X-Git-Url: http://cvs.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/40148ab609cdcf58ae6ef517c319a758006e1c6d..327a690813ff04d580a2630977f160b8ec809bd9:/armsrc/lfops.c?ds=inline diff --git a/armsrc/lfops.c b/armsrc/lfops.c index 780af199..3042b80a 100644 --- a/armsrc/lfops.c +++ b/armsrc/lfops.c @@ -16,6 +16,7 @@ #include "string.h" #include "lfdemod.h" #include "lfsampling.h" +#include "usb_cdc.h" /** @@ -399,14 +400,14 @@ void SimulateTagLowFrequency(int period, int gap, int ledcontrol) i = 0; for(;;) { + //wait until SSC_CLK goes HIGH while(!(AT91C_BASE_PIOA->PIO_PDSR & GPIO_SSC_CLK)) { - if(BUTTON_PRESS()) { + if(BUTTON_PRESS() || usb_poll()) { DbpString("Stopped"); return; } WDT_HIT(); } - if (ledcontrol) LED_D_ON(); @@ -417,17 +418,18 @@ void SimulateTagLowFrequency(int period, int gap, int ledcontrol) if (ledcontrol) LED_D_OFF(); - //wait for next sample time + //wait until SSC_CLK goes LOW while(AT91C_BASE_PIOA->PIO_PDSR & GPIO_SSC_CLK) { if(BUTTON_PRESS()) { DbpString("Stopped"); return; } WDT_HIT(); - } - + } + i++; if(i == period) { + i = 0; if (gap) { SHORT_COIL(); @@ -460,7 +462,7 @@ static void fc(int c, int *n) dest[((*n)++)]=0; } - // an fc/8 encoded bit is a bit pattern of 11000000 x6 = 48 samples + // an fc/8 encoded bit is a bit pattern of 11110000 x6 = 48 samples if(c==8) { for (idx=0; idx<6; idx++) { dest[((*n)++)]=1; @@ -474,7 +476,7 @@ static void fc(int c, int *n) } } - // an fc/10 encoded bit is a bit pattern of 1110000000 x5 = 50 samples + // an fc/10 encoded bit is a bit pattern of 1111100000 x5 = 50 samples if(c==10) { for (idx=0; idx<5; idx++) { dest[((*n)++)]=1; @@ -491,35 +493,34 @@ static void fc(int c, int *n) } } // compose fc/X fc/Y waveform (FSKx) -static void fcAll(uint8_t c, int *n, uint8_t clock) +static void fcAll(uint8_t fc, int *n, uint8_t clock, uint16_t *modCnt) { uint8_t *dest = BigBuf_get_addr(); - uint8_t idx; - uint8_t fcCnt; - // c = count of field clock for this bit - - int mod = clock % c; + uint8_t halfFC = fc/2; + uint8_t wavesPerClock = clock/fc; + uint8_t mod = clock % fc; //modifier + uint8_t modAdj = fc/mod; //how often to apply modifier + bool modAdjOk = !(fc % mod); //if (fc % mod==0) modAdjOk=TRUE; // loop through clock - step field clock - for (idx=0; idx < (uint8_t) clock/c; idx++){ - // loop through field clock length - put 1/2 FC length 1's and 1/2 0's per field clock wave (to create the wave) - for (fcCnt=0; fcCnt < c; fcCnt++){ - if (fcCnt < c/2){ - dest[((*n)++)]=1; - } else { - dest[((*n)++)]=0; - } - } + for (uint8_t idx=0; idx < wavesPerClock; idx++){ + // put 1/2 FC length 1's and 1/2 0's per field clock wave (to create the wave) + memset(dest+(*n), 0, fc-halfFC); //in case of odd number use extra here + memset(dest+(*n)+(fc-halfFC), 1, halfFC); + *n += fc; } - Dbprintf("mod: %d",mod); - if (mod>0){ //for FC counts that don't add up to a full clock cycle padd with extra wave - for (idx=0; idx < mod; idx++){ - if (idx < mod/2) { - dest[((*n)++)]=1; - } else { - dest[((*n)++)]=0; - } + if (mod>0) (*modCnt)++; + if ((mod>0) && modAdjOk){ //fsk2 + if ((*modCnt % modAdj) == 0){ //if 4th 8 length wave in a rf/50 add extra 8 length wave + memset(dest+(*n), 0, fc-halfFC); + memset(dest+(*n)+(fc-halfFC), 1, halfFC); + *n += fc; } } + if (mod>0 && !modAdjOk){ //fsk1 + memset(dest+(*n), 0, mod-(mod/2)); + memset(dest+(*n)+(mod-(mod/2)), 1, mod/2); + *n += mod; + } } // prepare a waveform pattern in the buffer based on the ID given then @@ -538,7 +539,7 @@ void CmdHIDsimTAG(int hi, int lo, int ledcontrol) */ if (hi>0xFFF) { - DbpString("Tags can only have 44 bits."); + DbpString("Tags can only have 44 bits. - USE lf simfsk for larger tags"); return; } fc(0,&n); @@ -587,34 +588,28 @@ void CmdFSKsimTAG(uint16_t arg1, uint16_t arg2, size_t size, uint8_t *BitStream) int n=0, i=0; uint8_t fcHigh = arg1 >> 8; uint8_t fcLow = arg1 & 0xFF; - //spacer bit + uint16_t modCnt = 0; uint8_t clk = arg2 & 0xFF; uint8_t invert = (arg2 >> 8) & 1; - //fcAll(0, &n, clk); - - WDT_HIT(); + for (i=0; i> 8) & 0xFF; - uint8_t manchester = arg1 & 1; + uint8_t encoding = arg1 & 1; uint8_t separator = arg2 & 1; uint8_t invert = (arg2 >> 8) & 1; - WDT_HIT(); - for (i=0; i> 8; + uint8_t carrier = arg1 & 0xFF; + uint8_t invert = arg2 & 0xFF; + uint8_t curPhase = 0; + for (i=0; i=0){ - lo = Em410xDecode(dest, &size, &idx); + errCnt = Em410xDecode(dest, &size, &idx, &hi, &lo); //Dbprintf("DEBUG: EM GOT"); - if (lo>0){ - Dbprintf("EM TAG ID: %02x%08x - (%05d_%03d_%08d)", - (uint32_t)(lo>>32), - (uint32_t)lo, - (uint32_t)(lo&0xFFFF), - (uint32_t)((lo>>16LL) & 0xFF), - (uint32_t)(lo & 0xFFFFFF)); + if (errCnt){ + if (size>64){ + Dbprintf("EM XL TAG ID: %06x%08x%08x - (%05d_%03d_%08d)", + hi, + (uint32_t)(lo>>32), + (uint32_t)lo, + (uint32_t)(lo&0xFFFF), + (uint32_t)((lo>>16LL) & 0xFF), + (uint32_t)(lo & 0xFFFFFF)); + } else { + Dbprintf("EM TAG ID: %02x%08x - (%05d_%03d_%08d)", + (uint32_t)(lo>>32), + (uint32_t)lo, + (uint32_t)(lo&0xFFFF), + (uint32_t)((lo>>16LL) & 0xFF), + (uint32_t)(lo & 0xFFFFFF)); + } } if (findone){ if (ledcontrol) LED_A_OFF(); @@ -820,6 +896,7 @@ void CmdEM410xdemod(int findone, int *high, int *low, int ledcontrol) //Dbprintf("DEBUG: No Tag"); } WDT_HIT(); + hi = 0; lo = 0; clk=0; invert=0; @@ -954,10 +1031,12 @@ void CmdIOdemodFSK(int findone, int *high, int *low, int ledcontrol) * To compensate antenna falling times shorten the write times * and enlarge the gap ones. */ -#define START_GAP 250 -#define WRITE_GAP 160 -#define WRITE_0 144 // 192 -#define WRITE_1 400 // 432 for T55x7; 448 for E5550 +#define START_GAP 50*8 // 10 - 50fc 250 +#define WRITE_GAP 20*8 // - 30fc 160 +#define WRITE_0 24*8 // 16 - 63fc 54fc 144 +#define WRITE_1 54*8 // 48 - 63fc 54fc 432 for T55x7; 448 for E5550 //400 + +#define T55xx_SAMPLES_SIZE 12000 // 32 x 32 x 10 (32 bit times numofblock (7), times clock skip..) // Write one bit to card void T55xxWriteBit(int bit) @@ -976,16 +1055,11 @@ void T55xxWriteBit(int bit) // Write one card block in page 0, no lock void T55xxWriteBlock(uint32_t Data, uint32_t Block, uint32_t Pwd, uint8_t PwdMode) { - //unsigned int i; //enio adjustment 12/10/14 - uint32_t i; + uint32_t i = 0; - FpgaDownloadAndGo(FPGA_BITSTREAM_LF); - FpgaSendCommand(FPGA_CMD_SET_DIVISOR, 95); //125Khz - FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC | FPGA_LF_ADC_READER_FIELD); - - // Give it a bit of time for the resonant antenna to settle. - // And for the tag to fully power up - SpinDelay(150); + // Set up FPGA, 125kHz + // Wait for config.. (192+8190xPOW)x8 == 67ms + LFSetupFPGAForADC(0, true); // Now start writting FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); @@ -1018,30 +1092,28 @@ void T55xxWriteBlock(uint32_t Data, uint32_t Block, uint32_t Pwd, uint8_t PwdMod FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); } +void TurnReadLFOn(){ + FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC | FPGA_LF_ADC_READER_FIELD); + // Give it a bit of time for the resonant antenna to settle. + SpinDelayUs(8*150); +} + + // Read one card block in page 0 void T55xxReadBlock(uint32_t Block, uint32_t Pwd, uint8_t PwdMode) { + uint32_t i = 0; uint8_t *dest = BigBuf_get_addr(); - //int m=0, i=0; //enio adjustment 12/10/14 - uint32_t m=0, i=0; - FpgaDownloadAndGo(FPGA_BITSTREAM_LF); - m = BigBuf_max_traceLen(); - // Clear destination buffer before sending the command - memset(dest, 128, m); - // Connect the A/D to the peak-detected low-frequency path. - SetAdcMuxFor(GPIO_MUXSEL_LOPKD); - // Now set up the SSC to get the ADC samples that are now streaming at us. - FpgaSetupSsc(); + uint16_t bufferlength = BigBuf_max_traceLen(); + if ( bufferlength > T55xx_SAMPLES_SIZE ) + bufferlength = T55xx_SAMPLES_SIZE; - LED_D_ON(); - FpgaSendCommand(FPGA_CMD_SET_DIVISOR, 95); //125Khz - FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC | FPGA_LF_ADC_READER_FIELD); - - // Give it a bit of time for the resonant antenna to settle. - // And for the tag to fully power up - SpinDelay(150); + // Clear destination buffer before sending the command + memset(dest, 0x80, bufferlength); - // Now start writting + // Set up FPGA, 125kHz + // Wait for config.. (192+8190xPOW)x8 == 67ms + LFSetupFPGAForADC(0, true); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); SpinDelayUs(START_GAP); @@ -1060,53 +1132,40 @@ void T55xxReadBlock(uint32_t Block, uint32_t Pwd, uint8_t PwdMode) T55xxWriteBit(Block & i); // Turn field on to read the response - FpgaSendCommand(FPGA_CMD_SET_DIVISOR, 95); //125Khz - FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC | FPGA_LF_ADC_READER_FIELD); - + TurnReadLFOn(); // Now do the acquisition i = 0; for(;;) { if (AT91C_BASE_SSC->SSC_SR & AT91C_SSC_TXRDY) { AT91C_BASE_SSC->SSC_THR = 0x43; + LED_D_ON(); } if (AT91C_BASE_SSC->SSC_SR & AT91C_SSC_RXRDY) { dest[i] = (uint8_t)AT91C_BASE_SSC->SSC_RHR; - // we don't care about actual value, only if it's more or less than a - // threshold essentially we capture zero crossings for later analysis - // if(dest[i] < 127) dest[i] = 0; else dest[i] = 1; i++; - if (i >= m) break; + LED_D_OFF(); + if (i >= bufferlength) break; } } + cmd_send(CMD_ACK,0,0,0,0,0); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); // field off LED_D_OFF(); - DbpString("DONE!"); } // Read card traceability data (page 1) void T55xxReadTrace(void){ + + uint32_t i = 0; uint8_t *dest = BigBuf_get_addr(); - int m=0, i=0; + uint16_t bufferlength = BigBuf_max_traceLen(); + if ( bufferlength > T55xx_SAMPLES_SIZE ) + bufferlength= T55xx_SAMPLES_SIZE; - FpgaDownloadAndGo(FPGA_BITSTREAM_LF); - m = BigBuf_max_traceLen(); // Clear destination buffer before sending the command - memset(dest, 128, m); - // Connect the A/D to the peak-detected low-frequency path. - SetAdcMuxFor(GPIO_MUXSEL_LOPKD); - // Now set up the SSC to get the ADC samples that are now streaming at us. - FpgaSetupSsc(); + memset(dest, 0x80, bufferlength); - LED_D_ON(); - FpgaSendCommand(FPGA_CMD_SET_DIVISOR, 95); //125Khz - FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC | FPGA_LF_ADC_READER_FIELD); - - // Give it a bit of time for the resonant antenna to settle. - // And for the tag to fully power up - SpinDelay(150); - - // Now start writting + LFSetupFPGAForADC(0, true); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); SpinDelayUs(START_GAP); @@ -1115,25 +1174,26 @@ void T55xxReadTrace(void){ T55xxWriteBit(1); //Page 1 // Turn field on to read the response - FpgaSendCommand(FPGA_CMD_SET_DIVISOR, 95); //125Khz - FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC | FPGA_LF_ADC_READER_FIELD); + TurnReadLFOn(); // Now do the acquisition - i = 0; for(;;) { if (AT91C_BASE_SSC->SSC_SR & AT91C_SSC_TXRDY) { AT91C_BASE_SSC->SSC_THR = 0x43; + LED_D_ON(); } if (AT91C_BASE_SSC->SSC_SR & AT91C_SSC_RXRDY) { dest[i] = (uint8_t)AT91C_BASE_SSC->SSC_RHR; i++; - if (i >= m) break; + LED_D_OFF(); + + if (i >= bufferlength) break; } } + cmd_send(CMD_ACK,0,0,0,0,0); FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); // field off LED_D_OFF(); - DbpString("DONE!"); } /*-------------- Cloning routines -----------*/