github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-19 04:50:12 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

initial text changes

Browse source
This commit is contained in:
iceman1001 2024-04-06 15:48:41 +02:00
commit 27735355cd
1 changed files with 87 additions and 48 deletions
Download patch file Download diff file Expand all files Collapse all files

135
armsrc/hitag2.c
View file

@ -611,13 +611,14 @@ static bool hitag1_authenticate(uint8_t *rx, const size_t rxlen, uint8_t *tx, si
static bool hitag2_write_page(uint8_t *rx, const size_t rxlen, uint8_t *tx, size_t *txlen) { static bool hitag2_write_page(uint8_t *rx, const size_t rxlen, uint8_t *tx, size_t *txlen) {
switch (writestate) { switch (writestate) {
case WRITE_STATE_START: case WRITE_STATE_START: {
*txlen = 10; *txlen = 10;
tx[0] = 0x82 | (blocknr << 3) | ((blocknr ^ 7) >> 2); tx[0] = 0x82 | (blocknr << 3) | ((blocknr ^ 7) >> 2);
tx[1] = ((blocknr ^ 7) << 6); tx[1] = ((blocknr ^ 7) << 6);
writestate = WRITE_STATE_PAGENUM_WRITTEN; writestate = WRITE_STATE_PAGENUM_WRITTEN;
break; break;
case WRITE_STATE_PAGENUM_WRITTEN: }
case WRITE_STATE_PAGENUM_WRITTEN: {
// Check if page number was received correctly // Check if page number was received correctly
if ((rxlen == 10) if ((rxlen == 10)
&& (rx[0] == (0x82 | (blocknr << 3) | ((blocknr ^ 7) >> 2))) && (rx[0] == (0x82 | (blocknr << 3) | ((blocknr ^ 7) >> 2)))
@ -628,13 +629,16 @@ static bool hitag2_write_page(uint8_t *rx, const size_t rxlen, uint8_t *tx, size
memcpy(tx, writedata, 4); memcpy(tx, writedata, 4);
writestate = WRITE_STATE_PROG; writestate = WRITE_STATE_PROG;
} else { } else {
Dbprintf("hitag2_write_page: Page number was not received correctly: rxlen %d rx %02x%02x%02x%02x", Dbprintf("hitag2_write_page: Page number was not received correctly: rxlen %d rx %02x%02x%02x%02x"
rxlen, rx[0], rx[1], rx[2], rx[3]); , rxlen
, rx[0], rx[1], rx[2], rx[3]
);
bSuccessful = false; bSuccessful = false;
return false; return false;
} }
break; break;
case WRITE_STATE_PROG: }
case WRITE_STATE_PROG: {
if (rxlen == 0) { if (rxlen == 0) {
bSuccessful = true; bSuccessful = true;
} else { } else {
@ -642,12 +646,13 @@ static bool hitag2_write_page(uint8_t *rx, const size_t rxlen, uint8_t *tx, size
Dbprintf("hitag2_write_page: unexpected rx data (%d) after page write", rxlen); Dbprintf("hitag2_write_page: unexpected rx data (%d) after page write", rxlen);
} }
return false; return false;
default: }
Dbprintf("hitag2_write_page: Unknown state %d", writestate); default: {
Dbprintf("hitag2_write_page: Unknown state " _RED_("%d"), writestate);
bSuccessful = false; bSuccessful = false;
return false; return false;
} }
}
return true; return true;
} }
@ -656,10 +661,12 @@ static bool hitag2_password(uint8_t *rx, const size_t rxlen, uint8_t *tx, size_t
*txlen = 0; *txlen = 0;
if (bPwd && (bAuthenticating == false) && write) { if (bPwd && (bAuthenticating == false) && write) {
SpinDelay(2); SpinDelay(2);
if (hitag2_write_page(rx, rxlen, tx, txlen) == false) { if (hitag2_write_page(rx, rxlen, tx, txlen) == false) {
return false; return false;
} }
} else { } else {
// Try to find out which command was send by selecting on length (in bits) // Try to find out which command was send by selecting on length (in bits)
switch (rxlen) { switch (rxlen) {
@ -667,7 +674,7 @@ static bool hitag2_password(uint8_t *rx, const size_t rxlen, uint8_t *tx, size_t
case 0: { case 0: {
// Stop if there is no answer (after sending password) // Stop if there is no answer (after sending password)
if (bPwd) { if (bPwd) {
DbpString("Password failed!"); DBG DbpString("Password failed!");
return false; return false;
} }
*txlen = 5; *txlen = 5;
@ -714,7 +721,7 @@ static bool hitag2_password(uint8_t *rx, const size_t rxlen, uint8_t *tx, size_t
// Unexpected response // Unexpected response
default: { default: {
Dbprintf("Unknown frame length: %d", rxlen); DBG Dbprintf("Unknown frame length: " _RED_("%d"), rxlen);
return false; return false;
} }
break; break;
@ -832,7 +839,7 @@ static bool hitag2_crypto(uint8_t *rx, const size_t rxlen, uint8_t *tx, size_t *
// Unexpected response // Unexpected response
default: { default: {
DBG Dbprintf("Unknown frame length: %d", rxlen); DBG Dbprintf("Unknown frame length: " _RED_("%d"), rxlen);
return false; return false;
} }
break; break;
@ -984,7 +991,7 @@ static bool hitag2_read_uid(uint8_t *rx, const size_t rxlen, uint8_t *tx, size_t
break; break;
// Unexpected response // Unexpected response
default: { default: {
DBG Dbprintf("Unknown frame length: %d", rxlen); DBG Dbprintf("Unknown frame length: " _RED_("%d"), rxlen);
return false; return false;
} }
break; break;
@ -1017,10 +1024,12 @@ void SniffHitag2(bool ledcontrol) {
lf_init(false, false, ledcontrol); lf_init(false, false, ledcontrol);
// no logging of the raw signal // no logging of the raw signal
g_logging = lf_get_reader_modulation(); // g_logging = lf_get_reader_modulation();
g_logging = false;
uint32_t total_count = 0; uint32_t total_count = 0;
uint8_t rx[20 * 8 * 2]; uint8_t rx[HITAG_FRAME_BIT_COUNT * 2];
while (BUTTON_PRESS() == false) { while (BUTTON_PRESS() == false) {
lf_reset_counter(); lf_reset_counter();
@ -1446,7 +1455,9 @@ void SimulateHitag2(bool ledcontrol) {
// Detected two sequential equal bits and a modulation switch // Detected two sequential equal bits and a modulation switch
// NRZ modulation: (11 => --|) or (11 __|) // NRZ modulation: (11 => --|) or (11 __|)
nrz_samples[nrzs++] = reader_modulation; nrz_samples[nrzs++] = reader_modulation;
if (nrzs < max_nrzs) {
nrz_samples[nrzs++] = reader_modulation; nrz_samples[nrzs++] = reader_modulation;
}
// Invert tag modulation state // Invert tag modulation state
reader_modulation ^= 1; reader_modulation ^= 1;
} else if (periods > 0 && periods <= 24) { } else if (periods > 0 && periods <= 24) {
@ -1639,7 +1650,7 @@ void ReaderHitag(hitag_function htf, const hitag_data *htd, bool ledcontrol) {
break; break;
} }
case RHT2F_TEST_AUTH_ATTEMPTS: { case RHT2F_TEST_AUTH_ATTEMPTS: {
DBG Dbprintf("Testing %d authentication attempts", (auth_table_len / 8)); DBG Dbprintf("Testing " _YELLOW_("%d") " authentication attempts", (auth_table_len / 8));
auth_table_pos = 0; auth_table_pos = 0;
memcpy(NrAr, auth_table, 8); memcpy(NrAr, auth_table, 8);
bCrypto = false; bCrypto = false;
@ -1673,7 +1684,7 @@ void ReaderHitag(hitag_function htf, const hitag_data *htd, bool ledcontrol) {
t_wait_2 = 128; t_wait_2 = 128;
flipped_bit = 0; flipped_bit = 0;
tag_size = 8; tag_size = 8;
DBG DbpString("Configured for hitagS reader"); DBG DbpString("Configured for " _YELLOW_("HitagS") " reader");
} else */ } else */
if (htf <= HT1_LAST_CMD) { if (htf <= HT1_LAST_CMD) {
// hitag1 settings // hitag1 settings
@ -1687,7 +1698,7 @@ void ReaderHitag(hitag_function htf, const hitag_data *htd, bool ledcontrol) {
t_wait_1 = HITAG_T_WAIT_1_MIN; t_wait_1 = HITAG_T_WAIT_1_MIN;
t_wait_2 = HITAG_T_WAIT_2_MIN; t_wait_2 = HITAG_T_WAIT_2_MIN;
tag_size = 48; tag_size = 48;
DBG DbpString("Configured for hitag2 reader"); DBG DbpString("Configured for " _YELLOW_("Hitag 2") " reader");
} }
// init as reader // init as reader
@ -1749,9 +1760,7 @@ void ReaderHitag(hitag_function htf, const hitag_data *htd, bool ledcontrol) {
} }
case RHT2F_UID_ONLY: { case RHT2F_UID_ONLY: {
bStop = !hitag2_read_uid(rx, rxlen, tx, &txlen); bStop = !hitag2_read_uid(rx, rxlen, tx, &txlen);
if (bSuccessful) {
bStop = true;
}
attempt_count++; //attempt 3 times to get uid then quit attempt_count++; //attempt 3 times to get uid then quit
if ((bStop == false) && (attempt_count == 3)) { if ((bStop == false) && (attempt_count == 3)) {
bStop = true; bStop = true;
@ -1780,6 +1789,7 @@ void ReaderHitag(hitag_function htf, const hitag_data *htd, bool ledcontrol) {
lf_wait_periods(t_wait_2); lf_wait_periods(t_wait_2);
command_start += t_wait_2; command_start += t_wait_2;
} }
// Transmit the reader frame // Transmit the reader frame
command_duration = hitag_reader_send_frame(tx, txlen, ledcontrol); command_duration = hitag_reader_send_frame(tx, txlen, ledcontrol);
response_start = command_start + command_duration; response_start = command_start + command_duration;
@ -1787,6 +1797,7 @@ void ReaderHitag(hitag_function htf, const hitag_data *htd, bool ledcontrol) {
// Let the antenna and ADC values settle // Let the antenna and ADC values settle
// And find the position where edge sampling should start // And find the position where edge sampling should start
lf_wait_periods(t_wait_1 - t_wait_1_guard); lf_wait_periods(t_wait_1 - t_wait_1_guard);
response_start += t_wait_1 - t_wait_1_guard; response_start += t_wait_1 - t_wait_1_guard;
// Keep administration of the first edge detection // Keep administration of the first edge detection
@ -1808,7 +1819,10 @@ void ReaderHitag(hitag_function htf, const hitag_data *htd, bool ledcontrol) {
// Are we dealing with the first incoming edge // Are we dealing with the first incoming edge
if (waiting_for_first_edge) { if (waiting_for_first_edge) {
// Just break out of loop after an initial time-out (tag is probably not available) // Just break out of loop after an initial time-out (tag is probably not available)
if (periods == 0) break; if (periods == 0) {
break;
}
if (tag_modulation == 0) { if (tag_modulation == 0) {
// hitag replies always start with 11111 == 1010101010, if we see 0 // hitag replies always start with 11111 == 1010101010, if we see 0
// it means we missed the first period, e.g. if the signal never crossed 0 since reader signal // it means we missed the first period, e.g. if the signal never crossed 0 since reader signal
@ -1832,7 +1846,7 @@ void ReaderHitag(hitag_function htf, const hitag_data *htd, bool ledcontrol) {
} else { } else {
// The function lf_count_edge_periods() returns 0 when a time-out occurs // The function lf_count_edge_periods() returns 0 when a time-out occurs
if (periods == 0) { if (periods == 0) {
DBG Dbprintf("Detected timeout after [%d] nrz samples", nrzs); DBG Dbprintf("Detected timeout after [" _YELLOW_("%zu") "] nrz samples", nrzs);
break; break;
} }
} }
@ -1853,7 +1867,7 @@ void ReaderHitag(hitag_function htf, const hitag_data *htd, bool ledcontrol) {
tag_modulation ^= 1; tag_modulation ^= 1;
} else { } else {
// The function lf_count_edge_periods() returns > 64 periods, this is not a valid number periods // The function lf_count_edge_periods() returns > 64 periods, this is not a valid number periods
DBG Dbprintf("Detected unexpected period count: %d", periods); DBG Dbprintf("Detected unexpected period count: " _RED_("%zu"), periods);
break; break;
} }
} }
@ -1861,16 +1875,16 @@ void ReaderHitag(hitag_function htf, const hitag_data *htd, bool ledcontrol) {
// Store the TX frame, we do this now at this point, to avoid delay in processing // Store the TX frame, we do this now at this point, to avoid delay in processing
// and to be able to overwrite the first samples with the trace (since they currently // and to be able to overwrite the first samples with the trace (since they currently
// still use the same memory space) // still use the same memory space)
if (txlen > 0) {
LogTraceBits(tx, txlen, command_start, command_start + command_duration, true); LogTraceBits(tx, txlen, command_start, command_start + command_duration, true);
}
// Reset values for receiving frames // Reset values for receiving frames
memset(rx, 0x00, sizeof(rx)); memset(rx, 0x00, sizeof(rx));
rxlen = 0; rxlen = 0;
// If there is no response, just repeat the loop // If there is no response, just repeat the loop
if (!detected_tag_modulation) continue; if (detected_tag_modulation == false) {
continue;
}
// Make sure we always have an even number of samples. This fixes the problem // Make sure we always have an even number of samples. This fixes the problem
// of ending the manchester decoding with a zero. See the example below where // of ending the manchester decoding with a zero. See the example below where
@ -1892,36 +1906,41 @@ void ReaderHitag(hitag_function htf, const hitag_data *htd, bool ledcontrol) {
// Verify if the header consists of five consecutive ones // Verify if the header consists of five consecutive ones
if (nrzs < 5) { if (nrzs < 5) {
DBG Dbprintf("Detected unexpected number of manchester decoded samples [%d]", nrzs); DBG Dbprintf("Detected unexpected number of manchester decoded samples [%zu]", nrzs);
break; break;
} else { } else {
size_t i; size_t i;
for (i = 0; i < 5; i++) { for (i = 0; i < 5; i++) {
if (nrz_samples[i] != 1) { if (nrz_samples[i] != 1) {
DBG Dbprintf("Detected incorrect header, the bit [%d] is zero instead of one, abort", i); DBG Dbprintf("Detected incorrect header, the bit [%zu] is zero instead of one, abort", i);
break; break;
} }
} }
if (i < 5) break; if (i < 5) {
break;
}
} }
// Pack the response into a byte array // Pack the response into a byte array
for (size_t i = 5; i < nrzs && rxlen < (sizeof(rx) << 3); i++) { for (size_t i = 5; i < nrzs && rxlen < (sizeof(rx) << 3); i++) {
uint8_t bit = nrz_samples[i]; uint8_t bit = nrz_samples[i];
if (bit > 1) { // When Manchester detects impossible symbol it writes "7" if (bit > 1) { // When Manchester detects impossible symbol it writes "7"
DBG Dbprintf("Error in Manchester decoding, abort"); DBG Dbprintf("Error in Manchester decoding, abort");
break; break;
} }
rx[rxlen >> 3] |= bit << (7 - (rxlen % 8)); rx[rxlen >> 3] |= bit << (7 - (rxlen % 8));
rxlen++; rxlen++;
} }
if (rxlen % 8 == 1) // skip spurious bit // skip spurious bit
if (rxlen % 8 == 1) {
rxlen--; rxlen--;
}
// Check if frame was captured and store it // Check if frame was captured and store it
if (rxlen > 0) {
LogTraceBits(rx, rxlen, response_start, response_start + response_duration, false); LogTraceBits(rx, rxlen, response_start, response_start + response_duration, false);
// TODO when using cumulative time for command_start, pm3 doesn't reply anymore, e.g. on lf hitag reader --23 -k 4F4E4D494B52 // TODO when using cumulative time for command_start, pm3 doesn't reply anymore, e.g. on lf hitag reader --23 -k 4F4E4D494B52
@ -1955,8 +1974,10 @@ void WriterHitag(hitag_function htf, const hitag_data *htd, int page, bool ledco
uint32_t command_duration = 0; uint32_t command_duration = 0;
uint32_t response_start = 0; uint32_t response_start = 0;
uint32_t response_duration = 0; uint32_t response_duration = 0;
uint8_t rx[HITAG_FRAME_LEN]; uint8_t rx[HITAG_FRAME_LEN];
size_t rxlen = 0; size_t rxlen = 0;
uint8_t txbuf[HITAG_FRAME_LEN]; uint8_t txbuf[HITAG_FRAME_LEN];
uint8_t *tx = txbuf; uint8_t *tx = txbuf;
size_t txlen = 0; size_t txlen = 0;
@ -1973,7 +1994,9 @@ void WriterHitag(hitag_function htf, const hitag_data *htd, int page, bool ledco
// Reset the return status // Reset the return status
bSuccessful = false; bSuccessful = false;
bCrypto = false;
writestate = WRITE_STATE_START;
blocknr = 0;
// Clean up trace and prepare it for storing frames // Clean up trace and prepare it for storing frames
set_tracing(true); set_tracing(true);
@ -2090,7 +2113,10 @@ void WriterHitag(hitag_function htf, const hitag_data *htd, int page, bool ledco
} }
} }
if (bStop) break; if (bStop) {
break;
}
if (turn_on) { if (turn_on) {
// Wait 50ms with field off to be sure the transponder gets reset // Wait 50ms with field off to be sure the transponder gets reset
SpinDelay(50); SpinDelay(50);
@ -2113,6 +2139,7 @@ void WriterHitag(hitag_function htf, const hitag_data *htd, int page, bool ledco
// Let the antenna and ADC values settle // Let the antenna and ADC values settle
// And find the position where edge sampling should start // And find the position where edge sampling should start
lf_wait_periods(t_wait_1 - t_wait_1_guard); lf_wait_periods(t_wait_1 - t_wait_1_guard);
response_start += t_wait_1 - t_wait_1_guard; response_start += t_wait_1 - t_wait_1_guard;
// Keep administration of the first edge detection // Keep administration of the first edge detection
@ -2133,7 +2160,10 @@ void WriterHitag(hitag_function htf, const hitag_data *htd, int page, bool ledco
// Are we dealing with the first incoming edge // Are we dealing with the first incoming edge
if (waiting_for_first_edge) { if (waiting_for_first_edge) {
// Just break out of loop after an initial time-out (tag is probably not available) // Just break out of loop after an initial time-out (tag is probably not available)
if (periods == 0) break; if (periods == 0) {
break;
}
if (tag_modulation == 0) { if (tag_modulation == 0) {
// hitag replies always start with 11111 == 1010101010, if we see 0 // hitag replies always start with 11111 == 1010101010, if we see 0
// it means we missed the first period, e.g. if the signal never crossed 0 since reader signal // it means we missed the first period, e.g. if the signal never crossed 0 since reader signal
@ -2157,7 +2187,7 @@ void WriterHitag(hitag_function htf, const hitag_data *htd, int page, bool ledco
} else { } else {
// The function lf_count_edge_periods() returns 0 when a time-out occurs // The function lf_count_edge_periods() returns 0 when a time-out occurs
if (periods == 0) { if (periods == 0) {
//Dbprintf("Detected timeout after [%d] nrz samples", nrzs); DBG Dbprintf("Detected timeout after [" _YELLOW_("%zu") "] nrz samples", nrzs);
break; break;
} }
} }
@ -2178,27 +2208,26 @@ void WriterHitag(hitag_function htf, const hitag_data *htd, int page, bool ledco
tag_modulation ^= 1; tag_modulation ^= 1;
} else { } else {
// The function lf_count_edge_periods() returns > 64 periods, this is not a valid number periods // The function lf_count_edge_periods() returns > 64 periods, this is not a valid number periods
//Dbprintf("Detected unexpected period count: %d", periods); DBG Dbprintf("Detected unexpected period count: " _RED_("%zu"), periods);
break; break;
} }
} }
// Wait some extra time for flash to be programmed // Wait some extra time for flash to be programmed
//
// Store the TX frame, we do this now at this point, to avoid delay in processing // Store the TX frame, we do this now at this point, to avoid delay in processing
// and to be able to overwrite the first samples with the trace (since they currently // and to be able to overwrite the first samples with the trace (since they currently
// still use the same memory space) // still use the same memory space)
if (txlen > 0) {
LogTraceBits(tx, txlen, command_start, command_start + command_duration, true); LogTraceBits(tx, txlen, command_start, command_start + command_duration, true);
}
// Reset values for receiving frames // Reset values for receiving frames
memset(rx, 0x00, sizeof(rx)); memset(rx, 0x00, sizeof(rx));
rxlen = 0; rxlen = 0;
// If there is no response, just repeat the loop // If there is no response, just repeat the loop
if (!detected_tag_modulation) continue; if (detected_tag_modulation == false) {
continue;
}
// Make sure we always have an even number of samples. This fixes the problem // Make sure we always have an even number of samples. This fixes the problem
// of ending the manchester decoding with a zero. See the example below where // of ending the manchester decoding with a zero. See the example below where
@ -2220,40 +2249,50 @@ void WriterHitag(hitag_function htf, const hitag_data *htd, int page, bool ledco
// Verify if the header consists of five consecutive ones // Verify if the header consists of five consecutive ones
if (nrzs < 5) { if (nrzs < 5) {
DBG Dbprintf("Detected unexpected number of manchester decoded samples [%zu]", nrzs);
break; break;
} else { } else {
size_t i; size_t i;
for (i = 0; i < 5; i++) { for (i = 0; i < 5; i++) {
if (nrz_samples[i] != 1) { if (nrz_samples[i] != 1) {
Dbprintf("Detected incorrect header, the bit [%d] is zero instead of one, abort", i); DBG Dbprintf("Detected incorrect header, the bit " _YELLOW_("%zu") " is zero instead of one, abort", i);
break; break;
} }
} }
if (i < 5) break;
if (i < 5) {
break;
}
} }
// Pack the response into a byte array // Pack the response into a byte array
for (size_t i = 5; i < nrzs && rxlen < (sizeof(rx) << 3); i++) { for (size_t i = 5; i < nrzs && rxlen < (sizeof(rx) << 3); i++) {
uint8_t bit = nrz_samples[i]; uint8_t bit = nrz_samples[i];
if (bit > 1) { // When Manchester detects impossible symbol it writes "7"
// When Manchester detects impossible symbol it writes "7"
if (bit > 1) {
DBG Dbprintf("Error in Manchester decoding, abort");
break; break;
} }
// >> 3 instead of div by 8 // >> 3 instead of div by 8
rx[rxlen >> 3] |= bit << (7 - (rxlen % 8)); rx[rxlen >> 3] |= bit << (7 - (rxlen % 8));
rxlen++; rxlen++;
} }
if (rxlen % 8 == 1) // skip spurious bit // skip spurious bit
if (rxlen % 8 == 1) {
rxlen--; rxlen--;
}
// Check if frame was captured and store it // Check if frame was captured and store it
if (rxlen > 0) {
LogTraceBits(rx, rxlen, response_start, response_start + response_duration, false); LogTraceBits(rx, rxlen, response_start, response_start + response_duration, false);
command_start = 0; command_start = 0;
} nrzs = 0;
} }
out: out:
lf_finalize(ledcontrol); lf_finalize(ledcontrol);