]> cvs.zerfleddert.de Git - proxmark3-svn/commitdiff
fix lf search bugs when no tag is on antenna
authormarshmellow42 <marshmellowrf@gmail.com>
Fri, 10 Nov 2017 20:56:52 +0000 (15:56 -0500)
committermarshmellow42 <marshmellowrf@gmail.com>
Fri, 10 Nov 2017 20:57:55 +0000 (15:57 -0500)
cotag read could enter endless loop, now cancels if the next bit doesn't
appear

em4x05 detection would loop due to a threshold never being met, now has
a dump out after 1000 samples tested.

fixed some indenting in hitag2 while i was reviewing that code for
potential endless loops...

armsrc/hitag2.c
armsrc/lfops.c
armsrc/lfsampling.c
armsrc/lfsampling.h
client/cmdlf.c
client/cmdlfem4x.c
client/cmdlfhitag.c

index 7702025b130a57aeca1c62f3cf18e106b56e6c15..aec0186068ff56fb58b1c90e09807f82129f762d 100644 (file)
@@ -1217,7 +1217,7 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
        int reset_sof; 
        int tag_sof;
        int t_wait = HITAG_T_WAIT_MAX;
-       bool bStop;
+       bool bStop = false;
        bool bQuitTraceFull = false;
   
        FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
@@ -1324,7 +1324,6 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
        frame_count = 0;
        response = 0;
        lastbit = 1;
-       bStop = false;
 
        // Tag specific configuration settings (sof, timings, etc.)
        if (htf < 10){
@@ -1369,46 +1368,46 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
                // By default reset the transmission buffer
                tx = txbuf;
                switch(htf) {
-               case RHT2F_PASSWORD: {
-                       bStop = !hitag2_password(rx,rxlen,tx,&txlen);
-               } break;
-               case RHT2F_AUTHENTICATE: {
-                       bStop = !hitag2_authenticate(rx,rxlen,tx,&txlen);
-               } break;
-               case RHT2F_CRYPTO: {
-                       bStop = !hitag2_crypto(rx,rxlen,tx,&txlen, false);
-               } break;
-               case RHT2F_TEST_AUTH_ATTEMPTS: {
-                       bStop = !hitag2_test_auth_attempts(rx,rxlen,tx,&txlen);
-               } break;
-               case RHT2F_UID_ONLY: {
-                       bStop = !hitag2_read_uid(rx, rxlen, tx, &txlen);
-                       attempt_count++; //attempt 3 times to get uid then quit
-                       if (!bStop && attempt_count == 3) bStop = true;
-               } break;
-               default: {
-                       Dbprintf("Error, unknown function: %d",htf);
-                       return;
-               } break;
+                       case RHT2F_PASSWORD: {
+                               bStop = !hitag2_password(rx,rxlen,tx,&txlen);
+                       } break;
+                       case RHT2F_AUTHENTICATE: {
+                               bStop = !hitag2_authenticate(rx,rxlen,tx,&txlen);
+                       } break;
+                       case RHT2F_CRYPTO: {
+                               bStop = !hitag2_crypto(rx,rxlen,tx,&txlen, false);
+                       } break;
+                       case RHT2F_TEST_AUTH_ATTEMPTS: {
+                               bStop = !hitag2_test_auth_attempts(rx,rxlen,tx,&txlen);
+                       } break;
+                       case RHT2F_UID_ONLY: {
+                               bStop = !hitag2_read_uid(rx, rxlen, tx, &txlen);
+                               attempt_count++; //attempt 3 times to get uid then quit
+                               if (!bStop && attempt_count == 3) bStop = true;
+                       } break;
+                       default: {
+                               Dbprintf("Error, unknown function: %d",htf);
+                               return;
+                       } break;
                }
-               
+
                // Send and store the reader command
                // Disable timer 1 with external trigger to avoid triggers during our own modulation
                AT91C_BASE_TC1->TC_CCR = AT91C_TC_CLKDIS;
-                       
+
                // Wait for HITAG_T_WAIT_2 carrier periods after the last tag bit before transmitting,
                // Since the clock counts since the last falling edge, a 'one' means that the
                // falling edge occured halfway the period. with respect to this falling edge,
                // we need to wait (T_Wait2 + half_tag_period) when the last was a 'one'.
                // All timer values are in terms of T0 units
                while(AT91C_BASE_TC0->TC_CV < T0*(t_wait+(HITAG_T_TAG_HALF_PERIOD*lastbit)));
-                       
+
                //Dbprintf("DEBUG: Sending reader frame");
                
                // Transmit the reader frame
                hitag_reader_send_frame(tx,txlen);
 
-                // Enable and reset external trigger in timer for capturing future frames
+               // Enable and reset external trigger in timer for capturing future frames
                AT91C_BASE_TC1->TC_CCR = AT91C_TC_CLKEN | AT91C_TC_SWTRG;
 
                // Add transmitted frame to total count
@@ -1521,7 +1520,11 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
        FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
        //Dbprintf("frame received: %d",frame_count);
        //DbpString("All done");
-       cmd_send(CMD_ACK,bSuccessful,0,0,(byte_t*)tag.sectors,48);
+       if (bSuccessful)
+               cmd_send(CMD_ACK,bSuccessful,0,0,(byte_t*)tag.sectors,48);
+       else
+               cmd_send(CMD_ACK,bSuccessful,0,0,0,0);
+
 }
 
 void WriterHitag(hitag_function htf, hitag_data* htd, int page) {
index 641c02e876edf278f611138fd1ec7d3043729e89..4344742b66696cf173490c380401356c4af458db 100644 (file)
@@ -1159,7 +1159,7 @@ void T55xxResetRead(void) {
        TurnReadLFOn(READ_GAP);
 
        // Acquisition
-       DoPartialAcquisition(0, true, BigBuf_max_traceLen());
+       DoPartialAcquisition(0, true, BigBuf_max_traceLen(), 0);
 
        // Turn the field off
        FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); // field off
@@ -1291,7 +1291,7 @@ void T55xxReadBlock(uint16_t arg0, uint8_t Block, uint32_t Pwd) {
 
        // Acquisition
        // Now do the acquisition
-       DoPartialAcquisition(0, true, 12000);
+       DoPartialAcquisition(0, true, 12000, 0);
 
        // Turn the field off
        FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); // field off
@@ -1690,7 +1690,7 @@ void EM4xReadWord(uint8_t Address, uint32_t Pwd, uint8_t PwdMode) {
        SendForward(fwd_bit_count);
        WaitUS(400);
        // Now do the acquisition
-       DoPartialAcquisition(20, true, 6000);
+       DoPartialAcquisition(20, true, 6000, 1000);
        
        FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); // field off
        LED_A_OFF();
@@ -1723,7 +1723,7 @@ void EM4xWriteWord(uint32_t flag, uint32_t Data, uint32_t Pwd) {
 
        WaitUS(6500);
        //Capture response if one exists
-       DoPartialAcquisition(20, true, 6000);
+       DoPartialAcquisition(20, true, 6000, 1000);
 
        FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); // field off
        LED_A_OFF();
index 5d1f9248284fa77b04de411de76fbaaadc113659..643b31681f06e68100a8df3070a30d8997c99bb4 100644 (file)
@@ -119,7 +119,7 @@ void LFSetupFPGAForADC(int divisor, bool lf_field)
  * @param silent - is true, now outputs are made. If false, dbprints the status
  * @return the number of bits occupied by the samples.
  */
-uint32_t DoAcquisition(uint8_t decimation, uint32_t bits_per_sample, bool averaging, int trigger_threshold, bool silent, int bufsize)
+uint32_t DoAcquisition(uint8_t decimation, uint32_t bits_per_sample, bool averaging, int trigger_threshold, bool silent, int bufsize, int cancel_after)
 {
        //.
        uint8_t *dest = BigBuf_get_addr();
@@ -140,6 +140,7 @@ uint32_t DoAcquisition(uint8_t decimation, uint32_t bits_per_sample, bool averag
        uint32_t sample_sum =0 ;
        uint32_t sample_total_numbers =0 ;
        uint32_t sample_total_saved =0 ;
+       uint32_t cancel_counter = 0;
 
        while(!BUTTON_PRESS() && !usb_poll_validate_length() ) {
                WDT_HIT();
@@ -151,9 +152,11 @@ uint32_t DoAcquisition(uint8_t decimation, uint32_t bits_per_sample, bool averag
                        sample = (uint8_t)AT91C_BASE_SSC->SSC_RHR;
                        LED_D_OFF();
                        // threshold either high or low values 128 = center 0.  if trigger = 178 
-                       if ((trigger_threshold > 0) && (sample < (trigger_threshold+128)) && (sample > (128-trigger_threshold))) // 
+                       if ((trigger_threshold > 0) && (sample < (trigger_threshold+128)) && (sample > (128-trigger_threshold))) { // 
+                               if (cancel_after > 0) cancel_counter++;
+                               if (cancel_after == cancel_counter) break;
                                continue;
-               
+                       }
                        trigger_threshold = 0;
                        sample_total_numbers++;
 
@@ -213,7 +216,7 @@ uint32_t DoAcquisition(uint8_t decimation, uint32_t bits_per_sample, bool averag
  */
 uint32_t DoAcquisition_default(int trigger_threshold, bool silent)
 {
-       return DoAcquisition(1,8,0,trigger_threshold,silent,0);
+       return DoAcquisition(1,8,0,trigger_threshold,silent,0,0);
 }
 uint32_t DoAcquisition_config(bool silent, int sample_size)
 {
@@ -222,11 +225,12 @@ uint32_t DoAcquisition_config(bool silent, int sample_size)
                                  ,config.averaging
                                  ,config.trigger_threshold
                                  ,silent
-                                 ,sample_size);
+                                 ,sample_size
+                                 ,0);
 }
 
-uint32_t DoPartialAcquisition(int trigger_threshold, bool silent, int sample_size) {
-       return DoAcquisition(1,8,0,trigger_threshold,silent,sample_size);
+uint32_t DoPartialAcquisition(int trigger_threshold, bool silent, int sample_size, int cancel_after) {
+       return DoAcquisition(1,8,0,trigger_threshold,silent,sample_size,cancel_after);
 }
 
 uint32_t ReadLF(bool activeField, bool silent, int sample_size)
@@ -329,8 +333,8 @@ uint32_t doCotagAcquisitionManchester() {
        uint8_t sample = 0, firsthigh = 0, firstlow = 0; 
        uint16_t sample_counter = 0, period = 0;
        uint8_t curr = 0, prev = 0;
-
-       while (!BUTTON_PRESS() && !usb_poll_validate_length() && (sample_counter < bufsize) ) {
+       uint16_t noise_counter = 0;
+       while (!BUTTON_PRESS() && !usb_poll_validate_length() && (sample_counter < bufsize) && (noiseCounter < (COTAG_T1<<1)) ) {
                WDT_HIT();
                if (AT91C_BASE_SSC->SSC_SR & AT91C_SSC_TXRDY) {
                        AT91C_BASE_SSC->SSC_THR = 0x43;
@@ -343,14 +347,20 @@ uint32_t doCotagAcquisitionManchester() {
 
                        // find first peak
                        if ( !firsthigh ) {
-                               if (sample < COTAG_ONE_THRESHOLD) 
+                               if (sample < COTAG_ONE_THRESHOLD) {
+                                       noise_counter++;
                                        continue;
+                               }
+                               noise_counter = 0;
                                firsthigh = 1;
                        }
 
                        if ( !firstlow ){
-                               if (sample > COTAG_ZERO_THRESHOLD )
+                               if (sample > COTAG_ZERO_THRESHOLD ) {
+                                       noise_counter++;
                                        continue;
+                               }
+                               noise_counter=0;
                                firstlow = 1;
                        }
 
index 0531e0c931a2ba31c94b84b77e823ca1d8238944..ea044f3ca55dbd3841fb134acd9ec24235fafc72 100644 (file)
@@ -21,7 +21,7 @@ uint32_t SampleLF(bool silent, int sample_size);
 uint32_t SnoopLF();
 
 // adds sample size to default options
-uint32_t DoPartialAcquisition(int trigger_threshold, bool silent, int sample_size);
+uint32_t DoPartialAcquisition(int trigger_threshold, bool silent, int sample_size, int cancel_after);
 
 /**
  * @brief Does sample acquisition, ignoring the config values set in the sample_config.
index eb664a111391f9b03c13106e83aadc371b78fcad..cdfbee2d952741d48866cae7aa73db94001ee919 100644 (file)
@@ -945,7 +945,7 @@ int CmdLFfind(const char *Cmd)
                                PrintAndLog("\nValid EM4x05/EM4x69 Chip Found\nUse lf em 4x05readword/dump commands to read\n");
                                return 1;
                        }
-                       ans=CmdLFHitagReader("26");
+                       ans=CmdLFHitagReader("26"); // 26 = RHT2F_UID_ONLY
                        if (ans==0) {
                                return 1;
                        }
index f5dfee35556134133479f0bb49328db686a983de..e6a257640a5958252f8101ef9eb84a8c0450c040 100644 (file)
@@ -950,7 +950,6 @@ int EM4x05ReadWord_ext(uint8_t addr, uint32_t pwd, bool usePwd, uint32_t *wordDa
        }
        int testLen = (GraphTraceLen < 1000) ? GraphTraceLen : 1000;
        if (graphJustNoise(GraphBuffer, testLen)) {
-               PrintAndLog("no tag not found");
                return -1;
        }
        //attempt demod:
index 103f2b778babba3896a2cec3a28dc8d1cab61aa7..73c02a1409a41b0526b9fbef9bc02bfe35c8fb1e 100644 (file)
@@ -239,6 +239,7 @@ int CmdLFHitagReader(const char *Cmd) {
        c.arg[0] = htf;
 
        // Send the command to the proxmark
+       clearCommandBuffer();
        SendCommand(&c);
 
        UsbCommand resp;
Impressum, Datenschutz