From d79bd5b6b869831365134b82d3de54b86ae901a7 Mon Sep 17 00:00:00 2001
From: Markus Walter <markus.walter@pg40.com>
Date: Thu, 1 Sep 2022 18:46:20 +0200
Subject: [PATCH] Switch `hf 15 sim` to use image in emulator memory.

---
 armsrc/appmain.c     |  4 +---
 armsrc/iso15693.c    | 23 +++++++----------------
 armsrc/iso15693.h    |  2 +-
 client/src/cmdhf15.c | 29 -----------------------------
 include/pm3_cmd.h    |  4 ----
 5 files changed, 9 insertions(+), 53 deletions(-)

diff --git a/armsrc/appmain.c b/armsrc/appmain.c
index 69961cc7d..d2ead4fc3 100644
--- a/armsrc/appmain.c
+++ b/armsrc/appmain.c
@@ -1274,11 +1274,9 @@ static void PacketReceived(PacketCommandNG *packet) {
             struct p {
                 uint8_t uid[8];
                 uint8_t block_size;
-                int data_length;
-                uint8_t data[PM3_CMD_BLOB_SIZE];
             } PACKED;
             struct p *payload = (struct p *) packet->data.asBytes;
-            SimTagIso15693(payload->uid, payload->block_size, payload->data_length, payload->data);
+            SimTagIso15693(payload->uid, payload->block_size);
             break;
         }
         case CMD_HF_ISO15693_CSETUID: {
diff --git a/armsrc/iso15693.c b/armsrc/iso15693.c
index 92c6f2e4e..7e4c5c4f3 100644
--- a/armsrc/iso15693.c
+++ b/armsrc/iso15693.c
@@ -2113,7 +2113,7 @@ void EmlSetMemIso15693(uint8_t count, uint8_t *data, uint32_t offset) {
 
 // Simulate an ISO15693 TAG, perform anti-collision and then print any reader commands
 // all demodulation performed in arm rather than host. - greg
-void SimTagIso15693(uint8_t *uid, uint8_t block_size, int image_length, uint8_t *image) {
+void SimTagIso15693(uint8_t *uid, uint8_t block_size) {
 
     // free eventually allocated BigBuf memory
     BigBuf_free_keep_EM();
@@ -2122,11 +2122,7 @@ void SimTagIso15693(uint8_t *uid, uint8_t block_size, int image_length, uint8_t
 
     LED_A_ON();
 
-    if (image_length == -1) {
-        Dbprintf("ISO-15963 Simulating uid: %02X%02X%02X%02X%02X%02X%02X%02X block size %d with no image", uid[0], uid[1], uid[2], uid[3], uid[4], uid[5], uid[6], uid[7], block_size);
-    } else {
-        Dbprintf("ISO-15963 Simulating uid: %02X%02X%02X%02X%02X%02X%02X%02X block size %d with 0x%X bytes image", uid[0], uid[1], uid[2], uid[3], uid[4], uid[5], uid[6], uid[7], block_size, image_length);
-    }
+    Dbprintf("ISO-15963 Simulating uid: %02X%02X%02X%02X%02X%02X%02X%02X block size %d", uid[0], uid[1], uid[2], uid[3], uid[4], uid[5], uid[6], uid[7], block_size);
 
     LED_C_ON();
 
@@ -2222,14 +2218,8 @@ void SimTagIso15693(uint8_t *uid, uint8_t block_size, int image_length, uint8_t
             resp_sysinfo[10] = 0;    // DSFID
             resp_sysinfo[11] = 0;    // AFI
 
-             // Memory size.
-            if (image_length == -1) {
-                // use sensible default value if no image is provided
-                resp_sysinfo[12] = 0x1F;
-            } else {
-                resp_sysinfo[12] = image_length / block_size;
-            }
-            resp_sysinfo[13] = block_size - 1; // Memory size.
+            resp_sysinfo[12] = 0x1F; // Block count
+            resp_sysinfo[13] = block_size - 1; // Block size.
             resp_sysinfo[14] = 0x01; // IC reference.
 
             // CRC
@@ -2282,6 +2272,7 @@ void SimTagIso15693(uint8_t *uid, uint8_t block_size, int image_length, uint8_t
                 resp_readblock[i] = 0;
             }
 
+            uint8_t *emCARD = BigBuf_get_EM_addr();
             resp_readblock[0] = 0;    // Response flags
             for (int j = 0; j < block_count; j++) {
                 // where to put the data of the current block
@@ -2291,8 +2282,8 @@ void SimTagIso15693(uint8_t *uid, uint8_t block_size, int image_length, uint8_t
                 }
                 for (int i = 0; i < block_size; i++) {
                     // Block data
-                    if (block_size * (block_idx + j + 1) <= image_length) {
-                        resp_readblock[work_offset + security_offset + i] = image[block_size * (block_idx + j) + i];
+                    if (block_size * (block_idx + j + 1) <= CARD_MEMORY_SIZE) {
+                        resp_readblock[work_offset + security_offset + i] = emCARD[block_size * (block_idx + j) + i];
                     } else {
                         resp_readblock[work_offset + security_offset + i] = 0;
                     }
diff --git a/armsrc/iso15693.h b/armsrc/iso15693.h
index 4f1800dc7..6bd3882bc 100644
--- a/armsrc/iso15693.h
+++ b/armsrc/iso15693.h
@@ -48,7 +48,7 @@ void AcquireRawAdcSamplesIso15693(void);
 void ReaderIso15693(iso15_card_select_t *p_card); // ISO15693 reader
 void EmlClearIso15693(void);
 void EmlSetMemIso15693(uint8_t count, uint8_t *data, uint32_t offset);
-void SimTagIso15693(uint8_t *uid, uint8_t block_size, int payload_length, uint8_t *payload); // simulate an ISO15693 tag
+void SimTagIso15693(uint8_t *uid, uint8_t block_size); // simulate an ISO15693 tag
 void BruteforceIso15693Afi(uint32_t speed); // find an AFI of a tag
 void DirectTag15693Command(uint32_t datalen, uint32_t speed, uint32_t recv, uint8_t *data); // send arbitrary commands from CLI
 
diff --git a/client/src/cmdhf15.c b/client/src/cmdhf15.c
index 417ad1fe5..066d6bfdf 100644
--- a/client/src/cmdhf15.c
+++ b/client/src/cmdhf15.c
@@ -1111,7 +1111,6 @@ static int CmdHF15Sim(const char *Cmd) {
         arg_param_begin,
         arg_str1("u", "uid", "<8b hex>", "UID eg E011223344556677"),
         arg_int0("b", "blocksize", "<dec>", "block size, defaults to 4"),
-        arg_str0("i", "image", "<fn>", "Memory image to load, defaults to zeros"),
         arg_param_end
     };
     CLIExecWithReturn(ctx, Cmd, argtable, false);
@@ -1119,8 +1118,6 @@ static int CmdHF15Sim(const char *Cmd) {
     struct {
         uint8_t uid[8];
         uint8_t block_size;
-        int image_length;
-        uint8_t image[PM3_CMD_BLOB_SIZE];
     } PACKED payload;
 
     int uidlen = 0;
@@ -1131,34 +1128,8 @@ static int CmdHF15Sim(const char *Cmd) {
     }
 
     payload.block_size = arg_get_int_def(ctx, 2, 4);
-
-    int fnlen = 0;
-    char filename[FILE_PATH_SIZE] = {0};
-    CLIParamStrToBuf(arg_get_str(ctx, 3), (uint8_t *)filename, FILE_PATH_SIZE, &fnlen);
     CLIParserFree(ctx);
 
-    if (fnlen > 0) {
-        uint8_t *image = NULL;
-        size_t image_len = 0;
-        if (loadFile_safe(filename, "", (void **)&image, &image_len) != PM3_SUCCESS) {
-            PrintAndLogEx(FAILED, "Could not open file " _YELLOW_("%s"), filename);
-            return PM3_EIO;
-        }
-
-        if (image_len > PM3_CMD_BLOB_SIZE) {
-            PrintAndLogEx(WARNING, "Memory image to large for us");
-            return PM3_EINVARG;
-        }
-        if (image_len % payload.block_size != 0) {
-            PrintAndLogEx(WARNING, "Memory image size not a multiple of the block size");
-            return PM3_EINVARG;
-        }
-        payload.image_length = image_len;
-        memcpy(payload.image, image, image_len);
-        free(image);
-    } else {
-        payload.image_length = -1;
-    }
 
     PrintAndLogEx(SUCCESS, "Starting simulating UID " _YELLOW_("%s"), iso15693_sprintUID(NULL, payload.uid));
     PrintAndLogEx(INFO, "press " _YELLOW_("`Pm3 button`") " to cancel");
diff --git a/include/pm3_cmd.h b/include/pm3_cmd.h
index f2e9f0607..7c7eb6ed6 100644
--- a/include/pm3_cmd.h
+++ b/include/pm3_cmd.h
@@ -27,10 +27,6 @@
 
 #define PM3_CMD_DATA_SIZE 512
 #define PM3_CMD_DATA_SIZE_MIX ( PM3_CMD_DATA_SIZE - 3 * sizeof(uint64_t) )
-/* To be used for commands with a big blob of data along with some other data (for which 32 bytes
- * is put aside, so if there is more of it this is unsuitable).
- */
-#define PM3_CMD_BLOB_SIZE ( PM3_CMD_DATA_SIZE - 32 )
 
 typedef struct {
     uint64_t cmd;