1 //-----------------------------------------------------------------------------
3 // Copyright (C) 2010 iZsh <izsh at fail0verflow.com>, Hagen Fritsch
5 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
6 // at your option, any later version. See the LICENSE.txt file for the text of
8 //-----------------------------------------------------------------------------
9 // High frequency ISO14443A commands
10 //-----------------------------------------------------------------------------
17 #include "iso14443crc.h"
21 #include "cmdparser.h"
26 static int CmdHelp(const char *Cmd
);
28 int CmdHF14AList(const char *Cmd
)
31 GetFromBigBuf(got
, sizeof(got
));
33 PrintAndLog("recorded activity:");
34 PrintAndLog(" ETU :rssi: who bytes");
35 PrintAndLog("---------+----+----+-----------");
46 int timestamp
= *((uint32_t *)(got
+i
));
47 if (timestamp
& 0x80000000) {
48 timestamp
&= 0x7fffffff;
55 int parityBits
= *((uint32_t *)(got
+i
+4));
56 // 4 bytes of additional information...
57 // maximum of 32 additional parity bit information
60 // at each quarter bit period we can send power level (16 levels)
61 // or each half bit period in 256 levels.
69 if (i
+ len
>= 1900) {
73 uint8_t *frame
= (got
+i
+9);
75 // Break and stick with current result if buffer was not completely full
76 if (frame
[0] == 0x44 && frame
[1] == 0x44 && frame
[3] == 0x44) { break; }
80 for (j
= 0; j
< len
; j
++) {
85 oddparity
^= (((frame
[j
] & 0xFF) >> k
) & 0x01);
88 //if((parityBits >> (len - j - 1)) & 0x01) {
89 if (isResponse
&& (oddparity
!= ((parityBits
>> (len
- j
- 1)) & 0x01))) {
90 sprintf(line
+(j
*4), "%02x! ", frame
[j
]);
93 sprintf(line
+(j
*4), "%02x ", frame
[j
]);
101 for (j
= 0; j
< (len
- 1); j
++) {
102 // gives problems... search for the reason..
103 /*if(frame[j] == 0xAA) {
106 crc = "[1] Two drops close after each other";
109 crc = "[2] Potential SOC with a drop in second half of bitperiod";
112 crc = "[3] Segment Z after segment X is not possible";
115 crc = "[4] Parity bit of a fully received byte was wrong";
118 crc = "[?] Unknown error";
125 if (strlen(crc
)==0) {
126 ComputeCrc14443(CRC_14443_A
, frame
, len
-2, &b1
, &b2
);
127 if (b1
!= frame
[len
-2] || b2
!= frame
[len
-1]) {
128 crc
= (isResponse
& (len
< 6)) ? "" : " !crc";
137 char metricString
[100];
139 sprintf(metricString
, "%3d", metric
);
141 strcpy(metricString
, " ");
144 PrintAndLog(" +%7d: %s: %s %s %s",
145 (prev
< 0 ? 0 : (timestamp
- prev
)),
147 (isResponse
? "TAG" : " "), line
, crc
);
155 void iso14a_set_timeout(uint32_t timeout
) {
156 UsbCommand c
= {CMD_READER_ISO_14443a
, {ISO14A_SET_TIMEOUT
, 0, timeout
}};
160 int CmdHF14AReader(const char *Cmd
)
162 UsbCommand c
= {CMD_READER_ISO_14443a
, {ISO14A_CONNECT
, 0, 0}};
164 UsbCommand
* resp
= WaitForResponse(CMD_ACK
);
165 uint8_t * uid
= resp
->d
.asBytes
;
166 iso14a_card_select_t
* card
= (iso14a_card_select_t
*)(uid
+ 12);
168 if(resp
->arg
[0] == 0) {
169 PrintAndLog("iso14443a card select failed");
173 PrintAndLog("ATQA : %02x %02x", card
->atqa
[0], card
->atqa
[1]);
174 PrintAndLog(" UID : %s", sprint_hex(uid
, 12));
175 PrintAndLog(" SAK : %02x [%d]", card
->sak
, resp
->arg
[0]);
178 case 0x00: PrintAndLog(" SAK : NXP MIFARE Ultralight | Ultralight C"); break;
179 case 0x04: PrintAndLog(" SAK : NXP MIFARE (various !DESFire !DESFire EV1)"); break;
181 case 0x08: PrintAndLog(" SAK : NXP MIFARE CLASSIC 1k | Plus 2k"); break;
182 case 0x09: PrintAndLog(" SAK : NXP MIFARE Mini 0.3k"); break;
183 case 0x10: PrintAndLog(" SAK : NXP MIFARE Plus 2k"); break;
184 case 0x11: PrintAndLog(" SAK : NXP MIFARE Plus 4k"); break;
185 case 0x18: PrintAndLog(" SAK : NXP MIFARE Classic 4k | Plus 4k"); break;
186 case 0x20: PrintAndLog(" SAK : NXP MIFARE DESFire 4k | DESFire EV1 2k/4k/8k | Plus 2k/4k | JCOP 31/41"); break;
187 case 0x24: PrintAndLog(" SAK : NXP MIFARE DESFire | DESFire EV1"); break;
188 case 0x28: PrintAndLog(" SAK : JCOP31 or JCOP41 v2.3.1"); break;
189 case 0x38: PrintAndLog(" SAK : Nokia 6212 or 6131 MIFARE CLASSIC 4K"); break;
190 case 0x88: PrintAndLog(" SAK : Infineon MIFARE CLASSIC 1K"); break;
191 case 0x98: PrintAndLog(" SAK : Gemplus MPCOS"); break;
194 if(resp
->arg
[0] == 1)
195 PrintAndLog(" ATS : %s", sprint_hex(card
->ats
, card
->ats_len
));
197 PrintAndLog("proprietary non-iso14443a card found, RATS not supported");
202 // ## simulate iso14443a tag
203 // ## greg - added ability to specify tag UID
204 int CmdHF14ASim(const char *Cmd
)
207 unsigned int hi
= 0, lo
= 0;
209 while (sscanf(&Cmd
[i
++], "%1x", &n
) == 1) {
210 hi
= (hi
<< 4) | (lo
>> 28);
211 lo
= (lo
<< 4) | (n
& 0xf);
214 // c.arg should be set to *Cmd or convert *Cmd to the correct format for a uid
215 UsbCommand c
= {CMD_SIMULATE_TAG_ISO_14443a
, {hi
, lo
, 0}};
216 PrintAndLog("Emulating 14443A TAG with UID %x%16x", hi
, lo
);
221 int CmdHF14ASnoop(const char *Cmd
)
223 UsbCommand c
= {CMD_SNOOP_ISO_14443a
};
228 static command_t CommandTable
[] =
230 {"help", CmdHelp
, 1, "This help"},
231 {"list", CmdHF14AList
, 0, "List ISO 14443a history"},
232 {"reader", CmdHF14AReader
, 0, "Act like an ISO14443 Type A reader"},
233 {"sim", CmdHF14ASim
, 0, "<UID> -- Fake ISO 14443a tag"},
234 {"snoop", CmdHF14ASnoop
, 0, "Eavesdrop ISO 14443 Type A"},
235 {NULL
, NULL
, 0, NULL
}
238 int CmdHF14A(const char *Cmd
)
241 while (WaitForResponseTimeout(CMD_ACK
, 500) != NULL
) ;
244 CmdsParse(CommandTable
, Cmd
);
248 int CmdHelp(const char *Cmd
)
250 CmdsHelp(CommandTable
);