]> git.zerfleddert.de Git - proxmark3-svn/blame - client/cmdlft55xx.c
projects / proxmark3-svn / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
FIX: adding a test to see if we managed to get the correct demodulation from an...
[proxmark3-svn] / client / cmdlft55xx.c
CommitLineData
54a942b0 1//-----------------------------------------------------------------------------\r
2//\r
3// This code is licensed to you under the terms of the GNU GPL, version 2 or,\r
4// at your option, any later version. See the LICENSE.txt file for the text of\r
5// the license.\r
6//-----------------------------------------------------------------------------\r
7// Low frequency T55xx commands\r
8//-----------------------------------------------------------------------------\r
9\r
10#include <stdio.h>\r
11#include <string.h>\r
12#include <inttypes.h>\r
54a942b0 13#include "proxmark3.h"\r
14#include "ui.h"\r
15#include "graph.h"\r
f38a1528 16#include "cmdmain.h"\r
54a942b0 17#include "cmdparser.h"\r
18#include "cmddata.h"\r
19#include "cmdlf.h"\r
20#include "cmdlft55xx.h"\r
f38a1528 21#include "util.h"\r
22#include "data.h"\r
c4e3b1b6 23#include "lfdemod.h"\r
83a42ef9 24#include "../common/crc.h"\r
54a942b0 25\r
8d0a3e87 26#define LF_TRACE_BUFF_SIZE 20000 // 32 x 32 x 10 (32 bit times numofblock (7), times clock skip..)\r
c6be64da 27#define LF_BITSSTREAM_LEN 1000 // more then 1000 bits shouldn't happend.. 8block * 4 bytes * 8bits = \r
54a942b0 28\r
83a42ef9 29// 0 = FSK\r
30// 1 = ASK\r
31// 2 = PSK\r
32// 4 = NZR (direct)\r
33typedef struct {\r
34 uint8_t modulation;\r
35 bool inversed;\r
36 uint32_t block0;\r
118bfa1b 37} t55xx_conf_block_t;\r
83a42ef9 38\r
39// Default configuration: FSK, not inversed.\r
118bfa1b 40t55xx_conf_block_t config = { .modulation = 0, .inversed = FALSE, .block0 = 0x00};\r
83a42ef9 41\r
42int usage_t55xx_config(){\r
118bfa1b 43 PrintAndLog("Usage: lf t55xx config [d <demodulation>] [i 1]");\r
83a42ef9 44 PrintAndLog("Options: ");\r
118bfa1b 45 PrintAndLog(" h This help");\r
46 PrintAndLog(" d <FSK|ASK|PSK|NZ|BI> Set demodulation FSK / ASK / PSK / NZ / Biphase");\r
47 PrintAndLog(" i [1] Inverse data signal, defaults to normal");\r
48 PrintAndLog("");\r
83a42ef9 49 PrintAndLog("Examples:");\r
118bfa1b 50 PrintAndLog(" lf t55xx config d FSK - FSK demodulation");\r
51 PrintAndLog(" lf t55xx config d FSK i 1 - FSK demodulation, inverse data");\r
52 PrintAndLog("");\r
83a42ef9 53 return 0;\r
54}\r
68008fb5 55int usage_t55xx_read(){\r
56 PrintAndLog("Usage: lf t55xx read <block> <password>");\r
4ecde0e1 57 PrintAndLog(" <block>, block number to read. Between 0-7");\r
58 PrintAndLog(" <password>, OPTIONAL password (8 hex characters)");\r
59 PrintAndLog("");\r
118bfa1b 60 PrintAndLog("Examples:");\r
61 PrintAndLog(" lf t55xx read 0 - read data from block 0");\r
62 PrintAndLog(" lf t55xx read 0 feedbeef - read data from block 0 password feedbeef");\r
4ecde0e1 63 PrintAndLog("");\r
64 return 0;\r
65}\r
68008fb5 66int usage_t55xx_write(){\r
4ecde0e1 67 PrintAndLog("Usage: lf t55xx wr <block> <data> [password]");\r
68 PrintAndLog(" <block>, block number to read. Between 0-7");\r
69 PrintAndLog(" <data>, 4 bytes of data to write (8 hex characters)");\r
70 PrintAndLog(" [password], OPTIONAL password 4bytes (8 hex characters)");\r
71 PrintAndLog("");\r
118bfa1b 72 PrintAndLog("Examples:");\r
73 PrintAndLog(" lf t55xx wd 3 11223344 - write 11223344 to block 3");\r
74 PrintAndLog(" lf t55xx wd 3 11223344 feedbeef - write 11223344 to block 3 password feedbeef");\r
4ecde0e1 75 PrintAndLog("");\r
76 return 0;\r
77}\r
78int usage_t55xx_trace() {\r
118bfa1b 79 PrintAndLog("Usage: lf t55xx trace [1]");\r
4ecde0e1 80 PrintAndLog(" [graph buffer data], if set, use Graphbuffer otherwise read data from tag.");\r
81 PrintAndLog("");\r
118bfa1b 82 PrintAndLog("Examples:");\r
83 PrintAndLog(" lf t55xx trace");\r
84 PrintAndLog(" lf t55xx trace 1");\r
4ecde0e1 85 PrintAndLog("");\r
86 return 0;\r
87}\r
88int usage_t55xx_info() {\r
118bfa1b 89 PrintAndLog("Usage: lf t55xx info [1]");\r
4ecde0e1 90 PrintAndLog(" [graph buffer data], if set, use Graphbuffer otherwise read data from tag.");\r
91 PrintAndLog("");\r
118bfa1b 92 PrintAndLog("Examples:");\r
93 PrintAndLog(" lf t55xx info");\r
94 PrintAndLog(" lf t55xx info 1");\r
4ecde0e1 95 PrintAndLog("");\r
96 return 0;\r
97}\r
4ecde0e1 98int usage_t55xx_dump(){\r
99 PrintAndLog("Usage: lf t55xx dump <password>");\r
118bfa1b 100 PrintAndLog(" <password>, OPTIONAL password 4bytes (8 hex symbols)");\r
4ecde0e1 101 PrintAndLog("");\r
118bfa1b 102 PrintAndLog("Examples:");\r
103 PrintAndLog(" lf t55xx dump");\r
104 PrintAndLog(" lf t55xx dump feedbeef");\r
4ecde0e1 105 PrintAndLog("");\r
106 return 0;\r
107}\r
0310364d 108\r
4ecde0e1 109static int CmdHelp(const char *Cmd);\r
c4e3b1b6 110\r
83a42ef9 111int CmdT55xxSetConfig(const char *Cmd){\r
118bfa1b 112\r
113 int len;\r
114 bool inverse;\r
115 bool errors = FALSE;\r
116 uint8_t cmdp = 0;\r
117 char modulation[4] = {0x00};\r
83a42ef9 118 \r
118bfa1b 119 while(param_getchar(Cmd, cmdp) != 0x00 && !errors)\r
83a42ef9 120 {\r
118bfa1b 121 switch(param_getchar(Cmd, cmdp))\r
122 {\r
123 case 'h':\r
124 case 'H':\r
125 return usage_t55xx_config();\r
126 case 'd':\r
127 len = param_getstr(Cmd, cmdp+1, modulation);\r
128 cmdp+= len+1;\r
129 //FSK|ASK|PSK|NZ|BI\r
130 if ( strcmp(modulation, "FSK" ) == 0)\r
131 len = 1;\r
132 else if ( strcmp(modulation, "ASK" ) == 0)\r
133 len = 2;\r
134 else if ( strcmp(modulation, "PSK" ) == 0)\r
135 len = 3;\r
136 else if ( strcmp(modulation, "NZ" ) == 0)\r
137 len = 4;\r
138 else if ( strcmp(modulation, "BI" ) == 0)\r
139 len = 5;\r
140 else {\r
141 PrintAndLog("Unknown modulation '%s'", modulation);\r
142 errors = TRUE;\r
143 }\r
144 break;\r
145 case 'i':\r
146 inverse = param_getchar(Cmd,cmdp+1) == '1';\r
147 cmdp+=2;\r
148 break;\r
149 default:\r
150 PrintAndLog("Unknown parameter '%c'", param_getchar(Cmd, cmdp));\r
151 errors = TRUE;\r
152 break;\r
153 }\r
83a42ef9 154 }\r
118bfa1b 155 // No args\r
156 if (cmdp == 0) {\r
157 PrintAndLog("Modulation: %d", config.modulation);\r
158 PrintAndLog("Invert : %d", config.inversed);\r
159 PrintAndLog("Block0 : %08X", config.block0);\r
160 return 0;\r
161 }\r
162 //Validations\r
163 if (errors)\r
164 return usage_t55xx_config();\r
165 \r
166 config.modulation = len;\r
167 config.inversed = inverse;\r
168 config.block0 = 0;\r
83a42ef9 169 return 0;\r
170}\r
83a42ef9 171// detect configuration?\r
172\r
54a942b0 173int CmdReadBlk(const char *Cmd)\r
174{\r
c6be64da 175 int block = -1;\r
4ecde0e1 176 int password = 0xFFFFFFFF; //default to blank Block 7\r
83a42ef9 177\r
4ecde0e1 178 char cmdp = param_getchar(Cmd, 0);\r
83a42ef9 179 if (cmdp == 'h' || cmdp == 'H')\r
180 return usage_t55xx_read();\r
54a942b0 181\r
4ecde0e1 182 int res = sscanf(Cmd, "%d %x", &block, &password);\r
54a942b0 183\r
4ecde0e1 184 if ( res < 1 || res > 2 ){\r
68008fb5 185 usage_t55xx_read();\r
4ecde0e1 186 return 1;\r
187 }\r
188 \r
189 if ((block < 0) | (block > 7)) {\r
b44e5233 190 PrintAndLog("Block must be between 0 and 7");\r
191 return 1;\r
4ecde0e1 192 } \r
54a942b0 193\r
4ecde0e1 194 UsbCommand c = {CMD_T55XX_READ_BLOCK, {0, block, 0}};\r
195 c.d.asBytes[0] = 0x0; \r
54a942b0 196\r
4ecde0e1 197 //Password mode\r
198 if ( res == 2 ) {\r
199 c.arg[2] = password;\r
200 c.d.asBytes[0] = 0x1; \r
c4e3b1b6 201 }\r
54a942b0 202\r
b44e5233 203 SendCommand(&c);\r
68008fb5 204 if ( !WaitForResponseTimeout(CMD_ACK,NULL,2500) ) {\r
c4e3b1b6 205 PrintAndLog("command execution time out");\r
385f3987 206 return 2;\r
c4e3b1b6 207 }\r
f38a1528 208 \r
68008fb5 209 uint8_t got[12000];\r
210 GetFromBigBuf(got,sizeof(got),0);\r
211 WaitForResponse(CMD_ACK,NULL);\r
a501c82b 212\r
68008fb5 213 setGraphBuf(got, 12000);\r
83a42ef9 214\r
215 if (block == 0){\r
118bfa1b 216 // try a detection. \r
83a42ef9 217 }\r
68008fb5 218 \r
83a42ef9 219 if (CmdDetectClockRate("f")){ //wave is almost certainly FSK\r
83a42ef9 220 // FSK\r
3e4811c8 221 if ( FSKrawDemod("0 0", FALSE) && test())\r
83a42ef9 222 printT55xx("FSK");\r
223 // FSK inverted\r
3e4811c8 224 if ( FSKrawDemod("0 1", FALSE) && test()) \r
83a42ef9 225 printT55xx("FSK inv");\r
226 } else {\r
227 // ASK/MAN (autoclock, normal, maxerrors 1)\r
3e4811c8 228 if ( ASKmanDemod("0 0 1", FALSE, FALSE) && test()) \r
83a42ef9 229 printT55xx("ASK/MAN");\r
230 \r
231 // ASK/MAN (autoclock, inverted, maxerrors 1)\r
3e4811c8 232 if ( ASKmanDemod("0 1 1", FALSE, FALSE) && test()) \r
83a42ef9 233 printT55xx("ASK/MAN Inv");\r
234\r
235 // NZR (autoclock, normal, maxerrors 1)\r
3e4811c8 236 if ( NRZrawDemod("0 0 1", FALSE) && test()) \r
83a42ef9 237 printT55xx("NZR");\r
238 // NZR (autoclock, inverted, maxerrors 1)\r
3e4811c8 239 if ( NRZrawDemod("0 1 1", FALSE) && test()) \r
83a42ef9 240 printT55xx("NZR inv");\r
241 \r
242 // PSK (autoclock, normal, maxerrors 1)\r
3e4811c8 243 if ( PSKDemod("0 0 1", FALSE) && test()) \r
83a42ef9 244 printT55xx("PSK");\r
245\r
246 // PSK (autoclock, inverted, maxerrors 1)\r
3e4811c8 247 if ( PSKDemod("0 1 1", FALSE) && test()) \r
83a42ef9 248 printT55xx("PSK inv");\r
118bfa1b 249 \r
250 //PSK2?\r
251 \r
3e4811c8 252 // if (!BiphaseRawDecode("0",FALSE) && test()) \r
118bfa1b 253 // printT55xx("BIPHASE");\r
254 \r
3e4811c8 255 // if (!BiphaseRawDecode("1",FALSE) && test()) \r
118bfa1b 256 // printT55xx("BIPHASE inv");\r
83a42ef9 257 }\r
258 return 0;\r
259}\r
3e4811c8 260bool test(){\r
261\r
262 if ( !DemodBufferLen) \r
263 return false;\r
264 \r
265 uint8_t si = 1;\r
266 uint8_t safer = PackBits(si, 4, DemodBuffer); si += 4; \r
267 uint8_t resv = PackBits(si, 7, DemodBuffer); si += 7+3;\r
268 uint8_t extend = PackBits(si, 1, DemodBuffer); si += 1;\r
269\r
270 //PrintAndLog("test: %X %X %X ", safer, resv, extend);\r
271 \r
272 // 2nibble must be zeroed.\r
273 if ( resv > 0x00) return FALSE;\r
274\r
275 if ( safer == 0x6 || safer == 0x9){\r
276 if ( extend == 0x00)\r
277 return TRUE;\r
278 }\r
279 if ( resv== 0x00) return TRUE;\r
280 return FALSE;\r
281}\r
83a42ef9 282\r
283void printT55xx(const char *demodStr){\r
68008fb5 284 \r
83a42ef9 285 uint32_t blockData = 0;\r
286 uint8_t bits[MAX_GRAPH_TRACE_LEN] = {0x00};\r
287 \r
68008fb5 288 if ( !DemodBufferLen) \r
83a42ef9 289 return;\r
4e7af352 290 \r
83a42ef9 291 int i =0;\r
68008fb5 292 for (;i<DemodBufferLen;++i)\r
293 bits[i]=DemodBuffer[i];\r
385f3987 294 \r
0310364d 295 blockData = PackBits(1, 32, bits);\r
83a42ef9 296 PrintAndLog("0x%08X %s [%s]", blockData, sprint_bin(bits+1,32), demodStr );\r
54a942b0 297}\r
298\r
4e7af352 299/*\r
300FSK1 / FSK1a\r
301size = fskdemod(dest, size, 32, 0, 8, 10); // fsk1 RF/32 \r
302size = fskdemod(dest, size, 32, 1, 8, 10); // fsk1a RF/32 \r
303\r
304FSK2 / FSK2a\r
305size = fskdemod(dest, size, 32, 0, 10, 8); // fsk2 RF/32 \r
306size = fskdemod(dest, size, 32, 1, 10, 8); // fsk2a RF/32 \r
307size = fskdemod(dest, size, 50, 1, 10, 8); // fsk2a RF/50 \r
308size = fskdemod(dest, size, 64, 1, 10, 8); // FSK2a RF/64 \r
309\r
310PSK1\r
311errCnt = pskRawDemod(bits, &bitlen, 32, 0);\r
312*/\r
54a942b0 313int CmdWriteBlk(const char *Cmd)\r
54a942b0 314{\r
4ecde0e1 315 int block = 8; //default to invalid block\r
316 int data = 0xFFFFFFFF; //default to blank Block \r
317 int password = 0xFFFFFFFF; //default to blank Block 7\r
318 \r
319 char cmdp = param_getchar(Cmd, 0);\r
320 if (cmdp == 'h' || cmdp == 'H') {\r
68008fb5 321 usage_t55xx_write();\r
4ecde0e1 322 return 0;\r
323 }\r
324 \r
325 int res = sscanf(Cmd, "%d %x %x",&block, &data, &password);\r
326 \r
327 if ( res < 2 || res > 3) {\r
68008fb5 328 usage_t55xx_write();\r
4ecde0e1 329 return 1;\r
330 }\r
54a942b0 331\r
4ecde0e1 332 if (block > 7) {\r
b44e5233 333 PrintAndLog("Block must be between 0 and 7");\r
334 return 1;\r
f38a1528 335 }\r
4ecde0e1 336 \r
337 UsbCommand c = {CMD_T55XX_WRITE_BLOCK, {data, block, 0}};\r
338 c.d.asBytes[0] = 0x0; \r
54a942b0 339\r
68008fb5 340 PrintAndLog("Writing to T55x7");\r
341 PrintAndLog("block : %d", block);\r
342 PrintAndLog("data : 0x%08X", data);\r
343\r
344 //Password mode\r
345 if (res == 3) {\r
4ecde0e1 346 c.arg[2] = password;\r
347 c.d.asBytes[0] = 0x1; \r
68008fb5 348 PrintAndLog("pwd : 0x%08X", password);\r
4ecde0e1 349 }\r
4ecde0e1 350 SendCommand(&c);\r
351 return 0;\r
54a942b0 352}\r
353\r
354int CmdReadTrace(const char *Cmd)\r
355{\r
0310364d 356 uint8_t bits[MAX_GRAPH_TRACE_LEN] = {0x00};\r
f38a1528 357\r
0310364d 358 char cmdp = param_getchar(Cmd, 0);\r
359 \r
fbceacc5 360 if (strlen(Cmd) > 1 || cmdp == 'h' || cmdp == 'H') {\r
4ecde0e1 361 usage_t55xx_trace();\r
fbceacc5 362 return 0;\r
363 }\r
f38a1528 364\r
fbceacc5 365 if ( strlen(Cmd)==0){\r
c4e3b1b6 366 \r
fbceacc5 367 UsbCommand c = {CMD_T55XX_READ_TRACE, {0, 0, 0}};\r
368 SendCommand(&c);\r
68008fb5 369 if ( !WaitForResponseTimeout(CMD_ACK,NULL,2500) ) {\r
370 PrintAndLog("command execution time out");\r
371 return 1;\r
372 }\r
373 //darn\r
374 //CmdSamples("12000");\r
f38a1528 375 }\r
f38a1528 376 \r
83a42ef9 377 size_t bitlen = getFromGraphBuf(bits);\r
378 if ( bitlen == 0 )\r
379 return 2;\r
380 \r
f6c18637 381 RepaintGraphWindow();\r
b44e5233 382\r
f6c18637 383 uint8_t si = 5;\r
0310364d 384 uint32_t bl0 = PackBits(si, 32, bits);\r
385 uint32_t bl1 = PackBits(si+32, 32, bits);\r
f6c18637 386 \r
0310364d 387 uint32_t acl = PackBits(si, 8, bits); si += 8;\r
388 uint32_t mfc = PackBits(si, 8, bits); si += 8;\r
389 uint32_t cid = PackBits(si, 5, bits); si += 5;\r
390 uint32_t icr = PackBits(si, 3, bits); si += 3;\r
391 uint32_t year = PackBits(si, 4, bits); si += 4;\r
392 uint32_t quarter = PackBits(si, 2, bits); si += 2;\r
393 uint32_t lotid = PackBits(si, 12, bits); si += 12;\r
394 uint32_t wafer = PackBits(si, 5, bits); si += 5;\r
395 uint32_t dw = PackBits(si, 15, bits); \r
f6c18637 396 \r
397 PrintAndLog("");\r
398 PrintAndLog("-- T55xx Trace Information ----------------------------------");\r
399 PrintAndLog("-------------------------------------------------------------");\r
400 PrintAndLog(" ACL Allocation class (ISO/IEC 15963-1) : 0x%02X (%d)", acl, acl);\r
401 PrintAndLog(" MFC Manufacturer ID (ISO/IEC 7816-6) : 0x%02X (%d)", mfc, mfc);\r
402 PrintAndLog(" CID : 0x%02X (%d)", cid, cid);\r
403 PrintAndLog(" ICR IC Revision : %d",icr );\r
404 PrintAndLog(" Manufactured");\r
405 PrintAndLog(" Year/Quarter : %d/%d",2000+year, quarter );\r
77376577 406 PrintAndLog(" Lot ID : %d", lotid );\r
f6c18637 407 PrintAndLog(" Wafer number : %d", wafer);\r
408 PrintAndLog(" Die Number : %d", dw);\r
409 PrintAndLog("-------------------------------------------------------------");\r
77376577 410 PrintAndLog(" Raw Data - Page 1");\r
0310364d 411 PrintAndLog(" Block 0 : 0x%08X %s", bl0, sprint_bin(bits+5,32) );\r
412 PrintAndLog(" Block 0 : 0x%08X %s", bl1, sprint_bin(bits+37,32) );\r
f6c18637 413 PrintAndLog("-------------------------------------------------------------");\r
414 /*\r
415 TRACE - BLOCK O\r
416 Bits Definition HEX\r
417 1-8 ACL Allocation class (ISO/IEC 15963-1) 0xE0 \r
418 9-16 MFC Manufacturer ID (ISO/IEC 7816-6) 0x15 Atmel Corporation\r
419 17-21 CID 0x1 = Atmel ATA5577M1 0x2 = Atmel ATA5577M2 \r
420 22-24 ICR IC revision\r
421 25-28 YEAR (BCD encoded) 9 (= 2009)\r
422 29-30 QUARTER 1,2,3,4 \r
77376577 423 31-32 LOT ID\r
f6c18637 424 \r
425 TRACE - BLOCK 1\r
77376577 426 1-12 LOT ID \r
f6c18637 427 13-17 Wafer number\r
428 18-32 DW, die number sequential\r
429 */\r
430 \r
431 return 0;\r
432}\r
f38a1528 433\r
f6c18637 434int CmdInfo(const char *Cmd){\r
435 /*\r
436 Page 0 Block 0 Configuration data.\r
437 Normal mode\r
438 Extended mode\r
439 */\r
fbceacc5 440 char cmdp = param_getchar(Cmd, 0);\r
441\r
83a42ef9 442 if (cmdp == 'h' || cmdp == 'H') {\r
443 return usage_t55xx_info();\r
4ecde0e1 444 } else {\r
fbceacc5 445 CmdReadBlk("0");\r
081151ea 446 } \r
fbceacc5 447\r
83a42ef9 448 // config\r
449 \r
c6be64da 450 uint8_t bits[LF_BITSSTREAM_LEN] = {0x00};\r
8d0a3e87 451\r
83a42ef9 452 uint8_t si = 1;\r
8d0a3e87 453 uint32_t bl0 = PackBits(si, 32, bits);\r
f6c18637 454 \r
8d0a3e87 455 uint32_t safer = PackBits(si, 4, bits); si += 4; \r
456 uint32_t resv = PackBits(si, 7, bits); si += 7;\r
457 uint32_t dbr = PackBits(si, 3, bits); si += 3;\r
458 uint32_t extend = PackBits(si, 1, bits); si += 1;\r
3e4811c8 459 uint32_t datamod = PackBits(si, 5, bits); si += 5;\r
8d0a3e87 460 uint32_t pskcf = PackBits(si, 2, bits); si += 2;\r
461 uint32_t aor = PackBits(si, 1, bits); si += 1; \r
462 uint32_t otp = PackBits(si, 1, bits); si += 1; \r
463 uint32_t maxblk = PackBits(si, 3, bits); si += 3;\r
464 uint32_t pwd = PackBits(si, 1, bits); si += 1; \r
465 uint32_t sst = PackBits(si, 1, bits); si += 1; \r
466 uint32_t fw = PackBits(si, 1, bits); si += 1;\r
467 uint32_t inv = PackBits(si, 1, bits); si += 1; \r
468 uint32_t por = PackBits(si, 1, bits); si += 1;\r
b44e5233 469 \r
f6c18637 470 PrintAndLog("");\r
99a71418 471 PrintAndLog("-- T55xx Configuration & Tag Information --------------------");\r
f6c18637 472 PrintAndLog("-------------------------------------------------------------");\r
473 PrintAndLog(" Safer key : %s", GetSaferStr(safer));\r
474 PrintAndLog(" reserved : %d", resv);\r
475 PrintAndLog(" Data bit rate : %s", GetBitRateStr(dbr));\r
476 PrintAndLog(" eXtended mode : %s", (extend) ? "Yes - Warning":"No");\r
3e4811c8 477 PrintAndLog(" Modulation : %s", GetModulationStr(datamod));\r
f6c18637 478 PrintAndLog(" PSK clock freq : %d", pskcf);\r
479 PrintAndLog(" AOR - Answer on Request : %s", (aor) ? "Yes":"No");\r
480 PrintAndLog(" OTP - One Time Pad : %s", (otp) ? "Yes - Warning":"No" );\r
481 PrintAndLog(" Max block : %d", maxblk);\r
482 PrintAndLog(" Password mode : %s", (pwd) ? "Yes":"No");\r
483 PrintAndLog(" Sequence Start Terminator : %s", (sst) ? "Yes":"No");\r
3e4811c8 484 PrintAndLog(" Fast Write : %s", (fw) ? "Yes":"No");\r
f6c18637 485 PrintAndLog(" Inverse data : %s", (inv) ? "Yes":"No");\r
486 PrintAndLog(" POR-Delay : %s", (por) ? "Yes":"No");\r
487 PrintAndLog("-------------------------------------------------------------");\r
77376577 488 PrintAndLog(" Raw Data - Page 0");\r
8d0a3e87 489 PrintAndLog(" Block 0 : 0x%08X %s", bl0, sprint_bin(bits+5,32) );\r
f6c18637 490 PrintAndLog("-------------------------------------------------------------");\r
491 \r
492 return 0;\r
493}\r
494\r
77376577 495int CmdDump(const char *Cmd){\r
496\r
4ecde0e1 497 char s[20] = {0x00};\r
77376577 498 uint8_t pwd[4] = {0x00};\r
54a942b0 499\r
4ecde0e1 500 char cmdp = param_getchar(Cmd, 0);\r
149aeada 501 if ( cmdp == 'h' || cmdp == 'H') {\r
4ecde0e1 502 usage_t55xx_dump();\r
77376577 503 return 0;\r
504 }\r
4ecde0e1 505\r
506 bool hasPwd = ( strlen(Cmd) > 0); \r
77376577 507 if ( hasPwd ){\r
2ae8a312 508 if (param_gethex(Cmd, 0, pwd, 8)) {\r
509 PrintAndLog("password must include 8 HEX symbols");\r
c4e3b1b6 510 return 1;\r
77376577 511 }\r
512 }\r
a501c82b 513 \r
77376577 514 for ( int i = 0; i <8; ++i){\r
149aeada 515 memset(s,0,sizeof(s));\r
77376577 516 if ( hasPwd ) {\r
c6be64da 517 sprintf(s,"%d %02x%02x%02x%02x", i, pwd[0],pwd[1],pwd[2],pwd[3]);\r
77376577 518 } else {\r
519 sprintf(s,"%d", i);\r
77376577 520 }\r
4ecde0e1 521 CmdReadBlk(s);\r
77376577 522 }\r
523 return 0;\r
524}\r
525\r
f6c18637 526char * GetBitRateStr(uint32_t id){\r
527 static char buf[40];\r
528 char *retStr = buf;\r
529 switch (id){\r
530 case 0: \r
531 sprintf(retStr,"%d - RF/8",id);\r
532 break;\r
533 case 1:\r
534 sprintf(retStr,"%d - RF/16",id);\r
535 break;\r
536 case 2: \r
537 sprintf(retStr,"%d - RF/32",id);\r
538 break;\r
539 case 3:\r
540 sprintf(retStr,"%d - RF/40",id);\r
541 break;\r
542 case 4:\r
543 sprintf(retStr,"%d - RF/50",id);\r
544 break;\r
545 case 5:\r
546 sprintf(retStr,"%d - RF/64",id);\r
547 break;\r
548 case 6:\r
549 sprintf(retStr,"%d - RF/100",id);\r
550 break;\r
551 case 7:\r
552 sprintf(retStr,"%d - RF/128",id);\r
553 break;\r
554 default:\r
555 sprintf(retStr,"%d - (Unknown)",id);\r
556 break;\r
557 }\r
558\r
559 return buf;\r
560}\r
561\r
f6c18637 562char * GetSaferStr(uint32_t id){\r
563 static char buf[40];\r
564 char *retStr = buf;\r
565 \r
566 sprintf(retStr,"%d",id);\r
567 if (id == 6) {\r
3e4811c8 568 sprintf(retStr,"%d - passwd",id);\r
f6c18637 569 }\r
570 if (id == 9 ){\r
3e4811c8 571 sprintf(retStr,"%d - testmode",id);\r
f6c18637 572 }\r
573 \r
574 return buf;\r
575}\r
576char * GetModulationStr( uint32_t id){\r
577 static char buf[40];\r
578 char *retStr = buf;\r
579 \r
580 switch (id){\r
581 case 0: \r
7bd30f12 582 sprintf(retStr,"%d - DIRECT (ASK/NRZ)",id);\r
f6c18637 583 break;\r
584 case 1:\r
585 sprintf(retStr,"%d - PSK 1 phase change when input changes",id);\r
586 break;\r
587 case 2: \r
588 sprintf(retStr,"%d - PSK 2 phase change on bitclk if input high",id);\r
589 break;\r
590 case 3:\r
591 sprintf(retStr,"%d - PSK 3 phase change on rising edge of input",id);\r
592 break;\r
593 case 4:\r
594 sprintf(retStr,"%d - FSK 1 RF/8 RF/5",id);\r
595 break;\r
596 case 5:\r
597 sprintf(retStr,"%d - FSK 2 RF/8 RF/10",id);\r
598 break;\r
599 case 6:\r
600 sprintf(retStr,"%d - FSK 1a RF/5 RF/8",id);\r
601 break;\r
602 case 7:\r
603 sprintf(retStr,"%d - FSK 2a RF/10 RF/8",id);\r
604 break;\r
605 case 8:\r
606 sprintf(retStr,"%d - Manschester",id);\r
607 break;\r
608 case 16:\r
609 sprintf(retStr,"%d - Biphase",id);\r
610 break;\r
611 case 17:\r
612 sprintf(retStr,"%d - Reserved",id);\r
613 break;\r
614 default:\r
615 sprintf(retStr,"0x%02X (Unknown)",id);\r
616 break;\r
617 }\r
618 return buf;\r
619}\r
620\r
f6c18637 621uint32_t PackBits(uint8_t start, uint8_t len, uint8_t* bits){\r
622 \r
623 int i = start;\r
624 int j = len-1;\r
3bc3598e 625 if (len > 32) {\r
626 return 0;\r
627 }\r
f6c18637 628 uint32_t tmp = 0;\r
629 for (; j >= 0; --j, ++i){\r
630 tmp |= bits[i] << j;\r
631 }\r
632 return tmp;\r
54a942b0 633}\r
634\r
635static command_t CommandTable[] =\r
636{\r
83a42ef9 637 {"help", CmdHelp, 1, "This help"},\r
638 {"config", CmdT55xxSetConfig, 1, "Set T55XX config for modulation, inversed data"},\r
639 {"read", CmdReadBlk, 0, "<block> [password] -- Read T55xx block data (page 0) [optional password]"},\r
640 {"write", CmdWriteBlk, 0, "<block> <data> [password] -- Write T55xx block data (page 0) [optional password]"},\r
641 {"trace", CmdReadTrace, 0, "[1] Read T55xx traceability data (page 1/ blk 0-1)"},\r
642 {"info", CmdInfo, 0, "[1] Read T55xx configuration data (page 0/ blk 0)"},\r
643 {"dump", CmdDump, 0, "[password] Dump T55xx card block 0-7. [optional password]"},\r
54a942b0 644 {NULL, NULL, 0, NULL}\r
645};\r
646\r
647int CmdLFT55XX(const char *Cmd)\r
648{\r
649 CmdsParse(CommandTable, Cmd);\r
650 return 0;\r
651}\r
652\r
653int CmdHelp(const char *Cmd)\r
654{\r
655 CmdsHelp(CommandTable);\r
656 return 0;\r
657}\r
Proxmark3 GIT tracking
Impressum, Datenschutz