From: iceman1001 Date: Wed, 3 Jun 2015 19:12:55 +0000 (+0200) Subject: ADD @pwpiwi 's fixes for "HF 14B" commands. X-Git-Url: http://cvs.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/commitdiff_plain/47286d89e442cd218bc40c5e7749703e94066c09?ds=sidebyside;hp=615f21dde29ed68c6b9dbb6c79c2a293751d777a ADD @pwpiwi 's fixes for "HF 14B" commands. --- diff --git a/armsrc/iso14443b.c b/armsrc/iso14443b.c index 8add8f9c..bc7a0038 100644 --- a/armsrc/iso14443b.c +++ b/armsrc/iso14443b.c @@ -158,7 +158,6 @@ static int Handle14443UartBit(int bit) { switch(Uart.state) { case STATE_UNSYNCD: - LED_A_OFF(); if(!bit) { // we went low, so this could be the beginning // of an SOF @@ -211,7 +210,6 @@ static int Handle14443UartBit(int bit) Uart.bitCnt = 0; Uart.shiftReg = 0; Uart.state = STATE_RECEIVING_DATA; - LED_A_ON(); // Indicate we're receiving } break; @@ -264,6 +262,7 @@ static int Handle14443UartBit(int bit) Uart.posCnt++; if(Uart.posCnt > 10) { Uart.state = STATE_UNSYNCD; + LED_A_OFF(); } break; @@ -272,9 +271,6 @@ static int Handle14443UartBit(int bit) break; } - // This row make the error blew circular buffer in hf 14b snoop - //if (Uart.state == STATE_ERROR_WAIT) LED_A_OFF(); // Error - return FALSE; } @@ -550,6 +546,7 @@ static RAMFUNC int Handle14443SamplesDemod(int ci, int cq) } else { if(Demod.posCount > 100) { Demod.state = DEMOD_UNSYNCD; + LED_C_OFF(); } } Demod.posCount++; @@ -560,6 +557,7 @@ static RAMFUNC int Handle14443SamplesDemod(int ci, int cq) if(v > 0) { if(Demod.posCount > 10) { Demod.state = DEMOD_UNSYNCD; + LED_C_OFF(); } } else { Demod.bitCount = 0; @@ -598,13 +596,13 @@ static RAMFUNC int Handle14443SamplesDemod(int ci, int cq) Demod.output[Demod.len] = b; Demod.len++; Demod.state = DEMOD_AWAITING_START_BIT; - } else if(s == 0x000) { - // This is EOF - LED_C_OFF(); - Demod.state = DEMOD_UNSYNCD; - return TRUE; } else { Demod.state = DEMOD_UNSYNCD; + LED_C_OFF(); + if(s == 0x000) { + // This is EOF + return TRUE; + } } } Demod.posCount = 0; @@ -613,10 +611,10 @@ static RAMFUNC int Handle14443SamplesDemod(int ci, int cq) default: Demod.state = DEMOD_UNSYNCD; + LED_C_OFF(); break; } - if (Demod.state == DEMOD_UNSYNCD) LED_C_OFF(); // Not synchronized... return FALSE; } @@ -1054,17 +1052,17 @@ void ReadSTMemoryIso14443(uint32_t dwLast) //----------------------------------------------------------------------------- /* * Memory usage for this function, (within BigBuf) - * 0-4095 : Demodulated samples receive (4096 bytes) - DEMOD_TRACE_SIZE - * 4096-6143 : Last Received command, 2048 bytes (reader->tag) - READER_TAG_BUFFER_SIZE - * 6144-8191 : Last Received command, 2048 bytes(tag->reader) - TAG_READER_BUFFER_SIZE - * 8192-9215 : DMA Buffer, 1024 bytes (samples) - DEMOD_DMA_BUFFER_SIZE + * Last Received command (reader->tag) - MAX_FRAME_SIZE + * Last Received command (tag->reader) - MAX_FRAME_SIZE + * DMA Buffer, 1024 bytes (samples) - DMA_BUFFER_SIZE + * Demodulated samples received - all the rest */ void RAMFUNC SnoopIso14443(void) { // We won't start recording the frames that we acquire until we trigger; // a good trigger condition to get started is probably when we see a // response from the tag. - int triggered = TRUE; + int triggered = TRUE; // TODO: set and evaluate trigger condition FpgaDownloadAndGo(FPGA_BITSTREAM_HF); BigBuf_free(); @@ -1110,6 +1108,9 @@ void RAMFUNC SnoopIso14443(void) uint8_t parity[MAX_PARITY_SIZE]; LED_A_ON(); + bool TagIsActive = FALSE; + bool ReaderIsActive = FALSE; + // And now we loop, receiving samples. for(;;) { int behindBy = (lastRxCounter - AT91C_BASE_PDC_SSC->PDC_RCR) & @@ -1136,7 +1137,8 @@ void RAMFUNC SnoopIso14443(void) samples += 2; - if(Handle14443UartBit(ci & 1)) { + if (!TagIsActive) { // no need to try decoding reader data if the tag is sending + if(Handle14443UartBit(ci & 0x01)) { if(triggered && tracing) { GetParity(Uart.output, Uart.byteCnt, parity); LogTrace(Uart.output,Uart.byteCnt,samples, samples,parity,TRUE); @@ -1149,7 +1151,7 @@ void RAMFUNC SnoopIso14443(void) /* false-triggered by the commands from the reader. */ DemodReset(); } - if(Handle14443UartBit(cq & 1)) { + if(Handle14443UartBit(cq & 0x01)) { if(triggered && tracing) { GetParity(Uart.output, Uart.byteCnt, parity); LogTrace(Uart.output,Uart.byteCnt,samples, samples, parity, TRUE); @@ -1162,8 +1164,11 @@ void RAMFUNC SnoopIso14443(void) /* false-triggered by the commands from the reader. */ DemodReset(); } + ReaderIsActive = (Uart.state != STATE_UNSYNCD); + } - if(Handle14443SamplesDemod(ci, cq)) { + if(!ReaderIsActive) { // no need to try decoding tag data if the reader is sending - and we cannot afford the time + if(Handle14443SamplesDemod(ci & 0xFE, cq & 0xFE)) { //Use samples as a time measurement if(tracing) @@ -1179,6 +1184,9 @@ void RAMFUNC SnoopIso14443(void) // And ready to receive another response. DemodReset(); } + TagIsActive = (Demod.state != DEMOD_UNSYNCD); + } + WDT_HIT(); if(!tracing) { diff --git a/fpga/fpga_hf.bit b/fpga/fpga_hf.bit index 20fb2bd4..53078a78 100644 Binary files a/fpga/fpga_hf.bit and b/fpga/fpga_hf.bit differ diff --git a/fpga/hi_read_rx_xcorr.v b/fpga/hi_read_rx_xcorr.v index dece2db3..06142637 100644 --- a/fpga/hi_read_rx_xcorr.v +++ b/fpga/hi_read_rx_xcorr.v @@ -99,8 +99,10 @@ end reg [5:0] corr_i_cnt; reg [5:0] corr_q_cnt; // And a couple of registers in which to accumulate the correlations. -reg signed [15:0] corr_i_accum; -reg signed [15:0] corr_q_accum; +// we would add at most 32 times adc_d, the result can be held in 13 bits. +// Need one additional bit because it can be negative as well +reg signed [13:0] corr_i_accum; +reg signed [13:0] corr_q_accum; reg signed [7:0] corr_i_out; reg signed [7:0] corr_q_out; @@ -114,12 +116,13 @@ begin begin if(snoop) begin - corr_i_out <= {corr_i_accum[12:6], after_hysteresis_prev}; - corr_q_out <= {corr_q_accum[12:6], after_hysteresis}; + // highest 7 significant bits of tag signal (signed), 1 bit reader signal: + corr_i_out <= {corr_i_accum[13:7], after_hysteresis_prev}; + corr_q_out <= {corr_q_accum[13:7], after_hysteresis}; end else begin - // Only correlations need to be delivered. + // highest 8 significant bits of tag signal corr_i_out <= corr_i_accum[13:6]; corr_q_out <= corr_q_accum[13:6]; end @@ -168,7 +171,9 @@ begin end end - if(corr_i_cnt[5:2] == 4'b000 || corr_i_cnt[5:2] == 4'b1000) + // set ssp_frame signal for corr_i_cnt = 0..3 and corr_i_cnt = 32..35 + // (two frames with 8 Bits each) + if(corr_i_cnt[5:2] == 4'b0000 || corr_i_cnt[5:2] == 4'b1000) ssp_frame = 1'b1; else ssp_frame = 1'b0;