+ }
+
+ // Send and store the reader command
+ // Disable timer 1 with external trigger to avoid triggers during our own modulation
+ AT91C_BASE_TC1->TC_CCR = AT91C_TC_CLKDIS;
+
+ // Wait for HITAG_T_WAIT_2 carrier periods after the last tag bit before transmitting,
+ // Since the clock counts since the last falling edge, a 'one' means that the
+ // falling edge occured halfway the period. with respect to this falling edge,
+ // we need to wait (T_Wait2 + half_tag_period) when the last was a 'one'.
+ // All timer values are in terms of T0 units
+ while(AT91C_BASE_TC0->TC_CV < T0*(t_wait+(HITAG_T_TAG_HALF_PERIOD*lastbit)));
+
+ //Dbprintf("DEBUG: Sending reader frame");
+
+ // Transmit the reader frame
+ hitag_reader_send_frame(tx,txlen);
+
+ // Enable and reset external trigger in timer for capturing future frames
+ AT91C_BASE_TC1->TC_CCR = AT91C_TC_CLKEN | AT91C_TC_SWTRG;
+
+ // Add transmitted frame to total count
+ if(txlen > 0) {
+ frame_count++;
+ if (!bQuiet) {
+ // Store the frame in the trace
+ if (!LogTraceHitag(tx,txlen,HITAG_T_WAIT_2,0,true)) {
+ if (bQuitTraceFull) {
+ break;
+ } else {
+ bQuiet = true;
+ }
+ }
+ }
+ }
+
+ // Reset values for receiving frames
+ memset(rx,0x00,sizeof(rx));
+ rxlen = 0;
+ lastbit = 1;
+ bSkip = true;
+ tag_sof = reset_sof;
+ response = 0;
+ //Dbprintf("DEBUG: Waiting to receive frame");
+ uint32_t errorCount = 0;
+
+ // Receive frame, watch for at most T0*EOF periods
+ while (AT91C_BASE_TC1->TC_CV < T0*HITAG_T_WAIT_MAX) {
+ // Check if falling edge in tag modulation is detected
+ if(AT91C_BASE_TC1->TC_SR & AT91C_TC_LDRAS) {
+ // Retrieve the new timing values
+ int ra = (AT91C_BASE_TC1->TC_RA/T0);
+
+ // Reset timer every frame, we have to capture the last edge for timing
+ AT91C_BASE_TC0->TC_CCR = AT91C_TC_SWTRG;
+
+ LED_B_ON();
+
+ // Capture tag frame (manchester decoding using only falling edges)
+ if(ra >= HITAG_T_EOF) {
+ if (rxlen != 0) {
+ //Dbprintf("DEBUG: Wierd1");
+ }
+ // Capture the T0 periods that have passed since last communication or field drop (reset)
+ // We always recieve a 'one' first, which has the falling edge after a half period |-_|
+ response = ra-HITAG_T_TAG_HALF_PERIOD;
+ } else if(ra >= HITAG_T_TAG_CAPTURE_FOUR_HALF) {
+ // Manchester coding example |-_|_-|-_| (101)
+
+ //need to test to verify we don't exceed memory...
+ //if ( ((rxlen+2) / 8) > HITAG_FRAME_LEN) {
+ // break;
+ //}
+ rx[rxlen / 8] |= 0 << (7-(rxlen%8));
+ rxlen++;
+ rx[rxlen / 8] |= 1 << (7-(rxlen%8));
+ rxlen++;
+ } else if(ra >= HITAG_T_TAG_CAPTURE_THREE_HALF) {
+ // Manchester coding example |_-|...|_-|-_| (0...01)
+
+ //need to test to verify we don't exceed memory...
+ //if ( ((rxlen+2) / 8) > HITAG_FRAME_LEN) {
+ // break;
+ //}
+ rx[rxlen / 8] |= 0 << (7-(rxlen%8));
+ rxlen++;
+ // We have to skip this half period at start and add the 'one' the second time
+ if (!bSkip) {
+ rx[rxlen / 8] |= 1 << (7-(rxlen%8));
+ rxlen++;
+ }
+ lastbit = !lastbit;
+ bSkip = !bSkip;
+ } else if(ra >= HITAG_T_TAG_CAPTURE_TWO_HALF) {
+ // Manchester coding example |_-|_-| (00) or |-_|-_| (11)
+
+ //need to test to verify we don't exceed memory...
+ //if ( ((rxlen+2) / 8) > HITAG_FRAME_LEN) {
+ // break;
+ //}
+ if (tag_sof) {
+ // Ignore bits that are transmitted during SOF
+ tag_sof--;
+ } else {
+ // bit is same as last bit
+ rx[rxlen / 8] |= lastbit << (7-(rxlen%8));
+ rxlen++;
+ }
+ } else {
+ //Dbprintf("DEBUG: Wierd2");
+ errorCount++;
+ // Ignore wierd value, is to small to mean anything
+ }
+ }
+ //if we saw over 100 wierd values break it probably isn't hitag...
+ if (errorCount >100) break;
+ // We can break this loop if we received the last bit from a frame
+ if (AT91C_BASE_TC1->TC_CV > T0*HITAG_T_EOF) {
+ if (rxlen>0) break;
+ }
+ }
+ }
+ //Dbprintf("DEBUG: Done waiting for frame");
+
+ LED_B_OFF();
+ LED_D_OFF();
+ AT91C_BASE_TC1->TC_CCR = AT91C_TC_CLKDIS;
+ AT91C_BASE_TC0->TC_CCR = AT91C_TC_CLKDIS;
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
+ //Dbprintf("frame received: %d",frame_count);
+ //DbpString("All done");
+ cmd_send(CMD_ACK,bSuccessful,0,0,(byte_t*)tag.sectors,48);
+}
+
+void WriterHitag(hitag_function htf, hitag_data* htd, int page) {
+ int frame_count;
+ int response;
+ byte_t rx[HITAG_FRAME_LEN];
+ size_t rxlen=0;
+ byte_t txbuf[HITAG_FRAME_LEN];
+ byte_t* tx = txbuf;
+ size_t txlen=0;
+ int lastbit;
+ bool bSkip;
+ int reset_sof;
+ int tag_sof;
+ int t_wait = HITAG_T_WAIT_MAX;
+ bool bStop;
+ bool bQuitTraceFull = false;
+
+ FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
+ // Reset the return status
+ bSuccessful = false;
+
+ // Clean up trace and prepare it for storing frames
+ set_tracing(TRUE);
+ clear_trace();
+
+ //DbpString("Starting Hitag reader family");
+
+ // Check configuration
+ switch(htf) {
+ case WHT2F_CRYPTO:
+ {
+ DbpString("Authenticating using key:");
+ memcpy(key,htd->crypto.key,6); //HACK; 4 or 6?? I read both in the code.
+ memcpy(writedata, htd->crypto.data, 4);
+ Dbhexdump(6,key,false);
+ blocknr = page;
+ bQuiet = false;
+ bCrypto = false;
+ bAuthenticating = false;
+ bQuitTraceFull = true;
+ writestate = WRITE_STATE_START;
+ } break;
+ default: {
+ Dbprintf("Error, unknown function: %d",htf);
+ return;
+ } break;
projects / proxmark3-svn / commitdiff