- if(simType == 0) {
- // Use the CSN from commandline
- memcpy(emulator, datain, 8);
- doIClassSimulation(MODE_SIM_CSN,NULL);
- }else if(simType == 1)
- {
- //Default CSN
- uint8_t csn_crc[] = { 0x03, 0x1f, 0xec, 0x8a, 0xf7, 0xff, 0x12, 0xe0, 0x00, 0x00 };
- // Use the CSN from commandline
- memcpy(emulator, csn_crc, 8);
- doIClassSimulation(MODE_SIM_CSN,NULL);
- }
- else if(simType == 2)
- {
-
- uint8_t mac_responses[USB_CMD_DATA_SIZE] = { 0 };
- Dbprintf("Going into attack mode, %d CSNS sent", numberOfCSNS);
- // In this mode, a number of csns are within datain. We'll simulate each one, one at a time
- // in order to collect MAC's from the reader. This can later be used in an offlne-attack
- // in order to obtain the keys, as in the "dismantling iclass"-paper.
- int i = 0;
- for( ; i < numberOfCSNS && i*8+8 < USB_CMD_DATA_SIZE; i++)
- {
- // The usb data is 512 bytes, fitting 65 8-byte CSNs in there.
-
- memcpy(emulator, datain+(i*8), 8);
- if(doIClassSimulation(MODE_EXIT_AFTER_MAC,mac_responses+i*8))
- {
- cmd_send(CMD_ACK,CMD_SIMULATE_TAG_ICLASS,i,0,mac_responses,i*8);
- return; // Button pressed
- }
- }
- cmd_send(CMD_ACK,CMD_SIMULATE_TAG_ICLASS,i,0,mac_responses,i*8);
-
- }else if(simType == 3){
- //This is 'full sim' mode, where we use the emulator storage for data.
- doIClassSimulation(MODE_FULLSIM, NULL);
- }
- else{
- // We may want a mode here where we hardcode the csns to use (from proxclone).
- // That will speed things up a little, but not required just yet.
- Dbprintf("The mode is not implemented, reserved for future use");
- }
- Dbprintf("Done...");
-
-}
-void AppendCrc(uint8_t* data, int len)
-{
- ComputeCrc14443(CRC_ICLASS,data,len,data+len,data+len+1);