From 2414f97889aa53ca2b357e6ed3fe2960ee1b48ff Mon Sep 17 00:00:00 2001
From: "cex123@gmail.com"
 <cex123@gmail.com@ef4ab9da-24cd-11de-8aaa-f3a34680c41f>
Date: Mon, 2 Jul 2012 08:37:50 +0000
Subject: [PATCH] Added Indala cloning. Fixed HID cloning bug

---
 armsrc/appmain.c  | 10 ++++--
 armsrc/apps.h     |  4 ++-
 armsrc/lfops.c    | 50 +++++++++++++++++++++++++--
 client/cmdlf.c    | 87 ++++++++++++++++++++++++++++++++++++++++++++++-
 include/usb_cmd.h |  2 ++
 5 files changed, 146 insertions(+), 7 deletions(-)

diff --git a/armsrc/appmain.c b/armsrc/appmain.c
index b107f594..63b8383f 100644
--- a/armsrc/appmain.c
+++ b/armsrc/appmain.c
@@ -611,13 +611,13 @@ void UsbPacketReceived(uint8_t *packet, int len)
 			ModThenAcquireRawAdcSamples125k(c->arg[0],c->arg[1],c->arg[2],c->d.asBytes);
 			break;
 		case CMD_HID_DEMOD_FSK:
-			CmdHIDdemodFSK(0, 0, 0, 1);				// Demodulate HID tag
+			CmdHIDdemodFSK(0, 0, 0, 1);					// Demodulate HID tag
 			break;
 		case CMD_HID_SIM_TAG:
 			CmdHIDsimTAG(c->arg[0], c->arg[1], 1);					// Simulate HID tag by ID
 			break;
 		case CMD_HID_CLONE_TAG:
-			CopyHIDtoT5567(c->arg[0], c->arg[1]);					// Clone HID tag by ID to T55x7
+			CopyHIDtoT55x7(c->arg[0], c->arg[1]);					// Clone HID tag by ID to T55x7
 			break;
 		case CMD_EM410X_WRITE_TAG:
 			WriteEM410x(c->arg[0], c->arg[1], c->arg[2]);
@@ -636,6 +636,12 @@ void UsbPacketReceived(uint8_t *packet, int len)
 		case CMD_LF_SIMULATE_BIDIR:
 			SimulateTagLowFrequencyBidir(c->arg[0], c->arg[1]);
 			break;
+		case CMD_INDALA_CLONE_TAG:					// Clone Indala 64-bit tag by UID to T55x7
+			CopyIndala64toT55x7(c->arg[0], c->arg[1]);					
+			break;
+		case CMD_INDALA_CLONE_TAG_L:					// Clone Indala 224-bit tag by UID to T55x7
+			CopyIndala224toT55x7(c->d.asDwords[0], c->d.asDwords[1], c->d.asDwords[2], c->d.asDwords[3], c->d.asDwords[4], c->d.asDwords[5], c->d.asDwords[6]);
+			break;
 #endif
 
 #ifdef WITH_ISO15693
diff --git a/armsrc/apps.h b/armsrc/apps.h
index ebfa0bdd..ac49ccad 100644
--- a/armsrc/apps.h
+++ b/armsrc/apps.h
@@ -112,8 +112,10 @@ void SimulateTagLowFrequency(int period, int gap, int ledcontrol);
 void CmdHIDsimTAG(int hi, int lo, int ledcontrol);
 void CmdHIDdemodFSK(int findone, int *high, int *low, int ledcontrol);
 void SimulateTagLowFrequencyBidir(int divisor, int max_bitlen);
-void CopyHIDtoT5567(int hi, int lo); // Clone an HID card to T5557/T5567
+void CopyHIDtoT55x7(int hi, int lo); // Clone an HID card to T5557/T5567
 void WriteEM410x(uint32_t card, uint32_t id_hi, uint32_t id_lo);
+void CopyIndala64toT55x7(int hi, int lo); // Clone Indala 64-bit tag by UID to T55x7
+void CopyIndala224toT55x7(int uid1, int uid2, int uid3, int uid4, int uid5, int uid6, int uid7); // Clone Indala 224-bit tag by UID to T55x7
 
 /// iso14443.h
 void SimulateIso14443Tag(void);
diff --git a/armsrc/lfops.c b/armsrc/lfops.c
index b53f370e..5ef01dcf 100644
--- a/armsrc/lfops.c
+++ b/armsrc/lfops.c
@@ -1092,7 +1092,7 @@ void T55xxWriteBlock(int Data, int Block)
 }
 
 // Copy HID id to card and setup block 0 config
-void CopyHIDtoT5567(int hi, int lo)
+void CopyHIDtoT55x7(int hi, int lo)
 {
 	int data1, data2, data3;
 
@@ -1135,8 +1135,8 @@ void CopyHIDtoT5567(int hi, int lo)
 	T55xxWriteBlock(data3,3);
 
 	// Config for HID (RF/50, FSK2a, Maxblock=3)
-	T55xxWriteBlock(T55x7_BITRATE_RF_50	    |
-			T55x7_MODULATION_MANCHESTER |
+	T55xxWriteBlock(T55x7_BITRATE_RF_50    |
+			T55x7_MODULATION_FSK2a |
 			3 << T55x7_MAXBLOCK_SHIFT,
 			0);
 
@@ -1228,3 +1228,47 @@ void WriteEM410x(uint32_t card, uint32_t id_hi, uint32_t id_lo)
 	Dbprintf("Tag %s written with 0x%08x%08x\n", card ? "T55x7":"T5555",
 					(uint32_t)(id >> 32), (uint32_t)id);
 }
+
+// Clone Indala 64-bit tag by UID to T55x7
+void CopyIndala64toT55x7(int hi, int lo)
+{
+
+	//Program the 2 data blocks for supplied 64bit UID
+	// and the block 0 for Indala64 format
+	T55xxWriteBlock(hi,1);
+	T55xxWriteBlock(lo,2);
+	//Config for Indala (RF/32;PSK1 with RF/2;Maxblock=2)
+	T55xxWriteBlock(T55x7_BITRATE_RF_32    |
+			T55x7_MODULATION_PSK1 |
+			2 << T55x7_MAXBLOCK_SHIFT,
+			0);
+	//Alternative config for Indala (Extended mode;RF/32;PSK1 with RF/2;Maxblock=2;Inverse data)
+//	T5567WriteBlock(0x603E1042,0);
+
+	DbpString("DONE!");
+
+}	
+
+void CopyIndala224toT55x7(int uid1, int uid2, int uid3, int uid4, int uid5, int uid6, int uid7)
+{
+
+	//Program the 7 data blocks for supplied 224bit UID
+	// and the block 0 for Indala224 format
+	T55xxWriteBlock(uid1,1);
+	T55xxWriteBlock(uid2,2);
+	T55xxWriteBlock(uid3,3);
+	T55xxWriteBlock(uid4,4);
+	T55xxWriteBlock(uid5,5);
+	T55xxWriteBlock(uid6,6);
+	T55xxWriteBlock(uid7,7);
+	//Config for Indala (RF/32;PSK1 with RF/2;Maxblock=7)
+	T55xxWriteBlock(T55x7_BITRATE_RF_32    |
+			T55x7_MODULATION_PSK1 |
+			7 << T55x7_MAXBLOCK_SHIFT,
+			0);
+	//Alternative config for Indala (Extended mode;RF/32;PSK1 with RF/2;Maxblock=7;Inverse data)
+//	T5567WriteBlock(0x603E10E2,0);
+
+	DbpString("DONE!");
+
+}
diff --git a/client/cmdlf.c b/client/cmdlf.c
index 86bb35ce..6be555bb 100644
--- a/client/cmdlf.c
+++ b/client/cmdlf.c
@@ -227,7 +227,42 @@ int CmdIndalaDemod(const char *Cmd)
     }
     times = 1;
   }
-  PrintAndLog("UID=%s", showbits);
+  
+  //convert UID to HEX
+  uint32_t uid1, uid2, uid3, uid4, uid5, uid6, uid7;
+  int idx;
+  uid1=0;
+  uid2=0;
+  if (uidlen==64){
+    for( idx=0; idx<64; idx++) {
+        if (showbits[idx] == '0') {
+        uid1=(uid1<<1)|(uid2>>31);
+        uid2=(uid2<<1)|0;
+        } else {
+        uid1=(uid1<<1)|(uid2>>31);
+        uid2=(uid2<<1)|1;
+        } 
+      }
+    PrintAndLog("UID=%s (%x%08x)", showbits, uid1, uid2);
+  }
+  else {
+    uid3=0;
+    uid4=0;
+    uid5=0;
+    uid6=0;
+    uid7=0;
+    for( idx=0; idx<224; idx++) {
+        uid1=(uid1<<1)|(uid2>>31);
+        uid2=(uid2<<1)|(uid3>>31);
+        uid3=(uid3<<1)|(uid4>>31);
+        uid4=(uid4<<1)|(uid5>>31);
+        uid5=(uid5<<1)|(uid6>>31);
+        uid6=(uid6<<1)|(uid7>>31);
+        if (showbits[idx] == '0') uid7=(uid7<<1)|0;
+        else uid7=(uid7<<1)|1;
+      }
+    PrintAndLog("UID=%s (%x%08x%08x%08x%08x%08x%08x)", showbits, uid1, uid2, uid3, uid4, uid5, uid6, uid7);
+  }
 
   // Checking UID against next occurences
   for (; i + uidlen <= rawbit;) {
@@ -266,6 +301,55 @@ int CmdIndalaDemod(const char *Cmd)
   return 0;
 }
 
+int CmdIndalaClone(const char *Cmd)
+{
+  unsigned int uid1, uid2, uid3, uid4, uid5, uid6, uid7;
+  UsbCommand c;
+  uid1=0;
+  uid2=0;
+  uid3=0;
+  uid4=0;
+  uid5=0;
+  uid6=0;
+  uid7=0;  
+  int n = 0, i = 0;
+
+  if (strchr(Cmd,'l') != 0) {
+    while (sscanf(&Cmd[i++], "%1x", &n ) == 1) {
+      uid1 = (uid1 << 4) | (uid2 >> 28);
+      uid2 = (uid2 << 4) | (uid3 >> 28);
+      uid3 = (uid3 << 4) | (uid4 >> 28);
+      uid4 = (uid4 << 4) | (uid5 >> 28);
+      uid5 = (uid5 << 4) | (uid6 >> 28);
+      uid6 = (uid6 << 4) | (uid7 >> 28);
+    	uid7 = (uid7 << 4) | (n & 0xf);
+    }
+    PrintAndLog("Cloning 224bit tag with UID %x%08x%08x%08x%08x%08x%08x", uid1, uid2, uid3, uid4, uid5, uid6, uid7);
+    c.cmd = CMD_INDALA_CLONE_TAG_L;
+    c.d.asDwords[0] = uid1;
+    c.d.asDwords[1] = uid2;
+    c.d.asDwords[2] = uid3;
+    c.d.asDwords[3] = uid4;
+    c.d.asDwords[4] = uid5;
+    c.d.asDwords[5] = uid6;
+    c.d.asDwords[6] = uid7;
+  } 
+  else 
+  {
+    while (sscanf(&Cmd[i++], "%1x", &n ) == 1) {
+      uid1 = (uid1 << 4) | (uid2 >> 28);
+      uid2 = (uid2 << 4) | (n & 0xf);
+    }
+    PrintAndLog("Cloning 64bit tag with UID %x%08x", uid1, uid2);
+    c.cmd = CMD_INDALA_CLONE_TAG;
+    c.arg[0] = uid1;
+    c.arg[1] = uid2;
+  }
+
+  SendCommand(&c);
+  return 0;
+}
+
 int CmdLFRead(const char *Cmd)
 {
   UsbCommand c = {CMD_ACQUIRE_RAW_ADC_SAMPLES_125K};
@@ -445,6 +529,7 @@ static command_t CommandTable[] =
   {"flexdemod",   CmdFlexdemod,       1, "Demodulate samples for FlexPass"},
   {"hid",         CmdLFHID,           1, "{ HID RFIDs... }"},
   {"indalademod", CmdIndalaDemod,     1, "['224'] -- Demodulate samples for Indala 64 bit UID (option '224' for 224 bit)"},
+  {"indalaclone", CmdIndalaClone,     1, "<UID> ['l']-- Clone Indala to T55x7 (tag must be in antenna)(UID in HEX)(option 'l' for 224 UID"},
   {"read",        CmdLFRead,          0, "['h'] -- Read 125/134 kHz LF ID-only tag (option 'h' for 134)"},
   {"sim",         CmdLFSim,           0, "[GAP] -- Simulate LF tag from buffer with optional GAP (in microseconds)"},
   {"simbidir",    CmdLFSimBidir,      0, "Simulate LF tag (with bidirectional data transmission between reader and tag)"},
diff --git a/include/usb_cmd.h b/include/usb_cmd.h
index a9096154..7d7093b5 100644
--- a/include/usb_cmd.h
+++ b/include/usb_cmd.h
@@ -68,6 +68,8 @@ typedef struct {
 #define CMD_SET_ADC_MUX									0x020F
 #define CMD_HID_CLONE_TAG								0x0210
 #define CMD_EM410X_WRITE_TAG						0x0211
+#define CMD_INDALA_CLONE_TAG						0x0212
+#define CMD_INDALA_CLONE_TAG_L					0x0213	// for 224 bits UID
 
 /* CMD_SET_ADC_MUX: ext1 is 0 for lopkd, 1 for loraw, 2 for hipkd, 3 for hiraw */
 
-- 
2.39.2