diff --git a/firmware/apps/trace/main.c b/firmware/apps/trace/main.c index 60963620..bc7c0302 100644 --- a/firmware/apps/trace/main.c +++ b/firmware/apps/trace/main.c @@ -54,7 +54,7 @@ static const conf_func config_func_ptrs[] = { .init = Sniffer_init, .exit = Sniffer_exit, .run = Sniffer_run, - .usart1_irq = Sniffer_usart1_irq, + .usart0_irq = Sniffer_usart0_irq, }, #endif #ifdef HAVE_CCID @@ -165,8 +165,7 @@ extern int main(void) g_unique_id[0], g_unique_id[1], g_unique_id[2], g_unique_id[3]); TRACE_INFO("Reset Cause: 0x%x\n\r", (RSTC->RSTC_SR & RSTC_SR_RSTTYP_Msk) >> RSTC_SR_RSTTYP_Pos); - - TRACE_INFO("cfg %d\n\r", simtrace_config); + TRACE_INFO("USB configuration used: %d\n\r", simtrace_config); board_main_top(); diff --git a/firmware/libboard/simtrace/include/board.h b/firmware/libboard/simtrace/include/board.h index 46483137..00d32ee9 100644 --- a/firmware/libboard/simtrace/include/board.h +++ b/firmware/libboard/simtrace/include/board.h @@ -21,13 +21,11 @@ /** Smart card connection **/ /* Card RST reset signal input (active low; RST_SIM in schematic) */ -#define PIN_ISO7816_RSTMC {PIO_PA7, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT} +#define PIN_SIM_RST {PIO_PA7, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT} /* Card I/O data signal input/output (I/O_SIM in schematic) */ #define PIN_SIM_IO {PIO_PA6A_TXD0, PIOA, ID_PIOA, PIO_PERIPH_A, PIO_DEFAULT} /* Card CLK clock input (CLK_SIM in schematic) */ #define PIN_SIM_CLK {PIO_PA2B_SCK0, PIOA, ID_PIOA, PIO_PERIPH_B, PIO_DEFAULT} -/* ISO7816-communication related pins */ -#define PINS_ISO7816 PIN_SIM_IO, PIN_SIM_CLK, PIN_ISO7816_RSTMC // SIM_PWEN_PIN, PIN_SIM_IO2, PIN_SIM_CLK2 /* Pin to measure card I/O timing (to start measuring the ETU on I/O activity; connected I/O_SIM in schematic) */ #define PIN_SIM_IO_INPUT {PIO_PA1B_TIOB0, PIOA, ID_PIOA, PIO_PERIPH_B, PIO_DEFAULT} /* Pin used as clock input (to measure the ETU duration; connected to CLK_SIM in schematic) */ @@ -66,15 +64,23 @@ #define PIN_IO_SW_SNIFF {PIO_PA19, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT} /* Connect all lines (VPP, CLK, RST, and I/O) between card and phone */ #define PINS_BUS_SNIFF PIN_SC_SW_SNIFF, PIN_IO_SW_SNIFF +/* Use RST_SIM line to detect phone issued card reset */ +#define PIN_SIM_RST_SNIFF {PIO_PA7, PIOA, ID_PIOA, PIO_INPUT, PIO_PULLUP | PIO_DEBOUNCE | PIO_DEGLITCH | PIO_IT_EDGE } /* Pins used to sniff phone-card communication */ -#define PINS_SIM_SNIFF_SIM PIN_PHONE_IO, PIN_PHONE_CLK -/* Disable power converter 4.5-6V to 3.3V; (active high) */ +#define PINS_SIM_SNIFF_SIM PIN_SIM_IO, PIN_SIM_CLK, PIN_SIM_RST_SNIFF +/* Disable power converter 4.5-6V to 3.3V (active high) */ #define PIN_SIM_PWEN_SNIFF {SIM_PWEN, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT} -/* Enable power switch: VCC_PHONE to VCC_SIM; (active high) */ +/* Enable power switch to forward VCC_PHONE to VCC_SIM (active high) */ #define PIN_VCC_FWD_SNIFF {VCC_FWD, PIOA, ID_PIOA, PIO_OUTPUT_1, PIO_DEFAULT} /* Use phone VCC to power card */ #define PWR_PINS PIN_SIM_PWEN_SNIFF, PIN_VCC_FWD_SNIFF +/** CCID configuration */ +/* Card RST reset signal input (active low; RST_SIM in schematic) */ +#define PIN_ISO7816_RSTMC {PIO_PA7, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT} +/* ISO7816-communication related pins */ +#define PINS_ISO7816 PIN_SIM_IO, PIN_SIM_CLK, PIN_ISO7816_RSTMC // SIM_PWEN_PIN, PIN_SIM_IO2, PIN_SIM_CLK2 + /** External SPI flash interface **/ /* SPI MISO pin definition */ #define PIN_SPI_MISO {PIO_PA12A_MISO, PIOA, PIOA, PIO_PERIPH_A, PIO_PULLUP} diff --git a/firmware/libcommon/include/simtrace.h b/firmware/libcommon/include/simtrace.h index 21921cab..e39d1dc1 100644 --- a/firmware/libcommon/include/simtrace.h +++ b/firmware/libcommon/include/simtrace.h @@ -77,7 +77,6 @@ typedef struct { extern const USBConfigurationDescriptor *configurationDescriptorsArr[]; -int check_data_from_phone(); void update_fidi(uint8_t fidi); void ISR_PhoneRST( const Pin *pPin); @@ -109,7 +108,7 @@ extern void mode_cardemu_run(void); extern void MITM_run( void ); /* IRQ functions */ -extern void Sniffer_usart1_irq(void); +extern void Sniffer_usart0_irq(void); extern void mode_cardemu_usart0_irq(void); extern void mode_cardemu_usart1_irq(void); diff --git a/firmware/libcommon/source/sniffer.c b/firmware/libcommon/source/sniffer.c index fa272eb1..7cc688b3 100644 --- a/firmware/libcommon/source/sniffer.c +++ b/firmware/libcommon/source/sniffer.c @@ -1,32 +1,22 @@ -/* ---------------------------------------------------------------------------- - * ATMEL Microcontroller Software Support - * ---------------------------------------------------------------------------- - * Copyright (c) 2009, Atmel Corporation +/* + * (C) 2010-2017 by Harald Welte + * (C) 2018 by Kevin Redon + * All Rights Reserved * - * All rights reserved. + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. * - * - Redistributions of source code must retain the above copyright notice, - * this list of conditions and the disclaimer below. + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . * - * Atmel's name may not be used to endorse or promote products derived from - * this software without specific prior written permission. - * - * DISCLAIMER: THIS SOFTWARE IS PROVIDED BY ATMEL "AS IS" AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT ARE - * DISCLAIMED. IN NO EVENT SHALL ATMEL BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT - * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, - * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, - * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * ---------------------------------------------------------------------------- */ - #include "board.h" #include "simtrace.h" @@ -47,27 +37,24 @@ /** Maximum ATR ucSize in bytes.*/ #define MAX_ATR_SIZE 55 + /*------------------------------------------------------------------------------ * Internal variables *------------------------------------------------------------------------------*/ -/** ISO7816 pins */ -static const Pin pinsISO7816_sniff[] = { PINS_SIM_SNIFF_SIM }; +/* Pin configuration to sniff communication (using USART connection to SIM card) */ +static const Pin pins_sniff[] = { PINS_SIM_SNIFF_SIM }; +/* Connect phone to card using bus switch */ static const Pin pins_bus[] = { PINS_BUS_SNIFF }; - -static const Pin pPwr[] = { - /* Enable power converter 4.5-6V to 3.3V; low: off */ - {SIM_PWEN, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT}, - - /* Enable power forwarding: VCC_PHONE to VCC_SIM; high: on */ - {VCC_FWD, PIOA, ID_PIOA, PIO_OUTPUT_1, PIO_DEFAULT} -}; - -static struct Usart_info usart_info = { - .base = USART_PHONE, - .id = ID_USART_PHONE, +/* Power card using phone VCC */ +static const Pin pins_power[] = { PWR_PINS }; +/* Timer Counter pins to measure ETU timing */ +static const Pin pins_tc[] = { PINS_TC }; +/* USART peripheral used to sniff communication */ +static struct Usart_info sniff_usart = { + .base = USART_SIM, + .id = ID_USART_SIM, .state = USART_RCV, }; - /* Ring buffer to store sniffer communication data */ static struct ringbuf sniff_buffer; @@ -75,14 +62,14 @@ static struct ringbuf sniff_buffer; * Global functions *------------------------------------------------------------------------------*/ -void Sniffer_usart1_irq(void) +void Sniffer_usart0_irq(void) { /* Read channel status register */ - uint32_t csr = usart_info.base->US_CSR & usart_info.base->US_IMR; + uint32_t csr = sniff_usart.base->US_CSR & sniff_usart.base->US_IMR; /* Verify if character has been received */ if (csr & US_CSR_RXRDY) { /* Read communication data byte between phone and SIM */ - uint8_t byte = usart_info.base->US_RHR; + uint8_t byte = sniff_usart.base->US_RHR; /* Store sniffed data into buffer (also clear interrupt */ rbuf_write(&sniff_buffer, byte); } @@ -92,7 +79,7 @@ void Sniffer_usart1_irq(void) * Internal functions *------------------------------------------------------------------------------*/ -int check_data_from_phone(void) +static void check_sniffed_data(void) { /* Display sniffed data */ while (!rbuf_is_empty(&sniff_buffer)) { @@ -115,9 +102,10 @@ void Sniffer_configure(void) void Sniffer_exit(void) { TRACE_INFO("Sniffer exit\n\r"); - USART_DisableIt(USART_PHONE, US_IER_RXRDY); - NVIC_DisableIRQ(USART1_IRQn); - USART_SetReceiverEnabled(USART_PHONE, 0); + USART_DisableIt(sniff_usart.base, US_IER_RXRDY); + /* NOTE: don't forget to set the IRQ according to the USART peripheral used */ + NVIC_DisableIRQ(USART0_IRQn); + USART_SetReceiverEnabled(sniff_usart.base, 0); } /* called when *Sniffer* configuration is set by host */ @@ -125,25 +113,28 @@ void Sniffer_init(void) { TRACE_INFO("Sniffer Init\n\r"); + /* Configure pins to sniff communication between phone and card */ + PIO_Configure(pins_sniff, PIO_LISTSIZE(pins_sniff)); + /* Configure pins to connect phone to card */ + PIO_Configure(pins_bus, PIO_LISTSIZE(pins_bus)); + /* Configure pins to forward phone power to card */ + PIO_Configure(pins_power, PIO_LISTSIZE(pins_power)); + /* Clear ring buffer containing the sniffed data */ rbuf_reset(&sniff_buffer); - - /* Configure ISO7816 driver */ - PIO_Configure(pinsISO7816_sniff, PIO_LISTSIZE(pinsISO7816_sniff)); - PIO_Configure(pins_bus, PIO_LISTSIZE(pins_bus)); - - PIO_Configure(pPwr, PIO_LISTSIZE(pPwr)); - - ISO7816_Init(&usart_info, CLK_SLAVE); - - USART_SetReceiverEnabled(USART_PHONE, 1); - USART_EnableIt(USART_PHONE, US_IER_RXRDY); - NVIC_EnableIRQ(USART1_IRQn); + /* Configure USART to as ISO-7816 slave communication to sniff communication */ + ISO7816_Init(&sniff_usart, CLK_SLAVE); + /* Only receive data when sniffing */ + USART_SetReceiverEnabled(sniff_usart.base, 1); + /* Enable interrupt to indicate when data has been received */ + USART_EnableIt(sniff_usart.base, US_IER_RXRDY); + /* Enable interrupt requests for the USART peripheral (warning: use IRQ corresponding to USART) */ + NVIC_EnableIRQ(USART0_IRQn); } /* main (idle/busy) loop of this USB configuration */ void Sniffer_run(void) { - check_data_from_phone(); + check_sniffed_data(); } #endif /* HAVE_SNIFFER */