如何解决激活 JavaCard 上的小程序
我将 TRF7970A trasciver 与 MCU 结合使用,以尝试从 Java Card Applet 获取一些信息。我遇到的问题是我设法与标签交换信息,直到 Applet Activation 命令。这意味着我设法执行了防冲突程序、选择命令、老鼠命令,但是当我开始激活小程序时,我没有答案,甚至没有错误。我从设备发送到标签的确切命令序列,我已经用 NFC 调试器对其进行了测试并且工作正常。所以看起来小程序激活命令有一些东西。有人可以告诉我一个可能的原因或解决方案吗? 我发送的命令是:0x02 0x00 0xA4 0x04 0x00 0x09 ,我也试过 0x0A 0x00 0x00 0xA4 0x04 0x00 0x09 还是什么都没有。 通讯介质协议为ISO14443 Type A,IsoDep(我是用来激活小程序的)。
void NFC_TagSearch(uint8_t interface,uint8_t *state,uint8_t *RetrieTimer,uint8_t side)
{
Iso14443a_halt(interface,&gNFC[side]);if(*state==RF_1356_START_TAGSEARCH)
{
Iso14443aAnticollisionInitiate(0x01,iHFRF,&gNFC[side]);
*RetrieTimer=1;
while(*RetrieTimer <= RF_1356_WAIT_AFTER_COMMAND && gNFC[side].Status!=0xFF && gNFC[side].Status!=0x02){}
if(*RetrieTimer <= RF_1356_WAIT_AFTER_COMMAND)
{
char c[6];
hex2str(gNFC[side].Status,c,1);
USART_AddBuffer(iDEBUG,(uint8_t *)c,4,DEBUG_MSG);
USART_AddBuffer(iDEBUG,(uint8_t *)"->",2,DEBUG_MSG);
uint8_t i=0;
for(i=0;i<gNFC[side].Size;i++)
{
hex2str(gNFC[side].Data[i],1);
USART_AddBuffer(iDEBUG,(uint8_t *)&c[2],DEBUG_MSG);
}
USART_AddBuffer(iDEBUG,(uint8_t *)"\r\n",DEBUG_MSG);
USART_TransmitBuffers(iDEBUG);
}
else
{
USART_AddBuffer(iDEBUG,(uint8_t *)"Time\r\n",6,DEBUG_MSG);
USART_TransmitBuffers(iDEBUG);
}
*RetrieTimer=0;
if(gNFC[side].Status==0xFF || gNFC[side].Status==0x02)
{
memset(gNFC[side].uid,0x00,10);
if(Iso14443aAnticolissionLoop(iHFRF,&gNFC[side]))
{
/*We got and UID go to RATS*/
TRF7970A_CRC_ON(interface);
*state=RF_1356_WAITRATSANSWER;
Iso14443a_RATS(interface,&gNFC[side]);
*RetrieTimer=1;
while(*RetrieTimer <= RF_1356_WAIT_AFTER_COMMAND && gNFC[side].Status!=0xFF){}
if(*RetrieTimer <= RF_1356_WAIT_AFTER_COMMAND)
{
char c[6];
hex2str(gNFC[side].Status,1);
USART_AddBuffer(iDEBUG,DEBUG_MSG);
USART_AddBuffer(iDEBUG,DEBUG_MSG);
uint8_t i=0;
for(i=0;i<gNFC[side].Size;i++)
{
hex2str(gNFC[side].Data[i],1);
USART_AddBuffer(iDEBUG,DEBUG_MSG);
}
USART_AddBuffer(iDEBUG,DEBUG_MSG);
USART_TransmitBuffers(iDEBUG);
}
else
{
USART_AddBuffer(iDEBUG,DEBUG_MSG);
USART_TransmitBuffers(iDEBUG);
}
*RetrieTimer=0;
if((*RetrieTimer >= RF_1356_WAIT_AFTER_COMMAND) || (gNFC[side].Status==0xFF))
{
if((gNFC[side].Data[0]) == 0x05)
{
/*Command for activation of the applet*/
Iso14443a_ActivateApplet(interface,&gNFC[side]);
*RetrieTimer=1;
while(*RetrieTimer <= RF_1356_WAIT_AFTER_COMMAND && gNFC[side].Status!=0xFF){}
if(gNFC[0].Size>0/**RetrieTimer <= RF_1356_WAIT_AFTER_COMMAND*/)
{
char c[6];
hex2str(gNFC[0].Status,1);
USART_AddBuffer(iDEBUG,DEBUG_MSG);
USART_AddBuffer(iDEBUG,DEBUG_MSG);
uint8_t i=0;
for(i=0;i<gNFC[0].Size;i++)
{
hex2str(gNFC[0].Data[i],1);
USART_AddBuffer(iDEBUG,DEBUG_MSG);
}
USART_AddBuffer(iDEBUG,DEBUG_MSG);
USART_TransmitBuffers(iDEBUG);
}
else
{
USART_AddBuffer(iDEBUG,(uint8_t *)"Timeout\r\n",9,DEBUG_MSG);
USART_TransmitBuffers(iDEBUG);
}
if(gNFC[1].Size>0/**RetrieTimer <= RF_1356_WAIT_AFTER_COMMAND*/)
{
char c[6];
hex2str(gNFC[1].Status,DEBUG_MSG);
uint8_t i=0;
for(i=0;i<gNFC[1].Size;i++)
{
hex2str(gNFC[1].Data[i],DEBUG_MSG);
USART_TransmitBuffers(iDEBUG);
}
*RetrieTimer=0;
if(gNFC[side].Status==0xFF)
{
if((gNFC[side].Data[0]) == 0x90 && (gNFC[side].Data[1]) == 0x00)
{
/*Command for activation of the applet*/
*state=RF_1356_START_TAGSEARCH;
*RetrieTimer=0;
gDevice.DeviceState=(/*DEVICE_STATE_WAIT_CARD*/0x01==gDevice.DeviceState)?(/*DEVICE_STATE_GOT_CARD*/0x04):(gDevice.DeviceState);
}
else
*state=RF_1356_START_TAGSEARCH;
}
else
{
/*Go back and send command again*/
*state=RF_1356_START_TAGSEARCH;
}
}
else
{
/*Go back and send command again*/
*state=RF_1356_START_TAGSEARCH;
}
}
else
{
/*Go back and send command again*/
*state=RF_1356_START_TAGSEARCH;
}
}
else
{
/*Go back and send command again*/
*state=RF_1356_START_TAGSEARCH;
}
}
else
{
/*Go back and send command again*/
*state=RF_1356_START_TAGSEARCH;
}
}
Iso14443a_halt(interface,&gNFC[side]);
Delay_ms(500);
LL_IWDG_ReloadCounter(IWDG);
}
2.Everithing 一直工作,直到 Applect 激活函数我没有得到任何命令的答案,这就是函数:
void Iso14443a_ActivateApplet(uint8_t interface,__NFCInterfaces *NFC)
{
/*Tried also to reconfigure the chip,just in case*/
trf7970a_write_single(interface,TRF7970A_ISO_CTRL,TRF7970A_ISO_CTRL_14443A_106);
TRF7970A_CRC_ON(interface);
uint8_t length;
uint8_t buf[50];
NFC->CorruptedResponse=0;
NFC->Size=0;
NFC->Status=0x00;
length=0;
buf[length++] = 0x00; /*Length of the packet to be sent,this value is for the TRF7970A chiP*/
buf[length++] = 0x00; /*Length of the packet to be sent,this value is for the TRF7970A chiP*/
/*The sent packet*/
buf[length++] = 0x00;
buf[length++] = 0xA4;
buf[length++] = 0x04;
buf[length++] = 0x00;
buf[length++] = 0x09; //0x09
buf[length++] = 0xC2; //<-AID
buf[length++] = 0xB6;
buf[length++] = 0xCA;
buf[length++] = 0x27;
buf[length++] = 0xA1;
buf[length++] = 0x93;
buf[length++] = 0x1B;
buf[length++] = 0x14;
buf[length++] = 0x1D;
/*The sent packet*/
buf[0]=((length-2)>>4)&0x0F; /*Add the length high nibble to the buffer*/
buf[1]=((length-2)<<4)&0xF0; /*Add the length low nibble to the buffer*/
trf7970a_sendToTag(interface,1,buf,length);
/*Tested commands*/
//02 00 A4040009 C2B6CA27A1931B141D
//0A 00 00 A4040000 C2B6CA27A1931B141D
//0A 00 00 A4040009 C2B6CA27A1931B141D
//0A0000A404000B4A617661436172644F530100/*CID present and 0*/
//0200A404000B4A617661436172644F530100/*CID not present*/
}
uint8_t trf7970a_sendToTag(uint8_t interface,uint8_t crc,uint8_t *buf,uint8_t len)
{
/*Clear the chip FIFO buffer*/
trf7970a_command(interface,TRF7970A_CMD_FIFO_RESET);
/*Send command with or without crc*/
(crc)?(trf7970a_command(interface,TRF7970A_CMD_TRANSMIT)):(trf7970a_command(interface,TRF7970A_CMD_TRANSMIT_NO_CRC));
/*Send data to buffer starting from the length registers and then continuing with the FIFO buffer,first 2 bytes in buffer are the legth of data to be sent by the chiP*/
trf7970a_write_continous(interface,TRF7970A_TX_LENGTH_BYTE1,len);
return 1;
}
使用的函数如 trf7970a_write_continous、trf7970a_command、trf7970a_write_single 和 TRF7970A_CRC_ON 我确信它们有效,因为我在其他命令中使用了它们。 还有芯片配置函数是:
void trf7970a_init(uint8_t interface)
{
HFRF_ENABLECHIP;
Delay_ms(500);
trf7970a_command(interface,TRF7970A_CMD_SOFT_INIT);
trf7970a_command(interface,TRF7970A_CMD_IDLE);
uint8_t sysclkval=0x00;
trf7970a_write_single(interface,TRF7970A_MODULATOR_SYS_CLK_CTRL,sysclkval);
uint8_t regio=0x00 | TRF7970A_REG_IO_CTRL_VRS(7);
trf7970a_write_single(interface,TRF7970A_REG_IO_CTRL,regio);
trf7970a_write_single(interface,TRF7970A_CHIP_STATUS_CTRL,0x00);
trf7970a_command(interface,TRF7970A_CMD_FIFO_RESET);
trf7970a_write_single(interface,TRF7970A_ADJUTABLE_FIFO_IRQ_LEVELS,0x0F);
trf7970a_read_single(interface,TRF7970A_IRQ_STATUS,®io);
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。