1 /* ISO 14443-3 B anticollision implementation
3 * (C) 2005 by Harald Welte <laforge@gnumonks.org>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2
10 * as published by the Free Software Foundation
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
26 #include <rfid/rfid.h>
27 #include <rfid/rfid_layer2.h>
28 #include <rfid/rfid_reader.h>
29 #include <rfid/rfid_layer2_iso14443b.h>
31 #include "rfid_iso14443_common.h"
33 #define ATQB_TIMEOUT ((256*10e6/ISO14443_FREQ_SUBCARRIER) \
34 +(200*10e6/ISO14443_FREQ_SUBCARRIER))
37 fwi_to_fwt(struct rfid_layer2_handle *h, unsigned int *fwt, unsigned int fwi)
39 unsigned int multiplier;
45 /* According to ISO 14443-3:200(E), Chapter 7.9.4.3, the forumala is
46 * (256 * 16 / fC) * 2^fwi We avoid floating point computations by
47 * shifting everything into the microsecond range. In integer
48 * calculations 1000000*256*16/13560000 evaluates to 302 (instead of
49 * 302.064897), which provides sufficient precision, IMHO. The max
50 * result is 302 * 16384 (4947968), which fits well within the 31/32
51 * bit range of an integer */
53 multiplier = 1 << fwi; /* 2 to the power of fwi */
55 return (1000000 * 256 * 16 / h->rh->ah->asic->fc) * multiplier
59 parse_atqb(struct rfid_layer2_handle *h, struct iso14443b_atqb *atqb)
63 if (atqb->fifty != 0x50)
66 if (atqb->protocol_info.fo & 0x01)
67 h->priv.iso14443b.flags |= ISO14443B_CID_SUPPORTED;
68 if (atqb->protocol_info.fo & 0x02)
69 h->priv.iso14443b.flags |= ISO14443B_NAD_SUPPORTED;
71 ret = fwi_to_fwt(h, &h->priv.iso14443b.fwt, atqb->protocol_info.fwi);
73 DEBUGP("invalid fwi %u\n", atqb->protocol_info.fwi);
77 if (atqb->protocol_info.protocol_type == 0x1) {
78 DEBUGP("we have a T=CL compliant PICC\n");
79 h->priv.iso14443b.tcl_capable = 1;
81 DEBUGP("we have a T!=CL PICC\n");
82 h->priv.iso14443b.tcl_capable = 0;
85 iso14443_fsdi_to_fsd(&h->priv.iso14443b.fsc,
86 atqb->protocol_info.max_frame_size);
88 /* FIXME: speed capability */
90 memcpy(h->priv.iso14443b.pupi, atqb->pupi,
91 sizeof(h->priv.iso14443b.pupi));
97 send_reqb(struct rfid_layer2_handle *h, unsigned char afi,
98 unsigned int is_wup, unsigned int num_initial_slots)
101 unsigned char reqb[3];
102 struct iso14443b_atqb atqb;
103 unsigned int atqb_len = sizeof(atqb);
104 unsigned int num_slot_idx = num_initial_slots;
109 for (num_slot_idx = num_initial_slots; num_slot_idx <= 4;
111 reqb[2] = num_slot_idx & 0x07;
115 ret = h->rh->reader->transcieve(h->rh, reqb, sizeof(reqb),
116 (unsigned char *)&atqb,
117 &atqb_len, ATQB_TIMEOUT, 0);
118 h->priv.iso14443b.state = ISO14443B_STATE_REQB_SENT;
120 DEBUGP("error during transcieve of REQB/WUBP\n");
124 /* FIXME: send N-1 slot marker frames */
126 if (atqb_len != sizeof(atqb)) {
127 DEBUGP("error: atqb_len = %u instead of %u\n",
128 atqb_len, sizeof(atqb));
132 /* FIXME: how to detect a collission at 14443B ? I guess we
133 * can only rely on the CRC checking (CRCErr in ErrorFlag
136 if (parse_atqb(h, &atqb) >= 0) {
137 h->priv.iso14443b.state = ISO14443B_STATE_ATQB_RCVD;
145 static inline unsigned int mbli_to_mbl(struct rfid_layer2_handle *h,
148 return (h->priv.iso14443b.fsc * 2 ^ (mbli-1));
152 transcieve_attrib(struct rfid_layer2_handle *h, const unsigned char *inf,
153 unsigned int inf_len, unsigned char *rx_data, unsigned int *rx_len)
155 struct iso14443b_attrib_hdr *attrib;
156 unsigned int attrib_size = sizeof(*attrib) + inf_len;
157 unsigned char *rx_buf;
161 DEBUGP("fsd is %u\n", h->priv.iso14443b.fsd);
162 attrib = malloc(attrib_size);
164 perror("attrib_alloc");
168 DEBUGP("fsd is %u\n", h->priv.iso14443b.fsd);
169 rx_buf = malloc(*rx_len+1);
171 perror("rx_buf malloc");
176 /* initialize attrib frame */
177 memset(attrib, 0, attrib_size);
179 memcpy((unsigned char *)attrib+sizeof(*attrib), inf, inf_len);
181 attrib->one_d = 0x1d;
182 memcpy(attrib->identifier, h->priv.iso14443b.pupi, 4);
184 /* FIXME: do we want to change TR0/TR1 from its default ? */
185 /* FIXME: do we want to change SOF/EOF from its default ? */
187 ret = iso14443_fsd_to_fsdi(&fsdi, h->priv.iso14443b.fsd);
189 DEBUGP("unable to map FSD(%u) to FSDI\n",
190 h->priv.iso14443b.fsd);
193 attrib->param2.fsdi = fsdi;
195 /* FIXME: spd_in / spd_out */
196 if (h->priv.iso14443b.tcl_capable == 1)
197 attrib->param3.protocol_type = 0x1;
199 *rx_len = *rx_len + 1;
200 ret = h->rh->reader->transcieve(h->rh, (unsigned char *) attrib,
201 sizeof(*attrib)+inf_len,
202 rx_buf, rx_len, h->priv.iso14443b.fwt,
204 h->priv.iso14443b.state = ISO14443B_STATE_ATTRIB_SENT;
206 DEBUGP("transcieve problem\n");
210 if ((rx_buf[0] & 0x0f) != h->priv.iso14443b.cid) {
211 DEBUGP("ATTRIB response with invalid CID %u\n",
217 h->priv.iso14443b.state = ISO14443B_STATE_SELECTED;
219 h->priv.iso14443b.mbl = mbli_to_mbl(h, (rx_data[0] & 0xf0) >> 4);
221 *rx_len = *rx_len - 1;
222 memcpy(rx_data, rx_buf+1, *rx_len);
233 iso14443b_hltb(struct rfid_layer2_handle *h)
236 unsigned char hltb[5];
237 unsigned char hltb_resp[1];
238 unsigned int hltb_len = 1;
241 memcpy(hltb+1, h->priv.iso14443b.pupi, 4);
243 ret = h->rh->reader->transcieve(h->rh, hltb, 5,
244 hltb_resp, &hltb_len,
245 h->priv.iso14443b.fwt, 0);
246 h->priv.iso14443b.state = ISO14443B_STATE_HLTB_SENT;
248 DEBUGP("transcieve problem\n");
252 if (hltb_len != 1 || hltb_resp[0] != 0x00) {
253 DEBUGP("bad HLTB response\n");
256 h->priv.iso14443b.state = ISO14443B_STATE_HALTED;
262 iso14443b_anticol(struct rfid_layer2_handle *handle)
264 unsigned char afi = 0; /* FIXME */
267 unsigned int buf_len = sizeof(buf);
269 ret = send_reqb(handle, afi, 0, 0);
273 ret = transcieve_attrib(handle, NULL, 0, buf, &buf_len);
280 static struct rfid_layer2_handle *
281 iso14443b_init(struct rfid_reader_handle *rh)
284 struct rfid_layer2_handle *h = malloc(sizeof(*h));
288 h->l2 = &rfid_layer2_iso14443b;
290 h->priv.iso14443b.state = ISO14443B_STATE_NONE;
292 h->priv.iso14443b.fsd = iso14443_fsd_approx(rh->ah->mru);
293 DEBUGP("fsd is %u\n", h->priv.iso14443b.fsd);
295 /* 14443-3 Section 7.1.6 */
296 h->priv.iso14443b.tr0 = (256/ISO14443_FREQ_SUBCARRIER)*10e6;
297 h->priv.iso14443b.tr1 = (200/ISO14443_FREQ_SUBCARRIER)*10e6;
299 ret = h->rh->reader->iso14443b.init(h->rh);
301 DEBUGP("error during reader 14443b init\n");
310 iso14443b_fini(struct rfid_layer2_handle *handle)
317 iso14443b_transcieve(struct rfid_layer2_handle *handle,
318 const unsigned char *tx_buf, unsigned int tx_len,
319 unsigned char *rx_buf, unsigned int *rx_len,
320 unsigned int timeout, unsigned int flags)
322 return handle->rh->reader->transcieve(handle->rh, tx_buf, tx_len,
323 rx_buf, rx_len, timeout, flags);
326 struct rfid_layer2 rfid_layer2_iso14443b = {
327 .id = RFID_LAYER2_ISO14443B,
328 .name = "ISO 14443-3 B",
330 .init = &iso14443b_init,
331 .open = &iso14443b_anticol,
332 .transcieve = &iso14443b_transcieve,
333 .close = &iso14443b_hltb,
334 .fini = &iso14443b_fini,