1 /* ISO 14443-4 (T=CL) implementation, PCD side.
3 * (C) 2005 by Harald Welte <laforge@gnumonks.org>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2
10 * as published by the Free Software Foundation
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
28 #include <librfid/rfid.h>
29 #include <librfid/rfid_protocol_tcl.h>
30 #include <librfid/rfid_protocol.h>
31 #include <librfid/rfid_layer2.h>
32 #include <librfid/rfid_layer2_iso14443b.h>
34 #include <librfid/rfid_asic.h>
35 #include <librfid/rfid_reader.h>
37 #include "rfid_iso14443_common.h"
39 static enum rfid_frametype l2_to_frame(unsigned int layer2)
42 case RFID_LAYER2_ISO14443A:
43 return RFID_14443A_FRAME_REGULAR;
45 case RFID_LAYER2_ISO14443B:
46 return RFID_14443B_FRAME_REGULAR;
52 static unsigned int sfgi_to_sfgt(struct rfid_protocol_handle *h,
55 unsigned int multiplier;
61 multiplier = 1 << sfgi; /* 2 to the power of sfgi */
63 /* ISO 14443-4:2000(E) Section 5.2.5:
64 * (256 * 16 / h->l2h->rh->ah->fc) * (2 ^ sfgi) */
65 tmp = (unsigned int) 1000000 * 256 * 16;
67 return (tmp / h->l2h->rh->ah->fc) * multiplier;
70 static unsigned int fwi_to_fwt(struct rfid_protocol_handle *h,
73 unsigned int multiplier, tmp;
78 multiplier = 1 << fwi; /* 2 to the power of fwi */
80 /* ISO 14443-4:2000(E) Section 7.2.:
81 * (256*16 / h->l2h->rh->ah->fc) * (2 ^ fwi) */
83 tmp = (unsigned int) 1000000 * 256 * 16;
85 return (tmp / h->l2h->rh->ah->fc) * multiplier;
88 /* 4.9seconds as microseconds (4.9 billion seconds) exceeds 2^32 */
89 #define activation_fwt(x) (((u_int64_t)1000000 * 65536 / x->l2h->rh->ah->fc))
90 #define deactivation_fwt(x) activation_fwt(x)
93 tcl_parse_ats(struct rfid_protocol_handle *h,
94 unsigned char *ats, unsigned int size)
96 unsigned char len = ats[0];
100 if (len == 0 || size == 0)
109 /* FIXME: assume some default values */
110 h->priv.tcl.fsc = 32;
111 h->priv.tcl.ta = 0x80; /* 0x80 (same d for both dirs) */
112 h->priv.tcl.sfgt = sfgi_to_sfgt(h, 0);
113 if (h->l2h->l2->id == RFID_LAYER2_ISO14443A) {
114 /* Section 7.2: fwi default for type A is 4 */
115 h->priv.tcl.fwt = fwi_to_fwt(h, 4);
117 /* Section 7.2: fwi for type B is always in ATQB */
118 /* Value is assigned in tcl_connect() */
119 /* This function is never called for Type B, since it has no (R)ATS */
124 /* guarateed to be at least 2 bytes in size */
129 iso14443_fsdi_to_fsd(&h->priv.tcl.fsc, t0 & 0x0f);
130 if (h->priv.tcl.fsc > h->l2h->rh->ah->mtu)
131 h->priv.tcl.fsc = h->l2h->rh->ah->mtu;
134 /* TA is transmitted */
135 h->priv.tcl.ta = *cur++;
139 /* TB is transmitted */
140 h->priv.tcl.sfgt = sfgi_to_sfgt(h, *cur & 0x0f);
141 h->priv.tcl.fwt = fwi_to_fwt(h, (*cur & 0xf0) >> 4);
146 /* TC is transmitted */
148 h->priv.tcl.flags |= TCL_HANDLE_F_NAD_SUPPORTED;
150 h->priv.tcl.flags |= TCL_HANDLE_F_CID_SUPPORTED;
154 h->priv.tcl.historical_len = (ats+len) - cur;
155 h->priv.tcl.historical_bytes = cur;
161 /* request an ATS from the PICC */
163 tcl_request_ats(struct rfid_protocol_handle *h)
166 unsigned char rats[2];
169 if (h->priv.tcl.state != TCL_STATE_INITIAL)
172 ret = iso14443_fsd_to_fsdi(&fsdi, h->priv.tcl.fsd);
174 DEBUGP("unable to encode FSD of %u as FSDI\n", h->priv.tcl.fsd);
179 rats[1] = (h->priv.tcl.cid & 0x0f) | ((fsdi << 4) & 0xf0);
181 /* transceive (with CRC) */
182 ret = rfid_layer2_transceive(h->l2h, RFID_14443A_FRAME_REGULAR,
183 rats, 2, h->priv.tcl.ats,
184 &h->priv.tcl.ats_len, activation_fwt(h),
185 TCL_TRANSP_F_TX_CRC);
187 DEBUGP("transceive of rats failed\n");
188 h->priv.tcl.state = TCL_STATE_RATS_SENT;
189 /* FIXME: retransmit */
192 h->priv.tcl.state = TCL_STATE_ATS_RCVD;
194 ret = tcl_parse_ats(h, h->priv.tcl.ats, h->priv.tcl.ats_len);
196 DEBUGP("parsing of ats failed\n");
203 #define ATS_TA_DIV_2 1
204 #define ATS_TA_DIV_4 2
205 #define ATS_TA_DIV_8 4
211 static unsigned char d_to_di(struct rfid_protocol_handle *h, unsigned char D)
214 unsigned int speed = h->l2h->rh->reader->iso14443a.speed;
216 if ((D & ATS_TA_DIV_8) && (speed & RFID_14443A_SPEED_848K))
218 else if ((D & ATS_TA_DIV_4) && (speed & RFID_14443A_SPEED_424K))
220 else if ((D & ATS_TA_DIV_2) && (speed & RFID_14443A_SPEED_212K))
228 static unsigned int di_to_speed(unsigned char DI)
232 return RFID_14443A_SPEED_848K;
235 return RFID_14443A_SPEED_424K;
238 return RFID_14443A_SPEED_212K;
241 return RFID_14443A_SPEED_106K;
246 /* start a PPS run (autimatically configure highest possible speed */
248 tcl_do_pps(struct rfid_protocol_handle *h)
251 unsigned char ppss[3];
252 unsigned char pps_response[1];
253 unsigned int rx_len = 1;
254 unsigned char Dr, Ds, DrI, DsI;
257 if (h->priv.tcl.state != TCL_STATE_ATS_RCVD)
260 Dr = h->priv.tcl.ta & 0x07;
261 Ds = h->priv.tcl.ta & 0x70 >> 4;
262 DEBUGP("Dr = 0x%x, Ds = 0x%x\n", Dr, Ds);
264 if (Dr != Ds && !(h->priv.tcl.ta & 0x80)) {
265 /* device supports different divisors for rx and tx, but not
267 DEBUGP("PICC has contradictory TA, aborting PPS\n");
271 /* ISO 14443-4:2000(E) Section 5.3. */
273 ppss[0] = 0xd0 | (h->priv.tcl.cid & 0x0f);
277 /* FIXME: deal with different speed for each direction */
278 DrI = d_to_di(h, Dr);
279 DsI = d_to_di(h, Ds);
280 DEBUGP("DrI = 0x%x, DsI = 0x%x\n", DrI, DsI);
282 ppss[2] = (ppss[2] & 0xf0) | (DrI | DsI << 2);
284 ret = rfid_layer2_transceive(h->l2h, RFID_14443A_FRAME_REGULAR,
285 ppss, 3, pps_response, &rx_len,
286 h->priv.tcl.fwt, TCL_TRANSP_F_TX_CRC);
290 if (pps_response[0] != ppss[0]) {
291 DEBUGP("PPS Response != PPSS\n");
295 speed = di_to_speed(DrI);
297 ret = rfid_layer2_setopt(h->l2h, RFID_OPT_14443A_SPEED_RX,
298 &speed, sizeof(speed));
302 ret = rfid_layer2_setopt(h->l2h, RFID_OPT_14443A_SPEED_TX,
303 &speed, sizeof(speed));
312 tcl_build_prologue2(struct tcl_handle *th,
313 unsigned char *prlg, unsigned int *prlg_len,
321 /* we've sent a toggle bit last time */
324 /* we've not sent a toggle last time: send one */
329 if (th->flags & TCL_HANDLE_F_CID_USED) {
330 /* ISO 14443-4:2000(E) Section 7.1.1.2 */
331 *prlg |= TCL_PCB_CID_FOLLOWING;
333 prlg[*prlg_len] = th->cid & 0x0f;
336 /* nad only for I-block (0xc0 == 00) */
337 if ((th->flags & TCL_HANDLE_F_NAD_USED) &&
338 ((pcb & 0xc0) == 0x00)) {
339 /* ISO 14443-4:2000(E) Section 7.1.1.3 */
340 /* FIXME: in case of chaining only for first frame */
341 *prlg |= TCL_PCB_NAD_FOLLOWING;
342 prlg[*prlg_len] = th->nad;
350 tcl_build_prologue_i(struct tcl_handle *th,
351 unsigned char *prlg, unsigned int *prlg_len)
353 /* ISO 14443-4:2000(E) Section 7.1.1.1 */
354 return tcl_build_prologue2(th, prlg, prlg_len, 0x02);
358 tcl_build_prologue_r(struct tcl_handle *th,
359 unsigned char *prlg, unsigned int *prlg_len,
362 unsigned char pcb = 0xa2;
363 /* ISO 14443-4:2000(E) Section 7.1.1.1 */
368 return tcl_build_prologue2(th, prlg, prlg_len, pcb);
372 tcl_build_prologue_s(struct tcl_handle *th,
373 unsigned char *prlg, unsigned int *prlg_len)
375 /* ISO 14443-4:2000(E) Section 7.1.1.1 */
377 /* the only S-block from PCD->PICC is DESELECT,
378 * well, actually there is the S(WTX) response. */
379 return tcl_build_prologue2(th, prlg, prlg_len, 0xc2);
382 /* FIXME: WTXM implementation */
384 static int tcl_prlg_len(struct tcl_handle *th)
388 if (th->flags & TCL_HANDLE_F_CID_USED)
391 if (th->flags & TCL_HANDLE_F_NAD_USED)
397 #define max_net_tx_framesize(x) (x->fsc - tcl_prlg_len(x))
400 tcl_connect(struct rfid_protocol_handle *h)
404 if (h->priv.tcl.state != TCL_STATE_DESELECTED &&
405 h->priv.tcl.state != TCL_STATE_INITIAL)
408 switch (h->l2h->l2->id) {
409 case RFID_LAYER2_ISO14443A:
410 /* Start Type A T=CL Activation Sequence */
411 ret = tcl_request_ats(h);
415 /* Only do PPS if any non-default divisors supported */
416 if (h->priv.tcl.ta & 0x77) {
422 case RFID_LAYER2_ISO14443B:
423 /* initialized T=CL state from Type B Activation Data */
424 h->priv.tcl.cid = h->l2h->priv.iso14443b.cid;
425 h->priv.tcl.fsc = h->l2h->priv.iso14443b.fsc;
426 h->priv.tcl.fsd = h->l2h->priv.iso14443b.fsd;
427 h->priv.tcl.fwt = h->l2h->priv.iso14443b.fwt;
429 /* what about ta? sfgt? */
431 if (h->l2h->priv.iso14443b.flags & ISO14443B_CID_SUPPORTED)
432 h->priv.tcl.flags |= TCL_HANDLE_F_CID_SUPPORTED;
433 if (h->l2h->priv.iso14443b.flags & ISO14443B_NAD_SUPPORTED)
434 h->priv.tcl.flags |= TCL_HANDLE_F_NAD_SUPPORTED;
436 switch (h->l2h->priv.iso14443b.state) {
437 case ISO14443B_STATE_SELECTED:
438 h->priv.tcl.state = TCL_STATE_ATS_RCVD;
440 case ISO14443B_STATE_ATTRIB_SENT:
441 h->priv.tcl.state = TCL_STATE_RATS_SENT;
445 /* PUPI will be presented as ATS/historical bytes */
446 memcpy(h->priv.tcl.ats, h->l2h->uid, 4);
447 h->priv.tcl.ats_len = 4;
448 h->priv.tcl.historical_bytes = h->priv.tcl.ats;
452 DEBUGP("unsupported l2: %u\n", h->l2h->l2->id);
457 h->priv.tcl.state = TCL_STATE_ESTABLISHED;
463 tcl_deselect(struct rfid_protocol_handle *h)
465 /* ISO 14443-4:2000(E) Section 8 */
467 unsigned char frame[3]; /* 3 bytes prologue, no information */
469 unsigned int rx_len = sizeof(rx);
470 unsigned int prlg_len;
471 struct tcl_handle *th = &h->priv.tcl;
473 if (th->state != TCL_STATE_ESTABLISHED) {
474 /* FIXME: not sure whether deselect is possible here,
475 * probably better send a HLTA? */
478 /* build DESELECT S-block */
479 ret = tcl_build_prologue_s(th, frame, &prlg_len);
483 ret = rfid_layer2_transceive(h->l2h, RFID_14443A_FRAME_REGULAR,
485 &rx_len, deactivation_fwt(h),
486 TCL_TRANSP_F_TX_CRC);
488 /* FIXME: retransmit, HLT(A|B) */
492 th->state = TCL_STATE_DESELECTED;
497 #define is_s_block(x) ((x & 0xc0) == 0xc0)
498 #define is_r_block(x) ((x & 0xc0) == 0x80)
499 #define is_i_block(x) ((x & 0xc0) == 0x00)
502 tcl_transceive(struct rfid_protocol_handle *h,
503 const unsigned char *tx_data, unsigned int tx_len,
504 unsigned char *rx_data, unsigned int *rx_len,
505 unsigned int timeout, unsigned int flags)
508 unsigned char *tx_buf, *rx_buf;
509 unsigned char *_rx_data = rx_data;
510 unsigned int _rx_len;
511 unsigned int max_rx_len = *rx_len; /* maximum number of payoload that
512 caller has requested */
513 unsigned int prlg_len;
514 struct tcl_handle *th = &h->priv.tcl;
517 unsigned int _tx_len, _timeout;
518 unsigned char wtx_resp[3];
519 unsigned char ack[10];
520 unsigned int ack_len;
522 tx_buf = malloc(tcl_prlg_len(th) + tx_len);
527 rx_buf = malloc(tcl_prlg_len(th) + *rx_len);
533 if (tcl_build_prologue_i(th, tx_buf, &prlg_len) < 0) {
537 memcpy(tx_buf + prlg_len, tx_data, tx_len);
539 /* intialize to data-to-be-transferred */
541 _tx_len = tx_len+prlg_len;
547 if (_tx_len > max_net_tx_framesize(th)+prlg_len) {
548 /* slow path: we need to use chaining */
549 _tx_len = max_net_tx_framesize(th)+prlg_len;
553 ret = rfid_layer2_transceive(h->l2h, l2_to_frame(h->l2h->l2->id),
555 rx_buf, &_rx_len, _timeout, 0);
556 DEBUGP("l2 transceive finished\n");
560 if ((*rx_buf & 0x01) != h->priv.tcl.toggle) {
561 DEBUGP("response with wrong toggle bit\n");
565 if (is_r_block(*rx_buf)) {
566 unsigned int txed = _tx - tx_buf;
568 /* Handle ACK frame in case of chaining */
569 if (*rx_buf & TCL_PCB_CID_FOLLOWING) {
570 if (*(rx_buf+1) != h->priv.tcl.cid) {
571 DEBUGP("CID %u is not valid\n", *(rx_buf)+1);
575 /* set up parameters for next frame in chain */
577 /* move tx pointer by the amount of bytes transferred
580 _tx_len = (tx_len - txed);
581 if (_tx_len > max_net_tx_framesize(th)) {
582 /* not last frame in chain */
583 _tx_len = max_net_tx_framesize(th);
585 /* last frame in chain */
589 DEBUGP("Received ACK in response to last frame in "
590 "chain?!? Expected I-frame.\n");
594 } else if (is_s_block(*rx_buf)) {
596 unsigned int prlg_len;
599 /* Handle Wait Time Extension */
600 if (*rx_buf & TCL_PCB_CID_FOLLOWING) {
602 DEBUGP("S-Block with CID but short len\n");
606 if (*(rx_buf+1) != h->priv.tcl.cid) {
607 DEBUGP("CID %u is not valid\n", *(rx_buf)+1);
614 if ((*rx_buf & 0x30) != 0x30) {
615 DEBUGP("S-Block but not WTX?\n");
619 inf &= 0x3f; /* only lower 6 bits code WTXM */
620 if (inf == 0 || (inf >= 60 && inf <= 63)) {
621 DEBUGP("WTXM %u is RFU!\n", inf);
626 /* Acknowledge WTXM */
627 tcl_build_prologue_s(&h->priv.tcl, wtx_resp, &prlg_len);
628 /* set two bits that make this block a wtx */
630 wtx_resp[prlg_len] = inf;
632 _tx_len = prlg_len+1;
633 _timeout = th->fwt * inf;
635 /* start over with next transceive */
636 goto do_tx; /* FIXME: do transceive locally since we use
637 totally different buffer */
639 } else if (is_i_block(*rx_buf)) {
640 unsigned char *inf = rx_buf+1;
641 unsigned int net_payload_len;
642 /* we're actually receiving payload data */
645 if (*rx_buf & TCL_PCB_CID_FOLLOWING) {
646 if (*(rx_buf+1) != h->priv.tcl.cid) {
647 DEBUGPC("CID %u is not valid\n", *(rx_buf)+1);
652 if (*rx_buf & TCL_PCB_NAD_FOLLOWING) {
655 net_payload_len = _rx_len - (inf - rx_buf);
656 DEBUGPC("%u bytes\n", net_payload_len);
657 memcpy(_rx_data, inf, net_payload_len);
658 /* increment the number of payload bytes that we actually
660 *rx_len += net_payload_len;
661 _rx_data += net_payload_len;
663 if (*rx_buf & 0x10) {
664 /* we're not the last frame in the chain, continue rx */
665 DEBUGP("not the last frame in the chain, continue\n");
666 ack_len = sizeof(ack);
667 tcl_build_prologue_r(&h->priv.tcl, ack, &ack_len, 0);
682 static struct rfid_protocol_handle *
683 tcl_init(struct rfid_layer2_handle *l2h)
685 struct rfid_protocol_handle *th;
686 unsigned int mru = l2h->rh->ah->mru;
688 th = malloc(sizeof(struct rfid_protocol_handle) + mru);
692 /* FIXME: mru should be attribute of layer2 (in case it adds/removes
694 memset(th, 0, sizeof(struct rfid_protocol_handle) + mru);
696 /* maximum received ats length equals mru of asic/reader */
697 th->priv.tcl.state = TCL_STATE_INITIAL;
698 th->priv.tcl.ats_len = mru;
699 th->priv.tcl.toggle = 1;
701 th->priv.tcl.fsd = iso14443_fsd_approx(mru);
707 tcl_fini(struct rfid_protocol_handle *ph)
713 struct rfid_protocol rfid_protocol_tcl = {
714 .id = RFID_PROTOCOL_TCL,
715 .name = "ISO 14443-4 / T=CL",
718 .open = &tcl_connect,
719 .transceive = &tcl_transceive,
720 .close = &tcl_deselect,