]> cvs.zerfleddert.de Git - proxmark3-svn/blobdiff - client/cmdhf15.c
Add smartcard protocol T=0 (RRG repository PRs 71,72,74,75 by @merlokk) (#757)
[proxmark3-svn] / client / cmdhf15.c
index c116b00116bf95b8869fdd6a7c390f7980f3d849..da83ccafd4b9b73b5d110121d39c4e085c585e5f 100644 (file)
 #include "util.h"
 #include "cmdparser.h"
 #include "iso15693tools.h"
+#include "protocols.h"
 #include "cmdmain.h"
 
-#define FrameSOF              Iso15693FrameSOF
-#define Logic0                                         Iso15693Logic0
-#define Logic1                                         Iso15693Logic1
-#define FrameEOF                                       Iso15693FrameEOF
-
 #define Crc(data,datalen)     Iso15693Crc(data,datalen)
 #define AddCrc(data,datalen)  Iso15693AddCrc(data,datalen)
 #define sprintUID(target,uid)  Iso15693sprintUID(target,uid)
 
+// SOF defined as
+// 1) Unmodulated time of 56.64us
+// 2) 24 pulses of 423.75khz
+// 3) logic '1' (unmodulated for 18.88us followed by 8 pulses of 423.75khz)
+
+static const int Iso15693FrameSOF[] = {
+       -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+       -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+        1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
+        1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
+       -1, -1, -1, -1,
+       -1, -1, -1, -1,
+        1,  1,  1,  1,
+        1,  1,  1,  1
+};
+static const int Iso15693Logic0[] = {
+        1,  1,  1,  1,
+        1,  1,  1,  1,
+       -1, -1, -1, -1,
+       -1, -1, -1, -1
+};
+static const int Iso15693Logic1[] = {
+       -1, -1, -1, -1,
+       -1, -1, -1, -1,
+        1,  1,  1,  1,
+        1,  1,  1,  1
+};
+
+// EOF defined as
+// 1) logic '0' (8 pulses of 423.75khz followed by unmodulated for 18.88us)
+// 2) 24 pulses of 423.75khz
+// 3) Unmodulated time of 56.64us
+
+static const int Iso15693FrameEOF[] = {
+        1,  1,  1,  1,
+        1,  1,  1,  1,
+       -1, -1, -1, -1,
+       -1, -1, -1, -1,
+        1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
+        1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
+       -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+       -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1
+};
+
 // structure and database for uid -> tagtype lookups 
 typedef struct { 
        uint64_t uid;
@@ -212,18 +252,17 @@ int getUID(uint8_t *buf)
        
        for (int retry=0;retry<3; retry++) { // don't give up the at the first try              
                
-               req[0]= ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | 
-                       ISO15_REQ_INVENTORY | ISO15_REQINV_SLOT1;
-               req[1]=ISO15_CMD_INVENTORY;
-               req[2]=0; // mask length
-               reqlen=AddCrc(req,3);
-               c.arg[0]=reqlen;
+               req[0] = ISO15693_REQ_DATARATE_HIGH | ISO15693_REQ_INVENTORY | ISO15693_REQINV_SLOT1;
+               req[1] = ISO15693_INVENTORY;
+               req[2] = 0; // mask length
+               reqlen = AddCrc(req,3);
+               c.arg[0] = reqlen;
        
                SendCommand(&c);
                
                if (WaitForResponseTimeout(CMD_ACK,&resp,1000)) {
                        recv = resp.d.asBytes;
-                       if (resp.arg[0]>=12 && ISO15_CRC_CHECK==Crc(recv,12)) {
+                       if (resp.arg[0]>=12 && ISO15693_CRC_CHECK==Crc(recv,12)) {
                           memcpy(buf,&recv[2],8);
                           return 1;
                        } 
@@ -293,8 +332,8 @@ int CmdHF15Demod(const char *Cmd)
        // First, correlate for SOF
        for (i = 0; i < 200; i++) {
                int corr = 0;
-               for (j = 0; j < arraylen(FrameSOF); j += skip) {
-                       corr += FrameSOF[j] * GraphBuffer[i + (j / skip)];
+               for (j = 0; j < arraylen(Iso15693FrameSOF); j += skip) {
+                       corr += Iso15693FrameSOF[j] * GraphBuffer[i + (j / skip)];
                }
                if (corr > max) {
                        max = corr;
@@ -302,28 +341,28 @@ int CmdHF15Demod(const char *Cmd)
                }
        }
        PrintAndLog("SOF at %d, correlation %d", maxPos,
-               max / (arraylen(FrameSOF) / skip));
+               max / (arraylen(Iso15693FrameSOF) / skip));
        
-       i = maxPos + arraylen(FrameSOF) / skip;
+       i = maxPos + arraylen(Iso15693FrameSOF) / skip;
        int k = 0;
        uint8_t outBuf[20];
        memset(outBuf, 0, sizeof(outBuf));
        uint8_t mask = 0x01;
        for (;;) {
                        int corr0 = 0, corr00 = 0, corr01 = 0, corr1 = 0, corrEOF = 0;
-                       for(j = 0; j < arraylen(Logic0); j += skip) {
-                               corr0 += Logic0[j]*GraphBuffer[i+(j/skip)];
+                       for(j = 0; j < arraylen(Iso15693Logic0); j += skip) {
+                               corr0 += Iso15693Logic0[j]*GraphBuffer[i+(j/skip)];
                        }
                        corr01 = corr00 = corr0;
-                       for(j = 0; j < arraylen(Logic0); j += skip) {
-                               corr00 += Logic0[j]*GraphBuffer[i+arraylen(Logic0)/skip+(j/skip)];
-                               corr01 += Logic1[j]*GraphBuffer[i+arraylen(Logic0)/skip+(j/skip)];
+                       for(j = 0; j < arraylen(Iso15693Logic0); j += skip) {
+                               corr00 += Iso15693Logic0[j]*GraphBuffer[i+arraylen(Iso15693Logic0)/skip+(j/skip)];
+                               corr01 += Iso15693Logic1[j]*GraphBuffer[i+arraylen(Iso15693Logic0)/skip+(j/skip)];
                        }
-                       for(j = 0; j < arraylen(Logic1); j += skip) {
-                               corr1 += Logic1[j]*GraphBuffer[i+(j/skip)];
+                       for(j = 0; j < arraylen(Iso15693Logic1); j += skip) {
+                               corr1 += Iso15693Logic1[j]*GraphBuffer[i+(j/skip)];
                        }
-                       for(j = 0; j < arraylen(FrameEOF); j += skip) {
-                               corrEOF += FrameEOF[j]*GraphBuffer[i+(j/skip)];
+                       for(j = 0; j < arraylen(Iso15693FrameEOF); j += skip) {
+                               corrEOF += Iso15693FrameEOF[j]*GraphBuffer[i+(j/skip)];
                        }
                        // Even things out by the length of the target waveform.
                        corr00 *= 2;
@@ -335,17 +374,17 @@ int CmdHF15Demod(const char *Cmd)
                                PrintAndLog("EOF at %d", i);
                                break;
                } else if (corr1 > corr0) {
-                       i += arraylen(Logic1) / skip;
+                       i += arraylen(Iso15693Logic1) / skip;
                        outBuf[k] |= mask;
                } else {
-                       i += arraylen(Logic0) / skip;
+                       i += arraylen(Iso15693Logic0) / skip;
                }
                mask <<= 1;
                if (mask == 0) {
                        k++;
                        mask = 0x01;
                }
-               if ((i + (int)arraylen(FrameEOF)) >= GraphTraceLen) {
+               if ((i + (int)arraylen(Iso15693FrameEOF)) >= GraphTraceLen) {
                        PrintAndLog("ran off end!");
                        break;
                }
@@ -374,10 +413,9 @@ int CmdHF15Read(const char *Cmd)
 }
 
 // Record Activity without enabling carrier
-// TODO: currently it DOES enable the carrier
-int CmdHF15Record(const char *Cmd)
+int CmdHF15Snoop(const char *Cmd)
 {
-       UsbCommand c = {CMD_RECORD_RAW_ADC_SAMPLES_ISO_15693};
+       UsbCommand c = {CMD_SNOOP_ISO_15693};
        SendCommand(&c);
        return 0;
 }
@@ -424,6 +462,7 @@ int CmdHF15Sim(const char *Cmd)
        
        PrintAndLog("Starting simulating UID %02X %02X %02X %02X %02X %02X %02X %02X",
                        uid[0],uid[1],uid[2],uid[3],uid[4], uid[5], uid[6], uid[7]);
+       PrintAndLog("Press the button to stop simulation");
 
        UsbCommand c = {CMD_SIMTAG_ISO_15693, {0, 0, 0}};
        memcpy(c.d.asBytes,uid,8);
@@ -462,20 +501,19 @@ int CmdHF15DumpMem(const char*Cmd) {
 
        for (int retry=0; retry<5; retry++) {
                
-               req[0]= ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | 
-                       ISO15_REQ_NONINVENTORY | ISO15_REQ_ADDRESS;
-               req[1]=ISO15_CMD_READ;
+               req[0]= ISO15693_REQ_DATARATE_HIGH | ISO15693_REQ_ADDRESS;
+               req[1] = ISO15693_READBLOCK;
                memcpy(&req[2],uid,8);
-               req[10]=blocknum;
-               reqlen=AddCrc(req,11);
-               c.arg[0]=reqlen;
+               req[10] = blocknum;
+               reqlen = AddCrc(req,11);
+               c.arg[0] = reqlen;
        
                SendCommand(&c);
                
                if (WaitForResponseTimeout(CMD_ACK,&resp,1000)) {
                        recv = resp.d.asBytes;
-                       if (ISO15_CRC_CHECK==Crc(recv,resp.arg[0])) {
-                               if (!(recv[0] & ISO15_RES_ERROR)) {
+                       if (ISO15693_CRC_CHECK==Crc(recv,resp.arg[0])) {
+                               if (!(recv[0] & ISO15693_RES_ERROR)) {
                                        retry=0;
                                        *output=0; // reset outputstring
                                        sprintf(output, "Block %02x   ",blocknum);
@@ -499,7 +537,7 @@ int CmdHF15DumpMem(const char*Cmd) {
   // TODO: need fix
 //     if (resp.arg[0]<3)
 //             PrintAndLog("Lost Connection");
-//     else if (ISO15_CRC_CHECK!=Crc(resp.d.asBytes,resp.arg[0]))
+//     else if (ISO15693_CRC_CHECK!=Crc(resp.d.asBytes,resp.arg[0]))
 //             PrintAndLog("CRC Failed");
 //     else 
 //             PrintAndLog("Tag returned Error %i: %s",recv[1],TagErrorStr(recv[1])); 
@@ -514,7 +552,7 @@ static command_t CommandTable15[] =
        {"help",    CmdHF15Help,    1, "This help"},
        {"demod",   CmdHF15Demod,   1, "Demodulate ISO15693 from tag"},
        {"read",    CmdHF15Read,    0, "Read HF tag (ISO 15693)"},
-       {"record",  CmdHF15Record,  0, "Record Samples (ISO 15693)"}, // atrox
+       {"snoop",   CmdHF15Snoop,   0, "Eavesdrop ISO 15693 communications"},
        {"reader",  CmdHF15Reader,  0, "Act like an ISO15693 reader"},
        {"sim",     CmdHF15Sim,     0, "Fake an ISO15693 tag"},
        {"cmd",     CmdHF15Cmd,     0, "Send direct commands to ISO15693 tag"},
@@ -547,12 +585,11 @@ int CmdHF15CmdInquiry(const char *Cmd)
        uint8_t *req=c.d.asBytes;
        int reqlen=0;
        
-       req[0]= ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | 
-               ISO15_REQ_INVENTORY | ISO15_REQINV_SLOT1;
-       req[1]=ISO15_CMD_INVENTORY;
-       req[2]=0; // mask length
+       req[0] = ISO15693_REQ_DATARATE_HIGH | ISO15693_REQ_INVENTORY | ISO15693_REQINV_SLOT1;
+       req[1] = ISO15693_INVENTORY;
+       req[2] = 0; // mask length
        reqlen=AddCrc(req,3);
-       c.arg[0]=reqlen;
+       c.arg[0] = reqlen;
 
        SendCommand(&c);
        
@@ -706,7 +743,7 @@ int prepareHF15Cmd(char **cmd, UsbCommand *c, uint8_t iso15cmd[], int iso15cmdle
        while (**cmd==' ' || **cmd=='\t') (*cmd)++;
        
        if (strstr(*cmd,"-o")==*cmd) {
-               req[reqlen]=ISO15_REQ_OPTION;
+               req[reqlen]=ISO15693_REQ_OPTION;
                (*cmd)+=2;
        }
        
@@ -721,36 +758,32 @@ int prepareHF15Cmd(char **cmd, UsbCommand *c, uint8_t iso15cmd[], int iso15cmdle
                case 's':
                case 'S':
                        // you must have selected the tag earlier
-                       req[reqlen++]|= ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | 
-                      ISO15_REQ_NONINVENTORY | ISO15_REQ_SELECT;
-                  memcpy(&req[reqlen],&iso15cmd[0],iso15cmdlen);
-                       reqlen+=iso15cmdlen;               
+                       req[reqlen++] |= ISO15693_REQ_DATARATE_HIGH | ISO15693_REQ_SELECT;
+                       memcpy(&req[reqlen],&iso15cmd[0],iso15cmdlen);
+                       reqlen += iso15cmdlen;             
                   break;
                case 'u':
                case 'U':
                        // unaddressed mode may not be supported by all vendors
-                       req[reqlen++]|= ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | 
-                      ISO15_REQ_NONINVENTORY;
-                  memcpy(&req[reqlen],&iso15cmd[0],iso15cmdlen);
-                       reqlen+=iso15cmdlen;               
+                       req[reqlen++] |= ISO15693_REQ_DATARATE_HIGH;
+                       memcpy(&req[reqlen],&iso15cmd[0],iso15cmdlen);
+                       reqlen += iso15cmdlen;             
                   break;
                case '*':
                        // we scan for the UID ourself
-                       req[reqlen++]|= ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | 
-                      ISO15_REQ_NONINVENTORY | ISO15_REQ_ADDRESS;
-                  memcpy(&req[reqlen],&iso15cmd[0],iso15cmdlen);
+                       req[reqlen++] |= ISO15693_REQ_DATARATE_HIGH | ISO15693_REQ_ADDRESS;
+                       memcpy(&req[reqlen],&iso15cmd[0],iso15cmdlen);
                        reqlen+=iso15cmdlen;               
-                  if (!getUID(uid)) {
-                       PrintAndLog("No Tag found");
-                       return 0;
-                  }
-                  memcpy(req+reqlen,uid,8);
-                  PrintAndLog("Detected UID %s",sprintUID(NULL,uid));
-                  reqlen+=8;
+                       if (!getUID(uid)) {
+                               PrintAndLog("No Tag found");
+                               return 0;
+                       }
+                       memcpy(req+reqlen,uid,8);
+                       PrintAndLog("Detected UID %s",sprintUID(NULL,uid));
+                       reqlen+=8;
                        break;                  
                default:
-                       req[reqlen++]|= ISO15_REQ_SUBCARRIER_SINGLE | ISO15_REQ_DATARATE_HIGH | 
-                      ISO15_REQ_NONINVENTORY | ISO15_REQ_ADDRESS;
+                       req[reqlen++] |= ISO15693_REQ_DATARATE_HIGH | ISO15693_REQ_ADDRESS;
                        memcpy(&req[reqlen],&iso15cmd[0],iso15cmdlen);
                        reqlen+=iso15cmdlen;               
                   
@@ -809,7 +842,7 @@ int CmdHF15CmdSysinfo(const char *Cmd) {
                return 0;
        }       
        
-       prepareHF15Cmd(&cmd, &c,(uint8_t[]){ISO15_CMD_SYSINFO},1);      
+       prepareHF15Cmd(&cmd, &c,(uint8_t[]){ISO15693_GET_SYSTEM_INFO},1);       
        reqlen=c.arg[0];
        
        reqlen=AddCrc(req,reqlen);
@@ -819,8 +852,8 @@ int CmdHF15CmdSysinfo(const char *Cmd) {
 
        if (WaitForResponseTimeout(CMD_ACK,&resp,1000) && resp.arg[0]>2) {
                recv = resp.d.asBytes;
-               if (ISO15_CRC_CHECK==Crc(recv,resp.arg[0])) {
-                       if (!(recv[0] & ISO15_RES_ERROR)) {
+               if (ISO15693_CRC_CHECK==Crc(recv,resp.arg[0])) {
+                       if (!(recv[0] & ISO15693_RES_ERROR)) {
                                *output=0; // reset outputstring
                                for ( i=1; i<resp.arg[0]-2; i++) {
                                        sprintf(output+strlen(output),"%02X ",recv[i]);
@@ -896,7 +929,7 @@ int CmdHF15CmdReadmulti(const char *Cmd) {
                return 0;
        }       
        
-       prepareHF15Cmd(&cmd, &c,(uint8_t[]){ISO15_CMD_READMULTI},1);    
+       prepareHF15Cmd(&cmd, &c,(uint8_t[]){ISO15693_READ_MULTI_BLOCK},1);      
        reqlen=c.arg[0];
 
        pagenum=strtol(cmd,NULL,0);
@@ -920,8 +953,8 @@ int CmdHF15CmdReadmulti(const char *Cmd) {
 
        if (WaitForResponseTimeout(CMD_ACK,&resp,1000) && resp.arg[0]>2) {
                recv = resp.d.asBytes;
-               if (ISO15_CRC_CHECK==Crc(recv,resp.arg[0])) {
-                       if (!(recv[0] & ISO15_RES_ERROR)) {
+               if (ISO15693_CRC_CHECK==Crc(recv,resp.arg[0])) {
+                       if (!(recv[0] & ISO15693_RES_ERROR)) {
                                *output=0; // reset outputstring
                                for ( int i=1; i<resp.arg[0]-2; i++) {
                                        sprintf(output+strlen(output),"%02X ",recv[i]);
@@ -974,7 +1007,7 @@ int CmdHF15CmdRead(const char *Cmd) {
                return 0;
        }       
        
-       prepareHF15Cmd(&cmd, &c,(uint8_t[]){ISO15_CMD_READ},1); 
+       prepareHF15Cmd(&cmd, &c,(uint8_t[]){ISO15693_READBLOCK},1);     
        reqlen=c.arg[0];
 
        pagenum=strtol(cmd,NULL,0);
@@ -993,8 +1026,8 @@ int CmdHF15CmdRead(const char *Cmd) {
 
        if (WaitForResponseTimeout(CMD_ACK,&resp,1000) && resp.arg[0]>2) {
                recv = resp.d.asBytes;
-               if (ISO15_CRC_CHECK==Crc(recv,resp.arg[0])) {
-                       if (!(recv[0] & ISO15_RES_ERROR)) {
+               if (ISO15693_CRC_CHECK==Crc(recv,resp.arg[0])) {
+                       if (!(recv[0] & ISO15693_RES_ERROR)) {
                                *output=0; // reset outputstring
                                //sprintf(output, "Block %2i   ",blocknum);
                                for ( int i=1; i<resp.arg[0]-2; i++) {
@@ -1051,7 +1084,7 @@ int CmdHF15CmdWrite(const char *Cmd) {
                return 0;
        }       
        
-       prepareHF15Cmd(&cmd, &c,(uint8_t[]){ISO15_CMD_WRITE},1);        
+       prepareHF15Cmd(&cmd, &c,(uint8_t[]){ISO15693_WRITEBLOCK},1);    
        reqlen=c.arg[0];
        
        // *cmd -> page num ; *cmd2 -> data 
@@ -1086,8 +1119,8 @@ int CmdHF15CmdWrite(const char *Cmd) {
 
        if (WaitForResponseTimeout(CMD_ACK,&resp,2000) && resp.arg[0]>2) {
                recv = resp.d.asBytes;
-               if (ISO15_CRC_CHECK==Crc(recv,resp.arg[0])) {
-                       if (!(recv[0] & ISO15_RES_ERROR)) {                                     
+               if (ISO15693_CRC_CHECK==Crc(recv,resp.arg[0])) {
+                       if (!(recv[0] & ISO15693_RES_ERROR)) {                                  
                                PrintAndLog("OK");      
                        } else {
                                PrintAndLog("Tag returned Error %i: %s",recv[1],TagErrorStr(recv[1])); 
Impressum, Datenschutz