From: henryk@ploetzli.ch Date: Wed, 9 Dec 2009 02:31:01 +0000 (+0000) Subject: Add capability to correlate against subcarriers of 212kHz (argument FPGA_HF_READER_RX... X-Git-Tag: v1.0.0~447 X-Git-Url: http://git.zerfleddert.de/cgi-bin/gitweb.cgi/proxmark3-svn/commitdiff_plain/8d40aba58b77f348786e55f7ade2ae2d3e117fcc Add capability to correlate against subcarriers of 212kHz (argument FPGA_HF_READER_RX_XCORR_QUARTER_FREQ | FPGA_HF_READER_RX_XCORR_848_KHZ) and 106kHz (argument FPGA_HF_READER_RX_XCORR_QUARTER_FREQ) --- diff --git a/armsrc/apps.h b/armsrc/apps.h index 43324a5b..d90d595a 100644 --- a/armsrc/apps.h +++ b/armsrc/apps.h @@ -53,6 +53,7 @@ void SetAdcMuxFor(DWORD whichGpio); // Options for the HF reader, correlating against rx from tag #define FPGA_HF_READER_RX_XCORR_848_KHZ (1<<0) #define FPGA_HF_READER_RX_XCORR_SNOOP (1<<1) +#define FPGA_HF_READER_RX_XCORR_QUARTER_FREQ (1<<2) // Options for the HF simulated tag, how to modulate #define FPGA_HF_SIMULATOR_NO_MODULATION (0<<0) #define FPGA_HF_SIMULATOR_MODULATE_BPSK (1<<0) diff --git a/fpga/fpga.bit b/fpga/fpga.bit index 5e8ca76b..4e65514d 100644 Binary files a/fpga/fpga.bit and b/fpga/fpga.bit differ diff --git a/fpga/fpga.v b/fpga/fpga.v index b22c9d5c..c39109f9 100644 --- a/fpga/fpga.v +++ b/fpga/fpga.v @@ -103,6 +103,10 @@ assign hi_read_rx_xcorr_848 = conf_word[0]; wire hi_read_rx_xcorr_snoop; assign hi_read_rx_xcorr_snoop = conf_word[1]; +// Divide the expected subcarrier frequency for hi_read_rx_xcorr by 4 +wire hi_read_rx_xcorr_quarter; +assign hi_read_rx_xcorr_quarter = conf_word[2]; + // For the high-frequency simulated tag: what kind of modulation to use. wire [2:0] hi_simulate_mod_type; assign hi_simulate_mod_type = conf_word[2:0]; @@ -158,7 +162,7 @@ hi_read_rx_xcorr hrxc( hrxc_ssp_frame, hrxc_ssp_din, ssp_dout, hrxc_ssp_clk, cross_hi, cross_lo, hrxc_dbg, - hi_read_rx_xcorr_848, hi_read_rx_xcorr_snoop + hi_read_rx_xcorr_848, hi_read_rx_xcorr_snoop, hi_read_rx_xcorr_quarter ); hi_simulate hs( diff --git a/fpga/hi_read_rx_xcorr.v b/fpga/hi_read_rx_xcorr.v index 253f5080..9d012f42 100644 --- a/fpga/hi_read_rx_xcorr.v +++ b/fpga/hi_read_rx_xcorr.v @@ -10,7 +10,7 @@ module hi_read_rx_xcorr( ssp_frame, ssp_din, ssp_dout, ssp_clk, cross_hi, cross_lo, dbg, - xcorr_is_848, snoop + xcorr_is_848, snoop, xcorr_quarter_freq ); input pck0, ck_1356meg, ck_1356megb; output pwr_lo, pwr_hi, pwr_oe1, pwr_oe2, pwr_oe3, pwr_oe4; @@ -20,7 +20,7 @@ module hi_read_rx_xcorr( output ssp_frame, ssp_din, ssp_clk; input cross_hi, cross_lo; output dbg; - input xcorr_is_848, snoop; + input xcorr_is_848, snoop, xcorr_quarter_freq; // Carrier is steady on through this, unless we're snooping. assign pwr_hi = ck_1356megb & (~snoop); @@ -36,17 +36,37 @@ reg fc_div_2; always @(posedge ck_1356meg) fc_div_2 = ~fc_div_2; +reg fc_div_4; +always @(posedge fc_div_2) + fc_div_4 = ~fc_div_4; + +reg fc_div_8; +always @(posedge fc_div_4) + fc_div_8 = ~fc_div_8; + reg adc_clk; -always @(xcorr_is_848 or fc_div_2 or ck_1356meg) - if(xcorr_is_848) - // The subcarrier frequency is fc/16; we will sample at fc, so that - // means the subcarrier is 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 1 1 ... - adc_clk <= ck_1356meg; +always @(xcorr_is_848 or xcorr_quarter_freq or ck_1356meg) + if(~xcorr_quarter_freq) + begin + if(xcorr_is_848) + // The subcarrier frequency is fc/16; we will sample at fc, so that + // means the subcarrier is 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 1 1 ... + adc_clk <= ck_1356meg; + else + // The subcarrier frequency is fc/32; we will sample at fc/2, and + // the subcarrier will look identical. + adc_clk <= fc_div_2; + end else - // The subcarrier frequency is fc/32; we will sample at fc/2, and - // the subcarrier will look identical. - adc_clk <= fc_div_2; + begin + if(xcorr_is_848) + // The subcarrier frequency is fc/64 + adc_clk <= fc_div_4; + else + // The subcarrier frequency is fc/128 + adc_clk <= fc_div_8; + end // When we're a reader, we just need to do the BPSK demod; but when we're an // eavesdropper, we also need to pick out the commands sent by the reader,