{
iso14a_command_t param = c->arg[0];
uint8_t *cmd = c->d.asBytes;
- size_t len = c->arg[1];
- size_t lenbits = c->arg[2];
+ size_t len = c->arg[1] & 0xffff;
+ size_t lenbits = c->arg[1] >> 16;
+ uint32_t timeout = c->arg[2];
uint32_t arg0 = 0;
byte_t buf[USB_CMD_DATA_SIZE];
uint8_t par[MAX_PARITY_SIZE];
}
if(param & ISO14A_SET_TIMEOUT) {
- iso14a_set_timeout(c->arg[2]);
+ iso14a_set_timeout(timeout);
}
if(param & ISO14A_APDU) {
#include "string.h"
#include "lfdemod.h"
#include "lfsampling.h"
+#include "usb_cdc.h"
/**
for(;;) {
//wait until SSC_CLK goes HIGH
while(!(AT91C_BASE_PIOA->PIO_PDSR & GPIO_SSC_CLK)) {
- if(BUTTON_PRESS()) {
+ if(BUTTON_PRESS() || usb_poll()) {
DbpString("Stopped");
return;
}
LDFLAGS = $(COMMON_FLAGS)
CFLAGS = -std=c99 -I. -I../include -I../common -I/opt/local/include -I../liblua -Wall $(COMMON_FLAGS) -g -O4
LUAPLATFORM = generic
+
ifneq (,$(findstring MINGW,$(platform)))
-CXXFLAGS = -I$(QTDIR)/include -I$(QTDIR)/include/QtCore -I$(QTDIR)/include/QtGui
-QTLDLIBS = -L$(QTDIR)/lib -lQtCore4 -lQtGui4
-MOC = $(QTDIR)/bin/moc
-LUAPLATFORM = mingw
+ CXXFLAGS = -I$(QTDIR)/include -I$(QTDIR)/include/QtCore -I$(QTDIR)/include/QtGui
+ MOC = $(QTDIR)/bin/moc
+ LUAPLATFORM = mingw
+ ifneq ($(wildcard $(QTDIR)/include/QtWidgets),)
+ CXXFLAGS += -I$(QTDIR)/include/QtWidgets
+ QTLDLIBS = -L$(QTDIR)/lib -lQt5Core -lQt5Gui -lQt5Widgets
+ else
+ QTLDLIBS = -L$(QTDIR)/lib -lQtCore4 -lQtGui4
+ endif
else ifeq ($(platform),Darwin)
-CXXFLAGS = $(shell pkg-config --cflags QtCore QtGui 2>/dev/null) -Wall -O4
-QTLDLIBS = $(shell pkg-config --libs QtCore QtGui 2>/dev/null)
-MOC = $(shell pkg-config --variable=moc_location QtCore)
-LUAPLATFORM = macosx
+ CXXFLAGS = $(shell pkg-config --cflags QtCore QtGui 2>/dev/null) -Wall -O4
+ QTLDLIBS = $(shell pkg-config --libs QtCore QtGui 2>/dev/null)
+ MOC = $(shell pkg-config --variable=moc_location QtCore)
+ LUAPLATFORM = macosx
else
-CXXFLAGS = $(shell pkg-config --cflags QtCore QtGui 2>/dev/null) -Wall -O4
-QTLDLIBS = $(shell pkg-config --libs QtCore QtGui 2>/dev/null)
-MOC = $(shell pkg-config --variable=moc_location QtCore)
-LDLIBS += -ldl
-
-# Below is a variant you can use if you have problems compiling with QT5 on ubuntu. see http://www.proxmark.org/forum/viewtopic.php?id=1661 for more info.
-#MOC = /usr/lib/x86_64-linux-gnu/qt4/bin/moc
-LUAPLATFORM = linux
+ CXXFLAGS = $(shell pkg-config --cflags QtCore QtGui 2>/dev/null) -Wall -O4
+ QTLDLIBS = $(shell pkg-config --libs QtCore QtGui 2>/dev/null)
+ MOC = $(shell pkg-config --variable=moc_location QtCore)
+ LDLIBS += -ldl
+ # Below is a variant you can use if you have problems compiling with QT5 on ubuntu. see http://www.proxmark.org/forum/viewtopic.php?id=1661 for more info.
+ #MOC = /usr/lib/x86_64-linux-gnu/qt4/bin/moc
+ LUAPLATFORM = linux
endif
ifneq ($(QTLDLIBS),)
-QTGUI = $(OBJDIR)/proxgui.o $(OBJDIR)/proxguiqt.o $(OBJDIR)/proxguiqt.moc.o
-CFLAGS += -DHAVE_GUI
-LINK.o = $(LINK.cpp)
+ QTGUI = $(OBJDIR)/proxgui.o $(OBJDIR)/proxguiqt.o $(OBJDIR)/proxguiqt.moc.o
+ CFLAGS += -DHAVE_GUI
+ LINK.o = $(LINK.cpp)
else
-QTGUI = guidummy.o
+ QTGUI = guidummy.o
endif
CORESRCS = uart.c \
snprintf(exp,size,"ANTICOLL-2"); break;
}
}
- case ISO14443A_CMD_REQA: snprintf(exp,size,"REQA"); break;
- case ISO14443A_CMD_READBLOCK: snprintf(exp,size,"READBLOCK(%d)",cmd[1]); break;
- case ISO14443A_CMD_WRITEBLOCK: snprintf(exp,size,"WRITEBLOCK(%d)",cmd[1]); break;
- case ISO14443A_CMD_HALT: snprintf(exp,size,"HALT"); break;
- case ISO14443A_CMD_RATS: snprintf(exp,size,"RATS"); break;
- case MIFARE_CMD_INC: snprintf(exp,size,"INC(%d)",cmd[1]); break;
- case MIFARE_CMD_DEC: snprintf(exp,size,"DEC(%d)",cmd[1]); break;
- case MIFARE_CMD_RESTORE: snprintf(exp,size,"RESTORE(%d)",cmd[1]); break;
- case MIFARE_CMD_TRANSFER: snprintf(exp,size,"TRANSFER(%d)",cmd[1]); break;
- case MIFARE_AUTH_KEYA: snprintf(exp,size,"AUTH-A(%d)",cmd[1]); break;
- case MIFARE_AUTH_KEYB: snprintf(exp,size,"AUTH-B(%d)",cmd[1]); break;
- case MIFARE_MAGICMODE: snprintf(exp,size,"MAGIC"); break;
- default: snprintf(exp,size,"?"); break;
+ case ISO14443A_CMD_REQA: snprintf(exp,size,"REQA"); break;
+ case ISO14443A_CMD_READBLOCK: snprintf(exp,size,"READBLOCK(%d)",cmd[1]); break;
+ case ISO14443A_CMD_WRITEBLOCK: snprintf(exp,size,"WRITEBLOCK(%d)",cmd[1]); break;
+ case ISO14443A_CMD_HALT: snprintf(exp,size,"HALT"); break;
+ case ISO14443A_CMD_RATS: snprintf(exp,size,"RATS"); break;
+ case MIFARE_CMD_INC: snprintf(exp,size,"INC(%d)",cmd[1]); break;
+ case MIFARE_CMD_DEC: snprintf(exp,size,"DEC(%d)",cmd[1]); break;
+ case MIFARE_CMD_RESTORE: snprintf(exp,size,"RESTORE(%d)",cmd[1]); break;
+ case MIFARE_CMD_TRANSFER: snprintf(exp,size,"TRANSFER(%d)",cmd[1]); break;
+ case MIFARE_AUTH_KEYA: snprintf(exp,size,"AUTH-A(%d)",cmd[1]); break;
+ case MIFARE_AUTH_KEYB: snprintf(exp,size,"AUTH-B(%d)",cmd[1]); break;
+ case MIFARE_MAGICWUPC1: snprintf(exp,size,"MAGIC WUPC1"); break;
+ case MIFARE_MAGICWUPC2: snprintf(exp,size,"MAGIC WUPC2"); break;
+ case MIFARE_MAGICWIPEC: snprintf(exp,size,"MAGIC WIPEC"); break;
+ default: snprintf(exp,size,"?"); break;
}
return;
}
timeout = temp;
i+=3;
while(cmd[i]!=' ' && cmd[i]!='\0') { i++; }
- i+=2;
+ i-=2;
break;
default:
PrintAndLog("Invalid option");
if(active)
c.arg[0] |= ISO14A_NO_SELECT;
}
+
if(bTimeout){
#define MAX_TIMEOUT 40542464 // (2^32-1) * (8*16) / 13560000Hz * 1000ms/s =
c.arg[0] |= ISO14A_SET_TIMEOUT;
timeout = MAX_TIMEOUT;
PrintAndLog("Set timeout to 40542 seconds (11.26 hours). The max we can wait for response");
}
- c.arg[2] = 13560000 / 1000 / (8*16) * timeout; // timeout in ETUs (time to transfer 1 bit, approx. 9.4 us)
+ c.arg[2] = 13560000 / 1000 / (8*16) * timeout; // timeout in ETUs (time to transfer 1 bit, approx. 9.4 us)
}
if(power)
c.arg[0] |= ISO14A_NO_DISCONNECT;
if (ctmp == 'e' || ctmp == 'E') fillFromEmulator = 1;\r
\r
if (fillFromEmulator) {\r
- flags = CSETBLOCK_INIT_FIELD + CSETBLOCK_WUPC;\r
for (blockNum = 0; blockNum < 16 * 4; blockNum += 1) {\r
if (mfEmlGetMem(buf8, blockNum, 1)) {\r
PrintAndLog("Cant get block: %d", blockNum);\r
return 2;\r
}\r
- \r
- if (blockNum == 2) flags = 0;\r
- if (blockNum == 16 * 4 - 1) flags = CSETBLOCK_HALT + CSETBLOCK_RESET_FIELD;\r
+ if (blockNum == 0) flags = CSETBLOCK_INIT_FIELD + CSETBLOCK_WUPC; // switch on field and send magic sequence\r
+ if (blockNum == 1) flags = 0; // just write\r
+ if (blockNum == 16 * 4 - 1) flags = CSETBLOCK_HALT + CSETBLOCK_RESET_FIELD; // Done. Magic Halt and switch off field.\r
\r
if (mfCSetBlock(blockNum, buf8, NULL, 0, flags)) {\r
PrintAndLog("Cant set magic card block: %d", blockNum);\r
}\r
\r
blockNum = 0;\r
- flags = CSETBLOCK_INIT_FIELD + CSETBLOCK_WUPC;\r
while(!feof(f)){\r
\r
memset(buf, 0, sizeof(buf));\r
return 2;\r
}\r
\r
- if (strlen(buf) < 32){\r
+ if (strlen(buf) < 32) {\r
if(strlen(buf) && feof(f))\r
break;\r
PrintAndLog("File content error. Block data must include 32 HEX symbols");\r
for (i = 0; i < 32; i += 2)\r
sscanf(&buf[i], "%02x", (unsigned int *)&buf8[i / 2]);\r
\r
- if (blockNum == 2) flags = 0;\r
- if (blockNum == 16 * 4 - 1) flags = CSETBLOCK_HALT + CSETBLOCK_RESET_FIELD;\r
+ if (blockNum == 0) flags = CSETBLOCK_INIT_FIELD + CSETBLOCK_WUPC; // switch on field and send magic sequence\r
+ if (blockNum == 1) flags = 0; // just write\r
+ if (blockNum == 16 * 4 - 1) flags = CSETBLOCK_HALT + CSETBLOCK_RESET_FIELD; // Done. Switch off field.\r
\r
if (mfCSetBlock(blockNum, buf8, NULL, 0, flags)) {\r
PrintAndLog("Can't set magic card block: %d", blockNum);\r
#define MIFARE_AUTH_KEYA 0x60
#define MIFARE_AUTH_KEYB 0x61
-#define MIFARE_MAGICMODE 0x40
+#define MIFARE_MAGICWUPC1 0x40
+#define MIFARE_MAGICWUPC2 0x43
+#define MIFARE_MAGICWIPEC 0x41
#define MIFARE_CMD_INC 0xC0
#define MIFARE_CMD_DEC 0xC1
#define MIFARE_CMD_RESTORE 0xC2
// for noise reduction and edge detection.
// store 4 previous samples:
reg [7:0] input_prev_4, input_prev_3, input_prev_2, input_prev_1;
-// convert to signed signals (and multiply by two for samples at t-4 and t)
-wire signed [10:0] input_prev_4_times_2 = {0, 0, input_prev_4, 0};
-wire signed [10:0] input_prev_3_times_1 = {0, 0, 0, input_prev_3};
-wire signed [10:0] input_prev_1_times_1 = {0, 0, 0, input_prev_1};
-wire signed [10:0] adc_d_times_2 = {0, 0, adc_d, 0};
-
-wire signed [10:0] tmp_1, tmp_2;
-wire signed [10:0] adc_d_filtered;
-integer i;
-
-assign tmp_1 = input_prev_4_times_2 + input_prev_3_times_1;
-assign tmp_2 = input_prev_1_times_1 + adc_d_times_2;
-
+
always @(negedge adc_clk)
begin
- // for (i = 3; i > 0; i = i - 1)
- // begin
- // input_shift[i] <= input_shift[i-1];
- // end
- // input_shift[0] <= adc_d;
input_prev_4 <= input_prev_3;
input_prev_3 <= input_prev_2;
input_prev_2 <= input_prev_1;
input_prev_1 <= adc_d;
end
-// assign adc_d_filtered = (input_shift[3] << 1) + input_shift[2] - input_shift[0] - (adc_d << 1);
-assign adc_d_filtered = tmp_1 - tmp_2;
+// adc_d_filtered = 2*input_prev4 + 1*input_prev3 + 0*input_prev2 - 1*input_prev1 - 2*input
+// = (2*input_prev4 + input_prev3) - (2*input + input_prev1)
+wire [8:0] input_prev_4_times_2 = input_prev_4 << 1;
+wire [8:0] adc_d_times_2 = adc_d << 1;
+
+wire [9:0] tmp1 = input_prev_4_times_2 + input_prev_3;
+wire [9:0] tmp2 = adc_d_times_2 + input_prev_1;
+
+// convert intermediate signals to signed and calculate the filter output
+wire signed [10:0] adc_d_filtered = {1'b0, tmp1} - {1'b0, tmp2};
+
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
always @(negedge adc_clk)
begin
if (mod_type == `READER_LISTEN)
- // (our) reader signal changes at t=1, tag response expected n*16+4 ticks later, further delayed by
- // 3 ticks ADC conversion.
- // 1 + 4 + 3 = 8
+ // (our) reader signal changes at negedge_cnt[3:0]=9, tag response expected to start n*16+4 ticks later, further delayed by
+ // 3 ticks ADC conversion. The maximum filter output (edge detected) will be detected after subcarrier zero crossing (+7 ticks).
+ // To allow some timing variances, we want to have the maximum filter outputs well within the detection window, i.e.
+ // at mod_detect_reset_time+4 and mod_detect_reset_time+12 (-4 ticks).
+ // 9 + 4 + 3 + 7 - 4 = 19. 19 mod 16 = 3
begin
- mod_detect_reset_time <= 4'd8;
+ mod_detect_reset_time <= 4'd4;
end
else
if (mod_type == `SNIFFER)
if (~pre_after_hysteresis && after_hysteresis && deep_modulation)
// reader signal rising edge detected at negedge_cnt[3:0]. This signal had been delayed
// 9 ticks by the RF part + 3 ticks by the A/D converter + 1 tick to assign to after_hysteresis.
- // The tag will respond n*16 + 4 ticks later + 3 ticks A/D converter delay.
- // - 9 - 3 - 1 + 4 + 3 = -6
+ // Then the same as above.
+ // - 9 - 3 - 1 + 4 + 3 + 7 - 4 = -3
begin
- mod_detect_reset_time <= negedge_cnt[3:0] - 4'd4;
+ mod_detect_reset_time <= negedge_cnt[3:0] - 4'd3;
end
end
end
reg signed [10:0] rx_mod_rising_edge_max;
reg curbit;
+`define EDGE_DETECT_THRESHOLD 5
+
always @(negedge adc_clk)
begin
if(negedge_cnt[3:0] == mod_detect_reset_time)
begin
// detect modulation signal: if modulating, there must have been a falling AND a rising edge
- if (rx_mod_falling_edge_max > 5 && rx_mod_rising_edge_max > 5)
+ if ((rx_mod_falling_edge_max > `EDGE_DETECT_THRESHOLD) && (rx_mod_rising_edge_max < -`EDGE_DETECT_THRESHOLD))
curbit <= 1'b1; // modulation
else
curbit <= 1'b0; // no modulation
end
else
begin
- if (-adc_d_filtered > rx_mod_rising_edge_max)
- rx_mod_rising_edge_max <= -adc_d_filtered;
+ if (adc_d_filtered < rx_mod_rising_edge_max)
+ rx_mod_rising_edge_max <= adc_d_filtered;
end
end
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
-// PM3 -> Tag:
+// PM3 -> Reader:
// a delay line to ensure that we send the (emulated) tag's answer at the correct time according to ISO14443-3
reg [31:0] mod_sig_buf;
reg [4:0] mod_sig_ptr;
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
-// PM3 -> Tag, internal timing:
+// PM3 -> Reader, internal timing:
// a timer for the 1172 cycles fdt (Frame Delay Time). Start the timer with a rising edge of the reader's signal.
// set fdt_elapsed when we no longer need to delay data. Set fdt_indicator when we can start sending data.
// Note: the FPGA only takes care for the 1172 delay. To achieve an additional 1236-1172=64 ticks delay, the ARM must send
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
-// FPGA -> ARM communication:
+// FPGA <-> ARM communication:
// generate a ssp clock and ssp frame signal for the synchronous transfer from/to the ARM
reg ssp_clk;
reg ssp_frame;
-reg [2:0] ssp_frame_counter;
always @(negedge adc_clk)
begin
projects / proxmark3-svn / commitdiff