X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/715bed50234cb73cd3cb646e41021e93b3cff6b5..564c9ae2b68afc0d8b0455fb9b9d2aba0ca6c574:/armsrc/legicrf.c diff --git a/armsrc/legicrf.c b/armsrc/legicrf.c index a92e7671..9abc7761 100644 --- a/armsrc/legicrf.c +++ b/armsrc/legicrf.c @@ -217,7 +217,7 @@ void frame_sendAsReader(uint32_t data, uint8_t bits){ COIL_PULSE(0); // log - uint8_t cmdbytes[] = {bits, BYTEx(data,0), BYTEx(data,1), BYTEx(data,2) , BYTEx(send,0), BYTEx(send,1)}; + uint8_t cmdbytes[] = {bits, BYTEx(data,0), BYTEx(data,1), BYTEx(data,2), BYTEx(send,0), BYTEx(send,1), BYTEx(send,2)}; LogTrace(cmdbytes, sizeof(cmdbytes), starttime, GET_TICKS, NULL, TRUE); } @@ -410,13 +410,6 @@ bool legic_write_byte(uint16_t index, uint8_t byte, uint8_t addr_sz) { uint8_t cmd_sz = addr_sz+1+8+4; //crc+data+cmd; uint32_t steps = 0, next_bit_at, start, crc, old_level = 0; -/* - crc_clear(&legic_crc); - crc_update(&legic_crc, 0, 1); // CMD_WRITE - crc_update(&legic_crc, index, addr_sz); - crc_update(&legic_crc, byte, 8); - crc = crc_finish(&legic_crc); -*/ crc = legic4Crc(LEGIC_WRITE, index, byte, addr_sz+1); // send write command @@ -424,12 +417,8 @@ bool legic_write_byte(uint16_t index, uint8_t byte, uint8_t addr_sz) { cmd |= index << 1; // index cmd |= byte << (addr_sz+1); // Data cmd |= (crc & 0xF ) << (addr_sz+1+8); // CRC - - /* Bitbang the response */ - AT91C_BASE_PIOA->PIO_PER = GPIO_SSC_DOUT; - legic_prng_forward(2); - WaitTicks(330); + WaitTicks(240); frame_sendAsReader(cmd, cmd_sz); @@ -439,7 +428,7 @@ bool legic_write_byte(uint16_t index, uint8_t byte, uint8_t addr_sz) { // ACK, - one single "1" bit after 3.6ms // 3.6ms = 3600us * 1.5 = 5400ticks. - WaitTicks(5300); + WaitTicks(5400); next_bit_at = GET_TICKS + TAG_BIT_PERIOD; @@ -466,11 +455,10 @@ bool legic_write_byte(uint16_t index, uint8_t byte, uint8_t addr_sz) { goto OUT; } } - - Dbprintf("ice: i == %d",i); OUT: ; - // log + legic_prng_forward(1); + uint8_t cmdbytes[] = {1, isOK, BYTEx(steps, 0), BYTEx(steps, 1) }; LogTrace(cmdbytes, sizeof(cmdbytes), start, GET_TICKS, NULL, FALSE); return isOK; @@ -489,7 +477,7 @@ int LegicRfReader(uint16_t offset, uint16_t len, uint8_t iv) { goto OUT; } - if (len + offset >= card.cardsize) + if (len + offset > card.cardsize) len = card.cardsize - offset; LED_B_ON(); @@ -516,7 +504,7 @@ OUT: void LegicRfWriter(uint16_t offset, uint16_t len, uint8_t iv, uint8_t *data) { #define LOWERLIMIT 4 - uint8_t isOK = 1; + uint8_t isOK = 1, msg = 0; legic_card_select_t card; // uid NOT is writeable. @@ -529,26 +517,25 @@ void LegicRfWriter(uint16_t offset, uint16_t len, uint8_t iv, uint8_t *data) { if ( legic_select_card_iv(&card, iv) ) { isOK = 0; + msg = 1; goto OUT; } - if ( len + offset + LOWERLIMIT >= card.cardsize) { - isOK = 0; - goto OUT; - } + if ( len + offset > card.cardsize) + len = card.cardsize - offset; LED_B_ON(); while( len > 0 ) { --len; if ( !legic_write_byte( len + offset, data[len], card.addrsize) ) { - Dbprintf("operation failed | %d | %d | %d", len + offset, len, data[len] ); + Dbprintf("operation failed | %02X | %02X | %02X", len + offset, len, data[len] ); isOK = 0; goto OUT; } WDT_HIT(); } OUT: - cmd_send(CMD_ACK, isOK, 0,0,0,0); + cmd_send(CMD_ACK, isOK, msg,0,0,0); switch_off_tag_rwd(); LEDsoff(); } @@ -735,7 +722,7 @@ static void frame_handle_tag(struct legic_frame const * const f) } /* Write */ - if(f->bits == 23) { + if (f->bits == 23 || f->bits == 21 ) { uint32_t key = get_key_stream(-1, 23); //legic_frame_drift, 23); uint16_t addr = f->data ^ key; addr >>= 1; @@ -749,7 +736,7 @@ static void frame_handle_tag(struct legic_frame const * const f) legic_state = STATE_DISCON; LED_C_OFF(); Dbprintf("write - addr: %x, data: %x", addr, data); - // should send a ACK within 3.5ms too + // should send a ACK after 3.6ms return; } @@ -799,7 +786,7 @@ void LegicRfSimulate(int phase, int frame, int reqresp) * measure the time between two rising edges on DIN, and no encoding on the * subcarrier from card to reader, so we'll just shift out our verbatim data * on DOUT, 1 bit is 100us. The time from reader to card frame is still unclear, - * seems to be 300us-ish. + * seems to be 330us. */ int old_level = 0, active = 0;