]>
Commit | Line | Data |
---|---|---|
c3caf040 | 1 | //----------------------------------------------------------------------------- |
2 | // | |
3 | // This code is licensed to you under the terms of the GNU GPL, version 2 or, | |
4 | // at your option, any later version. See the LICENSE.txt file for the text of | |
5 | // the license. | |
6 | //----------------------------------------------------------------------------- | |
7 | // Low frequency Securakey tag commands | |
8 | // ASK/Manchester, RF/40, 96 bits long | |
9 | //----------------------------------------------------------------------------- | |
10 | #include "cmdlfsecurakey.h" | |
11 | #include <string.h> | |
12 | #include <inttypes.h> | |
13 | #include <math.h> | |
14 | #include "proxmark3.h" | |
15 | #include "ui.h" | |
16 | #include "util.h" | |
17 | #include "graph.h" | |
18 | #include "cmdparser.h" | |
19 | #include "cmddata.h" | |
20 | #include "cmdmain.h" | |
21 | #include "cmdlf.h" | |
22 | #include "protocols.h" // for T55xx config register definitions | |
23 | #include "lfdemod.h" // preamble test | |
24 | #include "parity.h" // for wiegand parity test | |
25 | ||
26 | static int CmdHelp(const char *Cmd); | |
27 | ||
28 | // by marshmellow | |
29 | // find Securakey preamble in already demoded data | |
30 | int SecurakeyFind(uint8_t *dest, size_t *size) { | |
31 | if (*size < 96) return -1; //make sure buffer has data | |
32 | size_t startIdx = 0; | |
33 | uint8_t preamble[] = {0,1,1,1,1,1,1,1,1,1,0,0,1}; | |
34 | if (!preambleSearch(dest, preamble, sizeof(preamble), size, &startIdx)) | |
35 | return -2; //preamble not found | |
36 | if (*size != 96) return -3; //wrong demoded size | |
37 | //return start position | |
38 | return (int)startIdx; | |
39 | } | |
40 | ||
41 | //see ASKDemod for what args are accepted | |
42 | int CmdSecurakeyDemod(const char *Cmd) { | |
43 | ||
44 | //ASK / Manchester | |
45 | bool st = false; | |
46 | if (!ASKDemod_ext("40 0 0", false, false, 1, &st)) { | |
47 | if (g_debugMode) PrintAndLog("DEBUG: Error - Noralsy: ASK/Manchester Demod failed"); | |
48 | return 0; | |
49 | } | |
50 | if (st) return 0; | |
51 | size_t size = DemodBufferLen; | |
52 | int ans = SecurakeyFind(DemodBuffer, &size); | |
53 | if (ans < 0) { | |
54 | if (g_debugMode) { | |
55 | if (ans == -1) | |
56 | PrintAndLog("DEBUG: Error - Securakey: too few bits found"); | |
57 | else if (ans == -2) | |
58 | PrintAndLog("DEBUG: Error - Securakey: preamble not found"); | |
59 | else if (ans == -3) | |
60 | PrintAndLog("DEBUG: Error - Securakey: Size not correct: %d", size); | |
61 | else | |
62 | PrintAndLog("DEBUG: Error - Securakey: ans: %d", ans); | |
63 | } | |
64 | return 0; | |
65 | } | |
66 | setDemodBuf(DemodBuffer, 96, ans); | |
67 | //setGrid_Clock(40); | |
68 | ||
69 | //got a good demod | |
70 | uint32_t raw1 = bytebits_to_byte(DemodBuffer , 32); | |
71 | uint32_t raw2 = bytebits_to_byte(DemodBuffer+32, 32); | |
72 | uint32_t raw3 = bytebits_to_byte(DemodBuffer+64, 32); | |
73 | ||
74 | // 26 bit format | |
75 | // preamble ??bitlen reserved EPx xxxxxxxy yyyyyyyy yyyyyyyOP CS? CS2? | |
76 | // 0111111111 0 01011010 0 00000000 0 00000010 0 00110110 0 00111110 0 01100010 0 00001111 0 01100000 0 00000000 0 0000 | |
77 | ||
78 | // 32 bit format | |
79 | // preamble ??bitlen reserved EPxxxxxxx xxxxxxxy yyyyyyyy yyyyyyyOP CS? CS2? | |
80 | // 0111111111 0 01100000 0 00000000 0 10000100 0 11001010 0 01011011 0 01010110 0 00010110 0 11100000 0 00000000 0 0000 | |
81 | ||
82 | // x = FC? | |
83 | // y = card # | |
84 | // standard wiegand parities. | |
85 | // unknown checksum 11 bits? at the end | |
f2ea55fb | 86 | uint8_t bits_no_spacer[85]; |
87 | memcpy(bits_no_spacer, DemodBuffer + 11, 85); | |
c3caf040 | 88 | |
89 | // remove marker bits (0's every 9th digit after preamble) (pType = 3 (always 0s)) | |
f2ea55fb | 90 | size = removeParity(bits_no_spacer, 0, 9, 3, 85); |
91 | if ( size != 85-9 ) { | |
c3caf040 | 92 | if (g_debugMode) PrintAndLog("DEBUG: Error removeParity: %d", size); |
93 | return 0; | |
94 | } | |
95 | ||
f2ea55fb | 96 | uint8_t bitLen = (uint8_t)bytebits_to_byte(bits_no_spacer+2, 6); |
c3caf040 | 97 | uint32_t fc=0, lWiegand=0, rWiegand=0; |
f2ea55fb | 98 | if (bitLen > 40) { //securakey's max bitlen is 40 bits... |
99 | if (g_debugMode) PrintAndLog("DEBUG: Error bitLen too long: %u", bitLen); | |
100 | return 0; | |
101 | } | |
c3caf040 | 102 | // get left 1/2 wiegand & right 1/2 wiegand (for parity test and wiegand print) |
f2ea55fb | 103 | lWiegand = bytebits_to_byte(bits_no_spacer + 48 - bitLen, bitLen/2); |
104 | rWiegand = bytebits_to_byte(bits_no_spacer + 48 - bitLen + bitLen/2, bitLen/2); | |
105 | // get FC | |
106 | fc = bytebits_to_byte(bits_no_spacer+49-bitLen, bitLen-2-16); | |
c3caf040 | 107 | |
108 | // test bitLen | |
109 | if (bitLen != 26 && bitLen != 32) | |
110 | PrintAndLog("***unknown securakey bitLen - share with forum***"); | |
111 | ||
f2ea55fb | 112 | uint32_t cardid = bytebits_to_byte(bits_no_spacer+8+23, 16); |
113 | // test parities - evenparity32 looks to add an even parity returns 0 if already even... | |
114 | bool parity = !evenparity32(lWiegand) && !oddparity32(rWiegand); | |
c3caf040 | 115 | |
f2ea55fb | 116 | PrintAndLog("Securakey Tag Found--BitLen: %u, Card ID: %u, FC: 0x%X, Raw: %08X%08X%08X", bitLen, cardid, fc, raw1 ,raw2, raw3); |
c3caf040 | 117 | if (bitLen <= 32) |
118 | PrintAndLog("Wiegand: %08X, Parity: %s", (lWiegand<<(bitLen/2)) | rWiegand, parity ? "Passed" : "Failed"); | |
119 | PrintAndLog("\nHow the FC translates to printed FC is unknown"); | |
120 | PrintAndLog("How the checksum is calculated is unknown"); | |
121 | PrintAndLog("Help the community identify this format further\n by sharing your tag on the pm3 forum or with forum members"); | |
122 | return 1; | |
123 | } | |
124 | ||
125 | int CmdSecurakeyRead(const char *Cmd) { | |
126 | CmdLFRead("s"); | |
127 | getSamples("8000",true); | |
128 | return CmdSecurakeyDemod(Cmd); | |
129 | } | |
130 | ||
131 | static command_t CommandTable[] = { | |
132 | {"help", CmdHelp, 1, "This help"}, | |
133 | {"demod", CmdSecurakeyDemod,1, "Attempt to read and extract tag data from the GraphBuffer"}, | |
134 | {"read", CmdSecurakeyRead, 0, "Attempt to read and extract tag data from the antenna"}, | |
135 | {NULL, NULL, 0, NULL} | |
136 | }; | |
137 | ||
138 | int CmdLFSecurakey(const char *Cmd) { | |
139 | clearCommandBuffer(); | |
140 | CmdsParse(CommandTable, Cmd); | |
141 | return 0; | |
142 | } | |
143 | ||
144 | int CmdHelp(const char *Cmd) { | |
145 | CmdsHelp(CommandTable); | |
146 | return 0; | |
147 | } |