github/proxmark3
1
0
Fork 0
mirror of https://github.com/Proxmark/proxmark3.git synced 2025-08-24 23:15:28 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

CHG; added an option wither or not to clear emulator mem on init

Browse source
This commit is contained in:
iceman1001 2016-10-09 18:24:51 +02:00
commit c2723575de
2 changed files with 52 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

70
armsrc/legicrf.c
View file

@ -180,7 +180,7 @@ void frame_send_tag(uint16_t response, uint8_t bits) {
AT91C_BASE_PIOA->PIO_PER = GPIO_SSC_DOUT; AT91C_BASE_PIOA->PIO_PER = GPIO_SSC_DOUT;
/* TAG_FRAME_WAIT -> shift by 2 */ /* TAG_FRAME_WAIT -> shift by 2 */
legic_prng_forward(2); legic_prng_forward(3);
response ^= legic_prng_get_bits(bits); response ^= legic_prng_get_bits(bits);
/* Wait for the frame start */ /* Wait for the frame start */
@ -333,7 +333,7 @@ static uint32_t setup_phase_reader(uint8_t iv) {
return current_frame.data; return current_frame.data;
} }
static void LegicCommonInit(void) { void LegicCommonInit(bool clear_mem) {
FpgaDownloadAndGo(FPGA_BITSTREAM_HF); FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_READER_TX); FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_READER_TX);
@ -347,6 +347,7 @@ static void LegicCommonInit(void) {
// reserve a cardmem, meaning we can use the tracelog function in bigbuff easier. // reserve a cardmem, meaning we can use the tracelog function in bigbuff easier.
cardmem = BigBuf_get_EM_addr(); cardmem = BigBuf_get_EM_addr();
if ( clear_mem )
memset(cardmem, 0x00, LEGIC_CARD_MEMSIZE); memset(cardmem, 0x00, LEGIC_CARD_MEMSIZE);
clear_trace(); clear_trace();
@ -470,7 +471,7 @@ int LegicRfReader(uint16_t offset, uint16_t len, uint8_t iv) {
uint8_t isOK = 1; uint8_t isOK = 1;
legic_card_select_t card; legic_card_select_t card;
LegicCommonInit(); LegicCommonInit(TRUE);
if ( legic_select_card_iv(&card, iv) ) { if ( legic_select_card_iv(&card, iv) ) {
isOK = 0; isOK = 0;
@ -513,7 +514,7 @@ void LegicRfWriter(uint16_t offset, uint16_t len, uint8_t iv, uint8_t *data) {
goto OUT; goto OUT;
} }
LegicCommonInit(); LegicCommonInit(TRUE);
if ( legic_select_card_iv(&card, iv) ) { if ( legic_select_card_iv(&card, iv) ) {
isOK = 0; isOK = 0;
@ -613,7 +614,7 @@ void LegicRfInfo(void){
uint8_t buf[sizeof(legic_card_select_t)] = {0x00}; uint8_t buf[sizeof(legic_card_select_t)] = {0x00};
legic_card_select_t *card = (legic_card_select_t*) buf; legic_card_select_t *card = (legic_card_select_t*) buf;
LegicCommonInit(); LegicCommonInit(FALSE);
if ( legic_select_card(card) ) { if ( legic_select_card(card) ) {
cmd_send(CMD_ACK,0,0,0,0,0); cmd_send(CMD_ACK,0,0,0,0,0);
@ -654,8 +655,7 @@ static void frame_handle_tag(struct legic_frame const * const f)
// log // log
//uint8_t cmdbytes[] = {bits, BYTEx(data, 0), BYTEx(data, 1)}; //uint8_t cmdbytes[] = {bits, BYTEx(data, 0), BYTEx(data, 1)};
//LogTrace(cmdbytes, sizeof(cmdbytes), starttime, GET_TICKS, NULL, FALSE); //LogTrace(cmdbytes, sizeof(cmdbytes), starttime, GET_TICKS, NULL, FALSE);
Dbprintf("ICE: enter frame_handle_tag: %02x ", f->bits);
cardmem = BigBuf_get_EM_addr();
/* First Part of Handshake (IV) */ /* First Part of Handshake (IV) */
if(f->bits == 7) { if(f->bits == 7) {
@ -663,22 +663,27 @@ static void frame_handle_tag(struct legic_frame const * const f)
LED_C_ON(); LED_C_ON();
// Reset prng timer // Reset prng timer
ResetTimer(prng_timer); //ResetTimer(prng_timer);
ResetTicks();
// IV from reader. // IV from reader.
legic_prng_init(f->data); legic_prng_init(f->data);
Dbprintf("ICE: IV: %02x ", f->data);
// We should have three tagtypes with three different answers. // We should have three tagtypes with three different answers.
frame_send_tag(0x3d, 6); /* 0x3d^0x26 = 0x1B */ legic_prng_forward(2);
//frame_send_tag(0x3d, 6); /* MIM1024 0x3d^0x26 = 0x1B */
frame_send_tag(0x1d, 6); // MIM256
legic_state = STATE_IV; legic_state = STATE_IV;
legic_read_count = 0; legic_read_count = 0;
legic_prng_bc = 0; legic_prng_bc = 0;
legic_prng_iv = f->data; legic_prng_iv = f->data;
//ResetTimer(timer);
ResetTimer(timer); //WaitUS(280);
WaitUS(280); WaitTicks(388);
return; return;
} }
@ -689,8 +694,10 @@ static void frame_handle_tag(struct legic_frame const * const f)
if((f->bits == 6) && (f->data == xored)) { if((f->bits == 6) && (f->data == xored)) {
legic_state = STATE_CON; legic_state = STATE_CON;
ResetTimer(timer); //ResetTimer(timer);
WaitUS(200);
//WaitUS(200);
WaitTicks(300);
return; return;
} else { } else {
@ -708,13 +715,14 @@ static void frame_handle_tag(struct legic_frame const * const f)
uint16_t addr = f->data ^ key; uint16_t addr = f->data ^ key;
addr >>= 1; addr >>= 1;
uint8_t data = cardmem[addr]; uint8_t data = cardmem[addr];
int hash = legic4Crc(LEGIC_READ, addr, data, 11) << 8;
legic_read_count++; uint32_t crc = legic4Crc(LEGIC_READ, addr, data, 11) << 8;
legic_prng_forward(legic_reqresp_drift);
frame_send_tag(hash | data, 12); //legic_read_count++;
ResetTimer(timer); //legic_prng_forward(legic_reqresp_drift);
frame_send_tag(crc | data, 12);
//ResetTimer(timer);
legic_prng_forward(2); legic_prng_forward(2);
WaitTicks(330); WaitTicks(330);
return; return;
@ -747,7 +755,7 @@ static void frame_handle_tag(struct legic_frame const * const f)
legic_state = STATE_DISCON; legic_state = STATE_DISCON;
legic_read_count = 0; legic_read_count = 0;
SpinDelay(10); WaitMS(10);
LED_C_OFF(); LED_C_OFF();
return; return;
} }
@ -757,6 +765,7 @@ static void frame_handle_tag(struct legic_frame const * const f)
*/ */
static void emit(int bit) { static void emit(int bit) {
Dbprintf("ICE: enter emit:");
switch (bit) { switch (bit) {
case 1: case 1:
frame_append_bit(&current_frame, 1); frame_append_bit(&current_frame, 1);
@ -790,18 +799,24 @@ void LegicRfSimulate(int phase, int frame, int reqresp)
*/ */
int old_level = 0, active = 0; int old_level = 0, active = 0;
legic_state = STATE_DISCON; volatile uint32_t level = 0;
legic_state = STATE_DISCON;
legic_phase_drift = phase; legic_phase_drift = phase;
legic_frame_drift = frame; legic_frame_drift = frame;
legic_reqresp_drift = reqresp; legic_reqresp_drift = reqresp;
FpgaDownloadAndGo(FPGA_BITSTREAM_HF); FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
/* to get the stream of bits from FPGA in sim mode.*/
SetAdcMuxFor(GPIO_MUXSEL_HIPKD); SetAdcMuxFor(GPIO_MUXSEL_HIPKD);
FpgaSetupSsc();
FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_SIMULATOR | FPGA_HF_SIMULATOR_MODULATE_212K); FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_SIMULATOR | FPGA_HF_SIMULATOR_MODULATE_212K);
/* Bitbang the receiver */ /* Bitbang the receiver */
LINE_IN; // LINE_IN;
AT91C_BASE_PIOA->PIO_ODR = GPIO_SSC_DIN;
AT91C_BASE_PIOA->PIO_PER = GPIO_SSC_DIN;
// need a way to determine which tagtype we are simulating // need a way to determine which tagtype we are simulating
@ -819,7 +834,8 @@ void LegicRfSimulate(int phase, int frame, int reqresp)
DbpString("Starting Legic emulator, press button to end"); DbpString("Starting Legic emulator, press button to end");
while(!BUTTON_PRESS() && !usb_poll_validate_length()) { while(!BUTTON_PRESS() && !usb_poll_validate_length()) {
volatile uint32_t level = !!(AT91C_BASE_PIOA->PIO_PDSR & GPIO_SSC_DIN);
level = !!(AT91C_BASE_PIOA->PIO_PDSR & GPIO_SSC_DIN);
uint32_t time = GET_TICKS; uint32_t time = GET_TICKS;
@ -849,7 +865,7 @@ void LegicRfSimulate(int phase, int frame, int reqresp)
} }
/* Frame end */ /* Frame end */
if(time >= (RWD_TIME_1+RWD_TIME_FUZZ) && active) { if(time >= (RWD_TIME_1 + RWD_TIME_FUZZ) && active) {
emit(-1); emit(-1);
active = 0; active = 0;
LED_A_OFF(); LED_A_OFF();
@ -860,14 +876,16 @@ void LegicRfSimulate(int phase, int frame, int reqresp)
* shutdown in its status register. Reading the SR has the * shutdown in its status register. Reading the SR has the
* side-effect of clearing any pending state in there. * side-effect of clearing any pending state in there.
*/ */
if(time >= (20*RWD_TIME_1) && (timer->TC_SR & AT91C_TC_CLKSTA)) //if(time >= (20*RWD_TIME_1) && (timer->TC_SR & AT91C_TC_CLKSTA))
StopTicks(); //if(time >= (20 * RWD_TIME_1) )
//StopTicks();
old_level = level; old_level = level;
WDT_HIT(); WDT_HIT();
} }
WDT_HIT(); WDT_HIT();
DbpString("LEGIC Prime emulator stopped");
switch_off_tag_rwd(); switch_off_tag_rwd();
LEDsoff(); LEDsoff();
cmd_send(CMD_ACK, 1, 0, 0, 0, 0); cmd_send(CMD_ACK, 1, 0, 0, 0, 0);

2
armsrc/legicrf.h
View file

@ -35,6 +35,8 @@ bool legic_write_byte(uint16_t index, uint8_t byte, uint8_t addr_sz);
int legic_select_card(legic_card_select_t *p_card); int legic_select_card(legic_card_select_t *p_card);
int legic_select_card_iv(legic_card_select_t *p_card, uint8_t iv); int legic_select_card_iv(legic_card_select_t *p_card, uint8_t iv);
void LegicCommonInit(bool clear_mem);
// emulator mem // emulator mem
void LegicEMemSet(uint32_t arg0, uint32_t arg1, uint8_t *data); void LegicEMemSet(uint32_t arg0, uint32_t arg1, uint8_t *data);
void LegicEMemGet(uint32_t arg0, uint32_t arg1); void LegicEMemGet(uint32_t arg0, uint32_t arg1);