]> cvs.zerfleddert.de Git - proxmark3-svn/blob - fpga/fpga_hf.v
implement 'hf iclass snoop -j'
[proxmark3-svn] / fpga / fpga_hf.v
1 //-----------------------------------------------------------------------------
2 // The FPGA is responsible for interfacing between the A/D, the coil drivers,
3 // and the ARM. In the low-frequency modes it passes the data straight
4 // through, so that the ARM gets raw A/D samples over the SSP. In the high-
5 // frequency modes, the FPGA might perform some demodulation first, to
6 // reduce the amount of data that we must send to the ARM.
7 //
8 // I am not really an FPGA/ASIC designer, so I am sure that a lot of this
9 // could be improved.
10 //
11 // Jonathan Westhues, March 2006
12 // Added ISO14443-A support by Gerhard de Koning Gans, April 2008
13 // iZsh <izsh at fail0verflow.com>, June 2014
14 //-----------------------------------------------------------------------------
15
16
17 // Defining commands, modes and options. This must be aligned to the definitions in fpgaloader.h
18 // Note: the definitions here are without shifts
19
20 // Commands:
21 `define FPGA_CMD_SET_CONFREG 1
22 `define FPGA_CMD_TRACE_ENABLE 2
23
24 // Major modes:
25 `define FPGA_MAJOR_MODE_LF_ADC 0
26 `define FPGA_MAJOR_MODE_LF_EDGE_DETECT 1
27 `define FPGA_MAJOR_MODE_LF_PASSTHRU 2
28 `define FPGA_MAJOR_MODE_HF_READER 0
29 `define FPGA_MAJOR_MODE_HF_SIMULATOR 1
30 `define FPGA_MAJOR_MODE_HF_ISO14443A 2
31 `define FPGA_MAJOR_MODE_HF_SNOOP 3
32 `define FPGA_MAJOR_MODE_HF_GET_TRACE 4
33 `define FPGA_MAJOR_MODE_OFF 7
34
35 // Options for the generic HF reader
36 `define FPGA_HF_READER_MODE_RECEIVE_IQ 0
37 `define FPGA_HF_READER_MODE_RECEIVE_AMPLITUDE 1
38 `define FPGA_HF_READER_MODE_RECEIVE_PHASE 2
39 `define FPGA_HF_READER_MODE_SEND_FULL_MOD 3
40 `define FPGA_HF_READER_MODE_SEND_SHALLOW_MOD 4
41 `define FPGA_HF_READER_MODE_SNIFF_IQ 5
42 `define FPGA_HF_READER_MODE_SNIFF_AMPLITUDE 6
43 `define FPGA_HF_READER_MODE_SNIFF_PHASE 7
44 `define FPGA_HF_READER_MODE_SEND_JAM 8
45 `define FPGA_HF_READER_SUBCARRIER_848_KHZ 0
46 `define FPGA_HF_READER_SUBCARRIER_424_KHZ 1
47 `define FPGA_HF_READER_SUBCARRIER_212_KHZ 2
48
49 // Options for the HF simulated tag, how to modulate
50 `define FPGA_HF_SIMULATOR_NO_MODULATION 0
51 `define FPGA_HF_SIMULATOR_MODULATE_BPSK 1
52 `define FPGA_HF_SIMULATOR_MODULATE_212K 2
53 `define FPGA_HF_SIMULATOR_MODULATE_424K 4
54 `define FPGA_HF_SIMULATOR_MODULATE_424K_8BIT 5
55
56 // Options for ISO14443A
57 `define FPGA_HF_ISO14443A_SNIFFER 0
58 `define FPGA_HF_ISO14443A_TAGSIM_LISTEN 1
59 `define FPGA_HF_ISO14443A_TAGSIM_MOD 2
60 `define FPGA_HF_ISO14443A_READER_LISTEN 3
61 `define FPGA_HF_ISO14443A_READER_MOD 4
62
63 `include "hi_reader.v"
64 `include "hi_simulate.v"
65 `include "hi_iso14443a.v"
66 `include "hi_sniffer.v"
67 `include "hi_get_trace.v"
68 `include "util.v"
69
70 module fpga_hf(
71 input spck, output miso, input mosi, input ncs,
72 input pck0, input ck_1356meg, input ck_1356megb,
73 output pwr_lo, output pwr_hi,
74 output pwr_oe1, output pwr_oe2, output pwr_oe3, output pwr_oe4,
75 input [7:0] adc_d, output adc_clk, output adc_noe,
76 output ssp_frame, output ssp_din, input ssp_dout, output ssp_clk,
77 input cross_hi, input cross_lo,
78 output dbg
79 );
80
81 //-----------------------------------------------------------------------------
82 // The SPI receiver. This sets up the configuration word, which the rest of
83 // the logic looks at to determine how to connect the A/D and the coil
84 // drivers (i.e., which section gets it). Also assign some symbolic names
85 // to the configuration bits, for use below.
86 //-----------------------------------------------------------------------------
87
88 reg [15:0] shift_reg;
89 reg [8:0] conf_word;
90 reg trace_enable;
91
92 // We switch modes between transmitting to the 13.56 MHz tag and receiving
93 // from it, which means that we must make sure that we can do so without
94 // glitching, or else we will glitch the transmitted carrier.
95 always @(posedge ncs)
96 begin
97 case(shift_reg[15:12])
98 `FPGA_CMD_SET_CONFREG: conf_word <= shift_reg[8:0];
99 `FPGA_CMD_TRACE_ENABLE: trace_enable <= shift_reg[0];
100 endcase
101 end
102
103 always @(posedge spck)
104 begin
105 if(~ncs)
106 begin
107 shift_reg[15:1] <= shift_reg[14:0];
108 shift_reg[0] <= mosi;
109 end
110 end
111
112 // select module (outputs) based on major mode
113 wire [2:0] major_mode = conf_word[8:6];
114
115 // configuring the HF reader
116 wire [1:0] subcarrier_frequency = conf_word[5:4];
117 wire [3:0] minor_mode = conf_word[3:0];
118
119 //-----------------------------------------------------------------------------
120 // And then we instantiate the modules corresponding to each of the FPGA's
121 // major modes, and use muxes to connect the outputs of the active mode to
122 // the output pins.
123 //-----------------------------------------------------------------------------
124
125 hi_reader hr(
126 ck_1356megb,
127 hr_pwr_lo, hr_pwr_hi, hr_pwr_oe1, hr_pwr_oe2, hr_pwr_oe3, hr_pwr_oe4,
128 adc_d, hr_adc_clk,
129 hr_ssp_frame, hr_ssp_din, ssp_dout, hr_ssp_clk,
130 hr_dbg,
131 subcarrier_frequency, minor_mode
132 );
133
134 hi_simulate hs(
135 ck_1356meg,
136 hs_pwr_lo, hs_pwr_hi, hs_pwr_oe1, hs_pwr_oe2, hs_pwr_oe3, hs_pwr_oe4,
137 adc_d, hs_adc_clk,
138 hs_ssp_frame, hs_ssp_din, ssp_dout, hs_ssp_clk,
139 hs_dbg,
140 minor_mode
141 );
142
143 hi_iso14443a hisn(
144 ck_1356meg,
145 hisn_pwr_lo, hisn_pwr_hi, hisn_pwr_oe1, hisn_pwr_oe2, hisn_pwr_oe3, hisn_pwr_oe4,
146 adc_d, hisn_adc_clk,
147 hisn_ssp_frame, hisn_ssp_din, ssp_dout, hisn_ssp_clk,
148 hisn_dbg,
149 minor_mode
150 );
151
152 hi_sniffer he(
153 ck_1356megb,
154 he_pwr_lo, he_pwr_hi, he_pwr_oe1, he_pwr_oe2, he_pwr_oe3, he_pwr_oe4,
155 adc_d, he_adc_clk,
156 he_ssp_frame, he_ssp_din, he_ssp_clk
157 );
158
159 hi_get_trace gt(
160 ck_1356megb,
161 adc_d, trace_enable, major_mode,
162 gt_ssp_frame, gt_ssp_din, gt_ssp_clk
163 );
164
165 // Major modes:
166
167 // 000 -- HF reader; subcarrier frequency and modulation depth selectable
168 // 001 -- HF simulated tag
169 // 010 -- HF ISO14443-A
170 // 011 -- HF Snoop
171 // 100 -- HF get trace
172 // 111 -- everything off
173
174 mux8 mux_ssp_clk (major_mode, ssp_clk, hr_ssp_clk, hs_ssp_clk, hisn_ssp_clk, he_ssp_clk, gt_ssp_clk, 1'b0, 1'b0, 1'b0);
175 mux8 mux_ssp_din (major_mode, ssp_din, hr_ssp_din, hs_ssp_din, hisn_ssp_din, he_ssp_din, gt_ssp_din, 1'b0, 1'b0, 1'b0);
176 mux8 mux_ssp_frame (major_mode, ssp_frame, hr_ssp_frame, hs_ssp_frame, hisn_ssp_frame, he_ssp_frame, gt_ssp_frame, 1'b0, 1'b0, 1'b0);
177 mux8 mux_pwr_oe1 (major_mode, pwr_oe1, hr_pwr_oe1, hs_pwr_oe1, hisn_pwr_oe1, he_pwr_oe1, 1'b0, 1'b0, 1'b0, 1'b0);
178 mux8 mux_pwr_oe2 (major_mode, pwr_oe2, hr_pwr_oe2, hs_pwr_oe2, hisn_pwr_oe2, he_pwr_oe2, 1'b0, 1'b0, 1'b0, 1'b0);
179 mux8 mux_pwr_oe3 (major_mode, pwr_oe3, hr_pwr_oe3, hs_pwr_oe3, hisn_pwr_oe3, he_pwr_oe3, 1'b0, 1'b0, 1'b0, 1'b0);
180 mux8 mux_pwr_oe4 (major_mode, pwr_oe4, hr_pwr_oe4, hs_pwr_oe4, hisn_pwr_oe4, he_pwr_oe4, 1'b0, 1'b0, 1'b0, 1'b0);
181 mux8 mux_pwr_lo (major_mode, pwr_lo, hr_pwr_lo, hs_pwr_lo, hisn_pwr_lo, he_pwr_lo, 1'b0, 1'b0, 1'b0, 1'b0);
182 mux8 mux_pwr_hi (major_mode, pwr_hi, hr_pwr_hi, hs_pwr_hi, hisn_pwr_hi, he_pwr_hi, 1'b0, 1'b0, 1'b0, 1'b0);
183 mux8 mux_adc_clk (major_mode, adc_clk, hr_adc_clk, hs_adc_clk, hisn_adc_clk, he_adc_clk, 1'b0, 1'b0, 1'b0, 1'b0);
184 mux8 mux_dbg (major_mode, dbg, hr_dbg, hs_dbg, hisn_dbg, 1'b0, 1'b0, 1'b0, 1'b0, 1'b0);
185
186 // In all modes, let the ADC's outputs be enabled.
187 assign adc_noe = 1'b0;
188
189 // not used
190 assign miso = 1'b0;
191
192 endmodule
Impressum, Datenschutz