github/proxmark3
1
0
Fork 0
mirror of https://github.com/Proxmark/proxmark3.git synced 2025-08-14 02:26:59 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

add psk to em4x05 reads and tweak psk demod

Browse source
This commit is contained in:
marshmellow42 2017-02-17 14:40:40 -05:00
commit 6980d66b05
3 changed files with 96 additions and 55 deletions
Download patch file Download diff file Expand all files Collapse all files

4
armsrc/lfops.c
View file

@ -1628,7 +1628,7 @@ void EM4xReadWord(uint8_t Address, uint32_t Pwd, uint8_t PwdMode) {
SendForward(fwd_bit_count);
// Now do the acquisition
DoAcquisition_default(30,TRUE);
DoAcquisition_default(0,TRUE);
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); // field off
LED_A_OFF();
@ -1656,7 +1656,7 @@ void EM4xWriteWord(uint32_t flag, uint32_t Data, uint32_t Pwd) {
SendForward(fwd_bit_count);
//Wait for write to complete
SpinDelayUs(8000);
SpinDelay(10);
//Capture response if one exists
DoAcquisition_default(20, TRUE);

105
client/cmdlfem4x.c
View file

@ -538,8 +538,8 @@ bool EM4x05testDemodReadData(uint32_t *word, bool readCmd) {
// skip first two 0 bits as they might have been missed in the demod
uint8_t preamble[6] = {0,0,1,0,1,0};
size_t startIdx = 0;
// set size to 10 to only test first 4 positions for the preamble
size_t size = (10 > DemodBufferLen) ? DemodBufferLen : 10;
// set size to 15 to only test first 9 positions for the preamble
size_t size = (15 > DemodBufferLen) ? DemodBufferLen : 15;
startIdx = 0;
//test preamble
@ -580,7 +580,6 @@ bool EM4x05testDemodReadData(uint32_t *word, bool readCmd) {
// the rest will need to be manually demoded for now...
int demodEM4x05resp(uint32_t *word, bool readCmd) {
int ans = 0;
bool demodFound = false;
DemodBufferLen = 0x00;
// test for FSK wave (easiest to 99% ID)
@ -596,61 +595,77 @@ int demodEM4x05resp(uint32_t *word, bool readCmd) {
}
}
// PSK clocks should be easy to detect ( but difficult to demod a non-repeating pattern... )
if (!demodFound) {
ans = GetPskClock("", FALSE, FALSE);
if (ans>0) {
PrintAndLog("PSK response possibly found, run `data rawd p1` to attempt to demod");
ans = GetPskClock("", FALSE, FALSE);
if (ans>0) {
//try psk1
DemodBufferLen = 0x00;
ans = PSKDemod("0 0 6", FALSE);
if (!ans) {
if (g_debugMode) PrintAndLog("DEBUG: Error - EM4305: PSK1 Demod failed");
} else {
if (EM4x05testDemodReadData(word, readCmd)) {
return 1;
} else {
//try psk2
psk1TOpsk2(DemodBuffer, DemodBufferLen);
if (EM4x05testDemodReadData(word, readCmd)) {
return 1;
}
}
//try psk1 inverted
DemodBufferLen = 0x00;
ans = PSKDemod("0 1 6", FALSE);
if (!ans) {
if (g_debugMode) PrintAndLog("DEBUG: Error - EM4305: PSK1 Demod failed");
} else {
if (EM4x05testDemodReadData(word, readCmd)) {
return 1;
} else {
//try psk2
psk1TOpsk2(DemodBuffer, DemodBufferLen);
if (EM4x05testDemodReadData(word, readCmd)) {
return 1;
}
}
}
}
}
// more common than biphase
if (!demodFound) {
DemodBufferLen = 0x00;
bool stcheck = false;
// try manchester - NOTE: ST only applies to T55x7 tags.
ans = ASKDemod_ext("0,0,1", false, false, 1, &stcheck);
if (!ans) {
if (g_debugMode) PrintAndLog("DEBUG: Error - EM4305: ASK/Manchester Demod failed");
} else {
if (EM4x05testDemodReadData(word, readCmd)) {
return 1;
}
DemodBufferLen = 0x00;
bool stcheck = false;
// try manchester - NOTE: ST only applies to T55x7 tags.
ans = ASKDemod_ext("0,0,1", false, false, 1, &stcheck);
if (!ans) {
if (g_debugMode) PrintAndLog("DEBUG: Error - EM4305: ASK/Manchester Demod failed");
} else {
if (EM4x05testDemodReadData(word, readCmd)) {
return 1;
}
}
if (!demodFound) {
DemodBufferLen = 0x00;
//try biphase
ans = ASKbiphaseDemod("0 0 1", FALSE);
if (!ans) {
if (g_debugMode) PrintAndLog("DEBUG: Error - EM4305: ASK/biphase Demod failed");
} else {
if (EM4x05testDemodReadData(word, readCmd)) {
return 1;
}
DemodBufferLen = 0x00;
//try biphase
ans = ASKbiphaseDemod("0 0 1", FALSE);
if (!ans) {
if (g_debugMode) PrintAndLog("DEBUG: Error - EM4305: ASK/biphase Demod failed");
} else {
if (EM4x05testDemodReadData(word, readCmd)) {
return 1;
}
}
if (!demodFound) {
DemodBufferLen = 0x00;
//try diphase (differential biphase or inverted)
ans = ASKbiphaseDemod("0 1 1", FALSE);
if (!ans) {
if (g_debugMode) PrintAndLog("DEBUG: Error - EM4305: ASK/biphase Demod failed");
} else {
if (EM4x05testDemodReadData(word, readCmd)) {
return 1;
}
DemodBufferLen = 0x00;
//try diphase (differential biphase or inverted)
ans = ASKbiphaseDemod("0 1 1", FALSE);
if (!ans) {
if (g_debugMode) PrintAndLog("DEBUG: Error - EM4305: ASK/biphase Demod failed");
} else {
if (EM4x05testDemodReadData(word, readCmd)) {
return 1;
}
}
/*if (demodFound && bitsNeeded < DemodBufferLen) {
if (bitsNeeded > 0) {
setDemodBuf(DemodBuffer + startIdx + sizeof(preamble), bitsNeeded, 0);
CmdPrintDemodBuff("x");
}
return 1;
}*/
return -1;
}

42
common/lfdemod.c
View file

@ -493,16 +493,16 @@ size_t fsk_wave_demod(uint8_t * dest, size_t size, uint8_t fchigh, uint8_t fclow
// in case you have junk or noise at the beginning of the trace...
uint8_t thresholdCnt = 0;
size_t waveSizeCnt = 0;
bool isAboveThreshold = dest[idx] >= threshold_value;
bool isAboveThreshold = dest[idx++] >= threshold_value;
for (; idx < size-20; idx++ ) {
if(dest[idx] < threshold_value && isAboveThreshold) {
thresholdCnt++;
if (thresholdCnt > 4 && waveSizeCnt < fchigh+1) break;
if (thresholdCnt > 2 && waveSizeCnt < fchigh+1) break;
isAboveThreshold = false;
waveSizeCnt = 0;
} else if (dest[idx] >= threshold_value && !isAboveThreshold) {
thresholdCnt++;
if (thresholdCnt > 4 && waveSizeCnt < fchigh+1) break;
if (thresholdCnt > 2 && waveSizeCnt < fchigh+1) break;
isAboveThreshold = true;
waveSizeCnt = 0;
} else {
@ -1491,7 +1491,7 @@ int pskRawDemod(uint8_t dest[], size_t *size, int *clock, int *invert)
size_t numBits=0;
uint8_t curPhase = *invert;
size_t i, waveStart=1, waveEnd=0, firstFullWave=0, lastClkBit=0;
size_t i=0, waveStart=1, waveEnd=0, firstFullWave=0, lastClkBit=0;
uint8_t fc=0, fullWaveLen=0, tol=1;
uint16_t errCnt=0, waveLenCnt=0;
fc = countFC(dest, *size, 0);
@ -1499,19 +1499,45 @@ int pskRawDemod(uint8_t dest[], size_t *size, int *clock, int *invert)
//PrintAndLog("DEBUG: FC: %d",fc);
*clock = DetectPSKClock(dest, *size, *clock);
if (*clock == 0) return -1;
// jump to modulating data by finding the first 2 threshold crossings (or first 1 waves)
// in case you have junk or noise at the beginning of the trace...
uint8_t thresholdCnt = 0;
size_t waveSizeCnt = 0;
uint8_t threshold_value = 123; //-5
bool isAboveThreshold = dest[i++] >= threshold_value;
for (; i < *size-20; i++ ) {
if(dest[i] < threshold_value && isAboveThreshold) {
thresholdCnt++;
if (thresholdCnt > 2 && waveSizeCnt < fc+1) break;
isAboveThreshold = false;
waveSizeCnt = 0;
} else if (dest[i] >= threshold_value && !isAboveThreshold) {
thresholdCnt++;
if (thresholdCnt > 2 && waveSizeCnt < fc+1) break;
isAboveThreshold = true;
waveSizeCnt = 0;
} else {
waveSizeCnt++;
}
if (thresholdCnt > 10) break;
}
if (g_debugMode == 2) prnt("DEBUG PSK: threshold Count reached at %u, count: %u",i, thresholdCnt);
int avgWaveVal=0, lastAvgWaveVal=0;
waveStart = i+1;
//find first phase shift
for (i=0; i<loopCnt; i++){
for (; i<loopCnt; i++){
if (dest[i]+fc < dest[i+1] && dest[i+1] >= dest[i+2]){
waveEnd = i+1;
//PrintAndLog("DEBUG: waveEnd: %d",waveEnd);
if (g_debugMode == 2) prnt("DEBUG PSK: waveEnd: %u, waveStart: %u",waveEnd, waveStart);
waveLenCnt = waveEnd-waveStart;
if (waveLenCnt > fc && waveStart > fc && !(waveLenCnt > fc+2)){ //not first peak and is a large wave but not out of whack
if (waveLenCnt > fc && waveStart > fc && !(waveLenCnt > fc+3)){ //not first peak and is a large wave but not out of whack
lastAvgWaveVal = avgWaveVal/(waveLenCnt);
firstFullWave = waveStart;
fullWaveLen=waveLenCnt;
//if average wave value is > graph 0 then it is an up wave or a 1
if (lastAvgWaveVal > 123) curPhase ^= 1; //fudge graph 0 a little 123 vs 128
if (lastAvgWaveVal > threshold_value) curPhase ^= 1; //fudge graph 0 a little 123 vs 128
break;
}
waveStart = i+1;