X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/2d4eae76177550984019fc7e9dbb6ee54b6e703e..759c16b31f8dcec37458dd6a5973ce0cfce58015:/armsrc/appmain.c diff --git a/armsrc/appmain.c b/armsrc/appmain.c index d7f05d16..eef208a7 100644 --- a/armsrc/appmain.c +++ b/armsrc/appmain.c @@ -10,6 +10,9 @@ // executes. //----------------------------------------------------------------------------- +#include "usb_cdc.h" +#include "cmd.h" + #include "proxmark3.h" #include "apps.h" #include "util.h" @@ -19,10 +22,10 @@ #include <stdarg.h> #include "legicrf.h" +#include <hitag2.h> #ifdef WITH_LCD -# include "fonts.h" -# include "LCD.h" + #include "LCD.h" #endif #define abs(x) ( ((x)<0) ? -(x) : (x) ) @@ -76,39 +79,42 @@ void ToSendStuffBit(int b) void DbpString(char *str) { - /* this holds up stuff unless we're connected to usb */ - if (!UsbConnected()) - return; - - UsbCommand c; - c.cmd = CMD_DEBUG_PRINT_STRING; - c.arg[0] = strlen(str); - if(c.arg[0] > sizeof(c.d.asBytes)) { - c.arg[0] = sizeof(c.d.asBytes); - } - memcpy(c.d.asBytes, str, c.arg[0]); - - UsbSendPacket((uint8_t *)&c, sizeof(c)); - // TODO fix USB so stupid things like this aren't req'd - SpinDelay(50); + byte_t len = strlen(str); + cmd_send(CMD_DEBUG_PRINT_STRING,len,0,0,(byte_t*)str,len); +// /* this holds up stuff unless we're connected to usb */ +// if (!UsbConnected()) +// return; +// +// UsbCommand c; +// c.cmd = CMD_DEBUG_PRINT_STRING; +// c.arg[0] = strlen(str); +// if(c.arg[0] > sizeof(c.d.asBytes)) { +// c.arg[0] = sizeof(c.d.asBytes); +// } +// memcpy(c.d.asBytes, str, c.arg[0]); +// +// UsbSendPacket((uint8_t *)&c, sizeof(c)); +// // TODO fix USB so stupid things like this aren't req'd +// SpinDelay(50); } #if 0 void DbpIntegers(int x1, int x2, int x3) { - /* this holds up stuff unless we're connected to usb */ - if (!UsbConnected()) - return; - - UsbCommand c; - c.cmd = CMD_DEBUG_PRINT_INTEGERS; - c.arg[0] = x1; - c.arg[1] = x2; - c.arg[2] = x3; - - UsbSendPacket((uint8_t *)&c, sizeof(c)); - // XXX - SpinDelay(50); + cmd_send(CMD_DEBUG_PRINT_INTEGERS,x1,x2,x3,0,0); +// /* this holds up stuff unless we're connected to usb */ +// if (!UsbConnected()) +// return; +// +// UsbCommand c; +// c.cmd = CMD_DEBUG_PRINT_INTEGERS; +// c.arg[0] = x1; +// c.arg[1] = x2; +// c.arg[2] = x3; +// +// UsbSendPacket((uint8_t *)&c, sizeof(c)); +// // XXX +// SpinDelay(50); } #endif @@ -125,23 +131,27 @@ void Dbprintf(const char *fmt, ...) { } // prints HEX & ASCII -void Dbhexdump(int len, uint8_t *d) { +void Dbhexdump(int len, uint8_t *d, bool bAsci) { int l=0,i; char ascii[9]; - + while (len>0) { if (len>8) l=8; else l=len; memcpy(ascii,d,l); - ascii[l]=0; + ascii[l]=0; // filter safe ascii - for (i=0;i<l;i++) + for (i=0;i<l;i++) if (ascii[i]<32 || ascii[i]>126) ascii[i]='.'; - - Dbprintf("%-8s %*D",ascii,l,d," "); - + + if (bAsci) { + Dbprintf("%-8s %*D",ascii,l,d," "); + } else { + Dbprintf("%*D",l,d," "); + } + len-=8; d+=8; } @@ -185,14 +195,15 @@ int AvgAdc(int ch) // was static - merlok void MeasureAntennaTuning(void) { - uint8_t *dest = (uint8_t *)BigBuf; - int i, ptr = 0, adcval = 0, peak = 0, peakv = 0, peakf = 0;; + uint8_t *dest = (uint8_t *)BigBuf+FREE_BUFFER_OFFSET; + int i, adcval = 0, peak = 0, peakv = 0, peakf = 0; //ptr = 0 int vLf125 = 0, vLf134 = 0, vHf = 0; // in mV - UsbCommand c; +// UsbCommand c; - DbpString("Measuring antenna characteristics, please wait."); - memset(BigBuf,0,sizeof(BigBuf)); + LED_B_ON(); + DbpString("Measuring antenna characteristics, please wait..."); + memset(dest,0,sizeof(FREE_BUFFER_SIZE)); /* * Sweeps the useful LF range of the proxmark from @@ -202,8 +213,10 @@ void MeasureAntennaTuning(void) * the resonating frequency of your LF antenna * ( hopefully around 95 if it is tuned to 125kHz!) */ + FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_READER); for (i=255; i>19; i--) { + WDT_HIT(); FpgaSendCommand(FPGA_CMD_SET_DIVISOR, i); SpinDelay(20); // Vref = 3.3V, and a 10000:240 voltage divider on the input @@ -217,10 +230,11 @@ void MeasureAntennaTuning(void) peakv = adcval; peak = dest[i]; peakf = i; - ptr = i; + //ptr = i; } } + LED_A_ON(); // Let the FPGA drive the high-frequency antenna around 13.56 MHz. FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_READER_RX_XCORR); SpinDelay(20); @@ -228,11 +242,18 @@ void MeasureAntennaTuning(void) // can measure voltages up to 33000 mV vHf = (33000 * AvgAdc(ADC_CHAN_HF)) >> 10; - c.cmd = CMD_MEASURED_ANTENNA_TUNING; - c.arg[0] = (vLf125 << 0) | (vLf134 << 16); - c.arg[1] = vHf; - c.arg[2] = peakf | (peakv << 16); - UsbSendPacket((uint8_t *)&c, sizeof(c)); +// c.cmd = CMD_MEASURED_ANTENNA_TUNING; +// c.arg[0] = (vLf125 << 0) | (vLf134 << 16); +// c.arg[1] = vHf; +// c.arg[2] = peakf | (peakv << 16); + + DbpString("Measuring complete, sending report back to host"); + cmd_send(CMD_MEASURED_ANTENNA_TUNING,vLf125|(vLf134<<16),vHf,peakf|(peakv<<16),0,0); +// UsbSendPacket((uint8_t *)&c, sizeof(c)); + FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF); + LED_A_OFF(); + LED_B_OFF(); + return; } void MeasureAntennaTuningHf(void) @@ -258,8 +279,7 @@ void MeasureAntennaTuningHf(void) void SimulateTagHfListen(void) { - uint8_t *dest = (uint8_t *)BigBuf; - int n = sizeof(BigBuf); + uint8_t *dest = (uint8_t *)BigBuf+FREE_BUFFER_OFFSET; uint8_t v = 0; int i; int p = 0; @@ -293,7 +313,7 @@ void SimulateTagHfListen(void) p = 0; i++; - if(i >= n) { + if(i >= FREE_BUFFER_SIZE) { break; } } @@ -368,8 +388,9 @@ void SamyRun() for (;;) { - UsbPoll(FALSE); - WDT_HIT(); +// UsbPoll(FALSE); + usb_poll(); + WDT_HIT(); // Was our button held down or pressed? int button_pressed = BUTTON_HELD(1000); @@ -598,26 +619,26 @@ void ListenReaderField(int limit) void UsbPacketReceived(uint8_t *packet, int len) { UsbCommand *c = (UsbCommand *)packet; - UsbCommand ack; - ack.cmd = CMD_ACK; +// Dbprintf("received %d bytes, with command: 0x%04x and args: %d %d %d",len,c->cmd,c->arg[0],c->arg[1],c->arg[2]); + switch(c->cmd) { #ifdef WITH_LF case CMD_ACQUIRE_RAW_ADC_SAMPLES_125K: AcquireRawAdcSamples125k(c->arg[0]); - UsbSendPacket((uint8_t*)&ack, sizeof(ack)); + cmd_send(CMD_ACK,0,0,0,0,0); break; case CMD_MOD_THEN_ACQUIRE_RAW_ADC_SAMPLES_125K: ModThenAcquireRawAdcSamples125k(c->arg[0],c->arg[1],c->arg[2],c->d.asBytes); break; case CMD_HID_DEMOD_FSK: - CmdHIDdemodFSK(0, 0, 0, 1); // Demodulate HID tag + CmdHIDdemodFSK(0, 0, 0, 1); // Demodulate HID tag break; case CMD_HID_SIM_TAG: CmdHIDsimTAG(c->arg[0], c->arg[1], 1); // Simulate HID tag by ID break; - case CMD_HID_CLONE_TAG: - CopyHIDtoT5567(c->arg[0], c->arg[1]); // Clone HID tag by ID to T55x7 + case CMD_HID_CLONE_TAG: // Clone HID tag by ID to T55x7 + CopyHIDtoT55x7(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes[0]); break; case CMD_EM410X_WRITE_TAG: WriteEM410x(c->arg[0], c->arg[1], c->arg[2]); @@ -636,8 +657,46 @@ void UsbPacketReceived(uint8_t *packet, int len) case CMD_LF_SIMULATE_BIDIR: SimulateTagLowFrequencyBidir(c->arg[0], c->arg[1]); break; + case CMD_INDALA_CLONE_TAG: // Clone Indala 64-bit tag by UID to T55x7 + CopyIndala64toT55x7(c->arg[0], c->arg[1]); + break; + case CMD_INDALA_CLONE_TAG_L: // Clone Indala 224-bit tag by UID to T55x7 + CopyIndala224toT55x7(c->d.asDwords[0], c->d.asDwords[1], c->d.asDwords[2], c->d.asDwords[3], c->d.asDwords[4], c->d.asDwords[5], c->d.asDwords[6]); + break; + case CMD_T55XX_READ_BLOCK: + T55xxReadBlock(c->arg[1], c->arg[2],c->d.asBytes[0]); + break; + case CMD_T55XX_WRITE_BLOCK: + T55xxWriteBlock(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes[0]); + break; + case CMD_T55XX_READ_TRACE: // Clone HID tag by ID to T55x7 + T55xxReadTrace(); + break; + case CMD_PCF7931_READ: // Read PCF7931 tag + ReadPCF7931(); + cmd_send(CMD_ACK,0,0,0,0,0); +// UsbSendPacket((uint8_t*)&ack, sizeof(ack)); + break; + case CMD_EM4X_READ_WORD: + EM4xReadWord(c->arg[1], c->arg[2],c->d.asBytes[0]); + break; + case CMD_EM4X_WRITE_WORD: + EM4xWriteWord(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes[0]); + break; #endif +#ifdef WITH_HITAG + case CMD_SNOOP_HITAG: // Eavesdrop Hitag tag, args = type + SnoopHitag(c->arg[0]); + break; + case CMD_SIMULATE_HITAG: // Simulate Hitag tag, args = memory content + SimulateHitagTag((bool)c->arg[0],(byte_t*)c->d.asBytes); + break; + case CMD_READER_HITAG: // Reader for Hitag tags, args = type and function + ReaderHitag((hitag_function)c->arg[0],(hitag_data*)c->d.asBytes); + break; +#endif + #ifdef WITH_ISO15693 case CMD_ACQUIRE_RAW_ADC_SAMPLES_ISO_15693: AcquireRawAdcSamplesIso15693(); @@ -700,13 +759,16 @@ void UsbPacketReceived(uint8_t *packet, int len) #ifdef WITH_ISO14443a case CMD_SNOOP_ISO_14443a: - SnoopIso14443a(); + SnoopIso14443a(c->arg[0]); break; case CMD_READER_ISO_14443a: - ReaderIso14443a(c, &ack); + ReaderIso14443a(c); break; case CMD_SIMULATE_TAG_ISO_14443a: - SimulateIso14443aTag(c->arg[0], c->arg[1]); // ## Simulate iso14443a tag - pass tag type & UID + SimulateIso14443aTag(c->arg[0], c->arg[1], c->arg[2]); // ## Simulate iso14443a tag - pass tag type & UID + break; + case CMD_EPA_PACE_COLLECT_NONCE: + EPA_PACE_Collect_Nonce(c); break; case CMD_READER_MIFARE: @@ -747,6 +809,19 @@ void UsbPacketReceived(uint8_t *packet, int len) case CMD_MIFARE_EML_CARDLOAD: MifareECardLoad(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes); break; + + // Work with "magic Chinese" card + case CMD_MIFARE_EML_CSETBLOCK: + MifareCSetBlock(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes); + break; + case CMD_MIFARE_EML_CGETBLOCK: + MifareCGetBlock(c->arg[0], c->arg[1], c->arg[2], c->d.asBytes); + break; + + // mifare sniffer + case CMD_MIFARE_SNIFFER: + SniffMifare(c->arg[0]); + break; #endif #ifdef WITH_ICLASS @@ -754,6 +829,12 @@ void UsbPacketReceived(uint8_t *packet, int len) case CMD_SNOOP_ICLASS: SnoopIClass(); break; + case CMD_SIMULATE_TAG_ICLASS: + SimulateIClass(c->arg[0], c->d.asBytes); + break; + case CMD_READER_ICLASS: + ReaderIClass(c->arg[0]); + break; #endif case CMD_SIMULATE_TAG_HF_LISTEN: @@ -783,27 +864,36 @@ void UsbPacketReceived(uint8_t *packet, int len) break; case CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K: { - UsbCommand n; - if(c->cmd == CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K) { - n.cmd = CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K; - } else { - n.cmd = CMD_DOWNLOADED_RAW_BITS_TI_TYPE; - } - n.arg[0] = c->arg[0]; - memcpy(n.d.asDwords, BigBuf+c->arg[0], 12*sizeof(uint32_t)); - LED_B_ON(); - UsbSendPacket((uint8_t *)&n, sizeof(n)); +// UsbCommand n; +// if(c->cmd == CMD_DOWNLOAD_RAW_ADC_SAMPLES_125K) { +// n.cmd = CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K; +// } else { +// n.cmd = CMD_DOWNLOADED_RAW_BITS_TI_TYPE; +// } +// n.arg[0] = c->arg[0]; + // memcpy(n.d.asBytes, BigBuf+c->arg[0], 48); // 12*sizeof(uint32_t) + // LED_B_ON(); + // usb_write((uint8_t *)&n, sizeof(n)); + // UsbSendPacket((uint8_t *)&n, sizeof(n)); + // LED_B_OFF(); + + LED_B_ON(); + for(size_t i=0; i<c->arg[1]; i += USB_CMD_DATA_SIZE) { + size_t len = MIN((c->arg[1] - i),USB_CMD_DATA_SIZE); + cmd_send(CMD_DOWNLOADED_RAW_ADC_SAMPLES_125K,i,len,0,((byte_t*)BigBuf)+c->arg[0]+i,len); + } + // Trigger a finish downloading signal with an ACK frame + cmd_send(CMD_ACK,0,0,0,0,0); LED_B_OFF(); - break; - } + } break; case CMD_DOWNLOADED_SIM_SAMPLES_125K: { uint8_t *b = (uint8_t *)BigBuf; memcpy(b+c->arg[0], c->d.asBytes, 48); //Dbprintf("copied 48 bytes to %i",b+c->arg[0]); - UsbSendPacket((uint8_t*)&ack, sizeof(ack)); - break; - } +// UsbSendPacket((uint8_t*)&ack, sizeof(ack)); + cmd_send(CMD_ACK,0,0,0,0,0); + } break; case CMD_READ_MEM: ReadMem(c->arg[0]); @@ -826,10 +916,6 @@ void UsbPacketReceived(uint8_t *packet, int len) SendVersion(); break; -#ifdef WITH_LF - -#endif - #ifdef WITH_LCD case CMD_LCD_RESET: LCDReset(); @@ -840,36 +926,35 @@ void UsbPacketReceived(uint8_t *packet, int len) #endif case CMD_SETUP_WRITE: case CMD_FINISH_WRITE: - case CMD_HARDWARE_RESET: - USB_D_PLUS_PULLUP_OFF(); + case CMD_HARDWARE_RESET: { + usb_disable(); SpinDelay(1000); SpinDelay(1000); AT91C_BASE_RSTC->RSTC_RCR = RST_CONTROL_KEY | AT91C_RSTC_PROCRST; for(;;) { // We're going to reset, and the bootrom will take control. } - break; + } break; - case CMD_START_FLASH: + case CMD_START_FLASH: { if(common_area.flags.bootrom_present) { common_area.command = COMMON_AREA_COMMAND_ENTER_FLASH_MODE; } - USB_D_PLUS_PULLUP_OFF(); + usb_disable(); AT91C_BASE_RSTC->RSTC_RCR = RST_CONTROL_KEY | AT91C_RSTC_PROCRST; for(;;); - break; + } break; case CMD_DEVICE_INFO: { - UsbCommand c; - c.cmd = CMD_DEVICE_INFO; - c.arg[0] = DEVICE_INFO_FLAG_OSIMAGE_PRESENT | DEVICE_INFO_FLAG_CURRENT_MODE_OS; - if(common_area.flags.bootrom_present) c.arg[0] |= DEVICE_INFO_FLAG_BOOTROM_PRESENT; - UsbSendPacket((uint8_t*)&c, sizeof(c)); - } - break; - default: + uint32_t dev_info = DEVICE_INFO_FLAG_OSIMAGE_PRESENT | DEVICE_INFO_FLAG_CURRENT_MODE_OS; + if(common_area.flags.bootrom_present) dev_info |= DEVICE_INFO_FLAG_BOOTROM_PRESENT; +// UsbSendPacket((uint8_t*)&c, sizeof(c)); + cmd_send(CMD_DEVICE_INFO,dev_info,0,0,0,0); + } break; + + default: { Dbprintf("%s: 0x%04x","unknown command:",c->cmd); - break; + } break; } } @@ -890,7 +975,9 @@ void __attribute__((noreturn)) AppMain(void) LED_B_OFF(); LED_A_OFF(); - UsbStart(); + // Init USB device` + usb_enable(); +// UsbStart(); // The FPGA gets its clock from us from PCK0 output, so set that up. AT91C_BASE_PIOA->PIO_BSR = GPIO_PCK0; @@ -910,35 +997,23 @@ void __attribute__((noreturn)) AppMain(void) FpgaDownloadAndGo(); StartTickCount(); - + #ifdef WITH_LCD - LCDInit(); - - // test text on different colored backgrounds - LCDString(" The quick brown fox ", (char *)&FONT6x8,1,1+8*0,WHITE ,BLACK ); - LCDString(" jumped over the ", (char *)&FONT6x8,1,1+8*1,BLACK ,WHITE ); - LCDString(" lazy dog. ", (char *)&FONT6x8,1,1+8*2,YELLOW ,RED ); - LCDString(" AaBbCcDdEeFfGgHhIiJj ", (char *)&FONT6x8,1,1+8*3,RED ,GREEN ); - LCDString(" KkLlMmNnOoPpQqRrSsTt ", (char *)&FONT6x8,1,1+8*4,MAGENTA,BLUE ); - LCDString("UuVvWwXxYyZz0123456789", (char *)&FONT6x8,1,1+8*5,BLUE ,YELLOW); - LCDString("`-=[]_;',./~!@#$%^&*()", (char *)&FONT6x8,1,1+8*6,BLACK ,CYAN ); - LCDString(" _+{}|:\\\"<>? ",(char *)&FONT6x8,1,1+8*7,BLUE ,MAGENTA); - - // color bands - LCDFill(0, 1+8* 8, 132, 8, BLACK); - LCDFill(0, 1+8* 9, 132, 8, WHITE); - LCDFill(0, 1+8*10, 132, 8, RED); - LCDFill(0, 1+8*11, 132, 8, GREEN); - LCDFill(0, 1+8*12, 132, 8, BLUE); - LCDFill(0, 1+8*13, 132, 8, YELLOW); - LCDFill(0, 1+8*14, 132, 8, CYAN); - LCDFill(0, 1+8*15, 132, 8, MAGENTA); - #endif + byte_t rx[sizeof(UsbCommand)]; + size_t rx_len; + for(;;) { - UsbPoll(FALSE); + if (usb_poll()) { + rx_len = usb_read(rx,sizeof(UsbCommand)); + if (rx_len) { + UsbPacketReceived(rx,rx_len); + } + } +// UsbPoll(FALSE); + WDT_HIT(); #ifdef WITH_LF