better fix for the PAGEMAP issue

2025-08-20 05:13:46 -07:00 · 2023-10-09 15:14:53 +02:00 · 2023-10-09 15:14:53 +02:00 · 7b3e84c0d6
commit 7b3e84c0d6
parent d41f0c394e
4 changed files with 32 additions and 26 deletions
--- a/armsrc/iclass.c
+++ b/armsrc/iclass.c
@ -36,9 +36,10 @@
 #include "protocols.h"
 #include "ticks.h"
 #include "iso15693.h"
-#include "iclass_cmd.h"              /* iclass_card_select_t struct */
+#include "iclass_cmd.h"              // iclass_card_select_t struct
+#include "i2c.h"                     // i2c defines (SIM module access)

-static uint8_t get_pagemap(const picopass_hdr_t *hdr) {
+uint8_t get_pagemap(const picopass_hdr_t *hdr) {
    return (hdr->conf.fuses & (FUSE_CRYPT0 | FUSE_CRYPT1)) >> 3;
 }

@ -52,23 +53,6 @@ static uint8_t get_pagemap(const picopass_hdr_t *hdr) {
 #define ICLASS_16KS_SIZE       0x100 * 8
 #endif

-// iCLASS has a slightly different timing compared to ISO15693. According to the picopass data sheet the tag response is expected 330us after
-// the reader command. This is measured from end of reader EOF to first modulation of the tag's SOF which starts with a 56,64us unmodulated period.
-// 330us = 140 ssp_clk cycles @ 423,75kHz when simulating.
-// 56,64us = 24 ssp_clk_cycles
-#define DELAY_ICLASS_VCD_TO_VICC_SIM     (140 - 26) // (140 - 24)
-
-// times in ssp_clk_cycles @ 3,3625MHz when acting as reader
-#define DELAY_ICLASS_VICC_TO_VCD_READER  DELAY_ISO15693_VICC_TO_VCD_READER
-
-// times in samples @ 212kHz when acting as reader
-#define ICLASS_READER_TIMEOUT_ACTALL     330 // 1558us, nominal 330us + 7slots*160us = 1450us
-#define ICLASS_READER_TIMEOUT_UPDATE    3390 // 16000us, nominal 4-15ms
-#define ICLASS_READER_TIMEOUT_OTHERS      80 // 380us, nominal 330us
-
-#define AddCrc(data, len) compute_crc(CRC_ICLASS, (data), (len), (data)+(len), (data)+(len)+1)
-
-
 /*
 * CARD TO READER
 * in ISO15693-2 mode -  Manchester
@ -1245,7 +1229,7 @@ send:
 }

 // THE READER CODE
-static void iclass_send_as_reader(uint8_t *frame, int len, uint32_t *start_time, uint32_t *end_time, bool shallow_mod) {
+void iclass_send_as_reader(uint8_t *frame, int len, uint32_t *start_time, uint32_t *end_time, bool shallow_mod) {
    CodeIso15693AsReader(frame, len);
    tosend_t *ts = get_tosend();
    TransmitTo15693Tag(ts->buf, ts->max, start_time, shallow_mod);
@ -1902,7 +1886,7 @@ void iClass_WriteBlock(uint8_t *msg) {
    }

    // verify write
-    if (pagemap == PICOPASS_SECURE_PAGEMODE && payload->req.blockno == 2) {
+    if ((pagemap != PICOPASS_NON_SECURE_PAGEMODE) && (payload->req.blockno == 2)) {
        // check response. e-purse update swaps first and second half
        if (memcmp(payload->data + 4, resp, 4) || memcmp(payload->data, resp + 4, 4)) {
            res = false;
@ -1910,7 +1894,7 @@ void iClass_WriteBlock(uint8_t *msg) {
        }
    } 

-    if (pagemap == PICOPASS_SECURE_PAGEMODE && (payload->req.blockno == 3 || payload->req.blockno == 4)) {
+    if ((pagemap != PICOPASS_NON_SECURE_PAGEMODE) && (payload->req.blockno == 3 || payload->req.blockno == 4)) {
        // check response. Key updates always return 0xffffffffffffffff
        uint8_t all_ff[8] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
        if (memcmp(all_ff, resp, sizeof(all_ff))) {
--- a/armsrc/iclass.h
+++ b/armsrc/iclass.h
@ -21,6 +21,23 @@
 #include "common.h"
 #include "iclass_cmd.h"

+// iCLASS has a slightly different timing compared to ISO15693. According to the picopass data sheet the tag response is expected 330us after
+// the reader command. This is measured from end of reader EOF to first modulation of the tag's SOF which starts with a 56,64us unmodulated period.
+// 330us = 140 ssp_clk cycles @ 423,75kHz when simulating.
+// 56,64us = 24 ssp_clk_cycles
+#define DELAY_ICLASS_VCD_TO_VICC_SIM     (140 - 26) // (140 - 24)
+
+// times in ssp_clk_cycles @ 3,3625MHz when acting as reader
+#define DELAY_ICLASS_VICC_TO_VCD_READER  DELAY_ISO15693_VICC_TO_VCD_READER
+
+
+// times in samples @ 212kHz when acting as reader
+#define ICLASS_READER_TIMEOUT_ACTALL     330 // 1558us, nominal 330us + 7slots*160us = 1450us
+#define ICLASS_READER_TIMEOUT_UPDATE    3390 // 16000us, nominal 4-15ms
+#define ICLASS_READER_TIMEOUT_OTHERS      80 // 380us, nominal 330us
+
+#define AddCrc(data, len) compute_crc(CRC_ICLASS, (data), (len), (data)+(len), (data)+(len)+1)
+
 void SniffIClass(uint8_t jam_search_len, uint8_t *jam_search_string);
 void ReaderIClass(uint8_t flags);

@ -43,4 +60,7 @@ bool iclass_read_block(uint16_t blockno, uint8_t *data, uint32_t *start_time, ui

 bool select_iclass_tag(picopass_hdr_t *hdr, bool use_credit_key, uint32_t *eof_time, bool shallow_mod);
 bool authenticate_iclass_tag(iclass_auth_req_t *payload, picopass_hdr_t *hdr, uint32_t *start_time, uint32_t *eof_time, uint8_t *mac_out);
+
+uint8_t get_pagemap(const picopass_hdr_t *hdr);
+void iclass_send_as_reader(uint8_t *frame, int len, uint32_t *start_time, uint32_t *end_time, bool shallow_mod);
 #endif
--- a/client/src/cmdhficlass.c
+++ b/client/src/cmdhficlass.c
@ -2201,6 +2201,7 @@ static int CmdHFiClass_WriteBlock(const char *Cmd) {
            PrintAndLogEx(FAILED, "Writing failed");
            break;
    }
+    PrintAndLogEx(NORMAL, "");
    return isok;
 }

--- a/include/protocols.h
+++ b/include/protocols.h
@ -442,9 +442,10 @@ ISO 7816-4 Basic interindustry commands. For command APDU's.
 #define FUSE_RA      0x01

 // Picopass Pagemode fuses
+#define PICOPASS_SECURE_PAGEMODE_AUTH_DISABLED      0x00
 #define PICOPASS_NON_SECURE_PAGEMODE                0x01
-#define PICOPASS_SECURE_PAGEMODE     0x03
-
+#define PICOPASS_SECURE_PAGEMODE_KEYS_LOCKED        0x02 
+#define PICOPASS_SECURE_PAGEMODE_KEYS_MODIFIABLE    0x03

 // ISO 7816-4 Basic interindustry commands. For command APDU's.
 #define ISO7816_READ_BINARY             0xB0