btlejack原始C++case SNIFF_AA:{
g_sniffer.pkt_count++;/* Dewhiten bytes 4 and 5. */
candidate_pdu[0]= rx_buffer[4];
candidate_pdu[1]= rx_buffer[5];dewhiten(candidate_pdu,2, g_sniffer.channel);if(((candidate_pdu[0]&0xF3)==1)&&(candidate_pdu[1]==0)){/* Check AA */
aa = rx_buffer[0]| rx_buffer[1]<<8| rx_buffer[2]<<16| rx_buffer[3]<<24;if(seen_aa(aa)>1){/* We may have a candidate AA. */
pLink->notifyAccessAddress(aa, g_sniffer.channel, NRF_RADIO->RSSISAMPLE);}}else{/* Shit right by one bit once and twice */for(j=0; j<2; j++){/* Shift right. */for(i=0; i<9; i++)//数据传输先从低位开始,所以先处理低位,右移就是保留高位
rx_buffer[i]= rx_buffer[i]>>1|((rx_buffer[i+1]&0x01)<<7);/* Dewhiten candidate PDU. */
candidate_pdu[0]= rx_buffer[4];
candidate_pdu[1]= rx_buffer[5];dewhiten(candidate_pdu,2, g_sniffer.channel);/* Check if PDU is the one expected. */if(((candidate_pdu[0]&0xF3)==1)&&(candidate_pdu[1]==0)){
aa = rx_buffer[0]| rx_buffer[1]<<8| rx_buffer[2]<<16| rx_buffer[3]<<24;if(seen_aa(aa)>1){/* We may have a candidate AA. */
pLink->notifyAccessAddress(aa, g_sniffer.channel, NRF_RADIO->RSSISAMPLE);}}}}if(g_sniffer.pkt_count >100){
g_sniffer.channel =(g_sniffer.channel +1)%37;radio_set_sniff(g_sniffer.channel);
g_sniffer.pkt_count =0;}/* Continue to receive. */
NRF_RADIO->TASKS_START =1;}break;
适配到keil中的,没大改动 c。主要是把 每个信道的接受次数给改一下。
#if1//SNIFF_AAcase SNIFF_AA:{
g_sniffer.pkt_count++;// 白化第四位第五位, Dewhiten bytes 4 and 5.
candidate_pdu[0]= rx_buffer[4];
candidate_pdu[1]= rx_buffer[5];dewhiten(candidate_pdu,2, g_sniffer.channel);if(((candidate_pdu[0]&0xF3)==1)&&(candidate_pdu[1]==0)){// Check AA
aa = rx_buffer[0]| rx_buffer[1]<<8| rx_buffer[2]<<16| rx_buffer[3]<<24;if(is_valid_aa(aa)){printf("第%d轮,正确的地址 %x\r\n",sum,aa);//We may have a candidate AA. //Link_notifyAccessAddress(aa, g_sniffer.channel, NRF_RADIO->RSSISAMPLE);}}else{//Shit right by one bit once and twice//这是因为地址可能是55开头的,所以需要移动两位,是两位for(j=0; j<2; j++){// Shift right.for(i=0; i<9; i++)
rx_buffer[i]= rx_buffer[i]>>1|((rx_buffer[i+1]&0x01)<<7);// Dewhiten candidate PDU.
candidate_pdu[0]= rx_buffer[4];
candidate_pdu[1]= rx_buffer[5];dewhiten(candidate_pdu,2, g_sniffer.channel);// Check if PDU is the one expected.if(((candidate_pdu[0]&0xF3)==1)&&(candidate_pdu[1]==0)){
aa = rx_buffer[0]| rx_buffer[1]<<8| rx_buffer[2]<<16| rx_buffer[3]<<24;if(is_valid_aa(aa)){// We may have a candidate AA. printf("第%d轮,正确的地址 %x\r\n",sum,aa);//Link_notifyAccessAddress(aa, g_sniffer.channel, NRF_RADIO->RSSISAMPLE);}}}}if(g_sniffer.pkt_count >10){
sum++;
g_sniffer.channel =(g_sniffer.channel +1)%37;radio_set_sniff(g_sniffer.channel);
g_sniffer.pkt_count =0;}// Continue to receive.
NRF_RADIO->TASKS_START =1;}break;#endif