* fix parity encryption (thanks to Eloff, http://www.proxmark.org/forum/viewtopic.php?id=6347)
* add support to simulate Mifare Mini, Mifare 2K and Mifare 4K
* change to standard LED handling (A: PM is working, B: reader is sending, C: tag is responding, D: HF field is on)
* NAK on unknown commands
* allow unencrypted HALT
* don't display messages during simulation (or we will miss next reader command)
* use DMA to receive reader command
* switch earlier from send to listen mode
* move ADC initializer to iso14443_setup
* remove remainders of incomplete Mifare 10Byte UID simulation
* show 'short' bytes (7Bits or 8Bits without parity) in 'hf list mf' and 'hf list 14a'
* whitespace
* Add raw HF signal plotting
* new fpga module hi_get_trace.v - store A/D converter output to circular buffer on FPGA
* new command 'hf plot' - pull data from FPGA and display it in Graph Window
* fixing hf 15: implement hf 15 snoop
* rename hf 15 record to hf 15 snoop
* speedup sampling / decoding:
* new FPGA mode FPGA_HF_READER_RX_XCORR_AMPLITUDE implements amplitude(ci, cq) on FPGA
* inlining the decoders in iso15693.c
* inlining memcpy/memset in LogTrace()
* giving up the moving correlator for SOF in Handle15693SamplesFromTag
* decode more of EOF in Handle15693SamplesFromTag()
* some refactoring
* detect and use RDV40 higher voltage ADC channel for hw tune, hf tune, hw detectreader
* fix mode switching in hw detectreader
* detect Smartcard Slot in hw version
* i2c changes from https://github.com/RfidResearchGroup/proxmark3
* some formatting in proxmark3.h
* rework iso14443b device functions
* hf_read_rx_xcorr.v: transfer i/q pair in one 16bit frame
* hi_read_tx.v: invert ssp_dout. When nothing is transferred (ssp_dout=0), this results in no modulation (carrier on)
* adjust arm sources accordingly
* iso14443b.c: switch off carrier after hf 14b sri512read and hf 14b srix4kread
* iso14443b.c: fix DMA circular buffer handling
* prevent WDT crash on repeated tries
* comes with faster execution as side effect
* use uint8_t instead of byte_t
* populate ar instead of (correctly) assuming that it is zero
* remove the "will take a few seconds longer" message because it is no longer true
* allow additional 2 ssp_frame cycles to detect SOF
* use only respective functions to get/set iso14a_timeout
* remove waiting time in MifareAcquireEncryptedNonces(). This is covered by GetATQA() now.
* more timing fixes
* correctly determine correction bit (taken from iceman's fork)
* add checking of Access Conditions for Read command
* never allow reading KeyA
* move to separate files mifaresim.[ch]
* check CRC of commands
* don't execute commands without successfull authentication
* ensure correct timing of REQA, WUPA, ANTICOL and SELECT responses
* trace reader commands immediately, only fix start time after tag response. Decreases time to be ready for next reader command.
* remove iso14443-4 remnants
* trace raw reader commands instead of decrypted ones
* some refactoring
* fix hf mf sim
* timing: decrease time to get ready for new reader commands
- Check button press when there is NOFIELD, so we can exit also without FIELD
- struct nonces_t is moved to include/mifare.h so client and arm has the same definition
- Don't increment the nonce when random mode is disabled (this breaks the
standard attack).
- Don't attempt the standard attack when random mode is enabled (there's no
point as it won't work, per comments from @pwpiwi).
- Attempt the moebius attack if the standard attack fails.
This makes the PM3 generate pseudo-random nonces rather than sequential
nonces, to make it act a bit more like a "real" MFC card. A reader would
otherwise be able to detect the PM3 probing based on the predictable nonces
and throw different authentication challenges (or refuse to authenticate at
all).
The code includes an implementation of a rand-like function (prand), similar
to the one from libc, which is seeded automatically based on the time it
takes between the PM3 starting up and the first call to the RNG.
This isn't cryptographically random, but should be "good enough" to be able
to evade basic detection.
also cleaned up some comments
note previous update added the creation of a stats.txt file to generate
statistics of the differences between std mfkey32 and the moebius
version.
