[SubGHz] Reading 64bit KeeLoq seem to be highly unreliable

ppseprus commented 1 year ago

Describe the bug.

I have a couple of test keyfobs that I use to make sure things work fine.

I was testing latest dev at 7175459 when I realised that pushing the same button on the same keyfob, out of 60 tries, about 58-59 I get an unknown manufacturer, while sometimes I get something random.

After multiple rounds of 60 signals, I basically saw all kinds of manufacturers: BFT, Aprimatic_TR, JCM_Tech, Sommer(fsk476), Cenmax, Partisan_RX, Mutanco_Mutancode, Teco, etc.

Here are some keys from the same button of the same test keyfob:

Protocol: KeeLoq
Bit: 64
Key: 4D E6 58 4_ __ __ __ __
Manufacture: Faraon

Protocol: KeeLoq
Bit: 64
Key: C7 0F E3 4_ __ __ __ __
Manufacture: Tomahawk_Z,X_3-5

Protocol: KeeLoq
Bit: 64
Key: 32 FA 36 F_ __ __ __ __
Manufacture: Teco

Protocol: KeeLoq
Bit: 64
Key: DA 87 1F A_ __ __ __ __
Manufacture: Mutanco_Mutancode

Protocol: KeeLoq
Bit: 64
Key: 13 9A A6 A_ __ __ __ __
Manufacture: Partisan_RX

Protocol: KeeLoq
Bit: 64
Key: 63 5E 45 2_ __ __ __ __
Manufacture: Sommer(fsk476)

// Unknowns

Protocol: KeeLoq
Bit: 64
Key: C4 D6 40 0_ __ __ __ __
Manufacture: Unknown

Protocol: KeeLoq
Bit: 64
Key: B6 8F 28 4_ __ __ __ __
Manufacture: Unknown

Protocol: KeeLoq
Bit: 64
Key: CB A2 9D 0_ __ __ __ __
Manufacture: Unknown

Protocol: KeeLoq
Bit: 64
Key: 16 72 64 F_ __ __ __ __
Manufacture: Unknown

Protocol: KeeLoq
Bit: 64
Key: 0D 14 B3 E_ __ __ __ __
Manufacture: Unknown

Unfortunately, Im not an expert at C or C++, so...

Is this due to changes in unleashed, or should I open this bug report at the official repository?
How is MF resolved from these signals? Shouldn't the same key always produce the same MF?
Is this a cosmetics issue, where the name is extracted unreliable, but other parts are intact OR does this mean that some other functionalities of SubGHz reading is always affected somehow?

Reproduction

Switch on, Open SubGHz Read
Select the frequency and modulation of your 64bit KeyLoq target (for me, 433.92 MHz, AM270)
Push one button on your keyfob
Repeat Step 3. until memory is full

Expected Behaviour MF is consistently identified (or consistently unknown, depending on exact manufacturer)

Actual Behaviour Out of 60 tries, 1-2 are some random (always different) manufacturers, while about 58-59 times I get unknown

Target

No response

Logs

No response

Anything else?

No response

xMasterX commented 1 year ago

Hello, this is not a bug, that’s how keeloq decoding works, unknown or random manufacturer means flipper has no manufacturer code for your remote, random manufacturers appear because of how algorithm is designed,

If you have genius idea how to detect with 100% correct results go ahead and describe all in detail, me and official firmware developers will be interested in it

ppseprus commented 1 year ago

Oh! I did not know that about KeeLoq! Thanks for explaining!

If you have genius idea how to detect with 100% correct results go ahead and describe all in detail, me and official firmware developers will be interested in it

I wish! 😅

DarkFlippers / unleashed-firmware