5 Initial SVN commit plus:
6 - Added indala demodulation algorithm - full documentation on https://www.lafargue.name/proxmark3/
7 - losim should also be able to simulate an indala tag after indalademod
8 - offline mode for the proxmark3 CLI: if no Proxmark is detected, it will
9 still go on, but all commands requiring USB will fail (obviously).
10 A proper implementation would require only enabling offline commands
18 Added two new LF commands for tag exploration :
20 - askdemod: takes 2 arguments, one is the clock rate, one is the modulation
21 convention (high mod is 1 or high mod is zero)
23 This command demodulates the stream into a binary stream into
24 the trace buffer (0's and 1's)
26 - mandemod: manchester decoding of a bitstream: takes a binary stream from
27 the trace buffer (see askdemod) and attempts to do manchester decoding
28 to it. One argument: clock rate. Outputs the bitstream to the scrollback buffer.
30 Those two helped me to validate that the unknown tag I had was indeed an EM4100 type of tag
37 Significant changes to bootloader. Use of Chip ID register to detect if running on a SAM7S512 then configure FLASH
38 waitstates as per SummoningDark's suggestion for a SAM7S512 or SAM7S256.
39 Deleted idle loops waiting blindly for clocks to settle and now using status registers to detect when clocks are stable.
41 *************************
42 * IMPORTANT INFORMATION *
43 **************************************************************************************************************************
44 * With this boot code, the device can now only be flashed if button is held down after power on or a software reset.
45 * The flash procedure is this:
46 * Hold down button. Either plug in USB or software reset it. _While_holding_down_button_ (red and yellow LEDs are lit) you can
47 * issue one or more of the "prox bootrom <file>" "prox fpga <file>" "prox load <file>", be sure to hold button down for the
48 * entire duration of the flash process. Only release the button when flashing is complete and you want to let the board boot.
49 * This process may be less convenient but it's safer and avoids "unintentional" flashing of the board.
50 **************************************************************************************************************************
51 LED boot sequence now changed, C (red) lights up when boot code jumps from flash to RAM boot code, A (yellow) lights up after
52 clocks have been initialized, B (green) lights up when jumping from boot code to main code, then D (red led away from the others)
53 lights up while code is being downloaded to FPGA, then all leds turn off and board is ready for action.
55 With these changes the board now boots and is ready to use in about 3 seconds. Also since the USB bus is not initialized
56 twice (once during boot, then again when the main code runs) unless the button is held down at boot, this seems to avoid
57 the double USB connect and "USB device not recognized" when device is connected to the USB bus or software reset.
63 Implemented function SetupSpi() to initialize the Serial Peripheral Interface (SPI) in preparation to adding an LCD to the board.
64 Changed FpgaWriteConfWord() to use the SPI communication now instead of bit banging the serial data to the FPGA.
67 The FPGA config word serializer required non standard SPI communication (ie for shifting in a 8 bit word, it required a 9th clock
68 cycle with NCS high to load the word from the shift register to the conf register). This was OK for manually bitbanging it but not
69 suitable for using SPI comms. The serializer was fixed to load the conf word from the shift register on a NCS lo-hi transition and
70 not require additional clocking.
73 Recompiled FPGA code after changes above.
76 LCD driver for PCF8833 based LCDs like those found on Nokia models 2600,2650,3100,3120,5140,6030,6100,6610,7210,7250 maybe
77 others. These color LCDs have a resolution of 132x132 and a serial interface. They are very cheap like even down to $2/pc
78 This LCD driver is a straight rip of that found at http://www.sparkfun.com/datasheets/LCD/Jimbo-Nokia-SAM7-Example.zip with
79 very small changes, mainly to integrate it and make it compile with our codebase. Also comented out the circle subroutines
80 to keep the code to integer math only.
83 Font definition for LCD driver
86 Fixed a small bug in CmdHIDdemodFSK (added case 4) which prevented reading some tags. When a logic 0 is immediately followed
87 by the start of the next transmisson (special pattern) a pattern of 4 bit duration lengths is created.
93 Implemented an HID tag FSK demodulator (CmdHIDdemodFSK) to obtain the tag ID code from the raw sampled waveform.
94 Implemented CmdHIDsimTAG which takes a 44bit HID tag ID as a hex number then creates the waveform and simulates the tag
97 Added command "hidfskdemod" that calls CmdHIDdemodFSK, the ARM FSK demodulator for HID tags.
100 New defines CMD_HID_DEMOD_FSK and CMD_HID_SIM_TAG
103 common/iso14443_crc.c
104 Moved CRC calculation code into this file as it's common to both ARM and Windows side. This file is now included as needed.
110 Changes to split up the compilation of the ARM and produce separate S files for the FPGA code and the ARM code.
113 Replaced some of the hex value params in FpgaWriteConfWord with more explanatory defines.
114 Changes to the Tune command as it assumes wrong HF capacitor value (130pF) and produces wrong voltage readings.
115 Combined some of the integer arithmetic statements to improve accuracy slightly, since the voltage divider ratio is not an integer.
116 Voltage divider resistor network is 10M/240k = ratio of 41.6666
118 Originally the calculation was rounding the ratio down to 41
119 3300 (mV) * 41 * sample_value / 1024
120 New calculation without rounding error is
121 3300 (mV) * 41.66666 * sample_value / 1024 => 137500 * sample_value / 1024
123 New define BUTTON_PRESS() returns status of button
126 The current board can only take a X2S30 as there is no larger FPGA in PQFP100 package and
127 the smaller X2S15 FPGA can't fit the current code. The X2S30 FPGA config is fixed at 336,768 bits
128 The FPGA code base address and length is hard coded to occupy FLASH region 0x2000 - 0xC470.
131 New file to place the FPGA code at FLASH address 0x2000
134 Slight changes, commented out the generation of byteswapped S file, the other S files are generated in the same section of the makefile now.
137 Changed some thumb code with a one line ARM code which is clearer and more explicit. Processor runs in ARM mode at reset anyway.
138 Changed jump to RAM address, used to jump to 0x2000 (now FPGA area), now jumps to 0x10000.
140 bootrom/flash-reset.s
141 Changed name of CMain to CopyBootToRAM. Streamlined reset code, fixed up stack pointer initialization.
144 Removed the whole section of initializing clocks, this is redundant as it's being done once we jump to boot code in RAM
145 All fromflash.c does now is copy the boot code to ram and jumps to it.
148 Fixed up stack pointer initialization that caused crash when using "loread"
150 include/at91sam7s128.h
151 New defines for debug register, lets you identify what processor flavour the code runs on, RAM and FLASH sizes, etc.
154 New useful defines for relay and button
157 Added new define /D_CRT_SECURE_NO_WARNINGS to elliminate a _whole bunch_ of bogus compilation warnings
160 Changed CmdLosamples to take a numeric argument (number of samples x4 to retrieve from buffer)
161 New command Quit to exit the program from the GUI command prompt.
164 Fixup compilation warnings.
167 Tidy up printing to stdout, flashing progress now updates on the same line instead of scrolling up.
168 New command line parameter to load FPGA image to FLASH.
projects / proxmark3-svn / blob