Add basic communication shell for Legic RF in reader mode. Needs the new receive...

[proxmark3-svn] / winsrc / command.cpp

//-----------------------------------------------------------------------------\r
// The actual command interpeter for what the user types at the command line.\r
// Jonathan Westhues, Sept 2005\r
// Edits by Gerhard de Koning Gans, Sep 2007 (##)\r
//-----------------------------------------------------------------------------\r
#include <windows.h>\r
#include <stdlib.h>\r
#include <string.h>\r
#include <stdio.h>\r
#include <limits.h>\r
#include <math.h>\r
\r
#include "prox.h"\r
#include "../common/iso14443_crc.c"\r
#include "../common/crc16.c"\r
\r
#define arraylen(x) (sizeof(x)/sizeof((x)[0]))\r
#define BIT(x) GraphBuffer[x * clock]\r
#define BITS (GraphTraceLen / clock)\r
\r
int go = 0;\r
static int CmdHisamplest(char *str, int nrlow);\r
\r
static void GetFromBigBuf(BYTE *dest, int bytes)\r
{\r
	int n = bytes/4;\r
\r
	if(n % 48 != 0) {\r
		PrintToScrollback("bad len in GetFromBigBuf");\r
		return;\r
	}\r
\r
	int i;\r
	for(i = 0; i < n; i += 12) {\r
		UsbCommand c;\r
		c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;\r
		c.ext1 = i;\r
		SendCommand(&c, FALSE);\r
		ReceiveCommand(&c);\r
		if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {\r
			PrintToScrollback("bad resp");\r
			return;\r
		}\r
\r
		memcpy(dest+(i*4), c.d.asBytes, 48);\r
	}\r
}\r
\r
static void CmdReset(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_HARDWARE_RESET;\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdBuffClear(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_BUFF_CLEAR;\r
	SendCommand(&c, FALSE);\r
	CmdClearGraph(TRUE);\r
}\r
\r
static void CmdQuit(char *str)\r
{\r
	exit(0);\r
}\r
\r
static void CmdHIDdemodFSK(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_HID_DEMOD_FSK;\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdTune(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_MEASURE_ANTENNA_TUNING;\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdHi15read(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_15693;\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdHi14read(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443;\r
	c.ext1 = atoi(str);\r
	SendCommand(&c, FALSE);\r
}\r
\r
\r
/* New command to read the contents of a SRI512 tag\r
 * SRI512 tags are ISO14443-B modulated memory tags,\r
 * this command just dumps the contents of the memory/\r
 */\r
static void CmdSri512read(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_READ_SRI512_TAG;\r
	c.ext1 = atoi(str);\r
	SendCommand(&c, FALSE);\r
}\r
\r
// ## New command\r
static void CmdHi14areader(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_READER_ISO_14443a;\r
	c.ext1 = atoi(str);\r
	SendCommand(&c, FALSE);\r
}\r
\r
// ## New command\r
static void CmdHi15reader(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_READER_ISO_15693;\r
	c.ext1 = atoi(str);\r
	SendCommand(&c, FALSE);\r
}\r
\r
// ## New command\r
static void CmdHi15tag(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_SIMTAG_ISO_15693;\r
	c.ext1 = atoi(str);\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdHi14read_sim(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM;\r
	c.ext1 = atoi(str);\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdHi14readt(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443;\r
	c.ext1 = atoi(str);\r
	SendCommand(&c, FALSE);\r
\r
	//CmdHisamplest(str);\r
	while(CmdHisamplest(str,atoi(str))==0) {\r
		c.cmd = CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443;\r
		c.ext1 = atoi(str);\r
		SendCommand(&c, FALSE);\r
	}\r
	RepaintGraphWindow();\r
}\r
\r
static void CmdHisimlisten(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_SIMULATE_TAG_HF_LISTEN;\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdHi14sim(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_SIMULATE_TAG_ISO_14443;\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdHi14asim(char *str)	// ## simulate iso14443a tag\r
{					// ## greg - added ability to specify tag UID\r
\r
	unsigned int hi=0, lo=0;\r
	int n=0, i=0;\r
	UsbCommand c;\r
\r
	while (sscanf(&str[i++], "%1x", &n ) == 1) {\r
		hi=(hi<<4)|(lo>>28);\r
		lo=(lo<<4)|(n&0xf);\r
	}\r
\r
	c.cmd = CMD_SIMULATE_TAG_ISO_14443a;\r
	// c.ext should be set to *str or convert *str to the correct format for a uid\r
	c.ext1 = hi;\r
	c.ext2 = lo;\r
	PrintToScrollback("Emulating 14443A TAG with UID %x%16x", hi, lo);\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdHi14snoop(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_SNOOP_ISO_14443;\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdHi14asnoop(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_SNOOP_ISO_14443a;\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdLegicRfSim(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_SIMULATE_TAG_LEGIC_RF;\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdLegicRfRead(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_READER_LEGIC_RF;\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdFPGAOff(char *str)		// ## FPGA Control\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_FPGA_MAJOR_MODE_OFF;\r
	SendCommand(&c, FALSE);\r
}\r
\r
/* clear out our graph window */\r
int CmdClearGraph(int redraw)\r
{\r
	int gtl = GraphTraceLen;\r
	GraphTraceLen = 0;\r
\r
	if (redraw)\r
		RepaintGraphWindow();\r
\r
	return gtl;\r
}\r
\r
/* write a bit to the graph */\r
static void CmdAppendGraph(int redraw, int clock, int bit)\r
{\r
	int i;\r
\r
	for (i = 0; i < (int)(clock/2); i++)\r
		GraphBuffer[GraphTraceLen++] = bit ^ 1;\r
\r
	for (i = (int)(clock/2); i < clock; i++)\r
		GraphBuffer[GraphTraceLen++] = bit;\r
\r
	if (redraw)\r
		RepaintGraphWindow();\r
}\r
\r
/* Function is equivalent of loread + losamples + em410xread\r
 * looped until an EM410x tag is detected */\r
static void CmdEM410xwatch(char *str)\r
{\r
	char *zero = "";\r
	char *twok = "2000";\r
	go = 1;\r
\r
	do\r
	{\r
		CmdLoread(zero);\r
		CmdLosamples(twok);\r
		CmdEM410xread(zero);\r
	} while (go);\r
}\r
\r
/* Read the transmitted data of an EM4x50 tag\r
 * Format:\r
 *\r
 *  XXXXXXXX [row parity bit (even)] <- 8 bits plus parity\r
 *  XXXXXXXX [row parity bit (even)] <- 8 bits plus parity\r
 *  XXXXXXXX [row parity bit (even)] <- 8 bits plus parity\r
 *  XXXXXXXX [row parity bit (even)] <- 8 bits plus parity\r
 *  CCCCCCCC                         <- column parity bits\r
 *  0                                <- stop bit\r
 *  LW                               <- Listen Window\r
 *\r
 * This pattern repeats for every block of data being transmitted.\r
 * Transmission starts with two Listen Windows (LW - a modulated\r
 * pattern of 320 cycles each (32/32/128/64/64)).\r
 *\r
 * Note that this data may or may not be the UID. It is whatever data\r
 * is stored in the blocks defined in the control word First and Last\r
 * Word Read values. UID is stored in block 32.\r
 */\r
static void CmdEM4x50read(char *str)\r
{\r
	int i, j, startblock, clock, skip, block, start, end, low, high;\r
	BOOL complete= FALSE;\r
	int tmpbuff[MAX_GRAPH_TRACE_LEN / 64];\r
	char tmp[6];\r
\r
	high= low= 0;\r
	clock= 64;\r
\r
	/* first get high and low values */\r
	for (i = 0; i < GraphTraceLen; i++)\r
	{\r
		if (GraphBuffer[i] > high)\r
			high = GraphBuffer[i];\r
		else if (GraphBuffer[i] < low)\r
			low = GraphBuffer[i];\r
	}\r
\r
	/* populate a buffer with pulse lengths */\r
	i= 0;\r
	j= 0;\r
	while(i < GraphTraceLen)\r
		{\r
		// measure from low to low\r
		while((GraphBuffer[i] > low) && (i<GraphTraceLen))\r
			++i;\r
		start= i;\r
		while((GraphBuffer[i] < high) && (i<GraphTraceLen))\r
			++i;\r
		while((GraphBuffer[i] > low) && (i<GraphTraceLen))\r
			++i;\r
		if (j>(MAX_GRAPH_TRACE_LEN/64)) {\r
			break;\r
		}\r
		tmpbuff[j++]= i - start;\r
		}\r
\r
	/* look for data start - should be 2 pairs of LW (pulses of 192,128) */\r
	start= -1;\r
	skip= 0;\r
	for (i= 0; i < j - 4 ; ++i)\r
		{\r
		skip += tmpbuff[i];\r
		if (tmpbuff[i] >= 190 && tmpbuff[i] <= 194)\r
			if (tmpbuff[i+1] >= 126 && tmpbuff[i+1] <= 130)\r
				if (tmpbuff[i+2] >= 190 && tmpbuff[i+2] <= 194)\r
					if (tmpbuff[i+3] >= 126 && tmpbuff[i+3] <= 130)\r
						{\r
						start= i + 3;\r
						break;\r
						}\r
		}\r
	startblock= i + 3;\r
\r
	/* skip over the remainder of the LW */\r
	skip += tmpbuff[i+1]+tmpbuff[i+2];\r
	while(skip < MAX_GRAPH_TRACE_LEN && GraphBuffer[skip] > low)\r
		++skip;\r
	skip += 8;\r
\r
	/* now do it again to find the end */\r
	end= start;\r
	for (i += 3; i < j - 4 ; ++i)\r
		{\r
		end += tmpbuff[i];\r
		if (tmpbuff[i] >= 190 && tmpbuff[i] <= 194)\r
			if (tmpbuff[i+1] >= 126 && tmpbuff[i+1] <= 130)\r
				if (tmpbuff[i+2] >= 190 && tmpbuff[i+2] <= 194)\r
					if (tmpbuff[i+3] >= 126 && tmpbuff[i+3] <= 130)\r
						{\r
						complete= TRUE;\r
						break;\r
						}\r
		}\r
\r
	if (start >= 0)\r
		PrintToScrollback("Found data at sample: %i",skip);\r
	else\r
		{\r
		PrintToScrollback("No data found!");\r
		PrintToScrollback("Try again with more samples.");\r
		return;\r
		}\r
\r
	if (!complete)\r
		{\r
		PrintToScrollback("*** Warning!");\r
		PrintToScrollback("Partial data - no end found!");\r
		PrintToScrollback("Try again with more samples.");\r
		}\r
\r
	/* get rid of leading crap */\r
	sprintf(tmp,"%i",skip);\r
	CmdLtrim(tmp);\r
\r
	/* now work through remaining buffer printing out data blocks */\r
	block= 0;\r
	i= startblock;\r
	while(block < 6)\r
		{\r
		PrintToScrollback("Block %i:", block);\r
		// mandemod routine needs to be split so we can call it for data\r
		// just print for now for debugging\r
		Cmdmanchesterdemod("i 64");\r
		skip= 0;\r
		/* look for LW before start of next block */\r
		for ( ; i < j - 4 ; ++i)\r
			{\r
			skip += tmpbuff[i];\r
			if (tmpbuff[i] >= 190 && tmpbuff[i] <= 194)\r
				if (tmpbuff[i+1] >= 126 && tmpbuff[i+1] <= 130)\r
					break;\r
			}\r
		while(GraphBuffer[skip] > low)\r
			++skip;\r
		skip += 8;\r
		sprintf(tmp,"%i",skip);\r
		CmdLtrim(tmp);\r
		start += skip;\r
		block++;\r
		}\r
}\r
\r
\r
/* Read the ID of an EM410x tag.\r
 * Format:\r
 *   1111 1111 1           <-- standard non-repeatable header\r
 *   XXXX [row parity bit] <-- 10 rows of 5 bits for our 40 bit tag ID\r
 *   ....\r
 *   CCCC                  <-- each bit here is parity for the 10 bits above in corresponding column\r
 *   0                     <-- stop bit, end of tag\r
 */\r
static void CmdEM410xread(char *str)\r
{\r
	int i, j, clock, header, rows, bit, hithigh, hitlow, first, bit2idx, high, low;\r
	int parity[4];\r
	char id[11];\r
	int retested = 0;\r
	int BitStream[MAX_GRAPH_TRACE_LEN];\r
	high = low = 0;\r
\r
	/* Detect high and lows and clock */\r
	for (i = 0; i < GraphTraceLen; i++)\r
	{\r
		if (GraphBuffer[i] > high)\r
			high = GraphBuffer[i];\r
		else if (GraphBuffer[i] < low)\r
			low = GraphBuffer[i];\r
	}\r
\r
	/* get clock */\r
	clock = GetClock(str, high);\r
\r
	/* parity for our 4 columns */\r
	parity[0] = parity[1] = parity[2] = parity[3] = 0;\r
	header = rows = 0;\r
\r
	/* manchester demodulate */\r
	bit = bit2idx = 0;\r
	for (i = 0; i < (int)(GraphTraceLen / clock); i++)\r
	{\r
		hithigh = 0;\r
		hitlow = 0;\r
		first = 1;\r
\r
		/* Find out if we hit both high and low peaks */\r
		for (j = 0; j < clock; j++)\r
		{\r
			if (GraphBuffer[(i * clock) + j] == high)\r
				hithigh = 1;\r
			else if (GraphBuffer[(i * clock) + j] == low)\r
				hitlow = 1;\r
\r
			/* it doesn't count if it's the first part of our read\r
			 because it's really just trailing from the last sequence */\r
			if (first && (hithigh || hitlow))\r
				hithigh = hitlow = 0;\r
			else\r
				first = 0;\r
\r
			if (hithigh && hitlow)\r
				break;\r
		}\r
\r
		/* If we didn't hit both high and low peaks, we had a bit transition */\r
		if (!hithigh || !hitlow)\r
			bit ^= 1;\r
\r
		BitStream[bit2idx++] = bit;\r
	}\r
\r
retest:\r
	/* We go till 5 before the graph ends because we'll get that far below */\r
	for (i = 1; i < bit2idx - 5; i++)\r
	{\r
		/* Step 2: We have our header but need our tag ID */\r
		if (header == 9 && rows < 10)\r
		{\r
			/* Confirm parity is correct */\r
			if ((BitStream[i] ^ BitStream[i+1] ^ BitStream[i+2] ^ BitStream[i+3]) == BitStream[i+4])\r
			{\r
				/* Read another byte! */\r
				sprintf(id+rows, "%x", (8 * BitStream[i]) + (4 * BitStream[i+1]) + (2 * BitStream[i+2]) + (1 * BitStream[i+3]));\r
				rows++;\r
\r
				/* Keep parity info */\r
				parity[0] ^= BitStream[i];\r
				parity[1] ^= BitStream[i+1];\r
				parity[2] ^= BitStream[i+2];\r
				parity[3] ^= BitStream[i+3];\r
\r
				/* Move 4 bits ahead */\r
				i += 4;\r
			}\r
\r
			/* Damn, something wrong! reset */\r
			else\r
			{\r
				PrintToScrollback("Thought we had a valid tag but failed at word %d (i=%d)", rows + 1, i);\r
\r
				/* Start back rows * 5 + 9 header bits, -1 to not start at same place */\r
				i -= 9 + (5 * rows) - 5;\r
\r
				rows = header = 0;\r
			}\r
		}\r
\r
		/* Step 3: Got our 40 bits! confirm column parity */\r
		else if (rows == 10)\r
		{\r
			/* We need to make sure our 4 bits of parity are correct and we have a stop bit */\r
			if (BitStream[i] == parity[0] && BitStream[i+1] == parity[1] &&\r
				BitStream[i+2] == parity[2] && BitStream[i+3] == parity[3] &&\r
				BitStream[i+4] == 0)\r
			{\r
				/* Sweet! */\r
				PrintToScrollback("EM410x Tag ID: %s", id);\r
\r
				/* Stop any loops */\r
				go = 0;\r
				return;\r
			}\r
\r
			/* Crap! Incorrect parity or no stop bit, start all over */\r
			else\r
			{\r
				rows = header = 0;\r
\r
				/* Go back 59 bits (9 header bits + 10 rows at 4+1 parity) */\r
				i -= 59;\r
			}\r
		}\r
\r
		/* Step 1: get our header */\r
		else if (header < 9)\r
		{\r
			/* Need 9 consecutive 1's */\r
			if (BitStream[i] == 1)\r
				header++;\r
\r
			/* We don't have a header, not enough consecutive 1 bits */\r
			else\r
				header = 0;\r
		}\r
	}\r
\r
	/* if we've already retested after flipping bits, return */\r
	if (retested++)\r
		return;\r
\r
	/* if this didn't work, try flipping bits */\r
	for (i = 0; i < bit2idx; i++)\r
		BitStream[i] ^= 1;\r
\r
	goto retest;\r
}\r
\r
/* emulate an EM410X tag\r
 * Format:\r
 *   1111 1111 1           <-- standard non-repeatable header\r
 *   XXXX [row parity bit] <-- 10 rows of 5 bits for our 40 bit tag ID\r
 *   ....\r
 *   CCCC                  <-- each bit here is parity for the 10 bits above in corresponding column\r
 *   0                     <-- stop bit, end of tag\r
 */\r
static void CmdEM410xsim(char *str)\r
{\r
	int i, n, j, h, binary[4], parity[4];\r
	char *s = "0";\r
\r
	/* clock is 64 in EM410x tags */\r
	int clock = 64;\r
\r
	/* clear our graph */\r
	CmdClearGraph(0);\r
\r
	/* write it out a few times */\r
	for (h = 0; h < 4; h++)\r
	{\r
		/* write 9 start bits */\r
		for (i = 0; i < 9; i++)\r
			CmdAppendGraph(0, clock, 1);\r
\r
		/* for each hex char */\r
		parity[0] = parity[1] = parity[2] = parity[3] = 0;\r
		for (i = 0; i < 10; i++)\r
		{\r
			/* read each hex char */\r
			sscanf(&str[i], "%1x", &n);\r
			for (j = 3; j >= 0; j--, n/= 2)\r
				binary[j] = n % 2;\r
\r
			/* append each bit */\r
			CmdAppendGraph(0, clock, binary[0]);\r
			CmdAppendGraph(0, clock, binary[1]);\r
			CmdAppendGraph(0, clock, binary[2]);\r
			CmdAppendGraph(0, clock, binary[3]);\r
\r
			/* append parity bit */\r
			CmdAppendGraph(0, clock, binary[0] ^ binary[1] ^ binary[2] ^ binary[3]);\r
\r
			/* keep track of column parity */\r
			parity[0] ^= binary[0];\r
			parity[1] ^= binary[1];\r
			parity[2] ^= binary[2];\r
			parity[3] ^= binary[3];\r
		}\r
\r
		/* parity columns */\r
		CmdAppendGraph(0, clock, parity[0]);\r
		CmdAppendGraph(0, clock, parity[1]);\r
		CmdAppendGraph(0, clock, parity[2]);\r
		CmdAppendGraph(0, clock, parity[3]);\r
\r
		/* stop bit */\r
		CmdAppendGraph(0, clock, 0);\r
	}\r
\r
	/* modulate that biatch */\r
	Cmdmanchestermod(s);\r
\r
	/* booyah! */\r
	RepaintGraphWindow();\r
\r
	CmdLosim(s);\r
}\r
\r
static void ChkBitstream(char *str)\r
{\r
	int i;\r
\r
	/* convert to bitstream if necessary */\r
	for (i = 0; i < (int)(GraphTraceLen / 2); i++)\r
	{\r
		if (GraphBuffer[i] > 1 || GraphBuffer[i] < 0)\r
		{\r
			Cmdbitstream(str);\r
			break;\r
		}\r
	}\r
}\r
\r
static void CmdLosim(char *str)\r
{\r
	int i;\r
\r
	/* convert to bitstream if necessary */\r
	ChkBitstream(str);\r
\r
	for (i = 0; i < GraphTraceLen; i += 48) {\r
		UsbCommand c;\r
		int j;\r
		for(j = 0; j < 48; j++) {\r
			c.d.asBytes[j] = GraphBuffer[i+j];\r
		}\r
		c.cmd = CMD_DOWNLOADED_SIM_SAMPLES_125K;\r
		c.ext1 = i;\r
		SendCommand(&c, FALSE);\r
	}\r
\r
	UsbCommand c;\r
	c.cmd = CMD_SIMULATE_TAG_125K;\r
	c.ext1 = GraphTraceLen;\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdLosimBidir(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_LF_SIMULATE_BIDIR;\r
	c.ext1 = 47; /* Set ADC to twice the carrier for a slight supersampling */\r
	c.ext2 = 384;\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdLoread(char *str)\r
{\r
	UsbCommand c;\r
	// 'h' means higher-low-frequency, 134 kHz\r
	if(*str == 'h') {\r
		c.ext1 = 1;\r
	} else if (*str == '\0') {\r
		c.ext1 = 0;\r
	} else {\r
		PrintToScrollback("use 'loread' or 'loread h'");\r
		return;\r
	}\r
	c.cmd = CMD_ACQUIRE_RAW_ADC_SAMPLES_125K;\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdDetectReader(char *str)\r
{\r
	UsbCommand c;\r
	// 'l' means LF - 125/134 kHz\r
	if(*str == 'l') {\r
		c.ext1 = 1;\r
	} else if (*str == 'h') {\r
		c.ext1 = 2;\r
	} else if (*str != '\0') {\r
		PrintToScrollback("use 'detectreader' or 'detectreader l' or 'detectreader h'");\r
		return;\r
	}\r
	c.cmd = CMD_LISTEN_READER_FIELD;\r
	 SendCommand(&c, FALSE);\r
}\r
\r
/* send a command before reading */\r
static void CmdLoCommandRead(char *str)\r
{\r
	static char dummy[3];\r
\r
	dummy[0]= ' ';\r
\r
	UsbCommand c;\r
	c.cmd = CMD_MOD_THEN_ACQUIRE_RAW_ADC_SAMPLES_125K;\r
	sscanf(str, "%i %i %i %s %s", &c.ext1, &c.ext2, &c.ext3, (char *) &c.d.asBytes,(char *) &dummy+1);\r
	// in case they specified 'h'\r
	strcpy((char *)&c.d.asBytes + strlen((char *)c.d.asBytes), dummy);\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdLosamples(char *str)\r
{\r
	int cnt = 0;\r
	int i;\r
	int n;\r
\r
	n=atoi(str);\r
	if (n==0) n=128;\r
	if (n>16000) n=16000;\r
\r
	for(i = 0; i < n; i += 12) {\r
		UsbCommand c;\r
		c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;\r
		c.ext1 = i;\r
		SendCommand(&c, FALSE);\r
		ReceiveCommand(&c);\r
		if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {\r
			if (!go)\r
				PrintToScrollback("bad resp");\r
			return;\r
		}\r
		int j;\r
		for(j = 0; j < 48; j++) {\r
			GraphBuffer[cnt++] = ((int)c.d.asBytes[j]) - 128;\r
		}\r
	}\r
	GraphTraceLen = n*4;\r
	RepaintGraphWindow();\r
}\r
\r
static void CmdBitsamples(char *str)\r
{\r
	int cnt = 0;\r
	int i;\r
	int n;\r
\r
	n = 3072;\r
	for(i = 0; i < n; i += 12) {\r
		UsbCommand c;\r
		c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;\r
		c.ext1 = i;\r
		SendCommand(&c, FALSE);\r
		ReceiveCommand(&c);\r
		if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {\r
			PrintToScrollback("bad resp");\r
			return;\r
		}\r
		int j, k;\r
		for(j = 0; j < 48; j++) {\r
			for(k = 0; k < 8; k++) {\r
				if(c.d.asBytes[j] & (1 << (7 - k))) {\r
					GraphBuffer[cnt++] = 1;\r
				} else {\r
					GraphBuffer[cnt++] = 0;\r
				}\r
			}\r
		}\r
	}\r
	GraphTraceLen = cnt;\r
	RepaintGraphWindow();\r
}\r
\r
static void CmdHisamples(char *str)\r
{\r
	int cnt = 0;\r
	int i;\r
	int n;\r
	n = 1000;\r
	for(i = 0; i < n; i += 12) {\r
		UsbCommand c;\r
		c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;\r
		c.ext1 = i;\r
		SendCommand(&c, FALSE);\r
		ReceiveCommand(&c);\r
		if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {\r
			PrintToScrollback("bad resp");\r
			return;\r
		}\r
		int j;\r
		for(j = 0; j < 48; j++) {\r
			GraphBuffer[cnt++] = (int)((BYTE)c.d.asBytes[j]);\r
		}\r
	}\r
	GraphTraceLen = n*4;\r
\r
	RepaintGraphWindow();\r
}\r
\r
static int CmdHisamplest(char *str, int nrlow)\r
{\r
	int cnt = 0;\r
	int t1, t2;\r
	int i;\r
	int n;\r
	int hasbeennull;\r
	int show;\r
\r
\r
	n = 1000;\r
	hasbeennull = 0;\r
	for(i = 0; i < n; i += 12) {\r
		UsbCommand c;\r
		c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;\r
		c.ext1 = i;\r
		SendCommand(&c, FALSE);\r
		ReceiveCommand(&c);\r
		if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {\r
			PrintToScrollback("bad resp");\r
			return 0;\r
		}\r
		int j;\r
		for(j = 0; j < 48; j++) {\r
			t2 = (int)((BYTE)c.d.asBytes[j]);\r
			if((t2 ^ 0xC0) & 0xC0) { hasbeennull++; }\r
\r
			show = 0;\r
			switch(show) {\r
				case 0:\r
					// combined\r
					t1 = (t2 & 0x80) ^ (t2 & 0x20);\r
					t2 = ((t2 << 1) & 0x80) ^ ((t2 << 1) & 0x20);\r
					break;\r
\r
				case 1:\r
					// only reader\r
					t1 = (t2 & 0x80);\r
					t2 = ((t2 << 1) & 0x80);\r
					break;\r
\r
				case 2:\r
					// only tag\r
					t1 = (t2 & 0x20);\r
					t2 = ((t2 << 1) & 0x20);\r
					break;\r
\r
				case 3:\r
					// both, but tag with other algorithm\r
					t1 = (t2 & 0x80) ^ (t2 & 0x08);\r
					t2 = ((t2 << 1) & 0x80) ^ ((t2 << 1) & 0x08);\r
					break;\r
			}\r
\r
			GraphBuffer[cnt++] = t1;\r
			GraphBuffer[cnt++] = t2;\r
		}\r
	}\r
	GraphTraceLen = n*4;\r
// 1130\r
	if(hasbeennull>nrlow || nrlow==0) {\r
		PrintToScrollback("hasbeennull=%d", hasbeennull);\r
		return 1;\r
	}\r
	else {\r
		return 0;\r
	}\r
}\r
\r
\r
static void CmdHexsamples(char *str)\r
{\r
	int i;\r
	int n;\r
\r
	if(atoi(str) == 0) {\r
		n = 12;\r
	} else {\r
		n = atoi(str)/4;\r
	}\r
\r
	for(i = 0; i < n; i += 12) {\r
		UsbCommand c;\r
		c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;\r
		c.ext1 = i;\r
		SendCommand(&c, FALSE);\r
		ReceiveCommand(&c);\r
		if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {\r
			PrintToScrollback("bad resp");\r
			return;\r
		}\r
		int j;\r
		for(j = 0; j < 48; j += 8) {\r
			PrintToScrollback("%02x %02x %02x %02x %02x %02x %02x %02x",\r
				c.d.asBytes[j+0],\r
				c.d.asBytes[j+1],\r
				c.d.asBytes[j+2],\r
				c.d.asBytes[j+3],\r
				c.d.asBytes[j+4],\r
				c.d.asBytes[j+5],\r
				c.d.asBytes[j+6],\r
				c.d.asBytes[j+7],\r
				c.d.asBytes[j+8]\r
			);\r
		}\r
	}\r
}\r
\r
static void CmdHisampless(char *str)\r
{\r
	int cnt = 0;\r
	int i;\r
	int n;\r
\r
	if(atoi(str) == 0) {\r
		n = 1000;\r
	} else {\r
		n = atoi(str)/4;\r
	}\r
\r
	for(i = 0; i < n; i += 12) {\r
		UsbCommand c;\r
		c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;\r
		c.ext1 = i;\r
		SendCommand(&c, FALSE);\r
		ReceiveCommand(&c);\r
		if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {\r
			PrintToScrollback("bad resp");\r
			return;\r
		}\r
		int j;\r
		for(j = 0; j < 48; j++) {\r
			GraphBuffer[cnt++] = (int)((signed char)c.d.asBytes[j]);\r
		}\r
	}\r
	GraphTraceLen = cnt;\r
\r
	RepaintGraphWindow();\r
}\r
\r
static WORD Iso15693Crc(BYTE *v, int n)\r
{\r
	DWORD reg;\r
	int i, j;\r
\r
	reg = 0xffff;\r
	for(i = 0; i < n; i++) {\r
		reg = reg ^ ((DWORD)v[i]);\r
		for (j = 0; j < 8; j++) {\r
			if (reg & 0x0001) {\r
				reg = (reg >> 1) ^ 0x8408;\r
			} else {\r
				reg = (reg >> 1);\r
			}\r
		}\r
	}\r
\r
	return (WORD)~reg;\r
}\r
\r
static void CmdHi14bdemod(char *str)\r
{\r
	int i, j, iold;\r
	int isum, qsum;\r
	int outOfWeakAt;\r
	BOOL negateI, negateQ;\r
\r
	BYTE data[256];\r
	int dataLen=0;\r
\r
	// As received, the samples are pairs, correlations against I and Q\r
	// square waves. So estimate angle of initial carrier (or just\r
	// quadrant, actually), and then do the demod.\r
\r
	// First, estimate where the tag starts modulating.\r
	for(i = 0; i < GraphTraceLen; i += 2) {\r
		if(abs(GraphBuffer[i]) + abs(GraphBuffer[i+1]) > 40) {\r
			break;\r
		}\r
	}\r
	if(i >= GraphTraceLen) {\r
		PrintToScrollback("too weak to sync");\r
		return;\r
	}\r
	PrintToScrollback("out of weak at %d", i);\r
	outOfWeakAt = i;\r
\r
	// Now, estimate the phase in the initial modulation of the tag\r
	isum = 0;\r
	qsum = 0;\r
	for(; i < (outOfWeakAt + 16); i += 2) {\r
		isum += GraphBuffer[i+0];\r
		qsum += GraphBuffer[i+1];\r
	}\r
	negateI = (isum < 0);\r
	negateQ = (qsum < 0);\r
\r
	// Turn the correlation pairs into soft decisions on the bit.\r
	j = 0;\r
	for(i = 0; i < GraphTraceLen/2; i++) {\r
		int si = GraphBuffer[j];\r
		int sq = GraphBuffer[j+1];\r
		if(negateI) si = -si;\r
		if(negateQ) sq = -sq;\r
		GraphBuffer[i] = si + sq;\r
		j += 2;\r
	}\r
	GraphTraceLen = i;\r
\r
	i = outOfWeakAt/2;\r
	while(GraphBuffer[i] > 0 && i < GraphTraceLen)\r
		i++;\r
	if(i >= GraphTraceLen) goto demodError;\r
\r
	iold = i;\r
	while(GraphBuffer[i] < 0 && i < GraphTraceLen)\r
		i++;\r
	if(i >= GraphTraceLen) goto demodError;\r
	if((i - iold) > 23) goto demodError;\r
\r
	PrintToScrollback("make it to demod loop");\r
\r
	for(;;) {\r
		iold = i;\r
		while(GraphBuffer[i] >= 0 && i < GraphTraceLen)\r
			i++;\r
		if(i >= GraphTraceLen) goto demodError;\r
		if((i - iold) > 6) goto demodError;\r
\r
		WORD shiftReg = 0;\r
		if(i + 20 >= GraphTraceLen) goto demodError;\r
\r
		for(j = 0; j < 10; j++) {\r
			int soft = GraphBuffer[i] + GraphBuffer[i+1];\r
\r
			if(abs(soft) < ((abs(isum) + abs(qsum))/20)) {\r
				PrintToScrollback("weak bit");\r
			}\r
\r
			shiftReg >>= 1;\r
			if(GraphBuffer[i] + GraphBuffer[i+1] >= 0) {\r
				shiftReg |= 0x200;\r
			}\r
\r
			i+= 2;\r
		}\r
\r
		if( (shiftReg & 0x200) &&\r
			!(shiftReg & 0x001))\r
		{\r
			// valid data byte, start and stop bits okay\r
			PrintToScrollback("   %02x", (shiftReg >> 1) & 0xff);\r
			data[dataLen++] = (shiftReg >> 1) & 0xff;\r
			if(dataLen >= sizeof(data)) {\r
				return;\r
			}\r
		} else if(shiftReg == 0x000) {\r
			// this is EOF\r
			break;\r
		} else {\r
			goto demodError;\r
		}\r
	}\r
\r
	BYTE first, second;\r
	ComputeCrc14443(CRC_14443_B, data, dataLen-2, &first, &second);\r
	PrintToScrollback("CRC: %02x %02x (%s)\n", first, second,\r
		(first == data[dataLen-2] && second == data[dataLen-1]) ?\r
			"ok" : "****FAIL****");\r
\r
	RepaintGraphWindow();\r
	return;\r
\r
demodError:\r
	PrintToScrollback("demod error");\r
	RepaintGraphWindow();\r
}\r
\r
static void CmdHi14list(char *str)\r
{\r
	BYTE got[960];\r
	GetFromBigBuf(got, sizeof(got));\r
\r
	PrintToScrollback("recorded activity:");\r
	PrintToScrollback(" time	:rssi: who bytes");\r
	PrintToScrollback("---------+----+----+-----------");\r
\r
	int i = 0;\r
	int prev = -1;\r
\r
	for(;;) {\r
		if(i >= 900) {\r
			break;\r
		}\r
\r
		BOOL isResponse;\r
		int timestamp = *((DWORD *)(got+i));\r
		if(timestamp & 0x80000000) {\r
			timestamp &= 0x7fffffff;\r
			isResponse = 1;\r
		} else {\r
			isResponse = 0;\r
		}\r
		int metric = *((DWORD *)(got+i+4));\r
\r
		int len = got[i+8];\r
\r
		if(len > 100) {\r
			break;\r
		}\r
		if(i + len >= 900) {\r
			break;\r
		}\r
\r
		BYTE *frame = (got+i+9);\r
\r
		char line[1000] = "";\r
		int j;\r
		for(j = 0; j < len; j++) {\r
			sprintf(line+(j*3), "%02x  ", frame[j]);\r
		}\r
\r
		char *crc;\r
		if(len > 2) {\r
			BYTE b1, b2;\r
			ComputeCrc14443(CRC_14443_B, frame, len-2, &b1, &b2);\r
			if(b1 != frame[len-2] || b2 != frame[len-1]) {\r
				crc = "**FAIL CRC**";\r
			} else {\r
				crc = "";\r
			}\r
		} else {\r
			crc = "(SHORT)";\r
		}\r
\r
		char metricString[100];\r
		if(isResponse) {\r
			sprintf(metricString, "%3d", metric);\r
		} else {\r
			strcpy(metricString, "   ");\r
		}\r
\r
		PrintToScrollback(" +%7d: %s: %s %s %s",\r
			(prev < 0 ? 0 : timestamp - prev),\r
			metricString,\r
			(isResponse ? "TAG" : "   "), line, crc);\r
\r
		prev = timestamp;\r
		i += (len + 9);\r
	}\r
}\r
\r
static void CmdHi14alist(char *str)\r
{\r
	BYTE got[1920];\r
	GetFromBigBuf(got, sizeof(got));\r
\r
	PrintToScrollback("recorded activity:");\r
	PrintToScrollback(" ETU     :rssi: who bytes");\r
	PrintToScrollback("---------+----+----+-----------");\r
\r
	int i = 0;\r
	int prev = -1;\r
\r
	for(;;) {\r
		if(i >= 1900) {\r
			break;\r
		}\r
\r
		BOOL isResponse;\r
		int timestamp = *((DWORD *)(got+i));\r
		if(timestamp & 0x80000000) {\r
			timestamp &= 0x7fffffff;\r
			isResponse = 1;\r
		} else {\r
			isResponse = 0;\r
		}\r
\r
		int metric = 0;\r
		int parityBits = *((DWORD *)(got+i+4));\r
		// 4 bytes of additional information...\r
		// maximum of 32 additional parity bit information\r
		//\r
		// TODO:\r
		// at each quarter bit period we can send power level (16 levels)\r
		// or each half bit period in 256 levels.\r
\r
\r
		int len = got[i+8];\r
\r
		if(len > 100) {\r
			break;\r
		}\r
		if(i + len >= 1900) {\r
			break;\r
		}\r
\r
		BYTE *frame = (got+i+9);\r
\r
		// Break and stick with current result if buffer was not completely full\r
		if(frame[0] == 0x44 && frame[1] == 0x44 && frame[3] == 0x44) { break; }\r
\r
		char line[1000] = "";\r
		int j;\r
		for(j = 0; j < len; j++) {\r
			int oddparity = 0x01;\r
			int k;\r
\r
			for(k=0;k<8;k++) {\r
				oddparity ^= (((frame[j] & 0xFF) >> k) & 0x01);\r
			}\r
\r
			//if((parityBits >> (len - j - 1)) & 0x01) {\r
			if(isResponse && (oddparity != ((parityBits >> (len - j - 1)) & 0x01))) {\r
				sprintf(line+(j*4), "%02x!  ", frame[j]);\r
			}\r
			else {\r
				sprintf(line+(j*4), "%02x   ", frame[j]);\r
			}\r
		}\r
\r
		char *crc;\r
		crc = "";\r
		if(len > 2) {\r
			BYTE b1, b2;\r
			for(j = 0; j < (len - 1); j++) {\r
				// gives problems... search for the reason..\r
				/*if(frame[j] == 0xAA) {\r
					switch(frame[j+1]) {\r
						case 0x01:\r
							crc = "[1] Two drops close after each other";\r
						break;\r
						case 0x02:\r
							crc = "[2] Potential SOC with a drop in second half of bitperiod";\r
							break;\r
						case 0x03:\r
							crc = "[3] Segment Z after segment X is not possible";\r
							break;\r
						case 0x04:\r
							crc = "[4] Parity bit of a fully received byte was wrong";\r
							break;\r
						default:\r
							crc = "[?] Unknown error";\r
							break;\r
					}\r
					break;\r
				}*/\r
			}\r
\r
			if(strlen(crc)==0) {\r
				ComputeCrc14443(CRC_14443_A, frame, len-2, &b1, &b2);\r
				if(b1 != frame[len-2] || b2 != frame[len-1]) {\r
					crc = (isResponse & (len < 6)) ? "" : "	!crc";\r
				} else {\r
					crc = "";\r
				}\r
			}\r
		} else {\r
			crc = ""; // SHORT\r
		}\r
\r
		char metricString[100];\r
		if(isResponse) {\r
			sprintf(metricString, "%3d", metric);\r
		} else {\r
			strcpy(metricString, "   ");\r
		}\r
\r
		PrintToScrollback(" +%7d: %s: %s %s %s",\r
			(prev < 0 ? 0 : (timestamp - prev)),\r
			metricString,\r
			(isResponse ? "TAG" : "   "), line, crc);\r
\r
		prev = timestamp;\r
		i += (len + 9);\r
	}\r
	CommandFinished = 1;\r
}\r
\r
static void CmdHi15demod(char *str)\r
{\r
	// The sampling rate is 106.353 ksps/s, for T = 18.8 us\r
\r
	// SOF defined as\r
	// 1) Unmodulated time of 56.64us\r
	// 2) 24 pulses of 423.75khz\r
	// 3) logic '1' (unmodulated for 18.88us followed by 8 pulses of 423.75khz)\r
\r
	static const int FrameSOF[] = {\r
		-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,\r
		-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,\r
		 1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,\r
		 1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,\r
		-1, -1, -1, -1,\r
		-1, -1, -1, -1,\r
		 1,  1,  1,  1,\r
		 1,  1,  1,  1\r
	};\r
	static const int Logic0[] = {\r
		 1,  1,  1,  1,\r
		 1,  1,  1,  1,\r
		-1, -1, -1, -1,\r
		-1, -1, -1, -1\r
	};\r
	static const int Logic1[] = {\r
		-1, -1, -1, -1,\r
		-1, -1, -1, -1,\r
		 1,  1,  1,  1,\r
		 1,  1,  1,  1\r
	};\r
\r
	// EOF defined as\r
	// 1) logic '0' (8 pulses of 423.75khz followed by unmodulated for 18.88us)\r
	// 2) 24 pulses of 423.75khz\r
	// 3) Unmodulated time of 56.64us\r
\r
	static const int FrameEOF[] = {\r
		 1,  1,  1,  1,\r
		 1,  1,  1,  1,\r
		-1, -1, -1, -1,\r
		-1, -1, -1, -1,\r
		 1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,\r
		 1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,\r
		-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,\r
		-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1\r
	};\r
\r
	int i, j;\r
	int max = 0, maxPos;\r
\r
	int skip = 4;\r
\r
	if(GraphTraceLen < 1000) return;\r
\r
	// First, correlate for SOF\r
	for(i = 0; i < 100; i++) {\r
		int corr = 0;\r
		for(j = 0; j < arraylen(FrameSOF); j += skip) {\r
			corr += FrameSOF[j]*GraphBuffer[i+(j/skip)];\r
		}\r
		if(corr > max) {\r
			max = corr;\r
			maxPos = i;\r
		}\r
	}\r
	PrintToScrollback("SOF at %d, correlation %d", maxPos,\r
		max/(arraylen(FrameSOF)/skip));\r
\r
	i = maxPos + arraylen(FrameSOF)/skip;\r
	int k = 0;\r
	BYTE outBuf[20];\r
	memset(outBuf, 0, sizeof(outBuf));\r
	BYTE mask = 0x01;\r
	for(;;) {\r
		int corr0 = 0, corr1 = 0, corrEOF = 0;\r
		for(j = 0; j < arraylen(Logic0); j += skip) {\r
			corr0 += Logic0[j]*GraphBuffer[i+(j/skip)];\r
		}\r
		for(j = 0; j < arraylen(Logic1); j += skip) {\r
			corr1 += Logic1[j]*GraphBuffer[i+(j/skip)];\r
		}\r
		for(j = 0; j < arraylen(FrameEOF); j += skip) {\r
			corrEOF += FrameEOF[j]*GraphBuffer[i+(j/skip)];\r
		}\r
		// Even things out by the length of the target waveform.\r
		corr0 *= 4;\r
		corr1 *= 4;\r
\r
		if(corrEOF > corr1 && corrEOF > corr0) {\r
			PrintToScrollback("EOF at %d", i);\r
			break;\r
		} else if(corr1 > corr0) {\r
			i += arraylen(Logic1)/skip;\r
			outBuf[k] |= mask;\r
		} else {\r
			i += arraylen(Logic0)/skip;\r
		}\r
		mask <<= 1;\r
		if(mask == 0) {\r
			k++;\r
			mask = 0x01;\r
		}\r
		if((i+(int)arraylen(FrameEOF)) >= GraphTraceLen) {\r
			PrintToScrollback("ran off end!");\r
			break;\r
		}\r
	}\r
	if(mask != 0x01) {\r
		PrintToScrollback("error, uneven octet! (discard extra bits!)");\r
		PrintToScrollback("   mask=%02x", mask);\r
	}\r
	PrintToScrollback("%d octets", k);\r
\r
	for(i = 0; i < k; i++) {\r
		PrintToScrollback("# %2d: %02x ", i, outBuf[i]);\r
	}\r
	PrintToScrollback("CRC=%04x", Iso15693Crc(outBuf, k-2));\r
}\r
\r
static void CmdFSKdemod(char *cmdline)\r
{\r
	static const int LowTone[]  = {\r
		1,  1,  1,  1,  1, -1, -1, -1, -1, -1,\r
		1,  1,  1,  1,  1, -1, -1, -1, -1, -1,\r
		1,  1,  1,  1,  1, -1, -1, -1, -1, -1,\r
		1,  1,  1,  1,  1, -1, -1, -1, -1, -1,\r
		1,  1,  1,  1,  1, -1, -1, -1, -1, -1\r
	};\r
	static const int HighTone[] = {\r
		1,  1,  1,  1,  1,     -1, -1, -1, -1,\r
		1,  1,  1,  1,         -1, -1, -1, -1,\r
		1,  1,  1,  1,         -1, -1, -1, -1,\r
		1,  1,  1,  1,         -1, -1, -1, -1,\r
		1,  1,  1,  1,         -1, -1, -1, -1,\r
		1,  1,  1,  1,     -1, -1, -1, -1, -1,\r
	};\r
\r
	int lowLen = sizeof(LowTone)/sizeof(int);\r
	int highLen = sizeof(HighTone)/sizeof(int);\r
	int convLen = (highLen>lowLen)?highLen:lowLen;\r
	DWORD hi = 0, lo = 0;\r
\r
	int i, j;\r
	int minMark=0, maxMark=0;\r
\r
	for(i = 0; i < GraphTraceLen - convLen; i++) {\r
		int lowSum = 0, highSum = 0;\r
\r
		for(j = 0; j < lowLen; j++) {\r
			lowSum += LowTone[j]*GraphBuffer[i+j];\r
		}\r
		for(j = 0; j < highLen; j++) {\r
			highSum += HighTone[j]*GraphBuffer[i+j];\r
		}\r
		lowSum = abs((100*lowSum) / lowLen);\r
		highSum = abs((100*highSum) / highLen);\r
		GraphBuffer[i] = (highSum << 16) | lowSum;\r
	}\r
\r
	for(i = 0; i < GraphTraceLen - convLen - 16; i++) {\r
		int j;\r
		int lowTot = 0, highTot = 0;\r
		// 10 and 8 are f_s divided by f_l and f_h, rounded\r
		for(j = 0; j < 10; j++) {\r
			lowTot += (GraphBuffer[i+j] & 0xffff);\r
		}\r
		for(j = 0; j < 8; j++) {\r
			highTot += (GraphBuffer[i+j] >> 16);\r
		}\r
		GraphBuffer[i] = lowTot - highTot;\r
		if (GraphBuffer[i]>maxMark) maxMark=GraphBuffer[i];\r
		if (GraphBuffer[i]<minMark) minMark=GraphBuffer[i];\r
	}\r
\r
	GraphTraceLen -= (convLen + 16);\r
\r
	RepaintGraphWindow();\r
\r
	// Find bit-sync (3 lo followed by 3 high)\r
	int max = 0, maxPos = 0;\r
	for(i = 0; i < 6000; i++) {\r
		int dec = 0;\r
		for(j = 0; j < 3*lowLen; j++) {\r
			dec -= GraphBuffer[i+j];\r
		}\r
		for(; j < 3*(lowLen + highLen ); j++) {\r
			dec += GraphBuffer[i+j];\r
		}\r
		if(dec > max) {\r
			max = dec;\r
			maxPos = i;\r
		}\r
	}\r
\r
	// place start of bit sync marker in graph\r
	GraphBuffer[maxPos] = maxMark;\r
	GraphBuffer[maxPos+1] = minMark;\r
\r
	maxPos += j;\r
\r
	// place end of bit sync marker in graph\r
	GraphBuffer[maxPos] = maxMark;\r
	GraphBuffer[maxPos+1] = minMark;\r
\r
	PrintToScrollback("actual data bits start at sample %d", maxPos);\r
	PrintToScrollback("length %d/%d", highLen, lowLen);\r
\r
	BYTE bits[46];\r
	bits[sizeof(bits)-1] = '\0';\r
\r
	// find bit pairs and manchester decode them\r
	for(i = 0; i < arraylen(bits)-1; i++) {\r
		int dec = 0;\r
		for(j = 0; j < lowLen; j++) {\r
			dec -= GraphBuffer[maxPos+j];\r
		}\r
		for(; j < lowLen + highLen; j++) {\r
			dec += GraphBuffer[maxPos+j];\r
		}\r
		maxPos += j;\r
		// place inter bit marker in graph\r
		GraphBuffer[maxPos] = maxMark;\r
		GraphBuffer[maxPos+1] = minMark;\r
\r
		// hi and lo form a 64 bit pair\r
		hi = (hi<<1)|(lo>>31);\r
		lo = (lo<<1);\r
		// store decoded bit as binary (in hi/lo) and text (in bits[])\r
		if(dec<0) {\r
			bits[i] = '1';\r
			lo|=1;\r
		} else {\r
			bits[i] = '0';\r
		}\r
	}\r
	PrintToScrollback("bits: '%s'", bits);\r
	PrintToScrollback("hex: %08x %08x", hi, lo);\r
}\r
\r
// read a TI tag and return its ID\r
static void CmdTIRead(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_READ_TI_TYPE;\r
	SendCommand(&c, FALSE);\r
}\r
\r
// write new data to a r/w TI tag\r
static void CmdTIWrite(char *str)\r
{\r
	UsbCommand c;\r
	int res=0;\r
\r
	c.cmd = CMD_WRITE_TI_TYPE;\r
	res = sscanf(str, "0x%x 0x%x 0x%x ", &c.ext1, &c.ext2, &c.ext3);\r
	if (res == 2) c.ext3=0;\r
	if (res<2)\r
		PrintToScrollback("Please specify the data as two hex strings, optionally the CRC as a third");\r
	else\r
		SendCommand(&c, FALSE);\r
}\r
\r
static void CmdTIDemod(char *cmdline)\r
{\r
	/* MATLAB as follows:\r
f_s = 2000000;  % sampling frequency\r
f_l = 123200;   % low FSK tone\r
f_h = 134200;   % high FSK tone\r
\r
T_l = 119e-6;   % low bit duration\r
T_h = 130e-6;   % high bit duration\r
\r
l = 2*pi*ones(1, floor(f_s*T_l))*(f_l/f_s);\r
h = 2*pi*ones(1, floor(f_s*T_h))*(f_h/f_s);\r
\r
l = sign(sin(cumsum(l)));\r
h = sign(sin(cumsum(h)));\r
	*/\r
\r
// 2M*16/134.2k = 238\r
 static const int LowTone[] = {\r
	1, 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1,		 -1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1,		 -1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1,		 -1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1,		 -1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1,		 -1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1,		 -1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1,		 -1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1,		 -1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1,		 -1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1,		 -1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1,		 -1, -1\r
 };\r
// 2M*16/123.2k = 260\r
 static const int HighTone[] = {\r
	1, 1, 1, 1, 1, 1, 1, 1,		-1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1,		-1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1,			-1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1,			-1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1,			-1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1,			-1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1,		-1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1,		-1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1,			-1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1,			-1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1,			-1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1,		-1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1,		-1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1,		-1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1,			-1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1,			-1, -1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1,			-1, -1, -1, -1, -1, -1, -1,\r
	1, 1, 1, 1, 1, 1, 1, 1\r
 };\r
	int lowLen = sizeof(LowTone)/sizeof(int);\r
	int highLen = sizeof(HighTone)/sizeof(int);\r
	int convLen = (highLen>lowLen)?highLen:lowLen;\r
	WORD crc;\r
	int i, j, TagType;\r
	int lowSum = 0, highSum = 0;;\r
	int lowTot = 0, highTot = 0;\r
\r
	for(i = 0; i < GraphTraceLen - convLen; i++) {\r
		lowSum = 0;\r
		highSum = 0;;\r
\r
		for(j = 0; j < lowLen; j++) {\r
			lowSum += LowTone[j]*GraphBuffer[i+j];\r
		}\r
		for(j = 0; j < highLen; j++) {\r
			highSum += HighTone[j]*GraphBuffer[i+j];\r
		}\r
		lowSum = abs((100*lowSum) / lowLen);\r
		highSum = abs((100*highSum) / highLen);\r
		lowSum = (lowSum<0)?-lowSum:lowSum;\r
		highSum = (highSum<0)?-highSum:highSum;\r
\r
		GraphBuffer[i] = (highSum << 16) | lowSum;\r
	}\r
\r
	for(i = 0; i < GraphTraceLen - convLen - 16; i++) {\r
		lowTot = 0;\r
		highTot = 0;\r
		// 16 and 15 are f_s divided by f_l and f_h, rounded\r
		for(j = 0; j < 16; j++) {\r
			lowTot += (GraphBuffer[i+j] & 0xffff);\r
		}\r
		for(j = 0; j < 15; j++) {\r
			highTot += (GraphBuffer[i+j] >> 16);\r
		}\r
		GraphBuffer[i] = lowTot - highTot;\r
	}\r
\r
	GraphTraceLen -= (convLen + 16);\r
\r
	RepaintGraphWindow();\r
\r
	// TI tag data format is 16 prebits, 8 start bits, 64 data bits,\r
	// 16 crc CCITT bits, 8 stop bits, 15 end bits\r
\r
	// the 16 prebits are always low\r
	// the 8 start and stop bits of a tag must match\r
	// the start/stop prebits of a ro tag are 01111110\r
	// the start/stop prebits of a rw tag are 11111110\r
  // the 15 end bits of a ro tag are all low\r
  // the 15 end bits of a rw tag match bits 15-1 of the data bits\r
\r
	// Okay, so now we have unsliced soft decisions;\r
	// find bit-sync, and then get some bits.\r
	// look for 17 low bits followed by 6 highs (common pattern for ro and rw tags)\r
	int max = 0, maxPos = 0;\r
	for(i = 0; i < 6000; i++) {\r
		int j;\r
		int dec = 0;\r
		// searching 17 consecutive lows\r
		for(j = 0; j < 17*lowLen; j++) {\r
			dec -= GraphBuffer[i+j];\r
		}\r
		// searching 7 consecutive highs\r
		for(; j < 17*lowLen + 6*highLen; j++) {\r
			dec += GraphBuffer[i+j];\r
		}\r
		if(dec > max) {\r
			max = dec;\r
			maxPos = i;\r
		}\r
	}\r
\r
	// place a marker in the buffer to visually aid location\r
	// of the start of sync\r
	GraphBuffer[maxPos] = 800;\r
	GraphBuffer[maxPos+1] = -800;\r
\r
	// advance pointer to start of actual data stream (after 16 pre and 8 start bits)\r
	maxPos += 17*lowLen;\r
	maxPos += 6*highLen;\r
\r
	// place a marker in the buffer to visually aid location\r
	// of the end of sync\r
	GraphBuffer[maxPos] = 800;\r
	GraphBuffer[maxPos+1] = -800;\r
\r
	PrintToScrollback("actual data bits start at sample %d", maxPos);\r
\r
	PrintToScrollback("length %d/%d", highLen, lowLen);\r
\r
	BYTE bits[1+64+16+8+16];\r
	bits[sizeof(bits)-1] = '\0';\r
\r
	DWORD shift3 = 0x7e000000, shift2 = 0, shift1 = 0, shift0 = 0;\r
\r
	for(i = 0; i < arraylen(bits)-1; i++) {\r
		int high = 0;\r
		int low = 0;\r
		int j;\r
		for(j = 0; j < lowLen; j++) {\r
			low -= GraphBuffer[maxPos+j];\r
		}\r
		for(j = 0; j < highLen; j++) {\r
			high += GraphBuffer[maxPos+j];\r
		}\r
\r
		if(high > low) {\r
			bits[i] = '1';\r
			maxPos += highLen;\r
			// bitstream arrives lsb first so shift right\r
			shift3 |= (1<<31);\r
		} else {\r
			bits[i] = '.';\r
			maxPos += lowLen;\r
		}\r
\r
		// 128 bit right shift register\r
	  shift0 = (shift0>>1) | (shift1 << 31);\r
	  shift1 = (shift1>>1) | (shift2 << 31);\r
	  shift2 = (shift2>>1) | (shift3 << 31);\r
	  shift3 >>= 1;\r
\r
		// place a marker in the buffer between bits to visually aid location\r
		GraphBuffer[maxPos] = 800;\r
		GraphBuffer[maxPos+1] = -800;\r
	}\r
	PrintToScrollback("Info: raw tag bits = %s", bits);\r
\r
	TagType = (shift3>>8)&0xff;\r
	if ( TagType != ((shift0>>16)&0xff) ) {\r
		PrintToScrollback("Error: start and stop bits do not match!");\r
		return;\r
	}\r
	else if (TagType == 0x7e) {\r
		PrintToScrollback("Info: Readonly TI tag detected.");\r
		return;\r
	}\r
	else if (TagType == 0xfe) {\r
		PrintToScrollback("Info: Rewriteable TI tag detected.");\r
\r
	  // put 64 bit data into shift1 and shift0\r
	  shift0 = (shift0>>24) | (shift1 << 8);\r
	  shift1 = (shift1>>24) | (shift2 << 8);\r
\r
		// align 16 bit crc into lower half of shift2\r
	  shift2 = ((shift2>>24) | (shift3 << 8)) & 0x0ffff;\r
\r
		// align 16 bit "end bits" or "ident" into lower half of shift3\r
	  shift3 >>= 16;\r
\r
		// only 15 bits compare, last bit of ident is not valid\r
		if ( (shift3^shift0)&0x7fff ) {\r
			PrintToScrollback("Error: Ident mismatch!");\r
		}\r
		// WARNING the order of the bytes in which we calc crc below needs checking\r
		// i'm 99% sure the crc algorithm is correct, but it may need to eat the\r
		// bytes in reverse or something\r
		// calculate CRC\r
		crc=0;\r
	 	crc = update_crc16(crc, (shift0)&0xff);\r
		crc = update_crc16(crc, (shift0>>8)&0xff);\r
		crc = update_crc16(crc, (shift0>>16)&0xff);\r
		crc = update_crc16(crc, (shift0>>24)&0xff);\r
		crc = update_crc16(crc, (shift1)&0xff);\r
		crc = update_crc16(crc, (shift1>>8)&0xff);\r
		crc = update_crc16(crc, (shift1>>16)&0xff);\r
		crc = update_crc16(crc, (shift1>>24)&0xff);\r
		PrintToScrollback("Info: Tag data = %08X%08X", shift1, shift0);\r
		if (crc != (shift2&0xffff)) {\r
			PrintToScrollback("Error: CRC mismatch, calculated %04X, got ^04X", crc, shift2&0xffff);\r
		} else {\r
			PrintToScrollback("Info: CRC %04X is good", crc);\r
		}\r
	}\r
	else {\r
		PrintToScrollback("Unknown tag type.");\r
		return;\r
	}\r
}\r
\r
static void CmdNorm(char *str)\r
{\r
	int i;\r
	int max = INT_MIN, min = INT_MAX;\r
	for(i = 10; i < GraphTraceLen; i++) {\r
		if(GraphBuffer[i] > max) {\r
			max = GraphBuffer[i];\r
		}\r
		if(GraphBuffer[i] < min) {\r
			min = GraphBuffer[i];\r
		}\r
	}\r
	if(max != min) {\r
		for(i = 0; i < GraphTraceLen; i++) {\r
			GraphBuffer[i] = (GraphBuffer[i] - ((max + min)/2))*1000/\r
				(max - min);\r
		}\r
	}\r
	RepaintGraphWindow();\r
}\r
\r
static void CmdAmp(char *str)\r
{\r
	int i, rising, falling;\r
	int max = INT_MIN, min = INT_MAX;\r
	for(i = 10; i < GraphTraceLen; i++) {\r
		if(GraphBuffer[i] > max) {\r
			max = GraphBuffer[i];\r
		}\r
		if(GraphBuffer[i] < min) {\r
			min = GraphBuffer[i];\r
		}\r
	}\r
	if(max != min) {\r
		rising= falling= 0;\r
		for(i = 0; i < GraphTraceLen; i++) {\r
			if(GraphBuffer[i+1] < GraphBuffer[i]) {\r
				if(rising) {\r
 					GraphBuffer[i]= max;\r
					rising= 0;\r
					}\r
				falling= 1;\r
				}\r
			if(GraphBuffer[i+1] > GraphBuffer[i]) {\r
				if(falling) {\r
					GraphBuffer[i]= min;\r
					falling= 0;\r
					}\r
				rising= 1;\r
				}\r
		}\r
	}\r
	RepaintGraphWindow();\r
}\r
\r
static void CmdDec(char *str)\r
{\r
	int i;\r
	for(i = 0; i < (GraphTraceLen/2); i++) {\r
		GraphBuffer[i] = GraphBuffer[i*2];\r
	}\r
	GraphTraceLen /= 2;\r
	PrintToScrollback("decimated by 2");\r
	RepaintGraphWindow();\r
}\r
\r
static void CmdHpf(char *str)\r
{\r
	int i;\r
	int accum = 0;\r
	for(i = 10; i < GraphTraceLen; i++) {\r
		accum += GraphBuffer[i];\r
	}\r
	accum /= (GraphTraceLen - 10);\r
	for(i = 0; i < GraphTraceLen; i++) {\r
		GraphBuffer[i] -= accum;\r
	}\r
\r
	RepaintGraphWindow();\r
}\r
\r
static void CmdZerocrossings(char *str)\r
{\r
	int i;\r
	// Zero-crossings aren't meaningful unless the signal is zero-mean.\r
	CmdHpf("");\r
\r
	int sign = 1;\r
	int zc = 0;\r
	int lastZc = 0;\r
	for(i = 0; i < GraphTraceLen; i++) {\r
		if(GraphBuffer[i]*sign >= 0) {\r
			// No change in sign, reproduce the previous sample count.\r
			zc++;\r
			GraphBuffer[i] = lastZc;\r
		} else {\r
			// Change in sign, reset the sample count.\r
			sign = -sign;\r
			GraphBuffer[i] = lastZc;\r
			if(sign > 0) {\r
				lastZc = zc;\r
				zc = 0;\r
			}\r
		}\r
	}\r
\r
	RepaintGraphWindow();\r
}\r
\r
static void CmdThreshold(char *str)\r
{\r
	int i;\r
	int threshold = atoi(str);\r
\r
	for(i = 0; i < GraphTraceLen; i++) {\r
		if(GraphBuffer[i]>= threshold)\r
			GraphBuffer[i]=1;\r
		else\r
			GraphBuffer[i]=-1;\r
	}\r
	RepaintGraphWindow();\r
}\r
\r
static void CmdLtrim(char *str)\r
{\r
	int i;\r
	int ds = atoi(str);\r
\r
	for(i = ds; i < GraphTraceLen; i++) {\r
		GraphBuffer[i-ds] = GraphBuffer[i];\r
	}\r
	GraphTraceLen -= ds;\r
\r
	RepaintGraphWindow();\r
}\r
\r
static void CmdAutoCorr(char *str)\r
{\r
	static int CorrelBuffer[MAX_GRAPH_TRACE_LEN];\r
\r
	int window = atoi(str);\r
\r
	if(window == 0) {\r
		PrintToScrollback("needs a window");\r
		return;\r
	}\r
\r
	if(window >= GraphTraceLen) {\r
		PrintToScrollback("window must be smaller than trace (%d samples)",\r
			GraphTraceLen);\r
		return;\r
	}\r
\r
	PrintToScrollback("performing %d correlations", GraphTraceLen - window);\r
\r
	int i;\r
	for(i = 0; i < GraphTraceLen - window; i++) {\r
		int sum = 0;\r
		int j;\r
		for(j = 0; j < window; j++) {\r
			sum += (GraphBuffer[j]*GraphBuffer[i+j]) / 256;\r
		}\r
		CorrelBuffer[i] = sum;\r
	}\r
	GraphTraceLen = GraphTraceLen - window;\r
	memcpy(GraphBuffer, CorrelBuffer, GraphTraceLen*sizeof(int));\r
\r
	RepaintGraphWindow();\r
}\r
\r
static void CmdVchdemod(char *str)\r
{\r
	// Is this the entire sync pattern, or does this also include some\r
	// data bits that happen to be the same everywhere? That would be\r
	// lovely to know.\r
	static const int SyncPattern[] = {\r
		1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,\r
		1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,\r
		1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,\r
		1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,\r
		1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,\r
		1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,\r
		1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,\r
		1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,\r
		1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,\r
		1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,\r
	};\r
\r
	// So first, we correlate for the sync pattern, and mark that.\r
	int bestCorrel = 0, bestPos = 0;\r
	int i;\r
	// It does us no good to find the sync pattern, with fewer than\r
	// 2048 samples after it...\r
	for(i = 0; i < (GraphTraceLen-2048); i++) {\r
		int sum = 0;\r
		int j;\r
		for(j = 0; j < arraylen(SyncPattern); j++) {\r
			sum += GraphBuffer[i+j]*SyncPattern[j];\r
		}\r
		if(sum > bestCorrel) {\r
			bestCorrel = sum;\r
			bestPos = i;\r
		}\r
	}\r
	PrintToScrollback("best sync at %d [metric %d]", bestPos, bestCorrel);\r
\r
	char bits[257];\r
	bits[256] = '\0';\r
\r
	int worst = INT_MAX;\r
	int worstPos;\r
\r
	for(i = 0; i < 2048; i += 8) {\r
		int sum = 0;\r
		int j;\r
		for(j = 0; j < 8; j++) {\r
			sum += GraphBuffer[bestPos+i+j];\r
		}\r
		if(sum < 0) {\r
			bits[i/8] = '.';\r
		} else {\r
			bits[i/8] = '1';\r
		}\r
		if(abs(sum) < worst) {\r
			worst = abs(sum);\r
			worstPos = i;\r
		}\r
	}\r
	PrintToScrollback("bits:");\r
	PrintToScrollback("%s", bits);\r
	PrintToScrollback("worst metric: %d at pos %d", worst, worstPos);\r
\r
	if(strcmp(str, "clone")==0) {\r
		GraphTraceLen = 0;\r
		char *s;\r
		for(s = bits; *s; s++) {\r
			int j;\r
			for(j = 0; j < 16; j++) {\r
				GraphBuffer[GraphTraceLen++] = (*s == '1') ? 1 : 0;\r
			}\r
		}\r
		RepaintGraphWindow();\r
	}\r
}\r
\r
static void CmdIndalademod(char *str)\r
{\r
	// Usage: recover 64bit UID by default, specify "224" as arg to recover a 224bit UID\r
\r
	int state = -1;\r
	int count = 0;\r
	int i, j;\r
	// worst case with GraphTraceLen=64000 is < 4096\r
	// under normal conditions it's < 2048\r
	BYTE rawbits[4096];\r
	int rawbit = 0;\r
	int worst = 0, worstPos = 0;\r
	PrintToScrollback("Expecting a bit less than %d raw bits", GraphTraceLen/32);\r
	for(i = 0; i < GraphTraceLen-1; i += 2) {\r
		count+=1;\r
		if((GraphBuffer[i] > GraphBuffer[i + 1]) && (state != 1)) {\r
			if (state == 0) {\r
				for(j = 0; j <  count - 8; j += 16) {\r
					rawbits[rawbit++] = 0;\r
				}\r
				if ((abs(count - j)) > worst) {\r
					worst = abs(count - j);\r
					worstPos = i;\r
				}\r
			}\r
			state = 1;\r
			count=0;\r
		} else if((GraphBuffer[i] < GraphBuffer[i + 1]) && (state != 0)) {\r
			if (state == 1) {\r
				for(j = 0; j <  count - 8; j += 16) {\r
					rawbits[rawbit++] = 1;\r
				}\r
				if ((abs(count - j)) > worst) {\r
					worst = abs(count - j);\r
					worstPos = i;\r
				}\r
			}\r
			state = 0;\r
			count=0;\r
		}\r
	}\r
	PrintToScrollback("Recovered %d raw bits", rawbit);\r
	PrintToScrollback("worst metric (0=best..7=worst): %d at pos %d", worst, worstPos);\r
\r
	// Finding the start of a UID\r
	int uidlen, long_wait;\r
	if(strcmp(str, "224") == 0) {\r
		uidlen=224;\r
		long_wait=30;\r
	} else {\r
		uidlen=64;\r
		long_wait=29;\r
	}\r
	int start;\r
	int first = 0;\r
	for(start = 0; start <= rawbit - uidlen; start++) {\r
		first = rawbits[start];\r
		for(i = start; i < start + long_wait; i++) {\r
			if(rawbits[i] != first) {\r
				break;\r
			}\r
		}\r
		if(i == (start + long_wait)) {\r
			break;\r
		}\r
	}\r
	if(start == rawbit - uidlen + 1) {\r
		PrintToScrollback("nothing to wait for");\r
		return;\r
	}\r
\r
	// Inverting signal if needed\r
	if(first == 1) {\r
		for(i = start; i < rawbit; i++) {\r
			rawbits[i] = !rawbits[i];\r
		}\r
	}\r
\r
	// Dumping UID\r
	BYTE bits[224];\r
	char showbits[225];\r
	showbits[uidlen]='\0';\r
	int bit;\r
	i = start;\r
	int times = 0;\r
	if(uidlen > rawbit) {\r
		PrintToScrollback("Warning: not enough raw bits to get a full UID");\r
		for(bit = 0; bit < rawbit; bit++) {\r
			bits[bit] = rawbits[i++];\r
			// As we cannot know the parity, let's use "." and "/"\r
			showbits[bit] = '.' + bits[bit];\r
		}\r
		showbits[bit+1]='\0';\r
		PrintToScrollback("Partial UID=%s", showbits);\r
		return;\r
	} else {\r
		for(bit = 0; bit < uidlen; bit++) {\r
			bits[bit] = rawbits[i++];\r
			showbits[bit] = '0' + bits[bit];\r
		}\r
		times = 1;\r
	}\r
	PrintToScrollback("UID=%s", showbits);\r
\r
	// Checking UID against next occurences\r
	for(; i + uidlen <= rawbit;) {\r
		int failed = 0;\r
		for(bit = 0; bit < uidlen; bit++) {\r
			if(bits[bit] != rawbits[i++]) {\r
				failed = 1;\r
				break;\r
			}\r
		}\r
		if (failed == 1) {\r
			break;\r
		}\r
		times += 1;\r
	}\r
	PrintToScrollback("Occurences: %d (expected %d)", times, (rawbit - start) / uidlen);\r
\r
	// Remodulating for tag cloning\r
	GraphTraceLen = 32*uidlen;\r
	i = 0;\r
	int phase = 0;\r
	for(bit = 0; bit < uidlen; bit++) {\r
		if(bits[bit] == 0) {\r
			phase = 0;\r
		} else {\r
			phase = 1;\r
		}\r
		int j;\r
		for(j = 0; j < 32; j++) {\r
			GraphBuffer[i++] = phase;\r
			phase = !phase;\r
		}\r
	}\r
\r
	RepaintGraphWindow();\r
}\r
\r
static void CmdFlexdemod(char *str)\r
{\r
	int i;\r
	for(i = 0; i < GraphTraceLen; i++) {\r
		if(GraphBuffer[i] < 0) {\r
			GraphBuffer[i] = -1;\r
		} else {\r
			GraphBuffer[i] = 1;\r
		}\r
	}\r
\r
#define LONG_WAIT 100\r
	int start;\r
	for(start = 0; start < GraphTraceLen - LONG_WAIT; start++) {\r
		int first = GraphBuffer[start];\r
		for(i = start; i < start + LONG_WAIT; i++) {\r
			if(GraphBuffer[i] != first) {\r
				break;\r
			}\r
		}\r
		if(i == (start + LONG_WAIT)) {\r
			break;\r
		}\r
	}\r
	if(start == GraphTraceLen - LONG_WAIT) {\r
		PrintToScrollback("nothing to wait for");\r
		return;\r
	}\r
\r
	GraphBuffer[start] = 2;\r
	GraphBuffer[start+1] = -2;\r
\r
	BYTE bits[64];\r
\r
	int bit;\r
	i = start;\r
	for(bit = 0; bit < 64; bit++) {\r
		int j;\r
		int sum = 0;\r
		for(j = 0; j < 16; j++) {\r
			sum += GraphBuffer[i++];\r
		}\r
		if(sum > 0) {\r
			bits[bit] = 1;\r
		} else {\r
			bits[bit] = 0;\r
		}\r
		PrintToScrollback("bit %d sum %d", bit, sum);\r
	}\r
\r
	for(bit = 0; bit < 64; bit++) {\r
		int j;\r
		int sum = 0;\r
		for(j = 0; j < 16; j++) {\r
			sum += GraphBuffer[i++];\r
		}\r
		if(sum > 0 && bits[bit] != 1) {\r
			PrintToScrollback("oops1 at %d", bit);\r
		}\r
		if(sum < 0 && bits[bit] != 0) {\r
			PrintToScrollback("oops2 at %d", bit);\r
		}\r
	}\r
\r
	GraphTraceLen = 32*64;\r
	i = 0;\r
	int phase = 0;\r
	for(bit = 0; bit < 64; bit++) {\r
		if(bits[bit] == 0) {\r
			phase = 0;\r
		} else {\r
			phase = 1;\r
		}\r
		int j;\r
		for(j = 0; j < 32; j++) {\r
			GraphBuffer[i++] = phase;\r
			phase = !phase;\r
		}\r
	}\r
\r
	RepaintGraphWindow();\r
}\r
\r
/*\r
 * Generic command to demodulate ASK.\r
 *\r
 * Argument is convention: positive or negative (High mod means zero\r
 * or high mod means one)\r
 *\r
 * Updates the Graph trace with 0/1 values\r
 *\r
 * Arguments:\r
 * c : 0 or 1\r
 */\r
\r
static void Cmdaskdemod(char *str) {\r
	int i;\r
	int c, high = 0, low = 0;\r
\r
	// TODO: complain if we do not give 2 arguments here !\r
	// (AL - this doesn't make sense! we're only using one argument!!!)\r
	sscanf(str, "%i", &c);\r
\r
	/* Detect high and lows and clock */\r
	// (AL - clock???)\r
	for (i = 0; i < GraphTraceLen; i++)\r
	{\r
		if (GraphBuffer[i] > high)\r
			high = GraphBuffer[i];\r
		else if (GraphBuffer[i] < low)\r
			low = GraphBuffer[i];\r
	}\r
	if(c != 0 && c != 1) {\r
		PrintToScrollback("Invalid argument: %s",str);\r
		return;\r
		}\r
\r
	if (GraphBuffer[0] > 0) {\r
		GraphBuffer[0] = 1-c;\r
	} else {\r
		GraphBuffer[0] = c;\r
	}\r
	for(i=1;i<GraphTraceLen;i++) {\r
		/* Transitions are detected at each peak\r
		 * Transitions are either:\r
		 * - we're low: transition if we hit a high\r
		 * - we're high: transition if we hit a low\r
		 * (we need to do it this way because some tags keep high or\r
		 * low for long periods, others just reach the peak and go\r
		 * down)\r
		 */\r
		if ((GraphBuffer[i]==high) && (GraphBuffer[i-1] == c)) {\r
					GraphBuffer[i]=1-c;\r
		} else if ((GraphBuffer[i]==low) && (GraphBuffer[i-1] == (1-c))){\r
			GraphBuffer[i] = c;\r
		} else {\r
			/* No transition */\r
			GraphBuffer[i] = GraphBuffer[i-1];\r
		}\r
	}\r
	RepaintGraphWindow();\r
}\r
\r
/* Print our clock rate */\r
static void Cmddetectclockrate(char *str)\r
{\r
	int clock = detectclock(0);\r
	PrintToScrollback("Auto-detected clock rate: %d", clock);\r
}\r
\r
/*\r
 * Detect clock rate\r
 */\r
int detectclock(int peak)\r
{\r
	int i;\r
	int clock = 0xFFFF;\r
	int lastpeak = 0;\r
\r
	/* Detect peak if we don't have one */\r
	if (!peak)\r
		for (i = 0; i < GraphTraceLen; i++)\r
			if (GraphBuffer[i] > peak)\r
				peak = GraphBuffer[i];\r
\r
	for (i = 1; i < GraphTraceLen; i++)\r
	{\r
		/* If this is the beginning of a peak */\r
		if (GraphBuffer[i-1] != GraphBuffer[i] && GraphBuffer[i] == peak)\r
		{\r
			/* Find lowest difference between peaks */\r
			if (lastpeak && i - lastpeak < clock)\r
			{\r
				clock = i - lastpeak;\r
			}\r
			lastpeak = i;\r
		}\r
	}\r
\r
	return clock;\r
}\r
\r
/* Get or auto-detect clock rate */\r
int GetClock(char *str, int peak)\r
{\r
	int clock;\r
\r
	sscanf(str, "%i", &clock);\r
	if (!strcmp(str, ""))\r
		clock = 0;\r
\r
	/* Auto-detect clock */\r
	if (!clock)\r
	{\r
		clock = detectclock(peak);\r
\r
		/* Only print this message if we're not looping something */\r
		if (!go)\r
			PrintToScrollback("Auto-detected clock rate: %d", clock);\r
	}\r
\r
	return clock;\r
}\r
\r
/*\r
 * Convert to a bitstream\r
 */\r
static void Cmdbitstream(char *str) {\r
	int i, j;\r
	int bit;\r
	int gtl;\r
	int clock;\r
	int low = 0;\r
	int high = 0;\r
	int hithigh, hitlow, first;\r
\r
	/* Detect high and lows and clock */\r
	for (i = 0; i < GraphTraceLen; i++)\r
	{\r
		if (GraphBuffer[i] > high)\r
			high = GraphBuffer[i];\r
		else if (GraphBuffer[i] < low)\r
			low = GraphBuffer[i];\r
	}\r
\r
	/* Get our clock */\r
	clock = GetClock(str, high);\r
\r
	gtl = CmdClearGraph(0);\r
\r
	bit = 0;\r
	for (i = 0; i < (int)(gtl / clock); i++)\r
	{\r
		hithigh = 0;\r
		hitlow = 0;\r
		first = 1;\r
\r
		/* Find out if we hit both high and low peaks */\r
		for (j = 0; j < clock; j++)\r
		{\r
			if (GraphBuffer[(i * clock) + j] == high)\r
				hithigh = 1;\r
			else if (GraphBuffer[(i * clock) + j] == low)\r
				hitlow = 1;\r
\r
			/* it doesn't count if it's the first part of our read\r
			 because it's really just trailing from the last sequence */\r
			if (first && (hithigh || hitlow))\r
				hithigh = hitlow = 0;\r
			else\r
				first = 0;\r
\r
			if (hithigh && hitlow)\r
				break;\r
		}\r
\r
		/* If we didn't hit both high and low peaks, we had a bit transition */\r
		if (!hithigh || !hitlow)\r
			bit ^= 1;\r
\r
		CmdAppendGraph(0, clock, bit);\r
//		for (j = 0; j < (int)(clock/2); j++)\r
//			GraphBuffer[(i * clock) + j] = bit ^ 1;\r
//		for (j = (int)(clock/2); j < clock; j++)\r
//			GraphBuffer[(i * clock) + j] = bit;\r
	}\r
\r
	RepaintGraphWindow();\r
}\r
\r
/* Modulate our data into manchester */\r
static void Cmdmanchestermod(char *str)\r
{\r
	int i, j;\r
	int clock;\r
	int bit, lastbit, wave;\r
\r
	/* Get our clock */\r
	clock = GetClock(str, 0);\r
\r
	wave = 0;\r
	lastbit = 1;\r
	for (i = 0; i < (int)(GraphTraceLen / clock); i++)\r
	{\r
		bit = GraphBuffer[i * clock] ^ 1;\r
\r
		for (j = 0; j < (int)(clock/2); j++)\r
			GraphBuffer[(i * clock) + j] = bit ^ lastbit ^ wave;\r
		for (j = (int)(clock/2); j < clock; j++)\r
			GraphBuffer[(i * clock) + j] = bit ^ lastbit ^ wave ^ 1;\r
\r
		/* Keep track of how we start our wave and if we changed or not this time */\r
		wave ^= bit ^ lastbit;\r
		lastbit = bit;\r
	}\r
\r
	RepaintGraphWindow();\r
}\r
\r
/*\r
 * Manchester demodulate a bitstream. The bitstream needs to be already in\r
 * the GraphBuffer as 0 and 1 values\r
 *\r
 * Give the clock rate as argument in order to help the sync - the algorithm\r
 * resyncs at each pulse anyway.\r
 *\r
 * Not optimized by any means, this is the 1st time I'm writing this type of\r
 * routine, feel free to improve...\r
 *\r
 * 1st argument: clock rate (as number of samples per clock rate)\r
 *               Typical values can be 64, 32, 128...\r
 */\r
static void Cmdmanchesterdemod(char *str) {\r
	int i, j, invert= 0;\r
	int bit;\r
	int clock;\r
	int lastval;\r
	int low = 0;\r
	int high = 0;\r
	int hithigh, hitlow, first;\r
	int lc = 0;\r
	int bitidx = 0;\r
	int bit2idx = 0;\r
	int warnings = 0;\r
\r
	/* check if we're inverting output */\r
 	if(*str == 'i')\r
	{\r
		PrintToScrollback("Inverting output");\r
		invert= 1;\r
		do\r
			++str;\r
		while(*str == ' '); // in case a 2nd argument was given\r
	}\r
\r
	/* Holds the decoded bitstream: each clock period contains 2 bits       */\r
	/* later simplified to 1 bit after manchester decoding.                 */\r
	/* Add 10 bits to allow for noisy / uncertain traces without aborting   */\r
	/* int BitStream[GraphTraceLen*2/clock+10]; */\r
\r
	/* But it does not work if compiling on WIndows: therefore we just allocate a */\r
	/* large array */\r
	int BitStream[MAX_GRAPH_TRACE_LEN];\r
\r
	/* Detect high and lows */\r
	for (i = 0; i < GraphTraceLen; i++)\r
	{\r
		if (GraphBuffer[i] > high)\r
			high = GraphBuffer[i];\r
		else if (GraphBuffer[i] < low)\r
			low = GraphBuffer[i];\r
	}\r
\r
	/* Get our clock */\r
	clock = GetClock(str, high);\r
\r
	int tolerance = clock/4;\r
\r
	/* Detect first transition */\r
	/* Lo-Hi (arbitrary)       */\r
	/* skip to the first high */\r
	for (i= 0; i < GraphTraceLen; i++)\r
		if(GraphBuffer[i] == high)\r
			break;\r
	/* now look for the first low */\r
	for (; i < GraphTraceLen; i++)\r
	{\r
		if (GraphBuffer[i] == low)\r
		{\r
 			lastval = i;\r
			break;\r
		}\r
	}\r
\r
	/* If we're not working with 1/0s, demod based off clock */\r
	if (high != 1)\r
	{\r
		bit = 0; /* We assume the 1st bit is zero, it may not be\r
		          * the case: this routine (I think) has an init problem.\r
		          * Ed.\r
		          */\r
		for (; i < (int)(GraphTraceLen / clock); i++)\r
		{\r
			hithigh = 0;\r
			hitlow = 0;\r
			first = 1;\r
\r
			/* Find out if we hit both high and low peaks */\r
			for (j = 0; j < clock; j++)\r
			{\r
				if (GraphBuffer[(i * clock) + j] == high)\r
					hithigh = 1;\r
				else if (GraphBuffer[(i * clock) + j] == low)\r
					hitlow = 1;\r
\r
				/* it doesn't count if it's the first part of our read\r
				   because it's really just trailing from the last sequence */\r
				if (first && (hithigh || hitlow))\r
					hithigh = hitlow = 0;\r
				else\r
					first = 0;\r
\r
				if (hithigh && hitlow)\r
					break;\r
			}\r
\r
			/* If we didn't hit both high and low peaks, we had a bit transition */\r
			if (!hithigh || !hitlow)\r
				bit ^= 1;\r
\r
			BitStream[bit2idx++] = bit ^ invert;\r
		}\r
	}\r
\r
	/* standard 1/0 bitstream */\r
	else\r
	{\r
\r
		/* Then detect duration between 2 successive transitions */\r
		for (bitidx = 1; i < GraphTraceLen; i++)\r
		{\r
			if (GraphBuffer[i-1] != GraphBuffer[i])\r
			{\r
			lc = i-lastval;\r
			lastval = i;\r
\r
			// Error check: if bitidx becomes too large, we do not\r
			// have a Manchester encoded bitstream or the clock is really\r
			// wrong!\r
			if (bitidx > (GraphTraceLen*2/clock+8) ) {\r
				PrintToScrollback("Error: the clock you gave is probably wrong, aborting.");\r
				return;\r
			}\r
			// Then switch depending on lc length:\r
			// Tolerance is 1/4 of clock rate (arbitrary)\r
			if (abs(lc-clock/2) < tolerance) {\r
				// Short pulse : either "1" or "0"\r
				BitStream[bitidx++]=GraphBuffer[i-1];\r
			} else if (abs(lc-clock) < tolerance) {\r
				// Long pulse: either "11" or "00"\r
				BitStream[bitidx++]=GraphBuffer[i-1];\r
				BitStream[bitidx++]=GraphBuffer[i-1];\r
			} else {\r
				// Error\r
					warnings++;\r
				PrintToScrollback("Warning: Manchester decode error for pulse width detection.");\r
				PrintToScrollback("(too many of those messages mean either the stream is not Manchester encoded, or clock is wrong)");\r
\r
					if (warnings > 100)\r
					{\r
						PrintToScrollback("Error: too many detection errors, aborting.");\r
						return;\r
					}\r
				}\r
			}\r
		}\r
\r
		// At this stage, we now have a bitstream of "01" ("1") or "10" ("0"), parse it into final decoded bitstream\r
		// Actually, we overwrite BitStream with the new decoded bitstream, we just need to be careful\r
		// to stop output at the final bitidx2 value, not bitidx\r
		for (i = 0; i < bitidx; i += 2) {\r
			if ((BitStream[i] == 0) && (BitStream[i+1] == 1)) {\r
				BitStream[bit2idx++] = 1 ^ invert;\r
		} else if ((BitStream[i] == 1) && (BitStream[i+1] == 0)) {\r
			BitStream[bit2idx++] = 0 ^ invert;\r
		} else {\r
			// We cannot end up in this state, this means we are unsynchronized,\r
			// move up 1 bit:\r
			i++;\r
				warnings++;\r
			PrintToScrollback("Unsynchronized, resync...");\r
			PrintToScrollback("(too many of those messages mean the stream is not Manchester encoded)");\r
\r
				if (warnings > 100)\r
				{\r
					PrintToScrollback("Error: too many decode errors, aborting.");\r
					return;\r
				}\r
			}\r
		}\r
	}\r
\r
	PrintToScrollback("Manchester decoded bitstream");\r
	// Now output the bitstream to the scrollback by line of 16 bits\r
	for (i = 0; i < (bit2idx-16); i+=16) {\r
		PrintToScrollback("%i %i %i %i %i %i %i %i %i %i %i %i %i %i %i %i",\r
			BitStream[i],\r
			BitStream[i+1],\r
			BitStream[i+2],\r
			BitStream[i+3],\r
			BitStream[i+4],\r
			BitStream[i+5],\r
			BitStream[i+6],\r
			BitStream[i+7],\r
			BitStream[i+8],\r
			BitStream[i+9],\r
			BitStream[i+10],\r
			BitStream[i+11],\r
			BitStream[i+12],\r
			BitStream[i+13],\r
			BitStream[i+14],\r
			BitStream[i+15]);\r
	}\r
}\r
\r
/*\r
 * Usage ???\r
 */\r
static void CmdHiddemod(char *str)\r
{\r
	if(GraphTraceLen < 4800) {\r
		PrintToScrollback("too short; need at least 4800 samples");\r
		return;\r
	}\r
\r
	GraphTraceLen = 4800;\r
	int i;\r
	for(i = 0; i < GraphTraceLen; i++) {\r
		if(GraphBuffer[i] < 0) {\r
			GraphBuffer[i] = 0;\r
		} else {\r
			GraphBuffer[i] = 1;\r
		}\r
	}\r
	RepaintGraphWindow();\r
}\r
\r
static void CmdPlot(char *str)\r
{\r
	ShowGraphWindow();\r
}\r
\r
static void CmdGrid(char *str)\r
{\r
  	sscanf(str, "%i %i", &PlotGridX, &PlotGridY);\r
	RepaintGraphWindow();\r
}\r
\r
static void CmdHide(char *str)\r
{\r
	HideGraphWindow();\r
}\r
\r
static void CmdScale(char *str)\r
{\r
	CursorScaleFactor = atoi(str);\r
	if(CursorScaleFactor == 0) {\r
		PrintToScrollback("bad, can't have zero scale");\r
		CursorScaleFactor = 1;\r
	}\r
	RepaintGraphWindow();\r
}\r
\r
static void CmdSave(char *str)\r
{\r
	FILE *f = fopen(str, "w");\r
	if(!f) {\r
		PrintToScrollback("couldn't open '%s'", str);\r
		return;\r
	}\r
	int i;\r
	for(i = 0; i < GraphTraceLen; i++) {\r
		fprintf(f, "%d\n", GraphBuffer[i]);\r
	}\r
	fclose(f);\r
	PrintToScrollback("saved to '%s'", str);\r
}\r
\r
static void CmdLoad(char *str)\r
{\r
	FILE *f = fopen(str, "r");\r
	if(!f) {\r
		PrintToScrollback("couldn't open '%s'", str);\r
		return;\r
	}\r
\r
	GraphTraceLen = 0;\r
	char line[80];\r
	while(fgets(line, sizeof(line), f)) {\r
		GraphBuffer[GraphTraceLen] = atoi(line);\r
		GraphTraceLen++;\r
	}\r
	fclose(f);\r
	PrintToScrollback("loaded %d samples", GraphTraceLen);\r
	RepaintGraphWindow();\r
}\r
\r
static void CmdHIDsimTAG(char *str)\r
{\r
	unsigned int hi=0, lo=0;\r
	int n=0, i=0;\r
	UsbCommand c;\r
\r
	while (sscanf(&str[i++], "%1x", &n ) == 1) {\r
		hi=(hi<<4)|(lo>>28);\r
		lo=(lo<<4)|(n&0xf);\r
	}\r
\r
	PrintToScrollback("Emulating tag with ID %x%16x", hi, lo);\r
\r
	c.cmd = CMD_HID_SIM_TAG;\r
	c.ext1 = hi;\r
	c.ext2 = lo;\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdReadmem(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_READ_MEM;\r
	c.ext1 = atoi(str);\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdVersion(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_VERSION;\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdLcdReset(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_LCD_RESET;\r
	c.ext1 = atoi(str);\r
	SendCommand(&c, FALSE);\r
}\r
\r
static void CmdLcd(char *str)\r
{\r
	int i, j;\r
	UsbCommand c;\r
	c.cmd = CMD_LCD;\r
	sscanf(str, "%x %d", &i, &j);\r
	while (j--) {\r
		c.ext1 = i&0x1ff;\r
		SendCommand(&c, FALSE);\r
	}\r
}\r
\r
/*\r
 * Sets the divisor for LF frequency clock: lets the user choose any LF frequency below\r
 * 600kHz.\r
 */\r
static void CmdSetDivisor(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_SET_LF_DIVISOR;\r
	c.ext1 = atoi(str);\r
	if (( c.ext1<0) || (c.ext1>255)) {\r
			PrintToScrollback("divisor must be between 19 and 255");\r
	} else {\r
			SendCommand(&c, FALSE);\r
			PrintToScrollback("Divisor set, expected freq=%dHz", 12000000/(c.ext1+1));\r
	}\r
}\r
\r
static void CmdSetMux(char *str)\r
{\r
	UsbCommand c;\r
	c.cmd = CMD_SET_ADC_MUX;\r
	if(strcmp(str, "lopkd") == 0) {\r
		c.ext1 = 0;\r
	} else if(strcmp(str, "loraw") == 0) {\r
		c.ext1 = 1;\r
	} else if(strcmp(str, "hipkd") == 0) {\r
		c.ext1 = 2;\r
	} else if(strcmp(str, "hiraw") == 0) {\r
		c.ext1 = 3;\r
	}\r
	SendCommand(&c, FALSE);\r
}\r
\r
typedef void HandlerFunction(char *cmdline);\r
\r
/* in alphabetic order */\r
static struct {\r
	char		*name;\r
	HandlerFunction	*handler;\r
	int		offline;  // 1 if the command can be used when in offline mode\r
	char		*docString;\r
} CommandTable[] = {\r
	{"amp",					CmdAmp,						1, "Amplify peaks"},\r
	{"askdemod",			Cmdaskdemod,				1, "<0|1> -- Attempt to demodulate simple ASK tags"},\r
	{"autocorr",			CmdAutoCorr,				1, "<window length> -- Autocorrelation over window"},\r
	{"bitsamples",		CmdBitsamples,			0, "Get raw samples as bitstring"},\r
	{"bitstream",			Cmdbitstream,				1, "[clock rate] -- Convert waveform into a bitstream"},\r
	{"buffclear",			CmdBuffClear,				1, "Clear sample buffer and graph window"},\r
	{"dec",						CmdDec,							1, "Decimate samples"},\r
	{"detectclock",		Cmddetectclockrate,	1, "Detect clock rate"},\r
	{"detectreader",	CmdDetectReader,		0, "['l'|'h'] -- Detect external reader field (option 'l' or 'h' to limit to LF or HF)"},\r
	{"em410xsim",			CmdEM410xsim,				1, "<UID> -- Simulate EM410x tag"},\r
	{"em410xread",		CmdEM410xread,			1, "[clock rate] -- Extract ID from EM410x tag"},\r
	{"em410xwatch",		CmdEM410xwatch,			0, "Watches for EM410x tags"},\r
	{"em4x50read",		CmdEM4x50read,			1, "Extract data from EM4x50 tag"},\r
	{"exit",					CmdQuit,						1, "Exit program"},\r
	{"flexdemod",			CmdFlexdemod,				1, "Demodulate samples for FlexPass"},\r
	{"fpgaoff",				CmdFPGAOff,					0, "Set FPGA off"},\r
	{"fskdemod",			CmdFSKdemod,				1, "Demodulate graph window as a HID FSK"},\r
	{"grid",					CmdGrid,						1, "<x> <y> -- overlay grid on graph window, use zero value to turn off either"},\r
	{"hexsamples",		CmdHexsamples,			0, "<blocks> -- Dump big buffer as hex bytes"},\r
	{"hi14alist",			CmdHi14alist,				0, "List ISO 14443a history"},\r
	{"hi14areader",		CmdHi14areader,			0, "Act like an ISO14443 Type A reader"},\r
	{"hi14asim",			CmdHi14asim,				0, "<UID> -- Fake ISO 14443a tag"},\r
	{"hi14asnoop",		CmdHi14asnoop,			0, "Eavesdrop ISO 14443 Type A"},\r
	{"hi14bdemod",		CmdHi14bdemod,			1, "Demodulate ISO14443 Type B from tag"},\r
	{"hi14list",			CmdHi14list,				0, "List ISO 14443 history"},\r
	{"hi14read",			CmdHi14read,				0, "Read HF tag (ISO 14443)"},\r
	{"hi14sim",				CmdHi14sim,					0, "Fake ISO 14443 tag"},\r
	{"hi14snoop",			CmdHi14snoop,				0, "Eavesdrop ISO 14443"},\r
	{"hi15demod",			CmdHi15demod,				1, "Demodulate ISO15693 from tag"},\r
	{"hi15read",			CmdHi15read,				0, "Read HF tag (ISO 15693)"},\r
	{"hi15reader",		CmdHi15reader,			0, "Act like an ISO15693 reader"},\r
	{"hi15sim",				CmdHi15tag,					0, "Fake an ISO15693 tag"},\r
	{"hiddemod",			CmdHiddemod,				1, "Demodulate HID Prox Card II (not optimal)"},\r
	{"hide",					CmdHide,						1, "Hide graph window"},\r
	{"hidfskdemod",		CmdHIDdemodFSK,			0, "Realtime HID FSK demodulator"},\r
	{"hidsimtag",			CmdHIDsimTAG,				0, "<ID> -- HID tag simulator"},\r
	{"higet",					CmdHi14read_sim,		0, "<samples> -- Get samples HF, 'analog'"},\r
	{"hisamples",			CmdHisamples,				0, "Get raw samples for HF tag"},\r
	{"hisampless",		CmdHisampless,			0, "<samples> -- Get signed raw samples, HF tag"},\r
	{"hisamplest",		CmdHi14readt,				0, "Get samples HF, for testing"},\r
	{"hisimlisten",		CmdHisimlisten,			0, "Get HF samples as fake tag"},\r
	{"hpf",						CmdHpf,							1, "Remove DC offset from trace"},\r
	{"indalademod",		CmdIndalademod,			0, "['224'] -- Demodulate samples for Indala 64 bit UID (option '224' for 224 bit)"},\r
	{"lcd",						CmdLcd,							0, "<HEX command> <count> -- Send command/data to LCD"},\r
	{"lcdreset",			CmdLcdReset,				0, "Hardware reset LCD"},\r
	{"legicrfsim",			CmdLegicRfSim,							0, "Start the LEGIC RF tag simulator"},\r
	{"legicrfread",			CmdLegicRfRead,							0, "Start the LEGIC RF reader"},\r
	{"load",					CmdLoad,						1, "<filename> -- Load trace (to graph window"},\r
	{"locomread",			CmdLoCommandRead,		0, "<off period> <'0' period> <'1' period> <command> ['h'] -- Modulate LF reader field to send command before read (all periods in microseconds) (option 'h' for 134)"},\r
	{"loread",				CmdLoread,					0, "['h'] -- Read 125/134 kHz LF ID-only tag (option 'h' for 134)"},\r
	{"losamples",			CmdLosamples,				0, "[128 - 16000] -- Get raw samples for LF tag"},\r
	{"losim",					CmdLosim,						0, "Simulate LF tag"},\r
	{"losimbidir",					CmdLosimBidir,						0, "Simulate LF tag (with bidirectional data transmission between reader and tag)"},\r
	{"ltrim",					CmdLtrim,						1, "<samples> -- Trim samples from left of trace"},\r
	{"mandemod",			Cmdmanchesterdemod,	1, "[i] [clock rate] -- Manchester demodulate binary stream (option 'i' to invert output)"},\r
	{"manmod",				Cmdmanchestermod,		1, "[clock rate] -- Manchester modulate a binary stream"},\r
	{"norm",					CmdNorm,						1, "Normalize max/min to +/-500"},\r
	{"plot",					CmdPlot,						1, "Show graph window"},\r
	{"quit",					CmdQuit,						1, "Quit program"},\r
	{"readmem",				CmdReadmem,					0, "[address] -- Read memory at decimal address from flash"},\r
	{"reset",					CmdReset,						0, "Reset the Proxmark3"},\r
	{"save",					CmdSave,						1, "<filename> -- Save trace (from graph window)"},\r
	{"scale",					CmdScale,						1, "<int> -- Set cursor display scale"},\r
	{"setlfdivisor",	CmdSetDivisor,			0, "<19 - 255> -- Drive LF antenna at 12Mhz/(divisor+1)"},\r
	{"setmux",		CmdSetMux,			0, "<loraw|hiraw|lopkd|hipkd> -- Set the ADC mux to a specific value"},\r
	{"sri512read",		CmdSri512read,			0, "<int> -- Read contents of a SRI512 tag"},\r
	{"tidemod",				CmdTIDemod,					1, "Demodulate raw bits for TI-type LF tag"},\r
	{"tiread",				CmdTIRead,					0, "Read and decode a TI 134 kHz tag"},\r
	{"tiwrite",				CmdTIWrite,					0, "Write new data to a r/w TI 134 kHz tag"},\r
	{"threshold",			CmdThreshold,				1, "Maximize/minimize every value in the graph window depending on threshold"},\r
	{"tune",					CmdTune,						0, "Measure antenna tuning"},\r
	{"vchdemod",			CmdVchdemod,				0, "['clone'] -- Demodulate samples for VeriChip"},\r
	{"version",			CmdVersion,				0, "Show version inforation about the connected Proxmark"},\r
	{"zerocrossings",	CmdZerocrossings,		1, "Count time between zero-crossings"},\r
};\r
\r
static struct {\r
	char *name;\r
	char *args;\r
	char *argshelp;\r
	char *description;\r
	} 	CommandExtendedHelp[]= {\r
		{"detectreader","'l'|'h'","'l' specifies LF antenna scan only, 'h' specifies HF antenna scan only.","Monitor antenna for changes in voltage. Output is in three fields: CHANGED, CURRENT, PERIOD,\nwhere CHANGED is the value just changed from, CURRENT is the current value and PERIOD is the\nnumber of program loops since the last change.\n\nThe RED LED indicates LF field detected, and the GREEN LED indicates HF field detected."},\r
		{"tune","","","Drive LF antenna at all divisor range values (19 - 255) and store the results in the output\nbuffer. Issuing 'losamples' and then 'plot' commands will display the resulting peak. 12MHz\ndivided by the peak's position plus one gives the antenna's resonant frequency. For convenience,\nthis value is also printed out by the command."},\r
		};\r
\r
//-----------------------------------------------------------------------------\r
// Entry point into our code: called whenever the user types a command and\r
// then presses Enter, which the full command line that they typed.\r
//-----------------------------------------------------------------------------\r
void CommandReceived(char *cmd)\r
{\r
	int i;\r
	char line[256];\r
\r
	PrintToScrollback("> %s", cmd);\r
\r
	if(strcmp(cmd, "help") == 0 || strncmp(cmd,"help ",strlen("help ")) == 0) {\r
		// check if we're doing extended help\r
		if(strlen(cmd) > strlen("help ")) {\r
			cmd += strlen("help ");\r
			for(i = 0; i < sizeof(CommandExtendedHelp) / sizeof(CommandExtendedHelp[0]); i++) {\r
				if(strcmp(CommandExtendedHelp[i].name,cmd) == 0) {\r
					PrintToScrollback("\nExtended help for '%s':\n", cmd);\r
					PrintToScrollback("Args: %s\t- %s\n",CommandExtendedHelp[i].args,CommandExtendedHelp[i].argshelp);\r
					PrintToScrollback(CommandExtendedHelp[i].description);\r
					PrintToScrollback("");\r
					return;\r
				}\r
			}\r
		PrintToScrollback("No extended help available for '%s'", cmd);\r
		return;\r
		}\r
		if (offline) PrintToScrollback("Operating in OFFLINE mode (no device connected)");\r
		PrintToScrollback("\r\nAvailable commands:");\r
		for(i = 0; i < sizeof(CommandTable) / sizeof(CommandTable[0]); i++) {\r
			if (offline && (CommandTable[i].offline==0)) continue;\r
			memset(line, ' ', sizeof(line));\r
			strcpy(line+2, CommandTable[i].name);\r
			line[strlen(line)] = ' ';\r
			sprintf(line+15, " -- %s", CommandTable[i].docString);\r
			PrintToScrollback("%s", line);\r
		}\r
		PrintToScrollback("");\r
		PrintToScrollback("'help <command>' for extended help on that command\n");\r
		return;\r
	}\r
\r
	for(i = 0; i < sizeof(CommandTable) / sizeof(CommandTable[0]); i++) {\r
		char *name = CommandTable[i].name;\r
		if(memcmp(cmd, name, strlen(name))==0 &&\r
			(cmd[strlen(name)] == ' ' || cmd[strlen(name)] == '\0'))\r
		{\r
			cmd += strlen(name);\r
			while(*cmd == ' ') {\r
				cmd++;\r
			}\r
			if (offline && (CommandTable[i].offline==0)) {\r
				PrintToScrollback("Offline mode, cannot use this command.");\r
				return;\r
			}\r
			(CommandTable[i].handler)(cmd);\r
			return;\r
		}\r
	}\r
	PrintToScrollback(">> bad command '%s'", cmd);\r
}\r
\r
//-----------------------------------------------------------------------------\r
// Entry point into our code: called whenever we received a packet over USB\r
// that we weren't necessarily expecting, for example a debug print.\r
//-----------------------------------------------------------------------------\r
void UsbCommandReceived(UsbCommand *c)\r
{\r
	switch(c->cmd) {\r
		case CMD_DEBUG_PRINT_STRING: {\r
			char s[100];\r
			if(c->ext1 > 70 || c->ext1 < 0) {\r
				c->ext1 = 0;\r
			}\r
			memcpy(s, c->d.asBytes, c->ext1);\r
			s[c->ext1] = '\0';\r
			PrintToScrollback("#db# %s", s);\r
			break;\r
		}\r
\r
		case CMD_DEBUG_PRINT_INTEGERS:\r
			PrintToScrollback("#db# %08x, %08x, %08x\r\n", c->ext1, c->ext2, c->ext3);\r
			break;\r
\r
		case CMD_MEASURED_ANTENNA_TUNING: {\r
			int peakv, peakf;\r
			int vLf125, vLf134, vHf;\r
			vLf125 = c->ext1 & 0xffff;\r
			vLf134 = c->ext1 >> 16;\r
			vHf = c->ext2 & 0xffff;;\r
			peakf = c->ext3 & 0xffff;\r
			peakv = c->ext3 >> 16;\r
			PrintToScrollback("");\r
			PrintToScrollback("");\r
			PrintToScrollback("# LF antenna: %5.2f V @   125.00 kHz", vLf125/1000.0);\r
			PrintToScrollback("# LF antenna: %5.2f V @   134.00 kHz", vLf134/1000.0);\r
			PrintToScrollback("# LF optimal: %5.2f V @%9.2f kHz", peakv/1000.0, 12000.0/(peakf+1));\r
			PrintToScrollback("# HF antenna: %5.2f V @    13.56 MHz", vHf/1000.0);\r
			if (peakv<2000)\r
				PrintToScrollback("# Your LF antenna is unusable.");\r
			else if (peakv<10000)\r
				PrintToScrollback("# Your LF antenna is marginal.");\r
			if (vHf<2000)\r
				PrintToScrollback("# Your HF antenna is unusable.");\r
			else if (vHf<5000)\r
				PrintToScrollback("# Your HF antenna is marginal.");\r
			break;\r
		}\r
		default:\r
			PrintToScrollback("unrecognized command %08x\n", c->cmd);\r
			break;\r
	}\r
}\r