#define RECV_RES_OFFSET 3096\r
#define DMA_BUFFER_OFFSET 3160\r
#define DMA_BUFFER_SIZE 4096\r
- #define TRACE_LENGTH 3000 \r
- \r
+ #define TRACE_LENGTH 3000\r
+\r
// #define RECV_CMD_OFFSET 2032 // original (working as of 21/2/09) values\r
// #define RECV_RES_OFFSET 2096 // original (working as of 21/2/09) values\r
// #define DMA_BUFFER_OFFSET 2160 // original (working as of 21/2/09) values\r
Uart.state = STATE_UNSYNCD;\r
\r
// And put the FPGA in the appropriate mode\r
+ // Signal field is off with the appropriate LED\r
+ LED_D_OFF();\r
FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_ISO14443A | FPGA_HF_ISO14443A_SNIFFER);\r
SetAdcMuxFor(GPIO_MUXSEL_HIPKD);\r
\r
// And now we loop, receiving samples.\r
for(;;) {\r
WDT_HIT();\r
- int behindBy = (lastRxCounter - PDC_RX_COUNTER(SSC_BASE)) &\r
+ int behindBy = (lastRxCounter - AT91C_BASE_PDC_SSC->PDC_RCR) &\r
(DMA_BUFFER_SIZE-1);\r
if(behindBy > maxBehindBy) {\r
maxBehindBy = behindBy;\r
if(upTo - dmaBuf > DMA_BUFFER_SIZE) {\r
upTo -= DMA_BUFFER_SIZE;\r
lastRxCounter += DMA_BUFFER_SIZE;\r
- PDC_RX_NEXT_POINTER(SSC_BASE) = (DWORD)upTo;\r
- PDC_RX_NEXT_COUNTER(SSC_BASE) = DMA_BUFFER_SIZE;\r
+ AT91C_BASE_PDC_SSC->PDC_RNPR = (DWORD)upTo;\r
+ AT91C_BASE_PDC_SSC->PDC_RNCR = DMA_BUFFER_SIZE;\r
}\r
\r
samples += 4;\r
DbpIntegers(Uart.byteCntMax, traceLen, (int)Uart.output[0]);\r
\r
done:\r
- PDC_CONTROL(SSC_BASE) = PDC_RX_DISABLE;\r
+ AT91C_BASE_PDC_SSC->PDC_PTCR = AT91C_PDC_RXTDIS;\r
DbpIntegers(maxBehindBy, Uart.state, Uart.byteCnt);\r
DbpIntegers(Uart.byteCntMax, traceLen, (int)Uart.output[0]);\r
LED_A_OFF();\r
{\r
// Set FPGA mode to "simulated ISO 14443 tag", no modulation (listen\r
// only, since we are receiving, not transmitting).\r
+ // Signal field is off with the appropriate LED\r
+ LED_D_OFF();\r
FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_ISO14443A | FPGA_HF_ISO14443A_TAGSIM_LISTEN);\r
\r
// Now run a `software UART' on the stream of incoming samples.\r
\r
if(BUTTON_PRESS()) return FALSE;\r
\r
- if(SSC_STATUS & (SSC_STATUS_TX_READY)) {\r
- SSC_TRANSMIT_HOLDING = 0x00;\r
+ if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {\r
+ AT91C_BASE_SSC->SSC_THR = 0x00;\r
}\r
- if(SSC_STATUS & (SSC_STATUS_RX_READY)) {\r
- BYTE b = (BYTE)SSC_RECEIVE_HOLDING;\r
+ if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {\r
+ BYTE b = (BYTE)AT91C_BASE_SSC->SSC_RHR;\r
if(MillerDecoding((b & 0xf0) >> 4)) {\r
*len = Uart.byteCnt;\r
return TRUE;\r
\r
// my desfire\r
static const BYTE response2[] = { 0x88, 0x04, 0x21, 0x3f, 0x4d }; // known uid - note cascade (0x88), 2nd byte (0x04) = NXP/Phillips\r
- \r
- \r
+\r
+\r
// When reader selects us during cascade1 it will send cmd3\r
//BYTE response3[] = { 0x04, 0x00, 0x00 }; // SAK Select (cascade1) successful response (ULTRALITE)\r
BYTE response3[] = { 0x24, 0x00, 0x00 }; // SAK Select (cascade1) successful response (DESFire)\r
//BYTE response3a[] = { 0x00, 0x00, 0x00 }; // SAK Select (cascade2) successful response (ULTRALITE)\r
BYTE response3a[] = { 0x20, 0x00, 0x00 }; // SAK Select (cascade2) successful response (DESFire)\r
ComputeCrc14443(CRC_14443_A, response3a, 1, &response3a[1], &response3a[2]);\r
- \r
-// When reader tries to authenticate\r
- // static const BYTE cmd5[] = { 0x60, 0x00, 0xf5, 0x7b };\r
+\r
static const BYTE response5[] = { 0x00, 0x00, 0x00, 0x00 }; // Very random tag nonce\r
\r
BYTE *resp;\r
\r
// Modulate Manchester\r
FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_ISO14443A | FPGA_HF_ISO14443A_TAGSIM_MOD);\r
- SSC_TRANSMIT_HOLDING = 0x00;\r
+ AT91C_BASE_SSC->SSC_THR = 0x00;\r
FpgaSetupSsc();\r
\r
// ### Transmit the response ###\r
b = 0x00;\r
fdt_indicator = FALSE;\r
for(;;) {\r
- if(SSC_STATUS & (SSC_STATUS_RX_READY)) {\r
- volatile BYTE b = (BYTE)SSC_RECEIVE_HOLDING;\r
+ if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {\r
+ volatile BYTE b = (BYTE)AT91C_BASE_SSC->SSC_RHR;\r
(void)b;\r
}\r
- if(SSC_STATUS & (SSC_STATUS_TX_READY)) {\r
+ if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {\r
if(i > respLen) {\r
b = 0x00;\r
u++;\r
b = resp[i];\r
i++;\r
}\r
- SSC_TRANSMIT_HOLDING = b;\r
+ AT91C_BASE_SSC->SSC_THR = b;\r
\r
if(u > 4) {\r
break;\r
if(*wait < 10) { *wait = 10; }\r
\r
for(c = 0; c < *wait;) {\r
- if(SSC_STATUS & (SSC_STATUS_TX_READY)) {\r
- SSC_TRANSMIT_HOLDING = 0x00; // For exact timing!\r
+ if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {\r
+ AT91C_BASE_SSC->SSC_THR = 0x00; // For exact timing!\r
c++;\r
}\r
- if(SSC_STATUS & (SSC_STATUS_RX_READY)) {\r
- volatile DWORD r = SSC_RECEIVE_HOLDING;\r
+ if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {\r
+ volatile DWORD r = AT91C_BASE_SSC->SSC_RHR;\r
(void)r;\r
}\r
WDT_HIT();\r
\r
c = 0;\r
for(;;) {\r
- if(SSC_STATUS & (SSC_STATUS_TX_READY)) {\r
- SSC_TRANSMIT_HOLDING = cmd[c];\r
+ if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {\r
+ AT91C_BASE_SSC->SSC_THR = cmd[c];\r
c++;\r
if(c >= len) {\r
break;\r
}\r
}\r
- if(SSC_STATUS & (SSC_STATUS_RX_READY)) {\r
- volatile DWORD r = SSC_RECEIVE_HOLDING;\r
+ if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {\r
+ volatile DWORD r = AT91C_BASE_SSC->SSC_RHR;\r
(void)r;\r
}\r
WDT_HIT();\r
// buffer needs to be 512 bytes\r
int c;\r
\r
- // Set FPGA mode to "simulated ISO 14443 tag", no modulation (listen\r
+ // Set FPGA mode to "reader listen mode", no modulation (listen\r
// only, since we are receiving, not transmitting).\r
+ // Signal field is on with the appropriate LED\r
+ LED_D_ON();\r
FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_ISO14443A | FPGA_HF_ISO14443A_READER_LISTEN);\r
\r
// Now get the answer from the card\r
for(;;) {\r
WDT_HIT();\r
\r
- if(SSC_STATUS & (SSC_STATUS_TX_READY)) {\r
- SSC_TRANSMIT_HOLDING = 0x00; // To make use of exact timing of next command from reader!!\r
+ if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {\r
+ AT91C_BASE_SSC->SSC_THR = 0x00; // To make use of exact timing of next command from reader!!\r
(*elapsed)++;\r
}\r
- if(SSC_STATUS & (SSC_STATUS_RX_READY)) {\r
+ if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {\r
if(c < 512) { c++; } else { return FALSE; }\r
- b = (BYTE)SSC_RECEIVE_HOLDING;\r
+ b = (BYTE)AT91C_BASE_SSC->SSC_RHR;\r
if(ManchesterDecoding((b & 0xf0) >> 4)) {\r
*samples = ((c - 1) << 3) + 4;\r
return TRUE;\r
//BYTE cmd6[] = { 0xe0,0x50,0xbc,0xa5 }; // original RATS\r
BYTE cmd6[] = { 0xe0,0x21,0xb2,0xc7 }; // Desfire RATS\r
\r
+ // Mifare AUTH\r
+ BYTE cmd7[] = { 0x60, 0x00, 0x00, 0x00 };\r
+\r
int reqaddr = 2024; // was 2024 - tied to other size changes\r
int reqsize = 60;\r
\r
BYTE *req6 = (((BYTE *)BigBuf) + reqaddr + (reqsize * 5));\r
int req6Len;\r
\r
- //BYTE *req7 = (((BYTE *)BigBuf) + reqaddr + (reqsize * 6));\r
- //int req7Len;\r
+ BYTE *req7 = (((BYTE *)BigBuf) + reqaddr + (reqsize * 6));\r
+ int req7Len;\r
\r
BYTE *receivedAnswer = (((BYTE *)BigBuf) + 3560); // was 3560 - tied to other size changes\r
\r
int traceLen = 0;\r
int rsamples = 0;\r
\r
- memset(trace, 0x44, 2000); // was 2000 - tied to oter size chnages \r
+ memset(trace, 0x44, 2000); // was 2000 - tied to oter size chnages\r
// setting it to 3000 causes no tag responses to be detected (2900 is ok)\r
// setting it to 1000 causes no tag responses to be detected\r
\r
FpgaSetupSsc();\r
\r
// Start from off (no field generated)\r
+ // Signal field is off with the appropriate LED\r
+ LED_D_OFF();\r
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
SpinDelay(200);\r
\r
FpgaSetupSsc();\r
\r
// Now give it time to spin up.\r
+ // Signal field is on with the appropriate LED\r
+ LED_D_ON();\r
FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_ISO14443A | FPGA_HF_ISO14443A_READER_MOD);\r
SpinDelay(200);\r
\r
LED_A_ON();\r
LED_B_OFF();\r
LED_C_OFF();\r
- LED_D_OFF();\r
\r
int samples = 0;\r
int tsamples = 0;\r
traceLen += Demod.len;\r
if(traceLen > TRACE_LENGTH) goto done;\r
\r
-// OK we have selected at least at cascade 1, lets see if first byte of UID was 0x88 in \r
+// OK we have selected at least at cascade 1, lets see if first byte of UID was 0x88 in\r
// which case we need to make a cascade 2 request and select - this is a long UID\r
if (receivedAnswer[0] == 0x88)\r
{\r
traceLen += Demod.len;\r
if(traceLen > TRACE_LENGTH) goto done;\r
\r
-\r
-\r
-\r
-\r
-\r
- } \r
-\r
- \r
+ }\r
\r
// Secondly compute the two CRC bytes at the end\r
- ComputeCrc14443(CRC_14443_A, cmd5, 2, &cmd5[2], &cmd5[3]);\r
+ ComputeCrc14443(CRC_14443_A, cmd7, 2, &cmd7[2], &cmd7[3]);\r
+ CodeIso14443aAsReader(cmd7, sizeof(cmd7));\r
+ memcpy(req7, ToSend, ToSendMax); req7Len = ToSendMax;\r
// Send authentication request (Mifare Classic)\r
- TransmitFor14443a(req5, req5Len, &samples, &wait);\r
+ TransmitFor14443a(req7, req7Len, &samples, &wait);\r
trace[traceLen++] = 0; trace[traceLen++] = 0; trace[traceLen++] = 0; trace[traceLen++] = 0;\r
trace[traceLen++] = 0; trace[traceLen++] = 0; trace[traceLen++] = 0; trace[traceLen++] = 0;\r
trace[traceLen++] = 4;\r
- memcpy(trace+traceLen, cmd5, 4);\r
+ memcpy(trace+traceLen, cmd7, 4);\r
traceLen += 4;\r
if(traceLen > TRACE_LENGTH) goto done;\r
if(GetIso14443aAnswerFromTag(receivedAnswer, 100, &samples, &elapsed)) {\r
}\r
\r
done:\r
- LED_A_OFF();\r
- LED_B_OFF();\r
- LED_C_OFF();\r
- LED_D_OFF();\r
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
+ LEDsoff();\r
DbpIntegers(rsamples, 0xCC, 0xCC);\r
DbpString("ready..");\r
}\r
projects / proxmark3-svn / blobdiff