From 77720e2680a4cda7305339510616cd707df423ba Mon Sep 17 00:00:00 2001
From: travisutk <travisutk@12e2690d-a6be-4b82-a7b7-67c4a43b65c8>
Date: Fri, 10 Dec 2010 22:18:17 +0000
Subject: [PATCH] Chipcon packet handling is coming along, but transmissions
 are still dropped.  Maybe checksumming?

git-svn-id: https://svn.code.sf.net/p/goodfet/code/trunk@786 12e2690d-a6be-4b82-a7b7-67c4a43b65c8
---
 client/GoodFETCC.py                   | 36 +++++++-----
 client/goodfet.cc                     | 84 +++++++++++++++++++++++++--
 shellcode/chipcon/cc1110/Makefile     |  2 +-
 shellcode/chipcon/cc1110/rxpacket.c   |  5 +-
 shellcode/chipcon/cc1110/txpacket.c   | 11 ++++
 shellcode/chipcon/cc1110/txrxpacket.c | 44 ++++++++++++++
 6 files changed, 157 insertions(+), 25 deletions(-)
 create mode 100644 shellcode/chipcon/cc1110/txrxpacket.c

diff --git a/client/GoodFETCC.py b/client/GoodFETCC.py
index 9c838b1..4d2b57b 100644
--- a/client/GoodFETCC.py
+++ b/client/GoodFETCC.py
@@ -134,7 +134,8 @@ class GoodFETCC(GoodFET):
         self.CCdebuginstr([0x02, 0xf0, 0x00]); #ljmp 0xF000
         self.resume();
         while wait>0 and (0==self.CCstatus()&0x20):
-            time.sleep(0.1);
+            a=1;
+            #time.sleep(0.1);
             #print "Waiting for shell code to return.";
         return;
     def shellcode(self,code,wait=1):
@@ -148,7 +149,8 @@ class GoodFETCC(GoodFET):
         self.CCdebuginstr([0x02, 0xf0, 0x00]); #ljmp 0xF000
         self.resume();
         while wait>0 and (0==self.CCstatus()&0x20):
-            time.sleep(0.1);
+            a=1;
+            #time.sleep(0.1);
             #print "Waiting for shell code to return.";
         return;
     def CC1110_crystal(self):
@@ -243,11 +245,12 @@ class GoodFETCC(GoodFET):
         self.pokebysym("TEST2"    , 0x81)   # Various test settings.
         self.pokebysym("TEST1"    , 0x35)   # Various test settings.
         self.pokebysym("TEST0"    , 0x09)   # Various test settings.
-        #self.pokebysym("PA_TABLE0", 0xC0)   # PA output power setting.
-        self.pokebysym("PKTCTRL1" , 0x04)   # Packet automation control.
+        self.pokebysym("PA_TABLE0", 0xC0)   # PA output power setting.
+        self.pokebysym("PKTCTRL1" , 0x04)   # Packet automation control, w/ lqi
+        #self.pokebysym("PKTCTRL1" , 0x00)   # Packet automation control. w/o lqi
         self.pokebysym("PKTCTRL0" , 0x05)   # Packet automation control, w/ checksum.
-        #self.pokebysym("PKTCTRL0" , 0x01)   # Packet automation control, w/o checksum.
-        self.pokebysym("ADDR"     , 0x00)   # Device address.
+        self.pokebysym("PKTCTRL0" , 0x00)   # Packet automation control, w/o checksum, fixed length
+        self.pokebysym("ADDR"     , 0x01)   # Device address.
         self.pokebysym("PKTLEN"   , 0xFF)   # Packet length.
         
         self.pokebysym("SYNC1",0xD3);
@@ -344,21 +347,22 @@ class GoodFETCC(GoodFET):
         return 0;
     def RF_rxpacket(self):
         """Get a packet from the radio.  Returns None if none is waiting."""
-        #RFST=0xDFE1
-        #self.pokebyte(RFST,0x01); #SCAL
-        #self.pokebyte(RFST,0x02); #SRX
-        
         self.shellcodefile("rxpacket.ihx");
-        #time.sleep(1);
-        self.halt();
         len=self.peek8(0xFE00,"xdata");
-        #print "Grabbing %i bytes." %len;
-        return self.peekblock(0xFE00,len,"data");
-    def RF_txpacket(self,payload):
+        return self.peekblock(0xFE00,len+1,"data");
+    def RF_txpacket(self,packet):
         """Transmit a packet.  Untested."""
         
-        print "FIXME, Chipcon packet transmission is not yet implemented.";
+        self.pokeblock(0xFE00,packet,"data");
+        self.shellcodefile("txpacket.ihx");
         return;
+    def RF_txrxpacket(self,packet):
+        """Transmit a packet.  Untested."""
+        
+        self.pokeblock(0xFE00,packet,"data");
+        self.shellcodefile("txrxpacket.ihx");
+        len=self.peek8(0xFE00,"xdata");
+        return self.peekblock(0xFE00,len+1,"data");
 
     def RF_getrssi(self):
         """Returns the received signal strenght, with a weird offset."""
diff --git a/client/goodfet.cc b/client/goodfet.cc
index 96d2827..26648bc 100755
--- a/client/goodfet.cc
+++ b/client/goodfet.cc
@@ -23,6 +23,64 @@ def printpacket(packet):
         s="%s %02x" % (s,foo);
     print "%s" %s;
 
+def handlesimplicitipacket(packet):
+    s="";
+    i=0;
+    
+    for foo in packet:
+        i=i+1;
+        #if i>packet[0]+1: break;
+        s="%s %02x" % (s,foo);
+    print "\n%s" %s;
+    
+    
+    len=packet[0];
+    if len<12: return;
+    
+    dst=[packet[1],
+             packet[2],
+             packet[3],
+             packet[4]];
+    src=[packet[5],
+             packet[6],
+             packet[7],
+             packet[8]];
+    port=packet[9];
+    info=packet[10];
+    seq=packet[11];
+    #payload begins at byte 12.
+    
+    
+    
+    if port==0x03:
+        #print "Join request.";
+        if packet[12]!=1:
+            print "Not a join request.  WTF?";
+            return;
+        tid=packet[13];
+        reply=[0x12, #reply is one byte shorter
+               src[0], src[1], src[2], src[3],
+               1,1,1,1,           #my address
+               port, 0x21, seq,
+               0x81, tid,         #reply, tid
+               
+               1,1,1,1,
+               #4,3,2,1,           #default join token
+               #8,7,6,5,          #default link token
+               #0xFF,0xFF,0xFF,0xFF,
+               0x00];             #no security
+        printpacket(reply);
+        client.RF_txpacket(reply);
+
+    elif port==0x04:
+        print "Security request.";
+    elif port==0x05:
+        print "Frequency request.";
+    elif port==0x06:
+        print "Management request.";
+    else:
+        print "Unknown Port %02x" %port;
+    
 if(len(sys.argv)==1):
     print "Usage: %s verb [objects]\n" % sys.argv[0];
     print "%s erase" % sys.argv[0];
@@ -155,11 +213,26 @@ if(sys.argv[1]=="sniffsimpliciti"):
     
     client.config_simpliciti(region);
     
-    #For BSL sniffing, different frequencies.
-    #client.pokebysym("FREQ2",0x25);
-    #client.pokebysym("FREQ1",0x95);
-    #client.pokebysym("FREQ0",0x55);
+    print "Listening as %x on %f MHz" % (client.RF_getsmac(),
+                                           client.RF_getfreq()/10.0**6);
+    #Now we're ready to get packets.
+    while 1:
+        packet=None;
+        while packet==None:
+            packet=client.RF_rxpacket();
+        printpacket(packet);
+        sys.stdout.flush();
+
+if(sys.argv[1]=="simpliciti"):
+    #TODO remove all poke() calls.
+    region="us";
+    if len(sys.argv)>2:
+        region=sys.argv[2];
+    
+    client.CC1110_crystal();
+    client.RF_idle();
     
+    client.config_simpliciti(region);
     
     print "Listening as %x on %f MHz" % (client.RF_getsmac(),
                                            client.RF_getfreq()/10.0**6);
@@ -167,9 +240,8 @@ if(sys.argv[1]=="sniffsimpliciti"):
     while 1:
         packet=None;
         while packet==None:
-            #time.sleep(0.1);
             packet=client.RF_rxpacket();
-        printpacket(packet);
+        handlesimplicitipacket(packet);
         sys.stdout.flush();
 
 
diff --git a/shellcode/chipcon/cc1110/Makefile b/shellcode/chipcon/cc1110/Makefile
index 0464015..a1e3e5f 100644
--- a/shellcode/chipcon/cc1110/Makefile
+++ b/shellcode/chipcon/cc1110/Makefile
@@ -8,7 +8,7 @@
 # Use lower RAM if needed.
 
 CC=sdcc --code-loc 0xF000 
-objs=crystal.ihx txpacket.ihx rxpacket.ihx
+objs=crystal.ihx txpacket.ihx rxpacket.ihx txrxpacket.ihx
 
 all: $(objs)
 
diff --git a/shellcode/chipcon/cc1110/rxpacket.c b/shellcode/chipcon/cc1110/rxpacket.c
index 145d08f..a294aac 100644
--- a/shellcode/chipcon/cc1110/rxpacket.c
+++ b/shellcode/chipcon/cc1110/rxpacket.c
@@ -24,7 +24,7 @@ void main(){
   RFST=RFST_SRX;
   while(MARCSTATE!=MARC_STATE_RX);
   
-  while(i<len+1){
+  while(i<len+1){ //len+3 if status is appended.
     while(!RFTXRXIF); //Wait for byte to be ready.
     RFTXRXIF=0;      //Clear the flag.
     
@@ -36,6 +36,7 @@ void main(){
       HALT;
 
   }
-  RFST = RFST_SIDLE; //End transmit.
+  RFST = RFST_SIDLE; //End receive.
   HALT;
 }
+
diff --git a/shellcode/chipcon/cc1110/txpacket.c b/shellcode/chipcon/cc1110/txpacket.c
index fa0ad98..e41ce49 100644
--- a/shellcode/chipcon/cc1110/txpacket.c
+++ b/shellcode/chipcon/cc1110/txpacket.c
@@ -6,7 +6,18 @@ char __xdata at 0xfe00 packet[256] ;
 //! Transmit a packet out of the radio from 0xFE00.
 void main(){
   unsigned char len=packet[0], i=0;
+  
+  //Disable interrupts.
+  RFTXRXIE=0;
+  
+  //idle a bit.
+  RFST=RFST_SIDLE;
+  while(MARCSTATE!=MARC_STATE_IDLE);
+  
+  
   RFST=RFST_STX;     //Begin transmit.
+  while(MARCSTATE!=MARC_STATE_TX);
+  
   while(i!=len+1){
     while(!RFTXRXIF); //Wait for byte to be ready.
     
diff --git a/shellcode/chipcon/cc1110/txrxpacket.c b/shellcode/chipcon/cc1110/txrxpacket.c
new file mode 100644
index 0000000..1fdb0f1
--- /dev/null
+++ b/shellcode/chipcon/cc1110/txrxpacket.c
@@ -0,0 +1,44 @@
+#include <cc1110.h>
+#include "cc1110-ext.h"
+
+char __xdata at 0xfe00 packet[256] ;
+
+//! Transmit a packet out of the radio from 0xFE00.
+void main(){
+  unsigned char len=packet[0], i=0;
+  
+  //idle a bit.
+  RFST=RFST_SIDLE;
+  while(MARCSTATE!=MARC_STATE_IDLE);
+  
+  RFST=RFST_STX;     //Begin transmit.
+  while(i!=len+1){
+    while(!RFTXRXIF); //Wait for byte to be ready.
+    
+    RFTXRXIF=0;      //Clear the flag.
+    RFD=packet[i++]; //Send the next byte.
+  }
+  RFST = RFST_SIDLE; //End transmit.
+  
+  
+  while(MARCSTATE!=MARC_STATE_IDLE);
+  
+  //Begin to receive.
+  RFST=RFST_SRX;
+  while(MARCSTATE!=MARC_STATE_RX);
+  i=0;len=16;
+  while(i<len+1){
+    while(!RFTXRXIF); //Wait for byte to be ready.
+    RFTXRXIF=0;      //Clear the flag.
+    
+    if (MARCSTATE == MARC_STATE_RX) {
+      packet[i]=RFD; //Grab the next byte.
+      i++;
+      len=packet[0];   //First byte of the packet is the length.
+    }else
+      HALT;
+
+  }
+  RFST = RFST_SIDLE; //End receive.
+  HALT;
+}
-- 
2.20.1