attempt hitag2 uid read for lf search

[proxmark3-svn] / armsrc / hitag2.c

diff --git a/armsrc/hitag2.c b/armsrc/hitag2.c
index 46432d835b284f06ff785dbe21f1cc5bc924e84e..c565511ce620525c0501d0118ef8590ec87d4756 100644 (file)
--- a/armsrc/hitag2.c
+++ b/armsrc/hitag2.c
@@ -697,6 +697,42 @@ static bool hitag2_test_auth_attempts(byte_t* rx, const size_t rxlen, byte_t* tx
        return true;
 }
 
+static bool hitag2_read_uid(byte_t* rx, const size_t rxlen, byte_t* tx, size_t* txlen) {
+       // Reset the transmission frame length
+       *txlen = 0;
+
+       // Try to find out which command was send by selecting on length (in bits)
+       switch (rxlen) {
+               // No answer, try to resurrect
+               case 0: {
+                       // Just starting or if there is no answer
+                       *txlen = 5;
+                       memcpy(tx,"\xc0",nbytes(*txlen));
+               } break;
+               // Received UID
+               case 32: {
+                       // Check if we received answer tag (at)
+                       if (bAuthenticating) {
+                               bAuthenticating = false;
+                       } else {
+                               // Store the received block
+                               memcpy(tag.sectors[blocknr],rx,4);
+                               blocknr++;
+                       }
+                       if (blocknr > 0) {
+                               //DbpString("Read successful!");
+                               bSuccessful = true;
+                               return false;
+                       }
+               } break;
+               // Unexpected response
+               default: {
+                       Dbprintf("Uknown frame length: %d",rxlen);
+                       return false;
+               } break;
+       }
+       return true;
+}
 
 void SnoopHitag(uint32_t type) {
        int frame_count;
@@ -1123,19 +1159,18 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
        set_tracing(TRUE);
        clear_trace();
 
-       DbpString("Starting Hitag reader family");
+       //DbpString("Starting Hitag reader family");
 
        // Check configuration
        switch(htf) {
                case RHT2F_PASSWORD: {
                        Dbprintf("List identifier in password mode");
                        memcpy(password,htd->pwd.password,4);
-               blocknr = 0;
+                       blocknr = 0;
                        bQuitTraceFull = false;
                        bQuiet = false;
                        bPwd = false;
                } break;
-      
                case RHT2F_AUTHENTICATE: {
                        DbpString("Authenticating using nr,ar pair:");
                        memcpy(NrAr,htd->auth.NrAr,8);
@@ -1145,7 +1180,6 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
                        bAuthenticating = false;
                        bQuitTraceFull = true;
                } break;
-      
                case RHT2F_CRYPTO: {
                        DbpString("Authenticating using key:");
                        memcpy(key,htd->crypto.key,6);    //HACK; 4 or 6??  I read both in the code.
@@ -1156,7 +1190,6 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
                        bAuthenticating = false;
                        bQuitTraceFull = true;
                } break;
-
                case RHT2F_TEST_AUTH_ATTEMPTS: {
                        Dbprintf("Testing %d authentication attempts",(auth_table_len/8));
                        auth_table_pos = 0;
@@ -1165,7 +1198,12 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
                        bQuiet = false;
                        bCrypto = false;
                } break;
-                       
+               case RHT2F_UID_ONLY: {
+                       blocknr = 0;
+                       bQuiet = false;
+                       bCrypto = false;
+                       bAuthenticating = false;
+               } break;
                default: {
                        Dbprintf("Error, unknown function: %d",htf);
                        return;
@@ -1222,22 +1260,22 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
     // hitagS settings
     reset_sof = 1;
     t_wait = 200;
-    DbpString("Configured for hitagS reader");
+    //DbpString("Configured for hitagS reader");
   } else if (htf < 20) {
     // hitag1 settings
     reset_sof = 1;
     t_wait = 200;
-    DbpString("Configured for hitag1 reader");
+    //DbpString("Configured for hitag1 reader");
   } else if (htf < 30) {
     // hitag2 settings
     reset_sof = 4;
     t_wait = HITAG_T_WAIT_2;
-    DbpString("Configured for hitag2 reader");
+    //DbpString("Configured for hitag2 reader");
        } else {
     Dbprintf("Error, unknown hitag reader type: %d",htf);
     return;
   }
-               
+       uint8_t attempt_count=0;
        while(!bStop && !BUTTON_PRESS()) {
                // Watchdog hit
                WDT_HIT();
@@ -1272,6 +1310,11 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
                        case RHT2F_TEST_AUTH_ATTEMPTS: {
                                bStop = !hitag2_test_auth_attempts(rx,rxlen,tx,&txlen);
                        } break;
+                       case RHT2F_UID_ONLY: {
+                               bStop = !hitag2_read_uid(rx, rxlen, tx, &txlen);
+                               attempt_count++; //attempt 3 times to get uid then quit
+                               if (!bStop && attempt_count == 3) bStop = true;
+                       } break;
                        default: {
                                Dbprintf("Error, unknown function: %d",htf);
                                return;
@@ -1381,7 +1424,7 @@ void ReaderHitag(hitag_function htf, hitag_data* htd) {
        AT91C_BASE_TC1->TC_CCR = AT91C_TC_CLKDIS;
        AT91C_BASE_TC0->TC_CCR = AT91C_TC_CLKDIS;
        FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
-       Dbprintf("frame received: %d",frame_count);
-  DbpString("All done");
+       //Dbprintf("frame received: %d",frame_count);
+  //DbpString("All done");
   cmd_send(CMD_ACK,bSuccessful,0,0,(byte_t*)tag.sectors,48);
 }