**DEVICE FIRMWARE UPDATE**
The code changes needed to support long tag emulation required an update to the device firmware. As of this patch, devices running older firmware will not be able to read or emulate HID tags until the firmware is updated. Additionally, devices with the firmware from this update or newer will not properly read or encode HID tags with a prior version client.
The 'lf hid encode' command has been further refined, and is now entirely parameterized to support use of fields other than facility code and card number. The client help data has been updated to show the correct syntax.
* allow common makefile options-defines
* remove non-existing file references
* Uncomment lcd option (still) not enabled by default
use Makefile_Enabled_Options.common
to enable lcd if desired.
* Add Smartcard Functions
* add smartcard to menu + make get atr work
sc is now functioning as far as my limited knowledge takes me
* sc cleanup - add init to all sc commands...
because cmds won't work until the first init happens. (multiple inits
don't appear to affect it negatively)
* default options to exclude Smartcard
for main repo
* update changelog
* create fpga version info at compile time (by additional functionality in fpgacompress)
* remove hw version caching (prepare USB reconnect)
* fix calculation of available compressed bytes in fpga_loader.c
CHG: 'hw tune' adapting LF measuring from ( >> 8) max 65v, to ( >>9 ) max 130v in the graph data. Max LF voltage is 140.8v to measure.
Added a delay for antenna coil and caps to power up before measuring,
removed a variable in ReadAdc
* adjust LFSim to download lf fpga prior to setting emulation buffer to prevent buffer overwrite condition if you are coming from HF fpga.
* fix lf sim big buff overwrite with fpga download. Move fix to the buffer download cmd.
This implements the attack described in
Carlo Meijer, Roel Verdult, "Ciphertext-only Cryptanalysis on Hardened
Mifare Classic Cards" in Proceedings of the 22nd ACM SIGSAC Conference on
Computer and Communications Security, 2015
It uses precomputed tables for many bitflip properties (not only two as in the paper)
and is therefore quite efficient. To prevent failing it doesn't do
differential analysis with several nonce bytes' Sum(a8) properties (each of them
may be wrongly guessed) - instead it concentrates on one nonce byte and tries all
Sum(a8) property guesses sequentially (ordered by probability). The brute force phase
makes use of aczid's bit sliced brute forcer (https://github.com/aczid/crypto1_bs).
Includes runtime CPU-detection to leverage modern (and old) SIMD instructions
with a single executable.
add parameter for # bits to read
auto get samples after lf read/snoop (don't need to do a `data samples`
anymore)
add safe function to get DemodBuffer
add some lf demod comments and apply new lf_read function instead of
read then get samples.
fixed output bug in lf t55xx config print
fixed small bug in lf t55xx detect during ST check
@iceman1001 s updates + some of my own.
still more to do:
-auto demod responses
-figure out config block
-figure out block 0 info / serial # in block 1
-figure out block 3 protection data
-add dump all blocks cmd
lf viking from other users - just put my spin on it
lf awid refactored code - possible to make it not 26bit specific now
with minor chanages
lfdemod.c now supports extra debug printing if `data setdebug` = 2 when
not on device (on client not arm)
@iceman1001 s cleanup of some t55xx read code, plus some timing tests to
improve lf t5 detect/read...
small typo in pcf 16 address bytes instead of 4...
add option for verbose or not on bigbuf clear cmd.
