- int i, j, startblock, clock, skip, block, start, end, low, high;
- bool complete= false;
- int tmpbuff[MAX_GRAPH_TRACE_LEN / 64];
- char tmp[6];
-
- high= low= 0;
- clock= 64;
-
- /* first get high and low values */
- for (i = 0; i < GraphTraceLen; i++)
- {
- if (GraphBuffer[i] > high)
- high = GraphBuffer[i];
- else if (GraphBuffer[i] < low)
- low = GraphBuffer[i];
- }
-
- /* populate a buffer with pulse lengths */
- i= 0;
- j= 0;
- while (i < GraphTraceLen)
- {
- // measure from low to low
- while ((GraphBuffer[i] > low) && (i<GraphTraceLen))
- ++i;
- start= i;
- while ((GraphBuffer[i] < high) && (i<GraphTraceLen))
- ++i;
- while ((GraphBuffer[i] > low) && (i<GraphTraceLen))
- ++i;
- if (j>(MAX_GRAPH_TRACE_LEN/64)) {
- break;
- }
- tmpbuff[j++]= i - start;
- }
-
- /* look for data start - should be 2 pairs of LW (pulses of 192,128) */
- start= -1;
- skip= 0;
- for (i= 0; i < j - 4 ; ++i)
- {
- skip += tmpbuff[i];
- if (tmpbuff[i] >= 190 && tmpbuff[i] <= 194)
- if (tmpbuff[i+1] >= 126 && tmpbuff[i+1] <= 130)
- if (tmpbuff[i+2] >= 190 && tmpbuff[i+2] <= 194)
- if (tmpbuff[i+3] >= 126 && tmpbuff[i+3] <= 130)
- {
- start= i + 3;
- break;
- }
- }
- startblock= i + 3;
-
- /* skip over the remainder of the LW */
- skip += tmpbuff[i+1]+tmpbuff[i+2];
- while (skip < MAX_GRAPH_TRACE_LEN && GraphBuffer[skip] > low)
- ++skip;
- skip += 8;
-
- /* now do it again to find the end */
- end= start;
- for (i += 3; i < j - 4 ; ++i)
- {
- end += tmpbuff[i];
- if (tmpbuff[i] >= 190 && tmpbuff[i] <= 194)
- if (tmpbuff[i+1] >= 126 && tmpbuff[i+1] <= 130)
- if (tmpbuff[i+2] >= 190 && tmpbuff[i+2] <= 194)
- if (tmpbuff[i+3] >= 126 && tmpbuff[i+3] <= 130)
- {
- complete= true;
- break;
- }
- }
-
- if (start >= 0)
- PrintAndLog("Found data at sample: %i",skip);
- else
- {
- PrintAndLog("No data found!");
- PrintAndLog("Try again with more samples.");
- return 0;
- }
-
- if (!complete)
- {
- PrintAndLog("*** Warning!");
- PrintAndLog("Partial data - no end found!");
- PrintAndLog("Try again with more samples.");
- }
-
- /* get rid of leading crap */
- sprintf(tmp,"%i",skip);
- CmdLtrim(tmp);
-
- /* now work through remaining buffer printing out data blocks */
- block= 0;
- i= startblock;
- while (block < 6)
- {
- PrintAndLog("Block %i:", block);
- // mandemod routine needs to be split so we can call it for data
- // just print for now for debugging
- CmdManchesterDemod("i 64");
- skip= 0;
- /* look for LW before start of next block */
- for ( ; i < j - 4 ; ++i)
- {
- skip += tmpbuff[i];
- if (tmpbuff[i] >= 190 && tmpbuff[i] <= 194)
- if (tmpbuff[i+1] >= 126 && tmpbuff[i+1] <= 130)
- break;
- }
- while (GraphBuffer[skip] > low)
- ++skip;
- skip += 8;
- sprintf(tmp,"%i",skip);
- CmdLtrim(tmp);
- start += skip;
- block++;
- }
- return 0;
+ return EM4x50Read(Cmd, true);
+}
+
+int usage_lf_em_read(void) {
+ PrintAndLog("Read EM4x05/EM4x69. Tag must be on antenna. ");
+ PrintAndLog("");
+ PrintAndLog("Usage: lf em readword [h] <address> <pwd>");
+ PrintAndLog("Options:");
+ PrintAndLog(" h - this help");
+ PrintAndLog(" address - memory address to read. (0-15)");
+ PrintAndLog(" pwd - password (hex) (optional)");
+ PrintAndLog("samples:");
+ PrintAndLog(" lf em readword 1");
+ PrintAndLog(" lf em readword 1 11223344");
+ return 0;
+}
+
+//search for given preamble in given BitStream and return success=1 or fail=0 and startIndex
+uint8_t EMpreambleSearch(uint8_t *BitStream, uint8_t *preamble, size_t pLen, size_t size, size_t *startIdx) {
+ // Sanity check. If preamble length is bigger than bitstream length.
+ if ( size <= pLen ) return 0;
+ // em only sends preamble once, so look for it once in the first x bits
+ uint8_t foundCnt = 0;
+ for (size_t idx = 0; idx < size - pLen; idx++){
+ if (memcmp(BitStream+idx, preamble, pLen) == 0){
+ //first index found
+ foundCnt++;
+ if (foundCnt == 1) {
+ if (g_debugMode) PrintAndLog("DEBUG: preamble found at %u", idx);
+ *startIdx = idx;
+ return 1;
+ }
+ }
+ }
+ return 0;
+}
+
+// FSK, PSK, ASK/MANCHESTER, ASK/BIPHASE, ASK/DIPHASE
+// should cover 90% of known used configs
+// the rest will need to be manually demoded for now...
+int demodEM4x05resp(uint8_t bitsNeeded) {
+ int ans = 0;
+ bool demodFound = false;
+ DemodBufferLen = 0x00;
+ // skip first two 0 bits as they might have been missed in the demod
+ uint8_t preamble[6] = {0,0,1,0,1,0};
+ size_t startIdx = 0;
+
+ // test for FSK wave (easiest to 99% ID)
+ if (GetFskClock("", FALSE, FALSE)) {
+ //valid fsk clocks found
+ ans = FSKrawDemod("0 0", false);
+ if (!ans) {
+ if (g_debugMode) PrintAndLog("DEBUG: Error - EM4305: FSK Demod failed");
+ } else {
+ // set size to 10 to only test first 4 positions for the preamble
+ size_t size = (10 > DemodBufferLen) ? DemodBufferLen : 10;
+ startIdx = 0;
+
+ if (g_debugMode) PrintAndLog("ANS: %d | %u | %u", ans, startIdx, size);
+
+ uint8_t errChk = EMpreambleSearch(DemodBuffer, preamble, sizeof(preamble), size, &startIdx);
+ if ( errChk == 0) {
+ if (g_debugMode) PrintAndLog("DEBUG: Error - EM4305 preamble not found :: %d", startIdx);
+ } else {
+ //can't test size because the preamble doesn't repeat :(
+ //meaning chances of false positives are high.
+ demodFound = true;
+ }
+ }
+ }
+ // PSK clocks should be easy to detect ( but difficult to demod a non-repeating pattern... )
+ if (!demodFound) {
+ ans = GetPskClock("", FALSE, FALSE);
+ if (ans>0) {
+ PrintAndLog("PSK response possibly found, run `data rawd p1` to attempt to demod");
+ }
+ }
+
+ // more common than biphase
+ if (!demodFound) {
+ DemodBufferLen = 0x00;
+ bool stcheck = false;
+ // try manchester - NOTE: ST only applies to T55x7 tags.
+ ans = ASKDemod_ext("0,0,1", false, false, 1, &stcheck);
+ if (!ans) {
+ if (g_debugMode) PrintAndLog("DEBUG: Error - EM4305: ASK/Manchester Demod failed");
+ } else {
+ // set size to 10 to only test first 4 positions for the preamble
+ size_t size = (10 > DemodBufferLen) ? DemodBufferLen : 10;
+ startIdx = 0;
+
+ if (g_debugMode) PrintAndLog("ANS: %d | %u | %u", ans, startIdx, size);
+
+ uint8_t errChk = EMpreambleSearch(DemodBuffer, preamble, sizeof(preamble), size, &startIdx);
+ if ( errChk == 0) {
+ if (g_debugMode) PrintAndLog("DEBUG: Error - EM4305 preamble not found :: %d", startIdx);
+ } else {
+ //can't test size because the preamble doesn't repeat :(
+ //meaning chances of false positives are high.
+ demodFound = true;
+ }
+ }
+ }
+
+ if (!demodFound) {
+ DemodBufferLen = 0x00;
+ //try biphase
+ ans = ASKbiphaseDemod("0 0 1", FALSE);
+ if (!ans) {
+ if (g_debugMode) PrintAndLog("DEBUG: Error - EM4305: ASK/biphase Demod failed");
+ } else {
+ // set size to 10 to only test first 4 positions for the preamble
+ size_t size = (10 > DemodBufferLen) ? DemodBufferLen : 10;
+ startIdx = 0;
+
+ if (g_debugMode) PrintAndLog("ANS: %d | %u | %u", ans, startIdx, size);
+
+ uint8_t errChk = EMpreambleSearch(DemodBuffer, preamble, sizeof(preamble), size, &startIdx);
+ if ( errChk == 0) {
+ if (g_debugMode) PrintAndLog("DEBUG: Error - EM4305 preamble not found :: %d", startIdx);
+ } else {
+ //can't test size because the preamble doesn't repeat :(
+ //meaning chances of false positives are high.
+ demodFound = true;
+ }
+ }
+ }
+
+ if (!demodFound) {
+ DemodBufferLen = 0x00;
+ //try diphase (differential biphase or inverted)
+ ans = ASKbiphaseDemod("0 1 1", FALSE);
+ if (!ans) {
+ if (g_debugMode) PrintAndLog("DEBUG: Error - EM4305: ASK/biphase Demod failed");
+ } else {
+ // set size to 10 to only test first 4 positions for the preamble
+ size_t size = (10 > DemodBufferLen) ? DemodBufferLen : 10;
+ startIdx = 0;
+
+ if (g_debugMode) PrintAndLog("ANS: %d | %u | %u", ans, startIdx, size);
+
+ uint8_t errChk = EMpreambleSearch(DemodBuffer, preamble, sizeof(preamble), size, &startIdx);
+ if ( errChk == 0) {
+ if (g_debugMode) PrintAndLog("DEBUG: Error - EM4305 preamble not found :: %d", startIdx);
+ } else {
+ //can't test size because the preamble doesn't repeat :(
+ //meaning chances of false positives are high.
+ demodFound = true;
+ }
+ }
+ }
+
+ if (demodFound && bitsNeeded < DemodBufferLen) {
+ if (bitsNeeded > 0) {
+ setDemodBuf(DemodBuffer + startIdx + sizeof(preamble), bitsNeeded, 0);
+ CmdPrintDemodBuff("x");
+ }
+ return 1;
+ }
+ return -1;