diff --git a/applications/main/lfrfid/helpers/rfid_writer.c b/applications/main/lfrfid/helpers/rfid_writer.c new file mode 100644 index 000000000..7cc6326c4 --- /dev/null +++ b/applications/main/lfrfid/helpers/rfid_writer.c @@ -0,0 +1,96 @@ +#include "rfid_writer.h" +#include + +void writer_start() { + furi_hal_rfid_tim_read(125000, 0.5); + furi_hal_rfid_pins_read(); + furi_hal_rfid_tim_read_start(); + + // do not ground the antenna + furi_hal_rfid_pin_pull_release(); +} + +void writer_stop() { + furi_hal_rfid_tim_read_stop(); + furi_hal_rfid_tim_reset(); + furi_hal_rfid_pins_reset(); +} + +void write_gap(uint32_t gap_time) { + furi_hal_rfid_tim_read_stop(); + furi_delay_us(gap_time * 8); + furi_hal_rfid_tim_read_start(); +} + +void write_bit(T55xxTiming* t55xxtiming, bool value) { + if(value) { + furi_delay_us(t55xxtiming->data_1 * 8); + } else { + furi_delay_us(t55xxtiming->data_0 * 8); + } + write_gap(t55xxtiming->write_gap); +} + +void write_block( + T55xxTiming* t55xxtiming, + uint8_t page, + uint8_t block, + bool lock_bit, + uint32_t data, + bool password_enable, + uint32_t password) { + furi_delay_us(t55xxtiming->wait_time * 8); + + //client: https://github.com/Proxmark/proxmark3/blob/6116334485ca77343eda51c557cdc81032afcf38/client/cmdlft55xx.c#L944 + //hardware: https://github.com/Proxmark/proxmark3/blob/555fa197730c061bbf0ab01334e99bc47fb3dc06/armsrc/lfops.c#L1465 + //hardware: https://github.com/Proxmark/proxmark3/blob/555fa197730c061bbf0ab01334e99bc47fb3dc06/armsrc/lfops.c#L1396 + + // start gap + write_gap(t55xxtiming->start_gap); + + // opcode + switch(page) { + case 0: + write_bit(t55xxtiming, 1); + write_bit(t55xxtiming, 0); + break; + case 1: + write_bit(t55xxtiming, 1); + write_bit(t55xxtiming, 1); + break; + default: + furi_check(false); + break; + } + + // password + if(password_enable) { + for(uint8_t i = 0; i < 32; i++) { + write_bit(t55xxtiming, (password >> (31 - i)) & 1); + } + } + + // lock bit + write_bit(t55xxtiming, lock_bit); + + // data + for(uint8_t i = 0; i < 32; i++) { + write_bit(t55xxtiming, (data >> (31 - i)) & 1); + } + + // block address + write_bit(t55xxtiming, (block >> 2) & 1); + write_bit(t55xxtiming, (block >> 1) & 1); + write_bit(t55xxtiming, (block >> 0) & 1); + + furi_delay_us(t55xxtiming->program * 8); + + furi_delay_us(t55xxtiming->wait_time * 8); + write_reset(t55xxtiming); +} + +void write_reset(T55xxTiming* t55xxtiming) { + write_gap(t55xxtiming->start_gap); + write_bit(t55xxtiming, 1); + write_bit(t55xxtiming, 0); +} \ No newline at end of file diff --git a/applications/main/lfrfid/helpers/rfid_writer.h b/applications/main/lfrfid/helpers/rfid_writer.h new file mode 100644 index 000000000..2b97bd321 --- /dev/null +++ b/applications/main/lfrfid/helpers/rfid_writer.h @@ -0,0 +1,26 @@ +#include +#include + +typedef struct { + uint16_t wait_time; + uint8_t start_gap; + uint8_t write_gap; + uint8_t data_0; + uint8_t data_1; + uint16_t program; +} T55xxTiming; + +void writer_start(); +void writer_stop(); +void write_gap(uint32_t gap_time); +void write_bit(T55xxTiming* t55xxtiming, bool value); +void write_block( + T55xxTiming* t55xxtiming, + uint8_t page, + uint8_t block, + bool lock_bit, + uint32_t data, + bool password_enable, + uint32_t password); + +void write_reset(T55xxTiming* t55xxtiming); \ No newline at end of file diff --git a/applications/main/lfrfid/scenes/lfrfid_scene_clear_t5577.c b/applications/main/lfrfid/scenes/lfrfid_scene_clear_t5577.c new file mode 100644 index 000000000..db9718669 --- /dev/null +++ b/applications/main/lfrfid/scenes/lfrfid_scene_clear_t5577.c @@ -0,0 +1,99 @@ +#include "../lfrfid_i.h" +#include "../helpers/rfid_writer.h" + +static void writer_initialize(T55xxTiming* t55xxtiming) { + t55xxtiming->wait_time = 400; + t55xxtiming->start_gap = 30; + t55xxtiming->write_gap = 18; + t55xxtiming->data_0 = 24; + t55xxtiming->data_1 = 56; + t55xxtiming->program = 700; +} + +static void lfrfid_clear_t5577_password_and_config_to_EM(LfRfid* app) { + T55xxTiming* t55xxtiming = malloc(sizeof(T55xxTiming)); + Popup* popup = app->popup; + char curr_buf[32] = {}; + //TODO: use .txt file in resourses for passwords. + const uint32_t default_passwords[] = { + 0x51243648, 0x000D8787, 0x19920427, 0x50524F58, 0xF9DCEBA0, 0x65857569, 0x05D73B9F, + 0x89A69E60, 0x314159E0, 0xAA55BBBB, 0xA5B4C3D2, 0x1C0B5848, 0x00434343, 0x444E4752, + 0x4E457854, 0x44B44CAE, 0x88661858, 0xE9920427, 0x575F4F4B, 0x50520901, 0x20206666, + 0x65857569, 0x5469616E, 0x7686962A, 0xC0F5009A, 0x07CEE75D, 0xfeedbeef, 0xdeadc0de, + 0x00000000, 0x11111111, 0x22222222, 0x33333333, 0x44444444, 0x55555555, 0x66666666, + 0x77777777, 0x88888888, 0x99999999, 0xAAAAAAAA, 0xBBBBBBBB, 0xCCCCCCCC, 0xDDDDDDDD, + 0xEEEEEEEE, 0xFFFFFFFF, 0xa0a1a2a3, 0xb0b1b2b3, 0x50415353, 0x00000001, 0x00000002, + 0x0000000a, 0x0000000b, 0x01020304, 0x02030405, 0x03040506, 0x04050607, 0x05060708, + 0x06070809, 0x0708090A, 0x08090A0B, 0x090A0B0C, 0x0A0B0C0D, 0x0B0C0D0E, 0x0C0D0E0F, + 0x01234567, 0x12345678, 0x10000000, 0x20000000, 0x30000000, 0x40000000, 0x50000000, + 0x60000000, 0x70000000, 0x80000000, 0x90000000, 0xA0000000, 0xB0000000, 0xC0000000, + 0xD0000000, 0xE0000000, 0xF0000000, 0x10101010, 0x01010101, 0x11223344, 0x22334455, + 0x33445566, 0x44556677, 0x55667788, 0x66778899, 0x778899AA, 0x8899AABB, 0x99AABBCC, + 0xAABBCCDD, 0xBBCCDDEE, 0xCCDDEEFF, 0x0CB7E7FC, 0xFABADA11, 0x87654321, 0x12341234, + 0x69696969, 0x12121212, 0x12344321, 0x1234ABCD, 0x11112222, 0x13131313, 0x10041004, + 0x31415926, 0xabcd1234, 0x20002000, 0x19721972, 0xaa55aa55, 0x55aa55aa, 0x4f271149, + 0x07d7bb0b, 0x9636ef8f, 0xb5f44686, 0x9E3779B9, 0xC6EF3720, 0x7854794A, 0xF1EA5EED, + 0x69314718, 0x57721566, 0x93C467E3, 0x27182818, 0x50415353}; + const uint8_t default_passwords_len = sizeof(default_passwords) / sizeof(uint32_t); + const uint32_t em_config_block_data = + 0b00000000000101001000000001000000; //no pwd&aor config block + + writer_initialize(t55xxtiming); + + popup_set_header(popup, "Removing\npassword", 90, 36, AlignCenter, AlignCenter); + popup_set_icon(popup, 0, 3, &I_RFIDDolphinSend_97x61); + popup_set_text(popup, curr_buf, 90, 56, AlignCenter, AlignCenter); + notification_message(app->notifications, &sequence_blink_start_magenta); + + for(uint8_t i = 0; i < default_passwords_len; i++) { + FURI_CRITICAL_ENTER(); + snprintf(curr_buf, sizeof(curr_buf), "Pass %d of %d", i, default_passwords_len); + view_dispatcher_switch_to_view(app->view_dispatcher, LfRfidViewPopup); + writer_start(); + write_block(t55xxtiming, 0, 0, false, em_config_block_data, true, default_passwords[i]); + write_reset(t55xxtiming); + writer_stop(); + FURI_CRITICAL_EXIT(); + furi_delay_ms(8); + } + notification_message(app->notifications, &sequence_blink_stop); + popup_reset(app->popup); + free(t55xxtiming); +} + +void lfrfid_scene_clear_t5577_on_enter(void* context) { + LfRfid* app = context; + Popup* popup = app->popup; + + lfrfid_clear_t5577_password_and_config_to_EM(app); + + notification_message(app->notifications, &sequence_success); + popup_set_header(popup, "Done!", 94, 10, AlignCenter, AlignTop); + popup_set_icon(popup, 0, 7, &I_RFIDDolphinSuccess_108x57); + popup_set_context(popup, app); + popup_set_callback(popup, lfrfid_popup_timeout_callback); + popup_set_timeout(popup, 1500); + popup_enable_timeout(popup); + + view_dispatcher_switch_to_view(app->view_dispatcher, LfRfidViewPopup); + notification_message_block(app->notifications, &sequence_set_green_255); +} + +bool lfrfid_scene_clear_t5577_on_event(void* context, SceneManagerEvent event) { + LfRfid* app = context; + bool consumed = false; + + const uint32_t prev_scene = LfRfidSceneExtraActions; + + if(event.type == SceneManagerEventTypeCustom && event.event == LfRfidEventPopupClosed) { + scene_manager_search_and_switch_to_previous_scene(app->scene_manager, prev_scene); + consumed = true; + } + return consumed; +} + +void lfrfid_scene_clear_t5577_on_exit(void* context) { + LfRfid* app = context; + popup_reset(app->popup); + notification_message_block(app->notifications, &sequence_reset_green); +} diff --git a/applications/main/lfrfid/scenes/lfrfid_scene_config.h b/applications/main/lfrfid/scenes/lfrfid_scene_config.h index b77ade82f..10dc46fe6 100644 --- a/applications/main/lfrfid/scenes/lfrfid_scene_config.h +++ b/applications/main/lfrfid/scenes/lfrfid_scene_config.h @@ -15,6 +15,7 @@ ADD_SCENE(lfrfid, saved_key_menu, SavedKeyMenu) ADD_SCENE(lfrfid, save_data, SaveData) ADD_SCENE(lfrfid, save_type, SaveType) ADD_SCENE(lfrfid, saved_info, SavedInfo) +ADD_SCENE(lfrfid, clear_t5577, ClearT5577) ADD_SCENE(lfrfid, delete_success, DeleteSuccess) ADD_SCENE(lfrfid, extra_actions, ExtraActions) ADD_SCENE(lfrfid, raw_info, RawInfo) diff --git a/applications/main/lfrfid/scenes/lfrfid_scene_extra_actions.c b/applications/main/lfrfid/scenes/lfrfid_scene_extra_actions.c index ecca7cf11..efa319c1e 100644 --- a/applications/main/lfrfid/scenes/lfrfid_scene_extra_actions.c +++ b/applications/main/lfrfid/scenes/lfrfid_scene_extra_actions.c @@ -4,6 +4,7 @@ typedef enum { SubmenuIndexASK, SubmenuIndexPSK, + SubmenuIndexClearT5577, SubmenuIndexRAW, } SubmenuIndex; @@ -29,6 +30,12 @@ void lfrfid_scene_extra_actions_on_enter(void* context) { SubmenuIndexPSK, lfrfid_scene_extra_actions_submenu_callback, app); + submenu_add_item( + submenu, + "Clear T5577 Password", + SubmenuIndexClearT5577, + lfrfid_scene_extra_actions_submenu_callback, + app); if(furi_hal_rtc_is_flag_set(FuriHalRtcFlagDebug)) { submenu_add_item( @@ -65,6 +72,9 @@ bool lfrfid_scene_extra_actions_on_event(void* context, SceneManagerEvent event) scene_manager_next_scene(app->scene_manager, LfRfidSceneRead); DOLPHIN_DEED(DolphinDeedRfidRead); consumed = true; + } else if(event.event == SubmenuIndexClearT5577) { + scene_manager_next_scene(app->scene_manager, LfRfidSceneClearT5577); + consumed = true; } else if(event.event == SubmenuIndexRAW) { scene_manager_next_scene(app->scene_manager, LfRfidSceneRawName); consumed = true; diff --git a/applications/main/subghz/scenes/subghz_scene_receiver_config.c b/applications/main/subghz/scenes/subghz_scene_receiver_config.c index 9d906f3da..82debf4c0 100644 --- a/applications/main/subghz/scenes/subghz_scene_receiver_config.c +++ b/applications/main/subghz/scenes/subghz_scene_receiver_config.c @@ -408,15 +408,16 @@ void subghz_scene_receiver_config_on_enter(void* context) { variable_item_set_current_value_text(item, rssi_threshold_text[value_index]); // Lock keyboard - item = variable_item_list_add( - subghz->variable_item_list, - "Sound:", - SPEAKER_COUNT, - subghz_scene_receiver_config_set_speaker, - subghz); - value_index = value_index_uint32(subghz->txrx->speaker_state, speaker_value, SPEAKER_COUNT); - variable_item_set_current_value_index(item, value_index); - variable_item_set_current_value_text(item, speaker_text[value_index]); + item = variable_item_list_add( + subghz->variable_item_list, + "Sound:", + SPEAKER_COUNT, + subghz_scene_receiver_config_set_speaker, + subghz); + value_index = + value_index_uint32(subghz->txrx->speaker_state, speaker_value, SPEAKER_COUNT); + variable_item_set_current_value_index(item, value_index); + variable_item_set_current_value_text(item, speaker_text[value_index]); variable_item_list_add(subghz->variable_item_list, "Lock Keyboard", 1, NULL, NULL); variable_item_list_set_enter_callback(