X-Git-Url: http://git.rot13.org/?a=blobdiff_plain;f=firmware%2Fapps%2Fglitch%2Fglitch.c;h=40e81221f4d1e10bebdb7ede8c2b46e1626f4708;hb=c00829e3bbc2d574d2fc35059696018f90d87d96;hp=56de8c3b898a71c183f94bac525114079ef844c0;hpb=a456d2fbf645904f642f714fa86766f195384d94;p=goodfet

diff --git a/firmware/apps/glitch/glitch.c b/firmware/apps/glitch/glitch.c
index 56de8c3..40e8122 100644
--- a/firmware/apps/glitch/glitch.c
+++ b/firmware/apps/glitch/glitch.c
@@ -11,6 +11,29 @@
 #include "command.h"
 #include "glitch.h"
 
+//! Handles a monitor command.
+void glitch_handle_fn( uint8_t const app,
+					   uint8_t const verb,
+					   uint32_t const len);
+
+// define the glitch app's app_t
+app_t const glitch_app = {
+
+	/* app number */
+	GLITCH,
+
+	/* handle fn */
+	glitch_handle_fn,
+
+	/* name */
+	"GLITCH",
+
+	/* desc */
+	"\tThe GLITCH app adds support for doing glitch research.\n"
+	"\tSee the TI example MSP430x261x_dac12_01.c for usage of the DAC.\n"
+	"\tThis module sends odd and insufficient voltages on P6.6/DAC0\n"
+	"\tin order to bypass security restrictions of target devices.\n"
+};
 
 //! Call this before the function to be glitched.
 void glitchprime(){
@@ -27,30 +50,38 @@ void glitchprime(){
 void glitchsetup(){
 #ifdef DAC12IR
   //Set GSEL high to disable glitching.
-
-  P5DIR|=0x80;
-  P6DIR|=BIT6+BIT5;
   
-  P5OUT|=0x80;
+  //Normal voltage, use resistors instead of output.
+  //P5DIR=0x80;   //ONLY glitch pin is output.
+  P5DIR|=0x80;   //glitch pin is output.
+  P5OUT|=0x80;  //It MUST begin high.
+  //P5REN|=0x7F;  //Resistors pull high and low weakly.
+  
+  P6DIR|=BIT6+BIT5;
   P6OUT|=BIT6+BIT5;
   
   WDTCTL = WDTPW + WDTHOLD;             // Stop WDT
   TACTL = TASSEL1 + TACLR;              // SMCLK, clear TAR
   CCTL0 = CCIE;                         // CCR0 interrupt enabled
-  CCR0 = glitchcount+0x15; //clock divider
-  TACTL |= MC_3;
-  _EINT();                              // Enable interrupts 
+  CCR0 = glitchcount+0x10;              // Compare Value
+  TACTL |= MC_2;                        // continuous mode.
 #endif
 }
 
 // Timer A0 interrupt service routine
-interrupt(TIMERA0_VECTOR) Timer_A (void)
-{
-  P5OUT&=~BIT7;//Glitch
-  //P5DIR=BIT7; //All else high impedance.
-  P5OUT|=BIT7;//Normal
-  TACTL |= MC0;// Stop Timer_A;
+interrupt(TIMERA0_VECTOR) Timer_A (void){
+  //This oughtn't be necessary, but glitches repeat without it.
+  TACTL=0; //disable counter.
   
+  
+  P5OUT^=BIT7;//Glitch
+  //asm("nop"); //delay deepens glitch.
+  P5OUT^=BIT7;//Normal
+  
+  //This oughtn't be necessary, but glitches repeat without it.
+  TACTL=0; //disable counter.
+  
+  //P5OUT^=BIT7;//Normal
   return;
 }
 
@@ -65,12 +96,19 @@ void glitchapp(u8 app){
 
 //! Set glitching voltages.
 void glitchvoltages(u16 gnd, u16 vcc){
-  int i;
+  
   //debugstr("Set glitching voltages: GND and VCC");
   //debughex(gnd);
   //debughex(vcc);
   
+  /** N.B., because this is confusing as hell.  As per Page 86 of
+      SLAS541F, P6SEL is not what controls the use of the DAC0/DAC1
+      functions on P6.6 and P6.5.  Instead, CAPD or DAC12AMP>0 sets
+      the state.
+  */
+  
   #ifdef DAC12IR
+  int i;
   ADC12CTL0 = REF2_5V + REFON;                  // Internal 2.5V ref on
   // Delay here for reference to settle.
   for(i=0;i!=0xFFFF;i++) asm("nop");
@@ -87,10 +125,10 @@ void glitchrate(u16 rate){
 }
 
 //! Handles a monitor command.
-void glitchhandle(unsigned char app,
-		  unsigned char verb,
-		  unsigned long len){
-  P1OUT&=~1;
+void glitch_handle_fn( uint8_t const app,
+					   uint8_t const verb,
+					   uint32_t const len)
+{
   switch(verb){
   case GLITCHVOLTAGES:
     glitchvoltages(cmddataword[0],
@@ -104,30 +142,39 @@ void glitchhandle(unsigned char app,
   case GLITCHVERB:
     //FIXME parameters don't work yet.
     glitchprime();
+    TAR=0; //Reset clock.
     handle(cmddata[0],cmddata[1],0);
+    TACTL |= MC0;// Stop Timer_A;
     break;
   case GLITCHTIME:
+    debugstr("Measuring start time.");
     _DINT();//disable interrupts
     TACTL=0; //clear dividers
     TACTL|=TACLR; //clear config
-    TACTL|=TASSEL_SMCLK| //smclk source
-      MC_2; //continuout mode.
+    TACTL|=
+      TASSEL_SMCLK //smclk source
+      | MC_2; //continuous mode.
     
     //perform the function
     silent++;//Don't want the function to return anything.
+    TAR=0;
     handle(cmddata[0],cmddata[1],0);
-    silent--;
     cmddataword[0]=TAR; //Return counter.
+    silent--;
+    debugstr("Measured start time.");
+    debughex(cmddataword[0]);
     txdata(app,verb,2);
     break;
   case START:
-    glitchvoltages(0xFFF,0);//Inverted VCC and GND.
+    //Testing mode, for looking at the glitch waveform.
+    glitchvoltages(0,0xFFF);//Minimum glitch, for noise test.
+    //glitchvoltages(0,0);//Drop VCC
+    //glitchvoltages(0xFFF,0xFFF);//Raise Ground
     P5OUT|=BIT7;//Normal
     P5DIR|=BIT7;
     while(1){
       P5OUT&=~BIT7;//Glitch
-      //asm("nop");//asm("nop");asm("nop");asm("nop");asm("nop");asm("nop");
-      asm("nop"); //Not necessary.
+      //asm("nop"); //Not Necessary
       P5OUT|=BIT7;//Normal
       asm("nop");asm("nop");asm("nop");asm("nop");asm("nop");asm("nop");
       asm("nop");asm("nop");asm("nop");asm("nop");asm("nop");asm("nop");