Merge pull request #3195 from Antiklesys/master

Fixed hf secc sniff -j bug

Author: iceman1001

armsrc/iso14443a.c

@@ -38,6 +38,10 @@
 #include "mifare.h"  // for iso14a_polling_frame_t structure
 #include "cmac_calc.h"
 
+// Forward declaration: HID Config Card jam support (implemented in secc.c).
+// Called from SniffIso14443a when param bit 0x04 is set.
+bool hid_config_card_jam(const uint8_t *cmd, int len, uint8_t *dma_buf);
+
 static uint32_t iso14a_timeout;
 
 static uint8_t colpos = 0;
@@ -927,6 +931,11 @@ void RAMFUNC SniffIso14443a(uint8_t param) {
                             break;
                         }
                     }
+                    // HID Config Card jam: respond to A0 D4 00 00 00 in-band
+                    if ((param & 0x04) && Uart.len >= 8) {
+                        if (hid_config_card_jam(receivedCmd, Uart.len, (uint8_t *)dma->buf))
+                            data = dma->buf;
+                    }
                     // ready to receive another command
                     Uart14aReset();
                     // reset the demod code, which might have been

armsrc/secc.c

@@ -447,134 +447,8 @@ void SimulateHIDConfigCard(const hid_sim_payload_t *payload) {
 // ---------------------------------------------------------------------------
 
 void SniffHIDConfigCard(uint8_t param) {
-    bool do_jam = (param & 0x04) != 0;
-
-    // For non-jam sniff, delegate entirely to the standard sniffer.
-    if (!do_jam) {
-        SniffIso14443a(param);
-        return;
-    }
-
-    // Jam mode: own sniff loop with hid_config_card_jam() called inline.
-    BigBuf_free();
-    BigBuf_Clear_ext(false);
-
-    uint8_t *receivedCmd    = BigBuf_calloc(MAX_FRAME_SIZE);
-    uint8_t *receivedCmdPar = BigBuf_calloc(MAX_PARITY_SIZE);
-    uint8_t *receivedResp   = BigBuf_calloc(MAX_FRAME_SIZE);
-    uint8_t *receivedRespPar = BigBuf_calloc(MAX_PARITY_SIZE);
-
-    Demod14aInit(receivedResp, MAX_FRAME_SIZE, receivedRespPar);
-    Uart14aInit(receivedCmd,   MAX_FRAME_SIZE, receivedCmdPar);
-
-    dmabuf8_t *dma = get_dma8();
-    uint8_t *data = dma->buf;
-
-    if (FpgaSetupSscDma((uint8_t *)dma->buf, DMA_BUFFER_SIZE) == false) {
-        BigBuf_free();
-        return;
-    }
-
-    bool triggered = !(param & 0x03);
-    uint32_t rx_samples = 0;
-    bool TagIsActive    = false;
-    bool ReaderIsActive = false;
-    uint8_t previous_data = 0;
-    int maxDataLen = 0, dataLen;
-    uint16_t checker = 12000;
-
-    tUart14a *uart = GetUart14a();
-    tDemod14a *demod = GetDemod14a();
-
-    clear_trace();
-    set_tracing(true);
-    LED_A_ON();
-
-    while (BUTTON_PRESS() == false) {
-        WDT_HIT();
-
-        if (checker-- == 0) {
-            if (data_available()) break;
-            checker = 12000;
-        }
-
-        int readBufDataP = data - dma->buf;
-        int dmaBufDataP  = DMA_BUFFER_SIZE - AT91C_BASE_PDC_SSC->PDC_RCR;
-        dataLen = (readBufDataP <= dmaBufDataP)
-                  ? dmaBufDataP - readBufDataP
-                  : DMA_BUFFER_SIZE - readBufDataP + dmaBufDataP;
-
-        if (dataLen > maxDataLen) {
-            maxDataLen = dataLen;
-            if (dataLen > (9 * DMA_BUFFER_SIZE / 10)) break;
-        }
-        if (dataLen < 1) continue;
-
-        if (AT91C_BASE_PDC_SSC->PDC_RCR == 0) {
-            AT91C_BASE_PDC_SSC->PDC_RPR = (uint32_t)dma->buf;
-            AT91C_BASE_PDC_SSC->PDC_RCR = DMA_BUFFER_SIZE;
-        }
-        if (AT91C_BASE_PDC_SSC->PDC_RNCR == 0) {
-            AT91C_BASE_PDC_SSC->PDC_RNPR = (uint32_t)dma->buf;
-            AT91C_BASE_PDC_SSC->PDC_RNCR = DMA_BUFFER_SIZE;
-        }
-
-        LED_A_OFF();
-
-        if (rx_samples & 0x01) {
-            if (!TagIsActive) {
-                uint8_t readerdata = (previous_data & 0xF0) | (*data >> 4);
-                if (MillerDecoding(readerdata, (rx_samples - 1) * 4)) {
-                    LED_C_ON();
-                    if (!triggered && (param & 0x02) && uart->len == 1 && uart->bitCount == 7)
-                        triggered = true;
-                    if (triggered) {
-                        if (!LogTrace(receivedCmd, uart->len,
-                                      uart->startTime * 16 - DELAY_READER_AIR2ARM_AS_SNIFFER,
-                                      uart->endTime   * 16 - DELAY_READER_AIR2ARM_AS_SNIFFER,
-                                      uart->parity, true))
-                            break;
-                    }
-                    if (uart->len >= 8) {
-                        if (hid_config_card_jam(receivedCmd, uart->len, (uint8_t *)dma->buf))
-                            data = dma->buf;
-                    }
-                    Uart14aReset();
-                    Demod14aReset();
-                    LED_B_OFF();
-                }
-                ReaderIsActive = (uart->state != STATE_14A_UNSYNCD);
-            }
-
-            if (!ReaderIsActive) {
-                uint8_t tagdata = (previous_data << 4) | (*data & 0x0F);
-                if (ManchesterDecoding(tagdata, 0, (rx_samples - 1) * 4)) {
-                    LED_B_ON();
-                    if (!LogTrace(receivedResp, demod->len,
-                                  demod->startTime * 16 - DELAY_TAG_AIR2ARM_AS_SNIFFER,
-                                  demod->endTime   * 16 - DELAY_TAG_AIR2ARM_AS_SNIFFER,
-                                  demod->parity, false))
-                        break;
-                    if (!triggered && (param & 0x01))
-                        triggered = true;
-                    Uart14aReset();
-                    Demod14aReset();
-                    LED_C_OFF();
-                }
-                TagIsActive = (demod->state != DEMOD_14A_UNSYNCD);
-            }
-        }
-
-        previous_data = *data;
-        rx_samples++;
-        if (data == dma->buf + DMA_BUFFER_SIZE)
-            data = dma->buf;
-        else
-            data++;
-    }
-
-    FpgaDisableSscDma();
-    set_tracing(false);
-    LEDsoff();
-    BigBuf_free();
+    // Delegate entirely to SniffIso14443a.
+    // When param bit 0x04 is set, SniffIso14443a calls hid_config_card_jam()
+    // inline after each decoded reader frame (see iso14443a.c).
+    SniffIso14443a(param);
 }