From: pwpiwi Date: Tue, 16 Dec 2014 06:47:02 +0000 (+0100) Subject: Merge branch 'master' of https://github.com/Proxmark/proxmark3 X-Git-Tag: v2.0.0-rc1~84 X-Git-Url: https://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/commitdiff_plain/471c5141672c1c386bae0b28d25041309b8118fe?ds=sidebyside;hp=-c Merge branch 'master' of https://github.com/Proxmark/proxmark3 --- 471c5141672c1c386bae0b28d25041309b8118fe diff --combined armsrc/appmain.c index 728c81d9,8f676c8e..05e68868 --- a/armsrc/appmain.c +++ b/armsrc/appmain.c @@@ -36,8 -36,7 +36,8 @@@ // is the order in which they go out on the wire. //============================================================================= -uint8_t ToSend[512]; +#define TOSEND_BUFFER_SIZE (9*MAX_FRAME_SIZE + 1 + 1 + 2) // 8 data bits and 1 parity bit per payload byte, 1 correction bit, 1 SOC bit, 2 EOC bits +uint8_t ToSend[TOSEND_BUFFER_SIZE]; int ToSendMax; static int ToSendBit; struct common_area common_area __attribute__((section(".commonarea"))); @@@ -68,7 -67,7 +68,7 @@@ void ToSendStuffBit(int b ToSendBit++; - if(ToSendBit >= sizeof(ToSend)) { + if(ToSendMax >= sizeof(ToSend)) { ToSendBit = 0; DbpString("ToSendStuffBit overflowed!"); } @@@ -204,7 -203,7 +204,7 @@@ void MeasureAntennaTuning(void LED_B_ON(); DbpString("Measuring antenna characteristics, please wait..."); - memset(dest,0,sizeof(FREE_BUFFER_SIZE)); + memset(dest,0,FREE_BUFFER_SIZE); /* * Sweeps the useful LF range of the proxmark from diff --combined armsrc/iclass.c index 061336a7,937edcb4..28bdb3bc --- a/armsrc/iclass.c +++ b/armsrc/iclass.c @@@ -71,13 -71,14 +71,13 @@@ static struct int nOutOfCnt; int OutOfCnt; int syncBit; - int parityBits; int samples; int highCnt; int swapper; int counter; int bitBuffer; int dropPosition; - uint8_t *output; + uint8_t *output; } Uart; static RAMFUNC int OutOfNDecoding(int bit) @@@ -136,8 -137,11 +136,8 @@@ if(Uart.byteCnt == 0) { // Its not straightforward to show single EOFs // So just leave it and do not return TRUE - Uart.output[Uart.byteCnt] = 0xf0; + Uart.output[0] = 0xf0; Uart.byteCnt++; - - // Calculate the parity bit for the client... - Uart.parityBits = 1; } else { return TRUE; @@@ -219,6 -223,11 +219,6 @@@ if(Uart.bitCnt == 8) { Uart.output[Uart.byteCnt] = (Uart.shiftReg & 0xff); Uart.byteCnt++; - - // Calculate the parity bit for the client... - Uart.parityBits <<= 1; - Uart.parityBits ^= OddByteParity[(Uart.shiftReg & 0xff)]; - Uart.bitCnt = 0; Uart.shiftReg = 0; } @@@ -237,6 -246,11 +237,6 @@@ Uart.dropPosition--; Uart.output[Uart.byteCnt] = (Uart.dropPosition & 0xff); Uart.byteCnt++; - - // Calculate the parity bit for the client... - Uart.parityBits <<= 1; - Uart.parityBits ^= OddByteParity[(Uart.dropPosition & 0xff)]; - Uart.bitCnt = 0; Uart.shiftReg = 0; Uart.nOutOfCnt = 0; @@@ -297,6 -311,7 +297,6 @@@ Uart.state = STATE_START_OF_COMMUNICATION; Uart.bitCnt = 0; Uart.byteCnt = 0; - Uart.parityBits = 0; Uart.nOutOfCnt = 0; Uart.OutOfCnt = 4; // Start at 1/4, could switch to 1/256 Uart.dropPosition = 0; @@@ -338,6 -353,7 +338,6 @@@ static struct int bitCount; int posCount; int syncBit; - int parityBits; uint16_t shiftReg; int buffer; int buffer2; @@@ -351,7 -367,7 +351,7 @@@ SUB_SECOND_HALF, SUB_BOTH } sub; - uint8_t *output; + uint8_t *output; } Demod; static RAMFUNC int ManchesterDecoding(int v) @@@ -404,6 -420,7 +404,6 @@@ Demod.sub = SUB_FIRST_HALF; Demod.bitCount = 0; Demod.shiftReg = 0; - Demod.parityBits = 0; Demod.samples = 0; if(Demod.posCount) { //if(trigger) LED_A_OFF(); // Not useful in this case... @@@ -468,6 -485,8 +468,6 @@@ if(Demod.state == DEMOD_SOF_COMPLETE) { Demod.output[Demod.len] = 0x0f; Demod.len++; - Demod.parityBits <<= 1; - Demod.parityBits ^= OddByteParity[0x0f]; Demod.state = DEMOD_UNSYNCD; // error = 0x0f; return TRUE; @@@ -548,9 -567,11 +548,9 @@@ // Tag response does not need to be a complete byte! if(Demod.len > 0 || Demod.bitCount > 0) { if(Demod.bitCount > 1) { // was > 0, do not interpret last closing bit, is part of EOF - Demod.shiftReg >>= (9 - Demod.bitCount); + Demod.shiftReg >>= (9 - Demod.bitCount); // right align data Demod.output[Demod.len] = Demod.shiftReg & 0xff; Demod.len++; - // No parity bit, so just shift a 0 - Demod.parityBits <<= 1; } Demod.state = DEMOD_UNSYNCD; @@@ -587,6 -608,11 +587,6 @@@ Demod.shiftReg >>= 1; Demod.output[Demod.len] = (Demod.shiftReg & 0xff); Demod.len++; - - // FOR ISO15639 PARITY NOT SEND OTA, JUST CALCULATE IT FOR THE CLIENT - Demod.parityBits <<= 1; - Demod.parityBits ^= OddByteParity[(Demod.shiftReg & 0xff)]; - Demod.bitCount = 0; Demod.shiftReg = 0; } @@@ -643,8 -669,8 +643,8 @@@ void RAMFUNC SnoopIClass(void // So 32 should be enough! uint8_t *readerToTagCmd = (((uint8_t *)BigBuf) + RECV_CMD_OFFSET); // The response (tag -> reader) that we're receiving. - uint8_t *tagToReaderResponse = (((uint8_t *)BigBuf) + RECV_RES_OFFSET); - + uint8_t *tagToReaderResponse = (((uint8_t *)BigBuf) + RECV_RESP_OFFSET); + FpgaDownloadAndGo(FPGA_BITSTREAM_HF); // reset traceLen to 0 @@@ -743,10 -769,10 +743,10 @@@ //if(!LogTrace(Uart.output,Uart.byteCnt, rsamples, Uart.parityBits,TRUE)) break; //if(!LogTrace(NULL, 0, Uart.endTime*16 - DELAY_READER_AIR2ARM_AS_SNIFFER, 0, TRUE)) break; - if(tracing) - { - LogTrace(Uart.output,Uart.byteCnt, (GetCountSspClk()-time_0) << 4, Uart.parityBits,TRUE); - LogTrace(NULL, 0, (GetCountSspClk()-time_0) << 4, 0, TRUE); + if(tracing) { + uint8_t parity[MAX_PARITY_SIZE]; + GetParity(Uart.output, Uart.byteCnt, parity); + LogTrace(Uart.output,Uart.byteCnt, (GetCountSspClk()-time_0) << 4, (GetCountSspClk()-time_0) << 4, parity, TRUE); } @@@ -767,10 -793,10 +767,10 @@@ rsamples = samples - Demod.samples; LED_B_ON(); - if(tracing) - { - LogTrace(Demod.output,Demod.len, (GetCountSspClk()-time_0) << 4 , Demod.parityBits,FALSE); - LogTrace(NULL, 0, (GetCountSspClk()-time_0) << 4, 0, FALSE); + if(tracing) { + uint8_t parity[MAX_PARITY_SIZE]; + GetParity(Demod.output, Demod.len, parity); + LogTrace(Demod.output, Demod.len, (GetCountSspClk()-time_0) << 4, (GetCountSspClk()-time_0) << 4, parity, FALSE); } @@@ -968,7 -994,7 +968,7 @@@ void SimulateIClass(uint32_t arg0, uint { uint8_t mac_responses[64] = { 0 }; - Dbprintf("Going into attack mode"); + Dbprintf("Going into attack mode, %d CSNS sent", numberOfCSNS); // In this mode, a number of csns are within datain. We'll simulate each one, one at a time // in order to collect MAC's from the reader. This can later be used in an offlne-attack // in order to obtain the keys, as in the "dismantling iclass"-paper. @@@ -978,7 -1004,7 +978,7 @@@ // The usb data is 512 bytes, fitting 65 8-byte CSNs in there. memcpy(csn_crc, datain+(i*8), 8); - if(doIClassSimulation(csn_crc,1,mac_responses)) + if(doIClassSimulation(csn_crc,1,mac_responses+i*8)) { return; // Button pressed } @@@ -1053,7 -1079,7 +1053,7 @@@ int doIClassSimulation(uint8_t csn[], i // + 1720.. uint8_t *receivedCmd = (((uint8_t *)BigBuf) + RECV_CMD_OFFSET); - memset(receivedCmd, 0x44, RECV_CMD_SIZE); + memset(receivedCmd, 0x44, MAX_FRAME_SIZE); int len; // Prepare card messages @@@ -1106,7 -1132,6 +1106,6 @@@ //Signal tracer // Can be used to get a trigger for an oscilloscope.. LED_C_OFF(); - if(!GetIClassCommandFromReader(receivedCmd, &len, 100)) { buttonPressed = true; break; @@@ -1149,9 -1174,10 +1148,10 @@@ respsize = 0; if (breakAfterMacReceived){ // dbprintf:ing ... - Dbprintf("CSN: %02x %02x %02x %02x %02x %02x %02x %02x",csn[0],csn[1],csn[2],csn[3],csn[4],csn[5],csn[6],csn[7]); + Dbprintf("CSN: %02x %02x %02x %02x %02x %02x %02x %02x" + ,csn[0],csn[1],csn[2],csn[3],csn[4],csn[5],csn[6],csn[7]); Dbprintf("RDR: (len=%02d): %02x %02x %02x %02x %02x %02x %02x %02x %02x",len, - receivedCmd[0], receivedCmd[1], receivedCmd[2], + receivedCmd[0], receivedCmd[1], receivedCmd[2], receivedCmd[3], receivedCmd[4], receivedCmd[5], receivedCmd[6], receivedCmd[7], receivedCmd[8]); if (reader_mac_buf != NULL) @@@ -1193,13 -1219,14 +1193,13 @@@ } if (tracing) { - LogTrace(receivedCmd,len, (r2t_time-time_0)<< 4, Uart.parityBits,TRUE); - LogTrace(NULL,0, (r2t_time-time_0) << 4, 0,TRUE); + uint8_t parity[MAX_PARITY_SIZE]; + GetParity(receivedCmd, len, parity); + LogTrace(receivedCmd,len, (r2t_time-time_0)<< 4, (r2t_time-time_0) << 4, parity, TRUE); if (respdata != NULL) { - LogTrace(respdata,respsize, (t2r_time-time_0) << 4,SwapBits(GetParity(respdata,respsize),respsize),FALSE); - LogTrace(NULL,0, (t2r_time-time_0) << 4,0,FALSE); - - + GetParity(respdata, respsize, parity); + LogTrace(respdata, respsize, (t2r_time-time_0) << 4, (t2r_time-time_0) << 4, parity, FALSE); } if(!tracing) { DbpString("Trace full"); @@@ -1207,7 -1234,7 +1207,7 @@@ } } - memset(receivedCmd, 0x44, RECV_CMD_SIZE); + memset(receivedCmd, 0x44, MAX_FRAME_SIZE); } //Dbprintf("%x", cmdsRecvd); @@@ -1364,24 -1391,21 +1364,24 @@@ void CodeIClassCommand(const uint8_t * void ReaderTransmitIClass(uint8_t* frame, int len) { - int wait = 0; - int samples = 0; - int par = 0; - - // This is tied to other size changes - // uint8_t* frame_addr = ((uint8_t*)BigBuf) + 2024; - CodeIClassCommand(frame,len); - - // Select the card - TransmitIClassCommand(ToSend, ToSendMax, &samples, &wait); - if(trigger) - LED_A_ON(); - - // Store reader command in buffer - if (tracing) LogTrace(frame,len,rsamples,par,TRUE); + int wait = 0; + int samples = 0; + + // This is tied to other size changes + // uint8_t* frame_addr = ((uint8_t*)BigBuf) + 2024; + CodeIClassCommand(frame,len); + + // Select the card + TransmitIClassCommand(ToSend, ToSendMax, &samples, &wait); + if(trigger) + LED_A_ON(); + + // Store reader command in buffer + if (tracing) { + uint8_t par[MAX_PARITY_SIZE]; + GetParity(frame, len, par); + LogTrace(frame, len, rsamples, rsamples, par, TRUE); + } } //----------------------------------------------------------------------------- @@@ -1440,11 -1464,7 +1440,11 @@@ int ReaderReceiveIClass(uint8_t* receiv int samples = 0; if (!GetIClassAnswer(receivedAnswer,160,&samples,0)) return FALSE; rsamples += samples; - if (tracing) LogTrace(receivedAnswer,Demod.len,rsamples,Demod.parityBits,FALSE); + if (tracing) { + uint8_t parity[MAX_PARITY_SIZE]; + GetParity(receivedAnswer, Demod.len, parity); + LogTrace(receivedAnswer,Demod.len,rsamples,rsamples,parity,FALSE); + } if(samples == 0) return FALSE; return Demod.len; } @@@ -1484,8 -1504,8 +1484,8 @@@ void ReaderIClass(uint8_t arg0) uint8_t card_data[24]={0}; uint8_t last_csn[8]={0}; - uint8_t* resp = (((uint8_t *)BigBuf) + 3560); // was 3560 - tied to other size changes - + uint8_t *resp = (((uint8_t *)BigBuf) + RECV_RESP_OFFSET); + int read_status= 0; bool abort_after_read = arg0 & FLAG_ICLASS_READER_ONLY_ONCE; @@@ -1575,8 -1595,8 +1575,8 @@@ void ReaderIClass_Replay(uint8_t arg0, int keyaccess; } memory; - uint8_t* resp = (((uint8_t *)BigBuf) + 3560); // was 3560 - tied to other size changes - + uint8_t* resp = (((uint8_t *)BigBuf) + RECV_RESP_OFFSET); + setupIclassReader(); @@@ -1694,7 -1714,7 +1694,7 @@@ void IClass_iso14443A_write(uint8_t arg uint16_t crc = 0; - uint8_t* resp = (((uint8_t *)BigBuf) + 3560); // was 3560 - tied to other size changes + uint8_t* resp = (((uint8_t *)BigBuf) + 3560); // Reset trace buffer memset(trace, 0x44, RECV_CMD_OFFSET);