X-Git-Url: http://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/76c7e6c36368c3fc23dc4fab1fe5852023c78fac..06b58a94f0be3256853a97387fc7e5782ce335c7:/armsrc/iso14443a.c diff --git a/armsrc/iso14443a.c b/armsrc/iso14443a.c index 0cd9053b..fcd51d63 100644 --- a/armsrc/iso14443a.c +++ b/armsrc/iso14443a.c @@ -124,6 +124,8 @@ uint32_t LastProxToAirDuration; #define SEC_Y 0x00 #define SEC_Z 0xc0 +//replaced large parity table with small parity generation function - saves flash code +/* const uint8_t OddByteParity[256] = { 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 0, 0, 1, 1, 0, 0, 1, 0, 1, 1, 0, @@ -142,7 +144,7 @@ const uint8_t OddByteParity[256] = { 0, 1, 1, 0, 1, 0, 0, 1, 1, 0, 0, 1, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1 }; - +*/ void iso14a_set_trigger(bool enable) { trigger = enable; @@ -165,10 +167,12 @@ void iso14a_set_timeout(uint32_t timeout) { // Generate the parity value for a byte sequence // //----------------------------------------------------------------------------- +/* byte_t oddparity (const byte_t bt) { return OddByteParity[bt]; } +*/ uint32_t GetParity(const uint8_t * pbtCmd, int iLen) { @@ -178,7 +182,8 @@ uint32_t GetParity(const uint8_t * pbtCmd, int iLen) // Generate the parity bits for (i = 0; i < iLen; i++) { // and save them to a 32Bit word - dwPar |= ((OddByteParity[pbtCmd[i]]) << i); + //dwPar |= ((OddByteParity[pbtCmd[i]]) << i); + dwPar |= (oddparity(pbtCmd[i]) << i); } return dwPar; } @@ -683,7 +688,8 @@ static void CodeIso14443aAsTagPar(const uint8_t *cmd, int len, uint32_t dwParity } // Get the parity bit - if ((dwParity >> i) & 0x01) { + //if ((dwParity >> i) & 0x01) { + if (oddparity(cmd[i]) & 0x01) { ToSend[++ToSendMax] = SEC_D; LastProxToAirDuration = 8 * ToSendMax - 4; } else { @@ -891,6 +897,12 @@ void SimulateIso14443aTag(int tagType, int uid_1st, int uid_2nd, byte_t* data) response1[1] = 0x00; sak = 0x28; } break; + case 5: { // MIFARE TNP3XXX + // Says: I am a toy + response1[0] = 0x01; + response1[1] = 0x0f; + sak = 0x01; + } break; default: { Dbprintf("Error: unkown tagtype (%d)",tagType); return; @@ -1205,13 +1217,6 @@ static void TransmitFor14443a(const uint8_t *cmd, int len, uint32_t *timing) // clear TXRDY AT91C_BASE_SSC->SSC_THR = SEC_Y; - // for(uint16_t c = 0; c < 10;) { // standard delay for each transfer (allow tag to be ready after last transmission) - // if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) { - // AT91C_BASE_SSC->SSC_THR = SEC_Y; - // c++; - // } - // } - uint16_t c = 0; for(;;) { if(AT91C_BASE_SSC->SSC_SR & (AT91C_SSC_TXRDY)) { @@ -1223,8 +1228,7 @@ static void TransmitFor14443a(const uint8_t *cmd, int len, uint32_t *timing) } } - NextTransferTime = MAX(NextTransferTime, LastTimeProxToAirStart + REQUEST_GUARD_TIME); - + NextTransferTime = MAX(NextTransferTime, LastTimeProxToAirStart + REQUEST_GUARD_TIME); } @@ -1615,13 +1619,6 @@ int ReaderReceive(uint8_t* receivedAnswer) return ReaderReceiveOffset(receivedAnswer, 0); } -int ReaderReceiveDesfiresAuthTiming(uint8_t *receivedAnswer, uint32_t *elapsedTime) -{ - int len = ReaderReceiveOffset(receivedAnswer, 0); - *elapsedTime = (Demod.endTime*16 - DELAY_AIR2ARM_AS_READER) - (Demod.startTime*16 - DELAY_AIR2ARM_AS_READER); - return len; -} - int ReaderReceivePar(uint8_t *receivedAnswer, uint32_t *parptr) { if (!GetIso14443aAnswerFromTag(receivedAnswer,0,160)) return FALSE; @@ -1710,7 +1707,7 @@ int iso14443a_select_card(byte_t* uid_ptr, iso14a_card_select_t* p_hi14a_card, u memcpy(uid_resp,resp,4); } uid_resp_len = 4; - // Dbprintf("uid: %02x %02x %02x %02x",uid_resp[0],uid_resp[1],uid_resp[2],uid_resp[3]); + // calculate crypto UID. Always use last 4 Bytes. if(cuid_ptr) { @@ -1728,11 +1725,19 @@ int iso14443a_select_card(byte_t* uid_ptr, iso14a_card_select_t* p_hi14a_card, u if (!ReaderReceive(resp)) return 0; sak = resp[0]; + //Dbprintf("SAK: %02x",resp[0]); + // Test if more parts of the uid are comming if ((sak & 0x04) /* && uid_resp[0] == 0x88 */) { // Remove first byte, 0x88 is not an UID byte, it CT, see page 3 of: // http://www.nxp.com/documents/application_note/AN10927.pdf - memcpy(uid_resp, uid_resp + 1, 3); + // This was earlier: + //memcpy(uid_resp, uid_resp + 1, 3); + // But memcpy should not be used for overlapping arrays, + // and memmove appears to not be available in the arm build. + // So this has been replaced with a for-loop: + for(int xx = 0; xx < 3; xx++) + uid_resp[xx] = uid_resp[xx+1]; uid_resp_len = 3; } @@ -1779,8 +1784,7 @@ void iso14443a_setup(uint8_t fpga_minor_mode) { SetAdcMuxFor(GPIO_MUXSEL_HIPKD); // Signal field is on with the appropriate LED - if (fpga_minor_mode == FPGA_HF_ISO14443A_READER_MOD - || fpga_minor_mode == FPGA_HF_ISO14443A_READER_LISTEN) { + if (fpga_minor_mode == FPGA_HF_ISO14443A_READER_MOD || fpga_minor_mode == FPGA_HF_ISO14443A_READER_LISTEN) { LED_D_ON(); } else { LED_D_OFF(); @@ -1856,7 +1860,7 @@ void ReaderIso14443a(UsbCommand *c) } if(param & ISO14A_SET_TIMEOUT) { - iso14a_timeout = c->arg[2]; + iso14a_set_timeout(c->arg[2]); } if(param & ISO14A_APDU) { @@ -1868,10 +1872,10 @@ void ReaderIso14443a(UsbCommand *c) if(param & ISO14A_APPEND_CRC) { AppendCrc14443a(cmd,len); len += 2; - lenbits += 16; + if(lenbits>0) + lenbits += 16; } - if(lenbits>0) { - + if(lenbits>0) { ReaderTransmitBitsPar(cmd,lenbits,GetParity(cmd,lenbits/8), NULL); } else { ReaderTransmit(cmd,len, NULL); @@ -1943,10 +1947,11 @@ void ReaderMifare(bool first_try) uint8_t uid[10]; uint32_t cuid; - uint32_t nt, previous_nt; + uint32_t nt = 0; + uint32_t previous_nt = 0; static uint32_t nt_attacked = 0; - byte_t par_list[8] = {0,0,0,0,0,0,0,0}; - byte_t ks_list[8] = {0,0,0,0,0,0,0,0}; + byte_t par_list[8] = {0x00}; + byte_t ks_list[8] = {0x00}; static uint32_t sync_time; static uint32_t sync_cycles; @@ -1955,8 +1960,6 @@ void ReaderMifare(bool first_try) uint16_t consecutive_resyncs = 0; int isOK = 0; - - if (first_try) { mf_nr_ar3 = 0; iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD); @@ -1979,6 +1982,7 @@ void ReaderMifare(bool first_try) LED_C_OFF(); + Dbprintf("Mifare: Before loopen"); for(uint16_t i = 0; TRUE; i++) { WDT_HIT();