X-Git-Url: http://cvs.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/81cd0474cb4dc85fcc78f70ad238cb684851f75f..0c5998c0518144270e9c85c2771bf29ddd906384:/armsrc/iso14443.c diff --git a/armsrc/iso14443.c b/armsrc/iso14443.c index 9452ae83..6a2e4d6a 100644 --- a/armsrc/iso14443.c +++ b/armsrc/iso14443.c @@ -269,7 +269,8 @@ static int Handle14443UartBit(int bit) break; } - if (Uart.state == STATE_ERROR_WAIT) LED_A_OFF(); // Error + // This row make the error blew circular buffer in hf 14b snoop + //if (Uart.state == STATE_ERROR_WAIT) LED_A_OFF(); // Error return FALSE; } @@ -292,8 +293,7 @@ static int GetIso14443CommandFromReader(uint8_t *received, int *len, int maxLen) // only, since we are receiving, not transmitting). // Signal field is off with the appropriate LED LED_D_OFF(); - FpgaWriteConfWord( - FPGA_MAJOR_MODE_HF_SIMULATOR | FPGA_HF_SIMULATOR_NO_MODULATION); + FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_SIMULATOR | FPGA_HF_SIMULATOR_NO_MODULATION); // Now run a `software UART' on the stream of incoming samples. @@ -339,16 +339,17 @@ void SimulateIso14443Tag(void) uint8_t *resp; int respLen; - uint8_t *resp1 = (((uint8_t *)BigBuf) + 800); + uint8_t *resp1 = BigBuf_get_addr() + 800; int resp1Len; - uint8_t *receivedCmd = (uint8_t *)BigBuf; + uint8_t *receivedCmd = BigBuf_get_addr(); int len; int i; int cmdsRecvd = 0; + FpgaDownloadAndGo(FPGA_BITSTREAM_HF); memset(receivedCmd, 0x44, 400); CodeIso14443bAsTag(response1, sizeof(response1)); @@ -399,8 +400,7 @@ void SimulateIso14443Tag(void) // Modulate BPSK // Signal field is off with the appropriate LED LED_D_OFF(); - FpgaWriteConfWord( - FPGA_MAJOR_MODE_HF_SIMULATOR | FPGA_HF_SIMULATOR_MODULATE_BPSK); + FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_SIMULATOR | FPGA_HF_SIMULATOR_MODULATE_BPSK); AT91C_BASE_SSC->SSC_THR = 0xff; FpgaSetupSsc(); @@ -537,7 +537,7 @@ static RAMFUNC int Handle14443SamplesDemod(int ci, int cq) if(Demod.posCount < 12) { Demod.state = DEMOD_UNSYNCD; } else { - LED_C_ON(); // Got SOF + LED_C_ON(); // Got SOF Demod.state = DEMOD_AWAITING_START_BIT; Demod.posCount = 0; Demod.len = 0; @@ -598,8 +598,8 @@ static RAMFUNC int Handle14443SamplesDemod(int ci, int cq) } else if(s == 0x000) { // This is EOF LED_C_OFF(); - return TRUE; Demod.state = DEMOD_UNSYNCD; + return TRUE; } else { Demod.state = DEMOD_UNSYNCD; } @@ -629,34 +629,35 @@ static void GetSamplesFor14443Demod(int weTx, int n, int quiet) int gotFrame = FALSE; //# define DMA_BUFFER_SIZE 8 - int8_t *dmaBuf; + uint8_t *dmaBuf; int lastRxCounter; - int8_t *upTo; + uint8_t *upTo; int ci, cq; int samples = 0; // Clear out the state of the "UART" that receives from the tag. - memset(BigBuf, 0x44, 400); - Demod.output = (uint8_t *)BigBuf; + uint8_t *BigBuf = BigBuf_get_addr(); + memset(BigBuf, 0x00, 400); + Demod.output = BigBuf; Demod.len = 0; Demod.state = DEMOD_UNSYNCD; // And the UART that receives from the reader - Uart.output = (((uint8_t *)BigBuf) + 1024); + Uart.output = BigBuf + 1024; Uart.byteCntMax = 100; Uart.state = STATE_UNSYNCD; // Setup for the DMA. - dmaBuf = (int8_t *)(BigBuf + 32); + dmaBuf = BigBuf + 32; upTo = dmaBuf; lastRxCounter = DEMOD_DMA_BUFFER_SIZE; - FpgaSetupSscDma((uint8_t *)dmaBuf, DEMOD_DMA_BUFFER_SIZE); + FpgaSetupSscDma(dmaBuf, DEMOD_DMA_BUFFER_SIZE); // Signal field is ON with the appropriate LED: - if (weTx) LED_D_ON(); else LED_D_OFF(); + if (weTx) LED_D_ON(); else LED_D_OFF(); // And put the FPGA in the appropriate mode FpgaWriteConfWord( FPGA_MAJOR_MODE_HF_READER_RX_XCORR | FPGA_HF_READER_RX_XCORR_848_KHZ | @@ -786,7 +787,7 @@ static void TransmitFor14443(void) // Code a layer 2 command (string of octets, including CRC) into ToSend[], // so that it is ready to transmit to the tag using TransmitFor14443(). //----------------------------------------------------------------------------- -void CodeIso14443bAsReader(const uint8_t *cmd, int len) +static void CodeIso14443bAsReader(const uint8_t *cmd, int len) { int i, j; uint8_t b; @@ -843,32 +844,14 @@ void CodeIso14443bAsReader(const uint8_t *cmd, int len) // responses. // The command name is misleading, it actually decodes the reponse in HEX // into the output buffer (read the result using hexsamples, not hisamples) +// +// obsolete function only for test //----------------------------------------------------------------------------- void AcquireRawAdcSamplesIso14443(uint32_t parameter) { uint8_t cmd1[] = { 0x05, 0x00, 0x08, 0x39, 0x73 }; - // Make sure that we start from off, since the tags are stateful; - // confusing things will happen if we don't reset them between reads. - FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); - LED_D_OFF(); - SpinDelay(200); - - SetAdcMuxFor(GPIO_MUXSEL_HIPKD); - FpgaSetupSsc(); - - // Now give it time to spin up. - // Signal field is on with the appropriate LED - LED_D_ON(); - FpgaWriteConfWord( - FPGA_MAJOR_MODE_HF_READER_RX_XCORR | FPGA_HF_READER_RX_XCORR_848_KHZ); - SpinDelay(200); - - CodeIso14443bAsReader(cmd1, sizeof(cmd1)); - TransmitFor14443(); -// LED_A_ON(); - GetSamplesFor14443Demod(TRUE, 2000, FALSE); -// LED_A_OFF(); + SendRawCommand14443B(sizeof(cmd1),1,1,cmd1); } //----------------------------------------------------------------------------- @@ -880,19 +863,11 @@ void AcquireRawAdcSamplesIso14443(uint32_t parameter) // // I tried to be systematic and check every answer of the tag, every CRC, etc... //----------------------------------------------------------------------------- -void ReadSRI512Iso14443(uint32_t parameter) -{ - ReadSTMemoryIso14443(parameter,0x0F); -} -void ReadSRIX4KIso14443(uint32_t parameter) -{ - ReadSTMemoryIso14443(parameter,0x7F); -} - -void ReadSTMemoryIso14443(uint32_t parameter,uint32_t dwLast) +void ReadSTMemoryIso14443(uint32_t dwLast) { uint8_t i = 0x00; + FpgaDownloadAndGo(FPGA_BITSTREAM_HF); // Make sure that we start from off, since the tags are stateful; // confusing things will happen if we don't reset them between reads. LED_D_OFF(); @@ -973,8 +948,8 @@ void ReadSTMemoryIso14443(uint32_t parameter,uint32_t dwLast) (Demod.output[7]<<24) + (Demod.output[6]<<16) + (Demod.output[5]<<8) + Demod.output[4], (Demod.output[3]<<24) + (Demod.output[2]<<16) + (Demod.output[1]<<8) + Demod.output[0]); - // Now loop to read all 16 blocks, address from 0 to 15 - DbpString("Tag memory dump, block 0 to 15"); + // Now loop to read all 16 blocks, address from 0 to last block + Dbprintf("Tag memory dump, block 0 to %d",dwLast); cmd1[0] = 0x08; i = 0x00; dwLast++; @@ -1037,20 +1012,22 @@ void RAMFUNC SnoopIso14443(void) // response from the tag. int triggered = TRUE; + FpgaDownloadAndGo(FPGA_BITSTREAM_HF); + BigBuf_free(); // The command (reader -> tag) that we're working on receiving. - uint8_t *receivedCmd = (uint8_t *)(BigBuf) + DEMOD_TRACE_SIZE; + uint8_t *receivedCmd = BigBuf_malloc(READER_TAG_BUFFER_SIZE); // The response (tag -> reader) that we're working on receiving. - uint8_t *receivedResponse = (uint8_t *)(BigBuf) + DEMOD_TRACE_SIZE + READER_TAG_BUFFER_SIZE; + uint8_t *receivedResponse = BigBuf_malloc(TAG_READER_BUFFER_SIZE); // As we receive stuff, we copy it from receivedCmd or receivedResponse // into trace, along with its length and other annotations. - uint8_t *trace = (uint8_t *)BigBuf; - int traceLen = 0; + uint8_t *trace = BigBuf_get_addr(); + traceLen = 0; // The DMA buffer, used to stream samples from the FPGA. - int8_t *dmaBuf = (int8_t *)(BigBuf) + DEMOD_TRACE_SIZE + READER_TAG_BUFFER_SIZE + TAG_READER_BUFFER_SIZE; + uint8_t *dmaBuf = BigBuf_malloc(DEMOD_DMA_BUFFER_SIZE); int lastRxCounter; - int8_t *upTo; + uint8_t *upTo; int ci, cq; int maxBehindBy = 0; @@ -1059,7 +1036,7 @@ void RAMFUNC SnoopIso14443(void) int samples = 0; // Initialize the trace buffer - memset(trace, 0x44, DEMOD_TRACE_SIZE); + memset(trace, 0x44, BigBuf_max_traceLen()); // Set up the demodulator for tag -> reader responses. Demod.output = receivedResponse; @@ -1072,13 +1049,12 @@ void RAMFUNC SnoopIso14443(void) Uart.byteCntMax = 100; Uart.state = STATE_UNSYNCD; - // Print some debug information about the buffer sizes - Dbprintf("Snooping buffers initialized:"); - Dbprintf(" Trace: %i bytes", DEMOD_TRACE_SIZE); - Dbprintf(" Reader -> tag: %i bytes", READER_TAG_BUFFER_SIZE); - Dbprintf(" tag -> Reader: %i bytes", TAG_READER_BUFFER_SIZE); - Dbprintf(" DMA: %i bytes", DEMOD_DMA_BUFFER_SIZE); - + // Print some debug information about the buffer sizes + Dbprintf("Snooping buffers initialized:"); + Dbprintf(" Trace: %i bytes", BigBuf_max_traceLen()); + Dbprintf(" Reader -> tag: %i bytes", READER_TAG_BUFFER_SIZE); + Dbprintf(" tag -> Reader: %i bytes", TAG_READER_BUFFER_SIZE); + Dbprintf(" DMA: %i bytes", DEMOD_DMA_BUFFER_SIZE); // And put the FPGA in the appropriate mode // Signal field is off with the appropriate LED @@ -1102,7 +1078,7 @@ void RAMFUNC SnoopIso14443(void) (DEMOD_DMA_BUFFER_SIZE-1); if(behindBy > maxBehindBy) { maxBehindBy = behindBy; - if(behindBy > (DEMOD_DMA_BUFFER_SIZE-2)) { // TODO: understand whether we can increase/decrease as we want or not? + if(behindBy > (9*DEMOD_DMA_BUFFER_SIZE/10)) { // TODO: understand whether we can increase/decrease as we want or not? Dbprintf("blew circular buffer! behindBy=0x%x", behindBy); goto done; } @@ -1173,7 +1149,7 @@ void RAMFUNC SnoopIso14443(void) trace[traceLen++] = Demod.len; memcpy(trace+traceLen, receivedResponse, Demod.len); traceLen += Demod.len; - if(traceLen > DEMOD_TRACE_SIZE) { + if(traceLen > BigBuf_max_traceLen()) { DbpString("Reached trace limit"); goto done; } @@ -1187,7 +1163,7 @@ void RAMFUNC SnoopIso14443(void) Demod.output = receivedResponse; Demod.state = DEMOD_UNSYNCD; } - WDT_HIT(); + WDT_HIT(); if(BUTTON_PRESS()) { DbpString("cancelled"); @@ -1199,11 +1175,65 @@ done: LED_A_OFF(); LED_B_OFF(); LED_C_OFF(); - AT91C_BASE_PDC_SSC->PDC_PTCR = AT91C_PDC_RXTDIS; + AT91C_BASE_PDC_SSC->PDC_PTCR = AT91C_PDC_RXTDIS; DbpString("Snoop statistics:"); - Dbprintf(" Max behind by: %i", maxBehindBy); + Dbprintf(" Max behind by: %i", maxBehindBy); Dbprintf(" Uart State: %x", Uart.state); Dbprintf(" Uart ByteCnt: %i", Uart.byteCnt); Dbprintf(" Uart ByteCntMax: %i", Uart.byteCntMax); Dbprintf(" Trace length: %i", traceLen); } + +/* + * Send raw command to tag ISO14443B + * @Input + * datalen len of buffer data + * recv bool when true wait for data from tag and send to client + * powerfield bool leave the field on when true + * data buffer with byte to send + * + * @Output + * none + * + */ + +void SendRawCommand14443B(uint32_t datalen, uint32_t recv,uint8_t powerfield, uint8_t data[]) +{ + FpgaDownloadAndGo(FPGA_BITSTREAM_HF); + if(!powerfield) + { + // Make sure that we start from off, since the tags are stateful; + // confusing things will happen if we don't reset them between reads. + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + LED_D_OFF(); + SpinDelay(200); + } + + if(!GETBIT(GPIO_LED_D)) + { + SetAdcMuxFor(GPIO_MUXSEL_HIPKD); + FpgaSetupSsc(); + + // Now give it time to spin up. + // Signal field is on with the appropriate LED + LED_D_ON(); + FpgaWriteConfWord( + FPGA_MAJOR_MODE_HF_READER_RX_XCORR | FPGA_HF_READER_RX_XCORR_848_KHZ); + SpinDelay(200); + } + + CodeIso14443bAsReader(data, datalen); + TransmitFor14443(); + if(recv) + { + uint16_t iLen = MIN(Demod.len,USB_CMD_DATA_SIZE); + GetSamplesFor14443Demod(TRUE, 2000, TRUE); + cmd_send(CMD_ACK,iLen,0,0,Demod.output,iLen); + } + if(!powerfield) + { + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + LED_D_OFF(); + } +} +