mirror of
https://github.com/RfidResearchGroup/proxmark3.git
synced 2025-01-09 01:36:52 +08:00
6658905f18
It is identical to the popular 20081211, with the doob addition (20090301), a linux client, and two additional commands for LF analysis. Let me know if you find issues here!
155 lines
7.9 KiB
Text
155 lines
7.9 KiB
Text
################
|
|
## 2009/03/28 ##
|
|
################
|
|
winsrc/command.cpp
|
|
Added two new LF commands for tag exploration :
|
|
|
|
- askdemod: takes 2 arguments, one is the clock rate, one is the modulation
|
|
convention (high mod is 1 or high mod is zero)
|
|
|
|
This command demodulates the stream into a binary stream into
|
|
the trace buffer (0's and 1's)
|
|
|
|
- mandemod: manchester decoding of a bitstream: takes a binary stream from
|
|
the trace buffer (see askdemod) and attempts to do manchester decoding
|
|
to it. One argument: clock rate. Outputs the bitstream to the scrollback buffer.
|
|
|
|
Those two helped me to validate that the unknown tag I had was indeed an EM4100 type of tag
|
|
|
|
|
|
################
|
|
## 2008/12/11 ##
|
|
################
|
|
bootrom/bootrom.c
|
|
Significant changes to bootloader. Use of Chip ID register to detect if running on a SAM7S512 then configure FLASH
|
|
waitstates as per SummoningDark's suggestion for a SAM7S512 or SAM7S256.
|
|
Deleted idle loops waiting blindly for clocks to settle and now using status registers to detect when clocks are stable.
|
|
|
|
*************************
|
|
* IMPORTANT INFORMATION *
|
|
**************************************************************************************************************************
|
|
* With this boot code, the device can now only be flashed if button is held down after power on or a software reset.
|
|
* The flash procedure is this:
|
|
* Hold down button. Either plug in USB or software reset it. _While_holding_down_button_ (red and yellow LEDs are lit) you can
|
|
* issue one or more of the "prox bootrom <file>" "prox fpga <file>" "prox load <file>", be sure to hold button down for the
|
|
* entire duration of the flash process. Only release the button when flashing is complete and you want to let the board boot.
|
|
* This process may be less convenient but it's safer and avoids "unintentional" flashing of the board.
|
|
**************************************************************************************************************************
|
|
LED boot sequence now changed, C (red) lights up when boot code jumps from flash to RAM boot code, A (yellow) lights up after
|
|
clocks have been initialized, B (green) lights up when jumping from boot code to main code, then D (red led away from the others)
|
|
lights up while code is being downloaded to FPGA, then all leds turn off and board is ready for action.
|
|
|
|
With these changes the board now boots and is ready to use in about 3 seconds. Also since the USB bus is not initialized
|
|
twice (once during boot, then again when the main code runs) unless the button is held down at boot, this seems to avoid
|
|
the double USB connect and "USB device not recognized" when device is connected to the USB bus or software reset.
|
|
|
|
################
|
|
## 2008/12/06 ##
|
|
################
|
|
armsrc/fpga.c
|
|
Implemented function SetupSpi() to initialize the Serial Peripheral Interface (SPI) in preparation to adding an LCD to the board.
|
|
Changed FpgaWriteConfWord() to use the SPI communication now instead of bit banging the serial data to the FPGA.
|
|
|
|
fpga/fpga.v
|
|
The FPGA config word serializer required non standard SPI communication (ie for shifting in a 8 bit word, it required a 9th clock
|
|
cycle with NCS high to load the word from the shift register to the conf register). This was OK for manually bitbanging it but not
|
|
suitable for using SPI comms. The serializer was fixed to load the conf word from the shift register on a NCS lo-hi transition and
|
|
not require additional clocking.
|
|
|
|
armsrc/fpgaimg.c
|
|
Recompiled FPGA code after changes above.
|
|
|
|
armsrc/LCD.c
|
|
LCD driver for PCF8833 based LCDs like those found on Nokia models 2600,2650,3100,3120,5140,6030,6100,6610,7210,7250 maybe
|
|
others. These color LCDs have a resolution of 132x132 and a serial interface. They are very cheap like even down to $2/pc
|
|
This LCD driver is a straight rip of that found at http://www.sparkfun.com/datasheets/LCD/Jimbo-Nokia-SAM7-Example.zip with
|
|
very small changes, mainly to integrate it and make it compile with our codebase. Also comented out the circle subroutines
|
|
to keep the code to integer math only.
|
|
|
|
armsrc/fonts.c
|
|
Font definition for LCD driver
|
|
|
|
armsrc/appmain.c
|
|
Fixed a small bug in CmdHIDdemodFSK (added case 4) which prevented reading some tags. When a logic 0 is immediately followed
|
|
by the start of the next transmisson (special pattern) a pattern of 4 bit duration lengths is created.
|
|
|
|
################
|
|
## 2008/11/27 ##
|
|
################
|
|
armsrc/appmain.c
|
|
Implemented an HID tag FSK demodulator (CmdHIDdemodFSK) to obtain the tag ID code from the raw sampled waveform.
|
|
Implemented CmdHIDsimTAG which takes a 44bit HID tag ID as a hex number then creates the waveform and simulates the tag
|
|
|
|
winsrc/command.cpp
|
|
Added command "hidfskdemod" that calls CmdHIDdemodFSK, the ARM FSK demodulator for HID tags.
|
|
|
|
include/usb-cmd.h
|
|
New defines CMD_HID_DEMOD_FSK and CMD_HID_SIM_TAG
|
|
|
|
2008/11/25
|
|
common/iso14443_crc.c
|
|
Moved CRC calculation code into this file as it's common to both ARM and Windows side. This file is now included as needed.
|
|
|
|
################
|
|
## 2008/11/21 ##
|
|
################
|
|
armsrc/Makefile
|
|
Changes to split up the compilation of the ARM and produce separate S files for the FPGA code and the ARM code.
|
|
|
|
armsrc/appmain.c
|
|
Replaced some of the hex value params in FpgaWriteConfWord with more explanatory defines.
|
|
Changes to the Tune command as it assumes wrong HF capacitor value (130pF) and produces wrong voltage readings.
|
|
Combined some of the integer arithmetic statements to improve accuracy slightly, since the voltage divider ratio is not an integer.
|
|
Voltage divider resistor network is 10M/240k = ratio of 41.6666
|
|
|
|
Originally the calculation was rounding the ratio down to 41
|
|
3300 (mV) * 41 * sample_value / 1024
|
|
New calculation without rounding error is
|
|
3300 (mV) * 41.66666 * sample_value / 1024 => 137500 * sample_value / 1024
|
|
|
|
New define BUTTON_PRESS() returns status of button
|
|
|
|
armsrc/fpga.c
|
|
The current board can only take a X2S30 as there is no larger FPGA in PQFP100 package and
|
|
the smaller X2S15 FPGA can't fit the current code. The X2S30 FPGA config is fixed at 336,768 bits
|
|
The FPGA code base address and length is hard coded to occupy FLASH region 0x2000 - 0xC470.
|
|
|
|
armsrc/ldscript-fpga
|
|
New file to place the FPGA code at FLASH address 0x2000
|
|
|
|
bootrom/Makefile
|
|
Slight changes, commented out the generation of byteswapped S file, the other S files are generated in the same section of the makefile now.
|
|
|
|
bootrom/bootrom.c
|
|
Changed some thumb code with a one line ARM code which is clearer and more explicit. Processor runs in ARM mode at reset anyway.
|
|
Changed jump to RAM address, used to jump to 0x2000 (now FPGA area), now jumps to 0x10000.
|
|
|
|
bootrom/flash-reset.s
|
|
Changed name of CMain to CopyBootToRAM. Streamlined reset code, fixed up stack pointer initialization.
|
|
|
|
bootrom/fromflash.c
|
|
Removed the whole section of initializing clocks, this is redundant as it's being done once we jump to boot code in RAM
|
|
All fromflash.c does now is copy the boot code to ram and jumps to it.
|
|
|
|
bootrom/ram-reset.s
|
|
Fixed up stack pointer initialization that caused crash when using "loread"
|
|
|
|
include/at91sam7s128.h
|
|
New defines for debug register, lets you identify what processor flavour the code runs on, RAM and FLASH sizes, etc.
|
|
|
|
include/proxmark3.h
|
|
New useful defines for relay and button
|
|
|
|
winsrc/Makefile
|
|
Added new define /D_CRT_SECURE_NO_WARNINGS to elliminate a _whole bunch_ of bogus compilation warnings
|
|
|
|
winsrc/command.cpp
|
|
Changed CmdLosamples to take a numeric argument (number of samples x4 to retrieve from buffer)
|
|
New command Quit to exit the program from the GUI command prompt.
|
|
|
|
winsrc/gui.cpp
|
|
Fixup compilation warnings.
|
|
|
|
winsrc/prox.cpp
|
|
Tidy up printing to stdout, flashing progress now updates on the same line instead of scrolling up.
|
|
New command line parameter to load FPGA image to FLASH.
|