]> cvs.zerfleddert.de Git - proxmark3-svn/blob - fpga/fpga_hf.v
Emv scan via contact interface (#789)
[proxmark3-svn] / fpga / fpga_hf.v
1 //-----------------------------------------------------------------------------
2 // The FPGA is responsible for interfacing between the A/D, the coil drivers,
3 // and the ARM. In the low-frequency modes it passes the data straight
4 // through, so that the ARM gets raw A/D samples over the SSP. In the high-
5 // frequency modes, the FPGA might perform some demodulation first, to
6 // reduce the amount of data that we must send to the ARM.
7 //
8 // I am not really an FPGA/ASIC designer, so I am sure that a lot of this
9 // could be improved.
10 //
11 // Jonathan Westhues, March 2006
12 // Added ISO14443-A support by Gerhard de Koning Gans, April 2008
13 // iZsh <izsh at fail0verflow.com>, June 2014
14 //-----------------------------------------------------------------------------
15
16 `include "hi_read_tx.v"
17 `include "hi_read_rx_xcorr.v"
18 `include "hi_simulate.v"
19 `include "hi_iso14443a.v"
20 `include "hi_sniffer.v"
21 `include "hi_get_trace.v"
22 `include "util.v"
23
24 module fpga_hf(
25 input spck, output miso, input mosi, input ncs,
26 input pck0, input ck_1356meg, input ck_1356megb,
27 output pwr_lo, output pwr_hi,
28 output pwr_oe1, output pwr_oe2, output pwr_oe3, output pwr_oe4,
29 input [7:0] adc_d, output adc_clk, output adc_noe,
30 output ssp_frame, output ssp_din, input ssp_dout, output ssp_clk,
31 input cross_hi, input cross_lo,
32 output dbg
33 );
34
35 //-----------------------------------------------------------------------------
36 // The SPI receiver. This sets up the configuration word, which the rest of
37 // the logic looks at to determine how to connect the A/D and the coil
38 // drivers (i.e., which section gets it). Also assign some symbolic names
39 // to the configuration bits, for use below.
40 //-----------------------------------------------------------------------------
41
42 reg [15:0] shift_reg;
43 reg [7:0] conf_word;
44 reg trace_enable;
45
46 // We switch modes between transmitting to the 13.56 MHz tag and receiving
47 // from it, which means that we must make sure that we can do so without
48 // glitching, or else we will glitch the transmitted carrier.
49 always @(posedge ncs)
50 begin
51 case(shift_reg[15:12])
52 4'b0001: conf_word <= shift_reg[7:0]; // FPGA_CMD_SET_CONFREG
53 4'b0010: trace_enable <= shift_reg[0]; // FPGA_CMD_TRACE_ENABLE
54 endcase
55 end
56
57 always @(posedge spck)
58 begin
59 if(~ncs)
60 begin
61 shift_reg[15:1] <= shift_reg[14:0];
62 shift_reg[0] <= mosi;
63 end
64 end
65
66 wire [2:0] major_mode;
67 assign major_mode = conf_word[7:5];
68
69 // For the high-frequency transmit configuration: modulation depth, either
70 // 100% (just quite driving antenna, steady LOW), or shallower (tri-state
71 // some fraction of the buffers)
72 wire hi_read_tx_shallow_modulation = conf_word[0];
73
74 // For the high-frequency receive correlator: frequency against which to
75 // correlate.
76 wire hi_read_rx_xcorr_848 = conf_word[0];
77 // and whether to drive the coil (reader) or just short it (snooper)
78 wire hi_read_rx_xcorr_snoop = conf_word[1];
79 // divide subcarrier frequency by 4
80 wire hi_read_rx_xcorr_quarter = conf_word[2];
81 // send amplitude only instead of ci/cq pair
82 wire hi_read_rx_xcorr_amplitude = conf_word[3];
83
84 // For the high-frequency simulated tag: what kind of modulation to use.
85 wire [2:0] hi_simulate_mod_type = conf_word[2:0];
86
87 //-----------------------------------------------------------------------------
88 // And then we instantiate the modules corresponding to each of the FPGA's
89 // major modes, and use muxes to connect the outputs of the active mode to
90 // the output pins.
91 //-----------------------------------------------------------------------------
92
93 hi_read_tx ht(
94 pck0, ck_1356meg, ck_1356megb,
95 ht_pwr_lo, ht_pwr_hi, ht_pwr_oe1, ht_pwr_oe2, ht_pwr_oe3, ht_pwr_oe4,
96 adc_d, ht_adc_clk,
97 ht_ssp_frame, ht_ssp_din, ssp_dout, ht_ssp_clk,
98 cross_hi, cross_lo,
99 ht_dbg,
100 hi_read_tx_shallow_modulation
101 );
102
103 hi_read_rx_xcorr hrxc(
104 pck0, ck_1356meg, ck_1356megb,
105 hrxc_pwr_lo, hrxc_pwr_hi, hrxc_pwr_oe1, hrxc_pwr_oe2, hrxc_pwr_oe3, hrxc_pwr_oe4,
106 adc_d, hrxc_adc_clk,
107 hrxc_ssp_frame, hrxc_ssp_din, ssp_dout, hrxc_ssp_clk,
108 cross_hi, cross_lo,
109 hrxc_dbg,
110 hi_read_rx_xcorr_848, hi_read_rx_xcorr_snoop, hi_read_rx_xcorr_quarter, hi_read_rx_xcorr_amplitude
111 );
112
113 hi_simulate hs(
114 pck0, ck_1356meg, ck_1356megb,
115 hs_pwr_lo, hs_pwr_hi, hs_pwr_oe1, hs_pwr_oe2, hs_pwr_oe3, hs_pwr_oe4,
116 adc_d, hs_adc_clk,
117 hs_ssp_frame, hs_ssp_din, ssp_dout, hs_ssp_clk,
118 cross_hi, cross_lo,
119 hs_dbg,
120 hi_simulate_mod_type
121 );
122
123 hi_iso14443a hisn(
124 pck0, ck_1356meg, ck_1356megb,
125 hisn_pwr_lo, hisn_pwr_hi, hisn_pwr_oe1, hisn_pwr_oe2, hisn_pwr_oe3, hisn_pwr_oe4,
126 adc_d, hisn_adc_clk,
127 hisn_ssp_frame, hisn_ssp_din, ssp_dout, hisn_ssp_clk,
128 cross_hi, cross_lo,
129 hisn_dbg,
130 hi_simulate_mod_type
131 );
132
133 hi_sniffer he(
134 pck0, ck_1356meg, ck_1356megb,
135 he_pwr_lo, he_pwr_hi, he_pwr_oe1, he_pwr_oe2, he_pwr_oe3, he_pwr_oe4,
136 adc_d, he_adc_clk,
137 he_ssp_frame, he_ssp_din, ssp_dout, he_ssp_clk,
138 cross_hi, cross_lo,
139 he_dbg,
140 hi_read_rx_xcorr_848, hi_read_rx_xcorr_snoop, hi_read_rx_xcorr_quarter
141 );
142
143 hi_get_trace gt(
144 ck_1356megb,
145 adc_d, trace_enable, major_mode,
146 gt_ssp_frame, gt_ssp_din, gt_ssp_clk
147 );
148
149 // Major modes:
150
151 // 000 -- HF reader, transmitting to tag; modulation depth selectable
152 // 001 -- HF reader, receiving from tag, correlating as it goes; frequency selectable
153 // 010 -- HF simulated tag
154 // 011 -- HF ISO14443-A
155 // 100 -- HF Snoop
156 // 101 -- HF get trace
157 // 111 -- everything off
158
159 mux8 mux_ssp_clk (major_mode, ssp_clk, ht_ssp_clk, hrxc_ssp_clk, hs_ssp_clk, hisn_ssp_clk, he_ssp_clk, gt_ssp_clk, 1'b0, 1'b0);
160 mux8 mux_ssp_din (major_mode, ssp_din, ht_ssp_din, hrxc_ssp_din, hs_ssp_din, hisn_ssp_din, he_ssp_din, gt_ssp_din, 1'b0, 1'b0);
161 mux8 mux_ssp_frame (major_mode, ssp_frame, ht_ssp_frame, hrxc_ssp_frame, hs_ssp_frame, hisn_ssp_frame, he_ssp_frame, gt_ssp_frame, 1'b0, 1'b0);
162 mux8 mux_pwr_oe1 (major_mode, pwr_oe1, ht_pwr_oe1, hrxc_pwr_oe1, hs_pwr_oe1, hisn_pwr_oe1, he_pwr_oe1, 1'b0, 1'b0, 1'b0);
163 mux8 mux_pwr_oe2 (major_mode, pwr_oe2, ht_pwr_oe2, hrxc_pwr_oe2, hs_pwr_oe2, hisn_pwr_oe2, he_pwr_oe2, 1'b0, 1'b0, 1'b0);
164 mux8 mux_pwr_oe3 (major_mode, pwr_oe3, ht_pwr_oe3, hrxc_pwr_oe3, hs_pwr_oe3, hisn_pwr_oe3, he_pwr_oe3, 1'b0, 1'b0, 1'b0);
165 mux8 mux_pwr_oe4 (major_mode, pwr_oe4, ht_pwr_oe4, hrxc_pwr_oe4, hs_pwr_oe4, hisn_pwr_oe4, he_pwr_oe4, 1'b0, 1'b0, 1'b0);
166 mux8 mux_pwr_lo (major_mode, pwr_lo, ht_pwr_lo, hrxc_pwr_lo, hs_pwr_lo, hisn_pwr_lo, he_pwr_lo, 1'b0, 1'b0, 1'b0);
167 mux8 mux_pwr_hi (major_mode, pwr_hi, ht_pwr_hi, hrxc_pwr_hi, hs_pwr_hi, hisn_pwr_hi, he_pwr_hi, 1'b0, 1'b0, 1'b0);
168 mux8 mux_adc_clk (major_mode, adc_clk, ht_adc_clk, hrxc_adc_clk, hs_adc_clk, hisn_adc_clk, he_adc_clk, 1'b0, 1'b0, 1'b0);
169 mux8 mux_dbg (major_mode, dbg, ht_dbg, hrxc_dbg, hs_dbg, hisn_dbg, he_dbg, 1'b0, 1'b0, 1'b0);
170
171 // In all modes, let the ADC's outputs be enabled.
172 assign adc_noe = 1'b0;
173
174 endmodule
Impressum, Datenschutz