From 0e2542e1c451b97e6235c95018ac61bae7b203c3 Mon Sep 17 00:00:00 2001 From: r3df0xx Date: Fri, 1 Apr 2022 23:06:24 +0300 Subject: [PATCH] New debug info and fix FloR-S bytes logic --- lib/subghz/protocols/keeloq.c | 24 +++++++++++++++++++++++- lib/subghz/protocols/nice_flor_s.c | 30 +++++++++++++++--------------- lib/subghz/protocols/star_line.c | 14 +++++++++++++- lib/subghz/subghz_keystore.c | 5 ++++- 4 files changed, 55 insertions(+), 18 deletions(-) diff --git a/lib/subghz/protocols/keeloq.c b/lib/subghz/protocols/keeloq.c index 9d97107d2..b6c976f3d 100644 --- a/lib/subghz/protocols/keeloq.c +++ b/lib/subghz/protocols/keeloq.c @@ -154,7 +154,7 @@ static bool subghz_protocol_keeloq_gen_data(SubGhzProtocolEncoderKeeloq* instanc code_found_reverse = subghz_protocol_blocks_reverse_key( instance->generic.data, instance->generic.data_count_bit); hop = code_found_reverse & 0x00000000ffffffff; - FURI_LOG_I(TAG, "hop = %X", hop); + FURI_LOG_I(TAG, "hop = %llX", hop); break; } break; @@ -483,6 +483,7 @@ static uint8_t subghz_protocol_keeloq_check_remote_controller_selector( case KEELOQ_LEARNING_SIMPLE: // Simple Learning decrypt = subghz_protocol_keeloq_common_decrypt(hop, manufacture_code->key); + FURI_LOG_I(TAG, "mfkey: %llX", manufacture_code->key); if(subghz_protocol_keeloq_check_decrypt(instance, decrypt, btn, end_serial)) { *manufacture_name = string_get_cstr(manufacture_code->name); return 1; @@ -492,6 +493,8 @@ static uint8_t subghz_protocol_keeloq_check_remote_controller_selector( // Normal Learning // https://phreakerclub.com/forum/showpost.php?p=43557&postcount=37 man = subghz_protocol_keeloq_common_normal_learning(fix, manufacture_code->key); + FURI_LOG_I(TAG, "mfkey: %llX", manufacture_code->key); + FURI_LOG_I(TAG, "man_learning: %llX", man); decrypt = subghz_protocol_keeloq_common_decrypt(hop, man); if(subghz_protocol_keeloq_check_decrypt(instance, decrypt, btn, end_serial)) { *manufacture_name = string_get_cstr(manufacture_code->name); @@ -501,6 +504,8 @@ static uint8_t subghz_protocol_keeloq_check_remote_controller_selector( case KEELOQ_LEARNING_SECURE: man = subghz_protocol_keeloq_common_secure_learning( fix, seed, manufacture_code->key); + FURI_LOG_I(TAG, "mfkey: %llX", manufacture_code->key); + FURI_LOG_I(TAG, "man_learning: %llX", man); decrypt = subghz_protocol_keeloq_common_decrypt(hop, man); if(subghz_protocol_keeloq_check_decrypt(instance, decrypt, btn, end_serial)) { *manufacture_name = string_get_cstr(manufacture_code->name); @@ -510,6 +515,8 @@ static uint8_t subghz_protocol_keeloq_check_remote_controller_selector( case KEELOQ_LEARNING_MAGIC_XOR_TYPE_1: man = subghz_protocol_keeloq_common_magic_xor_type1_learning( fix, manufacture_code->key); + FURI_LOG_I(TAG, "mfkey: %llX", manufacture_code->key); + FURI_LOG_I(TAG, "man_learning: %llX", man); decrypt = subghz_protocol_keeloq_common_decrypt(hop, man); if(subghz_protocol_keeloq_check_decrypt(instance, decrypt, btn, end_serial)) { *manufacture_name = string_get_cstr(manufacture_code->name); @@ -519,6 +526,7 @@ static uint8_t subghz_protocol_keeloq_check_remote_controller_selector( case KEELOQ_LEARNING_UNKNOWN: // Simple Learning decrypt = subghz_protocol_keeloq_common_decrypt(hop, manufacture_code->key); + FURI_LOG_I(TAG, "mfkey: %llX", manufacture_code->key); if(subghz_protocol_keeloq_check_decrypt(instance, decrypt, btn, end_serial)) { *manufacture_name = string_get_cstr(manufacture_code->name); return 1; @@ -530,6 +538,8 @@ static uint8_t subghz_protocol_keeloq_check_remote_controller_selector( man_rev_byte = (uint8_t)(manufacture_code->key >> i); man_rev = man_rev | man_rev_byte << (56 - i); } + FURI_LOG_I(TAG, "man_learning_rev: %llX", man_rev); + FURI_LOG_I(TAG, "man_learning: %llX", man); decrypt = subghz_protocol_keeloq_common_decrypt(hop, man_rev); if(subghz_protocol_keeloq_check_decrypt(instance, decrypt, btn, end_serial)) { *manufacture_name = string_get_cstr(manufacture_code->name); @@ -539,6 +549,8 @@ static uint8_t subghz_protocol_keeloq_check_remote_controller_selector( // Normal Learning // https://phreakerclub.com/forum/showpost.php?p=43557&postcount=37 man = subghz_protocol_keeloq_common_normal_learning(fix, manufacture_code->key); + FURI_LOG_I(TAG, "mfkey: %llX", manufacture_code->key); + FURI_LOG_I(TAG, "man_learning: %llX", man); decrypt = subghz_protocol_keeloq_common_decrypt(hop, man); if(subghz_protocol_keeloq_check_decrypt(instance, decrypt, btn, end_serial)) { *manufacture_name = string_get_cstr(manufacture_code->name); @@ -547,6 +559,8 @@ static uint8_t subghz_protocol_keeloq_check_remote_controller_selector( // Check for mirrored man man = subghz_protocol_keeloq_common_normal_learning(fix, man_rev); + FURI_LOG_I(TAG, "man_learning_rev: %llX", man_rev); + FURI_LOG_I(TAG, "man_learning: %llX", man); decrypt = subghz_protocol_keeloq_common_decrypt(hop, man); if(subghz_protocol_keeloq_check_decrypt(instance, decrypt, btn, end_serial)) { *manufacture_name = string_get_cstr(manufacture_code->name); @@ -556,6 +570,8 @@ static uint8_t subghz_protocol_keeloq_check_remote_controller_selector( // Secure Learning man = subghz_protocol_keeloq_common_secure_learning( fix, seed, manufacture_code->key); + FURI_LOG_I(TAG, "mfkey: %llX", manufacture_code->key); + FURI_LOG_I(TAG, "man_learning: %llX", man); decrypt = subghz_protocol_keeloq_common_decrypt(hop, man); if(subghz_protocol_keeloq_check_decrypt(instance, decrypt, btn, end_serial)) { *manufacture_name = string_get_cstr(manufacture_code->name); @@ -564,6 +580,8 @@ static uint8_t subghz_protocol_keeloq_check_remote_controller_selector( // Check for mirrored man man = subghz_protocol_keeloq_common_secure_learning(fix, seed, man_rev); + FURI_LOG_I(TAG, "man_learning_rev: %llX", man_rev); + FURI_LOG_I(TAG, "man_learning: %llX", man); decrypt = subghz_protocol_keeloq_common_decrypt(hop, man); if(subghz_protocol_keeloq_check_decrypt(instance, decrypt, btn, end_serial)) { *manufacture_name = string_get_cstr(manufacture_code->name); @@ -573,6 +591,8 @@ static uint8_t subghz_protocol_keeloq_check_remote_controller_selector( // Magic xor type1 learning man = subghz_protocol_keeloq_common_magic_xor_type1_learning( fix, manufacture_code->key); + FURI_LOG_I(TAG, "mfkey: %llX", manufacture_code->key); + FURI_LOG_I(TAG, "man_learning: %llX", man); decrypt = subghz_protocol_keeloq_common_decrypt(hop, man); if(subghz_protocol_keeloq_check_decrypt(instance, decrypt, btn, end_serial)) { *manufacture_name = string_get_cstr(manufacture_code->name); @@ -581,6 +601,8 @@ static uint8_t subghz_protocol_keeloq_check_remote_controller_selector( // Check for mirrored man man = subghz_protocol_keeloq_common_magic_xor_type1_learning(fix, man_rev); + FURI_LOG_I(TAG, "man_learning_rev: %llX", man_rev); + FURI_LOG_I(TAG, "man_learning: %llX", man); decrypt = subghz_protocol_keeloq_common_decrypt(hop, man); if(subghz_protocol_keeloq_check_decrypt(instance, decrypt, btn, end_serial)) { *manufacture_name = string_get_cstr(manufacture_code->name); diff --git a/lib/subghz/protocols/nice_flor_s.c b/lib/subghz/protocols/nice_flor_s.c index 5257156bf..0c5727036 100644 --- a/lib/subghz/protocols/nice_flor_s.c +++ b/lib/subghz/protocols/nice_flor_s.c @@ -128,13 +128,13 @@ static bool } instance->generic.cnt++; - FURI_LOG_I(TAG, "serial = %X", instance->generic.serial); - FURI_LOG_I(TAG, "counter = %X", instance->generic.cnt); - FURI_LOG_I(TAG, "button = %X", btn); - uint64_t decrypt = (uint64_t)( (instance->generic.serial << 16) | (instance->generic.cnt) ); - FURI_LOG_I(TAG, "decrypt = %016X", decrypt); - uint64_t enc_part = (uint64_t)subghz_protocol_nice_flor_s_encrypt(decrypt, file_name); - FURI_LOG_I(TAG, "enc_part = %016X", enc_part); + FURI_LOG_I(TAG, "serial = %llX", instance->generic.serial); + FURI_LOG_I(TAG, "counter = %llX", instance->generic.cnt); + FURI_LOG_I(TAG, "button = %llX", btn); + uint64_t decrypt = ((uint64_t)instance->generic.serial << 16) | instance->generic.cnt; + FURI_LOG_I(TAG, "decrypt = %llX", decrypt); + uint64_t enc_part = subghz_protocol_nice_flor_s_encrypt(decrypt, file_name); + FURI_LOG_I(TAG, "enc_part = %llX", enc_part); for (int i = 0; i < 16; i++) { @@ -156,21 +156,21 @@ static bool if (btn == 0x1) { //Button 1 - instance->generic.data = ( (btn << 4) | (0xF ^ btn ^ loops[0][i]) << 44 | (enc_part) ); + instance->generic.data = ((uint64_t)btn << 4) | (0xF ^ btn ^ loops[0][i]) << 44 | enc_part; } if (btn == 0x2) { //Button 2 - instance->generic.data = ( (btn << 4) | (0xF ^ btn ^ loops[1][i]) << 44 | (enc_part) ); + instance->generic.data = ((uint64_t)btn << 4) | (0xF ^ btn ^ loops[1][i]) << 44 | enc_part; } if (btn == 0x4) { //Button 3 - instance->generic.data = ( (btn << 4) | (0xF ^ btn ^ loops[2][i]) << 44 | (enc_part) ); + instance->generic.data = ((uint64_t)btn << 4) | (0xF ^ btn ^ loops[2][i]) << 44 | enc_part; } if (btn == 0x8) { //Button 4 - instance->generic.data = ( (btn << 4) | ((0xF ^ btn ^ loops[3][i]) << 44) | (enc_part) ); + instance->generic.data = ((uint64_t)btn << 4) | (0xF ^ btn ^ loops[3][i]) << 44 | enc_part; } - FURI_LOG_I(TAG, "key = %016X", instance->generic.data); + FURI_LOG_I(TAG, "key = %llX", instance->generic.data); //Send header for(uint8_t i = 35; i > 0; i--) { @@ -323,7 +323,7 @@ uint64_t subghz_protocol_nice_flor_s_encrypt(uint64_t data, const char* file_nam k = ~p[3]; p[3] = ~p[1]; p[1] = k; - FURI_LOG_I(TAG, "encrypted_data = %016X", data); + FURI_LOG_I(TAG, "encrypted_data = %llX", data); return data; } @@ -362,7 +362,7 @@ static uint64_t p[1] = k; } } - FURI_LOG_I(TAG, "decrypted_data = %016X", data); + FURI_LOG_I(TAG, "decrypted_data = %llX", data); return data; } @@ -507,7 +507,7 @@ static void subghz_protocol_nice_flor_s_remote_controller( instance->btn = 0; } else { uint64_t decrypt = subghz_protocol_nice_flor_s_decrypt(instance, file_name); - FURI_LOG_I(TAG, "init_decrypted_data = %016X", decrypt); + FURI_LOG_I(TAG, "init_decrypted_data = %llX", decrypt); instance->cnt = decrypt & 0xFFFF; instance->serial = (decrypt >> 16) & 0xFFFFFFF; instance->btn = (decrypt >> 48) & 0xF; diff --git a/lib/subghz/protocols/star_line.c b/lib/subghz/protocols/star_line.c index c65f529a0..1b050ccbd 100644 --- a/lib/subghz/protocols/star_line.c +++ b/lib/subghz/protocols/star_line.c @@ -149,7 +149,10 @@ static bool subghz_protocol_star_line_gen_data(SubGhzProtocolEncoderStarLine* in hop = subghz_protocol_keeloq_common_encrypt(decrypt, man); break; case KEELOQ_LEARNING_UNKNOWN: - hop = 0; //todo + code_found_reverse = subghz_protocol_blocks_reverse_key( + instance->generic.data, instance->generic.data_count_bit); + hop = code_found_reverse & 0x00000000ffffffff; + FURI_LOG_I(TAG, "hop = %llX", hop); break; } break; @@ -457,6 +460,7 @@ static uint8_t subghz_protocol_star_line_check_remote_controller_selector( case KEELOQ_LEARNING_SIMPLE: //Simple Learning decrypt = subghz_protocol_keeloq_common_decrypt(hop, manufacture_code->key); + FURI_LOG_I(TAG, "mfkey: %llX", manufacture_code->key); if(subghz_protocol_star_line_check_decrypt(instance, decrypt, btn, end_serial)) { *manufacture_name = string_get_cstr(manufacture_code->name); return 1; @@ -467,6 +471,8 @@ static uint8_t subghz_protocol_star_line_check_remote_controller_selector( // https://phreakerclub.com/forum/showpost.php?p=43557&postcount=37 man_normal_learning = subghz_protocol_keeloq_common_normal_learning(fix, manufacture_code->key); + FURI_LOG_I(TAG, "mfkey: %llX", manufacture_code->key); + FURI_LOG_I(TAG, "man_learning: %llX", man); decrypt = subghz_protocol_keeloq_common_decrypt(hop, man_normal_learning); if(subghz_protocol_star_line_check_decrypt(instance, decrypt, btn, end_serial)) { *manufacture_name = string_get_cstr(manufacture_code->name); @@ -476,6 +482,7 @@ static uint8_t subghz_protocol_star_line_check_remote_controller_selector( case KEELOQ_LEARNING_UNKNOWN: // Simple Learning decrypt = subghz_protocol_keeloq_common_decrypt(hop, manufacture_code->key); + FURI_LOG_I(TAG, "mfkey: %llX", manufacture_code->key); if(subghz_protocol_star_line_check_decrypt(instance, decrypt, btn, end_serial)) { *manufacture_name = string_get_cstr(manufacture_code->name); return 1; @@ -487,6 +494,7 @@ static uint8_t subghz_protocol_star_line_check_remote_controller_selector( man_rev_byte = (uint8_t)(manufacture_code->key >> i); man_rev = man_rev | man_rev_byte << (56 - i); } + FURI_LOG_I(TAG, "man_learning_rev: %llX", man_rev); decrypt = subghz_protocol_keeloq_common_decrypt(hop, man_rev); if(subghz_protocol_star_line_check_decrypt(instance, decrypt, btn, end_serial)) { *manufacture_name = string_get_cstr(manufacture_code->name); @@ -497,12 +505,16 @@ static uint8_t subghz_protocol_star_line_check_remote_controller_selector( // https://phreakerclub.com/forum/showpost.php?p=43557&postcount=37 man_normal_learning = subghz_protocol_keeloq_common_normal_learning(fix, manufacture_code->key); + FURI_LOG_I(TAG, "mfkey: %llX", manufacture_code->key); + FURI_LOG_I(TAG, "man_learning: %llX", man_normal_learning); decrypt = subghz_protocol_keeloq_common_decrypt(hop, man_normal_learning); if(subghz_protocol_star_line_check_decrypt(instance, decrypt, btn, end_serial)) { *manufacture_name = string_get_cstr(manufacture_code->name); return 1; } man_normal_learning = subghz_protocol_keeloq_common_normal_learning(fix, man_rev); + FURI_LOG_I(TAG, "man_learning_rev: %llX", man_rev); + FURI_LOG_I(TAG, "man_learning: %llX", man_normal_learning); decrypt = subghz_protocol_keeloq_common_decrypt(hop, man_normal_learning); if(subghz_protocol_star_line_check_decrypt(instance, decrypt, btn, end_serial)) { *manufacture_name = string_get_cstr(manufacture_code->name); diff --git a/lib/subghz/subghz_keystore.c b/lib/subghz/subghz_keystore.c index 57eea544f..20f8f6b7c 100644 --- a/lib/subghz/subghz_keystore.c +++ b/lib/subghz/subghz_keystore.c @@ -139,6 +139,7 @@ static bool subghz_keystore_read_file(SubGhzKeystore* instance, Stream* stream, if(furi_hal_crypto_decrypt( (uint8_t*)encrypted_line, (uint8_t*)decrypted_line, len)) { subghz_keystore_process_line(instance, decrypted_line); + FURI_LOG_I(TAG, "decrypted line: %llX", decrypted_line); } else { FURI_LOG_E(TAG, "Decryption failed"); result = false; @@ -578,7 +579,9 @@ bool subghz_keystore_raw_get_data(const char* file_name, size_t offset, uint8_t* buffer[i / 2] = (hi_nibble << 4) | lo_nibble; } + FURI_LOG_I(TAG, "decrypted line: %llX", decrypted_line); memset(decrypted_line, 0, SUBGHZ_KEYSTORE_FILE_DECRYPTED_LINE_SIZE); + FURI_LOG_I(TAG, "decrypted line: %llX", decrypted_line); if(!furi_hal_crypto_decrypt( (uint8_t*)buffer, (uint8_t*)decrypted_line, bufer_size / 2)) { @@ -587,7 +590,7 @@ bool subghz_keystore_raw_get_data(const char* file_name, size_t offset, uint8_t* break; } memcpy(data, (uint8_t*)decrypted_line + (offset - (offset / 16) * 16), len); - FURI_LOG_I(TAG, "decrypted line: %016X", decrypted_line); + FURI_LOG_I(TAG, "decrypted line: %llX", decrypted_line); } while(0); furi_hal_crypto_store_unload_key(SUBGHZ_KEYSTORE_FILE_ENCRYPTION_KEY_SLOT);