How to send APDU command using T=CL(ISO7816) protocol with ISO14443 layer
I want connect with card on T=CL protocol with ISO14443A layer. And, for example, send to it APDU-command { 0xFF, 0xCA, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } - it must return card ID.
For it I'm using librfid library and device wich reader NXP CLRC 632.
I'm rewrite any functions in librfid in file rfid_reader_spidev.c such as:
int spidev_read(unsigned char reg, unsigned char len, const unsigned char *buf);
int spidev_write(unsigned char reg, unsigned char len, const unsigned char *buf);
int spidev_reg_read(struct rfid_asic_transport_handle *rath, unsigned char reg, unsigned char *value);
int spidev_reg_write(struct rfid_asic_transport_handle *rath, unsigned char reg, unsigned char value);
for work it on my device.
Then I rewrite main function from librfid-tool.c:
int main(int argc, char *argv[])
{
int rc;
unsigned char buf[0x100];
unsigned int len;
unsigned int protocol = RFID_PROTOCOL_TCL,
layer2 = RFID_LAYER2_ISO14443A;
printf("initializing librfid\n");
//--------------------------------
if (reader_init() < 0){
printf("Err reader_init\n");
return;
}
if (l2_init(layer2) < 0) {
rfid_reader_close(rh);
printf("Err l2_init\n");
return;
}
if (l3_init(protocol) < 0) {
rfid_reader_close(rh);
printf("Err l3_init\n");
return;
}
//--------------------------------
printf("Protocol T=CL\n");
// we've established T=CL at this point
printf("selecting Master File\n");
rc = select_mf();
if (rc < 0) {
printf("error selecting MF\n");
return;
}
printf("Send APDU command\n");
rc = send_apdu();
if (rc < 0) {
printf("error sending APDU command\n");
return;
}
printf("Getting random challenge, length 255\n");
rc = iso7816_get_challenge(0xff);
if (rc < 0) {
printf("error getting random challenge\n");
return;
}
printf("selecting Passport application\n");
rc = iso7816_select_application();
if (rc < 0) {
printf("error selecting passport application\n");
return;
}
printf("selecting EF 0x1e\n");
rc = iso7816_select_ef(0x011e);
if (rc < 0) {
printf("error selecting EF 0x1e\n");
return;
}
printf("selecting EF 0x01\n");
rc = iso7816_select_ef(0x0101);
if (rc < 0) {
printf("error selecting EF 0x01\n");
return;
}
while (1) {
printf("reading EF1\n");
len = sizeof(buf);
printf("reading ef\n");
rc = iso7816_read_binary(buf, &len);
if (rc < 0) {
printf("error reading EF\n");
return;
}
}
}
I add function send_apdu, but I don't know as rule it:
static int send_apdu(void)
{
unsigned char apdu[] = { 0xFF, 0xCA, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
unsigned char msg[128];
unsigned char ret[256];
unsigned int rlen = sizeof(ret), msglen;
int rv;
msg[0] = 0x6f;//PC_to_RDR_XfrBlock;
msg[5] = 0; /* slot */
msg[6] = 1; //seqno = handle->seqno++;
msg[7] = 4; /* bBWI */
msg[8] = 0; /* RFU */
msg[9] = 0; /* RFU */
memcpy (msg+10, apdu, 8);
set_msg_len (msg, 8);
msglen = 10 + 8;
rv = rfid_protocol_transceive(ph, msg, msglen/*sizeof(apdu)*/, ret, &rlen, 0, 0);
if (rv < 0)
return rv;
printf("%d: [%s]\n", rlen, hexdump(ret, rlen));
return 0;
}
I get an error at the step "selecting Master File" in my program as you can see in log:
initializing librfid
opening reader handle OpenPCD, CM5x21
spidev_open
entering
reg = 0x09, val = 0x00
reg = 0x09, val = 0x10
entering
reg = 0x09, val = 0x10
reg = 0x09, val = 0x00
reg = 0x00, val = 0x00
reg = 0x11, val = 0x5b
entering
reg = 0x11, val = 0x5b
reg = 0x11, val = 0x58
entering
reg = 0x11, val = 0x58
reg = 0x11, val = 0x5b
opening layer2 handle
reg = 0x09, val = 0x01
reg = 0x11, val = 0x5b
reg = 0x12, val = 0x3f
reg = 0x13, val = 0x3f
reg = 0x14, val = 0x19
reg = 0x15, val = 0x13
reg = 0x16, val = 0x3f
reg = 0x17, val = 0x00
reg = 0x19, val = 0x73
reg = 0x1a, val = 0x08
reg = 0x1b, val = 0xa9
reg = 0x1c, val = 0xff
reg = 0x1d, val = 0x00
reg = 0x1e, val = 0x01
reg = 0x21, val = 0x06
reg = 0x22, val = 0x03
reg = 0x23, val = 0x63
reg = 0x24, val = 0x63
running layer2 anticol(_open)
reg = 0x0f, val = 0x07
reg = 0x09, val = 0x00
reg = 0x22, val = 0x03
timeout=92, rx_len=0, tx_len=2
reg = 0x01, val = 0x00
reg = 0x07, val = 0x7f
reg = 0x03, val = 0x05
status_flag: 0x05, ERR, Lo, mIdle
reg = 0x0a, val = 0x40
error_flag: 0x40, KEY
timeout 920 usec, prescaler = 0, divisor = 6
reg = 0x2a, val = 0x06
reg = 0x2b, val = 0x06
reg = 0x07, val = 0x20
reg = 0x06, val = 0xa0
reg = 0x2c, val = 0xc3
len=, data= 26
reg = 0x01, val = 0x1e
reg = 0x06, val = 0x20
irq_en: 0x20, TIMER
reg = 0x06, val = 0xac
reg = 0x03, val = 0x0d
status_flag: 0x0d, ERR, IRQ, Lo, mIdle
reg = 0x0a, val = 0x40
error_flag: 0x40, KEY
reg = 0x07, val = 0x1d
irq_rq: 0x1d, LoA, IDLE, RX, TX
reg = 0x01, val = 0x00
reg = 0x07, val = 0x08
rc632_wait_idle >> ret=0
reg = 0x04, val = 0x02
rx_len == 2
len=, data= 04 00
reg = 0x0f, val = 0x00
reg = 0x0a, val = 0x40
ATQA: 0x04 0x00
reg = 0x09, val = 0x00
reg = 0x22, val = 0x03
reg = 0x0f, val = 0x00
timeout=50, rx_len=0, tx_len=64
reg = 0x01, val = 0x00
reg = 0x07, val = 0x7f
reg = 0x03, val = 0x05
status_flag: 0x05, ERR, Lo, mIdle
reg = 0x0a, val = 0x40
error_flag: 0x40, KEY
timeout 500 usec, prescaler = 0, divisor = 5
reg = 0x2a, val = 0x05
reg = 0x2b, val = 0x06
reg = 0x07, val = 0x20
reg = 0x06, val = 0xa0
reg = 0x2c, val = 0xd4
len=, data= 93 20
reg = 0x01, val = 0x1e
reg = 0x06, val = 0x2c
irq_en: 0x2c, IDLE, RX, TIMER
reg = 0x06, val = 0xac
reg = 0x03, val = 0x0d
status_flag: 0x0d, ERR, IRQ, Lo, mIdle
reg = 0x0a, val = 0x40
error_flag: 0x40, KEY
reg = 0x07, val = 0x1d
irq_rq: 0x1d, LoA, IDLE, RX, TX
reg = 0x01, val = 0x00
reg = 0x07, val = 0x08
rc632_wait_idle >> ret=0
reg = 0x04, val = 0x05
rx_len == 5
len=, data= 4d 1f 1f 89 c4
reg = 0x0a, val = 0x40
tran_acf->0 boc: -1
reg = 0x22, val = 0x0f
tx_len=7
timeout=1236, rx_len=0, tx_len=3
reg = 0x01, val = 0x00
reg = 0x07, val = 0x7f
reg = 0x03, val = 0x05
status_flag: 0x05, ERR, Lo, mIdle
reg = 0x0a, val = 0x40
error_flag: 0x40, KEY
timeout 12360 usec, prescaler = 0, divisor = 10
reg = 0x2a, val = 0x0a
reg = 0x2b, val = 0x06
reg = 0x07, val = 0x20
reg = 0x06, val = 0xa0
reg = 0x2c, val = 0xa4
len=, data= 93 70 4d 1f 1f 89 c4
reg = 0x01, val = 0x1e
reg = 0x06, val = 0x2c
irq_en: 0x2c, IDLE, RX, TIMER
reg = 0x06, val = 0xac
reg = 0x03, val = 0x0d
status_flag: 0x0d, ERR, IRQ, Lo, mIdle
reg = 0x0a, val = 0x40
error_flag: 0x40, KEY
reg = 0x07, val = 0x1d
irq_rq: 0x1d, LoA, IDLE, RX, TX
reg = 0x01, val = 0x00
reg = 0x07, val = 0x08
rc632_wait_idle >> ret=0
reg = 0x04, val = 0x01
rx_len == 1
len=, data= 28
UID 4d 1f 1f 89
we have a T=CL compliant PICC
running layer3 (ats)
reg = 0x22, val = 0x0f
tx_len=2
timeout=4833, rx_len=0, tx_len=64
reg = 0x01, val = 0x00
reg = 0x07, val = 0x7f
reg = 0x03, val = 0x05
status_flag: 0x05, ERR, Lo, mIdle
reg = 0x0a, val = 0x40
error_flag: 0x40, KEY
timeout 48330 usec, prescaler = 0, divisor = 12
reg = 0x2a, val = 0x0c
reg = 0x2b, val = 0x06
reg = 0x07, val = 0x20
reg = 0x06, val = 0xa0
reg = 0x2c, val = 0xa0
len=, data= e0 50
reg = 0x01, val = 0x1e
reg = 0x06, val = 0x2c
irq_en: 0x2c, IDLE, RX, TIMER
reg = 0x06, val = 0xac
reg = 0x03, val = 0x0c
status_flag: 0x0c, ERR, IRQ, mIdle
reg = 0x0a, val = 0x40
error_flag: 0x40, KEY
reg = 0x07, val = 0x1d
irq_rq: 0x1d, LoA, IDLE, RX, TX
reg = 0x01, val = 0x00
reg = 0x07, val = 0x08
rc632_wait_idle >> ret=0
reg = 0x04, val = 0x0d
rx_len == 13
len=, data= 0d 78 77 b1 02 4a 43 4f 50 76 32 34 31
This PICC supports CID
ATS parsed: 0d 78 77 b1 02 4a 43 4f 50 76 32 34 31
Dr = 0x7, Ds = 0x7
DrI = 0x2, DsI = 0x2
reg = 0x22, val = 0x0f
tx_len=3
timeout=618496, rx_len=0, tx_len=1
reg = 0x01, val = 0x00
reg = 0x07, val = 0x7f
reg = 0x03, val = 0x05
status_flag: 0x05, ERR, Lo, mIdle
reg = 0x0a, val = 0x40
error_flag: 0x40, KEY
timeout 618496开发者_StackOverflow社区0 usec, prescaler = 0, divisor = 0
reg = 0x2a, val = 0x00
reg = 0x2b, val = 0x06
reg = 0x07, val = 0x20
reg = 0x06, val = 0xa0
reg = 0x2c, val = 0xc2
len=, data= d0 11 0a
reg = 0x01, val = 0x1e
reg = 0x06, val = 0x2c
irq_en: 0x2c, IDLE, RX, TIMER
reg = 0x06, val = 0xac
reg = 0x03, val = 0x0d
status_flag: 0x0d, ERR, IRQ, Lo, mIdle
reg = 0x0a, val = 0x40
error_flag: 0x40, KEY
reg = 0x07, val = 0x3d
irq_rq: 0x3d, LoA, IDLE, RX, TX, TIMER
reg = 0x01, val = 0x00
reg = 0x07, val = 0x08
rc632_wait_idle >> ret=0
reg = 0x04, val = 0x01
rx_len == 1
len=, data= d0
setting rate: 424K
reg = 0x19, val = 0x73
reg = 0x19, val = 0x33
reg = 0x1a, val = 0x08
reg = 0x1a, val = 0x09
reg = 0x1c, val = 0x50
reg = 0x1d, val = 0x0c
setting rate: 424K
reg = 0x14, val = 0x19
reg = 0x14, val = 0x01
reg = 0x15, val = 0x00
we now have layer3 up and running
Protocol T=CL
sending APDU command
selecting Master File
reg = 0x22, val = 0x0f
tx_len=7
timeout=618496, rx_len=0, tx_len=255
reg = 0x01, val = 0x00
reg = 0x07, val = 0x7f
reg = 0x03, val = 0x05
status_flag: 0x05, ERR, Lo, mIdle
reg = 0x0a, val = 0x40
error_flag: 0x40, KEY
timeout 6184960 usec, prescaler = 0, divisor = 0
reg = 0x2a, val = 0x00
reg = 0x2b, val = 0x06
reg = 0x07, val = 0x20
reg = 0x06, val = 0xa0
reg = 0x2c, val = 0xc2
len=, data= 02 00 a4 00 00 02 3f
reg = 0x01, val = 0x1e
reg = 0x06, val = 0x2c
irq_en: 0x2c, IDLE, RX, TIMER
reg = 0x06, val = 0xac
reg = 0x03, val = 0x6d
status_flag: 0x6d, ERR, IRQ, Lo, mAwaitingRX
reg = 0x0a, val = 0x40
error_flag: 0x40, KEY
reg = 0x07, val = 0x31
irq_rq: 0x31, LoA, TX, TIMER
reg = 0x01, val = 0x1e
reg = 0x07, val = 0x08
rc632_wait_idle >> ret=0
reg = 0x04, val = 0x00
rx_len == 0
reg = 0x03, val = 0x6d
status_flag: 0x6d, ERR, IRQ, Lo, mAwaitingRX
reg = 0x0a, val = 0x40
error_flag: 0x40, KEY
reg = 0x22, val = 0x0f
l2 transceive finished
error selecting MF
If you could help me or point out my error, I would be very grateful.
There seems to be an error in the select_mf function (which you haven't supplied). From the log file, it is sending:
02 00 a4 00 00 02 3f
This should be:
00 a4 00 00 02 3f 00
Function select_mf declared in librfid-tool.c and I don't edited it...
static int select_mf(void)
{
unsigned char cmd[] = { 0x00, 0xa4, 0x00, 0x00, 0x02, 0x3f};//, 0x00, 0x00 };
unsigned char ret[256];
unsigned int rlen = sizeof(ret);
int rv;
rv = rfid_protocol_transceive(ph, cmd, sizeof(cmd), ret, &rlen, 0, 0);
if (rv < 0)
return rv;
printf("%d: [%s]\n", rlen, hexdump(ret, rlen));
return 0;
}
As you can see, there sending
00 a4 00 00 02 3f
In rfid_protocol_transceive run function from library "librfid"
int
tcl_transceive(struct rfid_protocol_handle *h,
const unsigned char *tx_data, unsigned int tx_len,
unsigned char *rx_data, unsigned int *rx_len,
unsigned int timeout, unsigned int flags)
where calls
static int
tcl_refill_xcvb(struct rfid_xcvb *xcvb, struct tcl_tx_context *ctx)
{
struct tcl_handle *th = &ctx->h->priv.tcl;
if (ctx->next_tx_byte >= ctx->tx + ctx->tx_len) {
DEBUGP("tyring to refill tx xcvb but no data left!\n");
return -1;
}
if (tcl_build_prologue_i(th, xcvb->tx.data,
&xcvb->tx.hdr_len) < 0)
return -1;
if (tcl_ctx_todo(ctx) > th->fsc - xcvb->tx.hdr_len)
xcvb->tx.frame_len = max_net_tx_framesize(th);
else
xcvb->tx.frame_len = tcl_ctx_todo(ctx);
memcpy(frb_payload(xcvb->tx), ctx->next_tx_byte,
xcvb->tx.frame_len);
ctx->next_tx_byte += xcvb->tx.frame_len;
/* check whether we need to set the chaining bit */
if (ctx->next_tx_byte < ctx->tx + ctx->tx_len)
xcvb->tx.data[0] |= 0x10;
/* add hdr_len after copying the net payload */
xcvb->tx.frame_len += xcvb->tx.hdr_len;
xcvb->timeout = th->fwt;
return 0;
}
and after it calls our buffer becomes
02 00 a4 00 00 02 3f
What you think about it?
加载中,请稍侯......
精彩评论