 
            thanks for the feedback and recommendations
I added the JTAG and debug connectors. I hope it will not use more then 2 layers in the end, so normal people can build the pcb at home.
I could not login/register on the osmocom trac wiki to put the files there. Here the current version : https://gsm.tsaitgaist.info/SIMtrac/v0.2/trac.ps I now use this direct link (it could take some time until the DN is spread over all DNS)
I did not yet add the MiM solution, because there are still have some open aspects : MiM : - should it use the clock provider by the reader - or should we provided our own clock (3.8432MHz/9600bps for simplicity) using the reader clock would provide better timing but cold be harder to do (I don't know well this chip yet)
emulation : - how to know what the user wants (sniff vs emulation) if the mode is combined with the sniffer ? - the user has to tell the program - or by detecting the presence of a card (provided by the id-1 socket, but some tricks have to be used for the id-000 socket) - or by having a switch with 3 modes (sniff,emulation,MiM) (my favorite solution)
I did a very simple PCB just to test the sniffer. I will take time to get a good design for the promising SIMtrac.
kevin
On 21.11.2010 20:53, Harald Welte wrote:
Hi!
On Sun, Nov 21, 2010 at 03:14:34PM +0100, ml@mail.tsaitgaist.info wrote:
His solution is way easier, and more reliable. This is why I've now done a hw design for it.
thanks a lot.
I don't know if it's the right mailing list, but it seemed to be the best.
well, I think it is low-traffic and we might just use this mailing list for the time being.
- the AT91SAM7SXXX
- 2 SC sockets (ID-1 and ID-000) for the SIM in credit card and usual
size, as on the rebelSIM
- 1 SC port (IN) to connect the SIM for the phone (I would use the ones
from rebelSIM)
- 1 SC port (OUT) to be able to use the signal using external HW
- the sam-ba port to be able to flash it
I think we should consider the following use cases:
- passive sniffer
this is what simtrace is doing right now and what your hardware is also prepared for.
- card simulation
this is possible with the same circuit. Simply connect it _only_ to the phone and not to a smart card at all. The wiring will be the same, but the USART will be used in Rx and Tx mode. Only software/firmware changes required.
- man in the middle
in this case, we want to connect as master (reader) to the SIM card, and as slave (card-side interface) to the phone.
In order to make we run USART0 as clock-slave (like in case 1 + 2 above), but we also connect a sim card socket to USART1, which we can then run in clock-master mode, i.e. like any 'regular' SAM7 based smart card reader.
The easiest solution would be to add yet another sim card socket which is connected to USART1 (TXD1/SCK1). But then we have 3-4 sim card sockets in one device, which I think is clumsy.
It may be possible to add some jumpers or dip switches that change the behavior, i.e. "one setting for sniffer + card simluation, another setting for man-in-the-middle"
here the schema : https://file.tsaitgaist.info/www/?a=d&i=CWn6xIaCVe please tell me if there is something wrong, or needs some improvement. I will design the PCB shortly.
please take time for detailed review before doign any pcbs... thinking more before prototyping will save time and money.
Another request: Pleaes make the DRxD / DTxD (Debug UART) pins available on the board, preferrably on the same type of header that we use on the OpenPCD. It will not add any cost to the design, but enable you to print debug messages to a serial port, which is very useful during firmware development.
Also, the JTAG lines should be routed to a standard 20-pin ARM-JTAG connector.
Both the Debug-UART and the JTAG headers can not be placed/soldered for normal boards, but people who want to do development will likely find both of them very useful.
Regards, Harald