I am using an TRF7970A trasciver combined with a MCU to try to get some information from a Java Card Applet. The problem I run into is that I managed to exchange information with the tag up to the Applet Activation command. That means I manage to do the anticollison procedure, select command, rats command, but when i get to activating the applet I get no answer, not even an error. The exact command secquence that I am sending from the device to the tag, I have tested it with an NFC debbugger and works ok. So it seems there is something with the applet activation command. Can someone indicate me a probable cause or a solution? The command I am sending is: 0x02 0x00 0xA4 0x04 0x00 0x09 <9bytes the Applet ID>, I have also tried with 0x0A 0x00 0x00 0xA4 0x04 0x00 0x09 and still nothing. The communication medium protocol is ISO14443 Type A, and IsoDep (which is the one I use to activate the applet).
Sry for not posting also the code. Here are the used functions:
1.This functions searches for a tag and retrives the information from it:
void NFC_TagSearch(uint8_t interface, uint8_t *state, uint8_t *RetrieTimer, uint8_t side)
{
Iso14443a_halt(interface, &gNFC[side]);if(*state==RF_1356_START_TAGSEARCH)
{
Iso14443aAnticollisionInitiate(0x01, iHFRF, &gNFC[side]);
*RetrieTimer=1;
while(*RetrieTimer <= RF_1356_WAIT_AFTER_COMMAND && gNFC[side].Status!=0xFF && gNFC[side].Status!=0x02){}
if(*RetrieTimer <= RF_1356_WAIT_AFTER_COMMAND)
{
char c[6];
hex2str(gNFC[side].Status,c,1);
USART_AddBuffer(iDEBUG,(uint8_t *)c,4,DEBUG_MSG);
USART_AddBuffer(iDEBUG,(uint8_t *)"->",2,DEBUG_MSG);
uint8_t i=0;
for(i=0;i<gNFC[side].Size;i++)
{
hex2str(gNFC[side].Data[i],c,1);
USART_AddBuffer(iDEBUG,(uint8_t *)&c[2],2,DEBUG_MSG);
}
USART_AddBuffer(iDEBUG,(uint8_t *)"\r\n",2,DEBUG_MSG);
USART_TransmitBuffers(iDEBUG);
}
else
{
USART_AddBuffer(iDEBUG,(uint8_t *)"Time\r\n",6,DEBUG_MSG);
USART_TransmitBuffers(iDEBUG);
}
*RetrieTimer=0;
if(gNFC[side].Status==0xFF || gNFC[side].Status==0x02)
{
memset(gNFC[side].uid,0x00,10);
if(Iso14443aAnticolissionLoop(iHFRF, &gNFC[side]))
{
/*We got and UID go to RATS*/
TRF7970A_CRC_ON(interface);
*state=RF_1356_WAITRATSANSWER;
Iso14443a_RATS(interface,&gNFC[side]);
*RetrieTimer=1;
while(*RetrieTimer <= RF_1356_WAIT_AFTER_COMMAND && gNFC[side].Status!=0xFF){}
if(*RetrieTimer <= RF_1356_WAIT_AFTER_COMMAND)
{
char c[6];
hex2str(gNFC[side].Status,c,1);
USART_AddBuffer(iDEBUG,(uint8_t *)c,4,DEBUG_MSG);
USART_AddBuffer(iDEBUG,(uint8_t *)"->",2,DEBUG_MSG);
uint8_t i=0;
for(i=0;i<gNFC[side].Size;i++)
{
hex2str(gNFC[side].Data[i],c,1);
USART_AddBuffer(iDEBUG,(uint8_t *)&c[2],2,DEBUG_MSG);
}
USART_AddBuffer(iDEBUG,(uint8_t *)"\r\n",2,DEBUG_MSG);
USART_TransmitBuffers(iDEBUG);
}
else
{
USART_AddBuffer(iDEBUG,(uint8_t *)"Time\r\n",6,DEBUG_MSG);
USART_TransmitBuffers(iDEBUG);
}
*RetrieTimer=0;
if((*RetrieTimer >= RF_1356_WAIT_AFTER_COMMAND) || (gNFC[side].Status==0xFF))
{
if((gNFC[side].Data[0]) == 0x05)
{
/*Command for activation of the applet*/
Iso14443a_ActivateApplet(interface,&gNFC[side]);
*RetrieTimer=1;
while(*RetrieTimer <= RF_1356_WAIT_AFTER_COMMAND && gNFC[side].Status!=0xFF){}
if(gNFC[0].Size>0/**RetrieTimer <= RF_1356_WAIT_AFTER_COMMAND*/)
{
char c[6];
hex2str(gNFC[0].Status,c,1);
USART_AddBuffer(iDEBUG,(uint8_t *)c,4,DEBUG_MSG);
USART_AddBuffer(iDEBUG,(uint8_t *)"->",2,DEBUG_MSG);
uint8_t i=0;
for(i=0;i<gNFC[0].Size;i++)
{
hex2str(gNFC[0].Data[i],c,1);
USART_AddBuffer(iDEBUG,(uint8_t *)&c[2],2,DEBUG_MSG);
}
USART_AddBuffer(iDEBUG,(uint8_t *)"\r\n",2,DEBUG_MSG);
USART_TransmitBuffers(iDEBUG);
}
else
{
USART_AddBuffer(iDEBUG,(uint8_t *)"Timeout\r\n",9,DEBUG_MSG);
USART_TransmitBuffers(iDEBUG);
}
if(gNFC[1].Size>0/**RetrieTimer <= RF_1356_WAIT_AFTER_COMMAND*/)
{
char c[6];
hex2str(gNFC[1].Status,c,1);
USART_AddBuffer(iDEBUG,(uint8_t *)c,4,DEBUG_MSG);
USART_AddBuffer(iDEBUG,(uint8_t *)"->",2,DEBUG_MSG);
uint8_t i=0;
for(i=0;i<gNFC[1].Size;i++)
{
hex2str(gNFC[1].Data[i],c,1);
USART_AddBuffer(iDEBUG,(uint8_t *)&c[2],2,DEBUG_MSG);
}
USART_AddBuffer(iDEBUG,(uint8_t *)"\r\n",2,DEBUG_MSG);
USART_TransmitBuffers(iDEBUG);
}
*RetrieTimer=0;
if(gNFC[side].Status==0xFF)
{
if((gNFC[side].Data[0]) == 0x90 && (gNFC[side].Data[1]) == 0x00)
{
/*Command for activation of the applet*/
*state=RF_1356_START_TAGSEARCH;
*RetrieTimer=0;
gDevice.DeviceState=(/*DEVICE_STATE_WAIT_CARD*/0x01==gDevice.DeviceState)?(/*DEVICE_STATE_GOT_CARD*/0x04):(gDevice.DeviceState);
}
else
*state=RF_1356_START_TAGSEARCH;
}
else
{
/*Go back and send command again*/
*state=RF_1356_START_TAGSEARCH;
}
}
else
{
/*Go back and send command again*/
*state=RF_1356_START_TAGSEARCH;
}
}
else
{
/*Go back and send command again*/
*state=RF_1356_START_TAGSEARCH;
}
}
else
{
/*Go back and send command again*/
*state=RF_1356_START_TAGSEARCH;
}
}
else
{
/*Go back and send command again*/
*state=RF_1356_START_TAGSEARCH;
}
}
Iso14443a_halt(interface, &gNFC[side]);
Delay_ms(500);
LL_IWDG_ReloadCounter(IWDG);
}
2.Everithing works until the Applect Activation function for which command i get no answer, this is the functions:
void Iso14443a_ActivateApplet(uint8_t interface,__NFCInterfaces *NFC)
{
/*Tried also to reconfigure the chip, just in case*/
trf7970a_write_single(interface,TRF7970A_ISO_CTRL, TRF7970A_ISO_CTRL_14443A_106);
TRF7970A_CRC_ON(interface);
uint8_t length;
uint8_t buf[50];
NFC->CorruptedResponse=0;
NFC->Size=0;
NFC->Status=0x00;
length=0;
buf[length++] = 0x00; /*Length of the packet to be sent, this value is for the TRF7970A chip*/
buf[length++] = 0x00; /*Length of the packet to be sent, this value is for the TRF7970A chip*/
/*The sent packet*/
buf[length++] = 0x00;
buf[length++] = 0xA4;
buf[length++] = 0x04;
buf[length++] = 0x00;
buf[length++] = 0x09; //0x09
buf[length++] = 0xC2; //<-AID
buf[length++] = 0xB6;
buf[length++] = 0xCA;
buf[length++] = 0x27;
buf[length++] = 0xA1;
buf[length++] = 0x93;
buf[length++] = 0x1B;
buf[length++] = 0x14;
buf[length++] = 0x1D;
/*The sent packet*/
buf[0]=((length-2)>>4)&0x0F; /*Add the length high nibble to the buffer*/
buf[1]=((length-2)<<4)&0xF0; /*Add the length low nibble to the buffer*/
trf7970a_sendToTag(interface, 1, buf, length);
/*Tested commands*/
//02 00 A4040009 C2B6CA27A1931B141D
//0A 00 00 A4040000 C2B6CA27A1931B141D
//0A 00 00 A4040009 C2B6CA27A1931B141D
//0A0000A404000B4A617661436172644F530100/*CID present and 0*/
//0200A404000B4A617661436172644F530100/*CID not present*/
}
3.And this are the functions used in the ActivateApplet function:
uint8_t trf7970a_sendToTag(uint8_t interface, uint8_t crc, uint8_t *buf, uint8_t len)
{
/*Clear the chip FIFO buffer*/
trf7970a_command(interface, TRF7970A_CMD_FIFO_RESET);
/*Send command with or without crc*/
(crc)?(trf7970a_command(interface, TRF7970A_CMD_TRANSMIT)):(trf7970a_command(interface, TRF7970A_CMD_TRANSMIT_NO_CRC));
/*Send data to buffer starting from the length registers and then continuing with the FIFO buffer, first 2 bytes in buffer are the legth of data to be sent by the chip*/
trf7970a_write_continous(interface, TRF7970A_TX_LENGTH_BYTE1, buf,len);
return 1;
}
The functions used like trf7970a_write_continous, trf7970a_command, trf7970a_write_single and TRF7970A_CRC_ON I am sure they work cause I used them in other commands. Also the chip configuration function is:
void trf7970a_init(uint8_t interface)
{
HFRF_ENABLECHIP;
Delay_ms(500);
trf7970a_command(interface, TRF7970A_CMD_SOFT_INIT);
trf7970a_command(interface, TRF7970A_CMD_IDLE);
uint8_t sysclkval=0x00;
trf7970a_write_single(interface, TRF7970A_MODULATOR_SYS_CLK_CTRL, sysclkval);
uint8_t regio=0x00 | TRF7970A_REG_IO_CTRL_VRS(7);
trf7970a_write_single(interface, TRF7970A_REG_IO_CTRL, regio);
trf7970a_write_single(interface, TRF7970A_CHIP_STATUS_CTRL, 0x00);
trf7970a_command(interface, TRF7970A_CMD_FIFO_RESET);
trf7970a_write_single(interface, TRF7970A_ADJUTABLE_FIFO_IRQ_LEVELS, 0x0F);
trf7970a_read_single(interface, TRF7970A_IRQ_STATUS, ®io);
}
