//-----------------------------------------------------------------------------\r
-// Merlok - June 2011\r
+// Merlok - June 2011, 2012\r
// Gerhard de Koning Gans - May 2008\r
// Hagen Fritsch - June 2010\r
//\r
pcs = &mpcs;\r
\r
// clear trace\r
- iso14a_clear_tracelen();\r
+ iso14a_clear_trace();\r
// iso14a_set_tracing(false);\r
\r
iso14443a_setup();\r
pcs = &mpcs;\r
\r
// clear trace\r
- iso14a_clear_tracelen();\r
+ iso14a_clear_trace();\r
// iso14a_set_tracing(false);\r
\r
iso14443a_setup();\r
pcs = &mpcs;\r
\r
// clear trace\r
- iso14a_clear_tracelen();\r
+ iso14a_clear_trace();\r
// iso14a_set_tracing(false);\r
\r
iso14443a_setup();\r
uint8_t uid[8];\r
uint32_t cuid, nt1, nt2, nttmp, nttest, par, ks1;\r
uint8_t par_array[4];\r
- nestedVector nvector[NES_MAX_INFO + 1][10];\r
+ nestedVector nvector[NES_MAX_INFO + 1][11];\r
int nvectorcount[NES_MAX_INFO + 1];\r
int ncount = 0;\r
UsbCommand ack = {CMD_ACK, {0, 0, 0}};\r
for (i = 0; i < NES_MAX_INFO + 1; i++) nvectorcount[i] = 11; // 11 - empty block;\r
\r
// clear trace\r
- iso14a_clear_tracelen();\r
+ iso14a_clear_trace();\r
iso14a_set_tracing(false);\r
\r
iso14443a_setup();\r
}\r
\r
ncount = 0;\r
- for (m = dmin - NS_TOLERANCE; m < dmax + NS_TOLERANCE; m++) {\r
- nttest = prng_successor(nt1, m);\r
+ nttest = prng_successor(nt1, dmin - NS_TOLERANCE);\r
+ for (m = dmin - NS_TOLERANCE + 1; m < dmax + NS_TOLERANCE; m++) {\r
+ nttest = prng_successor(nttest, 1);\r
ks1 = nt2 ^ nttest;\r
\r
if (valid_nonce(nttest, nt2, ks1, par_array) && (ncount < 11)){\r
MF_DBGLEVEL = MF_DBG_NONE;\r
\r
// clear trace\r
- iso14a_clear_tracelen();\r
+ iso14a_clear_trace();\r
iso14a_set_tracing(TRUE);\r
\r
iso14443a_setup();\r
\r
// variables\r
byte_t dataoutbuf[16];\r
+ byte_t dataoutbuf2[16];\r
uint8_t uid[8];\r
\r
// clear trace\r
- iso14a_clear_tracelen();\r
+ iso14a_clear_trace();\r
iso14a_set_tracing(false);\r
\r
iso14443a_setup();\r
break;\r
};\r
emlSetMem(dataoutbuf, sectorNo * 4 + 2, 1);\r
+\r
+ // get block 3 bytes 6-9\r
+ if(mifare_classic_readblock(pcs, cuid, sectorNo * 4 + 3, dataoutbuf)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Read block 3 error");\r
+ break;\r
+ };\r
+ emlGetMem(dataoutbuf2, sectorNo * 4 + 3, 1);\r
+ memcpy(&dataoutbuf2[6], &dataoutbuf[6], 4);\r
+ emlSetMem(dataoutbuf2, sectorNo * 4 + 3, 1);\r
}\r
\r
if(mifare_classic_halt(pcs, cuid)) {\r
\r
// ----------------------------- crypto1 destroy\r
crypto1_destroy(pcs);\r
+\r
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
+ LEDsoff();\r
\r
if (MF_DBGLEVEL >= 2) DbpString("EMUL FILL SECTORS FINISHED");\r
\r
// add trace trailer\r
memset(uid, 0x44, 4);\r
LogTrace(uid, 4, 0, 0, TRUE);\r
- \r
- Dbprintf("Loaded.");\r
}\r
\r
//-----------------------------------------------------------------------------\r
// \r
//-----------------------------------------------------------------------------\r
\r
+\r
+//-----------------------------------------------------------------------------\r
+// Work with "magic Chinese" card (email him: ouyangweidaxian@live.cn)\r
+// \r
+//-----------------------------------------------------------------------------\r
+void MifareCSetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain){\r
+ \r
+ // params\r
+ uint8_t needWipe = arg0;\r
+ // bit 0 - need get UID\r
+ // bit 1 - need wupC\r
+ // bit 2 - need HALT after sequence\r
+ // bit 3 - need init FPGA and field before sequence\r
+ // bit 4 - need reset FPGA and LED\r
+ uint8_t workFlags = arg1;\r
+ uint8_t blockNo = arg2;\r
+ \r
+ // card commands\r
+ uint8_t wupC1[] = { 0x40 }; \r
+ uint8_t wupC2[] = { 0x43 }; \r
+ uint8_t wipeC[] = { 0x41 }; \r
+ \r
+ // variables\r
+ byte_t isOK = 0;\r
+ uint8_t uid[8];\r
+ uint8_t d_block[18];\r
+ uint32_t cuid;\r
+ \r
+ memset(uid, 0x00, 8);\r
+ uint8_t* receivedAnswer = mifare_get_bigbufptr();\r
+ \r
+ if (workFlags & 0x08) {\r
+ // clear trace\r
+ iso14a_clear_trace();\r
+ iso14a_set_tracing(TRUE);\r
+\r
+ iso14443a_setup();\r
+\r
+ LED_A_ON();\r
+ LED_B_OFF();\r
+ LED_C_OFF();\r
+ \r
+ SpinDelay(300);\r
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
+ SpinDelay(100);\r
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_ISO14443A | FPGA_HF_ISO14443A_READER_MOD);\r
+ }\r
+\r
+ while (true) {\r
+ // get UID from chip\r
+ if (workFlags & 0x01) {\r
+ if(!iso14443a_select_card(uid, NULL, &cuid)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");\r
+ break;\r
+ };\r
+\r
+ if(mifare_classic_halt(NULL, cuid)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Halt error");\r
+ break;\r
+ };\r
+ };\r
+ \r
+ // reset chip\r
+ if (needWipe){\r
+ ReaderTransmitShort(wupC1);\r
+ if(!ReaderReceive(receivedAnswer) || (receivedAnswer[0] != 0x0a)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("wupC1 error");\r
+ break;\r
+ };\r
+\r
+ ReaderTransmit(wipeC, sizeof(wipeC));\r
+ if(!ReaderReceive(receivedAnswer) || (receivedAnswer[0] != 0x0a)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("wipeC error");\r
+ break;\r
+ };\r
+\r
+ if(mifare_classic_halt(NULL, cuid)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Halt error");\r
+ break;\r
+ };\r
+ }; \r
+\r
+ // write block\r
+ if (workFlags & 0x02) {\r
+ ReaderTransmitShort(wupC1);\r
+ if(!ReaderReceive(receivedAnswer) || (receivedAnswer[0] != 0x0a)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("wupC1 error");\r
+ break;\r
+ };\r
+\r
+ ReaderTransmit(wupC2, sizeof(wupC2));\r
+ if(!ReaderReceive(receivedAnswer) || (receivedAnswer[0] != 0x0a)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("wupC2 error");\r
+ break;\r
+ };\r
+ }\r
+\r
+ if ((mifare_sendcmd_short(NULL, 0, 0xA0, blockNo, receivedAnswer) != 1) || (receivedAnswer[0] != 0x0a)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("write block send command error");\r
+ break;\r
+ };\r
+ \r
+ memcpy(d_block, datain, 16);\r
+ AppendCrc14443a(d_block, 16);\r
+ \r
+ ReaderTransmit(d_block, sizeof(d_block));\r
+ if ((ReaderReceive(receivedAnswer) != 1) || (receivedAnswer[0] != 0x0a)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("write block send data error");\r
+ break;\r
+ }; \r
+ \r
+ if (workFlags & 0x04) {\r
+ if (mifare_classic_halt(NULL, cuid)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Halt error");\r
+ break;\r
+ };\r
+ }\r
+ \r
+ isOK = 1;\r
+ break;\r
+ }\r
+ \r
+ UsbCommand ack = {CMD_ACK, {isOK, 0, 0}};\r
+ if (isOK) memcpy(ack.d.asBytes, uid, 4);\r
+ \r
+ // add trace trailer\r
+ memset(uid, 0x44, 4);\r
+ LogTrace(uid, 4, 0, 0, TRUE);\r
+\r
+ LED_B_ON();\r
+ UsbSendPacket((uint8_t *)&ack, sizeof(UsbCommand));\r
+ LED_B_OFF();\r
+\r
+ if ((workFlags & 0x10) || (!isOK)) {\r
+ // Thats it...\r
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
+ LEDsoff();\r
+ }\r
+}\r
+\r
+void MifareCGetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain){\r
+ \r
+ // params\r
+ // bit 1 - need wupC\r
+ // bit 2 - need HALT after sequence\r
+ // bit 3 - need init FPGA and field before sequence\r
+ // bit 4 - need reset FPGA and LED\r
+ uint8_t workFlags = arg0;\r
+ uint8_t blockNo = arg2;\r
+ \r
+ // card commands\r
+ uint8_t wupC1[] = { 0x40 }; \r
+ uint8_t wupC2[] = { 0x43 }; \r
+ \r
+ // variables\r
+ byte_t isOK = 0;\r
+ uint8_t data[18];\r
+ uint32_t cuid = 0;\r
+ \r
+ memset(data, 0x00, 18);\r
+ uint8_t* receivedAnswer = mifare_get_bigbufptr();\r
+ \r
+ if (workFlags & 0x08) {\r
+ // clear trace\r
+ iso14a_clear_trace();\r
+ iso14a_set_tracing(TRUE);\r
+\r
+ iso14443a_setup();\r
+\r
+ LED_A_ON();\r
+ LED_B_OFF();\r
+ LED_C_OFF();\r
+ \r
+ SpinDelay(300);\r
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
+ SpinDelay(100);\r
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_ISO14443A | FPGA_HF_ISO14443A_READER_MOD);\r
+ }\r
+\r
+ while (true) {\r
+ if (workFlags & 0x02) {\r
+ ReaderTransmitShort(wupC1);\r
+ if(!ReaderReceive(receivedAnswer) || (receivedAnswer[0] != 0x0a)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("wupC1 error");\r
+ break;\r
+ };\r
+\r
+ ReaderTransmit(wupC2, sizeof(wupC2));\r
+ if(!ReaderReceive(receivedAnswer) || (receivedAnswer[0] != 0x0a)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("wupC2 error");\r
+ break;\r
+ };\r
+ }\r
+\r
+ // read block\r
+ if ((mifare_sendcmd_short(NULL, 0, 0x30, blockNo, receivedAnswer) != 18)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("read block send command error");\r
+ break;\r
+ };\r
+ memcpy(data, receivedAnswer, 18);\r
+ \r
+ if (workFlags & 0x04) {\r
+ if (mifare_classic_halt(NULL, cuid)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Halt error");\r
+ break;\r
+ };\r
+ }\r
+ \r
+ isOK = 1;\r
+ break;\r
+ }\r
+ \r
+ UsbCommand ack = {CMD_ACK, {isOK, 0, 0}};\r
+ if (isOK) memcpy(ack.d.asBytes, data, 18);\r
+ \r
+ // add trace trailer\r
+ memset(data, 0x44, 4);\r
+ LogTrace(data, 4, 0, 0, TRUE);\r
+\r
+ LED_B_ON();\r
+ UsbSendPacket((uint8_t *)&ack, sizeof(UsbCommand));\r
+ LED_B_OFF();\r
+\r
+ if ((workFlags & 0x10) || (!isOK)) {\r
+ // Thats it...\r
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
+ LEDsoff();\r
+ }\r
+}\r
+\r