Day: February 22, 2023

All About USB-C: Replying Low-Level PD

February 22, 2023 by 31 Comments

Last time, we configured the FUSB302 to receive USB PD messages, and successfully received a “capability advertisement” message from a USB-C PSU. Now we crack the PD specification open, parse the message, and then craft a reply that makes the PSU give us the highest voltage available.

How did the buffer contents look, again?

>>> b
b'\xe0\xa1a,\x91\x01\x08,\xd1\x02\x00\x13\xc1\x03\x00\xdc\xb0\x04\x00\xa5@\x06\x00<!\xdc\xc0H\xc6\xe7\xc6\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'

The zeroes at the end might look non-significant, and they indeed are not with 99.99% certainty – that said, don’t just discard the entire tail end; one of the bytes in the beginning encodes the length of the message. We’ll read those bytes first, and then read only exactly as much as we need, making sure we aren’t reading two messages and interpreting it as one, and that we’re not discarding zeroes that are part of the message.

Today, we will write code that parses messages right after reading them from the FIFO buffer – however, keep this message handy for reference, still; and if you don’t have the hardware, you can use it to try your hand at decoding nevertheless. If you wanna jump in, you can find today’s full code here!

Continue reading “All About USB-C: Replying Low-Level PD”

Reverse Engineering The Apple Lightning Connector

February 22, 2023 by 7 Comments

A frequent contributor to the hacker community, [stacksmashing] has prepared an excellent instructional video on reverse engineering Apple’s Lighting connector proprietary protocol. The video begins by showing how to gain physical access to the signals and hooking them up to a logic analyzer. He then notes that the handshaking uses only a single signal and proposes that Apple isn’t going to re-invent the wheel (perhaps a risky assumption). Using a ChatGPT search, obligatory these days, we learn that Dallas Semiconductor / Microchip 1-wire is probably the protocol employed.

Which embedded single-wire busses exist that encode bits with different lengths of low and high signals?

At the basic level, 1-wire and protocols like Texas Instruments SDQ operate in a similar manner. It turns out that [stacksmashing] already wrote a SDQ analyzer module for the Saleae logic analyzer. Aided by this tool, he digs deeper and learns more about the kinds of messages and their contents. For example, upon being plugged in, the host system queries the accessory’s serial number, manufacturer, model number, and product description. Finally, he introduces the CRC reverse engineering tool reveng to determine which CRC polynomial and algorithm the protocol uses to frame each packet.

Even if you have no interest in Lightning cables, this video is a great tutorial on the types of things you need to do in order to make sense of an unknown communications protocol. Gather what information you can, make some educated guesses, observe the signals, revise your guesses, and repeat. In part two, [stacksmashing] will show how to build a homemade iPhone JTAG cable.

We wrote in more detail about cracking the Lightning interface back in 2015. The Lightning interface may have been a good solution in its day, foreshadowing some of the features we now have in USB-C. But its proprietary and closed nature meant it wasn’t used outside of the Apple ecosystem. With the proliferation and capabilities of USB-C, not to mention various legislative edicts, Lightning’s days seem numbered. Is the industry finally settling on one interface? Let us know your thoughts in the comments below.

Continue reading “Reverse Engineering The Apple Lightning Connector”

Electromagnetic Mechanism Makes Reconfigurable Antenna

February 22, 2023 by 10 Comments

Antennas are a key component to any RF gadget. But antennas often only perform well over a narrow band of frequencies. For some applications, this is acceptable, but often you would like to reconfigure an antenna for different bands. Researchers at Penn State say they’ve developed a tunable antenna using compliant mechanisms and electromagnets. The new scalable design could work in small areas to provide frequency agility or beamforming.

The prototype is a circular patch antenna made with 3D printing. If you want to read the actual paper, you can find it on Nature Communications.

A compliant mechanism is one that achieves force and motion through elastic body deformation. Think of a binder clip. There’s no hinge or bearing. Yet the part moves in a useful way, using its own deformation to open up or grip papers tightly. That’s an example of a compliant mechanism. This isn’t a new idea — the bow and arrow are another example. However, because 3D printing offers many opportunities to build and refine devices like this, interest in them have increased in recent years.

We couldn’t help but notice that the antenna is a variation of a “compliant iris” like the one in the video below. You can find designs for these online for 3D printing, so if you wanted to experiment,  you might think about starting there.

We’ve looked at compliant mechanisms before. Why would you want better chip-scale antennas? Why, indeed.

Continue reading “Electromagnetic Mechanism Makes Reconfigurable Antenna”