| 974ba9a2 |
1 | ################ |
| 2 | ## 2009/04/09 ## |
| 3 | ################ |
| 4 | |
| 5 | Initial SVN commit plus: |
| 6 | - Added indala demodulation algorithm - full documentation on https://www.lafargue.name/proxmark3/ |
| 7 | - losim should also be able to simulate an indala tag after indalademod |
| 8 | - offline mode for the proxmark3 CLI: if no Proxmark is detected, it will |
| 9 | still go on, but all commands requiring USB will fail (obviously). |
| 10 | A proper implementation would require only enabling offline commands |
| 11 | in this mode. |
| 12 | |
| 13 | |
| 6658905f |
14 | ################ |
| 15 | ## 2009/03/28 ## |
| 16 | ################ |
| 17 | winsrc/command.cpp |
| 18 | Added two new LF commands for tag exploration : |
| 19 | |
| 20 | - askdemod: takes 2 arguments, one is the clock rate, one is the modulation |
| 21 | convention (high mod is 1 or high mod is zero) |
| 22 | |
| 23 | This command demodulates the stream into a binary stream into |
| 24 | the trace buffer (0's and 1's) |
| 25 | |
| 26 | - mandemod: manchester decoding of a bitstream: takes a binary stream from |
| 27 | the trace buffer (see askdemod) and attempts to do manchester decoding |
| 28 | to it. One argument: clock rate. Outputs the bitstream to the scrollback buffer. |
| 29 | |
| 30 | Those two helped me to validate that the unknown tag I had was indeed an EM4100 type of tag |
| 31 | |
| 32 | |
| 33 | ################\r |
| 34 | ## 2008/12/11 ##\r |
| 35 | ################\r |
| 36 | bootrom/bootrom.c\r |
| 37 | Significant changes to bootloader. Use of Chip ID register to detect if running on a SAM7S512 then configure FLASH\r |
| 38 | waitstates as per SummoningDark's suggestion for a SAM7S512 or SAM7S256.\r |
| 39 | Deleted idle loops waiting blindly for clocks to settle and now using status registers to detect when clocks are stable.\r |
| 40 | \r |
| 41 | *************************\r |
| 42 | * IMPORTANT INFORMATION *\r |
| 43 | **************************************************************************************************************************\r |
| 44 | * With this boot code, the device can now only be flashed if button is held down after power on or a software reset.\r |
| 45 | * The flash procedure is this:\r |
| 46 | * Hold down button. Either plug in USB or software reset it. _While_holding_down_button_ (red and yellow LEDs are lit) you can\r |
| 47 | * issue one or more of the "prox bootrom <file>" "prox fpga <file>" "prox load <file>", be sure to hold button down for the\r |
| 48 | * entire duration of the flash process. Only release the button when flashing is complete and you want to let the board boot.\r |
| 49 | * This process may be less convenient but it's safer and avoids "unintentional" flashing of the board.\r |
| 50 | **************************************************************************************************************************\r |
| 51 | LED boot sequence now changed, C (red) lights up when boot code jumps from flash to RAM boot code, A (yellow) lights up after\r |
| 52 | clocks have been initialized, B (green) lights up when jumping from boot code to main code, then D (red led away from the others)\r |
| 53 | lights up while code is being downloaded to FPGA, then all leds turn off and board is ready for action.\r |
| 54 | \r |
| 55 | With these changes the board now boots and is ready to use in about 3 seconds. Also since the USB bus is not initialized\r |
| 56 | twice (once during boot, then again when the main code runs) unless the button is held down at boot, this seems to avoid\r |
| 57 | the double USB connect and "USB device not recognized" when device is connected to the USB bus or software reset.\r |
| 58 | \r |
| 59 | ################\r |
| 60 | ## 2008/12/06 ##\r |
| 61 | ################\r |
| 62 | armsrc/fpga.c\r |
| 63 | Implemented function SetupSpi() to initialize the Serial Peripheral Interface (SPI) in preparation to adding an LCD to the board.\r |
| 64 | Changed FpgaWriteConfWord() to use the SPI communication now instead of bit banging the serial data to the FPGA.\r |
| 65 | \r |
| 66 | fpga/fpga.v\r |
| 67 | The FPGA config word serializer required non standard SPI communication (ie for shifting in a 8 bit word, it required a 9th clock\r |
| 68 | cycle with NCS high to load the word from the shift register to the conf register). This was OK for manually bitbanging it but not\r |
| 69 | suitable for using SPI comms. The serializer was fixed to load the conf word from the shift register on a NCS lo-hi transition and\r |
| 70 | not require additional clocking.\r |
| 71 | \r |
| 72 | armsrc/fpgaimg.c\r |
| 73 | Recompiled FPGA code after changes above.\r |
| 74 | \r |
| 75 | armsrc/LCD.c\r |
| 76 | LCD driver for PCF8833 based LCDs like those found on Nokia models 2600,2650,3100,3120,5140,6030,6100,6610,7210,7250 maybe\r |
| 77 | others. These color LCDs have a resolution of 132x132 and a serial interface. They are very cheap like even down to $2/pc\r |
| 78 | This LCD driver is a straight rip of that found at http://www.sparkfun.com/datasheets/LCD/Jimbo-Nokia-SAM7-Example.zip with\r |
| 79 | very small changes, mainly to integrate it and make it compile with our codebase. Also comented out the circle subroutines\r |
| 80 | to keep the code to integer math only.\r |
| 81 | \r |
| 82 | armsrc/fonts.c\r |
| 83 | Font definition for LCD driver\r |
| 84 | \r |
| 85 | armsrc/appmain.c\r |
| 86 | Fixed a small bug in CmdHIDdemodFSK (added case 4) which prevented reading some tags. When a logic 0 is immediately followed\r |
| 87 | by the start of the next transmisson (special pattern) a pattern of 4 bit duration lengths is created.\r |
| 88 | \r |
| 89 | ################\r |
| 90 | ## 2008/11/27 ##\r |
| 91 | ################\r |
| 92 | armsrc/appmain.c\r |
| 93 | Implemented an HID tag FSK demodulator (CmdHIDdemodFSK) to obtain the tag ID code from the raw sampled waveform.\r |
| 94 | Implemented CmdHIDsimTAG which takes a 44bit HID tag ID as a hex number then creates the waveform and simulates the tag\r |
| 95 | \r |
| 96 | winsrc/command.cpp\r |
| 97 | Added command "hidfskdemod" that calls CmdHIDdemodFSK, the ARM FSK demodulator for HID tags.\r |
| 98 | \r |
| 99 | include/usb-cmd.h\r |
| 100 | New defines CMD_HID_DEMOD_FSK and CMD_HID_SIM_TAG\r |
| 101 | \r |
| 102 | 2008/11/25\r |
| 103 | common/iso14443_crc.c\r |
| 104 | Moved CRC calculation code into this file as it's common to both ARM and Windows side. This file is now included as needed.\r |
| 105 | \r |
| 106 | ################\r |
| 107 | ## 2008/11/21 ##\r |
| 108 | ################\r |
| 109 | armsrc/Makefile\r |
| 110 | Changes to split up the compilation of the ARM and produce separate S files for the FPGA code and the ARM code.\r |
| 111 | \r |
| 112 | armsrc/appmain.c\r |
| 113 | Replaced some of the hex value params in FpgaWriteConfWord with more explanatory defines.\r |
| 114 | Changes to the Tune command as it assumes wrong HF capacitor value (130pF) and produces wrong voltage readings.\r |
| 115 | Combined some of the integer arithmetic statements to improve accuracy slightly, since the voltage divider ratio is not an integer.\r |
| 116 | Voltage divider resistor network is 10M/240k = ratio of 41.6666\r |
| 117 | \r |
| 118 | Originally the calculation was rounding the ratio down to 41\r |
| 119 | 3300 (mV) * 41 * sample_value / 1024\r |
| 120 | New calculation without rounding error is\r |
| 121 | 3300 (mV) * 41.66666 * sample_value / 1024 => 137500 * sample_value / 1024\r |
| 122 | \r |
| 123 | New define BUTTON_PRESS() returns status of button\r |
| 124 | \r |
| 125 | armsrc/fpga.c\r |
| 126 | The current board can only take a X2S30 as there is no larger FPGA in PQFP100 package and\r |
| 127 | the smaller X2S15 FPGA can't fit the current code. The X2S30 FPGA config is fixed at 336,768 bits\r |
| 128 | The FPGA code base address and length is hard coded to occupy FLASH region 0x2000 - 0xC470.\r |
| 129 | \r |
| 130 | armsrc/ldscript-fpga\r |
| 131 | New file to place the FPGA code at FLASH address 0x2000\r |
| 132 | \r |
| 133 | bootrom/Makefile\r |
| 134 | Slight changes, commented out the generation of byteswapped S file, the other S files are generated in the same section of the makefile now.\r |
| 135 | \r |
| 136 | bootrom/bootrom.c\r |
| 137 | Changed some thumb code with a one line ARM code which is clearer and more explicit. Processor runs in ARM mode at reset anyway.\r |
| 138 | Changed jump to RAM address, used to jump to 0x2000 (now FPGA area), now jumps to 0x10000.\r |
| 139 | \r |
| 140 | bootrom/flash-reset.s\r |
| 141 | Changed name of CMain to CopyBootToRAM. Streamlined reset code, fixed up stack pointer initialization.\r |
| 142 | \r |
| 143 | bootrom/fromflash.c\r |
| 144 | Removed the whole section of initializing clocks, this is redundant as it's being done once we jump to boot code in RAM\r |
| 145 | All fromflash.c does now is copy the boot code to ram and jumps to it.\r |
| 146 | \r |
| 147 | bootrom/ram-reset.s\r |
| 148 | Fixed up stack pointer initialization that caused crash when using "loread"\r |
| 149 | \r |
| 150 | include/at91sam7s128.h\r |
| 151 | New defines for debug register, lets you identify what processor flavour the code runs on, RAM and FLASH sizes, etc.\r |
| 152 | \r |
| 153 | include/proxmark3.h\r |
| 154 | New useful defines for relay and button\r |
| 155 | \r |
| 156 | winsrc/Makefile\r |
| 157 | Added new define /D_CRT_SECURE_NO_WARNINGS to elliminate a _whole bunch_ of bogus compilation warnings\r |
| 158 | \r |
| 159 | winsrc/command.cpp\r |
| 160 | Changed CmdLosamples to take a numeric argument (number of samples x4 to retrieve from buffer)\r |
| 161 | New command Quit to exit the program from the GUI command prompt.\r |
| 162 | \r |
| 163 | winsrc/gui.cpp\r |
| 164 | Fixup compilation warnings.\r |
| 165 | \r |
| 166 | winsrc/prox.cpp\r |
| 167 | Tidy up printing to stdout, flashing progress now updates on the same line instead of scrolling up.\r |
| 168 | New command line parameter to load FPGA image to FLASH.\r |
projects / proxmark3-svn / blame