From ee006c6a7b6dc3ebcd77e23b139f0e69011a5b30 Mon Sep 17 00:00:00 2001 From: Chris Date: Thu, 5 Jul 2018 14:38:31 +0200 Subject: [PATCH] add: sc upgrade - beta test --- armsrc/appmain.c | 66 ++++++++++++++++++++++++++++------ client/cmdsmartcard.c | 82 +++++++++++++------------------------------ common/i2c.c | 71 ++++++++++++++++++++++++++++++------- common/i2c.h | 3 +- include/usb_cmd.h | 1 + 5 files changed, 141 insertions(+), 82 deletions(-) diff --git a/armsrc/appmain.c b/armsrc/appmain.c index 2d78f530d..4f8ee6c99 100644 --- a/armsrc/appmain.c +++ b/armsrc/appmain.c @@ -1029,7 +1029,7 @@ void UsbPacketReceived(uint8_t *packet, int len) { I2C_Reset_EnterMainProgram(); // sample: - // [C0 02] A0 A4 00 00 02 + // [C0 02 C1] A0 A4 00 00 02 // asBytes = A0 A4 00 00 02 // arg0 = len 5 I2C_BufferWrite(c->d.asBytes, c->arg[0], I2C_DEVICE_CMD_SEND, I2C_DEVICE_ADDRESS_MAIN); @@ -1041,28 +1041,72 @@ void UsbPacketReceived(uint8_t *packet, int len) { cmd_send(CMD_ACK, len, 0, 0, resp, len); break; } + case CMD_SMART_UPLOAD: { + // upload file from client + uint8_t *mem = BigBuf_get_addr(); + memcpy( mem + c->arg[0], c->d.asBytes, USB_CMD_DATA_SIZE); + cmd_send(CMD_ACK,1,0,0,0,0); + break; + } case CMD_SMART_UPGRADE: { + + #define I2C_BLOCK_SIZE 128 + // write. Sector0, with 11,22,33,44 + // erase is 128bytes. + StartTicks(); I2C_init(); I2C_Reset_EnterBootloader(); - uint16_t length = 640; + bool isOK = true; + uint8_t res = 0; + uint16_t length = c->arg[0]; uint16_t pos = 0; - uint8_t resp[64] = {0}; + uint8_t *fwdata = BigBuf_get_addr(); + uint8_t *verfiydata = BigBuf_malloc(I2C_BLOCK_SIZE); + while (length) { uint8_t msb = (pos >> 8) & 0xFF; uint8_t lsb = pos & 0xFF; - Dbprintf("FW %02X %02X", msb, lsb); - bool isok = I2C_ReadFW(resp, msb, lsb, I2C_DEVICE_ADDRESS_BOOT); - if (isok) - Dbhexdump(sizeof(resp), resp, false); - length -= 64; - pos += 64; + Dbprintf("FW %02X %02X", msb, lsb); + + size_t size = MIN(I2C_BLOCK_SIZE, length); + + // write + res = I2C_WriteFW(fwdata+pos, size, msb, lsb, I2C_DEVICE_ADDRESS_BOOT); + if ( !res ) { + Dbprintf("Writing failed"); + isOK = false; + break; + } + + // writing takes time. + WaitMS(50); + + // read + res = I2C_ReadFW(verfiydata, size, msb, lsb, I2C_DEVICE_ADDRESS_BOOT); + if ( res == 0) { + Dbprintf("Reading back failed"); + isOK = false; + break; + } + + // cmp + if ( 0 != memcmp(fwdata+pos, verfiydata, size)) { + Dbprintf("not equal data"); + isOK = false; + break; + } + + length -= size; + pos += size; } - cmd_send(CMD_ACK, len, 0, 0, resp, sizeof(resp)); - break; + + cmd_send(CMD_ACK, isOK, pos, 0, 0, 0); + StopTicks(); + break; } #endif diff --git a/client/cmdsmartcard.c b/client/cmdsmartcard.c index 8853e9180..9c2a91592 100644 --- a/client/cmdsmartcard.c +++ b/client/cmdsmartcard.c @@ -81,43 +81,10 @@ int CmdSmartRaw(const char *Cmd) { } int CmdSmartUpgrade(const char *Cmd) { - uint8_t cmdp = 0; - bool errors = false; - while (param_getchar(Cmd, cmdp) != 0x00 && !errors) { - switch (tolower(param_getchar(Cmd, cmdp))) { - case 'h': - return usage_sm_upgrade(); - default: - PrintAndLogEx(WARNING, "Unknown parameter '%c'", param_getchar(Cmd, cmdp)); - errors = true; - break; - } - } - - //Validations - if (errors) return usage_sm_upgrade(); - - UsbCommand c = {CMD_SMART_UPGRADE, {0, 0, 0}}; - clearCommandBuffer(); - SendCommand(&c); - - // reading response from smart card - UsbCommand resp; - if (!WaitForResponseTimeout(CMD_ACK, &resp, 2500)) { - PrintAndLogEx(WARNING, "smart card response failed"); - return 1; - } - //PrintAndLogEx(SUCCESS,"resp: %s", sprint_hex(resp.d.asBytes, resp.arg[0])); - return 0;; -} -/* -int CmdSmartUpgrade(const char *Cmd){ - FILE *f; char filename[FILE_PATH_SIZE] = {0}; uint8_t cmdp = 0; bool errors = false; - uint32_t start_index = 0; while (param_getchar(Cmd, cmdp) != 0x00 && !errors) { switch (tolower(param_getchar(Cmd, cmdp))) { @@ -159,13 +126,7 @@ int CmdSmartUpgrade(const char *Cmd){ fclose(f); return 1; } - - if (fsize > FLASH_MEM_MAX_SIZE) { - PrintAndLogDevice(WARNING, "error, filesize is larger than available memory"); - fclose(f); - return 1; - } - + uint8_t *dump = calloc(fsize, sizeof(uint8_t)); if (!dump) { PrintAndLogDevice(WARNING, "error, cannot allocate memory "); @@ -177,40 +138,47 @@ int CmdSmartUpgrade(const char *Cmd){ if (f) fclose(f); + PrintAndLogEx(SUCCESS, "Smartcard socket firmware uploading to PM3"); //Send to device + uint32_t index = 0; uint32_t bytes_sent = 0; uint32_t bytes_remaining = bytes_read; while (bytes_remaining > 0){ - uint32_t bytes_in_packet = MIN(FLASH_MEM_BLOCK_SIZE, bytes_remaining); - - UsbCommand c = {CMD_SMART_UPGRADE, {start_index + bytes_sent, bytes_in_packet, 0}}; - + uint32_t bytes_in_packet = MIN(USB_CMD_DATA_SIZE, bytes_remaining); + UsbCommand c = {CMD_SMART_UPLOAD, {index + bytes_sent, bytes_in_packet, 0}}; + + // Fill usb bytes with 0xFF + memset(c.d.asBytes, 0xFF, USB_CMD_DATA_SIZE); memcpy(c.d.asBytes, dump + bytes_sent, bytes_in_packet); clearCommandBuffer(); - SendCommand(&c); - - bytes_remaining -= bytes_in_packet; - bytes_sent += bytes_in_packet; - - UsbCommand resp; - if ( !WaitForResponseTimeout(CMD_ACK, &resp, 2000) ) { + SendCommand(&c); + if ( !WaitForResponseTimeout(CMD_ACK, NULL, 2000) ) { PrintAndLogEx(WARNING, "timeout while waiting for reply."); free(dump); return 1; } - uint8_t isok = resp.arg[0] & 0xFF; - if (!isok) - PrintAndLogEx(FAILED, "Flash write fail [offset %u]", bytes_sent); - + bytes_remaining -= bytes_in_packet; + bytes_sent += bytes_in_packet; + printf("."); fflush(stdout); } free(dump); + printf("\n"); + PrintAndLogEx(SUCCESS, "Smartcard socket firmware updating, don\'t turn off your PM3!"); - PrintAndLogEx(SUCCESS, "Wrote %u bytes to offset %u", bytes_read, start_index); + // trigger the firmware upgrade + UsbCommand c = {CMD_SMART_UPGRADE, {bytes_read, 0, 0}}; + clearCommandBuffer(); + SendCommand(&c); + if ( !WaitForResponseTimeout(CMD_ACK, NULL, 2500) ) { + PrintAndLogEx(WARNING, "timeout while waiting for reply."); + return 1; + } + PrintAndLogEx(SUCCESS, "Smartcard socket firmware updated successful"); return 0; } -*/ + int CmdSmartInfo(const char *Cmd){ // char filename[FILE_PATH_SIZE] = {0}; diff --git a/common/i2c.c b/common/i2c.c index 0004c5d9f..4bcfc5c6e 100644 --- a/common/i2c.c +++ b/common/i2c.c @@ -22,7 +22,9 @@ #define SCL_read (AT91C_BASE_PIOA->PIO_PDSR & GPIO_SCL) #define SDA_read (AT91C_BASE_PIOA->PIO_PDSR & GPIO_SDA) - + +#define I2C_ERROR "I2C_WaitAck Error" + volatile unsigned long c; // 直接使用循环来延时,一个循环 6 条指令,48M, Delay=1 大概为 200kbps @@ -251,7 +253,7 @@ bool I2C_WriteByte(uint8_t data, uint8_t device_cmd, uint8_t device_address) { if (bBreak) { I2C_Stop(); - DbpString("I2C_WaitAck Error"); + if ( MF_DBGLEVEL > 3 ) DbpString(I2C_ERROR); return false; } @@ -276,13 +278,12 @@ bool I2C_BufferWrite(uint8_t *data, uint8_t len, uint8_t device_cmd, uint8_t dev break; I2C_SendByte(device_cmd); - if (!I2C_WaitAck()) break; while (len) { + I2C_SendByte(*data); - if (!I2C_WaitAck()) break; @@ -294,13 +295,11 @@ bool I2C_BufferWrite(uint8_t *data, uint8_t len, uint8_t device_cmd, uint8_t dev bBreak = false; } while (false); + I2C_Stop(); if (bBreak) { - I2C_Stop(); - DbpString("I2C_WaitAck Error"); + if ( MF_DBGLEVEL > 3 ) DbpString(I2C_ERROR); return false; } - - I2C_Stop(); return true; } @@ -337,7 +336,7 @@ uint8_t I2C_BufferRead(uint8_t *data, uint8_t len, uint8_t device_cmd, uint8_t d if (bBreak) { I2C_Stop(); - DbpString("I2C_WaitAck Error"); + if ( MF_DBGLEVEL > 3 ) DbpString(I2C_ERROR); return 0; } @@ -363,7 +362,7 @@ uint8_t I2C_BufferRead(uint8_t *data, uint8_t len, uint8_t device_cmd, uint8_t d return readcount; } -uint8_t I2C_ReadFW(uint8_t *data, uint8_t msb, uint8_t lsb, uint8_t device_address) { +uint8_t I2C_ReadFW(uint8_t *data, uint8_t len, uint8_t msb, uint8_t lsb, uint8_t device_address) { //START, 0xB0, 0x00, 0x00, START, 0xB1, xx, yy, zz, ......, STOP bool bBreak = true; @@ -400,12 +399,11 @@ uint8_t I2C_ReadFW(uint8_t *data, uint8_t msb, uint8_t lsb, uint8_t device_addre if (bBreak) { I2C_Stop(); - DbpString("I2C_WaitAck Error"); + if ( MF_DBGLEVEL > 3 ) DbpString(I2C_ERROR); return 0; } // reading - uint8_t len = 64; while (len) { len--; *data = I2C_ReadByte(); @@ -423,11 +421,58 @@ uint8_t I2C_ReadFW(uint8_t *data, uint8_t msb, uint8_t lsb, uint8_t device_addre return readcount; } +bool I2C_WriteFW(uint8_t *data, uint8_t len, uint8_t msb, uint8_t lsb, uint8_t device_address) { + //START, 0xB0, 0x00, 0x00, xx, yy, zz, ......, STOP + bool bBreak = true; + + do { + if (!I2C_Start()) + return false; + + // 0xB0 + I2C_SendByte(device_address & 0xFE); + if (!I2C_WaitAck()) + break; + + // msb + I2C_SendByte(msb); + if (!I2C_WaitAck()) + break; + + // lsb + I2C_SendByte(lsb); + if (!I2C_WaitAck()) + break; + + while (len) { + I2C_SendByte(*data); + if (!I2C_WaitAck()) + break; + + len--; + data++; + } + + if (len == 0) + bBreak = false; + } while (false); + + I2C_Stop(); + if (bBreak) { + if ( MF_DBGLEVEL > 3 ) DbpString(I2C_ERROR); + return false; + } + return true; +} + void I2C_print_status(void) { I2C_init(); I2C_Reset_EnterMainProgram(); uint8_t resp[4] = {0}; uint8_t len = I2C_BufferRead(resp, 4, I2C_DEVICE_CMD_GETVERSION, I2C_DEVICE_ADDRESS_MAIN); DbpString("Smart card module (ISO 7816)"); - Dbprintf(" FW version................v%x.%02x (len %d", resp[1], resp[2], len); + if ( len ) + Dbprintf(" FW version................v%x.%02x", resp[1], resp[2]); + else + DbpString(" FW version................FAILED"); } \ No newline at end of file diff --git a/common/i2c.h b/common/i2c.h index 03634d658..c2d8dc0aa 100644 --- a/common/i2c.h +++ b/common/i2c.h @@ -30,7 +30,8 @@ bool I2C_BufferWrite(uint8_t *data, uint8_t len, uint8_t device_cmd, uint8_t dev uint8_t I2C_BufferRead(uint8_t *data, uint8_t len, uint8_t device_cmd, uint8_t device_address); // for firmware -uint8_t I2C_ReadFW(uint8_t *data, uint8_t msb, uint8_t lsb, uint8_t device_address); +uint8_t I2C_ReadFW(uint8_t *data, uint8_t len, uint8_t msb, uint8_t lsb, uint8_t device_address); +bool I2C_WriteFW(uint8_t *data, uint8_t len, uint8_t msb, uint8_t lsb, uint8_t device_address); void I2C_print_status(void); #endif \ No newline at end of file diff --git a/include/usb_cmd.h b/include/usb_cmd.h index b69358bd8..5c8df8f9c 100644 --- a/include/usb_cmd.h +++ b/include/usb_cmd.h @@ -78,6 +78,7 @@ typedef struct{ // RDV40, Smart card operations #define CMD_SMART_SEND 0x0140 #define CMD_SMART_UPGRADE 0x0141 +#define CMD_SMART_UPLOAD 0x0142 // For low-frequency tags #define CMD_READ_TI_TYPE 0x0202