2 # GoodFET Chipcon Example
4 # (C) 2009 Travis Goodspeed <travis at radiantmachines.com>
6 # This code is being rewritten and refactored. You've been warned!
11 from GoodFETCC import GoodFETCC;
12 from GoodFETConsole import GoodFETConsole;
13 from intelhex import IntelHex;
16 def printpacket(packet):
21 #if i>client.packetlen: break;
22 s="%s %02x" % (s,ord(foo));
26 print "Usage: %s verb [objects]\n" % sys.argv[0];
27 print "%s erase" % sys.argv[0];
28 print "%s flash $foo.hex" % sys.argv[0];
29 print "%s test" % sys.argv[0];
30 print "%s term" % sys.argv[0];
31 print "%s info" % sys.argv[0];
32 print "%s halt" % sys.argv[0];
33 print "%s regs" % sys.argv[0];
34 print "%s dumpcode $foo.hex [0x$start 0x$stop]" % sys.argv[0];
35 print "%s dumpdata $foo.hex [0x$start 0x$stop]" % sys.argv[0];
36 print "%s writedata $foo.hex [0x$start 0x$stop]" % sys.argv[0];
37 print "%s verify $foo.hex [0x$start 0x$stop]" % sys.argv[0];
38 print "%s peekdata 0x$start [0x$stop]" % sys.argv[0];
39 print "%s pokedata 0x$adr 0x$val" % sys.argv[0];
40 print "%s peek 0x$iram" % sys.argv[0];
41 print "%s poke 0x$iram 0x$val" % sys.argv[0];
42 print "%s peekcode 0x$start [0x$stop]" % sys.argv[0];
44 print "%s rssi [freq]\n\tGraphs signal strength on [freq] Hz." % sys.argv[0];
45 print "%s carrier [freq]\n\tHolds a carrier on [freq] Hz." % sys.argv[0];
46 print "%s reflex [freq]\n\tJams on [freq] Hz." % sys.argv[0];
47 print "%s sniffsimpliciti [us|eu|lf]\n\tSniffs SimpliciTI packets." % sys.argv[0];
51 #Initailize FET and set baud rate
52 #client=GoodFET.GoodFETCC.GoodFETCC();
62 if(sys.argv[1]=="carrier"):
64 client.RF_setfreq(eval(sys.argv[2]));
67 #print "\nHolding a carrier wave.";
71 if(sys.argv[1]=="reflex"):
72 client.CC1110_crystal();
75 client.config_simpliciti();
76 client.pokebysym("MDMCFG4", 0x0c); #ultrawide
77 client.pokebysym("FSCTRL1", 0x12); #IF of 457.031
78 client.pokebysym("FSCTRL0", 0x00);
79 client.pokebysym("FSCAL2" , 0x2A); #above mid
80 client.pokebysym("MCSM0" , 0x00); # Main Radio Control State Machine
82 client.pokebysym("FSCAL3" , 0xEA) # Frequency synthesizer calibration.
83 client.pokebysym("FSCAL2" , 0x2A) # Frequency synthesizer calibration.
84 client.pokebysym("FSCAL1" , 0x00) # Frequency synthesizer calibration.
85 client.pokebysym("FSCAL0" , 0x1F) # Frequency synthesizer calibration.
87 client.pokebysym("TEST2" , 0x88) # Various test settings.
88 client.pokebysym("TEST1" , 0x35) # Various test settings.
89 client.pokebysym("TEST0" , 0x09) # Various test settings.
93 client.RF_setfreq(eval(sys.argv[2]));
94 print "Listening on %f MHz." % (client.RF_getfreq()/10**6);
95 print "Jamming if RSSI>=%i" % threshold;
99 client.CC_RFST_CAL(); #SCAL
105 client.CC_RFST_RX(); #SRX
106 rssi=client.RF_getrssi();
107 client.CC_RFST_IDLE(); #idle
110 for foo in range(0,rssi>>2):
111 string=("%s."%string);
112 print "%02x %04i %04i %s" % (rssi,rssi, maxrssi, string);
116 #print "Triggered jamming for 1s.";
119 print "JAMMING JAMMING JAMMING JAMMING";
120 if(sys.argv[1]=="rssi"):
121 client.CC1110_crystal();
124 client.config_simpliciti();
128 client.RF_setfreq(eval(sys.argv[2]));
129 print "Listening on %f MHz." % (client.RF_getfreq()/10**6);
133 client.CC_RFST_CAL();
138 rssi=client.RF_getrssi();
139 client.CC_RFST_IDLE(); #idle
142 for foo in range(0,rssi>>2):
143 string=("%s."%string);
144 print "%02x %04i %s" % (rssi,rssi, string);
146 if(sys.argv[1]=="sniffsimpliciti"):
147 #TODO remove all poke() calls.
149 client.CC1110_crystal();
153 client.config_simpliciti("lf");
154 #client.RF_setfreq(2481 * 10**6);
156 #OpenBeacon defines these in little endian as follows.
157 #client.RF_setmaclen(5); # SETUP_AW for 5-byte addresses.
158 #0x01, 0x02, 0x03, 0x02, 0x01
159 #client.RF_setsmac(0x0102030201);
160 #'O', 'C', 'A', 'E', 'B'
161 #client.RF_settmac(0x424541434F);
163 #Set packet length of 16.
164 #client.RF_setpacketlen(16);
167 print "Listening as %010x on %i MHz" % (client.RF_getsmac(),
168 client.RF_getfreq()/10**6);
169 #Now we're ready to get packets.
174 packet=client.RF_rxpacket();
180 if(sys.argv[1]=="explore"):
181 print "Exploring undefined commands."
182 print "Status: %s" %client.status();
184 cmd=0x04; #read status
185 for foo in range(0,0x5):
186 client.CCcmd([(0x0F<<3)|(0x00)|0x03,0x09<<3]);
187 print "Status %02x: %s" % (foo,client.status());
188 for foo in range(0,3):
189 print "PC: %04x" % client.CCgetPC();
190 if(sys.argv[1]=="term"):
191 GoodFETConsole(client).run();
192 if(sys.argv[1]=="test"):
194 if(sys.argv[1]=="deadtest"):
195 for i in range(1,10):
196 print "IDENT as %s" % client.CCidentstr();
197 if(sys.argv[1]=="dumpcode"):
202 start=int(sys.argv[3],16);
204 stop=int(sys.argv[4],16);
206 print "Dumping code from %04x to %04x as %s." % (start,stop,f);
210 h[i]=client.CCpeekcodebyte(i);
212 print "Dumped %04x."%i;
215 if(sys.argv[1]=="dumpdata"):
220 start=int(sys.argv[3],16);
222 stop=int(sys.argv[4],16);
224 print "Dumping data from %04x to %04x as %s." % (start,stop,f);
228 h[i]=client.CCpeekdatabyte(i);
230 print "Dumped %04x."%i;
233 if(sys.argv[1]=="status"):
234 print "Status: %s" %client.status();
235 if(sys.argv[1]=="halt"):
238 if(sys.argv[1]=="info"):
239 print "Ident %s" % client.CCidentstr();
242 print "Freq %10.3f MHz" % (client.RF_getfreq()/10**6);
243 print "RSSI %02x" % client.RF_getrssi();
245 print "Freq, RSSI, etc unknown. Install SmartRF7.";
246 #print "Rate %10i kbps" % (client.RF_getrate()/1000);
247 #print "PacketLen %02i bytes" % client.RF_getpacketlen();
248 #print "SMAC 0x%010x" % client.RF_getsmac();
249 #print "TMAC 0x%010x" % client.RF_gettmac();
251 if(sys.argv[1]=="regs"):
254 if(sys.argv[1]=="erase"):
255 print "Status: %s" % client.status();
256 client.CCchiperase();
257 print "Status: %s" %client.status();
259 if(sys.argv[1]=="peekinfo"):
260 print "Select info flash."
261 client.CCwr_config(1);
262 print "Config is %02x" % client.CCrd_config();
266 start=int(sys.argv[2],16);
269 stop=int(sys.argv[3],16);
270 print "Peeking from %04x to %04x." % (start,stop);
272 print "%04x: %02x" % (start,client.CCpeekcodebyte(start));
274 if(sys.argv[1]=="poke"):
275 client.CCpokeirambyte(int(sys.argv[2],16),
276 int(sys.argv[3],16));
277 if(sys.argv[1]=="randtest"):
279 client.CCpokeirambyte(0xBD,0x01); #RNDH=0x01
280 client.CCpokeirambyte(0xB4,0x04); #ADCCON1=0x04
281 client.CCpokeirambyte(0xBD,0x01); #RNDH=0x01
282 client.CCpokeirambyte(0xB4,0x04); #ADCCON1=0x04
285 for foo in range(1,10):
286 print "%02x" % client.CCpeekirambyte(0xBD); #RNDH
287 client.CCpokeirambyte(0xB4,0x04); #ADCCON1=0x04
288 client.CCreleasecpu();
290 print "%02x" % client.CCpeekdatabyte(0xDF61); #CHIP ID
291 if(sys.argv[1]=="adctest"):
292 # ADCTest 0xDF3A 0xDF3B
293 print "ADC TEST %02x%02x" % (
294 client.CCpeekdatabyte(0xDF3A),
295 client.CCpeekdatabyte(0xDF3B));
296 if(sys.argv[1]=="config"):
297 print "Config is %02x" % client.CCrd_config();
299 if(sys.argv[1]=="flash"):
304 start=int(sys.argv[3],16);
306 stop=int(sys.argv[4],16);
309 if(sys.argv[1]=="lock"):
310 print "Status: %s" %client.status();
312 print "Status: %s" %client.status();
313 if(sys.argv[1]=="flashpage"):
316 target=int(sys.argv[2],16);
317 print "Writing a page of flash from 0xF000 in XDATA"
318 client.CCflashpage(target);
319 if(sys.argv[1]=="erasebuffer"):
320 print "Erasing flash buffer.";
321 client.CCeraseflashbuffer();
323 if(sys.argv[1]=="writedata"):
328 start=int(sys.argv[3],16);
330 stop=int(sys.argv[4],16);
334 for i in h._buf.keys():
335 if(i>=start and i<=stop):
336 client.CCpokedatabyte(i,h[i]);
339 #if(sys.argv[1]=="flashtest"):
340 # client.CCflashtest();
341 if(sys.argv[1]=="peekdata"):
344 start=int(sys.argv[2],16);
347 stop=int(sys.argv[3],16);
348 print "Peeking from %04x to %04x." % (start,stop);
350 print "%04x: %02x" % (start,client.CCpeekdatabyte(start));
352 if(sys.argv[1]=="peek"):
355 start=int(sys.argv[2],16);
358 stop=int(sys.argv[3],16);
359 print "Peeking from %04x to %04x." % (start,stop);
361 print "%04x: %02x" % (start,client.CCpeekirambyte(start));
363 if(sys.argv[1]=="verify"):
368 start=int(sys.argv[3],16);
370 stop=int(sys.argv[4],16);
373 for i in h._buf.keys():
374 if(i>=start and i<stop):
375 peek=client.CCpeekcodebyte(i)
377 print "ERROR at %04x, found %02x not %02x"%(i,peek,h[i]);
380 if(sys.argv[1]=="peekcode"):
383 start=int(sys.argv[2],16);
386 stop=int(sys.argv[3],16);
387 print "Peeking from %04x to %04x." % (start,stop);
389 print "%04x: %02x" % (start,client.CCpeekcodebyte(start));
391 if(sys.argv[1]=="pokedata"):
395 start=int(sys.argv[2],16);
397 val=int(sys.argv[3],16);
398 print "Poking %04x to become %02x." % (start,val);
399 client.CCpokedatabyte(start,val);