SetAdcMuxFor(GPIO_MUXSEL_HIPKD);
uint32_t time_0 = GetCountSspClk();
-
+ uint32_t time_start = 0;
+ uint32_t time_stop = 0;
int div = 0;
//int div2 = 0;
smpl = decbyter;
if(OutOfNDecoding((smpl & 0xF0) >> 4)) {
rsamples = samples - Uart.samples;
+ time_stop = (GetCountSspClk()-time_0) << 4;
LED_C_ON();
//if(!LogTrace(Uart.output,Uart.byteCnt, rsamples, Uart.parityBits,TRUE)) break;
if(tracing) {
uint8_t parity[MAX_PARITY_SIZE];
GetParity(Uart.output, Uart.byteCnt, parity);
- LogTrace(Uart.output,Uart.byteCnt, (GetCountSspClk()-time_0) << 4, (GetCountSspClk()-time_0) << 4, parity, TRUE);
+ LogTrace(Uart.output,Uart.byteCnt, time_start, time_stop, parity, TRUE);
}
Demod.state = DEMOD_UNSYNCD;
LED_B_OFF();
Uart.byteCnt = 0;
+ }else{
+ time_start = (GetCountSspClk()-time_0) << 4;
}
decbyter = 0;
}
if(div > 3) {
smpl = decbyte;
if(ManchesterDecoding(smpl & 0x0F)) {
- rsamples = samples - Demod.samples;
+ time_stop = (GetCountSspClk()-time_0) << 4;
+
+ rsamples = samples - Demod.samples;
LED_B_ON();
if(tracing) {
uint8_t parity[MAX_PARITY_SIZE];
GetParity(Demod.output, Demod.len, parity);
- LogTrace(Demod.output, Demod.len, (GetCountSspClk()-time_0) << 4, (GetCountSspClk()-time_0) << 4, parity, FALSE);
+ LogTrace(Demod.output, Demod.len, time_start, time_stop, parity, FALSE);
}
-
// And ready to receive another response.
memset(&Demod, 0, sizeof(Demod));
Demod.output = tagToReaderResponse;
Demod.state = DEMOD_UNSYNCD;
LED_C_OFF();
+ }else{
+ time_start = (GetCountSspClk()-time_0) << 4;
}
div = 0;
// Convert from last byte pos to length
ToSendMax++;
}
+
int doIClassSimulation(uint8_t csn[], int breakAfterMacReceived, uint8_t *reader_mac_buf);
/**
* @brief SimulateIClass simulates an iClass card.
*/
int doIClassSimulation(uint8_t csn[], int breakAfterMacReceived, uint8_t *reader_mac_buf)
{
+
// CSN followed by two CRC bytes
+ uint8_t response1[] = { 0x0F} ;
uint8_t response2[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
uint8_t response3[] = { 0,0,0,0,0,0,0,0,0,0};
memcpy(response3,csn,sizeof(response3));
// Reader 81 anticoll. CSN
// Tag CSN
- uint8_t *resp;
- int respLen;
- uint8_t* respdata = NULL;
- int respsize = 0;
- uint8_t sof = 0x0f;
+ uint8_t *modulated_response;
+ int modulated_response_size;
+ uint8_t* trace_data = NULL;
+ int trace_data_size = 0;
+ //uint8_t sof = 0x0f;
// Respond SOF -- takes 8 bytes
uint8_t *resp1 = (((uint8_t *)BigBuf) + FREE_BUFFER_OFFSET);
LED_A_ON();
bool buttonPressed = false;
- /** Hack for testing
- memcpy(reader_mac_buf,csn,8);
- exitLoop = true;
- end hack **/
-
while(!exitLoop) {
LED_B_OFF();
// Okay, look at the command now.
if(receivedCmd[0] == 0x0a ) {
// Reader in anticollission phase
- resp = resp1; respLen = resp1Len; //order = 1;
- respdata = &sof;
- respsize = sizeof(sof);
+ modulated_response = resp1; modulated_response_size = resp1Len; //order = 1;
+ trace_data = response1;
+ trace_data_size = sizeof(response1);
} else if(receivedCmd[0] == 0x0c) {
// Reader asks for anticollission CSN
- resp = resp2; respLen = resp2Len; //order = 2;
- respdata = response2;
- respsize = sizeof(response2);
+ modulated_response = resp2; modulated_response_size = resp2Len; //order = 2;
+ trace_data = response2;
+ trace_data_size = sizeof(response2);
//DbpString("Reader requests anticollission CSN:");
} else if(receivedCmd[0] == 0x81) {
// Reader selects anticollission CSN.
// Tag sends the corresponding real CSN
- resp = resp3; respLen = resp3Len; //order = 3;
- respdata = response3;
- respsize = sizeof(response3);
+ modulated_response = resp3; modulated_response_size = resp3Len; //order = 3;
+ trace_data = response3;
+ trace_data_size = sizeof(response3);
//DbpString("Reader selects anticollission CSN:");
} else if(receivedCmd[0] == 0x88) {
// Read e-purse (88 02)
- resp = resp4; respLen = resp4Len; //order = 4;
- respdata = response4;
- respsize = sizeof(response4);
+ modulated_response = resp4; modulated_response_size = resp4Len; //order = 4;
+ trace_data = response4;
+ trace_data_size = sizeof(response4);
LED_B_ON();
} else if(receivedCmd[0] == 0x05) {
// Reader random and reader MAC!!!
// Do not respond
// We do not know what to answer, so lets keep quiet
- resp = resp1; respLen = 0; //order = 5;
- respdata = NULL;
- respsize = 0;
+ modulated_response = resp1; modulated_response_size = 0; //order = 5;
+ trace_data = NULL;
+ trace_data_size = 0;
if (breakAfterMacReceived){
// dbprintf:ing ...
Dbprintf("CSN: %02x %02x %02x %02x %02x %02x %02x %02x"
}
} else if(receivedCmd[0] == 0x00 && len == 1) {
// Reader ends the session
- resp = resp1; respLen = 0; //order = 0;
- respdata = NULL;
- respsize = 0;
+ modulated_response = resp1; modulated_response_size = 0; //order = 0;
+ trace_data = NULL;
+ trace_data_size = 0;
} else {
//#db# Unknown command received from reader (len=5): 26 1 0 f6 a 44 44 44 44
// Never seen this command before
receivedCmd[3], receivedCmd[4], receivedCmd[5],
receivedCmd[6], receivedCmd[7], receivedCmd[8]);
// Do not respond
- resp = resp1; respLen = 0; //order = 0;
- respdata = NULL;
- respsize = 0;
+ modulated_response = resp1; modulated_response_size = 0; //order = 0;
+ trace_data = NULL;
+ trace_data_size = 0;
}
if(cmdsRecvd > 100) {
else {
cmdsRecvd++;
}
-
- if(respLen > 0) {
- SendIClassAnswer(resp, respLen, 21);
+ /**
+ After changes to parity calculation
+ Time between reader EOT and pm3 SOF
+ delay 21 -> 480uS
+ delay 10 -> 220us
+ delay 16 -> 388us
+ A legit tag has about 380us.
+ **/
+ if(modulated_response_size > 0) {
+ SendIClassAnswer(modulated_response, modulated_response_size, timeout);
t2r_time = GetCountSspClk();
}
GetParity(receivedCmd, len, parity);
LogTrace(receivedCmd,len, (r2t_time-time_0)<< 4, (r2t_time-time_0) << 4, parity, TRUE);
- if (respdata != NULL) {
- GetParity(respdata, respsize, parity);
- LogTrace(respdata, respsize, (t2r_time-time_0) << 4, (t2r_time-time_0) << 4, parity, FALSE);
+ if (trace_data != NULL) {
+ GetParity(trace_data, trace_data_size, parity);
+ LogTrace(trace_data, trace_data_size, (t2r_time-time_0) << 4, (t2r_time-time_0) << 4, parity, FALSE);
}
if(!tracing) {
DbpString("Trace full");
projects / proxmark3-svn / blobdiff