Chime Transmitter

1. ;-------------------------------------------------------------------------------
2. ; Transmitter.S - ATtiny85 dual sensor gate buzzer/doorbell transmitter
3. ;-------------------------------------------------------------------------------
4. ;
5. ; Author: Daniel Neville (creamygoat@gmail.com)
6. ; Date: 19 December 2014
7. ; Licence: Public domain
8. ; Version: 1.0
9. ;
10. ; This transmitter reports the combined status of its two sensor inputs to
11. ; one or more receivers which have been taught the secret AES-CMAC key by
12. ; the transmitter.
13. ;
14. ; In addition to the state of the sensors, a pair of sound indices, one for
15. ; each sensor, is transmitted with the state. Thus the user can know which
16. ; sensor is activated or deactivated. The transmitter's Sound Select buttons,
17. ; one for each sensor, allow the user to cycle through the available sounds
18. ; to be associated with that sensor.
19. ;
20. ; The transmission of the secret key is protected by a shared key unless the
21. ; self-timer is activated with a long press of the Teach button. (This is
22. ; useful if the shared key in EEPROM is corrupted.)
23. ;
24. ; By default, sensors with normally closed contacts are assumed. A long press
25. ; of a Sound Select button inverts the sense of the contacts for the sensor
26. ; associated with that button so that sensors with normally open contacts may
27. ; be used.
28. ;
29. ; A very long press of a Sound Select button activates Pinging Mode to assist
30. ; with the estimation of the transmitter's range. Pinging Mode stops when a
31. ; button is pressed or after ten minutes of pinging.
32. ;
33. ; The transmitter harvests entropy from the timing of changes of button and
34. ; sensor states, slowly mutating random data both in EEPROM and in SRAM.
35. ; This data is used to generate the secret AES-CMAC key and the lower 12
36. ; bits of the transmitter's serial number when the Teach button is pressed.
37. ; Further randomisation of the secret key for successive Teach transmissions
38. ; is suppressed until a Sound Select button is pressed or the power is
39. ; disconnected.
40. ;
41. ; The 128 bit (super-secret) shared key used to protect the secret AES-CMAC key
42. ; transfer to one or more chimes in Learn Mode is stored in EEPROM at addresses
43. ; 2 to 17 inclusive. The rest of the EEPROM need not be initalised to any
44. ; particular value.
45. ;
46. ; Weak pullups are provided on the sensor inputs.
47. ;
48. ; PIN ASSIGNMENT
49. ; ____
50. ; ~RESET 1| AT |8 Vcc
51. ; SENSOR1 2|tiny|7 ADCBUTTONS
52. ; SENSOR2 3| 85 |6 ACTIVITYLED
53. ; GND 4|____|5 RADIOTX
54. ;
55. ; ADC BUTTON WIRING
56. ;
57. ; Vcc -----*---------------------------
58. ; |
59. ; R4 [ ]
60. ; |
61. ; *---------*---------*------> ADCBUTTONS
62. ; | | |
63. ; R3 [ ] R2 [ ] R1 [ ]
64. ; | | | R1 = 6.8k ohms
65. ; | o | o | o R2 = 1.8k ohms
66. ; TEACH [| SS2 [| SS1 [| R3 = 220 ohms
67. ; | o | o | o R4 = 3.0k ohms or 3.3k ohms
68. ; | | |
69. ; GND -----*---------*---------*------
70. ;
71. ;
72. ; BUTTON FUNCTIONS
73. ;
74. ; Button Label Press Action
75. ;
76. ; TEACH TEACH/DELAYED Short Generate a new secret key and transmit the
77. ; key to one or more chimes in Learn Mode.
78. ; The secret key is encrypted with the fixed,
79. ; super-secret shared key.
80. ;
81. ; Long Generate and transmit without encryption
82. ; a new secret key after about ten seconds.
83. ; The activity LED will flash in the manner
84. ; of a camera's self timer.
85. ;
86. ; SS1 SOUND1/INVERT1 Short Select the next sound (or set of sounds)
87. ; for the primary sensor. Some sound sets
88. ; include activation, deactivation and
89. ; prolonged activation reminder sounds.
90. ; Others have just an activation sound.
91. ;
92. ; Long Switch between normally open or normally
93. ; closed contacts for the primary sensor.
94. ;
95. ; Extended Activate pinging mode to assist with
96. ; radio range estimation.
97. ;
98. ; SS2 SOUND2/INVERT2 Short Select the next sound (or set of sounds)
99. ; for the secondary sensor.
100. ;
101. ; Long Switch between normally open or normally
102. ; closed contacts for the secondary sensor.
103. ;
104. ; Extended Activate pinging mode to assist with
105. ; radio range estimation.
106. ;
107. ; TRANSMITTED MESSAGES
108. ; _ _
109. ; The data is Manchester encoded so that 0 = |_ and 1 = _| . The leader pulses
110. ; prime the automatic gain control of the receiver and the Manchester-violating
111. ; synchronisation pattern low 3, high 3, low 1 appended with a Manchester
112. ; encoded 1 indicates the beginning of data. Each data byte is transmitted
113. ; MSB first and with a following parity bit so that the parity of all nine bits
114. ; is even. There is no special data terminator: The receiver stops listening
115. ; once the middle of the last Manchester encoded bit (a parity bit) is received
116. ; and the transmission level can be held low the instant the last encoded bit
117. ; is sent.
118. ;
119. ; _ _ _ ___ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
120. ; ..._| |_| |_| |___| |__| :_|_:_|_:_|_:_|_:_|_:_|_:_|_:_|_:_|_:_|_:_|_:...
121. ; Leader | Synch | 7 6 5 4 3 2 1 0 P | 7 6
122. ; | | First byte and even parity bit |
123. ;
124. ; Command message (14 bytes):
125. ; Serial number (4 bytes, big-endian)
126. ; Sequence number (4 bytes, big-endian)
127. ; Command (1 byte)
128. ; Parameter (1 byte)
129. ; CMAC (first 4 bytes of the chained cipher in column-major format)
130. ;
131. ; Commands:
132. ; Command Parameter
133. ; 000000vu jjjjiiii Sensor states u & v, sound sets i & j
134. ; 000001qz 0000iiii Sound test for sensor q in state z, sound set i
135. ; 000010qx 000000kk Special sound k for sensor q
136. ; k = 0 for +sense, 1 for -sense, 2 for ping
137. ;
138. ; Teach message (28 bytes):
139. ; Serial number (4 bytes, big-endian)
140. ; Sequence number (4 bytes, big-endian)
141. ; Auxiliary data (2 bytes) - bit 0 of the 2nd byte set => key is unencrypted
142. ; CMAC Key (16 bytes, column major)
143. ; CRC-CCITT (2 bytes, big-endian so that the CRC of all 28 bytes is zero.)
144. ;
145. ; EXAMPLE EEPROM IMAGE
146. ;
147. /*
148. :200000002FFF337C8BE33D17576A5F7D06C8FF7677BABC1A0000FFFFB68BEB75C758988D77
149. :200020002469350721BCFB2FDC0C8C273C16DD4A1150C91A6CBB33AB6F2172C965085C827D
150. :20004000E158A879C609FB9FCEB98FBB7CE90DB17EFF9C5477DEE447AF92F534995D0C810F
151. :200060001C1DC1F84F584982777777777777777777777777777777777777777777777777F4
152. :20008000777777777777777777777777777777777777777777777777777777777777777780
153. :2000A0007777777777777777777777777777777777777777777777771100000011000000F6
154. :2000C000110000001100000011000000110000001100000011000000110000001100000098
155. :2000E000110000001100000011000000110000001100000011000000110000001100000078
156. :20010000110000001100000011000000110000001100000011000000110000001100000057
157. :20012000110000001100000011000000110000001100000011000000110000001100000037
158. :20014000110000001100000011000000110000001100000011000000110000001100000017
159. :200160001100000011000000110000001100000011000000110000001100000011000000F7
160. :200180001100000011000000110000001100000011000000110000001100000011000000D7
161. :2001A0001100000011000000110000001100000011000000110000001100000011000000B7
162. :2001C000110000001100000011000000110000001100000011000000110000001100000097
163. :2001E000110000001100000011000000110000001100000011000000FFFFFFFFFFFFFFFFA1
164. :00000001FF
165. */
166. ;
167. ;-------------------------------------------------------------------------------
168. ; Notes
169. ;-------------------------------------------------------------------------------
170. ;
171. ; Fuses:
172. ; Low fuse: 0xe2 (4:SUT0, 3-0:CKSEL=8MHz)
173. ; High fuse: 0xdf (5:SPIEN) 0xd7 (6:SPIEN, 3:EESAVE)
174. ; Extended fuse: 0xff
175. ;
176. ; Fuse programming
177. ; avrdude -p t85 -c usbasp -U lfuse:w:0xe2:m
178. ; avrdude -p t85 -c usbasp -U hfuse:w:0xd7:m
179. ; avrdude -p t85 -c usbasp -U efuse:w:0xfe:m
180. ;
181. ; Compiling, inspecting and programming:
182. ;
183. ; avr-gcc -mmcu=attiny85 -o Transmitter.o Transmitter.S
184. ; avr-objdump -C -d Transmitter.o
185. ; avr-ld -o Transmitter.elf Transmitter.o
186. ; avr-objcopy -O ihex Transmitter.elf Transmitter.hex
187. ; avrdude -p t85 -c usbasp -U flash:w:Transmitter.hex:i
188. ; avrdude -p t85 -c usbasp -U eeprom:w:Transmitter.eep:i
189. ;
190. ; Key generation:
191. ;
192. ; head </dev/random -c 16|hexdump -v -e '/1 "%02X"'; echo
193. ;
194. ;-------------------------------------------------------------------------------
195.  
196.  
197. ; Imports
198. ; Exports
199. ; Constants
200. ; Structures
201. ; EEPROM addresses
202. ; Macros
203. ;
204. ; Interrupt handlers
205. ;
206. ; Basic routines
207. ; Xor16B
208. ; Copy16B
209. ; Copy8B
210. ; DelayNCycles
211. ; Delay10Cycles
212. ; Delay8Cycles
213. ; CalculateCRC_CCITT
214. ; DebounceSensor
215. ;
216. ; EEPROM routines
217. ; ReadEEPROMByte
218. ; ReadEEPROMBlock
219. ; WriteEEPROMByte
220. ; WriteEEPROMBlock
221. ;
222. ; AES routines
223. ; AES_SubstituteAndShift
224. ; AES_MixColumn
225. ; AES_AdvanceRoundKey
226. ; AES_AdvanceCMACSubKey
227. ; AES_Encrypt
228. ;
229. ; Application routines
230. ; FindCurrentEWLDataSlot
231. ; LazilyUpdateEWLData
232. ; FullyUpdateEWLData
233. ; MutateRandomData
234. ; RandomiseCMACKey
235. ; BuildTeachMessage
236. ;
237. ; Initialisation
238. ; InitialiseRegisterConstants
239. ; InitialiseHardware
240. ; ClearGlobals
241. ; LoadEverythingFromEEPROM
242. ;
243. ; main
244. ; main_Loop
245. ; main_Synchronise
246. ; main_Update32kHzCounter
247. ; main_UpdateTransmitPin
248. ; main_TimeShare32By8
249. ; main_T0_TransmitPacket
250. ; main_TxState_Idle
251. ; main_TxState_Begin
252. ; main_TxState_Sync
253. ; main_TxState_Data
254. ; main_TxState_Data_Bit
255. ; main_TxState_Data_Parity
256. ; main_TxState_Data_ModulateBit
257. ; main_TxState_Terminator
258. ; main_TxState_Rest
259. ; main_Tx_BufferMarkSpace
260. ; main_T1_Authentication
261. ; main_AES_Mixcolumn
262. ; main_AES_SubAndShift
263. ; main_AES_AddRoundKey
264. ; main_AES_AdvanceRoundKey
265. ; main_AES_AdvanceRoundKey_RudeEntryForRound10
266. ; main_AES_StartEncryption
267. ; main_AES_IdleOrStartAES
268. ; main_AES_Idle
269. ; main_Auth_Idle
270. ; main_Auth_CmdMsg_XorK2
271. ; main_Auth_CmdMsg_LoadK
272. ; main_Auth_K2_Begin
273. ; main_Auth_K2_Clear
274. ; main_AES_Finished
275. ; main_Auth_K2_GenK1
276. ; main_Auth_K2_GenK2
277. ; main_Auth_End
278. ; main_Auth_CmdMsg_Begin
279. ; main_Auth_CmdMsg_WriteCMAC
280. ; main_Copy16BAndLoop
281. ; main_T2_TeachAndSoundSelectTasks
282. ; main_T2_TASSTasks_T0_ADCInputAndTASSTimers
283. ; main_T2_TASSTasks_T1_ButtonLogic
284. ; main_T2_TASSTasks_T2_SaveAndTransmit
285. ; main_T2_TASSTasks_T3
286. ; main_T3_SensorInputConditioningAndEntropyHarvesting
287. ; main_T4_SensorStateTxBurstsAndEWLUpdates
288. ; main_T5_RefreshEEPROM
289. ; main_T6
290. ; main_T7
291. ;
292. ; Data in program memory
293. ;
294. ; PM_AES_SBox
295. ;
296. ; Globals in SRAM
297. ; TxRunLengthsRingBuffer
298. ; AES_Matrix_M
299. ; AES_Matrix_K
300. ; AES_Matrix_W
301. ; AuthenticationData
302. ; EWLState
303. ; EntropyHarvester
304.  
305.  
306. ;-------------------------------------------------------------------------------
307. ; Imports
308. ;-------------------------------------------------------------------------------
309.  
310.  
311. #include <avr/common.h>
312. #include <avr/io.h>
313.  
314.  
315. ;-------------------------------------------------------------------------------
316. ; Exports
317. ;-------------------------------------------------------------------------------
318.  
319.  
320. .global main
321. .global __vector_default
322.  
323.  
324. ;-------------------------------------------------------------------------------
325. ; Constants
326. ;-------------------------------------------------------------------------------
327.  
328.  
329. ; Inputs and outputs
330. OUTPUT_BIT_RADIO = 0
331. OUTPUT_BIT_ACTIVITY_LED = 1
332. INPUT_BIT_BUTTONS = 2
333. INPUT_BIT_PRIMARY_SENSOR = 3
334. INPUT_BIT_SECONDARY_SENSOR = 4
335. BUTTONS_DIGITAL_INPUT_DISABLE_BIT = ADC1D; ADC1 is on Port B bit 2 (pin 7).
336. BUTTONS_ADC_MUX_SELECTOR = 0b0001 ; 00xx = ADCn in single-ended mode.
337.  
338. ; Sensor debounce times in quarter-milliseconds, up to 127 (31.75ms)
339. SENSOR_DB_DELAY_CONTACTS_CLOSED = 234 ; 60ms
340. SENSOR_DB_DELAY_CONTACTS_OPEN = 156 ; 40ms
341. ; Button debounce times in milliseconds, up to 255 (0.255 seconds)
342. BUTTON_DB_DELAY_ADC = 65 ; 65ms
343.  
344. ; Teach and Sound Select times in multiples of 64 milliseconds
345. TEACH_BUTTON_LONG_PRESS_TIME = 31 ; 2 seconds
346. SOUND_SELECT_BUTTON_LONG_PRESS_TIME = 47 ; 3 seconds
347. SOUND_SELECT_BUTTON_VERY_LONG_PRESS_TIME = 125 ; 8 seconds
348. ACTIVATION_SOUND_TO_DEACTIVATION_SOUND_DELAY = 31 ; 2 seconds
349. SENSE_INVERSION_DELAY = 23 ; 1.5 seconds
350. PING_START_DELAY = 16 ; 1 second
351. PING_INTERVAL_DOUBLED = 125 ; 8 seconds (a ping every 4 seconds)
352.  
353. ; Transmitter signal timing in 32kHz ticks
354. TX_TIME_UNIT = 4 ; Minimum is 4, good for 8000 baud
355. TX_RLB_REST_TIME = 240; Last entry to put in the run length buffer
356. TX_TASK_REST_TIME = 200; 50ms in 4kHz ticks
357. TX_NUMBER_OF_LEADER_PULSES = 24
358.  
359. ; Ring buffer for run lengths of the transmit pin state
360. TX_RING_BUFFER_INDEX_BITS = 4
361. TX_RING_BUFFER_INDEX_RANGE = 1 << TX_RING_BUFFER_INDEX_BITS
362. TX_RING_BUFFER_INDEX_MASK = TX_RING_BUFFER_INDEX_RANGE - 1
363.  
364. ; Transmitter state
365. TX_STATE_IDLE = 0
366. TX_STATE_BEGIN = 1
367. TX_STATE_SYNC = 2
368. TX_STATE_DATA = 3
369. TX_STATE_TERMINATOR = 4
370. TX_STATE_REST = 5
371.  
372. ; State for AES-CMAC message authenticator
373. AUTH_STATE_IDLE = 0
374. AUTH_STATE_CMDMSG_BEGIN = 1
375. AUTH_STATE_CMDMSG_LOAD_K = 2
376. AUTH_STATE_CMDMSG_XOR_K2 = 3
377. AUTH_STATE_CMDMSG_CMAC = 4
378. AUTH_STATE_K2_BEGIN = 5
379. AUTH_STATE_K2_CLEAR = 6
380. AUTH_STATE_K2_GEN_K1 = 7
381. AUTH_STATE_K2_GEN_K2 = 8
382.  
383. ; Important states for AES encrpytion
384. AES_STATE_IDLE = 0xFF
385. AES_STATE_BEGIN = 0xA2
386. AES_STATE_FINISHED = 0x00
387.  
388. ; Task flag bits, set 1
389. bTASK1_SEND_CMD_MESSAGE = 0
390. bTASK1_SEND_TEACH_MESSAGE = 1
391. bTASK1_SAVE_SOUND_INDICES = 2
392. bTASK1_SEND_PRIMARY_SOUND_A = 4
393. bTASK1_SEND_PRIMARY_SOUND_B = 5
394. bTASK1_SEND_SECONDARY_SOUND_A = 6
395. bTASK1_SEND_SECONDARY_SOUND_B = 7
396.  
397. ; Task flag masks, set 1
398. mTASK1_SEND_CMD_MESSAGE = 1 << bTASK1_SEND_CMD_MESSAGE
399. mTASK1_SEND_TEACH_MESSAGE = 1 << bTASK1_SEND_TEACH_MESSAGE
400. mTASK1_SAVE_SOUND_INDICES = 1 << bTASK1_SAVE_SOUND_INDICES
401. mTASK1_SEND_PRIMARY_SOUND_A = 1 << bTASK1_SEND_PRIMARY_SOUND_A
402. mTASK1_SEND_PRIMARY_SOUND_B = 1 << bTASK1_SEND_PRIMARY_SOUND_B
403. mTASK1_SEND_SECONDARY_SOUND_A = 1 << bTASK1_SEND_SECONDARY_SOUND_A
404. mTASK1_SEND_SECONDARY_SOUND_B = 1 << bTASK1_SEND_SECONDARY_SOUND_B
405.  
406. ; Task flag bits, set 2
407. bTASK2_SEND_PRIMARY_SENSE_NORMAL = 0
408. bTASK2_SEND_PRIMARY_SENSE_INVERTED = 1
409. bTASK2_SEND_SECONDARY_SENSE_NORMAL = 2
410. bTASK2_SEND_SECONDARY_SENSE_INVERTED = 3
411. bTASK2_SAVE_SENSOR_ACTIVATION_SENSES = 4
412. bTASK2_SEND_PING = 5
413.  
414. ; Task flag masks, set 2
415. mTASK2_SEND_PRIMARY_SENSE_NORMAL = 1 << bTASK2_SEND_PRIMARY_SENSE_NORMAL
416. mTASK2_SEND_PRIMARY_SENSE_INVERTED = 1 << bTASK2_SEND_PRIMARY_SENSE_INVERTED
417. mTASK2_SEND_SECONDARY_SENSE_NORMAL = 1 << bTASK2_SEND_SECONDARY_SENSE_NORMAL
418. mTASK2_SEND_SECONDARY_SENSE_INVERTED = 1 << bTASK2_SEND_SECONDARY_SENSE_INVERTED
419. mTASK2_SAVE_SENSOR_ACTIVATION_SENSES = 1 << bTASK2_SAVE_SENSOR_ACTIVATION_SENSES
420. mTASK2_SEND_PING = 1 << bTASK2_SEND_PING
421.  
422. ; Slow clock bits
423. bCLOCK_CMD_MSG_BURST = 0
424. bCLOCK_TASS = 1
425. bCLOCK_EEPROM_REFRESH = 2
426.  
427. ; Teach and Sound Select states
428. TASS_STATE_IDLE = 0
429. TASS_STATE_TEACH_PRESSED = 1
430. TASS_STATE_TEACH_LONG_PRESSED = 2
431. TASS_STATE_DELAYED_TEACH = 3
432. TASS_STATE_SILLY_WALK_FOR_PING = 4
433. TASS_STATE_PINGING = 5
434. TASS_STATE_WAIT_FOR_RELEASE = 6
435.  
436. ; Entropy harvesting data mutation
437. ; 6 bits for the mutation index is the minimum needed to maintain the purity
438. ; of the CMAC key and to provide auxiliary random data.
439. EH_MUTATION_INDEX_BITS = 6
440. EH_MUTATION_INDEX_RANGE = 1 << EH_MUTATION_INDEX_BITS
441. EH_MUTATION_INDEX_MASK = EH_MUTATION_INDEX_RANGE - 1
442. EH_MUTATION_INDEX_ADVANCE = 23
443. EH_AUX_RANDOM_DATA_START_INDEX = 32 ; Clear of the CMAC stuff.
444. EH_UPDATE_INDEX_ADVANCE = 1
445. EH_UPDATE_COUNTER_BITS = 1
446.  
447. ; EEPROM wear levelling
448. EWL_COUNTS_BETWEEN_WRITES = 8
449. EWL_INDEX_RANGE = 80
450. EWL_DATA_SLOT_SIZE = 4
451. EWL_DATA_RING_SIZE = EWL_INDEX_RANGE * EWL_DATA_SLOT_SIZE
452.  
453.  
454. ;-------------------------------------------------------------------------------
455. ; Structures
456. ;-------------------------------------------------------------------------------
457.  
458.  
459. ; Command message (big endian)
460. CmdMsg_SerialNumber = 0
461. CmdMsg_SequenceNumber = 4
462. CmdMsg_Command = 8
463. CmdMsg_Parameter = 9
464. CmdMsg_CMAC = 10
465. CmdMsgSize = 14
466.  
467. ; Teach message (big-endian)
468. TeachMsg_SerialNumber = 0
469. TeachMsg_SequenceNumber = 4
470. TeachMsg_AuxData = 8
471. TeachMsg_EncryptedCMACKey = 10
472. TeachMsg_MessageCRC = 26
473. TeachMsgSize = 28
474.  
475. ; Packet size constants
476. TX_COMMAND_PACKET_LENGTH = CmdMsgSize
477. TX_TEACH_PACKET_LENGTH = TeachMsgSize
478. .ifgt TX_TEACH_PACKET_LENGTH - TX_COMMAND_PACKET_LENGTH
479. TX_MAX_PACKET_LENGTH = TeachMsgSize
480. .else
481. TX_MAX_PACKET_LENGTH = CmdMsgSize
482. .endif
483.  
484.  
485. ; Transmit run length buffer state
486. TxBit_HeadIx = 0
487. TxBit_TailIx = 1
488. TxBitSize = 2
489.  
490. ;Transmitter
491. Tx_State = 0
492. Tx_Counter = 1
493. Tx_NumBytesSent = 2
494. Tx_NumBytesToSend = 3
495. Tx_Parity = 4
496. Tx_ShiftRegister = 5
497. Tx_TxBit = 6
498. Tx_Data = Tx_TxBit + TxBitSize
499. TxSize = Tx_Data + TX_MAX_PACKET_LENGTH
500.  
501. ; EEPROM wear levelling state (kept in SRAM)
502. EWLS_SlotIndex = 0
503. EWLS_SlotValue = 1
504. EWLS_UpdateCountdown = 2
505. EWLS_NumBytesToWrite = 3
506. EWLS_NewSequenceNumber = 4
507. EWLSSize = 8
508.  
509. ; Entropy harvester
510. EH_MutationIndex = 0
511. EH_MutationCounter = 1
512. EH_EEPROMUpdateIndex = 2
513. EH_EEPROMUpdatePending = 3
514. EH_RandomData = 4
515. EHSize = EH_RandomData + EH_MUTATION_INDEX_RANGE
516.  
517. ; Authentication data
518. AD_SerialNumber = 0
519. AD_SequenceNumber = 4
520. AD_CMACKey = 8
521. AD_CMACSubkeyK2 = 24
522. AD_HaveK2 = 40
523. ADSize = 41
524.  
525. ; Analogue to Digital Converter buttons
526. ADCB_MutexState = 0
527. ADCB_State = 1
528. ADCB_ProvisionalState = 2
529. ADCB_AcceptanceCountdown = 3
530. ADCBSize = 4
531.  
532. ; Teach and sound select buttons
533. TASS_TeachOrPingState = 0
534. TASS_LastButtonsState = 1
535. TASS_LongPressCountdown = 2
536. TASS_NewSensorActivationSenses = 3
537. TASS_Sensor1InversionCountdown = 4
538. TASS_Sensor2InversionCountdown = 5
539. TASS_SS1LongPressCountdown = 6
540. TASS_SS2LongPressCountdown = 7
541. TASS_PrimarySoundTestCountdown = 8
542. TASS_SecondarySoundTestCountdown = 9
543. TASS_NumTeachMessagesToSend = 10
544. TASS_SuppressKeyRandomisation = 11
545. TASS_SuppressKeyEncryption = 12
546. TASS_NumPingsToSend = 13
547. TASS_PingIntervalCountdown = 14
548. TASSSize = 15
549.  
550. ; Globals
551. G_CurrentTimer0Match = 0
552. G_SlowClocks = 1
553. G_SoundIndices = 2
554. G_SensorActivationSenses = 3
555. G_TaskFlags1 = 4
556. G_TaskFlags2 = 5
557. G_PrimarySensorIntegral = 6
558. G_SecondarySensorIntegral = 7
559. G_SensorsState = 8
560. G_TransmittedSensorsState = 9
561. G_AuthenticationState = 10
562. G_AESState = 11
563. G_AESRoundConstantByte = 12
564. G_LastADCButtonsState = 13
565. G_CmdTxDelayRandomByte = 14
566. G_CmdTxNumRepeatsToSend = 15
567. G_CmdTxRepeatSchedule = 16
568. G_EEPROMRefreshCounter = G_CmdTxRepeatSchedule + 8
569. G_ADCButtons = G_EEPROMRefreshCounter + 2
570. G_EWLState = G_ADCButtons + ADCBSize
571. G_Transmitter = G_EWLState + EWLSSize
572. GSize = G_Transmitter + TxSize
573.  
574.  
575. ;-------------------------------------------------------------------------------
576. ; EEPROM addresses
577. ;-------------------------------------------------------------------------------
578.  
579.  
580. EEPROM_InvSoundIndices = 0
581. EEPROM_SensorActivationSenses = 1
582. EEPROM_SharedKey = 2
583. EEPROM_SerialNumber = 18
584. EEPROM_CMACKey = 24
585. EEPROM_RandomData = 40
586. EEPROM_EWLStatusRing = EEPROM_RandomData + EH_MUTATION_INDEX_RANGE
587. EEPROM_EWLDataRing = EEPROM_EWLStatusRing + EWL_INDEX_RANGE
588. EEPROM_EWLDataRingEnd = EEPROM_EWLDataRing + EWL_DATA_RING_SIZE
589. EEPROM_End = EEPROM_EWLDataRingEnd
590.  
591.  
592. .ifgt EEPROM_End - 512
593. .error "There is not enough space in the EEPROM."
594. .endif
595.  
596.  
597. ;-------------------------------------------------------------------------------
598. ; Macros
599. ;-------------------------------------------------------------------------------
600.  
601.  
602. ; Conditional execution of the following one-word instruction
603.  
604. .macro ifcc
605. brcs . + 2
606. .endm
607. .macro ifcs
608. brcc . + 2
609. .endm
610. .macro ifne
611. breq . + 2
612. .endm
613. .macro ifeq
614. brne . + 2
615. .endm
616. .macro ifpl
617. brmi . + 2
618. .endm
619. .macro ifmi
620. brpl . + 2
621. .endm
622. .macro ifvc
623. brvs . + 2
624. .endm
625. .macro ifvs
626. brvc . + 2
627. .endm
628. .macro iflt
629. brge . + 2
630. .endm
631. .macro ifge
632. brlt . + 2
633. .endm
634. .macro ifhc
635. brhs . + 2
636. .endm
637. .macro ifhs
638. brhc . + 2
639. .endm
640. .macro iftc
641. brts . + 2
642. .endm
643. .macro ifts
644. brtc . + 2
645. .endm
646. .macro ifid
647. brie . + 2
648. .endm
649. .macro ifie
650. brid . + 2
651. .endm
652. .macro iflo
653. brsh . + 2
654. .endm
655. .macro ifsh
656. brlo . + 2
657. .endm
658. .macro ifbs
659. brbc . + 2
660. .endm
661. .macro ifbc
662. brbs . + 2
663. .endm
664.  
665.  
666. ;-------------------------------------------------------------------------------
667.  
668.  
669. ; Positive-sense register and I/O bit tests
670.  
671. .macro ifbrc a:req, b:req
672. sbrs \a, \b
673. .endm
674. .macro ifbrs a:req, b:req
675. sbrc \a, \b
676. .endm
677. .macro ifbic a:req, b:req
678. sbis \a, \b
679. .endm
680. .macro ifbis a:req, b:req
681. sbic \a, \b
682. .endm
683.  
684.  
685. ;-------------------------------------------------------------------------------
686.  
687.  
688. ; Load high & low 8-bit registers with one 16-bit word
689.  
690. .macro ldhl a:req, b:req, c:req
691. ldi \b, lo8(\c)
692. ldi \a, hi8(\c)
693. .endm
694.  
695.  
696. ;-------------------------------------------------------------------------------
697.  
698.  
699. ; Load immediate word
700.  
701. .macro ldiw a:req, b:req
702. .ifc \a, r17:r16
703. ldhl r17, r16, \b
704. .else
705. .ifc \a, r19:r18
706. ldhl r19, r18, \b
707. .else
708. .ifc \a, r21:r20
709. ldhl r21, r20, \b
710. .else
711. .ifc \a, r23:r22
712. ldhl r23, r22, \b
713. .else
714. .ifc \a, r25:r24
715. ldhl r25, r24, \b
716. .else
717. .ifc \a, r27:r26
718. ldhl XH, XL, \b
719. .else
720. .ifc \a, r29:r28
721. ldhl YH, YL, \b
722. .else
723. .ifc \a, r31:r30
724. ldhl ZH, ZL, \b
725. .else
726. .ifc \a, X
727. ldhl XH, XL, \b
728. .else
729. .ifc \a, Y
730. ldhl YH, YL, \b
731. .else
732. .ifc \a, Z
733. ldhl ZH, ZL, \b
734. .else
735. .error "Expected LDIW R, x where R is X, Y, Z or a register pair."
736. .endif
737. .endif
738. .endif
739. .endif
740. .endif
741. .endif
742. .endif
743. .endif
744. .endif
745. .endif
746. .endif
747. .endm
748.  
749.  
750. ;-------------------------------------------------------------------------------
751. .section .text
752. ;-------------------------------------------------------------------------------
753.  
754. ;-------------------------------------------------------------------------------
755. ; Interrupt handlers
756. ;-------------------------------------------------------------------------------
757.  
758.  
759. __vector_default:
760.  
761. reti
762.  
763.  
764. ;-------------------------------------------------------------------------------
765. ; Basic routines
766. ;-------------------------------------------------------------------------------
767.  
768.  
769. Xor16B:
770. ; In: Z = key
771. ; X = state
772.  
773. ld r0, X
774. ldd r7, Z + 0
775. eor r0, r7
776. st X+, r0
777. ld r0, X
778. ldd r7, Z + 1
779. eor r0, r7
780. st X+, r0
781. ld r0, X
782. ldd r7, Z + 2
783. eor r0, r7
784. st X+, r0
785. ld r0, X
786. ldd r7, Z + 3
787. eor r0, r7
788. st X+, r0
789. ld r0, X
790. ldd r7, Z + 4
791. eor r0, r7
792. st X+, r0
793. ld r0, X
794. ldd r7, Z + 5
795. eor r0, r7
796. st X+, r0
797. ld r0, X
798. ldd r7, Z + 6
799. eor r0, r7
800. st X+, r0
801. ld r0, X
802. ldd r7, Z + 7
803. eor r0, r7
804. st X+, r0
805. ld r0, X
806. ldd r7, Z + 8
807. eor r0, r7
808. st X+, r0
809. ld r0, X
810. ldd r7, Z + 9
811. eor r0, r7
812. st X+, r0
813. ld r0, X
814. ldd r7, Z + 10
815. eor r0, r7
816. st X+, r0
817. ld r0, X
818. ldd r7, Z + 11
819. eor r0, r7
820. st X+, r0
821. ld r0, X
822. ldd r7, Z + 12
823. eor r0, r7
824. st X+, r0
825. ld r0, X
826. ldd r7, Z + 13
827. eor r0, r7
828. st X+, r0
829. ld r0, X
830. ldd r7, Z + 14
831. eor r0, r7
832. st X+, r0
833. ld r0, X
834. ldd r7, Z + 15
835. eor r0, r7
836. st X+, r0
837. ; 112 cycles
838. ret
839.  
840.  
841. ;-------------------------------------------------------------------------------
842.  
843.  
844. Copy16B:
845. ; In: Z = source
846. ; X = destination
847.  
848. 1: ld r0, Z+
849. st X+, r0
850. ld r0, Z+
851. st X+, r0
852. ld r0, Z+
853. st X+, r0
854. ld r0, Z+
855. st X+, r0
856. ld r0, Z+
857. st X+, r0
858. ld r0, Z+
859. st X+, r0
860. ld r0, Z+
861. st X+, r0
862. ld r0, Z+
863. st X+, r0
864. Copy8B:
865. com r1
866. brne 1b
867. ; 2(35)-1 = 69 cycles
868. ret
869.  
870.  
871. ;-------------------------------------------------------------------------------
872.  
873.  
874. DelayNCycles:
875. ; In: r24 = Number of cycles to delay, including the time taken to call
876. ; A precise delay is possible for 28..255 cycles. 15 cycles is the minimum.
877.  
878. cpi r24, 28
879. brcc 3f
880. cpi r24, 16
881. brcs 2f
882. subi r24, 12
883. nop
884. lsr r24
885. lsr r24
886. 1: nop
887. dec r24
888. brne 1b
889. ret
890. 2: nop
891. nop
892. ret
893. 3: subi r24, 24
894. mov r22, r24
895. com r22
896. andi r22, 3
897. lsr r24
898. lsr r24
899. ldiw Z, 4f
900. lsr ZH
901. ror ZL
902. add ZL, r22
903. adc ZH, r1
904. ijmp
905. 4: nop
906. nop
907. nop
908. 5: nop
909. dec r24
910. brne 5b
911. ret
912.  
913.  
914. ;-------------------------------------------------------------------------------
915.  
916.  
917. Delay10Cycles:
918.  
919. nop
920. nop
921.  
922. Delay8Cycles:
923.  
924. ret
925.  
926.  
927. ;-------------------------------------------------------------------------------
928.  
929.  
930. DebounceSensor:
931. ; In: r24: Debounce state (0: released, 1..254: uncertain 255: pressed)
932. ; r22: Raw input (0: released, 1..255: pressed)
933. ; Out: r24: Updated debounce state to use in Schmitt trigger logic
934.  
935. tst r22
936. breq 1f
937. nop
938. cpi r24, 255 - SENSOR_DB_DELAY_CONTACTS_CLOSED
939. ifcs
940. ldi r24, 255 - SENSOR_DB_DELAY_CONTACTS_CLOSED
941. add r24, r2
942. sbc r24, r1
943. ret
944. 1: cpi r24, SENSOR_DB_DELAY_CONTACTS_OPEN
945. ifcc
946. ldi r24, SENSOR_DB_DELAY_CONTACTS_OPEN
947. sub r24, r2
948. adc r24, r1
949. 4: ret
950.  
951. ; 16 cycles, including call
952.  
953.  
954. ;-------------------------------------------------------------------------------
955.  
956.  
957. CalculateCRC_CCITT:
958. ; In: X = Data to checksum
959. ; r17:r16 = number of bytes
960. ; Out: X = End of data
961. ; r17:r16 = CRC
962. ; If the resulting 16-bit checksum is appended to the data high-byte first,
963. ; the CRC of augmented data will be zero.
964.  
965. clr r7
966. inc r7
967. mov r8, r16
968. mov r9, r17
969. ser r16
970. ser r17
971. ldi r18, 0x21
972. ldi r19, 0x10
973. 1: ld r0, X+
974. eor r17, r0
975. com r1
976. 2: lsl r16
977. rol r17
978. brcc 3f
979. eor r16, r18
980. eor r17, r19
981. 3: lsr r1
982. brne 2b
983. sub r8, r7
984. sbc r9, r1
985. brne 1b
986. ret
987.  
988.  
989. ;-------------------------------------------------------------------------------
990. ; EEPROM routines
991. ;-------------------------------------------------------------------------------
992.  
993.  
994. ReadEEPROMByte:
995. ; In: X = address in EEPROM
996. ; Out: r0 = byte
997.  
998. sbic _SFR_IO_ADDR(EECR), EEPE
999. rjmp . - 4
1000. out _SFR_IO_ADDR(EEARH), XH
1001. out _SFR_IO_ADDR(EEARL), XL
1002. sbi _SFR_IO_ADDR(EECR), EERE
1003. in r0, _SFR_IO_ADDR(EEDR)
1004. ret
1005.  
1006. ; 18 cycles including call and 4 cycle CPU halt, if EEPROM was ready
1007.  
1008.  
1009. ;-------------------------------------------------------------------------------
1010.  
1011.  
1012. ReadEEPROMBlock:
1013. ; In: X = source in EEPROM
1014. ; Z = destination in SRAM
1015. ; r16 = number of bytes to read
1016. tst r16
1017. breq 2f
1018. 1: rcall ReadEEPROMByte
1019. adiw XL, 1
1020. st Z+, r0
1021. dec r16
1022. brne 1b
1023. 2: ret
1024.  
1025.  
1026. ;-------------------------------------------------------------------------------
1027.  
1028.  
1029. WriteEEPROMByte:
1030. ; In: X = address in EEPROM
1031. ; r0 = byte to write
1032.  
1033. push r16
1034. ldi r16, (0 << EEPM1) | (0 << EEPM0) ; Erase and write
1035. sbic _SFR_IO_ADDR(EECR), EEPE
1036. rjmp . - 4
1037. out _SFR_IO_ADDR(EECR), r16
1038. out _SFR_IO_ADDR(EEARH), XH
1039. out _SFR_IO_ADDR(EEARL), XL
1040. out _SFR_IO_ADDR(EEDR), r0
1041. sbi _SFR_IO_ADDR(EECR), EEMPE
1042. sbi _SFR_IO_ADDR(EECR), EEPE
1043. pop r16
1044. ret
1045.  
1046. ; 23 cycles including call and 2 cycle CPU halt, if EEPROM was ready
1047.  
1048.  
1049. ;-------------------------------------------------------------------------------
1050.  
1051.  
1052. WriteEEPROMBlock:
1053. ; In: X = destination in EEPROM
1054. ; Z = source in SRAM
1055. ; r16 = number of bytes to write
1056.  
1057. tst r16
1058. breq 2f
1059. 1: ld r0, Z+
1060. rcall WriteEEPROMByte
1061. adiw XL, 1
1062. dec r16
1063. brne 1b
1064. 2: ret
1065.  
1066.  
1067. ;-------------------------------------------------------------------------------
1068. ; AES routines
1069. ;-------------------------------------------------------------------------------
1070.  
1071.  
1072. AES_SubstituteAndShift:
1073. ; In: Y = address of 4x4 byte column-major state
1074.  
1075. ldi ZH, hi8(PM_AES_SBox)
1076. ; First row
1077. ldd ZL, Y + 0
1078. lpm r8, Z
1079. ldd ZL, Y + 4
1080. lpm r9, Z
1081. ldd ZL, Y + 8
1082. lpm r10, Z
1083. ldd ZL, Y + 12
1084. lpm r11, Z
1085. std Y + 0, r8
1086. std Y + 4, r9
1087. std Y + 8, r10
1088. std Y + 12, r11
1089. ; Second row
1090. ldd ZL, Y + 1
1091. lpm r8, Z
1092. ldd ZL, Y + 5
1093. lpm r9, Z
1094. ldd ZL, Y + 9
1095. lpm r10, Z
1096. ldd ZL, Y + 13
1097. lpm r11, Z
1098. std Y + 1, r9
1099. std Y + 5, r10
1100. std Y + 9, r11
1101. std Y + 13, r8
1102. ; Third row
1103. ldd ZL, Y + 2
1104. lpm r8, Z
1105. ldd ZL, Y + 6
1106. lpm r9, Z
1107. ldd ZL, Y + 10
1108. lpm r10, Z
1109. ldd ZL, Y + 14
1110. lpm r11, Z
1111. std Y + 2, r10
1112. std Y + 6, r11
1113. std Y + 10, r8
1114. std Y + 14, r9
1115. ; Fourth row
1116. ldd ZL, Y + 3
1117. lpm r8, Z
1118. ldd ZL, Y + 7
1119. lpm r9, Z
1120. ldd ZL, Y + 11
1121. lpm r10, Z
1122. ldd ZL, Y + 15
1123. lpm r11, Z
1124. std Y + 3, r11
1125. std Y + 7, r8
1126. std Y + 11, r9
1127. std Y + 15, r10
1128. ; 1 + 4(28) = 113 cycles
1129. ret
1130.  
1131.  
1132. ;-------------------------------------------------------------------------------
1133.  
1134.  
1135. AES_MixColumn:
1136. ; In: X = address of column in 4x4 byte column-major state
1137.  
1138. ldi r16, 0x1b
1139. ld r8, X+
1140. ld r9, X+
1141. ld r10, X+
1142. ld r11, X+
1143. ; Fourth element [3 1 1 2]
1144. mov r7, r9
1145. eor r7, r10
1146. ; gmul2
1147. mov r0, r11
1148. lsl r0
1149. ifcs
1150. eor r0, r16
1151. eor r7, r0
1152. ; gmul3
1153. mov r0, r8
1154. lsl r0
1155. ifcs
1156. eor r0, r16
1157. eor r0, r8
1158. eor r7, r0
1159. st -X, r7
1160. ; Third element [1 1 2 3]
1161. mov r7, r8
1162. eor r7, r9
1163. ; gmul2
1164. mov r0, r10
1165. lsl r0
1166. ifcs
1167. eor r0, r16
1168. eor r7, r0
1169. ; gmul3
1170. mov r0, r11
1171. lsl r0
1172. ifcs
1173. eor r0, r16
1174. eor r0, r11
1175. eor r7, r0
1176. st -X, r7
1177. ; Second element [1 2 3 1]
1178. mov r7, r8
1179. eor r7, r11
1180. ; gmul2
1181. mov r0, r9
1182. lsl r0
1183. ifcs
1184. eor r0, r16
1185. eor r7, r0
1186. ; gmul3
1187. mov r0, r10
1188. lsl r0
1189. ifcs
1190. eor r0, r16
1191. eor r0, r10
1192. eor r7, r0
1193. st -X, r7
1194. ; First element [2 3 1 1]
1195. mov r7, r10
1196. eor r7, r11
1197. ; gmul2
1198. mov r0, r8
1199. lsl r0
1200. ifcs
1201. eor r0, r16
1202. eor r7, r0
1203. ; gmul3
1204. mov r0, r9
1205. lsl r0
1206. ifcs
1207. eor r0, r16
1208. eor r0, r9
1209. eor r7, r0
1210. st -X, r7
1211. ; 8 + 4(15) = 68 cycles
1212. ret
1213.  
1214.  
1215. ;-------------------------------------------------------------------------------
1216.  
1217.  
1218. AES_AdvanceRoundKey:
1219. ; In: Y = key
1220. ; r24 = most significant byte of the round constant
1221.  
1222. ldi ZH, hi8(PM_AES_SBox)
1223. ldd ZL, Y + 13
1224. lpm r8, Z
1225. eor r8, r24
1226. ldd ZL, Y + 14
1227. lpm r9, Z
1228. ldd ZL, Y + 15
1229. lpm r10, Z
1230. ldd ZL, Y + 12
1231. lpm r11, Z
1232. 1: ld r0, Y
1233. eor r8, r0
1234. st Y+, r8
1235. ld r0, Y
1236. eor r9, r0
1237. st Y+, r9
1238. ld r0, Y
1239. eor r10, r0
1240. st Y+, r10
1241. ld r0, Y
1242. eor r11, r0
1243. st Y+, r11
1244. ld r0, Y
1245. eor r8, r0
1246. st Y+, r8
1247. ld r0, Y
1248. eor r9, r0
1249. st Y+, r9
1250. ld r0, Y
1251. eor r10, r0
1252. st Y+, r10
1253. ld r0, Y
1254. eor r11, r0
1255. st Y+, r11
1256. com r1
1257. brne 1b
1258. ; 22 + 2(43)-1 = 107
1259. ret
1260.  
1261.  
1262. ;-------------------------------------------------------------------------------
1263.  
1264.  
1265. AES_AdvanceCMACSubKey:
1266. ; In: X = Either an AES-encrypted block of zeros or the
1267. ; result of a previous call to this routine
1268. ; Out: Z = Output
1269. ; This routine is for generating the subkeys K1 and K2 from
1270. ; an encryption key K. First, a block of zeros is encrypted
1271. ; with K and advanced with this routine to yield K1. Calling
1272. ; this routine a second time yields K2. AES in the CMAC mode
1273. ; of operation requires the last block in the chained cipher
1274. ; to be XORed with K1 or K2 before that block is encrypted.
1275. ; If the message occupies all 128 bits in the last block, K1
1276. ; is used, otherwise the message is appended with padding
1277. ; consisting of a bit 1 followed by as many bit zeros as will
1278. ; fit and K2 is used instead.
1279.  
1280. adiw ZL, 15
1281. adiw XL, 15
1282. ld r7, X
1283. lsl r7
1284. ldi r16, 3
1285. 1: ld r0, -X
1286. rol r0
1287. st -Z, r0
1288. ld r0, -X
1289. rol r0
1290. st -Z, r0
1291. ld r0, -X
1292. rol r0
1293. st -Z, r0
1294. ld r0, -X
1295. rol r0
1296. st -Z, r0
1297. ld r0, -X
1298. rol r0
1299. st -Z, r0
1300. dec r16
1301. brne 1b
1302. ldi r16, 0x87
1303. ifcs
1304. eor r7, r16
1305. std Z + 15, r7
1306. ; 8 + 3(28)-1 + 5 = 96 cycles
1307. ret
1308.  
1309.  
1310. ;-------------------------------------------------------------------------------
1311.  
1312.  
1313. AES_Encrypt:
1314. ; In: Z = key
1315. ; X = state
1316. ; r25:24 = subkey working space (16 bytes)
1317.  
1318. push YH
1319. push YL
1320. movw r20, r24
1321. movw r22, XL
1322. ; W := K
1323. movw XL, r20
1324. rcall Copy16B ; (Z, X)
1325. ; Preprocessing step
1326. movw ZL, r20
1327. movw XL, r22
1328. rcall Xor16B ; (Z, X)
1329. ldi r18, 10
1330. ldi r19, 0x8D
1331. 1: movw YL, r22
1332. rcall AES_SubstituteAndShift ; (Y)
1333. dec r18
1334. breq 2f
1335. movw XL, r22
1336. rcall AES_MixColumn ; (X)
1337. adiw XL, 4
1338. rcall AES_MixColumn ; (X)
1339. adiw XL, 4
1340. rcall AES_MixColumn ; (X)
1341. adiw XL, 4
1342. rcall AES_MixColumn ; (X)
1343. 2: movw YL, r20
1344. ldi r16, 0x1B
1345. lsl r19
1346. ifcs
1347. eor r19, r16
1348. mov r24, r19
1349. rcall AES_AdvanceRoundKey ; (Y, r24)
1350. movw ZL, r20
1351. movw XL, r22
1352. rcall Xor16B ; (Z, X)
1353. tst r18
1354. brne 1b
1355. pop YL
1356. pop YH
1357. ret
1358.  
1359.  
1360. ;-------------------------------------------------------------------------------
1361. ; Application routines
1362. ;-------------------------------------------------------------------------------
1363.  
1364.  
1365. FindCurrentEWLDataSlot:
1366. ; In: X = Status ring in EEPROM
1367. ; Z = Data ring in EEPROM
1368. ; Out: r16 = Index of current slot
1369. ; r17 = Slot status value
1370. ; Z = Address of current slot in EPPROM
1371. ; This routine implements a variation of Atmel's recommendation. The data
1372. ; (4 bytes in our case) is read from a slot in the Data Ring and written to
1373. ; a different slot in that ring each time. The parallel Status Ring, filled
1374. ; with values decreasing by one going backwards in memory indicates which
1375. ; slot index is the current one: Where a decrement of one fails to occur
1376. ; indicates the boundary between the current slot index and the next slot
1377. ; index to use. (if S[(i - 1) mod N] != S[i] - 1, the current slot index is i
1378. ; and the next slot index to use is (i - 1) mod N. Backwards counting is used
1379. ; to minimise EEPROM wear and backwards traversal is to make the loop
1380. ; termination easy. The EEPROM does not need to have any particular initial
1381. ; state for this routine to work.
1382.  
1383. ; Traverse both the status and data rings backwards from the end, with
1384. ; a previous status value taken from the first item in the status ring.
1385. ldiw r17:r16, EWL_DATA_RING_SIZE - EWL_DATA_SLOT_SIZE
1386. add ZL, r16
1387. adc ZH, r17
1388. rcall ReadEEPROMByte ; (X)
1389. mov r17, r0 ; Previous value
1390. clr r16 ; Previous index
1391. ; Go backward from the last index.
1392. ldi r18, EWL_INDEX_RANGE - 1 ; Current index
1393. add XL, r18
1394. adc ZH, r1
1395. 1: rcall ReadEEPROMByte ; (X)
1396. mov r19, r0 ; Current value
1397. mov r20, r17 ; Compare with previous value.
1398. sub r20, r19
1399. cpi r20, 1
1400. brne 2f ; A discontinuity! Return the previous index.
1401. movw r16, r18 ; The previous index and value is now current.
1402. sbiw XL, 1
1403. sbiw ZL, EWL_DATA_SLOT_SIZE
1404. dec r18
1405. brne 1b
1406. 2: ret
1407.  
1408.  
1409. ;-------------------------------------------------------------------------------
1410.  
1411.  
1412. LazilyUpdateEWLData:
1413. ; Monitor the sequence number changes-until-update countdown and update the
1414. ; EEPROM Wear Levelling data both in SRAM and in EEPROM.
1415.  
1416. clr r1 ; Just to be sure
1417. ldd r17, Y + G_EWLState + EWLS_NumBytesToWrite
1418. tst r17
1419. brne 1f
1420. ; No EWL updating is in progress.
1421. ; See if the EWL needs updating.
1422. ldd r0, Y + G_EWLState + EWLS_UpdateCountdown
1423. cpse r0, r1
1424. rjmp 4f
1425. ; This transmitter has sent enough messages that its
1426. ; Next Sequence Number should be saved to EEPROM (with
1427. ; wear levelling) in case power is lost.
1428. ldiw Z, AuthenticationData
1429. ldd r0, Z + AD_SequenceNumber + 0
1430. std Y + G_EWLState + EWLS_NewSequenceNumber + 0, r0
1431. ldd r0, Z + AD_SequenceNumber + 1
1432. std Y + G_EWLState + EWLS_NewSequenceNumber + 1, r0
1433. ldd r0, Z + AD_SequenceNumber + 2
1434. std Y + G_EWLState + EWLS_NewSequenceNumber + 2, r0
1435. ldd r0, Z + AD_SequenceNumber + 3
1436. std Y + G_EWLState + EWLS_NewSequenceNumber + 3, r0
1437. ldi r17, EWL_COUNTS_BETWEEN_WRITES
1438. std Y + G_EWLState + EWLS_UpdateCountdown, r17
1439. ldi r17, 5 ; 4 for the NSN and 1 for the status ring
1440. std Y + G_EWLState + EWLS_NumBytesToWrite, r17
1441. ; 33 cycles so far
1442. rjmp 4f
1443. 1: ; 6 cycles so far
1444. ; Either a byte of the new NSN or the EWL status value is to be written.
1445. ; Only proceed if the EEPROM is not busy.
1446. sbic _SFR_IO_ADDR(EECR), EEPE
1447. rjmp 4f
1448. ; Get the next EWL slot index and value ready.
1449. ldd r20, Y + G_EWLState + EWLS_SlotIndex
1450. ldd r21, Y + G_EWLState + EWLS_SlotValue
1451. dec r20
1452. cpi r20, EWL_INDEX_RANGE
1453. ifcc
1454. ldi r20, EWL_INDEX_RANGE - 1
1455. dec r21
1456. ; 17 cycles so far
1457. ; Update the byte counter early.
1458. dec r17
1459. std Y + G_EWLState + EWLS_NumBytesToWrite, r17
1460. breq 2f
1461. cpi r17, 5
1462. brcc 6f
1463. ; Write a byte of the new Next Sequence Number.
1464. dec r17
1465. ldiw Z, Globals + G_EWLState + EWLS_NewSequenceNumber
1466. add ZL, r17
1467. adc ZH, r1
1468. mov r0, r20
1469. lsl r0
1470. lsl r0
1471. add r0, r17
1472. ldiw X, EEPROM_EWLDataRing
1473. add XL, r0
1474. adc XH, r1
1475. ld r0, Z
1476. ; 38 cycles so far
1477. rjmp 3f
1478. 2: ; 22 cycles so far
1479. ; Update the EWL slot data in SRAM.
1480. std Y + G_EWLState + EWLS_SlotIndex, r20
1481. std Y + G_EWLState + EWLS_SlotValue, r21
1482. ; Write to the EWL status ring.
1483. ldiw X, EEPROM_EWLStatusRing
1484. add XL, r20
1485. adc XH, r1
1486. mov r0, r21
1487. ; 31 cycles so far
1488. 3: ; 40 or 31 cycles so far
1489. rjmp WriteEEPROMByte ; 23 - 8 + 2 cycles
1490. 4: ret
1491. 6: ; Too many bytes to write. Ignore.
1492. std Y + G_EWLState + EWLS_NumBytesToWrite, r1
1493. ret
1494.  
1495. ; Max 65 cycles, including call
1496.  
1497.  
1498. ;-------------------------------------------------------------------------------
1499.  
1500.  
1501. FullyUpdateEWLData:
1502. ; Update the EWL data so that the sequence number is fully committed to EEPROM,
1503. ; however long it takes.
1504.  
1505. std Y + G_EWLState + EWLS_UpdateCountdown, r1
1506. 1: rcall LazilyUpdateEWLData
1507. ldd r0, Y + G_EWLState + EWLS_UpdateCountdown
1508. tst r0
1509. breq 1b
1510. ret
1511.  
1512.  
1513. ;-------------------------------------------------------------------------------
1514.  
1515.  
1516. MutateRandomData:
1517. ; In: r6:r4 = 32kHz counter
1518. ; Out: r0 = byte written to the random data pool
1519.  
1520. movw r14, YL
1521. ldiw Y, EntropyHarvester
1522. ; Select the next byte of the random data to mutate.
1523. ldd r16, Y + EH_MutationIndex
1524. subi r16, -EH_MUTATION_INDEX_ADVANCE
1525. andi r16, EH_MUTATION_INDEX_MASK
1526. std Y + EH_MutationIndex, r16
1527. ldiw Z, EntropyHarvester + EH_RandomData
1528. add ZL, r16
1529. adc ZH, r1
1530. ; Mutate with the help of the 32kHz counter
1531. ld r0, Z
1532. add r0, r5 ; Timer bits 8 to 10 are adequate.
1533. ror r0
1534. adc r0, r4 ; Timer bits 3 to 7 are useful.
1535. st Z, r0
1536. movw YL, r14
1537. ; 21 cycles so far
1538.  
1539. ret
1540.  
1541. ; 29 cycles including call
1542.  
1543.  
1544. ;-------------------------------------------------------------------------------
1545.  
1546.  
1547. RandomiseCMACKey:
1548.  
1549. ; Abuse the key part of the random data a little, in case
1550. ; an insufficient amount of entropy was harvested between
1551. ; transmissions of the secret key.
1552. ldiw Z, EntropyHarvester + EH_RandomData + 0
1553. ldd r8, Z + 0
1554. ldd r9, Z + 1
1555. ldd r10, Z + 2
1556. ldd r11, Z + 3
1557. ldiw X, EntropyHarvester + EH_RandomData + 16
1558. movw ZL, XL
1559. ldd r0, Z + 0
1560. add r0, r8
1561. std Z + 0, r0
1562. ldd r8, Z + 7
1563. add r8, r5
1564. ldd r0, Z + 2
1565. sbc r0, r9
1566. dec r0
1567. std Z + 7, r0
1568. ldd r0, Z + 12
1569. sbc r0, r10
1570. std Z + 2, r0
1571. ror r8
1572. adc r8, r11
1573. std Z + 12, r8
1574. rcall AES_AdvanceCMACSubKey
1575. ; Mutilate the existing CMAC key
1576. ldiw Z, EntropyHarvester + EH_RandomData + 0
1577. ldiw X, AuthenticationData + AD_CMACKey
1578. rcall Xor16B
1579. ; Random data and a random key should be effective in
1580. ; producing a nice new key.
1581. ldiw Z, EntropyHarvester + EH_RandomData + 16
1582. ldiw X, AuthenticationData + AD_CMACKey
1583. ldiw r25:r24, AES_Matrix_W
1584. rcall AES_Encrypt
1585. ; Now for the subkey K2
1586. ldiw Z, AuthenticationData + AD_CMACKey
1587. ldiw X, AuthenticationData + AD_CMACSubkeyK2 + 16
1588. ldiw r25:r24, AES_Matrix_W
1589. ldi r16, 16
1590. 1: st -X, r1
1591. dec r16
1592. brne 1b
1593. rcall AES_Encrypt
1594. ldiw X, AuthenticationData + AD_CMACSubkeyK2
1595. movw ZL, XL
1596. rcall AES_AdvanceCMACSubKey
1597. ldiw X, AuthenticationData + AD_CMACSubkeyK2
1598. movw ZL, XL
1599. rjmp AES_AdvanceCMACSubKey
1600.  
1601.  
1602. ;-------------------------------------------------------------------------------
1603.  
1604.  
1605. BuildTeachMessage:
1606. ; In: r24 = 0 if the shared key is be used to encrypt the secret key (normal) or
1607. ; 1 if the secret key is to be unprotected (timed delay mode).
1608.  
1609. ; The message is in big-endian format.
1610. ; Copy the serial number and sequence number together.
1611. ldiw X, AuthenticationData + AD_SerialNumber
1612. ldiw Z, Globals + G_Transmitter + Tx_Data + TeachMsg_SerialNumber
1613. 1: ld r8, X+
1614. ld r9, X+
1615. ld r10, X+
1616. ld r11, X+
1617. st Z+, r11
1618. st Z+, r10
1619. st Z+, r9
1620. st Z+, r8
1621. com r1
1622. brne 1b
1623. ldiw Z, Globals + G_Transmitter + Tx_Data + TeachMsg_AuxData
1624. std Z + 0, r1
1625. std Z + 1, r1
1626. sbrc r24, 0
1627. std Z + 1, r2 ; Mark the teach message as unencrypted.
1628. ldiw Z, AuthenticationData + AD_CMACKey
1629. ldiw X, Globals + G_Transmitter + Tx_Data + TeachMsg_EncryptedCMACKey
1630. rcall Copy16B
1631. ldiw X, EEPROM_SharedKey
1632. ldiw Z, AES_Matrix_W
1633. ldi r16, 16
1634. rcall ReadEEPROMBlock
1635. ldiw Z, AES_Matrix_W
1636. ldiw X, Globals + G_Transmitter + Tx_Data + TeachMsg_EncryptedCMACKey
1637. sbrs r24, 0
1638. rcall Xor16B
1639. ldiw X, Globals + G_Transmitter + Tx_Data
1640. ldi r16, TeachMsgSize - 2
1641. clr r17
1642. rcall CalculateCRC_CCITT
1643. ; Store the CRC in big-endian format, not just because other elements
1644. ; in the message big-endian, but because the CCITT CRC of a message
1645. ; appended with its own CRC stored high-byte-first is zero.
1646. st X+, r17
1647. st X+, r16
1648. ret
1649.  
1650.  
1651. ;-------------------------------------------------------------------------------
1652. ; Initialisation
1653. ;-------------------------------------------------------------------------------
1654.  
1655.  
1656. InitialiseRegisterConstants:
1657. ; Out: r1 = 0
1658. ; r2 = 1
1659. ; r3 = 255
1660. ; Y = Globals
1661.  
1662. ; r1 = 0
1663. clr r1
1664.  
1665. ; r2 = 1, handy for carry-changing inc/dec via add/sub.
1666. clr r2
1667. inc r2
1668.  
1669. ; r3 = 255 for sign extension.
1670. clr r3
1671. dec r3
1672.  
1673. ldiw Y, Globals
1674.  
1675. ret
1676.  
1677.  
1678. ;-------------------------------------------------------------------------------
1679.  
1680.  
1681. InitialiseHardware:
1682.  
1683. ; No interrupts!
1684. cli
1685.  
1686. ; Clear the watchdog reset flag so that it doesn't disable the
1687. ; the watchdog timer.
1688. in r16, _SFR_IO_ADDR(MCUSR)
1689. andi r16, ~(1 << WDRF)
1690. out _SFR_IO_ADDR(MCUSR), r16
1691.  
1692. ; Start the watchdog timer and have it force a reset of the CPU if
1693. ; the timer isn't reset at least once every 0.5 seconds.
1694. ldi r16, (1 << WDCE) | (1 << WDE)
1695. out _SFR_IO_ADDR(WDTCR), r16
1696. ldi r16, (0 << WDCE) | (1 << WDE) | (0 << WDP3) | (0b101 << WDP0)
1697. out _SFR_IO_ADDR(WDTCR), r16
1698.  
1699. ; Halt and configure Timer/Counter 0 to run at 8MHz.
1700. ldi r18, (1 << TSM) | (1 << PSR0)
1701. out _SFR_IO_ADDR(GTCCR), r18
1702. ldi r18, (0 << WGM02) | (0b001 << CS00)
1703. out _SFR_IO_ADDR(TCCR0B), r18
1704. out _SFR_IO_ADDR(TCNT0), r1
1705.  
1706. ; Start the counting.
1707. out _SFR_IO_ADDR(GTCCR), r1
1708.  
1709. ; Set Data Direction and pull-ups
1710. ldi r18, (1 << INPUT_BIT_PRIMARY_SENSOR) |\
1711. (1 << INPUT_BIT_SECONDARY_SENSOR) |\
1712. (0 << INPUT_BIT_BUTTONS)
1713. ldi r19, (1 << OUTPUT_BIT_ACTIVITY_LED) |\
1714. (1 << OUTPUT_BIT_RADIO)
1715. out _SFR_IO_ADDR(PORTB), r18
1716. out _SFR_IO_ADDR(DDRB), r19
1717.  
1718. ; 03 ADCSRB [ BIN ACME IPR --- --- ADTS2 ADTS1 ADTS0 ]
1719. ; 04 ADCL [ ADC Data Register Low Byte ]
1720. ; 05 ADCH [ ADC Data Register High Byte ]
1721. ; 06 ADCSRA [ ADEN ADSC ADATE ADIF ADIE ADPS2 ADPS1 ADPS0 ]
1722. ; 07 ADMUX [ REFS1 REFS0 ADLAR REFS2 MUX3 MUX2 MUX1 MUX0 ]
1723. ; 08 ACSR [ ACD ACBG ACO ACI ACIE --- ACIS1 ACIS0 ]
1724. ; 14 DIDR0 [ --- --- ADC0D ADC2D ADC3D ADC1D AIN1D AIN0D ]
1725.  
1726. ; Disable the digital input buffer for the pin on which
1727. ; we are to receive analogue input.
1728. ldi r18, 1 << BUTTONS_DIGITAL_INPUT_DISABLE_BIT
1729. out _SFR_IO_ADDR(DIDR0), r18
1730. ldi r18, 0x00
1731. out _SFR_IO_ADDR(ADCSRB), r18
1732. ldi r18, (1 << ADLAR) | (BUTTONS_ADC_MUX_SELECTOR << MUX0)
1733. out _SFR_IO_ADDR(ADMUX), r18
1734. ; Single-shot mode
1735. ; Start the conversion early to avoid spurious button readings.
1736. ldi r18, (1 << ADEN) | (1 << ADSC) | (0 << ADATE) | (0 << ADIF) |\
1737. (0b110 << ADPS0) ; CK/64 => 125kHz ADC clock
1738. out _SFR_IO_ADDR(ADCSRA), r18
1739.  
1740. ret
1741.  
1742.  
1743. ;-------------------------------------------------------------------------------
1744.  
1745.  
1746. ClearGlobals:
1747.  
1748. movw ZL, YL
1749. ldi r18, (VariablesEnd - Globals) / 2
1750. 1: st Z+, r1
1751. st Z+, r1
1752. dec r18
1753. brne 1b
1754.  
1755. ret
1756.  
1757.  
1758. ;-------------------------------------------------------------------------------
1759.  
1760.  
1761. LoadEverythingFromEEPROM:
1762.  
1763. ; Load the sound indices, stored complemented in EEPROM.
1764. ; Bits 0 to 3 is the sound index for the primary sensor.
1765. ; Bits 4 to 7 is the sound index for the secondary sensor.
1766. ldiw X, EEPROM_InvSoundIndices
1767. rcall ReadEEPROMByte
1768. com r0
1769. std Y + G_SoundIndices, r0
1770.  
1771. ; Load the activation senses
1772. ; Bits 0 and 1 are for the primary and secondary sensors respectively.
1773. ; A sensor activation bit value of 0 means that the input at the
1774. ; sensor's pin on the MCU is active high and a value of 1 means
1775. ; that the pin is active low.
1776. ldiw X, EEPROM_SensorActivationSenses
1777. rcall ReadEEPROMByte
1778. ldi r16, 0x03
1779. and r16, r0
1780. std Y + G_SensorActivationSenses, r16
1781. sts TASSState + TASS_NewSensorActivationSenses, r16
1782.  
1783. ; Load the authentication data which allows this transmitter to
1784. ; be associated with one or more receivers.
1785. ldiw Z, AuthenticationData + AD_SerialNumber
1786. ldiw X, EEPROM_SerialNumber
1787. ldi r16, 4
1788. rcall ReadEEPROMBlock
1789. ldiw Z, AuthenticationData + AD_CMACKey
1790. ldiw X, EEPROM_CMACKey
1791. ldi r16, 16
1792. rcall ReadEEPROMBlock
1793. ldiw Z, AuthenticationData
1794. std Z + AD_HaveK2, r1
1795.  
1796. ; Load the EEPROM Wear Levelling state and the sequence number
1797. ; necessary for the authentication system to maintain synchronisation.
1798. ldiw X, EEPROM_EWLStatusRing
1799. ldiw Z, EEPROM_EWLDataRing
1800. rcall FindCurrentEWLDataSlot
1801. std Y + G_EWLState + EWLS_SlotIndex, r16
1802. std Y + G_EWLState + EWLS_SlotValue, r17
1803. movw XL, ZL
1804. ldiw Z, AuthenticationData + AD_SequenceNumber
1805. ldi r16, 4
1806. rcall ReadEEPROMBlock
1807.  
1808. ; Advance the sequence number in case the power was lost before
1809. ; the EWL data could be updated.
1810. ldiw Z, AuthenticationData
1811. ldd r16, Z + AD_SequenceNumber + 0
1812. ldd r17, Z + AD_SequenceNumber + 1
1813. ldd r18, Z + AD_SequenceNumber + 2
1814. ldd r19, Z + AD_SequenceNumber + 3
1815. ldi r20, EWL_COUNTS_BETWEEN_WRITES + 2 ; (+2 for good measure)
1816. add r16, r20
1817. adc r17, r1
1818. adc r18, r1
1819. adc r19, r1
1820. std Z + AD_SequenceNumber + 0, r16
1821. std Z + AD_SequenceNumber + 1, r17
1822. std Z + AD_SequenceNumber + 2, r18
1823. std Z + AD_SequenceNumber + 3, r19
1824. ldi r16, 1
1825. std Y + G_EWLState + EWLS_UpdateCountdown, r16
1826.  
1827. ; Load the random data harvested so far.
1828. ldiw Z, EntropyHarvester + EH_RandomData
1829. ldiw X, EEPROM_RandomData
1830. ldi r16, EH_MUTATION_INDEX_RANGE
1831. rcall ReadEEPROMBlock
1832. ; Add a bit of extra wear levelling of the random data.
1833. ldiw Z, EntropyHarvester
1834. ldd r16, Z + EH_RandomData + EH_AUX_RANDOM_DATA_START_INDEX
1835. andi r16, EH_MUTATION_INDEX_MASK
1836. std Z + EH_EEPROMUpdateIndex, r16
1837.  
1838. ret
1839.  
1840.  
1841. ;-------------------------------------------------------------------------------
1842. ; main
1843. ;-------------------------------------------------------------------------------
1844.  
1845.  
1846. main:
1847.  
1848. rcall InitialiseRegisterConstants
1849. rcall InitialiseHardware
1850. rcall ClearGlobals
1851. wdr
1852. rcall LoadEverythingFromEEPROM
1853.  
1854. ldi r18, 127
1855. std Y + G_PrimarySensorIntegral, r18
1856. std Y + G_SecondarySensorIntegral, r18
1857.  
1858. ; Initialise the AES-CMAC authenticator state.
1859. ldi r18, AUTH_STATE_IDLE
1860. std Y + G_AuthenticationState, r18
1861. ldi r18, AES_STATE_IDLE
1862. std Y + G_AESState, r18
1863.  
1864. ; Reset the 32kHz counter
1865. clr r4
1866. clr r5
1867. clr r6
1868.  
1869. main_Loop:
1870.  
1871. ; Time share
1872. ;
1873. ; 32kHz:
1874. ; Reset watchdog (1)
1875. ; Synchronise (35)
1876. ; Update 32kHz counter (3)
1877. ; Update transmit pin (28)
1878. ; Time share 32kHz by 8 into 4kHz tasks (11)
1879. ; 0: Transmit packet (138)
1880. ; 1: Authentication (146)
1881. ; 2: Teach And Sound Select tasks
1882. ; Time share 4kHz by 4 into 1kHz tasks (Max 7)
1883. ; 0: ADC button input and TASS timers (121)
1884. ; 1: Button logic (118)
1885. ; 2: Transmission tasks scheduling (122+)
1886. ; 3:
1887. ; 3: Sensor input conditioning and entropy harvesting (148)
1888. ; 4: Sensor state transmission bursts and EWL updating (153)
1889. ; 5: Refresh EEPROM (67)
1890. ; 6:
1891. ; 7:
1892.  
1893. wdr
1894.  
1895. main_Synchronise:
1896.  
1897. ; 32kHz implies a period of 31.25us, 250 counts of a 8MHz counter.
1898. ; The timer match value should be therefore be 250 counts ahead
1899. ; of the previous value.
1900. ldd r24, Y + G_CurrentTimer0Match
1901. subi r24, -250 ; "addi r24, 244" but with an opcode which exists
1902. std Y + G_CurrentTimer0Match, r24
1903. in r0, _SFR_IO_ADDR(TCNT0)
1904. sub r24, r0
1905. rcall DelayNCycles
1906.  
1907. ; 7 + 28 = 35 cycles
1908.  
1909. ;; We have too much spare time!
1910. ;ldi r24, 200
1911. ;rcall DelayNCycles
1912.  
1913. main_Update32kHzCounter:
1914.  
1915. ; r6:r4 = 32kHz counter value
1916. ; f = 16000 * 2^-b Hz
1917. ; T = 2^b / 16000 s
1918. ; b = log2(16000 / f)
1919. ; b = log2(16000 * T))
1920.  
1921. ; Bit Edge f Edge T
1922. ; 0 32kHz 31.25us
1923. ; 1 16kHz 62.5us
1924. ; 2 8kHz 125us
1925. ; 3 4kHz 250us
1926. ; 4 2kHz 500us
1927. ; 5 1kHz 1ms
1928. ; 6 500Hz 2ms
1929. ; 7 250Hz 4ms
1930. ; 8 125Hz 8ms
1931. ; 9 62.5Hz 16ms
1932. ; 10 31.25Hz 32ms
1933. ; 11 15.625Hz 64ms
1934. ; 12 7.8125Hz 128ms
1935. ; 13 3.9106Hz 256ms
1936. ; 14 1.9531Hz 512ms
1937. ; 15 0.9766Hz 1024ms
1938. ; 16 2.05s
1939. ; 17 4.10s
1940. ; 18 8.19s
1941. ; 19 16.38s
1942. ; 20 32.77s
1943. ; 21 65.54s
1944. ; 22 131.07s
1945. ; 23 262.14s
1946. ; Clocked 524.29s
1947.  
1948. add r4, r2
1949. adc r5, r1
1950. adc r6, r1
1951.  
1952. ; 3 cycles
1953.  
1954. main_UpdateTransmitPin:
1955.  
1956. ; See if there's anything in the buffer.
1957. ldd r18, Y + G_Transmitter + Tx_TxBit + TxBit_HeadIx
1958. ldd r19, Y + G_Transmitter + Tx_TxBit + TxBit_TailIx
1959. cp r18, r19
1960. brne 1f
1961. rcall Delay10Cycles
1962. rcall Delay10Cycles
1963. rjmp 3f
1964. 1: ; The output ring buffer is arranged such that even offsets represent
1965. ; marks and odd offsets represent spaces.
1966. ; Update the transmission data pin while the timing is exact.
1967. in r20, _SFR_IO_ADDR(PORTB)
1968. mov r0, r18
1969. com r0
1970. bst r0, 0
1971. bld r20, OUTPUT_BIT_RADIO
1972. out _SFR_IO_ADDR(PORTB), r20
1973. ; The buffer still has something in it.
1974. ldiw X, TxRunLengthsRingBuffer
1975. add XL, r18
1976. adc XH, r1
1977. ld r0, X
1978. dec r0
1979. st X, r0
1980. breq 2f
1981. nop
1982. adiw XL, 0
1983. rjmp 3f
1984. 2: ; Advance to the next mark or space.
1985. inc r18
1986. andi r18, TX_RING_BUFFER_INDEX_MASK
1987. std Y + G_Transmitter + Tx_TxBit + TxBit_HeadIx, r18
1988. 3:
1989. ; 28 cycles
1990.  
1991. main_TimeShare32By8:
1992.  
1993. sbrc r4, 2
1994. rjmp 4f
1995. nop
1996. sbrc r4, 1
1997. rjmp 2f
1998. nop
1999. sbrc r4, 0
2000. rjmp 1f
2001. nop
2002. rjmp main_T0_TransmitPacket
2003. 1: rjmp main_T1_Authentication
2004. 2: sbrc r4, 0
2005. rjmp 3f
2006. nop
2007. rjmp main_T2_TeachAndSoundSelectTasks
2008. 3: rjmp main_T3_SensorInputConditioningAndEntropyHarvesting
2009. 4: sbrc r4, 1
2010. rjmp 6f
2011. nop
2012. sbrc r4, 0
2013. rjmp 5f
2014. nop
2015. rjmp main_T4_SensorStateTxBurstsAndEWLUpdates
2016. 5: rjmp main_T5_RefreshEEPROM
2017. 6: sbrc r4, 0
2018. rjmp 7f
2019. nop
2020. rjmp main_T6
2021. 7: rjmp main_T7
2022.  
2023. ; 11 cycles
2024.  
2025. main_T0_TransmitPacket:
2026.  
2027. ; Find how many mark-space pairs are free.
2028. ldd r18, Y + G_Transmitter + Tx_TxBit + TxBit_HeadIx
2029. ldd r19, Y + G_Transmitter + Tx_TxBit + TxBit_TailIx
2030. sub r18, r19
2031. dec r18
2032. andi r18, TX_RING_BUFFER_INDEX_MASK
2033. lsr r18
2034.  
2035. ; Jump to the handler for the current state.
2036. ldd r20, Y + G_Transmitter + Tx_State
2037. cpi r20, TX_STATE_DATA
2038. breq main_TxState_Data ; 13 cycles
2039. brcc 1f
2040. cpi r20, TX_STATE_BEGIN
2041. breq main_TxState_Begin ; 16 cycles
2042. brcc main_TxState_Sync ; 17 cycles
2043. rjmp main_TxState_Idle ; 18 cycles
2044. 1: cpi r20, TX_STATE_TERMINATOR
2045. ifne
2046. rjmp main_TxState_Rest ; 21 cycles
2047. rjmp main_TxState_Terminator ; 22 cycles
2048.  
2049. main_TxState_Idle:
2050.  
2051. ; 18 cycles so far
2052.  
2053. rjmp main_Loop
2054.  
2055. ; 20 cycles
2056.  
2057. main_TxState_Begin:
2058.  
2059. ; 16 cycles so far
2060.  
2061. ldd r0, Y + G_Transmitter + Tx_Data + 0
2062. std Y + G_Transmitter + Tx_ShiftRegister, r0
2063. std Y + G_Transmitter + Tx_Parity, r1
2064. std Y + G_Transmitter + Tx_NumBytesSent, r1
2065.  
2066. ldi r20, TX_STATE_SYNC
2067. std Y + G_Transmitter + Tx_State, r20
2068. ldi r20, TX_NUMBER_OF_LEADER_PULSES + 1
2069. std Y + G_Transmitter + Tx_Counter, r20
2070.  
2071. ; Fall through to main_TxState_Sync.
2072.  
2073. ; 30 cycles so far
2074.  
2075. main_TxState_Sync:
2076.  
2077. ; 17 or 30 cycles so far
2078.  
2079. ; Limit the number of mark-space pairs to be buffered in one turn.
2080. ldi r23, 2
2081. cp r18, r23
2082. ifcc
2083. mov r18, r23
2084.  
2085. ldd r22, Y + G_Transmitter + Tx_Counter
2086. cp r22, r18
2087. ifcs
2088. mov r18, r22
2089. tst r18
2090. breq 5f
2091.  
2092. 1: ; The last two mark-space pairs are modified to include a long sync
2093. ; pulse which maintains a minimal DC bias.
2094. ; The synchronisation pattern is 101010...1010101000111001.
2095. cpi r22, 2
2096. breq 2f
2097. brcc 3f
2098. ; End of synchronisation: Long mark followed by a space that is
2099. ; twice the length of a short space.
2100. ldi r20, 3 * TX_TIME_UNIT
2101. ldi r21, 2 * TX_TIME_UNIT
2102. rjmp 4f
2103. 2: ; The last leader pulse has a long space to maintain DC balance.
2104. ldi r20, TX_TIME_UNIT
2105. ldi r21, 3 * TX_TIME_UNIT
2106. rjmp 4f
2107. 3: ; The leader pattern makes the radio receiver AGC happy.
2108. ldi r20, TX_TIME_UNIT
2109. ldi r21, TX_TIME_UNIT
2110. nop
2111. 4: dec r22
2112. rcall main_Tx_BufferMarkSpace
2113. dec r18
2114. brne 1b
2115. std Y + G_Transmitter + Tx_Counter, r22
2116.  
2117. 5: ; (17 or 26) + (12 or 12+(41n)-1+2) cycles
2118. ; Are there any more synchronisation pulses to buffer?
2119. cpse r22, r1
2120. rjmp main_Loop ; 33..124 cycles
2121.  
2122. ; Begin data transmission.
2123. ldi r20, TX_STATE_DATA
2124. std Y + G_Transmitter + Tx_State, r20
2125. ldi r20, 8
2126. std Y + G_Transmitter + Tx_Counter, r20
2127. ; Start the current run length of the second half of the bit 1 which
2128. ; follows the long space-mark which terminates the leader.
2129. ldiw X, TxRunLengthsRingBuffer
2130. add XL, r19
2131. adc XH, r1
2132. ldi r20, TX_TIME_UNIT
2133. st X, r20
2134.  
2135. rjmp main_Loop
2136.  
2137. ; Max 142 cycles
2138.  
2139. main_TxState_Data:
2140.  
2141. ; 13 cycles so far
2142.  
2143. ; Proceed only if there is room for two run entries (1 pair).
2144. tst r18
2145. ifeq
2146. rjmp main_Loop ; 17 cycles
2147.  
2148. ldd r20, Y + G_Transmitter + Tx_NumBytesToSend
2149. tst r20
2150. breq main_TxState_Terminator ; 21 cycles
2151.  
2152. ldd r21, Y + G_Transmitter + Tx_NumBytesSent
2153.  
2154. ldd r22, Y + G_Transmitter + Tx_Counter
2155. tst r22
2156. breq main_TxState_Data_Parity ; 27 cycles
2157.  
2158. ; Fall through to main_TxState_Data_Bit.
2159.  
2160. main_TxState_Data_Bit:
2161.  
2162. ; 26 cycles so far
2163.  
2164. dec r22
2165. std Y + G_Transmitter + Tx_Counter, r22
2166. ; Fetch the current data byte.
2167. ldd r0, Y + G_Transmitter + Tx_ShiftRegister
2168. ; Rotate-left-circular the current data byte, storing a bit into T.
2169. bst r0, 7
2170. add r0, r0
2171. adc r0, r1
2172. std Y + G_Transmitter + Tx_ShiftRegister, r0
2173. ; Update the parity for this byte.
2174. ldd r0, Y + G_Transmitter + Tx_Parity
2175. ifts
2176. inc r0
2177. std Y + G_Transmitter + Tx_Parity, r0
2178.  
2179. rjmp main_TxState_Data_ModulateBit ; 44 cycles
2180.  
2181. main_TxState_Data_Parity:
2182.  
2183. ; 27 cycles so far
2184.  
2185. dec r20
2186. std Y + G_Transmitter + Tx_NumBytesToSend, r20
2187. inc r21
2188. std Y + G_Transmitter + Tx_NumBytesSent, r21
2189. movw XL, YL
2190. adiw XL, G_Transmitter + Tx_Data
2191. add XL, r21
2192. adc XH, r1
2193. ld r0, X
2194. std Y + G_Transmitter + Tx_ShiftRegister, r0
2195. ldi r22, 8
2196. std Y + G_Transmitter + Tx_Counter, r22
2197. ldd r0, Y + G_Transmitter + Tx_Parity
2198. std Y + G_Transmitter + Tx_Parity, r1
2199. ; Even parity is used.
2200. bst r0, 0
2201. ; 50 cycles so far
2202.  
2203. ; Fall through to main_TxState_Data_ModulateBit.
2204.  
2205. main_TxState_Data_ModulateBit:
2206.  
2207. ; 44 or 51 cycles so far
2208.  
2209. ; From the T flag, prepare the Manchester-encoded bits
2210. ; in the first two bits of r18. Bit 0 first, Bit 1 second.
2211. ;
2212. ; Data bit First Second
2213. ; 0 0 1
2214. ; 1 1 0
2215. mov r18, r1
2216. bld r18, 0
2217. inc r18
2218. bld r18, 1
2219.  
2220. ; Submit the Manchester bits to the run length ring buffer.
2221.  
2222. ; Manchester bit duration in 32kHz ticks
2223. ldi r23, TX_TIME_UNIT
2224. ; The run length counter is just past the end of the ring buffer.
2225. ldiw X, TxRunLengthsRingBuffer
2226. add XL, r19
2227. adc XH, r1
2228. clr r20
2229. ; 54 or 61 cycles so far
2230. 1: ; See if the run state is to change.
2231. mov r0, r18
2232. eor r0, r19
2233. lsr r0
2234. brcc 2f
2235. ; Increase run length.
2236. ld r0, X
2237. add r0, r23
2238. st X, r0
2239. adiw XL, 0
2240. rjmp 3f
2241. 2: ; Queue the current run length.
2242. inc r19
2243. andi r19, TX_RING_BUFFER_INDEX_MASK
2244. ; Start a new run.
2245. ldiw X, TxRunLengthsRingBuffer
2246. add XL, r19
2247. adc XH, r1
2248. st X, r23
2249. ; Next Manchester bit.
2250. 3: lsr r18
2251. ; 14 cycles in loop so far
2252. com r20
2253. brne 1b
2254. std Y + G_Transmitter + Tx_TxBit + TxBit_TailIx, r19
2255. rjmp main_Loop
2256.  
2257. ; 89 or 96 cycles
2258.  
2259. main_TxState_Terminator:
2260.  
2261. ; 22 cycles so far
2262.  
2263. ; There is no real terminator to transmit in this encoding scheme.
2264. ; However, the current run length needs to be enqueued if it's for
2265. ; a high state. Then a long space is to be enqueued.
2266.  
2267. ldiw X, TxRunLengthsRingBuffer
2268. add XL, r19
2269. adc XH, r1
2270. sbrc r19, 0
2271. rjmp 1f
2272. inc r19
2273. andi r19, TX_RING_BUFFER_INDEX_MASK
2274. ldiw X, TxRunLengthsRingBuffer
2275. add XL, r19
2276. adc XH, r1
2277. 1: ldi r20, TX_RLB_REST_TIME
2278. st X, r20
2279. inc r19
2280. andi r19, TX_RING_BUFFER_INDEX_MASK
2281. std Y + G_Transmitter + Tx_TxBit + TxBit_TailIx, r19
2282.  
2283. ldi r20, TX_STATE_REST
2284. std Y + G_Transmitter + Tx_State, r20
2285. ldi r20, TX_TASK_REST_TIME
2286. std Y + G_Transmitter + Tx_Counter, r20
2287.  
2288. rjmp main_Loop
2289.  
2290. ; 44 or 49 cycles
2291.  
2292. main_TxState_Rest:
2293.  
2294. ; 21 cycles so far
2295.  
2296. ldd r20, Y + G_Transmitter + Tx_Counter
2297. tst r20
2298. breq 1f
2299. dec r20
2300. std Y + G_Transmitter + Tx_Counter, r20
2301.  
2302. rjmp main_Loop ; 30 cycles
2303.  
2304. 1: ldd r18, Y + G_Transmitter + Tx_TxBit + TxBit_HeadIx
2305. ldd r19, Y + G_Transmitter + Tx_TxBit + TxBit_TailIx
2306. cp r18, r19
2307. brne 2f
2308. ldi r20, TX_STATE_IDLE
2309. std Y + G_Transmitter + Tx_State, r20
2310. 2:
2311. rjmp main_Loop
2312.  
2313. ; 35 or 37 cycles
2314.  
2315. main_Tx_BufferMarkSpace:
2316. ; r19: Transmit run length ring buffer tail index
2317. ; r20: Mark length in 32kHz ticks
2318. ; r21: Space length in 32kHz ticks
2319. ; Y: Global variables
2320.  
2321. clr r0
2322. 1: ldiw X, TxRunLengthsRingBuffer
2323. add XL, r19
2324. adc XH, r1
2325. st X, r20
2326. inc r19
2327. andi r19, TX_RING_BUFFER_INDEX_MASK
2328. mov r20, r21
2329. com r0
2330. brne 1b
2331. std Y + G_Transmitter + Tx_TxBit + TxBit_TailIx, r19
2332. ret
2333.  
2334. ; 30 cycles including call
2335.  
2336. main_T1_Authentication:
2337.  
2338. ldd r20, Y + G_AESState
2339. cpi r20, AES_STATE_BEGIN
2340. brcc main_AES_IdleOrStartAES
2341. sub r20, r2
2342. brcs main_Trampoline_AES_Finished
2343. ifhs
2344. andi r20, 0xF6
2345. std Y + G_AESState, r20
2346. mov r21, r20
2347. andi r21, 0x0F
2348. breq main_AES_AddRoundKey
2349. dec r21
2350. breq main_AES_AdvanceRoundKey
2351. cpi r21, 0x05
2352. brcc main_AES_SubAndShift
2353. dec r21
2354. ; Fall though to main_AES_Mixcolumn.
2355.  
2356. main_AES_Mixcolumn:
2357.  
2358. ; 18 cycles so far
2359. ; Mix a single column.
2360. cpi r20, 0x05
2361. brne 1f
2362. ; Skip MixColumns in the final round.
2363. std Y + G_AESState, r2
2364. ldi r24, 0x36
2365. rjmp main_AES_AdvanceRoundKey_RudeEntryForRound10
2366. 1: lsl r21
2367. lsl r21
2368. ldiw X, AES_Matrix_M
2369. add XL, r21
2370. adc XH, r1
2371. ; 27 cycles so far
2372. rcall AES_MixColumn ; 68 + 8 cycles
2373. rjmp main_Loop
2374. ; 105 cycles
2375.  
2376. main_AES_SubAndShift:
2377.  
2378. ; 18 cycles so far
2379. ; Substitute bytes and shift rows.
2380. ldiw Y, AES_Matrix_M
2381. ; 20 cycles so far
2382. rcall AES_SubstituteAndShift ; 113 + 8 cycles
2383. ldiw Y, Globals
2384. rjmp main_Loop
2385. ; 145 cycles
2386.  
2387. main_AES_AddRoundKey:
2388.  
2389. ; 14 cycles so far
2390. ; Add the round key.
2391. ldiw Z, AES_Matrix_W
2392. ldiw X, AES_Matrix_M
2393. ; 18 cycles so far
2394. rcall Xor16B ; 112 + 8 cycles
2395. rjmp main_Loop
2396. ; 140 cycles
2397.  
2398. main_AES_AdvanceRoundKey:
2399.  
2400. ; 16 cycles so far
2401. ; Advance the round key.
2402. ldi r18, 0x1B
2403. ldd r24, Y + G_AESRoundConstantByte
2404. lsl r24
2405. ifcs
2406. eor r24, r18
2407. std Y + G_AESRoundConstantByte, r24
2408. main_AES_AdvanceRoundKey_RudeEntryForRound10:
2409. ; 24 or 25 cycles so far
2410. ldiw Y, AES_Matrix_W
2411. rcall AES_AdvanceRoundKey ; 107 + 8 cycles
2412. ldiw Y, Globals
2413. rjmp main_Loop
2414. ; 145 or 146 cycles
2415.  
2416. main_AES_StartEncryption:
2417.  
2418. ; 7 or 54 cycles so far
2419. ldi r20, 0x8D
2420. std Y + G_AESRoundConstantByte, r20
2421. ldi r20, 0xA1
2422. std Y + G_AESState, r20
2423. ldiw Z, AES_Matrix_K
2424. ldiw X, AES_Matrix_W
2425. rjmp main_Copy16BAndLoop ; +73 cycles
2426. ; 90 or 137 cycles
2427.  
2428. main_Trampoline_AES_Finished:
2429.  
2430. ; 7 cycles so far
2431. rjmp main_AES_Finished
2432.  
2433. main_AES_IdleOrStartAES:
2434.  
2435. ; 5 cycles so far
2436. breq main_AES_StartEncryption
2437. ; Fall though to main_Auth_AES_Idle.
2438.  
2439. main_AES_Idle:
2440.  
2441. ; 6 cycles so far
2442. ldd r20, Y + G_AuthenticationState
2443. cpi r20, AUTH_STATE_CMDMSG_XOR_K2
2444. breq main_Auth_CmdMsg_XorK2 ; 11 cycles
2445. cpi r20, AUTH_STATE_CMDMSG_LOAD_K
2446. breq main_Auth_CmdMsg_LoadK ; 13 cycles
2447. cpi r20, AUTH_STATE_K2_CLEAR
2448. breq main_Auth_K2_Clear ; 15 cycles
2449. cpi r20, AUTH_STATE_CMDMSG_BEGIN
2450. breq main_Trampoline_Auth_CmdMsg_Begin ; 17 cycles
2451. cpi r20, AUTH_STATE_K2_BEGIN
2452. breq main_Auth_K2_Begin ; 19 cycles
2453. ; 18 cycles so far
2454. ; Fall though to main_Auth_Idle.
2455.  
2456. main_Auth_Idle:
2457.  
2458. ; 18 cycles so far
2459. ldiw Z, AuthenticationData
2460. ldd r0, Z + AD_HaveK2
2461. tst r0
2462. breq main_Auth_K2_Begin ; 25 cycles
2463. rjmp main_Loop ; 26 cycles
2464.  
2465. main_Auth_CmdMsg_XorK2:
2466.  
2467. ; 11 cycles so far
2468. ldiw Z, AuthenticationData + AD_CMACSubkeyK2
2469. ldiw X, AES_Matrix_M
2470. rcall Xor16B ; 112 + 8 cycles
2471. ldi r20, AUTH_STATE_CMDMSG_CMAC
2472. std Y + G_AuthenticationState, r20
2473. ldi r20, AES_STATE_BEGIN
2474. std Y + G_AESState, r20
2475. rjmp main_Loop
2476. ; 143 cycles
2477.  
2478. main_Auth_CmdMsg_LoadK:
2479.  
2480. ; 13 cycles so far
2481. ; For a final block that was short before padding, AES-CMAC
2482. ; requires xoring with the subkey K2.
2483. ldi r20, AUTH_STATE_CMDMSG_XOR_K2
2484. std Y + G_AuthenticationState, r20
2485. ; Right now though, load K with the (secret) CMAC key.
2486. ldiw Z, AuthenticationData + AD_CMACKey
2487. ldiw X, AES_Matrix_K
2488. rjmp main_Copy16BAndLoop ; 69 cycles
2489. ; 91 cycles
2490.  
2491. main_Trampoline_Auth_CmdMsg_Begin:
2492.  
2493. ; 17 cycles so far
2494. rjmp main_Auth_CmdMsg_Begin
2495.  
2496. main_Auth_K2_Begin:
2497.  
2498. ; 19 or 25 cycles so far
2499. ldi r20, AUTH_STATE_K2_CLEAR
2500. std Y + G_AuthenticationState, r20
2501. ldiw Z, AuthenticationData + AD_CMACKey
2502. ldiw X, AES_Matrix_K
2503. rjmp main_Copy16BAndLoop ; +73 cycles
2504. ; 82 or 88 cycles
2505.  
2506. main_Auth_K2_Clear:
2507.  
2508. ; 15 cycles so far
2509. ldiw X, AES_Matrix_M
2510. st X+, r1
2511. st X+, r1
2512. st X+, r1
2513. st X+, r1
2514. st X+, r1
2515. st X+, r1
2516. st X+, r1
2517. st X+, r1
2518. st X+, r1
2519. st X+, r1
2520. st X+, r1
2521. st X+, r1
2522. st X+, r1
2523. st X+, r1
2524. st X+, r1
2525. st X+, r1
2526. ldi r20, AUTH_STATE_K2_GEN_K1
2527. std Y + G_AuthenticationState, r20
2528. ; 52 cycles so far
2529. rjmp main_AES_StartEncryption
2530. ; 139 cycles
2531.  
2532. main_AES_Finished:
2533.  
2534. ; 9 cycles so far
2535. ldd r20, Y + G_AuthenticationState
2536. cpi r20, AUTH_STATE_CMDMSG_CMAC
2537. ifeq
2538. rjmp main_Auth_CmdMsg_WriteCMAC ; 15 cycles
2539. cpi r20, AUTH_STATE_K2_GEN_K2
2540. breq main_Auth_K2_GenK2 ; 17 cycles
2541. cpi r20, AUTH_STATE_K2_GEN_K1
2542. brne main_Auth_End ; 19 cycles
2543. ; Fall through to main_Auth_K2_GenK1.
2544.  
2545. main_Auth_K2_GenK1:
2546.  
2547. ; 18 cycles so far
2548. ldiw X, AES_Matrix_M
2549. movw ZL, XL
2550. rcall AES_AdvanceCMACSubKey ; 96 + 8 cycles
2551. ldi r20, AUTH_STATE_K2_GEN_K2
2552. std Y + G_AuthenticationState, r20
2553. rjmp main_Loop
2554. ; 130 cycles
2555.  
2556. main_Auth_K2_GenK2:
2557.  
2558. ; 17 cycles so far
2559. ldiw X, AES_Matrix_M
2560. ldiw Z, AuthenticationData + AD_CMACSubkeyK2
2561. std Z + AD_HaveK2 - AD_CMACSubkeyK2, r2
2562. rcall AES_AdvanceCMACSubKey ; 96 + 8 cycles
2563. ; 127 cycles so far
2564. ; Fall though to main_Auth_End.
2565.  
2566. main_Auth_End:
2567.  
2568. ; 127 or 19 cycles so far
2569. ldi r20, AUTH_STATE_IDLE
2570. std Y + G_AuthenticationState, r20
2571. ldi r20, AES_STATE_IDLE
2572. std Y + G_AESState, r20
2573. rjmp main_Loop
2574. ; 135 or 27 cycles
2575.  
2576. main_Auth_CmdMsg_Begin:
2577.  
2578. ; 19 cycles so far
2579. ldiw Z, AuthenticationData
2580. ; Compose the message, leaving the CMAC to be computed and written
2581. ; while the transmission routine is still sending the payload.
2582. ldd r8, Z + AD_SerialNumber + 0
2583. ldd r9, Z + AD_SerialNumber + 1
2584. ldd r10, Z + AD_SerialNumber + 2
2585. ldd r11, Z + AD_SerialNumber + 3
2586. std Y + G_Transmitter + Tx_Data + CmdMsg_SerialNumber + 0, r11
2587. std Y + G_Transmitter + Tx_Data + CmdMsg_SerialNumber + 1, r10
2588. std Y + G_Transmitter + Tx_Data + CmdMsg_SerialNumber + 2, r9
2589. std Y + G_Transmitter + Tx_Data + CmdMsg_SerialNumber + 3, r8
2590. ldd r16, Z + AD_SequenceNumber + 0
2591. ldd r17, Z + AD_SequenceNumber + 1
2592. ldd r18, Z + AD_SequenceNumber + 2
2593. ldd r19, Z + AD_SequenceNumber + 3
2594. std Y + G_Transmitter + Tx_Data + CmdMsg_SequenceNumber + 0, r19
2595. std Y + G_Transmitter + Tx_Data + CmdMsg_SequenceNumber + 1, r18
2596. std Y + G_Transmitter + Tx_Data + CmdMsg_SequenceNumber + 2, r17
2597. std Y + G_Transmitter + Tx_Data + CmdMsg_SequenceNumber + 3, r16
2598. ldd r20, Y + G_Transmitter + Tx_Data + CmdMsg_Command
2599. ldd r21, Y + G_Transmitter + Tx_Data + CmdMsg_Parameter
2600. ; Leave CmdMsg_Command and CmdMsg_Parameter as they are.
2601. ; 47 cycles so far
2602. ; AES-CMAC requires a short message block to be padded to the
2603. ; full 16 bytes with a bit one followed by however many bit
2604. ; zeros will fit.
2605. ldiw X, AES_Matrix_M
2606. st X+, r11
2607. st X+, r10
2608. st X+, r9
2609. st X+, r8
2610. st X+, r19
2611. st X+, r18
2612. st X+, r17
2613. st X+, r16
2614. st X+, r20
2615. st X+, r21
2616. ldi r20, 0x80
2617. st X+, r20
2618. st X+, r1
2619. st X+, r1
2620. st X+, r1
2621. st X+, r1
2622. st X+, r1
2623. ; 73 cycles so far
2624. ; Advance the sequence number to foil replay attacks.
2625. add r16, r2
2626. adc r17, r1
2627. adc r18, r1
2628. adc r19, r1
2629. std Z + AD_SequenceNumber + 0, r16
2630. std Z + AD_SequenceNumber + 1, r17
2631. std Z + AD_SequenceNumber + 2, r18
2632. std Z + AD_SequenceNumber + 3, r19
2633. ldd r16, Y + G_EWLState + EWLS_UpdateCountdown
2634. sub r16, r2
2635. adc r16, r1
2636. std Y + G_EWLState + EWLS_UpdateCountdown, r16
2637. ldi r20, 14
2638. std Y + G_Transmitter + Tx_NumBytesToSend, r20
2639. ldi r20, TX_STATE_BEGIN
2640. std Y + G_Transmitter + Tx_State, r20
2641. ldi r20, AUTH_STATE_CMDMSG_LOAD_K
2642. std Y + G_AuthenticationState, r20
2643. rjmp main_Loop
2644. ; 102 cycles
2645.  
2646. main_Auth_CmdMsg_WriteCMAC:
2647.  
2648. ; 15 cycles so far
2649. ldi r20, AUTH_STATE_IDLE
2650. std Y + G_AuthenticationState, r20
2651. ldi r20, AES_STATE_IDLE
2652. std Y + G_AESState, r20
2653. ldiw X, AES_Matrix_M
2654. ldiw Z, Globals + G_Transmitter + Tx_Data
2655. ld r0, X+
2656. std Z + CmdMsg_CMAC + 0, r0
2657. ld r0, X+
2658. std Z + CmdMsg_CMAC + 1, r0
2659. ld r0, X+
2660. std Z + CmdMsg_CMAC + 2, r0
2661. ld r0, X+
2662. std Z + CmdMsg_CMAC + 3, r0
2663. ; 41 cycles
2664. rjmp main_Auth_End
2665. ; 43 cycles
2666.  
2667. main_Copy16BAndLoop:
2668.  
2669. 1: ld r0, Z+
2670. st X+, r0
2671. ld r0, Z+
2672. st X+, r0
2673. ld r0, Z+
2674. st X+, r0
2675. ld r0, Z+
2676. st X+, r0
2677. ld r0, Z+
2678. st X+, r0
2679. ld r0, Z+
2680. st X+, r0
2681. ld r0, Z+
2682. st X+, r0
2683. ld r0, Z+
2684. st X+, r0
2685. com r1
2686. brne 1b
2687. rjmp main_Loop
2688.  
2689. ; Max 146 cycles
2690.  
2691. main_T2:
2692.  
2693. rjmp main_Loop
2694.  
2695. main_T3:
2696.  
2697. rjmp main_Loop
2698.  
2699. main_T2_TeachAndSoundSelectTasks:
2700.  
2701. sbrs r4, 4
2702. rjmp 1f
2703. sbrc r4, 3
2704. rjmp main_T2_TASSTasks_T0_ADCInputAndTASSTimers ; 5 cycles
2705. rjmp main_T2_TASSTasks_T1_ButtonLogic ; 6 cycles
2706. 1: sbrc r4, 3
2707. rjmp main_T2_TASSTasks_T2_SaveAndTransmit ; 6 cycles
2708. rjmp main_T2_TASSTasks_T3 ; 7 cycles
2709.  
2710. ; Max 7 cycles
2711.  
2712.  
2713. main_T2_TASSTasks_T0_ADCInputAndTASSTimers:
2714.  
2715. ; The three buttons wired to ADC1 on pin 7 are connected to resistors.
2716. ;
2717. ; Vcc -----*---------------------------
2718. ; |
2719. ; R4 [ ]
2720. ; |
2721. ; *---------*---------*------> ADC input
2722. ; | | |
2723. ; R3 [ ] R2 [ ] R1 [ ]
2724. ; | | | R1 = 6.8k ohms
2725. ; | o | o | o R2 = 1.8k ohms
2726. ; TEACH [| SS2 [| SS1 [| R3 = 220 ohms
2727. ; | o | o | o R4 = 3.0k ohms or 3.3k ohms
2728. ; | | |
2729. ; GND -----*---------*---------*------
2730. ;
2731. ; As power supply fluctuations and contact resistance can affect the
2732. ; ADC readings, it is best to require only single-button combinations
2733. ; be interpreted.
2734. ;
2735. ; TEACH SS2 SS1 ADC ADCH Range
2736. ; 0 0 0 100% 255 216..255
2737. ; 0 0 1 69% 177 137..215
2738. ; 0 1 0 37% 96 57..136
2739. ; 1 x x <7% <18 0..56
2740.  
2741. in r17, _SFR_IO_ADDR(ADCH)
2742. sbi _SFR_IO_ADDR(ADCSRA), ADSC
2743. cpi r17, 137
2744. brcs 1f
2745. ldi r16, 0b000
2746. cpi r17, 216
2747. adc r16, r1
2748. rjmp 2f
2749. 1: ldi r16, 0b010
2750. cpi r17, 57
2751. ifcs
2752. ldi r16, 0b100
2753. 2: ; 9 cycles so far
2754. ldd r0, Y + G_ADCButtons + ADCB_ProvisionalState
2755. ldd r17, Y + G_ADCButtons + ADCB_AcceptanceCountdown
2756. std Y + G_ADCButtons + ADCB_ProvisionalState, r16
2757. cpse r0, r16
2758. ldi r17, BUTTON_DB_DELAY_ADC
2759. sub r17, r2
2760. adc r17, r1
2761. std Y + G_ADCButtons + ADCB_AcceptanceCountdown, r17
2762. ldd r17, Y + G_ADCButtons + ADCB_State
2763. brne . + 2
2764. mov r17, r16
2765. std Y + G_ADCButtons + ADCB_State, r17
2766. ldd r0, Y + G_ADCButtons + ADCB_MutexState
2767. tst r17
2768. breq 3f
2769. tst r0
2770. ifeq
2771. 3: mov r0, r17
2772. std Y + G_ADCButtons + ADCB_MutexState, r0
2773.  
2774. ; Max 36 cycles so far
2775.  
2776. ldiw Z, TASSState
2777. ldd r8, Y + G_SlowClocks
2778. mov r7, r8
2779. bst r5, 3 ; Counting at 15.625Hz
2780. bld r8, bCLOCK_TASS
2781. std Y + G_SlowClocks, r8
2782. eor r7, r8
2783. bst r7, bCLOCK_TASS
2784. clr r7
2785. bld r7, 0
2786. ldd r16, Z + TASS_LongPressCountdown
2787. sub r16, r7
2788. adc r16, r1
2789. ldd r10, Z + TASS_SS1LongPressCountdown
2790. sub r10, r7
2791. adc r10, r1
2792. ldd r11, Z + TASS_SS2LongPressCountdown
2793. sub r11, r7
2794. adc r11, r1
2795. ldd r24, Y + G_TaskFlags1
2796. ldd r25, Y + G_TaskFlags2
2797. ldd r22, Z + TASS_PrimarySoundTestCountdown
2798. tst r22
2799. breq 1f
2800. sub r22, r7
2801. ifeq
2802. ori r24, mTASK1_SEND_PRIMARY_SOUND_B
2803. 1: ldd r23, Z + TASS_SecondarySoundTestCountdown
2804. tst r23
2805. breq 2f
2806. sub r23, r7
2807. ifeq
2808. ori r24, mTASK1_SEND_SECONDARY_SOUND_B
2809. 2: ldd r18, Y + G_SensorActivationSenses
2810. ldd r19, Z + TASS_NewSensorActivationSenses
2811. ldd r20, Z + TASS_Sensor1InversionCountdown
2812. ldd r21, Z + TASS_Sensor2InversionCountdown
2813. tst r20
2814. breq 3f
2815. sub r20, r7
2816. brne 3f
2817. bst r19, 0
2818. bld r18, 0
2819. 3: tst r21
2820. breq 4f
2821. sub r21, r7
2822. brne 4f
2823. bst r19, 1
2824. bld r18, 1
2825. 4: ldd r9, Z + TASS_PingIntervalCountdown
2826. sub r9, r7
2827. adc r9, r1
2828. std Z + TASS_PingIntervalCountdown, r9
2829. std Y + G_SensorActivationSenses, r18
2830. std Z + TASS_Sensor1InversionCountdown, r20
2831. std Z + TASS_Sensor2InversionCountdown, r21
2832. std Z + TASS_LongPressCountdown, r16
2833. std Z + TASS_SS1LongPressCountdown, r10
2834. std Z + TASS_SS2LongPressCountdown, r11
2835. std Z + TASS_PrimarySoundTestCountdown, r22
2836. std Z + TASS_SecondarySoundTestCountdown, r23
2837. std Y + G_TaskFlags1, r24
2838. std Y + G_TaskFlags2, r25
2839. rjmp main_Loop
2840.  
2841. ; Max 36 + 91 = 127 cycles
2842.  
2843. main_T2_TASSTasks_T1_ButtonLogic:
2844.  
2845. ; Handle the Teach and Sound Select logic, along with the
2846. ; special functions. Special functions include sensor activation
2847. ; sense inversion, the self-timer for a delayed and unencrypted
2848. ; teach message transmission and pinging mode.
2849. ldiw Z, TASSState
2850. ldd r0, Y + G_ADCButtons + ADCB_MutexState
2851. ldd r7, Z + TASS_LastButtonsState
2852. std Z + TASS_LastButtonsState, r0
2853. ldd r24, Y + G_TaskFlags1
2854. ldd r25, Y + G_TaskFlags2
2855. ldd r16, Z + TASS_LongPressCountdown
2856. ldd r10, Z + TASS_SS1LongPressCountdown
2857. ldd r11, Z + TASS_SS2LongPressCountdown
2858. ldd r22, Z + TASS_PrimarySoundTestCountdown
2859. ldd r23, Z + TASS_SecondarySoundTestCountdown
2860. ldd r17, Z + TASS_TeachOrPingState
2861. cpse r17, r1
2862. rjmp 9f
2863. ; No particular mode is active.
2864. sbrc r0, 2
2865. rjmp 11f ; The Teach button has just been pressed.
2866. ; The Teach button is not currently pressed.
2867. ; 28 cycles so far
2868. ldi r18, SOUND_SELECT_BUTTON_VERY_LONG_PRESS_TIME
2869. mov r9, r18
2870. ldi r18, SOUND_SELECT_BUTTON_VERY_LONG_PRESS_TIME - \
2871. SOUND_SELECT_BUTTON_LONG_PRESS_TIME
2872. mov r12, r18
2873. ldi r16, TEACH_BUTTON_LONG_PRESS_TIME
2874. cpse r0, r1
2875. rjmp 2f
2876. cpse r7, r1
2877. rjmp 2f
2878. ; No button is being pressed and a button release did not just occur.
2879. ; Flash the LED during a transmission.
2880. ldd r8, Y + G_Transmitter + Tx_NumBytesSent
2881. com r8
2882. ldd r18, Y + G_Transmitter + Tx_State
2883. cpi r18, TX_STATE_SYNC
2884. breq 1f
2885. cpi r18, TX_STATE_DATA
2886. breq 1f
2887. clr r8
2888. 1: bst r8, 0
2889. in r8, _SFR_IO_ADDR(PORTB)
2890. bld r8, OUTPUT_BIT_ACTIVITY_LED
2891. out _SFR_IO_ADDR(PORTB), r8
2892. mov r10, r9
2893. mov r11, r9
2894. rjmp 8f ; 55 cycles
2895. 2: ; At least one of the Sound Select buttons is currently pressed
2896. ; or has just been released.
2897. ; Max 38 cycles so far
2898. std Z + TASS_NumTeachMessagesToSend, r1
2899. std Z + TASS_SuppressKeyRandomisation, r1
2900. ; See if a sound select button has been pressed for a very long time.
2901. ; That is the silly walk to active pinging mode.
2902. tst r10
2903. ifeq
2904. rjmp 15f
2905. tst r11
2906. ifeq
2907. rjmp 15f
2908. ; Flash the activity LED if one or both sound select buttons
2909. ; is held down for long, else keep it lit.
2910. bst r5, 3
2911. cp r10, r12
2912. brcs 3f
2913. cp r11, r12
2914. brcs 3f
2915. set
2916. 3: in r8, _SFR_IO_ADDR(PORTB)
2917. bld r8, OUTPUT_BIT_ACTIVITY_LED
2918. out _SFR_IO_ADDR(PORTB), r8
2919. ; Prepare to advance a sound index or toggle a sensor sense.
2920. ; Max 57 cycles so far
2921. ldd r8, Z + TASS_NewSensorActivationSenses
2922. ldd r18, Y + G_SoundIndices
2923. com r7
2924. or r7, r0
2925. ; Max 63 cycles so far
2926. ; See if the primary sound select button has just been released.
2927. sbrc r7, 0
2928. rjmp 5f
2929. cp r10, r12
2930. brcc 4f
2931. ; Toggle the primary sensor sense.
2932. eor r8, r2
2933. ldi r19, SENSE_INVERSION_DELAY
2934. std Z + TASS_Sensor1InversionCountdown, r19
2935. sbrs r8, 0
2936. ori r25, mTASK2_SAVE_SENSOR_ACTIVATION_SENSES |\
2937. mTASK2_SEND_PRIMARY_SENSE_NORMAL
2938. sbrc r8, 0
2939. ori r25, mTASK2_SAVE_SENSOR_ACTIVATION_SENSES |\
2940. mTASK2_SEND_PRIMARY_SENSE_INVERTED
2941. rjmp 5f
2942. 4: ; Advance the primary sound index.
2943. add r18, r2
2944. ifhs
2945. subi r18, 16
2946. ori r24, mTASK1_SAVE_SOUND_INDICES | mTASK1_SEND_PRIMARY_SOUND_A
2947. ldi r22, ACTIVATION_SOUND_TO_DEACTIVATION_SOUND_DELAY
2948. 5: sbrs r0, 0
2949. mov r10, r9
2950. ; Max 79 cycles so far
2951. ; See if the secondary sound select button has just been released.
2952. sbrc r7, 1
2953. rjmp 7f
2954. cp r11, r12
2955. brcc 6f
2956. ; Toggle the secondary sensor sense.
2957. ldi r19, 2
2958. eor r8, r19
2959. ldi r19, SENSE_INVERSION_DELAY
2960. std Z + TASS_Sensor2InversionCountdown, r19
2961. sbrs r8, 1
2962. ori r25, mTASK2_SAVE_SENSOR_ACTIVATION_SENSES |\
2963. mTASK2_SEND_SECONDARY_SENSE_NORMAL
2964. sbrc r8, 1
2965. ori r25, mTASK2_SAVE_SENSOR_ACTIVATION_SENSES |\
2966. mTASK2_SEND_SECONDARY_SENSE_INVERTED
2967. rjmp 7f
2968. 6: ; Advance the secondary sound index.
2969. subi r18, -16
2970. ori r24, mTASK1_SAVE_SOUND_INDICES | mTASK1_SEND_SECONDARY_SOUND_A
2971. ldi r23, ACTIVATION_SOUND_TO_DEACTIVATION_SOUND_DELAY
2972. 7: sbrs r0, 1
2973. mov r11, r9
2974. std Y + G_SoundIndices, r18
2975. std Z + TASS_NewSensorActivationSenses, r8
2976. ; Max 100 cycles so far
2977. ; Fall through...
2978. 8: std Z + TASS_LongPressCountdown, r16
2979. std Z + TASS_SS1LongPressCountdown, r10
2980. std Z + TASS_SS2LongPressCountdown, r11
2981. std Z + TASS_TeachOrPingState, r17
2982. std Z + TASS_PrimarySoundTestCountdown, r22
2983. std Z + TASS_SecondarySoundTestCountdown, r23
2984. std Y + G_TaskFlags1, r24
2985. std Y + G_TaskFlags2, r25
2986. rjmp main_Loop ; Max 118 cycles
2987. 9: ; A special mode is active.
2988. ; 27 cycles so far
2989. mov r10, r3
2990. mov r11, r3
2991. cpi r17, TASS_STATE_TEACH_PRESSED
2992. breq 11f
2993. cpi r17, TASS_STATE_TEACH_LONG_PRESSED
2994. breq 12f
2995. cpi r17, TASS_STATE_DELAYED_TEACH
2996. breq 13f
2997. cpi r17, TASS_STATE_SILLY_WALK_FOR_PING
2998. breq 15f
2999. cpi r17, TASS_STATE_PINGING
3000. breq 16f
3001. ; Assume TASS_STATE_WAIT_FOR_RELEASE and fall through.
3002. 10: ; To lessen the chance of accidental input, wait for all buttons
3003. ; to be released.
3004. ; 39 cycles so far
3005. sbi _SFR_IO_ADDR(PORTB), OUTPUT_BIT_ACTIVITY_LED
3006. cpse r0, r1
3007. rjmp 8b
3008. cbi _SFR_IO_ADDR(PORTB), OUTPUT_BIT_ACTIVITY_LED
3009. ldi r17, TASS_STATE_IDLE
3010. ser r16
3011. mov r10, r16
3012. mov r11, r16
3013. rjmp 8b ; 49 cycles
3014. 11: ; The Teach button is pressed, but not for very long yet.
3015. ; 32 or 29 cycles so far
3016. ldi r17, TASS_STATE_TEACH_PRESSED
3017. std Z + TASS_NumTeachMessagesToSend, r1
3018. std Z + TASS_SuppressKeyEncryption, r1
3019. sbi _SFR_IO_ADDR(PORTB), OUTPUT_BIT_ACTIVITY_LED
3020. tst r16
3021. ifeq
3022. ldi r17, TASS_STATE_TEACH_LONG_PRESSED
3023. cpse r0, r1
3024. rjmp 8b ; Max 44 cycles
3025. rjmp 18f ; Max 45 cycles
3026. 12: ; The Teach button is being subject to a long press.
3027. ; 34 cycles so far
3028. bst r5, 3
3029. in r8, _SFR_IO_ADDR(PORTB)
3030. bld r8, OUTPUT_BIT_ACTIVITY_LED
3031. out _SFR_IO_ADDR(PORTB), r8
3032. cpse r0, r1
3033. rjmp 8b ; 41 cycles
3034. cbi _SFR_IO_ADDR(PORTB), OUTPUT_BIT_ACTIVITY_LED
3035. ldi r17, TASS_STATE_DELAYED_TEACH
3036. ldi r16, 176 ; About 11 seconds
3037. std Z + TASS_SuppressKeyEncryption, r2
3038. rjmp 8b ; 47 cycles
3039. 13: ; The self-timer for the delayed teach function is counting down.
3040. ; 36 cycles so far
3041. tst r0
3042. brne 17f
3043. tst r16
3044. breq 18f
3045. ; Flash the self-timer LED.
3046. mov r18, r16
3047. ldi r19, 0x0F
3048. cpi r18, 32
3049. brcc 14f
3050. ldi r19, 0x03
3051. sbrs r18, 4
3052. lsr r19
3053. 14: clt
3054. and r18, r19
3055. ifeq
3056. set
3057. in r8, _SFR_IO_ADDR(PORTB)
3058. bld r8, OUTPUT_BIT_ACTIVITY_LED
3059. out _SFR_IO_ADDR(PORTB), r8
3060. rjmp 8b ; Max 56 cycles
3061. 15: ; The silly walk to activate pinging mode is in progress.
3062. ; Max 49 cycles so far
3063. ldi r17, TASS_STATE_SILLY_WALK_FOR_PING
3064. bst r5, 2
3065. in r8, _SFR_IO_ADDR(PORTB)
3066. bld r8, OUTPUT_BIT_ACTIVITY_LED
3067. out _SFR_IO_ADDR(PORTB), r8
3068. cpse r0, r1
3069. rjmp 8b ; Max 57 cycles
3070. cbi _SFR_IO_ADDR(PORTB), OUTPUT_BIT_ACTIVITY_LED
3071. ldi r18, PING_START_DELAY
3072. std Z + TASS_PingIntervalCountdown, r18
3073. ldi r18, 150 ; 150 pings 4 seconds apart (10 minutes)
3074. std Z + TASS_NumPingsToSend, r18
3075. ldi r17, TASS_STATE_PINGING
3076. rjmp 8b ; Max 66 cycles
3077. 16: ; Pinging mode is active.
3078. ; 40 cycles so far
3079. tst r0
3080. brne 17f
3081. bst r5, 7
3082. in r8, _SFR_IO_ADDR(PORTB)
3083. bld r8, OUTPUT_BIT_ACTIVITY_LED
3084. out _SFR_IO_ADDR(PORTB), r8
3085. ldd r18, Z + TASS_NumPingsToSend
3086. tst r18
3087. breq 17f ; 51 cycles
3088. ldd r19, Z + TASS_PingIntervalCountdown
3089. cpse r19, r1
3090. rjmp 8b ; 55 cycles
3091. ldi r19, PING_INTERVAL_DOUBLED >> 1
3092. .if PING_INTERVAL_DOUBLED & 1
3093. sbrc r6, 1
3094. inc r19
3095. .endif
3096. std Z + TASS_PingIntervalCountdown, r19
3097. ori r25, mTASK2_SEND_PING
3098. dec r18
3099. std Z + TASS_NumPingsToSend, r18
3100. breq 17f ; 65 cycles
3101. rjmp 8b ; 66 cycles
3102. 17: ; 65 or 39 cycles so far
3103. ldi r17, TASS_STATE_WAIT_FOR_RELEASE
3104. rjmp 8b ; Max 68 cycles
3105. 18: ; Issue the teach message!
3106. ; 45 or 41 cycles so far
3107. cbi _SFR_IO_ADDR(PORTB), OUTPUT_BIT_ACTIVITY_LED
3108. ser r16
3109. ldi r17, TASS_STATE_IDLE
3110. clr r22
3111. clr r23
3112. ori r24, mTASK1_SEND_TEACH_MESSAGE
3113. andi r24, ~(mTASK1_SEND_PRIMARY_SOUND_A |\
3114. mTASK1_SEND_PRIMARY_SOUND_B |\
3115. mTASK1_SEND_SECONDARY_SOUND_A |\
3116. mTASK1_SEND_SECONDARY_SOUND_B)
3117. ldi r18, 5
3118. std Z + TASS_NumTeachMessagesToSend, r18
3119. ; Max 55 cycles so far
3120. rjmp 8b
3121.  
3122. ; Max 118 cycles
3123.  
3124. main_T2_TASSTasks_T2_SaveAndTransmit:
3125.  
3126. ldd r24, Y + G_TaskFlags1
3127. ldd r25, Y + G_TaskFlags2
3128.  
3129. sbic _SFR_IO_ADDR(EECR), EEPE
3130. rjmp 2f
3131.  
3132. sbrs r24, bTASK1_SAVE_SOUND_INDICES
3133. rjmp 1f
3134. ldiw X, EEPROM_InvSoundIndices
3135. ldd r0, Y + G_SoundIndices
3136. com r0
3137. rcall WriteEEPROMByte ; 23 cycles
3138. andi r24, ~(mTASK1_SAVE_SOUND_INDICES)
3139. rjmp 2f ; 39 cycles
3140.  
3141. 1: sbrs r25, bTASK2_SAVE_SENSOR_ACTIVATION_SENSES
3142. rjmp 2f
3143. ldiw X, EEPROM_SensorActivationSenses
3144. lds r0, TASSState + TASS_NewSensorActivationSenses
3145. andi r25, ~(mTASK2_SAVE_SENSOR_ACTIVATION_SENSES)
3146. rcall WriteEEPROMByte ; 23 cycles
3147. ; Max 39 cycles so far
3148. ; Fall through
3149.  
3150. 2: ; Max 39 cycles so far
3151. ldd r16, Y + G_Transmitter + Tx_State
3152. cpi r16, TX_STATE_IDLE
3153. brne 8f
3154. ldd r16, Y + G_AuthenticationState
3155. cpi r16, AUTH_STATE_IDLE
3156. brne 8f
3157. ldd r16, Y + G_AESState
3158. cpi r16, AES_STATE_IDLE
3159. brne 8f
3160. ; Max 51 cycles so far
3161. ldd r17, Y + G_SoundIndices
3162. sbrc r24, bTASK1_SEND_PRIMARY_SOUND_A
3163. rjmp 3f
3164. sbrc r24, bTASK1_SEND_PRIMARY_SOUND_B
3165. rjmp 4f
3166. sbrc r24, bTASK1_SEND_SECONDARY_SOUND_A
3167. rjmp 5f
3168. sbrc r24, bTASK1_SEND_SECONDARY_SOUND_B
3169. rjmp 6f
3170. sbrc r24, bTASK1_SEND_TEACH_MESSAGE
3171. rjmp 14f
3172. sbrc r25, bTASK2_SEND_PRIMARY_SENSE_NORMAL
3173. rjmp 9f
3174. sbrc r25, bTASK2_SEND_PRIMARY_SENSE_INVERTED
3175. rjmp 10f
3176. sbrc r25, bTASK2_SEND_SECONDARY_SENSE_NORMAL
3177. rjmp 11f
3178. sbrc r25, bTASK2_SEND_SECONDARY_SENSE_INVERTED
3179. rjmp 12f
3180. sbrc r25, bTASK2_SEND_PING
3181. rjmp 13f
3182. rjmp 8f
3183.  
3184. 3: ; Activation sound for primary sensor
3185. ; Max 56 cycles so far
3186. andi r24, ~(mTASK1_SEND_PRIMARY_SOUND_A)
3187. ldi r16, 0b0101
3188. rjmp 7f
3189.  
3190. 4: ; Deactivation sound for primary sensor
3191. ; Max 58 cycles so far
3192. andi r24, ~(mTASK1_SEND_PRIMARY_SOUND_B)
3193. ldi r16, 0b0100
3194. rjmp 7f
3195.  
3196. 5: ; Activation sound for secondary sensor
3197. ; Max 60 cycles so far
3198. andi r24, ~(mTASK1_SEND_SECONDARY_SOUND_A)
3199. ldi r16, 0b0111
3200. swap r17
3201. rjmp 7f
3202.  
3203. 6: ; Deactivation sound for secondary sensor
3204. ; Max 62 cycles so far
3205. andi r24, ~(mTASK1_SEND_SECONDARY_SOUND_B)
3206. ldi r16, 0b0110
3207. swap r17
3208. ; Fall through to transmission initiation.
3209.  
3210. 7: ; Max 65 cycles so far
3211. ; Max 79 cycles
3212. andi r17, 0x0F
3213. std Y + G_Transmitter + Tx_Data + CmdMsg_Command, r16
3214. std Y + G_Transmitter + Tx_Data + CmdMsg_Parameter, r17
3215. ldi r16, AUTH_STATE_CMDMSG_BEGIN
3216. std Y + G_AuthenticationState, r16
3217. rcall MutateRandomData ; 21 + 8 cycles
3218. ; Max 116 cycles so far
3219. ; Fall through to the final part of the routine.
3220.  
3221. 8: ; Max 116 cycles so far
3222. std Y + G_TaskFlags1, r24
3223. std Y + G_TaskFlags2, r25
3224. rjmp main_Loop ; Max 122 cycles
3225.  
3226. 9: ; Report that the primary sensor is to be active high.
3227. ; Max 66 cycles so far
3228. andi r25, ~(mTASK2_SEND_PRIMARY_SENSE_NORMAL)
3229. ldi r16, 0b1000
3230. ldi r17, 0
3231. rjmp 7b
3232.  
3233. 10: ; Report that the primary sensor is to be active low.
3234. ; Max 68 cycles so far
3235. andi r25, ~(mTASK2_SEND_PRIMARY_SENSE_INVERTED)
3236. ldi r16, 0b1001
3237. ldi r17, 1
3238. rjmp 7b
3239.  
3240. 11: ; Report that the secondary sensor is to be active high.
3241. ; Max 70 cycles so far
3242. andi r25, ~(mTASK2_SEND_SECONDARY_SENSE_NORMAL)
3243. ldi r16, 0b1010
3244. ldi r17, 0
3245. rjmp 7b
3246.  
3247. 12: ; Report that the secondary sensor is to be active low.
3248. ; Max 72 cycles so far
3249. andi r25, ~(mTASK2_SEND_SECONDARY_SENSE_INVERTED)
3250. ldi r16, 0b1011
3251. ldi r17, 1
3252. rjmp 7b
3253.  
3254. 13: ; Ping the chime(s) to assist with radio range assessment.
3255. ; Max 74 cycles so far
3256. andi r25, ~(mTASK2_SEND_PING)
3257. ldi r16, 0b1000
3258. ldi r17, 2
3259. rjmp 7b ; Max 79 cycles
3260.  
3261. 14: ; Send the teach message, perhaps after generating a new secret key.
3262. ; Max 64 cycles so far
3263. std Y + G_TaskFlags2, r25
3264. push r24
3265. lds r0, TASSState + TASS_SuppressKeyRandomisation
3266. tst r0
3267. brne 15f
3268. rcall RandomiseCMACKey
3269. ldiw Z, AuthenticationData + AD_CMACKey
3270. ldiw X, EEPROM_CMACKey
3271. ldi r16, 16
3272. rcall WriteEEPROMBlock
3273. ; Randomise the random part of the serial number.
3274. ldiw Z, EntropyHarvester +\
3275. EH_RandomData + EH_AUX_RANDOM_DATA_START_INDEX + 1
3276. ld r16, Z+
3277. ld r17, Z+
3278. add r17, r4
3279. ror r16
3280. st -Z, r16
3281. st -Z, r17
3282. swap r17
3283. add r16, r5
3284. add r16, r6
3285. andi r17, 0x0F
3286. ldiw Z, AuthenticationData
3287. ldd r0, Z + AD_SerialNumber + 0
3288. eor r0, r16
3289. std Z + AD_SerialNumber + 0, r0
3290. ldd r16, Z + AD_SerialNumber + 1
3291. andi r16, 0xF0
3292. or r16, r17
3293. std Z + AD_SerialNumber + 1, r16
3294. ; Save the new serial number.
3295. ldiw Z, AuthenticationData + AD_SerialNumber
3296. ldiw X, EEPROM_SerialNumber
3297. ldi r16, 4
3298. rcall WriteEEPROMBlock
3299. ; Update all of the random data while we're at it.
3300. ldiw Z, EntropyHarvester + EH_RandomData
3301. ldiw X, EEPROM_RandomData
3302. ldi r16, EH_MUTATION_INDEX_RANGE
3303. rcall WriteEEPROMBlock
3304. sts TASSState + TASS_SuppressKeyRandomisation, r2
3305. 15: rcall FullyUpdateEWLData
3306. clr r24
3307. lds r0, TASSState + TASS_SuppressKeyEncryption
3308. cpse r0, r1
3309. ldi r24, 1
3310. rcall BuildTeachMessage
3311. pop r24
3312. ldi r16, TeachMsgSize
3313. ldiw Z, TASSState
3314. std Y + G_Transmitter + Tx_NumBytesToSend, r16
3315. ldi r16, TX_STATE_BEGIN
3316. std Y + G_Transmitter + Tx_State, r16
3317. andi r24, ~(mTASK1_SEND_TEACH_MESSAGE)
3318. ldd r16, Z + TASS_NumTeachMessagesToSend
3319. sub r16, r2
3320. adc r16, r1
3321. std Z + TASS_NumTeachMessagesToSend, r16
3322. ifne
3323. ori r24, mTASK1_SEND_TEACH_MESSAGE
3324. std Y + G_TaskFlags1, r24
3325. rjmp main_Loop
3326.  
3327. ; Max 122 cycles if the teach procedure is not performed.
3328.  
3329. main_T2_TASSTasks_T3:
3330.  
3331. rjmp main_Loop
3332.  
3333. main_T3_SensorInputConditioningAndEntropyHarvesting:
3334.  
3335. ; Debounce sensor inputs.
3336. ldd r24, Y + G_SecondarySensorIntegral
3337. clr r22
3338. sbis _SFR_IO_ADDR(PINB), INPUT_BIT_SECONDARY_SENSOR ; Active low!
3339. ser r22
3340. rcall DebounceSensor
3341. std Y + G_SecondarySensorIntegral, r24
3342. mov r16, r24
3343. ldd r24, Y + G_PrimarySensorIntegral
3344. clr r22
3345. sbis _SFR_IO_ADDR(PINB), INPUT_BIT_PRIMARY_SENSOR ; Active low!
3346. ser r22
3347. rcall DebounceSensor
3348. std Y + G_PrimarySensorIntegral, r24
3349. ; 51 cycles so far
3350. ; Set or clear the sensor state bits.
3351. ldd r18, Y + G_SensorsState
3352. mov r19, r18
3353. cp r24, r1
3354. ifeq
3355. andi r18, ~(1 << 0)
3356. cp r24, r3
3357. ifeq
3358. ori r18, (1 << 0)
3359. cp r16, r1
3360. ifeq
3361. andi r18, ~(1 << 1)
3362. cp r16, r3
3363. ifeq
3364. ori r18, (1 << 1)
3365. ldd r0, Y + G_SensorActivationSenses
3366. eor r18, r0
3367. std Y + G_SensorsState, r18
3368. ; 70 cycles so far
3369. cp r19, r18
3370. breq 2f
3371. ; The sensors state has changed.
3372. ; Harvest some entropy.
3373. rcall MutateRandomData ; 21 + 8 cycles
3374. std Y + G_CmdTxDelayRandomByte, r0
3375. ldiw Z, EntropyHarvester
3376. ; 105 cycles so far
3377. ; Lazily write the random data to EEPROM.
3378. ldd r0, Z + EH_EEPROMUpdatePending
3379. tst r0
3380. brne 1f
3381. ldd r16, Z + EH_MutationCounter
3382. inc r16
3383. std Z + EH_MutationCounter, r16
3384. andi r16, (1 << EH_UPDATE_COUNTER_BITS) - 1
3385. brne 2f
3386. std Z + EH_EEPROMUpdatePending, r2
3387. 1: sbic _SFR_IO_ADDR(EECR), EEPE
3388. rjmp 2f
3389. std Z + EH_EEPROMUpdatePending, r1
3390. ldd r16, Z + EH_EEPROMUpdateIndex
3391. subi r16, -EH_UPDATE_INDEX_ADVANCE
3392. andi r16, EH_MUTATION_INDEX_MASK
3393. std Z + EH_EEPROMUpdateIndex, r16
3394. adiw ZL, EH_RandomData
3395. add ZL, r16
3396. adc ZH, r1
3397. ldiw X, EEPROM_RandomData
3398. add XL, r16
3399. adc XH, r1
3400. ld r0, Z
3401. ; 138 cycles so far
3402. ldi r16, (0 << EEPM1) | (0 << EEPM0)
3403. out _SFR_IO_ADDR(EECR), r16
3404. out _SFR_IO_ADDR(EEARH), XH
3405. out _SFR_IO_ADDR(EEARL), XL
3406. out _SFR_IO_ADDR(EEDR), r0
3407. sbi _SFR_IO_ADDR(EECR), EEMPE
3408. sbi _SFR_IO_ADDR(EECR), EEPE ; The CPU is halted for 2 cycles.
3409. ; Max 147 cycles so far
3410. 2: rjmp main_Loop
3411.  
3412. ; Max 149 cycles
3413.  
3414. main_T4_SensorStateTxBurstsAndEWLUpdates:
3415.  
3416. ldd r24, Y + G_TaskFlags1
3417. ldd r18, Y + G_SensorsState
3418. ldd r19, Y + G_TransmittedSensorsState
3419. ldiw Z, Globals + G_CmdTxRepeatSchedule
3420. cp r18, r19
3421. breq 1f
3422. std Y + G_TransmittedSensorsState, r18
3423. ; One of the sensors has changed state.
3424. ; Prepare the repeat schedule and submit a request
3425. ; for transmission right now.
3426. ; 10 cycles so far
3427. ldd r7, Y + G_CmdTxDelayRandomByte
3428. ldi r16, 1
3429. std Z + 5, r16
3430. ldi r16, 3
3431. std Z + 4, r16
3432. ldi r16, 8
3433. mov r17, r7
3434. andi r17, 0x03
3435. add r16, r17
3436. std Z + 3, r16
3437. ldi r16, 15
3438. sub r16, r17
3439. mov r17, r7
3440. lsr r17
3441. lsr r17
3442. andi r17, 0x03
3443. add r16, r17
3444. std Z + 2, r16
3445. ldi r16, 24
3446. sub r17, r17
3447. swap r7
3448. mov r17, r7
3449. andi r17, 0x03
3450. add r16, r17
3451. std Z + 1, r16
3452. ldi r16, 34
3453. sub r17, r17
3454. mov r17, r7
3455. lsr r17
3456. andi r17, 0x06
3457. add r16, r17
3458. std Z + 0, r16
3459. ldi r16, 6
3460. std Y + G_CmdTxNumRepeatsToSend, r16
3461. ori r24, mTASK1_SEND_CMD_MESSAGE
3462. ; 53 cycles so far
3463. rjmp 2f
3464. 1: ; Update the slow clock for the transmission repeat delay.
3465. ; 11 cycles so far
3466. ldd r0, Y + G_SlowClocks
3467. mov r7, r0
3468. bst r5, 3
3469. bld r0, bCLOCK_CMD_MSG_BURST
3470. std Y + G_SlowClocks, r0
3471. eor r7, r0
3472. bst r7, bCLOCK_CMD_MSG_BURST
3473. clr r0
3474. bld r0, 0
3475. ; See if a command transmission is already pending.
3476. sbrc r24, bTASK1_SEND_CMD_MESSAGE
3477. rjmp 2f
3478. ; Follow the transmission repeat schedule.
3479. ldd r16, Y + G_CmdTxNumRepeatsToSend
3480. dec r16
3481. brmi 2f
3482. add ZL, r16
3483. adc ZH, r1
3484. ld r7, Z
3485. sub r7, r0
3486. adc r7, r1
3487. st Z, r7
3488. brne 2f
3489. std Y + G_CmdTxNumRepeatsToSend, r16
3490. ori r24, mTASK1_SEND_CMD_MESSAGE
3491. ; 40 cycles so far
3492. 2: ; 40 or 55 cycles so far
3493. sbrs r24, bTASK1_SEND_CMD_MESSAGE
3494. rjmp 3f
3495. ; Send the command message as soon as the resources are available.
3496. ldd r16, Y + G_Transmitter + Tx_State
3497. cpi r16, TX_STATE_IDLE
3498. brne 3f
3499. ldd r16, Y + G_AuthenticationState
3500. cpi r16, AUTH_STATE_IDLE
3501. brne 3f
3502. ldd r16, Y + G_AESState
3503. cpi r16, AES_STATE_IDLE
3504. brne 3f
3505. ; Send the command now.
3506. andi r18, 0x03
3507. ori r18, 0x00 ; Just to make the hex file easy to edit
3508. ldd r19, Y + G_SoundIndices
3509. std Y + G_Transmitter + Tx_Data + CmdMsg_Command, r18
3510. std Y + G_Transmitter + Tx_Data + CmdMsg_Parameter, r19
3511. ldi r16, AUTH_STATE_CMDMSG_BEGIN
3512. std Y + G_AuthenticationState, r16
3513. andi r24, ~(mTASK1_SEND_CMD_MESSAGE)
3514. ; Max 83 cycles so far
3515. 3: std Y + G_TaskFlags1, r24
3516. rcall LazilyUpdateEWLData ; 66 cycles
3517. rjmp main_Loop
3518.  
3519. ; Max 153 cycles
3520.  
3521. main_T5_RefreshEEPROM:
3522.  
3523. ldd r8, Y + G_SlowClocks
3524. mov r7, r8
3525. bst r6, 7 ; Cycling once every 524.29s
3526. bld r8, bCLOCK_EEPROM_REFRESH
3527. std Y + G_SlowClocks, r8
3528. com r8
3529. and r7, r8
3530. bst r7, bCLOCK_EEPROM_REFRESH
3531. brtc 1f
3532. sbic _SFR_IO_ADDR(EECR), EEPE
3533. rjmp 1f ; Busy! Better luck next time!
3534. ldd XL, Y + G_EEPROMRefreshCounter + 0
3535. ldd XH, Y + G_EEPROMRefreshCounter + 1
3536. add XL, r2
3537. adc XH, r1
3538. andi XH, 0x01
3539. std Y + G_EEPROMRefreshCounter + 0, XL
3540. std Y + G_EEPROMRefreshCounter + 1, XH
3541. rcall ReadEEPROMByte ; 18 cycles
3542. rcall WriteEEPROMByte ; 23 cycles
3543. 1: rjmp main_Loop
3544.  
3545. ; Max 67 cycles
3546.  
3547. main_T6:
3548.  
3549. rjmp main_Loop
3550.  
3551. main_T7:
3552.  
3553. rjmp main_Loop
3554.  
3555.  
3556. ;-------------------------------------------------------------------------------
3557. ; Data in program memory
3558. ;-------------------------------------------------------------------------------
3559.  
3560.  
3561. ; As the AES round constant high bytes are easy to generate, they needn't be
3562. ; stored. Each round constant byte is the previous one shifted to the left
3563. ; and XORed with 0x1B if the shift set the carry flag. The RCon high byte for
3564. ; Round 1 is 0x01 and for Round 10, it is 0x36. If the advance occurs before
3565. ; each use, the start value should be 0x8D.
3566. ;
3567. ;PM_AES_RoundConstantBytes:
3568. ; .byte 0x8D, 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40
3569. ; .byte 0x80, 0x1B, 0x36, 0x6C, 0xD8, 0xAB, 0x4D, 0x9A
3570.  
3571. .balign 256
3572. PM_AES_SBox:
3573. .byte 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5
3574. .byte 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76
3575. .byte 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0
3576. .byte 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0
3577. .byte 0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC
3578. .byte 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15
3579. .byte 0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A
3580. .byte 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75
3581. .byte 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0
3582. .byte 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84
3583. .byte 0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B
3584. .byte 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF
3585. .byte 0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85
3586. .byte 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8
3587. .byte 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5
3588. .byte 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2
3589. .byte 0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17
3590. .byte 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73
3591. .byte 0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88
3592. .byte 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB
3593. .byte 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C
3594. .byte 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79
3595. .byte 0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9
3596. .byte 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08
3597. .byte 0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6
3598. .byte 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A
3599. .byte 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E
3600. .byte 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E
3601. .byte 0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94
3602. .byte 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF
3603. .byte 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68
3604. .byte 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16
3605.  
3606.  
3607. ;-------------------------------------------------------------------------------
3608. ; Globals in SRAM
3609. ;-------------------------------------------------------------------------------
3610.  
3611. ;-------------------------------------------------------------------------------
3612. .section .bss
3613. ;-------------------------------------------------------------------------------
3614.  
3615.  
3616. Globals:
3617. .fill GSize
3618. TASSState:
3619. .fill TASSSize
3620. .balign 2
3621. TxRunLengthsRingBuffer:
3622. .fill TX_RING_BUFFER_INDEX_RANGE
3623. AES_Matrix_M:
3624. .fill 16
3625. AES_Matrix_K:
3626. .fill 16
3627. AES_Matrix_W:
3628. .fill 16
3629. AuthenticationData:
3630. .fill ADSize
3631. EWLState:
3632. .fill EWLSSize
3633. EntropyHarvester:
3634. .fill EHSize
3635. .balign 2
3636. VariablesEnd:
3637.  
3638.  
3639. ;-------------------------------------------------------------------------------
3640. .end
3641. ;-------------------------------------------------------------------------------