X-Git-Url: http://cvs.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/15c4dc5ace24e6081d1597b011148f156cdd599e..ba06a4b694da23045ed75d18ccf77a9befac65c0:/armsrc/lfops.c?ds=inline diff --git a/armsrc/lfops.c b/armsrc/lfops.c index 14cc33a4..7127bfdc 100644 --- a/armsrc/lfops.c +++ b/armsrc/lfops.c @@ -1,15 +1,21 @@ //----------------------------------------------------------------------------- +// This code is licensed to you under the terms of the GNU GPL, version 2 or, +// at your option, any later version. See the LICENSE.txt file for the text of +// the license. +//----------------------------------------------------------------------------- // Miscellaneous routines for low frequency tag operations. // Tags supported here so far are Texas Instruments (TI), HID // Also routines for raw mode reading/simulating of LF waveform -// //----------------------------------------------------------------------------- -#include + +#include "proxmark3.h" #include "apps.h" +#include "util.h" #include "hitag2.h" #include "crc16.h" +#include "string.h" -void AcquireRawAdcSamples125k(BOOL at134khz) +void AcquireRawAdcSamples125k(int at134khz) { if (at134khz) FpgaSendCommand(FPGA_CMD_SET_DIVISOR, 88); //134.8Khz @@ -34,10 +40,10 @@ void AcquireRawAdcSamples125k(BOOL at134khz) // split into two routines so we can avoid timing issues after sending commands // void DoAcquisition125k(void) { - BYTE *dest = (BYTE *)BigBuf; + uint8_t *dest = (uint8_t *)BigBuf; int n = sizeof(BigBuf); int i; - + memset(dest, 0, n); i = 0; for(;;) { @@ -46,7 +52,7 @@ void DoAcquisition125k(void) LED_D_ON(); } if (AT91C_BASE_SSC->SSC_SR & AT91C_SSC_RXRDY) { - dest[i] = (BYTE)AT91C_BASE_SSC->SSC_RHR; + dest[i] = (uint8_t)AT91C_BASE_SSC->SSC_RHR; i++; LED_D_OFF(); if (i >= n) break; @@ -56,14 +62,14 @@ void DoAcquisition125k(void) dest[0], dest[1], dest[2], dest[3], dest[4], dest[5], dest[6], dest[7]); } -void ModThenAcquireRawAdcSamples125k(int delay_off, int period_0, int period_1, BYTE *command) +void ModThenAcquireRawAdcSamples125k(int delay_off, int period_0, int period_1, uint8_t *command) { - BOOL at134khz; + int at134khz; /* Make sure the tag is reset */ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); SpinDelay(2500); - + // see if 'h' was specified if (command[strlen((char *) command) - 1] == 'h') at134khz = TRUE; @@ -141,13 +147,13 @@ void ReadTItag(void) // int n = GraphTraceLen; // 128 bit shift register [shift3:shift2:shift1:shift0] - DWORD shift3 = 0, shift2 = 0, shift1 = 0, shift0 = 0; + uint32_t shift3 = 0, shift2 = 0, shift1 = 0, shift0 = 0; int i, cycles=0, samples=0; // how many sample points fit in 16 cycles of each frequency - DWORD sampleslo = (FSAMPLE<<4)/FREQLO, sampleshi = (FSAMPLE<<4)/FREQHI; + uint32_t sampleslo = (FSAMPLE<<4)/FREQLO, sampleshi = (FSAMPLE<<4)/FREQHI; // when to tell if we're close enough to one freq or another - DWORD threshold = (sampleslo - sampleshi + 1)>>1; + uint32_t threshold = (sampleslo - sampleshi + 1)>>1; // TI tags charge at 134.2Khz FpgaSendCommand(FPGA_CMD_SET_DIVISOR, 88); //134.8Khz @@ -236,7 +242,7 @@ void ReadTItag(void) // i'm 99% sure the crc algorithm is correct, but it may need to eat the // bytes in reverse or something // calculate CRC - DWORD crc=0; + uint32_t crc=0; crc = update_crc16(crc, (shift0)&0xff); crc = update_crc16(crc, (shift0>>8)&0xff); @@ -257,7 +263,7 @@ void ReadTItag(void) } } -void WriteTIbyte(BYTE b) +void WriteTIbyte(uint8_t b) { int i = 0; @@ -286,7 +292,7 @@ void AcquireTiType(void) { int i, j, n; // tag transmission is <20ms, sampling at 2M gives us 40K samples max - // each sample is 1 bit stuffed into a DWORD so we need 1250 DWORDS + // each sample is 1 bit stuffed into a uint32_t so we need 1250 uint32_t #define TIBUFLEN 1250 // clear buffer @@ -355,7 +361,7 @@ void AcquireTiType(void) // arguments: 64bit data split into 32bit idhi:idlo and optional 16bit crc // if crc provided, it will be written with the data verbatim (even if bogus) // if not provided a valid crc will be computed from the data and written. -void WriteTItag(DWORD idhi, DWORD idlo, WORD crc) +void WriteTItag(uint32_t idhi, uint32_t idlo, uint16_t crc) { if(crc == 0) { crc = update_crc16(crc, (idlo)&0xff); @@ -426,7 +432,7 @@ void WriteTItag(DWORD idhi, DWORD idlo, WORD crc) void SimulateTagLowFrequency(int period, int gap, int ledcontrol) { int i; - BYTE *tab = (BYTE *)BigBuf; + uint8_t *tab = (uint8_t *)BigBuf; FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_SIMULATOR); @@ -470,7 +476,7 @@ void SimulateTagLowFrequency(int period, int gap, int ledcontrol) i++; if(i == period) { i = 0; - if (gap) { + if (gap) { SHORT_COIL(); SpinDelayUs(gap); } @@ -481,7 +487,7 @@ void SimulateTagLowFrequency(int period, int gap, int ledcontrol) /* Provides a framework for bidirectional LF tag communication * Encoding is currently Hitag2, but the general idea can probably * be transferred to other encodings. - * + * * The new FPGA code will, for the LF simulator mode, give on SSC_FRAME * (PA15) a thresholded version of the signal from the ADC. Setting the * ADC path to the low frequency peak detection signal, will enable a @@ -490,18 +496,18 @@ void SimulateTagLowFrequency(int period, int gap, int ledcontrol) * field is switched off, and high when the reader field is active. Due * to the way that the signal looks like, mostly only the rising edge is * useful, your mileage may vary. - * + * * Neat perk: PA15 can not only be used as a bit-banging GPIO, but is also * TIOA1, which can be used as the capture input for timer 1. This should * make it possible to measure the exact edge-to-edge time, without processor * intervention. - * + * * Arguments: divisor is the divisor to be sent to the FPGA (e.g. 95 for 125kHz) * t0 is the carrier frequency cycle duration in terms of MCK (384 for 125kHz) - * - * The following defines are in carrier periods: + * + * The following defines are in carrier periods: */ -#define HITAG_T_0_MIN 15 /* T[0] should be 18..22 */ +#define HITAG_T_0_MIN 15 /* T[0] should be 18..22 */ #define HITAG_T_1_MIN 24 /* T[1] should be 26..30 */ #define HITAG_T_EOF 40 /* T_EOF should be > 36 */ #define HITAG_T_WRESP 208 /* T_wresp should be 204..212 */ @@ -516,10 +522,10 @@ void SimulateTagLowFrequencyBidir(int divisor, int t0) #endif char frame[10]; int frame_pos=0; - + DbpString("Starting Hitag2 emulator, press button to end"); hitag2_init(); - + /* Set up simulator mode, frequency divisor which will drive the FPGA * and analog mux selection. */ @@ -527,13 +533,13 @@ void SimulateTagLowFrequencyBidir(int divisor, int t0) FpgaSendCommand(FPGA_CMD_SET_DIVISOR, divisor); SetAdcMuxFor(GPIO_MUXSEL_LOPKD); RELAY_OFF(); - + /* Set up Timer 1: * Capture mode, timer source MCK/2 (TIMER_CLOCK1), TIOA is external trigger, * external trigger rising edge, load RA on rising edge of TIOA, load RB on rising * edge of TIOA. Assign PA15 to TIOA1 (peripheral B) */ - + AT91C_BASE_PMC->PMC_PCER = (1 << AT91C_ID_TC1); AT91C_BASE_PIOA->PIO_BSR = GPIO_SSC_FRAME; AT91C_BASE_TC1->TC_CCR = AT91C_TC_CLKDIS; @@ -544,10 +550,10 @@ void SimulateTagLowFrequencyBidir(int divisor, int t0) AT91C_TC_LDRB_RISING; AT91C_BASE_TC1->TC_CCR = AT91C_TC_CLKEN | AT91C_TC_SWTRG; - + /* calculate the new value for the carrier period in terms of TC1 values */ t0 = t0/2; - + int overflow = 0; while(!BUTTON_PRESS()) { WDT_HIT(); @@ -559,7 +565,7 @@ void SimulateTagLowFrequencyBidir(int divisor, int t0) ((char*)BigBuf)[i] = ra; i = (i+1) % 8000; #endif - + if(overflow || (ra > t0*HITAG_T_EOF) || (ra < t0*HITAG_T_0_MIN)) { /* Ignore */ } else if(ra >= t0*HITAG_T_1_MIN ) { @@ -575,7 +581,7 @@ void SimulateTagLowFrequencyBidir(int divisor, int t0) frame_pos++; } } - + overflow = 0; LED_D_ON(); } else { @@ -587,9 +593,9 @@ void SimulateTagLowFrequencyBidir(int divisor, int t0) * have wrapped. Also, this marks the end of frame, and the * still running counter can be used to determine the correct * time for the start of the reply. - */ + */ overflow = 1; - + if(frame_pos > 0) { /* Have a frame, do something with it */ #if DEBUG_FRAME_CONTENTS @@ -629,13 +635,13 @@ static void hitag_send_bit(int t0, int bit) { LED_B_OFF(); } AT91C_BASE_TC1->TC_CCR = AT91C_TC_SWTRG; /* Reset clock for the next bit */ - + } static void hitag_send_frame(int t0, int frame_len, const char const * frame, int fdt) { OPEN_COIL(); AT91C_BASE_PIOA->PIO_OER = GPIO_SSC_DOUT; - + /* Wait for HITAG_T_WRESP carrier periods after the last reader bit, * not that since the clock counts since the rising edge, but T_wresp is * with respect to the falling edge, we need to wait actually (T_wresp - T_g) @@ -646,15 +652,15 @@ static void hitag_send_frame(int t0, int frame_len, const char const * frame, in int saved_cmr = AT91C_BASE_TC1->TC_CMR; AT91C_BASE_TC1->TC_CMR &= ~AT91C_TC_ETRGEDG; /* Disable external trigger for the clock */ AT91C_BASE_TC1->TC_CCR = AT91C_TC_SWTRG; /* Reset the clock and use it for response timing */ - + int i; for(i=0; i<5; i++) hitag_send_bit(t0, 1); /* Start of frame */ - + for(i=0; iTC_CMR = saved_cmr; } @@ -673,7 +679,7 @@ static void hitag_handle_frame(int t0, int frame_len, char *frame) // compose fc/8 fc/10 waveform static void fc(int c, int *n) { - BYTE *dest = (BYTE *)BigBuf; + uint8_t *dest = (uint8_t *)BigBuf; int idx; // for when we want an fc8 pattern every 4 logical bits @@ -778,9 +784,9 @@ void CmdHIDsimTAG(int hi, int lo, int ledcontrol) // loop to capture raw HID waveform then FSK demodulate the TAG ID from it void CmdHIDdemodFSK(int findone, int *high, int *low, int ledcontrol) { - BYTE *dest = (BYTE *)BigBuf; + uint8_t *dest = (uint8_t *)BigBuf; int m=0, n=0, i=0, idx=0, found=0, lastval=0; - DWORD hi=0, lo=0; + uint32_t hi=0, lo=0; FpgaSendCommand(FPGA_CMD_SET_DIVISOR, 95); //125Khz FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_READER); @@ -815,7 +821,7 @@ void CmdHIDdemodFSK(int findone, int *high, int *low, int ledcontrol) LED_D_ON(); } if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) { - dest[i] = (BYTE)AT91C_BASE_SSC->SSC_RHR; + dest[i] = (uint8_t)AT91C_BASE_SSC->SSC_RHR; // we don't care about actual value, only if it's more or less than a // threshold essentially we capture zero crossings for later analysis if(dest[i] < 127) dest[i] = 0; else dest[i] = 1;