Merge branch 'master' of https://github.com/Proxmark/proxmark3

CHANGELOG.md

@@ -57,6 +57,8 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
 - Added option c to 'hf list' (mark CRC bytes) (piwi)
 
 ### Changed
+- `lf snoop` now automatically gets samples from the device
+- `lf read` now accepts [#samples] as arg. && now automatically gets samples from the device
 - adjusted lf t5 chip timings to use WaitUS. and adjusted the readblock timings
     appears to have more consistent results with more antennas.
 - `lf t5 wakeup` has been adjusted to not need the p in front of the pwd arg.

armsrc/appmain.c

@@ -938,7 +938,7 @@ void UsbPacketReceived(uint8_t *packet, int len)
 			setSamplingConfig((sample_config *) c->d.asBytes);
 			break;
 		case CMD_ACQUIRE_RAW_ADC_SAMPLES_125K:
-			cmd_send(CMD_ACK,SampleLF(c->arg[0]),0,0,0,0);
+			cmd_send(CMD_ACK,SampleLF(c->arg[0], c->arg[1]),0,0,0,0);
 			break;
 		case CMD_MOD_THEN_ACQUIRE_RAW_ADC_SAMPLES_125K:
 			ModThenAcquireRawAdcSamples125k(c->arg[0],c->arg[1],c->arg[2],c->d.asBytes);

armsrc/lfops.c

@@ -72,7 +72,7 @@ void ModThenAcquireRawAdcSamples125k(uint32_t delay_off, uint32_t period_0, uint
 	FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC | FPGA_LF_ADC_READER_FIELD);
 
 	// now do the read
-	DoAcquisition_config(false);
+	DoAcquisition_config(false, 0);
 }
 
 /* blank r/w tag data stream
@@ -1132,7 +1132,7 @@ void T55xxResetRead(void) {
 	TurnReadLFOn(READ_GAP);
 
 	// Acquisition
-	doT55x7Acquisition(BigBuf_max_traceLen());
+	DoPartialAcquisition(0, true, BigBuf_max_traceLen());
 
 	// Turn the field off
 	FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); // field off
@@ -1161,7 +1161,8 @@ void T55xxWriteBlockExt(uint32_t Data, uint32_t Block, uint32_t Pwd, uint8_t arg
 	// Std Opcode 10
 	T55xxWriteBit(testMode ? 0 : 1);
 	T55xxWriteBit(testMode ? 1 : Page); //Page 0
-	if (PwdMode){
+
+	if (PwdMode) {
 		// Send Pwd
 		for (i = 0x80000000; i != 0; i >>= 1)
 			T55xxWriteBit(Pwd & i);
@@ -1181,22 +1182,19 @@ void T55xxWriteBlockExt(uint32_t Data, uint32_t Block, uint32_t Pwd, uint8_t arg
 	// so wait a little more)
 
 	// "there is a clock delay before programming" 
-	//  - programming takes ~5.6ms for t5577 ~18ms for E5550
+	//  - programming takes ~5.6ms for t5577 ~18ms for E5550 or t5567
 	//  so we should wait 1 clock + 5.6ms then read response? 
-	//  but we need to know we are dealing with t55x7 vs e5550 (or q5) marshmellow...
+	//  but we need to know we are dealing with t5577 vs t5567 vs e5550 (or q5) marshmellow...
 	if (testMode) {
-		// Turn field on to read the response
+		//TESTMODE TIMING TESTS: 
-		TurnReadLFOn(READ_GAP);
+		// <566us does nothing 
+		// 566-568 switches between wiping to 0s and doing nothing
+		// 5184 wipes and allows 1 block to be programmed.
+		// indefinite power on wipes and then programs all blocks with bitshifted data sent.
+		TurnReadLFOn(5184); 
 
-		// Acquisition
-		// Now do the acquisition
-		// Now do the acquisition
-		DoPartialAcquisition(20, true, 12000);
-
-		//doT55x7Acquisition(12000);
 	} else {
 		TurnReadLFOn(20 * 1000);
-	}
 		//could attempt to do a read to confirm write took
 		// as the tag should repeat back the new block 
 		// until it is reset, but to confirm it we would 
@@ -1205,6 +1203,9 @@ void T55xxWriteBlockExt(uint32_t Data, uint32_t Block, uint32_t Pwd, uint8_t arg
 		// response should be (for t55x7) a 0 bit then (ST if on) 
 		// block data written in on repeat until reset. 
 
+		//DoPartialAcquisition(20, true, 12000);
+	}
+
 	// turn field off
 	FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
 	LED_A_OFF();
@@ -1265,8 +1266,6 @@ void T55xxReadBlock(uint16_t arg0, uint8_t Block, uint32_t Pwd) {
 	// Now do the acquisition
 	DoPartialAcquisition(0, true, 12000);
 
-	//	doT55x7Acquisition(12000);
-
 	// Turn the field off
 	FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); // field off
 	cmd_send(CMD_ACK,0,0,0,0,0);    
@@ -1754,7 +1753,7 @@ void Cotag(uint32_t arg0) {
 	switch(rawsignal) {
 		case 0: doCotagAcquisition(50000); break;
 		case 1: doCotagAcquisitionManchester(); break;
-		case 2: DoAcquisition_config(TRUE); break;
+		case 2: DoAcquisition_config(true, 0); break;
 	}
 
 	// Turn the field off

armsrc/lfsampling.c

@@ -215,35 +215,35 @@ uint32_t DoAcquisition_default(int trigger_threshold, bool silent)
 {
 	return DoAcquisition(1,8,0,trigger_threshold,silent,0);
 }
-uint32_t DoAcquisition_config( bool silent)
+uint32_t DoAcquisition_config(bool silent, int sample_size)
 {
 	return DoAcquisition(config.decimation
 				  ,config.bits_per_sample
 				  ,config.averaging
 				  ,config.trigger_threshold
 				  ,silent
-				  ,0);
+				  ,sample_size);
 }
 
 uint32_t DoPartialAcquisition(int trigger_threshold, bool silent, int sample_size) {
 	return DoAcquisition(1,8,0,trigger_threshold,silent,sample_size);
 }
 
-uint32_t ReadLF(bool activeField, bool silent)
+uint32_t ReadLF(bool activeField, bool silent, int sample_size)
 {
 	if (!silent) printConfig();
 	LFSetupFPGAForADC(config.divisor, activeField);
 	// Now call the acquisition routine
-	return DoAcquisition_config(silent);
+	return DoAcquisition_config(silent, sample_size);
 }
 
 /**
 * Initializes the FPGA for reader-mode (field on), and acquires the samples.
 * @return number of bits sampled
 **/
-uint32_t SampleLF(bool printCfg)
+uint32_t SampleLF(bool printCfg, int sample_size)
 {
-	uint32_t ret = ReadLF(true, printCfg);
+	uint32_t ret = ReadLF(true, printCfg, sample_size);
 	FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
 	return ret;
 }
@@ -254,78 +254,11 @@ uint32_t SampleLF(bool printCfg)
 
 uint32_t SnoopLF()
 {
-	uint32_t ret = ReadLF(false, true);
+	uint32_t ret = ReadLF(false, true, 0);
 	FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
 	return ret;
 }
 
-/**
-* acquisition of T55x7 LF signal. Similart to other LF, but adjusted with @marshmellows thresholds
-* the data is collected in BigBuf.
-**/
-void doT55x7Acquisition(size_t sample_size) {
-
-	#define T55xx_READ_UPPER_THRESHOLD 128+60  // 60 grph
-	#define T55xx_READ_LOWER_THRESHOLD 128-60  // -60 grph
-	#define T55xx_READ_TOL   5
-
-	uint8_t *dest = BigBuf_get_addr();
-	uint16_t bufsize = BigBuf_max_traceLen();
-	
-	if ( bufsize > sample_size )
-		bufsize = sample_size;
-
-	uint16_t i = 0;
-	bool startFound = false;
-	bool highFound = false;
-	bool lowFound = false;
-	uint8_t curSample = 0;
-	uint8_t lastSample = 0;
-	uint16_t skipCnt = 0;
-	while(!BUTTON_PRESS() && !usb_poll_validate_length() && skipCnt<1000 && i<bufsize ) {
-		WDT_HIT();
-		if (AT91C_BASE_SSC->SSC_SR & AT91C_SSC_TXRDY) {
-			AT91C_BASE_SSC->SSC_THR = 0x43;
-			LED_D_ON();
-		}
-		if (AT91C_BASE_SSC->SSC_SR & AT91C_SSC_RXRDY) {
-			curSample = (uint8_t)AT91C_BASE_SSC->SSC_RHR;
-			LED_D_OFF();
-
-			// skip until the first high sample above threshold
-			if (!startFound && curSample > T55xx_READ_UPPER_THRESHOLD) {
-				//if (curSample > lastSample) 
-				//	lastSample = curSample;
-				highFound = true;
-			} else if (!highFound) {
-				skipCnt++;
-				continue;
-			}
-			// skip until the first Low sample below threshold
-			if (!startFound && curSample < T55xx_READ_LOWER_THRESHOLD) {
-				//if (curSample > lastSample) 
-				lastSample = curSample;
-				lowFound = true;
-			} else if (!lowFound) {
-				skipCnt++;
-				continue;
-			}
-
-
-			// skip until first high samples begin to change
-			if (startFound || curSample > T55xx_READ_LOWER_THRESHOLD+T55xx_READ_TOL){
-				// if just found start - recover last sample
-				if (!startFound) {
-					dest[i++] = lastSample;
-					startFound = true;
-				}
-				// collect samples
-				dest[i++] = curSample;
-			}
-		}
-	}
-}
-
 /**
 * acquisition of Cotag LF signal. Similart to other LF,  since the Cotag has such long datarate RF/384
 * and is Manchester?,  we directly gather the manchester data into bigbuff

armsrc/lfsampling.h

@@ -8,17 +8,11 @@
 void doCotagAcquisition(size_t sample_size);
 uint32_t doCotagAcquisitionManchester(void);
 
-/**
-* acquisition of T55x7 LF signal. Similart to other LF, but adjusted with @marshmellows thresholds
-* the data is collected in BigBuf.
-**/
-void doT55x7Acquisition(size_t sample_size);
-
 /**
 * Initializes the FPGA for reader-mode (field on), and acquires the samples.
 * @return number of bits sampled
 **/
-uint32_t SampleLF(bool silent);
+uint32_t SampleLF(bool silent, int sample_size);
 
 /**
 * Initializes the FPGA for snoop-mode (field off), and acquires the samples.
@@ -45,7 +39,7 @@ uint32_t DoAcquisition_default(int trigger_threshold, bool silent);
  * @return number of bits sampled
  */
 
-uint32_t DoAcquisition_config( bool silent);
+uint32_t DoAcquisition_config(bool silent, int sample_size);
 
 /**
 * Setup the FPGA to listen for samples. This method downloads the FPGA bitstream

client/cmddata.c

@@ -40,8 +40,8 @@ void setDemodBuf(uint8_t *buff, size_t size, size_t startIdx)
 	if (buff == NULL) 
 		return;
 
-	if ( size >= MAX_DEMOD_BUF_LEN)
+	if ( size > MAX_DEMOD_BUF_LEN - startIdx)
-		size = MAX_DEMOD_BUF_LEN;
+		size = MAX_DEMOD_BUF_LEN - startIdx;
 
 	size_t i = 0;
 	for (; i < size; i++){
@@ -51,18 +51,30 @@ void setDemodBuf(uint8_t *buff, size_t size, size_t startIdx)
 	return;
 }
 
+bool getDemodBuf(uint8_t *buff, size_t *size) {
+	if (buff == NULL) return false;
+	if (size == NULL) return false;
+	if (*size == 0) return false;
+
+	*size = (*size > DemodBufferLen) ? DemodBufferLen : *size;
+
+	memcpy(buff, DemodBuffer, *size);
+	return true;
+}
+
 // option '1' to save DemodBuffer any other to restore
 void save_restoreDB(uint8_t saveOpt)
 {
-	static uint8_t SavedDB[MAX_GRAPH_TRACE_LEN];
+	static uint8_t SavedDB[MAX_DEMOD_BUF_LEN];
 	static size_t SavedDBlen;
 	static bool DB_Saved = false;
 
 	if (saveOpt==1) { //save
+
 		memcpy(SavedDB, DemodBuffer, sizeof(DemodBuffer));
 		SavedDBlen = DemodBufferLen;
 		DB_Saved=true;
-	} else if (DB_Saved){ //restore
+	} else if (DB_Saved) { //restore
 		memcpy(DemodBuffer, SavedDB, sizeof(DemodBuffer));
 		DemodBufferLen = SavedDBlen;
 	}
@@ -212,8 +224,8 @@ int ASKDemod_ext(const char *Cmd, bool verbose, bool emSearch, uint8_t askType,
 	bool st = false;
 	size_t ststart = 0, stend = 0;
 	if (*stCheck) st = DetectST_ext(BitStream, &BitLen, &foundclk, &ststart, &stend);
+	*stCheck = st;
 	if (st) {
-		*stCheck = st;
 		clk = (clk == 0) ? foundclk : clk;
 		CursorCPos = ststart;
 		CursorDPos = stend;
@@ -311,7 +323,7 @@ int Cmdmandecoderaw(const char *Cmd)
 		return 0;
 	}
 	if (DemodBufferLen==0) return 0;
-	uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
+	uint8_t BitStream[MAX_DEMOD_BUF_LEN]={0};
 	int high=0,low=0;
 	for (;i<DemodBufferLen;++i){
 		if (DemodBuffer[i]>high) high=DemodBuffer[i];
@@ -373,13 +385,13 @@ int CmdBiphaseDecodeRaw(const char *Cmd)
 		return 0;
 	}
 	sscanf(Cmd, "%i %i %i", &offset, &invert, &maxErr);
-	if (DemodBufferLen==0){
+	if (DemodBufferLen==0) {
 		PrintAndLog("DemodBuffer Empty - run 'data rawdemod ar' first");
 		return 0;
 	}
-	uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
+	uint8_t BitStream[MAX_DEMOD_BUF_LEN]={0};
-	memcpy(BitStream, DemodBuffer, DemodBufferLen); 
+	size = sizeof(BitStream);
-	size = DemodBufferLen;
+	if ( !getDemodBuf(BitStream, &size) ) return 0;
 	errCnt=BiphaseRawDecode(BitStream, &size, offset, invert);
 	if (errCnt<0){
 		PrintAndLog("Error during decode:%d", errCnt);
@@ -408,7 +420,7 @@ int ASKbiphaseDemod(const char *Cmd, bool verbose)
 	int offset=0, clk=0, invert=0, maxErr=0;
 	sscanf(Cmd, "%i %i %i %i", &offset, &clk, &invert, &maxErr);
 
-	uint8_t BitStream[MAX_DEMOD_BUF_LEN];	  
+	uint8_t BitStream[MAX_GRAPH_TRACE_LEN];	  
 	size_t size = getFromGraphBuf(BitStream);	  
 	//invert here inverts the ask raw demoded bits which has no effect on the demod, but we need the pointer
 	int errCnt = askdemod(BitStream, &size, &clk, &invert, maxErr, 0, 0);  
@@ -1126,7 +1138,7 @@ uint8_t getByte(uint8_t bits_per_sample, BitstreamIn* b)
 	return val;
 }
 
-int getSamples(const char *Cmd, bool silent)
+int getSamples(int n, bool silent)
 {
 	//If we get all but the last byte in bigbuf,
 	// we don't have to worry about remaining trash
@@ -1135,14 +1147,12 @@ int getSamples(const char *Cmd, bool silent)
 
 	uint8_t got[BIGBUF_SIZE-1] = { 0 };
 
-	int n = strtol(Cmd, NULL, 0);
-
 	if (n == 0 || n > sizeof(got))
 		n = sizeof(got);
 
-	PrintAndLog("Reading %d bytes from device memory\n", n);
+	if (!silent) PrintAndLog("Reading %d bytes from device memory\n", n);
 	GetFromBigBuf(got,n,0);
-	PrintAndLog("Data fetched");
+	if (!silent) PrintAndLog("Data fetched");
 	UsbCommand response;
 	WaitForResponse(CMD_ACK, &response);
 	uint8_t bits_per_sample = 8;
@@ -1151,13 +1161,13 @@ int getSamples(const char *Cmd, bool silent)
 	if(response.arg[0] > 0)
 	{
 		sample_config *sc = (sample_config *) response.d.asBytes;
-		PrintAndLog("Samples @ %d bits/smpl, decimation 1:%d ", sc->bits_per_sample
+		if (!silent) PrintAndLog("Samples @ %d bits/smpl, decimation 1:%d ", sc->bits_per_sample
 		    , sc->decimation);
 		bits_per_sample = sc->bits_per_sample;
 	}
 	if(bits_per_sample < 8)
 	{
-		PrintAndLog("Unpacking...");
+		if (!silent) PrintAndLog("Unpacking...");
 		BitstreamIn bout = { got, bits_per_sample * n,  0};
 		int j =0;
 		for (j = 0; j * bits_per_sample < n * 8 && j < n; j++) {
@@ -1180,7 +1190,8 @@ int getSamples(const char *Cmd, bool silent)
 
 int CmdSamples(const char *Cmd)
 {
-	return getSamples(Cmd, false);
+	int n = strtol(Cmd, NULL, 0);
+	return getSamples(n, false);
 }
 
 int CmdTuneSamples(const char *Cmd)

client/cmddata.h

@@ -22,6 +22,7 @@ command_t * CmdDataCommands();
 int CmdData(const char *Cmd);
 void printDemodBuff(void);
 void setDemodBuf(uint8_t *buff, size_t size, size_t startIdx);
+bool getDemodBuf(uint8_t *buff, size_t *size);
 void save_restoreDB(uint8_t saveOpt);// option '1' to save DemodBuffer any other to restore
 int CmdPrintDemodBuff(const char *Cmd);
 int Cmdaskrawdemod(const char *Cmd);
@@ -62,7 +63,7 @@ int ASKDemod_ext(const char *Cmd, bool verbose, bool emSearch, uint8_t askType,
 int FSKrawDemod(const char *Cmd, bool verbose);
 int PSKDemod(const char *Cmd, bool verbose);
 int NRZrawDemod(const char *Cmd, bool verbose);
-int getSamples(const char *Cmd, bool silent);
+int getSamples(int n, bool silent);
 
 
 #define MAX_DEMOD_BUF_LEN (1024*128)

client/cmdlf.c

@@ -12,6 +12,8 @@
 #include <stdlib.h>
 #include <string.h>
 #include <limits.h>
+#include <stdbool.h>
+#include <stdint.h>
 #include "proxmark3.h"
 #include "cmdlf.h"
 #include "lfdemod.h"     // for psk2TOpsk1
@@ -211,7 +213,7 @@ int usage_lf_read(void)
 	PrintAndLog("Options:        ");
 	PrintAndLog("       h            This help");
 	PrintAndLog("       s            silent run no printout");
-	PrintAndLog("This function takes no arguments. ");
+	PrintAndLog("       [# samples]  # samples to collect (optional)");	
 	PrintAndLog("Use 'lf config' to set parameters.");
 	return 0;
 }
@@ -331,29 +333,41 @@ int CmdLFSetConfig(const char *Cmd)
 	return 0;
 }
 
+bool lf_read(bool silent, uint32_t samples) {
+	if (offline) return false;
+	UsbCommand c = {CMD_ACQUIRE_RAW_ADC_SAMPLES_125K, {silent,samples,0}};
+	clearCommandBuffer();
+	//And ship it to device
+	SendCommand(&c);
+
+	UsbCommand resp;
+	if (g_lf_threshold_set) {
+		WaitForResponse(CMD_ACK,&resp);
+	} else {
+		if ( !WaitForResponseTimeout(CMD_ACK,&resp,2500) ) {
+			PrintAndLog("command execution time out");
+			return false;
+		}
+	}
+	getSamples(resp.arg[0], silent);
+
+	return true;
+}
+
 int CmdLFRead(const char *Cmd)
 {
-	if (offline) return 0;
 	uint8_t cmdp = 0;
-	bool arg1 = false;
+	bool silent = false;
 	if (param_getchar(Cmd, cmdp) == 'h')
 	{
 		return usage_lf_read();
 	}
-	if (param_getchar(Cmd, cmdp) == 's') arg1 = true; //suppress print
+	if (param_getchar(Cmd, cmdp) == 's') {
-	//And ship it to device
+		silent = true; //suppress print
-	UsbCommand c = {CMD_ACQUIRE_RAW_ADC_SAMPLES_125K, {arg1,0,0}};
+		cmdp++;
-	clearCommandBuffer();
-	SendCommand(&c);
-	if (g_lf_threshold_set) {
-		WaitForResponse(CMD_ACK,NULL);
-	} else {
-		if ( !WaitForResponseTimeout(CMD_ACK,NULL,2500) ) {
-			PrintAndLog("command execution time out");
-			return 1;
-		}
 	}
-	return 0;
+	uint32_t samples = param_get32ex(Cmd, cmdp, 0, 10);
+	return lf_read(silent, samples);
 }
 
 int CmdLFSnoop(const char *Cmd)
@@ -368,6 +382,8 @@ int CmdLFSnoop(const char *Cmd)
 	clearCommandBuffer();
 	SendCommand(&c);
 	WaitForResponse(CMD_ACK,NULL);
+	getSamples(0, true);
+
 	return 0;
 }
 
@@ -905,9 +921,8 @@ int CmdLFfind(const char *Cmd)
 		return 0;
 	}
 
-	if (!offline && (cmdp != '1')){
+	if (!offline && (cmdp != '1')) {
-		CmdLFRead("s");
+		lf_read(true, 30000);
-		getSamples("30000",false);
 	} else if (GraphTraceLen < minLength) {
 		PrintAndLog("Data in Graphbuffer was too small.");
 		return 0;
@@ -1051,7 +1066,7 @@ int CmdLFfind(const char *Cmd)
 			ans=FSKrawDemod("",true);
 			if (ans>0) {
 				PrintAndLog("\nUnknown FSK Modulated Tag Found!");
-				return 1;
+				return CheckChipType(cmdp);;
 			}
 		}
 		bool st = true;
@@ -1059,15 +1074,16 @@ int CmdLFfind(const char *Cmd)
 		if (ans>0) {
 			PrintAndLog("\nUnknown ASK Modulated and Manchester encoded Tag Found!");
 			PrintAndLog("\nif it does not look right it could instead be ASK/Biphase - try 'data rawdemod ab'");
-			return 1;
+			return CheckChipType(cmdp);;
 		}
 		ans=CmdPSK1rawDemod("");
 		if (ans>0) {
 			PrintAndLog("Possible unknown PSK1 Modulated Tag Found above!\n\nCould also be PSK2 - try 'data rawdemod p2'");
 			PrintAndLog("\nCould also be PSK3 - [currently not supported]");
-			PrintAndLog("\nCould also be NRZ - try 'data nrzrawdemod");
+			PrintAndLog("\nCould also be NRZ - try 'data nrzrawdemod'");
-			return 1;
+			return CheckChipType(cmdp);;
 		}
+		ans = CheckChipType(cmdp);
 		PrintAndLog("\nNo Data Found!\n");
 	}
 	return 0;

client/cmdlf.h

@@ -11,20 +11,24 @@
 #ifndef CMDLF_H__
 #define CMDLF_H__
 
-int CmdLF(const char *Cmd);
+#include <stdbool.h>
+#include <stdint.h>
 
-int CmdLFCommandRead(const char *Cmd);
+extern int CmdLF(const char *Cmd);
-int CmdFlexdemod(const char *Cmd);
+
-int CmdIndalaDemod(const char *Cmd);
+extern int CmdLFCommandRead(const char *Cmd);
-int CmdIndalaClone(const char *Cmd);
+extern int CmdFlexdemod(const char *Cmd);
-int CmdLFRead(const char *Cmd);
+extern int CmdIndalaDemod(const char *Cmd);
-int CmdLFSim(const char *Cmd);
+extern int CmdIndalaClone(const char *Cmd);
-int CmdLFaskSim(const char *Cmd);
+extern int CmdLFRead(const char *Cmd);
-int CmdLFfskSim(const char *Cmd);
+extern int CmdLFSim(const char *Cmd);
-int CmdLFpskSim(const char *Cmd);
+extern int CmdLFaskSim(const char *Cmd);
-int CmdLFSimBidir(const char *Cmd);
+extern int CmdLFfskSim(const char *Cmd);
-int CmdLFSnoop(const char *Cmd);
+extern int CmdLFpskSim(const char *Cmd);
-int CmdVchDemod(const char *Cmd);
+extern int CmdLFSimBidir(const char *Cmd);
-int CmdLFfind(const char *Cmd);
+extern int CmdLFSnoop(const char *Cmd);
+extern int CmdVchDemod(const char *Cmd);
+extern int CmdLFfind(const char *Cmd);
+extern bool lf_read(bool silent, uint32_t samples);
 
 #endif

client/cmdlfawid.c

@@ -8,6 +8,7 @@
 // the license.
 //-----------------------------------------------------------------------------
 // Low frequency AWID26 commands
+// FSK2a, RF/50, 96 bits (complete)
 //-----------------------------------------------------------------------------
 
 #include <string.h>

client/cmdlfcotag.c

@@ -96,7 +96,7 @@ int CmdCOTAGRead(const char *Cmd) {
 		case 2: {
 			CmdPlot("");
 			CmdGrid("384");
-			getSamples("", true); break;
+			getSamples(0, true); break;
 		}
 		case 1: {
 			GetFromBigBuf(DemodBuffer, COTAG_BITS, 0);

client/cmdlfem4x.c

@@ -146,17 +146,18 @@ void printEM410x(uint32_t hi, uint64_t id)
 int AskEm410xDecode(bool verbose, uint32_t *hi, uint64_t *lo )
 {
 	size_t idx = 0;
-	size_t BitLen = DemodBufferLen;
+	uint8_t BitStream[512]={0};
-	uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
+	size_t BitLen = sizeof(BitStream);
-	memcpy(BitStream, DemodBuffer, BitLen); 
+	if ( !getDemodBuf(BitStream, &BitLen) ) return 0;
-	if (Em410xDecode(BitStream, &BitLen, &idx, hi, lo)){
+
+	if (Em410xDecode(BitStream, &BitLen, &idx, hi, lo)) {
 		//set GraphBuffer for clone or sim command
 		setDemodBuf(BitStream, BitLen, idx);
-		if (g_debugMode){
+		if (g_debugMode) {
 			PrintAndLog("DEBUG: idx: %d, Len: %d, Printing Demod Buffer:", idx, BitLen);
 			printDemodBuff();
 		}
-		if (verbose){
+		if (verbose) {
 			PrintAndLog("EM410x pattern found: ");
 			printEM410x(*hi, *lo);
 			g_em410xId = *lo;
@@ -298,9 +299,7 @@ int CmdEM410xWatch(const char *Cmd)
 			printf("\naborted via keyboard!\n");
 			break;
 		}
-		
+		lf_read(true, 8201);
-		CmdLFRead("s");
-		getSamples("8201",true); 
 	} while (!CmdAskEM410xDemod(""));
 
 	return 0;

client/cmdlffdx.c

@@ -5,6 +5,7 @@
 // the license.
 //-----------------------------------------------------------------------------
 // Low frequency fdx-b tag commands
+// Differential Biphase, rf/32, 128 bits (known)
 //-----------------------------------------------------------------------------
 
 #include "cmdlffdx.h"
@@ -203,8 +204,7 @@ int CmdFdxDemod(const char *Cmd){
 }
 
 int CmdFdxRead(const char *Cmd) {
-	CmdLFRead("s");
+	lf_read(true, 10000);
-	getSamples("10000", true);
 	return CmdFdxDemod(Cmd);
 }
 

client/cmdlfgproxii.c

@@ -5,6 +5,7 @@
 // the license.
 //-----------------------------------------------------------------------------
 // Low frequency G Prox II tag commands
+// Biphase, rf/ , 96 bits  (unknown key calc + some bits)
 //-----------------------------------------------------------------------------
 #include <stdio.h>
 #include <string.h>
@@ -89,9 +90,7 @@ int CmdG_Prox_II_Demod(const char *Cmd)
 //see ASKDemod for what args are accepted
 int CmdG_Prox_II_Read(const char *Cmd) {
 	// read lf silently
-	CmdLFRead("s");
+	lf_read(true, 10000);
-	// get samples silently
-	getSamples("10000",false);
 	// demod and output viking ID	
 	return CmdG_Prox_II_Demod(Cmd);
 }

client/cmdlfhid.c

@@ -5,7 +5,7 @@
 // at your option, any later version. See the LICENSE.txt file for the text of
 // the license.
 //-----------------------------------------------------------------------------
-// Low frequency HID commands
+// Low frequency HID commands (known)
 //-----------------------------------------------------------------------------
 
 #include <stdio.h>

client/cmdlfindala.c

@@ -5,6 +5,7 @@
 // the license.
 //-----------------------------------------------------------------------------
 // Low frequency Indala commands
+// PSK1, rf/32, 64 or 224 bits (known)
 //-----------------------------------------------------------------------------
 
 #include <stdio.h>
@@ -73,8 +74,7 @@ int CmdIndalaDecode(const char *Cmd) {
 }
 
 int CmdIndalaRead(const char *Cmd) {
-	CmdLFRead("s");
+	lf_read(true, 30000);
-	getSamples("30000",false);
 	return CmdIndalaDecode("");
 }
 

client/cmdlfio.c

@@ -1,3 +1,13 @@
+//-----------------------------------------------------------------------------
+//
+// This code is licensed to you under the terms of the GNU GPL, version 2 or,
+// at your option, any later version. See the LICENSE.txt file for the text of
+// the license.
+//-----------------------------------------------------------------------------
+// Low frequency ioProx commands
+// FSK2a, rf/64, 64 bits (complete)
+//-----------------------------------------------------------------------------
+
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>

client/cmdlfjablotron.c

@@ -5,7 +5,7 @@
 // the license.
 //-----------------------------------------------------------------------------
 // Low frequency jablotron tag commands
-// Differential Biphase, RF/64, 64 bits long
+// Differential Biphase, RF/64, 64 bits long (complete)
 //-----------------------------------------------------------------------------
 
 #include "cmdlfjablotron.h"
@@ -141,8 +141,7 @@ int CmdJablotronDemod(const char *Cmd) {
 }
 
 int CmdJablotronRead(const char *Cmd) {
-	CmdLFRead("s");
+	lf_read(true, 10000);
-	getSamples("10000", true);
 	return CmdJablotronDemod(Cmd);
 }
 

client/cmdlfnexwatch.c

@@ -5,7 +5,7 @@
 // the license.
 //-----------------------------------------------------------------------------
 // Low frequency Honeywell NexWatch tag commands
-// PSK1 RF/16, RF/2, 128 bits long
+// PSK1 RF/16, RF/2, 128 bits long (known)
 //-----------------------------------------------------------------------------
 #include <stdio.h>
 #include <string.h>
@@ -66,9 +66,7 @@ int CmdPSKNexWatch(const char *Cmd)
 //see ASKDemod for what args are accepted
 int CmdNexWatchRead(const char *Cmd) {
 	// read lf silently
-	CmdLFRead("s");
+	lf_read(true, 10000);
-	// get samples silently
-	getSamples("10000",false);
 	// demod and output viking ID	
 	return CmdPSKNexWatch(Cmd);
 }

client/cmdlfnoralsy.c

@@ -5,7 +5,7 @@
 // the license.
 //-----------------------------------------------------------------------------
 // Low frequency Noralsy tag commands
-// ASK/Manchester, STT, RF/32, 96 bits long
+// ASK/Manchester, STT, RF/32, 96 bits long (some bits unknown)
 //-----------------------------------------------------------------------------
 #include "cmdlfnoralsy.h"
 #include <string.h>
@@ -98,13 +98,14 @@ int NoralsyDemod_AM(uint8_t *dest, size_t *size) {
 /*
 *
 * 2520116 | BB0214FF2529900116360000 | 10111011 00000011 00010100 11111111 00100101 00101001 10010000 00000001 00010110 00110110 00000000 00000000
-*           aaaaaaaaiii***iiiicc----                                       iiiiiiii iiiiYYYY YYYY**** iiiiiiii iiiiiiii cccccccc
+*           aaa*aaaaiiiYY*iiiicc----                ****                   iiiiiiii iiiiYYYY YYYY**** iiiiiiii iiiiiiii cccccccc
 *
-* a = fixed value BB0314FF 
+* a = fixed value BB0*14FF 
 * i = printed id, BCD-format
 * Y = year
 * c = checksum
-* 
+* * = unknown
+*
 **/
 
 //see ASKDemod for what args are accepted
@@ -171,8 +172,7 @@ int CmdNoralsyDemod(const char *Cmd) {
 }
 
 int CmdNoralsyRead(const char *Cmd) {
-	CmdLFRead("s");
+	lf_read(true, 8000);
-	getSamples("8000",true);
 	return CmdNoralsyDemod(Cmd);
 }
 

client/cmdlfparadox.c

@@ -5,6 +5,7 @@
 // the license.
 //-----------------------------------------------------------------------------
 // Low frequency Paradox tag commands
+// FSK2a, rf/50, 96 bits (completely known)
 //-----------------------------------------------------------------------------
 #include <stdio.h>
 #include <string.h>
@@ -72,9 +73,7 @@ int CmdFSKdemodParadox(const char *Cmd)
 //see ASKDemod for what args are accepted
 int CmdParadoxRead(const char *Cmd) {
 	// read lf silently
-	CmdLFRead("s");
+	lf_read(true, 10000);
-	// get samples silently
-	getSamples("10000",false);
 	// demod and output viking ID	
 	return CmdFSKdemodParadox(Cmd);
 }

client/cmdlfpresco.c

@@ -5,6 +5,7 @@
 // the license.
 //-----------------------------------------------------------------------------
 // Low frequency Presco tag commands
+// ASK/Manchester, rf/32, 128 bits (complete)
 //-----------------------------------------------------------------------------
 #include <string.h>
 #include <inttypes.h>
@@ -129,7 +130,7 @@ int CmdPrescoDemod(const char *Cmd) {
 		return 0;
 	}
 	size_t size = DemodBufferLen;
-	//call lfdemod.c demod for Viking
+	//call lfdemod.c demod for presco
 	int ans = PrescoDemod(DemodBuffer, &size);
 	if (ans < 0) {
 		if (g_debugMode) PrintAndLog("Error Presco_Demod %d", ans);
@@ -160,9 +161,7 @@ int CmdPrescoRead(const char *Cmd) {
 	// Presco Number: 123456789 --> Sitecode 30 | usercode 8665
 
 	// read lf silently
-	CmdLFRead("s");
+	lf_read(true, 10000);
-	// get samples silently
-	getSamples("30000",false);
 	// demod and output Presco ID	
 	return CmdPrescoDemod(Cmd);
 }

client/cmdlfpyramid.c

@@ -5,6 +5,7 @@
 // the license.
 //-----------------------------------------------------------------------------
 // Low frequency Farpoint / Pyramid tag commands
+// FSK2a, rf/50, 128 bits (complete)
 //-----------------------------------------------------------------------------
 #include <string.h>
 #include <inttypes.h>
@@ -225,8 +226,7 @@ int CmdFSKdemodPyramid(const char *Cmd)
 }
 
 int CmdPyramidRead(const char *Cmd) {
-	CmdLFRead("s");
+	lf_read(true, 15000);
-	getSamples("30000",false);
 	return CmdFSKdemodPyramid("");
 }
 

client/cmdlfsecurakey.c

@@ -5,7 +5,7 @@
 // the license.
 //-----------------------------------------------------------------------------
 // Low frequency Securakey tag commands
-// ASK/Manchester, RF/40, 96 bits long
+// ASK/Manchester, RF/40, 96 bits long (unknown cs)
 //-----------------------------------------------------------------------------
 #include "cmdlfsecurakey.h"
 #include <string.h>
@@ -123,8 +123,7 @@ int CmdSecurakeyDemod(const char *Cmd) {
 }
 
 int CmdSecurakeyRead(const char *Cmd) {
-	CmdLFRead("s");
+	lf_read(true, 8000);
-	getSamples("8000",true);
 	return CmdSecurakeyDemod(Cmd);
 }
 

client/cmdlft55xx.c

@@ -810,6 +810,7 @@ bool test(uint8_t mode, uint8_t *offset, int *fndBitRate, uint8_t clk, bool *Q5)
 			if (!testBitRate(bitRate, clk)) continue;
 		} else { //extended mode bitrate = same function to calc bitrate as em4x05
 			if (EM4x05_GET_BITRATE(bitRate) != clk) continue;
+
 		}
 		//test modulation
 		if (!testModulation(mode, modread)) continue;
@@ -869,7 +870,7 @@ int special(const char *Cmd) {
 int printConfiguration( t55xx_conf_block_t b){
 	PrintAndLog("Chip Type  : %s", (b.Q5) ? "T5555(Q5)" : "T55x7");
 	PrintAndLog("Modulation : %s", GetSelectedModulationStr(b.modulation) );
-	PrintAndLog("Bit Rate   : %s", GetBitRateStr(b.bitrate, (b.block0 & T55x7_X_MODE)) );
+	PrintAndLog("Bit Rate   : %s", GetBitRateStr(b.bitrate, (b.block0 & T55x7_X_MODE && (b.block0>>28==6 || b.block0>>28==9))) );
 	PrintAndLog("Inverted   : %s", (b.inverted) ? "Yes" : "No" );
 	PrintAndLog("Offset     : %d", b.offset);
 	PrintAndLog("Seq. Term. : %s", (b.ST) ? "Yes" : "No" );
@@ -1233,11 +1234,7 @@ int AquireData( uint8_t page, uint8_t block, bool pwdmode, uint32_t password ){
 		PrintAndLog("command execution time out");
 		return 0;
 	}
-
+	getSamples(12000,true);
-	uint8_t got[12000];
-	GetFromBigBuf(got,sizeof(got),0);
-	WaitForResponse(CMD_ACK,NULL);
-	setGraphBuf(got, sizeof(got));
 	return 1;
 }
 

client/cmdlfviking.c

@@ -4,7 +4,8 @@
 // at your option, any later version. See the LICENSE.txt file for the text of
 // the license.
 //-----------------------------------------------------------------------------
-// Low frequency Viking tag commands
+// Low frequency Viking tag commands (AKA FDI Matalec Transit)
+// ASK/Manchester, RF/32, 64 bits (complete)
 //-----------------------------------------------------------------------------
 #include <stdio.h>
 #include <string.h>
@@ -80,9 +81,7 @@ int CmdVikingDemod(const char *Cmd) {
 //see ASKDemod for what args are accepted
 int CmdVikingRead(const char *Cmd) {
 	// read lf silently
-	CmdLFRead("s");
+	lf_read(true, 10000);
-	// get samples silently
-	getSamples("10000",false);
 	// demod and output viking ID	
 	return CmdVikingDemod(Cmd);
 }

client/cmdlfvisa2000.c

@@ -6,6 +6,7 @@
 //-----------------------------------------------------------------------------
 // Low frequency visa 2000 tag commands
 // by iceman
+// ASK/Manchester, RF/64, STT, 96 bits (complete)
 //-----------------------------------------------------------------------------
 
 #include "cmdlfvisa2000.h"
@@ -83,12 +84,12 @@ static uint8_t visa_parity( uint32_t id) {
 /**
 *
 * 56495332 00096ebd 00000077 —> tag id 618173
-* aaaaaaaa iiiiiiii -----..c
+* aaaaaaaa iiiiiiii -----ppc
 *
 * a = fixed value  ascii 'VIS2'
 * i = card id
+* p = even parity bit for each nibble in card id.
 * c = checksum  (xor of card id)
-* . = unknown 
 * 
 **/
 //see ASKDemod for what args are accepted
@@ -146,9 +147,8 @@ int CmdVisa2kDemod(const char *Cmd) {
 }
 
 int CmdVisa2kRead(const char *Cmd) {
-	CmdLFRead("s");
 	//64*96*2=12288 samples just in case we just missed the first preamble we can still catch 2 of them
-	getSamples("12500",true); 
+	lf_read(true, 12500);
 	return CmdVisa2kDemod(Cmd);
 }
 

client/util.c

@@ -174,7 +174,7 @@ char *sprint_bin_break(const uint8_t *data, const size_t len, const uint8_t brea
 		if (data[in_index]<10)
 			sprintf(tmp++, "%u", (unsigned int) data[in_index]);
 		// check if a line break is needed and we have room to print it in our array
-		if ( (breaks > 0) && !((in_index+1) % breaks) && (out_index+1 != max_len) ) {
+		if ( (breaks > 0) && !((in_index+1) % breaks) && (out_index+1 < max_len) ) {
 			// increment and print line break
 			out_index++;
 			sprintf(tmp++, "%s","\n");

common/lfdemod.c

@@ -751,8 +751,8 @@ int DetectPSKClock(uint8_t dest[], size_t size, int clock, size_t *firstPhaseShi
 	uint16_t fcs = countFC(dest, size, 0);
 	*fc = fcs & 0xFF;
 	if (g_debugMode==2) prnt("DEBUG PSK: FC: %d, FC2: %d",*fc, fcs>>8);
-	if ((fcs>>8) == 10 && *fc == 8) return -1;
+	if ((fcs>>8) == 10 && *fc == 8) return 0;
-	if (*fc!=2 && *fc!=4 && *fc!=8) return -1;
+	if (*fc!=2 && *fc!=4 && *fc!=8) return 0;
 
 	//if we already have a valid clock quit
 	size_t i=1;
@@ -1561,7 +1561,7 @@ int pskRawDemod_ext(uint8_t dest[], size_t *size, int *clock, int *invert, int *
 	uint16_t errCnt=0, errCnt2=0;
 	
 	*clock = DetectPSKClock(dest, *size, *clock, &firstFullWave, &curPhase, &fc);
-	if (*clock == 0) return -1;
+	if (*clock <= 0) return -1;
 	//if clock detect found firstfullwave...
 	uint16_t tol = fc/2;
 	if (firstFullWave == 0) {