git.zerfleddert.de Git - proxmark3-svn/blob - client/cmdlft55xx.h

   1 //-----------------------------------------------------------------------------
   2 //
   3 // This code is licensed to you under the terms of the GNU GPL, version 2 or,
   4 // at your option, any later version. See the LICENSE.txt file for the text of
   5 // the license.
   6 //-----------------------------------------------------------------------------
   7 // Low frequency T55xx commands
   8 //-----------------------------------------------------------------------------
   9
  10 #ifndef CMDLFT55XX_H__
  11 #define CMDLFT55XX_H__
  12
  13 #include <stdio.h>
  14 #include <string.h>
  15 #include <inttypes.h>
  16 #include "proxmark3.h"
  17 #include "ui.h"
  18 #include "graph.h"
  19 #include "cmdmain.h"
  20 #include "cmdparser.h"
  21 #include "cmddata.h"
  22 #include "cmdlf.h"
  23 #include "util.h"
  24 #include "data.h"
  25 #include "lfdemod.h"
  26 #include "cmdhf14a.h" //for getTagInfo
  27
  28
  29 #define T55x7_CONFIGURATION_BLOCK 0x00
  30 #define T55x7_PAGE0 0x00
  31 #define T55x7_PAGE1 0x01
  32 #define T55x7_PWD       0x00000010
  33 #define REGULAR_READ_MODE_BLOCK 0xFF
  34
  35 // config blocks
  36 #define T55X7_DEFAULT_CONFIG_BLOCK      0x000880E8      // compat mode, data rate 32, manchester, ST, 7 data blocks
  37 #define T55X7_RAW_CONFIG_BLOCK          0x000880E0      // compat mode, data rate 32, manchester, 7 data blocks
  38 #define T55X7_EM_UNIQUE_CONFIG_BLOCK    0x00148040      // emulate em4x02/unique - compat mode, manchester, data rate 64, 2 data blocks
  39 // FDXB requires data inversion and BiPhase 57 is simply BipHase 50 inverted, so we can either do it using the modulation scheme or the inversion flag
  40 // we've done both below to prove that it works either way, and the modulation value for BiPhase 50 in the Atmel data sheet of binary "10001" (17) is a typo,
  41 // and it should actually be "10000" (16)
  42 // #define T55X7_FDXB_CONFIG_BLOCK         903F8080  // emulate fdx-b - xtended mode, BiPhase ('57), data rate 32, 4 data blocks
  43 #define T55X7_FDXB_CONFIG_BLOCK         0x903F0082  // emulate fdx-b - xtended mode, BiPhase ('50), invert data, data rate 32, 4 data blocks
  44 #define T55X7_HID_26_CONFIG_BLOCK       0x00107060  // hid 26 bit - compat mode, FSK2a, data rate 50, 3 data blocks
  45 #define T55X7_PYRAMID_CONFIG_BLOCK              0x00107080  // Pyramid 26 bit - compat mode, FSK2a, data rate 50, 4 data blocks
  46 #define T55X7_INDALA_64_CONFIG_BLOCK    0x00081040  // emulate indala 64 bit - compat mode, PSK1, psk carrier FC * 2, data rate 32, maxblock 2
  47 #define T55X7_INDALA_224_CONFIG_BLOCK   0x000810E0  // emulate indala 224 bit - compat mode, PSK1, psk carrier FC * 2, data rate 32, maxblock 7
  48 #define T55X7_GUARDPROXII_CONFIG_BLOCK  0x00150060      // bitrate 64pcb, Direct modulation, Biphase, 3 data blocks
  49 #define T55X7_VIKING_CONFIG_BLOCK               0x00088040      // compat mode, data rate 32, Manchester, 2 data blocks
  50 #define T55X7_NORALYS_CONFIG_BLOCK              0x00088C6A      // compat mode,   (NORALYS - KCP3000)
  51 #define T55X7_IOPROX_CONFIG_BLOCK               0x00147040  // maxblock 2
  52 #define T55X7_PRESCO_CONFIG_BLOCK               0x00088088  // data rate 32, Manchester, 5 data blocks, STT
  53 #define T55X7_bin 0b0010
  54
  55 #define T5555_DEFAULT_CONFIG_BLOCK              0x6001F004  // data rate 64 , ask, manchester, 2 data blocks?
  56 enum {
  57         T55x7_RAW = 0x00,
  58         T55x7_DEFAULT = 0x00,
  59         T5555_DEFAULT = 0x01,
  60         EM_UNIQUE  = 0x0,
  61         FDBX = 0x02,
  62         HID_26 = 0x03,
  63         INDALA_64 = 0x04,
  64         INDALA_224 = 0x05,
  65         GUARDPROXXII = 0x06,
  66         VIKING = 0x07,
  67         NORALSYS = 0x08,
  68         IOPROX = 0x09,
  69 } t55xx_tag;
  70
  71 typedef struct {
  72         uint32_t bl1;
  73         uint32_t bl2;
  74         uint32_t acl;
  75         uint32_t mfc;
  76         uint32_t cid;
  77         uint32_t year;
  78         uint32_t quarter;
  79         uint32_t icr;
  80         uint32_t lotid;
  81         uint32_t wafer;
  82         uint32_t dw;
  83 } t55x7_tracedata_t;
  84
  85 typedef struct {
  86         uint32_t bl1;
  87         uint32_t bl2;
  88         uint32_t icr;
  89         char lotidc;
  90         uint32_t lotid;
  91         uint32_t wafer;
  92         uint32_t dw;
  93 } t5555_tracedata_t;
  94
  95 typedef struct {
  96         enum {
  97                 DEMOD_NRZ  = 0x00,
  98                 DEMOD_PSK1 = 0x01,
  99                 DEMOD_PSK2 = 0x02,
 100                 DEMOD_PSK3 = 0x03,
 101                 DEMOD_FSK1  = 0x04,
 102                 DEMOD_FSK1a = 0x05,
 103                 DEMOD_FSK2  = 0x06,
 104                 DEMOD_FSK2a = 0x07,
 105                 DEMOD_FSK   = 0xF0, //generic FSK (auto detect FCs)
 106                 DEMOD_ASK  = 0x08,
 107                 DEMOD_BI   = 0x10,
 108                 DEMOD_BIa  = 0x18,
 109         }  modulation;
 110         bool inverted;
 111         uint8_t offset;
 112         uint32_t block0;
 113         enum {
 114                 RF_8 = 0x00,
 115                 RF_16 = 0x01,
 116                 RF_32 = 0x02,
 117                 RF_40 = 0x03,
 118                 RF_50 = 0x04,
 119                 RF_64 = 0x05,
 120                 RF_100 = 0x06,
 121                 RF_128 = 0x07,
 122         } bitrate;
 123         bool Q5;
 124         bool ST;
 125 } t55xx_conf_block_t;
 126 t55xx_conf_block_t Get_t55xx_Config();
 127 void Set_t55xx_Config(t55xx_conf_block_t conf);
 128
 129 int CmdLFT55XX(const char *Cmd);
 130 int CmdT55xxSetConfig(const char *Cmd);
 131 int CmdT55xxReadBlock(const char *Cmd);
 132 int CmdT55xxWriteBlock(const char *Cmd);
 133 int CmdT55xxReadTrace(const char *Cmd);
 134 int CmdT55xxInfo(const char *Cmd);
 135 int CmdT55xxDetect(const char *Cmd);
 136 int CmdResetRead(const char *Cmd);
 137 int CmdT55xxWipe(const char *Cmd);
 138 int CmdT55xxBruteForce(const char *Cmd);
 139
 140 char * GetBitRateStr(uint32_t id);
 141 char * GetSaferStr(uint32_t id);
 142 char * GetModulationStr( uint32_t id);
 143 char * GetModelStrFromCID(uint32_t cid);
 144 char * GetSelectedModulationStr( uint8_t id);
 145 uint32_t PackBits(uint8_t start, uint8_t len, uint8_t *bitstream);
 146 void printT5xxHeader(uint8_t page);
 147 void printT55xxBlock(const char *demodStr);
 148 int printConfiguration( t55xx_conf_block_t b);
 149
 150 bool DecodeT55xxBlock();
 151 bool tryDetectModulation();
 152 bool testKnownConfigBlock(uint32_t block0);
 153 bool test(uint8_t mode, uint8_t *offset, int *fndBitRate, uint8_t clk, bool *Q5);
 154 int special(const char *Cmd);
 155 int AquireData( uint8_t page, uint8_t block, bool pwdmode, uint32_t password );
 156
 157 bool detectPassword(int password);
 158
 159 void printT55x7Trace( t55x7_tracedata_t data, uint8_t repeat );
 160 void printT5555Trace( t5555_tracedata_t data, uint8_t repeat );
 161
 162 #endif