1 /******************************************************************************
2 *
3 * Copyright (C) 2011-2014 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains the implementation for ISO 15693 in Reader/Writer
22 * mode.
23 *
24 ******************************************************************************/
25 #include <android-base/stringprintf.h>
26 #include <base/logging.h>
27 #include <log/log.h>
28 #include <string.h>
29
30 #include "bt_types.h"
31 #include "nfc_api.h"
32 #include "nfc_int.h"
33 #include "nfc_target.h"
34 #include "rw_api.h"
35 #include "rw_int.h"
36
37 using android::base::StringPrintf;
38
39 extern bool nfc_debug_enabled;
40 extern unsigned char appl_dta_mode_flag;
41
42 /* Response timeout */
43 #define RW_I93_TOUT_RESP 1000
44 /* stay quiet timeout */
45 #define RW_I93_TOUT_STAY_QUIET 200
46 /* max reading data if read multi block is supported */
47 #define RW_I93_READ_MULTI_BLOCK_SIZE 128
48 /* CC, zero length NDEF, Terminator TLV */
49 #define RW_I93_FORMAT_DATA_LEN 8
50 /* max getting lock status if get multi block sec is supported */
51 #define RW_I93_GET_MULTI_BLOCK_SEC_SIZE 253
52
53 static std::string rw_i93_get_tag_name(uint8_t product_version);
54
55 static void rw_i93_data_cback(uint8_t conn_id, tNFC_CONN_EVT event,
56 tNFC_CONN* p_data);
57 void rw_i93_handle_error(tNFC_STATUS status);
58 tNFC_STATUS rw_i93_send_cmd_get_sys_info(uint8_t* p_uid, uint8_t extra_flag);
59 tNFC_STATUS rw_i93_send_cmd_get_ext_sys_info(uint8_t* p_uid);
60
61 /*******************************************************************************
62 **
63 ** Function rw_i93_get_product_version
64 **
65 ** Description Get product version from UID
66 **
67 ** Returns void
68 **
69 *******************************************************************************/
rw_i93_get_product_version(uint8_t * p_uid)70 void rw_i93_get_product_version(uint8_t* p_uid) {
71 tRW_I93_CB* p_i93 = &rw_cb.tcb.i93;
72
73 if (!memcmp(p_i93->uid, p_uid, I93_UID_BYTE_LEN)) {
74 return;
75 }
76
77 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
78
79 memcpy(p_i93->uid, p_uid, I93_UID_BYTE_LEN);
80
81 if (p_uid[1] == I93_UID_IC_MFG_CODE_NXP) {
82 if (p_uid[2] == I93_UID_ICODE_SLI)
83 p_i93->product_version = RW_I93_ICODE_SLI;
84 else if (p_uid[2] == I93_UID_ICODE_SLI_S)
85 p_i93->product_version = RW_I93_ICODE_SLI_S;
86 else if (p_uid[2] == I93_UID_ICODE_SLI_L)
87 p_i93->product_version = RW_I93_ICODE_SLI_L;
88 else
89 p_i93->product_version = RW_I93_UNKNOWN_PRODUCT;
90 } else if (p_uid[1] == I93_UID_IC_MFG_CODE_TI) {
91 if ((p_uid[2] & I93_UID_TAG_IT_HF_I_PRODUCT_ID_MASK) ==
92 I93_UID_TAG_IT_HF_I_PLUS_INLAY)
93 p_i93->product_version = RW_I93_TAG_IT_HF_I_PLUS_INLAY;
94 else if ((p_uid[2] & I93_UID_TAG_IT_HF_I_PRODUCT_ID_MASK) ==
95 I93_UID_TAG_IT_HF_I_PLUS_CHIP)
96 p_i93->product_version = RW_I93_TAG_IT_HF_I_PLUS_CHIP;
97 else if ((p_uid[2] & I93_UID_TAG_IT_HF_I_PRODUCT_ID_MASK) ==
98 I93_UID_TAG_IT_HF_I_STD_CHIP_INLAY)
99 p_i93->product_version = RW_I93_TAG_IT_HF_I_STD_CHIP_INLAY;
100 else if ((p_uid[2] & I93_UID_TAG_IT_HF_I_PRODUCT_ID_MASK) ==
101 I93_UID_TAG_IT_HF_I_PRO_CHIP_INLAY)
102 p_i93->product_version = RW_I93_TAG_IT_HF_I_PRO_CHIP_INLAY;
103 else
104 p_i93->product_version = RW_I93_UNKNOWN_PRODUCT;
105 } else if ((p_uid[1] == I93_UID_IC_MFG_CODE_STM) &&
106 (p_i93->info_flags & I93_INFO_FLAG_IC_REF)) {
107 if (p_i93->ic_reference == I93_IC_REF_STM_M24LR04E_R)
108 p_i93->product_version = RW_I93_STM_M24LR04E_R;
109 else if (p_i93->ic_reference == I93_IC_REF_STM_M24LR16E_R)
110 p_i93->product_version = RW_I93_STM_M24LR16E_R;
111 else if (p_i93->ic_reference == I93_IC_REF_STM_M24LR16D_W)
112 p_i93->product_version = RW_I93_STM_M24LR16D_W;
113 else if (p_i93->ic_reference == I93_IC_REF_STM_M24LR64E_R)
114 p_i93->product_version = RW_I93_STM_M24LR64E_R;
115 else if (p_i93->ic_reference == I93_IC_REF_STM_ST25DVHIK)
116 p_i93->product_version = RW_I93_STM_ST25DVHIK;
117 else if (p_i93->ic_reference == I93_IC_REF_STM_ST25DV04K)
118 p_i93->product_version = RW_I93_STM_ST25DV04K;
119 else {
120 switch (p_i93->ic_reference & I93_IC_REF_STM_MASK) {
121 case I93_IC_REF_STM_LRI1K:
122 p_i93->product_version = RW_I93_STM_LRI1K;
123 break;
124 case I93_IC_REF_STM_LRI2K:
125 p_i93->product_version = RW_I93_STM_LRI2K;
126 break;
127 case I93_IC_REF_STM_LRIS2K:
128 p_i93->product_version = RW_I93_STM_LRIS2K;
129 break;
130 case I93_IC_REF_STM_LRIS64K:
131 p_i93->product_version = RW_I93_STM_LRIS64K;
132 break;
133 case I93_IC_REF_STM_M24LR64_R:
134 p_i93->product_version = RW_I93_STM_M24LR64_R;
135 break;
136 default:
137 p_i93->product_version = RW_I93_UNKNOWN_PRODUCT;
138 break;
139 }
140 }
141 } else if ((p_uid[1] == I93_UID_IC_MFG_CODE_ONS) &&
142 (p_i93->info_flags & I93_INFO_FLAG_IC_REF)) {
143 switch (p_i93->ic_reference) {
144 case I93_IC_REF_ONS_N36RW02:
145 p_i93->product_version = RW_I93_ONS_N36RW02;
146 break;
147 case I93_IC_REF_ONS_N24RF04:
148 p_i93->product_version = RW_I93_ONS_N24RF04;
149 break;
150 case I93_IC_REF_ONS_N24RF04E:
151 p_i93->product_version = RW_I93_ONS_N24RF04E;
152 break;
153 case I93_IC_REF_ONS_N24RF16:
154 p_i93->product_version = RW_I93_ONS_N24RF16;
155 break;
156 case I93_IC_REF_ONS_N24RF16E:
157 p_i93->product_version = RW_I93_ONS_N24RF16E;
158 break;
159 case I93_IC_REF_ONS_N24RF64:
160 p_i93->product_version = RW_I93_ONS_N24RF64;
161 break;
162 case I93_IC_REF_ONS_N24RF64E:
163 p_i93->product_version = RW_I93_ONS_N24RF64E;
164 break;
165 default:
166 p_i93->product_version = RW_I93_UNKNOWN_PRODUCT;
167 break;
168 }
169 } else {
170 p_i93->product_version = RW_I93_UNKNOWN_PRODUCT;
171 }
172
173 DLOG_IF(INFO, nfc_debug_enabled)
174 << StringPrintf("product_version = <%s>",
175 rw_i93_get_tag_name(p_i93->product_version).c_str());
176
177 switch (p_i93->product_version) {
178 case RW_I93_TAG_IT_HF_I_STD_CHIP_INLAY:
179 case RW_I93_TAG_IT_HF_I_PRO_CHIP_INLAY:
180 /* these don't support Get System Information Command */
181 /* these support only Inventory, Stay Quiet, Read Single Block, Write
182 * Single Block, Lock Block */
183 p_i93->block_size = I93_TAG_IT_HF_I_STD_PRO_CHIP_INLAY_BLK_SIZE;
184 p_i93->num_block = I93_TAG_IT_HF_I_STD_PRO_CHIP_INLAY_NUM_USER_BLK;
185 break;
186 default:
187 break;
188 }
189 }
190
191 /*******************************************************************************
192 **
193 ** Function rw_i93_process_ext_sys_info
194 **
195 ** Description Store extended system information of tag
196 **
197 ** Returns FALSE if retrying with protocol extension flag
198 **
199 *******************************************************************************/
rw_i93_process_ext_sys_info(uint8_t * p_data,uint16_t length)200 bool rw_i93_process_ext_sys_info(uint8_t* p_data, uint16_t length) {
201 uint8_t* p = p_data;
202 tRW_I93_CB* p_i93 = &rw_cb.tcb.i93;
203 uint8_t uid[I93_UID_BYTE_LEN], *p_uid;
204
205 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
206
207 if (length < (I93_UID_BYTE_LEN + 1)) {
208 android_errorWriteLog(0x534e4554, "122316913");
209 return false;
210 }
211
212 STREAM_TO_UINT8(p_i93->info_flags, p);
213 length--;
214
215 p_uid = uid;
216 STREAM_TO_ARRAY8(p_uid, p);
217 length -= I93_UID_BYTE_LEN;
218
219 if (p_i93->info_flags & I93_INFO_FLAG_DSFID) {
220 if (length < I93_INFO_DSFID_LEN) {
221 android_errorWriteLog(0x534e4554, "122316913");
222 return false;
223 }
224 STREAM_TO_UINT8(p_i93->dsfid, p);
225 length--;
226 }
227 if (p_i93->info_flags & I93_INFO_FLAG_AFI) {
228 if (length < I93_INFO_AFI_LEN) {
229 android_errorWriteLog(0x534e4554, "122316913");
230 return false;
231 }
232 STREAM_TO_UINT8(p_i93->afi, p);
233 length--;
234 }
235 if (p_i93->info_flags & I93_INFO_FLAG_MEM_SIZE) {
236 if (length < I93_INFO_16BIT_NUM_BLOCK_LEN + I93_INFO_BLOCK_SIZE_LEN) {
237 android_errorWriteLog(0x534e4554, "122316913");
238 return false;
239 }
240 STREAM_TO_UINT16(p_i93->num_block, p);
241 length -= I93_INFO_16BIT_NUM_BLOCK_LEN;
242
243 /* it is one less than actual number of bytes */
244 p_i93->num_block += 1;
245
246 STREAM_TO_UINT8(p_i93->block_size, p);
247 length--;
248 /* it is one less than actual number of blocks */
249 p_i93->block_size = (p_i93->block_size & 0x1F) + 1;
250 }
251 if (p_i93->info_flags & I93_INFO_FLAG_IC_REF) {
252 if (length < I93_INFO_IC_REF_LEN) {
253 android_errorWriteLog(0x534e4554, "122316913");
254 return false;
255 }
256 STREAM_TO_UINT8(p_i93->ic_reference, p);
257 length--;
258
259 /* clear existing UID to set product version */
260 p_i93->uid[0] = 0x00;
261
262 /* store UID and get product version */
263 rw_i93_get_product_version(p_uid);
264
265 if (p_i93->uid[0] == I93_UID_FIRST_BYTE) {
266 if ((p_i93->uid[1] == I93_UID_IC_MFG_CODE_STM) ||
267 (p_i93->uid[1] == I93_UID_IC_MFG_CODE_ONS)) {
268 /* STM & ONS supports more than 2040 bytes */
269 p_i93->intl_flags |= RW_I93_FLAG_EXT_COMMANDS;
270 }
271 }
272 }
273 return true;
274 }
275
276 /*******************************************************************************
277 **
278 ** Function rw_i93_process_sys_info
279 **
280 ** Description Store system information of tag
281 **
282 ** Returns FALSE if retrying with protocol extension flag
283 **
284 *******************************************************************************/
rw_i93_process_sys_info(uint8_t * p_data,uint16_t length)285 bool rw_i93_process_sys_info(uint8_t* p_data, uint16_t length) {
286 uint8_t* p = p_data;
287 tRW_I93_CB* p_i93 = &rw_cb.tcb.i93;
288 uint8_t uid[I93_UID_BYTE_LEN], *p_uid;
289
290 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
291
292 if (length < (I93_UID_BYTE_LEN + 1)) {
293 android_errorWriteLog(0x534e4554, "121259048");
294 return false;
295 }
296 STREAM_TO_UINT8(p_i93->info_flags, p);
297 length--;
298
299 p_uid = uid;
300 STREAM_TO_ARRAY8(p_uid, p);
301 length -= I93_UID_BYTE_LEN;
302
303 if (p_i93->info_flags & I93_INFO_FLAG_DSFID) {
304 if (length == 0) {
305 android_errorWriteLog(0x534e4554, "121259048");
306 return false;
307 }
308 STREAM_TO_UINT8(p_i93->dsfid, p);
309 length--;
310 }
311 if (p_i93->info_flags & I93_INFO_FLAG_AFI) {
312 if (length == 0) {
313 android_errorWriteLog(0x534e4554, "121259048");
314 return false;
315 }
316 STREAM_TO_UINT8(p_i93->afi, p);
317 length--;
318 }
319 if (p_i93->info_flags & I93_INFO_FLAG_MEM_SIZE) {
320 bool block_16_bit = p_i93->intl_flags & RW_I93_FLAG_16BIT_NUM_BLOCK;
321 if (block_16_bit && length > 2) {
322 STREAM_TO_UINT16(p_i93->num_block, p);
323 length -= 2;
324 } else if (!block_16_bit && length > 1) {
325 STREAM_TO_UINT8(p_i93->num_block, p);
326 length--;
327 } else {
328 android_errorWriteLog(0x534e4554, "121259048");
329 return false;
330 }
331 /* it is one less than actual number of bytes */
332 p_i93->num_block += 1;
333
334 STREAM_TO_UINT8(p_i93->block_size, p);
335 length--;
336 /* it is one less than actual number of blocks */
337 p_i93->block_size = (p_i93->block_size & 0x1F) + 1;
338 }
339 if (p_i93->info_flags & I93_INFO_FLAG_IC_REF) {
340 if (length == 0) {
341 android_errorWriteLog(0x534e4554, "121259048");
342 return false;
343 }
344 STREAM_TO_UINT8(p_i93->ic_reference, p);
345
346 /* clear existing UID to set product version */
347 p_i93->uid[0] = 0x00;
348
349 /* store UID and get product version */
350 rw_i93_get_product_version(p_uid);
351
352 if (p_i93->uid[0] == I93_UID_FIRST_BYTE) {
353 if ((p_i93->uid[1] == I93_UID_IC_MFG_CODE_NXP) &&
354 (p_i93->ic_reference == I93_IC_REF_ICODE_SLI_L)) {
355 p_i93->num_block = 8;
356 p_i93->block_size = 4;
357 } else if (p_i93->uid[1] == I93_UID_IC_MFG_CODE_STM) {
358 /*
359 ** LRI1K: 010000xx(b), blockSize: 4, numberBlocks: 0x20
360 ** LRI2K: 001000xx(b), blockSize: 4, numberBlocks: 0x40
361 ** LRIS2K: 001010xx(b), blockSize: 4, numberBlocks: 0x40
362 ** LRIS64K: 010001xx(b), blockSize: 4, numberBlocks: 0x800
363 ** M24LR64-R: 001011xx(b), blockSize: 4, numberBlocks: 0x800
364 ** M24LR04E-R: 01011010(b), blockSize: 4, numberBlocks: 0x80
365 ** M24LR16E-R: 01001110(b), blockSize: 4, numberBlocks: 0x200
366 ** M24LR16D-W: 01001101(b), blockSize: 4, numberBlocks: 0x200
367 ** M24LR64E-R: 01011110(b), blockSize: 4, numberBlocks: 0x800
368 */
369 if ((p_i93->product_version == RW_I93_STM_M24LR16E_R) ||
370 (p_i93->product_version == RW_I93_STM_M24LR16D_W) ||
371 (p_i93->product_version == RW_I93_STM_M24LR64E_R)) {
372 /*
373 ** M24LR16E-R or M24LR16D-W or M24LR64E-R returns system information
374 ** without memory size, if option flag is not set.
375 ** LRIS64K and M24LR64-R return error if option flag is not
376 ** set.
377 */
378 if (!(p_i93->intl_flags & RW_I93_FLAG_16BIT_NUM_BLOCK)) {
379 /* get memory size with protocol extension flag */
380 if (rw_i93_send_cmd_get_sys_info(nullptr, I93_FLAG_PROT_EXT_YES) ==
381 NFC_STATUS_OK) {
382 /* STM supports more than 2040 bytes */
383 p_i93->intl_flags |= RW_I93_FLAG_16BIT_NUM_BLOCK;
384
385 return false;
386 }
387 }
388 } else if ((p_i93->product_version == RW_I93_STM_LRI2K) &&
389 (p_i93->ic_reference == 0x21)) {
390 /* workaround of byte order in memory size information */
391 p_i93->num_block = 64;
392 p_i93->block_size = 4;
393 } else if (!(p_i93->info_flags & I93_INFO_FLAG_MEM_SIZE)) {
394 if (!(p_i93->intl_flags & RW_I93_FLAG_EXT_COMMANDS)) {
395 if (rw_i93_send_cmd_get_ext_sys_info(nullptr) == NFC_STATUS_OK) {
396 /* STM supports more than 2040 bytes */
397 p_i93->intl_flags |= RW_I93_FLAG_EXT_COMMANDS;
398
399 return false;
400 }
401 }
402 }
403 } else if (p_i93->uid[1] == I93_UID_IC_MFG_CODE_ONS) {
404 /*
405 ** N36RW02: 00011010(b), blockSize: 4, numberBlocks: 0x40
406 ** N24RF04: 00101110(b), blockSize: 4, numberBlocks: 0x80
407 ** N24RF04E: 00101010(b), blockSize: 4, numberBlocks: 0x80
408 ** N24RF16: 01001010(b), blockSize: 4, numberBlocks: 0x200
409 ** N24RF16E: 01001110(b), blockSize: 4, numberBlocks: 0x200
410 ** N24RF64: 01101010(b), blockSize: 4, numberBlocks: 0x800
411 ** N24RF64E: 01101110(b), blockSize: 4, numberBlocks: 0x800
412 */
413 p_i93->block_size = 4;
414 switch (p_i93->product_version) {
415 case RW_I93_ONS_N36RW02:
416 p_i93->num_block = 0x40;
417 break;
418 case RW_I93_ONS_N24RF04:
419 case RW_I93_ONS_N24RF04E:
420 p_i93->num_block = 0x80;
421 break;
422 case RW_I93_ONS_N24RF16:
423 case RW_I93_ONS_N24RF16E:
424 p_i93->num_block = 0x200;
425 p_i93->intl_flags |= RW_I93_FLAG_16BIT_NUM_BLOCK;
426 break;
427 case RW_I93_ONS_N24RF64:
428 case RW_I93_ONS_N24RF64E:
429 p_i93->num_block = 0x800;
430 p_i93->intl_flags |= RW_I93_FLAG_16BIT_NUM_BLOCK;
431 break;
432 default:
433 return false;
434 }
435 }
436 }
437 }
438
439 return true;
440 }
441
442 /*******************************************************************************
443 **
444 ** Function rw_i93_check_sys_info_prot_ext
445 **
446 ** Description Check if need to set protocol extension flag to get system
447 ** info
448 **
449 ** Returns TRUE if sent Get System Info with protocol extension flag
450 **
451 *******************************************************************************/
rw_i93_check_sys_info_prot_ext(uint8_t error_code)452 bool rw_i93_check_sys_info_prot_ext(uint8_t error_code) {
453 tRW_I93_CB* p_i93 = &rw_cb.tcb.i93;
454
455 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
456
457 if (((p_i93->uid[1] == I93_UID_IC_MFG_CODE_STM) ||
458 (p_i93->uid[1] == I93_UID_IC_MFG_CODE_ONS)) &&
459 (p_i93->sent_cmd == I93_CMD_GET_SYS_INFO) &&
460 (error_code == I93_ERROR_CODE_OPTION_NOT_SUPPORTED) &&
461 (rw_i93_send_cmd_get_sys_info(nullptr, I93_FLAG_PROT_EXT_YES) ==
462 NFC_STATUS_OK)) {
463 return true;
464 } else {
465 return false;
466 }
467 }
468
469 /*******************************************************************************
470 **
471 ** Function rw_i93_send_to_upper
472 **
473 ** Description Send response to upper layer
474 **
475 ** Returns void
476 **
477 *******************************************************************************/
rw_i93_send_to_upper(NFC_HDR * p_resp)478 void rw_i93_send_to_upper(NFC_HDR* p_resp) {
479 uint8_t *p = (uint8_t*)(p_resp + 1) + p_resp->offset, *p_uid;
480 uint16_t length = p_resp->len;
481 tRW_I93_CB* p_i93 = &rw_cb.tcb.i93;
482 tRW_DATA rw_data;
483 uint8_t event = RW_I93_MAX_EVT;
484 uint8_t flags;
485 NFC_HDR* p_buff;
486
487 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
488
489 if (length == 0) {
490 android_errorWriteLog(0x534e4554, "121035878");
491 rw_data.i93_cmd_cmpl.status = NFC_STATUS_FAILED;
492 rw_data.i93_cmd_cmpl.command = p_i93->sent_cmd;
493 rw_cb.tcb.i93.sent_cmd = 0;
494 (*(rw_cb.p_cback))(RW_I93_CMD_CMPL_EVT, &rw_data);
495 return;
496 }
497
498 STREAM_TO_UINT8(flags, p);
499 length--;
500
501 if (flags & I93_FLAG_ERROR_DETECTED) {
502 if ((length) && (rw_i93_check_sys_info_prot_ext(*p))) {
503 /* getting system info with protocol extension flag */
504 /* This STM & ONS tag supports more than 2040 bytes */
505 p_i93->intl_flags |= RW_I93_FLAG_16BIT_NUM_BLOCK;
506 p_i93->state = RW_I93_STATE_BUSY;
507 } else if (length) {
508 /* notify error to upper layer */
509 rw_data.i93_cmd_cmpl.status = NFC_STATUS_FAILED;
510 rw_data.i93_cmd_cmpl.command = p_i93->sent_cmd;
511 STREAM_TO_UINT8(rw_data.i93_cmd_cmpl.error_code, p);
512
513 rw_cb.tcb.i93.sent_cmd = 0;
514 (*(rw_cb.p_cback))(RW_I93_CMD_CMPL_EVT, &rw_data);
515 }
516 return;
517 }
518
519 switch (p_i93->sent_cmd) {
520 case I93_CMD_INVENTORY:
521 if (length < I93_INFO_DSFID_LEN + I93_UID_BYTE_LEN) return;
522
523 /* forward inventory response */
524 rw_data.i93_inventory.status = NFC_STATUS_OK;
525 STREAM_TO_UINT8(rw_data.i93_inventory.dsfid, p);
526
527 p_uid = rw_data.i93_inventory.uid;
528 STREAM_TO_ARRAY8(p_uid, p);
529
530 /* store UID and get product version */
531 rw_i93_get_product_version(p_uid);
532
533 event = RW_I93_INVENTORY_EVT;
534 break;
535
536 case I93_CMD_READ_SINGLE_BLOCK:
537 case I93_CMD_EXT_READ_SINGLE_BLOCK:
538 case I93_CMD_READ_MULTI_BLOCK:
539 case I93_CMD_EXT_READ_MULTI_BLOCK:
540 case I93_CMD_GET_MULTI_BLK_SEC:
541 case I93_CMD_EXT_GET_MULTI_BLK_SEC:
542
543 if (UINT16_MAX - length < NFC_HDR_SIZE) {
544 rw_data.i93_cmd_cmpl.status = NFC_STATUS_FAILED;
545 rw_data.i93_cmd_cmpl.command = p_i93->sent_cmd;
546 rw_cb.tcb.i93.sent_cmd = 0;
547
548 event = RW_I93_CMD_CMPL_EVT;
549 break;
550 }
551
552 /* forward tag data or security status */
553 p_buff = (NFC_HDR*)GKI_getbuf((uint16_t)(length + NFC_HDR_SIZE));
554
555 if (p_buff) {
556 p_buff->offset = 0;
557 p_buff->len = length;
558
559 memcpy((p_buff + 1), p, length);
560
561 rw_data.i93_data.status = NFC_STATUS_OK;
562 rw_data.i93_data.command = p_i93->sent_cmd;
563 rw_data.i93_data.p_data = p_buff;
564
565 event = RW_I93_DATA_EVT;
566 } else {
567 rw_data.i93_cmd_cmpl.status = NFC_STATUS_NO_BUFFERS;
568 rw_data.i93_cmd_cmpl.command = p_i93->sent_cmd;
569 rw_data.i93_cmd_cmpl.error_code = 0;
570
571 event = RW_I93_CMD_CMPL_EVT;
572 }
573 break;
574
575 case I93_CMD_WRITE_SINGLE_BLOCK:
576 case I93_CMD_EXT_WRITE_SINGLE_BLOCK:
577 case I93_CMD_LOCK_BLOCK:
578 case I93_CMD_EXT_LOCK_BLOCK:
579 case I93_CMD_WRITE_MULTI_BLOCK:
580 case I93_CMD_EXT_WRITE_MULTI_BLOCK:
581 case I93_CMD_SELECT:
582 case I93_CMD_RESET_TO_READY:
583 case I93_CMD_WRITE_AFI:
584 case I93_CMD_LOCK_AFI:
585 case I93_CMD_WRITE_DSFID:
586 case I93_CMD_LOCK_DSFID:
587
588 /* notify the complete of command */
589 rw_data.i93_cmd_cmpl.status = NFC_STATUS_OK;
590 rw_data.i93_cmd_cmpl.command = p_i93->sent_cmd;
591 rw_data.i93_cmd_cmpl.error_code = 0;
592
593 event = RW_I93_CMD_CMPL_EVT;
594 break;
595
596 case I93_CMD_GET_SYS_INFO:
597
598 if (rw_i93_process_sys_info(p, length)) {
599 rw_data.i93_sys_info.status = NFC_STATUS_OK;
600 rw_data.i93_sys_info.info_flags = p_i93->info_flags;
601 rw_data.i93_sys_info.dsfid = p_i93->dsfid;
602 rw_data.i93_sys_info.afi = p_i93->afi;
603 rw_data.i93_sys_info.num_block = p_i93->num_block;
604 rw_data.i93_sys_info.block_size = p_i93->block_size;
605 rw_data.i93_sys_info.IC_reference = p_i93->ic_reference;
606
607 memcpy(rw_data.i93_sys_info.uid, p_i93->uid, I93_UID_BYTE_LEN);
608
609 p_i93->i93_t5t_mode = RW_I93_GET_SYS_INFO_MEM_INFO;
610 event = RW_I93_SYS_INFO_EVT;
611 } else {
612 /* retrying with protocol extension flag */
613 p_i93->state = RW_I93_STATE_BUSY;
614 return;
615 }
616 break;
617
618 case I93_CMD_EXT_GET_SYS_INFO:
619
620 if (rw_i93_process_ext_sys_info(p, length)) {
621 rw_data.i93_sys_info.status = NFC_STATUS_OK;
622 rw_data.i93_sys_info.info_flags = p_i93->info_flags;
623 rw_data.i93_sys_info.dsfid = p_i93->dsfid;
624 rw_data.i93_sys_info.afi = p_i93->afi;
625 rw_data.i93_sys_info.num_block = p_i93->num_block;
626 rw_data.i93_sys_info.block_size = p_i93->block_size;
627 rw_data.i93_sys_info.IC_reference = p_i93->ic_reference;
628
629 memcpy(rw_data.i93_sys_info.uid, p_i93->uid, I93_UID_BYTE_LEN);
630
631 p_i93->i93_t5t_mode = RW_I93_GET_SYS_INFO_MEM_INFO;
632 event = RW_I93_SYS_INFO_EVT;
633 } else {
634 /* retrying with protocol extension flag or with extended sys info
635 * command */
636 p_i93->state = RW_I93_STATE_BUSY;
637 return;
638 }
639 break;
640
641 default:
642 break;
643 }
644
645 rw_cb.tcb.i93.sent_cmd = 0;
646 if (event != RW_I93_MAX_EVT) {
647 (*(rw_cb.p_cback))(event, &rw_data);
648 } else {
649 LOG(ERROR) << StringPrintf("Invalid response");
650 }
651 }
652
653 /*******************************************************************************
654 **
655 ** Function rw_i93_send_to_lower
656 **
657 ** Description Send Request frame to lower layer
658 **
659 ** Returns TRUE if success
660 **
661 *******************************************************************************/
rw_i93_send_to_lower(NFC_HDR * p_msg)662 bool rw_i93_send_to_lower(NFC_HDR* p_msg) {
663 /* store command for retransmitting */
664 if (rw_cb.tcb.i93.p_retry_cmd) {
665 GKI_freebuf(rw_cb.tcb.i93.p_retry_cmd);
666 rw_cb.tcb.i93.p_retry_cmd = nullptr;
667 }
668
669 uint16_t msg_size = sizeof(NFC_HDR) + p_msg->offset + p_msg->len;
670
671 rw_cb.tcb.i93.p_retry_cmd = (NFC_HDR*)GKI_getpoolbuf(NFC_RW_POOL_ID);
672
673 if (rw_cb.tcb.i93.p_retry_cmd &&
674 GKI_get_pool_bufsize(NFC_RW_POOL_ID) >= msg_size) {
675 memcpy(rw_cb.tcb.i93.p_retry_cmd, p_msg, msg_size);
676 } else {
677 LOG(ERROR) << StringPrintf("Memory allocation error");
678 android_errorWriteLog(0x534e4554, "157650357");
679 return false;
680 }
681
682 if (NFC_SendData(NFC_RF_CONN_ID, p_msg) != NFC_STATUS_OK) {
683 LOG(ERROR) << StringPrintf("failed");
684 return false;
685 }
686
687 int timeout = (RW_I93_TOUT_RESP * QUICK_TIMER_TICKS_PER_SEC) / 1000;
688 if (rw_cb.tcb.i93.in_pres_check)
689 timeout = (200 * QUICK_TIMER_TICKS_PER_SEC) / 1000;
690 nfc_start_quick_timer(&rw_cb.tcb.i93.timer, NFC_TTYPE_RW_I93_RESPONSE,
691 timeout);
692
693 return true;
694 }
695
696 /*******************************************************************************
697 **
698 ** Function rw_i93_send_cmd_inventory
699 **
700 ** Description Send Inventory Request to VICC
701 **
702 ** Returns tNFC_STATUS
703 **
704 *******************************************************************************/
rw_i93_send_cmd_inventory(uint8_t * p_uid,bool including_afi,uint8_t afi)705 tNFC_STATUS rw_i93_send_cmd_inventory(uint8_t* p_uid, bool including_afi,
706 uint8_t afi) {
707 NFC_HDR* p_cmd;
708 uint8_t *p, flags;
709
710 DLOG_IF(INFO, nfc_debug_enabled)
711 << StringPrintf("including_afi:%d, AFI:0x%02X", including_afi, afi);
712
713 p_cmd = (NFC_HDR*)GKI_getpoolbuf(NFC_RW_POOL_ID);
714
715 if (!p_cmd) {
716 LOG(ERROR) << StringPrintf("Cannot allocate buffer");
717 return NFC_STATUS_NO_BUFFERS;
718 }
719
720 p_cmd->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE;
721 p_cmd->len = 3;
722 p = (uint8_t*)(p_cmd + 1) + p_cmd->offset;
723
724 /* Flags */
725 flags = (I93_FLAG_SLOT_ONE | I93_FLAG_INVENTORY_SET |
726 RW_I93_FLAG_SUB_CARRIER | RW_I93_FLAG_DATA_RATE);
727 if (including_afi) {
728 flags |= I93_FLAG_AFI_PRESENT;
729 }
730
731 UINT8_TO_STREAM(p, flags);
732
733 /* Command Code */
734 UINT8_TO_STREAM(p, I93_CMD_INVENTORY);
735
736 if (including_afi) {
737 /* Parameters */
738 UINT8_TO_STREAM(p, afi); /* Optional AFI */
739 p_cmd->len++;
740 }
741
742 if (p_uid) {
743 UINT8_TO_STREAM(p, I93_UID_BYTE_LEN * 8); /* Mask Length */
744 ARRAY8_TO_STREAM(p, p_uid); /* UID */
745 p_cmd->len += I93_UID_BYTE_LEN;
746 } else {
747 UINT8_TO_STREAM(p, 0x00); /* Mask Length */
748 }
749
750 if (rw_i93_send_to_lower(p_cmd)) {
751 rw_cb.tcb.i93.sent_cmd = I93_CMD_INVENTORY;
752 return NFC_STATUS_OK;
753 } else {
754 return NFC_STATUS_FAILED;
755 }
756 }
757
758 /*******************************************************************************
759 **
760 ** Function rw_i93_send_cmd_stay_quiet
761 **
762 ** Description Send Stay Quiet Request to VICC
763 **
764 ** Returns tNFC_STATUS
765 **
766 *******************************************************************************/
rw_i93_send_cmd_stay_quiet(uint8_t * p_uid)767 tNFC_STATUS rw_i93_send_cmd_stay_quiet(uint8_t* p_uid) {
768 NFC_HDR* p_cmd;
769 uint8_t* p;
770
771 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
772
773 p_cmd = (NFC_HDR*)GKI_getpoolbuf(NFC_RW_POOL_ID);
774
775 if (!p_cmd) {
776 LOG(ERROR) << StringPrintf("Cannot allocate buffer");
777 return NFC_STATUS_NO_BUFFERS;
778 }
779
780 p_cmd->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE;
781 p_cmd->len = 10;
782 p = (uint8_t*)(p_cmd + 1) + p_cmd->offset;
783
784 /* Flags */
785 UINT8_TO_STREAM(p, (I93_FLAG_ADDRESS_SET | RW_I93_FLAG_SUB_CARRIER |
786 RW_I93_FLAG_DATA_RATE));
787
788 /* Command Code */
789 UINT8_TO_STREAM(p, I93_CMD_STAY_QUIET);
790
791 /* Parameters */
792 /* Beware the UID is provided with the same order as the transmission
793 one (LSB first) */
794 ARRAY_TO_STREAM(p, p_uid, I93_UID_BYTE_LEN); /* UID */
795
796 if (rw_i93_send_to_lower(p_cmd)) {
797 rw_cb.tcb.i93.sent_cmd = I93_CMD_STAY_QUIET;
798
799 /* restart timer for stay quiet */
800 nfc_start_quick_timer(
801 &rw_cb.tcb.i93.timer, NFC_TTYPE_RW_I93_RESPONSE,
802 (RW_I93_TOUT_STAY_QUIET * QUICK_TIMER_TICKS_PER_SEC) / 1000);
803 return NFC_STATUS_OK;
804 } else {
805 return NFC_STATUS_FAILED;
806 }
807 }
808
809 /*******************************************************************************
810 **
811 ** Function rw_i93_send_cmd_read_single_block
812 **
813 ** Description Send Read Single Block Request to VICC
814 **
815 ** Returns tNFC_STATUS
816 **
817 *******************************************************************************/
rw_i93_send_cmd_read_single_block(uint16_t block_number,bool read_security)818 tNFC_STATUS rw_i93_send_cmd_read_single_block(uint16_t block_number,
819 bool read_security) {
820 NFC_HDR* p_cmd;
821 uint8_t *p, flags;
822 tRW_I93_CB* p_i93 = &rw_cb.tcb.i93;
823
824 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
825
826 p_cmd = (NFC_HDR*)GKI_getpoolbuf(NFC_RW_POOL_ID);
827
828 if (!p_cmd) {
829 LOG(ERROR) << StringPrintf("Cannot allocate buffer");
830 return NFC_STATUS_NO_BUFFERS;
831 }
832
833 p_cmd->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE;
834 if (p_i93->addr_mode == RW_I93_MODE_ADDRESSED)
835 p_cmd->len = 11;
836 else
837 p_cmd->len = 3;
838 p = (uint8_t*)(p_cmd + 1) + p_cmd->offset;
839
840 /* Flags */
841 if (p_i93->addr_mode == RW_I93_MODE_ADDRESSED) {
842 flags = (I93_FLAG_ADDRESS_SET | RW_I93_FLAG_SUB_CARRIER |
843 RW_I93_FLAG_DATA_RATE);
844 } else {
845 flags = (RW_I93_FLAG_SUB_CARRIER | RW_I93_FLAG_DATA_RATE);
846
847 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_SELECTED_STATE)
848 flags |= I93_FLAG_SELECT_SET;
849 }
850 if (read_security) flags |= I93_FLAG_OPTION_SET;
851
852 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_16BIT_NUM_BLOCK)
853 flags |= I93_FLAG_PROT_EXT_YES;
854
855 UINT8_TO_STREAM(p, flags);
856
857 /* Command Code */
858 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS) {
859 UINT8_TO_STREAM(p, I93_CMD_EXT_READ_SINGLE_BLOCK);
860 } else {
861 UINT8_TO_STREAM(p, I93_CMD_READ_SINGLE_BLOCK);
862 }
863
864 /* Parameters */
865 if (flags & I93_FLAG_ADDRESS_SET)
866 ARRAY8_TO_STREAM(p, rw_cb.tcb.i93.uid); /* UID */
867
868 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_16BIT_NUM_BLOCK ||
869 rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS) {
870 UINT16_TO_STREAM(p, block_number); /* Block number */
871 p_cmd->len++;
872 } else {
873 UINT8_TO_STREAM(p, block_number); /* Block number */
874 }
875
876 if (rw_i93_send_to_lower(p_cmd)) {
877 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS)
878 rw_cb.tcb.i93.sent_cmd = I93_CMD_EXT_READ_SINGLE_BLOCK;
879 else
880 rw_cb.tcb.i93.sent_cmd = I93_CMD_READ_SINGLE_BLOCK;
881 return NFC_STATUS_OK;
882 } else {
883 return NFC_STATUS_FAILED;
884 }
885 }
886
887 /*******************************************************************************
888 **
889 ** Function rw_i93_send_cmd_write_single_block
890 **
891 ** Description Send Write Single Block Request to VICC
892 **
893 ** Returns tNFC_STATUS
894 **
895 *******************************************************************************/
rw_i93_send_cmd_write_single_block(uint16_t block_number,uint8_t * p_data)896 tNFC_STATUS rw_i93_send_cmd_write_single_block(uint16_t block_number,
897 uint8_t* p_data) {
898 NFC_HDR* p_cmd;
899 uint8_t *p, flags;
900 tRW_I93_CB* p_i93 = &rw_cb.tcb.i93;
901
902 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
903
904 p_cmd = (NFC_HDR*)GKI_getpoolbuf(NFC_RW_POOL_ID);
905
906 if (!p_cmd) {
907 LOG(ERROR) << StringPrintf("Cannot allocate buffer");
908 return NFC_STATUS_NO_BUFFERS;
909 }
910
911 p_cmd->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE;
912 if (p_i93->addr_mode == RW_I93_MODE_ADDRESSED)
913 p_cmd->len = 11 + rw_cb.tcb.i93.block_size;
914 else
915 p_cmd->len = 3 + rw_cb.tcb.i93.block_size;
916 p = (uint8_t*)(p_cmd + 1) + p_cmd->offset;
917
918 /* Flags */
919 if ((rw_cb.tcb.i93.product_version == RW_I93_TAG_IT_HF_I_PLUS_INLAY) ||
920 (rw_cb.tcb.i93.product_version == RW_I93_TAG_IT_HF_I_PLUS_CHIP) ||
921 (rw_cb.tcb.i93.product_version == RW_I93_TAG_IT_HF_I_STD_CHIP_INLAY) ||
922 (rw_cb.tcb.i93.product_version == RW_I93_TAG_IT_HF_I_PRO_CHIP_INLAY)) {
923 /* Option must be set for TI tag */
924 flags = (I93_FLAG_ADDRESS_SET | I93_FLAG_OPTION_SET |
925 RW_I93_FLAG_SUB_CARRIER | RW_I93_FLAG_DATA_RATE);
926 } else {
927 if (p_i93->addr_mode == RW_I93_MODE_ADDRESSED) {
928 flags = (I93_FLAG_ADDRESS_SET | RW_I93_FLAG_SUB_CARRIER |
929 RW_I93_FLAG_DATA_RATE);
930 } else {
931 flags = (RW_I93_FLAG_SUB_CARRIER | RW_I93_FLAG_DATA_RATE);
932 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_SELECTED_STATE)
933 flags |= I93_FLAG_SELECT_SET;
934 }
935
936 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_SPECIAL_FRAME) {
937 /* Option Flag bit must be set */
938 flags |= I93_FLAG_OPTION_SET;
939 }
940 }
941
942 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_16BIT_NUM_BLOCK)
943 flags |= I93_FLAG_PROT_EXT_YES;
944
945 UINT8_TO_STREAM(p, flags);
946
947 /* Command Code */
948 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS) {
949 UINT8_TO_STREAM(p, I93_CMD_EXT_WRITE_SINGLE_BLOCK);
950 } else {
951 UINT8_TO_STREAM(p, I93_CMD_WRITE_SINGLE_BLOCK);
952 }
953
954 /* Parameters */
955 if (flags & I93_FLAG_ADDRESS_SET)
956 ARRAY8_TO_STREAM(p, rw_cb.tcb.i93.uid); /* UID */
957
958 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_16BIT_NUM_BLOCK ||
959 rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS) {
960 UINT16_TO_STREAM(p, block_number); /* Block number */
961 p_cmd->len++;
962 } else {
963 UINT8_TO_STREAM(p, block_number); /* Block number */
964 }
965
966 /* Data */
967 ARRAY_TO_STREAM(p, p_data, rw_cb.tcb.i93.block_size);
968
969 if (rw_i93_send_to_lower(p_cmd)) {
970 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS)
971 rw_cb.tcb.i93.sent_cmd = I93_CMD_EXT_WRITE_SINGLE_BLOCK;
972 else
973 rw_cb.tcb.i93.sent_cmd = I93_CMD_WRITE_SINGLE_BLOCK;
974 return NFC_STATUS_OK;
975 } else {
976 return NFC_STATUS_FAILED;
977 }
978 }
979
980 /*******************************************************************************
981 **
982 ** Function rw_i93_send_cmd_lock_block
983 **
984 ** Description Send Lock Block Request to VICC
985 **
986 ** STM LRIS64K, M24LR64-R, M24LR04E-R, M24LR16E-R, M24LR64E-R,
987 ** M24LR16D-W do not support.
988 **
989 ** Returns tNFC_STATUS
990 **
991 *******************************************************************************/
rw_i93_send_cmd_lock_block(uint16_t block_number)992 tNFC_STATUS rw_i93_send_cmd_lock_block(uint16_t block_number) {
993 NFC_HDR* p_cmd;
994 uint8_t* p;
995 tRW_I93_CB* p_i93 = &rw_cb.tcb.i93;
996 uint8_t flags;
997
998 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
999
1000 p_cmd = (NFC_HDR*)GKI_getpoolbuf(NFC_RW_POOL_ID);
1001
1002 if (!p_cmd) {
1003 LOG(ERROR) << StringPrintf("Cannot allocate buffer");
1004 return NFC_STATUS_NO_BUFFERS;
1005 }
1006
1007 p_cmd->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE;
1008 if (p_i93->addr_mode == RW_I93_MODE_ADDRESSED)
1009 p_cmd->len = 11;
1010 else
1011 p_cmd->len = 3;
1012 p = (uint8_t*)(p_cmd + 1) + p_cmd->offset;
1013
1014 /* Flags */
1015 if ((rw_cb.tcb.i93.product_version == RW_I93_TAG_IT_HF_I_PLUS_INLAY) ||
1016 (rw_cb.tcb.i93.product_version == RW_I93_TAG_IT_HF_I_PLUS_CHIP) ||
1017 (rw_cb.tcb.i93.product_version == RW_I93_TAG_IT_HF_I_STD_CHIP_INLAY) ||
1018 (rw_cb.tcb.i93.product_version == RW_I93_TAG_IT_HF_I_PRO_CHIP_INLAY)) {
1019 /* Option must be set for TI tag */
1020 UINT8_TO_STREAM(p, (I93_FLAG_ADDRESS_SET | I93_FLAG_OPTION_SET |
1021 RW_I93_FLAG_SUB_CARRIER | RW_I93_FLAG_DATA_RATE));
1022 } else {
1023 if (p_i93->addr_mode == RW_I93_MODE_ADDRESSED) {
1024 /* Address Mode Selector must be set */
1025 flags = I93_FLAG_ADDRESS_SET | RW_I93_FLAG_SUB_CARRIER |
1026 RW_I93_FLAG_DATA_RATE;
1027 } else {
1028 flags = RW_I93_FLAG_SUB_CARRIER | RW_I93_FLAG_DATA_RATE;
1029
1030 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_SELECTED_STATE)
1031 flags |= I93_FLAG_SELECT_SET;
1032 }
1033 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_SPECIAL_FRAME) {
1034 /* Option Flag bit must be set */
1035 flags |= I93_FLAG_OPTION_SET;
1036 }
1037 UINT8_TO_STREAM(p, flags);
1038 }
1039
1040 /* Command Code */
1041 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS) {
1042 UINT8_TO_STREAM(p, I93_CMD_EXT_LOCK_BLOCK);
1043 } else {
1044 UINT8_TO_STREAM(p, I93_CMD_LOCK_BLOCK);
1045 }
1046
1047 /* Parameters */
1048 if (p_i93->addr_mode == RW_I93_MODE_ADDRESSED)
1049 ARRAY8_TO_STREAM(p, rw_cb.tcb.i93.uid); /* UID */
1050
1051 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS) {
1052 UINT16_TO_STREAM(p, block_number); /* Block number */
1053 p_cmd->len++;
1054 } else {
1055 UINT8_TO_STREAM(p, block_number); /* Block number */
1056 }
1057
1058 if (rw_i93_send_to_lower(p_cmd)) {
1059 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS)
1060 rw_cb.tcb.i93.sent_cmd = I93_CMD_EXT_LOCK_BLOCK;
1061 else
1062 rw_cb.tcb.i93.sent_cmd = I93_CMD_LOCK_BLOCK;
1063 return NFC_STATUS_OK;
1064 } else {
1065 return NFC_STATUS_FAILED;
1066 }
1067 }
1068
1069 /*******************************************************************************
1070 **
1071 ** Function rw_i93_send_cmd_read_multi_blocks
1072 **
1073 ** Description Send Read Multiple Blocks Request to VICC
1074 **
1075 ** Returns tNFC_STATUS
1076 **
1077 *******************************************************************************/
rw_i93_send_cmd_read_multi_blocks(uint16_t first_block_number,uint16_t number_blocks)1078 tNFC_STATUS rw_i93_send_cmd_read_multi_blocks(uint16_t first_block_number,
1079 uint16_t number_blocks) {
1080 NFC_HDR* p_cmd;
1081 uint8_t *p, flags;
1082 tRW_I93_CB* p_i93 = &rw_cb.tcb.i93;
1083
1084 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
1085
1086 p_cmd = (NFC_HDR*)GKI_getpoolbuf(NFC_RW_POOL_ID);
1087
1088 if (!p_cmd) {
1089 LOG(ERROR) << StringPrintf("Cannot allocate buffer");
1090 return NFC_STATUS_NO_BUFFERS;
1091 }
1092
1093 p_cmd->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE;
1094 if (p_i93->addr_mode == RW_I93_MODE_ADDRESSED)
1095 p_cmd->len = 12;
1096 else
1097 p_cmd->len = 4;
1098 p = (uint8_t*)(p_cmd + 1) + p_cmd->offset;
1099
1100 /* Flags */
1101 if (p_i93->addr_mode == RW_I93_MODE_ADDRESSED) {
1102 flags = (I93_FLAG_ADDRESS_SET | RW_I93_FLAG_SUB_CARRIER |
1103 RW_I93_FLAG_DATA_RATE);
1104 } else {
1105 flags = (RW_I93_FLAG_SUB_CARRIER | RW_I93_FLAG_DATA_RATE);
1106
1107 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_SELECTED_STATE)
1108 flags |= I93_FLAG_SELECT_SET;
1109 }
1110
1111 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_16BIT_NUM_BLOCK) {
1112 flags |= I93_FLAG_PROT_EXT_YES;
1113 }
1114
1115 UINT8_TO_STREAM(p, flags);
1116
1117 /* Command Code */
1118 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS) {
1119 UINT8_TO_STREAM(p, I93_CMD_EXT_READ_MULTI_BLOCK);
1120 } else {
1121 UINT8_TO_STREAM(p, I93_CMD_READ_MULTI_BLOCK);
1122 }
1123
1124 /* Parameters */
1125 if (flags & I93_FLAG_ADDRESS_SET)
1126 ARRAY8_TO_STREAM(p, rw_cb.tcb.i93.uid); /* UID */
1127
1128 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_16BIT_NUM_BLOCK ||
1129 rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS) {
1130 UINT16_TO_STREAM(p, first_block_number); /* First block number */
1131 p_cmd->len++;
1132 } else {
1133 UINT8_TO_STREAM(p, first_block_number); /* First block number */
1134 }
1135
1136 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS) {
1137 UINT16_TO_STREAM(
1138 p, number_blocks - 1); /* Number of blocks, 0x00 to read one block */
1139 p_cmd->len++;
1140 } else {
1141 UINT8_TO_STREAM(
1142 p, number_blocks - 1); /* Number of blocks, 0x00 to read one block */
1143 }
1144
1145 if (rw_i93_send_to_lower(p_cmd)) {
1146 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS)
1147 rw_cb.tcb.i93.sent_cmd = I93_CMD_EXT_READ_MULTI_BLOCK;
1148 else
1149 rw_cb.tcb.i93.sent_cmd = I93_CMD_READ_MULTI_BLOCK;
1150 return NFC_STATUS_OK;
1151 } else {
1152 return NFC_STATUS_FAILED;
1153 }
1154 }
1155
1156 /*******************************************************************************
1157 **
1158 ** Function rw_i93_send_cmd_write_multi_blocks
1159 **
1160 ** Description Send Write Multiple Blocks Request to VICC
1161 **
1162 ** Returns tNFC_STATUS
1163 **
1164 *******************************************************************************/
rw_i93_send_cmd_write_multi_blocks(uint16_t first_block_number,uint16_t number_blocks,uint8_t * p_data)1165 tNFC_STATUS rw_i93_send_cmd_write_multi_blocks(uint16_t first_block_number,
1166 uint16_t number_blocks,
1167 uint8_t* p_data) {
1168 NFC_HDR* p_cmd;
1169 uint8_t* p;
1170
1171 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
1172
1173 if (number_blocks * rw_cb.tcb.i93.block_size >
1174 GKI_get_pool_bufsize(NFC_RW_POOL_ID) - NCI_MSG_OFFSET_SIZE -
1175 NCI_DATA_HDR_SIZE - 1 -
1176 (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS ? 2 : 0) - 12) {
1177 android_errorWriteLog(0x534e4554, "157650365");
1178 return NFC_STATUS_FAILED;
1179 }
1180 p_cmd = (NFC_HDR*)GKI_getpoolbuf(NFC_RW_POOL_ID);
1181
1182 if (!p_cmd) {
1183 LOG(ERROR) << StringPrintf("Cannot allocate buffer");
1184 return NFC_STATUS_NO_BUFFERS;
1185 }
1186
1187 p_cmd->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE;
1188 p_cmd->len = 12 + number_blocks * rw_cb.tcb.i93.block_size;
1189 p = (uint8_t*)(p_cmd + 1) + p_cmd->offset;
1190
1191 /* Flags */
1192 UINT8_TO_STREAM(p, (I93_FLAG_ADDRESS_SET | RW_I93_FLAG_SUB_CARRIER |
1193 RW_I93_FLAG_DATA_RATE));
1194
1195 /* Command Code */
1196 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS) {
1197 INT8_TO_STREAM(p, I93_CMD_EXT_WRITE_MULTI_BLOCK);
1198 } else {
1199 UINT8_TO_STREAM(p, I93_CMD_WRITE_MULTI_BLOCK);
1200 }
1201
1202 /* Parameters */
1203 ARRAY8_TO_STREAM(p, rw_cb.tcb.i93.uid); /* UID */
1204 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS) {
1205 UINT16_TO_STREAM(p, first_block_number); /* Block number */
1206 UINT16_TO_STREAM(
1207 p, number_blocks - 1); /* Number of blocks, 0x00 to read one block */
1208 p_cmd->len += 2;
1209 } else {
1210 UINT8_TO_STREAM(p, first_block_number); /* Block number */
1211 UINT8_TO_STREAM(
1212 p, number_blocks - 1); /* Number of blocks, 0x00 to read one block */
1213 }
1214
1215 /* Data */
1216 ARRAY_TO_STREAM(p, p_data, number_blocks * rw_cb.tcb.i93.block_size);
1217
1218 if (rw_i93_send_to_lower(p_cmd)) {
1219 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS)
1220 rw_cb.tcb.i93.sent_cmd = I93_CMD_EXT_WRITE_MULTI_BLOCK;
1221 else
1222 rw_cb.tcb.i93.sent_cmd = I93_CMD_WRITE_MULTI_BLOCK;
1223 return NFC_STATUS_OK;
1224 } else {
1225 return NFC_STATUS_FAILED;
1226 }
1227 }
1228
1229 /*******************************************************************************
1230 **
1231 ** Function rw_i93_send_cmd_select
1232 **
1233 ** Description Send Select Request to VICC
1234 **
1235 ** Returns tNFC_STATUS
1236 **
1237 *******************************************************************************/
rw_i93_send_cmd_select(uint8_t * p_uid)1238 tNFC_STATUS rw_i93_send_cmd_select(uint8_t* p_uid) {
1239 NFC_HDR* p_cmd;
1240 uint8_t* p;
1241
1242 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
1243
1244 p_cmd = (NFC_HDR*)GKI_getpoolbuf(NFC_RW_POOL_ID);
1245
1246 if (!p_cmd) {
1247 LOG(ERROR) << StringPrintf("Cannot allocate buffer");
1248 return NFC_STATUS_NO_BUFFERS;
1249 }
1250
1251 p_cmd->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE;
1252 p_cmd->len = 10;
1253 p = (uint8_t*)(p_cmd + 1) + p_cmd->offset;
1254
1255 /* Flags */
1256 UINT8_TO_STREAM(p, (I93_FLAG_ADDRESS_SET | RW_I93_FLAG_SUB_CARRIER |
1257 RW_I93_FLAG_DATA_RATE));
1258
1259 /* Command Code */
1260 UINT8_TO_STREAM(p, I93_CMD_SELECT);
1261
1262 /* Parameters */
1263 /* Beware the UID is provided with the same order as the transmission
1264 one (LSB first) */
1265 ARRAY_TO_STREAM(p, p_uid, I93_UID_BYTE_LEN); /* UID */
1266
1267 if (rw_i93_send_to_lower(p_cmd)) {
1268 rw_cb.tcb.i93.sent_cmd = I93_CMD_SELECT;
1269 return NFC_STATUS_OK;
1270 } else {
1271 return NFC_STATUS_FAILED;
1272 }
1273 }
1274
1275 /*******************************************************************************
1276 **
1277 ** Function rw_i93_send_cmd_reset_to_ready
1278 **
1279 ** Description Send Reset to Ready Request to VICC
1280 **
1281 ** Returns tNFC_STATUS
1282 **
1283 *******************************************************************************/
rw_i93_send_cmd_reset_to_ready(void)1284 tNFC_STATUS rw_i93_send_cmd_reset_to_ready(void) {
1285 NFC_HDR* p_cmd;
1286 uint8_t* p;
1287
1288 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
1289
1290 p_cmd = (NFC_HDR*)GKI_getpoolbuf(NFC_RW_POOL_ID);
1291
1292 if (!p_cmd) {
1293 LOG(ERROR) << StringPrintf("Cannot allocate buffer");
1294 return NFC_STATUS_NO_BUFFERS;
1295 }
1296
1297 p_cmd->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE;
1298 p_cmd->len = 10;
1299 p = (uint8_t*)(p_cmd + 1) + p_cmd->offset;
1300
1301 /* Flags */
1302 UINT8_TO_STREAM(p, (I93_FLAG_ADDRESS_SET | RW_I93_FLAG_SUB_CARRIER |
1303 RW_I93_FLAG_DATA_RATE));
1304
1305 /* Command Code */
1306 UINT8_TO_STREAM(p, I93_CMD_RESET_TO_READY);
1307
1308 /* Parameters */
1309 ARRAY8_TO_STREAM(p, rw_cb.tcb.i93.uid); /* UID */
1310
1311 if (rw_i93_send_to_lower(p_cmd)) {
1312 rw_cb.tcb.i93.sent_cmd = I93_CMD_RESET_TO_READY;
1313 return NFC_STATUS_OK;
1314 } else {
1315 return NFC_STATUS_FAILED;
1316 }
1317 }
1318
1319 /*******************************************************************************
1320 **
1321 ** Function rw_i93_send_cmd_write_afi
1322 **
1323 ** Description Send Write AFI Request to VICC
1324 **
1325 ** Returns tNFC_STATUS
1326 **
1327 *******************************************************************************/
rw_i93_send_cmd_write_afi(uint8_t afi)1328 tNFC_STATUS rw_i93_send_cmd_write_afi(uint8_t afi) {
1329 NFC_HDR* p_cmd;
1330 uint8_t* p;
1331
1332 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
1333
1334 p_cmd = (NFC_HDR*)GKI_getpoolbuf(NFC_RW_POOL_ID);
1335
1336 if (!p_cmd) {
1337 LOG(ERROR) << StringPrintf("Cannot allocate buffer");
1338 return NFC_STATUS_NO_BUFFERS;
1339 }
1340
1341 p_cmd->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE;
1342 p_cmd->len = 11;
1343 p = (uint8_t*)(p_cmd + 1) + p_cmd->offset;
1344
1345 /* Flags */
1346 UINT8_TO_STREAM(p, (I93_FLAG_ADDRESS_SET | RW_I93_FLAG_SUB_CARRIER |
1347 RW_I93_FLAG_DATA_RATE));
1348
1349 /* Command Code */
1350 UINT8_TO_STREAM(p, I93_CMD_WRITE_AFI);
1351
1352 /* Parameters */
1353 ARRAY8_TO_STREAM(p, rw_cb.tcb.i93.uid); /* UID */
1354 UINT8_TO_STREAM(p, afi); /* AFI */
1355
1356 if (rw_i93_send_to_lower(p_cmd)) {
1357 rw_cb.tcb.i93.sent_cmd = I93_CMD_WRITE_AFI;
1358 return NFC_STATUS_OK;
1359 } else {
1360 return NFC_STATUS_FAILED;
1361 }
1362 }
1363
1364 /*******************************************************************************
1365 **
1366 ** Function rw_i93_send_cmd_lock_afi
1367 **
1368 ** Description Send Lock AFI Request to VICC
1369 **
1370 ** Returns tNFC_STATUS
1371 **
1372 *******************************************************************************/
rw_i93_send_cmd_lock_afi(void)1373 tNFC_STATUS rw_i93_send_cmd_lock_afi(void) {
1374 NFC_HDR* p_cmd;
1375 uint8_t* p;
1376
1377 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
1378
1379 p_cmd = (NFC_HDR*)GKI_getpoolbuf(NFC_RW_POOL_ID);
1380
1381 if (!p_cmd) {
1382 LOG(ERROR) << StringPrintf("Cannot allocate buffer");
1383 return NFC_STATUS_NO_BUFFERS;
1384 }
1385
1386 p_cmd->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE;
1387 p_cmd->len = 10;
1388 p = (uint8_t*)(p_cmd + 1) + p_cmd->offset;
1389
1390 /* Flags */
1391 UINT8_TO_STREAM(p, (I93_FLAG_ADDRESS_SET | RW_I93_FLAG_SUB_CARRIER |
1392 RW_I93_FLAG_DATA_RATE));
1393
1394 /* Command Code */
1395 UINT8_TO_STREAM(p, I93_CMD_LOCK_AFI);
1396
1397 /* Parameters */
1398 ARRAY8_TO_STREAM(p, rw_cb.tcb.i93.uid); /* UID */
1399
1400 if (rw_i93_send_to_lower(p_cmd)) {
1401 rw_cb.tcb.i93.sent_cmd = I93_CMD_LOCK_AFI;
1402 return NFC_STATUS_OK;
1403 } else {
1404 return NFC_STATUS_FAILED;
1405 }
1406 }
1407
1408 /*******************************************************************************
1409 **
1410 ** Function rw_i93_send_cmd_write_dsfid
1411 **
1412 ** Description Send Write DSFID Request to VICC
1413 **
1414 ** Returns tNFC_STATUS
1415 **
1416 *******************************************************************************/
rw_i93_send_cmd_write_dsfid(uint8_t dsfid)1417 tNFC_STATUS rw_i93_send_cmd_write_dsfid(uint8_t dsfid) {
1418 NFC_HDR* p_cmd;
1419 uint8_t* p;
1420
1421 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
1422
1423 p_cmd = (NFC_HDR*)GKI_getpoolbuf(NFC_RW_POOL_ID);
1424
1425 if (!p_cmd) {
1426 LOG(ERROR) << StringPrintf("Cannot allocate buffer");
1427 return NFC_STATUS_NO_BUFFERS;
1428 }
1429
1430 p_cmd->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE;
1431 p_cmd->len = 11;
1432 p = (uint8_t*)(p_cmd + 1) + p_cmd->offset;
1433
1434 /* Flags */
1435 UINT8_TO_STREAM(p, (I93_FLAG_ADDRESS_SET | RW_I93_FLAG_SUB_CARRIER |
1436 RW_I93_FLAG_DATA_RATE));
1437
1438 /* Command Code */
1439 UINT8_TO_STREAM(p, I93_CMD_WRITE_DSFID);
1440
1441 /* Parameters */
1442 ARRAY8_TO_STREAM(p, rw_cb.tcb.i93.uid); /* UID */
1443 UINT8_TO_STREAM(p, dsfid); /* DSFID */
1444
1445 if (rw_i93_send_to_lower(p_cmd)) {
1446 rw_cb.tcb.i93.sent_cmd = I93_CMD_WRITE_DSFID;
1447 return NFC_STATUS_OK;
1448 } else {
1449 return NFC_STATUS_FAILED;
1450 }
1451 }
1452
1453 /*******************************************************************************
1454 **
1455 ** Function rw_i93_send_cmd_lock_dsfid
1456 **
1457 ** Description Send Lock DSFID Request to VICC
1458 **
1459 ** Returns tNFC_STATUS
1460 **
1461 *******************************************************************************/
rw_i93_send_cmd_lock_dsfid(void)1462 tNFC_STATUS rw_i93_send_cmd_lock_dsfid(void) {
1463 NFC_HDR* p_cmd;
1464 uint8_t* p;
1465
1466 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
1467
1468 p_cmd = (NFC_HDR*)GKI_getpoolbuf(NFC_RW_POOL_ID);
1469
1470 if (!p_cmd) {
1471 LOG(ERROR) << StringPrintf("Cannot allocate buffer");
1472 return NFC_STATUS_NO_BUFFERS;
1473 }
1474
1475 p_cmd->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE;
1476 p_cmd->len = 10;
1477 p = (uint8_t*)(p_cmd + 1) + p_cmd->offset;
1478
1479 /* Flags */
1480 UINT8_TO_STREAM(p, (I93_FLAG_ADDRESS_SET | RW_I93_FLAG_SUB_CARRIER |
1481 RW_I93_FLAG_DATA_RATE));
1482
1483 /* Command Code */
1484 UINT8_TO_STREAM(p, I93_CMD_LOCK_DSFID);
1485
1486 /* Parameters */
1487 ARRAY8_TO_STREAM(p, rw_cb.tcb.i93.uid); /* UID */
1488
1489 if (rw_i93_send_to_lower(p_cmd)) {
1490 rw_cb.tcb.i93.sent_cmd = I93_CMD_LOCK_DSFID;
1491 return NFC_STATUS_OK;
1492 } else {
1493 return NFC_STATUS_FAILED;
1494 }
1495 }
1496
1497 /*******************************************************************************
1498 **
1499 ** Function rw_i93_send_cmd_get_ext_sys_info
1500 **
1501 ** Description Send Get Extended System Information Request to VICC
1502 **
1503 ** Returns tNFC_STATUS
1504 **
1505 *******************************************************************************/
rw_i93_send_cmd_get_ext_sys_info(uint8_t * p_uid)1506 tNFC_STATUS rw_i93_send_cmd_get_ext_sys_info(uint8_t* p_uid) {
1507 NFC_HDR* p_cmd;
1508 uint8_t* p;
1509
1510 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
1511
1512 p_cmd = (NFC_HDR*)GKI_getpoolbuf(NFC_RW_POOL_ID);
1513
1514 if (!p_cmd) {
1515 DLOG_IF(INFO, nfc_debug_enabled) << __func__ << "Cannot allocate buffer";
1516 return NFC_STATUS_NO_BUFFERS;
1517 }
1518
1519 p_cmd->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE;
1520 p_cmd->len = 11;
1521 p = (uint8_t*)(p_cmd + 1) + p_cmd->offset;
1522
1523 /* Flags */
1524 UINT8_TO_STREAM(p, (I93_FLAG_ADDRESS_SET | RW_I93_FLAG_SUB_CARRIER |
1525 RW_I93_FLAG_DATA_RATE));
1526
1527 /* Command Code */
1528 UINT8_TO_STREAM(p, I93_CMD_EXT_GET_SYS_INFO);
1529
1530 /* Parameters request field */
1531 UINT8_TO_STREAM(p,
1532 (I93_INFO_FLAG_MOI | I93_INFO_FLAG_DSFID | I93_INFO_FLAG_AFI |
1533 I93_INFO_FLAG_MEM_SIZE | I93_INFO_FLAG_IC_REF));
1534
1535 /* Parameters */
1536 if (p_uid) {
1537 ARRAY8_TO_STREAM(p, p_uid); /* UID */
1538 } else {
1539 ARRAY8_TO_STREAM(p, rw_cb.tcb.i93.uid); /* UID */
1540 }
1541
1542 if (rw_i93_send_to_lower(p_cmd)) {
1543 rw_cb.tcb.i93.sent_cmd = I93_CMD_EXT_GET_SYS_INFO;
1544 return NFC_STATUS_OK;
1545 } else {
1546 return NFC_STATUS_FAILED;
1547 }
1548 }
1549
1550 /*******************************************************************************
1551 **
1552 ** Function rw_i93_send_cmd_get_sys_info
1553 **
1554 ** Description Send Get System Information Request to VICC
1555 **
1556 ** Returns tNFC_STATUS
1557 **
1558 *******************************************************************************/
rw_i93_send_cmd_get_sys_info(uint8_t * p_uid,uint8_t extra_flags)1559 tNFC_STATUS rw_i93_send_cmd_get_sys_info(uint8_t* p_uid, uint8_t extra_flags) {
1560 NFC_HDR* p_cmd;
1561 uint8_t* p;
1562
1563 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
1564
1565 p_cmd = (NFC_HDR*)GKI_getpoolbuf(NFC_RW_POOL_ID);
1566
1567 if (!p_cmd) {
1568 LOG(ERROR) << StringPrintf("Cannot allocate buffer");
1569 return NFC_STATUS_NO_BUFFERS;
1570 }
1571
1572 p_cmd->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE;
1573 p_cmd->len = 10;
1574 p = (uint8_t*)(p_cmd + 1) + p_cmd->offset;
1575
1576 /* Flags */
1577 UINT8_TO_STREAM(p, (I93_FLAG_ADDRESS_SET | RW_I93_FLAG_SUB_CARRIER |
1578 RW_I93_FLAG_DATA_RATE | extra_flags));
1579
1580 /* Command Code */
1581 UINT8_TO_STREAM(p, I93_CMD_GET_SYS_INFO);
1582
1583 /* Parameters */
1584 if (p_uid) {
1585 ARRAY8_TO_STREAM(p, p_uid); /* UID */
1586 } else {
1587 ARRAY8_TO_STREAM(p, rw_cb.tcb.i93.uid); /* UID */
1588 }
1589
1590 if (rw_i93_send_to_lower(p_cmd)) {
1591 rw_cb.tcb.i93.sent_cmd = I93_CMD_GET_SYS_INFO;
1592 return NFC_STATUS_OK;
1593 } else {
1594 return NFC_STATUS_FAILED;
1595 }
1596 }
1597
1598 /*******************************************************************************
1599 **
1600 ** Function rw_i93_send_cmd_get_multi_block_sec
1601 **
1602 ** Description Send Get Multiple Block Security Status Request to VICC
1603 **
1604 ** Returns tNFC_STATUS
1605 **
1606 *******************************************************************************/
rw_i93_send_cmd_get_multi_block_sec(uint16_t first_block_number,uint16_t number_blocks)1607 tNFC_STATUS rw_i93_send_cmd_get_multi_block_sec(uint16_t first_block_number,
1608 uint16_t number_blocks) {
1609 NFC_HDR* p_cmd;
1610 uint8_t *p, flags;
1611
1612 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
1613
1614 p_cmd = (NFC_HDR*)GKI_getpoolbuf(NFC_RW_POOL_ID);
1615
1616 if (!p_cmd) {
1617 LOG(ERROR) << StringPrintf("Cannot allocate buffer");
1618 return NFC_STATUS_NO_BUFFERS;
1619 }
1620
1621 p_cmd->offset = NCI_MSG_OFFSET_SIZE + NCI_DATA_HDR_SIZE;
1622 p_cmd->len = 12;
1623 p = (uint8_t*)(p_cmd + 1) + p_cmd->offset;
1624
1625 /* Flags */
1626 flags =
1627 (I93_FLAG_ADDRESS_SET | RW_I93_FLAG_SUB_CARRIER | RW_I93_FLAG_DATA_RATE);
1628
1629 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_16BIT_NUM_BLOCK)
1630 flags |= I93_FLAG_PROT_EXT_YES;
1631
1632 UINT8_TO_STREAM(p, flags);
1633
1634 /* Command Code */
1635 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS) {
1636 UINT8_TO_STREAM(p, I93_CMD_EXT_GET_MULTI_BLK_SEC);
1637 } else {
1638 UINT8_TO_STREAM(p, I93_CMD_GET_MULTI_BLK_SEC);
1639 }
1640
1641 /* Parameters */
1642 ARRAY8_TO_STREAM(p, rw_cb.tcb.i93.uid); /* UID */
1643
1644 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_16BIT_NUM_BLOCK ||
1645 rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS) {
1646 UINT16_TO_STREAM(p, first_block_number); /* First block number */
1647 UINT16_TO_STREAM(
1648 p, number_blocks - 1); /* Number of blocks, 0x00 to read one block */
1649 p_cmd->len += 2;
1650 } else {
1651 UINT8_TO_STREAM(p, first_block_number); /* First block number */
1652 UINT8_TO_STREAM(
1653 p, number_blocks - 1); /* Number of blocks, 0x00 to read one block */
1654 }
1655
1656 if (rw_i93_send_to_lower(p_cmd)) {
1657 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_EXT_COMMANDS)
1658 rw_cb.tcb.i93.sent_cmd = I93_CMD_EXT_GET_MULTI_BLK_SEC;
1659 else
1660 rw_cb.tcb.i93.sent_cmd = I93_CMD_GET_MULTI_BLK_SEC;
1661 return NFC_STATUS_OK;
1662 } else {
1663 return NFC_STATUS_FAILED;
1664 }
1665 }
1666
1667 /*******************************************************************************
1668 **
1669 ** Function rw_i93_get_next_blocks
1670 **
1671 ** Description Read as many blocks as possible (up to
1672 ** RW_I93_READ_MULTI_BLOCK_SIZE)
1673 **
1674 ** Returns tNFC_STATUS
1675 **
1676 *******************************************************************************/
rw_i93_get_next_blocks(uint16_t offset)1677 tNFC_STATUS rw_i93_get_next_blocks(uint16_t offset) {
1678 tRW_I93_CB* p_i93 = &rw_cb.tcb.i93;
1679 uint16_t first_block;
1680 uint16_t num_block;
1681
1682 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
1683
1684 first_block = offset / p_i93->block_size;
1685
1686 /* more blocks, more efficent but more error rate */
1687
1688 if (p_i93->intl_flags & RW_I93_FLAG_READ_MULTI_BLOCK) {
1689 num_block = RW_I93_READ_MULTI_BLOCK_SIZE / p_i93->block_size;
1690
1691 // first_block is an offset related to the beginning of the T5T_Area for T5T
1692 // tags but physical memory for ISO15693 tags
1693 if (p_i93->i93_t5t_mode == RW_I93_GET_SYS_INFO_MEM_INFO) {
1694 if (num_block + first_block > p_i93->num_block)
1695 num_block = p_i93->num_block - first_block;
1696 } else {
1697 if (num_block + first_block >
1698 p_i93->num_block + p_i93->t5t_area_start_block)
1699 num_block =
1700 p_i93->num_block - first_block + p_i93->t5t_area_start_block;
1701 }
1702
1703 if (p_i93->uid[1] == I93_UID_IC_MFG_CODE_STM) {
1704 /* LRIS64K, M24LR64-R, M24LR04E-R, M24LR16E-R, M24LR16D-W, M24LR64E-R
1705 ** require
1706 ** - The max number of blocks is 32 and they are all located in the
1707 ** same sector.
1708 ** - The sector is 32 blocks of 4 bytes.
1709 */
1710 if ((p_i93->product_version == RW_I93_STM_LRIS64K) ||
1711 (p_i93->product_version == RW_I93_STM_M24LR64_R) ||
1712 (p_i93->product_version == RW_I93_STM_M24LR04E_R) ||
1713 (p_i93->product_version == RW_I93_STM_M24LR16E_R) ||
1714 (p_i93->product_version == RW_I93_STM_M24LR16D_W) ||
1715 (p_i93->product_version == RW_I93_STM_M24LR64E_R)) {
1716 if (num_block > I93_STM_MAX_BLOCKS_PER_READ)
1717 num_block = I93_STM_MAX_BLOCKS_PER_READ;
1718
1719 if ((first_block / I93_STM_BLOCKS_PER_SECTOR) !=
1720 ((first_block + num_block - 1) / I93_STM_BLOCKS_PER_SECTOR)) {
1721 num_block = I93_STM_BLOCKS_PER_SECTOR -
1722 (first_block % I93_STM_BLOCKS_PER_SECTOR);
1723 }
1724 }
1725 }
1726
1727 if (p_i93->uid[1] == I93_UID_IC_MFG_CODE_ONS) {
1728 /* N24RF04, N24RF04E, N24RF16, N24RF16E, N24RF64, N24RF64E requires
1729 ** - The max number of blocks is 32 and they are all located in the
1730 ** same sector.
1731 ** - The sector is 32 blocks of 4 bytes.
1732 */
1733 if ((p_i93->product_version == RW_I93_ONS_N36RW02) ||
1734 (p_i93->product_version == RW_I93_ONS_N24RF04) ||
1735 (p_i93->product_version == RW_I93_ONS_N24RF04E) ||
1736 (p_i93->product_version == RW_I93_ONS_N24RF16) ||
1737 (p_i93->product_version == RW_I93_ONS_N24RF16E) ||
1738 (p_i93->product_version == RW_I93_ONS_N24RF64) ||
1739 (p_i93->product_version == RW_I93_ONS_N24RF64E)) {
1740 if (num_block > I93_ONS_MAX_BLOCKS_PER_READ)
1741 num_block = I93_ONS_MAX_BLOCKS_PER_READ;
1742
1743 if ((first_block / I93_ONS_BLOCKS_PER_SECTOR) !=
1744 ((first_block + num_block - 1) / I93_ONS_BLOCKS_PER_SECTOR)) {
1745 num_block = I93_ONS_BLOCKS_PER_SECTOR -
1746 (first_block % I93_ONS_BLOCKS_PER_SECTOR);
1747 }
1748 }
1749 }
1750
1751 if (num_block == 0) {
1752 /* only one remaining block to read */
1753 return rw_i93_send_cmd_read_single_block(first_block, false);
1754 }
1755
1756 return rw_i93_send_cmd_read_multi_blocks(first_block, num_block);
1757 } else {
1758 return rw_i93_send_cmd_read_single_block(first_block, false);
1759 }
1760 }
1761
1762 /*******************************************************************************
1763 **
1764 ** Function rw_i93_get_next_block_sec
1765 **
1766 ** Description Get as many security of blocks as possible from
1767 ** p_i93->rw_offset (up to RW_I93_GET_MULTI_BLOCK_SEC_SIZE)
1768 **
1769 ** Returns tNFC_STATUS
1770 **
1771 *******************************************************************************/
rw_i93_get_next_block_sec(void)1772 tNFC_STATUS rw_i93_get_next_block_sec(void) {
1773 tRW_I93_CB* p_i93 = &rw_cb.tcb.i93;
1774 uint16_t num_blocks;
1775
1776 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
1777
1778 if (p_i93->num_block <= p_i93->rw_offset) {
1779 LOG(ERROR) << StringPrintf(
1780 "rw_offset(0x%x) must be less than num_block(0x%x)", p_i93->rw_offset,
1781 p_i93->num_block);
1782 return NFC_STATUS_FAILED;
1783 }
1784
1785 num_blocks = p_i93->num_block - p_i93->rw_offset;
1786
1787 if (num_blocks > RW_I93_GET_MULTI_BLOCK_SEC_SIZE)
1788 num_blocks = RW_I93_GET_MULTI_BLOCK_SEC_SIZE;
1789
1790 DLOG_IF(INFO, nfc_debug_enabled)
1791 << StringPrintf("%s intl_flags=%d", __func__, rw_cb.tcb.i93.intl_flags);
1792 return rw_i93_send_cmd_get_multi_block_sec(p_i93->rw_offset, num_blocks);
1793 }
1794
1795 /*******************************************************************************
1796 **
1797 ** Function rw_i93_sm_detect_ndef
1798 **
1799 ** Description Process NDEF detection procedure
1800 **
1801 ** 1. Get UID if not having yet
1802 ** 2. Get System Info if not having yet
1803 ** 3. Read first block for CC
1804 ** 4. Search NDEF Type and length
1805 ** 5. Get block status to get max NDEF size and read-only
1806 ** status
1807 **
1808 ** Returns void
1809 **
1810 *******************************************************************************/
rw_i93_sm_detect_ndef(NFC_HDR * p_resp)1811 void rw_i93_sm_detect_ndef(NFC_HDR* p_resp) {
1812 uint8_t *p = (uint8_t*)(p_resp + 1) + p_resp->offset, *p_uid;
1813 uint8_t flags, u8 = 0, cc[4];
1814 uint16_t length = p_resp->len, xx, block, first_block, last_block, num_blocks;
1815 tRW_I93_CB* p_i93 = &rw_cb.tcb.i93;
1816 tRW_DATA rw_data;
1817 tNFC_STATUS status = NFC_STATUS_FAILED;
1818
1819 DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
1820 "%s - sub_state:%s (0x%x)", __func__,
1821 rw_i93_get_sub_state_name(p_i93->sub_state).c_str(), p_i93->sub_state);
1822
1823 if (length == 0) {
1824 android_errorWriteLog(0x534e4554, "121260197");
1825 rw_i93_handle_error(NFC_STATUS_FAILED);
1826 return;
1827 }
1828 STREAM_TO_UINT8(flags, p);
1829 length--;
1830
1831 if (flags & I93_FLAG_ERROR_DETECTED) {
1832 if ((length) && (rw_i93_check_sys_info_prot_ext(*p))) {
1833 /* getting system info with protocol extension flag */
1834 /* This STM & ONS tag supports more than 2040 bytes */
1835 p_i93->intl_flags |= RW_I93_FLAG_16BIT_NUM_BLOCK;
1836 } else {
1837 DLOG_IF(INFO, nfc_debug_enabled)
1838 << StringPrintf("%s - Got error flags (0x%02x)", __func__, flags);
1839 rw_i93_handle_error(NFC_STATUS_FAILED);
1840 }
1841 return;
1842 }
1843
1844 switch (p_i93->sub_state) {
1845 case RW_I93_SUBSTATE_WAIT_UID:
1846
1847 if (length < (I93_UID_BYTE_LEN + 1)) {
1848 android_errorWriteLog(0x534e4554, "121260197");
1849 rw_i93_handle_error(NFC_STATUS_FAILED);
1850 return;
1851 }
1852 STREAM_TO_UINT8(u8, p); /* DSFID */
1853 p_uid = p_i93->uid;
1854 STREAM_TO_ARRAY8(p_uid, p);
1855
1856 if (u8 != I93_DFS_UNSUPPORTED) {
1857 /* if Data Storage Format is unknown */
1858 DLOG_IF(INFO, nfc_debug_enabled)
1859 << StringPrintf("%s - Got unknown DSFID (0x%02x)", __func__, u8);
1860 rw_i93_handle_error(NFC_STATUS_FAILED);
1861 } else {
1862 /* get system information to get memory size */
1863 if (rw_i93_send_cmd_get_sys_info(nullptr, I93_FLAG_PROT_EXT_NO) ==
1864 NFC_STATUS_OK) {
1865 p_i93->sub_state = RW_I93_SUBSTATE_WAIT_SYS_INFO;
1866 } else {
1867 rw_i93_handle_error(NFC_STATUS_FAILED);
1868 }
1869 }
1870 break;
1871
1872 case RW_I93_SUBSTATE_WAIT_SYS_INFO:
1873
1874 p_i93->block_size = 0;
1875 p_i93->num_block = 0;
1876
1877 if (!rw_i93_process_sys_info(p, length)) {
1878 /* retrying with protocol extension flag */
1879 break;
1880 }
1881
1882 if ((p_i93->block_size == 0) || (p_i93->num_block == 0)) {
1883 DLOG_IF(INFO, nfc_debug_enabled)
1884 << StringPrintf("%s - Unable to get tag memory size", __func__);
1885 rw_i93_handle_error(status);
1886 } else {
1887 /* read CC in the first block */
1888 if (rw_i93_send_cmd_read_single_block(0x0000, false) == NFC_STATUS_OK) {
1889 p_i93->sub_state = RW_I93_SUBSTATE_WAIT_CC;
1890 } else {
1891 rw_i93_handle_error(NFC_STATUS_FAILED);
1892 }
1893 }
1894 break;
1895
1896 case RW_I93_SUBSTATE_WAIT_CC:
1897
1898 if (length < RW_I93_CC_SIZE) {
1899 android_errorWriteLog(0x534e4554, "139188579");
1900 rw_i93_handle_error(NFC_STATUS_FAILED);
1901 return;
1902 }
1903
1904 /* assume block size is more than RW_I93_CC_SIZE 4 */
1905 STREAM_TO_ARRAY(cc, p, RW_I93_CC_SIZE);
1906
1907 status = NFC_STATUS_FAILED;
1908
1909 /*
1910 ** Capability Container (CC)
1911 **
1912 ** CC[0] : magic number (0xE1)
1913 ** CC[1] : Bit 7-6:Major version number
1914 ** : Bit 5-4:Minor version number
1915 ** : Bit 3-2:Read access condition (00b: read access granted
1916 ** without any security)
1917 ** : Bit 1-0:Write access condition (00b: write access granted
1918 ** without any security)
1919 ** CC[2] : Memory size in 8 bytes (Ex. 0x04 is 32 bytes) [STM, ONS set
1920 ** to 0xFF if more than 2040bytes]
1921 ** CC[3] : Bit 0:Read multiple blocks is supported [NXP, STM, ONS]
1922 ** : Bit 1:Inventory page read is supported [NXP]
1923 ** : Bit 2:More than 2040 bytes are supported [STM, ONS]
1924 */
1925
1926 DLOG_IF(INFO, nfc_debug_enabled)
1927 << StringPrintf("%s - cc[0-3]: 0x%02X 0x%02X 0x%02X 0x%02X", __func__,
1928 cc[0], cc[1], cc[2], cc[3]);
1929
1930 DLOG_IF(INFO, nfc_debug_enabled)
1931 << StringPrintf("%s - Total blocks:0x%04X, Block size:0x%02X",
1932 __func__, p_i93->num_block, p_i93->block_size);
1933
1934 if ((cc[0] == I93_ICODE_CC_MAGIC_NUMER_E1) ||
1935 (cc[0] == I93_ICODE_CC_MAGIC_NUMER_E2)) {
1936 if ((cc[1] & 0xC0) > I93_VERSION_1_x) {
1937 DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
1938 "%s - Major mapping version above 1 %d.x", __func__, cc[1] >> 6);
1939 /* major mapping version above 1 not supported */
1940 rw_i93_handle_error(NFC_STATUS_FAILED);
1941 break;
1942 }
1943 if ((cc[1] & I93_ICODE_CC_READ_ACCESS_MASK) ==
1944 I93_ICODE_CC_READ_ACCESS_GRANTED) {
1945 if ((cc[1] & I93_ICODE_CC_WRITE_ACCESS_MASK) !=
1946 I93_ICODE_CC_WRITE_ACCESS_GRANTED) {
1947 /* read-only or password required to write */
1948 p_i93->intl_flags |= RW_I93_FLAG_READ_ONLY;
1949 }
1950 if (cc[3] & I93_ICODE_CC_MBREAD_MASK) {
1951 /* tag supports read multiple blocks command */
1952 p_i93->intl_flags |= RW_I93_FLAG_READ_MULTI_BLOCK;
1953 }
1954 if (cc[3] & I93_ICODE_CC_SPECIAL_FRAME_MASK) {
1955 /* tag supports Special Frame for Write-Alike commands */
1956 p_i93->intl_flags |= RW_I93_FLAG_SPECIAL_FRAME;
1957 }
1958 if (cc[0] == I93_ICODE_CC_MAGIC_NUMER_E2) {
1959 p_i93->intl_flags |= RW_I93_FLAG_EXT_COMMANDS;
1960 }
1961 status = NFC_STATUS_OK;
1962 }
1963 }
1964
1965 if (status == NFC_STATUS_OK) {
1966 /* seach NDEF TLV from offset 4 when CC file coded on 4 bytes NFC Forum
1967 */
1968 if (cc[2] != 0)
1969 p_i93->rw_offset = 4;
1970 else
1971 p_i93->rw_offset = 8;
1972
1973 if (rw_i93_get_next_blocks(p_i93->rw_offset) == NFC_STATUS_OK) {
1974 p_i93->sub_state = RW_I93_SUBSTATE_SEARCH_NDEF_TLV;
1975 p_i93->tlv_detect_state = RW_I93_TLV_DETECT_STATE_TYPE;
1976 } else {
1977 rw_i93_handle_error(NFC_STATUS_FAILED);
1978 }
1979 } else {
1980 rw_i93_handle_error(NFC_STATUS_FAILED);
1981 }
1982 break;
1983
1984 case RW_I93_SUBSTATE_SEARCH_NDEF_TLV:
1985
1986 /* search TLV within read blocks */
1987 for (xx = 0; xx < length; xx++) {
1988 /* if looking for type */
1989 if (p_i93->tlv_detect_state == RW_I93_TLV_DETECT_STATE_TYPE) {
1990 if (*(p + xx) == I93_ICODE_TLV_TYPE_NULL) {
1991 continue;
1992 } else if ((*(p + xx) == I93_ICODE_TLV_TYPE_NDEF) ||
1993 (*(p + xx) == I93_ICODE_TLV_TYPE_PROP)) {
1994 /* store found type and get length field */
1995 p_i93->tlv_type = *(p + xx);
1996 p_i93->ndef_tlv_start_offset = p_i93->rw_offset + xx;
1997
1998 p_i93->tlv_detect_state = RW_I93_TLV_DETECT_STATE_LENGTH_1;
1999 } else if (*(p + xx) == I93_ICODE_TLV_TYPE_TERM) {
2000 /* no NDEF TLV found */
2001 p_i93->tlv_type = I93_ICODE_TLV_TYPE_TERM;
2002 break;
2003 } else {
2004 DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
2005 "%s - Invalid type: 0x%02x", __func__, *(p + xx));
2006 rw_i93_handle_error(NFC_STATUS_FAILED);
2007 return;
2008 }
2009 } else if (p_i93->tlv_detect_state ==
2010 RW_I93_TLV_DETECT_STATE_LENGTH_1) {
2011 /* if 3 bytes length field */
2012 if (*(p + xx) == 0xFF) {
2013 /* need 2 more bytes for length field */
2014 p_i93->tlv_detect_state = RW_I93_TLV_DETECT_STATE_LENGTH_2;
2015 } else {
2016 p_i93->tlv_length = *(p + xx);
2017 p_i93->tlv_detect_state = RW_I93_TLV_DETECT_STATE_VALUE;
2018
2019 if (p_i93->tlv_type == I93_ICODE_TLV_TYPE_NDEF) {
2020 p_i93->ndef_tlv_last_offset =
2021 p_i93->ndef_tlv_start_offset + 1 + p_i93->tlv_length;
2022 break;
2023 }
2024 }
2025 } else if (p_i93->tlv_detect_state ==
2026 RW_I93_TLV_DETECT_STATE_LENGTH_2) {
2027 /* the second byte of 3 bytes length field */
2028 p_i93->tlv_length = *(p + xx);
2029 p_i93->tlv_detect_state = RW_I93_TLV_DETECT_STATE_LENGTH_3;
2030 } else if (p_i93->tlv_detect_state ==
2031 RW_I93_TLV_DETECT_STATE_LENGTH_3) {
2032 /* the last byte of 3 bytes length field */
2033 p_i93->tlv_length = (p_i93->tlv_length << 8) + *(p + xx);
2034 p_i93->tlv_detect_state = RW_I93_TLV_DETECT_STATE_VALUE;
2035
2036 if (p_i93->tlv_type == I93_ICODE_TLV_TYPE_NDEF) {
2037 p_i93->ndef_tlv_last_offset =
2038 p_i93->ndef_tlv_start_offset + 3 + p_i93->tlv_length;
2039 break;
2040 }
2041 } else if (p_i93->tlv_detect_state == RW_I93_TLV_DETECT_STATE_VALUE) {
2042 /* this is other than NDEF TLV */
2043 if (p_i93->tlv_length <= length - xx) {
2044 /* skip value field */
2045 xx += (uint8_t)p_i93->tlv_length;
2046 p_i93->tlv_detect_state = RW_I93_TLV_DETECT_STATE_TYPE;
2047 } else {
2048 /* read more data */
2049 p_i93->tlv_length -= (length - xx);
2050 break;
2051 }
2052 }
2053 }
2054
2055 /* found NDEF TLV and read length field */
2056 if ((p_i93->tlv_type == I93_ICODE_TLV_TYPE_NDEF) &&
2057 (p_i93->tlv_detect_state == RW_I93_TLV_DETECT_STATE_VALUE)) {
2058 p_i93->ndef_length = p_i93->tlv_length;
2059
2060 /* get lock status to see if read-only */
2061 if ((p_i93->product_version == RW_I93_TAG_IT_HF_I_STD_CHIP_INLAY) ||
2062 (p_i93->product_version == RW_I93_TAG_IT_HF_I_PRO_CHIP_INLAY) ||
2063 ((p_i93->uid[1] == I93_UID_IC_MFG_CODE_NXP) &&
2064 (p_i93->ic_reference & I93_ICODE_IC_REF_MBREAD_MASK))) {
2065 /* these doesn't support GetMultiBlockSecurityStatus */
2066
2067 p_i93->rw_offset = p_i93->ndef_tlv_start_offset;
2068 first_block = p_i93->ndef_tlv_start_offset / p_i93->block_size;
2069
2070 /* read block to get lock status */
2071 rw_i93_send_cmd_read_single_block(first_block, true);
2072 p_i93->sub_state = RW_I93_SUBSTATE_CHECK_LOCK_STATUS;
2073 } else {
2074 /* block offset for read-only check */
2075 p_i93->rw_offset = 0;
2076
2077 if (rw_i93_get_next_block_sec() == NFC_STATUS_OK) {
2078 p_i93->sub_state = RW_I93_SUBSTATE_CHECK_LOCK_STATUS;
2079 } else {
2080 rw_i93_handle_error(NFC_STATUS_FAILED);
2081 }
2082 }
2083 } else {
2084 /* read more data */
2085 p_i93->rw_offset += length;
2086
2087 if (p_i93->rw_offset >= p_i93->block_size * p_i93->num_block) {
2088 rw_i93_handle_error(NFC_STATUS_FAILED);
2089 } else if (rw_i93_get_next_blocks(p_i93->rw_offset) == NFC_STATUS_OK) {
2090 p_i93->sub_state = RW_I93_SUBSTATE_SEARCH_NDEF_TLV;
2091 } else {
2092 rw_i93_handle_error(NFC_STATUS_FAILED);
2093 }
2094 }
2095 break;
2096
2097 case RW_I93_SUBSTATE_CHECK_LOCK_STATUS:
2098
2099 if ((p_i93->product_version == RW_I93_TAG_IT_HF_I_STD_CHIP_INLAY) ||
2100 (p_i93->product_version == RW_I93_TAG_IT_HF_I_PRO_CHIP_INLAY) ||
2101 ((p_i93->uid[1] == I93_UID_IC_MFG_CODE_NXP) &&
2102 (p_i93->ic_reference & I93_ICODE_IC_REF_MBREAD_MASK))) {
2103 /* these doesn't support GetMultiBlockSecurityStatus */
2104
2105 block = (p_i93->rw_offset / p_i93->block_size);
2106 last_block = (p_i93->ndef_tlv_last_offset / p_i93->block_size);
2107
2108 if (length == 0) {
2109 rw_i93_handle_error(NFC_STATUS_FAILED);
2110 }
2111 if ((*p) & I93_BLOCK_LOCKED) {
2112 if (block <= last_block) {
2113 p_i93->intl_flags |= RW_I93_FLAG_READ_ONLY;
2114 }
2115 } else {
2116 /* if we need to check more user blocks */
2117 if (block + 1 < p_i93->num_block) {
2118 p_i93->rw_offset += p_i93->block_size;
2119
2120 /* read block to get lock status */
2121 rw_i93_send_cmd_read_single_block(
2122 (uint16_t)(p_i93->rw_offset / p_i93->block_size), true);
2123 break;
2124 }
2125 }
2126
2127 p_i93->max_ndef_length =
2128 p_i93->ndef_length
2129 /* add available bytes including the last block of NDEF TLV */
2130 + (p_i93->block_size * (block - last_block) + 1) -
2131 (p_i93->ndef_tlv_last_offset % p_i93->block_size) - 1;
2132 } else {
2133 if (p_i93->rw_offset == 0) {
2134 p_i93->max_ndef_length =
2135 p_i93->ndef_length
2136 /* add available bytes in the last block of NDEF TLV */
2137 + p_i93->block_size -
2138 (p_i93->ndef_tlv_last_offset % p_i93->block_size) - 1;
2139
2140 first_block = (p_i93->ndef_tlv_start_offset / p_i93->block_size);
2141 } else {
2142 first_block = 0;
2143 }
2144
2145 last_block = (p_i93->ndef_tlv_last_offset / p_i93->block_size);
2146 num_blocks = length;
2147
2148 for (block = first_block; block < num_blocks; block++) {
2149 /* if any block of NDEF TLV is locked */
2150 if ((block + p_i93->rw_offset) <= last_block) {
2151 if (*(p + block) & I93_BLOCK_LOCKED) {
2152 p_i93->intl_flags |= RW_I93_FLAG_READ_ONLY;
2153 break;
2154 }
2155 } else {
2156 if (*(p + block) & I93_BLOCK_LOCKED) {
2157 /* no more consecutive unlocked block */
2158 break;
2159 } else {
2160 /* add block size if not locked */
2161 p_i93->max_ndef_length += p_i93->block_size;
2162 }
2163 }
2164 }
2165
2166 /* update next security of block to check */
2167 p_i93->rw_offset += num_blocks;
2168
2169 /* if need to check more */
2170 if (p_i93->num_block > p_i93->rw_offset) {
2171 if (rw_i93_get_next_block_sec() != NFC_STATUS_OK) {
2172 rw_i93_handle_error(NFC_STATUS_FAILED);
2173 }
2174 break;
2175 }
2176 }
2177
2178 /* check if need to adjust max NDEF length */
2179 if ((p_i93->ndef_length < 0xFF) && (p_i93->max_ndef_length >= 0xFF)) {
2180 /* 3 bytes length field must be used */
2181 p_i93->max_ndef_length -= 2;
2182 }
2183
2184 rw_data.ndef.status = NFC_STATUS_OK;
2185 rw_data.ndef.protocol = NFC_PROTOCOL_T5T;
2186 rw_data.ndef.flags = 0;
2187 rw_data.ndef.flags |= RW_NDEF_FL_SUPPORTED;
2188 rw_data.ndef.flags |= RW_NDEF_FL_FORMATED;
2189 rw_data.ndef.flags |= RW_NDEF_FL_FORMATABLE;
2190 rw_data.ndef.cur_size = p_i93->ndef_length;
2191
2192 if (p_i93->intl_flags & RW_I93_FLAG_READ_ONLY) {
2193 rw_data.ndef.flags |= RW_NDEF_FL_READ_ONLY;
2194 rw_data.ndef.max_size = p_i93->ndef_length;
2195 } else {
2196 rw_data.ndef.flags |= RW_NDEF_FL_HARD_LOCKABLE;
2197 rw_data.ndef.max_size = p_i93->max_ndef_length;
2198 }
2199
2200 p_i93->state = RW_I93_STATE_IDLE;
2201 p_i93->sent_cmd = 0;
2202
2203 DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
2204 "%s - NDEF cur_size(%d),max_size (%d), flags (0x%x)", __func__,
2205 rw_data.ndef.cur_size, rw_data.ndef.max_size, rw_data.ndef.flags);
2206
2207 (*(rw_cb.p_cback))(RW_I93_NDEF_DETECT_EVT, &rw_data);
2208 break;
2209
2210 default:
2211 break;
2212 }
2213 }
2214
2215 /*******************************************************************************
2216 **
2217 ** Function rw_i93_sm_read_ndef
2218 **
2219 ** Description Process NDEF read procedure
2220 **
2221 ** Returns void
2222 **
2223 *******************************************************************************/
rw_i93_sm_read_ndef(NFC_HDR * p_resp)2224 void rw_i93_sm_read_ndef(NFC_HDR* p_resp) {
2225 uint8_t* p = (uint8_t*)(p_resp + 1) + p_resp->offset;
2226 uint8_t flags;
2227 uint16_t offset, length = p_resp->len;
2228 tRW_I93_CB* p_i93 = &rw_cb.tcb.i93;
2229 tRW_DATA rw_data;
2230
2231 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
2232
2233 if (length == 0) {
2234 android_errorWriteLog(0x534e4554, "122035770");
2235 rw_i93_handle_error(NFC_STATUS_FAILED);
2236 return;
2237 }
2238
2239 STREAM_TO_UINT8(flags, p);
2240 length--;
2241
2242 if (flags & I93_FLAG_ERROR_DETECTED) {
2243 DLOG_IF(INFO, nfc_debug_enabled)
2244 << StringPrintf("%s - Got error flags (0x%02x)", __func__, flags);
2245 rw_i93_handle_error(NFC_STATUS_FAILED);
2246 return;
2247 }
2248
2249 /* if this is the first block */
2250 if (p_i93->rw_length == 0) {
2251 /* get start of NDEF in the first block */
2252 offset = p_i93->ndef_tlv_start_offset % p_i93->block_size;
2253
2254 if (p_i93->ndef_length < 0xFF) {
2255 offset += 2;
2256 } else {
2257 offset += 4;
2258 }
2259
2260 /* adjust offset if read more blocks because the first block doesn't have
2261 * NDEF */
2262 offset -= (p_i93->rw_offset - p_i93->ndef_tlv_start_offset);
2263 } else {
2264 offset = 0;
2265 }
2266
2267 /* if read enough data to skip type and length field for the beginning */
2268 if (offset < length) {
2269 offset++; /* flags */
2270 p_resp->offset += offset;
2271 p_resp->len -= offset;
2272
2273 rw_data.data.status = NFC_STATUS_OK;
2274 rw_data.data.p_data = p_resp;
2275
2276 p_i93->rw_length += p_resp->len;
2277 } else {
2278 /* in case of no Ndef data included */
2279 p_resp->len = 0;
2280 }
2281
2282 /* if read all of NDEF data */
2283 if (p_i93->rw_length >= p_i93->ndef_length) {
2284 /* remove extra btyes in the last block */
2285 p_resp->len -= (p_i93->rw_length - p_i93->ndef_length);
2286
2287 p_i93->state = RW_I93_STATE_IDLE;
2288 p_i93->sent_cmd = 0;
2289
2290 DLOG_IF(INFO, nfc_debug_enabled)
2291 << StringPrintf("%s - NDEF read complete read (%d)/total (%d)",
2292 __func__, p_resp->len, p_i93->ndef_length);
2293
2294 (*(rw_cb.p_cback))(RW_I93_NDEF_READ_CPLT_EVT, &rw_data);
2295 } else {
2296 DLOG_IF(INFO, nfc_debug_enabled)
2297 << StringPrintf("%s - NDEF read segment read (%d)/total (%d)", __func__,
2298 p_resp->len, p_i93->ndef_length);
2299
2300 if (p_resp->len > 0) {
2301 (*(rw_cb.p_cback))(RW_I93_NDEF_READ_EVT, &rw_data);
2302 } else {
2303 // free buffer, if len == 0
2304 GKI_freebuf(p_resp);
2305 }
2306
2307 /* this will make read data from next block */
2308 p_i93->rw_offset += length;
2309
2310 if (rw_i93_get_next_blocks(p_i93->rw_offset) != NFC_STATUS_OK) {
2311 rw_i93_handle_error(NFC_STATUS_FAILED);
2312 }
2313 }
2314 }
2315
2316 /*******************************************************************************
2317 **
2318 ** Function rw_i93_sm_update_ndef
2319 **
2320 ** Description Process NDEF update procedure
2321 **
2322 ** 1. Set length field to zero
2323 ** 2. Write NDEF and Terminator TLV
2324 ** 3. Set length field to NDEF length
2325 **
2326 ** Returns void
2327 **
2328 *******************************************************************************/
rw_i93_sm_update_ndef(NFC_HDR * p_resp)2329 void rw_i93_sm_update_ndef(NFC_HDR* p_resp) {
2330 uint8_t* p = (uint8_t*)(p_resp + 1) + p_resp->offset;
2331 uint8_t flags, xx, length_offset, buff[I93_MAX_BLOCK_LENGH];
2332 uint16_t length = p_resp->len, block_number;
2333 tRW_I93_CB* p_i93 = &rw_cb.tcb.i93;
2334 tRW_DATA rw_data;
2335
2336 DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
2337 "%s - sub_state:%s (0x%x)", __func__,
2338 rw_i93_get_sub_state_name(p_i93->sub_state).c_str(), p_i93->sub_state);
2339
2340 if (length == 0 || p_i93->block_size > I93_MAX_BLOCK_LENGH) {
2341 android_errorWriteLog(0x534e4554, "122320256");
2342 rw_i93_handle_error(NFC_STATUS_FAILED);
2343 return;
2344 }
2345
2346 STREAM_TO_UINT8(flags, p);
2347 length--;
2348
2349 if (flags & I93_FLAG_ERROR_DETECTED) {
2350 if (((p_i93->product_version == RW_I93_TAG_IT_HF_I_PLUS_INLAY) ||
2351 (p_i93->product_version == RW_I93_TAG_IT_HF_I_PLUS_CHIP) ||
2352 (p_i93->product_version == RW_I93_TAG_IT_HF_I_STD_CHIP_INLAY) ||
2353 (p_i93->product_version == RW_I93_TAG_IT_HF_I_PRO_CHIP_INLAY)) &&
2354 (*p == I93_ERROR_CODE_BLOCK_FAIL_TO_WRITE)) {
2355 /* ignore error */
2356 } else {
2357 DLOG_IF(INFO, nfc_debug_enabled)
2358 << StringPrintf("%s - Got error flags (0x%02x)", __func__, flags);
2359 rw_i93_handle_error(NFC_STATUS_FAILED);
2360 return;
2361 }
2362 }
2363
2364 switch (p_i93->sub_state) {
2365 case RW_I93_SUBSTATE_RESET_LEN:
2366
2367 /* get offset of length field */
2368 length_offset = (p_i93->ndef_tlv_start_offset + 1) % p_i93->block_size;
2369
2370 if (length < length_offset) {
2371 android_errorWriteLog(0x534e4554, "122320256");
2372 rw_i93_handle_error(NFC_STATUS_FAILED);
2373 return;
2374 }
2375
2376 /* set length to zero */
2377 *(p + length_offset) = 0x00;
2378
2379 if (p_i93->ndef_length > 0) {
2380 /* if 3 bytes length field is needed */
2381 if (p_i93->ndef_length >= 0xFF) {
2382 xx = length_offset + 3;
2383 } else {
2384 xx = length_offset + 1;
2385 }
2386
2387 /* write the first part of NDEF in the same block */
2388 for (; xx < p_i93->block_size; xx++) {
2389 if (xx > length || p_i93->rw_length > p_i93->ndef_length) {
2390 android_errorWriteLog(0x534e4554, "122320256");
2391 rw_i93_handle_error(NFC_STATUS_FAILED);
2392 return;
2393 }
2394 if (p_i93->rw_length < p_i93->ndef_length) {
2395 *(p + xx) = *(p_i93->p_update_data + p_i93->rw_length++);
2396 } else {
2397 *(p + xx) = I93_ICODE_TLV_TYPE_NULL;
2398 }
2399 }
2400 }
2401
2402 block_number = (p_i93->ndef_tlv_start_offset + 1) / p_i93->block_size;
2403
2404 if (length < p_i93->block_size) {
2405 android_errorWriteLog(0x534e4554, "143109193");
2406 rw_i93_handle_error(NFC_STATUS_FAILED);
2407 } else if (rw_i93_send_cmd_write_single_block(block_number, p) ==
2408 NFC_STATUS_OK) {
2409 /* update next writing offset */
2410 p_i93->rw_offset = (block_number + 1) * p_i93->block_size;
2411 p_i93->sub_state = RW_I93_SUBSTATE_WRITE_NDEF;
2412 } else {
2413 rw_i93_handle_error(NFC_STATUS_FAILED);
2414 }
2415 break;
2416
2417 case RW_I93_SUBSTATE_WRITE_NDEF:
2418
2419 /* if it's not the end of tag memory */
2420 if (p_i93->rw_offset < p_i93->block_size * p_i93->num_block) {
2421 block_number = p_i93->rw_offset / p_i93->block_size;
2422
2423 /* if we have more data to write */
2424 if (p_i93->rw_length < p_i93->ndef_length) {
2425 p = p_i93->p_update_data + p_i93->rw_length;
2426
2427 p_i93->rw_offset += p_i93->block_size;
2428 p_i93->rw_length += p_i93->block_size;
2429
2430 /* if this is the last block of NDEF TLV */
2431 if (p_i93->rw_length > p_i93->ndef_length) {
2432 /* length of NDEF TLV in the block */
2433 xx = (uint8_t)(p_i93->block_size -
2434 (p_i93->rw_length - p_i93->ndef_length));
2435
2436 /* set NULL TLV in the unused part of block */
2437 memset(buff, I93_ICODE_TLV_TYPE_NULL, p_i93->block_size);
2438 memcpy(buff, p, xx);
2439 p = buff;
2440
2441 /* if it's the end of tag memory */
2442 if ((p_i93->rw_offset >= p_i93->block_size * p_i93->num_block) &&
2443 (xx < p_i93->block_size)) {
2444 buff[xx] = I93_ICODE_TLV_TYPE_TERM;
2445 }
2446
2447 p_i93->ndef_tlv_last_offset =
2448 p_i93->rw_offset - p_i93->block_size + xx - 1;
2449 }
2450
2451 if (rw_i93_send_cmd_write_single_block(block_number, p) !=
2452 NFC_STATUS_OK) {
2453 rw_i93_handle_error(NFC_STATUS_FAILED);
2454 }
2455 } else {
2456 /* if this is the very next block of NDEF TLV */
2457 if (block_number ==
2458 (p_i93->ndef_tlv_last_offset / p_i93->block_size) + 1) {
2459 p_i93->rw_offset += p_i93->block_size;
2460
2461 /* write Terminator TLV and NULL TLV */
2462 memset(buff, I93_ICODE_TLV_TYPE_NULL, p_i93->block_size);
2463 buff[0] = I93_ICODE_TLV_TYPE_TERM;
2464 p = buff;
2465
2466 if (rw_i93_send_cmd_write_single_block(block_number, p) !=
2467 NFC_STATUS_OK) {
2468 rw_i93_handle_error(NFC_STATUS_FAILED);
2469 }
2470 } else {
2471 /* finished writing NDEF and Terminator TLV */
2472 /* read length field to update length */
2473 block_number =
2474 (p_i93->ndef_tlv_start_offset + 1) / p_i93->block_size;
2475
2476 if (rw_i93_send_cmd_read_single_block(block_number, false) ==
2477 NFC_STATUS_OK) {
2478 /* set offset to length field */
2479 p_i93->rw_offset = p_i93->ndef_tlv_start_offset + 1;
2480
2481 /* get size of length field */
2482 if (p_i93->ndef_length >= 0xFF) {
2483 p_i93->rw_length = 3;
2484 } else if (p_i93->ndef_length > 0) {
2485 p_i93->rw_length = 1;
2486 } else {
2487 p_i93->rw_length = 0;
2488 }
2489
2490 p_i93->sub_state = RW_I93_SUBSTATE_UPDATE_LEN;
2491 } else {
2492 rw_i93_handle_error(NFC_STATUS_FAILED);
2493 }
2494 }
2495 }
2496 } else {
2497 /* if we have no more data to write */
2498 if (p_i93->rw_length >= p_i93->ndef_length) {
2499 /* finished writing NDEF and Terminator TLV */
2500 /* read length field to update length */
2501 block_number = (p_i93->ndef_tlv_start_offset + 1) / p_i93->block_size;
2502
2503 if (rw_i93_send_cmd_read_single_block(block_number, false) ==
2504 NFC_STATUS_OK) {
2505 /* set offset to length field */
2506 p_i93->rw_offset = p_i93->ndef_tlv_start_offset + 1;
2507
2508 /* get size of length field */
2509 if (p_i93->ndef_length >= 0xFF) {
2510 p_i93->rw_length = 3;
2511 } else if (p_i93->ndef_length > 0) {
2512 p_i93->rw_length = 1;
2513 } else {
2514 p_i93->rw_length = 0;
2515 }
2516
2517 p_i93->sub_state = RW_I93_SUBSTATE_UPDATE_LEN;
2518 break;
2519 }
2520 }
2521 rw_i93_handle_error(NFC_STATUS_FAILED);
2522 }
2523 break;
2524
2525 case RW_I93_SUBSTATE_UPDATE_LEN:
2526
2527 /* if we have more length field to write */
2528 if (p_i93->rw_length > 0) {
2529 /* if we got ack for writing, read next block to update rest of length
2530 * field */
2531 if (length == 0) {
2532 block_number = p_i93->rw_offset / p_i93->block_size;
2533
2534 if (rw_i93_send_cmd_read_single_block(block_number, false) !=
2535 NFC_STATUS_OK) {
2536 rw_i93_handle_error(NFC_STATUS_FAILED);
2537 }
2538 } else {
2539 length_offset = p_i93->rw_offset % p_i93->block_size;
2540
2541 /* update length field within the read block */
2542 for (xx = length_offset; xx < p_i93->block_size; xx++) {
2543 if (xx > length) {
2544 android_errorWriteLog(0x534e4554, "122320256");
2545 rw_i93_handle_error(NFC_STATUS_FAILED);
2546 return;
2547 }
2548
2549 if (p_i93->rw_length == 3)
2550 *(p + xx) = 0xFF;
2551 else if (p_i93->rw_length == 2)
2552 *(p + xx) = (uint8_t)((p_i93->ndef_length >> 8) & 0xFF);
2553 else if (p_i93->rw_length == 1)
2554 *(p + xx) = (uint8_t)(p_i93->ndef_length & 0xFF);
2555
2556 p_i93->rw_length--;
2557 if (p_i93->rw_length == 0) break;
2558 }
2559
2560 block_number = (p_i93->rw_offset / p_i93->block_size);
2561
2562 if (length < p_i93->block_size) {
2563 android_errorWriteLog(0x534e4554, "143155861");
2564 rw_i93_handle_error(NFC_STATUS_FAILED);
2565 } else if (rw_i93_send_cmd_write_single_block(block_number, p) ==
2566 NFC_STATUS_OK) {
2567 /* set offset to the beginning of next block */
2568 p_i93->rw_offset +=
2569 p_i93->block_size - (p_i93->rw_offset % p_i93->block_size);
2570 } else {
2571 rw_i93_handle_error(NFC_STATUS_FAILED);
2572 }
2573 }
2574 } else {
2575 DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
2576 "%s - NDEF update complete, %d bytes, (%d-%d)", __func__,
2577 p_i93->ndef_length, p_i93->ndef_tlv_start_offset,
2578 p_i93->ndef_tlv_last_offset);
2579
2580 p_i93->state = RW_I93_STATE_IDLE;
2581 p_i93->sent_cmd = 0;
2582 p_i93->p_update_data = nullptr;
2583
2584 rw_data.status = NFC_STATUS_OK;
2585 (*(rw_cb.p_cback))(RW_I93_NDEF_UPDATE_CPLT_EVT, &rw_data);
2586 }
2587 break;
2588
2589 default:
2590 break;
2591 }
2592 }
2593
2594 /*******************************************************************************
2595 **
2596 ** Function rw_i93_sm_format
2597 **
2598 ** Description Process format procedure
2599 **
2600 ** 1. Get UID
2601 ** 2. Get sys info for memory size (reset AFI/DSFID)
2602 ** 3. Get block status to get read-only status
2603 ** 4. Write CC and empty NDEF
2604 **
2605 ** Returns void
2606 **
2607 *******************************************************************************/
rw_i93_sm_format(NFC_HDR * p_resp)2608 void rw_i93_sm_format(NFC_HDR* p_resp) {
2609 uint8_t *p = (uint8_t*)(p_resp + 1) + p_resp->offset, *p_uid;
2610 uint8_t flags;
2611 uint16_t length = p_resp->len, xx, block_number;
2612 tRW_I93_CB* p_i93 = &rw_cb.tcb.i93;
2613 tRW_DATA rw_data;
2614 tNFC_STATUS status = NFC_STATUS_FAILED;
2615
2616 DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
2617 "sub_state:%s (0x%x)",
2618 rw_i93_get_sub_state_name(p_i93->sub_state).c_str(), p_i93->sub_state);
2619
2620 if (length == 0) {
2621 android_errorWriteLog(0x534e4554, "122323053");
2622 return;
2623 }
2624 STREAM_TO_UINT8(flags, p);
2625 length--;
2626
2627 if (flags & I93_FLAG_ERROR_DETECTED) {
2628 if (((p_i93->product_version == RW_I93_TAG_IT_HF_I_PLUS_INLAY) ||
2629 (p_i93->product_version == RW_I93_TAG_IT_HF_I_PLUS_CHIP) ||
2630 (p_i93->product_version == RW_I93_TAG_IT_HF_I_STD_CHIP_INLAY) ||
2631 (p_i93->product_version == RW_I93_TAG_IT_HF_I_PRO_CHIP_INLAY)) &&
2632 (*p == I93_ERROR_CODE_BLOCK_FAIL_TO_WRITE)) {
2633 /* ignore error */
2634 } else if ((length) && (rw_i93_check_sys_info_prot_ext(*p))) {
2635 /* getting system info with protocol extension flag */
2636 /* This STM & ONS tag supports more than 2040 bytes */
2637 p_i93->intl_flags |= RW_I93_FLAG_16BIT_NUM_BLOCK;
2638 return;
2639 } else {
2640 DLOG_IF(INFO, nfc_debug_enabled)
2641 << StringPrintf("Got error flags (0x%02x)", flags);
2642 rw_i93_handle_error(NFC_STATUS_FAILED);
2643 return;
2644 }
2645 }
2646
2647 switch (p_i93->sub_state) {
2648 case RW_I93_SUBSTATE_WAIT_UID:
2649
2650 if (length < (I93_UID_BYTE_LEN + 1)) {
2651 android_errorWriteLog(0x534e4554, "122323053");
2652 return;
2653 }
2654 p++; /* skip DSFID */
2655 p_uid = p_i93->uid;
2656 STREAM_TO_ARRAY8(p_uid, p); /* store UID */
2657
2658 /* get system information to get memory size */
2659 if (rw_i93_send_cmd_get_sys_info(nullptr, I93_FLAG_PROT_EXT_NO) ==
2660 NFC_STATUS_OK) {
2661 p_i93->sub_state = RW_I93_SUBSTATE_WAIT_SYS_INFO;
2662 } else {
2663 rw_i93_handle_error(NFC_STATUS_FAILED);
2664 }
2665 break;
2666
2667 case RW_I93_SUBSTATE_WAIT_SYS_INFO:
2668
2669 p_i93->block_size = 0;
2670 p_i93->num_block = 0;
2671
2672 if (!rw_i93_process_sys_info(p, length)) {
2673 /* retrying with protocol extension flag */
2674 break;
2675 }
2676
2677 if (p_i93->info_flags & I93_INFO_FLAG_DSFID) {
2678 /* DSFID, if any DSFID then reset */
2679 if (p_i93->dsfid != I93_DFS_UNSUPPORTED) {
2680 p_i93->intl_flags |= RW_I93_FLAG_RESET_DSFID;
2681 }
2682 }
2683 if (p_i93->info_flags & I93_INFO_FLAG_AFI) {
2684 /* AFI, reset to 0 */
2685 if (p_i93->afi != 0x00) {
2686 p_i93->intl_flags |= RW_I93_FLAG_RESET_AFI;
2687 }
2688 }
2689
2690 if ((p_i93->block_size == 0) || (p_i93->num_block == 0)) {
2691 DLOG_IF(INFO, nfc_debug_enabled)
2692 << StringPrintf("Unable to get tag memory size");
2693 rw_i93_handle_error(status);
2694 } else if (p_i93->intl_flags & RW_I93_FLAG_RESET_DSFID) {
2695 if (rw_i93_send_cmd_write_dsfid(I93_DFS_UNSUPPORTED) == NFC_STATUS_OK) {
2696 p_i93->sub_state = RW_I93_SUBSTATE_WAIT_RESET_DSFID_AFI;
2697 } else {
2698 rw_i93_handle_error(NFC_STATUS_FAILED);
2699 }
2700 } else if (p_i93->intl_flags & RW_I93_FLAG_RESET_AFI) {
2701 if (rw_i93_send_cmd_write_afi(0x00) == NFC_STATUS_OK) {
2702 p_i93->sub_state = RW_I93_SUBSTATE_WAIT_RESET_DSFID_AFI;
2703 } else {
2704 rw_i93_handle_error(NFC_STATUS_FAILED);
2705 }
2706 } else {
2707 /* get lock status to see if read-only */
2708 if ((p_i93->uid[1] == I93_UID_IC_MFG_CODE_NXP) &&
2709 (p_i93->ic_reference & I93_ICODE_IC_REF_MBREAD_MASK)) {
2710 /* these doesn't support GetMultiBlockSecurityStatus */
2711
2712 rw_cb.tcb.i93.rw_offset = 0;
2713
2714 /* read blocks with option flag to get block security status */
2715 if (rw_i93_send_cmd_read_single_block(0x0000, true) ==
2716 NFC_STATUS_OK) {
2717 p_i93->sub_state = RW_I93_SUBSTATE_CHECK_READ_ONLY;
2718 } else {
2719 rw_i93_handle_error(NFC_STATUS_FAILED);
2720 }
2721 } else {
2722 /* block offset for read-only check */
2723 p_i93->rw_offset = 0;
2724
2725 if (rw_i93_get_next_block_sec() == NFC_STATUS_OK) {
2726 p_i93->sub_state = RW_I93_SUBSTATE_CHECK_READ_ONLY;
2727 } else {
2728 rw_i93_handle_error(NFC_STATUS_FAILED);
2729 }
2730 }
2731 }
2732
2733 break;
2734
2735 case RW_I93_SUBSTATE_WAIT_RESET_DSFID_AFI:
2736
2737 if (p_i93->sent_cmd == I93_CMD_WRITE_DSFID) {
2738 p_i93->intl_flags &= ~RW_I93_FLAG_RESET_DSFID;
2739 } else if (p_i93->sent_cmd == I93_CMD_WRITE_AFI) {
2740 p_i93->intl_flags &= ~RW_I93_FLAG_RESET_AFI;
2741 }
2742
2743 if (p_i93->intl_flags & RW_I93_FLAG_RESET_DSFID) {
2744 if (rw_i93_send_cmd_write_dsfid(I93_DFS_UNSUPPORTED) == NFC_STATUS_OK) {
2745 p_i93->sub_state = RW_I93_SUBSTATE_WAIT_RESET_DSFID_AFI;
2746 } else {
2747 rw_i93_handle_error(NFC_STATUS_FAILED);
2748 }
2749 } else if (p_i93->intl_flags & RW_I93_FLAG_RESET_AFI) {
2750 if (rw_i93_send_cmd_write_afi(0x00) == NFC_STATUS_OK) {
2751 p_i93->sub_state = RW_I93_SUBSTATE_WAIT_RESET_DSFID_AFI;
2752 } else {
2753 rw_i93_handle_error(NFC_STATUS_FAILED);
2754 }
2755 } else {
2756 /* get lock status to see if read-only */
2757 if ((p_i93->uid[1] == I93_UID_IC_MFG_CODE_NXP) &&
2758 (p_i93->ic_reference & I93_ICODE_IC_REF_MBREAD_MASK)) {
2759 /* these doesn't support GetMultiBlockSecurityStatus */
2760
2761 rw_cb.tcb.i93.rw_offset = 0;
2762
2763 /* read blocks with option flag to get block security status */
2764 if (rw_i93_send_cmd_read_single_block(0x0000, true) ==
2765 NFC_STATUS_OK) {
2766 p_i93->sub_state = RW_I93_SUBSTATE_CHECK_READ_ONLY;
2767 } else {
2768 rw_i93_handle_error(NFC_STATUS_FAILED);
2769 }
2770 } else {
2771 /* block offset for read-only check */
2772 p_i93->rw_offset = 0;
2773
2774 if (rw_i93_get_next_block_sec() == NFC_STATUS_OK) {
2775 p_i93->sub_state = RW_I93_SUBSTATE_CHECK_READ_ONLY;
2776 } else {
2777 rw_i93_handle_error(NFC_STATUS_FAILED);
2778 }
2779 }
2780 }
2781 break;
2782
2783 case RW_I93_SUBSTATE_CHECK_READ_ONLY:
2784
2785 if ((p_i93->product_version == RW_I93_TAG_IT_HF_I_STD_CHIP_INLAY) ||
2786 (p_i93->product_version == RW_I93_TAG_IT_HF_I_PRO_CHIP_INLAY) ||
2787 ((p_i93->uid[1] == I93_UID_IC_MFG_CODE_NXP) &&
2788 (p_i93->ic_reference & I93_ICODE_IC_REF_MBREAD_MASK))) {
2789 if (length == 0 || ((*p) & I93_BLOCK_LOCKED)) {
2790 rw_i93_handle_error(NFC_STATUS_FAILED);
2791 break;
2792 }
2793
2794 /* if we checked all of user blocks */
2795 if ((p_i93->rw_offset / p_i93->block_size) + 1 == p_i93->num_block) {
2796 if ((p_i93->product_version == RW_I93_TAG_IT_HF_I_STD_CHIP_INLAY) ||
2797 (p_i93->product_version == RW_I93_TAG_IT_HF_I_PRO_CHIP_INLAY)) {
2798 /* read the block which has AFI */
2799 p_i93->rw_offset = I93_TAG_IT_HF_I_STD_PRO_CHIP_INLAY_AFI_LOCATION;
2800 rw_i93_send_cmd_read_single_block(
2801 (uint16_t)(p_i93->rw_offset / p_i93->block_size), true);
2802 break;
2803 }
2804 } else if (p_i93->rw_offset ==
2805 I93_TAG_IT_HF_I_STD_PRO_CHIP_INLAY_AFI_LOCATION) {
2806 /* no block is locked */
2807 } else {
2808 p_i93->rw_offset += p_i93->block_size;
2809 rw_i93_send_cmd_read_single_block(
2810 (uint16_t)(p_i93->rw_offset / p_i93->block_size), true);
2811 break;
2812 }
2813 } else {
2814 /* if any block is locked, we cannot format it */
2815 for (xx = 0; xx < length; xx++) {
2816 if (*(p + xx) & I93_BLOCK_LOCKED) {
2817 rw_i93_handle_error(NFC_STATUS_FAILED);
2818 break;
2819 }
2820 }
2821
2822 /* update block offset for read-only check */
2823 p_i93->rw_offset += length;
2824
2825 /* if need to get more lock status of blocks */
2826 if (p_i93->num_block > p_i93->rw_offset) {
2827 if (rw_i93_get_next_block_sec() != NFC_STATUS_OK) {
2828 rw_i93_handle_error(NFC_STATUS_FAILED);
2829 }
2830 break;
2831 }
2832 }
2833
2834 /* get buffer to store CC, zero length NDEF TLV and Terminator TLV */
2835 /* Block size could be either 4 or 8 or 16 or 32 bytes */
2836 /* Get buffer for the largest block size I93_MAX_BLOCK_LENGH */
2837 p_i93->p_update_data = (uint8_t*)GKI_getbuf(I93_MAX_BLOCK_LENGH);
2838
2839 if (!p_i93->p_update_data) {
2840 LOG(ERROR) << StringPrintf("Cannot allocate buffer");
2841 rw_i93_handle_error(NFC_STATUS_FAILED);
2842 break;
2843 } else {
2844 switch (p_i93->block_size) {
2845 case 4:
2846 case 8:
2847 break;
2848 case 16:
2849 case 32: /* initialize unpopulated buffer b/139738828 */
2850 memset(p_i93->p_update_data, I93_ICODE_TLV_TYPE_NULL,
2851 I93_MAX_BLOCK_LENGH);
2852 break;
2853 default:
2854 android_errorWriteLog(0x534e4554, "157650336");
2855 rw_i93_handle_error(NFC_STATUS_FAILED);
2856 return;
2857 }
2858 }
2859
2860 p = p_i93->p_update_data;
2861
2862 /* Capability Container */
2863 *(p++) = I93_ICODE_CC_MAGIC_NUMER_E1; /* magic number */
2864 *(p++) = 0x40; /* version 1.0, read/write */
2865
2866 /* if memory size is less than 2048 bytes */
2867 if (((p_i93->num_block * p_i93->block_size) / 8) < 0x100)
2868 *(p++) = (uint8_t)((p_i93->num_block * p_i93->block_size) /
2869 8); /* memory size */
2870 else
2871 *(p++) = 0xFF;
2872
2873 if ((p_i93->product_version == RW_I93_ICODE_SLI) ||
2874 (p_i93->product_version == RW_I93_ICODE_SLI_S) ||
2875 (p_i93->product_version == RW_I93_ICODE_SLI_L)) {
2876 if (p_i93->ic_reference & I93_ICODE_IC_REF_MBREAD_MASK)
2877 *(p++) = I93_ICODE_CC_IPREAD_MASK; /* IPREAD */
2878 else
2879 *(p++) = I93_ICODE_CC_MBREAD_MASK; /* MBREAD, read multi block command
2880 supported */
2881 } else if ((p_i93->product_version == RW_I93_TAG_IT_HF_I_PLUS_INLAY) ||
2882 (p_i93->product_version == RW_I93_TAG_IT_HF_I_PLUS_CHIP)) {
2883 *(p++) = I93_ICODE_CC_MBREAD_MASK; /* MBREAD, read multi block command
2884 supported */
2885 } else if ((p_i93->product_version ==
2886 RW_I93_TAG_IT_HF_I_STD_CHIP_INLAY) ||
2887 (p_i93->product_version ==
2888 RW_I93_TAG_IT_HF_I_PRO_CHIP_INLAY)) {
2889 *(p++) = 0;
2890 } else {
2891 /* STM except LRIS2K, ONS, Broadcom supports read multi block command */
2892
2893 /* if memory size is more than 2040 bytes (which is not LRIS2K) */
2894 if (((p_i93->num_block * p_i93->block_size) / 8) > 0xFF)
2895 *(p++) = (I93_ICODE_CC_MBREAD_MASK | I93_STM_CC_OVERFLOW_MASK);
2896 else if (p_i93->product_version == RW_I93_STM_LRIS2K)
2897 *(p++) = 0x00;
2898 else
2899 *(p++) = I93_ICODE_CC_MBREAD_MASK;
2900 }
2901
2902 /* zero length NDEF and Terminator TLV */
2903 *(p++) = I93_ICODE_TLV_TYPE_NDEF;
2904 *(p++) = 0x00;
2905 *(p++) = I93_ICODE_TLV_TYPE_TERM;
2906 *(p++) = I93_ICODE_TLV_TYPE_NULL;
2907
2908 /* start from block 0 */
2909 p_i93->rw_offset = 0;
2910
2911 if (rw_i93_send_cmd_write_single_block(0, p_i93->p_update_data) ==
2912 NFC_STATUS_OK) {
2913 p_i93->sub_state = RW_I93_SUBSTATE_WRITE_CC_NDEF_TLV;
2914 p_i93->rw_offset += p_i93->block_size;
2915 } else {
2916 rw_i93_handle_error(NFC_STATUS_FAILED);
2917 }
2918 break;
2919
2920 case RW_I93_SUBSTATE_WRITE_CC_NDEF_TLV:
2921
2922 /* if we have more data to write */
2923 if (p_i93->rw_offset < RW_I93_FORMAT_DATA_LEN) {
2924 block_number = (p_i93->rw_offset / p_i93->block_size);
2925 p = p_i93->p_update_data + p_i93->rw_offset;
2926
2927 if (rw_i93_send_cmd_write_single_block(block_number, p) ==
2928 NFC_STATUS_OK) {
2929 p_i93->sub_state = RW_I93_SUBSTATE_WRITE_CC_NDEF_TLV;
2930 p_i93->rw_offset += p_i93->block_size;
2931 } else {
2932 rw_i93_handle_error(NFC_STATUS_FAILED);
2933 }
2934 } else {
2935 GKI_freebuf(p_i93->p_update_data);
2936 p_i93->p_update_data = nullptr;
2937
2938 p_i93->state = RW_I93_STATE_IDLE;
2939 p_i93->sent_cmd = 0;
2940
2941 rw_data.status = NFC_STATUS_OK;
2942 (*(rw_cb.p_cback))(RW_I93_FORMAT_CPLT_EVT, &rw_data);
2943 }
2944 break;
2945
2946 default:
2947 break;
2948 }
2949 }
2950
2951 /*******************************************************************************
2952 **
2953 ** Function rw_i93_sm_set_read_only
2954 **
2955 ** Description Process read-only procedure
2956 **
2957 ** 1. Update CC as read-only
2958 ** 2. Lock all block of NDEF TLV
2959 ** 3. Lock block of CC
2960 **
2961 ** Returns void
2962 **
2963 *******************************************************************************/
rw_i93_sm_set_read_only(NFC_HDR * p_resp)2964 void rw_i93_sm_set_read_only(NFC_HDR* p_resp) {
2965 uint8_t* p = (uint8_t*)(p_resp + 1) + p_resp->offset;
2966 uint8_t flags, block_number;
2967 uint16_t length = p_resp->len;
2968 tRW_I93_CB* p_i93 = &rw_cb.tcb.i93;
2969 tRW_DATA rw_data;
2970
2971 DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
2972 "sub_state:%s (0x%x)",
2973 rw_i93_get_sub_state_name(p_i93->sub_state).c_str(), p_i93->sub_state);
2974
2975 if (length == 0) {
2976 android_errorWriteLog(0x534e4554, "122322613");
2977 rw_i93_handle_error(NFC_STATUS_FAILED);
2978 return;
2979 }
2980
2981 STREAM_TO_UINT8(flags, p);
2982 length--;
2983
2984 if (flags & I93_FLAG_ERROR_DETECTED) {
2985 if (((p_i93->product_version == RW_I93_TAG_IT_HF_I_PLUS_INLAY) ||
2986 (p_i93->product_version == RW_I93_TAG_IT_HF_I_PLUS_CHIP) ||
2987 (p_i93->product_version == RW_I93_TAG_IT_HF_I_STD_CHIP_INLAY) ||
2988 (p_i93->product_version == RW_I93_TAG_IT_HF_I_PRO_CHIP_INLAY)) &&
2989 (*p == I93_ERROR_CODE_BLOCK_FAIL_TO_WRITE)) {
2990 /* ignore error */
2991 } else {
2992 DLOG_IF(INFO, nfc_debug_enabled)
2993 << StringPrintf("Got error flags (0x%02x)", flags);
2994 rw_i93_handle_error(NFC_STATUS_FAILED);
2995 return;
2996 }
2997 }
2998
2999 switch (p_i93->sub_state) {
3000 case RW_I93_SUBSTATE_WAIT_CC:
3001
3002 if (length < RW_I93_CC_SIZE) {
3003 android_errorWriteLog(0x534e4554, "139188579");
3004 rw_i93_handle_error(NFC_STATUS_FAILED);
3005 return;
3006 }
3007
3008 /* mark CC as read-only */
3009 *(p + 1) |= I93_ICODE_CC_READ_ONLY;
3010
3011 if (length < p_i93->block_size) {
3012 android_errorWriteLog(0x534e4554, "143106535");
3013 rw_i93_handle_error(NFC_STATUS_FAILED);
3014 } else if (rw_i93_send_cmd_write_single_block(0, p) == NFC_STATUS_OK) {
3015 p_i93->sub_state = RW_I93_SUBSTATE_WAIT_UPDATE_CC;
3016 } else {
3017 rw_i93_handle_error(NFC_STATUS_FAILED);
3018 }
3019 break;
3020
3021 case RW_I93_SUBSTATE_WAIT_UPDATE_CC:
3022
3023 /* successfully write CC then lock all blocks of NDEF TLV */
3024 p_i93->rw_offset = p_i93->ndef_tlv_start_offset;
3025 block_number = (uint8_t)(p_i93->rw_offset / p_i93->block_size);
3026
3027 if (rw_i93_send_cmd_lock_block(block_number) == NFC_STATUS_OK) {
3028 p_i93->rw_offset += p_i93->block_size;
3029 p_i93->sub_state = RW_I93_SUBSTATE_LOCK_NDEF_TLV;
3030 } else {
3031 rw_i93_handle_error(NFC_STATUS_FAILED);
3032 }
3033 break;
3034
3035 case RW_I93_SUBSTATE_LOCK_NDEF_TLV:
3036
3037 /* if we need to lock more blocks */
3038 if (p_i93->rw_offset < p_i93->ndef_tlv_last_offset) {
3039 /* get the next block of NDEF TLV */
3040 block_number = (uint8_t)(p_i93->rw_offset / p_i93->block_size);
3041
3042 if (rw_i93_send_cmd_lock_block(block_number) == NFC_STATUS_OK) {
3043 p_i93->rw_offset += p_i93->block_size;
3044 } else {
3045 rw_i93_handle_error(NFC_STATUS_FAILED);
3046 }
3047 }
3048 /* if the first block of NDEF TLV is different from block of CC */
3049 else if (p_i93->ndef_tlv_start_offset / p_i93->block_size != 0) {
3050 /* lock block of CC */
3051 if (rw_i93_send_cmd_lock_block(0) == NFC_STATUS_OK) {
3052 p_i93->sub_state = RW_I93_SUBSTATE_WAIT_LOCK_CC;
3053 } else {
3054 rw_i93_handle_error(NFC_STATUS_FAILED);
3055 }
3056 } else {
3057 p_i93->intl_flags |= RW_I93_FLAG_READ_ONLY;
3058 p_i93->state = RW_I93_STATE_IDLE;
3059 p_i93->sent_cmd = 0;
3060
3061 rw_data.status = NFC_STATUS_OK;
3062 (*(rw_cb.p_cback))(RW_I93_SET_TAG_RO_EVT, &rw_data);
3063 }
3064 break;
3065
3066 case RW_I93_SUBSTATE_WAIT_LOCK_CC:
3067
3068 p_i93->intl_flags |= RW_I93_FLAG_READ_ONLY;
3069 p_i93->state = RW_I93_STATE_IDLE;
3070 p_i93->sent_cmd = 0;
3071
3072 rw_data.status = NFC_STATUS_OK;
3073 (*(rw_cb.p_cback))(RW_I93_SET_TAG_RO_EVT, &rw_data);
3074 break;
3075
3076 default:
3077 break;
3078 }
3079 }
3080
3081 /*******************************************************************************
3082 **
3083 ** Function rw_i93_handle_error
3084 **
3085 ** Description notify error to application and clean up
3086 **
3087 ** Returns none
3088 **
3089 *******************************************************************************/
rw_i93_handle_error(tNFC_STATUS status)3090 void rw_i93_handle_error(tNFC_STATUS status) {
3091 tRW_I93_CB* p_i93 = &rw_cb.tcb.i93;
3092 tRW_DATA rw_data;
3093 tRW_EVENT event;
3094
3095 DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
3096 "%s - status:0x%02X, state:0x%X", __func__, status, p_i93->state);
3097
3098 nfc_stop_quick_timer(&p_i93->timer);
3099
3100 if (rw_cb.p_cback) {
3101 rw_data.status = status;
3102 switch (p_i93->state) {
3103 case RW_I93_STATE_IDLE: /* in case of RawFrame */
3104 event = RW_I93_INTF_ERROR_EVT;
3105 break;
3106
3107 case RW_I93_STATE_BUSY:
3108 if (p_i93->sent_cmd == I93_CMD_STAY_QUIET) {
3109 /* There is no response to Stay Quiet command */
3110 rw_data.i93_cmd_cmpl.status = NFC_STATUS_OK;
3111 rw_data.i93_cmd_cmpl.command = I93_CMD_STAY_QUIET;
3112 rw_data.i93_cmd_cmpl.error_code = 0;
3113 event = RW_I93_CMD_CMPL_EVT;
3114 } else {
3115 event = RW_I93_INTF_ERROR_EVT;
3116 }
3117 break;
3118
3119 case RW_I93_STATE_DETECT_NDEF:
3120 rw_data.ndef.protocol = NFC_PROTOCOL_T5T;
3121 rw_data.ndef.cur_size = 0;
3122 rw_data.ndef.max_size = 0;
3123 rw_data.ndef.flags = 0;
3124 rw_data.ndef.flags |= RW_NDEF_FL_FORMATABLE;
3125 rw_data.ndef.flags |= RW_NDEF_FL_UNKNOWN;
3126 event = RW_I93_NDEF_DETECT_EVT;
3127 break;
3128
3129 case RW_I93_STATE_READ_NDEF:
3130 event = RW_I93_NDEF_READ_FAIL_EVT;
3131 break;
3132
3133 case RW_I93_STATE_UPDATE_NDEF:
3134 p_i93->p_update_data = nullptr;
3135 event = RW_I93_NDEF_UPDATE_FAIL_EVT;
3136 break;
3137
3138 case RW_I93_STATE_FORMAT:
3139 if (p_i93->p_update_data) {
3140 GKI_freebuf(p_i93->p_update_data);
3141 p_i93->p_update_data = nullptr;
3142 }
3143 event = RW_I93_FORMAT_CPLT_EVT;
3144 break;
3145
3146 case RW_I93_STATE_SET_READ_ONLY:
3147 event = RW_I93_SET_TAG_RO_EVT;
3148 break;
3149
3150 case RW_I93_STATE_PRESENCE_CHECK:
3151 event = RW_I93_PRESENCE_CHECK_EVT;
3152 DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
3153 "%s - in pres check, may change status:0x%X", __func__, status);
3154 if (status == NFC_STATUS_TIMEOUT) {
3155 rw_data.status = NFC_STATUS_RF_FRAME_CORRUPTED;
3156 }
3157 break;
3158
3159 default:
3160 event = RW_I93_MAX_EVT;
3161 break;
3162 }
3163
3164 p_i93->state = RW_I93_STATE_IDLE;
3165 p_i93->sent_cmd = 0;
3166
3167 if (event != RW_I93_MAX_EVT) {
3168 (*(rw_cb.p_cback))(event, &rw_data);
3169 }
3170 } else {
3171 p_i93->state = RW_I93_STATE_IDLE;
3172 }
3173 }
3174
3175 /*******************************************************************************
3176 **
3177 ** Function rw_i93_process_timeout
3178 **
3179 ** Description process timeout event
3180 **
3181 ** Returns none
3182 **
3183 *******************************************************************************/
rw_i93_process_timeout(TIMER_LIST_ENT * p_tle)3184 void rw_i93_process_timeout(TIMER_LIST_ENT* p_tle) {
3185 NFC_HDR* p_buf;
3186
3187 DLOG_IF(INFO, nfc_debug_enabled)
3188 << StringPrintf("%s - event=%d", __func__, p_tle->event);
3189
3190 if (rw_cb.tcb.i93.state == RW_I93_STATE_PRESENCE_CHECK) {
3191 rw_i93_handle_error(NFC_STATUS_RF_FRAME_CORRUPTED);
3192 return;
3193 }
3194 if (p_tle->event == NFC_TTYPE_RW_I93_RESPONSE) {
3195 if ((rw_cb.tcb.i93.retry_count < RW_MAX_RETRIES) &&
3196 (rw_cb.tcb.i93.p_retry_cmd) &&
3197 (rw_cb.tcb.i93.sent_cmd != I93_CMD_STAY_QUIET)) {
3198 rw_cb.tcb.i93.retry_count++;
3199 LOG(ERROR) << StringPrintf("%s - retry_count = %d", __func__,
3200 rw_cb.tcb.i93.retry_count);
3201
3202 p_buf = rw_cb.tcb.i93.p_retry_cmd;
3203 rw_cb.tcb.i93.p_retry_cmd = nullptr;
3204
3205 if (rw_i93_send_to_lower(p_buf)) {
3206 return;
3207 }
3208 }
3209
3210 /* all retrial is done or failed to send command to lower layer */
3211 if (rw_cb.tcb.i93.p_retry_cmd) {
3212 GKI_freebuf(rw_cb.tcb.i93.p_retry_cmd);
3213 rw_cb.tcb.i93.p_retry_cmd = nullptr;
3214 rw_cb.tcb.i93.retry_count = 0;
3215 }
3216 rw_i93_handle_error(NFC_STATUS_TIMEOUT);
3217 } else {
3218 LOG(ERROR) << StringPrintf("%s - unknown event=%d", __func__, p_tle->event);
3219 }
3220 }
3221
3222 /*******************************************************************************
3223 **
3224 ** Function rw_i93_data_cback
3225 **
3226 ** Description This callback function receives the data from NFCC.
3227 **
3228 ** Returns none
3229 **
3230 *******************************************************************************/
rw_i93_data_cback(uint8_t conn_id,tNFC_CONN_EVT event,tNFC_CONN * p_data)3231 static void rw_i93_data_cback(__attribute__((unused)) uint8_t conn_id,
3232 tNFC_CONN_EVT event, tNFC_CONN* p_data) {
3233 tRW_I93_CB* p_i93 = &rw_cb.tcb.i93;
3234 NFC_HDR* p_resp;
3235 tRW_DATA rw_data;
3236
3237 uint8_t begin_state = p_i93->state;
3238
3239 DLOG_IF(INFO, nfc_debug_enabled)
3240 << StringPrintf("%s - event = 0x%X", __func__, event);
3241
3242 if ((event == NFC_DEACTIVATE_CEVT) || (event == NFC_ERROR_CEVT) ||
3243 ((event == NFC_DATA_CEVT) && (p_data->status != NFC_STATUS_OK))) {
3244 nfc_stop_quick_timer(&p_i93->timer);
3245
3246 if (event == NFC_ERROR_CEVT || (p_data->status != NFC_STATUS_OK)) {
3247 if ((p_i93->retry_count < RW_MAX_RETRIES) && (p_i93->p_retry_cmd)) {
3248 p_i93->retry_count++;
3249
3250 LOG(ERROR) << StringPrintf("%s - retry_count = %d", __func__,
3251 p_i93->retry_count);
3252
3253 p_resp = p_i93->p_retry_cmd;
3254 p_i93->p_retry_cmd = nullptr;
3255 if (rw_i93_send_to_lower(p_resp)) {
3256 if (event == NFC_DATA_CEVT) {
3257 p_resp = (NFC_HDR*)p_data->data.p_data;
3258 GKI_freebuf(p_resp);
3259 }
3260 return;
3261 }
3262 }
3263
3264 /* all retrial is done or failed to send command to lower layer */
3265 if (p_i93->p_retry_cmd) {
3266 GKI_freebuf(p_i93->p_retry_cmd);
3267 p_i93->p_retry_cmd = nullptr;
3268 p_i93->retry_count = 0;
3269 }
3270
3271 rw_i93_handle_error((tNFC_STATUS)(*(uint8_t*)p_data));
3272 } else {
3273 /* free retry buffer */
3274 if (p_i93->p_retry_cmd) {
3275 GKI_freebuf(p_i93->p_retry_cmd);
3276 p_i93->p_retry_cmd = nullptr;
3277 p_i93->retry_count = 0;
3278 }
3279 NFC_SetStaticRfCback(nullptr);
3280 p_i93->state = RW_I93_STATE_NOT_ACTIVATED;
3281 }
3282 if ((event == NFC_DATA_CEVT) && (p_data->status != NFC_STATUS_OK)) {
3283 p_resp = (NFC_HDR*)p_data->data.p_data;
3284 GKI_freebuf(p_resp);
3285 }
3286 return;
3287 }
3288
3289 if (event != NFC_DATA_CEVT) {
3290 return;
3291 }
3292
3293 p_resp = (NFC_HDR*)p_data->data.p_data;
3294
3295 nfc_stop_quick_timer(&p_i93->timer);
3296
3297 /* free retry buffer */
3298 if (p_i93->p_retry_cmd) {
3299 GKI_freebuf(p_i93->p_retry_cmd);
3300 p_i93->p_retry_cmd = nullptr;
3301 p_i93->retry_count = 0;
3302 }
3303
3304 DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
3305 "%s - RW I93 state: <%s (%d)>", __func__,
3306 rw_i93_get_state_name(p_i93->state).c_str(), p_i93->state);
3307
3308 switch (p_i93->state) {
3309 case RW_I93_STATE_IDLE:
3310 /* Unexpected Response from VICC, it should be raw frame response */
3311 /* forward to upper layer without parsing */
3312 p_i93->sent_cmd = 0;
3313 if (rw_cb.p_cback) {
3314 rw_data.raw_frame.status = p_data->data.status;
3315 rw_data.raw_frame.p_data = p_resp;
3316 (*(rw_cb.p_cback))(RW_I93_RAW_FRAME_EVT, &rw_data);
3317 p_resp = nullptr;
3318 } else {
3319 GKI_freebuf(p_resp);
3320 }
3321 break;
3322 case RW_I93_STATE_BUSY:
3323 p_i93->state = RW_I93_STATE_IDLE;
3324 rw_i93_send_to_upper(p_resp);
3325 GKI_freebuf(p_resp);
3326 break;
3327
3328 case RW_I93_STATE_DETECT_NDEF:
3329 if (p_i93->i93_t5t_mode == RW_I93_GET_SYS_INFO_MEM_INFO) {
3330 DLOG_IF(INFO, nfc_debug_enabled)
3331 << StringPrintf("%s - rw_i93_sm_detect_ndef()", __func__);
3332 rw_i93_sm_detect_ndef(p_resp);
3333 } else {
3334 DLOG_IF(INFO, nfc_debug_enabled)
3335 << StringPrintf("%s - rw_t5t_sm_detect_ndef()", __func__);
3336 rw_t5t_sm_detect_ndef(p_resp);
3337 }
3338 GKI_freebuf(p_resp);
3339 break;
3340
3341 case RW_I93_STATE_READ_NDEF:
3342 rw_i93_sm_read_ndef(p_resp);
3343 /* p_resp may send upper lyaer */
3344 break;
3345
3346 case RW_I93_STATE_UPDATE_NDEF:
3347 if (p_i93->i93_t5t_mode == RW_I93_GET_SYS_INFO_MEM_INFO) {
3348 DLOG_IF(INFO, nfc_debug_enabled)
3349 << StringPrintf("%s - rw_i93_sm_update_ndef()", __func__);
3350 rw_i93_sm_update_ndef(p_resp);
3351 } else {
3352 DLOG_IF(INFO, nfc_debug_enabled)
3353 << StringPrintf("%s - rw_t5t_sm_update_ndef()", __func__);
3354 rw_t5t_sm_update_ndef(p_resp);
3355 }
3356 GKI_freebuf(p_resp);
3357 break;
3358
3359 case RW_I93_STATE_FORMAT:
3360 rw_i93_sm_format(p_resp);
3361 GKI_freebuf(p_resp);
3362 break;
3363
3364 case RW_I93_STATE_SET_READ_ONLY:
3365 if (p_i93->i93_t5t_mode == RW_I93_GET_SYS_INFO_MEM_INFO) {
3366 DLOG_IF(INFO, nfc_debug_enabled)
3367 << StringPrintf("%s - rw_i93_sm_set_read_only()", __func__);
3368 rw_i93_sm_set_read_only(p_resp);
3369 } else {
3370 DLOG_IF(INFO, nfc_debug_enabled)
3371 << StringPrintf("%s - rw_t5t_sm_set_read_only()", __func__);
3372 rw_t5t_sm_set_read_only(p_resp);
3373 }
3374 GKI_freebuf(p_resp);
3375 break;
3376
3377 case RW_I93_STATE_PRESENCE_CHECK:
3378 p_i93->state = RW_I93_STATE_IDLE;
3379 p_i93->sent_cmd = 0;
3380
3381 /* if any response, send presence check with ok */
3382 rw_data.status = NFC_STATUS_OK;
3383 (*(rw_cb.p_cback))(RW_I93_PRESENCE_CHECK_EVT, &rw_data);
3384 GKI_freebuf(p_resp);
3385 break;
3386
3387 default:
3388 LOG(ERROR) << StringPrintf("%s - invalid state=%d", __func__,
3389 p_i93->state);
3390 GKI_freebuf(p_resp);
3391 break;
3392 }
3393
3394 if (begin_state != p_i93->state) {
3395 DLOG_IF(INFO, nfc_debug_enabled)
3396 << StringPrintf("%s - RW I93 state changed:<%s> -> <%s>", __func__,
3397 rw_i93_get_state_name(begin_state).c_str(),
3398 rw_i93_get_state_name(p_i93->state).c_str());
3399 }
3400 }
3401
3402 /*******************************************************************************
3403 **
3404 ** Function rw_i93_select
3405 **
3406 ** Description Initialise ISO 15693 / T5T RW
3407 **
3408 ** Returns NFC_STATUS_OK if success
3409 **
3410 *******************************************************************************/
rw_i93_select(uint8_t * p_uid)3411 tNFC_STATUS rw_i93_select(uint8_t* p_uid) {
3412 tRW_I93_CB* p_i93 = &rw_cb.tcb.i93;
3413 uint8_t uid[I93_UID_BYTE_LEN], *p;
3414
3415 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
3416
3417 NFC_SetStaticRfCback(rw_i93_data_cback);
3418
3419 p_i93->state = RW_I93_STATE_IDLE;
3420
3421 /* convert UID to big endian format - MSB(0xE0) in first byte */
3422 p = uid;
3423 STREAM_TO_ARRAY8(p, p_uid);
3424
3425 rw_i93_get_product_version(uid);
3426
3427 return NFC_STATUS_OK;
3428 }
3429
3430 /*******************************************************************************
3431 **
3432 ** Function RW_I93Inventory
3433 **
3434 ** Description This function send Inventory command with/without AFI
3435 ** If UID is provided then set UID[0]:MSB, ... UID[7]:LSB
3436 **
3437 ** RW_I93_RESPONSE_EVT will be returned
3438 **
3439 ** Returns NFC_STATUS_OK if success
3440 ** NFC_STATUS_NO_BUFFERS if out of buffer
3441 ** NFC_STATUS_BUSY if busy
3442 ** NFC_STATUS_FAILED if other error
3443 **
3444 *******************************************************************************/
RW_I93Inventory(bool including_afi,uint8_t afi,uint8_t * p_uid)3445 tNFC_STATUS RW_I93Inventory(bool including_afi, uint8_t afi, uint8_t* p_uid) {
3446 tNFC_STATUS status;
3447
3448 DLOG_IF(INFO, nfc_debug_enabled)
3449 << StringPrintf(", including_afi:%d, AFI:0x%02X", including_afi, afi);
3450
3451 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
3452 LOG(ERROR) << StringPrintf("Unable to start command at state (0x%X)",
3453 rw_cb.tcb.i93.state);
3454 return NFC_STATUS_BUSY;
3455 }
3456
3457 status = rw_i93_send_cmd_inventory(p_uid, including_afi, afi);
3458
3459 if (status == NFC_STATUS_OK) {
3460 rw_cb.tcb.i93.state = RW_I93_STATE_BUSY;
3461 }
3462
3463 return (status);
3464 }
3465
3466 /*******************************************************************************
3467 **
3468 ** Function RW_I93StayQuiet
3469 **
3470 ** Description This function send Inventory command
3471 **
3472 ** RW_I93_CMD_CMPL_EVT will be returned
3473 **
3474 ** Returns NFC_STATUS_OK if success
3475 ** NFC_STATUS_NO_BUFFERS if out of buffer
3476 ** NFC_STATUS_BUSY if busy
3477 ** NFC_STATUS_FAILED if other error
3478 **
3479 *******************************************************************************/
RW_I93StayQuiet(uint8_t * p_uid)3480 tNFC_STATUS RW_I93StayQuiet(uint8_t* p_uid) {
3481 tNFC_STATUS status = NFC_STATUS_FAILED;
3482
3483 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
3484
3485 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
3486 LOG(ERROR) << StringPrintf("%s - Unable to start command at state (0x%X)",
3487 __func__, rw_cb.tcb.i93.state);
3488 return NFC_STATUS_BUSY;
3489 }
3490
3491 if (p_uid) {
3492 status = rw_i93_send_cmd_stay_quiet(p_uid);
3493 if (status == NFC_STATUS_OK) {
3494 rw_cb.tcb.i93.state = RW_I93_STATE_BUSY;
3495 rw_cb.tcb.i93.addr_mode = RW_I93_MODE_ADDRESSED;
3496 }
3497 }
3498
3499 return status;
3500 }
3501
3502 /*******************************************************************************
3503 **
3504 ** Function RW_I93ReadSingleBlock
3505 **
3506 ** Description This function send Read Single Block command
3507 **
3508 ** RW_I93_RESPONSE_EVT will be returned
3509 **
3510 ** Returns NFC_STATUS_OK if success
3511 ** NFC_STATUS_NO_BUFFERS if out of buffer
3512 ** NFC_STATUS_BUSY if busy
3513 ** NFC_STATUS_FAILED if other error
3514 **
3515 *******************************************************************************/
RW_I93ReadSingleBlock(uint16_t block_number)3516 tNFC_STATUS RW_I93ReadSingleBlock(uint16_t block_number) {
3517 tNFC_STATUS status;
3518
3519 DLOG_IF(INFO, nfc_debug_enabled)
3520 << StringPrintf("%s - block_number:0x%02X", __func__, block_number);
3521
3522 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
3523 LOG(ERROR) << StringPrintf("Unable to start command at state (0x%X)",
3524 rw_cb.tcb.i93.state);
3525 return NFC_STATUS_BUSY;
3526 }
3527
3528 status = rw_i93_send_cmd_read_single_block(block_number, false);
3529 if (status == NFC_STATUS_OK) {
3530 rw_cb.tcb.i93.state = RW_I93_STATE_BUSY;
3531 }
3532
3533 return status;
3534 }
3535
3536 /*******************************************************************************
3537 **
3538 ** Function RW_I93WriteSingleBlock
3539 **
3540 ** Description This function send Write Single Block command
3541 ** Application must get block size first by calling
3542 ** RW_I93GetSysInfo().
3543 **
3544 ** RW_I93_CMD_CMPL_EVT will be returned
3545 **
3546 ** Returns NFC_STATUS_OK if success
3547 ** NFC_STATUS_NO_BUFFERS if out of buffer
3548 ** NFC_STATUS_BUSY if busy
3549 ** NFC_STATUS_FAILED if other error
3550 **
3551 *******************************************************************************/
RW_I93WriteSingleBlock(uint16_t block_number,uint8_t * p_data)3552 tNFC_STATUS RW_I93WriteSingleBlock(uint16_t block_number, uint8_t* p_data) {
3553 tNFC_STATUS status;
3554
3555 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
3556
3557 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
3558 LOG(ERROR) << StringPrintf("Unable to start command at state (0x%X)",
3559 rw_cb.tcb.i93.state);
3560 return NFC_STATUS_BUSY;
3561 }
3562
3563 if (rw_cb.tcb.i93.block_size == 0) {
3564 LOG(ERROR) << StringPrintf("Block size is unknown");
3565 return NFC_STATUS_FAILED;
3566 }
3567
3568 status = rw_i93_send_cmd_write_single_block(block_number, p_data);
3569 if (status == NFC_STATUS_OK) {
3570 rw_cb.tcb.i93.state = RW_I93_STATE_BUSY;
3571 }
3572
3573 return status;
3574 }
3575
3576 /*******************************************************************************
3577 **
3578 ** Function RW_I93LockBlock
3579 **
3580 ** Description This function send Lock Block command
3581 **
3582 ** RW_I93_CMD_CMPL_EVT will be returned
3583 **
3584 ** Returns NFC_STATUS_OK if success
3585 ** NFC_STATUS_NO_BUFFERS if out of buffer
3586 ** NFC_STATUS_BUSY if busy
3587 ** NFC_STATUS_FAILED if other error
3588 **
3589 *******************************************************************************/
RW_I93LockBlock(uint8_t block_number)3590 tNFC_STATUS RW_I93LockBlock(uint8_t block_number) {
3591 tNFC_STATUS status;
3592
3593 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
3594
3595 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
3596 LOG(ERROR) << StringPrintf("Unable to start command at state (0x%X)",
3597 rw_cb.tcb.i93.state);
3598 return NFC_STATUS_BUSY;
3599 }
3600
3601 status = rw_i93_send_cmd_lock_block(block_number);
3602 if (status == NFC_STATUS_OK) {
3603 rw_cb.tcb.i93.state = RW_I93_STATE_BUSY;
3604 }
3605
3606 return status;
3607 }
3608
3609 /*******************************************************************************
3610 **
3611 ** Function RW_I93ReadMultipleBlocks
3612 **
3613 ** Description This function send Read Multiple Blocks command
3614 **
3615 ** RW_I93_RESPONSE_EVT will be returned
3616 **
3617 ** Returns NFC_STATUS_OK if success
3618 ** NFC_STATUS_NO_BUFFERS if out of buffer
3619 ** NFC_STATUS_BUSY if busy
3620 ** NFC_STATUS_FAILED if other error
3621 **
3622 *******************************************************************************/
RW_I93ReadMultipleBlocks(uint16_t first_block_number,uint16_t number_blocks)3623 tNFC_STATUS RW_I93ReadMultipleBlocks(uint16_t first_block_number,
3624 uint16_t number_blocks) {
3625 tNFC_STATUS status;
3626
3627 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
3628
3629 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
3630 LOG(ERROR) << StringPrintf("Unable to start command at state (0x%X)",
3631 rw_cb.tcb.i93.state);
3632 return NFC_STATUS_BUSY;
3633 }
3634
3635 status = rw_i93_send_cmd_read_multi_blocks(first_block_number, number_blocks);
3636 if (status == NFC_STATUS_OK) {
3637 rw_cb.tcb.i93.state = RW_I93_STATE_BUSY;
3638 }
3639
3640 return status;
3641 }
3642
3643 /*******************************************************************************
3644 **
3645 ** Function RW_I93WriteMultipleBlocks
3646 **
3647 ** Description This function send Write Multiple Blocks command
3648 **
3649 ** RW_I93_CMD_CMPL_EVT will be returned
3650 **
3651 ** Returns NFC_STATUS_OK if success
3652 ** NFC_STATUS_NO_BUFFERS if out of buffer
3653 ** NFC_STATUS_BUSY if busy
3654 ** NFC_STATUS_FAILED if other error
3655 **
3656 *******************************************************************************/
RW_I93WriteMultipleBlocks(uint16_t first_block_number,uint16_t number_blocks,uint8_t * p_data)3657 tNFC_STATUS RW_I93WriteMultipleBlocks(uint16_t first_block_number,
3658 uint16_t number_blocks, uint8_t* p_data) {
3659 tNFC_STATUS status;
3660
3661 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
3662
3663 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
3664 LOG(ERROR) << StringPrintf("Unable to start command at state (0x%X)",
3665 rw_cb.tcb.i93.state);
3666 return NFC_STATUS_BUSY;
3667 }
3668
3669 if (rw_cb.tcb.i93.block_size == 0) {
3670 LOG(ERROR) << StringPrintf("Block size is unknown");
3671 return NFC_STATUS_FAILED;
3672 }
3673
3674 status = rw_i93_send_cmd_write_multi_blocks(first_block_number, number_blocks,
3675 p_data);
3676 if (status == NFC_STATUS_OK) {
3677 rw_cb.tcb.i93.state = RW_I93_STATE_BUSY;
3678 }
3679
3680 return status;
3681 }
3682
3683 /*******************************************************************************
3684 **
3685 ** Function RW_I93Select
3686 **
3687 ** Description This function send Select command
3688 **
3689 ** UID[0]: 0xE0, MSB
3690 ** UID[1]: IC Mfg Code
3691 ** ...
3692 ** UID[7]: LSB
3693 **
3694 ** RW_I93_CMD_CMPL_EVT will be returned
3695 **
3696 ** Returns NFC_STATUS_OK if success
3697 ** NFC_STATUS_NO_BUFFERS if out of buffer
3698 ** NFC_STATUS_BUSY if busy
3699 ** NFC_STATUS_FAILED if other error
3700 **
3701 *******************************************************************************/
RW_I93Select(uint8_t * p_uid)3702 tNFC_STATUS RW_I93Select(uint8_t* p_uid) {
3703 tNFC_STATUS status;
3704
3705 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
3706
3707 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
3708 LOG(ERROR) << StringPrintf("%s - Unable to start command at state (0x%X)",
3709 __func__, rw_cb.tcb.i93.state);
3710 return NFC_STATUS_BUSY;
3711 }
3712
3713 if (p_uid) {
3714 status = rw_i93_send_cmd_select(p_uid);
3715 if (status == NFC_STATUS_OK) {
3716 rw_cb.tcb.i93.state = RW_I93_STATE_BUSY;
3717 rw_cb.tcb.i93.addr_mode = RW_I93_MODE_NON_ADDRESSED;
3718 rw_cb.tcb.i93.intl_flags |= RW_I93_FLAG_SELECTED_STATE;
3719 }
3720 } else {
3721 LOG(ERROR) << StringPrintf("%s - UID shall be provided", __func__);
3722 status = NFC_STATUS_FAILED;
3723 }
3724
3725 return status;
3726 }
3727
3728 /*******************************************************************************
3729 **
3730 ** Function RW_I93ResetToReady
3731 **
3732 ** Description This function send Reset To Ready command
3733 **
3734 ** RW_I93_CMD_CMPL_EVT will be returned
3735 **
3736 ** Returns NFC_STATUS_OK if success
3737 ** NFC_STATUS_NO_BUFFERS if out of buffer
3738 ** NFC_STATUS_BUSY if busy
3739 ** NFC_STATUS_FAILED if other error
3740 **
3741 *******************************************************************************/
RW_I93ResetToReady(void)3742 tNFC_STATUS RW_I93ResetToReady(void) {
3743 tNFC_STATUS status;
3744
3745 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
3746
3747 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
3748 LOG(ERROR) << StringPrintf("%s - Unable to start command at state (0x%X)",
3749 __func__, rw_cb.tcb.i93.state);
3750 return NFC_STATUS_BUSY;
3751 }
3752
3753 status = rw_i93_send_cmd_reset_to_ready();
3754 if (status == NFC_STATUS_OK) {
3755 rw_cb.tcb.i93.state = RW_I93_STATE_BUSY;
3756 }
3757
3758 return status;
3759 }
3760
3761 /*******************************************************************************
3762 **
3763 ** Function RW_I93WriteAFI
3764 **
3765 ** Description This function send Write AFI command
3766 **
3767 ** RW_I93_CMD_CMPL_EVT will be returned
3768 **
3769 ** Returns NFC_STATUS_OK if success
3770 ** NFC_STATUS_NO_BUFFERS if out of buffer
3771 ** NFC_STATUS_BUSY if busy
3772 ** NFC_STATUS_FAILED if other error
3773 **
3774 *******************************************************************************/
RW_I93WriteAFI(uint8_t afi)3775 tNFC_STATUS RW_I93WriteAFI(uint8_t afi) {
3776 tNFC_STATUS status;
3777
3778 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
3779
3780 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
3781 LOG(ERROR) << StringPrintf("Unable to start command at state (0x%X)",
3782 rw_cb.tcb.i93.state);
3783 return NFC_STATUS_BUSY;
3784 }
3785
3786 status = rw_i93_send_cmd_write_afi(afi);
3787 if (status == NFC_STATUS_OK) {
3788 rw_cb.tcb.i93.state = RW_I93_STATE_BUSY;
3789 }
3790
3791 return status;
3792 }
3793
3794 /*******************************************************************************
3795 **
3796 ** Function RW_I93LockAFI
3797 **
3798 ** Description This function send Lock AFI command
3799 **
3800 ** RW_I93_CMD_CMPL_EVT will be returned
3801 **
3802 ** Returns NFC_STATUS_OK if success
3803 ** NFC_STATUS_NO_BUFFERS if out of buffer
3804 ** NFC_STATUS_BUSY if busy
3805 ** NFC_STATUS_FAILED if other error
3806 **
3807 *******************************************************************************/
RW_I93LockAFI(void)3808 tNFC_STATUS RW_I93LockAFI(void) {
3809 tNFC_STATUS status;
3810
3811 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
3812
3813 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
3814 LOG(ERROR) << StringPrintf("Unable to start command at state (0x%X)",
3815 rw_cb.tcb.i93.state);
3816 return NFC_STATUS_BUSY;
3817 }
3818
3819 status = rw_i93_send_cmd_lock_afi();
3820 if (status == NFC_STATUS_OK) {
3821 rw_cb.tcb.i93.state = RW_I93_STATE_BUSY;
3822 }
3823
3824 return status;
3825 }
3826
3827 /*******************************************************************************
3828 **
3829 ** Function RW_I93WriteDSFID
3830 **
3831 ** Description This function send Write DSFID command
3832 **
3833 ** RW_I93_CMD_CMPL_EVT will be returned
3834 **
3835 ** Returns NFC_STATUS_OK if success
3836 ** NFC_STATUS_NO_BUFFERS if out of buffer
3837 ** NFC_STATUS_BUSY if busy
3838 ** NFC_STATUS_FAILED if other error
3839 **
3840 *******************************************************************************/
RW_I93WriteDSFID(uint8_t dsfid)3841 tNFC_STATUS RW_I93WriteDSFID(uint8_t dsfid) {
3842 tNFC_STATUS status;
3843
3844 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
3845
3846 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
3847 LOG(ERROR) << StringPrintf("Unable to start command at state (0x%X)",
3848 rw_cb.tcb.i93.state);
3849 return NFC_STATUS_BUSY;
3850 }
3851
3852 status = rw_i93_send_cmd_write_dsfid(dsfid);
3853 if (status == NFC_STATUS_OK) {
3854 rw_cb.tcb.i93.state = RW_I93_STATE_BUSY;
3855 }
3856
3857 return status;
3858 }
3859
3860 /*******************************************************************************
3861 **
3862 ** Function RW_I93LockDSFID
3863 **
3864 ** Description This function send Lock DSFID command
3865 **
3866 ** RW_I93_CMD_CMPL_EVT will be returned
3867 **
3868 ** Returns NFC_STATUS_OK if success
3869 ** NFC_STATUS_NO_BUFFERS if out of buffer
3870 ** NFC_STATUS_BUSY if busy
3871 ** NFC_STATUS_FAILED if other error
3872 **
3873 *******************************************************************************/
RW_I93LockDSFID(void)3874 tNFC_STATUS RW_I93LockDSFID(void) {
3875 tNFC_STATUS status;
3876
3877 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
3878
3879 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
3880 LOG(ERROR) << StringPrintf("Unable to start command at state (0x%X)",
3881 rw_cb.tcb.i93.state);
3882 return NFC_STATUS_BUSY;
3883 }
3884
3885 status = rw_i93_send_cmd_lock_dsfid();
3886 if (status == NFC_STATUS_OK) {
3887 rw_cb.tcb.i93.state = RW_I93_STATE_BUSY;
3888 }
3889
3890 return status;
3891 }
3892
3893 /*******************************************************************************
3894 **
3895 ** Function RW_I93GetSysInfo
3896 **
3897 ** Description This function send Get System Information command
3898 **
3899 ** RW_I93_RESPONSE_EVT will be returned
3900 **
3901 ** Returns NFC_STATUS_OK if success
3902 ** NFC_STATUS_NO_BUFFERS if out of buffer
3903 ** NFC_STATUS_BUSY if busy
3904 ** NFC_STATUS_FAILED if other error
3905 **
3906 *******************************************************************************/
RW_I93GetSysInfo(uint8_t * p_uid)3907 tNFC_STATUS RW_I93GetSysInfo(uint8_t* p_uid) {
3908 tNFC_STATUS status;
3909
3910 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
3911
3912 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
3913 LOG(ERROR) << StringPrintf("%s - Unable to start command at state (0x%X)",
3914 __func__, rw_cb.tcb.i93.state);
3915 return NFC_STATUS_BUSY;
3916 }
3917
3918 if (p_uid) {
3919 status = rw_i93_send_cmd_get_sys_info(p_uid, I93_FLAG_PROT_EXT_NO);
3920 } else {
3921 status = rw_i93_send_cmd_get_sys_info(nullptr, I93_FLAG_PROT_EXT_NO);
3922 }
3923
3924 if (status == NFC_STATUS_OK) {
3925 rw_cb.tcb.i93.state = RW_I93_STATE_BUSY;
3926 }
3927
3928 return status;
3929 }
3930
3931 /*******************************************************************************
3932 **
3933 ** Function RW_I93GetMultiBlockSecurityStatus
3934 **
3935 ** Description This function send Get Multiple Block Security Status
3936 ** command
3937 **
3938 ** RW_I93_RESPONSE_EVT will be returned
3939 **
3940 ** Returns NFC_STATUS_OK if success
3941 ** NFC_STATUS_NO_BUFFERS if out of buffer
3942 ** NFC_STATUS_BUSY if busy
3943 ** NFC_STATUS_FAILED if other error
3944 **
3945 *******************************************************************************/
RW_I93GetMultiBlockSecurityStatus(uint16_t first_block_number,uint16_t number_blocks)3946 tNFC_STATUS RW_I93GetMultiBlockSecurityStatus(uint16_t first_block_number,
3947 uint16_t number_blocks) {
3948 tNFC_STATUS status;
3949
3950 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
3951
3952 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
3953 LOG(ERROR) << StringPrintf(
3954 "Unable to start command at state "
3955 "(0x%X)",
3956 rw_cb.tcb.i93.state);
3957 return NFC_STATUS_BUSY;
3958 }
3959
3960 status =
3961 rw_i93_send_cmd_get_multi_block_sec(first_block_number, number_blocks);
3962 if (status == NFC_STATUS_OK) {
3963 rw_cb.tcb.i93.state = RW_I93_STATE_BUSY;
3964 }
3965
3966 return status;
3967 }
3968
3969 /*******************************************************************************
3970 **
3971 ** Function RW_I93DetectNDef
3972 **
3973 ** Description This function performs NDEF detection procedure
3974 **
3975 ** RW_I93_NDEF_DETECT_EVT will be returned
3976 **
3977 ** Returns NFC_STATUS_OK if success
3978 ** NFC_STATUS_FAILED if busy or other error
3979 **
3980 *******************************************************************************/
RW_I93DetectNDef(void)3981 tNFC_STATUS RW_I93DetectNDef(void) {
3982 tNFC_STATUS status;
3983 tRW_I93_RW_SUBSTATE sub_state;
3984
3985 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
3986
3987 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
3988 LOG(ERROR) << StringPrintf("%s - Unable to start command at state (0x%X)",
3989 __func__, rw_cb.tcb.i93.state);
3990 return NFC_STATUS_FAILED;
3991 }
3992
3993 if (rw_cb.tcb.i93.uid[0] != I93_UID_FIRST_BYTE) {
3994 status = rw_i93_send_cmd_inventory(nullptr, false, 0x00);
3995 sub_state = RW_I93_SUBSTATE_WAIT_UID;
3996
3997 } else if (((rw_cb.tcb.i93.num_block == 0) ||
3998 (rw_cb.tcb.i93.block_size == 0)) &&
3999 (!appl_dta_mode_flag)) {
4000 status =
4001 rw_i93_send_cmd_get_sys_info(rw_cb.tcb.i93.uid, I93_FLAG_PROT_EXT_NO);
4002 sub_state = RW_I93_SUBSTATE_WAIT_SYS_INFO;
4003
4004 /* clear all flags */
4005 rw_cb.tcb.i93.intl_flags = 0;
4006 } else {
4007 /* read CC in the first block */
4008 status = rw_i93_send_cmd_read_single_block(0x0000, false);
4009 sub_state = RW_I93_SUBSTATE_WAIT_CC;
4010 }
4011
4012 if (status == NFC_STATUS_OK) {
4013 rw_cb.tcb.i93.state = RW_I93_STATE_DETECT_NDEF;
4014 rw_cb.tcb.i93.sub_state = sub_state;
4015
4016 /* clear flags except flag for 2 bytes of number of blocks */
4017 rw_cb.tcb.i93.intl_flags &= RW_I93_FLAG_16BIT_NUM_BLOCK;
4018 }
4019
4020 return (status);
4021 }
4022
4023 /*******************************************************************************
4024 **
4025 ** Function RW_I93ReadNDef
4026 **
4027 ** Description This function performs NDEF read procedure
4028 ** Note: RW_I93DetectNDef () must be called before using this
4029 **
4030 ** The following event will be returned
4031 ** RW_I93_NDEF_READ_EVT for each segmented NDEF message
4032 ** RW_I93_NDEF_READ_CPLT_EVT for the last segment or
4033 ** complete NDEF
4034 ** RW_I93_NDEF_READ_FAIL_EVT for failure
4035 **
4036 ** Returns NFC_STATUS_OK if success
4037 ** NFC_STATUS_FAILED if I93 is busy or other error
4038 **
4039 *******************************************************************************/
RW_I93ReadNDef(void)4040 tNFC_STATUS RW_I93ReadNDef(void) {
4041 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
4042
4043 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
4044 LOG(ERROR) << StringPrintf("%s - Unable to start command at state (0x%X)",
4045 __func__, rw_cb.tcb.i93.state);
4046 return NFC_STATUS_FAILED;
4047 }
4048
4049 if ((rw_cb.tcb.i93.tlv_type == I93_ICODE_TLV_TYPE_NDEF) &&
4050 (rw_cb.tcb.i93.ndef_length > 0)) {
4051 rw_cb.tcb.i93.rw_offset = rw_cb.tcb.i93.ndef_tlv_start_offset;
4052 rw_cb.tcb.i93.rw_length = 0;
4053
4054 if (rw_i93_get_next_blocks(rw_cb.tcb.i93.rw_offset) == NFC_STATUS_OK) {
4055 rw_cb.tcb.i93.state = RW_I93_STATE_READ_NDEF;
4056 } else {
4057 return NFC_STATUS_FAILED;
4058 }
4059 } else {
4060 LOG(ERROR) << StringPrintf("%s - No NDEF detected", __func__);
4061 return NFC_STATUS_FAILED;
4062 }
4063
4064 return NFC_STATUS_OK;
4065 }
4066
4067 /*******************************************************************************
4068 **
4069 ** Function RW_I93UpdateNDef
4070 **
4071 ** Description This function performs NDEF update procedure
4072 ** Note: RW_I93DetectNDef () must be called before using this
4073 ** Updating data must not be removed until returning
4074 ** event
4075 **
4076 ** The following event will be returned
4077 ** RW_I93_NDEF_UPDATE_CPLT_EVT for complete
4078 ** RW_I93_NDEF_UPDATE_FAIL_EVT for failure
4079 **
4080 ** Returns NFC_STATUS_OK if success
4081 ** NFC_STATUS_FAILED if I93 is busy or other error
4082 **
4083 *******************************************************************************/
RW_I93UpdateNDef(uint16_t length,uint8_t * p_data)4084 tNFC_STATUS RW_I93UpdateNDef(uint16_t length, uint8_t* p_data) {
4085 uint16_t block_number;
4086
4087 DLOG_IF(INFO, nfc_debug_enabled)
4088 << StringPrintf("%s - length:%d", __func__, length);
4089
4090 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
4091 LOG(ERROR) << StringPrintf("%s - Unable to start command at state (0x%X)",
4092 __func__, rw_cb.tcb.i93.state);
4093 return NFC_STATUS_FAILED;
4094 }
4095
4096 if (rw_cb.tcb.i93.tlv_type == I93_ICODE_TLV_TYPE_NDEF) {
4097 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_READ_ONLY) {
4098 LOG(ERROR) << StringPrintf("%s - NDEF is read-only", __func__);
4099 return NFC_STATUS_FAILED;
4100 }
4101 if (rw_cb.tcb.i93.max_ndef_length < length) {
4102 LOG(ERROR) << StringPrintf(
4103 "%s - data (%d bytes) is more than max NDEF length "
4104 "(%d)",
4105 __func__, length, rw_cb.tcb.i93.max_ndef_length);
4106 return NFC_STATUS_FAILED;
4107 }
4108
4109 rw_cb.tcb.i93.ndef_length = length;
4110 rw_cb.tcb.i93.p_update_data = p_data;
4111
4112 /* read length field */
4113 rw_cb.tcb.i93.rw_offset = rw_cb.tcb.i93.ndef_tlv_start_offset + 1;
4114 rw_cb.tcb.i93.rw_length = 0;
4115
4116 block_number = rw_cb.tcb.i93.rw_offset / rw_cb.tcb.i93.block_size;
4117
4118 if (rw_i93_send_cmd_read_single_block(block_number, false) ==
4119 NFC_STATUS_OK) {
4120 rw_cb.tcb.i93.state = RW_I93_STATE_UPDATE_NDEF;
4121 rw_cb.tcb.i93.sub_state = RW_I93_SUBSTATE_RESET_LEN;
4122 } else {
4123 return NFC_STATUS_FAILED;
4124 }
4125 } else {
4126 LOG(ERROR) << StringPrintf("%s - No NDEF detected", __func__);
4127 return NFC_STATUS_FAILED;
4128 }
4129
4130 return NFC_STATUS_OK;
4131 }
4132
4133 /*******************************************************************************
4134 **
4135 ** Function RW_I93FormatNDef
4136 **
4137 ** Description This function performs formatting procedure
4138 **
4139 ** RW_I93_FORMAT_CPLT_EVT will be returned
4140 **
4141 ** Returns NFC_STATUS_OK if success
4142 ** NFC_STATUS_FAILED if busy or other error
4143 **
4144 *******************************************************************************/
RW_I93FormatNDef(void)4145 tNFC_STATUS RW_I93FormatNDef(void) {
4146 tNFC_STATUS status;
4147 tRW_I93_RW_SUBSTATE sub_state;
4148
4149 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
4150
4151 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
4152 LOG(ERROR) << StringPrintf("Unable to start command at state (0x%X)",
4153 rw_cb.tcb.i93.state);
4154 return NFC_STATUS_FAILED;
4155 }
4156
4157 if ((rw_cb.tcb.i93.product_version == RW_I93_TAG_IT_HF_I_STD_CHIP_INLAY) ||
4158 (rw_cb.tcb.i93.product_version == RW_I93_TAG_IT_HF_I_PRO_CHIP_INLAY)) {
4159 /* These don't support GetSystemInformation and GetMultiBlockSecurityStatus
4160 */
4161 rw_cb.tcb.i93.rw_offset = 0;
4162
4163 /* read blocks with option flag to get block security status */
4164 status = rw_i93_send_cmd_read_single_block(0x0000, true);
4165 sub_state = RW_I93_SUBSTATE_CHECK_READ_ONLY;
4166 } else {
4167 status = rw_i93_send_cmd_inventory(rw_cb.tcb.i93.uid, false, 0x00);
4168 sub_state = RW_I93_SUBSTATE_WAIT_UID;
4169 }
4170
4171 if (status == NFC_STATUS_OK) {
4172 rw_cb.tcb.i93.state = RW_I93_STATE_FORMAT;
4173 rw_cb.tcb.i93.sub_state = sub_state;
4174 rw_cb.tcb.i93.intl_flags = 0;
4175 }
4176
4177 return (status);
4178 }
4179
4180 /*******************************************************************************
4181 **
4182 ** Function RW_I93SetTagReadOnly
4183 **
4184 ** Description This function performs NDEF read-only procedure
4185 ** Note: RW_I93DetectNDef () must be called before using this
4186 ** Updating data must not be removed until returning
4187 ** event
4188 **
4189 ** The RW_I93_SET_TAG_RO_EVT event will be returned.
4190 **
4191 ** Returns NFC_STATUS_OK if success
4192 ** NFC_STATUS_FAILED if I93 is busy or other error
4193 **
4194 *******************************************************************************/
RW_I93SetTagReadOnly(void)4195 tNFC_STATUS RW_I93SetTagReadOnly(void) {
4196 uint8_t cc_blk0[4];
4197
4198 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
4199
4200 if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
4201 LOG(ERROR) << StringPrintf("%s - Unable to start command at state (0x%X)",
4202 __func__, rw_cb.tcb.i93.state);
4203 return NFC_STATUS_FAILED;
4204 }
4205
4206 if ((rw_cb.tcb.i93.tlv_type == I93_ICODE_TLV_TYPE_NDEF) &&
4207 (rw_cb.tcb.i93.i93_t5t_mode != RW_T5T_CC_READ_MEM_INFO)) {
4208 if (rw_cb.tcb.i93.intl_flags & RW_I93_FLAG_READ_ONLY) {
4209 LOG(ERROR) << StringPrintf("%s - NDEF is already read-only", __func__);
4210 return NFC_STATUS_FAILED;
4211 }
4212
4213 /* get CC in the first block */
4214 if (rw_i93_send_cmd_read_single_block(0, false) == NFC_STATUS_OK) {
4215 rw_cb.tcb.i93.state = RW_I93_STATE_SET_READ_ONLY;
4216 rw_cb.tcb.i93.sub_state = RW_I93_SUBSTATE_WAIT_CC;
4217 } else {
4218 return NFC_STATUS_FAILED;
4219 }
4220 } else {
4221 if (rw_cb.tcb.i93.i93_t5t_mode == RW_T5T_CC_READ_MEM_INFO) {
4222 memcpy(cc_blk0, rw_cb.tcb.i93.gre_cc_content, 4);
4223
4224 /* mark CC as read-only */
4225 *(cc_blk0 + 1) |= I93_ICODE_CC_READ_ONLY;
4226
4227 DLOG_IF(INFO, nfc_debug_enabled) << StringPrintf(
4228 "%s - Set CC1 to RO - cc[0]=0x%02x, cc[1]=0x%02x, "
4229 "cc[2]=0x%02x, cc[3]=0x%02x",
4230 __func__, *cc_blk0, *(cc_blk0 + 1), *(cc_blk0 + 2), *(cc_blk0 + 3));
4231
4232 if (rw_i93_send_cmd_write_single_block(0, cc_blk0) == NFC_STATUS_OK) {
4233 rw_cb.tcb.i93.state = RW_I93_STATE_SET_READ_ONLY;
4234 rw_cb.tcb.i93.sub_state = RW_I93_SUBSTATE_WAIT_UPDATE_CC;
4235 } else {
4236 rw_i93_handle_error(NFC_STATUS_FAILED);
4237 return NFC_STATUS_FAILED;
4238 }
4239
4240 return NFC_STATUS_OK;
4241 }
4242 LOG(ERROR) << StringPrintf("%s - No NDEF detected", __func__);
4243 return NFC_STATUS_FAILED;
4244 }
4245
4246 return NFC_STATUS_OK;
4247 }
4248
4249 /*****************************************************************************
4250 **
4251 ** Function RW_I93PresenceCheck
4252 **
4253 ** Description Check if the tag is still in the field.
4254 **
4255 ** The RW_I93_PRESENCE_CHECK_EVT w/ status is used to indicate
4256 ** presence or non-presence.
4257 **
4258 ** Returns NFC_STATUS_OK, if raw data frame sent
4259 ** NFC_STATUS_NO_BUFFERS: unable to allocate a buffer for this
4260 ** operation
4261 ** NFC_STATUS_FAILED: other error
4262 **
4263 *****************************************************************************/
RW_I93PresenceCheck(void)4264 tNFC_STATUS RW_I93PresenceCheck(void) {
4265 tNFC_STATUS status;
4266 tRW_DATA evt_data;
4267
4268 DLOG_IF(INFO, nfc_debug_enabled) << __func__;
4269
4270 if (!rw_cb.p_cback) {
4271 return NFC_STATUS_FAILED;
4272 } else if (rw_cb.tcb.i93.state == RW_I93_STATE_NOT_ACTIVATED) {
4273 evt_data.status = NFC_STATUS_FAILED;
4274 (*rw_cb.p_cback)(RW_I93_PRESENCE_CHECK_EVT, &evt_data);
4275
4276 return NFC_STATUS_OK;
4277 } else if (rw_cb.tcb.i93.state != RW_I93_STATE_IDLE) {
4278 return NFC_STATUS_BUSY;
4279 } else {
4280 rw_cb.tcb.i93.in_pres_check = true;
4281 if (rw_cb.tcb.i93.i93_t5t_mode == RW_I93_GET_SYS_INFO_MEM_INFO) {
4282 /* The support of AFI by the VICC is optional, so do not include AFI */
4283 status = rw_i93_send_cmd_inventory(rw_cb.tcb.i93.uid, false, 0x00);
4284 } else {
4285 /* Extended command not expected for presence check */
4286 rw_cb.tcb.i93.intl_flags &= ~RW_I93_FLAG_EXT_COMMANDS;
4287 status = rw_i93_send_cmd_read_single_block(0, false);
4288 }
4289 rw_cb.tcb.i93.in_pres_check = false;
4290
4291 if (status == NFC_STATUS_OK) {
4292 /* do not retry during presence check */
4293 rw_cb.tcb.i93.retry_count = RW_MAX_RETRIES;
4294 rw_cb.tcb.i93.state = RW_I93_STATE_PRESENCE_CHECK;
4295 }
4296 }
4297
4298 return (status);
4299 }
4300
4301 /*****************************************************************************
4302 **
4303 ** Function RW_I93SetAddressingMode
4304 **
4305 ** Description Set if the tag must be addressed with UID or not.
4306 **
4307 ** The addressing mode (addressed or non-addressed) must be
4308 ** done at the module initialization prior to the Tag
4309 ** activation.
4310 **
4311 ** Returns NFC_STATUS_OK, if mode is stored
4312 ** NFC_STATUS_FAILED: other error
4313 **
4314 *****************************************************************************/
RW_I93SetAddressingMode(bool mode)4315 tNFC_STATUS RW_I93SetAddressingMode(bool mode) {
4316 DLOG_IF(INFO, nfc_debug_enabled)
4317 << StringPrintf("%s - I93 state:%d", __func__, rw_cb.tcb.i93.state);
4318
4319 if (rw_cb.tcb.i93.state == RW_I93_STATE_IDLE) {
4320 DLOG_IF(INFO, nfc_debug_enabled)
4321 << StringPrintf("%s - mode:%d", __func__, mode);
4322 if (mode) {
4323 rw_cb.tcb.i93.addr_mode = RW_I93_MODE_ADDRESSED;
4324 } else {
4325 rw_cb.tcb.i93.addr_mode = RW_I93_MODE_NON_ADDRESSED;
4326 }
4327 return NFC_STATUS_OK;
4328 } else {
4329 return NFC_STATUS_FAILED;
4330 }
4331 }
4332
4333 /*******************************************************************************
4334 **
4335 ** Function rw_i93_get_state_name
4336 **
4337 ** Description This function returns the state name.
4338 **
4339 ** NOTE conditionally compiled to save memory.
4340 **
4341 ** Returns pointer to the name
4342 **
4343 *******************************************************************************/
rw_i93_get_state_name(uint8_t state)4344 std::string rw_i93_get_state_name(uint8_t state) {
4345 switch (state) {
4346 case RW_I93_STATE_NOT_ACTIVATED:
4347 return "NOT_ACTIVATED";
4348 case RW_I93_STATE_IDLE:
4349 return "IDLE";
4350 case RW_I93_STATE_BUSY:
4351 return "BUSY";
4352 case RW_I93_STATE_DETECT_NDEF:
4353 return "NDEF_DETECTION";
4354 case RW_I93_STATE_READ_NDEF:
4355 return "READ_NDEF";
4356 case RW_I93_STATE_UPDATE_NDEF:
4357 return "UPDATE_NDEF";
4358 case RW_I93_STATE_FORMAT:
4359 return "FORMAT";
4360 case RW_I93_STATE_SET_READ_ONLY:
4361 return "SET_READ_ONLY";
4362 case RW_I93_STATE_PRESENCE_CHECK:
4363 return "PRESENCE_CHECK";
4364 default:
4365 return "???? UNKNOWN STATE";
4366 }
4367 }
4368
4369 /*******************************************************************************
4370 **
4371 ** Function rw_i93_get_sub_state_name
4372 **
4373 ** Description This function returns the sub_state name.
4374 **
4375 ** NOTE conditionally compiled to save memory.
4376 **
4377 ** Returns pointer to the name
4378 **
4379 *******************************************************************************/
rw_i93_get_sub_state_name(uint8_t sub_state)4380 std::string rw_i93_get_sub_state_name(uint8_t sub_state) {
4381 switch (sub_state) {
4382 case RW_I93_SUBSTATE_WAIT_UID:
4383 return "WAIT_UID";
4384 case RW_I93_SUBSTATE_WAIT_SYS_INFO:
4385 return "WAIT_SYS_INFO";
4386 case RW_I93_SUBSTATE_WAIT_CC:
4387 return "WAIT_CC";
4388 case RW_I93_SUBSTATE_WAIT_CC_EXT:
4389 return "WAIT_CC_EXT";
4390 case RW_I93_SUBSTATE_SEARCH_NDEF_TLV:
4391 return "SEARCH_NDEF_TLV";
4392 case RW_I93_SUBSTATE_CHECK_LOCK_STATUS:
4393 return "CHECK_LOCK_STATUS";
4394 case RW_I93_SUBSTATE_RESET_LEN:
4395 return "RESET_LEN";
4396 case RW_I93_SUBSTATE_WRITE_NDEF:
4397 return "WRITE_NDEF";
4398 case RW_I93_SUBSTATE_UPDATE_LEN:
4399 return "UPDATE_LEN";
4400 case RW_I93_SUBSTATE_WAIT_RESET_DSFID_AFI:
4401 return "WAIT_RESET_DSFID_AFI";
4402 case RW_I93_SUBSTATE_CHECK_READ_ONLY:
4403 return "CHECK_READ_ONLY";
4404 case RW_I93_SUBSTATE_WRITE_CC_NDEF_TLV:
4405 return "WRITE_CC_NDEF_TLV";
4406 case RW_I93_SUBSTATE_WAIT_UPDATE_CC:
4407 return "WAIT_UPDATE_CC";
4408 case RW_I93_SUBSTATE_LOCK_NDEF_TLV:
4409 return "LOCK_NDEF_TLV";
4410 case RW_I93_SUBSTATE_WAIT_LOCK_CC:
4411 return "WAIT_LOCK_CC";
4412 case RW_I93_SUBSTATE_LOCK_T5T_AREA:
4413 return "LOCK_T5T_AREA";
4414 default:
4415 return "???? UNKNOWN SUBSTATE";
4416 }
4417 }
4418
4419 /*******************************************************************************
4420 **
4421 ** Function rw_i93_get_tag_name
4422 **
4423 ** Description This function returns the tag name.
4424 **
4425 ** NOTE conditionally compiled to save memory.
4426 **
4427 ** Returns pointer to the name
4428 **
4429 *******************************************************************************/
rw_i93_get_tag_name(uint8_t product_version)4430 static std::string rw_i93_get_tag_name(uint8_t product_version) {
4431 switch (product_version) {
4432 case RW_I93_ICODE_SLI:
4433 return "SLI/SLIX";
4434 case RW_I93_ICODE_SLI_S:
4435 return "SLI-S/SLIX-S";
4436 case RW_I93_ICODE_SLI_L:
4437 return "SLI-L/SLIX-L";
4438 case RW_I93_TAG_IT_HF_I_PLUS_INLAY:
4439 return "Tag-it HF-I Plus Inlay";
4440 case RW_I93_TAG_IT_HF_I_PLUS_CHIP:
4441 return "Tag-it HF-I Plus Chip";
4442 case RW_I93_TAG_IT_HF_I_STD_CHIP_INLAY:
4443 return "Tag-it HF-I Standard Chip/Inlyas";
4444 case RW_I93_TAG_IT_HF_I_PRO_CHIP_INLAY:
4445 return "Tag-it HF-I Pro Chip/Inlays";
4446 case RW_I93_STM_LRI1K:
4447 return "LRi1K";
4448 case RW_I93_STM_LRI2K:
4449 return "LRi2K";
4450 case RW_I93_STM_LRIS2K:
4451 return "LRiS2K";
4452 case RW_I93_STM_LRIS64K:
4453 return "LRiS64K";
4454 case RW_I93_STM_M24LR64_R:
4455 return "M24LR64";
4456 case RW_I93_STM_M24LR04E_R:
4457 return "M24LR04E";
4458 case RW_I93_STM_M24LR16E_R:
4459 return "M24LR16E";
4460 case RW_I93_STM_M24LR16D_W:
4461 return "M24LR16D-W";
4462 case RW_I93_STM_M24LR64E_R:
4463 return "M24LR64E";
4464 case RW_I93_STM_ST25DV04K:
4465 return "ST25DV04";
4466 case RW_I93_STM_ST25DVHIK:
4467 return "ST25DV";
4468 case RW_I93_ONS_N36RW02:
4469 return ("N36RW02");
4470 case RW_I93_ONS_N24RF04:
4471 return ("N24RF04");
4472 case RW_I93_ONS_N24RF04E:
4473 return ("N24RF04E");
4474 case RW_I93_ONS_N24RF16:
4475 return ("N24RF16");
4476 case RW_I93_ONS_N24RF16E:
4477 return ("N24RF16E");
4478 case RW_I93_ONS_N24RF64:
4479 return ("N24RF64");
4480 case RW_I93_ONS_N24RF64E:
4481 return ("N24RF64E");
4482 case RW_I93_UNKNOWN_PRODUCT:
4483 default:
4484 return "UNKNOWN";
4485 }
4486 }
4487