github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-07-05 20:41:34 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Unified hitag naming style

Browse source
This commit is contained in:
douniwan5788 2024-08-21 16:32:30 +08:00
parent a7b5961688
commit d15537bbf1
10 changed files with 52 additions and 51 deletions
Download patch file Download diff file Expand all files Collapse all files

2
armsrc/fpgaloader.h
View file

@ -63,7 +63,7 @@
000 FPGA_MAJOR_MODE_LF_READER = Act as LF reader (modulate)
001 FPGA_MAJOR_MODE_LF_EDGE_DETECT = Simulate LF
010 FPGA_MAJOR_MODE_LF_PASSTHRU = Passthrough mode, CROSS_LO line connected to SSP_DIN. SSP_DOUT logic level controls if we modulate / listening
011 FPGA_MAJOR_MODE_LF_ADC = refactor hitag2, clear ADC sampling
011 FPGA_MAJOR_MODE_LF_ADC = refactor hitag 2, clear ADC sampling
111 FPGA_MAJOR_MODE_OFF = turn off sampling.
Each one of this major modes can have options. Currently these two major modes uses options.

32
armsrc/hitag2.c
View file

@ -70,7 +70,7 @@ static hitag2_t tag = {
[9] = { 0x00, 0x00, 0x00, 0x00}, // RSK High
[10] = { 0x00, 0x00, 0x00, 0x00}, // RCF
[11] = { 0x00, 0x00, 0x00, 0x00}, // SYNC
// up to index 15 reserved for HITAG1/HITAGS public data
// up to index 15 reserved for HITAG 1/HITAG S public data
},
};
@ -641,7 +641,7 @@ static bool hitag1_authenticate(uint8_t *rx, const size_t rxlen, uint8_t *tx, si
}
//-----------------------------------------------------------------------------
// Hitag2 operations
// Hitag 2 operations
//-----------------------------------------------------------------------------
static bool hitag2_write_page(uint8_t *rx, const size_t rxlen, uint8_t *tx, size_t *txlen) {
@ -1030,7 +1030,7 @@ static bool hitag2_test_auth_attempts(uint8_t *rx, const size_t rxlen, uint8_t *
return true;
}
// Hitag2 Sniffing
// Hitag 2 Sniffing
void hitag_sniff(void) {
FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
@ -1414,7 +1414,7 @@ void SniffHitag2(bool ledcontrol) {
}
// Hitag2 simulation
// Hitag 2 simulation
void SimulateHitag2(bool ledcontrol) {
BigBuf_free();
@ -1438,7 +1438,7 @@ void SimulateHitag2(bool ledcontrol) {
// memset(rx, 0x00, sizeof(rx));
// memset(tx, 0x00, sizeof(tx));
DbpString("Starting Hitag2 simulation");
DbpString("Starting Hitag 2 simulation");
// hitag2 state machine?
hitag2_init();
@ -1757,28 +1757,28 @@ void ReaderHitag(const lf_hitag_data_t *payload, bool ledcontrol) {
if (ledcontrol) LED_D_ON();
// hitag2 state machine?
// hitag 2 state machine?
hitag2_init();
// Tag specific configuration settings (sof, timings, etc.)
// TODO HTS
/* if (payload->cmd <= HTS_LAST_CMD) {
// hitagS settings
// hitag S settings
t_wait_1 = 204;
t_wait_2 = 128;
flipped_bit = 0;
tag_size = 8;
DBG DbpString("Configured for " _YELLOW_("HitagS") " reader");
DBG DbpString("Configured for " _YELLOW_("Hitag S") " reader");
} else */
if (payload->cmd <= HT1_LAST_CMD) {
// hitag1 settings
// hitag 1 settings
t_wait_1 = 204;
t_wait_2 = 128;
tag_size = 256;
flipped_bit = 0;
DBG DbpString("Configured for " _YELLOW_("Hitag 1") " reader");
} else if (payload->cmd <= HT2_LAST_CMD) {
// hitag2 settings
// hitag 2 settings
t_wait_1 = HITAG_T_WAIT_1_MIN;
t_wait_2 = HITAG_T_WAIT_2_MIN;
tag_size = 48;
@ -2131,24 +2131,24 @@ void WriterHitag(const lf_hitag_data_t *payload, bool ledcontrol) {
// Tag specific configuration settings (sof, timings, etc.)
// TODO HTS
/* if (payload->cmd <= HTS_LAST_CMD) {
// hitagS settings
// hitag S settings
t_wait_1 = 204;
t_wait_2 = 128;
//tag_size = 256;
flipped_bit = 0;
tag_size = 8;
DBG DbpString("Configured for " _YELLOW_("HitagS") " writer");
DBG DbpString("Configured for " _YELLOW_("Hitag S") " writer");
} else
*/
if (payload->cmd <= HT1_LAST_CMD) {
// hitag1 settings
// hitag 1 settings
t_wait_1 = 204;
t_wait_2 = 128;
tag_size = 256;
flipped_bit = 0;
DBG DbpString("Configured for " _YELLOW_("Hitag 1") " writer");
} else if (payload->cmd <= HT2_LAST_CMD) {
// hitag2 settings
// hitag 2 settings
t_wait_1 = HITAG_T_WAIT_1_MIN;
t_wait_2 = HITAG_T_WAIT_2_MIN;
tag_size = 48;
@ -2564,7 +2564,7 @@ bool ht2_packbits(uint8_t *nrz_samples, size_t nrzs, uint8_t *rx, size_t *rxlen)
return false;
}
// detect hitag2 header
// detect hitag 2 header
if (memcmp(nrz_samples, "\x01\x01\x01\x01\x01", 5)) {
return false;
}
@ -2599,7 +2599,7 @@ int ht2_read_uid(uint8_t *uid, bool ledcontrol, bool send_answer, bool keep_fiel
clear_trace();
}
// hitag2 state machine?
// hitag 2 state machine?
hitag2_init();
// init as reader

2
armsrc/hitag2.h
View file

@ -13,7 +13,7 @@
//
// See LICENSE.txt for the text of the license.
//-----------------------------------------------------------------------------
// Hitag2 type prototyping
// Hitag 2 type prototyping
//-----------------------------------------------------------------------------
#ifndef _HITAG2_H_

6
armsrc/hitagS.c
View file

@ -15,7 +15,7 @@
//
// See LICENSE.txt for the text of the license.
//-----------------------------------------------------------------------------
// HitagS emulation (preliminary test version)
// Hitag S emulation (preliminary test version)
//-----------------------------------------------------------------------------
#include "hitagS.h"
@ -750,7 +750,7 @@ void SimulateHitagSTag(bool tag_mem_supplied, const uint8_t *data, bool ledcontr
set_tracing(true);
clear_trace();
DbpString("Starting HitagS simulation");
DbpString("Starting Hitag S simulation");
if (ledcontrol) LED_D_ON();
tag.pstate = HT_READY;
@ -765,7 +765,7 @@ void SimulateHitagSTag(bool tag_mem_supplied, const uint8_t *data, bool ledcontr
}
}
DbpString("Loading hitagS memory...");
DbpString("Loading hitag S memory...");
memcpy((uint8_t *)tag.pages, data, 4 * 64);
} else {
// use the last read tag

9
client/src/cmdlf.c
View file

@ -246,10 +246,11 @@ int CmdLFCommandRead(const char *Cmd) {
CLIParserInit(&ctx, "lf cmdread",
"Modulate LF reader field to send command before read. All periods in microseconds.\n"
" - use " _YELLOW_("`lf config`") _CYAN_(" to set parameters"),
"lf cmdread -d 50 -z 116 -o 166 -e W3000 -c W00110 --> probing for Hitag1/S\n"
"lf cmdread -d 50 -z 116 -o 166 -e W3000 -c W11000 --> probing for Hitag2\n"
"lf cmdread -d 50 -z 116 -o 166 -e W3000 -c W11000 -s 2000 -@ --> probing for Hitag2, oscilloscope style\n"
"lf cmdread -d 48 -z 112 -o 176 -e W3000 -e S240 -e E336 -c W0S00000010000E --> probing for Hitag (us)\n"
"lf cmdread -d 50 -z 116 -o 166 -e W3000 -c W00110 --> probing for Hitag 1/S\n"
"lf cmdread -d 50 -z 116 -o 166 -e W3000 -c W11000 --> probing for Hitag 2/S\n"
"lf cmdread -d 50 -z 116 -o 166 -e W3000 -c W11010 --> probing for Hitag S\n"
"lf cmdread -d 50 -z 116 -o 166 -e W3000 -c W11000 -s 2000 -@ --> probing for Hitag 2/S, oscilloscope style\n"
"lf cmdread -d 48 -z 112 -o 176 -e W3000 -e S240 -e E336 -c W0S00000010000E --> probing for Hitag µ(micro)\n"
);
char div_str[70] = {0};

28
client/src/cmdlfhitag.c
View file

@ -308,7 +308,7 @@ static void print_hitag2_configuration(uint32_t uid, uint8_t config) {
PrintAndLogEx(SUCCESS, " %s", sprint_breakdown_bin(C_NONE, bs, 8, 5, 2, "Public mode C, Coding: biphase"));
break;
case 3:
PrintAndLogEx(SUCCESS, " %s", sprint_breakdown_bin(C_NONE, bs, 8, 5, 2, "Hitag2"));
PrintAndLogEx(SUCCESS, " %s", sprint_breakdown_bin(C_NONE, bs, 8, 5, 2, "Hitag 2"));
break;
}
@ -815,7 +815,7 @@ static bool getHitag2Uid(uint32_t *uid) {
static int CmdLFHitagInfo(const char *Cmd) {
CLIParserContext *ctx;
CLIParserInit(&ctx, "lf hitag info",
"Hitag2 tag information",
"Hitag 2 tag information",
"lf hitag info"
);
@ -858,7 +858,7 @@ static int CmdLFHitagInfo(const char *Cmd) {
static int CmdLFHitagReader(const char *Cmd) {
CLIParserContext *ctx;
CLIParserInit(&ctx, "lf hitag reader",
"Act as a Hitag2 reader. Look for Hitag2 tags until Enter or the pm3 button is pressed\n",
"Act as a Hitag 2 reader. Look for Hitag 2 tags until Enter or the pm3 button is pressed\n",
"lf hitag reader\n"
"lf hitag reader -@ -> Continuous mode"
);
@ -891,17 +891,17 @@ static int CmdLFHitagRd(const char *Cmd) {
CLIParserContext *ctx;
CLIParserInit(&ctx, "lf hitag read",
"Read Hitag memory. It support HitagS and Hitag 2\n\n"
"Read Hitag memory. It support Hitag S and Hitag 2\n\n"
" Password mode:\n"
" - default key 4D494B52 (MIKR)\n\n"
" Crypto mode: \n"
" - key format ISK high + ISK low\n"
" - default key 4F4E4D494B52 (ONMIKR)\n"
,
" lf hitag read --hts -> HitagS, plain mode\n"
" lf hitag read --hts --nrar 0102030411223344 -> HitagS, challenge mode\n"
" lf hitag read --hts --crypto -> HitagS, crypto mode, def key\n"
" lf hitag read --hts -k 4F4E4D494B52 -> HitagS, crypto mode\n\n"
" lf hitag read --hts -> Hitag S, plain mode\n"
" lf hitag read --hts --nrar 0102030411223344 -> Hitag S, challenge mode\n"
" lf hitag read --hts --crypto -> Hitag S, crypto mode, def key\n"
" lf hitag read --hts -k 4F4E4D494B52 -> Hitag S, crypto mode\n\n"
" lf hitag read --ht2 --pwd -> Hitag 2, pwd mode, def key\n"
" lf hitag read --ht2 -k 4D494B52 -> Hitag 2, pwd mode\n"
" lf hitag read --ht2 --nrar 0102030411223344 -> Hitag 2, challenge mode\n"
@ -2018,7 +2018,7 @@ static int CmdLFHitag2Lookup(const char *Cmd) {
CLIParserContext *ctx;
CLIParserInit(&ctx, "lf hitag lookup",
"This command take sniffed trace data and try to recovery a Hitag2 crypto key.\n"
"This command take sniffed trace data and try to recovery a Hitag 2 crypto key.\n"
" You can either\n"
" - verify that NR/AR matches a known crypto key\n"
" - verify if NR/AR matches a known 6 byte crypto key in a dictionary",
@ -2232,7 +2232,7 @@ static int CmdLFHitag2Lookup(const char *Cmd) {
static int CmdLFHitag2Crack2(const char *Cmd) {
CLIParserContext *ctx;
CLIParserInit(&ctx, "lf hitag crack2",
"This command tries to recover 2048 bits of Hitag2 crypto stream data.\n",
"This command tries to recover 2048 bits of Hitag 2 crypto stream data.\n",
"lf hitag crack2 --nrar 73AA5A62EAB8529C"
);
@ -2439,7 +2439,7 @@ static int CmdLFHitag2Selftest(const char *Cmd) {
CLIExecWithReturn(ctx, Cmd, argtable, true);
CLIParserFree(ctx);
PrintAndLogEx(INFO, "======== " _CYAN_("Hitag2 crypto test") " ============================");
PrintAndLogEx(INFO, "======== " _CYAN_("Hitag 2 crypto test") " ============================");
uint64_t test = hitag2_verify_crypto_test();
PrintAndLogEx(INFO, "Crypto self test ( %s )", test ? _GREEN_("ok") : _RED_("fail"));
@ -2447,13 +2447,13 @@ static int CmdLFHitag2Selftest(const char *Cmd) {
PrintAndLogEx(INFO, "Crypto self test ROUND ( %s )", test ? _GREEN_("ok") : _RED_("fail"));
test |= hitag2_benchtest(1);
PrintAndLogEx(INFO, "Hitag2 crypto, init + gen 32 bits ( us %" PRIu64 " )", test);
PrintAndLogEx(INFO, "Hitag 2 crypto, init + gen 32 bits ( us %" PRIu64 " )", test);
test |= hitag2_benchtest_gen32();
PrintAndLogEx(INFO, "Hitag2 crypto, gen new 32 bits only ( us: %" PRIu64 " )", test);
PrintAndLogEx(INFO, "Hitag 2 crypto, gen new 32 bits only ( us: %" PRIu64 " )", test);
test |= hitag2_benchtest(1000);
PrintAndLogEx(INFO, "Hitag2 crypto, init + gen 32 bits, x1000 ( us: %" PRIu64 " )", test);
PrintAndLogEx(INFO, "Hitag 2 crypto, init + gen 32 bits, x1000 ( us: %" PRIu64 " )", test);
PrintAndLogEx(INFO, "--------------------------------------------------------");
PrintAndLogEx(SUCCESS, "Tests ( %s )", (test) ? _GREEN_("ok") : _RED_("fail"));

2
include/hitag.h
View file

@ -13,7 +13,7 @@
//
// See LICENSE.txt for the text of the license.
//-----------------------------------------------------------------------------
// Hitag2, HitagS
// Hitag 2, Hitag S
//-----------------------------------------------------------------------------

4
include/pm3_cmd.h
View file

@ -582,7 +582,7 @@ typedef struct {
#define CMD_LF_SNIFF_RAW_ADC 0x0360
// For Hitag2 transponders
// For Hitag 2 transponders
#define CMD_LF_HITAG_SNIFF 0x0370
#define CMD_LF_HITAG_SIMULATE 0x0371
#define CMD_LF_HITAG_READER 0x0372
@ -590,7 +590,7 @@ typedef struct {
#define CMD_LF_HITAG2_CRACK 0x0378
#define CMD_LF_HITAG2_CRACK_2 0x0379
// For HitagS
// For Hitag S
#define CMD_LF_HITAGS_TEST_TRACES 0x0367
#define CMD_LF_HITAGS_SIMULATE 0x0368
#define CMD_LF_HITAGS_READ 0x0373

4
include/protocols.h
View file

@ -896,7 +896,7 @@ ISO 7816-4 Basic interindustry commands. For command APDU's.
#define CALYPSO_SAM_SV_DEBIT 0x54
#define CALYPSO_SAM_SV_RELOAD 0x56
// HITAG1 commands
// HITAG 1 commands
#define HITAG1_SET_CCNEW 0xC2 // left 5 bits only
#define HITAG1_READ_ID 0x00 // not a real command, consists of 5 bits length, <length> bits partial SN, 8 bits CRC
#define HITAG1_SELECT 0x00 // left 5 bits only, followed by 32 bits SN and 8 bits CRC
@ -910,7 +910,7 @@ ISO 7816-4 Basic interindustry commands. For command APDU's.
#define HITAG1_RDCBLK 0xF0 // left 4 bits only, followed by 8 bits block and 8 bits CRC
#define HITAG1_HALT 0x70 // left 4 bits only, followed by 8 bits (dummy) page and 8 bits CRC
// HITAG2 commands
// HITAG 2 commands
#define HITAG2_START_AUTH "11000" // get UID and/or start the authentication process
#define HITAG2_READ_PAGE "11" // read page after auth
#define HITAG2_READ_PAGE_INVERTED "01" // as read page but all bits inverted

14
tools/hitag2crack/common/hitagcrypto.c
View file

@ -166,9 +166,9 @@
length coding
+ Modulation transponder -> read/write device: Strong ASK modulation,
selectable Manchester or Biphase coding
+ Hitag S, Hitag u; anti-collision procedure
+ Hitag S, Hitag µ; anti-collision procedure
+ Fast anti-collision protocol
+ Hitag u; optional Cyclic Redundancy Check (CRC)
+ Hitag µ; optional Cyclic Redundancy Check (CRC)
+ Reader Talks First mode
+ Hitag 2 & later; Transponder Talks First (TTF) mode
+ Temporary switch from Transponder Talks First into Reader Talks First
@ -177,7 +177,7 @@
+ Data rates transponder to read/write device: 2 kbit/s, 4 kbit/s, 8 kbit/s
+ 32-bit password feature
+ Hitag 2, S = 32-bit Unique Identifier
+ Hitag u = 48-bit Unique Identifier
+ Hitag µ = 48-bit Unique Identifier
+ Selectable password modes for reader / tag mutual authentication
(Hitag 1 has 2 pairs of keys, later versions have 1 pair)
+ Hitag 2 & Hitag S; Selectable encrypted mode, 48 bit key
@ -194,10 +194,10 @@
HITAG S 256 256 bits total memory Read/Write
HITAG S 2048 2048 bits total memory Read/Write
HITAG u RO64 64 bits total memory Read Only
HITAG u 128 bits total memory Read/Write
HITAG u Advanced 512 bits total memory Read/Write
HITAG u Advanced+ 1760 bits total memory Read/Write
HITAG µ RO64 64 bits total memory Read Only
HITAG µ 128 bits total memory Read/Write
HITAG µ Advanced 512 bits total memory Read/Write
HITAG µ Advanced+ 1760 bits total memory Read/Write
Default 48-bit key for Hitag 2, S encryption:
"MIKRON" = O N M I K R