]> git.zerfleddert.de Git - proxmark3-svn/blob - doc/CHANGES.TXT
tool to find UIDs in bitstream
[proxmark3-svn] / doc / CHANGES.TXT
1 ################
2 ## 2009/04/09 ##
3 ################
4 winsrc/gui.cpp
5 Changes to PaintGraph to create X axis labels that are snapped to a power of two (useful when analysing low freq tags
6 with cycle times that are a power of two). Also small changes to keep the X axis labels fixed within the graph window
7 as the width of the graph window is resized.
8 armsrc/apps.h
9 New defines for FPGA commands FPGA_CMD_SET_CONFREG, FPGA_CMD_SET_DIVISOR_REG
10 armsrc/appmain.c
11
12 armsrc/fpga.c
13 FpgaWriteConfWord(data) is now a special case of FpgaSendCommand(FPGA_CMD_SET_CONFREG, data) to avoid changing every
14 source file containing FpgaWriteConfWord()
15 fpga/fpga.v
16 Changes to the serial conf word, now takes a 4 bit command and 12 bit data code
17 fpga/lo_read.v
18 Significant changes to lo_read, it now can be configured with a divisor value to produce a configurable drive clock
19 for the antenna.
20 Recompiled FPGA code
21
22 ################
23 ## 2009/04/09 ##
24 ################
25
26 Initial SVN commit plus:
27 - Added indala demodulation algorithm - full documentation on https://www.lafargue.name/proxmark3/
28 - losim should also be able to simulate an indala tag after indalademod
29 - offline mode for the proxmark3 CLI: if no Proxmark is detected, it will
30 still go on, but all commands requiring USB will fail (obviously).
31 A proper implementation would require only enabling offline commands
32 in this mode.
33
34
35 ################
36 ## 2009/03/28 ##
37 ################
38 winsrc/command.cpp
39 Added two new LF commands for tag exploration :
40
41 - askdemod: takes 2 arguments, one is the clock rate, one is the modulation
42 convention (high mod is 1 or high mod is zero)
43
44 This command demodulates the stream into a binary stream into
45 the trace buffer (0's and 1's)
46
47 - mandemod: manchester decoding of a bitstream: takes a binary stream from
48 the trace buffer (see askdemod) and attempts to do manchester decoding
49 to it. One argument: clock rate. Outputs the bitstream to the scrollback buffer.
50
51 Those two helped me to validate that the unknown tag I had was indeed an EM4100 type of tag
52
53
54 ################
55 ## 2008/12/11 ##
56 ################
57 bootrom/bootrom.c
58 Significant changes to bootloader. Use of Chip ID register to detect if running on a SAM7S512 then configure FLASH
59 waitstates as per SummoningDark's suggestion for a SAM7S512 or SAM7S256.
60 Deleted idle loops waiting blindly for clocks to settle and now using status registers to detect when clocks are stable.
61
62 *************************
63 * IMPORTANT INFORMATION *
64 **************************************************************************************************************************
65 * With this boot code, the device can now only be flashed if button is held down after power on or a software reset.
66 * The flash procedure is this:
67 * Hold down button. Either plug in USB or software reset it. _While_holding_down_button_ (red and yellow LEDs are lit) you can
68 * issue one or more of the "prox bootrom <file>" "prox fpga <file>" "prox load <file>", be sure to hold button down for the
69 * entire duration of the flash process. Only release the button when flashing is complete and you want to let the board boot.
70 * This process may be less convenient but it's safer and avoids "unintentional" flashing of the board.
71 **************************************************************************************************************************
72 LED boot sequence now changed, C (red) lights up when boot code jumps from flash to RAM boot code, A (yellow) lights up after
73 clocks have been initialized, B (green) lights up when jumping from boot code to main code, then D (red led away from the others)
74 lights up while code is being downloaded to FPGA, then all leds turn off and board is ready for action.
75
76 With these changes the board now boots and is ready to use in about 3 seconds. Also since the USB bus is not initialized
77 twice (once during boot, then again when the main code runs) unless the button is held down at boot, this seems to avoid
78 the double USB connect and "USB device not recognized" when device is connected to the USB bus or software reset.
79
80 ################
81 ## 2008/12/06 ##
82 ################
83 armsrc/fpga.c
84 Implemented function SetupSpi() to initialize the Serial Peripheral Interface (SPI) in preparation to adding an LCD to the board.
85 Changed FpgaWriteConfWord() to use the SPI communication now instead of bit banging the serial data to the FPGA.
86
87 fpga/fpga.v
88 The FPGA config word serializer required non standard SPI communication (ie for shifting in a 8 bit word, it required a 9th clock
89 cycle with NCS high to load the word from the shift register to the conf register). This was OK for manually bitbanging it but not
90 suitable for using SPI comms. The serializer was fixed to load the conf word from the shift register on a NCS lo-hi transition and
91 not require additional clocking.
92
93 armsrc/fpgaimg.c
94 Recompiled FPGA code after changes above.
95
96 armsrc/LCD.c
97 LCD driver for PCF8833 based LCDs like those found on Nokia models 2600,2650,3100,3120,5140,6030,6100,6610,7210,7250 maybe
98 others. These color LCDs have a resolution of 132x132 and a serial interface. They are very cheap like even down to $2/pc
99 This LCD driver is a straight rip of that found at http://www.sparkfun.com/datasheets/LCD/Jimbo-Nokia-SAM7-Example.zip with
100 very small changes, mainly to integrate it and make it compile with our codebase. Also comented out the circle subroutines
101 to keep the code to integer math only.
102
103 armsrc/fonts.c
104 Font definition for LCD driver
105
106 armsrc/appmain.c
107 Fixed a small bug in CmdHIDdemodFSK (added case 4) which prevented reading some tags. When a logic 0 is immediately followed
108 by the start of the next transmisson (special pattern) a pattern of 4 bit duration lengths is created.
109
110 ################
111 ## 2008/11/27 ##
112 ################
113 armsrc/appmain.c
114 Implemented an HID tag FSK demodulator (CmdHIDdemodFSK) to obtain the tag ID code from the raw sampled waveform.
115 Implemented CmdHIDsimTAG which takes a 44bit HID tag ID as a hex number then creates the waveform and simulates the tag
116
117 winsrc/command.cpp
118 Added command "hidfskdemod" that calls CmdHIDdemodFSK, the ARM FSK demodulator for HID tags.
119
120 include/usb-cmd.h
121 New defines CMD_HID_DEMOD_FSK and CMD_HID_SIM_TAG
122
123 2008/11/25
124 common/iso14443_crc.c
125 Moved CRC calculation code into this file as it's common to both ARM and Windows side. This file is now included as needed.
126
127 ################
128 ## 2008/11/21 ##
129 ################
130 armsrc/Makefile
131 Changes to split up the compilation of the ARM and produce separate S files for the FPGA code and the ARM code.
132
133 armsrc/appmain.c
134 Replaced some of the hex value params in FpgaWriteConfWord with more explanatory defines.
135 Changes to the Tune command as it assumes wrong HF capacitor value (130pF) and produces wrong voltage readings.
136 Combined some of the integer arithmetic statements to improve accuracy slightly, since the voltage divider ratio is not an integer.
137 Voltage divider resistor network is 10M/240k = ratio of 41.6666
138
139 Originally the calculation was rounding the ratio down to 41
140 3300 (mV) * 41 * sample_value / 1024
141 New calculation without rounding error is
142 3300 (mV) * 41.66666 * sample_value / 1024 => 137500 * sample_value / 1024
143
144 New define BUTTON_PRESS() returns status of button
145
146 armsrc/fpga.c
147 The current board can only take a X2S30 as there is no larger FPGA in PQFP100 package and
148 the smaller X2S15 FPGA can't fit the current code. The X2S30 FPGA config is fixed at 336,768 bits
149 The FPGA code base address and length is hard coded to occupy FLASH region 0x2000 - 0xC470.
150
151 armsrc/ldscript-fpga
152 New file to place the FPGA code at FLASH address 0x2000
153
154 bootrom/Makefile
155 Slight changes, commented out the generation of byteswapped S file, the other S files are generated in the same section of the makefile now.
156
157 bootrom/bootrom.c
158 Changed some thumb code with a one line ARM code which is clearer and more explicit. Processor runs in ARM mode at reset anyway.
159 Changed jump to RAM address, used to jump to 0x2000 (now FPGA area), now jumps to 0x10000.
160
161 bootrom/flash-reset.s
162 Changed name of CMain to CopyBootToRAM. Streamlined reset code, fixed up stack pointer initialization.
163
164 bootrom/fromflash.c
165 Removed the whole section of initializing clocks, this is redundant as it's being done once we jump to boot code in RAM
166 All fromflash.c does now is copy the boot code to ram and jumps to it.
167
168 bootrom/ram-reset.s
169 Fixed up stack pointer initialization that caused crash when using "loread"
170
171 include/at91sam7s128.h
172 New defines for debug register, lets you identify what processor flavour the code runs on, RAM and FLASH sizes, etc.
173
174 include/proxmark3.h
175 New useful defines for relay and button
176
177 winsrc/Makefile
178 Added new define /D_CRT_SECURE_NO_WARNINGS to elliminate a _whole bunch_ of bogus compilation warnings
179
180 winsrc/command.cpp
181 Changed CmdLosamples to take a numeric argument (number of samples x4 to retrieve from buffer)
182 New command Quit to exit the program from the GUI command prompt.
183
184 winsrc/gui.cpp
185 Fixup compilation warnings.
186
187 winsrc/prox.cpp
188 Tidy up printing to stdout, flashing progress now updates on the same line instead of scrolling up.
189 New command line parameter to load FPGA image to FLASH.
Impressum, Datenschutz