github/proxmark3
1
0
Fork 0
mirror of https://github.com/Proxmark/proxmark3.git synced 2025-08-21 13:53:26 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Pushed standard AT91 defines into main code

Browse source
This commit is contained in:
d18c7db 2009-09-29 12:13:41 +00:00
commit 6949aca9fa
16 changed files with 1368 additions and 1521 deletions
Download patch file Download diff file Expand all files Collapse all files

236
armsrc/iso14443.c
View file

@ -295,11 +295,11 @@ static BOOL GetIso14443CommandFromReader(BYTE *received, int *len, int maxLen)
if(BUTTON_PRESS()) return FALSE;
if(SSC_STATUS & (SSC_STATUS_TX_READY)) {
SSC_TRANSMIT_HOLDING = 0x00;
if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {
AT91C_BASE_SSC->SSC_THR = 0x00;
}
if(SSC_STATUS & (SSC_STATUS_RX_READY)) {
BYTE b = (BYTE)SSC_RECEIVE_HOLDING;
if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {
BYTE b = (BYTE)AT91C_BASE_SSC->SSC_RHR;
mask = 0x80;
for(i = 0; i < 8; i++, mask >>= 1) {
@ -392,24 +392,24 @@ void SimulateIso14443Tag(void)
LED_D_OFF();
FpgaWriteConfWord(
FPGA_MAJOR_MODE_HF_SIMULATOR | FPGA_HF_SIMULATOR_MODULATE_BPSK);
SSC_TRANSMIT_HOLDING = 0xff;
AT91C_BASE_SSC->SSC_THR = 0xff;
FpgaSetupSsc();
// Transmit the response.
i = 0;
for(;;) {
if(SSC_STATUS & (SSC_STATUS_TX_READY)) {
if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {
BYTE b = resp[i];
SSC_TRANSMIT_HOLDING = b;
AT91C_BASE_SSC->SSC_THR = b;
i++;
if(i > respLen) {
break;
}
}
if(SSC_STATUS & (SSC_STATUS_RX_READY)) {
volatile BYTE b = (BYTE)SSC_RECEIVE_HOLDING;
if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {
volatile BYTE b = (BYTE)AT91C_BASE_SSC->SSC_RHR;
(void)b;
}
}
@ -454,7 +454,7 @@ static struct {
*
* Returns: true if we received a EOF
* false if we are still waiting for some more
*
*
*/
static BOOL Handle14443SamplesDemod(int ci, int cq)
{
@ -612,7 +612,7 @@ static BOOL Handle14443SamplesDemod(int ci, int cq)
* Demodulate the samples we received from the tag
* weTx: set to 'TRUE' if we behave like a reader
* set to 'FALSE' if we behave like a snooper
* quiet: set to 'TRUE' to disable debug output
* quiet: set to 'TRUE' to disable debug output
*/
static void GetSamplesFor14443Demod(BOOL weTx, int n, BOOL quiet)
{
@ -654,10 +654,10 @@ static void GetSamplesFor14443Demod(BOOL weTx, int n, BOOL quiet)
(weTx ? 0 : FPGA_HF_READER_RX_XCORR_SNOOP));
for(;;) {
int behindBy = lastRxCounter - PDC_RX_COUNTER(SSC_BASE);
int behindBy = lastRxCounter - AT91C_BASE_PDC_SSC->PDC_RCR;
if(behindBy > max) max = behindBy;
while(((lastRxCounter-PDC_RX_COUNTER(SSC_BASE)) & (DMA_BUFFER_SIZE-1))
while(((lastRxCounter-AT91C_BASE_PDC_SSC->PDC_RCR) & (DMA_BUFFER_SIZE-1))
> 2)
{
ci = upTo[0];
@ -665,8 +665,8 @@ static void GetSamplesFor14443Demod(BOOL weTx, int n, BOOL quiet)
upTo += 2;
if(upTo - dmaBuf > DMA_BUFFER_SIZE) {
upTo -= DMA_BUFFER_SIZE;
PDC_RX_NEXT_POINTER(SSC_BASE) = (DWORD)upTo;
PDC_RX_NEXT_COUNTER(SSC_BASE) = DMA_BUFFER_SIZE;
AT91C_BASE_PDC_SSC->PDC_RNPR = (DWORD)upTo;
AT91C_BASE_PDC_SSC->PDC_RNCR = DMA_BUFFER_SIZE;
}
lastRxCounter -= 2;
if(lastRxCounter <= 0) {
@ -687,7 +687,7 @@ static void GetSamplesFor14443Demod(BOOL weTx, int n, BOOL quiet)
break;
}
}
PDC_CONTROL(SSC_BASE) = PDC_RX_DISABLE;
AT91C_BASE_PDC_SSC->PDC_PTCR = AT91C_PDC_RXTDIS;
if (!quiet) DbpIntegers(max, gotFrame, Demod.len);
}
@ -707,12 +707,12 @@ static void GetSamplesFor14443Demod(BOOL weTx, int n, BOOL quiet)
c = 0;
for(;;) {
if(SSC_STATUS & (SSC_STATUS_TX_READY)) {
SSC_TRANSMIT_HOLDING = 0x43;
if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {
AT91C_BASE_SSC->SSC_THR = 0x43;
}
if(SSC_STATUS & (SSC_STATUS_RX_READY)) {
if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {
SBYTE b;
b = (SBYTE)SSC_RECEIVE_HOLDING;
b = (SBYTE)AT91C_BASE_SSC->SSC_RHR;
dest[c++] = (BYTE)b;
@ -732,8 +732,8 @@ static void TransmitFor14443(void)
FpgaSetupSsc();
while(SSC_STATUS & (SSC_STATUS_TX_READY)) {
SSC_TRANSMIT_HOLDING = 0xff;
while(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {
AT91C_BASE_SSC->SSC_THR = 0xff;
}
// Signal field is ON with the appropriate Red LED
@ -744,12 +744,12 @@ static void TransmitFor14443(void)
FPGA_MAJOR_MODE_HF_READER_TX | FPGA_HF_READER_TX_SHALLOW_MOD);
for(c = 0; c < 10;) {
if(SSC_STATUS & (SSC_STATUS_TX_READY)) {
SSC_TRANSMIT_HOLDING = 0xff;
if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {
AT91C_BASE_SSC->SSC_THR = 0xff;
c++;
}
if(SSC_STATUS & (SSC_STATUS_RX_READY)) {
volatile DWORD r = SSC_RECEIVE_HOLDING;
if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {
volatile DWORD r = AT91C_BASE_SSC->SSC_RHR;
(void)r;
}
WDT_HIT();
@ -757,15 +757,15 @@ static void TransmitFor14443(void)
c = 0;
for(;;) {
if(SSC_STATUS & (SSC_STATUS_TX_READY)) {
SSC_TRANSMIT_HOLDING = ToSend[c];
if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {
AT91C_BASE_SSC->SSC_THR = ToSend[c];
c++;
if(c >= ToSendMax) {
break;
}
}
if(SSC_STATUS & (SSC_STATUS_RX_READY)) {
volatile DWORD r = SSC_RECEIVE_HOLDING;
if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {
volatile DWORD r = AT91C_BASE_SSC->SSC_RHR;
(void)r;
}
WDT_HIT();
@ -831,8 +831,8 @@ void CodeIso14443bAsReader(const BYTE *cmd, int len)
//-----------------------------------------------------------------------------
// Read an ISO 14443 tag. We send it some set of commands, and record the
// responses.
// The command name is misleading, it actually decodes the reponse in HEX
// responses.
// The command name is misleading, it actually decodes the reponse in HEX
// into the output buffer (read the result using hexsamples, not hisamples)
//-----------------------------------------------------------------------------
void AcquireRawAdcSamplesIso14443(DWORD parameter)
@ -861,19 +861,19 @@ void AcquireRawAdcSamplesIso14443(DWORD parameter)
GetSamplesFor14443Demod(TRUE, 2000, FALSE);
// LED_A_OFF();
}
//-----------------------------------------------------------------------------
// Read a SRI512 ISO 14443 tag.
//
// SRI512 tags are just simple memory tags, here we're looking at making a dump
// of the contents of the memory. No anticollision algorithm is done, we assume
// we have a single tag in the field.
//
//
// SRI512 tags are just simple memory tags, here we're looking at making a dump
// of the contents of the memory. No anticollision algorithm is done, we assume
// we have a single tag in the field.
//
// I tried to be systematic and check every answer of the tag, every CRC, etc...
//-----------------------------------------------------------------------------
void ReadSRI512Iso14443(DWORD parameter)
{
BYTE i = 0x00;
BYTE i = 0x00;
// Make sure that we start from off, since the tags are stateful;
// confusing things will happen if we don't reset them between reads.
@ -890,7 +890,7 @@ void ReadSRI512Iso14443(DWORD parameter)
FpgaWriteConfWord(
FPGA_MAJOR_MODE_HF_READER_RX_XCORR | FPGA_HF_READER_RX_XCORR_848_KHZ);
SpinDelay(200);
// First command: wake up the tag using the INITIATE command
BYTE cmd1[] = { 0x06, 0x00, 0x97, 0x5b};
CodeIso14443bAsReader(cmd1, sizeof(cmd1));
@ -898,102 +898,102 @@ void ReadSRI512Iso14443(DWORD parameter)
// LED_A_ON();
GetSamplesFor14443Demod(TRUE, 2000,TRUE);
// LED_A_OFF();
if (Demod.len == 0) {
DbpString("No response from tag");
return;
} else {
DbpString("Randomly generated UID from tag (+ 2 byte CRC):");
DbpIntegers(Demod.output[0], Demod.output[1],Demod.output[2]);
}
// There is a response, SELECT the uid
DbpString("Now SELECT tag:");
cmd1[0] = 0x0E; // 0x0E is SELECT
cmd1[1] = Demod.output[0];
if (Demod.len == 0) {
DbpString("No response from tag");
return;
} else {
DbpString("Randomly generated UID from tag (+ 2 byte CRC):");
DbpIntegers(Demod.output[0], Demod.output[1],Demod.output[2]);
}
// There is a response, SELECT the uid
DbpString("Now SELECT tag:");
cmd1[0] = 0x0E; // 0x0E is SELECT
cmd1[1] = Demod.output[0];
ComputeCrc14443(CRC_14443_B, cmd1, 2, &cmd1[2], &cmd1[3]);
CodeIso14443bAsReader(cmd1, sizeof(cmd1));
TransmitFor14443();
// LED_A_ON();
GetSamplesFor14443Demod(TRUE, 2000,TRUE);
// LED_A_OFF();
if (Demod.len != 3) {
DbpString("Expected 3 bytes from tag, got:");
DbpIntegers(Demod.len,0x0,0x0);
return;
}
// Check the CRC of the answer:
if (Demod.len != 3) {
DbpString("Expected 3 bytes from tag, got:");
DbpIntegers(Demod.len,0x0,0x0);
return;
}
// Check the CRC of the answer:
ComputeCrc14443(CRC_14443_B, Demod.output, 1 , &cmd1[2], &cmd1[3]);
if(cmd1[2] != Demod.output[1] || cmd1[3] != Demod.output[2]) {
DbpString("CRC Error reading select response.");
return;
}
// Check response from the tag: should be the same UID as the command we just sent:
if (cmd1[1] != Demod.output[0]) {
DbpString("Bad response to SELECT from Tag, aborting:");
DbpIntegers(cmd1[1],Demod.output[0],0x0);
return;
}
// Tag is now selected,
// First get the tag's UID:
cmd1[0] = 0x0B;
ComputeCrc14443(CRC_14443_B, cmd1, 1 , &cmd1[1], &cmd1[2]);
DbpString("CRC Error reading select response.");
return;
}
// Check response from the tag: should be the same UID as the command we just sent:
if (cmd1[1] != Demod.output[0]) {
DbpString("Bad response to SELECT from Tag, aborting:");
DbpIntegers(cmd1[1],Demod.output[0],0x0);
return;
}
// Tag is now selected,
// First get the tag's UID:
cmd1[0] = 0x0B;
ComputeCrc14443(CRC_14443_B, cmd1, 1 , &cmd1[1], &cmd1[2]);
CodeIso14443bAsReader(cmd1, 3); // Only first three bytes for this one
TransmitFor14443();
// LED_A_ON();
GetSamplesFor14443Demod(TRUE, 2000,TRUE);
// LED_A_OFF();
if (Demod.len != 10) {
DbpString("Expected 10 bytes from tag, got:");
DbpIntegers(Demod.len,0x0,0x0);
return;
}
// The check the CRC of the answer (use cmd1 as temporary variable):
if (Demod.len != 10) {
DbpString("Expected 10 bytes from tag, got:");
DbpIntegers(Demod.len,0x0,0x0);
return;
}
// The check the CRC of the answer (use cmd1 as temporary variable):
ComputeCrc14443(CRC_14443_B, Demod.output, 8, &cmd1[2], &cmd1[3]);
if(cmd1[2] != Demod.output[8] || cmd1[3] != Demod.output[9]) {
DbpString("CRC Error reading block! - Below: expected, got");
DbpIntegers( (cmd1[2]<<8)+cmd1[3], (Demod.output[8]<<8)+Demod.output[9],0);
// Do not return;, let's go on... (we should retry, maybe ?)
}
DbpString("Tag UID (64 bits):");
DbpIntegers((Demod.output[7]<<24) + (Demod.output[6]<<16) + (Demod.output[5]<<8) + Demod.output[4], (Demod.output[3]<<24) + (Demod.output[2]<<16) + (Demod.output[1]<<8) + Demod.output[0], 0);
// Now loop to read all 16 blocks, address from 0 to 15
DbpString("Tag memory dump, block 0 to 15");
cmd1[0] = 0x08;
i = 0x00;
for (;;) {
if (i == 0x10) {
DbpString("System area block (0xff):");
i = 0xff;
}
cmd1[1] = i;
DbpString("CRC Error reading block! - Below: expected, got");
DbpIntegers( (cmd1[2]<<8)+cmd1[3], (Demod.output[8]<<8)+Demod.output[9],0);
// Do not return;, let's go on... (we should retry, maybe ?)
}
DbpString("Tag UID (64 bits):");
DbpIntegers((Demod.output[7]<<24) + (Demod.output[6]<<16) + (Demod.output[5]<<8) + Demod.output[4], (Demod.output[3]<<24) + (Demod.output[2]<<16) + (Demod.output[1]<<8) + Demod.output[0], 0);
// Now loop to read all 16 blocks, address from 0 to 15
DbpString("Tag memory dump, block 0 to 15");
cmd1[0] = 0x08;
i = 0x00;
for (;;) {
if (i == 0x10) {
DbpString("System area block (0xff):");
i = 0xff;
}
cmd1[1] = i;
ComputeCrc14443(CRC_14443_B, cmd1, 2, &cmd1[2], &cmd1[3]);
CodeIso14443bAsReader(cmd1, sizeof(cmd1));
TransmitFor14443();
// LED_A_ON();
GetSamplesFor14443Demod(TRUE, 2000,TRUE);
// LED_A_OFF();
if (Demod.len != 6) { // Check if we got an answer from the tag
DbpString("Expected 6 bytes from tag, got less...");
return;
}
// The check the CRC of the answer (use cmd1 as temporary variable):
// LED_A_OFF();
if (Demod.len != 6) { // Check if we got an answer from the tag
DbpString("Expected 6 bytes from tag, got less...");
return;
}
// The check the CRC of the answer (use cmd1 as temporary variable):
ComputeCrc14443(CRC_14443_B, Demod.output, 4, &cmd1[2], &cmd1[3]);
if(cmd1[2] != Demod.output[4] || cmd1[3] != Demod.output[5]) {
DbpString("CRC Error reading block! - Below: expected, got");
DbpIntegers( (cmd1[2]<<8)+cmd1[3], (Demod.output[4]<<8)+Demod.output[5],0);
// Do not return;, let's go on... (we should retry, maybe ?)
}
// Now print out the memory location:
DbpString("Address , Contents, CRC");
DbpIntegers(i, (Demod.output[3]<<24) + (Demod.output[2]<<16) + (Demod.output[1]<<8) + Demod.output[0], (Demod.output[4]<<8)+Demod.output[5]);
if (i == 0xff) {
break;
}
i++;
}
DbpString("CRC Error reading block! - Below: expected, got");
DbpIntegers( (cmd1[2]<<8)+cmd1[3], (Demod.output[4]<<8)+Demod.output[5],0);
// Do not return;, let's go on... (we should retry, maybe ?)
}
// Now print out the memory location:
DbpString("Address , Contents, CRC");
DbpIntegers(i, (Demod.output[3]<<24) + (Demod.output[2]<<16) + (Demod.output[1]<<8) + Demod.output[0], (Demod.output[4]<<8)+Demod.output[5]);
if (i == 0xff) {
break;
}
i++;
}
}
//=============================================================================
// Finally, the `sniffer' combines elements from both the reader and
@ -1010,7 +1010,7 @@ void ReadSRI512Iso14443(DWORD parameter)
* 0-1023 : Demodulated samples receive (1024 bytes)
* 1024-1535 : Last Received command, 512 bytes (reader->tag)
* 1536-2047 : Last Received command, 512 bytes(tag->reader)
* 2048-2304 : DMA Buffer, 256 bytes (samples)
* 2048-2304 : DMA Buffer, 256 bytes (samples)
*/
void SnoopIso14443(void)
{
@ -1069,7 +1069,7 @@ void SnoopIso14443(void)
FpgaSetupSscDma((BYTE *)dmaBuf, DMA_BUFFER_SIZE);
// And now we loop, receiving samples.
for(;;) {
int behindBy = (lastRxCounter - PDC_RX_COUNTER(SSC_BASE)) &
int behindBy = (lastRxCounter - AT91C_BASE_PDC_SSC->PDC_RCR) &
(DMA_BUFFER_SIZE-1);
if(behindBy > maxBehindBy) {
maxBehindBy = behindBy;
@ -1088,8 +1088,8 @@ void SnoopIso14443(void)
if(upTo - dmaBuf > DMA_BUFFER_SIZE) {
upTo -= DMA_BUFFER_SIZE;
lastRxCounter += DMA_BUFFER_SIZE;
PDC_RX_NEXT_POINTER(SSC_BASE) = (DWORD) upTo;
PDC_RX_NEXT_COUNTER(SSC_BASE) = DMA_BUFFER_SIZE;
AT91C_BASE_PDC_SSC->PDC_RNPR = (DWORD) upTo;
AT91C_BASE_PDC_SSC->PDC_RNCR = DMA_BUFFER_SIZE;
}
samples += 2;
@ -1169,5 +1169,5 @@ void SnoopIso14443(void)
done:
LED_D_OFF();
PDC_CONTROL(SSC_BASE) = PDC_RX_DISABLE;
AT91C_BASE_PDC_SSC->PDC_PTCR = AT91C_PDC_RXTDIS;
}