X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/71cb7328e3f65b7245ab8d38c6f9351d28f46658..e7470660c20f6525ca35bdea429f47e440b0b305:/client/cmdlfpyramid.c
diff --git a/client/cmdlfpyramid.c b/client/cmdlfpyramid.c
index 23c44059..cf8b2b44 100644
--- a/client/cmdlfpyramid.c
+++ b/client/cmdlfpyramid.c
@@ -12,22 +12,25 @@
static int CmdHelp(const char *Cmd);
int usage_lf_pyramid_clone(void){
- PrintAndLog("clone a Farepointe/Pyramid tag to a T55x7 tag.");
- PrintAndLog("Per pyramid format, the facility-code is 8-bit and the card number is 16-bit. Larger values are truncated.");
+ PrintAndLog("clone a Farpointe/Pyramid tag to a T55x7 tag.");
+ PrintAndLog("The facility-code is 8-bit and the card number is 16-bit. Larger values are truncated. ");
+ PrintAndLog("Currently work only on 26bit");
PrintAndLog("");
PrintAndLog("Usage: lf pyramid clone <Facility-Code> <Card-Number>");
PrintAndLog("Options :");
PrintAndLog(" <Facility-Code> : 8-bit value facility code");
PrintAndLog(" <Card Number> : 16-bit value card number");
+ PrintAndLog(" Q5 : optional - clone to Q5 (T5555) instead of T55x7 chip");
PrintAndLog("");
PrintAndLog("Sample : lf pyramid clone 123 11223");
return 0;
}
int usage_lf_pyramid_sim(void) {
- PrintAndLog("Enables simulation of Farepointe/Pyramid card with specified card number.");
+ PrintAndLog("Enables simulation of Farpointe/Pyramid card with specified card number.");
PrintAndLog("Simulation runs until the button is pressed or another USB command is issued.");
- PrintAndLog("Per pyramid format, the facility-code is 8-bit and the card number is 16-bit. Larger values are truncated.");
+ PrintAndLog("The facility-code is 8-bit and the card number is 16-bit. Larger values are truncated.");
+ PrintAndLog("Currently work only on 26bit");
PrintAndLog("");
PrintAndLog("Usage: lf pyramid sim <Card-Number>");
PrintAndLog("Options :");
@@ -38,45 +41,40 @@ int usage_lf_pyramid_sim(void) {
return 0;
}
-// calc checksum
-int GetWiegandFromPyramid(const char *id, uint32_t *fc, uint32_t *cn) {
- return 0;
-}
-
+// Works for 26bits.
int GetPyramidBits(uint32_t fc, uint32_t cn, uint8_t *pyramidBits) {
uint8_t pre[128];
memset(pre, 0x00, sizeof(pre));
- // add preamble
- pyramidBits[7]=1;
- num_to_bytebits(26, 8, pre);
-
- // get wiegand
+ // format start bit
+ pre[79] = 1;
+
+ // Get 26 wiegand from FacilityCode, CardNumber
uint8_t wiegand[24];
+ memset(wiegand, 0x00, sizeof(wiegand));
num_to_bytebits(fc, 8, wiegand);
num_to_bytebits(cn, 16, wiegand+8);
- // add wiegand parity bits
- wiegand_add_parity(pre+8, wiegand, 24);
-
- // add paritybits
- addParity(pre, pyramidBits+8, 66, 4, 1);
+ // add wiegand parity bits (dest, source, len)
+ wiegand_add_parity(pre+80, wiegand, 24);
+ // add paritybits (bitsource, dest, sourcelen, paritylen, parityType (odd, even,)
+ addParity(pre+8, pyramidBits+8, 102, 8, 1);
+
// add checksum
- // this is wrong.
- uint32_t crc = CRC8Maxim(wiegand, 13);
- num_to_bytebits(crc, 8, pre+120);
-
+ uint8_t csBuff[13];
+ for (uint8_t i = 0; i < 13; i++)
+ csBuff[i] = bytebits_to_byte(pyramidBits + 16 + (i*8), 8);
+
+ uint32_t crc = CRC8Maxim(csBuff, 13);
+ num_to_bytebits(crc, 8, pyramidBits+120);
return 1;
}
int CmdPyramidRead(const char *Cmd) {
- // read lf silently
CmdLFRead("s");
- // get samples silently
getSamples("30000",false);
- // demod and output Pyramid ID
return CmdFSKdemodPyramid("");
}
@@ -85,53 +83,48 @@ int CmdPyramidClone(const char *Cmd) {
char cmdp = param_getchar(Cmd, 0);
if (strlen(Cmd) == 0 || cmdp == 'h' || cmdp == 'H') return usage_lf_pyramid_clone();
- uint32_t facilitycode=0, cardnumber=0;
- uint8_t bits[128];
- uint8_t *bs = bits;
- memset(bs,0,sizeof(bits));
- //Pyramid - compat mode, FSK2a, data rate 50, 4 data blocks
- uint32_t blocks[5] = {T55x7_MODULATION_FSK2a | T55x7_BITRATE_RF_50 | 4<<T55x7_MAXBLOCK_SHIFT, 0, 0, 0, 0};
-
-// if (param_getchar(Cmd, 3) == 'Q' || param_getchar(Cmd, 3) == 'q')
-// blocks[0] = T5555_MODULATION_FSK2 | 50<<T5555_BITRATE_SHIFT | 4<<T5555_MAXBLOCK_SHIFT;
+ uint32_t facilitycode=0, cardnumber=0, fc = 0, cn = 0;
+ uint32_t blocks[5];
+ uint8_t i;
+ uint8_t bs[128];
+ memset(bs, 0x00, sizeof(bs));
- // get wiegand from printed number.
- GetWiegandFromPyramid(Cmd, &facilitycode, &cardnumber);
-
- if ((facilitycode & 0xFF) != facilitycode) {
- facilitycode &= 0xFF;
- PrintAndLog("Facility Code Truncated to 8-bits (Pyramid): %u", facilitycode);
- }
+ if (sscanf(Cmd, "%u %u", &fc, &cn ) != 2) return usage_lf_pyramid_clone();
- if ((cardnumber & 0xFFFF) != cardnumber) {
- cardnumber &= 0xFFFF;
- PrintAndLog("Card Number Truncated to 16-bits (Pyramid): %u", cardnumber);
- }
+ facilitycode = (fc & 0x000000FF);
+ cardnumber = (cn & 0x0000FFFF);
if ( !GetPyramidBits(facilitycode, cardnumber, bs)) {
PrintAndLog("Error with tag bitstream generation.");
return 1;
}
+ //Pyramid - compat mode, FSK2a, data rate 50, 4 data blocks
+ blocks[0] = T55x7_MODULATION_FSK2a | T55x7_BITRATE_RF_50 | 4<<T55x7_MAXBLOCK_SHIFT;
+
+ if (param_getchar(Cmd, 3) == 'Q' || param_getchar(Cmd, 3) == 'q')
+ //t5555 (Q5) BITRATE = (RF-2)/2 (iceman)
+ blocks[0] = T5555_MODULATION_FSK2 | T5555_INVERT_OUTPUT | 50<<T5555_BITRATE_SHIFT | 4<<T5555_MAXBLOCK_SHIFT;
+
blocks[1] = bytebits_to_byte(bs,32);
blocks[2] = bytebits_to_byte(bs+32,32);
blocks[3] = bytebits_to_byte(bs+64,32);
blocks[4] = bytebits_to_byte(bs+96,32);
- PrintAndLog("Preparing to clone Farepointe/Pyramid to T55x7 with Facility Code: %u, Card Number: %u", facilitycode, cardnumber);
+ PrintAndLog("Preparing to clone Farpointe/Pyramid to T55x7 with Facility Code: %u, Card Number: %u", facilitycode, cardnumber);
PrintAndLog("Blk | Data ");
PrintAndLog("----+------------");
- for ( uint8_t i=0; i<5; ++i )
- PrintAndLog(" %02d | 0x%08x",i , blocks[i]);
-
+ for ( i = 0; i<5; ++i )
+ PrintAndLog(" %02d | %08" PRIx32, i, blocks[i]);
+
UsbCommand resp;
- //UsbCommand c = {CMD_T55XX_WRITE_BLOCK, {0,0,0}};
+ UsbCommand c = {CMD_T55XX_WRITE_BLOCK, {0,0,0}};
- for ( uint8_t i=0; i<5; ++i ) {
- //c.arg[0] = blocks[i];
- //c.arg[1] = i;
+ for ( i = 0; i<5; ++i ) {
+ c.arg[0] = blocks[i];
+ c.arg[1] = i;
clearCommandBuffer();
- // SendCommand(&c);
+ SendCommand(&c);
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1000)){
PrintAndLog("Error occurred, device did not respond during write operation.");
return -1;
@@ -141,29 +134,37 @@ int CmdPyramidClone(const char *Cmd) {
}
int CmdPyramidSim(const char *Cmd) {
- // uint32_t id = 0;
- // uint64_t rawID = 0;
- // uint8_t clk = 50, encoding = 1, separator = 0, invert = 0;
char cmdp = param_getchar(Cmd, 0);
if (strlen(Cmd) == 0 || cmdp == 'h' || cmdp == 'H') return usage_lf_pyramid_sim();
- // id = param_get32ex(Cmd, 0, 0, 16);
- // if (id == 0) return usage_lf_pyramid_sim();
+ uint32_t facilitycode = 0, cardnumber = 0, fc = 0, cn = 0;
+
+ uint8_t bs[128];
+ size_t size = sizeof(bs);
+ memset(bs, 0x00, size);
+
+ // Pyramid uses: fcHigh: 10, fcLow: 8, clk: 50, invert: 0
+ uint64_t arg1, arg2;
+ arg1 = (10 << 8) + 8;
+ arg2 = 50 | 0;
- //rawID = getPyramidBits(id);
+ if (sscanf(Cmd, "%u %u", &fc, &cn ) != 2) return usage_lf_pyramid_sim();
- // uint16_t arg1, arg2;
- // size_t size = 64;
- // arg1 = clk << 8 | encoding;
- // arg2 = invert << 8 | separator;
+ facilitycode = (fc & 0x000000FF);
+ cardnumber = (cn & 0x0000FFFF);
+
+ if ( !GetPyramidBits(facilitycode, cardnumber, bs)) {
+ PrintAndLog("Error with tag bitstream generation.");
+ return 1;
+ }
- // PrintAndLog("Simulating - ID: %08X, Raw: %08X%08X",id,(uint32_t)(rawID >> 32),(uint32_t) (rawID & 0xFFFFFFFF));
+ PrintAndLog("Simulating Farpointe/Pyramid - Facility Code: %u, CardNumber: %u", facilitycode, cardnumber );
- // UsbCommand c = {CMD_FSK_SIM_TAG, {arg1, arg2, size}};
- // num_to_bytebits(rawID, size, c.d.asBytes);
- // clearCommandBuffer();
- // SendCommand(&c);
+ UsbCommand c = {CMD_FSK_SIM_TAG, {arg1, arg2, size}};
+ memcpy(c.d.asBytes, bs, size);
+ clearCommandBuffer();
+ SendCommand(&c);
return 0;
}