#define RECEIVE_SAMPLES_TIMEOUT 2000
#define ISO14443B_DMA_BUFFER_SIZE 256
+ // PCB Block number for APDUs
+ static uint8_t pcb_blocknum = 0;
+
//=============================================================================
// An ISO 14443 Type B tag. We listen for commands from the reader, using
// a UART kind of thing that's implemented in software. When we get a
}
}
}
-
+
return FALSE;
}
//-----------------------------------------------------------------------------
void SimulateIso14443bTag(void)
{
- // the only commands we understand is REQB, AFI=0, Select All, N=0:
- static const uint8_t cmd1[] = { 0x05, 0x00, 0x08, 0x39, 0x73 };
- // ... and REQB, AFI=0, Normal Request, N=0:
- static const uint8_t cmd2[] = { 0x05, 0x00, 0x00, 0x71, 0xFF };
+ // the only commands we understand is WUPB, AFI=0, Select All, N=1:
+ static const uint8_t cmd1[] = { 0x05, 0x00, 0x08, 0x39, 0x73 }; // WUPB
+ // ... and REQB, AFI=0, Normal Request, N=1:
+ static const uint8_t cmd2[] = { 0x05, 0x00, 0x00, 0x71, 0xFF }; // REQB
+ // ... and HLTB
+ static const uint8_t cmd3[] = { 0x50, 0xff, 0xff, 0xff, 0xff }; // HLTB
+ // ... and ATTRIB
+ static const uint8_t cmd4[] = { 0x1D, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; // ATTRIB
// ... and we always respond with ATQB, PUPI = 820de174, Application Data = 0x20381922,
// supports only 106kBit/s in both directions, max frame size = 32Bytes,
0x50, 0x82, 0x0d, 0xe1, 0x74, 0x20, 0x38, 0x19, 0x22,
0x00, 0x21, 0x85, 0x5e, 0xd7
};
+ // response to HLTB and ATTRIB
+ static const uint8_t response2[] = {0x00, 0x78, 0xF0};
+
FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
memcpy(resp1Code, ToSend, ToSendMax);
uint16_t resp1CodeLen = ToSendMax;
+ // prepare the (other) tag answer:
+ CodeIso14443bAsTag(response2, sizeof(response2));
+ uint8_t *resp2Code = BigBuf_malloc(ToSendMax);
+ memcpy(resp2Code, ToSend, ToSendMax);
+ uint16_t resp2CodeLen = ToSendMax;
+
// We need to listen to the high-frequency, peak-detected path.
SetAdcMuxFor(GPIO_MUXSEL_HIPKD);
FpgaSetupSsc();
respLen = sizeof(response1);
respCode = resp1Code;
respCodeLen = resp1CodeLen;
+ } else if ( (len == sizeof(cmd3) && receivedCmd[0] == cmd3[0])
+ || (len == sizeof(cmd4) && receivedCmd[0] == cmd4[0]) ) {
+ resp = response2;
+ respLen = sizeof(response2);
+ respCode = resp2Code;
+ respCodeLen = resp2CodeLen;
} else {
Dbprintf("new cmd from reader: len=%d, cmdsRecvd=%d", len, cmdsRecvd);
// And print whether the CRC fails, just for good measure
uint8_t b1, b2;
- ComputeCrc14443(CRC_14443_B, receivedCmd, len-2, &b1, &b2);
- if(b1 != receivedCmd[len-2] || b2 != receivedCmd[len-1]) {
- // Not so good, try again.
- DbpString("+++CRC fail");
- } else {
- DbpString("CRC passes");
+ if (len >= 3){ // if crc exists
+ ComputeCrc14443(CRC_14443_B, receivedCmd, len-2, &b1, &b2);
+ if(b1 != receivedCmd[len-2] || b2 != receivedCmd[len-1]) {
+ // Not so good, try again.
+ DbpString("+++CRC fail");
+
+ } else {
+ DbpString("CRC passes");
+ }
}
- break;
+ //get rid of compiler warning
+ respCodeLen = 0;
+ resp = response1;
+ respLen = 0;
+ respCode = resp1Code;
+ //don't crash at new command just wait and see if reader will send other new cmds.
+ //break;
}
cmdsRecvd++;
}
}
+ /* Sends an APDU to the tag
+ * TODO: check CRC and preamble
+ */
+ int iso14443b_apdu(uint8_t const *message, size_t message_length, uint8_t *response)
+ {
+ uint8_t message_frame[message_length + 4];
+ // PCB
+ message_frame[0] = 0x0A | pcb_blocknum;
+ pcb_blocknum ^= 1;
+ // CID
+ message_frame[1] = 0;
+ // INF
+ memcpy(message_frame + 2, message, message_length);
+ // EDC (CRC)
+ ComputeCrc14443(CRC_14443_B, message_frame, message_length + 2, &message_frame[message_length + 2], &message_frame[message_length + 3]);
+ // send
+ CodeAndTransmit14443bAsReader(message_frame, message_length + 4);
+ // get response
+ GetSamplesFor14443bDemod(RECEIVE_SAMPLES_TIMEOUT*100, TRUE);
+ if(Demod.len < 3)
+ {
+ return 0;
+ }
+ // TODO: Check CRC
+ // copy response contents
+ if(response != NULL)
+ {
+ memcpy(response, Demod.output, Demod.len);
+ }
+ return Demod.len;
+ }
+
+ /* Perform the ISO 14443 B Card Selection procedure
+ * Currently does NOT do any collision handling.
+ * It expects 0-1 cards in the device's range.
+ * TODO: Support multiple cards (perform anticollision)
+ * TODO: Verify CRC checksums
+ */
+ int iso14443b_select_card()
+ {
+ // WUPB command (including CRC)
+ // Note: WUPB wakes up all tags, REQB doesn't wake up tags in HALT state
+ static const uint8_t wupb[] = { 0x05, 0x00, 0x08, 0x39, 0x73 };
+ // ATTRIB command (with space for CRC)
+ uint8_t attrib[] = { 0x1D, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x00};
+
+ // first, wake up the tag
+ CodeAndTransmit14443bAsReader(wupb, sizeof(wupb));
+ GetSamplesFor14443bDemod(RECEIVE_SAMPLES_TIMEOUT, TRUE);
+ // ATQB too short?
+ if (Demod.len < 14)
+ {
+ return 2;
+ }
+
+ // select the tag
+ // copy the PUPI to ATTRIB
+ memcpy(attrib + 1, Demod.output + 1, 4);
+ /* copy the protocol info from ATQB (Protocol Info -> Protocol_Type) into
+ ATTRIB (Param 3) */
+ attrib[7] = Demod.output[10] & 0x0F;
+ ComputeCrc14443(CRC_14443_B, attrib, 9, attrib + 9, attrib + 10);
+ CodeAndTransmit14443bAsReader(attrib, sizeof(attrib));
+ GetSamplesFor14443bDemod(RECEIVE_SAMPLES_TIMEOUT, TRUE);
+ // Answer to ATTRIB too short?
+ if(Demod.len < 3)
+ {
+ return 2;
+ }
+ // reset PCB block number
+ pcb_blocknum = 0;
+ return 1;
+ }
+
+ // Set up ISO 14443 Type B communication (similar to iso14443a_setup)
+ void iso14443b_setup() {
+ FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
+ // Set up the synchronous serial port
+ FpgaSetupSsc();
+ // connect Demodulated Signal to ADC:
+ SetAdcMuxFor(GPIO_MUXSEL_HIPKD);
+
+ // Signal field is on with the appropriate LED
+ LED_D_ON();
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_READER_TX | FPGA_HF_READER_TX_SHALLOW_MOD);
+
+ // Start the timer
+ StartCountSspClk();
+
+ DemodReset();
+ UartReset();
+ }
//-----------------------------------------------------------------------------
// Read a SRI512 ISO 14443B tag.
SetAdcMuxFor(GPIO_MUXSEL_HIPKD);
FpgaSetupSsc();
- set_tracing(TRUE);
-
- CodeAndTransmit14443bAsReader(data, datalen);
+ if (datalen){
+ set_tracing(TRUE);
+
+ CodeAndTransmit14443bAsReader(data, datalen);
- if(recv) {
- GetSamplesFor14443bDemod(RECEIVE_SAMPLES_TIMEOUT, TRUE);
- uint16_t iLen = MIN(Demod.len, USB_CMD_DATA_SIZE);
- cmd_send(CMD_ACK, iLen, 0, 0, Demod.output, iLen);
+ if(recv) {
+ GetSamplesFor14443bDemod(RECEIVE_SAMPLES_TIMEOUT, TRUE);
+ uint16_t iLen = MIN(Demod.len, USB_CMD_DATA_SIZE);
+ cmd_send(CMD_ACK, iLen, 0, 0, Demod.output, iLen);
+ }
}
if(!powerfield) {
projects / proxmark3-svn / commitdiff