PrintAndLog(" h : this help");
PrintAndLog(" <offset> : offset in data array to start download from");
PrintAndLog(" <length> : number of bytes to download");
- PrintAndLog(" <IV> : (optional) Initialization vector to use");
+ PrintAndLog(" <IV> : (optional) Initialization vector to use (ODD and 7bits)");
PrintAndLog("");
PrintAndLog("Samples:");
PrintAndLog(" hf legic read");
PrintAndLog(" h : this help");
PrintAndLog(" <offset> : offset in data array to start writing from");
PrintAndLog(" <length> : number of bytes to write");
- PrintAndLog(" <IV> : (optional) Initialization vector to use");
+ PrintAndLog(" <IV> : (optional) Initialization vector to use (ODD and 7bits)");
PrintAndLog("");
PrintAndLog("Samples:");
PrintAndLog(" hf legic write");
PrintAndLog(" h : this help");
PrintAndLog(" <address> : address to write to");
PrintAndLog(" <value> : value to write");
- PrintAndLog(" <IV> : (optional) Initialization vector to use");
+ PrintAndLog(" <IV> : (optional) Initialization vector to use (ODD and 7bits)");
PrintAndLog("");
PrintAndLog("Samples:");
PrintAndLog(" hf legic writeraw");
int i = 0, k = 0, segmentNum = 0, segment_len = 0, segment_flag = 0;
int crc = 0, wrp = 0, wrc = 0;
uint8_t stamp_len = 0;
- uint8_t data_buf[1052]; // receiver buffer
+ uint8_t data_buf[1024]; // receiver buffer
char token_type[5] = {0,0,0,0,0};
int dcf = 0;
int bIsSegmented = 0;
- // download EML memory, where the "legic read" command puts the data.
- GetEMLFromBigBuf(data_buf, sizeof(data_buf), 0);
+ // copy data from proxmark into buffer
+ GetFromBigBuf(data_buf,sizeof(data_buf),0);
if ( !WaitForResponseTimeout(CMD_ACK, NULL, 2000)){
PrintAndLog("Command execute timeout");
return 1;
char cmdp = param_getchar(Cmd, 0);
if ( cmdp == 'H' || cmdp == 'h' ) return usage_legic_read();
- uint32_t offset = 0, len = 0, IV = 0;
+ uint32_t offset = 0, len = 0, IV = 1;
sscanf(Cmd, "%x %x %x", &offset, &len, &IV);
// OUT-OF-BOUNDS check
if(len + offset > MAX_LENGTH) len = MAX_LENGTH - offset;
- IV &= 0x7F;
+ if ( (IV & 0x7F) != IV ){
+ IV &= 0x7F;
+ PrintAndLog("Truncating IV to 7bits");
+ }
+ if ( (IV & 1) == 0 ){
+ IV |= 0x01; // IV must be odd
+ PrintAndLog("LSB of IV must be SET");
+ }
PrintAndLog("Current IV: 0x%02x", IV);
- UsbCommand c= {CMD_READER_LEGIC_RF, {offset, len, IV}};
+ // get some prng bytes from
+ uint8_t temp[12];
+ legic_prng_init(IV);
+ for ( uint8_t j = 0; j < sizeof(temp); ++j)
+ temp[j] = legic_prng_get_bits(8);
+
+ PrintAndLog("PRNG: %s", sprint_hex(temp, sizeof(temp)));
+
+ UsbCommand c = {CMD_READER_LEGIC_RF, {offset, len, IV}};
clearCommandBuffer();
SendCommand(&c);
+ UsbCommand resp;
+ if (WaitForResponseTimeout(CMD_ACK, &resp, 2000)) {
+ uint8_t isOK = resp.arg[0] & 0xFF;
+ uint16_t len = resp.arg[1] & 0x3FF;
+ if ( isOK ) {
+ PrintAndLog("use 'hf legic decode'");
+ }
+ uint8_t *data = resp.d.asBytes;
+ PrintAndLog("\nData |");
+ PrintAndLog("-----------------------------");
+ PrintAndLog(" %s|\n", sprint_hex(data, len));
+ // }
+ } else {
+ PrintAndLog("command execution time out");
+ return 1;
+ }
return 0;
}
char cmdp = param_getchar(Cmd, 0);
if ( cmdp == 'H' || cmdp == 'h' ) return usage_legic_write();
- uint32_t offset = 0, len = 0, IV = SESSION_IV;
+ uint32_t offset = 0, len = 0, IV = 0;
UsbCommand c = {CMD_WRITER_LEGIC_RF, {0,0,0}};
int res = sscanf(Cmd, "%x %x %x", &offset, &len, &IV);
// OUT-OF-BOUNDS check
if(len + offset > MAX_LENGTH) len = MAX_LENGTH - offset;
+ if ( (IV & 0x7F) != IV ){
+ IV &= 0x7F;
+ PrintAndLog("Truncating IV to 7bits");
+ }
+ if ( (IV & 1) == 0 ){
+ IV |= 0x01; // IV must be odd
+ PrintAndLog("LSB of IV must be SET");
+ }
- IV &= 0x7F;
PrintAndLog("Current IV: 0x%02x", IV);
c.arg[0] = offset;
char cmdp = param_getchar(Cmd, 0);
if ( cmdp == 'H' || cmdp == 'h' ) return usage_legic_rawwrite();
- uint32_t address = 0, data = 0, IV = SESSION_IV;
+ uint32_t address = 0, data = 0, IV = 0;
char answer;
UsbCommand c = { CMD_RAW_WRITER_LEGIC_RF, {0,0,0} };
if(address > MAX_LENGTH)
return usage_legic_rawwrite();
- IV &= 0x7F;
+ if ( (IV & 0x7F) != IV ){
+ IV &= 0x7F;
+ PrintAndLog("Truncating IV to 7bits");
+ }
+ if ( (IV & 1) == 0 ){
+ IV |= 0x01; // IV must be odd
+ PrintAndLog("LSB of IV must be SET");
+ }
PrintAndLog("Current IV: 0x%02x", IV);
c.arg[0] = address;
return 0;
}
+void static calc4(uint8_t *cmd, uint8_t len){
+ crc_t crc;
+ //crc_init_ref(&crc, 4, 0x19 >> 1, 0x5, 0, TRUE, TRUE);
+ crc_init(&crc, 4, 0x19 >> 1, 0x5, 0);
+
+ crc_clear(&crc);
+ crc_update(&crc, 1, 1); /* CMD_READ */
+ crc_update(&crc, cmd[0], 8);
+ crc_update(&crc, cmd[1], 8);
+ printf("crc4 %X\n", reflect(crc_finish(&crc), 4) ) ;
+
+ crc_clear(&crc);
+ crc_update(&crc, 1, 1); /* CMD_READ */
+ crc_update(&crc, cmd[0], 8);
+ crc_update(&crc, cmd[1], 8);
+ printf("crc4 %X\n", crc_finish(&crc), 4 ) ;
+
+ printf("---- old ---\n");
+ crc_update2(&crc, 1, 1); /* CMD_READ */
+ crc_update2(&crc, cmd[0], 8);
+ crc_update2(&crc, cmd[1], 8);
+ printf("crc4 %X \n", reflect(crc_finish(&crc), 4) ) ;
+
+
+ crc_clear(&crc);
+ crc_update2(&crc, 1, 1); /* CMD_READ */
+ crc_update2(&crc, cmd[0], 8);
+ crc_update2(&crc, cmd[1], 8);
+ printf("crc4 %X\n", crc_finish(&crc), 4 ) ;
+}
+
int CmdLegicCalcCrc8(const char *Cmd){
uint8_t *data = NULL;
switch (type){
case 16:
- PrintAndLog("LEGIC CRC16: %X", CRC16Legic(data, len, uidcrc));
+ PrintAndLog("Legic crc16: %X", CRC16Legic(data, len, uidcrc));
+ break;
+ case 4:
+ calc4(data, 0);
break;
default:
- PrintAndLog("LEGIC CRC8: %X", CRC8Legic(data, len) );
+ PrintAndLog("Legic crc8: %X", CRC8Legic(data, len) );
break;
}
{"writeraw",CmdLegicRfRawWrite, 0, "<address> <value> <iv> -- Write direct to address"},
{"fill", CmdLegicRfFill, 0, "<offset> <length> <value> -- Fill/Write tag with constant value"},
{"crc8", CmdLegicCalcCrc8, 1, "Calculate Legic CRC8 over given hexbytes"},
+ {"info", CmdLegicCalcCrc8, 1, "Information"},
{NULL, NULL, 0, NULL}
};
projects / proxmark3-svn / blobdiff