From 4ba4d2230b9550ae2893e738e9b87a460d4f1ab9 Mon Sep 17 00:00:00 2001 From: Christina Quast Date: Mon, 2 Mar 2015 16:14:09 +0100 Subject: [PATCH] sniffer functionality fixed buffer It is possible to use sniffer.py to sniff the phone-simcard-communication. To be fixed: The buffer size read is fixed and the data is only send over USB if the buffer max length is reached. which means we don not get the last bytes of the transaction. This should be changed in one of the next commits. Maybe the former simtrace code can give some inspiration on this topic. --- sam3s_example/simtrace/simtrace.h | 13 ++++++ sam3s_example/simtrace/simtrace_iso7816.c | 54 +++++++++++++++++++---- sam3s_example/simtrace/sniffer.c | 13 +++++- sam3s_example/simtrace/usb.c | 5 --- 4 files changed, 70 insertions(+), 15 deletions(-) diff --git a/sam3s_example/simtrace/simtrace.h b/sam3s_example/simtrace/simtrace.h index 5e836052..c564563d 100644 --- a/sam3s_example/simtrace/simtrace.h +++ b/sam3s_example/simtrace/simtrace.h @@ -1,6 +1,19 @@ #ifndef SIMTRACE_H #define SIMTRACE_H +/* Endpoint numbers */ +#define DATAOUT 1 +#define DATAIN 2 +#define INT 3 + +#define BUFLEN 64 +typedef struct ring_buffer +{ + uint8_t buf[BUFLEN*2]; // data buffer + uint8_t idx; // number of items in the buffer +} ring_buffer; + + enum confNum { CFG_NUM_SNIFF = 1, CFG_NUM_PHONE, CFG_NUM_MITM, NUM_CONF }; diff --git a/sam3s_example/simtrace/simtrace_iso7816.c b/sam3s_example/simtrace/simtrace_iso7816.c index b03c6cdc..2d0b8c7a 100644 --- a/sam3s_example/simtrace/simtrace_iso7816.c +++ b/sam3s_example/simtrace/simtrace_iso7816.c @@ -38,11 +38,38 @@ extern uint8_t rcvdChar; extern uint32_t char_stat; +//#define BUFLEN 14 +// FIXME: Remove: +#define PR TRACE_DEBUG +//#define PR printf + +/*typedef struct ring_buffer +{ + uint8_t buf[BUFLEN*2]; // data buffer + uint8_t idx; // number of items in the buffer +} ring_buffer; +*/ +ring_buffer buf = { {0}, 0 }; + +void buf_push(uint8_t item) +{ + buf.buf[buf.idx % (BUFLEN*2)] = item; + PR("----- Push: %x %x\n\r", buf.idx, buf.buf[buf.idx]); + buf.idx = (buf.idx+1) % (BUFLEN*2); +} + +uint8_t get_buf_start(uint8_t *buf_start) +{ + *buf_start = &(buf.buf[buf.idx]); + return 2*BUFLEN-buf.idx; +} + /** Initializes a ISO driver */ // FIXME: This function is implemented in iso7816_4.c !! Only MCK instead of SCK is always taken. Change that! void _ISO7816_Init( void ) { + printf("ISO_Init\n\r"); TRACE_DEBUG("ISO_Init\n\r"); USART_Configure( USART_PHONE, @@ -98,20 +125,29 @@ void USART1_IrqHandler( void ) */ uint32_t csr = USART_PHONE->US_CSR; + PR("---- stat: %x\n\r", csr); + if (csr & US_CSR_TXRDY) { /* transmit buffer empty, nothing to transmit */ } if (csr & US_CSR_RXRDY) { stat = (csr&(US_CSR_OVRE|US_CSR_FRAME| - US_CSR_PARE|US_CSR_TIMEOUT|US_CSR_NACK| - (1<<10))); - + US_CSR_PARE|US_CSR_TIMEOUT|US_CSR_NACK| + (1<<10))); + if (stat == 0 ) { - /* Get a char */ - rcvdChar = ((USART_PHONE->US_RHR) & 0xFF); - } /* else: error occured */ - char_stat = stat; - } -} + /* Fill char into buffer */ + PR("---- BUFLEN %x\n\r", buf.idx); + buf_push((USART_PHONE->US_RHR) & 0xFF); + } else { + // buf_push((USART_PHONE->US_RHR) & 0xFF); + PR("%x\n\r", (USART_PHONE->US_RHR) & 0xFF); + } /* else: error occured */ + if ((buf.idx % BUFLEN) == 0) { + rcvdChar = 1; + } + char_stat = stat; + } +} diff --git a/sam3s_example/simtrace/sniffer.c b/sam3s_example/simtrace/sniffer.c index 46545263..c7182028 100644 --- a/sam3s_example/simtrace/sniffer.c +++ b/sam3s_example/simtrace/sniffer.c @@ -38,6 +38,8 @@ /*------------------------------------------------------------------------------ * Internal definitions *------------------------------------------------------------------------------*/ +// FIXME: Remove: +#define PR TRACE_DEBUG /** Maximum ucSize in bytes of the smartcard answer to a command.*/ #define MAX_ANSWER_SIZE 10 @@ -60,6 +62,7 @@ static const Pin pPwr[] = { extern uint32_t char_stat; extern uint8_t rcvdChar; +extern ring_buffer buf; /*----------------------------------------------------------------------------- * Initialization routine @@ -80,8 +83,16 @@ void Sniffer_Init( void ) void Sniffer_run( void ) { + uint8_t c = 0; + c++; + if (rcvdChar != 0) { - TRACE_DEBUG("Rcvd char _%x_ \n\r", rcvdChar); + /* DATA_IN for host side is data_out for simtrace side */ + /* FIXME: Performancewise sending a USB packet for every byte is a disaster */ + PR("----- %x %x %x ..\n\r", buf.buf[0], buf.buf[1],buf.buf[2] ); + USBD_Write( DATAIN, buf.buf, BUFLEN, 0, 0 ); +// USBD_Write( DATAIN, &c, 1, 0, 0 ); + PR("----- Rcvd char\n\r"); rcvdChar = 0; } } diff --git a/sam3s_example/simtrace/usb.c b/sam3s_example/simtrace/usb.c index 39893d8b..606b0b48 100644 --- a/sam3s_example/simtrace/usb.c +++ b/sam3s_example/simtrace/usb.c @@ -154,11 +154,6 @@ const unsigned char *stringDescriptors[] = { MITMConfigStringDescriptor }; -/* Endpoint numbers */ -#define DATAOUT 1 -#define DATAIN 2 -#define INT 3 - /*------------------------------------------------------------------------------ * USB Device descriptors *------------------------------------------------------------------------------*/