From 50b1aff6f6f2a3a127f6121c5dedd8c2fa5a1c4d Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Sun, 14 Nov 2010 23:04:16 +0100 Subject: Initial version of a SAM7 USART based ISO7816-3 T=0 sniffer --- firmware/src/simtrace/iso7816_uart.c | 399 +++++++++++++++++++++++++++++++++++ 1 file changed, 399 insertions(+) create mode 100644 firmware/src/simtrace/iso7816_uart.c (limited to 'firmware/src/simtrace/iso7816_uart.c') diff --git a/firmware/src/simtrace/iso7816_uart.c b/firmware/src/simtrace/iso7816_uart.c new file mode 100644 index 0000000..9022830 --- /dev/null +++ b/firmware/src/simtrace/iso7816_uart.c @@ -0,0 +1,399 @@ +/* Driver for AT91SAM7 USART0 in ISO7816-3 mode + * (C) 2010 by Harald Welte + */ + +#include +#include +#include +#include +#include +#include + +#include +#include + +#include "../simtrace.h" +#include "../openpcd.h" + +#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0])) + +static const AT91PS_USART usart = AT91C_BASE_US0; + +enum iso7816_3_state { + ISO7816_S_RESET, /* in Reset */ + ISO7816_S_WAIT_ATR, /* waiting for ATR to start */ + ISO7816_S_IN_ATR, + ISO7816_S_WAIT_READER, /* waiting for data from reader */ + ISO7816_S_WAIT_CARD, /* waiting for data from card */ +}; + +enum atr_state { + ATR_S_WAIT_TS, + ATR_S_WAIT_T0, + ATR_S_WAIT_TA, + ATR_S_WAIT_TB, + ATR_S_WAIT_TC, + ATR_S_WAIT_TD, + ATR_S_WAIT_HIST, + ATR_S_WAIT_TCK, + ATR_S_DONE, +}; + +struct iso7816_3_handle { + enum iso7816_3_state state; + + u_int8_t fi; + u_int8_t di; + + u_int8_t atr_idx; + u_int8_t atr_hist_len; + u_int8_t atr_last_td; + enum atr_state atr_state; + u_int8_t atr[64]; + + u_int16_t apdu_len; + u_int16_t apdu_idx; +}; + +struct iso7816_3_handle isoh; + + +/* Table 6 from ISO 7816-3 */ +static const u_int16_t fi_table[] = { + 0, 372, 558, 744, 1116, 1488, 1860, 0, + 0, 512, 768, 1024, 1536, 2048, 0, 0 +}; + +/* Table 7 from ISO 7816-3 */ +static const u_int8_t di_table[] = { + 0, 1, 2, 4, 8, 16, 0, 0, + 0, 0, 2, 4, 8, 16, 32, 64, +}; + +static int compute_fidi_ratio(u_int8_t fi, u_int8_t di) +{ + u_int16_t f, d; + int ret; + + if (fi >= ARRAY_SIZE(fi_table) || + di >= ARRAY_SIZE(di_table)) + return -EINVAL; + + f = fi_table[fi]; + if (f == 0) + return -EINVAL; + + d = di_table[di]; + if (d == 0) + return -EINVAL; + + if (di < 8) + ret = f / d; + else + ret = f * d; + + return ret; +} + +static void set_atr_state(struct iso7816_3_handle *ih, enum atr_state new_atrs) +{ + if (new_atrs == ATR_S_WAIT_TS) { + ih->atr_idx = 0; + ih->atr_hist_len = 0; + ih->atr_last_td = 0; + memset(ih->atr, 0, sizeof(ih->atr)); + } else if (ih->atr_state == new_atrs) + return; + + //DEBUGPCR("ATR state %u -> %u", ih->atr_state, new_atrs); + ih->atr_state = new_atrs; +} + +static void set_state(struct iso7816_3_handle *ih, enum iso7816_3_state new_state) +{ + if (new_state == ISO7816_S_WAIT_ATR) { + int rc; + /* Initial Fi / Di ratio */ + ih->fi = 1; + ih->di = 1; + rc = compute_fidi_ratio(ih->fi, ih->di); + DEBUGPCRF("computed Fi(%u) Di(%u) ratio: %d", ih->fi, ih->di, rc); + usart->US_FIDI = rc & 0x3ff; + set_atr_state(ih, ATR_S_WAIT_TS); + } else if (new_state == ISO7816_S_WAIT_READER) { + /* CLA INS P1 P2 LEN */ + ih->apdu_len = 5; + ih->apdu_idx = 0; + } else if (new_state == ISO7816_S_WAIT_CARD) { + /* 8.2.2 procedure bytes sent by the card */ + /* FIXME: NULL byte and similar oddities */ + ih->apdu_len += 2; + } + + if (ih->state == new_state) + return; + + DEBUGPCR("7816 state %u -> %u", ih->state, new_state); + ih->state = new_state; +} + +/* determine the next ATR state based on received interface byte */ +static enum atr_state next_intb_state(struct iso7816_3_handle *ih, u_int8_t ch) +{ + switch (ih->atr_state) { + case ATR_S_WAIT_TD: + case ATR_S_WAIT_T0: + ih->atr_last_td = ch; + goto from_td; + case ATR_S_WAIT_TC: + goto from_tc; + case ATR_S_WAIT_TB: + goto from_tb; + case ATR_S_WAIT_TA: + if ((ih->atr_last_td & 0x0f) == 0) { + /* This must be TA1 */ + ih->fi = ch >> 4; + ih->di = ch & 0xf; + DEBUGPCR("found Fi=%u Di=%u", ih->fi, ih->di); + } + goto from_ta; + } + + DEBUGPCR("something wrong, old_state != TA"); + return ATR_S_WAIT_TCK; + +from_td: + if (ih->atr_last_td & 0x10) + return ATR_S_WAIT_TA; +from_ta: + if (ih->atr_last_td & 0x20) + return ATR_S_WAIT_TB; +from_tb: + if (ih->atr_last_td & 0x40) + return ATR_S_WAIT_TC; +from_tc: + if (ih->atr_last_td & 0x80) + return ATR_S_WAIT_TD; + + return ATR_S_WAIT_HIST; +} + +/* process an incomng ATR byte */ +static enum iso7816_3_state +process_byte_atr(struct iso7816_3_handle *ih, u_int8_t byte) +{ + int rc; + + /* add byte to ATR buffer */ + ih->atr[ih->atr_idx] = byte; + ih->atr_idx++; + + switch (ih->atr_state) { + case ATR_S_WAIT_TS: + /* FIXME: if we don't have the RST line we might get this */ + if (byte == 0) { + ih->atr_idx--; + break; + } + /* FIXME: check inverted logic */ + set_atr_state(ih, ATR_S_WAIT_T0); + break; + case ATR_S_WAIT_T0: + ih->atr_hist_len = byte & 0xf; + set_atr_state(ih, next_intb_state(ih, byte & 0xf0)); + break; + case ATR_S_WAIT_TA: + case ATR_S_WAIT_TB: + case ATR_S_WAIT_TC: + case ATR_S_WAIT_TD: + set_atr_state(ih, next_intb_state(ih, byte)); + break; + case ATR_S_WAIT_HIST: + ih->atr_hist_len--; + if (ih->atr_hist_len == 0) + set_atr_state(ih, ATR_S_WAIT_TCK); + break; + case ATR_S_WAIT_TCK: + /* FIXME: process TCK */ + set_atr_state(ih, ATR_S_DONE); + /* FIXME: update Fi/Di */ + rc = compute_fidi_ratio(ih->fi, ih->di); + if (rc > 0 && rc < 0x400) { + DEBUGPCR("computed FiDi ratio %d", rc); + /* update baud rate generator in UART */ + usart->US_CR |= AT91C_US_RXDIS| AT91C_US_RSTRX; + usart->US_FIDI = rc & 0x3ff; + usart->US_CR |= AT91C_US_RXEN; + } else + DEBUGPCRF("computed FiDi ratio %d unsupported", rc); + return ISO7816_S_WAIT_READER; + } + + return ISO7816_S_IN_ATR; +} + +/* process an incomng byte from the reader */ +static enum iso7816_3_state +process_byte_reader(struct iso7816_3_handle *ih, u_int8_t byte) +{ + /* add response length to total number of expected bytes */ + if (ih->apdu_idx == 4) + ih->apdu_len += byte; + + ih->apdu_idx++; + + /* once we have received all bytes, transition to card response */ + if (ih->apdu_idx == ih->apdu_len) + return ISO7816_S_WAIT_CARD; + + return ISO7816_S_WAIT_READER; +} + +/* process an incomng byte from the card */ +static enum iso7816_3_state +process_byte_card(struct iso7816_3_handle *ih, u_int8_t byte) +{ + ih->apdu_idx++; + + /* once we have received all bytes, apdu is finished */ + if (ih->apdu_idx == ih->apdu_len) + return ISO7816_S_WAIT_READER; + + return ISO7816_S_WAIT_CARD; +} + + +void process_byte(struct iso7816_3_handle *ih, u_int8_t byte) +{ + int new_state = -1; + + switch (ih->state) { + case ISO7816_S_RESET: + break; + case ISO7816_S_WAIT_ATR: + case ISO7816_S_IN_ATR: + new_state = process_byte_atr(ih, byte); + break; + case ISO7816_S_WAIT_READER: + new_state = process_byte_reader(ih, byte); + break; + case ISO7816_S_WAIT_CARD: + //new_state = process_byte_card(ih, byte); + break; + } + + if (new_state != -1) + set_state(ih, new_state); +} + +static int __ramfunc usart_irq(void) +{ + u_int32_t csr = usart->US_CSR; + u_int8_t octet; + + //DEBUGP("USART IRQ, CSR=0x%08x\n", csr); + + if (csr & AT91C_US_RXRDY) { + /* at least one character received */ + octet = usart->US_RHR & 0xff; + DEBUGP("%02x ", octet); + process_byte(&isoh, octet); + } + + if (csr & AT91C_US_TXRDY) { + /* nothing to transmit anymore */ + } + + if (csr & (AT91C_US_PARE|AT91C_US_FRAME|AT91C_US_OVRE)) { + /* some error has occurrerd */ + } +} + +void iso_uart_dump(void) +{ + u_int32_t csr = usart->US_CSR; + + DEBUGPCR("USART CSR=0x%08x", csr); +} + +void iso_uart_rst(unsigned int state) +{ + DEBUGPCR("USART nRST set state=%u", state); + switch (state) { + case 0: + AT91F_PIO_ClearOutput(AT91C_BASE_PIOA, SIMTRACE_PIO_nRST); + AT91F_PIO_CfgOutput(AT91C_BASE_PIOA, SIMTRACE_PIO_nRST); + break; + case 1: + AT91F_PIO_SetOutput(AT91C_BASE_PIOA, SIMTRACE_PIO_nRST); + AT91F_PIO_CfgOutput(AT91C_BASE_PIOA, SIMTRACE_PIO_nRST); + break; + default: + AT91F_PIO_CfgInput(AT91C_BASE_PIOA, SIMTRACE_PIO_nRST); + break; + } +} + +void iso_uart_rx_mode(void) +{ + DEBUGPCR("USART Entering Rx Mode"); + /* Enable receive interrupts */ + usart->US_IER = AT91C_US_RXRDY | AT91C_US_OVRE | AT91C_US_FRAME | + AT91C_US_PARE | AT91C_US_NACK | AT91C_US_ITERATION; + + /* Enable the receiver */ + usart->US_CR = AT91C_US_RXEN; + + set_state(&isoh, ISO7816_S_WAIT_ATR); +} + +void iso_uart_clk_master(unsigned int master) +{ + DEBUGPCR("USART Clock Master %u", master); + if (master) { + usart->US_MR = AT91C_US_USMODE_ISO7816_0 | AT91C_US_CLKS_CLOCK | + AT91C_US_CHRL_8_BITS | AT91C_US_NBSTOP_1_BIT | + AT91C_US_CKLO; + usart->US_BRGR = (0x0000 << 16) | 16; + } else { + usart->US_MR = AT91C_US_USMODE_ISO7816_0 | AT91C_US_CLKS_EXT | + AT91C_US_CHRL_8_BITS | AT91C_US_NBSTOP_1_BIT | + AT91C_US_CKLO; + usart->US_BRGR = (0x0000 << 16) | 0x0001; + } +} + +void iso_uart_init(void) +{ + DEBUGPCR("USART Initializing"); + + AT91F_US0_CfgPMC(); + + /* configure all 3 signals as input */ + AT91F_PIO_CfgPeriph(AT91C_BASE_PIOA, SIMTRACE_PIO_IO, SIMTRACE_PIO_CLK); + + AT91F_PIO_CfgInput(AT91C_BASE_PIOA, SIMTRACE_PIO_nRST); + + AT91F_AIC_ConfigureIt(AT91C_BASE_AIC, AT91C_ID_US0, + OPENPCD_IRQ_PRIO_USART, + AT91C_AIC_SRCTYPE_INT_HIGH_LEVEL, &usart_irq); + + AT91F_AIC_EnableIt(AT91C_BASE_AIC, AT91C_ID_US0); + + usart->US_CR = AT91C_US_RXDIS | AT91C_US_TXDIS | (AT91C_US_RSTRX | AT91C_US_RSTTX); + /* FIXME: wait for some time */ + usart->US_CR = AT91C_US_RXDIS | AT91C_US_TXDIS; + + usart->US_MR = AT91C_US_USMODE_ISO7816_0 | AT91C_US_CLKS_EXT | + AT91C_US_CHRL_8_BITS | AT91C_US_NBSTOP_1_BIT | + AT91C_US_CKLO; + + /* Disable all interrupts */ + usart->US_IDR = 0xff; + /* Clock Divider = 1, i.e. no division of SCLK */ + usart->US_BRGR = (0x0000 << 16) | 0x0001; + /* Disable Receiver Time-out */ + usart->US_RTOR = 0; + /* Disable Transmitter Timeguard */ + usart->US_TTGR = 0; +} -- cgit v1.2.3 From 9520b0bea118668d81e3e1a53cdc2e1b43f169f9 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Sun, 14 Nov 2010 23:44:46 +0100 Subject: simtrace: introduce RST pin handling --- firmware/src/simtrace/iso7816_uart.c | 44 ++++++++++++++++++++++++++---------- 1 file changed, 32 insertions(+), 12 deletions(-) (limited to 'firmware/src/simtrace/iso7816_uart.c') diff --git a/firmware/src/simtrace/iso7816_uart.c b/firmware/src/simtrace/iso7816_uart.c index 9022830..6ed797c 100644 --- a/firmware/src/simtrace/iso7816_uart.c +++ b/firmware/src/simtrace/iso7816_uart.c @@ -11,6 +11,7 @@ #include #include +#include #include "../simtrace.h" #include "../openpcd.h" @@ -111,14 +112,18 @@ static void set_atr_state(struct iso7816_3_handle *ih, enum atr_state new_atrs) static void set_state(struct iso7816_3_handle *ih, enum iso7816_3_state new_state) { - if (new_state == ISO7816_S_WAIT_ATR) { + if (new_state == ISO7816_S_RESET) { + usart->US_CR |= AT91C_US_RXDIS | AT91C_US_RSTRX; + } else if (new_state == ISO7816_S_WAIT_ATR) { int rc; /* Initial Fi / Di ratio */ ih->fi = 1; ih->di = 1; rc = compute_fidi_ratio(ih->fi, ih->di); DEBUGPCRF("computed Fi(%u) Di(%u) ratio: %d", ih->fi, ih->di, rc); + usart->US_CR |= AT91C_US_RXDIS | AT91C_US_RSTRX; usart->US_FIDI = rc & 0x3ff; + usart->US_CR |= AT91C_US_RXEN; set_atr_state(ih, ATR_S_WAIT_TS); } else if (new_state == ISO7816_S_WAIT_READER) { /* CLA INS P1 P2 LEN */ @@ -157,11 +162,11 @@ static enum atr_state next_intb_state(struct iso7816_3_handle *ih, u_int8_t ch) DEBUGPCR("found Fi=%u Di=%u", ih->fi, ih->di); } goto from_ta; + default: + DEBUGPCR("something wrong, old_state != TA"); + return ATR_S_WAIT_TCK; } - DEBUGPCR("something wrong, old_state != TA"); - return ATR_S_WAIT_TCK; - from_td: if (ih->atr_last_td & 0x10) return ATR_S_WAIT_TA; @@ -278,7 +283,7 @@ void process_byte(struct iso7816_3_handle *ih, u_int8_t byte) new_state = process_byte_reader(ih, byte); break; case ISO7816_S_WAIT_CARD: - //new_state = process_byte_card(ih, byte); + new_state = process_byte_card(ih, byte); break; } @@ -286,7 +291,7 @@ void process_byte(struct iso7816_3_handle *ih, u_int8_t byte) set_state(ih, new_state); } -static int __ramfunc usart_irq(void) +static __ramfunc void usart_irq(void) { u_int32_t csr = usart->US_CSR; u_int8_t octet; @@ -309,6 +314,18 @@ static int __ramfunc usart_irq(void) } } +/* handler for the RST input pin state change */ +static void reset_pin_irq(u_int32_t pio) +{ + if (!AT91F_PIO_IsInputSet(AT91C_BASE_PIOA, pio)) { + DEBUGPCR("nRST"); + set_state(&isoh, ISO7816_S_RESET); + } else { + DEBUGPCR("RST"); + set_state(&isoh, ISO7816_S_WAIT_ATR); + } +} + void iso_uart_dump(void) { u_int32_t csr = usart->US_CSR; @@ -318,7 +335,7 @@ void iso_uart_dump(void) void iso_uart_rst(unsigned int state) { - DEBUGPCR("USART nRST set state=%u", state); + DEBUGPCR("USART set nRST set state=%u", state); switch (state) { case 0: AT91F_PIO_ClearOutput(AT91C_BASE_PIOA, SIMTRACE_PIO_nRST); @@ -341,10 +358,9 @@ void iso_uart_rx_mode(void) usart->US_IER = AT91C_US_RXRDY | AT91C_US_OVRE | AT91C_US_FRAME | AT91C_US_PARE | AT91C_US_NACK | AT91C_US_ITERATION; - /* Enable the receiver */ - usart->US_CR = AT91C_US_RXEN; - set_state(&isoh, ISO7816_S_WAIT_ATR); + /* call interrupt handler once to set initial state RESET / ATR */ + reset_pin_irq(SIMTRACE_PIO_nRST); } void iso_uart_clk_master(unsigned int master) @@ -367,23 +383,23 @@ void iso_uart_init(void) { DEBUGPCR("USART Initializing"); + /* make sure we get clock from the power management controller */ AT91F_US0_CfgPMC(); /* configure all 3 signals as input */ AT91F_PIO_CfgPeriph(AT91C_BASE_PIOA, SIMTRACE_PIO_IO, SIMTRACE_PIO_CLK); - AT91F_PIO_CfgInput(AT91C_BASE_PIOA, SIMTRACE_PIO_nRST); AT91F_AIC_ConfigureIt(AT91C_BASE_AIC, AT91C_ID_US0, OPENPCD_IRQ_PRIO_USART, AT91C_AIC_SRCTYPE_INT_HIGH_LEVEL, &usart_irq); - AT91F_AIC_EnableIt(AT91C_BASE_AIC, AT91C_ID_US0); usart->US_CR = AT91C_US_RXDIS | AT91C_US_TXDIS | (AT91C_US_RSTRX | AT91C_US_RSTTX); /* FIXME: wait for some time */ usart->US_CR = AT91C_US_RXDIS | AT91C_US_TXDIS; + /* ISO7816 T=0 mode with external clock input */ usart->US_MR = AT91C_US_USMODE_ISO7816_0 | AT91C_US_CLKS_EXT | AT91C_US_CHRL_8_BITS | AT91C_US_NBSTOP_1_BIT | AT91C_US_CKLO; @@ -396,4 +412,8 @@ void iso_uart_init(void) usart->US_RTOR = 0; /* Disable Transmitter Timeguard */ usart->US_TTGR = 0; + + pio_irq_register(SIMTRACE_PIO_nRST, &reset_pin_irq); + AT91F_PIO_CfgInputFilter(AT91C_BASE_PIOA, SIMTRACE_PIO_nRST); + pio_irq_enable(SIMTRACE_PIO_nRST); } -- cgit v1.2.3 From 3c29506f17ff4a30a3d988361c67d2ec1af13eeb Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Thu, 18 Nov 2010 14:09:31 +0100 Subject: simtrace: add TC based waiting time counter, signal ATR / expiry via USB --- firmware/src/simtrace/iso7816_uart.c | 226 +++++++++++++++++++++++------------ 1 file changed, 151 insertions(+), 75 deletions(-) (limited to 'firmware/src/simtrace/iso7816_uart.c') diff --git a/firmware/src/simtrace/iso7816_uart.c b/firmware/src/simtrace/iso7816_uart.c index 6ed797c..18335f6 100644 --- a/firmware/src/simtrace/iso7816_uart.c +++ b/firmware/src/simtrace/iso7816_uart.c @@ -1,5 +1,20 @@ -/* Driver for AT91SAM7 USART0 in ISO7816-3 mode +/* Driver for AT91SAM7 USART0 in ISO7816-3 mode for passive sniffing * (C) 2010 by Harald Welte + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * */ #include @@ -9,6 +24,8 @@ #include #include +#include + #include #include #include @@ -23,11 +40,12 @@ static const AT91PS_USART usart = AT91C_BASE_US0; enum iso7816_3_state { ISO7816_S_RESET, /* in Reset */ ISO7816_S_WAIT_ATR, /* waiting for ATR to start */ - ISO7816_S_IN_ATR, - ISO7816_S_WAIT_READER, /* waiting for data from reader */ - ISO7816_S_WAIT_CARD, /* waiting for data from card */ + ISO7816_S_IN_ATR, /* while we are receiving the ATR */ + ISO7816_S_WAIT_APDU, /* waiting for start of new APDU */ + ISO7816_S_IN_APDU, /* inside a single APDU */ }; +/* detailed sub-states of ISO7816_S_IN_ATR */ enum atr_state { ATR_S_WAIT_TS, ATR_S_WAIT_T0, @@ -45,6 +63,8 @@ struct iso7816_3_handle { u_int8_t fi; u_int8_t di; + u_int8_t wi; + u_int32_t waiting_time; u_int8_t atr_idx; u_int8_t atr_hist_len; @@ -52,8 +72,9 @@ struct iso7816_3_handle { enum atr_state atr_state; u_int8_t atr[64]; - u_int16_t apdu_len; - u_int16_t apdu_idx; + struct simtrace_hdr sh; + + struct req_ctx *rctx; }; struct iso7816_3_handle isoh; @@ -71,6 +92,7 @@ static const u_int8_t di_table[] = { 0, 0, 2, 4, 8, 16, 32, 64, }; +/* compute the F/D ratio based on Fi and Di values */ static int compute_fidi_ratio(u_int8_t fi, u_int8_t di) { u_int16_t f, d; @@ -96,6 +118,43 @@ static int compute_fidi_ratio(u_int8_t fi, u_int8_t di) return ret; } +static void refill_rctx(struct iso7816_3_handle *ih) +{ + struct req_ctx *rctx; + + rctx = req_ctx_find_get(0, RCTX_STATE_FREE, + RCTX_STATE_LIBRFID_BUSY); + if (!rctx) { + ih->rctx = NULL; + return; + } + + ih->sh.cmd = SIMTRACE_MSGT_DATA; + + /* reserve spece at start of rctx */ + rctx->tot_len = sizeof(struct simtrace_hdr); + + ih->rctx = rctx; +} + +static void send_rctx(struct iso7816_3_handle *ih) +{ + struct req_ctx *rctx = ih->rctx; + + if (!rctx) + return; + + /* copy the simtrace header */ + memcpy(rctx->data, &ih->sh, sizeof(ih->sh)); + + req_ctx_set_state(rctx, RCTX_STATE_UDP_EP2_PENDING); + + memset(&ih->sh, 0, sizeof(ih->sh)); + ih->rctx = NULL; +} + + +/* Update the ATR sub-state */ static void set_atr_state(struct iso7816_3_handle *ih, enum atr_state new_atrs) { if (new_atrs == ATR_S_WAIT_TS) { @@ -110,30 +169,48 @@ static void set_atr_state(struct iso7816_3_handle *ih, enum atr_state new_atrs) ih->atr_state = new_atrs; } +#define ISO7816_3_INIT_WTIME 9600 +#define ISO7816_3_DEFAULT_WI 10 + +static void update_fidi(struct iso7816_3_handle *ih) +{ + int rc; + + rc = compute_fidi_ratio(ih->fi, ih->di); + if (rc > 0 && rc < 0x400) { + DEBUGPCR("computed Fi(%u) Di(%u) ratio: %d", ih->fi, ih->di, rc); + /* make sure UART uses new F/D ratio */ + usart->US_CR |= AT91C_US_RXDIS | AT91C_US_RSTRX; + usart->US_FIDI = rc & 0x3ff; + usart->US_CR |= AT91C_US_RXEN | AT91C_US_STTTO; + /* notify ETU timer about this */ + tc_etu_set_etu(rc); + } else + DEBUGPCRF("computed FiDi ratio %d unsupported", rc); +} + +/* Update the ISO 7816-3 APDU receiver state */ static void set_state(struct iso7816_3_handle *ih, enum iso7816_3_state new_state) { if (new_state == ISO7816_S_RESET) { usart->US_CR |= AT91C_US_RXDIS | AT91C_US_RSTRX; } else if (new_state == ISO7816_S_WAIT_ATR) { - int rc; - /* Initial Fi / Di ratio */ + /* Reset to initial Fi / Di ratio */ ih->fi = 1; ih->di = 1; - rc = compute_fidi_ratio(ih->fi, ih->di); - DEBUGPCRF("computed Fi(%u) Di(%u) ratio: %d", ih->fi, ih->di, rc); - usart->US_CR |= AT91C_US_RXDIS | AT91C_US_RSTRX; - usart->US_FIDI = rc & 0x3ff; - usart->US_CR |= AT91C_US_RXEN; + update_fidi(ih); + /* initialize todefault WI, this will be overwritten if we + * receive TC2, and it will be programmed into hardware after + * ATR is finished */ + ih->wi = ISO7816_3_DEFAULT_WI; + /* update waiting time to initial waiting time */ + ih->waiting_time = ISO7816_3_INIT_WTIME; + tc_etu_set_wtime(ih->waiting_time); + /* Set ATR sub-state to initial state */ set_atr_state(ih, ATR_S_WAIT_TS); - } else if (new_state == ISO7816_S_WAIT_READER) { - /* CLA INS P1 P2 LEN */ - ih->apdu_len = 5; - ih->apdu_idx = 0; - } else if (new_state == ISO7816_S_WAIT_CARD) { - /* 8.2.2 procedure bytes sent by the card */ - /* FIXME: NULL byte and similar oddities */ - ih->apdu_len += 2; - } + /* Notice that we are just coming out of reset */ + ih->sh.flags |= SIMTRACE_FLAG_ATR; + } if (ih->state == new_state) return; @@ -151,6 +228,10 @@ static enum atr_state next_intb_state(struct iso7816_3_handle *ih, u_int8_t ch) ih->atr_last_td = ch; goto from_td; case ATR_S_WAIT_TC: + if ((ih->atr_last_td & 0x0f) == 0x02) { + /* TC2 contains WI */ + ih->wi = ch; + } goto from_tc; case ATR_S_WAIT_TB: goto from_tb; @@ -204,7 +285,9 @@ process_byte_atr(struct iso7816_3_handle *ih, u_int8_t byte) set_atr_state(ih, ATR_S_WAIT_T0); break; case ATR_S_WAIT_T0: + /* obtain the number of historical bytes */ ih->atr_hist_len = byte & 0xf; + /* Mask out the hist-byte-length to indiicate T=0 */ set_atr_state(ih, next_intb_state(ih, byte & 0xf0)); break; case ATR_S_WAIT_TA: @@ -215,62 +298,31 @@ process_byte_atr(struct iso7816_3_handle *ih, u_int8_t byte) break; case ATR_S_WAIT_HIST: ih->atr_hist_len--; + /* after all historical bytes are recieved, go to TCK */ if (ih->atr_hist_len == 0) set_atr_state(ih, ATR_S_WAIT_TCK); break; case ATR_S_WAIT_TCK: - /* FIXME: process TCK */ + /* FIXME: process and verify the TCK */ set_atr_state(ih, ATR_S_DONE); - /* FIXME: update Fi/Di */ - rc = compute_fidi_ratio(ih->fi, ih->di); - if (rc > 0 && rc < 0x400) { - DEBUGPCR("computed FiDi ratio %d", rc); - /* update baud rate generator in UART */ - usart->US_CR |= AT91C_US_RXDIS| AT91C_US_RSTRX; - usart->US_FIDI = rc & 0x3ff; - usart->US_CR |= AT91C_US_RXEN; - } else - DEBUGPCRF("computed FiDi ratio %d unsupported", rc); - return ISO7816_S_WAIT_READER; + /* update baud rate generator with Fi/Di */ + update_fidi(ih); + /* update the waiting time */ + ih->waiting_time = 960 * di_table[ih->di] * ih->wi; + tc_etu_set_wtime(ih->waiting_time); + return ISO7816_S_WAIT_APDU; } return ISO7816_S_IN_ATR; } -/* process an incomng byte from the reader */ -static enum iso7816_3_state -process_byte_reader(struct iso7816_3_handle *ih, u_int8_t byte) -{ - /* add response length to total number of expected bytes */ - if (ih->apdu_idx == 4) - ih->apdu_len += byte; - - ih->apdu_idx++; - - /* once we have received all bytes, transition to card response */ - if (ih->apdu_idx == ih->apdu_len) - return ISO7816_S_WAIT_CARD; - - return ISO7816_S_WAIT_READER; -} - -/* process an incomng byte from the card */ -static enum iso7816_3_state -process_byte_card(struct iso7816_3_handle *ih, u_int8_t byte) -{ - ih->apdu_idx++; - - /* once we have received all bytes, apdu is finished */ - if (ih->apdu_idx == ih->apdu_len) - return ISO7816_S_WAIT_READER; - - return ISO7816_S_WAIT_CARD; -} - - -void process_byte(struct iso7816_3_handle *ih, u_int8_t byte) +static void process_byte(struct iso7816_3_handle *ih, u_int8_t byte) { int new_state = -1; + struct req_ctx *rctx; + + if (!ih->rctx) + refill_rctx(ih); switch (ih->state) { case ISO7816_S_RESET: @@ -279,18 +331,40 @@ void process_byte(struct iso7816_3_handle *ih, u_int8_t byte) case ISO7816_S_IN_ATR: new_state = process_byte_atr(ih, byte); break; - case ISO7816_S_WAIT_READER: - new_state = process_byte_reader(ih, byte); - break; - case ISO7816_S_WAIT_CARD: - new_state = process_byte_card(ih, byte); + case ISO7816_S_WAIT_APDU: + case ISO7816_S_IN_APDU: + new_state = ISO7816_S_IN_APDU; break; } + rctx = ih->rctx; + if (!rctx) { + DEBUGPCR("==> Lost byte, missing rctx"); + return; + } + + /* store the byte in the USB request context */ + rctx->data[rctx->tot_len] = byte; + rctx->tot_len++; + + if (rctx->tot_len >= rctx->size) + send_rctx(ih); + if (new_state != -1) set_state(ih, new_state); } +/* timeout of work waiting time during receive */ +void iso7816_wtime_expired(void) +{ + /* Always flush the URB at Rx timeout as this indicates end of APDU */ + if (isoh.rctx) { + isoh.sh.flags |= SIMTRACE_FLAG_WTIME_EXP; + send_rctx(&isoh); + } + set_state(&isoh, ISO7816_S_WAIT_APDU); +} + static __ramfunc void usart_irq(void) { u_int32_t csr = usart->US_CSR; @@ -301,7 +375,7 @@ static __ramfunc void usart_irq(void) if (csr & AT91C_US_RXRDY) { /* at least one character received */ octet = usart->US_RHR & 0xff; - DEBUGP("%02x ", octet); + //DEBUGP("%02x ", octet); process_byte(&isoh, octet); } @@ -310,7 +384,7 @@ static __ramfunc void usart_irq(void) } if (csr & (AT91C_US_PARE|AT91C_US_FRAME|AT91C_US_OVRE)) { - /* some error has occurrerd */ + /* FIXME: some error has occurrerd */ } } @@ -358,7 +432,6 @@ void iso_uart_rx_mode(void) usart->US_IER = AT91C_US_RXRDY | AT91C_US_OVRE | AT91C_US_FRAME | AT91C_US_PARE | AT91C_US_NACK | AT91C_US_ITERATION; - /* call interrupt handler once to set initial state RESET / ATR */ reset_pin_irq(SIMTRACE_PIO_nRST); } @@ -383,6 +456,8 @@ void iso_uart_init(void) { DEBUGPCR("USART Initializing"); + refill_rctx(&isoh); + /* make sure we get clock from the power management controller */ AT91F_US0_CfgPMC(); @@ -395,7 +470,8 @@ void iso_uart_init(void) AT91C_AIC_SRCTYPE_INT_HIGH_LEVEL, &usart_irq); AT91F_AIC_EnableIt(AT91C_BASE_AIC, AT91C_ID_US0); - usart->US_CR = AT91C_US_RXDIS | AT91C_US_TXDIS | (AT91C_US_RSTRX | AT91C_US_RSTTX); + usart->US_CR = AT91C_US_RXDIS | AT91C_US_TXDIS | + (AT91C_US_RSTRX | AT91C_US_RSTTX); /* FIXME: wait for some time */ usart->US_CR = AT91C_US_RXDIS | AT91C_US_TXDIS; -- cgit v1.2.3 From 450a9326082248bcf62920f3ee078df8dcb07310 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Thu, 18 Nov 2010 15:12:42 +0100 Subject: simtrace: Introduce code for proper handling of PTS / PPS --- firmware/src/simtrace/iso7816_uart.c | 160 ++++++++++++++++++++++++++++++++--- 1 file changed, 148 insertions(+), 12 deletions(-) (limited to 'firmware/src/simtrace/iso7816_uart.c') diff --git a/firmware/src/simtrace/iso7816_uart.c b/firmware/src/simtrace/iso7816_uart.c index 18335f6..12669c4 100644 --- a/firmware/src/simtrace/iso7816_uart.c +++ b/firmware/src/simtrace/iso7816_uart.c @@ -43,6 +43,7 @@ enum iso7816_3_state { ISO7816_S_IN_ATR, /* while we are receiving the ATR */ ISO7816_S_WAIT_APDU, /* waiting for start of new APDU */ ISO7816_S_IN_APDU, /* inside a single APDU */ + ISO7816_S_IN_PTS, /* while we are inside the PTS / PSS */ }; /* detailed sub-states of ISO7816_S_IN_ATR */ @@ -58,6 +59,29 @@ enum atr_state { ATR_S_DONE, }; +/* detailed sub-states of ISO7816_S_IN_PTS */ +enum pts_state { + PTS_S_WAIT_REQ_PTSS, + PTS_S_WAIT_REQ_PTS0, + PTS_S_WAIT_REQ_PTS1, + PTS_S_WAIT_REQ_PTS2, + PTS_S_WAIT_REQ_PTS3, + PTS_S_WAIT_REQ_PCK, + PTS_S_WAIT_RESP_PTSS = PTS_S_WAIT_REQ_PTSS | 0x10, + PTS_S_WAIT_RESP_PTS0 = PTS_S_WAIT_REQ_PTS0 | 0x10, + PTS_S_WAIT_RESP_PTS1 = PTS_S_WAIT_REQ_PTS1 | 0x10, + PTS_S_WAIT_RESP_PTS2 = PTS_S_WAIT_REQ_PTS2 | 0x10, + PTS_S_WAIT_RESP_PTS3 = PTS_S_WAIT_REQ_PTS3 | 0x10, + PTS_S_WAIT_RESP_PCK = PTS_S_WAIT_REQ_PCK | 0x10, +}; + +#define _PTSS 0 +#define _PTS0 1 +#define _PTS1 2 +#define _PTS2 3 +#define _PTS3 4 +#define _PCK 5 + struct iso7816_3_handle { enum iso7816_3_state state; @@ -66,12 +90,16 @@ struct iso7816_3_handle { u_int8_t wi; u_int32_t waiting_time; + enum atr_state atr_state; u_int8_t atr_idx; u_int8_t atr_hist_len; u_int8_t atr_last_td; - enum atr_state atr_state; u_int8_t atr[64]; + enum pts_state pts_state; + u_int8_t pts_req[6]; + u_int8_t pts_resp[6]; + struct simtrace_hdr sh; struct req_ctx *rctx; @@ -215,7 +243,7 @@ static void set_state(struct iso7816_3_handle *ih, enum iso7816_3_state new_stat if (ih->state == new_state) return; - DEBUGPCR("7816 state %u -> %u", ih->state, new_state); + //DEBUGPCR("7816 state %u -> %u", ih->state, new_state); ih->state = new_state; } @@ -236,12 +264,6 @@ static enum atr_state next_intb_state(struct iso7816_3_handle *ih, u_int8_t ch) case ATR_S_WAIT_TB: goto from_tb; case ATR_S_WAIT_TA: - if ((ih->atr_last_td & 0x0f) == 0) { - /* This must be TA1 */ - ih->fi = ch >> 4; - ih->di = ch & 0xf; - DEBUGPCR("found Fi=%u Di=%u", ih->fi, ih->di); - } goto from_ta; default: DEBUGPCR("something wrong, old_state != TA"); @@ -268,8 +290,6 @@ from_tc: static enum iso7816_3_state process_byte_atr(struct iso7816_3_handle *ih, u_int8_t byte) { - int rc; - /* add byte to ATR buffer */ ih->atr[ih->atr_idx] = byte; ih->atr_idx++; @@ -305,8 +325,6 @@ process_byte_atr(struct iso7816_3_handle *ih, u_int8_t byte) case ATR_S_WAIT_TCK: /* FIXME: process and verify the TCK */ set_atr_state(ih, ATR_S_DONE); - /* update baud rate generator with Fi/Di */ - update_fidi(ih); /* update the waiting time */ ih->waiting_time = 960 * di_table[ih->di] * ih->wi; tc_etu_set_wtime(ih->waiting_time); @@ -316,6 +334,113 @@ process_byte_atr(struct iso7816_3_handle *ih, u_int8_t byte) return ISO7816_S_IN_ATR; } +/* Update the ATR sub-state */ +static void set_pts_state(struct iso7816_3_handle *ih, enum pts_state new_ptss) +{ + //DEBUGPCR("PTS state %u -> %u", ih->pts_state, new_ptss); + ih->pts_state = new_ptss; +} + +/* Determine the next PTS state */ +static enum pts_state next_pts_state(struct iso7816_3_handle *ih) +{ + u_int8_t is_resp = ih->pts_state & 0x10; + u_int8_t sstate = ih->pts_state & 0x0f; + u_int8_t *pts_ptr; + + if (!is_resp) + pts_ptr = ih->pts_req; + else + pts_ptr = ih->pts_resp; + + switch (sstate) { + case PTS_S_WAIT_REQ_PTSS: + goto from_ptss; + case PTS_S_WAIT_REQ_PTS0: + goto from_pts0; + case PTS_S_WAIT_REQ_PTS1: + goto from_pts1; + case PTS_S_WAIT_REQ_PTS2: + goto from_pts2; + case PTS_S_WAIT_REQ_PTS3: + goto from_pts3; + } + + if (ih->pts_state == PTS_S_WAIT_REQ_PCK) + return PTS_S_WAIT_RESP_PTSS; + +from_ptss: + return PTS_S_WAIT_REQ_PTS0 | is_resp; +from_pts0: + if (pts_ptr[_PTS0] & (1 << 4)) + return PTS_S_WAIT_REQ_PTS1 | is_resp; +from_pts1: + if (pts_ptr[_PTS0] & (1 << 5)) + return PTS_S_WAIT_REQ_PTS2 | is_resp; +from_pts2: + if (pts_ptr[_PTS0] & (1 << 6)) + return PTS_S_WAIT_REQ_PTS3 | is_resp; +from_pts3: + return PTS_S_WAIT_REQ_PCK | is_resp; +} + +static enum iso7816_3_state +process_byte_pts(struct iso7816_3_handle *ih, u_int8_t byte) +{ + switch (ih->pts_state) { + case PTS_S_WAIT_REQ_PTSS: + ih->pts_req[_PTSS] = byte; + break; + case PTS_S_WAIT_REQ_PTS0: + ih->pts_req[_PTS0] = byte; + break; + case PTS_S_WAIT_REQ_PTS1: + ih->pts_req[_PTS1] = byte; + break; + case PTS_S_WAIT_REQ_PTS2: + ih->pts_req[_PTS2] = byte; + break; + case PTS_S_WAIT_REQ_PTS3: + ih->pts_req[_PTS3] = byte; + break; + case PTS_S_WAIT_REQ_PCK: + /* FIXME: check PCK */ + ih->pts_req[_PCK] = byte; + break; + case PTS_S_WAIT_RESP_PTSS: + ih->pts_resp[_PTSS] = byte; + break; + case PTS_S_WAIT_RESP_PTS0: + ih->pts_resp[_PTS0] = byte; + break; + case PTS_S_WAIT_RESP_PTS1: + /* This must be TA1 */ + ih->fi = byte >> 4; + ih->di = byte & 0xf; + DEBUGPCR("found Fi=%u Di=%u", ih->fi, ih->di); + ih->pts_resp[_PTS1] = byte; + break; + case PTS_S_WAIT_RESP_PTS2: + ih->pts_resp[_PTS2] = byte; + break; + case PTS_S_WAIT_RESP_PTS3: + ih->pts_resp[_PTS3] = byte; + break; + case PTS_S_WAIT_RESP_PCK: + ih->pts_resp[_PCK] = byte; + /* FIXME: check PCK */ + set_pts_state(ih, PTS_S_WAIT_REQ_PTSS); + /* update baud rate generator with Fi/Di */ + update_fidi(ih); + /* Wait for the next APDU */ + return ISO7816_S_WAIT_APDU; + } + /* calculate the next state and set it */ + set_pts_state(ih, next_pts_state(ih)); + + return ISO7816_S_IN_PTS; +} + static void process_byte(struct iso7816_3_handle *ih, u_int8_t byte) { int new_state = -1; @@ -332,9 +457,16 @@ static void process_byte(struct iso7816_3_handle *ih, u_int8_t byte) new_state = process_byte_atr(ih, byte); break; case ISO7816_S_WAIT_APDU: + if (byte == 0xff) { + new_state = process_byte_pts(ih, byte); + goto out_silent; + } case ISO7816_S_IN_APDU: new_state = ISO7816_S_IN_APDU; break; + case ISO7816_S_IN_PTS: + new_state = process_byte_pts(ih, byte); + goto out_silent; } rctx = ih->rctx; @@ -350,6 +482,7 @@ static void process_byte(struct iso7816_3_handle *ih, u_int8_t byte) if (rctx->tot_len >= rctx->size) send_rctx(ih); +out_silent: if (new_state != -1) set_state(ih, new_state); } @@ -362,6 +495,9 @@ void iso7816_wtime_expired(void) isoh.sh.flags |= SIMTRACE_FLAG_WTIME_EXP; send_rctx(&isoh); } + if (isoh.state == ISO7816_S_IN_PTS) { + /* Timout during PTS: Card does not support PTS */ + } set_state(&isoh, ISO7816_S_WAIT_APDU); } -- cgit v1.2.3 From de125b725076e84134d5e9e9d3c56d3ef0bcf075 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Sun, 21 Nov 2010 20:18:23 +0100 Subject: simtrace: Make sure ATR is sent in its own RCTX and we re-allocate in time --- firmware/src/simtrace/iso7816_uart.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'firmware/src/simtrace/iso7816_uart.c') diff --git a/firmware/src/simtrace/iso7816_uart.c b/firmware/src/simtrace/iso7816_uart.c index 12669c4..cd1a2f0 100644 --- a/firmware/src/simtrace/iso7816_uart.c +++ b/firmware/src/simtrace/iso7816_uart.c @@ -102,6 +102,7 @@ struct iso7816_3_handle { struct simtrace_hdr sh; + int rctx_must_be_sent; struct req_ctx *rctx; }; @@ -325,6 +326,8 @@ process_byte_atr(struct iso7816_3_handle *ih, u_int8_t byte) case ATR_S_WAIT_TCK: /* FIXME: process and verify the TCK */ set_atr_state(ih, ATR_S_DONE); + /* send off the USB context */ + ih->rctx_must_be_sent = 1; /* update the waiting time */ ih->waiting_time = 960 * di_table[ih->di] * ih->wi; tc_etu_set_wtime(ih->waiting_time); @@ -469,6 +472,11 @@ static void process_byte(struct iso7816_3_handle *ih, u_int8_t byte) goto out_silent; } + /* The USB buffer could be gone in case the timer expired or code above + * this line explicitly sent it off */ + if (!ih->rctx) + refill_rctx(ih); + rctx = ih->rctx; if (!rctx) { DEBUGPCR("==> Lost byte, missing rctx"); @@ -479,8 +487,10 @@ static void process_byte(struct iso7816_3_handle *ih, u_int8_t byte) rctx->data[rctx->tot_len] = byte; rctx->tot_len++; - if (rctx->tot_len >= rctx->size) + if (rctx->tot_len >= rctx->size || ih->rctx_must_be_sent) { + ih->rctx_must_be_sent = 0; send_rctx(ih); + } out_silent: if (new_state != -1) -- cgit v1.2.3