--- /dev/null
+//-----------------------------------------------------------------------------\r
+// Pretend to be an ISO 14443 tag. We will do this by alternately short-\r
+// circuiting and open-circuiting the antenna coil, with the tri-state\r
+// pins. \r
+//\r
+// We communicate over the SSP, as a bitstream (i.e., might as well be\r
+// unframed, though we still generate the word sync signal). The output\r
+// (ARM -> FPGA) tells us whether to modulate or not. The input (FPGA\r
+// -> ARM) is us using the A/D as a fancy comparator; this is with\r
+// (software-added) hysteresis, to undo the high-pass filter.\r
+//\r
+// At this point only Type A is implemented. This means that we are using a\r
+// bit rate of 106 kbit/s, or fc/128. Oversample by 4, which ought to make\r
+// things practical for the ARM (fc/32, 423.8 kbits/s, ~50 kbytes/s)\r
+//\r
+// Jonathan Westhues, October 2006\r
+//-----------------------------------------------------------------------------\r
+\r
+module hi_simulate(\r
+ pck0, ck_1356meg, ck_1356megb,\r
+ pwr_lo, pwr_hi, pwr_oe1, pwr_oe2, pwr_oe3, pwr_oe4,\r
+ adc_d, adc_clk,\r
+ ssp_frame, ssp_din, ssp_dout, ssp_clk,\r
+ cross_hi, cross_lo,\r
+ dbg,\r
+ mod_type\r
+);\r
+ input pck0, ck_1356meg, ck_1356megb;\r
+ output pwr_lo, pwr_hi, pwr_oe1, pwr_oe2, pwr_oe3, pwr_oe4;\r
+ input [7:0] adc_d;\r
+ output adc_clk;\r
+ input ssp_dout;\r
+ output ssp_frame, ssp_din, ssp_clk;\r
+ input cross_hi, cross_lo;\r
+ output dbg;\r
+ input [2:0] mod_type;\r
+\r
+// Power amp goes between LOW and tri-state, so pwr_hi (and pwr_lo) can\r
+// always be low.\r
+assign pwr_hi = 1'b0;\r
+assign pwr_lo = 1'b0;\r
+\r
+// The comparator with hysteresis on the output from the peak detector.\r
+reg after_hysteresis;\r
+assign adc_clk = ck_1356meg;\r
+\r
+always @(negedge adc_clk)\r
+begin\r
+ if(& adc_d[7:5]) after_hysteresis = 1'b1;\r
+ else if(~(| adc_d[7:5])) after_hysteresis = 1'b0;\r
+end\r
+\r
+// Divide 13.56 MHz by 32 to produce the SSP_CLK\r
+reg [4:0] ssp_clk_divider;\r
+always @(posedge adc_clk)\r
+ ssp_clk_divider <= (ssp_clk_divider + 1);\r
+assign ssp_clk = ssp_clk_divider[4];\r
+\r
+// Divide SSP_CLK by 8 to produce the byte framing signal; the phase of\r
+// this is arbitrary, because it's just a bitstream.\r
+// One nasty issue, though: I can't make it work with both rx and tx at\r
+// once. The phase wrt ssp_clk must be changed. TODO to find out why\r
+// that is and make a better fix.\r
+reg [2:0] ssp_frame_divider_to_arm;\r
+always @(posedge ssp_clk)\r
+ ssp_frame_divider_to_arm <= (ssp_frame_divider_to_arm + 1);\r
+reg [2:0] ssp_frame_divider_from_arm;\r
+always @(negedge ssp_clk)\r
+ ssp_frame_divider_from_arm <= (ssp_frame_divider_from_arm + 1);\r
+\r
+reg ssp_frame;\r
+always @(ssp_frame_divider_to_arm or ssp_frame_divider_from_arm or mod_type)\r
+ if(mod_type == 3'b000) // not modulating, so listening, to ARM\r
+ ssp_frame = (ssp_frame_divider_to_arm == 3'b000);\r
+ else\r
+ ssp_frame = (ssp_frame_divider_from_arm == 3'b000);\r
+\r
+// Synchronize up the after-hysteresis signal, to produce DIN.\r
+reg ssp_din;\r
+always @(posedge ssp_clk)\r
+ ssp_din = after_hysteresis;\r
+\r
+// Modulating carrier frequency is fc/16, reuse ssp_clk divider for that\r
+reg modulating_carrier;\r
+always @(mod_type or ssp_clk or ssp_dout)\r
+ if(mod_type == 3'b000)\r
+ modulating_carrier <= 1'b0; // no modulation\r
+ else if(mod_type == 3'b001)\r
+ modulating_carrier <= ssp_dout ^ ssp_clk_divider[3]; // XOR means BPSK\r
+ else\r
+ modulating_carrier <= 1'b0; // yet unused\r
+\r
+// This one is all LF, so doesn't matter\r
+assign pwr_oe2 = modulating_carrier;\r
+\r
+// Toggle only one of these, since we are already producing much deeper\r
+// modulation than a real tag would.\r
+assign pwr_oe1 = modulating_carrier;\r
+assign pwr_oe4 = modulating_carrier;\r
+\r
+// This one is always on, so that we can watch the carrier.\r
+assign pwr_oe3 = 1'b0;\r
+\r
+assign dbg = after_hysteresis;\r
+\r
+endmodule\r
projects / proxmark3-svn / blobdiff