X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/blobdiff_plain/f38cfd669304926cbad5ac54e2896458c7f80eb0..f8ff1483eb53d151822d45ea65c08511edecd2d8:/armsrc/iso14443a.c diff --git a/armsrc/iso14443a.c b/armsrc/iso14443a.c index 93bed2d5..61c018bb 100644 --- a/armsrc/iso14443a.c +++ b/armsrc/iso14443a.c @@ -1835,10 +1835,10 @@ int ReaderReceive(uint8_t *receivedAnswer, uint8_t *parity) { // if anticollision is false, then the UID must be provided in uid_ptr[] // and num_cascades must be set (1: 4 Byte UID, 2: 7 Byte UID, 3: 10 Byte UID) int iso14443a_select_card(byte_t *uid_ptr, iso14a_card_select_t *p_hi14a_card, uint32_t *cuid_ptr, bool anticollision, uint8_t num_cascades) { - uint8_t wupa[] = { 0x52 }; // 0x26 - REQA 0x52 - WAKE-UP - uint8_t sel_all[] = { 0x93,0x20 }; - uint8_t sel_uid[] = { 0x93,0x70,0x00,0x00,0x00,0x00,0x00,0x00,0x00}; - uint8_t rats[] = { 0xE0,0x80,0x00,0x00 }; // FSD=256, FSDI=8, CID=0 + uint8_t wupa[] = { ISO14443A_CMD_WUPA }; // 0x26 - ISO14443A_CMD_REQA 0x52 - ISO14443A_CMD_WUPA + uint8_t sel_all[] = { ISO14443A_CMD_ANTICOLL_OR_SELECT,0x20 }; + uint8_t sel_uid[] = { ISO14443A_CMD_ANTICOLL_OR_SELECT,0x70,0x00,0x00,0x00,0x00,0x00,0x00,0x00}; + uint8_t rats[] = { ISO14443A_CMD_RATS,0x80,0x00,0x00 }; // FSD=256, FSDI=8, CID=0 uint8_t resp[MAX_FRAME_SIZE] = {0}; // theoretically. A usual RATS will be much smaller uint8_t resp_par[MAX_PARITY_SIZE] = {0}; byte_t uid_resp[4] = {0}; @@ -1987,31 +1987,31 @@ int iso14443a_select_card(byte_t *uid_ptr, iso14a_card_select_t *p_hi14a_card, u } void iso14443a_setup(uint8_t fpga_minor_mode) { + FpgaDownloadAndGo(FPGA_BITSTREAM_HF); // Set up the synchronous serial port FpgaSetupSsc(); // connect Demodulated Signal to ADC: SetAdcMuxFor(GPIO_MUXSEL_HIPKD); - FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_ISO14443A | fpga_minor_mode); - LED_D_OFF(); // Signal field is on with the appropriate LED if (fpga_minor_mode == FPGA_HF_ISO14443A_READER_MOD || fpga_minor_mode == FPGA_HF_ISO14443A_READER_LISTEN) LED_D_ON(); - // Prepare the demodulation functions - DemodReset(); - UartReset(); - - iso14a_set_timeout(10*106); // 10ms default + FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_ISO14443A | fpga_minor_mode); - //NextTransferTime = 2 * DELAY_ARM2AIR_AS_READER; - NextTransferTime = DELAY_ARM2AIR_AS_READER << 1; + SpinDelay(20); // Start the timer StartCountSspClk(); + + // Prepare the demodulation functions + DemodReset(); + UartReset(); + NextTransferTime = 2 * DELAY_ARM2AIR_AS_READER; + iso14a_set_timeout(10*106); // 20ms default } int iso14_apdu(uint8_t *cmd, uint16_t cmd_len, void *data) { @@ -2044,9 +2044,9 @@ int iso14_apdu(uint8_t *cmd, uint16_t cmd_len, void *data) { return len; } + //----------------------------------------------------------------------------- // Read an ISO 14443a tag. Send out commands and store answers. -// //----------------------------------------------------------------------------- void ReaderIso14443a(UsbCommand *c) { iso14a_command_t param = c->arg[0]; @@ -2145,10 +2145,31 @@ int32_t dist_nt(uint32_t nt1, uint32_t nt2) { uint32_t nttmp1 = nt1; uint32_t nttmp2 = nt2; - for (uint16_t i = 1; i < 0xFFFF; ++i) { + for (uint16_t i = 1; i < 32768/8; ++i) { nttmp1 = prng_successor(nttmp1, 1); if (nttmp1 == nt2) return i; nttmp2 = prng_successor(nttmp2, 1); if (nttmp2 == nt1) return -i; - } + + nttmp1 = prng_successor(nttmp1, 1); if (nttmp1 == nt2) return i+1; + nttmp2 = prng_successor(nttmp2, 1); if (nttmp2 == nt1) return -(i+1); + + nttmp1 = prng_successor(nttmp1, 1); if (nttmp1 == nt2) return i+2; + nttmp2 = prng_successor(nttmp2, 1); if (nttmp2 == nt1) return -(i+2); + + nttmp1 = prng_successor(nttmp1, 1); if (nttmp1 == nt2) return i+3; + nttmp2 = prng_successor(nttmp2, 1); if (nttmp2 == nt1) return -(i+3); + + nttmp1 = prng_successor(nttmp1, 1); if (nttmp1 == nt2) return i+4; + nttmp2 = prng_successor(nttmp2, 1); if (nttmp2 == nt1) return -(i+4); + + nttmp1 = prng_successor(nttmp1, 1); if (nttmp1 == nt2) return i+5; + nttmp2 = prng_successor(nttmp2, 1); if (nttmp2 == nt1) return -(i+5); + + nttmp1 = prng_successor(nttmp1, 1); if (nttmp1 == nt2) return i+6; + nttmp2 = prng_successor(nttmp2, 1); if (nttmp2 == nt1) return -(i+6); + + nttmp1 = prng_successor(nttmp1, 1); if (nttmp1 == nt2) return i+7; + nttmp2 = prng_successor(nttmp2, 1); if (nttmp2 == nt1) return -(i+7); + } // either nt1 or nt2 are invalid nonces return(-99999); } @@ -2204,8 +2225,7 @@ void ReaderMifare(bool first_try, uint8_t block, uint8_t keytype ) { iso14443a_setup(FPGA_HF_ISO14443A_READER_MOD); sync_time = GetCountSspClk() & 0xfffffff8; - // iceman, i add 1130 because during my observations this makse the syncronization much fast to sync. - sync_cycles = PRNG_SEQUENCE_LENGTH + 1130; //65536; // Mifare Classic's random generator repeats every 2^16 cycles (and so do the nonces). + sync_cycles = PRNG_SEQUENCE_LENGTH; // Mifare Classic's random generator repeats every 2^16 cycles (and so do the nonces). nt_attacked = 0; if (MF_DBGLEVEL >= 4) Dbprintf("Mifare::Sync %08x", sync_time); @@ -2282,7 +2302,7 @@ void ReaderMifare(bool first_try, uint8_t block, uint8_t keytype ) { // we didn't calibrate our clock yet, // iceman: has to be calibrated every time. - if (first_try && previous_nt && !nt_attacked) { + if (previous_nt && !nt_attacked) { nt_distance = dist_nt(previous_nt, nt); @@ -2321,7 +2341,7 @@ void ReaderMifare(bool first_try, uint8_t block, uint8_t keytype ) { } LED_B_OFF(); - if ((nt != nt_attacked) && nt_attacked) { // we somehow lost sync. Try to catch up again... + if ( (nt != nt_attacked) && nt_attacked) { // we somehow lost sync. Try to catch up again... catch_up_cycles = ABS(dist_nt(nt_attacked, nt)); if (catch_up_cycles == 99999) { // invalid nonce received. Don't resync on that one.