mirror of
https://github.com/Proxmark/proxmark3.git
synced 2025-02-27 00:55:14 +08:00
Merge pull request #118 from marshmellow42/master
fix t55xx write timing
This commit is contained in:
Martin Holst Swende
commit
b8d34d0598
5 changed files with 80 additions and 42 deletions
|
|
@ -1024,10 +1024,10 @@ void CmdIOdemodFSK(int findone, int *high, int *low, int ledcontrol)
|
|||
* To compensate antenna falling times shorten the write times
|
||||
* and enlarge the gap ones.
|
||||
*/
|
||||
#define START_GAP 50*8 // 10 - 50fc 250
|
||||
#define WRITE_GAP 20*8 // - 30fc 160
|
||||
#define WRITE_0 24*8 // 16 - 63fc 54fc 144
|
||||
#define WRITE_1 54*8 // 48 - 63fc 54fc 432 for T55x7; 448 for E5550 //400
|
||||
#define START_GAP 31*8 // was 250 // SPEC: 1*8 to 50*8 - typ 15*8 (or 15fc)
|
||||
#define WRITE_GAP 20*8 // was 160 // SPEC: 1*8 to 20*8 - typ 10*8 (or 10fc)
|
||||
#define WRITE_0 18*8 // was 144 // SPEC: 16*8 to 32*8 - typ 24*8 (or 24fc)
|
||||
#define WRITE_1 50*8 // was 400 // SPEC: 48*8 to 64*8 - typ 56*8 (or 56fc) 432 for T55x7; 448 for E5550
|
||||
|
||||
#define T55xx_SAMPLES_SIZE 12000 // 32 x 32 x 10 (32 bit times numofblock (7), times clock skip..)
|
||||
|
||||
|
|
|
|||
|
|
@ -392,7 +392,7 @@ int Cmdmandecoderaw(const char *Cmd)
|
|||
int errCnt=0;
|
||||
size_t size=0;
|
||||
int invert=0;
|
||||
size_t maxErr = 20;
|
||||
int maxErr = 20;
|
||||
char cmdp = param_getchar(Cmd, 0);
|
||||
if (strlen(Cmd) > 5 || cmdp == 'h' || cmdp == 'H') {
|
||||
PrintAndLog("Usage: data manrawdecode [invert] [maxErr]");
|
||||
|
|
@ -1546,12 +1546,12 @@ int PSKDemod(const char *Cmd, bool verbose)
|
|||
clk=0;
|
||||
}
|
||||
if (invert != 0 && invert != 1) {
|
||||
if (verbose) PrintAndLog("Invalid argument: %s", Cmd);
|
||||
if (g_debugMode || verbose) PrintAndLog("Invalid argument: %s", Cmd);
|
||||
return 0;
|
||||
}
|
||||
uint8_t BitStream[MAX_GRAPH_TRACE_LEN]={0};
|
||||
size_t BitLen = getFromGraphBuf(BitStream);
|
||||
if (BitLen==0) return -1;
|
||||
if (BitLen==0) return 0;
|
||||
uint8_t carrier=countFC(BitStream, BitLen, 0);
|
||||
if (carrier!=2 && carrier!=4 && carrier!=8){
|
||||
//invalid carrier
|
||||
|
|
|
|||
|
|
@ -57,13 +57,13 @@ uint8_t default_pwd_pack[KEYS_PWD_COUNT][4] = {
|
|||
{0x32,0x0C,0x16,0x17}, // PACK 0x80,0x80 -- AMiiboo (sniffed)
|
||||
};
|
||||
|
||||
#define MAX_UL_TYPES 17
|
||||
uint16_t UL_TYPES_ARRAY[MAX_UL_TYPES] = {UNKNOWN, UL, UL_C, UL_EV1_48, UL_EV1_128, NTAG, NTAG_203,
|
||||
NTAG_210, NTAG_212, NTAG_213, NTAG_215, NTAG_216, MY_D, MY_D_NFC, MY_D_MOVE, MY_D_MOVE_NFC, MY_D_MOVE_LEAN};
|
||||
#define MAX_UL_TYPES 18
|
||||
uint32_t UL_TYPES_ARRAY[MAX_UL_TYPES] = {UNKNOWN, UL, UL_C, UL_EV1_48, UL_EV1_128, NTAG, NTAG_203,
|
||||
NTAG_210, NTAG_212, NTAG_213, NTAG_215, NTAG_216, MY_D, MY_D_NFC, MY_D_MOVE, MY_D_MOVE_NFC, MY_D_MOVE_LEAN, FUDAN_UL};
|
||||
|
||||
uint8_t UL_MEMORY_ARRAY[MAX_UL_TYPES] = {MAX_UL_BLOCKS, MAX_UL_BLOCKS, MAX_ULC_BLOCKS, MAX_ULEV1a_BLOCKS,
|
||||
MAX_ULEV1b_BLOCKS, MAX_NTAG_203, MAX_NTAG_203, MAX_NTAG_210, MAX_NTAG_212, MAX_NTAG_213,
|
||||
MAX_NTAG_215, MAX_NTAG_216, MAX_UL_BLOCKS, MAX_MY_D_NFC, MAX_MY_D_MOVE, MAX_MY_D_MOVE, MAX_MY_D_MOVE_LEAN};
|
||||
MAX_NTAG_215, MAX_NTAG_216, MAX_UL_BLOCKS, MAX_MY_D_NFC, MAX_MY_D_MOVE, MAX_MY_D_MOVE, MAX_MY_D_MOVE_LEAN, MAX_UL_BLOCKS};
|
||||
|
||||
|
||||
static int CmdHelp(const char *Cmd);
|
||||
|
|
@ -276,6 +276,38 @@ static int ulev1_readSignature( uint8_t *response, uint16_t responseLength ){
|
|||
return len;
|
||||
}
|
||||
|
||||
|
||||
// Fudan check checks for which error is given for a command with incorrect crc
|
||||
// NXP UL chip responds with 01, fudan 00.
|
||||
// other possible checks:
|
||||
// send a0 + crc
|
||||
// UL responds with 00, fudan doesn't respond
|
||||
// or
|
||||
// send a200 + crc
|
||||
// UL doesn't respond, fudan responds with 00
|
||||
// or
|
||||
// send 300000 + crc (read with extra byte(s))
|
||||
// UL responds with read of page 0, fudan doesn't respond.
|
||||
//
|
||||
// make sure field is off before calling this function
|
||||
static int ul_fudan_check( void ){
|
||||
iso14a_card_select_t card;
|
||||
if ( !ul_select(&card) )
|
||||
return UL_ERROR;
|
||||
|
||||
UsbCommand c = {CMD_READER_ISO_14443a, {ISO14A_RAW | ISO14A_NO_DISCONNECT, 4, 0}};
|
||||
|
||||
uint8_t cmd[4] = {0x30,0x00,0x02,0xa7}; //wrong crc on purpose should be 0xa8
|
||||
memcpy(c.d.asBytes, cmd, 4);
|
||||
clearCommandBuffer();
|
||||
SendCommand(&c);
|
||||
UsbCommand resp;
|
||||
if (!WaitForResponseTimeout(CMD_ACK, &resp, 1500)) return UL_ERROR;
|
||||
if (resp.arg[0] != 1) return UL_ERROR;
|
||||
|
||||
return (!resp.d.asBytes[0]) ? FUDAN_UL : UL; //if response == 0x00 then Fudan, else Genuine NXP
|
||||
}
|
||||
|
||||
static int ul_print_default( uint8_t *data){
|
||||
|
||||
uint8_t uid[7];
|
||||
|
|
@ -389,6 +421,8 @@ int ul_print_type(uint32_t tagtype, uint8_t spaces){
|
|||
PrintAndLog("%sTYPE : INFINEON my-d\x99 move NFC (SLE 66R01P)", spacer);
|
||||
else if ( tagtype & MY_D_MOVE_LEAN )
|
||||
PrintAndLog("%sTYPE : INFINEON my-d\x99 move lean (SLE 66R01L)", spacer);
|
||||
else if ( tagtype & FUDAN_UL )
|
||||
PrintAndLog("%sTYPE : FUDAN Ultralight Compatible (or other compatible) %s", spacer, (tagtype & MAGIC) ? "<magic>" : "" );
|
||||
else
|
||||
PrintAndLog("%sTYPE : Unknown %06x", spacer, tagtype);
|
||||
return 0;
|
||||
|
|
@ -622,6 +656,10 @@ uint32_t GetHF14AMfU_Type(void){
|
|||
ul_switch_off_field();
|
||||
}
|
||||
}
|
||||
if (tagtype & UL) {
|
||||
tagtype = ul_fudan_check();
|
||||
ul_switch_off_field();
|
||||
}
|
||||
} else {
|
||||
ul_switch_off_field();
|
||||
// Infinition MY-D tests Exam high nibble
|
||||
|
|
@ -870,10 +908,6 @@ int CmdHF14AMfUWrBl(const char *Cmd){
|
|||
uint8_t authenticationkey[16] = {0x00};
|
||||
uint8_t *authKeyPtr = authenticationkey;
|
||||
|
||||
// starting with getting tagtype
|
||||
TagTypeUL_t tagtype = GetHF14AMfU_Type();
|
||||
if (tagtype == UL_ERROR) return -1;
|
||||
|
||||
while(param_getchar(Cmd, cmdp) != 0x00)
|
||||
{
|
||||
switch(param_getchar(Cmd, cmdp))
|
||||
|
|
@ -905,21 +939,10 @@ int CmdHF14AMfUWrBl(const char *Cmd){
|
|||
case 'b':
|
||||
case 'B':
|
||||
blockNo = param_get8(Cmd, cmdp+1);
|
||||
|
||||
uint8_t maxblockno = 0;
|
||||
for (uint8_t idx = 0; idx < MAX_UL_TYPES; idx++){
|
||||
if (tagtype & UL_TYPES_ARRAY[idx])
|
||||
maxblockno = UL_MEMORY_ARRAY[idx];
|
||||
}
|
||||
|
||||
if (blockNo < 0) {
|
||||
PrintAndLog("Wrong block number");
|
||||
errors = true;
|
||||
}
|
||||
if (blockNo > maxblockno){
|
||||
PrintAndLog("block number too large. Max block is %u/0x%02X \n", maxblockno,maxblockno);
|
||||
errors = true;
|
||||
}
|
||||
cmdp += 2;
|
||||
break;
|
||||
case 'l':
|
||||
|
|
@ -946,6 +969,19 @@ int CmdHF14AMfUWrBl(const char *Cmd){
|
|||
}
|
||||
|
||||
if ( blockNo == -1 ) return usage_hf_mfu_wrbl();
|
||||
// starting with getting tagtype
|
||||
TagTypeUL_t tagtype = GetHF14AMfU_Type();
|
||||
if (tagtype == UL_ERROR) return -1;
|
||||
|
||||
uint8_t maxblockno = 0;
|
||||
for (uint8_t idx = 0; idx < MAX_UL_TYPES; idx++){
|
||||
if (tagtype & UL_TYPES_ARRAY[idx])
|
||||
maxblockno = UL_MEMORY_ARRAY[idx];
|
||||
}
|
||||
if (blockNo > maxblockno){
|
||||
PrintAndLog("block number too large. Max block is %u/0x%02X \n", maxblockno,maxblockno);
|
||||
return usage_hf_mfu_wrbl();
|
||||
}
|
||||
|
||||
// Swap endianness
|
||||
if (swapEndian && hasAuthKey) authKeyPtr = SwapEndian64(authenticationkey, 16, 8);
|
||||
|
|
@ -997,10 +1033,6 @@ int CmdHF14AMfURdBl(const char *Cmd){
|
|||
uint8_t authenticationkey[16] = {0x00};
|
||||
uint8_t *authKeyPtr = authenticationkey;
|
||||
|
||||
// starting with getting tagtype
|
||||
TagTypeUL_t tagtype = GetHF14AMfU_Type();
|
||||
if (tagtype == UL_ERROR) return -1;
|
||||
|
||||
while(param_getchar(Cmd, cmdp) != 0x00)
|
||||
{
|
||||
switch(param_getchar(Cmd, cmdp))
|
||||
|
|
@ -1032,21 +1064,10 @@ int CmdHF14AMfURdBl(const char *Cmd){
|
|||
case 'b':
|
||||
case 'B':
|
||||
blockNo = param_get8(Cmd, cmdp+1);
|
||||
|
||||
uint8_t maxblockno = 0;
|
||||
for (uint8_t idx = 0; idx < MAX_UL_TYPES; idx++){
|
||||
if (tagtype & UL_TYPES_ARRAY[idx])
|
||||
maxblockno = UL_MEMORY_ARRAY[idx];
|
||||
}
|
||||
|
||||
if (blockNo < 0) {
|
||||
PrintAndLog("Wrong block number");
|
||||
errors = true;
|
||||
}
|
||||
if (blockNo > maxblockno){
|
||||
PrintAndLog("block number to large. Max block is %u/0x%02X \n", maxblockno,maxblockno);
|
||||
errors = true;
|
||||
}
|
||||
cmdp += 2;
|
||||
break;
|
||||
case 'l':
|
||||
|
|
@ -1064,6 +1085,19 @@ int CmdHF14AMfURdBl(const char *Cmd){
|
|||
}
|
||||
|
||||
if ( blockNo == -1 ) return usage_hf_mfu_rdbl();
|
||||
// start with getting tagtype
|
||||
TagTypeUL_t tagtype = GetHF14AMfU_Type();
|
||||
if (tagtype == UL_ERROR) return -1;
|
||||
|
||||
uint8_t maxblockno = 0;
|
||||
for (uint8_t idx = 0; idx < MAX_UL_TYPES; idx++){
|
||||
if (tagtype & UL_TYPES_ARRAY[idx])
|
||||
maxblockno = UL_MEMORY_ARRAY[idx];
|
||||
}
|
||||
if (blockNo > maxblockno){
|
||||
PrintAndLog("block number to large. Max block is %u/0x%02X \n", maxblockno,maxblockno);
|
||||
return usage_hf_mfu_rdbl();
|
||||
}
|
||||
|
||||
// Swap endianness
|
||||
if (swapEndian && hasAuthKey) authKeyPtr = SwapEndian64(authenticationkey, 16, 8);
|
||||
|
|
|
|||
|
|
@ -45,7 +45,8 @@ typedef enum TAGTYPE_UL {
|
|||
MY_D_MOVE_LEAN= 0x008000,
|
||||
NTAG_I2C_1K = 0x010000,
|
||||
NTAG_I2C_2K = 0x020000,
|
||||
MAGIC = 0x040000,
|
||||
FUDAN_UL = 0x040000,
|
||||
MAGIC = 0x080000,
|
||||
UL_MAGIC = UL | MAGIC,
|
||||
UL_C_MAGIC = UL_C | MAGIC,
|
||||
UL_ERROR = 0xFFFFFF,
|
||||
|
|
|
|||
|
|
@ -20,6 +20,9 @@
|
|||
#include "cmdlf.h"
|
||||
#include "cmdlfem4x.h"
|
||||
#include "lfdemod.h"
|
||||
|
||||
#define llx PRIx64
|
||||
|
||||
char *global_em410xId;
|
||||
|
||||
static int CmdHelp(const char *Cmd);
|
||||
|
|
|
|||
Loading…
Reference in a new issue