simulate sketch

armsrc/appmain.c

@@ -1392,6 +1392,13 @@ static void PacketReceived(PacketCommandNG *packet) {
             HfReadADC(samplesCount, true);
             break;
         }
+        case CMD_HF_TEXKOM_SIMULATE: {
+            uint32_t timeout = 0;
+            memcpy(&timeout, &packet->data.asBytes[9], 4);
+            HfWriteTkm(packet->data.asBytes, packet->data.asBytes[8], timeout);
+            break;
+        }
+
 #endif
 
 #ifdef WITH_ISO14443a

armsrc/hfops.c

@@ -19,6 +19,7 @@
 #include "hfops.h"
 
 #include <string.h>
+#include "appmain.h"
 #include "proxmark3_arm.h"
 #include "cmd.h"
 #include "BigBuf.h"
@@ -90,4 +91,55 @@ int HfReadADC(uint32_t samplesCount, bool ledcontrol) {
     return 0;
 }
 
+static uint32_t HfEncodeTkm(uint8_t *uid, uint8_t modulation) {
 
+    return 0;
+}
+
+int HfWriteTkm(uint8_t *uid, uint8_t modulation, uint32_t timeout) {
+    // free eventually allocated BigBuf memory
+    BigBuf_free_keep_EM();
+
+    LEDsoff();
+
+    uint32_t elen = HfEncodeTkm(uid, modulation);
+    if (elen == 0) {
+        DbpString("encode error");
+        reply_ng(CMD_HF_TEXKOM_SIMULATE, PM3_EAPDU_ENCODEFAIL, NULL, 0);
+        return PM3_EAPDU_ENCODEFAIL;
+    }
+
+    LED_C_ON();
+
+    int vHf = 0; // in mV
+    bool button_pressed = false;
+    bool exit_loop = false;
+    while (exit_loop == false) {
+
+        button_pressed = BUTTON_PRESS();
+        if (button_pressed || data_available())
+            break;
+
+        WDT_HIT();
+
+        vHf = (MAX_ADC_HF_VOLTAGE * SumAdc(ADC_CHAN_HF, 32)) >> 15;
+        if (vHf > MF_MINFIELDV) {
+            LED_A_ON();
+        } else {
+            LED_A_OFF();
+            continue;
+        }
+
+
+        // TransmitTo15693Reader(ts->buf, ts->max, &response_time, 0, slow);
+    }
+
+    switch_off();
+
+    if (button_pressed)
+        DbpString("button pressed");
+
+    reply_ng(CMD_HF_TEXKOM_SIMULATE, PM3_SUCCESS, NULL, 0);
+
+    return PM3_SUCCESS;
+}

armsrc/hfops.h

@@ -22,5 +22,6 @@
 #include "common.h"
 
 int HfReadADC(uint32_t samplesCount, bool ledcontrol);
+int HfWriteTkm(uint8_t *uid, uint8_t modulation, uint32_t timeout);
 
 #endif

client/src/cmdhftexkom.c

@@ -550,12 +550,57 @@ static int CmdHFTexkomReader(const char *Cmd) {
 }
 
 
+static int CmdHFTexkomSim(const char *Cmd) {
+    CLIParserContext *ctx;
+    CLIParserInit(&ctx, "hf texkom sim",
+                  "Simulate a texkom tag",
+                  "hf texkom sim");
+
+    void *argtable[] = {
+        arg_param_begin,
+        arg_lit0("v",  "verbose",  "Verbose work"),
+        arg_lit0("t",  "tk17",  "Use TK-17 modulation (TK-13 by default)"),
+        arg_param_end
+    };
+    CLIExecWithReturn(ctx, Cmd, argtable, true);
+
+    bool verbose = arg_get_lit(ctx, 1);
+    uint32_t cmdtimeout = 0;
+    uint8_t modulation = 0; // tk-13
+    if (arg_get_lit(ctx, 2))
+        modulation = 1; //tk-17
+
+    CLIParserFree(ctx);
+
+    // <texkom 8bytes><modulation 1b><timeout 4b>
+    uint8_t data[13] = {0};
+    data[8] = modulation;
+    memcpy(&data[9], &cmdtimeout, 4);
+    clearCommandBuffer();
+    SendCommandNG(CMD_HF_TEXKOM_SIMULATE, data, sizeof(data));
+
+    if (cmdtimeout > 0 && cmdtimeout < 2800) {
+        PacketResponseNG resp;
+        if (!WaitForResponseTimeout(CMD_HF_TEXKOM_SIMULATE, &resp, 3000)) {
+            if (verbose)
+                PrintAndLogEx(WARNING, "(hf texkom simulate) command execution time out");
+            return PM3_ETIMEOUT;
+        }
+        PrintAndLogEx(INFO, "simulate command execution done");
+    } else {
+        PrintAndLogEx(INFO, "simulate command started");
+    }
+
+    return PM3_SUCCESS;
+}
+
+
 static int CmdHelp(const char *Cmd);
 
 static command_t CommandTable[] = {
     {"help",    CmdHelp,            AlwaysAvailable,  "This help"},
     {"reader",  CmdHFTexkomReader,  IfPm3Iso14443a,   "Act like a Texkom reader"},
-    //{"sim",     CmdHFTexkomSim,     IfPm3Iso14443a,   "Simulate a Texkom tag"},
+    {"sim",     CmdHFTexkomSim,     IfPm3Iso14443a,   "Simulate a Texkom tag"},
     //{"write",   CmdHFTexkomWrite,   IfPm3Iso14443a,   "Write a Texkom tag"},
     {NULL,      NULL,               0, NULL}
 };

include/pm3_cmd.h

@@ -522,6 +522,7 @@ typedef struct {
 #define CMD_HF_ISO15693_CSETUID                                           0x0316
 #define CMD_HF_ISO15693_SLIX_L_DISABLE_PRIVACY                            0x0317
 #define CMD_HF_ISO15693_SLIX_L_DISABLE_AESAFI                             0x0318
+#define CMD_HF_TEXKOM_SIMULATE                                            0x0320
 
 #define CMD_LF_SNIFF_RAW_ADC                                              0x0360