1 /* ISO 14443-3 B anticollision implementation
3 * (C) 2005 by Harald Welte <laforge@gnumonks.org>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2
10 * as published by the Free Software Foundation
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
26 #include <librfid/rfid.h>
27 #include <librfid/rfid_layer2.h>
28 #include <librfid/rfid_reader.h>
29 #include <librfid/rfid_layer2_iso14443b.h>
31 #include "rfid_iso14443_common.h"
33 #define ATQB_TIMEOUT ((256*10e6/ISO14443_FREQ_SUBCARRIER) \
34 +(200*10e6/ISO14443_FREQ_SUBCARRIER))
37 fwi_to_fwt(struct rfid_layer2_handle *h, unsigned int *fwt, unsigned int fwi)
39 unsigned int multiplier, tmp;
45 /* According to ISO 14443-3:200(E), Chapter 7.9.4.3, the forumala is
46 * (256 * 16 / fC) * 2^fwi We avoid floating point computations by
47 * shifting everything into the microsecond range. In integer
48 * calculations 1000000*256*16/13560000 evaluates to 302 (instead of
49 * 302.064897), which provides sufficient precision, IMHO. The max
50 * result is 302 * 16384 (4947968), which fits well within the 31/32
51 * bit range of an integer */
53 multiplier = 1 << fwi; /* 2 to the power of fwi */
55 tmp = (unsigned int) 1000000 * 256 * 16;
57 return (tmp / h->rh->ah->asic->fc) * multiplier;
61 parse_atqb(struct rfid_layer2_handle *h, struct iso14443b_atqb *atqb)
65 if (atqb->fifty != 0x50)
68 if (atqb->protocol_info.fo & 0x01)
69 h->priv.iso14443b.flags |= ISO14443B_CID_SUPPORTED;
70 if (atqb->protocol_info.fo & 0x02)
71 h->priv.iso14443b.flags |= ISO14443B_NAD_SUPPORTED;
73 ret = fwi_to_fwt(h, &h->priv.iso14443b.fwt, atqb->protocol_info.fwi);
75 DEBUGP("invalid fwi %u\n", atqb->protocol_info.fwi);
79 if (atqb->protocol_info.protocol_type == 0x1) {
80 DEBUGP("we have a T=CL compliant PICC\n");
81 h->priv.iso14443b.tcl_capable = 1;
83 DEBUGP("we have a T!=CL PICC\n");
84 h->priv.iso14443b.tcl_capable = 0;
87 iso14443_fsdi_to_fsd(&h->priv.iso14443b.fsc,
88 atqb->protocol_info.max_frame_size);
90 /* FIXME: speed capability */
92 memcpy(h->uid, atqb->pupi, sizeof(atqb->pupi));
93 h->uid_len = sizeof(atqb->pupi);
99 send_reqb(struct rfid_layer2_handle *h, unsigned char afi,
100 unsigned int is_wup, unsigned int num_initial_slots)
103 unsigned char reqb[3];
104 struct iso14443b_atqb atqb;
105 unsigned int atqb_len = sizeof(atqb);
106 unsigned int num_slot_idx = num_initial_slots;
111 for (num_slot_idx = num_initial_slots; num_slot_idx <= 4;
113 reqb[2] = num_slot_idx & 0x07;
117 ret = h->rh->reader->transcieve(h->rh, RFID_14443B_FRAME_REGULAR,
119 (unsigned char *)&atqb,
120 &atqb_len, ATQB_TIMEOUT, 0);
121 h->priv.iso14443b.state = ISO14443B_STATE_REQB_SENT;
123 DEBUGP("error during transcieve of REQB/WUBP\n");
127 /* FIXME: send N-1 slot marker frames */
129 if (atqb_len != sizeof(atqb)) {
130 DEBUGP("error: atqb_len = %u instead of %Zu\n",
131 atqb_len, sizeof(atqb));
135 /* FIXME: how to detect a collission at 14443B ? I guess we
136 * can only rely on the CRC checking (CRCErr in ErrorFlag
139 if (parse_atqb(h, &atqb) >= 0) {
140 h->priv.iso14443b.state = ISO14443B_STATE_ATQB_RCVD;
148 static inline unsigned int mbli_to_mbl(struct rfid_layer2_handle *h,
151 return (h->priv.iso14443b.fsc * 2 ^ (mbli-1));
155 transcieve_attrib(struct rfid_layer2_handle *h, const unsigned char *inf,
156 unsigned int inf_len, unsigned char *rx_data, unsigned int *rx_len)
158 struct iso14443b_attrib_hdr *attrib;
159 unsigned int attrib_size = sizeof(*attrib) + inf_len;
160 unsigned char *rx_buf;
164 DEBUGP("fsd is %u\n", h->priv.iso14443b.fsd);
165 attrib = malloc(attrib_size);
167 perror("attrib_alloc");
171 DEBUGP("fsd is %u\n", h->priv.iso14443b.fsd);
172 rx_buf = malloc(*rx_len+1);
174 perror("rx_buf malloc");
179 /* initialize attrib frame */
180 memset(attrib, 0, attrib_size);
182 memcpy((unsigned char *)attrib+sizeof(*attrib), inf, inf_len);
184 attrib->one_d = 0x1d;
185 memcpy(attrib->identifier, h->uid, 4);
187 /* FIXME: do we want to change TR0/TR1 from its default ? */
188 /* FIXME: do we want to change SOF/EOF from its default ? */
190 ret = iso14443_fsd_to_fsdi(&fsdi, h->priv.iso14443b.fsd);
192 DEBUGP("unable to map FSD(%u) to FSDI\n",
193 h->priv.iso14443b.fsd);
196 attrib->param2.fsdi = fsdi;
198 /* FIXME: spd_in / spd_out */
199 if (h->priv.iso14443b.tcl_capable == 1)
200 attrib->param3.protocol_type = 0x1;
202 *rx_len = *rx_len + 1;
203 ret = h->rh->reader->transcieve(h->rh, RFID_14443B_FRAME_REGULAR,
204 (unsigned char *) attrib,
205 sizeof(*attrib)+inf_len,
206 rx_buf, rx_len, h->priv.iso14443b.fwt,
208 h->priv.iso14443b.state = ISO14443B_STATE_ATTRIB_SENT;
210 DEBUGP("transcieve problem\n");
214 if ((rx_buf[0] & 0x0f) != h->priv.iso14443b.cid) {
215 DEBUGP("ATTRIB response with invalid CID %u\n",
221 h->priv.iso14443b.state = ISO14443B_STATE_SELECTED;
223 h->priv.iso14443b.mbl = mbli_to_mbl(h, (rx_data[0] & 0xf0) >> 4);
225 *rx_len = *rx_len - 1;
226 memcpy(rx_data, rx_buf+1, *rx_len);
237 iso14443b_hltb(struct rfid_layer2_handle *h)
240 unsigned char hltb[5];
241 unsigned char hltb_resp[1];
242 unsigned int hltb_len = 1;
245 memcpy(hltb+1, h->uid, 4);
247 ret = h->rh->reader->transcieve(h->rh, RFID_14443B_FRAME_REGULAR,
249 hltb_resp, &hltb_len,
250 h->priv.iso14443b.fwt, 0);
251 h->priv.iso14443b.state = ISO14443B_STATE_HLTB_SENT;
253 DEBUGP("transcieve problem\n");
257 if (hltb_len != 1 || hltb_resp[0] != 0x00) {
258 DEBUGP("bad HLTB response\n");
261 h->priv.iso14443b.state = ISO14443B_STATE_HALTED;
267 iso14443b_anticol(struct rfid_layer2_handle *handle)
269 unsigned char afi = 0; /* FIXME */
271 unsigned char buf[255];
272 unsigned int buf_len = sizeof(buf);
274 ret = send_reqb(handle, afi, 0, 0);
278 ret = transcieve_attrib(handle, NULL, 0, buf, &buf_len);
285 static struct rfid_layer2_handle *
286 iso14443b_init(struct rfid_reader_handle *rh)
289 struct rfid_layer2_handle *h = malloc(sizeof(*h));
293 h->l2 = &rfid_layer2_iso14443b;
295 h->priv.iso14443b.state = ISO14443B_STATE_NONE;
297 h->priv.iso14443b.fsd = iso14443_fsd_approx(rh->ah->mru);
298 DEBUGP("fsd is %u\n", h->priv.iso14443b.fsd);
300 /* 14443-3 Section 7.1.6 */
301 h->priv.iso14443b.tr0 = (256/ISO14443_FREQ_SUBCARRIER)*10e6;
302 h->priv.iso14443b.tr1 = (200/ISO14443_FREQ_SUBCARRIER)*10e6;
304 ret = h->rh->reader->iso14443b.init(h->rh);
306 DEBUGP("error during reader 14443b init\n");
315 iso14443b_fini(struct rfid_layer2_handle *handle)
322 iso14443b_transcieve(struct rfid_layer2_handle *handle,
323 enum rfid_frametype frametype,
324 const unsigned char *tx_buf, unsigned int tx_len,
325 unsigned char *rx_buf, unsigned int *rx_len,
326 u_int64_t timeout, unsigned int flags)
328 DEBUGP("transcieving %u bytes, expecting max %u\n", tx_len, *rx_len);
329 return handle->rh->reader->transcieve(handle->rh, frametype,
331 rx_buf, rx_len, timeout, flags);
334 struct rfid_layer2 rfid_layer2_iso14443b = {
335 .id = RFID_LAYER2_ISO14443B,
336 .name = "ISO 14443-3 B",
338 .init = &iso14443b_init,
339 .open = &iso14443b_anticol,
340 .transcieve = &iso14443b_transcieve,
341 .close = &iso14443b_hltb,
342 .fini = &iso14443b_fini,