*.bin
*.dll
*.moc.cpp
+*.z
*.exe
proxmark
proxmark3
This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...
## [Unreleased][unreleased]
+
+### Changed
+- Changed `hf 14b write` to `hf 14b sriwrite` as it only applied to sri tags (marshmellow)
+- Added `hf 14b info` to `hf search` (marshmellow)
+
+### Added
+- Add `hf 14b info` to find and print info about std 14b tags and sri tags (using 14b raw commands in the client) (marshmellow)
+- Add PACE replay functionality (frederikmoellers)
+
+### Fixed
+- t55xx write timing (marshmellow)
+
+
+## [2.1.0][2015-06-23]
+
### Changed
+- Added ultralight/ntag tag type detection to `hf 14a read` (marshmellow)
+- Improved ultralight dump command to auto detect tag type, take authentication, and dump full memory (or subset specified) of known tag types (iceman1001 / marshmellow)
+- Combined ultralight read/write commands and added authentication (iceman1001)
+- Improved LF manchester and biphase demodulation and ask clock detection especially for reads with heavy clipping. (marshmellow)
- Iclass read, `hf iclass read` now also reads tag config and prints configuration. (holiman)
+- *bootrom* needs to be flashed, due to new address boundaries between os and fpga, after a size optimization (piwi)
### Fixed
-- Fixed issue #19, problems with LF T55xx commands (marshmellow)
+- Fixed EM4x50 read/demod of the tags broadcasted memory blocks. 'lf em4x em4x50read' (not page read) (marshmellow)
+- Fixed issue #19, problems with LF T55xx commands (iceman1001, marshmellow)
+- Fixed various problems with iso14443b, issue #103 (piwi, marshmellow)
### Added
+- Added `hf search` - currently tests for 14443a tags, iclass tags, and 15693 tags (marshmellow)
+- Added `hf mfu info` Ultralight/NTAG info command - reads tag configuration and info, allows authentication if needed (iceman1001, marshmellow)
+- Added Mifare Ultralight C and Ultralight EV1/NTAG authentication. (iceman1001)
- Added changelog
## [2.0.0] - 2015-03-25
= Mac OS X =
============
-macport stuff should do ;)
+Tested on OSX 10.10 Yosemite
+
+1 - Install Xcode and Xcode Command Line Tools
+
+2 - Install Homebrew and dependencies
+ brew install readline
+ brew instal libusb
+
+3 - Download DevKitARM for OSX
+ http://sourceforge.net/projects/devkitpro/files/devkitARM/devkitARM_r44/
+ Unpack devkitARM_r44-osx.tar.bz2 to proxmark3 directory.
+
+4 - Edit proxmark3/client/Makefile adding path to readline
+
+ LDLIBS = -L/usr/local/Cellar/readline/6.3.8/lib/ -L/opt/local/lib -L/usr/local/lib ../liblua/liblua.a -lreadline -lpthread -lm
+ CFLAGS = -std=c99 -I/usr/local/Cellar/readline/6.3.8/include/ -I. -I../include -I../common -I/opt/local/include -I../liblua -Wall $(COMMON_FLAGS) -g -O4
+
+ Replace path /usr/local/Cellar/readline/6.3.8 with your actuall readline path. See homebrew manuals.
+
+5 - Set Environment
+
+ export DEVKITPRO=$HOME/proxmark3/
+ export DEVKITARM=$DEVKITPRO/devkitARM
+ export PATH=${PATH}:${DEVKITARM}/bin
+
============
= Linux =
include common/Makefile.common
-GZIP=gzip
FLASH_PORT=/dev/ttyACM0
-all clean: %: bootrom/% armsrc/% client/% recovery/%
+all clean: %: client/% bootrom/% armsrc/% recovery/%
bootrom/%: FORCE
$(MAKE) -C bootrom $(patsubst bootrom/%,%,$@)
$(MAKE) -C recovery $(patsubst recovery/%,%,$@)
FORCE: # Dummy target to force remake in the subdirectories, even if files exist (this Makefile doesn't know about the prerequisites)
+.PHONY: all clean help _test flash-bootrom flash-os flash-all FORCE
-.PHONY: all clean help _test flash-bootrom flash-os flash-fpga flash-both flash-all FORCE
help:
@echo Multi-OS Makefile, you are running on $(DETECTED_OS)
@echo Possible targets:
@echo + client - Make only the OS-specific host directory
@echo + flash-bootrom - Make bootrom and flash it
@echo + flash-os - Make armsrc and flash os (includes fpga)
- @echo + flash-fpga - (Deprecated:) Make armsrc and flash fpga
- @echo + flash-both - Make armsrc and flash os and fpga image
- @echo + flash-all - Make bootrom and armsrc and flash bootrom, os and fpga image
+ @echo + flash-all - Make bootrom and armsrc and flash bootrom and os image
@echo + clean - Clean in bootrom, armsrc and the OS-specific host directory
client: client/all
flash-bootrom: bootrom/obj/bootrom.elf $(FLASH_TOOL)
$(FLASH_TOOL) $(FLASH_PORT) -b $(subst /,$(PATHSEP),$<)
-flash-os: armsrc/obj/osimage.elf $(FLASH_TOOL)
+flash-os: armsrc/obj/fullimage.elf $(FLASH_TOOL)
$(FLASH_TOOL) $(FLASH_PORT) $(subst /,$(PATHSEP),$<)
-#flash-fpga: armsrc/obj/fpgaimage.elf $(FLASH_TOOL)
-# $(FLASH_TOOL) $(FLASH_PORT) $(subst /,$(PATHSEP),$<)
-
-flash-both: armsrc/obj/osimage.elf $(FLASH_TOOL)
- $(FLASH_TOOL) $(FLASH_PORT) $(subst /,$(PATHSEP),$(filter-out $(FLASH_TOOL),$^))
-
-flash-all: bootrom/obj/bootrom.elf armsrc/obj/osimage.elf $(FLASH_TOOL)
+flash-all: bootrom/obj/bootrom.elf armsrc/obj/fullimage.elf $(FLASH_TOOL)
$(FLASH_TOOL) $(FLASH_PORT) -b $(subst /,$(PATHSEP),$(filter-out $(FLASH_TOOL),$^))
newtarbin:
OBTAINING HARDWARE:
-The Proxmark 3 is available for purcahse (assembled and tested) from the
+The Proxmark 3 is available for purchase (assembled and tested) from the
following locations:
* http://proxmark3.com/
}
void clear_trace() {
- uint8_t *trace = BigBuf_get_addr();
- uint16_t max_traceLen = BigBuf_max_traceLen();
- memset(trace, 0x44, max_traceLen);
traceLen = 0;
}
#remove one of the following defines and comment out the relevant line
#in the next section to remove that particular feature from compilation
-APP_CFLAGS = -DWITH_LF -DWITH_ISO15693 -DWITH_ISO14443a -DWITH_ISO14443b -DWITH_ICLASS -DWITH_LEGICRF -DWITH_HITAG -DWITH_CRC -DON_DEVICE -fno-strict-aliasing -ffunction-sections -fdata-sections
+APP_CFLAGS = -DWITH_LF -DWITH_ISO15693 -DWITH_ISO14443a -DWITH_ISO14443b -DWITH_ICLASS -DWITH_LEGICRF -DWITH_HITAG -DWITH_CRC -DON_DEVICE \
+ -fno-strict-aliasing -ffunction-sections -fdata-sections
#-DWITH_LCD
#SRC_LCD = fonts.c LCD.c
SRC_LF = lfops.c hitag2.c lfsampling.c
SRC_ISO15693 = iso15693.c iso15693tools.c
SRC_ISO14443a = epa.c iso14443a.c mifareutil.c mifarecmd.c mifaresniff.c
-SRC_ISO14443b = iso14443.c
+SRC_ISO14443b = iso14443b.c
SRC_CRAPTO1 = crapto1.c crypto1.c des.c aes.c
-SRC_CRC = iso14443crc.c crc.c crc16.c crc32.c
+SRC_CRC = iso14443crc.c crc.c crc16.c crc32.c
+#the FPGA bitstream files. Note: order matters!
+FPGA_BITSTREAMS = fpga_lf.bit fpga_hf.bit
+
+#the zlib source files required for decompressing the fpga config at run time
+SRC_ZLIB = inflate.c inffast.c inftrees.c adler32.c zutil.c
+#additional defines required to compile zlib
+ZLIB_CFLAGS = -DZ_SOLO -DZ_PREFIX -DNO_GZIP -DZLIB_PM3_TUNED
+APP_CFLAGS += $(ZLIB_CFLAGS)
+# zlib includes:
+APP_CFLAGS += -I../zlib
+
+# stdint.h provided locally until GCC 4.5 becomes C99 compliant
+APP_CFLAGS += -I.
+
+# Compile these in thumb mode (small size)
THUMBSRC = start.c \
$(SRC_LCD) \
$(SRC_ISO15693) \
$(SRC_LF) \
+ $(SRC_ZLIB) \
appmain.c \
printf.c \
util.c \
BigBuf.c \
optimized_cipher.c
-# stdint.h provided locally until GCC 4.5 becomes C99 compliant
-APP_CFLAGS += -I.
-
# Do not move this inclusion before the definition of {THUMB,ASM,ARM}SRC
include ../common/Makefile.common
-OBJS = $(OBJDIR)/osimage.s19
-#$(OBJDIR)/fpgaimage.s19
+OBJS = $(OBJDIR)/fullimage.s19
+FPGA_COMPRESSOR = ../client/fpga_compress
all: $(OBJS)
-$(OBJDIR)/fpga_lf.o: fpga_lf.bit
- $(OBJCOPY) -O elf32-littlearm -I binary -B arm --redefine-sym _binary____fpga_fpga_lf_bit_start=_binary_fpga_lf_bit_start --redefine-sym _binary____fpga_fpga_lf_bit_end=_binary_fpga_lf_bit_end --prefix-sections=fpga_lf_bit $^ $@
+.DELETE_ON_ERROR:
+
+$(OBJDIR)/fpga_all.o: $(OBJDIR)/fpga_all.bit.z
+ $(OBJCOPY) -O elf32-littlearm -I binary -B arm --prefix-sections=fpga_all_bit $^ $@
-$(OBJDIR)/fpga_hf.o: fpga_hf.bit
- $(OBJCOPY) -O elf32-littlearm -I binary -B arm --redefine-sym _binary____fpga_fpga_hf_bit_start=_binary_fpga_hf_bit_start --redefine-sym _binary____fpga_fpga_hf_bit_end=_binary_fpga_hf_bit_end --prefix-sections=fpga_hf_bit $^ $@
+$(OBJDIR)/fpga_all.bit.z: $(FPGA_BITSTREAMS) $(FPGA_COMPRESSOR)
+ $(FPGA_COMPRESSOR) $(filter %.bit,$^) $@
-$(OBJDIR)/fullimage.elf: $(VERSIONOBJ) $(OBJDIR)/fpga_lf.o $(OBJDIR)/fpga_hf.o $(THUMBOBJ) $(ARMOBJ)
+$(FPGA_COMPRESSOR):
+ make -C ../client $(notdir $(FPGA_COMPRESSOR))
+
+$(OBJDIR)/fullimage.stage1.elf: $(VERSIONOBJ) $(OBJDIR)/fpga_all.o $(THUMBOBJ) $(ARMOBJ)
$(CC) $(LDFLAGS) -Wl,-T,ldscript,-Map,$(patsubst %.elf,%.map,$@) -o $@ $^ $(LIBS)
-#$(OBJDIR)/fpgaimage.elf: $(OBJDIR)/fullimage.elf
-# $(OBJCOPY) -F elf32-littlearm --only-section .fpgaimage $^ $@
+$(OBJDIR)/fullimage.nodata.bin: $(OBJDIR)/fullimage.stage1.elf
+ $(OBJCOPY) -O binary -I elf32-littlearm --remove-section .data $^ $@
+
+$(OBJDIR)/fullimage.nodata.o: $(OBJDIR)/fullimage.nodata.bin
+ $(OBJCOPY) -O elf32-littlearm -I binary -B arm --rename-section .data=stage1_image $^ $@
-$(OBJDIR)/osimage.elf: $(OBJDIR)/fullimage.elf
- $(OBJCOPY) -F elf32-littlearm $^ $@
+$(OBJDIR)/fullimage.data.bin: $(OBJDIR)/fullimage.stage1.elf
+ $(OBJCOPY) -O binary -I elf32-littlearm --only-section .data $^ $@
+$(OBJDIR)/fullimage.data.bin.z: $(OBJDIR)/fullimage.data.bin $(FPGA_COMPRESSOR)
+ $(FPGA_COMPRESSOR) $(filter %.bin,$^) $@
+
+$(OBJDIR)/fullimage.data.o: $(OBJDIR)/fullimage.data.bin.z
+ $(OBJCOPY) -O elf32-littlearm -I binary -B arm --rename-section .data=compressed_data $^ $@
+
+$(OBJDIR)/fullimage.elf: $(OBJDIR)/fullimage.nodata.o $(OBJDIR)/fullimage.data.o
+ $(CC) $(LDFLAGS) -Wl,-T,ldscript,-Map,$(patsubst %.elf,%.map,$@) -o $@ $^
+
tarbin: $(OBJS)
$(TAR) $(TARFLAGS) ../proxmark3-$(platform)-bin.tar $(OBJS:%=armsrc/%) $(OBJS:%.s19=armsrc/%.elf)
-
clean:
$(DELETE) $(OBJDIR)$(PATHSEP)*.o
$(DELETE) $(OBJDIR)$(PATHSEP)*.elf
$(DELETE) $(OBJDIR)$(PATHSEP)*.s19
$(DELETE) $(OBJDIR)$(PATHSEP)*.map
$(DELETE) $(OBJDIR)$(PATHSEP)*.d
+ $(DELETE) $(OBJDIR)$(PATHSEP)*.z
+ $(DELETE) $(OBJDIR)$(PATHSEP)*.bin
$(DELETE) version.c
.PHONY: all clean help
help:
@echo Multi-OS Makefile, you are running on $(DETECTED_OS)
@echo Possible targets:
- @echo + all - Make both:
- @echo + $(OBJDIR)/osimage.s19 - The OS image
- @echo + $(OBJDIR)/fpgaimage.s19 - The FPGA image
- @echo + clean - Clean $(OBJDIR)
+ @echo + all - Build the full image $(OBJDIR)/fullimage.s19
+ @echo + clean - Clean $(OBJDIR)
-#include "stdio.h"
#include "aes.h"
static const unsigned int Te0[256] = {
//////////////////////////////////////////////////////////////////////////////
#ifndef EMBEDDED
+
+#include <stdio.h>
+
int main()
{
AesCtx ctx;
}
-void SimulateTagHfListen(void)
-{
- // ToDo: historically this used the free buffer, which was 2744 Bytes long.
- // There might be a better size to be defined:
- #define HF_14B_SNOOP_BUFFER_SIZE 2744
- uint8_t *dest = BigBuf_malloc(HF_14B_SNOOP_BUFFER_SIZE);
- uint8_t v = 0;
- int i;
- int p = 0;
-
- // We're using this mode just so that I can test it out; the simulated
- // tag mode would work just as well and be simpler.
- FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
- FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_READER_RX_XCORR | FPGA_HF_READER_RX_XCORR_848_KHZ | FPGA_HF_READER_RX_XCORR_SNOOP);
-
- // We need to listen to the high-frequency, peak-detected path.
- SetAdcMuxFor(GPIO_MUXSEL_HIPKD);
-
- FpgaSetupSsc();
-
- i = 0;
- for(;;) {
- if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {
- AT91C_BASE_SSC->SSC_THR = 0xff;
- }
- if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {
- uint8_t r = (uint8_t)AT91C_BASE_SSC->SSC_RHR;
-
- v <<= 1;
- if(r & 1) {
- v |= 1;
- }
- p++;
-
- if(p >= 8) {
- dest[i] = v;
- v = 0;
- p = 0;
- i++;
-
- if(i >= HF_14B_SNOOP_BUFFER_SIZE) {
- break;
- }
- }
- }
- }
- DbpString("simulate tag (now type bitsamples)");
-}
-
void ReadMem(int addr)
{
const uint8_t *data = ((uint8_t *)addr);
/* osimage version information is linked in */
extern struct version_information version_information;
/* bootrom version information is pointed to from _bootphase1_version_pointer */
-extern char *_bootphase1_version_pointer, _flash_start, _flash_end;
+extern char *_bootphase1_version_pointer, _flash_start, _flash_end, _bootrom_start, _bootrom_end, __data_src_start__;
void SendVersion(void)
{
- char temp[512]; /* Limited data payload in USB packets */
- DbpString("Prox/RFID mark3 RFID instrument");
+ char temp[USB_CMD_DATA_SIZE]; /* Limited data payload in USB packets */
+ char VersionString[USB_CMD_DATA_SIZE] = { '\0' };
/* Try to find the bootrom version information. Expect to find a pointer at
* symbol _bootphase1_version_pointer, perform slight sanity checks on the
*/
char *bootrom_version = *(char**)&_bootphase1_version_pointer;
if( bootrom_version < &_flash_start || bootrom_version >= &_flash_end ) {
- DbpString("bootrom version information appears invalid");
+ strcat(VersionString, "bootrom version information appears invalid\n");
} else {
FormatVersionInformation(temp, sizeof(temp), "bootrom: ", bootrom_version);
- DbpString(temp);
+ strncat(VersionString, temp, sizeof(VersionString) - strlen(VersionString) - 1);
}
FormatVersionInformation(temp, sizeof(temp), "os: ", &version_information);
- DbpString(temp);
+ strncat(VersionString, temp, sizeof(VersionString) - strlen(VersionString) - 1);
+
+ FpgaGatherVersion(FPGA_BITSTREAM_LF, temp, sizeof(temp));
+ strncat(VersionString, temp, sizeof(VersionString) - strlen(VersionString) - 1);
+ FpgaGatherVersion(FPGA_BITSTREAM_HF, temp, sizeof(temp));
+ strncat(VersionString, temp, sizeof(VersionString) - strlen(VersionString) - 1);
- FpgaGatherVersion(temp, sizeof(temp));
- DbpString(temp);
- // Send Chip ID
- cmd_send(CMD_ACK,*(AT91C_DBGU_CIDR),0,0,NULL,0);
+ // Send Chip ID and used flash memory
+ uint32_t text_and_rodata_section_size = (uint32_t)&__data_src_start__ - (uint32_t)&_flash_start;
+ uint32_t compressed_data_section_size = common_area.arg1;
+ cmd_send(CMD_ACK, *(AT91C_DBGU_CIDR), text_and_rodata_section_size + compressed_data_section_size, 0, VersionString, strlen(VersionString));
}
#ifdef WITH_LF
ReaderHitag((hitag_function)c->arg[0],(hitag_data*)c->d.asBytes);
break;
#endif
-
+
#ifdef WITH_ISO15693
case CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_15693:
AcquireRawAdcSamplesIso15693();
#endif
#ifdef WITH_ISO14443b
- case CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443:
- AcquireRawAdcSamplesIso14443(c->arg[0]);
- break;
case CMD_READ_SRI512_TAG:
- ReadSTMemoryIso14443(0x0F);
+ ReadSTMemoryIso14443b(0x0F);
break;
case CMD_READ_SRIX4K_TAG:
- ReadSTMemoryIso14443(0x7F);
+ ReadSTMemoryIso14443b(0x7F);
break;
- case CMD_SNOOP_ISO_14443:
- SnoopIso14443();
+ case CMD_SNOOP_ISO_14443B:
+ SnoopIso14443b();
break;
- case CMD_SIMULATE_TAG_ISO_14443:
- SimulateIso14443Tag();
+ case CMD_SIMULATE_TAG_ISO_14443B:
+ SimulateIso14443bTag();
break;
case CMD_ISO_14443B_COMMAND:
SendRawCommand14443B(c->arg[0],c->arg[1],c->arg[2],c->d.asBytes);
case CMD_EPA_PACE_COLLECT_NONCE:
EPA_PACE_Collect_Nonce(c);
break;
+ case CMD_EPA_PACE_REPLAY:
+ EPA_PACE_Replay(c);
+ break;
case CMD_READER_MIFARE:
- ReaderMifare(c->arg[0]);
+ ReaderMifare(c->arg[0]);
break;
case CMD_MIFARE_READBL:
MifareReadBlock(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes);
break;
case CMD_MIFAREU_READBL:
- MifareUReadBlock(c->arg[0],c->d.asBytes);
- break;
- case CMD_MIFAREUC_AUTH1:
- MifareUC_Auth1(c->arg[0],c->d.asBytes);
+ MifareUReadBlock(c->arg[0],c->arg[1], c->d.asBytes);
break;
- case CMD_MIFAREUC_AUTH2:
- MifareUC_Auth2(c->arg[0],c->d.asBytes);
+ case CMD_MIFAREUC_AUTH:
+ MifareUC_Auth(c->arg[0],c->d.asBytes);
break;
case CMD_MIFAREU_READCARD:
- MifareUReadCard(c->arg[0], c->arg[1], c->d.asBytes);
+ MifareUReadCard(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes);
break;
- case CMD_MIFAREUC_READCARD:
- MifareUReadCard(c->arg[0], c->arg[1], c->d.asBytes);
+ case CMD_MIFAREUC_SETPWD:
+ MifareUSetPwd(c->arg[0], c->d.asBytes);
break;
case CMD_MIFARE_READSC:
MifareReadSector(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes);
case CMD_MIFARE_WRITEBL:
MifareWriteBlock(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes);
break;
- case CMD_MIFAREU_WRITEBL_COMPAT:
- MifareUWriteBlock(c->arg[0], c->d.asBytes);
- break;
+ //case CMD_MIFAREU_WRITEBL_COMPAT:
+ //MifareUWriteBlockCompat(c->arg[0], c->d.asBytes);
+ //break;
case CMD_MIFAREU_WRITEBL:
- MifareUWriteBlock_Special(c->arg[0], c->d.asBytes);
- break;
+ MifareUWriteBlock(c->arg[0], c->arg[1], c->d.asBytes);
+ break;
case CMD_MIFARE_NESTED:
MifareNested(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes);
break;
break;
#endif
- case CMD_SIMULATE_TAG_HF_LISTEN:
- SimulateTagHfListen();
- break;
-
case CMD_BUFF_CLEAR:
BigBuf_Clear();
break;
#include "mifare.h"
#include "../common/crc32.h"
#include "BigBuf.h"
+#include "fpgaloader.h"
extern const uint8_t OddByteParity[256];
extern int rsamples; // = 0;
extern int ToSendMax;
extern uint8_t ToSend[];
-/// fpga.h
-void FpgaSendCommand(uint16_t cmd, uint16_t v);
-void FpgaWriteConfWord(uint8_t v);
-void FpgaDownloadAndGo(int bitstream_version);
-int FpgaGatherBitstreamVersion();
-void FpgaGatherVersion(char *dst, int len);
-void FpgaSetupSsc(void);
-void SetupSpi(int mode);
-bool FpgaSetupSscDma(uint8_t *buf, int len);
-#define FpgaDisableSscDma(void) AT91C_BASE_PDC_SSC->PDC_PTCR = AT91C_PDC_RXTDIS;
-#define FpgaEnableSscDma(void) AT91C_BASE_PDC_SSC->PDC_PTCR = AT91C_PDC_RXTEN;
-void SetAdcMuxFor(uint32_t whichGpio);
-
-// Definitions for the FPGA commands.
-#define FPGA_CMD_SET_CONFREG (1<<12)
-#define FPGA_CMD_SET_DIVISOR (2<<12)
-#define FPGA_CMD_SET_USER_BYTE1 (3<<12)
-// Definitions for the FPGA configuration word.
-// LF
-#define FPGA_MAJOR_MODE_LF_ADC (0<<5)
-#define FPGA_MAJOR_MODE_LF_EDGE_DETECT (1<<5)
-#define FPGA_MAJOR_MODE_LF_PASSTHRU (2<<5)
-// HF
-#define FPGA_MAJOR_MODE_HF_READER_TX (0<<5)
-#define FPGA_MAJOR_MODE_HF_READER_RX_XCORR (1<<5)
-#define FPGA_MAJOR_MODE_HF_SIMULATOR (2<<5)
-#define FPGA_MAJOR_MODE_HF_ISO14443A (3<<5)
-// BOTH
-#define FPGA_MAJOR_MODE_OFF (7<<5)
-// Options for LF_ADC
-#define FPGA_LF_ADC_READER_FIELD (1<<0)
-// Options for LF_EDGE_DETECT
-#define FPGA_CMD_SET_EDGE_DETECT_THRESHOLD FPGA_CMD_SET_USER_BYTE1
-#define FPGA_LF_EDGE_DETECT_READER_FIELD (1<<0)
-#define FPGA_LF_EDGE_DETECT_TOGGLE_MODE (1<<1)
-// Options for the HF reader, tx to tag
-#define FPGA_HF_READER_TX_SHALLOW_MOD (1<<0)
-// Options for the HF reader, correlating against rx from tag
-#define FPGA_HF_READER_RX_XCORR_848_KHZ (1<<0)
-#define FPGA_HF_READER_RX_XCORR_SNOOP (1<<1)
-#define FPGA_HF_READER_RX_XCORR_QUARTER_FREQ (1<<2)
-// Options for the HF simulated tag, how to modulate
-#define FPGA_HF_SIMULATOR_NO_MODULATION (0<<0)
-#define FPGA_HF_SIMULATOR_MODULATE_BPSK (1<<0)
-#define FPGA_HF_SIMULATOR_MODULATE_212K (2<<0)
-#define FPGA_HF_SIMULATOR_MODULATE_424K (4<<0)
-#define FPGA_HF_SIMULATOR_MODULATE_424K_8BIT 0x5//101
-
-// Options for ISO14443A
-#define FPGA_HF_ISO14443A_SNIFFER (0<<0)
-#define FPGA_HF_ISO14443A_TAGSIM_LISTEN (1<<0)
-#define FPGA_HF_ISO14443A_TAGSIM_MOD (2<<0)
-#define FPGA_HF_ISO14443A_READER_LISTEN (3<<0)
-#define FPGA_HF_ISO14443A_READER_MOD (4<<0)
/// lfops.h
extern uint8_t decimation;
void EM4xWriteWord(uint32_t Data, uint8_t Address, uint32_t Pwd, uint8_t PwdMode);
/// iso14443.h
-void SimulateIso14443Tag(void);
-void AcquireRawAdcSamplesIso14443(uint32_t parameter);
-void ReadSTMemoryIso14443(uint32_t);
-void RAMFUNC SnoopIso14443(void);
+void SimulateIso14443bTag(void);
+void AcquireRawAdcSamplesIso14443b(uint32_t parameter);
+void ReadSTMemoryIso14443b(uint32_t);
+void RAMFUNC SnoopIso14443b(void);
void SendRawCommand14443B(uint32_t, uint32_t, uint8_t, uint8_t[]);
/// iso14443a.h
/// epa.h
void EPA_PACE_Collect_Nonce(UsbCommand * c);
+void EPA_PACE_Replay(UsbCommand *c);
// mifarecmd.h
void ReaderMifare(bool first_try);
int32_t dist_nt(uint32_t nt1, uint32_t nt2);
void MifareReadBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *data);
-void MifareUReadBlock(uint8_t arg0,uint8_t *datain);
-void MifareUC_Auth1(uint8_t arg0, uint8_t *datain);
-void MifareUC_Auth2(uint32_t arg0, uint8_t *datain);
-void MifareUReadCard(uint8_t arg0, int Pages, uint8_t *datain);
+void MifareUReadBlock(uint8_t arg0, uint8_t arg1, uint8_t *datain);
+void MifareUC_Auth(uint8_t arg0, uint8_t *datain);
+void MifareUReadCard(uint8_t arg0, uint16_t arg1, uint8_t arg2, uint8_t *datain);
void MifareReadSector(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain);
void MifareWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain);
-void MifareUWriteBlock(uint8_t arg0,uint8_t *datain);
-void MifareUWriteBlock_Special(uint8_t arg0,uint8_t *datain);
+//void MifareUWriteBlockCompat(uint8_t arg0,uint8_t *datain);
+void MifareUWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t *datain);
void MifareNested(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain);
void MifareChkKeys(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain);
void Mifare1ksim(uint8_t arg0, uint8_t arg1, uint8_t arg2, uint8_t *datain);
void MifareCSetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain); // Work with "magic Chinese" card
void MifareCGetBlock(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain);
void MifareCIdent(); // is "magic chinese" card?
+void MifareUSetPwd(uint8_t arg0, uint8_t *datain);
//desfire
void Mifare_DES_Auth1(uint8_t arg0,uint8_t *datain);
des_dec(out, out, (uint8_t*)key + 0);
}
+void tdes_2key_enc(void* out, const void* in, size_t length, const void* key, unsigned char iv[8]){
+
+ if( length % 8 ) return;
+
+ uint8_t i;
+ uint8_t* tin = (uint8_t*) in;
+ uint8_t* tout = (uint8_t*) out;
+
+ while( length > 0 )
+ {
+ for ( i = 0; i < 8; i++ )
+ tout[i] = (unsigned char)(tin[i] ^ iv[i]);
+
+ des_enc(tout, tin, (uint8_t*)key + 0);
+ des_dec(tout, tout, (uint8_t*)key + 8);
+ des_enc(tout, tout, (uint8_t*)key + 0);
+
+ memcpy(iv, tout, 8);
+
+ tin += 8;
+ tout += 8;
+ length -= 8;
+ }
+}
+
+void tdes_2key_dec(void* out, const void* in, size_t length, const void* key, unsigned char iv[8]){
+
+ if( length % 8 ) return;
+
+ uint8_t i;
+ unsigned char temp[8];
+ uint8_t* tin = (uint8_t*) in;
+ uint8_t* tout = (uint8_t*) out;
+
+ while( length > 0 )
+ {
+ memcpy(temp, tin, 8);
+
+ des_dec(tout, tin, (uint8_t*)key + 0);
+ des_enc(tout, tout, (uint8_t*)key + 8);
+ des_dec(tout, tout, (uint8_t*)key + 0);
+
+ for (i = 0; i < 8; i++)
+ tout[i] = (unsigned char)(tout[i] ^ iv[i]);
+
+ memcpy(iv, temp, 8);
+
+ tin += 8;
+ tout += 8;
+ length -= 8;
+ }
+}
+
+
/******************************************************************************/
*/
void tdes_dec(void* out, const void* in, const void* key);
+ void tdes_2key_enc(void* out, const void* in, size_t length, const void* key, unsigned char iv[8]);
+ void tdes_2key_dec(void* out, const void* in, size_t length, const void* key, unsigned char iv[8]);
+
#endif /*DES_H_*/
// Copied from des.h in desfire imp.
// at your option, any later version. See the LICENSE.txt file for the text of
// the license.
//-----------------------------------------------------------------------------
-// Routines to support the German eletronic "Personalausweis" (ID card)
+// Routines to support the German electronic "Personalausweis" (ID card)
// Note that the functions which do not implement USB commands do NOT initialize
// the card (with iso14443a_select_card etc.). If You want to use these
// functions, You need to do the setup before calling them!
0x04 // id-PACE
};
+// APDUs for replaying:
+// MSE: Set AT (initiate PACE)
+static uint8_t apdu_replay_mse_set_at_pace[41];
+// General Authenticate (Get Nonce)
+static uint8_t apdu_replay_general_authenticate_pace_get_nonce[8];
+// General Authenticate (Map Nonce)
+static uint8_t apdu_replay_general_authenticate_pace_map_nonce[75];
+// General Authenticate (Mutual Authenticate)
+static uint8_t apdu_replay_general_authenticate_pace_mutual_authenticate[75];
+// General Authenticate (Perform Key Agreement)
+static uint8_t apdu_replay_general_authenticate_pace_perform_key_agreement[18];
+// pointers to the APDUs (for iterations)
+static struct {
+ uint8_t len;
+ uint8_t *data;
+} const apdus_replay[] = {
+ {sizeof(apdu_replay_mse_set_at_pace), apdu_replay_mse_set_at_pace},
+ {sizeof(apdu_replay_general_authenticate_pace_get_nonce), apdu_replay_general_authenticate_pace_get_nonce},
+ {sizeof(apdu_replay_general_authenticate_pace_map_nonce), apdu_replay_general_authenticate_pace_map_nonce},
+ {sizeof(apdu_replay_general_authenticate_pace_mutual_authenticate), apdu_replay_general_authenticate_pace_mutual_authenticate},
+ {sizeof(apdu_replay_general_authenticate_pace_perform_key_agreement), apdu_replay_general_authenticate_pace_perform_key_agreement}
+};
+
+// lengths of the replay APDUs
+static uint8_t apdu_lengths_replay[5];
+
//-----------------------------------------------------------------------------
// Closes the communication channel and turns off the field
//-----------------------------------------------------------------------------
pace_version_info_t *pace_info)
{
size_t index = 0;
-
+
while (index <= length - 2) {
// determine type of element
// SET or SEQUENCE
index += 2 + data[index + 1];
}
}
-
+
// TODO: We should check whether we reached the end in error, but for that
// we need a better parser (e.g. with states like IN_SET or IN_PACE_INFO)
return 0;
// we reserve 262 bytes here just to be safe (256-byte APDU + SW + ISO frame)
uint8_t response_apdu[262];
int rapdu_length = 0;
-
+
// select the file EF.CardAccess
rapdu_length = iso14_apdu((uint8_t *)apdu_select_binary_cardaccess,
sizeof(apdu_select_binary_cardaccess),
Dbprintf("epa - no select cardaccess");
return -1;
}
-
+
// read the file
rapdu_length = iso14_apdu((uint8_t *)apdu_read_binary,
sizeof(apdu_read_binary),
Dbprintf("epa - no read cardaccess");
return -1;
}
-
+
// copy the content into the buffer
// length of data available: apdu_length - 4 (ISO frame) - 2 (SW)
size_t to_copy = rapdu_length - 6;
//-----------------------------------------------------------------------------
static void EPA_PACE_Collect_Nonce_Abort(uint8_t step, int func_return)
{
-// // step in which the failure occured
-// ack->arg[0] = step;
-// // last return code
-// ack->arg[1] = func_return;
-
// power down the field
EPA_Finish();
-
+
// send the USB packet
- cmd_send(CMD_ACK,step,func_return,0,0,0);
+ cmd_send(CMD_ACK,step,func_return,0,0,0);
}
//-----------------------------------------------------------------------------
// return value of a function
int func_return = 0;
-// // initialize ack with 0s
-// memset(ack->arg, 0, 12);
-// memset(ack->d.asBytes, 0, 48);
-
// set up communication
func_return = EPA_Setup();
if (func_return != 0) {
EPA_PACE_Collect_Nonce_Abort(3, func_return);
return;
}
-
+
// initiate the PACE protocol
// use the CAN for the password since that doesn't change
func_return = EPA_PACE_MSE_Set_AT(pace_version_info, 2);
-
+
// now get the nonce
uint8_t nonce[256] = {0};
uint8_t requested_size = (uint8_t)c->arg[0];
EPA_PACE_Collect_Nonce_Abort(4, func_return);
return;
}
-
- // all done, return
+
+ // all done, return
EPA_Finish();
-
+
// save received information
-// ack->arg[1] = func_return;
-// memcpy(ack->d.asBytes, nonce, func_return);
- cmd_send(CMD_ACK,0,func_return,0,nonce,func_return);
+ cmd_send(CMD_ACK,0,func_return,0,nonce,func_return);
}
//-----------------------------------------------------------------------------
sizeof(apdu_general_authenticate_pace_get_nonce));
// append Le (requested length + 2 due to tag/length taking 2 bytes) in RAPDU
apdu[sizeof(apdu_general_authenticate_pace_get_nonce)] = requested_length + 4;
-
+
// send it
uint8_t response_apdu[262];
int send_return = iso14_apdu(apdu,
{
return -1;
}
-
+
// if there is no nonce in the RAPDU, return here
if (send_return < 10)
{
}
// copy the nonce
memcpy(nonce, response_apdu + 6, nonce_length);
-
+
return nonce_length;
}
return 0;
}
+//-----------------------------------------------------------------------------
+// Perform the PACE protocol by replaying given APDUs
+//-----------------------------------------------------------------------------
+void EPA_PACE_Replay(UsbCommand *c)
+{
+ uint32_t timings[sizeof(apdu_lengths_replay) / sizeof(apdu_lengths_replay[0])] = {0};
+
+ // if an APDU has been passed, save it
+ if (c->arg[0] != 0) {
+ // make sure it's not too big
+ if(c->arg[2] > apdus_replay[c->arg[0] - 1].len)
+ {
+ cmd_send(CMD_ACK, 1, 0, 0, NULL, 0);
+ }
+ memcpy(apdus_replay[c->arg[0] - 1].data + c->arg[1],
+ c->d.asBytes,
+ c->arg[2]);
+ // save/update APDU length
+ if (c->arg[1] == 0) {
+ apdu_lengths_replay[c->arg[0] - 1] = c->arg[2];
+ } else {
+ apdu_lengths_replay[c->arg[0] - 1] += c->arg[2];
+ }
+ cmd_send(CMD_ACK, 0, 0, 0, NULL, 0);
+ return;
+ }
+
+ // return value of a function
+ int func_return;
+
+ // set up communication
+ func_return = EPA_Setup();
+ if (func_return != 0) {
+ EPA_Finish();
+ cmd_send(CMD_ACK, 2, func_return, 0, NULL, 0);
+ return;
+ }
+
+ // increase the timeout (at least some cards really do need this!)/////////////
+ // iso14a_set_timeout(0x0003FFFF);
+
+ // response APDU
+ uint8_t response_apdu[300] = {0};
+
+ // now replay the data and measure the timings
+ for (int i = 0; i < sizeof(apdu_lengths_replay); i++) {
+ StartCountUS();
+ func_return = iso14_apdu(apdus_replay[i].data,
+ apdu_lengths_replay[i],
+ response_apdu);
+ timings[i] = GetCountUS();
+ // every step but the last one should succeed
+ if (i < sizeof(apdu_lengths_replay) - 1
+ && (func_return < 6
+ || response_apdu[func_return - 4] != 0x90
+ || response_apdu[func_return - 3] != 0x00))
+ {
+ EPA_Finish();
+ cmd_send(CMD_ACK, 3 + i, func_return, 0, timings, 20);
+ return;
+ }
+ }
+ EPA_Finish();
+ cmd_send(CMD_ACK,0,0,0,timings,20);
+ return;
+}
+
//-----------------------------------------------------------------------------
// Set up a communication channel (Card Select, PPS)
// Returns 0 on success or a non-zero error code on failure
//-----------------------------------------------------------------------------
int EPA_Setup()
{
-
int return_code = 0;
uint8_t uid[10];
uint8_t pps_response[3];
// power up the field
iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD);
-
// select the card
return_code = iso14443a_select_card(uid, &card_select_info, NULL);
if (return_code != 1) {
- Dbprintf("Epa: Can't select card");
return 1;
}
-
// send the PPS request
ReaderTransmit((uint8_t *)pps, sizeof(pps), NULL);
return_code = ReaderReceive(pps_response, pps_response_par);
if (return_code != 3 || pps_response[0] != 0xD0) {
return return_code == 0 ? 2 : return_code;
}
-
return 0;
-}
\ No newline at end of file
+}
uint8_t parameter_id;
} pace_version_info_t;
-// note: EPA_PACE_GetNonce is declared in apps.h
+// note: EPA_PACE_Collect_Nonce is declared in apps.h
// general functions
void EPA_Finish();
int EPA_PACE_MSE_Set_AT(pace_version_info_t pace_version_info, uint8_t password);
int EPA_PACE_Get_Nonce(uint8_t requested_length, uint8_t *nonce);
-#endif /* __EPA_H */
\ No newline at end of file
+#endif /* __EPA_H */
// Routines to load the FPGA image, and then to configure the FPGA's major
// mode once it is configured.
//-----------------------------------------------------------------------------
+
+#include <stdint.h>
+#include <stddef.h>
+#include <stdbool.h>
+#include "fpgaloader.h"
#include "proxmark3.h"
-#include "apps.h"
#include "util.h"
#include "string.h"
+#include "BigBuf.h"
+#include "zlib.h"
+
+extern void Dbprintf(const char *fmt, ...);
+
+// remember which version of the bitstream we have already downloaded to the FPGA
+static int downloaded_bitstream = FPGA_BITSTREAM_ERR;
+
+// this is where the bitstreams are located in memory:
+extern uint8_t _binary_obj_fpga_all_bit_z_start, _binary_obj_fpga_all_bit_z_end;
+
+static uint8_t *fpga_image_ptr = NULL;
+static uint32_t uncompressed_bytes_cnt;
+
+static const uint8_t _bitparse_fixed_header[] = {0x00, 0x09, 0x0f, 0xf0, 0x0f, 0xf0, 0x0f, 0xf0, 0x0f, 0xf0, 0x00, 0x00, 0x01};
+#define FPGA_BITSTREAM_FIXED_HEADER_SIZE sizeof(_bitparse_fixed_header)
+#define OUTPUT_BUFFER_LEN 80
+#define FPGA_INTERLEAVE_SIZE 288
//-----------------------------------------------------------------------------
// Set up the Serial Peripheral Interface as master
return true;
}
+
+//----------------------------------------------------------------------------
+// Uncompress (inflate) the FPGA data. Returns one decompressed byte with
+// each call.
+//----------------------------------------------------------------------------
+static int get_from_fpga_combined_stream(z_streamp compressed_fpga_stream, uint8_t *output_buffer)
+{
+ if (fpga_image_ptr == compressed_fpga_stream->next_out) { // need more data
+ compressed_fpga_stream->next_out = output_buffer;
+ compressed_fpga_stream->avail_out = OUTPUT_BUFFER_LEN;
+ fpga_image_ptr = output_buffer;
+ int res = inflate(compressed_fpga_stream, Z_SYNC_FLUSH);
+ if (res != Z_OK) {
+ Dbprintf("inflate returned: %d, %s", res, compressed_fpga_stream->msg);
+ }
+ if (res < 0) {
+ return res;
+ }
+ }
+
+ uncompressed_bytes_cnt++;
+
+ return *fpga_image_ptr++;
+}
+
+//----------------------------------------------------------------------------
+// Undo the interleaving of several FPGA config files. FPGA config files
+// are combined into one big file:
+// 288 bytes from FPGA file 1, followed by 288 bytes from FGPA file 2, etc.
+//----------------------------------------------------------------------------
+static int get_from_fpga_stream(int bitstream_version, z_streamp compressed_fpga_stream, uint8_t *output_buffer)
+{
+ while((uncompressed_bytes_cnt / FPGA_INTERLEAVE_SIZE) % FPGA_BITSTREAM_MAX != (bitstream_version - 1)) {
+ // skip undesired data belonging to other bitstream_versions
+ get_from_fpga_combined_stream(compressed_fpga_stream, output_buffer);
+ }
+
+ return get_from_fpga_combined_stream(compressed_fpga_stream, output_buffer);
+
+}
+
+
+static voidpf fpga_inflate_malloc(voidpf opaque, uInt items, uInt size)
+{
+ return BigBuf_malloc(items*size);
+}
+
+
+static void fpga_inflate_free(voidpf opaque, voidpf address)
+{
+ BigBuf_free();
+}
+
+
+//----------------------------------------------------------------------------
+// Initialize decompression of the respective (HF or LF) FPGA stream
+//----------------------------------------------------------------------------
+static bool reset_fpga_stream(int bitstream_version, z_streamp compressed_fpga_stream, uint8_t *output_buffer)
+{
+ uint8_t header[FPGA_BITSTREAM_FIXED_HEADER_SIZE];
+
+ uncompressed_bytes_cnt = 0;
+
+ // initialize z_stream structure for inflate:
+ compressed_fpga_stream->next_in = &_binary_obj_fpga_all_bit_z_start;
+ compressed_fpga_stream->avail_in = &_binary_obj_fpga_all_bit_z_start - &_binary_obj_fpga_all_bit_z_end;
+ compressed_fpga_stream->next_out = output_buffer;
+ compressed_fpga_stream->avail_out = OUTPUT_BUFFER_LEN;
+ compressed_fpga_stream->zalloc = &fpga_inflate_malloc;
+ compressed_fpga_stream->zfree = &fpga_inflate_free;
+
+ inflateInit2(compressed_fpga_stream, 0);
+
+ fpga_image_ptr = output_buffer;
+
+ for (uint16_t i = 0; i < FPGA_BITSTREAM_FIXED_HEADER_SIZE; i++) {
+ header[i] = get_from_fpga_stream(bitstream_version, compressed_fpga_stream, output_buffer);
+ }
+
+ // Check for a valid .bit file (starts with _bitparse_fixed_header)
+ if(memcmp(_bitparse_fixed_header, header, FPGA_BITSTREAM_FIXED_HEADER_SIZE) == 0) {
+ return true;
+ } else {
+ return false;
+ }
+}
+
+
static void DownloadFPGA_byte(unsigned char w)
{
#define SEND_BIT(x) { if(w & (1<<x) ) HIGH(GPIO_FPGA_DIN); else LOW(GPIO_FPGA_DIN); HIGH(GPIO_FPGA_CCLK); LOW(GPIO_FPGA_CCLK); }
SEND_BIT(0);
}
-// Download the fpga image starting at FpgaImage and with length FpgaImageLen bytes
-// If bytereversal is set: reverse the byte order in each 4-byte word
-static void DownloadFPGA(const char *FpgaImage, int FpgaImageLen, int bytereversal)
+// Download the fpga image starting at current stream position with length FpgaImageLen bytes
+static void DownloadFPGA(int bitstream_version, int FpgaImageLen, z_streamp compressed_fpga_stream, uint8_t *output_buffer)
{
+
+ Dbprintf("DownloadFPGA(len: %d)", FpgaImageLen);
+
int i=0;
AT91C_BASE_PIOA->PIO_OER = GPIO_FPGA_ON;
return;
}
- if(bytereversal) {
- /* This is only supported for uint32_t aligned images */
- if( ((int)FpgaImage % sizeof(uint32_t)) == 0 ) {
- i=0;
- while(FpgaImageLen-->0)
- DownloadFPGA_byte(FpgaImage[(i++)^0x3]);
- /* Explanation of the magic in the above line:
- * i^0x3 inverts the lower two bits of the integer i, counting backwards
- * for each 4 byte increment. The generated sequence of (i++)^3 is
- * 3 2 1 0 7 6 5 4 11 10 9 8 15 14 13 12 etc. pp.
- */
+ for(i = 0; i < FpgaImageLen; i++) {
+ int b = get_from_fpga_stream(bitstream_version, compressed_fpga_stream, output_buffer);
+ if (b < 0) {
+ Dbprintf("Error %d during FpgaDownload", b);
+ break;
}
- } else {
- while(FpgaImageLen-->0)
- DownloadFPGA_byte(*FpgaImage++);
+ DownloadFPGA_byte(b);
}
-
+
// continue to clock FPGA until ready signal goes high
i=100000;
while ( (i--) && ( !(AT91C_BASE_PIOA->PIO_PDSR & GPIO_FPGA_DONE ) ) ) {
LED_D_OFF();
}
-static char *bitparse_headers_start;
-static char *bitparse_bitstream_end;
-static int bitparse_initialized = 0;
+
/* Simple Xilinx .bit parser. The file starts with the fixed opaque byte sequence
* 00 09 0f f0 0f f0 0f f0 0f f0 00 00 01
* After that the format is 1 byte section type (ASCII character), 2 byte length
* (big endian), <length> bytes content. Except for section 'e' which has 4 bytes
* length.
*/
-static const char _bitparse_fixed_header[] = {0x00, 0x09, 0x0f, 0xf0, 0x0f, 0xf0, 0x0f, 0xf0, 0x0f, 0xf0, 0x00, 0x00, 0x01};
-static int bitparse_init(void * start_address, void *end_address)
-{
- bitparse_initialized = 0;
-
- if(memcmp(_bitparse_fixed_header, start_address, sizeof(_bitparse_fixed_header)) != 0) {
- return 0; /* Not matched */
- } else {
- bitparse_headers_start= ((char*)start_address) + sizeof(_bitparse_fixed_header);
- bitparse_bitstream_end= (char*)end_address;
- bitparse_initialized = 1;
- return 1;
- }
-}
-
-int bitparse_find_section(char section_name, char **section_start, unsigned int *section_length)
+static int bitparse_find_section(int bitstream_version, char section_name, unsigned int *section_length, z_streamp compressed_fpga_stream, uint8_t *output_buffer)
{
- char *pos = bitparse_headers_start;
int result = 0;
-
- if(!bitparse_initialized) return 0;
-
- while(pos < bitparse_bitstream_end) {
- char current_name = *pos++;
+ #define MAX_FPGA_BIT_STREAM_HEADER_SEARCH 100 // maximum number of bytes to search for the requested section
+ uint16_t numbytes = 0;
+ while(numbytes < MAX_FPGA_BIT_STREAM_HEADER_SEARCH) {
+ char current_name = get_from_fpga_stream(bitstream_version, compressed_fpga_stream, output_buffer);
+ numbytes++;
unsigned int current_length = 0;
if(current_name < 'a' || current_name > 'e') {
/* Strange section name, abort */
switch(current_name) {
case 'e':
/* Four byte length field */
- current_length += (*pos++) << 24;
- current_length += (*pos++) << 16;
+ current_length += get_from_fpga_stream(bitstream_version, compressed_fpga_stream, output_buffer) << 24;
+ current_length += get_from_fpga_stream(bitstream_version, compressed_fpga_stream, output_buffer) << 16;
+ numbytes += 2;
default: /* Fall through, two byte length field */
- current_length += (*pos++) << 8;
- current_length += (*pos++) << 0;
+ current_length += get_from_fpga_stream(bitstream_version, compressed_fpga_stream, output_buffer) << 8;
+ current_length += get_from_fpga_stream(bitstream_version, compressed_fpga_stream, output_buffer) << 0;
+ numbytes += 2;
}
if(current_name != 'e' && current_length > 255) {
if(current_name == section_name) {
/* Found it */
- *section_start = pos;
*section_length = current_length;
result = 1;
break;
}
- pos += current_length; /* Skip section */
+ for (uint16_t i = 0; i < current_length && numbytes < MAX_FPGA_BIT_STREAM_HEADER_SEARCH; i++) {
+ get_from_fpga_stream(bitstream_version, compressed_fpga_stream, output_buffer);
+ numbytes++;
+ }
}
return result;
}
-//-----------------------------------------------------------------------------
-// Find out which FPGA image format is stored in flash, then call DownloadFPGA
-// with the right parameters to download the image
-//-----------------------------------------------------------------------------
-extern char _binary_fpga_lf_bit_start, _binary_fpga_lf_bit_end;
-extern char _binary_fpga_hf_bit_start, _binary_fpga_hf_bit_end;
+
+//----------------------------------------------------------------------------
+// Check which FPGA image is currently loaded (if any). If necessary
+// decompress and load the correct (HF or LF) image to the FPGA
+//----------------------------------------------------------------------------
void FpgaDownloadAndGo(int bitstream_version)
{
- void *bit_start;
- void *bit_end;
-
+ z_stream compressed_fpga_stream;
+ uint8_t output_buffer[OUTPUT_BUFFER_LEN];
+
// check whether or not the bitstream is already loaded
- if (FpgaGatherBitstreamVersion() == bitstream_version)
+ if (downloaded_bitstream == bitstream_version)
return;
- if (bitstream_version == FPGA_BITSTREAM_LF) {
- bit_start = &_binary_fpga_lf_bit_start;
- bit_end = &_binary_fpga_lf_bit_end;
- } else if (bitstream_version == FPGA_BITSTREAM_HF) {
- bit_start = &_binary_fpga_hf_bit_start;
- bit_end = &_binary_fpga_hf_bit_end;
- } else
+ // make sure that we have enough memory to decompress
+ BigBuf_free();
+
+ if (!reset_fpga_stream(bitstream_version, &compressed_fpga_stream, output_buffer)) {
return;
- /* Check for the new flash image format: Should have the .bit file at &_binary_fpga_bit_start
- */
- if(bitparse_init(bit_start, bit_end)) {
- /* Successfully initialized the .bit parser. Find the 'e' section and
- * send its contents to the FPGA.
- */
- char *bitstream_start;
- unsigned int bitstream_length;
- if(bitparse_find_section('e', &bitstream_start, &bitstream_length)) {
- DownloadFPGA(bitstream_start, bitstream_length, 0);
-
- return; /* All done */
- }
}
- /* Fallback for the old flash image format: Check for the magic marker 0xFFFFFFFF
- * 0xAA995566 at address 0x102000. This is raw bitstream with a size of 336,768 bits
- * = 10,524 uint32_t, stored as uint32_t e.g. little-endian in memory, but each DWORD
- * is still to be transmitted in MSBit first order. Set the invert flag to indicate
- * that the DownloadFPGA function should invert every 4 byte sequence when doing
- * the bytewise download.
- */
- if( *(uint32_t*)0x102000 == 0xFFFFFFFF && *(uint32_t*)0x102004 == 0xAA995566 )
- DownloadFPGA((char*)0x102000, 10524*4, 1);
-}
+ unsigned int bitstream_length;
+ if(bitparse_find_section(bitstream_version, 'e', &bitstream_length, &compressed_fpga_stream, output_buffer)) {
+ DownloadFPGA(bitstream_version, bitstream_length, &compressed_fpga_stream, output_buffer);
+ downloaded_bitstream = bitstream_version;
+ }
+
+ inflateEnd(&compressed_fpga_stream);
+}
-int FpgaGatherBitstreamVersion()
-{
- char temp[256];
- FpgaGatherVersion(temp, sizeof (temp));
- if (!memcmp("LF", temp, 2))
- return FPGA_BITSTREAM_LF;
- else if (!memcmp("HF", temp, 2))
- return FPGA_BITSTREAM_HF;
- return FPGA_BITSTREAM_ERR;
-}
-void FpgaGatherVersion(char *dst, int len)
+//-----------------------------------------------------------------------------
+// Gather version information from FPGA image. Needs to decompress the begin
+// of the respective (HF or LF) image.
+// Note: decompression makes use of (i.e. overwrites) BigBuf[]. It is therefore
+// advisable to call this only once and store the results for later use.
+//-----------------------------------------------------------------------------
+void FpgaGatherVersion(int bitstream_version, char *dst, int len)
{
- char *fpga_info;
unsigned int fpga_info_len;
- dst[0] = 0;
- if(!bitparse_find_section('e', &fpga_info, &fpga_info_len)) {
- strncat(dst, "FPGA image: legacy image without version information", len-1);
- } else {
- /* USB packets only have 48 bytes data payload, so be terse */
- if(bitparse_find_section('a', &fpga_info, &fpga_info_len) && fpga_info[fpga_info_len-1] == 0 ) {
- if (!memcmp("fpga_lf", fpga_info, 7))
- strncat(dst, "LF ", len-1);
- else if (!memcmp("fpga_hf", fpga_info, 7))
- strncat(dst, "HF ", len-1);
+ char tempstr[40];
+ z_stream compressed_fpga_stream;
+ uint8_t output_buffer[OUTPUT_BUFFER_LEN];
+
+ dst[0] = '\0';
+
+ // ensure that we can allocate enough memory for decompression:
+ BigBuf_free();
+
+ if (!reset_fpga_stream(bitstream_version, &compressed_fpga_stream, output_buffer)) {
+ return;
+ }
+
+ if(bitparse_find_section(bitstream_version, 'a', &fpga_info_len, &compressed_fpga_stream, output_buffer)) {
+ for (uint16_t i = 0; i < fpga_info_len; i++) {
+ char c = (char)get_from_fpga_stream(bitstream_version, &compressed_fpga_stream, output_buffer);
+ if (i < sizeof(tempstr)) {
+ tempstr[i] = c;
+ }
}
- strncat(dst, "FPGA image built", len-1);
-#if 0
- if(bitparse_find_section('b', &fpga_info, &fpga_info_len) && fpga_info[fpga_info_len-1] == 0 ) {
- strncat(dst, " for ", len-1);
- strncat(dst, fpga_info, len-1);
+ if (!memcmp("fpga_lf", tempstr, 7))
+ strncat(dst, "LF ", len-1);
+ else if (!memcmp("fpga_hf", tempstr, 7))
+ strncat(dst, "HF ", len-1);
+ }
+ strncat(dst, "FPGA image built", len-1);
+ if(bitparse_find_section(bitstream_version, 'b', &fpga_info_len, &compressed_fpga_stream, output_buffer)) {
+ strncat(dst, " for ", len-1);
+ for (uint16_t i = 0; i < fpga_info_len; i++) {
+ char c = (char)get_from_fpga_stream(bitstream_version, &compressed_fpga_stream, output_buffer);
+ if (i < sizeof(tempstr)) {
+ tempstr[i] = c;
+ }
}
-#endif
- if(bitparse_find_section('c', &fpga_info, &fpga_info_len) && fpga_info[fpga_info_len-1] == 0 ) {
- strncat(dst, " on ", len-1);
- strncat(dst, fpga_info, len-1);
+ strncat(dst, tempstr, len-1);
+ }
+ if(bitparse_find_section(bitstream_version, 'c', &fpga_info_len, &compressed_fpga_stream, output_buffer)) {
+ strncat(dst, " on ", len-1);
+ for (uint16_t i = 0; i < fpga_info_len; i++) {
+ char c = (char)get_from_fpga_stream(bitstream_version, &compressed_fpga_stream, output_buffer);
+ if (i < sizeof(tempstr)) {
+ tempstr[i] = c;
+ }
}
- if(bitparse_find_section('d', &fpga_info, &fpga_info_len) && fpga_info[fpga_info_len-1] == 0 ) {
- strncat(dst, " at ", len-1);
- strncat(dst, fpga_info, len-1);
+ strncat(dst, tempstr, len-1);
+ }
+ if(bitparse_find_section(bitstream_version, 'd', &fpga_info_len, &compressed_fpga_stream, output_buffer)) {
+ strncat(dst, " at ", len-1);
+ for (uint16_t i = 0; i < fpga_info_len; i++) {
+ char c = (char)get_from_fpga_stream(bitstream_version, &compressed_fpga_stream, output_buffer);
+ if (i < sizeof(tempstr)) {
+ tempstr[i] = c;
+ }
}
+ strncat(dst, tempstr, len-1);
}
+
+ strncat(dst, "\n", len-1);
+
+ inflateEnd(&compressed_fpga_stream);
}
+
//-----------------------------------------------------------------------------
// Send a 16 bit command/data pair to the FPGA.
// The bit format is: C3 C2 C1 C0 D11 D10 D9 D8 D7 D6 D5 D4 D3 D2 D1 D0
--- /dev/null
+//-----------------------------------------------------------------------------
+// Jonathan Westhues, April 2006
+// iZsh <izsh at fail0verflow.com>, 2014
+//
+// This code is licensed to you under the terms of the GNU GPL, version 2 or,
+// at your option, any later version. See the LICENSE.txt file for the text of
+// the license.
+//-----------------------------------------------------------------------------
+// Routines to load the FPGA image, and then to configure the FPGA's major
+// mode once it is configured.
+//-----------------------------------------------------------------------------
+
+void FpgaSendCommand(uint16_t cmd, uint16_t v);
+void FpgaWriteConfWord(uint8_t v);
+void FpgaDownloadAndGo(int bitstream_version);
+void FpgaGatherVersion(int bitstream_version, char *dst, int len);
+void FpgaSetupSsc(void);
+void SetupSpi(int mode);
+bool FpgaSetupSscDma(uint8_t *buf, int len);
+#define FpgaDisableSscDma(void) AT91C_BASE_PDC_SSC->PDC_PTCR = AT91C_PDC_RXTDIS;
+#define FpgaEnableSscDma(void) AT91C_BASE_PDC_SSC->PDC_PTCR = AT91C_PDC_RXTEN;
+void SetAdcMuxFor(uint32_t whichGpio);
+
+// definitions for multiple FPGA config files support
+#define FPGA_BITSTREAM_MAX 2 // the total number of FPGA bitstreams (configs)
+#define FPGA_BITSTREAM_ERR 0
+#define FPGA_BITSTREAM_LF 1
+#define FPGA_BITSTREAM_HF 2
+
+
+// Definitions for the FPGA commands.
+#define FPGA_CMD_SET_CONFREG (1<<12)
+#define FPGA_CMD_SET_DIVISOR (2<<12)
+#define FPGA_CMD_SET_USER_BYTE1 (3<<12)
+// Definitions for the FPGA configuration word.
+// LF
+#define FPGA_MAJOR_MODE_LF_ADC (0<<5)
+#define FPGA_MAJOR_MODE_LF_EDGE_DETECT (1<<5)
+#define FPGA_MAJOR_MODE_LF_PASSTHRU (2<<5)
+// HF
+#define FPGA_MAJOR_MODE_HF_READER_TX (0<<5)
+#define FPGA_MAJOR_MODE_HF_READER_RX_XCORR (1<<5)
+#define FPGA_MAJOR_MODE_HF_SIMULATOR (2<<5)
+#define FPGA_MAJOR_MODE_HF_ISO14443A (3<<5)
+// BOTH
+#define FPGA_MAJOR_MODE_OFF (7<<5)
+// Options for LF_ADC
+#define FPGA_LF_ADC_READER_FIELD (1<<0)
+// Options for LF_EDGE_DETECT
+#define FPGA_CMD_SET_EDGE_DETECT_THRESHOLD FPGA_CMD_SET_USER_BYTE1
+#define FPGA_LF_EDGE_DETECT_READER_FIELD (1<<0)
+#define FPGA_LF_EDGE_DETECT_TOGGLE_MODE (1<<1)
+// Options for the HF reader, tx to tag
+#define FPGA_HF_READER_TX_SHALLOW_MOD (1<<0)
+// Options for the HF reader, correlating against rx from tag
+#define FPGA_HF_READER_RX_XCORR_848_KHZ (1<<0)
+#define FPGA_HF_READER_RX_XCORR_SNOOP (1<<1)
+#define FPGA_HF_READER_RX_XCORR_QUARTER_FREQ (1<<2)
+// Options for the HF simulated tag, how to modulate
+#define FPGA_HF_SIMULATOR_NO_MODULATION (0<<0)
+#define FPGA_HF_SIMULATOR_MODULATE_BPSK (1<<0)
+#define FPGA_HF_SIMULATOR_MODULATE_212K (2<<0)
+#define FPGA_HF_SIMULATOR_MODULATE_424K (4<<0)
+#define FPGA_HF_SIMULATOR_MODULATE_424K_8BIT 0x5//101
+
+// Options for ISO14443A
+#define FPGA_HF_ISO14443A_SNIFFER (0<<0)
+#define FPGA_HF_ISO14443A_TAGSIM_LISTEN (1<<0)
+#define FPGA_HF_ISO14443A_TAGSIM_MOD (2<<0)
+#define FPGA_HF_ISO14443A_READER_LISTEN (3<<0)
+#define FPGA_HF_ISO14443A_READER_MOD (4<<0)
byte_t rx[HITAG_FRAME_LEN];
size_t rxlen=0;
+ FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
+
+ // Clean up trace and prepare it for storing frames
+ set_tracing(TRUE);
+ clear_trace();
+
auth_table_len = 0;
auth_table_pos = 0;
+
BigBuf_free();
auth_table = (byte_t *)BigBuf_malloc(AUTH_TABLE_LENGTH);
memset(auth_table, 0x00, AUTH_TABLE_LENGTH);
- // Clean up trace and prepare it for storing frames
- set_tracing(TRUE);
- clear_trace();
-
DbpString("Starting Hitag2 snoop");
LED_D_ON();
// Set up eavesdropping mode, frequency divisor which will drive the FPGA
// and analog mux selection.
- FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_EDGE_DETECT | FPGA_LF_EDGE_DETECT_TOGGLE_MODE);
FpgaSendCommand(FPGA_CMD_SET_DIVISOR, 95); //125Khz
SetAdcMuxFor(GPIO_MUXSEL_LOPKD);
bool bQuitTraceFull = false;
bQuiet = false;
+ FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
+
+ // Clean up trace and prepare it for storing frames
+ set_tracing(TRUE);
+ clear_trace();
+
auth_table_len = 0;
auth_table_pos = 0;
byte_t* auth_table;
auth_table = (byte_t *)BigBuf_malloc(AUTH_TABLE_LENGTH);
memset(auth_table, 0x00, AUTH_TABLE_LENGTH);
- // Clean up trace and prepare it for storing frames
- set_tracing(TRUE);
- clear_trace();
-
DbpString("Starting Hitag2 simulation");
LED_D_ON();
hitag2_init();
// Set up simulator mode, frequency divisor which will drive the FPGA
// and analog mux selection.
- FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_EDGE_DETECT | FPGA_LF_EDGE_DETECT_READER_FIELD);
FpgaSendCommand(FPGA_CMD_SET_DIVISOR, 95); //125Khz
SetAdcMuxFor(GPIO_MUXSEL_LOPKD);
int resp_cc_len;
uint8_t *receivedCmd = BigBuf_malloc(MAX_FRAME_SIZE);
- memset(receivedCmd, 0x44, MAX_FRAME_SIZE);
int len;
// Prepare card messages
}
}
- memset(receivedCmd, 0x44, MAX_FRAME_SIZE);
}
//Dbprintf("%x", cmdsRecvd);
// Reader iClass Anticollission
void ReaderIClass(uint8_t arg0) {
- uint8_t card_data[6 * 8]={0xFF};
- uint8_t last_csn[8]={0};
+ uint8_t card_data[6 * 8]={0};
+ memset(card_data, 0xFF, sizeof(card_data));
+ uint8_t last_csn[8]={0};
//Read conf block CRC(0x01) => 0xfa 0x22
uint8_t readConf[] = { ICLASS_CMD_READ_OR_IDENTIFY,0x01, 0xfa, 0x22};
uint8_t readAA[] = { ICLASS_CMD_READ_OR_IDENTIFY,0x05, 0xde, 0x64};
- int read_status= 0;
+ int read_status= 0;
uint8_t result_status = 0;
- bool abort_after_read = arg0 & FLAG_ICLASS_READER_ONLY_ONCE;
-
+ bool abort_after_read = arg0 & FLAG_ICLASS_READER_ONLY_ONCE;
+ bool try_once = arg0 & FLAG_ICLASS_READER_ONE_TRY;
set_tracing(TRUE);
- setupIclassReader();
+ setupIclassReader();
+ uint16_t tryCnt=0;
while(!BUTTON_PRESS())
- {
-
+ {
+ if (try_once && tryCnt > 5) break;
+ tryCnt++;
if(!tracing) {
DbpString("Trace full");
break;
}
LED_B_OFF();
- }
+ }
cmd_send(CMD_ACK,0,0,0,card_data, 0);
LED_A_OFF();
}
+++ /dev/null
-//-----------------------------------------------------------------------------
-// Jonathan Westhues, split Nov 2006
-//
-// This code is licensed to you under the terms of the GNU GPL, version 2 or,
-// at your option, any later version. See the LICENSE.txt file for the text of
-// the license.
-//-----------------------------------------------------------------------------
-// Routines to support ISO 14443. This includes both the reader software and
-// the `fake tag' modes. At the moment only the Type B modulation is
-// supported.
-//-----------------------------------------------------------------------------
-
-#include "proxmark3.h"
-#include "apps.h"
-#include "util.h"
-#include "string.h"
-
-#include "iso14443crc.h"
-
-//static void GetSamplesFor14443(int weTx, int n);
-
-/*#define DEMOD_TRACE_SIZE 4096
-#define READER_TAG_BUFFER_SIZE 2048
-#define TAG_READER_BUFFER_SIZE 2048
-#define DEMOD_DMA_BUFFER_SIZE 1024
-*/
-//=============================================================================
-// An ISO 14443 Type B tag. We listen for commands from the reader, using
-// a UART kind of thing that's implemented in software. When we get a
-// frame (i.e., a group of bytes between SOF and EOF), we check the CRC.
-// If it's good, then we can do something appropriate with it, and send
-// a response.
-//=============================================================================
-
-//-----------------------------------------------------------------------------
-// Code up a string of octets at layer 2 (including CRC, we don't generate
-// that here) so that they can be transmitted to the reader. Doesn't transmit
-// them yet, just leaves them ready to send in ToSend[].
-//-----------------------------------------------------------------------------
-static void CodeIso14443bAsTag(const uint8_t *cmd, int len)
-{
- int i;
-
- ToSendReset();
-
- // Transmit a burst of ones, as the initial thing that lets the
- // reader get phase sync. This (TR1) must be > 80/fs, per spec,
- // but tag that I've tried (a Paypass) exceeds that by a fair bit,
- // so I will too.
- for(i = 0; i < 20; i++) {
- ToSendStuffBit(1);
- ToSendStuffBit(1);
- ToSendStuffBit(1);
- ToSendStuffBit(1);
- }
-
- // Send SOF.
- for(i = 0; i < 10; i++) {
- ToSendStuffBit(0);
- ToSendStuffBit(0);
- ToSendStuffBit(0);
- ToSendStuffBit(0);
- }
- for(i = 0; i < 2; i++) {
- ToSendStuffBit(1);
- ToSendStuffBit(1);
- ToSendStuffBit(1);
- ToSendStuffBit(1);
- }
-
- for(i = 0; i < len; i++) {
- int j;
- uint8_t b = cmd[i];
-
- // Start bit
- ToSendStuffBit(0);
- ToSendStuffBit(0);
- ToSendStuffBit(0);
- ToSendStuffBit(0);
-
- // Data bits
- for(j = 0; j < 8; j++) {
- if(b & 1) {
- ToSendStuffBit(1);
- ToSendStuffBit(1);
- ToSendStuffBit(1);
- ToSendStuffBit(1);
- } else {
- ToSendStuffBit(0);
- ToSendStuffBit(0);
- ToSendStuffBit(0);
- ToSendStuffBit(0);
- }
- b >>= 1;
- }
-
- // Stop bit
- ToSendStuffBit(1);
- ToSendStuffBit(1);
- ToSendStuffBit(1);
- ToSendStuffBit(1);
- }
-
- // Send SOF.
- for(i = 0; i < 10; i++) {
- ToSendStuffBit(0);
- ToSendStuffBit(0);
- ToSendStuffBit(0);
- ToSendStuffBit(0);
- }
- for(i = 0; i < 10; i++) {
- ToSendStuffBit(1);
- ToSendStuffBit(1);
- ToSendStuffBit(1);
- ToSendStuffBit(1);
- }
-
- // Convert from last byte pos to length
- ToSendMax++;
-
- // Add a few more for slop
- ToSendMax += 2;
-}
-
-//-----------------------------------------------------------------------------
-// The software UART that receives commands from the reader, and its state
-// variables.
-//-----------------------------------------------------------------------------
-static struct {
- enum {
- STATE_UNSYNCD,
- STATE_GOT_FALLING_EDGE_OF_SOF,
- STATE_AWAITING_START_BIT,
- STATE_RECEIVING_DATA,
- STATE_ERROR_WAIT
- } state;
- uint16_t shiftReg;
- int bitCnt;
- int byteCnt;
- int byteCntMax;
- int posCnt;
- uint8_t *output;
-} Uart;
-
-/* Receive & handle a bit coming from the reader.
- *
- * LED handling:
- * LED A -> ON once we have received the SOF and are expecting the rest.
- * LED A -> OFF once we have received EOF or are in error state or unsynced
- *
- * Returns: true if we received a EOF
- * false if we are still waiting for some more
- */
-static int Handle14443UartBit(int bit)
-{
- switch(Uart.state) {
- case STATE_UNSYNCD:
- LED_A_OFF();
- if(!bit) {
- // we went low, so this could be the beginning
- // of an SOF
- Uart.state = STATE_GOT_FALLING_EDGE_OF_SOF;
- Uart.posCnt = 0;
- Uart.bitCnt = 0;
- }
- break;
-
- case STATE_GOT_FALLING_EDGE_OF_SOF:
- Uart.posCnt++;
- if(Uart.posCnt == 2) {
- if(bit) {
- if(Uart.bitCnt >= 10) {
- // we've seen enough consecutive
- // zeros that it's a valid SOF
- Uart.posCnt = 0;
- Uart.byteCnt = 0;
- Uart.state = STATE_AWAITING_START_BIT;
- LED_A_ON(); // Indicate we got a valid SOF
- } else {
- // didn't stay down long enough
- // before going high, error
- Uart.state = STATE_ERROR_WAIT;
- }
- } else {
- // do nothing, keep waiting
- }
- Uart.bitCnt++;
- }
- if(Uart.posCnt >= 4) Uart.posCnt = 0;
- if(Uart.bitCnt > 14) {
- // Give up if we see too many zeros without
- // a one, too.
- Uart.state = STATE_ERROR_WAIT;
- }
- break;
-
- case STATE_AWAITING_START_BIT:
- Uart.posCnt++;
- if(bit) {
- if(Uart.posCnt > 25) {
- // stayed high for too long between
- // characters, error
- Uart.state = STATE_ERROR_WAIT;
- }
- } else {
- // falling edge, this starts the data byte
- Uart.posCnt = 0;
- Uart.bitCnt = 0;
- Uart.shiftReg = 0;
- Uart.state = STATE_RECEIVING_DATA;
- LED_A_ON(); // Indicate we're receiving
- }
- break;
-
- case STATE_RECEIVING_DATA:
- Uart.posCnt++;
- if(Uart.posCnt == 2) {
- // time to sample a bit
- Uart.shiftReg >>= 1;
- if(bit) {
- Uart.shiftReg |= 0x200;
- }
- Uart.bitCnt++;
- }
- if(Uart.posCnt >= 4) {
- Uart.posCnt = 0;
- }
- if(Uart.bitCnt == 10) {
- if((Uart.shiftReg & 0x200) && !(Uart.shiftReg & 0x001))
- {
- // this is a data byte, with correct
- // start and stop bits
- Uart.output[Uart.byteCnt] = (Uart.shiftReg >> 1) & 0xff;
- Uart.byteCnt++;
-
- if(Uart.byteCnt >= Uart.byteCntMax) {
- // Buffer overflowed, give up
- Uart.posCnt = 0;
- Uart.state = STATE_ERROR_WAIT;
- } else {
- // so get the next byte now
- Uart.posCnt = 0;
- Uart.state = STATE_AWAITING_START_BIT;
- }
- } else if(Uart.shiftReg == 0x000) {
- // this is an EOF byte
- LED_A_OFF(); // Finished receiving
- return TRUE;
- } else {
- // this is an error
- Uart.posCnt = 0;
- Uart.state = STATE_ERROR_WAIT;
- }
- }
- break;
-
- case STATE_ERROR_WAIT:
- // We're all screwed up, so wait a little while
- // for whatever went wrong to finish, and then
- // start over.
- Uart.posCnt++;
- if(Uart.posCnt > 10) {
- Uart.state = STATE_UNSYNCD;
- }
- break;
-
- default:
- Uart.state = STATE_UNSYNCD;
- break;
- }
-
- // This row make the error blew circular buffer in hf 14b snoop
- //if (Uart.state == STATE_ERROR_WAIT) LED_A_OFF(); // Error
-
- return FALSE;
-}
-
-//-----------------------------------------------------------------------------
-// Receive a command (from the reader to us, where we are the simulated tag),
-// and store it in the given buffer, up to the given maximum length. Keeps
-// spinning, waiting for a well-framed command, until either we get one
-// (returns TRUE) or someone presses the pushbutton on the board (FALSE).
-//
-// Assume that we're called with the SSC (to the FPGA) and ADC path set
-// correctly.
-//-----------------------------------------------------------------------------
-static int GetIso14443CommandFromReader(uint8_t *received, int *len, int maxLen)
-{
- uint8_t mask;
- int i, bit;
-
- // Set FPGA mode to "simulated ISO 14443 tag", no modulation (listen
- // only, since we are receiving, not transmitting).
- // Signal field is off with the appropriate LED
- LED_D_OFF();
- FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_SIMULATOR | FPGA_HF_SIMULATOR_NO_MODULATION);
-
-
- // Now run a `software UART' on the stream of incoming samples.
- Uart.output = received;
- Uart.byteCntMax = maxLen;
- Uart.state = STATE_UNSYNCD;
-
- for(;;) {
- WDT_HIT();
-
- if(BUTTON_PRESS()) return FALSE;
-
- if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {
- AT91C_BASE_SSC->SSC_THR = 0x00;
- }
- if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {
- uint8_t b = (uint8_t)AT91C_BASE_SSC->SSC_RHR;
-
- mask = 0x80;
- for(i = 0; i < 8; i++, mask >>= 1) {
- bit = (b & mask);
- if(Handle14443UartBit(bit)) {
- *len = Uart.byteCnt;
- return TRUE;
- }
- }
- }
- }
-}
-
-//-----------------------------------------------------------------------------
-// Main loop of simulated tag: receive commands from reader, decide what
-// response to send, and send it.
-//-----------------------------------------------------------------------------
-void SimulateIso14443Tag(void)
-{
- static const uint8_t cmd1[] = { 0x05, 0x00, 0x08, 0x39, 0x73 };
- static const uint8_t response1[] = {
- 0x50, 0x82, 0x0d, 0xe1, 0x74, 0x20, 0x38, 0x19, 0x22,
- 0x00, 0x21, 0x85, 0x5e, 0xd7
- };
-
- uint8_t *resp;
- int respLen;
-
- uint8_t *resp1 = BigBuf_get_addr() + 800;
- int resp1Len;
-
- uint8_t *receivedCmd = BigBuf_get_addr();
- int len;
-
- int i;
-
- int cmdsRecvd = 0;
-
- FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
- memset(receivedCmd, 0x44, 400);
-
- CodeIso14443bAsTag(response1, sizeof(response1));
- memcpy(resp1, ToSend, ToSendMax); resp1Len = ToSendMax;
-
- // We need to listen to the high-frequency, peak-detected path.
- SetAdcMuxFor(GPIO_MUXSEL_HIPKD);
- FpgaSetupSsc();
-
- cmdsRecvd = 0;
-
- for(;;) {
- uint8_t b1, b2;
-
- if(!GetIso14443CommandFromReader(receivedCmd, &len, 100)) {
- Dbprintf("button pressed, received %d commands", cmdsRecvd);
- break;
- }
-
- // Good, look at the command now.
-
- if(len == sizeof(cmd1) && memcmp(receivedCmd, cmd1, len)==0) {
- resp = resp1; respLen = resp1Len;
- } else {
- Dbprintf("new cmd from reader: len=%d, cmdsRecvd=%d", len, cmdsRecvd);
- // And print whether the CRC fails, just for good measure
- ComputeCrc14443(CRC_14443_B, receivedCmd, len-2, &b1, &b2);
- if(b1 != receivedCmd[len-2] || b2 != receivedCmd[len-1]) {
- // Not so good, try again.
- DbpString("+++CRC fail");
- } else {
- DbpString("CRC passes");
- }
- break;
- }
-
- memset(receivedCmd, 0x44, 32);
-
- cmdsRecvd++;
-
- if(cmdsRecvd > 0x30) {
- DbpString("many commands later...");
- break;
- }
-
- if(respLen <= 0) continue;
-
- // Modulate BPSK
- // Signal field is off with the appropriate LED
- LED_D_OFF();
- FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_SIMULATOR | FPGA_HF_SIMULATOR_MODULATE_BPSK);
- AT91C_BASE_SSC->SSC_THR = 0xff;
- FpgaSetupSsc();
-
- // Transmit the response.
- i = 0;
- for(;;) {
- if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {
- uint8_t b = resp[i];
-
- AT91C_BASE_SSC->SSC_THR = b;
-
- i++;
- if(i > respLen) {
- break;
- }
- }
- if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {
- volatile uint8_t b = (uint8_t)AT91C_BASE_SSC->SSC_RHR;
- (void)b;
- }
- }
- }
-}
-
-//=============================================================================
-// An ISO 14443 Type B reader. We take layer two commands, code them
-// appropriately, and then send them to the tag. We then listen for the
-// tag's response, which we leave in the buffer to be demodulated on the
-// PC side.
-//=============================================================================
-
-static struct {
- enum {
- DEMOD_UNSYNCD,
- DEMOD_PHASE_REF_TRAINING,
- DEMOD_AWAITING_FALLING_EDGE_OF_SOF,
- DEMOD_GOT_FALLING_EDGE_OF_SOF,
- DEMOD_AWAITING_START_BIT,
- DEMOD_RECEIVING_DATA,
- DEMOD_ERROR_WAIT
- } state;
- int bitCount;
- int posCount;
- int thisBit;
- int metric;
- int metricN;
- uint16_t shiftReg;
- uint8_t *output;
- int len;
- int sumI;
- int sumQ;
-} Demod;
-
-/*
- * Handles reception of a bit from the tag
- *
- * LED handling:
- * LED C -> ON once we have received the SOF and are expecting the rest.
- * LED C -> OFF once we have received EOF or are unsynced
- *
- * Returns: true if we received a EOF
- * false if we are still waiting for some more
- *
- */
-static RAMFUNC int Handle14443SamplesDemod(int ci, int cq)
-{
- int v;
-
- // The soft decision on the bit uses an estimate of just the
- // quadrant of the reference angle, not the exact angle.
-#define MAKE_SOFT_DECISION() { \
- if(Demod.sumI > 0) { \
- v = ci; \
- } else { \
- v = -ci; \
- } \
- if(Demod.sumQ > 0) { \
- v += cq; \
- } else { \
- v -= cq; \
- } \
- }
-
- switch(Demod.state) {
- case DEMOD_UNSYNCD:
- v = ci;
- if(v < 0) v = -v;
- if(cq > 0) {
- v += cq;
- } else {
- v -= cq;
- }
- if(v > 40) {
- Demod.posCount = 0;
- Demod.state = DEMOD_PHASE_REF_TRAINING;
- Demod.sumI = 0;
- Demod.sumQ = 0;
- }
- break;
-
- case DEMOD_PHASE_REF_TRAINING:
- if(Demod.posCount < 8) {
- Demod.sumI += ci;
- Demod.sumQ += cq;
- } else if(Demod.posCount > 100) {
- // error, waited too long
- Demod.state = DEMOD_UNSYNCD;
- } else {
- MAKE_SOFT_DECISION();
- if(v < 0) {
- Demod.state = DEMOD_AWAITING_FALLING_EDGE_OF_SOF;
- Demod.posCount = 0;
- }
- }
- Demod.posCount++;
- break;
-
- case DEMOD_AWAITING_FALLING_EDGE_OF_SOF:
- MAKE_SOFT_DECISION();
- if(v < 0) {
- Demod.state = DEMOD_GOT_FALLING_EDGE_OF_SOF;
- Demod.posCount = 0;
- } else {
- if(Demod.posCount > 100) {
- Demod.state = DEMOD_UNSYNCD;
- }
- }
- Demod.posCount++;
- break;
-
- case DEMOD_GOT_FALLING_EDGE_OF_SOF:
- MAKE_SOFT_DECISION();
- if(v > 0) {
- if(Demod.posCount < 12) {
- Demod.state = DEMOD_UNSYNCD;
- } else {
- LED_C_ON(); // Got SOF
- Demod.state = DEMOD_AWAITING_START_BIT;
- Demod.posCount = 0;
- Demod.len = 0;
- Demod.metricN = 0;
- Demod.metric = 0;
- }
- } else {
- if(Demod.posCount > 100) {
- Demod.state = DEMOD_UNSYNCD;
- }
- }
- Demod.posCount++;
- break;
-
- case DEMOD_AWAITING_START_BIT:
- MAKE_SOFT_DECISION();
- if(v > 0) {
- if(Demod.posCount > 10) {
- Demod.state = DEMOD_UNSYNCD;
- }
- } else {
- Demod.bitCount = 0;
- Demod.posCount = 1;
- Demod.thisBit = v;
- Demod.shiftReg = 0;
- Demod.state = DEMOD_RECEIVING_DATA;
- }
- break;
-
- case DEMOD_RECEIVING_DATA:
- MAKE_SOFT_DECISION();
- if(Demod.posCount == 0) {
- Demod.thisBit = v;
- Demod.posCount = 1;
- } else {
- Demod.thisBit += v;
-
- if(Demod.thisBit > 0) {
- Demod.metric += Demod.thisBit;
- } else {
- Demod.metric -= Demod.thisBit;
- }
- (Demod.metricN)++;
-
- Demod.shiftReg >>= 1;
- if(Demod.thisBit > 0) {
- Demod.shiftReg |= 0x200;
- }
-
- Demod.bitCount++;
- if(Demod.bitCount == 10) {
- uint16_t s = Demod.shiftReg;
- if((s & 0x200) && !(s & 0x001)) {
- uint8_t b = (s >> 1);
- Demod.output[Demod.len] = b;
- Demod.len++;
- Demod.state = DEMOD_AWAITING_START_BIT;
- } else if(s == 0x000) {
- // This is EOF
- LED_C_OFF();
- Demod.state = DEMOD_UNSYNCD;
- return TRUE;
- } else {
- Demod.state = DEMOD_UNSYNCD;
- }
- }
- Demod.posCount = 0;
- }
- break;
-
- default:
- Demod.state = DEMOD_UNSYNCD;
- break;
- }
-
- if (Demod.state == DEMOD_UNSYNCD) LED_C_OFF(); // Not synchronized...
- return FALSE;
-}
-static void DemodReset()
-{
- // Clear out the state of the "UART" that receives from the tag.
- Demod.len = 0;
- Demod.state = DEMOD_UNSYNCD;
- memset(Demod.output, 0x00, MAX_FRAME_SIZE);
-}
-static void DemodInit(uint8_t *data)
-{
- Demod.output = data;
- DemodReset();
-}
-
-static void UartReset()
-{
- Uart.byteCntMax = MAX_FRAME_SIZE;
- Uart.state = STATE_UNSYNCD;
- Uart.byteCnt = 0;
- Uart.bitCnt = 0;
-}
-static void UartInit(uint8_t *data)
-{
- Uart.output = data;
- UartReset();
-}
-
-/*
- * Demodulate the samples we received from the tag, also log to tracebuffer
- * weTx: set to 'TRUE' if we behave like a reader
- * set to 'FALSE' if we behave like a snooper
- * quiet: set to 'TRUE' to disable debug output
- */
-static void GetSamplesFor14443Demod(int weTx, int n, int quiet)
-{
- int max = 0;
- int gotFrame = FALSE;
- int lastRxCounter, ci, cq, samples = 0;
-
- // Allocate memory from BigBuf for some buffers
- // free all previous allocations first
- BigBuf_free();
-
- // The command (reader -> tag) that we're receiving.
- uint8_t *receivedCmd = BigBuf_malloc(MAX_FRAME_SIZE);
-
- // The response (tag -> reader) that we're receiving.
- uint8_t *receivedResponse = BigBuf_malloc(MAX_FRAME_SIZE);
-
- // The DMA buffer, used to stream samples from the FPGA
- uint8_t *dmaBuf = BigBuf_malloc(DMA_BUFFER_SIZE);
-
- // Set up the demodulator for tag -> reader responses.
- DemodInit(receivedResponse);
- // Set up the demodulator for the reader -> tag commands
- UartInit(receivedCmd);
-
- // Setup and start DMA.
- FpgaSetupSscDma(dmaBuf, DMA_BUFFER_SIZE);
-
- uint8_t *upTo= dmaBuf;
- lastRxCounter = DMA_BUFFER_SIZE;
-
- // Signal field is ON with the appropriate LED:
- if (weTx) LED_D_ON(); else LED_D_OFF();
- // And put the FPGA in the appropriate mode
- FpgaWriteConfWord(
- FPGA_MAJOR_MODE_HF_READER_RX_XCORR | FPGA_HF_READER_RX_XCORR_848_KHZ |
- (weTx ? 0 : FPGA_HF_READER_RX_XCORR_SNOOP));
-
- for(;;) {
- int behindBy = lastRxCounter - AT91C_BASE_PDC_SSC->PDC_RCR;
- if(behindBy > max) max = behindBy;
-
- while(((lastRxCounter-AT91C_BASE_PDC_SSC->PDC_RCR) & (DMA_BUFFER_SIZE-1))
- > 2)
- {
- ci = upTo[0];
- cq = upTo[1];
- upTo += 2;
- if(upTo - dmaBuf > DMA_BUFFER_SIZE) {
- upTo -= DMA_BUFFER_SIZE;
- AT91C_BASE_PDC_SSC->PDC_RNPR = (uint32_t) upTo;
- AT91C_BASE_PDC_SSC->PDC_RNCR = DMA_BUFFER_SIZE;
- }
- lastRxCounter -= 2;
- if(lastRxCounter <= 0) {
- lastRxCounter += DMA_BUFFER_SIZE;
- }
-
- samples += 2;
-
- Handle14443UartBit(1);
- Handle14443UartBit(1);
-
- if(Handle14443SamplesDemod(ci, cq)) {
- gotFrame = 1;
- }
- }
-
- if(samples > 2000) {
- break;
- }
- }
- AT91C_BASE_PDC_SSC->PDC_PTCR = AT91C_PDC_RXTDIS;
- if (!quiet) Dbprintf("%x %x %x", max, gotFrame, Demod.len);
- //Tracing
- if (tracing && Demod.len > 0) {
- uint8_t parity[MAX_PARITY_SIZE];
- GetParity(Demod.output , Demod.len, parity);
- LogTrace(Demod.output,Demod.len, 0, 0, parity, FALSE);
- }
-}
-
-//-----------------------------------------------------------------------------
-// Read the tag's response. We just receive a stream of slightly-processed
-// samples from the FPGA, which we will later do some signal processing on,
-// to get the bits.
-//-----------------------------------------------------------------------------
-/*static void GetSamplesFor14443(int weTx, int n)
-{
- uint8_t *dest = (uint8_t *)BigBuf;
- int c;
-
- FpgaWriteConfWord(
- FPGA_MAJOR_MODE_HF_READER_RX_XCORR | FPGA_HF_READER_RX_XCORR_848_KHZ |
- (weTx ? 0 : FPGA_HF_READER_RX_XCORR_SNOOP));
-
- c = 0;
- for(;;) {
- if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {
- AT91C_BASE_SSC->SSC_THR = 0x43;
- }
- if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {
- int8_t b;
- b = (int8_t)AT91C_BASE_SSC->SSC_RHR;
-
- dest[c++] = (uint8_t)b;
-
- if(c >= n) {
- break;
- }
- }
- }
-}*/
-
-//-----------------------------------------------------------------------------
-// Transmit the command (to the tag) that was placed in ToSend[].
-//-----------------------------------------------------------------------------
-static void TransmitFor14443(void)
-{
- int c;
-
- FpgaSetupSsc();
-
- while(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {
- AT91C_BASE_SSC->SSC_THR = 0xff;
- }
-
- // Signal field is ON with the appropriate Red LED
- LED_D_ON();
- // Signal we are transmitting with the Green LED
- LED_B_ON();
- FpgaWriteConfWord(
- FPGA_MAJOR_MODE_HF_READER_TX | FPGA_HF_READER_TX_SHALLOW_MOD);
-
- for(c = 0; c < 10;) {
- if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {
- AT91C_BASE_SSC->SSC_THR = 0xff;
- c++;
- }
- if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {
- volatile uint32_t r = AT91C_BASE_SSC->SSC_RHR;
- (void)r;
- }
- WDT_HIT();
- }
-
- c = 0;
- for(;;) {
- if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {
- AT91C_BASE_SSC->SSC_THR = ToSend[c];
- c++;
- if(c >= ToSendMax) {
- break;
- }
- }
- if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {
- volatile uint32_t r = AT91C_BASE_SSC->SSC_RHR;
- (void)r;
- }
- WDT_HIT();
- }
- LED_B_OFF(); // Finished sending
-}
-
-//-----------------------------------------------------------------------------
-// Code a layer 2 command (string of octets, including CRC) into ToSend[],
-// so that it is ready to transmit to the tag using TransmitFor14443().
-//-----------------------------------------------------------------------------
-static void CodeIso14443bAsReader(const uint8_t *cmd, int len)
-{
- int i, j;
- uint8_t b;
-
- ToSendReset();
-
- // Establish initial reference level
- for(i = 0; i < 40; i++) {
- ToSendStuffBit(1);
- }
- // Send SOF
- for(i = 0; i < 10; i++) {
- ToSendStuffBit(0);
- }
-
- for(i = 0; i < len; i++) {
- // Stop bits/EGT
- ToSendStuffBit(1);
- ToSendStuffBit(1);
- // Start bit
- ToSendStuffBit(0);
- // Data bits
- b = cmd[i];
- for(j = 0; j < 8; j++) {
- if(b & 1) {
- ToSendStuffBit(1);
- } else {
- ToSendStuffBit(0);
- }
- b >>= 1;
- }
- }
- // Send EOF
- ToSendStuffBit(1);
- for(i = 0; i < 10; i++) {
- ToSendStuffBit(0);
- }
- for(i = 0; i < 8; i++) {
- ToSendStuffBit(1);
- }
-
- // And then a little more, to make sure that the last character makes
- // it out before we switch to rx mode.
- for(i = 0; i < 24; i++) {
- ToSendStuffBit(1);
- }
-
- // Convert from last character reference to length
- ToSendMax++;
-}
-
-//-----------------------------------------------------------------------------
-// Read an ISO 14443 tag. We send it some set of commands, and record the
-// responses.
-// The command name is misleading, it actually decodes the reponse in HEX
-// into the output buffer (read the result using hexsamples, not hisamples)
-//
-// obsolete function only for test
-//-----------------------------------------------------------------------------
-void AcquireRawAdcSamplesIso14443(uint32_t parameter)
-{
- uint8_t cmd1[] = { 0x05, 0x00, 0x08, 0x39, 0x73 };
-
- SendRawCommand14443B(sizeof(cmd1),1,1,cmd1);
-}
-
-/**
- Convenience function to encode, transmit and trace iso 14443b comms
- **/
-static void CodeAndTransmit14443bAsReader(const uint8_t *cmd, int len)
-{
- CodeIso14443bAsReader(cmd, len);
- TransmitFor14443();
- if (tracing) {
- uint8_t parity[MAX_PARITY_SIZE];
- GetParity(cmd, len, parity);
- LogTrace(cmd,len, 0, 0, parity, TRUE);
- }
-}
-
-//-----------------------------------------------------------------------------
-// Read a SRI512 ISO 14443 tag.
-//
-// SRI512 tags are just simple memory tags, here we're looking at making a dump
-// of the contents of the memory. No anticollision algorithm is done, we assume
-// we have a single tag in the field.
-//
-// I tried to be systematic and check every answer of the tag, every CRC, etc...
-//-----------------------------------------------------------------------------
-void ReadSTMemoryIso14443(uint32_t dwLast)
-{
- clear_trace();
- set_tracing(TRUE);
-
- uint8_t i = 0x00;
-
- FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
- // Make sure that we start from off, since the tags are stateful;
- // confusing things will happen if we don't reset them between reads.
- LED_D_OFF();
- FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
- SpinDelay(200);
-
- SetAdcMuxFor(GPIO_MUXSEL_HIPKD);
- FpgaSetupSsc();
-
- // Now give it time to spin up.
- // Signal field is on with the appropriate LED
- LED_D_ON();
- FpgaWriteConfWord(
- FPGA_MAJOR_MODE_HF_READER_RX_XCORR | FPGA_HF_READER_RX_XCORR_848_KHZ);
- SpinDelay(200);
-
- // First command: wake up the tag using the INITIATE command
- uint8_t cmd1[] = { 0x06, 0x00, 0x97, 0x5b};
-
- CodeAndTransmit14443bAsReader(cmd1, sizeof(cmd1));
-// LED_A_ON();
- GetSamplesFor14443Demod(TRUE, 2000,TRUE);
-// LED_A_OFF();
-
- if (Demod.len == 0) {
- DbpString("No response from tag");
- return;
- } else {
- Dbprintf("Randomly generated UID from tag (+ 2 byte CRC): %x %x %x",
- Demod.output[0], Demod.output[1],Demod.output[2]);
- }
- // There is a response, SELECT the uid
- DbpString("Now SELECT tag:");
- cmd1[0] = 0x0E; // 0x0E is SELECT
- cmd1[1] = Demod.output[0];
- ComputeCrc14443(CRC_14443_B, cmd1, 2, &cmd1[2], &cmd1[3]);
- CodeAndTransmit14443bAsReader(cmd1, sizeof(cmd1));
-
-// LED_A_ON();
- GetSamplesFor14443Demod(TRUE, 2000,TRUE);
-// LED_A_OFF();
- if (Demod.len != 3) {
- Dbprintf("Expected 3 bytes from tag, got %d", Demod.len);
- return;
- }
- // Check the CRC of the answer:
- ComputeCrc14443(CRC_14443_B, Demod.output, 1 , &cmd1[2], &cmd1[3]);
- if(cmd1[2] != Demod.output[1] || cmd1[3] != Demod.output[2]) {
- DbpString("CRC Error reading select response.");
- return;
- }
- // Check response from the tag: should be the same UID as the command we just sent:
- if (cmd1[1] != Demod.output[0]) {
- Dbprintf("Bad response to SELECT from Tag, aborting: %x %x", cmd1[1], Demod.output[0]);
- return;
- }
- // Tag is now selected,
- // First get the tag's UID:
- cmd1[0] = 0x0B;
- ComputeCrc14443(CRC_14443_B, cmd1, 1 , &cmd1[1], &cmd1[2]);
- CodeAndTransmit14443bAsReader(cmd1, 3); // Only first three bytes for this one
-
-// LED_A_ON();
- GetSamplesFor14443Demod(TRUE, 2000,TRUE);
-// LED_A_OFF();
- if (Demod.len != 10) {
- Dbprintf("Expected 10 bytes from tag, got %d", Demod.len);
- return;
- }
- // The check the CRC of the answer (use cmd1 as temporary variable):
- ComputeCrc14443(CRC_14443_B, Demod.output, 8, &cmd1[2], &cmd1[3]);
- if(cmd1[2] != Demod.output[8] || cmd1[3] != Demod.output[9]) {
- Dbprintf("CRC Error reading block! - Below: expected, got %x %x",
- (cmd1[2]<<8)+cmd1[3], (Demod.output[8]<<8)+Demod.output[9]);
- // Do not return;, let's go on... (we should retry, maybe ?)
- }
- Dbprintf("Tag UID (64 bits): %08x %08x",
- (Demod.output[7]<<24) + (Demod.output[6]<<16) + (Demod.output[5]<<8) + Demod.output[4],
- (Demod.output[3]<<24) + (Demod.output[2]<<16) + (Demod.output[1]<<8) + Demod.output[0]);
-
- // Now loop to read all 16 blocks, address from 0 to last block
- Dbprintf("Tag memory dump, block 0 to %d",dwLast);
- cmd1[0] = 0x08;
- i = 0x00;
- dwLast++;
- for (;;) {
- if (i == dwLast) {
- DbpString("System area block (0xff):");
- i = 0xff;
- }
- cmd1[1] = i;
- ComputeCrc14443(CRC_14443_B, cmd1, 2, &cmd1[2], &cmd1[3]);
- CodeAndTransmit14443bAsReader(cmd1, sizeof(cmd1));
-
-// LED_A_ON();
- GetSamplesFor14443Demod(TRUE, 2000,TRUE);
-// LED_A_OFF();
- if (Demod.len != 6) { // Check if we got an answer from the tag
- DbpString("Expected 6 bytes from tag, got less...");
- return;
- }
- // The check the CRC of the answer (use cmd1 as temporary variable):
- ComputeCrc14443(CRC_14443_B, Demod.output, 4, &cmd1[2], &cmd1[3]);
- if(cmd1[2] != Demod.output[4] || cmd1[3] != Demod.output[5]) {
- Dbprintf("CRC Error reading block! - Below: expected, got %x %x",
- (cmd1[2]<<8)+cmd1[3], (Demod.output[4]<<8)+Demod.output[5]);
- // Do not return;, let's go on... (we should retry, maybe ?)
- }
- // Now print out the memory location:
- Dbprintf("Address=%x, Contents=%x, CRC=%x", i,
- (Demod.output[3]<<24) + (Demod.output[2]<<16) + (Demod.output[1]<<8) + Demod.output[0],
- (Demod.output[4]<<8)+Demod.output[5]);
- if (i == 0xff) {
- break;
- }
- i++;
- }
-}
-
-
-//=============================================================================
-// Finally, the `sniffer' combines elements from both the reader and
-// simulated tag, to show both sides of the conversation.
-//=============================================================================
-
-//-----------------------------------------------------------------------------
-// Record the sequence of commands sent by the reader to the tag, with
-// triggering so that we start recording at the point that the tag is moved
-// near the reader.
-//-----------------------------------------------------------------------------
-/*
- * Memory usage for this function, (within BigBuf)
- * 0-4095 : Demodulated samples receive (4096 bytes) - DEMOD_TRACE_SIZE
- * 4096-6143 : Last Received command, 2048 bytes (reader->tag) - READER_TAG_BUFFER_SIZE
- * 6144-8191 : Last Received command, 2048 bytes(tag->reader) - TAG_READER_BUFFER_SIZE
- * 8192-9215 : DMA Buffer, 1024 bytes (samples) - DEMOD_DMA_BUFFER_SIZE
- */
-void RAMFUNC SnoopIso14443(void)
-{
- // We won't start recording the frames that we acquire until we trigger;
- // a good trigger condition to get started is probably when we see a
- // response from the tag.
- int triggered = TRUE;
-
- FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
- BigBuf_free();
-
- clear_trace();
- set_tracing(TRUE);
-
- // The DMA buffer, used to stream samples from the FPGA
- uint8_t *dmaBuf = BigBuf_malloc(DMA_BUFFER_SIZE);
- int lastRxCounter;
- uint8_t *upTo;
- int ci, cq;
- int maxBehindBy = 0;
-
- // Count of samples received so far, so that we can include timing
- // information in the trace buffer.
- int samples = 0;
-
- DemodInit(BigBuf_malloc(MAX_FRAME_SIZE));
- UartInit(BigBuf_malloc(MAX_FRAME_SIZE));
-
- // Print some debug information about the buffer sizes
- Dbprintf("Snooping buffers initialized:");
- Dbprintf(" Trace: %i bytes", BigBuf_max_traceLen());
- Dbprintf(" Reader -> tag: %i bytes", MAX_FRAME_SIZE);
- Dbprintf(" tag -> Reader: %i bytes", MAX_FRAME_SIZE);
- Dbprintf(" DMA: %i bytes", DMA_BUFFER_SIZE);
-
- // Signal field is off with the appropriate LED
- LED_D_OFF();
-
- // And put the FPGA in the appropriate mode
- FpgaWriteConfWord(
- FPGA_MAJOR_MODE_HF_READER_RX_XCORR | FPGA_HF_READER_RX_XCORR_848_KHZ |
- FPGA_HF_READER_RX_XCORR_SNOOP);
- SetAdcMuxFor(GPIO_MUXSEL_HIPKD);
-
- // Setup for the DMA.
- FpgaSetupSsc();
- upTo = dmaBuf;
- lastRxCounter = DMA_BUFFER_SIZE;
- FpgaSetupSscDma((uint8_t *)dmaBuf, DMA_BUFFER_SIZE);
- uint8_t parity[MAX_PARITY_SIZE];
- LED_A_ON();
-
- // And now we loop, receiving samples.
- for(;;) {
- int behindBy = (lastRxCounter - AT91C_BASE_PDC_SSC->PDC_RCR) &
- (DMA_BUFFER_SIZE-1);
- if(behindBy > maxBehindBy) {
- maxBehindBy = behindBy;
- if(behindBy > (9*DMA_BUFFER_SIZE/10)) { // TODO: understand whether we can increase/decrease as we want or not?
- Dbprintf("blew circular buffer! behindBy=0x%x", behindBy);
- break;
- }
- }
- if(behindBy < 2) continue;
-
- ci = upTo[0];
- cq = upTo[1];
- upTo += 2;
- lastRxCounter -= 2;
- if(upTo - dmaBuf > DMA_BUFFER_SIZE) {
- upTo -= DMA_BUFFER_SIZE;
- lastRxCounter += DMA_BUFFER_SIZE;
- AT91C_BASE_PDC_SSC->PDC_RNPR = (uint32_t) upTo;
- AT91C_BASE_PDC_SSC->PDC_RNCR = DMA_BUFFER_SIZE;
- }
-
- samples += 2;
-
- if(Handle14443UartBit(ci & 1)) {
- if(triggered && tracing) {
- GetParity(Uart.output, Uart.byteCnt, parity);
- LogTrace(Uart.output,Uart.byteCnt,samples, samples,parity,TRUE);
- }
- if(Uart.byteCnt==0) Dbprintf("[1] Error, Uart.byteCnt==0, Uart.bitCnt=%d", Uart.bitCnt);
-
- /* And ready to receive another command. */
- UartReset();
- /* And also reset the demod code, which might have been */
- /* false-triggered by the commands from the reader. */
- DemodReset();
- }
- if(Handle14443UartBit(cq & 1)) {
- if(triggered && tracing) {
- GetParity(Uart.output, Uart.byteCnt, parity);
- LogTrace(Uart.output,Uart.byteCnt,samples, samples,parity,TRUE);
- }
- if(Uart.byteCnt==0) Dbprintf("[2] Error, Uart.byteCnt==0, Uart.bitCnt=%d", Uart.bitCnt);
-
- /* And ready to receive another command. */
- UartReset();
- /* And also reset the demod code, which might have been */
- /* false-triggered by the commands from the reader. */
- DemodReset();
- }
-
- if(Handle14443SamplesDemod(ci, cq)) {
-
- //Use samples as a time measurement
- if(tracing)
- {
- uint8_t parity[MAX_PARITY_SIZE];
- GetParity(Demod.output, Demod.len, parity);
- LogTrace(Demod.output,Demod.len,samples, samples,parity,FALSE);
- }
- triggered = TRUE;
- LED_A_OFF();
- LED_B_ON();
-
- // And ready to receive another response.
- DemodReset();
- }
- WDT_HIT();
-
- if(!tracing) {
- DbpString("Reached trace limit");
- break;
- }
-
- if(BUTTON_PRESS()) {
- DbpString("cancelled");
- break;
- }
- }
- FpgaDisableSscDma();
- LED_A_OFF();
- LED_B_OFF();
- LED_C_OFF();
- AT91C_BASE_PDC_SSC->PDC_PTCR = AT91C_PDC_RXTDIS;
- DbpString("Snoop statistics:");
- Dbprintf(" Max behind by: %i", maxBehindBy);
- Dbprintf(" Uart State: %x", Uart.state);
- Dbprintf(" Uart ByteCnt: %i", Uart.byteCnt);
- Dbprintf(" Uart ByteCntMax: %i", Uart.byteCntMax);
- Dbprintf(" Trace length: %i", BigBuf_get_traceLen());
-}
-
-/*
- * Send raw command to tag ISO14443B
- * @Input
- * datalen len of buffer data
- * recv bool when true wait for data from tag and send to client
- * powerfield bool leave the field on when true
- * data buffer with byte to send
- *
- * @Output
- * none
- *
- */
-
-void SendRawCommand14443B(uint32_t datalen, uint32_t recv,uint8_t powerfield, uint8_t data[])
-{
- FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
- if(!powerfield)
- {
- // Make sure that we start from off, since the tags are stateful;
- // confusing things will happen if we don't reset them between reads.
- FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
- LED_D_OFF();
- SpinDelay(200);
- }
-
- if(!GETBIT(GPIO_LED_D))
- {
- SetAdcMuxFor(GPIO_MUXSEL_HIPKD);
- FpgaSetupSsc();
-
- // Now give it time to spin up.
- // Signal field is on with the appropriate LED
- LED_D_ON();
- FpgaWriteConfWord(
- FPGA_MAJOR_MODE_HF_READER_RX_XCORR | FPGA_HF_READER_RX_XCORR_848_KHZ);
- SpinDelay(200);
- }
-
- CodeAndTransmit14443bAsReader(data, datalen);
-
- if(recv)
- {
- uint16_t iLen = MIN(Demod.len,USB_CMD_DATA_SIZE);
- GetSamplesFor14443Demod(TRUE, 2000, TRUE);
- cmd_send(CMD_ACK,iLen,0,0,Demod.output,iLen);
- }
- if(!powerfield)
- {
- FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
- LED_D_OFF();
- }
-}
-
LEDsoff();
- // We won't start recording the frames that we acquire until we trigger;
- // a good trigger condition to get started is probably when we see a
- // response from the tag.
- // triggered == FALSE -- to wait first for card
- bool triggered = !(param & 0x03);
-
+ iso14443a_setup(FPGA_HF_ISO14443A_SNIFFER);
+
// Allocate memory from BigBuf for some buffers
// free all previous allocations first
BigBuf_free();
bool TagIsActive = FALSE;
bool ReaderIsActive = FALSE;
- iso14443a_setup(FPGA_HF_ISO14443A_SNIFFER);
-
// Set up the demodulator for tag -> reader responses.
DemodInit(receivedResponse, receivedResponsePar);
// Setup and start DMA.
FpgaSetupSscDma((uint8_t *)dmaBuf, DMA_BUFFER_SIZE);
+ // We won't start recording the frames that we acquire until we trigger;
+ // a good trigger condition to get started is probably when we see a
+ // response from the tag.
+ // triggered == FALSE -- to wait first for card
+ bool triggered = !(param & 0x03);
+
// And now we loop, receiving samples.
for(uint32_t rsamples = 0; TRUE; ) {
.modulation_n = 0
};
+ // We need to listen to the high-frequency, peak-detected path.
+ iso14443a_setup(FPGA_HF_ISO14443A_TAGSIM_LISTEN);
+
BigBuf_free_keep_EM();
// allocate buffers:
int happened2 = 0;
int cmdsRecvd = 0;
- // We need to listen to the high-frequency, peak-detected path.
- iso14443a_setup(FPGA_HF_ISO14443A_TAGSIM_LISTEN);
-
cmdsRecvd = 0;
tag_response_info_t* p_response;
nttmp1 = prng_successor(nttmp1, 1);
if (nttmp1 == nt2) return i;
nttmp2 = prng_successor(nttmp2, 1);
- if (nttmp2 == nt1) return -i;
+ if (nttmp2 == nt1) return -i;
}
return(-99999); // either nt1 or nt2 are invalid nonces
uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE];
uint8_t receivedAnswerPar[MAX_MIFARE_PARITY_SIZE];
+ if (first_try) {
+ iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD);
+ }
+
// free eventually allocated BigBuf memory. We want all for tracing.
BigBuf_free();
if (first_try) {
mf_nr_ar3 = 0;
- iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD);
sync_time = GetCountSspClk() & 0xfffffff8;
sync_cycles = 65536; // theory: Mifare Classic's random generator repeats every 2^16 cycles (and so do the nonces).
nt_attacked = 0;
LED_B_OFF();
LED_C_OFF();
-
+
+ #define DARKSIDE_MAX_TRIES 32 // number of tries to sync on PRNG cycle. Then give up.
+ uint16_t unsuccessfull_tries = 0;
+
for(uint16_t i = 0; TRUE; i++) {
+ LED_C_ON();
WDT_HIT();
// Test if the action was cancelled
if(BUTTON_PRESS()) {
+ isOK = -1;
break;
}
- LED_C_ON();
-
if(!iso14443a_select_card(uid, NULL, &cuid)) {
if (MF_DBGLEVEL >= 1) Dbprintf("Mifare: Can't select card");
continue;
nt_attacked = nt;
}
else {
- if (nt_distance == -99999) { // invalid nonce received, try again
- continue;
+ if (nt_distance == -99999) { // invalid nonce received
+ unsuccessfull_tries++;
+ if (!nt_attacked && unsuccessfull_tries > DARKSIDE_MAX_TRIES) {
+ isOK = -3; // Card has an unpredictable PRNG. Give up
+ break;
+ } else {
+ continue; // continue trying...
+ }
}
sync_cycles = (sync_cycles - nt_distance);
if (MF_DBGLEVEL >= 3) Dbprintf("calibrating in cycle %d. nt_distance=%d, Sync_cycles: %d\n", i, nt_distance, sync_cycles);
if (nt_diff == 0 && first_try)
{
par[0]++;
+ if (par[0] == 0x00) { // tried all 256 possible parities without success. Card doesn't send NACK.
+ isOK = -2;
+ break;
+ }
} else {
par[0] = ((par[0] & 0x1F) + 1) | par_low;
}
memcpy(buf + 16, ks_list, 8);
memcpy(buf + 24, mf_nr_ar, 4);
- cmd_send(CMD_ACK,isOK,0,0,buf,28);
+ cmd_send(CMD_ACK, isOK, 0, 0, buf, 28);
// Thats it...
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
uint32_t ar_nr_responses[] = {0,0,0,0,0,0,0,0};
uint8_t ar_nr_collected = 0;
- // free eventually allocated BigBuf memory but keep Emulator Memory
- BigBuf_free_keep_EM();
-
- // clear trace
- clear_trace();
- set_tracing(TRUE);
-
// Authenticate response - nonce
uint32_t nonce = bytes_to_num(rAUTH_NT, 4);
if (_7BUID) {
rATQA[0] = 0x44;
rUIDBCC1[0] = 0x88;
+ rUIDBCC1[4] = rUIDBCC1[0] ^ rUIDBCC1[1] ^ rUIDBCC1[2] ^ rUIDBCC1[3];
rUIDBCC2[4] = rUIDBCC2[0] ^ rUIDBCC2[1] ^ rUIDBCC2[2] ^ rUIDBCC2[3];
}
- // We need to listen to the high-frequency, peak-detected path.
- iso14443a_setup(FPGA_HF_ISO14443A_TAGSIM_LISTEN);
-
-
if (MF_DBGLEVEL >= 1) {
if (!_7BUID) {
Dbprintf("4B UID: %02x%02x%02x%02x",
}
}
+ // We need to listen to the high-frequency, peak-detected path.
+ iso14443a_setup(FPGA_HF_ISO14443A_TAGSIM_LISTEN);
+
+ // free eventually allocated BigBuf memory but keep Emulator Memory
+ BigBuf_free_keep_EM();
+
+ // clear trace
+ clear_trace();
+ set_tracing(TRUE);
+
+
bool finished = FALSE;
while (!BUTTON_PRESS() && !finished) {
WDT_HIT();
|| receivedCmd[0] == 0xB0) { // transfer
if (receivedCmd[1] >= 16 * 4) {
EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA));
- if (MF_DBGLEVEL >= 2) Dbprintf("Reader tried to operate (0x%02) on out of range block: %d (0x%02x), nacking",receivedCmd[0],receivedCmd[1],receivedCmd[1]);
+ if (MF_DBGLEVEL >= 2) Dbprintf("Reader tried to operate (0x%02x) on out of range block: %d (0x%02x), nacking",receivedCmd[0],receivedCmd[1],receivedCmd[1]);
break;
}
if (receivedCmd[1] / 4 != cardAUTHSC) {
EmSend4bit(mf_crypto1_encrypt4bit(pcs, CARD_NACK_NA));
- if (MF_DBGLEVEL >= 2) Dbprintf("Reader tried to operate (0x%02) on block (0x%02x) not authenticated for (0x%02x), nacking",receivedCmd[0],receivedCmd[1],cardAUTHSC);
+ if (MF_DBGLEVEL >= 2) Dbprintf("Reader tried to operate (0x%02x) on block (0x%02x) not authenticated for (0x%02x), nacking",receivedCmd[0],receivedCmd[1],cardAUTHSC);
break;
}
}
uint8_t receivedResponse[MAX_MIFARE_FRAME_SIZE];
uint8_t receivedResponsePar[MAX_MIFARE_PARITY_SIZE];
- // As we receive stuff, we copy it from receivedCmd or receivedResponse
- // into trace, along with its length and other annotations.
- //uint8_t *trace = (uint8_t *)BigBuf;
-
+ iso14443a_setup(FPGA_HF_ISO14443A_SNIFFER);
+
// free eventually allocated BigBuf memory
BigBuf_free();
// allocate the DMA buffer, used to stream samples from the FPGA
bool ReaderIsActive = FALSE;
bool TagIsActive = FALSE;
- iso14443a_setup(FPGA_HF_ISO14443A_SNIFFER);
-
// Set up the demodulator for tag -> reader responses.
DemodInit(receivedResponse, receivedResponsePar);
--- /dev/null
+//-----------------------------------------------------------------------------
+// Jonathan Westhues, split Nov 2006
+//
+// This code is licensed to you under the terms of the GNU GPL, version 2 or,
+// at your option, any later version. See the LICENSE.txt file for the text of
+// the license.
+//-----------------------------------------------------------------------------
+// Routines to support ISO 14443B. This includes both the reader software and
+// the `fake tag' modes.
+//-----------------------------------------------------------------------------
+
+#include "proxmark3.h"
+#include "apps.h"
+#include "util.h"
+#include "string.h"
+
+#include "iso14443crc.h"
+
+#define RECEIVE_SAMPLES_TIMEOUT 2000
+#define ISO14443B_DMA_BUFFER_SIZE 256
+
+//=============================================================================
+// An ISO 14443 Type B tag. We listen for commands from the reader, using
+// a UART kind of thing that's implemented in software. When we get a
+// frame (i.e., a group of bytes between SOF and EOF), we check the CRC.
+// If it's good, then we can do something appropriate with it, and send
+// a response.
+//=============================================================================
+
+//-----------------------------------------------------------------------------
+// Code up a string of octets at layer 2 (including CRC, we don't generate
+// that here) so that they can be transmitted to the reader. Doesn't transmit
+// them yet, just leaves them ready to send in ToSend[].
+//-----------------------------------------------------------------------------
+static void CodeIso14443bAsTag(const uint8_t *cmd, int len)
+{
+ int i;
+
+ ToSendReset();
+
+ // Transmit a burst of ones, as the initial thing that lets the
+ // reader get phase sync. This (TR1) must be > 80/fs, per spec,
+ // but tag that I've tried (a Paypass) exceeds that by a fair bit,
+ // so I will too.
+ for(i = 0; i < 20; i++) {
+ ToSendStuffBit(1);
+ ToSendStuffBit(1);
+ ToSendStuffBit(1);
+ ToSendStuffBit(1);
+ }
+
+ // Send SOF.
+ for(i = 0; i < 10; i++) {
+ ToSendStuffBit(0);
+ ToSendStuffBit(0);
+ ToSendStuffBit(0);
+ ToSendStuffBit(0);
+ }
+ for(i = 0; i < 2; i++) {
+ ToSendStuffBit(1);
+ ToSendStuffBit(1);
+ ToSendStuffBit(1);
+ ToSendStuffBit(1);
+ }
+
+ for(i = 0; i < len; i++) {
+ int j;
+ uint8_t b = cmd[i];
+
+ // Start bit
+ ToSendStuffBit(0);
+ ToSendStuffBit(0);
+ ToSendStuffBit(0);
+ ToSendStuffBit(0);
+
+ // Data bits
+ for(j = 0; j < 8; j++) {
+ if(b & 1) {
+ ToSendStuffBit(1);
+ ToSendStuffBit(1);
+ ToSendStuffBit(1);
+ ToSendStuffBit(1);
+ } else {
+ ToSendStuffBit(0);
+ ToSendStuffBit(0);
+ ToSendStuffBit(0);
+ ToSendStuffBit(0);
+ }
+ b >>= 1;
+ }
+
+ // Stop bit
+ ToSendStuffBit(1);
+ ToSendStuffBit(1);
+ ToSendStuffBit(1);
+ ToSendStuffBit(1);
+ }
+
+ // Send EOF.
+ for(i = 0; i < 10; i++) {
+ ToSendStuffBit(0);
+ ToSendStuffBit(0);
+ ToSendStuffBit(0);
+ ToSendStuffBit(0);
+ }
+ for(i = 0; i < 2; i++) {
+ ToSendStuffBit(1);
+ ToSendStuffBit(1);
+ ToSendStuffBit(1);
+ ToSendStuffBit(1);
+ }
+
+ // Convert from last byte pos to length
+ ToSendMax++;
+}
+
+//-----------------------------------------------------------------------------
+// The software UART that receives commands from the reader, and its state
+// variables.
+//-----------------------------------------------------------------------------
+static struct {
+ enum {
+ STATE_UNSYNCD,
+ STATE_GOT_FALLING_EDGE_OF_SOF,
+ STATE_AWAITING_START_BIT,
+ STATE_RECEIVING_DATA
+ } state;
+ uint16_t shiftReg;
+ int bitCnt;
+ int byteCnt;
+ int byteCntMax;
+ int posCnt;
+ uint8_t *output;
+} Uart;
+
+/* Receive & handle a bit coming from the reader.
+ *
+ * This function is called 4 times per bit (every 2 subcarrier cycles).
+ * Subcarrier frequency fs is 848kHz, 1/fs = 1,18us, i.e. function is called every 2,36us
+ *
+ * LED handling:
+ * LED A -> ON once we have received the SOF and are expecting the rest.
+ * LED A -> OFF once we have received EOF or are in error state or unsynced
+ *
+ * Returns: true if we received a EOF
+ * false if we are still waiting for some more
+ */
+static RAMFUNC int Handle14443bUartBit(uint8_t bit)
+{
+ switch(Uart.state) {
+ case STATE_UNSYNCD:
+ if(!bit) {
+ // we went low, so this could be the beginning
+ // of an SOF
+ Uart.state = STATE_GOT_FALLING_EDGE_OF_SOF;
+ Uart.posCnt = 0;
+ Uart.bitCnt = 0;
+ }
+ break;
+
+ case STATE_GOT_FALLING_EDGE_OF_SOF:
+ Uart.posCnt++;
+ if(Uart.posCnt == 2) { // sample every 4 1/fs in the middle of a bit
+ if(bit) {
+ if(Uart.bitCnt > 9) {
+ // we've seen enough consecutive
+ // zeros that it's a valid SOF
+ Uart.posCnt = 0;
+ Uart.byteCnt = 0;
+ Uart.state = STATE_AWAITING_START_BIT;
+ LED_A_ON(); // Indicate we got a valid SOF
+ } else {
+ // didn't stay down long enough
+ // before going high, error
+ Uart.state = STATE_UNSYNCD;
+ }
+ } else {
+ // do nothing, keep waiting
+ }
+ Uart.bitCnt++;
+ }
+ if(Uart.posCnt >= 4) Uart.posCnt = 0;
+ if(Uart.bitCnt > 12) {
+ // Give up if we see too many zeros without
+ // a one, too.
+ LED_A_OFF();
+ Uart.state = STATE_UNSYNCD;
+ }
+ break;
+
+ case STATE_AWAITING_START_BIT:
+ Uart.posCnt++;
+ if(bit) {
+ if(Uart.posCnt > 50/2) { // max 57us between characters = 49 1/fs, max 3 etus after low phase of SOF = 24 1/fs
+ // stayed high for too long between
+ // characters, error
+ Uart.state = STATE_UNSYNCD;
+ }
+ } else {
+ // falling edge, this starts the data byte
+ Uart.posCnt = 0;
+ Uart.bitCnt = 0;
+ Uart.shiftReg = 0;
+ Uart.state = STATE_RECEIVING_DATA;
+ }
+ break;
+
+ case STATE_RECEIVING_DATA:
+ Uart.posCnt++;
+ if(Uart.posCnt == 2) {
+ // time to sample a bit
+ Uart.shiftReg >>= 1;
+ if(bit) {
+ Uart.shiftReg |= 0x200;
+ }
+ Uart.bitCnt++;
+ }
+ if(Uart.posCnt >= 4) {
+ Uart.posCnt = 0;
+ }
+ if(Uart.bitCnt == 10) {
+ if((Uart.shiftReg & 0x200) && !(Uart.shiftReg & 0x001))
+ {
+ // this is a data byte, with correct
+ // start and stop bits
+ Uart.output[Uart.byteCnt] = (Uart.shiftReg >> 1) & 0xff;
+ Uart.byteCnt++;
+
+ if(Uart.byteCnt >= Uart.byteCntMax) {
+ // Buffer overflowed, give up
+ LED_A_OFF();
+ Uart.state = STATE_UNSYNCD;
+ } else {
+ // so get the next byte now
+ Uart.posCnt = 0;
+ Uart.state = STATE_AWAITING_START_BIT;
+ }
+ } else if (Uart.shiftReg == 0x000) {
+ // this is an EOF byte
+ LED_A_OFF(); // Finished receiving
+ Uart.state = STATE_UNSYNCD;
+ if (Uart.byteCnt != 0) {
+ return TRUE;
+ }
+ } else {
+ // this is an error
+ LED_A_OFF();
+ Uart.state = STATE_UNSYNCD;
+ }
+ }
+ break;
+
+ default:
+ LED_A_OFF();
+ Uart.state = STATE_UNSYNCD;
+ break;
+ }
+
+ return FALSE;
+}
+
+
+static void UartReset()
+{
+ Uart.byteCntMax = MAX_FRAME_SIZE;
+ Uart.state = STATE_UNSYNCD;
+ Uart.byteCnt = 0;
+ Uart.bitCnt = 0;
+}
+
+
+static void UartInit(uint8_t *data)
+{
+ Uart.output = data;
+ UartReset();
+}
+
+
+//-----------------------------------------------------------------------------
+// Receive a command (from the reader to us, where we are the simulated tag),
+// and store it in the given buffer, up to the given maximum length. Keeps
+// spinning, waiting for a well-framed command, until either we get one
+// (returns TRUE) or someone presses the pushbutton on the board (FALSE).
+//
+// Assume that we're called with the SSC (to the FPGA) and ADC path set
+// correctly.
+//-----------------------------------------------------------------------------
+static int GetIso14443bCommandFromReader(uint8_t *received, uint16_t *len)
+{
+ // Set FPGA mode to "simulated ISO 14443B tag", no modulation (listen
+ // only, since we are receiving, not transmitting).
+ // Signal field is off with the appropriate LED
+ LED_D_OFF();
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_SIMULATOR | FPGA_HF_SIMULATOR_NO_MODULATION);
+
+ // Now run a `software UART' on the stream of incoming samples.
+ UartInit(received);
+
+ for(;;) {
+ WDT_HIT();
+
+ if(BUTTON_PRESS()) return FALSE;
+
+ if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {
+ uint8_t b = (uint8_t)AT91C_BASE_SSC->SSC_RHR;
+ for(uint8_t mask = 0x80; mask != 0x00; mask >>= 1) {
+ if(Handle14443bUartBit(b & mask)) {
+ *len = Uart.byteCnt;
+ return TRUE;
+ }
+ }
+ }
+ }
+
+ return FALSE;
+}
+
+//-----------------------------------------------------------------------------
+// Main loop of simulated tag: receive commands from reader, decide what
+// response to send, and send it.
+//-----------------------------------------------------------------------------
+void SimulateIso14443bTag(void)
+{
+ // the only commands we understand is REQB, AFI=0, Select All, N=0:
+ static const uint8_t cmd1[] = { 0x05, 0x00, 0x08, 0x39, 0x73 };
+ // ... and REQB, AFI=0, Normal Request, N=0:
+ static const uint8_t cmd2[] = { 0x05, 0x00, 0x00, 0x71, 0xFF };
+
+ // ... and we always respond with ATQB, PUPI = 820de174, Application Data = 0x20381922,
+ // supports only 106kBit/s in both directions, max frame size = 32Bytes,
+ // supports ISO14443-4, FWI=8 (77ms), NAD supported, CID not supported:
+ static const uint8_t response1[] = {
+ 0x50, 0x82, 0x0d, 0xe1, 0x74, 0x20, 0x38, 0x19, 0x22,
+ 0x00, 0x21, 0x85, 0x5e, 0xd7
+ };
+
+ FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
+
+ clear_trace();
+ set_tracing(TRUE);
+
+ const uint8_t *resp;
+ uint8_t *respCode;
+ uint16_t respLen, respCodeLen;
+
+ // allocate command receive buffer
+ BigBuf_free();
+ uint8_t *receivedCmd = BigBuf_malloc(MAX_FRAME_SIZE);
+
+ uint16_t len;
+ uint16_t cmdsRecvd = 0;
+
+ // prepare the (only one) tag answer:
+ CodeIso14443bAsTag(response1, sizeof(response1));
+ uint8_t *resp1Code = BigBuf_malloc(ToSendMax);
+ memcpy(resp1Code, ToSend, ToSendMax);
+ uint16_t resp1CodeLen = ToSendMax;
+
+ // We need to listen to the high-frequency, peak-detected path.
+ SetAdcMuxFor(GPIO_MUXSEL_HIPKD);
+ FpgaSetupSsc();
+
+ cmdsRecvd = 0;
+
+ for(;;) {
+
+ if(!GetIso14443bCommandFromReader(receivedCmd, &len)) {
+ Dbprintf("button pressed, received %d commands", cmdsRecvd);
+ break;
+ }
+
+ if (tracing) {
+ uint8_t parity[MAX_PARITY_SIZE];
+ LogTrace(receivedCmd, len, 0, 0, parity, TRUE);
+ }
+
+ // Good, look at the command now.
+ if ( (len == sizeof(cmd1) && memcmp(receivedCmd, cmd1, len) == 0)
+ || (len == sizeof(cmd2) && memcmp(receivedCmd, cmd2, len) == 0) ) {
+ resp = response1;
+ respLen = sizeof(response1);
+ respCode = resp1Code;
+ respCodeLen = resp1CodeLen;
+ } else {
+ Dbprintf("new cmd from reader: len=%d, cmdsRecvd=%d", len, cmdsRecvd);
+ // And print whether the CRC fails, just for good measure
+ uint8_t b1, b2;
+ ComputeCrc14443(CRC_14443_B, receivedCmd, len-2, &b1, &b2);
+ if(b1 != receivedCmd[len-2] || b2 != receivedCmd[len-1]) {
+ // Not so good, try again.
+ DbpString("+++CRC fail");
+ } else {
+ DbpString("CRC passes");
+ }
+ break;
+ }
+
+ cmdsRecvd++;
+
+ if(cmdsRecvd > 0x30) {
+ DbpString("many commands later...");
+ break;
+ }
+
+ if(respCodeLen <= 0) continue;
+
+ // Modulate BPSK
+ // Signal field is off with the appropriate LED
+ LED_D_OFF();
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_SIMULATOR | FPGA_HF_SIMULATOR_MODULATE_BPSK);
+ AT91C_BASE_SSC->SSC_THR = 0xff;
+ FpgaSetupSsc();
+
+ // Transmit the response.
+ uint16_t i = 0;
+ for(;;) {
+ if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {
+ uint8_t b = respCode[i];
+
+ AT91C_BASE_SSC->SSC_THR = b;
+
+ i++;
+ if(i > respCodeLen) {
+ break;
+ }
+ }
+ if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {
+ volatile uint8_t b = (uint8_t)AT91C_BASE_SSC->SSC_RHR;
+ (void)b;
+ }
+ }
+
+ // trace the response:
+ if (tracing) {
+ uint8_t parity[MAX_PARITY_SIZE];
+ LogTrace(resp, respLen, 0, 0, parity, FALSE);
+ }
+
+ }
+}
+
+//=============================================================================
+// An ISO 14443 Type B reader. We take layer two commands, code them
+// appropriately, and then send them to the tag. We then listen for the
+// tag's response, which we leave in the buffer to be demodulated on the
+// PC side.
+//=============================================================================
+
+static struct {
+ enum {
+ DEMOD_UNSYNCD,
+ DEMOD_PHASE_REF_TRAINING,
+ DEMOD_AWAITING_FALLING_EDGE_OF_SOF,
+ DEMOD_GOT_FALLING_EDGE_OF_SOF,
+ DEMOD_AWAITING_START_BIT,
+ DEMOD_RECEIVING_DATA
+ } state;
+ int bitCount;
+ int posCount;
+ int thisBit;
+/* this had been used to add RSSI (Received Signal Strength Indication) to traces. Currently not implemented.
+ int metric;
+ int metricN;
+*/
+ uint16_t shiftReg;
+ uint8_t *output;
+ int len;
+ int sumI;
+ int sumQ;
+} Demod;
+
+/*
+ * Handles reception of a bit from the tag
+ *
+ * This function is called 2 times per bit (every 4 subcarrier cycles).
+ * Subcarrier frequency fs is 848kHz, 1/fs = 1,18us, i.e. function is called every 4,72us
+ *
+ * LED handling:
+ * LED C -> ON once we have received the SOF and are expecting the rest.
+ * LED C -> OFF once we have received EOF or are unsynced
+ *
+ * Returns: true if we received a EOF
+ * false if we are still waiting for some more
+ *
+ */
+static RAMFUNC int Handle14443bSamplesDemod(int ci, int cq)
+{
+ int v;
+
+// The soft decision on the bit uses an estimate of just the
+// quadrant of the reference angle, not the exact angle.
+#define MAKE_SOFT_DECISION() { \
+ if(Demod.sumI > 0) { \
+ v = ci; \
+ } else { \
+ v = -ci; \
+ } \
+ if(Demod.sumQ > 0) { \
+ v += cq; \
+ } else { \
+ v -= cq; \
+ } \
+ }
+
+#define SUBCARRIER_DETECT_THRESHOLD 8
+
+// Subcarrier amplitude v = sqrt(ci^2 + cq^2), approximated here by abs(ci) + abs(cq)
+/* #define CHECK_FOR_SUBCARRIER() { \
+ v = ci; \
+ if(v < 0) v = -v; \
+ if(cq > 0) { \
+ v += cq; \
+ } else { \
+ v -= cq; \
+ } \
+ }
+ */
+// Subcarrier amplitude v = sqrt(ci^2 + cq^2), approximated here by max(abs(ci),abs(cq)) + 1/2*min(abs(ci),abs(cq)))
+#define CHECK_FOR_SUBCARRIER() { \
+ if(ci < 0) { \
+ if(cq < 0) { /* ci < 0, cq < 0 */ \
+ if (cq < ci) { \
+ v = -cq - (ci >> 1); \
+ } else { \
+ v = -ci - (cq >> 1); \
+ } \
+ } else { /* ci < 0, cq >= 0 */ \
+ if (cq < -ci) { \
+ v = -ci + (cq >> 1); \
+ } else { \
+ v = cq - (ci >> 1); \
+ } \
+ } \
+ } else { \
+ if(cq < 0) { /* ci >= 0, cq < 0 */ \
+ if (-cq < ci) { \
+ v = ci - (cq >> 1); \
+ } else { \
+ v = -cq + (ci >> 1); \
+ } \
+ } else { /* ci >= 0, cq >= 0 */ \
+ if (cq < ci) { \
+ v = ci + (cq >> 1); \
+ } else { \
+ v = cq + (ci >> 1); \
+ } \
+ } \
+ } \
+ }
+
+ switch(Demod.state) {
+ case DEMOD_UNSYNCD:
+ CHECK_FOR_SUBCARRIER();
+ if(v > SUBCARRIER_DETECT_THRESHOLD) { // subcarrier detected
+ Demod.state = DEMOD_PHASE_REF_TRAINING;
+ Demod.sumI = ci;
+ Demod.sumQ = cq;
+ Demod.posCount = 1;
+ }
+ break;
+
+ case DEMOD_PHASE_REF_TRAINING:
+ if(Demod.posCount < 8) {
+ CHECK_FOR_SUBCARRIER();
+ if (v > SUBCARRIER_DETECT_THRESHOLD) {
+ // set the reference phase (will code a logic '1') by averaging over 32 1/fs.
+ // note: synchronization time > 80 1/fs
+ Demod.sumI += ci;
+ Demod.sumQ += cq;
+ Demod.posCount++;
+ } else { // subcarrier lost
+ Demod.state = DEMOD_UNSYNCD;
+ }
+ } else {
+ Demod.state = DEMOD_AWAITING_FALLING_EDGE_OF_SOF;
+ }
+ break;
+
+ case DEMOD_AWAITING_FALLING_EDGE_OF_SOF:
+ MAKE_SOFT_DECISION();
+ if(v < 0) { // logic '0' detected
+ Demod.state = DEMOD_GOT_FALLING_EDGE_OF_SOF;
+ Demod.posCount = 0; // start of SOF sequence
+ } else {
+ if(Demod.posCount > 200/4) { // maximum length of TR1 = 200 1/fs
+ Demod.state = DEMOD_UNSYNCD;
+ }
+ }
+ Demod.posCount++;
+ break;
+
+ case DEMOD_GOT_FALLING_EDGE_OF_SOF:
+ Demod.posCount++;
+ MAKE_SOFT_DECISION();
+ if(v > 0) {
+ if(Demod.posCount < 9*2) { // low phase of SOF too short (< 9 etu). Note: spec is >= 10, but FPGA tends to "smear" edges
+ Demod.state = DEMOD_UNSYNCD;
+ } else {
+ LED_C_ON(); // Got SOF
+ Demod.state = DEMOD_AWAITING_START_BIT;
+ Demod.posCount = 0;
+ Demod.len = 0;
+/* this had been used to add RSSI (Received Signal Strength Indication) to traces. Currently not implemented.
+ Demod.metricN = 0;
+ Demod.metric = 0;
+*/
+ }
+ } else {
+ if(Demod.posCount > 12*2) { // low phase of SOF too long (> 12 etu)
+ Demod.state = DEMOD_UNSYNCD;
+ LED_C_OFF();
+ }
+ }
+ break;
+
+ case DEMOD_AWAITING_START_BIT:
+ Demod.posCount++;
+ MAKE_SOFT_DECISION();
+ if(v > 0) {
+ if(Demod.posCount > 3*2) { // max 19us between characters = 16 1/fs, max 3 etu after low phase of SOF = 24 1/fs
+ Demod.state = DEMOD_UNSYNCD;
+ LED_C_OFF();
+ }
+ } else { // start bit detected
+ Demod.bitCount = 0;
+ Demod.posCount = 1; // this was the first half
+ Demod.thisBit = v;
+ Demod.shiftReg = 0;
+ Demod.state = DEMOD_RECEIVING_DATA;
+ }
+ break;
+
+ case DEMOD_RECEIVING_DATA:
+ MAKE_SOFT_DECISION();
+ if(Demod.posCount == 0) { // first half of bit
+ Demod.thisBit = v;
+ Demod.posCount = 1;
+ } else { // second half of bit
+ Demod.thisBit += v;
+
+/* this had been used to add RSSI (Received Signal Strength Indication) to traces. Currently not implemented.
+ if(Demod.thisBit > 0) {
+ Demod.metric += Demod.thisBit;
+ } else {
+ Demod.metric -= Demod.thisBit;
+ }
+ (Demod.metricN)++;
+*/
+
+ Demod.shiftReg >>= 1;
+ if(Demod.thisBit > 0) { // logic '1'
+ Demod.shiftReg |= 0x200;
+ }
+
+ Demod.bitCount++;
+ if(Demod.bitCount == 10) {
+ uint16_t s = Demod.shiftReg;
+ if((s & 0x200) && !(s & 0x001)) { // stop bit == '1', start bit == '0'
+ uint8_t b = (s >> 1);
+ Demod.output[Demod.len] = b;
+ Demod.len++;
+ Demod.state = DEMOD_AWAITING_START_BIT;
+ } else {
+ Demod.state = DEMOD_UNSYNCD;
+ LED_C_OFF();
+ if(s == 0x000) {
+ // This is EOF (start, stop and all data bits == '0'
+ return TRUE;
+ }
+ }
+ }
+ Demod.posCount = 0;
+ }
+ break;
+
+ default:
+ Demod.state = DEMOD_UNSYNCD;
+ LED_C_OFF();
+ break;
+ }
+
+ return FALSE;
+}
+
+
+static void DemodReset()
+{
+ // Clear out the state of the "UART" that receives from the tag.
+ Demod.len = 0;
+ Demod.state = DEMOD_UNSYNCD;
+ Demod.posCount = 0;
+ memset(Demod.output, 0x00, MAX_FRAME_SIZE);
+}
+
+
+static void DemodInit(uint8_t *data)
+{
+ Demod.output = data;
+ DemodReset();
+}
+
+
+/*
+ * Demodulate the samples we received from the tag, also log to tracebuffer
+ * quiet: set to 'TRUE' to disable debug output
+ */
+static void GetSamplesFor14443bDemod(int n, bool quiet)
+{
+ int max = 0;
+ bool gotFrame = FALSE;
+ int lastRxCounter, ci, cq, samples = 0;
+
+ // Allocate memory from BigBuf for some buffers
+ // free all previous allocations first
+ BigBuf_free();
+
+ // The response (tag -> reader) that we're receiving.
+ uint8_t *receivedResponse = BigBuf_malloc(MAX_FRAME_SIZE);
+
+ // The DMA buffer, used to stream samples from the FPGA
+ int8_t *dmaBuf = (int8_t*) BigBuf_malloc(ISO14443B_DMA_BUFFER_SIZE);
+
+ // Set up the demodulator for tag -> reader responses.
+ DemodInit(receivedResponse);
+
+ // Setup and start DMA.
+ FpgaSetupSscDma((uint8_t*) dmaBuf, ISO14443B_DMA_BUFFER_SIZE);
+
+ int8_t *upTo = dmaBuf;
+ lastRxCounter = ISO14443B_DMA_BUFFER_SIZE;
+
+ // Signal field is ON with the appropriate LED:
+ LED_D_ON();
+ // And put the FPGA in the appropriate mode
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_READER_RX_XCORR | FPGA_HF_READER_RX_XCORR_848_KHZ);
+
+ for(;;) {
+ int behindBy = lastRxCounter - AT91C_BASE_PDC_SSC->PDC_RCR;
+ if(behindBy > max) max = behindBy;
+
+ while(((lastRxCounter-AT91C_BASE_PDC_SSC->PDC_RCR) & (ISO14443B_DMA_BUFFER_SIZE-1)) > 2) {
+ ci = upTo[0];
+ cq = upTo[1];
+ upTo += 2;
+ if(upTo >= dmaBuf + ISO14443B_DMA_BUFFER_SIZE) {
+ upTo = dmaBuf;
+ AT91C_BASE_PDC_SSC->PDC_RNPR = (uint32_t) upTo;
+ AT91C_BASE_PDC_SSC->PDC_RNCR = ISO14443B_DMA_BUFFER_SIZE;
+ }
+ lastRxCounter -= 2;
+ if(lastRxCounter <= 0) {
+ lastRxCounter += ISO14443B_DMA_BUFFER_SIZE;
+ }
+
+ samples += 2;
+
+ if(Handle14443bSamplesDemod(ci, cq)) {
+ gotFrame = TRUE;
+ break;
+ }
+ }
+
+ if(samples > n || gotFrame) {
+ break;
+ }
+ }
+
+ AT91C_BASE_PDC_SSC->PDC_PTCR = AT91C_PDC_RXTDIS;
+
+ if (!quiet) Dbprintf("max behindby = %d, samples = %d, gotFrame = %d, Demod.len = %d, Demod.sumI = %d, Demod.sumQ = %d", max, samples, gotFrame, Demod.len, Demod.sumI, Demod.sumQ);
+ //Tracing
+ if (tracing && Demod.len > 0) {
+ uint8_t parity[MAX_PARITY_SIZE];
+ LogTrace(Demod.output, Demod.len, 0, 0, parity, FALSE);
+ }
+}
+
+
+//-----------------------------------------------------------------------------
+// Transmit the command (to the tag) that was placed in ToSend[].
+//-----------------------------------------------------------------------------
+static void TransmitFor14443b(void)
+{
+ int c;
+
+ FpgaSetupSsc();
+
+ while(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {
+ AT91C_BASE_SSC->SSC_THR = 0xff;
+ }
+
+ // Signal field is ON with the appropriate Red LED
+ LED_D_ON();
+ // Signal we are transmitting with the Green LED
+ LED_B_ON();
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_READER_TX | FPGA_HF_READER_TX_SHALLOW_MOD);
+
+ for(c = 0; c < 10;) {
+ if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {
+ AT91C_BASE_SSC->SSC_THR = 0xff;
+ c++;
+ }
+ if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {
+ volatile uint32_t r = AT91C_BASE_SSC->SSC_RHR;
+ (void)r;
+ }
+ WDT_HIT();
+ }
+
+ c = 0;
+ for(;;) {
+ if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) {
+ AT91C_BASE_SSC->SSC_THR = ToSend[c];
+ c++;
+ if(c >= ToSendMax) {
+ break;
+ }
+ }
+ if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_RXRDY)) {
+ volatile uint32_t r = AT91C_BASE_SSC->SSC_RHR;
+ (void)r;
+ }
+ WDT_HIT();
+ }
+ LED_B_OFF(); // Finished sending
+}
+
+
+//-----------------------------------------------------------------------------
+// Code a layer 2 command (string of octets, including CRC) into ToSend[],
+// so that it is ready to transmit to the tag using TransmitFor14443b().
+//-----------------------------------------------------------------------------
+static void CodeIso14443bAsReader(const uint8_t *cmd, int len)
+{
+ int i, j;
+ uint8_t b;
+
+ ToSendReset();
+
+ // Establish initial reference level
+ for(i = 0; i < 40; i++) {
+ ToSendStuffBit(1);
+ }
+ // Send SOF
+ for(i = 0; i < 10; i++) {
+ ToSendStuffBit(0);
+ }
+
+ for(i = 0; i < len; i++) {
+ // Stop bits/EGT
+ ToSendStuffBit(1);
+ ToSendStuffBit(1);
+ // Start bit
+ ToSendStuffBit(0);
+ // Data bits
+ b = cmd[i];
+ for(j = 0; j < 8; j++) {
+ if(b & 1) {
+ ToSendStuffBit(1);
+ } else {
+ ToSendStuffBit(0);
+ }
+ b >>= 1;
+ }
+ }
+ // Send EOF
+ ToSendStuffBit(1);
+ for(i = 0; i < 10; i++) {
+ ToSendStuffBit(0);
+ }
+ for(i = 0; i < 8; i++) {
+ ToSendStuffBit(1);
+ }
+
+ // And then a little more, to make sure that the last character makes
+ // it out before we switch to rx mode.
+ for(i = 0; i < 24; i++) {
+ ToSendStuffBit(1);
+ }
+
+ // Convert from last character reference to length
+ ToSendMax++;
+}
+
+
+/**
+ Convenience function to encode, transmit and trace iso 14443b comms
+ **/
+static void CodeAndTransmit14443bAsReader(const uint8_t *cmd, int len)
+{
+ CodeIso14443bAsReader(cmd, len);
+ TransmitFor14443b();
+ if (tracing) {
+ uint8_t parity[MAX_PARITY_SIZE];
+ LogTrace(cmd,len, 0, 0, parity, TRUE);
+ }
+}
+
+
+//-----------------------------------------------------------------------------
+// Read a SRI512 ISO 14443B tag.
+//
+// SRI512 tags are just simple memory tags, here we're looking at making a dump
+// of the contents of the memory. No anticollision algorithm is done, we assume
+// we have a single tag in the field.
+//
+// I tried to be systematic and check every answer of the tag, every CRC, etc...
+//-----------------------------------------------------------------------------
+void ReadSTMemoryIso14443b(uint32_t dwLast)
+{
+ uint8_t i = 0x00;
+
+ FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
+ // Make sure that we start from off, since the tags are stateful;
+ // confusing things will happen if we don't reset them between reads.
+ LED_D_OFF();
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
+ SpinDelay(200);
+
+ SetAdcMuxFor(GPIO_MUXSEL_HIPKD);
+ FpgaSetupSsc();
+
+ // Now give it time to spin up.
+ // Signal field is on with the appropriate LED
+ LED_D_ON();
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_READER_RX_XCORR | FPGA_HF_READER_RX_XCORR_848_KHZ);
+ SpinDelay(200);
+
+ clear_trace();
+ set_tracing(TRUE);
+
+ // First command: wake up the tag using the INITIATE command
+ uint8_t cmd1[] = {0x06, 0x00, 0x97, 0x5b};
+ CodeAndTransmit14443bAsReader(cmd1, sizeof(cmd1));
+ GetSamplesFor14443bDemod(RECEIVE_SAMPLES_TIMEOUT, TRUE);
+
+ if (Demod.len == 0) {
+ DbpString("No response from tag");
+ return;
+ } else {
+ Dbprintf("Randomly generated Chip ID (+ 2 byte CRC): %02x %02x %02x",
+ Demod.output[0], Demod.output[1], Demod.output[2]);
+ }
+
+ // There is a response, SELECT the uid
+ DbpString("Now SELECT tag:");
+ cmd1[0] = 0x0E; // 0x0E is SELECT
+ cmd1[1] = Demod.output[0];
+ ComputeCrc14443(CRC_14443_B, cmd1, 2, &cmd1[2], &cmd1[3]);
+ CodeAndTransmit14443bAsReader(cmd1, sizeof(cmd1));
+ GetSamplesFor14443bDemod(RECEIVE_SAMPLES_TIMEOUT, TRUE);
+ if (Demod.len != 3) {
+ Dbprintf("Expected 3 bytes from tag, got %d", Demod.len);
+ return;
+ }
+ // Check the CRC of the answer:
+ ComputeCrc14443(CRC_14443_B, Demod.output, 1 , &cmd1[2], &cmd1[3]);
+ if(cmd1[2] != Demod.output[1] || cmd1[3] != Demod.output[2]) {
+ DbpString("CRC Error reading select response.");
+ return;
+ }
+ // Check response from the tag: should be the same UID as the command we just sent:
+ if (cmd1[1] != Demod.output[0]) {
+ Dbprintf("Bad response to SELECT from Tag, aborting: %02x %02x", cmd1[1], Demod.output[0]);
+ return;
+ }
+
+ // Tag is now selected,
+ // First get the tag's UID:
+ cmd1[0] = 0x0B;
+ ComputeCrc14443(CRC_14443_B, cmd1, 1 , &cmd1[1], &cmd1[2]);
+ CodeAndTransmit14443bAsReader(cmd1, 3); // Only first three bytes for this one
+ GetSamplesFor14443bDemod(RECEIVE_SAMPLES_TIMEOUT, TRUE);
+ if (Demod.len != 10) {
+ Dbprintf("Expected 10 bytes from tag, got %d", Demod.len);
+ return;
+ }
+ // The check the CRC of the answer (use cmd1 as temporary variable):
+ ComputeCrc14443(CRC_14443_B, Demod.output, 8, &cmd1[2], &cmd1[3]);
+ if(cmd1[2] != Demod.output[8] || cmd1[3] != Demod.output[9]) {
+ Dbprintf("CRC Error reading block! Expected: %04x got: %04x",
+ (cmd1[2]<<8)+cmd1[3], (Demod.output[8]<<8)+Demod.output[9]);
+ // Do not return;, let's go on... (we should retry, maybe ?)
+ }
+ Dbprintf("Tag UID (64 bits): %08x %08x",
+ (Demod.output[7]<<24) + (Demod.output[6]<<16) + (Demod.output[5]<<8) + Demod.output[4],
+ (Demod.output[3]<<24) + (Demod.output[2]<<16) + (Demod.output[1]<<8) + Demod.output[0]);
+
+ // Now loop to read all 16 blocks, address from 0 to last block
+ Dbprintf("Tag memory dump, block 0 to %d", dwLast);
+ cmd1[0] = 0x08;
+ i = 0x00;
+ dwLast++;
+ for (;;) {
+ if (i == dwLast) {
+ DbpString("System area block (0xff):");
+ i = 0xff;
+ }
+ cmd1[1] = i;
+ ComputeCrc14443(CRC_14443_B, cmd1, 2, &cmd1[2], &cmd1[3]);
+ CodeAndTransmit14443bAsReader(cmd1, sizeof(cmd1));
+ GetSamplesFor14443bDemod(RECEIVE_SAMPLES_TIMEOUT, TRUE);
+ if (Demod.len != 6) { // Check if we got an answer from the tag
+ DbpString("Expected 6 bytes from tag, got less...");
+ return;
+ }
+ // The check the CRC of the answer (use cmd1 as temporary variable):
+ ComputeCrc14443(CRC_14443_B, Demod.output, 4, &cmd1[2], &cmd1[3]);
+ if(cmd1[2] != Demod.output[4] || cmd1[3] != Demod.output[5]) {
+ Dbprintf("CRC Error reading block! Expected: %04x got: %04x",
+ (cmd1[2]<<8)+cmd1[3], (Demod.output[4]<<8)+Demod.output[5]);
+ // Do not return;, let's go on... (we should retry, maybe ?)
+ }
+ // Now print out the memory location:
+ Dbprintf("Address=%02x, Contents=%08x, CRC=%04x", i,
+ (Demod.output[3]<<24) + (Demod.output[2]<<16) + (Demod.output[1]<<8) + Demod.output[0],
+ (Demod.output[4]<<8)+Demod.output[5]);
+ if (i == 0xff) {
+ break;
+ }
+ i++;
+ }
+}
+
+
+//=============================================================================
+// Finally, the `sniffer' combines elements from both the reader and
+// simulated tag, to show both sides of the conversation.
+//=============================================================================
+
+//-----------------------------------------------------------------------------
+// Record the sequence of commands sent by the reader to the tag, with
+// triggering so that we start recording at the point that the tag is moved
+// near the reader.
+//-----------------------------------------------------------------------------
+/*
+ * Memory usage for this function, (within BigBuf)
+ * Last Received command (reader->tag) - MAX_FRAME_SIZE
+ * Last Received command (tag->reader) - MAX_FRAME_SIZE
+ * DMA Buffer - ISO14443B_DMA_BUFFER_SIZE
+ * Demodulated samples received - all the rest
+ */
+void RAMFUNC SnoopIso14443b(void)
+{
+ // We won't start recording the frames that we acquire until we trigger;
+ // a good trigger condition to get started is probably when we see a
+ // response from the tag.
+ int triggered = TRUE; // TODO: set and evaluate trigger condition
+
+ FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
+ BigBuf_free();
+
+ clear_trace();
+ set_tracing(TRUE);
+
+ // The DMA buffer, used to stream samples from the FPGA
+ int8_t *dmaBuf = (int8_t*) BigBuf_malloc(ISO14443B_DMA_BUFFER_SIZE);
+ int lastRxCounter;
+ int8_t *upTo;
+ int ci, cq;
+ int maxBehindBy = 0;
+
+ // Count of samples received so far, so that we can include timing
+ // information in the trace buffer.
+ int samples = 0;
+
+ DemodInit(BigBuf_malloc(MAX_FRAME_SIZE));
+ UartInit(BigBuf_malloc(MAX_FRAME_SIZE));
+
+ // Print some debug information about the buffer sizes
+ Dbprintf("Snooping buffers initialized:");
+ Dbprintf(" Trace: %i bytes", BigBuf_max_traceLen());
+ Dbprintf(" Reader -> tag: %i bytes", MAX_FRAME_SIZE);
+ Dbprintf(" tag -> Reader: %i bytes", MAX_FRAME_SIZE);
+ Dbprintf(" DMA: %i bytes", ISO14443B_DMA_BUFFER_SIZE);
+
+ // Signal field is off, no reader signal, no tag signal
+ LEDsoff();
+
+ // And put the FPGA in the appropriate mode
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_READER_RX_XCORR | FPGA_HF_READER_RX_XCORR_848_KHZ | FPGA_HF_READER_RX_XCORR_SNOOP);
+ SetAdcMuxFor(GPIO_MUXSEL_HIPKD);
+
+ // Setup for the DMA.
+ FpgaSetupSsc();
+ upTo = dmaBuf;
+ lastRxCounter = ISO14443B_DMA_BUFFER_SIZE;
+ FpgaSetupSscDma((uint8_t*) dmaBuf, ISO14443B_DMA_BUFFER_SIZE);
+ uint8_t parity[MAX_PARITY_SIZE];
+
+ bool TagIsActive = FALSE;
+ bool ReaderIsActive = FALSE;
+
+ // And now we loop, receiving samples.
+ for(;;) {
+ int behindBy = (lastRxCounter - AT91C_BASE_PDC_SSC->PDC_RCR) &
+ (ISO14443B_DMA_BUFFER_SIZE-1);
+ if(behindBy > maxBehindBy) {
+ maxBehindBy = behindBy;
+ }
+
+ if(behindBy < 2) continue;
+
+ ci = upTo[0];
+ cq = upTo[1];
+ upTo += 2;
+ lastRxCounter -= 2;
+ if(upTo >= dmaBuf + ISO14443B_DMA_BUFFER_SIZE) {
+ upTo = dmaBuf;
+ lastRxCounter += ISO14443B_DMA_BUFFER_SIZE;
+ AT91C_BASE_PDC_SSC->PDC_RNPR = (uint32_t) dmaBuf;
+ AT91C_BASE_PDC_SSC->PDC_RNCR = ISO14443B_DMA_BUFFER_SIZE;
+ WDT_HIT();
+ if(behindBy > (9*ISO14443B_DMA_BUFFER_SIZE/10)) { // TODO: understand whether we can increase/decrease as we want or not?
+ Dbprintf("blew circular buffer! behindBy=%d", behindBy);
+ break;
+ }
+ if(!tracing) {
+ DbpString("Reached trace limit");
+ break;
+ }
+ if(BUTTON_PRESS()) {
+ DbpString("cancelled");
+ break;
+ }
+ }
+
+ samples += 2;
+
+ if (!TagIsActive) { // no need to try decoding reader data if the tag is sending
+ if(Handle14443bUartBit(ci & 0x01)) {
+ if(triggered && tracing) {
+ LogTrace(Uart.output, Uart.byteCnt, samples, samples, parity, TRUE);
+ }
+ /* And ready to receive another command. */
+ UartReset();
+ /* And also reset the demod code, which might have been */
+ /* false-triggered by the commands from the reader. */
+ DemodReset();
+ }
+ if(Handle14443bUartBit(cq & 0x01)) {
+ if(triggered && tracing) {
+ LogTrace(Uart.output, Uart.byteCnt, samples, samples, parity, TRUE);
+ }
+ /* And ready to receive another command. */
+ UartReset();
+ /* And also reset the demod code, which might have been */
+ /* false-triggered by the commands from the reader. */
+ DemodReset();
+ }
+ ReaderIsActive = (Uart.state > STATE_GOT_FALLING_EDGE_OF_SOF);
+ }
+
+ if(!ReaderIsActive) { // no need to try decoding tag data if the reader is sending - and we cannot afford the time
+ if(Handle14443bSamplesDemod(ci | 0x01, cq | 0x01)) {
+
+ //Use samples as a time measurement
+ if(tracing)
+ {
+ uint8_t parity[MAX_PARITY_SIZE];
+ LogTrace(Demod.output, Demod.len, samples, samples, parity, FALSE);
+ }
+ triggered = TRUE;
+
+ // And ready to receive another response.
+ DemodReset();
+ }
+ TagIsActive = (Demod.state > DEMOD_GOT_FALLING_EDGE_OF_SOF);
+ }
+
+ }
+
+ FpgaDisableSscDma();
+ LEDsoff();
+ AT91C_BASE_PDC_SSC->PDC_PTCR = AT91C_PDC_RXTDIS;
+ DbpString("Snoop statistics:");
+ Dbprintf(" Max behind by: %i", maxBehindBy);
+ Dbprintf(" Uart State: %x", Uart.state);
+ Dbprintf(" Uart ByteCnt: %i", Uart.byteCnt);
+ Dbprintf(" Uart ByteCntMax: %i", Uart.byteCntMax);
+ Dbprintf(" Trace length: %i", BigBuf_get_traceLen());
+}
+
+
+/*
+ * Send raw command to tag ISO14443B
+ * @Input
+ * datalen len of buffer data
+ * recv bool when true wait for data from tag and send to client
+ * powerfield bool leave the field on when true
+ * data buffer with byte to send
+ *
+ * @Output
+ * none
+ *
+ */
+void SendRawCommand14443B(uint32_t datalen, uint32_t recv, uint8_t powerfield, uint8_t data[])
+{
+ FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
+ SetAdcMuxFor(GPIO_MUXSEL_HIPKD);
+ FpgaSetupSsc();
+
+ set_tracing(TRUE);
+
+ CodeAndTransmit14443bAsReader(data, datalen);
+
+ if(recv) {
+ GetSamplesFor14443bDemod(RECEIVE_SAMPLES_TIMEOUT, TRUE);
+ uint16_t iLen = MIN(Demod.len, USB_CMD_DATA_SIZE);
+ cmd_send(CMD_ACK, iLen, 0, 0, Demod.output, iLen);
+ }
+
+ if(!powerfield) {
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
+ LED_D_OFF();
+ }
+}
+
LED_C_OFF();
LED_D_OFF();
+ if (init) Iso15693InitReader();
+
int answerLen=0;
uint8_t *answer = BigBuf_get_addr() + 3660;
if (recv != NULL) memset(answer, 0, 100);
- if (init) Iso15693InitReader();
-
if (!speed) {
// low speed (1 out of 256)
CodeIso15693AsReader256(send, sendlen);
LED_C_OFF();
LED_D_OFF();
- uint8_t *answer1 = BigBuf_get_addr() + 3660;
- uint8_t *answer2 = BigBuf_get_addr() + 3760;
- uint8_t *answer3 = BigBuf_get_addr() + 3860;
-
int answerLen1 = 0;
int answerLen2 = 0;
int answerLen3 = 0;
int elapsed = 0;
uint8_t TagUID[8] = {0x00};
+ FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
+ uint8_t *answer1 = BigBuf_get_addr() + 3660;
+ uint8_t *answer2 = BigBuf_get_addr() + 3760;
+ uint8_t *answer3 = BigBuf_get_addr() + 3860;
// Blank arrays
memset(answer1, 0x00, 300);
- FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
-
SetAdcMuxFor(GPIO_MUXSEL_HIPKD);
// Setup SSC
FpgaSetupSsc();
// Start from off (no field generated)
- FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
- SpinDelay(200);
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
+ SpinDelay(200);
// Give the tags time to energize
FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_READER_RX_XCORR);
LED_C_OFF();
LED_D_OFF();
- uint8_t *buf = BigBuf_get_addr() + 3660;
-
int answerLen1 = 0;
int samples = 0;
int tsamples = 0;
int wait = 0;
int elapsed = 0;
- memset(buf, 0x00, 100);
-
FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
+ uint8_t *buf = BigBuf_get_addr() + 3660;
+ memset(buf, 0x00, 100);
+
SetAdcMuxFor(GPIO_MUXSEL_HIPKD);
-
FpgaSetupSsc();
// Start from off (no field generated)
- FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
SpinDelay(200);
LED_A_OFF();
} >osimage :text
.text : {
+ KEEP(*(stage1_image))
*(.text)
*(.text.*)
*(.eh_frame)
.rodata : {
*(.rodata)
*(.rodata.*)
- *(fpga_lf_bit.data)
- *(fpga_hf_bit.data)
+ *(fpga_all_bit.data)
KEEP(*(.version_information))
+ . = ALIGN(8);
} >osimage :text
- . = ALIGN(4);
-
.data : {
+ KEEP(*(compressed_data))
*(.data)
*(.data.*)
*(.ramfunc)
__data_src_start__ = LOADADDR(.data);
__data_start__ = ADDR(.data);
__data_end__ = __data_start__ + SIZEOF(.data);
+ __os_size__ = SIZEOF(.text) + SIZEOF(.data) + SIZEOF(.rodata);
.bss : {
__bss_start__ = .;
int ledcontrol = 1;
int n=0, i=0;
uint8_t clk = (arg1 >> 8) & 0xFF;
- uint8_t encoding = arg1 & 1;
+ uint8_t encoding = arg1 & 0xFF;
uint8_t separator = arg2 & 1;
uint8_t invert = (arg2 >> 8) & 1;
size = BigBuf_max_traceLen();
//askdemod and manchester decode
if (size > 16385) size = 16385; //big enough to catch 2 sequences of largest format
- errCnt = askmandemod(dest, &size, &clk, &invert, maxErr);
+ errCnt = askdemod(dest, &size, &clk, &invert, maxErr, 0, 1);
WDT_HIT();
if (errCnt<0) continue;
* To compensate antenna falling times shorten the write times
* and enlarge the gap ones.
*/
-#define START_GAP 50*8 // 10 - 50fc 250
-#define WRITE_GAP 20*8 // - 30fc 160
-#define WRITE_0 24*8 // 16 - 63fc 54fc 144
-#define WRITE_1 54*8 // 48 - 63fc 54fc 432 for T55x7; 448 for E5550 //400
+#define START_GAP 31*8 // was 250 // SPEC: 1*8 to 50*8 - typ 15*8 (or 15fc)
+#define WRITE_GAP 20*8 // was 160 // SPEC: 1*8 to 20*8 - typ 10*8 (or 10fc)
+#define WRITE_0 18*8 // was 144 // SPEC: 16*8 to 32*8 - typ 24*8 (or 24fc)
+#define WRITE_1 50*8 // was 400 // SPEC: 48*8 to 64*8 - typ 56*8 (or 56fc) 432 for T55x7; 448 for E5550
#define T55xx_SAMPLES_SIZE 12000 // 32 x 32 x 10 (32 bit times numofblock (7), times clock skip..)
#include "mifarecmd.h"\r
#include "apps.h"\r
#include "util.h"\r
-\r
#include "crc.h"\r
\r
+// the block number for the ISO14443-4 PCB\r
+uint8_t pcb_blocknum = 0;\r
+// Deselect card by sending a s-block. the crc is precalced for speed\r
+static uint8_t deselect_cmd[] = {0xc2,0xe0,0xb4};\r
+\r
//-----------------------------------------------------------------------------\r
// Select, Authenticate, Read a MIFARE tag. \r
// read block\r
struct Crypto1State *pcs;\r
pcs = &mpcs;\r
\r
- // clear trace\r
- clear_trace();\r
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
\r
+ clear_trace();\r
+\r
LED_A_ON();\r
LED_B_OFF();\r
LED_C_OFF();\r
LEDsoff();\r
}\r
\r
+void MifareUC_Auth(uint8_t arg0, uint8_t *keybytes){\r
\r
-void MifareUC_Auth1(uint8_t arg0, uint8_t *datain){\r
+ bool turnOffField = (arg0 == 1);\r
\r
- byte_t isOK = 0;\r
- byte_t dataoutbuf[16] = {0x00};\r
- uint8_t uid[10] = {0x00};\r
- uint32_t cuid;\r
+ LED_A_ON(); LED_B_OFF(); LED_C_OFF();\r
\r
- LED_A_ON();\r
- LED_B_OFF();\r
- LED_C_OFF();\r
- \r
- clear_trace();\r
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
\r
- if(!iso14443a_select_card(uid, NULL, &cuid)) {\r
- if (MF_DBGLEVEL >= MF_DBG_ERROR)\r
- Dbprintf("Can't select card");\r
- //OnError(0);\r
+ clear_trace();\r
+\r
+ if(!iso14443a_select_card(NULL, NULL, NULL)) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card");\r
+ OnError(0);\r
return;\r
};\r
\r
- if(mifare_ultra_auth1(cuid, dataoutbuf)){\r
- if (MF_DBGLEVEL >= MF_DBG_ERROR) \r
- Dbprintf("Authentication part1: Fail.");\r
- //OnError(1);\r
+ if(!mifare_ultra_auth(keybytes)){\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Authentication failed");\r
+ OnError(1);\r
return;\r
}\r
\r
- isOK = 1;\r
- if (MF_DBGLEVEL >= MF_DBG_EXTENDED)\r
- DbpString("AUTH 1 FINISHED");\r
- \r
- cmd_send(CMD_ACK,isOK,cuid,0,dataoutbuf,11);\r
- LEDsoff();\r
-}\r
-void MifareUC_Auth2(uint32_t arg0, uint8_t *datain){\r
-\r
- uint32_t cuid = arg0;\r
- uint8_t key[16] = {0x00};\r
- byte_t isOK = 0;\r
- byte_t dataoutbuf[16] = {0x00};\r
- \r
- memcpy(key, datain, 16);\r
- \r
- LED_A_ON();\r
- LED_B_OFF();\r
- LED_C_OFF();\r
- \r
- if(mifare_ultra_auth2(cuid, key, dataoutbuf)){\r
- if (MF_DBGLEVEL >= MF_DBG_ERROR) \r
- Dbprintf("Authentication part2: Fail...");\r
- //OnError(1);\r
- return; \r
+ if (turnOffField) {\r
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
+ LEDsoff();\r
}\r
- \r
- isOK = 1;\r
- if (MF_DBGLEVEL >= MF_DBG_EXTENDED)\r
- DbpString("AUTH 2 FINISHED");\r
- \r
- cmd_send(CMD_ACK,isOK,0,0,dataoutbuf,11);\r
- FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
- LEDsoff();\r
+ cmd_send(CMD_ACK,1,0,0,0,0);\r
}\r
\r
-void MifareUReadBlock(uint8_t arg0,uint8_t *datain)\r
+// Arg0 = BlockNo,\r
+// Arg1 = UsePwd bool\r
+// datain = PWD bytes,\r
+void MifareUReadBlock(uint8_t arg0, uint8_t arg1, uint8_t *datain)\r
{\r
uint8_t blockNo = arg0;\r
byte_t dataout[16] = {0x00};\r
- uint8_t uid[10] = {0x00};\r
- uint32_t cuid;\r
- \r
+ bool useKey = (arg1 == 1); //UL_C\r
+ bool usePwd = (arg1 == 2); //UL_EV1/NTAG\r
+\r
+ LEDsoff();\r
LED_A_ON();\r
- LED_B_OFF();\r
- LED_C_OFF();\r
- \r
- clear_trace();\r
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
- \r
- int len = iso14443a_select_card(uid, NULL, &cuid);\r
+\r
+ clear_trace();\r
+\r
+ int len = iso14443a_select_card(NULL, NULL, NULL);\r
if(!len) {\r
- if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card");\r
- //OnError(1);\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card (RC:%02X)",len);\r
+ OnError(1);\r
return;\r
- };\r
- \r
- len = mifare_ultra_readblock(cuid, blockNo, dataout);\r
- if(len) {\r
- if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Read block error");\r
- //OnError(2);\r
+ }\r
+\r
+ // UL-C authentication\r
+ if ( useKey ) {\r
+ uint8_t key[16] = {0x00};\r
+ memcpy(key, datain, sizeof(key) );\r
+\r
+ if ( !mifare_ultra_auth(key) ) {\r
+ OnError(1);\r
+ return;\r
+ }\r
+ }\r
+\r
+ // UL-EV1 / NTAG authentication\r
+ if ( usePwd ) {\r
+ uint8_t pwd[4] = {0x00};\r
+ memcpy(pwd, datain, 4);\r
+ uint8_t pack[4] = {0,0,0,0};\r
+ if (!mifare_ul_ev1_auth(pwd, pack)) {\r
+ OnError(1);\r
+ return;\r
+ }\r
+ } \r
+\r
+ if( mifare_ultra_readblock(blockNo, dataout) ) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Read block error");\r
+ OnError(2);\r
return;\r
- };\r
- \r
- len = mifare_ultra_halt(cuid);\r
- if(len) {\r
- if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Halt error");\r
- //OnError(3);\r
+ }\r
+\r
+ if( mifare_ultra_halt() ) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Halt error");\r
+ OnError(3);\r
return;\r
- };\r
- \r
- cmd_send(CMD_ACK,1,0,0,dataout,16);\r
+ }\r
+\r
+ cmd_send(CMD_ACK,1,0,0,dataout,16);\r
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
LEDsoff();\r
}\r
struct Crypto1State *pcs;\r
pcs = &mpcs;\r
\r
- // clear trace\r
- clear_trace();\r
-\r
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
\r
+ clear_trace();\r
+\r
LED_A_ON();\r
LED_B_OFF();\r
LED_C_OFF();\r
LEDsoff();\r
}\r
\r
-void MifareUReadCard(uint8_t arg0, int arg1, uint8_t *datain)\r
+// arg0 = blockNo (start)\r
+// arg1 = Pages (number of blocks)\r
+// arg2 = useKey\r
+// datain = KEY bytes\r
+void MifareUReadCard(uint8_t arg0, uint16_t arg1, uint8_t arg2, uint8_t *datain)\r
{\r
- // params\r
- uint8_t sectorNo = arg0;\r
- int Pages = arg1;\r
- int count_Pages = 0;\r
- byte_t dataout[176] = {0x00};;\r
- uint8_t uid[10] = {0x00};\r
- uint32_t cuid;\r
-\r
+ LEDsoff();\r
LED_A_ON();\r
- LED_B_OFF();\r
- LED_C_OFF();\r
+ iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
\r
- if (MF_DBGLEVEL >= MF_DBG_ALL) \r
- Dbprintf("Pages %d",Pages);\r
- \r
+ // free eventually allocated BigBuf memory\r
+ BigBuf_free();\r
clear_trace();\r
- iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
\r
- int len = iso14443a_select_card(uid, NULL, &cuid);\r
- \r
+ // params\r
+ uint8_t blockNo = arg0;\r
+ uint16_t blocks = arg1;\r
+ bool useKey = (arg2 == 1); //UL_C\r
+ bool usePwd = (arg2 == 2); //UL_EV1/NTAG\r
+ uint32_t countblocks = 0;\r
+ uint8_t *dataout = BigBuf_malloc(CARD_MEMORY_SIZE);\r
+ if (dataout == NULL){\r
+ Dbprintf("out of memory");\r
+ OnError(1);\r
+ return;\r
+ }\r
+\r
+ int len = iso14443a_select_card(NULL, NULL, NULL);\r
if (!len) {\r
- if (MF_DBGLEVEL >= MF_DBG_ERROR)\r
- Dbprintf("Can't select card");\r
- //OnError(1);\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card (RC:%d)",len);\r
+ OnError(1);\r
return;\r
}\r
+\r
+ // UL-C authentication\r
+ if ( useKey ) {\r
+ uint8_t key[16] = {0x00};\r
+ memcpy(key, datain, sizeof(key) );\r
+\r
+ if ( !mifare_ultra_auth(key) ) {\r
+ OnError(1);\r
+ return;\r
+ }\r
+ }\r
+\r
+ // UL-EV1 / NTAG authentication\r
+ if (usePwd) {\r
+ uint8_t pwd[4] = {0x00};\r
+ memcpy(pwd, datain, sizeof(pwd));\r
+ uint8_t pack[4] = {0,0,0,0};\r
+\r
+ if (!mifare_ul_ev1_auth(pwd, pack)){\r
+ OnError(1);\r
+ return; \r
+ }\r
+ }\r
+\r
+ for (int i = 0; i < blocks; i++){\r
+ if ((i*4) + 4 >= CARD_MEMORY_SIZE) {\r
+ Dbprintf("Data exceeds buffer!!");\r
+ break;\r
+ }\r
\r
- for (int i = 0; i < Pages; i++){\r
- \r
- len = mifare_ultra_readblock(cuid, sectorNo * 4 + i, dataout + 4 * i);\r
- \r
+ len = mifare_ultra_readblock(blockNo + i, dataout + 4 * i);\r
+\r
if (len) {\r
- if (MF_DBGLEVEL >= MF_DBG_ERROR)\r
- Dbprintf("Read block %d error",i);\r
- //OnError(2);\r
- return;\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Read block %d error",i);\r
+ // if no blocks read - error out\r
+ if (i==0){\r
+ OnError(2);\r
+ return;\r
+ } else {\r
+ //stop at last successful read block and return what we got\r
+ break;\r
+ }\r
} else {\r
- count_Pages++;\r
+ countblocks++;\r
}\r
}\r
- \r
- len = mifare_ultra_halt(cuid);\r
+\r
+ len = mifare_ultra_halt();\r
if (len) {\r
- if (MF_DBGLEVEL >= MF_DBG_ERROR)\r
- Dbprintf("Halt error");\r
- //OnError(3);\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Halt error");\r
+ OnError(3);\r
return;\r
}\r
- \r
- if (MF_DBGLEVEL >= MF_DBG_ALL) {\r
- Dbprintf("Pages read %d", count_Pages);\r
- }\r
\r
- len = 16*4; //64 bytes\r
- \r
- // Read a UL-C\r
- if (Pages == 44 && count_Pages > 16) \r
- len = 176;\r
+ if (MF_DBGLEVEL >= MF_DBG_EXTENDED) Dbprintf("Blocks read %d", countblocks);\r
\r
- cmd_send(CMD_ACK, 1, 0, 0, dataout, len); \r
+ countblocks *= 4;\r
+\r
+ cmd_send(CMD_ACK, 1, countblocks, BigBuf_max_traceLen(), 0, 0);\r
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
LEDsoff();\r
+ BigBuf_free();\r
}\r
\r
-\r
//-----------------------------------------------------------------------------\r
// Select, Authenticate, Write a MIFARE tag. \r
// read block\r
struct Crypto1State *pcs;\r
pcs = &mpcs;\r
\r
- // clear trace\r
- clear_trace();\r
-\r
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
\r
+ clear_trace();\r
+\r
LED_A_ON();\r
LED_B_OFF();\r
LED_C_OFF();\r
LEDsoff();\r
}\r
\r
-void MifareUWriteBlock(uint8_t arg0, uint8_t *datain)\r
+/* // Command not needed but left for future testing \r
+void MifareUWriteBlockCompat(uint8_t arg0, uint8_t *datain)\r
{\r
- // params\r
- uint8_t blockNo = arg0;\r
+ uint8_t blockNo = arg0;\r
byte_t blockdata[16] = {0x00};\r
\r
- memcpy(blockdata, datain,16);\r
- \r
- // variables\r
- byte_t isOK = 0;\r
+ memcpy(blockdata, datain, 16);\r
+\r
uint8_t uid[10] = {0x00};\r
- uint32_t cuid;\r
\r
- clear_trace();\r
- iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
+ LED_A_ON(); LED_B_OFF(); LED_C_OFF();\r
\r
- LED_A_ON();\r
- LED_B_OFF();\r
- LED_C_OFF();\r
-\r
- while (true) {\r
- if(!iso14443a_select_card(uid, NULL, &cuid)) {\r
- if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");\r
- break;\r
- };\r
-\r
- if(mifare_ultra_writeblock(cuid, blockNo, blockdata)) {\r
- if (MF_DBGLEVEL >= 1) Dbprintf("Write block error");\r
- break;\r
- };\r
-\r
- if(mifare_ultra_halt(cuid)) {\r
- if (MF_DBGLEVEL >= 1) Dbprintf("Halt error");\r
- break;\r
- };\r
- \r
- isOK = 1;\r
- break;\r
- }\r
- \r
- if (MF_DBGLEVEL >= 2) DbpString("WRITE BLOCK FINISHED");\r
-\r
- cmd_send(CMD_ACK,isOK,0,0,0,0);\r
- FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
- LEDsoff();\r
-}\r
+ clear_trace();\r
+ iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
+\r
+ if(!iso14443a_select_card(uid, NULL, NULL)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");\r
+ OnError(0);\r
+ return;\r
+ };\r
+\r
+ if(mifare_ultra_writeblock_compat(blockNo, blockdata)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Write block error");\r
+ OnError(0);\r
+ return; };\r
+\r
+ if(mifare_ultra_halt()) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Halt error");\r
+ OnError(0);\r
+ return;\r
+ };\r
\r
-void MifareUWriteBlock_Special(uint8_t arg0, uint8_t *datain)\r
+ if (MF_DBGLEVEL >= 2) DbpString("WRITE BLOCK FINISHED");\r
+\r
+ cmd_send(CMD_ACK,1,0,0,0,0);\r
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
+ LEDsoff();\r
+}\r
+*/\r
+\r
+// Arg0 : Block to write to.\r
+// Arg1 : 0 = use no authentication.\r
+// 1 = use 0x1A authentication.\r
+// 2 = use 0x1B authentication.\r
+// datain : 4 first bytes is data to be written.\r
+// : 4/16 next bytes is authentication key.\r
+void MifareUWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t *datain)\r
{\r
- // params\r
uint8_t blockNo = arg0;\r
+ bool useKey = (arg1 == 1); //UL_C\r
+ bool usePwd = (arg1 == 2); //UL_EV1/NTAG\r
byte_t blockdata[4] = {0x00};\r
- \r
- memcpy(blockdata, datain,4);\r
\r
- // variables\r
- byte_t isOK = 0;\r
- uint8_t uid[10] = {0x00};\r
- uint32_t cuid;\r
+ memcpy(blockdata, datain,4);\r
+ \r
+ LEDsoff();\r
+ LED_A_ON();\r
+ iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
\r
clear_trace();\r
+\r
+ if(!iso14443a_select_card(NULL, NULL, NULL)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");\r
+ OnError(0);\r
+ return;\r
+ };\r
+\r
+ // UL-C authentication\r
+ if ( useKey ) {\r
+ uint8_t key[16] = {0x00};\r
+ memcpy(key, datain+4, sizeof(key) );\r
+\r
+ if ( !mifare_ultra_auth(key) ) {\r
+ OnError(1);\r
+ return;\r
+ }\r
+ }\r
+ \r
+ // UL-EV1 / NTAG authentication\r
+ if (usePwd) {\r
+ uint8_t pwd[4] = {0x00};\r
+ memcpy(pwd, datain+4, 4);\r
+ uint8_t pack[4] = {0,0,0,0};\r
+ if (!mifare_ul_ev1_auth(pwd, pack)) {\r
+ OnError(1);\r
+ return;\r
+ }\r
+ }\r
+\r
+ if(mifare_ultra_writeblock(blockNo, blockdata)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Write block error");\r
+ OnError(0);\r
+ return;\r
+ };\r
+\r
+ if(mifare_ultra_halt()) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Halt error");\r
+ OnError(0);\r
+ return;\r
+ };\r
+\r
+ if (MF_DBGLEVEL >= 2) DbpString("WRITE BLOCK FINISHED");\r
+\r
+ cmd_send(CMD_ACK,1,0,0,0,0);\r
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
+ LEDsoff();\r
+}\r
+\r
+void MifareUSetPwd(uint8_t arg0, uint8_t *datain){\r
+ \r
+ uint8_t pwd[16] = {0x00};\r
+ byte_t blockdata[4] = {0x00};\r
+ \r
+ memcpy(pwd, datain, 16);\r
+ \r
+ LED_A_ON(); LED_B_OFF(); LED_C_OFF();\r
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
\r
- LED_A_ON();\r
- LED_B_OFF();\r
- LED_C_OFF();\r
+ clear_trace();\r
\r
- while (true) {\r
- if(!iso14443a_select_card(uid, NULL, &cuid)) {\r
- if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");\r
- break;\r
- };\r
+ if(!iso14443a_select_card(NULL, NULL, NULL)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Can't select card");\r
+ OnError(0);\r
+ return;\r
+ };\r
\r
- if(mifare_ultra_special_writeblock(cuid, blockNo, blockdata)) {\r
- if (MF_DBGLEVEL >= 1) Dbprintf("Write block error");\r
- break;\r
- };\r
+ blockdata[0] = pwd[7];\r
+ blockdata[1] = pwd[6];\r
+ blockdata[2] = pwd[5];\r
+ blockdata[3] = pwd[4];\r
+ if(mifare_ultra_writeblock( 44, blockdata)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Write block error");\r
+ OnError(44);\r
+ return;\r
+ };\r
\r
- if(mifare_ultra_halt(cuid)) {\r
- if (MF_DBGLEVEL >= 1) Dbprintf("Halt error");\r
- break;\r
- };\r
+ blockdata[0] = pwd[3];\r
+ blockdata[1] = pwd[2];\r
+ blockdata[2] = pwd[1];\r
+ blockdata[3] = pwd[0];\r
+ if(mifare_ultra_writeblock( 45, blockdata)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Write block error");\r
+ OnError(45);\r
+ return;\r
+ };\r
\r
- isOK = 1;\r
- break;\r
- }\r
+ blockdata[0] = pwd[15];\r
+ blockdata[1] = pwd[14];\r
+ blockdata[2] = pwd[13];\r
+ blockdata[3] = pwd[12];\r
+ if(mifare_ultra_writeblock( 46, blockdata)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Write block error");\r
+ OnError(46);\r
+ return;\r
+ };\r
\r
- if (MF_DBGLEVEL >= 2) DbpString("WRITE BLOCK FINISHED");\r
+ blockdata[0] = pwd[11];\r
+ blockdata[1] = pwd[10];\r
+ blockdata[2] = pwd[9];\r
+ blockdata[3] = pwd[8];\r
+ if(mifare_ultra_writeblock( 47, blockdata)) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Write block error");\r
+ OnError(47);\r
+ return;\r
+ }; \r
\r
- cmd_send(CMD_ACK,isOK,0,0,0,0);\r
+ if(mifare_ultra_halt()) {\r
+ if (MF_DBGLEVEL >= 1) Dbprintf("Halt error");\r
+ OnError(0);\r
+ return;\r
+ };\r
+\r
+ cmd_send(CMD_ACK,1,0,0,0,0);\r
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
LEDsoff();\r
}\r
uint32_t auth1_time, auth2_time;\r
static uint16_t delta_time;\r
\r
+ LED_A_ON();\r
+ LED_C_OFF();\r
+ iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
+\r
// free eventually allocated BigBuf memory\r
BigBuf_free();\r
- // clear trace\r
+\r
clear_trace();\r
set_tracing(false);\r
\r
- iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
-\r
- LED_A_ON();\r
- LED_C_OFF();\r
-\r
-\r
// statistics on nonce distance\r
+ int16_t isOK = 0;\r
+ #define NESTED_MAX_TRIES 12\r
+ uint16_t unsuccessfull_tries = 0;\r
if (calibrate) { // for first call only. Otherwise reuse previous calibration\r
LED_B_ON();\r
WDT_HIT();\r
\r
for (rtr = 0; rtr < 17; rtr++) {\r
\r
+ // Test if the action was cancelled\r
+ if(BUTTON_PRESS()) {\r
+ isOK = -2;\r
+ break;\r
+ }\r
+\r
// prepare next select. No need to power down the card.\r
if(mifare_classic_halt(pcs, cuid)) {\r
if (MF_DBGLEVEL >= 1) Dbprintf("Nested: Halt error");\r
delta_time = auth2_time - auth1_time + 32; // allow some slack for proper timing\r
}\r
if (MF_DBGLEVEL >= 3) Dbprintf("Nested: calibrating... ntdist=%d", i);\r
+ } else {\r
+ unsuccessfull_tries++;\r
+ if (unsuccessfull_tries > NESTED_MAX_TRIES) { // card isn't vulnerable to nested attack (random numbers are not predictable)\r
+ isOK = -3;\r
+ }\r
}\r
}\r
- \r
- if (rtr <= 1) return;\r
\r
davg = (davg + (rtr - 1)/2) / (rtr - 1);\r
\r
- if (MF_DBGLEVEL >= 3) Dbprintf("min=%d max=%d avg=%d, delta_time=%d", dmin, dmax, davg, delta_time);\r
+ if (MF_DBGLEVEL >= 3) Dbprintf("rtr=%d isOK=%d min=%d max=%d avg=%d, delta_time=%d", rtr, isOK, dmin, dmax, davg, delta_time);\r
\r
dmin = davg - 2;\r
dmax = davg + 2;\r
LED_B_OFF();\r
\r
}\r
-// ------------------------------------------------------------------------------------------------- \r
+ // ------------------------------------------------------------------------------------------------- \r
\r
LED_C_ON();\r
\r
// get crypted nonces for target sector\r
- for(i=0; i < 2; i++) { // look for exactly two different nonces\r
+ for(i=0; i < 2 && !isOK; i++) { // look for exactly two different nonces\r
\r
target_nt[i] = 0;\r
while(target_nt[i] == 0) { // continue until we have an unambiguous nonce\r
\r
// nested authentication\r
auth2_time = auth1_time + delta_time;\r
- len = mifare_sendcmd_shortex(pcs, AUTH_NESTED, 0x60 + (targetKeyType & 0x01), targetBlockNo, receivedAnswer, par, &auth2_time);\r
+ len = mifare_sendcmd_short(pcs, AUTH_NESTED, 0x60 + (targetKeyType & 0x01), targetBlockNo, receivedAnswer, par, &auth2_time);\r
if (len != 4) {\r
if (MF_DBGLEVEL >= 1) Dbprintf("Nested: Auth2 error len=%d", len);\r
continue;\r
memcpy(buf+16, &target_ks[1], 4);\r
\r
LED_B_ON();\r
- cmd_send(CMD_ACK, 0, 2, targetBlockNo + (targetKeyType * 0x100), buf, sizeof(buf));\r
+ cmd_send(CMD_ACK, isOK, 0, targetBlockNo + (targetKeyType * 0x100), buf, sizeof(buf));\r
LED_B_OFF();\r
\r
if (MF_DBGLEVEL >= 3) DbpString("NESTED FINISHED");\r
int OLD_MF_DBGLEVEL = MF_DBGLEVEL; \r
MF_DBGLEVEL = MF_DBG_NONE;\r
\r
- // clear trace\r
- clear_trace();\r
- set_tracing(TRUE);\r
-\r
- iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
-\r
LED_A_ON();\r
LED_B_OFF();\r
LED_C_OFF();\r
+ iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
+\r
+ clear_trace();\r
+ set_tracing(TRUE);\r
\r
for (i = 0; i < keyCount; i++) {\r
if(mifare_classic_halt(pcs, cuid)) {\r
//-----------------------------------------------------------------------------\r
// Work with emulator memory\r
// \r
+// Note: we call FpgaDownloadAndGo(FPGA_BITSTREAM_HF) here although FPGA is not\r
+// involved in dealing with emulator memory. But if it is called later, it might\r
+// destroy the Emulator Memory.\r
//-----------------------------------------------------------------------------\r
+\r
void MifareEMemClr(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain){\r
+ FpgaDownloadAndGo(FPGA_BITSTREAM_HF);\r
emlClearMem();\r
}\r
\r
void MifareEMemSet(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain){\r
+ FpgaDownloadAndGo(FPGA_BITSTREAM_HF);\r
emlSetMem(datain, arg0, arg1); // data, block num, blocks count\r
}\r
\r
void MifareEMemGet(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain){\r
+ FpgaDownloadAndGo(FPGA_BITSTREAM_HF);\r
byte_t buf[USB_CMD_DATA_SIZE];\r
emlGetMem(buf, arg0, arg1); // data, block num, blocks count (max 4)\r
\r
byte_t dataoutbuf2[16];\r
uint8_t uid[10];\r
\r
- // clear trace\r
- clear_trace();\r
- set_tracing(false);\r
- \r
- iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
-\r
LED_A_ON();\r
LED_B_OFF();\r
LED_C_OFF();\r
+ iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
+ \r
+ clear_trace();\r
+ set_tracing(false);\r
\r
bool isOK = true;\r
\r
LED_A_ON();\r
LED_B_OFF();\r
LED_C_OFF();\r
+ iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
\r
clear_trace();\r
set_tracing(TRUE);\r
- iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
}\r
\r
while (true) {\r
LED_A_ON();\r
LED_B_OFF();\r
LED_C_OFF();\r
- \r
+ iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
+\r
clear_trace();\r
set_tracing(TRUE);\r
- iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
}\r
\r
while (true) {\r
cmd_send(CMD_ACK,isOK,0,0,0,0);\r
}\r
\r
- //\r
+//\r
// DESFIRE\r
//\r
\r
uint8_t uid[10] = {0x00};\r
uint32_t cuid;\r
\r
- clear_trace();\r
iso14443a_setup(FPGA_HF_ISO14443A_READER_LISTEN);\r
+ clear_trace();\r
\r
int len = iso14443a_select_card(uid, NULL, &cuid);\r
if(!len) {\r
- if (MF_DBGLEVEL >= MF_DBG_ERROR) \r
- Dbprintf("Can't select card");\r
- //OnError(1);\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Can't select card");\r
+ OnError(1);\r
return;\r
};\r
\r
if(mifare_desfire_des_auth1(cuid, dataout)){\r
- if (MF_DBGLEVEL >= MF_DBG_ERROR) \r
- Dbprintf("Authentication part1: Fail.");\r
- //OnError(4);\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Authentication part1: Fail.");\r
+ OnError(4);\r
return;\r
}\r
\r
if (MF_DBGLEVEL >= MF_DBG_EXTENDED) DbpString("AUTH 1 FINISHED");\r
- \r
cmd_send(CMD_ACK,1,cuid,0,dataout, sizeof(dataout));\r
}\r
\r
isOK = mifare_desfire_des_auth2(cuid, key, dataout);\r
\r
if( isOK) {\r
- if (MF_DBGLEVEL >= MF_DBG_EXTENDED) \r
- Dbprintf("Authentication part2: Failed"); \r
- //OnError(4);\r
+ if (MF_DBGLEVEL >= MF_DBG_EXTENDED) Dbprintf("Authentication part2: Failed"); \r
+ OnError(4);\r
return;\r
}\r
\r
- if (MF_DBGLEVEL >= MF_DBG_EXTENDED) \r
- DbpString("AUTH 2 FINISHED");\r
+ if (MF_DBGLEVEL >= MF_DBG_EXTENDED) DbpString("AUTH 2 FINISHED");\r
\r
cmd_send(CMD_ACK, isOK, 0, 0, dataout, sizeof(dataout));\r
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
LEDsoff();\r
}\r
+\r
+void OnSuccess(){\r
+ pcb_blocknum = 0;\r
+ ReaderTransmit(deselect_cmd, 3 , NULL);\r
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
+ LEDsoff();\r
+}\r
+\r
+void OnError(uint8_t reason){\r
+ pcb_blocknum = 0;\r
+ ReaderTransmit(deselect_cmd, 3 , NULL);\r
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);\r
+ cmd_send(CMD_ACK,0,reason,0,0,0);\r
+ LEDsoff();\r
+}\r
#include "iso14443a.h"\r
#include "crapto1.h"\r
#include "mifareutil.h"\r
+#include "des.h"\r
\r
int MF_DBGLEVEL = MF_DBG_ALL;\r
\r
return bt;\r
}\r
\r
-// send commands\r
-int mifare_sendcmd_short(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t data, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing)\r
+// send X byte basic commands\r
+int mifare_sendcmd(uint8_t cmd, uint8_t* data, uint8_t data_size, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing)\r
{\r
- return mifare_sendcmd_shortex(pcs, crypted, cmd, data, answer, answer_parity, timing);
-}
-
-int mifare_sendcmd_short_special(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t* data, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing)
-{
- uint8_t dcmd[8];
- dcmd[0] = cmd;
- dcmd[1] = data[0];
- dcmd[2] = data[1];
- dcmd[3] = data[2];
- dcmd[4] = data[3];
- dcmd[5] = data[4];
- AppendCrc14443a(dcmd, 6);
- ReaderTransmit(dcmd, sizeof(dcmd), NULL);
- int len = ReaderReceive(answer, answer_parity);
- if(!len) {
- if (MF_DBGLEVEL >= 1) Dbprintf("Authentication failed. Card timeout.");
- return 2;
- }\r
+ uint8_t dcmd[data_size+3];\r
+ dcmd[0] = cmd;\r
+ memcpy(dcmd+1,data,data_size);\r
+ AppendCrc14443a(dcmd, data_size+1);\r
+ ReaderTransmit(dcmd, sizeof(dcmd), timing);\r
+ int len = ReaderReceive(answer, answer_parity);\r
+ if(!len) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("%02X Cmd failed. Card timeout.", cmd);\r
+ len = ReaderReceive(answer,answer_parity);\r
+ //return 0;\r
+ }\r
return len;\r
}\r
\r
-int mifare_sendcmd_short_mfucauth(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t *data, uint8_t *answer, uint8_t *answer_parity, uint32_t *timing)\r
+// send 2 byte commands\r
+int mifare_sendcmd_short(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t data, uint8_t *answer, uint8_t *answer_parity, uint32_t *timing)\r
{\r
- uint8_t dcmd[19];\r
- int len; \r
- dcmd[0] = cmd;\r
- memcpy(dcmd+1,data,16);\r
- AppendCrc14443a(dcmd, 17);\r
- \r
- ReaderTransmit(dcmd, sizeof(dcmd), timing);\r
- len = ReaderReceive(answer, answer_parity);\r
- if(!len) {\r
- if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Authentication failed. Card timeout.");\r
- len = ReaderReceive(answer,answer_parity);\r
- }\r
- if(len==1) {\r
- if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("NAK - Authentication failed.");\r
- return 1;\r
- }
- return len;
-}
-
-int mifare_sendcmd_shortex(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t data, uint8_t *answer, uint8_t *answer_parity, uint32_t *timing)
-{
- uint8_t dcmd[4], ecmd[4];
+ uint8_t dcmd[4], ecmd[4];\r
uint16_t pos, res;\r
uint8_t par[1]; // 1 Byte parity is enough here\r
dcmd[0] = cmd;\r
}\r
\r
memcpy(blockData, receivedAnswer, 16);\r
- return 0;
-}
-
+ return 0;\r
+}\r
+\r
// mifare ultralight commands\r
-int mifare_ultra_auth1(uint32_t uid, uint8_t *blockData){\r
+int mifare_ul_ev1_auth(uint8_t *keybytes, uint8_t *pack){\r
\r
uint16_t len;\r
- uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE];\r
- uint8_t receivedAnswerPar[MAX_MIFARE_PARITY_SIZE];\r
- \r
- len = mifare_sendcmd_short(NULL, 1, 0x1A, 0x00, receivedAnswer,receivedAnswerPar ,NULL);\r
- if (len == 1) {\r
- if (MF_DBGLEVEL >= MF_DBG_ERROR)\r
- Dbprintf("Cmd Error: %02x", receivedAnswer[0]);\r
- return 1;\r
+ uint8_t resp[4];\r
+ uint8_t respPar[1];\r
+ uint8_t key[4] = {0x00};\r
+ memcpy(key, keybytes, 4);\r
+\r
+ if (MF_DBGLEVEL >= MF_DBG_EXTENDED)\r
+ Dbprintf("EV1 Auth : %02x%02x%02x%02x", key[0], key[1], key[2], key[3]);\r
+ len = mifare_sendcmd(0x1B, key, sizeof(key), resp, respPar, NULL);\r
+ //len = mifare_sendcmd_short_mfuev1auth(NULL, 0, 0x1B, key, resp, respPar, NULL);\r
+ if (len != 4) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Cmd Error: %02x %u", resp[0], len);\r
+ return 0;\r
}\r
- if (len != 11)\r
- return 1;\r
\r
- if (MF_DBGLEVEL >= MF_DBG_EXTENDED) {\r
- Dbprintf("Auth1 Resp: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",\r
- receivedAnswer[0],receivedAnswer[1],receivedAnswer[2],receivedAnswer[3],receivedAnswer[4],\r
- receivedAnswer[5],receivedAnswer[6],receivedAnswer[7],receivedAnswer[8],receivedAnswer[9],\r
- receivedAnswer[10]);\r
- }\r
- memcpy(blockData, receivedAnswer, 11);\r
- return 0;\r
+ if (MF_DBGLEVEL >= MF_DBG_EXTENDED)\r
+ Dbprintf("Auth Resp: %02x%02x%02x%02x", resp[0],resp[1],resp[2],resp[3]);\r
+\r
+ memcpy(pack, resp, 4);\r
+ return 1;\r
}\r
\r
-int mifare_ultra_auth2(uint32_t uid, uint8_t *key, uint8_t *blockData){\r
+int mifare_ultra_auth(uint8_t *keybytes){\r
+\r
+ /// 3des2k\r
+\r
+ uint8_t random_a[8] = {1,1,1,1,1,1,1,1};\r
+ uint8_t random_b[8] = {0x00};\r
+ uint8_t enc_random_b[8] = {0x00};\r
+ uint8_t rnd_ab[16] = {0x00};\r
+ uint8_t IV[8] = {0x00};\r
+ uint8_t key[16] = {0x00};\r
+ memcpy(key, keybytes, 16);\r
\r
uint16_t len;\r
- uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE];\r
- uint8_t receivedAnswerPar[MAX_MIFARE_PARITY_SIZE];\r
+ uint8_t resp[19] = {0x00};\r
+ uint8_t respPar[3] = {0,0,0};\r
+\r
+ // REQUEST AUTHENTICATION\r
+ len = mifare_sendcmd_short(NULL, 1, 0x1A, 0x00, resp, respPar ,NULL);\r
+ if (len != 11) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Cmd Error: %02x", resp[0]);\r
+ return 0;\r
+ }\r
+\r
+ // tag nonce.\r
+ memcpy(enc_random_b,resp+1,8);\r
+\r
+ // decrypt nonce.\r
+ tdes_2key_dec(random_b, enc_random_b, sizeof(random_b), key, IV );\r
+ rol(random_b,8);\r
+ memcpy(rnd_ab ,random_a,8);\r
+ memcpy(rnd_ab+8,random_b,8);\r
+\r
+ if (MF_DBGLEVEL >= MF_DBG_EXTENDED) {\r
+ Dbprintf("enc_B: %02x %02x %02x %02x %02x %02x %02x %02x",\r
+ enc_random_b[0],enc_random_b[1],enc_random_b[2],enc_random_b[3],enc_random_b[4],enc_random_b[5],enc_random_b[6],enc_random_b[7]);\r
+\r
+ Dbprintf(" B: %02x %02x %02x %02x %02x %02x %02x %02x",\r
+ random_b[0],random_b[1],random_b[2],random_b[3],random_b[4],random_b[5],random_b[6],random_b[7]);\r
+\r
+ Dbprintf("rnd_ab: %02x %02x %02x %02x %02x %02x %02x %02x",\r
+ rnd_ab[0],rnd_ab[1],rnd_ab[2],rnd_ab[3],rnd_ab[4],rnd_ab[5],rnd_ab[6],rnd_ab[7]);\r
+\r
+ Dbprintf("rnd_ab: %02x %02x %02x %02x %02x %02x %02x %02x",\r
+ rnd_ab[8],rnd_ab[9],rnd_ab[10],rnd_ab[11],rnd_ab[12],rnd_ab[13],rnd_ab[14],rnd_ab[15] );\r
+ }\r
+\r
+ // encrypt out, in, length, key, iv\r
+ tdes_2key_enc(rnd_ab, rnd_ab, sizeof(rnd_ab), key, enc_random_b);\r
+ //len = mifare_sendcmd_short_mfucauth(NULL, 1, 0xAF, rnd_ab, resp, respPar, NULL);\r
+ len = mifare_sendcmd(0xAF, rnd_ab, sizeof(rnd_ab), resp, respPar, NULL);\r
+ if (len != 11) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Cmd Error: %02x", resp[0]);\r
+ return 0;\r
+ }\r
+\r
+ uint8_t enc_resp[8] = { 0,0,0,0,0,0,0,0 };\r
+ uint8_t resp_random_a[8] = { 0,0,0,0,0,0,0,0 };\r
+ memcpy(enc_resp, resp+1, 8);\r
+\r
+ // decrypt out, in, length, key, iv \r
+ tdes_2key_dec(resp_random_a, enc_resp, 8, key, enc_random_b);\r
+ if ( memcmp(resp_random_a, random_a, 8) != 0 ) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("failed authentication");\r
+ return 0;\r
+ }\r
+\r
+ if (MF_DBGLEVEL >= MF_DBG_EXTENDED) {\r
+ Dbprintf("e_AB: %02x %02x %02x %02x %02x %02x %02x %02x", \r
+ rnd_ab[0],rnd_ab[1],rnd_ab[2],rnd_ab[3],\r
+ rnd_ab[4],rnd_ab[5],rnd_ab[6],rnd_ab[7]);\r
+\r
+ Dbprintf("e_AB: %02x %02x %02x %02x %02x %02x %02x %02x",\r
+ rnd_ab[8],rnd_ab[9],rnd_ab[10],rnd_ab[11],\r
+ rnd_ab[12],rnd_ab[13],rnd_ab[14],rnd_ab[15]);\r
+\r
+ Dbprintf("a: %02x %02x %02x %02x %02x %02x %02x %02x",\r
+ random_a[0],random_a[1],random_a[2],random_a[3],\r
+ random_a[4],random_a[5],random_a[6],random_a[7]);\r
+\r
+ Dbprintf("b: %02x %02x %02x %02x %02x %02x %02x %02x",\r
+ resp_random_a[0],resp_random_a[1],resp_random_a[2],resp_random_a[3],\r
+ resp_random_a[4],resp_random_a[5],resp_random_a[6],resp_random_a[7]);\r
+ }\r
+ return 1;\r
+}\r
+\r
+int mifare_ultra_readblock(uint8_t blockNo, uint8_t *blockData)\r
+{\r
+ uint16_t len;\r
+ uint8_t bt[2];\r
+ uint8_t receivedAnswer[MAX_FRAME_SIZE];\r
+ uint8_t receivedAnswerPar[MAX_PARITY_SIZE];\r
\r
- len = mifare_sendcmd_short_mfucauth(NULL, 1, 0xAF, key, receivedAnswer, receivedAnswerPar, NULL);\r
+\r
+ len = mifare_sendcmd_short(NULL, 1, 0x30, blockNo, receivedAnswer, receivedAnswerPar, NULL);\r
if (len == 1) {\r
- if (MF_DBGLEVEL >= MF_DBG_ERROR)\r
- Dbprintf("Cmd Error: %02x", receivedAnswer[0]);\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Cmd Error: %02x", receivedAnswer[0]);\r
return 1;\r
}\r
- if (len != 11)\r
- return 1; \r
- \r
- if (MF_DBGLEVEL >= MF_DBG_EXTENDED) {\r
- Dbprintf("Auth2 Resp: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",\r
- receivedAnswer[0],receivedAnswer[1],receivedAnswer[2],receivedAnswer[3],receivedAnswer[4],\r
- receivedAnswer[5],receivedAnswer[6],receivedAnswer[7],receivedAnswer[8],receivedAnswer[9],\r
- receivedAnswer[10]);\r
+ if (len != 18) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Cmd Error: card timeout. len: %x", len);\r
+ return 2;\r
}\r
- memcpy(blockData, receivedAnswer, 11);\r
+ \r
+ memcpy(bt, receivedAnswer + 16, 2);\r
+ AppendCrc14443a(receivedAnswer, 16);\r
+ if (bt[0] != receivedAnswer[16] || bt[1] != receivedAnswer[17]) {\r
+ if (MF_DBGLEVEL >= MF_DBG_ERROR) Dbprintf("Cmd CRC response error.");\r
+ return 3;\r
+ }\r
+ \r
+ memcpy(blockData, receivedAnswer, 14);\r
return 0;\r
}\r
\r
-int mifare_ultra_readblock(uint32_t uid, uint8_t blockNo, uint8_t *blockData)
-{
- uint16_t len;
- uint8_t bt[2];
- uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE];\r
- uint8_t receivedAnswerPar[MAX_MIFARE_PARITY_SIZE];\r
-
- \r
- // command MIFARE_CLASSIC_READBLOCK
- len = mifare_sendcmd_short(NULL, 1, 0x30, blockNo, receivedAnswer, receivedAnswerPar, NULL);
- if (len == 1) {
- if (MF_DBGLEVEL >= MF_DBG_ERROR)\r
- Dbprintf("Cmd Error: %02x", receivedAnswer[0]);
- return 1;
- }
- if (len != 18) {
- if (MF_DBGLEVEL >= MF_DBG_ERROR)\r
- Dbprintf("Cmd Error: card timeout. len: %x", len);
- return 2;
- }
-
- memcpy(bt, receivedAnswer + 16, 2);
- AppendCrc14443a(receivedAnswer, 16);
- if (bt[0] != receivedAnswer[16] || bt[1] != receivedAnswer[17]) {
- if (MF_DBGLEVEL >= MF_DBG_ERROR)\r
- Dbprintf("Cmd CRC response error.");
- return 3;
- }
-
- memcpy(blockData, receivedAnswer, 14);
- return 0;
-}
-
-
-int mifare_classic_writeblock(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo, uint8_t *blockData)
-{
- // variables
+int mifare_classic_writeblock(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo, uint8_t *blockData) \r
+{\r
+ // variables\r
uint16_t len, i; \r
uint32_t pos;\r
uint8_t par[3] = {0}; // enough for 18 Bytes to send\r
return 2;\r
}\r
\r
- return 0;
-}
-
-int mifare_ultra_writeblock(uint32_t uid, uint8_t blockNo, uint8_t *blockData)
-{
- uint16_t len;
- uint8_t par[3] = {0}; // enough for 18 parity bits
- uint8_t d_block[18] = {0x00};
- uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE];\r
- uint8_t receivedAnswerPar[MAX_MIFARE_PARITY_SIZE];\r
-
- // command MIFARE_CLASSIC_WRITEBLOCK
- len = mifare_sendcmd_short(NULL, true, 0xA0, blockNo, receivedAnswer, receivedAnswerPar, NULL);
-
- if ((len != 1) || (receivedAnswer[0] != 0x0A)) { // 0x0a - ACK
+ return 0;\r
+}\r
+\r
+/* // command not needed, but left for future testing\r
+int mifare_ultra_writeblock_compat(uint8_t blockNo, uint8_t *blockData) \r
+{\r
+ uint16_t len;\r
+ uint8_t par[3] = {0}; // enough for 18 parity bits\r
+ uint8_t d_block[18] = {0x00};\r
+ uint8_t receivedAnswer[MAX_FRAME_SIZE];\r
+ uint8_t receivedAnswerPar[MAX_PARITY_SIZE];\r
+\r
+ len = mifare_sendcmd_short(NULL, true, 0xA0, blockNo, receivedAnswer, receivedAnswerPar, NULL);\r
+\r
+ if ((len != 1) || (receivedAnswer[0] != 0x0A)) { // 0x0a - ACK\r
if (MF_DBGLEVEL >= MF_DBG_ERROR)\r
- Dbprintf("Cmd Addr Error: %02x", receivedAnswer[0]);
- return 1;
- }
-
- memcpy(d_block, blockData, 16);
- AppendCrc14443a(d_block, 16);
-
- ReaderTransmitPar(d_block, sizeof(d_block), par, NULL);
-
- len = ReaderReceive(receivedAnswer, receivedAnswerPar);
-
- if ((len != 1) || (receivedAnswer[0] != 0x0A)) { // 0x0a - ACK
+ Dbprintf("Cmd Addr Error: %02x", receivedAnswer[0]);\r
+ return 1;\r
+ }\r
+\r
+ memcpy(d_block, blockData, 16);\r
+ AppendCrc14443a(d_block, 16);\r
+\r
+ ReaderTransmitPar(d_block, sizeof(d_block), par, NULL);\r
+\r
+ len = ReaderReceive(receivedAnswer, receivedAnswerPar);\r
+\r
+ if ((len != 1) || (receivedAnswer[0] != 0x0A)) { // 0x0a - ACK\r
if (MF_DBGLEVEL >= MF_DBG_ERROR)\r
- Dbprintf("Cmd Data Error: %02x %d", receivedAnswer[0],len);
- return 2;
- }
- return 0;
-}
-
-int mifare_ultra_special_writeblock(uint32_t uid, uint8_t blockNo, uint8_t *blockData)
-{
- uint16_t len;
- uint8_t d_block[8] = {0x00};
+ Dbprintf("Cmd Data Error: %02x %d", receivedAnswer[0],len);\r
+ return 2;\r
+ }\r
+ return 0;\r
+}\r
+*/\r
+\r
+int mifare_ultra_writeblock(uint8_t blockNo, uint8_t *blockData)\r
+{\r
+ uint16_t len;\r
+ uint8_t d_block[5] = {0x00};\r
uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE];\r
uint8_t receivedAnswerPar[MAX_MIFARE_PARITY_SIZE];\r
-
- // command MIFARE_CLASSIC_WRITEBLOCK
- d_block[0]= blockNo;
- memcpy(d_block+1,blockData,4);
- AppendCrc14443a(d_block, 6);
-
- len = mifare_sendcmd_short_special(NULL, 1, 0xA2, d_block, receivedAnswer, receivedAnswerPar, NULL);
-
- if (receivedAnswer[0] != 0x0A) { // 0x0a - ACK
+\r
+ // command MIFARE_CLASSIC_WRITEBLOCK\r
+ d_block[0]= blockNo;\r
+ memcpy(d_block+1,blockData,4);\r
+ //AppendCrc14443a(d_block, 6);\r
+\r
+ len = mifare_sendcmd(0xA2, d_block, sizeof(d_block), receivedAnswer, receivedAnswerPar, NULL);\r
+\r
+ if (receivedAnswer[0] != 0x0A) { // 0x0a - ACK\r
if (MF_DBGLEVEL >= MF_DBG_ERROR)\r
- Dbprintf("Cmd Send Error: %02x %d", receivedAnswer[0],len);
- return 1;
- }
-\r return 0;
-}
-
-int mifare_classic_halt(struct Crypto1State *pcs, uint32_t uid)
-{
+ Dbprintf("Cmd Send Error: %02x %d", receivedAnswer[0],len);\r
+ return 1;\r
+ }\r
+ return 0;\r
+}\r
+\r
+int mifare_classic_halt(struct Crypto1State *pcs, uint32_t uid) \r
+{\r
uint16_t len; \r
uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE];\r
uint8_t receivedAnswerPar[MAX_MIFARE_PARITY_SIZE];\r
return 1;\r
}\r
\r
- return 0;
-}
-
-int mifare_ultra_halt(uint32_t uid)
-{
- uint16_t len;
+ return 0;\r
+}\r
+\r
+int mifare_ultra_halt()\r
+{\r
+ uint16_t len;\r
uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE];\r
uint8_t receivedAnswerPar[MAX_MIFARE_PARITY_SIZE];\r
-
- len = mifare_sendcmd_short(NULL, true, 0x50, 0x00, receivedAnswer, receivedAnswerPar, NULL);
- if (len != 0) {
+ \r
+ len = mifare_sendcmd_short(NULL, true, 0x50, 0x00, receivedAnswer, receivedAnswerPar, NULL);\r
+ if (len != 0) {\r
if (MF_DBGLEVEL >= MF_DBG_ERROR)\r
- Dbprintf("halt error. response len: %x", len);
- return 1;
- }
- return 0;
-}
-
+ Dbprintf("halt error. response len: %x", len);\r
+ return 1;\r
+ }\r
+ return 0;\r
+}\r
+\r
\r
// Mifare Memory Structure: up to 32 Sectors with 4 blocks each (1k and 2k cards),\r
// plus evtl. 8 sectors with 16 blocks each (4k cards)\r
}\r
\r
\r
-// work with emulator memory
-void emlSetMem(uint8_t *data, int blockNum, int blocksCount) {
- uint8_t* emCARD = BigBuf_get_EM_addr();
+// work with emulator memory\r
+void emlSetMem(uint8_t *data, int blockNum, int blocksCount) {\r
+ uint8_t* emCARD = BigBuf_get_EM_addr();\r
memcpy(emCARD + blockNum * 16, data, blocksCount * 16);\r
}\r
\r
int len;\r
// load key, keynumber\r
uint8_t data[2]={0x0a, 0x00};\r
- uint8_t receivedAnswer[MAX_MIFARE_FRAME_SIZE];\r
- uint8_t receivedAnswerPar[MAX_MIFARE_PARITY_SIZE];\r
+ uint8_t receivedAnswer[MAX_FRAME_SIZE];\r
+ uint8_t receivedAnswerPar[MAX_PARITY_SIZE];\r
\r
len = mifare_sendcmd_special(NULL, 1, 0x02, data, receivedAnswer,receivedAnswerPar,NULL);\r
if (len == 1) {\r
return 0;\r
}\r
return 1;\r
-}
+}\r
\r
#define cardSTATE_TO_IDLE() cardSTATE = MFEMUL_IDLE; LED_B_OFF(); LED_C_OFF();\r
\r
-//functions
-int mifare_sendcmd_short(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t data, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing);
-int mifare_sendcmd_short_special(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t *data, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing);
+//functions\r
+int mifare_sendcmd(uint8_t cmd, uint8_t *data, uint8_t data_size, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing);\r
+int mifare_sendcmd_short(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t data, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing);\r
\r
-int mifare_sendcmd_short_mfucauth(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t *data, uint8_t *answer, uint8_t *answer_parity, uint32_t *timing);\r
-int mifare_sendcmd_shortex(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t data, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing);
-
+// mifare classic\r
int mifare_classic_auth(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo, uint8_t keyType, uint64_t ui64Key, uint8_t isNested);\r
-int mifare_classic_authex(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo, uint8_t keyType, uint64_t ui64Key, uint8_t isNested, uint32_t * ntptr, uint32_t *timing);
-int mifare_classic_readblock(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo, uint8_t *blockData);
-int mifare_ultra_auth1(uint32_t cuid, uint8_t *blockData);\r
-int mifare_ultra_auth2(uint32_t cuid, uint8_t *key, uint8_t *blockData);\r
-int mifare_ultra_readblock(uint32_t uid, uint8_t blockNo, uint8_t *blockData);
-int mifare_classic_writeblock(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo, uint8_t *blockData);
-int mifare_ultra_writeblock(uint32_t uid, uint8_t blockNo, uint8_t *blockData);
-int mifare_ultra_special_writeblock(uint32_t uid, uint8_t blockNo, uint8_t *blockData);
-int mifare_classic_halt(struct Crypto1State *pcs, uint32_t uid);
-int mifare_ultra_halt(uint32_t uid);
+int mifare_classic_authex(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo, uint8_t keyType, uint64_t ui64Key, uint8_t isNested, uint32_t * ntptr, uint32_t *timing);\r
+int mifare_classic_readblock(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo, uint8_t *blockData);\r
+int mifare_classic_halt(struct Crypto1State *pcs, uint32_t uid); \r
+int mifare_classic_writeblock(struct Crypto1State *pcs, uint32_t uid, uint8_t blockNo, uint8_t *blockData);\r
+\r
+// Ultralight/NTAG...\r
+int mifare_ul_ev1_auth(uint8_t *key, uint8_t *pack);\r
+int mifare_ultra_auth(uint8_t *key);\r
+int mifare_ultra_readblock(uint8_t blockNo, uint8_t *blockData);\r
+//int mifare_ultra_writeblock_compat(uint8_t blockNo, uint8_t *blockData);\r
+int mifare_ultra_writeblock(uint8_t blockNo, uint8_t *blockData);\r
+int mifare_ultra_halt();\r
\r
// desfire\r
int mifare_sendcmd_special(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t* data, uint8_t* answer, uint8_t *answer_parity, uint32_t *timing);\r
int mifare_sendcmd_special2(struct Crypto1State *pcs, uint8_t crypted, uint8_t cmd, uint8_t* data, uint8_t* answer,uint8_t *answer_parity, uint32_t *timing);\r
int mifare_desfire_des_auth1(uint32_t uid, uint8_t *blockData);\r
int mifare_desfire_des_auth2(uint32_t uid, uint8_t *key, uint8_t *blockData);\r
-
-// crypto functions
-void mf_crypto1_decrypt(struct Crypto1State *pcs, uint8_t *receivedCmd, int len);
+\r
+// crypto functions\r
+void mf_crypto1_decrypt(struct Crypto1State *pcs, uint8_t *receivedCmd, int len);\r
void mf_crypto1_encrypt(struct Crypto1State *pcs, uint8_t *data, uint16_t len, uint8_t *par);\r
uint8_t mf_crypto1_encrypt4bit(struct Crypto1State *pcs, uint8_t data);\r
\r
void emlGetMemBt(uint8_t *data, int bytePtr, int byteCount);\r
uint64_t emlGetKey(int sectorNum, int keyType);\r
int emlGetValBl(uint32_t *blReg, uint8_t *blBlock, int blockNum);\r
-int emlSetValBl(uint32_t blReg, uint8_t blBlock, int blockNum);
-int emlCheckValBl(int blockNum);
-
-#endif
+int emlSetValBl(uint32_t blReg, uint8_t blBlock, int blockNum);\r
+int emlCheckValBl(int blockNum);\r
+\r
+#endif\r
**/
#include "optimized_cipher.h"
-#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdbool.h>
#include <stdint.h>
-#include <time.h>
#define opt_T(s) (0x1 & ((s->t >> 15) ^ (s->t >> 14)^ (s->t >> 10)^ (s->t >> 8)^ (s->t >> 5)^ (s->t >> 4)^ (s->t >> 1)^ s->t))
#include "proxmark3.h"
#include "apps.h"
+#include "zlib.h"
+#include "BigBuf.h"
+
+static uint8_t *next_free_memory;
+extern struct common_area common_area;
+extern char __data_src_start__, __data_start__, __data_end__, __bss_start__, __bss_end__;
+
+
+static voidpf inflate_malloc(voidpf opaque, uInt items, uInt size)
+{
+ uint8_t *allocated_memory;
+
+ allocated_memory = next_free_memory;
+ next_free_memory += items*size;
+ return allocated_memory;
+}
+
+
+static void inflate_free(voidpf opaque, voidpf address)
+{
+ // nothing to do
+
+}
+
+static void uncompress_data_section(void)
+{
+ z_stream data_section;
+
+ next_free_memory = BigBuf_get_addr();
+
+ // initialize zstream structure
+ data_section.next_in = (uint8_t *) &__data_src_start__;
+ data_section.avail_in = &__data_end__ - &__data_start__; // uncompressed size. Wrong but doesn't matter.
+ data_section.next_out = (uint8_t *) &__data_start__;
+ data_section.avail_out = &__data_end__ - &__data_start__; // uncompressed size. Correct.
+ data_section.zalloc = &inflate_malloc;
+ data_section.zfree = &inflate_free;
+ data_section.opaque = NULL;
+
+ // initialize zlib for inflate
+ inflateInit2(&data_section, 15);
+
+ // uncompress data segment to RAM
+ inflate(&data_section, Z_FINISH);
+
+ // save the size of the compressed data section
+ common_area.arg1 = data_section.total_in;
+}
+
-extern char __data_start__, __data_src_start__, __data_end__, __bss_start__, __bss_end__;
void __attribute__((section(".startos"))) Vector(void)
{
/* Stack should have been set up by the bootloader */
- char *src, *dst, *end;
+ // char *src;
+ char *dst, *end;
+
+ uncompress_data_section();
/* Set up (that is: clear) BSS. */
dst = &__bss_start__;
end = &__bss_end__;
while(dst < end) *dst++ = 0;
- /* Set up data segment: Copy from flash to ram */
- src = &__data_src_start__;
- dst = &__data_start__;
- end = &__data_end__;
- while(dst < end) *dst++ = *src++;
+ // Set up data segment: Copy from flash to ram
+ // src = &__data_src_start__;
+ // dst = &__data_start__;
+ // end = &__data_end__;
+ // while(dst < end) *dst++ = *src++;
+
AppMain();
}
dst[0] = 0;
strncat(dst, prefix, len-1);
if(v->magic != VERSION_INFORMATION_MAGIC) {
- strncat(dst, "Missing/Invalid version information", len - strlen(dst) - 1);
+ strncat(dst, "Missing/Invalid version information\n", len - strlen(dst) - 1);
return;
}
if(v->versionversion != 1) {
- strncat(dst, "Version information not understood", len - strlen(dst) - 1);
+ strncat(dst, "Version information not understood\n", len - strlen(dst) - 1);
return;
}
if(!v->present) {
- strncat(dst, "Version information not available", len - strlen(dst) - 1);
+ strncat(dst, "Version information not available\n", len - strlen(dst) - 1);
return;
}
strncat(dst, " ", len - strlen(dst) - 1);
strncat(dst, v->buildtime, len - strlen(dst) - 1);
+ strncat(dst, "\n", len - strlen(dst) - 1);
}
// -------------------------------------------------------------------------
CC=gcc
CXX=g++
#COMMON_FLAGS = -m32
-VPATH = ../common
+VPATH = ../common ../zlib
OBJDIR = obj
-LDLIBS = -L/opt/local/lib -L/usr/local/lib ../liblua/liblua.a -lreadline -lpthread -lm
+LDLIBS = -L/opt/local/lib -L/usr/local/lib -lreadline -lpthread -lm
+LUALIB = ../liblua/liblua.a
LDFLAGS = $(COMMON_FLAGS)
-CFLAGS = -std=c99 -I. -I../include -I../common -I/opt/local/include -I../liblua -Wall $(COMMON_FLAGS) -g -O4
+CFLAGS = -std=c99 -I. -I../include -I../common -I../zlib -I/opt/local/include -I../liblua -Wall $(COMMON_FLAGS) -g -O4
LUAPLATFORM = generic
ifneq (,$(findstring MINGW,$(platform)))
else
CXXFLAGS = $(shell pkg-config --cflags QtCore QtGui 2>/dev/null) -Wall -O4
QTLDLIBS = $(shell pkg-config --libs QtCore QtGui 2>/dev/null)
+ LUALIB += -ldl
MOC = $(shell pkg-config --variable=moc_location QtCore)
- LDLIBS += -ldl
# Below is a variant you can use if you have problems compiling with QT5 on ubuntu. see http://www.proxmark.org/forum/viewtopic.php?id=1661 for more info.
#MOC = /usr/lib/x86_64-linux-gnu/qt4/bin/moc
LUAPLATFORM = linux
endif
-
ifneq ($(QTLDLIBS),)
QTGUI = $(OBJDIR)/proxgui.o $(OBJDIR)/proxguiqt.o $(OBJDIR)/proxguiqt.moc.o
CFLAGS += -DHAVE_GUI
CMDSRCS = nonce2key/crapto1.c\
- nonce2key/crypto1.c\
- nonce2key/nonce2key.c\
- loclass/cipher.c \
- loclass/cipherutils.c \
- loclass/des.c \
- loclass/ikeys.c \
- loclass/elite_crack.c\
- loclass/fileutils.c\
- mifarehost.c\
- crc.c \
- crc16.c \
- iso14443crc.c \
- iso15693tools.c \
- data.c \
- graph.c \
- ui.c \
- cmddata.c \
- lfdemod.c \
- cmdhf.c \
- cmdhf14a.c \
- cmdhf14b.c \
- cmdhf15.c \
- cmdhfepa.c \
- cmdhflegic.c \
- cmdhficlass.c \
- cmdhfmf.c \
- cmdhfmfu.c \
- cmdhftopaz.c \
- cmdhw.c \
- cmdlf.c \
- cmdlfio.c \
- cmdlfhid.c \
- cmdlfem4x.c \
- cmdlfhitag.c \
- cmdlfti.c \
- cmdparser.c \
- cmdmain.c \
- cmdlft55xx.c \
- cmdlfpcf7931.c\
- pm3_binlib.c\
- scripting.c\
- cmdscript.c\
- pm3_bitlib.c\
- aes.c\
- protocols.c
+ nonce2key/crypto1.c\
+ nonce2key/nonce2key.c\
+ loclass/cipher.c \
+ loclass/cipherutils.c \
+ loclass/des.c \
+ loclass/ikeys.c \
+ loclass/elite_crack.c\
+ loclass/fileutils.c\
+ mifarehost.c\
+ crc.c \
+ crc16.c \
+ crc64.c \
+ iso14443crc.c \
+ iso15693tools.c \
+ data.c \
+ graph.c \
+ ui.c \
+ cmddata.c \
+ lfdemod.c \
+ cmdhf.c \
+ cmdhf14a.c \
+ cmdhf14b.c \
+ cmdhf15.c \
+ cmdhfepa.c \
+ cmdhflegic.c \
+ cmdhficlass.c \
+ cmdhfmf.c \
+ cmdhfmfu.c \
+ cmdhftopaz.c \
+ cmdhw.c \
+ cmdlf.c \
+ cmdlfio.c \
+ cmdlfhid.c \
+ cmdlfem4x.c \
+ cmdlfhitag.c \
+ cmdlfti.c \
+ cmdparser.c \
+ cmdmain.c \
+ cmdlft55xx.c \
+ cmdlfpcf7931.c\
+ pm3_binlib.c\
+ scripting.c\
+ cmdscript.c\
+ pm3_bitlib.c\
+ aes.c\
+ protocols.c\
+ sha1.c\
+
+ZLIBSRCS = deflate.c adler32.c trees.c zutil.c inflate.c inffast.c inftrees.c
+ZLIB_FLAGS = -DZ_SOLO -DZ_PREFIX -DNO_GZIP -DZLIB_PM3_TUNED
+#-DDEBUG -Dverbose=1
+
COREOBJS = $(CORESRCS:%.c=$(OBJDIR)/%.o)
CMDOBJS = $(CMDSRCS:%.c=$(OBJDIR)/%.o)
+ZLIBOBJS = $(ZLIBSRCS:%.c=$(OBJDIR)/%.o)
RM = rm -f
-BINS = proxmark3 flasher #snooper cli
-CLEAN = cli cli.exe flasher flasher.exe proxmark3 proxmark3.exe snooper snooper.exe $(CMDOBJS) $(OBJDIR)/*.o *.o *.moc.cpp
+BINS = proxmark3 flasher fpga_compress #snooper cli
+CLEAN = cli cli.exe flasher flasher.exe proxmark3 proxmark3.exe fpga_compress fpga_compress.exe snooper snooper.exe $(CMDOBJS) $(OBJDIR)/*.o *.o *.moc.cpp
all: lua_build $(BINS)
all-static: LDLIBS:=-static $(LDLIBS)
-all-static: snooper cli flasher
-
-proxmark3: LDLIBS+=$(QTLDLIBS)
+all-static: snooper cli flasher fpga_compress
+
+proxmark3: LDLIBS+=$(LUALIB) $(QTLDLIBS)
proxmark3: $(OBJDIR)/proxmark3.o $(COREOBJS) $(CMDOBJS) $(QTGUI)
$(CXX) $(CXXFLAGS) $^ $(LDLIBS) -o $@
flasher: $(OBJDIR)/flash.o $(OBJDIR)/flasher.o $(COREOBJS)
$(CXX) $(CXXFLAGS) $^ $(LDLIBS) -o $@
+fpga_compress: $(OBJDIR)/fpga_compress.o $(ZLIBOBJS)
+ $(CXX) $(CXXFLAGS) $(ZLIB_FLAGS) $^ $(LDLIBS) -o $@
+
$(OBJDIR)/%.o: %.c
- $(CC) $(CFLAGS) -c -o $@ $<
+ $(CC) $(CFLAGS) $(ZLIB_FLAGS) -c -o $@ $<
$(OBJDIR)/%.o: %.cpp
$(CXX) $(CXXFLAGS) -c -o $@ $<
#include "lfdemod.h"
#include "usb_cmd.h"
#include "crc.h"
+#include "crc16.h"
uint8_t DemodBuffer[MAX_DEMOD_BUF_LEN];
uint8_t g_debugMode;
-int DemodBufferLen;
+size_t DemodBufferLen;
static int CmdHelp(const char *Cmd);
//set the demod buffer with given array of binary (one bit per byte)
return 1;
}
+int usage_data_printdemodbuf(){
+ PrintAndLog("Usage: data printdemodbuffer x o <offset>");
+ PrintAndLog("Options: ");
+ PrintAndLog(" h This help");
+ PrintAndLog(" x output in hex (omit for binary output)");
+ PrintAndLog(" o <offset> enter offset in # of bits");
+ return 0;
+}
+
//by marshmellow
void printDemodBuff(void)
{
- uint32_t i = 0;
int bitLen = DemodBufferLen;
- if (bitLen<16) {
+ if (bitLen<1) {
PrintAndLog("no bits found in demod buffer");
return;
}
if (bitLen>512) bitLen=512; //max output to 512 bits if we have more - should be plenty
- // ensure equally divided by 16
- bitLen &= 0xfff0;
-
- for (i = 0; i <= (bitLen-16); i+=16) {
- PrintAndLog("%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i",
- DemodBuffer[i],
- DemodBuffer[i+1],
- DemodBuffer[i+2],
- DemodBuffer[i+3],
- DemodBuffer[i+4],
- DemodBuffer[i+5],
- DemodBuffer[i+6],
- DemodBuffer[i+7],
- DemodBuffer[i+8],
- DemodBuffer[i+9],
- DemodBuffer[i+10],
- DemodBuffer[i+11],
- DemodBuffer[i+12],
- DemodBuffer[i+13],
- DemodBuffer[i+14],
- DemodBuffer[i+15]
- );
- }
+ char *bin = sprint_bin_break(DemodBuffer,bitLen,16);
+ PrintAndLog("%s",bin);
+
return;
}
int CmdPrintDemodBuff(const char *Cmd)
{
- char hex;
- char printBuff[512]={0x00};
- uint8_t numBits = DemodBufferLen & 0xFFF0;
- sscanf(Cmd, "%c", &hex);
- if (hex == 'h'){
- PrintAndLog("Usage: data printdemodbuffer [x]");
- PrintAndLog("Options: ");
- PrintAndLog(" h This help");
- PrintAndLog(" x output in hex (omit for binary output)");
- return 0;
- }
- if (hex == 'x'){
- numBits = binarraytohex(printBuff, (char *)DemodBuffer, numBits);
- if (numBits==0) return 0;
- PrintAndLog("DemodBuffer: %s",printBuff);
- } else {
- printDemodBuff();
- }
- return 1;
-}
-int CmdAmp(const char *Cmd)
-{
- int i, rising, falling;
- int max = INT_MIN, min = INT_MAX;
-
- for (i = 10; i < GraphTraceLen; ++i) {
- if (GraphBuffer[i] > max)
- max = GraphBuffer[i];
- if (GraphBuffer[i] < min)
- min = GraphBuffer[i];
- }
-
- if (max != min) {
- rising = falling= 0;
- for (i = 0; i < GraphTraceLen; ++i) {
- if (GraphBuffer[i + 1] < GraphBuffer[i]) {
- if (rising) {
- GraphBuffer[i] = max;
- rising = 0;
- }
- falling = 1;
- }
- if (GraphBuffer[i + 1] > GraphBuffer[i]) {
- if (falling) {
- GraphBuffer[i] = min;
- falling = 0;
- }
- rising= 1;
- }
+ char hex[512]={0x00};
+ bool hexMode = false;
+ bool errors = false;
+ uint8_t offset = 0;
+ char cmdp = 0;
+ while(param_getchar(Cmd, cmdp) != 0x00)
+ {
+ switch(param_getchar(Cmd, cmdp))
+ {
+ case 'h':
+ case 'H':
+ return usage_data_printdemodbuf();
+ case 'x':
+ case 'X':
+ hexMode = true;
+ cmdp++;
+ break;
+ case 'o':
+ case 'O':
+ offset = param_get8(Cmd, cmdp+1);
+ if (!offset) errors = true;
+ cmdp += 2;
+ break;
+ default:
+ PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
+ errors = true;
+ break;
}
+ if(errors) break;
}
- RepaintGraphWindow();
- return 0;
-}
-
-/*
- * Generic command to demodulate ASK.
- *
- * Argument is convention: positive or negative (High mod means zero
- * or high mod means one)
- *
- * Updates the Graph trace with 0/1 values
- *
- * Arguments:
- * c : 0 or 1 (or invert)
- */
- //this method ignores the clock
+ //Validations
+ if(errors) return usage_data_printdemodbuf();
- //this function strictly converts highs and lows to 1s and 0s for each sample in the graphbuffer
-int Cmdaskdemod(const char *Cmd)
-{
- int i;
- int c, high = 0, low = 0;
-
- sscanf(Cmd, "%i", &c);
+ int numBits = (DemodBufferLen-offset) & 0x7FC; //make sure we don't exceed our string
- /* Detect high and lows */
- for (i = 0; i < GraphTraceLen; ++i)
- {
- if (GraphBuffer[i] > high)
- high = GraphBuffer[i];
- else if (GraphBuffer[i] < low)
- low = GraphBuffer[i];
- }
- high=abs(high*.75);
- low=abs(low*.75);
- if (c != 0 && c != 1) {
- PrintAndLog("Invalid argument: %s", Cmd);
- return 0;
- }
- //prime loop
- if (GraphBuffer[0] > 0) {
- GraphBuffer[0] = 1-c;
+ if (hexMode){
+ char *buf = (char *) (DemodBuffer + offset);
+ numBits = binarraytohex(hex, buf, numBits);
+ if (numBits==0) return 0;
+ PrintAndLog("DemodBuffer: %s",hex);
} else {
- GraphBuffer[0] = c;
- }
- for (i = 1; i < GraphTraceLen; ++i) {
- /* Transitions are detected at each peak
- * Transitions are either:
- * - we're low: transition if we hit a high
- * - we're high: transition if we hit a low
- * (we need to do it this way because some tags keep high or
- * low for long periods, others just reach the peak and go
- * down)
- */
- //[marhsmellow] change == to >= for high and <= for low for fuzz
- if ((GraphBuffer[i] >= high) && (GraphBuffer[i - 1] == c)) {
- GraphBuffer[i] = 1 - c;
- } else if ((GraphBuffer[i] <= low) && (GraphBuffer[i - 1] == (1 - c))){
- GraphBuffer[i] = c;
- } else {
- /* No transition */
- GraphBuffer[i] = GraphBuffer[i - 1];
- }
+ //setDemodBuf(DemodBuffer, DemodBufferLen-offset, offset);
+ char *bin = sprint_bin_break(DemodBuffer+offset,numBits,16);
+ PrintAndLog("DemodBuffer:\n%s",bin);
}
- RepaintGraphWindow();
- return 0;
+ return 1;
}
+//by marshmellow
//this function strictly converts >1 to 1 and <1 to 0 for each sample in the graphbuffer
int CmdGetBitStream(const char *Cmd)
{
return 0;
}
-
-//by marshmellow
-void printBitStream(uint8_t BitStream[], uint32_t bitLen)
-{
- uint32_t i = 0;
- if (bitLen<16) {
- PrintAndLog("Too few bits found: %d",bitLen);
- return;
- }
- if (bitLen>512) bitLen=512;
-
- // ensure equally divided by 16
- bitLen &= 0xfff0;
-
-
- for (i = 0; i <= (bitLen-16); i+=16) {
- PrintAndLog("%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i%i",
- BitStream[i],
- BitStream[i+1],
- BitStream[i+2],
- BitStream[i+3],
- BitStream[i+4],
- BitStream[i+5],
- BitStream[i+6],
- BitStream[i+7],
- BitStream[i+8],
- BitStream[i+9],
- BitStream[i+10],
- BitStream[i+11],
- BitStream[i+12],
- BitStream[i+13],
- BitStream[i+14],
- BitStream[i+15]
- );
- }
- return;
-}
//by marshmellow
//print 64 bit EM410x ID in multiple formats
void printEM410x(uint32_t hi, uint64_t id)
}
if (hi){
//output 88 bit em id
- PrintAndLog("\nEM TAG ID : %06x%016llx", hi, id);
+ PrintAndLog("\nEM TAG ID : %06X%016llX", hi, id);
} else{
//output 40 bit em id
- PrintAndLog("\nEM TAG ID : %010llx", id);
- PrintAndLog("Unique TAG ID : %010llx", id2lo);
+ PrintAndLog("\nEM TAG ID : %010llX", id);
+ PrintAndLog("Unique TAG ID : %010llX", id2lo);
PrintAndLog("\nPossible de-scramble patterns");
PrintAndLog("HoneyWell IdentKey {");
PrintAndLog("DEZ 8 : %08lld",id & 0xFFFFFF);
);
uint64_t paxton = (((id>>32) << 24) | (id & 0xffffff)) + 0x143e00;
PrintAndLog("}\nOther : %05lld_%03lld_%08lld",(id&0xFFFF),((id>>16LL) & 0xFF),(id & 0xFFFFFF));
- PrintAndLog("Pattern Paxton : %0d", paxton);
+ PrintAndLog("Pattern Paxton : %lld [0x%llX]", paxton, paxton);
uint32_t p1id = (id & 0xFFFFFF);
uint8_t arr[32] = {0x00};
p1 |= arr[2] << 4;
p1 |= arr[1] << 5;
p1 |= arr[0] << 9;
- PrintAndLog("Pattern 1 : 0x%X - %d", p1, p1);
+ PrintAndLog("Pattern 1 : %d [0x%X]", p1, p1);
uint16_t sebury1 = id & 0xFFFF;
uint8_t sebury2 = (id >> 16) & 0x7F;
uint32_t sebury3 = id & 0x7FFFFF;
- PrintAndLog("Pattern Sebury : %d %d %d (hex: %X %X %X)", sebury1, sebury2, sebury3, sebury1, sebury2, sebury3);
+ PrintAndLog("Pattern Sebury : %d %d %d [0x%X 0x%X 0x%X]", sebury1, sebury2, sebury3, sebury1, sebury2, sebury3);
}
}
return;
}
-
-int AskEm410xDemod(const char *Cmd, uint32_t *hi, uint64_t *lo)
+int AskEm410xDecode(bool verbose, uint32_t *hi, uint64_t *lo )
{
- int ans = ASKmanDemod(Cmd, FALSE, FALSE);
- if (!ans) return 0;
-
- size_t idx=0;
- if (Em410xDecode(DemodBuffer,(size_t *) &DemodBufferLen, &idx, hi, lo)){
+ size_t idx = 0;
+ size_t BitLen = DemodBufferLen;
+ uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
+ memcpy(BitStream, DemodBuffer, BitLen);
+ if (Em410xDecode(BitStream, &BitLen, &idx, hi, lo)){
+ //set GraphBuffer for clone or sim command
+ setDemodBuf(BitStream, BitLen, idx);
if (g_debugMode){
- PrintAndLog("DEBUG: idx: %d, Len: %d, Printing Demod Buffer:", idx, DemodBufferLen);
+ PrintAndLog("DEBUG: idx: %d, Len: %d, Printing Demod Buffer:", idx, BitLen);
printDemodBuff();
}
+ if (verbose){
+ PrintAndLog("EM410x pattern found: ");
+ printEM410x(*hi, *lo);
+ }
return 1;
}
return 0;
}
+
+int AskEm410xDemod(const char *Cmd, uint32_t *hi, uint64_t *lo, bool verbose)
+{
+ if (!ASKDemod(Cmd, FALSE, FALSE, 1)) return 0;
+ return AskEm410xDecode(verbose, hi, lo);
+}
+
//by marshmellow
//takes 3 arguments - clock, invert and maxErr as integers
//attempts to demodulate ask while decoding manchester
PrintAndLog(" : data askem410xdemod 64 1 0 = demod an EM410x Tag ID from GraphBuffer using a clock of RF/64 and inverting data and allowing 0 demod errors");
return 0;
}
- uint32_t hi = 0;
uint64_t lo = 0;
- if (AskEm410xDemod(Cmd, &hi, &lo)) {
- PrintAndLog("EM410x pattern found: ");
- printEM410x(hi, lo);
- return 1;
- }
- return 0;
+ uint32_t hi = 0;
+ return AskEm410xDemod(Cmd, &hi, &lo, true);
}
-int ASKmanDemod(const char *Cmd, bool verbose, bool emSearch)
+//by marshmellow
+//Cmd Args: Clock, invert, maxErr, maxLen as integers and amplify as char == 'a'
+// (amp may not be needed anymore)
+//verbose will print results and demoding messages
+//emSearch will auto search for EM410x format in bitstream
+//askType switches decode: ask/raw = 0, ask/manchester = 1
+int ASKDemod(const char *Cmd, bool verbose, bool emSearch, uint8_t askType)
{
int invert=0;
int clk=0;
int maxErr=100;
- //param_getdec(Cmd, 0, &clk);
- //param_getdec(Cmd, 1, &invert);
- //maxErr = param_get32ex(Cmd, 2, 0xFFFFFFFF, 10);
- //if (maxErr == 0xFFFFFFFF) maxErr=100;
+ int maxLen=0;
+ uint8_t askAmp = 0;
+ char amp = param_getchar(Cmd, 0);
uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
- sscanf(Cmd, "%i %i %i", &clk, &invert, &maxErr);
+ sscanf(Cmd, "%i %i %i %i %c", &clk, &invert, &maxErr, &maxLen, &);
+ if (!maxLen) maxLen = 512*64;
if (invert != 0 && invert != 1) {
PrintAndLog("Invalid argument: %s", Cmd);
return 0;
invert=1;
clk=0;
}
+ if (amp == 'a' || amp == 'A') askAmp=1;
size_t BitLen = getFromGraphBuf(BitStream);
- if (g_debugMode==1) PrintAndLog("DEBUG: Bitlen from grphbuff: %d",BitLen);
- if (BitLen==0) return 0;
- int errCnt=0;
- errCnt = askmandemod(BitStream, &BitLen, &clk, &invert, maxErr);
- if (errCnt<0||BitLen<16){ //if fatal error (or -1)
- if (g_debugMode==1) PrintAndLog("no data found %d, errors:%d, bitlen:%d, clock:%d",errCnt,invert,BitLen,clk);
+ if (g_debugMode) PrintAndLog("DEBUG: Bitlen from grphbuff: %d",BitLen);
+ if (BitLen<255) return 0;
+ if (maxLen<BitLen && maxLen != 0) BitLen = maxLen;
+
+ int errCnt = askdemod(BitStream, &BitLen, &clk, &invert, maxErr, askAmp, askType);
+ if (errCnt<0 || BitLen<16){ //if fatal error (or -1)
+ if (g_debugMode) PrintAndLog("DEBUG: no data found %d, errors:%d, bitlen:%d, clock:%d",errCnt,invert,BitLen,clk);
+ return 0;
+ }
+ if (errCnt>maxErr){
+ if (g_debugMode) PrintAndLog("DEBUG: Too many errors found, errors:%d, bits:%d, clock:%d",errCnt, BitLen, clk);
return 0;
}
- if (verbose || g_debugMode) PrintAndLog("\nUsing Clock: %d - Invert: %d - Bits Found: %d",clk,invert,BitLen);
+ if (verbose || g_debugMode) PrintAndLog("\nUsing Clock:%d, Invert:%d, Bits Found:%d",clk,invert,BitLen);
//output
- if (errCnt>0){
- if (verbose || g_debugMode) PrintAndLog("# Errors during Demoding (shown as 77 in bit stream): %d",errCnt);
- }
- if (verbose || g_debugMode) PrintAndLog("ASK/Manchester decoded bitstream:");
- // Now output the bitstream to the scrollback by line of 16 bits
setDemodBuf(BitStream,BitLen,0);
- if (verbose || g_debugMode) printDemodBuff();
- uint64_t lo =0;
- uint32_t hi =0;
- size_t idx=0;
+ if (verbose || g_debugMode){
+ if (errCnt>0) PrintAndLog("# Errors during Demoding (shown as 7 in bit stream): %d",errCnt);
+ if (askType) PrintAndLog("ASK/Manchester - Clock: %d - Decoded bitstream:",clk);
+ else PrintAndLog("ASK/Raw - Clock: %d - Decoded bitstream:",clk);
+ // Now output the bitstream to the scrollback by line of 16 bits
+ printDemodBuff();
+
+ }
+ uint64_t lo = 0;
+ uint32_t hi = 0;
if (emSearch){
- if (Em410xDecode(BitStream, &BitLen, &idx, &hi, &lo)){
- //set GraphBuffer for clone or sim command
- setDemodBuf(BitStream, BitLen, idx);
- if (g_debugMode){
- PrintAndLog("DEBUG: idx: %d, Len: %d, Printing Demod Buffer:", idx, BitLen);
- printDemodBuff();
- }
- if (verbose) PrintAndLog("EM410x pattern found: ");
- if (verbose) printEM410x(hi, lo);
- return 1;
- }
+ AskEm410xDecode(true, &hi, &lo);
}
return 1;
}
//by marshmellow
-//takes 3 arguments - clock, invert, maxErr as integers
+//takes 5 arguments - clock, invert, maxErr, maxLen as integers and amplify as char == 'a'
//attempts to demodulate ask while decoding manchester
//prints binary found and saves in graphbuffer for further commands
int Cmdaskmandemod(const char *Cmd)
{
char cmdp = param_getchar(Cmd, 0);
- if (strlen(Cmd) > 10 || cmdp == 'h' || cmdp == 'H') {
- PrintAndLog("Usage: data rawdemod am [clock] <0|1> [maxError]");
- PrintAndLog(" [set clock as integer] optional, if not set, autodetect.");
- PrintAndLog(" <invert>, 1 for invert output");
- PrintAndLog(" [set maximum allowed errors], default = 100.");
+ if (strlen(Cmd) > 25 || cmdp == 'h' || cmdp == 'H') {
+ PrintAndLog("Usage: data rawdemod am [clock] <invert> [maxError] [maxLen] [amplify]");
+ PrintAndLog(" [set clock as integer] optional, if not set, autodetect");
+ PrintAndLog(" <invert>, 1 to invert output");
+ PrintAndLog(" [set maximum allowed errors], default = 100");
+ PrintAndLog(" [set maximum Samples to read], default = 32768 (512 bits at rf/64)");
+ PrintAndLog(" <amplify>, 'a' to attempt demod with ask amplification, default = no amp");
PrintAndLog("");
PrintAndLog(" sample: data rawdemod am = demod an ask/manchester tag from GraphBuffer");
PrintAndLog(" : data rawdemod am 32 = demod an ask/manchester tag from GraphBuffer using a clock of RF/32");
PrintAndLog(" : data rawdemod am 64 1 0 = demod an ask/manchester tag from GraphBuffer using a clock of RF/64, inverting data and allowing 0 demod errors");
return 0;
}
- return ASKmanDemod(Cmd, TRUE, TRUE);
+ return ASKDemod(Cmd, TRUE, TRUE, 1);
}
//by marshmellow
int i =0;
int errCnt=0;
size_t size=0;
- size_t maxErr = 20;
+ int invert=0;
+ int maxErr = 20;
char cmdp = param_getchar(Cmd, 0);
- if (strlen(Cmd) > 1 || cmdp == 'h' || cmdp == 'H') {
- PrintAndLog("Usage: data manrawdecode");
+ if (strlen(Cmd) > 5 || cmdp == 'h' || cmdp == 'H') {
+ PrintAndLog("Usage: data manrawdecode [invert] [maxErr]");
PrintAndLog(" Takes 10 and 01 and converts to 0 and 1 respectively");
PrintAndLog(" --must have binary sequence in demodbuffer (run data askrawdemod first)");
+ PrintAndLog(" [invert] invert output");
+ PrintAndLog(" [maxErr] set number of errors allowed (default = 20)");
PrintAndLog("");
PrintAndLog(" sample: data manrawdecode = decode manchester bitstream from the demodbuffer");
return 0;
else if(DemodBuffer[i]<low) low=DemodBuffer[i];
BitStream[i]=DemodBuffer[i];
}
- if (high>1 || low <0 ){
- PrintAndLog("Error: please raw demod the wave first then mancheseter raw decode");
+ if (high>7 || low <0 ){
+ PrintAndLog("Error: please raw demod the wave first then manchester raw decode");
return 0;
}
+
+ sscanf(Cmd, "%i %i", &invert, &maxErr);
size=i;
- errCnt=manrawdecode(BitStream, &size);
+ errCnt=manrawdecode(BitStream, &size, invert);
if (errCnt>=maxErr){
PrintAndLog("Too many errors: %d",errCnt);
return 0;
}
PrintAndLog("Manchester Decoded - # errors:%d - data:",errCnt);
- printBitStream(BitStream, size);
+ PrintAndLog("%s", sprint_bin_break(BitStream, size, 16));
if (errCnt==0){
uint64_t id = 0;
uint32_t hi = 0;
//take 01 or 10 = 0 and 11 or 00 = 1
//takes 2 arguments "offset" default = 0 if 1 it will shift the decode by one bit
// and "invert" default = 0 if 1 it will invert output
-// since it is not like manchester and doesn't have an incorrect bit pattern we
-// cannot determine if our decode is correct or if it should be shifted by one bit
-// the argument offset allows us to manually shift if the output is incorrect
-// (better would be to demod and decode at the same time so we can distinguish large
-// width waves vs small width waves to help the decode positioning) or askbiphdemod
+// the argument offset allows us to manually shift if the output is incorrect - [EDIT: now auto detects]
int CmdBiphaseDecodeRaw(const char *Cmd)
{
size_t size=0;
}
if (errCnt>0){
- PrintAndLog("# Errors found during Demod (shown as 77 in bit stream): %d",errCnt);
+ PrintAndLog("# Errors found during Demod (shown as 7 in bit stream): %d",errCnt);
}
PrintAndLog("Biphase Decoded using offset: %d - # invert:%d - data:",offset,invert);
- printBitStream(BitStream, size);
+ PrintAndLog("%s", sprint_bin_break(BitStream, size, 16));
if (offset) setDemodBuf(DemodBuffer,DemodBufferLen-offset, offset); //remove first bit from raw demod
return 1;
}
-// set demod buffer back to raw after biphase demod
-void setBiphasetoRawDemodBuf(uint8_t *BitStream, size_t size)
-{
- uint8_t rawStream[512]={0x00};
- size_t i=0;
- uint8_t curPhase=0;
- if (size > 256) {
- PrintAndLog("ERROR - Biphase Demod Buffer overrun");
- return;
- }
- for (size_t idx=0; idx<size; idx++){
- if(!BitStream[idx]){
- rawStream[i++] = curPhase;
- rawStream[i++] = curPhase;
- curPhase ^= 1;
- } else {
- rawStream[i++] = curPhase;
- rawStream[i++] = curPhase ^ 1;
- }
- }
- setDemodBuf(rawStream,i,0);
- return;
-}
-
-//by marshmellow
-//takes 4 arguments - clock, invert, maxErr as integers and amplify as char
-//attempts to demodulate ask only
-//prints binary found and saves in graphbuffer for further commands
-int ASKrawDemod(const char *Cmd, bool verbose)
-{
- int invert=0;
- int clk=0;
- int maxErr=100;
- uint8_t askAmp = 0;
- char amp = param_getchar(Cmd, 0);
- uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
- sscanf(Cmd, "%i %i %i %c", &clk, &invert, &maxErr, &);
- if (invert != 0 && invert != 1) {
- if (verbose || g_debugMode) PrintAndLog("Invalid argument: %s", Cmd);
- return 0;
- }
- if (clk==1){
- invert=1;
- clk=0;
- }
- if (amp == 'a' || amp == 'A') askAmp=1;
- size_t BitLen = getFromGraphBuf(BitStream);
- if (BitLen==0) return 0;
- int errCnt=0;
- errCnt = askrawdemod(BitStream, &BitLen, &clk, &invert, maxErr, askAmp);
- if (errCnt==-1||BitLen<16){ //throw away static - allow 1 and -1 (in case of threshold command first)
- if (verbose || g_debugMode) PrintAndLog("no data found");
- if (g_debugMode) PrintAndLog("errCnt: %d, BitLen: %d, clk: %d, invert: %d", errCnt, BitLen, clk, invert);
- return 0;
- }
- if (verbose || g_debugMode) PrintAndLog("Using Clock: %d - invert: %d - Bits Found: %d", clk, invert, BitLen);
-
- //move BitStream back to DemodBuffer
- setDemodBuf(BitStream,BitLen,0);
-
- //output
- if (errCnt>0 && (verbose || g_debugMode)){
- PrintAndLog("# Errors during Demoding (shown as 77 in bit stream): %d", errCnt);
- }
- if (verbose || g_debugMode){
- PrintAndLog("ASK demoded bitstream:");
- // Now output the bitstream to the scrollback by line of 16 bits
- printBitStream(BitStream,BitLen);
- }
- return 1;
-}
-
//by marshmellow
// - ASK Demod then Biphase decode GraphBuffer samples
int ASKbiphaseDemod(const char *Cmd, bool verbose)
{
//ask raw demod GraphBuffer first
- int offset=0, clk=0, invert=0, maxErr=0, ans=0;
- ans = sscanf(Cmd, "%i %i %i %i", &offset, &clk, &invert, &maxErr);
- if (ans>0)
- ans = ASKrawDemod(Cmd+1, FALSE);
- else
- ans = ASKrawDemod(Cmd, FALSE);
- if (!ans) {
- if (g_debugMode || verbose) PrintAndLog("Error AskrawDemod: %d", ans);
- return 0;
- }
-
- //attempt to Biphase decode DemodBuffer
- size_t size = DemodBufferLen;
- uint8_t BitStream[MAX_DEMOD_BUF_LEN];
- memcpy(BitStream, DemodBuffer, DemodBufferLen);
+ int offset=0, clk=0, invert=0, maxErr=0;
+ sscanf(Cmd, "%i %i %i %i", &offset, &clk, &invert, &maxErr);
+
+ uint8_t BitStream[MAX_DEMOD_BUF_LEN];
+ size_t size = getFromGraphBuf(BitStream);
+ //invert here inverts the ask raw demoded bits which has no effect on the demod, but we need the pointer
+ int errCnt = askdemod(BitStream, &size, &clk, &invert, maxErr, 0, 0);
+ if ( errCnt < 0 || errCnt > maxErr ) {
+ if (g_debugMode) PrintAndLog("DEBUG: no data or error found %d, clock: %d", errCnt, clk);
+ return 0;
+ }
- int errCnt = BiphaseRawDecode(BitStream, &size, offset, invert);
+ //attempt to Biphase decode BitStream
+ errCnt = BiphaseRawDecode(BitStream, &size, offset, invert);
if (errCnt < 0){
if (g_debugMode || verbose) PrintAndLog("Error BiphaseRawDecode: %d", errCnt);
return 0;
//success set DemodBuffer and return
setDemodBuf(BitStream, size, 0);
if (g_debugMode || verbose){
- PrintAndLog("Biphase Decoded using offset: %d - # errors:%d - data:",offset,errCnt);
+ PrintAndLog("Biphase Decoded using offset: %d - clock: %d - # errors:%d - data:",offset,clk,errCnt);
printDemodBuff();
}
return 1;
int Cmdaskbiphdemod(const char *Cmd)
{
char cmdp = param_getchar(Cmd, 0);
- if (strlen(Cmd) > 12 || cmdp == 'h' || cmdp == 'H') {
- PrintAndLog("Usage: data rawdemod ab [offset] [clock] <invert> [maxError] <amplify>");
+ if (strlen(Cmd) > 25 || cmdp == 'h' || cmdp == 'H') {
+ PrintAndLog("Usage: data rawdemod ab [offset] [clock] <invert> [maxError]
[maxLen] <amplify>");
PrintAndLog(" [offset], offset to begin biphase, default=0");
PrintAndLog(" [set clock as integer] optional, if not set, autodetect");
PrintAndLog(" <invert>, 1 to invert output");
PrintAndLog(" [set maximum allowed errors], default = 100");
+ PrintAndLog(" [set maximum Samples to read], default = 32768 (512 bits at rf/64)");
PrintAndLog(" <amplify>, 'a' to attempt demod with ask amplification, default = no amp");
PrintAndLog(" NOTE: <invert> can be entered as second or third argument");
PrintAndLog(" NOTE: <amplify> can be entered as first, second or last argument");
PrintAndLog("");
PrintAndLog(" NOTE: --invert for Conditional Dephase Encoding (CDP) AKA Differential Manchester");
PrintAndLog("");
- PrintAndLog(" sample: data rawdemod ab = demod an ask/biph tag from GraphBuffer");
- PrintAndLog(" : data rawdemod ab a = demod an ask/biph tag from GraphBuffer, amplified");
- PrintAndLog(" : data rawdemod ab 1 32 = demod an ask/biph tag from GraphBuffer using an offset of 1 and a clock of RF/32");
- PrintAndLog(" : data rawdemod ab 0 32 1 = demod an ask/biph tag from GraphBuffer using a clock of RF/32 and inverting data");
- PrintAndLog(" : data rawdemod ab 0 1 = demod an ask/biph tag from GraphBuffer while inverting data");
- PrintAndLog(" : data rawdemod ab 0 64 1 0 = demod an ask/biph tag from GraphBuffer using a clock of RF/64, inverting data and allowing 0 demod errors");
- PrintAndLog(" : data rawdemod ab 0 64 1 0 a = demod an ask/biph tag from GraphBuffer using a clock of RF/64, inverting data and allowing 0 demod errors, and amp");
+ PrintAndLog(" sample: data rawdemod ab = demod an ask/biph tag from GraphBuffer");
+ PrintAndLog(" : data rawdemod ab 0 a = demod an ask/biph tag from GraphBuffer, amplified");
+ PrintAndLog(" : data rawdemod ab 1 32 = demod an ask/biph tag from GraphBuffer using an offset of 1 and a clock of RF/32");
+ PrintAndLog(" : data rawdemod ab 0 32 1 = demod an ask/biph tag from GraphBuffer using a clock of RF/32 and inverting data");
+ PrintAndLog(" : data rawdemod ab 0 1 = demod an ask/biph tag from GraphBuffer while inverting data");
+ PrintAndLog(" : data rawdemod ab 0 64 1 0 = demod an ask/biph tag from GraphBuffer using a clock of RF/64, inverting data and allowing 0 demod errors");
+ PrintAndLog(" : data rawdemod ab 0 64 1 0 0 a = demod an ask/biph tag from GraphBuffer using a clock of RF/64, inverting data and allowing 0 demod errors, and amp");
return 0;
}
return ASKbiphaseDemod(Cmd, TRUE);
return 1;
}
-//by marshmellow - see ASKrawDemod
+//by marshmellow - see ASKDemod
int Cmdaskrawdemod(const char *Cmd)
{
char cmdp = param_getchar(Cmd, 0);
- if (strlen(Cmd) > 12 || cmdp == 'h' || cmdp == 'H') {
- PrintAndLog("Usage: data rawdemod ar [clock] <invert> [maxError] [amplify]");
+ if (strlen(Cmd) > 25 || cmdp == 'h' || cmdp == 'H') {
+ PrintAndLog("Usage: data rawdemod ar [clock] <invert> [maxError] [maxLen] [amplify]");
PrintAndLog(" [set clock as integer] optional, if not set, autodetect");
PrintAndLog(" <invert>, 1 to invert output");
PrintAndLog(" [set maximum allowed errors], default = 100");
+ PrintAndLog(" [set maximum Samples to read], default = 32768 (1024 bits at rf/64)");
PrintAndLog(" <amplify>, 'a' to attempt demod with ask amplification, default = no amp");
PrintAndLog("");
- PrintAndLog(" sample: data rawdemod ar = demod an ask tag from GraphBuffer");
- PrintAndLog(" : data rawdemod ar a = demod an ask tag from GraphBuffer, amplified");
- PrintAndLog(" : data rawdemod ar 32 = demod an ask tag from GraphBuffer using a clock of RF/32");
- PrintAndLog(" : data rawdemod ar 32 1 = demod an ask tag from GraphBuffer using a clock of RF/32 and inverting data");
- PrintAndLog(" : data rawdemod ar 1 = demod an ask tag from GraphBuffer while inverting data");
- PrintAndLog(" : data rawdemod ar 64 1 0 = demod an ask tag from GraphBuffer using a clock of RF/64, inverting data and allowing 0 demod errors");
- PrintAndLog(" : data rawdemod ar 64 1 0 a = demod an ask tag from GraphBuffer using a clock of RF/64, inverting data and allowing 0 demod errors, and amp");
+ PrintAndLog(" sample: data rawdemod ar = demod an ask tag from GraphBuffer");
+ PrintAndLog(" : data rawdemod ar a = demod an ask tag from GraphBuffer, amplified");
+ PrintAndLog(" : data rawdemod ar 32 = demod an ask tag from GraphBuffer using a clock of RF/32");
+ PrintAndLog(" : data rawdemod ar 32 1 = demod an ask tag from GraphBuffer using a clock of RF/32 and inverting data");
+ PrintAndLog(" : data rawdemod ar 1 = demod an ask tag from GraphBuffer while inverting data");
+ PrintAndLog(" : data rawdemod ar 64 1 0 = demod an ask tag from GraphBuffer using a clock of RF/64, inverting data and allowing 0 demod errors");
+ PrintAndLog(" : data rawdemod ar 64 1 0 0 a = demod an ask tag from GraphBuffer using a clock of RF/64, inverting data and allowing 0 demod errors, and amp");
return 0;
}
- return ASKrawDemod(Cmd, TRUE);
+ return ASKDemod(Cmd, TRUE, FALSE, 0);
}
int AutoCorrelate(int window, bool SaveGrph, bool verbose)
return 0;
}
-/*
- * Convert to a bitstream
- */
-int CmdBitstream(const char *Cmd)
-{
- int i, j;
- int bit;
- int gtl;
- int clock;
- int low = 0;
- int high = 0;
- int hithigh, hitlow, first;
-
- /* Detect high and lows and clock */
- for (i = 0; i < GraphTraceLen; ++i)
- {
- if (GraphBuffer[i] > high)
- high = GraphBuffer[i];
- else if (GraphBuffer[i] < low)
- low = GraphBuffer[i];
- }
-
- /* Get our clock */
- clock = GetAskClock(Cmd, high, 1);
- gtl = ClearGraph(0);
-
- bit = 0;
- for (i = 0; i < (int)(gtl / clock); ++i)
- {
- hithigh = 0;
- hitlow = 0;
- first = 1;
- /* Find out if we hit both high and low peaks */
- for (j = 0; j < clock; ++j)
- {
- if (GraphBuffer[(i * clock) + j] == high)
- hithigh = 1;
- else if (GraphBuffer[(i * clock) + j] == low)
- hitlow = 1;
- /* it doesn't count if it's the first part of our read
- because it's really just trailing from the last sequence */
- if (first && (hithigh || hitlow))
- hithigh = hitlow = 0;
- else
- first = 0;
-
- if (hithigh && hitlow)
- break;
- }
-
- /* If we didn't hit both high and low peaks, we had a bit transition */
- if (!hithigh || !hitlow)
- bit ^= 1;
-
- AppendGraph(0, clock, bit);
- }
-
- RepaintGraphWindow();
- return 0;
-}
-
int CmdBuffClear(const char *Cmd)
{
UsbCommand c = {CMD_BUFF_CLEAR};
//by marshmellow
//use large jumps in read samples to identify edges of waves and then amplify that wave to max
-//similar to dirtheshold, threshold, and askdemod commands
+//similar to dirtheshold, threshold commands
//takes a threshold length which is the measured length between two samples then determines an edge
int CmdAskEdgeDetect(const char *Cmd)
{
int thresLen = 25;
sscanf(Cmd, "%i", &thresLen);
- int shift = 127;
- int shiftedVal=0;
+
for(int i = 1; i<GraphTraceLen; i++){
if (GraphBuffer[i]-GraphBuffer[i-1]>=thresLen) //large jump up
- shift=127;
+ GraphBuffer[i-1] = 127;
else if(GraphBuffer[i]-GraphBuffer[i-1]<=-1*thresLen) //large jump down
- shift=-127;
-
- shiftedVal=GraphBuffer[i]+shift;
-
- if (shiftedVal>127)
- shiftedVal=127;
- else if (shiftedVal<-127)
- shiftedVal=-127;
- GraphBuffer[i-1] = shiftedVal;
+ GraphBuffer[i-1] = -127;
}
RepaintGraphWindow();
- //CmdNorm("");
return 0;
}
int CmdDetectClockRate(const char *Cmd)
{
char cmdp = param_getchar(Cmd, 0);
- if (strlen(Cmd) > 3 || strlen(Cmd) == 0 || cmdp == 'h' || cmdp == 'H') {
- PrintAndLog("Usage: data detectclock [modulation]");
+ if (strlen(Cmd) > 6 || strlen(Cmd) == 0 || cmdp == 'h' || cmdp == 'H') {
+ PrintAndLog("Usage: data detectclock [modulation] <clock>");
PrintAndLog(" [modulation as char], specify the modulation type you want to detect the clock of");
+ PrintAndLog(" <clock> , specify the clock (optional - to get best start position only)");
PrintAndLog(" 'a' = ask, 'f' = fsk, 'n' = nrz/direct, 'p' = psk");
PrintAndLog("");
PrintAndLog(" sample: data detectclock a = detect the clock of an ask modulated wave in the GraphBuffer");
}
int ans=0;
if (cmdp == 'a'){
- ans = GetAskClock("", true, false);
+ ans = GetAskClock(Cmd+1, true, false);
} else if (cmdp == 'f'){
ans = GetFskClock("", true, false);
} else if (cmdp == 'n'){
return ans;
}
+char *GetFSKType(uint8_t fchigh, uint8_t fclow, uint8_t invert)
+{
+ char *fskType;
+ if (fchigh==10 && fclow==8){
+ if (invert) //fsk2a
+ fskType = "FSK2a";
+ else //fsk2
+ fskType = "FSK2";
+ } else if (fchigh == 8 && fclow == 5) {
+ if (invert)
+ fskType = "FSK1";
+ else
+ fskType = "FSK1a";
+ } else {
+ fskType = "FSK??";
+ }
+ return fskType;
+}
+
//by marshmellow
//fsk raw demod and print binary
//takes 4 arguments - Clock, invert, fchigh, fclow
rfLen = detectFSKClk(BitStream, BitLen, fchigh, fclow);
if (rfLen == 0) rfLen = 50;
}
- if (verbose) PrintAndLog("Args invert: %d - Clock:%d - fchigh:%d - fclow: %d",invert,rfLen,fchigh, fclow);
int size = fskdemod(BitStream,BitLen,(uint8_t)rfLen,(uint8_t)invert,(uint8_t)fchigh,(uint8_t)fclow);
if (size>0){
setDemodBuf(BitStream,size,0);
// Now output the bitstream to the scrollback by line of 16 bits
- if(size > (8*32)+2) size = (8*32)+2; //only output a max of 8 blocks of 32 bits most tags will have full bit stream inside that sample size
- if (verbose) {
- PrintAndLog("FSK decoded bitstream:");
- printBitStream(BitStream,size);
+ if (verbose || g_debugMode) {
+ PrintAndLog("\nUsing Clock:%d, invert:%d, fchigh:%d, fclow:%d", rfLen, invert, fchigh, fclow);
+ PrintAndLog("%s decoded bitstream:",GetFSKType(fchigh,fclow,invert));
+ printDemodBuff();
}
return 1;
} else{
- if (verbose) PrintAndLog("no FSK data found");
+ if (g_debugMode) PrintAndLog("no FSK data found");
}
return 0;
}
return 0;
}
if (idx==0){
- if (g_debugMode==1){
+ if (g_debugMode){
PrintAndLog("DEBUG: IO Prox Data not found - FSK Bits: %d",BitLen);
- if (BitLen > 92) printBitStream(BitStream,92);
+ if (BitLen > 92) PrintAndLog("%s", sprint_bin_break(BitStream,92,16));
}
return 0;
}
//XSF(version)facility:codeone+codetwo (raw)
//Handle the data
if (idx+64>BitLen) {
- if (g_debugMode==1) PrintAndLog("not enough bits found - bitlen: %d",BitLen);
+ if (g_debugMode) PrintAndLog("not enough bits found - bitlen: %d",BitLen);
return 0;
}
PrintAndLog("%d%d%d%d%d%d%d%d %d",BitStream[idx], BitStream[idx+1], BitStream[idx+2], BitStream[idx+3], BitStream[idx+4], BitStream[idx+5], BitStream[idx+6], BitStream[idx+7], BitStream[idx+8]);
for (uint8_t i=1; i<6; ++i){
calccrc += bytebits_to_byte(BitStream+idx+9*i,8);
- //PrintAndLog("%d", calccrc);
}
calccrc &= 0xff;
calccrc = 0xff - calccrc;
return 1;
}
-int CmdFSKdemod(const char *Cmd) //old CmdFSKdemod needs updating
-{
- static const int LowTone[] = {
- 1, 1, 1, 1, 1, -1, -1, -1, -1, -1,
- 1, 1, 1, 1, 1, -1, -1, -1, -1, -1,
- 1, 1, 1, 1, 1, -1, -1, -1, -1, -1,
- 1, 1, 1, 1, 1, -1, -1, -1, -1, -1,
- 1, 1, 1, 1, 1, -1, -1, -1, -1, -1
- };
- static const int HighTone[] = {
- 1, 1, 1, 1, 1, -1, -1, -1, -1,
- 1, 1, 1, 1, -1, -1, -1, -1,
- 1, 1, 1, 1, -1, -1, -1, -1,
- 1, 1, 1, 1, -1, -1, -1, -1,
- 1, 1, 1, 1, -1, -1, -1, -1,
- 1, 1, 1, 1, -1, -1, -1, -1, -1,
- };
-
- int lowLen = sizeof (LowTone) / sizeof (int);
- int highLen = sizeof (HighTone) / sizeof (int);
- int convLen = (highLen > lowLen) ? highLen : lowLen;
- uint32_t hi = 0, lo = 0;
-
- int i, j;
- int minMark = 0, maxMark = 0;
-
- for (i = 0; i < GraphTraceLen - convLen; ++i) {
- int lowSum = 0, highSum = 0;
-
- for (j = 0; j < lowLen; ++j) {
- lowSum += LowTone[j]*GraphBuffer[i+j];
- }
- for (j = 0; j < highLen; ++j) {
- highSum += HighTone[j] * GraphBuffer[i + j];
- }
- lowSum = abs(100 * lowSum / lowLen);
- highSum = abs(100 * highSum / highLen);
- GraphBuffer[i] = (highSum << 16) | lowSum;
- }
-
- for(i = 0; i < GraphTraceLen - convLen - 16; ++i) {
- int lowTot = 0, highTot = 0;
- // 10 and 8 are f_s divided by f_l and f_h, rounded
- for (j = 0; j < 10; ++j) {
- lowTot += (GraphBuffer[i+j] & 0xffff);
- }
- for (j = 0; j < 8; j++) {
- highTot += (GraphBuffer[i + j] >> 16);
- }
- GraphBuffer[i] = lowTot - highTot;
- if (GraphBuffer[i] > maxMark) maxMark = GraphBuffer[i];
- if (GraphBuffer[i] < minMark) minMark = GraphBuffer[i];
+// FDX-B ISO11784/85 demod (aka animal tag) BIPHASE, inverted, rf/32, with preamble of 00000000001 (128bits)
+// 8 databits + 1 parity (1)
+// CIITT 16 chksum
+// NATIONAL CODE, ICAR database
+// COUNTRY CODE (ISO3166) or http://cms.abvma.ca/uploads/ManufacturersISOsandCountryCodes.pdf
+// FLAG (animal/non-animal)
+int CmdFDXBdemodBI(const char *Cmd){
+
+ int invert = 1;
+ int clk = 32;
+ int errCnt = 0;
+ int maxErr = 0;
+ uint8_t BitStream[MAX_DEMOD_BUF_LEN];
+ size_t size = getFromGraphBuf(BitStream);
+
+ errCnt = askdemod(BitStream, &size, &clk, &invert, maxErr, 0, 0);
+ if ( errCnt < 0 || errCnt > maxErr ) {
+ if (g_debugMode) PrintAndLog("DEBUG: no data or error found %d, clock: %d", errCnt, clk);
+ return 0;
}
- GraphTraceLen -= (convLen + 16);
- RepaintGraphWindow();
+ errCnt = BiphaseRawDecode(BitStream, &size, maxErr, 1);
+ if (errCnt < 0 || errCnt > maxErr ) {
+ if (g_debugMode) PrintAndLog("Error BiphaseRawDecode: %d", errCnt);
+ return 0;
+ }
- // Find bit-sync (3 lo followed by 3 high) (HID ONLY)
- int max = 0, maxPos = 0;
- for (i = 0; i < 6000; ++i) {
- int dec = 0;
- for (j = 0; j < 3 * lowLen; ++j) {
- dec -= GraphBuffer[i + j];
- }
- for (; j < 3 * (lowLen + highLen ); ++j) {
- dec += GraphBuffer[i + j];
- }
- if (dec > max) {
- max = dec;
- maxPos = i;
- }
+ int preambleIndex = FDXBdemodBI(BitStream, &size);
+ if (preambleIndex < 0){
+ if (g_debugMode) PrintAndLog("Error FDXBDemod , no startmarker found :: %d",preambleIndex);
+ return 0;
}
- // place start of bit sync marker in graph
- GraphBuffer[maxPos] = maxMark;
- GraphBuffer[maxPos + 1] = minMark;
-
- maxPos += j;
-
- // place end of bit sync marker in graph
- GraphBuffer[maxPos] = maxMark;
- GraphBuffer[maxPos+1] = minMark;
-
- PrintAndLog("actual data bits start at sample %d", maxPos);
- PrintAndLog("length %d/%d", highLen, lowLen);
+ setDemodBuf(BitStream, 128, preambleIndex);
- uint8_t bits[46] = {0x00};
-
- // find bit pairs and manchester decode them
- for (i = 0; i < arraylen(bits) - 1; ++i) {
- int dec = 0;
- for (j = 0; j < lowLen; ++j) {
- dec -= GraphBuffer[maxPos + j];
- }
- for (; j < lowLen + highLen; ++j) {
- dec += GraphBuffer[maxPos + j];
- }
- maxPos += j;
- // place inter bit marker in graph
- GraphBuffer[maxPos] = maxMark;
- GraphBuffer[maxPos + 1] = minMark;
-
- // hi and lo form a 64 bit pair
- hi = (hi << 1) | (lo >> 31);
- lo = (lo << 1);
- // store decoded bit as binary (in hi/lo) and text (in bits[])
- if(dec < 0) {
- bits[i] = '1';
- lo |= 1;
- } else {
- bits[i] = '0';
- }
+ // remove but don't verify parity. (pType = 2)
+ size = removeParity(BitStream, preambleIndex + 11, 9, 2, 117);
+ if ( size <= 103 ) {
+ if (g_debugMode) PrintAndLog("Error removeParity:: %d", size);
+ return 0;
}
- PrintAndLog("bits: '%s'", bits);
- PrintAndLog("hex: %08x %08x", hi, lo);
- return 0;
+ if (g_debugMode) {
+ char *bin = sprint_bin_break(BitStream,size,16);
+ PrintAndLog("DEBUG BinStream:\n%s",bin);
+ }
+ PrintAndLog("\nFDX-B / ISO 11784/5 Animal Tag ID Found:");
+ if (g_debugMode) PrintAndLog("Start marker %d; Size %d", preambleIndex, size);
+
+ //got a good demod
+ uint64_t NationalCode = ((uint64_t)(bytebits_to_byteLSBF(BitStream+32,6)) << 32) | bytebits_to_byteLSBF(BitStream,32);
+ uint32_t countryCode = bytebits_to_byteLSBF(BitStream+38,10);
+ uint8_t dataBlockBit = BitStream[48];
+ uint32_t reservedCode = bytebits_to_byteLSBF(BitStream+49,14);
+ uint8_t animalBit = BitStream[63];
+ uint32_t crc16 = bytebits_to_byteLSBF(BitStream+64,16);
+ uint32_t extended = bytebits_to_byteLSBF(BitStream+80,24);
+
+ uint64_t rawid = ((uint64_t)bytebits_to_byte(BitStream,32)<<32) | bytebits_to_byte(BitStream+32,32);
+ uint8_t raw[8];
+ num_to_bytes(rawid, 8, raw);
+
+ if (g_debugMode) PrintAndLog("Raw ID Hex: %s", sprint_hex(raw,8));
+
+ uint16_t calcCrc = crc16_ccitt_kermit(raw, 8);
+ PrintAndLog("Animal ID: %04u-%012llu", countryCode, NationalCode);
+ PrintAndLog("National Code: %012llu", NationalCode);
+ PrintAndLog("CountryCode: %04u", countryCode);
+ PrintAndLog("Extended Data: %s", dataBlockBit ? "True" : "False");
+ PrintAndLog("reserved Code: %u", reservedCode);
+ PrintAndLog("Animal Tag: %s", animalBit ? "True" : "False");
+ PrintAndLog("CRC: 0x%04X - [%04X] - %s", crc16, calcCrc, (calcCrc == crc16) ? "Passed" : "Failed");
+ PrintAndLog("Extended: 0x%X\n", extended);
+
+ return 1;
}
+
//by marshmellow
//attempt to psk1 demod graph buffer
int PSKDemod(const char *Cmd, bool verbose)
clk=0;
}
if (invert != 0 && invert != 1) {
- if (verbose) PrintAndLog("Invalid argument: %s", Cmd);
+ if (g_debugMode || verbose) PrintAndLog("Invalid argument: %s", Cmd);
return 0;
}
uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
size_t BitLen = getFromGraphBuf(BitStream);
- if (BitLen==0) return -1;
+ if (BitLen==0) return 0;
uint8_t carrier=countFC(BitStream, BitLen, 0);
if (carrier!=2 && carrier!=4 && carrier!=8){
//invalid carrier
int errCnt=0;
errCnt = pskRawDemod(BitStream, &BitLen, &clk, &invert);
if (errCnt > maxErr){
- if (g_debugMode==1 && verbose) PrintAndLog("Too many errors found, clk: %d, invert: %d, numbits: %d, errCnt: %d",clk,invert,BitLen,errCnt);
+ if (g_debugMode || verbose) PrintAndLog("Too many errors found, clk: %d, invert: %d, numbits: %d, errCnt: %d",clk,invert,BitLen,errCnt);
return 0;
}
if (errCnt<0|| BitLen<16){ //throw away static - allow 1 and -1 (in case of threshold command first)
- if (g_debugMode==1 && verbose) PrintAndLog("no data found, clk: %d, invert: %d, numbits: %d, errCnt: %d",clk,invert,BitLen,errCnt);
+ if (g_debugMode || verbose) PrintAndLog("no data found, clk: %d, invert: %d, numbits: %d, errCnt: %d",clk,invert,BitLen,errCnt);
return 0;
}
- if (verbose){
- PrintAndLog("Tried PSK Demod using Clock: %d - invert: %d - Bits Found: %d",clk,invert,BitLen);
+ if (verbose || g_debugMode){
+ PrintAndLog("\nUsing Clock:%d, invert:%d, Bits Found:%d",clk,invert,BitLen);
if (errCnt>0){
- PrintAndLog("# Errors during Demoding (shown as 77 in bit stream): %d",errCnt);
+ PrintAndLog("# Errors during Demoding (shown as 7 in bit stream): %d",errCnt);
}
}
//prime demod buffer for output
return 0;
}
uint8_t invert=0;
- ans = indala26decode(DemodBuffer,(size_t *) &DemodBufferLen, &invert);
+ ans = indala26decode(DemodBuffer, &DemodBufferLen, &invert);
if (ans < 1) {
if (g_debugMode==1)
PrintAndLog("Error2: %d",ans);
return 1;
}
+int CmdPSKNexWatch(const char *Cmd)
+{
+ if (!PSKDemod("", false)) return 0;
+ uint8_t preamble[28] = {0,0,0,0,0,1,0,1,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
+ size_t startIdx = 0, size = DemodBufferLen;
+ bool invert = false;
+ if (!preambleSearch(DemodBuffer, preamble, sizeof(preamble), &size, &startIdx)){
+ // if didn't find preamble try again inverting
+ if (!PSKDemod("1", false)) return 0;
+ size = DemodBufferLen;
+ if (!preambleSearch(DemodBuffer, preamble, sizeof(preamble), &size, &startIdx)) return 0;
+ invert = true;
+ }
+ if (size != 128) return 0;
+ setDemodBuf(DemodBuffer, size, startIdx+4);
+ startIdx = 8+32; //4 = extra i added, 8 = preamble, 32 = reserved bits (always 0)
+ //get ID
+ uint32_t ID = 0;
+ for (uint8_t wordIdx=0; wordIdx<4; wordIdx++){
+ for (uint8_t idx=0; idx<8; idx++){
+ ID = (ID << 1) | DemodBuffer[startIdx+wordIdx+(idx*4)];
+ }
+ }
+ //parity check (TBD)
+
+ //checksum check (TBD)
+
+ //output
+ PrintAndLog("NexWatch ID: %d", ID);
+ if (invert){
+ PrintAndLog("Had to Invert - probably NexKey");
+ for (uint8_t idx=0; idx<size; idx++)
+ DemodBuffer[idx] ^= 1;
+ }
+
+ CmdPrintDemodBuff("x");
+ return 1;
+}
+
// by marshmellow
// takes 3 arguments - clock, invert, maxErr as integers
// attempts to demodulate nrz only
// prints binary found and saves in demodbuffer for further commands
-
int NRZrawDemod(const char *Cmd, bool verbose)
{
int invert=0;
//prime demod buffer for output
setDemodBuf(BitStream,BitLen,0);
- if (errCnt>0 && (verbose || g_debugMode)) PrintAndLog("# Errors during Demoding (shown as 77 in bit stream): %d",errCnt);
+ if (errCnt>0 && (verbose || g_debugMode)) PrintAndLog("# Errors during Demoding (shown as 7 in bit stream): %d",errCnt);
if (verbose || g_debugMode) {
PrintAndLog("NRZ demoded bitstream:");
// Now output the bitstream to the scrollback by line of 16 bits
return 0;
}
- PrintAndLog("PSK demoded bitstream:");
+ PrintAndLog("PSK1 demoded bitstream:");
// Now output the bitstream to the scrollback by line of 16 bits
printDemodBuff();
return 1;
{
char cmdp = Cmd[0]; //param_getchar(Cmd, 0);
- if (strlen(Cmd) > 14 || cmdp == 'h' || cmdp == 'H' || strlen(Cmd)<2) {
+ if (strlen(Cmd) > 20 || cmdp == 'h' || cmdp == 'H' || strlen(Cmd)<2) {
PrintAndLog("Usage: data rawdemod [modulation] <help>|<options>");
PrintAndLog(" [modulation] as 2 char, 'ab' for ask/biphase, 'am' for ask/manchester, 'ar' for ask/raw, 'fs' for fsk, ...");
PrintAndLog(" 'nr' for nrz/direct, 'p1' for psk1, 'p2' for psk2");
PrintAndLog("Unpacking...");
BitstreamOut bout = { got, bits_per_sample * n, 0};
int j =0;
- for (j = 0; j * bits_per_sample < n * 8 && j < sizeof(GraphBuffer); j++) {
+ for (j = 0; j * bits_per_sample < n * 8 && j < n; j++) {
uint8_t sample = getByte(bits_per_sample, &bout);
GraphBuffer[j] = ((int) sample )- 128;
}
PrintAndLog("# LF optimal: %5.2f V @%9.2f kHz", peakv/1000.0, 12000.0/(peakf+1));
PrintAndLog("# HF antenna: %5.2f V @ 13.56 MHz", vHf/1000.0);
-#define LF_UNUSABLE_V 2948 // was 2000. Changed due to bugfix in voltage measurements. LF results are now 47% higher.
-#define LF_MARGINAL_V 14739 // was 10000. Changed due to bugfix bug in voltage measurements. LF results are now 47% higher.
-#define HF_UNUSABLE_V 3167 // was 2000. Changed due to bugfix in voltage measurements. HF results are now 58% higher.
-#define HF_MARGINAL_V 7917 // was 5000. Changed due to bugfix in voltage measurements. HF results are now 58% higher.
+ #define LF_UNUSABLE_V 2948 // was 2000. Changed due to bugfix in voltage measurements. LF results are now 47% higher.
+ #define LF_MARGINAL_V 14739 // was 10000. Changed due to bugfix bug in voltage measurements. LF results are now 47% higher.
+ #define HF_UNUSABLE_V 3167 // was 2000. Changed due to bugfix in voltage measurements. HF results are now 58% higher.
+ #define HF_MARGINAL_V 7917 // was 5000. Changed due to bugfix in voltage measurements. HF results are now 58% higher.
if (peakv < LF_UNUSABLE_V)
PrintAndLog("# Your LF antenna is unusable.");
int CmdLtrim(const char *Cmd)
{
int ds = atoi(Cmd);
-
+ if (GraphTraceLen<=0) return 0;
for (int i = ds; i < GraphTraceLen; ++i)
GraphBuffer[i-ds] = GraphBuffer[i];
GraphTraceLen -= ds;
return 0;
}
-/*
- * Manchester demodulate a bitstream. The bitstream needs to be already in
- * the GraphBuffer as 0 and 1 values
- *
- * Give the clock rate as argument in order to help the sync - the algorithm
- * resyncs at each pulse anyway.
- *
- * Not optimized by any means, this is the 1st time I'm writing this type of
- * routine, feel free to improve...
- *
- * 1st argument: clock rate (as number of samples per clock rate)
- * Typical values can be 64, 32, 128...
- */
-int CmdManchesterDemod(const char *Cmd)
-{
- int i, j, invert= 0;
- int bit;
- int clock;
- int lastval = 0;
- int low = 0;
- int high = 0;
- int hithigh, hitlow, first;
- int lc = 0;
- int bitidx = 0;
- int bit2idx = 0;
- int warnings = 0;
-
- /* check if we're inverting output */
- if (*Cmd == 'i')
- {
- PrintAndLog("Inverting output");
- invert = 1;
- ++Cmd;
- do
- ++Cmd;
- while(*Cmd == ' '); // in case a 2nd argument was given
- }
-
- /* Holds the decoded bitstream: each clock period contains 2 bits */
- /* later simplified to 1 bit after manchester decoding. */
- /* Add 10 bits to allow for noisy / uncertain traces without aborting */
- /* int BitStream[GraphTraceLen*2/clock+10]; */
-
- /* But it does not work if compiling on WIndows: therefore we just allocate a */
- /* large array */
- uint8_t BitStream[MAX_GRAPH_TRACE_LEN] = {0};
-
- /* Detect high and lows */
- for (i = 0; i < GraphTraceLen; i++)
- {
- if (GraphBuffer[i] > high)
- high = GraphBuffer[i];
- else if (GraphBuffer[i] < low)
- low = GraphBuffer[i];
- }
-
- /* Get our clock */
- clock = GetAskClock(Cmd, high, 1);
-
- int tolerance = clock/4;
-
- /* Detect first transition */
- /* Lo-Hi (arbitrary) */
- /* skip to the first high */
- for (i= 0; i < GraphTraceLen; i++)
- if (GraphBuffer[i] == high)
- break;
- /* now look for the first low */
- for (; i < GraphTraceLen; i++)
- {
- if (GraphBuffer[i] == low)
- {
- lastval = i;
- break;
- }
- }
-
- /* If we're not working with 1/0s, demod based off clock */
- if (high != 1)
- {
- bit = 0; /* We assume the 1st bit is zero, it may not be
- * the case: this routine (I think) has an init problem.
- * Ed.
- */
- for (; i < (int)(GraphTraceLen / clock); i++)
- {
- hithigh = 0;
- hitlow = 0;
- first = 1;
-
- /* Find out if we hit both high and low peaks */
- for (j = 0; j < clock; j++)
- {
- if (GraphBuffer[(i * clock) + j] == high)
- hithigh = 1;
- else if (GraphBuffer[(i * clock) + j] == low)
- hitlow = 1;
-
- /* it doesn't count if it's the first part of our read
- because it's really just trailing from the last sequence */
- if (first && (hithigh || hitlow))
- hithigh = hitlow = 0;
- else
- first = 0;
-
- if (hithigh && hitlow)
- break;
- }
-
- /* If we didn't hit both high and low peaks, we had a bit transition */
- if (!hithigh || !hitlow)
- bit ^= 1;
-
- BitStream[bit2idx++] = bit ^ invert;
- }
- }
-
- /* standard 1/0 bitstream */
- else
- {
-
- /* Then detect duration between 2 successive transitions */
- for (bitidx = 1; i < GraphTraceLen; i++)
- {
- if (GraphBuffer[i-1] != GraphBuffer[i])
- {
- lc = i-lastval;
- lastval = i;
-
- // Error check: if bitidx becomes too large, we do not
- // have a Manchester encoded bitstream or the clock is really
- // wrong!
- if (bitidx > (GraphTraceLen*2/clock+8) ) {
- PrintAndLog("Error: the clock you gave is probably wrong, aborting.");
- return 0;
- }
- // Then switch depending on lc length:
- // Tolerance is 1/4 of clock rate (arbitrary)
- if (abs(lc-clock/2) < tolerance) {
- // Short pulse : either "1" or "0"
- BitStream[bitidx++]=GraphBuffer[i-1];
- } else if (abs(lc-clock) < tolerance) {
- // Long pulse: either "11" or "00"
- BitStream[bitidx++]=GraphBuffer[i-1];
- BitStream[bitidx++]=GraphBuffer[i-1];
- } else {
- // Error
- warnings++;
- PrintAndLog("Warning: Manchester decode error for pulse width detection.");
- PrintAndLog("(too many of those messages mean either the stream is not Manchester encoded, or clock is wrong)");
-
- if (warnings > 10)
- {
- PrintAndLog("Error: too many detection errors, aborting.");
- return 0;
- }
- }
- }
- }
-
- // At this stage, we now have a bitstream of "01" ("1") or "10" ("0"), parse it into final decoded bitstream
- // Actually, we overwrite BitStream with the new decoded bitstream, we just need to be careful
- // to stop output at the final bitidx2 value, not bitidx
- for (i = 0; i < bitidx; i += 2) {
- if ((BitStream[i] == 0) && (BitStream[i+1] == 1)) {
- BitStream[bit2idx++] = 1 ^ invert;
- } else if ((BitStream[i] == 1) && (BitStream[i+1] == 0)) {
- BitStream[bit2idx++] = 0 ^ invert;
- } else {
- // We cannot end up in this state, this means we are unsynchronized,
- // move up 1 bit:
- i++;
- warnings++;
- PrintAndLog("Unsynchronized, resync...");
- PrintAndLog("(too many of those messages mean the stream is not Manchester encoded)");
-
- if (warnings > 10)
- {
- PrintAndLog("Error: too many decode errors, aborting.");
- return 0;
- }
- }
- }
- }
-
- PrintAndLog("Manchester decoded bitstream");
- // Now output the bitstream to the scrollback by line of 16 bits
- for (i = 0; i < (bit2idx-16); i+=16) {
- PrintAndLog("%i %i %i %i %i %i %i %i %i %i %i %i %i %i %i %i",
- BitStream[i],
- BitStream[i+1],
- BitStream[i+2],
- BitStream[i+3],
- BitStream[i+4],
- BitStream[i+5],
- BitStream[i+6],
- BitStream[i+7],
- BitStream[i+8],
- BitStream[i+9],
- BitStream[i+10],
- BitStream[i+11],
- BitStream[i+12],
- BitStream[i+13],
- BitStream[i+14],
- BitStream[i+15]);
- }
- return 0;
-}
-
-/* Modulate our data into manchester */
-int CmdManchesterMod(const char *Cmd)
-{
- int i, j;
- int clock;
- int bit, lastbit, wave;
-
- /* Get our clock */
- clock = GetAskClock(Cmd, 0, 1);
-
- wave = 0;
- lastbit = 1;
- for (i = 0; i < (int)(GraphTraceLen / clock); i++)
- {
- bit = GraphBuffer[i * clock] ^ 1;
-
- for (j = 0; j < (int)(clock/2); j++)
- GraphBuffer[(i * clock) + j] = bit ^ lastbit ^ wave;
- for (j = (int)(clock/2); j < clock; j++)
- GraphBuffer[(i * clock) + j] = bit ^ lastbit ^ wave ^ 1;
-
- /* Keep track of how we start our wave and if we changed or not this time */
- wave ^= bit ^ lastbit;
- lastbit = bit;
- }
-
- RepaintGraphWindow();
- return 0;
-}
-
int CmdNorm(const char *Cmd)
{
int i;
return 0;
}
-int CmdThreshold(const char *Cmd)
-{
- int threshold = atoi(Cmd);
-
- for (int i = 0; i < GraphTraceLen; ++i) {
- if (GraphBuffer[i] >= threshold)
- GraphBuffer[i] = 1;
- else
- GraphBuffer[i] = -1;
- }
- RepaintGraphWindow();
- return 0;
-}
-
int CmdDirectionalThreshold(const char *Cmd)
{
int8_t upThres = param_get8(Cmd, 0);
static command_t CommandTable[] =
{
{"help", CmdHelp, 1, "This help"},
- {"amp", CmdAmp, 1, "Amplify peaks"},
- //{"askdemod", Cmdaskdemod, 1, "<0 or 1> -- Attempt to demodulate simple ASK tags"},
- {"askedgedetect", CmdAskEdgeDetect, 1, "[threshold] Adjust Graph for manual ask demod using length of sample differences to detect the edge of a wave (default = 25)"},
+ {"askedgedetect", CmdAskEdgeDetect, 1, "[threshold] Adjust Graph for manual ask demod using the length of sample differences to detect the edge of a wave (use 20-45, def:25)"},
{"askem410xdemod", CmdAskEM410xDemod, 1, "[clock] [invert<0|1>] [maxErr] -- Demodulate an EM410x tag from GraphBuffer (args optional)"},
{"askgproxiidemod", CmdG_Prox_II_Demod, 1, "Demodulate a G Prox II tag from GraphBuffer"},
{"autocorr", CmdAutoCorr, 1, "[window length] [g] -- Autocorrelation over window - g to save back to GraphBuffer (overwrite)"},
- {"biphaserawdecode",CmdBiphaseDecodeRaw,1,"[offset] [invert<0|1>] Biphase decode bin stream in DemodBuffer (offset = 0|1 bits to shift the decode start)"},
+ {"biphaserawdecode",CmdBiphaseDecodeRaw,1, "[offset] [invert<0|1>] [maxErr] -- Biphase decode bin stream in DemodBuffer (offset = 0|1 bits to shift the decode start)"},
{"bitsamples", CmdBitsamples, 0, "Get raw samples as bitstring"},
- //{"bitstream", CmdBitstream, 1, "[clock rate] -- Convert waveform into a bitstream"},
{"buffclear", CmdBuffClear, 1, "Clear sample buffer and graph window"},
{"dec", CmdDec, 1, "Decimate samples"},
{"detectclock", CmdDetectClockRate, 1, "[modulation] Detect clock rate of wave in GraphBuffer (options: 'a','f','n','p' for ask, fsk, nrz, psk respectively)"},
- //{"fskdemod", CmdFSKdemod, 1, "Demodulate graph window as a HID FSK"},
+ {"fdxbdemod", CmdFDXBdemodBI , 1, "Demodulate a FDX-B ISO11784/85 Biphase tag from GraphBuffer"},
{"fskawiddemod", CmdFSKdemodAWID, 1, "Demodulate an AWID FSK tag from GraphBuffer"},
//{"fskfcdetect", CmdFSKfcDetect, 1, "Try to detect the Field Clock of an FSK wave"},
{"fskhiddemod", CmdFSKdemodHID, 1, "Demodulate a HID FSK tag from GraphBuffer"},
{"load", CmdLoad, 1, "<filename> -- Load trace (to graph window"},
{"ltrim", CmdLtrim, 1, "<samples> -- Trim samples from left of trace"},
{"rtrim", CmdRtrim, 1, "<location to end trace> -- Trim samples from right of trace"},
- //{"mandemod", CmdManchesterDemod, 1, "[i] [clock rate] -- Manchester demodulate binary stream (option 'i' to invert output)"},
- {"manrawdecode", Cmdmandecoderaw, 1, "Manchester decode binary stream in DemodBuffer"},
- {"manmod", CmdManchesterMod, 1, "[clock rate] -- Manchester modulate a binary stream"},
+ {"manrawdecode", Cmdmandecoderaw, 1, "[invert] [maxErr] -- Manchester decode binary stream in DemodBuffer"},
{"norm", CmdNorm, 1, "Normalize max/min to +/-128"},
{"plot", CmdPlot, 1, "Show graph window (hit 'h' in window for keystroke help)"},
- {"printdemodbuffer",CmdPrintDemodBuff, 1, "[x] -- print the data in the DemodBuffer - 'x' for hex output"},
+ {"printdemodbuffer",CmdPrintDemodBuff, 1, "[x] [o] <offset> -- print the data in the DemodBuffer - 'x' for hex output"},
{"pskindalademod", CmdIndalaDecode, 1, "[clock] [invert<0|1>] -- Demodulate an indala tag (PSK1) from GraphBuffer (args optional)"},
+ {"psknexwatchdemod",CmdPSKNexWatch, 1, "Demodulate a NexWatch tag (nexkey, quadrakey) (PSK1) from GraphBuffer"},
{"rawdemod", CmdRawDemod, 1, "[modulation] ... <options> -see help (h option) -- Demodulate the data in the GraphBuffer and output binary"},
{"samples", CmdSamples, 0, "[512 - 40000] -- Get raw samples for graph window (GraphBuffer)"},
{"save", CmdSave, 1, "<filename> -- Save trace (from graph window)"},
{"scale", CmdScale, 1, "<int> -- Set cursor display scale"},
{"setdebugmode", CmdSetDebugMode, 1, "<0|1> -- Turn on or off Debugging Mode for demods"},
{"shiftgraphzero", CmdGraphShiftZero, 1, "<shift> -- Shift 0 for Graphed wave + or - shift value"},
- //{"threshold", CmdThreshold, 1, "<threshold> -- Maximize/minimize every value in the graph window depending on threshold"},
{"dirthreshold", CmdDirectionalThreshold, 1, "<thres up> <thres down> -- Max rising higher up-thres/ Min falling lower down-thres, keep rest as prev."},
{"tune", CmdTuneSamples, 0, "Get hw tune samples for graph window"},
{"undec", CmdUndec, 1, "Un-decimate samples by 2"},
int CmdData(const char *Cmd);
void printDemodBuff(void);
-void printBitStream(uint8_t BitStream[], uint32_t bitLen);
void setDemodBuf(uint8_t *buff, size_t size, size_t startIdx);
-int CmdAmp(const char *Cmd);
-int Cmdaskdemod(const char *Cmd);
int CmdAskEM410xDemod(const char *Cmd);
int CmdG_Prox_II_Demod(const char *Cmd);
int Cmdaskrawdemod(const char *Cmd);
int CmdAutoCorr(const char *Cmd);
int CmdBiphaseDecodeRaw(const char *Cmd);
int CmdBitsamples(const char *Cmd);
-int CmdBitstream(const char *Cmd);
int CmdBuffClear(const char *Cmd);
int CmdDec(const char *Cmd);
int CmdDetectClockRate(const char *Cmd);
+int CmdFDXBdemodBI(const char *Cmd);
int CmdFSKdemodAWID(const char *Cmd);
-int CmdFSKdemod(const char *Cmd);
int CmdFSKdemodHID(const char *Cmd);
int CmdFSKdemodIO(const char *Cmd);
int CmdFSKdemodParadox(const char *Cmd);
int CmdFSKrawdemod(const char *Cmd);
int CmdPSK1rawDemod(const char *Cmd);
int CmdPSK2rawDemod(const char *Cmd);
+int CmdPSKNexWatch(const char *Cmd);
int CmdGrid(const char *Cmd);
int CmdGetBitStream(const char *Cmd);
int CmdHexsamples(const char *Cmd);
int CmdLtrim(const char *Cmd);
int CmdRtrim(const char *Cmd);
int Cmdmandecoderaw(const char *Cmd);
-int CmdManchesterDemod(const char *Cmd);
-int CmdManchesterMod(const char *Cmd);
int CmdNorm(const char *Cmd);
int CmdNRZrawDemod(const char *Cmd);
int CmdPlot(const char *Cmd);
+int CmdPrintDemodBuff(const char *Cmd);
int CmdRawDemod(const char *Cmd);
int CmdSamples(const char *Cmd);
int CmdTuneSamples(const char *Cmd);
int CmdSave(const char *Cmd);
int CmdScale(const char *Cmd);
-int CmdThreshold(const char *Cmd);
int CmdDirectionalThreshold(const char *Cmd);
int CmdZerocrossings(const char *Cmd);
int CmdIndalaDecode(const char *Cmd);
-int AskEm410xDemod(const char *Cmd, uint32_t *hi, uint64_t *lo);
+int AskEm410xDecode(bool verbose, uint32_t *hi, uint64_t *lo );
+int AskEm410xDemod(const char *Cmd, uint32_t *hi, uint64_t *lo, bool verbose);
int ASKbiphaseDemod(const char *Cmd, bool verbose);
-int ASKmanDemod(const char *Cmd, bool verbose, bool emSearch);
-int ASKrawDemod(const char *Cmd, bool verbose);
+int ASKDemod(const char *Cmd, bool verbose, bool emSearch, uint8_t askType);
int FSKrawDemod(const char *Cmd, bool verbose);
int PSKDemod(const char *Cmd, bool verbose);
int NRZrawDemod(const char *Cmd, bool verbose);
#define MAX_DEMOD_BUF_LEN (1024*128)
extern uint8_t DemodBuffer[MAX_DEMOD_BUF_LEN];
-extern int DemodBufferLen;
-
+extern size_t DemodBufferLen;
+extern uint8_t g_debugMode;
#define BIGBUF_SIZE 40000
#endif
case MIFARE_CMD_DEC: snprintf(exp,size,"DEC(%d)",cmd[1]); break;
case MIFARE_CMD_RESTORE: snprintf(exp,size,"RESTORE(%d)",cmd[1]); break;
case MIFARE_CMD_TRANSFER: snprintf(exp,size,"TRANSFER(%d)",cmd[1]); break;
- case MIFARE_AUTH_KEYA: snprintf(exp,size,"AUTH-A(%d)",cmd[1]); break;
+ case MIFARE_AUTH_KEYA:{
+ if ( cmdsize > 3)
+ snprintf(exp,size,"AUTH-A(%d)",cmd[1]);
+ else
+ // case MIFARE_ULEV1_VERSION : both 0x60.
+ snprintf(exp,size,"EV1 VERSION");
+ break;
+ }
case MIFARE_AUTH_KEYB: snprintf(exp,size,"AUTH-B(%d)",cmd[1]); break;
case MIFARE_MAGICWUPC1: snprintf(exp,size,"MAGIC WUPC1"); break;
case MIFARE_MAGICWUPC2: snprintf(exp,size,"MAGIC WUPC2"); break;
case MIFARE_MAGICWIPEC: snprintf(exp,size,"MAGIC WIPEC"); break;
+ case MIFARE_ULC_AUTH_1: snprintf(exp,size,"AUTH "); break;
+ case MIFARE_ULC_AUTH_2: snprintf(exp,size,"AUTH_ANSW"); break;
+ case MIFARE_ULEV1_AUTH:
+ if ( cmdsize == 7 )
+ snprintf(exp,size,"PWD-AUTH KEY: 0x%02x%02x%02x%02x", cmd[1], cmd[2], cmd[3], cmd[4] );
+ else
+ snprintf(exp,size,"PWD-AUTH");
+ break;
+ case MIFARE_ULEV1_FASTREAD:{
+ if ( cmdsize >=3 && cmd[2] <= 0xE6)
+ snprintf(exp,size,"READ RANGE (%d-%d)",cmd[1],cmd[2]);
+ else
+ snprintf(exp,size,"?");
+ break;
+ }
+ case MIFARE_ULC_WRITE:{
+ if ( cmd[1] < 0x21 )
+ snprintf(exp,size,"WRITEBLOCK(%d)",cmd[1]);
+ else
+ snprintf(exp,size,"?");
+ break;
+ }
+ case MIFARE_ULEV1_READ_CNT:{
+ if ( cmd[1] < 5 )
+ snprintf(exp,size,"READ CNT(%d)",cmd[1]);
+ else
+ snprintf(exp,size,"?");
+ break;
+ }
+ case MIFARE_ULEV1_INCR_CNT:{
+ if ( cmd[1] < 5 )
+ snprintf(exp,size,"INCR(%d)",cmd[1]);
+ else
+ snprintf(exp,size,"?");
+ break;
+ }
+ case MIFARE_ULEV1_READSIG: snprintf(exp,size,"READ_SIG"); break;
+ case MIFARE_ULEV1_CHECKTEAR: snprintf(exp,size,"CHK_TEARING(%d)",cmd[1]); break;
+ case MIFARE_ULEV1_VCSL: snprintf(exp,size,"VCSL"); break;
default: snprintf(exp,size,"?"); break;
}
return;
oddparity ^= (((frame[j] & 0xFF) >> k) & 0x01);
}
uint8_t parityBits = parityBytes[j>>3];
- if (isResponse && (oddparity != ((parityBits >> (7-(j&0x0007))) & 0x01))) {
- snprintf(line[j/16]+(( j % 16) * 4), 110, " %02x!", frame[j]);
+ if (protocol != ISO_14443B && isResponse && (oddparity != ((parityBits >> (7-(j&0x0007))) & 0x01))) {
+ snprintf(line[j/16]+(( j % 16) * 4),110, "%02x! ", frame[j]);
} else {
snprintf(line[j/16]+(( j % 16) * 4), 110, " %02x ", frame[j]);
}
return 0;
}
+int CmdHFSearch(const char *Cmd){
+ int ans = 0;
+ PrintAndLog("");
+ ans = CmdHF14AReader("s");
+ if (ans > 0) {
+ PrintAndLog("\nValid ISO14443A Tag Found - Quiting Search\n");
+ return ans;
+ }
+ ans = HF14BInfo(false);
+ if (ans) {
+ PrintAndLog("\nValid ISO14443B Tag Found - Quiting Search\n");
+ return ans;
+ }
+ ans = HFiClassReader("", false, false);
+ if (ans) {
+ PrintAndLog("\nValid iClass Tag (or PicoPass Tag) Found - Quiting Search\n");
+ return ans;
+ }
+ ans = HF15Reader("", false);
+ if (ans) {
+ PrintAndLog("\nValid ISO15693 Tag Found - Quiting Search\n");
+ return ans;
+ }
+ PrintAndLog("\nno known/supported 13.56 MHz tags found\n");
+ return 0;
+}
static command_t CommandTable[] =
{
+<<<<<<< HEAD
{"help", CmdHelp, 1, "This help"},
{"14a", CmdHF14A, 1, "{ ISO14443A RFIDs... }"},
{"14b", CmdHF14B, 1, "{ ISO14443B RFIDs... }"},
{"tune", CmdHFTune, 0, "Continuously measure HF antenna tuning"},
{"list", CmdHFList, 1, "List protocol data in trace buffer"},
{NULL, NULL, 0, NULL}
+=======
+ {"help", CmdHelp, 1, "This help"},
+ {"14a", CmdHF14A, 1, "{ ISO14443A RFIDs... }"},
+ {"14b", CmdHF14B, 1, "{ ISO14443B RFIDs... }"},
+ {"15", CmdHF15, 1, "{ ISO15693 RFIDs... }"},
+ {"epa", CmdHFEPA, 1, "{ German Identification Card... }"},
+ {"legic", CmdHFLegic, 0, "{ LEGIC RFIDs... }"},
+ {"iclass", CmdHFiClass, 1, "{ ICLASS RFIDs... }"},
+ {"mf", CmdHFMF, 1, "{ MIFARE RFIDs... }"},
+ {"mfu", CmdHFMFUltra, 1, "{ MIFARE Ultralight RFIDs... }"},
+ {"tune", CmdHFTune, 0, "Continuously measure HF antenna tuning"},
+ {"list", CmdHFList, 1, "List protocol data in trace buffer"},
+ {"search", CmdHFSearch, 1, "Search for known HF tags [preliminary]"},
+ {NULL, NULL, 0, NULL}
+>>>>>>> master
};
int CmdHF(const char *Cmd)
#include "common.h"
#include "cmdmain.h"
#include "mifare.h"
+#include "cmdhfmfu.h"
static int CmdHelp(const char *Cmd);
static void waitCmd(uint8_t iLen);
uint64_t select_status = resp.arg[0]; // 0: couldn't read, 1: OK, with ATS, 2: OK, no ATS, 3: proprietary Anticollision
if(select_status == 0) {
- PrintAndLog("iso14443a card select failed");
+ if (Cmd[0] != 's') PrintAndLog("iso14443a card select failed");
// disconnect
c.arg[0] = 0;
c.arg[1] = 0;
return 0;
}
-
- PrintAndLog("ATQA : %02x %02x", card.atqa[1], card.atqa[0]);
PrintAndLog(" UID : %s", sprint_hex(card.uid, card.uidlen));
+ PrintAndLog("ATQA : %02x %02x", card.atqa[1], card.atqa[0]);
PrintAndLog(" SAK : %02x [%d]", card.sak, resp.arg[0]);
- // Double & triple sized UID, can be mapped to a manufacturer.
- // HACK: does this apply for Ultralight cards?
- if ( card.uidlen > 4 ) {
- PrintAndLog("MANUFACTURER : %s", getTagInfo(card.uid[0]));
- }
-
switch (card.sak) {
- case 0x00: PrintAndLog("TYPE : NXP MIFARE Ultralight | Ultralight C"); break;
+ case 0x00:
+
+ //***************************************test****************
+ // disconnect
+ c.arg[0] = 0;
+ c.arg[1] = 0;
+ c.arg[2] = 0;
+ SendCommand(&c);
+
+ uint32_t tagT = GetHF14AMfU_Type();
+ ul_print_type(tagT, 0);
+
+ //reconnect for further tests
+ c.arg[0] = ISO14A_CONNECT | ISO14A_NO_DISCONNECT;
+ c.arg[1] = 0;
+ c.arg[2] = 0;
+
+ SendCommand(&c);
+
+ UsbCommand resp;
+ WaitForResponse(CMD_ACK,&resp);
+
+ memcpy(&card, (iso14a_card_select_t *)resp.d.asBytes, sizeof(iso14a_card_select_t));
+
+ select_status = resp.arg[0]; // 0: couldn't read, 1: OK, with ATS, 2: OK, no ATS
+
+ if(select_status == 0) {
+ //PrintAndLog("iso14443a card select failed");
+ // disconnect
+ c.arg[0] = 0;
+ c.arg[1] = 0;
+ c.arg[2] = 0;
+ SendCommand(&c);
+ return 0;
+ }
+
+ /* orig
+ // check if the tag answers to GETVERSION (0x60)
+ c.arg[0] = ISO14A_RAW | ISO14A_APPEND_CRC | ISO14A_NO_DISCONNECT;
+ c.arg[1] = 1;
+ c.arg[2] = 0;
+ c.d.asBytes[0] = 0x60;
+ SendCommand(&c);
+ WaitForResponse(CMD_ACK,&resp);
+
+ uint8_t version[10] = {0};
+ memcpy(version, resp.d.asBytes, resp.arg[0] < sizeof(version) ? resp.arg[0] : sizeof(version));
+ uint8_t len = resp.arg[0] & 0xff;
+ switch ( len ){
+ // todo, identify "Magic UL-C tags". // they usually have a static nonce response to 0x1A command.
+ // UL-EV1, size, check version[6] == 0x0b (smaller) 0x0b * 4 == 48
+ case 0x0A:PrintAndLog("TYPE : NXP MIFARE Ultralight EV1 %d bytes", (version[6] == 0xB) ? 48 : 128);break;
+ case 0x01:PrintAndLog("TYPE : NXP MIFARE Ultralight C");break;
+ case 0x00:PrintAndLog("TYPE : NXP MIFARE Ultralight");break;
+ }
+ */
+ break;
case 0x01: PrintAndLog("TYPE : NXP TNP3xxx Activision Game Appliance"); break;
case 0x04: PrintAndLog("TYPE : NXP MIFARE (various !DESFire !DESFire EV1)"); break;
case 0x08: PrintAndLog("TYPE : NXP MIFARE CLASSIC 1k | Plus 2k SL1"); break;
default: ;
}
+ // Double & triple sized UID, can be mapped to a manufacturer.
+ // HACK: does this apply for Ultralight cards?
+ if ( card.uidlen > 4 ) {
+ PrintAndLog("MANUFACTURER : %s", getTagInfo(card.uid[0]));
+ }
+
// try to request ATS even if tag claims not to support it
if (select_status == 2) {
uint8_t rats[] = { 0xE0, 0x80 }; // FSDI=8 (FSD=256), CID=0
SendCommand(&c);
WaitForResponse(CMD_ACK,&resp);
- memcpy(&card.ats, resp.d.asBytes, resp.arg[0]);
+ memcpy(card.ats, resp.d.asBytes, resp.arg[0]);
card.ats_len = resp.arg[0]; // note: ats_len includes CRC Bytes
}
#include "cmdparser.h"
#include "cmdhf14b.h"
#include "cmdmain.h"
+#include "cmdhf14a.h"
static int CmdHelp(const char *Cmd);
-int CmdHF14BDemod(const char *Cmd)
-{
- int i, j, iold;
- int isum, qsum;
- int outOfWeakAt;
- bool negateI, negateQ;
-
- uint8_t data[256];
- int dataLen = 0;
-
- // As received, the samples are pairs, correlations against I and Q
- // square waves. So estimate angle of initial carrier (or just
- // quadrant, actually), and then do the demod.
-
- // First, estimate where the tag starts modulating.
- for (i = 0; i < GraphTraceLen; i += 2) {
- if (abs(GraphBuffer[i]) + abs(GraphBuffer[i + 1]) > 40) {
- break;
- }
- }
- if (i >= GraphTraceLen) {
- PrintAndLog("too weak to sync");
- return 0;
- }
- PrintAndLog("out of weak at %d", i);
- outOfWeakAt = i;
-
- // Now, estimate the phase in the initial modulation of the tag
- isum = 0;
- qsum = 0;
- for (; i < (outOfWeakAt + 16); i += 2) {
- isum += GraphBuffer[i + 0];
- qsum += GraphBuffer[i + 1];
- }
- negateI = (isum < 0);
- negateQ = (qsum < 0);
-
- // Turn the correlation pairs into soft decisions on the bit.
- j = 0;
- for (i = 0; i < GraphTraceLen / 2; i++) {
- int si = GraphBuffer[j];
- int sq = GraphBuffer[j + 1];
- if (negateI) si = -si;
- if (negateQ) sq = -sq;
- GraphBuffer[i] = si + sq;
- j += 2;
- }
- GraphTraceLen = i;
-
- i = outOfWeakAt / 2;
- while (GraphBuffer[i] > 0 && i < GraphTraceLen)
- i++;
- if (i >= GraphTraceLen) goto demodError;
-
- iold = i;
- while (GraphBuffer[i] < 0 && i < GraphTraceLen)
- i++;
- if (i >= GraphTraceLen) goto demodError;
- if ((i - iold) > 23) goto demodError;
-
- PrintAndLog("make it to demod loop");
-
- for (;;) {
- iold = i;
- while (GraphBuffer[i] >= 0 && i < GraphTraceLen)
- i++;
- if (i >= GraphTraceLen) goto demodError;
- if ((i - iold) > 6) goto demodError;
-
- uint16_t shiftReg = 0;
- if (i + 20 >= GraphTraceLen) goto demodError;
-
- for (j = 0; j < 10; j++) {
- int soft = GraphBuffer[i] + GraphBuffer[i + 1];
-
- if (abs(soft) < (abs(isum) + abs(qsum)) / 20) {
- PrintAndLog("weak bit");
- }
-
- shiftReg >>= 1;
- if(GraphBuffer[i] + GraphBuffer[i+1] >= 0) {
- shiftReg |= 0x200;
- }
-
- i+= 2;
- }
-
- if ((shiftReg & 0x200) && !(shiftReg & 0x001))
- {
- // valid data byte, start and stop bits okay
- PrintAndLog(" %02x", (shiftReg >> 1) & 0xff);
- data[dataLen++] = (shiftReg >> 1) & 0xff;
- if (dataLen >= sizeof(data)) {
- return 0;
- }
- } else if (shiftReg == 0x000) {
- // this is EOF
- break;
- } else {
- goto demodError;
- }
- }
-
- uint8_t first, second;
- ComputeCrc14443(CRC_14443_B, data, dataLen-2, &first, &second);
- PrintAndLog("CRC: %02x %02x (%s)\n", first, second,
- (first == data[dataLen-2] && second == data[dataLen-1]) ?
- "ok" : "****FAIL****");
-
- RepaintGraphWindow();
- return 0;
-
-demodError:
- PrintAndLog("demod error");
- RepaintGraphWindow();
- return 0;
-}
-
int CmdHF14BList(const char *Cmd)
{
PrintAndLog("Deprecated command, use 'hf list 14b' instead");
return 0;
}
-int CmdHF14BRead(const char *Cmd)
-{
- UsbCommand c = {CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443, {strtol(Cmd, NULL, 0), 0, 0}};
- SendCommand(&c);
- return 0;
-}
-int CmdHF14Sim(const char *Cmd)
+int CmdHF14BSim(const char *Cmd)
{
- UsbCommand c={CMD_SIMULATE_TAG_ISO_14443};
- SendCommand(&c);
- return 0;
-}
-
-int CmdHFSimlisten(const char *Cmd)
-{
- UsbCommand c = {CMD_SIMULATE_TAG_HF_LISTEN};
+ UsbCommand c={CMD_SIMULATE_TAG_ISO_14443B};
+ clearCommandBuffer();
SendCommand(&c);
return 0;
}
int CmdHF14BSnoop(const char *Cmd)
{
- UsbCommand c = {CMD_SNOOP_ISO_14443};
+ UsbCommand c = {CMD_SNOOP_ISO_14443B};
+ clearCommandBuffer();
SendCommand(&c);
return 0;
}
int CmdSri512Read(const char *Cmd)
{
UsbCommand c = {CMD_READ_SRI512_TAG, {strtol(Cmd, NULL, 0), 0, 0}};
+ clearCommandBuffer();
SendCommand(&c);
return 0;
}
int CmdSrix4kRead(const char *Cmd)
{
UsbCommand c = {CMD_READ_SRIX4K_TAG, {strtol(Cmd, NULL, 0), 0, 0}};
+ clearCommandBuffer();
SendCommand(&c);
return 0;
}
-int CmdHF14BCmdRaw (const char *cmd) {
- UsbCommand resp;
- uint8_t *recv;
- UsbCommand c = {CMD_ISO_14443B_COMMAND, {0, 0, 0}}; // len,recv?
- uint8_t reply=1;
- uint8_t crc=0;
- uint8_t power=0;
- char buf[5]="";
- int i=0;
- uint8_t data[100] = {0x00};
- unsigned int datalen=0, temp;
- char *hexout;
-
- if (strlen(cmd)<3) {
- PrintAndLog("Usage: hf 14b raw [-r] [-c] [-p] <0A 0B 0C ... hex>");
- PrintAndLog(" -r do not read response");
- PrintAndLog(" -c calculate and append CRC");
- PrintAndLog(" -p leave the field on after receive");
- return 0;
- }
-
- // strip
- while (*cmd==' ' || *cmd=='\t') cmd++;
-
- while (cmd[i]!='\0') {
- if (cmd[i]==' ' || cmd[i]=='\t') { i++; continue; }
- if (cmd[i]=='-') {
- switch (cmd[i+1]) {
- case 'r':
- case 'R':
- reply=0;
- break;
- case 'c':
- case 'C':
- crc=1;
- break;
- case 'p':
- case 'P':
- power=1;
- break;
- default:
- PrintAndLog("Invalid option");
- return 0;
- }
- i+=2;
- continue;
- }
- if ((cmd[i]>='0' && cmd[i]<='9') ||
- (cmd[i]>='a' && cmd[i]<='f') ||
- (cmd[i]>='A' && cmd[i]<='F') ) {
- buf[strlen(buf)+1]=0;
- buf[strlen(buf)]=cmd[i];
- i++;
-
- if (strlen(buf)>=2) {
- sscanf(buf,"%x",&temp);
- data[datalen]=(uint8_t)(temp & 0xff);
- datalen++;
- *buf=0;
- }
- continue;
- }
- PrintAndLog("Invalid char on input");
- return 1;
- }
- if (datalen == 0)
- {
- PrintAndLog("Missing data input");
- return 0;
- }
- if(crc)
- {
- uint8_t first, second;
- ComputeCrc14443(CRC_14443_B, data, datalen, &first, &second);
- data[datalen++] = first;
- data[datalen++] = second;
- }
-
- c.arg[0] = datalen;
- c.arg[1] = reply;
- c.arg[2] = power;
- memcpy(c.d.asBytes,data,datalen);
-
- SendCommand(&c);
-
- if (reply) {
- if (WaitForResponseTimeout(CMD_ACK,&resp,1000)) {
- recv = resp.d.asBytes;
- PrintAndLog("received %i octets",resp.arg[0]);
- if(!resp.arg[0])
- return 0;
- hexout = (char *)malloc(resp.arg[0] * 3 + 1);
- if (hexout != NULL) {
- uint8_t first, second;
- for (int i = 0; i < resp.arg[0]; i++) { // data in hex
- sprintf(&hexout[i * 3], "%02X ", recv[i]);
- }
- PrintAndLog("%s", hexout);
- free(hexout);
- ComputeCrc14443(CRC_14443_B, recv, resp.arg[0]-2, &first, &second);
- if(recv[resp.arg[0]-2]==first && recv[resp.arg[0]-1]==second) {
- PrintAndLog("CRC OK");
- } else {
- PrintAndLog("CRC failed");
- }
- } else {
- PrintAndLog("malloc failed your client has low memory?");
- }
- } else {
- PrintAndLog("timeout while waiting for reply.");
- }
- } // if reply
- return 0;
+int rawClose(void){
+ UsbCommand resp;
+ UsbCommand c = {CMD_ISO_14443B_COMMAND, {0, 0, 0}};
+ clearCommandBuffer();
+ SendCommand(&c);
+ if (!WaitForResponseTimeout(CMD_ACK,&resp,1000)) {
+ return 0;
+ }
+ return 0;
+}
+
+int HF14BCmdRaw(bool reply, bool *crc, bool power, uint8_t *data, uint8_t *datalen, bool verbose){
+ UsbCommand resp;
+ UsbCommand c = {CMD_ISO_14443B_COMMAND, {0, 0, 0}}; // len,recv,power
+ if(*crc)
+ {
+ uint8_t first, second;
+ ComputeCrc14443(CRC_14443_B, data, *datalen, &first, &second);
+ data[*datalen] = first;
+ data[*datalen + 1] = second;
+ *datalen += 2;
+ }
+
+ c.arg[0] = *datalen;
+ c.arg[1] = reply;
+ c.arg[2] = power;
+ memcpy(c.d.asBytes,data,*datalen);
+ clearCommandBuffer();
+ SendCommand(&c);
+
+ if (!reply) return 1;
+
+ if (!WaitForResponseTimeout(CMD_ACK,&resp,1000)) {
+ if (verbose) PrintAndLog("timeout while waiting for reply.");
+ return 0;
+ }
+ *datalen = resp.arg[0];
+ if (verbose) PrintAndLog("received %u octets", *datalen);
+ if(*datalen<2) return 0;
+
+ memcpy(data, resp.d.asBytes, *datalen);
+ if (verbose) PrintAndLog("%s", sprint_hex(data, *datalen));
+
+ uint8_t first, second;
+ ComputeCrc14443(CRC_14443_B, data, *datalen-2, &first, &second);
+ if(data[*datalen-2] == first && data[*datalen-1] == second) {
+ if (verbose) PrintAndLog("CRC OK");
+ *crc = true;
+ } else {
+ if (verbose) PrintAndLog("CRC failed");
+ *crc = false;
+ }
+ return 1;
+}
+
+int CmdHF14BCmdRaw (const char *Cmd) {
+ bool reply = true;
+ bool crc = false;
+ bool power = false;
+ char buf[5] = "";
+ uint8_t data[100] = {0x00};
+ uint8_t datalen = 0;
+ unsigned int temp;
+ int i = 0;
+ if (strlen(Cmd)<3) {
+ PrintAndLog("Usage: hf 14b raw [-r] [-c] [-p] <0A 0B 0C ... hex>");
+ PrintAndLog(" -r do not read response");
+ PrintAndLog(" -c calculate and append CRC");
+ PrintAndLog(" -p leave the field on after receive");
+ return 0;
+ }
+
+ // strip
+ while (*Cmd==' ' || *Cmd=='\t') Cmd++;
+
+ while (Cmd[i]!='\0') {
+ if (Cmd[i]==' ' || Cmd[i]=='\t') { i++; continue; }
+ if (Cmd[i]=='-') {
+ switch (Cmd[i+1]) {
+ case 'r':
+ case 'R':
+ reply = false;
+ break;
+ case 'c':
+ case 'C':
+ crc = true;
+ break;
+ case 'p':
+ case 'P':
+ power = true;
+ break;
+ default:
+ PrintAndLog("Invalid option");
+ return 0;
+ }
+ i+=2;
+ continue;
+ }
+ if ((Cmd[i]>='0' && Cmd[i]<='9') ||
+ (Cmd[i]>='a' && Cmd[i]<='f') ||
+ (Cmd[i]>='A' && Cmd[i]<='F') ) {
+ buf[strlen(buf)+1]=0;
+ buf[strlen(buf)]=Cmd[i];
+ i++;
+
+ if (strlen(buf)>=2) {
+ sscanf(buf,"%x",&temp);
+ data[datalen++]=(uint8_t)(temp & 0xff);
+ *buf=0;
+ }
+ continue;
+ }
+ PrintAndLog("Invalid char on input");
+ return 1;
+ }
+ if (datalen == 0)
+ {
+ PrintAndLog("Missing data input");
+ return 0;
+ }
+
+ return HF14BCmdRaw(reply, &crc, power, data, &datalen, true);
+}
+
+static void print_atqb_resp(uint8_t *data){
+ PrintAndLog (" UID: %s", sprint_hex(data+1,4));
+ PrintAndLog (" App Data: %s", sprint_hex(data+5,4));
+ PrintAndLog (" Protocol: %s", sprint_hex(data+9,3));
+ uint8_t BitRate = data[9];
+ if (!BitRate)
+ PrintAndLog (" Bit Rate: 106 kbit/s only PICC <-> PCD");
+ if (BitRate & 0x10)
+ PrintAndLog (" Bit Rate: 212 kbit/s PICC -> PCD supported");
+ if (BitRate & 0x20)
+ PrintAndLog (" Bit Rate: 424 kbit/s PICC -> PCD supported");
+ if (BitRate & 0x40)
+ PrintAndLog (" Bit Rate: 847 kbit/s PICC -> PCD supported");
+ if (BitRate & 0x01)
+ PrintAndLog (" Bit Rate: 212 kbit/s PICC <- PCD supported");
+ if (BitRate & 0x02)
+ PrintAndLog (" Bit Rate: 424 kbit/s PICC <- PCD supported");
+ if (BitRate & 0x04)
+ PrintAndLog (" Bit Rate: 847 kbit/s PICC <- PCD supported");
+ if (BitRate & 0x80)
+ PrintAndLog (" Same bit rate <-> required");
+
+ uint16_t maxFrame = data[10]>>4;
+ if (maxFrame < 5)
+ maxFrame = 8*maxFrame + 16;
+ else if (maxFrame == 5)
+ maxFrame = 64;
+ else if (maxFrame == 6)
+ maxFrame = 96;
+ else if (maxFrame == 7)
+ maxFrame = 128;
+ else if (maxFrame == 8)
+ maxFrame = 256;
+ else
+ maxFrame = 257;
+
+ PrintAndLog ("Max Frame Size: %d%s",maxFrame, (maxFrame == 257) ? "+ RFU" : "");
+
+ uint8_t protocolT = data[10] & 0xF;
+ PrintAndLog (" Protocol Type: Protocol is %scompliant with ISO/IEC 14443-4",(protocolT) ? "" : "not " );
+ PrintAndLog ("Frame Wait Int: %d", data[11]>>4);
+ PrintAndLog (" App Data Code: Application is %s",(data[11]&4) ? "Standard" : "Proprietary");
+ PrintAndLog (" Frame Options: NAD is %ssupported",(data[11]&2) ? "" : "not ");
+ PrintAndLog (" Frame Options: CID is %ssupported",(data[11]&1) ? "" : "not ");
+
+ return;
+}
+
+char *get_ST_Chip_Model(uint8_t data){
+ static char model[20];
+ char *retStr = model;
+ memset(model,0, sizeof(model));
+
+ switch (data) {
+ case 0x0: sprintf(retStr, "SRIX4K (Special)"); break;
+ case 0x2: sprintf(retStr, "SR176"); break;
+ case 0x3: sprintf(retStr, "SRIX4K"); break;
+ case 0x4: sprintf(retStr, "SRIX512"); break;
+ case 0x6: sprintf(retStr, "SRI512"); break;
+ case 0x7: sprintf(retStr, "SRI4K"); break;
+ case 0xC: sprintf(retStr, "SRT512"); break;
+ default : sprintf(retStr, "Unknown"); break;
+ }
+ return retStr;
+}
+
+static void print_st_info(uint8_t *data){
+ //uid = first 8 bytes in data
+ PrintAndLog(" UID: %s", sprint_hex(SwapEndian64(data,8,8),8));
+ PrintAndLog(" MFG: %02X, %s", data[6], getTagInfo(data[6]));
+ PrintAndLog("Chip: %02X, %s", data[5]>>2, get_ST_Chip_Model(data[5]>>2));
+ return;
+}
+
+int HF14BStdInfo(uint8_t *data, uint8_t *datalen){
+
+ //05 00 00 = find one tag in field
+ //1d xx xx xx xx 20 00 08 01 00 = attrib xx=crc
+ //a3 = ? (resp 03 e2 c2)
+ //02 = ? (resp 02 6a d3)
+ // 022b (resp 02 67 00 [29 5b])
+ // 0200a40400 (resp 02 67 00 [29 5b])
+ // 0200a4040c07a0000002480300 (resp 02 67 00 [29 5b])
+ // 0200a4040c07a0000002480200 (resp 02 67 00 [29 5b])
+ // 0200a4040006a0000000010100 (resp 02 6a 82 [4b 4c])
+ // 0200a4040c09d27600002545500200 (resp 02 67 00 [29 5b])
+ // 0200a404000cd2760001354b414e4d30310000 (resp 02 6a 82 [4b 4c])
+ // 0200a404000ca000000063504b43532d313500 (resp 02 6a 82 [4b 4c])
+ // 0200a4040010a000000018300301000000000000000000 (resp 02 6a 82 [4b 4c])
+ //03 = ? (resp 03 [e3 c2])
+ //c2 = ? (resp c2 [66 15])
+ //b2 = ? (resp a3 [e9 67])
+ bool crc = true;
+ *datalen = 3;
+ //std read cmd
+ data[0] = 0x05;
+ data[1] = 0x00;
+ data[2] = 0x00;
+
+ if (HF14BCmdRaw(true, &crc, false, data, datalen, false)==0) return 0;
+
+ if (data[0] != 0x50 || *datalen != 14 || !crc) return 0;
+
+ PrintAndLog ("\n14443-3b tag found:");
+ print_atqb_resp(data);
+
+ return 1;
}
-int CmdHF14BWrite( const char *Cmd){
+int HF14B_ST_Info(uint8_t *data, uint8_t *datalen){
+ bool crc = true;
+ *datalen = 2;
+ //wake cmd
+ data[0] = 0x06;
+ data[1] = 0x00;
+
+ //leave power on
+ // verbose on for now for testing - turn off when functional
+ if (HF14BCmdRaw(true, &crc, true, data, datalen, false)==0) return rawClose();
+
+ if (*datalen != 3 || !crc) return rawClose();
+
+ uint8_t chipID = data[0];
+ // select
+ data[0] = 0x0E;
+ data[1] = chipID;
+ *datalen = 2;
+
+ //leave power on
+ // verbose on for now for testing - turn off when functional
+ if (HF14BCmdRaw(true, &crc, true, data, datalen, false)==0) return rawClose();
+
+ if (*datalen != 3 || !crc || data[0] != chipID) return rawClose();
+
+ // get uid
+ data[0] = 0x0B;
+ *datalen = 1;
+
+ //power off
+ // verbose on for now for testing - turn off when functional
+ if (HF14BCmdRaw(true, &crc, true, data, datalen, false)==0) return 0;
+ rawClose();
+ if (*datalen != 10 || !crc) return 0;
+
+ PrintAndLog("\n14443-3b ST tag found:");
+ print_st_info(data);
+ return 1;
+}
+
+// test for other 14b type tags (mimic another reader - don't have tags to identify)
+int HF14B_Other_Info(uint8_t *data, uint8_t *datalen){
+ bool crc = true;
+ *datalen = 4;
+ //std read cmd
+ data[0] = 0x00;
+ data[1] = 0x0b;
+ data[2] = 0x3f;
+ data[3] = 0x80;
+
+ if (HF14BCmdRaw(true, &crc, false, data, datalen, false)!=0) {
+ if (*datalen > 2 || !crc) {
+ PrintAndLog ("\n14443-3b tag found:");
+ PrintAndLog ("Unknown tag type answered to a 0x000b3f80 command ans:");
+ PrintAndLog ("%s",sprint_hex(data,*datalen));
+ return 1;
+ }
+ }
+
+ crc = false;
+ *datalen = 1;
+ data[0] = 0x0a;
+
+ if (HF14BCmdRaw(true, &crc, false, data, datalen, false)!=0) {
+ if (*datalen > 0) {
+ PrintAndLog ("\n14443-3b tag found:");
+ PrintAndLog ("Unknown tag type answered to a 0x0A command ans:");
+ PrintAndLog ("%s",sprint_hex(data,*datalen));
+ return 1;
+ }
+ }
+
+ crc = false;
+ *datalen = 1;
+ data[0] = 0x0c;
+
+ if (HF14BCmdRaw(true, &crc, false, data, datalen, false)!=0) {
+ if (*datalen > 0) {
+ PrintAndLog ("\n14443-3b tag found:");
+ PrintAndLog ("Unknown tag type answered to a 0x0C command ans:");
+ PrintAndLog ("%s",sprint_hex(data,*datalen));
+ return 1;
+ }
+ }
+
+ return 0;
+
+}
+
+int HF14BInfo(bool verbose){
+ uint8_t data[100];
+ uint8_t datalen = 5;
+
+ // try std 14b (atqb)
+ if (HF14BStdInfo(data, &datalen)) return 1;
+
+ // try st 14b
+ if (HF14B_ST_Info(data, &datalen)) return 1;
+
+ // try unknown 14b read commands (to be identified later)
+ // could be read of calypso, CEPAS, moneo, or pico pass.
+ if (HF14B_Other_Info(data, &datalen)) return 1;
+
+ if (verbose) PrintAndLog("no 14443B tag found");
+ return 0;
+}
+
+int CmdHF14Binfo(const char *Cmd){
+ return HF14BInfo(true);
+}
+int CmdSriWrite( const char *Cmd){
/*
* For SRIX4K blocks 00 - 7F
* hf 14b raw -c -p 09 $srix4kwblock $srix4kwdata
static command_t CommandTable[] =
{
{"help", CmdHelp, 1, "This help"},
- {"demod", CmdHF14BDemod, 1, "Demodulate ISO14443 Type B from tag"},
+ {"info", CmdHF14Binfo, 0, "Find and print info about a 14b type tag (HF ISO 14443b)"},
{"list", CmdHF14BList, 0, "[Deprecated] List ISO 14443b history"},
- {"read", CmdHF14BRead, 0, "Read HF tag (ISO 14443)"},
- {"sim", CmdHF14Sim, 0, "Fake ISO 14443 tag"},
- {"simlisten", CmdHFSimlisten, 0, "Get HF samples as fake tag"},
- {"snoop", CmdHF14BSnoop, 0, "Eavesdrop ISO 14443"},
+ {"sim", CmdHF14BSim, 0, "Fake ISO 14443B tag"},
+ {"snoop", CmdHF14BSnoop, 0, "Eavesdrop ISO 14443B"},
{"sri512read", CmdSri512Read, 0, "Read contents of a SRI512 tag"},
{"srix4kread", CmdSrix4kRead, 0, "Read contents of a SRIX4K tag"},
+ {"sriwrite", CmdSriWrite, 0, "Write data to a SRI512 | SRIX4K tag"},
{"raw", CmdHF14BCmdRaw, 0, "Send raw hex data to tag"},
- {"write", CmdHF14BWrite, 0, "Write data to a SRI512 | SRIX4K tag"},
{NULL, NULL, 0, NULL}
};
#define CMDHF14B_H__
int CmdHF14B(const char *Cmd);
-
-int CmdHF14BDemod(const char *Cmd);
int CmdHF14BList(const char *Cmd);
-int CmdHF14BRead(const char *Cmd);
-int CmdHF14Sim(const char *Cmd);
-int CmdHFSimlisten(const char *Cmd);
+int CmdHF14BInfo(const char *Cmd);
+int CmdHF14BSim(const char *Cmd);
int CmdHF14BSnoop(const char *Cmd);
int CmdSri512Read(const char *Cmd);
int CmdSrix4kRead(const char *Cmd);
int CmdHF14BWrite( const char *cmd);
+int HF14BInfo(bool verbose);
#endif
return 0;
}
+int HF15Reader(const char *Cmd, bool verbose)
+{
+ uint8_t uid[8];
+
+ if (!getUID(uid)) {
+ if (verbose) PrintAndLog("No Tag found.");
+ return 0;
+ }
+
+ PrintAndLog("Tag UID : %s",sprintUID(NULL,uid));
+ PrintAndLog("Tag Info: %s",getTagInfo(uid));
+ return 1;
+}
+
int CmdHF15Reader(const char *Cmd)
{
UsbCommand c = {CMD_READER_ISO_15693, {strtol(Cmd, NULL, 0), 0, 0}};
// PrintAndLog("bn=%i",blocknum);
} else {
PrintAndLog("Tag returned Error %i: %s",recv[1],TagErrorStr(recv[1]));
- return 0;
+ return 1;
}
} // else PrintAndLog("crc");
} // else PrintAndLog("r null");
// PrintAndLog("CRC Failed");
// else
// PrintAndLog("Tag returned Error %i: %s",recv[1],TagErrorStr(recv[1]));
- return 0;
+ return 1;
}
int CmdHF15Demod(const char *Cmd);
int CmdHF15Read(const char *Cmd);
+int HF15Reader(const char *Cmd, bool verbose);
int CmdHF15Reader(const char *Cmd);
int CmdHF15Sim(const char *Cmd);
int CmdHF15Record(const char *Cmd);
//-----------------------------------------------------------------------------
#include "util.h"
-//#include "proxusb.h"
+
#include "proxmark3.h"
#include "ui.h"
#include "cmdparser.h"
unsigned int n = 0;
// delay between requests
unsigned int d = 0;
-
+
sscanf(Cmd, "%u %u %u", &m, &n, &d);
-
+
// values are expected to be > 0
m = m > 0 ? m : 1;
n = n > 0 ? n : 1;
UsbCommand c = {CMD_EPA_PACE_COLLECT_NONCE, {(int)m, 0, 0}};
SendCommand(&c);
UsbCommand resp;
-
+
WaitForResponse(CMD_ACK,&resp);
// check if command failed
return 1;
}
+////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+////////////////////////////////The commands lie below here/////////////////////////////////////////////////////////////////////////////////////////
+
+// perform the PACE protocol by replaying APDUs
+int CmdHFEPAPACEReplay(const char *Cmd)
+{
+ // the 4 APDUs which are replayed + their lengths
+ uint8_t msesa_apdu[41], gn_apdu[8], map_apdu[75];
+ uint8_t pka_apdu[75], ma_apdu[18], apdu_lengths[5] = {0};
+ // pointers to the arrays to be able to iterate
+ uint8_t *apdus[] = {msesa_apdu, gn_apdu, map_apdu, pka_apdu, ma_apdu};
+
+ // usage message
+ static const char const *usage_msg =
+ "Please specify 5 APDUs separated by spaces. "
+ "Example:\n preplay 0022C1A4 1068000000 1086000002 1234ABCDEF 1A2B3C4D";
+
+ // Proxmark response
+ UsbCommand resp;
+
+ int skip = 0, skip_add = 0, scan_return = 0;
+ // for each APDU
+ for (int i = 0; i < sizeof(apdu_lengths); i++) {
+ // scan to next space or end of string
+ while (Cmd[skip] != ' ' && Cmd[skip] != '\0') {
+ // convert
+ scan_return = sscanf(Cmd + skip, "%2X%n",
+ (unsigned int *) (apdus[i] + apdu_lengths[i]),
+ &skip_add);
+ if (scan_return < 1) {
+ PrintAndLog((char *)usage_msg);
+ PrintAndLog("Not enough APDUs! Try again!");
+ return 0;
+ }
+ skip += skip_add;
+ apdu_lengths[i]++;
+ }
+
+ // break on EOF
+ if (Cmd[skip] == '\0') {
+ if (i < sizeof(apdu_lengths) - 1) {
+
+ PrintAndLog((char *)usage_msg);
+ return 0;
+ }
+ break;
+ }
+ // skip the space
+ skip++;
+ }
+
+ // transfer the APDUs to the Proxmark
+ UsbCommand usb_cmd;
+ usb_cmd.cmd = CMD_EPA_PACE_REPLAY;
+ for (int i = 0; i < sizeof(apdu_lengths); i++) {
+ // APDU number
+ usb_cmd.arg[0] = i + 1;
+ // transfer the APDU in several parts if necessary
+ for (int j = 0; j * sizeof(usb_cmd.d.asBytes) < apdu_lengths[i]; j++) {
+ // offset into the APDU
+ usb_cmd.arg[1] = j * sizeof(usb_cmd.d.asBytes);
+ // amount of data in this packet
+ int packet_length = apdu_lengths[i] - (j * sizeof(usb_cmd.d.asBytes));
+ if (packet_length > sizeof(usb_cmd.d.asBytes)) {
+ packet_length = sizeof(usb_cmd.d.asBytes);
+ }
+ usb_cmd.arg[2] = packet_length;
+
+ memcpy(usb_cmd.d.asBytes, // + (j * sizeof(usb_cmd.d.asBytes)),
+ apdus[i] + (j * sizeof(usb_cmd.d.asBytes)),
+ packet_length);
+ SendCommand(&usb_cmd);
+ WaitForResponse(CMD_ACK, &resp);
+ if (resp.arg[0] != 0) {
+ PrintAndLog("Transfer of APDU #%d Part %d failed!", i, j);
+ return 0;
+ }
+ }
+ }
+
+ // now perform the replay
+ usb_cmd.arg[0] = 0;
+ SendCommand(&usb_cmd);
+ WaitForResponse(CMD_ACK, &resp);
+ if (resp.arg[0] != 0) {
+ PrintAndLog("\nPACE replay failed in step %u!", (uint32_t)resp.arg[0]);
+ PrintAndLog("Measured times:");
+ PrintAndLog("MSE Set AT: %u us", resp.d.asDwords[0]);
+ PrintAndLog("GA Get Nonce: %u us", resp.d.asDwords[1]);
+ PrintAndLog("GA Map Nonce: %u us", resp.d.asDwords[2]);
+ PrintAndLog("GA Perform Key Agreement: %u us", resp.d.asDwords[3]);
+ PrintAndLog("GA Mutual Authenticate: %u us", resp.d.asDwords[4]);
+ } else {
+ PrintAndLog("PACE replay successfull!");
+ PrintAndLog("MSE Set AT: %u us", resp.d.asDwords[0]);
+ PrintAndLog("GA Get Nonce: %u us", resp.d.asDwords[1]);
+ PrintAndLog("GA Map Nonce: %u us", resp.d.asDwords[2]);
+ PrintAndLog("GA Perform Key Agreement: %u us", resp.d.asDwords[3]);
+ PrintAndLog("GA Mutual Authenticate: %u us", resp.d.asDwords[4]);
+ }
+
+
+ return 1;
+}
+
+////////////////////////////////The new commands lie above here/////////////////////////////////////////////////////////////////////////////////////
+////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
+
// UI-related stuff
-static const command_t CommandTable[] =
+static const command_t CommandTable[] =
{
{"help", CmdHelp, 1, "This help"},
{"cnonces", CmdHFEPACollectPACENonces, 0,
"<m> <n> <d> Acquire n>0 encrypted PACE nonces of size m>0 with d sec pauses"},
+ {"preplay", CmdHFEPAPACEReplay, 0,
+ "<mse> <get> <map> <pka> <ma> Perform PACE protocol by replaying given APDUs"},
{NULL, NULL, 0, NULL}
};
// parse
CmdsParse(CommandTable, Cmd);
return 0;
-}
\ No newline at end of file
+}
return 0;
}
-int CmdHFiClassReader(const char *Cmd)
+int HFiClassReader(const char *Cmd, bool loop, bool verbose)
{
+ bool tagFound = false;
UsbCommand c = {CMD_READER_ICLASS, {FLAG_ICLASS_READER_CSN|
FLAG_ICLASS_READER_CONF|FLAG_ICLASS_READER_AA}};
+ if (!loop) c.arg[0] |= FLAG_ICLASS_READER_ONLY_ONCE | FLAG_ICLASS_READER_ONE_TRY;
SendCommand(&c);
UsbCommand resp;
while(!ukbhit()){
- if (WaitForResponseTimeout(CMD_ACK,&resp,4500)) {
- uint8_t readStatus = resp.arg[0] & 0xff;
- uint8_t * data = resp.d.asBytes;
+ if (WaitForResponseTimeout(CMD_ACK,&resp, 4500)) {
+ uint8_t readStatus = resp.arg[0] & 0xff;
+ uint8_t *data = resp.d.asBytes;
- PrintAndLog("Readstatus:%02x", readStatus);
+ if (verbose)
+ PrintAndLog("Readstatus:%02x", readStatus);
if( readStatus == 0){
//Aborted
- PrintAndLog("Quitting...");
+ if (verbose) PrintAndLog("Quitting...");
return 0;
}
- if( readStatus & FLAG_ICLASS_READER_CSN) PrintAndLog("CSN: %s",sprint_hex(data,8));
+ if( readStatus & FLAG_ICLASS_READER_CSN){
+ PrintAndLog("CSN: %s",sprint_hex(data,8));
+ tagFound = true;
+ }
if( readStatus & FLAG_ICLASS_READER_CC) PrintAndLog("CC: %s",sprint_hex(data+16,8));
if( readStatus & FLAG_ICLASS_READER_CONF){
printIclassDumpInfo(data);
}
+ if (tagFound && !loop) return 1;
} else {
- PrintAndLog("Command execute timeout");
+ if (verbose) PrintAndLog("Command execute timeout");
}
+ if (!loop) break;
}
-
return 0;
+
+}
+
+int CmdHFiClassReader(const char *Cmd)
+{
+ return HFiClassReader(Cmd, true, true);
}
int CmdHFiClassReader_Replay(const char *Cmd)
if(dataLength > 0)
{
PrintAndLog("Got %d bytes data (total so far %d)" ,dataLength,iclass_datalen);
- memcpy(iclass_data, resp.d.asBytes,dataLength);
+ memcpy(iclass_data+iclass_datalen, resp.d.asBytes,dataLength);
iclass_datalen += dataLength;
}else
{//Last transfer, datalength 0 means the dump is finished
int CmdHFiClassSnoop(const char *Cmd);
int CmdHFiClassSim(const char *Cmd);
int CmdHFiClassList(const char *Cmd);
+int HFiClassReader(const char *Cmd, bool loop, bool verbose);
int CmdHFiClassReader(const char *Cmd);
int CmdHFiClassReader_Replay(const char *Cmd);
uint32_t uid = 0;\r
uint32_t nt = 0, nr = 0;\r
uint64_t par_list = 0, ks_list = 0, r_key = 0;\r
- uint8_t isOK = 0;\r
+ int16_t isOK = 0;\r
uint8_t keyBlock[8] = {0};\r
\r
UsbCommand c = {CMD_READER_MIFARE, {true, 0, 0}};\r
// message\r
printf("-------------------------------------------------------------------------\n");\r
printf("Executing command. Expected execution time: 25sec on average :-)\n");\r
- printf("Press the key on the proxmark3 device to abort both proxmark3 and client.\n");\r
+ printf("Press button on the proxmark3 device to abort both proxmark3 and client.\n");\r
printf("-------------------------------------------------------------------------\n");\r
\r
\r
}\r
\r
UsbCommand resp;\r
- if (WaitForResponseTimeout(CMD_ACK,&resp,1000)) {\r
- isOK = resp.arg[0] & 0xff;\r
+ if (WaitForResponseTimeout(CMD_ACK, &resp, 1000)) {\r
+ isOK = resp.arg[0];\r
uid = (uint32_t)bytes_to_num(resp.d.asBytes + 0, 4);\r
nt = (uint32_t)bytes_to_num(resp.d.asBytes + 4, 4);\r
par_list = bytes_to_num(resp.d.asBytes + 8, 8);\r
ks_list = bytes_to_num(resp.d.asBytes + 16, 8);\r
nr = bytes_to_num(resp.d.asBytes + 24, 4);\r
printf("\n\n");\r
- if (!isOK) PrintAndLog("Proxmark can't get statistic info. Execution aborted.\n");\r
+ switch (isOK) {\r
+ case -1 : PrintAndLog("Button pressed. Aborted.\n"); break;\r
+ case -2 : PrintAndLog("Card is not vulnerable to Darkside attack (doesn't send NACK on authentication requests).\n"); break;\r
+ case -3 : PrintAndLog("Card is not vulnerable to Darkside attack (its random number generator is not predictable).\n"); break;\r
+ default: ;\r
+ }\r
break;\r
}\r
} \r
{\r
uint8_t sectorNo,blockNo;\r
uint8_t keyType = 0;\r
- uint8_t key[6] = {0xFF};\r
+ uint8_t key[6] = {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF};\r
uint8_t bldata[16] = {0x00};\r
uint8_t keyA[40][6];\r
uint8_t keyB[40][6];\r
uint8_t trgKeyType = 0;\r
uint8_t SectorsCnt = 0;\r
uint8_t key[6] = {0, 0, 0, 0, 0, 0};\r
- uint8_t keyBlock[13*6];\r
+ uint8_t keyBlock[14*6];\r
uint64_t key64 = 0;\r
bool transferToEml = false;\r
\r
\r
if (cmdp == 'o') {\r
PrintAndLog("--target block no:%3d, target key type:%c ", trgBlockNo, trgKeyType?'B':'A');\r
- if (mfnested(blockNo, keyType, key, trgBlockNo, trgKeyType, keyBlock, true)) {\r
- PrintAndLog("Nested error.");\r
+ int16_t isOK = mfnested(blockNo, keyType, key, trgBlockNo, trgKeyType, keyBlock, true);\r
+ if (isOK) {\r
+ switch (isOK) {\r
+ case -1 : PrintAndLog("Error: No response from Proxmark.\n"); break;\r
+ case -2 : PrintAndLog("Button pressed. Aborted.\n"); break;\r
+ case -3 : PrintAndLog("Tag isn't vulnerable to Nested Attack (random numbers are not predictable).\n"); break;\r
+ default : PrintAndLog("Unknown Error.\n");\r
+ }\r
return 2;\r
}\r
key64 = bytes_to_num(keyBlock, 6);\r
for (trgKeyType = 0; trgKeyType < 2; trgKeyType++) { \r
if (e_sector[sectorNo].foundKey[trgKeyType]) continue;\r
PrintAndLog("-----------------------------------------------");\r
- if(mfnested(blockNo, keyType, key, FirstBlockOfSector(sectorNo), trgKeyType, keyBlock, calibrate)) {\r
- PrintAndLog("Nested error.\n");\r
+ int16_t isOK = mfnested(blockNo, keyType, key, FirstBlockOfSector(sectorNo), trgKeyType, keyBlock, calibrate);\r
+ if(isOK) {\r
+ switch (isOK) {\r
+ case -1 : PrintAndLog("Error: No response from Proxmark.\n"); break;\r
+ case -2 : PrintAndLog("Button pressed. Aborted.\n"); break;\r
+ case -3 : PrintAndLog("Tag isn't vulnerable to Nested Attack (random numbers are not predictable).\n"); break;\r
+ default : PrintAndLog("Unknown Error.\n");\r
+ }\r
free(e_sector);\r
- return 2; }\r
- else {\r
+ return 2;\r
+ } else {\r
calibrate = false;\r
}\r
\r
\r
len = param_getstr(Cmd,nameParamNo,filename);\r
\r
- if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;\r
+ if (len > FILE_PATH_SIZE - 4) len = FILE_PATH_SIZE - 4;\r
\r
fnameptr += len;\r
\r
\r
len = param_getstr(Cmd,nameParamNo,filename);\r
\r
- if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;\r
+ if (len > FILE_PATH_SIZE - 4) len = FILE_PATH_SIZE - 4;\r
\r
// user supplied filename?\r
if (len < 1) {\r
// get filename (UID from memory)\r
if (mfEmlGetMem(buf, 0, 1)) {\r
PrintAndLog("Can\'t get UID from block: %d", 0);\r
- sprintf(filename, "dump.eml"); \r
+ len = sprintf(fnameptr, "dump");\r
+ fnameptr += len;\r
+ }\r
+ else {\r
+ for (j = 0; j < 7; j++, fnameptr += 2)\r
+ sprintf(fnameptr, "%02X", buf[j]);\r
}\r
- for (j = 0; j < 7; j++, fnameptr += 2)\r
- sprintf(fnameptr, "%02X", buf[j]); \r
} else {\r
fnameptr += len;\r
}\r
\r
int CmdHF14AMfCSetBlk(const char *Cmd)\r
{\r
- uint8_t uid[8] = {0x00};\r
uint8_t memBlock[16] = {0x00};\r
uint8_t blockNo = 0;\r
+ bool wipeCard = FALSE;\r
int res;\r
\r
if (strlen(Cmd) < 1 || param_getchar(Cmd, 0) == 'h') {\r
- PrintAndLog("Usage: hf mf csetblk <block number> <block data (32 hex symbols)>");\r
+ PrintAndLog("Usage: hf mf csetblk <block number> <block data (32 hex symbols)> [w]");\r
PrintAndLog("sample: hf mf csetblk 1 01020304050607080910111213141516");\r
- PrintAndLog("Set block data for magic Chinese card (only works with!!!)");\r
- PrintAndLog("If you want wipe card then add 'w' into command line. \n");\r
+ PrintAndLog("Set block data for magic Chinese card (only works with such cards)");\r
+ PrintAndLog("If you also want wipe the card then add 'w' at the end of the command line");\r
return 0;\r
} \r
\r
return 1;\r
}\r
\r
+ char ctmp = param_getchar(Cmd, 2);\r
+ wipeCard = (ctmp == 'w' || ctmp == 'W');\r
PrintAndLog("--block number:%2d data:%s", blockNo, sprint_hex(memBlock, 16));\r
\r
- res = mfCSetBlock(blockNo, memBlock, uid, 0, CSETBLOCK_SINGLE_OPER);\r
+ res = mfCSetBlock(blockNo, memBlock, NULL, wipeCard, CSETBLOCK_SINGLE_OPER);\r
if (res) {\r
- PrintAndLog("Can't write block. error=%d", res);\r
- return 1;\r
- }\r
- \r
+ PrintAndLog("Can't write block. error=%d", res);\r
+ return 1;\r
+ }\r
return 0;\r
}\r
\r
return 0;\r
} else {\r
len = strlen(Cmd);\r
- if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;\r
+ if (len > FILE_PATH_SIZE - 4) len = FILE_PATH_SIZE - 4;\r
\r
memcpy(filename, Cmd, len);\r
fnameptr += len;\r
memset(buf, 0, sizeof(buf));\r
\r
if (fgets(buf, sizeof(buf), f) == NULL) {\r
+ fclose(f);\r
PrintAndLog("File reading error.");\r
return 2;\r
}\r
if(strlen(buf) && feof(f))\r
break;\r
PrintAndLog("File content error. Block data must include 32 HEX symbols");\r
+ fclose(f);\r
return 2;\r
}\r
for (i = 0; i < 32; i += 2)\r
if (strlen(Cmd) < 1 || param_getchar(Cmd, 0) == 'h') {\r
PrintAndLog("Usage: hf mf cgetblk <block number>");\r
PrintAndLog("sample: hf mf cgetblk 1");\r
- PrintAndLog("Get block data from magic Chinese card (only works with!!!)\n");\r
+ PrintAndLog("Get block data from magic Chinese card (only works with such cards)\n");\r
return 0;\r
} \r
\r
if (strlen(Cmd) < 1 || param_getchar(Cmd, 0) == 'h') {\r
PrintAndLog("Usage: hf mf cgetsc <sector number>");\r
PrintAndLog("sample: hf mf cgetsc 0");\r
- PrintAndLog("Get sector data from magic Chinese card (only works with!!!)\n");\r
+ PrintAndLog("Get sector data from magic Chinese card (only works with such cards)\n");\r
return 0;\r
} \r
\r
return 0;\r
} else {\r
len = strlen(Cmd);\r
- if (len > FILE_PATH_SIZE) len = FILE_PATH_SIZE;\r
+ if (len > FILE_PATH_SIZE - 4) len = FILE_PATH_SIZE - 4;\r
\r
if (len < 1) {\r
// get filename\r
if (mfCGetBlock(0, buf, CSETBLOCK_SINGLE_OPER)) {\r
PrintAndLog("Cant get block: %d", 0);\r
- return 1;\r
+ len = sprintf(fnameptr, "dump");\r
+ fnameptr += len;\r
+ }\r
+ else {\r
+ for (j = 0; j < 7; j++, fnameptr += 2)\r
+ sprintf(fnameptr, "%02x", buf[j]); \r
}\r
- for (j = 0; j < 7; j++, fnameptr += 2)\r
- sprintf(fnameptr, "%02x", buf[j]); \r
} else {\r
memcpy(filename, Cmd, len);\r
fnameptr += len;\r
//-----------------------------------------------------------------------------
// High frequency MIFARE ULTRALIGHT (C) commands
//-----------------------------------------------------------------------------
-//#include <openssl/des.h>
#include "loclass/des.h"
#include "cmdhfmfu.h"
#include "cmdhfmf.h"
#include "cmdhf14a.h"
+#include "mifare.h"
+#include "util.h"
+#include "protocols.h"
+#include "data.h"
+
+#define MAX_UL_BLOCKS 0x0f
+#define MAX_ULC_BLOCKS 0x2b
+#define MAX_ULEV1a_BLOCKS 0x13
+#define MAX_ULEV1b_BLOCKS 0x28
+#define MAX_NTAG_203 0x29
+#define MAX_NTAG_210 0x13
+#define MAX_NTAG_212 0x28
+#define MAX_NTAG_213 0x2c
+#define MAX_NTAG_215 0x86
+#define MAX_NTAG_216 0xe6
+#define MAX_MY_D_NFC 0xff
+#define MAX_MY_D_MOVE 0x25
+#define MAX_MY_D_MOVE_LEAN 0x0f
+
+#define KEYS_3DES_COUNT 7
+uint8_t default_3des_keys[KEYS_3DES_COUNT][16] = {
+ { 0x42,0x52,0x45,0x41,0x4b,0x4d,0x45,0x49,0x46,0x59,0x4f,0x55,0x43,0x41,0x4e,0x21 },// 3des std key
+ { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },// all zeroes
+ { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f },// 0x00-0x0F
+ { 0x49,0x45,0x4D,0x4B,0x41,0x45,0x52,0x42,0x21,0x4E,0x41,0x43,0x55,0x4F,0x59,0x46 },// NFC-key
+ { 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01 },// all ones
+ { 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF },// all FF
+ { 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,0x99,0xAA,0xBB,0xCC,0xDD,0xEE,0xFF } // 11 22 33
+};
+
+#define KEYS_PWD_COUNT 10
+uint8_t default_pwd_pack[KEYS_PWD_COUNT][4] = {
+ {0xFF,0xFF,0xFF,0xFF}, // PACK 0x00,0x00 -- factory default
+
+ {0x4A,0xF8,0x4B,0x19}, // PACK 0xE5,0xBE -- italian bus (sniffed)
+ {0x33,0x6B,0xA1,0x19}, // PACK 0x9c,0x2d -- italian bus (sniffed)
+ {0xFF,0x90,0x6C,0xB2}, // PACK 0x12,0x9e -- italian bus (sniffed)
+ {0x46,0x1c,0xA3,0x19}, // PACK 0xE9,0x5A -- italian bus (sniffed)
+ {0x35,0x1C,0xD0,0x19}, // PACK 0x9A,0x5a -- italian bus (sniffed)
+ {0x05,0x22,0xE6,0xB4}, // PACK 0x80,0x80 -- Amiiboo (sniffed) pikachu-b UID:
+ {0x7E,0x22,0xE6,0xB4}, // PACK 0x80,0x80 -- AMiiboo (sniffed)
+ {0x02,0xE1,0xEE,0x36}, // PACK 0x80,0x80 -- AMiiboo (sniffed) sonic UID: 04d257 7ae33e8027
+ {0x32,0x0C,0x16,0x17}, // PACK 0x80,0x80 -- AMiiboo (sniffed)
+};
+
+#define MAX_UL_TYPES 18
+uint32_t UL_TYPES_ARRAY[MAX_UL_TYPES] = {UNKNOWN, UL, UL_C, UL_EV1_48, UL_EV1_128, NTAG, NTAG_203,
+ NTAG_210, NTAG_212, NTAG_213, NTAG_215, NTAG_216, MY_D, MY_D_NFC, MY_D_MOVE, MY_D_MOVE_NFC, MY_D_MOVE_LEAN, FUDAN_UL};
-#define MAX_ULTRA_BLOCKS 0x0f
-#define MAX_ULTRAC_BLOCKS 0x2f
-//#define MAX_ULTRAC_BLOCKS 0x2c
+uint8_t UL_MEMORY_ARRAY[MAX_UL_TYPES] = {MAX_UL_BLOCKS, MAX_UL_BLOCKS, MAX_ULC_BLOCKS, MAX_ULEV1a_BLOCKS,
+ MAX_ULEV1b_BLOCKS, MAX_NTAG_203, MAX_NTAG_203, MAX_NTAG_210, MAX_NTAG_212, MAX_NTAG_213,
+ MAX_NTAG_215, MAX_NTAG_216, MAX_UL_BLOCKS, MAX_MY_D_NFC, MAX_MY_D_MOVE, MAX_MY_D_MOVE, MAX_MY_D_MOVE_LEAN, MAX_UL_BLOCKS};
static int CmdHelp(const char *Cmd);
-int CmdHF14AMfUInfo(const char *Cmd){
+// get version nxp product type
+char *getProductTypeStr( uint8_t id){
+
+ static char buf[20];
+ char *retStr = buf;
+
+ switch(id) {
+ case 3: sprintf(retStr, "%02X, Ultralight", id); break;
+ case 4: sprintf(retStr, "%02X, NTAG", id); break;
+ default: sprintf(retStr, "%02X, unknown", id); break;
+ }
+ return buf;
+}
+
+/*
+ The 7 MSBits (=n) code the storage size itself based on 2^n,
+ the LSBit is set to '0' if the size is exactly 2^n
+ and set to '1' if the storage size is between 2^n and 2^(n+1).
+*/
+char *getUlev1CardSizeStr( uint8_t fsize ){
+
+ static char buf[40];
+ char *retStr = buf;
+ memset(buf, 0, sizeof(buf));
+
+ uint16_t usize = 1 << ((fsize >>1) + 1);
+ uint16_t lsize = 1 << (fsize >>1);
+
+ // is LSB set?
+ if ( fsize & 1 )
+ sprintf(retStr, "%02X, (%u <-> %u bytes)",fsize, usize, lsize);
+ else
+ sprintf(retStr, "%02X, (%u bytes)", fsize, lsize);
+ return buf;
+}
+
+static void ul_switch_on_field(void) {
+ UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_CONNECT | ISO14A_NO_DISCONNECT, 0, 0}};
+ clearCommandBuffer();
+ SendCommand(&c);
+}
+
+void ul_switch_off_field(void) {
+ UsbCommand c = {CMD_READER_ISO_14443a, {0, 0, 0}};
+ clearCommandBuffer();
+ SendCommand(&c);
+}
+
+static int ul_send_cmd_raw( uint8_t *cmd, uint8_t cmdlen, uint8_t *response, uint16_t responseLength ) {
+ UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT | ISO14A_APPEND_CRC, cmdlen, 0}};
+ memcpy(c.d.asBytes, cmd, cmdlen);
+ clearCommandBuffer();
+ SendCommand(&c);
+ UsbCommand resp;
+ if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) return -1;
+ if (!resp.arg[0] && responseLength) return -1;
+
+ uint16_t resplen = (resp.arg[0] < responseLength) ? resp.arg[0] : responseLength;
+ memcpy(response, resp.d.asBytes, resplen);
+ return resplen;
+}
+/*
+static int ul_send_cmd_raw_crc( uint8_t *cmd, uint8_t cmdlen, uint8_t *response, uint16_t responseLength, bool append_crc ) {
+ UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT , cmdlen, 0}};
+ if (append_crc)
+ c.arg[0] |= ISO14A_APPEND_CRC;
+
+ memcpy(c.d.asBytes, cmd, cmdlen);
+ clearCommandBuffer();
+ SendCommand(&c);
+ UsbCommand resp;
+ if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) return -1;
+ if (!resp.arg[0] && responseLength) return -1;
+
+ uint16_t resplen = (resp.arg[0] < responseLength) ? resp.arg[0] : responseLength;
+ memcpy(response, resp.d.asBytes, resplen);
+ return resplen;
+}
+*/
+static int ul_select( iso14a_card_select_t *card ){
+
+ ul_switch_on_field();
+
+ UsbCommand resp;
+ bool ans = false;
+ ans = WaitForResponseTimeout(CMD_ACK, &resp, 1500);
+ if (!ans || resp.arg[0] < 1) {
+ PrintAndLog("iso14443a card select failed");
+ ul_switch_off_field();
+ return 0;
+ }
+
+ memcpy(card, resp.d.asBytes, sizeof(iso14a_card_select_t));
+ return 1;
+}
+
+// This read command will at least return 16bytes.
+static int ul_read( uint8_t page, uint8_t *response, uint16_t responseLength ){
+
+ uint8_t cmd[] = {ISO14443A_CMD_READBLOCK, page};
+ int len = ul_send_cmd_raw(cmd, sizeof(cmd), response, responseLength);
+ return len;
+}
+
+static int ul_comp_write( uint8_t page, uint8_t *data, uint8_t datalen ){
- uint8_t datatemp[7] = {0x00};
- uint8_t isOK = 0;
- uint8_t *data = NULL;
+ uint8_t cmd[18];
+ memset(cmd, 0x00, sizeof(cmd));
+ datalen = ( datalen > 16) ? 16 : datalen;
- UsbCommand c = {CMD_MIFAREU_READCARD, {0, 4}};
+ cmd[0] = ISO14443A_CMD_WRITEBLOCK;
+ cmd[1] = page;
+ memcpy(cmd+2, data, datalen);
+
+ uint8_t response[1] = {0xff};
+ ul_send_cmd_raw(cmd, 2+datalen, response, sizeof(response));
+ // ACK
+ if ( response[0] == 0x0a ) return 0;
+ // NACK
+ return -1;
+}
+
+static int ulc_requestAuthentication( uint8_t *nonce, uint16_t nonceLength ){
+
+ uint8_t cmd[] = {MIFARE_ULC_AUTH_1, 0x00};
+ int len = ul_send_cmd_raw(cmd, sizeof(cmd), nonce, nonceLength);
+ return len;
+}
+
+static int ulc_authentication( uint8_t *key, bool switch_off_field ){
+
+ UsbCommand c = {CMD_MIFAREUC_AUTH, {switch_off_field}};
+ memcpy(c.d.asBytes, key, 16);
+ clearCommandBuffer();
SendCommand(&c);
UsbCommand resp;
+ if ( !WaitForResponseTimeout(CMD_ACK, &resp, 1500) ) return 0;
+ if ( resp.arg[0] == 1 ) return 1;
- if (WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {
- isOK = resp.arg[0] & 0xff;
- data = resp.d.asBytes;
+ return 0;
+}
- if (!isOK) {
- PrintAndLog("Error reading from tag");
- return -1;
+static int ulev1_requestAuthentication( uint8_t *pwd, uint8_t *pack, uint16_t packLength ){
+
+ uint8_t cmd[] = {MIFARE_ULEV1_AUTH, pwd[0], pwd[1], pwd[2], pwd[3]};
+ int len = ul_send_cmd_raw(cmd, sizeof(cmd), pack, packLength);
+ return len;
+}
+
+static int ul_auth_select( iso14a_card_select_t *card, TagTypeUL_t tagtype, bool hasAuthKey, uint8_t *authenticationkey, uint8_t *pack, uint8_t packSize){
+ if ( hasAuthKey && (tagtype & UL_C)) {
+ //will select card automatically and close connection on error
+ if (!ulc_authentication(authenticationkey, false)) {
+ PrintAndLog("Error: Authentication Failed UL-C");
+ return 0;
}
} else {
- PrintAndLog("Command execute timed out");
- return -1;
+ if ( !ul_select(card) ) return 0;
+
+ if (hasAuthKey) {
+ if (ulev1_requestAuthentication(authenticationkey, pack, packSize) < 1) {
+ ul_switch_off_field();
+ PrintAndLog("Error: Authentication Failed UL-EV1/NTAG");
+ return 0;
+ }
+ }
}
-
- PrintAndLog("");
- PrintAndLog("-- Mifare Ultralight / Ultralight-C Tag Information ---------");
- PrintAndLog("-------------------------------------------------------------");
+ return 1;
+}
- // UID
- memcpy( datatemp, data, 3);
- memcpy( datatemp+3, data+4, 4);
+static int ulev1_getVersion( uint8_t *response, uint16_t responseLength ){
+
+ uint8_t cmd[] = {MIFARE_ULEV1_VERSION};
+ int len = ul_send_cmd_raw(cmd, sizeof(cmd), response, responseLength);
+ return len;
+}
+
+// static int ulev1_fastRead( uint8_t startblock, uint8_t endblock, uint8_t *response ){
+
+ // uint8_t cmd[] = {MIFARE_ULEV1_FASTREAD, startblock, endblock};
- PrintAndLog("MANUFACTURER : %s", getTagInfo(datatemp[0]));
- PrintAndLog(" UID : %s ", sprint_hex(datatemp, 7));
- // BBC
+ // if ( !ul_send_cmd_raw(cmd, sizeof(cmd), response)){
+ // return -1;
+ // }
+ // return 0;
+// }
+
+static int ulev1_readCounter( uint8_t counter, uint8_t *response, uint16_t responseLength ){
+
+ uint8_t cmd[] = {MIFARE_ULEV1_READ_CNT, counter};
+ int len = ul_send_cmd_raw(cmd, sizeof(cmd), response, responseLength);
+ return len;
+}
+
+static int ulev1_readTearing( uint8_t counter, uint8_t *response, uint16_t responseLength ){
+
+ uint8_t cmd[] = {MIFARE_ULEV1_CHECKTEAR, counter};
+ int len = ul_send_cmd_raw(cmd, sizeof(cmd), response, responseLength);
+ return len;
+}
+
+static int ulev1_readSignature( uint8_t *response, uint16_t responseLength ){
+
+ uint8_t cmd[] = {MIFARE_ULEV1_READSIG, 0x00};
+ int len = ul_send_cmd_raw(cmd, sizeof(cmd), response, responseLength);
+ return len;
+}
+
+
+// Fudan check checks for which error is given for a command with incorrect crc
+// NXP UL chip responds with 01, fudan 00.
+// other possible checks:
+// send a0 + crc
+// UL responds with 00, fudan doesn't respond
+// or
+// send a200 + crc
+// UL doesn't respond, fudan responds with 00
+// or
+// send 300000 + crc (read with extra byte(s))
+// UL responds with read of page 0, fudan doesn't respond.
+//
+// make sure field is off before calling this function
+static int ul_fudan_check( void ){
+ iso14a_card_select_t card;
+ if ( !ul_select(&card) )
+ return UL_ERROR;
+
+ UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT, 4, 0}};
+
+ uint8_t cmd[4] = {0x30,0x00,0x02,0xa7}; //wrong crc on purpose should be 0xa8
+ memcpy(c.d.asBytes, cmd, 4);
+ clearCommandBuffer();
+ SendCommand(&c);
+ UsbCommand resp;
+ if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) return UL_ERROR;
+ if (resp.arg[0] != 1) return UL_ERROR;
+
+ return (!resp.d.asBytes[0]) ? FUDAN_UL : UL; //if response == 0x00 then Fudan, else Genuine NXP
+}
+
+static int ul_print_default( uint8_t *data){
+
+ uint8_t uid[7];
+ uid[0] = data[0];
+ uid[1] = data[1];
+ uid[2] = data[2];
+ uid[3] = data[4];
+ uid[4] = data[5];
+ uid[5] = data[6];
+ uid[6] = data[7];
+
+ PrintAndLog(" UID : %s ", sprint_hex(uid, 7));
+ PrintAndLog(" UID[0] : %02X, %s", uid[0], getTagInfo(uid[0]) );
+ if ( uid[0] == 0x05 && ((uid[1] & 0xf0) >> 4) == 2 ) { // is infineon and 66RxxP
+ uint8_t chip = (data[8] & 0xC7); // 11000111 mask, bit 3,4,5 RFU
+ switch (chip){
+ case 0xc2: PrintAndLog(" IC type : SLE 66R04P 770 Bytes"); break; //77 pages
+ case 0xc4: PrintAndLog(" IC type : SLE 66R16P 2560 Bytes"); break; //256 pages
+ case 0xc6: PrintAndLog(" IC type : SLE 66R32P 5120 Bytes"); break; //512 pages /2 sectors
+ }
+ }
// CT (cascade tag byte) 0x88 xor SN0 xor SN1 xor SN2
int crc0 = 0x88 ^ data[0] ^ data[1] ^data[2];
if ( data[3] == crc0 )
- PrintAndLog(" BCC0 : %02x - Ok", data[3]);
+ PrintAndLog(" BCC0 : %02X, Ok", data[3]);
else
- PrintAndLog(" BCC0 : %02x - crc should be %02x", data[3], crc0);
-
+ PrintAndLog(" BCC0 : %02X, crc should be %02X", data[3], crc0);
+
int crc1 = data[4] ^ data[5] ^ data[6] ^data[7];
if ( data[8] == crc1 )
- PrintAndLog(" BCC1 : %02x - Ok", data[8]);
+ PrintAndLog(" BCC1 : %02X, Ok", data[8]);
else
- PrintAndLog(" BCC1 : %02x - crc should be %02x", data[8], crc1 );
-
- PrintAndLog(" Internal : %s ", sprint_hex(data + 9, 1));
-
- memcpy(datatemp, data+10, 2);
- PrintAndLog(" Lock : %s - %s", sprint_hex(datatemp, 2),printBits( 2, &datatemp) );
- PrintAndLog(" OneTimePad : %s ", sprint_hex(data + 3*4, 4));
- PrintAndLog("");
+ PrintAndLog(" BCC1 : %02X, crc should be %02X", data[8], crc1 );
+
+ PrintAndLog(" Internal : %02X, %sdefault", data[9], (data[9]==0x48)?"":"not " );
+
+ PrintAndLog(" Lock : %s - %s",
+ sprint_hex(data+10, 2),
+ printBits(2, data+10)
+ );
+
+ PrintAndLog("OneTimePad : %s - %s\n",
+ sprint_hex(data + 12, 4),
+ printBits(4, data+12)
+ );
- int len = CmdHF14AMfucAuth("K 0");
-// PrintAndLog("CODE: %d",len);
-
- PrintAndLog("Seems to be a Ultralight %s", (len==0) ? "-C" :"");
return 0;
}
-//
-// Mifare Ultralight Write Single Block
-//
-int CmdHF14AMfUWrBl(const char *Cmd){
- uint8_t blockNo = -1;
- bool chinese_card = FALSE;
- uint8_t bldata[16] = {0x00};
- UsbCommand resp;
+static int ndef_print_CC(uint8_t *data) {
+ // no NDEF message
+ if(data[0] != 0xe1)
+ return -1;
- char cmdp = param_getchar(Cmd, 0);
- if (strlen(Cmd) < 3 || cmdp == 'h' || cmdp == 'H') {
- PrintAndLog("Usage: hf mfu wrbl <block number> <block data (8 hex symbols)> [w]");
- PrintAndLog(" [block number]");
- PrintAndLog(" [block data] - (8 hex symbols)");
- PrintAndLog(" [w] - Chinese magic ultralight tag");
- PrintAndLog("");
- PrintAndLog(" sample: hf mfu wrbl 0 01020304");
- PrintAndLog("");
- return 0;
- }
-
- blockNo = param_get8(Cmd, 0);
+ PrintAndLog("--- NDEF Message");
+ PrintAndLog("Capability Container: %s", sprint_hex(data,4) );
+ PrintAndLog(" %02X : NDEF Magic Number", data[0]);
+ PrintAndLog(" %02X : version %d.%d supported by tag", data[1], (data[1] & 0xF0) >> 4, data[1] & 0x0f);
+ PrintAndLog(" %02X : Physical Memory Size: %d bytes", data[2], (data[2] + 1) * 8);
+ if ( data[2] == 0x12 )
+ PrintAndLog(" %02X : NDEF Memory Size: %d bytes", data[2], 144);
+ else if ( data[2] == 0x3e )
+ PrintAndLog(" %02X : NDEF Memory Size: %d bytes", data[2], 496);
+ else if ( data[2] == 0x6d )
+ PrintAndLog(" %02X : NDEF Memory Size: %d bytes", data[2], 872);
+
+ PrintAndLog(" %02X : %s / %s", data[3],
+ (data[3] & 0xF0) ? "(RFU)" : "Read access granted without any security",
+ (data[3] & 0x0F)==0 ? "Write access granted without any security" : (data[3] & 0x0F)==0x0F ? "No write access granted at all" : "(RFU)");
+ return 0;
+}
- if (blockNo > MAX_ULTRA_BLOCKS){
- PrintAndLog("Error: Maximum number of blocks is 15 for Ultralight Cards!");
- return 1;
+int ul_print_type(uint32_t tagtype, uint8_t spaces){
+ char spc[11] = " ";
+ spc[10]=0x00;
+ char *spacer = spc + (10-spaces);
+
+ if ( tagtype & UL )
+ PrintAndLog("%sTYPE : MIFARE Ultralight (MF0ICU1) %s", spacer, (tagtype & MAGIC) ? "<magic>" : "" );
+ else if ( tagtype & UL_C)
+ PrintAndLog("%sTYPE : MIFARE Ultralight C (MF0ULC) %s", spacer, (tagtype & MAGIC) ? "<magic>" : "" );
+ else if ( tagtype & UL_EV1_48)
+ PrintAndLog("%sTYPE : MIFARE Ultralight EV1 48bytes (MF0UL1101)", spacer);
+ else if ( tagtype & UL_EV1_128)
+ PrintAndLog("%sTYPE : MIFARE Ultralight EV1 128bytes (MF0UL2101)", spacer);
+ else if ( tagtype & NTAG )
+ PrintAndLog("%sTYPE : NTAG UNKNOWN", spacer);
+ else if ( tagtype & NTAG_203 )
+ PrintAndLog("%sTYPE : NTAG 203 144bytes (NT2H0301F0DT)", spacer);
+ else if ( tagtype & NTAG_210 )
+ PrintAndLog("%sTYPE : NTAG 210 48bytes (NT2L1011G0DU)", spacer);
+ else if ( tagtype & NTAG_212 )
+ PrintAndLog("%sTYPE : NTAG 212 128bytes (NT2L1211G0DU)", spacer);
+ else if ( tagtype & NTAG_213 )
+ PrintAndLog("%sTYPE : NTAG 213 144bytes (NT2H1311G0DU)", spacer);
+ else if ( tagtype & NTAG_215 )
+ PrintAndLog("%sTYPE : NTAG 215 504bytes (NT2H1511G0DU)", spacer);
+ else if ( tagtype & NTAG_216 )
+ PrintAndLog("%sTYPE : NTAG 216 888bytes (NT2H1611G0DU)", spacer);
+ else if ( tagtype & NTAG_I2C_1K )
+ PrintAndLog("%sTYPE : NTAG I%sC 888bytes (NT3H1101FHK)", spacer, "\xFD");
+ else if ( tagtype & NTAG_I2C_2K )
+ PrintAndLog("%sTYPE : NTAG I%sC 1904bytes (NT3H1201FHK)", spacer, "\xFD");
+ else if ( tagtype & MY_D )
+ PrintAndLog("%sTYPE : INFINEON my-d\x99 (SLE 66RxxS)", spacer);
+ else if ( tagtype & MY_D_NFC )
+ PrintAndLog("%sTYPE : INFINEON my-d\x99 NFC (SLE 66RxxP)", spacer);
+ else if ( tagtype & MY_D_MOVE )
+ PrintAndLog("%sTYPE : INFINEON my-d\x99 move (SLE 66R01P)", spacer);
+ else if ( tagtype & MY_D_MOVE_NFC )
+ PrintAndLog("%sTYPE : INFINEON my-d\x99 move NFC (SLE 66R01P)", spacer);
+ else if ( tagtype & MY_D_MOVE_LEAN )
+ PrintAndLog("%sTYPE : INFINEON my-d\x99 move lean (SLE 66R01L)", spacer);
+ else if ( tagtype & FUDAN_UL )
+ PrintAndLog("%sTYPE : FUDAN Ultralight Compatible (or other compatible) %s", spacer, (tagtype & MAGIC) ? "<magic>" : "" );
+ else
+ PrintAndLog("%sTYPE : Unknown %06x", spacer, tagtype);
+ return 0;
+}
+
+static int ulc_print_3deskey( uint8_t *data){
+ PrintAndLog(" deskey1 [44/0x2C] : %s [%.4s]", sprint_hex(data ,4),data);
+ PrintAndLog(" deskey1 [45/0x2D] : %s [%.4s]", sprint_hex(data+4 ,4),data+4);
+ PrintAndLog(" deskey2 [46/0x2E] : %s [%.4s]", sprint_hex(data+8 ,4),data+8);
+ PrintAndLog(" deskey2 [47/0x2F] : %s [%.4s]", sprint_hex(data+12,4),data+12);
+ PrintAndLog("\n 3des key : %s", sprint_hex(SwapEndian64(data, 16, 8), 16));
+ return 0;
+}
+
+static int ulc_print_configuration( uint8_t *data){
+
+ PrintAndLog("--- UL-C Configuration");
+ PrintAndLog(" Higher Lockbits [40/0x28] : %s - %s", sprint_hex(data, 4), printBits(2, data));
+ PrintAndLog(" Counter [41/0x29] : %s - %s", sprint_hex(data+4, 4), printBits(2, data+4));
+
+ bool validAuth = (data[8] >= 0x03 && data[8] <= 0x30);
+ if ( validAuth )
+ PrintAndLog(" Auth0 [42/0x2A] : %s page %d/0x%02X and above need authentication", sprint_hex(data+8, 4), data[8],data[8] );
+ else{
+ if ( data[8] == 0){
+ PrintAndLog(" Auth0 [42/0x2A] : %s default", sprint_hex(data+8, 4) );
+ } else {
+ PrintAndLog(" Auth0 [42/0x2A] : %s auth byte is out-of-range", sprint_hex(data+8, 4) );
+ }
}
-
- if (param_gethex(Cmd, 1, bldata, 8)) {
- PrintAndLog("Block data must include 8 HEX symbols");
- return 1;
+ PrintAndLog(" Auth1 [43/0x2B] : %s %s",
+ sprint_hex(data+12, 4),
+ (data[12] & 1) ? "write access restricted": "read and write access restricted"
+ );
+ return 0;
+}
+
+static int ulev1_print_configuration( uint8_t *data, uint8_t startPage){
+
+ PrintAndLog("\n--- Tag Configuration");
+
+ bool strg_mod_en = (data[0] & 2);
+ uint8_t authlim = (data[4] & 0x07);
+ bool cfglck = (data[4] & 0x40);
+ bool prot = (data[4] & 0x80);
+ uint8_t vctid = data[5];
+
+ PrintAndLog(" cfg0 [%u/0x%02X] : %s", startPage, startPage, sprint_hex(data, 4));
+ if ( data[3] < 0xff )
+ PrintAndLog(" - page %d and above need authentication",data[3]);
+ else
+ PrintAndLog(" - pages don't need authentication");
+ PrintAndLog(" - strong modulation mode %s", (strg_mod_en) ? "enabled":"disabled");
+ PrintAndLog(" cfg1 [%u/0x%02X] : %s", startPage + 1, startPage + 1, sprint_hex(data+4, 4) );
+ if ( authlim == 0)
+ PrintAndLog(" - Unlimited password attempts");
+ else
+ PrintAndLog(" - Max number of password attempts is %d", authlim);
+ PrintAndLog(" - user configuration %s", cfglck ? "permanently locked":"writeable");
+ PrintAndLog(" - %s access is protected with password", prot ? "read and write":"write");
+ PrintAndLog(" - %02X, Virtual Card Type Identifier is %s default", vctid, (vctid==0x05)? "":"not");
+ PrintAndLog(" PWD [%u/0x%02X] : %s- (cannot be read)", startPage + 2, startPage + 2, sprint_hex(data+8, 4));
+ PrintAndLog(" PACK [%u/0x%02X] : %s - (cannot be read)", startPage + 3, startPage + 3, sprint_hex(data+12, 2));
+ PrintAndLog(" RFU [%u/0x%02X] : %s- (cannot be read)", startPage + 3, startPage + 3, sprint_hex(data+12, 2));
+ return 0;
+}
+
+static int ulev1_print_counters(){
+ PrintAndLog("--- Tag Counters");
+ uint8_t tear[1] = {0};
+ uint8_t counter[3] = {0,0,0};
+ uint16_t len = 0;
+ for ( uint8_t i = 0; i<3; ++i) {
+ ulev1_readTearing(i,tear,sizeof(tear));
+ len = ulev1_readCounter(i,counter, sizeof(counter) );
+ if (len == 3) {
+ PrintAndLog(" [%0d] : %s", i, sprint_hex(counter,3));
+ PrintAndLog(" - %02X tearing %s", tear[0], ( tear[0]==0xBD)?"Ok":"failure");
+ }
}
-
- if (strchr(Cmd,'w') != 0 || strchr(Cmd,'W') != 0 ) {
- chinese_card = TRUE;
+ return len;
+}
+
+static int ulev1_print_signature( uint8_t *data, uint8_t len){
+ PrintAndLog("\n--- Tag Signature");
+ //PrintAndLog("IC signature public key name : NXP NTAG21x 2013"); // don't know if there is other NXP public keys.. :(
+ PrintAndLog("IC signature public key value : 04494e1a386d3d3cfe3dc10e5de68a499b1c202db5b132393e89ed19fe5be8bc61");
+ PrintAndLog(" Elliptic curve parameters : secp128r1");
+ PrintAndLog(" Tag ECC Signature : %s", sprint_hex(data, len));
+ //to do: verify if signature is valid
+ //PrintAndLog("IC signature status: %s valid", (iseccvalid() )?"":"not");
+ return 0;
+}
+
+static int ulev1_print_version(uint8_t *data){
+ PrintAndLog("\n--- Tag Version");
+ PrintAndLog(" Raw bytes : %s",sprint_hex(data, 8) );
+ PrintAndLog(" Vendor ID : %02X, %s", data[1], getTagInfo(data[1]));
+ PrintAndLog(" Product type : %s", getProductTypeStr(data[2]));
+ PrintAndLog(" Product subtype : %02X, %s", data[3], (data[3]==1) ?"17 pF":"50pF");
+ PrintAndLog(" Major version : %02X", data[4]);
+ PrintAndLog(" Minor version : %02X", data[5]);
+ PrintAndLog(" Size : %s", getUlev1CardSizeStr(data[6]));
+ PrintAndLog(" Protocol type : %02X", data[7]);
+ return 0;
+}
+
+/*
+static int ulc_magic_test(){
+ // Magic Ultralight test
+ // Magic UL-C, by observation,
+ // 1) it seems to have a static nonce response to 0x1A command.
+ // 2) the deskey bytes is not-zero:d out on as datasheet states.
+ // 3) UID - changeable, not only, but pages 0-1-2-3.
+ // 4) use the ul_magic_test ! magic tags answers specially!
+ int returnValue = UL_ERROR;
+ iso14a_card_select_t card;
+ uint8_t nonce1[11] = {0x00};
+ uint8_t nonce2[11] = {0x00};
+ int status = ul_select(&card);
+ if ( !status ){
+ return UL_ERROR;
}
-
- if ( blockNo <= 3) {
- if (!chinese_card){
- PrintAndLog("Access Denied");
- } else {
- PrintAndLog("--specialblock no:%02x", blockNo);
- PrintAndLog("--data: %s", sprint_hex(bldata, 4));
- UsbCommand d = {CMD_MIFAREU_WRITEBL, {blockNo}};
- memcpy(d.d.asBytes,bldata, 4);
- SendCommand(&d);
- if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
- uint8_t isOK = resp.arg[0] & 0xff;
- PrintAndLog("isOk:%02x", isOK);
+ status = ulc_requestAuthentication(nonce1, sizeof(nonce1));
+ if ( status > 0 ) {
+ status = ulc_requestAuthentication(nonce2, sizeof(nonce2));
+ returnValue = ( !memcmp(nonce1, nonce2, 11) ) ? UL_C_MAGIC : UL_C;
+ } else {
+ returnValue = UL;
+ }
+ ul_switch_off_field();
+ return returnValue;
+}
+*/
+static int ul_magic_test(){
+
+ // Magic Ultralight tests
+ // 1) take present UID, and try to write it back. OBSOLETE
+ // 2) make a wrong length write to page0, and see if tag answers with ACK/NACK:
+ iso14a_card_select_t card;
+ if ( !ul_select(&card) )
+ return UL_ERROR;
+ int status = ul_comp_write(0, NULL, 0);
+ ul_switch_off_field();
+ if ( status == 0 )
+ return MAGIC;
+ return 0;
+}
+
+uint32_t GetHF14AMfU_Type(void){
+
+ TagTypeUL_t tagtype = UNKNOWN;
+ iso14a_card_select_t card;
+ uint8_t version[10] = {0x00};
+ int status = 0;
+ int len;
+
+ if (!ul_select(&card)) return UL_ERROR;
+
+ // Ultralight - ATQA / SAK
+ if ( card.atqa[1] != 0x00 || card.atqa[0] != 0x44 || card.sak != 0x00 ) {
+ PrintAndLog("Tag is not Ultralight | NTAG | MY-D [ATQA: %02X %02X SAK: %02X]\n", card.atqa[1], card.atqa[0], card.sak);
+ ul_switch_off_field();
+ return UL_ERROR;
+ }
+
+ if ( card.uid[0] != 0x05) {
+
+ len = ulev1_getVersion(version, sizeof(version));
+ ul_switch_off_field();
+
+ switch (len) {
+ case 0x0A: {
+
+ if ( version[2] == 0x03 && version[6] == 0x0B )
+ tagtype = UL_EV1_48;
+ else if ( version[2] == 0x03 && version[6] != 0x0B )
+ tagtype = UL_EV1_128;
+ else if ( version[2] == 0x04 && version[3] == 0x01 && version[6] == 0x0B )
+ tagtype = NTAG_210;
+ else if ( version[2] == 0x04 && version[3] == 0x01 && version[6] == 0x0E )
+ tagtype = NTAG_212;
+ else if ( version[2] == 0x04 && version[3] == 0x02 && version[6] == 0x0F )
+ tagtype = NTAG_213;
+ else if ( version[2] == 0x04 && version[3] == 0x02 && version[6] == 0x11 )
+ tagtype = NTAG_215;
+ else if ( version[2] == 0x04 && version[3] == 0x02 && version[6] == 0x13 )
+ tagtype = NTAG_216;
+ else if ( version[2] == 0x04 && version[3] == 0x05 && version[6] == 0x13 )
+ tagtype = NTAG_I2C_1K;
+ else if ( version[2] == 0x04 && version[3] == 0x05 && version[6] == 0x15 )
+ tagtype = NTAG_I2C_2K;
+ else if ( version[2] == 0x04 )
+ tagtype = NTAG;
+
+ break;
+ }
+ case 0x01: tagtype = UL_C; break;
+ case 0x00: tagtype = UL; break;
+ case -1 : tagtype = (UL | UL_C | NTAG_203); break; // could be UL | UL_C magic tags
+ default : tagtype = UNKNOWN; break;
+ }
+ // UL vs UL-C vs ntag203 test
+ if (tagtype & (UL | UL_C | NTAG_203)) {
+ if ( !ul_select(&card) ) return UL_ERROR;
+
+ // do UL_C check first...
+ uint8_t nonce[11] = {0x00};
+ status = ulc_requestAuthentication(nonce, sizeof(nonce));
+ ul_switch_off_field();
+ if (status > 1) {
+ tagtype = UL_C;
+ } else {
+ // need to re-select after authentication error
+ if ( !ul_select(&card) ) return UL_ERROR;
+
+ uint8_t data[16] = {0x00};
+ // read page 0x26-0x29 (last valid ntag203 page)
+ status = ul_read(0x26, data, sizeof(data));
+ if ( status <= 1 ) {
+ tagtype = UL;
+ } else {
+ // read page 0x30 (should error if it is a ntag203)
+ status = ul_read(0x30, data, sizeof(data));
+ if ( status <= 1 ){
+ tagtype = NTAG_203;
+ } else {
+ tagtype = UNKNOWN;
+ }
+ }
+ ul_switch_off_field();
+ }
+ }
+ if (tagtype & UL) {
+ tagtype = ul_fudan_check();
+ ul_switch_off_field();
+ }
+ } else {
+ ul_switch_off_field();
+ // Infinition MY-D tests Exam high nibble
+ uint8_t nib = (card.uid[1] & 0xf0) >> 4;
+ switch ( nib ){
+ // case 0: tagtype = SLE66R35E7; break; //or SLE 66R35E7 - mifare compat... should have different sak/atqa for mf 1k
+ case 1: tagtype = MY_D; break; //or SLE 66RxxS ... up to 512 pages of 8 user bytes...
+ case 2: tagtype = (MY_D_NFC); break; //or SLE 66RxxP ... up to 512 pages of 8 user bytes... (or in nfc mode FF pages of 4 bytes)
+ case 3: tagtype = (MY_D_MOVE | MY_D_MOVE_NFC); break; //or SLE 66R01P // 38 pages of 4 bytes //notice: we can not currently distinguish between these two
+ case 7: tagtype = MY_D_MOVE_LEAN; break; //or SLE 66R01L // 16 pages of 4 bytes
+ }
+ }
+
+ tagtype |= ul_magic_test();
+ if (tagtype == (UNKNOWN | MAGIC)) tagtype = (UL_MAGIC);
+ return tagtype;
+}
+
+int CmdHF14AMfUInfo(const char *Cmd){
+
+ uint8_t authlim = 0xff;
+ uint8_t data[16] = {0x00};
+ iso14a_card_select_t card;
+ int status;
+ bool errors = false;
+ bool hasAuthKey = false;
+ bool locked = false;
+ bool swapEndian = false;
+ uint8_t cmdp = 0;
+ uint8_t dataLen = 0;
+ uint8_t authenticationkey[16] = {0x00};
+ uint8_t *authkeyptr = authenticationkey;
+ uint8_t *key;
+ uint8_t pack[4] = {0,0,0,0};
+ int len = 0;
+ char tempStr[50];
+
+ while(param_getchar(Cmd, cmdp) != 0x00)
+ {
+ switch(param_getchar(Cmd, cmdp))
+ {
+ case 'h':
+ case 'H':
+ return usage_hf_mfu_info();
+ case 'k':
+ case 'K':
+ dataLen = param_getstr(Cmd, cmdp+1, tempStr);
+ if (dataLen == 32 || dataLen == 8) { //ul-c or ev1/ntag key length
+ errors = param_gethex(tempStr, 0, authenticationkey, dataLen);
+ dataLen /= 2; // handled as bytes from now on
} else {
- PrintAndLog("Command execute timeout");
- }
+ PrintAndLog("\nERROR: Key is incorrect length\n");
+ errors = true;
+ }
+ cmdp += 2;
+ hasAuthKey = true;
+ break;
+ case 'l':
+ case 'L':
+ swapEndian = true;
+ cmdp++;
+ break;
+ default:
+ PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
+ errors = true;
+ break;
}
+ if(errors) break;
+ }
+
+ //Validations
+ if(errors) return usage_hf_mfu_info();
+
+ TagTypeUL_t tagtype = GetHF14AMfU_Type();
+ if (tagtype == UL_ERROR) return -1;
+
+ PrintAndLog("\n--- Tag Information ---------");
+ PrintAndLog("-------------------------------------------------------------");
+ ul_print_type(tagtype, 6);
+
+ // Swap endianness
+ if (swapEndian && hasAuthKey) authkeyptr = SwapEndian64(authenticationkey, dataLen, (dataLen == 16) ? 8 : 4 );
+
+ if (!ul_auth_select( &card, tagtype, hasAuthKey, authkeyptr, pack, sizeof(pack))) return -1;
+
+ // read pages 0,1,2,3 (should read 4pages)
+ status = ul_read(0, data, sizeof(data));
+ if ( status == -1 ) {
+ ul_switch_off_field();
+ PrintAndLog("Error: tag didn't answer to READ");
+ return status;
+ } else if (status == 16) {
+ ul_print_default(data);
+ ndef_print_CC(data+12);
} else {
- PrintAndLog("--block no:%02x", blockNo);
- PrintAndLog("--data: %s", sprint_hex(bldata, 4));
- UsbCommand e = {CMD_MIFAREU_WRITEBL, {blockNo}};
- memcpy(e.d.asBytes,bldata, 4);
- SendCommand(&e);
- if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
- uint8_t isOK = resp.arg[0] & 0xff;
- PrintAndLog("isOk:%02x", isOK);
+ locked = true;
+ }
+
+ // UL_C Specific
+ if ((tagtype & UL_C)) {
+
+ // read pages 0x28, 0x29, 0x2A, 0x2B
+ uint8_t ulc_conf[16] = {0x00};
+ status = ul_read(0x28, ulc_conf, sizeof(ulc_conf));
+ if ( status == -1 ){
+ PrintAndLog("Error: tag didn't answer to READ UL-C");
+ ul_switch_off_field();
+ return status;
+ }
+ if (status == 16) ulc_print_configuration(ulc_conf);
+ else locked = true;
+
+ if ((tagtype & MAGIC)) {
+ //just read key
+ uint8_t ulc_deskey[16] = {0x00};
+ status = ul_read(0x2C, ulc_deskey, sizeof(ulc_deskey));
+ if ( status == -1 ) {
+ ul_switch_off_field();
+ PrintAndLog("Error: tag didn't answer to READ magic");
+ return status;
+ }
+ if (status == 16) ulc_print_3deskey(ulc_deskey);
+
} else {
- PrintAndLog("Command execute timeout");
+ ul_switch_off_field();
+ // if we called info with key, just return
+ if ( hasAuthKey ) return 1;
+
+ // also try to diversify default keys.. look into CmdHF14AMfuGenDiverseKeys
+ PrintAndLog("Trying some default 3des keys");
+ for (uint8_t i = 0; i < KEYS_3DES_COUNT; ++i ) {
+ key = default_3des_keys[i];
+ if (ulc_authentication(key, true)) {
+ PrintAndLog("Found default 3des key: ");
+ uint8_t keySwap[16];
+ memcpy(keySwap, SwapEndian64(key,16,8), 16);
+ ulc_print_3deskey(keySwap);
+ return 1;
+ }
+ }
+ return 1;
}
}
- return 0;
+
+ // do counters and signature first (don't neet auth)
+
+ // ul counters are different than ntag counters
+ if ((tagtype & (UL_EV1_48 | UL_EV1_128))) {
+ if (ulev1_print_counters() != 3) {
+ // failed - re-select
+ if (!ul_auth_select( &card, tagtype, hasAuthKey, authkeyptr, pack, sizeof(pack))) return -1;
+ }
+ }
+
+ if ((tagtype & (UL_EV1_48 | UL_EV1_128 | NTAG_213 | NTAG_215 | NTAG_216 | NTAG_I2C_1K | NTAG_I2C_2K ))) {
+ uint8_t ulev1_signature[32] = {0x00};
+ status = ulev1_readSignature( ulev1_signature, sizeof(ulev1_signature));
+ if ( status == -1 ) {
+ PrintAndLog("Error: tag didn't answer to READ SIGNATURE");
+ ul_switch_off_field();
+ return status;
+ }
+ if (status == 32) ulev1_print_signature( ulev1_signature, sizeof(ulev1_signature));
+ else {
+ // re-select
+ if (!ul_auth_select( &card, tagtype, hasAuthKey, authkeyptr, pack, sizeof(pack))) return -1;
+ }
+ }
+
+ if ((tagtype & (UL_EV1_48 | UL_EV1_128 | NTAG_210 | NTAG_212 | NTAG_213 | NTAG_215 | NTAG_216 | NTAG_I2C_1K | NTAG_I2C_2K))) {
+ uint8_t version[10] = {0x00};
+ status = ulev1_getVersion(version, sizeof(version));
+ if ( status == -1 ) {
+ PrintAndLog("Error: tag didn't answer to GETVERSION");
+ ul_switch_off_field();
+ return status;
+ } else if (status == 10) {
+ ulev1_print_version(version);
+ } else {
+ locked = true;
+ if (!ul_auth_select( &card, tagtype, hasAuthKey, authkeyptr, pack, sizeof(pack))) return -1;
+ }
+
+ uint8_t startconfigblock = 0;
+ uint8_t ulev1_conf[16] = {0x00};
+ // config blocks always are last 4 pages
+ for (uint8_t idx = 0; idx < MAX_UL_TYPES; idx++)
+ if (tagtype & UL_TYPES_ARRAY[idx])
+ startconfigblock = UL_MEMORY_ARRAY[idx]-3;
+
+ if (startconfigblock){ // if we know where the config block is...
+ status = ul_read(startconfigblock, ulev1_conf, sizeof(ulev1_conf));
+ if ( status == -1 ) {
+ PrintAndLog("Error: tag didn't answer to READ EV1");
+ ul_switch_off_field();
+ return status;
+ } else if (status == 16) {
+ // save AUTHENTICATION LIMITS for later:
+ authlim = (ulev1_conf[4] & 0x07);
+ ulev1_print_configuration(ulev1_conf, startconfigblock);
+ }
+ }
+
+ // AUTHLIMIT, (number of failed authentications)
+ // 0 = limitless.
+ // 1-7 = limit. No automatic tries then.
+ // hasAuthKey, if we was called with key, skip test.
+ if ( !authlim && !hasAuthKey ) {
+ PrintAndLog("\n--- Known EV1/NTAG passwords.");
+ len = 0;
+ for (uint8_t i = 0; i < KEYS_PWD_COUNT; ++i ) {
+ key = default_pwd_pack[i];
+ len = ulev1_requestAuthentication(key, pack, sizeof(pack));
+ if (len >= 1) {
+ PrintAndLog("Found a default password: %s || Pack: %02X %02X",sprint_hex(key, 4), pack[0], pack[1]);
+ break;
+ } else {
+ if (!ul_auth_select( &card, tagtype, hasAuthKey, authkeyptr, pack, sizeof(pack))) return -1;
+ }
+ }
+ if (len < 1) PrintAndLog("password not known");
+ }
+ }
+
+ ul_switch_off_field();
+ if (locked) PrintAndLog("\nTag appears to be locked, try using the key to get more info");
+ PrintAndLog("");
+ return 1;
}
//
-// Mifare Ultralight Read Single Block
+// Write Single Block
+//
+int CmdHF14AMfUWrBl(const char *Cmd){
+
+ int blockNo = -1;
+ bool errors = false;
+ bool hasAuthKey = false;
+ bool hasPwdKey = false;
+ bool swapEndian = false;
+
+ uint8_t cmdp = 0;
+ uint8_t keylen = 0;
+ uint8_t blockdata[20] = {0x00};
+ uint8_t data[16] = {0x00};
+ uint8_t authenticationkey[16] = {0x00};
+ uint8_t *authKeyPtr = authenticationkey;
+
+ while(param_getchar(Cmd, cmdp) != 0x00)
+ {
+ switch(param_getchar(Cmd, cmdp))
+ {
+ case 'h':
+ case 'H':
+ return usage_hf_mfu_wrbl();
+ case 'k':
+ case 'K':
+ // EV1/NTAG size key
+ keylen = param_gethex(Cmd, cmdp+1, data, 8);
+ if ( !keylen ) {
+ memcpy(authenticationkey, data, 4);
+ cmdp += 2;
+ hasPwdKey = true;
+ break;
+ }
+ // UL-C size key
+ keylen = param_gethex(Cmd, cmdp+1, data, 32);
+ if (!keylen){
+ memcpy(authenticationkey, data, 16);
+ cmdp += 2;
+ hasAuthKey = true;
+ break;
+ }
+ PrintAndLog("\nERROR: Key is incorrect length\n");
+ errors = true;
+ break;
+ case 'b':
+ case 'B':
+ blockNo = param_get8(Cmd, cmdp+1);
+ if (blockNo < 0) {
+ PrintAndLog("Wrong block number");
+ errors = true;
+ }
+ cmdp += 2;
+ break;
+ case 'l':
+ case 'L':
+ swapEndian = true;
+ cmdp++;
+ break;
+ case 'd':
+ case 'D':
+ if ( param_gethex(Cmd, cmdp+1, blockdata, 8) ) {
+ PrintAndLog("Block data must include 8 HEX symbols");
+ errors = true;
+ break;
+ }
+ cmdp += 2;
+ break;
+ default:
+ PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
+ errors = true;
+ break;
+ }
+ //Validations
+ if(errors) return usage_hf_mfu_wrbl();
+ }
+
+ if ( blockNo == -1 ) return usage_hf_mfu_wrbl();
+ // starting with getting tagtype
+ TagTypeUL_t tagtype = GetHF14AMfU_Type();
+ if (tagtype == UL_ERROR) return -1;
+
+ uint8_t maxblockno = 0;
+ for (uint8_t idx = 0; idx < MAX_UL_TYPES; idx++){
+ if (tagtype & UL_TYPES_ARRAY[idx])
+ maxblockno = UL_MEMORY_ARRAY[idx];
+ }
+ if (blockNo > maxblockno){
+ PrintAndLog("block number too large. Max block is %u/0x%02X \n", maxblockno,maxblockno);
+ return usage_hf_mfu_wrbl();
+ }
+
+ // Swap endianness
+ if (swapEndian && hasAuthKey) authKeyPtr = SwapEndian64(authenticationkey, 16, 8);
+ if (swapEndian && hasPwdKey) authKeyPtr = SwapEndian64(authenticationkey, 4, 4);
+
+ if ( blockNo <= 3)
+ PrintAndLog("Special Block: %0d (0x%02X) [ %s]", blockNo, blockNo, sprint_hex(blockdata, 4));
+ else
+ PrintAndLog("Block: %0d (0x%02X) [ %s]", blockNo, blockNo, sprint_hex(blockdata, 4));
+
+ //Send write Block
+ UsbCommand c = {CMD_MIFAREU_WRITEBL, {blockNo}};
+ memcpy(c.d.asBytes,blockdata,4);
+
+ if ( hasAuthKey ) {
+ c.arg[1] = 1;
+ memcpy(c.d.asBytes+4,authKeyPtr,16);
+ }
+ else if ( hasPwdKey ) {
+ c.arg[1] = 2;
+ memcpy(c.d.asBytes+4,authKeyPtr,4);
+ }
+
+ clearCommandBuffer();
+ SendCommand(&c);
+ UsbCommand resp;
+ if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
+ uint8_t isOK = resp.arg[0] & 0xff;
+ PrintAndLog("isOk:%02x", isOK);
+ } else {
+ PrintAndLog("Command execute timeout");
+ }
+
+ return 0;
+}
+//
+// Read Single Block
//
int CmdHF14AMfURdBl(const char *Cmd){
-
- uint8_t blockNo = -1;
- char cmdp = param_getchar(Cmd, 0);
-
- if (strlen(Cmd) < 1 || cmdp == 'h' || cmdp == 'H') {
- PrintAndLog("Usage: hf mfu rdbl <block number>");
- PrintAndLog(" sample: hfu mfu rdbl 0");
- return 0;
- }
-
- blockNo = param_get8(Cmd, 0);
+ int blockNo = -1;
+ bool errors = false;
+ bool hasAuthKey = false;
+ bool hasPwdKey = false;
+ bool swapEndian = false;
+ uint8_t cmdp = 0;
+ uint8_t keylen = 0;
+ uint8_t data[16] = {0x00};
+ uint8_t authenticationkey[16] = {0x00};
+ uint8_t *authKeyPtr = authenticationkey;
+
+ while(param_getchar(Cmd, cmdp) != 0x00)
+ {
+ switch(param_getchar(Cmd, cmdp))
+ {
+ case 'h':
+ case 'H':
+ return usage_hf_mfu_rdbl();
+ case 'k':
+ case 'K':
+ // EV1/NTAG size key
+ keylen = param_gethex(Cmd, cmdp+1, data, 8);
+ if ( !keylen ) {
+ memcpy(authenticationkey, data, 4);
+ cmdp += 2;
+ hasPwdKey = true;
+ break;
+ }
+ // UL-C size key
+ keylen = param_gethex(Cmd, cmdp+1, data, 32);
+ if (!keylen){
+ memcpy(authenticationkey, data, 16);
+ cmdp += 2;
+ hasAuthKey = true;
+ break;
+ }
+ PrintAndLog("\nERROR: Key is incorrect length\n");
+ errors = true;
+ break;
+ case 'b':
+ case 'B':
+ blockNo = param_get8(Cmd, cmdp+1);
+ if (blockNo < 0) {
+ PrintAndLog("Wrong block number");
+ errors = true;
+ }
+ cmdp += 2;
+ break;
+ case 'l':
+ case 'L':
+ swapEndian = true;
+ cmdp++;
+ break;
+ default:
+ PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
+ errors = true;
+ break;
+ }
+ //Validations
+ if(errors) return usage_hf_mfu_rdbl();
+ }
- if (blockNo > MAX_ULTRA_BLOCKS){
- PrintAndLog("Error: Maximum number of blocks is 15 for Ultralight Cards!");
- return 1;
+ if ( blockNo == -1 ) return usage_hf_mfu_rdbl();
+ // start with getting tagtype
+ TagTypeUL_t tagtype = GetHF14AMfU_Type();
+ if (tagtype == UL_ERROR) return -1;
+
+ uint8_t maxblockno = 0;
+ for (uint8_t idx = 0; idx < MAX_UL_TYPES; idx++){
+ if (tagtype & UL_TYPES_ARRAY[idx])
+ maxblockno = UL_MEMORY_ARRAY[idx];
}
-
- PrintAndLog("--block no:0x%02X (%d)", (int)blockNo, blockNo);
+ if (blockNo > maxblockno){
+ PrintAndLog("block number to large. Max block is %u/0x%02X \n", maxblockno,maxblockno);
+ return usage_hf_mfu_rdbl();
+ }
+
+ // Swap endianness
+ if (swapEndian && hasAuthKey) authKeyPtr = SwapEndian64(authenticationkey, 16, 8);
+ if (swapEndian && hasPwdKey) authKeyPtr = SwapEndian64(authenticationkey, 4, 4);
+
+ //Read Block
UsbCommand c = {CMD_MIFAREU_READBL, {blockNo}};
- SendCommand(&c);
+ if ( hasAuthKey ){
+ c.arg[1] = 1;
+ memcpy(c.d.asBytes,authKeyPtr,16);
+ }
+ else if ( hasPwdKey ) {
+ c.arg[1] = 2;
+ memcpy(c.d.asBytes,authKeyPtr,4);
+ }
+ clearCommandBuffer();
+ SendCommand(&c);
UsbCommand resp;
if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
- uint8_t isOK = resp.arg[0] & 0xff;
- uint8_t * data = resp.d.asBytes;
-
- PrintAndLog("isOk: %02x", isOK);
-
- if (isOK)
- PrintAndLog("Data: %s", sprint_hex(data, 4));
+ uint8_t isOK = resp.arg[0] & 0xff;
+ if (isOK) {
+ uint8_t *data = resp.d.asBytes;
+ PrintAndLog("\nBlock# | Data | Ascii");
+ PrintAndLog("-----------------------------");
+ PrintAndLog("%02d/0x%02X | %s| %.4s\n", blockNo, blockNo, sprint_hex(data, 4), data);
+ }
+ else {
+ PrintAndLog("Failed reading block: (%02x)", isOK);
+ }
} else {
- PrintAndLog("Command execute timeout");
+ PrintAndLog("Command execute time-out");
}
return 0;
}
+int usage_hf_mfu_info(void) {
+ PrintAndLog("It gathers information about the tag and tries to detect what kind it is.");
+ PrintAndLog("Sometimes the tags are locked down, and you may need a key to be able to read the information");
+ PrintAndLog("The following tags can be identified:\n");
+ PrintAndLog("Ultralight, Ultralight-C, Ultralight EV1, NTAG 203, NTAG 210,");
+ PrintAndLog("NTAG 212, NTAG 213, NTAG 215, NTAG 216, NTAG I2C 1K & 2K");
+ PrintAndLog("my-d, my-d NFC, my-d move, my-d move NFC\n");
+ PrintAndLog("Usage: hf mfu info k <key> l");
+ PrintAndLog(" Options : ");
+ PrintAndLog(" k <key> : (optional) key for authentication [UL-C 16bytes, EV1/NTAG 4bytes]");
+ PrintAndLog(" l : (optional) swap entered key's endianness");
+ PrintAndLog("");
+ PrintAndLog(" sample : hf mfu info");
+ PrintAndLog(" : hf mfu info k 00112233445566778899AABBCCDDEEFF");
+ PrintAndLog(" : hf mfu info k AABBCCDDD");
+ return 0;
+}
+
+int usage_hf_mfu_dump(void) {
+ PrintAndLog("Reads all pages from Ultralight, Ultralight-C, Ultralight EV1");
+ PrintAndLog("NTAG 203, NTAG 210, NTAG 212, NTAG 213, NTAG 215, NTAG 216");
+ PrintAndLog("and saves binary dump into the file `filename.bin` or `cardUID.bin`");
+ PrintAndLog("It autodetects card type.\n");
+ PrintAndLog("Usage: hf mfu dump k <key> l n <filename w/o .bin>");
+ PrintAndLog(" Options : ");
+ PrintAndLog(" k <key> : (optional) key for authentication [UL-C 16bytes, EV1/NTAG 4bytes]");
+ PrintAndLog(" l : (optional) swap entered key's endianness");
+ PrintAndLog(" n <FN > : filename w/o .bin to save the dump as");
+ PrintAndLog(" p <Pg > : starting Page number to manually set a page to start the dump at");
+ PrintAndLog(" q <qty> : number of Pages to manually set how many pages to dump");
+
+ PrintAndLog("");
+ PrintAndLog(" sample : hf mfu dump");
+ PrintAndLog(" : hf mfu dump n myfile");
+ PrintAndLog(" : hf mfu dump k 00112233445566778899AABBCCDDEEFF");
+ PrintAndLog(" : hf mfu dump k AABBCCDDD\n");
+ return 0;
+}
+
+int usage_hf_mfu_rdbl(void) {
+ PrintAndLog("Read a block and print. It autodetects card type.\n");
+ PrintAndLog("Usage: hf mfu rdbl b <block number> k <key> l\n");
+ PrintAndLog(" Options:");
+ PrintAndLog(" b <no> : block to read");
+ PrintAndLog(" k <key> : (optional) key for authentication [UL-C 16bytes, EV1/NTAG 4bytes]");
+ PrintAndLog(" l : (optional) swap entered key's endianness");
+ PrintAndLog("");
+ PrintAndLog(" sample : hf mfu rdbl b 0");
+ PrintAndLog(" : hf mfu rdbl b 0 k 00112233445566778899AABBCCDDEEFF");
+ PrintAndLog(" : hf mfu rdbl b 0 k AABBCCDDD\n");
+ return 0;
+}
+
+int usage_hf_mfu_wrbl(void) {
+ PrintAndLog("Write a block. It autodetects card type.\n");
+ PrintAndLog("Usage: hf mfu wrbl b <block number> d <data> k <key> l\n");
+ PrintAndLog(" Options:");
+ PrintAndLog(" b <no> : block to write");
+ PrintAndLog(" d <data> : block data - (8 hex symbols)");
+ PrintAndLog(" k <key> : (optional) key for authentication [UL-C 16bytes, EV1/NTAG 4bytes]");
+ PrintAndLog(" l : (optional) swap entered key's endianness");
+ PrintAndLog("");
+ PrintAndLog(" sample : hf mfu wrbl b 0 d 01234567");
+ PrintAndLog(" : hf mfu wrbl b 0 d 01234567 k AABBCCDDD\n");
+ return 0;
+}
+
//
-// Mifare Ultralight / Ultralight-C; Read and Dump Card Contents
-//
+// Mifare Ultralight / Ultralight-C / Ultralight-EV1
+// Read and Dump Card Contents, using auto detection of tag size.
int CmdHF14AMfUDump(const char *Cmd){
FILE *fout;
char filename[FILE_PATH_SIZE] = {0x00};
- char * fnameptr = filename;
-
+ char *fnameptr = filename;
uint8_t *lockbytes_t = NULL;
uint8_t lockbytes[2] = {0x00};
-
uint8_t *lockbytes_t2 = NULL;
uint8_t lockbytes2[2] = {0x00};
-
bool bit[16] = {0x00};
bool bit2[16] = {0x00};
-
- int i;
- uint8_t BlockNo = 0;
- int Pages = 16;
+ uint8_t data[1024] = {0x00};
+ bool hasAuthKey = false;
+ int i = 0;
+ int Pages = 16;
+ bool tmplockbit = false;
+ uint8_t dataLen = 0;
+ uint8_t cmdp = 0;
+ uint8_t authenticationkey[16] = {0x00};
+ uint8_t *authKeyPtr = authenticationkey;
+ size_t fileNlen = 0;
+ bool errors = false;
+ bool swapEndian = false;
+ bool manualPages = false;
+ uint8_t startPage = 0;
+ char tempStr[50];
- bool tmplockbit = false;
- uint8_t isOK = 0;
- uint8_t *data = NULL;
+ while(param_getchar(Cmd, cmdp) != 0x00)
+ {
+ switch(param_getchar(Cmd, cmdp))
+ {
+ case 'h':
+ case 'H':
+ return usage_hf_mfu_dump();
+ case 'k':
+ case 'K':
+ dataLen = param_getstr(Cmd, cmdp+1, tempStr);
+ if (dataLen == 32 || dataLen == 8) { //ul-c or ev1/ntag key length
+ errors = param_gethex(tempStr, 0, authenticationkey, dataLen);
+ dataLen /= 2;
+ } else {
+ PrintAndLog("\nERROR: Key is incorrect length\n");
+ errors = true;
+ }
+ cmdp += 2;
+ hasAuthKey = true;
+ break;
+ case 'l':
+ case 'L':
+ swapEndian = true;
+ cmdp++;
+ break;
+ case 'n':
+ case 'N':
+ fileNlen = param_getstr(Cmd, cmdp+1, filename);
+ if (!fileNlen) errors = true;
+ if (fileNlen > FILE_PATH_SIZE-5) fileNlen = FILE_PATH_SIZE-5;
+ cmdp += 2;
+ break;
+ case 'p':
+ case 'P':
+ startPage = param_get8(Cmd, cmdp+1);
+ manualPages = true;
+ cmdp += 2;
+ break;
+ case 'q':
+ case 'Q':
+ Pages = param_get8(Cmd, cmdp+1);
+ cmdp += 2;
+ manualPages = true;
+ break;
+ default:
+ PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));
+ errors = true;
+ break;
+ }
+ if(errors) break;
+ }
- char cmdp = param_getchar(Cmd, 0);
-
- if (cmdp == 'h' || cmdp == 'H') {
- PrintAndLog("Reads all pages from Mifare Ultralight or Ultralight-C tag.");
- PrintAndLog("It saves binary dump into the file `filename.bin` or `cardUID.bin`");
- PrintAndLog("Usage: hf mfu dump <c> <filename w/o .bin>");
- PrintAndLog(" <c> optional cardtype c == Ultralight-C, if not defaults to Ultralight");
- PrintAndLog(" sample: hf mfu dump");
- PrintAndLog(" : hf mfu dump myfile");
- PrintAndLog(" : hf mfu dump c myfile");
- return 0;
+ //Validations
+ if(errors) return usage_hf_mfu_dump();
+
+ if (swapEndian && hasAuthKey)
+ authKeyPtr = SwapEndian64(authenticationkey, dataLen, (dataLen == 16) ? 8 : 4);
+
+ TagTypeUL_t tagtype = GetHF14AMfU_Type();
+ if (tagtype == UL_ERROR) return -1;
+
+ if (!manualPages) //get number of pages to read
+ for (uint8_t idx = 0; idx < MAX_UL_TYPES; idx++)
+ if (tagtype & UL_TYPES_ARRAY[idx])
+ Pages = UL_MEMORY_ARRAY[idx]+1; //add one as maxblks starts at 0
+
+ ul_print_type(tagtype, 0);
+ PrintAndLog("Reading tag memory...");
+ UsbCommand c = {CMD_MIFAREU_READCARD, {startPage,Pages}};
+ if ( hasAuthKey ) {
+ if (tagtype & UL_C)
+ c.arg[2] = 1; //UL_C auth
+ else
+ c.arg[2] = 2; //UL_EV1/NTAG auth
+
+ memcpy(c.d.asBytes, authKeyPtr, dataLen);
}
- // UL or UL-C?
- Pages = (cmdp == 'c' || cmdp == 'C') ? 44 : 16;
-
- PrintAndLog("Dumping Ultralight%s Card Data...", (Pages ==16)?"":"-C");
-
- UsbCommand c = {CMD_MIFAREU_READCARD, {BlockNo,Pages}};
+ clearCommandBuffer();
SendCommand(&c);
UsbCommand resp;
+ if (!WaitForResponseTimeout(CMD_ACK, &resp,1500)) {
+ PrintAndLog("Command execute time-out");
+ return 1;
+ }
+ if (resp.arg[0] != 1) {
+ PrintAndLog("Failed reading block: (%02x)", i);
+ return 1;
+ }
- if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
- isOK = resp.arg[0] & 0xff;
- if (!isOK) {
- PrintAndLog("Command error");
- return 0;
- }
- data = resp.d.asBytes;
- } else {
- PrintAndLog("Command execute timeout");
- return 0;
+ uint32_t startindex = resp.arg[2];
+ uint32_t bufferSize = resp.arg[1];
+ if (bufferSize > sizeof(data)) {
+ PrintAndLog("Data exceeded Buffer size!");
+ bufferSize = sizeof(data);
}
-
+ GetFromBigBuf(data, bufferSize, startindex);
+ WaitForResponse(CMD_ACK,NULL);
+
+ Pages = bufferSize/4;
// Load lock bytes.
int j = 0;
-
+
lockbytes_t = data + 8;
lockbytes[0] = lockbytes_t[2];
lockbytes[1] = lockbytes_t[3];
for(j = 0; j < 16; j++){
bit[j] = lockbytes[j/8] & ( 1 <<(7-j%8));
- }
-
+ }
+
// Load bottom lockbytes if available
+ // TODO -- FIGURE OUT LOCK BYTES FOR TO EV1 and/or NTAG
if ( Pages == 44 ) {
-
lockbytes_t2 = data + (40*4);
lockbytes2[0] = lockbytes_t2[2];
lockbytes2[1] = lockbytes_t2[3];
}
}
+ // add keys to block dump
+ if (hasAuthKey) {
+ if (!swapEndian){
+ authKeyPtr = SwapEndian64(authenticationkey, dataLen, (dataLen == 16) ? 8 : 4);
+ } else {
+ authKeyPtr = authenticationkey;
+ }
+
+ if (tagtype & UL_C){ //add 4 pages
+ memcpy(data + Pages*4, authKeyPtr, dataLen);
+ Pages += dataLen/4;
+ } else { // 2nd page from end
+ memcpy(data + (Pages*4) - 8, authenticationkey, dataLen);
+ }
+ }
+
+ PrintAndLog("\nBlock# | Data |lck| Ascii");
+ PrintAndLog("---------------------------------");
for (i = 0; i < Pages; ++i) {
-
if ( i < 3 ) {
- PrintAndLog("Block %02x:%s ", i,sprint_hex(data + i * 4, 4));
+ PrintAndLog("%02d/0x%02X | %s| | ", i+startPage, i+startPage, sprint_hex(data + i * 4, 4));
continue;
}
-
switch(i){
case 3: tmplockbit = bit[4]; break;
- case 4: tmplockbit = bit[3]; break;
- case 5: tmplockbit = bit[2]; break;
- case 6: tmplockbit = bit[1]; break;
- case 7: tmplockbit = bit[0]; break;
- case 8: tmplockbit = bit[15]; break;
+ case 4: tmplockbit = bit[3]; break;
+ case 5: tmplockbit = bit[2]; break;
+ case 6: tmplockbit = bit[1]; break;
+ case 7: tmplockbit = bit[0]; break;
+ case 8: tmplockbit = bit[15]; break;
case 9: tmplockbit = bit[14]; break;
case 10: tmplockbit = bit[13]; break;
case 11: tmplockbit = bit[12]; break;
case 24:
case 25:
case 26:
- case 27: tmplockbit = bit2[4]; break;
+ case 27: tmplockbit = bit2[4]; break;
case 28:
case 29:
case 30:
case 43: tmplockbit = bit2[9]; break; //auth1
default: break;
}
- PrintAndLog("Block %02x:%s [%d]", i,sprint_hex(data + i * 4, 4),tmplockbit);
- }
-
- int len = 0;
- if ( Pages == 16 )
- len = param_getstr(Cmd,0,filename);
- else
- len = param_getstr(Cmd,1,filename);
-
- if (len > FILE_PATH_SIZE-5) len = FILE_PATH_SIZE-5;
+ PrintAndLog("%02d/0x%02X | %s| %d | %.4s", i+startPage, i+startPage, sprint_hex(data + i * 4, 4), tmplockbit, data+i*4);
+ }
+ PrintAndLog("---------------------------------");
// user supplied filename?
- if (len < 1) {
-
+ if (fileNlen < 1) {
// UID = data 0-1-2 4-5-6-7 (skips a beat)
sprintf(fnameptr,"%02X%02X%02X%02X%02X%02X%02X.bin",
data[0],data[1], data[2], data[4],data[5],data[6], data[7]);
-
} else {
- sprintf(fnameptr + len," .bin");
+ sprintf(fnameptr + fileNlen,".bin");
}
-
if ((fout = fopen(filename,"wb")) == NULL) {
PrintAndLog("Could not create file name %s", filename);
- return 1;
+ return 1;
}
fwrite( data, 1, Pages*4, fout );
fclose(fout);
return 0;
}
-// Needed to Authenticate to Ultralight C tags
-void rol (uint8_t *data, const size_t len){
- uint8_t first = data[0];
- for (size_t i = 0; i < len-1; i++) {
- data[i] = data[i+1];
- }
- data[len-1] = first;
-}
-
//-------------------------------------------------------------------------------
// Ultralight C Methods
//-------------------------------------------------------------------------------
//
int CmdHF14AMfucAuth(const char *Cmd){
- uint8_t default_keys[5][16] = {
- { 0x42,0x52,0x45,0x41,0x4b,0x4d,0x45,0x49,0x46,0x59,0x4f,0x55,0x43,0x41,0x4e,0x21 },// 3des std key
- { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },// all zeroes
- { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f },// 0x00-0x0F
- { 0x49,0x45,0x4D,0x4B,0x41,0x45,0x52,0x42,0x21,0x4E,0x41,0x43,0x55,0x4F,0x59,0x46 },// NFC-key
- { 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01 } // all ones
- };
+ uint8_t keyNo = 3;
+ bool errors = false;
char cmdp = param_getchar(Cmd, 0);
-
- uint8_t keyNo = 0;
- bool errors = false;
+
//Change key to user defined one
if (cmdp == 'k' || cmdp == 'K'){
keyNo = param_get8(Cmd, 1);
- if(keyNo >= 4) errors = true;
+ if(keyNo > KEYS_3DES_COUNT)
+ errors = true;
}
- if (cmdp == 'h' || cmdp == 'H') {
+ if (cmdp == 'h' || cmdp == 'H')
errors = true;
- }
-
+
if (errors) {
PrintAndLog("Usage: hf mfu cauth k <key number>");
PrintAndLog(" 0 (default): 3DES standard key");
- PrintAndLog(" 1 : all zeros key");
+ PrintAndLog(" 1 : all 0x00 key");
PrintAndLog(" 2 : 0x00-0x0F key");
PrintAndLog(" 3 : nfc key");
- PrintAndLog(" 4 : all ones key");
- PrintAndLog(" sample : hf mfu cauth k");
+ PrintAndLog(" 4 : all 0x01 key");
+ PrintAndLog(" 5 : all 0xff key");
+ PrintAndLog(" 6 : 0x00-0xFF key");
+ PrintAndLog("\n sample : hf mfu cauth k");
PrintAndLog(" : hf mfu cauth k 3");
return 0;
}
- uint8_t random_a[8] = { 1,1,1,1,1,1,1,1 };
- //uint8_t enc_random_a[8] = { 0 };
- uint8_t random_b[8] = { 0 };
- uint8_t enc_random_b[8] = { 0 };
- uint8_t random_a_and_b[16] = { 0 };
- des3_context ctx = { 0 };
- uint8_t *key = default_keys[keyNo];
- uint8_t blockNo = 0;
- uint32_t cuid = 0;
-
- //Auth1
- UsbCommand c = {CMD_MIFAREUC_AUTH1, {blockNo}};
- SendCommand(&c);
- UsbCommand resp;
- if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
- uint8_t isOK = resp.arg[0] & 0xff;
- cuid = resp.arg[1];
- uint8_t * data= resp.d.asBytes;
-
- if (isOK){
- PrintAndLog("enc(RndB):%s", sprint_hex(data+1, 8));
- memcpy(enc_random_b,data+1,8);
- } else {
- PrintAndLog("Auth failed");
- return 2; // auth failed.
- }
- } else {
- PrintAndLog("Command execute timeout");
- return 1;
- }
-
- uint8_t iv[8] = { 0 };
- // Do we need random ? Right now we use all ones, is that random enough ?
-// DES_random_key(&RndA);
-
- PrintAndLog(" RndA :%s",sprint_hex(random_a, 8));
- PrintAndLog(" e_RndB:%s",sprint_hex(enc_random_b, 8));
-
- des3_set2key_dec(&ctx, key);
-
- des3_crypt_cbc(&ctx // des3_context *ctx
- , DES_DECRYPT // int mode
- , sizeof(random_b) // size_t length
- , iv // unsigned char iv[8]
- , enc_random_b // const unsigned char *input
- , random_b // unsigned char *output
- );
-
- PrintAndLog(" RndB:%s",sprint_hex(random_b, 8));
-
- rol(random_b,8);
- memcpy(random_a_and_b ,random_a,8);
- memcpy(random_a_and_b+8,random_b,8);
-
- PrintAndLog(" RA+B:%s",sprint_hex(random_a_and_b, 16));
-
- des3_set2key_enc(&ctx, key);
-
- des3_crypt_cbc(&ctx // des3_context *ctx
- , DES_ENCRYPT // int mode
- , sizeof(random_a_and_b) // size_t length
- , enc_random_b // unsigned char iv[8]
- , random_a_and_b // const unsigned char *input
- , random_a_and_b // unsigned char *output
- );
-
- PrintAndLog("enc(RA+B):%s",sprint_hex(random_a_and_b, 16));
-
- //Auth2
- UsbCommand d = {CMD_MIFAREUC_AUTH2, {cuid}};
- memcpy(d.d.asBytes,random_a_and_b, 16);
- SendCommand(&d);
-
- UsbCommand respb;
- if (WaitForResponseTimeout(CMD_ACK,&respb,1500)) {
- uint8_t isOK = respb.arg[0] & 0xff;
- uint8_t * data2= respb.d.asBytes;
-
- if (isOK){
- PrintAndLog("enc(RndA'):%s", sprint_hex(data2+1, 8));
- } else {
- return 2;
- }
+ uint8_t *key = default_3des_keys[keyNo];
+ if (ulc_authentication(key, true))
+ PrintAndLog("Authentication successful. 3des key: %s",sprint_hex(key, 16));
+ else
+ PrintAndLog("Authentication failed");
- } else {
- PrintAndLog("Command execute timeout");
- return 1;
- }
return 0;
}
+
/**
A test function to validate that the polarssl-function works the same
was as the openssl-implementation.
return 0;
}
**/
+
+//
+// Mifare Ultralight C - Set password
//
-// Ultralight C Read Single Block
-//
-int CmdHF14AMfUCRdBl(const char *Cmd)
-{
- uint8_t blockNo = -1;
+int CmdHF14AMfucSetPwd(const char *Cmd){
+
+ uint8_t pwd[16] = {0x00};
+
char cmdp = param_getchar(Cmd, 0);
- if (strlen(Cmd) < 1 || cmdp == 'h' || cmdp == 'H') {
- PrintAndLog("Usage: hf mfu crdbl <block number>");
- PrintAndLog(" sample: hf mfu crdbl 0");
+ if (strlen(Cmd) == 0 || cmdp == 'h' || cmdp == 'H') {
+ PrintAndLog("Usage: hf mfu setpwd <password (32 hex symbols)>");
+ PrintAndLog(" [password] - (32 hex symbols)");
+ PrintAndLog("");
+ PrintAndLog("sample: hf mfu setpwd 000102030405060708090a0b0c0d0e0f");
+ PrintAndLog("");
return 0;
- }
-
- blockNo = param_get8(Cmd, 0);
- if (blockNo < 0) {
- PrintAndLog("Wrong block number");
- return 1;
}
- if (blockNo > MAX_ULTRAC_BLOCKS ){
- PrintAndLog("Error: Maximum number of readable blocks is 47 for Ultralight-C Cards!");
+ if (param_gethex(Cmd, 0, pwd, 32)) {
+ PrintAndLog("Password must include 32 HEX symbols");
return 1;
- }
+ }
- PrintAndLog("--block no: 0x%02X (%d)", (int)blockNo, blockNo);
+ UsbCommand c = {CMD_MIFAREUC_SETPWD};
+ memcpy( c.d.asBytes, pwd, 16);
+ clearCommandBuffer();
+ SendCommand(&c);
- //Read Block
- UsbCommand e = {CMD_MIFAREU_READBL, {blockNo}};
- SendCommand(&e);
- UsbCommand resp_c;
- if (WaitForResponseTimeout(CMD_ACK,&resp_c,1500)) {
- uint8_t isOK = resp_c.arg[0] & 0xff;
- uint8_t *data = resp_c.d.asBytes;
-
- PrintAndLog("isOk: %02x", isOK);
- if (isOK)
- PrintAndLog("Data: %s", sprint_hex(data, 4));
-
- } else {
- PrintAndLog("Command execute timeout");
+ UsbCommand resp;
+
+ if (WaitForResponseTimeout(CMD_ACK,&resp,1500) ) {
+ if ( (resp.arg[0] & 0xff) == 1)
+ PrintAndLog("Ultralight-C new password: %s", sprint_hex(pwd,16));
+ else{
+ PrintAndLog("Failed writing at block %d", resp.arg[1] & 0xff);
+ return 1;
+ }
+ }
+ else {
+ PrintAndLog("command execution time out");
+ return 1;
}
+
return 0;
}
//
-// Mifare Ultralight C Write Single Block
+// Magic UL / UL-C tags - Set UID
//
-int CmdHF14AMfUCWrBl(const char *Cmd){
-
- uint8_t blockNo = -1;
- bool chinese_card = FALSE;
- uint8_t bldata[16] = {0x00};
- UsbCommand resp;
+int CmdHF14AMfucSetUid(const char *Cmd){
+ UsbCommand c;
+ UsbCommand resp;
+ uint8_t uid[7] = {0x00};
char cmdp = param_getchar(Cmd, 0);
- if (strlen(Cmd) < 3 || cmdp == 'h' || cmdp == 'H') {
- PrintAndLog("Usage: hf mfu cwrbl <block number> <block data (8 hex symbols)> [w]");
- PrintAndLog(" [block number]");
- PrintAndLog(" [block data] - (8 hex symbols)");
- PrintAndLog(" [w] - Chinese magic ultralight tag");
+ if (strlen(Cmd) == 0 || cmdp == 'h' || cmdp == 'H') {
+ PrintAndLog("Usage: hf mfu setuid <uid (14 hex symbols)>");
+ PrintAndLog(" [uid] - (14 hex symbols)");
+ PrintAndLog("\nThis only works for Magic Ultralight tags.");
PrintAndLog("");
- PrintAndLog(" sample: hf mfu cwrbl 0 01020304");
+ PrintAndLog("sample: hf mfu setuid 11223344556677");
PrintAndLog("");
return 0;
}
- blockNo = param_get8(Cmd, 0);
- if (blockNo > MAX_ULTRAC_BLOCKS ){
- PrintAndLog("Error: Maximum number of blocks is 47 for Ultralight-C Cards!");
+ if (param_gethex(Cmd, 0, uid, 14)) {
+ PrintAndLog("UID must include 14 HEX symbols");
return 1;
}
+
+ // read block2.
+ c.cmd = CMD_MIFAREU_READBL;
+ c.arg[0] = 2;
+ clearCommandBuffer();
+ SendCommand(&c);
+ if (!WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
+ PrintAndLog("Command execute timeout");
+ return 2;
+ }
- if (param_gethex(Cmd, 1, bldata, 8)) {
- PrintAndLog("Block data must include 8 HEX symbols");
- return 1;
+ // save old block2.
+ uint8_t oldblock2[4] = {0x00};
+ memcpy(resp.d.asBytes, oldblock2, 4);
+
+ // block 0.
+ c.cmd = CMD_MIFAREU_WRITEBL;
+ c.arg[0] = 0;
+ c.d.asBytes[0] = uid[0];
+ c.d.asBytes[1] = uid[1];
+ c.d.asBytes[2] = uid[2];
+ c.d.asBytes[3] = 0x88 ^ uid[0] ^ uid[1] ^ uid[2];
+ clearCommandBuffer();
+ SendCommand(&c);
+ if (!WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
+ PrintAndLog("Command execute timeout");
+ return 3;
}
- if (strchr(Cmd,'w') != 0 || strchr(Cmd,'W') != 0 ) {
- chinese_card = TRUE;
+ // block 1.
+ c.arg[0] = 1;
+ c.d.asBytes[0] = uid[3];
+ c.d.asBytes[1] = uid[4];
+ c.d.asBytes[2] = uid[5];
+ c.d.asBytes[3] = uid[6];
+ clearCommandBuffer();
+ SendCommand(&c);
+ if (!WaitForResponseTimeout(CMD_ACK,&resp,1500) ) {
+ PrintAndLog("Command execute timeout");
+ return 4;
+ }
+
+ // block 2.
+ c.arg[0] = 2;
+ c.d.asBytes[0] = uid[3] ^ uid[4] ^ uid[5] ^ uid[6];
+ c.d.asBytes[1] = oldblock2[1];
+ c.d.asBytes[2] = oldblock2[2];
+ c.d.asBytes[3] = oldblock2[3];
+ clearCommandBuffer();
+ SendCommand(&c);
+ if (!WaitForResponseTimeout(CMD_ACK,&resp,1500) ) {
+ PrintAndLog("Command execute timeout");
+ return 5;
}
- if ( blockNo <= 3 ) {
- if (!chinese_card){
- PrintAndLog("Access Denied");
- } else {
- PrintAndLog("--Special block no: 0x%02x", blockNo);
- PrintAndLog("--Data: %s", sprint_hex(bldata, 4));
- UsbCommand d = {CMD_MIFAREU_WRITEBL, {blockNo}};
- memcpy(d.d.asBytes,bldata, 4);
- SendCommand(&d);
- if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
- uint8_t isOK = resp.arg[0] & 0xff;
- PrintAndLog("isOk:%02x", isOK);
- } else {
- PrintAndLog("Command execute timeout");
- }
- }
- } else {
- PrintAndLog("--Block no : 0x%02x", blockNo);
- PrintAndLog("--Data: %s", sprint_hex(bldata, 4));
- UsbCommand e = {CMD_MIFAREU_WRITEBL, {blockNo}};
- memcpy(e.d.asBytes,bldata, 4);
- SendCommand(&e);
- if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {
- uint8_t isOK = resp.arg[0] & 0xff;
- PrintAndLog("isOk : %02x", isOK);
- } else {
- PrintAndLog("Command execute timeout");
- }
+ return 0;
+}
+
+int CmdHF14AMfuGenDiverseKeys(const char *Cmd){
+
+ uint8_t iv[8] = { 0x00 };
+ uint8_t block = 0x07;
+
+ // UL-EV1
+ //04 57 b6 e2 05 3f 80 UID
+ //4a f8 4b 19 PWD
+ uint8_t uid[] = { 0xF4,0xEA, 0x54, 0x8E };
+ uint8_t mifarekeyA[] = { 0xA0,0xA1,0xA2,0xA3,0xA4,0xA5 };
+ uint8_t mifarekeyB[] = { 0xB0,0xB1,0xB2,0xB3,0xB4,0xB5 };
+ uint8_t dkeyA[8] = { 0x00 };
+ uint8_t dkeyB[8] = { 0x00 };
+
+ uint8_t masterkey[] = { 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,0x99,0xaa,0xbb,0xcc,0xdd,0xee,0xff };
+
+ uint8_t mix[8] = { 0x00 };
+ uint8_t divkey[8] = { 0x00 };
+
+ memcpy(mix, mifarekeyA, 4);
+
+ mix[4] = mifarekeyA[4] ^ uid[0];
+ mix[5] = mifarekeyA[5] ^ uid[1];
+ mix[6] = block ^ uid[2];
+ mix[7] = uid[3];
+
+ des3_context ctx = { 0x00 };
+ des3_set2key_enc(&ctx, masterkey);
+
+ des3_crypt_cbc(&ctx // des3_context
+ , DES_ENCRYPT // int mode
+ , sizeof(mix) // length
+ , iv // iv[8]
+ , mix // input
+ , divkey // output
+ );
+
+ PrintAndLog("3DES version");
+ PrintAndLog("Masterkey :\t %s", sprint_hex(masterkey,sizeof(masterkey)));
+ PrintAndLog("UID :\t %s", sprint_hex(uid, sizeof(uid)));
+ PrintAndLog("Sector :\t %0d", block);
+ PrintAndLog("Mifare key :\t %s", sprint_hex(mifarekeyA, sizeof(mifarekeyA)));
+ PrintAndLog("Message :\t %s", sprint_hex(mix, sizeof(mix)));
+ PrintAndLog("Diversified key: %s", sprint_hex(divkey+1, 6));
+
+ PrintAndLog("\n DES version");
+
+ for (int i=0; i < sizeof(mifarekeyA); ++i){
+ dkeyA[i] = (mifarekeyA[i] << 1) & 0xff;
+ dkeyA[6] |= ((mifarekeyA[i] >> 7) & 1) << (i+1);
}
+
+ for (int i=0; i < sizeof(mifarekeyB); ++i){
+ dkeyB[1] |= ((mifarekeyB[i] >> 7) & 1) << (i+1);
+ dkeyB[2+i] = (mifarekeyB[i] << 1) & 0xff;
+ }
+
+ uint8_t zeros[8] = {0x00};
+ uint8_t newpwd[8] = {0x00};
+ uint8_t dmkey[24] = {0x00};
+ memcpy(dmkey, dkeyA, 8);
+ memcpy(dmkey+8, dkeyB, 8);
+ memcpy(dmkey+16, dkeyA, 8);
+ memset(iv, 0x00, 8);
+
+ des3_set3key_enc(&ctx, dmkey);
+
+ des3_crypt_cbc(&ctx // des3_context
+ , DES_ENCRYPT // int mode
+ , sizeof(newpwd) // length
+ , iv // iv[8]
+ , zeros // input
+ , newpwd // output
+ );
+
+ PrintAndLog("Mifare dkeyA :\t %s", sprint_hex(dkeyA, sizeof(dkeyA)));
+ PrintAndLog("Mifare dkeyB :\t %s", sprint_hex(dkeyB, sizeof(dkeyB)));
+ PrintAndLog("Mifare ABA :\t %s", sprint_hex(dmkey, sizeof(dmkey)));
+ PrintAndLog("Mifare Pwd :\t %s", sprint_hex(newpwd, sizeof(newpwd)));
+
return 0;
}
+// static uint8_t * diversify_key(uint8_t * key){
+
+ // for(int i=0; i<16; i++){
+ // if(i<=6) key[i]^=cuid[i];
+ // if(i>6) key[i]^=cuid[i%7];
+ // }
+ // return key;
+// }
+
+// static void GenerateUIDe( uint8_t *uid, uint8_t len){
+ // for (int i=0; i<len; ++i){
+
+ // }
+ // return;
+// }
+
//------------------------------------
// Menu Stuff
//------------------------------------
static command_t CommandTable[] =
{
- {"help", CmdHelp, 1,"This help"},
- {"dbg", CmdHF14AMfDbg, 0,"Set default debug mode"},
- {"info", CmdHF14AMfUInfo, 0,"Taginfo"},
- {"dump", CmdHF14AMfUDump, 0,"Dump MIFARE Ultralight / Ultralight-C tag to binary file"},
- {"rdbl", CmdHF14AMfURdBl, 0,"Read block - MIFARE Ultralight"},
- {"wrbl", CmdHF14AMfUWrBl, 0,"Write block - MIFARE Ultralight"},
- {"crdbl", CmdHF14AMfUCRdBl, 0,"Read block - MIFARE Ultralight C"},
- {"cwrbl", CmdHF14AMfUCWrBl, 0,"Write MIFARE Ultralight C block"},
- {"cauth", CmdHF14AMfucAuth, 0,"try a Ultralight C Authentication"},
- //{"testdes", CmdTestDES , 1, "Test DES"},
+ {"help", CmdHelp, 1, "This help"},
+ {"dbg", CmdHF14AMfDbg, 0, "Set default debug mode"},
+ {"info", CmdHF14AMfUInfo, 0, "Tag information"},
+ {"dump", CmdHF14AMfUDump, 0, "Dump Ultralight / Ultralight-C / NTAG tag to binary file"},
+ {"rdbl", CmdHF14AMfURdBl, 0, "Read block"},
+ {"wrbl", CmdHF14AMfUWrBl, 0, "Write block"},
+ {"cauth", CmdHF14AMfucAuth, 0, "Authentication - Ultralight C"},
+ {"setpwd", CmdHF14AMfucSetPwd, 1, "Set 3des password - Ultralight-C"},
+ {"setuid", CmdHF14AMfucSetUid, 1, "Set UID - MAGIC tags only"},
+ {"gen", CmdHF14AMfuGenDiverseKeys , 1, "Generate 3des mifare diversified keys"},
{NULL, NULL, 0, NULL}
};
int CmdHelp(const char *Cmd){
CmdsHelp(CommandTable);
return 0;
-}
\ No newline at end of file
+}
#include "cmdhfmf.h"
#include "cmdhf14a.h"
-//standard ultralight
+#ifndef CMDHFMFU_H__
+#define CMDHFMFU_H__
+
int CmdHF14AMfUWrBl(const char *Cmd);
int CmdHF14AMfURdBl(const char *Cmd);
//Crypto Cards
-int CmdHF14AMfUCRdBl(const char *Cmd);
-int CmdHF14AMfUCRdCard(const char *Cmd);
int CmdHF14AMfucAuth(const char *Cmd);
//general stuff
int CmdHF14AMfUDump(const char *Cmd);
-void rol (uint8_t *data, const size_t len);
+int CmdHF14AMfUInfo(const char *Cmd);
+
+uint32_t GetHF14AMfU_Type(void);
+int ul_print_type(uint32_t tagtype, uint8_t spacer);
+void ul_switch_off_field(void);
+int usage_hf_mfu_dump(void);
+int usage_hf_mfu_info(void);
+int usage_hf_mfu_rdbl(void);
+int usage_hf_mfu_wrbl(void);
int CmdHFMFUltra(const char *Cmd);
-int CmdHF14AMfUInfo(const char *Cmd);
+
+typedef enum TAGTYPE_UL {
+ UNKNOWN = 0x000000,
+ UL = 0x000001,
+ UL_C = 0x000002,
+ UL_EV1_48 = 0x000004,
+ UL_EV1_128 = 0x000008,
+ NTAG = 0x000010,
+ NTAG_203 = 0x000020,
+ NTAG_210 = 0x000040,
+ NTAG_212 = 0x000080,
+ NTAG_213 = 0x000100,
+ NTAG_215 = 0x000200,
+ NTAG_216 = 0x000400,
+ MY_D = 0x000800,
+ MY_D_NFC = 0x001000,
+ MY_D_MOVE = 0x002000,
+ MY_D_MOVE_NFC = 0x004000,
+ MY_D_MOVE_LEAN= 0x008000,
+ NTAG_I2C_1K = 0x010000,
+ NTAG_I2C_2K = 0x020000,
+ FUDAN_UL = 0x040000,
+ MAGIC = 0x080000,
+ UL_MAGIC = UL | MAGIC,
+ UL_C_MAGIC = UL_C | MAGIC,
+ UL_ERROR = 0xFFFFFF,
+} TagTypeUL_t;
+
+#endif
static int CmdHelp(const char *Cmd);
-static void lookupChipID(uint32_t iChipID)
+static void lookupChipID(uint32_t iChipID, uint32_t mem_used)
{
char asBuff[100];
+ uint32_t mem_avail = 0;
+
switch(iChipID)
{
case 0x270B0A40:
switch((iChipID&0xF00)>>8)
{
case 0:
- sprintf(asBuff,"None");
+ mem_avail = 0;
break;
case 1:
- sprintf(asBuff,"8K bytes");
+ mem_avail = 8;
break;
case 2:
- sprintf(asBuff,"16K bytes");
+ mem_avail = 16;
break;
case 3:
- sprintf(asBuff,"32K bytes");
+ mem_avail = 32;
break;
case 5:
- sprintf(asBuff,"64K bytes");
+ mem_avail = 64;
break;
case 7:
- sprintf(asBuff,"128K bytes");
+ mem_avail = 128;
break;
case 9:
- sprintf(asBuff,"256K bytes");
+ mem_avail = 256;
break;
case 10:
- sprintf(asBuff,"512K bytes");
+ mem_avail = 512;
break;
case 12:
- sprintf(asBuff,"1024K bytes");
+ mem_avail = 1024;
break;
case 14:
- sprintf(asBuff,"2048K bytes");
+ mem_avail = 2048;
break;
}
- PrintAndLog("Nonvolatile Program Memory Size: %s",asBuff);
+ PrintAndLog("Nonvolatile Program Memory Size: %dK bytes. Used: %d bytes (%2.0f\%). Free: %d bytes (%2.0f\%).",
+ mem_avail,
+ mem_used,
+ mem_avail == 0 ? 0 : (float)mem_used/(mem_avail*1024)*100,
+ mem_avail*1024 - mem_used,
+ mem_avail == 0 ? 0 : (float)(mem_avail*1024-mem_used)/(mem_avail*1024)*100
+ );
switch((iChipID&0xF000)>>12)
{
case 0:
int CmdVersion(const char *Cmd)
{
- UsbCommand c = {CMD_VERSION};
- UsbCommand resp;
- SendCommand(&c);
- if (WaitForResponseTimeout(CMD_ACK,&resp,1000)) {
- lookupChipID(resp.arg[0]);
- }
- return 0;
+
+ UsbCommand c = {CMD_VERSION};
+ static UsbCommand resp = {0, {0, 0, 0}};
+
+ if (resp.arg[0] == 0 && resp.arg[1] == 0) { // no cached information available
+ SendCommand(&c);
+ if (WaitForResponseTimeout(CMD_ACK,&resp,1000) && Cmd != NULL) {
+ PrintAndLog("Prox/RFID mark3 RFID instrument");
+ PrintAndLog((char*)resp.d.asBytes);
+ lookupChipID(resp.arg[0], resp.arg[1]);
+ }
+ } else if (Cmd != NULL) {
+ PrintAndLog("Prox/RFID mark3 RFID instrument");
+ PrintAndLog((char*)resp.d.asBytes);
+ lookupChipID(resp.arg[0], resp.arg[1]);
+ }
+
+ return 0;
}
static command_t CommandTable[] =
}
}
}
-//appears to attempt to simulate manchester
+//Attempt to simulate any wave in buffer (one bit per output sample)
+// converts GraphBuffer to bitstream (based on zero crossings) if needed.
int CmdLFSim(const char *Cmd)
{
int i,j;
sscanf(Cmd, "%i", &gap);
- /* convert to bitstream if necessary */
+ // convert to bitstream if necessary
ChkBitstream(Cmd);
- //can send 512 bits at a time (1 byte sent per bit...)
+ //can send only 512 bits at a time (1 byte sent per bit...)
printf("Sending [%d bytes]", GraphTraceLen);
for (i = 0; i < GraphTraceLen; i += USB_CMD_DATA_SIZE) {
UsbCommand c={CMD_DOWNLOADED_SIM_SAMPLES_125K, {i, 0, 0}};
// - allow pull data from DemodBuffer
int CmdLFfskSim(const char *Cmd)
{
- //might be able to autodetect FC and clock from Graphbuffer if using demod buffer
- //will need FChigh, FClow, Clock, and bitstream
+ //might be able to autodetect FCs and clock from Graphbuffer if using demod buffer
+ // otherwise will need FChigh, FClow, Clock, and bitstream
uint8_t fcHigh=0, fcLow=0, clk=0;
uint8_t invert=0;
bool errors = FALSE;
} else {
setDemodBuf(data, dataLen, 0);
}
+
+ //default if not found
if (clk == 0) clk = 50;
if (fcHigh == 0) fcHigh = 10;
if (fcLow == 0) fcLow = 8;
int CmdLFaskSim(const char *Cmd)
{
//autodetect clock from Graphbuffer if using demod buffer
- //will need clock, invert, manchester/raw as m or r, separator as s, and bitstream
+ // needs clock, invert, manchester/raw as m or r, separator as s, and bitstream
uint8_t encoding = 1, separator = 0;
- //char cmdp = Cmd[0], par3='m', par4=0;
uint8_t clk=0, invert=0;
bool errors = FALSE;
char hexData[32] = {0x00};
return 0;
}
-/* simulate an LF Manchester encoded tag with specified bitstream, clock rate and inter-id gap */
-/*
-int CmdLFSimManchester(const char *Cmd)
-{
- static int clock, gap;
- static char data[1024], gapstring[8];
-
- sscanf(Cmd, "%i %s %i", &clock, &data[0], &gap);
-
- ClearGraph(0);
-
- for (int i = 0; i < strlen(data) ; ++i)
- AppendGraph(0, clock, data[i]- '0');
-
- CmdManchesterMod("");
-
- RepaintGraphWindow();
-
- sprintf(&gapstring[0], "%i", gap);
- CmdLFSim(gapstring);
- return 0;
-}
-*/
-
int CmdVchDemod(const char *Cmd)
{
// Is this the entire sync pattern, or does this also include some
}
if (!offline && (cmdp != '1')){
- ans=CmdLFRead("");
- ans=CmdSamples("20000");
+ CmdLFRead("s");
+ getSamples("30000",false);
} else if (GraphTraceLen < 1000) {
PrintAndLog("Data in Graphbuffer was too small.");
return 0;
return 1;
}
+ ans=CmdFDXBdemodBI("");
+ if (ans>0) {
+ PrintAndLog("\nValid FDX-B ID Found!");
+ return 1;
+ }
+
+ ans=EM4x50Read("", false);
+ if (ans>0) {
+ PrintAndLog("\nValid EM4x50 ID Found!");
+ return 1;
+ }
+
+ ans=CmdPSKNexWatch("");
+ if (ans>0) {
+ PrintAndLog("\nValid NexWatch ID Found!");
+ return 1;
+ }
+
PrintAndLog("\nNo Known Tags Found!\n");
if (testRaw=='u' || testRaw=='U'){
//test unknown tag formats (raw mode)
PrintAndLog("\nChecking for Unknown tags:\n");
ans=AutoCorrelate(4000, FALSE, FALSE);
if (ans > 0) PrintAndLog("Possible Auto Correlation of %d repeating samples",ans);
- ans=GetFskClock("",FALSE,FALSE); //CmdDetectClockRate("F"); //
+ ans=GetFskClock("",FALSE,FALSE);
if (ans != 0){ //fsk
- ans=FSKrawDemod("",FALSE);
+ ans=FSKrawDemod("",TRUE);
if (ans>0) {
PrintAndLog("\nUnknown FSK Modulated Tag Found!");
- printDemodBuff();
return 1;
}
}
- ans=ASKmanDemod("",FALSE,FALSE);
+ ans=ASKDemod("0 0 0",TRUE,FALSE,1);
if (ans>0) {
PrintAndLog("\nUnknown ASK Modulated and Manchester encoded Tag Found!");
PrintAndLog("\nif it does not look right it could instead be ASK/Biphase - try 'data rawdemod ab'");
- printDemodBuff();
return 1;
}
ans=CmdPSK1rawDemod("");
PrintAndLog("Possible unknown PSK1 Modulated Tag Found above!\n\nCould also be PSK2 - try 'data rawdemod p2'");
PrintAndLog("\nCould also be PSK3 - [currently not supported]");
PrintAndLog("\nCould also be NRZ - try 'data nrzrawdemod");
- printDemodBuff();
return 1;
}
PrintAndLog("\nNo Data Found!\n");
{"simfsk", CmdLFfskSim, 0, "[c <clock>] [i] [H <fcHigh>] [L <fcLow>] [d <hexdata>] -- Simulate LF FSK tag from demodbuffer or input"},
{"simpsk", CmdLFpskSim, 0, "[1|2|3] [c <clock>] [i] [r <carrier>] [d <raw hex to sim>] -- Simulate LF PSK tag from demodbuffer or input"},
{"simbidir", CmdLFSimBidir, 0, "Simulate LF tag (with bidirectional data transmission between reader and tag)"},
- //{"simman", CmdLFSimManchester, 0, "<Clock> <Bitstream> [GAP] Simulate arbitrary Manchester LF tag"},
{"snoop", CmdLFSnoop, 0, "['l'|'h'|<divisor>] [trigger threshold]-- Snoop LF (l:125khz, h:134khz)"},
{"ti", CmdLFTI, 1, "{ TI RFIDs... }"},
{"hitag", CmdLFHitag, 1, "{ Hitag tags and transponders... }"},
int CmdLFfskSim(const char *Cmd);
int CmdLFpskSim(const char *Cmd);
int CmdLFSimBidir(const char *Cmd);
-//int CmdLFSimManchester(const char *Cmd);
int CmdLFSnoop(const char *Cmd);
int CmdVchDemod(const char *Cmd);
int CmdLFfind(const char *Cmd);
#include "cmddata.h"
#include "cmdlf.h"
#include "cmdlfem4x.h"
+#include "lfdemod.h"
+
+#define llx PRIx64
+
char *global_em410xId;
static int CmdHelp(const char *Cmd);
int CmdEMdemodASK(const char *Cmd)
{
char cmdp = param_getchar(Cmd, 0);
- int findone = (cmdp == '1') ? 1 : 0;
- UsbCommand c={CMD_EM410X_DEMOD};
- c.arg[0]=findone;
- SendCommand(&c);
- return 0;
+ int findone = (cmdp == '1') ? 1 : 0;
+ UsbCommand c={CMD_EM410X_DEMOD};
+ c.arg[0]=findone;
+ SendCommand(&c);
+ return 0;
}
/* Read the ID of an EM410x tag.
*/
int CmdEM410xRead(const char *Cmd)
{
- uint32_t hi=0;
- uint64_t lo=0;
-
- if(!AskEm410xDemod("", &hi, &lo)) return 0;
- PrintAndLog("EM410x pattern found: ");
- printEM410x(hi, lo);
- if (hi){
- PrintAndLog ("EM410x XL pattern found");
- return 0;
- }
- char id[12] = {0x00};
- sprintf(id, "%010llx",lo);
-
- global_em410xId = id;
- return 1;
+ uint32_t hi=0;
+ uint64_t lo=0;
+
+ if(!AskEm410xDemod("", &hi, &lo, false)) return 0;
+ PrintAndLog("EM410x pattern found: ");
+ printEM410x(hi, lo);
+ if (hi){
+ PrintAndLog ("EM410x XL pattern found");
+ return 0;
+ }
+ char id[12] = {0x00};
+ sprintf(id, "%010llx",lo);
+
+ global_em410xId = id;
+ return 1;
}
// emulate an EM410X tag
PrintAndLog("Starting simulating UID %02X%02X%02X%02X%02X", uid[0],uid[1],uid[2],uid[3],uid[4]);
PrintAndLog("Press pm3-button to about simulation");
- /* clock is 64 in EM410x tags */
- int clock = 64;
-
- /* clear our graph */
- ClearGraph(0);
-
- /* write 9 start bits */
- for (i = 0; i < 9; i++)
- AppendGraph(0, clock, 1);
-
- /* for each hex char */
- parity[0] = parity[1] = parity[2] = parity[3] = 0;
- for (i = 0; i < 10; i++)
- {
- /* read each hex char */
- sscanf(&Cmd[i], "%1x", &n);
- for (j = 3; j >= 0; j--, n/= 2)
- binary[j] = n % 2;
-
- /* append each bit */
- AppendGraph(0, clock, binary[0]);
- AppendGraph(0, clock, binary[1]);
- AppendGraph(0, clock, binary[2]);
- AppendGraph(0, clock, binary[3]);
-
- /* append parity bit */
- AppendGraph(0, clock, binary[0] ^ binary[1] ^ binary[2] ^ binary[3]);
-
- /* keep track of column parity */
- parity[0] ^= binary[0];
- parity[1] ^= binary[1];
- parity[2] ^= binary[2];
- parity[3] ^= binary[3];
- }
-
- /* parity columns */
- AppendGraph(0, clock, parity[0]);
- AppendGraph(0, clock, parity[1]);
- AppendGraph(0, clock, parity[2]);
- AppendGraph(0, clock, parity[3]);
-
- /* stop bit */
- AppendGraph(1, clock, 0);
+ /* clock is 64 in EM410x tags */
+ int clock = 64;
+
+ /* clear our graph */
+ ClearGraph(0);
+
+ /* write 9 start bits */
+ for (i = 0; i < 9; i++)
+ AppendGraph(0, clock, 1);
+
+ /* for each hex char */
+ parity[0] = parity[1] = parity[2] = parity[3] = 0;
+ for (i = 0; i < 10; i++)
+ {
+ /* read each hex char */
+ sscanf(&Cmd[i], "%1x", &n);
+ for (j = 3; j >= 0; j--, n/= 2)
+ binary[j] = n % 2;
+
+ /* append each bit */
+ AppendGraph(0, clock, binary[0]);
+ AppendGraph(0, clock, binary[1]);
+ AppendGraph(0, clock, binary[2]);
+ AppendGraph(0, clock, binary[3]);
+
+ /* append parity bit */
+ AppendGraph(0, clock, binary[0] ^ binary[1] ^ binary[2] ^ binary[3]);
+
+ /* keep track of column parity */
+ parity[0] ^= binary[0];
+ parity[1] ^= binary[1];
+ parity[2] ^= binary[2];
+ parity[3] ^= binary[3];
+ }
+
+ /* parity columns */
+ AppendGraph(0, clock, parity[0]);
+ AppendGraph(0, clock, parity[1]);
+ AppendGraph(0, clock, parity[2]);
+ AppendGraph(0, clock, parity[3]);
+
+ /* stop bit */
+ AppendGraph(1, clock, 0);
- CmdLFSim("0"); //240 start_gap.
- return 0;
+ CmdLFSim("0"); //240 start_gap.
+ return 0;
}
/* Function is equivalent of lf read + data samples + em410xread
* rate gets lower, then grow the number of samples
* Changed by martin, 4000 x 4 = 16000,
* see http://www.proxmark.org/forum/viewtopic.php?pid=7235#p7235
-
*/
int CmdEM410xWatch(const char *Cmd)
{
}
CmdLFRead("s");
- getSamples("8192",true); //capture enough to get 2 full messages
+ getSamples("8201",true); //capture enough to get 2 complete preambles (4096*2+9)
} while (!CmdEM410xRead(""));
return 0;
}
+//currently only supports manchester modulations
int CmdEM410xWatchnSpoof(const char *Cmd)
{
CmdEM410xWatch(Cmd);
return 0;
}
-/* Read the transmitted data of an EM4x50 tag
- * Format:
- *
- * XXXXXXXX [row parity bit (even)] <- 8 bits plus parity
- * XXXXXXXX [row parity bit (even)] <- 8 bits plus parity
- * XXXXXXXX [row parity bit (even)] <- 8 bits plus parity
- * XXXXXXXX [row parity bit (even)] <- 8 bits plus parity
- * CCCCCCCC <- column parity bits
- * 0 <- stop bit
- * LW <- Listen Window
- *
- * This pattern repeats for every block of data being transmitted.
- * Transmission starts with two Listen Windows (LW - a modulated
- * pattern of 320 cycles each (32/32/128/64/64)).
- *
- * Note that this data may or may not be the UID. It is whatever data
- * is stored in the blocks defined in the control word First and Last
- * Word Read values. UID is stored in block 32.
- */
-int CmdEM4x50Read(const char *Cmd)
-{
- int i, j, startblock, skip, block, start, end, low, high;
- bool complete= false;
- int tmpbuff[MAX_GRAPH_TRACE_LEN / 64];
- char tmp[6];
-
- high= low= 0;
- memset(tmpbuff, 0, MAX_GRAPH_TRACE_LEN / 64);
-
- /* first get high and low values */
- for (i = 0; i < GraphTraceLen; i++)
- {
- if (GraphBuffer[i] > high)
- high = GraphBuffer[i];
- else if (GraphBuffer[i] < low)
- low = GraphBuffer[i];
- }
-
- /* populate a buffer with pulse lengths */
- i= 0;
- j= 0;
- while (i < GraphTraceLen)
- {
- // measure from low to low
- while ((GraphBuffer[i] > low) && (i<GraphTraceLen))
- ++i;
- start= i;
- while ((GraphBuffer[i] < high) && (i<GraphTraceLen))
- ++i;
- while ((GraphBuffer[i] > low) && (i<GraphTraceLen))
- ++i;
- if (j>=(MAX_GRAPH_TRACE_LEN/64)) {
- break;
- }
- tmpbuff[j++]= i - start;
- }
-
- /* look for data start - should be 2 pairs of LW (pulses of 192,128) */
- start= -1;
- skip= 0;
- for (i= 0; i < j - 4 ; ++i)
- {
- skip += tmpbuff[i];
- if (tmpbuff[i] >= 190 && tmpbuff[i] <= 194)
- if (tmpbuff[i+1] >= 126 && tmpbuff[i+1] <= 130)
- if (tmpbuff[i+2] >= 190 && tmpbuff[i+2] <= 194)
- if (tmpbuff[i+3] >= 126 && tmpbuff[i+3] <= 130)
- {
- start= i + 3;
- break;
- }
- }
- startblock= i + 3;
-
- /* skip over the remainder of the LW */
- skip += tmpbuff[i+1]+tmpbuff[i+2];
- while (skip < MAX_GRAPH_TRACE_LEN && GraphBuffer[skip] > low)
- ++skip;
- skip += 8;
-
- /* now do it again to find the end */
- end= start;
- for (i += 3; i < j - 4 ; ++i)
- {
- end += tmpbuff[i];
- if (tmpbuff[i] >= 190 && tmpbuff[i] <= 194)
- if (tmpbuff[i+1] >= 126 && tmpbuff[i+1] <= 130)
- if (tmpbuff[i+2] >= 190 && tmpbuff[i+2] <= 194)
- if (tmpbuff[i+3] >= 126 && tmpbuff[i+3] <= 130)
- {
- complete= true;
- break;
- }
- }
-
- if (start >= 0)
- PrintAndLog("Found data at sample: %i",skip);
- else
- {
- PrintAndLog("No data found!");
- PrintAndLog("Try again with more samples.");
- return 0;
- }
-
- if (!complete)
- {
- PrintAndLog("*** Warning!");
- PrintAndLog("Partial data - no end found!");
- PrintAndLog("Try again with more samples.");
- }
-
- /* get rid of leading crap */
- sprintf(tmp,"%i",skip);
- CmdLtrim(tmp);
-
- /* now work through remaining buffer printing out data blocks */
- block= 0;
- i= startblock;
- while (block < 6)
- {
- PrintAndLog("Block %i:", block);
- // mandemod routine needs to be split so we can call it for data
- // just print for now for debugging
- CmdManchesterDemod("i 64");
- skip= 0;
- /* look for LW before start of next block */
- for ( ; i < j - 4 ; ++i)
- {
- skip += tmpbuff[i];
- if (tmpbuff[i] >= 190 && tmpbuff[i] <= 194)
- if (tmpbuff[i+1] >= 126 && tmpbuff[i+1] <= 130)
- break;
- }
- while (GraphBuffer[skip] > low)
- ++skip;
- skip += 8;
- sprintf(tmp,"%i",skip);
- CmdLtrim(tmp);
- start += skip;
- block++;
- }
- return 0;
-}
-
int CmdEM410xWrite(const char *Cmd)
{
- uint64_t id = 0xFFFFFFFFFFFFFFFF; // invalid id value
- int card = 0xFF; // invalid card value
+ uint64_t id = 0xFFFFFFFFFFFFFFFF; // invalid id value
+ int card = 0xFF; // invalid card value
unsigned int clock = 0; // invalid clock value
sscanf(Cmd, "%" PRIx64 " %d %d", &id, &card, &clock);
return 0;
}
- UsbCommand c = {CMD_EM410X_WRITE_TAG, {card, (uint32_t)(id >> 32), (uint32_t)id}};
- SendCommand(&c);
+ UsbCommand c = {CMD_EM410X_WRITE_TAG, {card, (uint32_t)(id >> 32), (uint32_t)id}};
+ SendCommand(&c);
+
+ return 0;
+}
+
+bool EM_EndParityTest(uint8_t *BitStream, size_t size, uint8_t rows, uint8_t cols, uint8_t pType)
+{
+ if (rows*cols>size) return false;
+ uint8_t colP=0;
+ //assume last col is a parity and do not test
+ for (uint8_t colNum = 0; colNum < cols-1; colNum++) {
+ for (uint8_t rowNum = 0; rowNum < rows; rowNum++) {
+ colP ^= BitStream[(rowNum*cols)+colNum];
+ }
+ if (colP != pType) return false;
+ }
+ return true;
+}
- return 0;
+bool EM_ByteParityTest(uint8_t *BitStream, size_t size, uint8_t rows, uint8_t cols, uint8_t pType)
+{
+ if (rows*cols>size) return false;
+ uint8_t rowP=0;
+ //assume last row is a parity row and do not test
+ for (uint8_t rowNum = 0; rowNum < rows-1; rowNum++) {
+ for (uint8_t colNum = 0; colNum < cols; colNum++) {
+ rowP ^= BitStream[(rowNum*cols)+colNum];
+ }
+ if (rowP != pType) return false;
+ }
+ return true;
+}
+
+uint32_t OutputEM4x50_Block(uint8_t *BitStream, size_t size, bool verbose, bool pTest)
+{
+ if (size<45) return 0;
+ uint32_t code = bytebits_to_byte(BitStream,8);
+ code = code<<8 | bytebits_to_byte(BitStream+9,8);
+ code = code<<8 | bytebits_to_byte(BitStream+18,8);
+ code = code<<8 | bytebits_to_byte(BitStream+27,8);
+ if (verbose || g_debugMode){
+ for (uint8_t i = 0; i<5; i++){
+ if (i == 4) PrintAndLog(""); //parity byte spacer
+ PrintAndLog("%d%d%d%d%d%d%d%d %d -> 0x%02x",
+ BitStream[i*9],
+ BitStream[i*9+1],
+ BitStream[i*9+2],
+ BitStream[i*9+3],
+ BitStream[i*9+4],
+ BitStream[i*9+5],
+ BitStream[i*9+6],
+ BitStream[i*9+7],
+ BitStream[i*9+8],
+ bytebits_to_byte(BitStream+i*9,8)
+ );
+ }
+ if (pTest)
+ PrintAndLog("Parity Passed");
+ else
+ PrintAndLog("Parity Failed");
+ }
+ return code;
+}
+/* Read the transmitted data of an EM4x50 tag
+ * Format:
+ *
+ * XXXXXXXX [row parity bit (even)] <- 8 bits plus parity
+ * XXXXXXXX [row parity bit (even)] <- 8 bits plus parity
+ * XXXXXXXX [row parity bit (even)] <- 8 bits plus parity
+ * XXXXXXXX [row parity bit (even)] <- 8 bits plus parity
+ * CCCCCCCC <- column parity bits
+ * 0 <- stop bit
+ * LW <- Listen Window
+ *
+ * This pattern repeats for every block of data being transmitted.
+ * Transmission starts with two Listen Windows (LW - a modulated
+ * pattern of 320 cycles each (32/32/128/64/64)).
+ *
+ * Note that this data may or may not be the UID. It is whatever data
+ * is stored in the blocks defined in the control word First and Last
+ * Word Read values. UID is stored in block 32.
+ */
+ //completed by Marshmellow
+int EM4x50Read(const char *Cmd, bool verbose)
+{
+ uint8_t fndClk[] = {8,16,32,40,50,64,128};
+ int clk = 0;
+ int invert = 0;
+ int tol = 0;
+ int i, j, startblock, skip, block, start, end, low, high, minClk;
+ bool complete = false;
+ int tmpbuff[MAX_GRAPH_TRACE_LEN / 64];
+ uint32_t Code[6];
+ char tmp[6];
+ char tmp2[20];
+ int phaseoff;
+ high = low = 0;
+ memset(tmpbuff, 0, MAX_GRAPH_TRACE_LEN / 64);
+
+ // get user entry if any
+ sscanf(Cmd, "%i %i", &clk, &invert);
+
+ // save GraphBuffer - to restore it later
+ save_restoreGB(1);
+
+ // first get high and low values
+ for (i = 0; i < GraphTraceLen; i++) {
+ if (GraphBuffer[i] > high)
+ high = GraphBuffer[i];
+ else if (GraphBuffer[i] < low)
+ low = GraphBuffer[i];
+ }
+
+ i = 0;
+ j = 0;
+ minClk = 255;
+ // get to first full low to prime loop and skip incomplete first pulse
+ while ((GraphBuffer[i] < high) && (i < GraphTraceLen))
+ ++i;
+ while ((GraphBuffer[i] > low) && (i < GraphTraceLen))
+ ++i;
+ skip = i;
+
+ // populate tmpbuff buffer with pulse lengths
+ while (i < GraphTraceLen) {
+ // measure from low to low
+ while ((GraphBuffer[i] > low) && (i < GraphTraceLen))
+ ++i;
+ start= i;
+ while ((GraphBuffer[i] < high) && (i < GraphTraceLen))
+ ++i;
+ while ((GraphBuffer[i] > low) && (i < GraphTraceLen))
+ ++i;
+ if (j>=(MAX_GRAPH_TRACE_LEN/64)) {
+ break;
+ }
+ tmpbuff[j++]= i - start;
+ if (i-start < minClk && i < GraphTraceLen) {
+ minClk = i - start;
+ }
+ }
+ // set clock
+ if (!clk) {
+ for (uint8_t clkCnt = 0; clkCnt<7; clkCnt++) {
+ tol = fndClk[clkCnt]/8;
+ if (minClk >= fndClk[clkCnt]-tol && minClk <= fndClk[clkCnt]+1) {
+ clk=fndClk[clkCnt];
+ break;
+ }
+ }
+ if (!clk) return 0;
+ } else tol = clk/8;
+
+ // look for data start - should be 2 pairs of LW (pulses of clk*3,clk*2)
+ start = -1;
+ for (i= 0; i < j - 4 ; ++i) {
+ skip += tmpbuff[i];
+ if (tmpbuff[i] >= clk*3-tol && tmpbuff[i] <= clk*3+tol) //3 clocks
+ if (tmpbuff[i+1] >= clk*2-tol && tmpbuff[i+1] <= clk*2+tol) //2 clocks
+ if (tmpbuff[i+2] >= clk*3-tol && tmpbuff[i+2] <= clk*3+tol) //3 clocks
+ if (tmpbuff[i+3] >= clk-tol) //1.5 to 2 clocks - depends on bit following
+ {
+ start= i + 4;
+ break;
+ }
+ }
+ startblock = i + 4;
+
+ // skip over the remainder of LW
+ skip += tmpbuff[i+1] + tmpbuff[i+2] + clk;
+ if (tmpbuff[i+3]>clk)
+ phaseoff = tmpbuff[i+3]-clk;
+ else
+ phaseoff = 0;
+ // now do it again to find the end
+ end = skip;
+ for (i += 3; i < j - 4 ; ++i) {
+ end += tmpbuff[i];
+ if (tmpbuff[i] >= clk*3-tol && tmpbuff[i] <= clk*3+tol) //3 clocks
+ if (tmpbuff[i+1] >= clk*2-tol && tmpbuff[i+1] <= clk*2+tol) //2 clocks
+ if (tmpbuff[i+2] >= clk*3-tol && tmpbuff[i+2] <= clk*3+tol) //3 clocks
+ if (tmpbuff[i+3] >= clk-tol) //1.5 to 2 clocks - depends on bit following
+ {
+ complete= true;
+ break;
+ }
+ }
+ end = i;
+ // report back
+ if (verbose || g_debugMode) {
+ if (start >= 0) {
+ PrintAndLog("\nNote: one block = 50 bits (32 data, 12 parity, 6 marker)");
+ } else {
+ PrintAndLog("No data found!, clock tried:%d",clk);
+ PrintAndLog("Try again with more samples.");
+ PrintAndLog(" or after a 'data askedge' command to clean up the read");
+ return 0;
+ }
+ } else if (start < 0) return 0;
+ start = skip;
+ snprintf(tmp2, sizeof(tmp2),"%d %d 1000 %d", clk, invert, clk*47);
+ // get rid of leading crap
+ snprintf(tmp, sizeof(tmp), "%i", skip);
+ CmdLtrim(tmp);
+ bool pTest;
+ bool AllPTest = true;
+ // now work through remaining buffer printing out data blocks
+ block = 0;
+ i = startblock;
+ while (block < 6) {
+ if (verbose || g_debugMode) PrintAndLog("\nBlock %i:", block);
+ skip = phaseoff;
+
+ // look for LW before start of next block
+ for ( ; i < j - 4 ; ++i) {
+ skip += tmpbuff[i];
+ if (tmpbuff[i] >= clk*3-tol && tmpbuff[i] <= clk*3+tol)
+ if (tmpbuff[i+1] >= clk-tol)
+ break;
+ }
+ if (i >= j-4) break; //next LW not found
+ skip += clk;
+ if (tmpbuff[i+1]>clk)
+ phaseoff = tmpbuff[i+1]-clk;
+ else
+ phaseoff = 0;
+ i += 2;
+ if (ASKDemod(tmp2, false, false, 1) < 1) {
+ save_restoreGB(0);
+ return 0;
+ }
+ //set DemodBufferLen to just one block
+ DemodBufferLen = skip/clk;
+ //test parities
+ pTest = EM_ByteParityTest(DemodBuffer,DemodBufferLen,5,9,0);
+ pTest &= EM_EndParityTest(DemodBuffer,DemodBufferLen,5,9,0);
+ AllPTest &= pTest;
+ //get output
+ Code[block] = OutputEM4x50_Block(DemodBuffer,DemodBufferLen,verbose, pTest);
+ if (g_debugMode) PrintAndLog("\nskipping %d samples, bits:%d", skip, skip/clk);
+ //skip to start of next block
+ snprintf(tmp,sizeof(tmp),"%i",skip);
+ CmdLtrim(tmp);
+ block++;
+ if (i >= end) break; //in case chip doesn't output 6 blocks
+ }
+ //print full code:
+ if (verbose || g_debugMode || AllPTest){
+ if (!complete) {
+ PrintAndLog("*** Warning!");
+ PrintAndLog("Partial data - no end found!");
+ PrintAndLog("Try again with more samples.");
+ }
+ PrintAndLog("Found data at sample: %i - using clock: %i", start, clk);
+ end = block;
+ for (block=0; block < end; block++){
+ PrintAndLog("Block %d: %08x",block,Code[block]);
+ }
+ if (AllPTest) {
+ PrintAndLog("Parities Passed");
+ } else {
+ PrintAndLog("Parities Failed");
+ PrintAndLog("Try cleaning the read samples with 'data askedge'");
+ }
+ }
+
+ //restore GraphBuffer
+ save_restoreGB(0);
+ return (int)AllPTest;
+}
+
+int CmdEM4x50Read(const char *Cmd)
+{
+ return EM4x50Read(Cmd, true);
}
int CmdReadWord(const char *Cmd)
{
int Word = -1; //default to invalid word
- UsbCommand c;
-
- sscanf(Cmd, "%d", &Word);
-
+ UsbCommand c;
+
+ sscanf(Cmd, "%d", &Word);
+
if ( (Word > 15) | (Word < 0) ) {
- PrintAndLog("Word must be between 0 and 15");
- return 1;
- }
-
- PrintAndLog("Reading word %d", Word);
-
- c.cmd = CMD_EM4X_READ_WORD;
- c.d.asBytes[0] = 0x0; //Normal mode
- c.arg[0] = 0;
- c.arg[1] = Word;
- c.arg[2] = 0;
- SendCommand(&c);
- return 0;
+ PrintAndLog("Word must be between 0 and 15");
+ return 1;
+ }
+
+ PrintAndLog("Reading word %d", Word);
+
+ c.cmd = CMD_EM4X_READ_WORD;
+ c.d.asBytes[0] = 0x0; //Normal mode
+ c.arg[0] = 0;
+ c.arg[1] = Word;
+ c.arg[2] = 0;
+ SendCommand(&c);
+ return 0;
}
int CmdReadWordPWD(const char *Cmd)
{
int Word = -1; //default to invalid word
- int Password = 0xFFFFFFFF; //default to blank password
- UsbCommand c;
-
- sscanf(Cmd, "%d %x", &Word, &Password);
-
+ int Password = 0xFFFFFFFF; //default to blank password
+ UsbCommand c;
+
+ sscanf(Cmd, "%d %x", &Word, &Password);
+
if ( (Word > 15) | (Word < 0) ) {
- PrintAndLog("Word must be between 0 and 15");
- return 1;
- }
-
- PrintAndLog("Reading word %d with password %08X", Word, Password);
-
- c.cmd = CMD_EM4X_READ_WORD;
- c.d.asBytes[0] = 0x1; //Password mode
- c.arg[0] = 0;
- c.arg[1] = Word;
- c.arg[2] = Password;
- SendCommand(&c);
- return 0;
+ PrintAndLog("Word must be between 0 and 15");
+ return 1;
+ }
+
+ PrintAndLog("Reading word %d with password %08X", Word, Password);
+
+ c.cmd = CMD_EM4X_READ_WORD;
+ c.d.asBytes[0] = 0x1; //Password mode
+ c.arg[0] = 0;
+ c.arg[1] = Word;
+ c.arg[2] = Password;
+ SendCommand(&c);
+ return 0;
}
int CmdWriteWord(const char *Cmd)
{
- int Word = 16; //default to invalid block
- int Data = 0xFFFFFFFF; //default to blank data
- UsbCommand c;
-
- sscanf(Cmd, "%x %d", &Data, &Word);
-
- if (Word > 15) {
- PrintAndLog("Word must be between 0 and 15");
- return 1;
- }
-
- PrintAndLog("Writing word %d with data %08X", Word, Data);
-
- c.cmd = CMD_EM4X_WRITE_WORD;
- c.d.asBytes[0] = 0x0; //Normal mode
- c.arg[0] = Data;
- c.arg[1] = Word;
- c.arg[2] = 0;
- SendCommand(&c);
- return 0;
+ int Word = 16; //default to invalid block
+ int Data = 0xFFFFFFFF; //default to blank data
+ UsbCommand c;
+
+ sscanf(Cmd, "%x %d", &Data, &Word);
+
+ if (Word > 15) {
+ PrintAndLog("Word must be between 0 and 15");
+ return 1;
+ }
+
+ PrintAndLog("Writing word %d with data %08X", Word, Data);
+
+ c.cmd = CMD_EM4X_WRITE_WORD;
+ c.d.asBytes[0] = 0x0; //Normal mode
+ c.arg[0] = Data;
+ c.arg[1] = Word;
+ c.arg[2] = 0;
+ SendCommand(&c);
+ return 0;
}
int CmdWriteWordPWD(const char *Cmd)
{
- int Word = 16; //default to invalid word
- int Data = 0xFFFFFFFF; //default to blank data
- int Password = 0xFFFFFFFF; //default to blank password
- UsbCommand c;
-
- sscanf(Cmd, "%x %d %x", &Data, &Word, &Password);
-
- if (Word > 15) {
- PrintAndLog("Word must be between 0 and 15");
- return 1;
- }
-
- PrintAndLog("Writing word %d with data %08X and password %08X", Word, Data, Password);
-
- c.cmd = CMD_EM4X_WRITE_WORD;
- c.d.asBytes[0] = 0x1; //Password mode
- c.arg[0] = Data;
- c.arg[1] = Word;
- c.arg[2] = Password;
- SendCommand(&c);
- return 0;
+ int Word = 16; //default to invalid word
+ int Data = 0xFFFFFFFF; //default to blank data
+ int Password = 0xFFFFFFFF; //default to blank password
+ UsbCommand c;
+
+ sscanf(Cmd, "%x %d %x", &Data, &Word, &Password);
+
+ if (Word > 15) {
+ PrintAndLog("Word must be between 0 and 15");
+ return 1;
+ }
+
+ PrintAndLog("Writing word %d with data %08X and password %08X", Word, Data, Password);
+
+ c.cmd = CMD_EM4X_WRITE_WORD;
+ c.d.asBytes[0] = 0x1; //Password mode
+ c.arg[0] = Data;
+ c.arg[1] = Word;
+ c.arg[2] = Password;
+ SendCommand(&c);
+ return 0;
}
static command_t CommandTable[] =
{
- {"help", CmdHelp, 1, "This help"},
- {"em410xdemod", CmdEMdemodASK, 0, "[findone] -- Extract ID from EM410x tag (option 0 for continuous loop, 1 for only 1 tag)"},
- {"em410xread", CmdEM410xRead, 1, "[clock rate] -- Extract ID from EM410x tag"},
- {"em410xsim", CmdEM410xSim, 0, "<UID> -- Simulate EM410x tag"},
- {"em410xwatch", CmdEM410xWatch, 0, "['h'] -- Watches for EM410x 125/134 kHz tags (option 'h' for 134)"},
- {"em410xspoof", CmdEM410xWatchnSpoof, 0, "['h'] --- Watches for EM410x 125/134 kHz tags, and replays them. (option 'h' for 134)" },
- {"em410xwrite", CmdEM410xWrite, 1, "<UID> <'0' T5555> <'1' T55x7> [clock rate] -- Write EM410x UID to T5555(Q5) or T55x7 tag, optionally setting clock rate"},
- {"em4x50read", CmdEM4x50Read, 1, "Extract data from EM4x50 tag"},
- {"readword", CmdReadWord, 1, "<Word> -- Read EM4xxx word data"},
- {"readwordPWD", CmdReadWordPWD, 1, "<Word> <Password> -- Read EM4xxx word data in password mode"},
- {"writeword", CmdWriteWord, 1, "<Data> <Word> -- Write EM4xxx word data"},
- {"writewordPWD", CmdWriteWordPWD, 1, "<Data> <Word> <Password> -- Write EM4xxx word data in password mode"},
- {NULL, NULL, 0, NULL}
+ {"help", CmdHelp, 1, "This help"},
+ {"em410xdemod", CmdEMdemodASK, 0, "[findone] -- Extract ID from EM410x tag (option 0 for continuous loop, 1 for only 1 tag)"},
+ {"em410xread", CmdEM410xRead, 1, "[clock rate] -- Extract ID from EM410x tag in GraphBuffer"},
+ {"em410xsim", CmdEM410xSim, 0, "<UID> -- Simulate EM410x tag"},
+ {"em410xwatch", CmdEM410xWatch, 0, "['h'] -- Watches for EM410x 125/134 kHz tags (option 'h' for 134)"},
+ {"em410xspoof", CmdEM410xWatchnSpoof, 0, "['h'] --- Watches for EM410x 125/134 kHz tags, and replays them. (option 'h' for 134)" },
+ {"em410xwrite", CmdEM410xWrite, 0, "<UID> <'0' T5555> <'1' T55x7> [clock rate] -- Write EM410x UID to T5555(Q5) or T55x7 tag, optionally setting clock rate"},
+ {"em4x50read", CmdEM4x50Read, 1, "Extract data from EM4x50 tag"},
+ {"readword", CmdReadWord, 1, "<Word> -- Read EM4xxx word data"},
+
{"readwordPWD", CmdReadWordPWD, 1, "<Word> <Password> -- Read EM4xxx word data in password mode"},
+ {"writeword", CmdWriteWord, 1, "<Data> <Word> -- Write EM4xxx word data"},
+
{"writewordPWD", CmdWriteWordPWD, 1, "<Data> <Word> <Password> -- Write EM4xxx word data in password mode"},
+ {NULL, NULL, 0, NULL}
};
int CmdLFEM4X(const char *Cmd)
{
- CmdsParse(CommandTable, Cmd);
- return 0;
+ CmdsParse(CommandTable, Cmd);
+ return 0;
}
int CmdHelp(const char *Cmd)
{
- CmdsHelp(CommandTable);
- return 0;
+ CmdsHelp(CommandTable);
+ return 0;
}
#ifndef CMDLFEM4X_H__
#define CMDLFEM4X_H__
-int CmdLFEM4X(const char *Cmd);
int CmdEMdemodASK(const char *Cmd);
int CmdEM410xRead(const char *Cmd);
int CmdEM410xSim(const char *Cmd);
int CmdEM410xWatchnSpoof(const char *Cmd);
int CmdEM410xWrite(const char *Cmd);
int CmdEM4x50Read(const char *Cmd);
+int CmdLFEM4X(const char *Cmd);
int CmdReadWord(const char *Cmd);
int CmdReadWordPWD(const char *Cmd);
int CmdWriteWord(const char *Cmd);
int CmdWriteWordPWD(const char *Cmd);
+int EM4x50Read(const char *Cmd, bool verbose);
#endif
#include "cmdlfhid.h"
static int CmdHelp(const char *Cmd);
-
+/*
int CmdHIDDemod(const char *Cmd)
{
if (GraphTraceLen < 4800) {
RepaintGraphWindow();
return 0;
}
-
+*/
int CmdHIDDemodFSK(const char *Cmd)
{
int findone=0;
static command_t CommandTable[] =
{
{"help", CmdHelp, 1, "This help"},
- {"demod", CmdHIDDemod, 1, "Demodulate HID Prox Card II (not optimal)"},
+ //{"demod", CmdHIDDemod, 1, "Demodulate HID Prox Card II (not optimal)"},
{"fskdemod", CmdHIDDemodFSK, 0, "['1'] Realtime HID FSK demodulator (option '1' for one tag only)"},
{"sim", CmdHIDSim, 0, "<ID> -- HID tag simulator"},
{"clone", CmdHIDClone, 0, "<ID> ['l'] -- Clone HID to T55x7 (tag must be in antenna)(option 'l' for 84bit ID)"},
#define CMDLFHID_H__
int CmdLFHID(const char *Cmd);
-
-int CmdHIDDemod(const char *Cmd);
+//int CmdHIDDemod(const char *Cmd);
int CmdHIDDemodFSK(const char *Cmd);
int CmdHIDSim(const char *Cmd);
+int CmdHIDClone(const char *Cmd);
#endif
SendCommand(&c);
return 0;
}
-
+/*
int CmdIOProxDemod(const char *Cmd){
if (GraphTraceLen < 4800) {
PrintAndLog("too short; need at least 4800 samples");
RepaintGraphWindow();
return 0;
}
-
+*/
int CmdIOClone(const char *Cmd)
{
unsigned int hi = 0, lo = 0;
static command_t CommandTable[] =
{
{"help", CmdHelp, 1, "This help"},
- {"demod", CmdIOProxDemod, 1, "Demodulate Stream"},
+ //{"demod", CmdIOProxDemod, 1, "Demodulate Stream"},
{"fskdemod", CmdIODemodFSK, 0, "['1'] Realtime IO FSK demodulator (option '1' for one tag only)"},
{"clone", CmdIOClone, 0, "Clone ioProx Tag"},
{NULL, NULL, 0, NULL}
{
CmdsHelp(CommandTable);
return 0;
-}
\ No newline at end of file
+}
#include <stdio.h>\r
#include <string.h>\r
#include <inttypes.h>\r
+#include <time.h>\r
#include "proxmark3.h"\r
#include "ui.h"\r
#include "graph.h"\r
}\r
int usage_t55xx_read(){\r
PrintAndLog("Usage: lf t55xx read <block> <password>");\r
- PrintAndLog(" <block>, block number to read. Between 0-7");\r
- PrintAndLog(" <password>, OPTIONAL password (8 hex characters)");\r
- PrintAndLog("");\r
+ PrintAndLog(" <block>, block number to read. Between 0-7");\r
+
PrintAndLog(" <password>, OPTIONAL password (8 hex characters)");
\r+ PrintAndLog("");\r
PrintAndLog("Examples:");\r
- PrintAndLog(" lf t55xx read 0 - read data from block 0");\r
+ PrintAndLog(" lf t55xx read 0 - read data from block 0");\r
PrintAndLog(" lf t55xx read 0 feedbeef - read data from block 0 password feedbeef");\r
PrintAndLog("");\r
return 0;\r
}\r
int usage_t55xx_write(){\r
PrintAndLog("Usage: lf t55xx wr <block> <data> [password]");\r
- PrintAndLog(" <block>, block number to read. Between 0-7");\r
+ PrintAndLog(" <block>, block number to write. Between 0-7");\r
PrintAndLog(" <data>, 4 bytes of data to write (8 hex characters)");\r
- PrintAndLog(" [password], OPTIONAL password 4bytes (8 hex characters)");\r
- PrintAndLog("");\r
+ PrintAndLog(" [password], OPTIONAL password 4bytes (8 hex characters)");\r
+ PrintAndLog("");\r
PrintAndLog("Examples:");\r
- PrintAndLog(" lf t55xx wd 3 11223344 - write 11223344 to block 3");\r
- PrintAndLog(" lf t55xx wd 3 11223344 feedbeef - write 11223344 to block 3 password feedbeef");\r
+ PrintAndLog(" lf t55xx wr 3 11223344 - write 11223344 to block 3");\r
+ PrintAndLog(" lf t55xx wr 3 11223344 feedbeef - write 11223344 to block 3 password feedbeef");\r
PrintAndLog("");\r
return 0;\r
}\r
param_getstr(Cmd, cmdp+1, modulation);\r
cmdp += 2;\r
\r
- if ( strcmp(modulation, "FSK" ) == 0)\r
+ if ( strcmp(modulation, "FSK" ) == 0) {\r
config.modulation = DEMOD_FSK;\r
- else if ( strcmp(modulation, "FSK1" ) == 0)\r
+ } else if ( strcmp(modulation, "FSK1" ) == 0) {\r
config.modulation = DEMOD_FSK1;\r
- else if ( strcmp(modulation, "FSK1a" ) == 0)\r
+ config.inverted=1;\r
+ } else if ( strcmp(modulation, "FSK1a" ) == 0) {\r
config.modulation = DEMOD_FSK1a;\r
- else if ( strcmp(modulation, "FSK2" ) == 0)\r
+ config.inverted=0;\r
+ } else if ( strcmp(modulation, "FSK2" ) == 0) {\r
config.modulation = DEMOD_FSK2;\r
- else if ( strcmp(modulation, "FSK2a" ) == 0)\r
+ config.inverted=0;\r
+ } else if ( strcmp(modulation, "FSK2a" ) == 0) {\r
config.modulation = DEMOD_FSK2a;\r
- else if ( strcmp(modulation, "ASK" ) == 0)\r
+ config.inverted=1;\r
+ } else if ( strcmp(modulation, "ASK" ) == 0) {\r
config.modulation = DEMOD_ASK;\r
- else if ( strcmp(modulation, "NRZ" ) == 0)\r
+ } else if ( strcmp(modulation, "NRZ" ) == 0) {\r
config.modulation = DEMOD_NRZ;\r
- else if ( strcmp(modulation, "PSK1" ) == 0)\r
+ } else if ( strcmp(modulation, "PSK1" ) == 0) {\r
config.modulation = DEMOD_PSK1;\r
- else if ( strcmp(modulation, "PSK2" ) == 0)\r
+ } else if ( strcmp(modulation, "PSK2" ) == 0) {\r
config.modulation = DEMOD_PSK2;\r
- else if ( strcmp(modulation, "PSK3" ) == 0)\r
+ } else if ( strcmp(modulation, "PSK3" ) == 0) {\r
config.modulation = DEMOD_PSK3;\r
- else if ( strcmp(modulation, "BIa" ) == 0)\r
+ } else if ( strcmp(modulation, "BIa" ) == 0) {\r
config.modulation = DEMOD_BIa;\r
- else if ( strcmp(modulation, "BI" ) == 0)\r
+ config.inverted=1;\r
+ } else if ( strcmp(modulation, "BI" ) == 0) {\r
config.modulation = DEMOD_BI;\r
- else {\r
+ config.inverted=0;\r
+ } else {\r
PrintAndLog("Unknown modulation '%s'", modulation);\r
errors = TRUE;\r
}\r
\r
bool DecodeT55xxBlock(){\r
\r
- char buf[8] = {0x00};\r
+ char buf[30] = {0x00};\r
char *cmdStr = buf;\r
int ans = 0;\r
uint8_t bitRate[8] = {8,16,32,40,50,64,100,128};\r
-\r
DemodBufferLen = 0x00;\r
\r
+ //trim 1/2 a clock from beginning\r
+ snprintf(cmdStr, sizeof(buf),"%d", bitRate[config.bitrate]/2 );\r
+ CmdLtrim(cmdStr);\r
switch( config.modulation ){\r
case DEMOD_FSK:\r
- //CmdLtrim("26");\r
- sprintf(cmdStr,"%d", bitRate[config.bitrate]/2 );\r
- CmdLtrim(cmdStr); \r
- sprintf(cmdStr,"%d %d", bitRate[config.bitrate], config.inverted );\r
+ snprintf(cmdStr, sizeof(buf),"%d %d", bitRate[config.bitrate], config.inverted );\r
ans = FSKrawDemod(cmdStr, FALSE);\r
break;\r
case DEMOD_FSK1:\r
- //CmdLtrim("26");\r
- sprintf(cmdStr,"%d", bitRate[config.bitrate]/2 );\r
- CmdLtrim(cmdStr); \r
- sprintf(cmdStr,"%d 1 8 5", bitRate[config.bitrate] );\r
- ans = FSKrawDemod(cmdStr, FALSE);\r
- break;\r
case DEMOD_FSK1a:\r
- //CmdLtrim("26");\r
- sprintf(cmdStr,"%d", bitRate[config.bitrate]/2 );\r
- CmdLtrim(cmdStr); \r
- sprintf(cmdStr,"%d 0 8 5", bitRate[config.bitrate] );\r
+ snprintf(cmdStr, sizeof(buf),"%d %d 8 5", bitRate[config.bitrate], config.inverted );\r
ans = FSKrawDemod(cmdStr, FALSE);\r
break;\r
case DEMOD_FSK2:\r
- //CmdLtrim("26");\r
- sprintf(cmdStr,"%d", bitRate[config.bitrate]/2 );\r
- CmdLtrim(cmdStr); \r
- sprintf(cmdStr,"%d 0 10 8", bitRate[config.bitrate] );\r
- ans = FSKrawDemod(cmdStr, FALSE);\r
- break;\r
case DEMOD_FSK2a:\r
- //CmdLtrim("26");\r
- sprintf(cmdStr,"%d", bitRate[config.bitrate]/2 );\r
- CmdLtrim(cmdStr); \r
- sprintf(cmdStr,"%d 1 10 8", bitRate[config.bitrate] );\r
+ snprintf(cmdStr, sizeof(buf),"%d %d 10 8", bitRate[config.bitrate], config.inverted );\r
ans = FSKrawDemod(cmdStr, FALSE);\r
break;\r
case DEMOD_ASK:\r
- sprintf(cmdStr,"%d %d 1", bitRate[config.bitrate], config.inverted );\r
- ans = ASKmanDemod(cmdStr, FALSE, FALSE);\r
+ snprintf(cmdStr, sizeof(buf),"%d %d 0", bitRate[config.bitrate], config.inverted );\r
+ ans = ASKDemod(cmdStr, FALSE, FALSE, 1);\r
break;\r
case DEMOD_PSK1:\r
- sprintf(cmdStr,"%d %d 1", bitRate[config.bitrate], config.inverted );\r
- ans = PSKDemod(cmdStr, FALSE);\r
- break;\r
- case DEMOD_PSK2:\r
- sprintf(cmdStr,"%d 1", bitRate[config.bitrate] );\r
+ snprintf(cmdStr, sizeof(buf),"%d %d 0", bitRate[config.bitrate], config.inverted );\r
ans = PSKDemod(cmdStr, FALSE);\r
- psk1TOpsk2(DemodBuffer, DemodBufferLen);\r
break;\r
- case DEMOD_PSK3:\r
- sprintf(cmdStr,"%d %d 1", bitRate[config.bitrate], config.inverted );\r
+ case DEMOD_PSK2: //inverted won't affect this\r
+ case DEMOD_PSK3: //not fully implemented\r
+ snprintf(cmdStr, sizeof(buf),"%d 0 1", bitRate[config.bitrate] );\r
ans = PSKDemod(cmdStr, FALSE);\r
psk1TOpsk2(DemodBuffer, DemodBufferLen);\r
break;\r
case DEMOD_NRZ:\r
- sprintf(cmdStr,"%d %d 1", bitRate[config.bitrate], config.inverted );\r
+ snprintf(cmdStr, sizeof(buf),"%d %d 1", bitRate[config.bitrate], config.inverted );\r
ans = NRZrawDemod(cmdStr, FALSE);\r
break;\r
case DEMOD_BI:\r
- sprintf(cmdStr,"0 %d 0 1", bitRate[config.bitrate] );\r
- ans = ASKbiphaseDemod(cmdStr, FALSE);\r
- break;\r
case DEMOD_BIa:\r
- sprintf(cmdStr,"0 %d 1 1", bitRate[config.bitrate] );\r
+ snprintf(cmdStr, sizeof(buf),"0 %d %d 0", bitRate[config.bitrate], config.inverted );\r
ans = ASKbiphaseDemod(cmdStr, FALSE);\r
break;\r
default:\r
char cmdStr[8] = {0};\r
uint8_t hits = 0;\r
t55xx_conf_block_t tests[15];\r
- \r
+ int bitRate=0;\r
+ uint8_t fc1 = 0, fc2 = 0, clk=0;\r
+ save_restoreGB(1);\r
if (GetFskClock("", FALSE, FALSE)){ \r
- uint8_t fc1 = 0, fc2 = 0, clk=0;\r
fskClocks(&fc1, &fc2, &clk, FALSE);\r
sprintf(cmdStr,"%d", clk/2);\r
CmdLtrim(cmdStr);\r
- if ( FSKrawDemod("0 0", FALSE) && test(DEMOD_FSK, &tests[hits].offset)){\r
+ if ( FSKrawDemod("0 0", FALSE) && test(DEMOD_FSK, &tests[hits].offset, &bitRate)){\r
tests[hits].modulation = DEMOD_FSK;\r
if (fc1==8 && fc2 == 5)\r
tests[hits].modulation = DEMOD_FSK1a;\r
else if (fc1==10 && fc2 == 8)\r
tests[hits].modulation = DEMOD_FSK2;\r
-\r
+ tests[hits].bitrate = bitRate;\r
tests[hits].inverted = FALSE;\r
tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
++hits;\r
}\r
- if ( FSKrawDemod("0 1", FALSE) && test(DEMOD_FSK, &tests[hits].offset)) {\r
+ if ( FSKrawDemod("0 1", FALSE) && test(DEMOD_FSK, &tests[hits].offset, &bitRate)) {\r
tests[hits].modulation = DEMOD_FSK;\r
- if (fc1==8 && fc2 == 5)\r
+ if (fc1 == 8 && fc2 == 5)\r
tests[hits].modulation = DEMOD_FSK1;\r
- else if (fc1==10 && fc2 == 8)\r
+ else if (fc1 == 10 && fc2 == 8)\r
tests[hits].modulation = DEMOD_FSK2a;\r
\r
+ tests[hits].bitrate = bitRate;\r
tests[hits].inverted = TRUE;\r
tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
++hits;\r
}\r
} else {\r
- if ( ASKmanDemod("0 0 1", FALSE, FALSE) && test(DEMOD_ASK, &tests[hits].offset)) {\r
- tests[hits].modulation = DEMOD_ASK;\r
- tests[hits].inverted = FALSE;\r
- tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
- ++hits;\r
+ clk = GetAskClock("", FALSE, FALSE);\r
+ if (clk>0) {\r
+ sprintf(cmdStr,"%d", clk/2);\r
+ CmdLtrim(cmdStr);\r
+ if ( ASKDemod("0 0 0", FALSE, FALSE, 1) && test(DEMOD_ASK, &tests[hits].offset, &bitRate)) {\r
+ tests[hits].modulation = DEMOD_ASK;\r
+ tests[hits].bitrate = bitRate;\r
+ tests[hits].inverted = FALSE;\r
+ tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
+ ++hits;\r
}\r
-\r
- if ( ASKmanDemod("0 1 1", FALSE, FALSE) && test(DEMOD_ASK, &tests[hits].offset)) {\r
- tests[hits].modulation = DEMOD_ASK;\r
- tests[hits].inverted = TRUE;\r
- tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
- ++hits;\r
+ if ( ASKDemod("0 1 0", FALSE, FALSE, 1) && test(DEMOD_ASK, &tests[hits].offset, &bitRate)) {\r
+ tests[hits].modulation = DEMOD_ASK;\r
+ tests[hits].bitrate = bitRate;\r
+ tests[hits].inverted = TRUE;\r
+ tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
+ ++hits;\r
+ }\r
+ if ( ASKbiphaseDemod("0 0 0 0", FALSE) && test(DEMOD_BI, &tests[hits].offset, &bitRate) ) {\r
+ tests[hits].modulation = DEMOD_BI;\r
+ tests[hits].bitrate = bitRate;\r
+ tests[hits].inverted = FALSE;\r
+ tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
+ ++hits;\r
+ }\r
+ if ( ASKbiphaseDemod("0 0 1 0", FALSE) && test(DEMOD_BIa, &tests[hits].offset, &bitRate) ) {\r
+ tests[hits].modulation = DEMOD_BIa;\r
+ tests[hits].bitrate = bitRate;\r
+ tests[hits].inverted = TRUE;\r
+ tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
+ ++hits;\r
}\r
- \r
- if ( NRZrawDemod("0 0 1", FALSE) && test(DEMOD_NRZ, &tests[hits].offset)) {\r
- tests[hits].modulation = DEMOD_NRZ;\r
- tests[hits].inverted = FALSE;\r
- tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
- ++hits;\r
}\r
+ //undo trim from ask\r
+ save_restoreGB(0);\r
+ clk = GetNrzClock("", FALSE, FALSE);\r
+ if (clk>0) {\r
+ sprintf(cmdStr,"%d", clk/2);\r
+ CmdLtrim(cmdStr);\r
+ if ( NRZrawDemod("0 0 1", FALSE) && test(DEMOD_NRZ, &tests[hits].offset, &bitRate)) {\r
+ tests[hits].modulation = DEMOD_NRZ;\r
+ tests[hits].bitrate = bitRate;\r
+ tests[hits].inverted = FALSE;\r
+ tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
+ ++hits;\r
+ }\r
\r
- if ( NRZrawDemod("0 1 1", FALSE) && test(DEMOD_NRZ, &tests[hits].offset)) {\r
- tests[hits].modulation = DEMOD_NRZ;\r
- tests[hits].inverted = TRUE;\r
- tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
- ++hits;\r
+ if ( NRZrawDemod("0 1 1", FALSE) && test(DEMOD_NRZ, &tests[hits].offset, &bitRate)) {\r
+ tests[hits].modulation = DEMOD_NRZ;\r
+ tests[hits].bitrate = bitRate;\r
+ tests[hits].inverted = TRUE;\r
+ tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
+ ++hits;\r
}\r
- \r
- if ( PSKDemod("0 0 1", FALSE) && test(DEMOD_PSK1, &tests[hits].offset)) {\r
- tests[hits].modulation = DEMOD_PSK1;\r
- tests[hits].inverted = FALSE;\r
- tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
- ++hits;\r
}\r
\r
- if ( PSKDemod("0 1 1", FALSE) && test(DEMOD_PSK1, &tests[hits].offset)) {\r
- tests[hits].modulation = DEMOD_PSK1;\r
- tests[hits].inverted = TRUE;\r
- tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
- ++hits;\r
- }\r
-\r
- // PSK2 - needs a call to psk1TOpsk2.\r
- if ( PSKDemod("0 0 1", FALSE)) {\r
- psk1TOpsk2(DemodBuffer, DemodBufferLen);\r
- if (test(DEMOD_PSK2, &tests[hits].offset)){\r
- tests[hits].modulation = DEMOD_PSK2;\r
+ //undo trim from nrz\r
+ save_restoreGB(0);\r
+ clk = GetPskClock("", FALSE, FALSE);\r
+ if (clk>0) {\r
+ PrintAndLog("clk %d",clk);\r
+ sprintf(cmdStr,"%d", clk/2);\r
+ CmdLtrim(cmdStr); \r
+ if ( PSKDemod("0 0 1", FALSE) && test(DEMOD_PSK1, &tests[hits].offset, &bitRate)) {\r
+ tests[hits].modulation = DEMOD_PSK1;\r
+ tests[hits].bitrate = bitRate;\r
tests[hits].inverted = FALSE;\r
tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
++hits;\r
}\r
- } // inverse waves does not affect this demod\r
-\r
- // PSK3 - needs a call to psk1TOpsk2.\r
- if ( PSKDemod("0 0 1", FALSE)) {\r
- psk1TOpsk2(DemodBuffer, DemodBufferLen);\r
- if (test(DEMOD_PSK3, &tests[hits].offset)){\r
- tests[hits].modulation = DEMOD_PSK3;\r
- tests[hits].inverted = FALSE;\r
+ if ( PSKDemod("0 1 1", FALSE) && test(DEMOD_PSK1, &tests[hits].offset, &bitRate)) {\r
+ tests[hits].modulation = DEMOD_PSK1;\r
+ tests[hits].bitrate = bitRate;\r
+ tests[hits].inverted = TRUE;\r
tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
++hits;\r
}\r
- } // inverse waves does not affect this demod\r
- \r
- if ( ASKbiphaseDemod("0 0 0 1", FALSE) && test(DEMOD_BI, &tests[hits].offset) ) {\r
- tests[hits].modulation = DEMOD_BI;\r
- tests[hits].inverted = FALSE;\r
- tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
- ++hits;\r
- }\r
- if ( ASKbiphaseDemod("0 0 1 1", FALSE) && test(DEMOD_BIa, &tests[hits].offset) ) {\r
- tests[hits].modulation = DEMOD_BIa;\r
- tests[hits].inverted = TRUE;\r
- tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
- ++hits;\r
+ // PSK2 - needs a call to psk1TOpsk2.\r
+ if ( PSKDemod("0 0 1", FALSE)) {\r
+ psk1TOpsk2(DemodBuffer, DemodBufferLen);\r
+ if (test(DEMOD_PSK2, &tests[hits].offset, &bitRate)){\r
+ tests[hits].modulation = DEMOD_PSK2;\r
+ tests[hits].bitrate = bitRate;\r
+ tests[hits].inverted = FALSE;\r
+ tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
+ ++hits;\r
+ }\r
+ } // inverse waves does not affect this demod\r
+ // PSK3 - needs a call to psk1TOpsk2.\r
+ if ( PSKDemod("0 0 1", FALSE)) {\r
+ psk1TOpsk2(DemodBuffer, DemodBufferLen);\r
+ if (test(DEMOD_PSK3, &tests[hits].offset, &bitRate)){\r
+ tests[hits].modulation = DEMOD_PSK3;\r
+ tests[hits].bitrate = bitRate;\r
+ tests[hits].inverted = FALSE;\r
+ tests[hits].block0 = PackBits(tests[hits].offset, 32, DemodBuffer);\r
+ ++hits;\r
+ }\r
+ } // inverse waves does not affect this demod\r
}\r
} \r
if ( hits == 1) {\r
config.modulation = tests[0].modulation;\r
+ config.bitrate = tests[0].bitrate;\r
config.inverted = tests[0].inverted;\r
config.offset = tests[0].offset;\r
config.block0 = tests[0].block0;\r
uint8_t detRate = 0;\r
switch( mod ){\r
case DEMOD_FSK:\r
- detRate = GetFskClock("",FALSE, FALSE); \r
- if (expected[readRate] == detRate) {\r
- config.bitrate = readRate;\r
- return TRUE;\r
- }\r
- break;\r
case DEMOD_FSK1:\r
- detRate = GetFskClock("",FALSE, FALSE); \r
- if (expected[readRate] == detRate) {\r
- config.bitrate = readRate;\r
- return TRUE;\r
- }\r
- break;\r
case DEMOD_FSK1a:\r
- detRate = GetFskClock("",FALSE, FALSE); \r
- if (expected[readRate] == detRate) {\r
- config.bitrate = readRate;\r
- return TRUE;\r
- }\r
- break;\r
case DEMOD_FSK2:\r
- detRate = GetFskClock("",FALSE, FALSE); \r
- if (expected[readRate] == detRate) {\r
- config.bitrate = readRate;\r
- return TRUE;\r
- }\r
- break;\r
case DEMOD_FSK2a:\r
detRate = GetFskClock("",FALSE, FALSE); \r
- if (expected[readRate] == detRate) {\r
- config.bitrate = readRate;\r
+ if (expected[readRate] == detRate) \r
return TRUE;\r
- }\r
break;\r
case DEMOD_ASK:\r
+ case DEMOD_BI:\r
+ case DEMOD_BIa:\r
detRate = GetAskClock("",FALSE, FALSE); \r
- if (expected[readRate] == detRate) {\r
- config.bitrate = readRate;\r
+ if (expected[readRate] == detRate) \r
return TRUE;\r
- }\r
break;\r
case DEMOD_PSK1:\r
- detRate = GetPskClock("",FALSE, FALSE); \r
- if (expected[readRate] == detRate) {\r
- config.bitrate = readRate;\r
- return TRUE;\r
- }\r
- break;\r
case DEMOD_PSK2:\r
- detRate = GetPskClock("",FALSE, FALSE); \r
- if (expected[readRate] == detRate) {\r
- config.bitrate = readRate;\r
- return TRUE;\r
- }\r
- break;\r
case DEMOD_PSK3:\r
detRate = GetPskClock("",FALSE, FALSE); \r
- if (expected[readRate] == detRate) {\r
- config.bitrate = readRate;\r
+ if (expected[readRate] == detRate)\r
return TRUE;\r
- }\r
break;\r
case DEMOD_NRZ:\r
detRate = GetNrzClock("",FALSE, FALSE); \r
- if (expected[readRate] == detRate) {\r
- config.bitrate = readRate;\r
- return TRUE;\r
- }\r
- break;\r
- case DEMOD_BI:\r
- detRate = GetAskClock("",FALSE, FALSE); \r
- if (expected[readRate] == detRate) {\r
- config.bitrate = readRate;\r
+ if (expected[readRate] == detRate)\r
return TRUE;\r
- }\r
break;\r
default:\r
return FALSE;\r
return FALSE;\r
}\r
\r
-bool test(uint8_t mode, uint8_t *offset){\r
+bool test(uint8_t mode, uint8_t *offset, int *fndBitRate){\r
\r
- if ( !DemodBufferLen) return FALSE;\r
+ if ( DemodBufferLen < 64 ) return FALSE;\r
uint8_t si = 0;\r
for (uint8_t idx = 0; idx < 64; idx++){\r
si = idx;\r
if ( PackBits(si, 32, DemodBuffer) == 0x00 ) continue;\r
\r
- uint8_t safer = PackBits(si, 4, DemodBuffer); si += 4; //master key\r
+ uint8_t safer = PackBits(si, 4, DemodBuffer); si += 4; //master key\r
uint8_t resv = PackBits(si, 4, DemodBuffer); si += 4; //was 7 & +=7+3 //should be only 4 bits if extended mode\r
// 2nibble must be zeroed.\r
// moved test to here, since this gets most faults first.\r
if ( resv > 0x00) continue;\r
\r
- uint8_t xtRate = PackBits(si, 3, DemodBuffer); si += 3; //new\r
- uint8_t bitRate = PackBits(si, 3, DemodBuffer); si += 3; //new could check bit rate\r
+ uint8_t xtRate = PackBits(si, 3, DemodBuffer); si += 3; //extended mode part of rate\r
+ int bitRate = PackBits(si, 3, DemodBuffer); si += 3; //bit rate\r
+ if (bitRate > 7) continue;\r
uint8_t extend = PackBits(si, 1, DemodBuffer); si += 1; //bit 15 extended mode\r
- uint8_t modread = PackBits(si, 5, DemodBuffer); si += 5+2+1; //new\r
- //uint8_t pskcr = PackBits(si, 2, DemodBuffer); si += 2+1; //new could check psk cr\r
- uint8_t nml01 = PackBits(si, 1, DemodBuffer); si += 1+5; //bit 24 , 30, 31 could be tested for 0 if not extended mode\r
+ uint8_t modread = PackBits(si, 5, DemodBuffer); si += 5+2+1; \r
+ //uint8_t pskcr = PackBits(si, 2, DemodBuffer); si += 2+1; //could check psk cr\r
+ uint8_t nml01 = PackBits(si, 1, DemodBuffer); si += 1+5; //bit 24, 30, 31 could be tested for 0 if not extended mode\r
uint8_t nml02 = PackBits(si, 2, DemodBuffer); si += 2;\r
\r
//if extended mode\r
}\r
//test modulation\r
if (!testModulation(mode, modread)) continue;\r
-\r
- *offset = idx;\r
if (!testBitRate(bitRate, mode)) continue;\r
+ *fndBitRate = bitRate;\r
+ *offset = idx;\r
return TRUE;\r
}\r
return FALSE;\r
}\r
\r
-void printT55xxBlock(const char *demodStr){\r
+void printT55xxBlock(const char *blockNum){\r
\r
uint8_t i = config.offset;\r
uint8_t endpos = 32 + i;\r
bits[i - config.offset]=DemodBuffer[i];\r
\r
blockData = PackBits(0, 32, bits);\r
- PrintAndLog("0x%08X %s [%s]", blockData, sprint_bin(bits,32), demodStr);\r
+ PrintAndLog("[%s] 0x%08X %s", blockNum, blockData, sprint_bin(bits,32));\r
}\r
\r
int special(const char *Cmd) {\r
uint32_t bl0 = PackBits(si, 32, DemodBuffer);\r
uint32_t bl1 = PackBits(si+32, 32, DemodBuffer);\r
\r
- uint32_t acl = PackBits(si, 8, DemodBuffer); si += 8;\r
- uint32_t mfc = PackBits(si, 8, DemodBuffer); si += 8;\r
- uint32_t cid = PackBits(si, 5, DemodBuffer); si += 5;\r
- uint32_t icr = PackBits(si, 3, DemodBuffer); si += 3;\r
- uint32_t year = PackBits(si, 4, DemodBuffer); si += 4;\r
- uint32_t quarter = PackBits(si, 2, DemodBuffer); si += 2;\r
- uint32_t lotid = PackBits(si, 14, DemodBuffer); si += 14;\r
- uint32_t wafer = PackBits(si, 5, DemodBuffer); si += 5;\r
+ uint32_t acl = PackBits(si, 8, DemodBuffer); si += 8;\r
+ uint32_t mfc = PackBits(si, 8, DemodBuffer); si += 8;\r
+ uint32_t cid = PackBits(si, 5, DemodBuffer); si += 5;\r
+ uint32_t icr = PackBits(si, 3, DemodBuffer); si += 3;\r
+ uint32_t year = PackBits(si, 4, DemodBuffer); si += 4;\r
+ uint32_t quarter = PackBits(si, 2, DemodBuffer); si += 2;\r
+ uint32_t lotid = PackBits(si, 14, DemodBuffer); si += 14;\r
+ uint32_t wafer = PackBits(si, 5, DemodBuffer); si += 5;\r
uint32_t dw = PackBits(si, 15, DemodBuffer); \r
\r
+ time_t t = time(NULL);\r
+ struct tm tm = *localtime(&t);\r
+ if ( year > tm.tm_year-110)\r
+ year += 2000;\r
+ else\r
+ year += 2010;\r
+\r
+ if ( acl != 0xE0 ) {\r
+ PrintAndLog("The modulation is most likely wrong since the ACL is not 0xE0. ");\r
+ return 1;\r
+ }\r
+\r
PrintAndLog("");\r
PrintAndLog("-- T55xx Trace Information ----------------------------------");\r
PrintAndLog("-------------------------------------------------------------");\r
PrintAndLog(" CID : 0x%02X (%d) - %s", cid, cid, GetModelStrFromCID(cid));\r
PrintAndLog(" ICR IC Revision : %d",icr );\r
PrintAndLog(" Manufactured");\r
- PrintAndLog(" Year/Quarter : 20?%d/%d",year, quarter);\r
+ PrintAndLog(" Year/Quarter : %d/%d",year, quarter);\r
PrintAndLog(" Lot ID : %d", lotid );\r
PrintAndLog(" Wafer number : %d", wafer);\r
PrintAndLog(" Die Number : %d", dw);\r
PrintAndLog(" Block 1 : 0x%08X %s", bl1, sprint_bin(DemodBuffer+config.offset+repeat+32,32) );\r
PrintAndLog("-------------------------------------------------------------");\r
\r
- if ( acl != 0xE0 )\r
- PrintAndLog("The modulation is most likely wrong since the ACL is not 0xE0. ");\r
/*\r
TRACE - BLOCK O\r
Bits Definition HEX\r
\r
if (strlen(Cmd)==0)\r
AquireData( CONFIGURATION_BLOCK );\r
- \r
+\r
if (!DecodeT55xxBlock()) return 1;\r
\r
- if ( !DemodBufferLen) return 1;\r
+ if ( DemodBufferLen < 32) return 1;\r
\r
uint8_t si = config.offset;\r
uint32_t bl0 = PackBits(si, 32, DemodBuffer);\r
}\r
\r
char * GetBitRateStr(uint32_t id){\r
- static char buf[40];\r
+ static char buf[25];\r
+\r
char *retStr = buf;\r
switch (id){\r
case 0: \r
return buf;\r
}\r
\r
-\r
char * GetSaferStr(uint32_t id){\r
static char buf[40];\r
char *retStr = buf;\r
}\r
\r
char * GetModulationStr( uint32_t id){\r
- static char buf[40];\r
+ static char buf[60];\r
char *retStr = buf;\r
\r
switch (id){\r
snprintf(retStr,sizeof(buf),"%d - FSK 2a RF/10 RF/8",id);\r
break;\r
case 8:\r
- snprintf(retStr,sizeof(buf),"%d - Manschester",id);\r
+ snprintf(retStr,sizeof(buf),"%d - Manchester",id);\r
break;\r
case 16:\r
snprintf(retStr,sizeof(buf),"%d - Biphase",id);\r
static char buf[10];\r
char *retStr = buf;\r
\r
- if (cid == 1) sprintf(retStr,"ATA5577M1");\r
- if (cid == 2) sprintf(retStr,"ATA5577M2"); \r
+ if (cid == 1) snprintf(retStr, sizeof(buf),"ATA5577M1");\r
+ if (cid == 2) snprintf(retStr, sizeof(buf),"ATA5577M2"); \r
return buf;\r
}\r
\r
char * GetModulationStr( uint32_t id);\r
char * GetModelStrFromCID(uint32_t cid);\r
char * GetSelectedModulationStr( uint8_t id);\r
-uint32_t PackBits(uint8_t start, uint8_t len, uint8_t* bitstream);\r
+uint32_t PackBits(uint8_t start, uint8_t len, uint8_t *bitstream);\r
void printT55xxBlock(const char *demodStr);\r
void printConfiguration( t55xx_conf_block_t b);\r
\r
bool DecodeT55xxBlock();\r
bool tryDetectModulation();\r
-bool test(uint8_t mode, uint8_t *offset);\r
+bool test(uint8_t mode, uint8_t *offset, int *fndBitRate);\r
int special(const char *Cmd);\r
int AquireData( uint8_t block );\r
\r
{
while ((ep = readdir (dp)) != NULL)
{
- if(ep->d_name != NULL && str_ends_with(ep->d_name, ".lua"))
+ if(str_ends_with(ep->d_name, ".lua"))
PrintAndLog("%-16s %s", ep->d_name, "A script file");
}
(void) closedir (dp);
587ee5f9350f,
a0478cc39091,
533cb6c723f6,
-8fd0a4f256e9
+8fd0a4f256e9,
# more Keys from mf_default_keys.lua
000000000001,
000000000002,
47524f555041,--RKFJOJOGROUPKeyA
47524f555042,--RKFJOJOGROUPKeyB
4AF9D7ADEBE4,--DirectoryandeventlogKeyA
+4b0b20107ccb,--TNP3xxx
505249564141,--RKFJOJOPRIVAKeyA
505249564142,--RKFJOJOPRIVAKeyB
505249565441,
54726176656c,--VästtrafikenKeyA
555555555555,
55f5a5dd38c9,
+569369c5a0e5,--kiev
5c598c9c58b5,--RKFSLKeyB
+632193be1c3c,--kiev
+644672bd4afe,--kiev
666666666666,
722bfcc5375f,--RKFRejskortDanmarkKeyA
776974687573,--VästtrafikenKeyB
777777777777,
888888888888,
+8fe644038790,--kiev
999999999999,
99c636334433,
+9de89e070277,--kiev
a00000000000,
a053a292a4af,
a64598a77478,--RKFSLKeyA
abcdef123456,--Keyfromladyada.net
b00000000000,
b127c6f41436,
+b5ff67cba951,--kiev
bbbbbbbbbbbb,
bd493a3962b6,
c934fe34d934,
e4d2770a89be,--RKFSLKeyB
ee0042f88840,--VästtrafikenKeyB
eeeeeeeeeeee,
+eff603e1efe9,--kiev
+f14ee7cae863,--kiev
f1a97341a9fc,
f1d83f964314,--RKFRejskortDanmarkKeyB
fc00018778f7,--VästtrafikenKeyA
fc0001877bf7,--RKFÖstgötaTrafikenKeyA
+44ab09010845,-- hotel system
+85fed980ea5a,-- hotel system
+314B49474956,--VIGIK1KeyA
+564c505f4d41,--VIGIK1KeyB
+f4a9ef2afc6d,--BCARD KeyB
+a9f953def0a3,--
\ No newline at end of file
--- /dev/null
+//-----------------------------------------------------------------------------
+// This code is licensed to you under the terms of the GNU GPL, version 2 or,
+// at your option, any later version. See the LICENSE.txt file for the text of
+// the license.
+//-----------------------------------------------------------------------------
+// Compression tool for FPGA config files. Compress several *.bit files at
+// compile time. Decompression is done at run time (see fpgaloader.c).
+// This uses the zlib library tuned to this specific case. The small file sizes
+// allow to use "insane" parameters for optimum compression ratio.
+//-----------------------------------------------------------------------------
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdint.h>
+#include <stdbool.h>
+#include "zlib.h"
+
+#define MAX(a,b) ((a)>(b)?(a):(b))
+
+// zlib configuration
+#define COMPRESS_LEVEL 9 // use best possible compression
+#define COMPRESS_WINDOW_BITS 15 // default = max = 15 for a window of 2^15 = 32KBytes
+#define COMPRESS_MEM_LEVEL 9 // determines the amount of memory allocated during compression. Default = 8.
+/* COMPRESS_STRATEGY can be
+ Z_DEFAULT_STRATEGY (the default),
+ Z_FILTERED (more huffmann, less string matching),
+ Z_HUFFMAN_ONLY (huffman only, no string matching)
+ Z_RLE (distances limited to one)
+ Z_FIXED (prevents the use of dynamic Huffman codes)
+*/
+#define COMPRESS_STRATEGY Z_DEFAULT_STRATEGY
+// zlib tuning parameters:
+#define COMPRESS_GOOD_LENGTH 258
+#define COMPRESS_MAX_LAZY 258
+#define COMPRESS_MAX_NICE_LENGTH 258
+#define COMPRESS_MAX_CHAIN 8192
+
+#define FPGA_INTERLEAVE_SIZE 288 // (the FPGA's internal config frame size is 288 bits. Interleaving with 288 bytes should give best compression)
+#define FPGA_CONFIG_SIZE 42336 // our current fpga_[lh]f.bit files are 42175 bytes. Rounded up to next multiple of FPGA_INTERLEAVE_SIZE
+
+static void usage(void)
+{
+ fprintf(stderr, "Usage: fpga_compress <infile1> <infile2> ... <infile_n> <outfile>\n");
+ fprintf(stderr, " Combine n FPGA bitstream files and compress them into one.\n\n");
+ fprintf(stderr, " fpga_compress -d <infile> <outfile>");
+ fprintf(stderr, " Decompress <infile>. Write result to <outfile>");
+}
+
+
+static voidpf fpga_deflate_malloc(voidpf opaque, uInt items, uInt size)
+{
+ return malloc(items*size);
+}
+
+
+static void fpga_deflate_free(voidpf opaque, voidpf address)
+{
+ return free(address);
+}
+
+
+static bool all_feof(FILE *infile[], uint8_t num_infiles)
+{
+ for (uint16_t i = 0; i < num_infiles; i++) {
+ if (!feof(infile[i])) {
+ return false;
+ }
+ }
+
+ return true;
+}
+
+
+int zlib_compress(FILE *infile[], uint8_t num_infiles, FILE *outfile)
+{
+ uint8_t *fpga_config;
+ uint32_t i;
+ int ret;
+ uint8_t c;
+ z_stream compressed_fpga_stream;
+
+ fpga_config = malloc(num_infiles * FPGA_CONFIG_SIZE);
+
+ // read the input files. Interleave them into fpga_config[]
+ i = 0;
+ do {
+
+ if (i >= num_infiles * FPGA_CONFIG_SIZE) {
+ fprintf(stderr, "Input files too big (total > %lu bytes). These are probably not PM3 FPGA config files.\n", num_infiles*FPGA_CONFIG_SIZE);
+ for(uint16_t j = 0; j < num_infiles; j++) {
+ fclose(infile[j]);
+ }
+ return(EXIT_FAILURE);
+ }
+
+ for(uint16_t j = 0; j < num_infiles; j++) {
+ for(uint16_t k = 0; k < FPGA_INTERLEAVE_SIZE; k++) {
+ c = fgetc(infile[j]);
+ if (!feof(infile[j])) {
+ fpga_config[i++] = c;
+ } else if (num_infiles > 1) {
+ fpga_config[i++] = '\0';
+ }
+ }
+ }
+
+ } while (!all_feof(infile, num_infiles));
+
+ // initialize zlib structures
+ compressed_fpga_stream.next_in = fpga_config;
+ compressed_fpga_stream.avail_in = i;
+ compressed_fpga_stream.zalloc = fpga_deflate_malloc;
+ compressed_fpga_stream.zfree = fpga_deflate_free;
+
+ ret = deflateInit2(&compressed_fpga_stream,
+ COMPRESS_LEVEL,
+ Z_DEFLATED,
+ COMPRESS_WINDOW_BITS,
+ COMPRESS_MEM_LEVEL,
+ COMPRESS_STRATEGY);
+
+ // estimate the size of the compressed output
+ unsigned int outsize_max = deflateBound(&compressed_fpga_stream, compressed_fpga_stream.avail_in);
+ uint8_t *outbuf = malloc(outsize_max);
+ compressed_fpga_stream.next_out = outbuf;
+ compressed_fpga_stream.avail_out = outsize_max;
+
+ if (ret == Z_OK) {
+ ret = deflateTune(&compressed_fpga_stream,
+ COMPRESS_GOOD_LENGTH,
+ COMPRESS_MAX_LAZY,
+ COMPRESS_MAX_NICE_LENGTH,
+ COMPRESS_MAX_CHAIN);
+ }
+
+ if (ret == Z_OK) {
+ ret = deflate(&compressed_fpga_stream, Z_FINISH);
+ }
+
+ fprintf(stderr, "compressed %lu input bytes to %lu output bytes\n", i, compressed_fpga_stream.total_out);
+
+ if (ret != Z_STREAM_END) {
+ fprintf(stderr, "Error in deflate(): %d %s\n", ret, compressed_fpga_stream.msg);
+ free(outbuf);
+ deflateEnd(&compressed_fpga_stream);
+ for(uint16_t j = 0; j < num_infiles; j++) {
+ fclose(infile[j]);
+ }
+ fclose(outfile);
+ free(infile);
+ free(fpga_config);
+ return(EXIT_FAILURE);
+ }
+
+ for (i = 0; i < compressed_fpga_stream.total_out; i++) {
+ fputc(outbuf[i], outfile);
+ }
+
+ free(outbuf);
+ deflateEnd(&compressed_fpga_stream);
+ for(uint16_t j = 0; j < num_infiles; j++) {
+ fclose(infile[j]);
+ }
+ fclose(outfile);
+ free(infile);
+ free(fpga_config);
+
+ return(EXIT_SUCCESS);
+
+}
+
+
+int zlib_decompress(FILE *infile, FILE *outfile)
+{
+ #define DECOMPRESS_BUF_SIZE 1024
+ uint8_t outbuf[DECOMPRESS_BUF_SIZE];
+ uint8_t inbuf[DECOMPRESS_BUF_SIZE];
+ int ret;
+
+ z_stream compressed_fpga_stream;
+
+ // initialize zlib structures
+ compressed_fpga_stream.next_in = inbuf;
+ compressed_fpga_stream.avail_in = 0;
+ compressed_fpga_stream.next_out = outbuf;
+ compressed_fpga_stream.avail_out = DECOMPRESS_BUF_SIZE;
+ compressed_fpga_stream.zalloc = fpga_deflate_malloc;
+ compressed_fpga_stream.zfree = fpga_deflate_free;
+
+ ret = inflateInit2(&compressed_fpga_stream, 0);
+
+ do {
+ if (compressed_fpga_stream.avail_in == 0) {
+ compressed_fpga_stream.next_in = inbuf;
+ uint16_t i = 0;
+ do {
+ uint8_t c = fgetc(infile);
+ if (!feof(infile)) {
+ inbuf[i++] = c;
+ compressed_fpga_stream.avail_in++;
+ } else {
+ break;
+ }
+ } while (i < DECOMPRESS_BUF_SIZE);
+ }
+
+ ret = inflate(&compressed_fpga_stream, Z_SYNC_FLUSH);
+
+ if (ret != Z_OK && ret != Z_STREAM_END) {
+ break;
+ }
+
+ if (compressed_fpga_stream.avail_out == 0) {
+ for (uint16_t i = 0; i < DECOMPRESS_BUF_SIZE; i++) {
+ fputc(outbuf[i], outfile);
+ }
+ compressed_fpga_stream.avail_out = DECOMPRESS_BUF_SIZE;
+ compressed_fpga_stream.next_out = outbuf;
+ }
+ } while (ret == Z_OK);
+
+ if (ret == Z_STREAM_END) { // reached end of input
+ uint16_t i = 0;
+ while (compressed_fpga_stream.avail_out < DECOMPRESS_BUF_SIZE) {
+ fputc(outbuf[i++], outfile);
+ compressed_fpga_stream.avail_out++;
+ }
+ fclose(outfile);
+ fclose(infile);
+ return(EXIT_SUCCESS);
+ } else {
+ fprintf(stderr, "Error. Inflate() returned error %d, %s", ret, compressed_fpga_stream.msg);
+ fclose(outfile);
+ fclose(infile);
+ return(EXIT_FAILURE);
+ }
+
+}
+
+
+int main(int argc, char **argv)
+{
+ FILE **infiles;
+ FILE *outfile;
+
+ if (argc == 1 || argc == 2) {
+ usage();
+ return(EXIT_FAILURE);
+ }
+
+ if (!strcmp(argv[1], "-d")) { // Decompress
+ infiles = calloc(1, sizeof(FILE*));
+ if (argc != 4) {
+ usage();
+ return(EXIT_FAILURE);
+ }
+ infiles[0] = fopen(argv[2], "rb");
+ if (infiles[0] == NULL) {
+ fprintf(stderr, "Error. Cannot open input file %s", argv[2]);
+ return(EXIT_FAILURE);
+ }
+ outfile = fopen(argv[3], "wb");
+ if (outfile == NULL) {
+ fprintf(stderr, "Error. Cannot open output file %s", argv[3]);
+ return(EXIT_FAILURE);
+ }
+ return zlib_decompress(infiles[0], outfile);
+
+ } else { // Compress
+
+ infiles = calloc(argc-2, sizeof(FILE*));
+ for (uint16_t i = 0; i < argc-2; i++) {
+ infiles[i] = fopen(argv[i+1], "rb");
+ if (infiles[i] == NULL) {
+ fprintf(stderr, "Error. Cannot open input file %s", argv[i+1]);
+ return(EXIT_FAILURE);
+ }
+ }
+ outfile = fopen(argv[argc-1], "wb");
+ if (outfile == NULL) {
+ fprintf(stderr, "Error. Cannot open output file %s", argv[argc-1]);
+ return(EXIT_FAILURE);
+ }
+ return zlib_compress(infiles, argc-2, outfile);
+ }
+}
int GraphBuffer[MAX_GRAPH_TRACE_LEN];
int GraphTraceLen;
-
/* write a manchester bit to the graph */
void AppendGraph(int redraw, int clock, int bit)
{
return gtl;
}
+// option '1' to save GraphBuffer any other to restore
+void save_restoreGB(uint8_t saveOpt)
+{
+ static int SavedGB[MAX_GRAPH_TRACE_LEN];
+ static int SavedGBlen;
+ static bool GB_Saved = false;
+
+ if (saveOpt==1) { //save
+ memcpy(SavedGB, GraphBuffer, sizeof(GraphBuffer));
+ SavedGBlen = GraphTraceLen;
+ GB_Saved=true;
+ } else if (GB_Saved){ //restore
+ memcpy(GraphBuffer, SavedGB, sizeof(GraphBuffer));
+ GraphTraceLen = SavedGBlen;
+ RepaintGraphWindow();
+ }
+ return;
+}
// DETECT CLOCK NOW IN LFDEMOD.C
PrintAndLog("Failed to copy from graphbuffer");
return -1;
}
- DetectASKClock(grph, size, &clock, 20);
+ int start = DetectASKClock(grph, size, &clock, 20);
// Only print this message if we're not looping something
if (printAns){
- PrintAndLog("Auto-detected clock rate: %d", clock);
+ PrintAndLog("Auto-detected clock rate: %d, Best Starting Position: %d", clock, start);
}
return clock;
}
uint8_t GetFskClock(const char str[], bool printAns, bool verbose);
uint8_t fskClocks(uint8_t *fc1, uint8_t *fc2, uint8_t *rf1, bool verbose);
void setGraphBuf(uint8_t *buff, size_t size);
+void save_restoreGB(uint8_t saveOpt);
bool HasGraphData();
void DetectHighLowInGraph(int *high, int *low, bool addFuzz);
// For the 13.56 MHz tags
#define CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_15693 0x0300
-#define CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443 0x0301
#define CMD_READ_SRI512_TAG 0x0303
#define CMD_READ_SRIX4K_TAG 0x0304
#define CMD_READER_ISO_15693 0x0310
#define CMD_SIMULATE_HITAG 0x0371
#define CMD_READER_HITAG 0x0372
-#define CMD_SIMULATE_TAG_HF_LISTEN 0x0380
-#define CMD_SIMULATE_TAG_ISO_14443 0x0381
-#define CMD_SNOOP_ISO_14443 0x0382
+#define CMD_SIMULATE_TAG_ISO_14443B 0x0381
+#define CMD_SNOOP_ISO_14443B 0x0382
#define CMD_SNOOP_ISO_14443a 0x0383
#define CMD_SIMULATE_TAG_ISO_14443a 0x0384
#define CMD_READER_ISO_14443a 0x0385
--// For the 13.56 MHz tags
CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_15693 = 0x0300,
- CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443 = 0x0301,
CMD_READ_SRI512_TAG = 0x0303,
CMD_READ_SRIX4K_TAG = 0x0304,
CMD_READER_ISO_15693 = 0x0310,
CMD_SIMULATE_HITAG = 0x0371,
CMD_READER_HITAG = 0x0372,
- CMD_SIMULATE_TAG_HF_LISTEN = 0x0380,
- CMD_SIMULATE_TAG_ISO_14443 = 0x0381,
- CMD_SNOOP_ISO_14443 = 0x0382,
+ CMD_SIMULATE_TAG_ISO_14443B = 0x0381,
+ CMD_SNOOP_ISO_14443B = 0x0382,
CMD_SNOOP_ISO_14443a = 0x0383,
CMD_SIMULATE_TAG_ISO_14443a = 0x0384,
CMD_READER_ISO_14443a = 0x0385,
CMD_MIFARE_SNIFFER = 0x0630,
--//ultralightC
- CMD_MIFAREUC_AUTH1 = 0x0724,
- CMD_MIFAREUC_AUTH2 = 0x0725,
- CMD_MIFAREUC_READCARD = 0x0726,
+ CMD_MIFAREUC_AUTH = 0x0724,
+ CMD_MIFAREUC_SETPWD = 0x0727,
+ CMD_MIFAREU_SETUID = 0x0728,
--// mifare desfire
CMD_MIFARE_DESFIRE_READBL = 0x0728,
local _reverse_lookup,k,v = {}
-for k, v in pairs(_commands) do
- _reverse_lookup[v] = k
-end
-_commands.tostring = function(command)
+ for k, v in pairs(_commands) do
+ _reverse_lookup[v] = k
+ end
+ _commands.tostring = function(command)
if(type(command) == 'number') then
return ("%s (%d)"):format(_reverse_lookup[command]or "ERROR UNDEFINED!", command)
end
local data = self.data
local cmd = self.cmd
local arg1, arg2, arg3 = self.arg1, self.arg2, self.arg3
-
- return bin.pack("LLLLH",cmd, arg1, arg2, arg3,data);
+ return bin.pack("LLLLH",cmd, arg1, arg2, arg3, data);
end
return _commands
local _names = {
- --[[
+ --[[ decimal, hexadecimal, ccc, elements, group, name
--]]
- ["0000"]="WHIRLWIND",
- ["0100"]="SONIC BOOM",
- ["0200"]="WARNADO",
- ["0300"]="LIGHTNINGROD",
- ["0400"]="BASH",
- ["0500"]="TERRAFIN",
- ["0600"]="DINORANG" ,
- ["0700"]="LIGHTCORE PRISM BREAK",
- ["0800"]="SUNBURN",
- ["0900"]="LIGHTCORE ERUPTOR",
- ["0A00"]="IGNITOR",
- ["0B00"]="FLAMESLINGER",
- ["0C00"]="ZAP",
- ["0D00"]="WHAM SHELL",
- ["0E00"]="GILL GRUNT",
- ["0F00"]="SLAMBAM",
- ["1000"]="SPYRO",
- ["1100"]="VOODOOD",
- ["1200"]="DOUBLE TROUBLE",
- ["1300"]="TRIGGER HAPPY",
- ["1400"]="DROBOT",
- ["1500"]="DRILLSERGEANT",
- ["1600"]="BOOMER",
- ["1700"]="WRECKING BALL",
- ["1800"]="CAMO",
- ["1900"]="ZOOK",
- ["1A00"]="STEALTH ELF",
- ["1B00"]="STUMP SMASH",
- ["1D00"]="HEX",
- ["1C00"]="DARK SPYRO",
- ["1E00"]="CHOPCHOP",
- ["1F00"]="GHOST ROASTER",
- ["2000"]="CYNDER",
- --[[
- GIANTS
- --]]
- ["6400"]="GIANT JET-VAC",
- ["6500"]="GIANT SWARM",
- ["6600"]="GIANT CRUSHER",
- ["6700"]="GIANT FLASHWING",
- ["6800"]="GIANT HOTHEAD",
- ["6900"]="GIANT HOTDOG",
- ["6A00"]="GIANT CHILL",
- ["6B00"]="GIANT THUMPBACK",
- ["6C00"]="GIANT POPFIZZ",
- ["6D00"]="GIANT NINJINI",
- ["6E00"]="GIANT BOUNCER",
- ["6F00"]="GIANT SPROCKET",
- ["7000"]="GIANT TREE REX",
- ["7100"]="LIGHTCORE SHROOMBOOM",
- ["7200"]="GIANT EYEBROAWL",
- ["7300"]="GIANT FRIGHTRIDER",
-
- --[[
- ITEM
- --]]
- ["C800"]="ANVIL",
- ["C900"]="SECRET STASH",
- ["CA00"]="REGENERATION",
- ["CD00"]="SHIELD",
- ["CB00"]="CROSSED SWORDS",
- ["CC00"]="HOURGLASS",
- ["CE00"]="SPEED BOOTS",
- ["CF00"]="SPARX",
- ["D000"]="CANNON",
- ["D100"]="SCORPIONSTRIKER",
-
- --[[
- ITEM TRAPS
- --]]
- ["D200"]="MAGIC TRAP",
- ["D300"]="WATER TRAP",
- ["D400"]="AIR TRAP",
- ["D500"]="UNDEAD TRAP",
- ["D600"]="TECH TRAP",
- ["D700"]="FIRE TRAP",
- ["D800"]="EARTH TRAP",
- ["D900"]="LIFE TRAP",
- ["DA00"]="DARK TRAP",
- ["DB00"]="LIGHT TRAP",
- ["DC00"]="KAOS TRAP",
-
- --[[
- ITEM
- --]]
- ["E600"]="HAND OF FATE",
- ["E700"]="PIGGYBANK",
- ["E800"]="ROCKET RAM",
- ["E900"]="TIKI SPEAKY",
-
-
- --[[
- EXPANSION
- --]]
- ["012C"]="DRAGONS PEAK",
- ["012D"]="EMPIRE OF ICE",
- ["012E"]="PIRATE SEAS",
- ["012F"]="DARKLIGHT CRYPT",
- ["0130"]="VOLCANIC VAULT",
- ["0131"]="MIRROR OF MYSTERY",
- ["0132"]="NIGHTMARE EXPRESS",
- ["0133"]="SUNSCRAPER SPIRE",
- ["0134"]="MIDNIGHT MUSEUM",
+{"0", "0000", "0030", "air", "regular", "Whirlwind"},
+--{"0", "0000", "0030", "air", "regular", "Elite Whirlwind"},
+--{"0", "0000", "0030", "air", "regular", "Polar Whirlwind"},
+{"1", "0100", "0030", "air", "regular", "Sonic Boom"},
+{"2", "0200", "0030", "air", "regular", "Warnado"},
+{"3", "0300", "0030", "air", "regular", "Lightning Rod"},
+{"4", "0400", "0030", "earth", "regular", "Bash"},
+--{"4", "0400", "0030", "earth", "regular", "Birthday Bash"},
+{"5", "0500", "0030", "earth", "regular", "Terrafin"},
+--{"5", "0500", "0030", "earth", "regular", "Elite Terrafin"},
+{"6", "0600", "0030", "earth", "regular", "Dino Rang"},
+{"7", "0700", "0030", "earth", "regular", "Prism Break"}, --lightcore
+{"8", "0800", "0030", "fire", "regular", "Sunburn"},
+{"9", "0900", "0030", "fire", "regular", "Eruptor"}, --lightcore
+--{"9", "0900", "0030", "fire", "regular", "Elite Eruptor"},
+--{"9", "0900", "0030", "fire", "regular", "Volcanic Eruptor"},
+{"10", "0a00", "0030", "fire", "regular", "Ignitor"},
+{"11", "0b00", "0030", "fire", "regular", "Flameslinger"},
+--{"11", "0b00", "0030", "fire", "regular", "Cupid Flameslinger"},
+{"12", "0c00", "0030", "water", "regular", "Zap"},
+{"13", "0d00", "0030", "water", "regular", "Wham Shell"},
+{"14", "0e00", "0030", "water", "regular", "Gill Grunt"},
+--{"14", "0e00", "0030", "water", "regular", "Elite Gill Grunt"},
+--{"14", "0e00", "0030", "water", "regular", "Tidal Wave Gill Grunt"},
+{"15", "0f00", "0030", "water", "regular", "Slam Bam"},
+--{"15", "0f00", "0030", "water", "regular", "Surfer Slam Bam"},
+{"16", "1000", "0030", "magic", "regular", "Spyro"},
+{"17", "1100", "0030", "magic", "regular", "Voodood"},
+{"18", "1200", "0030", "magic", "regular", "Double Trouble"},
+--{"18", "1200", "0030", "magic", "regular", "Royal Double Trouble"},
+{"19", "1300", "0030", "tech", "regular", "Trigger Happy"},
+--{"19", "1300", "0030", "tech", "regular", "Elite Trigger Happy"},
+--{"19", "1300", "0030", "tech", "regular", "Springtime Trigger Happy"},
+{"20", "1400", "0030", "tech", "regular", "Drobot"},
+{"21", "1500", "0030", "tech", "regular", "Drill Sergeant"},
+{"22", "1600", "0030", "tech", "regular", "Boomer"},
+--{"22", "1600", "0030", "tech", "regular", "Lucky Boomer"},
+{"23", "1700", "0030", "magic", "regular", "Wrecking Ball"},
+--{"23", "1700", "0030", "magic", "regular", "Buddy Wrecking Ball"},
+{"24", "1800", "0030", "life", "regular", "Camo"},
+{"25", "1900", "0030", "life", "regular", "Zook"},
+{"26", "1a00", "0030", "life", "regular", "Stealth Elf"},
+--{"26", "1a00", "0030", "life", "regular", "Elite Stealth Elf"},
+--{"26", "1a00", "0528", "life", "regular", "Dark Stealth Elf"},
+{"26", "1a00", "0528", "life", "swapforce", "Ninja Stealth Elf"},
+{"27", "1b00", "0030", "life", "regular", "Stump Smash"},
+{"27", "1b00", "0118", "life", "regular", "Stump Smash"},
+--{"27", "1b00", "0030", "life", "regular", "Autumn Stump Smash"},
+{"28", "1c00", "0030", "magic", "regular", "Dark Spyro"},
+--{"28", "1c00", "0030", "magic", "regular", "Elite Spyro"},
+{"29", "1d00", "0030", "undead", "regular", "Hex"},
+--{"29", "1d00", "0030", "undead", "regular", "Hallows' Eve Hex"},
+{"30", "1e00", "0030", "undead", "regular", "Chop Chop"},
+--{"30", "1e00", "0030", "undead", "regular", "Elite Chop Chop"},
+--{"30", "1e00", "0030", "undead", "regular", "Grill Master Chop Chop"},
+{"31", "1f00", "0030", "undead", "regular", "Ghost Roaster"},
+{"32", "2000", "0030", "undead", "regular", "Cynder"},
+--{"32", "2000", "0030", "undead", "regular", "Skeletal Cynder"},
+
+{"100", "6400", "0030", "air", "giant", "Jet Vac"},
+--{"100", "6400", "0030", "air", "giant", "Full blast Jet Vac"},
+{"101", "6500", "0030", "air", "giant", "Swarm"},
+{"102", "6600", "0030", "earth", "giant", "Crusher"},
+{"103", "6700", "0030", "earth", "giant", "Flashwing"},
+--{"103", "6700", "0030", "earth", "giant", "Jade Flashwing"},
+{"104", "6800", "0030", "fire", "giant", "Hot Head"},
+{"105", "6900", "0030", "fire", "giant", "Hot Dog"},
+--{"105", "6900", "0030", "fire", "giant", "Molten Hot Dog"},
+{"106", "6a00", "0030", "water", "giant", "Chill"},
+{"107", "6b00", "0030", "water", "giant", "Thumpback"},
+--{"107", "6b00", "0030", "water", "giant", "Admiral Thumpback"},
+{"108", "6c00", "0030", "magic", "giant", "Pop Fizz"},
+--{"108", "6c00", "0030", "magic", "giant", "Hoppity Pop Fizz"},
+{"108", "6c00", "023c", "magic", "giant", "Love Potion Pop Fizz"},
+--{"108", "6c00", "0030", "magic", "giant", "Punch Pop Fizz"},
+--{"108", "6c00", "0030", "magic", "giant", "Fizzy Frenzy Pop Fizz"},
+{"109", "6d00", "0030", "magic", "giant", "Nin Jini"},
+{"110", "6e00", "0030", "tech", "giant", "Bouncer"},
+{"111", "6f00", "0030", "tech", "giant", "Sprocket"},
+{"112", "7000", "0030", "life", "giant", "Tree Rex"},
+--{"112", "7000", "0030", "life", "giant", "Gnarly Tree Rex"},
+{"113", "7100", "0030", "life", "giant", "Shroomboom"},
+--{"113", "7100", "0030", "life", "giant", "Sure shot Shroomboom"},
+{"114", "7200", "0030", "undead", "giant", "Eye Broawl"},
+{"115", "7300", "0030", "undead", "giant", "Fright Rider"},
+
+{"200", "c800", "0030", "", "item", "Anvil Rain"},
+{"201", "c900", "0030", "", "item", "Platinum Treasure Chest"},
+{"202", "ca00", "0030", "", "item", "Healing Elixer"},
+{"203", "cb00", "0030", "", "item", "Ghost Pirate Swords"},
+{"204", "cc00", "0030", "", "item", "Time Twist Hourglass"},
+{"205", "cd00", "0030", "", "item", "Sky Iron Shield"},
+{"206", "ce00", "0030", "", "item", "Winged Boots"},
+{"207", "cf00", "0030", "", "item", "Sparx"},
+{"208", "d000", "0030", "", "item", "Cannon"},
+{"209", "d100", "0030", "", "item", "Scorpion Striker"},
+
+{"210", "d200", "0230", "magic", "trap", "Biter's Bane"},
+{"210", "d200", "0830", "magic", "trap", "Sorcerous Skull"},
+-- legendary Sorcerous Skull?
+{"210", "d200", "0b30", "magic", "trap", "Axe Of Illusion"},
+{"210", "d200", "0e30", "magic", "trap", "Arcane Hourglass"},
+{"210", "d200", "1230", "magic", "trap", "Spell Slapper"},
+{"210", "d200", "1430", "magic", "trap", "Rune Rocket"},
+
+{"211", "d300", "0130", "water", "trap", "Tidal Tiki"},
+{"211", "d300", "0230", "water", "trap", "Wet Walter"},
+{"211", "d300", "0630", "water", "trap", "Flood Flask"},
+-- legendary flood flask?
+{"211", "d300", "0730", "water", "trap", "Soaking Staff"},
+{"211", "d300", "0b30", "water", "trap", "Aqua Axe"},
+{"211", "d300", "1630", "water", "trap", "Frost Helm"},
+
+{"212", "d400", "0330", "air", "trap", "Breezy Bird"},
+{"212", "d400", "0630", "air", "trap", "Drafty Decanter"},
+{"212", "d400", "0d30", "air", "trap", "Tempest Timer"},
+{"212", "d400", "1030", "air", "trap", "Cloudy Cobra"},
+{"212", "d400", "1130", "air", "trap", "Storm Warning"},
+{"212", "d400", "1830", "air", "trap", "Cycone Saber"},
+
+{"213", "d500", "0430", "undead", "trap", "Spirit Sphere"},
+{"213", "d500", "0830", "undead", "trap", "Spectral Skull"},
+{"213", "d500", "0b30", "undead", "trap", "Haunted Hatchet"},
+{"213", "d500", "0c30", "undead", "trap", "Grim Gripper"},
+{"213", "d500", "1030", "undead", "trap", "Spooky Snake"},
+{"213", "d500", "1730", "undead", "trap", "Dream Piercer"},
+
+{"214", "d600", "0030", "tech", "trap", "tech Totem"},
+{"214", "d600", "0730", "tech", "trap", "Automatic Angel"},
+{"214", "d600", "0930", "tech", "trap", "Factory Flower"},
+{"214", "d600", "0c30", "tech", "trap", "Grabbing Gadget"},
+{"214", "d600", "1630", "tech", "trap", "Makers Mana"},
+{"214", "d600", "1a30", "tech", "trap", "Topsy techy"},
+
+{"215", "d700", "0530", "fire", "trap", "Eternal Flame"},
+{"215", "d700", "0930", "fire", "trap", "fire Flower"},
+{"215", "d700", "1130", "fire", "trap", "Scorching Stopper"},
+{"215", "d700", "1230", "fire", "trap", "Searing Spinner"},
+{"215", "d700", "1730", "fire", "trap", "Spark Spear"},
+{"215", "d700", "1b30", "fire", "trap", "Blazing Belch"},
+
+{"216", "d800", "0030", "earth", "trap", "Banded Boulder"},
+{"216", "d800", "0330", "earth", "trap", "Rock Hawk"},
+{"216", "d800", "0a30", "earth", "trap", "Slag Hammer"},
+{"216", "d800", "0e30", "earth", "trap", "Dust Of Time"},
+{"216", "d800", "1330", "earth", "trap", "Spinning Sandstorm"},
+{"216", "d800", "1a30", "earth", "trap", "Rubble Trouble"},
+
+{"217", "d900", "0330", "life", "trap", "Oak Eagle"},
+{"217", "d900", "0530", "life", "trap", "Emerald Energy"},
+{"217", "d900", "0a30", "life", "trap", "Weed Whacker"},
+{"217", "d900", "1030", "life", "trap", "Seed Serpent"},
+{"217", "d900", "1830", "life", "trap", "Jade Blade"},
+{"217", "d900", "1b30", "life", "trap", "Shrub Shrieker"},
+
+{"218", "da00", "0030", "dark", "trap", "dark Dagger"},
+{"218", "da00", "1430", "dark", "trap", "Shadow Spider"},
+{"218", "da00", "1a30", "dark", "trap", "Ghastly Grimace"},
+
+{"219", "db00", "0030", "light", "trap", "Shining Ship"},
+{"219", "db00", "0f30", "light", "trap", "Heavenly Hawk"},
+{"219", "db00", "1b30", "light", "trap", "Beam Scream"},
+
+{"220", "dc00", "3030", "kaos", "trap", "Kaos trap!"},
+--{"220", "dc00", "3130", "kaos", "trap", "Ultimate Kaos trap!"}, ?
+
+
+{"230", "e600", "0030", "none", "item", "Hand Of Fate"},
+{"231", "e700", "0030", "none", "item", "Piggy Bank"},
+{"232", "e800", "0030", "none", "item", "Rocket Ram"},
+{"233", "e900", "0030", "none", "item", "Tiki Speaky"},
+
+{"300", "2c01", "0030", "none", "location", "Dragons Peak"},
+{"301", "2d01", "0030", "none", "location", "Empire Of Ice"},
+{"302", "2e01", "0030", "none", "location", "Pirate Seas"},
+{"303", "2f01", "0030", "none", "location", "darklight Crypt"},
+{"304", "3001", "0030", "none", "location", "Volcanic Vault"},
+{"305", "3101", "0030", "none", "location", "Mirror Of Mystery"},
+{"306", "3201", "0030", "none", "location", "Nightmare Express"},
+{"307", "3301", "0030", "light", "location", "Sunscraper Spire"},
+{"308", "3401", "0030", "dark", "location", "Midnight Museum"},
+
+{"404", "9401", "0030", "earth", "legendary","Bash"},
+{"416", "a001", "0030", "magic", "legendary", "Spyro"},
+ --{"", "", "0030", "magic", "legendary", "Deja Vu"},
+{"419", "a301", "0030", "tech", "legendary", "Trigger Happy"},
+ --{"", "", "0030", "tech", "legendary", "bouncer"},
+ --{"", "", "0030", "tech", "legendary", "jawbreaker"},
+{"430", "ae01", "0030", "undead", "legendary", "Chop Chop"},
+ --{"", "", "0030", "undead", "legendary", "grim creeper"},
+ --{"", "", "0030", "undead", "legendary", "night shift"},
- --[[
- LEGENDARY
- --]]
- ["0194"]="LEGENDARY BASH",
- ["01A0"]="LEGENDARY SPYRO",
- ["01A3"]="LEGENDARY TRIGGER HAPPY",
- ["01AE"]="LEGENDARY CHOPCHOP",
+ --{"", "", "0030", "air", "legendary", "blades"},
+ --{"", "", "0030", "air", "legendary", "jet vac"},
+ --{"", "", "0030", "air", "legendary", "Free Ranger"},
+ --{"", "", "0030", "life", "legendary", "stealth elf"},
+ --{"", "", "0030", "life", "legendary", "Bushwhack"},
+ --{"", "", "0030", "fire", "legendary", "ignitor"},
+ --{"", "", "0030", "water", "legendary", "slam bam"},
+ --{"", "", "0030", "water", "legendary", "chill"},
+
+ --{"", "", "0030", "", "legendary", "zoo lou"},
- --[[
- TRAPTEAM
- --]]
- ["01C2"]="TRAPTEAM GUSTO",
- ["01C3"]="TRAPTEAM THUNDERBOLT",
- ["01C4"]="TRAPTEAM FLING KONG",
- ["01C5"]="TRAPTEAM BLADES",
- ["01C6"]="TRAPTEAM WALLOP",
- ["01C7"]="TRAPTEAM HEAD RUSH",
- ["01C8"]="TRAPTEAM FIST BUMP",
- ["01C9"]="TRAPTEAM ROCKY ROLL",
- ["01CA"]="TRAPTEAM WILDFIRE",
- ["01CB"]="TRAPTEAM KA BOOM",
- ["01CC"]="TRAPTEAM TRAIL BLAZER",
- ["01CD"]="TRAPTEAM TORCH",
- ["01CE"]="TRAPTEAM SNAP SHOT",
- ["01CF"]="TRAPTEAM LOB STAR",
- ["01D0"]="TRAPTEAM FLIP WRECK",
- ["01D1"]="TRAPTEAM ECHO",
- ["01D2"]="TRAPTEAM BLASTERMIND",
- ["01D3"]="TRAPTEAM ENIGMA",
- ["01D4"]="TRAPTEAM DEJA VU",
- ["01D5"]="TRAPTEAM COBRA CADABRA",
- ["01D6"]="TRAPTEAM JAWBREAKER",
- ["01D7"]="TRAPTEAM GEARSHIFT",
- ["01D8"]="TRAPTEAM CHOPPER",
- ["01D9"]="TRAPTEAM TREAD HEAD",
- ["01DA"]="TRAPTEAM BUSHWHACK",
- ["01DB"]="TRAPTEAM TUFF LUCK",
- ["01DC"]="TRAPTEAM FOOD FIGHT",
- ["01DD"]="TRAPTEAM HIGH FIVE",
- ["01DE"]="TRAPTEAM NITRO KRYPT KING",
- ["01DF"]="TRAPTEAM SHORT CUT",
- ["01E0"]="TRAPTEAM BAT SPIN",
- ["01E1"]="TRAPTEAM FUNNY BONE",
- ["01E2"]="TRAPTEAM KNIGHT LIGHT",
- ["01E3"]="TRAPTEAM SPOTLIGHT",
- ["01E4"]="TRAPTEAM KNIGHT MARE",
- ["01E5"]="TRAPTEAM BLACKOUT",
-
- --[[
- PET
- --]]
- ["01F6"]="PET BOP",
- ["01F7"]="PET SPRY",
- ["01F8"]="PET HIJINX",
- ["01F9"]="PET TERRAFIN",
- ["01FA"]="PET BREEZE",
- ["01FB"]="PET WEERUPTOR",
- ["01FC"]="PET PET VAC",
- ["01FD"]="PET SMALL FRY",
- ["01FE"]="PET DROBIT",
- ["0202"]="PET GILL GRUNT",
- ["0207"]="PET TRIGGER SNAPPY",
- ["020E"]="PET WHISPER ELF",
- ["021C"]="PET BARKLEY",
- ["021D"]="PET THUMPLING",
- ["021E"]="PET MINI JINI",
- ["021F"]="PET EYE SMALL",
-
- --[[
- SWAP FORCE
- --]]
- ["0BB8"]="SWAPFORCE SCRATCH",
- ["0BB9"]="SWAPFORCE POPTHORN",
- ["0BBA"]="SWAPFORCE SLOBBER TOOTH",
- ["0BBB"]="SWAPFORCE SCORP",
- ["0BBC"]="SWAPFORCE HOG WILD FRYNO",
- ["0BBD"]="SWAPFORCE SMOLDER DASH",
- ["0BBE"]="SWAPFORCE BUMBLE BLAST",
- ["0BBF"]="SWAPFORCE ZOO LOU",
- ["0BC0"]="SWAPFORCE DUNE BUG",
- ["0BC1"]="SWAPFORCE STAR STRIKE",
- ["0BC2"]="SWAPFORCE COUNTDOWN",
- ["0BC3"]="SWAPFORCE WIND UP",
- ["0BC4"]="SWAPFORCE ROLLER BRAWL",
- ["0BC5"]="SWAPFORCE GRIM CREEPER",
- ["0BC6"]="SWAPFORCE RIP TIDE",
- ["0BC7"]="SWAPFORCE PUNK SHOCK",
+{"450", "c201", "0030", "air", "trapmaster", "Gusto"},
+--{"450", "c201", "0234", "air", "trapmaster", "Special Gusto"},
+{"451", "c301", "0030", "air", "trapmaster", "Thunderbolt"},
+--{"451", "c301", "0234", "air", "trapmaster", "Special Thunderbolt"},
+{"452", "c401", "0030", "air", "regular", "Fling Kong"},
+{"453", "c501", "0030", "air", "regular", "Blades"},
+{"454", "c601", "0030", "earth", "trapmaster", "Wallop"},
+--{"454", "c601", "0234", "earth", "trapmaster", "Special Wallop"},
+{"455", "c701", "0030", "earth", "trapmaster", "Head Rush"},
+{"455", "c701", "0234", "earth", "trapmaster", "Nitro Head Rush"},
+{"456", "c801", "0030", "earth", "regular", "Fist Bump"},
+{"457", "c901", "0030", "earth", "regular", "Rocky Roll"},
+--{"457", "c901", "0030", "earth", "regular", "Rocky Egg Roll"},
+{"458", "ca01", "0030", "fire", "trapmaster", "Wildfire"},
+{"458", "ca01", "0234", "fire", "trapmaster", "Dark Wildfire"},
+{"459", "cb01", "0030", "fire", "trapmaster", "Ka Boom"},
+--{"459", "cb01", "0234", "fire", "trapmaster", "Special Ka Boom"},
+{"460", "cc01", "0030", "fire", "regular", "Trail Blazer"},
+{"461", "cd01", "0030", "fire", "regular", "Torch"},
+{"462", "ce01", "0030", "water", "trapmaster", "Snap Shot"},
+{"462", "ce01", "0234", "water", "trapmaster", "Dark Snap Shot"},
+{"462", "6c00", "023c", "water", "trapmaster", "Instant Snap Shot"},
+--, "water", "trapmaster", "Merry Snap Shot"},
+{"463", "cf01", "0030", "water", "trapmaster", "Lob Star"},
+{"463", "cf01", "0234", "water", "trapmaster", "Winterfest Lob Star"},
+{"464", "d001", "0030", "water", "regular", "Flip Wreck"},
+{"465", "d101", "0030", "water", "regular", "Echo"},
+{"466", "d201", "0030", "magic", "trapmaster", "Blastermind"},
+--{"466", "d201", "0234", "magic", "trapmaster", "Special Blastermind"},
+{"467", "d301", "0030", "magic", "trapmaster", "Enigma"},
+--{"467", "d301", "0234", "magic", "trapmaster", "Special Enigma"},
+{"468", "d401", "0030", "magic", "regular", "Deja Vu"},
+{"469", "d501", "0030", "magic", "regular", "Cobra Cadabra"},
+--{"469", "d501", "0030", "magic", "regular", "Charming Cobra Cadabra"},
+--{"469", "d501", "0030", "magic", "regular", "King Cobra Cadabra"},
+{"470", "d601", "0030", "tech", "trapmaster", "Jawbreaker"},
+--{"470", "d601", "0234", "tech", "trapmaster", "Special Jawbreaker"},
+--{"470", "d601", "0234", "tech", "trapmaster", "Knockout Jawbreaker"},
+{"471", "d701", "0030", "tech", "trapmaster", "Gearshift"},
+--{"471", "d701", "0234", "tech", "trapmaster", "Special Gearshift"},
+{"472", "d801", "0030", "tech", "regular", "Chopper"},
+{"473", "d901", "0030", "tech", "regular", "Tread Head"},
+{"474", "da01", "0030", "life", "trapmaster", "Bushwhack"},
+--{"474", "da01", "0234", "life", "trapmaster", "Special Bushwhack"},
+{"475", "db01", "0030", "life", "trapmaster", "Tuff Luck"},
+--{"475", "db01", "0234", "life", "trapmaster", "Special Tuff Luck"},
+{"476", "dc01", "0030", "life", "regular", "Food Fight"},
+{"476", "dc01", "0612", "life", "regular", "LightCore Food Fight"},
+--{"476", "dc01", "0030", "life", "regular", "Dark Food Fight"},
+--{"476", "dc01", "0030", "life", "regular", "Frosted Food Fight"},
+--{"476", "dc01", "0030", "life", "regular", "Instant Food Fight"},
+{"477", "dd01", "0030", "life", "regular", "High Five"},
+{"478", "de01", "0030", "undead", "trapmaster", "Krypt King"},
+{"478", "de01", "0234", "undead", "trapmaster", "Nitro Krypt King"},
+{"479", "df01", "0030", "undead", "trapmaster", "Short Cut"},
+--{"479", "df01", "0234", "undead", "trapmaster", "Special Short Cut"},
+{"480", "e001", "0030", "undead", "regular", "Bat Spin"},
+{"481", "e101", "0030", "undead", "regular", "Funny Bone"},
+{"481", "e101", "0612", "undead", "regular", "LightCore Funny Bone"},
+--{"481", "e101", "0030", "undead", "regular", "Fortune Funny Bone"},
+{"482", "e201", "0030", "light", "trapmaster", "Knight light"},
+--{"482", "e201", "0234", "light", "trapmaster", "Special Knight light"},
+{"483", "e301", "0030", "light", "regular", "Spotlight"},
+--{"483", "e301", "0234", "light", "regular", "Special Spotlight"},
+{"484", "e401", "0030", "dark", "trapmaster", "Knight Mare"},
+--{"484", "e401", "0234", "dark", "trapmaster", "Special Knight Mare"},
+{"485", "e501", "0030", "dark", "regular", "Blackout"},
+--{"485", "e501", "0234", "dark", "regular", "Special Blackout"},
+
+-- MINI's
+{"502", "f601", "0030", "earth", "mini", "Bop"},
+{"505", "f901", "0030", "earth", "mini", "Terrabite"},
+
+{"506", "fa01", "0030", "air", "mini", "Breeze"},
+{"508", "fc01", "0030", "air", "mini", "Pet Vac"},
+--{"508", "fc01", "0030", "air", "mini", "Power Punch Pet Vac"},
+
+{"507", "fb01", "0030", "fire", "mini", "Weeruptor"},
+--{"507", "fb01", "0030", "fire", "mini", "Eggsellent Weeruptor"},
+{"509", "fd01", "0030", "fire", "mini", "Small Fry"},
+
+{"510", "fe01", "0030", "tech", "mini", "Drobit"},
+{"519", "0702", "0030", "tech", "mini", "Trigger Snappy"},
+
+{"526", "0e02", "0030", "life", "mini", "Whisper Elf"},
+{"540", "1c02", "0030", "life", "mini", "Barkley"},
+--{"540", "1c02", "0030", "life", "mini", "Gnarly Barkley"},
+
+{"541", "1d02", "0030", "water", "mini", "Thumpling"},
+{"514", "0202", "0030", "water", "mini", "Gill Runt"},
+
+{"542", "1e02", "0030", "magic", "mini", "mini Jini"},
+{"503", "f701", "0030", "magic", "mini", "Spry"},
+
+{"504", "f801", "0030", "undead", "mini", "Hijinx"},
+{"543", "1f02", "0030", "undead", "mini", "Eye Small"},
+
+{"3000", "b80b", "0030", "air", "mini", "Scratch", "SWAPFORCE"},
+{"3001", "b90b", "0030", "air", "SWAPFORCE", "Pop Thorn"},
+--{"3001", "b90b", "0030", "air", "SWAPFORCE", "Buttered Pop Thorn"},
+{"3002", "ba0b", "0030", "earth", "SWAPFORCE", "Slobber Tooth"},
+--{"3002", "ba0b", "0030", "earth", "SWAPFORCE", "Dark Slobber Tooth"},
+--{"3002", "ba0b", "0030", "earth", "SWAPFORCE", "Sundae Slobber Tooth"},
+{"3003", "bb0b", "0030", "earth", "SWAPFORCE", "Scorp"},
+{"3004", "bc0b", "0030", "fire", "SWAPFORCE", "Fryno"},
+{"3004", "bc0b", "0138", "fire", "SWAPFORCE", "Hog Wild Fryno"},
+--{"3004", "bc0b", "0138", "fire", "SWAPFORCE", "Flip flop Fryno"},
+{"3005", "bd0b", "0030", "fire", "SWAPFORCE", "Smolderdash"},
+{"3006", "be0b", "0030", "life", "SWAPFORCE", "Bumble Blast"},
+--{"3006", "be0b", "0030", "life", "SWAPFORCE", "Jolly Bumble Blast"},
+{"3007", "bf0b", "0030", "life", "SWAPFORCE", "Zoo Lou"},
+{"3008", "c00b", "0030", "magic", "SWAPFORCE", "Dune Bug"},
+{"3009", "c10b", "0030", "magic", "SWAPFORCE", "Star Strike"},
+--{"3009", "c10b", "0030", "magic", "SWAPFORCE", "Enchanted Star Strike"},
+--{"3009", "c10b", "0030", "magic", "SWAPFORCE", "Mystic Star Strike"},
+{"3010", "c20b", "0030", "tech", "SWAPFORCE", "Countdown"},
+--{"3010", "c20b", "0030", "tech", "SWAPFORCE", "Kickoff Countdown"},
+--{"3010", "c20b", "0030", "tech", "SWAPFORCE", "New Year's Countdown"},
+{"3011", "c30b", "0030", "tech", "SWAPFORCE", "Wind Up"},
+{"3012", "c40b", "0030", "undead", "SWAPFORCE", "Roller Brawl"},
+--{"3012", "c40b", "0030", "undead", "SWAPFORCE", "Snowler Roller Brawl"},
+{"3013", "c50b", "0030", "undead", "SWAPFORCE", "Grim Creeper"},
+{"3014", "c60b", "0030", "water", "SWAPFORCE", "Rip Tide"},
+{"3015", "c70b", "0030", "water", "SWAPFORCE", "Punk Shock"},
+
+--{"", "", "0030", "water", "SWAPFORCE", "Hoot Loop"},
+--{"", "", "0030", "water", "SWAPFORCE", "Trap Shadow"},
+--{"", "", "0030", "water", "SWAPFORCE", "Wash Buckler"},
+--{"", "", "0030", "water", "SWAPFORCE", "Freeze Blade"},
+--{"", "", "0030", "fire", "SWAPFORCE", "Magna Charge"},
+--{"", "", "0030", "fire", "SWAPFORCE", "Spy Rise"},
+
+--{"", "", "0030", "fire", "SWAPFORCE", "Doom Stone"},
+--{"", "", "0030", "fire", "SWAPFORCE", "Rubble Rouser"},
+
+--{"", "", "0030", "fire", "SWAPFORCE", "Blast Zone"}
+--{"", "", "0030", "fire", "SWAPFORCE", "Fire Kraken"},
+
+--{"", "", "0030", "fire", "SWAPFORCE", "Rattle Shake"},
+--{"", "", "0030", "fire", "SWAPFORCE", "Night Shift"},
+
+--{"", "", "0030", "life", "SWAPFORCE", "Stink Bomb"},
+--{"", "", "0030", "life", "SWAPFORCE", "Grilla Drilla"},
+
+--{"", "", "0030", "air", "SWAPFORCE", "Free Ranger"},
+--{"", "", "0030", "air", "SWAPFORCE", "Boom Jet"},
+
+}
+
+local function find( main, sub)
+ main = main:lower()
+ sub = sub:lower()
+ for k, v in pairs(_names) do
+ if ( v[2]:lower() == main and v[3]:lower() == sub) then
+ return v
+ end
+ end
+ return nil
+end
+local function list()
+ print ("Type\tSub\tElement\tGame Name")
+ print (string.rep('=', 54))
+ for k, v in pairs(_names) do
+ print(("%s\t%s\t%s\t%-9s\t%s"):format(v[2],v[3],v[4], v[5], v[6] ))
+ end
+end
+
+return {
+ Find = find,
+ List = list,
}
-return _names
return {
convert_bin_to_html = convert_bin_to_html,
convert_eml_to_html = convert_eml_to_html,
- convert_eml_to_bin = convert_eml_to_bin,
- SaveAsBinary = save_BIN,
+ convert_eml_to_bin = convert_eml_to_bin,
+ SaveAsBinary = save_BIN,
SaveAsText = save_TEXT,
}
--- /dev/null
+local md5 = {
+ _VERSION = "md5.lua 0.5.0",
+ _DESCRIPTION = "MD5 computation in Lua (5.1)",
+ _URL = "https://github.com/kikito/md5.lua",
+ _LICENSE = [[
+ MIT LICENSE
+
+ Copyright (c) 2013 Enrique GarcÃa Cota + Adam Baldwin + hanzao + Equi 4 Software
+
+ Permission is hereby granted, free of charge, to any person obtaining a
+ copy of this software and associated documentation files (the
+ "Software"), to deal in the Software without restriction, including
+ without limitation the rights to use, copy, modify, merge, publish,
+ distribute, sublicense, and/or sell copies of the Software, and to
+ permit persons to whom the Software is furnished to do so, subject to
+ the following conditions:
+
+ The above copyright notice and this permission notice shall be included
+ in all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+ CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+ TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ ]]
+}
+
+-- bit lib implementions
+
+local floor, abs, max = math.floor, math.abs, math.max
+local char, byte, format, rep, sub =
+ string.char, string.byte, string.format, string.rep, string.sub
+
+local function check_int(n)
+ -- checking not float
+ if(n - floor(n) > 0) then
+ error("trying to use bitwise operation on non-integer!")
+ end
+end
+
+local function tbl2number(tbl)
+ local n = #tbl
+
+ local rslt = 0
+ local power = 1
+ for i = 1, n do
+ rslt = rslt + tbl[i]*power
+ power = power*2
+ end
+
+ return rslt
+end
+
+local function expand(tbl_m, tbl_n)
+ local big = {}
+ local small = {}
+ if(#tbl_m > #tbl_n) then
+ big = tbl_m
+ small = tbl_n
+ else
+ big = tbl_n
+ small = tbl_m
+ end
+ -- expand small
+ for i = #small + 1, #big do
+ small[i] = 0
+ end
+
+end
+
+local to_bits -- needs to be declared before bit_not
+
+local function bit_not(n)
+ local tbl = to_bits(n)
+ local size = max(#tbl, 32)
+ for i = 1, size do
+ if(tbl[i] == 1) then
+ tbl[i] = 0
+ else
+ tbl[i] = 1
+ end
+ end
+ return tbl2number(tbl)
+end
+
+-- defined as local above
+to_bits = function (n)
+ check_int(n)
+ if(n < 0) then
+ -- negative
+ return to_bits(bit_not(abs(n)) + 1)
+ end
+ -- to bits table
+ local tbl = {}
+ local cnt = 1
+ while (n > 0) do
+ local last = math.fmod(n,2)
+ if(last == 1) then
+ tbl[cnt] = 1
+ else
+ tbl[cnt] = 0
+ end
+ n = (n-last)/2
+ cnt = cnt + 1
+ end
+
+ return tbl
+end
+
+local function bit_or(m, n)
+ local tbl_m = to_bits(m)
+ local tbl_n = to_bits(n)
+ expand(tbl_m, tbl_n)
+
+ local tbl = {}
+ local rslt = max(#tbl_m, #tbl_n)
+ for i = 1, rslt do
+ if(tbl_m[i]== 0 and tbl_n[i] == 0) then
+ tbl[i] = 0
+ else
+ tbl[i] = 1
+ end
+ end
+
+ return tbl2number(tbl)
+end
+
+local function bit_and(m, n)
+ local tbl_m = to_bits(m)
+ local tbl_n = to_bits(n)
+ expand(tbl_m, tbl_n)
+
+ local tbl = {}
+ local rslt = max(#tbl_m, #tbl_n)
+ for i = 1, rslt do
+ if(tbl_m[i]== 0 or tbl_n[i] == 0) then
+ tbl[i] = 0
+ else
+ tbl[i] = 1
+ end
+ end
+
+ return tbl2number(tbl)
+end
+
+local function bit_xor(m, n)
+ local tbl_m = to_bits(m)
+ local tbl_n = to_bits(n)
+ expand(tbl_m, tbl_n)
+
+ local tbl = {}
+ local rslt = max(#tbl_m, #tbl_n)
+ for i = 1, rslt do
+ if(tbl_m[i] ~= tbl_n[i]) then
+ tbl[i] = 1
+ else
+ tbl[i] = 0
+ end
+ end
+
+ return tbl2number(tbl)
+end
+
+local function bit_rshift(n, bits)
+ check_int(n)
+
+ local high_bit = 0
+ if(n < 0) then
+ -- negative
+ n = bit_not(abs(n)) + 1
+ high_bit = 2147483648 -- 0x80000000
+ end
+
+ for i=1, bits do
+ n = n/2
+ n = bit_or(floor(n), high_bit)
+ end
+ return floor(n)
+end
+
+local function bit_lshift(n, bits)
+ check_int(n)
+
+ if(n < 0) then
+ -- negative
+ n = bit_not(abs(n)) + 1
+ end
+
+ for i=1, bits do
+ n = n*2
+ end
+ return bit_and(n, 4294967295) -- 0xFFFFFFFF
+end
+
+-- convert little-endian 32-bit int to a 4-char string
+local function lei2str(i)
+ local f=function (s) return char( bit_and( bit_rshift(i, s), 255)) end
+ return f(0)..f(8)..f(16)..f(24)
+end
+
+-- convert raw string to big-endian int
+local function str2bei(s)
+ local v=0
+ for i=1, #s do
+ v = v * 256 + byte(s, i)
+ end
+ return v
+end
+
+-- convert raw string to little-endian int
+local function str2lei(s)
+ local v=0
+ for i = #s,1,-1 do
+ v = v*256 + byte(s, i)
+ end
+ return v
+end
+
+-- cut up a string in little-endian ints of given size
+local function cut_le_str(s,...)
+ local o, r = 1, {}
+ local args = {...}
+ for i=1, #args do
+ table.insert(r, str2lei(sub(s, o, o + args[i] - 1)))
+ o = o + args[i]
+ end
+ return r
+end
+
+local swap = function (w) return str2bei(lei2str(w)) end
+
+local function hex2binaryaux(hexval)
+ return char(tonumber(hexval, 16))
+end
+
+local function hex2binary(hex)
+ local result, _ = hex:gsub('..', hex2binaryaux)
+ return result
+end
+
+-- An MD5 mplementation in Lua, requires bitlib (hacked to use LuaBit from above, ugh)
+-- 10/02/2001 jcw@equi4.com
+
+local FF = 0xffffffff
+local CONSTS = {
+ 0xd76aa478, 0xe8c7b756, 0x242070db, 0xc1bdceee,
+ 0xf57c0faf, 0x4787c62a, 0xa8304613, 0xfd469501,
+ 0x698098d8, 0x8b44f7af, 0xffff5bb1, 0x895cd7be,
+ 0x6b901122, 0xfd987193, 0xa679438e, 0x49b40821,
+ 0xf61e2562, 0xc040b340, 0x265e5a51, 0xe9b6c7aa,
+ 0xd62f105d, 0x02441453, 0xd8a1e681, 0xe7d3fbc8,
+ 0x21e1cde6, 0xc33707d6, 0xf4d50d87, 0x455a14ed,
+ 0xa9e3e905, 0xfcefa3f8, 0x676f02d9, 0x8d2a4c8a,
+ 0xfffa3942, 0x8771f681, 0x6d9d6122, 0xfde5380c,
+ 0xa4beea44, 0x4bdecfa9, 0xf6bb4b60, 0xbebfbc70,
+ 0x289b7ec6, 0xeaa127fa, 0xd4ef3085, 0x04881d05,
+ 0xd9d4d039, 0xe6db99e5, 0x1fa27cf8, 0xc4ac5665,
+ 0xf4292244, 0x432aff97, 0xab9423a7, 0xfc93a039,
+ 0x655b59c3, 0x8f0ccc92, 0xffeff47d, 0x85845dd1,
+ 0x6fa87e4f, 0xfe2ce6e0, 0xa3014314, 0x4e0811a1,
+ 0xf7537e82, 0xbd3af235, 0x2ad7d2bb, 0xeb86d391,
+ 0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476
+}
+
+local f=function (x,y,z) return bit_or(bit_and(x,y),bit_and(-x-1,z)) end
+local g=function (x,y,z) return bit_or(bit_and(x,z),bit_and(y,-z-1)) end
+local h=function (x,y,z) return bit_xor(x,bit_xor(y,z)) end
+local i=function (x,y,z) return bit_xor(y,bit_or(x,-z-1)) end
+local z=function (f,a,b,c,d,x,s,ac)
+ a=bit_and(a+f(b,c,d)+x+ac,FF)
+ -- be *very* careful that left shift does not cause rounding!
+ return bit_or(bit_lshift(bit_and(a,bit_rshift(FF,s)),s),bit_rshift(a,32-s))+b
+end
+
+local function transform(A,B,C,D,X)
+ local a,b,c,d=A,B,C,D
+ local t=CONSTS
+
+ a=z(f,a,b,c,d,X[ 0], 7,t[ 1])
+ d=z(f,d,a,b,c,X[ 1],12,t[ 2])
+ c=z(f,c,d,a,b,X[ 2],17,t[ 3])
+ b=z(f,b,c,d,a,X[ 3],22,t[ 4])
+ a=z(f,a,b,c,d,X[ 4], 7,t[ 5])
+ d=z(f,d,a,b,c,X[ 5],12,t[ 6])
+ c=z(f,c,d,a,b,X[ 6],17,t[ 7])
+ b=z(f,b,c,d,a,X[ 7],22,t[ 8])
+ a=z(f,a,b,c,d,X[ 8], 7,t[ 9])
+ d=z(f,d,a,b,c,X[ 9],12,t[10])
+ c=z(f,c,d,a,b,X[10],17,t[11])
+ b=z(f,b,c,d,a,X[11],22,t[12])
+ a=z(f,a,b,c,d,X[12], 7,t[13])
+ d=z(f,d,a,b,c,X[13],12,t[14])
+ c=z(f,c,d,a,b,X[14],17,t[15])
+ b=z(f,b,c,d,a,X[15],22,t[16])
+
+ a=z(g,a,b,c,d,X[ 1], 5,t[17])
+ d=z(g,d,a,b,c,X[ 6], 9,t[18])
+ c=z(g,c,d,a,b,X[11],14,t[19])
+ b=z(g,b,c,d,a,X[ 0],20,t[20])
+ a=z(g,a,b,c,d,X[ 5], 5,t[21])
+ d=z(g,d,a,b,c,X[10], 9,t[22])
+ c=z(g,c,d,a,b,X[15],14,t[23])
+ b=z(g,b,c,d,a,X[ 4],20,t[24])
+ a=z(g,a,b,c,d,X[ 9], 5,t[25])
+ d=z(g,d,a,b,c,X[14], 9,t[26])
+ c=z(g,c,d,a,b,X[ 3],14,t[27])
+ b=z(g,b,c,d,a,X[ 8],20,t[28])
+ a=z(g,a,b,c,d,X[13], 5,t[29])
+ d=z(g,d,a,b,c,X[ 2], 9,t[30])
+ c=z(g,c,d,a,b,X[ 7],14,t[31])
+ b=z(g,b,c,d,a,X[12],20,t[32])
+
+ a=z(h,a,b,c,d,X[ 5], 4,t[33])
+ d=z(h,d,a,b,c,X[ 8],11,t[34])
+ c=z(h,c,d,a,b,X[11],16,t[35])
+ b=z(h,b,c,d,a,X[14],23,t[36])
+ a=z(h,a,b,c,d,X[ 1], 4,t[37])
+ d=z(h,d,a,b,c,X[ 4],11,t[38])
+ c=z(h,c,d,a,b,X[ 7],16,t[39])
+ b=z(h,b,c,d,a,X[10],23,t[40])
+ a=z(h,a,b,c,d,X[13], 4,t[41])
+ d=z(h,d,a,b,c,X[ 0],11,t[42])
+ c=z(h,c,d,a,b,X[ 3],16,t[43])
+ b=z(h,b,c,d,a,X[ 6],23,t[44])
+ a=z(h,a,b,c,d,X[ 9], 4,t[45])
+ d=z(h,d,a,b,c,X[12],11,t[46])
+ c=z(h,c,d,a,b,X[15],16,t[47])
+ b=z(h,b,c,d,a,X[ 2],23,t[48])
+
+ a=z(i,a,b,c,d,X[ 0], 6,t[49])
+ d=z(i,d,a,b,c,X[ 7],10,t[50])
+ c=z(i,c,d,a,b,X[14],15,t[51])
+ b=z(i,b,c,d,a,X[ 5],21,t[52])
+ a=z(i,a,b,c,d,X[12], 6,t[53])
+ d=z(i,d,a,b,c,X[ 3],10,t[54])
+ c=z(i,c,d,a,b,X[10],15,t[55])
+ b=z(i,b,c,d,a,X[ 1],21,t[56])
+ a=z(i,a,b,c,d,X[ 8], 6,t[57])
+ d=z(i,d,a,b,c,X[15],10,t[58])
+ c=z(i,c,d,a,b,X[ 6],15,t[59])
+ b=z(i,b,c,d,a,X[13],21,t[60])
+ a=z(i,a,b,c,d,X[ 4], 6,t[61])
+ d=z(i,d,a,b,c,X[11],10,t[62])
+ c=z(i,c,d,a,b,X[ 2],15,t[63])
+ b=z(i,b,c,d,a,X[ 9],21,t[64])
+
+ return A+a,B+b,C+c,D+d
+end
+
+----------------------------------------------------------------
+
+function md5.sumhexa(s)
+ local msgLen = #s
+ local padLen = 56 - msgLen % 64
+
+ if msgLen % 64 > 56 then padLen = padLen + 64 end
+
+ if padLen == 0 then padLen = 64 end
+
+ s = s .. char(128) .. rep(char(0),padLen-1) .. lei2str(8*msgLen) .. lei2str(0)
+
+ assert(#s % 64 == 0)
+
+ local t = CONSTS
+ local a,b,c,d = t[65],t[66],t[67],t[68]
+
+ for i=1,#s,64 do
+ local X = cut_le_str(sub(s,i,i+63),4,4,4,4,4,4,4,4,4,4,4,4,4,4,4,4)
+ assert(#X == 16)
+ X[0] = table.remove(X,1) -- zero based!
+ a,b,c,d = transform(a,b,c,d,X)
+ end
+
+ return format("%08x%08x%08x%08x",swap(a),swap(b),swap(c),swap(d))
+end
+
+function md5.sum(s)
+ return hex2binary(md5.sumhexa(s))
+end
+
+return md5
local _keys = {
+
--[[
These keys are from the pm3 c-codebase.
'9de89e070277',
'eff603e1efe9',
'644672bd4afe',
-
'b5ff67cba951',
- }
+
+ --[[
+ hotel system cards,
+ http://www.proxmark.org/forum/viewtopic.php?id=2430
+ --]]
+ '44ab09010845',
+ '85fed980ea5a',
+
+ --[[
+ VIGIK1
+ --]]
+ '314B49474956',
+ '564c505f4d41',
+
+ --[[
+ BCARD keyB
+ --]]
+ 'f4a9ef2afc6d',
+
+ --[[
+ --]]
+ 'a9f953def0a3',
+}
---
-- The keys above have just been pasted in, for completeness sake. They contain duplicates.
--- /dev/null
+--[[
+ This is an experimental lib.
+--]]
+local utils = require('utils')
+
+-- LOOKUP Tables
+local perm = {}
+perm [1]= { 0x0, 0x1, 0x3, 0x2, 0x7, 0x6, 0x4, 0x5, 0xF, 0xE, 0xC, 0xD, 0x8, 0x9, 0xB, 0xA }
+perm [2]= { 0x1, 0x0, 0x2, 0x3, 0x6, 0x7, 0x5, 0x4, 0xE, 0xF, 0xD, 0xC, 0x9, 0x8, 0xA, 0xB }
+perm [3]= { 0x2, 0x3, 0x1, 0x0, 0x5, 0x4, 0x6, 0x7, 0xD, 0xC, 0xE, 0xF, 0xA, 0xB, 0x9, 0x8 }
+perm [4]= { 0x3, 0x2, 0x0, 0x1, 0x4, 0x5, 0x7, 0x6, 0xC, 0xD, 0xF, 0xE, 0xB, 0xA, 0x8, 0x9 }
+perm [5]= { 0x4, 0x5, 0x7, 0x6, 0x3, 0x2, 0x0, 0x1, 0xB, 0xA, 0x8, 0x9, 0xC, 0xD, 0xF, 0xE }
+perm [6]= { 0x5, 0x4, 0x6, 0x7, 0x2, 0x3, 0x1, 0x0, 0xA, 0xB, 0x9, 0x8, 0xD, 0xC, 0xE, 0xF }
+perm [7]= { 0x6, 0x7, 0x5, 0x4, 0x1, 0x0, 0x2, 0x3, 0x9, 0x8, 0xA, 0xB, 0xE, 0xF, 0xD, 0xC }
+perm [8]= { 0x7, 0x6, 0x4, 0x5, 0x0, 0x1, 0x3, 0x2, 0x8, 0x9, 0xB, 0xA, 0xF, 0xE, 0xC, 0xD }
+perm [9]= { 0x8, 0x9, 0xB, 0xA, 0xF, 0xE, 0xC, 0xD, 0x7, 0x6, 0x4, 0x5, 0x0, 0x1, 0x3, 0x2 }
+perm [10]= { 0x9, 0x8, 0xA, 0xB, 0xE, 0xF, 0xD, 0xC, 0x6, 0x7, 0x5, 0x4, 0x1, 0x0, 0x2, 0x3 }
+perm [11]= { 0xA, 0xB, 0x9, 0x8, 0xD, 0xC, 0xE, 0xF, 0x5, 0x4, 0x6, 0x7, 0x2, 0x3, 0x1, 0x0 }
+perm [12]= { 0xB, 0xA, 0x8, 0x9, 0xC, 0xD, 0xF, 0xE, 0x4, 0x5, 0x7, 0x6, 0x3, 0x2, 0x0, 0x1 }
+perm [13]= { 0xC, 0xD, 0xF, 0xE, 0xB, 0xA, 0x8, 0x9, 0x3, 0x2, 0x0, 0x1, 0x4, 0x5, 0x7, 0x6 }
+perm [14]= { 0xD, 0xC, 0xE, 0xF, 0xA, 0xB, 0x9, 0x8, 0x2, 0x3, 0x1, 0x0, 0x5, 0x4, 0x6, 0x7 }
+perm [15]= { 0xE, 0xF, 0xD, 0xC, 0x9, 0x8, 0xA, 0xB, 0x1, 0x0, 0x2, 0x3, 0x6, 0x7, 0x5, 0x4 }
+perm [16]= { 0xF, 0xE, 0xC, 0xD, 0x8, 0x9, 0xB, 0xA, 0x0, 0x1, 0x3, 0x2, 0x7, 0x6, 0x4, 0x5 }
+
+local shifts = {}
+shifts[1]= { 0x4, 0x5, 0x7, 0x6, 0x3, 0x2, 0x0, 0x1, 0xB, 0xA, 0x8, 0x9, 0xC, 0xD, 0xF, 0xE }
+shifts[2]= { 0x4, 0xB, 0xB, 0x4, 0xB, 0x4, 0x4, 0xB, 0xA, 0x5, 0x5, 0xA, 0x5, 0xA, 0xA, 0x5 }
+shifts[3]= { 0xB, 0x6, 0x0, 0xD, 0xD, 0x0, 0x6, 0xB, 0x6, 0xB, 0xD, 0x0, 0x0, 0xD, 0xB, 0x6 }
+shifts[4]= { 0xE, 0x5, 0x9, 0x2, 0x0, 0xB, 0x7, 0xC, 0x3, 0x8, 0x4, 0xF, 0xD, 0x6, 0xA, 0x1 }
+shifts[5]= { 0x4, 0xE, 0x1, 0xB, 0xF, 0x5, 0xA, 0x0, 0x3, 0x9, 0x6, 0xC, 0x8, 0x2, 0xD, 0x7 }
+shifts[6]= { 0xA, 0x4, 0x7, 0x9, 0x0, 0xE, 0xD, 0x3, 0xE, 0x0, 0x3, 0xD, 0x4, 0xA, 0x9, 0x7 }
+shifts[7]= { 0xE, 0x6, 0xE, 0x6, 0xF, 0x7, 0xF, 0x7, 0xD, 0x5, 0xD, 0x5, 0xC, 0x4, 0xC, 0x4 }
+shifts[8]= { 0x7, 0x1, 0xB, 0xD, 0xE, 0x8, 0x2, 0x4, 0x4, 0x2, 0x8, 0xE, 0xD, 0xB, 0x1, 0x7 }
+shifts[9]= { 0xD, 0xB, 0x0, 0x6, 0x6, 0x0, 0xB, 0xD, 0xA, 0xC, 0x7, 0x1, 0x1, 0x7, 0xC, 0xA }
+shifts[10]= { 0xe, 0x1, 0x1, 0xe, 0x1, 0xe, 0xe, 0x1, 0x1, 0xe, 0xe, 0x1, 0xe, 0x1, 0x1, 0xe }
+
+local function ApplyPermutationAndShifts( pos, value, nibble)
+ local shiftbytes = shifts[pos]
+ local shiftElem = shiftbytes[nibble+1] --one indexed
+ local shiftOne = shiftbytes[1]
+ local rs = bit32.bxor(value, bit32.bxor(shiftOne, shiftElem))
+ return rs
+end
+
+local function GetOne( uid, block )
+
+ if uid == nil then return nil, 'empty uid string' end
+ if #uid == 0 then return nil, 'empty uid string' end
+ if #uid ~= 8 then return nil, 'uid wrong length. Should be 4 hex bytes' end
+ if type(block) ~= 'number' then return nil, 'block is not number' end
+ if block > 16 or block < 0 then return nil, 'block is out-of-range' end
+
+ local s = ('%s%02X'):format(uid,block)
+ local nibble1 = tonumber(s:sub(1,1),16) + 1
+
+ local permuted = ''
+ for i = 1, #s do
+ local el_row = shifts[i]
+ local el_value = el_row[nibble1]
+ j = 1
+ while j <= i do
+ if i-j > 0 then
+ local nibble = tonumber(s:sub(j+1,j+1),16)
+ el_value = ApplyPermutationAndShifts(i-j, el_value, nibble)
+ end
+ j = j+1
+ end
+ permuted =('%s%X'):format(permuted,el_value)
+ end
+
+ permuted = 'C2'..permuted
+ local crc64numStr = utils.Crc64(permuted)
+ local keybytes = utils.ConvertAsciiToBytes(crc64numStr, true)
+ local key = utils.ConvertBytesToHex(keybytes)
+ return key:sub(1,12)
+end
+
+local PreCalc =
+{
+ GetAll = function(id)
+ if id == nil then return nil, 'empty string' end
+ if #id == 0 then return nil, 'empty string' end
+ if #id ~= 8 then return nil, 'wrong length. Should be 4 hex bytes' end
+
+ local list = '4b0b20107ccb'
+ for i = 1,15 do
+ local key, err = GetOne(id,i)
+ if not key then return oops(err) end
+ list = list..key
+ end
+ return list
+ end,
+}
+return PreCalc
\ No newline at end of file
ISO14A_RAW = 8,
ISO14A_REQUEST_TRIGGER = 0x10,
ISO14A_APPEND_CRC = 0x20,
- ISO14A_SET_TIMEOUT = 0x40
+ ISO14A_SET_TIMEOUT = 0x40,
+ ISO14A_NO_SELECT = 0x80,
+ ISO14A_TOPAZMODE = 0x100
}
local ISO14443a_TYPES = {}
return outResults\r
end,\r
\r
- ------------ CRC-16 ccitt checksums\r
\r
+ ------------ CRC-16 ccitt checksums\r
-- Takes a hex string and calculates a crc16\r
Crc16 = function(s)\r
if s == nil then return nil end\r
end\r
return nil\r
end,\r
+ \r
+ ------------ CRC-64 ecma checksums\r
+ -- Takes a hex string and calculates a crc64 ecma\r
+ Crc64 = function(s)\r
+ if s == nil then return nil end\r
+ if #s == 0 then return nil end\r
+ if type(s) == 'string' then\r
+ local utils = require('utils')\r
+ local asc = utils.ConvertHexToAscii(s)\r
+ local hash = core.crc64(asc)\r
+ return hash\r
+ end\r
+ return nil\r
+ end,\r
\r
+ ------------ SHA1 hash\r
+ -- Takes a string and calculates a SHA1 hash\r
+ Sha1 = function(s)\r
+ if s == nil then return nil end\r
+ if #s == 0 then return nil end\r
+ if type(s) == 'string' then\r
+ local utils = require('utils')\r
+ --local asc = utils.ConvertHexToAscii(s)\r
+ local hash = core.sha1(s)\r
+ return hash\r
+ end\r
+ return nil\r
+ end,\r
+ -- Takes a hex string and calculates a SHA1 hash\r
+ Sha1Hex = function(s)\r
+ if s == nil then return nil end\r
+ if #s == 0 then return nil end\r
+ if type(s) == 'string' then\r
+ local utils = require('utils')\r
+ local asc = utils.ConvertHexToAscii(s)\r
+ local hash = core.sha1(asc)\r
+ return hash\r
+ end\r
+ return nil\r
+ end,\r
+ \r
+ \r
-- input parameter is a string\r
-- Swaps the endianess and returns a number, \r
-- IE: 'cd7a' -> '7acd' -> 0x7acd\r
while IN>0 do\r
I=I+1\r
IN , D = math.floor(IN/B), math.modf(IN,B)+1\r
- OUT=string.sub(K,D,D)..OUT\r
+ OUT = string.sub(K,D,D)..OUT\r
end\r
return OUT\r
end,\r
end\r
local s={}\r
for i = 1, #(bytes) do\r
- s[i] = string.format("%02X",bytes[i]) \r
+ s[i] = string.format("%02X",bytes[i]) \r
end\r
return table.concat(s)\r
end, \r
end\r
return t\r
end,\r
- ConvertAsciiToBytes = function(s)\r
- local t={}\r
+ ConvertAsciiToBytes = function(s, reverse)\r
+ local t = {}\r
if s == nil then return t end\r
if #s == 0 then return t end\r
\r
for k in s:gmatch"(.)" do\r
table.insert(t, string.byte(k))\r
end\r
- return t\r
+ \r
+ if not reverse then\r
+ return t\r
+ end\r
+ \r
+ local rev = {}\r
+ if reverse then\r
+ for i = #t, 1,-1 do\r
+ table.insert(rev, t[i] )\r
+ end\r
+ end\r
+ return rev\r
end,\r
+ \r
ConvertHexToAscii = function(s)\r
local t={}\r
if s == nil then return t end\r
return table.concat(t) \r
end,\r
\r
+ Chars2num = function(s)\r
+ return (s:byte(1)*16777216)+(s:byte(2)*65536)+(s:byte(3)*256)+(s:byte(4))\r
+ end,\r
+ \r
+ -- use length of string to determine 8,16,32,64 bits\r
+ bytes_to_int = function(str,endian,signed) \r
+ local t={str:byte(1,-1)}\r
+ if endian=="big" then --reverse bytes\r
+ local tt={}\r
+ for k=1,#t do\r
+ tt[#t-k+1]=t[k]\r
+ end\r
+ t=tt\r
+ end\r
+ local n=0\r
+ for k=1,#t do\r
+ n=n+t[k]*2^((k-1)*8)\r
+ end\r
+ if signed then\r
+ n = (n > 2^(#t*8-1) -1) and (n - 2^(#t*8)) or n -- if last bit set, negative.\r
+ end\r
+ return n\r
+ end,\r
+ \r
-- function convertStringToBytes(str)\r
-- local bytes = {}\r
-- local strLength = string.len(str)\r
-- end\r
\r
}\r
-return Utils
\ No newline at end of file
+return Utils\r
\r
int mfnested(uint8_t blockNo, uint8_t keyType, uint8_t * key, uint8_t trgBlockNo, uint8_t trgKeyType, uint8_t * resultKey, bool calibrate) \r
{\r
- uint16_t i, len;\r
+ uint16_t i;\r
uint32_t uid;\r
UsbCommand resp;\r
\r
struct Crypto1State *p1, *p2, *p3, *p4;\r
\r
// flush queue\r
- WaitForResponseTimeout(CMD_ACK,NULL,100);\r
+ WaitForResponseTimeout(CMD_ACK, NULL, 100);\r
\r
UsbCommand c = {CMD_MIFARE_NESTED, {blockNo + keyType * 0x100, trgBlockNo + trgKeyType * 0x100, calibrate}};\r
memcpy(c.d.asBytes, key, 6);\r
SendCommand(&c);\r
\r
- if (WaitForResponseTimeout(CMD_ACK,&resp,1500)) {\r
- len = resp.arg[1];\r
- if (len == 2) { \r
- memcpy(&uid, resp.d.asBytes, 4);\r
- PrintAndLog("uid:%08x len=%d trgbl=%d trgkey=%x", uid, len, (uint16_t)resp.arg[2] & 0xff, (uint16_t)resp.arg[2] >> 8);\r
- \r
- for (i = 0; i < 2; i++) {\r
- statelists[i].blockNo = resp.arg[2] & 0xff;\r
- statelists[i].keyType = (resp.arg[2] >> 8) & 0xff;\r
- statelists[i].uid = uid;\r
+ if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) {\r
+ return -1;\r
+ }\r
\r
- memcpy(&statelists[i].nt, (void *)(resp.d.asBytes + 4 + i * 8 + 0), 4);\r
- memcpy(&statelists[i].ks1, (void *)(resp.d.asBytes + 4 + i * 8 + 4), 4);\r
- }\r
- }\r
- else {\r
- PrintAndLog("Got 0 keys from proxmark."); \r
- return 1;\r
- }\r
+ if (resp.arg[0]) {\r
+ return resp.arg[0]; // error during nested\r
+ }\r
+ \r
+ memcpy(&uid, resp.d.asBytes, 4);\r
+ PrintAndLog("uid:%08x trgbl=%d trgkey=%x", uid, (uint16_t)resp.arg[2] & 0xff, (uint16_t)resp.arg[2] >> 8);\r
+ \r
+ for (i = 0; i < 2; i++) {\r
+ statelists[i].blockNo = resp.arg[2] & 0xff;\r
+ statelists[i].keyType = (resp.arg[2] >> 8) & 0xff;\r
+ statelists[i].uid = uid;\r
+ memcpy(&statelists[i].nt, (void *)(resp.d.asBytes + 4 + i * 8 + 0), 4);\r
+ memcpy(&statelists[i].ks1, (void *)(resp.d.asBytes + 4 + i * 8 + 4), 4);\r
}\r
\r
// calc keys\r
FillFileNameByUID(traceFileName, tuid, ".eml", 7);\r
\r
f = fopen(traceFileName, "r");\r
- if (!f) {\r
- fclose(f);\r
- return 1;\r
- }\r
+ if (!f) return 1;\r
\r
blockNum = 0;\r
\r
if ((!strlen(traceFileName)) || (isTraceCardEmpty())) return 0;\r
\r
f = fopen(traceFileName, "w+");\r
- if ( !f ) {\r
- fclose(f);\r
- return 1;\r
- }\r
+ if ( !f ) return 1;\r
\r
for (int i = 0; i < 64; i++) { // blocks\r
for (int j = 0; j < 16; j++) // bytes\r
#include "ui.h"
#include "sleep.h"
#include "cmdparser.h"
-#include "cmdmain.h"
+#include "cmdhw.h"
// a global mutex to prevent interlaced printing from different threads
pthread_mutex_t print_lock;
if (arg->usb_present == 1) {
rarg.run = 1;
pthread_create(&reader_thread, NULL, &uart_receiver, &rarg);
+ // cache Version information now:
+ CmdVersion(NULL);
}
FILE *script_file = NULL;
#include "nonce2key/nonce2key.h"
#include "../common/iso15693tools.h"
#include "../common/crc16.h"
+#include "../common/crc64.h"
+#include "../common/sha1.h"
#include "aes.h"
/**
* The following params expected:
*/
static int l_SendCommand(lua_State *L){
- /*
- *
- The SendCommand (native) expects the following structure:
-
- typedef struct {
- uint64_t cmd; //8 bytes
- uint64_t arg[3]; // 8*3 bytes = 24 bytes
- union {
- uint8_t asBytes[USB_CMD_DATA_SIZE]; // 1 byte * 512 = 512 bytes (OR)
- uint32_t asDwords[USB_CMD_DATA_SIZE/4]; // 4 byte * 128 = 512 bytes
- } d;
- } PACKED UsbCommand;
-
- ==> A 544 byte buffer will do.
- **/
- //Pop cmd
- size_t size;
- const char *data = luaL_checklstring(L, 1, &size);
- if(size != sizeof(UsbCommand))
- {
- printf("Got data size %d, expected %d" , (int) size,(int) sizeof(UsbCommand));
- lua_pushstring(L,"Wrong data size");
- return 1;
- }
+ /*
+ *
+ The SendCommand (native) expects the following structure:
+
+ typedef struct {
+ uint64_t cmd; //8 bytes
+ uint64_t arg[3]; // 8*3 bytes = 24 bytes
+ union {
+ uint8_t asBytes[USB_CMD_DATA_SIZE]; // 1 byte * 512 = 512 bytes (OR)
+ uint32_t asDwords[USB_CMD_DATA_SIZE/4]; // 4 byte * 128 = 512 bytes
+ } d;
+ } PACKED UsbCommand;
+
+ ==> A 544 byte buffer will do.
+ **/
+ //Pop cmd
+ size_t size;
+ const char *data = luaL_checklstring(L, 1, &size);
+ if(size != sizeof(UsbCommand))
+ {
+ printf("Got data size %d, expected %d" , (int) size,(int) sizeof(UsbCommand));
+ lua_pushstring(L,"Wrong data size");
+ return 1;
+ }
// UsbCommand c = (*data);
- SendCommand((UsbCommand* )data);
- return 0; // no return values
+ SendCommand((UsbCommand* )data);
+ return 0; // no return values
}
/**
* @brief The following params expected:
*/
static int l_WaitForResponseTimeout(lua_State *L){
- uint32_t cmd = 0;
- size_t ms_timeout = -1;
-
- //Check number of arguments
- int n = lua_gettop(L);
- if(n == 0)
- {
- //signal error by returning Nil, errorstring
- lua_pushnil(L);
- lua_pushstring(L,"You need to supply at least command to wait for");
- return 2; // two return values
- }
- if(n >= 1)
- {
- //pop cmd
- cmd = luaL_checkunsigned(L,1);
- }
- if(n >= 2)
- {
- //Did the user send a timeout ?
- //Check if the current top of stack is an integer
- ms_timeout = luaL_checkunsigned(L,2);
- //printf("Timeout set to %dms\n" , (int) ms_timeout);
- }
-
- UsbCommand response;
-
- if(WaitForResponseTimeout(cmd, &response, ms_timeout))
- {
- //Push it as a string
- lua_pushlstring(L,(const char *)&response,sizeof(UsbCommand));
-
- return 1;// return 1 to signal one return value
- }else{
- //Push a Nil instead
- lua_pushnil(L);
- return 1;// one return value
- }
+ uint32_t cmd = 0;
+ size_t ms_timeout = -1;
+
+ //Check number of arguments
+ int n = lua_gettop(L);
+ if(n == 0)
+ {
+ //signal error by returning Nil, errorstring
+ lua_pushnil(L);
+ lua_pushstring(L,"You need to supply at least command to wait for");
+ return 2; // two return values
+ }
+ if(n >= 1)
+ {
+ //pop cmd
+ cmd = luaL_checkunsigned(L,1);
+ }
+ if(n >= 2)
+ {
+ //Did the user send a timeout ?
+ //Check if the current top of stack is an integer
+ ms_timeout = luaL_checkunsigned(L,2);
+ //printf("Timeout set to %dms\n" , (int) ms_timeout);
+ }
+
+ UsbCommand response;
+
+ if(WaitForResponseTimeout(cmd, &response, ms_timeout))
+ {
+ //Push it as a string
+ lua_pushlstring(L,(const char *)&response,sizeof(UsbCommand));
+
+ return 1;// return 1 to signal one return value
+ }else{
+ //Push a Nil instead
+ lua_pushnil(L);
+ return 1;// one return value
+ }
}
static int returnToLuaWithError(lua_State *L, const char* fmt, ...)
{
- char buffer[200];
- va_list args;
- va_start(args,fmt);
- vsnprintf(buffer, sizeof(buffer), fmt,args);
- va_end(args);
-
- lua_pushnil(L);
- lua_pushstring(L,buffer);
- return 2;
+ char buffer[200];
+ va_list args;
+ va_start(args,fmt);
+ vsnprintf(buffer, sizeof(buffer), fmt,args);
+ va_end(args);
+
+ lua_pushnil(L);
+ lua_pushstring(L,buffer);
+ return 2;
}
static int l_nonce2key(lua_State *L){
- size_t size;
- const char *p_uid = luaL_checklstring(L, 1, &size);
- if(size != 4) return returnToLuaWithError(L,"Wrong size of uid, got %d bytes, expected 4", (int) size);
+ size_t size;
+ const char *p_uid = luaL_checklstring(L, 1, &size);
+ if(size != 4) return returnToLuaWithError(L,"Wrong size of uid, got %d bytes, expected 4", (int) size);
- const char *p_nt = luaL_checklstring(L, 2, &size);
- if(size != 4) return returnToLuaWithError(L,"Wrong size of nt, got %d bytes, expected 4", (int) size);
+ const char *p_nt = luaL_checklstring(L, 2, &size);
+ if(size != 4) return returnToLuaWithError(L,"Wrong size of nt, got %d bytes, expected 4", (int) size);
- const char *p_nr = luaL_checklstring(L, 3, &size);
- if(size != 4) return returnToLuaWithError(L,"Wrong size of nr, got %d bytes, expected 4", (int) size);
+ const char *p_nr = luaL_checklstring(L, 3, &size);
+ if(size != 4) return returnToLuaWithError(L,"Wrong size of nr, got %d bytes, expected 4", (int) size);
- const char *p_par_info = luaL_checklstring(L, 4, &size);
- if(size != 8) return returnToLuaWithError(L,"Wrong size of par_info, got %d bytes, expected 8", (int) size);
+ const char *p_par_info = luaL_checklstring(L, 4, &size);
+ if(size != 8) return returnToLuaWithError(L,"Wrong size of par_info, got %d bytes, expected 8", (int) size);
- const char *p_pks_info = luaL_checklstring(L, 5, &size);
- if(size != 8) return returnToLuaWithError(L,"Wrong size of ks_info, got %d bytes, expected 8", (int) size);
+ const char *p_pks_info = luaL_checklstring(L, 5, &size);
+ if(size != 8) return returnToLuaWithError(L,"Wrong size of ks_info, got %d bytes, expected 8", (int) size);
- uint32_t uid = bytes_to_num(( uint8_t *)p_uid,4);
- uint32_t nt = bytes_to_num(( uint8_t *)p_nt,4);
+ uint32_t uid = bytes_to_num(( uint8_t *)p_uid,4);
+ uint32_t nt = bytes_to_num(( uint8_t *)p_nt,4);
- uint32_t nr = bytes_to_num(( uint8_t*)p_nr,4);
- uint64_t par_info = bytes_to_num(( uint8_t *)p_par_info,8);
- uint64_t ks_info = bytes_to_num(( uint8_t *)p_pks_info,8);
+ uint32_t nr = bytes_to_num(( uint8_t*)p_nr,4);
+ uint64_t par_info = bytes_to_num(( uint8_t *)p_par_info,8);
+ uint64_t ks_info = bytes_to_num(( uint8_t *)p_pks_info,8);
- uint64_t key = 0;
+ uint64_t key = 0;
- int retval = nonce2key(uid,nt, nr, par_info,ks_info, &key);
+ int retval = nonce2key(uid,nt, nr, par_info,ks_info, &key);
- //Push the retval on the stack
- lua_pushinteger(L,retval);
-
- //Push the key onto the stack
- uint8_t dest_key[8];
- num_to_bytes(key,sizeof(dest_key),dest_key);
+ //Push the retval on the stack
+ lua_pushinteger(L,retval);
- //printf("Pushing to lua stack: %012"llx"\n",key);
- lua_pushlstring(L,(const char *) dest_key,sizeof(dest_key));
+ //Push the key onto the stack
+ uint8_t dest_key[8];
+ num_to_bytes(key,sizeof(dest_key),dest_key);
- return 2; //Two return values
+ //printf("Pushing to lua stack: %012"llx"\n",key);
+ lua_pushlstring(L,(const char *) dest_key,sizeof(dest_key));
+
+ return 2; //Two return values
}
//static int l_PrintAndLog(lua_State *L){ return CmdHF14AMfDump(luaL_checkstring(L, 1));}
static int l_clearCommandBuffer(lua_State *L){
- clearCommandBuffer();
- return 0;
+ clearCommandBuffer();
+ return 0;
}
/**
* @brief l_foobar is a dummy function to test lua-integration with
*/
static int l_foobar(lua_State *L)
{
- //Check number of arguments
- int n = lua_gettop(L);
- printf("foobar called with %d arguments" , n);
- lua_settop(L, 0);
- printf("Arguments discarded, stack now contains %d elements", lua_gettop(L));
-
- // todo: this is not used, where was it intended for?
- // UsbCommand response = {CMD_MIFARE_READBL, {1337, 1338, 1339}};
-
- printf("Now returning a uint64_t as a string");
- uint64_t x = 0xDEADBEEF;
- uint8_t destination[8];
- num_to_bytes(x,sizeof(x),destination);
- lua_pushlstring(L,(const char *)&x,sizeof(x));
- lua_pushlstring(L,(const char *)destination,sizeof(destination));
-
- return 2;
+ //Check number of arguments
+ int n = lua_gettop(L);
+ printf("foobar called with %d arguments" , n);
+ lua_settop(L, 0);
+ printf("Arguments discarded, stack now contains %d elements", lua_gettop(L));
+
+ // todo: this is not used, where was it intended for?
+ // UsbCommand response = {CMD_MIFARE_READBL, {1337, 1338, 1339}};
+
+ printf("Now returning a uint64_t as a string");
+ uint64_t x = 0xDEADBEEF;
+ uint8_t destination[8];
+ num_to_bytes(x,sizeof(x),destination);
+ lua_pushlstring(L,(const char *)&x,sizeof(x));
+ lua_pushlstring(L,(const char *)destination,sizeof(destination));
+
+ return 2;
}
*/
static int l_ukbhit(lua_State *L)
{
- lua_pushboolean(L,ukbhit() ? true : false);
- return 1;
+ lua_pushboolean(L,ukbhit() ? true : false);
+ return 1;
}
/**
* @brief Calls the command line parser to deal with the command. This enables
*/
static int l_CmdConsole(lua_State *L)
{
- CommandReceived((char *)luaL_checkstring(L, 1));
- return 0;
+ CommandReceived((char *)luaL_checkstring(L, 1));
+ return 0;
}
static int l_iso15693_crc(lua_State *L)
{
- // uint16_t Iso15693Crc(uint8_t *v, int n);
- size_t size;
- const char *v = luaL_checklstring(L, 1, &size);
- uint16_t retval = Iso15693Crc((uint8_t *) v, size);
- lua_pushinteger(L, (int) retval);
- return 1;
+ // uint16_t Iso15693Crc(uint8_t *v, int n);
+ size_t size;
+ const char *v = luaL_checklstring(L, 1, &size);
+ uint16_t retval = Iso15693Crc((uint8_t *) v, size);
+ lua_pushinteger(L, (int) retval);
+ return 1;
}
/*
Simple AES 128 cbc hook up to OpenSSL.
params: key, input
*/
-static int l_aes(lua_State *L)
+static int l_aes128decrypt_cbc(lua_State *L)
{
//Check number of arguments
int i;
- size_t size;
- const char *p_key = luaL_checklstring(L, 1, &size);
- if(size != 32) return returnToLuaWithError(L,"Wrong size of key, got %d bytes, expected 32", (int) size);
+ size_t size;
+ const char *p_key = luaL_checklstring(L, 1, &size);
+ if(size != 32) return returnToLuaWithError(L,"Wrong size of key, got %d bytes, expected 32", (int) size);
+
+ const char *p_encTxt = luaL_checklstring(L, 2, &size);
- const char *p_encTxt = luaL_checklstring(L, 2, &size);
-
unsigned char indata[16] = {0x00};
unsigned char outdata[16] = {0x00};
- unsigned char aes_key[16] = {0x00};
+ unsigned char aes_key[16] = {0x00};
unsigned char iv[16] = {0x00};
-
- // convert key to bytearray
+
+ // convert key to bytearray and convert input to bytearray
for (i = 0; i < 32; i += 2) {
sscanf(&p_encTxt[i], "%02x", (unsigned int *)&indata[i / 2]);
+ sscanf(&p_key[i], "%02x", (unsigned int *)&aes_key[i / 2]);
}
-
- // convert input to bytearray
+
+ aes_context ctx;
+ aes_init(&ctx);
+ aes_setkey_dec(&ctx, aes_key, 128);
+ aes_crypt_cbc(&ctx,AES_DECRYPT,sizeof(indata), iv, indata,outdata );
+ //Push decrypted array as a string
+ lua_pushlstring(L,(const char *)&outdata, sizeof(outdata));
+ return 1;// return 1 to signal one return value
+}
+static int l_aes128decrypt_ecb(lua_State *L)
+{
+ //Check number of arguments
+ int i;
+ size_t size;
+ const char *p_key = luaL_checklstring(L, 1, &size);
+ if(size != 32) return returnToLuaWithError(L,"Wrong size of key, got %d bytes, expected 32", (int) size);
+
+ const char *p_encTxt = luaL_checklstring(L, 2, &size);
+
+ unsigned char indata[16] = {0x00};
+ unsigned char outdata[16] = {0x00};
+ unsigned char aes_key[16] = {0x00};
+
+ // convert key to bytearray and convert input to bytearray
for (i = 0; i < 32; i += 2) {
+ sscanf(&p_encTxt[i], "%02x", (unsigned int *)&indata[i / 2]);
sscanf(&p_key[i], "%02x", (unsigned int *)&aes_key[i / 2]);
}
+ aes_context ctx;
+ aes_init(&ctx);
+ aes_setkey_dec(&ctx, aes_key, 128);
+ aes_crypt_ecb(&ctx, AES_DECRYPT, indata, outdata );
+
+ //Push decrypted array as a string
+ lua_pushlstring(L,(const char *)&outdata, sizeof(outdata));
+ return 1;// return 1 to signal one return value
+}
+
+static int l_aes128encrypt_cbc(lua_State *L)
+{
+ //Check number of arguments
+ int i;
+ size_t size;
+ const char *p_key = luaL_checklstring(L, 1, &size);
+ if(size != 32) return returnToLuaWithError(L,"Wrong size of key, got %d bytes, expected 32", (int) size);
+
+ const char *p_txt = luaL_checklstring(L, 2, &size);
+
+ unsigned char indata[16] = {0x00};
+ unsigned char outdata[16] = {0x00};
+ unsigned char aes_key[16] = {0x00};
+ unsigned char iv[16] = {0x00};
- //AES_KEY key;
- //AES_set_decrypt_key(aes_key, 128, &key);
- //AES_cbc_encrypt(indata, outdata, sizeof(indata), &key, iv, AES_DECRYPT);
+ for (i = 0; i < 32; i += 2) {
+ sscanf(&p_txt[i], "%02x", (unsigned int *)&indata[i / 2]);
+ sscanf(&p_key[i], "%02x", (unsigned int *)&aes_key[i / 2]);
+ }
- aes_context ctx;
- aes_init(&ctx);
- aes_setkey_enc(&ctx,(const unsigned char *)p_key,128);
- aes_crypt_cbc(&ctx,AES_DECRYPT,sizeof(indata), iv, indata,outdata );
- //Push decrypted array as a string
+ aes_context ctx;
+ aes_init(&ctx);
+ aes_setkey_enc(&ctx, aes_key, 128);
+ aes_crypt_cbc(&ctx, AES_ENCRYPT, sizeof(indata), iv, indata, outdata );
+ //Push encrypted array as a string
+ lua_pushlstring(L,(const char *)&outdata, sizeof(outdata));
+ return 1;// return 1 to signal one return value
+}
+
+static int l_aes128encrypt_ecb(lua_State *L)
+{
+ //Check number of arguments
+ int i;
+ size_t size;
+ const char *p_key = luaL_checklstring(L, 1, &size);
+ if(size != 32) return returnToLuaWithError(L,"Wrong size of key, got %d bytes, expected 32", (int) size);
+
+ const char *p_txt = luaL_checklstring(L, 2, &size);
+
+ unsigned char indata[16] = {0x00};
+ unsigned char outdata[16] = {0x00};
+ unsigned char aes_key[16] = {0x00};
+
+ for (i = 0; i < 32; i += 2) {
+ sscanf(&p_txt[i], "%02x", (unsigned int *)&indata[i / 2]);
+ sscanf(&p_key[i], "%02x", (unsigned int *)&aes_key[i / 2]);
+ }
+ aes_context ctx;
+ aes_init(&ctx);
+ aes_setkey_enc(&ctx, aes_key, 128);
+ aes_crypt_ecb(&ctx, AES_ENCRYPT, indata, outdata );
+ //Push encrypted array as a string
lua_pushlstring(L,(const char *)&outdata, sizeof(outdata));
return 1;// return 1 to signal one return value
}
{
size_t size;
const char *p_str = luaL_checklstring(L, 1, &size);
-
+
uint16_t retval = crc16_ccitt( (uint8_t*) p_str, size);
- lua_pushinteger(L, (int) retval);
- return 1;
+ lua_pushinteger(L, (int) retval);
+ return 1;
+}
+
+static int l_crc64(lua_State *L)
+{
+ size_t size;
+ uint64_t crc = 0;
+ unsigned char outdata[8] = {0x00};
+
+ const char *p_str = luaL_checklstring(L, 1, &size);
+
+ crc64( (uint8_t*) p_str, size, &crc);
+
+ outdata[0] = (uint8_t)(crc >> 56) & 0xff;
+ outdata[1] = (uint8_t)(crc >> 48) & 0xff;
+ outdata[2] = (uint8_t)(crc >> 40) & 0xff;
+ outdata[3] = (uint8_t)(crc >> 32) & 0xff;
+ outdata[4] = (uint8_t)(crc >> 24) & 0xff;
+ outdata[5] = (uint8_t)(crc >> 16) & 0xff;
+ outdata[6] = (uint8_t)(crc >> 8) & 0xff;
+ outdata[7] = crc & 0xff;
+ lua_pushlstring(L,(const char *)&outdata, sizeof(outdata));
+ return 1;
+}
+
+static int l_sha1(lua_State *L)
+{
+ size_t size;
+ const char *p_str = luaL_checklstring(L, 1, &size);
+ unsigned char outdata[20] = {0x00};
+ sha1( (uint8_t*) p_str, size, outdata);
+ lua_pushlstring(L,(const char *)&outdata, sizeof(outdata));
+ return 1;
}
/**
*/
int setLuaPath( lua_State* L, const char* path )
{
- lua_getglobal( L, "package" );
- lua_getfield( L, -1, "path" ); // get field "path" from table at top of stack (-1)
- const char* cur_path = lua_tostring( L, -1 ); // grab path string from top of stack
- int requiredLength = strlen(cur_path)+ strlen(path)+10; //A few bytes too many, whatever we can afford it
- char * buf = malloc(requiredLength);
- snprintf(buf, requiredLength, "%s;%s", cur_path, path);
- lua_pop( L, 1 ); // get rid of the string on the stack we just pushed on line 5
- lua_pushstring( L, buf ); // push the new one
- lua_setfield( L, -2, "path" ); // set the field "path" in table at -2 with value at top of stack
- lua_pop( L, 1 ); // get rid of package table from top of stack
- return 0; // all done!
+ lua_getglobal( L, "package" );
+ lua_getfield( L, -1, "path" ); // get field "path" from table at top of stack (-1)
+ const char* cur_path = lua_tostring( L, -1 ); // grab path string from top of stack
+ int requiredLength = strlen(cur_path)+ strlen(path)+10; //A few bytes too many, whatever we can afford it
+ char * buf = malloc(requiredLength);
+ snprintf(buf, requiredLength, "%s;%s", cur_path, path);
+ lua_pop( L, 1 ); // get rid of the string on the stack we just pushed on line 5
+ lua_pushstring( L, buf ); // push the new one
+ lua_setfield( L, -2, "path" ); // set the field "path" in table at -2 with value at top of stack
+ lua_pop( L, 1 ); // get rid of package table from top of stack
+ free(buf);
+ return 0; // all done!
}
int set_pm3_libraries(lua_State *L)
{
- static const luaL_Reg libs[] = {
- {"SendCommand", l_SendCommand},
- {"WaitForResponseTimeout", l_WaitForResponseTimeout},
- {"nonce2key", l_nonce2key},
- //{"PrintAndLog", l_PrintAndLog},
- {"foobar", l_foobar},
- {"ukbhit", l_ukbhit},
- {"clearCommandBuffer", l_clearCommandBuffer},
- {"console", l_CmdConsole},
- {"iso15693_crc", l_iso15693_crc},
- {"aes", l_aes},
+ static const luaL_Reg libs[] = {
+ {"SendCommand", l_SendCommand},
+ {"WaitForResponseTimeout", l_WaitForResponseTimeout},
+ {"nonce2key", l_nonce2key},
+ //{"PrintAndLog", l_PrintAndLog},
+ {"foobar", l_foobar},
+ {"ukbhit", l_ukbhit},
+ {"clearCommandBuffer", l_clearCommandBuffer},
+ {"console", l_CmdConsole},
+ {"iso15693_crc", l_iso15693_crc},
+ {"aes128_decrypt", l_aes128decrypt_cbc},
+ {"aes128_decrypt_ecb", l_aes128decrypt_ecb},
+ {"aes128_encrypt", l_aes128encrypt_cbc},
+ {"aes128_encrypt_ecb", l_aes128encrypt_ecb},
{"crc16", l_crc16},
- {NULL, NULL}
- };
-
- lua_pushglobaltable(L);
- // Core library is in this table. Contains '
- //this is 'pm3' table
- lua_newtable(L);
-
- //Put the function into the hash table.
- for (int i = 0; libs[i].name; i++) {
- lua_pushcfunction(L, libs[i].func);
- lua_setfield(L, -2, libs[i].name);//set the name, pop stack
- }
- //Name of 'core'
- lua_setfield(L, -2, "core");
-
- //-- remove the global environment table from the stack
- lua_pop(L, 1);
-
- //-- Last but not least, add to the LUA_PATH (package.path in lua)
- // so we can load libraries from the ./lualib/ - directory
- setLuaPath(L,"./lualibs/?.lua");
-
- return 1;
+ {"crc64", l_crc64},
+ {"sha1", l_sha1},
+ {NULL, NULL}
+ };
+
+ lua_pushglobaltable(L);
+ // Core library is in this table. Contains '
+ //this is 'pm3' table
+ lua_newtable(L);
+
+ //Put the function into the hash table.
+ for (int i = 0; libs[i].name; i++) {
+ lua_pushcfunction(L, libs[i].func);
+ lua_setfield(L, -2, libs[i].name);//set the name, pop stack
+ }
+ //Name of 'core'
+ lua_setfield(L, -2, "core");
+
+ //-- remove the global environment table from the stack
+ lua_pop(L, 1);
+
+ //-- Last but not least, add to the LUA_PATH (package.path in lua)
+ // so we can load libraries from the ./lualib/ - directory
+ setLuaPath(L,"./lualibs/?.lua");
+
+ return 1;
}
--- /dev/null
+local cmds = require('commands')
+local getopt = require('getopt')
+local utils = require('utils')
+local lib14a = require('read14a')
+
+example =[[
+ script run didump
+ script run didump -k aabbccddeeff
+]]
+author = "Iceman"
+usage = "script run didump -k <key> "
+desc = [[
+This is a script to dump and decrypt the data of a specific type of Mifare Mini token.
+
+Arguments:
+ -h : this help
+ -k <key> : Mifare Key A.
+]]
+
+local band=bit32.band
+local bor=bit32.bor
+local bnot=bit32.bnot
+local bxor=bit32.bxor
+local lshift=bit32.lshift
+local rshift=bit32.rshift
+
+local FOO = 'AF62D2EC0491968CC52A1A7165F865FE'
+local BAR = '286329204469736E65792032303133'
+local RANDOM = FOO..BAR
+local outputTemplate = os.date("toydump_%Y-%m-%d_%H%M%S");
+local TIMEOUT = 2000
+local DEBUG = false
+local numBlocks = 20
+local numSectors = 5
+local CHECKSUM_OFFSET = 12; -- +1???
+---
+-- A debug printout-function
+function dbg(args)
+ if DEBUG then
+ print("###", args)
+ end
+end
+---
+-- This is only meant to be used when errors occur
+function oops(err)
+ print("ERROR: ",err)
+ core.clearCommandBuffer()
+end
+---
+-- Usage help
+function help()
+ print(desc)
+ print("Example usage")
+ print(example)
+end
+---
+-- Get checksum,
+-- called: data is string (32 hex digits)
+-- returns: number
+local function getChecksum(data)
+ local chksum = data:sub(25,32)
+ return tonumber(chksum,16)
+end
+---
+-- calculate checksum
+-- called: data is bytes (24 hex digits)
+-- returns: number
+local function calculateChecksum(data)
+
+ -- Generate table
+ local _tbl = {}
+_tbl[0] = { 0x0 }
+_tbl[1] = { 0x77073096 }
+_tbl[2] = { 0xEE0E612C }
+_tbl[3] = { 0x990951BA }
+_tbl[4] = { 0x76DC419 }
+_tbl[5] = { 0x706AF48F }
+_tbl[6] = { 0xE963A535 }
+_tbl[7] = { 0x9E6495A3 }
+_tbl[8] = { 0xEDB8832 }
+_tbl[9] = { 0x79DCB8A4 }
+_tbl[10] = { 0xE0D5E91E }
+_tbl[11] = { 0x97D2D988 }
+_tbl[12] = { 0x9B64C2B }
+_tbl[13] = { 0x7EB17CBD }
+_tbl[14] = { 0xE7B82D07 }
+_tbl[15] = { 0x90BF1D91 }
+_tbl[16] = { 0x1DB71064 }
+_tbl[17] = { 0x6AB020F2 }
+_tbl[18] = { 0xF3B97148 }
+_tbl[19] = { 0x84BE41DE }
+_tbl[20] = { 0x1ADAD47D }
+_tbl[21] = { 0x6DDDE4EB }
+_tbl[22] = { 0xF4D4B551 }
+_tbl[23] = { 0x83D385C7 }
+_tbl[24] = { 0x136C9856 }
+_tbl[25] = { 0x646BA8C0 }
+_tbl[26] = { 0xFD62F97A }
+_tbl[27] = { 0x8A65C9EC }
+_tbl[28] = { 0x14015C4F }
+_tbl[29] = { 0x63066CD9 }
+_tbl[30] = { 0xFA0F3D63 }
+_tbl[31] = { 0x8D080DF5 }
+_tbl[32] = { 0x3B6E20C8 }
+_tbl[33] = { 0x4C69105E }
+_tbl[34] = { 0xD56041E4 }
+_tbl[35] = { 0xA2677172 }
+_tbl[36] = { 0x3C03E4D1 }
+_tbl[37] = { 0x4B04D447 }
+_tbl[38] = { 0xD20D85FD }
+_tbl[39] = { 0xA50AB56B }
+_tbl[40] = { 0x35B5A8FA }
+_tbl[41] = { 0x42B2986C }
+_tbl[42] = { 0xDBBBC9D6 }
+_tbl[43] = { 0xACBCF940 }
+_tbl[44] = { 0x32D86CE3 }
+_tbl[45] = { 0x45DF5C75 }
+_tbl[46] = { 0xDCD60DCF }
+_tbl[47] = { 0xABD13D59 }
+_tbl[48] = { 0x26D930AC }
+_tbl[49] = { 0x51DE003A }
+_tbl[50] = { 0xC8D75180 }
+_tbl[51] = { 0xBFD06116 }
+_tbl[52] = { 0x21B4F4B5 }
+_tbl[53] = { 0x56B3C423 }
+_tbl[54] = { 0xCFBA9599 }
+_tbl[55] = { 0xB8BDA50F }
+_tbl[56] = { 0x2802B89E }
+_tbl[57] = { 0x5F058808 }
+_tbl[58] = { 0xC60CD9B2 }
+_tbl[59] = { 0xB10BE924 }
+_tbl[60] = { 0x2F6F7C87 }
+_tbl[61] = { 0x58684C11 }
+_tbl[62] = { 0xC1611DAB }
+_tbl[63] = { 0xB6662D3D }
+_tbl[64] = { 0x76DC4190 }
+_tbl[65] = { 0x1DB7106 }
+_tbl[66] = { 0x98D220BC }
+_tbl[67] = { 0xEFD5102A }
+_tbl[68] = { 0x71B18589 }
+_tbl[69] = { 0x6B6B51F }
+_tbl[70] = { 0x9FBFE4A5 }
+_tbl[71] = { 0xE8B8D433 }
+_tbl[72] = { 0x7807C9A2 }
+_tbl[73] = { 0xF00F934 }
+_tbl[74] = { 0x9609A88E }
+_tbl[75] = { 0xE10E9818 }
+_tbl[76] = { 0x7F6A0DBB }
+_tbl[77] = { 0x86D3D2D }
+_tbl[78] = { 0x91646C97 }
+_tbl[79] = { 0xE6635C01 }
+_tbl[80] = { 0x6B6B51F4 }
+_tbl[81] = { 0x1C6C6162 }
+_tbl[82] = { 0x856530D8 }
+_tbl[83] = { 0xF262004E }
+_tbl[84] = { 0x6C0695ED }
+_tbl[85] = { 0x1B01A57B }
+_tbl[86] = { 0x8208F4C1 }
+_tbl[87] = { 0xF50FC457 }
+_tbl[88] = { 0x65B0D9C6 }
+_tbl[89] = { 0x12B7E950 }
+_tbl[90] = { 0x8BBEB8EA }
+_tbl[91] = { 0xFCB9887C }
+_tbl[92] = { 0x62DD1DDF }
+_tbl[93] = { 0x15DA2D49 }
+_tbl[94] = { 0x8CD37CF3 }
+_tbl[95] = { 0xFBD44C65 }
+_tbl[96] = { 0x4DB26158 }
+_tbl[97] = { 0x3AB551CE }
+_tbl[98] = { 0xA3BC0074 }
+_tbl[99] = { 0xD4BB30E2 }
+_tbl[100] = { 0x4ADFA541 }
+_tbl[101] = { 0x3DD895D7 }
+_tbl[102] = { 0xA4D1C46D }
+_tbl[103] = { 0xD3D6F4FB }
+_tbl[104] = { 0x4369E96A }
+_tbl[105] = { 0x346ED9FC }
+_tbl[106] = { 0xAD678846 }
+_tbl[107] = { 0xDA60B8D0 }
+_tbl[108] = { 0x44042D73 }
+_tbl[109] = { 0x33031DE5 }
+_tbl[110] = { 0xAA0A4C5F }
+_tbl[111] = { 0xDD0D7CC9 }
+_tbl[112] = { 0x5005713C }
+_tbl[113] = { 0x270241AA }
+_tbl[114] = { 0xBE0B1010 }
+_tbl[115] = { 0xC90C2086 }
+_tbl[116] = { 0x5768B525 }
+_tbl[117] = { 0x206F85B3 }
+_tbl[118] = { 0xB966D409 }
+_tbl[119] = { 0xCE61E49F }
+_tbl[120] = { 0x5EDEF90E }
+_tbl[121] = { 0x29D9C998 }
+_tbl[122] = { 0xB0D09822 }
+_tbl[123] = { 0xC7D7A8B4 }
+_tbl[124] = { 0x59B33D17 }
+_tbl[125] = { 0x2EB40D81 }
+_tbl[126] = { 0xB7BD5C3B }
+_tbl[127] = { 0xC0BA6CAD }
+_tbl[128] = { 0xEDB88320 }
+_tbl[129] = { 0x9ABFB3B6 }
+_tbl[130] = { 0x3B6E20C }
+_tbl[131] = { 0x74B1D29A }
+_tbl[132] = { 0xEAD54739 }
+_tbl[133] = { 0x9DD277AF }
+_tbl[134] = { 0x4DB2615 }
+_tbl[135] = { 0x73DC1683 }
+_tbl[136] = { 0xE3630B12 }
+_tbl[137] = { 0x94643B84 }
+_tbl[138] = { 0xD6D6A3E }
+_tbl[139] = { 0x7A6A5AA8 }
+_tbl[140] = { 0xE40ECF0B }
+_tbl[141] = { 0x9309FF9D }
+_tbl[142] = { 0xA00AE27 }
+_tbl[143] = { 0x7D079EB1 }
+_tbl[144] = { 0xF00F9344 }
+_tbl[145] = { 0x8708A3D2 }
+_tbl[146] = { 0x1E01F268 }
+_tbl[147] = { 0x6906C2FE }
+_tbl[148] = { 0xF762575D }
+_tbl[149] = { 0x806567CB }
+_tbl[150] = { 0x196C3671 }
+_tbl[151] = { 0x6E6B06E7 }
+_tbl[152] = { 0xFED41B76 }
+_tbl[153] = { 0x89D32BE0 }
+_tbl[154] = { 0x10DA7A5A }
+_tbl[155] = { 0x67DD4ACC }
+_tbl[156] = { 0xF9B9DF6F }
+_tbl[157] = { 0x8EBEEFF9 }
+_tbl[158] = { 0x17B7BE43 }
+_tbl[159] = { 0x60B08ED5 }
+_tbl[160] = { 0xD6D6A3E8 }
+_tbl[161] = { 0xA1D1937E }
+_tbl[162] = { 0x38D8C2C4 }
+_tbl[163] = { 0x4FDFF252 }
+_tbl[164] = { 0xD1BB67F1 }
+_tbl[165] = { 0xA6BC5767 }
+_tbl[166] = { 0x3FB506DD }
+_tbl[167] = { 0x48B2364B }
+_tbl[168] = { 0xD80D2BDA }
+_tbl[169] = { 0xAF0A1B4C }
+_tbl[170] = { 0x36034AF6 }
+_tbl[171] = { 0x41047A60 }
+_tbl[172] = { 0xDF60EFC3 }
+_tbl[173] = { 0xA867DF55 }
+_tbl[174] = { 0x316E8EEF }
+_tbl[175] = { 0x4669BE79 }
+_tbl[176] = { 0xCB61B38C }
+_tbl[177] = { 0xBC66831A }
+_tbl[178] = { 0x256FD2A0 }
+_tbl[179] = { 0x5268E236 }
+_tbl[180] = { 0xCC0C7795 }
+_tbl[181] = { 0xBB0B4703 }
+_tbl[182] = { 0x220216B9 }
+_tbl[183] = { 0x5505262F }
+_tbl[184] = { 0xC5BA3BBE }
+_tbl[185] = { 0xB2BD0B28 }
+_tbl[186] = { 0x2BB45A92 }
+_tbl[187] = { 0x5CB36A04 }
+_tbl[188] = { 0xC2D7FFA7 }
+_tbl[189] = { 0xB5D0CF31 }
+_tbl[190] = { 0x2CD99E8B }
+_tbl[191] = { 0x5BDEAE1D }
+_tbl[192] = { 0x9B64C2B0 }
+_tbl[193] = { 0xEC63F226 }
+_tbl[194] = { 0x756AA39C }
+_tbl[195] = { 0x26D930A }
+_tbl[196] = { 0x9C0906A9 }
+_tbl[197] = { 0xEB0E363F }
+_tbl[198] = { 0x72076785 }
+_tbl[199] = { 0x5005713 }
+_tbl[200] = { 0x95BF4A82 }
+_tbl[201] = { 0xE2B87A14 }
+_tbl[202] = { 0x7BB12BAE }
+_tbl[203] = { 0xCB61B38 }
+_tbl[204] = { 0x92D28E9B }
+_tbl[205] = { 0xE5D5BE0D }
+_tbl[206] = { 0x7CDCEFB7 }
+_tbl[207] = { 0xBDBDF21 }
+_tbl[208] = { 0x86D3D2D4 }
+_tbl[209] = { 0xF1D4E242 }
+_tbl[210] = { 0x68DDB3F8 }
+_tbl[211] = { 0x1FDA836E }
+_tbl[212] = { 0x81BE16CD }
+_tbl[213] = { 0xF6B9265B }
+_tbl[214] = { 0x6FB077E1 }
+_tbl[215] = { 0x18B74777 }
+_tbl[216] = { 0x88085AE6 }
+_tbl[217] = { 0xFF0F6A70 }
+_tbl[218] = { 0x66063BCA }
+_tbl[219] = { 0x11010B5C }
+_tbl[220] = { 0x8F659EFF }
+_tbl[221] = { 0xF862AE69 }
+_tbl[222] = { 0x616BFFD3 }
+_tbl[223] = { 0x166CCF45 }
+_tbl[224] = { 0xA00AE278 }
+_tbl[225] = { 0xD70DD2EE }
+_tbl[226] = { 0x4E048354 }
+_tbl[227] = { 0x3903B3C2 }
+_tbl[228] = { 0xA7672661 }
+_tbl[229] = { 0xD06016F7 }
+_tbl[230] = { 0x4969474D }
+_tbl[231] = { 0x3E6E77DB }
+_tbl[232] = { 0xAED16A4A }
+_tbl[233] = { 0xD9D65ADC }
+_tbl[234] = { 0x40DF0B66 }
+_tbl[235] = { 0x37D83BF0 }
+_tbl[236] = { 0xA9BCAE53 }
+_tbl[237] = { 0xDEBB9EC5 }
+_tbl[238] = { 0x47B2CF7F }
+_tbl[239] = { 0x30B5FFE9 }
+_tbl[240] = { 0xBDBDF21C }
+_tbl[241] = { 0xCABAC28A }
+_tbl[242] = { 0x53B39330 }
+_tbl[243] = { 0x24B4A3A6 }
+_tbl[244] = { 0xBAD03605 }
+_tbl[245] = { 0xCDD70693 }
+_tbl[246] = { 0x54DE5729 }
+_tbl[247] = { 0x23D967BF }
+_tbl[248] = { 0xB3667A2E }
+_tbl[249] = { 0xC4614AB8 }
+_tbl[250] = { 0x5D681B02 }
+_tbl[251] = { 0x2A6F2B94 }
+_tbl[252] = { 0xB40BBE37 }
+_tbl[253] = { 0xC30C8EA1 }
+_tbl[254] = { 0x5A05DF1B }
+_tbl[255] = { 0x2D02EF8D }
+
+
+ -- Calculate it
+ local ret = 0
+ for i,item in pairs(data) do
+ local tmp = band(ret, 0xFF)
+ local index = band( bxor(tmp, item), 0xFF)
+ ret = bxor(rshift(ret,8), _tbl[index][1])
+ end
+ return ret
+end
+---
+-- update checksum
+-- called: data is string, ( >= 24 hex digits )
+-- returns: string, (data concat new checksum)
+local function updateChecksum(data)
+ local part = data:sub(1,24)
+ local chksum = calculateChecksum( utils.ConvertHexToBytes(part))
+ return string.format("%s%X", part, chksum)
+end
+---
+-- receives the answer from deviceside, used with a readblock command
+local function waitCmd()
+ local response = core.WaitForResponseTimeout(cmds.CMD_ACK,TIMEOUT)
+ if response then
+ local count,cmd,arg0 = bin.unpack('LL',response)
+ if(arg0==1) then
+ local count,arg1,arg2,data = bin.unpack('LLH511',response,count)
+ return data:sub(1,32)
+ else
+ return nil, "Couldn't read block.."
+ end
+ end
+ return nil, "No response from device"
+end
+
+local function selftest()
+ local testdata = '000F42430D0A14000001D11F'..'5D738517'
+ local chksum = getChecksum(testdata)
+ local calc = calculateChecksum( utils.ConvertHexToBytes(testdata:sub(1,24)))
+ print ('TESTDATA :: '..testdata)
+ print ('DATA :: '..testdata:sub(1,24))
+ print (('CHKSUM :: %X'):format(chksum))
+ print (('CHKSUM CALC :: %X'):format(calc))
+ print ('UPDATE CHKSUM :: '..updateChecksum(testdata))
+
+
+end
+---
+-- The main entry point
+-- -d decrypt
+-- -e encrypt
+-- -v validate
+function main(args)
+
+ local cmd, result, err, blockNo, keyA
+ local blocks = {}
+ local decryptkey = ''
+
+ -- Read the parameters
+ for o, a in getopt.getopt(args, 'hk:') do
+ if o == "h" then help() return end
+ if o == "k" then keyA = a end
+ end
+
+ selftest()
+
+ local tst2 = '00100100030209094312356432324E34B79A349B'
+
+ -- validate input args.
+ keyA = keyA or '6dd747e86975'
+ if #(keyA) ~= 12 then
+ return oops( string.format('Wrong length of write key (was %d) expected 12', #keyA))
+ end
+
+ -- Turn off Debug
+ local cmdSetDbgOff = "hf mf dbg 0"
+ core.console( cmdSetDbgOff)
+
+ -- GET TAG UID
+
+ result, err = lib14a.read1443a(false)
+ if not result then
+ return oops(err)
+ end
+
+ core.clearCommandBuffer()
+
+ print(result.uid, keyA)
+
+ local my = result.uid
+ if 1 == 1 then
+ return
+ end
+
+ -- Show tag info
+ print((' Found tag %s'):format(result.name))
+
+ local longrandom = RANDOM..result.uid
+ local res = utils.Sha1Hex(longrandom)
+ res = utils.ConvertBytesToHex(utils.ConvertAsciiToBytes(res:sub(1,16)))
+ decryptkey = utils.SwapEndiannessStr(res:sub(1,8) , 32)
+ decryptkey = decryptkey..utils.SwapEndiannessStr( res:sub(9,16),32)
+ decryptkey = decryptkey..utils.SwapEndiannessStr( res:sub(17,24),32)
+ decryptkey = decryptkey..utils.SwapEndiannessStr( res:sub(25,32),32)
+ print('Decrypt key::',decryptkey)
+ print('Reading card data')
+ print('Raw','Decrypted')
+ for blockNo = 0, numBlocks-1, 1 do
+
+ if core.ukbhit() then
+ print("aborted by user")
+ break
+ end
+
+ cmd = Command:new{cmd = cmds.CMD_MIFARE_READBL, arg1 = blockNo ,arg2 = 0,arg3 = 0, data = keyA}
+ local err = core.SendCommand(cmd:getBytes())
+ if err then return oops(err) end
+ local blockdata, err = waitCmd()
+ if err then return oops(err) end
+
+ if blockNo%4 ~= 3 then
+
+ -- blocks with zero not encrypted.
+ if string.find(blockdata, '^0+$') then
+ print(blockdata, blockdata)
+ else
+ local aes = core.aes128_decrypt_ecb(decryptkey, blockdata)
+ local bytes = utils.ConvertAsciiToBytes(aes)
+ local hex = utils.ConvertBytesToHex(bytes)
+ print(blockdata , hex)
+ end
+ elseif blockNo == 0 then
+ print(blockdata,blockdata)
+ else
+ -- Sectorblocks, not encrypted
+ local sectortrailer = keyA..blockdata:sub(13,20)..keyA
+ print(sectortrailer, sectortrailer, blockdata:sub(13,20))
+ end
+ end
+ -- checksum fyra sista bytes i varje rad. (kanske inte för s0)
+ -- s0b1,s1b0,s2b0,s3b0
+ --
+end
+
+main(args)
for i = 1, string.len(hexdata),32 do
ascii = ascii ..string.sub(hexdata,i,i+31).."\n"
end
- return ascii
+
+ return string.sub(ascii,1,-1)
end
local function main(args)
\r
core.clearCommandBuffer()\r
\r
- if 0x18 == result.sak then --NXP MIFARE Classic 4k | Plus 4k\r
+ if 0x18 == result.sak then -- NXP MIFARE Classic 4k | Plus 4k\r
-- IFARE Classic 4K offers 4096 bytes split into forty sectors, \r
-- of which 32 are same size as in the 1K with eight more that are quadruple size sectors. \r
numSectors = 40\r
- elseif 0x08 == result.sak then -- NXP MIFARE CLASSIC 1k | Plus 2k\r
+ elseif 0x08 == result.sak then -- NXP MIFARE CLASSIC 1k | Plus 2k\r
-- 1K offers 1024 bytes of data storage, split into 16 sector\r
numSectors = 16\r
- elseif 0x09 == result.sak then -- NXP MIFARE Mini 0.3k\r
+ elseif 0x09 == result.sak then -- NXP MIFARE Mini 0.3k\r
-- MIFARE Classic mini offers 320 bytes split into five sectors.\r
numSectors = 5\r
elseif 0x10 == result.sak then -- NXP MIFARE Plus 2k\r
-- NDEF compliant?
if b3chars[1] ~= 0xE1 then
- return oops("This tag is not NDEF-Complian")
+ return oops("This tag is not NDEF-Compliant")
end
local ndefVersion = b3chars[2]
function test()
local y
+ local block = "00"
for y = 0x0, 0x1d, 0x4 do
for _ = 1, #procedurecmds do
local pcmd = procedurecmds[_]
dbg(('lf t55xx write 0 %s'):format(config))
config = tonumber(config,16)
- local writecmd = Command:new{cmd = cmds.CMD_T55XX_WRITE_BLOCK, arg1 = config}
+ local writecmd = Command:new{cmd = cmds.CMD_T55XX_WRITE_BLOCK,arg1 = config, arg2 = block, arg3 = "00", data = "00"}
local err = core.SendCommand(writecmd:getBytes())
if err then return oops(err) end
local response = core.WaitForResponseTimeout(cmds.CMD_ACK,TIMEOUT)
function test()
local y
+ local block = "00"
for y = 1, 0x1D, 4 do
for _ = 1, #procedurecmds do
local pcmd = procedurecmds[_]
elseif _ == 1 then
local config = pcmd:format(config1, y, config2)
- dbg(('lf t55xx wr 0 %s'):format(config))
-
- config = tonumber(config,16)
- local writecmd = Command:new{cmd = cmds.CMD_T55XX_WRITE_BLOCK, arg1 = config}
+ dbg(('lf t55xx write 0 %s'):format(config))
+
+ config = tonumber(config,16)
+ local writecmd = Command:new{cmd = cmds.CMD_T55XX_WRITE_BLOCK,arg1 = config, arg2 = block, arg3 = "00", data = "00"}
local err = core.SendCommand(writecmd:getBytes())
if err then return oops(err) end
local response = core.WaitForResponseTimeout(cmds.CMD_ACK,TIMEOUT)
function test(modulation)
local y
+ local block = "00"
for y = 0x0, 0x1d, 0x4 do
for _ = 1, #procedurecmds do
local pcmd = procedurecmds[_]
dbg(('lf t55xx write 0 %s'):format(config))
config = tonumber(config,16)
- local writecmd = Command:new{cmd = cmds.CMD_T55XX_WRITE_BLOCK, arg1 = config}
+ local writecmd = Command:new{cmd = cmds.CMD_T55XX_WRITE_BLOCK,arg1 = config, arg2 = block, arg3 = "00", data = "00"}
local err = core.SendCommand(writecmd:getBytes())
if err then return oops(err) end
local response = core.WaitForResponseTimeout(cmds.CMD_ACK,TIMEOUT)
function test(modulation)
local bitrate
local clockrate
+ local block = "00"
for bitrate = 0x0, 0x1d, 0x4 do
for clockrate = 0,8,4 do
dbg(('lf t55xx write 0 %s'):format(config))
config = tonumber(config,16)
- local writecommand = Command:new{cmd = cmds.CMD_T55XX_WRITE_BLOCK, arg1 = config ,arg2 = 0, arg3 = 0}
- local err = core.SendCommand(writecommand:getBytes())
+ local writecmd = Command:new{cmd = cmds.CMD_T55XX_WRITE_BLOCK,arg1 = config, arg2 = block, arg3 = "00", data = "00"}
+ local err = core.SendCommand(writecmd:getBytes())
if err then return oops(err) end
local response = core.WaitForResponseTimeout(cmds.CMD_ACK,TIMEOUT)
else
--- /dev/null
+local cmds = require('commands')
+local getopt = require('getopt')
+local lib14a = require('read14a')
+local utils = require('utils')
+local pre = require('precalc')
+local toys = require('default_toys')
+
+local lsh = bit32.lshift
+local rsh = bit32.rshift
+local bor = bit32.bor
+local band = bit32.band
+
+example =[[
+ script run tnp3clone
+ script run tnp3clone -h
+ script run tnp3clone -l
+ script run tnp3clone -t aa00 -s 0030
+
+]]
+author = "Iceman"
+usage = "script run tnp3clone -t <toytype> -s <subtype>"
+desc =[[
+This script will try making a barebone clone of a tnp3 tag on to a magic generation1 card.
+
+Arguments:
+ -h : this help
+ -l : list all known toy tokens
+ -t <data> : toytype id, 4hex symbols
+ -s <data> : subtype id, 4hex symbols
+
+ For fun, try the following subtype id:
+ 0612 - Lightcore
+ 0118 - Series 1
+ 0138 - Series 2
+ 0234 - Special
+ 023c - Special
+ 0020 - Swapforce
+]]
+
+
+-- This is only meant to be used when errors occur
+function oops(err)
+ print("ERROR: ",err)
+end
+-- Usage help
+function help()
+ print(desc)
+ print("Example usage")
+ print(example)
+end
+
+local function waitCmd()
+ local response = core.WaitForResponseTimeout(cmds.CMD_ACK,2000)
+ if response then
+ local count,cmd,arg0 = bin.unpack('LL',response)
+ if(arg0==1) then
+ local count,arg1,arg2,data = bin.unpack('LLH511',response,count)
+ return data:sub(1,32)
+ else
+ return nil, "Couldn't read block."
+ end
+ end
+ return nil, "No response from device"
+end
+
+local function readblock( blocknum, keyA )
+ -- Read block 0
+ cmd = Command:new{cmd = cmds.CMD_MIFARE_READBL, arg1 = blocknum, arg2 = 0, arg3 = 0, data = keyA}
+ err = core.SendCommand(cmd:getBytes())
+ if err then return nil, err end
+ local block0, err = waitCmd()
+ if err then return nil, err end
+ return block0
+end
+local function readmagicblock( blocknum )
+ -- Read block 0
+ local CSETBLOCK_SINGLE_OPERATION = 0x1F
+ cmd = Command:new{cmd = cmds.CMD_MIFARE_CGETBLOCK, arg1 = CSETBLOCK_SINGLE_OPERATION, arg2 = 0, arg3 = blocknum}
+ err = core.SendCommand(cmd:getBytes())
+ if err then return nil, err end
+ local block0, err = waitCmd()
+ if err then return nil, err end
+ return block0
+end
+
+local function main(args)
+
+ print( string.rep('--',20) )
+ print( string.rep('--',20) )
+
+ local numBlocks = 64
+ local cset = 'hf mf csetbl '
+ local csetuid = 'hf mf csetuid '
+ local cget = 'hf mf cgetbl '
+ local empty = '00000000000000000000000000000000'
+ local AccAndKeyB = '7F078869000000000000'
+ -- Defaults to Gusto
+ local toytype = 'C201'
+ local subtype = '0030'
+ local DEBUG = true
+
+ -- Arguments for the script
+ for o, a in getopt.getopt(args, 'ht:s:l') do
+ if o == "h" then return help() end
+ if o == "t" then toytype = a end
+ if o == "s" then subtype = a end
+ if o == "l" then return toys.List() end
+ end
+
+ if #toytype ~= 4 then return oops('Wrong size - toytype. (4hex symbols)') end
+ if #subtype ~= 4 then return oops('Wrong size - subtype. (4hex symbols)') end
+
+ -- look up type, find & validate types
+ local item = toys.Find( toytype, subtype)
+ if item then
+ print( (' Looking up input: Found %s - %s (%s)'):format(item[6],item[5], item[4]) )
+ else
+ print('Didn\'t find item type. If you are sure about it, report it in')
+ end
+ --15,16
+ --13-14
+
+
+ -- find tag
+ result, err = lib14a.read1443a(false)
+ if not result then return oops(err) end
+
+ -- load keys
+ local akeys = pre.GetAll(result.uid)
+ local keyA = akeys:sub(1, 12 )
+
+ local b0 = readblock(0,keyA)
+ if not b0 then
+ print('failed reading block with factorydefault key. Trying chinese magic read.')
+ b0, err = readmagicblock(0)
+ if not b0 then
+ oops(err)
+ return oops('failed reading block with chinese magic command. quitting...')
+ end
+ end
+
+ -- wipe card.
+ local cmd = (csetuid..'%s 0004 08 w'):format(result.uid)
+ core.console(cmd)
+
+ local b1 = toytype..string.rep('00',10)..subtype
+
+ local calc = utils.Crc16(b0..b1)
+ local calcEndian = bor(rsh(calc,8), lsh(band(calc, 0xff), 8))
+
+ local cmd = (cset..'1 %s%04x'):format( b1, calcEndian)
+ core.console(cmd)
+
+ local pos, key
+ for blockNo = 2, numBlocks-1, 1 do
+ pos = (math.floor( blockNo / 4 ) * 12)+1
+ key = akeys:sub(pos, pos + 11 )
+ if blockNo%4 == 3 then
+ cmd = ('%s %d %s%s'):format(cset,blockNo,key,AccAndKeyB)
+ core.console(cmd)
+ end
+ end
+ core.clearCommandBuffer()
+end
+main(args)
\ No newline at end of file
local utils = require('utils')
local md5 = require('md5')
local dumplib = require('html_dumplib')
-local toyNames = require('default_toys')
+local toys = require('default_toys')
example =[[
- 1. script run tnp3dump
- 2. script run tnp3dump -n
- 3. script run tnp3dump -k aabbccddeeff
- 4. script run tnp3dump -k aabbccddeeff -n
- 5. script run tnp3dump -o myfile
- 6. script run tnp3dump -n -o myfile
- 7. script run tnp3dump -k aabbccddeeff -n -o myfile
+ script run tnp3dump
+ script run tnp3dump -n
+ script run tnp3dump -p
+ script run tnp3dump -k aabbccddeeff
+ script run tnp3dump -k aabbccddeeff -n
+ script run tnp3dump -o myfile
+ script run tnp3dump -n -o myfile
+ script run tnp3dump -p -o myfile
+ script run tnp3dump -k aabbccddeeff -n -o myfile
]]
author = "Iceman"
-usage = "script run tnp3dump -k <key> -n -o <filename>"
+usage = "script run tnp3dump -k <key> -n -p -o <filename>"
desc =[[
This script will try to dump the contents of a Mifare TNP3xxx card.
It will need a valid KeyA in order to find the other keys and decode the card.
-h : this help
-k <key> : Sector 0 Key A.
-n : Use the nested cmd to find all keys
+ -p : Use the precalc to find all keys
-o : filename for the saved dumps
]]
-
-local HASHCONSTANT = '20436F707972696768742028432920323031302041637469766973696F6E2E20416C6C205269676874732052657365727665642E20'
-
+local RANDOM = '20436F707972696768742028432920323031302041637469766973696F6E2E20416C6C205269676874732052657365727665642E20'
local TIMEOUT = 2000 -- Shouldn't take longer than 2 seconds
local DEBUG = false -- the debug flag
local numBlocks = 64
return nil, "No response from device"
end
-local function computeCrc16(s)
- local hash = core.crc16(utils.ConvertHexToAscii(s))
- return hash
-end
-
-local function reverseCrcBytes(crc)
- crc2 = crc:sub(3,4)..crc:sub(1,2)
- return tonumber(crc2,16)
-end
-
local function main(args)
print( string.rep('--',20) )
local cmd
local err
local useNested = false
+ local usePreCalc = false
local cmdReadBlockString = 'hf mf rdbl %d A %s'
local input = "dumpkeys.bin"
local outputTemplate = os.date("toydump_%Y-%m-%d_%H%M%S");
-- Arguments for the script
- for o, a in getopt.getopt(args, 'hk:no:') do
+ for o, a in getopt.getopt(args, 'hk:npo:') do
if o == "h" then return help() end
if o == "k" then keyA = a end
if o == "n" then useNested = true end
+ if o == "p" then usePreCalc = true end
if o == "o" then outputTemplate = a end
end
-
+
-- validate input args.
keyA = keyA or '4b0b20107ccb'
if #(keyA) ~= 12 then
core.clearCommandBuffer()
- if 0x01 ~= result.sak then -- NXP MIFARE TNP3xxx
- return oops('This is not a TNP3xxx tag. aborting.')
- end
-
-- Show tag info
- print((' Found tag : %s'):format(result.name))
- print(('Using keyA : %s'):format(keyA))
+ print((' Found tag %s'):format(result.name))
+
+ dbg(('Using keyA : %s'):format(keyA))
--Trying to find the other keys
if useNested then
core.console( ('hf mf nested 1 0 A %s d'):format(keyA) )
end
-
+
core.clearCommandBuffer()
- -- Loading keyfile
- print('Loading dumpkeys.bin')
- local hex, err = utils.ReadDumpFile(input)
- if not hex then
- return oops(err)
+ local akeys = ''
+ if usePreCalc then
+ local pre = require('precalc')
+ akeys = pre.GetAll(result.uid)
+ else
+ print('Loading dumpkeys.bin')
+ local hex, err = utils.ReadDumpFile(input)
+ if not hex then
+ return oops(err)
+ end
+ akeys = hex:sub(0,12*16)
end
-
- local akeys = hex:sub(0,12*16)
-
+
-- Read block 0
cmd = Command:new{cmd = cmds.CMD_MIFARE_READBL, arg1 = 0,arg2 = 0,arg3 = 0, data = keyA}
err = core.SendCommand(cmd:getBytes())
local block1, err = waitCmd()
if err then return oops(err) end
+ local tmpHash = block0..block1..'%02x'..RANDOM
+
local key
local pos = 0
local blockNo
core.clearCommandBuffer()
-- main loop
- io.write('Decrypting blocks > ')
+ io.write('Reading blocks > ')
for blockNo = 0, numBlocks-1, 1 do
if core.ukbhit() then
local blockdata, err = waitCmd()
if err then return oops(err) end
+
if blockNo%4 ~= 3 then
+
if blockNo < 8 then
-- Block 0-7 not encrypted
- blocks[blockNo+1] = ('%02d :: %s'):format(blockNo,blockdata)
+ blocks[blockNo+1] = ('%02d :: %s'):format(blockNo,blockdata)
else
- local base = ('%s%s%02x%s'):format(block0, block1, blockNo, HASHCONSTANT)
- local baseStr = utils.ConvertHexToAscii(base)
- local md5hash = md5.sumhexa(baseStr)
- local aestest = core.aes(md5hash, blockdata)
-
- local hex = utils.ConvertAsciiToBytes(aestest)
- hex = utils.ConvertBytesToHex(hex)
-
-- blocks with zero not encrypted.
if string.find(blockdata, '^0+$') then
- blocks[blockNo+1] = ('%02d :: %s'):format(blockNo,blockdata)
+ blocks[blockNo+1] = ('%02d :: %s'):format(blockNo,blockdata)
else
+ local baseStr = utils.ConvertHexToAscii(tmpHash:format(blockNo))
+ local key = md5.sumhexa(baseStr)
+ local aestest = core.aes128_decrypt(key, blockdata)
+ local hex = utils.ConvertAsciiToBytes(aestest)
+ hex = utils.ConvertBytesToHex(hex)
blocks[blockNo+1] = ('%02d :: %s'):format(blockNo,hex)
- io.write( blockNo..',')
+ io.write(blockNo..',')
end
end
else
emldata = emldata..slice..'\n'
for c in (str):gmatch('.') do
bindata[#bindata+1] = c
- end
+ end
end
-
+ print( string.rep('--',20) )
+
local uid = block0:sub(1,8)
- local itemtype = block1:sub(1,4)
+ local toytype = block1:sub(1,4)
+ local cardidLsw = block1:sub(9,16)
+ local cardidMsw = block1:sub(16,24)
local cardid = block1:sub(9,24)
- local traptype = block1:sub(25,28)
+ local subtype = block1:sub(25,28)
-- Write dump to files
if not DEBUG then
- local foo = dumplib.SaveAsBinary(bindata, outputTemplate..'_uid_'..uid..'.bin')
- print(("Wrote a BIN dump to the file %s"):format(foo))
- local bar = dumplib.SaveAsText(emldata, outputTemplate..'_uid_'..uid..'.eml')
- print(("Wrote a EML dump to the file %s"):format(bar))
+ local foo = dumplib.SaveAsBinary(bindata, outputTemplate..'-'..uid..'.bin')
+ print(("Wrote a BIN dump to: %s"):format(foo))
+ local bar = dumplib.SaveAsText(emldata, outputTemplate..'-'..uid..'.eml')
+ print(("Wrote a EML dump to: %s"):format(bar))
end
-
- -- Show info
+
print( string.rep('--',20) )
- print( (' ITEM TYPE : 0x%s - %s'):format(itemtype, toyNames[itemtype]) )
- print( (' Alter ego / traptype : 0x%s'):format(traptype) )
+ -- Show info
+
+ local item = toys.Find(toytype, subtype)
+ if item then
+ print((' ITEM TYPE : %s - %s (%s)'):format(item[6],item[5], item[4]) )
+ else
+ print((' ITEM TYPE : 0x%s 0x%s'):format(toytype, subtype))
+ end
+
print( (' UID : 0x%s'):format(uid) )
print( (' CARDID : 0x%s'):format(cardid ) )
-
print( string.rep('--',20) )
-
+
+ core.clearCommandBuffer()
end
main(args)
\ No newline at end of file
local lib14a = require('read14a')
local utils = require('utils')
local md5 = require('md5')
-local toyNames = require('default_toys')
+local toys = require('default_toys')
example =[[
1. script run tnp3sim
-h : this help
-m : Maxed out items (experimental)
-i : filename for the datadump to read (bin)
-]]
+
+ ]]
local TIMEOUT = 2000 -- Shouldn't take longer than 2 seconds
-local DEBUG = true -- the debug flag
+local DEBUG = false -- the debug flag
+local RANDOM = '20436F707972696768742028432920323031302041637469766973696F6E2E20416C6C205269676874732052657365727665642E20'
+
+local band = bit32.band
+local bor = bit32.bor
+local lshift = bit32.lshift
+local rshift = bit32.rshift
+local byte = string.byte
+local char = string.char
+local sub = string.sub
+local format = string.format
+
+
+
+local band = bit32.band
+local bor = bit32.bor
+local lshift = bit32.lshift
+local rshift = bit32.rshift
+local byte = string.byte
+local char = string.char
+local sub = string.sub
+local format = string.format
+
---
-- A debug printout-function
function dbg(args)
print()
end
-
local function writedumpfile(infile)
t = infile:read("*all")
len = string.len(t)
io.write( ('TYPE 3 area 2: %04x = %04x -- %s\n'):format(crc,calc,isOk))
end
-
-local function LoadEmulator(blocks)
- local HASHCONSTANT = '20436F707972696768742028432920323031302041637469766973696F6E2E20416C6C205269676874732052657365727665642E20'
local cmd
local blockdata
for _,b in pairs(blocks) do
if _%4 ~= 3 then
if (_ >= 8 and _<=21) or (_ >= 36 and _<=49) then
- local base = ('%s%s%02x%s'):format(blocks[0], blocks[1], _ , HASHCONSTANT)
+ local base = ('%s%s%02x%s'):format(blocks[0], blocks[1], _ , RANDOM)
local baseStr = utils.ConvertHexToAscii(base)
local key = md5.sumhexa(baseStr)
- local enc = core.aes(key, blockdata)
+ local enc = core.aes128_encrypt(key, blockdata)
local hex = utils.ConvertAsciiToBytes(enc)
hex = utils.ConvertBytesToHex(hex)
io.write('\n')
end
+local function Num2Card(m, l)
+
+ local k = {
+ 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39,0x42, 0x43, 0x44, 0x46, 0x47, 0x48, 0x4A, 0x4B,
+ 0x4C, 0x4D, 0x4E, 0x50, 0x51, 0x52, 0x53, 0x54,0x56, 0x57, 0x58, 0x59, 0x5A, 0x00
+ }
+ local msw = tonumber(utils.SwapEndiannessStr(m,32),16)
+ local lsw = tonumber(utils.SwapEndiannessStr(l,32),16)
+
+ if msw > 0x17ea1 then
+ return "too big"
+ end
+
+ if msw == 0x17ea1 and lsw > 0x8931fee8 then
+ return "out of range"
+ end
+
+ local s = ""
+ local index
+ for i = 1,10 do
+ index, msw, lsw = DivideByK( msw, lsw)
+ if ( index <= 1 ) then
+ s = char(k[index]) .. s
+ else
+ s = char(k[index-1]) .. s
+ end
+ print (index-1, msw, lsw)
+ end
+ return s
+end
+--33LRT-LM9Q9
+--7, 122, 3474858630
+--20, 4, 1008436634
+--7, 0, 627182959
+--17, 0, 21626998
+--16, 0, 745758
+--23, 0, 25715
+--21, 0, 886
+--16, 0, 30
+--1, 0, 1
+--1, 0, 0
+
+function DivideByK(msw, lsw)
+
+ local lowLSW
+ local highLSW
+ local remainder = 0
+ local RADIX = 29
+
+ --local num = 0 | band( rshift(msw,16), 0xffff)
+ local num = band( rshift(msw, 16), 0xffff)
+
+ --highLSW = 0 | lshift( (num / RADIX) , 16)
+ highLSW = lshift( (num / RADIX) , 16)
+ remainder = num % RADIX
+
+ num = bor( lshift(remainder,16), band(msw, 0xffff))
+
+ --highLSW |= num / RADIX
+ highLSW = highLSW or (num / RADIX)
+ remainder = num % RADIX
+
+ num = bor( lshift(remainder,16), ( band(rshift(lsw,16), 0xffff)))
+
+ --lowLSW = 0 | (num / RADIX) << 16
+ lowLSW = 0 or (lshift( (num / RADIX), 16))
+ remainder = num % RADIX
+
+ num = bor( lshift(remainder,16) , band(lsw, 0xffff) )
+
+ lowLSW = bor(lowLSW, (num / RADIX))
+ remainder = num % RADIX
+ return remainder, highLSW, lowLSW
+
+ -- uint num = 0 | (msw >> 16) & 0xffff;
+
+ -- highLSW = 0 | (num / RADIX) << 16;
+ -- remainder = num % RADIX;
+
+ -- num = (remainder << 16) | (msw & 0xffff);
+
+ -- highLSW |= num / RADIX;
+ -- remainder = num % RADIX;
+
+ -- num = (remainder << 16) | ((lsw >> 16) & 0xffff);
+
+ -- lowLSW = 0 | (num / RADIX) << 16;
+ -- remainder = num % RADIX;
+
+ -- num = (remainder << 16) | (lsw & 0xffff);
+
+ -- lowLSW |= num / RADIX;
+ -- remainder = num % RADIX;
+
+end
+
local function main(args)
print( string.rep('--',20) )
local cmdSetDbgOff = "hf mf dbg 0"
core.console( cmdSetDbgOff)
- -- if not loadFromDump then
- -- -- Look for tag present on reader,
- -- result, err = lib14a.read1443a(false)
- -- if not result then return oops(err) end
-
- -- core.clearCommandBuffer()
-
- -- if 0x01 ~= result.sak then -- NXP MIFARE TNP3xxx
- -- return oops('This is not a TNP3xxx tag. aborting.')
- -- end
-
- -- -- Show tag info
- -- print((' Found tag : %s'):format(result.name))
- -- end
-
-- Load dump.bin file
print( (' Load data from %s'):format(inputTemplate))
hex, err = utils.ReadDumpFile(inputTemplate)
end
if DEBUG then
- print('Validating checksums in the loaded datadump')
+ print(' Validating checksums')
ValidateCheckSums(blocks)
end
print( string.rep('--',20) )
print(' Gathering info')
local uid = blocks[0]:sub(1,8)
- local itemtype = blocks[1]:sub(1,4)
- local cardid = blocks[1]:sub(9,24)
+ local toytype = blocks[1]:sub(1,4)
+ local cardidLsw = blocks[1]:sub(9,16)
+ local cardidMsw = blocks[1]:sub(17,24)
+ local subtype = blocks[1]:sub(25,28)
-- Show info
print( string.rep('--',20) )
- print( (' ITEM TYPE : 0x%s - %s'):format(itemtype, toyNames[itemtype]) )
+
+ local item = toys.Find( toytype, subtype)
+ if item then
+ local itemStr = ('%s - %s (%s)'):format(item[6],item[5], item[4])
+ print(' ITEM TYPE : '..itemStr )
+ else
+ print( (' ITEM TYPE : 0x%s 0x%s'):format(toytype, subtype) )
+ end
+
print( (' UID : 0x%s'):format(uid) )
- print( (' CARDID : 0x%s'):format(cardid ) )
+ print( (' CARDID : 0x%s %s [%s]'):format(
+ cardidMsw,cardidLsw,
+ --Num2Card(cardidMsw, cardidLsw))
+ '')
+ )
print( string.rep('--',20) )
- -- lets do something.
- --
+
+ -- Experience should be:
local experience = blocks[8]:sub(1,6)
- print(('Experience : %d'):format(utils.SwapEndianness(experience,24)))
+ print(('Experience : %d'):format(utils.SwapEndianness(experience,16)))
+
local money = blocks[8]:sub(7,10)
print(('Money : %d'):format(utils.SwapEndianness(money,16)))
+
+ --
+
+ -- Sequence number
+ local seqnum = blocks[8]:sub(18,19)
+ print(('Sequence number : %d'):format( tonumber(seqnum,16)))
+
local fairy = blocks[9]:sub(1,8)
--FD0F = Left, FF0F = Right
local path = 'not choosen'
local hat = blocks[9]:sub(8,11)
print(('Hat : %d'):format(utils.SwapEndianness(hat,16)))
+
+ local level = blocks[13]:sub(27,28)
+ print(('LEVEL : %d'):format( tonumber(level,16)))
+ --hälsa: 667 029b
+ --local health = blocks[]:sub();
+ --print(('Health : %d'):format( tonumber(health,16))
--0x0D 0x29 0x0A 0x02 16-bit hero points value. Maximum 100.
local heropoints = blocks[13]:sub(20,23)
local challenges = blocks[16]:sub(25,32)
print(('Finished hero challenges : %d'):format(utils.SwapEndianness(challenges,32)))
+ -- Character Name
+ local name1 = blocks[10]:sub(1,32)
+ local name2 = blocks[12]:sub(1,32)
+ print('Custom name : '..utils.ConvertHexToAscii(name1..name2))
+
if maxed then
print('Lets try to max out some values')
-- max out money, experience
err = LoadEmulator(blocks)
if err then return oops(err) end
core.clearCommandBuffer()
- print('The simulation is now prepared.\n --> run \"hf mf sim u '..uid..' x\" <--')
+ print('The simulation is now prepared.\n --> run \"hf mf sim u '..uid..'\" <--')
end
end
main(args)
\ No newline at end of file
printf("\n");
}
-char * sprint_hex(const uint8_t * data, const size_t len) {
+char *sprint_hex(const uint8_t *data, const size_t len) {
int maxLen = ( len > 1024/3) ? 1024/3 : len;
static char buf[1024];
- char * tmp = buf;
+ memset(buf, 0x00, 1024);
+ char *tmp = buf;
size_t i;
for (i=0; i < maxLen; ++i, tmp += 3)
return buf;
}
-char * sprint_bin(const uint8_t * data, const size_t len) {
+char *sprint_bin_break(const uint8_t *data, const size_t len, const uint8_t breaks) {
- int maxLen = ( len > 1024) ? 1024 : len;
+ int maxLen = ( len > 1020) ? 1020 : len;
static char buf[1024];
- char * tmp = buf;
- size_t i;
+ memset(buf, 0x00, 1024);
+ char *tmp = buf;
- for (i=0; i < maxLen; ++i, ++tmp)
- sprintf(tmp, "%u", data[i]);
+ for (size_t i=0; i < maxLen; ++i){
+ sprintf(tmp++, "%u", data[i]);
+ if (breaks > 0 && !((i+1) % breaks))
+ sprintf(tmp++, "%s","\n");
+ }
return buf;
}
+char *sprint_bin(const uint8_t *data, const size_t len) {
+ return sprint_bin_break(data, len, 0);
+}
void num_to_bytes(uint64_t n, size_t len, uint8_t* dest)
{
while (len--) {
return num;
}
+// aa,bb,cc,dd,ee,ff,gg,hh, ii,jj,kk,ll,mm,nn,oo,pp
+// to
+// hh,gg,ff,ee,dd,cc,bb,aa, pp,oo,nn,mm,ll,kk,jj,ii
+// up to 64 bytes or 512 bits
+uint8_t *SwapEndian64(const uint8_t *src, const size_t len, const uint8_t blockSize){
+ static uint8_t buf[64];
+ memset(buf, 0x00, 64);
+ uint8_t *tmp = buf;
+ for (uint8_t block=0; block < (uint8_t)(len/blockSize); block++){
+ for (size_t i = 0; i < blockSize; i++){
+ tmp[i+(blockSize*block)] = src[(blockSize-1-i)+(blockSize*block)];
+ }
+ }
+ return tmp;
+}
+
//assumes little endian
char * printBits(size_t const size, void const * const ptr)
{
// convert binary array of 0x00/0x01 values to hex (safe to do in place as target will always be shorter than source)
// return number of bits converted
-int binarraytohex(char *target, char *source, int length)
+int binarraytohex(char *target,char *source, int length)
{
unsigned char i, x;
int j = length;
target += length;
*(target)= GetParity(source + length / 2, ODD, length / 2);
}
+
+void xor(unsigned char *dst, unsigned char *src, size_t len) {
+ for( ; len > 0; len--,dst++,src++)
+ *dst ^= *src;
+}
+
+int32_t le24toh (uint8_t data[3]) {
+ return (data[2] << 16) | (data[1] << 8) | data[0];
+}
void print_hex(const uint8_t * data, const size_t len);
char * sprint_hex(const uint8_t * data, const size_t len);
char * sprint_bin(const uint8_t * data, const size_t len);
+char * sprint_bin_break(const uint8_t *data, const size_t len, const uint8_t breaks);
void num_to_bytes(uint64_t n, size_t len, uint8_t* dest);
uint64_t bytes_to_num(uint8_t* src, size_t len);
char * printBits(size_t const size, void const * const ptr);
+uint8_t *SwapEndian64(const uint8_t *src, const size_t len, const uint8_t blockSize);
char param_getchar(const char *line, int paramnum);
uint8_t param_get8(const char *line, int paramnum);
uint8_t GetParity( char *string, uint8_t type, int length);
void wiegand_add_parity(char *target, char *source, char length);
+void xor(unsigned char *dst, unsigned char *src, size_t len);
+int32_t le24toh(uint8_t data[3]);
AS = $(CROSS)as
LD = $(CROSS)ld
OBJCOPY = $(CROSS)objcopy
+GZIP=gzip
OBJDIR = obj
endif
-# Also search prerequisites in the common directory (for usb.c), and the fpga directory (for fpga.bit)
-VPATH = . ../common/ ../fpga/
+# Also search prerequisites in the common directory (for usb.c), the fpga directory (for fpga.bit), and the zlib directory
+VPATH = . ../common ../fpga ../zlib
INCLUDES = ../include/proxmark3.h ../include/at91sam7s512.h ../include/config_gpio.h ../include/usb_cmd.h $(APP_INCLUDES)
LIBS = -lgcc
-THUMBOBJ = $(patsubst %.c,$(OBJDIR)/%.o,$(THUMBSRC))
-ARMOBJ = $(ARMSRC:%.c=$(OBJDIR)/%.o)
-ASMOBJ = $(patsubst %.s,$(OBJDIR)/%.o,$(ASMSRC))
+THUMBOBJ = $(patsubst %.c,$(OBJDIR)/%.o,$(notdir $(THUMBSRC)))
+ARMOBJ = $(patsubst %.c,$(OBJDIR)/%.o,$(notdir $(ARMSRC)))
+ASMOBJ = $(patsubst %.s,$(OBJDIR)/%.o,$(notdir $(ASMSRC)))
VERSIONOBJ = $(OBJDIR)/version.o
$(THUMBOBJ): $(OBJDIR)/%.o: %.c $(INCLUDES)
$(patsubst %.s,$(OBJDIR)/%.d,$(notdir $(ASMSRC)))
$(DEPENDENCY_FILES): Makefile ../common/Makefile.common
+
$(patsubst %.o,%.d,$(THUMBOBJ) $(ARMOBJ)): $(OBJDIR)/%.d: %.c
@$(CC) -MM -MT "$(@) $(@:.d=.o)" $(CFLAGS) $< > $@
$(patsubst %.o,%.d,$(ASMOBJ)):$(OBJDIR)/%.d: %.s
#include "crc16.h"
-
unsigned short update_crc16( unsigned short crc, unsigned char c )
{
- unsigned short i, v, tcrc = 0;
+ unsigned short i, v, tcrc = 0;
- v = (crc ^ c) & 0xff;
- for (i = 0; i < 8; i++) {
- tcrc = ( (tcrc ^ v) & 1 ) ? ( tcrc >> 1 ) ^ 0x8408 : tcrc >> 1;
- v >>= 1;
- }
+ v = (crc ^ c) & 0xff;
+ for (i = 0; i < 8; i++) {
+ tcrc = ( (tcrc ^ v) & 1 ) ? ( tcrc >> 1 ) ^ 0x8408 : tcrc >> 1;
+ v >>= 1;
+ }
- return ((crc >> 8) ^ tcrc)&0xffff;
+ return ((crc >> 8) ^ tcrc)&0xffff;
}
uint16_t crc16(uint8_t const *message, int length, uint16_t remainder, uint16_t polynomial) {
-
- if (length == 0)
- return (~remainder);
-
- for (int byte = 0; byte < length; ++byte) {
- remainder ^= (message[byte] << 8);
- for (uint8_t bit = 8; bit > 0; --bit) {
- if (remainder & 0x8000) {
- remainder = (remainder << 1) ^ polynomial;
- } else {
- remainder = (remainder << 1);
- }
- }
- }
- return remainder;
+
+ if (length == 0) return (~remainder);
+
+ for (int byte = 0; byte < length; ++byte) {
+ remainder ^= (message[byte] << 8);
+ for (uint8_t bit = 8; bit > 0; --bit) {
+ if (remainder & 0x8000) {
+ remainder = (remainder << 1) ^ polynomial;
+ } else {
+ remainder = (remainder << 1);
+ }
+ }
+ }
+ return remainder;
}
uint16_t crc16_ccitt(uint8_t const *message, int length) {
- return crc16(message, length, 0xffff, 0x1021);
+ return crc16(message, length, 0xffff, 0x1021);
+}
+
+uint16_t crc16_ccitt_kermit(uint8_t const *message, int length) {
+ return bit_reverse_uint16(crc16(message, length, 0x0000, 0x1021));
+}
+
+uint16_t bit_reverse_uint16 (uint16_t value) {
+ const uint16_t mask0 = 0x5555;
+ const uint16_t mask1 = 0x3333;
+ const uint16_t mask2 = 0x0F0F;
+ const uint16_t mask3 = 0x00FF;
+
+ value = (((~mask0) & value) >> 1) | ((mask0 & value) << 1);
+ value = (((~mask1) & value) >> 2) | ((mask1 & value) << 2);
+ value = (((~mask2) & value) >> 4) | ((mask2 & value) << 4);
+ value = (((~mask3) & value) >> 8) | ((mask3 & value) << 8);
+
+ return value;
}
unsigned short update_crc16(unsigned short crc, unsigned char c);
uint16_t crc16(uint8_t const *message, int length, uint16_t remainder, uint16_t polynomial);
uint16_t crc16_ccitt(uint8_t const *message, int length);
+uint16_t crc16_ccitt_kermit(uint8_t const *message, int length);
+uint16_t bit_reverse_uint16 (uint16_t value);
#endif
--- /dev/null
+#include <stdint.h>
+#include <stddef.h>
+#include "crc64.h"
+
+#define CRC64_ISO_PRESET 0xFFFFFFFFFFFFFFFF
+#define CRC64_ECMA_PRESET 0x0000000000000000
+
+const uint64_t crc64_table[] = {
+ 0x0000000000000000, 0x42F0E1EBA9EA3693, 0x85E1C3D753D46D26, 0xC711223CFA3E5BB5,
+ 0x493366450E42ECDF, 0x0BC387AEA7A8DA4C, 0xCCD2A5925D9681F9, 0x8E224479F47CB76A,
+ 0x9266CC8A1C85D9BE, 0xD0962D61B56FEF2D, 0x17870F5D4F51B498, 0x5577EEB6E6BB820B,
+ 0xDB55AACF12C73561, 0x99A54B24BB2D03F2, 0x5EB4691841135847, 0x1C4488F3E8F96ED4,
+ 0x663D78FF90E185EF, 0x24CD9914390BB37C, 0xE3DCBB28C335E8C9, 0xA12C5AC36ADFDE5A,
+ 0x2F0E1EBA9EA36930, 0x6DFEFF5137495FA3, 0xAAEFDD6DCD770416, 0xE81F3C86649D3285,
+ 0xF45BB4758C645C51, 0xB6AB559E258E6AC2, 0x71BA77A2DFB03177, 0x334A9649765A07E4,
+ 0xBD68D2308226B08E, 0xFF9833DB2BCC861D, 0x388911E7D1F2DDA8, 0x7A79F00C7818EB3B,
+ 0xCC7AF1FF21C30BDE, 0x8E8A101488293D4D, 0x499B3228721766F8, 0x0B6BD3C3DBFD506B,
+ 0x854997BA2F81E701, 0xC7B97651866BD192, 0x00A8546D7C558A27, 0x4258B586D5BFBCB4,
+ 0x5E1C3D753D46D260, 0x1CECDC9E94ACE4F3, 0xDBFDFEA26E92BF46, 0x990D1F49C77889D5,
+ 0x172F5B3033043EBF, 0x55DFBADB9AEE082C, 0x92CE98E760D05399, 0xD03E790CC93A650A,
+ 0xAA478900B1228E31, 0xE8B768EB18C8B8A2, 0x2FA64AD7E2F6E317, 0x6D56AB3C4B1CD584,
+ 0xE374EF45BF6062EE, 0xA1840EAE168A547D, 0x66952C92ECB40FC8, 0x2465CD79455E395B,
+ 0x3821458AADA7578F, 0x7AD1A461044D611C, 0xBDC0865DFE733AA9, 0xFF3067B657990C3A,
+ 0x711223CFA3E5BB50, 0x33E2C2240A0F8DC3, 0xF4F3E018F031D676, 0xB60301F359DBE0E5,
+ 0xDA050215EA6C212F, 0x98F5E3FE438617BC, 0x5FE4C1C2B9B84C09, 0x1D14202910527A9A,
+ 0x93366450E42ECDF0, 0xD1C685BB4DC4FB63, 0x16D7A787B7FAA0D6, 0x5427466C1E109645,
+ 0x4863CE9FF6E9F891, 0x0A932F745F03CE02, 0xCD820D48A53D95B7, 0x8F72ECA30CD7A324,
+ 0x0150A8DAF8AB144E, 0x43A04931514122DD, 0x84B16B0DAB7F7968, 0xC6418AE602954FFB,
+ 0xBC387AEA7A8DA4C0, 0xFEC89B01D3679253, 0x39D9B93D2959C9E6, 0x7B2958D680B3FF75,
+ 0xF50B1CAF74CF481F, 0xB7FBFD44DD257E8C, 0x70EADF78271B2539, 0x321A3E938EF113AA,
+ 0x2E5EB66066087D7E, 0x6CAE578BCFE24BED, 0xABBF75B735DC1058, 0xE94F945C9C3626CB,
+ 0x676DD025684A91A1, 0x259D31CEC1A0A732, 0xE28C13F23B9EFC87, 0xA07CF2199274CA14,
+ 0x167FF3EACBAF2AF1, 0x548F120162451C62, 0x939E303D987B47D7, 0xD16ED1D631917144,
+ 0x5F4C95AFC5EDC62E, 0x1DBC74446C07F0BD, 0xDAAD56789639AB08, 0x985DB7933FD39D9B,
+ 0x84193F60D72AF34F, 0xC6E9DE8B7EC0C5DC, 0x01F8FCB784FE9E69, 0x43081D5C2D14A8FA,
+ 0xCD2A5925D9681F90, 0x8FDAB8CE70822903, 0x48CB9AF28ABC72B6, 0x0A3B7B1923564425,
+ 0x70428B155B4EAF1E, 0x32B26AFEF2A4998D, 0xF5A348C2089AC238, 0xB753A929A170F4AB,
+ 0x3971ED50550C43C1, 0x7B810CBBFCE67552, 0xBC902E8706D82EE7, 0xFE60CF6CAF321874,
+ 0xE224479F47CB76A0, 0xA0D4A674EE214033, 0x67C58448141F1B86, 0x253565A3BDF52D15,
+ 0xAB1721DA49899A7F, 0xE9E7C031E063ACEC, 0x2EF6E20D1A5DF759, 0x6C0603E6B3B7C1CA,
+ 0xF6FAE5C07D3274CD, 0xB40A042BD4D8425E, 0x731B26172EE619EB, 0x31EBC7FC870C2F78,
+ 0xBFC9838573709812, 0xFD39626EDA9AAE81, 0x3A28405220A4F534, 0x78D8A1B9894EC3A7,
+ 0x649C294A61B7AD73, 0x266CC8A1C85D9BE0, 0xE17DEA9D3263C055, 0xA38D0B769B89F6C6,
+ 0x2DAF4F0F6FF541AC, 0x6F5FAEE4C61F773F, 0xA84E8CD83C212C8A, 0xEABE6D3395CB1A19,
+ 0x90C79D3FEDD3F122, 0xD2377CD44439C7B1, 0x15265EE8BE079C04, 0x57D6BF0317EDAA97,
+ 0xD9F4FB7AE3911DFD, 0x9B041A914A7B2B6E, 0x5C1538ADB04570DB, 0x1EE5D94619AF4648,
+ 0x02A151B5F156289C, 0x4051B05E58BC1E0F, 0x87409262A28245BA, 0xC5B073890B687329,
+ 0x4B9237F0FF14C443, 0x0962D61B56FEF2D0, 0xCE73F427ACC0A965, 0x8C8315CC052A9FF6,
+ 0x3A80143F5CF17F13, 0x7870F5D4F51B4980, 0xBF61D7E80F251235, 0xFD913603A6CF24A6,
+ 0x73B3727A52B393CC, 0x31439391FB59A55F, 0xF652B1AD0167FEEA, 0xB4A25046A88DC879,
+ 0xA8E6D8B54074A6AD, 0xEA16395EE99E903E, 0x2D071B6213A0CB8B, 0x6FF7FA89BA4AFD18,
+ 0xE1D5BEF04E364A72, 0xA3255F1BE7DC7CE1, 0x64347D271DE22754, 0x26C49CCCB40811C7,
+ 0x5CBD6CC0CC10FAFC, 0x1E4D8D2B65FACC6F, 0xD95CAF179FC497DA, 0x9BAC4EFC362EA149,
+ 0x158E0A85C2521623, 0x577EEB6E6BB820B0, 0x906FC95291867B05, 0xD29F28B9386C4D96,
+ 0xCEDBA04AD0952342, 0x8C2B41A1797F15D1, 0x4B3A639D83414E64, 0x09CA82762AAB78F7,
+ 0x87E8C60FDED7CF9D, 0xC51827E4773DF90E, 0x020905D88D03A2BB, 0x40F9E43324E99428,
+ 0x2CFFE7D5975E55E2, 0x6E0F063E3EB46371, 0xA91E2402C48A38C4, 0xEBEEC5E96D600E57,
+ 0x65CC8190991CB93D, 0x273C607B30F68FAE, 0xE02D4247CAC8D41B, 0xA2DDA3AC6322E288,
+ 0xBE992B5F8BDB8C5C, 0xFC69CAB42231BACF, 0x3B78E888D80FE17A, 0x7988096371E5D7E9,
+ 0xF7AA4D1A85996083, 0xB55AACF12C735610, 0x724B8ECDD64D0DA5, 0x30BB6F267FA73B36,
+ 0x4AC29F2A07BFD00D, 0x08327EC1AE55E69E, 0xCF235CFD546BBD2B, 0x8DD3BD16FD818BB8,
+ 0x03F1F96F09FD3CD2, 0x41011884A0170A41, 0x86103AB85A2951F4, 0xC4E0DB53F3C36767,
+ 0xD8A453A01B3A09B3, 0x9A54B24BB2D03F20, 0x5D45907748EE6495, 0x1FB5719CE1045206,
+ 0x919735E51578E56C, 0xD367D40EBC92D3FF, 0x1476F63246AC884A, 0x568617D9EF46BED9,
+ 0xE085162AB69D5E3C, 0xA275F7C11F7768AF, 0x6564D5FDE549331A, 0x279434164CA30589,
+ 0xA9B6706FB8DFB2E3, 0xEB46918411358470, 0x2C57B3B8EB0BDFC5, 0x6EA7525342E1E956,
+ 0x72E3DAA0AA188782, 0x30133B4B03F2B111, 0xF7021977F9CCEAA4, 0xB5F2F89C5026DC37,
+ 0x3BD0BCE5A45A6B5D, 0x79205D0E0DB05DCE, 0xBE317F32F78E067B, 0xFCC19ED95E6430E8,
+ 0x86B86ED5267CDBD3, 0xC4488F3E8F96ED40, 0x0359AD0275A8B6F5, 0x41A94CE9DC428066,
+ 0xCF8B0890283E370C, 0x8D7BE97B81D4019F, 0x4A6ACB477BEA5A2A, 0x089A2AACD2006CB9,
+ 0x14DEA25F3AF9026D, 0x562E43B4931334FE, 0x913F6188692D6F4B, 0xD3CF8063C0C759D8,
+ 0x5DEDC41A34BBEEB2, 0x1F1D25F19D51D821, 0xD80C07CD676F8394, 0x9AFCE626CE85B507
+};
+
+void crc64 (const uint8_t *data, const size_t len, uint64_t *crc) {
+
+ for (size_t i = 0; i < len; i++)
+ {
+ //uint8_t tableIndex = (((uint8_t)(*crc >> 56)) ^ data[i]) & 0xff;
+ uint8_t tableIndex = (((uint8_t)(*crc >> 56)) ^ data[i]) & 0xff;
+ *crc = crc64_table[tableIndex] ^ (*crc << 8);
+ }
+}
+
+//suint8_t x = (c & 0xFF00000000000000 ) >> 56;
\ No newline at end of file
--- /dev/null
+//-----------------------------------------------------------------------------
+// This code is licensed to you under the terms of the GNU GPL, version 2 or,
+// at your option, any later version. See the LICENSE.txt file for the text of
+// the license.
+//-----------------------------------------------------------------------------
+// CRC64 ECMA
+//-----------------------------------------------------------------------------
+
+#ifndef __CRC64_H
+#define __CRC64_H
+
+void crc64 (const uint8_t *data, const size_t len, uint64_t *crc) ;
+
+#endif
// otherwise could be a void with no arguments
//set defaults
uint32_t i = 0;
- if (BitStream[1]>1){ //allow only 1s and 0s
- // PrintAndLog("no data found");
- return 0;
- }
+ if (BitStream[1]>1) return 0; //allow only 1s and 0s
+
// 111111111 bit pattern represent start of frame
// include 0 in front to help get start pos
uint8_t preamble[] = {0,1,1,1,1,1,1,1,1,1};
}
//by marshmellow
-//takes 3 arguments - clock, invert, maxErr as integers
-//attempts to demodulate ask while decoding manchester
-//prints binary found and saves in graphbuffer for further commands
-int askmandemod(uint8_t *BinStream, size_t *size, int *clk, int *invert, int maxErr)
-{
- size_t i;
- int start = DetectASKClock(BinStream, *size, clk, 20); //clock default
- if (*clk==0 || start < 0) return -3;
- if (*invert != 1) *invert=0;
- uint8_t initLoopMax = 255;
- if (initLoopMax > *size) initLoopMax = *size;
- // Detect high and lows
- // 25% fuzz in case highs and lows aren't clipped [marshmellow]
- int high, low;
- if (getHiLo(BinStream, initLoopMax, &high, &low, 75, 75) < 1) return -2; //just noise
-
- // PrintAndLog("DEBUG - valid high: %d - valid low: %d",high,low);
- int lastBit = 0; //set first clock check
- uint16_t bitnum = 0; //output counter
- uint8_t tol = 0; //clock tolerance adjust - waves will be accepted as within the clock if they fall + or - this value + clock from last valid wave
- if (*clk <= 32) tol=1; //clock tolerance may not be needed anymore currently set to + or - 1 but could be increased for poor waves or removed entirely
- size_t iii = 0;
- //if 0 errors allowed then only try first 2 clock cycles as we want a low tolerance
- if (!maxErr) initLoopMax = *clk * 2;
- uint16_t errCnt = 0, MaxBits = 512;
- uint16_t bestStart = start;
- uint16_t bestErrCnt = 0;
- // PrintAndLog("DEBUG - lastbit - %d",lastBit);
- // if best start position not already found by detect clock then
- if (start <= 0 || start > initLoopMax){
- bestErrCnt = maxErr+1;
- // loop to find first wave that works
- for (iii=0; iii < initLoopMax; ++iii){
- // if no peak skip
- if (BinStream[iii] < high && BinStream[iii] > low) continue;
-
- lastBit = iii - *clk;
- // loop through to see if this start location works
- for (i = iii; i < *size; ++i) {
- if ((i-lastBit) > (*clk-tol) && (BinStream[i] >= high || BinStream[i] <= low)) {
- lastBit += *clk;
- } else if ((i-lastBit) > (*clk+tol)) {
- errCnt++;
- lastBit += *clk;
- }
- if ((i-iii) > (MaxBits * *clk) || errCnt > maxErr) break; //got plenty of bits or too many errors
- }
- //we got more than 64 good bits and not all errors
- if ((((i-iii)/ *clk) > (64)) && (errCnt<=maxErr)) {
- //possible good read
- if (!errCnt || errCnt < bestErrCnt){
- bestStart = iii; //set this as new best run
- bestErrCnt = errCnt;
- if (!errCnt) break; //great read - finish
- }
- }
- errCnt = 0;
- }
- }
- if (bestErrCnt > maxErr){
- *invert = bestStart;
- *clk = iii;
- return -1;
- }
- //best run is good enough set to best run and set overwrite BinStream
- lastBit = bestStart - *clk;
- errCnt = 0;
- for (i = bestStart; i < *size; ++i) {
- if ((BinStream[i] >= high) && ((i-lastBit) > (*clk-tol))){
- //high found and we are expecting a bar
- lastBit += *clk;
- BinStream[bitnum++] = *invert;
- } else if ((BinStream[i] <= low) && ((i-lastBit) > (*clk-tol))){
- //low found and we are expecting a bar
- lastBit += *clk;
- BinStream[bitnum++] = *invert ^ 1;
- } else if ((i-lastBit)>(*clk+tol)){
- //should have hit a high or low based on clock!!
- //PrintAndLog("DEBUG - no wave in expected area - location: %d, expected: %d-%d, lastBit: %d - resetting search",i,(lastBit+(clk-((int)(tol)))),(lastBit+(clk+((int)(tol)))),lastBit);
- if (bitnum > 0) {
- BinStream[bitnum++] = 77;
- errCnt++;
- }
- lastBit += *clk;//skip over error
- }
- if (bitnum >= MaxBits) break;
- }
- *size = bitnum;
- return bestErrCnt;
-}
-
-//by marshmellow
-//encode binary data into binary manchester
-int ManchesterEncode(uint8_t *BitStream, size_t size)
-{
- size_t modIdx=20000, i=0;
- if (size>modIdx) return -1;
- for (size_t idx=0; idx < size; idx++){
- BitStream[idx+modIdx++] = BitStream[idx];
- BitStream[idx+modIdx++] = BitStream[idx]^1;
- }
- for (; i<(size*2); i++){
- BitStream[i] = BitStream[i+20000];
- }
- return i;
-}
-
-//by marshmellow
-//take 10 and 01 and manchester decode
-//run through 2 times and take least errCnt
-int manrawdecode(uint8_t * BitStream, size_t *size)
-{
- uint16_t bitnum=0, MaxBits = 512, errCnt = 0;
- size_t i, ii;
- uint16_t bestErr = 1000, bestRun = 0;
- if (size == 0) return -1;
- for (ii=0;ii<2;++ii){
- for (i=ii; i<*size-2; i+=2)
- if (BitStream[i]==BitStream[i+1])
- errCnt++;
-
- if (bestErr>errCnt){
- bestErr=errCnt;
- bestRun=ii;
- }
- errCnt=0;
- }
- if (bestErr<20){
- for (i=bestRun; i < *size-2; i+=2){
- if(BitStream[i] == 1 && (BitStream[i+1] == 0)){
- BitStream[bitnum++]=0;
- } else if((BitStream[i] == 0) && BitStream[i+1] == 1){
- BitStream[bitnum++]=1;
- } else {
- BitStream[bitnum++]=77;
- }
- if(bitnum>MaxBits) break;
- }
- *size=bitnum;
- }
- return bestErr;
-}
-
-//by marshmellow
-//take 01 or 10 = 1 and 11 or 00 = 0
-//check for phase errors - should never have 111 or 000 should be 01001011 or 10110100 for 1010
-//decodes biphase or if inverted it is AKA conditional dephase encoding AKA differential manchester encoding
-int BiphaseRawDecode(uint8_t *BitStream, size_t *size, int offset, int invert)
-{
- uint16_t bitnum = 0;
- uint16_t errCnt = 0;
- size_t i = offset;
- uint16_t MaxBits=512;
- //if not enough samples - error
- if (*size < 51) return -1;
- //check for phase change faults - skip one sample if faulty
- uint8_t offsetA = 1, offsetB = 1;
- for (; i<48; i+=2){
- if (BitStream[i+1]==BitStream[i+2]) offsetA=0;
- if (BitStream[i+2]==BitStream[i+3]) offsetB=0;
- }
- if (!offsetA && offsetB) offset++;
- for (i=offset; i<*size-3; i+=2){
- //check for phase error
- if (BitStream[i+1]==BitStream[i+2]) {
- BitStream[bitnum++]=77;
- errCnt++;
- }
- if((BitStream[i]==1 && BitStream[i+1]==0) || (BitStream[i]==0 && BitStream[i+1]==1)){
- BitStream[bitnum++]=1^invert;
- } else if((BitStream[i]==0 && BitStream[i+1]==0) || (BitStream[i]==1 && BitStream[i+1]==1)){
- BitStream[bitnum++]=invert;
- } else {
- BitStream[bitnum++]=77;
- errCnt++;
- }
- if(bitnum>MaxBits) break;
- }
- *size=bitnum;
- return errCnt;
-}
-
-//by marshmellow
-void askAmp(uint8_t *BitStream, size_t size)
-{
- int shift = 127;
- int shiftedVal=0;
- for(size_t i = 1; i<size; i++){
- if (BitStream[i]-BitStream[i-1]>=30) //large jump up
- shift=127;
- else if(BitStream[i]-BitStream[i-1]<=-20) //large jump down
- shift=-127;
-
- shiftedVal=BitStream[i]+shift;
-
- if (shiftedVal>255)
- shiftedVal=255;
- else if (shiftedVal<0)
- shiftedVal=0;
- BitStream[i-1] = shiftedVal;
- }
- return;
-}
-
-// demodulates strong heavily clipped samples
+//demodulates strong heavily clipped samples
int cleanAskRawDemod(uint8_t *BinStream, size_t *size, int clk, int invert, int high, int low)
{
size_t bitCnt=0, smplCnt=0, errCnt=0;
uint8_t waveHigh = 0;
- //PrintAndLog("clk: %d", clk);
for (size_t i=0; i < *size; i++){
if (BinStream[i] >= high && waveHigh){
smplCnt++;
if (smplCnt > clk-(clk/4)-1) { //full clock
if (smplCnt > clk + (clk/4)+1) { //too many samples
errCnt++;
- BinStream[bitCnt++]=77;
+ BinStream[bitCnt++]=7;
} else if (waveHigh) {
BinStream[bitCnt++] = invert;
BinStream[bitCnt++] = invert;
}
//by marshmellow
-//takes 3 arguments - clock, invert and maxErr as integers
-//attempts to demodulate ask only
-int askrawdemod(uint8_t *BinStream, size_t *size, int *clk, int *invert, int maxErr, uint8_t amp)
+void askAmp(uint8_t *BitStream, size_t size)
+{
+ for(size_t i = 1; i<size; i++){
+ if (BitStream[i]-BitStream[i-1]>=30) //large jump up
+ BitStream[i]=127;
+ else if(BitStream[i]-BitStream[i-1]<=-20) //large jump down
+ BitStream[i]=-127;
+ }
+ return;
+}
+
+//by marshmellow
+//attempts to demodulate ask modulations, askType == 0 for ask/raw, askType==1 for ask/manchester
+int askdemod(uint8_t *BinStream, size_t *size, int *clk, int *invert, int maxErr, uint8_t amp, uint8_t askType)
{
if (*size==0) return -1;
- int start = DetectASKClock(BinStream, *size, clk, 20); //clock default
- if (*clk==0 || start < 0) return -1;
+ int start = DetectASKClock(BinStream, *size, clk, maxErr); //clock default
+ if (*clk==0 || start < 0) return -3;
if (*invert != 1) *invert = 0;
if (amp==1) askAmp(BinStream, *size);
uint8_t initLoopMax = 255;
- if (initLoopMax > *size) initLoopMax=*size;
+ if (initLoopMax > *size) initLoopMax = *size;
// Detect high and lows
//25% clip in case highs and lows aren't clipped [marshmellow]
int high, low;
if (getHiLo(BinStream, initLoopMax, &high, &low, 75, 75) < 1)
- return -1; //just noise
+ return -2; //just noise
+ size_t errCnt = 0;
// if clean clipped waves detected run alternate demod
- if (DetectCleanAskWave(BinStream, *size, high, low))
- return cleanAskRawDemod(BinStream, size, *clk, *invert, high, low);
+ if (DetectCleanAskWave(BinStream, *size, high, low)) {
+ errCnt = cleanAskRawDemod(BinStream, size, *clk, *invert, high, low);
+ if (askType) //askman
+ return manrawdecode(BinStream, size, 0);
+ else //askraw
+ return errCnt;
+ }
- int lastBit = 0; //set first clock check - can go negative
- size_t i, iii = 0;
- size_t errCnt = 0, bitnum = 0; //output counter
+ int lastBit; //set first clock check - can go negative
+ size_t i, bitnum = 0; //output counter
uint8_t midBit = 0;
- size_t bestStart = start, bestErrCnt = 0; //(*size/1000);
+ uint8_t tol = 0; //clock tolerance adjust - waves will be accepted as within the clock if they fall + or - this value + clock from last valid wave
+ if (*clk <= 32) tol = 1; //clock tolerance may not be needed anymore currently set to + or - 1 but could be increased for poor waves or removed entirely
size_t MaxBits = 1024;
+ lastBit = start - *clk;
- //if 0 errors allowed then only try first 2 clock cycles as we want a low tolerance
- if (!maxErr) initLoopMax = *clk * 2;
- //if best start not already found by detectclock
- if (start <= 0 || start > initLoopMax){
- bestErrCnt = maxErr+1;
- //PrintAndLog("DEBUG - lastbit - %d",lastBit);
- //loop to find first wave that works
- for (iii=0; iii < initLoopMax; ++iii){
- if ((BinStream[iii] >= high) || (BinStream[iii] <= low)){
- lastBit = iii - *clk;
- //loop through to see if this start location works
- for (i = iii; i < *size; ++i) {
- if (i-lastBit > *clk && (BinStream[i] >= high || BinStream[i] <= low)){
- lastBit += *clk;
- midBit = 0;
- } else if (i-lastBit > (*clk/2) && midBit == 0) {
- midBit = 1;
- } else if ((i-lastBit) > *clk) {
- //should have hit a high or low based on clock!!
- //PrintAndLog("DEBUG - no wave in expected area - location: %d, expected: %d-%d, lastBit: %d - resetting search",i,(lastBit+(clk-((int)(tol)))),(lastBit+(clk+((int)(tol)))),lastBit);
- errCnt++;
- lastBit += *clk;//skip over until hit too many errors
- if (errCnt > maxErr)
- break;
- }
- if ((i-iii)>(MaxBits * *clk)) break; //got enough bits
- }
- //we got more than 64 good bits and not all errors
- if ((((i-iii)/ *clk) > 64) && (errCnt<=maxErr)) {
- //possible good read
- if (errCnt==0){
- bestStart=iii;
- bestErrCnt=errCnt;
- break; //great read - finish
- }
- if (errCnt<bestErrCnt){ //set this as new best run
- bestErrCnt=errCnt;
- bestStart = iii;
- }
- }
- errCnt=0;
- }
- }
- }
- if (bestErrCnt > maxErr){
- *invert = bestStart;
- *clk = iii;
- return -1;
- }
- //best run is good enough - set to best run and overwrite BinStream
- lastBit = bestStart - *clk - 1;
- errCnt = 0;
-
- for (i = bestStart; i < *size; ++i) {
- if (i - lastBit > *clk){
+ for (i = start; i < *size; ++i) {
+ if (i-lastBit >= *clk-tol){
if (BinStream[i] >= high) {
BinStream[bitnum++] = *invert;
} else if (BinStream[i] <= low) {
BinStream[bitnum++] = *invert ^ 1;
- } else {
+ } else if (i-lastBit >= *clk+tol) {
if (bitnum > 0) {
- BinStream[bitnum++]=77;
+ BinStream[bitnum++]=7;
errCnt++;
}
+ } else { //in tolerance - looking for peak
+ continue;
}
midBit = 0;
lastBit += *clk;
- } else if (i-lastBit > (*clk/2) && midBit == 0){
+ } else if (i-lastBit >= (*clk/2-tol) && !midBit && !askType){
if (BinStream[i] >= high) {
BinStream[bitnum++] = *invert;
} else if (BinStream[i] <= low) {
BinStream[bitnum++] = *invert ^ 1;
- } else {
-
+ } else if (i-lastBit >= *clk/2+tol) {
BinStream[bitnum] = BinStream[bitnum-1];
bitnum++;
+ } else { //in tolerance - looking for peak
+ continue;
}
midBit = 1;
}
return errCnt;
}
+//by marshmellow
+//take 10 and 01 and manchester decode
+//run through 2 times and take least errCnt
+int manrawdecode(uint8_t * BitStream, size_t *size, uint8_t invert)
+{
+ uint16_t bitnum=0, MaxBits = 512, errCnt = 0;
+ size_t i, ii;
+ uint16_t bestErr = 1000, bestRun = 0;
+ if (*size < 16) return -1;
+ //find correct start position [alignment]
+ for (ii=0;ii<2;++ii){
+ for (i=ii; i<*size-3; i+=2)
+ if (BitStream[i]==BitStream[i+1])
+ errCnt++;
+
+ if (bestErr>errCnt){
+ bestErr=errCnt;
+ bestRun=ii;
+ }
+ errCnt=0;
+ }
+ //decode
+ for (i=bestRun; i < *size-3; i+=2){
+ if(BitStream[i] == 1 && (BitStream[i+1] == 0)){
+ BitStream[bitnum++]=invert;
+ } else if((BitStream[i] == 0) && BitStream[i+1] == 1){
+ BitStream[bitnum++]=invert^1;
+ } else {
+ BitStream[bitnum++]=7;
+ }
+ if(bitnum>MaxBits) break;
+ }
+ *size=bitnum;
+ return bestErr;
+}
+
+//by marshmellow
+//encode binary data into binary manchester
+int ManchesterEncode(uint8_t *BitStream, size_t size)
+{
+ size_t modIdx=20000, i=0;
+ if (size>modIdx) return -1;
+ for (size_t idx=0; idx < size; idx++){
+ BitStream[idx+modIdx++] = BitStream[idx];
+ BitStream[idx+modIdx++] = BitStream[idx]^1;
+ }
+ for (; i<(size*2); i++){
+ BitStream[i] = BitStream[i+20000];
+ }
+ return i;
+}
+
+//by marshmellow
+//take 01 or 10 = 1 and 11 or 00 = 0
+//check for phase errors - should never have 111 or 000 should be 01001011 or 10110100 for 1010
+//decodes biphase or if inverted it is AKA conditional dephase encoding AKA differential manchester encoding
+int BiphaseRawDecode(uint8_t *BitStream, size_t *size, int offset, int invert)
+{
+ uint16_t bitnum = 0;
+ uint16_t errCnt = 0;
+ size_t i = offset;
+ uint16_t MaxBits=512;
+ //if not enough samples - error
+ if (*size < 51) return -1;
+ //check for phase change faults - skip one sample if faulty
+ uint8_t offsetA = 1, offsetB = 1;
+ for (; i<48; i+=2){
+ if (BitStream[i+1]==BitStream[i+2]) offsetA=0;
+ if (BitStream[i+2]==BitStream[i+3]) offsetB=0;
+ }
+ if (!offsetA && offsetB) offset++;
+ for (i=offset; i<*size-3; i+=2){
+ //check for phase error
+ if (BitStream[i+1]==BitStream[i+2]) {
+ BitStream[bitnum++]=7;
+ errCnt++;
+ }
+ if((BitStream[i]==1 && BitStream[i+1]==0) || (BitStream[i]==0 && BitStream[i+1]==1)){
+ BitStream[bitnum++]=1^invert;
+ } else if((BitStream[i]==0 && BitStream[i+1]==0) || (BitStream[i]==1 && BitStream[i+1]==1)){
+ BitStream[bitnum++]=invert;
+ } else {
+ BitStream[bitnum++]=7;
+ errCnt++;
+ }
+ if(bitnum>MaxBits) break;
+ }
+ *size=bitnum;
+ return errCnt;
+}
+
+// by marshmellow
// demod gProxIIDemod
// error returns as -x
// success returns start position in BitStream
return (int)startIdx;
}
-uint32_t bytebits_to_byte(uint8_t* src, size_t numbits)
+uint32_t bytebits_to_byte(uint8_t *src, size_t numbits)
{
uint32_t num = 0;
for(int i = 0 ; i < numbits ; i++)
return num;
}
+//least significant bit first
+uint32_t bytebits_to_byteLSBF(uint8_t *src, size_t numbits)
+{
+ uint32_t num = 0;
+ for(int i = 0 ; i < numbits ; i++)
+ {
+ num = (num << 1) | *(src + (numbits-(i+1)));
+ }
+ return num;
+}
+
int IOdemodFSK(uint8_t *dest, size_t size)
{
if (justNoise(dest, size)) return -1;
// by marshmellow
// takes a array of binary values, start position, length of bits per parity (includes parity bit),
-// Parity Type (1 for odd 0 for even), and binary Length (length to run)
+// Parity Type (1 for odd; 0 for even; 2 for just drop it), and binary Length (length to run)
size_t removeParity(uint8_t *BitStream, size_t startIdx, uint8_t pLen, uint8_t pType, size_t bLen)
{
uint32_t parityWd = 0;
}
j--;
// if parity fails then return 0
- if (parityTest(parityWd, pLen, pType) == 0) return -1;
+ if (pType != 2) {
+ if (parityTest(parityWd, pLen, pType) == 0) return -1;
+ }
bitCnt+=(pLen-1);
parityWd = 0;
}
return bitCnt;
}
+// Ask/Biphase Demod then try to locate an ISO 11784/85 ID
+// BitStream must contain previously askrawdemod and biphasedemoded data
+int FDXBdemodBI(uint8_t *dest, size_t *size)
+{
+ //make sure buffer has enough data
+ if (*size < 128) return -1;
+
+ size_t startIdx = 0;
+ uint8_t preamble[] = {0,0,0,0,0,0,0,0,0,0,1};
+
+ uint8_t errChk = preambleSearch(dest, preamble, sizeof(preamble), size, &startIdx);
+ if (errChk == 0) return -2; //preamble not found
+ return (int)startIdx;
+}
+
// by marshmellow
// FSK Demod then try to locate an AWID ID
int AWIDdemodFSK(uint8_t *dest, size_t *size)
return (int)startIdx;
}
-
-uint8_t DetectCleanAskWave(uint8_t dest[], size_t size, int high, int low)
+// by marshmellow
+// to detect a wave that has heavily clipped (clean) samples
+uint8_t DetectCleanAskWave(uint8_t dest[], size_t size, uint8_t high, uint8_t low)
{
uint16_t allPeaks=1;
uint16_t cntPeaks=0;
- size_t loopEnd = 572;
+ size_t loopEnd = 512+60;
if (loopEnd > size) loopEnd = size;
for (size_t i=60; i<loopEnd; i++){
if (dest[i]>low && dest[i]<high)
// by marshmellow
// to help detect clocks on heavily clipped samples
-// based on counts between zero crossings
-int DetectStrongAskClock(uint8_t dest[], size_t size)
+// based on count of low to low
+int DetectStrongAskClock(uint8_t dest[], size_t size, uint8_t high, uint8_t low)
{
- int clk[]={0,8,16,32,40,50,64,100,128};
- size_t idx = 40;
- uint8_t high=0;
- size_t cnt = 0;
- size_t highCnt = 0;
- size_t highCnt2 = 0;
- for (;idx < size; idx++){
- if (dest[idx]>128) {
- if (!high){
- high=1;
- if (cnt > highCnt){
- if (highCnt != 0) highCnt2 = highCnt;
- highCnt = cnt;
- } else if (cnt > highCnt2) {
- highCnt2 = cnt;
- }
- cnt=1;
- } else {
- cnt++;
- }
- } else if (dest[idx] <= 128){
- if (high) {
- high=0;
- if (cnt > highCnt) {
- if (highCnt != 0) highCnt2 = highCnt;
- highCnt = cnt;
- } else if (cnt > highCnt2) {
- highCnt2 = cnt;
- }
- cnt=1;
- } else {
- cnt++;
- }
- }
+ uint8_t fndClk[] = {8,16,32,40,50,64,128};
+ size_t startwave;
+ size_t i = 0;
+ size_t minClk = 255;
+ // get to first full low to prime loop and skip incomplete first pulse
+ while ((dest[i] < high) && (i < size))
+ ++i;
+ while ((dest[i] > low) && (i < size))
+ ++i;
+
+ // loop through all samples
+ while (i < size) {
+ // measure from low to low
+ while ((dest[i] > low) && (i < size))
+ ++i;
+ startwave= i;
+ while ((dest[i] < high) && (i < size))
+ ++i;
+ while ((dest[i] > low) && (i < size))
+ ++i;
+ //get minimum measured distance
+ if (i-startwave < minClk && i < size)
+ minClk = i - startwave;
}
- uint8_t tol;
- for (idx=8; idx>0; idx--){
- tol = clk[idx]/8;
- if (clk[idx] >= highCnt - tol && clk[idx] <= highCnt + tol)
- return clk[idx];
- if (clk[idx] >= highCnt2 - tol && clk[idx] <= highCnt2 + tol)
- return clk[idx];
+ // set clock
+ for (uint8_t clkCnt = 0; clkCnt<7; clkCnt++) {
+ if (minClk >= fndClk[clkCnt]-(fndClk[clkCnt]/8) && minClk <= fndClk[clkCnt]+1)
+ return fndClk[clkCnt];
}
- return -1;
+ return 0;
}
// by marshmellow
// return start index of best starting position for that clock and return clock (by reference)
int DetectASKClock(uint8_t dest[], size_t size, int *clock, int maxErr)
{
- size_t i=0;
- uint8_t clk[]={8,16,32,40,50,64,100,128,255};
+ size_t i=1;
+ uint8_t clk[] = {255,8,16,32,40,50,64,100,128,255};
+ uint8_t clkEnd = 9;
uint8_t loopCnt = 255; //don't need to loop through entire array...
if (size <= loopCnt) return -1; //not enough samples
- //if we already have a valid clock quit
-
- for (;i<8;++i)
- if (clk[i] == *clock) return 0;
+
+ //if we already have a valid clock
+ uint8_t clockFnd=0;
+ for (;i<clkEnd;++i)
+ if (clk[i] == *clock) clockFnd = i;
+ //clock found but continue to find best startpos
//get high and low peak
int peak, low;
if (getHiLo(dest, loopCnt, &peak, &low, 75, 75) < 1) return -1;
//test for large clean peaks
- if (DetectCleanAskWave(dest, size, peak, low)==1){
- int ans = DetectStrongAskClock(dest, size);
- for (i=7; i>0; i--){
- if (clk[i] == ans) {
- *clock = ans;
- return 0;
+ if (!clockFnd){
+ if (DetectCleanAskWave(dest, size, peak, low)==1){
+ int ans = DetectStrongAskClock(dest, size, peak, low);
+ for (i=clkEnd-1; i>0; i--){
+ if (clk[i] == ans) {
+ *clock = ans;
+ //clockFnd = i;
+ return 0; // for strong waves i don't use the 'best start position' yet...
+ //break; //clock found but continue to find best startpos [not yet]
+ }
}
}
}
+
uint8_t ii;
uint8_t clkCnt, tol = 0;
uint16_t bestErr[]={1000,1000,1000,1000,1000,1000,1000,1000,1000};
uint8_t bestStart[]={0,0,0,0,0,0,0,0,0};
size_t errCnt = 0;
size_t arrLoc, loopEnd;
+
+ if (clockFnd>0) {
+ clkCnt = clockFnd;
+ clkEnd = clockFnd+1;
+ }
+ else clkCnt=1;
+
//test each valid clock from smallest to greatest to see which lines up
- for(clkCnt=0; clkCnt < 8; clkCnt++){
- if (clk[clkCnt] == 32){
+ for(; clkCnt < clkEnd; clkCnt++){
+ if (clk[clkCnt] <= 32){
tol=1;
}else{
tol=0;
}
- if (!maxErr) loopCnt=clk[clkCnt]*2;
+ //if no errors allowed - keep start within the first clock
+ if (!maxErr && size > clk[clkCnt]*2 + tol && clk[clkCnt]<128) loopCnt=clk[clkCnt]*2;
bestErr[clkCnt]=1000;
- //try lining up the peaks by moving starting point (try first 256)
+ //try lining up the peaks by moving starting point (try first few clocks)
for (ii=0; ii < loopCnt; ii++){
if (dest[ii] < peak && dest[ii] > low) continue;
errCnt++;
}
}
- //if we found no errors then we can stop here
+ //if we found no errors then we can stop here and a low clock (common clocks)
// this is correct one - return this clock
//PrintAndLog("DEBUG: clk %d, err %d, ii %d, i %d",clk[clkCnt],errCnt,ii,i);
- if(errCnt==0 && clkCnt<6) {
- *clock = clk[clkCnt];
+ if(errCnt==0 && clkCnt<7) {
+ if (!clockFnd) *clock = clk[clkCnt];
return ii;
}
//if we found errors see if it is lowest so far and save it as best run
}
}
}
- uint8_t iii=0;
+ uint8_t iii;
uint8_t best=0;
- for (iii=0; iii<8; ++iii){
+ for (iii=1; iii<clkEnd; ++iii){
if (bestErr[iii] < bestErr[best]){
if (bestErr[iii] == 0) bestErr[iii]=1;
// current best bit to error ratio vs new bit to error ratio
}
}
}
- if (bestErr[best] > maxErr) return -1;
- *clock = clk[best];
+ //if (bestErr[best] > maxErr) return -1;
+ if (!clockFnd) *clock = clk[best];
return bestStart[best];
}
size_t i=1;
uint8_t lastBit=BitStream[0];
for (; i<size; i++){
- if (BitStream[i]==77){
+ if (BitStream[i]==7){
//ignore errors
} else if (lastBit!=BitStream[i]){
lastBit=BitStream[i];
if (ignoreCnt == 0){
bitHigh = 0;
if (errBitHigh == 1){
- dest[bitnum++] = 77;
+ dest[bitnum++] = 7;
errCnt++;
}
errBitHigh=0;
//noise after a phase shift - ignore
} else { //phase shift before supposed to based on clock
errCnt++;
- dest[numBits++] = 77;
+ dest[numBits++] = 7;
}
} else if (i+1 > lastClkBit + *clock + tol + fc){
lastClkBit += *clock; //no phase shift but clock bit
#define LFDEMOD_H__
#include <stdint.h>
-int DetectASKClock(uint8_t dest[], size_t size, int *clock, int maxErr);
-uint8_t DetectCleanAskWave(uint8_t dest[], size_t size, int high, int low);
-int askmandemod(uint8_t *BinStream, size_t *size, int *clk, int *invert, int maxErr);
-uint8_t Em410xDecode(uint8_t *BitStream, size_t *size, size_t *startIdx, uint32_t *hi, uint64_t *lo);
-int ManchesterEncode(uint8_t *BitStream, size_t size);
-int manrawdecode(uint8_t *BitStream, size_t *size);
-int BiphaseRawDecode(uint8_t * BitStream, size_t *size, int offset, int invert);
-int askrawdemod(uint8_t *BinStream, size_t *size, int *clk, int *invert, int maxErr, uint8_t amp);
+//generic
+int askdemod(uint8_t *BinStream, size_t *size, int *clk, int *invert, int maxErr, uint8_t amp, uint8_t askType);
+int BiphaseRawDecode(uint8_t * BitStream, size_t *size, int offset, int invert);
+uint32_t bytebits_to_byte(uint8_t* src, size_t numbits);
+uint32_t bytebits_to_byteLSBF(uint8_t* src, size_t numbits);
+uint16_t countFC(uint8_t *BitStream, size_t size, uint8_t fskAdj);
+int DetectASKClock(uint8_t dest[], size_t size, int *clock, int maxErr);
+uint8_t DetectCleanAskWave(uint8_t dest[], size_t size, uint8_t high, uint8_t low);
+uint8_t detectFSKClk(uint8_t *BitStream, size_t size, uint8_t fcHigh, uint8_t fcLow);
+int DetectNRZClock(uint8_t dest[], size_t size, int clock);
+int DetectPSKClock(uint8_t dest[], size_t size, int clock);
+int DetectStrongAskClock(uint8_t dest[], size_t size, uint8_t high, uint8_t low);
+uint8_t Em410xDecode(uint8_t *BitStream, size_t *size, size_t *startIdx, uint32_t *hi, uint64_t *lo);
+int fskdemod(uint8_t *dest, size_t size, uint8_t rfLen, uint8_t invert, uint8_t fchigh, uint8_t fclow);
+int getHiLo(uint8_t *BitStream, size_t size, int *high, int *low, uint8_t fuzzHi, uint8_t fuzzLo);
+int ManchesterEncode(uint8_t *BitStream, size_t size);
+int manrawdecode(uint8_t *BitStream, size_t *size, uint8_t invert);
+int nrzRawDemod(uint8_t *dest, size_t *size, int *clk, int *invert, int maxErr);
+uint8_t parityTest(uint32_t bits, uint8_t bitLen, uint8_t pType);
+uint8_t preambleSearch(uint8_t *BitStream, uint8_t *preamble, size_t pLen, size_t *size, size_t *startIdx);
+int pskRawDemod(uint8_t dest[], size_t *size, int *clock, int *invert);
+void psk2TOpsk1(uint8_t *BitStream, size_t size);
+void psk1TOpsk2(uint8_t *BitStream, size_t size);
+size_t removeParity(uint8_t *BitStream, size_t startIdx, uint8_t pLen, uint8_t pType, size_t bLen);
+
+//tag specific
+int FDXBdemodBI(uint8_t *dest, size_t *size);
+int AWIDdemodFSK(uint8_t *dest, size_t *size);
int gProxII_Demod(uint8_t BitStream[], size_t *size);
int HIDdemodFSK(uint8_t *dest, size_t *size, uint32_t *hi2, uint32_t *hi, uint32_t *lo);
int IOdemodFSK(uint8_t *dest, size_t size);
-int fskdemod(uint8_t *dest, size_t size, uint8_t rfLen, uint8_t invert, uint8_t fchigh, uint8_t fclow);
-uint32_t bytebits_to_byte(uint8_t* src, size_t numbits);
-int nrzRawDemod(uint8_t *dest, size_t *size, int *clk, int *invert, int maxErr);
-void psk1TOpsk2(uint8_t *BitStream, size_t size);
-void psk2TOpsk1(uint8_t *BitStream, size_t size);
-int DetectNRZClock(uint8_t dest[], size_t size, int clock);
int indala26decode(uint8_t *bitStream, size_t *size, uint8_t *invert);
int PyramiddemodFSK(uint8_t *dest, size_t *size);
-int AWIDdemodFSK(uint8_t *dest, size_t *size);
-size_t removeParity(uint8_t *BitStream, size_t startIdx, uint8_t pLen, uint8_t pType, size_t bLen);
-uint16_t countFC(uint8_t *BitStream, size_t size, uint8_t fskAdj);
-uint8_t detectFSKClk(uint8_t *BitStream, size_t size, uint8_t fcHigh, uint8_t fcLow);
-int getHiLo(uint8_t *BitStream, size_t size, int *high, int *low, uint8_t fuzzHi, uint8_t fuzzLo);
int ParadoxdemodFSK(uint8_t *dest, size_t *size, uint32_t *hi2, uint32_t *hi, uint32_t *lo);
-uint8_t preambleSearch(uint8_t *BitStream, uint8_t *preamble, size_t pLen, size_t *size, size_t *startIdx);
-uint8_t parityTest(uint32_t bits, uint8_t bitLen, uint8_t pType);
-int pskRawDemod(uint8_t dest[], size_t *size, int *clock, int *invert);
-int DetectPSKClock(uint8_t dest[], size_t size, int clock);
#endif
-#include <stdio.h>
#include <strings.h>
#include <string.h>
#include <stdint.h>
#define MIFARE_CMD_RESTORE 0xC2
#define MIFARE_CMD_TRANSFER 0xB0
-#define MIFARE_ULC_WRITE 0xA0
+#define MIFARE_ULC_WRITE 0xA2
+//#define MIFARE_ULC__COMP_WRITE 0xA0
#define MIFARE_ULC_AUTH_1 0x1A
-#define MIFARE_ULC_AUTH_2 0xAF
+#define MIFARE_ULC_AUTH_2 0xAF
+
+#define MIFARE_ULEV1_AUTH 0x1B
+#define MIFARE_ULEV1_VERSION 0x60
+#define MIFARE_ULEV1_FASTREAD 0x3A
+//#define MIFARE_ULEV1_WRITE 0xA2
+//#define MIFARE_ULEV1_COMP_WRITE 0xA0
+#define MIFARE_ULEV1_READ_CNT 0x39
+#define MIFARE_ULEV1_INCR_CNT 0xA5
+#define MIFARE_ULEV1_READSIG 0x3C
+#define MIFARE_ULEV1_CHECKTEAR 0x3E
+#define MIFARE_ULEV1_VCSL 0x4B
/**
06 00 = INITIATE
--- /dev/null
+/*
+ * FIPS-180-1 compliant SHA-1 implementation
+ *
+ * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+/*
+ * The SHA-1 standard was published by NIST in 1993.
+ *
+ * http://www.itl.nist.gov/fipspubs/fip180-1.htm
+ */
+
+#if !defined(POLARSSL_CONFIG_FILE)
+//#include "polarssl/config.h"
+#define POLARSSL_SHA1_C
+
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
+
+#if defined(POLARSSL_SHA1_C)
+
+#include "sha1.h"
+
+#include <string.h>
+
+#if defined(POLARSSL_FS_IO)
+#include <stdio.h>
+#endif
+
+#if defined(POLARSSL_SELF_TEST)
+#if defined(POLARSSL_PLATFORM_C)
+#include "polarssl/platform.h"
+#else
+#include <stdio.h>
+#define polarssl_printf printf
+#endif /* POLARSSL_PLATFORM_C */
+#endif /* POLARSSL_SELF_TEST */
+
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+#if !defined(POLARSSL_SHA1_ALT)
+
+/*
+ * 32-bit integer manipulation macros (big endian)
+ */
+#ifndef GET_UINT32_BE
+#define GET_UINT32_BE(n,b,i) \
+{ \
+ (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
+ | ( (uint32_t) (b)[(i) + 1] << 16 ) \
+ | ( (uint32_t) (b)[(i) + 2] << 8 ) \
+ | ( (uint32_t) (b)[(i) + 3] ); \
+}
+#endif
+
+#ifndef PUT_UINT32_BE
+#define PUT_UINT32_BE(n,b,i) \
+{ \
+ (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
+ (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
+ (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
+ (b)[(i) + 3] = (unsigned char) ( (n) ); \
+}
+#endif
+
+void sha1_init( sha1_context *ctx )
+{
+ memset( ctx, 0, sizeof( sha1_context ) );
+}
+
+void sha1_free( sha1_context *ctx )
+{
+ if( ctx == NULL )
+ return;
+
+ polarssl_zeroize( ctx, sizeof( sha1_context ) );
+}
+
+/*
+ * SHA-1 context setup
+ */
+void sha1_starts( sha1_context *ctx )
+{
+ ctx->total[0] = 0;
+ ctx->total[1] = 0;
+
+ ctx->state[0] = 0x67452301;
+ ctx->state[1] = 0xEFCDAB89;
+ ctx->state[2] = 0x98BADCFE;
+ ctx->state[3] = 0x10325476;
+ ctx->state[4] = 0xC3D2E1F0;
+}
+
+void sha1_process( sha1_context *ctx, const unsigned char data[64] )
+{
+ uint32_t temp, W[16], A, B, C, D, E;
+
+ GET_UINT32_BE( W[ 0], data, 0 );
+ GET_UINT32_BE( W[ 1], data, 4 );
+ GET_UINT32_BE( W[ 2], data, 8 );
+ GET_UINT32_BE( W[ 3], data, 12 );
+ GET_UINT32_BE( W[ 4], data, 16 );
+ GET_UINT32_BE( W[ 5], data, 20 );
+ GET_UINT32_BE( W[ 6], data, 24 );
+ GET_UINT32_BE( W[ 7], data, 28 );
+ GET_UINT32_BE( W[ 8], data, 32 );
+ GET_UINT32_BE( W[ 9], data, 36 );
+ GET_UINT32_BE( W[10], data, 40 );
+ GET_UINT32_BE( W[11], data, 44 );
+ GET_UINT32_BE( W[12], data, 48 );
+ GET_UINT32_BE( W[13], data, 52 );
+ GET_UINT32_BE( W[14], data, 56 );
+ GET_UINT32_BE( W[15], data, 60 );
+
+#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
+
+#define R(t) \
+( \
+ temp = W[( t - 3 ) & 0x0F] ^ W[( t - 8 ) & 0x0F] ^ \
+ W[( t - 14 ) & 0x0F] ^ W[ t & 0x0F], \
+ ( W[t & 0x0F] = S(temp,1) ) \
+)
+
+#define P(a,b,c,d,e,x) \
+{ \
+ e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
+}
+
+ A = ctx->state[0];
+ B = ctx->state[1];
+ C = ctx->state[2];
+ D = ctx->state[3];
+ E = ctx->state[4];
+
+#define F(x,y,z) (z ^ (x & (y ^ z)))
+#define K 0x5A827999
+
+ P( A, B, C, D, E, W[0] );
+ P( E, A, B, C, D, W[1] );
+ P( D, E, A, B, C, W[2] );
+ P( C, D, E, A, B, W[3] );
+ P( B, C, D, E, A, W[4] );
+ P( A, B, C, D, E, W[5] );
+ P( E, A, B, C, D, W[6] );
+ P( D, E, A, B, C, W[7] );
+ P( C, D, E, A, B, W[8] );
+ P( B, C, D, E, A, W[9] );
+ P( A, B, C, D, E, W[10] );
+ P( E, A, B, C, D, W[11] );
+ P( D, E, A, B, C, W[12] );
+ P( C, D, E, A, B, W[13] );
+ P( B, C, D, E, A, W[14] );
+ P( A, B, C, D, E, W[15] );
+ P( E, A, B, C, D, R(16) );
+ P( D, E, A, B, C, R(17) );
+ P( C, D, E, A, B, R(18) );
+ P( B, C, D, E, A, R(19) );
+
+#undef K
+#undef F
+
+#define F(x,y,z) (x ^ y ^ z)
+#define K 0x6ED9EBA1
+
+ P( A, B, C, D, E, R(20) );
+ P( E, A, B, C, D, R(21) );
+ P( D, E, A, B, C, R(22) );
+ P( C, D, E, A, B, R(23) );
+ P( B, C, D, E, A, R(24) );
+ P( A, B, C, D, E, R(25) );
+ P( E, A, B, C, D, R(26) );
+ P( D, E, A, B, C, R(27) );
+ P( C, D, E, A, B, R(28) );
+ P( B, C, D, E, A, R(29) );
+ P( A, B, C, D, E, R(30) );
+ P( E, A, B, C, D, R(31) );
+ P( D, E, A, B, C, R(32) );
+ P( C, D, E, A, B, R(33) );
+ P( B, C, D, E, A, R(34) );
+ P( A, B, C, D, E, R(35) );
+ P( E, A, B, C, D, R(36) );
+ P( D, E, A, B, C, R(37) );
+ P( C, D, E, A, B, R(38) );
+ P( B, C, D, E, A, R(39) );
+
+#undef K
+#undef F
+
+#define F(x,y,z) ((x & y) | (z & (x | y)))
+#define K 0x8F1BBCDC
+
+ P( A, B, C, D, E, R(40) );
+ P( E, A, B, C, D, R(41) );
+ P( D, E, A, B, C, R(42) );
+ P( C, D, E, A, B, R(43) );
+ P( B, C, D, E, A, R(44) );
+ P( A, B, C, D, E, R(45) );
+ P( E, A, B, C, D, R(46) );
+ P( D, E, A, B, C, R(47) );
+ P( C, D, E, A, B, R(48) );
+ P( B, C, D, E, A, R(49) );
+ P( A, B, C, D, E, R(50) );
+ P( E, A, B, C, D, R(51) );
+ P( D, E, A, B, C, R(52) );
+ P( C, D, E, A, B, R(53) );
+ P( B, C, D, E, A, R(54) );
+ P( A, B, C, D, E, R(55) );
+ P( E, A, B, C, D, R(56) );
+ P( D, E, A, B, C, R(57) );
+ P( C, D, E, A, B, R(58) );
+ P( B, C, D, E, A, R(59) );
+
+#undef K
+#undef F
+
+#define F(x,y,z) (x ^ y ^ z)
+#define K 0xCA62C1D6
+
+ P( A, B, C, D, E, R(60) );
+ P( E, A, B, C, D, R(61) );
+ P( D, E, A, B, C, R(62) );
+ P( C, D, E, A, B, R(63) );
+ P( B, C, D, E, A, R(64) );
+ P( A, B, C, D, E, R(65) );
+ P( E, A, B, C, D, R(66) );
+ P( D, E, A, B, C, R(67) );
+ P( C, D, E, A, B, R(68) );
+ P( B, C, D, E, A, R(69) );
+ P( A, B, C, D, E, R(70) );
+ P( E, A, B, C, D, R(71) );
+ P( D, E, A, B, C, R(72) );
+ P( C, D, E, A, B, R(73) );
+ P( B, C, D, E, A, R(74) );
+ P( A, B, C, D, E, R(75) );
+ P( E, A, B, C, D, R(76) );
+ P( D, E, A, B, C, R(77) );
+ P( C, D, E, A, B, R(78) );
+ P( B, C, D, E, A, R(79) );
+
+#undef K
+#undef F
+
+ ctx->state[0] += A;
+ ctx->state[1] += B;
+ ctx->state[2] += C;
+ ctx->state[3] += D;
+ ctx->state[4] += E;
+}
+
+/*
+ * SHA-1 process buffer
+ */
+void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen )
+{
+ size_t fill;
+ uint32_t left;
+
+ if( ilen == 0 )
+ return;
+
+ left = ctx->total[0] & 0x3F;
+ fill = 64 - left;
+
+ ctx->total[0] += (uint32_t) ilen;
+ ctx->total[0] &= 0xFFFFFFFF;
+
+ if( ctx->total[0] < (uint32_t) ilen )
+ ctx->total[1]++;
+
+ if( left && ilen >= fill )
+ {
+ memcpy( (void *) (ctx->buffer + left), input, fill );
+ sha1_process( ctx, ctx->buffer );
+ input += fill;
+ ilen -= fill;
+ left = 0;
+ }
+
+ while( ilen >= 64 )
+ {
+ sha1_process( ctx, input );
+ input += 64;
+ ilen -= 64;
+ }
+
+ if( ilen > 0 )
+ memcpy( (void *) (ctx->buffer + left), input, ilen );
+}
+
+static const unsigned char sha1_padding[64] =
+{
+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+/*
+ * SHA-1 final digest
+ */
+void sha1_finish( sha1_context *ctx, unsigned char output[20] )
+{
+ uint32_t last, padn;
+ uint32_t high, low;
+ unsigned char msglen[8];
+
+ high = ( ctx->total[0] >> 29 )
+ | ( ctx->total[1] << 3 );
+ low = ( ctx->total[0] << 3 );
+
+ PUT_UINT32_BE( high, msglen, 0 );
+ PUT_UINT32_BE( low, msglen, 4 );
+
+ last = ctx->total[0] & 0x3F;
+ padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
+
+ sha1_update( ctx, sha1_padding, padn );
+ sha1_update( ctx, msglen, 8 );
+
+ PUT_UINT32_BE( ctx->state[0], output, 0 );
+ PUT_UINT32_BE( ctx->state[1], output, 4 );
+ PUT_UINT32_BE( ctx->state[2], output, 8 );
+ PUT_UINT32_BE( ctx->state[3], output, 12 );
+ PUT_UINT32_BE( ctx->state[4], output, 16 );
+}
+
+#endif /* !POLARSSL_SHA1_ALT */
+
+/*
+ * output = SHA-1( input buffer )
+ */
+void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] )
+{
+ sha1_context ctx;
+
+ sha1_init( &ctx );
+ sha1_starts( &ctx );
+ sha1_update( &ctx, input, ilen );
+ sha1_finish( &ctx, output );
+ sha1_free( &ctx );
+}
+
+#if defined(POLARSSL_FS_IO)
+/*
+ * output = SHA-1( file contents )
+ */
+int sha1_file( const char *path, unsigned char output[20] )
+{
+ FILE *f;
+ size_t n;
+ sha1_context ctx;
+ unsigned char buf[1024];
+
+ if( ( f = fopen( path, "rb" ) ) == NULL )
+ return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
+
+ sha1_init( &ctx );
+ sha1_starts( &ctx );
+
+ while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
+ sha1_update( &ctx, buf, n );
+
+ sha1_finish( &ctx, output );
+ sha1_free( &ctx );
+
+ if( ferror( f ) != 0 )
+ {
+ fclose( f );
+ return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
+ }
+
+ fclose( f );
+ return( 0 );
+}
+#endif /* POLARSSL_FS_IO */
+
+/*
+ * SHA-1 HMAC context setup
+ */
+void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key,
+ size_t keylen )
+{
+ size_t i;
+ unsigned char sum[20];
+
+ if( keylen > 64 )
+ {
+ sha1( key, keylen, sum );
+ keylen = 20;
+ key = sum;
+ }
+
+ memset( ctx->ipad, 0x36, 64 );
+ memset( ctx->opad, 0x5C, 64 );
+
+ for( i = 0; i < keylen; i++ )
+ {
+ ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] );
+ ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] );
+ }
+
+ sha1_starts( ctx );
+ sha1_update( ctx, ctx->ipad, 64 );
+
+ polarssl_zeroize( sum, sizeof( sum ) );
+}
+
+/*
+ * SHA-1 HMAC process buffer
+ */
+void sha1_hmac_update( sha1_context *ctx, const unsigned char *input,
+ size_t ilen )
+{
+ sha1_update( ctx, input, ilen );
+}
+
+/*
+ * SHA-1 HMAC final digest
+ */
+void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] )
+{
+ unsigned char tmpbuf[20];
+
+ sha1_finish( ctx, tmpbuf );
+ sha1_starts( ctx );
+ sha1_update( ctx, ctx->opad, 64 );
+ sha1_update( ctx, tmpbuf, 20 );
+ sha1_finish( ctx, output );
+
+ polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
+}
+
+/*
+ * SHA1 HMAC context reset
+ */
+void sha1_hmac_reset( sha1_context *ctx )
+{
+ sha1_starts( ctx );
+ sha1_update( ctx, ctx->ipad, 64 );
+}
+
+/*
+ * output = HMAC-SHA-1( hmac key, input buffer )
+ */
+void sha1_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
+ unsigned char output[20] )
+{
+ sha1_context ctx;
+
+ sha1_init( &ctx );
+ sha1_hmac_starts( &ctx, key, keylen );
+ sha1_hmac_update( &ctx, input, ilen );
+ sha1_hmac_finish( &ctx, output );
+ sha1_free( &ctx );
+}
+
+#if defined(POLARSSL_SELF_TEST)
+/*
+ * FIPS-180-1 test vectors
+ */
+static const unsigned char sha1_test_buf[3][57] =
+{
+ { "abc" },
+ { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
+ { "" }
+};
+
+static const int sha1_test_buflen[3] =
+{
+ 3, 56, 1000
+};
+
+static const unsigned char sha1_test_sum[3][20] =
+{
+ { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E,
+ 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D },
+ { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE,
+ 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 },
+ { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E,
+ 0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F }
+};
+
+/*
+ * RFC 2202 test vectors
+ */
+static const unsigned char sha1_hmac_test_key[7][26] =
+{
+ { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B"
+ "\x0B\x0B\x0B\x0B" },
+ { "Jefe" },
+ { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+ "\xAA\xAA\xAA\xAA" },
+ { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10"
+ "\x11\x12\x13\x14\x15\x16\x17\x18\x19" },
+ { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C"
+ "\x0C\x0C\x0C\x0C" },
+ { "" }, /* 0xAA 80 times */
+ { "" }
+};
+
+static const int sha1_hmac_test_keylen[7] =
+{
+ 20, 4, 20, 25, 20, 80, 80
+};
+
+static const unsigned char sha1_hmac_test_buf[7][74] =
+{
+ { "Hi There" },
+ { "what do ya want for nothing?" },
+ { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+ "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+ "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+ "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+ "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" },
+ { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
+ "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
+ "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
+ "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
+ "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" },
+ { "Test With Truncation" },
+ { "Test Using Larger Than Block-Size Key - Hash Key First" },
+ { "Test Using Larger Than Block-Size Key and Larger"
+ " Than One Block-Size Data" }
+};
+
+static const int sha1_hmac_test_buflen[7] =
+{
+ 8, 28, 50, 50, 20, 54, 73
+};
+
+static const unsigned char sha1_hmac_test_sum[7][20] =
+{
+ { 0xB6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xE2, 0x8B,
+ 0xC0, 0xB6, 0xFB, 0x37, 0x8C, 0x8E, 0xF1, 0x46, 0xBE, 0x00 },
+ { 0xEF, 0xFC, 0xDF, 0x6A, 0xE5, 0xEB, 0x2F, 0xA2, 0xD2, 0x74,
+ 0x16, 0xD5, 0xF1, 0x84, 0xDF, 0x9C, 0x25, 0x9A, 0x7C, 0x79 },
+ { 0x12, 0x5D, 0x73, 0x42, 0xB9, 0xAC, 0x11, 0xCD, 0x91, 0xA3,
+ 0x9A, 0xF4, 0x8A, 0xA1, 0x7B, 0x4F, 0x63, 0xF1, 0x75, 0xD3 },
+ { 0x4C, 0x90, 0x07, 0xF4, 0x02, 0x62, 0x50, 0xC6, 0xBC, 0x84,
+ 0x14, 0xF9, 0xBF, 0x50, 0xC8, 0x6C, 0x2D, 0x72, 0x35, 0xDA },
+ { 0x4C, 0x1A, 0x03, 0x42, 0x4B, 0x55, 0xE0, 0x7F, 0xE7, 0xF2,
+ 0x7B, 0xE1 },
+ { 0xAA, 0x4A, 0xE5, 0xE1, 0x52, 0x72, 0xD0, 0x0E, 0x95, 0x70,
+ 0x56, 0x37, 0xCE, 0x8A, 0x3B, 0x55, 0xED, 0x40, 0x21, 0x12 },
+ { 0xE8, 0xE9, 0x9D, 0x0F, 0x45, 0x23, 0x7D, 0x78, 0x6D, 0x6B,
+ 0xBA, 0xA7, 0x96, 0x5C, 0x78, 0x08, 0xBB, 0xFF, 0x1A, 0x91 }
+};
+
+/*
+ * Checkup routine
+ */
+int sha1_self_test( int verbose )
+{
+ int i, j, buflen, ret = 0;
+ unsigned char buf[1024];
+ unsigned char sha1sum[20];
+ sha1_context ctx;
+
+ sha1_init( &ctx );
+
+ /*
+ * SHA-1
+ */
+ for( i = 0; i < 3; i++ )
+ {
+ if( verbose != 0 )
+ polarssl_printf( " SHA-1 test #%d: ", i + 1 );
+
+ sha1_starts( &ctx );
+
+ if( i == 2 )
+ {
+ memset( buf, 'a', buflen = 1000 );
+
+ for( j = 0; j < 1000; j++ )
+ sha1_update( &ctx, buf, buflen );
+ }
+ else
+ sha1_update( &ctx, sha1_test_buf[i],
+ sha1_test_buflen[i] );
+
+ sha1_finish( &ctx, sha1sum );
+
+ if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
+ {
+ if( verbose != 0 )
+ polarssl_printf( "failed\n" );
+
+ ret = 1;
+ goto exit;
+ }
+
+ if( verbose != 0 )
+ polarssl_printf( "passed\n" );
+ }
+
+ if( verbose != 0 )
+ polarssl_printf( "\n" );
+
+ for( i = 0; i < 7; i++ )
+ {
+ if( verbose != 0 )
+ polarssl_printf( " HMAC-SHA-1 test #%d: ", i + 1 );
+
+ if( i == 5 || i == 6 )
+ {
+ memset( buf, 0xAA, buflen = 80 );
+ sha1_hmac_starts( &ctx, buf, buflen );
+ }
+ else
+ sha1_hmac_starts( &ctx, sha1_hmac_test_key[i],
+ sha1_hmac_test_keylen[i] );
+
+ sha1_hmac_update( &ctx, sha1_hmac_test_buf[i],
+ sha1_hmac_test_buflen[i] );
+
+ sha1_hmac_finish( &ctx, sha1sum );
+
+ buflen = ( i == 4 ) ? 12 : 20;
+
+ if( memcmp( sha1sum, sha1_hmac_test_sum[i], buflen ) != 0 )
+ {
+ if( verbose != 0 )
+ polarssl_printf( "failed\n" );
+
+ ret = 1;
+ goto exit;
+ }
+
+ if( verbose != 0 )
+ polarssl_printf( "passed\n" );
+ }
+
+ if( verbose != 0 )
+ polarssl_printf( "\n" );
+
+exit:
+ sha1_free( &ctx );
+
+ return( ret );
+}
+
+#endif /* POLARSSL_SELF_TEST */
+
+#endif /* POLARSSL_SHA1_C */
+
--- /dev/null
+/**
+ * \file sha1.h
+ *
+ * \brief SHA-1 cryptographic hash function
+ *
+ * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved
+ *
+ * This file is part of mbed TLS (https://tls.mbed.org)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+#ifndef POLARSSL_SHA1_H
+#define POLARSSL_SHA1_H
+
+#if !defined(POLARSSL_CONFIG_FILE)
+//#include "config.h"
+/**
+ * \def POLARSSL_SHA1_C
+ *
+ * Enable the SHA1 cryptographic hash algorithm.
+ *
+ * Module: library/sha1.c
+ * Caller: library/md.c
+ * library/ssl_cli.c
+ * library/ssl_srv.c
+ * library/ssl_tls.c
+ * library/x509write_crt.c
+ *
+ * This module is required for SSL/TLS and SHA1-signed certificates.
+ */
+#define POLARSSL_SHA1_C
+
+#else
+#include POLARSSL_CONFIG_FILE
+#endif
+
+#include <stddef.h>
+
+#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
+#include <basetsd.h>
+typedef UINT32 uint32_t;
+#else
+#include <inttypes.h>
+#endif
+
+#define POLARSSL_ERR_SHA1_FILE_IO_ERROR -0x0076 /**< Read/write error in file. */
+
+#if !defined(POLARSSL_SHA1_ALT)
+// Regular implementation
+//
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief SHA-1 context structure
+ */
+typedef struct
+{
+ uint32_t total[2]; /*!< number of bytes processed */
+ uint32_t state[5]; /*!< intermediate digest state */
+ unsigned char buffer[64]; /*!< data block being processed */
+
+ unsigned char ipad[64]; /*!< HMAC: inner padding */
+ unsigned char opad[64]; /*!< HMAC: outer padding */
+}
+sha1_context;
+
+/**
+ * \brief Initialize SHA-1 context
+ *
+ * \param ctx SHA-1 context to be initialized
+ */
+void sha1_init( sha1_context *ctx );
+
+/**
+ * \brief Clear SHA-1 context
+ *
+ * \param ctx SHA-1 context to be cleared
+ */
+void sha1_free( sha1_context *ctx );
+
+/**
+ * \brief SHA-1 context setup
+ *
+ * \param ctx context to be initialized
+ */
+void sha1_starts( sha1_context *ctx );
+
+/**
+ * \brief SHA-1 process buffer
+ *
+ * \param ctx SHA-1 context
+ * \param input buffer holding the data
+ * \param ilen length of the input data
+ */
+void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen );
+
+/**
+ * \brief SHA-1 final digest
+ *
+ * \param ctx SHA-1 context
+ * \param output SHA-1 checksum result
+ */
+void sha1_finish( sha1_context *ctx, unsigned char output[20] );
+
+/* Internal use */
+void sha1_process( sha1_context *ctx, const unsigned char data[64] );
+
+#ifdef __cplusplus
+}
+#endif
+
+#else /* POLARSSL_SHA1_ALT */
+#include "sha1_alt.h"
+#endif /* POLARSSL_SHA1_ALT */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief Output = SHA-1( input buffer )
+ *
+ * \param input buffer holding the data
+ * \param ilen length of the input data
+ * \param output SHA-1 checksum result
+ */
+void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] );
+
+/**
+ * \brief Output = SHA-1( file contents )
+ *
+ * \param path input file name
+ * \param output SHA-1 checksum result
+ *
+ * \return 0 if successful, or POLARSSL_ERR_SHA1_FILE_IO_ERROR
+ */
+int sha1_file( const char *path, unsigned char output[20] );
+
+/**
+ * \brief SHA-1 HMAC context setup
+ *
+ * \param ctx HMAC context to be initialized
+ * \param key HMAC secret key
+ * \param keylen length of the HMAC key
+ */
+void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key,
+ size_t keylen );
+
+/**
+ * \brief SHA-1 HMAC process buffer
+ *
+ * \param ctx HMAC context
+ * \param input buffer holding the data
+ * \param ilen length of the input data
+ */
+void sha1_hmac_update( sha1_context *ctx, const unsigned char *input,
+ size_t ilen );
+
+/**
+ * \brief SHA-1 HMAC final digest
+ *
+ * \param ctx HMAC context
+ * \param output SHA-1 HMAC checksum result
+ */
+void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] );
+
+/**
+ * \brief SHA-1 HMAC context reset
+ *
+ * \param ctx HMAC context to be reset
+ */
+void sha1_hmac_reset( sha1_context *ctx );
+
+/**
+ * \brief Output = HMAC-SHA-1( hmac key, input buffer )
+ *
+ * \param key HMAC secret key
+ * \param keylen length of the HMAC key
+ * \param input buffer holding the data
+ * \param ilen length of the input data
+ * \param output HMAC-SHA-1 result
+ */
+void sha1_hmac( const unsigned char *key, size_t keylen,
+ const unsigned char *input, size_t ilen,
+ unsigned char output[20] );
+
+/**
+ * \brief Checkup routine
+ *
+ * \return 0 if successful, or 1 if the test failed
+ */
+int sha1_self_test( int verbose );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* sha1.h */
// and whether to drive the coil (reader) or just short it (snooper)
wire hi_read_rx_xcorr_snoop = conf_word[1];
-// Divide the expected subcarrier frequency for hi_read_rx_xcorr by 4
-wire hi_read_rx_xcorr_quarter = conf_word[2];
-
// For the high-frequency simulated tag: what kind of modulation to use.
wire [2:0] hi_simulate_mod_type = conf_word[2:0];
hrxc_ssp_frame, hrxc_ssp_din, ssp_dout, hrxc_ssp_clk,
cross_hi, cross_lo,
hrxc_dbg,
- hi_read_rx_xcorr_848, hi_read_rx_xcorr_snoop, hi_read_rx_xcorr_quarter
+ hi_read_rx_xcorr_848, hi_read_rx_xcorr_snoop
);
hi_simulate hs(
ssp_frame, ssp_din, ssp_dout, ssp_clk,
cross_hi, cross_lo,
dbg,
- xcorr_is_848, snoop, xcorr_quarter_freq
+ xcorr_is_848, snoop
);
input pck0, ck_1356meg, ck_1356megb;
output pwr_lo, pwr_hi, pwr_oe1, pwr_oe2, pwr_oe3, pwr_oe4;
output ssp_frame, ssp_din, ssp_clk;
input cross_hi, cross_lo;
output dbg;
- input xcorr_is_848, snoop, xcorr_quarter_freq;
+ input xcorr_is_848, snoop;
// Carrier is steady on through this, unless we're snooping.
assign pwr_hi = ck_1356megb & (~snoop);
assign pwr_oe1 = 1'b0;
-assign pwr_oe2 = 1'b0;
assign pwr_oe3 = 1'b0;
assign pwr_oe4 = 1'b0;
-reg ssp_clk;
-reg ssp_frame;
+wire adc_clk = ck_1356megb;
reg fc_div_2;
-always @(posedge ck_1356meg)
- fc_div_2 = ~fc_div_2;
-
-reg fc_div_4;
-always @(posedge fc_div_2)
- fc_div_4 = ~fc_div_4;
-
-reg fc_div_8;
-always @(posedge fc_div_4)
- fc_div_8 = ~fc_div_8;
-
-reg adc_clk;
-
-always @(xcorr_is_848 or xcorr_quarter_freq or ck_1356meg)
- if(~xcorr_quarter_freq)
- begin
- if(xcorr_is_848)
- // The subcarrier frequency is fc/16; we will sample at fc, so that
- // means the subcarrier is 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 1 1 ...
- adc_clk <= ck_1356meg;
- else
- // The subcarrier frequency is fc/32; we will sample at fc/2, and
- // the subcarrier will look identical.
- adc_clk <= fc_div_2;
- end
- else
- begin
- if(xcorr_is_848)
- // The subcarrier frequency is fc/64
- adc_clk <= fc_div_4;
- else
- // The subcarrier frequency is fc/128
- adc_clk <= fc_div_8;
- end
+always @(negedge ck_1356megb)
+ fc_div_2 <= fc_div_2 + 1;
// When we're a reader, we just need to do the BPSK demod; but when we're an
// eavesdropper, we also need to pick out the commands sent by the reader,
// using AM. Do this the same way that we do it for the simulated tag.
-reg after_hysteresis, after_hysteresis_prev;
+reg after_hysteresis, after_hysteresis_prev, after_hysteresis_prev_prev;
reg [11:0] has_been_low_for;
always @(negedge adc_clk)
begin
// Let us report a correlation every 4 subcarrier cycles, or 4*16 samples,
// so we need a 6-bit counter.
reg [5:0] corr_i_cnt;
-reg [5:0] corr_q_cnt;
// And a couple of registers in which to accumulate the correlations.
-reg signed [15:0] corr_i_accum;
-reg signed [15:0] corr_q_accum;
+// we would add at most 32 times adc_d, the result can be held in 13 bits.
+// Need one additional bit because it can be negative as well
+reg signed [13:0] corr_i_accum;
+reg signed [13:0] corr_q_accum;
reg signed [7:0] corr_i_out;
reg signed [7:0] corr_q_out;
+// clock and frame signal for communication to ARM
+reg ssp_clk;
+reg ssp_frame;
+
+
+always @(negedge adc_clk)
+begin
+ if (xcorr_is_848 | fc_div_2)
+ corr_i_cnt <= corr_i_cnt + 1;
+end
+
// ADC data appears on the rising edge, so sample it on the falling edge
always @(negedge adc_clk)
// These are the correlators: we correlate against in-phase and quadrature
// versions of our reference signal, and keep the (signed) result to
// send out later over the SSP.
- if(corr_i_cnt == 7'd63)
+ if(corr_i_cnt == 6'd0)
begin
if(snoop)
begin
- corr_i_out <= {corr_i_accum[12:6], after_hysteresis_prev};
- corr_q_out <= {corr_q_accum[12:6], after_hysteresis};
+ // Send only 7 most significant bits of tag signal (signed), LSB is reader signal:
+ corr_i_out <= {corr_i_accum[13:7], after_hysteresis_prev_prev};
+ corr_q_out <= {corr_q_accum[13:7], after_hysteresis_prev};
+ after_hysteresis_prev_prev <= after_hysteresis;
end
else
begin
- // Only correlations need to be delivered.
+ // 8 most significant bits of tag signal
corr_i_out <= corr_i_accum[13:6];
corr_q_out <= corr_q_accum[13:6];
end
corr_i_accum <= adc_d;
corr_q_accum <= adc_d;
- corr_q_cnt <= 4;
- corr_i_cnt <= 0;
end
else
begin
else
corr_i_accum <= corr_i_accum + adc_d;
- if(corr_q_cnt[3])
- corr_q_accum <= corr_q_accum - adc_d;
- else
+ if(corr_i_cnt[3] == corr_i_cnt[2]) // phase shifted by pi/2
corr_q_accum <= corr_q_accum + adc_d;
+ else
+ corr_q_accum <= corr_q_accum - adc_d;
- corr_i_cnt <= corr_i_cnt + 1;
- corr_q_cnt <= corr_q_cnt + 1;
end
// The logic in hi_simulate.v reports 4 samples per bit. We report two
// (I, Q) pairs per bit, so we should do 2 samples per pair.
- if(corr_i_cnt == 6'd31)
+ if(corr_i_cnt == 6'd32)
after_hysteresis_prev <= after_hysteresis;
// Then the result from last time is serialized and send out to the ARM.
end
end
- if(corr_i_cnt[5:2] == 4'b000 || corr_i_cnt[5:2] == 4'b1000)
+ // set ssp_frame signal for corr_i_cnt = 0..3 and corr_i_cnt = 32..35
+ // (send two frames with 8 Bits each)
+ if(corr_i_cnt[5:2] == 4'b0000 || corr_i_cnt[5:2] == 4'b1000)
ssp_frame = 1'b1;
else
ssp_frame = 1'b0;
// Unused.
assign pwr_lo = 1'b0;
+assign pwr_oe2 = 1'b0;
endmodule
#define SPI_FPGA_MODE 0
#define SPI_LCD_MODE 1
-#define FPGA_BITSTREAM_ERR 0
-#define FPGA_BITSTREAM_LF 1
-#define FPGA_BITSTREAM_HF 2
-
#define TRUE 1
#define FALSE 0
// For the 13.56 MHz tags
#define CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_15693 0x0300
-#define CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443 0x0301
#define CMD_READ_SRI512_TAG 0x0303
#define CMD_READ_SRIX4K_TAG 0x0304
#define CMD_ISO_14443B_COMMAND 0x0305
#define CMD_SIMULATE_HITAG 0x0371
#define CMD_READER_HITAG 0x0372
-#define CMD_SIMULATE_TAG_HF_LISTEN 0x0380
-#define CMD_SIMULATE_TAG_ISO_14443 0x0381
-#define CMD_SNOOP_ISO_14443 0x0382
+#define CMD_SIMULATE_TAG_ISO_14443B 0x0381
+#define CMD_SNOOP_ISO_14443B 0x0382
#define CMD_SNOOP_ISO_14443a 0x0383
#define CMD_SIMULATE_TAG_ISO_14443a 0x0384
#define CMD_READER_ISO_14443a 0x0385
#define CMD_READER_LEGIC_RF 0x0388
#define CMD_WRITER_LEGIC_RF 0x0389
#define CMD_EPA_PACE_COLLECT_NONCE 0x038A
+#define CMD_EPA_PACE_REPLAY 0x038B
#define CMD_SNOOP_ICLASS 0x0392
#define CMD_SIMULATE_TAG_ICLASS 0x0393
#define CMD_READER_ICLASS 0x0394
-#define CMD_READER_ICLASS_REPLAY 0x0395
-#define CMD_ICLASS_ISO14443A_WRITE 0x0397
+#define CMD_READER_ICLASS_REPLAY 0x0395
+#define CMD_ICLASS_ISO14443A_WRITE 0x0397
#define CMD_ICLASS_EML_MEMSET 0x0398
// For measurements of the antenna tuning
#define CMD_MIFARE_NESTED 0x0612
#define CMD_MIFARE_READBL 0x0620
-#define CMD_MIFAREU_READBL 0x0720
+#define CMD_MIFAREU_READBL 0x0720
#define CMD_MIFARE_READSC 0x0621
-#define CMD_MIFAREU_READCARD 0x0721
+#define CMD_MIFAREU_READCARD 0x0721
#define CMD_MIFARE_WRITEBL 0x0622
-#define CMD_MIFAREU_WRITEBL 0x0722
-#define CMD_MIFAREU_WRITEBL_COMPAT 0x0723
+#define CMD_MIFAREU_WRITEBL 0x0722
+#define CMD_MIFAREU_WRITEBL_COMPAT 0x0723
#define CMD_MIFARE_CHKKEYS 0x0623
#define CMD_MIFARE_SNIFFER 0x0630
//ultralightC
-#define CMD_MIFAREUC_AUTH1 0x0724
-#define CMD_MIFAREUC_AUTH2 0x0725
-#define CMD_MIFAREUC_READCARD 0x0726
+#define CMD_MIFAREUC_AUTH 0x0724
+//0x0725 and 0x0726 no longer used
+#define CMD_MIFAREUC_SETPWD 0x0727
+
// mifare desfire
#define CMD_MIFARE_DESFIRE_READBL 0x0728
//Iclass reader flags
#define FLAG_ICLASS_READER_ONLY_ONCE 0x01
-#define FLAG_ICLASS_READER_CC 0x02
-#define FLAG_ICLASS_READER_CSN 0x04
-#define FLAG_ICLASS_READER_CONF 0x08
-#define FLAG_ICLASS_READER_AA 0x10
+#define FLAG_ICLASS_READER_CC 0x02
+#define FLAG_ICLASS_READER_CSN 0x04
+#define FLAG_ICLASS_READER_CONF 0x08
+#define FLAG_ICLASS_READER_AA 0x10
+#define FLAG_ICLASS_READER_ONE_TRY 0x20
--- /dev/null
+
+ ChangeLog file for zlib
+
+Changes in 1.2.8.f-Proxmark3 (for Proxmark3 project only) (26 May 2015)
+- disable decoding of fixed code blocks in deflate (eliminates the need
+ to store the fixed tree in RAM or ROM)
+- disable generating fixed code blocks in inflate
+- look harder for local optimum of consecutive matches and single literals
+ in inflate.
+- stripped down version - unnecessary files from original distribution
+ are not included
+
+Changes in 1.2.8 (28 Apr 2013)
+- Update contrib/minizip/iowin32.c for Windows RT [Vollant]
+- Do not force Z_CONST for C++
+- Clean up contrib/vstudio [Ro§]
+- Correct spelling error in zlib.h
+- Fix mixed line endings in contrib/vstudio
+
+Changes in 1.2.7.3 (13 Apr 2013)
+- Fix version numbers and DLL names in contrib/vstudio/*/zlib.rc
+
+Changes in 1.2.7.2 (13 Apr 2013)
+- Change check for a four-byte type back to hexadecimal
+- Fix typo in win32/Makefile.msc
+- Add casts in gzwrite.c for pointer differences
+
+Changes in 1.2.7.1 (24 Mar 2013)
+- Replace use of unsafe string functions with snprintf if available
+- Avoid including stddef.h on Windows for Z_SOLO compile [Niessink]
+- Fix gzgetc undefine when Z_PREFIX set [Turk]
+- Eliminate use of mktemp in Makefile (not always available)
+- Fix bug in 'F' mode for gzopen()
+- Add inflateGetDictionary() function
+- Correct comment in deflate.h
+- Use _snprintf for snprintf in Microsoft C
+- On Darwin, only use /usr/bin/libtool if libtool is not Apple
+- Delete "--version" file if created by "ar --version" [Richard G.]
+- Fix configure check for veracity of compiler error return codes
+- Fix CMake compilation of static lib for MSVC2010 x64
+- Remove unused variable in infback9.c
+- Fix argument checks in gzlog_compress() and gzlog_write()
+- Clean up the usage of z_const and respect const usage within zlib
+- Clean up examples/gzlog.[ch] comparisons of different types
+- Avoid shift equal to bits in type (caused endless loop)
+- Fix unintialized value bug in gzputc() introduced by const patches
+- Fix memory allocation error in examples/zran.c [Nor]
+- Fix bug where gzopen(), gzclose() would write an empty file
+- Fix bug in gzclose() when gzwrite() runs out of memory
+- Check for input buffer malloc failure in examples/gzappend.c
+- Add note to contrib/blast to use binary mode in stdio
+- Fix comparisons of differently signed integers in contrib/blast
+- Check for invalid code length codes in contrib/puff
+- Fix serious but very rare decompression bug in inftrees.c
+- Update inflateBack() comments, since inflate() can be faster
+- Use underscored I/O function names for WINAPI_FAMILY
+- Add _tr_flush_bits to the external symbols prefixed by --zprefix
+- Add contrib/vstudio/vc10 pre-build step for static only
+- Quote --version-script argument in CMakeLists.txt
+- Don't specify --version-script on Apple platforms in CMakeLists.txt
+- Fix casting error in contrib/testzlib/testzlib.c
+- Fix types in contrib/minizip to match result of get_crc_table()
+- Simplify contrib/vstudio/vc10 with 'd' suffix
+- Add TOP support to win32/Makefile.msc
+- Suport i686 and amd64 assembler builds in CMakeLists.txt
+- Fix typos in the use of _LARGEFILE64_SOURCE in zconf.h
+- Add vc11 and vc12 build files to contrib/vstudio
+- Add gzvprintf() as an undocumented function in zlib
+- Fix configure for Sun shell
+- Remove runtime check in configure for four-byte integer type
+- Add casts and consts to ease user conversion to C++
+- Add man pages for minizip and miniunzip
+- In Makefile uninstall, don't rm if preceding cd fails
+- Do not return Z_BUF_ERROR if deflateParam() has nothing to write
+
+Changes in 1.2.7 (2 May 2012)
+- Replace use of memmove() with a simple copy for portability
+- Test for existence of strerror
+- Restore gzgetc_ for backward compatibility with 1.2.6
+- Fix build with non-GNU make on Solaris
+- Require gcc 4.0 or later on Mac OS X to use the hidden attribute
+- Include unistd.h for Watcom C
+- Use __WATCOMC__ instead of __WATCOM__
+- Do not use the visibility attribute if NO_VIZ defined
+- Improve the detection of no hidden visibility attribute
+- Avoid using __int64 for gcc or solo compilation
+- Cast to char * in gzprintf to avoid warnings [Zinser]
+- Fix make_vms.com for VAX [Zinser]
+- Don't use library or built-in byte swaps
+- Simplify test and use of gcc hidden attribute
+- Fix bug in gzclose_w() when gzwrite() fails to allocate memory
+- Add "x" (O_EXCL) and "e" (O_CLOEXEC) modes support to gzopen()
+- Fix bug in test/minigzip.c for configure --solo
+- Fix contrib/vstudio project link errors [Mohanathas]
+- Add ability to choose the builder in make_vms.com [Schweda]
+- Add DESTDIR support to mingw32 win32/Makefile.gcc
+- Fix comments in win32/Makefile.gcc for proper usage
+- Allow overriding the default install locations for cmake
+- Generate and install the pkg-config file with cmake
+- Build both a static and a shared version of zlib with cmake
+- Include version symbols for cmake builds
+- If using cmake with MSVC, add the source directory to the includes
+- Remove unneeded EXTRA_CFLAGS from win32/Makefile.gcc [Truta]
+- Move obsolete emx makefile to old [Truta]
+- Allow the use of -Wundef when compiling or using zlib
+- Avoid the use of the -u option with mktemp
+- Improve inflate() documentation on the use of Z_FINISH
+- Recognize clang as gcc
+- Add gzopen_w() in Windows for wide character path names
+- Rename zconf.h in CMakeLists.txt to move it out of the way
+- Add source directory in CMakeLists.txt for building examples
+- Look in build directory for zlib.pc in CMakeLists.txt
+- Remove gzflags from zlibvc.def in vc9 and vc10
+- Fix contrib/minizip compilation in the MinGW environment
+- Update ./configure for Solaris, support --64 [Mooney]
+- Remove -R. from Solaris shared build (possible security issue)
+- Avoid race condition for parallel make (-j) running example
+- Fix type mismatch between get_crc_table() and crc_table
+- Fix parsing of version with "-" in CMakeLists.txt [Snider, Ziegler]
+- Fix the path to zlib.map in CMakeLists.txt
+- Force the native libtool in Mac OS X to avoid GNU libtool [Beebe]
+- Add instructions to win32/Makefile.gcc for shared install [Torri]
+
+Changes in 1.2.6.1 (12 Feb 2012)
+- Avoid the use of the Objective-C reserved name "id"
+- Include io.h in gzguts.h for Microsoft compilers
+- Fix problem with ./configure --prefix and gzgetc macro
+- Include gz_header definition when compiling zlib solo
+- Put gzflags() functionality back in zutil.c
+- Avoid library header include in crc32.c for Z_SOLO
+- Use name in GCC_CLASSIC as C compiler for coverage testing, if set
+- Minor cleanup in contrib/minizip/zip.c [Vollant]
+- Update make_vms.com [Zinser]
+- Remove unnecessary gzgetc_ function
+- Use optimized byte swap operations for Microsoft and GNU [Snyder]
+- Fix minor typo in zlib.h comments [Rzesniowiecki]
+
+Changes in 1.2.6 (29 Jan 2012)
+- Update the Pascal interface in contrib/pascal
+- Fix function numbers for gzgetc_ in zlibvc.def files
+- Fix configure.ac for contrib/minizip [Schiffer]
+- Fix large-entry detection in minizip on 64-bit systems [Schiffer]
+- Have ./configure use the compiler return code for error indication
+- Fix CMakeLists.txt for cross compilation [McClure]
+- Fix contrib/minizip/zip.c for 64-bit architectures [Dalsnes]
+- Fix compilation of contrib/minizip on FreeBSD [Marquez]
+- Correct suggested usages in win32/Makefile.msc [Shachar, Horvath]
+- Include io.h for Turbo C / Borland C on all platforms [Truta]
+- Make version explicit in contrib/minizip/configure.ac [Bosmans]
+- Avoid warning for no encryption in contrib/minizip/zip.c [Vollant]
+- Minor cleanup up contrib/minizip/unzip.c [Vollant]
+- Fix bug when compiling minizip with C++ [Vollant]
+- Protect for long name and extra fields in contrib/minizip [Vollant]
+- Avoid some warnings in contrib/minizip [Vollant]
+- Add -I../.. -L../.. to CFLAGS for minizip and miniunzip
+- Add missing libs to minizip linker command
+- Add support for VPATH builds in contrib/minizip
+- Add an --enable-demos option to contrib/minizip/configure
+- Add the generation of configure.log by ./configure
+- Exit when required parameters not provided to win32/Makefile.gcc
+- Have gzputc return the character written instead of the argument
+- Use the -m option on ldconfig for BSD systems [Tobias]
+- Correct in zlib.map when deflateResetKeep was added
+
+Changes in 1.2.5.3 (15 Jan 2012)
+- Restore gzgetc function for binary compatibility
+- Do not use _lseeki64 under Borland C++ [Truta]
+- Update win32/Makefile.msc to build test/*.c [Truta]
+- Remove old/visualc6 given CMakefile and other alternatives
+- Update AS400 build files and documentation [Monnerat]
+- Update win32/Makefile.gcc to build test/*.c [Truta]
+- Permit stronger flushes after Z_BLOCK flushes
+- Avoid extraneous empty blocks when doing empty flushes
+- Permit Z_NULL arguments to deflatePending
+- Allow deflatePrime() to insert bits in the middle of a stream
+- Remove second empty static block for Z_PARTIAL_FLUSH
+- Write out all of the available bits when using Z_BLOCK
+- Insert the first two strings in the hash table after a flush
+
+Changes in 1.2.5.2 (17 Dec 2011)
+- fix ld error: unable to find version dependency 'ZLIB_1.2.5'
+- use relative symlinks for shared libs
+- Avoid searching past window for Z_RLE strategy
+- Assure that high-water mark initialization is always applied in deflate
+- Add assertions to fill_window() in deflate.c to match comments
+- Update python link in README
+- Correct spelling error in gzread.c
+- Fix bug in gzgets() for a concatenated empty gzip stream
+- Correct error in comment for gz_make()
+- Change gzread() and related to ignore junk after gzip streams
+- Allow gzread() and related to continue after gzclearerr()
+- Allow gzrewind() and gzseek() after a premature end-of-file
+- Simplify gzseek() now that raw after gzip is ignored
+- Change gzgetc() to a macro for speed (~40% speedup in testing)
+- Fix gzclose() to return the actual error last encountered
+- Always add large file support for windows
+- Include zconf.h for windows large file support
+- Include zconf.h.cmakein for windows large file support
+- Update zconf.h.cmakein on make distclean
+- Merge vestigial vsnprintf determination from zutil.h to gzguts.h
+- Clarify how gzopen() appends in zlib.h comments
+- Correct documentation of gzdirect() since junk at end now ignored
+- Add a transparent write mode to gzopen() when 'T' is in the mode
+- Update python link in zlib man page
+- Get inffixed.h and MAKEFIXED result to match
+- Add a ./config --solo option to make zlib subset with no libary use
+- Add undocumented inflateResetKeep() function for CAB file decoding
+- Add --cover option to ./configure for gcc coverage testing
+- Add #define ZLIB_CONST option to use const in the z_stream interface
+- Add comment to gzdopen() in zlib.h to use dup() when using fileno()
+- Note behavior of uncompress() to provide as much data as it can
+- Add files in contrib/minizip to aid in building libminizip
+- Split off AR options in Makefile.in and configure
+- Change ON macro to Z_ARG to avoid application conflicts
+- Facilitate compilation with Borland C++ for pragmas and vsnprintf
+- Include io.h for Turbo C / Borland C++
+- Move example.c and minigzip.c to test/
+- Simplify incomplete code table filling in inflate_table()
+- Remove code from inflate.c and infback.c that is impossible to execute
+- Test the inflate code with full coverage
+- Allow deflateSetDictionary, inflateSetDictionary at any time (in raw)
+- Add deflateResetKeep and fix inflateResetKeep to retain dictionary
+- Fix gzwrite.c to accommodate reduced memory zlib compilation
+- Have inflate() with Z_FINISH avoid the allocation of a window
+- Do not set strm->adler when doing raw inflate
+- Fix gzeof() to behave just like feof() when read is not past end of file
+- Fix bug in gzread.c when end-of-file is reached
+- Avoid use of Z_BUF_ERROR in gz* functions except for premature EOF
+- Document gzread() capability to read concurrently written files
+- Remove hard-coding of resource compiler in CMakeLists.txt [Blammo]
+
+Changes in 1.2.5.1 (10 Sep 2011)
+- Update FAQ entry on shared builds (#13)
+- Avoid symbolic argument to chmod in Makefile.in
+- Fix bug and add consts in contrib/puff [Oberhumer]
+- Update contrib/puff/zeros.raw test file to have all block types
+- Add full coverage test for puff in contrib/puff/Makefile
+- Fix static-only-build install in Makefile.in
+- Fix bug in unzGetCurrentFileInfo() in contrib/minizip [Kuno]
+- Add libz.a dependency to shared in Makefile.in for parallel builds
+- Spell out "number" (instead of "nb") in zlib.h for total_in, total_out
+- Replace $(...) with `...` in configure for non-bash sh [Bowler]
+- Add darwin* to Darwin* and solaris* to SunOS\ 5* in configure [Groffen]
+- Add solaris* to Linux* in configure to allow gcc use [Groffen]
+- Add *bsd* to Linux* case in configure [Bar-Lev]
+- Add inffast.obj to dependencies in win32/Makefile.msc
+- Correct spelling error in deflate.h [Kohler]
+- Change libzdll.a again to libz.dll.a (!) in win32/Makefile.gcc
+- Add test to configure for GNU C looking for gcc in output of $cc -v
+- Add zlib.pc generation to win32/Makefile.gcc [Weigelt]
+- Fix bug in zlib.h for _FILE_OFFSET_BITS set and _LARGEFILE64_SOURCE not
+- Add comment in zlib.h that adler32_combine with len2 < 0 makes no sense
+- Make NO_DIVIDE option in adler32.c much faster (thanks to John Reiser)
+- Make stronger test in zconf.h to include unistd.h for LFS
+- Apply Darwin patches for 64-bit file offsets to contrib/minizip [Slack]
+- Fix zlib.h LFS support when Z_PREFIX used
+- Add updated as400 support (removed from old) [Monnerat]
+- Avoid deflate sensitivity to volatile input data
+- Avoid division in adler32_combine for NO_DIVIDE
+- Clarify the use of Z_FINISH with deflateBound() amount of space
+- Set binary for output file in puff.c
+- Use u4 type for crc_table to avoid conversion warnings
+- Apply casts in zlib.h to avoid conversion warnings
+- Add OF to prototypes for adler32_combine_ and crc32_combine_ [Miller]
+- Improve inflateSync() documentation to note indeterminancy
+- Add deflatePending() function to return the amount of pending output
+- Correct the spelling of "specification" in FAQ [Randers-Pehrson]
+- Add a check in configure for stdarg.h, use for gzprintf()
+- Check that pointers fit in ints when gzprint() compiled old style
+- Add dummy name before $(SHAREDLIBV) in Makefile [Bar-Lev, Bowler]
+- Delete line in configure that adds -L. libz.a to LDFLAGS [Weigelt]
+- Add debug records in assmebler code [Londer]
+- Update RFC references to use http://tools.ietf.org/html/... [Li]
+- Add --archs option, use of libtool to configure for Mac OS X [Borstel]
+
+Changes in 1.2.5 (19 Apr 2010)
+- Disable visibility attribute in win32/Makefile.gcc [Bar-Lev]
+- Default to libdir as sharedlibdir in configure [Nieder]
+- Update copyright dates on modified source files
+- Update trees.c to be able to generate modified trees.h
+- Exit configure for MinGW, suggesting win32/Makefile.gcc
+- Check for NULL path in gz_open [Homurlu]
+
+Changes in 1.2.4.5 (18 Apr 2010)
+- Set sharedlibdir in configure [Torok]
+- Set LDFLAGS in Makefile.in [Bar-Lev]
+- Avoid mkdir objs race condition in Makefile.in [Bowler]
+- Add ZLIB_INTERNAL in front of internal inter-module functions and arrays
+- Define ZLIB_INTERNAL to hide internal functions and arrays for GNU C
+- Don't use hidden attribute when it is a warning generator (e.g. Solaris)
+
+Changes in 1.2.4.4 (18 Apr 2010)
+- Fix CROSS_PREFIX executable testing, CHOST extract, mingw* [Torok]
+- Undefine _LARGEFILE64_SOURCE in zconf.h if it is zero, but not if empty
+- Try to use bash or ksh regardless of functionality of /bin/sh
+- Fix configure incompatibility with NetBSD sh
+- Remove attempt to run under bash or ksh since have better NetBSD fix
+- Fix win32/Makefile.gcc for MinGW [Bar-Lev]
+- Add diagnostic messages when using CROSS_PREFIX in configure
+- Added --sharedlibdir option to configure [Weigelt]
+- Use hidden visibility attribute when available [Frysinger]
+
+Changes in 1.2.4.3 (10 Apr 2010)
+- Only use CROSS_PREFIX in configure for ar and ranlib if they exist
+- Use CROSS_PREFIX for nm [Bar-Lev]
+- Assume _LARGEFILE64_SOURCE defined is equivalent to true
+- Avoid use of undefined symbols in #if with && and ||
+- Make *64 prototypes in gzguts.h consistent with functions
+- Add -shared load option for MinGW in configure [Bowler]
+- Move z_off64_t to public interface, use instead of off64_t
+- Remove ! from shell test in configure (not portable to Solaris)
+- Change +0 macro tests to -0 for possibly increased portability
+
+Changes in 1.2.4.2 (9 Apr 2010)
+- Add consistent carriage returns to readme.txt's in masmx86 and masmx64
+- Really provide prototypes for *64 functions when building without LFS
+- Only define unlink() in minigzip.c if unistd.h not included
+- Update README to point to contrib/vstudio project files
+- Move projects/vc6 to old/ and remove projects/
+- Include stdlib.h in minigzip.c for setmode() definition under WinCE
+- Clean up assembler builds in win32/Makefile.msc [Rowe]
+- Include sys/types.h for Microsoft for off_t definition
+- Fix memory leak on error in gz_open()
+- Symbolize nm as $NM in configure [Weigelt]
+- Use TEST_LDSHARED instead of LDSHARED to link test programs [Weigelt]
+- Add +0 to _FILE_OFFSET_BITS and _LFS64_LARGEFILE in case not defined
+- Fix bug in gzeof() to take into account unused input data
+- Avoid initialization of structures with variables in puff.c
+- Updated win32/README-WIN32.txt [Rowe]
+
+Changes in 1.2.4.1 (28 Mar 2010)
+- Remove the use of [a-z] constructs for sed in configure [gentoo 310225]
+- Remove $(SHAREDLIB) from LIBS in Makefile.in [Creech]
+- Restore "for debugging" comment on sprintf() in gzlib.c
+- Remove fdopen for MVS from gzguts.h
+- Put new README-WIN32.txt in win32 [Rowe]
+- Add check for shell to configure and invoke another shell if needed
+- Fix big fat stinking bug in gzseek() on uncompressed files
+- Remove vestigial F_OPEN64 define in zutil.h
+- Set and check the value of _LARGEFILE_SOURCE and _LARGEFILE64_SOURCE
+- Avoid errors on non-LFS systems when applications define LFS macros
+- Set EXE to ".exe" in configure for MINGW [Kahle]
+- Match crc32() in crc32.c exactly to the prototype in zlib.h [Sherrill]
+- Add prefix for cross-compilation in win32/makefile.gcc [Bar-Lev]
+- Add DLL install in win32/makefile.gcc [Bar-Lev]
+- Allow Linux* or linux* from uname in configure [Bar-Lev]
+- Allow ldconfig to be redefined in configure and Makefile.in [Bar-Lev]
+- Add cross-compilation prefixes to configure [Bar-Lev]
+- Match type exactly in gz_load() invocation in gzread.c
+- Match type exactly of zcalloc() in zutil.c to zlib.h alloc_func
+- Provide prototypes for *64 functions when building zlib without LFS
+- Don't use -lc when linking shared library on MinGW
+- Remove errno.h check in configure and vestigial errno code in zutil.h
+
+Changes in 1.2.4 (14 Mar 2010)
+- Fix VER3 extraction in configure for no fourth subversion
+- Update zlib.3, add docs to Makefile.in to make .pdf out of it
+- Add zlib.3.pdf to distribution
+- Don't set error code in gzerror() if passed pointer is NULL
+- Apply destination directory fixes to CMakeLists.txt [Lowman]
+- Move #cmakedefine's to a new zconf.in.cmakein
+- Restore zconf.h for builds that don't use configure or cmake
+- Add distclean to dummy Makefile for convenience
+- Update and improve INDEX, README, and FAQ
+- Update CMakeLists.txt for the return of zconf.h [Lowman]
+- Update contrib/vstudio/vc9 and vc10 [Vollant]
+- Change libz.dll.a back to libzdll.a in win32/Makefile.gcc
+- Apply license and readme changes to contrib/asm686 [Raiter]
+- Check file name lengths and add -c option in minigzip.c [Li]
+- Update contrib/amd64 and contrib/masmx86/ [Vollant]
+- Avoid use of "eof" parameter in trees.c to not shadow library variable
+- Update make_vms.com for removal of zlibdefs.h [Zinser]
+- Update assembler code and vstudio projects in contrib [Vollant]
+- Remove outdated assembler code contrib/masm686 and contrib/asm586
+- Remove old vc7 and vc8 from contrib/vstudio
+- Update win32/Makefile.msc, add ZLIB_VER_SUBREVISION [Rowe]
+- Fix memory leaks in gzclose_r() and gzclose_w(), file leak in gz_open()
+- Add contrib/gcc_gvmat64 for longest_match and inflate_fast [Vollant]
+- Remove *64 functions from win32/zlib.def (they're not 64-bit yet)
+- Fix bug in void-returning vsprintf() case in gzwrite.c
+- Fix name change from inflate.h in contrib/inflate86/inffas86.c
+- Check if temporary file exists before removing in make_vms.com [Zinser]
+- Fix make install and uninstall for --static option
+- Fix usage of _MSC_VER in gzguts.h and zutil.h [Truta]
+- Update readme.txt in contrib/masmx64 and masmx86 to assemble
+
+Changes in 1.2.3.9 (21 Feb 2010)
+- Expunge gzio.c
+- Move as400 build information to old
+- Fix updates in contrib/minizip and contrib/vstudio
+- Add const to vsnprintf test in configure to avoid warnings [Weigelt]
+- Delete zconf.h (made by configure) [Weigelt]
+- Change zconf.in.h to zconf.h.in per convention [Weigelt]
+- Check for NULL buf in gzgets()
+- Return empty string for gzgets() with len == 1 (like fgets())
+- Fix description of gzgets() in zlib.h for end-of-file, NULL return
+- Update minizip to 1.1 [Vollant]
+- Avoid MSVC loss of data warnings in gzread.c, gzwrite.c
+- Note in zlib.h that gzerror() should be used to distinguish from EOF
+- Remove use of snprintf() from gzlib.c
+- Fix bug in gzseek()
+- Update contrib/vstudio, adding vc9 and vc10 [Kuno, Vollant]
+- Fix zconf.h generation in CMakeLists.txt [Lowman]
+- Improve comments in zconf.h where modified by configure
+
+Changes in 1.2.3.8 (13 Feb 2010)
+- Clean up text files (tabs, trailing whitespace, etc.) [Oberhumer]
+- Use z_off64_t in gz_zero() and gz_skip() to match state->skip
+- Avoid comparison problem when sizeof(int) == sizeof(z_off64_t)
+- Revert to Makefile.in from 1.2.3.6 (live with the clutter)
+- Fix missing error return in gzflush(), add zlib.h note
+- Add *64 functions to zlib.map [Levin]
+- Fix signed/unsigned comparison in gz_comp()
+- Use SFLAGS when testing shared linking in configure
+- Add --64 option to ./configure to use -m64 with gcc
+- Fix ./configure --help to correctly name options
+- Have make fail if a test fails [Levin]
+- Avoid buffer overrun in contrib/masmx64/gvmat64.asm [Simpson]
+- Remove assembler object files from contrib
+
+Changes in 1.2.3.7 (24 Jan 2010)
+- Always gzopen() with O_LARGEFILE if available
+- Fix gzdirect() to work immediately after gzopen() or gzdopen()
+- Make gzdirect() more precise when the state changes while reading
+- Improve zlib.h documentation in many places
+- Catch memory allocation failure in gz_open()
+- Complete close operation if seek forward in gzclose_w() fails
+- Return Z_ERRNO from gzclose_r() if close() fails
+- Return Z_STREAM_ERROR instead of EOF for gzclose() being passed NULL
+- Return zero for gzwrite() errors to match zlib.h description
+- Return -1 on gzputs() error to match zlib.h description
+- Add zconf.in.h to allow recovery from configure modification [Weigelt]
+- Fix static library permissions in Makefile.in [Weigelt]
+- Avoid warnings in configure tests that hide functionality [Weigelt]
+- Add *BSD and DragonFly to Linux case in configure [gentoo 123571]
+- Change libzdll.a to libz.dll.a in win32/Makefile.gcc [gentoo 288212]
+- Avoid access of uninitialized data for first inflateReset2 call [Gomes]
+- Keep object files in subdirectories to reduce the clutter somewhat
+- Remove default Makefile and zlibdefs.h, add dummy Makefile
+- Add new external functions to Z_PREFIX, remove duplicates, z_z_ -> z_
+- Remove zlibdefs.h completely -- modify zconf.h instead
+
+Changes in 1.2.3.6 (17 Jan 2010)
+- Avoid void * arithmetic in gzread.c and gzwrite.c
+- Make compilers happier with const char * for gz_error message
+- Avoid unused parameter warning in inflate.c
+- Avoid signed-unsigned comparison warning in inflate.c
+- Indent #pragma's for traditional C
+- Fix usage of strwinerror() in glib.c, change to gz_strwinerror()
+- Correct email address in configure for system options
+- Update make_vms.com and add make_vms.com to contrib/minizip [Zinser]
+- Update zlib.map [Brown]
+- Fix Makefile.in for Solaris 10 make of example64 and minizip64 [Torok]
+- Apply various fixes to CMakeLists.txt [Lowman]
+- Add checks on len in gzread() and gzwrite()
+- Add error message for no more room for gzungetc()
+- Remove zlib version check in gzwrite()
+- Defer compression of gzprintf() result until need to
+- Use snprintf() in gzdopen() if available
+- Remove USE_MMAP configuration determination (only used by minigzip)
+- Remove examples/pigz.c (available separately)
+- Update examples/gun.c to 1.6
+
+Changes in 1.2.3.5 (8 Jan 2010)
+- Add space after #if in zutil.h for some compilers
+- Fix relatively harmless bug in deflate_fast() [Exarevsky]
+- Fix same problem in deflate_slow()
+- Add $(SHAREDLIBV) to LIBS in Makefile.in [Brown]
+- Add deflate_rle() for faster Z_RLE strategy run-length encoding
+- Add deflate_huff() for faster Z_HUFFMAN_ONLY encoding
+- Change name of "write" variable in inffast.c to avoid library collisions
+- Fix premature EOF from gzread() in gzio.c [Brown]
+- Use zlib header window size if windowBits is 0 in inflateInit2()
+- Remove compressBound() call in deflate.c to avoid linking compress.o
+- Replace use of errno in gz* with functions, support WinCE [Alves]
+- Provide alternative to perror() in minigzip.c for WinCE [Alves]
+- Don't use _vsnprintf on later versions of MSVC [Lowman]
+- Add CMake build script and input file [Lowman]
+- Update contrib/minizip to 1.1 [Svensson, Vollant]
+- Moved nintendods directory from contrib to .
+- Replace gzio.c with a new set of routines with the same functionality
+- Add gzbuffer(), gzoffset(), gzclose_r(), gzclose_w() as part of above
+- Update contrib/minizip to 1.1b
+- Change gzeof() to return 0 on error instead of -1 to agree with zlib.h
+
+Changes in 1.2.3.4 (21 Dec 2009)
+- Use old school .SUFFIXES in Makefile.in for FreeBSD compatibility
+- Update comments in configure and Makefile.in for default --shared
+- Fix test -z's in configure [Marquess]
+- Build examplesh and minigzipsh when not testing
+- Change NULL's to Z_NULL's in deflate.c and in comments in zlib.h
+- Import LDFLAGS from the environment in configure
+- Fix configure to populate SFLAGS with discovered CFLAGS options
+- Adapt make_vms.com to the new Makefile.in [Zinser]
+- Add zlib2ansi script for C++ compilation [Marquess]
+- Add _FILE_OFFSET_BITS=64 test to make test (when applicable)
+- Add AMD64 assembler code for longest match to contrib [Teterin]
+- Include options from $SFLAGS when doing $LDSHARED
+- Simplify 64-bit file support by introducing z_off64_t type
+- Make shared object files in objs directory to work around old Sun cc
+- Use only three-part version number for Darwin shared compiles
+- Add rc option to ar in Makefile.in for when ./configure not run
+- Add -WI,-rpath,. to LDFLAGS for OSF 1 V4*
+- Set LD_LIBRARYN32_PATH for SGI IRIX shared compile
+- Protect against _FILE_OFFSET_BITS being defined when compiling zlib
+- Rename Makefile.in targets allstatic to static and allshared to shared
+- Fix static and shared Makefile.in targets to be independent
+- Correct error return bug in gz_open() by setting state [Brown]
+- Put spaces before ;;'s in configure for better sh compatibility
+- Add pigz.c (parallel implementation of gzip) to examples/
+- Correct constant in crc32.c to UL [Leventhal]
+- Reject negative lengths in crc32_combine()
+- Add inflateReset2() function to work like inflateEnd()/inflateInit2()
+- Include sys/types.h for _LARGEFILE64_SOURCE [Brown]
+- Correct typo in doc/algorithm.txt [Janik]
+- Fix bug in adler32_combine() [Zhu]
+- Catch missing-end-of-block-code error in all inflates and in puff
+ Assures that random input to inflate eventually results in an error
+- Added enough.c (calculation of ENOUGH for inftrees.h) to examples/
+- Update ENOUGH and its usage to reflect discovered bounds
+- Fix gzerror() error report on empty input file [Brown]
+- Add ush casts in trees.c to avoid pedantic runtime errors
+- Fix typo in zlib.h uncompress() description [Reiss]
+- Correct inflate() comments with regard to automatic header detection
+- Remove deprecation comment on Z_PARTIAL_FLUSH (it stays)
+- Put new version of gzlog (2.0) in examples with interruption recovery
+- Add puff compile option to permit invalid distance-too-far streams
+- Add puff TEST command options, ability to read piped input
+- Prototype the *64 functions in zlib.h when _FILE_OFFSET_BITS == 64, but
+ _LARGEFILE64_SOURCE not defined
+- Fix Z_FULL_FLUSH to truly erase the past by resetting s->strstart
+- Fix deflateSetDictionary() to use all 32K for output consistency
+- Remove extraneous #define MIN_LOOKAHEAD in deflate.c (in deflate.h)
+- Clear bytes after deflate lookahead to avoid use of uninitialized data
+- Change a limit in inftrees.c to be more transparent to Coverity Prevent
+- Update win32/zlib.def with exported symbols from zlib.h
+- Correct spelling errors in zlib.h [Willem, Sobrado]
+- Allow Z_BLOCK for deflate() to force a new block
+- Allow negative bits in inflatePrime() to delete existing bit buffer
+- Add Z_TREES flush option to inflate() to return at end of trees
+- Add inflateMark() to return current state information for random access
+- Add Makefile for NintendoDS to contrib [Costa]
+- Add -w in configure compile tests to avoid spurious warnings [Beucler]
+- Fix typos in zlib.h comments for deflateSetDictionary()
+- Fix EOF detection in transparent gzread() [Maier]
+
+Changes in 1.2.3.3 (2 October 2006)
+- Make --shared the default for configure, add a --static option
+- Add compile option to permit invalid distance-too-far streams
+- Add inflateUndermine() function which is required to enable above
+- Remove use of "this" variable name for C++ compatibility [Marquess]
+- Add testing of shared library in make test, if shared library built
+- Use ftello() and fseeko() if available instead of ftell() and fseek()
+- Provide two versions of all functions that use the z_off_t type for
+ binary compatibility -- a normal version and a 64-bit offset version,
+ per the Large File Support Extension when _LARGEFILE64_SOURCE is
+ defined; use the 64-bit versions by default when _FILE_OFFSET_BITS
+ is defined to be 64
+- Add a --uname= option to configure to perhaps help with cross-compiling
+
+Changes in 1.2.3.2 (3 September 2006)
+- Turn off silly Borland warnings [Hay]
+- Use off64_t and define _LARGEFILE64_SOURCE when present
+- Fix missing dependency on inffixed.h in Makefile.in
+- Rig configure --shared to build both shared and static [Teredesai, Truta]
+- Remove zconf.in.h and instead create a new zlibdefs.h file
+- Fix contrib/minizip/unzip.c non-encrypted after encrypted [Vollant]
+- Add treebuild.xml (see http://treebuild.metux.de/) [Weigelt]
+
+Changes in 1.2.3.1 (16 August 2006)
+- Add watcom directory with OpenWatcom make files [Daniel]
+- Remove #undef of FAR in zconf.in.h for MVS [Fedtke]
+- Update make_vms.com [Zinser]
+- Use -fPIC for shared build in configure [Teredesai, Nicholson]
+- Use only major version number for libz.so on IRIX and OSF1 [Reinholdtsen]
+- Use fdopen() (not _fdopen()) for Interix in zutil.h [B\8ack]
+- Add some FAQ entries about the contrib directory
+- Update the MVS question in the FAQ
+- Avoid extraneous reads after EOF in gzio.c [Brown]
+- Correct spelling of "successfully" in gzio.c [Randers-Pehrson]
+- Add comments to zlib.h about gzerror() usage [Brown]
+- Set extra flags in gzip header in gzopen() like deflate() does
+- Make configure options more compatible with double-dash conventions
+ [Weigelt]
+- Clean up compilation under Solaris SunStudio cc [Rowe, Reinholdtsen]
+- Fix uninstall target in Makefile.in [Truta]
+- Add pkgconfig support [Weigelt]
+- Use $(DESTDIR) macro in Makefile.in [Reinholdtsen, Weigelt]
+- Replace set_data_type() with a more accurate detect_data_type() in
+ trees.c, according to the txtvsbin.txt document [Truta]
+- Swap the order of #include <stdio.h> and #include "zlib.h" in
+ gzio.c, example.c and minigzip.c [Truta]
+- Shut up annoying VS2005 warnings about standard C deprecation [Rowe,
+ Truta] (where?)
+- Fix target "clean" from win32/Makefile.bor [Truta]
+- Create .pdb and .manifest files in win32/makefile.msc [Ziegler, Rowe]
+- Update zlib www home address in win32/DLL_FAQ.txt [Truta]
+- Update contrib/masmx86/inffas32.asm for VS2005 [Vollant, Van Wassenhove]
+- Enable browse info in the "Debug" and "ASM Debug" configurations in
+ the Visual C++ 6 project, and set (non-ASM) "Debug" as default [Truta]
+- Add pkgconfig support [Weigelt]
+- Add ZLIB_VER_MAJOR, ZLIB_VER_MINOR and ZLIB_VER_REVISION in zlib.h,
+ for use in win32/zlib1.rc [Polushin, Rowe, Truta]
+- Add a document that explains the new text detection scheme to
+ doc/txtvsbin.txt [Truta]
+- Add rfc1950.txt, rfc1951.txt and rfc1952.txt to doc/ [Truta]
+- Move algorithm.txt into doc/ [Truta]
+- Synchronize FAQ with website
+- Fix compressBound(), was low for some pathological cases [Fearnley]
+- Take into account wrapper variations in deflateBound()
+- Set examples/zpipe.c input and output to binary mode for Windows
+- Update examples/zlib_how.html with new zpipe.c (also web site)
+- Fix some warnings in examples/gzlog.c and examples/zran.c (it seems
+ that gcc became pickier in 4.0)
+- Add zlib.map for Linux: "All symbols from zlib-1.1.4 remain
+ un-versioned, the patch adds versioning only for symbols introduced in
+ zlib-1.2.0 or later. It also declares as local those symbols which are
+ not designed to be exported." [Levin]
+- Update Z_PREFIX list in zconf.in.h, add --zprefix option to configure
+- Do not initialize global static by default in trees.c, add a response
+ NO_INIT_GLOBAL_POINTERS to initialize them if needed [Marquess]
+- Don't use strerror() in gzio.c under WinCE [Yakimov]
+- Don't use errno.h in zutil.h under WinCE [Yakimov]
+- Move arguments for AR to its usage to allow replacing ar [Marot]
+- Add HAVE_VISIBILITY_PRAGMA in zconf.in.h for Mozilla [Randers-Pehrson]
+- Improve inflateInit() and inflateInit2() documentation
+- Fix structure size comment in inflate.h
+- Change configure help option from --h* to --help [Santos]
+
+Changes in 1.2.3 (18 July 2005)
+- Apply security vulnerability fixes to contrib/infback9 as well
+- Clean up some text files (carriage returns, trailing space)
+- Update testzlib, vstudio, masmx64, and masmx86 in contrib [Vollant]
+
+Changes in 1.2.2.4 (11 July 2005)
+- Add inflatePrime() function for starting inflation at bit boundary
+- Avoid some Visual C warnings in deflate.c
+- Avoid more silly Visual C warnings in inflate.c and inftrees.c for 64-bit
+ compile
+- Fix some spelling errors in comments [Betts]
+- Correct inflateInit2() error return documentation in zlib.h
+- Add zran.c example of compressed data random access to examples
+ directory, shows use of inflatePrime()
+- Fix cast for assignments to strm->state in inflate.c and infback.c
+- Fix zlibCompileFlags() in zutil.c to use 1L for long shifts [Oberhumer]
+- Move declarations of gf2 functions to right place in crc32.c [Oberhumer]
+- Add cast in trees.c t avoid a warning [Oberhumer]
+- Avoid some warnings in fitblk.c, gun.c, gzjoin.c in examples [Oberhumer]
+- Update make_vms.com [Zinser]
+- Initialize state->write in inflateReset() since copied in inflate_fast()
+- Be more strict on incomplete code sets in inflate_table() and increase
+ ENOUGH and MAXD -- this repairs a possible security vulnerability for
+ invalid inflate input. Thanks to Tavis Ormandy and Markus Oberhumer for
+ discovering the vulnerability and providing test cases.
+- Add ia64 support to configure for HP-UX [Smith]
+- Add error return to gzread() for format or i/o error [Levin]
+- Use malloc.h for OS/2 [Necasek]
+
+Changes in 1.2.2.3 (27 May 2005)
+- Replace 1U constants in inflate.c and inftrees.c for 64-bit compile
+- Typecast fread() return values in gzio.c [Vollant]
+- Remove trailing space in minigzip.c outmode (VC++ can't deal with it)
+- Fix crc check bug in gzread() after gzungetc() [Heiner]
+- Add the deflateTune() function to adjust internal compression parameters
+- Add a fast gzip decompressor, gun.c, to examples (use of inflateBack)
+- Remove an incorrect assertion in examples/zpipe.c
+- Add C++ wrapper in infback9.h [Donais]
+- Fix bug in inflateCopy() when decoding fixed codes
+- Note in zlib.h how much deflateSetDictionary() actually uses
+- Remove USE_DICT_HEAD in deflate.c (would mess up inflate if used)
+- Add _WIN32_WCE to define WIN32 in zconf.in.h [Spencer]
+- Don't include stderr.h or errno.h for _WIN32_WCE in zutil.h [Spencer]
+- Add gzdirect() function to indicate transparent reads
+- Update contrib/minizip [Vollant]
+- Fix compilation of deflate.c when both ASMV and FASTEST [Oberhumer]
+- Add casts in crc32.c to avoid warnings [Oberhumer]
+- Add contrib/masmx64 [Vollant]
+- Update contrib/asm586, asm686, masmx86, testzlib, vstudio [Vollant]
+
+Changes in 1.2.2.2 (30 December 2004)
+- Replace structure assignments in deflate.c and inflate.c with zmemcpy to
+ avoid implicit memcpy calls (portability for no-library compilation)
+- Increase sprintf() buffer size in gzdopen() to allow for large numbers
+- Add INFLATE_STRICT to check distances against zlib header
+- Improve WinCE errno handling and comments [Chang]
+- Remove comment about no gzip header processing in FAQ
+- Add Z_FIXED strategy option to deflateInit2() to force fixed trees
+- Add updated make_vms.com [Coghlan], update README
+- Create a new "examples" directory, move gzappend.c there, add zpipe.c,
+ fitblk.c, gzlog.[ch], gzjoin.c, and zlib_how.html.
+- Add FAQ entry and comments in deflate.c on uninitialized memory access
+- Add Solaris 9 make options in configure [Gilbert]
+- Allow strerror() usage in gzio.c for STDC
+- Fix DecompressBuf in contrib/delphi/ZLib.pas [ManChesTer]
+- Update contrib/masmx86/inffas32.asm and gvmat32.asm [Vollant]
+- Use z_off_t for adler32_combine() and crc32_combine() lengths
+- Make adler32() much faster for small len
+- Use OS_CODE in deflate() default gzip header
+
+Changes in 1.2.2.1 (31 October 2004)
+- Allow inflateSetDictionary() call for raw inflate
+- Fix inflate header crc check bug for file names and comments
+- Add deflateSetHeader() and gz_header structure for custom gzip headers
+- Add inflateGetheader() to retrieve gzip headers
+- Add crc32_combine() and adler32_combine() functions
+- Add alloc_func, free_func, in_func, out_func to Z_PREFIX list
+- Use zstreamp consistently in zlib.h (inflate_back functions)
+- Remove GUNZIP condition from definition of inflate_mode in inflate.h
+ and in contrib/inflate86/inffast.S [Truta, Anderson]
+- Add support for AMD64 in contrib/inflate86/inffas86.c [Anderson]
+- Update projects/README.projects and projects/visualc6 [Truta]
+- Update win32/DLL_FAQ.txt [Truta]
+- Avoid warning under NO_GZCOMPRESS in gzio.c; fix typo [Truta]
+- Deprecate Z_ASCII; use Z_TEXT instead [Truta]
+- Use a new algorithm for setting strm->data_type in trees.c [Truta]
+- Do not define an exit() prototype in zutil.c unless DEBUG defined
+- Remove prototype of exit() from zutil.c, example.c, minigzip.c [Truta]
+- Add comment in zlib.h for Z_NO_FLUSH parameter to deflate()
+- Fix Darwin build version identification [Peterson]
+
+Changes in 1.2.2 (3 October 2004)
+- Update zlib.h comments on gzip in-memory processing
+- Set adler to 1 in inflateReset() to support Java test suite [Walles]
+- Add contrib/dotzlib [Ravn]
+- Update win32/DLL_FAQ.txt [Truta]
+- Update contrib/minizip [Vollant]
+- Move contrib/visual-basic.txt to old/ [Truta]
+- Fix assembler builds in projects/visualc6/ [Truta]
+
+Changes in 1.2.1.2 (9 September 2004)
+- Update INDEX file
+- Fix trees.c to update strm->data_type (no one ever noticed!)
+- Fix bug in error case in inflate.c, infback.c, and infback9.c [Brown]
+- Add "volatile" to crc table flag declaration (for DYNAMIC_CRC_TABLE)
+- Add limited multitasking protection to DYNAMIC_CRC_TABLE
+- Add NO_vsnprintf for VMS in zutil.h [Mozilla]
+- Don't declare strerror() under VMS [Mozilla]
+- Add comment to DYNAMIC_CRC_TABLE to use get_crc_table() to initialize
+- Update contrib/ada [Anisimkov]
+- Update contrib/minizip [Vollant]
+- Fix configure to not hardcode directories for Darwin [Peterson]
+- Fix gzio.c to not return error on empty files [Brown]
+- Fix indentation; update version in contrib/delphi/ZLib.pas and
+ contrib/pascal/zlibpas.pas [Truta]
+- Update mkasm.bat in contrib/masmx86 [Truta]
+- Update contrib/untgz [Truta]
+- Add projects/README.projects [Truta]
+- Add project for MS Visual C++ 6.0 in projects/visualc6 [Cadieux, Truta]
+- Update win32/DLL_FAQ.txt [Truta]
+- Update list of Z_PREFIX symbols in zconf.h [Randers-Pehrson, Truta]
+- Remove an unnecessary assignment to curr in inftrees.c [Truta]
+- Add OS/2 to exe builds in configure [Poltorak]
+- Remove err dummy parameter in zlib.h [Kientzle]
+
+Changes in 1.2.1.1 (9 January 2004)
+- Update email address in README
+- Several FAQ updates
+- Fix a big fat bug in inftrees.c that prevented decoding valid
+ dynamic blocks with only literals and no distance codes --
+ Thanks to "Hot Emu" for the bug report and sample file
+- Add a note to puff.c on no distance codes case.
+
+Changes in 1.2.1 (17 November 2003)
+- Remove a tab in contrib/gzappend/gzappend.c
+- Update some interfaces in contrib for new zlib functions
+- Update zlib version number in some contrib entries
+- Add Windows CE definition for ptrdiff_t in zutil.h [Mai, Truta]
+- Support shared libraries on Hurd and KFreeBSD [Brown]
+- Fix error in NO_DIVIDE option of adler32.c
+
+Changes in 1.2.0.8 (4 November 2003)
+- Update version in contrib/delphi/ZLib.pas and contrib/pascal/zlibpas.pas
+- Add experimental NO_DIVIDE #define in adler32.c
+ - Possibly faster on some processors (let me know if it is)
+- Correct Z_BLOCK to not return on first inflate call if no wrap
+- Fix strm->data_type on inflate() return to correctly indicate EOB
+- Add deflatePrime() function for appending in the middle of a byte
+- Add contrib/gzappend for an example of appending to a stream
+- Update win32/DLL_FAQ.txt [Truta]
+- Delete Turbo C comment in README [Truta]
+- Improve some indentation in zconf.h [Truta]
+- Fix infinite loop on bad input in configure script [Church]
+- Fix gzeof() for concatenated gzip files [Johnson]
+- Add example to contrib/visual-basic.txt [Michael B.]
+- Add -p to mkdir's in Makefile.in [vda]
+- Fix configure to properly detect presence or lack of printf functions
+- Add AS400 support [Monnerat]
+- Add a little Cygwin support [Wilson]
+
+Changes in 1.2.0.7 (21 September 2003)
+- Correct some debug formats in contrib/infback9
+- Cast a type in a debug statement in trees.c
+- Change search and replace delimiter in configure from % to # [Beebe]
+- Update contrib/untgz to 0.2 with various fixes [Truta]
+- Add build support for Amiga [Nikl]
+- Remove some directories in old that have been updated to 1.2
+- Add dylib building for Mac OS X in configure and Makefile.in
+- Remove old distribution stuff from Makefile
+- Update README to point to DLL_FAQ.txt, and add comment on Mac OS X
+- Update links in README
+
+Changes in 1.2.0.6 (13 September 2003)
+- Minor FAQ updates
+- Update contrib/minizip to 1.00 [Vollant]
+- Remove test of gz functions in example.c when GZ_COMPRESS defined [Truta]
+- Update POSTINC comment for 68060 [Nikl]
+- Add contrib/infback9 with deflate64 decoding (unsupported)
+- For MVS define NO_vsnprintf and undefine FAR [van Burik]
+- Add pragma for fdopen on MVS [van Burik]
+
+Changes in 1.2.0.5 (8 September 2003)
+- Add OF to inflateBackEnd() declaration in zlib.h
+- Remember start when using gzdopen in the middle of a file
+- Use internal off_t counters in gz* functions to properly handle seeks
+- Perform more rigorous check for distance-too-far in inffast.c
+- Add Z_BLOCK flush option to return from inflate at block boundary
+- Set strm->data_type on return from inflate
+ - Indicate bits unused, if at block boundary, and if in last block
+- Replace size_t with ptrdiff_t in crc32.c, and check for correct size
+- Add condition so old NO_DEFLATE define still works for compatibility
+- FAQ update regarding the Windows DLL [Truta]
+- INDEX update: add qnx entry, remove aix entry [Truta]
+- Install zlib.3 into mandir [Wilson]
+- Move contrib/zlib_dll_FAQ.txt to win32/DLL_FAQ.txt; update [Truta]
+- Adapt the zlib interface to the new DLL convention guidelines [Truta]
+- Introduce ZLIB_WINAPI macro to allow the export of functions using
+ the WINAPI calling convention, for Visual Basic [Vollant, Truta]
+- Update msdos and win32 scripts and makefiles [Truta]
+- Export symbols by name, not by ordinal, in win32/zlib.def [Truta]
+- Add contrib/ada [Anisimkov]
+- Move asm files from contrib/vstudio/vc70_32 to contrib/asm386 [Truta]
+- Rename contrib/asm386 to contrib/masmx86 [Truta, Vollant]
+- Add contrib/masm686 [Truta]
+- Fix offsets in contrib/inflate86 and contrib/masmx86/inffas32.asm
+ [Truta, Vollant]
+- Update contrib/delphi; rename to contrib/pascal; add example [Truta]
+- Remove contrib/delphi2; add a new contrib/delphi [Truta]
+- Avoid inclusion of the nonstandard <memory.h> in contrib/iostream,
+ and fix some method prototypes [Truta]
+- Fix the ZCR_SEED2 constant to avoid warnings in contrib/minizip
+ [Truta]
+- Avoid the use of backslash (\) in contrib/minizip [Vollant]
+- Fix file time handling in contrib/untgz; update makefiles [Truta]
+- Update contrib/vstudio/vc70_32 to comply with the new DLL guidelines
+ [Vollant]
+- Remove contrib/vstudio/vc15_16 [Vollant]
+- Rename contrib/vstudio/vc70_32 to contrib/vstudio/vc7 [Truta]
+- Update README.contrib [Truta]
+- Invert the assignment order of match_head and s->prev[...] in
+ INSERT_STRING [Truta]
+- Compare TOO_FAR with 32767 instead of 32768, to avoid 16-bit warnings
+ [Truta]
+- Compare function pointers with 0, not with NULL or Z_NULL [Truta]
+- Fix prototype of syncsearch in inflate.c [Truta]
+- Introduce ASMINF macro to be enabled when using an ASM implementation
+ of inflate_fast [Truta]
+- Change NO_DEFLATE to NO_GZCOMPRESS [Truta]
+- Modify test_gzio in example.c to take a single file name as a
+ parameter [Truta]
+- Exit the example.c program if gzopen fails [Truta]
+- Add type casts around strlen in example.c [Truta]
+- Remove casting to sizeof in minigzip.c; give a proper type
+ to the variable compared with SUFFIX_LEN [Truta]
+- Update definitions of STDC and STDC99 in zconf.h [Truta]
+- Synchronize zconf.h with the new Windows DLL interface [Truta]
+- Use SYS16BIT instead of __32BIT__ to distinguish between
+ 16- and 32-bit platforms [Truta]
+- Use far memory allocators in small 16-bit memory models for
+ Turbo C [Truta]
+- Add info about the use of ASMV, ASMINF and ZLIB_WINAPI in
+ zlibCompileFlags [Truta]
+- Cygwin has vsnprintf [Wilson]
+- In Windows16, OS_CODE is 0, as in MSDOS [Truta]
+- In Cygwin, OS_CODE is 3 (Unix), not 11 (Windows32) [Wilson]
+
+Changes in 1.2.0.4 (10 August 2003)
+- Minor FAQ updates
+- Be more strict when checking inflateInit2's windowBits parameter
+- Change NO_GUNZIP compile option to NO_GZIP to cover deflate as well
+- Add gzip wrapper option to deflateInit2 using windowBits
+- Add updated QNX rule in configure and qnx directory [Bonnefoy]
+- Make inflate distance-too-far checks more rigorous
+- Clean up FAR usage in inflate
+- Add casting to sizeof() in gzio.c and minigzip.c
+
+Changes in 1.2.0.3 (19 July 2003)
+- Fix silly error in gzungetc() implementation [Vollant]
+- Update contrib/minizip and contrib/vstudio [Vollant]
+- Fix printf format in example.c
+- Correct cdecl support in zconf.in.h [Anisimkov]
+- Minor FAQ updates
+
+Changes in 1.2.0.2 (13 July 2003)
+- Add ZLIB_VERNUM in zlib.h for numerical preprocessor comparisons
+- Attempt to avoid warnings in crc32.c for pointer-int conversion
+- Add AIX to configure, remove aix directory [Bakker]
+- Add some casts to minigzip.c
+- Improve checking after insecure sprintf() or vsprintf() calls
+- Remove #elif's from crc32.c
+- Change leave label to inf_leave in inflate.c and infback.c to avoid
+ library conflicts
+- Remove inflate gzip decoding by default--only enable gzip decoding by
+ special request for stricter backward compatibility
+- Add zlibCompileFlags() function to return compilation information
+- More typecasting in deflate.c to avoid warnings
+- Remove leading underscore from _Capital #defines [Truta]
+- Fix configure to link shared library when testing
+- Add some Windows CE target adjustments [Mai]
+- Remove #define ZLIB_DLL in zconf.h [Vollant]
+- Add zlib.3 [Rodgers]
+- Update RFC URL in deflate.c and algorithm.txt [Mai]
+- Add zlib_dll_FAQ.txt to contrib [Truta]
+- Add UL to some constants [Truta]
+- Update minizip and vstudio [Vollant]
+- Remove vestigial NEED_DUMMY_RETURN from zconf.in.h
+- Expand use of NO_DUMMY_DECL to avoid all dummy structures
+- Added iostream3 to contrib [Schwardt]
+- Replace rewind() with fseek() for WinCE [Truta]
+- Improve setting of zlib format compression level flags
+ - Report 0 for huffman and rle strategies and for level == 0 or 1
+ - Report 2 only for level == 6
+- Only deal with 64K limit when necessary at compile time [Truta]
+- Allow TOO_FAR check to be turned off at compile time [Truta]
+- Add gzclearerr() function [Souza]
+- Add gzungetc() function
+
+Changes in 1.2.0.1 (17 March 2003)
+- Add Z_RLE strategy for run-length encoding [Truta]
+ - When Z_RLE requested, restrict matches to distance one
+ - Update zlib.h, minigzip.c, gzopen(), gzdopen() for Z_RLE
+- Correct FASTEST compilation to allow level == 0
+- Clean up what gets compiled for FASTEST
+- Incorporate changes to zconf.in.h [Vollant]
+ - Refine detection of Turbo C need for dummy returns
+ - Refine ZLIB_DLL compilation
+ - Include additional header file on VMS for off_t typedef
+- Try to use _vsnprintf where it supplants vsprintf [Vollant]
+- Add some casts in inffast.c
+- Enchance comments in zlib.h on what happens if gzprintf() tries to
+ write more than 4095 bytes before compression
+- Remove unused state from inflateBackEnd()
+- Remove exit(0) from minigzip.c, example.c
+- Get rid of all those darn tabs
+- Add "check" target to Makefile.in that does the same thing as "test"
+- Add "mostlyclean" and "maintainer-clean" targets to Makefile.in
+- Update contrib/inflate86 [Anderson]
+- Update contrib/testzlib, contrib/vstudio, contrib/minizip [Vollant]
+- Add msdos and win32 directories with makefiles [Truta]
+- More additions and improvements to the FAQ
+
+Changes in 1.2.0 (9 March 2003)
+- New and improved inflate code
+ - About 20% faster
+ - Does not allocate 32K window unless and until needed
+ - Automatically detects and decompresses gzip streams
+ - Raw inflate no longer needs an extra dummy byte at end
+ - Added inflateBack functions using a callback interface--even faster
+ than inflate, useful for file utilities (gzip, zip)
+ - Added inflateCopy() function to record state for random access on
+ externally generated deflate streams (e.g. in gzip files)
+ - More readable code (I hope)
+- New and improved crc32()
+ - About 50% faster, thanks to suggestions from Rodney Brown
+- Add deflateBound() and compressBound() functions
+- Fix memory leak in deflateInit2()
+- Permit setting dictionary for raw deflate (for parallel deflate)
+- Fix const declaration for gzwrite()
+- Check for some malloc() failures in gzio.c
+- Fix bug in gzopen() on single-byte file 0x1f
+- Fix bug in gzread() on concatenated file with 0x1f at end of buffer
+ and next buffer doesn't start with 0x8b
+- Fix uncompress() to return Z_DATA_ERROR on truncated input
+- Free memory at end of example.c
+- Remove MAX #define in trees.c (conflicted with some libraries)
+- Fix static const's in deflate.c, gzio.c, and zutil.[ch]
+- Declare malloc() and free() in gzio.c if STDC not defined
+- Use malloc() instead of calloc() in zutil.c if int big enough
+- Define STDC for AIX
+- Add aix/ with approach for compiling shared library on AIX
+- Add HP-UX support for shared libraries in configure
+- Add OpenUNIX support for shared libraries in configure
+- Use $cc instead of gcc to build shared library
+- Make prefix directory if needed when installing
+- Correct Macintosh avoidance of typedef Byte in zconf.h
+- Correct Turbo C memory allocation when under Linux
+- Use libz.a instead of -lz in Makefile (assure use of compiled library)
+- Update configure to check for snprintf or vsnprintf functions and their
+ return value, warn during make if using an insecure function
+- Fix configure problem with compile-time knowledge of HAVE_UNISTD_H that
+ is lost when library is used--resolution is to build new zconf.h
+- Documentation improvements (in zlib.h):
+ - Document raw deflate and inflate
+ - Update RFCs URL
+ - Point out that zlib and gzip formats are different
+ - Note that Z_BUF_ERROR is not fatal
+ - Document string limit for gzprintf() and possible buffer overflow
+ - Note requirement on avail_out when flushing
+ - Note permitted values of flush parameter of inflate()
+- Add some FAQs (and even answers) to the FAQ
+- Add contrib/inflate86/ for x86 faster inflate
+- Add contrib/blast/ for PKWare Data Compression Library decompression
+- Add contrib/puff/ simple inflate for deflate format description
+
+Changes in 1.1.4 (11 March 2002)
+- ZFREE was repeated on same allocation on some error conditions.
+ This creates a security problem described in
+ http://www.zlib.org/advisory-2002-03-11.txt
+- Returned incorrect error (Z_MEM_ERROR) on some invalid data
+- Avoid accesses before window for invalid distances with inflate window
+ less than 32K.
+- force windowBits > 8 to avoid a bug in the encoder for a window size
+ of 256 bytes. (A complete fix will be available in 1.1.5).
+
+Changes in 1.1.3 (9 July 1998)
+- fix "an inflate input buffer bug that shows up on rare but persistent
+ occasions" (Mark)
+- fix gzread and gztell for concatenated .gz files (Didier Le Botlan)
+- fix gzseek(..., SEEK_SET) in write mode
+- fix crc check after a gzeek (Frank Faubert)
+- fix miniunzip when the last entry in a zip file is itself a zip file
+ (J Lillge)
+- add contrib/asm586 and contrib/asm686 (Brian Raiter)
+ See http://www.muppetlabs.com/~breadbox/software/assembly.html
+- add support for Delphi 3 in contrib/delphi (Bob Dellaca)
+- add support for C++Builder 3 and Delphi 3 in contrib/delphi2 (Davide Moretti)
+- do not exit prematurely in untgz if 0 at start of block (Magnus Holmgren)
+- use macro EXTERN instead of extern to support DLL for BeOS (Sander Stoks)
+- added a FAQ file
+
+- Support gzdopen on Mac with Metrowerks (Jason Linhart)
+- Do not redefine Byte on Mac (Brad Pettit & Jason Linhart)
+- define SEEK_END too if SEEK_SET is not defined (Albert Chin-A-Young)
+- avoid some warnings with Borland C (Tom Tanner)
+- fix a problem in contrib/minizip/zip.c for 16-bit MSDOS (Gilles Vollant)
+- emulate utime() for WIN32 in contrib/untgz (Gilles Vollant)
+- allow several arguments to configure (Tim Mooney, Frodo Looijaard)
+- use libdir and includedir in Makefile.in (Tim Mooney)
+- support shared libraries on OSF1 V4 (Tim Mooney)
+- remove so_locations in "make clean" (Tim Mooney)
+- fix maketree.c compilation error (Glenn, Mark)
+- Python interface to zlib now in Python 1.5 (Jeremy Hylton)
+- new Makefile.riscos (Rich Walker)
+- initialize static descriptors in trees.c for embedded targets (Nick Smith)
+- use "foo-gz" in example.c for RISCOS and VMS (Nick Smith)
+- add the OS/2 files in Makefile.in too (Andrew Zabolotny)
+- fix fdopen and halloc macros for Microsoft C 6.0 (Tom Lane)
+- fix maketree.c to allow clean compilation of inffixed.h (Mark)
+- fix parameter check in deflateCopy (Gunther Nikl)
+- cleanup trees.c, use compressed_len only in debug mode (Christian Spieler)
+- Many portability patches by Christian Spieler:
+ . zutil.c, zutil.h: added "const" for zmem*
+ . Make_vms.com: fixed some typos
+ . Make_vms.com: msdos/Makefile.*: removed zutil.h from some dependency lists
+ . msdos/Makefile.msc: remove "default rtl link library" info from obj files
+ . msdos/Makefile.*: use model-dependent name for the built zlib library
+ . msdos/Makefile.emx, nt/Makefile.emx, nt/Makefile.gcc:
+ new makefiles, for emx (DOS/OS2), emx&rsxnt and mingw32 (Windows 9x / NT)
+- use define instead of typedef for Bytef also for MSC small/medium (Tom Lane)
+- replace __far with _far for better portability (Christian Spieler, Tom Lane)
+- fix test for errno.h in configure (Tim Newsham)
+
+Changes in 1.1.2 (19 March 98)
+- added contrib/minzip, mini zip and unzip based on zlib (Gilles Vollant)
+ See http://www.winimage.com/zLibDll/unzip.html
+- preinitialize the inflate tables for fixed codes, to make the code
+ completely thread safe (Mark)
+- some simplifications and slight speed-up to the inflate code (Mark)
+- fix gzeof on non-compressed files (Allan Schrum)
+- add -std1 option in configure for OSF1 to fix gzprintf (Martin Mokrejs)
+- use default value of 4K for Z_BUFSIZE for 16-bit MSDOS (Tim Wegner + Glenn)
+- added os2/Makefile.def and os2/zlib.def (Andrew Zabolotny)
+- add shared lib support for UNIX_SV4.2MP (MATSUURA Takanori)
+- do not wrap extern "C" around system includes (Tom Lane)
+- mention zlib binding for TCL in README (Andreas Kupries)
+- added amiga/Makefile.pup for Amiga powerUP SAS/C PPC (Andreas Kleinert)
+- allow "make install prefix=..." even after configure (Glenn Randers-Pehrson)
+- allow "configure --prefix $HOME" (Tim Mooney)
+- remove warnings in example.c and gzio.c (Glenn Randers-Pehrson)
+- move Makefile.sas to amiga/Makefile.sas
+
+Changes in 1.1.1 (27 Feb 98)
+- fix macros _tr_tally_* in deflate.h for debug mode (Glenn Randers-Pehrson)
+- remove block truncation heuristic which had very marginal effect for zlib
+ (smaller lit_bufsize than in gzip 1.2.4) and degraded a little the
+ compression ratio on some files. This also allows inlining _tr_tally for
+ matches in deflate_slow.
+- added msdos/Makefile.w32 for WIN32 Microsoft Visual C++ (Bob Frazier)
+
+Changes in 1.1.0 (24 Feb 98)
+- do not return STREAM_END prematurely in inflate (John Bowler)
+- revert to the zlib 1.0.8 inflate to avoid the gcc 2.8.0 bug (Jeremy Buhler)
+- compile with -DFASTEST to get compression code optimized for speed only
+- in minigzip, try mmap'ing the input file first (Miguel Albrecht)
+- increase size of I/O buffers in minigzip.c and gzio.c (not a big gain
+ on Sun but significant on HP)
+
+- add a pointer to experimental unzip library in README (Gilles Vollant)
+- initialize variable gcc in configure (Chris Herborth)
+
+Changes in 1.0.9 (17 Feb 1998)
+- added gzputs and gzgets functions
+- do not clear eof flag in gzseek (Mark Diekhans)
+- fix gzseek for files in transparent mode (Mark Diekhans)
+- do not assume that vsprintf returns the number of bytes written (Jens Krinke)
+- replace EXPORT with ZEXPORT to avoid conflict with other programs
+- added compress2 in zconf.h, zlib.def, zlib.dnt
+- new asm code from Gilles Vollant in contrib/asm386
+- simplify the inflate code (Mark):
+ . Replace ZALLOC's in huft_build() with single ZALLOC in inflate_blocks_new()
+ . ZALLOC the length list in inflate_trees_fixed() instead of using stack
+ . ZALLOC the value area for huft_build() instead of using stack
+ . Simplify Z_FINISH check in inflate()
+
+- Avoid gcc 2.8.0 comparison bug a little differently than zlib 1.0.8
+- in inftrees.c, avoid cc -O bug on HP (Farshid Elahi)
+- in zconf.h move the ZLIB_DLL stuff earlier to avoid problems with
+ the declaration of FAR (Gilles VOllant)
+- install libz.so* with mode 755 (executable) instead of 644 (Marc Lehmann)
+- read_buf buf parameter of type Bytef* instead of charf*
+- zmemcpy parameters are of type Bytef*, not charf* (Joseph Strout)
+- do not redeclare unlink in minigzip.c for WIN32 (John Bowler)
+- fix check for presence of directories in "make install" (Ian Willis)
+
+Changes in 1.0.8 (27 Jan 1998)
+- fixed offsets in contrib/asm386/gvmat32.asm (Gilles Vollant)
+- fix gzgetc and gzputc for big endian systems (Markus Oberhumer)
+- added compress2() to allow setting the compression level
+- include sys/types.h to get off_t on some systems (Marc Lehmann & QingLong)
+- use constant arrays for the static trees in trees.c instead of computing
+ them at run time (thanks to Ken Raeburn for this suggestion). To create
+ trees.h, compile with GEN_TREES_H and run "make test".
+- check return code of example in "make test" and display result
+- pass minigzip command line options to file_compress
+- simplifying code of inflateSync to avoid gcc 2.8 bug
+
+- support CC="gcc -Wall" in configure -s (QingLong)
+- avoid a flush caused by ftell in gzopen for write mode (Ken Raeburn)
+- fix test for shared library support to avoid compiler warnings
+- zlib.lib -> zlib.dll in msdos/zlib.rc (Gilles Vollant)
+- check for TARGET_OS_MAC in addition to MACOS (Brad Pettit)
+- do not use fdopen for Metrowerks on Mac (Brad Pettit))
+- add checks for gzputc and gzputc in example.c
+- avoid warnings in gzio.c and deflate.c (Andreas Kleinert)
+- use const for the CRC table (Ken Raeburn)
+- fixed "make uninstall" for shared libraries
+- use Tracev instead of Trace in infblock.c
+- in example.c use correct compressed length for test_sync
+- suppress +vnocompatwarnings in configure for HPUX (not always supported)
+
+Changes in 1.0.7 (20 Jan 1998)
+- fix gzseek which was broken in write mode
+- return error for gzseek to negative absolute position
+- fix configure for Linux (Chun-Chung Chen)
+- increase stack space for MSC (Tim Wegner)
+- get_crc_table and inflateSyncPoint are EXPORTed (Gilles Vollant)
+- define EXPORTVA for gzprintf (Gilles Vollant)
+- added man page zlib.3 (Rick Rodgers)
+- for contrib/untgz, fix makedir() and improve Makefile
+
+- check gzseek in write mode in example.c
+- allocate extra buffer for seeks only if gzseek is actually called
+- avoid signed/unsigned comparisons (Tim Wegner, Gilles Vollant)
+- add inflateSyncPoint in zconf.h
+- fix list of exported functions in nt/zlib.dnt and mdsos/zlib.def
+
+Changes in 1.0.6 (19 Jan 1998)
+- add functions gzprintf, gzputc, gzgetc, gztell, gzeof, gzseek, gzrewind and
+ gzsetparams (thanks to Roland Giersig and Kevin Ruland for some of this code)
+- Fix a deflate bug occurring only with compression level 0 (thanks to
+ Andy Buckler for finding this one).
+- In minigzip, pass transparently also the first byte for .Z files.
+- return Z_BUF_ERROR instead of Z_OK if output buffer full in uncompress()
+- check Z_FINISH in inflate (thanks to Marc Schluper)
+- Implement deflateCopy (thanks to Adam Costello)
+- make static libraries by default in configure, add --shared option.
+- move MSDOS or Windows specific files to directory msdos
+- suppress the notion of partial flush to simplify the interface
+ (but the symbol Z_PARTIAL_FLUSH is kept for compatibility with 1.0.4)
+- suppress history buffer provided by application to simplify the interface
+ (this feature was not implemented anyway in 1.0.4)
+- next_in and avail_in must be initialized before calling inflateInit or
+ inflateInit2
+- add EXPORT in all exported functions (for Windows DLL)
+- added Makefile.nt (thanks to Stephen Williams)
+- added the unsupported "contrib" directory:
+ contrib/asm386/ by Gilles Vollant <info@winimage.com>
+ 386 asm code replacing longest_match().
+ contrib/iostream/ by Kevin Ruland <kevin@rodin.wustl.edu>
+ A C++ I/O streams interface to the zlib gz* functions
+ contrib/iostream2/ by Tyge Løvset <Tyge.Lovset@cmr.no>
+ Another C++ I/O streams interface
+ contrib/untgz/ by "Pedro A. Aranda Guti\irrez" <paag@tid.es>
+ A very simple tar.gz file extractor using zlib
+ contrib/visual-basic.txt by Carlos Rios <c_rios@sonda.cl>
+ How to use compress(), uncompress() and the gz* functions from VB.
+- pass params -f (filtered data), -h (huffman only), -1 to -9 (compression
+ level) in minigzip (thanks to Tom Lane)
+
+- use const for rommable constants in deflate
+- added test for gzseek and gztell in example.c
+- add undocumented function inflateSyncPoint() (hack for Paul Mackerras)
+- add undocumented function zError to convert error code to string
+ (for Tim Smithers)
+- Allow compilation of gzio with -DNO_DEFLATE to avoid the compression code.
+- Use default memcpy for Symantec MSDOS compiler.
+- Add EXPORT keyword for check_func (needed for Windows DLL)
+- add current directory to LD_LIBRARY_PATH for "make test"
+- create also a link for libz.so.1
+- added support for FUJITSU UXP/DS (thanks to Toshiaki Nomura)
+- use $(SHAREDLIB) instead of libz.so in Makefile.in (for HPUX)
+- added -soname for Linux in configure (Chun-Chung Chen,
+- assign numbers to the exported functions in zlib.def (for Windows DLL)
+- add advice in zlib.h for best usage of deflateSetDictionary
+- work around compiler bug on Atari (cast Z_NULL in call of s->checkfn)
+- allow compilation with ANSI keywords only enabled for TurboC in large model
+- avoid "versionString"[0] (Borland bug)
+- add NEED_DUMMY_RETURN for Borland
+- use variable z_verbose for tracing in debug mode (L. Peter Deutsch).
+- allow compilation with CC
+- defined STDC for OS/2 (David Charlap)
+- limit external names to 8 chars for MVS (Thomas Lund)
+- in minigzip.c, use static buffers only for 16-bit systems
+- fix suffix check for "minigzip -d foo.gz"
+- do not return an error for the 2nd of two consecutive gzflush() (Felix Lee)
+- use _fdopen instead of fdopen for MSC >= 6.0 (Thomas Fanslau)
+- added makelcc.bat for lcc-win32 (Tom St Denis)
+- in Makefile.dj2, use copy and del instead of install and rm (Frank Donahoe)
+- Avoid expanded $Id$. Use "rcs -kb" or "cvs admin -kb" to avoid Id expansion.
+- check for unistd.h in configure (for off_t)
+- remove useless check parameter in inflate_blocks_free
+- avoid useless assignment of s->check to itself in inflate_blocks_new
+- do not flush twice in gzclose (thanks to Ken Raeburn)
+- rename FOPEN as F_OPEN to avoid clash with /usr/include/sys/file.h
+- use NO_ERRNO_H instead of enumeration of operating systems with errno.h
+- work around buggy fclose on pipes for HP/UX
+- support zlib DLL with BORLAND C++ 5.0 (thanks to Glenn Randers-Pehrson)
+- fix configure if CC is already equal to gcc
+
+Changes in 1.0.5 (3 Jan 98)
+- Fix inflate to terminate gracefully when fed corrupted or invalid data
+- Use const for rommable constants in inflate
+- Eliminate memory leaks on error conditions in inflate
+- Removed some vestigial code in inflate
+- Update web address in README
+
+Changes in 1.0.4 (24 Jul 96)
+- In very rare conditions, deflate(s, Z_FINISH) could fail to produce an EOF
+ bit, so the decompressor could decompress all the correct data but went
+ on to attempt decompressing extra garbage data. This affected minigzip too.
+- zlibVersion and gzerror return const char* (needed for DLL)
+- port to RISCOS (no fdopen, no multiple dots, no unlink, no fileno)
+- use z_error only for DEBUG (avoid problem with DLLs)
+
+Changes in 1.0.3 (2 Jul 96)
+- use z_streamp instead of z_stream *, which is now a far pointer in MSDOS
+ small and medium models; this makes the library incompatible with previous
+ versions for these models. (No effect in large model or on other systems.)
+- return OK instead of BUF_ERROR if previous deflate call returned with
+ avail_out as zero but there is nothing to do
+- added memcmp for non STDC compilers
+- define NO_DUMMY_DECL for more Mac compilers (.h files merged incorrectly)
+- define __32BIT__ if __386__ or i386 is defined (pb. with Watcom and SCO)
+- better check for 16-bit mode MSC (avoids problem with Symantec)
+
+Changes in 1.0.2 (23 May 96)
+- added Windows DLL support
+- added a function zlibVersion (for the DLL support)
+- fixed declarations using Bytef in infutil.c (pb with MSDOS medium model)
+- Bytef is define's instead of typedef'd only for Borland C
+- avoid reading uninitialized memory in example.c
+- mention in README that the zlib format is now RFC1950
+- updated Makefile.dj2
+- added algorithm.doc
+
+Changes in 1.0.1 (20 May 96) [1.0 skipped to avoid confusion]
+- fix array overlay in deflate.c which sometimes caused bad compressed data
+- fix inflate bug with empty stored block
+- fix MSDOS medium model which was broken in 0.99
+- fix deflateParams() which could generated bad compressed data.
+- Bytef is define'd instead of typedef'ed (work around Borland bug)
+- added an INDEX file
+- new makefiles for DJGPP (Makefile.dj2), 32-bit Borland (Makefile.b32),
+ Watcom (Makefile.wat), Amiga SAS/C (Makefile.sas)
+- speed up adler32 for modern machines without auto-increment
+- added -ansi for IRIX in configure
+- static_init_done in trees.c is an int
+- define unlink as delete for VMS
+- fix configure for QNX
+- add configure branch for SCO and HPUX
+- avoid many warnings (unused variables, dead assignments, etc...)
+- no fdopen for BeOS
+- fix the Watcom fix for 32 bit mode (define FAR as empty)
+- removed redefinition of Byte for MKWERKS
+- work around an MWKERKS bug (incorrect merge of all .h files)
+
+Changes in 0.99 (27 Jan 96)
+- allow preset dictionary shared between compressor and decompressor
+- allow compression level 0 (no compression)
+- add deflateParams in zlib.h: allow dynamic change of compression level
+ and compression strategy.
+- test large buffers and deflateParams in example.c
+- add optional "configure" to build zlib as a shared library
+- suppress Makefile.qnx, use configure instead
+- fixed deflate for 64-bit systems (detected on Cray)
+- fixed inflate_blocks for 64-bit systems (detected on Alpha)
+- declare Z_DEFLATED in zlib.h (possible parameter for deflateInit2)
+- always return Z_BUF_ERROR when deflate() has nothing to do
+- deflateInit and inflateInit are now macros to allow version checking
+- prefix all global functions and types with z_ with -DZ_PREFIX
+- make falloc completely reentrant (inftrees.c)
+- fixed very unlikely race condition in ct_static_init
+- free in reverse order of allocation to help memory manager
+- use zlib-1.0/* instead of zlib/* inside the tar.gz
+- make zlib warning-free with "gcc -O3 -Wall -Wwrite-strings -Wpointer-arith
+ -Wconversion -Wstrict-prototypes -Wmissing-prototypes"
+- allow gzread on concatenated .gz files
+- deflateEnd now returns Z_DATA_ERROR if it was premature
+- deflate is finally (?) fully deterministic (no matches beyond end of input)
+- Document Z_SYNC_FLUSH
+- add uninstall in Makefile
+- Check for __cpluplus in zlib.h
+- Better test in ct_align for partial flush
+- avoid harmless warnings for Borland C++
+- initialize hash_head in deflate.c
+- avoid warning on fdopen (gzio.c) for HP cc -Aa
+- include stdlib.h for STDC compilers
+- include errno.h for Cray
+- ignore error if ranlib doesn't exist
+- call ranlib twice for NeXTSTEP
+- use exec_prefix instead of prefix for libz.a
+- renamed ct_* as _tr_* to avoid conflict with applications
+- clear z->msg in inflateInit2 before any error return
+- initialize opaque in example.c, gzio.c, deflate.c and inflate.c
+- fixed typo in zconf.h (_GNUC__ => __GNUC__)
+- check for WIN32 in zconf.h and zutil.c (avoid farmalloc in 32-bit mode)
+- fix typo in Make_vms.com (f$trnlnm -> f$getsyi)
+- in fcalloc, normalize pointer if size > 65520 bytes
+- don't use special fcalloc for 32 bit Borland C++
+- use STDC instead of __GO32__ to avoid redeclaring exit, calloc, etc...
+- use Z_BINARY instead of BINARY
+- document that gzclose after gzdopen will close the file
+- allow "a" as mode in gzopen.
+- fix error checking in gzread
+- allow skipping .gz extra-field on pipes
+- added reference to Perl interface in README
+- put the crc table in FAR data (I dislike more and more the medium model :)
+- added get_crc_table
+- added a dimension to all arrays (Borland C can't count).
+- workaround Borland C bug in declaration of inflate_codes_new & inflate_fast
+- guard against multiple inclusion of *.h (for precompiled header on Mac)
+- Watcom C pretends to be Microsoft C small model even in 32 bit mode.
+- don't use unsized arrays to avoid silly warnings by Visual C++:
+ warning C4746: 'inflate_mask' : unsized array treated as '__far'
+ (what's wrong with far data in far model?).
+- define enum out of inflate_blocks_state to allow compilation with C++
+
+Changes in 0.95 (16 Aug 95)
+- fix MSDOS small and medium model (now easier to adapt to any compiler)
+- inlined send_bits
+- fix the final (:-) bug for deflate with flush (output was correct but
+ not completely flushed in rare occasions).
+- default window size is same for compression and decompression
+ (it's now sufficient to set MAX_WBITS in zconf.h).
+- voidp -> voidpf and voidnp -> voidp (for consistency with other
+ typedefs and because voidnp was not near in large model).
+
+Changes in 0.94 (13 Aug 95)
+- support MSDOS medium model
+- fix deflate with flush (could sometimes generate bad output)
+- fix deflateReset (zlib header was incorrectly suppressed)
+- added support for VMS
+- allow a compression level in gzopen()
+- gzflush now calls fflush
+- For deflate with flush, flush even if no more input is provided.
+- rename libgz.a as libz.a
+- avoid complex expression in infcodes.c triggering Turbo C bug
+- work around a problem with gcc on Alpha (in INSERT_STRING)
+- don't use inline functions (problem with some gcc versions)
+- allow renaming of Byte, uInt, etc... with #define.
+- avoid warning about (unused) pointer before start of array in deflate.c
+- avoid various warnings in gzio.c, example.c, infblock.c, adler32.c, zutil.c
+- avoid reserved word 'new' in trees.c
+
+Changes in 0.93 (25 June 95)
+- temporarily disable inline functions
+- make deflate deterministic
+- give enough lookahead for PARTIAL_FLUSH
+- Set binary mode for stdin/stdout in minigzip.c for OS/2
+- don't even use signed char in inflate (not portable enough)
+- fix inflate memory leak for segmented architectures
+
+Changes in 0.92 (3 May 95)
+- don't assume that char is signed (problem on SGI)
+- Clear bit buffer when starting a stored block
+- no memcpy on Pyramid
+- suppressed inftest.c
+- optimized fill_window, put longest_match inline for gcc
+- optimized inflate on stored blocks.
+- untabify all sources to simplify patches
+
+Changes in 0.91 (2 May 95)
+- Default MEM_LEVEL is 8 (not 9 for Unix) as documented in zlib.h
+- Document the memory requirements in zconf.h
+- added "make install"
+- fix sync search logic in inflateSync
+- deflate(Z_FULL_FLUSH) now works even if output buffer too short
+- after inflateSync, don't scare people with just "lo world"
+- added support for DJGPP
+
+Changes in 0.9 (1 May 95)
+- don't assume that zalloc clears the allocated memory (the TurboC bug
+ was Mark's bug after all :)
+- let again gzread copy uncompressed data unchanged (was working in 0.71)
+- deflate(Z_FULL_FLUSH), inflateReset and inflateSync are now fully implemented
+- added a test of inflateSync in example.c
+- moved MAX_WBITS to zconf.h because users might want to change that.
+- document explicitly that zalloc(64K) on MSDOS must return a normalized
+ pointer (zero offset)
+- added Makefiles for Microsoft C, Turbo C, Borland C++
+- faster crc32()
+
+Changes in 0.8 (29 April 95)
+- added fast inflate (inffast.c)
+- deflate(Z_FINISH) now returns Z_STREAM_END when done. Warning: this
+ is incompatible with previous versions of zlib which returned Z_OK.
+- work around a TurboC compiler bug (bad code for b << 0, see infutil.h)
+ (actually that was not a compiler bug, see 0.81 above)
+- gzread no longer reads one extra byte in certain cases
+- In gzio destroy(), don't reference a freed structure
+- avoid many warnings for MSDOS
+- avoid the ERROR symbol which is used by MS Windows
+
+Changes in 0.71 (14 April 95)
+- Fixed more MSDOS compilation problems :( There is still a bug with
+ TurboC large model.
+
+Changes in 0.7 (14 April 95)
+- Added full inflate support.
+- Simplified the crc32() interface. The pre- and post-conditioning
+ (one's complement) is now done inside crc32(). WARNING: this is
+ incompatible with previous versions; see zlib.h for the new usage.
+
+Changes in 0.61 (12 April 95)
+- workaround for a bug in TurboC. example and minigzip now work on MSDOS.
+
+Changes in 0.6 (11 April 95)
+- added minigzip.c
+- added gzdopen to reopen a file descriptor as gzFile
+- added transparent reading of non-gziped files in gzread.
+- fixed bug in gzread (don't read crc as data)
+- fixed bug in destroy (gzio.c) (don't return Z_STREAM_END for gzclose).
+- don't allocate big arrays in the stack (for MSDOS)
+- fix some MSDOS compilation problems
+
+Changes in 0.5:
+- do real compression in deflate.c. Z_PARTIAL_FLUSH is supported but
+ not yet Z_FULL_FLUSH.
+- support decompression but only in a single step (forced Z_FINISH)
+- added opaque object for zalloc and zfree.
+- added deflateReset and inflateReset
+- added a variable zlib_version for consistency checking.
+- renamed the 'filter' parameter of deflateInit2 as 'strategy'.
+ Added Z_FILTERED and Z_HUFFMAN_ONLY constants.
+
+Changes in 0.4:
+- avoid "zip" everywhere, use zlib instead of ziplib.
+- suppress Z_BLOCK_FLUSH, interpret Z_PARTIAL_FLUSH as block flush
+ if compression method == 8.
+- added adler32 and crc32
+- renamed deflateOptions as deflateInit2, call one or the other but not both
+- added the method parameter for deflateInit2.
+- added inflateInit2
+- simplied considerably deflateInit and inflateInit by not supporting
+ user-provided history buffer. This is supported only in deflateInit2
+ and inflateInit2.
+
+Changes in 0.3:
+- prefix all macro names with Z_
+- use Z_FINISH instead of deflateEnd to finish compression.
+- added Z_HUFFMAN_ONLY
+- added gzerror()
--- /dev/null
+
+ Frequently Asked Questions about zlib
+
+
+If your question is not there, please check the zlib home page
+http://zlib.net/ which may have more recent information.
+The lastest zlib FAQ is at http://zlib.net/zlib_faq.html
+
+
+ 1. Is zlib Y2K-compliant?
+
+ Yes. zlib doesn't handle dates.
+
+ 2. Where can I get a Windows DLL version?
+
+ The zlib sources can be compiled without change to produce a DLL. See the
+ file win32/DLL_FAQ.txt in the zlib distribution. Pointers to the
+ precompiled DLL are found in the zlib web site at http://zlib.net/ .
+
+ 3. Where can I get a Visual Basic interface to zlib?
+
+ See
+ * http://marknelson.us/1997/01/01/zlib-engine/
+ * win32/DLL_FAQ.txt in the zlib distribution
+
+ 4. compress() returns Z_BUF_ERROR.
+
+ Make sure that before the call of compress(), the length of the compressed
+ buffer is equal to the available size of the compressed buffer and not
+ zero. For Visual Basic, check that this parameter is passed by reference
+ ("as any"), not by value ("as long").
+
+ 5. deflate() or inflate() returns Z_BUF_ERROR.
+
+ Before making the call, make sure that avail_in and avail_out are not zero.
+ When setting the parameter flush equal to Z_FINISH, also make sure that
+ avail_out is big enough to allow processing all pending input. Note that a
+ Z_BUF_ERROR is not fatal--another call to deflate() or inflate() can be
+ made with more input or output space. A Z_BUF_ERROR may in fact be
+ unavoidable depending on how the functions are used, since it is not
+ possible to tell whether or not there is more output pending when
+ strm.avail_out returns with zero. See http://zlib.net/zlib_how.html for a
+ heavily annotated example.
+
+ 6. Where's the zlib documentation (man pages, etc.)?
+
+ It's in zlib.h . Examples of zlib usage are in the files test/example.c
+ and test/minigzip.c, with more in examples/ .
+
+ 7. Why don't you use GNU autoconf or libtool or ...?
+
+ Because we would like to keep zlib as a very small and simple package.
+ zlib is rather portable and doesn't need much configuration.
+
+ 8. I found a bug in zlib.
+
+ Most of the time, such problems are due to an incorrect usage of zlib.
+ Please try to reproduce the problem with a small program and send the
+ corresponding source to us at zlib@gzip.org . Do not send multi-megabyte
+ data files without prior agreement.
+
+ 9. Why do I get "undefined reference to gzputc"?
+
+ If "make test" produces something like
+
+ example.o(.text+0x154): undefined reference to `gzputc'
+
+ check that you don't have old files libz.* in /usr/lib, /usr/local/lib or
+ /usr/X11R6/lib. Remove any old versions, then do "make install".
+
+10. I need a Delphi interface to zlib.
+
+ See the contrib/delphi directory in the zlib distribution.
+
+11. Can zlib handle .zip archives?
+
+ Not by itself, no. See the directory contrib/minizip in the zlib
+ distribution.
+
+12. Can zlib handle .Z files?
+
+ No, sorry. You have to spawn an uncompress or gunzip subprocess, or adapt
+ the code of uncompress on your own.
+
+13. How can I make a Unix shared library?
+
+ By default a shared (and a static) library is built for Unix. So:
+
+ make distclean
+ ./configure
+ make
+
+14. How do I install a shared zlib library on Unix?
+
+ After the above, then:
+
+ make install
+
+ However, many flavors of Unix come with a shared zlib already installed.
+ Before going to the trouble of compiling a shared version of zlib and
+ trying to install it, you may want to check if it's already there! If you
+ can #include <zlib.h>, it's there. The -lz option will probably link to
+ it. You can check the version at the top of zlib.h or with the
+ ZLIB_VERSION symbol defined in zlib.h .
+
+15. I have a question about OttoPDF.
+
+ We are not the authors of OttoPDF. The real author is on the OttoPDF web
+ site: Joel Hainley, jhainley@myndkryme.com.
+
+16. Can zlib decode Flate data in an Adobe PDF file?
+
+ Yes. See http://www.pdflib.com/ . To modify PDF forms, see
+ http://sourceforge.net/projects/acroformtool/ .
+
+17. Why am I getting this "register_frame_info not found" error on Solaris?
+
+ After installing zlib 1.1.4 on Solaris 2.6, running applications using zlib
+ generates an error such as:
+
+ ld.so.1: rpm: fatal: relocation error: file /usr/local/lib/libz.so:
+ symbol __register_frame_info: referenced symbol not found
+
+ The symbol __register_frame_info is not part of zlib, it is generated by
+ the C compiler (cc or gcc). You must recompile applications using zlib
+ which have this problem. This problem is specific to Solaris. See
+ http://www.sunfreeware.com for Solaris versions of zlib and applications
+ using zlib.
+
+18. Why does gzip give an error on a file I make with compress/deflate?
+
+ The compress and deflate functions produce data in the zlib format, which
+ is different and incompatible with the gzip format. The gz* functions in
+ zlib on the other hand use the gzip format. Both the zlib and gzip formats
+ use the same compressed data format internally, but have different headers
+ and trailers around the compressed data.
+
+19. Ok, so why are there two different formats?
+
+ The gzip format was designed to retain the directory information about a
+ single file, such as the name and last modification date. The zlib format
+ on the other hand was designed for in-memory and communication channel
+ applications, and has a much more compact header and trailer and uses a
+ faster integrity check than gzip.
+
+20. Well that's nice, but how do I make a gzip file in memory?
+
+ You can request that deflate write the gzip format instead of the zlib
+ format using deflateInit2(). You can also request that inflate decode the
+ gzip format using inflateInit2(). Read zlib.h for more details.
+
+21. Is zlib thread-safe?
+
+ Yes. However any library routines that zlib uses and any application-
+ provided memory allocation routines must also be thread-safe. zlib's gz*
+ functions use stdio library routines, and most of zlib's functions use the
+ library memory allocation routines by default. zlib's *Init* functions
+ allow for the application to provide custom memory allocation routines.
+
+ Of course, you should only operate on any given zlib or gzip stream from a
+ single thread at a time.
+
+22. Can I use zlib in my commercial application?
+
+ Yes. Please read the license in zlib.h.
+
+23. Is zlib under the GNU license?
+
+ No. Please read the license in zlib.h.
+
+24. The license says that altered source versions must be "plainly marked". So
+ what exactly do I need to do to meet that requirement?
+
+ You need to change the ZLIB_VERSION and ZLIB_VERNUM #defines in zlib.h. In
+ particular, the final version number needs to be changed to "f", and an
+ identification string should be appended to ZLIB_VERSION. Version numbers
+ x.x.x.f are reserved for modifications to zlib by others than the zlib
+ maintainers. For example, if the version of the base zlib you are altering
+ is "1.2.3.4", then in zlib.h you should change ZLIB_VERNUM to 0x123f, and
+ ZLIB_VERSION to something like "1.2.3.f-zachary-mods-v3". You can also
+ update the version strings in deflate.c and inftrees.c.
+
+ For altered source distributions, you should also note the origin and
+ nature of the changes in zlib.h, as well as in ChangeLog and README, along
+ with the dates of the alterations. The origin should include at least your
+ name (or your company's name), and an email address to contact for help or
+ issues with the library.
+
+ Note that distributing a compiled zlib library along with zlib.h and
+ zconf.h is also a source distribution, and so you should change
+ ZLIB_VERSION and ZLIB_VERNUM and note the origin and nature of the changes
+ in zlib.h as you would for a full source distribution.
+
+25. Will zlib work on a big-endian or little-endian architecture, and can I
+ exchange compressed data between them?
+
+ Yes and yes.
+
+26. Will zlib work on a 64-bit machine?
+
+ Yes. It has been tested on 64-bit machines, and has no dependence on any
+ data types being limited to 32-bits in length. If you have any
+ difficulties, please provide a complete problem report to zlib@gzip.org
+
+27. Will zlib decompress data from the PKWare Data Compression Library?
+
+ No. The PKWare DCL uses a completely different compressed data format than
+ does PKZIP and zlib. However, you can look in zlib's contrib/blast
+ directory for a possible solution to your problem.
+
+28. Can I access data randomly in a compressed stream?
+
+ No, not without some preparation. If when compressing you periodically use
+ Z_FULL_FLUSH, carefully write all the pending data at those points, and
+ keep an index of those locations, then you can start decompression at those
+ points. You have to be careful to not use Z_FULL_FLUSH too often, since it
+ can significantly degrade compression. Alternatively, you can scan a
+ deflate stream once to generate an index, and then use that index for
+ random access. See examples/zran.c .
+
+29. Does zlib work on MVS, OS/390, CICS, etc.?
+
+ It has in the past, but we have not heard of any recent evidence. There
+ were working ports of zlib 1.1.4 to MVS, but those links no longer work.
+ If you know of recent, successful applications of zlib on these operating
+ systems, please let us know. Thanks.
+
+30. Is there some simpler, easier to read version of inflate I can look at to
+ understand the deflate format?
+
+ First off, you should read RFC 1951. Second, yes. Look in zlib's
+ contrib/puff directory.
+
+31. Does zlib infringe on any patents?
+
+ As far as we know, no. In fact, that was originally the whole point behind
+ zlib. Look here for some more information:
+
+ http://www.gzip.org/#faq11
+
+32. Can zlib work with greater than 4 GB of data?
+
+ Yes. inflate() and deflate() will process any amount of data correctly.
+ Each call of inflate() or deflate() is limited to input and output chunks
+ of the maximum value that can be stored in the compiler's "unsigned int"
+ type, but there is no limit to the number of chunks. Note however that the
+ strm.total_in and strm_total_out counters may be limited to 4 GB. These
+ counters are provided as a convenience and are not used internally by
+ inflate() or deflate(). The application can easily set up its own counters
+ updated after each call of inflate() or deflate() to count beyond 4 GB.
+ compress() and uncompress() may be limited to 4 GB, since they operate in a
+ single call. gzseek() and gztell() may be limited to 4 GB depending on how
+ zlib is compiled. See the zlibCompileFlags() function in zlib.h.
+
+ The word "may" appears several times above since there is a 4 GB limit only
+ if the compiler's "long" type is 32 bits. If the compiler's "long" type is
+ 64 bits, then the limit is 16 exabytes.
+
+33. Does zlib have any security vulnerabilities?
+
+ The only one that we are aware of is potentially in gzprintf(). If zlib is
+ compiled to use sprintf() or vsprintf(), then there is no protection
+ against a buffer overflow of an 8K string space (or other value as set by
+ gzbuffer()), other than the caller of gzprintf() assuring that the output
+ will not exceed 8K. On the other hand, if zlib is compiled to use
+ snprintf() or vsnprintf(), which should normally be the case, then there is
+ no vulnerability. The ./configure script will display warnings if an
+ insecure variation of sprintf() will be used by gzprintf(). Also the
+ zlibCompileFlags() function will return information on what variant of
+ sprintf() is used by gzprintf().
+
+ If you don't have snprintf() or vsnprintf() and would like one, you can
+ find a portable implementation here:
+
+ http://www.ijs.si/software/snprintf/
+
+ Note that you should be using the most recent version of zlib. Versions
+ 1.1.3 and before were subject to a double-free vulnerability, and versions
+ 1.2.1 and 1.2.2 were subject to an access exception when decompressing
+ invalid compressed data.
+
+34. Is there a Java version of zlib?
+
+ Probably what you want is to use zlib in Java. zlib is already included
+ as part of the Java SDK in the java.util.zip package. If you really want
+ a version of zlib written in the Java language, look on the zlib home
+ page for links: http://zlib.net/ .
+
+35. I get this or that compiler or source-code scanner warning when I crank it
+ up to maximally-pedantic. Can't you guys write proper code?
+
+ Many years ago, we gave up attempting to avoid warnings on every compiler
+ in the universe. It just got to be a waste of time, and some compilers
+ were downright silly as well as contradicted each other. So now, we simply
+ make sure that the code always works.
+
+36. Valgrind (or some similar memory access checker) says that deflate is
+ performing a conditional jump that depends on an uninitialized value.
+ Isn't that a bug?
+
+ No. That is intentional for performance reasons, and the output of deflate
+ is not affected. This only started showing up recently since zlib 1.2.x
+ uses malloc() by default for allocations, whereas earlier versions used
+ calloc(), which zeros out the allocated memory. Even though the code was
+ correct, versions 1.2.4 and later was changed to not stimulate these
+ checkers.
+
+37. Will zlib read the (insert any ancient or arcane format here) compressed
+ data format?
+
+ Probably not. Look in the comp.compression FAQ for pointers to various
+ formats and associated software.
+
+38. How can I encrypt/decrypt zip files with zlib?
+
+ zlib doesn't support encryption. The original PKZIP encryption is very
+ weak and can be broken with freely available programs. To get strong
+ encryption, use GnuPG, http://www.gnupg.org/ , which already includes zlib
+ compression. For PKZIP compatible "encryption", look at
+ http://www.info-zip.org/
+
+39. What's the difference between the "gzip" and "deflate" HTTP 1.1 encodings?
+
+ "gzip" is the gzip format, and "deflate" is the zlib format. They should
+ probably have called the second one "zlib" instead to avoid confusion with
+ the raw deflate compressed data format. While the HTTP 1.1 RFC 2616
+ correctly points to the zlib specification in RFC 1950 for the "deflate"
+ transfer encoding, there have been reports of servers and browsers that
+ incorrectly produce or expect raw deflate data per the deflate
+ specification in RFC 1951, most notably Microsoft. So even though the
+ "deflate" transfer encoding using the zlib format would be the more
+ efficient approach (and in fact exactly what the zlib format was designed
+ for), using the "gzip" transfer encoding is probably more reliable due to
+ an unfortunate choice of name on the part of the HTTP 1.1 authors.
+
+ Bottom line: use the gzip format for HTTP 1.1 encoding.
+
+40. Does zlib support the new "Deflate64" format introduced by PKWare?
+
+ No. PKWare has apparently decided to keep that format proprietary, since
+ they have not documented it as they have previous compression formats. In
+ any case, the compression improvements are so modest compared to other more
+ modern approaches, that it's not worth the effort to implement.
+
+41. I'm having a problem with the zip functions in zlib, can you help?
+
+ There are no zip functions in zlib. You are probably using minizip by
+ Giles Vollant, which is found in the contrib directory of zlib. It is not
+ part of zlib. In fact none of the stuff in contrib is part of zlib. The
+ files in there are not supported by the zlib authors. You need to contact
+ the authors of the respective contribution for help.
+
+42. The match.asm code in contrib is under the GNU General Public License.
+ Since it's part of zlib, doesn't that mean that all of zlib falls under the
+ GNU GPL?
+
+ No. The files in contrib are not part of zlib. They were contributed by
+ other authors and are provided as a convenience to the user within the zlib
+ distribution. Each item in contrib has its own license.
+
+43. Is zlib subject to export controls? What is its ECCN?
+
+ zlib is not subject to export controls, and so is classified as EAR99.
+
+44. Can you please sign these lengthy legal documents and fax them back to us
+ so that we can use your software in our product?
+
+ No. Go away. Shoo.
--- /dev/null
+//-----------------------------------------------------------------------------
+// This version of zlib is modified for use within the Proxmark3 project.
+// Files from the original distribution which are not required for this
+// purpose are not included. All modifications can easily be found
+// by searching for #ifdef ZLIB_PM3_TUNED and #ifndef ZLIB_PM3_TUNED.
+//
+// The rest of this file consists of the original README content
+//-----------------------------------------------------------------------------
+
+ZLIB DATA COMPRESSION LIBRARY
+
+zlib 1.2.8 is a general purpose data compression library. All the code is
+thread safe. The data format used by the zlib library is described by RFCs
+(Request for Comments) 1950 to 1952 in the files
+http://tools.ietf.org/html/rfc1950 (zlib format), rfc1951 (deflate format) and
+rfc1952 (gzip format).
+
+All functions of the compression library are documented in the file zlib.h
+(volunteer to write man pages welcome, contact zlib@gzip.org). A usage example
+of the library is given in the file test/example.c which also tests that
+the library is working correctly. Another example is given in the file
+test/minigzip.c. The compression library itself is composed of all source
+files in the root directory.
+
+To compile all files and run the test program, follow the instructions given at
+the top of Makefile.in. In short "./configure; make test", and if that goes
+well, "make install" should work for most flavors of Unix. For Windows, use
+one of the special makefiles in win32/ or contrib/vstudio/ . For VMS, use
+make_vms.com.
+
+Questions about zlib should be sent to <zlib@gzip.org>, or to Gilles Vollant
+<info@winimage.com> for the Windows DLL version. The zlib home page is
+http://zlib.net/ . Before reporting a problem, please check this site to
+verify that you have the latest version of zlib; otherwise get the latest
+version and check whether the problem still exists or not.
+
+PLEASE read the zlib FAQ http://zlib.net/zlib_faq.html before asking for help.
+
+Mark Nelson <markn@ieee.org> wrote an article about zlib for the Jan. 1997
+issue of Dr. Dobb's Journal; a copy of the article is available at
+http://marknelson.us/1997/01/01/zlib-engine/ .
+
+The changes made in version 1.2.8 are documented in the file ChangeLog.
+
+Unsupported third party contributions are provided in directory contrib/ .
+
+zlib is available in Java using the java.util.zip package, documented at
+http://java.sun.com/developer/technicalArticles/Programming/compression/ .
+
+A Perl interface to zlib written by Paul Marquess <pmqs@cpan.org> is available
+at CPAN (Comprehensive Perl Archive Network) sites, including
+http://search.cpan.org/~pmqs/IO-Compress-Zlib/ .
+
+A Python interface to zlib written by A.M. Kuchling <amk@amk.ca> is
+available in Python 1.5 and later versions, see
+http://docs.python.org/library/zlib.html .
+
+zlib is built into tcl: http://wiki.tcl.tk/4610 .
+
+An experimental package to read and write files in .zip format, written on top
+of zlib by Gilles Vollant <info@winimage.com>, is available in the
+contrib/minizip directory of zlib.
+
+
+Notes for some targets:
+
+- For Windows DLL versions, please see win32/DLL_FAQ.txt
+
+- For 64-bit Irix, deflate.c must be compiled without any optimization. With
+ -O, one libpng test fails. The test works in 32 bit mode (with the -n32
+ compiler flag). The compiler bug has been reported to SGI.
+
+- zlib doesn't work with gcc 2.6.3 on a DEC 3000/300LX under OSF/1 2.1 it works
+ when compiled with cc.
+
+- On Digital Unix 4.0D (formely OSF/1) on AlphaServer, the cc option -std1 is
+ necessary to get gzprintf working correctly. This is done by configure.
+
+- zlib doesn't work on HP-UX 9.05 with some versions of /bin/cc. It works with
+ other compilers. Use "make test" to check your compiler.
+
+- gzdopen is not supported on RISCOS or BEOS.
+
+- For PalmOs, see http://palmzlib.sourceforge.net/
+
+
+Acknowledgments:
+
+ The deflate format used by zlib was defined by Phil Katz. The deflate and
+ zlib specifications were written by L. Peter Deutsch. Thanks to all the
+ people who reported problems and suggested various improvements in zlib; they
+ are too numerous to cite here.
+
+Copyright notice:
+
+ (C) 1995-2013 Jean-loup Gailly and Mark Adler
+
+ This software is provided 'as-is', without any express or implied
+ warranty. In no event will the authors be held liable for any damages
+ arising from the use of this software.
+
+ Permission is granted to anyone to use this software for any purpose,
+ including commercial applications, and to alter it and redistribute it
+ freely, subject to the following restrictions:
+
+ 1. The origin of this software must not be misrepresented; you must not
+ claim that you wrote the original software. If you use this software
+ in a product, an acknowledgment in the product documentation would be
+ appreciated but is not required.
+ 2. Altered source versions must be plainly marked as such, and must not be
+ misrepresented as being the original software.
+ 3. This notice may not be removed or altered from any source distribution.
+
+ Jean-loup Gailly Mark Adler
+ jloup@gzip.org madler@alumni.caltech.edu
+
+If you use the zlib library in a product, we would appreciate *not* receiving
+lengthy legal documents to sign. The sources are provided for free but without
+warranty of any kind. The library has been entirely written by Jean-loup
+Gailly and Mark Adler; it does not include third-party code.
+
+If you redistribute modified sources, we would appreciate that you include in
+the file ChangeLog history information documenting your changes. Please read
+the FAQ for more information on the distribution of modified source versions.
--- /dev/null
+/* adler32.c -- compute the Adler-32 checksum of a data stream
+ * Copyright (C) 1995-2011 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* @(#) $Id$ */
+
+#include "zutil.h"
+
+#define local static
+
+local uLong adler32_combine_ OF((uLong adler1, uLong adler2, z_off64_t len2));
+
+#define BASE 65521 /* largest prime smaller than 65536 */
+#define NMAX 5552
+/* NMAX is the largest n such that 255n(n+1)/2 + (n+1)(BASE-1) <= 2^32-1 */
+
+#define DO1(buf,i) {adler += (buf)[i]; sum2 += adler;}
+#define DO2(buf,i) DO1(buf,i); DO1(buf,i+1);
+#define DO4(buf,i) DO2(buf,i); DO2(buf,i+2);
+#define DO8(buf,i) DO4(buf,i); DO4(buf,i+4);
+#define DO16(buf) DO8(buf,0); DO8(buf,8);
+
+/* use NO_DIVIDE if your processor does not do division in hardware --
+ try it both ways to see which is faster */
+#ifdef NO_DIVIDE
+/* note that this assumes BASE is 65521, where 65536 % 65521 == 15
+ (thank you to John Reiser for pointing this out) */
+# define CHOP(a) \
+ do { \
+ unsigned long tmp = a >> 16; \
+ a &= 0xffffUL; \
+ a += (tmp << 4) - tmp; \
+ } while (0)
+# define MOD28(a) \
+ do { \
+ CHOP(a); \
+ if (a >= BASE) a -= BASE; \
+ } while (0)
+# define MOD(a) \
+ do { \
+ CHOP(a); \
+ MOD28(a); \
+ } while (0)
+# define MOD63(a) \
+ do { /* this assumes a is not negative */ \
+ z_off64_t tmp = a >> 32; \
+ a &= 0xffffffffL; \
+ a += (tmp << 8) - (tmp << 5) + tmp; \
+ tmp = a >> 16; \
+ a &= 0xffffL; \
+ a += (tmp << 4) - tmp; \
+ tmp = a >> 16; \
+ a &= 0xffffL; \
+ a += (tmp << 4) - tmp; \
+ if (a >= BASE) a -= BASE; \
+ } while (0)
+#else
+# define MOD(a) a %= BASE
+# define MOD28(a) a %= BASE
+# define MOD63(a) a %= BASE
+#endif
+
+/* ========================================================================= */
+uLong ZEXPORT adler32(adler, buf, len)
+ uLong adler;
+ const Bytef *buf;
+ uInt len;
+{
+ unsigned long sum2;
+ unsigned n;
+
+ /* split Adler-32 into component sums */
+ sum2 = (adler >> 16) & 0xffff;
+ adler &= 0xffff;
+
+ /* in case user likes doing a byte at a time, keep it fast */
+ if (len == 1) {
+ adler += buf[0];
+ if (adler >= BASE)
+ adler -= BASE;
+ sum2 += adler;
+ if (sum2 >= BASE)
+ sum2 -= BASE;
+ return adler | (sum2 << 16);
+ }
+
+ /* initial Adler-32 value (deferred check for len == 1 speed) */
+ if (buf == Z_NULL)
+ return 1L;
+
+ /* in case short lengths are provided, keep it somewhat fast */
+ if (len < 16) {
+ while (len--) {
+ adler += *buf++;
+ sum2 += adler;
+ }
+ if (adler >= BASE)
+ adler -= BASE;
+ MOD28(sum2); /* only added so many BASE's */
+ return adler | (sum2 << 16);
+ }
+
+ /* do length NMAX blocks -- requires just one modulo operation */
+ while (len >= NMAX) {
+ len -= NMAX;
+ n = NMAX / 16; /* NMAX is divisible by 16 */
+ do {
+ DO16(buf); /* 16 sums unrolled */
+ buf += 16;
+ } while (--n);
+ MOD(adler);
+ MOD(sum2);
+ }
+
+ /* do remaining bytes (less than NMAX, still just one modulo) */
+ if (len) { /* avoid modulos if none remaining */
+ while (len >= 16) {
+ len -= 16;
+ DO16(buf);
+ buf += 16;
+ }
+ while (len--) {
+ adler += *buf++;
+ sum2 += adler;
+ }
+ MOD(adler);
+ MOD(sum2);
+ }
+
+ /* return recombined sums */
+ return adler | (sum2 << 16);
+}
+
+/* ========================================================================= */
+local uLong adler32_combine_(adler1, adler2, len2)
+ uLong adler1;
+ uLong adler2;
+ z_off64_t len2;
+{
+ unsigned long sum1;
+ unsigned long sum2;
+ unsigned rem;
+
+ /* for negative len, return invalid adler32 as a clue for debugging */
+ if (len2 < 0)
+ return 0xffffffffUL;
+
+ /* the derivation of this formula is left as an exercise for the reader */
+ MOD63(len2); /* assumes len2 >= 0 */
+ rem = (unsigned)len2;
+ sum1 = adler1 & 0xffff;
+ sum2 = rem * sum1;
+ MOD(sum2);
+ sum1 += (adler2 & 0xffff) + BASE - 1;
+ sum2 += ((adler1 >> 16) & 0xffff) + ((adler2 >> 16) & 0xffff) + BASE - rem;
+ if (sum1 >= BASE) sum1 -= BASE;
+ if (sum1 >= BASE) sum1 -= BASE;
+ if (sum2 >= (BASE << 1)) sum2 -= (BASE << 1);
+ if (sum2 >= BASE) sum2 -= BASE;
+ return sum1 | (sum2 << 16);
+}
+
+/* ========================================================================= */
+uLong ZEXPORT adler32_combine(adler1, adler2, len2)
+ uLong adler1;
+ uLong adler2;
+ z_off_t len2;
+{
+ return adler32_combine_(adler1, adler2, len2);
+}
+
+uLong ZEXPORT adler32_combine64(adler1, adler2, len2)
+ uLong adler1;
+ uLong adler2;
+ z_off64_t len2;
+{
+ return adler32_combine_(adler1, adler2, len2);
+}
--- /dev/null
+/* deflate.c -- compress data using the deflation algorithm
+ * Copyright (C) 1995-2013 Jean-loup Gailly and Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/*
+ * ALGORITHM
+ *
+ * The "deflation" process depends on being able to identify portions
+ * of the input text which are identical to earlier input (within a
+ * sliding window trailing behind the input currently being processed).
+ *
+ * The most straightforward technique turns out to be the fastest for
+ * most input files: try all possible matches and select the longest.
+ * The key feature of this algorithm is that insertions into the string
+ * dictionary are very simple and thus fast, and deletions are avoided
+ * completely. Insertions are performed at each input character, whereas
+ * string matches are performed only when the previous match ends. So it
+ * is preferable to spend more time in matches to allow very fast string
+ * insertions and avoid deletions. The matching algorithm for small
+ * strings is inspired from that of Rabin & Karp. A brute force approach
+ * is used to find longer strings when a small match has been found.
+ * A similar algorithm is used in comic (by Jan-Mark Wams) and freeze
+ * (by Leonid Broukhis).
+ * A previous version of this file used a more sophisticated algorithm
+ * (by Fiala and Greene) which is guaranteed to run in linear amortized
+ * time, but has a larger average cost, uses more memory and is patented.
+ * However the F&G algorithm may be faster for some highly redundant
+ * files if the parameter max_chain_length (described below) is too large.
+ *
+ * ACKNOWLEDGEMENTS
+ *
+ * The idea of lazy evaluation of matches is due to Jan-Mark Wams, and
+ * I found it in 'freeze' written by Leonid Broukhis.
+ * Thanks to many people for bug reports and testing.
+ *
+ * REFERENCES
+ *
+ * Deutsch, L.P.,"DEFLATE Compressed Data Format Specification".
+ * Available in http://tools.ietf.org/html/rfc1951
+ *
+ * A description of the Rabin and Karp algorithm is given in the book
+ * "Algorithms" by R. Sedgewick, Addison-Wesley, p252.
+ *
+ * Fiala,E.R., and Greene,D.H.
+ * Data Compression with Finite Windows, Comm.ACM, 32,4 (1989) 490-595
+ *
+ */
+
+/* @(#) $Id$ */
+
+#include "deflate.h"
+
+const char deflate_copyright[] =
+ " deflate 1.2.8.f-Proxmark3 Copyright 1995-2013 Jean-loup Gailly and Mark Adler ";
+/*
+ If you use the zlib library in a product, an acknowledgment is welcome
+ in the documentation of your product. If for some reason you cannot
+ include such an acknowledgment, I would appreciate that you keep this
+ copyright string in the executable of your product.
+ */
+
+//-----------------------------------------------------------------------------
+// This version of zlib is modified for use within the Proxmark3 project.
+// Files from the original distribution which are not required for this
+// purpose are not included. All modifications can easily be found
+// by searching for #ifdef ZLIB_PM3_TUNED and #ifndef ZLIB_PM3_TUNED.
+//-----------------------------------------------------------------------------
+
+
+
+/* ===========================================================================
+ * Function prototypes.
+ */
+typedef enum {
+ need_more, /* block not completed, need more input or more output */
+ block_done, /* block flush performed */
+ finish_started, /* finish started, need only more output at next deflate */
+ finish_done /* finish done, accept no more input or output */
+} block_state;
+
+typedef block_state (*compress_func) OF((deflate_state *s, int flush));
+/* Compression function. Returns the block state after the call. */
+
+local void fill_window OF((deflate_state *s));
+local block_state deflate_stored OF((deflate_state *s, int flush));
+local block_state deflate_fast OF((deflate_state *s, int flush));
+#ifndef FASTEST
+local block_state deflate_slow OF((deflate_state *s, int flush));
+#endif
+local block_state deflate_rle OF((deflate_state *s, int flush));
+local block_state deflate_huff OF((deflate_state *s, int flush));
+local void lm_init OF((deflate_state *s));
+local void putShortMSB OF((deflate_state *s, uInt b));
+local void flush_pending OF((z_streamp strm));
+local int read_buf OF((z_streamp strm, Bytef *buf, unsigned size));
+#ifdef ASMV
+ void match_init OF((void)); /* asm code initialization */
+ uInt longest_match OF((deflate_state *s, IPos cur_match));
+#else
+local uInt longest_match OF((deflate_state *s, IPos cur_match));
+#endif
+
+#ifdef DEBUG
+local void check_match OF((deflate_state *s, IPos start, IPos match,
+ int length));
+#endif
+
+/* ===========================================================================
+ * Local data
+ */
+
+#define NIL 0
+/* Tail of hash chains */
+
+#ifndef TOO_FAR
+# define TOO_FAR 4096
+#endif
+/* Matches of length 3 are discarded if their distance exceeds TOO_FAR */
+
+/* Values for max_lazy_match, good_match and max_chain_length, depending on
+ * the desired pack level (0..9). The values given below have been tuned to
+ * exclude worst case performance for pathological files. Better values may be
+ * found for specific files.
+ */
+typedef struct config_s {
+ ush good_length; /* reduce lazy search above this match length */
+ ush max_lazy; /* do not perform lazy search above this match length */
+ ush nice_length; /* quit search above this match length */
+ ush max_chain;
+ compress_func func;
+} config;
+
+#ifdef FASTEST
+local const config configuration_table[2] = {
+/* good lazy nice chain */
+/* 0 */ {0, 0, 0, 0, deflate_stored}, /* store only */
+/* 1 */ {4, 4, 8, 4, deflate_fast}}; /* max speed, no lazy matches */
+#else
+local const config configuration_table[10] = {
+/* good lazy nice chain */
+/* 0 */ {0, 0, 0, 0, deflate_stored}, /* store only */
+/* 1 */ {4, 4, 8, 4, deflate_fast}, /* max speed, no lazy matches */
+/* 2 */ {4, 5, 16, 8, deflate_fast},
+/* 3 */ {4, 6, 32, 32, deflate_fast},
+
+/* 4 */ {4, 4, 16, 16, deflate_slow}, /* lazy matches */
+/* 5 */ {8, 16, 32, 32, deflate_slow},
+/* 6 */ {8, 16, 128, 128, deflate_slow},
+/* 7 */ {8, 32, 128, 256, deflate_slow},
+/* 8 */ {32, 128, 258, 1024, deflate_slow},
+/* 9 */ {32, 258, 258, 4096, deflate_slow}}; /* max compression */
+#endif
+
+/* Note: the deflate() code requires max_lazy >= MIN_MATCH and max_chain >= 4
+ * For deflate_fast() (levels <= 3) good is ignored and lazy has a different
+ * meaning.
+ */
+
+#define EQUAL 0
+/* result of memcmp for equal strings */
+
+#ifndef NO_DUMMY_DECL
+struct static_tree_desc_s {int dummy;}; /* for buggy compilers */
+#endif
+
+/* rank Z_BLOCK between Z_NO_FLUSH and Z_PARTIAL_FLUSH */
+#define RANK(f) (((f) << 1) - ((f) > 4 ? 9 : 0))
+
+/* ===========================================================================
+ * Update a hash value with the given input byte
+ * IN assertion: all calls to to UPDATE_HASH are made with consecutive
+ * input characters, so that a running hash key can be computed from the
+ * previous key instead of complete recalculation each time.
+ */
+#define UPDATE_HASH(s,h,c) (h = (((h)<<s->hash_shift) ^ (c)) & s->hash_mask)
+
+
+/* ===========================================================================
+ * Insert string str in the dictionary and set match_head to the previous head
+ * of the hash chain (the most recent string with same hash key). Return
+ * the previous length of the hash chain.
+ * If this file is compiled with -DFASTEST, the compression level is forced
+ * to 1, and no hash chains are maintained.
+ * IN assertion: all calls to to INSERT_STRING are made with consecutive
+ * input characters and the first MIN_MATCH bytes of str are valid
+ * (except for the last MIN_MATCH-1 bytes of the input file).
+ */
+#ifdef FASTEST
+#define INSERT_STRING(s, str, match_head) \
+ (UPDATE_HASH(s, s->ins_h, s->window[(str) + (MIN_MATCH-1)]), \
+ match_head = s->head[s->ins_h], \
+ s->head[s->ins_h] = (Pos)(str))
+#else
+#define INSERT_STRING(s, str, match_head) \
+ (UPDATE_HASH(s, s->ins_h, s->window[(str) + (MIN_MATCH-1)]), \
+ match_head = s->prev[(str) & s->w_mask] = s->head[s->ins_h], \
+ s->head[s->ins_h] = (Pos)(str))
+#endif
+
+/* ===========================================================================
+ * Initialize the hash table (avoiding 64K overflow for 16 bit systems).
+ * prev[] will be initialized on the fly.
+ */
+#define CLEAR_HASH(s) \
+ s->head[s->hash_size-1] = NIL; \
+ zmemzero((Bytef *)s->head, (unsigned)(s->hash_size-1)*sizeof(*s->head));
+
+/* ========================================================================= */
+int ZEXPORT deflateInit_(strm, level, version, stream_size)
+ z_streamp strm;
+ int level;
+ const char *version;
+ int stream_size;
+{
+ return deflateInit2_(strm, level, Z_DEFLATED, MAX_WBITS, DEF_MEM_LEVEL,
+ Z_DEFAULT_STRATEGY, version, stream_size);
+ /* To do: ignore strm->next_in if we use it as window */
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
+ version, stream_size)
+ z_streamp strm;
+ int level;
+ int method;
+ int windowBits;
+ int memLevel;
+ int strategy;
+ const char *version;
+ int stream_size;
+{
+ deflate_state *s;
+ int wrap = 1;
+ static const char my_version[] = ZLIB_VERSION;
+
+ ushf *overlay;
+ /* We overlay pending_buf and d_buf+l_buf. This works since the average
+ * output size for (length,distance) codes is <= 24 bits.
+ */
+
+ if (version == Z_NULL || version[0] != my_version[0] ||
+ stream_size != sizeof(z_stream)) {
+ return Z_VERSION_ERROR;
+ }
+ if (strm == Z_NULL) return Z_STREAM_ERROR;
+
+ strm->msg = Z_NULL;
+ if (strm->zalloc == (alloc_func)0) {
+#ifdef Z_SOLO
+ return Z_STREAM_ERROR;
+#else
+ strm->zalloc = zcalloc;
+ strm->opaque = (voidpf)0;
+#endif
+ }
+ if (strm->zfree == (free_func)0)
+#ifdef Z_SOLO
+ return Z_STREAM_ERROR;
+#else
+ strm->zfree = zcfree;
+#endif
+
+#ifdef FASTEST
+ if (level != 0) level = 1;
+#else
+ if (level == Z_DEFAULT_COMPRESSION) level = 6;
+#endif
+
+ if (windowBits < 0) { /* suppress zlib wrapper */
+ wrap = 0;
+ windowBits = -windowBits;
+ }
+#ifdef GZIP
+ else if (windowBits > 15) {
+ wrap = 2; /* write gzip wrapper instead */
+ windowBits -= 16;
+ }
+#endif
+ if (memLevel < 1 || memLevel > MAX_MEM_LEVEL || method != Z_DEFLATED ||
+ windowBits < 8 || windowBits > 15 || level < 0 || level > 9 ||
+ strategy < 0 || strategy > Z_FIXED) {
+ return Z_STREAM_ERROR;
+ }
+ if (windowBits == 8) windowBits = 9; /* until 256-byte window bug fixed */
+ s = (deflate_state *) ZALLOC(strm, 1, sizeof(deflate_state));
+ if (s == Z_NULL) return Z_MEM_ERROR;
+ strm->state = (struct internal_state FAR *)s;
+ s->strm = strm;
+
+ s->wrap = wrap;
+ s->gzhead = Z_NULL;
+ s->w_bits = windowBits;
+ s->w_size = 1 << s->w_bits;
+ s->w_mask = s->w_size - 1;
+
+ s->hash_bits = memLevel + 7;
+ s->hash_size = 1 << s->hash_bits;
+ s->hash_mask = s->hash_size - 1;
+ s->hash_shift = ((s->hash_bits+MIN_MATCH-1)/MIN_MATCH);
+
+ s->window = (Bytef *) ZALLOC(strm, s->w_size, 2*sizeof(Byte));
+ s->prev = (Posf *) ZALLOC(strm, s->w_size, sizeof(Pos));
+ s->head = (Posf *) ZALLOC(strm, s->hash_size, sizeof(Pos));
+
+ s->high_water = 0; /* nothing written to s->window yet */
+
+ s->lit_bufsize = 1 << (memLevel + 6); /* 16K elements by default */
+
+ overlay = (ushf *) ZALLOC(strm, s->lit_bufsize, sizeof(ush)+2);
+ s->pending_buf = (uchf *) overlay;
+ s->pending_buf_size = (ulg)s->lit_bufsize * (sizeof(ush)+2L);
+
+ if (s->window == Z_NULL || s->prev == Z_NULL || s->head == Z_NULL ||
+ s->pending_buf == Z_NULL) {
+ s->status = FINISH_STATE;
+ strm->msg = ERR_MSG(Z_MEM_ERROR);
+ deflateEnd (strm);
+ return Z_MEM_ERROR;
+ }
+ s->d_buf = overlay + s->lit_bufsize/sizeof(ush);
+ s->l_buf = s->pending_buf + (1+sizeof(ush))*s->lit_bufsize;
+
+ s->level = level;
+ s->strategy = strategy;
+ s->method = (Byte)method;
+
+ return deflateReset(strm);
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateSetDictionary (strm, dictionary, dictLength)
+ z_streamp strm;
+ const Bytef *dictionary;
+ uInt dictLength;
+{
+ deflate_state *s;
+ uInt str, n;
+ int wrap;
+ unsigned avail;
+ z_const unsigned char *next;
+
+ if (strm == Z_NULL || strm->state == Z_NULL || dictionary == Z_NULL)
+ return Z_STREAM_ERROR;
+ s = strm->state;
+ wrap = s->wrap;
+ if (wrap == 2 || (wrap == 1 && s->status != INIT_STATE) || s->lookahead)
+ return Z_STREAM_ERROR;
+
+ /* when using zlib wrappers, compute Adler-32 for provided dictionary */
+ if (wrap == 1)
+ strm->adler = adler32(strm->adler, dictionary, dictLength);
+ s->wrap = 0; /* avoid computing Adler-32 in read_buf */
+
+ /* if dictionary would fill window, just replace the history */
+ if (dictLength >= s->w_size) {
+ if (wrap == 0) { /* already empty otherwise */
+ CLEAR_HASH(s);
+ s->strstart = 0;
+ s->block_start = 0L;
+ s->insert = 0;
+ }
+ dictionary += dictLength - s->w_size; /* use the tail */
+ dictLength = s->w_size;
+ }
+
+ /* insert dictionary into window and hash */
+ avail = strm->avail_in;
+ next = strm->next_in;
+ strm->avail_in = dictLength;
+ strm->next_in = (z_const Bytef *)dictionary;
+ fill_window(s);
+ while (s->lookahead >= MIN_MATCH) {
+ str = s->strstart;
+ n = s->lookahead - (MIN_MATCH-1);
+ do {
+ UPDATE_HASH(s, s->ins_h, s->window[str + MIN_MATCH-1]);
+#ifndef FASTEST
+ s->prev[str & s->w_mask] = s->head[s->ins_h];
+#endif
+ s->head[s->ins_h] = (Pos)str;
+ str++;
+ } while (--n);
+ s->strstart = str;
+ s->lookahead = MIN_MATCH-1;
+ fill_window(s);
+ }
+ s->strstart += s->lookahead;
+ s->block_start = (long)s->strstart;
+ s->insert = s->lookahead;
+ s->lookahead = 0;
+ s->match_length = s->prev_length = MIN_MATCH-1;
+ s->match_available = 0;
+ strm->next_in = next;
+ strm->avail_in = avail;
+ s->wrap = wrap;
+ return Z_OK;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateResetKeep (strm)
+ z_streamp strm;
+{
+ deflate_state *s;
+
+ if (strm == Z_NULL || strm->state == Z_NULL ||
+ strm->zalloc == (alloc_func)0 || strm->zfree == (free_func)0) {
+ return Z_STREAM_ERROR;
+ }
+
+ strm->total_in = strm->total_out = 0;
+ strm->msg = Z_NULL; /* use zfree if we ever allocate msg dynamically */
+ strm->data_type = Z_UNKNOWN;
+
+ s = (deflate_state *)strm->state;
+ s->pending = 0;
+ s->pending_out = s->pending_buf;
+
+ if (s->wrap < 0) {
+ s->wrap = -s->wrap; /* was made negative by deflate(..., Z_FINISH); */
+ }
+ s->status = s->wrap ? INIT_STATE : BUSY_STATE;
+ strm->adler =
+#ifdef GZIP
+ s->wrap == 2 ? crc32(0L, Z_NULL, 0) :
+#endif
+ adler32(0L, Z_NULL, 0);
+ s->last_flush = Z_NO_FLUSH;
+
+ _tr_init(s);
+
+ return Z_OK;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateReset (strm)
+ z_streamp strm;
+{
+ int ret;
+
+ ret = deflateResetKeep(strm);
+ if (ret == Z_OK)
+ lm_init(strm->state);
+ return ret;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateSetHeader (strm, head)
+ z_streamp strm;
+ gz_headerp head;
+{
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ if (strm->state->wrap != 2) return Z_STREAM_ERROR;
+ strm->state->gzhead = head;
+ return Z_OK;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflatePending (strm, pending, bits)
+ unsigned *pending;
+ int *bits;
+ z_streamp strm;
+{
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ if (pending != Z_NULL)
+ *pending = strm->state->pending;
+ if (bits != Z_NULL)
+ *bits = strm->state->bi_valid;
+ return Z_OK;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflatePrime (strm, bits, value)
+ z_streamp strm;
+ int bits;
+ int value;
+{
+ deflate_state *s;
+ int put;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ s = strm->state;
+ if ((Bytef *)(s->d_buf) < s->pending_out + ((Buf_size + 7) >> 3))
+ return Z_BUF_ERROR;
+ do {
+ put = Buf_size - s->bi_valid;
+ if (put > bits)
+ put = bits;
+ s->bi_buf |= (ush)((value & ((1 << put) - 1)) << s->bi_valid);
+ s->bi_valid += put;
+ _tr_flush_bits(s);
+ value >>= put;
+ bits -= put;
+ } while (bits);
+ return Z_OK;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateParams(strm, level, strategy)
+ z_streamp strm;
+ int level;
+ int strategy;
+{
+ deflate_state *s;
+ compress_func func;
+ int err = Z_OK;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ s = strm->state;
+
+#ifdef FASTEST
+ if (level != 0) level = 1;
+#else
+ if (level == Z_DEFAULT_COMPRESSION) level = 6;
+#endif
+ if (level < 0 || level > 9 || strategy < 0 || strategy > Z_FIXED) {
+ return Z_STREAM_ERROR;
+ }
+ func = configuration_table[s->level].func;
+
+ if ((strategy != s->strategy || func != configuration_table[level].func) &&
+ strm->total_in != 0) {
+ /* Flush the last buffer: */
+ err = deflate(strm, Z_BLOCK);
+ if (err == Z_BUF_ERROR && s->pending == 0)
+ err = Z_OK;
+ }
+ if (s->level != level) {
+ s->level = level;
+ s->max_lazy_match = configuration_table[level].max_lazy;
+ s->good_match = configuration_table[level].good_length;
+ s->nice_match = configuration_table[level].nice_length;
+ s->max_chain_length = configuration_table[level].max_chain;
+ }
+ s->strategy = strategy;
+ return err;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateTune(strm, good_length, max_lazy, nice_length, max_chain)
+ z_streamp strm;
+ int good_length;
+ int max_lazy;
+ int nice_length;
+ int max_chain;
+{
+ deflate_state *s;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ s = strm->state;
+ s->good_match = good_length;
+ s->max_lazy_match = max_lazy;
+ s->nice_match = nice_length;
+ s->max_chain_length = max_chain;
+ return Z_OK;
+}
+
+/* =========================================================================
+ * For the default windowBits of 15 and memLevel of 8, this function returns
+ * a close to exact, as well as small, upper bound on the compressed size.
+ * They are coded as constants here for a reason--if the #define's are
+ * changed, then this function needs to be changed as well. The return
+ * value for 15 and 8 only works for those exact settings.
+ *
+ * For any setting other than those defaults for windowBits and memLevel,
+ * the value returned is a conservative worst case for the maximum expansion
+ * resulting from using fixed blocks instead of stored blocks, which deflate
+ * can emit on compressed data for some combinations of the parameters.
+ *
+ * This function could be more sophisticated to provide closer upper bounds for
+ * every combination of windowBits and memLevel. But even the conservative
+ * upper bound of about 14% expansion does not seem onerous for output buffer
+ * allocation.
+ */
+uLong ZEXPORT deflateBound(strm, sourceLen)
+ z_streamp strm;
+ uLong sourceLen;
+{
+ deflate_state *s;
+ uLong complen, wraplen;
+ Bytef *str;
+
+ /* conservative upper bound for compressed data */
+ complen = sourceLen +
+ ((sourceLen + 7) >> 3) + ((sourceLen + 63) >> 6) + 5;
+
+ /* if can't get parameters, return conservative bound plus zlib wrapper */
+ if (strm == Z_NULL || strm->state == Z_NULL)
+ return complen + 6;
+
+ /* compute wrapper length */
+ s = strm->state;
+ switch (s->wrap) {
+ case 0: /* raw deflate */
+ wraplen = 0;
+ break;
+ case 1: /* zlib wrapper */
+ wraplen = 6 + (s->strstart ? 4 : 0);
+ break;
+ case 2: /* gzip wrapper */
+ wraplen = 18;
+ if (s->gzhead != Z_NULL) { /* user-supplied gzip header */
+ if (s->gzhead->extra != Z_NULL)
+ wraplen += 2 + s->gzhead->extra_len;
+ str = s->gzhead->name;
+ if (str != Z_NULL)
+ do {
+ wraplen++;
+ } while (*str++);
+ str = s->gzhead->comment;
+ if (str != Z_NULL)
+ do {
+ wraplen++;
+ } while (*str++);
+ if (s->gzhead->hcrc)
+ wraplen += 2;
+ }
+ break;
+ default: /* for compiler happiness */
+ wraplen = 6;
+ }
+
+ /* if not default parameters, return conservative bound */
+ if (s->w_bits != 15 || s->hash_bits != 8 + 7)
+ return complen + wraplen;
+
+ /* default settings: return tight bound for that case */
+ return sourceLen + (sourceLen >> 12) + (sourceLen >> 14) +
+ (sourceLen >> 25) + 13 - 6 + wraplen;
+}
+
+/* =========================================================================
+ * Put a short in the pending buffer. The 16-bit value is put in MSB order.
+ * IN assertion: the stream state is correct and there is enough room in
+ * pending_buf.
+ */
+local void putShortMSB (s, b)
+ deflate_state *s;
+ uInt b;
+{
+ put_byte(s, (Byte)(b >> 8));
+ put_byte(s, (Byte)(b & 0xff));
+}
+
+/* =========================================================================
+ * Flush as much pending output as possible. All deflate() output goes
+ * through this function so some applications may wish to modify it
+ * to avoid allocating a large strm->next_out buffer and copying into it.
+ * (See also read_buf()).
+ */
+local void flush_pending(strm)
+ z_streamp strm;
+{
+ unsigned len;
+ deflate_state *s = strm->state;
+
+ _tr_flush_bits(s);
+ len = s->pending;
+ if (len > strm->avail_out) len = strm->avail_out;
+ if (len == 0) return;
+
+ zmemcpy(strm->next_out, s->pending_out, len);
+ strm->next_out += len;
+ s->pending_out += len;
+ strm->total_out += len;
+ strm->avail_out -= len;
+ s->pending -= len;
+ if (s->pending == 0) {
+ s->pending_out = s->pending_buf;
+ }
+}
+
+/* ========================================================================= */
+int ZEXPORT deflate (strm, flush)
+ z_streamp strm;
+ int flush;
+{
+ int old_flush; /* value of flush param for previous deflate call */
+ deflate_state *s;
+
+ if (strm == Z_NULL || strm->state == Z_NULL ||
+ flush > Z_BLOCK || flush < 0) {
+ return Z_STREAM_ERROR;
+ }
+ s = strm->state;
+
+ if (strm->next_out == Z_NULL ||
+ (strm->next_in == Z_NULL && strm->avail_in != 0) ||
+ (s->status == FINISH_STATE && flush != Z_FINISH)) {
+ ERR_RETURN(strm, Z_STREAM_ERROR);
+ }
+ if (strm->avail_out == 0) ERR_RETURN(strm, Z_BUF_ERROR);
+
+ s->strm = strm; /* just in case */
+ old_flush = s->last_flush;
+ s->last_flush = flush;
+
+ /* Write the header */
+ if (s->status == INIT_STATE) {
+#ifdef GZIP
+ if (s->wrap == 2) {
+ strm->adler = crc32(0L, Z_NULL, 0);
+ put_byte(s, 31);
+ put_byte(s, 139);
+ put_byte(s, 8);
+ if (s->gzhead == Z_NULL) {
+ put_byte(s, 0);
+ put_byte(s, 0);
+ put_byte(s, 0);
+ put_byte(s, 0);
+ put_byte(s, 0);
+ put_byte(s, s->level == 9 ? 2 :
+ (s->strategy >= Z_HUFFMAN_ONLY || s->level < 2 ?
+ 4 : 0));
+ put_byte(s, OS_CODE);
+ s->status = BUSY_STATE;
+ }
+ else {
+ put_byte(s, (s->gzhead->text ? 1 : 0) +
+ (s->gzhead->hcrc ? 2 : 0) +
+ (s->gzhead->extra == Z_NULL ? 0 : 4) +
+ (s->gzhead->name == Z_NULL ? 0 : 8) +
+ (s->gzhead->comment == Z_NULL ? 0 : 16)
+ );
+ put_byte(s, (Byte)(s->gzhead->time & 0xff));
+ put_byte(s, (Byte)((s->gzhead->time >> 8) & 0xff));
+ put_byte(s, (Byte)((s->gzhead->time >> 16) & 0xff));
+ put_byte(s, (Byte)((s->gzhead->time >> 24) & 0xff));
+ put_byte(s, s->level == 9 ? 2 :
+ (s->strategy >= Z_HUFFMAN_ONLY || s->level < 2 ?
+ 4 : 0));
+ put_byte(s, s->gzhead->os & 0xff);
+ if (s->gzhead->extra != Z_NULL) {
+ put_byte(s, s->gzhead->extra_len & 0xff);
+ put_byte(s, (s->gzhead->extra_len >> 8) & 0xff);
+ }
+ if (s->gzhead->hcrc)
+ strm->adler = crc32(strm->adler, s->pending_buf,
+ s->pending);
+ s->gzindex = 0;
+ s->status = EXTRA_STATE;
+ }
+ }
+ else
+#endif
+ {
+ uInt header = (Z_DEFLATED + ((s->w_bits-8)<<4)) << 8;
+ uInt level_flags;
+
+ if (s->strategy >= Z_HUFFMAN_ONLY || s->level < 2)
+ level_flags = 0;
+ else if (s->level < 6)
+ level_flags = 1;
+ else if (s->level == 6)
+ level_flags = 2;
+ else
+ level_flags = 3;
+ header |= (level_flags << 6);
+ if (s->strstart != 0) header |= PRESET_DICT;
+ header += 31 - (header % 31);
+
+ s->status = BUSY_STATE;
+ putShortMSB(s, header);
+
+ /* Save the adler32 of the preset dictionary: */
+ if (s->strstart != 0) {
+ putShortMSB(s, (uInt)(strm->adler >> 16));
+ putShortMSB(s, (uInt)(strm->adler & 0xffff));
+ }
+ strm->adler = adler32(0L, Z_NULL, 0);
+ }
+ }
+#ifdef GZIP
+ if (s->status == EXTRA_STATE) {
+ if (s->gzhead->extra != Z_NULL) {
+ uInt beg = s->pending; /* start of bytes to update crc */
+
+ while (s->gzindex < (s->gzhead->extra_len & 0xffff)) {
+ if (s->pending == s->pending_buf_size) {
+ if (s->gzhead->hcrc && s->pending > beg)
+ strm->adler = crc32(strm->adler, s->pending_buf + beg,
+ s->pending - beg);
+ flush_pending(strm);
+ beg = s->pending;
+ if (s->pending == s->pending_buf_size)
+ break;
+ }
+ put_byte(s, s->gzhead->extra[s->gzindex]);
+ s->gzindex++;
+ }
+ if (s->gzhead->hcrc && s->pending > beg)
+ strm->adler = crc32(strm->adler, s->pending_buf + beg,
+ s->pending - beg);
+ if (s->gzindex == s->gzhead->extra_len) {
+ s->gzindex = 0;
+ s->status = NAME_STATE;
+ }
+ }
+ else
+ s->status = NAME_STATE;
+ }
+ if (s->status == NAME_STATE) {
+ if (s->gzhead->name != Z_NULL) {
+ uInt beg = s->pending; /* start of bytes to update crc */
+ int val;
+
+ do {
+ if (s->pending == s->pending_buf_size) {
+ if (s->gzhead->hcrc && s->pending > beg)
+ strm->adler = crc32(strm->adler, s->pending_buf + beg,
+ s->pending - beg);
+ flush_pending(strm);
+ beg = s->pending;
+ if (s->pending == s->pending_buf_size) {
+ val = 1;
+ break;
+ }
+ }
+ val = s->gzhead->name[s->gzindex++];
+ put_byte(s, val);
+ } while (val != 0);
+ if (s->gzhead->hcrc && s->pending > beg)
+ strm->adler = crc32(strm->adler, s->pending_buf + beg,
+ s->pending - beg);
+ if (val == 0) {
+ s->gzindex = 0;
+ s->status = COMMENT_STATE;
+ }
+ }
+ else
+ s->status = COMMENT_STATE;
+ }
+ if (s->status == COMMENT_STATE) {
+ if (s->gzhead->comment != Z_NULL) {
+ uInt beg = s->pending; /* start of bytes to update crc */
+ int val;
+
+ do {
+ if (s->pending == s->pending_buf_size) {
+ if (s->gzhead->hcrc && s->pending > beg)
+ strm->adler = crc32(strm->adler, s->pending_buf + beg,
+ s->pending - beg);
+ flush_pending(strm);
+ beg = s->pending;
+ if (s->pending == s->pending_buf_size) {
+ val = 1;
+ break;
+ }
+ }
+ val = s->gzhead->comment[s->gzindex++];
+ put_byte(s, val);
+ } while (val != 0);
+ if (s->gzhead->hcrc && s->pending > beg)
+ strm->adler = crc32(strm->adler, s->pending_buf + beg,
+ s->pending - beg);
+ if (val == 0)
+ s->status = HCRC_STATE;
+ }
+ else
+ s->status = HCRC_STATE;
+ }
+ if (s->status == HCRC_STATE) {
+ if (s->gzhead->hcrc) {
+ if (s->pending + 2 > s->pending_buf_size)
+ flush_pending(strm);
+ if (s->pending + 2 <= s->pending_buf_size) {
+ put_byte(s, (Byte)(strm->adler & 0xff));
+ put_byte(s, (Byte)((strm->adler >> 8) & 0xff));
+ strm->adler = crc32(0L, Z_NULL, 0);
+ s->status = BUSY_STATE;
+ }
+ }
+ else
+ s->status = BUSY_STATE;
+ }
+#endif
+
+ /* Flush as much pending output as possible */
+ if (s->pending != 0) {
+ flush_pending(strm);
+ if (strm->avail_out == 0) {
+ /* Since avail_out is 0, deflate will be called again with
+ * more output space, but possibly with both pending and
+ * avail_in equal to zero. There won't be anything to do,
+ * but this is not an error situation so make sure we
+ * return OK instead of BUF_ERROR at next call of deflate:
+ */
+ s->last_flush = -1;
+ return Z_OK;
+ }
+
+ /* Make sure there is something to do and avoid duplicate consecutive
+ * flushes. For repeated and useless calls with Z_FINISH, we keep
+ * returning Z_STREAM_END instead of Z_BUF_ERROR.
+ */
+ } else if (strm->avail_in == 0 && RANK(flush) <= RANK(old_flush) &&
+ flush != Z_FINISH) {
+ ERR_RETURN(strm, Z_BUF_ERROR);
+ }
+
+ /* User must not provide more input after the first FINISH: */
+ if (s->status == FINISH_STATE && strm->avail_in != 0) {
+ ERR_RETURN(strm, Z_BUF_ERROR);
+ }
+
+ /* Start a new block or continue the current one.
+ */
+ if (strm->avail_in != 0 || s->lookahead != 0 ||
+ (flush != Z_NO_FLUSH && s->status != FINISH_STATE)) {
+ block_state bstate;
+
+ bstate = s->strategy == Z_HUFFMAN_ONLY ? deflate_huff(s, flush) :
+ (s->strategy == Z_RLE ? deflate_rle(s, flush) :
+ (*(configuration_table[s->level].func))(s, flush));
+
+ if (bstate == finish_started || bstate == finish_done) {
+ s->status = FINISH_STATE;
+ }
+ if (bstate == need_more || bstate == finish_started) {
+ if (strm->avail_out == 0) {
+ s->last_flush = -1; /* avoid BUF_ERROR next call, see above */
+ }
+ return Z_OK;
+ /* If flush != Z_NO_FLUSH && avail_out == 0, the next call
+ * of deflate should use the same flush parameter to make sure
+ * that the flush is complete. So we don't have to output an
+ * empty block here, this will be done at next call. This also
+ * ensures that for a very small output buffer, we emit at most
+ * one empty block.
+ */
+ }
+ if (bstate == block_done) {
+ if (flush == Z_PARTIAL_FLUSH) {
+ _tr_align(s);
+ } else if (flush != Z_BLOCK) { /* FULL_FLUSH or SYNC_FLUSH */
+ _tr_stored_block(s, (char*)0, 0L, 0);
+ /* For a full flush, this empty block will be recognized
+ * as a special marker by inflate_sync().
+ */
+ if (flush == Z_FULL_FLUSH) {
+ CLEAR_HASH(s); /* forget history */
+ if (s->lookahead == 0) {
+ s->strstart = 0;
+ s->block_start = 0L;
+ s->insert = 0;
+ }
+ }
+ }
+ flush_pending(strm);
+ if (strm->avail_out == 0) {
+ s->last_flush = -1; /* avoid BUF_ERROR at next call, see above */
+ return Z_OK;
+ }
+ }
+ }
+ Assert(strm->avail_out > 0, "bug2");
+
+ if (flush != Z_FINISH) return Z_OK;
+ if (s->wrap <= 0) return Z_STREAM_END;
+
+ /* Write the trailer */
+#ifdef GZIP
+ if (s->wrap == 2) {
+ put_byte(s, (Byte)(strm->adler & 0xff));
+ put_byte(s, (Byte)((strm->adler >> 8) & 0xff));
+ put_byte(s, (Byte)((strm->adler >> 16) & 0xff));
+ put_byte(s, (Byte)((strm->adler >> 24) & 0xff));
+ put_byte(s, (Byte)(strm->total_in & 0xff));
+ put_byte(s, (Byte)((strm->total_in >> 8) & 0xff));
+ put_byte(s, (Byte)((strm->total_in >> 16) & 0xff));
+ put_byte(s, (Byte)((strm->total_in >> 24) & 0xff));
+ }
+ else
+#endif
+ {
+ putShortMSB(s, (uInt)(strm->adler >> 16));
+ putShortMSB(s, (uInt)(strm->adler & 0xffff));
+ }
+ flush_pending(strm);
+ /* If avail_out is zero, the application will call deflate again
+ * to flush the rest.
+ */
+ if (s->wrap > 0) s->wrap = -s->wrap; /* write the trailer only once! */
+ return s->pending != 0 ? Z_OK : Z_STREAM_END;
+}
+
+/* ========================================================================= */
+int ZEXPORT deflateEnd (strm)
+ z_streamp strm;
+{
+ int status;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+
+ status = strm->state->status;
+ if (status != INIT_STATE &&
+ status != EXTRA_STATE &&
+ status != NAME_STATE &&
+ status != COMMENT_STATE &&
+ status != HCRC_STATE &&
+ status != BUSY_STATE &&
+ status != FINISH_STATE) {
+ return Z_STREAM_ERROR;
+ }
+
+ /* Deallocate in reverse order of allocations: */
+ TRY_FREE(strm, strm->state->pending_buf);
+ TRY_FREE(strm, strm->state->head);
+ TRY_FREE(strm, strm->state->prev);
+ TRY_FREE(strm, strm->state->window);
+
+ ZFREE(strm, strm->state);
+ strm->state = Z_NULL;
+
+ return status == BUSY_STATE ? Z_DATA_ERROR : Z_OK;
+}
+
+/* =========================================================================
+ * Copy the source state to the destination state.
+ * To simplify the source, this is not supported for 16-bit MSDOS (which
+ * doesn't have enough memory anyway to duplicate compression states).
+ */
+int ZEXPORT deflateCopy (dest, source)
+ z_streamp dest;
+ z_streamp source;
+{
+#ifdef MAXSEG_64K
+ return Z_STREAM_ERROR;
+#else
+ deflate_state *ds;
+ deflate_state *ss;
+ ushf *overlay;
+
+
+ if (source == Z_NULL || dest == Z_NULL || source->state == Z_NULL) {
+ return Z_STREAM_ERROR;
+ }
+
+ ss = source->state;
+
+ zmemcpy((voidpf)dest, (voidpf)source, sizeof(z_stream));
+
+ ds = (deflate_state *) ZALLOC(dest, 1, sizeof(deflate_state));
+ if (ds == Z_NULL) return Z_MEM_ERROR;
+ dest->state = (struct internal_state FAR *) ds;
+ zmemcpy((voidpf)ds, (voidpf)ss, sizeof(deflate_state));
+ ds->strm = dest;
+
+ ds->window = (Bytef *) ZALLOC(dest, ds->w_size, 2*sizeof(Byte));
+ ds->prev = (Posf *) ZALLOC(dest, ds->w_size, sizeof(Pos));
+ ds->head = (Posf *) ZALLOC(dest, ds->hash_size, sizeof(Pos));
+ overlay = (ushf *) ZALLOC(dest, ds->lit_bufsize, sizeof(ush)+2);
+ ds->pending_buf = (uchf *) overlay;
+
+ if (ds->window == Z_NULL || ds->prev == Z_NULL || ds->head == Z_NULL ||
+ ds->pending_buf == Z_NULL) {
+ deflateEnd (dest);
+ return Z_MEM_ERROR;
+ }
+ /* following zmemcpy do not work for 16-bit MSDOS */
+ zmemcpy(ds->window, ss->window, ds->w_size * 2 * sizeof(Byte));
+ zmemcpy((voidpf)ds->prev, (voidpf)ss->prev, ds->w_size * sizeof(Pos));
+ zmemcpy((voidpf)ds->head, (voidpf)ss->head, ds->hash_size * sizeof(Pos));
+ zmemcpy(ds->pending_buf, ss->pending_buf, (uInt)ds->pending_buf_size);
+
+ ds->pending_out = ds->pending_buf + (ss->pending_out - ss->pending_buf);
+ ds->d_buf = overlay + ds->lit_bufsize/sizeof(ush);
+ ds->l_buf = ds->pending_buf + (1+sizeof(ush))*ds->lit_bufsize;
+
+ ds->l_desc.dyn_tree = ds->dyn_ltree;
+ ds->d_desc.dyn_tree = ds->dyn_dtree;
+ ds->bl_desc.dyn_tree = ds->bl_tree;
+
+ return Z_OK;
+#endif /* MAXSEG_64K */
+}
+
+/* ===========================================================================
+ * Read a new buffer from the current input stream, update the adler32
+ * and total number of bytes read. All deflate() input goes through
+ * this function so some applications may wish to modify it to avoid
+ * allocating a large strm->next_in buffer and copying from it.
+ * (See also flush_pending()).
+ */
+local int read_buf(strm, buf, size)
+ z_streamp strm;
+ Bytef *buf;
+ unsigned size;
+{
+ unsigned len = strm->avail_in;
+
+ if (len > size) len = size;
+ if (len == 0) return 0;
+
+ strm->avail_in -= len;
+
+ zmemcpy(buf, strm->next_in, len);
+ if (strm->state->wrap == 1) {
+ strm->adler = adler32(strm->adler, buf, len);
+ }
+#ifdef GZIP
+ else if (strm->state->wrap == 2) {
+ strm->adler = crc32(strm->adler, buf, len);
+ }
+#endif
+ strm->next_in += len;
+ strm->total_in += len;
+
+ return (int)len;
+}
+
+/* ===========================================================================
+ * Initialize the "longest match" routines for a new zlib stream
+ */
+local void lm_init (s)
+ deflate_state *s;
+{
+ s->window_size = (ulg)2L*s->w_size;
+
+ CLEAR_HASH(s);
+
+ /* Set the default configuration parameters:
+ */
+ s->max_lazy_match = configuration_table[s->level].max_lazy;
+ s->good_match = configuration_table[s->level].good_length;
+ s->nice_match = configuration_table[s->level].nice_length;
+ s->max_chain_length = configuration_table[s->level].max_chain;
+
+ s->strstart = 0;
+ s->block_start = 0L;
+ s->lookahead = 0;
+ s->insert = 0;
+ s->match_length = s->prev_length = MIN_MATCH-1;
+ s->match_available = 0;
+ s->ins_h = 0;
+#ifndef FASTEST
+#ifdef ASMV
+ match_init(); /* initialize the asm code */
+#endif
+#endif
+}
+
+#ifndef FASTEST
+/* ===========================================================================
+ * Set match_start to the longest match starting at the given string and
+ * return its length. Matches shorter or equal to prev_length are discarded,
+ * in which case the result is equal to prev_length and match_start is
+ * garbage.
+ * IN assertions: cur_match is the head of the hash chain for the current
+ * string (strstart) and its distance is <= MAX_DIST, and prev_length >= 1
+ * OUT assertion: the match length is not greater than s->lookahead.
+ */
+#ifndef ASMV
+/* For 80x86 and 680x0, an optimized version will be provided in match.asm or
+ * match.S. The code will be functionally equivalent.
+ */
+local uInt longest_match(s, cur_match)
+ deflate_state *s;
+ IPos cur_match; /* current match */
+{
+ unsigned chain_length = s->max_chain_length;/* max hash chain length */
+ register Bytef *scan = s->window + s->strstart; /* current string */
+ register Bytef *match; /* matched string */
+ register int len; /* length of current match */
+#ifdef ZLIB_PM3_TUNED
+ int best_len = MIN_MATCH-1; // lift the restriction on prev-length
+#else
+ int best_len = s->prev_length; /* best match length so far */
+#endif
+ int nice_match = s->nice_match; /* stop if match long enough */
+ IPos limit = s->strstart > (IPos)MAX_DIST(s) ?
+ s->strstart - (IPos)MAX_DIST(s) : NIL;
+ /* Stop when cur_match becomes <= limit. To simplify the code,
+ * we prevent matches with the string of window index 0.
+ */
+ Posf *prev = s->prev;
+ uInt wmask = s->w_mask;
+
+#ifdef UNALIGNED_OK
+ /* Compare two bytes at a time. Note: this is not always beneficial.
+ * Try with and without -DUNALIGNED_OK to check.
+ */
+ register Bytef *strend = s->window + s->strstart + MAX_MATCH - 1;
+ register ush scan_start = *(ushf*)scan;
+ register ush scan_end = *(ushf*)(scan+best_len-1);
+#else
+ register Bytef *strend = s->window + s->strstart + MAX_MATCH;
+ register Byte scan_end1 = scan[best_len-1];
+ register Byte scan_end = scan[best_len];
+#endif
+
+ /* The code is optimized for HASH_BITS >= 8 and MAX_MATCH-2 multiple of 16.
+ * It is easy to get rid of this optimization if necessary.
+ */
+ Assert(s->hash_bits >= 8 && MAX_MATCH == 258, "Code too clever");
+
+ /* Do not waste too much time if we already have a good match: */
+ if (s->prev_length >= s->good_match) {
+ chain_length >>= 2;
+ }
+ /* Do not look for matches beyond the end of the input. This is necessary
+ * to make deflate deterministic.
+ */
+ if ((uInt)nice_match > s->lookahead) nice_match = s->lookahead;
+
+ Assert((ulg)s->strstart <= s->window_size-MIN_LOOKAHEAD, "need lookahead");
+
+ do {
+ Assert(cur_match < s->strstart, "no future");
+ match = s->window + cur_match;
+
+ /* Skip to next match if the match length cannot increase
+ * or if the match length is less than 2. Note that the checks below
+ * for insufficient lookahead only occur occasionally for performance
+ * reasons. Therefore uninitialized memory will be accessed, and
+ * conditional jumps will be made that depend on those values.
+ * However the length of the match is limited to the lookahead, so
+ * the output of deflate is not affected by the uninitialized values.
+ */
+#if (defined(UNALIGNED_OK) && MAX_MATCH == 258)
+ /* This code assumes sizeof(unsigned short) == 2. Do not use
+ * UNALIGNED_OK if your compiler uses a different size.
+ */
+ if (*(ushf*)(match+best_len-1) != scan_end ||
+ *(ushf*)match != scan_start) continue;
+
+ /* It is not necessary to compare scan[2] and match[2] since they are
+ * always equal when the other bytes match, given that the hash keys
+ * are equal and that HASH_BITS >= 8. Compare 2 bytes at a time at
+ * strstart+3, +5, ... up to strstart+257. We check for insufficient
+ * lookahead only every 4th comparison; the 128th check will be made
+ * at strstart+257. If MAX_MATCH-2 is not a multiple of 8, it is
+ * necessary to put more guard bytes at the end of the window, or
+ * to check more often for insufficient lookahead.
+ */
+ Assert(scan[2] == match[2], "scan[2]?");
+ scan++, match++;
+ do {
+ } while (*(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
+ *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
+ *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
+ *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
+ scan < strend);
+ /* The funny "do {}" generates better code on most compilers */
+
+ /* Here, scan <= window+strstart+257 */
+ Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
+ if (*scan == *match) scan++;
+
+ len = (MAX_MATCH - 1) - (int)(strend-scan);
+ scan = strend - (MAX_MATCH-1);
+
+#else /* UNALIGNED_OK */
+
+ if (match[best_len] != scan_end ||
+ match[best_len-1] != scan_end1 ||
+ *match != *scan ||
+ *++match != scan[1]) continue;
+
+ /* The check at best_len-1 can be removed because it will be made
+ * again later. (This heuristic is not always a win.)
+ * It is not necessary to compare scan[2] and match[2] since they
+ * are always equal when the other bytes match, given that
+ * the hash keys are equal and that HASH_BITS >= 8.
+ */
+ scan += 2, match++;
+ Assert(*scan == *match, "match[2]?");
+
+ /* We check for insufficient lookahead only every 8th comparison;
+ * the 256th check will be made at strstart+258.
+ */
+ do {
+ } while (*++scan == *++match && *++scan == *++match &&
+ *++scan == *++match && *++scan == *++match &&
+ *++scan == *++match && *++scan == *++match &&
+ *++scan == *++match && *++scan == *++match &&
+ scan < strend);
+
+ Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
+
+ len = MAX_MATCH - (int)(strend - scan);
+ scan = strend - MAX_MATCH;
+
+#endif /* UNALIGNED_OK */
+
+ if (len > best_len) {
+ s->match_start = cur_match;
+ best_len = len;
+ if (len >= nice_match) break;
+#ifdef UNALIGNED_OK
+ scan_end = *(ushf*)(scan+best_len-1);
+#else
+ scan_end1 = scan[best_len-1];
+ scan_end = scan[best_len];
+#endif
+ }
+ } while ((cur_match = prev[cur_match & wmask]) > limit
+ && --chain_length != 0);
+
+ if ((uInt)best_len <= s->lookahead) return (uInt)best_len;
+ return s->lookahead;
+}
+#endif /* ASMV */
+
+#else /* FASTEST */
+
+/* ---------------------------------------------------------------------------
+ * Optimized version for FASTEST only
+ */
+local uInt longest_match(s, cur_match)
+ deflate_state *s;
+ IPos cur_match; /* current match */
+{
+ register Bytef *scan = s->window + s->strstart; /* current string */
+ register Bytef *match; /* matched string */
+ register int len; /* length of current match */
+ register Bytef *strend = s->window + s->strstart + MAX_MATCH;
+
+ /* The code is optimized for HASH_BITS >= 8 and MAX_MATCH-2 multiple of 16.
+ * It is easy to get rid of this optimization if necessary.
+ */
+ Assert(s->hash_bits >= 8 && MAX_MATCH == 258, "Code too clever");
+
+ Assert((ulg)s->strstart <= s->window_size-MIN_LOOKAHEAD, "need lookahead");
+
+ Assert(cur_match < s->strstart, "no future");
+
+ match = s->window + cur_match;
+
+ /* Return failure if the match length is less than 2:
+ */
+ if (match[0] != scan[0] || match[1] != scan[1]) return MIN_MATCH-1;
+
+ /* The check at best_len-1 can be removed because it will be made
+ * again later. (This heuristic is not always a win.)
+ * It is not necessary to compare scan[2] and match[2] since they
+ * are always equal when the other bytes match, given that
+ * the hash keys are equal and that HASH_BITS >= 8.
+ */
+ scan += 2, match += 2;
+ Assert(*scan == *match, "match[2]?");
+
+ /* We check for insufficient lookahead only every 8th comparison;
+ * the 256th check will be made at strstart+258.
+ */
+ do {
+ } while (*++scan == *++match && *++scan == *++match &&
+ *++scan == *++match && *++scan == *++match &&
+ *++scan == *++match && *++scan == *++match &&
+ *++scan == *++match && *++scan == *++match &&
+ scan < strend);
+
+ Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
+
+ len = MAX_MATCH - (int)(strend - scan);
+
+ if (len < MIN_MATCH) return MIN_MATCH - 1;
+
+ s->match_start = cur_match;
+ return (uInt)len <= s->lookahead ? (uInt)len : s->lookahead;
+}
+
+#endif /* FASTEST */
+
+#ifdef DEBUG
+/* ===========================================================================
+ * Check that the match at match_start is indeed a match.
+ */
+local void check_match(s, start, match, length)
+ deflate_state *s;
+ IPos start, match;
+ int length;
+{
+ /* check that the match is indeed a match */
+ if (zmemcmp(s->window + match,
+ s->window + start, length) != EQUAL) {
+ fprintf(stderr, " start %u, match %u, length %d\n",
+ start, match, length);
+ do {
+ fprintf(stderr, "%c%c", s->window[match++], s->window[start++]);
+ } while (--length != 0);
+ z_error("invalid match");
+ }
+ if (z_verbose > 1) {
+ fprintf(stderr,"\\[%d,%d]", start-match, length);
+ do { putc(s->window[start++], stderr); } while (--length != 0);
+ }
+}
+#else
+# define check_match(s, start, match, length)
+#endif /* DEBUG */
+
+/* ===========================================================================
+ * Fill the window when the lookahead becomes insufficient.
+ * Updates strstart and lookahead.
+ *
+ * IN assertion: lookahead < MIN_LOOKAHEAD
+ * OUT assertions: strstart <= window_size-MIN_LOOKAHEAD
+ * At least one byte has been read, or avail_in == 0; reads are
+ * performed for at least two bytes (required for the zip translate_eol
+ * option -- not supported here).
+ */
+local void fill_window(s)
+ deflate_state *s;
+{
+ register unsigned n, m;
+ register Posf *p;
+ unsigned more; /* Amount of free space at the end of the window. */
+ uInt wsize = s->w_size;
+
+ Assert(s->lookahead < MIN_LOOKAHEAD, "already enough lookahead");
+
+ do {
+ more = (unsigned)(s->window_size -(ulg)s->lookahead -(ulg)s->strstart);
+
+ /* Deal with !@#$% 64K limit: */
+ if (sizeof(int) <= 2) {
+ if (more == 0 && s->strstart == 0 && s->lookahead == 0) {
+ more = wsize;
+
+ } else if (more == (unsigned)(-1)) {
+ /* Very unlikely, but possible on 16 bit machine if
+ * strstart == 0 && lookahead == 1 (input done a byte at time)
+ */
+ more--;
+ }
+ }
+
+ /* If the window is almost full and there is insufficient lookahead,
+ * move the upper half to the lower one to make room in the upper half.
+ */
+ if (s->strstart >= wsize+MAX_DIST(s)) {
+
+ zmemcpy(s->window, s->window+wsize, (unsigned)wsize);
+ s->match_start -= wsize;
+ s->strstart -= wsize; /* we now have strstart >= MAX_DIST */
+ s->block_start -= (long) wsize;
+
+ /* Slide the hash table (could be avoided with 32 bit values
+ at the expense of memory usage). We slide even when level == 0
+ to keep the hash table consistent if we switch back to level > 0
+ later. (Using level 0 permanently is not an optimal usage of
+ zlib, so we don't care about this pathological case.)
+ */
+ n = s->hash_size;
+ p = &s->head[n];
+ do {
+ m = *--p;
+ *p = (Pos)(m >= wsize ? m-wsize : NIL);
+ } while (--n);
+
+ n = wsize;
+#ifndef FASTEST
+ p = &s->prev[n];
+ do {
+ m = *--p;
+ *p = (Pos)(m >= wsize ? m-wsize : NIL);
+ /* If n is not on any hash chain, prev[n] is garbage but
+ * its value will never be used.
+ */
+ } while (--n);
+#endif
+ more += wsize;
+ }
+ if (s->strm->avail_in == 0) break;
+
+ /* If there was no sliding:
+ * strstart <= WSIZE+MAX_DIST-1 && lookahead <= MIN_LOOKAHEAD - 1 &&
+ * more == window_size - lookahead - strstart
+ * => more >= window_size - (MIN_LOOKAHEAD-1 + WSIZE + MAX_DIST-1)
+ * => more >= window_size - 2*WSIZE + 2
+ * In the BIG_MEM or MMAP case (not yet supported),
+ * window_size == input_size + MIN_LOOKAHEAD &&
+ * strstart + s->lookahead <= input_size => more >= MIN_LOOKAHEAD.
+ * Otherwise, window_size == 2*WSIZE so more >= 2.
+ * If there was sliding, more >= WSIZE. So in all cases, more >= 2.
+ */
+ Assert(more >= 2, "more < 2");
+
+ n = read_buf(s->strm, s->window + s->strstart + s->lookahead, more);
+ s->lookahead += n;
+
+ /* Initialize the hash value now that we have some input: */
+ if (s->lookahead + s->insert >= MIN_MATCH) {
+ uInt str = s->strstart - s->insert;
+ s->ins_h = s->window[str];
+ UPDATE_HASH(s, s->ins_h, s->window[str + 1]);
+#if MIN_MATCH != 3
+ Call UPDATE_HASH() MIN_MATCH-3 more times
+#endif
+ while (s->insert) {
+ UPDATE_HASH(s, s->ins_h, s->window[str + MIN_MATCH-1]);
+#ifndef FASTEST
+ s->prev[str & s->w_mask] = s->head[s->ins_h];
+#endif
+ s->head[s->ins_h] = (Pos)str;
+ str++;
+ s->insert--;
+ if (s->lookahead + s->insert < MIN_MATCH)
+ break;
+ }
+ }
+ /* If the whole input has less than MIN_MATCH bytes, ins_h is garbage,
+ * but this is not important since only literal bytes will be emitted.
+ */
+
+ } while (s->lookahead < MIN_LOOKAHEAD && s->strm->avail_in != 0);
+
+ /* If the WIN_INIT bytes after the end of the current data have never been
+ * written, then zero those bytes in order to avoid memory check reports of
+ * the use of uninitialized (or uninitialised as Julian writes) bytes by
+ * the longest match routines. Update the high water mark for the next
+ * time through here. WIN_INIT is set to MAX_MATCH since the longest match
+ * routines allow scanning to strstart + MAX_MATCH, ignoring lookahead.
+ */
+ if (s->high_water < s->window_size) {
+ ulg curr = s->strstart + (ulg)(s->lookahead);
+ ulg init;
+
+ if (s->high_water < curr) {
+ /* Previous high water mark below current data -- zero WIN_INIT
+ * bytes or up to end of window, whichever is less.
+ */
+ init = s->window_size - curr;
+ if (init > WIN_INIT)
+ init = WIN_INIT;
+ zmemzero(s->window + curr, (unsigned)init);
+ s->high_water = curr + init;
+ }
+ else if (s->high_water < (ulg)curr + WIN_INIT) {
+ /* High water mark at or above current data, but below current data
+ * plus WIN_INIT -- zero out to current data plus WIN_INIT, or up
+ * to end of window, whichever is less.
+ */
+ init = (ulg)curr + WIN_INIT - s->high_water;
+ if (init > s->window_size - s->high_water)
+ init = s->window_size - s->high_water;
+ zmemzero(s->window + s->high_water, (unsigned)init);
+ s->high_water += init;
+ }
+ }
+
+ Assert((ulg)s->strstart <= s->window_size - MIN_LOOKAHEAD,
+ "not enough room for search");
+}
+
+/* ===========================================================================
+ * Flush the current block, with given end-of-file flag.
+ * IN assertion: strstart is set to the end of the current match.
+ */
+#define FLUSH_BLOCK_ONLY(s, last) { \
+ _tr_flush_block(s, (s->block_start >= 0L ? \
+ (charf *)&s->window[(unsigned)s->block_start] : \
+ (charf *)Z_NULL), \
+ (ulg)((long)s->strstart - s->block_start), \
+ (last)); \
+ s->block_start = s->strstart; \
+ flush_pending(s->strm); \
+ Tracev((stderr,"[FLUSH]")); \
+}
+
+/* Same but force premature exit if necessary. */
+#define FLUSH_BLOCK(s, last) { \
+ FLUSH_BLOCK_ONLY(s, last); \
+ if (s->strm->avail_out == 0) return (last) ? finish_started : need_more; \
+}
+
+/* ===========================================================================
+ * Copy without compression as much as possible from the input stream, return
+ * the current block state.
+ * This function does not insert new strings in the dictionary since
+ * uncompressible data is probably not useful. This function is used
+ * only for the level=0 compression option.
+ * NOTE: this function should be optimized to avoid extra copying from
+ * window to pending_buf.
+ */
+local block_state deflate_stored(s, flush)
+ deflate_state *s;
+ int flush;
+{
+ /* Stored blocks are limited to 0xffff bytes, pending_buf is limited
+ * to pending_buf_size, and each stored block has a 5 byte header:
+ */
+ ulg max_block_size = 0xffff;
+ ulg max_start;
+
+ if (max_block_size > s->pending_buf_size - 5) {
+ max_block_size = s->pending_buf_size - 5;
+ }
+
+ /* Copy as much as possible from input to output: */
+ for (;;) {
+ /* Fill the window as much as possible: */
+ if (s->lookahead <= 1) {
+
+ Assert(s->strstart < s->w_size+MAX_DIST(s) ||
+ s->block_start >= (long)s->w_size, "slide too late");
+
+ fill_window(s);
+ if (s->lookahead == 0 && flush == Z_NO_FLUSH) return need_more;
+
+ if (s->lookahead == 0) break; /* flush the current block */
+ }
+ Assert(s->block_start >= 0L, "block gone");
+
+ s->strstart += s->lookahead;
+ s->lookahead = 0;
+
+ /* Emit a stored block if pending_buf will be full: */
+ max_start = s->block_start + max_block_size;
+ if (s->strstart == 0 || (ulg)s->strstart >= max_start) {
+ /* strstart == 0 is possible when wraparound on 16-bit machine */
+ s->lookahead = (uInt)(s->strstart - max_start);
+ s->strstart = (uInt)max_start;
+ FLUSH_BLOCK(s, 0);
+ }
+ /* Flush if we may have to slide, otherwise block_start may become
+ * negative and the data will be gone:
+ */
+ if (s->strstart - (uInt)s->block_start >= MAX_DIST(s)) {
+ FLUSH_BLOCK(s, 0);
+ }
+ }
+ s->insert = 0;
+ if (flush == Z_FINISH) {
+ FLUSH_BLOCK(s, 1);
+ return finish_done;
+ }
+ if ((long)s->strstart > s->block_start)
+ FLUSH_BLOCK(s, 0);
+ return block_done;
+}
+
+/* ===========================================================================
+ * Compress as much as possible from the input stream, return the current
+ * block state.
+ * This function does not perform lazy evaluation of matches and inserts
+ * new strings in the dictionary only for unmatched strings or for short
+ * matches. It is used only for the fast compression options.
+ */
+local block_state deflate_fast(s, flush)
+ deflate_state *s;
+ int flush;
+{
+ IPos hash_head; /* head of the hash chain */
+ int bflush; /* set if current block must be flushed */
+
+ for (;;) {
+ /* Make sure that we always have enough lookahead, except
+ * at the end of the input file. We need MAX_MATCH bytes
+ * for the next match, plus MIN_MATCH bytes to insert the
+ * string following the next match.
+ */
+ if (s->lookahead < MIN_LOOKAHEAD) {
+ fill_window(s);
+ if (s->lookahead < MIN_LOOKAHEAD && flush == Z_NO_FLUSH) {
+ return need_more;
+ }
+ if (s->lookahead == 0) break; /* flush the current block */
+ }
+
+ /* Insert the string window[strstart .. strstart+2] in the
+ * dictionary, and set hash_head to the head of the hash chain:
+ */
+ hash_head = NIL;
+ if (s->lookahead >= MIN_MATCH) {
+ INSERT_STRING(s, s->strstart, hash_head);
+ }
+
+ /* Find the longest match, discarding those <= prev_length.
+ * At this point we have always match_length < MIN_MATCH
+ */
+ if (hash_head != NIL && s->strstart - hash_head <= MAX_DIST(s)) {
+ /* To simplify the code, we prevent matches with the string
+ * of window index 0 (in particular we have to avoid a match
+ * of the string with itself at the start of the input file).
+ */
+ s->match_length = longest_match (s, hash_head);
+ /* longest_match() sets match_start */
+ }
+ if (s->match_length >= MIN_MATCH) {
+ check_match(s, s->strstart, s->match_start, s->match_length);
+
+ _tr_tally_dist(s, s->strstart - s->match_start,
+ s->match_length - MIN_MATCH, bflush);
+
+ s->lookahead -= s->match_length;
+
+ /* Insert new strings in the hash table only if the match length
+ * is not too large. This saves time but degrades compression.
+ */
+#ifndef FASTEST
+ if (s->match_length <= s->max_insert_length &&
+ s->lookahead >= MIN_MATCH) {
+ s->match_length--; /* string at strstart already in table */
+ do {
+ s->strstart++;
+ INSERT_STRING(s, s->strstart, hash_head);
+ /* strstart never exceeds WSIZE-MAX_MATCH, so there are
+ * always MIN_MATCH bytes ahead.
+ */
+ } while (--s->match_length != 0);
+ s->strstart++;
+ } else
+#endif
+ {
+ s->strstart += s->match_length;
+ s->match_length = 0;
+ s->ins_h = s->window[s->strstart];
+ UPDATE_HASH(s, s->ins_h, s->window[s->strstart+1]);
+#if MIN_MATCH != 3
+ Call UPDATE_HASH() MIN_MATCH-3 more times
+#endif
+ /* If lookahead < MIN_MATCH, ins_h is garbage, but it does not
+ * matter since it will be recomputed at next deflate call.
+ */
+ }
+ } else {
+ /* No match, output a literal byte */
+ Tracevv((stderr,"%c", s->window[s->strstart]));
+ _tr_tally_lit (s, s->window[s->strstart], bflush);
+ s->lookahead--;
+ s->strstart++;
+ }
+ if (bflush) FLUSH_BLOCK(s, 0);
+ }
+ s->insert = s->strstart < MIN_MATCH-1 ? s->strstart : MIN_MATCH-1;
+ if (flush == Z_FINISH) {
+ FLUSH_BLOCK(s, 1);
+ return finish_done;
+ }
+ if (s->last_lit)
+ FLUSH_BLOCK(s, 0);
+ return block_done;
+}
+
+
+#ifdef ZLIB_PM3_TUNED
+local uInt try_harder(s, strstart, lookahead, hash_head)
+ deflate_state *s;
+ uInt strstart;
+ uInt lookahead;
+ IPos hash_head;
+{
+ uInt strstart_save = s->strstart;
+ s->strstart = strstart;
+ uInt lookahead_save = s->lookahead;
+ s->lookahead = lookahead;
+ uInt ins_h_save = s->ins_h;
+ uInt combined_gain;
+ uInt best_combined_gain = 0;
+ uInt match_length;
+ uInt prev_length = s->prev_length < MIN_MATCH ? 1 : s->prev_length;
+ uInt best_prev_length = prev_length;
+ uInt current_match_start = s->match_start;
+ uInt current_match_length = s->match_length;
+
+ do {
+ if (hash_head != NIL && s->strstart - hash_head <= MAX_DIST(s)) {
+ match_length = longest_match (s, hash_head);
+ /* longest_match() sets match_start */
+ } else {
+ match_length = MIN_MATCH - 1;
+ }
+#if TOO_FAR <= 32767
+ if (match_length == MIN_MATCH && s->strstart - s->match_start > TOO_FAR) {
+ match_length = MIN_MATCH-1;
+ }
+#endif
+ if (s->strstart == strstart) { // store match at current position
+ current_match_length = match_length;
+ current_match_start = s->match_start;
+ }
+ if (s->strstart - strstart + 1 < MIN_MATCH) { // previous match reduced to one or two literals
+ combined_gain = 0; // need one literal per byte: no gain (assuming 8 bits per literal)
+ } else {
+ combined_gain = s->strstart - strstart + 1 - MIN_MATCH; // (possibly truncated) previous_length - 3 literals
+ }
+ if (match_length < MIN_MATCH) {
+ combined_gain += 0; // no gain
+ } else {
+ combined_gain += match_length - MIN_MATCH; // match_length bytes are coded as three literals
+ }
+ if (combined_gain >= best_combined_gain) { // in case of a tie we prefer the longer prev_length
+ best_combined_gain = combined_gain;
+ best_prev_length = s->strstart - strstart + 1;
+ }
+ s->strstart++;
+ s->lookahead--;
+ UPDATE_HASH(s, s->ins_h, s->window[(s->strstart) + (MIN_MATCH-1)]);
+ hash_head = s->head[s->ins_h];
+ } while (s->strstart <= strstart-1 + prev_length // try to truncate the previous match to 1, 3, ... prev_length
+ && s->strstart <= s->window_size - MIN_LOOKAHEAD); // watch out for the end of the input
+
+ s->strstart = strstart_save;
+ s->lookahead = lookahead_save;
+ s->ins_h = ins_h_save;
+ s->match_length = current_match_length;
+ s->match_start = current_match_start;
+ if (best_prev_length >= MIN_MATCH) {
+ s->prev_length = best_prev_length;
+ s->match_length = MIN_MATCH - 1;
+ } else {
+ s->prev_length = MIN_MATCH - 1;
+ }
+ return best_combined_gain;
+}
+#endif
+
+
+
+#ifndef FASTEST
+/* ===========================================================================
+ * Same as above, but achieves better compression. We use a lazy
+ * evaluation for matches: a match is finally adopted only if there is
+ * no better match at the next window position.
+ */
+local block_state deflate_slow(s, flush)
+ deflate_state *s;
+ int flush;
+{
+ IPos hash_head; /* head of hash chain */
+ int bflush; /* set if current block must be flushed */
+
+ /* Process the input block. */
+ for (;;) {
+ /* Make sure that we always have enough lookahead, except
+ * at the end of the input file. We need MAX_MATCH bytes
+ * for the next match, plus MIN_MATCH bytes to insert the
+ * string following the next match.
+ */
+ if (s->lookahead < MIN_LOOKAHEAD) {
+ fill_window(s);
+ if (s->lookahead < MIN_LOOKAHEAD && flush == Z_NO_FLUSH) {
+ return need_more;
+ }
+ if (s->lookahead == 0) break; /* flush the current block */
+ }
+
+ /* Insert the string window[strstart .. strstart+2] in the
+ * dictionary, and set hash_head to the head of the hash chain:
+ */
+ hash_head = NIL;
+ if (s->lookahead >= MIN_MATCH) {
+ INSERT_STRING(s, s->strstart, hash_head);
+ }
+
+ /* Find the longest match, discarding those <= prev_length. */
+ s->prev_length = s->match_length, s->prev_match = s->match_start;
+ s->match_length = MIN_MATCH-1;
+
+#ifdef ZLIB_PM3_TUNED
+ if (s->prev_length < s->max_lazy_match) {
+ try_harder(s, s->strstart, s->lookahead, hash_head);
+ }
+
+#else
+ if (hash_head != NIL && s->prev_length < s->max_lazy_match &&
+ s->strstart - hash_head <= MAX_DIST(s)) {
+ /* To simplify the code, we prevent matches with the string
+ * of window index 0 (in particular we have to avoid a match
+ * of the string with itself at the start of the input file).
+ */
+ s->match_length = longest_match (s, hash_head);
+ /* longest_match() sets match_start */
+
+ if (s->match_length <= 5 && (s->strategy == Z_FILTERED
+#if TOO_FAR <= 32767
+ || (s->match_length == MIN_MATCH &&
+ s->strstart - s->match_start > TOO_FAR)
+#endif
+ )) {
+
+ /* If prev_match is also MIN_MATCH, match_start is garbage
+ * but we will ignore the current match anyway.
+ */
+ s->match_length = MIN_MATCH-1;
+ }
+ }
+#endif /* ZLIB_PM3_TUNED */
+ /* If there was a match at the previous step and the current
+ * match is not better, output the previous match:
+ */
+ if (s->prev_length >= MIN_MATCH && s->match_length <= s->prev_length) {
+ uInt max_insert = s->strstart + s->lookahead - MIN_MATCH;
+ /* Do not insert strings in hash table beyond this. */
+
+ check_match(s, s->strstart-1, s->prev_match, s->prev_length);
+
+ _tr_tally_dist(s, s->strstart -1 - s->prev_match,
+ s->prev_length - MIN_MATCH, bflush);
+
+ /* Insert in hash table all strings up to the end of the match.
+ * strstart-1 and strstart are already inserted. If there is not
+ * enough lookahead, the last two strings are not inserted in
+ * the hash table.
+ */
+ s->lookahead -= s->prev_length-1;
+ s->prev_length -= 2;
+ do {
+ if (++s->strstart <= max_insert) {
+ INSERT_STRING(s, s->strstart, hash_head);
+ }
+ } while (--s->prev_length != 0);
+ s->match_available = 0;
+ s->match_length = MIN_MATCH-1;
+ s->strstart++;
+
+ if (bflush) FLUSH_BLOCK(s, 0);
+
+ } else if (s->match_available) {
+ /* If there was no match at the previous position, output a
+ * single literal. If there was a match but the current match
+ * is longer, truncate the previous match to a single literal.
+ */
+ Tracevv((stderr,"%c", s->window[s->strstart-1]));
+ _tr_tally_lit(s, s->window[s->strstart-1], bflush);
+ if (bflush) {
+ FLUSH_BLOCK_ONLY(s, 0);
+ }
+ s->strstart++;
+ s->lookahead--;
+ if (s->strm->avail_out == 0) return need_more;
+ } else {
+ /* There is no previous match to compare with, wait for
+ * the next step to decide.
+ */
+ s->match_available = 1;
+ s->strstart++;
+ s->lookahead--;
+ }
+ }
+ Assert (flush != Z_NO_FLUSH, "no flush?");
+ if (s->match_available) {
+ Tracevv((stderr,"%c", s->window[s->strstart-1]));
+ _tr_tally_lit(s, s->window[s->strstart-1], bflush);
+ s->match_available = 0;
+ }
+ s->insert = s->strstart < MIN_MATCH-1 ? s->strstart : MIN_MATCH-1;
+ if (flush == Z_FINISH) {
+ FLUSH_BLOCK(s, 1);
+ return finish_done;
+ }
+ if (s->last_lit)
+ FLUSH_BLOCK(s, 0);
+ return block_done;
+}
+#endif /* FASTEST */
+
+/* ===========================================================================
+ * For Z_RLE, simply look for runs of bytes, generate matches only of distance
+ * one. Do not maintain a hash table. (It will be regenerated if this run of
+ * deflate switches away from Z_RLE.)
+ */
+local block_state deflate_rle(s, flush)
+ deflate_state *s;
+ int flush;
+{
+ int bflush; /* set if current block must be flushed */
+ uInt prev; /* byte at distance one to match */
+ Bytef *scan, *strend; /* scan goes up to strend for length of run */
+
+ for (;;) {
+ /* Make sure that we always have enough lookahead, except
+ * at the end of the input file. We need MAX_MATCH bytes
+ * for the longest run, plus one for the unrolled loop.
+ */
+ if (s->lookahead <= MAX_MATCH) {
+ fill_window(s);
+ if (s->lookahead <= MAX_MATCH && flush == Z_NO_FLUSH) {
+ return need_more;
+ }
+ if (s->lookahead == 0) break; /* flush the current block */
+ }
+
+ /* See how many times the previous byte repeats */
+ s->match_length = 0;
+ if (s->lookahead >= MIN_MATCH && s->strstart > 0) {
+ scan = s->window + s->strstart - 1;
+ prev = *scan;
+ if (prev == *++scan && prev == *++scan && prev == *++scan) {
+ strend = s->window + s->strstart + MAX_MATCH;
+ do {
+ } while (prev == *++scan && prev == *++scan &&
+ prev == *++scan && prev == *++scan &&
+ prev == *++scan && prev == *++scan &&
+ prev == *++scan && prev == *++scan &&
+ scan < strend);
+ s->match_length = MAX_MATCH - (int)(strend - scan);
+ if (s->match_length > s->lookahead)
+ s->match_length = s->lookahead;
+ }
+ Assert(scan <= s->window+(uInt)(s->window_size-1), "wild scan");
+ }
+
+ /* Emit match if have run of MIN_MATCH or longer, else emit literal */
+ if (s->match_length >= MIN_MATCH) {
+ check_match(s, s->strstart, s->strstart - 1, s->match_length);
+
+ _tr_tally_dist(s, 1, s->match_length - MIN_MATCH, bflush);
+
+ s->lookahead -= s->match_length;
+ s->strstart += s->match_length;
+ s->match_length = 0;
+ } else {
+ /* No match, output a literal byte */
+ Tracevv((stderr,"%c", s->window[s->strstart]));
+ _tr_tally_lit (s, s->window[s->strstart], bflush);
+ s->lookahead--;
+ s->strstart++;
+ }
+ if (bflush) FLUSH_BLOCK(s, 0);
+ }
+ s->insert = 0;
+ if (flush == Z_FINISH) {
+ FLUSH_BLOCK(s, 1);
+ return finish_done;
+ }
+ if (s->last_lit)
+ FLUSH_BLOCK(s, 0);
+ return block_done;
+}
+
+/* ===========================================================================
+ * For Z_HUFFMAN_ONLY, do not look for matches. Do not maintain a hash table.
+ * (It will be regenerated if this run of deflate switches away from Huffman.)
+ */
+local block_state deflate_huff(s, flush)
+ deflate_state *s;
+ int flush;
+{
+ int bflush; /* set if current block must be flushed */
+
+ for (;;) {
+ /* Make sure that we have a literal to write. */
+ if (s->lookahead == 0) {
+ fill_window(s);
+ if (s->lookahead == 0) {
+ if (flush == Z_NO_FLUSH)
+ return need_more;
+ break; /* flush the current block */
+ }
+ }
+
+ /* Output a literal byte */
+ s->match_length = 0;
+ Tracevv((stderr,"%c", s->window[s->strstart]));
+ _tr_tally_lit (s, s->window[s->strstart], bflush);
+ s->lookahead--;
+ s->strstart++;
+ if (bflush) FLUSH_BLOCK(s, 0);
+ }
+ s->insert = 0;
+ if (flush == Z_FINISH) {
+ FLUSH_BLOCK(s, 1);
+ return finish_done;
+ }
+ if (s->last_lit)
+ FLUSH_BLOCK(s, 0);
+ return block_done;
+}
--- /dev/null
+/* deflate.h -- internal compression state
+ * Copyright (C) 1995-2012 Jean-loup Gailly
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* WARNING: this file should *not* be used by applications. It is
+ part of the implementation of the compression library and is
+ subject to change. Applications should only use zlib.h.
+ */
+
+/* @(#) $Id$ */
+
+#ifndef DEFLATE_H
+#define DEFLATE_H
+
+#include "zutil.h"
+
+/* define NO_GZIP when compiling if you want to disable gzip header and
+ trailer creation by deflate(). NO_GZIP would be used to avoid linking in
+ the crc code when it is not needed. For shared libraries, gzip encoding
+ should be left enabled. */
+#ifndef NO_GZIP
+# define GZIP
+#endif
+
+/* ===========================================================================
+ * Internal compression state.
+ */
+
+#define LENGTH_CODES 29
+/* number of length codes, not counting the special END_BLOCK code */
+
+#define LITERALS 256
+/* number of literal bytes 0..255 */
+
+#define L_CODES (LITERALS+1+LENGTH_CODES)
+/* number of Literal or Length codes, including the END_BLOCK code */
+
+#define D_CODES 30
+/* number of distance codes */
+
+#define BL_CODES 19
+/* number of codes used to transfer the bit lengths */
+
+#define HEAP_SIZE (2*L_CODES+1)
+/* maximum heap size */
+
+#define MAX_BITS 15
+/* All codes must not exceed MAX_BITS bits */
+
+#define Buf_size 16
+/* size of bit buffer in bi_buf */
+
+#define INIT_STATE 42
+#define EXTRA_STATE 69
+#define NAME_STATE 73
+#define COMMENT_STATE 91
+#define HCRC_STATE 103
+#define BUSY_STATE 113
+#define FINISH_STATE 666
+/* Stream status */
+
+
+/* Data structure describing a single value and its code string. */
+typedef struct ct_data_s {
+ union {
+ ush freq; /* frequency count */
+ ush code; /* bit string */
+ } fc;
+ union {
+ ush dad; /* father node in Huffman tree */
+ ush len; /* length of bit string */
+ } dl;
+} FAR ct_data;
+
+#define Freq fc.freq
+#define Code fc.code
+#define Dad dl.dad
+#define Len dl.len
+
+typedef struct static_tree_desc_s static_tree_desc;
+
+typedef struct tree_desc_s {
+ ct_data *dyn_tree; /* the dynamic tree */
+ int max_code; /* largest code with non zero frequency */
+ static_tree_desc *stat_desc; /* the corresponding static tree */
+} FAR tree_desc;
+
+typedef ush Pos;
+typedef Pos FAR Posf;
+typedef unsigned IPos;
+
+/* A Pos is an index in the character window. We use short instead of int to
+ * save space in the various tables. IPos is used only for parameter passing.
+ */
+
+typedef struct internal_state {
+ z_streamp strm; /* pointer back to this zlib stream */
+ int status; /* as the name implies */
+ Bytef *pending_buf; /* output still pending */
+ ulg pending_buf_size; /* size of pending_buf */
+ Bytef *pending_out; /* next pending byte to output to the stream */
+ uInt pending; /* nb of bytes in the pending buffer */
+ int wrap; /* bit 0 true for zlib, bit 1 true for gzip */
+ gz_headerp gzhead; /* gzip header information to write */
+ uInt gzindex; /* where in extra, name, or comment */
+ Byte method; /* can only be DEFLATED */
+ int last_flush; /* value of flush param for previous deflate call */
+
+ /* used by deflate.c: */
+
+ uInt w_size; /* LZ77 window size (32K by default) */
+ uInt w_bits; /* log2(w_size) (8..16) */
+ uInt w_mask; /* w_size - 1 */
+
+ Bytef *window;
+ /* Sliding window. Input bytes are read into the second half of the window,
+ * and move to the first half later to keep a dictionary of at least wSize
+ * bytes. With this organization, matches are limited to a distance of
+ * wSize-MAX_MATCH bytes, but this ensures that IO is always
+ * performed with a length multiple of the block size. Also, it limits
+ * the window size to 64K, which is quite useful on MSDOS.
+ * To do: use the user input buffer as sliding window.
+ */
+
+ ulg window_size;
+ /* Actual size of window: 2*wSize, except when the user input buffer
+ * is directly used as sliding window.
+ */
+
+ Posf *prev;
+ /* Link to older string with same hash index. To limit the size of this
+ * array to 64K, this link is maintained only for the last 32K strings.
+ * An index in this array is thus a window index modulo 32K.
+ */
+
+ Posf *head; /* Heads of the hash chains or NIL. */
+
+ uInt ins_h; /* hash index of string to be inserted */
+ uInt hash_size; /* number of elements in hash table */
+ uInt hash_bits; /* log2(hash_size) */
+ uInt hash_mask; /* hash_size-1 */
+
+ uInt hash_shift;
+ /* Number of bits by which ins_h must be shifted at each input
+ * step. It must be such that after MIN_MATCH steps, the oldest
+ * byte no longer takes part in the hash key, that is:
+ * hash_shift * MIN_MATCH >= hash_bits
+ */
+
+ long block_start;
+ /* Window position at the beginning of the current output block. Gets
+ * negative when the window is moved backwards.
+ */
+
+ uInt match_length; /* length of best match */
+ IPos prev_match; /* previous match */
+ int match_available; /* set if previous match exists */
+ uInt strstart; /* start of string to insert */
+ uInt match_start; /* start of matching string */
+ uInt lookahead; /* number of valid bytes ahead in window */
+
+ uInt prev_length;
+ /* Length of the best match at previous step. Matches not greater than this
+ * are discarded. This is used in the lazy match evaluation.
+ */
+
+ uInt max_chain_length;
+ /* To speed up deflation, hash chains are never searched beyond this
+ * length. A higher limit improves compression ratio but degrades the
+ * speed.
+ */
+
+ uInt max_lazy_match;
+ /* Attempt to find a better match only when the current match is strictly
+ * smaller than this value. This mechanism is used only for compression
+ * levels >= 4.
+ */
+# define max_insert_length max_lazy_match
+ /* Insert new strings in the hash table only if the match length is not
+ * greater than this length. This saves time but degrades compression.
+ * max_insert_length is used only for compression levels <= 3.
+ */
+
+ int level; /* compression level (1..9) */
+ int strategy; /* favor or force Huffman coding*/
+
+ uInt good_match;
+ /* Use a faster search when the previous match is longer than this */
+
+ int nice_match; /* Stop searching when current match exceeds this */
+
+ /* used by trees.c: */
+ /* Didn't use ct_data typedef below to suppress compiler warning */
+ struct ct_data_s dyn_ltree[HEAP_SIZE]; /* literal and length tree */
+ struct ct_data_s dyn_dtree[2*D_CODES+1]; /* distance tree */
+ struct ct_data_s bl_tree[2*BL_CODES+1]; /* Huffman tree for bit lengths */
+
+ struct tree_desc_s l_desc; /* desc. for literal tree */
+ struct tree_desc_s d_desc; /* desc. for distance tree */
+ struct tree_desc_s bl_desc; /* desc. for bit length tree */
+
+ ush bl_count[MAX_BITS+1];
+ /* number of codes at each bit length for an optimal tree */
+
+ int heap[2*L_CODES+1]; /* heap used to build the Huffman trees */
+ int heap_len; /* number of elements in the heap */
+ int heap_max; /* element of largest frequency */
+ /* The sons of heap[n] are heap[2*n] and heap[2*n+1]. heap[0] is not used.
+ * The same heap array is used to build all trees.
+ */
+
+ uch depth[2*L_CODES+1];
+ /* Depth of each subtree used as tie breaker for trees of equal frequency
+ */
+
+ uchf *l_buf; /* buffer for literals or lengths */
+
+ uInt lit_bufsize;
+ /* Size of match buffer for literals/lengths. There are 4 reasons for
+ * limiting lit_bufsize to 64K:
+ * - frequencies can be kept in 16 bit counters
+ * - if compression is not successful for the first block, all input
+ * data is still in the window so we can still emit a stored block even
+ * when input comes from standard input. (This can also be done for
+ * all blocks if lit_bufsize is not greater than 32K.)
+ * - if compression is not successful for a file smaller than 64K, we can
+ * even emit a stored file instead of a stored block (saving 5 bytes).
+ * This is applicable only for zip (not gzip or zlib).
+ * - creating new Huffman trees less frequently may not provide fast
+ * adaptation to changes in the input data statistics. (Take for
+ * example a binary file with poorly compressible code followed by
+ * a highly compressible string table.) Smaller buffer sizes give
+ * fast adaptation but have of course the overhead of transmitting
+ * trees more frequently.
+ * - I can't count above 4
+ */
+
+ uInt last_lit; /* running index in l_buf */
+
+ ushf *d_buf;
+ /* Buffer for distances. To simplify the code, d_buf and l_buf have
+ * the same number of elements. To use different lengths, an extra flag
+ * array would be necessary.
+ */
+
+ ulg opt_len; /* bit length of current block with optimal trees */
+ ulg static_len; /* bit length of current block with static trees */
+ uInt matches; /* number of string matches in current block */
+ uInt insert; /* bytes at end of window left to insert */
+
+#ifdef DEBUG
+ ulg compressed_len; /* total bit length of compressed file mod 2^32 */
+ ulg bits_sent; /* bit length of compressed data sent mod 2^32 */
+#endif
+
+ ush bi_buf;
+ /* Output buffer. bits are inserted starting at the bottom (least
+ * significant bits).
+ */
+ int bi_valid;
+ /* Number of valid bits in bi_buf. All bits above the last valid bit
+ * are always zero.
+ */
+
+ ulg high_water;
+ /* High water mark offset in window for initialized bytes -- bytes above
+ * this are set to zero in order to avoid memory check warnings when
+ * longest match routines access bytes past the input. This is then
+ * updated to the new high water mark.
+ */
+
+} FAR deflate_state;
+
+/* Output a byte on the stream.
+ * IN assertion: there is enough room in pending_buf.
+ */
+#define put_byte(s, c) {s->pending_buf[s->pending++] = (c);}
+
+
+#define MIN_LOOKAHEAD (MAX_MATCH+MIN_MATCH+1)
+/* Minimum amount of lookahead, except at the end of the input file.
+ * See deflate.c for comments about the MIN_MATCH+1.
+ */
+
+#define MAX_DIST(s) ((s)->w_size-MIN_LOOKAHEAD)
+/* In order to simplify the code, particularly on 16 bit machines, match
+ * distances are limited to MAX_DIST instead of WSIZE.
+ */
+
+#define WIN_INIT MAX_MATCH
+/* Number of bytes after end of data in window to initialize in order to avoid
+ memory checker errors from longest match routines */
+
+ /* in trees.c */
+void ZLIB_INTERNAL _tr_init OF((deflate_state *s));
+int ZLIB_INTERNAL _tr_tally OF((deflate_state *s, unsigned dist, unsigned lc));
+void ZLIB_INTERNAL _tr_flush_block OF((deflate_state *s, charf *buf,
+ ulg stored_len, int last));
+void ZLIB_INTERNAL _tr_flush_bits OF((deflate_state *s));
+void ZLIB_INTERNAL _tr_align OF((deflate_state *s));
+void ZLIB_INTERNAL _tr_stored_block OF((deflate_state *s, charf *buf,
+ ulg stored_len, int last));
+
+#define d_code(dist) \
+ ((dist) < 256 ? _dist_code[dist] : _dist_code[256+((dist)>>7)])
+/* Mapping from a distance to a distance code. dist is the distance - 1 and
+ * must not have side effects. _dist_code[256] and _dist_code[257] are never
+ * used.
+ */
+
+#ifndef DEBUG
+/* Inline versions of _tr_tally for speed: */
+
+#if defined(GEN_TREES_H) || !defined(STDC)
+ extern uch ZLIB_INTERNAL _length_code[];
+ extern uch ZLIB_INTERNAL _dist_code[];
+#else
+ extern const uch ZLIB_INTERNAL _length_code[];
+ extern const uch ZLIB_INTERNAL _dist_code[];
+#endif
+
+# define _tr_tally_lit(s, c, flush) \
+ { uch cc = (c); \
+ s->d_buf[s->last_lit] = 0; \
+ s->l_buf[s->last_lit++] = cc; \
+ s->dyn_ltree[cc].Freq++; \
+ flush = (s->last_lit == s->lit_bufsize-1); \
+ }
+# define _tr_tally_dist(s, distance, length, flush) \
+ { uch len = (length); \
+ ush dist = (distance); \
+ s->d_buf[s->last_lit] = dist; \
+ s->l_buf[s->last_lit++] = len; \
+ dist--; \
+ s->dyn_ltree[_length_code[len]+LITERALS+1].Freq++; \
+ s->dyn_dtree[d_code(dist)].Freq++; \
+ flush = (s->last_lit == s->lit_bufsize-1); \
+ }
+#else
+# define _tr_tally_lit(s, c, flush) flush = _tr_tally(s, 0, c)
+# define _tr_tally_dist(s, distance, length, flush) \
+ flush = _tr_tally(s, distance, length)
+#endif
+
+#endif /* DEFLATE_H */
--- /dev/null
+/* inffast.c -- fast decoding
+ * Copyright (C) 1995-2008, 2010, 2013 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+#include "zutil.h"
+#include "inftrees.h"
+#include "inflate.h"
+#include "inffast.h"
+
+#ifndef ASMINF
+
+/* Allow machine dependent optimization for post-increment or pre-increment.
+ Based on testing to date,
+ Pre-increment preferred for:
+ - PowerPC G3 (Adler)
+ - MIPS R5000 (Randers-Pehrson)
+ Post-increment preferred for:
+ - none
+ No measurable difference:
+ - Pentium III (Anderson)
+ - M68060 (Nikl)
+ */
+#ifdef POSTINC
+# define OFF 0
+# define PUP(a) *(a)++
+#else
+# define OFF 1
+# define PUP(a) *++(a)
+#endif
+
+/*
+ Decode literal, length, and distance codes and write out the resulting
+ literal and match bytes until either not enough input or output is
+ available, an end-of-block is encountered, or a data error is encountered.
+ When large enough input and output buffers are supplied to inflate(), for
+ example, a 16K input buffer and a 64K output buffer, more than 95% of the
+ inflate execution time is spent in this routine.
+
+ Entry assumptions:
+
+ state->mode == LEN
+ strm->avail_in >= 6
+ strm->avail_out >= 258
+ start >= strm->avail_out
+ state->bits < 8
+
+ On return, state->mode is one of:
+
+ LEN -- ran out of enough output space or enough available input
+ TYPE -- reached end of block code, inflate() to interpret next block
+ BAD -- error in block data
+
+ Notes:
+
+ - The maximum input bits used by a length/distance pair is 15 bits for the
+ length code, 5 bits for the length extra, 15 bits for the distance code,
+ and 13 bits for the distance extra. This totals 48 bits, or six bytes.
+ Therefore if strm->avail_in >= 6, then there is enough input to avoid
+ checking for available input while decoding.
+
+ - The maximum bytes that a single length/distance pair can output is 258
+ bytes, which is the maximum length that can be coded. inflate_fast()
+ requires strm->avail_out >= 258 for each loop to avoid checking for
+ output space.
+ */
+void ZLIB_INTERNAL inflate_fast(strm, start)
+z_streamp strm;
+unsigned start; /* inflate()'s starting value for strm->avail_out */
+{
+ struct inflate_state FAR *state;
+ z_const unsigned char FAR *in; /* local strm->next_in */
+ z_const unsigned char FAR *last; /* have enough input while in < last */
+ unsigned char FAR *out; /* local strm->next_out */
+ unsigned char FAR *beg; /* inflate()'s initial strm->next_out */
+ unsigned char FAR *end; /* while out < end, enough space available */
+#ifdef INFLATE_STRICT
+ unsigned dmax; /* maximum distance from zlib header */
+#endif
+ unsigned wsize; /* window size or zero if not using window */
+ unsigned whave; /* valid bytes in the window */
+ unsigned wnext; /* window write index */
+ unsigned char FAR *window; /* allocated sliding window, if wsize != 0 */
+ unsigned long hold; /* local strm->hold */
+ unsigned bits; /* local strm->bits */
+ code const FAR *lcode; /* local strm->lencode */
+ code const FAR *dcode; /* local strm->distcode */
+ unsigned lmask; /* mask for first level of length codes */
+ unsigned dmask; /* mask for first level of distance codes */
+ code here; /* retrieved table entry */
+ unsigned op; /* code bits, operation, extra bits, or */
+ /* window position, window bytes to copy */
+ unsigned len; /* match length, unused bytes */
+ unsigned dist; /* match distance */
+ unsigned char FAR *from; /* where to copy match from */
+
+ /* copy state to local variables */
+ state = (struct inflate_state FAR *)strm->state;
+ in = strm->next_in - OFF;
+ last = in + (strm->avail_in - 5);
+ out = strm->next_out - OFF;
+ beg = out - (start - strm->avail_out);
+ end = out + (strm->avail_out - 257);
+#ifdef INFLATE_STRICT
+ dmax = state->dmax;
+#endif
+ wsize = state->wsize;
+ whave = state->whave;
+ wnext = state->wnext;
+ window = state->window;
+ hold = state->hold;
+ bits = state->bits;
+ lcode = state->lencode;
+ dcode = state->distcode;
+ lmask = (1U << state->lenbits) - 1;
+ dmask = (1U << state->distbits) - 1;
+
+ /* decode literals and length/distances until end-of-block or not enough
+ input data or output space */
+ do {
+ if (bits < 15) {
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ }
+ here = lcode[hold & lmask];
+ dolen:
+ op = (unsigned)(here.bits);
+ hold >>= op;
+ bits -= op;
+ op = (unsigned)(here.op);
+ if (op == 0) { /* literal */
+ Tracevv((stderr, here.val >= 0x20 && here.val < 0x7f ?
+ "inflate: literal '%c'\n" :
+ "inflate: literal 0x%02x\n", here.val));
+ PUP(out) = (unsigned char)(here.val);
+ }
+ else if (op & 16) { /* length base */
+ len = (unsigned)(here.val);
+ op &= 15; /* number of extra bits */
+ if (op) {
+ if (bits < op) {
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ }
+ len += (unsigned)hold & ((1U << op) - 1);
+ hold >>= op;
+ bits -= op;
+ }
+ Tracevv((stderr, "inflate: length %u\n", len));
+ if (bits < 15) {
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ }
+ here = dcode[hold & dmask];
+ dodist:
+ op = (unsigned)(here.bits);
+ hold >>= op;
+ bits -= op;
+ op = (unsigned)(here.op);
+ if (op & 16) { /* distance base */
+ dist = (unsigned)(here.val);
+ op &= 15; /* number of extra bits */
+ if (bits < op) {
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ if (bits < op) {
+ hold += (unsigned long)(PUP(in)) << bits;
+ bits += 8;
+ }
+ }
+ dist += (unsigned)hold & ((1U << op) - 1);
+#ifdef INFLATE_STRICT
+ if (dist > dmax) {
+ strm->msg = (char *)"invalid distance too far back";
+ state->mode = BAD;
+ break;
+ }
+#endif
+ hold >>= op;
+ bits -= op;
+ Tracevv((stderr, "inflate: distance %u\n", dist));
+ op = (unsigned)(out - beg); /* max distance in output */
+ if (dist > op) { /* see if copy from window */
+ op = dist - op; /* distance back in window */
+ if (op > whave) {
+ if (state->sane) {
+ strm->msg =
+ (char *)"invalid distance too far back";
+ state->mode = BAD;
+ break;
+ }
+#ifdef INFLATE_ALLOW_INVALID_DISTANCE_TOOFAR_ARRR
+ if (len <= op - whave) {
+ do {
+ PUP(out) = 0;
+ } while (--len);
+ continue;
+ }
+ len -= op - whave;
+ do {
+ PUP(out) = 0;
+ } while (--op > whave);
+ if (op == 0) {
+ from = out - dist;
+ do {
+ PUP(out) = PUP(from);
+ } while (--len);
+ continue;
+ }
+#endif
+ }
+ from = window - OFF;
+ if (wnext == 0) { /* very common case */
+ from += wsize - op;
+ if (op < len) { /* some from window */
+ len -= op;
+ do {
+ PUP(out) = PUP(from);
+ } while (--op);
+ from = out - dist; /* rest from output */
+ }
+ }
+ else if (wnext < op) { /* wrap around window */
+ from += wsize + wnext - op;
+ op -= wnext;
+ if (op < len) { /* some from end of window */
+ len -= op;
+ do {
+ PUP(out) = PUP(from);
+ } while (--op);
+ from = window - OFF;
+ if (wnext < len) { /* some from start of window */
+ op = wnext;
+ len -= op;
+ do {
+ PUP(out) = PUP(from);
+ } while (--op);
+ from = out - dist; /* rest from output */
+ }
+ }
+ }
+ else { /* contiguous in window */
+ from += wnext - op;
+ if (op < len) { /* some from window */
+ len -= op;
+ do {
+ PUP(out) = PUP(from);
+ } while (--op);
+ from = out - dist; /* rest from output */
+ }
+ }
+ while (len > 2) {
+ PUP(out) = PUP(from);
+ PUP(out) = PUP(from);
+ PUP(out) = PUP(from);
+ len -= 3;
+ }
+ if (len) {
+ PUP(out) = PUP(from);
+ if (len > 1)
+ PUP(out) = PUP(from);
+ }
+ }
+ else {
+ from = out - dist; /* copy direct from output */
+ do { /* minimum length is three */
+ PUP(out) = PUP(from);
+ PUP(out) = PUP(from);
+ PUP(out) = PUP(from);
+ len -= 3;
+ } while (len > 2);
+ if (len) {
+ PUP(out) = PUP(from);
+ if (len > 1)
+ PUP(out) = PUP(from);
+ }
+ }
+ }
+ else if ((op & 64) == 0) { /* 2nd level distance code */
+ here = dcode[here.val + (hold & ((1U << op) - 1))];
+ goto dodist;
+ }
+ else {
+ strm->msg = (char *)"invalid distance code";
+ state->mode = BAD;
+ break;
+ }
+ }
+ else if ((op & 64) == 0) { /* 2nd level length code */
+ here = lcode[here.val + (hold & ((1U << op) - 1))];
+ goto dolen;
+ }
+ else if (op & 32) { /* end-of-block */
+ Tracevv((stderr, "inflate: end of block\n"));
+ state->mode = TYPE;
+ break;
+ }
+ else {
+ strm->msg = (char *)"invalid literal/length code";
+ state->mode = BAD;
+ break;
+ }
+ } while (in < last && out < end);
+
+ /* return unused bytes (on entry, bits < 8, so in won't go too far back) */
+ len = bits >> 3;
+ in -= len;
+ bits -= len << 3;
+ hold &= (1U << bits) - 1;
+
+ /* update state and return */
+ strm->next_in = in + OFF;
+ strm->next_out = out + OFF;
+ strm->avail_in = (unsigned)(in < last ? 5 + (last - in) : 5 - (in - last));
+ strm->avail_out = (unsigned)(out < end ?
+ 257 + (end - out) : 257 - (out - end));
+ state->hold = hold;
+ state->bits = bits;
+ return;
+}
+
+/*
+ inflate_fast() speedups that turned out slower (on a PowerPC G3 750CXe):
+ - Using bit fields for code structure
+ - Different op definition to avoid & for extra bits (do & for table bits)
+ - Three separate decoding do-loops for direct, window, and wnext == 0
+ - Special case for distance > 1 copies to do overlapped load and store copy
+ - Explicit branch predictions (based on measured branch probabilities)
+ - Deferring match copy and interspersed it with decoding subsequent codes
+ - Swapping literal/length else
+ - Swapping window/direct else
+ - Larger unrolled copy loops (three is about right)
+ - Moving len -= 3 statement into middle of loop
+ */
+
+#endif /* !ASMINF */
--- /dev/null
+/* inffast.h -- header to use inffast.c
+ * Copyright (C) 1995-2003, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* WARNING: this file should *not* be used by applications. It is
+ part of the implementation of the compression library and is
+ subject to change. Applications should only use zlib.h.
+ */
+
+void ZLIB_INTERNAL inflate_fast OF((z_streamp strm, unsigned start));
--- /dev/null
+ /* inffixed.h -- table for decoding fixed codes
+ * Generated automatically by makefixed().
+ */
+
+ /* WARNING: this file should *not* be used by applications.
+ It is part of the implementation of this library and is
+ subject to change. Applications should only use zlib.h.
+ */
+
+ static const code lenfix[512] = {
+ {96,7,0},{0,8,80},{0,8,16},{20,8,115},{18,7,31},{0,8,112},{0,8,48},
+ {0,9,192},{16,7,10},{0,8,96},{0,8,32},{0,9,160},{0,8,0},{0,8,128},
+ {0,8,64},{0,9,224},{16,7,6},{0,8,88},{0,8,24},{0,9,144},{19,7,59},
+ {0,8,120},{0,8,56},{0,9,208},{17,7,17},{0,8,104},{0,8,40},{0,9,176},
+ {0,8,8},{0,8,136},{0,8,72},{0,9,240},{16,7,4},{0,8,84},{0,8,20},
+ {21,8,227},{19,7,43},{0,8,116},{0,8,52},{0,9,200},{17,7,13},{0,8,100},
+ {0,8,36},{0,9,168},{0,8,4},{0,8,132},{0,8,68},{0,9,232},{16,7,8},
+ {0,8,92},{0,8,28},{0,9,152},{20,7,83},{0,8,124},{0,8,60},{0,9,216},
+ {18,7,23},{0,8,108},{0,8,44},{0,9,184},{0,8,12},{0,8,140},{0,8,76},
+ {0,9,248},{16,7,3},{0,8,82},{0,8,18},{21,8,163},{19,7,35},{0,8,114},
+ {0,8,50},{0,9,196},{17,7,11},{0,8,98},{0,8,34},{0,9,164},{0,8,2},
+ {0,8,130},{0,8,66},{0,9,228},{16,7,7},{0,8,90},{0,8,26},{0,9,148},
+ {20,7,67},{0,8,122},{0,8,58},{0,9,212},{18,7,19},{0,8,106},{0,8,42},
+ {0,9,180},{0,8,10},{0,8,138},{0,8,74},{0,9,244},{16,7,5},{0,8,86},
+ {0,8,22},{64,8,0},{19,7,51},{0,8,118},{0,8,54},{0,9,204},{17,7,15},
+ {0,8,102},{0,8,38},{0,9,172},{0,8,6},{0,8,134},{0,8,70},{0,9,236},
+ {16,7,9},{0,8,94},{0,8,30},{0,9,156},{20,7,99},{0,8,126},{0,8,62},
+ {0,9,220},{18,7,27},{0,8,110},{0,8,46},{0,9,188},{0,8,14},{0,8,142},
+ {0,8,78},{0,9,252},{96,7,0},{0,8,81},{0,8,17},{21,8,131},{18,7,31},
+ {0,8,113},{0,8,49},{0,9,194},{16,7,10},{0,8,97},{0,8,33},{0,9,162},
+ {0,8,1},{0,8,129},{0,8,65},{0,9,226},{16,7,6},{0,8,89},{0,8,25},
+ {0,9,146},{19,7,59},{0,8,121},{0,8,57},{0,9,210},{17,7,17},{0,8,105},
+ {0,8,41},{0,9,178},{0,8,9},{0,8,137},{0,8,73},{0,9,242},{16,7,4},
+ {0,8,85},{0,8,21},{16,8,258},{19,7,43},{0,8,117},{0,8,53},{0,9,202},
+ {17,7,13},{0,8,101},{0,8,37},{0,9,170},{0,8,5},{0,8,133},{0,8,69},
+ {0,9,234},{16,7,8},{0,8,93},{0,8,29},{0,9,154},{20,7,83},{0,8,125},
+ {0,8,61},{0,9,218},{18,7,23},{0,8,109},{0,8,45},{0,9,186},{0,8,13},
+ {0,8,141},{0,8,77},{0,9,250},{16,7,3},{0,8,83},{0,8,19},{21,8,195},
+ {19,7,35},{0,8,115},{0,8,51},{0,9,198},{17,7,11},{0,8,99},{0,8,35},
+ {0,9,166},{0,8,3},{0,8,131},{0,8,67},{0,9,230},{16,7,7},{0,8,91},
+ {0,8,27},{0,9,150},{20,7,67},{0,8,123},{0,8,59},{0,9,214},{18,7,19},
+ {0,8,107},{0,8,43},{0,9,182},{0,8,11},{0,8,139},{0,8,75},{0,9,246},
+ {16,7,5},{0,8,87},{0,8,23},{64,8,0},{19,7,51},{0,8,119},{0,8,55},
+ {0,9,206},{17,7,15},{0,8,103},{0,8,39},{0,9,174},{0,8,7},{0,8,135},
+ {0,8,71},{0,9,238},{16,7,9},{0,8,95},{0,8,31},{0,9,158},{20,7,99},
+ {0,8,127},{0,8,63},{0,9,222},{18,7,27},{0,8,111},{0,8,47},{0,9,190},
+ {0,8,15},{0,8,143},{0,8,79},{0,9,254},{96,7,0},{0,8,80},{0,8,16},
+ {20,8,115},{18,7,31},{0,8,112},{0,8,48},{0,9,193},{16,7,10},{0,8,96},
+ {0,8,32},{0,9,161},{0,8,0},{0,8,128},{0,8,64},{0,9,225},{16,7,6},
+ {0,8,88},{0,8,24},{0,9,145},{19,7,59},{0,8,120},{0,8,56},{0,9,209},
+ {17,7,17},{0,8,104},{0,8,40},{0,9,177},{0,8,8},{0,8,136},{0,8,72},
+ {0,9,241},{16,7,4},{0,8,84},{0,8,20},{21,8,227},{19,7,43},{0,8,116},
+ {0,8,52},{0,9,201},{17,7,13},{0,8,100},{0,8,36},{0,9,169},{0,8,4},
+ {0,8,132},{0,8,68},{0,9,233},{16,7,8},{0,8,92},{0,8,28},{0,9,153},
+ {20,7,83},{0,8,124},{0,8,60},{0,9,217},{18,7,23},{0,8,108},{0,8,44},
+ {0,9,185},{0,8,12},{0,8,140},{0,8,76},{0,9,249},{16,7,3},{0,8,82},
+ {0,8,18},{21,8,163},{19,7,35},{0,8,114},{0,8,50},{0,9,197},{17,7,11},
+ {0,8,98},{0,8,34},{0,9,165},{0,8,2},{0,8,130},{0,8,66},{0,9,229},
+ {16,7,7},{0,8,90},{0,8,26},{0,9,149},{20,7,67},{0,8,122},{0,8,58},
+ {0,9,213},{18,7,19},{0,8,106},{0,8,42},{0,9,181},{0,8,10},{0,8,138},
+ {0,8,74},{0,9,245},{16,7,5},{0,8,86},{0,8,22},{64,8,0},{19,7,51},
+ {0,8,118},{0,8,54},{0,9,205},{17,7,15},{0,8,102},{0,8,38},{0,9,173},
+ {0,8,6},{0,8,134},{0,8,70},{0,9,237},{16,7,9},{0,8,94},{0,8,30},
+ {0,9,157},{20,7,99},{0,8,126},{0,8,62},{0,9,221},{18,7,27},{0,8,110},
+ {0,8,46},{0,9,189},{0,8,14},{0,8,142},{0,8,78},{0,9,253},{96,7,0},
+ {0,8,81},{0,8,17},{21,8,131},{18,7,31},{0,8,113},{0,8,49},{0,9,195},
+ {16,7,10},{0,8,97},{0,8,33},{0,9,163},{0,8,1},{0,8,129},{0,8,65},
+ {0,9,227},{16,7,6},{0,8,89},{0,8,25},{0,9,147},{19,7,59},{0,8,121},
+ {0,8,57},{0,9,211},{17,7,17},{0,8,105},{0,8,41},{0,9,179},{0,8,9},
+ {0,8,137},{0,8,73},{0,9,243},{16,7,4},{0,8,85},{0,8,21},{16,8,258},
+ {19,7,43},{0,8,117},{0,8,53},{0,9,203},{17,7,13},{0,8,101},{0,8,37},
+ {0,9,171},{0,8,5},{0,8,133},{0,8,69},{0,9,235},{16,7,8},{0,8,93},
+ {0,8,29},{0,9,155},{20,7,83},{0,8,125},{0,8,61},{0,9,219},{18,7,23},
+ {0,8,109},{0,8,45},{0,9,187},{0,8,13},{0,8,141},{0,8,77},{0,9,251},
+ {16,7,3},{0,8,83},{0,8,19},{21,8,195},{19,7,35},{0,8,115},{0,8,51},
+ {0,9,199},{17,7,11},{0,8,99},{0,8,35},{0,9,167},{0,8,3},{0,8,131},
+ {0,8,67},{0,9,231},{16,7,7},{0,8,91},{0,8,27},{0,9,151},{20,7,67},
+ {0,8,123},{0,8,59},{0,9,215},{18,7,19},{0,8,107},{0,8,43},{0,9,183},
+ {0,8,11},{0,8,139},{0,8,75},{0,9,247},{16,7,5},{0,8,87},{0,8,23},
+ {64,8,0},{19,7,51},{0,8,119},{0,8,55},{0,9,207},{17,7,15},{0,8,103},
+ {0,8,39},{0,9,175},{0,8,7},{0,8,135},{0,8,71},{0,9,239},{16,7,9},
+ {0,8,95},{0,8,31},{0,9,159},{20,7,99},{0,8,127},{0,8,63},{0,9,223},
+ {18,7,27},{0,8,111},{0,8,47},{0,9,191},{0,8,15},{0,8,143},{0,8,79},
+ {0,9,255}
+ };
+
+ static const code distfix[32] = {
+ {16,5,1},{23,5,257},{19,5,17},{27,5,4097},{17,5,5},{25,5,1025},
+ {21,5,65},{29,5,16385},{16,5,3},{24,5,513},{20,5,33},{28,5,8193},
+ {18,5,9},{26,5,2049},{22,5,129},{64,5,0},{16,5,2},{23,5,385},
+ {19,5,25},{27,5,6145},{17,5,7},{25,5,1537},{21,5,97},{29,5,24577},
+ {16,5,4},{24,5,769},{20,5,49},{28,5,12289},{18,5,13},{26,5,3073},
+ {22,5,193},{64,5,0}
+ };
--- /dev/null
+/* inflate.c -- zlib decompression
+ * Copyright (C) 1995-2012 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/*
+ * Change history:
+ *
+ * 1.2.beta0 24 Nov 2002
+ * - First version -- complete rewrite of inflate to simplify code, avoid
+ * creation of window when not needed, minimize use of window when it is
+ * needed, make inffast.c even faster, implement gzip decoding, and to
+ * improve code readability and style over the previous zlib inflate code
+ *
+ * 1.2.beta1 25 Nov 2002
+ * - Use pointers for available input and output checking in inffast.c
+ * - Remove input and output counters in inffast.c
+ * - Change inffast.c entry and loop from avail_in >= 7 to >= 6
+ * - Remove unnecessary second byte pull from length extra in inffast.c
+ * - Unroll direct copy to three copies per loop in inffast.c
+ *
+ * 1.2.beta2 4 Dec 2002
+ * - Change external routine names to reduce potential conflicts
+ * - Correct filename to inffixed.h for fixed tables in inflate.c
+ * - Make hbuf[] unsigned char to match parameter type in inflate.c
+ * - Change strm->next_out[-state->offset] to *(strm->next_out - state->offset)
+ * to avoid negation problem on Alphas (64 bit) in inflate.c
+ *
+ * 1.2.beta3 22 Dec 2002
+ * - Add comments on state->bits assertion in inffast.c
+ * - Add comments on op field in inftrees.h
+ * - Fix bug in reuse of allocated window after inflateReset()
+ * - Remove bit fields--back to byte structure for speed
+ * - Remove distance extra == 0 check in inflate_fast()--only helps for lengths
+ * - Change post-increments to pre-increments in inflate_fast(), PPC biased?
+ * - Add compile time option, POSTINC, to use post-increments instead (Intel?)
+ * - Make MATCH copy in inflate() much faster for when inflate_fast() not used
+ * - Use local copies of stream next and avail values, as well as local bit
+ * buffer and bit count in inflate()--for speed when inflate_fast() not used
+ *
+ * 1.2.beta4 1 Jan 2003
+ * - Split ptr - 257 statements in inflate_table() to avoid compiler warnings
+ * - Move a comment on output buffer sizes from inffast.c to inflate.c
+ * - Add comments in inffast.c to introduce the inflate_fast() routine
+ * - Rearrange window copies in inflate_fast() for speed and simplification
+ * - Unroll last copy for window match in inflate_fast()
+ * - Use local copies of window variables in inflate_fast() for speed
+ * - Pull out common wnext == 0 case for speed in inflate_fast()
+ * - Make op and len in inflate_fast() unsigned for consistency
+ * - Add FAR to lcode and dcode declarations in inflate_fast()
+ * - Simplified bad distance check in inflate_fast()
+ * - Added inflateBackInit(), inflateBack(), and inflateBackEnd() in new
+ * source file infback.c to provide a call-back interface to inflate for
+ * programs like gzip and unzip -- uses window as output buffer to avoid
+ * window copying
+ *
+ * 1.2.beta5 1 Jan 2003
+ * - Improved inflateBack() interface to allow the caller to provide initial
+ * input in strm.
+ * - Fixed stored blocks bug in inflateBack()
+ *
+ * 1.2.beta6 4 Jan 2003
+ * - Added comments in inffast.c on effectiveness of POSTINC
+ * - Typecasting all around to reduce compiler warnings
+ * - Changed loops from while (1) or do {} while (1) to for (;;), again to
+ * make compilers happy
+ * - Changed type of window in inflateBackInit() to unsigned char *
+ *
+ * 1.2.beta7 27 Jan 2003
+ * - Changed many types to unsigned or unsigned short to avoid warnings
+ * - Added inflateCopy() function
+ *
+ * 1.2.0 9 Mar 2003
+ * - Changed inflateBack() interface to provide separate opaque descriptors
+ * for the in() and out() functions
+ * - Changed inflateBack() argument and in_func typedef to swap the length
+ * and buffer address return values for the input function
+ * - Check next_in and next_out for Z_NULL on entry to inflate()
+ *
+ * The history for versions after 1.2.0 are in ChangeLog in zlib distribution.
+ */
+
+//-----------------------------------------------------------------------------
+// This version of zlib is modified for use within the Proxmark3 project.
+// Files from the original distribution which are not required for this
+// purpose are not included. All modifications can easily be found
+// by searching for #ifdef ZLIB_PM3_TUNED and #ifndef ZLIB_PM3_TUNED.
+//-----------------------------------------------------------------------------
+
+
+
+#include "zutil.h"
+#include "inftrees.h"
+#include "inflate.h"
+#include "inffast.h"
+
+#ifdef MAKEFIXED
+# ifndef BUILDFIXED
+# define BUILDFIXED
+# endif
+#endif
+
+/* function prototypes */
+#ifdef ZLIB_PM3_TUNED
+extern void Dbprintf(const char *fmt, ...);
+#else
+local void fixedtables OF((struct inflate_state FAR *state));
+#endif
+local int updatewindow OF((z_streamp strm, const unsigned char FAR *end,
+ unsigned copy));
+#ifdef BUILDFIXED
+ void makefixed OF((void));
+#endif
+local unsigned syncsearch OF((unsigned FAR *have, const unsigned char FAR *buf,
+ unsigned len));
+
+int ZEXPORT inflateResetKeep(strm)
+z_streamp strm;
+{
+ struct inflate_state FAR *state;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ strm->total_in = strm->total_out = state->total = 0;
+ strm->msg = Z_NULL;
+ if (state->wrap) /* to support ill-conceived Java test suite */
+ strm->adler = state->wrap & 1;
+ state->mode = HEAD;
+ state->last = 0;
+ state->havedict = 0;
+ state->dmax = 32768U;
+ state->head = Z_NULL;
+ state->hold = 0;
+ state->bits = 0;
+ state->lencode = state->distcode = state->next = state->codes;
+ state->sane = 1;
+ state->back = -1;
+ Tracev((stderr, "inflate: reset\n"));
+ return Z_OK;
+}
+
+int ZEXPORT inflateReset(strm)
+z_streamp strm;
+{
+ struct inflate_state FAR *state;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ state->wsize = 0;
+ state->whave = 0;
+ state->wnext = 0;
+ return inflateResetKeep(strm);
+}
+
+int ZEXPORT inflateReset2(strm, windowBits)
+z_streamp strm;
+int windowBits;
+{
+ int wrap;
+ struct inflate_state FAR *state;
+
+ /* get the state */
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+
+ /* extract wrap request from windowBits parameter */
+ if (windowBits < 0) {
+ wrap = 0;
+ windowBits = -windowBits;
+ }
+ else {
+ wrap = (windowBits >> 4) + 1;
+#ifdef GUNZIP
+ if (windowBits < 48)
+ windowBits &= 15;
+#endif
+ }
+
+ /* set number of window bits, free window if different */
+ if (windowBits && (windowBits < 8 || windowBits > 15))
+ return Z_STREAM_ERROR;
+ if (state->window != Z_NULL && state->wbits != (unsigned)windowBits) {
+ ZFREE(strm, state->window);
+ state->window = Z_NULL;
+ }
+
+ /* update state and reset the rest of it */
+ state->wrap = wrap;
+ state->wbits = (unsigned)windowBits;
+ return inflateReset(strm);
+}
+
+int ZEXPORT inflateInit2_(strm, windowBits, version, stream_size)
+z_streamp strm;
+int windowBits;
+const char *version;
+int stream_size;
+{
+ int ret;
+ struct inflate_state FAR *state;
+
+ if (version == Z_NULL || version[0] != ZLIB_VERSION[0] ||
+ stream_size != (int)(sizeof(z_stream)))
+ return Z_VERSION_ERROR;
+ if (strm == Z_NULL) return Z_STREAM_ERROR;
+ strm->msg = Z_NULL; /* in case we return an error */
+ if (strm->zalloc == (alloc_func)0) {
+#ifdef Z_SOLO
+ return Z_STREAM_ERROR;
+#else
+ strm->zalloc = zcalloc;
+ strm->opaque = (voidpf)0;
+#endif
+ }
+ if (strm->zfree == (free_func)0)
+#ifdef Z_SOLO
+ return Z_STREAM_ERROR;
+#else
+ strm->zfree = zcfree;
+#endif
+ state = (struct inflate_state FAR *)
+ ZALLOC(strm, 1, sizeof(struct inflate_state));
+ if (state == Z_NULL) return Z_MEM_ERROR;
+ Tracev((stderr, "inflate: allocated\n"));
+ strm->state = (struct internal_state FAR *)state;
+ state->window = Z_NULL;
+ ret = inflateReset2(strm, windowBits);
+ if (ret != Z_OK) {
+ ZFREE(strm, state);
+ strm->state = Z_NULL;
+ }
+ return ret;
+}
+
+int ZEXPORT inflateInit_(strm, version, stream_size)
+z_streamp strm;
+const char *version;
+int stream_size;
+{
+ return inflateInit2_(strm, DEF_WBITS, version, stream_size);
+}
+
+int ZEXPORT inflatePrime(strm, bits, value)
+z_streamp strm;
+int bits;
+int value;
+{
+ struct inflate_state FAR *state;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ if (bits < 0) {
+ state->hold = 0;
+ state->bits = 0;
+ return Z_OK;
+ }
+ if (bits > 16 || state->bits + bits > 32) return Z_STREAM_ERROR;
+ value &= (1L << bits) - 1;
+ state->hold += value << state->bits;
+ state->bits += bits;
+ return Z_OK;
+}
+
+/*
+ Return state with length and distance decoding tables and index sizes set to
+ fixed code decoding. Normally this returns fixed tables from inffixed.h.
+ If BUILDFIXED is defined, then instead this routine builds the tables the
+ first time it's called, and returns those tables the first time and
+ thereafter. This reduces the size of the code by about 2K bytes, in
+ exchange for a little execution time. However, BUILDFIXED should not be
+ used for threaded applications, since the rewriting of the tables and virgin
+ may not be thread-safe.
+ */
+#ifndef ZLIB_PM3_TUNED
+local void fixedtables(state)
+struct inflate_state FAR *state;
+{
+#ifdef BUILDFIXED
+ static int virgin = 1;
+ static code *lenfix, *distfix;
+ static code fixed[544];
+
+ /* build fixed huffman tables if first call (may not be thread safe) */
+ if (virgin) {
+ unsigned sym, bits;
+ static code *next;
+
+ /* literal/length table */
+ sym = 0;
+ while (sym < 144) state->lens[sym++] = 8;
+ while (sym < 256) state->lens[sym++] = 9;
+ while (sym < 280) state->lens[sym++] = 7;
+ while (sym < 288) state->lens[sym++] = 8;
+ next = fixed;
+ lenfix = next;
+ bits = 9;
+ inflate_table(LENS, state->lens, 288, &(next), &(bits), state->work);
+
+ /* distance table */
+ sym = 0;
+ while (sym < 32) state->lens[sym++] = 5;
+ distfix = next;
+ bits = 5;
+ inflate_table(DISTS, state->lens, 32, &(next), &(bits), state->work);
+
+ /* do this just once */
+ virgin = 0;
+ }
+#else /* !BUILDFIXED */
+# include "inffixed.h"
+#endif /* BUILDFIXED */
+ state->lencode = lenfix;
+ state->lenbits = 9;
+ state->distcode = distfix;
+ state->distbits = 5;
+}
+
+#ifdef MAKEFIXED
+#include <stdio.h>
+
+/*
+ Write out the inffixed.h that is #include'd above. Defining MAKEFIXED also
+ defines BUILDFIXED, so the tables are built on the fly. makefixed() writes
+ those tables to stdout, which would be piped to inffixed.h. A small program
+ can simply call makefixed to do this:
+
+ void makefixed(void);
+
+ int main(void)
+ {
+ makefixed();
+ return 0;
+ }
+
+ Then that can be linked with zlib built with MAKEFIXED defined and run:
+
+ a.out > inffixed.h
+ */
+void makefixed()
+{
+ unsigned low, size;
+ struct inflate_state state;
+
+ fixedtables(&state);
+ puts(" /* inffixed.h -- table for decoding fixed codes");
+ puts(" * Generated automatically by makefixed().");
+ puts(" */");
+ puts("");
+ puts(" /* WARNING: this file should *not* be used by applications.");
+ puts(" It is part of the implementation of this library and is");
+ puts(" subject to change. Applications should only use zlib.h.");
+ puts(" */");
+ puts("");
+ size = 1U << 9;
+ printf(" static const code lenfix[%u] = {", size);
+ low = 0;
+ for (;;) {
+ if ((low % 7) == 0) printf("\n ");
+ printf("{%u,%u,%d}", (low & 127) == 99 ? 64 : state.lencode[low].op,
+ state.lencode[low].bits, state.lencode[low].val);
+ if (++low == size) break;
+ putchar(',');
+ }
+ puts("\n };");
+ size = 1U << 5;
+ printf("\n static const code distfix[%u] = {", size);
+ low = 0;
+ for (;;) {
+ if ((low % 6) == 0) printf("\n ");
+ printf("{%u,%u,%d}", state.distcode[low].op, state.distcode[low].bits,
+ state.distcode[low].val);
+ if (++low == size) break;
+ putchar(',');
+ }
+ puts("\n };");
+}
+#endif /* MAKEFIXED */
+#endif /* ZLIB_PM3_TUNED */
+/*
+ Update the window with the last wsize (normally 32K) bytes written before
+ returning. If window does not exist yet, create it. This is only called
+ when a window is already in use, or when output has been written during this
+ inflate call, but the end of the deflate stream has not been reached yet.
+ It is also called to create a window for dictionary data when a dictionary
+ is loaded.
+
+ Providing output buffers larger than 32K to inflate() should provide a speed
+ advantage, since only the last 32K of output is copied to the sliding window
+ upon return from inflate(), and since all distances after the first 32K of
+ output will fall in the output data, making match copies simpler and faster.
+ The advantage may be dependent on the size of the processor's data caches.
+ */
+local int updatewindow(strm, end, copy)
+z_streamp strm;
+const Bytef *end;
+unsigned copy;
+{
+ struct inflate_state FAR *state;
+ unsigned dist;
+
+ state = (struct inflate_state FAR *)strm->state;
+
+ /* if it hasn't been done already, allocate space for the window */
+ if (state->window == Z_NULL) {
+ state->window = (unsigned char FAR *)
+ ZALLOC(strm, 1U << state->wbits,
+ sizeof(unsigned char));
+ if (state->window == Z_NULL) return 1;
+ }
+
+ /* if window not in use yet, initialize */
+ if (state->wsize == 0) {
+ state->wsize = 1U << state->wbits;
+ state->wnext = 0;
+ state->whave = 0;
+ }
+
+ /* copy state->wsize or less output bytes into the circular window */
+ if (copy >= state->wsize) {
+ zmemcpy(state->window, end - state->wsize, state->wsize);
+ state->wnext = 0;
+ state->whave = state->wsize;
+ }
+ else {
+ dist = state->wsize - state->wnext;
+ if (dist > copy) dist = copy;
+ zmemcpy(state->window + state->wnext, end - copy, dist);
+ copy -= dist;
+ if (copy) {
+ zmemcpy(state->window, end - copy, copy);
+ state->wnext = copy;
+ state->whave = state->wsize;
+ }
+ else {
+ state->wnext += dist;
+ if (state->wnext == state->wsize) state->wnext = 0;
+ if (state->whave < state->wsize) state->whave += dist;
+ }
+ }
+ return 0;
+}
+
+/* Macros for inflate(): */
+
+/* check function to use adler32() for zlib or crc32() for gzip */
+#ifdef GUNZIP
+# define UPDATE(check, buf, len) \
+ (state->flags ? crc32(check, buf, len) : adler32(check, buf, len))
+#else
+# define UPDATE(check, buf, len) adler32(check, buf, len)
+#endif
+
+/* check macros for header crc */
+#ifdef GUNZIP
+# define CRC2(check, word) \
+ do { \
+ hbuf[0] = (unsigned char)(word); \
+ hbuf[1] = (unsigned char)((word) >> 8); \
+ check = crc32(check, hbuf, 2); \
+ } while (0)
+
+# define CRC4(check, word) \
+ do { \
+ hbuf[0] = (unsigned char)(word); \
+ hbuf[1] = (unsigned char)((word) >> 8); \
+ hbuf[2] = (unsigned char)((word) >> 16); \
+ hbuf[3] = (unsigned char)((word) >> 24); \
+ check = crc32(check, hbuf, 4); \
+ } while (0)
+#endif
+
+/* Load registers with state in inflate() for speed */
+#define LOAD() \
+ do { \
+ put = strm->next_out; \
+ left = strm->avail_out; \
+ next = strm->next_in; \
+ have = strm->avail_in; \
+ hold = state->hold; \
+ bits = state->bits; \
+ } while (0)
+
+/* Restore state from registers in inflate() */
+#define RESTORE() \
+ do { \
+ strm->next_out = put; \
+ strm->avail_out = left; \
+ strm->next_in = next; \
+ strm->avail_in = have; \
+ state->hold = hold; \
+ state->bits = bits; \
+ } while (0)
+
+/* Clear the input bit accumulator */
+#define INITBITS() \
+ do { \
+ hold = 0; \
+ bits = 0; \
+ } while (0)
+
+/* Get a byte of input into the bit accumulator, or return from inflate()
+ if there is no input available. */
+#define PULLBYTE() \
+ do { \
+ if (have == 0) goto inf_leave; \
+ have--; \
+ hold += (unsigned long)(*next++) << bits; \
+ bits += 8; \
+ } while (0)
+
+/* Assure that there are at least n bits in the bit accumulator. If there is
+ not enough available input to do that, then return from inflate(). */
+#define NEEDBITS(n) \
+ do { \
+ while (bits < (unsigned)(n)) \
+ PULLBYTE(); \
+ } while (0)
+
+/* Return the low n bits of the bit accumulator (n < 16) */
+#define BITS(n) \
+ ((unsigned)hold & ((1U << (n)) - 1))
+
+/* Remove n bits from the bit accumulator */
+#define DROPBITS(n) \
+ do { \
+ hold >>= (n); \
+ bits -= (unsigned)(n); \
+ } while (0)
+
+/* Remove zero to seven bits as needed to go to a byte boundary */
+#define BYTEBITS() \
+ do { \
+ hold >>= bits & 7; \
+ bits -= bits & 7; \
+ } while (0)
+
+/*
+ inflate() uses a state machine to process as much input data and generate as
+ much output data as possible before returning. The state machine is
+ structured roughly as follows:
+
+ for (;;) switch (state) {
+ ...
+ case STATEn:
+ if (not enough input data or output space to make progress)
+ return;
+ ... make progress ...
+ state = STATEm;
+ break;
+ ...
+ }
+
+ so when inflate() is called again, the same case is attempted again, and
+ if the appropriate resources are provided, the machine proceeds to the
+ next state. The NEEDBITS() macro is usually the way the state evaluates
+ whether it can proceed or should return. NEEDBITS() does the return if
+ the requested bits are not available. The typical use of the BITS macros
+ is:
+
+ NEEDBITS(n);
+ ... do something with BITS(n) ...
+ DROPBITS(n);
+
+ where NEEDBITS(n) either returns from inflate() if there isn't enough
+ input left to load n bits into the accumulator, or it continues. BITS(n)
+ gives the low n bits in the accumulator. When done, DROPBITS(n) drops
+ the low n bits off the accumulator. INITBITS() clears the accumulator
+ and sets the number of available bits to zero. BYTEBITS() discards just
+ enough bits to put the accumulator on a byte boundary. After BYTEBITS()
+ and a NEEDBITS(8), then BITS(8) would return the next byte in the stream.
+
+ NEEDBITS(n) uses PULLBYTE() to get an available byte of input, or to return
+ if there is no input available. The decoding of variable length codes uses
+ PULLBYTE() directly in order to pull just enough bytes to decode the next
+ code, and no more.
+
+ Some states loop until they get enough input, making sure that enough
+ state information is maintained to continue the loop where it left off
+ if NEEDBITS() returns in the loop. For example, want, need, and keep
+ would all have to actually be part of the saved state in case NEEDBITS()
+ returns:
+
+ case STATEw:
+ while (want < need) {
+ NEEDBITS(n);
+ keep[want++] = BITS(n);
+ DROPBITS(n);
+ }
+ state = STATEx;
+ case STATEx:
+
+ As shown above, if the next state is also the next case, then the break
+ is omitted.
+
+ A state may also return if there is not enough output space available to
+ complete that state. Those states are copying stored data, writing a
+ literal byte, and copying a matching string.
+
+ When returning, a "goto inf_leave" is used to update the total counters,
+ update the check value, and determine whether any progress has been made
+ during that inflate() call in order to return the proper return code.
+ Progress is defined as a change in either strm->avail_in or strm->avail_out.
+ When there is a window, goto inf_leave will update the window with the last
+ output written. If a goto inf_leave occurs in the middle of decompression
+ and there is no window currently, goto inf_leave will create one and copy
+ output to the window for the next call of inflate().
+
+ In this implementation, the flush parameter of inflate() only affects the
+ return code (per zlib.h). inflate() always writes as much as possible to
+ strm->next_out, given the space available and the provided input--the effect
+ documented in zlib.h of Z_SYNC_FLUSH. Furthermore, inflate() always defers
+ the allocation of and copying into a sliding window until necessary, which
+ provides the effect documented in zlib.h for Z_FINISH when the entire input
+ stream available. So the only thing the flush parameter actually does is:
+ when flush is set to Z_FINISH, inflate() cannot return Z_OK. Instead it
+ will return Z_BUF_ERROR if it has not reached the end of the stream.
+ */
+
+int ZEXPORT inflate(strm, flush)
+z_streamp strm;
+int flush;
+{
+ struct inflate_state FAR *state;
+ z_const unsigned char FAR *next; /* next input */
+ unsigned char FAR *put; /* next output */
+ unsigned have, left; /* available input and output */
+ unsigned long hold; /* bit buffer */
+ unsigned bits; /* bits in bit buffer */
+ unsigned in, out; /* save starting available input and output */
+ unsigned copy; /* number of stored or match bytes to copy */
+ unsigned char FAR *from; /* where to copy match bytes from */
+ code here; /* current decoding table entry */
+ code last; /* parent table entry */
+ unsigned len; /* length to copy for repeats, bits to drop */
+ int ret; /* return code */
+#ifdef GUNZIP
+ unsigned char hbuf[4]; /* buffer for gzip header crc calculation */
+#endif
+ static const unsigned short order[19] = /* permutation of code lengths */
+ {16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15};
+
+ if (strm == Z_NULL || strm->state == Z_NULL || strm->next_out == Z_NULL ||
+ (strm->next_in == Z_NULL && strm->avail_in != 0))
+ return Z_STREAM_ERROR;
+
+ state = (struct inflate_state FAR *)strm->state;
+ if (state->mode == TYPE) state->mode = TYPEDO; /* skip check */
+ LOAD();
+ in = have;
+ out = left;
+ ret = Z_OK;
+ for (;;)
+ switch (state->mode) {
+ case HEAD:
+ if (state->wrap == 0) {
+ state->mode = TYPEDO;
+ break;
+ }
+ NEEDBITS(16);
+#ifdef GUNZIP
+ if ((state->wrap & 2) && hold == 0x8b1f) { /* gzip header */
+ state->check = crc32(0L, Z_NULL, 0);
+ CRC2(state->check, hold);
+ INITBITS();
+ state->mode = FLAGS;
+ break;
+ }
+ state->flags = 0; /* expect zlib header */
+ if (state->head != Z_NULL)
+ state->head->done = -1;
+ if (!(state->wrap & 1) || /* check if zlib header allowed */
+#else
+ if (
+#endif
+ ((BITS(8) << 8) + (hold >> 8)) % 31) {
+ strm->msg = (char *)"incorrect header check";
+ state->mode = BAD;
+ break;
+ }
+ if (BITS(4) != Z_DEFLATED) {
+ strm->msg = (char *)"unknown compression method";
+ state->mode = BAD;
+ break;
+ }
+ DROPBITS(4);
+ len = BITS(4) + 8;
+ if (state->wbits == 0)
+ state->wbits = len;
+ else if (len > state->wbits) {
+ strm->msg = (char *)"invalid window size";
+ state->mode = BAD;
+ break;
+ }
+ state->dmax = 1U << len;
+ Tracev((stderr, "inflate: zlib header ok\n"));
+ strm->adler = state->check = adler32(0L, Z_NULL, 0);
+ state->mode = hold & 0x200 ? DICTID : TYPE;
+ INITBITS();
+ break;
+#ifdef GUNZIP
+ case FLAGS:
+ NEEDBITS(16);
+ state->flags = (int)(hold);
+ if ((state->flags & 0xff) != Z_DEFLATED) {
+ strm->msg = (char *)"unknown compression method";
+ state->mode = BAD;
+ break;
+ }
+ if (state->flags & 0xe000) {
+ strm->msg = (char *)"unknown header flags set";
+ state->mode = BAD;
+ break;
+ }
+ if (state->head != Z_NULL)
+ state->head->text = (int)((hold >> 8) & 1);
+ if (state->flags & 0x0200) CRC2(state->check, hold);
+ INITBITS();
+ state->mode = TIME;
+ case TIME:
+ NEEDBITS(32);
+ if (state->head != Z_NULL)
+ state->head->time = hold;
+ if (state->flags & 0x0200) CRC4(state->check, hold);
+ INITBITS();
+ state->mode = OS;
+ case OS:
+ NEEDBITS(16);
+ if (state->head != Z_NULL) {
+ state->head->xflags = (int)(hold & 0xff);
+ state->head->os = (int)(hold >> 8);
+ }
+ if (state->flags & 0x0200) CRC2(state->check, hold);
+ INITBITS();
+ state->mode = EXLEN;
+ case EXLEN:
+ if (state->flags & 0x0400) {
+ NEEDBITS(16);
+ state->length = (unsigned)(hold);
+ if (state->head != Z_NULL)
+ state->head->extra_len = (unsigned)hold;
+ if (state->flags & 0x0200) CRC2(state->check, hold);
+ INITBITS();
+ }
+ else if (state->head != Z_NULL)
+ state->head->extra = Z_NULL;
+ state->mode = EXTRA;
+ case EXTRA:
+ if (state->flags & 0x0400) {
+ copy = state->length;
+ if (copy > have) copy = have;
+ if (copy) {
+ if (state->head != Z_NULL &&
+ state->head->extra != Z_NULL) {
+ len = state->head->extra_len - state->length;
+ zmemcpy(state->head->extra + len, next,
+ len + copy > state->head->extra_max ?
+ state->head->extra_max - len : copy);
+ }
+ if (state->flags & 0x0200)
+ state->check = crc32(state->check, next, copy);
+ have -= copy;
+ next += copy;
+ state->length -= copy;
+ }
+ if (state->length) goto inf_leave;
+ }
+ state->length = 0;
+ state->mode = NAME;
+ case NAME:
+ if (state->flags & 0x0800) {
+ if (have == 0) goto inf_leave;
+ copy = 0;
+ do {
+ len = (unsigned)(next[copy++]);
+ if (state->head != Z_NULL &&
+ state->head->name != Z_NULL &&
+ state->length < state->head->name_max)
+ state->head->name[state->length++] = len;
+ } while (len && copy < have);
+ if (state->flags & 0x0200)
+ state->check = crc32(state->check, next, copy);
+ have -= copy;
+ next += copy;
+ if (len) goto inf_leave;
+ }
+ else if (state->head != Z_NULL)
+ state->head->name = Z_NULL;
+ state->length = 0;
+ state->mode = COMMENT;
+ case COMMENT:
+ if (state->flags & 0x1000) {
+ if (have == 0) goto inf_leave;
+ copy = 0;
+ do {
+ len = (unsigned)(next[copy++]);
+ if (state->head != Z_NULL &&
+ state->head->comment != Z_NULL &&
+ state->length < state->head->comm_max)
+ state->head->comment[state->length++] = len;
+ } while (len && copy < have);
+ if (state->flags & 0x0200)
+ state->check = crc32(state->check, next, copy);
+ have -= copy;
+ next += copy;
+ if (len) goto inf_leave;
+ }
+ else if (state->head != Z_NULL)
+ state->head->comment = Z_NULL;
+ state->mode = HCRC;
+ case HCRC:
+ if (state->flags & 0x0200) {
+ NEEDBITS(16);
+ if (hold != (state->check & 0xffff)) {
+ strm->msg = (char *)"header crc mismatch";
+ state->mode = BAD;
+ break;
+ }
+ INITBITS();
+ }
+ if (state->head != Z_NULL) {
+ state->head->hcrc = (int)((state->flags >> 9) & 1);
+ state->head->done = 1;
+ }
+ strm->adler = state->check = crc32(0L, Z_NULL, 0);
+ state->mode = TYPE;
+ break;
+#endif
+ case DICTID:
+ NEEDBITS(32);
+ strm->adler = state->check = ZSWAP32(hold);
+ INITBITS();
+ state->mode = DICT;
+ case DICT:
+ if (state->havedict == 0) {
+ RESTORE();
+ return Z_NEED_DICT;
+ }
+ strm->adler = state->check = adler32(0L, Z_NULL, 0);
+ state->mode = TYPE;
+ case TYPE:
+ if (flush == Z_BLOCK || flush == Z_TREES) goto inf_leave;
+ case TYPEDO:
+ if (state->last) {
+ BYTEBITS();
+ state->mode = CHECK;
+ break;
+ }
+ NEEDBITS(3);
+ state->last = BITS(1);
+ DROPBITS(1);
+ switch (BITS(2)) {
+ case 0: /* stored block */
+ Tracev((stderr, "inflate: stored block%s\n",
+ state->last ? " (last)" : ""));
+ state->mode = STORED;
+ break;
+ case 1: /* fixed block */
+#ifdef ZLIB_PM3_TUNED
+ strm->msg = (char *)"fixed block coding not supported";
+ state->mode = BAD;
+#else
+ fixedtables(state);
+ Tracev((stderr, "inflate: fixed codes block%s\n",
+ state->last ? " (last)" : ""));
+ state->mode = LEN_; /* decode codes */
+ if (flush == Z_TREES) {
+ DROPBITS(2);
+ goto inf_leave;
+ }
+#endif
+ break;
+ case 2: /* dynamic block */
+ Tracev((stderr, "inflate: dynamic codes block%s\n",
+ state->last ? " (last)" : ""));
+ state->mode = TABLE;
+ break;
+ case 3:
+ strm->msg = (char *)"invalid block type";
+ state->mode = BAD;
+ }
+ DROPBITS(2);
+ break;
+ case STORED:
+ BYTEBITS(); /* go to byte boundary */
+ NEEDBITS(32);
+ if ((hold & 0xffff) != ((hold >> 16) ^ 0xffff)) {
+ strm->msg = (char *)"invalid stored block lengths";
+ state->mode = BAD;
+ break;
+ }
+ state->length = (unsigned)hold & 0xffff;
+ Tracev((stderr, "inflate: stored length %u\n",
+ state->length));
+ INITBITS();
+ state->mode = COPY_;
+ if (flush == Z_TREES) goto inf_leave;
+ case COPY_:
+ state->mode = COPY;
+ case COPY:
+ copy = state->length;
+ if (copy) {
+ if (copy > have) copy = have;
+ if (copy > left) copy = left;
+ if (copy == 0) goto inf_leave;
+ zmemcpy(put, next, copy);
+ have -= copy;
+ next += copy;
+ left -= copy;
+ put += copy;
+ state->length -= copy;
+ break;
+ }
+ Tracev((stderr, "inflate: stored end\n"));
+ state->mode = TYPE;
+ break;
+ case TABLE:
+ NEEDBITS(14);
+ state->nlen = BITS(5) + 257;
+ DROPBITS(5);
+ state->ndist = BITS(5) + 1;
+ DROPBITS(5);
+ state->ncode = BITS(4) + 4;
+ DROPBITS(4);
+#ifndef PKZIP_BUG_WORKAROUND
+ if (state->nlen > 286 || state->ndist > 30) {
+ strm->msg = (char *)"too many length or distance symbols";
+ state->mode = BAD;
+ break;
+ }
+#endif
+ Tracev((stderr, "inflate: table sizes ok\n"));
+ state->have = 0;
+ state->mode = LENLENS;
+ case LENLENS:
+ while (state->have < state->ncode) {
+ NEEDBITS(3);
+ state->lens[order[state->have++]] = (unsigned short)BITS(3);
+ DROPBITS(3);
+ }
+ while (state->have < 19)
+ state->lens[order[state->have++]] = 0;
+ state->next = state->codes;
+ state->lencode = (const code FAR *)(state->next);
+ state->lenbits = 7;
+ ret = inflate_table(CODES, state->lens, 19, &(state->next),
+ &(state->lenbits), state->work);
+ if (ret) {
+ strm->msg = (char *)"invalid code lengths set";
+ state->mode = BAD;
+ break;
+ }
+ Tracev((stderr, "inflate: code lengths ok\n"));
+ state->have = 0;
+ state->mode = CODELENS;
+ case CODELENS:
+ while (state->have < state->nlen + state->ndist) {
+ for (;;) {
+ here = state->lencode[BITS(state->lenbits)];
+ if ((unsigned)(here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ if (here.val < 16) {
+ DROPBITS(here.bits);
+ state->lens[state->have++] = here.val;
+ }
+ else {
+ if (here.val == 16) {
+ NEEDBITS(here.bits + 2);
+ DROPBITS(here.bits);
+ if (state->have == 0) {
+ strm->msg = (char *)"invalid bit length repeat";
+ state->mode = BAD;
+ break;
+ }
+ len = state->lens[state->have - 1];
+ copy = 3 + BITS(2);
+ DROPBITS(2);
+ }
+ else if (here.val == 17) {
+ NEEDBITS(here.bits + 3);
+ DROPBITS(here.bits);
+ len = 0;
+ copy = 3 + BITS(3);
+ DROPBITS(3);
+ }
+ else {
+ NEEDBITS(here.bits + 7);
+ DROPBITS(here.bits);
+ len = 0;
+ copy = 11 + BITS(7);
+ DROPBITS(7);
+ }
+ if (state->have + copy > state->nlen + state->ndist) {
+ strm->msg = (char *)"invalid bit length repeat";
+ state->mode = BAD;
+ break;
+ }
+ while (copy--)
+ state->lens[state->have++] = (unsigned short)len;
+ }
+ }
+
+ /* handle error breaks in while */
+ if (state->mode == BAD) break;
+
+ /* check for end-of-block code (better have one) */
+ if (state->lens[256] == 0) {
+ strm->msg = (char *)"invalid code -- missing end-of-block";
+ state->mode = BAD;
+ break;
+ }
+
+ /* build code tables -- note: do not change the lenbits or distbits
+ values here (9 and 6) without reading the comments in inftrees.h
+ concerning the ENOUGH constants, which depend on those values */
+ state->next = state->codes;
+ state->lencode = (const code FAR *)(state->next);
+ state->lenbits = 9;
+ ret = inflate_table(LENS, state->lens, state->nlen, &(state->next),
+ &(state->lenbits), state->work);
+ if (ret) {
+ strm->msg = (char *)"invalid literal/lengths set";
+ state->mode = BAD;
+ break;
+ }
+ state->distcode = (const code FAR *)(state->next);
+ state->distbits = 6;
+ ret = inflate_table(DISTS, state->lens + state->nlen, state->ndist,
+ &(state->next), &(state->distbits), state->work);
+ if (ret) {
+ strm->msg = (char *)"invalid distances set";
+ state->mode = BAD;
+ break;
+ }
+ Tracev((stderr, "inflate: codes ok\n"));
+ state->mode = LEN_;
+ if (flush == Z_TREES) goto inf_leave;
+ case LEN_:
+ state->mode = LEN;
+ case LEN:
+ if (have >= 6 && left >= 258) {
+ RESTORE();
+ inflate_fast(strm, out);
+ LOAD();
+ if (state->mode == TYPE)
+ state->back = -1;
+ break;
+ }
+ state->back = 0;
+ for (;;) {
+ here = state->lencode[BITS(state->lenbits)];
+ if ((unsigned)(here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ if (here.op && (here.op & 0xf0) == 0) {
+ last = here;
+ for (;;) {
+ here = state->lencode[last.val +
+ (BITS(last.bits + last.op) >> last.bits)];
+ if ((unsigned)(last.bits + here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ DROPBITS(last.bits);
+ state->back += last.bits;
+ }
+ DROPBITS(here.bits);
+ state->back += here.bits;
+ state->length = (unsigned)here.val;
+ if ((int)(here.op) == 0) {
+ Tracevv((stderr, here.val >= 0x20 && here.val < 0x7f ?
+ "inflate: literal '%c'\n" :
+ "inflate: literal 0x%02x\n", here.val));
+ state->mode = LIT;
+ break;
+ }
+ if (here.op & 32) {
+ Tracevv((stderr, "inflate: end of block\n"));
+ state->back = -1;
+ state->mode = TYPE;
+ break;
+ }
+ if (here.op & 64) {
+ strm->msg = (char *)"invalid literal/length code";
+ state->mode = BAD;
+ break;
+ }
+ state->extra = (unsigned)(here.op) & 15;
+ state->mode = LENEXT;
+ case LENEXT:
+ if (state->extra) {
+ NEEDBITS(state->extra);
+ state->length += BITS(state->extra);
+ DROPBITS(state->extra);
+ state->back += state->extra;
+ }
+ Tracevv((stderr, "inflate: length %u\n", state->length));
+ state->was = state->length;
+ state->mode = DIST;
+ case DIST:
+ for (;;) {
+ here = state->distcode[BITS(state->distbits)];
+ if ((unsigned)(here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ if ((here.op & 0xf0) == 0) {
+ last = here;
+ for (;;) {
+ here = state->distcode[last.val +
+ (BITS(last.bits + last.op) >> last.bits)];
+ if ((unsigned)(last.bits + here.bits) <= bits) break;
+ PULLBYTE();
+ }
+ DROPBITS(last.bits);
+ state->back += last.bits;
+ }
+ DROPBITS(here.bits);
+ state->back += here.bits;
+ if (here.op & 64) {
+ strm->msg = (char *)"invalid distance code";
+ state->mode = BAD;
+ break;
+ }
+ state->offset = (unsigned)here.val;
+ state->extra = (unsigned)(here.op) & 15;
+ state->mode = DISTEXT;
+ case DISTEXT:
+ if (state->extra) {
+ NEEDBITS(state->extra);
+ state->offset += BITS(state->extra);
+ DROPBITS(state->extra);
+ state->back += state->extra;
+ }
+#ifdef INFLATE_STRICT
+ if (state->offset > state->dmax) {
+ strm->msg = (char *)"invalid distance too far back";
+ state->mode = BAD;
+ break;
+ }
+#endif
+ Tracevv((stderr, "inflate: distance %u\n", state->offset));
+ state->mode = MATCH;
+ case MATCH:
+ if (left == 0) goto inf_leave;
+ copy = out - left;
+ if (state->offset > copy) { /* copy from window */
+ copy = state->offset - copy;
+ if (copy > state->whave) {
+ if (state->sane) {
+ strm->msg = (char *)"invalid distance too far back";
+ state->mode = BAD;
+ break;
+ }
+#ifdef INFLATE_ALLOW_INVALID_DISTANCE_TOOFAR_ARRR
+ Trace((stderr, "inflate.c too far\n"));
+ copy -= state->whave;
+ if (copy > state->length) copy = state->length;
+ if (copy > left) copy = left;
+ left -= copy;
+ state->length -= copy;
+ do {
+ *put++ = 0;
+ } while (--copy);
+ if (state->length == 0) state->mode = LEN;
+ break;
+#endif
+ }
+ if (copy > state->wnext) {
+ copy -= state->wnext;
+ from = state->window + (state->wsize - copy);
+ }
+ else
+ from = state->window + (state->wnext - copy);
+ if (copy > state->length) copy = state->length;
+ }
+ else { /* copy from output */
+ from = put - state->offset;
+ copy = state->length;
+ }
+ if (copy > left) copy = left;
+ left -= copy;
+ state->length -= copy;
+ do {
+ *put++ = *from++;
+ } while (--copy);
+ if (state->length == 0) state->mode = LEN;
+ break;
+ case LIT:
+ if (left == 0) goto inf_leave;
+ *put++ = (unsigned char)(state->length);
+ left--;
+ state->mode = LEN;
+ break;
+ case CHECK:
+ if (state->wrap) {
+ NEEDBITS(32);
+ out -= left;
+ strm->total_out += out;
+ state->total += out;
+ if (out)
+ strm->adler = state->check =
+ UPDATE(state->check, put - out, out);
+ out = left;
+ if ((
+#ifdef GUNZIP
+ state->flags ? hold :
+#endif
+ ZSWAP32(hold)) != state->check) {
+ strm->msg = (char *)"incorrect data check";
+ state->mode = BAD;
+ break;
+ }
+ INITBITS();
+ Tracev((stderr, "inflate: check matches trailer\n"));
+ }
+#ifdef GUNZIP
+ state->mode = LENGTH;
+ case LENGTH:
+ if (state->wrap && state->flags) {
+ NEEDBITS(32);
+ if (hold != (state->total & 0xffffffffUL)) {
+ strm->msg = (char *)"incorrect length check";
+ state->mode = BAD;
+ break;
+ }
+ INITBITS();
+ Tracev((stderr, "inflate: length matches trailer\n"));
+ }
+#endif
+ state->mode = DONE;
+ case DONE:
+ ret = Z_STREAM_END;
+ goto inf_leave;
+ case BAD:
+ ret = Z_DATA_ERROR;
+ goto inf_leave;
+ case MEM:
+ return Z_MEM_ERROR;
+ case SYNC:
+ default:
+ return Z_STREAM_ERROR;
+ }
+
+ /*
+ Return from inflate(), updating the total counts and the check value.
+ If there was no progress during the inflate() call, return a buffer
+ error. Call updatewindow() to create and/or update the window state.
+ Note: a memory error from inflate() is non-recoverable.
+ */
+ inf_leave:
+ RESTORE();
+ if (state->wsize || (out != strm->avail_out && state->mode < BAD &&
+ (state->mode < CHECK || flush != Z_FINISH)))
+ if (updatewindow(strm, strm->next_out, out - strm->avail_out)) {
+ state->mode = MEM;
+ return Z_MEM_ERROR;
+ }
+ in -= strm->avail_in;
+ out -= strm->avail_out;
+ strm->total_in += in;
+ strm->total_out += out;
+ state->total += out;
+ if (state->wrap && out)
+ strm->adler = state->check =
+ UPDATE(state->check, strm->next_out - out, out);
+ strm->data_type = state->bits + (state->last ? 64 : 0) +
+ (state->mode == TYPE ? 128 : 0) +
+ (state->mode == LEN_ || state->mode == COPY_ ? 256 : 0);
+ if (((in == 0 && out == 0) || flush == Z_FINISH) && ret == Z_OK)
+ ret = Z_BUF_ERROR;
+ return ret;
+}
+
+int ZEXPORT inflateEnd(strm)
+z_streamp strm;
+{
+ struct inflate_state FAR *state;
+ if (strm == Z_NULL || strm->state == Z_NULL || strm->zfree == (free_func)0)
+ return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ if (state->window != Z_NULL) ZFREE(strm, state->window);
+ ZFREE(strm, strm->state);
+ strm->state = Z_NULL;
+ Tracev((stderr, "inflate: end\n"));
+ return Z_OK;
+}
+
+int ZEXPORT inflateGetDictionary(strm, dictionary, dictLength)
+z_streamp strm;
+Bytef *dictionary;
+uInt *dictLength;
+{
+ struct inflate_state FAR *state;
+
+ /* check state */
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+
+ /* copy dictionary */
+ if (state->whave && dictionary != Z_NULL) {
+ zmemcpy(dictionary, state->window + state->wnext,
+ state->whave - state->wnext);
+ zmemcpy(dictionary + state->whave - state->wnext,
+ state->window, state->wnext);
+ }
+ if (dictLength != Z_NULL)
+ *dictLength = state->whave;
+ return Z_OK;
+}
+
+int ZEXPORT inflateSetDictionary(strm, dictionary, dictLength)
+z_streamp strm;
+const Bytef *dictionary;
+uInt dictLength;
+{
+ struct inflate_state FAR *state;
+ unsigned long dictid;
+ int ret;
+
+ /* check state */
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ if (state->wrap != 0 && state->mode != DICT)
+ return Z_STREAM_ERROR;
+
+ /* check for correct dictionary identifier */
+ if (state->mode == DICT) {
+ dictid = adler32(0L, Z_NULL, 0);
+ dictid = adler32(dictid, dictionary, dictLength);
+ if (dictid != state->check)
+ return Z_DATA_ERROR;
+ }
+
+ /* copy dictionary to window using updatewindow(), which will amend the
+ existing dictionary if appropriate */
+ ret = updatewindow(strm, dictionary + dictLength, dictLength);
+ if (ret) {
+ state->mode = MEM;
+ return Z_MEM_ERROR;
+ }
+ state->havedict = 1;
+ Tracev((stderr, "inflate: dictionary set\n"));
+ return Z_OK;
+}
+
+int ZEXPORT inflateGetHeader(strm, head)
+z_streamp strm;
+gz_headerp head;
+{
+ struct inflate_state FAR *state;
+
+ /* check state */
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ if ((state->wrap & 2) == 0) return Z_STREAM_ERROR;
+
+ /* save header structure */
+ state->head = head;
+ head->done = 0;
+ return Z_OK;
+}
+
+/*
+ Search buf[0..len-1] for the pattern: 0, 0, 0xff, 0xff. Return when found
+ or when out of input. When called, *have is the number of pattern bytes
+ found in order so far, in 0..3. On return *have is updated to the new
+ state. If on return *have equals four, then the pattern was found and the
+ return value is how many bytes were read including the last byte of the
+ pattern. If *have is less than four, then the pattern has not been found
+ yet and the return value is len. In the latter case, syncsearch() can be
+ called again with more data and the *have state. *have is initialized to
+ zero for the first call.
+ */
+local unsigned syncsearch(have, buf, len)
+unsigned FAR *have;
+const unsigned char FAR *buf;
+unsigned len;
+{
+ unsigned got;
+ unsigned next;
+
+ got = *have;
+ next = 0;
+ while (next < len && got < 4) {
+ if ((int)(buf[next]) == (got < 2 ? 0 : 0xff))
+ got++;
+ else if (buf[next])
+ got = 0;
+ else
+ got = 4 - got;
+ next++;
+ }
+ *have = got;
+ return next;
+}
+
+int ZEXPORT inflateSync(strm)
+z_streamp strm;
+{
+ unsigned len; /* number of bytes to look at or looked at */
+ unsigned long in, out; /* temporary to save total_in and total_out */
+ unsigned char buf[4]; /* to restore bit buffer to byte string */
+ struct inflate_state FAR *state;
+
+ /* check parameters */
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ if (strm->avail_in == 0 && state->bits < 8) return Z_BUF_ERROR;
+
+ /* if first time, start search in bit buffer */
+ if (state->mode != SYNC) {
+ state->mode = SYNC;
+ state->hold <<= state->bits & 7;
+ state->bits -= state->bits & 7;
+ len = 0;
+ while (state->bits >= 8) {
+ buf[len++] = (unsigned char)(state->hold);
+ state->hold >>= 8;
+ state->bits -= 8;
+ }
+ state->have = 0;
+ syncsearch(&(state->have), buf, len);
+ }
+
+ /* search available input */
+ len = syncsearch(&(state->have), strm->next_in, strm->avail_in);
+ strm->avail_in -= len;
+ strm->next_in += len;
+ strm->total_in += len;
+
+ /* return no joy or set up to restart inflate() on a new block */
+ if (state->have != 4) return Z_DATA_ERROR;
+ in = strm->total_in; out = strm->total_out;
+ inflateReset(strm);
+ strm->total_in = in; strm->total_out = out;
+ state->mode = TYPE;
+ return Z_OK;
+}
+
+/*
+ Returns true if inflate is currently at the end of a block generated by
+ Z_SYNC_FLUSH or Z_FULL_FLUSH. This function is used by one PPP
+ implementation to provide an additional safety check. PPP uses
+ Z_SYNC_FLUSH but removes the length bytes of the resulting empty stored
+ block. When decompressing, PPP checks that at the end of input packet,
+ inflate is waiting for these length bytes.
+ */
+int ZEXPORT inflateSyncPoint(strm)
+z_streamp strm;
+{
+ struct inflate_state FAR *state;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ return state->mode == STORED && state->bits == 0;
+}
+
+int ZEXPORT inflateCopy(dest, source)
+z_streamp dest;
+z_streamp source;
+{
+ struct inflate_state FAR *state;
+ struct inflate_state FAR *copy;
+ unsigned char FAR *window;
+ unsigned wsize;
+
+ /* check input */
+ if (dest == Z_NULL || source == Z_NULL || source->state == Z_NULL ||
+ source->zalloc == (alloc_func)0 || source->zfree == (free_func)0)
+ return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)source->state;
+
+ /* allocate space */
+ copy = (struct inflate_state FAR *)
+ ZALLOC(source, 1, sizeof(struct inflate_state));
+ if (copy == Z_NULL) return Z_MEM_ERROR;
+ window = Z_NULL;
+ if (state->window != Z_NULL) {
+ window = (unsigned char FAR *)
+ ZALLOC(source, 1U << state->wbits, sizeof(unsigned char));
+ if (window == Z_NULL) {
+ ZFREE(source, copy);
+ return Z_MEM_ERROR;
+ }
+ }
+
+ /* copy state */
+ zmemcpy((voidpf)dest, (voidpf)source, sizeof(z_stream));
+ zmemcpy((voidpf)copy, (voidpf)state, sizeof(struct inflate_state));
+ if (state->lencode >= state->codes &&
+ state->lencode <= state->codes + ENOUGH - 1) {
+ copy->lencode = copy->codes + (state->lencode - state->codes);
+ copy->distcode = copy->codes + (state->distcode - state->codes);
+ }
+ copy->next = copy->codes + (state->next - state->codes);
+ if (window != Z_NULL) {
+ wsize = 1U << state->wbits;
+ zmemcpy(window, state->window, wsize);
+ }
+ copy->window = window;
+ dest->state = (struct internal_state FAR *)copy;
+ return Z_OK;
+}
+
+int ZEXPORT inflateUndermine(strm, subvert)
+z_streamp strm;
+int subvert;
+{
+ struct inflate_state FAR *state;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ state->sane = !subvert;
+#ifdef INFLATE_ALLOW_INVALID_DISTANCE_TOOFAR_ARRR
+ return Z_OK;
+#else
+ state->sane = 1;
+ return Z_DATA_ERROR;
+#endif
+}
+
+long ZEXPORT inflateMark(strm)
+z_streamp strm;
+{
+ struct inflate_state FAR *state;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return -1L << 16;
+ state = (struct inflate_state FAR *)strm->state;
+ return ((long)(state->back) << 16) +
+ (state->mode == COPY ? state->length :
+ (state->mode == MATCH ? state->was - state->length : 0));
+}
--- /dev/null
+/* inflate.h -- internal inflate state definition
+ * Copyright (C) 1995-2009 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* WARNING: this file should *not* be used by applications. It is
+ part of the implementation of the compression library and is
+ subject to change. Applications should only use zlib.h.
+ */
+
+/* define NO_GZIP when compiling if you want to disable gzip header and
+ trailer decoding by inflate(). NO_GZIP would be used to avoid linking in
+ the crc code when it is not needed. For shared libraries, gzip decoding
+ should be left enabled. */
+#ifndef NO_GZIP
+# define GUNZIP
+#endif
+
+/* Possible inflate modes between inflate() calls */
+typedef enum {
+ HEAD, /* i: waiting for magic header */
+ FLAGS, /* i: waiting for method and flags (gzip) */
+ TIME, /* i: waiting for modification time (gzip) */
+ OS, /* i: waiting for extra flags and operating system (gzip) */
+ EXLEN, /* i: waiting for extra length (gzip) */
+ EXTRA, /* i: waiting for extra bytes (gzip) */
+ NAME, /* i: waiting for end of file name (gzip) */
+ COMMENT, /* i: waiting for end of comment (gzip) */
+ HCRC, /* i: waiting for header crc (gzip) */
+ DICTID, /* i: waiting for dictionary check value */
+ DICT, /* waiting for inflateSetDictionary() call */
+ TYPE, /* i: waiting for type bits, including last-flag bit */
+ TYPEDO, /* i: same, but skip check to exit inflate on new block */
+ STORED, /* i: waiting for stored size (length and complement) */
+ COPY_, /* i/o: same as COPY below, but only first time in */
+ COPY, /* i/o: waiting for input or output to copy stored block */
+ TABLE, /* i: waiting for dynamic block table lengths */
+ LENLENS, /* i: waiting for code length code lengths */
+ CODELENS, /* i: waiting for length/lit and distance code lengths */
+ LEN_, /* i: same as LEN below, but only first time in */
+ LEN, /* i: waiting for length/lit/eob code */
+ LENEXT, /* i: waiting for length extra bits */
+ DIST, /* i: waiting for distance code */
+ DISTEXT, /* i: waiting for distance extra bits */
+ MATCH, /* o: waiting for output space to copy string */
+ LIT, /* o: waiting for output space to write literal */
+ CHECK, /* i: waiting for 32-bit check value */
+ LENGTH, /* i: waiting for 32-bit length (gzip) */
+ DONE, /* finished check, done -- remain here until reset */
+ BAD, /* got a data error -- remain here until reset */
+ MEM, /* got an inflate() memory error -- remain here until reset */
+ SYNC /* looking for synchronization bytes to restart inflate() */
+} inflate_mode;
+
+/*
+ State transitions between above modes -
+
+ (most modes can go to BAD or MEM on error -- not shown for clarity)
+
+ Process header:
+ HEAD -> (gzip) or (zlib) or (raw)
+ (gzip) -> FLAGS -> TIME -> OS -> EXLEN -> EXTRA -> NAME -> COMMENT ->
+ HCRC -> TYPE
+ (zlib) -> DICTID or TYPE
+ DICTID -> DICT -> TYPE
+ (raw) -> TYPEDO
+ Read deflate blocks:
+ TYPE -> TYPEDO -> STORED or TABLE or LEN_ or CHECK
+ STORED -> COPY_ -> COPY -> TYPE
+ TABLE -> LENLENS -> CODELENS -> LEN_
+ LEN_ -> LEN
+ Read deflate codes in fixed or dynamic block:
+ LEN -> LENEXT or LIT or TYPE
+ LENEXT -> DIST -> DISTEXT -> MATCH -> LEN
+ LIT -> LEN
+ Process trailer:
+ CHECK -> LENGTH -> DONE
+ */
+
+/* state maintained between inflate() calls. Approximately 10K bytes. */
+struct inflate_state {
+ inflate_mode mode; /* current inflate mode */
+ int last; /* true if processing last block */
+ int wrap; /* bit 0 true for zlib, bit 1 true for gzip */
+ int havedict; /* true if dictionary provided */
+ int flags; /* gzip header method and flags (0 if zlib) */
+ unsigned dmax; /* zlib header max distance (INFLATE_STRICT) */
+ unsigned long check; /* protected copy of check value */
+ unsigned long total; /* protected copy of output count */
+ gz_headerp head; /* where to save gzip header information */
+ /* sliding window */
+ unsigned wbits; /* log base 2 of requested window size */
+ unsigned wsize; /* window size or zero if not using window */
+ unsigned whave; /* valid bytes in the window */
+ unsigned wnext; /* window write index */
+ unsigned char FAR *window; /* allocated sliding window, if needed */
+ /* bit accumulator */
+ unsigned long hold; /* input bit accumulator */
+ unsigned bits; /* number of bits in "in" */
+ /* for string and stored block copying */
+ unsigned length; /* literal or length of data to copy */
+ unsigned offset; /* distance back to copy string from */
+ /* for table and code decoding */
+ unsigned extra; /* extra bits needed */
+ /* fixed and dynamic code tables */
+ code const FAR *lencode; /* starting table for length/literal codes */
+ code const FAR *distcode; /* starting table for distance codes */
+ unsigned lenbits; /* index bits for lencode */
+ unsigned distbits; /* index bits for distcode */
+ /* dynamic table building */
+ unsigned ncode; /* number of code length code lengths */
+ unsigned nlen; /* number of length code lengths */
+ unsigned ndist; /* number of distance code lengths */
+ unsigned have; /* number of code lengths in lens[] */
+ code FAR *next; /* next available space in codes[] */
+ unsigned short lens[320]; /* temporary storage for code lengths */
+ unsigned short work[288]; /* work area for code table building */
+ code codes[ENOUGH]; /* space for code tables */
+ int sane; /* if false, allow invalid distance too far */
+ int back; /* bits back of last unprocessed length/lit */
+ unsigned was; /* initial length of match */
+};
--- /dev/null
+/* inftrees.c -- generate Huffman trees for efficient decoding
+ * Copyright (C) 1995-2013 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+#include "zutil.h"
+#include "inftrees.h"
+
+#define MAXBITS 15
+
+const char inflate_copyright[] =
+ " inflate 1.2.8.f-Proxmark3 Copyright 1995-2013 Mark Adler ";
+/*
+ If you use the zlib library in a product, an acknowledgment is welcome
+ in the documentation of your product. If for some reason you cannot
+ include such an acknowledgment, I would appreciate that you keep this
+ copyright string in the executable of your product.
+ */
+
+/*
+ Build a set of tables to decode the provided canonical Huffman code.
+ The code lengths are lens[0..codes-1]. The result starts at *table,
+ whose indices are 0..2^bits-1. work is a writable array of at least
+ lens shorts, which is used as a work area. type is the type of code
+ to be generated, CODES, LENS, or DISTS. On return, zero is success,
+ -1 is an invalid code, and +1 means that ENOUGH isn't enough. table
+ on return points to the next available entry's address. bits is the
+ requested root table index bits, and on return it is the actual root
+ table index bits. It will differ if the request is greater than the
+ longest code or if it is less than the shortest code.
+ */
+int ZLIB_INTERNAL inflate_table(codetype type, unsigned short FAR *lens,
+ unsigned codes, code FAR * FAR *table,
+ unsigned FAR *bits, unsigned short FAR *work)
+{
+ unsigned len; /* a code's length in bits */
+ unsigned sym; /* index of code symbols */
+ unsigned min, max; /* minimum and maximum code lengths */
+ unsigned root; /* number of index bits for root table */
+ unsigned curr; /* number of index bits for current table */
+ unsigned drop; /* code bits to drop for sub-table */
+ int left; /* number of prefix codes available */
+ unsigned used; /* code entries in table used */
+ unsigned huff; /* Huffman code */
+ unsigned incr; /* for incrementing code, index */
+ unsigned fill; /* index for replicating entries */
+ unsigned low; /* low bits for current root entry */
+ unsigned mask; /* mask for low root bits */
+ code here; /* table entry for duplication */
+ code FAR *next; /* next available space in table */
+ const unsigned short FAR *base; /* base value table to use */
+ const unsigned short FAR *extra; /* extra bits table to use */
+ int end; /* use base and extra for symbol > end */
+ unsigned short count[MAXBITS+1]; /* number of codes of each length */
+ unsigned short offs[MAXBITS+1]; /* offsets in table for each length */
+ static const unsigned short lbase[31] = { /* Length codes 257..285 base */
+ 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 15, 17, 19, 23, 27, 31,
+ 35, 43, 51, 59, 67, 83, 99, 115, 131, 163, 195, 227, 258, 0, 0};
+ static const unsigned short lext[31] = { /* Length codes 257..285 extra */
+ 16, 16, 16, 16, 16, 16, 16, 16, 17, 17, 17, 17, 18, 18, 18, 18,
+ 19, 19, 19, 19, 20, 20, 20, 20, 21, 21, 21, 21, 16, 72, 78};
+ static const unsigned short dbase[32] = { /* Distance codes 0..29 base */
+ 1, 2, 3, 4, 5, 7, 9, 13, 17, 25, 33, 49, 65, 97, 129, 193,
+ 257, 385, 513, 769, 1025, 1537, 2049, 3073, 4097, 6145,
+ 8193, 12289, 16385, 24577, 0, 0};
+ static const unsigned short dext[32] = { /* Distance codes 0..29 extra */
+ 16, 16, 16, 16, 17, 17, 18, 18, 19, 19, 20, 20, 21, 21, 22, 22,
+ 23, 23, 24, 24, 25, 25, 26, 26, 27, 27,
+ 28, 28, 29, 29, 64, 64};
+
+ /*
+ Process a set of code lengths to create a canonical Huffman code. The
+ code lengths are lens[0..codes-1]. Each length corresponds to the
+ symbols 0..codes-1. The Huffman code is generated by first sorting the
+ symbols by length from short to long, and retaining the symbol order
+ for codes with equal lengths. Then the code starts with all zero bits
+ for the first code of the shortest length, and the codes are integer
+ increments for the same length, and zeros are appended as the length
+ increases. For the deflate format, these bits are stored backwards
+ from their more natural integer increment ordering, and so when the
+ decoding tables are built in the large loop below, the integer codes
+ are incremented backwards.
+
+ This routine assumes, but does not check, that all of the entries in
+ lens[] are in the range 0..MAXBITS. The caller must assure this.
+ 1..MAXBITS is interpreted as that code length. zero means that that
+ symbol does not occur in this code.
+
+ The codes are sorted by computing a count of codes for each length,
+ creating from that a table of starting indices for each length in the
+ sorted table, and then entering the symbols in order in the sorted
+ table. The sorted table is work[], with that space being provided by
+ the caller.
+
+ The length counts are used for other purposes as well, i.e. finding
+ the minimum and maximum length codes, determining if there are any
+ codes at all, checking for a valid set of lengths, and looking ahead
+ at length counts to determine sub-table sizes when building the
+ decoding tables.
+ */
+
+ /* accumulate lengths for codes (assumes lens[] all in 0..MAXBITS) */
+ for (len = 0; len <= MAXBITS; len++)
+ count[len] = 0;
+ for (sym = 0; sym < codes; sym++)
+ count[lens[sym]]++;
+
+ /* bound code lengths, force root to be within code lengths */
+ root = *bits;
+ for (max = MAXBITS; max >= 1; max--)
+ if (count[max] != 0) break;
+ if (root > max) root = max;
+ if (max == 0) { /* no symbols to code at all */
+ here.op = (unsigned char)64; /* invalid code marker */
+ here.bits = (unsigned char)1;
+ here.val = (unsigned short)0;
+ *(*table)++ = here; /* make a table to force an error */
+ *(*table)++ = here;
+ *bits = 1;
+ return 0; /* no symbols, but wait for decoding to report error */
+ }
+ for (min = 1; min < max; min++)
+ if (count[min] != 0) break;
+ if (root < min) root = min;
+
+ /* check for an over-subscribed or incomplete set of lengths */
+ left = 1;
+ for (len = 1; len <= MAXBITS; len++) {
+ left <<= 1;
+ left -= count[len];
+ if (left < 0) return -1; /* over-subscribed */
+ }
+ if (left > 0 && (type == CODES || max != 1))
+ return -1; /* incomplete set */
+
+ /* generate offsets into symbol table for each length for sorting */
+ offs[1] = 0;
+ for (len = 1; len < MAXBITS; len++)
+ offs[len + 1] = offs[len] + count[len];
+
+ /* sort symbols by length, by symbol order within each length */
+ for (sym = 0; sym < codes; sym++)
+ if (lens[sym] != 0) work[offs[lens[sym]]++] = (unsigned short)sym;
+
+ /*
+ Create and fill in decoding tables. In this loop, the table being
+ filled is at next and has curr index bits. The code being used is huff
+ with length len. That code is converted to an index by dropping drop
+ bits off of the bottom. For codes where len is less than drop + curr,
+ those top drop + curr - len bits are incremented through all values to
+ fill the table with replicated entries.
+
+ root is the number of index bits for the root table. When len exceeds
+ root, sub-tables are created pointed to by the root entry with an index
+ of the low root bits of huff. This is saved in low to check for when a
+ new sub-table should be started. drop is zero when the root table is
+ being filled, and drop is root when sub-tables are being filled.
+
+ When a new sub-table is needed, it is necessary to look ahead in the
+ code lengths to determine what size sub-table is needed. The length
+ counts are used for this, and so count[] is decremented as codes are
+ entered in the tables.
+
+ used keeps track of how many table entries have been allocated from the
+ provided *table space. It is checked for LENS and DIST tables against
+ the constants ENOUGH_LENS and ENOUGH_DISTS to guard against changes in
+ the initial root table size constants. See the comments in inftrees.h
+ for more information.
+
+ sym increments through all symbols, and the loop terminates when
+ all codes of length max, i.e. all codes, have been processed. This
+ routine permits incomplete codes, so another loop after this one fills
+ in the rest of the decoding tables with invalid code markers.
+ */
+
+ /* set up for code type */
+ switch (type) {
+ case CODES:
+ base = extra = work; /* dummy value--not used */
+ end = 19;
+ break;
+ case LENS:
+ base = lbase;
+ base -= 257;
+ extra = lext;
+ extra -= 257;
+ end = 256;
+ break;
+ default: /* DISTS */
+ base = dbase;
+ extra = dext;
+ end = -1;
+ }
+
+ /* initialize state for loop */
+ huff = 0; /* starting code */
+ sym = 0; /* starting code symbol */
+ len = min; /* starting code length */
+ next = *table; /* current table to fill in */
+ curr = root; /* current table index bits */
+ drop = 0; /* current bits to drop from code for index */
+ low = (unsigned)(-1); /* trigger new sub-table when len > root */
+ used = 1U << root; /* use root table entries */
+ mask = used - 1; /* mask for comparing low */
+
+ /* check available table space */
+ if ((type == LENS && used > ENOUGH_LENS) ||
+ (type == DISTS && used > ENOUGH_DISTS))
+ return 1;
+
+ /* process all codes and make table entries */
+ for (;;) {
+ /* create table entry */
+ here.bits = (unsigned char)(len - drop);
+ if ((int)(work[sym]) < end) {
+ here.op = (unsigned char)0;
+ here.val = work[sym];
+ }
+ else if ((int)(work[sym]) > end) {
+ here.op = (unsigned char)(extra[work[sym]]);
+ here.val = base[work[sym]];
+ }
+ else {
+ here.op = (unsigned char)(32 + 64); /* end of block */
+ here.val = 0;
+ }
+
+ /* replicate for those indices with low len bits equal to huff */
+ incr = 1U << (len - drop);
+ fill = 1U << curr;
+ min = fill; /* save offset to next table */
+ do {
+ fill -= incr;
+ next[(huff >> drop) + fill] = here;
+ } while (fill != 0);
+
+ /* backwards increment the len-bit code huff */
+ incr = 1U << (len - 1);
+ while (huff & incr)
+ incr >>= 1;
+ if (incr != 0) {
+ huff &= incr - 1;
+ huff += incr;
+ }
+ else
+ huff = 0;
+
+ /* go to next symbol, update count, len */
+ sym++;
+ if (--(count[len]) == 0) {
+ if (len == max) break;
+ len = lens[work[sym]];
+ }
+
+ /* create new sub-table if needed */
+ if (len > root && (huff & mask) != low) {
+ /* if first time, transition to sub-tables */
+ if (drop == 0)
+ drop = root;
+
+ /* increment past last table */
+ next += min; /* here min is 1 << curr */
+
+ /* determine length of next table */
+ curr = len - drop;
+ left = (int)(1 << curr);
+ while (curr + drop < max) {
+ left -= count[curr + drop];
+ if (left <= 0) break;
+ curr++;
+ left <<= 1;
+ }
+
+ /* check for enough space */
+ used += 1U << curr;
+ if ((type == LENS && used > ENOUGH_LENS) ||
+ (type == DISTS && used > ENOUGH_DISTS))
+ return 1;
+
+ /* point entry in root table to sub-table */
+ low = huff & mask;
+ (*table)[low].op = (unsigned char)curr;
+ (*table)[low].bits = (unsigned char)root;
+ (*table)[low].val = (unsigned short)(next - *table);
+ }
+ }
+
+ /* fill in remaining table entry if code is incomplete (guaranteed to have
+ at most one remaining entry, since if the code is incomplete, the
+ maximum code length that was allowed to get this far is one bit) */
+ if (huff != 0) {
+ here.op = (unsigned char)64; /* invalid code marker */
+ here.bits = (unsigned char)(len - drop);
+ here.val = (unsigned short)0;
+ next[huff] = here;
+ }
+
+ /* set return parameters */
+ *table += used;
+ *bits = root;
+ return 0;
+}
--- /dev/null
+/* inftrees.h -- header to use inftrees.c
+ * Copyright (C) 1995-2005, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* WARNING: this file should *not* be used by applications. It is
+ part of the implementation of the compression library and is
+ subject to change. Applications should only use zlib.h.
+ */
+
+/* Structure for decoding tables. Each entry provides either the
+ information needed to do the operation requested by the code that
+ indexed that table entry, or it provides a pointer to another
+ table that indexes more bits of the code. op indicates whether
+ the entry is a pointer to another table, a literal, a length or
+ distance, an end-of-block, or an invalid code. For a table
+ pointer, the low four bits of op is the number of index bits of
+ that table. For a length or distance, the low four bits of op
+ is the number of extra bits to get after the code. bits is
+ the number of bits in this code or part of the code to drop off
+ of the bit buffer. val is the actual byte to output in the case
+ of a literal, the base length or distance, or the offset from
+ the current table to the next table. Each entry is four bytes. */
+typedef struct {
+ unsigned char op; /* operation, extra bits, table bits */
+ unsigned char bits; /* bits in this part of the code */
+ unsigned short val; /* offset in table or code value */
+} code;
+
+/* op values as set by inflate_table():
+ 00000000 - literal
+ 0000tttt - table link, tttt != 0 is the number of table index bits
+ 0001eeee - length or distance, eeee is the number of extra bits
+ 01100000 - end of block
+ 01000000 - invalid code
+ */
+
+/* Maximum size of the dynamic table. The maximum number of code structures is
+ 1444, which is the sum of 852 for literal/length codes and 592 for distance
+ codes. These values were found by exhaustive searches using the program
+ examples/enough.c found in the zlib distribtution. The arguments to that
+ program are the number of symbols, the initial root table size, and the
+ maximum bit length of a code. "enough 286 9 15" for literal/length codes
+ returns returns 852, and "enough 30 6 15" for distance codes returns 592.
+ The initial root table size (9 or 6) is found in the fifth argument of the
+ inflate_table() calls in inflate.c and infback.c. If the root table size is
+ changed, then these maximum sizes would be need to be recalculated and
+ updated. */
+#define ENOUGH_LENS 852
+#define ENOUGH_DISTS 592
+#define ENOUGH (ENOUGH_LENS+ENOUGH_DISTS)
+
+/* Type of code to build for inflate_table() */
+typedef enum {
+ CODES,
+ LENS,
+ DISTS
+} codetype;
+
+int ZLIB_INTERNAL inflate_table OF((codetype type, unsigned short FAR *lens,
+ unsigned codes, code FAR * FAR *table,
+ unsigned FAR *bits, unsigned short FAR *work));
--- /dev/null
+/* trees.c -- output deflated data using Huffman coding
+ * Copyright (C) 1995-2012 Jean-loup Gailly
+ * detect_data_type() function provided freely by Cosmin Truta, 2006
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/*
+ * ALGORITHM
+ *
+ * The "deflation" process uses several Huffman trees. The more
+ * common source values are represented by shorter bit sequences.
+ *
+ * Each code tree is stored in a compressed form which is itself
+ * a Huffman encoding of the lengths of all the code strings (in
+ * ascending order by source values). The actual code strings are
+ * reconstructed from the lengths in the inflate process, as described
+ * in the deflate specification.
+ *
+ * REFERENCES
+ *
+ * Deutsch, L.P.,"'Deflate' Compressed Data Format Specification".
+ * Available in ftp.uu.net:/pub/archiving/zip/doc/deflate-1.1.doc
+ *
+ * Storer, James A.
+ * Data Compression: Methods and Theory, pp. 49-50.
+ * Computer Science Press, 1988. ISBN 0-7167-8156-5.
+ *
+ * Sedgewick, R.
+ * Algorithms, p290.
+ * Addison-Wesley, 1983. ISBN 0-201-06672-6.
+ */
+
+/* @(#) $Id$ */
+
+//-----------------------------------------------------------------------------
+// This version of zlib is modified for use within the Proxmark3 project.
+// Files from the original distribution which are not required for this
+// purpose are not included. All modifications can easily be found
+// by searching for #ifdef ZLIB_PM3_TUNED and #ifndef ZLIB_PM3_TUNED.
+//-----------------------------------------------------------------------------
+
+/* #define GEN_TREES_H */
+
+
+#include "deflate.h"
+
+#ifdef DEBUG
+# include <ctype.h>
+#endif
+
+/* ===========================================================================
+ * Constants
+ */
+
+#define MAX_BL_BITS 7
+/* Bit length codes must not exceed MAX_BL_BITS bits */
+
+#define END_BLOCK 256
+/* end of block literal code */
+
+#define REP_3_6 16
+/* repeat previous bit length 3-6 times (2 bits of repeat count) */
+
+#define REPZ_3_10 17
+/* repeat a zero length 3-10 times (3 bits of repeat count) */
+
+#define REPZ_11_138 18
+/* repeat a zero length 11-138 times (7 bits of repeat count) */
+
+local const int extra_lbits[LENGTH_CODES] /* extra bits for each length code */
+ = {0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0};
+
+local const int extra_dbits[D_CODES] /* extra bits for each distance code */
+ = {0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13};
+
+local const int extra_blbits[BL_CODES]/* extra bits for each bit length code */
+ = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,3,7};
+
+local const uch bl_order[BL_CODES]
+ = {16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15};
+/* The lengths of the bit length codes are sent in order of decreasing
+ * probability, to avoid transmitting the lengths for unused bit length codes.
+ */
+
+/* ===========================================================================
+ * Local data. These are initialized only once.
+ */
+
+#define DIST_CODE_LEN 512 /* see definition of array dist_code below */
+
+#if defined(GEN_TREES_H) || !defined(STDC)
+/* non ANSI compilers may not accept trees.h */
+
+local ct_data static_ltree[L_CODES+2];
+/* The static literal tree. Since the bit lengths are imposed, there is no
+ * need for the L_CODES extra codes used during heap construction. However
+ * The codes 286 and 287 are needed to build a canonical tree (see _tr_init
+ * below).
+ */
+
+local ct_data static_dtree[D_CODES];
+/* The static distance tree. (Actually a trivial tree since all codes use
+ * 5 bits.)
+ */
+
+uch _dist_code[DIST_CODE_LEN];
+/* Distance codes. The first 256 values correspond to the distances
+ * 3 .. 258, the last 256 values correspond to the top 8 bits of
+ * the 15 bit distances.
+ */
+
+uch _length_code[MAX_MATCH-MIN_MATCH+1];
+/* length code for each normalized match length (0 == MIN_MATCH) */
+
+local int base_length[LENGTH_CODES];
+/* First normalized length for each code (0 = MIN_MATCH) */
+
+local int base_dist[D_CODES];
+/* First normalized distance for each code (0 = distance of 1) */
+
+#else
+# include "trees.h"
+#endif /* GEN_TREES_H */
+
+struct static_tree_desc_s {
+ const ct_data *static_tree; /* static tree or NULL */
+ const intf *extra_bits; /* extra bits for each code or NULL */
+ int extra_base; /* base index for extra_bits */
+ int elems; /* max number of elements in the tree */
+ int max_length; /* max bit length for the codes */
+};
+
+local static_tree_desc static_l_desc =
+{static_ltree, extra_lbits, LITERALS+1, L_CODES, MAX_BITS};
+
+local static_tree_desc static_d_desc =
+{static_dtree, extra_dbits, 0, D_CODES, MAX_BITS};
+
+local static_tree_desc static_bl_desc =
+{(const ct_data *)0, extra_blbits, 0, BL_CODES, MAX_BL_BITS};
+
+/* ===========================================================================
+ * Local (static) routines in this file.
+ */
+
+local void tr_static_init OF((void));
+local void init_block OF((deflate_state *s));
+local void pqdownheap OF((deflate_state *s, ct_data *tree, int k));
+local void gen_bitlen OF((deflate_state *s, tree_desc *desc));
+local void gen_codes OF((ct_data *tree, int max_code, ushf *bl_count));
+local void build_tree OF((deflate_state *s, tree_desc *desc));
+local void scan_tree OF((deflate_state *s, ct_data *tree, int max_code));
+local void send_tree OF((deflate_state *s, ct_data *tree, int max_code));
+local int build_bl_tree OF((deflate_state *s));
+local void send_all_trees OF((deflate_state *s, int lcodes, int dcodes,
+ int blcodes));
+local void compress_block OF((deflate_state *s, const ct_data *ltree,
+ const ct_data *dtree));
+local int detect_data_type OF((deflate_state *s));
+local unsigned bi_reverse OF((unsigned value, int length));
+local void bi_windup OF((deflate_state *s));
+local void bi_flush OF((deflate_state *s));
+local void copy_block OF((deflate_state *s, charf *buf, unsigned len,
+ int header));
+
+#ifdef GEN_TREES_H
+local void gen_trees_header OF((void));
+#endif
+
+#ifndef DEBUG
+# define send_code(s, c, tree) send_bits(s, tree[c].Code, tree[c].Len)
+ /* Send a code of the given tree. c and tree must not have side effects */
+
+#else /* DEBUG */
+# define send_code(s, c, tree) \
+ { if (z_verbose>2) fprintf(stderr,"\ncd %3d ",(c)); \
+ send_bits(s, tree[c].Code, tree[c].Len); }
+#endif
+
+/* ===========================================================================
+ * Output a short LSB first on the stream.
+ * IN assertion: there is enough room in pendingBuf.
+ */
+#define put_short(s, w) { \
+ put_byte(s, (uch)((w) & 0xff)); \
+ put_byte(s, (uch)((ush)(w) >> 8)); \
+}
+
+/* ===========================================================================
+ * Send a value on a given number of bits.
+ * IN assertion: length <= 16 and value fits in length bits.
+ */
+#ifdef DEBUG
+local void send_bits OF((deflate_state *s, int value, int length));
+
+local void send_bits(s, value, length)
+ deflate_state *s;
+ int value; /* value to send */
+ int length; /* number of bits */
+{
+ Tracevv((stderr," l %2d v %4x ", length, value));
+ Assert(length > 0 && length <= 15, "invalid length");
+ s->bits_sent += (ulg)length;
+
+ /* If not enough room in bi_buf, use (valid) bits from bi_buf and
+ * (16 - bi_valid) bits from value, leaving (width - (16-bi_valid))
+ * unused bits in value.
+ */
+ if (s->bi_valid > (int)Buf_size - length) {
+ s->bi_buf |= (ush)value << s->bi_valid;
+ put_short(s, s->bi_buf);
+ s->bi_buf = (ush)value >> (Buf_size - s->bi_valid);
+ s->bi_valid += length - Buf_size;
+ } else {
+ s->bi_buf |= (ush)value << s->bi_valid;
+ s->bi_valid += length;
+ }
+}
+#else /* !DEBUG */
+
+#define send_bits(s, value, length) \
+{ int len = length;\
+ if (s->bi_valid > (int)Buf_size - len) {\
+ int val = value;\
+ s->bi_buf |= (ush)val << s->bi_valid;\
+ put_short(s, s->bi_buf);\
+ s->bi_buf = (ush)val >> (Buf_size - s->bi_valid);\
+ s->bi_valid += len - Buf_size;\
+ } else {\
+ s->bi_buf |= (ush)(value) << s->bi_valid;\
+ s->bi_valid += len;\
+ }\
+}
+#endif /* DEBUG */
+
+
+/* the arguments must not have side effects */
+
+/* ===========================================================================
+ * Initialize the various 'constant' tables.
+ */
+local void tr_static_init()
+{
+#if defined(GEN_TREES_H) || !defined(STDC)
+ static int static_init_done = 0;
+ int n; /* iterates over tree elements */
+ int bits; /* bit counter */
+ int length; /* length value */
+ int code; /* code value */
+ int dist; /* distance index */
+ ush bl_count[MAX_BITS+1];
+ /* number of codes at each bit length for an optimal tree */
+
+ if (static_init_done) return;
+
+ /* For some embedded targets, global variables are not initialized: */
+#ifdef NO_INIT_GLOBAL_POINTERS
+ static_l_desc.static_tree = static_ltree;
+ static_l_desc.extra_bits = extra_lbits;
+ static_d_desc.static_tree = static_dtree;
+ static_d_desc.extra_bits = extra_dbits;
+ static_bl_desc.extra_bits = extra_blbits;
+#endif
+
+ /* Initialize the mapping length (0..255) -> length code (0..28) */
+ length = 0;
+ for (code = 0; code < LENGTH_CODES-1; code++) {
+ base_length[code] = length;
+ for (n = 0; n < (1<<extra_lbits[code]); n++) {
+ _length_code[length++] = (uch)code;
+ }
+ }
+ Assert (length == 256, "tr_static_init: length != 256");
+ /* Note that the length 255 (match length 258) can be represented
+ * in two different ways: code 284 + 5 bits or code 285, so we
+ * overwrite length_code[255] to use the best encoding:
+ */
+ _length_code[length-1] = (uch)code;
+
+ /* Initialize the mapping dist (0..32K) -> dist code (0..29) */
+ dist = 0;
+ for (code = 0 ; code < 16; code++) {
+ base_dist[code] = dist;
+ for (n = 0; n < (1<<extra_dbits[code]); n++) {
+ _dist_code[dist++] = (uch)code;
+ }
+ }
+ Assert (dist == 256, "tr_static_init: dist != 256");
+ dist >>= 7; /* from now on, all distances are divided by 128 */
+ for ( ; code < D_CODES; code++) {
+ base_dist[code] = dist << 7;
+ for (n = 0; n < (1<<(extra_dbits[code]-7)); n++) {
+ _dist_code[256 + dist++] = (uch)code;
+ }
+ }
+ Assert (dist == 256, "tr_static_init: 256+dist != 512");
+
+ /* Construct the codes of the static literal tree */
+ for (bits = 0; bits <= MAX_BITS; bits++) bl_count[bits] = 0;
+ n = 0;
+ while (n <= 143) static_ltree[n++].Len = 8, bl_count[8]++;
+ while (n <= 255) static_ltree[n++].Len = 9, bl_count[9]++;
+ while (n <= 279) static_ltree[n++].Len = 7, bl_count[7]++;
+ while (n <= 287) static_ltree[n++].Len = 8, bl_count[8]++;
+ /* Codes 286 and 287 do not exist, but we must include them in the
+ * tree construction to get a canonical Huffman tree (longest code
+ * all ones)
+ */
+ gen_codes((ct_data *)static_ltree, L_CODES+1, bl_count);
+
+ /* The static distance tree is trivial: */
+ for (n = 0; n < D_CODES; n++) {
+ static_dtree[n].Len = 5;
+ static_dtree[n].Code = bi_reverse((unsigned)n, 5);
+ }
+ static_init_done = 1;
+
+# ifdef GEN_TREES_H
+ gen_trees_header();
+# endif
+#endif /* defined(GEN_TREES_H) || !defined(STDC) */
+}
+
+/* ===========================================================================
+ * Genererate the file trees.h describing the static trees.
+ */
+#ifdef GEN_TREES_H
+# ifndef DEBUG
+# include <stdio.h>
+# endif
+
+# define SEPARATOR(i, last, width) \
+ ((i) == (last)? "\n};\n\n" : \
+ ((i) % (width) == (width)-1 ? ",\n" : ", "))
+
+void gen_trees_header()
+{
+ FILE *header = fopen("trees.h", "w");
+ int i;
+
+ Assert (header != NULL, "Can't open trees.h");
+ fprintf(header,
+ "/* header created automatically with -DGEN_TREES_H */\n\n");
+
+ fprintf(header, "local const ct_data static_ltree[L_CODES+2] = {\n");
+ for (i = 0; i < L_CODES+2; i++) {
+ fprintf(header, "{{%3u},{%3u}}%s", static_ltree[i].Code,
+ static_ltree[i].Len, SEPARATOR(i, L_CODES+1, 5));
+ }
+
+ fprintf(header, "local const ct_data static_dtree[D_CODES] = {\n");
+ for (i = 0; i < D_CODES; i++) {
+ fprintf(header, "{{%2u},{%2u}}%s", static_dtree[i].Code,
+ static_dtree[i].Len, SEPARATOR(i, D_CODES-1, 5));
+ }
+
+ fprintf(header, "const uch ZLIB_INTERNAL _dist_code[DIST_CODE_LEN] = {\n");
+ for (i = 0; i < DIST_CODE_LEN; i++) {
+ fprintf(header, "%2u%s", _dist_code[i],
+ SEPARATOR(i, DIST_CODE_LEN-1, 20));
+ }
+
+ fprintf(header,
+ "const uch ZLIB_INTERNAL _length_code[MAX_MATCH-MIN_MATCH+1]= {\n");
+ for (i = 0; i < MAX_MATCH-MIN_MATCH+1; i++) {
+ fprintf(header, "%2u%s", _length_code[i],
+ SEPARATOR(i, MAX_MATCH-MIN_MATCH, 20));
+ }
+
+ fprintf(header, "local const int base_length[LENGTH_CODES] = {\n");
+ for (i = 0; i < LENGTH_CODES; i++) {
+ fprintf(header, "%1u%s", base_length[i],
+ SEPARATOR(i, LENGTH_CODES-1, 20));
+ }
+
+ fprintf(header, "local const int base_dist[D_CODES] = {\n");
+ for (i = 0; i < D_CODES; i++) {
+ fprintf(header, "%5u%s", base_dist[i],
+ SEPARATOR(i, D_CODES-1, 10));
+ }
+
+ fclose(header);
+}
+#endif /* GEN_TREES_H */
+
+/* ===========================================================================
+ * Initialize the tree data structures for a new zlib stream.
+ */
+void ZLIB_INTERNAL _tr_init(s)
+ deflate_state *s;
+{
+ tr_static_init();
+
+ s->l_desc.dyn_tree = s->dyn_ltree;
+ s->l_desc.stat_desc = &static_l_desc;
+
+ s->d_desc.dyn_tree = s->dyn_dtree;
+ s->d_desc.stat_desc = &static_d_desc;
+
+ s->bl_desc.dyn_tree = s->bl_tree;
+ s->bl_desc.stat_desc = &static_bl_desc;
+
+ s->bi_buf = 0;
+ s->bi_valid = 0;
+#ifdef DEBUG
+ s->compressed_len = 0L;
+ s->bits_sent = 0L;
+#endif
+
+ /* Initialize the first block of the first file: */
+ init_block(s);
+}
+
+/* ===========================================================================
+ * Initialize a new block.
+ */
+local void init_block(s)
+ deflate_state *s;
+{
+ int n; /* iterates over tree elements */
+
+ /* Initialize the trees. */
+ for (n = 0; n < L_CODES; n++) s->dyn_ltree[n].Freq = 0;
+ for (n = 0; n < D_CODES; n++) s->dyn_dtree[n].Freq = 0;
+ for (n = 0; n < BL_CODES; n++) s->bl_tree[n].Freq = 0;
+
+ s->dyn_ltree[END_BLOCK].Freq = 1;
+ s->opt_len = s->static_len = 0L;
+ s->last_lit = s->matches = 0;
+}
+
+#define SMALLEST 1
+/* Index within the heap array of least frequent node in the Huffman tree */
+
+
+/* ===========================================================================
+ * Remove the smallest element from the heap and recreate the heap with
+ * one less element. Updates heap and heap_len.
+ */
+#define pqremove(s, tree, top) \
+{\
+ top = s->heap[SMALLEST]; \
+ s->heap[SMALLEST] = s->heap[s->heap_len--]; \
+ pqdownheap(s, tree, SMALLEST); \
+}
+
+/* ===========================================================================
+ * Compares to subtrees, using the tree depth as tie breaker when
+ * the subtrees have equal frequency. This minimizes the worst case length.
+ */
+#define smaller(tree, n, m, depth) \
+ (tree[n].Freq < tree[m].Freq || \
+ (tree[n].Freq == tree[m].Freq && depth[n] <= depth[m]))
+
+/* ===========================================================================
+ * Restore the heap property by moving down the tree starting at node k,
+ * exchanging a node with the smallest of its two sons if necessary, stopping
+ * when the heap property is re-established (each father smaller than its
+ * two sons).
+ */
+local void pqdownheap(s, tree, k)
+ deflate_state *s;
+ ct_data *tree; /* the tree to restore */
+ int k; /* node to move down */
+{
+ int v = s->heap[k];
+ int j = k << 1; /* left son of k */
+ while (j <= s->heap_len) {
+ /* Set j to the smallest of the two sons: */
+ if (j < s->heap_len &&
+ smaller(tree, s->heap[j+1], s->heap[j], s->depth)) {
+ j++;
+ }
+ /* Exit if v is smaller than both sons */
+ if (smaller(tree, v, s->heap[j], s->depth)) break;
+
+ /* Exchange v with the smallest son */
+ s->heap[k] = s->heap[j]; k = j;
+
+ /* And continue down the tree, setting j to the left son of k */
+ j <<= 1;
+ }
+ s->heap[k] = v;
+}
+
+/* ===========================================================================
+ * Compute the optimal bit lengths for a tree and update the total bit length
+ * for the current block.
+ * IN assertion: the fields freq and dad are set, heap[heap_max] and
+ * above are the tree nodes sorted by increasing frequency.
+ * OUT assertions: the field len is set to the optimal bit length, the
+ * array bl_count contains the frequencies for each bit length.
+ * The length opt_len is updated; static_len is also updated if stree is
+ * not null.
+ */
+local void gen_bitlen(s, desc)
+ deflate_state *s;
+ tree_desc *desc; /* the tree descriptor */
+{
+ ct_data *tree = desc->dyn_tree;
+ int max_code = desc->max_code;
+ const ct_data *stree = desc->stat_desc->static_tree;
+ const intf *extra = desc->stat_desc->extra_bits;
+ int base = desc->stat_desc->extra_base;
+ int max_length = desc->stat_desc->max_length;
+ int h; /* heap index */
+ int n, m; /* iterate over the tree elements */
+ int bits; /* bit length */
+ int xbits; /* extra bits */
+ ush f; /* frequency */
+ int overflow = 0; /* number of elements with bit length too large */
+
+ for (bits = 0; bits <= MAX_BITS; bits++) s->bl_count[bits] = 0;
+
+ /* In a first pass, compute the optimal bit lengths (which may
+ * overflow in the case of the bit length tree).
+ */
+ tree[s->heap[s->heap_max]].Len = 0; /* root of the heap */
+
+ for (h = s->heap_max+1; h < HEAP_SIZE; h++) {
+ n = s->heap[h];
+ bits = tree[tree[n].Dad].Len + 1;
+ if (bits > max_length) bits = max_length, overflow++;
+ tree[n].Len = (ush)bits;
+ /* We overwrite tree[n].Dad which is no longer needed */
+
+ if (n > max_code) continue; /* not a leaf node */
+
+ s->bl_count[bits]++;
+ xbits = 0;
+ if (n >= base) xbits = extra[n-base];
+ f = tree[n].Freq;
+ s->opt_len += (ulg)f * (bits + xbits);
+ if (stree) s->static_len += (ulg)f * (stree[n].Len + xbits);
+ }
+ if (overflow == 0) return;
+
+ Trace((stderr,"\nbit length overflow\n"));
+ /* This happens for example on obj2 and pic of the Calgary corpus */
+
+ /* Find the first bit length which could increase: */
+ do {
+ bits = max_length-1;
+ while (s->bl_count[bits] == 0) bits--;
+ s->bl_count[bits]--; /* move one leaf down the tree */
+ s->bl_count[bits+1] += 2; /* move one overflow item as its brother */
+ s->bl_count[max_length]--;
+ /* The brother of the overflow item also moves one step up,
+ * but this does not affect bl_count[max_length]
+ */
+ overflow -= 2;
+ } while (overflow > 0);
+
+ /* Now recompute all bit lengths, scanning in increasing frequency.
+ * h is still equal to HEAP_SIZE. (It is simpler to reconstruct all
+ * lengths instead of fixing only the wrong ones. This idea is taken
+ * from 'ar' written by Haruhiko Okumura.)
+ */
+ for (bits = max_length; bits != 0; bits--) {
+ n = s->bl_count[bits];
+ while (n != 0) {
+ m = s->heap[--h];
+ if (m > max_code) continue;
+ if ((unsigned) tree[m].Len != (unsigned) bits) {
+ Trace((stderr,"code %d bits %d->%d\n", m, tree[m].Len, bits));
+ s->opt_len += ((long)bits - (long)tree[m].Len)
+ *(long)tree[m].Freq;
+ tree[m].Len = (ush)bits;
+ }
+ n--;
+ }
+ }
+}
+
+/* ===========================================================================
+ * Generate the codes for a given tree and bit counts (which need not be
+ * optimal).
+ * IN assertion: the array bl_count contains the bit length statistics for
+ * the given tree and the field len is set for all tree elements.
+ * OUT assertion: the field code is set for all tree elements of non
+ * zero code length.
+ */
+local void gen_codes (tree, max_code, bl_count)
+ ct_data *tree; /* the tree to decorate */
+ int max_code; /* largest code with non zero frequency */
+ ushf *bl_count; /* number of codes at each bit length */
+{
+ ush next_code[MAX_BITS+1]; /* next code value for each bit length */
+ ush code = 0; /* running code value */
+ int bits; /* bit index */
+ int n; /* code index */
+
+ /* The distribution counts are first used to generate the code values
+ * without bit reversal.
+ */
+ for (bits = 1; bits <= MAX_BITS; bits++) {
+ next_code[bits] = code = (code + bl_count[bits-1]) << 1;
+ }
+ /* Check that the bit counts in bl_count are consistent. The last code
+ * must be all ones.
+ */
+ Assert (code + bl_count[MAX_BITS]-1 == (1<<MAX_BITS)-1,
+ "inconsistent bit counts");
+ Tracev((stderr,"\ngen_codes: max_code %d ", max_code));
+
+ for (n = 0; n <= max_code; n++) {
+ int len = tree[n].Len;
+ if (len == 0) continue;
+ /* Now reverse the bits */
+ tree[n].Code = bi_reverse(next_code[len]++, len);
+
+ Tracecv(tree != static_ltree, (stderr,"\nn %3d %c l %2d c %4x (%x) ",
+ n, (isgraph(n) ? n : ' '), len, tree[n].Code, next_code[len]-1));
+ }
+}
+
+/* ===========================================================================
+ * Construct one Huffman tree and assigns the code bit strings and lengths.
+ * Update the total bit length for the current block.
+ * IN assertion: the field freq is set for all tree elements.
+ * OUT assertions: the fields len and code are set to the optimal bit length
+ * and corresponding code. The length opt_len is updated; static_len is
+ * also updated if stree is not null. The field max_code is set.
+ */
+local void build_tree(s, desc)
+ deflate_state *s;
+ tree_desc *desc; /* the tree descriptor */
+{
+ ct_data *tree = desc->dyn_tree;
+ const ct_data *stree = desc->stat_desc->static_tree;
+ int elems = desc->stat_desc->elems;
+ int n, m; /* iterate over heap elements */
+ int max_code = -1; /* largest code with non zero frequency */
+ int node; /* new node being created */
+
+ /* Construct the initial heap, with least frequent element in
+ * heap[SMALLEST]. The sons of heap[n] are heap[2*n] and heap[2*n+1].
+ * heap[0] is not used.
+ */
+ s->heap_len = 0, s->heap_max = HEAP_SIZE;
+
+ for (n = 0; n < elems; n++) {
+ if (tree[n].Freq != 0) {
+ s->heap[++(s->heap_len)] = max_code = n;
+ s->depth[n] = 0;
+ } else {
+ tree[n].Len = 0;
+ }
+ }
+
+ /* The pkzip format requires that at least one distance code exists,
+ * and that at least one bit should be sent even if there is only one
+ * possible code. So to avoid special checks later on we force at least
+ * two codes of non zero frequency.
+ */
+ while (s->heap_len < 2) {
+ node = s->heap[++(s->heap_len)] = (max_code < 2 ? ++max_code : 0);
+ tree[node].Freq = 1;
+ s->depth[node] = 0;
+ s->opt_len--; if (stree) s->static_len -= stree[node].Len;
+ /* node is 0 or 1 so it does not have extra bits */
+ }
+ desc->max_code = max_code;
+
+ /* The elements heap[heap_len/2+1 .. heap_len] are leaves of the tree,
+ * establish sub-heaps of increasing lengths:
+ */
+ for (n = s->heap_len/2; n >= 1; n--) pqdownheap(s, tree, n);
+
+ /* Construct the Huffman tree by repeatedly combining the least two
+ * frequent nodes.
+ */
+ node = elems; /* next internal node of the tree */
+ do {
+ pqremove(s, tree, n); /* n = node of least frequency */
+ m = s->heap[SMALLEST]; /* m = node of next least frequency */
+
+ s->heap[--(s->heap_max)] = n; /* keep the nodes sorted by frequency */
+ s->heap[--(s->heap_max)] = m;
+
+ /* Create a new node father of n and m */
+ tree[node].Freq = tree[n].Freq + tree[m].Freq;
+ s->depth[node] = (uch)((s->depth[n] >= s->depth[m] ?
+ s->depth[n] : s->depth[m]) + 1);
+ tree[n].Dad = tree[m].Dad = (ush)node;
+#ifdef DUMP_BL_TREE
+ if (tree == s->bl_tree) {
+ fprintf(stderr,"\nnode %d(%d), sons %d(%d) %d(%d)",
+ node, tree[node].Freq, n, tree[n].Freq, m, tree[m].Freq);
+ }
+#endif
+ /* and insert the new node in the heap */
+ s->heap[SMALLEST] = node++;
+ pqdownheap(s, tree, SMALLEST);
+
+ } while (s->heap_len >= 2);
+
+ s->heap[--(s->heap_max)] = s->heap[SMALLEST];
+
+ /* At this point, the fields freq and dad are set. We can now
+ * generate the bit lengths.
+ */
+ gen_bitlen(s, (tree_desc *)desc);
+
+ /* The field len is now set, we can generate the bit codes */
+ gen_codes ((ct_data *)tree, max_code, s->bl_count);
+}
+
+/* ===========================================================================
+ * Scan a literal or distance tree to determine the frequencies of the codes
+ * in the bit length tree.
+ */
+local void scan_tree (s, tree, max_code)
+ deflate_state *s;
+ ct_data *tree; /* the tree to be scanned */
+ int max_code; /* and its largest code of non zero frequency */
+{
+ int n; /* iterates over all tree elements */
+ int prevlen = -1; /* last emitted length */
+ int curlen; /* length of current code */
+ int nextlen = tree[0].Len; /* length of next code */
+ int count = 0; /* repeat count of the current code */
+ int max_count = 7; /* max repeat count */
+ int min_count = 4; /* min repeat count */
+
+ if (nextlen == 0) max_count = 138, min_count = 3;
+ tree[max_code+1].Len = (ush)0xffff; /* guard */
+
+ for (n = 0; n <= max_code; n++) {
+ curlen = nextlen; nextlen = tree[n+1].Len;
+ if (++count < max_count && curlen == nextlen) {
+ continue;
+ } else if (count < min_count) {
+ s->bl_tree[curlen].Freq += count;
+ } else if (curlen != 0) {
+ if (curlen != prevlen) s->bl_tree[curlen].Freq++;
+ s->bl_tree[REP_3_6].Freq++;
+ } else if (count <= 10) {
+ s->bl_tree[REPZ_3_10].Freq++;
+ } else {
+ s->bl_tree[REPZ_11_138].Freq++;
+ }
+ count = 0; prevlen = curlen;
+ if (nextlen == 0) {
+ max_count = 138, min_count = 3;
+ } else if (curlen == nextlen) {
+ max_count = 6, min_count = 3;
+ } else {
+ max_count = 7, min_count = 4;
+ }
+ }
+}
+
+/* ===========================================================================
+ * Send a literal or distance tree in compressed form, using the codes in
+ * bl_tree.
+ */
+local void send_tree (s, tree, max_code)
+ deflate_state *s;
+ ct_data *tree; /* the tree to be scanned */
+ int max_code; /* and its largest code of non zero frequency */
+{
+ int n; /* iterates over all tree elements */
+ int prevlen = -1; /* last emitted length */
+ int curlen; /* length of current code */
+ int nextlen = tree[0].Len; /* length of next code */
+ int count = 0; /* repeat count of the current code */
+ int max_count = 7; /* max repeat count */
+ int min_count = 4; /* min repeat count */
+
+ /* tree[max_code+1].Len = -1; */ /* guard already set */
+ if (nextlen == 0) max_count = 138, min_count = 3;
+
+ for (n = 0; n <= max_code; n++) {
+ curlen = nextlen; nextlen = tree[n+1].Len;
+ if (++count < max_count && curlen == nextlen) {
+ continue;
+ } else if (count < min_count) {
+ do { send_code(s, curlen, s->bl_tree); } while (--count != 0);
+
+ } else if (curlen != 0) {
+ if (curlen != prevlen) {
+ send_code(s, curlen, s->bl_tree); count--;
+ }
+ Assert(count >= 3 && count <= 6, " 3_6?");
+ send_code(s, REP_3_6, s->bl_tree); send_bits(s, count-3, 2);
+
+ } else if (count <= 10) {
+ send_code(s, REPZ_3_10, s->bl_tree); send_bits(s, count-3, 3);
+
+ } else {
+ send_code(s, REPZ_11_138, s->bl_tree); send_bits(s, count-11, 7);
+ }
+ count = 0; prevlen = curlen;
+ if (nextlen == 0) {
+ max_count = 138, min_count = 3;
+ } else if (curlen == nextlen) {
+ max_count = 6, min_count = 3;
+ } else {
+ max_count = 7, min_count = 4;
+ }
+ }
+}
+
+/* ===========================================================================
+ * Construct the Huffman tree for the bit lengths and return the index in
+ * bl_order of the last bit length code to send.
+ */
+local int build_bl_tree(s)
+ deflate_state *s;
+{
+ int max_blindex; /* index of last bit length code of non zero freq */
+
+ /* Determine the bit length frequencies for literal and distance trees */
+ scan_tree(s, (ct_data *)s->dyn_ltree, s->l_desc.max_code);
+ scan_tree(s, (ct_data *)s->dyn_dtree, s->d_desc.max_code);
+
+ /* Build the bit length tree: */
+ build_tree(s, (tree_desc *)(&(s->bl_desc)));
+ /* opt_len now includes the length of the tree representations, except
+ * the lengths of the bit lengths codes and the 5+5+4 bits for the counts.
+ */
+
+ /* Determine the number of bit length codes to send. The pkzip format
+ * requires that at least 4 bit length codes be sent. (appnote.txt says
+ * 3 but the actual value used is 4.)
+ */
+ for (max_blindex = BL_CODES-1; max_blindex >= 3; max_blindex--) {
+ if (s->bl_tree[bl_order[max_blindex]].Len != 0) break;
+ }
+ /* Update opt_len to include the bit length tree and counts */
+ s->opt_len += 3*(max_blindex+1) + 5+5+4;
+ Tracev((stderr, "\ndyn trees: dyn %ld, stat %ld",
+ s->opt_len, s->static_len));
+
+ return max_blindex;
+}
+
+/* ===========================================================================
+ * Send the header for a block using dynamic Huffman trees: the counts, the
+ * lengths of the bit length codes, the literal tree and the distance tree.
+ * IN assertion: lcodes >= 257, dcodes >= 1, blcodes >= 4.
+ */
+local void send_all_trees(s, lcodes, dcodes, blcodes)
+ deflate_state *s;
+ int lcodes, dcodes, blcodes; /* number of codes for each tree */
+{
+ int rank; /* index in bl_order */
+
+ Assert (lcodes >= 257 && dcodes >= 1 && blcodes >= 4, "not enough codes");
+ Assert (lcodes <= L_CODES && dcodes <= D_CODES && blcodes <= BL_CODES,
+ "too many codes");
+ Tracev((stderr, "\nbl counts: "));
+ send_bits(s, lcodes-257, 5); /* not +255 as stated in appnote.txt */
+ send_bits(s, dcodes-1, 5);
+ send_bits(s, blcodes-4, 4); /* not -3 as stated in appnote.txt */
+ for (rank = 0; rank < blcodes; rank++) {
+ Tracev((stderr, "\nbl code %2d ", bl_order[rank]));
+ send_bits(s, s->bl_tree[bl_order[rank]].Len, 3);
+ }
+ Tracev((stderr, "\nbl tree: sent %ld", s->bits_sent));
+
+ send_tree(s, (ct_data *)s->dyn_ltree, lcodes-1); /* literal tree */
+ Tracev((stderr, "\nlit tree: sent %ld", s->bits_sent));
+
+ send_tree(s, (ct_data *)s->dyn_dtree, dcodes-1); /* distance tree */
+ Tracev((stderr, "\ndist tree: sent %ld", s->bits_sent));
+}
+
+/* ===========================================================================
+ * Send a stored block
+ */
+void ZLIB_INTERNAL _tr_stored_block(s, buf, stored_len, last)
+ deflate_state *s;
+ charf *buf; /* input block */
+ ulg stored_len; /* length of input block */
+ int last; /* one if this is the last block for a file */
+{
+ send_bits(s, (STORED_BLOCK<<1)+last, 3); /* send block type */
+#ifdef DEBUG
+ s->compressed_len = (s->compressed_len + 3 + 7) & (ulg)~7L;
+ s->compressed_len += (stored_len + 4) << 3;
+#endif
+ copy_block(s, buf, (unsigned)stored_len, 1); /* with header */
+}
+
+/* ===========================================================================
+ * Flush the bits in the bit buffer to pending output (leaves at most 7 bits)
+ */
+void ZLIB_INTERNAL _tr_flush_bits(s)
+ deflate_state *s;
+{
+ bi_flush(s);
+}
+
+/* ===========================================================================
+ * Send one empty static block to give enough lookahead for inflate.
+ * This takes 10 bits, of which 7 may remain in the bit buffer.
+ */
+void ZLIB_INTERNAL _tr_align(s)
+ deflate_state *s;
+{
+ send_bits(s, STATIC_TREES<<1, 3);
+ send_code(s, END_BLOCK, static_ltree);
+#ifdef DEBUG
+ s->compressed_len += 10L; /* 3 for block type, 7 for EOB */
+#endif
+ bi_flush(s);
+}
+
+/* ===========================================================================
+ * Determine the best encoding for the current block: dynamic trees, static
+ * trees or store, and output the encoded block to the zip file.
+ */
+void ZLIB_INTERNAL _tr_flush_block(s, buf, stored_len, last)
+ deflate_state *s;
+ charf *buf; /* input block, or NULL if too old */
+ ulg stored_len; /* length of input block */
+ int last; /* one if this is the last block for a file */
+{
+ int max_blindex = 0; /* index of last bit length code of non zero freq */
+#ifndef ZLIB_PM3_TUNED
+ ulg opt_lenb, static_lenb; /* opt_len and static_len in bytes */
+
+ /* Build the Huffman trees unless a stored block is forced */
+ if (s->level > 0) {
+#endif
+ /* Check if the file is binary or text */
+ if (s->strm->data_type == Z_UNKNOWN)
+ s->strm->data_type = detect_data_type(s);
+
+ /* Construct the literal and distance trees */
+ build_tree(s, (tree_desc *)(&(s->l_desc)));
+ Tracev((stderr, "\nlit data: dyn %ld, stat %ld", s->opt_len,
+ s->static_len));
+
+ build_tree(s, (tree_desc *)(&(s->d_desc)));
+ Tracev((stderr, "\ndist data: dyn %ld, stat %ld", s->opt_len,
+ s->static_len));
+ /* At this point, opt_len and static_len are the total bit lengths of
+ * the compressed block data, excluding the tree representations.
+ */
+
+ /* Build the bit length tree for the above two trees, and get the index
+ * in bl_order of the last bit length code to send.
+ */
+ max_blindex = build_bl_tree(s);
+
+#ifndef ZLIB_PM3_TUNED
+ /* Determine the best encoding. Compute the block lengths in bytes. */
+ opt_lenb = (s->opt_len+3+7)>>3;
+ static_lenb = (s->static_len+3+7)>>3;
+
+ Tracev((stderr, "\nopt %lu(%lu) stat %lu(%lu) stored %lu lit %u ",
+ opt_lenb, s->opt_len, static_lenb, s->static_len, stored_len,
+ s->last_lit));
+
+ if (static_lenb <= opt_lenb) opt_lenb = static_lenb;
+
+ } else {
+ Assert(buf != (char*)0, "lost buf");
+ opt_lenb = static_lenb = stored_len + 5; /* force a stored block */
+ }
+
+#ifdef FORCE_STORED
+ if (buf != (char*)0) { /* force stored block */
+#else
+ if (stored_len+4 <= opt_lenb && buf != (char*)0) {
+ /* 4: two words for the lengths */
+#endif
+ /* The test buf != NULL is only necessary if LIT_BUFSIZE > WSIZE.
+ * Otherwise we can't have processed more than WSIZE input bytes since
+ * the last block flush, because compression would have been
+ * successful. If LIT_BUFSIZE <= WSIZE, it is never too late to
+ * transform a block into a stored block.
+ */
+ _tr_stored_block(s, buf, stored_len, last);
+
+#ifdef FORCE_STATIC
+ } else if (static_lenb >= 0) { /* force static trees */
+#else
+ } else if (s->strategy == Z_FIXED || static_lenb == opt_lenb) {
+#endif
+ send_bits(s, (STATIC_TREES<<1)+last, 3);
+ compress_block(s, (const ct_data *)static_ltree,
+ (const ct_data *)static_dtree);
+#ifdef DEBUG
+ s->compressed_len += 3 + s->static_len;
+#endif
+ } else {
+#endif /* !ZLIB_PM3_TUNED */
+ send_bits(s, (DYN_TREES<<1)+last, 3);
+ send_all_trees(s, s->l_desc.max_code+1, s->d_desc.max_code+1,
+ max_blindex+1);
+ compress_block(s, (const ct_data *)s->dyn_ltree,
+ (const ct_data *)s->dyn_dtree);
+#ifdef DEBUG
+ s->compressed_len += 3 + s->opt_len;
+#endif
+#ifndef ZLIB_PM3_TUNED
+ }
+#endif
+ Assert (s->compressed_len == s->bits_sent, "bad compressed size");
+ /* The above check is made mod 2^32, for files larger than 512 MB
+ * and uLong implemented on 32 bits.
+ */
+ init_block(s);
+
+ if (last) {
+ bi_windup(s);
+#ifdef DEBUG
+ s->compressed_len += 7; /* align on byte boundary */
+#endif
+ }
+ Tracev((stderr,"\ncomprlen %lu(%lu) ", s->compressed_len>>3,
+ s->compressed_len-7*last));
+}
+
+/* ===========================================================================
+ * Save the match info and tally the frequency counts. Return true if
+ * the current block must be flushed.
+ */
+int ZLIB_INTERNAL _tr_tally (s, dist, lc)
+ deflate_state *s;
+ unsigned dist; /* distance of matched string */
+ unsigned lc; /* match length-MIN_MATCH or unmatched char (if dist==0) */
+{
+ s->d_buf[s->last_lit] = (ush)dist;
+ s->l_buf[s->last_lit++] = (uch)lc;
+ if (dist == 0) {
+ /* lc is the unmatched char */
+ s->dyn_ltree[lc].Freq++;
+ } else {
+ s->matches++;
+ /* Here, lc is the match length - MIN_MATCH */
+ dist--; /* dist = match distance - 1 */
+ Assert((ush)dist < (ush)MAX_DIST(s) &&
+ (ush)lc <= (ush)(MAX_MATCH-MIN_MATCH) &&
+ (ush)d_code(dist) < (ush)D_CODES, "_tr_tally: bad match");
+
+ s->dyn_ltree[_length_code[lc]+LITERALS+1].Freq++;
+ s->dyn_dtree[d_code(dist)].Freq++;
+ }
+
+#ifdef TRUNCATE_BLOCK
+ /* Try to guess if it is profitable to stop the current block here */
+ if ((s->last_lit & 0x1fff) == 0 && s->level > 2) {
+ /* Compute an upper bound for the compressed length */
+ ulg out_length = (ulg)s->last_lit*8L;
+ ulg in_length = (ulg)((long)s->strstart - s->block_start);
+ int dcode;
+ for (dcode = 0; dcode < D_CODES; dcode++) {
+ out_length += (ulg)s->dyn_dtree[dcode].Freq *
+ (5L+extra_dbits[dcode]);
+ }
+ out_length >>= 3;
+ Tracev((stderr,"\nlast_lit %u, in %ld, out ~%ld(%ld%%) ",
+ s->last_lit, in_length, out_length,
+ 100L - out_length*100L/in_length));
+ if (s->matches < s->last_lit/2 && out_length < in_length/2) return 1;
+ }
+#endif
+ return (s->last_lit == s->lit_bufsize-1);
+ /* We avoid equality with lit_bufsize because of wraparound at 64K
+ * on 16 bit machines and because stored blocks are restricted to
+ * 64K-1 bytes.
+ */
+}
+
+/* ===========================================================================
+ * Send the block data compressed using the given Huffman trees
+ */
+local void compress_block(s, ltree, dtree)
+ deflate_state *s;
+ const ct_data *ltree; /* literal tree */
+ const ct_data *dtree; /* distance tree */
+{
+ unsigned dist; /* distance of matched string */
+ int lc; /* match length or unmatched char (if dist == 0) */
+ unsigned lx = 0; /* running index in l_buf */
+ unsigned code; /* the code to send */
+ int extra; /* number of extra bits to send */
+
+ if (s->last_lit != 0) do {
+ dist = s->d_buf[lx];
+ lc = s->l_buf[lx++];
+ if (dist == 0) {
+ send_code(s, lc, ltree); /* send a literal byte */
+ Tracecv(isgraph(lc), (stderr," '%c' ", lc));
+ } else {
+ /* Here, lc is the match length - MIN_MATCH */
+ code = _length_code[lc];
+ send_code(s, code+LITERALS+1, ltree); /* send the length code */
+ extra = extra_lbits[code];
+ if (extra != 0) {
+ lc -= base_length[code];
+ send_bits(s, lc, extra); /* send the extra length bits */
+ }
+ dist--; /* dist is now the match distance - 1 */
+ code = d_code(dist);
+ Assert (code < D_CODES, "bad d_code");
+
+ send_code(s, code, dtree); /* send the distance code */
+ extra = extra_dbits[code];
+ if (extra != 0) {
+ dist -= base_dist[code];
+ send_bits(s, dist, extra); /* send the extra distance bits */
+ }
+ } /* literal or match pair ? */
+
+ /* Check that the overlay between pending_buf and d_buf+l_buf is ok: */
+ Assert((uInt)(s->pending) < s->lit_bufsize + 2*lx,
+ "pendingBuf overflow");
+
+ } while (lx < s->last_lit);
+
+ send_code(s, END_BLOCK, ltree);
+}
+
+/* ===========================================================================
+ * Check if the data type is TEXT or BINARY, using the following algorithm:
+ * - TEXT if the two conditions below are satisfied:
+ * a) There are no non-portable control characters belonging to the
+ * "black list" (0..6, 14..25, 28..31).
+ * b) There is at least one printable character belonging to the
+ * "white list" (9 {TAB}, 10 {LF}, 13 {CR}, 32..255).
+ * - BINARY otherwise.
+ * - The following partially-portable control characters form a
+ * "gray list" that is ignored in this detection algorithm:
+ * (7 {BEL}, 8 {BS}, 11 {VT}, 12 {FF}, 26 {SUB}, 27 {ESC}).
+ * IN assertion: the fields Freq of dyn_ltree are set.
+ */
+local int detect_data_type(s)
+ deflate_state *s;
+{
+ /* black_mask is the bit mask of black-listed bytes
+ * set bits 0..6, 14..25, and 28..31
+ * 0xf3ffc07f = binary 11110011111111111100000001111111
+ */
+ unsigned long black_mask = 0xf3ffc07fUL;
+ int n;
+
+ /* Check for non-textual ("black-listed") bytes. */
+ for (n = 0; n <= 31; n++, black_mask >>= 1)
+ if ((black_mask & 1) && (s->dyn_ltree[n].Freq != 0))
+ return Z_BINARY;
+
+ /* Check for textual ("white-listed") bytes. */
+ if (s->dyn_ltree[9].Freq != 0 || s->dyn_ltree[10].Freq != 0
+ || s->dyn_ltree[13].Freq != 0)
+ return Z_TEXT;
+ for (n = 32; n < LITERALS; n++)
+ if (s->dyn_ltree[n].Freq != 0)
+ return Z_TEXT;
+
+ /* There are no "black-listed" or "white-listed" bytes:
+ * this stream either is empty or has tolerated ("gray-listed") bytes only.
+ */
+ return Z_BINARY;
+}
+
+/* ===========================================================================
+ * Reverse the first len bits of a code, using straightforward code (a faster
+ * method would use a table)
+ * IN assertion: 1 <= len <= 15
+ */
+local unsigned bi_reverse(code, len)
+ unsigned code; /* the value to invert */
+ int len; /* its bit length */
+{
+ register unsigned res = 0;
+ do {
+ res |= code & 1;
+ code >>= 1, res <<= 1;
+ } while (--len > 0);
+ return res >> 1;
+}
+
+/* ===========================================================================
+ * Flush the bit buffer, keeping at most 7 bits in it.
+ */
+local void bi_flush(s)
+ deflate_state *s;
+{
+ if (s->bi_valid == 16) {
+ put_short(s, s->bi_buf);
+ s->bi_buf = 0;
+ s->bi_valid = 0;
+ } else if (s->bi_valid >= 8) {
+ put_byte(s, (Byte)s->bi_buf);
+ s->bi_buf >>= 8;
+ s->bi_valid -= 8;
+ }
+}
+
+/* ===========================================================================
+ * Flush the bit buffer and align the output on a byte boundary
+ */
+local void bi_windup(s)
+ deflate_state *s;
+{
+ if (s->bi_valid > 8) {
+ put_short(s, s->bi_buf);
+ } else if (s->bi_valid > 0) {
+ put_byte(s, (Byte)s->bi_buf);
+ }
+ s->bi_buf = 0;
+ s->bi_valid = 0;
+#ifdef DEBUG
+ s->bits_sent = (s->bits_sent+7) & ~7;
+#endif
+}
+
+/* ===========================================================================
+ * Copy a stored block, storing first the length and its
+ * one's complement if requested.
+ */
+local void copy_block(s, buf, len, header)
+ deflate_state *s;
+ charf *buf; /* the input data */
+ unsigned len; /* its length */
+ int header; /* true if block header must be written */
+{
+ bi_windup(s); /* align on byte boundary */
+
+ if (header) {
+ put_short(s, (ush)len);
+ put_short(s, (ush)~len);
+#ifdef DEBUG
+ s->bits_sent += 2*16;
+#endif
+ }
+#ifdef DEBUG
+ s->bits_sent += (ulg)len<<3;
+#endif
+ while (len--) {
+ put_byte(s, *buf++);
+ }
+}
--- /dev/null
+/* header created automatically with -DGEN_TREES_H */
+
+local const ct_data static_ltree[L_CODES+2] = {
+{{ 12},{ 8}}, {{140},{ 8}}, {{ 76},{ 8}}, {{204},{ 8}}, {{ 44},{ 8}},
+{{172},{ 8}}, {{108},{ 8}}, {{236},{ 8}}, {{ 28},{ 8}}, {{156},{ 8}},
+{{ 92},{ 8}}, {{220},{ 8}}, {{ 60},{ 8}}, {{188},{ 8}}, {{124},{ 8}},
+{{252},{ 8}}, {{ 2},{ 8}}, {{130},{ 8}}, {{ 66},{ 8}}, {{194},{ 8}},
+{{ 34},{ 8}}, {{162},{ 8}}, {{ 98},{ 8}}, {{226},{ 8}}, {{ 18},{ 8}},
+{{146},{ 8}}, {{ 82},{ 8}}, {{210},{ 8}}, {{ 50},{ 8}}, {{178},{ 8}},
+{{114},{ 8}}, {{242},{ 8}}, {{ 10},{ 8}}, {{138},{ 8}}, {{ 74},{ 8}},
+{{202},{ 8}}, {{ 42},{ 8}}, {{170},{ 8}}, {{106},{ 8}}, {{234},{ 8}},
+{{ 26},{ 8}}, {{154},{ 8}}, {{ 90},{ 8}}, {{218},{ 8}}, {{ 58},{ 8}},
+{{186},{ 8}}, {{122},{ 8}}, {{250},{ 8}}, {{ 6},{ 8}}, {{134},{ 8}},
+{{ 70},{ 8}}, {{198},{ 8}}, {{ 38},{ 8}}, {{166},{ 8}}, {{102},{ 8}},
+{{230},{ 8}}, {{ 22},{ 8}}, {{150},{ 8}}, {{ 86},{ 8}}, {{214},{ 8}},
+{{ 54},{ 8}}, {{182},{ 8}}, {{118},{ 8}}, {{246},{ 8}}, {{ 14},{ 8}},
+{{142},{ 8}}, {{ 78},{ 8}}, {{206},{ 8}}, {{ 46},{ 8}}, {{174},{ 8}},
+{{110},{ 8}}, {{238},{ 8}}, {{ 30},{ 8}}, {{158},{ 8}}, {{ 94},{ 8}},
+{{222},{ 8}}, {{ 62},{ 8}}, {{190},{ 8}}, {{126},{ 8}}, {{254},{ 8}},
+{{ 1},{ 8}}, {{129},{ 8}}, {{ 65},{ 8}}, {{193},{ 8}}, {{ 33},{ 8}},
+{{161},{ 8}}, {{ 97},{ 8}}, {{225},{ 8}}, {{ 17},{ 8}}, {{145},{ 8}},
+{{ 81},{ 8}}, {{209},{ 8}}, {{ 49},{ 8}}, {{177},{ 8}}, {{113},{ 8}},
+{{241},{ 8}}, {{ 9},{ 8}}, {{137},{ 8}}, {{ 73},{ 8}}, {{201},{ 8}},
+{{ 41},{ 8}}, {{169},{ 8}}, {{105},{ 8}}, {{233},{ 8}}, {{ 25},{ 8}},
+{{153},{ 8}}, {{ 89},{ 8}}, {{217},{ 8}}, {{ 57},{ 8}}, {{185},{ 8}},
+{{121},{ 8}}, {{249},{ 8}}, {{ 5},{ 8}}, {{133},{ 8}}, {{ 69},{ 8}},
+{{197},{ 8}}, {{ 37},{ 8}}, {{165},{ 8}}, {{101},{ 8}}, {{229},{ 8}},
+{{ 21},{ 8}}, {{149},{ 8}}, {{ 85},{ 8}}, {{213},{ 8}}, {{ 53},{ 8}},
+{{181},{ 8}}, {{117},{ 8}}, {{245},{ 8}}, {{ 13},{ 8}}, {{141},{ 8}},
+{{ 77},{ 8}}, {{205},{ 8}}, {{ 45},{ 8}}, {{173},{ 8}}, {{109},{ 8}},
+{{237},{ 8}}, {{ 29},{ 8}}, {{157},{ 8}}, {{ 93},{ 8}}, {{221},{ 8}},
+{{ 61},{ 8}}, {{189},{ 8}}, {{125},{ 8}}, {{253},{ 8}}, {{ 19},{ 9}},
+{{275},{ 9}}, {{147},{ 9}}, {{403},{ 9}}, {{ 83},{ 9}}, {{339},{ 9}},
+{{211},{ 9}}, {{467},{ 9}}, {{ 51},{ 9}}, {{307},{ 9}}, {{179},{ 9}},
+{{435},{ 9}}, {{115},{ 9}}, {{371},{ 9}}, {{243},{ 9}}, {{499},{ 9}},
+{{ 11},{ 9}}, {{267},{ 9}}, {{139},{ 9}}, {{395},{ 9}}, {{ 75},{ 9}},
+{{331},{ 9}}, {{203},{ 9}}, {{459},{ 9}}, {{ 43},{ 9}}, {{299},{ 9}},
+{{171},{ 9}}, {{427},{ 9}}, {{107},{ 9}}, {{363},{ 9}}, {{235},{ 9}},
+{{491},{ 9}}, {{ 27},{ 9}}, {{283},{ 9}}, {{155},{ 9}}, {{411},{ 9}},
+{{ 91},{ 9}}, {{347},{ 9}}, {{219},{ 9}}, {{475},{ 9}}, {{ 59},{ 9}},
+{{315},{ 9}}, {{187},{ 9}}, {{443},{ 9}}, {{123},{ 9}}, {{379},{ 9}},
+{{251},{ 9}}, {{507},{ 9}}, {{ 7},{ 9}}, {{263},{ 9}}, {{135},{ 9}},
+{{391},{ 9}}, {{ 71},{ 9}}, {{327},{ 9}}, {{199},{ 9}}, {{455},{ 9}},
+{{ 39},{ 9}}, {{295},{ 9}}, {{167},{ 9}}, {{423},{ 9}}, {{103},{ 9}},
+{{359},{ 9}}, {{231},{ 9}}, {{487},{ 9}}, {{ 23},{ 9}}, {{279},{ 9}},
+{{151},{ 9}}, {{407},{ 9}}, {{ 87},{ 9}}, {{343},{ 9}}, {{215},{ 9}},
+{{471},{ 9}}, {{ 55},{ 9}}, {{311},{ 9}}, {{183},{ 9}}, {{439},{ 9}},
+{{119},{ 9}}, {{375},{ 9}}, {{247},{ 9}}, {{503},{ 9}}, {{ 15},{ 9}},
+{{271},{ 9}}, {{143},{ 9}}, {{399},{ 9}}, {{ 79},{ 9}}, {{335},{ 9}},
+{{207},{ 9}}, {{463},{ 9}}, {{ 47},{ 9}}, {{303},{ 9}}, {{175},{ 9}},
+{{431},{ 9}}, {{111},{ 9}}, {{367},{ 9}}, {{239},{ 9}}, {{495},{ 9}},
+{{ 31},{ 9}}, {{287},{ 9}}, {{159},{ 9}}, {{415},{ 9}}, {{ 95},{ 9}},
+{{351},{ 9}}, {{223},{ 9}}, {{479},{ 9}}, {{ 63},{ 9}}, {{319},{ 9}},
+{{191},{ 9}}, {{447},{ 9}}, {{127},{ 9}}, {{383},{ 9}}, {{255},{ 9}},
+{{511},{ 9}}, {{ 0},{ 7}}, {{ 64},{ 7}}, {{ 32},{ 7}}, {{ 96},{ 7}},
+{{ 16},{ 7}}, {{ 80},{ 7}}, {{ 48},{ 7}}, {{112},{ 7}}, {{ 8},{ 7}},
+{{ 72},{ 7}}, {{ 40},{ 7}}, {{104},{ 7}}, {{ 24},{ 7}}, {{ 88},{ 7}},
+{{ 56},{ 7}}, {{120},{ 7}}, {{ 4},{ 7}}, {{ 68},{ 7}}, {{ 36},{ 7}},
+{{100},{ 7}}, {{ 20},{ 7}}, {{ 84},{ 7}}, {{ 52},{ 7}}, {{116},{ 7}},
+{{ 3},{ 8}}, {{131},{ 8}}, {{ 67},{ 8}}, {{195},{ 8}}, {{ 35},{ 8}},
+{{163},{ 8}}, {{ 99},{ 8}}, {{227},{ 8}}
+};
+
+local const ct_data static_dtree[D_CODES] = {
+{{ 0},{ 5}}, {{16},{ 5}}, {{ 8},{ 5}}, {{24},{ 5}}, {{ 4},{ 5}},
+{{20},{ 5}}, {{12},{ 5}}, {{28},{ 5}}, {{ 2},{ 5}}, {{18},{ 5}},
+{{10},{ 5}}, {{26},{ 5}}, {{ 6},{ 5}}, {{22},{ 5}}, {{14},{ 5}},
+{{30},{ 5}}, {{ 1},{ 5}}, {{17},{ 5}}, {{ 9},{ 5}}, {{25},{ 5}},
+{{ 5},{ 5}}, {{21},{ 5}}, {{13},{ 5}}, {{29},{ 5}}, {{ 3},{ 5}},
+{{19},{ 5}}, {{11},{ 5}}, {{27},{ 5}}, {{ 7},{ 5}}, {{23},{ 5}}
+};
+
+const uch ZLIB_INTERNAL _dist_code[DIST_CODE_LEN] = {
+ 0, 1, 2, 3, 4, 4, 5, 5, 6, 6, 6, 6, 7, 7, 7, 7, 8, 8, 8, 8,
+ 8, 8, 8, 8, 9, 9, 9, 9, 9, 9, 9, 9, 10, 10, 10, 10, 10, 10, 10, 10,
+10, 10, 10, 10, 10, 10, 10, 10, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
+11, 11, 11, 11, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
+12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 13, 13, 13, 13,
+13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
+13, 13, 13, 13, 13, 13, 13, 13, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
+14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
+14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
+14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 15, 15, 15, 15, 15, 15, 15, 15,
+15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
+15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
+15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 0, 0, 16, 17,
+18, 18, 19, 19, 20, 20, 20, 20, 21, 21, 21, 21, 22, 22, 22, 22, 22, 22, 22, 22,
+23, 23, 23, 23, 23, 23, 23, 23, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
+24, 24, 24, 24, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25,
+26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26,
+26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 27, 27, 27, 27, 27, 27, 27, 27,
+27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27,
+27, 27, 27, 27, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
+28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
+28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
+28, 28, 28, 28, 28, 28, 28, 28, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
+29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
+29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
+29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
+};
+
+const uch ZLIB_INTERNAL _length_code[MAX_MATCH-MIN_MATCH+1]= {
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 8, 9, 9, 10, 10, 11, 11, 12, 12, 12, 12,
+13, 13, 13, 13, 14, 14, 14, 14, 15, 15, 15, 15, 16, 16, 16, 16, 16, 16, 16, 16,
+17, 17, 17, 17, 17, 17, 17, 17, 18, 18, 18, 18, 18, 18, 18, 18, 19, 19, 19, 19,
+19, 19, 19, 19, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20,
+21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 22, 22, 22, 22,
+22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 23, 23, 23, 23, 23, 23, 23, 23,
+23, 23, 23, 23, 23, 23, 23, 23, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
+24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
+25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25,
+25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 26, 26, 26, 26, 26, 26, 26, 26,
+26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26,
+26, 26, 26, 26, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27,
+27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 28
+};
+
+local const int base_length[LENGTH_CODES] = {
+0, 1, 2, 3, 4, 5, 6, 7, 8, 10, 12, 14, 16, 20, 24, 28, 32, 40, 48, 56,
+64, 80, 96, 112, 128, 160, 192, 224, 0
+};
+
+local const int base_dist[D_CODES] = {
+ 0, 1, 2, 3, 4, 6, 8, 12, 16, 24,
+ 32, 48, 64, 96, 128, 192, 256, 384, 512, 768,
+ 1024, 1536, 2048, 3072, 4096, 6144, 8192, 12288, 16384, 24576
+};
+
--- /dev/null
+/* zconf.h -- configuration of the zlib compression library
+ * Copyright (C) 1995-2013 Jean-loup Gailly.
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* @(#) $Id$ */
+
+#ifndef ZCONF_H
+#define ZCONF_H
+
+/*
+ * If you *really* need a unique prefix for all types and library functions,
+ * compile with -DZ_PREFIX. The "standard" zlib should be compiled without it.
+ * Even better than compiling with -DZ_PREFIX would be to use configure to set
+ * this permanently in zconf.h using "./configure --zprefix".
+ */
+#ifdef Z_PREFIX /* may be set to #if 1 by ./configure */
+# define Z_PREFIX_SET
+
+/* all linked symbols */
+# define _dist_code z__dist_code
+# define _length_code z__length_code
+# define _tr_align z__tr_align
+# define _tr_flush_bits z__tr_flush_bits
+# define _tr_flush_block z__tr_flush_block
+# define _tr_init z__tr_init
+# define _tr_stored_block z__tr_stored_block
+# define _tr_tally z__tr_tally
+# define adler32 z_adler32
+# define adler32_combine z_adler32_combine
+# define adler32_combine64 z_adler32_combine64
+# ifndef Z_SOLO
+# define compress z_compress
+# define compress2 z_compress2
+# define compressBound z_compressBound
+# endif
+# define crc32 z_crc32
+# define crc32_combine z_crc32_combine
+# define crc32_combine64 z_crc32_combine64
+# define deflate z_deflate
+# define deflateBound z_deflateBound
+# define deflateCopy z_deflateCopy
+# define deflateEnd z_deflateEnd
+# define deflateInit2_ z_deflateInit2_
+# define deflateInit_ z_deflateInit_
+# define deflateParams z_deflateParams
+# define deflatePending z_deflatePending
+# define deflatePrime z_deflatePrime
+# define deflateReset z_deflateReset
+# define deflateResetKeep z_deflateResetKeep
+# define deflateSetDictionary z_deflateSetDictionary
+# define deflateSetHeader z_deflateSetHeader
+# define deflateTune z_deflateTune
+# define deflate_copyright z_deflate_copyright
+# define get_crc_table z_get_crc_table
+# ifndef Z_SOLO
+# define gz_error z_gz_error
+# define gz_intmax z_gz_intmax
+# define gz_strwinerror z_gz_strwinerror
+# define gzbuffer z_gzbuffer
+# define gzclearerr z_gzclearerr
+# define gzclose z_gzclose
+# define gzclose_r z_gzclose_r
+# define gzclose_w z_gzclose_w
+# define gzdirect z_gzdirect
+# define gzdopen z_gzdopen
+# define gzeof z_gzeof
+# define gzerror z_gzerror
+# define gzflush z_gzflush
+# define gzgetc z_gzgetc
+# define gzgetc_ z_gzgetc_
+# define gzgets z_gzgets
+# define gzoffset z_gzoffset
+# define gzoffset64 z_gzoffset64
+# define gzopen z_gzopen
+# define gzopen64 z_gzopen64
+# ifdef _WIN32
+# define gzopen_w z_gzopen_w
+# endif
+# define gzprintf z_gzprintf
+# define gzvprintf z_gzvprintf
+# define gzputc z_gzputc
+# define gzputs z_gzputs
+# define gzread z_gzread
+# define gzrewind z_gzrewind
+# define gzseek z_gzseek
+# define gzseek64 z_gzseek64
+# define gzsetparams z_gzsetparams
+# define gztell z_gztell
+# define gztell64 z_gztell64
+# define gzungetc z_gzungetc
+# define gzwrite z_gzwrite
+# endif
+# define inflate z_inflate
+# define inflateBack z_inflateBack
+# define inflateBackEnd z_inflateBackEnd
+# define inflateBackInit_ z_inflateBackInit_
+# define inflateCopy z_inflateCopy
+# define inflateEnd z_inflateEnd
+# define inflateGetHeader z_inflateGetHeader
+# define inflateInit2_ z_inflateInit2_
+# define inflateInit_ z_inflateInit_
+# define inflateMark z_inflateMark
+# define inflatePrime z_inflatePrime
+# define inflateReset z_inflateReset
+# define inflateReset2 z_inflateReset2
+# define inflateSetDictionary z_inflateSetDictionary
+# define inflateGetDictionary z_inflateGetDictionary
+# define inflateSync z_inflateSync
+# define inflateSyncPoint z_inflateSyncPoint
+# define inflateUndermine z_inflateUndermine
+# define inflateResetKeep z_inflateResetKeep
+# define inflate_copyright z_inflate_copyright
+# define inflate_fast z_inflate_fast
+# define inflate_table z_inflate_table
+# ifndef Z_SOLO
+# define uncompress z_uncompress
+# endif
+# define zError z_zError
+# ifndef Z_SOLO
+# define zcalloc z_zcalloc
+# define zcfree z_zcfree
+# endif
+# define zlibCompileFlags z_zlibCompileFlags
+# define zlibVersion z_zlibVersion
+
+/* all zlib typedefs in zlib.h and zconf.h */
+# define Byte z_Byte
+# define Bytef z_Bytef
+# define alloc_func z_alloc_func
+# define charf z_charf
+# define free_func z_free_func
+# ifndef Z_SOLO
+# define gzFile z_gzFile
+# endif
+# define gz_header z_gz_header
+# define gz_headerp z_gz_headerp
+# define in_func z_in_func
+# define intf z_intf
+# define out_func z_out_func
+# define uInt z_uInt
+# define uIntf z_uIntf
+# define uLong z_uLong
+# define uLongf z_uLongf
+# define voidp z_voidp
+# define voidpc z_voidpc
+# define voidpf z_voidpf
+
+/* all zlib structs in zlib.h and zconf.h */
+# define gz_header_s z_gz_header_s
+# define internal_state z_internal_state
+
+#endif
+
+#if defined(__MSDOS__) && !defined(MSDOS)
+# define MSDOS
+#endif
+#if (defined(OS_2) || defined(__OS2__)) && !defined(OS2)
+# define OS2
+#endif
+#if defined(_WINDOWS) && !defined(WINDOWS)
+# define WINDOWS
+#endif
+#if defined(_WIN32) || defined(_WIN32_WCE) || defined(__WIN32__)
+# ifndef WIN32
+# define WIN32
+# endif
+#endif
+#if (defined(MSDOS) || defined(OS2) || defined(WINDOWS)) && !defined(WIN32)
+# if !defined(__GNUC__) && !defined(__FLAT__) && !defined(__386__)
+# ifndef SYS16BIT
+# define SYS16BIT
+# endif
+# endif
+#endif
+
+/*
+ * Compile with -DMAXSEG_64K if the alloc function cannot allocate more
+ * than 64k bytes at a time (needed on systems with 16-bit int).
+ */
+#ifdef SYS16BIT
+# define MAXSEG_64K
+#endif
+#ifdef MSDOS
+# define UNALIGNED_OK
+#endif
+
+#ifdef __STDC_VERSION__
+# ifndef STDC
+# define STDC
+# endif
+# if __STDC_VERSION__ >= 199901L
+# ifndef STDC99
+# define STDC99
+# endif
+# endif
+#endif
+#if !defined(STDC) && (defined(__STDC__) || defined(__cplusplus))
+# define STDC
+#endif
+#if !defined(STDC) && (defined(__GNUC__) || defined(__BORLANDC__))
+# define STDC
+#endif
+#if !defined(STDC) && (defined(MSDOS) || defined(WINDOWS) || defined(WIN32))
+# define STDC
+#endif
+#if !defined(STDC) && (defined(OS2) || defined(__HOS_AIX__))
+# define STDC
+#endif
+
+#if defined(__OS400__) && !defined(STDC) /* iSeries (formerly AS/400). */
+# define STDC
+#endif
+
+#ifndef STDC
+# ifndef const /* cannot use !defined(STDC) && !defined(const) on Mac */
+# define const /* note: need a more gentle solution here */
+# endif
+#endif
+
+#if defined(ZLIB_CONST) && !defined(z_const)
+# define z_const const
+#else
+# define z_const
+#endif
+
+/* Some Mac compilers merge all .h files incorrectly: */
+#if defined(__MWERKS__)||defined(applec)||defined(THINK_C)||defined(__SC__)
+# define NO_DUMMY_DECL
+#endif
+
+/* Maximum value for memLevel in deflateInit2 */
+#ifndef MAX_MEM_LEVEL
+# ifdef MAXSEG_64K
+# define MAX_MEM_LEVEL 8
+# else
+# define MAX_MEM_LEVEL 9
+# endif
+#endif
+
+/* Maximum value for windowBits in deflateInit2 and inflateInit2.
+ * WARNING: reducing MAX_WBITS makes minigzip unable to extract .gz files
+ * created by gzip. (Files created by minigzip can still be extracted by
+ * gzip.)
+ */
+#ifndef MAX_WBITS
+# define MAX_WBITS 15 /* 32K LZ77 window */
+#endif
+
+/* The memory requirements for deflate are (in bytes):
+ (1 << (windowBits+2)) + (1 << (memLevel+9))
+ that is: 128K for windowBits=15 + 128K for memLevel = 8 (default values)
+ plus a few kilobytes for small objects. For example, if you want to reduce
+ the default memory requirements from 256K to 128K, compile with
+ make CFLAGS="-O -DMAX_WBITS=14 -DMAX_MEM_LEVEL=7"
+ Of course this will generally degrade compression (there's no free lunch).
+
+ The memory requirements for inflate are (in bytes) 1 << windowBits
+ that is, 32K for windowBits=15 (default value) plus a few kilobytes
+ for small objects.
+*/
+
+ /* Type declarations */
+
+#ifndef OF /* function prototypes */
+# ifdef STDC
+# define OF(args) args
+# else
+# define OF(args) ()
+# endif
+#endif
+
+#ifndef Z_ARG /* function prototypes for stdarg */
+# if defined(STDC) || defined(Z_HAVE_STDARG_H)
+# define Z_ARG(args) args
+# else
+# define Z_ARG(args) ()
+# endif
+#endif
+
+/* The following definitions for FAR are needed only for MSDOS mixed
+ * model programming (small or medium model with some far allocations).
+ * This was tested only with MSC; for other MSDOS compilers you may have
+ * to define NO_MEMCPY in zutil.h. If you don't need the mixed model,
+ * just define FAR to be empty.
+ */
+#ifdef SYS16BIT
+# if defined(M_I86SM) || defined(M_I86MM)
+ /* MSC small or medium model */
+# define SMALL_MEDIUM
+# ifdef _MSC_VER
+# define FAR _far
+# else
+# define FAR far
+# endif
+# endif
+# if (defined(__SMALL__) || defined(__MEDIUM__))
+ /* Turbo C small or medium model */
+# define SMALL_MEDIUM
+# ifdef __BORLANDC__
+# define FAR _far
+# else
+# define FAR far
+# endif
+# endif
+#endif
+
+#if defined(WINDOWS) || defined(WIN32)
+ /* If building or using zlib as a DLL, define ZLIB_DLL.
+ * This is not mandatory, but it offers a little performance increase.
+ */
+# ifdef ZLIB_DLL
+# if defined(WIN32) && (!defined(__BORLANDC__) || (__BORLANDC__ >= 0x500))
+# ifdef ZLIB_INTERNAL
+# define ZEXTERN extern __declspec(dllexport)
+# else
+# define ZEXTERN extern __declspec(dllimport)
+# endif
+# endif
+# endif /* ZLIB_DLL */
+ /* If building or using zlib with the WINAPI/WINAPIV calling convention,
+ * define ZLIB_WINAPI.
+ * Caution: the standard ZLIB1.DLL is NOT compiled using ZLIB_WINAPI.
+ */
+# ifdef ZLIB_WINAPI
+# ifdef FAR
+# undef FAR
+# endif
+# include <windows.h>
+ /* No need for _export, use ZLIB.DEF instead. */
+ /* For complete Windows compatibility, use WINAPI, not __stdcall. */
+# define ZEXPORT WINAPI
+# ifdef WIN32
+# define ZEXPORTVA WINAPIV
+# else
+# define ZEXPORTVA FAR CDECL
+# endif
+# endif
+#endif
+
+#if defined (__BEOS__)
+# ifdef ZLIB_DLL
+# ifdef ZLIB_INTERNAL
+# define ZEXPORT __declspec(dllexport)
+# define ZEXPORTVA __declspec(dllexport)
+# else
+# define ZEXPORT __declspec(dllimport)
+# define ZEXPORTVA __declspec(dllimport)
+# endif
+# endif
+#endif
+
+#ifndef ZEXTERN
+# define ZEXTERN extern
+#endif
+#ifndef ZEXPORT
+# define ZEXPORT
+#endif
+#ifndef ZEXPORTVA
+# define ZEXPORTVA
+#endif
+
+#ifndef FAR
+# define FAR
+#endif
+
+#if !defined(__MACTYPES__)
+typedef unsigned char Byte; /* 8 bits */
+#endif
+typedef unsigned int uInt; /* 16 bits or more */
+typedef unsigned long uLong; /* 32 bits or more */
+
+#ifdef SMALL_MEDIUM
+ /* Borland C/C++ and some old MSC versions ignore FAR inside typedef */
+# define Bytef Byte FAR
+#else
+ typedef Byte FAR Bytef;
+#endif
+typedef char FAR charf;
+typedef int FAR intf;
+typedef uInt FAR uIntf;
+typedef uLong FAR uLongf;
+
+#ifdef STDC
+ typedef void const *voidpc;
+ typedef void FAR *voidpf;
+ typedef void *voidp;
+#else
+ typedef Byte const *voidpc;
+ typedef Byte FAR *voidpf;
+ typedef Byte *voidp;
+#endif
+
+#if !defined(Z_U4) && !defined(Z_SOLO) && defined(STDC)
+# include <limits.h>
+# if (UINT_MAX == 0xffffffffUL)
+# define Z_U4 unsigned
+# elif (ULONG_MAX == 0xffffffffUL)
+# define Z_U4 unsigned long
+# elif (USHRT_MAX == 0xffffffffUL)
+# define Z_U4 unsigned short
+# endif
+#endif
+
+#ifdef Z_U4
+ typedef Z_U4 z_crc_t;
+#else
+ typedef unsigned long z_crc_t;
+#endif
+
+#ifdef HAVE_UNISTD_H /* may be set to #if 1 by ./configure */
+# define Z_HAVE_UNISTD_H
+#endif
+
+#ifdef HAVE_STDARG_H /* may be set to #if 1 by ./configure */
+# define Z_HAVE_STDARG_H
+#endif
+
+#ifdef STDC
+# ifndef Z_SOLO
+# include <sys/types.h> /* for off_t */
+# endif
+#endif
+
+#if defined(STDC) || defined(Z_HAVE_STDARG_H)
+# ifndef Z_SOLO
+# include <stdarg.h> /* for va_list */
+# endif
+#endif
+
+#ifdef _WIN32
+# ifndef Z_SOLO
+# include <stddef.h> /* for wchar_t */
+# endif
+#endif
+
+/* a little trick to accommodate both "#define _LARGEFILE64_SOURCE" and
+ * "#define _LARGEFILE64_SOURCE 1" as requesting 64-bit operations, (even
+ * though the former does not conform to the LFS document), but considering
+ * both "#undef _LARGEFILE64_SOURCE" and "#define _LARGEFILE64_SOURCE 0" as
+ * equivalently requesting no 64-bit operations
+ */
+#if defined(_LARGEFILE64_SOURCE) && -_LARGEFILE64_SOURCE - -1 == 1
+# undef _LARGEFILE64_SOURCE
+#endif
+
+#if defined(__WATCOMC__) && !defined(Z_HAVE_UNISTD_H)
+# define Z_HAVE_UNISTD_H
+#endif
+#ifndef Z_SOLO
+# if defined(Z_HAVE_UNISTD_H) || defined(_LARGEFILE64_SOURCE)
+# include <unistd.h> /* for SEEK_*, off_t, and _LFS64_LARGEFILE */
+# ifdef VMS
+# include <unixio.h> /* for off_t */
+# endif
+# ifndef z_off_t
+# define z_off_t off_t
+# endif
+# endif
+#endif
+
+#if defined(_LFS64_LARGEFILE) && _LFS64_LARGEFILE-0
+# define Z_LFS64
+#endif
+
+#if defined(_LARGEFILE64_SOURCE) && defined(Z_LFS64)
+# define Z_LARGE64
+#endif
+
+#if defined(_FILE_OFFSET_BITS) && _FILE_OFFSET_BITS-0 == 64 && defined(Z_LFS64)
+# define Z_WANT64
+#endif
+
+#if !defined(SEEK_SET) && !defined(Z_SOLO)
+# define SEEK_SET 0 /* Seek from beginning of file. */
+# define SEEK_CUR 1 /* Seek from current position. */
+# define SEEK_END 2 /* Set file pointer to EOF plus "offset" */
+#endif
+
+#ifndef z_off_t
+# define z_off_t long
+#endif
+
+#if !defined(_WIN32) && defined(Z_LARGE64)
+# define z_off64_t off64_t
+#else
+# if defined(_WIN32) && !defined(__GNUC__) && !defined(Z_SOLO)
+# define z_off64_t __int64
+# else
+# define z_off64_t z_off_t
+# endif
+#endif
+
+/* MVS linker does not support external names larger than 8 bytes */
+#if defined(__MVS__)
+ #pragma map(deflateInit_,"DEIN")
+ #pragma map(deflateInit2_,"DEIN2")
+ #pragma map(deflateEnd,"DEEND")
+ #pragma map(deflateBound,"DEBND")
+ #pragma map(inflateInit_,"ININ")
+ #pragma map(inflateInit2_,"ININ2")
+ #pragma map(inflateEnd,"INEND")
+ #pragma map(inflateSync,"INSY")
+ #pragma map(inflateSetDictionary,"INSEDI")
+ #pragma map(compressBound,"CMBND")
+ #pragma map(inflate_table,"INTABL")
+ #pragma map(inflate_fast,"INFA")
+ #pragma map(inflate_copyright,"INCOPY")
+#endif
+
+#endif /* ZCONF_H */
--- /dev/null
+/* zlib.h -- interface of the 'zlib' general purpose compression library
+ version 1.2.8, April 28th, 2013
+
+ Copyright (C) 1995-2013 Jean-loup Gailly and Mark Adler
+
+ This software is provided 'as-is', without any express or implied
+ warranty. In no event will the authors be held liable for any damages
+ arising from the use of this software.
+
+ Permission is granted to anyone to use this software for any purpose,
+ including commercial applications, and to alter it and redistribute it
+ freely, subject to the following restrictions:
+
+ 1. The origin of this software must not be misrepresented; you must not
+ claim that you wrote the original software. If you use this software
+ in a product, an acknowledgment in the product documentation would be
+ appreciated but is not required.
+ 2. Altered source versions must be plainly marked as such, and must not be
+ misrepresented as being the original software.
+ 3. This notice may not be removed or altered from any source distribution.
+
+ Jean-loup Gailly Mark Adler
+ jloup@gzip.org madler@alumni.caltech.edu
+
+
+ The data format used by the zlib library is described by RFCs (Request for
+ Comments) 1950 to 1952 in the files http://tools.ietf.org/html/rfc1950
+ (zlib format), rfc1951 (deflate format) and rfc1952 (gzip format).
+*/
+
+//-----------------------------------------------------------------------------
+// This version of zlib is modified for use within the Proxmark3 project.
+// Files from the original distribution which are not required for this
+// purpose are not included. All modifications can easily be found
+// by searching for #ifdef ZLIB_PM3_TUNED and #ifndef ZLIB_PM3_TUNED.
+//-----------------------------------------------------------------------------
+
+#ifndef ZLIB_H
+#define ZLIB_H
+
+#include "zconf.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifndef ZLIB_PM3_TUNED
+#define ZLIB_VERSION "1.2.8"
+#define ZLIB_VERNUM 0x1280
+#define ZLIB_VER_MAJOR 1
+#define ZLIB_VER_MINOR 2
+#define ZLIB_VER_REVISION 8
+#define ZLIB_VER_SUBREVISION 0
+#else
+#define ZLIB_VERSION "1.2.8.f-Proxmark3"
+#define ZLIB_VERNUM 0x128f
+#define ZLIB_VER_MAJOR 1
+#define ZLIB_VER_MINOR 2
+#define ZLIB_VER_REVISION 8
+#define ZLIB_VER_SUBREVISION f
+#endif
+
+
+
+/*
+ The 'zlib' compression library provides in-memory compression and
+ decompression functions, including integrity checks of the uncompressed data.
+ This version of the library supports only one compression method (deflation)
+ but other algorithms will be added later and will have the same stream
+ interface.
+
+ Compression can be done in a single step if the buffers are large enough,
+ or can be done by repeated calls of the compression function. In the latter
+ case, the application must provide more input and/or consume the output
+ (providing more output space) before each call.
+
+ The compressed data format used by default by the in-memory functions is
+ the zlib format, which is a zlib wrapper documented in RFC 1950, wrapped
+ around a deflate stream, which is itself documented in RFC 1951.
+
+ The library also supports reading and writing files in gzip (.gz) format
+ with an interface similar to that of stdio using the functions that start
+ with "gz". The gzip format is different from the zlib format. gzip is a
+ gzip wrapper, documented in RFC 1952, wrapped around a deflate stream.
+
+ This library can optionally read and write gzip streams in memory as well.
+
+ The zlib format was designed to be compact and fast for use in memory
+ and on communications channels. The gzip format was designed for single-
+ file compression on file systems, has a larger header than zlib to maintain
+ directory information, and uses a different, slower check method than zlib.
+
+ The library does not install any signal handler. The decoder checks
+ the consistency of the compressed data, so the library should never crash
+ even in case of corrupted input.
+*/
+
+typedef voidpf (*alloc_func) OF((voidpf opaque, uInt items, uInt size));
+typedef void (*free_func) OF((voidpf opaque, voidpf address));
+
+struct internal_state;
+
+typedef struct z_stream_s {
+ z_const Bytef *next_in; /* next input byte */
+ uInt avail_in; /* number of bytes available at next_in */
+ uLong total_in; /* total number of input bytes read so far */
+
+ Bytef *next_out; /* next output byte should be put there */
+ uInt avail_out; /* remaining free space at next_out */
+ uLong total_out; /* total number of bytes output so far */
+
+ z_const char *msg; /* last error message, NULL if no error */
+ struct internal_state FAR *state; /* not visible by applications */
+
+ alloc_func zalloc; /* used to allocate the internal state */
+ free_func zfree; /* used to free the internal state */
+ voidpf opaque; /* private data object passed to zalloc and zfree */
+
+ int data_type; /* best guess about the data type: binary or text */
+ uLong adler; /* adler32 value of the uncompressed data */
+ uLong reserved; /* reserved for future use */
+} z_stream;
+
+typedef z_stream FAR *z_streamp;
+
+/*
+ gzip header information passed to and from zlib routines. See RFC 1952
+ for more details on the meanings of these fields.
+*/
+typedef struct gz_header_s {
+ int text; /* true if compressed data believed to be text */
+ uLong time; /* modification time */
+ int xflags; /* extra flags (not used when writing a gzip file) */
+ int os; /* operating system */
+ Bytef *extra; /* pointer to extra field or Z_NULL if none */
+ uInt extra_len; /* extra field length (valid if extra != Z_NULL) */
+ uInt extra_max; /* space at extra (only when reading header) */
+ Bytef *name; /* pointer to zero-terminated file name or Z_NULL */
+ uInt name_max; /* space at name (only when reading header) */
+ Bytef *comment; /* pointer to zero-terminated comment or Z_NULL */
+ uInt comm_max; /* space at comment (only when reading header) */
+ int hcrc; /* true if there was or will be a header crc */
+ int done; /* true when done reading gzip header (not used
+ when writing a gzip file) */
+} gz_header;
+
+typedef gz_header FAR *gz_headerp;
+
+/*
+ The application must update next_in and avail_in when avail_in has dropped
+ to zero. It must update next_out and avail_out when avail_out has dropped
+ to zero. The application must initialize zalloc, zfree and opaque before
+ calling the init function. All other fields are set by the compression
+ library and must not be updated by the application.
+
+ The opaque value provided by the application will be passed as the first
+ parameter for calls of zalloc and zfree. This can be useful for custom
+ memory management. The compression library attaches no meaning to the
+ opaque value.
+
+ zalloc must return Z_NULL if there is not enough memory for the object.
+ If zlib is used in a multi-threaded application, zalloc and zfree must be
+ thread safe.
+
+ On 16-bit systems, the functions zalloc and zfree must be able to allocate
+ exactly 65536 bytes, but will not be required to allocate more than this if
+ the symbol MAXSEG_64K is defined (see zconf.h). WARNING: On MSDOS, pointers
+ returned by zalloc for objects of exactly 65536 bytes *must* have their
+ offset normalized to zero. The default allocation function provided by this
+ library ensures this (see zutil.c). To reduce memory requirements and avoid
+ any allocation of 64K objects, at the expense of compression ratio, compile
+ the library with -DMAX_WBITS=14 (see zconf.h).
+
+ The fields total_in and total_out can be used for statistics or progress
+ reports. After compression, total_in holds the total size of the
+ uncompressed data and may be saved for use in the decompressor (particularly
+ if the decompressor wants to decompress everything in a single step).
+*/
+
+ /* constants */
+
+#define Z_NO_FLUSH 0
+#define Z_PARTIAL_FLUSH 1
+#define Z_SYNC_FLUSH 2
+#define Z_FULL_FLUSH 3
+#define Z_FINISH 4
+#define Z_BLOCK 5
+#define Z_TREES 6
+/* Allowed flush values; see deflate() and inflate() below for details */
+
+#define Z_OK 0
+#define Z_STREAM_END 1
+#define Z_NEED_DICT 2
+#define Z_ERRNO (-1)
+#define Z_STREAM_ERROR (-2)
+#define Z_DATA_ERROR (-3)
+#define Z_MEM_ERROR (-4)
+#define Z_BUF_ERROR (-5)
+#define Z_VERSION_ERROR (-6)
+/* Return codes for the compression/decompression functions. Negative values
+ * are errors, positive values are used for special but normal events.
+ */
+
+#define Z_NO_COMPRESSION 0
+#define Z_BEST_SPEED 1
+#define Z_BEST_COMPRESSION 9
+#define Z_DEFAULT_COMPRESSION (-1)
+/* compression levels */
+
+#define Z_FILTERED 1
+#define Z_HUFFMAN_ONLY 2
+#define Z_RLE 3
+#define Z_FIXED 4
+#define Z_DEFAULT_STRATEGY 0
+/* compression strategy; see deflateInit2() below for details */
+
+#define Z_BINARY 0
+#define Z_TEXT 1
+#define Z_ASCII Z_TEXT /* for compatibility with 1.2.2 and earlier */
+#define Z_UNKNOWN 2
+/* Possible values of the data_type field (though see inflate()) */
+
+#define Z_DEFLATED 8
+/* The deflate compression method (the only one supported in this version) */
+
+#define Z_NULL 0 /* for initializing zalloc, zfree, opaque */
+
+#define zlib_version zlibVersion()
+/* for compatibility with versions < 1.0.2 */
+
+
+ /* basic functions */
+
+ZEXTERN const char * ZEXPORT zlibVersion OF((void));
+/* The application can compare zlibVersion and ZLIB_VERSION for consistency.
+ If the first character differs, the library code actually used is not
+ compatible with the zlib.h header file used by the application. This check
+ is automatically made by deflateInit and inflateInit.
+ */
+
+/*
+ZEXTERN int ZEXPORT deflateInit OF((z_streamp strm, int level));
+
+ Initializes the internal stream state for compression. The fields
+ zalloc, zfree and opaque must be initialized before by the caller. If
+ zalloc and zfree are set to Z_NULL, deflateInit updates them to use default
+ allocation functions.
+
+ The compression level must be Z_DEFAULT_COMPRESSION, or between 0 and 9:
+ 1 gives best speed, 9 gives best compression, 0 gives no compression at all
+ (the input data is simply copied a block at a time). Z_DEFAULT_COMPRESSION
+ requests a default compromise between speed and compression (currently
+ equivalent to level 6).
+
+ deflateInit returns Z_OK if success, Z_MEM_ERROR if there was not enough
+ memory, Z_STREAM_ERROR if level is not a valid compression level, or
+ Z_VERSION_ERROR if the zlib library version (zlib_version) is incompatible
+ with the version assumed by the caller (ZLIB_VERSION). msg is set to null
+ if there is no error message. deflateInit does not perform any compression:
+ this will be done by deflate().
+*/
+
+
+ZEXTERN int ZEXPORT deflate OF((z_streamp strm, int flush));
+/*
+ deflate compresses as much data as possible, and stops when the input
+ buffer becomes empty or the output buffer becomes full. It may introduce
+ some output latency (reading input without producing any output) except when
+ forced to flush.
+
+ The detailed semantics are as follows. deflate performs one or both of the
+ following actions:
+
+ - Compress more input starting at next_in and update next_in and avail_in
+ accordingly. If not all input can be processed (because there is not
+ enough room in the output buffer), next_in and avail_in are updated and
+ processing will resume at this point for the next call of deflate().
+
+ - Provide more output starting at next_out and update next_out and avail_out
+ accordingly. This action is forced if the parameter flush is non zero.
+ Forcing flush frequently degrades the compression ratio, so this parameter
+ should be set only when necessary (in interactive applications). Some
+ output may be provided even if flush is not set.
+
+ Before the call of deflate(), the application should ensure that at least
+ one of the actions is possible, by providing more input and/or consuming more
+ output, and updating avail_in or avail_out accordingly; avail_out should
+ never be zero before the call. The application can consume the compressed
+ output when it wants, for example when the output buffer is full (avail_out
+ == 0), or after each call of deflate(). If deflate returns Z_OK and with
+ zero avail_out, it must be called again after making room in the output
+ buffer because there might be more output pending.
+
+ Normally the parameter flush is set to Z_NO_FLUSH, which allows deflate to
+ decide how much data to accumulate before producing output, in order to
+ maximize compression.
+
+ If the parameter flush is set to Z_SYNC_FLUSH, all pending output is
+ flushed to the output buffer and the output is aligned on a byte boundary, so
+ that the decompressor can get all input data available so far. (In
+ particular avail_in is zero after the call if enough output space has been
+ provided before the call.) Flushing may degrade compression for some
+ compression algorithms and so it should be used only when necessary. This
+ completes the current deflate block and follows it with an empty stored block
+ that is three bits plus filler bits to the next byte, followed by four bytes
+ (00 00 ff ff).
+
+ If flush is set to Z_PARTIAL_FLUSH, all pending output is flushed to the
+ output buffer, but the output is not aligned to a byte boundary. All of the
+ input data so far will be available to the decompressor, as for Z_SYNC_FLUSH.
+ This completes the current deflate block and follows it with an empty fixed
+ codes block that is 10 bits long. This assures that enough bytes are output
+ in order for the decompressor to finish the block before the empty fixed code
+ block.
+
+ If flush is set to Z_BLOCK, a deflate block is completed and emitted, as
+ for Z_SYNC_FLUSH, but the output is not aligned on a byte boundary, and up to
+ seven bits of the current block are held to be written as the next byte after
+ the next deflate block is completed. In this case, the decompressor may not
+ be provided enough bits at this point in order to complete decompression of
+ the data provided so far to the compressor. It may need to wait for the next
+ block to be emitted. This is for advanced applications that need to control
+ the emission of deflate blocks.
+
+ If flush is set to Z_FULL_FLUSH, all output is flushed as with
+ Z_SYNC_FLUSH, and the compression state is reset so that decompression can
+ restart from this point if previous compressed data has been damaged or if
+ random access is desired. Using Z_FULL_FLUSH too often can seriously degrade
+ compression.
+
+ If deflate returns with avail_out == 0, this function must be called again
+ with the same value of the flush parameter and more output space (updated
+ avail_out), until the flush is complete (deflate returns with non-zero
+ avail_out). In the case of a Z_FULL_FLUSH or Z_SYNC_FLUSH, make sure that
+ avail_out is greater than six to avoid repeated flush markers due to
+ avail_out == 0 on return.
+
+ If the parameter flush is set to Z_FINISH, pending input is processed,
+ pending output is flushed and deflate returns with Z_STREAM_END if there was
+ enough output space; if deflate returns with Z_OK, this function must be
+ called again with Z_FINISH and more output space (updated avail_out) but no
+ more input data, until it returns with Z_STREAM_END or an error. After
+ deflate has returned Z_STREAM_END, the only possible operations on the stream
+ are deflateReset or deflateEnd.
+
+ Z_FINISH can be used immediately after deflateInit if all the compression
+ is to be done in a single step. In this case, avail_out must be at least the
+ value returned by deflateBound (see below). Then deflate is guaranteed to
+ return Z_STREAM_END. If not enough output space is provided, deflate will
+ not return Z_STREAM_END, and it must be called again as described above.
+
+ deflate() sets strm->adler to the adler32 checksum of all input read
+ so far (that is, total_in bytes).
+
+ deflate() may update strm->data_type if it can make a good guess about
+ the input data type (Z_BINARY or Z_TEXT). In doubt, the data is considered
+ binary. This field is only for information purposes and does not affect the
+ compression algorithm in any manner.
+
+ deflate() returns Z_OK if some progress has been made (more input
+ processed or more output produced), Z_STREAM_END if all input has been
+ consumed and all output has been produced (only when flush is set to
+ Z_FINISH), Z_STREAM_ERROR if the stream state was inconsistent (for example
+ if next_in or next_out was Z_NULL), Z_BUF_ERROR if no progress is possible
+ (for example avail_in or avail_out was zero). Note that Z_BUF_ERROR is not
+ fatal, and deflate() can be called again with more input and more output
+ space to continue compressing.
+*/
+
+
+ZEXTERN int ZEXPORT deflateEnd OF((z_streamp strm));
+/*
+ All dynamically allocated data structures for this stream are freed.
+ This function discards any unprocessed input and does not flush any pending
+ output.
+
+ deflateEnd returns Z_OK if success, Z_STREAM_ERROR if the
+ stream state was inconsistent, Z_DATA_ERROR if the stream was freed
+ prematurely (some input or output was discarded). In the error case, msg
+ may be set but then points to a static string (which must not be
+ deallocated).
+*/
+
+
+/*
+ZEXTERN int ZEXPORT inflateInit OF((z_streamp strm));
+
+ Initializes the internal stream state for decompression. The fields
+ next_in, avail_in, zalloc, zfree and opaque must be initialized before by
+ the caller. If next_in is not Z_NULL and avail_in is large enough (the
+ exact value depends on the compression method), inflateInit determines the
+ compression method from the zlib header and allocates all data structures
+ accordingly; otherwise the allocation will be deferred to the first call of
+ inflate. If zalloc and zfree are set to Z_NULL, inflateInit updates them to
+ use default allocation functions.
+
+ inflateInit returns Z_OK if success, Z_MEM_ERROR if there was not enough
+ memory, Z_VERSION_ERROR if the zlib library version is incompatible with the
+ version assumed by the caller, or Z_STREAM_ERROR if the parameters are
+ invalid, such as a null pointer to the structure. msg is set to null if
+ there is no error message. inflateInit does not perform any decompression
+ apart from possibly reading the zlib header if present: actual decompression
+ will be done by inflate(). (So next_in and avail_in may be modified, but
+ next_out and avail_out are unused and unchanged.) The current implementation
+ of inflateInit() does not process any header information -- that is deferred
+ until inflate() is called.
+*/
+
+
+ZEXTERN int ZEXPORT inflate OF((z_streamp strm, int flush));
+/*
+ inflate decompresses as much data as possible, and stops when the input
+ buffer becomes empty or the output buffer becomes full. It may introduce
+ some output latency (reading input without producing any output) except when
+ forced to flush.
+
+ The detailed semantics are as follows. inflate performs one or both of the
+ following actions:
+
+ - Decompress more input starting at next_in and update next_in and avail_in
+ accordingly. If not all input can be processed (because there is not
+ enough room in the output buffer), next_in is updated and processing will
+ resume at this point for the next call of inflate().
+
+ - Provide more output starting at next_out and update next_out and avail_out
+ accordingly. inflate() provides as much output as possible, until there is
+ no more input data or no more space in the output buffer (see below about
+ the flush parameter).
+
+ Before the call of inflate(), the application should ensure that at least
+ one of the actions is possible, by providing more input and/or consuming more
+ output, and updating the next_* and avail_* values accordingly. The
+ application can consume the uncompressed output when it wants, for example
+ when the output buffer is full (avail_out == 0), or after each call of
+ inflate(). If inflate returns Z_OK and with zero avail_out, it must be
+ called again after making room in the output buffer because there might be
+ more output pending.
+
+ The flush parameter of inflate() can be Z_NO_FLUSH, Z_SYNC_FLUSH, Z_FINISH,
+ Z_BLOCK, or Z_TREES. Z_SYNC_FLUSH requests that inflate() flush as much
+ output as possible to the output buffer. Z_BLOCK requests that inflate()
+ stop if and when it gets to the next deflate block boundary. When decoding
+ the zlib or gzip format, this will cause inflate() to return immediately
+ after the header and before the first block. When doing a raw inflate,
+ inflate() will go ahead and process the first block, and will return when it
+ gets to the end of that block, or when it runs out of data.
+
+ The Z_BLOCK option assists in appending to or combining deflate streams.
+ Also to assist in this, on return inflate() will set strm->data_type to the
+ number of unused bits in the last byte taken from strm->next_in, plus 64 if
+ inflate() is currently decoding the last block in the deflate stream, plus
+ 128 if inflate() returned immediately after decoding an end-of-block code or
+ decoding the complete header up to just before the first byte of the deflate
+ stream. The end-of-block will not be indicated until all of the uncompressed
+ data from that block has been written to strm->next_out. The number of
+ unused bits may in general be greater than seven, except when bit 7 of
+ data_type is set, in which case the number of unused bits will be less than
+ eight. data_type is set as noted here every time inflate() returns for all
+ flush options, and so can be used to determine the amount of currently
+ consumed input in bits.
+
+ The Z_TREES option behaves as Z_BLOCK does, but it also returns when the
+ end of each deflate block header is reached, before any actual data in that
+ block is decoded. This allows the caller to determine the length of the
+ deflate block header for later use in random access within a deflate block.
+ 256 is added to the value of strm->data_type when inflate() returns
+ immediately after reaching the end of the deflate block header.
+
+ inflate() should normally be called until it returns Z_STREAM_END or an
+ error. However if all decompression is to be performed in a single step (a
+ single call of inflate), the parameter flush should be set to Z_FINISH. In
+ this case all pending input is processed and all pending output is flushed;
+ avail_out must be large enough to hold all of the uncompressed data for the
+ operation to complete. (The size of the uncompressed data may have been
+ saved by the compressor for this purpose.) The use of Z_FINISH is not
+ required to perform an inflation in one step. However it may be used to
+ inform inflate that a faster approach can be used for the single inflate()
+ call. Z_FINISH also informs inflate to not maintain a sliding window if the
+ stream completes, which reduces inflate's memory footprint. If the stream
+ does not complete, either because not all of the stream is provided or not
+ enough output space is provided, then a sliding window will be allocated and
+ inflate() can be called again to continue the operation as if Z_NO_FLUSH had
+ been used.
+
+ In this implementation, inflate() always flushes as much output as
+ possible to the output buffer, and always uses the faster approach on the
+ first call. So the effects of the flush parameter in this implementation are
+ on the return value of inflate() as noted below, when inflate() returns early
+ when Z_BLOCK or Z_TREES is used, and when inflate() avoids the allocation of
+ memory for a sliding window when Z_FINISH is used.
+
+ If a preset dictionary is needed after this call (see inflateSetDictionary
+ below), inflate sets strm->adler to the Adler-32 checksum of the dictionary
+ chosen by the compressor and returns Z_NEED_DICT; otherwise it sets
+ strm->adler to the Adler-32 checksum of all output produced so far (that is,
+ total_out bytes) and returns Z_OK, Z_STREAM_END or an error code as described
+ below. At the end of the stream, inflate() checks that its computed adler32
+ checksum is equal to that saved by the compressor and returns Z_STREAM_END
+ only if the checksum is correct.
+
+ inflate() can decompress and check either zlib-wrapped or gzip-wrapped
+ deflate data. The header type is detected automatically, if requested when
+ initializing with inflateInit2(). Any information contained in the gzip
+ header is not retained, so applications that need that information should
+ instead use raw inflate, see inflateInit2() below, or inflateBack() and
+ perform their own processing of the gzip header and trailer. When processing
+ gzip-wrapped deflate data, strm->adler32 is set to the CRC-32 of the output
+ producted so far. The CRC-32 is checked against the gzip trailer.
+
+ inflate() returns Z_OK if some progress has been made (more input processed
+ or more output produced), Z_STREAM_END if the end of the compressed data has
+ been reached and all uncompressed output has been produced, Z_NEED_DICT if a
+ preset dictionary is needed at this point, Z_DATA_ERROR if the input data was
+ corrupted (input stream not conforming to the zlib format or incorrect check
+ value), Z_STREAM_ERROR if the stream structure was inconsistent (for example
+ next_in or next_out was Z_NULL), Z_MEM_ERROR if there was not enough memory,
+ Z_BUF_ERROR if no progress is possible or if there was not enough room in the
+ output buffer when Z_FINISH is used. Note that Z_BUF_ERROR is not fatal, and
+ inflate() can be called again with more input and more output space to
+ continue decompressing. If Z_DATA_ERROR is returned, the application may
+ then call inflateSync() to look for a good compression block if a partial
+ recovery of the data is desired.
+*/
+
+
+ZEXTERN int ZEXPORT inflateEnd OF((z_streamp strm));
+/*
+ All dynamically allocated data structures for this stream are freed.
+ This function discards any unprocessed input and does not flush any pending
+ output.
+
+ inflateEnd returns Z_OK if success, Z_STREAM_ERROR if the stream state
+ was inconsistent. In the error case, msg may be set but then points to a
+ static string (which must not be deallocated).
+*/
+
+
+ /* Advanced functions */
+
+/*
+ The following functions are needed only in some special applications.
+*/
+
+/*
+ZEXTERN int ZEXPORT deflateInit2 OF((z_streamp strm,
+ int level,
+ int method,
+ int windowBits,
+ int memLevel,
+ int strategy));
+
+ This is another version of deflateInit with more compression options. The
+ fields next_in, zalloc, zfree and opaque must be initialized before by the
+ caller.
+
+ The method parameter is the compression method. It must be Z_DEFLATED in
+ this version of the library.
+
+ The windowBits parameter is the base two logarithm of the window size
+ (the size of the history buffer). It should be in the range 8..15 for this
+ version of the library. Larger values of this parameter result in better
+ compression at the expense of memory usage. The default value is 15 if
+ deflateInit is used instead.
+
+ windowBits can also be -8..-15 for raw deflate. In this case, -windowBits
+ determines the window size. deflate() will then generate raw deflate data
+ with no zlib header or trailer, and will not compute an adler32 check value.
+
+ windowBits can also be greater than 15 for optional gzip encoding. Add
+ 16 to windowBits to write a simple gzip header and trailer around the
+ compressed data instead of a zlib wrapper. The gzip header will have no
+ file name, no extra data, no comment, no modification time (set to zero), no
+ header crc, and the operating system will be set to 255 (unknown). If a
+ gzip stream is being written, strm->adler is a crc32 instead of an adler32.
+
+ The memLevel parameter specifies how much memory should be allocated
+ for the internal compression state. memLevel=1 uses minimum memory but is
+ slow and reduces compression ratio; memLevel=9 uses maximum memory for
+ optimal speed. The default value is 8. See zconf.h for total memory usage
+ as a function of windowBits and memLevel.
+
+ The strategy parameter is used to tune the compression algorithm. Use the
+ value Z_DEFAULT_STRATEGY for normal data, Z_FILTERED for data produced by a
+ filter (or predictor), Z_HUFFMAN_ONLY to force Huffman encoding only (no
+ string match), or Z_RLE to limit match distances to one (run-length
+ encoding). Filtered data consists mostly of small values with a somewhat
+ random distribution. In this case, the compression algorithm is tuned to
+ compress them better. The effect of Z_FILTERED is to force more Huffman
+ coding and less string matching; it is somewhat intermediate between
+ Z_DEFAULT_STRATEGY and Z_HUFFMAN_ONLY. Z_RLE is designed to be almost as
+ fast as Z_HUFFMAN_ONLY, but give better compression for PNG image data. The
+ strategy parameter only affects the compression ratio but not the
+ correctness of the compressed output even if it is not set appropriately.
+ Z_FIXED prevents the use of dynamic Huffman codes, allowing for a simpler
+ decoder for special applications.
+
+ deflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was not enough
+ memory, Z_STREAM_ERROR if any parameter is invalid (such as an invalid
+ method), or Z_VERSION_ERROR if the zlib library version (zlib_version) is
+ incompatible with the version assumed by the caller (ZLIB_VERSION). msg is
+ set to null if there is no error message. deflateInit2 does not perform any
+ compression: this will be done by deflate().
+*/
+
+ZEXTERN int ZEXPORT deflateSetDictionary OF((z_streamp strm,
+ const Bytef *dictionary,
+ uInt dictLength));
+/*
+ Initializes the compression dictionary from the given byte sequence
+ without producing any compressed output. When using the zlib format, this
+ function must be called immediately after deflateInit, deflateInit2 or
+ deflateReset, and before any call of deflate. When doing raw deflate, this
+ function must be called either before any call of deflate, or immediately
+ after the completion of a deflate block, i.e. after all input has been
+ consumed and all output has been delivered when using any of the flush
+ options Z_BLOCK, Z_PARTIAL_FLUSH, Z_SYNC_FLUSH, or Z_FULL_FLUSH. The
+ compressor and decompressor must use exactly the same dictionary (see
+ inflateSetDictionary).
+
+ The dictionary should consist of strings (byte sequences) that are likely
+ to be encountered later in the data to be compressed, with the most commonly
+ used strings preferably put towards the end of the dictionary. Using a
+ dictionary is most useful when the data to be compressed is short and can be
+ predicted with good accuracy; the data can then be compressed better than
+ with the default empty dictionary.
+
+ Depending on the size of the compression data structures selected by
+ deflateInit or deflateInit2, a part of the dictionary may in effect be
+ discarded, for example if the dictionary is larger than the window size
+ provided in deflateInit or deflateInit2. Thus the strings most likely to be
+ useful should be put at the end of the dictionary, not at the front. In
+ addition, the current implementation of deflate will use at most the window
+ size minus 262 bytes of the provided dictionary.
+
+ Upon return of this function, strm->adler is set to the adler32 value
+ of the dictionary; the decompressor may later use this value to determine
+ which dictionary has been used by the compressor. (The adler32 value
+ applies to the whole dictionary even if only a subset of the dictionary is
+ actually used by the compressor.) If a raw deflate was requested, then the
+ adler32 value is not computed and strm->adler is not set.
+
+ deflateSetDictionary returns Z_OK if success, or Z_STREAM_ERROR if a
+ parameter is invalid (e.g. dictionary being Z_NULL) or the stream state is
+ inconsistent (for example if deflate has already been called for this stream
+ or if not at a block boundary for raw deflate). deflateSetDictionary does
+ not perform any compression: this will be done by deflate().
+*/
+
+ZEXTERN int ZEXPORT deflateCopy OF((z_streamp dest,
+ z_streamp source));
+/*
+ Sets the destination stream as a complete copy of the source stream.
+
+ This function can be useful when several compression strategies will be
+ tried, for example when there are several ways of pre-processing the input
+ data with a filter. The streams that will be discarded should then be freed
+ by calling deflateEnd. Note that deflateCopy duplicates the internal
+ compression state which can be quite large, so this strategy is slow and can
+ consume lots of memory.
+
+ deflateCopy returns Z_OK if success, Z_MEM_ERROR if there was not
+ enough memory, Z_STREAM_ERROR if the source stream state was inconsistent
+ (such as zalloc being Z_NULL). msg is left unchanged in both source and
+ destination.
+*/
+
+ZEXTERN int ZEXPORT deflateReset OF((z_streamp strm));
+/*
+ This function is equivalent to deflateEnd followed by deflateInit,
+ but does not free and reallocate all the internal compression state. The
+ stream will keep the same compression level and any other attributes that
+ may have been set by deflateInit2.
+
+ deflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent (such as zalloc or state being Z_NULL).
+*/
+
+ZEXTERN int ZEXPORT deflateParams OF((z_streamp strm,
+ int level,
+ int strategy));
+/*
+ Dynamically update the compression level and compression strategy. The
+ interpretation of level and strategy is as in deflateInit2. This can be
+ used to switch between compression and straight copy of the input data, or
+ to switch to a different kind of input data requiring a different strategy.
+ If the compression level is changed, the input available so far is
+ compressed with the old level (and may be flushed); the new level will take
+ effect only at the next call of deflate().
+
+ Before the call of deflateParams, the stream state must be set as for
+ a call of deflate(), since the currently available input may have to be
+ compressed and flushed. In particular, strm->avail_out must be non-zero.
+
+ deflateParams returns Z_OK if success, Z_STREAM_ERROR if the source
+ stream state was inconsistent or if a parameter was invalid, Z_BUF_ERROR if
+ strm->avail_out was zero.
+*/
+
+ZEXTERN int ZEXPORT deflateTune OF((z_streamp strm,
+ int good_length,
+ int max_lazy,
+ int nice_length,
+ int max_chain));
+/*
+ Fine tune deflate's internal compression parameters. This should only be
+ used by someone who understands the algorithm used by zlib's deflate for
+ searching for the best matching string, and even then only by the most
+ fanatic optimizer trying to squeeze out the last compressed bit for their
+ specific input data. Read the deflate.c source code for the meaning of the
+ max_lazy, good_length, nice_length, and max_chain parameters.
+
+ deflateTune() can be called after deflateInit() or deflateInit2(), and
+ returns Z_OK on success, or Z_STREAM_ERROR for an invalid deflate stream.
+ */
+
+ZEXTERN uLong ZEXPORT deflateBound OF((z_streamp strm,
+ uLong sourceLen));
+/*
+ deflateBound() returns an upper bound on the compressed size after
+ deflation of sourceLen bytes. It must be called after deflateInit() or
+ deflateInit2(), and after deflateSetHeader(), if used. This would be used
+ to allocate an output buffer for deflation in a single pass, and so would be
+ called before deflate(). If that first deflate() call is provided the
+ sourceLen input bytes, an output buffer allocated to the size returned by
+ deflateBound(), and the flush value Z_FINISH, then deflate() is guaranteed
+ to return Z_STREAM_END. Note that it is possible for the compressed size to
+ be larger than the value returned by deflateBound() if flush options other
+ than Z_FINISH or Z_NO_FLUSH are used.
+*/
+
+ZEXTERN int ZEXPORT deflatePending OF((z_streamp strm,
+ unsigned *pending,
+ int *bits));
+/*
+ deflatePending() returns the number of bytes and bits of output that have
+ been generated, but not yet provided in the available output. The bytes not
+ provided would be due to the available output space having being consumed.
+ The number of bits of output not provided are between 0 and 7, where they
+ await more bits to join them in order to fill out a full byte. If pending
+ or bits are Z_NULL, then those values are not set.
+
+ deflatePending returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent.
+ */
+
+ZEXTERN int ZEXPORT deflatePrime OF((z_streamp strm,
+ int bits,
+ int value));
+/*
+ deflatePrime() inserts bits in the deflate output stream. The intent
+ is that this function is used to start off the deflate output with the bits
+ leftover from a previous deflate stream when appending to it. As such, this
+ function can only be used for raw deflate, and must be used before the first
+ deflate() call after a deflateInit2() or deflateReset(). bits must be less
+ than or equal to 16, and that many of the least significant bits of value
+ will be inserted in the output.
+
+ deflatePrime returns Z_OK if success, Z_BUF_ERROR if there was not enough
+ room in the internal buffer to insert the bits, or Z_STREAM_ERROR if the
+ source stream state was inconsistent.
+*/
+
+ZEXTERN int ZEXPORT deflateSetHeader OF((z_streamp strm,
+ gz_headerp head));
+/*
+ deflateSetHeader() provides gzip header information for when a gzip
+ stream is requested by deflateInit2(). deflateSetHeader() may be called
+ after deflateInit2() or deflateReset() and before the first call of
+ deflate(). The text, time, os, extra field, name, and comment information
+ in the provided gz_header structure are written to the gzip header (xflag is
+ ignored -- the extra flags are set according to the compression level). The
+ caller must assure that, if not Z_NULL, name and comment are terminated with
+ a zero byte, and that if extra is not Z_NULL, that extra_len bytes are
+ available there. If hcrc is true, a gzip header crc is included. Note that
+ the current versions of the command-line version of gzip (up through version
+ 1.3.x) do not support header crc's, and will report that it is a "multi-part
+ gzip file" and give up.
+
+ If deflateSetHeader is not used, the default gzip header has text false,
+ the time set to zero, and os set to 255, with no extra, name, or comment
+ fields. The gzip header is returned to the default state by deflateReset().
+
+ deflateSetHeader returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent.
+*/
+
+/*
+ZEXTERN int ZEXPORT inflateInit2 OF((z_streamp strm,
+ int windowBits));
+
+ This is another version of inflateInit with an extra parameter. The
+ fields next_in, avail_in, zalloc, zfree and opaque must be initialized
+ before by the caller.
+
+ The windowBits parameter is the base two logarithm of the maximum window
+ size (the size of the history buffer). It should be in the range 8..15 for
+ this version of the library. The default value is 15 if inflateInit is used
+ instead. windowBits must be greater than or equal to the windowBits value
+ provided to deflateInit2() while compressing, or it must be equal to 15 if
+ deflateInit2() was not used. If a compressed stream with a larger window
+ size is given as input, inflate() will return with the error code
+ Z_DATA_ERROR instead of trying to allocate a larger window.
+
+ windowBits can also be zero to request that inflate use the window size in
+ the zlib header of the compressed stream.
+
+ windowBits can also be -8..-15 for raw inflate. In this case, -windowBits
+ determines the window size. inflate() will then process raw deflate data,
+ not looking for a zlib or gzip header, not generating a check value, and not
+ looking for any check values for comparison at the end of the stream. This
+ is for use with other formats that use the deflate compressed data format
+ such as zip. Those formats provide their own check values. If a custom
+ format is developed using the raw deflate format for compressed data, it is
+ recommended that a check value such as an adler32 or a crc32 be applied to
+ the uncompressed data as is done in the zlib, gzip, and zip formats. For
+ most applications, the zlib format should be used as is. Note that comments
+ above on the use in deflateInit2() applies to the magnitude of windowBits.
+
+ windowBits can also be greater than 15 for optional gzip decoding. Add
+ 32 to windowBits to enable zlib and gzip decoding with automatic header
+ detection, or add 16 to decode only the gzip format (the zlib format will
+ return a Z_DATA_ERROR). If a gzip stream is being decoded, strm->adler is a
+ crc32 instead of an adler32.
+
+ inflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was not enough
+ memory, Z_VERSION_ERROR if the zlib library version is incompatible with the
+ version assumed by the caller, or Z_STREAM_ERROR if the parameters are
+ invalid, such as a null pointer to the structure. msg is set to null if
+ there is no error message. inflateInit2 does not perform any decompression
+ apart from possibly reading the zlib header if present: actual decompression
+ will be done by inflate(). (So next_in and avail_in may be modified, but
+ next_out and avail_out are unused and unchanged.) The current implementation
+ of inflateInit2() does not process any header information -- that is
+ deferred until inflate() is called.
+*/
+
+ZEXTERN int ZEXPORT inflateSetDictionary OF((z_streamp strm,
+ const Bytef *dictionary,
+ uInt dictLength));
+/*
+ Initializes the decompression dictionary from the given uncompressed byte
+ sequence. This function must be called immediately after a call of inflate,
+ if that call returned Z_NEED_DICT. The dictionary chosen by the compressor
+ can be determined from the adler32 value returned by that call of inflate.
+ The compressor and decompressor must use exactly the same dictionary (see
+ deflateSetDictionary). For raw inflate, this function can be called at any
+ time to set the dictionary. If the provided dictionary is smaller than the
+ window and there is already data in the window, then the provided dictionary
+ will amend what's there. The application must insure that the dictionary
+ that was used for compression is provided.
+
+ inflateSetDictionary returns Z_OK if success, Z_STREAM_ERROR if a
+ parameter is invalid (e.g. dictionary being Z_NULL) or the stream state is
+ inconsistent, Z_DATA_ERROR if the given dictionary doesn't match the
+ expected one (incorrect adler32 value). inflateSetDictionary does not
+ perform any decompression: this will be done by subsequent calls of
+ inflate().
+*/
+
+ZEXTERN int ZEXPORT inflateGetDictionary OF((z_streamp strm,
+ Bytef *dictionary,
+ uInt *dictLength));
+/*
+ Returns the sliding dictionary being maintained by inflate. dictLength is
+ set to the number of bytes in the dictionary, and that many bytes are copied
+ to dictionary. dictionary must have enough space, where 32768 bytes is
+ always enough. If inflateGetDictionary() is called with dictionary equal to
+ Z_NULL, then only the dictionary length is returned, and nothing is copied.
+ Similary, if dictLength is Z_NULL, then it is not set.
+
+ inflateGetDictionary returns Z_OK on success, or Z_STREAM_ERROR if the
+ stream state is inconsistent.
+*/
+
+ZEXTERN int ZEXPORT inflateSync OF((z_streamp strm));
+/*
+ Skips invalid compressed data until a possible full flush point (see above
+ for the description of deflate with Z_FULL_FLUSH) can be found, or until all
+ available input is skipped. No output is provided.
+
+ inflateSync searches for a 00 00 FF FF pattern in the compressed data.
+ All full flush points have this pattern, but not all occurrences of this
+ pattern are full flush points.
+
+ inflateSync returns Z_OK if a possible full flush point has been found,
+ Z_BUF_ERROR if no more input was provided, Z_DATA_ERROR if no flush point
+ has been found, or Z_STREAM_ERROR if the stream structure was inconsistent.
+ In the success case, the application may save the current current value of
+ total_in which indicates where valid compressed data was found. In the
+ error case, the application may repeatedly call inflateSync, providing more
+ input each time, until success or end of the input data.
+*/
+
+ZEXTERN int ZEXPORT inflateCopy OF((z_streamp dest,
+ z_streamp source));
+/*
+ Sets the destination stream as a complete copy of the source stream.
+
+ This function can be useful when randomly accessing a large stream. The
+ first pass through the stream can periodically record the inflate state,
+ allowing restarting inflate at those points when randomly accessing the
+ stream.
+
+ inflateCopy returns Z_OK if success, Z_MEM_ERROR if there was not
+ enough memory, Z_STREAM_ERROR if the source stream state was inconsistent
+ (such as zalloc being Z_NULL). msg is left unchanged in both source and
+ destination.
+*/
+
+ZEXTERN int ZEXPORT inflateReset OF((z_streamp strm));
+/*
+ This function is equivalent to inflateEnd followed by inflateInit,
+ but does not free and reallocate all the internal decompression state. The
+ stream will keep attributes that may have been set by inflateInit2.
+
+ inflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent (such as zalloc or state being Z_NULL).
+*/
+
+ZEXTERN int ZEXPORT inflateReset2 OF((z_streamp strm,
+ int windowBits));
+/*
+ This function is the same as inflateReset, but it also permits changing
+ the wrap and window size requests. The windowBits parameter is interpreted
+ the same as it is for inflateInit2.
+
+ inflateReset2 returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent (such as zalloc or state being Z_NULL), or if
+ the windowBits parameter is invalid.
+*/
+
+ZEXTERN int ZEXPORT inflatePrime OF((z_streamp strm,
+ int bits,
+ int value));
+/*
+ This function inserts bits in the inflate input stream. The intent is
+ that this function is used to start inflating at a bit position in the
+ middle of a byte. The provided bits will be used before any bytes are used
+ from next_in. This function should only be used with raw inflate, and
+ should be used before the first inflate() call after inflateInit2() or
+ inflateReset(). bits must be less than or equal to 16, and that many of the
+ least significant bits of value will be inserted in the input.
+
+ If bits is negative, then the input stream bit buffer is emptied. Then
+ inflatePrime() can be called again to put bits in the buffer. This is used
+ to clear out bits leftover after feeding inflate a block description prior
+ to feeding inflate codes.
+
+ inflatePrime returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent.
+*/
+
+ZEXTERN long ZEXPORT inflateMark OF((z_streamp strm));
+/*
+ This function returns two values, one in the lower 16 bits of the return
+ value, and the other in the remaining upper bits, obtained by shifting the
+ return value down 16 bits. If the upper value is -1 and the lower value is
+ zero, then inflate() is currently decoding information outside of a block.
+ If the upper value is -1 and the lower value is non-zero, then inflate is in
+ the middle of a stored block, with the lower value equaling the number of
+ bytes from the input remaining to copy. If the upper value is not -1, then
+ it is the number of bits back from the current bit position in the input of
+ the code (literal or length/distance pair) currently being processed. In
+ that case the lower value is the number of bytes already emitted for that
+ code.
+
+ A code is being processed if inflate is waiting for more input to complete
+ decoding of the code, or if it has completed decoding but is waiting for
+ more output space to write the literal or match data.
+
+ inflateMark() is used to mark locations in the input data for random
+ access, which may be at bit positions, and to note those cases where the
+ output of a code may span boundaries of random access blocks. The current
+ location in the input stream can be determined from avail_in and data_type
+ as noted in the description for the Z_BLOCK flush parameter for inflate.
+
+ inflateMark returns the value noted above or -1 << 16 if the provided
+ source stream state was inconsistent.
+*/
+
+ZEXTERN int ZEXPORT inflateGetHeader OF((z_streamp strm,
+ gz_headerp head));
+/*
+ inflateGetHeader() requests that gzip header information be stored in the
+ provided gz_header structure. inflateGetHeader() may be called after
+ inflateInit2() or inflateReset(), and before the first call of inflate().
+ As inflate() processes the gzip stream, head->done is zero until the header
+ is completed, at which time head->done is set to one. If a zlib stream is
+ being decoded, then head->done is set to -1 to indicate that there will be
+ no gzip header information forthcoming. Note that Z_BLOCK or Z_TREES can be
+ used to force inflate() to return immediately after header processing is
+ complete and before any actual data is decompressed.
+
+ The text, time, xflags, and os fields are filled in with the gzip header
+ contents. hcrc is set to true if there is a header CRC. (The header CRC
+ was valid if done is set to one.) If extra is not Z_NULL, then extra_max
+ contains the maximum number of bytes to write to extra. Once done is true,
+ extra_len contains the actual extra field length, and extra contains the
+ extra field, or that field truncated if extra_max is less than extra_len.
+ If name is not Z_NULL, then up to name_max characters are written there,
+ terminated with a zero unless the length is greater than name_max. If
+ comment is not Z_NULL, then up to comm_max characters are written there,
+ terminated with a zero unless the length is greater than comm_max. When any
+ of extra, name, or comment are not Z_NULL and the respective field is not
+ present in the header, then that field is set to Z_NULL to signal its
+ absence. This allows the use of deflateSetHeader() with the returned
+ structure to duplicate the header. However if those fields are set to
+ allocated memory, then the application will need to save those pointers
+ elsewhere so that they can be eventually freed.
+
+ If inflateGetHeader is not used, then the header information is simply
+ discarded. The header is always checked for validity, including the header
+ CRC if present. inflateReset() will reset the process to discard the header
+ information. The application would need to call inflateGetHeader() again to
+ retrieve the header from the next gzip stream.
+
+ inflateGetHeader returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent.
+*/
+
+/*
+ZEXTERN int ZEXPORT inflateBackInit OF((z_streamp strm, int windowBits,
+ unsigned char FAR *window));
+
+ Initialize the internal stream state for decompression using inflateBack()
+ calls. The fields zalloc, zfree and opaque in strm must be initialized
+ before the call. If zalloc and zfree are Z_NULL, then the default library-
+ derived memory allocation routines are used. windowBits is the base two
+ logarithm of the window size, in the range 8..15. window is a caller
+ supplied buffer of that size. Except for special applications where it is
+ assured that deflate was used with small window sizes, windowBits must be 15
+ and a 32K byte window must be supplied to be able to decompress general
+ deflate streams.
+
+ See inflateBack() for the usage of these routines.
+
+ inflateBackInit will return Z_OK on success, Z_STREAM_ERROR if any of
+ the parameters are invalid, Z_MEM_ERROR if the internal state could not be
+ allocated, or Z_VERSION_ERROR if the version of the library does not match
+ the version of the header file.
+*/
+
+typedef unsigned (*in_func) OF((void FAR *,
+ z_const unsigned char FAR * FAR *));
+typedef int (*out_func) OF((void FAR *, unsigned char FAR *, unsigned));
+
+ZEXTERN int ZEXPORT inflateBack OF((z_streamp strm,
+ in_func in, void FAR *in_desc,
+ out_func out, void FAR *out_desc));
+/*
+ inflateBack() does a raw inflate with a single call using a call-back
+ interface for input and output. This is potentially more efficient than
+ inflate() for file i/o applications, in that it avoids copying between the
+ output and the sliding window by simply making the window itself the output
+ buffer. inflate() can be faster on modern CPUs when used with large
+ buffers. inflateBack() trusts the application to not change the output
+ buffer passed by the output function, at least until inflateBack() returns.
+
+ inflateBackInit() must be called first to allocate the internal state
+ and to initialize the state with the user-provided window buffer.
+ inflateBack() may then be used multiple times to inflate a complete, raw
+ deflate stream with each call. inflateBackEnd() is then called to free the
+ allocated state.
+
+ A raw deflate stream is one with no zlib or gzip header or trailer.
+ This routine would normally be used in a utility that reads zip or gzip
+ files and writes out uncompressed files. The utility would decode the
+ header and process the trailer on its own, hence this routine expects only
+ the raw deflate stream to decompress. This is different from the normal
+ behavior of inflate(), which expects either a zlib or gzip header and
+ trailer around the deflate stream.
+
+ inflateBack() uses two subroutines supplied by the caller that are then
+ called by inflateBack() for input and output. inflateBack() calls those
+ routines until it reads a complete deflate stream and writes out all of the
+ uncompressed data, or until it encounters an error. The function's
+ parameters and return types are defined above in the in_func and out_func
+ typedefs. inflateBack() will call in(in_desc, &buf) which should return the
+ number of bytes of provided input, and a pointer to that input in buf. If
+ there is no input available, in() must return zero--buf is ignored in that
+ case--and inflateBack() will return a buffer error. inflateBack() will call
+ out(out_desc, buf, len) to write the uncompressed data buf[0..len-1]. out()
+ should return zero on success, or non-zero on failure. If out() returns
+ non-zero, inflateBack() will return with an error. Neither in() nor out()
+ are permitted to change the contents of the window provided to
+ inflateBackInit(), which is also the buffer that out() uses to write from.
+ The length written by out() will be at most the window size. Any non-zero
+ amount of input may be provided by in().
+
+ For convenience, inflateBack() can be provided input on the first call by
+ setting strm->next_in and strm->avail_in. If that input is exhausted, then
+ in() will be called. Therefore strm->next_in must be initialized before
+ calling inflateBack(). If strm->next_in is Z_NULL, then in() will be called
+ immediately for input. If strm->next_in is not Z_NULL, then strm->avail_in
+ must also be initialized, and then if strm->avail_in is not zero, input will
+ initially be taken from strm->next_in[0 .. strm->avail_in - 1].
+
+ The in_desc and out_desc parameters of inflateBack() is passed as the
+ first parameter of in() and out() respectively when they are called. These
+ descriptors can be optionally used to pass any information that the caller-
+ supplied in() and out() functions need to do their job.
+
+ On return, inflateBack() will set strm->next_in and strm->avail_in to
+ pass back any unused input that was provided by the last in() call. The
+ return values of inflateBack() can be Z_STREAM_END on success, Z_BUF_ERROR
+ if in() or out() returned an error, Z_DATA_ERROR if there was a format error
+ in the deflate stream (in which case strm->msg is set to indicate the nature
+ of the error), or Z_STREAM_ERROR if the stream was not properly initialized.
+ In the case of Z_BUF_ERROR, an input or output error can be distinguished
+ using strm->next_in which will be Z_NULL only if in() returned an error. If
+ strm->next_in is not Z_NULL, then the Z_BUF_ERROR was due to out() returning
+ non-zero. (in() will always be called before out(), so strm->next_in is
+ assured to be defined if out() returns non-zero.) Note that inflateBack()
+ cannot return Z_OK.
+*/
+
+ZEXTERN int ZEXPORT inflateBackEnd OF((z_streamp strm));
+/*
+ All memory allocated by inflateBackInit() is freed.
+
+ inflateBackEnd() returns Z_OK on success, or Z_STREAM_ERROR if the stream
+ state was inconsistent.
+*/
+
+ZEXTERN uLong ZEXPORT zlibCompileFlags OF((void));
+/* Return flags indicating compile-time options.
+
+ Type sizes, two bits each, 00 = 16 bits, 01 = 32, 10 = 64, 11 = other:
+ 1.0: size of uInt
+ 3.2: size of uLong
+ 5.4: size of voidpf (pointer)
+ 7.6: size of z_off_t
+
+ Compiler, assembler, and debug options:
+ 8: DEBUG
+ 9: ASMV or ASMINF -- use ASM code
+ 10: ZLIB_WINAPI -- exported functions use the WINAPI calling convention
+ 11: 0 (reserved)
+
+ One-time table building (smaller code, but not thread-safe if true):
+ 12: BUILDFIXED -- build static block decoding tables when needed
+ 13: DYNAMIC_CRC_TABLE -- build CRC calculation tables when needed
+ 14,15: 0 (reserved)
+
+ Library content (indicates missing functionality):
+ 16: NO_GZCOMPRESS -- gz* functions cannot compress (to avoid linking
+ deflate code when not needed)
+ 17: NO_GZIP -- deflate can't write gzip streams, and inflate can't detect
+ and decode gzip streams (to avoid linking crc code)
+ 18-19: 0 (reserved)
+
+ Operation variations (changes in library functionality):
+ 20: PKZIP_BUG_WORKAROUND -- slightly more permissive inflate
+ 21: FASTEST -- deflate algorithm with only one, lowest compression level
+ 22,23: 0 (reserved)
+
+ The sprintf variant used by gzprintf (zero is best):
+ 24: 0 = vs*, 1 = s* -- 1 means limited to 20 arguments after the format
+ 25: 0 = *nprintf, 1 = *printf -- 1 means gzprintf() not secure!
+ 26: 0 = returns value, 1 = void -- 1 means inferred string length returned
+
+ Remainder:
+ 27-31: 0 (reserved)
+ */
+
+#ifndef Z_SOLO
+
+ /* utility functions */
+
+/*
+ The following utility functions are implemented on top of the basic
+ stream-oriented functions. To simplify the interface, some default options
+ are assumed (compression level and memory usage, standard memory allocation
+ functions). The source code of these utility functions can be modified if
+ you need special options.
+*/
+
+ZEXTERN int ZEXPORT compress OF((Bytef *dest, uLongf *destLen,
+ const Bytef *source, uLong sourceLen));
+/*
+ Compresses the source buffer into the destination buffer. sourceLen is
+ the byte length of the source buffer. Upon entry, destLen is the total size
+ of the destination buffer, which must be at least the value returned by
+ compressBound(sourceLen). Upon exit, destLen is the actual size of the
+ compressed buffer.
+
+ compress returns Z_OK if success, Z_MEM_ERROR if there was not
+ enough memory, Z_BUF_ERROR if there was not enough room in the output
+ buffer.
+*/
+
+ZEXTERN int ZEXPORT compress2 OF((Bytef *dest, uLongf *destLen,
+ const Bytef *source, uLong sourceLen,
+ int level));
+/*
+ Compresses the source buffer into the destination buffer. The level
+ parameter has the same meaning as in deflateInit. sourceLen is the byte
+ length of the source buffer. Upon entry, destLen is the total size of the
+ destination buffer, which must be at least the value returned by
+ compressBound(sourceLen). Upon exit, destLen is the actual size of the
+ compressed buffer.
+
+ compress2 returns Z_OK if success, Z_MEM_ERROR if there was not enough
+ memory, Z_BUF_ERROR if there was not enough room in the output buffer,
+ Z_STREAM_ERROR if the level parameter is invalid.
+*/
+
+ZEXTERN uLong ZEXPORT compressBound OF((uLong sourceLen));
+/*
+ compressBound() returns an upper bound on the compressed size after
+ compress() or compress2() on sourceLen bytes. It would be used before a
+ compress() or compress2() call to allocate the destination buffer.
+*/
+
+ZEXTERN int ZEXPORT uncompress OF((Bytef *dest, uLongf *destLen,
+ const Bytef *source, uLong sourceLen));
+/*
+ Decompresses the source buffer into the destination buffer. sourceLen is
+ the byte length of the source buffer. Upon entry, destLen is the total size
+ of the destination buffer, which must be large enough to hold the entire
+ uncompressed data. (The size of the uncompressed data must have been saved
+ previously by the compressor and transmitted to the decompressor by some
+ mechanism outside the scope of this compression library.) Upon exit, destLen
+ is the actual size of the uncompressed buffer.
+
+ uncompress returns Z_OK if success, Z_MEM_ERROR if there was not
+ enough memory, Z_BUF_ERROR if there was not enough room in the output
+ buffer, or Z_DATA_ERROR if the input data was corrupted or incomplete. In
+ the case where there is not enough room, uncompress() will fill the output
+ buffer with the uncompressed data up to that point.
+*/
+
+ /* gzip file access functions */
+
+/*
+ This library supports reading and writing files in gzip (.gz) format with
+ an interface similar to that of stdio, using the functions that start with
+ "gz". The gzip format is different from the zlib format. gzip is a gzip
+ wrapper, documented in RFC 1952, wrapped around a deflate stream.
+*/
+
+typedef struct gzFile_s *gzFile; /* semi-opaque gzip file descriptor */
+
+/*
+ZEXTERN gzFile ZEXPORT gzopen OF((const char *path, const char *mode));
+
+ Opens a gzip (.gz) file for reading or writing. The mode parameter is as
+ in fopen ("rb" or "wb") but can also include a compression level ("wb9") or
+ a strategy: 'f' for filtered data as in "wb6f", 'h' for Huffman-only
+ compression as in "wb1h", 'R' for run-length encoding as in "wb1R", or 'F'
+ for fixed code compression as in "wb9F". (See the description of
+ deflateInit2 for more information about the strategy parameter.) 'T' will
+ request transparent writing or appending with no compression and not using
+ the gzip format.
+
+ "a" can be used instead of "w" to request that the gzip stream that will
+ be written be appended to the file. "+" will result in an error, since
+ reading and writing to the same gzip file is not supported. The addition of
+ "x" when writing will create the file exclusively, which fails if the file
+ already exists. On systems that support it, the addition of "e" when
+ reading or writing will set the flag to close the file on an execve() call.
+
+ These functions, as well as gzip, will read and decode a sequence of gzip
+ streams in a file. The append function of gzopen() can be used to create
+ such a file. (Also see gzflush() for another way to do this.) When
+ appending, gzopen does not test whether the file begins with a gzip stream,
+ nor does it look for the end of the gzip streams to begin appending. gzopen
+ will simply append a gzip stream to the existing file.
+
+ gzopen can be used to read a file which is not in gzip format; in this
+ case gzread will directly read from the file without decompression. When
+ reading, this will be detected automatically by looking for the magic two-
+ byte gzip header.
+
+ gzopen returns NULL if the file could not be opened, if there was
+ insufficient memory to allocate the gzFile state, or if an invalid mode was
+ specified (an 'r', 'w', or 'a' was not provided, or '+' was provided).
+ errno can be checked to determine if the reason gzopen failed was that the
+ file could not be opened.
+*/
+
+ZEXTERN gzFile ZEXPORT gzdopen OF((int fd, const char *mode));
+/*
+ gzdopen associates a gzFile with the file descriptor fd. File descriptors
+ are obtained from calls like open, dup, creat, pipe or fileno (if the file
+ has been previously opened with fopen). The mode parameter is as in gzopen.
+
+ The next call of gzclose on the returned gzFile will also close the file
+ descriptor fd, just like fclose(fdopen(fd, mode)) closes the file descriptor
+ fd. If you want to keep fd open, use fd = dup(fd_keep); gz = gzdopen(fd,
+ mode);. The duplicated descriptor should be saved to avoid a leak, since
+ gzdopen does not close fd if it fails. If you are using fileno() to get the
+ file descriptor from a FILE *, then you will have to use dup() to avoid
+ double-close()ing the file descriptor. Both gzclose() and fclose() will
+ close the associated file descriptor, so they need to have different file
+ descriptors.
+
+ gzdopen returns NULL if there was insufficient memory to allocate the
+ gzFile state, if an invalid mode was specified (an 'r', 'w', or 'a' was not
+ provided, or '+' was provided), or if fd is -1. The file descriptor is not
+ used until the next gz* read, write, seek, or close operation, so gzdopen
+ will not detect if fd is invalid (unless fd is -1).
+*/
+
+ZEXTERN int ZEXPORT gzbuffer OF((gzFile file, unsigned size));
+/*
+ Set the internal buffer size used by this library's functions. The
+ default buffer size is 8192 bytes. This function must be called after
+ gzopen() or gzdopen(), and before any other calls that read or write the
+ file. The buffer memory allocation is always deferred to the first read or
+ write. Two buffers are allocated, either both of the specified size when
+ writing, or one of the specified size and the other twice that size when
+ reading. A larger buffer size of, for example, 64K or 128K bytes will
+ noticeably increase the speed of decompression (reading).
+
+ The new buffer size also affects the maximum length for gzprintf().
+
+ gzbuffer() returns 0 on success, or -1 on failure, such as being called
+ too late.
+*/
+
+ZEXTERN int ZEXPORT gzsetparams OF((gzFile file, int level, int strategy));
+/*
+ Dynamically update the compression level or strategy. See the description
+ of deflateInit2 for the meaning of these parameters.
+
+ gzsetparams returns Z_OK if success, or Z_STREAM_ERROR if the file was not
+ opened for writing.
+*/
+
+ZEXTERN int ZEXPORT gzread OF((gzFile file, voidp buf, unsigned len));
+/*
+ Reads the given number of uncompressed bytes from the compressed file. If
+ the input file is not in gzip format, gzread copies the given number of
+ bytes into the buffer directly from the file.
+
+ After reaching the end of a gzip stream in the input, gzread will continue
+ to read, looking for another gzip stream. Any number of gzip streams may be
+ concatenated in the input file, and will all be decompressed by gzread().
+ If something other than a gzip stream is encountered after a gzip stream,
+ that remaining trailing garbage is ignored (and no error is returned).
+
+ gzread can be used to read a gzip file that is being concurrently written.
+ Upon reaching the end of the input, gzread will return with the available
+ data. If the error code returned by gzerror is Z_OK or Z_BUF_ERROR, then
+ gzclearerr can be used to clear the end of file indicator in order to permit
+ gzread to be tried again. Z_OK indicates that a gzip stream was completed
+ on the last gzread. Z_BUF_ERROR indicates that the input file ended in the
+ middle of a gzip stream. Note that gzread does not return -1 in the event
+ of an incomplete gzip stream. This error is deferred until gzclose(), which
+ will return Z_BUF_ERROR if the last gzread ended in the middle of a gzip
+ stream. Alternatively, gzerror can be used before gzclose to detect this
+ case.
+
+ gzread returns the number of uncompressed bytes actually read, less than
+ len for end of file, or -1 for error.
+*/
+
+ZEXTERN int ZEXPORT gzwrite OF((gzFile file,
+ voidpc buf, unsigned len));
+/*
+ Writes the given number of uncompressed bytes into the compressed file.
+ gzwrite returns the number of uncompressed bytes written or 0 in case of
+ error.
+*/
+
+ZEXTERN int ZEXPORTVA gzprintf Z_ARG((gzFile file, const char *format, ...));
+/*
+ Converts, formats, and writes the arguments to the compressed file under
+ control of the format string, as in fprintf. gzprintf returns the number of
+ uncompressed bytes actually written, or 0 in case of error. The number of
+ uncompressed bytes written is limited to 8191, or one less than the buffer
+ size given to gzbuffer(). The caller should assure that this limit is not
+ exceeded. If it is exceeded, then gzprintf() will return an error (0) with
+ nothing written. In this case, there may also be a buffer overflow with
+ unpredictable consequences, which is possible only if zlib was compiled with
+ the insecure functions sprintf() or vsprintf() because the secure snprintf()
+ or vsnprintf() functions were not available. This can be determined using
+ zlibCompileFlags().
+*/
+
+ZEXTERN int ZEXPORT gzputs OF((gzFile file, const char *s));
+/*
+ Writes the given null-terminated string to the compressed file, excluding
+ the terminating null character.
+
+ gzputs returns the number of characters written, or -1 in case of error.
+*/
+
+ZEXTERN char * ZEXPORT gzgets OF((gzFile file, char *buf, int len));
+/*
+ Reads bytes from the compressed file until len-1 characters are read, or a
+ newline character is read and transferred to buf, or an end-of-file
+ condition is encountered. If any characters are read or if len == 1, the
+ string is terminated with a null character. If no characters are read due
+ to an end-of-file or len < 1, then the buffer is left untouched.
+
+ gzgets returns buf which is a null-terminated string, or it returns NULL
+ for end-of-file or in case of error. If there was an error, the contents at
+ buf are indeterminate.
+*/
+
+ZEXTERN int ZEXPORT gzputc OF((gzFile file, int c));
+/*
+ Writes c, converted to an unsigned char, into the compressed file. gzputc
+ returns the value that was written, or -1 in case of error.
+*/
+
+ZEXTERN int ZEXPORT gzgetc OF((gzFile file));
+/*
+ Reads one byte from the compressed file. gzgetc returns this byte or -1
+ in case of end of file or error. This is implemented as a macro for speed.
+ As such, it does not do all of the checking the other functions do. I.e.
+ it does not check to see if file is NULL, nor whether the structure file
+ points to has been clobbered or not.
+*/
+
+ZEXTERN int ZEXPORT gzungetc OF((int c, gzFile file));
+/*
+ Push one character back onto the stream to be read as the first character
+ on the next read. At least one character of push-back is allowed.
+ gzungetc() returns the character pushed, or -1 on failure. gzungetc() will
+ fail if c is -1, and may fail if a character has been pushed but not read
+ yet. If gzungetc is used immediately after gzopen or gzdopen, at least the
+ output buffer size of pushed characters is allowed. (See gzbuffer above.)
+ The pushed character will be discarded if the stream is repositioned with
+ gzseek() or gzrewind().
+*/
+
+ZEXTERN int ZEXPORT gzflush OF((gzFile file, int flush));
+/*
+ Flushes all pending output into the compressed file. The parameter flush
+ is as in the deflate() function. The return value is the zlib error number
+ (see function gzerror below). gzflush is only permitted when writing.
+
+ If the flush parameter is Z_FINISH, the remaining data is written and the
+ gzip stream is completed in the output. If gzwrite() is called again, a new
+ gzip stream will be started in the output. gzread() is able to read such
+ concatented gzip streams.
+
+ gzflush should be called only when strictly necessary because it will
+ degrade compression if called too often.
+*/
+
+/*
+ZEXTERN z_off_t ZEXPORT gzseek OF((gzFile file,
+ z_off_t offset, int whence));
+
+ Sets the starting position for the next gzread or gzwrite on the given
+ compressed file. The offset represents a number of bytes in the
+ uncompressed data stream. The whence parameter is defined as in lseek(2);
+ the value SEEK_END is not supported.
+
+ If the file is opened for reading, this function is emulated but can be
+ extremely slow. If the file is opened for writing, only forward seeks are
+ supported; gzseek then compresses a sequence of zeroes up to the new
+ starting position.
+
+ gzseek returns the resulting offset location as measured in bytes from
+ the beginning of the uncompressed stream, or -1 in case of error, in
+ particular if the file is opened for writing and the new starting position
+ would be before the current position.
+*/
+
+ZEXTERN int ZEXPORT gzrewind OF((gzFile file));
+/*
+ Rewinds the given file. This function is supported only for reading.
+
+ gzrewind(file) is equivalent to (int)gzseek(file, 0L, SEEK_SET)
+*/
+
+/*
+ZEXTERN z_off_t ZEXPORT gztell OF((gzFile file));
+
+ Returns the starting position for the next gzread or gzwrite on the given
+ compressed file. This position represents a number of bytes in the
+ uncompressed data stream, and is zero when starting, even if appending or
+ reading a gzip stream from the middle of a file using gzdopen().
+
+ gztell(file) is equivalent to gzseek(file, 0L, SEEK_CUR)
+*/
+
+/*
+ZEXTERN z_off_t ZEXPORT gzoffset OF((gzFile file));
+
+ Returns the current offset in the file being read or written. This offset
+ includes the count of bytes that precede the gzip stream, for example when
+ appending or when using gzdopen() for reading. When reading, the offset
+ does not include as yet unused buffered input. This information can be used
+ for a progress indicator. On error, gzoffset() returns -1.
+*/
+
+ZEXTERN int ZEXPORT gzeof OF((gzFile file));
+/*
+ Returns true (1) if the end-of-file indicator has been set while reading,
+ false (0) otherwise. Note that the end-of-file indicator is set only if the
+ read tried to go past the end of the input, but came up short. Therefore,
+ just like feof(), gzeof() may return false even if there is no more data to
+ read, in the event that the last read request was for the exact number of
+ bytes remaining in the input file. This will happen if the input file size
+ is an exact multiple of the buffer size.
+
+ If gzeof() returns true, then the read functions will return no more data,
+ unless the end-of-file indicator is reset by gzclearerr() and the input file
+ has grown since the previous end of file was detected.
+*/
+
+ZEXTERN int ZEXPORT gzdirect OF((gzFile file));
+/*
+ Returns true (1) if file is being copied directly while reading, or false
+ (0) if file is a gzip stream being decompressed.
+
+ If the input file is empty, gzdirect() will return true, since the input
+ does not contain a gzip stream.
+
+ If gzdirect() is used immediately after gzopen() or gzdopen() it will
+ cause buffers to be allocated to allow reading the file to determine if it
+ is a gzip file. Therefore if gzbuffer() is used, it should be called before
+ gzdirect().
+
+ When writing, gzdirect() returns true (1) if transparent writing was
+ requested ("wT" for the gzopen() mode), or false (0) otherwise. (Note:
+ gzdirect() is not needed when writing. Transparent writing must be
+ explicitly requested, so the application already knows the answer. When
+ linking statically, using gzdirect() will include all of the zlib code for
+ gzip file reading and decompression, which may not be desired.)
+*/
+
+ZEXTERN int ZEXPORT gzclose OF((gzFile file));
+/*
+ Flushes all pending output if necessary, closes the compressed file and
+ deallocates the (de)compression state. Note that once file is closed, you
+ cannot call gzerror with file, since its structures have been deallocated.
+ gzclose must not be called more than once on the same file, just as free
+ must not be called more than once on the same allocation.
+
+ gzclose will return Z_STREAM_ERROR if file is not valid, Z_ERRNO on a
+ file operation error, Z_MEM_ERROR if out of memory, Z_BUF_ERROR if the
+ last read ended in the middle of a gzip stream, or Z_OK on success.
+*/
+
+ZEXTERN int ZEXPORT gzclose_r OF((gzFile file));
+ZEXTERN int ZEXPORT gzclose_w OF((gzFile file));
+/*
+ Same as gzclose(), but gzclose_r() is only for use when reading, and
+ gzclose_w() is only for use when writing or appending. The advantage to
+ using these instead of gzclose() is that they avoid linking in zlib
+ compression or decompression code that is not used when only reading or only
+ writing respectively. If gzclose() is used, then both compression and
+ decompression code will be included the application when linking to a static
+ zlib library.
+*/
+
+ZEXTERN const char * ZEXPORT gzerror OF((gzFile file, int *errnum));
+/*
+ Returns the error message for the last error which occurred on the given
+ compressed file. errnum is set to zlib error number. If an error occurred
+ in the file system and not in the compression library, errnum is set to
+ Z_ERRNO and the application may consult errno to get the exact error code.
+
+ The application must not modify the returned string. Future calls to
+ this function may invalidate the previously returned string. If file is
+ closed, then the string previously returned by gzerror will no longer be
+ available.
+
+ gzerror() should be used to distinguish errors from end-of-file for those
+ functions above that do not distinguish those cases in their return values.
+*/
+
+ZEXTERN void ZEXPORT gzclearerr OF((gzFile file));
+/*
+ Clears the error and end-of-file flags for file. This is analogous to the
+ clearerr() function in stdio. This is useful for continuing to read a gzip
+ file that is being written concurrently.
+*/
+
+#endif /* !Z_SOLO */
+
+ /* checksum functions */
+
+/*
+ These functions are not related to compression but are exported
+ anyway because they might be useful in applications using the compression
+ library.
+*/
+
+ZEXTERN uLong ZEXPORT adler32 OF((uLong adler, const Bytef *buf, uInt len));
+/*
+ Update a running Adler-32 checksum with the bytes buf[0..len-1] and
+ return the updated checksum. If buf is Z_NULL, this function returns the
+ required initial value for the checksum.
+
+ An Adler-32 checksum is almost as reliable as a CRC32 but can be computed
+ much faster.
+
+ Usage example:
+
+ uLong adler = adler32(0L, Z_NULL, 0);
+
+ while (read_buffer(buffer, length) != EOF) {
+ adler = adler32(adler, buffer, length);
+ }
+ if (adler != original_adler) error();
+*/
+
+/*
+ZEXTERN uLong ZEXPORT adler32_combine OF((uLong adler1, uLong adler2,
+ z_off_t len2));
+
+ Combine two Adler-32 checksums into one. For two sequences of bytes, seq1
+ and seq2 with lengths len1 and len2, Adler-32 checksums were calculated for
+ each, adler1 and adler2. adler32_combine() returns the Adler-32 checksum of
+ seq1 and seq2 concatenated, requiring only adler1, adler2, and len2. Note
+ that the z_off_t type (like off_t) is a signed integer. If len2 is
+ negative, the result has no meaning or utility.
+*/
+
+ZEXTERN uLong ZEXPORT crc32 OF((uLong crc, const Bytef *buf, uInt len));
+/*
+ Update a running CRC-32 with the bytes buf[0..len-1] and return the
+ updated CRC-32. If buf is Z_NULL, this function returns the required
+ initial value for the crc. Pre- and post-conditioning (one's complement) is
+ performed within this function so it shouldn't be done by the application.
+
+ Usage example:
+
+ uLong crc = crc32(0L, Z_NULL, 0);
+
+ while (read_buffer(buffer, length) != EOF) {
+ crc = crc32(crc, buffer, length);
+ }
+ if (crc != original_crc) error();
+*/
+
+/*
+ZEXTERN uLong ZEXPORT crc32_combine OF((uLong crc1, uLong crc2, z_off_t len2));
+
+ Combine two CRC-32 check values into one. For two sequences of bytes,
+ seq1 and seq2 with lengths len1 and len2, CRC-32 check values were
+ calculated for each, crc1 and crc2. crc32_combine() returns the CRC-32
+ check value of seq1 and seq2 concatenated, requiring only crc1, crc2, and
+ len2.
+*/
+
+
+ /* various hacks, don't look :) */
+
+/* deflateInit and inflateInit are macros to allow checking the zlib version
+ * and the compiler's view of z_stream:
+ */
+ZEXTERN int ZEXPORT deflateInit_ OF((z_streamp strm, int level,
+ const char *version, int stream_size));
+ZEXTERN int ZEXPORT inflateInit_ OF((z_streamp strm,
+ const char *version, int stream_size));
+ZEXTERN int ZEXPORT deflateInit2_ OF((z_streamp strm, int level, int method,
+ int windowBits, int memLevel,
+ int strategy, const char *version,
+ int stream_size));
+ZEXTERN int ZEXPORT inflateInit2_ OF((z_streamp strm, int windowBits,
+ const char *version, int stream_size));
+ZEXTERN int ZEXPORT inflateBackInit_ OF((z_streamp strm, int windowBits,
+ unsigned char FAR *window,
+ const char *version,
+ int stream_size));
+#define deflateInit(strm, level) \
+ deflateInit_((strm), (level), ZLIB_VERSION, (int)sizeof(z_stream))
+#define inflateInit(strm) \
+ inflateInit_((strm), ZLIB_VERSION, (int)sizeof(z_stream))
+#define deflateInit2(strm, level, method, windowBits, memLevel, strategy) \
+ deflateInit2_((strm),(level),(method),(windowBits),(memLevel),\
+ (strategy), ZLIB_VERSION, (int)sizeof(z_stream))
+#define inflateInit2(strm, windowBits) \
+ inflateInit2_((strm), (windowBits), ZLIB_VERSION, \
+ (int)sizeof(z_stream))
+#define inflateBackInit(strm, windowBits, window) \
+ inflateBackInit_((strm), (windowBits), (window), \
+ ZLIB_VERSION, (int)sizeof(z_stream))
+
+#ifndef Z_SOLO
+
+/* gzgetc() macro and its supporting function and exposed data structure. Note
+ * that the real internal state is much larger than the exposed structure.
+ * This abbreviated structure exposes just enough for the gzgetc() macro. The
+ * user should not mess with these exposed elements, since their names or
+ * behavior could change in the future, perhaps even capriciously. They can
+ * only be used by the gzgetc() macro. You have been warned.
+ */
+struct gzFile_s {
+ unsigned have;
+ unsigned char *next;
+ z_off64_t pos;
+};
+ZEXTERN int ZEXPORT gzgetc_ OF((gzFile file)); /* backward compatibility */
+#ifdef Z_PREFIX_SET
+# undef z_gzgetc
+# define z_gzgetc(g) \
+ ((g)->have ? ((g)->have--, (g)->pos++, *((g)->next)++) : gzgetc(g))
+#else
+# define gzgetc(g) \
+ ((g)->have ? ((g)->have--, (g)->pos++, *((g)->next)++) : gzgetc(g))
+#endif
+
+/* provide 64-bit offset functions if _LARGEFILE64_SOURCE defined, and/or
+ * change the regular functions to 64 bits if _FILE_OFFSET_BITS is 64 (if
+ * both are true, the application gets the *64 functions, and the regular
+ * functions are changed to 64 bits) -- in case these are set on systems
+ * without large file support, _LFS64_LARGEFILE must also be true
+ */
+#ifdef Z_LARGE64
+ ZEXTERN gzFile ZEXPORT gzopen64 OF((const char *, const char *));
+ ZEXTERN z_off64_t ZEXPORT gzseek64 OF((gzFile, z_off64_t, int));
+ ZEXTERN z_off64_t ZEXPORT gztell64 OF((gzFile));
+ ZEXTERN z_off64_t ZEXPORT gzoffset64 OF((gzFile));
+ ZEXTERN uLong ZEXPORT adler32_combine64 OF((uLong, uLong, z_off64_t));
+ ZEXTERN uLong ZEXPORT crc32_combine64 OF((uLong, uLong, z_off64_t));
+#endif
+
+#if !defined(ZLIB_INTERNAL) && defined(Z_WANT64)
+# ifdef Z_PREFIX_SET
+# define z_gzopen z_gzopen64
+# define z_gzseek z_gzseek64
+# define z_gztell z_gztell64
+# define z_gzoffset z_gzoffset64
+# define z_adler32_combine z_adler32_combine64
+# define z_crc32_combine z_crc32_combine64
+# else
+# define gzopen gzopen64
+# define gzseek gzseek64
+# define gztell gztell64
+# define gzoffset gzoffset64
+# define adler32_combine adler32_combine64
+# define crc32_combine crc32_combine64
+# endif
+# ifndef Z_LARGE64
+ ZEXTERN gzFile ZEXPORT gzopen64 OF((const char *, const char *));
+ ZEXTERN z_off_t ZEXPORT gzseek64 OF((gzFile, z_off_t, int));
+ ZEXTERN z_off_t ZEXPORT gztell64 OF((gzFile));
+ ZEXTERN z_off_t ZEXPORT gzoffset64 OF((gzFile));
+ ZEXTERN uLong ZEXPORT adler32_combine64 OF((uLong, uLong, z_off_t));
+ ZEXTERN uLong ZEXPORT crc32_combine64 OF((uLong, uLong, z_off_t));
+# endif
+#else
+ ZEXTERN gzFile ZEXPORT gzopen OF((const char *, const char *));
+ ZEXTERN z_off_t ZEXPORT gzseek OF((gzFile, z_off_t, int));
+ ZEXTERN z_off_t ZEXPORT gztell OF((gzFile));
+ ZEXTERN z_off_t ZEXPORT gzoffset OF((gzFile));
+ ZEXTERN uLong ZEXPORT adler32_combine OF((uLong, uLong, z_off_t));
+ ZEXTERN uLong ZEXPORT crc32_combine OF((uLong, uLong, z_off_t));
+#endif
+
+#else /* Z_SOLO */
+
+ ZEXTERN uLong ZEXPORT adler32_combine OF((uLong, uLong, z_off_t));
+ ZEXTERN uLong ZEXPORT crc32_combine OF((uLong, uLong, z_off_t));
+
+#endif /* !Z_SOLO */
+
+/* hack for buggy compilers */
+#if !defined(ZUTIL_H) && !defined(NO_DUMMY_DECL)
+ struct internal_state {int dummy;};
+#endif
+
+/* undocumented functions */
+ZEXTERN const char * ZEXPORT zError OF((int));
+ZEXTERN int ZEXPORT inflateSyncPoint OF((z_streamp));
+ZEXTERN const z_crc_t FAR * ZEXPORT get_crc_table OF((void));
+ZEXTERN int ZEXPORT inflateUndermine OF((z_streamp, int));
+ZEXTERN int ZEXPORT inflateResetKeep OF((z_streamp));
+ZEXTERN int ZEXPORT deflateResetKeep OF((z_streamp));
+#if defined(_WIN32) && !defined(Z_SOLO)
+ZEXTERN gzFile ZEXPORT gzopen_w OF((const wchar_t *path,
+ const char *mode));
+#endif
+#if defined(STDC) || defined(Z_HAVE_STDARG_H)
+# ifndef Z_SOLO
+ZEXTERN int ZEXPORTVA gzvprintf Z_ARG((gzFile file,
+ const char *format,
+ va_list va));
+# endif
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* ZLIB_H */
--- /dev/null
+/* zutil.c -- target dependent utility functions for the compression library
+ * Copyright (C) 1995-2005, 2010, 2011, 2012 Jean-loup Gailly.
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* @(#) $Id$ */
+
+#include "zutil.h"
+#ifndef Z_SOLO
+# include "gzguts.h"
+#endif
+
+#ifndef NO_DUMMY_DECL
+struct internal_state {int dummy;}; /* for buggy compilers */
+#endif
+
+z_const char * const z_errmsg[10] = {
+"need dictionary", /* Z_NEED_DICT 2 */
+"stream end", /* Z_STREAM_END 1 */
+"", /* Z_OK 0 */
+"file error", /* Z_ERRNO (-1) */
+"stream error", /* Z_STREAM_ERROR (-2) */
+"data error", /* Z_DATA_ERROR (-3) */
+"insufficient memory", /* Z_MEM_ERROR (-4) */
+"buffer error", /* Z_BUF_ERROR (-5) */
+"incompatible version",/* Z_VERSION_ERROR (-6) */
+""};
+
+
+const char * ZEXPORT zlibVersion()
+{
+ return ZLIB_VERSION;
+}
+
+uLong ZEXPORT zlibCompileFlags()
+{
+ uLong flags;
+
+ flags = 0;
+ switch ((int)(sizeof(uInt))) {
+ case 2: break;
+ case 4: flags += 1; break;
+ case 8: flags += 2; break;
+ default: flags += 3;
+ }
+ switch ((int)(sizeof(uLong))) {
+ case 2: break;
+ case 4: flags += 1 << 2; break;
+ case 8: flags += 2 << 2; break;
+ default: flags += 3 << 2;
+ }
+ switch ((int)(sizeof(voidpf))) {
+ case 2: break;
+ case 4: flags += 1 << 4; break;
+ case 8: flags += 2 << 4; break;
+ default: flags += 3 << 4;
+ }
+ switch ((int)(sizeof(z_off_t))) {
+ case 2: break;
+ case 4: flags += 1 << 6; break;
+ case 8: flags += 2 << 6; break;
+ default: flags += 3 << 6;
+ }
+#ifdef DEBUG
+ flags += 1 << 8;
+#endif
+#if defined(ASMV) || defined(ASMINF)
+ flags += 1 << 9;
+#endif
+#ifdef ZLIB_WINAPI
+ flags += 1 << 10;
+#endif
+#ifdef BUILDFIXED
+ flags += 1 << 12;
+#endif
+#ifdef DYNAMIC_CRC_TABLE
+ flags += 1 << 13;
+#endif
+#ifdef NO_GZCOMPRESS
+ flags += 1L << 16;
+#endif
+#ifdef NO_GZIP
+ flags += 1L << 17;
+#endif
+#ifdef PKZIP_BUG_WORKAROUND
+ flags += 1L << 20;
+#endif
+#ifdef FASTEST
+ flags += 1L << 21;
+#endif
+#if defined(STDC) || defined(Z_HAVE_STDARG_H)
+# ifdef NO_vsnprintf
+ flags += 1L << 25;
+# ifdef HAS_vsprintf_void
+ flags += 1L << 26;
+# endif
+# else
+# ifdef HAS_vsnprintf_void
+ flags += 1L << 26;
+# endif
+# endif
+#else
+ flags += 1L << 24;
+# ifdef NO_snprintf
+ flags += 1L << 25;
+# ifdef HAS_sprintf_void
+ flags += 1L << 26;
+# endif
+# else
+# ifdef HAS_snprintf_void
+ flags += 1L << 26;
+# endif
+# endif
+#endif
+ return flags;
+}
+
+#ifdef DEBUG
+
+# ifndef verbose
+# define verbose 0
+# endif
+int ZLIB_INTERNAL z_verbose = verbose;
+
+void ZLIB_INTERNAL z_error (m)
+ char *m;
+{
+ fprintf(stderr, "%s\n", m);
+ exit(1);
+}
+#endif
+
+/* exported to allow conversion of error code to string for compress() and
+ * uncompress()
+ */
+const char * ZEXPORT zError(err)
+ int err;
+{
+ return ERR_MSG(err);
+}
+
+#if defined(_WIN32_WCE)
+ /* The Microsoft C Run-Time Library for Windows CE doesn't have
+ * errno. We define it as a global variable to simplify porting.
+ * Its value is always 0 and should not be used.
+ */
+ int errno = 0;
+#endif
+
+#ifndef HAVE_MEMCPY
+
+void ZLIB_INTERNAL zmemcpy(dest, source, len)
+ Bytef* dest;
+ const Bytef* source;
+ uInt len;
+{
+ if (len == 0) return;
+ do {
+ *dest++ = *source++; /* ??? to be unrolled */
+ } while (--len != 0);
+}
+
+int ZLIB_INTERNAL zmemcmp(s1, s2, len)
+ const Bytef* s1;
+ const Bytef* s2;
+ uInt len;
+{
+ uInt j;
+
+ for (j = 0; j < len; j++) {
+ if (s1[j] != s2[j]) return 2*(s1[j] > s2[j])-1;
+ }
+ return 0;
+}
+
+void ZLIB_INTERNAL zmemzero(dest, len)
+ Bytef* dest;
+ uInt len;
+{
+ if (len == 0) return;
+ do {
+ *dest++ = 0; /* ??? to be unrolled */
+ } while (--len != 0);
+}
+#endif
+
+#ifndef Z_SOLO
+
+#ifdef SYS16BIT
+
+#ifdef __TURBOC__
+/* Turbo C in 16-bit mode */
+
+# define MY_ZCALLOC
+
+/* Turbo C malloc() does not allow dynamic allocation of 64K bytes
+ * and farmalloc(64K) returns a pointer with an offset of 8, so we
+ * must fix the pointer. Warning: the pointer must be put back to its
+ * original form in order to free it, use zcfree().
+ */
+
+#define MAX_PTR 10
+/* 10*64K = 640K */
+
+local int next_ptr = 0;
+
+typedef struct ptr_table_s {
+ voidpf org_ptr;
+ voidpf new_ptr;
+} ptr_table;
+
+local ptr_table table[MAX_PTR];
+/* This table is used to remember the original form of pointers
+ * to large buffers (64K). Such pointers are normalized with a zero offset.
+ * Since MSDOS is not a preemptive multitasking OS, this table is not
+ * protected from concurrent access. This hack doesn't work anyway on
+ * a protected system like OS/2. Use Microsoft C instead.
+ */
+
+voidpf ZLIB_INTERNAL zcalloc (voidpf opaque, unsigned items, unsigned size)
+{
+ voidpf buf = opaque; /* just to make some compilers happy */
+ ulg bsize = (ulg)items*size;
+
+ /* If we allocate less than 65520 bytes, we assume that farmalloc
+ * will return a usable pointer which doesn't have to be normalized.
+ */
+ if (bsize < 65520L) {
+ buf = farmalloc(bsize);
+ if (*(ush*)&buf != 0) return buf;
+ } else {
+ buf = farmalloc(bsize + 16L);
+ }
+ if (buf == NULL || next_ptr >= MAX_PTR) return NULL;
+ table[next_ptr].org_ptr = buf;
+
+ /* Normalize the pointer to seg:0 */
+ *((ush*)&buf+1) += ((ush)((uch*)buf-0) + 15) >> 4;
+ *(ush*)&buf = 0;
+ table[next_ptr++].new_ptr = buf;
+ return buf;
+}
+
+void ZLIB_INTERNAL zcfree (voidpf opaque, voidpf ptr)
+{
+ int n;
+ if (*(ush*)&ptr != 0) { /* object < 64K */
+ farfree(ptr);
+ return;
+ }
+ /* Find the original pointer */
+ for (n = 0; n < next_ptr; n++) {
+ if (ptr != table[n].new_ptr) continue;
+
+ farfree(table[n].org_ptr);
+ while (++n < next_ptr) {
+ table[n-1] = table[n];
+ }
+ next_ptr--;
+ return;
+ }
+ ptr = opaque; /* just to make some compilers happy */
+ Assert(0, "zcfree: ptr not found");
+}
+
+#endif /* __TURBOC__ */
+
+
+#ifdef M_I86
+/* Microsoft C in 16-bit mode */
+
+# define MY_ZCALLOC
+
+#if (!defined(_MSC_VER) || (_MSC_VER <= 600))
+# define _halloc halloc
+# define _hfree hfree
+#endif
+
+voidpf ZLIB_INTERNAL zcalloc (voidpf opaque, uInt items, uInt size)
+{
+ if (opaque) opaque = 0; /* to make compiler happy */
+ return _halloc((long)items, size);
+}
+
+void ZLIB_INTERNAL zcfree (voidpf opaque, voidpf ptr)
+{
+ if (opaque) opaque = 0; /* to make compiler happy */
+ _hfree(ptr);
+}
+
+#endif /* M_I86 */
+
+#endif /* SYS16BIT */
+
+
+#ifndef MY_ZCALLOC /* Any system without a special alloc function */
+
+#ifndef STDC
+extern voidp malloc OF((uInt size));
+extern voidp calloc OF((uInt items, uInt size));
+extern void free OF((voidpf ptr));
+#endif
+
+voidpf ZLIB_INTERNAL zcalloc (opaque, items, size)
+ voidpf opaque;
+ unsigned items;
+ unsigned size;
+{
+ if (opaque) items += size - size; /* make compiler happy */
+ return sizeof(uInt) > 2 ? (voidpf)malloc(items * size) :
+ (voidpf)calloc(items, size);
+}
+
+void ZLIB_INTERNAL zcfree (opaque, ptr)
+ voidpf opaque;
+ voidpf ptr;
+{
+ free(ptr);
+ if (opaque) return; /* make compiler happy */
+}
+
+#endif /* MY_ZCALLOC */
+
+#endif /* !Z_SOLO */
--- /dev/null
+/* zutil.h -- internal interface and configuration of the compression library
+ * Copyright (C) 1995-2013 Jean-loup Gailly.
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */
+
+/* WARNING: this file should *not* be used by applications. It is
+ part of the implementation of the compression library and is
+ subject to change. Applications should only use zlib.h.
+ */
+
+/* @(#) $Id$ */
+
+#ifndef ZUTIL_H
+#define ZUTIL_H
+
+#ifdef HAVE_HIDDEN
+# define ZLIB_INTERNAL __attribute__((visibility ("hidden")))
+#else
+# define ZLIB_INTERNAL
+#endif
+
+#include "zlib.h"
+
+#if defined(STDC) && !defined(Z_SOLO)
+# if !(defined(_WIN32_WCE) && defined(_MSC_VER))
+# include <stddef.h>
+# endif
+# include <string.h>
+# include <stdlib.h>
+#endif
+
+#ifdef Z_SOLO
+ typedef long ptrdiff_t; /* guess -- will be caught if guess is wrong */
+#endif
+
+#ifndef local
+# define local static
+#endif
+/* compile with -Dlocal if your debugger can't find static symbols */
+
+typedef unsigned char uch;
+typedef uch FAR uchf;
+typedef unsigned short ush;
+typedef ush FAR ushf;
+typedef unsigned long ulg;
+
+extern z_const char * const z_errmsg[10]; /* indexed by 2-zlib_error */
+/* (size given to avoid silly warnings with Visual C++) */
+
+#define ERR_MSG(err) z_errmsg[Z_NEED_DICT-(err)]
+
+#define ERR_RETURN(strm,err) \
+ return (strm->msg = ERR_MSG(err), (err))
+/* To be used only when the state is known to be valid */
+
+ /* common constants */
+
+#ifndef DEF_WBITS
+# define DEF_WBITS MAX_WBITS
+#endif
+/* default windowBits for decompression. MAX_WBITS is for compression only */
+
+#if MAX_MEM_LEVEL >= 8
+# define DEF_MEM_LEVEL 8
+#else
+# define DEF_MEM_LEVEL MAX_MEM_LEVEL
+#endif
+/* default memLevel */
+
+#define STORED_BLOCK 0
+#define STATIC_TREES 1
+#define DYN_TREES 2
+/* The three kinds of block type */
+
+#define MIN_MATCH 3
+#define MAX_MATCH 258
+/* The minimum and maximum match lengths */
+
+#define PRESET_DICT 0x20 /* preset dictionary flag in zlib header */
+
+ /* target dependencies */
+
+#if defined(MSDOS) || (defined(WINDOWS) && !defined(WIN32))
+# define OS_CODE 0x00
+# ifndef Z_SOLO
+# if defined(__TURBOC__) || defined(__BORLANDC__)
+# if (__STDC__ == 1) && (defined(__LARGE__) || defined(__COMPACT__))
+ /* Allow compilation with ANSI keywords only enabled */
+ void _Cdecl farfree( void *block );
+ void *_Cdecl farmalloc( unsigned long nbytes );
+# else
+# include <alloc.h>
+# endif
+# else /* MSC or DJGPP */
+# include <malloc.h>
+# endif
+# endif
+#endif
+
+#ifdef AMIGA
+# define OS_CODE 0x01
+#endif
+
+#if defined(VAXC) || defined(VMS)
+# define OS_CODE 0x02
+# define F_OPEN(name, mode) \
+ fopen((name), (mode), "mbc=60", "ctx=stm", "rfm=fix", "mrs=512")
+#endif
+
+#if defined(ATARI) || defined(atarist)
+# define OS_CODE 0x05
+#endif
+
+#ifdef OS2
+# define OS_CODE 0x06
+# if defined(M_I86) && !defined(Z_SOLO)
+# include <malloc.h>
+# endif
+#endif
+
+#if defined(MACOS) || defined(TARGET_OS_MAC)
+# define OS_CODE 0x07
+# ifndef Z_SOLO
+# if defined(__MWERKS__) && __dest_os != __be_os && __dest_os != __win32_os
+# include <unix.h> /* for fdopen */
+# else
+# ifndef fdopen
+# define fdopen(fd,mode) NULL /* No fdopen() */
+# endif
+# endif
+# endif
+#endif
+
+#ifdef TOPS20
+# define OS_CODE 0x0a
+#endif
+
+#ifdef WIN32
+# ifndef __CYGWIN__ /* Cygwin is Unix, not Win32 */
+# define OS_CODE 0x0b
+# endif
+#endif
+
+#ifdef __50SERIES /* Prime/PRIMOS */
+# define OS_CODE 0x0f
+#endif
+
+#if defined(_BEOS_) || defined(RISCOS)
+# define fdopen(fd,mode) NULL /* No fdopen() */
+#endif
+
+#if (defined(_MSC_VER) && (_MSC_VER > 600)) && !defined __INTERIX
+# if defined(_WIN32_WCE)
+# define fdopen(fd,mode) NULL /* No fdopen() */
+# ifndef _PTRDIFF_T_DEFINED
+ typedef int ptrdiff_t;
+# define _PTRDIFF_T_DEFINED
+# endif
+# else
+# define fdopen(fd,type) _fdopen(fd,type)
+# endif
+#endif
+
+#if defined(__BORLANDC__) && !defined(MSDOS)
+ #pragma warn -8004
+ #pragma warn -8008
+ #pragma warn -8066
+#endif
+
+/* provide prototypes for these when building zlib without LFS */
+#if !defined(_WIN32) && \
+ (!defined(_LARGEFILE64_SOURCE) || _LFS64_LARGEFILE-0 == 0)
+ ZEXTERN uLong ZEXPORT adler32_combine64 OF((uLong, uLong, z_off_t));
+ ZEXTERN uLong ZEXPORT crc32_combine64 OF((uLong, uLong, z_off_t));
+#endif
+
+ /* common defaults */
+
+#ifndef OS_CODE
+# define OS_CODE 0x03 /* assume Unix */
+#endif
+
+#ifndef F_OPEN
+# define F_OPEN(name, mode) fopen((name), (mode))
+#endif
+
+ /* functions */
+
+#if defined(pyr) || defined(Z_SOLO)
+# define NO_MEMCPY
+#endif
+#if defined(SMALL_MEDIUM) && !defined(_MSC_VER) && !defined(__SC__)
+ /* Use our own functions for small and medium model with MSC <= 5.0.
+ * You may have to use the same strategy for Borland C (untested).
+ * The __SC__ check is for Symantec.
+ */
+# define NO_MEMCPY
+#endif
+#if defined(STDC) && !defined(HAVE_MEMCPY) && !defined(NO_MEMCPY)
+# define HAVE_MEMCPY
+#endif
+#ifdef HAVE_MEMCPY
+# ifdef SMALL_MEDIUM /* MSDOS small or medium model */
+# define zmemcpy _fmemcpy
+# define zmemcmp _fmemcmp
+# define zmemzero(dest, len) _fmemset(dest, 0, len)
+# else
+# define zmemcpy memcpy
+# define zmemcmp memcmp
+# define zmemzero(dest, len) memset(dest, 0, len)
+# endif
+#else
+ void ZLIB_INTERNAL zmemcpy OF((Bytef* dest, const Bytef* source, uInt len));
+ int ZLIB_INTERNAL zmemcmp OF((const Bytef* s1, const Bytef* s2, uInt len));
+ void ZLIB_INTERNAL zmemzero OF((Bytef* dest, uInt len));
+#endif
+
+/* Diagnostic functions */
+#ifdef DEBUG
+# include <stdio.h>
+ extern int ZLIB_INTERNAL z_verbose;
+ extern void ZLIB_INTERNAL z_error OF((char *m));
+# define Assert(cond,msg) {if(!(cond)) z_error(msg);}
+# define Trace(x) {if (z_verbose>=0) fprintf x ;}
+# define Tracev(x) {if (z_verbose>0) fprintf x ;}
+# define Tracevv(x) {if (z_verbose>1) fprintf x ;}
+# define Tracec(c,x) {if (z_verbose>0 && (c)) fprintf x ;}
+# define Tracecv(c,x) {if (z_verbose>1 && (c)) fprintf x ;}
+#else
+# define Assert(cond,msg)
+# define Trace(x)
+# define Tracev(x)
+# define Tracevv(x)
+# define Tracec(c,x)
+# define Tracecv(c,x)
+#endif
+
+#ifndef Z_SOLO
+ voidpf ZLIB_INTERNAL zcalloc OF((voidpf opaque, unsigned items,
+ unsigned size));
+ void ZLIB_INTERNAL zcfree OF((voidpf opaque, voidpf ptr));
+#endif
+
+#define ZALLOC(strm, items, size) \
+ (*((strm)->zalloc))((strm)->opaque, (items), (size))
+#define ZFREE(strm, addr) (*((strm)->zfree))((strm)->opaque, (voidpf)(addr))
+#define TRY_FREE(s, p) {if (p) ZFREE(s, p);}
+
+/* Reverse the bytes in a 32-bit value */
+#define ZSWAP32(q) ((((q) >> 24) & 0xff) + (((q) >> 8) & 0xff00) + \
+ (((q) & 0xff00) << 8) + (((q) & 0xff) << 24))
+
+#endif /* ZUTIL_H */
projects / proxmark3-svn / commitdiff