dash/proxmark3
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

chg 'hf mf nested' - uses NG. chg 'hw tune' - now also prints the 'lf config q' divisor voltage.

Browse Source
This commit is contained in:
iceman1001
2019-10-03 16:15:47 +02:00
parent eccf0d3bbc
commit 5d3eb444fb
8 changed files with 175 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
armsrc/appmain.c
View File

@@ -143,11 +143,25 @@ uint16_t AvgAdc(int ch) {
void MeasureAntennaTuning(void) {
uint8_t LF_Results[256];
uint32_t i, peak = 0, peakv = 0, peakf = 0;
uint32_t v_lf125 = 0, v_lf134 = 0, v_hf = 0; // in mV
uint32_t peak = 0;
// in mVolt
struct p {
uint32_t v_lf134;
uint32_t v_lf125;
uint32_t v_lfconf;
uint32_t v_hf;
uint32_t peak_v;
uint32_t peak_f;
int divisor;
uint8_t results[256];
} PACKED payload;
memset(payload.results, 0, sizeof(payload.results));
sample_config *sc = getSamplingConfig();
payload.divisor = sc->divisor;
memset(LF_Results, 0, sizeof(LF_Results));
LED_B_ON();
/*
@@ -163,21 +177,26 @@ void MeasureAntennaTuning(void) {
FpgaWriteConfWord(FPGA_MAJOR_MODE_LF_ADC | FPGA_LF_ADC_READER_FIELD);
SpinDelay(50);
for (i = 255; i >= 19; i--) {
for (uint8_t i = 255; i >= 19; i--) {
WDT_HIT();
FpgaSendCommand(FPGA_CMD_SET_DIVISOR, i);
SpinDelay(20);
uint32_t adcval = ((MAX_ADC_LF_VOLTAGE * AvgAdc(ADC_CHAN_LF)) >> 10);
if (i == 95)
v_lf125 = adcval; // voltage at 125kHz
if (i == 89)
v_lf134 = adcval; // voltage at 134kHz
if (i == 96)
payload.v_lf125 = adcval; // voltage at 125kHz
LF_Results[i] = adcval >> 9; // scale int to fit in byte for graphing purposes
if (LF_Results[i] > peak) {
peakv = adcval;
peakf = i;
peak = LF_Results[i];
if (i == 89)
payload.v_lf134 = adcval; // voltage at 134kHz
if (i == sc->divisor)
payload.v_lfconf = adcval; // voltage at `lf config q`
payload.results[i] = adcval >> 9; // scale int to fit in byte for graphing purposes
if (payload.results[i] > peak) {
payload.peak_v = adcval;
payload.peak_f = i;
peak = payload.results[i];
}
}
@@ -186,23 +205,16 @@ void MeasureAntennaTuning(void) {
FpgaDownloadAndGo(FPGA_BITSTREAM_HF);
FpgaWriteConfWord(FPGA_MAJOR_MODE_HF_READER_RX_XCORR);
SpinDelay(50);
v_hf = (MAX_ADC_HF_VOLTAGE * AvgAdc(ADC_CHAN_HF)) >> 10;
payload.v_hf = (MAX_ADC_HF_VOLTAGE * AvgAdc(ADC_CHAN_HF)) >> 10;
// RDV40 will hit the roof, try other ADC channel used in that hardware revision.
if (v_hf > MAX_ADC_HF_VOLTAGE - 300) {
v_hf = (MAX_ADC_HF_VOLTAGE_RDV40 * AvgAdc(ADC_CHAN_HF_RDV40)) >> 10;
if (payload.v_hf > MAX_ADC_HF_VOLTAGE - 300) {
payload.v_hf = (MAX_ADC_HF_VOLTAGE_RDV40 * AvgAdc(ADC_CHAN_HF_RDV40)) >> 10;
}
uint64_t arg0 = v_lf134;
arg0 <<= 32;
arg0 |= v_lf125;
uint64_t arg2 = peakv;
arg2 <<= 32;
arg2 |= peakf;
reply_mix(CMD_MEASURE_ANTENNA_TUNING, arg0, v_hf, arg2, LF_Results, 256);
FpgaWriteConfWord(FPGA_MAJOR_MODE_OFF);
reply_ng(CMD_MEASURE_ANTENNA_TUNING, PM3_SUCCESS, (uint8_t*)&payload, sizeof(payload));
LEDsoff();
}
@@ -1083,7 +1095,16 @@ static void PacketReceived(PacketCommandNG *packet) {
break;
}
case CMD_HF_MIFARE_NESTED: {
MifareNested(packet->oldarg[0], packet->oldarg[1], packet->oldarg[2], packet->data.asBytes);
struct p {
uint8_t block;
uint8_t keytype;
uint8_t target_block;
uint8_t target_keytype;
bool calibrate;
uint8_t key[6];
} PACKED;
struct p *payload = (struct p *) packet->data.asBytes;
MifareNested(payload->block, payload->keytype, payload->target_block, payload->target_keytype, payload->calibrate, payload->key);
break;
}
case CMD_HF_MIFARE_CHKKEYS: {

6
armsrc/lfsampling.c
View File

@@ -24,11 +24,11 @@ Default LF config is set to:
divisor = 95 (125kHz)
trigger_threshold = 0
*/
sample_config config = { 1, 8, 1, 95, 0, 0 } ;
sample_config config = { 1, 8, 1, 96, 0, 0 } ;
void printConfig() {
DbpString(_BLUE_("LF Sampling config"));
Dbprintf(" [q] divisor.............%d ( "_GREEN_("%d kHz")")", config.divisor, 12000 / (config.divisor + 1));
Dbprintf(" [q] divisor.............%d ( "_GREEN_("%d kHz")")", config.divisor, 12000 / config.divisor);
Dbprintf(" [b] bps.................%d", config.bits_per_sample);
Dbprintf(" [d] decimation..........%d", config.decimation);
Dbprintf(" [a] averaging...........%s", (config.averaging) ? "Yes" : "No");
@@ -151,7 +151,7 @@ uint32_t DoAcquisition(uint8_t decimation, uint32_t bits_per_sample, bool averag
uint16_t checker = 0;
while (true) {
if (checker == 1000) {
if (checker == 2000) {
if (BUTTON_PRESS() || data_available())
break;
else

49
armsrc/mifarecmd.c
View File

@@ -866,26 +866,20 @@ void MifareAcquireEncryptedNonces(uint32_t arg0, uint32_t arg1, uint32_t flags,
// MIFARE nested authentication.
//
//-----------------------------------------------------------------------------
void MifareNested(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain) {
// params
uint8_t blockNo = arg0 & 0xff;
uint8_t keyType = (arg0 >> 8) & 0xff;
uint8_t targetBlockNo = arg1 & 0xff;
uint8_t targetKeyType = (arg1 >> 8) & 0xff;
// calibrate = arg2
void MifareNested(uint8_t blockNo, uint8_t keyType, uint8_t targetBlockNo, uint8_t targetKeyType, bool calibrate, uint8_t *key) {
uint64_t ui64Key = 0;
ui64Key = bytes_to_num(datain, 6);
ui64Key = bytes_to_num(key, 6);
// variables
uint16_t i, j, len;
static uint16_t dmin, dmax;
uint8_t par[1] = {0x00};
uint8_t par_array[4] = {0x00};
uint8_t uid[10] = {0x00};
uint32_t cuid = 0, nt1, nt2, nttest, ks1;
uint8_t par[1] = {0x00};
uint32_t target_nt[2] = {0x00}, target_ks[2] = {0x00};
uint8_t par_array[4] = {0x00};
uint16_t ncount = 0;
struct Crypto1State mpcs = {0, 0};
struct Crypto1State *pcs;
@@ -903,13 +897,15 @@ void MifareNested(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain)
BigBuf_free();
BigBuf_Clear_ext(false);
if (arg2) clear_trace();
if (calibrate)
clear_trace();
set_tracing(true);
// statistics on nonce distance
int16_t isOK = 0;
#define NESTED_MAX_TRIES 12
if (arg2) { // calibrate: for first call only. Otherwise reuse previous calibration
if (calibrate) { // calibrate: for first call only. Otherwise reuse previous calibration
LED_B_ON();
WDT_HIT();
@@ -1061,15 +1057,28 @@ void MifareNested(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain)
crypto1_destroy(pcs);
uint8_t buf[4 + 4 * 4] = {0};
memcpy(buf, &cuid, 4);
memcpy(buf + 4, &target_nt[0], 4);
memcpy(buf + 8, &target_ks[0], 4);
memcpy(buf + 12, &target_nt[1], 4);
memcpy(buf + 16, &target_ks[1], 4);
struct p {
int16_t isOK;
uint8_t block;
uint8_t keytype;
uint8_t cuid[4];
uint8_t nt_a[4];
uint8_t ks_a[4];
uint8_t nt_b[4];
uint8_t ks_b[4];
} PACKED payload;
payload.isOK = isOK;
payload.block = targetBlockNo;
payload.keytype = targetKeyType;
memcpy(payload.cuid, &cuid, 4);
memcpy(payload.nt_a, &target_nt[0], 4);
memcpy(payload.ks_a, &target_ks[0], 4);
memcpy(payload.nt_b, &target_nt[1], 4);
memcpy(payload.ks_b, &target_ks[1], 4);
LED_B_ON();
reply_mix(CMD_ACK, isOK, 0, targetBlockNo + (targetKeyType * 0x100), buf, sizeof(buf));
reply_ng(CMD_HF_MIFARE_NESTED, PM3_SUCCESS, (uint8_t*)&payload, sizeof(payload));
LED_B_OFF();
if (DBGLEVEL >= 3) DbpString("NESTED FINISHED");

4
armsrc/mifarecmd.h
View File

@@ -21,8 +21,10 @@ void MifareUReadCard(uint8_t arg0, uint16_t arg1, uint8_t arg2, uint8_t *datain)
void MifareReadSector(uint8_t arg0, uint8_t arg1, uint8_t *datain);
void MifareWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t *datain);
//void MifareUWriteBlockCompat(uint8_t arg0,uint8_t *datain);
void MifareUWriteBlock(uint8_t arg0, uint8_t arg1, uint8_t *datain);
void MifareNested(uint32_t arg0, uint32_t arg1, uint32_t arg2, uint8_t *datain);
void MifareNested(uint8_t blockNo, uint8_t keyType, uint8_t targetBlockNo, uint8_t targetKeyType, bool calibrate, uint8_t *key);
void MifareAcquireEncryptedNonces(uint32_t arg0, uint32_t arg1, uint32_t flags, uint8_t *datain);
void MifareAcquireNonces(uint32_t arg0, uint32_t flags);
void MifareChkKeys(uint8_t *datain);