7 +1403,8 @@ uint8_t detectFSKClk(uint8_t *BitStream, size_t size, uint8_t fcHigh, uint8_t fc
//by marshmellow
//countFC is to detect the field clock lengths.
//counts and returns the 2 most common wave lengths
uint16_t countFC(uint8_t *BitStream, size_t size)
//mainly used for FSK field clock detection
uint16_t countFC(uint8_t *BitStream, size_t size, uint8_t *mostFC)
{
uint8_t fcLens[] = {0,0,0,0,0,0,0,0,0,0};
uint16_t fcCnts[] = {0,0,0,0,0,0,0,0,0,0};
@ -1257,6 +1412,7 @@ uint16_t countFC(uint8_t *BitStream, size_t size)
uint8_t lastFCcnt=0;
uint32_t fcCounter = 0;
size_t i;
if (size == 0) return 0;
// prime i to first up transition
for (i = 1; i < size-1; i++)
@ -1321,6 +1477,7 @@ uint16_t countFC(uint8_t *BitStream, size_t size)
fcL=fcLens[best1];
}
*mostFC=fcLens[best1];
// TODO: take top 3 answers and compare to known Field clocks to get top 2
uint16_t fcs = (((uint16_t)fcH)<<8) | fcL;
@ -1328,3 +1485,152 @@ uint16_t countFC(uint8_t *BitStream, size_t size)
return fcs;
}
//by marshmellow
//countPSK_FC is to detect the psk carrier clock length.
//counts and returns the 1 most common wave length
uint8_t countPSK_FC(uint8_t *BitStream, size_t size)
{
uint8_t fcLens[] = {0,0,0,0,0,0,0,0,0,0};
uint16_t fcCnts[] = {0,0,0,0,0,0,0,0,0,0};
uint8_t fcLensFnd = 0;
uint32_t fcCounter = 0;
size_t i;
if (size == 0) return 0;
// prime i to first up transition
for (i = 1; i < size-1; i++)
if (BitStream[i] > BitStream[i-1] && BitStream[i] >= BitStream[i+1])
break;
for (; i < size-1; i++){
if (BitStream[i] > BitStream[i-1] && BitStream[i] >= BitStream[i+1]){
// new up transition
fcCounter++;
// save last field clock count (fc/xx)
// find which fcLens to save it to:
for (int ii=0; ii<10; ii++){
if (fcLens[ii]==fcCounter){
fcCnts[ii]++;
fcCounter=0;
break;
}
}
if (fcCounter>0 && fcLensFnd<10){
//add new fc length
fcCnts[fcLensFnd]++;
fcLens[fcLensFnd++]=fcCounter;
}
fcCounter=0;
} else {
// count sample
fcCounter++;
}
}
uint8_t best1=9;
uint16_t maxCnt1=0;
// go through fclens and find which ones are bigest
for (i=0; i<10; i++){
//PrintAndLog("DEBUG: FC %d, Cnt %d",fcLens[i],fcCnts[i]);
// get the best FC value
if (fcCnts[i]>maxCnt1) {
maxCnt1=fcCnts[i];
best1=i;
}
}
return fcLens[best1];
}
//by marshmellow - demodulate PSK1 wave
//uses wave lengths (# Samples)
int pskRawDemod(uint8_t dest[], size_t *size, int *clock, int *invert)
{
uint16_t loopCnt = 4096; //don't need to loop through entire array...
if (size == 0) return -1;
if (*size<loopCnt) loopCnt = *size;
uint8_t curPhase = *invert;
size_t i, waveStart=0, waveEnd=0, firstFullWave=0, lastClkBit=0;
uint8_t fc=0, fullWaveLen=0, tol=1;
uint16_t errCnt=0, waveLenCnt=0;
fc = countPSK_FC(dest, *size);
if (fc!=2 && fc!=4 && fc!=8) return -1;
//PrintAndLog("DEBUG: FC: %d",fc);
*clock = DetectPSKClock(dest, *size, *clock);
if (*clock==0) return -1;
int avgWaveVal=0, lastAvgWaveVal=0;
//find first full wave
for (i=0; i<loopCnt; i++){
if (dest[i]+fc < dest[i+1] && dest[i+1] >= dest[i+2]){
if (waveStart == 0) {
waveStart = i+1;
avgWaveVal=dest[i+1];
//PrintAndLog("DEBUG: waveStart: %d",waveStart);
} else {
waveEnd = i+1;
//PrintAndLog("DEBUG: waveEnd: %d",waveEnd);
waveLenCnt = waveEnd-waveStart;
lastAvgWaveVal = avgWaveVal/waveLenCnt;
if (waveLenCnt > fc){
firstFullWave = waveStart;
fullWaveLen=waveLenCnt;
//if average wave value is > graph 0 then it is an up wave or a 1
if (lastAvgWaveVal > 128) curPhase^=1;
break;
}
waveStart=0;
avgWaveVal=0;
}
}
avgWaveVal+=dest[i+1];
}
//PrintAndLog("DEBUG: firstFullWave: %d, waveLen: %d",firstFullWave,fullWaveLen);
lastClkBit = firstFullWave; //set start of wave as clock align
waveStart = 0;
errCnt=0;
size_t numBits=0;
//PrintAndLog("DEBUG: clk: %d, lastClkBit: %d", *clock, lastClkBit);
for (i = firstFullWave+fullWaveLen-1; i < *size-3; i++){
//top edge of wave = start of new wave
if (dest[i]+fc < dest[i+1] && dest[i+1] >= dest[i+2]){
if (waveStart == 0) {
waveStart = i+1;
waveLenCnt=0;
avgWaveVal = dest[i+1];
} else { //waveEnd
waveEnd = i+1;
waveLenCnt = waveEnd-waveStart;
lastAvgWaveVal = avgWaveVal/waveLenCnt;
if (waveLenCnt > fc){
//PrintAndLog("DEBUG: avgWaveVal: %d, waveSum: %d",lastAvgWaveVal,avgWaveVal);
//if this wave is a phase shift
//PrintAndLog("DEBUG: phase shift at: %d, len: %d, nextClk: %d, i: %d, fc: %d",waveStart,waveLenCnt,lastClkBit+*clock-tol,i+1,fc);
if (i+1 >= lastClkBit + *clock - tol){ //should be a clock bit
curPhase^=1;
dest[numBits] = curPhase;
numBits++;
lastClkBit += *clock;
} else if (i<lastClkBit+10){
//noise after a phase shift - ignore
} else { //phase shift before supposed to based on clock
errCnt++;
dest[numBits] = 77;
numBits++;
}
} else if (i+1 > lastClkBit + *clock + tol + fc){
lastClkBit += *clock; //no phase shift but clock bit
dest[numBits] = curPhase;
numBits++;
}
avgWaveVal=0;
waveStart=i+1;
}
}
avgWaveVal+=dest[i+1];
}
*size = numBits;
return errCnt;
}

15
common/lfdemod.h
View file

@ -15,31 +15,34 @@
#define LFDEMOD_H__
#include <stdint.h>
int DetectASKClock(uint8_t dest[], size_t size, int clock);
int askmandemod(uint8_t *BinStream, size_t *size, int *clk, int *invert);
int DetectASKClock(uint8_t dest[], size_t size, int *clock, int maxErr);
int askmandemod(uint8_t *BinStream, size_t *size, int *clk, int *invert, int maxErr);
uint64_t Em410xDecode(uint8_t *BitStream, size_t *size, size_t *startIdx);
int ManchesterEncode(uint8_t *BitStream, size_t size);
int manrawdecode(uint8_t *BitStream, size_t *size);
int BiphaseRawDecode(uint8_t * BitStream, size_t *size, int offset, int invert);
int askrawdemod(uint8_t *BinStream, size_t *size, int *clk, int *invert);
int askrawdemod(uint8_t *BinStream, size_t *size, int *clk, int *invert, int maxErr, uint8_t amp);
int HIDdemodFSK(uint8_t *dest, size_t *size, uint32_t *hi2, uint32_t *hi, uint32_t *lo);
int IOdemodFSK(uint8_t *dest, size_t size);
int fskdemod(uint8_t *dest, size_t size, uint8_t rfLen, uint8_t invert, uint8_t fchigh, uint8_t fclow);
uint32_t bytebits_to_byte(uint8_t* src, size_t numbits);
int pskNRZrawDemod(uint8_t *dest, size_t *size, int *clk, int *invert);
int nrzRawDemod(uint8_t *dest, size_t *size, int *clk, int *invert, int maxErr);
void psk1TOpsk2(uint8_t *BitStream, size_t size);
int DetectpskNRZClock(uint8_t dest[], size_t size, int clock);
int DetectNRZClock(uint8_t dest[], size_t size, int clock);
int indala26decode(uint8_t *bitStream, size_t *size, uint8_t *invert);
void pskCleanWave(uint8_t *bitStream, size_t size);
int PyramiddemodFSK(uint8_t *dest, size_t *size);
int AWIDdemodFSK(uint8_t *dest, size_t *size);
size_t removeParity(uint8_t *BitStream, size_t startIdx, uint8_t pLen, uint8_t pType, size_t bLen);
uint16_t countFC(uint8_t *BitStream, size_t size);
uint16_t countFC(uint8_t *BitStream, size_t size, uint8_t *mostFC);
uint8_t detectFSKClk(uint8_t *BitStream, size_t size, uint8_t fcHigh, uint8_t fcLow);
int getHiLo(uint8_t *BitStream, size_t size, int *high, int *low, uint8_t fuzzHi, uint8_t fuzzLo);
int ParadoxdemodFSK(uint8_t *dest, size_t *size, uint32_t *hi2, uint32_t *hi, uint32_t *lo);
uint8_t preambleSearch(uint8_t *BitStream, uint8_t *preamble, size_t pLen, size_t *size, size_t *startIdx);
uint8_t parityTest(uint32_t bits, uint8_t bitLen, uint8_t pType);
uint8_t justNoise(uint8_t *BitStream, size_t size);
uint8_t countPSK_FC(uint8_t *BitStream, size_t size);
int pskRawDemod(uint8_t dest[], size_t *size, int *clock, int *invert);
int DetectPSKClock(uint8_t dest[], size_t size, int clock);
#endif