1 /* ISO 15693 anticollision implementation
3 * (C) 2005-2008 by Harald Welte <laforge@gnumonks.org>
4 * (C) 2007 by Bjoern Riemer <bjoern.riemer@web.de>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2
10 * as published by the Free Software Foundation
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
27 #include <librfid/rfid.h>
28 #include <librfid/rfid_layer2.h>
29 #include <librfid/rfid_reader.h>
30 #include <librfid/rfid_layer2_iso15693.h>
32 struct iso15693_request_read {
33 struct iso15693_request req;
36 } __attribute__ ((packed));
38 struct iso15693_request_adressed {
39 struct iso15693_request head;
41 } __attribute__ ((packed));
43 #define ISO15693_BLOCK_SIZE_MAX (256/8)
44 #define ISO15693_RESP_SIZE_MAX (4+ISO15693_BLOCK_SIZE_MAX)
46 const unsigned int iso15693_timing[2][5] = {
48 [ISO15693_T1] = 1216, /* max time after VCD EOF before VICC SOF */
49 [ISO15693_T2] = 1200, /* min time before VCD EOF after VICC response */
50 [ISO15693_T3] = 1502, /* min time after VCD EOF before next EOF if no VICC response */
51 [ISO15693_T4] = 1216, /* time after wich VICC transmits after VCD EOF */
52 [ISO15693_T4_WRITE]=20000, /* time after wich VICC transmits after VCD EOF */
55 [ISO15693_T1] = 304, /* max time after VCD EOF before VICC SOF */
56 [ISO15693_T2] = 300, /* min time before VCD EOF after VICC response */
57 [ISO15693_T3] = 602, /* min time after VCD EOF before next EOF if no VICC response */
58 [ISO15693_T4] = 304, /* time after wich VICC transmits after VCD EOF */
59 [ISO15693_T4_WRITE]=20000, /* time after wich VICC transmits after VCD EOF */
64 iso15693_get_response_error_name(u_int8_t error){
66 case RFID_15693_ERR_NOTSUPP:
68 case RFID_15693_ERR_INVALID: /* command not recognized */
70 case RFID_15693_ERR_UNKNOWN: /* unknown error */
72 case RFID_15693_ERR_BLOCK_NA: /* block not available */
74 case RFID_15693_ERR_BLOCK_LOCKED:
75 return "ERR_BLOCK_LOCKE";
76 case RFID_15693_ERR_BLOCK_LOCKED_CH:
77 return "ERR_BLOCK_LOCKED_CH";
78 case RFID_15693_ERR_BLOCK_NOTPROG:
79 return "ERR_BLOCK_NOTPROG";
80 case RFID_15693_ERR_BLOCK_NOTLOCK:
81 return "ERR_BLOCK_NOTLOCK";
82 case 0xA0: /* until 0xDF*/
83 return "Custom Command error Code";
90 static int iso15693_transceive(struct rfid_layer2_handle *handle,
91 enum rfid_frametype frametype,
92 const unsigned char *tx_buf, unsigned int tx_len,
93 unsigned char *rx_buf, unsigned int *rx_len,
94 u_int64_t timeout, unsigned int flags)
96 return handle->rh->reader->transceive(handle->rh, frametype, tx_buf,
97 tx_len, rx_buf, rx_len, timeout, flags);
100 /* Transmit an anticollission frame */
102 iso15693_transceive_acf(struct rfid_layer2_handle *handle,
103 const struct iso15693_anticol_cmd *acf,
104 unsigned int acf_len,
105 struct iso15693_anticol_resp *resp,
106 unsigned int *rx_len, char *bit_of_col)
108 const struct rfid_reader *rdr = handle->rh->reader;
109 if (!rdr->iso15693.transceive_ac)
111 return rdr->iso15693.transceive_ac(handle->rh, acf, acf_len, resp, rx_len, bit_of_col);
117 iso15693_read_block(struct rfid_layer2_handle *handle,
118 u_int8_t blocknr, u_int32_t *data)
121 struct iso15693_request_read req;
122 u_int8_t resp[ISO15693_RESP_SIZE_MAX];
125 req.command = ISO15693_CMD_READ_BLOCK_SINGLE;
126 memcpy(&req.uid, handle->..., ISO15693_UID_LEN);
127 req.blocknum = blocknr;
129 /* FIXME: fill CRC if required */
131 rc = iso15693_transceive(... &req, ..., );
136 memcpy(data, resp+1, rc-1); /* FIXME rc-3 in case of CRC */
142 iso15693_write_block()
144 struct iso16593_request_read *rreq;
145 u_int32_t buf[sizeof(req)+ISO15693_BLOCK_SIZE_MAX];
147 rreq = (struct iso15693_request_read *) req;
150 rreq->req.command = ISO15693_CMD_WRITE_BLOCK_SINGLE;
151 memcpy(rreq->uid, handle->, ISO15693_UID_LEN);
152 rreq->blocknum = blocknr;
158 iso15693_lock_block()
164 /* Helper function to build an ISO 15693 anti collision frame */
166 iso15693_build_acf(u_int8_t *target, u_int8_t flags, u_int8_t afi,
167 u_int8_t mask_len, u_int8_t *mask)
169 struct iso15693_request *req = (struct iso15693_request *) target;
170 int i = 0, j, mask_bytes;
175 req->command = ISO15693_CMD_INVENTORY;
176 if (flags & RFID_15693_F5_AFI_PRES)
177 req->data[i++] = afi;
178 req->data[i++] = mask_len;
180 mask_bytes = mask_len/8 + (mask_len%8)?1:0;
181 mask_p=&req->data[i];
183 for (j = 0; j < mask_bytes; j++)
184 req->data[i++] = mask[j];
186 byte = 0xFF >> (8-mask_len%8);
187 req->data[i-1]&=byte;
189 DEBUGP("mask_len: %d mask_bytes: %d i: %d return: %d mask:%s\n",
190 mask_len,mask_bytes,i,i + sizeof(*req),rfid_hexdump(mask_p,mask_bytes));
191 return i + sizeof(*req);
195 iso15693_anticol(struct rfid_layer2_handle *handle)
197 int i, ret, mask_len;
201 struct iso15693_anticol_cmd_afi w_afi;
202 struct iso15693_anticol_cmd no_afi;
205 struct iso15693_anticol_resp resp;
209 int num_slots = MAX_SLOTS;
211 u_int8_t uuid_list[MAX_SLOTS][ISO15693_UID_LEN];
212 int uuid_list_valid[MAX_SLOTS];
220 memset(uuid_list_valid, MY_NONE, sizeof(uuid_list_valid));
221 memset(uuid_list, 0, sizeof(uuid_list));
223 //memset(&acf, 0, sizeof(acf));
225 /* FIXME: we can't use multiple slots at this point, since the RC632
226 * with librfid on the host PC has too much latency between 'EOF pulse
227 * to mark start of next slot' and 'receive data' commands :( */
229 flags = RFID_15693_F_INV_TABLE_5;
230 if (handle->priv.iso15693.vicc_fast)
231 flags |= RFID_15693_F_RATE_HIGH;
232 if (handle->priv.iso15693.vicc_two_subc)
233 flags |= RFID_15693_F_SUBC_TWO;
234 if (handle->priv.iso15693.single_slot) {
235 flags |= RFID_15693_F5_NSLOTS_1;
238 if (handle->priv.iso15693.use_afi)
239 flags |= RFID_15693_F5_AFI_PRES;
241 tx_len = iso15693_build_acf((u_int8_t *)&acf, flags,
242 handle->priv.iso15693.afi, 0, NULL);
245 u_int8_t uid[8]={0x1f, 0x1e, 0x95, 0x01, 0x00, 0x01, 0x04, 0xe0};
246 //u_int8_t uid[8]={0xe3, 0xe8, 0xf1, 0x01, 0x00, 0x00, 0x07, 0xe0};
247 tx_len = iso15693_build_acf((u_int8_t *)&acf, flags,
248 handle->priv.iso15693.afi, 2, uid);
251 for (i = 0; i < num_slots; i++) {
252 rx_len = sizeof(resp);
253 memset(&resp, 0, rx_len);
254 ret = iso15693_transceive_acf(handle, (u_int8_t *) &acf, tx_len, &resp, &rx_len, &boc);
256 if (ret == -ETIMEDOUT) {
257 //DEBUGP("no answer from vicc in slot %d\n", i);
258 DEBUGP("slot[%d]: timeout\n",i);
259 uuid_list_valid[i] = MY_NONE;
260 } else if (ret < 0) {
261 DEBUGP("slot[%d]: ERROR ret: %d\n", i, ret);
262 uuid_list_valid[i] = MY_NONE;
265 DEBUGP("iso15693_transceive_acf() ret: %d\n",ret);
267 DEBUGP("slot[%d]: Collision! bit:%d byte:%d,%d (UID bit:%d byte:%d,%d)\n",
269 boc-16,(boc-16)/8,(boc-16)%8);
270 DEBUGP("Slot[%d]: ret: %d DSFID: %02x UUID: %s\n", i, ret,
271 resp.dsfid, rfid_hexdump(resp.uuid, ISO15693_UID_LEN));
273 uuid_list_valid[i]=-boc;
274 memcpy(uuid_list[i], resp.uuid, ISO15693_UID_LEN);
276 DEBUGP("Slot[%d]: ret: %d DSFID: %02x UUID: %s\n", i, ret,
277 resp.dsfid, rfid_hexdump(resp.uuid, ISO15693_UID_LEN));
278 uuid_list_valid[i] = MY_UUID;
279 memcpy(&uuid_list[i][0], resp.uuid, ISO15693_UID_LEN);
281 memcpy(handle->uid,resp.uuid, ISO15693_UID_LEN);
282 /* FIXME: move to init_iso15693 */
283 handle->uid_len = ISO15693_UID_LEN;
290 for (i = 0; i < num_slots; i++) {
291 if (uuid_list_valid[i] < 0) {
292 boc=uuid_list_valid[i]*-1;
297 DEBUGP("slot[%d]:boc is smaller than 2 bytes (collision before uid)!!!!\n",i);
300 tx_len = iso15693_build_acf((u_int8_t *)&acf, flags,
301 handle->priv.iso15693.afi, boc+1, resp.uuid);
303 // FIXME: dont use goto
304 goto start_of_ac_loop;
306 DEBUGP("slot[%d]:boc is bigger than 64 (uid size)(collision after uid)\n",i);
307 memcpy(handle->uid,uuid_list[i],ISO15693_UID_LEN);
309 /* FIXME: move to init_iso15693 */
310 handle->uid_len = ISO15693_UID_LEN;
316 for (i = 0; i < num_slots; i++) {
317 if (uuid_list_valid[i] == MY_NONE) {
318 DEBUGP("slot[%d]: timeout\n",i);
319 } else if (uuid_list_valid[i] == MY_UUID) {
320 DEBUGP("slot[%d]: VALID uuid: %s\n", i,
321 rfid_hexdump(uuid_list[i], ISO15693_UID_LEN));
322 memcpy(handle->uid, uuid_list[i], ISO15693_UID_LEN);
323 /* FIXME: move to init_iso15693 */
324 handle->uid_len = ISO15693_UID_LEN;
326 } else if (uuid_list_valid[i] < 0) {
331 DEBUGP("boc is smaller than 2 bytes (collision before uid)!!!!\n");
333 uuid_list_valid[i] = -boc;
335 tx_len = iso15693_build_acf((u_int8_t *)&acf, flags,
336 handle->priv.iso15693.afi, boc+1, resp.uuid);
338 // FIXME: dont use goto
339 goto start_of_ac_loop;
341 DEBUGP("boc is bigger than 64 (uid size)\n");
342 uuid_list_valid[i] = MY_UUID;
354 iso15693_select(struct rfid_layer2_handle *l2h)
356 struct iso15693_request_adressed tx_req;
358 unsigned int rx_len, tx_len;
361 struct iso15693_response head;
363 unsigned char crc[2];
365 rx_len = sizeof(rx_buf);
367 tx_req.head.command = ISO15693_CMD_SELECT;
368 tx_req.head.flags = RFID_15693_F4_ADDRESS;
369 if (l2h->priv.iso15693.vicc_fast)
370 tx_req.head.flags |= RFID_15693_F_RATE_HIGH;
371 if (l2h->priv.iso15693.vicc_two_subc)
372 tx_req.head.flags |= RFID_15693_F_SUBC_TWO;
373 memcpy(&tx_req.uid, l2h->uid, ISO15693_UID_LEN);
374 tx_len = sizeof(tx_req);
376 DEBUGP("tx_len=%u", tx_len); DEBUGPC(" rx_len=%u\n",rx_len);
378 DEBUGP("ret: %d%s, error_flag: %d", ret,(ret==-ETIMEDOUT)?"(TIMEOUT)":"",
379 rx_buf.head.flags&RFID_15693_RF_ERROR);
380 if (rx_buf.head.flags&RFID_15693_RF_ERROR){
381 DEBUGPC(" -> error: %02x '%s'\n", rx_buf.error,
382 iso15693_get_response_error_name(rx_buf.error));
383 l2h->priv.iso15693.state = RFID_15693_STATE_SELECTED;
392 iso15693_stay_quiet(struct rfid_layer2_handle *l2h)
394 struct iso15693_request_adressed tx_req;
396 unsigned int rx_len, tx_len;
399 struct iso15693_response head;
401 unsigned char crc[2];
403 rx_len = sizeof(rx_buf);
405 tx_req.head.command = ISO15693_CMD_STAY_QUIET;
407 tx_req.head.flags = RFID_15693_F4_ADDRESS;
408 if (l2h->priv.iso15693.vicc_fast)
409 tx_req.head.flags |= RFID_15693_F_RATE_HIGH;
410 if (l2h->priv.iso15693.vicc_two_subc)
411 tx_req.head.flags |= RFID_15693_F_SUBC_TWO;
412 memcpy(&tx_req.uid, l2h->uid, ISO15693_UID_LEN);
413 tx_len = sizeof(tx_req);
415 DEBUGP("tx_len=%u", tx_len); DEBUGPC(" rx_len=%u\n",rx_len);
417 ret = iso15693_transceive(l2h, RFID_15693_FRAME, (u_int8_t*)&tx_req,
418 tx_len, (u_int8_t*)&rx_buf, &rx_len, 30,0);
420 l2h->priv.iso15693.state = RFID_15693_STATE_QUIET;
422 DEBUGP("ret: %d%s, error_flag: %d", ret,(ret==-ETIMEDOUT)?"(TIMEOUT)":"",
423 rx_buf.head.flags&RFID_15693_RF_ERROR);
424 if (rx_buf.head.flags&RFID_15693_RF_ERROR)
425 DEBUGPC(" -> error: %02x\n", rx_buf.error);
433 iso15693_getopt(struct rfid_layer2_handle *handle,
434 int optname, void *optval, unsigned int *optlen)
436 unsigned int *val = optval;
437 u_int8_t *val_u8 = optval;
439 if (!optlen || !optval || *optlen < sizeof(unsigned int))
442 *optlen = sizeof(unsigned int);
445 case RFID_OPT_15693_MOD_DEPTH:
446 if (handle->priv.iso15693.vcd_ask100)
447 *val = RFID_15693_MOD_100ASK;
449 *val = RFID_15693_MOD_10ASK;
451 case RFID_OPT_15693_VCD_CODING:
452 if (handle->priv.iso15693.vcd_out256)
453 *val = RFID_15693_VCD_CODING_1OUT256;
455 *val = RFID_15693_VCD_CODING_1OUT4;
457 case RFID_OPT_15693_VICC_SUBC:
458 if (handle->priv.iso15693.vicc_two_subc)
459 *val = RFID_15693_VICC_SUBC_DUAL;
461 *val = RFID_15693_VICC_SUBC_SINGLE;
463 case RFID_OPT_15693_VICC_SPEED:
464 if (handle->priv.iso15693.vicc_fast)
465 *val = RFID_15693_VICC_SPEED_FAST;
467 *val = RFID_15693_VICC_SPEED_SLOW;
469 case RFID_OPT_15693_VCD_SLOTS:
470 if (handle->priv.iso15693.single_slot)
475 case RFID_OPT_15693_USE_AFI:
476 if (handle->priv.iso15693.use_afi)
481 case RFID_OPT_15693_AFI:
482 *val_u8 = handle->priv.iso15693.afi;
483 *optlen = sizeof(u_int8_t);
494 iso15693_setopt(struct rfid_layer2_handle *handle, int optname,
495 const void *optval, unsigned int optlen)
499 if (optlen < sizeof(u_int8_t) || !optval)
502 if (optlen == sizeof(u_int8_t))
503 val = *((u_int8_t *) optval);
504 if (optlen == sizeof(u_int16_t))
505 val = *((u_int16_t *) optval);
506 if (optlen == sizeof(unsigned int))
507 val = *((unsigned int *) optval);
510 case RFID_OPT_15693_MOD_DEPTH:
512 case RFID_15693_MOD_10ASK:
513 handle->priv.iso15693.vcd_ask100 = 0;
515 case RFID_15693_MOD_100ASK:
516 handle->priv.iso15693.vcd_ask100 = 1;
522 case RFID_OPT_15693_VCD_CODING:
524 case RFID_15693_VCD_CODING_1OUT256:
525 handle->priv.iso15693.vcd_out256 = 1;
527 case RFID_15693_VCD_CODING_1OUT4:
528 handle->priv.iso15693.vcd_out256 = 0;
534 case RFID_OPT_15693_VICC_SUBC:
536 case RFID_15693_VICC_SUBC_SINGLE:
537 handle->priv.iso15693.vicc_two_subc = 0;
539 case RFID_15693_VICC_SUBC_DUAL:
540 handle->priv.iso15693.vicc_two_subc = 1;
546 case RFID_OPT_15693_VICC_SPEED:
548 case RFID_15693_VICC_SPEED_SLOW:
549 handle->priv.iso15693.vicc_fast = 0;
551 case RFID_15693_VICC_SPEED_FAST:
552 handle->priv.iso15693.vicc_fast = 1;
557 case RFID_OPT_15693_VCD_SLOTS:
560 handle->priv.iso15693.single_slot = 0;
563 handle->priv.iso15693.single_slot = 1;
569 case RFID_OPT_15693_USE_AFI:
571 handle->priv.iso15693.use_afi = 1;
573 handle->priv.iso15693.use_afi = 0;
575 case RFID_OPT_15693_AFI:
578 handle->priv.iso15693.afi = val;
586 static int transceive_inventory(struct rfid_layer2_handle *l2h)
591 static struct rfid_layer2_handle *
592 iso15693_init(struct rfid_reader_handle *rh)
595 struct rfid_layer2_handle *h = malloc_layer2_handle(sizeof(*h));
599 h->l2 = &rfid_layer2_iso15693;
601 h->priv.iso15693.state = ISO15693_STATE_NONE;
602 h->priv.iso15693.vcd_ask100 = 1; /* 100ASK is easier to generate */
603 h->priv.iso15693.vicc_two_subc = 0;
604 h->priv.iso15693.vicc_fast = 1;
605 h->priv.iso15693.single_slot = 1;
606 h->priv.iso15693.vcd_out256 = 0;
607 h->priv.iso15693.use_afi = 0; /* not all VICC support AFI */
608 h->priv.iso15693.afi = 0;
610 ret = h->rh->reader->init(h->rh, RFID_LAYER2_ISO15693);
612 free_layer2_handle(h);
620 iso15693_fini(struct rfid_layer2_handle *handle)
622 free_layer2_handle(handle);
627 const struct rfid_layer2 rfid_layer2_iso15693 = {
628 .id = RFID_LAYER2_ISO15693,
631 .init = &iso15693_init,
632 .open = &iso15693_anticol,
633 //.open = &iso15693_select,
634 //.transceive = &iso15693_transceive,
635 .close = &iso15693_stay_quiet,
636 .fini = &iso15693_fini,
637 .setopt = &iso15693_setopt,
638 .getopt = &iso15693_getopt,