Okay, it’s been a while, since I made any (real) progress on the issue, but now, well, there’s at least something to show.
I happened to be an idiot and spent a few days trying to crack a CRC-16 with a non-standard polynome, and didn’t see that it was a plain sum of the payload bytes. Afterwards, stuff was quite trivial and the protocol – simple as hell. Right now I wrote some quick and dirty parsers in bash and lua to get me the mcudb out of KEIL CDB file processed with ‘strings’. Right now it’s just a plain lua table dump, that can be updated with info extracted from a keil cdb file or by hand. Kind of slow, but for this purpose I think it’s ok for now.
Anyway, my ‘proof-of-concept’ code already does the basic things like getting and partially decoding the info packet:
[necromant@lamia stcdude]$ ./stcdude -d ./mcudb/stc12x.lua -p /dev/ttyUSB1 -i
STC ISP Tool. (c) Necromant 2012
Using mcudb file: ./mcudb/stc12x.lua
Loading mcudb ./init.lua
Done with result 0
Loading mcudb ./mcudb/stc12x.lua
Done with result 0
Using /dev/ttyUSB1 @ 19200
fd is 3
Waiting for an infopacket from MCU...
--- 8< ---
Part name: STC12C5A32S2
Magic bytes: D170
IRAM size: 256 (0x100) bytes
XRAM size: 1024 (0x400) bytes
IROM size: 32768 (0x8000) bytes
Tested ops: FixMe: implement reading of tested ops
Description:
8051-based microcontroller with 1T(1-clock) High-Speed Core,
Dual DPTR, 36-44 I/O Lines, 2 Timers/Counters, 2 PCA Timers,
Alternative build-in oscillator,
Independent Baud Rate Generator, Programmable Clock-Out,
32K bytes flash ROM, 1280 bytes data RAM,
On-chip EEPROM, 2 UARTs, WDT, ISP/IAP, A/D, CCP/PWMm
--- 8< ---
Further stuff is still work-in-progress, diggings showed up, that there might be at least 3 different variations of the ISP protocol, so we're far from full-blown support. But since most things stay the same, after the initial skeleton is ready, adding support for further variations should be straightforward.
For those who want to try out this stuff, grab your copy at my github.