1 /* ISO 15693 anticollision implementation
3 * (C) 2005 by Harald Welte <laforge@gnumonks.org>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2
10 * as published by the Free Software Foundation
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
26 #include <librfid/rfid.h>
27 #include <librfid/rfid_layer2.h>
28 #include <librfid/rfid_reader.h>
29 #include <librfid/rfid_layer2_iso15693.h>
32 /* Transcieve a 7-bit short frame */
34 iso14443a_transcieve_sf(struct rfid_layer2_handle *handle,
36 struct iso14443a_atqa *atqa)
38 struct rfid_reader *rdr = handle->rh->reader;
40 return rdr->iso14443a.transcieve_sf(handle->rh, cmd, atqa);
43 /* Transmit an anticollission bit frame */
45 iso14443a_transcieve_acf(struct rfid_layer2_handle *handle,
46 struct iso14443a_anticol_cmd *acf,
47 unsigned int *bit_of_col)
49 struct rfid_reader *rdr = handle->rh->reader;
51 return rdr->iso14443a.transcieve_acf(handle->rh, acf, bit_of_col);
54 /* Transmit a regular frame */
56 iso14443a_transcieve(struct rfid_layer2_handle *handle,
57 const unsigned char *tx_buf, unsigned int tx_len,
58 unsigned char *rx_buf, unsigned int *rx_len,
59 u_int64_t, unsigned int flags)
61 return handle->rh->reader->transcieve(handle->rh, tx_buf, tx_len,
62 rx_buf, rx_len, timeout, flags);
66 iso14443a_code_nvb_bits(unsigned char *nvb, unsigned int bits)
68 unsigned int byte_count = bits / 8;
69 unsigned int bit_count = bits % 8;
71 if (byte_count < 2 || byte_count > 7)
74 *nvb = ((byte_count & 0xf) << 4) | bit_count;
79 /* first bit is '1', second bit '2' */
81 set_bit_in_field(unsigned char *bitfield, unsigned int bit)
83 unsigned int byte_count = bit / 8;
84 unsigned int bit_count = bit % 8;
86 DEBUGP("bitfield=%p, byte_count=%u, bit_count=%u\n",
87 bitfield, byte_count, bit_count);
88 DEBUGP("%p = 0x%02x\n", (bitfield+byte_count), *(bitfield+byte_count));
89 *(bitfield+byte_count) |= 1 << (bit_count-1);
90 DEBUGP("%p = 0x%02x\n", (bitfield+byte_count), *(bitfield+byte_count));
94 iso14443a_anticol(struct rfid_layer2_handle *handle)
97 unsigned int uid_size;
98 struct iso14443a_atqa atqa;
99 struct iso14443a_anticol_cmd acf;
100 unsigned int bit_of_col;
101 unsigned char sak[3];
102 unsigned char uid[10]; // triple size equals 10 bytes;
103 unsigned int rx_len = sizeof(sak);
104 char *aqptr = (char *) &atqa;
105 static int first = 0;
107 memset(uid, 0, sizeof(uid));
108 memset(sak, 0, sizeof(sak));
109 memset(&atqa, 0, sizeof(atqa));
110 memset(&acf, 0, sizeof(acf));
113 DEBUGP("Sending REQA\n");
114 ret = iso14443a_transcieve_sf(handle, ISO14443A_SF_CMD_REQA, &atqa);
117 DEBUGP("Sending WUPA\n");
118 ret = iso14443a_transcieve_sf(handle, ISO14443A_SF_CMD_WUPA, &atqa);
122 handle->priv.iso14443a.state = ISO14443A_STATE_REQA_SENT;
123 DEBUGP("error during transcieve_sf: %d\n", ret);
126 handle->priv.iso14443a.state = ISO14443A_STATE_ATQA_RCVD;
128 DEBUGP("ATQA: 0x%02x 0x%02x\n", *aqptr, *(aqptr+1));
130 if (!atqa.bf_anticol) {
131 handle->priv.iso14443a.state =ISO14443A_STATE_NO_BITFRAME_ANTICOL;
132 DEBUGP("no bitframe anticollission bits set, aborting\n");
136 if (atqa.uid_size == 2 || atqa.uid_size == 3)
138 else if (atqa.uid_size == 1)
143 acf.sel_code = ISO14443A_AC_SEL_CODE_CL1;
145 handle->priv.iso14443a.state = ISO14443A_STATE_ANTICOL_RUNNING;
146 handle->priv.iso14443a.level = ISO14443A_LEVEL_CL1;
149 iso14443a_code_nvb_bits(&acf.nvb, 16);
151 ret = iso14443a_transcieve_acf(handle, &acf, &bit_of_col);
154 DEBUGP("bit_of_col = %u\n", bit_of_col);
156 while (bit_of_col != ISO14443A_BITOFCOL_NONE) {
157 set_bit_in_field(&acf.uid_bits[0], bit_of_col-16);
158 iso14443a_code_nvb_bits(&acf.nvb, bit_of_col);
159 ret = iso14443a_transcieve_acf(handle, &acf, &bit_of_col);
160 DEBUGP("bit_of_col = %u\n", bit_of_col);
165 iso14443a_code_nvb_bits(&acf.nvb, 7*8);
166 ret = iso14443a_transcieve(handle, (unsigned char *)&acf, 7,
167 (unsigned char *) &sak, &rx_len,
173 /* Cascade bit set, UID not complete */
174 switch (acf.sel_code) {
175 case ISO14443A_AC_SEL_CODE_CL1:
176 /* cascading from CL1 to CL2 */
177 if (acf.uid_bits[0] != 0x88) {
178 DEBUGP("Cascade bit set, but UID0 != 0x88\n");
181 memcpy(&uid[0], &acf.uid_bits[1], 3);
182 acf.sel_code = ISO14443A_AC_SEL_CODE_CL2;
183 handle->priv.iso14443a.level = ISO14443A_LEVEL_CL2;
185 case ISO14443A_AC_SEL_CODE_CL2:
186 /* cascading from CL2 to CL3 */
187 memcpy(&uid[3], &acf.uid_bits[1], 3);
188 acf.sel_code = ISO14443A_AC_SEL_CODE_CL3;
189 handle->priv.iso14443a.level = ISO14443A_LEVEL_CL3;
192 DEBUGP("cannot cascade any further than CL3\n");
193 handle->priv.iso14443a.state = ISO14443A_STATE_ERROR;
200 switch (acf.sel_code) {
201 case ISO14443A_AC_SEL_CODE_CL1:
202 /* single size UID (4 bytes) */
203 memcpy(&uid[0], &acf.uid_bits[0], 4);
205 case ISO14443A_AC_SEL_CODE_CL2:
206 /* double size UID (7 bytes) */
207 memcpy(&uid[3], &acf.uid_bits[0], 4);
209 case ISO14443A_AC_SEL_CODE_CL3:
210 /* triple size UID (10 bytes) */
211 memcpy(&uid[6], &acf.uid_bits[0], 4);
216 handle->priv.iso14443a.level = ISO14443A_LEVEL_NONE;
217 handle->priv.iso14443a.state = ISO14443A_STATE_SELECTED;
223 else if (uid_size == 2)
228 DEBUGP("UID %s\n", rfid_hexdump(uid, uid_len));
232 DEBUGP("we have a T=CL compliant PICC\n");
233 handle->priv.iso14443a.tcl_capable = 1;
235 DEBUGP("we have a T!=CL PICC\n");
236 handle->priv.iso14443a.tcl_capable = 0;
243 iso14443a_hlta(struct rfid_layer2_handle *handle)
246 unsigned char tx_buf[2] = { 0x50, 0x00 };
247 unsigned char rx_buf[10];
248 unsigned int rx_len = sizeof(rx_buf);
252 ret = iso14443a_transcieve(handle, tx_buf, sizeof(tx_buf),
253 rx_buf, &rx_len, 1000 /* 1ms */, 0);
255 /* "error" case: we don't get somethng back from the card */
262 static struct rfid_layer2_handle *
263 iso15693_init(struct rfid_reader_handle *rh)
266 struct rfid_layer2_handle *h = malloc(sizeof(*h));
270 h->l2 = &rfid_layer2_iso15693;
272 h->priv.iso15693.state = ISO15693_STATE_NONE;
274 ret = h->rh->reader->iso15693.init(h->rh);
284 iso15693_fini(struct rfid_layer2_handle *handle)
291 struct rfid_layer2 rfid_layer2_iso15693 = {
292 .id = RFID_LAYER2_ISO15693,
295 .init = &iso15693_init,
296 //.open = &iso15693_anticol,
297 //.transcieve = &iso15693_transcieve,
298 //.close = &iso14443a_hlta,
299 .fini = &iso15693_fini,