HydraFW Binary I2C mode guide

#HydraFW binary I2C mode guide

This guide is updated towards development firmware

##Commands Once the I2C mode has been selected, the following commands are available :

• 0b00000000 Return to main mode. Returns BBIO1
• 0b00000010 I2C start bit. Returns 0x01
• 0b00000011 I2C stop bit. Returns 0x01
• 0b00000100 I2C read byte (see below).
• 0b00000110 ACK bit.
• 0b00000111 NACK bit.
• 0b00001000 Write-then-read (see below).
• 0b00001111 Sniff all I2C traffic.
• 0b0001xxxx Bulk I2C transfer.
• 0b0100xxxx Configure peripherals.
• 0b011000xx Set I2C speed.

##Command details ###Write-then-read operation (0b00001000) This command is used to send at most 4096 bytes and will read at most 4096 bytes of data. Format :

Byte 1           2          3          4          5         6        ...
|----------|----------|----------|----------|----------|----------|------...
 [command]    [Bytes to write]      [Bytes to read]       [Data to write

The bytes to read/write are in little-endian format. All data will be buffered before being sent to the I2C bus. Read data will also be buffered on the Hydrabus before being sent back to the user. I2C start bit is sent before sending the data. All read bytes are ACKed, except the last byte which is NACKed. At the end of the read process, the Bus Pirate sends an I2C stop.

More information can be found here : http://dangerousprototypes.com/docs/I2C_(binary)#0x08_-_Write_then_read

###I2C sniffer (00001111) To be done

###Bulk I2C write (0b0001xxxx) In this mode, the last 4 bits of the command define the number of bytes to write (from 1 to 16) (Command 0b00010000 will send 1 byte). Hydrabus replies 0x01 to the bulk I2C command. After each data byte the Hydrabus returns the ACK 0x00 or NACK 0x01 bit from the slave device.

###Set I2Cspeed (0b011000xx) This command sets the I2C device speed. The three last bits will select the speed (in kHz) within the following list :

• 0b00 => 50 kHz
• 0b01 => 100 kHz
• 0b10 => 400 kHz
• 0b11 => 1000 kHz

This commands returns 0x01 if successful, 0x00 in case of error.

###Configure I2C peripheral (0b01000x00) This allows to set the following parameters :

• x sets the pull-up resistors (if 1 use internal on-board pull-up resistors about 50Kohm else use external on-board pull-up resistors)

See https://github.com/bvernoux/hydrafw/wiki/HydraFW-I2C-guide for explanation.

This commands returns 0x01 if successful, 0x00 in case of error.

##Example script The following python script can be used to read 4096 bytes from an I2C EEPROM :

import hexdump
import serial
import struct

#Open serial port
ser = serial.Serial('/dev/ttyACM0', 115200)

#Open binary mode
for i in xrange(20):
    ser.write("\x00")
if "BBIO1" not in ser.read(5):
    print "Could not get into binary mode"
    quit()

# Switching to I2C mode
ser.write('\x02')
if "I2C1" not in ser.read(4):
    print "Cannot set I2C mode"
    quit()

# Reading information
while (addr < 4096*size):
#Write-then-read. 4 bytes to write, 4096 bytes to read 
ser.write('\x08\x00\x04\x10\x00')
#Read command(\x03) and starting address (\x00\x00\x00)
ser.write('\x03\x00\x00\x00')
#Hydrabus will send \x01 in case of success...
ser.read(1)
#...followed by 4096 read bytes
buff += ser.read(4096)

print hexdump.hexdump(buff)

#Return to main binary mode
ser.write('\x00')
#reset to console mode
ser.write('\x0F\n')