NFC ACR122 TgInitAsTarget, initiator releasing target - McMap

About

NFC ACR122 TgInitAsTarget, initiator releasing target

Asked 10/1, 2014 at 18:5 Answered 14/1, 2014 at 6:39

Solved nfc hce acr122

K

1

2

I'm trying to get my ACR122 (usb) device to emulate a passive NFC tag, but am having difficulty getting the communication to occur properly. I'm hoping someone can see what I'm doing wrong here and help point me in the correct direction.

The response on this other question ACR122 - Card Emulation pointed to a document at http://code.google.com/p/nfcip-java/source/browse/trunk/nfcip-java/doc/ACR122_PN53x.txt but when we follow this to the letter it doesn't behave as expected.

We're using an Samsung Galaxy S3 Android 4.3 device for testing, and are seeing the below behaviour:

Transmit (TgInitAsTarget)
....'......4V@..  FF 00 00 00 27 D4 8C 00 08 00 12 34 56 40 01 FE 
................  A2 A3 A4 A5 A6 A7 C0 C1 C2 C3 C4 C5 C6 C7 FF FF 
...wfUD3"...      AA 99 88 77 66 55 44 33 22 11 00 00 

Receive
..%....7.5<...w.  D5 8D 25 1E D4 00 08 37 D9 35 3C BF D5 AE 77 9C 
...2Ffm.........  00 00 00 32 46 66 6D 01 01 11 03 02 00 13 04 01 
...               96 90 00 

Transmit (GetData)
.......           FF 00 00 00 02 D4 86 

Receive
..)..             D5 87 29 90 00

The TgInitAsTarget command appears to be working, returning a mode of 0x25 which we understand means "Active mode, DEP, 424kbps".

But then "GetData" command is immediately failing, returning status code 0x29 "The PN532 configured as target has been released by its initiator".

We've tried altering the TgInitAsTarget command with different modes (instead of the 0x00 "All" mode), trying the following which all still return 0x29 for the following GetData command:

Mode 0x01 "Passive", resulting in response mode of 0x04 "DEP"
Mode 0x02 "DEP", resulting in response mode of 0x25 (same as the "All")
Mode 0x03 "DEP Passive" resulting in response mode of 0x04 "DEP"

It appears in all cases as if the Android is not maintaining the connection, although I am not familiar with the NFC DEP protocols enough to know what I'm doing wrong here. I've read the PN532 chip reference, and it seems to indicate that I'm doing everything correctly.

I've also tried a Windows Phone NFC device, and it encounters the same problem and same error code on GetData.

Any help from anyone who is familiar with NFC would be greatly appreciated.

Dave

Kiosk answered 10/1, 2014 at 18:5 Comment(0)

J

2

For getting the ACR122 (or rather the PN532 NFC controller chip inside it) into card emulation mode, you would do about the following:

ReadRegister:

> FF000000 08 D406 6305 630D 6338
< D507 xx yy zz 9000

Update register values:

xx = xx | 0x004;  // CIU_TxAuto |= InitialRFOn
yy = yy & 0x0EF;  // CIU_ManualRCV &= ~ParityDisable
zz = zz & 0x0F7;  // CIU_Status2 &= ~MFCrypto1On

WriteRegister:

> FF000000 11 D408 6302 80 6303 80 6305 xx 630D yy 6338 zz
< D509 9000

SetParameters:
```
> FF000000 03 D412 30
< D513 9000
```

TgInitAsTarget

> FF000000 27 D48C 05 0400 123456 20 000000000000000000000000000000000000 00000000000000000000 00 00
< D58D xx ... 9000

Where xx should be equal to 0x08.

Communicate using a sequence of TgGetData and TgSetData commands:
```
> FF000000 02 D486
< D587 xx <C-APDU> 9000
```
Where xx is the status code (should be 0x00 for success) and C-APDU is the command sent from the reader.
```
> FF000000 yy D48E <R-APDU>
< D587 xx 9000
```
Where yy is 2 + the length of the R-APDU (response) and xx is the status code (should be 0x00 for success).

Jacy answered 14/1, 2014 at 6:39 Comment(11)

Thank you so much Michael, this exactly put us on the right track. If you don't mind, are there any references that you might recommend we read? It seems the key to this was the parameters on the initastarget command (setting to PICC mode), but we couldn't find any references that talked about the different modes, how they worked, etc. – Kiosk 15/1, 2014 at 16:25

I would suggest you follow the PN532 user manual (you shuld find this through Google) and the PN532 datasheet (not sure if that's already available without NDA). – Jacy 15/1, 2014 at 16:29

We have the manual (not the datasheet), but while it describes the parts of the TgInitAsTarget command (e.g. "MiFare params here", "FeliCa params here", "PICC/DEP/Passive mode"), when following the examples we end up knowing what we're setting but not why we're setting it, if that makes sense. I'm sure this will come with time, I was just curious if there were any helpful references for kickstarting us in understanding the concepts. We are definitely on the right track now; we're currently working on understanding the incoming C-APDU values. Thanks again, much appreciated. – Kiosk 15/1, 2014 at 17:33

Just for completeness, in case anybody goes down the same road as us, we found a clear description of the C-APDU/R-APDU sequence for NDEF tags in the NFC Forum Type 4 Tag Operation Spec. The protocol is based on ISO7816-4 and we found that reference useful as well to understand everything. – Kiosk 16/1, 2014 at 2:48

When issuing the TgInitAsTarget command I encounter an error, I get a few zero bytes then the stream seems to stop. I get constant -1s from my InputStream. – Pulpwood 22/3, 2017 at 1:47

@Pulpwood Are you using an ACR122U? Or are you using the PN532 directly? Over what interface? You might want to ask that as a separate question instead of hijacking this QA. – Jacy 22/3, 2017 at 6:52

Using serial dirrectly to the PN532. – Pulpwood 23/3, 2017 at 6:15

@Pulpwood TgInitAsTarget is a blocking command (you would only receive an ACK frame but no actual response immediately after sending the command) so you won't get any response until a reader actually connects to the emulated tag. Receiving garbage between frames is not unexpected. Make sure to only interpret correct frames. – Jacy 23/3, 2017 at 9:26

Ahhh, thank you. I did not realize that, such a silly mistake on my part. – Pulpwood 24/3, 2017 at 17:29

@MichaelRoland what about ACR122U based connection. I could not get any result from TgInitAsTarget command applied. here is my current problem :#55987033 – Sharpe 28/6, 2019 at 14:48

@MichaelRoland Can you expand a bit as to why those register settings are needed? And also, why invoke the SetParameters with a value of 0x30, does this not just ensure the detault PN532 values are used (fAutomaticRATS and fISO1444-4_PICC both set, all others not set). – Slover 13/4, 2021 at 1:20

Recommended topics

#Godot #Unity #Godot 4.X #Mongodb

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

© 2022 - 2024 — McMap. All rights reserved.