]> git.zerfleddert.de Git - proxmark3-svn/blob - fpga/hi_simulate.v
d0a711764abea2a729c3b2fb40d3bd3586fdff1d
[proxmark3-svn] / fpga / hi_simulate.v
1 //-----------------------------------------------------------------------------
2 // Pretend to be an ISO 14443 tag. We will do this by alternately short-
3 // circuiting and open-circuiting the antenna coil, with the tri-state
4 // pins.
5 //
6 // We communicate over the SSP, as a bitstream (i.e., might as well be
7 // unframed, though we still generate the word sync signal). The output
8 // (ARM -> FPGA) tells us whether to modulate or not. The input (FPGA
9 // -> ARM) is us using the A/D as a fancy comparator; this is with
10 // (software-added) hysteresis, to undo the high-pass filter.
11 //
12 // At this point only Type A is implemented. This means that we are using a
13 // bit rate of 106 kbit/s, or fc/128. Oversample by 4, which ought to make
14 // things practical for the ARM (fc/32, 423.8 kbits/s, ~50 kbytes/s)
15 //
16 // Jonathan Westhues, October 2006
17 //-----------------------------------------------------------------------------
18
19 module hi_simulate(
20 pck0, ck_1356meg, ck_1356megb,
21 pwr_lo, pwr_hi, pwr_oe1, pwr_oe2, pwr_oe3, pwr_oe4,
22 adc_d, adc_clk,
23 ssp_frame, ssp_din, ssp_dout, ssp_clk,
24 cross_hi, cross_lo,
25 dbg,
26 mod_type
27 );
28 input pck0, ck_1356meg, ck_1356megb;
29 output pwr_lo, pwr_hi, pwr_oe1, pwr_oe2, pwr_oe3, pwr_oe4;
30 input [7:0] adc_d;
31 output adc_clk;
32 input ssp_dout;
33 output ssp_frame, ssp_din, ssp_clk;
34 input cross_hi, cross_lo;
35 output dbg;
36 input [2:0] mod_type;
37
38 // Power amp goes between LOW and tri-state, so pwr_hi (and pwr_lo) can
39 // always be low.
40 assign pwr_hi = 1'b0;
41 assign pwr_lo = 1'b0;
42
43 // The comparator with hysteresis on the output from the peak detector.
44 reg after_hysteresis;
45 assign adc_clk = ck_1356meg;
46
47 always @(negedge adc_clk)
48 begin
49 if(& adc_d[7:5]) after_hysteresis = 1'b1;
50 else if(~(| adc_d[7:5])) after_hysteresis = 1'b0;
51 end
52
53 // Divide 13.56 MHz by 32 to produce the SSP_CLK
54 reg [4:0] ssp_clk_divider;
55 always @(posedge adc_clk)
56 ssp_clk_divider <= (ssp_clk_divider + 1);
57 assign ssp_clk = ssp_clk_divider[4];
58
59 // Divide SSP_CLK by 8 to produce the byte framing signal; the phase of
60 // this is arbitrary, because it's just a bitstream.
61 // One nasty issue, though: I can't make it work with both rx and tx at
62 // once. The phase wrt ssp_clk must be changed. TODO to find out why
63 // that is and make a better fix.
64 reg [2:0] ssp_frame_divider_to_arm;
65 always @(posedge ssp_clk)
66 ssp_frame_divider_to_arm <= (ssp_frame_divider_to_arm + 1);
67 reg [2:0] ssp_frame_divider_from_arm;
68 always @(negedge ssp_clk)
69 ssp_frame_divider_from_arm <= (ssp_frame_divider_from_arm + 1);
70
71 reg ssp_frame;
72 always @(ssp_frame_divider_to_arm or ssp_frame_divider_from_arm or mod_type)
73 if(mod_type == 3'b000) // not modulating, so listening, to ARM
74 ssp_frame = (ssp_frame_divider_to_arm == 3'b000);
75 else
76 ssp_frame = (ssp_frame_divider_from_arm == 3'b000);
77
78 // Synchronize up the after-hysteresis signal, to produce DIN.
79 reg ssp_din;
80 always @(posedge ssp_clk)
81 ssp_din = after_hysteresis;
82
83 // Modulating carrier frequency is fc/16, reuse ssp_clk divider for that
84 reg modulating_carrier;
85 always @(mod_type or ssp_clk or ssp_dout)
86 if(mod_type == 3'b000)
87 modulating_carrier <= 1'b0; // no modulation
88 else if(mod_type == 3'b001)
89 modulating_carrier <= ssp_dout ^ ssp_clk_divider[3]; // XOR means BPSK
90 else
91 modulating_carrier <= 1'b0; // yet unused
92
93 // This one is all LF, so doesn't matter
94 assign pwr_oe2 = modulating_carrier;
95
96 // Toggle only one of these, since we are already producing much deeper
97 // modulation than a real tag would.
98 assign pwr_oe1 = modulating_carrier;
99 assign pwr_oe4 = modulating_carrier;
100
101 // This one is always on, so that we can watch the carrier.
102 assign pwr_oe3 = 1'b0;
103
104 assign dbg = after_hysteresis;
105
106 endmodule
Impressum, Datenschutz