uint8_t *dest = BigBuf_get_addr();
uint8_t halfClk = clock/2;
// c = current bit 1 or 0
- if (manchester){
+ if (manchester==1){
memset(dest+(*n), c, halfClk);
memset(dest+(*n) + halfClk, c^1, halfClk);
} else {
*n += clock;
}
+static void biphaseSimBit(uint8_t c, int *n, uint8_t clock, uint8_t *phase)
+{
+ uint8_t *dest = BigBuf_get_addr();
+ uint8_t halfClk = clock/2;
+ if (c){
+ memset(dest+(*n), c ^ 1 ^ *phase, halfClk);
+ memset(dest+(*n) + halfClk, c ^ *phase, halfClk);
+ } else {
+ memset(dest+(*n), c ^ *phase, clock);
+ *phase ^= 1;
+ }
+
+}
+
// args clock, ask/man or askraw, invert, transmission separator
void CmdASKsimTag(uint16_t arg1, uint16_t arg2, size_t size, uint8_t *BitStream)
{
int ledcontrol = 1;
int n=0, i=0;
uint8_t clk = (arg1 >> 8) & 0xFF;
- uint8_t manchester = arg1 & 1;
+ uint8_t encoding = arg1 & 1;
uint8_t separator = arg2 & 1;
uint8_t invert = (arg2 >> 8) & 1;
- for (i=0; i<size; i++){
- askSimBit(BitStream[i]^invert, &n, clk, manchester);
- }
- if (manchester==0 && BitStream[0]==BitStream[size-1]){ //run a second set inverted (for biphase phase)
+
+ if (encoding==2){ //biphase
+ uint8_t phase=0;
for (i=0; i<size; i++){
- askSimBit(BitStream[i]^invert^1, &n, clk, manchester);
+ biphaseSimBit(BitStream[i]^invert, &n, clk, &phase);
+ }
+ if (BitStream[0]==BitStream[size-1]){ //run a second set inverted to keep phase in check
+ for (i=0; i<size; i++){
+ biphaseSimBit(BitStream[i]^invert, &n, clk, &phase);
+ }
+ }
+ } else { // ask/manchester || ask/raw
+ for (i=0; i<size; i++){
+ askSimBit(BitStream[i]^invert, &n, clk, encoding);
+ }
+ if (encoding==0 && BitStream[0]==BitStream[size-1]){ //run a second set inverted (for biphase phase)
+ for (i=0; i<size; i++){
+ askSimBit(BitStream[i]^invert^1, &n, clk, encoding);
+ }
}
}
+
if (separator==1) Dbprintf("sorry but separator option not yet available");
- Dbprintf("Simulating with clk: %d, invert: %d, manchester: %d, separator: %d, n: %d",clk, invert, manchester, separator, n);
+ Dbprintf("Simulating with clk: %d, invert: %d, encoding: %d, separator: %d, n: %d",clk, invert, encoding, separator, n);
//DEBUG
//Dbprintf("First 32:");
//uint8_t *dest = BigBuf_get_addr();
{
uint8_t *dest = BigBuf_get_addr();
- size_t size=0, idx=0;
+ size_t size=0, idx=0;
int clk=0, invert=0, errCnt=0, maxErr=20;
+ uint32_t hi=0;
uint64_t lo=0;
// Configure to go in 125Khz listen mode
LFSetupFPGAForADC(95, true);
WDT_HIT();
if (ledcontrol) LED_A_ON();
- DoAcquisition_default(-1,true);
- size = BigBuf_max_traceLen();
+ DoAcquisition_default(-1,true);
+ size = BigBuf_max_traceLen();
//Dbprintf("DEBUG: Buffer got");
- //askdemod and manchester decode
- errCnt = askmandemod(dest, &size, &clk, &invert, maxErr);
+ //askdemod and manchester decode
+ errCnt = askmandemod(dest, &size, &clk, &invert, maxErr);
//Dbprintf("DEBUG: ASK Got");
WDT_HIT();
if (errCnt>=0){
- lo = Em410xDecode(dest, &size, &idx);
+ errCnt = Em410xDecode(dest, &size, &idx, &hi, &lo);
//Dbprintf("DEBUG: EM GOT");
- if (lo>0){
- Dbprintf("EM TAG ID: %02x%08x - (%05d_%03d_%08d)",
- (uint32_t)(lo>>32),
- (uint32_t)lo,
- (uint32_t)(lo&0xFFFF),
- (uint32_t)((lo>>16LL) & 0xFF),
- (uint32_t)(lo & 0xFFFFFF));
+ if (errCnt){
+ if (size>64){
+ Dbprintf("EM XL TAG ID: %06x%08x%08x - (%05d_%03d_%08d)",
+ hi,
+ (uint32_t)(lo>>32),
+ (uint32_t)lo,
+ (uint32_t)(lo&0xFFFF),
+ (uint32_t)((lo>>16LL) & 0xFF),
+ (uint32_t)(lo & 0xFFFFFF));
+ } else {
+ Dbprintf("EM TAG ID: %02x%08x - (%05d_%03d_%08d)",
+ (uint32_t)(lo>>32),
+ (uint32_t)lo,
+ (uint32_t)(lo&0xFFFF),
+ (uint32_t)((lo>>16LL) & 0xFF),
+ (uint32_t)(lo & 0xFFFFFF));
+ }
}
if (findone){
if (ledcontrol) LED_A_OFF();
* To compensate antenna falling times shorten the write times
* and enlarge the gap ones.
*/
-#define START_GAP 250
-#define WRITE_GAP 160
-#define WRITE_0 144 // 192
-#define WRITE_1 400 // 432 for T55x7; 448 for E5550
+#define START_GAP 50*8 // 10 - 50fc 250
+#define WRITE_GAP 20*8 // - 30fc 160
+#define WRITE_0 24*8 // 16 - 63fc 54fc 144
+#define WRITE_1 54*8 // 48 - 63fc 54fc 432 for T55x7; 448 for E5550 //400
+
+#define T55xx_SAMPLES_SIZE 12000 // 32 x 32 x 10 (32 bit times numofblock (7), times clock skip..)
// Write one bit to card
void T55xxWriteBit(int bit)
// Write one card block in page 0, no lock
void T55xxWriteBlock(uint32_t Data, uint32_t Block, uint32_t Pwd, uint8_t PwdMode)
{
- //unsigned int i; //enio adjustment 12/10/14
- uint32_t i;
+ uint32_t i = 0;
- FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
- FpgaSendCommand(FPGA_CMD_SET_DIVISOR, 95); //125Khz
- FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC | FPGA_LF_ADC_READER_FIELD);
-
- // Give it a bit of time for the resonant antenna to settle.
- // And for the tag to fully power up
- SpinDelay(150);
+ // Set up FPGA, 125kHz
+ // Wait for config.. (192+8190xPOW)x8 == 67ms
+ LFSetupFPGAForADC(0, true);
// Now start writting
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
}
+void TurnReadLFOn(){
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC | FPGA_LF_ADC_READER_FIELD);
+ // Give it a bit of time for the resonant antenna to settle.
+ SpinDelayUs(8*150);
+}
+
+
// Read one card block in page 0
void T55xxReadBlock(uint32_t Block, uint32_t Pwd, uint8_t PwdMode)
{
+ uint32_t i = 0;
uint8_t *dest = BigBuf_get_addr();
- //int m=0, i=0; //enio adjustment 12/10/14
- uint32_t m=0, i=0;
- FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
- m = BigBuf_max_traceLen();
- // Clear destination buffer before sending the command
- memset(dest, 128, m);
- // Connect the A/D to the peak-detected low-frequency path.
- SetAdcMuxFor(GPIO_MUXSEL_LOPKD);
- // Now set up the SSC to get the ADC samples that are now streaming at us.
- FpgaSetupSsc();
+ uint16_t bufferlength = BigBuf_max_traceLen();
+ if ( bufferlength > T55xx_SAMPLES_SIZE )
+ bufferlength = T55xx_SAMPLES_SIZE;
- LED_D_ON();
- FpgaSendCommand(FPGA_CMD_SET_DIVISOR, 95); //125Khz
- FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC | FPGA_LF_ADC_READER_FIELD);
-
- // Give it a bit of time for the resonant antenna to settle.
- // And for the tag to fully power up
- SpinDelay(150);
+ // Clear destination buffer before sending the command
+ memset(dest, 0x80, bufferlength);
- // Now start writting
+ // Set up FPGA, 125kHz
+ // Wait for config.. (192+8190xPOW)x8 == 67ms
+ LFSetupFPGAForADC(0, true);
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
SpinDelayUs(START_GAP);
T55xxWriteBit(Block & i);
// Turn field on to read the response
- FpgaSendCommand(FPGA_CMD_SET_DIVISOR, 95); //125Khz
- FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC | FPGA_LF_ADC_READER_FIELD);
-
+ TurnReadLFOn();
// Now do the acquisition
i = 0;
for(;;) {
if (AT91C_BASE_SSC->SSC_SR & AT91C_SSC_TXRDY) {
AT91C_BASE_SSC->SSC_THR = 0x43;
+ LED_D_ON();
}
if (AT91C_BASE_SSC->SSC_SR & AT91C_SSC_RXRDY) {
dest[i] = (uint8_t)AT91C_BASE_SSC->SSC_RHR;
- // we don't care about actual value, only if it's more or less than a
- // threshold essentially we capture zero crossings for later analysis
- // if(dest[i] < 127) dest[i] = 0; else dest[i] = 1;
i++;
- if (i >= m) break;
+ LED_D_OFF();
+ if (i >= bufferlength) break;
}
}
+ cmd_send(CMD_ACK,0,0,0,0,0);
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); // field off
LED_D_OFF();
- DbpString("DONE!");
}
// Read card traceability data (page 1)
void T55xxReadTrace(void){
+
+ uint32_t i = 0;
uint8_t *dest = BigBuf_get_addr();
- int m=0, i=0;
+ uint16_t bufferlength = BigBuf_max_traceLen();
+ if ( bufferlength > T55xx_SAMPLES_SIZE )
+ bufferlength= T55xx_SAMPLES_SIZE;
- FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
- m = BigBuf_max_traceLen();
// Clear destination buffer before sending the command
- memset(dest, 128, m);
- // Connect the A/D to the peak-detected low-frequency path.
- SetAdcMuxFor(GPIO_MUXSEL_LOPKD);
- // Now set up the SSC to get the ADC samples that are now streaming at us.
- FpgaSetupSsc();
-
- LED_D_ON();
- FpgaSendCommand(FPGA_CMD_SET_DIVISOR, 95); //125Khz
- FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC | FPGA_LF_ADC_READER_FIELD);
-
- // Give it a bit of time for the resonant antenna to settle.
- // And for the tag to fully power up
- SpinDelay(150);
+ memset(dest, 0x80, bufferlength);
- // Now start writting
+ LFSetupFPGAForADC(0, true);
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
SpinDelayUs(START_GAP);
T55xxWriteBit(1); //Page 1
// Turn field on to read the response
- FpgaSendCommand(FPGA_CMD_SET_DIVISOR, 95); //125Khz
- FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC | FPGA_LF_ADC_READER_FIELD);
+ TurnReadLFOn();
// Now do the acquisition
- i = 0;
for(;;) {
if (AT91C_BASE_SSC->SSC_SR & AT91C_SSC_TXRDY) {
AT91C_BASE_SSC->SSC_THR = 0x43;
+ LED_D_ON();
}
if (AT91C_BASE_SSC->SSC_SR & AT91C_SSC_RXRDY) {
dest[i] = (uint8_t)AT91C_BASE_SSC->SSC_RHR;
i++;
- if (i >= m) break;
+ LED_D_OFF();
+
+ if (i >= bufferlength) break;
}
}
+ cmd_send(CMD_ACK,0,0,0,0,0);
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); // field off
LED_D_OFF();
- DbpString("DONE!");
}
/*-------------- Cloning routines -----------*/
projects / proxmark3-svn / blobdiff