diff --git a/armsrc/appmain.c b/armsrc/appmain.c index c27788a9e..019f2371f 100644 --- a/armsrc/appmain.c +++ b/armsrc/appmain.c @@ -2215,41 +2215,39 @@ static void PacketReceived(PacketCommandNG *packet) { } case CMD_FLASHMEM_WRITE: { LED_B_ON(); - uint8_t isok = 0; - uint16_t res = 0; - uint32_t startidx = packet->oldarg[0]; - uint16_t len = packet->oldarg[1]; - uint8_t *data = packet->data.asBytes; - if (!FlashInit()) { + flashmem_old_write_t *payload = (flashmem_old_write_t *)packet->data.asBytes; + + if (FlashInit() == false) { + reply_ng(CMD_FLASHMEM_WRITE, PM3_EIO, NULL, 0); + LED_B_OFF(); break; } - if (startidx == DEFAULT_T55XX_KEYS_OFFSET) { + if (payload->startidx == DEFAULT_T55XX_KEYS_OFFSET) { Flash_CheckBusy(BUSY_TIMEOUT); Flash_WriteEnable(); Flash_Erase4k(3, 0xC); - } else if (startidx == DEFAULT_MF_KEYS_OFFSET) { + } else if (payload->startidx == DEFAULT_MF_KEYS_OFFSET) { Flash_CheckBusy(BUSY_TIMEOUT); Flash_WriteEnable(); Flash_Erase4k(3, 0x9); Flash_CheckBusy(BUSY_TIMEOUT); Flash_WriteEnable(); Flash_Erase4k(3, 0xA); - } else if (startidx == DEFAULT_ICLASS_KEYS_OFFSET) { + } else if (payload->startidx == DEFAULT_ICLASS_KEYS_OFFSET) { Flash_CheckBusy(BUSY_TIMEOUT); Flash_WriteEnable(); Flash_Erase4k(3, 0xB); - } else if (startidx == FLASH_MEM_SIGNATURE_OFFSET) { + } else if (payload->startidx == FLASH_MEM_SIGNATURE_OFFSET) { Flash_CheckBusy(BUSY_TIMEOUT); Flash_WriteEnable(); Flash_Erase4k(3, 0xF); } - res = Flash_Write(startidx, data, len); - isok = (res == len) ? 1 : 0; + uint16_t res = Flash_Write(payload->startidx, payload->data, payload->len); - reply_mix(CMD_ACK, isok, 0, 0, 0, 0); + reply_ng(CMD_FLASHMEM_WRITE, (res == payload->len) ? PM3_SUCCESS : PM3_ESOFT, NULL, 0); LED_B_OFF(); break; } diff --git a/client/src/cmdflashmem.c b/client/src/cmdflashmem.c index dfd5517d0..e036bce32 100644 --- a/client/src/cmdflashmem.c +++ b/client/src/cmdflashmem.c @@ -90,21 +90,27 @@ int rdv4_validate(rdv40_validation_t *mem) { } static int rdv4_sign_write(uint8_t *signature, uint8_t slen) { - // save to mem + flashmem_old_write_t payload = { + .startidx = FLASH_MEM_SIGNATURE_OFFSET, + .len = FLASH_MEM_SIGNATURE_LEN, + }; + memcpy(payload.data, signature, slen); + clearCommandBuffer(); PacketResponseNG resp; - SendCommandOLD(CMD_FLASHMEM_WRITE, FLASH_MEM_SIGNATURE_OFFSET, FLASH_MEM_SIGNATURE_LEN, 0, signature, slen); - if (!WaitForResponseTimeout(CMD_ACK, &resp, 2000)) { - PrintAndLogEx(WARNING, "timeout while waiting for reply."); + SendCommandNG(CMD_FLASHMEM_WRITE, (uint8_t*)&payload, sizeof(payload)); + + if (WaitForResponseTimeout(CMD_FLASHMEM_WRITE, &resp, 2000) == false) { + PrintAndLogEx(WARNING, "timeout while waiting for reply"); + return PM3_EFAILED; } else { - if (!resp.oldarg[0]) { + if (resp.status != PM3_SUCCESS) { PrintAndLogEx(FAILED, "Writing signature ( "_RED_("fail") ")"); - } else { - PrintAndLogEx(SUCCESS, "Writing signature at offset %u ( "_GREEN_("ok") " )", FLASH_MEM_SIGNATURE_OFFSET); - return PM3_SUCCESS; - } + return PM3_EFAILED; + } } - return PM3_EFAILED; + PrintAndLogEx(SUCCESS, "Writing signature at offset %u ( "_GREEN_("ok") " )", FLASH_MEM_SIGNATURE_OFFSET); + return PM3_SUCCESS; } static int CmdFlashmemSpiBaud(const char *Cmd) { @@ -265,6 +271,7 @@ static int CmdFlashMemLoad(const char *Cmd) { uint32_t bytes_sent = 0; uint32_t bytes_remaining = datalen; + // fast push mode conn.block_after_ACK = true; @@ -273,23 +280,28 @@ static int CmdFlashMemLoad(const char *Cmd) { clearCommandBuffer(); - SendCommandOLD(CMD_FLASHMEM_WRITE, offset + bytes_sent, bytes_in_packet, 0, data + bytes_sent, bytes_in_packet); + flashmem_old_write_t payload = { + .startidx = offset + bytes_sent, + .len = bytes_in_packet, + }; + memcpy(payload.data, data + bytes_sent, bytes_in_packet); + SendCommandNG(CMD_FLASHMEM_WRITE, (uint8_t*)&payload, sizeof(payload)); bytes_remaining -= bytes_in_packet; bytes_sent += bytes_in_packet; PacketResponseNG resp; - if (WaitForResponseTimeout(CMD_ACK, &resp, 2000) == false) { + if (WaitForResponseTimeout(CMD_FLASHMEM_WRITE, &resp, 2000) == false) { PrintAndLogEx(WARNING, "timeout while waiting for reply."); conn.block_after_ACK = false; free(data); return PM3_ETIMEOUT; } - uint8_t isok = resp.oldarg[0] & 0xFF; - if (!isok) { + if (resp.status != PM3_SUCCESS) { conn.block_after_ACK = false; PrintAndLogEx(FAILED, "Flash write fail [offset %u]", bytes_sent); + free(data); return PM3_EFLASH; } } diff --git a/include/pm3_cmd.h b/include/pm3_cmd.h index 5cee586d2..d65e457c5 100644 --- a/include/pm3_cmd.h +++ b/include/pm3_cmd.h @@ -393,6 +393,14 @@ typedef struct { uint8_t data[]; } PACKED flashmem_write_t; +// when CMD_FLASHMEM_WRITE old flashmem commands +typedef struct { + uint32_t startidx; + uint16_t len; + uint8_t data[PM3_CMD_DATA_SIZE - sizeof(uint32_t) - sizeof(uint16_t)]; +} PACKED flashmem_old_write_t; + + //----------------------------------------------------------------------------- // ISO 7618 Smart Card //-----------------------------------------------------------------------------