armsrc/Standalone/lf_em4100emul.c

   1 //-----------------------------------------------------------------------------
   2 // Copyright (C) Artyom Gnatyuk, 2020
   3 // Copyright (C) Proxmark3 contributors. See AUTHORS.md for details.
   4 //
   5 // This program is free software: you can redistribute it and/or modify
   6 // it under the terms of the GNU General Public License as published by
   7 // the Free Software Foundation, either version 3 of the License, or
   8 // (at your option) any later version.
   9 //
  10 // This program is distributed in the hope that it will be useful,
  11 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13 // GNU General Public License for more details.
  14 //
  15 // See LICENSE.txt for the text of the license.
  16 //-----------------------------------------------------------------------------
  17 // LF emul  -   Very simple mode. Simulate only predefined in low[] IDs
  18 //              Short click - select next slot and start simulation
  19 //-----------------------------------------------------------------------------
  20 #include "standalone.h"
  21 #include "proxmark3_arm.h"
  22 #include "appmain.h"
  23 #include "fpgaloader.h"
  24 #include "lfops.h"
  25 #include "util.h"
  26 #include "dbprint.h"
  27 #include "ticks.h"
  28 #include "string.h"
  29 #include "BigBuf.h"
  30 #include "commonutil.h"
  31
  32 #define MAX_IND 16 // 4 LEDs - 2^4 combinations
  33 #define LF_CLOCK 64 // for 125kHz
  34
  35 // Predefined IDs must be stored in em4100emul_low[].
  36 static uint64_t em4100emul_low[] = {0x565A1140BE, 0x365A398149, 0x5555555555, 0xFFFFFFFFFF};
  37 static uint8_t em4100emul_slots_count;
  38 static int em4100emul_buflen;
  39
  40 void ModInfo(void) {
  41     DbpString("  LF EM4100 simulator standalone mode");
  42 }
  43
  44 static uint64_t em4100emul_rev_quads(uint64_t bits) {
  45     uint64_t result = 0;
  46     for (int i = 0; i < 16; i++) {
  47         result += ((bits >> (60 - 4 * i)) & 0xf) << (4 * i);
  48     }
  49     return result >> 24;
  50 }
  51
  52 static void em4100emul_fill_buff(uint8_t bit) {
  53     uint8_t *bba = BigBuf_get_addr();
  54     memset(bba + em4100emul_buflen, bit, LF_CLOCK / 2);
  55     em4100emul_buflen += (LF_CLOCK / 2);
  56     memset(bba + em4100emul_buflen, bit ^ 1, LF_CLOCK / 2);
  57     em4100emul_buflen += (LF_CLOCK / 2);
  58 }
  59
  60 static void em4100emul_construct_EM410x_emul(uint64_t id) {
  61
  62     int i, j;
  63     int binary[4] = {0, 0, 0, 0};
  64     int parity[4] = {0, 0, 0, 0};
  65     em4100emul_buflen = 0;
  66
  67     for (i = 0; i < 9; i++)
  68         em4100emul_fill_buff(1);
  69
  70     for (i = 0; i < 10; i++) {
  71         for (j = 3; j >= 0; j--, id /= 2)
  72             binary[j] = id % 2;
  73
  74         for (j = 0; j < 4; j++)
  75             em4100emul_fill_buff(binary[j]);
  76
  77         em4100emul_fill_buff(binary[0] ^ binary[1] ^ binary[2] ^ binary[3]);
  78         for (j = 0; j < 4; j++)
  79             parity[j] ^= binary[j];
  80     }
  81
  82     for (j = 0; j < 4; j++)
  83         em4100emul_fill_buff(parity[j]);
  84
  85     em4100emul_fill_buff(0);
  86 }
  87
  88 static void LED_Slot(int i) {
  89     LEDsoff();
  90     if (em4100emul_slots_count > 4) {
  91         LED(i % MAX_IND, 0); //binary indication for em4100emul_slots_count > 4
  92     } else {
  93         LED(1 << i, 0); //simple indication for em4100emul_slots_count <=4
  94     }
  95 }
  96
  97 void RunMod(void) {
  98     StandAloneMode();
  99     FpgaDownloadAndGo(FPGA_BITSTREAM_LF);
 100     Dbprintf("[=] >>  LF EM4100 simulator started  <<");
 101
 102     int selected = 0; //selected slot after start
 103     em4100emul_slots_count = ARRAYLEN(em4100emul_low);
 104     for (;;) {
 105         WDT_HIT();
 106         if (data_available()) break;
 107
 108         SpinDelay(100);
 109         SpinUp(100);
 110         LED_Slot(selected);
 111         Dbprintf("Emulating 0x%010llX", em4100emul_low[selected]);
 112         em4100emul_construct_EM410x_emul(em4100emul_rev_quads(em4100emul_low[selected]));
 113         SimulateTagLowFrequency(em4100emul_buflen, 0, true);
 114
 115         //Exit! Button hold break
 116         int button_pressed = BUTTON_HELD(500);
 117         if (button_pressed == BUTTON_HOLD) {
 118             Dbprintf("Button hold, Break!");
 119             LEDsoff();
 120             Dbprintf("[=] >>  LF EM4100 simulator stopped due to button hold  <<");
 121             return; // RunMod end
 122         }
 123         selected = (selected + 1) % em4100emul_slots_count;
 124     }
 125 }