github/proxmark3
1
0
Fork 0
mirror of https://github.com/Proxmark/proxmark3.git synced 2025-08-19 04:49:38 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

fixing iso14443b (issue #103):

Browse source 
- most significant bit of tag data (which happens to be the sign bit)
had been dropped when snooping (FPGA change)
- avoid trying to decode both tag and reader data when snooping (we don't
have the time to do so).
This commit is contained in:
pwpiwi 2015-06-02 22:27:14 +02:00
commit 5b95953d42
3 changed files with 60 additions and 49 deletions
Download patch file Download diff file Expand all files Collapse all files

96
armsrc/iso14443b.c
View file

@ -158,7 +158,6 @@ static int Handle14443UartBit(int bit)
{ {
switch(Uart.state) { switch(Uart.state) {
case STATE_UNSYNCD: case STATE_UNSYNCD:
LED_A_OFF();
if(!bit) { if(!bit) {
// we went low, so this could be the beginning // we went low, so this could be the beginning
// of an SOF // of an SOF
@ -272,8 +271,7 @@ static int Handle14443UartBit(int bit)
break; break;
} }
// This row make the error blew circular buffer in hf 14b snoop if (Uart.state == STATE_UNSYNCD) LED_A_OFF();
//if (Uart.state == STATE_ERROR_WAIT) LED_A_OFF(); // Error
return FALSE; return FALSE;
} }
@ -1054,17 +1052,17 @@ void ReadSTMemoryIso14443(uint32_t dwLast)
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
/* /*
* Memory usage for this function, (within BigBuf) * Memory usage for this function, (within BigBuf)
* 0-4095 : Demodulated samples receive (4096 bytes) - DEMOD_TRACE_SIZE * Last Received command (reader->tag) - MAX_FRAME_SIZE
* 4096-6143 : Last Received command, 2048 bytes (reader->tag) - READER_TAG_BUFFER_SIZE * Last Received command (tag->reader) - MAX_FRAME_SIZE
* 6144-8191 : Last Received command, 2048 bytes(tag->reader) - TAG_READER_BUFFER_SIZE * DMA Buffer, 1024 bytes (samples) - DMA_BUFFER_SIZE
* 8192-9215 : DMA Buffer, 1024 bytes (samples) - DEMOD_DMA_BUFFER_SIZE * Demodulated samples received - all the rest
*/ */
void RAMFUNC SnoopIso14443(void) void RAMFUNC SnoopIso14443(void)
{ {
// We won't start recording the frames that we acquire until we trigger; // We won't start recording the frames that we acquire until we trigger;
// a good trigger condition to get started is probably when we see a // a good trigger condition to get started is probably when we see a
// response from the tag. // response from the tag.
int triggered = TRUE; int triggered = TRUE; // TODO: set and evaluate trigger condition
FpgaDownloadAndGo(FPGA_BITSTREAM_HF); FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
BigBuf_free(); BigBuf_free();
@ -1109,7 +1107,10 @@ void RAMFUNC SnoopIso14443(void)
FpgaSetupSscDma((uint8_t*) dmaBuf, DMA_BUFFER_SIZE); FpgaSetupSscDma((uint8_t*) dmaBuf, DMA_BUFFER_SIZE);
uint8_t parity[MAX_PARITY_SIZE]; uint8_t parity[MAX_PARITY_SIZE];
LED_A_ON(); LED_A_ON();
bool TagIsActive = FALSE;
bool ReaderIsActive = FALSE;
// And now we loop, receiving samples. // And now we loop, receiving samples.
for(;;) { for(;;) {
int behindBy = (lastRxCounter - AT91C_BASE_PDC_SSC->PDC_RCR) & int behindBy = (lastRxCounter - AT91C_BASE_PDC_SSC->PDC_RCR) &
@ -1136,49 +1137,56 @@ void RAMFUNC SnoopIso14443(void)
samples += 2; samples += 2;
if(Handle14443UartBit(ci & 1)) { if (!TagIsActive) { // no need to try decoding reader data if the tag is sending
if(triggered && tracing) { if(Handle14443UartBit(ci & 0x01)) {
GetParity(Uart.output, Uart.byteCnt, parity); if(triggered && tracing) {
LogTrace(Uart.output,Uart.byteCnt,samples, samples,parity,TRUE); GetParity(Uart.output, Uart.byteCnt, parity);
} LogTrace(Uart.output,Uart.byteCnt,samples, samples,parity,TRUE);
if(Uart.byteCnt==0) Dbprintf("[1] Error, Uart.byteCnt==0, Uart.bitCnt=%d", Uart.bitCnt); }
if(Uart.byteCnt==0) Dbprintf("[1] Error, Uart.byteCnt==0, Uart.bitCnt=%d", Uart.bitCnt);
/* And ready to receive another command. */ /* And ready to receive another command. */
UartReset(); UartReset();
/* And also reset the demod code, which might have been */ /* And also reset the demod code, which might have been */
/* false-triggered by the commands from the reader. */ /* false-triggered by the commands from the reader. */
DemodReset(); DemodReset();
}
if(Handle14443UartBit(cq & 1)) {
if(triggered && tracing) {
GetParity(Uart.output, Uart.byteCnt, parity);
LogTrace(Uart.output,Uart.byteCnt,samples, samples, parity, TRUE);
} }
if(Uart.byteCnt==0) Dbprintf("[2] Error, Uart.byteCnt==0, Uart.bitCnt=%d", Uart.bitCnt); if(Handle14443UartBit(cq & 0x01)) {
if(triggered && tracing) {
GetParity(Uart.output, Uart.byteCnt, parity);
LogTrace(Uart.output,Uart.byteCnt,samples, samples, parity, TRUE);
}
if(Uart.byteCnt==0) Dbprintf("[2] Error, Uart.byteCnt==0, Uart.bitCnt=%d", Uart.bitCnt);
/* And ready to receive another command. */ /* And ready to receive another command. */
UartReset(); UartReset();
/* And also reset the demod code, which might have been */ /* And also reset the demod code, which might have been */
/* false-triggered by the commands from the reader. */ /* false-triggered by the commands from the reader. */
DemodReset(); DemodReset();
}
ReaderIsActive = (Uart.state != STATE_UNSYNCD);
} }
if(Handle14443SamplesDemod(ci, cq)) { if(!ReaderIsActive) { // no need to try decoding tag data if the reader is sending - and we cannot afford the time
if(Handle14443SamplesDemod(ci, cq)) {
//Use samples as a time measurement //Use samples as a time measurement
if(tracing) if(tracing)
{ {
uint8_t parity[MAX_PARITY_SIZE]; uint8_t parity[MAX_PARITY_SIZE];
GetParity(Demod.output, Demod.len, parity); GetParity(Demod.output, Demod.len, parity);
LogTrace(Demod.output, Demod.len,samples, samples, parity, FALSE); LogTrace(Demod.output, Demod.len,samples, samples, parity, FALSE);
}
triggered = TRUE;
LED_A_OFF();
LED_B_ON();
// And ready to receive another response.
DemodReset();
} }
triggered = TRUE; TagIsActive = (Demod.state != DEMOD_UNSYNCD);
LED_A_OFF();
LED_B_ON();
// And ready to receive another response.
DemodReset();
} }
WDT_HIT(); WDT_HIT();
if(!tracing) { if(!tracing) {

BIN
fpga/fpga_hf.bit
View file

Binary file not shown.

13
fpga/hi_read_rx_xcorr.v
View file

@ -99,8 +99,10 @@ end
reg [5:0] corr_i_cnt; reg [5:0] corr_i_cnt;
reg [5:0] corr_q_cnt; reg [5:0] corr_q_cnt;
// And a couple of registers in which to accumulate the correlations. // And a couple of registers in which to accumulate the correlations.
reg signed [15:0] corr_i_accum; // we would add at most 32 times adc_d, the result can be held in 13 bits.
reg signed [15:0] corr_q_accum; // Need one additional bit because it can be negative as well
reg signed [13:0] corr_i_accum;
reg signed [13:0] corr_q_accum;
reg signed [7:0] corr_i_out; reg signed [7:0] corr_i_out;
reg signed [7:0] corr_q_out; reg signed [7:0] corr_q_out;
@ -114,12 +116,13 @@ begin
begin begin
if(snoop) if(snoop)
begin begin
corr_i_out <= {corr_i_accum[12:6], after_hysteresis_prev}; // highest 7 significant bits of tag signal (signed), 1 bit reader signal:
corr_q_out <= {corr_q_accum[12:6], after_hysteresis}; corr_i_out <= {corr_i_accum[13:7], after_hysteresis_prev};
corr_q_out <= {corr_q_accum[13:7], after_hysteresis};
end end
else else
begin begin
// Only correlations need to be delivered. // highest 8 significant bits of tag signal
corr_i_out <= corr_i_accum[13:6]; corr_i_out <= corr_i_accum[13:6];
corr_q_out <= corr_q_accum[13:6]; corr_q_out <= corr_q_accum[13:6];
end end