@echo + all - Make bootrom, armsrc and the OS-specific host directory
@echo + client - Make only the OS-specific host directory
@echo + flash-bootrom - Make bootrom and flash it
- @echo + flash-os - Make armsrc and flash os (includes fpga)
+ @echo + flash-os - Make armsrc and flash os \(includes fpga\)
@echo + flash-all - Make bootrom and armsrc and flash bootrom and os image
@echo + clean - Clean in bootrom, armsrc and the OS-specific host directory
// Craig Young - 14a stand-alone code
#ifdef WITH_ISO14443a_StandAlone
#include "iso14443a.h"
+ #include "protocols.h"
#endif
#define abs(x) ( ((x)<0) ? -(x) : (x) )
uint32_t uid_tmp2 = 0;
iso14a_card_select_t hi14a_card[OPTS];
+ uint8_t params = (MAGIC_SINGLE | MAGIC_DATAIN);
+
LED(selected + 1, 0);
for (;;)
else if (iGotoClone==1)
{
iGotoClone=0;
- LEDsoff();
- LED(selected + 1, 0);
- LED(LED_ORANGE, 250);
+ LEDsoff();
+ LED(selected + 1, 0);
+ LED(LED_ORANGE, 250);
+ // record
+ Dbprintf("Preparing to Clone card [Bank: %x]; uid: %08x", selected, uid_1st[selected]);
- // record
- Dbprintf("Preparing to Clone card [Bank: %x]; uid: %08x", selected, uid_1st[selected]);
+ // wait for button to be released
+ // Delay cloning until card is in place
+ while(BUTTON_PRESS())
+ WDT_HIT();
- // wait for button to be released
- while(BUTTON_PRESS())
- {
- // Delay cloning until card is in place
- WDT_HIT();
- }
- Dbprintf("Starting clone. [Bank: %u]", selected);
- // need this delay to prevent catching some weird data
- SpinDelay(500);
- // Begin clone function here:
- /* Example from client/mifarehost.c for commanding a block write for "magic Chinese" cards:
- UsbCommand c = {CMD_MIFARE_CSETBLOCK, {wantWipe, params & (0xFE | (uid == NULL ? 0:1)), blockNo}};
- memcpy(c.d.asBytes, data, 16);
- SendCommand(&c);
-
- Block read is similar:
- UsbCommand c = {CMD_MIFARE_CGETBLOCK, {params, 0, blockNo}};
- We need to imitate that call with blockNo 0 to set a uid.
-
- The get and set commands are handled in this file:
- // Work with "magic Chinese" card
- case CMD_MIFARE_CSETBLOCK:
- MifareCSetBlock(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes);
- break;
- case CMD_MIFARE_CGETBLOCK:
- MifareCGetBlock(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes);
- break;
-
- mfCSetUID provides example logic for UID set workflow:
- -Read block0 from card in field with MifareCGetBlock()
- -Configure new values without replacing reserved bytes
- memcpy(block0, uid, 4); // Copy UID bytes from byte array
- // Mifare UID BCC
- block0[4] = block0[0]^block0[1]^block0[2]^block0[3]; // BCC on byte 5
- Bytes 5-7 are reserved SAK and ATQA for mifare classic
- -Use mfCSetBlock(0, block0, oldUID, wantWipe, CSETBLOCK_SINGLE_OPER) to write it
- */
- uint8_t oldBlock0[16] = {0}, newBlock0[16] = {0}, testBlock0[16] = {0};
- // arg0 = Flags == CSETBLOCK_SINGLE_OPER=0x1F, arg1=returnSlot, arg2=blockNo
- MifareCGetBlock(0x3F, 1, 0, oldBlock0);
+ Dbprintf("Starting clone. [Bank: %u]", selected);
+ // need this delay to prevent catching some weird data
+ SpinDelay(500);
+ // Begin clone function here:
+ /* Example from client/mifarehost.c for commanding a block write for "magic Chinese" cards:
+ UsbCommand c = {CMD_MIFARE_CSETBLOCK, {params & (0xFE | (uid == NULL ? 0:1)), blockNo, 0}};
+ memcpy(c.d.asBytes, data, 16);
+ SendCommand(&c);
+
+ Block read is similar:
+ UsbCommand c = {CMD_MIFARE_CGETBLOCK, {params, blockNo, 0}};
+ We need to imitate that call with blockNo 0 to set a uid.
+
+ The get and set commands are handled in this file:
+ // Work with "magic Chinese" card
+ case CMD_MIFARE_CSETBLOCK:
+ MifareCSetBlock(c->arg[0], c->arg[1], c->d.asBytes);
+ break;
+ case CMD_MIFARE_CGETBLOCK:
+ MifareCGetBlock(c->arg[0], c->arg[1], c->d.asBytes);
+ break;
+
+ mfCSetUID provides example logic for UID set workflow:
+ -Read block0 from card in field with MifareCGetBlock()
+ -Configure new values without replacing reserved bytes
+ memcpy(block0, uid, 4); // Copy UID bytes from byte array
+ // Mifare UID BCC
+ block0[4] = block0[0]^block0[1]^block0[2]^block0[3]; // BCC on byte 5
+ Bytes 5-7 are reserved SAK and ATQA for mifare classic
+ -Use mfCSetBlock(0, block0, oldUID, wantWipe, MAGIC_SINGLE) to write it
+ */
+ uint8_t oldBlock0[16] = {0}, newBlock0[16] = {0}, testBlock0[16] = {0};
+ // arg0 = Flags, arg1=blockNo
+ MifareCGetBlock(params, 0, oldBlock0);
if (oldBlock0[0] == 0 && oldBlock0[0] == oldBlock0[1] && oldBlock0[1] == oldBlock0[2] && oldBlock0[2] == oldBlock0[3]) {
Dbprintf("No changeable tag detected. Returning to replay mode for bank[%d]", selected);
playing = 1;
}
else {
- Dbprintf("UID from target tag: %02X%02X%02X%02X", oldBlock0[0],oldBlock0[1],oldBlock0[2],oldBlock0[3]);
- memcpy(newBlock0,oldBlock0,16);
- // Copy uid_1st for bank (2nd is for longer UIDs not supported if classic)
-
- newBlock0[0] = uid_1st[selected]>>24;
- newBlock0[1] = 0xFF & (uid_1st[selected]>>16);
- newBlock0[2] = 0xFF & (uid_1st[selected]>>8);
- newBlock0[3] = 0xFF & (uid_1st[selected]);
- newBlock0[4] = newBlock0[0]^newBlock0[1]^newBlock0[2]^newBlock0[3];
- // arg0 = needWipe, arg1 = workFlags, arg2 = blockNo, datain
- MifareCSetBlock(0, 0xFF,0, newBlock0);
- MifareCGetBlock(0x3F, 1, 0, testBlock0);
- if (memcmp(testBlock0,newBlock0,16)==0)
- {
- DbpString("Cloned successfull!");
- cardRead[selected] = 0; // Only if the card was cloned successfully should we clear it
+ Dbprintf("UID from target tag: %02X%02X%02X%02X", oldBlock0[0],oldBlock0[1],oldBlock0[2],oldBlock0[3]);
+ memcpy(newBlock0,oldBlock0,16);
+ // Copy uid_1st for bank (2nd is for longer UIDs not supported if classic)
+
+ newBlock0[0] = uid_1st[selected]>>24;
+ newBlock0[1] = 0xFF & (uid_1st[selected]>>16);
+ newBlock0[2] = 0xFF & (uid_1st[selected]>>8);
+ newBlock0[3] = 0xFF & (uid_1st[selected]);
+ newBlock0[4] = newBlock0[0]^newBlock0[1]^newBlock0[2]^newBlock0[3];
+
+ // arg0 = workFlags, arg1 = blockNo, datain
+ MifareCSetBlock(params, 0, newBlock0);
+ MifareCGetBlock(params, 0, testBlock0);
+
+ if (memcmp(testBlock0, newBlock0, 16)==0) {
+ DbpString("Cloned successfull!");
+ cardRead[selected] = 0; // Only if the card was cloned successfully should we clear it
playing = 0;
iGotoRecord = 1;
- selected = (selected + 1) % OPTS;
- }
- else {
+ selected = (selected + 1) % OPTS;
+ } else {
Dbprintf("Clone failed. Back to replay mode on bank[%d]", selected);
playing = 1;
}
}
LEDsoff();
LED(selected + 1, 0);
-
}
// Change where to record (or begin playing)
else if (playing==1) // button_pressed == BUTTON_SINGLE_CLICK && cardRead[selected])
// Work with "magic Chinese" card
case CMD_MIFARE_CSETBLOCK:
- MifareCSetBlock(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes);
+ MifareCSetBlock(c->arg[0], c->arg[1], c->d.asBytes);
break;
case CMD_MIFARE_CGETBLOCK:
- MifareCGetBlock(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes);
+ MifareCGetBlock(c->arg[0], c->arg[1], c->d.asBytes);
break;
case CMD_MIFARE_CIDENT:
MifareCIdent();
break;
case CMD_MIFARE_COLLECT_NONCES:
- MifareCollectNonces(c->arg[0], c->arg[1]);
break;
#endif
void MifareEMemSet(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain);
void MifareEMemGet(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain);
void MifareECardLoad(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain);
-void MifareCSetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain); // Work with "magic Chinese" card
-void MifareCGetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain);
+void MifareCSetBlock(uint32_t arg0, uint32_t arg1, uint8_t *datain); // Work with "magic Chinese" card
+void MifareCGetBlock(uint32_t arg0, uint32_t arg1, uint8_t *datain);
void MifareCIdent(); // is "magic chinese" card?
void MifareUSetPwd(uint8_t arg0, uint8_t *datain);
-
+void OnSuccessMagic();
+void OnErrorMagic(uint8_t reason);
void MifareCollectNonces(uint32_t arg0, uint32_t arg1);
//desfire
#include "apps.h"\r
#include "util.h"\r
#include "crc.h"\r
+#include "protocols.h"\r
\r
//-----------------------------------------------------------------------------\r
// Select, Authenticate, Read a MIFARE tag. \r
//-----------------------------------------------------------------------------\r
// Work with "magic Chinese" card (email him: ouyangweidaxian@live.cn)\r
// \r
+// PARAMS - workFlags\r
+// bit 0 - need get UID\r
+// bit 1 - need wupC\r
+// bit 2 - need HALT after sequence\r
+// bit 3 - need turn on FPGA before sequence\r
+// bit 4 - need turn off FPGA\r
+// bit 5 - need to set datain instead of issuing USB reply (called via ARM for StandAloneMode14a)\r
+// bit 6 - wipe tag.\r
//-----------------------------------------------------------------------------\r
-void MifareCSetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain){\r
+// magic uid card generation 1 commands\r
+uint8_t wupC1[] = { MIFARE_MAGICWUPC1 }; \r
+uint8_t wupC2[] = { MIFARE_MAGICWUPC2 }; \r
+uint8_t wipeC[] = { MIFARE_MAGICWIPEC }; \r
+ \r
+void MifareCSetBlock(uint32_t arg0, uint32_t arg1, uint8_t *datain){\r
\r
- // params\r
- uint8_t needWipe = arg0;\r
- // bit 0 - need get UID\r
- // bit 1 - need wupC\r
- // bit 2 - need HALT after sequence\r
- // bit 3 - need init FPGA and field before sequence\r
- // bit 4 - need reset FPGA and LED\r
- uint8_t workFlags = arg1;\r
- uint8_t blockNo = arg2;\r
+ // params\r
+ uint8_t workFlags = arg0;\r
+ uint8_t blockNo = arg1;\r
\r
- // card commands\r
- uint8_t wupC1[] = { 0x40 }; \r
- uint8_t wupC2[] = { 0x43 }; \r
- uint8_t wipeC[] = { 0x41 }; \r
+ Dbprintf("ICE :: CSetBlocks Flags %02x", workFlags);\r
\r
// variables\r
- byte_t isOK = 0;\r
uint8_t uid[10] = {0x00};\r
- uint8_t d_block[18] = {0x00};\r
+ uint8_t data[18] = {0x00};\r
uint32_t cuid;\r
\r
uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE];\r
uint8_t receivedAnswerPar[MAX_MIFARE_PARITY_SIZE];\r
\r
- // reset FPGA and LED\r
- if (workFlags & 0x08) {\r
+ if (workFlags & MAGIC_INIT) {\r
LED_A_ON();\r
LED_B_OFF();\r
- LED_C_OFF();\r
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
- \r
clear_trace();\r
set_tracing(TRUE);\r
}\r
\r
- while (true) {\r
-\r
- // get UID from chip\r
- if (workFlags & 0x01) {\r
- if(!iso14443a_select_card(uid, NULL, &cuid)) {\r
- if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");\r
- //break;\r
- };\r
-\r
- if(mifare_classic_halt(NULL, cuid)) {\r
- if (MF_DBGLEVEL >= 1) Dbprintf("Halt error");\r
- //break;\r
- };\r
+ // read UID and return to client\r
+ if (workFlags & MAGIC_UID) {\r
+ if(!iso14443a_select_card(uid, NULL, &cuid)) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card");\r
+ OnErrorMagic(MAGIC_UID);\r
};\r
+ };\r
\r
- // reset chip\r
- if (needWipe){\r
- ReaderTransmitBitsPar(wupC1,7,0, NULL);\r
- if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
- if (MF_DBGLEVEL >= 1) Dbprintf("wupC1 error");\r
- break;\r
- };\r
-\r
- ReaderTransmit(wipeC, sizeof(wipeC), NULL);\r
- if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
- if (MF_DBGLEVEL >= 1) Dbprintf("wipeC error");\r
- break;\r
- };\r
-\r
- if(mifare_classic_halt(NULL, cuid)) {\r
- if (MF_DBGLEVEL >= 4) Dbprintf("INFO - Tag answered the 'Halt' command");\r
- break;\r
- };\r
- }; \r
+ // wipe tag, fill it with zeros\r
+ if (workFlags & MAGIC_WIPE){\r
+ ReaderTransmitBitsPar(wupC1,7,0, NULL);\r
+ if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("wupC1 error");\r
+ OnErrorMagic(MAGIC_WIPE);\r
+ };\r
\r
- // write block\r
- if (workFlags & 0x02) {\r
- ReaderTransmitBitsPar(wupC1,7,0, NULL);\r
- if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
- if (MF_DBGLEVEL >= 1) Dbprintf("wupC1 error");\r
- break;\r
- };\r
+ ReaderTransmit(wipeC, sizeof(wipeC), NULL);\r
+ if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("wipeC error");\r
+ OnErrorMagic(MAGIC_WIPE);\r
+ };\r
+ }; \r
\r
- ReaderTransmit(wupC2, sizeof(wupC2), NULL);\r
- if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
- if (MF_DBGLEVEL >= 1) Dbprintf("wupC2 error");\r
- break;\r
- };\r
- }\r
+ // write block\r
+ if (workFlags & MAGIC_WUPC) {\r
+ ReaderTransmitBitsPar(wupC1,7,0, NULL);\r
+ if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("wupC1 error");\r
+ OnErrorMagic(MAGIC_WUPC);\r
+ };\r
\r
- if ((mifare_sendcmd_short(NULL, 0, 0xA0, blockNo, receivedAnswer, receivedAnswerPar, NULL) != 1) || (receivedAnswer[0] != 0x0a)) {\r
- if (MF_DBGLEVEL >= 1) Dbprintf("write block send command error");\r
- break;\r
+ ReaderTransmit(wupC2, sizeof(wupC2), NULL);\r
+ if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("wupC2 error");\r
+ OnErrorMagic(MAGIC_WUPC);\r
};\r
+ }\r
+\r
+ if ((mifare_sendcmd_short(NULL, 0, ISO14443A_CMD_WRITEBLOCK, blockNo, receivedAnswer, receivedAnswerPar, NULL) != 1) || (receivedAnswer[0] != 0x0a)) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("write block send command error");\r
+ OnErrorMagic(4);\r
+ };\r
\r
- memcpy(d_block, datain, 16);\r
- AppendCrc14443a(d_block, 16);\r
+ memcpy(data, datain, sizeof(data));\r
+ AppendCrc14443a(data, sizeof(data));\r
\r
- ReaderTransmit(d_block, sizeof(d_block), NULL);\r
- if ((ReaderReceive(receivedAnswer, receivedAnswerPar) != 1) || (receivedAnswer[0] != 0x0a)) {\r
- if (MF_DBGLEVEL >= 1) Dbprintf("write block send data error");\r
- break;\r
- }; \r
+ ReaderTransmit(data, sizeof(data), NULL);\r
+ if ((ReaderReceive(receivedAnswer, receivedAnswerPar) != 1) || (receivedAnswer[0] != 0x0a)) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("write block send data error");\r
+ OnErrorMagic(0);\r
+ }; \r
\r
- if (workFlags & 0x04) {\r
- if (mifare_classic_halt(NULL, cuid)) {\r
- if (MF_DBGLEVEL >= 4) Dbprintf("INFO - Tag answered the 'Halt' command");\r
- break;\r
- };\r
- }\r
- \r
- isOK = 1;\r
- break;\r
- }\r
+ if (workFlags & MAGIC_OFF) \r
+ mifare_classic_halt_ex(NULL);\r
\r
LED_B_ON();\r
- cmd_send(CMD_ACK,isOK,0,0,uid,4);\r
+ // check if uid is cuid?\r
+ cmd_send(CMD_ACK,1,0,0,uid,sizeof(uid));\r
LED_B_OFF();\r
\r
- if ((workFlags & 0x10) || (!isOK)) {\r
- FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
- LEDsoff();\r
- set_tracing(FALSE);\r
- }\r
+ if (workFlags & MAGIC_OFF)\r
+ OnSuccessMagic();\r
}\r
\r
-\r
-void MifareCGetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain){\r
- \r
- // params\r
- // bit 1 - need wupC\r
- // bit 2 - need HALT after sequence\r
- // bit 3 - need init FPGA and field before sequence\r
- // bit 4 - need reset FPGA and LED\r
- // bit 5 - need to set datain instead of issuing USB reply (called via ARM for StandAloneMode14a)\r
+void MifareCGetBlock(uint32_t arg0, uint32_t arg1, uint8_t *datain){\r
+ \r
uint8_t workFlags = arg0;\r
- uint8_t blockNo = arg2;\r
- \r
- // card commands\r
- uint8_t wupC1[] = { 0x40 }; \r
- uint8_t wupC2[] = { 0x43 }; \r
+ uint8_t blockNo = arg1;\r
+\r
+ Dbprintf("ICE :: CGetBlocks Flags %02x", workFlags);\r
\r
// variables\r
- byte_t isOK = 0;\r
- uint8_t data[18] = {0x00};\r
- uint32_t cuid = 0;\r
- \r
+ uint8_t data[MAX_MIFARE_FRAME_SIZE];\r
uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE];\r
uint8_t receivedAnswerPar[MAX_MIFARE_PARITY_SIZE];\r
\r
- if (workFlags & 0x08) {\r
+ memset(data, 0x00, sizeof(data));\r
+ \r
+ if (workFlags & MAGIC_INIT) {\r
LED_A_ON();\r
LED_B_OFF();\r
- LED_C_OFF();\r
- iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
- \r
+ iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN); \r
clear_trace();\r
set_tracing(TRUE);\r
}\r
\r
- while (true) {\r
- if (workFlags & 0x02) {\r
- ReaderTransmitBitsPar(wupC1,7,0, NULL);\r
- if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
- if (MF_DBGLEVEL >= 1) Dbprintf("wupC1 error");\r
- break;\r
- };\r
-\r
- ReaderTransmit(wupC2, sizeof(wupC2), NULL);\r
- if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
- if (MF_DBGLEVEL >= 1) Dbprintf("wupC2 error");\r
- break;\r
- };\r
- }\r
+ if (workFlags & MAGIC_WUPC) {\r
+ ReaderTransmitBitsPar(wupC1,7,0, NULL);\r
+ if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("wupC1 error");\r
+ OnErrorMagic(MAGIC_WUPC);\r
+ };\r
\r
- // read block\r
- if ((mifare_sendcmd_short(NULL, 0, 0x30, blockNo, receivedAnswer, receivedAnswerPar, NULL) != 18)) {\r
- if (MF_DBGLEVEL >= 1) Dbprintf("read block send command error");\r
- break;\r
+ ReaderTransmit(wupC2, sizeof(wupC2), NULL);\r
+ if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("wupC2 error");\r
+ OnErrorMagic(MAGIC_WUPC);\r
};\r
- memcpy(data, receivedAnswer, 18);\r
- \r
- if (workFlags & 0x04) {\r
- if (mifare_classic_halt(NULL, cuid)) {\r
- if (MF_DBGLEVEL >= 4) Dbprintf("INFO - Tag answered the 'Halt' command");\r
- break;\r
- };\r
- }\r
- \r
- isOK = 1;\r
- break;\r
}\r
+\r
+ // read block \r
+ if ((mifare_sendcmd_short(NULL, 0, ISO14443A_CMD_READBLOCK, blockNo, receivedAnswer, receivedAnswerPar, NULL) != 18)) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("read block send command error");\r
+ OnErrorMagic(0);\r
+ };\r
+ \r
+ memcpy(data, receivedAnswer, sizeof(data));\r
+ \r
+ // send HALT\r
+ if (workFlags & MAGIC_HALT) \r
+ mifare_classic_halt_ex(NULL);\r
\r
LED_B_ON();\r
- if (workFlags & 0x20) {\r
- if (isOK)\r
- memcpy(datain, data, 18);\r
- }\r
+ \r
+ // if MAGIC_DATAIN, the data stays on device side.\r
+ if (workFlags & MAGIC_DATAIN)\r
+ memcpy(datain, data, sizeof(data));\r
else\r
- cmd_send(CMD_ACK,isOK,0,0,data,18);\r
+ cmd_send(CMD_ACK,1,0,0,data,sizeof(data));\r
+ \r
LED_B_OFF();\r
\r
- if ((workFlags & 0x10) || (!isOK)) {\r
- FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
- LEDsoff();\r
- set_tracing(FALSE);\r
- }\r
+ if (workFlags & MAGIC_OFF)\r
+ OnSuccessMagic();\r
}\r
\r
void MifareCIdent(){\r
- \r
- // card commands\r
- uint8_t wupC1[] = { 0x40 }; \r
- uint8_t wupC2[] = { 0x43 }; \r
\r
// variables\r
- byte_t isOK = 1;\r
- \r
- uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE];\r
- uint8_t receivedAnswerPar[MAX_MIFARE_PARITY_SIZE];\r
+ byte_t isOK = 1; \r
+ uint8_t receivedAnswer[1];\r
+ uint8_t receivedAnswerPar[1];\r
\r
ReaderTransmitBitsPar(wupC1,7,0, NULL);\r
if(!ReaderReceive(receivedAnswer, receivedAnswerPar) || (receivedAnswer[0] != 0x0a)) {\r
\r
// removed the if, since some magic tags misbehavies and send an answer to it.\r
mifare_classic_halt(NULL, 0);\r
-\r
cmd_send(CMD_ACK,isOK,0,0,0,0);\r
}\r
\r
-void MifareCollectNonces(uint32_t arg0, uint32_t arg1){\r
-\r
- BigBuf_free();\r
-\r
- uint32_t iterations = arg0;\r
- uint8_t uid[10] = {0x00};\r
-\r
- uint8_t *response = BigBuf_malloc(MAX_MIFARE_FRAME_SIZE);\r
- uint8_t *responsePar = BigBuf_malloc(MAX_MIFARE_PARITY_SIZE);\r
-\r
- uint8_t mf_auth[] = { 0x60,0x00,0xf5,0x7b };\r
- \r
- // get memory from BigBuf.\r
- uint8_t *nonces = BigBuf_malloc(iterations * 4);\r
-\r
- LED_A_ON();\r
- LED_B_OFF();\r
- LED_C_OFF();\r
- \r
- iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
- clear_trace();\r
- set_tracing(TRUE);\r
- \r
- for (int i = 0; i < iterations; i++) {\r
- \r
- WDT_HIT();\r
-\r
- // Test if the action was cancelled\r
- if(BUTTON_PRESS()) break;\r
- \r
- // if(mifare_classic_halt(pcs, cuid)) {\r
- // if (MF_DBGLEVEL >= 1) Dbprintf("Halt error");\r
- //}\r
-\r
- if(!iso14443a_select_card(uid, NULL, NULL)) {\r
- if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");\r
- continue;\r
- };\r
-\r
- // Transmit MIFARE_CLASSIC_AUTH.\r
- ReaderTransmit(mf_auth, sizeof(mf_auth), NULL);\r
-\r
- // Receive the (4 Byte) "random" nonce\r
- if (!ReaderReceive(response, responsePar)) {\r
- if (MF_DBGLEVEL >= 1) Dbprintf("Couldn't receive tag nonce");\r
- continue;\r
- } \r
- \r
- nonces[i*4] = bytes_to_num(response, 4);\r
- }\r
- \r
- int packLen = iterations * 4;\r
- int packSize = 0;\r
- int packNum = 0;\r
- while (packLen > 0) {\r
- packSize = MIN(USB_CMD_DATA_SIZE, packLen);\r
- LED_B_ON();\r
- cmd_send(CMD_ACK, 77, 0, packSize, nonces - packLen, packSize);\r
- LED_B_OFF();\r
-\r
- packLen -= packSize;\r
- packNum++;\r
- }\r
+void OnSuccessMagic(){\r
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
LEDsoff();\r
- set_tracing(FALSE);\r
+ set_tracing(FALSE); \r
+}\r
+void OnErrorMagic(uint8_t reason){\r
+ // ACK, ISOK, reason,0,0,0\r
+ cmd_send(CMD_ACK,0,reason,0,0,0);\r
+ OnSuccessMagic();\r
+}\r
+\r
+void MifareCollectNonces(uint32_t arg0, uint32_t arg1){\r
}\r
\r
//\r
}
void OnError(uint8_t reason){
- pcb_blocknum = 0;
- ReaderTransmit(deselect_cmd, 3 , NULL);
-
- FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
cmd_send(CMD_ACK,0,reason,0,0,0);
- LEDsoff();
- set_tracing(FALSE);
+ OnSuccess();
}
}\r
return 0;\r
}\r
-\r
-int mifare_classic_halt(struct Crypto1State *pcs, uint32_t uid) \r
-{\r
+int mifare_classic_halt_ex(struct Crypto1State *pcs) {\r
uint16_t len; \r
- uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE];\r
- uint8_t receivedAnswerPar[MAX_MIFARE_PARITY_SIZE];\r
+ uint8_t receivedAnswer[4];\r
+ uint8_t receivedAnswerPar[4];\r
\r
len = mifare_sendcmd_short(pcs, pcs == NULL ? false:true, 0x50, 0x00, receivedAnswer, receivedAnswerPar, NULL);\r
if (len != 0) {\r
- if (MF_DBGLEVEL >= MF_DBG_ERROR)\r
- Dbprintf("halt error. response len: %x", len); \r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("halt error. response len: %x", len); \r
return 1;\r
}\r
-\r
return 0;\r
}\r
+int mifare_classic_halt(struct Crypto1State *pcs, uint32_t uid) {\r
+ return mifare_classic_halt_ex(pcs);\r
+}\r
\r
int mifare_ultra_halt()\r
{\r
int mifare_classic_authex(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo, uint8_t keyType, uint64_t ui64Key, uint8_t isNested, uint32_t * ntptr, uint32_t *timing);
int mifare_classic_readblock(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo, uint8_t *blockData);\r
int mifare_classic_halt(struct Crypto1State *pcs, uint32_t uid); \r
+int mifare_classic_halt_ex(struct Crypto1State *pcs);\r
int mifare_classic_writeblock(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo, uint8_t *blockData);\r
\r
// Ultralight/NTAG...\r
int CmdHF14AReader(const char *Cmd)
{
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_DISCONNECT, 0, 0}};
+ clearCommandBuffer();
SendCommand(&c);
-
UsbCommand resp;
WaitForResponse(CMD_ACK,&resp);
c.arg[1] = 0;
c.arg[2] = 0;
+ clearCommandBuffer();
SendCommand(&c);
UsbCommand resp;
c.arg[1] = 2;
c.arg[2] = 0;
memcpy(c.d.asBytes, rats, 2);
+ clearCommandBuffer();
SendCommand(&c);
WaitForResponse(CMD_ACK,&resp);
PrintAndLog(" x0 -> <1 kByte");
break;
case 0x01:
- PrintAndLog(" x0 -> 1 kByte");
+ PrintAndLog(" x1 -> 1 kByte");
break;
case 0x02:
- PrintAndLog(" x0 -> 2 kByte");
+ PrintAndLog(" x2 -> 2 kByte");
break;
case 0x03:
- PrintAndLog(" x0 -> 4 kByte");
+ PrintAndLog(" x3 -> 4 kByte");
break;
case 0x04:
- PrintAndLog(" x0 -> 8 kByte");
+ PrintAndLog(" x4 -> 8 kByte");
break;
}
switch (card.ats[pos + 3] & 0xf0) {
// try to see if card responses to "chinese magic backdoor" commands.
+ uint8_t isOK = 0;
+ clearCommandBuffer();
c.cmd = CMD_MIFARE_CIDENT;
c.arg[0] = 0;
c.arg[1] = 0;
c.arg[2] = 0;
SendCommand(&c);
- WaitForResponse(CMD_ACK,&resp);
- uint8_t isOK = resp.arg[0] & 0xff;
- PrintAndLog("Answers to chinese magic backdoor commands: %s", (isOK ? "YES" : "NO") );
+ if (WaitForResponseTimeout(CMD_ACK, &resp, 1500))
+ isOK = resp.arg[0] & 0xff;
+
+ PrintAndLog("Answers to magic commands (GEN1): %s", (isOK ? "YES" : "NO") );
// disconnect
c.cmd = CMD_READER_ISO_14443a;
{\r
uint8_t memBlock[16] = {0x00};\r
uint8_t blockNo = 0;\r
- bool wipeCard = FALSE;\r
+ uint8_t params = MAGIC_SINGLE;\r
int res;\r
\r
if (strlen(Cmd) < 1 || param_getchar(Cmd, 0) == 'h') {\r
}\r
\r
char ctmp = param_getchar(Cmd, 2);\r
- wipeCard = (ctmp == 'w' || ctmp == 'W');\r
+ if (ctmp == 'w' || ctmp == 'W')\r
+ params |= MAGIC_WIPE;\r
+ \r
PrintAndLog("--block number:%2d data:%s", blockNo, sprint_hex(memBlock, 16));\r
\r
- res = mfCSetBlock(blockNo, memBlock, NULL, wipeCard, CSETBLOCK_SINGLE_OPER);\r
+ res = mfCSetBlock(blockNo, memBlock, NULL, params);\r
if (res) {\r
PrintAndLog("Can't write block. error=%d", res);\r
return 1;\r
int CmdHF14AMfCLoad(const char *Cmd)\r
{\r
FILE * f;\r
- char filename[FILE_PATH_SIZE] = {0x00};\r
+ char filename[FILE_PATH_SIZE];\r
char * fnameptr = filename;\r
char buf[64] = {0x00};\r
uint8_t buf8[64] = {0x00};\r
uint8_t fillFromEmulator = 0;\r
int i, len, blockNum, flags=0;\r
\r
+ memset(filename, 0, sizeof(filename));\r
+ \r
char ctmp = param_getchar(Cmd, 0);\r
\r
if (ctmp == 'h' || ctmp == 'H' || ctmp == 0x00) {\r
PrintAndLog("Cant get block: %d", blockNum);\r
return 2;\r
}\r
- if (blockNum == 0) flags = CSETBLOCK_INIT_FIELD + CSETBLOCK_WUPC; // switch on field and send magic sequence\r
+ if (blockNum == 0) flags = MAGIC_INIT + MAGIC_WUPC; // switch on field and send magic sequence\r
if (blockNum == 1) flags = 0; // just write\r
- if (blockNum == 16 * 4 - 1) flags = CSETBLOCK_HALT + CSETBLOCK_RESET_FIELD; // Done. Magic Halt and switch off field.\r
+ if (blockNum == 16 * 4 - 1) flags = MAGIC_HALT + MAGIC_OFF; // Done. Magic Halt and switch off field.\r
\r
- if (mfCSetBlock(blockNum, buf8, NULL, 0, flags)) {\r
+ if (mfCSetBlock(blockNum, buf8, NULL, flags)) {\r
PrintAndLog("Cant set magic card block: %d", blockNum);\r
return 3;\r
}\r
for (i = 0; i < 32; i += 2)\r
sscanf(&buf[i], "%02x", (unsigned int *)&buf8[i / 2]);\r
\r
- if (blockNum == 0) flags = CSETBLOCK_INIT_FIELD + CSETBLOCK_WUPC; // switch on field and send magic sequence\r
+ if (blockNum == 0) flags = MAGIC_INIT + MAGIC_WUPC; // switch on field and send magic sequence\r
if (blockNum == 1) flags = 0; // just write\r
- if (blockNum == 16 * 4 - 1) flags = CSETBLOCK_HALT + CSETBLOCK_RESET_FIELD; // Done. Switch off field.\r
+ if (blockNum == 16 * 4 - 1) flags = MAGIC_HALT + MAGIC_OFF; // Done. Switch off field.\r
\r
- if (mfCSetBlock(blockNum, buf8, NULL, 0, flags)) {\r
+ if (mfCSetBlock(blockNum, buf8, NULL, flags)) {\r
PrintAndLog("Can't set magic card block: %d", blockNum);\r
return 3;\r
}\r
}\r
fclose(f);\r
\r
+ // 64 or 256blocks.\r
if (blockNum != 16 * 4 && blockNum != 32 * 4 + 8 * 16){\r
PrintAndLog("File content error. There must be 64 blocks");\r
return 4;\r
}\r
\r
int CmdHF14AMfCGetBlk(const char *Cmd) {\r
- uint8_t memBlock[16];\r
+ uint8_t data[16];\r
uint8_t blockNo = 0;\r
int res;\r
- memset(memBlock, 0x00, sizeof(memBlock));\r
+ memset(data, 0x00, sizeof(data));\r
+ char ctmp = param_getchar(Cmd, 0);\r
\r
- if (strlen(Cmd) < 1 || param_getchar(Cmd, 0) == 'h') {\r
+ if (strlen(Cmd) < 1 || ctmp == 'h' || ctmp == 'H') {\r
PrintAndLog("Usage: hf mf cgetblk <block number>");\r
PrintAndLog("sample: hf mf cgetblk 1");\r
PrintAndLog("Get block data from magic Chinese card (only works with such cards)\n");\r
\r
PrintAndLog("--block number:%2d ", blockNo);\r
\r
- res = mfCGetBlock(blockNo, memBlock, CSETBLOCK_SINGLE_OPER);\r
+ res = mfCGetBlock(blockNo, data, MAGIC_SINGLE);\r
if (res) {\r
- PrintAndLog("Can't read block. error=%d", res);\r
- return 1;\r
- }\r
+ PrintAndLog("Can't read block. error=%d", res);\r
+ return 1;\r
+ }\r
\r
- PrintAndLog("block data:%s", sprint_hex(memBlock, 16));\r
+ PrintAndLog("data:%s", sprint_hex(data, sizeof(data)));\r
return 0;\r
}\r
\r
int CmdHF14AMfCGetSc(const char *Cmd) {\r
- uint8_t memBlock[16] = {0x00};\r
+ uint8_t data[16];\r
uint8_t sectorNo = 0;\r
int i, res, flags;\r
-\r
- if (strlen(Cmd) < 1 || param_getchar(Cmd, 0) == 'h') {\r
+ memset(data, 0x00, sizeof(data));\r
+ char ctmp = param_getchar(Cmd, 0);\r
+ \r
+ if (strlen(Cmd) < 1 || ctmp == 'h' || ctmp == 'H') {\r
PrintAndLog("Usage: hf mf cgetsc <sector number>");\r
PrintAndLog("sample: hf mf cgetsc 0");\r
PrintAndLog("Get sector data from magic Chinese card (only works with such cards)\n");\r
}\r
\r
PrintAndLog("--sector number:%d ", sectorNo);\r
+ PrintAndLog("block | data");\r
\r
- flags = CSETBLOCK_INIT_FIELD + CSETBLOCK_WUPC;\r
+ flags = MAGIC_INIT + MAGIC_WUPC;\r
for (i = 0; i < 4; i++) {\r
if (i == 1) flags = 0;\r
- if (i == 3) flags = CSETBLOCK_HALT + CSETBLOCK_RESET_FIELD;\r
+ if (i == 3) flags = MAGIC_HALT + MAGIC_OFF;\r
\r
- res = mfCGetBlock(sectorNo * 4 + i, memBlock, flags);\r
+ res = mfCGetBlock(sectorNo * 4 + i, data, flags);\r
if (res) {\r
PrintAndLog("Can't read block. %d error=%d", sectorNo * 4 + i, res);\r
return 1;\r
- }\r
- \r
- PrintAndLog("block %3d data:%s", sectorNo * 4 + i, sprint_hex(memBlock, 16));\r
+ } \r
+ PrintAndLog(" %3d | %s", sectorNo * 4 + i, sprint_hex(data, sizeof(data)));\r
}\r
return 0;\r
}\r
int CmdHF14AMfCSave(const char *Cmd) {\r
\r
FILE * f;\r
- char filename[FILE_PATH_SIZE] = {0x00};\r
+ char filename[FILE_PATH_SIZE];\r
char * fnameptr = filename;\r
uint8_t fillFromEmulator = 0;\r
- uint8_t buf[64] = {0x00};\r
+ uint8_t buf[64];\r
int i, j, len, flags;\r
\r
- // memset(filename, 0, sizeof(filename));\r
- // memset(buf, 0, sizeof(buf));\r
+ memset(filename, 0, sizeof(filename));\r
+ memset(buf, 0, sizeof(buf));\r
char ctmp = param_getchar(Cmd, 0);\r
\r
if ( ctmp == 'h' || ctmp == 'H' ) {\r
\r
if (fillFromEmulator) {\r
// put into emulator\r
- flags = CSETBLOCK_INIT_FIELD + CSETBLOCK_WUPC;\r
+ flags = MAGIC_INIT + MAGIC_WUPC;\r
for (i = 0; i < 16 * 4; i++) {\r
if (i == 1) flags = 0;\r
- if (i == 16 * 4 - 1) flags = CSETBLOCK_HALT + CSETBLOCK_RESET_FIELD;\r
+ if (i == 16 * 4 - 1) flags = MAGIC_HALT + MAGIC_OFF;\r
\r
if (mfCGetBlock(i, buf, flags)) {\r
PrintAndLog("Cant get block: %d", i);\r
len = strlen(Cmd);\r
if (len > FILE_PATH_SIZE - 4) len = FILE_PATH_SIZE - 4;\r
\r
+ // get filename based on UID\r
if (len < 1) {\r
- // get filename\r
- if (mfCGetBlock(0, buf, CSETBLOCK_SINGLE_OPER)) {\r
+ \r
+ if (mfCGetBlock(0, buf, MAGIC_SINGLE)) {\r
PrintAndLog("Cant get block: %d", 0);\r
len = sprintf(fnameptr, "dump");\r
fnameptr += len;\r
fnameptr += len;\r
}\r
\r
+ // add .eml extension\r
sprintf(fnameptr, ".eml"); \r
\r
// open file\r
}\r
\r
// put hex\r
- flags = CSETBLOCK_INIT_FIELD + CSETBLOCK_WUPC;\r
+ flags = MAGIC_INIT + MAGIC_WUPC;\r
for (i = 0; i < 16 * 4; i++) {\r
if (i == 1) flags = 0;\r
- if (i == 16 * 4 - 1) flags = CSETBLOCK_HALT + CSETBLOCK_RESET_FIELD;\r
+ if (i == 16 * 4 - 1) flags = MAGIC_HALT + MAGIC_OFF;\r
\r
if (mfCGetBlock(i, buf, flags)) {\r
PrintAndLog("Cant get block: %d", i);\r
fprintf(f, "%02x", buf[j]); \r
fprintf(f,"\n");\r
}\r
+ fflush(f);\r
fclose(f);\r
- \r
PrintAndLog("Saved to file: %s", filename);\r
- \r
return 0;\r
}\r
}\r
{\r
// flush\r
WaitForResponseTimeout(CMD_ACK,NULL,100);\r
-\r
- CmdsParse(CommandTable, Cmd);\r
- return 0;\r
+ CmdsParse(CommandTable, Cmd);\r
+ return 0;\r
}\r
\r
int CmdHelp(const char *Cmd)\r
{\r
- CmdsHelp(CommandTable);\r
- return 0;\r
+ CmdsHelp(CommandTable);\r
+ return 0;\r
}\r
static command_t CommandTable[] =
{
- {"help", CmdHelp, 1, "This help"},
+ {"help", CmdHelp, 1, "This help"},
{"awid", CmdLFAWID, 1, "{ AWID RFIDs... }"},
- {"em4x", CmdLFEM4X, 1, "{ EM4X RFIDs... }"},
- {"hid", CmdLFHID, 1, "{ HID RFIDs... }"},
- {"hitag", CmdLFHitag, 1, "{ HITAG RFIDs... }"},
- {"io", CmdLFIO, 1, "{ IOPROX RFIDs... }"},
- {"pcf7931", CmdLFPCF7931, 1, "{ PCF7931 RFIDs... }"},
- {"ti", CmdLFTI, 1, "{ TI RFIDs... }"},
- {"t55xx", CmdLFT55XX, 1, "{ T55X7 RFIDs... }"},
- {"viking", CmdLFViking, 1, "{ Viking RFIDs... }"},
- {"config", CmdLFSetConfig, 0, "Set config for LF sampling, bit/sample, decimation, frequency"},
-
- {"cmdread", CmdLFCommandRead, 0, "<off period> <'0' period> <'1' period> <command> ['h' 134] \n\t\t-- Modulate LF reader field to send command before read (all periods in microseconds)"},
- {"flexdemod", CmdFlexdemod, 1, "Demodulate samples for FlexPass"},
- {"indalademod", CmdIndalaDemod, 1, "['224'] -- Demodulate samples for Indala 64 bit UID (option '224' for 224 bit)"},
- {"indalaclone", CmdIndalaClone, 0, "<UID> ['l']-- Clone Indala to T55x7 (tag must be in antenna)(UID in HEX)(option 'l' for 224 UID"},
- {"read", CmdLFRead, 0, "['s' silent] Read 125/134 kHz LF ID-only tag. Do 'lf read h' for help"},
- {"search", CmdLFfind, 1, "[offline] ['u'] Read and Search for valid known tag (in offline mode it you can load first then search) \n\t\t-- 'u' to search for unknown tags"},
- {"sim", CmdLFSim, 0, "[GAP] -- Simulate LF tag from buffer with optional GAP (in microseconds)"},
- {"simask", CmdLFaskSim, 0, "[clock] [invert <1|0>] [biphase/manchester/raw <'b'|'m'|'r'>] [msg separator 's'] [d <hexdata>] \n\t\t-- Simulate LF ASK tag from demodbuffer or input"},
- {"simfsk", CmdLFfskSim, 0, "[c <clock>] [i] [H <fcHigh>] [L <fcLow>] [d <hexdata>] \n\t\t-- Simulate LF FSK tag from demodbuffer or input"},
- {"simpsk", CmdLFpskSim, 0, "[1|2|3] [c <clock>] [i] [r <carrier>] [d <raw hex to sim>] \n\t\t-- Simulate LF PSK tag from demodbuffer or input"},
- {"simbidir", CmdLFSimBidir, 0, "Simulate LF tag (with bidirectional data transmission between reader and tag)"},
- {"snoop", CmdLFSnoop, 0, "['l'|'h'|<divisor>] [trigger threshold] -- Snoop LF (l:125khz, h:134khz)"},
- {"vchdemod", CmdVchDemod, 1, "['clone'] -- Demodulate samples for VeriChip"},
- {NULL, NULL, 0, NULL}
+ {"em4x", CmdLFEM4X, 1, "{ EM4X RFIDs... }"},
+ {"hid", CmdLFHID, 1, "{ HID RFIDs... }"},
+ {"hitag", CmdLFHitag, 1, "{ HITAG RFIDs... }"},
+ {"io", CmdLFIO, 1, "{ IOPROX RFIDs... }"},
+ {"pcf7931", CmdLFPCF7931, 1, "{ PCF7931 RFIDs... }"},
+ {"ti", CmdLFTI, 1, "{ TI RFIDs... }"},
+ {"t55xx", CmdLFT55XX, 1, "{ T55X7 RFIDs... }"},
+ {"viking", CmdLFViking, 1, "{ Viking RFIDs... }"},
+ {"config", CmdLFSetConfig, 0, "Set config for LF sampling, bit/sample, decimation, frequency"},
+
+ {"cmdread", CmdLFCommandRead, 0, "<off period> <'0' period> <'1' period> <command> ['h' 134] \n\t\t-- Modulate LF reader field to send command before read (all periods in microseconds)"},
+ {"flexdemod", CmdFlexdemod, 1, "Demodulate samples for FlexPass"},
+ {"indalademod", CmdIndalaDemod, 1, "['224'] -- Demodulate samples for Indala 64 bit UID (option '224' for 224 bit)"},
+ {"indalaclone", CmdIndalaClone, 0, "<UID> ['l']-- Clone Indala to T55x7 (tag must be in antenna)(UID in HEX)(option 'l' for 224 UID"},
+ {"read", CmdLFRead, 0, "['s' silent] Read 125/134 kHz LF ID-only tag. Do 'lf read h' for help"},
+ {"search", CmdLFfind, 1, "[offline] ['u'] Read and Search for valid known tag (in offline mode it you can load first then search) \n\t\t-- 'u' to search for unknown tags"},
+ {"sim", CmdLFSim, 0, "[GAP] -- Simulate LF tag from buffer with optional GAP (in microseconds)"},
+ {"simask", CmdLFaskSim, 0, "[clock] [invert <1|0>] [biphase/manchester/raw <'b'|'m'|'r'>] [msg separator 's'] [d <hexdata>] \n\t\t-- Simulate LF ASK tag from demodbuffer or input"},
+ {"simfsk", CmdLFfskSim, 0, "[c <clock>] [i] [H <fcHigh>] [L <fcLow>] [d <hexdata>] \n\t\t-- Simulate LF FSK tag from demodbuffer or input"},
+ {"simpsk", CmdLFpskSim, 0, "[1|2|3] [c <clock>] [i] [r <carrier>] [d <raw hex to sim>] \n\t\t-- Simulate LF PSK tag from demodbuffer or input"},
+ {"simbidir", CmdLFSimBidir, 0, "Simulate LF tag (with bidirectional data transmission between reader and tag)"},
+ {"snoop", CmdLFSnoop, 0, "Snoop LF"},
+ {"vchdemod", CmdVchDemod, 1, "['clone'] -- Demodulate samples for VeriChip"},
+ {NULL, NULL, 0, NULL}
};
int CmdLF(const char *Cmd)
\r
// "MAGIC" CARD\r
\r
-int mfCSetUID(uint8_t *uid, uint8_t *atqa, uint8_t *sak, uint8_t *oldUID, bool wantWipe) {\r
- uint8_t oldblock0[16] = {0x00};\r
- uint8_t block0[16] = {0x00};\r
+int mfCSetUID(uint8_t *uid, uint8_t *atqa, uint8_t *sak, uint8_t *oldUID, uint8_t wipecard) {\r
\r
- int old = mfCGetBlock(0, oldblock0, CSETBLOCK_SINGLE_OPER);\r
+ uint8_t params = MAGIC_SINGLE;\r
+ uint8_t block0[16];\r
+ memset(block0, 0x00, sizeof(block0));\r
+ \r
+\r
+ int old = mfCGetBlock(0, block0, params);\r
if (old == 0) {\r
- memcpy(block0, oldblock0, 16);\r
- PrintAndLog("old block 0: %s", sprint_hex(block0,16));\r
+ PrintAndLog("old block 0: %s", sprint_hex(block0, sizeof(block0)));\r
} else {\r
PrintAndLog("Couldn't get old data. Will write over the last bytes of Block 0.");\r
}\r
// Mifare UID BCC\r
block0[4] = block0[0]^block0[1]^block0[2]^block0[3];\r
// mifare classic SAK(byte 5) and ATQA(byte 6 and 7, reversed)\r
- if (sak!=NULL)\r
+ if ( sak != NULL )\r
block0[5]=sak[0];\r
- if (atqa!=NULL) {\r
+ \r
+ if ( atqa != NULL ) {\r
block0[6]=atqa[1];\r
block0[7]=atqa[0];\r
}\r
PrintAndLog("new block 0: %s", sprint_hex(block0,16));\r
- return mfCSetBlock(0, block0, oldUID, wantWipe, CSETBLOCK_SINGLE_OPER);\r
+ \r
+ if ( wipecard ) params |= MAGIC_WIPE; \r
+ if ( oldUID == NULL) params |= MAGIC_UID;\r
+ \r
+ return mfCSetBlock(0, block0, oldUID, params);\r
}\r
\r
-int mfCSetBlock(uint8_t blockNo, uint8_t *data, uint8_t *uid, bool wantWipe, uint8_t params) {\r
+int mfCSetBlock(uint8_t blockNo, uint8_t *data, uint8_t *uid, uint8_t params) {\r
\r
uint8_t isOK = 0;\r
- UsbCommand c = {CMD_MIFARE_CSETBLOCK, {wantWipe, params & (0xFE | (uid == NULL ? 0:1)), blockNo}};\r
+ UsbCommand c = {CMD_MIFARE_CSETBLOCK, {params, blockNo, 0}};\r
memcpy(c.d.asBytes, data, 16); \r
-\r
clearCommandBuffer();\r
SendCommand(&c);\r
UsbCommand resp;\r
- if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {\r
+ if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {\r
isOK = resp.arg[0] & 0xff;\r
if (uid != NULL) \r
memcpy(uid, resp.d.asBytes, 4);\r
\r
int mfCGetBlock(uint8_t blockNo, uint8_t *data, uint8_t params) {\r
uint8_t isOK = 0;\r
-\r
- UsbCommand c = {CMD_MIFARE_CGETBLOCK, {params, 0, blockNo}};\r
- \r
+ UsbCommand c = {CMD_MIFARE_CGETBLOCK, {params, blockNo, 0}}; \r
clearCommandBuffer();\r
SendCommand(&c);\r
UsbCommand resp;\r
#include "nonce2key/nonce2key.h"\r
#include "nonce2key/crapto1.h"\r
#include "iso14443crc.h"\r
+#include "protocols.h"\r
\r
#define MEM_CHUNK 1000000\r
#define NESTED_SECTOR_RETRY 10\r
\r
-// mfCSetBlock work flags\r
-#define CSETBLOCK_UID 0x01\r
-#define CSETBLOCK_WUPC 0x02\r
-#define CSETBLOCK_HALT 0x04\r
-#define CSETBLOCK_INIT_FIELD 0x08\r
-#define CSETBLOCK_RESET_FIELD 0x10\r
-#define CSETBLOCK_SINGLE_OPER 0x1F\r
-\r
// mifare tracer flags\r
-#define TRACE_IDLE 0x00\r
-#define TRACE_AUTH1 0x01\r
-#define TRACE_AUTH2 0x02\r
-#define TRACE_AUTH_OK 0x03\r
-#define TRACE_READ_DATA 0x04\r
-#define TRACE_WRITE_OK 0x05\r
-#define TRACE_WRITE_DATA 0x06\r
+#define TRACE_IDLE 0x00\r
+#define TRACE_AUTH1 0x01\r
+#define TRACE_AUTH2 0x02\r
+#define TRACE_AUTH_OK 0x03\r
+#define TRACE_READ_DATA 0x04\r
+#define TRACE_WRITE_OK 0x05\r
+#define TRACE_WRITE_DATA 0x06\r
\r
-#define TRACE_ERROR 0xFF\r
+#define TRACE_ERROR 0xFF\r
\r
typedef struct {\r
uint64_t Key[2];\r
int mfEmlSetMem(uint8_t *data, int blockNum, int blocksCount);\r
int mfEmlSetMem_xt(uint8_t *data, int blockNum, int blocksCount, int blockBtWidth);\r
\r
-int mfCSetUID(uint8_t *uid, uint8_t *atqa, uint8_t *sak, uint8_t *oldUID, bool wantWipe);\r
-int mfCSetBlock(uint8_t blockNo, uint8_t *data, uint8_t *uid, bool wantWipe, uint8_t params);\r
+int mfCSetUID(uint8_t *uid, uint8_t *atqa, uint8_t *sak, uint8_t *oldUID, uint8_t wipecard);\r
+int mfCSetBlock(uint8_t blockNo, uint8_t *data, uint8_t *uid, uint8_t params);\r
int mfCGetBlock(uint8_t blockNo, uint8_t *data, uint8_t params);\r
\r
int mfTraceInit(uint8_t *tuid, uint8_t *atqa, uint8_t sak, bool wantSaveToEmlFile);\r
#define MIFARE_ULEV1_VCSL 0x4B
+// Magic Generation 1, parameter "work flags"
+// bit 0 - need get UID
+// bit 1 - send wupC (wakeup chinese)
+// bit 2 - send HALT cmd after sequence
+// bit 3 - turn on FPGA
+// bit 4 - turn off FPGA
+// bit 5 - set datain instead of issuing USB reply (called via ARM for StandAloneMode14a)
+#define MAGIC_UID 0x01
+#define MAGIC_WUPC 0x02
+#define MAGIC_HALT 0x04
+#define MAGIC_INIT 0x08
+#define MAGIC_OFF 0x10
+#define MAGIC_DATAIN 0x20
+#define MAGIC_WIPE 0x40
+#define MAGIC_SINGLE (MAGIC_WUPC | MAGIC_HALT | MAGIC_INIT | MAGIC_OFF) //0x1E
/**
06 00 = INITIATE
#define T5555_PSK_RF_8 0x00000200
#define T5555_USE_PWD 0x00000400
#define T5555_USE_AOR 0x00000800
-#define T5555_BITRATE_SHIFT 12
+#define T5555_BITRATE_SHIFT 12 //(RF=2n+2) ie 64=2*0x1F+2 or n = (RF-2)/2
#define T5555_FAST_WRITE 0x00004000
#define T5555_PAGE_SELECT 0x00008000
projects / proxmark3-svn / commitdiff