[FL-1526] Mifare Ultralight emulation (#645)

* rfal: add discovery parameter for passing listen activation * nfc: add discovery parameter to furi_hal_nfc_listen * mifare_ul: add emulation parsing commands * nfc: add mifare ul emulation * nfc: switch to mifare ultralight emulation form menu * furi-hal-nfc: add first frame reception in emulation mode * nfc: change argument check * nfc: rework nfc worker and mifare ul lib * mifare_ul: add write and cnt increment commands * nfc: add card modification check * mifare_ul: add data changed flag * nfc: add shodow files * nfc: add restore original file Co-authored-by: あく <alleteam@gmail.com>
2021-08-17 00:45:04 +03:00
parent e1d80d5402
commit c122317468
16 changed files with 354 additions and 69 deletions
@@ -213,6 +213,8 @@ typedef struct{
    bool               wakeupEnabled;                   /*!< Enable Wake-Up mode before polling                    */
    bool               wakeupConfigDefault;             /*!< Wake-Up mode default configuration                    */
    rfalWakeUpConfig   wakeupConfig;                    /*!< Wake-Up mode configuration                            */
+
+    bool               activate_after_sak; // Set device to Active mode after SAK responce
 }rfalNfcDiscoverParam;


@@ -575,6 +575,7 @@ ReturnCode rfalNfcDataExchangeStart( uint8_t *txData, uint16_t txDataLen, uint8_
            *rvdLen = (uint16_t*)&gNfcDev.rxLen;
            *rxData = (uint8_t*)(  (gNfcDev.activeDev->rfInterface == RFAL_NFC_INTERFACE_ISODEP) ? gNfcDev.rxBuf.isoDepBuf.apdu : 
                                  ((gNfcDev.activeDev->rfInterface == RFAL_NFC_INTERFACE_NFCDEP) ? gNfcDev.rxBuf.nfcDepBuf.pdu  : gNfcDev.rxBuf.rfBuf));
+            gNfcDev.state = RFAL_NFC_STATE_DATAEXCHANGE_DONE;
            return ERR_NONE;
        }
        
@@ -1579,6 +1580,7 @@ static ReturnCode rfalNfcListenActivation( void )

    
    lmSt = rfalListenGetState( &isDataRcvd, &bitRate );
+
    switch(lmSt)
    {

@@ -1595,6 +1597,12 @@ static ReturnCode rfalNfcListenActivation( void )
                    /* Set the Listen Mode in Sleep state */
                    EXIT_ON_ERR( ret, rfalListenSleepStart( RFAL_LM_STATE_SLEEP_A, gNfcDev.rxBuf.rfBuf, sizeof(gNfcDev.rxBuf.rfBuf), &gNfcDev.rxLen ) );
                }
+
+                else if(gNfcDev.disc.activate_after_sak) {
+                    gNfcDev.devList->type = RFAL_NFC_POLL_TYPE_NFCA;
+                    rfalListenSetState(RFAL_LM_STATE_ACTIVE_A);
+                    return ERR_NONE;
+                }
                
            #if RFAL_FEATURE_ISO_DEP && RFAL_FEATURE_ISO_DEP_LISTEN
                /* Check if received data is a valid RATS */
@@ -137,3 +137,94 @@ uint16_t mf_ul_prepare_write(uint8_t* dest, uint16_t page_addr, uint32_t data) {
    dest[5] = (uint8_t) data;
    return 6;
 }
+
+void mf_ul_prepare_emulation(MifareUlDevice* mf_ul_emulate, MifareUlData* data) {
+    mf_ul_emulate->data = *data;
+    mf_ul_emulate->data_changed = false;
+    if(data->version.storage_size == 0) {
+        mf_ul_emulate->type = MfUltralightTypeUnknown;
+        mf_ul_emulate->support_fast_read = false;
+    } else if(data->version.storage_size == 0x0B) {
+        mf_ul_emulate->type = MfUltralightTypeUL11;
+        mf_ul_emulate->support_fast_read = true;
+    } else if(data->version.storage_size == 0x0E) {
+        mf_ul_emulate->type = MfUltralightTypeUL21;
+        mf_ul_emulate->support_fast_read = true;
+    }
+}
+
+uint16_t mf_ul_prepare_emulation_response(uint8_t* buff_rx, uint16_t len_rx, uint8_t* buff_tx, MifareUlDevice* mf_ul_emulate) {
+    uint8_t cmd = buff_rx[0];
+    uint16_t page_num = mf_ul_emulate->data.data_size / 4;
+    uint16_t tx_len = 0;
+
+    if(cmd == MF_UL_GET_VERSION_CMD) {
+        if(mf_ul_emulate->type != MfUltralightTypeUnknown) {
+            tx_len = sizeof(mf_ul_emulate->data.version);
+            memcpy(buff_tx, &mf_ul_emulate->data.version, tx_len);
+        }
+    } else if(cmd == MF_UL_READ_CMD) {
+        uint8_t start_page = buff_rx[1];
+        if(start_page < page_num) {
+            tx_len = 16;
+            if(start_page + 4 > page_num) {
+                // Handle roll-over mechanism
+                uint8_t end_pages_num = page_num - start_page;
+                memcpy(buff_tx, &mf_ul_emulate->data.data[start_page * 4], end_pages_num * 4);
+                memcpy(&buff_tx[end_pages_num * 4], mf_ul_emulate->data.data, (4 - end_pages_num) * 4);
+            } else {
+                memcpy(buff_tx, &mf_ul_emulate->data.data[start_page * 4], tx_len);
+            }
+        }
+    } else if(cmd == MF_UL_FAST_READ_CMD) {
+        if(mf_ul_emulate->support_fast_read) {
+            uint8_t start_page = buff_rx[1];
+            uint8_t end_page = buff_rx[2];
+            if((start_page < page_num) &&
+               (end_page < page_num) && (start_page < end_page)) {
+                tx_len = (end_page - start_page) * 4;
+                memcpy(buff_tx, &mf_ul_emulate->data.data[start_page * 4], tx_len);
+               }
+        }
+    } else if(cmd == MF_UL_WRITE) {
+        uint8_t write_page = buff_rx[1];
+        if((write_page > 1) && (write_page < page_num - 2)) {
+            memcpy(&mf_ul_emulate->data.data[write_page * 4], &buff_rx[2], 4);
+            mf_ul_emulate->data_changed = true;
+            // TODO make 4-bit ACK
+            buff_tx[0] = 0x0A;
+            tx_len = 1;
+        }
+    } else if(cmd == MF_UL_READ_CNT) {
+        uint8_t cnt_num = buff_rx[1];
+        if(cnt_num < 3) {
+            buff_tx[0] = mf_ul_emulate->data.counter[cnt_num] >> 16;
+            buff_tx[1] = mf_ul_emulate->data.counter[cnt_num] >> 8;
+            buff_tx[2] = mf_ul_emulate->data.counter[cnt_num];
+            tx_len = 3;
+        }
+    } else if(cmd == MF_UL_INC_CNT) {
+        uint8_t cnt_num = buff_rx[1];
+        uint32_t inc = (buff_rx[2] | (buff_rx[3] << 8) | (buff_rx[4] << 16));
+        if((cnt_num < 3) && (mf_ul_emulate->data.counter[cnt_num] + inc < 0x00FFFFFF)) {
+            mf_ul_emulate->data.counter[cnt_num] += inc;
+            mf_ul_emulate->data_changed = true;
+            // TODO make 4-bit ACK
+            buff_tx[0] = 0x0A;
+            tx_len = 1;
+        }
+    } else if(cmd == MF_UL_READ_SIG) {
+        // Check 2nd byte = 0x00 - RFU
+        if(buff_rx[1] == 0x00) {
+            tx_len = sizeof(mf_ul_emulate->data.signature);
+            memcpy(buff_tx, mf_ul_emulate->data.signature, tx_len);
+        }
+    } else if(cmd == MF_UL_CHECK_TEARING) {
+        uint8_t cnt_num = buff_rx[1];
+        if(cnt_num < 3) {
+            buff_tx[0] = mf_ul_emulate->data.tearing[cnt_num];
+            tx_len = 1;
+        }
+    }
+    return tx_len;
+}
@@ -65,6 +65,7 @@ typedef struct {
    uint8_t pages_to_read;
    uint8_t pages_readed;
    bool support_fast_read;
+    bool data_changed;
    MifareUlData data;
 } MifareUlDevice;

@@ -93,3 +94,5 @@ void mf_ul_parse_fast_read_response(uint8_t* buff, uint8_t start_page, uint8_t e

 uint16_t mf_ul_prepare_write(uint8_t* dest, uint16_t page_addr, uint32_t data);

+void mf_ul_prepare_emulation(MifareUlDevice* mf_ul_emulate, MifareUlData* data);
+uint16_t mf_ul_prepare_emulation_response(uint8_t* buff_rx, uint16_t len_rx, uint8_t* buff_tx, MifareUlDevice* mf_ul_emulate);