]> cvs.zerfleddert.de Git - proxmark3-svn/blob - common/lfdemod.c
projects / proxmark3-svn / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
chg: updated the README.txt
[proxmark3-svn] / common / lfdemod.c
1 //-----------------------------------------------------------------------------
2 // Copyright (C) 2014
3 //
4 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
5 // at your option, any later version. See the LICENSE.txt file for the text of
6 // the license.
7 //-----------------------------------------------------------------------------
8 // Low frequency commands
9 //-----------------------------------------------------------------------------
10
11 #include <stdlib.h>
12 #include <string.h>
13 #include "lfdemod.h"
14
15 //by marshmellow
16 //takes 1s and 0s and searches for EM410x format - output EM ID
17 uint64_t Em410xDecode(uint8_t *BitStream,uint32_t BitLen)
18 {
19 //no arguments needed - built this way in case we want this to be a direct call from "data " cmds in the future
20 // otherwise could be a void with no arguments
21 //set defaults
22 int high=0, low=128;
23 uint64_t lo=0; //hi=0,
24
25 uint32_t i = 0;
26 uint32_t initLoopMax = 65;
27 if (initLoopMax>BitLen) initLoopMax=BitLen;
28
29 for (;i < initLoopMax; ++i) //65 samples should be plenty to find high and low values
30 {
31 if (BitStream[i] > high)
32 high = BitStream[i];
33 else if (BitStream[i] < low)
34 low = BitStream[i];
35 }
36 if (((high !=1)||(low !=0))){ //allow only 1s and 0s
37 // PrintAndLog("no data found");
38 return 0;
39 }
40 uint8_t parityTest=0;
41 // 111111111 bit pattern represent start of frame
42 uint8_t frame_marker_mask[] = {1,1,1,1,1,1,1,1,1};
43 uint32_t idx = 0;
44 uint32_t ii=0;
45 uint8_t resetCnt = 0;
46 while( (idx + 64) < BitLen) {
47 restart:
48 // search for a start of frame marker
49 if ( memcmp(BitStream+idx, frame_marker_mask, sizeof(frame_marker_mask)) == 0)
50 { // frame marker found
51 idx+=9;//sizeof(frame_marker_mask);
52 for (i=0; i<10;i++){
53 for(ii=0; ii<5; ++ii){
54 parityTest += BitStream[(i*5)+ii+idx];
55 }
56 if (parityTest== ((parityTest>>1)<<1)){
57 parityTest=0;
58 for (ii=0; ii<4;++ii){
59 //hi = (hi<<1)|(lo>>31);
60 lo=(lo<<1LL)|(BitStream[(i*5)+ii+idx]);
61 }
62 //PrintAndLog("DEBUG: EM parity passed parity val: %d, i:%d, ii:%d,idx:%d, Buffer: %d%d%d%d%d,lo: %d",parityTest,i,ii,idx,BitStream[idx+ii+(i*5)-5],BitStream[idx+ii+(i*5)-4],BitStream[idx+ii+(i*5)-3],BitStream[idx+ii+(i*5)-2],BitStream[idx+ii+(i*5)-1],lo);
63 }else {//parity failed
64 //PrintAndLog("DEBUG: EM parity failed parity val: %d, i:%d, ii:%d,idx:%d, Buffer: %d%d%d%d%d",parityTest,i,ii,idx,BitStream[idx+ii+(i*5)-5],BitStream[idx+ii+(i*5)-4],BitStream[idx+ii+(i*5)-3],BitStream[idx+ii+(i*5)-2],BitStream[idx+ii+(i*5)-1]);
65 parityTest=0;
66 idx-=8;
67 if (resetCnt>5)return 0;
68 resetCnt++;
69 goto restart;//continue;
70 }
71 }
72 //skip last 5 bit parity test for simplicity.
73 return lo;
74 }else{
75 idx++;
76 }
77 }
78 return 0;
79 }
80
81 //by marshmellow
82 //takes 2 arguments - clock and invert both as integers
83 //attempts to demodulate ask while decoding manchester
84 //prints binary found and saves in graphbuffer for further commands
85 int askmandemod(uint8_t * BinStream,uint32_t *BitLen,int *clk, int *invert)
86 {
87 int i;
88 int high = 0, low = 128;
89 *clk=DetectASKClock(BinStream,(size_t)*BitLen,*clk); //clock default
90
91 if (*clk<8) *clk =64;
92 if (*clk<32) *clk=32;
93 if (*invert != 1) *invert=0;
94
95 uint32_t initLoopMax = 200;
96 if (initLoopMax>*BitLen) initLoopMax=*BitLen;
97
98 // Detect high and lows
99 for (i = 0; i < initLoopMax; ++i) //200 samples should be enough to find high and low values
100 {
101 if (BinStream[i] > high)
102 high = BinStream[i];
103 else if (BinStream[i] < low)
104 low = BinStream[i];
105 }
106 if ((high < 158) ){ //throw away static
107 return -2;
108 }
109 //25% fuzz in case highs and lows aren't clipped [marshmellow]
110 high=(int)((high-128)*.75)+128;
111 low= (int)((low-128)*.75)+128;
112
113 //PrintAndLog("DEBUG - valid high: %d - valid low: %d",high,low);
114 int lastBit = 0; //set first clock check
115 uint32_t bitnum = 0; //output counter
116 int tol = 0; //clock tolerance adjust - waves will be accepted as within the clock if they fall + or - this value + clock from last valid wave
117 if (*clk==32)tol=1; //clock tolerance may not be needed anymore currently set to + or - 1 but could be increased for poor waves or removed entirely
118 int iii = 0;
119 uint32_t gLen = *BitLen;
120 if (gLen > 3000) gLen=3000;
121 uint8_t errCnt =0;
122 uint32_t bestStart = *BitLen;
123 uint32_t bestErrCnt = (*BitLen/1000);
124 uint32_t maxErr = (*BitLen/1000);
125
126 //loop to find first wave that works
127 for (iii=0; iii < gLen; ++iii){
128 if ((BinStream[iii]>=high)||(BinStream[iii]<=low)){
129 lastBit=iii-*clk;
130 errCnt=0;
131 //loop through to see if this start location works
132 for (i = iii; i < *BitLen; ++i) {
133 if ((BinStream[i] >= high) && ((i-lastBit)>(*clk-tol))){
134 lastBit+=*clk;
135 } else if ((BinStream[i] <= low) && ((i-lastBit)>(*clk-tol))){
136 //low found and we are expecting a bar
137 lastBit+=*clk;
138 } else {
139 //mid value found or no bar supposed to be here
140 if ((i-lastBit)>(*clk+tol)){
141 //should have hit a high or low based on clock!!
142
143 errCnt++;
144 lastBit+=*clk;//skip over until hit too many errors
145 if (errCnt>(maxErr)) break; //allow 1 error for every 1000 samples else start over
146 }
147 }
148 if ((i-iii) >(400 * *clk)) break; //got plenty of bits
149 }
150 //we got more than 64 good bits and not all errors
151 if ((((i-iii)/ *clk) > (64+errCnt)) && (errCnt<maxErr)) {
152 //possible good read
153 if (errCnt==0){
154 bestStart=iii;
155 bestErrCnt=errCnt;
156 break; //great read - finish
157 }
158 if (errCnt<bestErrCnt){ //set this as new best run
159 bestErrCnt=errCnt;
160 bestStart = iii;
161 }
162 }
163 }
164 }
165 if (bestErrCnt<maxErr){
166 //best run is good enough set to best run and set overwrite BinStream
167 iii=bestStart;
168 lastBit=bestStart-*clk;
169 bitnum=0;
170 for (i = iii; i < *BitLen; ++i) {
171 if ((BinStream[i] >= high) && ((i-lastBit)>(*clk-tol))){
172 lastBit+=*clk;
173 BinStream[bitnum] = *invert;
174 bitnum++;
175 } else if ((BinStream[i] <= low) && ((i-lastBit)>(*clk-tol))){
176 //low found and we are expecting a bar
177 lastBit+=*clk;
178 BinStream[bitnum] = 1-*invert;
179 bitnum++;
180 } else {
181 //mid value found or no bar supposed to be here
182 if ((i-lastBit)>(*clk+tol)){
183 //should have hit a high or low based on clock!!
184
185 if (bitnum > 0){
186 BinStream[bitnum]=77;
187 bitnum++;
188 }
189
190 lastBit+=*clk;//skip over error
191 }
192 }
193 if (bitnum >=400) break;
194 }
195 *BitLen=bitnum;
196 } else{
197 *invert=bestStart;
198 *clk=iii;
199 return -1;
200 }
201 return bestErrCnt;
202 }
203
204 //by marshmellow
205 //take 10 and 01 and manchester decode
206 //run through 2 times and take least errCnt
207 int manrawdecode(uint8_t * BitStream, int *bitLen)
208 {
209 int bitnum=0;
210 int errCnt =0;
211 int i=1;
212 int bestErr = 1000;
213 int bestRun = 0;
214 int ii=1;
215 for (ii=1;ii<3;++ii){
216 i=1;
217 for (i=i+ii;i<*bitLen-2;i+=2){
218 if(BitStream[i]==1 && (BitStream[i+1]==0)){
219 } else if((BitStream[i]==0)&& BitStream[i+1]==1){
220 } else {
221 errCnt++;
222 }
223 if(bitnum>300) break;
224 }
225 if (bestErr>errCnt){
226 bestErr=errCnt;
227 bestRun=ii;
228 }
229 errCnt=0;
230 }
231 errCnt=bestErr;
232 if (errCnt<20){
233 ii=bestRun;
234 i=1;
235 for (i=i+ii;i<*bitLen-2;i+=2){
236 if(BitStream[i]==1 && (BitStream[i+1]==0)){
237 BitStream[bitnum++]=0;
238 } else if((BitStream[i]==0)&& BitStream[i+1]==1){
239 BitStream[bitnum++]=1;
240 } else {
241 BitStream[bitnum++]=77;
242 //errCnt++;
243 }
244 if(bitnum>300) break;
245 }
246 *bitLen=bitnum;
247 }
248 return errCnt;
249 }
250
251
252 //by marshmellow
253 //take 01 or 10 = 0 and 11 or 00 = 1
254 int BiphaseRawDecode(uint8_t * BitStream, int *bitLen, int offset)
255 {
256 uint8_t bitnum = 0;
257 uint32_t errCnt = 0;
258 uint32_t i = 1;
259 i=offset;
260 for (;i<*bitLen-2;i+=2){
261 if((BitStream[i]==1 && BitStream[i+1]==0)||(BitStream[i]==0 && BitStream[i+1]==1)){
262 BitStream[bitnum++]=1;
263 } else if((BitStream[i]==0 && BitStream[i+1]==0)||(BitStream[i]==1 && BitStream[i+1]==1)){
264 BitStream[bitnum++]=0;
265 } else {
266 BitStream[bitnum++]=77;
267 errCnt++;
268 }
269 if(bitnum>250) break;
270 }
271 *bitLen=bitnum;
272 return errCnt;
273 }
274
275 //by marshmellow
276 //takes 2 arguments - clock and invert both as integers
277 //attempts to demodulate ask only
278 //prints binary found and saves in graphbuffer for further commands
279 int askrawdemod(uint8_t *BinStream, int *bitLen,int *clk, int *invert)
280 {
281 uint32_t i;
282 // int invert=0; //invert default
283 int high = 0, low = 128;
284 *clk=DetectASKClock(BinStream,*bitLen,*clk); //clock default
285 uint8_t BitStream[502] = {0};
286
287 if (*clk<8) *clk =64;
288 if (*clk<32) *clk=32;
289 if (*invert != 1) *invert = 0;
290
291 uint32_t initLoopMax = 200;
292 if (initLoopMax>*bitLen) initLoopMax=*bitLen;
293 // Detect high and lows
294 for (i = 0; i < initLoopMax; ++i) //200 samples should be plenty to find high and low values
295 {
296 if (BinStream[i] > high)
297 high = BinStream[i];
298 else if (BinStream[i] < low)
299 low = BinStream[i];
300 }
301 if ((high < 158)){ //throw away static
302 return -2;
303 }
304 //25% fuzz in case highs and lows aren't clipped [marshmellow]
305 high=(int)((high-128)*.75)+128;
306 low= (int)((low-128)*.75)+128;
307
308 int lastBit = 0; //set first clock check
309 uint32_t bitnum = 0; //output counter
310 uint8_t tol = 0; //clock tolerance adjust - waves will be accepted as within the clock if they fall + or - this value + clock from last valid wave
311 if (*clk==32) tol=1; //clock tolerance may not be needed anymore currently set to + or - 1 but could be increased for poor waves or removed entirely
312 uint32_t iii = 0;
313 uint32_t gLen = *bitLen;
314 if (gLen > 500) gLen=500;
315 uint8_t errCnt =0;
316 uint32_t bestStart = *bitLen;
317 uint32_t bestErrCnt = (*bitLen/1000);
318 uint8_t midBit=0;
319
320 //loop to find first wave that works
321 for (iii=0; iii < gLen; ++iii){
322 if ((BinStream[iii]>=high)||(BinStream[iii]<=low)){
323 lastBit=iii-*clk;
324 //loop through to see if this start location works
325 for (i = iii; i < *bitLen; ++i) {
326 if ((BinStream[i] >= high) && ((i-lastBit)>(*clk-tol))){
327 lastBit+=*clk;
328 BitStream[bitnum] = *invert;
329 bitnum++;
330 midBit=0;
331 } else if ((BinStream[i] <= low) && ((i-lastBit)>(*clk-tol))){
332 //low found and we are expecting a bar
333 lastBit+=*clk;
334 BitStream[bitnum] = 1-*invert;
335 bitnum++;
336 midBit=0;
337 } else if ((BinStream[i]<=low) && (midBit==0) && ((i-lastBit)>((*clk/2)-tol))){
338 //mid bar?
339 midBit=1;
340 BitStream[bitnum]= 1-*invert;
341 bitnum++;
342 } else if ((BinStream[i]>=high)&&(midBit==0) && ((i-lastBit)>((*clk/2)-tol))){
343 //mid bar?
344 midBit=1;
345 BitStream[bitnum]= *invert;
346 bitnum++;
347 } else if ((i-lastBit)>((*clk/2)+tol)&&(midBit==0)){
348 //no mid bar found
349 midBit=1;
350 BitStream[bitnum]= BitStream[bitnum-1];
351 bitnum++;
352 } else {
353 //mid value found or no bar supposed to be here
354
355 if ((i-lastBit)>(*clk+tol)){
356 //should have hit a high or low based on clock!!
357
358 if (bitnum > 0){
359 BitStream[bitnum]=77;
360 bitnum++;
361 }
362
363 errCnt++;
364 lastBit+=*clk;//skip over until hit too many errors
365 if (errCnt>((*bitLen/1000))){ //allow 1 error for every 1000 samples else start over
366 errCnt=0;
367 bitnum=0;//start over
368 break;
369 }
370 }
371 }
372 if (bitnum>500) break;
373 }
374 //we got more than 64 good bits and not all errors
375 if ((bitnum > (64+errCnt)) && (errCnt<(*bitLen/1000))) {
376 //possible good read
377 if (errCnt==0) break; //great read - finish
378 if (bestStart == iii) break; //if current run == bestErrCnt run (after exhausted testing) then finish
379 if (errCnt<bestErrCnt){ //set this as new best run
380 bestErrCnt=errCnt;
381 bestStart = iii;
382 }
383 }
384 }
385 if (iii>=gLen){ //exhausted test
386 //if there was a ok test go back to that one and re-run the best run (then dump after that run)
387 if (bestErrCnt < (*bitLen/1000)) iii=bestStart;
388 }
389 }
390 if (bitnum>16){
391
392 for (i=0; i < bitnum; ++i){
393 BinStream[i]=BitStream[i];
394 }
395 *bitLen = bitnum;
396 } else {
397 return -1;
398 }
399 return errCnt;
400 }
401 //translate wave to 11111100000 (1 for each short wave 0 for each long wave)
402 size_t fsk_wave_demod(uint8_t * dest, size_t size, uint8_t fchigh, uint8_t fclow)
403 {
404 uint32_t last_transition = 0;
405 uint32_t idx = 1;
406 uint32_t maxVal=0;
407 if (fchigh==0) fchigh=10;
408 if (fclow==0) fclow=8;
409 // we do care about the actual theshold value as sometimes near the center of the
410 // wave we may get static that changes direction of wave for one value
411 // if our value is too low it might affect the read. and if our tag or
412 // antenna is weak a setting too high might not see anything. [marshmellow]
413 if (size<100) return 0;
414 for(idx=1; idx<100; idx++){
415 if(maxVal<dest[idx]) maxVal = dest[idx];
416 }
417 // set close to the top of the wave threshold with 25% margin for error
418 // less likely to get a false transition up there.
419 // (but have to be careful not to go too high and miss some short waves)
420 uint8_t threshold_value = (uint8_t)(((maxVal-128)*.75)+128);
421
422 // sync to first lo-hi transition, and threshold
423 // Need to threshold first sample
424
425 if(dest[0] < threshold_value) dest[0] = 0;
426 else dest[0] = 1;
427
428 size_t numBits = 0;
429 // count cycles between consecutive lo-hi transitions, there should be either 8 (fc/8)
430 // or 10 (fc/10) cycles but in practice due to noise etc we may end up with with anywhere
431 // between 7 to 11 cycles so fuzz it by treat anything <9 as 8 and anything else as 10
432 for(idx = 1; idx < size; idx++) {
433 // threshold current value
434
435 if (dest[idx] < threshold_value) dest[idx] = 0;
436 else dest[idx] = 1;
437
438 // Check for 0->1 transition
439 if (dest[idx-1] < dest[idx]) { // 0 -> 1 transition
440 if ((idx-last_transition)<(fclow-2)){ //0-5 = garbage noise
441 //do nothing with extra garbage
442 } else if ((idx-last_transition) < (fchigh-1)) { //6-8 = 8 waves
443 dest[numBits]=1;
444 } else { //9+ = 10 waves
445 dest[numBits]=0;
446 }
447 last_transition = idx;
448 numBits++;
449 }
450 }
451 return numBits; //Actually, it returns the number of bytes, but each byte represents a bit: 1 or 0
452 }
453
454 uint32_t myround2(float f)
455 {
456 if (f >= 2000) return 2000;//something bad happened
457 return (uint32_t) (f + (float)0.5);
458 }
459
460 //translate 11111100000 to 10
461 size_t aggregate_bits(uint8_t *dest,size_t size, uint8_t rfLen, uint8_t maxConsequtiveBits, uint8_t invert,uint8_t fchigh,uint8_t fclow )// uint8_t h2l_crossing_value,uint8_t l2h_crossing_value,
462 {
463 uint8_t lastval=dest[0];
464 uint32_t idx=0;
465 size_t numBits=0;
466 uint32_t n=1;
467
468 for( idx=1; idx < size; idx++) {
469
470 if (dest[idx]==lastval) {
471 n++;
472 continue;
473 }
474 //if lastval was 1, we have a 1->0 crossing
475 if ( dest[idx-1]==1 ) {
476 n=myround2((float)(n+1)/((float)(rfLen)/(float)fclow));
477 //n=(n+1) / h2l_crossing_value;
478 } else {// 0->1 crossing
479 n=myround2((float)(n+1)/((float)(rfLen-2)/(float)fchigh)); //-2 for fudge factor
480 //n=(n+1) / l2h_crossing_value;
481 }
482 if (n == 0) n = 1;
483
484 if(n < maxConsequtiveBits) //Consecutive
485 {
486 if(invert==0){ //invert bits
487 memset(dest+numBits, dest[idx-1] , n);
488 }else{
489 memset(dest+numBits, dest[idx-1]^1 , n);
490 }
491 numBits += n;
492 }
493 n=0;
494 lastval=dest[idx];
495 }//end for
496 return numBits;
497 }
498 //by marshmellow (from holiman's base)
499 // full fsk demod from GraphBuffer wave to decoded 1s and 0s (no mandemod)
500 int fskdemod(uint8_t *dest, size_t size, uint8_t rfLen, uint8_t invert, uint8_t fchigh, uint8_t fclow)
501 {
502 // FSK demodulator
503 size = fsk_wave_demod(dest, size, fchigh, fclow);
504 size = aggregate_bits(dest, size,rfLen,192,invert,fchigh,fclow);
505 return size;
506 }
507 // loop to get raw HID waveform then FSK demodulate the TAG ID from it
508 int HIDdemodFSK(uint8_t *dest, size_t size, uint32_t *hi2, uint32_t *hi, uint32_t *lo)
509 {
510
511 size_t idx=0; //, found=0; //size=0,
512 // FSK demodulator
513 size = fskdemod(dest, size,50,0,10,8);
514
515 // final loop, go over previously decoded manchester data and decode into usable tag ID
516 // 111000 bit pattern represent start of frame, 01 pattern represents a 1 and 10 represents a 0
517 uint8_t frame_marker_mask[] = {1,1,1,0,0,0};
518 int numshifts = 0;
519 idx = 0;
520 //one scan
521 while( idx + sizeof(frame_marker_mask) < size) {
522 // search for a start of frame marker
523 if ( memcmp(dest+idx, frame_marker_mask, sizeof(frame_marker_mask)) == 0)
524 { // frame marker found
525 idx+=sizeof(frame_marker_mask);
526 while(dest[idx] != dest[idx+1] && idx < size-2)
527 {
528 // Keep going until next frame marker (or error)
529 // Shift in a bit. Start by shifting high registers
530 *hi2 = (*hi2<<1)|(*hi>>31);
531 *hi = (*hi<<1)|(*lo>>31);
532 //Then, shift in a 0 or one into low
533 if (dest[idx] && !dest[idx+1]) // 1 0
534 *lo=(*lo<<1)|0;
535 else // 0 1
536 *lo=(*lo<<1)|1;
537 numshifts++;
538 idx += 2;
539 }
540 // Hopefully, we read a tag and hit upon the next frame marker
541 if(idx + sizeof(frame_marker_mask) < size)
542 {
543 if ( memcmp(dest+idx, frame_marker_mask, sizeof(frame_marker_mask)) == 0)
544 {
545 //good return
546 return idx;
547 }
548 }
549 // reset
550 *hi2 = *hi = *lo = 0;
551 numshifts = 0;
552 }else {
553 idx++;
554 }
555 }
556 return -1;
557 }
558
559 uint32_t bytebits_to_byte(uint8_t* src, int numbits)
560 {
561 uint32_t num = 0;
562 for(int i = 0 ; i < numbits ; i++) {
563 num = (num << 1) | (*src);
564 src++;
565 }
566 return num;
567 }
568
569 int IOdemodFSK(uint8_t *dest, size_t size)
570 {
571 uint32_t idx=0;
572 //make sure buffer has data
573 if (size < 66) return -1;
574 //test samples are not just noise
575 uint8_t testMax=0;
576 for(idx=0;idx<65;idx++){
577 if (testMax<dest[idx]) testMax=dest[idx];
578 }
579 idx=0;
580 //if not just noise
581 if (testMax>170){
582 // FSK demodulator
583 size = fskdemod(dest, size,64,1,10,8); // RF/64 and invert
584 if (size < 65) return -1; //did we get a good demod?
585 //Index map
586 //0 10 20 30 40 50 60
587 //| | | | | | |
588 //01234567 8 90123456 7 89012345 6 78901234 5 67890123 4 56789012 3 45678901 23
589 //-----------------------------------------------------------------------------
590 //00000000 0 11110000 1 facility 1 version* 1 code*one 1 code*two 1 ???????? 11
591 //
592 //XSF(version)facility:codeone+codetwo
593 //Handle the data
594 uint8_t mask[] = {0,0,0,0,0,0,0,0,0,1};
595 for( idx=0; idx < (size - 65); idx++) {
596 if ( memcmp(dest + idx, mask, sizeof(mask))==0) {
597 //frame marker found
598 if (!dest[idx+8] && dest[idx+17]==1 && dest[idx+26]==1 && dest[idx+35]==1 && dest[idx+44]==1 && dest[idx+53]==1){
599 //confirmed proper separator bits found
600 //return start position
601 return (int) idx;
602 }
603 }
604 }
605 }
606 return 0;
607 }
608
609 // by marshmellow
610 // not perfect especially with lower clocks or VERY good antennas (heavy wave clipping)
611 // maybe somehow adjust peak trimming value based on samples to fix?
612 int DetectASKClock(uint8_t dest[], size_t size, int clock)
613 {
614 int i=0;
615 int peak=0;
616 int low=128;
617 int clk[]={16,32,40,50,64,100,128,256};
618 int loopCnt = 256; //don't need to loop through entire array...
619 if (size<loopCnt) loopCnt = size;
620
621 //if we already have a valid clock quit
622 for (;i<8;++i)
623 if (clk[i]==clock) return clock;
624
625 //get high and low peak
626 for (i=0;i<loopCnt;++i){
627 if(dest[i]>peak){
628 peak = dest[i];
629 }
630 if(dest[i]<low){
631 low = dest[i];
632 }
633 }
634 peak=(int)((peak-128)*.75)+128;
635 low= (int)((low-128)*.75)+128;
636 int ii;
637 int clkCnt;
638 int tol = 0;
639 int bestErr=1000;
640 int errCnt[]={0,0,0,0,0,0,0,0};
641 //test each valid clock from smallest to greatest to see which lines up
642 for(clkCnt=0; clkCnt<6;++clkCnt){
643 if (clk[clkCnt]==32){
644 tol=1;
645 }else{
646 tol=0;
647 }
648 bestErr=1000;
649 //try lining up the peaks by moving starting point (try first 256)
650 for (ii=0; ii<loopCnt; ++ii){
651 if ((dest[ii]>=peak) || (dest[ii]<=low)){
652 errCnt[clkCnt]=0;
653 // now that we have the first one lined up test rest of wave array
654 for (i=0; i<((int)(size/clk[clkCnt])-1); ++i){
655 if (dest[ii+(i*clk[clkCnt])]>=peak || dest[ii+(i*clk[clkCnt])]<=low){
656 }else if(dest[ii+(i*clk[clkCnt])-tol]>=peak || dest[ii+(i*clk[clkCnt])-tol]<=low){
657 }else if(dest[ii+(i*clk[clkCnt])+tol]>=peak || dest[ii+(i*clk[clkCnt])+tol]<=low){
658 }else{ //error no peak detected
659 errCnt[clkCnt]++;
660 }
661 }
662 //if we found no errors this is correct one - return this clock
663 if(errCnt[clkCnt]==0) return clk[clkCnt];
664 //if we found errors see if it is lowest so far and save it as best run
665 if(errCnt[clkCnt]<bestErr) bestErr=errCnt[clkCnt];
666 }
667 }
668 }
669 int iii=0;
670 int best=0;
671 for (iii=0; iii<6;++iii){
672 if (errCnt[iii]<errCnt[best]){
673 best = iii;
674 }
675 }
676 return clk[best];
677 }
Proxmark3 GIT tracking
Impressum, Datenschutz