fix one too small
[RRG-proxmark3.git] / client / src / cmdlfnedap.c
blob4d51116e83c6477f99e9d7c1d8b390a8ec3f13f4
1 //-----------------------------------------------------------------------------
2 // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details.
3 //
4 // This program is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // This program is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // See LICENSE.txt for the text of the license.
15 //-----------------------------------------------------------------------------
16 // Low frequency NEDAP tag commands
17 //-----------------------------------------------------------------------------
19 #include "cmdlfnedap.h"
21 #define _GNU_SOURCE
22 #include <string.h>
23 #include <ctype.h>
24 #include <stdlib.h>
25 #include "cmdparser.h" // command_t
26 #include "comms.h"
27 #include "crc16.h"
28 #include "cmdlft55xx.h" // verify write
29 #include "ui.h"
30 #include "cmddata.h"
31 #include "cmdlf.h"
32 #include "lfdemod.h"
33 #include "protocols.h"
34 #include "cliparser.h"
35 #include "cmdlfem4x05.h" // EM defines
36 #include "commonutil.h"
38 #define FIXED_71 0x71
39 #define FIXED_40 0x40
40 #define UNKNOWN_A 0x00
41 #define UNKNOWN_B 0x00
43 static int CmdHelp(const char *Cmd);
45 static const uint8_t translateTable[10] = {8, 2, 1, 12, 4, 5, 10, 13, 0, 9};
46 static const uint8_t invTranslateTable[16] = {8, 2, 1, 0xff, 4, 5, 0xff, 0xff, 0, 9, 6, 0xff, 3, 7, 0xff, 0xff};
47 static const uint8_t preamble[] = {1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0}; // zero inside
49 static uint8_t isEven_64_63(const uint8_t *data) { // 8
50 uint32_t tmp[2];
51 memcpy(tmp, data, 8);
52 return (bitcount32(tmp[0]) + (bitcount32(tmp[1] & 0xfeffffff))) & 1;
55 //NEDAP demod - ASK/Biphase (or Diphase), RF/64 with preamble of 1111111110 (always a 128 bit data stream)
56 int demodNedap(bool verbose) {
57 (void) verbose; // unused so far
58 uint8_t data[16], buffer[7], subtype; // 4 bits
59 size_t size, offset = 0;
60 uint16_t checksum, customerCode; // 12 bits
61 uint32_t badgeId; // max 99999
63 if (ASKbiphaseDemod(0, 64, 1, 0, false) != PM3_SUCCESS) {
64 if (g_debugMode) PrintAndLogEx(DEBUG, "DEBUG: Error - NEDAP: ASK/Biphase Demod failed");
65 return PM3_ESOFT;
68 size = g_DemodBufferLen;
69 if (!preambleSearch(g_DemodBuffer, (uint8_t *) preamble, sizeof(preamble), &size, &offset)) {
70 PrintAndLogEx(DEBUG, "DEBUG: Error - NEDAP: preamble not found");
71 return PM3_ESOFT;
74 // set plot
75 setDemodBuff(g_DemodBuffer, size, offset);
76 setClockGrid(g_DemodClock, g_DemodStartIdx + (g_DemodClock * offset));
78 // sanity checks
79 if ((size != 128) && (size != 64)) {
80 PrintAndLogEx(DEBUG, "DEBUG: Error - NEDAP: Size not correct: %zu", size);
81 return PM3_ESOFT;
84 if (bits_to_array(g_DemodBuffer, size, data) != PM3_SUCCESS) {
85 PrintAndLogEx(DEBUG, "DEBUG: Error - NEDAP: bits_to_array error\n");
86 return PM3_ESOFT;
90 int ret = PM3_SUCCESS;
92 // first part
94 // parity 1 check
95 if (isEven_64_63(data) != (data[7] & 0x01)) {
96 PrintAndLogEx(ERR, "Bad parity (%1u)", data[7] & 0x01);
97 ret = PM3_ESOFT;
100 // header 1 check
101 // (1111111110 0 -- zero inside)
102 if ((data[0] != 0xFF) && ((data[1] & 0xE0) != 0x80)) {
103 PrintAndLogEx(ERR, "Bad header");
104 ret = PM3_ESOFT;
107 buffer[0] = (data[0] << 7) | (data[1] >> 1);
108 buffer[1] = (data[1] << 7) | (data[2] >> 1);
109 buffer[2] = (data[2] << 7) | (data[3] >> 1);
110 buffer[3] = ((data[4] & 0x1e) << 3) | ((data[5] & 0x1e) >> 1);
111 buffer[4] = ((data[6] & 0x1e) << 3) | ((data[7] & 0x1e) >> 1);
113 // CHECKSUM
114 init_table(CRC_XMODEM);
115 checksum = crc16_xmodem(buffer, 5);
117 buffer[6] = (data[3] << 7) | ((data[4] & 0xe0) >> 1) | ((data[4] & 0x01) << 3) | ((data[5] & 0xe0) >> 5);
118 buffer[5] = (data[5] << 7) | ((data[6] & 0xe0) >> 1) | ((data[6] & 0x01) << 3) | ((data[7] & 0xe0) >> 5);
119 uint16_t checksum2 = (buffer[6] << 8) + buffer[5];
120 bool isValid = (checksum == checksum2);
122 subtype = (data[1] & 0x1e) >> 1;
123 customerCode = ((data[1] & 0x01) << 11) | (data[2] << 3) | ((data[3] & 0xe0) >> 5);
125 if (isValid == false) {
126 PrintAndLogEx(ERR, "Checksum : %s (calc 0x%04X != 0x%04X)", _RED_("fail"), checksum, checksum2);
127 ret = PM3_ESOFT;
130 uint8_t idxC1 = invTranslateTable[(data[3] & 0x1e) >> 1];
131 uint8_t idxC2 = invTranslateTable[(data[4] & 0x1e) >> 1];
132 uint8_t idxC3 = invTranslateTable[(data[5] & 0x1e) >> 1];
133 uint8_t idxC4 = invTranslateTable[(data[6] & 0x1e) >> 1];
134 uint8_t idxC5 = invTranslateTable[(data[7] & 0x1e) >> 1];
136 // validation
137 if ((idxC1 != 0xFF) && (idxC2 != 0xFF) && (idxC3 != 0xFF) && (idxC4 != 0xFF) && (idxC5 != 0xFF)) {
138 uint8_t r1 = idxC1;
139 uint8_t r2 = ((10 + idxC2) - (idxC1 + 1)) % 10;
140 uint8_t r3 = ((10 + idxC3) - (idxC2 + 1)) % 10;
141 uint8_t r4 = ((10 + idxC4) - (idxC3 + 1)) % 10;
142 uint8_t r5 = ((10 + idxC5) - (idxC4 + 1)) % 10;
144 badgeId = r1 * 10000 + r2 * 1000 + r3 * 100 + r4 * 10 + r5;
146 PrintAndLogEx(SUCCESS, "NEDAP (%s) - ID: " _YELLOW_("%05u") " subtype: " _YELLOW_("%1u")" customer code: " _YELLOW_("%u / 0x%03X") " Raw: " _YELLOW_("%s")
147 , (size == 128) ? "128b" : "64b"
148 , badgeId
149 , subtype
150 , customerCode
151 , customerCode
152 , sprint_hex_inrow(data, size / 8)
154 PrintAndLogEx(DEBUG, "Checksum ( %s ) 0x%04X", _GREEN_("ok"), checksum);
156 } else {
157 PrintAndLogEx(ERR, "Invalid idx (1:%02x - 2:%02x - 3:%02x - 4:%02x - 5:%02x)", idxC1, idxC2, idxC3, idxC4, idxC5);
158 ret = PM3_ESOFT;
161 if (size > 64) {
162 // second part
163 PrintAndLogEx(DEBUG, "NEDAP Tag, second part found");
165 if (isEven_64_63(data + 8) != (data[15] & 0x01)) {
166 PrintAndLogEx(ERR, "Bad parity (%1u)", data[15] & 0x01);
167 return ret;
170 // validation
171 if ((data[8] & 0x80)
172 && (data[9] & 0x40)
173 && (data[10] & 0x20)
174 && (data[11] & 0x10)
175 && (data[12] & 0x08)
176 && (data[13] & 0x04)
177 && (data[14] & 0x02)) {
178 PrintAndLogEx(ERR, "Bad zeros");
179 return ret;
183 uint8_t r4 = (data[8] >> 3) & 0x0F;
184 uint8_t r5 = ((data[8] << 1) & 0x0F) | (data[9] >> 7);
185 uint8_t r2 = (data[9] >> 2) & 0x0F;
186 uint8_t r3 = ((data[9] << 2) & 0x0F) | (data[10] >> 6);
187 uint8_t r0 = ((data[10] >> 1) & 0x0F);
188 uint8_t r1 = ((data[10] << 3) & 0x0F) | (data[11] >> 5);
190 uint8_t fixed0 = ((data[11] << 4) & 0xF0) | (data[12] >> 4);
191 uint8_t fixed1 = ((data[12] << 5) & 0xE0) | (data[13] >> 3);
193 uint8_t unk1 = ((data[13] << 6) & 0xC0) | (data[14] >> 2);
194 uint8_t unk2 = ((data[14] << 7) & 0xC0) | (data[15] >> 1);
196 // validation 2
197 if (!r0 && (r1 < 10) && (r2 < 10) && (r3 < 10) && (r4 < 10) && (r5 < 10)) {
199 badgeId = r1 * 10000 + r2 * 1000 + r3 * 100 + r4 * 10 + r5;
200 PrintAndLogEx(SUCCESS, "Second Card: " _YELLOW_("%05u"), badgeId);
202 if ((fixed0 == FIXED_71) && (fixed1 == FIXED_40))
203 PrintAndLogEx(DEBUG, "Fixed part {0 = 0x%02x, 1 = 0x%02x}", fixed0, fixed1);
204 else
205 PrintAndLogEx(DEBUG, "Bad fixed: {0 = 0x%02x (%0x02x), 1 = 0x%02x (%0x02x)}", fixed0, FIXED_71, fixed1, FIXED_40);
207 PrintAndLogEx(DEBUG, "Unknown part {1 = 0x%02x, 2 = 0x%02x}", unk1, unk2);
208 } else {
209 PrintAndLogEx(ERR, "Bad digits (0:%1x - 1:%1x - 2:%1x - 3:%1x - 4:%1x - 5:%1x)", r0, r1, r2, r3, r4, r5);
210 return ret;
214 return PM3_SUCCESS;
217 static int CmdLFNedapDemod(const char *Cmd) {
218 CLIParserContext *ctx;
219 CLIParserInit(&ctx, "lf nedap demod",
220 "Try to find Nedap preamble, if found decode / descramble data",
221 "lf nedap demod"
224 void *argtable[] = {
225 arg_param_begin,
226 arg_param_end
228 CLIExecWithReturn(ctx, Cmd, argtable, true);
229 CLIParserFree(ctx);
230 return demodNedap(true);
232 /* Index map E E
233 preamble enc tag type encrypted uid P d 33 d 90 d 04 d 71 d 40 d 45 d E7 P
234 1111111110 00101101000001011010001100100100001011010100110101100 1 0 00110011 0 10010000 0 00000100 0 01110001 0 01000000 0 01000101 0 11100111 1
235 uid2 uid1 uid0 I I R R
236 1111111110 00101101000001011010001100100100001011010100110101100 1
238 0 00110011
239 0 10010000
240 0 00000100
241 0 01110001
242 0 01000000
243 0 01000101
244 0 11100111
247 Tag ID is 049033
248 I = Identical on all tags
249 R = Random ?
250 UID2, UID1, UID0 == card number
253 configuration
254 lf t55xx wr -b 0 -d 00170082
256 1) uid 049033
257 lf t55xx wr -b 1 -d FF8B4168
258 lf t55xx wr -b 2 -d C90B5359
259 lf t55xx wr -b 3 -d 19A40087
260 lf t55xx wr -b 4 -d 120115CF
262 2) uid 001630
263 lf t55xx wr -b 1 -d FF8B6B20
264 lf t55xx wr -b 2 -d F19B84A3
265 lf t55xx wr -b 3 -d 18058007
266 lf t55xx wr -b 4 -d 1200857C
268 3) uid 39feff
269 lf t55xx wr -b 1 -d ffbfa73e
270 lf t55xx wr -b 2 -d 4c0003ff
271 lf t55xx wr -b 3 -d ffbfa73e
272 lf t55xx wr -b 4 -d 4c0003ff
276 static int CmdLFNedapReader(const char *Cmd) {
277 CLIParserContext *ctx;
278 CLIParserInit(&ctx, "lf nedap reader",
279 "read a Nedap tag",
280 "lf nedap reader -@ -> continuous reader mode"
283 void *argtable[] = {
284 arg_param_begin,
285 arg_lit0("@", NULL, "optional - continuous reader mode"),
286 arg_param_end
288 CLIExecWithReturn(ctx, Cmd, argtable, true);
289 bool cm = arg_get_lit(ctx, 1);
290 CLIParserFree(ctx);
292 if (cm) {
293 PrintAndLogEx(INFO, "Press " _GREEN_("<Enter>") " to exit");
296 do {
297 lf_read(false, 16000);
298 demodNedap(!cm);
299 } while (cm && !kbd_enter_pressed());
301 return PM3_SUCCESS;
304 static void NedapGen(uint8_t subType, uint16_t customerCode, uint32_t id, bool isLong, uint8_t *data) { // 8 or 16
305 uint8_t buffer[7];
307 uint8_t r1 = (uint8_t)(id / 10000);
308 uint8_t r2 = (uint8_t)((id % 10000) / 1000);
309 uint8_t r3 = (uint8_t)((id % 1000) / 100);
310 uint8_t r4 = (uint8_t)((id % 100) / 10);
311 uint8_t r5 = (uint8_t)(id % 10);
313 // first part
314 uint8_t idxC1 = r1;
315 uint8_t idxC2 = (idxC1 + 1 + r2) % 10;
316 uint8_t idxC3 = (idxC2 + 1 + r3) % 10;
317 uint8_t idxC4 = (idxC3 + 1 + r4) % 10;
318 uint8_t idxC5 = (idxC4 + 1 + r5) % 10;
320 buffer[0] = 0xc0 | (subType & 0x0F);
321 buffer[1] = (customerCode & 0x0FF0) >> 4;
322 buffer[2] = ((customerCode & 0x000F) << 4) | translateTable[idxC1];
323 buffer[3] = (translateTable[idxC2] << 4) | translateTable[idxC3];
324 buffer[4] = (translateTable[idxC4] << 4) | translateTable[idxC5];
326 // checksum
327 init_table(CRC_XMODEM);
328 uint16_t checksum = crc16_xmodem(buffer, 5);
330 buffer[6] = ((checksum & 0x000F) << 4) | (buffer[4] & 0x0F);
331 buffer[5] = (checksum & 0x00F0) | ((buffer[4] & 0xF0) >> 4);
332 buffer[4] = ((checksum & 0x0F00) >> 4) | (buffer[3] & 0x0F);
333 buffer[3] = ((checksum & 0xF000) >> 8) | ((buffer[3] & 0xF0) >> 4);
335 // carry calc
336 uint8_t carry = 0;
337 for (uint8_t i = 0; i < sizeof(buffer); i++) {
338 uint8_t tmp = buffer[sizeof(buffer) - 1 - i];
339 data[7 - i] = ((tmp & 0x7F) << 1) | carry;
340 carry = (tmp & 0x80) >> 7;
342 data[0] = 0xFE | carry;
343 data[7] |= isEven_64_63(data);
345 // second part
346 if (isLong) {
347 uint8_t id0 = r1;
348 uint8_t id1 = (r2 << 4) | r3;
349 uint8_t id2 = (r4 << 4) | r5;
351 data[8] = (id2 >> 1);
352 data[9] = ((id2 & 0x01) << 7) | (id1 >> 2);
353 data[10] = ((id1 & 0x03) << 6) | (id0 >> 3);
354 data[11] = ((id0 & 0x07) << 5) | (FIXED_71 >> 4);
355 data[12] = ((FIXED_71 & 0x0F) << 4) | (FIXED_40 >> 5);
356 data[13] = ((FIXED_40 & 0x1F) << 3) | (UNKNOWN_A >> 6);
357 data[14] = ((UNKNOWN_A & 0x3F) << 2) | (UNKNOWN_B >> 7);
358 data[15] = ((UNKNOWN_B & 0x7F) << 1);
359 data[15] |= isEven_64_63(data + 8);
363 static int CmdLFNedapClone(const char *Cmd) {
364 CLIParserContext *ctx;
365 CLIParserInit(&ctx, "lf nedap clone",
366 "clone a Nedap tag to a T55x7, Q5/T5555 or EM4305/4469 tag.",
367 "lf nedap clone --st 1 --cc 101 --id 1337"
370 void *argtable[] = {
371 arg_param_begin,
372 arg_u64_0(NULL, "st", "<dec>", "optional - sub type (default 5)"),
373 arg_u64_1(NULL, "cc", "<dec>", "customer code (0-4095)"),
374 arg_u64_1(NULL, "id", "<dec>", "ID (0-99999)"),
375 arg_lit0("l", "long", "optional - long (128), default to short (64)"),
376 arg_lit0(NULL, "q5", "optional - specify writing to Q5/T5555 tag"),
377 arg_lit0(NULL, "em", "optional - specify writing to EM4305/4469 tag"),
378 arg_param_end
380 CLIExecWithReturn(ctx, Cmd, argtable, false);
382 uint8_t sub_type = arg_get_u32_def(ctx, 1, 5);
383 uint16_t customer_code = arg_get_u32_def(ctx, 2, 0);
384 uint32_t id = arg_get_u32_def(ctx, 3, 0);
385 bool is_long = arg_get_lit(ctx, 4);
386 bool q5 = arg_get_lit(ctx, 5);
387 bool em = arg_get_lit(ctx, 6);
388 CLIParserFree(ctx);
390 // Validations
391 if (q5 && em) {
392 PrintAndLogEx(FAILED, "Can't specify both Q5 and EM4305 at the same time");
393 return PM3_EINVARG;
395 if (sub_type > 0xF) {
396 PrintAndLogEx(FAILED, "out-of-range, valid subtype is between 0-15");
397 return PM3_EINVARG;
400 if (customer_code > 0xFFF) {
401 PrintAndLogEx(FAILED, "out-of-range, valid customer code is between 0-4095");
402 return PM3_EINVARG;
405 if (id > 99999) {
406 PrintAndLogEx(FAILED, "out-of-range, id max value is 99999");
407 return PM3_EINVARG;
410 PrintAndLogEx(SUCCESS, "NEDAP (%s) - ID: " _GREEN_("%05u") " subtype: " _GREEN_("%1u") " customer code: " _GREEN_("%u / 0x%03X")
411 , is_long ? "128b" : "64b"
412 , id
413 , sub_type
414 , customer_code
415 , customer_code
419 //NEDAP - compat mode, ASK/DIphase, data rate 64, 4 data blocks
420 // DI-phase (CDP) T55x7_MODULATION_DIPHASE
421 uint8_t max;
422 uint32_t blocks[5] = {0};
423 if (is_long) {
424 max = 5;
425 blocks[0] = T55X7_NEDAP_128_CONFIG_BLOCK;
426 } else {
427 max = 3;
428 blocks[0] = T55X7_NEDAP_64_CONFIG_BLOCK;
430 char cardtype[16] = {"T55x7"};
432 // Q5
433 if (q5) {
434 if (is_long) {
435 blocks[0] = T5555_FIXED | T5555_MODULATION_BIPHASE | T5555_INVERT_OUTPUT | T5555_SET_BITRATE(64) | 4 << T5555_MAXBLOCK_SHIFT;
436 } else {
437 blocks[0] = T5555_FIXED | T5555_MODULATION_BIPHASE | T5555_INVERT_OUTPUT | T5555_SET_BITRATE(64) | 2 << T5555_MAXBLOCK_SHIFT;
441 // EM4305
442 if (em) {
443 if (is_long) {
444 blocks[0] = EM4305_NEDAP_128_CONFIG_BLOCK;
445 } else {
446 blocks[0] = EM4305_NEDAP_64_CONFIG_BLOCK;
448 snprintf(cardtype, sizeof(cardtype), "EM4305/4469");
451 // generate nedap bitstream
452 uint8_t data[16];
453 NedapGen(sub_type, customer_code, id, is_long, data);
455 for (uint8_t i = 1; i < max ; i++) {
456 blocks[i] = bytes_to_num(data + ((i - 1) * 4), 4);
459 PrintAndLogEx(SUCCESS, "Preparing to clone NEDAP to " _YELLOW_("%s") " tag", cardtype);
460 print_blocks(blocks, max);
462 int res;
463 if (em) {
464 res = em4x05_clone_tag(blocks, ARRAYLEN(blocks), 0, false);
465 } else {
466 res = clone_t55xx_tag(blocks, ARRAYLEN(blocks));
469 if (res == PM3_SUCCESS) {
470 PrintAndLogEx(INFO, "The block 0 was changed (eXtended) which can be hard to detect.");
471 PrintAndLogEx(INFO, "Configure it manually " _YELLOW_("`lf t55xx config --rate 64 --BI -i -o 32`"));
472 } else {
473 PrintAndLogEx(NORMAL, "");
475 PrintAndLogEx(SUCCESS, "Done");
476 PrintAndLogEx(HINT, "Hint: try " _YELLOW_("`lf nedap reader`") " to verify");
477 return res;
480 static int CmdLFNedapSim(const char *Cmd) {
482 CLIParserContext *ctx;
483 CLIParserInit(&ctx, "lf nedap sim",
484 "Enables simulation of NEDAP card with specified card number.\n"
485 "Simulation runs until the button is pressed or another USB command is issued.",
486 "lf nedap sim --st 1 --cc 101 --id 1337"
489 void *argtable[] = {
490 arg_param_begin,
491 arg_u64_0(NULL, "st", "<dec>", "optional - sub type (default 5)"),
492 arg_u64_1(NULL, "cc", "<dec>", "customer code (0-4095)"),
493 arg_u64_1(NULL, "id", "<dec>", "ID (0-99999)"),
494 arg_lit0("l", "long", "optional - long (128), default to short (64)"),
495 arg_param_end
497 CLIExecWithReturn(ctx, Cmd, argtable, false);
499 uint8_t sub_type = arg_get_u32_def(ctx, 1, 5);
500 uint16_t customer_code = arg_get_u32_def(ctx, 2, 0);
501 uint32_t id = arg_get_u32_def(ctx, 3, 0);
502 bool is_long = arg_get_lit(ctx, 4);
503 CLIParserFree(ctx);
505 if (sub_type > 0xF) {
506 PrintAndLogEx(FAILED, "out-of-range, valid subtype is between 0-15");
507 return PM3_EINVARG;
510 if (customer_code > 0xFFF) {
511 PrintAndLogEx(FAILED, "out-of-range, valid customer code is between 0-4095");
512 return PM3_EINVARG;
515 if (id > 99999) {
516 PrintAndLogEx(FAILED, "out-of-range, id max value is 99999");
517 return PM3_EINVARG;
520 PrintAndLogEx(SUCCESS, "NEDAP (%s) - ID: " _GREEN_("%05u") " subtype: " _GREEN_("%1u") " customer code: " _GREEN_("%u / 0x%03X")
521 , is_long ? "128b" : "64b"
522 , id
523 , sub_type
524 , customer_code
525 , customer_code
528 // generate nedap bitstream
529 uint8_t max = (is_long) ? 16 : 8;
530 uint8_t data[16];
531 NedapGen(sub_type, customer_code, id, is_long, data);
533 uint8_t bs[16 * 8] = {0};
534 for (uint8_t i = 0; i < max; i++) {
535 num_to_bytebits(data[i], 8, bs + i * 8);
538 PrintAndLogEx(SUCCESS, "Simulating NEDAP - Raw: " _YELLOW_("%s"), sprint_hex_inrow(data, max));
540 // NEDAP, Biphase = 2, clock 64, inverted, (DIPhase == inverted BIphase)
541 lf_asksim_t *payload = calloc(1, sizeof(lf_asksim_t) + g_DemodBufferLen);
542 payload->encoding = 2;
543 payload->invert = 1;
544 payload->separator = 0;
545 payload->clock = 64;
546 memcpy(payload->data, bs, (max * 8));
548 clearCommandBuffer();
549 SendCommandNG(CMD_LF_ASK_SIMULATE, (uint8_t *)payload, sizeof(lf_asksim_t) + g_DemodBufferLen);
550 free(payload);
552 PacketResponseNG resp;
553 WaitForResponse(CMD_LF_ASK_SIMULATE, &resp);
555 PrintAndLogEx(INFO, "Done!");
556 if (resp.status != PM3_EOPABORTED) {
557 return resp.status;
559 return PM3_SUCCESS;
562 static command_t CommandTable[] = {
563 {"help", CmdHelp, AlwaysAvailable, "This help"},
564 {"demod", CmdLFNedapDemod, AlwaysAvailable, "demodulate Nedap tag from the GraphBuffer"},
565 {"reader", CmdLFNedapReader, IfPm3Lf, "attempt to read and extract tag data"},
566 {"clone", CmdLFNedapClone, IfPm3Lf, "clone Nedap tag to T55x7, Q5/T5555 or EM4305/4469"},
567 {"sim", CmdLFNedapSim, IfPm3Lf, "simulate Nedap tag"},
568 {NULL, NULL, NULL, NULL}
571 static int CmdHelp(const char *Cmd) {
572 (void)Cmd; // Cmd is not used so far
573 CmdsHelp(CommandTable);
574 return PM3_SUCCESS;
577 int CmdLFNedap(const char *Cmd) {
578 clearCommandBuffer();
579 return CmdsParse(CommandTable, Cmd);