github/RRG-Proxmark3
1
0
Fork 0
mirror of https://github.com/RfidResearchGroup/proxmark3.git synced 2025-08-19 21:03:48 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

FIX: 'hf 15 *' commands - the demod should work better now and as a bonus I've added some tracelogging. The timer is not quite correct yet but its a start.

Browse source 
sample:
   hf 15 reader
   hf list raw
This commit is contained in:
iceman1001 2017-09-04 13:56:57 +02:00
commit ec07e2e006
7 changed files with 427 additions and 451 deletions
Download patch file Download diff file Expand all files Collapse all files

2
armsrc/appmain.c
View file

@ -697,7 +697,7 @@ void UsbPacketReceived(uint8_t *packet, int len) {
RecordRawAdcSamplesIso15693(); RecordRawAdcSamplesIso15693();
break; break;
case CMD_ISO_15693_COMMAND: case CMD_ISO_15693_COMMAND:
DirectTag15693Command(c->arg[0],c->arg[1],c->arg[2],c->d.asBytes); DirectTag15693Command(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes);
break; break;
case CMD_ISO_15693_FIND_AFI: case CMD_ISO_15693_FIND_AFI:
BruteforceIso15693Afi(c->arg[0]); BruteforceIso15693Afi(c->arg[0]);

2
armsrc/apps.h
View file

@ -195,7 +195,7 @@ void AcquireRawAdcSamplesIso15693(void);
void ReaderIso15693(uint32_t parameter); // Simulate an ISO15693 reader - greg void ReaderIso15693(uint32_t parameter); // Simulate an ISO15693 reader - greg
void SimTagIso15693(uint32_t parameter, uint8_t *uid); // simulate an ISO15693 tag - greg void SimTagIso15693(uint32_t parameter, uint8_t *uid); // simulate an ISO15693 tag - greg
void BruteforceIso15693Afi(uint32_t speed); // find an AFI of a tag - atrox void BruteforceIso15693Afi(uint32_t speed); // find an AFI of a tag - atrox
void DirectTag15693Command(uint32_t datalen,uint32_t speed, uint32_t recv, uint8_t data[]); // send arbitrary commands from CLI - atrox void DirectTag15693Command(uint32_t datalen,uint32_t speed, uint32_t recv, uint8_t *data); // send arbitrary commands from CLI - atrox
void SetDebugIso15693(uint32_t flag); void SetDebugIso15693(uint32_t flag);
void Iso15693InitReader(void); void Iso15693InitReader(void);

14
armsrc/iso14443b.c
View file

@ -1020,12 +1020,12 @@ static void TransmitFor14443b_AsReader(void) {
// AT91C_BASE_SSC->SSC_THR = 0XFF; // AT91C_BASE_SSC->SSC_THR = 0XFF;
// } // }
FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_READER_TX | FPGA_HF_READER_TX_SHALLOW_MOD);
SpinDelay(40);
int c; int c;
volatile uint32_t b; volatile uint32_t b;
FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_READER_TX | FPGA_HF_READER_TX_SHALLOW_MOD);
SpinDelay(40);
// What does this loop do? Is it TR1? // What does this loop do? Is it TR1?
// 0xFF = 8 bits of 1. 1 bit == 1Etu,.. // 0xFF = 8 bits of 1. 1 bit == 1Etu,..
// loop 10 * 8 = 80 ETU of delay, with a non modulated signal. why? // loop 10 * 8 = 80 ETU of delay, with a non modulated signal. why?
@ -1036,8 +1036,7 @@ static void TransmitFor14443b_AsReader(void) {
++c; ++c;
} }
if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) { if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {
b = AT91C_BASE_SSC->SSC_RHR; b = AT91C_BASE_SSC->SSC_RHR; (void)b;
(void)b;
} }
} }
@ -1047,8 +1046,7 @@ static void TransmitFor14443b_AsReader(void) {
AT91C_BASE_SSC->SSC_THR = ToSend[c++]; AT91C_BASE_SSC->SSC_THR = ToSend[c++];
} }
if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) { if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {
b = AT91C_BASE_SSC->SSC_RHR; b = AT91C_BASE_SSC->SSC_RHR; (void)b;
(void)b;
} }
} }
//WaitForFpgaDelayQueueIsEmpty(delay); //WaitForFpgaDelayQueueIsEmpty(delay);

769
armsrc/iso15693.c
View file

File diff suppressed because it is too large Load diff

35
client/cmdhf15.c
View file

@ -201,29 +201,27 @@ const productName uidmapping[] = {
// *buf should be large enough to fit the 64bit uid // *buf should be large enough to fit the 64bit uid
// returns 1 if suceeded // returns 1 if suceeded
int getUID(uint8_t *buf) { int getUID(uint8_t *buf) {
UsbCommand resp; UsbCommand resp;
uint8_t *recv;
UsbCommand c = {CMD_ISO_15693_COMMAND, {0, 1, 1}}; // len,speed,recv? UsbCommand c = {CMD_ISO_15693_COMMAND, {0, 1, 1}}; // len,speed,recv?
uint8_t *req = c.d.asBytes;
req[0] = ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | ISO15_REQ_INVENTORY | ISO15_REQINV_SLOT1;
req[1] = ISO15_CMD_INVENTORY;
int reqlen = 0; c.d.asBytes[0] = ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | ISO15_REQ_INVENTORY | ISO15_REQINV_SLOT1;
c.d.asBytes[1] = ISO15_CMD_INVENTORY;
c.d.asBytes[2] = 0; // mask length
c.arg[0] = AddCrc(c.d.asBytes, 3);
// don't give up the at the first try // don't give up the at the first try
for (int retry = 0; retry <3; retry++) { for (uint8_t retry = 0; retry < 3; retry++) {
req[2] = 0; // mask length
reqlen = AddCrc(req, 3);
c.arg[0] = reqlen;
clearCommandBuffer(); clearCommandBuffer();
SendCommand(&c); SendCommand(&c);
if (WaitForResponseTimeout(CMD_ACK, &resp, 1000)) { if (WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {
recv = resp.d.asBytes;
if (resp.arg[0] >= 12 && ISO15_CRC_CHECK == Crc(recv, 12)) { uint8_t resplen = resp.arg[0];
memcpy(buf, recv + 2, 8); if (resplen >= 12 && ISO15_CRC_CHECK == Crc(resp.d.asBytes, 12)) {
memcpy(buf, resp.d.asBytes + 2, 8);
return 1; return 1;
} }
} }
@ -408,8 +406,7 @@ int CmdHF15Record(const char *Cmd) {
} }
// used with 'hf search' // used with 'hf search'
int HF15Reader(const char *Cmd, bool verbose) int HF15Reader(const char *Cmd, bool verbose) {
{
uint8_t uid[8] = {0,0,0,0,0,0,0,0}; uint8_t uid[8] = {0,0,0,0,0,0,0,0};
if (!getUID(uid)) { if (!getUID(uid)) {
if (verbose) PrintAndLog("No Tag found."); if (verbose) PrintAndLog("No Tag found.");
@ -426,9 +423,7 @@ int CmdHF15Reader(const char *Cmd) {
char cmdp = param_getchar(Cmd, 0); char cmdp = param_getchar(Cmd, 0);
if (cmdp == 'h' || cmdp == 'H') return usage_15_reader(); if (cmdp == 'h' || cmdp == 'H') return usage_15_reader();
UsbCommand c = {CMD_READER_ISO_15693, {strtol(Cmd, NULL, 0), 0, 0}}; HF15Reader(Cmd, true);
clearCommandBuffer();
SendCommand(&c);
return 0; return 0;
} }

8
common/iso15693tools.c
View file

@ -43,7 +43,6 @@ int Iso15693AddCrc(uint8_t *req, int n) {
return n+2; return n+2;
} }
int sprintf(char *str, const char *format, ...); int sprintf(char *str, const char *format, ...);
// returns a string representation of the UID // returns a string representation of the UID
@ -53,9 +52,12 @@ int sprintf(char *str, const char *format, ...);
// return: ptr to string // return: ptr to string
char* Iso15693sprintUID(char *target, uint8_t *uid) { char* Iso15693sprintUID(char *target, uint8_t *uid) {
static char tempbuf[2*8+1] = {0}; static char tempbuf[2*8+1] = {0};
if (target==NULL) target=tempbuf; if (target == NULL)
target = tempbuf;
sprintf(target,"%02X%02X%02X%02X%02X%02X%02X%02X", sprintf(target,"%02X%02X%02X%02X%02X%02X%02X%02X",
uid[7],uid[6],uid[5],uid[4],uid[3],uid[2],uid[1],uid[0]); uid[7], uid[6], uid[5], uid[4],
uid[3], uid[2], uid[1], uid[0]
);
return target; return target;
} }

48
common/iso15693tools.h
View file

@ -19,12 +19,12 @@
// REQUEST FLAGS // REQUEST FLAGS
#define ISO15_REQ_SUBCARRIER_SINGLE 0x00 // Tag should respond using one subcarrier (ASK) #define ISO15_REQ_SUBCARRIER_SINGLE 0x00 // Tag should respond using one subcarrier (ASK)
#define ISO15_REQ_SUBCARRIER_TWO 0x01 // Tag should respond using two subcarriers (FSK) #define ISO15_REQ_SUBCARRIER_TWO 0x01 // Tag should respond using two subcarriers (FSK)
#define ISO15_REQ_DATARATE_LOW 0x00 // Tag should respond using low data rate #define ISO15_REQ_DATARATE_LOW 0x00 // Tag should respond using low data rate
#define ISO15_REQ_DATARATE_HIGH 0x02 // Tag should respond using high data rate #define ISO15_REQ_DATARATE_HIGH 0x02 // Tag should respond using high data rate
#define ISO15_REQ_NONINVENTORY 0x00 #define ISO15_REQ_NONINVENTORY 0x00
#define ISO15_REQ_INVENTORY 0x04 // This is an inventory request - see inventory flags #define ISO15_REQ_INVENTORY 0x04 // This is an inventory request - see inventory flags
#define ISO15_REQ_PROTOCOL_NONEXT 0x00 #define ISO15_REQ_PROTOCOL_NONEXT 0x00
#define ISO15_REQ_PROTOCOL_EXT 0x08 // RFU #define ISO15_REQ_PROTOCOL_EXT 0x08 // RFU
// REQUEST FLAGS when INVENTORY is not set // REQUEST FLAGS when INVENTORY is not set
@ -36,41 +36,41 @@
//REQUEST FLAGS when INVENTORY is set //REQUEST FLAGS when INVENTORY is set
#define ISO15_REQINV_AFI 0x10 // AFI Field is present #define ISO15_REQINV_AFI 0x10 // AFI Field is present
#define ISO15_REQINV_SLOT1 0x20 // 1 Slot #define ISO15_REQINV_SLOT1 0x20 // 1 Slot
#define ISO15_REQINV_SLOT16 0x00 // 16 Slots #define ISO15_REQINV_SLOT16 0x00 // 16 Slots
#define ISO15_REQINV_OPTION 0x40 // Command specific option selector #define ISO15_REQINV_OPTION 0x40 // Command specific option selector
//RESPONSE FLAGS //RESPONSE FLAGS
#define ISO15_RES_ERROR 0x01 #define ISO15_RES_ERROR 0x01
#define ISO15_RES_EXT 0x08 // Protocol Extention #define ISO15_RES_EXT 0x08 // Protocol Extention
// RESPONSE ERROR CODES // RESPONSE ERROR CODES
#define ISO15_NOERROR 0x00 #define ISO15_NOERROR 0x00
#define ISO15_ERROR_CMD_NOT_SUP 0x01 // Command not supported #define ISO15_ERROR_CMD_NOT_SUP 0x01 // Command not supported
#define ISO15_ERROR_CMD_NOT_REC 0x02 // Command not recognized (eg. parameter error) #define ISO15_ERROR_CMD_NOT_REC 0x02 // Command not recognized (eg. parameter error)
#define ISO15_ERROR_CMD_OPTION 0x03 // Command option not supported #define ISO15_ERROR_CMD_OPTION 0x03 // Command option not supported
#define ISO15_ERROR_GENERIC 0x0F // No additional Info about this error #define ISO15_ERROR_GENERIC 0x0F // No additional Info about this error
#define ISO15_ERROR_BLOCK_UNAVAILABLE 0x10 #define ISO15_ERROR_BLOCK_UNAVAILABLE 0x10
#define ISO15_ERROR_BLOCK_LOCKED_ALREADY 0x11 // cannot lock again #define ISO15_ERROR_BLOCK_LOCKED_ALREADY 0x11 // cannot lock again
#define ISO15_ERROR_BLOCK_LOCKED 0x12 // cannot be changed #define ISO15_ERROR_BLOCK_LOCKED 0x12 // cannot be changed
#define ISO15_ERROR_BLOCK_WRITE 0x13 // Writing was unsuccessful #define ISO15_ERROR_BLOCK_WRITE 0x13 // Writing was unsuccessful
#define ISO15_ERROR_BLOCL_WRITELOCK 0x14 // Locking was unsuccessful #define ISO15_ERROR_BLOCL_WRITELOCK 0x14 // Locking was unsuccessful
// COMMAND CODES // COMMAND CODES
#define ISO15_CMD_INVENTORY 0x01 #define ISO15_CMD_INVENTORY 0x01
#define ISO15_CMD_STAYQUIET 0x02 #define ISO15_CMD_STAYQUIET 0x02
#define ISO15_CMD_READ 0x20 #define ISO15_CMD_READ 0x20
#define ISO15_CMD_WRITE 0x21 #define ISO15_CMD_WRITE 0x21
#define ISO15_CMD_LOCK 0x22 #define ISO15_CMD_LOCK 0x22
#define ISO15_CMD_READMULTI 0x23 #define ISO15_CMD_READMULTI 0x23
#define ISO15_CMD_WRITEMULTI 0x24 #define ISO15_CMD_WRITEMULTI 0x24
#define ISO15_CMD_SELECT 0x25 #define ISO15_CMD_SELECT 0x25
#define ISO15_CMD_RESET 0x26 #define ISO15_CMD_RESET 0x26
#define ISO15_CMD_WRITEAFI 0x27 #define ISO15_CMD_WRITEAFI 0x27
#define ISO15_CMD_LOCKAFI 0x28 #define ISO15_CMD_LOCKAFI 0x28
#define ISO15_CMD_WRITEDSFID 0x29 #define ISO15_CMD_WRITEDSFID 0x29
#define ISO15_CMD_LOCKDSFID 0x2A #define ISO15_CMD_LOCKDSFID 0x2A
#define ISO15_CMD_SYSINFO 0x2B #define ISO15_CMD_SYSINFO 0x2B
#define ISO15_CMD_SECSTATUS 0x2C #define ISO15_CMD_SECSTATUS 0x2C
@ -119,7 +119,6 @@ unsigned short iclass_crc16(char *data_p, unsigned short length);
// 1) logic '0' (8 pulses of 423.75khz followed by unmodulated for 18.88us) // 1) logic '0' (8 pulses of 423.75khz followed by unmodulated for 18.88us)
// 2) 24 pulses of 423.75khz // 2) 24 pulses of 423.75khz
// 3) Unmodulated time of 56.64us // 3) Unmodulated time of 56.64us
static const int Iso15693FrameEOF[] = { static const int Iso15693FrameEOF[] = {
1, 1, 1, 1, 1, 1, 1, 1,
1, 1, 1, 1, 1, 1, 1, 1,
@ -131,5 +130,4 @@ unsigned short iclass_crc16(char *data_p, unsigned short length);
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1
}; };
#endif
#endif