13 Commits

Author SHA1 Message Date
Milan Davídek 52f37bff8d Merge upstream/main into Jablotron PR #404
Resolved conflicts from upstream feature additions (IDTECK PR #407,
LF_T55XX_WRITE PR #413, ISO14443-4 T=CL emulation, HF14A scan-keep,
etc.) by keeping both sides where independent.

Command ID note for reviewer:
- Maintainer's IDTECK shift commit (1e78976) stated "Jablotron retains
  the original slots 3016 and 3017", but upstream had already taken
  3016 for DATA_CMD_LF_T55XX_WRITE. Only 3017 was actually free.
- Resolution: JABLOTRON_WRITE_TO_T55XX kept at 3017 (honors intent).
  JABLOTRON_SCAN moved 3016 -> 3019 (next free slot).
- 5xxx range: JABLOTRON_SET/GET_EMU_ID = 5010/5011 unchanged
  (IDTECK shifted to 5012/5013 as planned).

Python files parse cleanly. No duplicate command IDs in data_cmd.h
(3xxx and 5xxx ranges checked).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-26 13:51:54 +02:00
Niel Nielsen cef8b42c26 make_style as that is best practise 2026-05-11 12:36:51 +02:00
Milan Davídek fcb6eb4718 Add Jablotron LF tag support (read, emulate, write to T55xx)
Jablotron uses differential biphase (inverted) at RF/64, 64-bit frames:
  bits  0-15: 0xFFFF preamble
  bits 16-55: 40-bit data (5 bytes), bit 16 must be 0
  bits 56-63: 8-bit checksum = (sum of data bytes) XOR 0x3A

Firmware:
  - rfid/nfctag/lf/protocols/jablotron.c  - encoder/decoder codec
  - rfid/nfctag/lf/utils/diphase.c        - inverted-biphase state machine
    (shared util, reusable by other diphase protocols)
  - rfid/reader/lf/lf_jablotron_data.c    - GPIO-interval reader path
  - app_cmd.c: JABLOTRON_SCAN, JABLOTRON_WRITE_TO_T55XX,
                JABLOTRON_SET_EMU_ID, JABLOTRON_GET_EMU_ID
  - tag_base_type.h: TAG_TYPE_JABLOTRON enum
  - t55xx.h: T5577_JABLOTRON_CONFIG (DIPHASE modulation, RF/64)
  - lf_tag_em.c: load callback, factory-default data, save callback

Python CLI (software/script/):
  - lf jablotron read               - scan a real tag
  - lf jablotron write --id         - clone onto T55xx
  - lf jablotron econfig -s N --id  - set emulator ID on a slot
  - hw slot list shows Jablotron ID and decimal card number

Python test (software/script/tests/test_jablotron_modulator.py):
  Pure-Python round-trip validator that reimplements the modulator and
  diphase decoder, expands PWM entries to an edge stream, and confirms
  the decoded data matches the input.  Regression guard for both the
  firmware's double-frame encoding and the single-frame variant.

Notable PWM design choices:
  - Constant-level diphase encoding uses the same PAC pattern:
    CC=0 for LOW, CC=counter_top+1 for HIGH.  counter_top=31 gives
    exactly 32 carrier cycles per half-bit at NRF_PWM_CLK_125kHz.
  - The 64-bit frame is encoded twice in the 256-entry PWM buffer with
    the internal level variable persisting between the two passes.
    This is required for clean PWM looping: a single 64-bit diphase
    frame with an odd number of zero bits ends at a level opposite the
    starting level, leaving no transition at the loop boundary where
    the reader expects one.  Encoding twice guarantees a continuous
    diphase stream regardless of the data's zero-count parity.

Reference: Proxmark3 cmdlfjablotron.c

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-15 14:15:55 +02:00
GameTec-live 4c1096d1b6 Merge pull request #239 from taichunmin/mfkey32
`hf mf elog --decrypt` skip records with found keys
2025-08-14 11:07:50 +02:00
GameTec-live 27e7d504c6 Merge pull request #275 from unkernet/python_39
Restore Python 3.9 compatibility for Chameleon CLI
2025-08-13 21:59:32 +02:00
taichunmin 06a873fca4 fix linter 2025-08-13 00:51:16 +08:00
taichunmin c396d06baa hf mf elog --decrypt skip records with found keys 2025-08-12 04:17:42 +08:00
unkernet 89e098c773 Make CLI compatible with Python 3.9
- Replace Python 3.10+ type hint syntax (`int | None`) with  `Union[int, None]`.
- Add explicit `byteorder='big'` argument to all `int.from_bytes()` calls.
2025-08-10 14:44:40 +07:00
Foxushka d95112f821 Bump NETDATA_MAX_DATA_LENGTH from 512 to 4096
USB + BLE are tested
Closes #272
2025-08-09 17:51:57 +03:00
Foxushka cf00761902 Key recovery via backdoor for static encrypted nonce cards (#263)
* Implement MF1_ENC_NESTED_ACQUIRE in firmware

* Implement MF1_ENC_NESTED_ACQUIRE in software + fix code formatter

* Remove xz and pthreads from sources, use CMake FetchContent

* Update changelog

* lzma.h

* Update CMakeLists.txt

* Update CMakeLists.txt

* Probably fix workflow taking wrong commit for building

* Fix CMake building tools into bin/Debug on Windows

* Added cmd for fetching all slots nicks (without 16 commands)

* Fix type and use temp directory instead cwd (https://github.com/RfidResearchGroup/ChameleonUltra/pull/261)

* Fix endian for mfu_read_emu_counter_data and mfu_write_emu_counter_data

* Fix  --key interpreted as list
2025-08-01 22:12:07 +02:00
zeusricote 2b0d02f12e complete hardnested attack implementation (#254)
* hardnested test fixed, increased timeout on mf1_hard_nested_acquire to fix cmd exec timeout on clone

* hardnested recovery(cli command not yet ready), based in noproto/HardnestedRecovery

* removed compiled binary

* Hardnested cli ready

* removed some unnecesary files

* removed unnecesary cached files

* cmake now builds hardnested too

* removed license.md

* added liblzma source(should fix checks not passing)

* i missed a line

* trimmed xz sources

* cmake now links local liblzma.a

* third try(warning solved)

* cmake now builds and links correcctly liblzma.a

* xz-5.8.1 vfolder renamed to xz

* fixed paths

* runner test

* removed wrong placed check

* disable landlock under windows

* missing files

* missing files

* windows strtok fix

* corrected lzma path under windows

* fix

* set release config for liblzma

* corrected path

* trailing_zeros

* msclock

* msclock integer issue

* msclock missing header

* fallback if not using msvc

* deleted include by accident

* revert clock change

* change custom target for custom command

* windows fmemopen implementation

* wrong path

* wrong name

* use fmemopen only when not using msvc

* use fmemopen.h when building on windows, non msvc

* re-add static link

* wrong filename

* pthread handling for mingw(proxspace)

* cleanup
2025-04-18 23:53:25 +02:00
dxl 3f6f5ac9c1 Hardnested nonces acquire implemented. 2025-04-02 12:32:27 +08:00
Philippe Teuwen ecf3c06886 add regression tests 2023-10-25 00:32:31 +02:00