]>
git.zerfleddert.de Git - proxmark3-svn/blob - armsrc/mifaresniff.c
1 //-----------------------------------------------------------------------------
4 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
5 // at your option, any later version. See the LICENSE.txt file for the text of
7 //-----------------------------------------------------------------------------
8 // Routines to support mifare classic sniffer.
9 //-----------------------------------------------------------------------------
11 #include "mifaresniff.h"
14 static int sniffState
= SNF_INIT
;
15 static uint8_t sniffUIDType
;
16 static uint8_t sniffUID
[8];
17 static uint8_t sniffATQA
[2];
18 static uint8_t sniffSAK
;
19 static uint8_t sniffBuf
[16];
20 static int timerData
= 0;
23 int MfSniffInit(void){
25 memset(sniffUID
, 0x00, 8);
26 memset(sniffATQA
, 0x00, 2);
28 sniffUIDType
= SNF_UID_4
;
34 UsbCommand ack
= {CMD_ACK
, {0, 0, 0}};
37 UsbSendPacket((uint8_t *)&ack
, sizeof(UsbCommand
));
43 int RAMFUNC
MfSniffLogic(const uint8_t * data
, int len
, uint32_t parity
, int bitCnt
, int reader
) {
45 if ((len
== 1) && (bitCnt
= 9) && (data
[0] > 0x0F)) {
46 sniffState
= SNF_INIT
;
51 if ((reader
) && (len
== 1) && (bitCnt
== 9) && ((data
[0] == 0x26) || (data
[0] == 0x52))) {
52 sniffUIDType
= SNF_UID_4
;
53 memset(sniffUID
, 0x00, 8);
54 memset(sniffATQA
, 0x00, 2);
57 sniffState
= SNF_WUPREQ
;
62 if ((!reader
) && (len
== 2)) {
63 memcpy(sniffATQA
, data
, 2);
65 sniffState
= SNF_ATQA
;
70 if ((reader
) && (len
== 2) && (data
[0] == 0x93) && (data
[1] == 0x20)) {
71 sniffState
= SNF_ANTICOL1
;
76 if ((!reader
) && (len
== 5) && ((data
[0] ^ data
[1] ^ data
[2] ^ data
[3]) == data
[4])) {
77 memcpy(sniffUID
+ 3, data
, 4);
79 sniffState
= SNF_UID1
;
84 if ((reader
) && (len
== 9) && (data
[0] == 0x93) && (data
[1] == 0x70) && (CheckCrc14443(CRC_14443_A
, data
, 9))) {
90 if ((!reader
) && (len
== 3) && (CheckCrc14443(CRC_14443_A
, data
, 3))) {
92 if (sniffUID
[3] == 0x88) {
93 sniffState
= SNF_ANTICOL2
;
95 sniffState
= SNF_CARD_IDLE
;
101 if ((!reader
) && (len
== 5) && ((data
[0] ^ data
[1] ^ data
[2] ^ data
[3]) == data
[4])) {
102 memcpy(sniffUID
, data
, 4);
103 sniffUIDType
= SNF_UID_7
;
105 sniffState
= SNF_UID2
;
110 if ((reader
) && (len
== 9) && (data
[0] == 0x95) && (data
[1] == 0x70) && (CheckCrc14443(CRC_14443_A
, data
, 9))) {
111 sniffState
= SNF_SAK
;
119 memcpy(sniffBuf
+ 2, sniffUID
, 7);
120 memcpy(sniffBuf
+ 9, sniffATQA
, 2);
121 sniffBuf
[11] = sniffSAK
;
124 LogTrace(sniffBuf
, 14, 0, parity
, true);
125 timerData
= GetTickCount();
128 LogTrace(data
, len
, 0, parity
, true);
130 sniffState
= SNF_CARD_RESP
;
131 timerData
= GetTickCount();
135 LogTrace(data
, len
, 0, parity
, false);
137 sniffState
= SNF_CARD_CMD
;
138 timerData
= GetTickCount();
143 sniffState
= SNF_INIT
;
150 int RAMFUNC
MfSniffSend(int maxTimeoutMs
) {
151 if (traceLen
&& (timerData
+ maxTimeoutMs
< GetTickCount())) {
152 return intMfSniffSend();
157 // internal seding function. not a RAMFUNC.
158 int intMfSniffSend() {
161 int pckLen
= traceLen
;
164 if (!traceLen
) return 0;
169 pckSize
= MIN(32, pckLen
);
170 UsbCommand ack
= {CMD_ACK
, {1, pckSize
, pckNum
}};
171 memcpy(ack
.d
.asBytes
, trace
+ traceLen
- pckLen
, pckSize
);
174 UsbSendPacket((uint8_t *)&ack
, sizeof(UsbCommand
));
182 UsbCommand ack
= {CMD_ACK
, {2, 0, 0}};
185 UsbSendPacket((uint8_t *)&ack
, sizeof(UsbCommand
));
189 memset(trace
, 0x44, TRACE_SIZE
);