1 /* ISO 14443-3 A anticollision implementation
3 * (C) 2005-2006 by Harald Welte <laforge@gnumonks.org>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2
10 * as published by the Free Software Foundation
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
27 #include <librfid/rfid.h>
28 #include <librfid/rfid_layer2.h>
29 #include <librfid/rfid_reader.h>
30 #include <librfid/rfid_layer2_iso14443a.h>
31 #include <librfid/rfid_protocol.h>
35 /* Transceive a 7-bit short frame */
37 iso14443a_transceive_sf(struct rfid_layer2_handle *handle,
39 struct iso14443a_atqa *atqa)
41 struct rfid_reader *rdr = handle->rh->reader;
43 return rdr->iso14443a.transceive_sf(handle->rh, cmd, atqa);
46 /* Transmit an anticollission bit frame */
48 iso14443a_transceive_acf(struct rfid_layer2_handle *handle,
49 struct iso14443a_anticol_cmd *acf,
50 unsigned int *bit_of_col)
52 struct rfid_reader *rdr = handle->rh->reader;
54 return rdr->iso14443a.transceive_acf(handle->rh, acf, bit_of_col);
57 /* Transmit a regular frame */
59 iso14443a_transceive(struct rfid_layer2_handle *handle,
60 enum rfid_frametype frametype,
61 const unsigned char *tx_buf, unsigned int tx_len,
62 unsigned char *rx_buf, unsigned int *rx_len,
63 u_int64_t timeout, unsigned int flags)
65 return handle->rh->reader->transceive(handle->rh, frametype, tx_buf,
66 tx_len, rx_buf, rx_len, timeout, flags);
70 iso14443a_code_nvb_bits(unsigned char *nvb, unsigned int bits)
72 unsigned int byte_count = bits / 8;
73 unsigned int bit_count = bits % 8;
75 if (byte_count < 2 || byte_count > 7)
78 *nvb = ((byte_count & 0xf) << 4) | bit_count;
83 /* first bit is '1', second bit '2' */
85 set_bit_in_field(unsigned char *bitfield, unsigned int bit)
87 unsigned int byte_count = bit / 8;
88 unsigned int bit_count = bit % 8;
90 DEBUGP("bitfield=%p, byte_count=%u, bit_count=%u\n",
91 bitfield, byte_count, bit_count);
92 DEBUGP("%p = 0x%02x\n", (bitfield+byte_count), *(bitfield+byte_count));
93 *(bitfield+byte_count) |= 1 << (bit_count-1);
94 DEBUGP("%p = 0x%02x\n", (bitfield+byte_count), *(bitfield+byte_count));
98 iso14443a_anticol(struct rfid_layer2_handle *handle)
101 unsigned int uid_size;
102 struct iso14443a_handle *h = &handle->priv.iso14443a;
103 struct iso14443a_atqa atqa;
104 struct iso14443a_anticol_cmd acf;
105 unsigned int bit_of_col;
106 unsigned char sak[3];
107 unsigned int rx_len = sizeof(sak);
108 char *aqptr = (char *) &atqa;
110 memset(handle->uid, 0, sizeof(handle->uid));
111 memset(sak, 0, sizeof(sak));
112 memset(&atqa, 0, sizeof(atqa));
113 memset(&acf, 0, sizeof(acf));
115 ret = iso14443a_transceive_sf(handle, ISO14443A_SF_CMD_REQA, &atqa);
117 h->state = ISO14443A_STATE_REQA_SENT;
118 DEBUGP("error during transceive_sf: %d\n", ret);
121 h->state = ISO14443A_STATE_ATQA_RCVD;
123 DEBUGP("ATQA: 0x%02x 0x%02x\n", *aqptr, *(aqptr+1));
125 if (!atqa.bf_anticol) {
126 h->state = ISO14443A_STATE_NO_BITFRAME_ANTICOL;
127 DEBUGP("no bitframe anticollission bits set, aborting\n");
131 if (atqa.uid_size == 2 || atqa.uid_size == 3)
133 else if (atqa.uid_size == 1)
138 acf.sel_code = ISO14443A_AC_SEL_CODE_CL1;
140 h->state = ISO14443A_STATE_ANTICOL_RUNNING;
141 h->level = ISO14443A_LEVEL_CL1;
144 rx_len = sizeof(sak);
145 iso14443a_code_nvb_bits(&acf.nvb, 16);
147 ret = iso14443a_transceive_acf(handle, &acf, &bit_of_col);
150 DEBUGP("bit_of_col = %u\n", bit_of_col);
152 while (bit_of_col != ISO14443A_BITOFCOL_NONE) {
153 set_bit_in_field(&acf.uid_bits[0], bit_of_col-16);
154 iso14443a_code_nvb_bits(&acf.nvb, bit_of_col);
155 ret = iso14443a_transceive_acf(handle, &acf, &bit_of_col);
156 DEBUGP("bit_of_col = %u\n", bit_of_col);
161 iso14443a_code_nvb_bits(&acf.nvb, 7*8);
162 ret = iso14443a_transceive(handle, RFID_14443A_FRAME_REGULAR,
163 (unsigned char *)&acf, 7,
164 (unsigned char *) &sak, &rx_len,
170 /* Cascade bit set, UID not complete */
171 switch (acf.sel_code) {
172 case ISO14443A_AC_SEL_CODE_CL1:
173 /* cascading from CL1 to CL2 */
174 if (acf.uid_bits[0] != 0x88) {
175 DEBUGP("Cascade bit set, but UID0 != 0x88\n");
178 memcpy(&handle->uid[0], &acf.uid_bits[1], 3);
179 acf.sel_code = ISO14443A_AC_SEL_CODE_CL2;
180 h->level = ISO14443A_LEVEL_CL2;
182 case ISO14443A_AC_SEL_CODE_CL2:
183 /* cascading from CL2 to CL3 */
184 memcpy(&handle->uid[3], &acf.uid_bits[1], 3);
185 acf.sel_code = ISO14443A_AC_SEL_CODE_CL3;
186 h->level = ISO14443A_LEVEL_CL3;
189 DEBUGP("cannot cascade any further than CL3\n");
190 h->state = ISO14443A_STATE_ERROR;
197 switch (acf.sel_code) {
198 case ISO14443A_AC_SEL_CODE_CL1:
199 /* single size UID (4 bytes) */
200 memcpy(&handle->uid[0], &acf.uid_bits[0], 4);
202 case ISO14443A_AC_SEL_CODE_CL2:
203 /* double size UID (7 bytes) */
204 memcpy(&handle->uid[3], &acf.uid_bits[0], 4);
206 case ISO14443A_AC_SEL_CODE_CL3:
207 /* triple size UID (10 bytes) */
208 memcpy(&handle->uid[6], &acf.uid_bits[0], 4);
213 h->level = ISO14443A_LEVEL_NONE;
214 h->state = ISO14443A_STATE_SELECTED;
219 else if (uid_size == 2)
222 handle->uid_len = 10;
224 DEBUGP("UID %s\n", rfid_hexdump(handle->uid, handle->uid_len));
228 DEBUGP("we have a T=CL compliant PICC\n");
229 handle->proto_supported = 1 << RFID_PROTOCOL_TCL;
232 DEBUGP("we have a T!=CL PICC\n");
233 handle->proto_supported = (1 << RFID_PROTOCOL_MIFARE_UL)|
234 (1 << RFID_PROTOCOL_MIFARE_CLASSIC);
242 iso14443a_hlta(struct rfid_layer2_handle *handle)
245 unsigned char tx_buf[2] = { 0x50, 0x00 };
246 unsigned char rx_buf[10];
247 unsigned int rx_len = sizeof(rx_buf);
249 ret = iso14443a_transceive(handle, RFID_14443A_FRAME_REGULAR,
250 tx_buf, sizeof(tx_buf),
251 rx_buf, &rx_len, 1000 /* 1ms */, 0);
253 /* "error" case: we don't get somethng back from the card */
260 iso14443a_setopt(struct rfid_layer2_handle *handle, int optname,
261 const void *optval, unsigned int optlen)
264 struct rfid_reader *rdr = handle->rh->reader;
268 case RFID_OPT_14443A_SPEED_RX:
269 if (!rdr->iso14443a.set_speed)
271 speed = *(unsigned int *)optval;
272 ret = rdr->iso14443a.set_speed(handle->rh, 0, speed);
274 case RFID_OPT_14443A_SPEED_TX:
275 if (!rdr->iso14443a.set_speed)
277 speed = *(unsigned int *)optval;
278 ret = rdr->iso14443a.set_speed(handle->rh, 1, speed);
286 static struct rfid_layer2_handle *
287 iso14443a_init(struct rfid_reader_handle *rh)
290 struct rfid_layer2_handle *h = malloc(sizeof(*h));
294 h->l2 = &rfid_layer2_iso14443a;
296 h->priv.iso14443a.state = ISO14443A_STATE_NONE;
297 h->priv.iso14443a.level = ISO14443A_LEVEL_NONE;
299 ret = h->rh->reader->iso14443a.init(h->rh);
309 iso14443a_fini(struct rfid_layer2_handle *handle)
316 struct rfid_layer2 rfid_layer2_iso14443a = {
317 .id = RFID_LAYER2_ISO14443A,
318 .name = "ISO 14443-3 A",
320 .init = &iso14443a_init,
321 .open = &iso14443a_anticol,
322 .transceive = &iso14443a_transceive,
323 .close = &iso14443a_hlta,
324 .fini = &iso14443a_fini,
325 .setopt = &iso14443a_setopt,