]> git.zerfleddert.de Git - proxmark3-svn/blob - winsrc/command.cpp
projects / proxmark3-svn / blob
? search:


4ac807d969e17f5baa5a2d6a3aa76c36c3e51f0d
[proxmark3-svn] / winsrc / command.cpp
1 //-----------------------------------------------------------------------------
2 // The actual command interpeter for what the user types at the command line.
3 // Jonathan Westhues, Sept 2005
4 // Edits by Gerhard de Koning Gans, Sep 2007 (##)
5 //-----------------------------------------------------------------------------
6 #include <windows.h>
7 #include <stdlib.h>
8 #include <string.h>
9 #include <stdio.h>
10 #include <limits.h>
11 #include <math.h>
12
13 #include "prox.h"
14 #include "../common/iso14443_crc.c"
15 #include "../common/crc16.c"
16
17 #define arraylen(x) (sizeof(x)/sizeof((x)[0]))
18 #define BIT(x) GraphBuffer[x * clock]
19 #define BITS (GraphTraceLen / clock)
20
21 int go = 0;
22 static int CmdHisamplest(char *str, int nrlow);
23
24 static void GetFromBigBuf(BYTE *dest, int bytes)
25 {
26 int n = bytes/4;
27
28 if(n % 48 != 0) {
29 PrintToScrollback("bad len in GetFromBigBuf");
30 return;
31 }
32
33 int i;
34 for(i = 0; i < n; i += 12) {
35 UsbCommand c;
36 c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;
37 c.ext1 = i;
38 SendCommand(&c, FALSE);
39 ReceiveCommand(&c);
40 if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {
41 PrintToScrollback("bad resp");
42 return;
43 }
44
45 memcpy(dest+(i*4), c.d.asBytes, 48);
46 }
47 }
48
49 static void CmdReset(char *str)
50 {
51 UsbCommand c;
52 c.cmd = CMD_HARDWARE_RESET;
53 SendCommand(&c, FALSE);
54 }
55
56 static void CmdBuffClear(char *str)
57 {
58 UsbCommand c;
59 c.cmd = CMD_BUFF_CLEAR;
60 SendCommand(&c, FALSE);
61 CmdClearGraph(TRUE);
62 }
63
64 static void CmdQuit(char *str)
65 {
66 exit(0);
67 }
68
69 static void CmdHIDdemodFSK(char *str)
70 {
71 UsbCommand c;
72 c.cmd = CMD_HID_DEMOD_FSK;
73 SendCommand(&c, FALSE);
74 }
75
76 static void CmdTune(char *str)
77 {
78 UsbCommand c;
79 c.cmd = CMD_MEASURE_ANTENNA_TUNING;
80 SendCommand(&c, FALSE);
81 }
82
83 static void CmdHi15read(char *str)
84 {
85 UsbCommand c;
86 c.cmd = CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_15693;
87 SendCommand(&c, FALSE);
88 }
89
90 static void CmdHi14read(char *str)
91 {
92 UsbCommand c;
93 c.cmd = CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443;
94 c.ext1 = atoi(str);
95 SendCommand(&c, FALSE);
96 }
97
98
99 /* New command to read the contents of a SRI512 tag
100 * SRI512 tags are ISO14443-B modulated memory tags,
101 * this command just dumps the contents of the memory/
102 */
103 static void CmdSri512read(char *str)
104 {
105 UsbCommand c;
106 c.cmd = CMD_READ_SRI512_TAG;
107 c.ext1 = atoi(str);
108 SendCommand(&c, FALSE);
109 }
110
111 // ## New command
112 static void CmdHi14areader(char *str)
113 {
114 UsbCommand c;
115 c.cmd = CMD_READER_ISO_14443a;
116 c.ext1 = atoi(str);
117 SendCommand(&c, FALSE);
118 }
119
120 // ## New command
121 static void CmdHi15reader(char *str)
122 {
123 UsbCommand c;
124 c.cmd = CMD_READER_ISO_15693;
125 c.ext1 = atoi(str);
126 SendCommand(&c, FALSE);
127 }
128
129 // ## New command
130 static void CmdHi15tag(char *str)
131 {
132 UsbCommand c;
133 c.cmd = CMD_SIMTAG_ISO_15693;
134 c.ext1 = atoi(str);
135 SendCommand(&c, FALSE);
136 }
137
138 static void CmdHi14read_sim(char *str)
139 {
140 UsbCommand c;
141 c.cmd = CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443_SIM;
142 c.ext1 = atoi(str);
143 SendCommand(&c, FALSE);
144 }
145
146 static void CmdHi14readt(char *str)
147 {
148 UsbCommand c;
149 c.cmd = CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443;
150 c.ext1 = atoi(str);
151 SendCommand(&c, FALSE);
152
153 //CmdHisamplest(str);
154 while(CmdHisamplest(str,atoi(str))==0) {
155 c.cmd = CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_14443;
156 c.ext1 = atoi(str);
157 SendCommand(&c, FALSE);
158 }
159 RepaintGraphWindow();
160 }
161
162 static void CmdHisimlisten(char *str)
163 {
164 UsbCommand c;
165 c.cmd = CMD_SIMULATE_TAG_HF_LISTEN;
166 SendCommand(&c, FALSE);
167 }
168
169 static void CmdHi14sim(char *str)
170 {
171 UsbCommand c;
172 c.cmd = CMD_SIMULATE_TAG_ISO_14443;
173 SendCommand(&c, FALSE);
174 }
175
176 static void CmdHi14asim(char *str) // ## simulate iso14443a tag
177 { // ## greg - added ability to specify tag UID
178
179 unsigned int hi=0, lo=0;
180 int n=0, i=0;
181 UsbCommand c;
182
183 while (sscanf(&str[i++], "%1x", &n ) == 1) {
184 hi=(hi<<4)|(lo>>28);
185 lo=(lo<<4)|(n&0xf);
186 }
187
188 c.cmd = CMD_SIMULATE_TAG_ISO_14443a;
189 // c.ext should be set to *str or convert *str to the correct format for a uid
190 c.ext1 = hi;
191 c.ext2 = lo;
192 PrintToScrollback("Emulating 14443A TAG with UID %x%16x", hi, lo);
193 SendCommand(&c, FALSE);
194 }
195
196 static void CmdHi14snoop(char *str)
197 {
198 UsbCommand c;
199 c.cmd = CMD_SNOOP_ISO_14443;
200 SendCommand(&c, FALSE);
201 }
202
203 static void CmdHi14asnoop(char *str)
204 {
205 UsbCommand c;
206 c.cmd = CMD_SNOOP_ISO_14443a;
207 SendCommand(&c, FALSE);
208 }
209
210 static void CmdFPGAOff(char *str) // ## FPGA Control
211 {
212 UsbCommand c;
213 c.cmd = CMD_FPGA_MAJOR_MODE_OFF;
214 SendCommand(&c, FALSE);
215 }
216
217 /* clear out our graph window */
218 int CmdClearGraph(int redraw)
219 {
220 int gtl = GraphTraceLen;
221 GraphTraceLen = 0;
222
223 if (redraw)
224 RepaintGraphWindow();
225
226 return gtl;
227 }
228
229 /* write a bit to the graph */
230 static void CmdAppendGraph(int redraw, int clock, int bit)
231 {
232 int i;
233
234 for (i = 0; i < (int)(clock/2); i++)
235 GraphBuffer[GraphTraceLen++] = bit ^ 1;
236
237 for (i = (int)(clock/2); i < clock; i++)
238 GraphBuffer[GraphTraceLen++] = bit;
239
240 if (redraw)
241 RepaintGraphWindow();
242 }
243
244 /* Function is equivalent of loread + losamples + em410xread
245 * looped until an EM410x tag is detected */
246 static void CmdEM410xwatch(char *str)
247 {
248 char *zero = "";
249 char *twok = "2000";
250 go = 1;
251
252 do
253 {
254 CmdLoread(zero);
255 CmdLosamples(twok);
256 CmdEM410xread(zero);
257 } while (go);
258 }
259
260 /* Read the transmitted data of an EM4x50 tag
261 * Format:
262 *
263 * XXXXXXXX [row parity bit (even)] <- 8 bits plus parity
264 * XXXXXXXX [row parity bit (even)] <- 8 bits plus parity
265 * XXXXXXXX [row parity bit (even)] <- 8 bits plus parity
266 * XXXXXXXX [row parity bit (even)] <- 8 bits plus parity
267 * CCCCCCCC <- column parity bits
268 * 0 <- stop bit
269 * LW <- Listen Window
270 *
271 * This pattern repeats for every block of data being transmitted.
272 * Transmission starts with two Listen Windows (LW - a modulated
273 * pattern of 320 cycles each (32/32/128/64/64)).
274 *
275 * Note that this data may or may not be the UID. It is whatever data
276 * is stored in the blocks defined in the control word First and Last
277 * Word Read values. UID is stored in block 32.
278 */
279 static void CmdEM4x50read(char *str)
280 {
281 int i, j, startblock, clock, skip, block, start, end, low, high;
282 BOOL complete= FALSE;
283 int tmpbuff[MAX_GRAPH_TRACE_LEN / 64];
284 char tmp[6];
285
286 high= low= 0;
287 clock= 64;
288
289 /* first get high and low values */
290 for (i = 0; i < GraphTraceLen; i++)
291 {
292 if (GraphBuffer[i] > high)
293 high = GraphBuffer[i];
294 else if (GraphBuffer[i] < low)
295 low = GraphBuffer[i];
296 }
297
298 /* populate a buffer with pulse lengths */
299 i= 0;
300 j= 0;
301 while(i < GraphTraceLen)
302 {
303 // measure from low to low
304 while(GraphBuffer[i] > low)
305 ++i;
306 start= i;
307 while(GraphBuffer[i] < high)
308 ++i;
309 while(GraphBuffer[i] > low)
310 ++i;
311 tmpbuff[j++]= i - start;
312 }
313
314
315 /* look for data start - should be 2 pairs of LW (pulses of 192,128) */
316 start= -1;
317 skip= 0;
318 for (i= 0; i < j - 4 ; ++i)
319 {
320 skip += tmpbuff[i];
321 if (tmpbuff[i] >= 190 && tmpbuff[i] <= 194)
322 if (tmpbuff[i+1] >= 126 && tmpbuff[i+1] <= 130)
323 if (tmpbuff[i+2] >= 190 && tmpbuff[i+2] <= 194)
324 if (tmpbuff[i+3] >= 126 && tmpbuff[i+3] <= 130)
325 {
326 start= i + 3;
327 break;
328 }
329 }
330 startblock= i + 3;
331
332 /* skip over the remainder of the LW */
333 skip += tmpbuff[i+1]+tmpbuff[i+2];
334 while(GraphBuffer[skip] > low)
335 ++skip;
336 skip += 8;
337
338 /* now do it again to find the end */
339 end= start;
340 for (i += 3; i < j - 4 ; ++i)
341 {
342 end += tmpbuff[i];
343 if (tmpbuff[i] >= 190 && tmpbuff[i] <= 194)
344 if (tmpbuff[i+1] >= 126 && tmpbuff[i+1] <= 130)
345 if (tmpbuff[i+2] >= 190 && tmpbuff[i+2] <= 194)
346 if (tmpbuff[i+3] >= 126 && tmpbuff[i+3] <= 130)
347 {
348 complete= TRUE;
349 break;
350 }
351 }
352
353 if (start >= 0)
354 PrintToScrollback("Found data at sample: %i",skip);
355 else
356 {
357 PrintToScrollback("No data found!");
358 PrintToScrollback("Try again with more samples.");
359 return;
360 }
361
362 if (!complete)
363 {
364 PrintToScrollback("*** Warning!");
365 PrintToScrollback("Partial data - no end found!");
366 PrintToScrollback("Try again with more samples.");
367 }
368
369 /* get rid of leading crap */
370 sprintf(tmp,"%i",skip);
371 CmdLtrim(tmp);
372
373 /* now work through remaining buffer printing out data blocks */
374 block= 0;
375 i= startblock;
376 while(block < 6)
377 {
378 PrintToScrollback("Block %i:", block);
379 // mandemod routine needs to be split so we can call it for data
380 // just print for now for debugging
381 Cmdmanchesterdemod("i 64");
382 skip= 0;
383 /* look for LW before start of next block */
384 for ( ; i < j - 4 ; ++i)
385 {
386 skip += tmpbuff[i];
387 if (tmpbuff[i] >= 190 && tmpbuff[i] <= 194)
388 if (tmpbuff[i+1] >= 126 && tmpbuff[i+1] <= 130)
389 break;
390 }
391 while(GraphBuffer[skip] > low)
392 ++skip;
393 skip += 8;
394 sprintf(tmp,"%i",skip);
395 CmdLtrim(tmp);
396 start += skip;
397 block++;
398 }
399 }
400
401
402 /* Read the ID of an EM410x tag.
403 * Format:
404 * 1111 1111 1 <-- standard non-repeatable header
405 * XXXX [row parity bit] <-- 10 rows of 5 bits for our 40 bit tag ID
406 * ....
407 * CCCC <-- each bit here is parity for the 10 bits above in corresponding column
408 * 0 <-- stop bit, end of tag
409 */
410 static void CmdEM410xread(char *str)
411 {
412 int i, j, clock, header, rows, bit, hithigh, hitlow, first, bit2idx, high, low;
413 int parity[4];
414 char id[11];
415 int retested = 0;
416 int BitStream[MAX_GRAPH_TRACE_LEN];
417 high = low = 0;
418
419 /* Detect high and lows and clock */
420 for (i = 0; i < GraphTraceLen; i++)
421 {
422 if (GraphBuffer[i] > high)
423 high = GraphBuffer[i];
424 else if (GraphBuffer[i] < low)
425 low = GraphBuffer[i];
426 }
427
428 /* get clock */
429 clock = GetClock(str, high);
430
431 /* parity for our 4 columns */
432 parity[0] = parity[1] = parity[2] = parity[3] = 0;
433 header = rows = 0;
434
435 /* manchester demodulate */
436 bit = bit2idx = 0;
437 for (i = 0; i < (int)(GraphTraceLen / clock); i++)
438 {
439 hithigh = 0;
440 hitlow = 0;
441 first = 1;
442
443 /* Find out if we hit both high and low peaks */
444 for (j = 0; j < clock; j++)
445 {
446 if (GraphBuffer[(i * clock) + j] == high)
447 hithigh = 1;
448 else if (GraphBuffer[(i * clock) + j] == low)
449 hitlow = 1;
450
451 /* it doesn't count if it's the first part of our read
452 because it's really just trailing from the last sequence */
453 if (first && (hithigh || hitlow))
454 hithigh = hitlow = 0;
455 else
456 first = 0;
457
458 if (hithigh && hitlow)
459 break;
460 }
461
462 /* If we didn't hit both high and low peaks, we had a bit transition */
463 if (!hithigh || !hitlow)
464 bit ^= 1;
465
466 BitStream[bit2idx++] = bit;
467 }
468
469 retest:
470 /* We go till 5 before the graph ends because we'll get that far below */
471 for (i = 1; i < bit2idx - 5; i++)
472 {
473 /* Step 2: We have our header but need our tag ID */
474 if (header == 9 && rows < 10)
475 {
476 /* Confirm parity is correct */
477 if ((BitStream[i] ^ BitStream[i+1] ^ BitStream[i+2] ^ BitStream[i+3]) == BitStream[i+4])
478 {
479 /* Read another byte! */
480 sprintf(id+rows, "%x", (8 * BitStream[i]) + (4 * BitStream[i+1]) + (2 * BitStream[i+2]) + (1 * BitStream[i+3]));
481 rows++;
482
483 /* Keep parity info */
484 parity[0] ^= BitStream[i];
485 parity[1] ^= BitStream[i+1];
486 parity[2] ^= BitStream[i+2];
487 parity[3] ^= BitStream[i+3];
488
489 /* Move 4 bits ahead */
490 i += 4;
491 }
492
493 /* Damn, something wrong! reset */
494 else
495 {
496 PrintToScrollback("Thought we had a valid tag but failed at word %d (i=%d)", rows + 1, i);
497
498 /* Start back rows * 5 + 9 header bits, -1 to not start at same place */
499 i -= 9 + (5 * rows) - 5;
500
501 rows = header = 0;
502 }
503 }
504
505 /* Step 3: Got our 40 bits! confirm column parity */
506 else if (rows == 10)
507 {
508 /* We need to make sure our 4 bits of parity are correct and we have a stop bit */
509 if (BitStream[i] == parity[0] && BitStream[i+1] == parity[1] &&
510 BitStream[i+2] == parity[2] && BitStream[i+3] == parity[3] &&
511 BitStream[i+4] == 0)
512 {
513 /* Sweet! */
514 PrintToScrollback("EM410x Tag ID: %s", id);
515
516 /* Stop any loops */
517 go = 0;
518 return;
519 }
520
521 /* Crap! Incorrect parity or no stop bit, start all over */
522 else
523 {
524 rows = header = 0;
525
526 /* Go back 59 bits (9 header bits + 10 rows at 4+1 parity) */
527 i -= 59;
528 }
529 }
530
531 /* Step 1: get our header */
532 else if (header < 9)
533 {
534 /* Need 9 consecutive 1's */
535 if (BitStream[i] == 1)
536 header++;
537
538 /* We don't have a header, not enough consecutive 1 bits */
539 else
540 header = 0;
541 }
542 }
543
544 /* if we've already retested after flipping bits, return */
545 if (retested++)
546 return;
547
548 /* if this didn't work, try flipping bits */
549 for (i = 0; i < bit2idx; i++)
550 BitStream[i] ^= 1;
551
552 goto retest;
553 }
554
555 /* emulate an EM410X tag
556 * Format:
557 * 1111 1111 1 <-- standard non-repeatable header
558 * XXXX [row parity bit] <-- 10 rows of 5 bits for our 40 bit tag ID
559 * ....
560 * CCCC <-- each bit here is parity for the 10 bits above in corresponding column
561 * 0 <-- stop bit, end of tag
562 */
563 static void CmdEM410xsim(char *str)
564 {
565 int i, n, j, h, binary[4], parity[4];
566 char *s = "0";
567
568 /* clock is 64 in EM410x tags */
569 int clock = 64;
570
571 /* clear our graph */
572 CmdClearGraph(0);
573
574 /* write it out a few times */
575 for (h = 0; h < 4; h++)
576 {
577 /* write 9 start bits */
578 for (i = 0; i < 9; i++)
579 CmdAppendGraph(0, clock, 1);
580
581 /* for each hex char */
582 parity[0] = parity[1] = parity[2] = parity[3] = 0;
583 for (i = 0; i < 10; i++)
584 {
585 /* read each hex char */
586 sscanf(&str[i], "%1x", &n);
587 for (j = 3; j >= 0; j--, n/= 2)
588 binary[j] = n % 2;
589
590 /* append each bit */
591 CmdAppendGraph(0, clock, binary[0]);
592 CmdAppendGraph(0, clock, binary[1]);
593 CmdAppendGraph(0, clock, binary[2]);
594 CmdAppendGraph(0, clock, binary[3]);
595
596 /* append parity bit */
597 CmdAppendGraph(0, clock, binary[0] ^ binary[1] ^ binary[2] ^ binary[3]);
598
599 /* keep track of column parity */
600 parity[0] ^= binary[0];
601 parity[1] ^= binary[1];
602 parity[2] ^= binary[2];
603 parity[3] ^= binary[3];
604 }
605
606 /* parity columns */
607 CmdAppendGraph(0, clock, parity[0]);
608 CmdAppendGraph(0, clock, parity[1]);
609 CmdAppendGraph(0, clock, parity[2]);
610 CmdAppendGraph(0, clock, parity[3]);
611
612 /* stop bit */
613 CmdAppendGraph(0, clock, 0);
614 }
615
616 /* modulate that biatch */
617 Cmdmanchestermod(s);
618
619 /* booyah! */
620 RepaintGraphWindow();
621
622 CmdLosim(s);
623 }
624
625 static void ChkBitstream(char *str)
626 {
627 int i;
628
629 /* convert to bitstream if necessary */
630 for (i = 0; i < (int)(GraphTraceLen / 2); i++)
631 {
632 if (GraphBuffer[i] > 1 || GraphBuffer[i] < 0)
633 {
634 Cmdbitstream(str);
635 break;
636 }
637 }
638 }
639
640 static void CmdLosim(char *str)
641 {
642 int i;
643
644 /* convert to bitstream if necessary */
645 ChkBitstream(str);
646
647 for (i = 0; i < GraphTraceLen; i += 48) {
648 UsbCommand c;
649 int j;
650 for(j = 0; j < 48; j++) {
651 c.d.asBytes[j] = GraphBuffer[i+j];
652 }
653 c.cmd = CMD_DOWNLOADED_SIM_SAMPLES_125K;
654 c.ext1 = i;
655 SendCommand(&c, FALSE);
656 }
657
658 UsbCommand c;
659 c.cmd = CMD_SIMULATE_TAG_125K;
660 c.ext1 = GraphTraceLen;
661 SendCommand(&c, FALSE);
662 }
663
664 static void CmdLoread(char *str)
665 {
666 UsbCommand c;
667 // 'h' means higher-low-frequency, 134 kHz
668 if(*str == 'h') {
669 c.ext1 = 1;
670 } else if (*str == '\0') {
671 c.ext1 = 0;
672 } else {
673 PrintToScrollback("use 'loread' or 'loread h'");
674 return;
675 }
676 c.cmd = CMD_ACQUIRE_RAW_ADC_SAMPLES_125K;
677 SendCommand(&c, FALSE);
678 }
679
680 static void CmdDetectReader(char *str)
681 {
682 UsbCommand c;
683 // 'l' means LF - 125/134 kHz
684 if(*str == 'l') {
685 c.ext1 = 1;
686 } else if (*str == 'h') {
687 c.ext1 = 2;
688 } else if (*str != '\0') {
689 PrintToScrollback("use 'detectreader' or 'detectreader l' or 'detectreader h'");
690 return;
691 }
692 c.cmd = CMD_LISTEN_READER_FIELD;
693 SendCommand(&c, FALSE);
694 }
695
696 /* send a command before reading */
697 static void CmdLoCommandRead(char *str)
698 {
699 static char dummy[3];
700
701 dummy[0]= ' ';
702
703 UsbCommand c;
704 c.cmd = CMD_MOD_THEN_ACQUIRE_RAW_ADC_SAMPLES_125K;
705 sscanf(str, "%i %i %i %s %s", &c.ext1, &c.ext2, &c.ext3, (char *) &c.d.asBytes,(char *) &dummy+1);
706 // in case they specified 'h'
707 strcpy((char *)&c.d.asBytes + strlen((char *)c.d.asBytes), dummy);
708 SendCommand(&c, FALSE);
709 }
710
711 static void CmdLosamples(char *str)
712 {
713 int cnt = 0;
714 int i;
715 int n;
716
717 n=atoi(str);
718 if (n==0) n=128;
719 if (n>16000) n=16000;
720
721 for(i = 0; i < n; i += 12) {
722 UsbCommand c;
723 c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;
724 c.ext1 = i;
725 SendCommand(&c, FALSE);
726 ReceiveCommand(&c);
727 if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {
728 if (!go)
729 PrintToScrollback("bad resp");
730 return;
731 }
732 int j;
733 for(j = 0; j < 48; j++) {
734 GraphBuffer[cnt++] = ((int)c.d.asBytes[j]) - 128;
735 }
736 }
737 GraphTraceLen = n*4;
738 RepaintGraphWindow();
739 }
740
741 static void CmdBitsamples(char *str)
742 {
743 int cnt = 0;
744 int i;
745 int n;
746
747 n = 3072;
748 for(i = 0; i < n; i += 12) {
749 UsbCommand c;
750 c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;
751 c.ext1 = i;
752 SendCommand(&c, FALSE);
753 ReceiveCommand(&c);
754 if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {
755 PrintToScrollback("bad resp");
756 return;
757 }
758 int j, k;
759 for(j = 0; j < 48; j++) {
760 for(k = 0; k < 8; k++) {
761 if(c.d.asBytes[j] & (1 << (7 - k))) {
762 GraphBuffer[cnt++] = 1;
763 } else {
764 GraphBuffer[cnt++] = 0;
765 }
766 }
767 }
768 }
769 GraphTraceLen = cnt;
770 RepaintGraphWindow();
771 }
772
773 static void CmdHisamples(char *str)
774 {
775 int cnt = 0;
776 int i;
777 int n;
778 n = 1000;
779 for(i = 0; i < n; i += 12) {
780 UsbCommand c;
781 c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;
782 c.ext1 = i;
783 SendCommand(&c, FALSE);
784 ReceiveCommand(&c);
785 if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {
786 PrintToScrollback("bad resp");
787 return;
788 }
789 int j;
790 for(j = 0; j < 48; j++) {
791 GraphBuffer[cnt++] = (int)((BYTE)c.d.asBytes[j]);
792 }
793 }
794 GraphTraceLen = n*4;
795
796 RepaintGraphWindow();
797 }
798
799 static int CmdHisamplest(char *str, int nrlow)
800 {
801 int cnt = 0;
802 int t1, t2;
803 int i;
804 int n;
805 int hasbeennull;
806 int show;
807
808
809 n = 1000;
810 hasbeennull = 0;
811 for(i = 0; i < n; i += 12) {
812 UsbCommand c;
813 c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;
814 c.ext1 = i;
815 SendCommand(&c, FALSE);
816 ReceiveCommand(&c);
817 if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {
818 PrintToScrollback("bad resp");
819 return 0;
820 }
821 int j;
822 for(j = 0; j < 48; j++) {
823 t2 = (int)((BYTE)c.d.asBytes[j]);
824 if((t2 ^ 0xC0) & 0xC0) { hasbeennull++; }
825
826 show = 0;
827 switch(show) {
828 case 0:
829 // combined
830 t1 = (t2 & 0x80) ^ (t2 & 0x20);
831 t2 = ((t2 << 1) & 0x80) ^ ((t2 << 1) & 0x20);
832 break;
833
834 case 1:
835 // only reader
836 t1 = (t2 & 0x80);
837 t2 = ((t2 << 1) & 0x80);
838 break;
839
840 case 2:
841 // only tag
842 t1 = (t2 & 0x20);
843 t2 = ((t2 << 1) & 0x20);
844 break;
845
846 case 3:
847 // both, but tag with other algorithm
848 t1 = (t2 & 0x80) ^ (t2 & 0x08);
849 t2 = ((t2 << 1) & 0x80) ^ ((t2 << 1) & 0x08);
850 break;
851 }
852
853 GraphBuffer[cnt++] = t1;
854 GraphBuffer[cnt++] = t2;
855 }
856 }
857 GraphTraceLen = n*4;
858 // 1130
859 if(hasbeennull>nrlow || nrlow==0) {
860 PrintToScrollback("hasbeennull=%d", hasbeennull);
861 return 1;
862 }
863 else {
864 return 0;
865 }
866 }
867
868
869 static void CmdHexsamples(char *str)
870 {
871 int i;
872 int n;
873
874 if(atoi(str) == 0) {
875 n = 12;
876 } else {
877 n = atoi(str)/4;
878 }
879
880 for(i = 0; i < n; i += 12) {
881 UsbCommand c;
882 c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;
883 c.ext1 = i;
884 SendCommand(&c, FALSE);
885 ReceiveCommand(&c);
886 if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {
887 PrintToScrollback("bad resp");
888 return;
889 }
890 int j;
891 for(j = 0; j < 48; j += 8) {
892 PrintToScrollback("%02x %02x %02x %02x %02x %02x %02x %02x",
893 c.d.asBytes[j+0],
894 c.d.asBytes[j+1],
895 c.d.asBytes[j+2],
896 c.d.asBytes[j+3],
897 c.d.asBytes[j+4],
898 c.d.asBytes[j+5],
899 c.d.asBytes[j+6],
900 c.d.asBytes[j+7],
901 c.d.asBytes[j+8]
902 );
903 }
904 }
905 }
906
907 static void CmdHisampless(char *str)
908 {
909 int cnt = 0;
910 int i;
911 int n;
912
913 if(atoi(str) == 0) {
914 n = 1000;
915 } else {
916 n = atoi(str)/4;
917 }
918
919 for(i = 0; i < n; i += 12) {
920 UsbCommand c;
921 c.cmd = CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K;
922 c.ext1 = i;
923 SendCommand(&c, FALSE);
924 ReceiveCommand(&c);
925 if(c.cmd != CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K) {
926 PrintToScrollback("bad resp");
927 return;
928 }
929 int j;
930 for(j = 0; j < 48; j++) {
931 GraphBuffer[cnt++] = (int)((signed char)c.d.asBytes[j]);
932 }
933 }
934 GraphTraceLen = cnt;
935
936 RepaintGraphWindow();
937 }
938
939 static WORD Iso15693Crc(BYTE *v, int n)
940 {
941 DWORD reg;
942 int i, j;
943
944 reg = 0xffff;
945 for(i = 0; i < n; i++) {
946 reg = reg ^ ((DWORD)v[i]);
947 for (j = 0; j < 8; j++) {
948 if (reg & 0x0001) {
949 reg = (reg >> 1) ^ 0x8408;
950 } else {
951 reg = (reg >> 1);
952 }
953 }
954 }
955
956 return (WORD)~reg;
957 }
958
959 static void CmdHi14bdemod(char *str)
960 {
961 int i, j, iold;
962 int isum, qsum;
963 int outOfWeakAt;
964 BOOL negateI, negateQ;
965
966 BYTE data[256];
967 int dataLen=0;
968
969 // As received, the samples are pairs, correlations against I and Q
970 // square waves. So estimate angle of initial carrier (or just
971 // quadrant, actually), and then do the demod.
972
973 // First, estimate where the tag starts modulating.
974 for(i = 0; i < GraphTraceLen; i += 2) {
975 if(abs(GraphBuffer[i]) + abs(GraphBuffer[i+1]) > 40) {
976 break;
977 }
978 }
979 if(i >= GraphTraceLen) {
980 PrintToScrollback("too weak to sync");
981 return;
982 }
983 PrintToScrollback("out of weak at %d", i);
984 outOfWeakAt = i;
985
986 // Now, estimate the phase in the initial modulation of the tag
987 isum = 0;
988 qsum = 0;
989 for(; i < (outOfWeakAt + 16); i += 2) {
990 isum += GraphBuffer[i+0];
991 qsum += GraphBuffer[i+1];
992 }
993 negateI = (isum < 0);
994 negateQ = (qsum < 0);
995
996 // Turn the correlation pairs into soft decisions on the bit.
997 j = 0;
998 for(i = 0; i < GraphTraceLen/2; i++) {
999 int si = GraphBuffer[j];
1000 int sq = GraphBuffer[j+1];
1001 if(negateI) si = -si;
1002 if(negateQ) sq = -sq;
1003 GraphBuffer[i] = si + sq;
1004 j += 2;
1005 }
1006 GraphTraceLen = i;
1007
1008 i = outOfWeakAt/2;
1009 while(GraphBuffer[i] > 0 && i < GraphTraceLen)
1010 i++;
1011 if(i >= GraphTraceLen) goto demodError;
1012
1013 iold = i;
1014 while(GraphBuffer[i] < 0 && i < GraphTraceLen)
1015 i++;
1016 if(i >= GraphTraceLen) goto demodError;
1017 if((i - iold) > 23) goto demodError;
1018
1019 PrintToScrollback("make it to demod loop");
1020
1021 for(;;) {
1022 iold = i;
1023 while(GraphBuffer[i] >= 0 && i < GraphTraceLen)
1024 i++;
1025 if(i >= GraphTraceLen) goto demodError;
1026 if((i - iold) > 6) goto demodError;
1027
1028 WORD shiftReg = 0;
1029 if(i + 20 >= GraphTraceLen) goto demodError;
1030
1031 for(j = 0; j < 10; j++) {
1032 int soft = GraphBuffer[i] + GraphBuffer[i+1];
1033
1034 if(abs(soft) < ((abs(isum) + abs(qsum))/20)) {
1035 PrintToScrollback("weak bit");
1036 }
1037
1038 shiftReg >>= 1;
1039 if(GraphBuffer[i] + GraphBuffer[i+1] >= 0) {
1040 shiftReg |= 0x200;
1041 }
1042
1043 i+= 2;
1044 }
1045
1046 if( (shiftReg & 0x200) &&
1047 !(shiftReg & 0x001))
1048 {
1049 // valid data byte, start and stop bits okay
1050 PrintToScrollback(" %02x", (shiftReg >> 1) & 0xff);
1051 data[dataLen++] = (shiftReg >> 1) & 0xff;
1052 if(dataLen >= sizeof(data)) {
1053 return;
1054 }
1055 } else if(shiftReg == 0x000) {
1056 // this is EOF
1057 break;
1058 } else {
1059 goto demodError;
1060 }
1061 }
1062
1063 BYTE first, second;
1064 ComputeCrc14443(CRC_14443_B, data, dataLen-2, &first, &second);
1065 PrintToScrollback("CRC: %02x %02x (%s)\n", first, second,
1066 (first == data[dataLen-2] && second == data[dataLen-1]) ?
1067 "ok" : "****FAIL****");
1068
1069 RepaintGraphWindow();
1070 return;
1071
1072 demodError:
1073 PrintToScrollback("demod error");
1074 RepaintGraphWindow();
1075 }
1076
1077 static void CmdHi14list(char *str)
1078 {
1079 BYTE got[960];
1080 GetFromBigBuf(got, sizeof(got));
1081
1082 PrintToScrollback("recorded activity:");
1083 PrintToScrollback(" time :rssi: who bytes");
1084 PrintToScrollback("---------+----+----+-----------");
1085
1086 int i = 0;
1087 int prev = -1;
1088
1089 for(;;) {
1090 if(i >= 900) {
1091 break;
1092 }
1093
1094 BOOL isResponse;
1095 int timestamp = *((DWORD *)(got+i));
1096 if(timestamp & 0x80000000) {
1097 timestamp &= 0x7fffffff;
1098 isResponse = 1;
1099 } else {
1100 isResponse = 0;
1101 }
1102 int metric = *((DWORD *)(got+i+4));
1103
1104 int len = got[i+8];
1105
1106 if(len > 100) {
1107 break;
1108 }
1109 if(i + len >= 900) {
1110 break;
1111 }
1112
1113 BYTE *frame = (got+i+9);
1114
1115 char line[1000] = "";
1116 int j;
1117 for(j = 0; j < len; j++) {
1118 sprintf(line+(j*3), "%02x ", frame[j]);
1119 }
1120
1121 char *crc;
1122 if(len > 2) {
1123 BYTE b1, b2;
1124 ComputeCrc14443(CRC_14443_B, frame, len-2, &b1, &b2);
1125 if(b1 != frame[len-2] || b2 != frame[len-1]) {
1126 crc = "**FAIL CRC**";
1127 } else {
1128 crc = "";
1129 }
1130 } else {
1131 crc = "(SHORT)";
1132 }
1133
1134 char metricString[100];
1135 if(isResponse) {
1136 sprintf(metricString, "%3d", metric);
1137 } else {
1138 strcpy(metricString, " ");
1139 }
1140
1141 PrintToScrollback(" +%7d: %s: %s %s %s",
1142 (prev < 0 ? 0 : timestamp - prev),
1143 metricString,
1144 (isResponse ? "TAG" : " "), line, crc);
1145
1146 prev = timestamp;
1147 i += (len + 9);
1148 }
1149 }
1150
1151 static void CmdHi14alist(char *str)
1152 {
1153 BYTE got[1920];
1154 GetFromBigBuf(got, sizeof(got));
1155
1156 PrintToScrollback("recorded activity:");
1157 PrintToScrollback(" ETU :rssi: who bytes");
1158 PrintToScrollback("---------+----+----+-----------");
1159
1160 int i = 0;
1161 int prev = -1;
1162
1163 for(;;) {
1164 if(i >= 1900) {
1165 break;
1166 }
1167
1168 BOOL isResponse;
1169 int timestamp = *((DWORD *)(got+i));
1170 if(timestamp & 0x80000000) {
1171 timestamp &= 0x7fffffff;
1172 isResponse = 1;
1173 } else {
1174 isResponse = 0;
1175 }
1176
1177 int metric = 0;
1178 int parityBits = *((DWORD *)(got+i+4));
1179 // 4 bytes of additional information...
1180 // maximum of 32 additional parity bit information
1181 //
1182 // TODO:
1183 // at each quarter bit period we can send power level (16 levels)
1184 // or each half bit period in 256 levels.
1185
1186
1187 int len = got[i+8];
1188
1189 if(len > 100) {
1190 break;
1191 }
1192 if(i + len >= 1900) {
1193 break;
1194 }
1195
1196 BYTE *frame = (got+i+9);
1197
1198 // Break and stick with current result if buffer was not completely full
1199 if(frame[0] == 0x44 && frame[1] == 0x44 && frame[3] == 0x44) { break; }
1200
1201 char line[1000] = "";
1202 int j;
1203 for(j = 0; j < len; j++) {
1204 int oddparity = 0x01;
1205 int k;
1206
1207 for(k=0;k<8;k++) {
1208 oddparity ^= (((frame[j] & 0xFF) >> k) & 0x01);
1209 }
1210
1211 //if((parityBits >> (len - j - 1)) & 0x01) {
1212 if(isResponse && (oddparity != ((parityBits >> (len - j - 1)) & 0x01))) {
1213 sprintf(line+(j*4), "%02x! ", frame[j]);
1214 }
1215 else {
1216 sprintf(line+(j*4), "%02x ", frame[j]);
1217 }
1218 }
1219
1220 char *crc;
1221 crc = "";
1222 if(len > 2) {
1223 BYTE b1, b2;
1224 for(j = 0; j < (len - 1); j++) {
1225 // gives problems... search for the reason..
1226 /*if(frame[j] == 0xAA) {
1227 switch(frame[j+1]) {
1228 case 0x01:
1229 crc = "[1] Two drops close after each other";
1230 break;
1231 case 0x02:
1232 crc = "[2] Potential SOC with a drop in second half of bitperiod";
1233 break;
1234 case 0x03:
1235 crc = "[3] Segment Z after segment X is not possible";
1236 break;
1237 case 0x04:
1238 crc = "[4] Parity bit of a fully received byte was wrong";
1239 break;
1240 default:
1241 crc = "[?] Unknown error";
1242 break;
1243 }
1244 break;
1245 }*/
1246 }
1247
1248 if(strlen(crc)==0) {
1249 ComputeCrc14443(CRC_14443_A, frame, len-2, &b1, &b2);
1250 if(b1 != frame[len-2] || b2 != frame[len-1]) {
1251 crc = (isResponse & (len < 6)) ? "" : " !crc";
1252 } else {
1253 crc = "";
1254 }
1255 }
1256 } else {
1257 crc = ""; // SHORT
1258 }
1259
1260 char metricString[100];
1261 if(isResponse) {
1262 sprintf(metricString, "%3d", metric);
1263 } else {
1264 strcpy(metricString, " ");
1265 }
1266
1267 PrintToScrollback(" +%7d: %s: %s %s %s",
1268 (prev < 0 ? 0 : (timestamp - prev)),
1269 metricString,
1270 (isResponse ? "TAG" : " "), line, crc);
1271
1272 prev = timestamp;
1273 i += (len + 9);
1274 }
1275 CommandFinished = 1;
1276 }
1277
1278 static void CmdHi15demod(char *str)
1279 {
1280 // The sampling rate is 106.353 ksps/s, for T = 18.8 us
1281
1282 // SOF defined as
1283 // 1) Unmodulated time of 56.64us
1284 // 2) 24 pulses of 423.75khz
1285 // 3) logic '1' (unmodulated for 18.88us followed by 8 pulses of 423.75khz)
1286
1287 static const int FrameSOF[] = {
1288 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1289 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1290 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1291 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1292 -1, -1, -1, -1,
1293 -1, -1, -1, -1,
1294 1, 1, 1, 1,
1295 1, 1, 1, 1
1296 };
1297 static const int Logic0[] = {
1298 1, 1, 1, 1,
1299 1, 1, 1, 1,
1300 -1, -1, -1, -1,
1301 -1, -1, -1, -1
1302 };
1303 static const int Logic1[] = {
1304 -1, -1, -1, -1,
1305 -1, -1, -1, -1,
1306 1, 1, 1, 1,
1307 1, 1, 1, 1
1308 };
1309
1310 // EOF defined as
1311 // 1) logic '0' (8 pulses of 423.75khz followed by unmodulated for 18.88us)
1312 // 2) 24 pulses of 423.75khz
1313 // 3) Unmodulated time of 56.64us
1314
1315 static const int FrameEOF[] = {
1316 1, 1, 1, 1,
1317 1, 1, 1, 1,
1318 -1, -1, -1, -1,
1319 -1, -1, -1, -1,
1320 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1321 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1322 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1323 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1
1324 };
1325
1326 int i, j;
1327 int max = 0, maxPos;
1328
1329 int skip = 4;
1330
1331 if(GraphTraceLen < 1000) return;
1332
1333 // First, correlate for SOF
1334 for(i = 0; i < 100; i++) {
1335 int corr = 0;
1336 for(j = 0; j < arraylen(FrameSOF); j += skip) {
1337 corr += FrameSOF[j]*GraphBuffer[i+(j/skip)];
1338 }
1339 if(corr > max) {
1340 max = corr;
1341 maxPos = i;
1342 }
1343 }
1344 PrintToScrollback("SOF at %d, correlation %d", maxPos,
1345 max/(arraylen(FrameSOF)/skip));
1346
1347 i = maxPos + arraylen(FrameSOF)/skip;
1348 int k = 0;
1349 BYTE outBuf[20];
1350 memset(outBuf, 0, sizeof(outBuf));
1351 BYTE mask = 0x01;
1352 for(;;) {
1353 int corr0 = 0, corr1 = 0, corrEOF = 0;
1354 for(j = 0; j < arraylen(Logic0); j += skip) {
1355 corr0 += Logic0[j]*GraphBuffer[i+(j/skip)];
1356 }
1357 for(j = 0; j < arraylen(Logic1); j += skip) {
1358 corr1 += Logic1[j]*GraphBuffer[i+(j/skip)];
1359 }
1360 for(j = 0; j < arraylen(FrameEOF); j += skip) {
1361 corrEOF += FrameEOF[j]*GraphBuffer[i+(j/skip)];
1362 }
1363 // Even things out by the length of the target waveform.
1364 corr0 *= 4;
1365 corr1 *= 4;
1366
1367 if(corrEOF > corr1 && corrEOF > corr0) {
1368 PrintToScrollback("EOF at %d", i);
1369 break;
1370 } else if(corr1 > corr0) {
1371 i += arraylen(Logic1)/skip;
1372 outBuf[k] |= mask;
1373 } else {
1374 i += arraylen(Logic0)/skip;
1375 }
1376 mask <<= 1;
1377 if(mask == 0) {
1378 k++;
1379 mask = 0x01;
1380 }
1381 if((i+(int)arraylen(FrameEOF)) >= GraphTraceLen) {
1382 PrintToScrollback("ran off end!");
1383 break;
1384 }
1385 }
1386 if(mask != 0x01) {
1387 PrintToScrollback("error, uneven octet! (discard extra bits!)");
1388 PrintToScrollback(" mask=%02x", mask);
1389 }
1390 PrintToScrollback("%d octets", k);
1391
1392 for(i = 0; i < k; i++) {
1393 PrintToScrollback("# %2d: %02x ", i, outBuf[i]);
1394 }
1395 PrintToScrollback("CRC=%04x", Iso15693Crc(outBuf, k-2));
1396 }
1397
1398 static void CmdTiread(char *str)
1399 {
1400 UsbCommand c;
1401 c.cmd = CMD_ACQUIRE_RAW_BITS_TI_TYPE;
1402 SendCommand(&c, FALSE);
1403 }
1404
1405 static void CmdTibits(char *str)
1406 {
1407 int cnt = 0;
1408 int i;
1409 // for(i = 0; i < 1536; i += 12) {
1410 for(i = 0; i < 4000; i += 12) {
1411 UsbCommand c;
1412 c.cmd = CMD_DOWNLOAD_RAW_BITS_TI_TYPE;
1413 c.ext1 = i;
1414 SendCommand(&c, FALSE);
1415 ReceiveCommand(&c);
1416 if(c.cmd != CMD_DOWNLOADED_RAW_BITS_TI_TYPE) {
1417 PrintToScrollback("bad resp");
1418 return;
1419 }
1420 int j;
1421 for(j = 0; j < 12; j++) {
1422 int k;
1423 for(k = 31; k >= 0; k--) {
1424 if(c.d.asDwords[j] & (1 << k)) {
1425 GraphBuffer[cnt++] = 1;
1426 } else {
1427 GraphBuffer[cnt++] = -1;
1428 }
1429 }
1430 }
1431 }
1432 // GraphTraceLen = 1536*32;
1433 GraphTraceLen = 4000*32;
1434 RepaintGraphWindow();
1435 }
1436
1437 static void CmdFSKdemod(char *cmdline)
1438 {
1439 static const int LowTone[] = {
1440 1, 1, 1, 1, 1, -1, -1, -1, -1, -1,
1441 1, 1, 1, 1, 1, -1, -1, -1, -1, -1,
1442 1, 1, 1, 1, 1, -1, -1, -1, -1, -1,
1443 1, 1, 1, 1, 1, -1, -1, -1, -1, -1,
1444 1, 1, 1, 1, 1, -1, -1, -1, -1, -1
1445 };
1446 static const int HighTone[] = {
1447 1, 1, 1, 1, 1, -1, -1, -1, -1,
1448 1, 1, 1, 1, -1, -1, -1, -1,
1449 1, 1, 1, 1, -1, -1, -1, -1,
1450 1, 1, 1, 1, -1, -1, -1, -1,
1451 1, 1, 1, 1, -1, -1, -1, -1,
1452 1, 1, 1, 1, -1, -1, -1, -1, -1,
1453 };
1454
1455 int convLen = max(arraylen(HighTone), arraylen(LowTone));
1456 DWORD hi = 0, lo = 0;
1457
1458 int i, j;
1459 int minMark=0, maxMark=0;
1460 int lowLen = arraylen(LowTone);
1461 int highLen = arraylen(HighTone);
1462
1463 for(i = 0; i < GraphTraceLen - convLen; i++) {
1464 int lowSum = 0, highSum = 0;
1465
1466 for(j = 0; j < lowLen; j++) {
1467 lowSum += LowTone[j]*GraphBuffer[i+j];
1468 }
1469 for(j = 0; j < highLen; j++) {
1470 highSum += HighTone[j]*GraphBuffer[i+j];
1471 }
1472 lowSum = abs((100*lowSum) / lowLen);
1473 highSum = abs((100*highSum) / highLen);
1474 GraphBuffer[i] = (highSum << 16) | lowSum;
1475 }
1476
1477 for(i = 0; i < GraphTraceLen - convLen - 16; i++) {
1478 int j;
1479 int lowTot = 0, highTot = 0;
1480 // 10 and 8 are f_s divided by f_l and f_h, rounded
1481 for(j = 0; j < 10; j++) {
1482 lowTot += (GraphBuffer[i+j] & 0xffff);
1483 }
1484 for(j = 0; j < 8; j++) {
1485 highTot += (GraphBuffer[i+j] >> 16);
1486 }
1487 GraphBuffer[i] = lowTot - highTot;
1488 if (GraphBuffer[i]>maxMark) maxMark=GraphBuffer[i];
1489 if (GraphBuffer[i]<minMark) minMark=GraphBuffer[i];
1490 }
1491
1492 GraphTraceLen -= (convLen + 16);
1493
1494 RepaintGraphWindow();
1495
1496 // Find bit-sync (3 lo followed by 3 high)
1497 int max = 0, maxPos = 0;
1498 for(i = 0; i < 6000; i++) {
1499 int dec = 0;
1500 for(j = 0; j < 3*arraylen(LowTone); j++) {
1501 dec -= GraphBuffer[i+j];
1502 }
1503 for(; j < 3*(arraylen(LowTone) + arraylen(HighTone) ); j++) {
1504 dec += GraphBuffer[i+j];
1505 }
1506 if(dec > max) {
1507 max = dec;
1508 maxPos = i;
1509 }
1510 }
1511
1512 // place start of bit sync marker in graph
1513 GraphBuffer[maxPos] = maxMark;
1514 GraphBuffer[maxPos+1] = minMark;
1515
1516 maxPos += j;
1517
1518 // place end of bit sync marker in graph
1519 GraphBuffer[maxPos] = maxMark;
1520 GraphBuffer[maxPos+1] = minMark;
1521
1522 PrintToScrollback("actual data bits start at sample %d", maxPos);
1523 PrintToScrollback("length %d/%d", arraylen(HighTone), arraylen(LowTone));
1524
1525 BYTE bits[46];
1526 bits[sizeof(bits)-1] = '\0';
1527
1528 // find bit pairs and manchester decode them
1529 for(i = 0; i < arraylen(bits)-1; i++) {
1530 int dec = 0;
1531 for(j = 0; j < arraylen(LowTone); j++) {
1532 dec -= GraphBuffer[maxPos+j];
1533 }
1534 for(; j < arraylen(LowTone) + arraylen(HighTone); j++) {
1535 dec += GraphBuffer[maxPos+j];
1536 }
1537 maxPos += j;
1538 // place inter bit marker in graph
1539 GraphBuffer[maxPos] = maxMark;
1540 GraphBuffer[maxPos+1] = minMark;
1541
1542 // hi and lo form a 64 bit pair
1543 hi = (hi<<1)|(lo>>31);
1544 lo = (lo<<1);
1545 // store decoded bit as binary (in hi/lo) and text (in bits[])
1546 if(dec<0) {
1547 bits[i] = '1';
1548 lo|=1;
1549 } else {
1550 bits[i] = '0';
1551 }
1552 }
1553 PrintToScrollback("bits: '%s'", bits);
1554 PrintToScrollback("hex: %08x %08x", hi, lo);
1555 }
1556
1557 static void CmdTidemod(char *cmdline)
1558 {
1559 /* MATLAB as follows:
1560 f_s = 2000000; % sampling frequency
1561 f_l = 123200; % low FSK tone
1562 f_h = 134200; % high FSK tone
1563
1564 T_l = 119e-6; % low bit duration
1565 T_h = 130e-6; % high bit duration
1566
1567 l = 2*pi*ones(1, floor(f_s*T_l))*(f_l/f_s);
1568 h = 2*pi*ones(1, floor(f_s*T_h))*(f_h/f_s);
1569
1570 l = sign(sin(cumsum(l)));
1571 h = sign(sin(cumsum(h)));
1572 */
1573 static const int LowTone[] = {
1574 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1575 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1576 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1577 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1578 1, 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1579 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1580 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1581 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1582 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1583 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1584 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1585 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1586 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1587 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1588 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1,
1589 };
1590 static const int HighTone[] = {
1591 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1592 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1593 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1594 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1595 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1596 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1597 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1598 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1599 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1600 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1601 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1602 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1603 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1604 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1605 1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1,
1606 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1607 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1, -1, -1, -1,
1608 1, 1, 1, 1, 1, 1, 1,
1609 };
1610
1611 int convLen = max(arraylen(HighTone), arraylen(LowTone));
1612 WORD crc;
1613 int i, TagType;
1614 for(i = 0; i < GraphTraceLen - convLen; i++) {
1615 int j;
1616 int lowSum = 0, highSum = 0;;
1617 int lowLen = arraylen(LowTone);
1618 int highLen = arraylen(HighTone);
1619
1620 for(j = 0; j < lowLen; j++) {
1621 lowSum += LowTone[j]*GraphBuffer[i+j];
1622 }
1623 for(j = 0; j < highLen; j++) {
1624 highSum += HighTone[j]*GraphBuffer[i+j];
1625 }
1626 lowSum = abs((100*lowSum) / lowLen);
1627 highSum = abs((100*highSum) / highLen);
1628 GraphBuffer[i] = (highSum << 16) | lowSum;
1629 }
1630
1631 for(i = 0; i < GraphTraceLen - convLen - 16; i++) {
1632 int j;
1633 int lowTot = 0, highTot = 0;
1634 // 16 and 15 are f_s divided by f_l and f_h, rounded
1635 for(j = 0; j < 16; j++) {
1636 lowTot += (GraphBuffer[i+j] & 0xffff);
1637 }
1638 for(j = 0; j < 15; j++) {
1639 highTot += (GraphBuffer[i+j] >> 16);
1640 }
1641 GraphBuffer[i] = lowTot - highTot;
1642 }
1643
1644 GraphTraceLen -= (convLen + 16);
1645
1646 RepaintGraphWindow();
1647
1648 // TI tag data format is 16 prebits, 8 start bits, 64 data bits,
1649 // 16 crc CCITT bits, 8 stop bits, 15 end bits
1650
1651 // the 16 prebits are always low
1652 // the 8 start and stop bits of a tag must match
1653 // the start/stop prebits of a ro tag are 01111110
1654 // the start/stop prebits of a rw tag are 11111110
1655 // the 15 end bits of a ro tag are all low
1656 // the 15 end bits of a rw tag match bits 15-1 of the data bits
1657
1658 // Okay, so now we have unsliced soft decisions;
1659 // find bit-sync, and then get some bits.
1660 // look for 17 low bits followed by 6 highs (common pattern for ro and rw tags)
1661 int max = 0, maxPos = 0;
1662 for(i = 0; i < 6000; i++) {
1663 int j;
1664 int dec = 0;
1665 // searching 17 consecutive lows
1666 for(j = 0; j < 17*arraylen(LowTone); j++) {
1667 dec -= GraphBuffer[i+j];
1668 }
1669 // searching 7 consecutive highs
1670 for(; j < 17*arraylen(LowTone) + 6*arraylen(HighTone); j++) {
1671 dec += GraphBuffer[i+j];
1672 }
1673 if(dec > max) {
1674 max = dec;
1675 maxPos = i;
1676 }
1677 }
1678
1679 // place a marker in the buffer to visually aid location
1680 // of the start of sync
1681 GraphBuffer[maxPos] = 800;
1682 GraphBuffer[maxPos+1] = -800;
1683
1684 // advance pointer to start of actual data stream (after 16 pre and 8 start bits)
1685 maxPos += 17*arraylen(LowTone);
1686 maxPos += 6*arraylen(HighTone);
1687
1688 // place a marker in the buffer to visually aid location
1689 // of the end of sync
1690 GraphBuffer[maxPos] = 800;
1691 GraphBuffer[maxPos+1] = -800;
1692
1693 PrintToScrollback("actual data bits start at sample %d", maxPos);
1694
1695 PrintToScrollback("length %d/%d", arraylen(HighTone), arraylen(LowTone));
1696
1697 BYTE bits[1+64+16+8+16];
1698 bits[sizeof(bits)-1] = '\0';
1699
1700 DWORD shift3 = 0x7e000000, shift2 = 0, shift1 = 0, shift0 = 0;
1701
1702 for(i = 0; i < arraylen(bits)-1; i++) {
1703 int high = 0;
1704 int low = 0;
1705 int j;
1706 for(j = 0; j < arraylen(LowTone); j++) {
1707 low -= GraphBuffer[maxPos+j];
1708 }
1709 for(j = 0; j < arraylen(HighTone); j++) {
1710 high += GraphBuffer[maxPos+j];
1711 }
1712
1713 if(high > low) {
1714 bits[i] = '1';
1715 maxPos += arraylen(HighTone);
1716 // bitstream arrives lsb first so shift right
1717 shift3 |= (1<<31);
1718 } else {
1719 bits[i] = '.';
1720 maxPos += arraylen(LowTone);
1721 }
1722
1723 // 128 bit right shift register
1724 shift0 = (shift0>>1) | (shift1 << 31);
1725 shift1 = (shift1>>1) | (shift2 << 31);
1726 shift2 = (shift2>>1) | (shift3 << 31);
1727 shift3 >>= 1;
1728
1729 // place a marker in the buffer between bits to visually aid location
1730 GraphBuffer[maxPos] = 800;
1731 GraphBuffer[maxPos+1] = -800;
1732 }
1733 PrintToScrollback("Info: raw tag bits = %s", bits);
1734
1735 TagType = (shift3>>8)&0xff;
1736 if ( TagType != ((shift0>>16)&0xff) ) {
1737 PrintToScrollback("Error: start and stop bits do not match!");
1738 return;
1739 }
1740 else if (TagType == 0x7e) {
1741 PrintToScrollback("Info: Readonly TI tag detected.");
1742 return;
1743 }
1744 else if (TagType == 0xfe) {
1745 PrintToScrollback("Info: Rewriteable TI tag detected.");
1746
1747 // put 64 bit data into shift1 and shift0
1748 shift0 = (shift0>>24) | (shift1 << 8);
1749 shift1 = (shift1>>24) | (shift2 << 8);
1750
1751 // align 16 bit crc into lower half of shift2
1752 shift2 = ((shift2>>24) | (shift3 << 8)) & 0x0ffff;
1753
1754 // align 16 bit "end bits" or "ident" into lower half of shift3
1755 shift3 >>= 16;
1756
1757 if ( (shift3^shift0)&0xffff ) {
1758 PrintToScrollback("Error: Ident mismatch!");
1759 }
1760 // calculate CRC
1761 crc=0;
1762 crc = update_crc16(crc, (shift0)&0xff);
1763 crc = update_crc16(crc, (shift0>>8)&0xff);
1764 crc = update_crc16(crc, (shift0>>16)&0xff);
1765 crc = update_crc16(crc, (shift0>>24)&0xff);
1766 crc = update_crc16(crc, (shift1)&0xff);
1767 crc = update_crc16(crc, (shift1>>8)&0xff);
1768 crc = update_crc16(crc, (shift1>>16)&0xff);
1769 crc = update_crc16(crc, (shift1>>24)&0xff);
1770 PrintToScrollback("Info: Tag data = %08X%08X", shift1, shift0);
1771 if (crc != (shift2&0xffff)) {
1772 PrintToScrollback("Error: CRC mismatch, calculated %04X, got ^04X", crc, shift2&0xffff);
1773 } else {
1774 PrintToScrollback("Info: CRC %04X is good", crc);
1775 }
1776 }
1777 else {
1778 PrintToScrollback("Unknown tag type.");
1779 return;
1780 }
1781 }
1782
1783 static void CmdNorm(char *str)
1784 {
1785 int i;
1786 int max = INT_MIN, min = INT_MAX;
1787 for(i = 10; i < GraphTraceLen; i++) {
1788 if(GraphBuffer[i] > max) {
1789 max = GraphBuffer[i];
1790 }
1791 if(GraphBuffer[i] < min) {
1792 min = GraphBuffer[i];
1793 }
1794 }
1795 if(max != min) {
1796 for(i = 0; i < GraphTraceLen; i++) {
1797 GraphBuffer[i] = (GraphBuffer[i] - ((max + min)/2))*1000/
1798 (max - min);
1799 }
1800 }
1801 RepaintGraphWindow();
1802 }
1803
1804 static void CmdDec(char *str)
1805 {
1806 int i;
1807 for(i = 0; i < (GraphTraceLen/2); i++) {
1808 GraphBuffer[i] = GraphBuffer[i*2];
1809 }
1810 GraphTraceLen /= 2;
1811 PrintToScrollback("decimated by 2");
1812 RepaintGraphWindow();
1813 }
1814
1815 static void CmdHpf(char *str)
1816 {
1817 int i;
1818 int accum = 0;
1819 for(i = 10; i < GraphTraceLen; i++) {
1820 accum += GraphBuffer[i];
1821 }
1822 accum /= (GraphTraceLen - 10);
1823 for(i = 0; i < GraphTraceLen; i++) {
1824 GraphBuffer[i] -= accum;
1825 }
1826
1827 RepaintGraphWindow();
1828 }
1829
1830 static void CmdZerocrossings(char *str)
1831 {
1832 int i;
1833 // Zero-crossings aren't meaningful unless the signal is zero-mean.
1834 CmdHpf("");
1835
1836 int sign = 1;
1837 int zc = 0;
1838 int lastZc = 0;
1839 for(i = 0; i < GraphTraceLen; i++) {
1840 if(GraphBuffer[i]*sign >= 0) {
1841 // No change in sign, reproduce the previous sample count.
1842 zc++;
1843 GraphBuffer[i] = lastZc;
1844 } else {
1845 // Change in sign, reset the sample count.
1846 sign = -sign;
1847 GraphBuffer[i] = lastZc;
1848 if(sign > 0) {
1849 lastZc = zc;
1850 zc = 0;
1851 }
1852 }
1853 }
1854
1855 RepaintGraphWindow();
1856 }
1857
1858 static void CmdThreshold(char *str)
1859 {
1860 int i;
1861 int threshold = atoi(str);
1862
1863 for(i = 0; i < GraphTraceLen; i++) {
1864 if(GraphBuffer[i]>= threshold)
1865 GraphBuffer[i]=1;
1866 else
1867 GraphBuffer[i]=-1;
1868 }
1869 RepaintGraphWindow();
1870 }
1871
1872 static void CmdLtrim(char *str)
1873 {
1874 int i;
1875 int ds = atoi(str);
1876
1877 for(i = ds; i < GraphTraceLen; i++) {
1878 GraphBuffer[i-ds] = GraphBuffer[i];
1879 }
1880 GraphTraceLen -= ds;
1881
1882 RepaintGraphWindow();
1883 }
1884
1885 static void CmdAutoCorr(char *str)
1886 {
1887 static int CorrelBuffer[MAX_GRAPH_TRACE_LEN];
1888
1889 int window = atoi(str);
1890
1891 if(window == 0) {
1892 PrintToScrollback("needs a window");
1893 return;
1894 }
1895
1896 if(window >= GraphTraceLen) {
1897 PrintToScrollback("window must be smaller than trace (%d samples)",
1898 GraphTraceLen);
1899 return;
1900 }
1901
1902 PrintToScrollback("performing %d correlations", GraphTraceLen - window);
1903
1904 int i;
1905 for(i = 0; i < GraphTraceLen - window; i++) {
1906 int sum = 0;
1907 int j;
1908 for(j = 0; j < window; j++) {
1909 sum += (GraphBuffer[j]*GraphBuffer[i+j]) / 256;
1910 }
1911 CorrelBuffer[i] = sum;
1912 }
1913 GraphTraceLen = GraphTraceLen - window;
1914 memcpy(GraphBuffer, CorrelBuffer, GraphTraceLen*sizeof(int));
1915
1916 RepaintGraphWindow();
1917 }
1918
1919 static void CmdVchdemod(char *str)
1920 {
1921 // Is this the entire sync pattern, or does this also include some
1922 // data bits that happen to be the same everywhere? That would be
1923 // lovely to know.
1924 static const int SyncPattern[] = {
1925 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1926 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1927 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1928 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1929 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1930 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1931 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1932 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1933 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1934 1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
1935 };
1936
1937 // So first, we correlate for the sync pattern, and mark that.
1938 int bestCorrel = 0, bestPos = 0;
1939 int i;
1940 // It does us no good to find the sync pattern, with fewer than
1941 // 2048 samples after it...
1942 for(i = 0; i < (GraphTraceLen-2048); i++) {
1943 int sum = 0;
1944 int j;
1945 for(j = 0; j < arraylen(SyncPattern); j++) {
1946 sum += GraphBuffer[i+j]*SyncPattern[j];
1947 }
1948 if(sum > bestCorrel) {
1949 bestCorrel = sum;
1950 bestPos = i;
1951 }
1952 }
1953 PrintToScrollback("best sync at %d [metric %d]", bestPos, bestCorrel);
1954
1955 char bits[257];
1956 bits[256] = '\0';
1957
1958 int worst = INT_MAX;
1959 int worstPos;
1960
1961 for(i = 0; i < 2048; i += 8) {
1962 int sum = 0;
1963 int j;
1964 for(j = 0; j < 8; j++) {
1965 sum += GraphBuffer[bestPos+i+j];
1966 }
1967 if(sum < 0) {
1968 bits[i/8] = '.';
1969 } else {
1970 bits[i/8] = '1';
1971 }
1972 if(abs(sum) < worst) {
1973 worst = abs(sum);
1974 worstPos = i;
1975 }
1976 }
1977 PrintToScrollback("bits:");
1978 PrintToScrollback("%s", bits);
1979 PrintToScrollback("worst metric: %d at pos %d", worst, worstPos);
1980
1981 if(strcmp(str, "clone")==0) {
1982 GraphTraceLen = 0;
1983 char *s;
1984 for(s = bits; *s; s++) {
1985 int j;
1986 for(j = 0; j < 16; j++) {
1987 GraphBuffer[GraphTraceLen++] = (*s == '1') ? 1 : 0;
1988 }
1989 }
1990 RepaintGraphWindow();
1991 }
1992 }
1993
1994 static void CmdIndalademod(char *str)
1995 {
1996 // Usage: recover 64bit UID by default, specify "224" as arg to recover a 224bit UID
1997
1998 int state = -1;
1999 int count = 0;
2000 int i, j;
2001 // worst case with GraphTraceLen=64000 is < 4096
2002 // under normal conditions it's < 2048
2003 BYTE rawbits[4096];
2004 int rawbit = 0;
2005 int worst = 0, worstPos = 0;
2006 PrintToScrollback("Expecting a bit less than %d raw bits", GraphTraceLen/32);
2007 for(i = 0; i < GraphTraceLen-1; i += 2) {
2008 count+=1;
2009 if((GraphBuffer[i] > GraphBuffer[i + 1]) && (state != 1)) {
2010 if (state == 0) {
2011 for(j = 0; j < count - 8; j += 16) {
2012 rawbits[rawbit++] = 0;
2013 }
2014 if ((abs(count - j)) > worst) {
2015 worst = abs(count - j);
2016 worstPos = i;
2017 }
2018 }
2019 state = 1;
2020 count=0;
2021 } else if((GraphBuffer[i] < GraphBuffer[i + 1]) && (state != 0)) {
2022 if (state == 1) {
2023 for(j = 0; j < count - 8; j += 16) {
2024 rawbits[rawbit++] = 1;
2025 }
2026 if ((abs(count - j)) > worst) {
2027 worst = abs(count - j);
2028 worstPos = i;
2029 }
2030 }
2031 state = 0;
2032 count=0;
2033 }
2034 }
2035 PrintToScrollback("Recovered %d raw bits", rawbit);
2036 PrintToScrollback("worst metric (0=best..7=worst): %d at pos %d", worst, worstPos);
2037
2038 // Finding the start of a UID
2039 int uidlen, long_wait;
2040 if(strcmp(str, "224") == 0) {
2041 uidlen=224;
2042 long_wait=30;
2043 } else {
2044 uidlen=64;
2045 long_wait=29;
2046 }
2047 int start;
2048 int first = 0;
2049 for(start = 0; start <= rawbit - uidlen; start++) {
2050 first = rawbits[start];
2051 for(i = start; i < start + long_wait; i++) {
2052 if(rawbits[i] != first) {
2053 break;
2054 }
2055 }
2056 if(i == (start + long_wait)) {
2057 break;
2058 }
2059 }
2060 if(start == rawbit - uidlen + 1) {
2061 PrintToScrollback("nothing to wait for");
2062 return;
2063 }
2064
2065 // Inverting signal if needed
2066 if(first == 1) {
2067 for(i = start; i < rawbit; i++) {
2068 rawbits[i] = !rawbits[i];
2069 }
2070 }
2071
2072 // Dumping UID
2073 BYTE bits[224];
2074 char showbits[225];
2075 showbits[uidlen]='\0';
2076 int bit;
2077 i = start;
2078 int times = 0;
2079 if(uidlen > rawbit) {
2080 PrintToScrollback("Warning: not enough raw bits to get a full UID");
2081 for(bit = 0; bit < rawbit; bit++) {
2082 bits[bit] = rawbits[i++];
2083 // As we cannot know the parity, let's use "." and "/"
2084 showbits[bit] = '.' + bits[bit];
2085 }
2086 showbits[bit+1]='\0';
2087 PrintToScrollback("Partial UID=%s", showbits);
2088 return;
2089 } else {
2090 for(bit = 0; bit < uidlen; bit++) {
2091 bits[bit] = rawbits[i++];
2092 showbits[bit] = '0' + bits[bit];
2093 }
2094 times = 1;
2095 }
2096 PrintToScrollback("UID=%s", showbits);
2097
2098 // Checking UID against next occurences
2099 for(; i + uidlen <= rawbit;) {
2100 int failed = 0;
2101 for(bit = 0; bit < uidlen; bit++) {
2102 if(bits[bit] != rawbits[i++]) {
2103 failed = 1;
2104 break;
2105 }
2106 }
2107 if (failed == 1) {
2108 break;
2109 }
2110 times += 1;
2111 }
2112 PrintToScrollback("Occurences: %d (expected %d)", times, (rawbit - start) / uidlen);
2113
2114 // Remodulating for tag cloning
2115 GraphTraceLen = 32*uidlen;
2116 i = 0;
2117 int phase = 0;
2118 for(bit = 0; bit < uidlen; bit++) {
2119 if(bits[bit] == 0) {
2120 phase = 0;
2121 } else {
2122 phase = 1;
2123 }
2124 int j;
2125 for(j = 0; j < 32; j++) {
2126 GraphBuffer[i++] = phase;
2127 phase = !phase;
2128 }
2129 }
2130
2131 RepaintGraphWindow();
2132 }
2133
2134 static void CmdFlexdemod(char *str)
2135 {
2136 int i;
2137 for(i = 0; i < GraphTraceLen; i++) {
2138 if(GraphBuffer[i] < 0) {
2139 GraphBuffer[i] = -1;
2140 } else {
2141 GraphBuffer[i] = 1;
2142 }
2143 }
2144
2145 #define LONG_WAIT 100
2146 int start;
2147 for(start = 0; start < GraphTraceLen - LONG_WAIT; start++) {
2148 int first = GraphBuffer[start];
2149 for(i = start; i < start + LONG_WAIT; i++) {
2150 if(GraphBuffer[i] != first) {
2151 break;
2152 }
2153 }
2154 if(i == (start + LONG_WAIT)) {
2155 break;
2156 }
2157 }
2158 if(start == GraphTraceLen - LONG_WAIT) {
2159 PrintToScrollback("nothing to wait for");
2160 return;
2161 }
2162
2163 GraphBuffer[start] = 2;
2164 GraphBuffer[start+1] = -2;
2165
2166 BYTE bits[64];
2167
2168 int bit;
2169 i = start;
2170 for(bit = 0; bit < 64; bit++) {
2171 int j;
2172 int sum = 0;
2173 for(j = 0; j < 16; j++) {
2174 sum += GraphBuffer[i++];
2175 }
2176 if(sum > 0) {
2177 bits[bit] = 1;
2178 } else {
2179 bits[bit] = 0;
2180 }
2181 PrintToScrollback("bit %d sum %d", bit, sum);
2182 }
2183
2184 for(bit = 0; bit < 64; bit++) {
2185 int j;
2186 int sum = 0;
2187 for(j = 0; j < 16; j++) {
2188 sum += GraphBuffer[i++];
2189 }
2190 if(sum > 0 && bits[bit] != 1) {
2191 PrintToScrollback("oops1 at %d", bit);
2192 }
2193 if(sum < 0 && bits[bit] != 0) {
2194 PrintToScrollback("oops2 at %d", bit);
2195 }
2196 }
2197
2198 GraphTraceLen = 32*64;
2199 i = 0;
2200 int phase = 0;
2201 for(bit = 0; bit < 64; bit++) {
2202 if(bits[bit] == 0) {
2203 phase = 0;
2204 } else {
2205 phase = 1;
2206 }
2207 int j;
2208 for(j = 0; j < 32; j++) {
2209 GraphBuffer[i++] = phase;
2210 phase = !phase;
2211 }
2212 }
2213
2214 RepaintGraphWindow();
2215 }
2216
2217 /*
2218 * Generic command to demodulate ASK.
2219 *
2220 * Argument is convention: positive or negative (High mod means zero
2221 * or high mod means one)
2222 *
2223 * Updates the Graph trace with 0/1 values
2224 *
2225 * Arguments:
2226 * c : 0 or 1
2227 */
2228
2229 static void Cmdaskdemod(char *str) {
2230 int i;
2231 int c, high = 0, low = 0;
2232
2233 // TODO: complain if we do not give 2 arguments here !
2234 sscanf(str, "%i", &c);
2235
2236 /* Detect high and lows and clock */
2237 for (i = 0; i < GraphTraceLen; i++)
2238 {
2239 if (GraphBuffer[i] > high)
2240 high = GraphBuffer[i];
2241 else if (GraphBuffer[i] < low)
2242 low = GraphBuffer[i];
2243 }
2244
2245 if (GraphBuffer[0] > 0) {
2246 GraphBuffer[0] = 1-c;
2247 } else {
2248 GraphBuffer[0] = c;
2249 }
2250 for(i=1;i<GraphTraceLen;i++) {
2251 /* Transitions are detected at each peak
2252 * Transitions are either:
2253 * - we're low: transition if we hit a high
2254 * - we're high: transition if we hit a low
2255 * (we need to do it this way because some tags keep high or
2256 * low for long periods, others just reach the peak and go
2257 * down)
2258 */
2259 if ((GraphBuffer[i]==high) && (GraphBuffer[i-1] == c)) {
2260 GraphBuffer[i]=1-c;
2261 } else if ((GraphBuffer[i]==low) && (GraphBuffer[i-1] == (1-c))){
2262 GraphBuffer[i] = c;
2263 } else {
2264 /* No transition */
2265 GraphBuffer[i] = GraphBuffer[i-1];
2266 }
2267 }
2268 RepaintGraphWindow();
2269 }
2270
2271 /* Print our clock rate */
2272 static void Cmddetectclockrate(char *str)
2273 {
2274 int clock = detectclock(0);
2275 PrintToScrollback("Auto-detected clock rate: %d", clock);
2276 }
2277
2278 /*
2279 * Detect clock rate
2280 */
2281 int detectclock(int peak)
2282 {
2283 int i;
2284 int clock = 0xFFFF;
2285 int lastpeak = 0;
2286
2287 /* Detect peak if we don't have one */
2288 if (!peak)
2289 for (i = 0; i < GraphTraceLen; i++)
2290 if (GraphBuffer[i] > peak)
2291 peak = GraphBuffer[i];
2292
2293 for (i = 1; i < GraphTraceLen; i++)
2294 {
2295 /* If this is the beginning of a peak */
2296 if (GraphBuffer[i-1] != GraphBuffer[i] && GraphBuffer[i] == peak)
2297 {
2298 /* Find lowest difference between peaks */
2299 if (lastpeak && i - lastpeak < clock)
2300 {
2301 clock = i - lastpeak;
2302 }
2303 lastpeak = i;
2304 }
2305 }
2306
2307 return clock;
2308 }
2309
2310 /* Get or auto-detect clock rate */
2311 int GetClock(char *str, int peak)
2312 {
2313 int clock;
2314
2315 sscanf(str, "%i", &clock);
2316 if (!strcmp(str, ""))
2317 clock = 0;
2318
2319 /* Auto-detect clock */
2320 if (!clock)
2321 {
2322 clock = detectclock(peak);
2323
2324 /* Only print this message if we're not looping something */
2325 if (!go)
2326 PrintToScrollback("Auto-detected clock rate: %d", clock);
2327 }
2328
2329 return clock;
2330 }
2331
2332 /*
2333 * Convert to a bitstream
2334 */
2335 static void Cmdbitstream(char *str) {
2336 int i, j;
2337 int bit;
2338 int gtl;
2339 int clock;
2340 int low = 0;
2341 int high = 0;
2342 int hithigh, hitlow, first;
2343
2344 /* Detect high and lows and clock */
2345 for (i = 0; i < GraphTraceLen; i++)
2346 {
2347 if (GraphBuffer[i] > high)
2348 high = GraphBuffer[i];
2349 else if (GraphBuffer[i] < low)
2350 low = GraphBuffer[i];
2351 }
2352
2353 /* Get our clock */
2354 clock = GetClock(str, high);
2355
2356 gtl = CmdClearGraph(0);
2357
2358 bit = 0;
2359 for (i = 0; i < (int)(gtl / clock); i++)
2360 {
2361 hithigh = 0;
2362 hitlow = 0;
2363 first = 1;
2364
2365 /* Find out if we hit both high and low peaks */
2366 for (j = 0; j < clock; j++)
2367 {
2368 if (GraphBuffer[(i * clock) + j] == high)
2369 hithigh = 1;
2370 else if (GraphBuffer[(i * clock) + j] == low)
2371 hitlow = 1;
2372
2373 /* it doesn't count if it's the first part of our read
2374 because it's really just trailing from the last sequence */
2375 if (first && (hithigh || hitlow))
2376 hithigh = hitlow = 0;
2377 else
2378 first = 0;
2379
2380 if (hithigh && hitlow)
2381 break;
2382 }
2383
2384 /* If we didn't hit both high and low peaks, we had a bit transition */
2385 if (!hithigh || !hitlow)
2386 bit ^= 1;
2387
2388 CmdAppendGraph(0, clock, bit);
2389 // for (j = 0; j < (int)(clock/2); j++)
2390 // GraphBuffer[(i * clock) + j] = bit ^ 1;
2391 // for (j = (int)(clock/2); j < clock; j++)
2392 // GraphBuffer[(i * clock) + j] = bit;
2393 }
2394
2395 RepaintGraphWindow();
2396 }
2397
2398 /* Modulate our data into manchester */
2399 static void Cmdmanchestermod(char *str)
2400 {
2401 int i, j;
2402 int clock;
2403 int bit, lastbit, wave;
2404
2405 /* Get our clock */
2406 clock = GetClock(str, 0);
2407
2408 wave = 0;
2409 lastbit = 1;
2410 for (i = 0; i < (int)(GraphTraceLen / clock); i++)
2411 {
2412 bit = GraphBuffer[i * clock] ^ 1;
2413
2414 for (j = 0; j < (int)(clock/2); j++)
2415 GraphBuffer[(i * clock) + j] = bit ^ lastbit ^ wave;
2416 for (j = (int)(clock/2); j < clock; j++)
2417 GraphBuffer[(i * clock) + j] = bit ^ lastbit ^ wave ^ 1;
2418
2419 /* Keep track of how we start our wave and if we changed or not this time */
2420 wave ^= bit ^ lastbit;
2421 lastbit = bit;
2422 }
2423
2424 RepaintGraphWindow();
2425 }
2426
2427 /*
2428 * Manchester demodulate a bitstream. The bitstream needs to be already in
2429 * the GraphBuffer as 0 and 1 values
2430 *
2431 * Give the clock rate as argument in order to help the sync - the algorithm
2432 * resyncs at each pulse anyway.
2433 *
2434 * Not optimized by any means, this is the 1st time I'm writing this type of
2435 * routine, feel free to improve...
2436 *
2437 * 1st argument: clock rate (as number of samples per clock rate)
2438 * Typical values can be 64, 32, 128...
2439 */
2440 static void Cmdmanchesterdemod(char *str) {
2441 int i, j, invert= 0;
2442 int bit;
2443 int clock;
2444 int lastval;
2445 int low = 0;
2446 int high = 0;
2447 int hithigh, hitlow, first;
2448 int lc = 0;
2449 int bitidx = 0;
2450 int bit2idx = 0;
2451 int warnings = 0;
2452
2453 /* check if we're inverting output */
2454 if(*str == 'i')
2455 {
2456 PrintToScrollback("Inverting output");
2457 invert= 1;
2458 do
2459 ++str;
2460 while(*str == ' '); // in case a 2nd argument was given
2461 }
2462
2463 /* Holds the decoded bitstream: each clock period contains 2 bits */
2464 /* later simplified to 1 bit after manchester decoding. */
2465 /* Add 10 bits to allow for noisy / uncertain traces without aborting */
2466 /* int BitStream[GraphTraceLen*2/clock+10]; */
2467
2468 /* But it does not work if compiling on WIndows: therefore we just allocate a */
2469 /* large array */
2470 int BitStream[MAX_GRAPH_TRACE_LEN];
2471
2472 /* Detect high and lows */
2473 for (i = 0; i < GraphTraceLen; i++)
2474 {
2475 if (GraphBuffer[i] > high)
2476 high = GraphBuffer[i];
2477 else if (GraphBuffer[i] < low)
2478 low = GraphBuffer[i];
2479 }
2480
2481 /* Get our clock */
2482 clock = GetClock(str, high);
2483
2484 int tolerance = clock/4;
2485
2486 /* Detect first transition */
2487 /* Lo-Hi (arbitrary) */
2488 for (i = 0; i < GraphTraceLen; i++)
2489 {
2490 if (GraphBuffer[i] == low)
2491 {
2492 lastval = i;
2493 break;
2494 }
2495 }
2496
2497 /* If we're not working with 1/0s, demod based off clock */
2498 if (high != 1)
2499 {
2500 bit = 0; /* We assume the 1st bit is zero, it may not be
2501 * the case: this routine (I think) has an init problem.
2502 * Ed.
2503 */
2504 for (; i < (int)(GraphTraceLen / clock); i++)
2505 {
2506 hithigh = 0;
2507 hitlow = 0;
2508 first = 1;
2509
2510 /* Find out if we hit both high and low peaks */
2511 for (j = 0; j < clock; j++)
2512 {
2513 if (GraphBuffer[(i * clock) + j] == high)
2514 hithigh = 1;
2515 else if (GraphBuffer[(i * clock) + j] == low)
2516 hitlow = 1;
2517
2518 /* it doesn't count if it's the first part of our read
2519 because it's really just trailing from the last sequence */
2520 if (first && (hithigh || hitlow))
2521 hithigh = hitlow = 0;
2522 else
2523 first = 0;
2524
2525 if (hithigh && hitlow)
2526 break;
2527 }
2528
2529 /* If we didn't hit both high and low peaks, we had a bit transition */
2530 if (!hithigh || !hitlow)
2531 bit ^= 1;
2532
2533 BitStream[bit2idx++] = bit ^ invert;
2534 }
2535 }
2536
2537 /* standard 1/0 bitstream */
2538 else
2539 {
2540
2541 /* Then detect duration between 2 successive transitions */
2542 for (bitidx = 1; i < GraphTraceLen; i++)
2543 {
2544 if (GraphBuffer[i-1] != GraphBuffer[i])
2545 {
2546 lc = i-lastval;
2547 lastval = i;
2548
2549 // Error check: if bitidx becomes too large, we do not
2550 // have a Manchester encoded bitstream or the clock is really
2551 // wrong!
2552 if (bitidx > (GraphTraceLen*2/clock+8) ) {
2553 PrintToScrollback("Error: the clock you gave is probably wrong, aborting.");
2554 return;
2555 }
2556 // Then switch depending on lc length:
2557 // Tolerance is 1/4 of clock rate (arbitrary)
2558 if (abs(lc-clock/2) < tolerance) {
2559 // Short pulse : either "1" or "0"
2560 BitStream[bitidx++]=GraphBuffer[i-1];
2561 } else if (abs(lc-clock) < tolerance) {
2562 // Long pulse: either "11" or "00"
2563 BitStream[bitidx++]=GraphBuffer[i-1];
2564 BitStream[bitidx++]=GraphBuffer[i-1];
2565 } else {
2566 // Error
2567 warnings++;
2568 PrintToScrollback("Warning: Manchester decode error for pulse width detection.");
2569 PrintToScrollback("(too many of those messages mean either the stream is not Manchester encoded, or clock is wrong)");
2570
2571 if (warnings > 100)
2572 {
2573 PrintToScrollback("Error: too many detection errors, aborting.");
2574 return;
2575 }
2576 }
2577 }
2578 }
2579
2580 // At this stage, we now have a bitstream of "01" ("1") or "10" ("0"), parse it into final decoded bitstream
2581 // Actually, we overwrite BitStream with the new decoded bitstream, we just need to be careful
2582 // to stop output at the final bitidx2 value, not bitidx
2583 for (i = 0; i < bitidx; i += 2) {
2584 if ((BitStream[i] == 0) && (BitStream[i+1] == 1)) {
2585 BitStream[bit2idx++] = 1 ^ invert;
2586 } else if ((BitStream[i] == 1) && (BitStream[i+1] == 0)) {
2587 BitStream[bit2idx++] = 0 ^ invert;
2588 } else {
2589 // We cannot end up in this state, this means we are unsynchronized,
2590 // move up 1 bit:
2591 i++;
2592 warnings++;
2593 PrintToScrollback("Unsynchronized, resync...");
2594 PrintToScrollback("(too many of those messages mean the stream is not Manchester encoded)");
2595
2596 if (warnings > 100)
2597 {
2598 PrintToScrollback("Error: too many decode errors, aborting.");
2599 return;
2600 }
2601 }
2602 }
2603 }
2604
2605 PrintToScrollback("Manchester decoded bitstream");
2606 // Now output the bitstream to the scrollback by line of 16 bits
2607 for (i = 0; i < (bit2idx-16); i+=16) {
2608 PrintToScrollback("%i %i %i %i %i %i %i %i %i %i %i %i %i %i %i %i",
2609 BitStream[i],
2610 BitStream[i+1],
2611 BitStream[i+2],
2612 BitStream[i+3],
2613 BitStream[i+4],
2614 BitStream[i+5],
2615 BitStream[i+6],
2616 BitStream[i+7],
2617 BitStream[i+8],
2618 BitStream[i+9],
2619 BitStream[i+10],
2620 BitStream[i+11],
2621 BitStream[i+12],
2622 BitStream[i+13],
2623 BitStream[i+14],
2624 BitStream[i+15]);
2625 }
2626 }
2627
2628 /*
2629 * Usage ???
2630 */
2631 static void CmdHiddemod(char *str)
2632 {
2633 if(GraphTraceLen < 4800) {
2634 PrintToScrollback("too short; need at least 4800 samples");
2635 return;
2636 }
2637
2638 GraphTraceLen = 4800;
2639 int i;
2640 for(i = 0; i < GraphTraceLen; i++) {
2641 if(GraphBuffer[i] < 0) {
2642 GraphBuffer[i] = 0;
2643 } else {
2644 GraphBuffer[i] = 1;
2645 }
2646 }
2647 RepaintGraphWindow();
2648 }
2649
2650 static void CmdPlot(char *str)
2651 {
2652 ShowGraphWindow();
2653 }
2654
2655 static void CmdGrid(char *str)
2656 {
2657 sscanf(str, "%i %i", &PlotGridX, &PlotGridY);
2658 RepaintGraphWindow();
2659 }
2660
2661 static void CmdHide(char *str)
2662 {
2663 HideGraphWindow();
2664 }
2665
2666 static void CmdScale(char *str)
2667 {
2668 CursorScaleFactor = atoi(str);
2669 if(CursorScaleFactor == 0) {
2670 PrintToScrollback("bad, can't have zero scale");
2671 CursorScaleFactor = 1;
2672 }
2673 RepaintGraphWindow();
2674 }
2675
2676 static void CmdSave(char *str)
2677 {
2678 FILE *f = fopen(str, "w");
2679 if(!f) {
2680 PrintToScrollback("couldn't open '%s'", str);
2681 return;
2682 }
2683 int i;
2684 for(i = 0; i < GraphTraceLen; i++) {
2685 fprintf(f, "%d\n", GraphBuffer[i]);
2686 }
2687 fclose(f);
2688 PrintToScrollback("saved to '%s'", str);
2689 }
2690
2691 static void CmdLoad(char *str)
2692 {
2693 FILE *f = fopen(str, "r");
2694 if(!f) {
2695 PrintToScrollback("couldn't open '%s'", str);
2696 return;
2697 }
2698
2699 GraphTraceLen = 0;
2700 char line[80];
2701 while(fgets(line, sizeof(line), f)) {
2702 GraphBuffer[GraphTraceLen] = atoi(line);
2703 GraphTraceLen++;
2704 }
2705 fclose(f);
2706 PrintToScrollback("loaded %d samples", GraphTraceLen);
2707 RepaintGraphWindow();
2708 }
2709
2710 static void CmdHIDsimTAG(char *str)
2711 {
2712 unsigned int hi=0, lo=0;
2713 int n=0, i=0;
2714 UsbCommand c;
2715
2716 while (sscanf(&str[i++], "%1x", &n ) == 1) {
2717 hi=(hi<<4)|(lo>>28);
2718 lo=(lo<<4)|(n&0xf);
2719 }
2720
2721 PrintToScrollback("Emulating tag with ID %x%16x", hi, lo);
2722
2723 c.cmd = CMD_HID_SIM_TAG;
2724 c.ext1 = hi;
2725 c.ext2 = lo;
2726 SendCommand(&c, FALSE);
2727 }
2728
2729 static void CmdReadmem(char *str)
2730 {
2731 UsbCommand c;
2732 c.cmd = CMD_READ_MEM;
2733 c.ext1 = atoi(str);
2734 SendCommand(&c, FALSE);
2735 }
2736
2737 static void CmdLcdReset(char *str)
2738 {
2739 UsbCommand c;
2740 c.cmd = CMD_LCD_RESET;
2741 c.ext1 = atoi(str);
2742 SendCommand(&c, FALSE);
2743 }
2744
2745 static void CmdLcd(char *str)
2746 {
2747 int i, j;
2748 UsbCommand c;
2749 c.cmd = CMD_LCD;
2750 sscanf(str, "%x %d", &i, &j);
2751 while (j--) {
2752 c.ext1 = i&0x1ff;
2753 SendCommand(&c, FALSE);
2754 }
2755 }
2756
2757 /*
2758 * Sets the divisor for LF frequency clock: lets the user choose any LF frequency below
2759 * 600kHz.
2760 */
2761 static void CmdSetDivisor(char *str)
2762 {
2763 UsbCommand c;
2764 c.cmd = CMD_SET_LF_DIVISOR;
2765 c.ext1 = atoi(str);
2766 if (( c.ext1<0) || (c.ext1>255)) {
2767 PrintToScrollback("divisor must be between 19 and 255");
2768 } else {
2769 SendCommand(&c, FALSE);
2770 PrintToScrollback("Divisor set, expected freq=%dHz", 12000000/(c.ext1+1));
2771 }
2772 }
2773
2774 typedef void HandlerFunction(char *cmdline);
2775
2776 /* in alphabetic order */
2777 static struct {
2778 char *name;
2779 HandlerFunction *handler;
2780 int offline; // 1 if the command can be used when in offline mode
2781 char *docString;
2782 } CommandTable[] = {
2783 {"askdemod", Cmdaskdemod, 1, "<samples per bit> <0|1> -- Attempt to demodulate simple ASK tags"},
2784 {"autocorr", CmdAutoCorr, 1, "<window length> -- Autocorrelation over window"},
2785 {"bitsamples", CmdBitsamples, 0, "Get raw samples as bitstring"},
2786 {"bitstream", Cmdbitstream, 1, "[clock rate] -- Convert waveform into a bitstream"},
2787 {"buffclear", CmdBuffClear, 1, "Clear sample buffer and graph window"},
2788 {"dec", CmdDec, 1, "Decimate samples"},
2789 {"detectclock", Cmddetectclockrate, 1, "Detect clock rate"},
2790 {"detectreader", CmdDetectReader, 0, "['l'|'h'] -- Detect external reader field (option 'l' or 'h' to limit to LF or HF)"},
2791 {"em410xsim", CmdEM410xsim, 1, "<UID> -- Simulate EM410x tag"},
2792 {"em410xread", CmdEM410xread, 1, "[clock rate] -- Extract ID from EM410x tag"},
2793 {"em410xwatch", CmdEM410xwatch, 0, "Watches for EM410x tags"},
2794 {"em4x50read", CmdEM4x50read, 1, "Extract data from EM4x50 tag"},
2795 {"exit", CmdQuit, 1, "Exit program"},
2796 {"flexdemod", CmdFlexdemod, 1, "Demodulate samples for FlexPass"},
2797 {"fpgaoff", CmdFPGAOff, 0, "Set FPGA off"},
2798 {"fskdemod", CmdFSKdemod, 1, "Demodulate graph window as a HID FSK"},
2799 {"grid", CmdGrid, 1, "<x> <y> -- overlay grid on graph window, use zero value to turn off either"},
2800 {"hexsamples", CmdHexsamples, 0, "<blocks> -- Dump big buffer as hex bytes"},
2801 {"hi14alist", CmdHi14alist, 0, "List ISO 14443a history"},
2802 {"hi14areader", CmdHi14areader, 0, "Act like an ISO14443 Type A reader"},
2803 {"hi14asim", CmdHi14asim, 0, "<UID> -- Fake ISO 14443a tag"},
2804 {"hi14asnoop", CmdHi14asnoop, 0, "Eavesdrop ISO 14443 Type A"},
2805 {"hi14bdemod", CmdHi14bdemod, 1, "Demodulate ISO14443 Type B from tag"},
2806 {"hi14list", CmdHi14list, 0, "List ISO 14443 history"},
2807 {"hi14read", CmdHi14read, 0, "Read HF tag (ISO 14443)"},
2808 {"hi14sim", CmdHi14sim, 0, "Fake ISO 14443 tag"},
2809 {"hi14snoop", CmdHi14snoop, 0, "Eavesdrop ISO 14443"},
2810 {"hi15demod", CmdHi15demod, 1, "Demodulate ISO15693 from tag"},
2811 {"hi15read", CmdHi15read, 0, "Read HF tag (ISO 15693)"},
2812 {"hi15reader", CmdHi15reader, 0, "Act like an ISO15693 reader"},
2813 {"hi15sim", CmdHi15tag, 0, "Fake an ISO15693 tag"},
2814 {"hiddemod", CmdHiddemod, 1, "Demodulate HID Prox Card II (not optimal)"},
2815 {"hide", CmdHide, 1, "Hide graph window"},
2816 {"hidfskdemod", CmdHIDdemodFSK, 0, "Realtime HID FSK demodulator"},
2817 {"hidsimtag", CmdHIDsimTAG, 0, "<ID> -- HID tag simulator"},
2818 {"higet", CmdHi14read_sim, 0, "<samples> -- Get samples HF, 'analog'"},
2819 {"hisamples", CmdHisamples, 0, "Get raw samples for HF tag"},
2820 {"hisampless", CmdHisampless, 0, "<samples> -- Get signed raw samples, HF tag"},
2821 {"hisamplest", CmdHi14readt, 0, "Get samples HF, for testing"},
2822 {"hisimlisten", CmdHisimlisten, 0, "Get HF samples as fake tag"},
2823 {"hpf", CmdHpf, 1, "Remove DC offset from trace"},
2824 {"indalademod", CmdIndalademod, 0, "['224'] -- Demodulate samples for Indala 64 bit UID (option '224' for 224 bit)"},
2825 {"lcd", CmdLcd, 0, "<HEX command> <count> -- Send command/data to LCD"},
2826 {"lcdreset", CmdLcdReset, 0, "Hardware reset LCD"},
2827 {"load", CmdLoad, 1, "<filename> -- Load trace (to graph window"},
2828 {"locomread", CmdLoCommandRead, 0, "<off period> <'0' period> <'1' period> <command> ['h'] -- Modulate LF reader field to send command before read (all periods in microseconds) (option 'h' for 134)"},
2829 {"loread", CmdLoread, 0, "['h'] -- Read 125/134 kHz LF ID-only tag (option 'h' for 134)"},
2830 {"losamples", CmdLosamples, 0, "[128 - 16000] -- Get raw samples for LF tag"},
2831 {"losim", CmdLosim, 0, "Simulate LF tag"},
2832 {"ltrim", CmdLtrim, 1, "<samples> -- Trim samples from left of trace"},
2833 {"mandemod", Cmdmanchesterdemod, 1, "[i] [clock rate] -- Manchester demodulate binary stream (option 'i' to invert output)"},
2834 {"manmod", Cmdmanchestermod, 1, "[clock rate] -- Manchester modulate a binary stream"},
2835 {"norm", CmdNorm, 1, "Normalize max/min to +/-500"},
2836 {"plot", CmdPlot, 1, "Show graph window"},
2837 {"quit", CmdQuit, 1, "Quit program"},
2838 {"readmem", CmdReadmem, 0, "[address] -- Read memory at decimal address from flash"},
2839 {"reset", CmdReset, 0, "Reset the Proxmark3"},
2840 {"save", CmdSave, 1, "<filename> -- Save trace (from graph window)"},
2841 {"scale", CmdScale, 1, "<int> -- Set cursor display scale"},
2842 {"setlfdivisor", CmdSetDivisor, 0, "<19 - 255> -- Drive LF antenna at 12Mhz/(divisor+1)"},
2843 {"sri512read", CmdSri512read, 0, "<int> -- Read contents of a SRI512 tag"},
2844 {"tibits", CmdTibits, 0, "Get raw bits for TI-type LF tag"},
2845 {"tidemod", CmdTidemod, 1, "Demodulate raw bits for TI-type LF tag"},
2846 {"tiread", CmdTiread, 0, "Read a TI-type 134 kHz tag"},
2847 {"threshold", CmdThreshold, 1, "Maximize/minimize every value in the graph window depending on threshold"},
2848 {"tune", CmdTune, 0, "Measure antenna tuning"},
2849 {"vchdemod", CmdVchdemod, 0, "['clone'] -- Demodulate samples for VeriChip"},
2850 {"zerocrossings", CmdZerocrossings, 1, "Count time between zero-crossings"},
2851 };
2852
2853 static struct {
2854 char *name;
2855 char *args;
2856 char *argshelp;
2857 char *description;
2858 } CommandExtendedHelp[]= {
2859 {"detectreader","'l'|'h'","'l' specifies LF antenna scan only, 'h' specifies HF antenna scan only.","Monitor antenna for changes in voltage. Output is in three fields: CHANGED, CURRENT, PERIOD,\nwhere CHANGED is the value just changed from, CURRENT is the current value and PERIOD is the\nnumber of program loops since the last change.\n\nThe RED LED indicates LF field detected, and the GREEN LED indicates HF field detected."},
2860 {"tune","","","Drive LF antenna at all divisor range values (19 - 255) and store the results in the output\nbuffer. Issuing 'losamples' and then 'plot' commands will display the resulting peak. 12MHz\ndivided by the peak's position plus one gives the antenna's resonant frequency. For convenience,\nthis value is also printed out by the command."},
2861 };
2862
2863 //-----------------------------------------------------------------------------
2864 // Entry point into our code: called whenever the user types a command and
2865 // then presses Enter, which the full command line that they typed.
2866 //-----------------------------------------------------------------------------
2867 void CommandReceived(char *cmd)
2868 {
2869 int i;
2870 char line[256];
2871
2872 PrintToScrollback("> %s", cmd);
2873
2874 if(strcmp(cmd, "help") == 0 || strncmp(cmd,"help ",strlen("help ")) == 0) {
2875 // check if we're doing extended help
2876 if(strlen(cmd) > strlen("help ")) {
2877 cmd += strlen("help ");
2878 for(i = 0; i < sizeof(CommandExtendedHelp) / sizeof(CommandExtendedHelp[0]); i++) {
2879 if(strcmp(CommandExtendedHelp[i].name,cmd) == 0) {
2880 PrintToScrollback("\nExtended help for '%s':\n", cmd);
2881 PrintToScrollback("Args: %s\t- %s\n",CommandExtendedHelp[i].args,CommandExtendedHelp[i].argshelp);
2882 PrintToScrollback(CommandExtendedHelp[i].description);
2883 PrintToScrollback("");
2884 return;
2885 }
2886 }
2887 PrintToScrollback("No extended help available for '%s'", cmd);
2888 return;
2889 }
2890 if (offline) PrintToScrollback("Operating in OFFLINE mode (no device connected)");
2891 PrintToScrollback("\r\nAvailable commands:");
2892 for(i = 0; i < sizeof(CommandTable) / sizeof(CommandTable[0]); i++) {
2893 if (offline && (CommandTable[i].offline==0)) continue;
2894 memset(line, ' ', sizeof(line));
2895 strcpy(line+2, CommandTable[i].name);
2896 line[strlen(line)] = ' ';
2897 sprintf(line+15, " -- %s", CommandTable[i].docString);
2898 PrintToScrollback("%s", line);
2899 }
2900 PrintToScrollback("");
2901 PrintToScrollback("'help <command>' for extended help on that command\n");
2902 return;
2903 }
2904
2905 for(i = 0; i < sizeof(CommandTable) / sizeof(CommandTable[0]); i++) {
2906 char *name = CommandTable[i].name;
2907 if(memcmp(cmd, name, strlen(name))==0 &&
2908 (cmd[strlen(name)] == ' ' || cmd[strlen(name)] == '\0'))
2909 {
2910 cmd += strlen(name);
2911 while(*cmd == ' ') {
2912 cmd++;
2913 }
2914 if (offline && (CommandTable[i].offline==0)) {
2915 PrintToScrollback("Offline mode, cannot use this command.");
2916 return;
2917 }
2918 (CommandTable[i].handler)(cmd);
2919 return;
2920 }
2921 }
2922 PrintToScrollback(">> bad command '%s'", cmd);
2923 }
2924
2925 //-----------------------------------------------------------------------------
2926 // Entry point into our code: called whenever we received a packet over USB
2927 // that we weren't necessarily expecting, for example a debug print.
2928 //-----------------------------------------------------------------------------
2929 void UsbCommandReceived(UsbCommand *c)
2930 {
2931 switch(c->cmd) {
2932 case CMD_DEBUG_PRINT_STRING: {
2933 char s[100];
2934 if(c->ext1 > 70 || c->ext1 < 0) {
2935 c->ext1 = 0;
2936 }
2937 memcpy(s, c->d.asBytes, c->ext1);
2938 s[c->ext1] = '\0';
2939 PrintToScrollback("#db# %s", s);
2940 break;
2941 }
2942
2943 case CMD_DEBUG_PRINT_INTEGERS:
2944 PrintToScrollback("#db# %08x, %08x, %08x\r\n", c->ext1, c->ext2, c->ext3);
2945 break;
2946
2947 case CMD_MEASURED_ANTENNA_TUNING: {
2948 int peakv, peakf;
2949 int vLf125, vLf134, vHf;
2950 vLf125 = c->ext1 & 0xffff;
2951 vLf134 = c->ext1 >> 16;
2952 vHf = c->ext2 & 0xffff;;
2953 peakf = c->ext3 & 0xffff;
2954 peakv = c->ext3 >> 16;
2955 PrintToScrollback("");
2956 PrintToScrollback("");
2957 PrintToScrollback("# LF antenna: %5.2f V @ 125.00 kHz", vLf125/1000.0);
2958 PrintToScrollback("# LF antenna: %5.2f V @ 134.00 kHz", vLf134/1000.0);
2959 PrintToScrollback("# LF optimal: %5.2f V @%9.2f kHz", peakv/1000.0, 12000.0/(peakf+1));
2960 PrintToScrollback("# HF antenna: %5.2f V @ 13.56 MHz", vHf/1000.0);
2961 if (peakv<2000)
2962 PrintToScrollback("# Your LF antenna is unusable.");
2963 else if (peakv<10000)
2964 PrintToScrollback("# Your LF antenna is marginal.");
2965 if (vHf<2000)
2966 PrintToScrollback("# Your HF antenna is unusable.");
2967 else if (vHf<5000)
2968 PrintToScrollback("# Your HF antenna is marginal.");
2969 break;
2970 }
2971 default:
2972 PrintToScrollback("unrecognized command %08x\n", c->cmd);
2973 break;
2974 }
2975 }
Proxmark3 GIT tracking
Impressum, Datenschutz