Chameleon-Mini
EM4233.h
1 /*
2  * EM4233.h
3  *
4  * Created on: 04.12.2018
5  * Author: ceres-c & MrMoDDoM
6  */
7 
8 #ifndef EM4233_H_
9 #define EM4233_H_
10 
11 #include "Application.h"
12 
13 #define EM4233_STD_UID_SIZE ISO15693_GENERIC_UID_SIZE
14 #define EM4233_STD_MEM_SIZE 0xD0 // Bytes
15 #define EM4233_BYTES_PER_BLCK 0x04
16 #define EM4233_BLCKS_PER_PAGE 0x04
17 #define EM4233_NUMBER_OF_BLCKS ( EM4233_STD_MEM_SIZE / EM4233_BYTES_PER_BLCK )
18 #define EM4233_NUMBER_OF_PAGES ( EM4233_STD_MEM_SIZE / (EM4233_BYTES_PER_BLCK * EM4233_BLCKS_PER_PAGE) )
19 
20 #define EM4233_IC_REFERENCE 0x02 // From EM4233SLIC datasheet and checked against real tags
21 
22 #define EM4233_MEM_UID_ADDRESS 0xD0 // From 0x0100 to 0x0107 - UID
23 #define EM4233_MEM_AFI_ADDRESS 0xD8 // AFI byte address
24 #define EM4233_MEM_DSFID_ADDRESS 0xD9 // DSFID byte adress
25 #define EM4233_MEM_INF_ADDRESS 0xDC // Some status bits
26 
27 #define EM4233_MEM_LSM_ADDRESS 0xE0 // From 0xE0 to 0x0113 - Lock status masks
28 #define EM4233_MEM_PSW_ADDRESS 0x0114 // From 0x0114 to 0x0117 - 32 bit Password
29 #define EM4233_MEM_KEY_ADDRESS 0x0118 // From 0x0118 to 0x0123 - 96 bit Encryption Key
30 
31 #define EM4233_SYSINFO_BYTE 0x0F // == DSFID - AFI - VICC mem size - IC ref are present
32 
33 /* Bit masks */
34 #define EM4233_MASK_READ_PROT ( 1 << 2 ) // For lock status byte
35 #define EM4233_MASK_WRITE_PROT ( 1 << 3 )
36 #define EM4233_MASK_AFI_STATUS ( 1 << 0 )
37 #define EM4233_MASK_DSFID_STATUS ( 1 << 1 )
38 
39 /* Custom command code */
40 #define EM4233_CMD_SET_EAS 0xA2
41 #define EM4233_CMD_RST_EAS 0xA3
42 #define EM4233_CMD_LCK_EAS 0xA4
43 #define EM4233_CMD_ACT_EAS 0xA5
44 #define EM4233_CMD_PRT_EAS 0xA6
45 #define EM4233_CMD_WRT_EAS_ID 0xA7
46 #define EM4233_CMD_WRT_EAS_CFG 0xA8
47 #define EM4233_CMD_WRT_PSW 0xB4
48 #define EM4233_CMD_WRT_MEM_PAG 0xB6
49 #define EM4233_CMD_GET_BLKS_PRT_STS 0xB8
50 #define EM4233_CMD_DESTROY 0xB9
51 #define EM4233_CMD_ENABLE_PRCY 0xBA
52 #define EM4233_CMD_DISBLE_PRCY 0xBB
53 #define EM4233_CMD_FST_READ_BLKS 0xC3
54 
55 /* Proprietary command code */
56 #define EM4233_CMD_AUTH1 0xE0
57 #define EM4233_CMD_AUTH2 0xE1
58 #define EM4233_CMD_GEN_READ 0xE2 // Implies some sort of singed CRC. Unknown at the moment
59 #define EM4233_CMD_GEN_WRITE 0xE3 // Same
60 #define EM4233_CMD_LOGIN 0xE4
61 
62 /* Compile time switch */
63 /* EM4233_LOGIN_YES_CARD has to be uncommented if you want your emulated card
64  * to accept any given password from the reader when a Login request (E4) is issued.
65  * It is expecially useful when analyzing an unknown system and you want to fool a reader
66  * into thiking you are using the original tag without actually knowing the password.
67  */
68 #define EM4233_LOGIN_YES_CARD
69 
70 void EM4233AppInit(void);
71 void EM4233AppReset(void);
72 void EM4233AppTask(void);
73 void EM4233AppTick(void);
74 uint16_t EM4233AppProcess(uint8_t *FrameBuf, uint16_t FrameBytes);
75 void EM4233GetUid(ConfigurationUidType Uid);
76 void EM4233SetUid(ConfigurationUidType Uid);
77 void EM4233FlipUid(ConfigurationUidType Uid);
78 
79 #endif /* EM4233_H_ */