From 415274a7c3253b71b582c2f563bb54080c2790be Mon Sep 17 00:00:00 2001
From: marshmellow42 <marshmellowrf@gmail.com>
Date: Mon, 9 Nov 2015 23:09:26 -0500
Subject: [PATCH 1/1] Add Viking demod,

fix compiler warning for int vs uint8_t for em410x sim clock variable
---
 CHANGELOG.md       |  3 +++
 client/cmddata.c   | 27 +++++++++++++++++++++++++++
 client/cmddata.h   |  1 +
 client/cmdlf.c     |  6 ++++++
 client/cmdlfem4x.c |  6 +++---
 common/lfdemod.c   | 17 +++++++++++++++++
 common/lfdemod.h   |  1 +
 7 files changed, 58 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 163bc42a..a3a0799e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,8 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
 ## [unreleased][unreleased]
 
 ### Added
+- Added viking demod to `lf search` (marshmellow)
+- `data askvikingdemod` demod viking id tag from graphbuffer (marshmellow)
 - `lf t55xx resetread` added reset then read command - should allow determining start
 of stream transmissions (marshmellow)
 - `lf t55xx wakeup` added wake with password (AOR) to allow lf search or standard lf read after (iceman, marshmellow)
@@ -24,6 +26,7 @@ of stream transmissions (marshmellow)
 - Added option c to 'hf list' (mark CRC bytes) (piwi)
 
 ### Changed
+- Adjusted lf em410x em410xsim to accept a clock argument
 - Adjusted lf t55xx dump to allow overriding the safety check and warning text (marshmellow)
 - Adjusted lf t55xx write input variables (marshmellow)
 - Adjusted lf t55xx read with password safety check and warning text and adjusted the input variables (marshmellow & iceman)
diff --git a/client/cmddata.c b/client/cmddata.c
index 9fa29dd1..663faf80 100644
--- a/client/cmddata.c
+++ b/client/cmddata.c
@@ -637,6 +637,32 @@ int CmdG_Prox_II_Demod(const char *Cmd)
 	return 1;
 }
 
+//by marshmellow
+//see ASKDemod for what args are accepted
+int CmdVikingDemod(const char *Cmd)
+{
+	if (!ASKDemod(Cmd, false, false, 1)) {
+		if (g_debugMode) PrintAndLog("ASKDemod failed");
+		return 0;
+	}
+	size_t size = DemodBufferLen;
+	//call lfdemod.c demod for gProxII
+	int ans = VikingDemod_AM(DemodBuffer, &size);
+	if (ans < 0) {
+		if (g_debugMode) PrintAndLog("Error Viking_Demod");
+		return 0;
+	}
+	//got a good demod
+	uint32_t raw1 = bytebits_to_byte(DemodBuffer+ans, 32);
+	uint32_t raw2 = bytebits_to_byte(DemodBuffer+ans+32, 32);
+	uint32_t cardid = bytebits_to_byte(DemodBuffer+ans+24, 32);
+	uint8_t checksum = bytebits_to_byte(DemodBuffer+ans+32+24, 8);
+	PrintAndLog("Viking Tag Found: Card ID %08X, Checksum: %02X", cardid, checksum);
+	PrintAndLog("Raw: %08X%08X", raw1,raw2);
+	setDemodBuf(DemodBuffer+ans, 64, 0);
+	return 1;
+}
+
 //by marshmellow - see ASKDemod
 int Cmdaskrawdemod(const char *Cmd)
 {
@@ -2345,6 +2371,7 @@ static command_t CommandTable[] =
 	{"askedgedetect",   CmdAskEdgeDetect,   1, "[threshold] Adjust Graph for manual ask demod using the length of sample differences to detect the edge of a wave (use 20-45, def:25)"},
 	{"askem410xdemod",  CmdAskEM410xDemod,  1, "[clock] [invert<0|1>] [maxErr] -- Demodulate an EM410x tag from GraphBuffer (args optional)"},
 	{"askgproxiidemod", CmdG_Prox_II_Demod, 1, "Demodulate a G Prox II tag from GraphBuffer"},
+	{"askvikingdemod",  CmdVikingDemod,     1, "Demodulate a Viking tag from GraphBuffer"},
 	{"autocorr",        CmdAutoCorr,        1, "[window length] [g] -- Autocorrelation over window - g to save back to GraphBuffer (overwrite)"},
 	{"biphaserawdecode",CmdBiphaseDecodeRaw,1, "[offset] [invert<0|1>] [maxErr] -- Biphase decode bin stream in DemodBuffer (offset = 0|1 bits to shift the decode start)"},
 	{"bin2hex",         Cmdbin2hex,         1, "bin2hex <digits>     -- Converts binary to hexadecimal"},
diff --git a/client/cmddata.h b/client/cmddata.h
index fcc51a6b..c3303c54 100644
--- a/client/cmddata.h
+++ b/client/cmddata.h
@@ -17,6 +17,7 @@ int CmdData(const char *Cmd);
 void printDemodBuff(void);
 void setDemodBuf(uint8_t *buff, size_t size, size_t startIdx);
 int CmdAskEM410xDemod(const char *Cmd);
+int CmdVikingDemod(const char *Cmd);
 int CmdG_Prox_II_Demod(const char *Cmd);
 int Cmdaskrawdemod(const char *Cmd);
 int Cmdaskmandemod(const char *Cmd);
diff --git a/client/cmdlf.c b/client/cmdlf.c
index 6b8a31b2..616d932a 100644
--- a/client/cmdlf.c
+++ b/client/cmdlf.c
@@ -1155,6 +1155,12 @@ int CmdLFfind(const char *Cmd)
 		return 1;
 	}	
 
+	ans=CmdVikingDemod("");
+	if (ans>0) {
+		PrintAndLog("\nValid Viking ID Found!");
+		return 1;
+	}	
+
 	ans=CmdPSKNexWatch("");
 	if (ans>0) {
 		PrintAndLog("\nValid NexWatch ID Found!");
diff --git a/client/cmdlfem4x.c b/client/cmdlfem4x.c
index 559618bc..7ff8037b 100644
--- a/client/cmdlfem4x.c
+++ b/client/cmdlfem4x.c
@@ -79,13 +79,13 @@ int CmdEM410xSim(const char *Cmd)
 		return 0;
 	}
 	/* clock is 64 in EM410x tags */
-	int clock = 64;
+	uint8_t clock = 64;
 
 	if (param_gethex(Cmd, 0, uid, 10)) {
 		PrintAndLog("UID must include 10 HEX symbols");
 		return 0;
 	}
-	param_getdec(Cmd,1,&clock);
+	param_getdec(Cmd,1, &clock);
 
 	PrintAndLog("Starting simulating UID %02X%02X%02X%02X%02X  clock: %d", uid[0],uid[1],uid[2],uid[3],uid[4],clock);
 	PrintAndLog("Press pm3-button to about simulation");
@@ -601,7 +601,7 @@ static command_t CommandTable[] =
 	{"help", CmdHelp, 1, "This help"},
 	{"em410xdemod", CmdEMdemodASK, 0, "[findone] -- Extract ID from EM410x tag (option 0 for continuous loop, 1 for only 1 tag)"},  
 	{"em410xread", CmdEM410xRead, 1, "[clock rate] -- Extract ID from EM410x tag in GraphBuffer"},
-	{"em410xsim", CmdEM410xSim, 0, "<UID> -- Simulate EM410x tag"},
+	{"em410xsim", CmdEM410xSim, 0, "<UID> [clock rate] -- Simulate EM410x tag"},
 	{"em410xwatch", CmdEM410xWatch, 0, "['h'] -- Watches for EM410x 125/134 kHz tags (option 'h' for 134)"},
 	{"em410xspoof", CmdEM410xWatchnSpoof, 0, "['h'] --- Watches for EM410x 125/134 kHz tags, and replays them. (option 'h' for 134)" },
 	{"em410xwrite", CmdEM410xWrite, 0, "<UID> <'0' T5555> <'1' T55x7> [clock rate] -- Write EM410x UID to T5555(Q5) or T55x7 tag, optionally setting clock rate"},
diff --git a/common/lfdemod.c b/common/lfdemod.c
index f5a0310e..5d19c897 100644
--- a/common/lfdemod.c
+++ b/common/lfdemod.c
@@ -597,6 +597,23 @@ int IOdemodFSK(uint8_t *dest, size_t size)
 		return (int) startIdx;
 	}
 	return -5;
+} 
+
+// by marshmellow
+// find viking preamble 0xF200 in already demoded data
+int VikingDemod_AM(uint8_t *dest, size_t *size) {
+	if (justNoise(dest, *size)) return -1;
+	//make sure buffer has data
+	if (*size < 64*2) return -2;
+
+	size_t startIdx = 0;
+	uint8_t preamble[] = {1,1,1,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
+	uint8_t errChk = preambleSearch(dest, preamble, sizeof(preamble), size, &startIdx);
+	if (errChk == 0) return -4; //preamble not found
+
+	if (*size != 64) return -5;
+	//return start position
+	return (int) startIdx;
 }
 
 // by marshmellow
diff --git a/common/lfdemod.h b/common/lfdemod.h
index e1a51856..cc4fa27a 100644
--- a/common/lfdemod.h
+++ b/common/lfdemod.h
@@ -50,5 +50,6 @@ int IOdemodFSK(uint8_t *dest, size_t size);
 int indala26decode(uint8_t *bitStream, size_t *size, uint8_t *invert);
 int ParadoxdemodFSK(uint8_t *dest, size_t *size, uint32_t *hi2, uint32_t *hi, uint32_t *lo);
 int PyramiddemodFSK(uint8_t *dest, size_t *size);
+int VikingDemod_AM(uint8_t *dest, size_t *size);
 
 #endif
-- 
2.39.2