// if anticollision is false, then the UID must be provided in uid_ptr[]
// and num_cascades must be set (1: 4 Byte UID, 2: 7 Byte UID, 3: 10 Byte UID)
int iso14443a_select_card(byte_t *uid_ptr, iso14a_card_select_t *p_hi14a_card, uint32_t *cuid_ptr, bool anticollision, uint8_t num_cascades) {
- uint8_t wupa[] = { 0x52 }; // 0x26 - REQA 0x52 - WAKE-UP
- uint8_t sel_all[] = { 0x93,0x20 };
- uint8_t sel_uid[] = { 0x93,0x70,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
- uint8_t rats[] = { 0xE0,0x80,0x00,0x00 }; // FSD=256, FSDI=8, CID=0
+ uint8_t wupa[] = { ISO14443A_CMD_WUPA }; // 0x26 - ISO14443A_CMD_REQA 0x52 - ISO14443A_CMD_WUPA
+ uint8_t sel_all[] = { ISO14443A_CMD_ANTICOLL_OR_SELECT,0x20 };
+ uint8_t sel_uid[] = { ISO14443A_CMD_ANTICOLL_OR_SELECT,0x70,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
+ uint8_t rats[] = { ISO14443A_CMD_RATS,0x80,0x00,0x00 }; // FSD=256, FSDI=8, CID=0
uint8_t resp[MAX_FRAME_SIZE] = {0}; // theoretically. A usual RATS will be much smaller
uint8_t resp_par[MAX_PARITY_SIZE] = {0};
byte_t uid_resp[4] = {0};
}
void iso14443a_setup(uint8_t fpga_minor_mode) {
+
FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
// Set up the synchronous serial port
FpgaSetupSsc();
// connect Demodulated Signal to ADC:
SetAdcMuxFor(GPIO_MUXSEL_HIPKD);
- FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_ISO14443A | fpga_minor_mode);
-
LED_D_OFF();
// Signal field is on with the appropriate LED
if (fpga_minor_mode == FPGA_HF_ISO14443A_READER_MOD ||
fpga_minor_mode == FPGA_HF_ISO14443A_READER_LISTEN)
LED_D_ON();
- // Prepare the demodulation functions
- DemodReset();
- UartReset();
-
- iso14a_set_timeout(10*106); // 10ms default
+ FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_ISO14443A | fpga_minor_mode);
- //NextTransferTime = 2 * DELAY_ARM2AIR_AS_READER;
- NextTransferTime = DELAY_ARM2AIR_AS_READER << 1;
+ SpinDelay(20);
// Start the timer
StartCountSspClk();
+
+ // Prepare the demodulation functions
+ DemodReset();
+ UartReset();
+ NextTransferTime = 2 * DELAY_ARM2AIR_AS_READER;
+ iso14a_set_timeout(10*106); // 20ms default
}
int iso14_apdu(uint8_t *cmd, uint16_t cmd_len, void *data) {
return len;
}
+
//-----------------------------------------------------------------------------
// Read an ISO 14443a tag. Send out commands and store answers.
-//
//-----------------------------------------------------------------------------
void ReaderIso14443a(UsbCommand *c) {
iso14a_command_t param = c->arg[0];
uint32_t nttmp1 = nt1;
uint32_t nttmp2 = nt2;
- for (uint16_t i = 1; i < 0xFFFF; ++i) {
+ for (uint16_t i = 1; i < 32768/8; ++i) {
nttmp1 = prng_successor(nttmp1, 1); if (nttmp1 == nt2) return i;
nttmp2 = prng_successor(nttmp2, 1); if (nttmp2 == nt1) return -i;
- }
+
+ nttmp1 = prng_successor(nttmp1, 1); if (nttmp1 == nt2) return i+1;
+ nttmp2 = prng_successor(nttmp2, 1); if (nttmp2 == nt1) return -(i+1);
+
+ nttmp1 = prng_successor(nttmp1, 1); if (nttmp1 == nt2) return i+2;
+ nttmp2 = prng_successor(nttmp2, 1); if (nttmp2 == nt1) return -(i+2);
+
+ nttmp1 = prng_successor(nttmp1, 1); if (nttmp1 == nt2) return i+3;
+ nttmp2 = prng_successor(nttmp2, 1); if (nttmp2 == nt1) return -(i+3);
+
+ nttmp1 = prng_successor(nttmp1, 1); if (nttmp1 == nt2) return i+4;
+ nttmp2 = prng_successor(nttmp2, 1); if (nttmp2 == nt1) return -(i+4);
+
+ nttmp1 = prng_successor(nttmp1, 1); if (nttmp1 == nt2) return i+5;
+ nttmp2 = prng_successor(nttmp2, 1); if (nttmp2 == nt1) return -(i+5);
+
+ nttmp1 = prng_successor(nttmp1, 1); if (nttmp1 == nt2) return i+6;
+ nttmp2 = prng_successor(nttmp2, 1); if (nttmp2 == nt1) return -(i+6);
+
+ nttmp1 = prng_successor(nttmp1, 1); if (nttmp1 == nt2) return i+7;
+ nttmp2 = prng_successor(nttmp2, 1); if (nttmp2 == nt1) return -(i+7);
+ }
// either nt1 or nt2 are invalid nonces
return(-99999);
}
iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD);
sync_time = GetCountSspClk() & 0xfffffff8;
- // iceman, i add 1130 because during my observations this makse the syncronization much fast to sync.
- sync_cycles = PRNG_SEQUENCE_LENGTH + 1130; //65536; // Mifare Classic's random generator repeats every 2^16 cycles (and so do the nonces).
+ sync_cycles = PRNG_SEQUENCE_LENGTH; // Mifare Classic's random generator repeats every 2^16 cycles (and so do the nonces).
nt_attacked = 0;
if (MF_DBGLEVEL >= 4) Dbprintf("Mifare::Sync %08x", sync_time);
// we didn't calibrate our clock yet,
// iceman: has to be calibrated every time.
- if (first_try && previous_nt && !nt_attacked) {
+ if (previous_nt && !nt_attacked) {
nt_distance = dist_nt(previous_nt, nt);
}
LED_B_OFF();
- if ((nt != nt_attacked) && nt_attacked) { // we somehow lost sync. Try to catch up again...
+ if ( (nt != nt_attacked) && nt_attacked) { // we somehow lost sync. Try to catch up again...
catch_up_cycles = ABS(dist_nt(nt_attacked, nt));
if (catch_up_cycles == 99999) { // invalid nonce received. Don't resync on that one.