Booten in Titelbild.
[hackover2013-badge-firmware.git] / drivers / rf / pn532 / helpers / pn532_mifare_classic.c
1 /**************************************************************************/
2 /*!
3 @file pn532_mifare_classic.c
4 */
5 /**************************************************************************/
6
7 /* MIFARE CLASSIC DESCRIPTION
8 ==========================
9
10 MIFARE Classic cards come in 1K and 4K varieties. While several
11 varieties of chips exist, the two main chipsets used are described
12 in the following publicly accessible documents:
13
14 MF1S503x Mifare Classic 1K data sheet:
15 http://www.nxp.com/documents/data_sheet/MF1S503x.pdf
16
17 MF1S70yyX MIFARE Classic 4K data sheet:
18 http://www.nxp.com/documents/data_sheet/MF1S70YYX.pdf
19
20 Mifare Classic cards typically have a a 4-byte NUID, though you may
21 find cards with 7 byte IDs as well
22
23 EEPROM MEMORY
24 =============
25 Mifare Classic cards have either 1K or 4K of EEPROM memory. Each
26 memory block can be configured with different access conditions,
27 with two seperate authentication keys present in each block.
28
29 The two main Mifare Classic card types are organised as follows:
30
31 1K Cards: 16 sectors of 4 blocks (0..15)
32 4K Cards: 32 sectors of 4 blocks (0..31) and
33 8 sectors of 16 blocks (32..39)
34
35 4 block sectors
36 ===============
37 Sector Block Bytes Description
38 ------ ----- ----- -----------
39 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
40
41 1 3 [-------KEY A-------] [Access Bits] [-------KEY A-------] Sector Trailer 1
42 2 [ Data ] Data
43 1 [ Data ] Data
44 0 [ Data ] Data
45
46 0 3 [-------KEY A-------] [Access Bits] [-------KEY A-------] Sector Trailer 1
47 2 [ Data ] Data
48 1 [ Data ] Data
49 0 [ Manufacturer Data ] Manufacturer Block
50
51 Sector Trailer (Block 3)
52 ------------------------
53 The sector trailer block contains the two secret keys (Key A and Key B), as well
54 as the access conditions for the four blocks. It has the following structure:
55
56 Sector Trailer Bytes
57 --------------------------------------------------------------
58 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
59 [ Key A ] [Access Bits] [ Key B ]
60
61 For more information in using Keys to access the clock contents, see
62 Accessing Data Blocks further below.
63
64 Data Blocks (Blocks 0..2)
65 -------------------------
66 Data blocks are 16 bytes wide and, depending on the permissions set in the
67 access bits, can be read from and written to. You are free to use the 16 data
68 bytes in any way you wish. You can easily store text input, store four 32-bit
69 integer values, a 16 character uri, etc.
70
71 Data Blocks as "Value Blocks"
72 -----------------------------
73 An alternative to storing random data in the 16 byte-wide blocks is to
74 configure them as "Value Blocks". Value blocks allow performing electronic
75 purse functions (valid commands are: read, write, increment, decrement,
76 restore, transfer).
77
78 Each Value block contains a single signed 32-bit value, and this value is
79 stored 3 times for data integrity and security reasons. It is stored twice
80 non-inverted, and once inverted. The last 4 bytes are used for a 1-byte
81 address, which is stored 4 times (twice non-inverted, and twice inverted).
82
83 Data blocks configured as "Value Blocks" have the following structure:
84
85 Value Block Bytes
86 --------------------------------------------------------------
87 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
88 [ Value ] [ ~Value ] [ Value ] [A ~A A ~A]
89
90 Manufacturer Block (Sector 0, Block 0)
91 --------------------------------------
92 Sector 0 is special since it contains the Manufacturer Block. This block
93 contains the manufacturer data, and is read-only. It should be avoided
94 unless you know what you are doing.
95
96 16 block sectors
97 ================
98 16 block sectors are identical to 4 block sectors, but with more data blocks. The same
99 structure described in the 4 block sectors above applies.
100
101 Sector Block Bytes Description
102 ------ ----- ----- ----------
103 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
104
105 32 15 [-------KEY A-------] [Access Bits] [-------KEY B-------] Sector Trailer 32
106 14 [ Data ] Data
107 13 [ Data ] Data
108 ...
109 2 [ Data ] Data
110 1 [ Data ] Data
111 0 [ Data ] Data
112
113 ACCESSING DATA BLOCKS
114 =====================
115
116 Before you can access the cards, you must following two steps:
117
118 1.) You must retrieve the 7 byte UID or the 4-byte NUID of the card.
119 This can be done using pn532_mifareclassic_WaitForPassiveTarget()
120 below, which will return the appropriate ID.
121
122 2.) You must authenticate the sector you wish to access according to the
123 access rules defined in the Sector Trailer block for that sector.
124 This can be done using pn532_mifareclassic_AuthenticateBlock(),
125 passing in the appropriate key value.
126
127 Most new cards have a default Key A of 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF,
128 but some common values worth trying are:
129
130 0XFF 0XFF 0XFF 0XFF 0XFF 0XFF
131 0XD3 0XF7 0XD3 0XF7 0XD3 0XF7
132 0XA0 0XA1 0XA2 0XA3 0XA4 0XA5
133 0XB0 0XB1 0XB2 0XB3 0XB4 0XB5
134 0X4D 0X3A 0X99 0XC3 0X51 0XDD
135 0X1A 0X98 0X2C 0X7E 0X45 0X9A
136 0XAA 0XBB 0XCC 0XDD 0XEE 0XFF
137 0X00 0X00 0X00 0X00 0X00 0X00
138 0XAB 0XCD 0XEF 0X12 0X34 0X56
139
140 3.) Once authenication has succeeded, and depending on the sector
141 permissions, you can then read/write/increment/decrement the
142 contents of the specific block, using one of the helper functions
143 included in this module.
144
145 */
146
147 #include <string.h>
148
149 #include "../pn532.h"
150 #include "../pn532_bus.h"
151 #include "pn532_mifare.h"
152 #include "pn532_mifare_classic.h"
153
154 #include "core/systick/systick.h"
155
156 /**************************************************************************/
157 /*!
158 Indicates whether the specified block number is the first block
159 in the sector (block 0 relative to the current sector)
160 */
161 /**************************************************************************/
162 bool is_first_block (uint32_t uiBlock)
163 {
164 // Test if we are in the small or big sectors
165 if (uiBlock < 128)
166 return ((uiBlock) % 4 == 0);
167 else
168 return ((uiBlock) % 16 == 0);
169 }
170
171 /**************************************************************************/
172 /*!
173 Indicates whether the specified block number is the sector trailer
174 */
175 /**************************************************************************/
176 bool is_trailer_block (uint32_t uiBlock)
177 {
178 // Test if we are in the small or big sectors
179 if (uiBlock < 128)
180 return ((uiBlock + 1) % 4 == 0);
181 else
182 return ((uiBlock + 1) % 16 == 0);
183 }
184
185 /**************************************************************************/
186 /*!
187 Tries to detect MIFARE targets in passive mode. This needs to be done
188 before anything useful can be accomplished with a tag since you need
189 the tag's unique UID to communicate with it.
190
191 @param pbtCUID Pointer to the byte array where the card's UID
192 will be stored once a card is detected
193 @param pszUIDLen Pointer to the size of the card UID in bytes
194
195 Response for a valid ISO14443A 106KBPS (Mifare Classic, etc.)
196 should be in the following format. See UM0701-02 section
197 7.3.5 for more information
198
199 byte Description
200 ------------- ------------------------------------------
201 b0..6 Frame header and preamble
202 b7 Tags Found
203 b8 Tag Number (only one used in this example)
204 b9..10 SENS_RES
205 b11 SEL_RES
206 b12 NFCID Length
207 b13..NFCIDLen NFCID
208
209 SENS_RES SEL_RES Manufacturer/Card Type NFCID Len
210 -------- ------- ----------------------- ---------
211 00 04 08 NXP Mifare Classic 1K 4 bytes
212 00 02 18 NXP Mifare Classic 4K 4 bytes
213
214 @note Possible error messages are:
215
216 - PN532_ERROR_WRONGCARDTYPE
217 */
218 /**************************************************************************/
219 pn532_error_t pn532_mifareclassic_WaitForPassiveTarget (byte_t * pbtCUID, size_t * szCUIDLen)
220 {
221 byte_t abtResponse[PN532_RESPONSELEN_INLISTPASSIVETARGET];
222 pn532_error_t error;
223 size_t szLen;
224
225 #ifdef PN532_DEBUGMODE
226 PN532_DEBUG("Waiting for an ISO14443A Card%s", CFG_PRINTF_NEWLINE);
227 #endif
228
229 /* Try to initialise a single ISO14443A tag at 106KBPS */
230 /* Note: To wait for a card with a known UID, append the four byte */
231 /* UID to the end of the command. */
232 byte_t abtCommand[] = { PN532_COMMAND_INLISTPASSIVETARGET, 0x01, PN532_MODULATION_ISO14443A_106KBPS};
233 error = pn532Write(abtCommand, sizeof(abtCommand));
234 if (error)
235 return error;
236
237 /* Wait until we get a valid response or a timeout */
238 do
239 {
240 systickDelay(25);
241 error = pn532Read(abtResponse, &szLen);
242 } while (error == PN532_ERROR_RESPONSEBUFFEREMPTY);
243 if (error)
244 return error;
245
246 /* Check SENSE_RES to make sure this is a Mifare Classic card */
247 /* Classic 1K = 00 04 */
248 /* Classic 4K = 00 02 */
249 /* Classic Emulated = 00 08 */
250 if ((abtResponse[10] == 0x02) ||
251 (abtResponse[10] == 0x04) ||
252 (abtResponse[10] == 0x08))
253 {
254 /* Card appears to be Mifare Classic */
255 *szCUIDLen = abtResponse[12];
256 uint8_t i;
257 for (i=0; i < *szCUIDLen; i++)
258 {
259 pbtCUID[i] = abtResponse[13+i];
260 }
261 #ifdef PN532_DEBUGMODE
262 PN532_DEBUG("Card Found: %s", CFG_PRINTF_NEWLINE);
263 PN532_DEBUG(" ATQA: ");
264 pn532PrintHex(abtResponse+9, 2);
265 PN532_DEBUG(" SAK: %02x%s", abtResponse[11], CFG_PRINTF_NEWLINE);
266 PN532_DEBUG(" UID: ");
267 pn532PrintHex(pbtCUID, *szCUIDLen);
268 #endif
269 }
270 else
271 {
272 /* Card is ISO14443A but doesn't appear to be Mifare Classic */
273 /* Mifare Ultralight = 0x0044 */
274 /* Mifare DESFire = 0x0344 */
275 /* Innovision Jewel = 0x0C00 */
276 #ifdef PN532_DEBUGMODE
277 PN532_DEBUG("Wrong Card Type (Expected ATQA 00 02, 00 04 or 00 08) %s%s", CFG_PRINTF_NEWLINE, CFG_PRINTF_NEWLINE);
278 PN532_DEBUG(" ATQA : ");
279 pn532PrintHex(abtResponse+9, 2);
280 PN532_DEBUG(" SAK : %02x%s", abtResponse[11], CFG_PRINTF_NEWLINE);
281 PN532_DEBUG(" UID Length : %d%s", abtResponse[12], CFG_PRINTF_NEWLINE);
282 PN532_DEBUG(" UID : ");
283 size_t pos;
284 for (pos=0; pos < abtResponse[12]; pos++)
285 {
286 printf("%02x ", abtResponse[13 + pos]);
287 }
288 printf("%s%s", CFG_PRINTF_NEWLINE, CFG_PRINTF_NEWLINE);
289 #endif
290 return PN532_ERROR_WRONGCARDTYPE;
291 }
292
293 return PN532_ERROR_NONE;
294 }
295
296
297 /**************************************************************************/
298 /*!
299 Tries to authenticate a block of memory on a MIFARE card using the
300 INDATAEXCHANGE command. See section 7.3.8 of the PN532 User Manual
301 for more information on sending MIFARE and other commands.
302
303 @param pbtCUID Pointer to a byte array containing the card UID
304 @param szCUIDLen The length (in bytes) of the card's UID (Should
305 be 4 for MIFARE Classic)
306 @param uiBlockNumber The block number to authenticate. (0..63 for
307 1KB cards, and 0..255 for 4KB cards).
308 @param uiKeyType Which key type to use during authentication
309 (PN532_MIFARE_CMD_AUTH_A or PN532_MIFARE_CMD_AUTH_B)
310 @param pbtKeys Pointer to a byte array containing the 6 byte
311 key value
312 */
313 /**************************************************************************/
314 pn532_error_t pn532_mifareclassic_AuthenticateBlock (byte_t * pbtCUID, size_t szCUIDLen, uint32_t uiBlockNumber, uint8_t uiKeyType, byte_t * pbtKeys)
315 {
316 pn532_error_t error;
317 byte_t abtCommand[17];
318 byte_t abtResponse[PN532_RESPONSELEN_INDATAEXCHANGE];
319 size_t szLen;
320
321 #ifdef PN532_DEBUGMODE
322 PN532_DEBUG("Trying to authenticate card ");
323 pn532PrintHex(pbtCUID, szCUIDLen);
324 #endif
325
326 /* Prepare the authentication command */
327 abtCommand[0] = PN532_COMMAND_INDATAEXCHANGE; /* Data Exchange Header */
328 abtCommand[1] = 1; /* Max card numbers */
329 abtCommand[2] = (uiKeyType) ? PN532_MIFARE_CMD_AUTH_A : PN532_MIFARE_CMD_AUTH_B;
330 abtCommand[3] = uiBlockNumber; /* Block Number (1K = 0..63, 4K = 0..255 */
331 memcpy (abtCommand+4, pbtKeys, 6);
332 uint8_t i;
333 for (i = 0; i < szCUIDLen; i++)
334 {
335 abtCommand[10+i] = pbtCUID[i]; /* 4 byte card ID */
336 }
337
338 /* Send the command */
339 error = pn532Write(abtCommand, 10+szCUIDLen);
340 if (error)
341 {
342 /* Problem with the serial bus, etc. */
343 #ifdef PN532_DEBUGMODE
344 PN532_DEBUG("Authentification failed%s", CFG_PRINTF_NEWLINE);
345 #endif
346 return error;
347 }
348
349 /* Read the authentication response */
350 memset(abtResponse, 0, PN532_RESPONSELEN_INDATAEXCHANGE);
351 do
352 {
353 systickDelay(25);
354 error = pn532Read(abtResponse, &szLen);
355 }
356 while (error == PN532_ERROR_RESPONSEBUFFEREMPTY);
357 if (error)
358 {
359 #ifdef PN532_DEBUGMODE
360 PN532_DEBUG("Authentification failed%s", CFG_PRINTF_NEWLINE);
361 #endif
362 return error;
363 }
364
365 // ToDo: How to check if authentification really worked (bad key, etc.)?
366
367 /* Output the authentification data */
368 #ifdef PN532_DEBUGMODE
369 PN532_DEBUG("Authenticated block %d %s", uiBlockNumber, CFG_PRINTF_NEWLINE);
370 #endif
371
372 // Return OK signal
373 return PN532_ERROR_NONE;
374 }
375
376 /**************************************************************************/
377 /*!
378 Tries to read an entire 16-byte data block at the specified block
379 address.
380
381 @param uiBlockNumber The block number to authenticate. (0..63 for
382 1KB cards, and 0..255 for 4KB cards).
383 @param pbtData Pointer to the byte array that will hold the
384 retrieved data (if any)
385
386 @note Possible error messages are:
387
388 - PN532_ERROR_BLOCKREADFAILED
389 */
390 /**************************************************************************/
391 pn532_error_t pn532_mifareclassic_ReadDataBlock (uint8_t uiBlockNumber, byte_t * pbtData)
392 {
393 pn532_error_t error;
394 byte_t abtCommand[4];
395 byte_t abtResponse[PN532_RESPONSELEN_INDATAEXCHANGE];
396 size_t szLen;
397
398 #ifdef PN532_DEBUGMODE
399 PN532_DEBUG("Reading 16 bytes at block %03d%s", uiBlockNumber, CFG_PRINTF_NEWLINE);
400 #endif
401
402 /* Prepare the command */
403 abtCommand[0] = PN532_COMMAND_INDATAEXCHANGE;
404 abtCommand[1] = 1; /* Card number */
405 abtCommand[2] = PN532_MIFARE_CMD_READ; /* Mifare Read command = 0x30 */
406 abtCommand[3] = uiBlockNumber; /* Block Number (0..63 for 1K, 0..255 for 4K) */
407
408 /* Send the commands */
409 error = pn532Write(abtCommand, sizeof(abtCommand));
410 if (error)
411 {
412 /* Bus error, etc. */
413 #ifdef PN532_DEBUGMODE
414 PN532_DEBUG("Read failed%s", CFG_PRINTF_NEWLINE);
415 #endif
416 return error;
417 }
418
419 /* Read the response */
420 memset(abtResponse, 0, PN532_RESPONSELEN_INDATAEXCHANGE);
421 do
422 {
423 systickDelay(50);
424 error = pn532Read(abtResponse, &szLen);
425 }
426 while (error == PN532_ERROR_RESPONSEBUFFEREMPTY);
427 if (error)
428 {
429 #ifdef PN532_DEBUGMODE
430 PN532_DEBUG("Read failed%s", CFG_PRINTF_NEWLINE);
431 #endif
432 return error;
433 }
434
435 /* Make sure we have a valid response (should be 26 bytes long) */
436 if (szLen == 26)
437 {
438 /* Copy the 16 data bytes to the output buffer */
439 /* Block content starts at byte 9 of a valid response */
440 memcpy (pbtData, abtResponse+8, 16);
441 }
442 else
443 {
444 #ifdef PN532_DEBUGMODE
445 PN532_DEBUG("Unexpected response reading block %d. Bad key?%s", uiBlockNumber, CFG_PRINTF_NEWLINE);
446 #endif
447 return PN532_ERROR_BLOCKREADFAILED;
448 }
449
450 /* Display data for debug if requested */
451 #ifdef PN532_DEBUGMODE
452 PN532_DEBUG("Block %03d: ", uiBlockNumber, CFG_PRINTF_NEWLINE);
453 pn532PrintHexVerbose(pbtData, 16);
454 #endif
455
456 // Return OK signal
457 return PN532_ERROR_NONE;
458 }
This page took 0.081553 seconds and 5 git commands to generate.