Things like the ICLASS, tryDecryptWord,
--
My other stuff like default keys, some new Mifare EV1 commands 0x40, 0x43 for the logging annotation, start of the T55x7 configblock helper functionality (ripped from Adam Lauries RFIdler code)
Changes to the PCF7931 functions written, which has a lousy input check..
.. ntag simulation stuff from @marshmellows branch "ntag/sim"
.. hf mf mifare fixes from @pwpivi.
.. hw status command
.. speedtest function from @pwpivi
.. Viking Functionalities, (not a proper DEMOD, but a start)
.. GetCountUS better precision from @pwpivi
.. bin2hex, hex2bin from @holiman
...
starting with getting the T55x7 CONFIGURATION_BLOCK for different clone situations. Ripped from Adam Lauries RFidler, nothing working or finished..
...
Started working with the T55x7 read command with password actually performs a write block... See Issue #136https://github.com/Proxmark/proxmark3/issues/136 Not solved yet.
...
Started add SHA256.. not working yet..
MERGED: @piwi changes
MERGED: @marshmellows changes.
I'm not even gonna try write up all that stuff..
ADD: changed some commands inside the "Hf 14a sim" on deviceside.
ADD: @mobeius "two nonce" version for mfkey32. It is also inside the "hf 14a sim" with the "x" parameter.
FIX: 14b sim changes in iso14443b.c , *experimental* I took some timing loops from "14a sim" armsrc/iso14443a.c and merged it into the "14b sim". Now using two pm3's I can have one simulating and the other reading and it works. Ask @pwpiwi if you want to know more of what those timing loops does. Something about waiting for the fpga delay queue...
ADD: "hf 14a sim t 7" now implements a simple incr_counter command. it sends ACK to all requests.
ADD: "hf 14a sim t 7" now prints the password when a "0x1B" (Authenticate) command is received.
MOV: moved the try32/try64 attacks (mfkey32/mfkey64) into the nonce2key.c file
CHG: added @marshmellow42 changes to hf mfu dump layout.
ADD: an extra call to BigBuf_free in readcard.. just to make sure that it doesn't leak memory.
ADD: expermimental call to "try32" for "hf mf sim x".
In Miller Decoder: don't wait too long for a stable signal
In Miller Decoder: Don't accept sequences of four or more zeroes as start bit
In EmSendCmd14443aRaw: don't wait for emptying the FPGA delay queue if it isn't filled
- provided a BigBuf_malloc() function to dynamically allocate parts of BigBuf
e.g. for DMA-Buffers, Frame-Buffers, Emulator-Memory
- the whole rest of BigBuf is now available for traces (instead of a small fixed amount)
- send actual traceLen together with trace data
- changed client side to cope with varying traceLen
- changed small buffers to automatic variables instead of parts of BigBuf
ADD: added a manufacturer list in "hf 14a reader", only viable when UID is double or triple size. Thanks to Asper for the list.
ADD: detect chinese magic backdoor commands in "hf 14a reader"
CHG: minor code clean up.
CHG: USB_CMD_DATA_SIZE is now used as maxsize for transfer of data between client and pm3device
CHG: suggested a fix for the underscore problem in ioclass\fileutils.c
ADD: tnp3xx support
ADD: nxp tag idents.
ADD: identifiction of chinese backdoor commands to hf 14a reader.
- introduced with the big frame and parity support (commit 6a1f2d82): tag responses with len%8 == 0 were dropped - thanks iceman for testing and finding
- after unsuccessful hf 14a reader the field stayed on. Thanks to iceman for proposing the fix.
- buffers were too small to handle 256 byte frames
- parity bits were only handled for up to 32 byte frames
- trace format was inefficient
- removed parity calculation from decoders in iclass.c (parity not used on air anyway)
- output of debug messages caused communication failures due to timing issues.
hf mf dbg 4 now required to see these debug messages.
- changed help text for hf mf dbg
- fixed minor bugs in help texts for hf mf sim and hf mf ecset
- display "key A" or "key B" instead of "key=0" or "key=1 in hf mf sim
- tracing was not always enabled when starting hf mf sniff or hf 14a snoop
- ATQA was displayed in wrong byte order in hf mf sniff
- 4 Byte UIDs were displayed as 7 Byte UIDs (padded with 0x000000) in hf mf sniff
- same for logfile names.
- assignment (=) had been used instead of == in comparisons (shouldn't have been relevant though)