]> cvs.zerfleddert.de Git - proxmark3-svn/blob - winsrc/command.cpp
projects / proxmark3-svn / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
keri tag trace
[proxmark3-svn] / winsrc / command.cpp
1 //-----------------------------------------------------------------------------
2 // The actual command interpeter for what the user types at the command line.
3 // Jonathan Westhues, Sept 2005
4 // Edits by Gerhard de Koning Gans, Sep 2007 (##)
5 //-----------------------------------------------------------------------------
6 #include <windows.h>
7 #include <stdlib.h>
8 #include <string.h>
9 #include <stdio.h>
10 #include <limits.h>
11 #include <math.h>
12
13 #include "prox.h"
14 #include "../common/iso14443_crc.c"
15 #include "../common/crc16.c"
16
17 #define arraylen(x) (sizeof(x)/sizeof((x)[0]))
18 #define BIT(x) GraphBuffer[x * clock]
19 #define BITS (GraphTraceLen / clock)
20
21 int go = 0;
22 static int CmdHisamplest(char *str, int nrlow);
23
24 static void GetFromBigBuf(BYTE *dest, int bytes)
25 {
26 int n = bytes/4;
27
28 if(n % 48 != 0) {
29 PrintToScrollback("bad len in GetFromBigBuf");
30 return;
31 }
32
33 int i;
34 for(i = 0; i < n; i += 12) {
35 UsbCommand c;
36 c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;
37 c.ext1 = i;
38 SendCommand(&c, FALSE);
39 ReceiveCommand(&c);
40 if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {
41 PrintToScrollback("bad resp");
42 return;
43 }
44
45 memcpy(dest+(i*4), c.d.asBytes, 48);
46 }
47 }
48
49 static void CmdReset(char *str)
50 {
51 UsbCommand c;
52 c.cmd = CMD_HARDWARE_RESET;
53 SendCommand(&c, FALSE);
54 }
55
56 static void CmdBuffClear(char *str)
57 {
58 UsbCommand c;
59 c.cmd = CMD_BUFF_CLEAR;
60 SendCommand(&c, FALSE);
61 CmdClearGraph(TRUE);
62 }
63
64 static void CmdQuit(char *str)
65 {
66 exit(0);
67 }
68
69 static void CmdHIDdemodFSK(char *str)
70 {
71 UsbCommand c;
72 c.cmd = CMD_HID_DEMOD_FSK;
73 SendCommand(&c, FALSE);
74 }
75
76 static void CmdTune(char *str)
77 {
78 UsbCommand c;
79 c.cmd = CMD_MEASURE_ANTENNA_TUNING;
80 SendCommand(&c, FALSE);
81 }
82
83 static void CmdHi15read(char *str)
84 {
85 UsbCommand c;
86 c.cmd = CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_15693;
87 SendCommand(&c, FALSE);
88 }
89
90 static void CmdHi14read(char *str)
91 {
92 UsbCommand c;
93 c.cmd = CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443;
94 c.ext1 = atoi(str);
95 SendCommand(&c, FALSE);
96 }
97
98
99 /* New command to read the contents of a SRI512 tag
100 * SRI512 tags are ISO14443-B modulated memory tags,
101 * this command just dumps the contents of the memory/
102 */
103 static void CmdSri512read(char *str)
104 {
105 UsbCommand c;
106 c.cmd = CMD_READ_SRI512_TAG;
107 c.ext1 = atoi(str);
108 SendCommand(&c, FALSE);
109 }
110
111 // ## New command
112 static void CmdHi14areader(char *str)
113 {
114 UsbCommand c;
115 c.cmd = CMD_READER_ISO_14443a;
116 c.ext1 = atoi(str);
117 SendCommand(&c, FALSE);
118 }
119
120 // ## New command
121 static void CmdHi15reader(char *str)
122 {
123 UsbCommand c;
124 c.cmd = CMD_READER_ISO_15693;
125 c.ext1 = atoi(str);
126 SendCommand(&c, FALSE);
127 }
128
129 // ## New command
130 static void CmdHi15tag(char *str)
131 {
132 UsbCommand c;
133 c.cmd = CMD_SIMTAG_ISO_15693;
134 c.ext1 = atoi(str);
135 SendCommand(&c, FALSE);
136 }
137
138 static void CmdHi14read_sim(char *str)
139 {
140 UsbCommand c;
141 c.cmd = CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM;
142 c.ext1 = atoi(str);
143 SendCommand(&c, FALSE);
144 }
145
146 static void CmdHi14readt(char *str)
147 {
148 UsbCommand c;
149 c.cmd = CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443;
150 c.ext1 = atoi(str);
151 SendCommand(&c, FALSE);
152
153 //CmdHisamplest(str);
154 while(CmdHisamplest(str,atoi(str))==0) {
155 c.cmd = CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443;
156 c.ext1 = atoi(str);
157 SendCommand(&c, FALSE);
158 }
159 RepaintGraphWindow();
160 }
161
162 static void CmdHisimlisten(char *str)
163 {
164 UsbCommand c;
165 c.cmd = CMD_SIMULATE_TAG_HF_LISTEN;
166 SendCommand(&c, FALSE);
167 }
168
169 static void CmdHi14sim(char *str)
170 {
171 UsbCommand c;
172 c.cmd = CMD_SIMULATE_TAG_ISO_14443;
173 SendCommand(&c, FALSE);
174 }
175
176 static void CmdHi14asim(char *str) // ## simulate iso14443a tag
177 { // ## greg - added ability to specify tag UID
178
179 unsigned int hi=0, lo=0;
180 int n=0, i=0;
181 UsbCommand c;
182
183 while (sscanf(&str[i++], "%1x", &n ) == 1) {
184 hi=(hi<<4)|(lo>>28);
185 lo=(lo<<4)|(n&0xf);
186 }
187
188 c.cmd = CMD_SIMULATE_TAG_ISO_14443a;
189 // c.ext should be set to *str or convert *str to the correct format for a uid
190 c.ext1 = hi;
191 c.ext2 = lo;
192 PrintToScrollback("Emulating 14443A TAG with UID %x%16x", hi, lo);
193 SendCommand(&c, FALSE);
194 }
195
196 static void CmdHi14snoop(char *str)
197 {
198 UsbCommand c;
199 c.cmd = CMD_SNOOP_ISO_14443;
200 SendCommand(&c, FALSE);
201 }
202
203 static void CmdHi14asnoop(char *str)
204 {
205 UsbCommand c;
206 c.cmd = CMD_SNOOP_ISO_14443a;
207 SendCommand(&c, FALSE);
208 }
209
210 static void CmdFPGAOff(char *str) // ## FPGA Control
211 {
212 UsbCommand c;
213 c.cmd = CMD_FPGA_MAJOR_MODE_OFF;
214 SendCommand(&c, FALSE);
215 }
216
217 /* clear out our graph window */
218 int CmdClearGraph(int redraw)
219 {
220 int gtl = GraphTraceLen;
221 GraphTraceLen = 0;
222
223 if (redraw)
224 RepaintGraphWindow();
225
226 return gtl;
227 }
228
229 /* write a bit to the graph */
230 static void CmdAppendGraph(int redraw, int clock, int bit)
231 {
232 int i;
233
234 for (i = 0; i < (int)(clock/2); i++)
235 GraphBuffer[GraphTraceLen++] = bit ^ 1;
236
237 for (i = (int)(clock/2); i < clock; i++)
238 GraphBuffer[GraphTraceLen++] = bit;
239
240 if (redraw)
241 RepaintGraphWindow();
242 }
243
244 /* Function is equivalent of loread + losamples + em410xread
245 * looped until an EM410x tag is detected */
246 static void CmdEM410xwatch(char *str)
247 {
248 char *zero = "";
249 char *twok = "2000";
250 go = 1;
251
252 do
253 {
254 CmdLoread(zero);
255 CmdLosamples(twok);
256 CmdEM410xread(zero);
257 } while (go);
258 }
259
260 /* Read the transmitted data of an EM4x50 tag
261 * Format:
262 *
263 * XXXXXXXX [row parity bit (even)] <- 8 bits plus parity
264 * XXXXXXXX [row parity bit (even)] <- 8 bits plus parity
265 * XXXXXXXX [row parity bit (even)] <- 8 bits plus parity
266 * XXXXXXXX [row parity bit (even)] <- 8 bits plus parity
267 * CCCCCCCC <- column parity bits
268 * 0 <- stop bit
269 * LW <- Listen Window
270 *
271 * This pattern repeats for every block of data being transmitted.
272 * Transmission starts with two Listen Windows (LW - a modulated
273 * pattern of 320 cycles each (32/32/128/64/64)).
274 *
275 * Note that this data may or may not be the UID. It is whatever data
276 * is stored in the blocks defined in the control word First and Last
277 * Word Read values. UID is stored in block 32.
278 */
279 static void CmdEM4x50read(char *str)
280 {
281 int i, j, startblock, clock, skip, block, start, end, low, high;
282 BOOL complete= FALSE;
283 int tmpbuff[MAX_GRAPH_TRACE_LEN / 64];
284 char tmp[6];
285
286 high= low= 0;
287 clock= 64;
288
289 /* first get high and low values */
290 for (i = 0; i < GraphTraceLen; i++)
291 {
292 if (GraphBuffer[i] > high)
293 high = GraphBuffer[i];
294 else if (GraphBuffer[i] < low)
295 low = GraphBuffer[i];
296 }
297
298 /* populate a buffer with pulse lengths */
299 i= 0;
300 j= 0;
301 while(i < GraphTraceLen)
302 {
303 // measure from low to low
304 while((GraphBuffer[i] > low) && (i<GraphTraceLen))
305 ++i;
306 start= i;
307 while((GraphBuffer[i] < high) && (i<GraphTraceLen))
308 ++i;
309 while((GraphBuffer[i] > low) && (i<GraphTraceLen))
310 ++i;
311 if (j>(MAX_GRAPH_TRACE_LEN/64)) {
312 break;
313 }
314 tmpbuff[j++]= i - start;
315 }
316
317 /* look for data start - should be 2 pairs of LW (pulses of 192,128) */
318 start= -1;
319 skip= 0;
320 for (i= 0; i < j - 4 ; ++i)
321 {
322 skip += tmpbuff[i];
323 if (tmpbuff[i] >= 190 && tmpbuff[i] <= 194)
324 if (tmpbuff[i+1] >= 126 && tmpbuff[i+1] <= 130)
325 if (tmpbuff[i+2] >= 190 && tmpbuff[i+2] <= 194)
326 if (tmpbuff[i+3] >= 126 && tmpbuff[i+3] <= 130)
327 {
328 start= i + 3;
329 break;
330 }
331 }
332 startblock= i + 3;
333
334 /* skip over the remainder of the LW */
335 skip += tmpbuff[i+1]+tmpbuff[i+2];
336 while(skip < MAX_GRAPH_TRACE_LEN && GraphBuffer[skip] > low)
337 ++skip;
338 skip += 8;
339
340 /* now do it again to find the end */
341 end= start;
342 for (i += 3; i < j - 4 ; ++i)
343 {
344 end += tmpbuff[i];
345 if (tmpbuff[i] >= 190 && tmpbuff[i] <= 194)
346 if (tmpbuff[i+1] >= 126 && tmpbuff[i+1] <= 130)
347 if (tmpbuff[i+2] >= 190 && tmpbuff[i+2] <= 194)
348 if (tmpbuff[i+3] >= 126 && tmpbuff[i+3] <= 130)
349 {
350 complete= TRUE;
351 break;
352 }
353 }
354
355 if (start >= 0)
356 PrintToScrollback("Found data at sample: %i",skip);
357 else
358 {
359 PrintToScrollback("No data found!");
360 PrintToScrollback("Try again with more samples.");
361 return;
362 }
363
364 if (!complete)
365 {
366 PrintToScrollback("*** Warning!");
367 PrintToScrollback("Partial data - no end found!");
368 PrintToScrollback("Try again with more samples.");
369 }
370
371 /* get rid of leading crap */
372 sprintf(tmp,"%i",skip);
373 CmdLtrim(tmp);
374
375 /* now work through remaining buffer printing out data blocks */
376 block= 0;
377 i= startblock;
378 while(block < 6)
379 {
380 PrintToScrollback("Block %i:", block);
381 // mandemod routine needs to be split so we can call it for data
382 // just print for now for debugging
383 Cmdmanchesterdemod("i 64");
384 skip= 0;
385 /* look for LW before start of next block */
386 for ( ; i < j - 4 ; ++i)
387 {
388 skip += tmpbuff[i];
389 if (tmpbuff[i] >= 190 && tmpbuff[i] <= 194)
390 if (tmpbuff[i+1] >= 126 && tmpbuff[i+1] <= 130)
391 break;
392 }
393 while(GraphBuffer[skip] > low)
394 ++skip;
395 skip += 8;
396 sprintf(tmp,"%i",skip);
397 CmdLtrim(tmp);
398 start += skip;
399 block++;
400 }
401 }
402
403
404 /* Read the ID of an EM410x tag.
405 * Format:
406 * 1111 1111 1 <-- standard non-repeatable header
407 * XXXX [row parity bit] <-- 10 rows of 5 bits for our 40 bit tag ID
408 * ....
409 * CCCC <-- each bit here is parity for the 10 bits above in corresponding column
410 * 0 <-- stop bit, end of tag
411 */
412 static void CmdEM410xread(char *str)
413 {
414 int i, j, clock, header, rows, bit, hithigh, hitlow, first, bit2idx, high, low;
415 int parity[4];
416 char id[11];
417 int retested = 0;
418 int BitStream[MAX_GRAPH_TRACE_LEN];
419 high = low = 0;
420
421 /* Detect high and lows and clock */
422 for (i = 0; i < GraphTraceLen; i++)
423 {
424 if (GraphBuffer[i] > high)
425 high = GraphBuffer[i];
426 else if (GraphBuffer[i] < low)
427 low = GraphBuffer[i];
428 }
429
430 /* get clock */
431 clock = GetClock(str, high);
432
433 /* parity for our 4 columns */
434 parity[0] = parity[1] = parity[2] = parity[3] = 0;
435 header = rows = 0;
436
437 /* manchester demodulate */
438 bit = bit2idx = 0;
439 for (i = 0; i < (int)(GraphTraceLen / clock); i++)
440 {
441 hithigh = 0;
442 hitlow = 0;
443 first = 1;
444
445 /* Find out if we hit both high and low peaks */
446 for (j = 0; j < clock; j++)
447 {
448 if (GraphBuffer[(i * clock) + j] == high)
449 hithigh = 1;
450 else if (GraphBuffer[(i * clock) + j] == low)
451 hitlow = 1;
452
453 /* it doesn't count if it's the first part of our read
454 because it's really just trailing from the last sequence */
455 if (first && (hithigh || hitlow))
456 hithigh = hitlow = 0;
457 else
458 first = 0;
459
460 if (hithigh && hitlow)
461 break;
462 }
463
464 /* If we didn't hit both high and low peaks, we had a bit transition */
465 if (!hithigh || !hitlow)
466 bit ^= 1;
467
468 BitStream[bit2idx++] = bit;
469 }
470
471 retest:
472 /* We go till 5 before the graph ends because we'll get that far below */
473 for (i = 1; i < bit2idx - 5; i++)
474 {
475 /* Step 2: We have our header but need our tag ID */
476 if (header == 9 && rows < 10)
477 {
478 /* Confirm parity is correct */
479 if ((BitStream[i] ^ BitStream[i+1] ^ BitStream[i+2] ^ BitStream[i+3]) == BitStream[i+4])
480 {
481 /* Read another byte! */
482 sprintf(id+rows, "%x", (8 * BitStream[i]) + (4 * BitStream[i+1]) + (2 * BitStream[i+2]) + (1 * BitStream[i+3]));
483 rows++;
484
485 /* Keep parity info */
486 parity[0] ^= BitStream[i];
487 parity[1] ^= BitStream[i+1];
488 parity[2] ^= BitStream[i+2];
489 parity[3] ^= BitStream[i+3];
490
491 /* Move 4 bits ahead */
492 i += 4;
493 }
494
495 /* Damn, something wrong! reset */
496 else
497 {
498 PrintToScrollback("Thought we had a valid tag but failed at word %d (i=%d)", rows + 1, i);
499
500 /* Start back rows * 5 + 9 header bits, -1 to not start at same place */
501 i -= 9 + (5 * rows) - 5;
502
503 rows = header = 0;
504 }
505 }
506
507 /* Step 3: Got our 40 bits! confirm column parity */
508 else if (rows == 10)
509 {
510 /* We need to make sure our 4 bits of parity are correct and we have a stop bit */
511 if (BitStream[i] == parity[0] && BitStream[i+1] == parity[1] &&
512 BitStream[i+2] == parity[2] && BitStream[i+3] == parity[3] &&
513 BitStream[i+4] == 0)
514 {
515 /* Sweet! */
516 PrintToScrollback("EM410x Tag ID: %s", id);
517
518 /* Stop any loops */
519 go = 0;
520 return;
521 }
522
523 /* Crap! Incorrect parity or no stop bit, start all over */
524 else
525 {
526 rows = header = 0;
527
528 /* Go back 59 bits (9 header bits + 10 rows at 4+1 parity) */
529 i -= 59;
530 }
531 }
532
533 /* Step 1: get our header */
534 else if (header < 9)
535 {
536 /* Need 9 consecutive 1's */
537 if (BitStream[i] == 1)
538 header++;
539
540 /* We don't have a header, not enough consecutive 1 bits */
541 else
542 header = 0;
543 }
544 }
545
546 /* if we've already retested after flipping bits, return */
547 if (retested++)
548 return;
549
550 /* if this didn't work, try flipping bits */
551 for (i = 0; i < bit2idx; i++)
552 BitStream[i] ^= 1;
553
554 goto retest;
555 }
556
557 /* emulate an EM410X tag
558 * Format:
559 * 1111 1111 1 <-- standard non-repeatable header
560 * XXXX [row parity bit] <-- 10 rows of 5 bits for our 40 bit tag ID
561 * ....
562 * CCCC <-- each bit here is parity for the 10 bits above in corresponding column
563 * 0 <-- stop bit, end of tag
564 */
565 static void CmdEM410xsim(char *str)
566 {
567 int i, n, j, h, binary[4], parity[4];
568 char *s = "0";
569
570 /* clock is 64 in EM410x tags */
571 int clock = 64;
572
573 /* clear our graph */
574 CmdClearGraph(0);
575
576 /* write it out a few times */
577 for (h = 0; h < 4; h++)
578 {
579 /* write 9 start bits */
580 for (i = 0; i < 9; i++)
581 CmdAppendGraph(0, clock, 1);
582
583 /* for each hex char */
584 parity[0] = parity[1] = parity[2] = parity[3] = 0;
585 for (i = 0; i < 10; i++)
586 {
587 /* read each hex char */
588 sscanf(&str[i], "%1x", &n);
589 for (j = 3; j >= 0; j--, n/= 2)
590 binary[j] = n % 2;
591
592 /* append each bit */
593 CmdAppendGraph(0, clock, binary[0]);
594 CmdAppendGraph(0, clock, binary[1]);
595 CmdAppendGraph(0, clock, binary[2]);
596 CmdAppendGraph(0, clock, binary[3]);
597
598 /* append parity bit */
599 CmdAppendGraph(0, clock, binary[0] ^ binary[1] ^ binary[2] ^ binary[3]);
600
601 /* keep track of column parity */
602 parity[0] ^= binary[0];
603 parity[1] ^= binary[1];
604 parity[2] ^= binary[2];
605 parity[3] ^= binary[3];
606 }
607
608 /* parity columns */
609 CmdAppendGraph(0, clock, parity[0]);
610 CmdAppendGraph(0, clock, parity[1]);
611 CmdAppendGraph(0, clock, parity[2]);
612 CmdAppendGraph(0, clock, parity[3]);
613
614 /* stop bit */
615 CmdAppendGraph(0, clock, 0);
616 }
617
618 /* modulate that biatch */
619 Cmdmanchestermod(s);
620
621 /* booyah! */
622 RepaintGraphWindow();
623
624 CmdLosim(s);
625 }
626
627 static void ChkBitstream(char *str)
628 {
629 int i;
630
631 /* convert to bitstream if necessary */
632 for (i = 0; i < (int)(GraphTraceLen / 2); i++)
633 {
634 if (GraphBuffer[i] > 1 || GraphBuffer[i] < 0)
635 {
636 Cmdbitstream(str);
637 break;
638 }
639 }
640 }
641
642 static void CmdLosim(char *str)
643 {
644 int i;
645
646 /* convert to bitstream if necessary */
647 ChkBitstream(str);
648
649 for (i = 0; i < GraphTraceLen; i += 48) {
650 UsbCommand c;
651 int j;
652 for(j = 0; j < 48; j++) {
653 c.d.asBytes[j] = GraphBuffer[i+j];
654 }
655 c.cmd = CMD_DOWNLOADED_SIM_SAMPLES_125K;
656 c.ext1 = i;
657 SendCommand(&c, FALSE);
658 }
659
660 UsbCommand c;
661 c.cmd = CMD_SIMULATE_TAG_125K;
662 c.ext1 = GraphTraceLen;
663 SendCommand(&c, FALSE);
664 }
665
666 static void CmdLoread(char *str)
667 {
668 UsbCommand c;
669 // 'h' means higher-low-frequency, 134 kHz
670 if(*str == 'h') {
671 c.ext1 = 1;
672 } else if (*str == '\0') {
673 c.ext1 = 0;
674 } else {
675 PrintToScrollback("use 'loread' or 'loread h'");
676 return;
677 }
678 c.cmd = CMD_ACQUIRE_RAW_ADC_SAMPLES_125K;
679 SendCommand(&c, FALSE);
680 }
681
682 static void CmdDetectReader(char *str)
683 {
684 UsbCommand c;
685 // 'l' means LF - 125/134 kHz
686 if(*str == 'l') {
687 c.ext1 = 1;
688 } else if (*str == 'h') {
689 c.ext1 = 2;
690 } else if (*str != '\0') {
691 PrintToScrollback("use 'detectreader' or 'detectreader l' or 'detectreader h'");
692 return;
693 }
694 c.cmd = CMD_LISTEN_READER_FIELD;
695 SendCommand(&c, FALSE);
696 }
697
698 /* send a command before reading */
699 static void CmdLoCommandRead(char *str)
700 {
701 static char dummy[3];
702
703 dummy[0]= ' ';
704
705 UsbCommand c;
706 c.cmd = CMD_MOD_THEN_ACQUIRE_RAW_ADC_SAMPLES_125K;
707 sscanf(str, "%i %i %i %s %s", &c.ext1, &c.ext2, &c.ext3, (char *) &c.d.asBytes,(char *) &dummy+1);
708 // in case they specified 'h'
709 strcpy((char *)&c.d.asBytes + strlen((char *)c.d.asBytes), dummy);
710 SendCommand(&c, FALSE);
711 }
712
713 static void CmdLosamples(char *str)
714 {
715 int cnt = 0;
716 int i;
717 int n;
718
719 n=atoi(str);
720 if (n==0) n=128;
721 if (n>16000) n=16000;
722
723 for(i = 0; i < n; i += 12) {
724 UsbCommand c;
725 c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;
726 c.ext1 = i;
727 SendCommand(&c, FALSE);
728 ReceiveCommand(&c);
729 if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {
730 if (!go)
731 PrintToScrollback("bad resp");
732 return;
733 }
734 int j;
735 for(j = 0; j < 48; j++) {
736 GraphBuffer[cnt++] = ((int)c.d.asBytes[j]) - 128;
737 }
738 }
739 GraphTraceLen = n*4;
740 RepaintGraphWindow();
741 }
742
743 static void CmdBitsamples(char *str)
744 {
745 int cnt = 0;
746 int i;
747 int n;
748
749 n = 3072;
750 for(i = 0; i < n; i += 12) {
751 UsbCommand c;
752 c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;
753 c.ext1 = i;
754 SendCommand(&c, FALSE);
755 ReceiveCommand(&c);
756 if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {
757 PrintToScrollback("bad resp");
758 return;
759 }
760 int j, k;
761 for(j = 0; j < 48; j++) {
762 for(k = 0; k < 8; k++) {
763 if(c.d.asBytes[j] & (1 << (7 - k))) {
764 GraphBuffer[cnt++] = 1;
765 } else {
766 GraphBuffer[cnt++] = 0;
767 }
768 }
769 }
770 }
771 GraphTraceLen = cnt;
772 RepaintGraphWindow();
773 }
774
775 static void CmdHisamples(char *str)
776 {
777 int cnt = 0;
778 int i;
779 int n;
780 n = 1000;
781 for(i = 0; i < n; i += 12) {
782 UsbCommand c;
783 c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;
784 c.ext1 = i;
785 SendCommand(&c, FALSE);
786 ReceiveCommand(&c);
787 if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {
788 PrintToScrollback("bad resp");
789 return;
790 }
791 int j;
792 for(j = 0; j < 48; j++) {
793 GraphBuffer[cnt++] = (int)((BYTE)c.d.asBytes[j]);
794 }
795 }
796 GraphTraceLen = n*4;
797
798 RepaintGraphWindow();
799 }
800
801 static int CmdHisamplest(char *str, int nrlow)
802 {
803 int cnt = 0;
804 int t1, t2;
805 int i;
806 int n;
807 int hasbeennull;
808 int show;
809
810
811 n = 1000;
812 hasbeennull = 0;
813 for(i = 0; i < n; i += 12) {
814 UsbCommand c;
815 c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;
816 c.ext1 = i;
817 SendCommand(&c, FALSE);
818 ReceiveCommand(&c);
819 if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {
820 PrintToScrollback("bad resp");
821 return 0;
822 }
823 int j;
824 for(j = 0; j < 48; j++) {
825 t2 = (int)((BYTE)c.d.asBytes[j]);
826 if((t2 ^ 0xC0) & 0xC0) { hasbeennull++; }
827
828 show = 0;
829 switch(show) {
830 case 0:
831 // combined
832 t1 = (t2 & 0x80) ^ (t2 & 0x20);
833 t2 = ((t2 << 1) & 0x80) ^ ((t2 << 1) & 0x20);
834 break;
835
836 case 1:
837 // only reader
838 t1 = (t2 & 0x80);
839 t2 = ((t2 << 1) & 0x80);
840 break;
841
842 case 2:
843 // only tag
844 t1 = (t2 & 0x20);
845 t2 = ((t2 << 1) & 0x20);
846 break;
847
848 case 3:
849 // both, but tag with other algorithm
850 t1 = (t2 & 0x80) ^ (t2 & 0x08);
851 t2 = ((t2 << 1) & 0x80) ^ ((t2 << 1) & 0x08);
852 break;
853 }
854
855 GraphBuffer[cnt++] = t1;
856 GraphBuffer[cnt++] = t2;
857 }
858 }
859 GraphTraceLen = n*4;
860 // 1130
861 if(hasbeennull>nrlow || nrlow==0) {
862 PrintToScrollback("hasbeennull=%d", hasbeennull);
863 return 1;
864 }
865 else {
866 return 0;
867 }
868 }
869
870
871 static void CmdHexsamples(char *str)
872 {
873 int i;
874 int n;
875
876 if(atoi(str) == 0) {
877 n = 12;
878 } else {
879 n = atoi(str)/4;
880 }
881
882 for(i = 0; i < n; i += 12) {
883 UsbCommand c;
884 c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;
885 c.ext1 = i;
886 SendCommand(&c, FALSE);
887 ReceiveCommand(&c);
888 if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {
889 PrintToScrollback("bad resp");
890 return;
891 }
892 int j;
893 for(j = 0; j < 48; j += 8) {
894 PrintToScrollback("%02x %02x %02x %02x %02x %02x %02x %02x",
895 c.d.asBytes[j+0],
896 c.d.asBytes[j+1],
897 c.d.asBytes[j+2],
898 c.d.asBytes[j+3],
899 c.d.asBytes[j+4],
900 c.d.asBytes[j+5],
901 c.d.asBytes[j+6],
902 c.d.asBytes[j+7],
903 c.d.asBytes[j+8]
904 );
905 }
906 }
907 }
908
909 static void CmdHisampless(char *str)
910 {
911 int cnt = 0;
912 int i;
913 int n;
914
915 if(atoi(str) == 0) {
916 n = 1000;
917 } else {
918 n = atoi(str)/4;
919 }
920
921 for(i = 0; i < n; i += 12) {
922 UsbCommand c;
923 c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;
924 c.ext1 = i;
925 SendCommand(&c, FALSE);
926 ReceiveCommand(&c);
927 if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {
928 PrintToScrollback("bad resp");
929 return;
930 }
931 int j;
932 for(j = 0; j < 48; j++) {
933 GraphBuffer[cnt++] = (int)((signed char)c.d.asBytes[j]);
934 }
935 }
936 GraphTraceLen = cnt;
937
938 RepaintGraphWindow();
939 }
940
941 static WORD Iso15693Crc(BYTE *v, int n)
942 {
943 DWORD reg;
944 int i, j;
945
946 reg = 0xffff;
947 for(i = 0; i < n; i++) {
948 reg = reg ^ ((DWORD)v[i]);
949 for (j = 0; j < 8; j++) {
950 if (reg & 0x0001) {
951 reg = (reg >> 1) ^ 0x8408;
952 } else {
953 reg = (reg >> 1);
954 }
955 }
956 }
957
958 return (WORD)~reg;
959 }
960
961 static void CmdHi14bdemod(char *str)
962 {
963 int i, j, iold;
964 int isum, qsum;
965 int outOfWeakAt;
966 BOOL negateI, negateQ;
967
968 BYTE data[256];
969 int dataLen=0;
970
971 // As received, the samples are pairs, correlations against I and Q
972 // square waves. So estimate angle of initial carrier (or just
973 // quadrant, actually), and then do the demod.
974
975 // First, estimate where the tag starts modulating.
976 for(i = 0; i < GraphTraceLen; i += 2) {
977 if(abs(GraphBuffer[i]) + abs(GraphBuffer[i+1]) > 40) {
978 break;
979 }
980 }
981 if(i >= GraphTraceLen) {
982 PrintToScrollback("too weak to sync");
983 return;
984 }
985 PrintToScrollback("out of weak at %d", i);
986 outOfWeakAt = i;
987
988 // Now, estimate the phase in the initial modulation of the tag
989 isum = 0;
990 qsum = 0;
991 for(; i < (outOfWeakAt + 16); i += 2) {
992 isum += GraphBuffer[i+0];
993 qsum += GraphBuffer[i+1];
994 }
995 negateI = (isum < 0);
996 negateQ = (qsum < 0);
997
998 // Turn the correlation pairs into soft decisions on the bit.
999 j = 0;
1000 for(i = 0; i < GraphTraceLen/2; i++) {
1001 int si = GraphBuffer[j];
1002 int sq = GraphBuffer[j+1];
1003 if(negateI) si = -si;
1004 if(negateQ) sq = -sq;
1005 GraphBuffer[i] = si + sq;
1006 j += 2;
1007 }
1008 GraphTraceLen = i;
1009
1010 i = outOfWeakAt/2;
1011 while(GraphBuffer[i] > 0 && i < GraphTraceLen)
1012 i++;
1013 if(i >= GraphTraceLen) goto demodError;
1014
1015 iold = i;
1016 while(GraphBuffer[i] < 0 && i < GraphTraceLen)
1017 i++;
1018 if(i >= GraphTraceLen) goto demodError;
1019 if((i - iold) > 23) goto demodError;
1020
1021 PrintToScrollback("make it to demod loop");
1022
1023 for(;;) {
1024 iold = i;
1025 while(GraphBuffer[i] >= 0 && i < GraphTraceLen)
1026 i++;
1027 if(i >= GraphTraceLen) goto demodError;
1028 if((i - iold) > 6) goto demodError;
1029
1030 WORD shiftReg = 0;
1031 if(i + 20 >= GraphTraceLen) goto demodError;
1032
1033 for(j = 0; j < 10; j++) {
1034 int soft = GraphBuffer[i] + GraphBuffer[i+1];
1035
1036 if(abs(soft) < ((abs(isum) + abs(qsum))/20)) {
1037 PrintToScrollback("weak bit");
1038 }
1039
1040 shiftReg >>= 1;
1041 if(GraphBuffer[i] + GraphBuffer[i+1] >= 0) {
1042 shiftReg |= 0x200;
1043 }
1044
1045 i+= 2;
1046 }
1047
1048 if( (shiftReg & 0x200) &&
1049 !(shiftReg & 0x001))
1050 {
1051 // valid data byte, start and stop bits okay
1052 PrintToScrollback(" %02x", (shiftReg >> 1) & 0xff);
1053 data[dataLen++] = (shiftReg >> 1) & 0xff;
1054 if(dataLen >= sizeof(data)) {
1055 return;
1056 }
1057 } else if(shiftReg == 0x000) {
1058 // this is EOF
1059 break;
1060 } else {
1061 goto demodError;
1062 }
1063 }
1064
1065 BYTE first, second;
1066 ComputeCrc14443(CRC_14443_B, data, dataLen-2, &first, &second);
1067 PrintToScrollback("CRC: %02x %02x (%s)\n", first, second,
1068 (first == data[dataLen-2] && second == data[dataLen-1]) ?
1069 "ok" : "****FAIL****");
1070
1071 RepaintGraphWindow();
1072 return;
1073
1074 demodError:
1075 PrintToScrollback("demod error");
1076 RepaintGraphWindow();
1077 }
1078
1079 static void CmdHi14list(char *str)
1080 {
1081 BYTE got[960];
1082 GetFromBigBuf(got, sizeof(got));
1083
1084 PrintToScrollback("recorded activity:");
1085 PrintToScrollback(" time :rssi: who bytes");
1086 PrintToScrollback("---------+----+----+-----------");
1087
1088 int i = 0;
1089 int prev = -1;
1090
1091 for(;;) {
1092 if(i >= 900) {
1093 break;
1094 }
1095
1096 BOOL isResponse;
1097 int timestamp = *((DWORD *)(got+i));
1098 if(timestamp & 0x80000000) {
1099 timestamp &= 0x7fffffff;
1100 isResponse = 1;
1101 } else {
1102 isResponse = 0;
1103 }
1104 int metric = *((DWORD *)(got+i+4));
1105
1106 int len = got[i+8];
1107
1108 if(len > 100) {
1109 break;
1110 }
1111 if(i + len >= 900) {
1112 break;
1113 }
1114
1115 BYTE *frame = (got+i+9);
1116
1117 char line[1000] = "";
1118 int j;
1119 for(j = 0; j < len; j++) {
1120 sprintf(line+(j*3), "%02x ", frame[j]);
1121 }
1122
1123 char *crc;
1124 if(len > 2) {
1125 BYTE b1, b2;
1126 ComputeCrc14443(CRC_14443_B, frame, len-2, &b1, &b2);
1127 if(b1 != frame[len-2] || b2 != frame[len-1]) {
1128 crc = "**FAIL CRC**";
1129 } else {
1130 crc = "";
1131 }
1132 } else {
1133 crc = "(SHORT)";
1134 }
1135
1136 char metricString[100];
1137 if(isResponse) {
1138 sprintf(metricString, "%3d", metric);
1139 } else {
1140 strcpy(metricString, " ");
1141 }
1142
1143 PrintToScrollback(" +%7d: %s: %s %s %s",
1144 (prev < 0 ? 0 : timestamp - prev),
1145 metricString,
1146 (isResponse ? "TAG" : " "), line, crc);
1147
1148 prev = timestamp;
1149 i += (len + 9);
1150 }
1151 }
1152
1153 static void CmdHi14alist(char *str)
1154 {
1155 BYTE got[1920];
1156 GetFromBigBuf(got, sizeof(got));
1157
1158 PrintToScrollback("recorded activity:");
1159 PrintToScrollback(" ETU :rssi: who bytes");
1160 PrintToScrollback("---------+----+----+-----------");
1161
1162 int i = 0;
1163 int prev = -1;
1164
1165 for(;;) {
1166 if(i >= 1900) {
1167 break;
1168 }
1169
1170 BOOL isResponse;
1171 int timestamp = *((DWORD *)(got+i));
1172 if(timestamp & 0x80000000) {
1173 timestamp &= 0x7fffffff;
1174 isResponse = 1;
1175 } else {
1176 isResponse = 0;
1177 }
1178
1179 int metric = 0;
1180 int parityBits = *((DWORD *)(got+i+4));
1181 // 4 bytes of additional information...
1182 // maximum of 32 additional parity bit information
1183 //
1184 // TODO:
1185 // at each quarter bit period we can send power level (16 levels)
1186 // or each half bit period in 256 levels.
1187
1188
1189 int len = got[i+8];
1190
1191 if(len > 100) {
1192 break;
1193 }
1194 if(i + len >= 1900) {
1195 break;
1196 }
1197
1198 BYTE *frame = (got+i+9);
1199
1200 // Break and stick with current result if buffer was not completely full
1201 if(frame[0] == 0x44 && frame[1] == 0x44 && frame[3] == 0x44) { break; }
1202
1203 char line[1000] = "";
1204 int j;
1205 for(j = 0; j < len; j++) {
1206 int oddparity = 0x01;
1207 int k;
1208
1209 for(k=0;k<8;k++) {
1210 oddparity ^= (((frame[j] & 0xFF) >> k) & 0x01);
1211 }
1212
1213 //if((parityBits >> (len - j - 1)) & 0x01) {
1214 if(isResponse && (oddparity != ((parityBits >> (len - j - 1)) & 0x01))) {
1215 sprintf(line+(j*4), "%02x! ", frame[j]);
1216 }
1217 else {
1218 sprintf(line+(j*4), "%02x ", frame[j]);
1219 }
1220 }
1221
1222 char *crc;
1223 crc = "";
1224 if(len > 2) {
1225 BYTE b1, b2;
1226 for(j = 0; j < (len - 1); j++) {
1227 // gives problems... search for the reason..
1228 /*if(frame[j] == 0xAA) {
1229 switch(frame[j+1]) {
1230 case 0x01:
1231 crc = "[1] Two drops close after each other";
1232 break;
1233 case 0x02:
1234 crc = "[2] Potential SOC with a drop in second half of bitperiod";
1235 break;
1236 case 0x03:
1237 crc = "[3] Segment Z after segment X is not possible";
1238 break;
1239 case 0x04:
1240 crc = "[4] Parity bit of a fully received byte was wrong";
1241 break;
1242 default:
1243 crc = "[?] Unknown error";
1244 break;
1245 }
1246 break;
1247 }*/
1248 }
1249
1250 if(strlen(crc)==0) {
1251 ComputeCrc14443(CRC_14443_A, frame, len-2, &b1, &b2);
1252 if(b1 != frame[len-2] || b2 != frame[len-1]) {
1253 crc = (isResponse & (len < 6)) ? "" : " !crc";
1254 } else {
1255 crc = "";
1256 }
1257 }
1258 } else {
1259 crc = ""; // SHORT
1260 }
1261
1262 char metricString[100];
1263 if(isResponse) {
1264 sprintf(metricString, "%3d", metric);
1265 } else {
1266 strcpy(metricString, " ");
1267 }
1268
1269 PrintToScrollback(" +%7d: %s: %s %s %s",
1270 (prev < 0 ? 0 : (timestamp - prev)),
1271 metricString,
1272 (isResponse ? "TAG" : " "), line, crc);
1273
1274 prev = timestamp;
1275 i += (len + 9);
1276 }
1277 CommandFinished = 1;
1278 }
1279
1280 static void CmdHi15demod(char *str)
1281 {
1282 // The sampling rate is 106.353 ksps/s, for T = 18.8 us
1283
1284 // SOF defined as
1285 // 1) Unmodulated time of 56.64us
1286 // 2) 24 pulses of 423.75khz
1287 // 3) logic '1' (unmodulated for 18.88us followed by 8 pulses of 423.75khz)
1288
1289 static const int FrameSOF[] = {
1290 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1291 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1292 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1293 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1294 -1, -1, -1, -1,
1295 -1, -1, -1, -1,
1296 1, 1, 1, 1,
1297 1, 1, 1, 1
1298 };
1299 static const int Logic0[] = {
1300 1, 1, 1, 1,
1301 1, 1, 1, 1,
1302 -1, -1, -1, -1,
1303 -1, -1, -1, -1
1304 };
1305 static const int Logic1[] = {
1306 -1, -1, -1, -1,
1307 -1, -1, -1, -1,
1308 1, 1, 1, 1,
1309 1, 1, 1, 1
1310 };
1311
1312 // EOF defined as
1313 // 1) logic '0' (8 pulses of 423.75khz followed by unmodulated for 18.88us)
1314 // 2) 24 pulses of 423.75khz
1315 // 3) Unmodulated time of 56.64us
1316
1317 static const int FrameEOF[] = {
1318 1, 1, 1, 1,
1319 1, 1, 1, 1,
1320 -1, -1, -1, -1,
1321 -1, -1, -1, -1,
1322 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1323 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1324 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1325 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1
1326 };
1327
1328 int i, j;
1329 int max = 0, maxPos;
1330
1331 int skip = 4;
1332
1333 if(GraphTraceLen < 1000) return;
1334
1335 // First, correlate for SOF
1336 for(i = 0; i < 100; i++) {
1337 int corr = 0;
1338 for(j = 0; j < arraylen(FrameSOF); j += skip) {
1339 corr += FrameSOF[j]*GraphBuffer[i+(j/skip)];
1340 }
1341 if(corr > max) {
1342 max = corr;
1343 maxPos = i;
1344 }
1345 }
1346 PrintToScrollback("SOF at %d, correlation %d", maxPos,
1347 max/(arraylen(FrameSOF)/skip));
1348
1349 i = maxPos + arraylen(FrameSOF)/skip;
1350 int k = 0;
1351 BYTE outBuf[20];
1352 memset(outBuf, 0, sizeof(outBuf));
1353 BYTE mask = 0x01;
1354 for(;;) {
1355 int corr0 = 0, corr1 = 0, corrEOF = 0;
1356 for(j = 0; j < arraylen(Logic0); j += skip) {
1357 corr0 += Logic0[j]*GraphBuffer[i+(j/skip)];
1358 }
1359 for(j = 0; j < arraylen(Logic1); j += skip) {
1360 corr1 += Logic1[j]*GraphBuffer[i+(j/skip)];
1361 }
1362 for(j = 0; j < arraylen(FrameEOF); j += skip) {
1363 corrEOF += FrameEOF[j]*GraphBuffer[i+(j/skip)];
1364 }
1365 // Even things out by the length of the target waveform.
1366 corr0 *= 4;
1367 corr1 *= 4;
1368
1369 if(corrEOF > corr1 && corrEOF > corr0) {
1370 PrintToScrollback("EOF at %d", i);
1371 break;
1372 } else if(corr1 > corr0) {
1373 i += arraylen(Logic1)/skip;
1374 outBuf[k] |= mask;
1375 } else {
1376 i += arraylen(Logic0)/skip;
1377 }
1378 mask <<= 1;
1379 if(mask == 0) {
1380 k++;
1381 mask = 0x01;
1382 }
1383 if((i+(int)arraylen(FrameEOF)) >= GraphTraceLen) {
1384 PrintToScrollback("ran off end!");
1385 break;
1386 }
1387 }
1388 if(mask != 0x01) {
1389 PrintToScrollback("error, uneven octet! (discard extra bits!)");
1390 PrintToScrollback(" mask=%02x", mask);
1391 }
1392 PrintToScrollback("%d octets", k);
1393
1394 for(i = 0; i < k; i++) {
1395 PrintToScrollback("# %2d: %02x ", i, outBuf[i]);
1396 }
1397 PrintToScrollback("CRC=%04x", Iso15693Crc(outBuf, k-2));
1398 }
1399
1400 static void CmdTIReadRaw(char *str)
1401 {
1402 UsbCommand c;
1403 c.cmd = CMD_ACQUIRE_RAW_BITS_TI_TYPE;
1404 SendCommand(&c, FALSE);
1405 }
1406
1407 static void CmdTIBits(char *str)
1408 {
1409 int cnt = 0;
1410 int i;
1411 // for(i = 0; i < 1536; i += 12) {
1412 for(i = 0; i < 4000; i += 12) {
1413 UsbCommand c;
1414 c.cmd = CMD_DOWNLOAD_RAW_BITS_TI_TYPE;
1415 c.ext1 = i;
1416 SendCommand(&c, FALSE);
1417 ReceiveCommand(&c);
1418 if(c.cmd != CMD_DOWNLOADED_RAW_BITS_TI_TYPE) {
1419 PrintToScrollback("bad resp");
1420 return;
1421 }
1422 int j;
1423 for(j = 0; j < 12; j++) {
1424 int k;
1425 for(k = 31; k >= 0; k--) {
1426 if(c.d.asDwords[j] & (1 << k)) {
1427 GraphBuffer[cnt++] = 1;
1428 } else {
1429 GraphBuffer[cnt++] = -1;
1430 }
1431 }
1432 }
1433 }
1434 // GraphTraceLen = 1536*32;
1435 GraphTraceLen = 4000*32;
1436 RepaintGraphWindow();
1437 }
1438
1439 static void CmdFSKdemod(char *cmdline)
1440 {
1441 static const int LowTone[] = {
1442 1, 1, 1, 1, 1, -1, -1, -1, -1, -1,
1443 1, 1, 1, 1, 1, -1, -1, -1, -1, -1,
1444 1, 1, 1, 1, 1, -1, -1, -1, -1, -1,
1445 1, 1, 1, 1, 1, -1, -1, -1, -1, -1,
1446 1, 1, 1, 1, 1, -1, -1, -1, -1, -1
1447 };
1448 static const int HighTone[] = {
1449 1, 1, 1, 1, 1, -1, -1, -1, -1,
1450 1, 1, 1, 1, -1, -1, -1, -1,
1451 1, 1, 1, 1, -1, -1, -1, -1,
1452 1, 1, 1, 1, -1, -1, -1, -1,
1453 1, 1, 1, 1, -1, -1, -1, -1,
1454 1, 1, 1, 1, -1, -1, -1, -1, -1,
1455 };
1456
1457 int convLen = max(arraylen(HighTone), arraylen(LowTone));
1458 DWORD hi = 0, lo = 0;
1459
1460 int i, j;
1461 int minMark=0, maxMark=0;
1462 int lowLen = arraylen(LowTone);
1463 int highLen = arraylen(HighTone);
1464
1465 for(i = 0; i < GraphTraceLen - convLen; i++) {
1466 int lowSum = 0, highSum = 0;
1467
1468 for(j = 0; j < lowLen; j++) {
1469 lowSum += LowTone[j]*GraphBuffer[i+j];
1470 }
1471 for(j = 0; j < highLen; j++) {
1472 highSum += HighTone[j]*GraphBuffer[i+j];
1473 }
1474 lowSum = abs((100*lowSum) / lowLen);
1475 highSum = abs((100*highSum) / highLen);
1476 GraphBuffer[i] = (highSum << 16) | lowSum;
1477 }
1478
1479 for(i = 0; i < GraphTraceLen - convLen - 16; i++) {
1480 int j;
1481 int lowTot = 0, highTot = 0;
1482 // 10 and 8 are f_s divided by f_l and f_h, rounded
1483 for(j = 0; j < 10; j++) {
1484 lowTot += (GraphBuffer[i+j] & 0xffff);
1485 }
1486 for(j = 0; j < 8; j++) {
1487 highTot += (GraphBuffer[i+j] >> 16);
1488 }
1489 GraphBuffer[i] = lowTot - highTot;
1490 if (GraphBuffer[i]>maxMark) maxMark=GraphBuffer[i];
1491 if (GraphBuffer[i]<minMark) minMark=GraphBuffer[i];
1492 }
1493
1494 GraphTraceLen -= (convLen + 16);
1495
1496 RepaintGraphWindow();
1497
1498 // Find bit-sync (3 lo followed by 3 high)
1499 int max = 0, maxPos = 0;
1500 for(i = 0; i < 6000; i++) {
1501 int dec = 0;
1502 for(j = 0; j < 3*arraylen(LowTone); j++) {
1503 dec -= GraphBuffer[i+j];
1504 }
1505 for(; j < 3*(arraylen(LowTone) + arraylen(HighTone) ); j++) {
1506 dec += GraphBuffer[i+j];
1507 }
1508 if(dec > max) {
1509 max = dec;
1510 maxPos = i;
1511 }
1512 }
1513
1514 // place start of bit sync marker in graph
1515 GraphBuffer[maxPos] = maxMark;
1516 GraphBuffer[maxPos+1] = minMark;
1517
1518 maxPos += j;
1519
1520 // place end of bit sync marker in graph
1521 GraphBuffer[maxPos] = maxMark;
1522 GraphBuffer[maxPos+1] = minMark;
1523
1524 PrintToScrollback("actual data bits start at sample %d", maxPos);
1525 PrintToScrollback("length %d/%d", arraylen(HighTone), arraylen(LowTone));
1526
1527 BYTE bits[46];
1528 bits[sizeof(bits)-1] = '\0';
1529
1530 // find bit pairs and manchester decode them
1531 for(i = 0; i < arraylen(bits)-1; i++) {
1532 int dec = 0;
1533 for(j = 0; j < arraylen(LowTone); j++) {
1534 dec -= GraphBuffer[maxPos+j];
1535 }
1536 for(; j < arraylen(LowTone) + arraylen(HighTone); j++) {
1537 dec += GraphBuffer[maxPos+j];
1538 }
1539 maxPos += j;
1540 // place inter bit marker in graph
1541 GraphBuffer[maxPos] = maxMark;
1542 GraphBuffer[maxPos+1] = minMark;
1543
1544 // hi and lo form a 64 bit pair
1545 hi = (hi<<1)|(lo>>31);
1546 lo = (lo<<1);
1547 // store decoded bit as binary (in hi/lo) and text (in bits[])
1548 if(dec<0) {
1549 bits[i] = '1';
1550 lo|=1;
1551 } else {
1552 bits[i] = '0';
1553 }
1554 }
1555 PrintToScrollback("bits: '%s'", bits);
1556 PrintToScrollback("hex: %08x %08x", hi, lo);
1557 }
1558
1559 // read a TI tag and return its ID
1560 static void CmdTIRead(char *str)
1561 {
1562 UsbCommand c;
1563 c.cmd = CMD_READ_TI_TYPE;
1564 SendCommand(&c, FALSE);
1565 }
1566
1567 // write new data to a r/w TI tag
1568 static void CmdTIWrite(char *str)
1569 {
1570 UsbCommand c;
1571 int res=0;
1572
1573 c.cmd = CMD_WRITE_TI_TYPE;
1574 res = sscanf(str, "0x%x 0x%x 0x%x ", &c.ext1, &c.ext2, &c.ext3);
1575 if (res == 2) c.ext3=0;
1576 if (res<2)
1577 PrintToScrollback("Please specify 2 or three hex strings, eg 0x1234 0x5678");
1578 else
1579 SendCommand(&c, FALSE);
1580 }
1581
1582 static void CmdTIDemod(char *cmdline)
1583 {
1584 /* MATLAB as follows:
1585 f_s = 2000000; % sampling frequency
1586 f_l = 123200; % low FSK tone
1587 f_h = 134200; % high FSK tone
1588
1589 T_l = 119e-6; % low bit duration
1590 T_h = 130e-6; % high bit duration
1591
1592 l = 2*pi*ones(1, floor(f_s*T_l))*(f_l/f_s);
1593 h = 2*pi*ones(1, floor(f_s*T_h))*(f_h/f_s);
1594
1595 l = sign(sin(cumsum(l)));
1596 h = sign(sin(cumsum(h)));
1597 */
1598 static const int LowTone[] = {
1599 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1600 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1601 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1602 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1603 1, 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1604 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1605 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1606 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1607 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1608 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1609 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1610 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1611 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1612 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1613 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1,
1614 };
1615 static const int HighTone[] = {
1616 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1617 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1618 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1619 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1620 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1621 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1622 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1623 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1624 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1625 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1626 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1627 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1628 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1629 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1630 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1631 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1632 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1633 1, 1, 1, 1, 1, 1, 1,
1634 };
1635
1636 int convLen = max(arraylen(HighTone), arraylen(LowTone));
1637 WORD crc;
1638 int i, TagType;
1639 for(i = 0; i < GraphTraceLen - convLen; i++) {
1640 int j;
1641 int lowSum = 0, highSum = 0;;
1642 int lowLen = arraylen(LowTone);
1643 int highLen = arraylen(HighTone);
1644
1645 for(j = 0; j < lowLen; j++) {
1646 lowSum += LowTone[j]*GraphBuffer[i+j];
1647 }
1648 for(j = 0; j < highLen; j++) {
1649 highSum += HighTone[j]*GraphBuffer[i+j];
1650 }
1651 lowSum = abs((100*lowSum) / lowLen);
1652 highSum = abs((100*highSum) / highLen);
1653 GraphBuffer[i] = (highSum << 16) | lowSum;
1654 }
1655
1656 for(i = 0; i < GraphTraceLen - convLen - 16; i++) {
1657 int j;
1658 int lowTot = 0, highTot = 0;
1659 // 16 and 15 are f_s divided by f_l and f_h, rounded
1660 for(j = 0; j < 16; j++) {
1661 lowTot += (GraphBuffer[i+j] & 0xffff);
1662 }
1663 for(j = 0; j < 15; j++) {
1664 highTot += (GraphBuffer[i+j] >> 16);
1665 }
1666 GraphBuffer[i] = lowTot - highTot;
1667 }
1668
1669 GraphTraceLen -= (convLen + 16);
1670
1671 RepaintGraphWindow();
1672
1673 // TI tag data format is 16 prebits, 8 start bits, 64 data bits,
1674 // 16 crc CCITT bits, 8 stop bits, 15 end bits
1675
1676 // the 16 prebits are always low
1677 // the 8 start and stop bits of a tag must match
1678 // the start/stop prebits of a ro tag are 01111110
1679 // the start/stop prebits of a rw tag are 11111110
1680 // the 15 end bits of a ro tag are all low
1681 // the 15 end bits of a rw tag match bits 15-1 of the data bits
1682
1683 // Okay, so now we have unsliced soft decisions;
1684 // find bit-sync, and then get some bits.
1685 // look for 17 low bits followed by 6 highs (common pattern for ro and rw tags)
1686 int max = 0, maxPos = 0;
1687 for(i = 0; i < 6000; i++) {
1688 int j;
1689 int dec = 0;
1690 // searching 17 consecutive lows
1691 for(j = 0; j < 17*arraylen(LowTone); j++) {
1692 dec -= GraphBuffer[i+j];
1693 }
1694 // searching 7 consecutive highs
1695 for(; j < 17*arraylen(LowTone) + 6*arraylen(HighTone); j++) {
1696 dec += GraphBuffer[i+j];
1697 }
1698 if(dec > max) {
1699 max = dec;
1700 maxPos = i;
1701 }
1702 }
1703
1704 // place a marker in the buffer to visually aid location
1705 // of the start of sync
1706 GraphBuffer[maxPos] = 800;
1707 GraphBuffer[maxPos+1] = -800;
1708
1709 // advance pointer to start of actual data stream (after 16 pre and 8 start bits)
1710 maxPos += 17*arraylen(LowTone);
1711 maxPos += 6*arraylen(HighTone);
1712
1713 // place a marker in the buffer to visually aid location
1714 // of the end of sync
1715 GraphBuffer[maxPos] = 800;
1716 GraphBuffer[maxPos+1] = -800;
1717
1718 PrintToScrollback("actual data bits start at sample %d", maxPos);
1719
1720 PrintToScrollback("length %d/%d", arraylen(HighTone), arraylen(LowTone));
1721
1722 BYTE bits[1+64+16+8+16];
1723 bits[sizeof(bits)-1] = '\0';
1724
1725 DWORD shift3 = 0x7e000000, shift2 = 0, shift1 = 0, shift0 = 0;
1726
1727 for(i = 0; i < arraylen(bits)-1; i++) {
1728 int high = 0;
1729 int low = 0;
1730 int j;
1731 for(j = 0; j < arraylen(LowTone); j++) {
1732 low -= GraphBuffer[maxPos+j];
1733 }
1734 for(j = 0; j < arraylen(HighTone); j++) {
1735 high += GraphBuffer[maxPos+j];
1736 }
1737
1738 if(high > low) {
1739 bits[i] = '1';
1740 maxPos += arraylen(HighTone);
1741 // bitstream arrives lsb first so shift right
1742 shift3 |= (1<<31);
1743 } else {
1744 bits[i] = '.';
1745 maxPos += arraylen(LowTone);
1746 }
1747
1748 // 128 bit right shift register
1749 shift0 = (shift0>>1) | (shift1 << 31);
1750 shift1 = (shift1>>1) | (shift2 << 31);
1751 shift2 = (shift2>>1) | (shift3 << 31);
1752 shift3 >>= 1;
1753
1754 // place a marker in the buffer between bits to visually aid location
1755 GraphBuffer[maxPos] = 800;
1756 GraphBuffer[maxPos+1] = -800;
1757 }
1758 PrintToScrollback("Info: raw tag bits = %s", bits);
1759
1760 TagType = (shift3>>8)&0xff;
1761 if ( TagType != ((shift0>>16)&0xff) ) {
1762 PrintToScrollback("Error: start and stop bits do not match!");
1763 return;
1764 }
1765 else if (TagType == 0x7e) {
1766 PrintToScrollback("Info: Readonly TI tag detected.");
1767 return;
1768 }
1769 else if (TagType == 0xfe) {
1770 PrintToScrollback("Info: Rewriteable TI tag detected.");
1771
1772 // put 64 bit data into shift1 and shift0
1773 shift0 = (shift0>>24) | (shift1 << 8);
1774 shift1 = (shift1>>24) | (shift2 << 8);
1775
1776 // align 16 bit crc into lower half of shift2
1777 shift2 = ((shift2>>24) | (shift3 << 8)) & 0x0ffff;
1778
1779 // align 16 bit "end bits" or "ident" into lower half of shift3
1780 shift3 >>= 16;
1781
1782 // only 15 bits compare, last bit of ident is not valid
1783 if ( (shift3^shift0)&0x7fff ) {
1784 PrintToScrollback("Error: Ident mismatch!");
1785 }
1786 // WARNING the order of the bytes in which we calc crc below needs checking
1787 // i'm 99% sure the crc algorithm is correct, but it may need to eat the
1788 // bytes in reverse or something
1789 // calculate CRC
1790 crc=0;
1791 crc = update_crc16(crc, (shift0)&0xff);
1792 crc = update_crc16(crc, (shift0>>8)&0xff);
1793 crc = update_crc16(crc, (shift0>>16)&0xff);
1794 crc = update_crc16(crc, (shift0>>24)&0xff);
1795 crc = update_crc16(crc, (shift1)&0xff);
1796 crc = update_crc16(crc, (shift1>>8)&0xff);
1797 crc = update_crc16(crc, (shift1>>16)&0xff);
1798 crc = update_crc16(crc, (shift1>>24)&0xff);
1799 PrintToScrollback("Info: Tag data = %08X%08X", shift1, shift0);
1800 if (crc != (shift2&0xffff)) {
1801 PrintToScrollback("Error: CRC mismatch, calculated %04X, got ^04X", crc, shift2&0xffff);
1802 } else {
1803 PrintToScrollback("Info: CRC %04X is good", crc);
1804 }
1805 }
1806 else {
1807 PrintToScrollback("Unknown tag type.");
1808 return;
1809 }
1810 }
1811
1812 static void CmdNorm(char *str)
1813 {
1814 int i;
1815 int max = INT_MIN, min = INT_MAX;
1816 for(i = 10; i < GraphTraceLen; i++) {
1817 if(GraphBuffer[i] > max) {
1818 max = GraphBuffer[i];
1819 }
1820 if(GraphBuffer[i] < min) {
1821 min = GraphBuffer[i];
1822 }
1823 }
1824 if(max != min) {
1825 for(i = 0; i < GraphTraceLen; i++) {
1826 GraphBuffer[i] = (GraphBuffer[i] - ((max + min)/2))*1000/
1827 (max - min);
1828 }
1829 }
1830 RepaintGraphWindow();
1831 }
1832
1833 static void CmdDec(char *str)
1834 {
1835 int i;
1836 for(i = 0; i < (GraphTraceLen/2); i++) {
1837 GraphBuffer[i] = GraphBuffer[i*2];
1838 }
1839 GraphTraceLen /= 2;
1840 PrintToScrollback("decimated by 2");
1841 RepaintGraphWindow();
1842 }
1843
1844 static void CmdHpf(char *str)
1845 {
1846 int i;
1847 int accum = 0;
1848 for(i = 10; i < GraphTraceLen; i++) {
1849 accum += GraphBuffer[i];
1850 }
1851 accum /= (GraphTraceLen - 10);
1852 for(i = 0; i < GraphTraceLen; i++) {
1853 GraphBuffer[i] -= accum;
1854 }
1855
1856 RepaintGraphWindow();
1857 }
1858
1859 static void CmdZerocrossings(char *str)
1860 {
1861 int i;
1862 // Zero-crossings aren't meaningful unless the signal is zero-mean.
1863 CmdHpf("");
1864
1865 int sign = 1;
1866 int zc = 0;
1867 int lastZc = 0;
1868 for(i = 0; i < GraphTraceLen; i++) {
1869 if(GraphBuffer[i]*sign >= 0) {
1870 // No change in sign, reproduce the previous sample count.
1871 zc++;
1872 GraphBuffer[i] = lastZc;
1873 } else {
1874 // Change in sign, reset the sample count.
1875 sign = -sign;
1876 GraphBuffer[i] = lastZc;
1877 if(sign > 0) {
1878 lastZc = zc;
1879 zc = 0;
1880 }
1881 }
1882 }
1883
1884 RepaintGraphWindow();
1885 }
1886
1887 static void CmdThreshold(char *str)
1888 {
1889 int i;
1890 int threshold = atoi(str);
1891
1892 for(i = 0; i < GraphTraceLen; i++) {
1893 if(GraphBuffer[i]>= threshold)
1894 GraphBuffer[i]=1;
1895 else
1896 GraphBuffer[i]=-1;
1897 }
1898 RepaintGraphWindow();
1899 }
1900
1901 static void CmdLtrim(char *str)
1902 {
1903 int i;
1904 int ds = atoi(str);
1905
1906 for(i = ds; i < GraphTraceLen; i++) {
1907 GraphBuffer[i-ds] = GraphBuffer[i];
1908 }
1909 GraphTraceLen -= ds;
1910
1911 RepaintGraphWindow();
1912 }
1913
1914 static void CmdAutoCorr(char *str)
1915 {
1916 static int CorrelBuffer[MAX_GRAPH_TRACE_LEN];
1917
1918 int window = atoi(str);
1919
1920 if(window == 0) {
1921 PrintToScrollback("needs a window");
1922 return;
1923 }
1924
1925 if(window >= GraphTraceLen) {
1926 PrintToScrollback("window must be smaller than trace (%d samples)",
1927 GraphTraceLen);
1928 return;
1929 }
1930
1931 PrintToScrollback("performing %d correlations", GraphTraceLen - window);
1932
1933 int i;
1934 for(i = 0; i < GraphTraceLen - window; i++) {
1935 int sum = 0;
1936 int j;
1937 for(j = 0; j < window; j++) {
1938 sum += (GraphBuffer[j]*GraphBuffer[i+j]) / 256;
1939 }
1940 CorrelBuffer[i] = sum;
1941 }
1942 GraphTraceLen = GraphTraceLen - window;
1943 memcpy(GraphBuffer, CorrelBuffer, GraphTraceLen*sizeof(int));
1944
1945 RepaintGraphWindow();
1946 }
1947
1948 static void CmdVchdemod(char *str)
1949 {
1950 // Is this the entire sync pattern, or does this also include some
1951 // data bits that happen to be the same everywhere? That would be
1952 // lovely to know.
1953 static const int SyncPattern[] = {
1954 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1955 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1956 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1957 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1958 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1959 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1960 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1961 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1962 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1963 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1964 };
1965
1966 // So first, we correlate for the sync pattern, and mark that.
1967 int bestCorrel = 0, bestPos = 0;
1968 int i;
1969 // It does us no good to find the sync pattern, with fewer than
1970 // 2048 samples after it...
1971 for(i = 0; i < (GraphTraceLen-2048); i++) {
1972 int sum = 0;
1973 int j;
1974 for(j = 0; j < arraylen(SyncPattern); j++) {
1975 sum += GraphBuffer[i+j]*SyncPattern[j];
1976 }
1977 if(sum > bestCorrel) {
1978 bestCorrel = sum;
1979 bestPos = i;
1980 }
1981 }
1982 PrintToScrollback("best sync at %d [metric %d]", bestPos, bestCorrel);
1983
1984 char bits[257];
1985 bits[256] = '\0';
1986
1987 int worst = INT_MAX;
1988 int worstPos;
1989
1990 for(i = 0; i < 2048; i += 8) {
1991 int sum = 0;
1992 int j;
1993 for(j = 0; j < 8; j++) {
1994 sum += GraphBuffer[bestPos+i+j];
1995 }
1996 if(sum < 0) {
1997 bits[i/8] = '.';
1998 } else {
1999 bits[i/8] = '1';
2000 }
2001 if(abs(sum) < worst) {
2002 worst = abs(sum);
2003 worstPos = i;
2004 }
2005 }
2006 PrintToScrollback("bits:");
2007 PrintToScrollback("%s", bits);
2008 PrintToScrollback("worst metric: %d at pos %d", worst, worstPos);
2009
2010 if(strcmp(str, "clone")==0) {
2011 GraphTraceLen = 0;
2012 char *s;
2013 for(s = bits; *s; s++) {
2014 int j;
2015 for(j = 0; j < 16; j++) {
2016 GraphBuffer[GraphTraceLen++] = (*s == '1') ? 1 : 0;
2017 }
2018 }
2019 RepaintGraphWindow();
2020 }
2021 }
2022
2023 static void CmdIndalademod(char *str)
2024 {
2025 // Usage: recover 64bit UID by default, specify "224" as arg to recover a 224bit UID
2026
2027 int state = -1;
2028 int count = 0;
2029 int i, j;
2030 // worst case with GraphTraceLen=64000 is < 4096
2031 // under normal conditions it's < 2048
2032 BYTE rawbits[4096];
2033 int rawbit = 0;
2034 int worst = 0, worstPos = 0;
2035 PrintToScrollback("Expecting a bit less than %d raw bits", GraphTraceLen/32);
2036 for(i = 0; i < GraphTraceLen-1; i += 2) {
2037 count+=1;
2038 if((GraphBuffer[i] > GraphBuffer[i + 1]) && (state != 1)) {
2039 if (state == 0) {
2040 for(j = 0; j < count - 8; j += 16) {
2041 rawbits[rawbit++] = 0;
2042 }
2043 if ((abs(count - j)) > worst) {
2044 worst = abs(count - j);
2045 worstPos = i;
2046 }
2047 }
2048 state = 1;
2049 count=0;
2050 } else if((GraphBuffer[i] < GraphBuffer[i + 1]) && (state != 0)) {
2051 if (state == 1) {
2052 for(j = 0; j < count - 8; j += 16) {
2053 rawbits[rawbit++] = 1;
2054 }
2055 if ((abs(count - j)) > worst) {
2056 worst = abs(count - j);
2057 worstPos = i;
2058 }
2059 }
2060 state = 0;
2061 count=0;
2062 }
2063 }
2064 PrintToScrollback("Recovered %d raw bits", rawbit);
2065 PrintToScrollback("worst metric (0=best..7=worst): %d at pos %d", worst, worstPos);
2066
2067 // Finding the start of a UID
2068 int uidlen, long_wait;
2069 if(strcmp(str, "224") == 0) {
2070 uidlen=224;
2071 long_wait=30;
2072 } else {
2073 uidlen=64;
2074 long_wait=29;
2075 }
2076 int start;
2077 int first = 0;
2078 for(start = 0; start <= rawbit - uidlen; start++) {
2079 first = rawbits[start];
2080 for(i = start; i < start + long_wait; i++) {
2081 if(rawbits[i] != first) {
2082 break;
2083 }
2084 }
2085 if(i == (start + long_wait)) {
2086 break;
2087 }
2088 }
2089 if(start == rawbit - uidlen + 1) {
2090 PrintToScrollback("nothing to wait for");
2091 return;
2092 }
2093
2094 // Inverting signal if needed
2095 if(first == 1) {
2096 for(i = start; i < rawbit; i++) {
2097 rawbits[i] = !rawbits[i];
2098 }
2099 }
2100
2101 // Dumping UID
2102 BYTE bits[224];
2103 char showbits[225];
2104 showbits[uidlen]='\0';
2105 int bit;
2106 i = start;
2107 int times = 0;
2108 if(uidlen > rawbit) {
2109 PrintToScrollback("Warning: not enough raw bits to get a full UID");
2110 for(bit = 0; bit < rawbit; bit++) {
2111 bits[bit] = rawbits[i++];
2112 // As we cannot know the parity, let's use "." and "/"
2113 showbits[bit] = '.' + bits[bit];
2114 }
2115 showbits[bit+1]='\0';
2116 PrintToScrollback("Partial UID=%s", showbits);
2117 return;
2118 } else {
2119 for(bit = 0; bit < uidlen; bit++) {
2120 bits[bit] = rawbits[i++];
2121 showbits[bit] = '0' + bits[bit];
2122 }
2123 times = 1;
2124 }
2125 PrintToScrollback("UID=%s", showbits);
2126
2127 // Checking UID against next occurences
2128 for(; i + uidlen <= rawbit;) {
2129 int failed = 0;
2130 for(bit = 0; bit < uidlen; bit++) {
2131 if(bits[bit] != rawbits[i++]) {
2132 failed = 1;
2133 break;
2134 }
2135 }
2136 if (failed == 1) {
2137 break;
2138 }
2139 times += 1;
2140 }
2141 PrintToScrollback("Occurences: %d (expected %d)", times, (rawbit - start) / uidlen);
2142
2143 // Remodulating for tag cloning
2144 GraphTraceLen = 32*uidlen;
2145 i = 0;
2146 int phase = 0;
2147 for(bit = 0; bit < uidlen; bit++) {
2148 if(bits[bit] == 0) {
2149 phase = 0;
2150 } else {
2151 phase = 1;
2152 }
2153 int j;
2154 for(j = 0; j < 32; j++) {
2155 GraphBuffer[i++] = phase;
2156 phase = !phase;
2157 }
2158 }
2159
2160 RepaintGraphWindow();
2161 }
2162
2163 static void CmdFlexdemod(char *str)
2164 {
2165 int i;
2166 for(i = 0; i < GraphTraceLen; i++) {
2167 if(GraphBuffer[i] < 0) {
2168 GraphBuffer[i] = -1;
2169 } else {
2170 GraphBuffer[i] = 1;
2171 }
2172 }
2173
2174 #define LONG_WAIT 100
2175 int start;
2176 for(start = 0; start < GraphTraceLen - LONG_WAIT; start++) {
2177 int first = GraphBuffer[start];
2178 for(i = start; i < start + LONG_WAIT; i++) {
2179 if(GraphBuffer[i] != first) {
2180 break;
2181 }
2182 }
2183 if(i == (start + LONG_WAIT)) {
2184 break;
2185 }
2186 }
2187 if(start == GraphTraceLen - LONG_WAIT) {
2188 PrintToScrollback("nothing to wait for");
2189 return;
2190 }
2191
2192 GraphBuffer[start] = 2;
2193 GraphBuffer[start+1] = -2;
2194
2195 BYTE bits[64];
2196
2197 int bit;
2198 i = start;
2199 for(bit = 0; bit < 64; bit++) {
2200 int j;
2201 int sum = 0;
2202 for(j = 0; j < 16; j++) {
2203 sum += GraphBuffer[i++];
2204 }
2205 if(sum > 0) {
2206 bits[bit] = 1;
2207 } else {
2208 bits[bit] = 0;
2209 }
2210 PrintToScrollback("bit %d sum %d", bit, sum);
2211 }
2212
2213 for(bit = 0; bit < 64; bit++) {
2214 int j;
2215 int sum = 0;
2216 for(j = 0; j < 16; j++) {
2217 sum += GraphBuffer[i++];
2218 }
2219 if(sum > 0 && bits[bit] != 1) {
2220 PrintToScrollback("oops1 at %d", bit);
2221 }
2222 if(sum < 0 && bits[bit] != 0) {
2223 PrintToScrollback("oops2 at %d", bit);
2224 }
2225 }
2226
2227 GraphTraceLen = 32*64;
2228 i = 0;
2229 int phase = 0;
2230 for(bit = 0; bit < 64; bit++) {
2231 if(bits[bit] == 0) {
2232 phase = 0;
2233 } else {
2234 phase = 1;
2235 }
2236 int j;
2237 for(j = 0; j < 32; j++) {
2238 GraphBuffer[i++] = phase;
2239 phase = !phase;
2240 }
2241 }
2242
2243 RepaintGraphWindow();
2244 }
2245
2246 /*
2247 * Generic command to demodulate ASK.
2248 *
2249 * Argument is convention: positive or negative (High mod means zero
2250 * or high mod means one)
2251 *
2252 * Updates the Graph trace with 0/1 values
2253 *
2254 * Arguments:
2255 * c : 0 or 1
2256 */
2257
2258 static void Cmdaskdemod(char *str) {
2259 int i;
2260 int c, high = 0, low = 0;
2261
2262 // TODO: complain if we do not give 2 arguments here !
2263 sscanf(str, "%i", &c);
2264
2265 /* Detect high and lows and clock */
2266 for (i = 0; i < GraphTraceLen; i++)
2267 {
2268 if (GraphBuffer[i] > high)
2269 high = GraphBuffer[i];
2270 else if (GraphBuffer[i] < low)
2271 low = GraphBuffer[i];
2272 }
2273
2274 if (GraphBuffer[0] > 0) {
2275 GraphBuffer[0] = 1-c;
2276 } else {
2277 GraphBuffer[0] = c;
2278 }
2279 for(i=1;i<GraphTraceLen;i++) {
2280 /* Transitions are detected at each peak
2281 * Transitions are either:
2282 * - we're low: transition if we hit a high
2283 * - we're high: transition if we hit a low
2284 * (we need to do it this way because some tags keep high or
2285 * low for long periods, others just reach the peak and go
2286 * down)
2287 */
2288 if ((GraphBuffer[i]==high) && (GraphBuffer[i-1] == c)) {
2289 GraphBuffer[i]=1-c;
2290 } else if ((GraphBuffer[i]==low) && (GraphBuffer[i-1] == (1-c))){
2291 GraphBuffer[i] = c;
2292 } else {
2293 /* No transition */
2294 GraphBuffer[i] = GraphBuffer[i-1];
2295 }
2296 }
2297 RepaintGraphWindow();
2298 }
2299
2300 /* Print our clock rate */
2301 static void Cmddetectclockrate(char *str)
2302 {
2303 int clock = detectclock(0);
2304 PrintToScrollback("Auto-detected clock rate: %d", clock);
2305 }
2306
2307 /*
2308 * Detect clock rate
2309 */
2310 int detectclock(int peak)
2311 {
2312 int i;
2313 int clock = 0xFFFF;
2314 int lastpeak = 0;
2315
2316 /* Detect peak if we don't have one */
2317 if (!peak)
2318 for (i = 0; i < GraphTraceLen; i++)
2319 if (GraphBuffer[i] > peak)
2320 peak = GraphBuffer[i];
2321
2322 for (i = 1; i < GraphTraceLen; i++)
2323 {
2324 /* If this is the beginning of a peak */
2325 if (GraphBuffer[i-1] != GraphBuffer[i] && GraphBuffer[i] == peak)
2326 {
2327 /* Find lowest difference between peaks */
2328 if (lastpeak && i - lastpeak < clock)
2329 {
2330 clock = i - lastpeak;
2331 }
2332 lastpeak = i;
2333 }
2334 }
2335
2336 return clock;
2337 }
2338
2339 /* Get or auto-detect clock rate */
2340 int GetClock(char *str, int peak)
2341 {
2342 int clock;
2343
2344 sscanf(str, "%i", &clock);
2345 if (!strcmp(str, ""))
2346 clock = 0;
2347
2348 /* Auto-detect clock */
2349 if (!clock)
2350 {
2351 clock = detectclock(peak);
2352
2353 /* Only print this message if we're not looping something */
2354 if (!go)
2355 PrintToScrollback("Auto-detected clock rate: %d", clock);
2356 }
2357
2358 return clock;
2359 }
2360
2361 /*
2362 * Convert to a bitstream
2363 */
2364 static void Cmdbitstream(char *str) {
2365 int i, j;
2366 int bit;
2367 int gtl;
2368 int clock;
2369 int low = 0;
2370 int high = 0;
2371 int hithigh, hitlow, first;
2372
2373 /* Detect high and lows and clock */
2374 for (i = 0; i < GraphTraceLen; i++)
2375 {
2376 if (GraphBuffer[i] > high)
2377 high = GraphBuffer[i];
2378 else if (GraphBuffer[i] < low)
2379 low = GraphBuffer[i];
2380 }
2381
2382 /* Get our clock */
2383 clock = GetClock(str, high);
2384
2385 gtl = CmdClearGraph(0);
2386
2387 bit = 0;
2388 for (i = 0; i < (int)(gtl / clock); i++)
2389 {
2390 hithigh = 0;
2391 hitlow = 0;
2392 first = 1;
2393
2394 /* Find out if we hit both high and low peaks */
2395 for (j = 0; j < clock; j++)
2396 {
2397 if (GraphBuffer[(i * clock) + j] == high)
2398 hithigh = 1;
2399 else if (GraphBuffer[(i * clock) + j] == low)
2400 hitlow = 1;
2401
2402 /* it doesn't count if it's the first part of our read
2403 because it's really just trailing from the last sequence */
2404 if (first && (hithigh || hitlow))
2405 hithigh = hitlow = 0;
2406 else
2407 first = 0;
2408
2409 if (hithigh && hitlow)
2410 break;
2411 }
2412
2413 /* If we didn't hit both high and low peaks, we had a bit transition */
2414 if (!hithigh || !hitlow)
2415 bit ^= 1;
2416
2417 CmdAppendGraph(0, clock, bit);
2418 // for (j = 0; j < (int)(clock/2); j++)
2419 // GraphBuffer[(i * clock) + j] = bit ^ 1;
2420 // for (j = (int)(clock/2); j < clock; j++)
2421 // GraphBuffer[(i * clock) + j] = bit;
2422 }
2423
2424 RepaintGraphWindow();
2425 }
2426
2427 /* Modulate our data into manchester */
2428 static void Cmdmanchestermod(char *str)
2429 {
2430 int i, j;
2431 int clock;
2432 int bit, lastbit, wave;
2433
2434 /* Get our clock */
2435 clock = GetClock(str, 0);
2436
2437 wave = 0;
2438 lastbit = 1;
2439 for (i = 0; i < (int)(GraphTraceLen / clock); i++)
2440 {
2441 bit = GraphBuffer[i * clock] ^ 1;
2442
2443 for (j = 0; j < (int)(clock/2); j++)
2444 GraphBuffer[(i * clock) + j] = bit ^ lastbit ^ wave;
2445 for (j = (int)(clock/2); j < clock; j++)
2446 GraphBuffer[(i * clock) + j] = bit ^ lastbit ^ wave ^ 1;
2447
2448 /* Keep track of how we start our wave and if we changed or not this time */
2449 wave ^= bit ^ lastbit;
2450 lastbit = bit;
2451 }
2452
2453 RepaintGraphWindow();
2454 }
2455
2456 /*
2457 * Manchester demodulate a bitstream. The bitstream needs to be already in
2458 * the GraphBuffer as 0 and 1 values
2459 *
2460 * Give the clock rate as argument in order to help the sync - the algorithm
2461 * resyncs at each pulse anyway.
2462 *
2463 * Not optimized by any means, this is the 1st time I'm writing this type of
2464 * routine, feel free to improve...
2465 *
2466 * 1st argument: clock rate (as number of samples per clock rate)
2467 * Typical values can be 64, 32, 128...
2468 */
2469 static void Cmdmanchesterdemod(char *str) {
2470 int i, j, invert= 0;
2471 int bit;
2472 int clock;
2473 int lastval;
2474 int low = 0;
2475 int high = 0;
2476 int hithigh, hitlow, first;
2477 int lc = 0;
2478 int bitidx = 0;
2479 int bit2idx = 0;
2480 int warnings = 0;
2481
2482 /* check if we're inverting output */
2483 if(*str == 'i')
2484 {
2485 PrintToScrollback("Inverting output");
2486 invert= 1;
2487 do
2488 ++str;
2489 while(*str == ' '); // in case a 2nd argument was given
2490 }
2491
2492 /* Holds the decoded bitstream: each clock period contains 2 bits */
2493 /* later simplified to 1 bit after manchester decoding. */
2494 /* Add 10 bits to allow for noisy / uncertain traces without aborting */
2495 /* int BitStream[GraphTraceLen*2/clock+10]; */
2496
2497 /* But it does not work if compiling on WIndows: therefore we just allocate a */
2498 /* large array */
2499 int BitStream[MAX_GRAPH_TRACE_LEN];
2500
2501 /* Detect high and lows */
2502 for (i = 0; i < GraphTraceLen; i++)
2503 {
2504 if (GraphBuffer[i] > high)
2505 high = GraphBuffer[i];
2506 else if (GraphBuffer[i] < low)
2507 low = GraphBuffer[i];
2508 }
2509
2510 /* Get our clock */
2511 clock = GetClock(str, high);
2512
2513 int tolerance = clock/4;
2514
2515 /* Detect first transition */
2516 /* Lo-Hi (arbitrary) */
2517 for (i = 0; i < GraphTraceLen; i++)
2518 {
2519 if (GraphBuffer[i] == low)
2520 {
2521 lastval = i;
2522 break;
2523 }
2524 }
2525
2526 /* If we're not working with 1/0s, demod based off clock */
2527 if (high != 1)
2528 {
2529 bit = 0; /* We assume the 1st bit is zero, it may not be
2530 * the case: this routine (I think) has an init problem.
2531 * Ed.
2532 */
2533 for (; i < (int)(GraphTraceLen / clock); i++)
2534 {
2535 hithigh = 0;
2536 hitlow = 0;
2537 first = 1;
2538
2539 /* Find out if we hit both high and low peaks */
2540 for (j = 0; j < clock; j++)
2541 {
2542 if (GraphBuffer[(i * clock) + j] == high)
2543 hithigh = 1;
2544 else if (GraphBuffer[(i * clock) + j] == low)
2545 hitlow = 1;
2546
2547 /* it doesn't count if it's the first part of our read
2548 because it's really just trailing from the last sequence */
2549 if (first && (hithigh || hitlow))
2550 hithigh = hitlow = 0;
2551 else
2552 first = 0;
2553
2554 if (hithigh && hitlow)
2555 break;
2556 }
2557
2558 /* If we didn't hit both high and low peaks, we had a bit transition */
2559 if (!hithigh || !hitlow)
2560 bit ^= 1;
2561
2562 BitStream[bit2idx++] = bit ^ invert;
2563 }
2564 }
2565
2566 /* standard 1/0 bitstream */
2567 else
2568 {
2569
2570 /* Then detect duration between 2 successive transitions */
2571 for (bitidx = 1; i < GraphTraceLen; i++)
2572 {
2573 if (GraphBuffer[i-1] != GraphBuffer[i])
2574 {
2575 lc = i-lastval;
2576 lastval = i;
2577
2578 // Error check: if bitidx becomes too large, we do not
2579 // have a Manchester encoded bitstream or the clock is really
2580 // wrong!
2581 if (bitidx > (GraphTraceLen*2/clock+8) ) {
2582 PrintToScrollback("Error: the clock you gave is probably wrong, aborting.");
2583 return;
2584 }
2585 // Then switch depending on lc length:
2586 // Tolerance is 1/4 of clock rate (arbitrary)
2587 if (abs(lc-clock/2) < tolerance) {
2588 // Short pulse : either "1" or "0"
2589 BitStream[bitidx++]=GraphBuffer[i-1];
2590 } else if (abs(lc-clock) < tolerance) {
2591 // Long pulse: either "11" or "00"
2592 BitStream[bitidx++]=GraphBuffer[i-1];
2593 BitStream[bitidx++]=GraphBuffer[i-1];
2594 } else {
2595 // Error
2596 warnings++;
2597 PrintToScrollback("Warning: Manchester decode error for pulse width detection.");
2598 PrintToScrollback("(too many of those messages mean either the stream is not Manchester encoded, or clock is wrong)");
2599
2600 if (warnings > 100)
2601 {
2602 PrintToScrollback("Error: too many detection errors, aborting.");
2603 return;
2604 }
2605 }
2606 }
2607 }
2608
2609 // At this stage, we now have a bitstream of "01" ("1") or "10" ("0"), parse it into final decoded bitstream
2610 // Actually, we overwrite BitStream with the new decoded bitstream, we just need to be careful
2611 // to stop output at the final bitidx2 value, not bitidx
2612 for (i = 0; i < bitidx; i += 2) {
2613 if ((BitStream[i] == 0) && (BitStream[i+1] == 1)) {
2614 BitStream[bit2idx++] = 1 ^ invert;
2615 } else if ((BitStream[i] == 1) && (BitStream[i+1] == 0)) {
2616 BitStream[bit2idx++] = 0 ^ invert;
2617 } else {
2618 // We cannot end up in this state, this means we are unsynchronized,
2619 // move up 1 bit:
2620 i++;
2621 warnings++;
2622 PrintToScrollback("Unsynchronized, resync...");
2623 PrintToScrollback("(too many of those messages mean the stream is not Manchester encoded)");
2624
2625 if (warnings > 100)
2626 {
2627 PrintToScrollback("Error: too many decode errors, aborting.");
2628 return;
2629 }
2630 }
2631 }
2632 }
2633
2634 PrintToScrollback("Manchester decoded bitstream");
2635 // Now output the bitstream to the scrollback by line of 16 bits
2636 for (i = 0; i < (bit2idx-16); i+=16) {
2637 PrintToScrollback("%i %i %i %i %i %i %i %i %i %i %i %i %i %i %i %i",
2638 BitStream[i],
2639 BitStream[i+1],
2640 BitStream[i+2],
2641 BitStream[i+3],
2642 BitStream[i+4],
2643 BitStream[i+5],
2644 BitStream[i+6],
2645 BitStream[i+7],
2646 BitStream[i+8],
2647 BitStream[i+9],
2648 BitStream[i+10],
2649 BitStream[i+11],
2650 BitStream[i+12],
2651 BitStream[i+13],
2652 BitStream[i+14],
2653 BitStream[i+15]);
2654 }
2655 }
2656
2657 /*
2658 * Usage ???
2659 */
2660 static void CmdHiddemod(char *str)
2661 {
2662 if(GraphTraceLen < 4800) {
2663 PrintToScrollback("too short; need at least 4800 samples");
2664 return;
2665 }
2666
2667 GraphTraceLen = 4800;
2668 int i;
2669 for(i = 0; i < GraphTraceLen; i++) {
2670 if(GraphBuffer[i] < 0) {
2671 GraphBuffer[i] = 0;
2672 } else {
2673 GraphBuffer[i] = 1;
2674 }
2675 }
2676 RepaintGraphWindow();
2677 }
2678
2679 static void CmdPlot(char *str)
2680 {
2681 ShowGraphWindow();
2682 }
2683
2684 static void CmdGrid(char *str)
2685 {
2686 sscanf(str, "%i %i", &PlotGridX, &PlotGridY);
2687 RepaintGraphWindow();
2688 }
2689
2690 static void CmdHide(char *str)
2691 {
2692 HideGraphWindow();
2693 }
2694
2695 static void CmdScale(char *str)
2696 {
2697 CursorScaleFactor = atoi(str);
2698 if(CursorScaleFactor == 0) {
2699 PrintToScrollback("bad, can't have zero scale");
2700 CursorScaleFactor = 1;
2701 }
2702 RepaintGraphWindow();
2703 }
2704
2705 static void CmdSave(char *str)
2706 {
2707 FILE *f = fopen(str, "w");
2708 if(!f) {
2709 PrintToScrollback("couldn't open '%s'", str);
2710 return;
2711 }
2712 int i;
2713 for(i = 0; i < GraphTraceLen; i++) {
2714 fprintf(f, "%d\n", GraphBuffer[i]);
2715 }
2716 fclose(f);
2717 PrintToScrollback("saved to '%s'", str);
2718 }
2719
2720 static void CmdLoad(char *str)
2721 {
2722 FILE *f = fopen(str, "r");
2723 if(!f) {
2724 PrintToScrollback("couldn't open '%s'", str);
2725 return;
2726 }
2727
2728 GraphTraceLen = 0;
2729 char line[80];
2730 while(fgets(line, sizeof(line), f)) {
2731 GraphBuffer[GraphTraceLen] = atoi(line);
2732 GraphTraceLen++;
2733 }
2734 fclose(f);
2735 PrintToScrollback("loaded %d samples", GraphTraceLen);
2736 RepaintGraphWindow();
2737 }
2738
2739 static void CmdHIDsimTAG(char *str)
2740 {
2741 unsigned int hi=0, lo=0;
2742 int n=0, i=0;
2743 UsbCommand c;
2744
2745 while (sscanf(&str[i++], "%1x", &n ) == 1) {
2746 hi=(hi<<4)|(lo>>28);
2747 lo=(lo<<4)|(n&0xf);
2748 }
2749
2750 PrintToScrollback("Emulating tag with ID %x%16x", hi, lo);
2751
2752 c.cmd = CMD_HID_SIM_TAG;
2753 c.ext1 = hi;
2754 c.ext2 = lo;
2755 SendCommand(&c, FALSE);
2756 }
2757
2758 static void CmdReadmem(char *str)
2759 {
2760 UsbCommand c;
2761 c.cmd = CMD_READ_MEM;
2762 c.ext1 = atoi(str);
2763 SendCommand(&c, FALSE);
2764 }
2765
2766 static void CmdLcdReset(char *str)
2767 {
2768 UsbCommand c;
2769 c.cmd = CMD_LCD_RESET;
2770 c.ext1 = atoi(str);
2771 SendCommand(&c, FALSE);
2772 }
2773
2774 static void CmdLcd(char *str)
2775 {
2776 int i, j;
2777 UsbCommand c;
2778 c.cmd = CMD_LCD;
2779 sscanf(str, "%x %d", &i, &j);
2780 while (j--) {
2781 c.ext1 = i&0x1ff;
2782 SendCommand(&c, FALSE);
2783 }
2784 }
2785
2786 /*
2787 * Sets the divisor for LF frequency clock: lets the user choose any LF frequency below
2788 * 600kHz.
2789 */
2790 static void CmdSetDivisor(char *str)
2791 {
2792 UsbCommand c;
2793 c.cmd = CMD_SET_LF_DIVISOR;
2794 c.ext1 = atoi(str);
2795 if (( c.ext1<0) || (c.ext1>255)) {
2796 PrintToScrollback("divisor must be between 19 and 255");
2797 } else {
2798 SendCommand(&c, FALSE);
2799 PrintToScrollback("Divisor set, expected freq=%dHz", 12000000/(c.ext1+1));
2800 }
2801 }
2802
2803 typedef void HandlerFunction(char *cmdline);
2804
2805 /* in alphabetic order */
2806 static struct {
2807 char *name;
2808 HandlerFunction *handler;
2809 int offline; // 1 if the command can be used when in offline mode
2810 char *docString;
2811 } CommandTable[] = {
2812 {"askdemod", Cmdaskdemod, 1, "<samples per bit> <0|1> -- Attempt to demodulate simple ASK tags"},
2813 {"autocorr", CmdAutoCorr, 1, "<window length> -- Autocorrelation over window"},
2814 {"bitsamples", CmdBitsamples, 0, "Get raw samples as bitstring"},
2815 {"bitstream", Cmdbitstream, 1, "[clock rate] -- Convert waveform into a bitstream"},
2816 {"buffclear", CmdBuffClear, 1, "Clear sample buffer and graph window"},
2817 {"dec", CmdDec, 1, "Decimate samples"},
2818 {"detectclock", Cmddetectclockrate, 1, "Detect clock rate"},
2819 {"detectreader", CmdDetectReader, 0, "['l'|'h'] -- Detect external reader field (option 'l' or 'h' to limit to LF or HF)"},
2820 {"em410xsim", CmdEM410xsim, 1, "<UID> -- Simulate EM410x tag"},
2821 {"em410xread", CmdEM410xread, 1, "[clock rate] -- Extract ID from EM410x tag"},
2822 {"em410xwatch", CmdEM410xwatch, 0, "Watches for EM410x tags"},
2823 {"em4x50read", CmdEM4x50read, 1, "Extract data from EM4x50 tag"},
2824 {"exit", CmdQuit, 1, "Exit program"},
2825 {"flexdemod", CmdFlexdemod, 1, "Demodulate samples for FlexPass"},
2826 {"fpgaoff", CmdFPGAOff, 0, "Set FPGA off"},
2827 {"fskdemod", CmdFSKdemod, 1, "Demodulate graph window as a HID FSK"},
2828 {"grid", CmdGrid, 1, "<x> <y> -- overlay grid on graph window, use zero value to turn off either"},
2829 {"hexsamples", CmdHexsamples, 0, "<blocks> -- Dump big buffer as hex bytes"},
2830 {"hi14alist", CmdHi14alist, 0, "List ISO 14443a history"},
2831 {"hi14areader", CmdHi14areader, 0, "Act like an ISO14443 Type A reader"},
2832 {"hi14asim", CmdHi14asim, 0, "<UID> -- Fake ISO 14443a tag"},
2833 {"hi14asnoop", CmdHi14asnoop, 0, "Eavesdrop ISO 14443 Type A"},
2834 {"hi14bdemod", CmdHi14bdemod, 1, "Demodulate ISO14443 Type B from tag"},
2835 {"hi14list", CmdHi14list, 0, "List ISO 14443 history"},
2836 {"hi14read", CmdHi14read, 0, "Read HF tag (ISO 14443)"},
2837 {"hi14sim", CmdHi14sim, 0, "Fake ISO 14443 tag"},
2838 {"hi14snoop", CmdHi14snoop, 0, "Eavesdrop ISO 14443"},
2839 {"hi15demod", CmdHi15demod, 1, "Demodulate ISO15693 from tag"},
2840 {"hi15read", CmdHi15read, 0, "Read HF tag (ISO 15693)"},
2841 {"hi15reader", CmdHi15reader, 0, "Act like an ISO15693 reader"},
2842 {"hi15sim", CmdHi15tag, 0, "Fake an ISO15693 tag"},
2843 {"hiddemod", CmdHiddemod, 1, "Demodulate HID Prox Card II (not optimal)"},
2844 {"hide", CmdHide, 1, "Hide graph window"},
2845 {"hidfskdemod", CmdHIDdemodFSK, 0, "Realtime HID FSK demodulator"},
2846 {"hidsimtag", CmdHIDsimTAG, 0, "<ID> -- HID tag simulator"},
2847 {"higet", CmdHi14read_sim, 0, "<samples> -- Get samples HF, 'analog'"},
2848 {"hisamples", CmdHisamples, 0, "Get raw samples for HF tag"},
2849 {"hisampless", CmdHisampless, 0, "<samples> -- Get signed raw samples, HF tag"},
2850 {"hisamplest", CmdHi14readt, 0, "Get samples HF, for testing"},
2851 {"hisimlisten", CmdHisimlisten, 0, "Get HF samples as fake tag"},
2852 {"hpf", CmdHpf, 1, "Remove DC offset from trace"},
2853 {"indalademod", CmdIndalademod, 0, "['224'] -- Demodulate samples for Indala 64 bit UID (option '224' for 224 bit)"},
2854 {"lcd", CmdLcd, 0, "<HEX command> <count> -- Send command/data to LCD"},
2855 {"lcdreset", CmdLcdReset, 0, "Hardware reset LCD"},
2856 {"load", CmdLoad, 1, "<filename> -- Load trace (to graph window"},
2857 {"locomread", CmdLoCommandRead, 0, "<off period> <'0' period> <'1' period> <command> ['h'] -- Modulate LF reader field to send command before read (all periods in microseconds) (option 'h' for 134)"},
2858 {"loread", CmdLoread, 0, "['h'] -- Read 125/134 kHz LF ID-only tag (option 'h' for 134)"},
2859 {"losamples", CmdLosamples, 0, "[128 - 16000] -- Get raw samples for LF tag"},
2860 {"losim", CmdLosim, 0, "Simulate LF tag"},
2861 {"ltrim", CmdLtrim, 1, "<samples> -- Trim samples from left of trace"},
2862 {"mandemod", Cmdmanchesterdemod, 1, "[i] [clock rate] -- Manchester demodulate binary stream (option 'i' to invert output)"},
2863 {"manmod", Cmdmanchestermod, 1, "[clock rate] -- Manchester modulate a binary stream"},
2864 {"norm", CmdNorm, 1, "Normalize max/min to +/-500"},
2865 {"plot", CmdPlot, 1, "Show graph window"},
2866 {"quit", CmdQuit, 1, "Quit program"},
2867 {"readmem", CmdReadmem, 0, "[address] -- Read memory at decimal address from flash"},
2868 {"reset", CmdReset, 0, "Reset the Proxmark3"},
2869 {"save", CmdSave, 1, "<filename> -- Save trace (from graph window)"},
2870 {"scale", CmdScale, 1, "<int> -- Set cursor display scale"},
2871 {"setlfdivisor", CmdSetDivisor, 0, "<19 - 255> -- Drive LF antenna at 12Mhz/(divisor+1)"},
2872 {"sri512read", CmdSri512read, 0, "<int> -- Read contents of a SRI512 tag"},
2873 {"tibits", CmdTIBits, 0, "Get raw bits for TI-type LF tag"},
2874 {"tidemod", CmdTIDemod, 1, "Demodulate raw bits for TI-type LF tag"},
2875 {"tireadraw", CmdTIReadRaw, 0, "Read a TI-type 134 kHz tag in raw mode"},
2876 {"tiread", CmdTIRead, 0, "Read and decode a TI 134 kHz tag"},
2877 {"tiwrite", CmdTIWrite, 0, "Write new data to a r/w TI 134 kHz tag"},
2878 {"threshold", CmdThreshold, 1, "Maximize/minimize every value in the graph window depending on threshold"},
2879 {"tune", CmdTune, 0, "Measure antenna tuning"},
2880 {"vchdemod", CmdVchdemod, 0, "['clone'] -- Demodulate samples for VeriChip"},
2881 {"zerocrossings", CmdZerocrossings, 1, "Count time between zero-crossings"},
2882 };
2883
2884 static struct {
2885 char *name;
2886 char *args;
2887 char *argshelp;
2888 char *description;
2889 } CommandExtendedHelp[]= {
2890 {"detectreader","'l'|'h'","'l' specifies LF antenna scan only, 'h' specifies HF antenna scan only.","Monitor antenna for changes in voltage. Output is in three fields: CHANGED, CURRENT, PERIOD,\nwhere CHANGED is the value just changed from, CURRENT is the current value and PERIOD is the\nnumber of program loops since the last change.\n\nThe RED LED indicates LF field detected, and the GREEN LED indicates HF field detected."},
2891 {"tune","","","Drive LF antenna at all divisor range values (19 - 255) and store the results in the output\nbuffer. Issuing 'losamples' and then 'plot' commands will display the resulting peak. 12MHz\ndivided by the peak's position plus one gives the antenna's resonant frequency. For convenience,\nthis value is also printed out by the command."},
2892 };
2893
2894 //-----------------------------------------------------------------------------
2895 // Entry point into our code: called whenever the user types a command and
2896 // then presses Enter, which the full command line that they typed.
2897 //-----------------------------------------------------------------------------
2898 void CommandReceived(char *cmd)
2899 {
2900 int i;
2901 char line[256];
2902
2903 PrintToScrollback("> %s", cmd);
2904
2905 if(strcmp(cmd, "help") == 0 || strncmp(cmd,"help ",strlen("help ")) == 0) {
2906 // check if we're doing extended help
2907 if(strlen(cmd) > strlen("help ")) {
2908 cmd += strlen("help ");
2909 for(i = 0; i < sizeof(CommandExtendedHelp) / sizeof(CommandExtendedHelp[0]); i++) {
2910 if(strcmp(CommandExtendedHelp[i].name,cmd) == 0) {
2911 PrintToScrollback("\nExtended help for '%s':\n", cmd);
2912 PrintToScrollback("Args: %s\t- %s\n",CommandExtendedHelp[i].args,CommandExtendedHelp[i].argshelp);
2913 PrintToScrollback(CommandExtendedHelp[i].description);
2914 PrintToScrollback("");
2915 return;
2916 }
2917 }
2918 PrintToScrollback("No extended help available for '%s'", cmd);
2919 return;
2920 }
2921 if (offline) PrintToScrollback("Operating in OFFLINE mode (no device connected)");
2922 PrintToScrollback("\r\nAvailable commands:");
2923 for(i = 0; i < sizeof(CommandTable) / sizeof(CommandTable[0]); i++) {
2924 if (offline && (CommandTable[i].offline==0)) continue;
2925 memset(line, ' ', sizeof(line));
2926 strcpy(line+2, CommandTable[i].name);
2927 line[strlen(line)] = ' ';
2928 sprintf(line+15, " -- %s", CommandTable[i].docString);
2929 PrintToScrollback("%s", line);
2930 }
2931 PrintToScrollback("");
2932 PrintToScrollback("'help <command>' for extended help on that command\n");
2933 return;
2934 }
2935
2936 for(i = 0; i < sizeof(CommandTable) / sizeof(CommandTable[0]); i++) {
2937 char *name = CommandTable[i].name;
2938 if(memcmp(cmd, name, strlen(name))==0 &&
2939 (cmd[strlen(name)] == ' ' || cmd[strlen(name)] == '\0'))
2940 {
2941 cmd += strlen(name);
2942 while(*cmd == ' ') {
2943 cmd++;
2944 }
2945 if (offline && (CommandTable[i].offline==0)) {
2946 PrintToScrollback("Offline mode, cannot use this command.");
2947 return;
2948 }
2949 (CommandTable[i].handler)(cmd);
2950 return;
2951 }
2952 }
2953 PrintToScrollback(">> bad command '%s'", cmd);
2954 }
2955
2956 //-----------------------------------------------------------------------------
2957 // Entry point into our code: called whenever we received a packet over USB
2958 // that we weren't necessarily expecting, for example a debug print.
2959 //-----------------------------------------------------------------------------
2960 void UsbCommandReceived(UsbCommand *c)
2961 {
2962 switch(c->cmd) {
2963 case CMD_DEBUG_PRINT_STRING: {
2964 char s[100];
2965 if(c->ext1 > 70 || c->ext1 < 0) {
2966 c->ext1 = 0;
2967 }
2968 memcpy(s, c->d.asBytes, c->ext1);
2969 s[c->ext1] = '\0';
2970 PrintToScrollback("#db# %s", s);
2971 break;
2972 }
2973
2974 case CMD_DEBUG_PRINT_INTEGERS:
2975 PrintToScrollback("#db# %08x, %08x, %08x\r\n", c->ext1, c->ext2, c->ext3);
2976 break;
2977
2978 case CMD_MEASURED_ANTENNA_TUNING: {
2979 int peakv, peakf;
2980 int vLf125, vLf134, vHf;
2981 vLf125 = c->ext1 & 0xffff;
2982 vLf134 = c->ext1 >> 16;
2983 vHf = c->ext2 & 0xffff;;
2984 peakf = c->ext3 & 0xffff;
2985 peakv = c->ext3 >> 16;
2986 PrintToScrollback("");
2987 PrintToScrollback("");
2988 PrintToScrollback("# LF antenna: %5.2f V @ 125.00 kHz", vLf125/1000.0);
2989 PrintToScrollback("# LF antenna: %5.2f V @ 134.00 kHz", vLf134/1000.0);
2990 PrintToScrollback("# LF optimal: %5.2f V @%9.2f kHz", peakv/1000.0, 12000.0/(peakf+1));
2991 PrintToScrollback("# HF antenna: %5.2f V @ 13.56 MHz", vHf/1000.0);
2992 if (peakv<2000)
2993 PrintToScrollback("# Your LF antenna is unusable.");
2994 else if (peakv<10000)
2995 PrintToScrollback("# Your LF antenna is marginal.");
2996 if (vHf<2000)
2997 PrintToScrollback("# Your HF antenna is unusable.");
2998 else if (vHf<5000)
2999 PrintToScrollback("# Your HF antenna is marginal.");
3000 break;
3001 }
3002 default:
3003 PrintToScrollback("unrecognized command %08x\n", c->cmd);
3004 break;
3005 }
3006 }
Proxmark3 GIT tracking
Impressum, Datenschutz