Proxmark/proxmark3
1
1
Fork 0
mirror of https://github.com/Proxmark/proxmark3.git synced 2024-11-11 09:59:45 +08:00
Code Issues Projects Releases Packages Wiki Activity
proxmark3/doc/CHANGES.TXT
edouard@lafargue.name 30f2a7d38f Added LF frequency adjustments from d18c7db, cleaned up code, 
typo fixes in iso14443a code, added the missing "tools" directory,
added initial elements for online/offline detection for commands.
2009-04-15 08:09:06 +00:00

189 lines
9.2 KiB
Text
Raw Blame History

################
## 2009/04/09 ##
################
winsrc/gui.cpp
Changes to PaintGraph to create X axis labels that are snapped to a power of two (useful when analysing low freq tags
with cycle times that are a power of two). Also small changes to keep the X axis labels fixed within the graph window
as the width of the graph window is resized.
armsrc/apps.h
New defines for FPGA commands FPGA_CMD_SET_CONFREG, FPGA_CMD_SET_DIVISOR_REG
armsrc/appmain.c
armsrc/fpga.c
FpgaWriteConfWord(data) is now a special case of FpgaSendCommand(FPGA_CMD_SET_CONFREG, data) to avoid changing every
source file containing FpgaWriteConfWord()
fpga/fpga.v
Changes to the serial conf word, now takes a 4 bit command and 12 bit data code
fpga/lo_read.v
Significant changes to lo_read, it now can be configured with a divisor value to produce a configurable drive clock
for the antenna.
Recompiled FPGA code
################
## 2009/04/09 ##
################
Initial SVN commit plus:
- Added indala demodulation algorithm - full documentation on https://www.lafargue.name/proxmark3/
- losim should also be able to simulate an indala tag after indalademod
- offline mode for the proxmark3 CLI: if no Proxmark is detected, it will
still go on, but all commands requiring USB will fail (obviously).
A proper implementation would require only enabling offline commands
in this mode.
################
## 2009/03/28 ##
################
winsrc/command.cpp
Added two new LF commands for tag exploration :
- askdemod: takes 2 arguments, one is the clock rate, one is the modulation
convention (high mod is 1 or high mod is zero)
This command demodulates the stream into a binary stream into
the trace buffer (0's and 1's)
- mandemod: manchester decoding of a bitstream: takes a binary stream from
the trace buffer (see askdemod) and attempts to do manchester decoding
to it. One argument: clock rate. Outputs the bitstream to the scrollback buffer.
Those two helped me to validate that the unknown tag I had was indeed an EM4100 type of tag
################
## 2008/12/11 ##
################
bootrom/bootrom.c
Significant changes to bootloader. Use of Chip ID register to detect if running on a SAM7S512 then configure FLASH
waitstates as per SummoningDark's suggestion for a SAM7S512 or SAM7S256.
Deleted idle loops waiting blindly for clocks to settle and now using status registers to detect when clocks are stable.
*************************
* IMPORTANT INFORMATION *
**************************************************************************************************************************
* With this boot code, the device can now only be flashed if button is held down after power on or a software reset.
* The flash procedure is this:
* Hold down button. Either plug in USB or software reset it. _While_holding_down_button_ (red and yellow LEDs are lit) you can
* issue one or more of the "prox bootrom <file>" "prox fpga <file>" "prox load <file>", be sure to hold button down for the
* entire duration of the flash process. Only release the button when flashing is complete and you want to let the board boot.
* This process may be less convenient but it's safer and avoids "unintentional" flashing of the board.
**************************************************************************************************************************
LED boot sequence now changed, C (red) lights up when boot code jumps from flash to RAM boot code, A (yellow) lights up after
clocks have been initialized, B (green) lights up when jumping from boot code to main code, then D (red led away from the others)
lights up while code is being downloaded to FPGA, then all leds turn off and board is ready for action.
With these changes the board now boots and is ready to use in about 3 seconds. Also since the USB bus is not initialized
twice (once during boot, then again when the main code runs) unless the button is held down at boot, this seems to avoid
the double USB connect and "USB device not recognized" when device is connected to the USB bus or software reset.
################
## 2008/12/06 ##
################
armsrc/fpga.c
Implemented function SetupSpi() to initialize the Serial Peripheral Interface (SPI) in preparation to adding an LCD to the board.
Changed FpgaWriteConfWord() to use the SPI communication now instead of bit banging the serial data to the FPGA.
fpga/fpga.v
The FPGA config word serializer required non standard SPI communication (ie for shifting in a 8 bit word, it required a 9th clock
cycle with NCS high to load the word from the shift register to the conf register). This was OK for manually bitbanging it but not
suitable for using SPI comms. The serializer was fixed to load the conf word from the shift register on a NCS lo-hi transition and
not require additional clocking.
armsrc/fpgaimg.c
Recompiled FPGA code after changes above.
armsrc/LCD.c
LCD driver for PCF8833 based LCDs like those found on Nokia models 2600,2650,3100,3120,5140,6030,6100,6610,7210,7250 maybe
others. These color LCDs have a resolution of 132x132 and a serial interface. They are very cheap like even down to $2/pc
This LCD driver is a straight rip of that found at http://www.sparkfun.com/datasheets/LCD/Jimbo-Nokia-SAM7-Example.zip with
very small changes, mainly to integrate it and make it compile with our codebase. Also comented out the circle subroutines
to keep the code to integer math only.
armsrc/fonts.c
Font definition for LCD driver
armsrc/appmain.c
Fixed a small bug in CmdHIDdemodFSK (added case 4) which prevented reading some tags. When a logic 0 is immediately followed
by the start of the next transmisson (special pattern) a pattern of 4 bit duration lengths is created.
################
## 2008/11/27 ##
################
armsrc/appmain.c
Implemented an HID tag FSK demodulator (CmdHIDdemodFSK) to obtain the tag ID code from the raw sampled waveform.
Implemented CmdHIDsimTAG which takes a 44bit HID tag ID as a hex number then creates the waveform and simulates the tag
winsrc/command.cpp
Added command "hidfskdemod" that calls CmdHIDdemodFSK, the ARM FSK demodulator for HID tags.
include/usb-cmd.h
New defines CMD_HID_DEMOD_FSK and CMD_HID_SIM_TAG
2008/11/25
common/iso14443_crc.c
Moved CRC calculation code into this file as it's common to both ARM and Windows side. This file is now included as needed.
################
## 2008/11/21 ##
################
armsrc/Makefile
Changes to split up the compilation of the ARM and produce separate S files for the FPGA code and the ARM code.
armsrc/appmain.c
Replaced some of the hex value params in FpgaWriteConfWord with more explanatory defines.
Changes to the Tune command as it assumes wrong HF capacitor value (130pF) and produces wrong voltage readings.
Combined some of the integer arithmetic statements to improve accuracy slightly, since the voltage divider ratio is not an integer.
Voltage divider resistor network is 10M/240k = ratio of 41.6666
Originally the calculation was rounding the ratio down to 41
3300 (mV) * 41 * sample_value / 1024
New calculation without rounding error is
3300 (mV) * 41.66666 * sample_value / 1024 => 137500 * sample_value / 1024
New define BUTTON_PRESS() returns status of button
armsrc/fpga.c
The current board can only take a X2S30 as there is no larger FPGA in PQFP100 package and
the smaller X2S15 FPGA can't fit the current code. The X2S30 FPGA config is fixed at 336,768 bits
The FPGA code base address and length is hard coded to occupy FLASH region 0x2000 - 0xC470.
armsrc/ldscript-fpga
New file to place the FPGA code at FLASH address 0x2000
bootrom/Makefile
Slight changes, commented out the generation of byteswapped S file, the other S files are generated in the same section of the makefile now.
bootrom/bootrom.c
Changed some thumb code with a one line ARM code which is clearer and more explicit. Processor runs in ARM mode at reset anyway.
Changed jump to RAM address, used to jump to 0x2000 (now FPGA area), now jumps to 0x10000.
bootrom/flash-reset.s
Changed name of CMain to CopyBootToRAM. Streamlined reset code, fixed up stack pointer initialization.
bootrom/fromflash.c
Removed the whole section of initializing clocks, this is redundant as it's being done once we jump to boot code in RAM
All fromflash.c does now is copy the boot code to ram and jumps to it.
bootrom/ram-reset.s
Fixed up stack pointer initialization that caused crash when using "loread"
include/at91sam7s128.h
New defines for debug register, lets you identify what processor flavour the code runs on, RAM and FLASH sizes, etc.
include/proxmark3.h
New useful defines for relay and button
winsrc/Makefile
Added new define /D_CRT_SECURE_NO_WARNINGS to elliminate a _whole bunch_ of bogus compilation warnings
winsrc/command.cpp
Changed CmdLosamples to take a numeric argument (number of samples x4 to retrieve from buffer)
New command Quit to exit the program from the GUI command prompt.
winsrc/gui.cpp
Fixup compilation warnings.
winsrc/prox.cpp
Tidy up printing to stdout, flashing progress now updates on the same line instead of scrolling up.
New command line parameter to load FPGA image to FLASH.
Reference in a new issue View git blame Copy permalink