From 2fc26fbf3553c3c5497342174f2cf108582b0bbe Mon Sep 17 00:00:00 2001 From: "Colin J. Brigato" Date: Sun, 14 Jul 2019 13:29:40 +0200 Subject: [PATCH] HF_COLIN/STANDALONE: FIX Simulation/Writing Tag to flash/Reading back from flash * Simulation was broke by the 4/7/10 UID lenght pseudo-support (which, in regard of the whole, will never be of any use unless complete reimplementaiton). Kept this part as respect, but enforced UID_IN_EMUL, since it will _ALWAYS_ be the case, be it direct simulation after tag breaking or from reading back tag. * Writing tag was broken when flashmem driver had SPI settings changed, enforcing 48MHz speed as necessity for some work (like in hf_bog), so now it is * Reading back, however, should absolutely be done at 24Mhz to avoid those unecessary and unstable [On this chip] FAST_READS. Should worsk flawlessly now. If one has spare time, handling getting new keys or defining whole Schemes in Flashmem would be perfect. Just has to be a conditional and a 8/16key ordered answer. --- armsrc/Standalone/hf_colin.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/armsrc/Standalone/hf_colin.c b/armsrc/Standalone/hf_colin.c index 63366259e..060c4af06 100644 --- a/armsrc/Standalone/hf_colin.c +++ b/armsrc/Standalone/hf_colin.c @@ -101,6 +101,8 @@ void ReadLastTagFromFlash() { size_t size = len; uint8_t *mem = BigBuf_malloc(size); + FlashmemSetSpiBaudrate(24000000); + if (!FlashInit()) { return; } @@ -148,6 +150,9 @@ void WriteTagToFlash(uint8_t index, size_t size) { emlGetMem(data, 0, (size * 64) / 1024); + + FlashmemSetSpiBaudrate(48000000); + if (!FlashInit()) { return; } @@ -424,7 +429,7 @@ failtag: //----------------------------------------------------------------------------- // also we could avoid first UID check for every block - // then let’s expose this “optimal case” of “well known vigik schemes” : + // then let's expose this “optimal case” of “well known vigik schemes” : for (uint8_t type = 0; type < 2 && !err && !trapped; type++) { for (int sec = 0; sec < sectorsCnt && !err && !trapped; ++sec) { key = cjat91_saMifareChkKeys(sec * 4, type, NULL, size, &keyBlock[0], &key64); @@ -783,10 +788,18 @@ readysim: case 7: flags = FLAG_7B_UID_IN_DATA; break; - default: + case 4: flags = FLAG_4B_UID_IN_DATA; break; + default: + flags = FLAG_UID_IN_EMUL; + break; } + + // Use UID, SAK, ATQA from EMUL, if uid not defined + //if ((flags & (FLAG_4B_UID_IN_DATA | FLAG_7B_UID_IN_DATA | FLAG_10B_UID_IN_DATA)) == 0) { + flags |= FLAG_UID_IN_EMUL; + //} Mifare1ksim(flags | FLAG_MF_1K, 0, cjuid); LED_C_OFF(); SpinOff(50); @@ -902,7 +915,7 @@ int e_MifareECardLoad(uint32_t numofsectors, uint8_t keytype) { return (isOK) ? PM3_SUCCESS : PM3_EUNDEF; } -/* the chk function is a piwi’ed(tm) check that will try all keys for +/* the chk function is a piwi'ed(tm) check that will try all keys for a particular sector. also no tracing no dbg */ int cjat91_saMifareChkKeys(uint8_t blockNo, uint8_t keyType, bool clearTrace, uint8_t keyCount, uint8_t *datain, uint64_t *key) { DBGLEVEL = DBG_NONE;