Loading...
INTEGRATED CIRCUITS
MF RD700
Command Set
User & Reference Manual
User Manual |
June 2005 |
Revision 3.0 |
|
Philips
Semiconductors
Philips Semiconductors |
User Manual Rev. 3.0 June 2005 |
|
|
|
|
Command Set |
MF RD 700 |
|
|
|
|
CONTENTS |
|
|
1 |
GENERAL INFORMATION |
5 |
1.1 |
Scope |
5 |
1.2 |
General description |
5 |
2 |
MF RD700 COMMAND SET |
7 |
2.1 |
General Description of serial communication |
7 |
2.2 |
Overview of the delivered library stack |
8 |
2.3 |
MfRC500 Interface wrappers |
9 |
2.3.1 |
Mf500InterfaceOpen |
9 |
2.3.2 |
Mf500InterfaceClose |
10 |
3 |
MODULES |
11 |
3.1 |
Administration Command Set |
12 |
3.1.1 |
Included Functions |
12 |
3.1.2 |
Function Desription |
12 |
3.1.2.1 |
PcdGetRICVersion |
12 |
3.1.2.2 |
PcdGetSnr |
13 |
3.1.2.3 |
PcdReadE2 |
13 |
3.1.2.4 |
PcdReset |
14 |
3.1.2.5 |
PcdRfReset |
14 |
3.1.2.6 |
PcdSetTmo |
15 |
3.1.2.7 |
PcdWriteE2 |
15 |
3.2 |
MIFARE® Classic Command Set |
16 |
3.3 |
Handling the MIFARE® Classic World |
16 |
3.3.1 |
Included Functions |
17 |
3.3.2 |
Function Description |
18 |
3.3.2.1 |
Mf500PcdConfig |
18 |
3.3.2.2 |
Mf500ActiveAntennaMasterConfig |
18 |
3.3.2.3 |
Mf500ActiveAntennaSlaveConfig |
19 |
3.3.2.4 |
Mf500PiccAnticoll |
19 |
3.3.2.5 |
Mf500PiccCommonRead |
20 |
3.3.2.6 |
Mf500PiccCommonWrite |
21 |
3.3.2.7 |
Mf500PiccHalt |
22 |
3.3.2.8 |
Mf500PiccRead |
22 |
3.3.2.9 |
Mf500PiccRequest |
23 |
3.3.2.10 |
Mf500PiccSelect |
24 |
2
Philips Semiconductors |
User Manual Rev. 3.0 June 2005 |
||
|
|
|
|
Command Set |
|
MF RD 700 |
|
|
|
|
|
3.3.2.11 Mf500PiccValue |
|
25 |
|
3.3.2.12 Mf500PiccValueDebit |
|
26 |
|
3.3.2.13 Mf500PiccWrite |
|
27 |
|
3.3.2.14 Mf500PiccWrite4 |
|
28 |
|
3.4 |
MIFARE® Authentication Procedures |
|
29 |
3.4.1 |
Included Functions |
|
29 |
3.4.2 |
Function Desription |
|
30 |
3.4.2.1 |
Mf500PiccAuthE2 |
|
30 |
3.4.2.2 |
Mf500PiccAuthKey |
|
31 |
3.5 |
MIFARE® Commands with calling compatible Interface |
|
32 |
3.5.1 |
Inlcuded Functions |
|
32 |
3.5.2 |
Function Description |
|
32 |
3.5.2.1 |
Mf500PiccAuth |
|
32 |
3.6 |
ISO 14443A Low Level Commands |
|
33 |
3.6.1 |
Included Functions |
|
33 |
3.6.2 |
Function Desription |
|
34 |
3.6.2.1 |
Mf500PcdGetAttrib |
|
34 |
3.6.2.2 |
Mf500PcdSetAttrib |
|
35 |
3.6.2.3 |
Mf500PcdSetDefaultAttrib |
|
36 |
3.6.2.4 |
Mf500PiccActivation |
|
36 |
3.6.2.5 |
Mf500PiccActivateIdle |
|
38 |
3.6.2.6 |
Mf500PiccActivateIdleLoop |
|
39 |
3.6.2.7 |
Mf500PiccActivateWakeup |
|
42 |
3.6.2.8 |
Mf500PiccCascAnticoll |
|
43 |
3.6.2.9 |
Mf500PiccCascSelect |
|
44 |
3.6.2.10 |
Mf500PiccCommonRequest |
|
45 |
3.6.2.11 |
Mf500PiccExchangeBlock |
|
46 |
3.7 |
Transparent Communication Channel between Host and Reader IC |
47 |
|
3.7.1 |
Included Functions |
|
47 |
3.7.2 |
Function Description |
|
48 |
3.7.2.1 |
ExchangeByteStream |
|
48 |
3.7.2.2 |
ReadRC |
|
50 |
3.7.2.3 |
WriteRC |
|
50 |
3.7.2.4 |
ReadMultiple |
|
51 |
3.7.2.5 |
WriteMultiple |
|
51 |
3.8 |
Utility Functions |
|
52 |
3
Philips Semiconductors |
User Manual Rev. 3.0 June 2005 |
|
|
|
|
Command Set |
MF RD 700 |
|
|
|
|
3.8.1 |
Included Functions |
52 |
3.8.2 |
Function Desription |
53 |
3.8.2.1 |
PcdEnableHighBaudRates |
53 |
3.8.2.2 |
HostGetExecutionTime |
53 |
3.8.2.3 |
HostTransTmrStart |
54 |
3.8.2.4 |
HostTransTmrStop |
54 |
3.8.2.5 |
Mf500HostCodeKey |
55 |
3.8.2.6 |
Mf500PcdLoadKeyE2 |
55 |
3.8.2.7 |
PcdSetIdleMode |
56 |
3.8.2.8 |
SwitchLED |
56 |
3.8.2.9 |
DbgTrigger |
57 |
3.8.2.10 |
StartDownload |
57 |
3.8.2.11 |
PcdGetFwVersion |
58 |
3.9 |
Self Test Functions |
59 |
3.9.1 |
included Functions |
59 |
3.9.2 |
Function Description |
59 |
3.9.2.1 |
RicTestPcd |
59 |
3.9.2.2 |
RicTestPicc |
60 |
3.9.2.3 |
RicTestFlashNr |
60 |
3.9.2.4 |
RicTestCommunication |
61 |
4 |
RETURN VALUES OVERVIEW |
62 |
4.1 |
Table of Return values |
62 |
4.1.1 |
Common Communication Return Codes |
62 |
4.1.2 |
Return Values’ Overview |
63 |
5 |
REVISION HISTORY |
68 |
Contact Information |
70 |
|
4
Philips Semiconductors |
User Manual Rev. 3.0 June 2005 |
|
|
Command Set |
MF RD 700 |
1 GENERAL INFORMATION
1.1 Scope
This document describes the functionality of the command set for MF RD700 ‘Pegoda’ reader. It includes the functional description of the used commands and gives details, how to use or design-in this device from a system and software viewpoint.
The default configuration for the MF RD700 uses the MF RC500 as the contactless reader IC.
In fact, the reader module can be used with all members of the new contactless reader IC family without any additional hardware changes.
The command set defines all commands, which can be used by the different reader ICs as the MF RC530 and the MF RC531. These reader-ICs will be available soon to give the user the possibility to integrate these ICs easy in the Pegoda environment. Consequently not all described commands are available in the standard configuration of the Pegoda reader based on the MF RC500 reader IC.
These commands are marked in the description.
1.2 General description
The MF RD700 Pegoda reader is ready to be connected to a PC.
Figure 1 shows the basic overview of the MF RD700’s software concept. Different levels of the PC libraries can be identified:
•Application Level
This level is user specific and might be used by the user to implement own applications and test programs. The evaluation kit packages for the MF RC700 provide the MIFAREWND program and the source code for the Rges program as example for small test programs on application level.
•MF RD700 Command Set
This document describes the library giving the user the possibility to program an application to the PEGODA reader. All necessary settings and command are explained in detail on the following pages.
•HostRDCom
The library for the host to reader communication. This library establishes the communication between the host and the reader. Default usage for the MF RD700 is the USB interface. Additionally RS232 and IrDA are supported to give the user a large variety of interfaces. The description is included to that package in the Application Note HostRDComUser & Reference Manual.
•The firmware of the MF RD700 covers the functionality of the basic function library of the MF RC 500. This basic function library is described in the Application Note MIFARE® MF RC500 Basic Function Library.
The supported operating systems are limited to the Microsoft Windows Platform. Depending on the selected connectivity type, Win98, Win2000 or Win NT 4.0 is supported. The content of this document should be precise enough, to give the user the possibility writing own communication libraries for other operating systems.
5
Philips Semiconductors |
User Manual Rev. 3.0 June 2005 |
|
|
Command Set |
MF RD 700 |
|
|
Application 2
Application 1
T=CL
MfGeneric
MfRc500
T=CL LL |
RD700 |
|
|
|
Library Interface |
HostRdCom
Sequenzer/Desequenzer
Generic Input/Output
RS232 API |
|
IRDA API |
USB Protocol Driver |
|
|
||||||
RS232 Driver |
IRDA Driver |
USB HW spec. Driver |
|
|
|
||||||
|
RS232 |
|
|
IRDA |
|
USB |
|||||
|
|
|
|
||||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
RS232 RX/TX |
IRDA RX/TX |
USB DMA |
|
|
|
||||||
RS232 dep. access |
IRDA dep. access |
USB dep. access |
|
|
|
||||||
|
|
Read/Write Memory |
|
|
|||||||
|
Sequenzer/Desequenzer |
|
|
|
|
||||||
T=CL |
|
|
|
|
|
|
|
|
|
|
|
MIFARE |
LLL |
|
Shared Cmds |
|
|||||||
|
|
|
|
|
|||||||
|
|
|
|
|
|
|
|
|
|
|
|
Read/Write Memory
Reader IC
Antenna
Figure 1. General Software Overview
6
Philips Semiconductors |
User Manual Rev. 3.0 June 2005 |
|
|
Command Set |
MF RD 700 |
2 MF RD700 COMMAND SET
The following parts describe the MF RD700 command set in detail. The described functions are clustered in different blocks as
•general description of the serial interface
•overview of the delivered library stack
•MF Rc500 interface wrappers
General return values for the described functions are listed in chapter 4. Only relevant return values for the explained commands are mentioned the description does not cover all communication-related errors.
2.1 General Description of serial communication
The MF RD700 reader can only be connected via serial data interfaces. The default configuration offers a USB connection. Additionally, the command set includes additionally RS232 and IrDA interface to a host.
The serial data stream consists depend from the selected interface type frameand transfer data.
•Frame data depend on the selected interface
•Transfer data depend only on the selected command
To explain this dependency, the expected serial transfer data stream is described at command level.
From a reader point of view the transfer data consists of an IN-transfer and an OUT-transfer.
•IN-transfer data is sent from the host to the reader module.
•OUT-transfer data is sent from the reader module to the host.
Additionally, the command code, which identifies the function at reader side is listed at each function.
Each function is described with the corresponding function prototype and stream data composition. The number of bytes occupied by this parameter is written in brackets.
Multiple byte parameters are converted to the serial byte stream with the least significant byte first.
Example:
short value 0x0A05 |
|
long value 0x04030201 |
|
is converted to |
|
is converted to |
|
data[x] |
= 0x05 |
data[x] |
= 0x01 |
data[x+1] |
= 0x0A |
data[x+1] |
= 0x02 |
|
|
data[x+2] |
= 0x03 |
|
|
data[x+3] |
= 0x04 |
7
Philips Semiconductors |
User Manual Rev. 3.0 June 2005 |
|
|
Command Set |
MF RD 700 |
Note:
Pay attention, that the order of the parameter variables within the data stream may be different to the order in the function prototype. The order of parameters in the function prototype is given by the logical matching of the parameters. The data-stream’s order is given by data direction and data length. A word -aligned access to multiple byte parameters is possible.
2.2 Overview of the delivered library stack
The RD700 command set and the HostRdCom libraries are necessary to access the reader. All reader commands are included in the RD700 command set. Therefore, the parameters of the functions are equal to the parameters of the reader commands with the exception that the reader protocol has to be passed as first parameter.
Example:
If the MF RC500’s basic function library command PcdWriteE2 to write data to the RC 500 EEPROM
signed char PcdWriteE2 (unsigned short startaddr, unsigned char length,
unsigned char * data)
Cmd-Code: 0x24
IN startaddr (2) length (1)data (length)
OUT
Is called from the RD700 library, the corresponding interface looks like
signed short PcdWriteE2 (ProtocolBase* p_PB, unsigned short startaddr, unsigned char length,
unsigned char * data)
Only the first parameter is additional and the return value range is extended to a short. This conversion is done for any function in the Rd700 library.
The MFRC500 library encapsulates the interface handling to the application programmer. At RC 500 level the first parameter disappears and the interface changes to
signed short PcdWriteE2 (unsigned short startaddr, unsigned char length,
unsigned char * data)
which is similar to the reader command except the enlarged return value.
The MFRC500 library can only handle one reader for one application. Taking the advantage of the USB interface offering the possibility to connect more than one reader to a PC, the user would probably like to select one reader for his application. In this case the access to the HostRdCom interface is needed and the additional first parameter is necessary.
If the MfRc500 library is used and more than one reader has to be connected to one PC, the first application will select the first connected reader and second application the second one. You have no possibility to change the order.
8
Philips Semiconductors |
User Manual Rev. 3.0 June 2005 |
|
|
Command Set |
MF RD 700 |
Note: In the following document the interface description for the Rd700 library has to be extended by the interface handle and the enlarged return value. For the MfRc500 library the return value is extended compared to the following description.
The MfRc500 library contains of two functions described in the chapter 2.3 covering the interface handling. All other functions of this library and also of the Rd700 library are passed directly as reader commands to the reader device.
2.3 MfRC500 Interface wrappers
As explained above, the MfRc500 library is a wrapper library over Rd700 and HostRdCom. In order to provide a simpler (but less flexible) interface handling the library introduces two new functions.
|
Function name |
|
Function call |
|
|
|
|
|
Mf500InterfaceOpen |
|
signed char Mf500InterfaceOpen (unsigned long mode, |
|
|
unsigned long options) |
|
|
|
|
|
|
|
|
|
|
Mf500InterfaceClose |
|
signed char Mf500InterfaceClose (void) |
|
|
|
|
|
|
|
|
|
|
Table 2-1. MF RC500 Interface wrappers |
|
2.3.1 MF500INTERFACEOPEN |
|
|
|
signed char Mf500InterfaceOpen (unsigned long mode, unsigned long options)
Parameters:
mode (IN) 4 bytes interface type description
0x00000030 USB
0x00000040 RS232
0x00000050 IrDA
options (IN) 4 bytes interface options
Depending on the interface type, this parameter is used to specify additional parameters. For USB and IrDA devices, this parameter is ignored.
For RS232 devices the COM-port can be specified e.g. 1 for COM1 or 2 for COM2.
Returns:
MI_OK
This function uses the HostRdCom interface to open a connection to the reader and use this handle for following function calls of this library. Nearly all functions of the Rd700 library are equipped with a new interface, where this handle is used.
9
Philips Semiconductors |
User Manual Rev. 3.0 June 2005 |
|
|
Command Set |
MF RD 700 |
|
|
2.3.2 MF500INTERFACECLOSE |
|
signed char Mf500InterfaceClose(void)
Parameters: none
Returns:
MI_OK
This function corresponds to the Mf500InterfaceOpen function. Each time, the used interface should be released; this function has to be called.
10
Philips Semiconductors |
User Manual Rev. 3.0 June 2005 |
|
|
Command Set |
MF RD 700 |
3 MODULES
The MF RD700 command set contains of several modules covering different functionality:
Module |
Description |
|
|
|
|
Administration Command set |
Several Commands for reader IC administration and |
|
|
configuration. |
|
|
|
|
|
In order to support MIFARE® and ISO 14443-4 |
|
MIFARE® Classics Command set |
Command set, some of the Commands are split in a |
|
general interface and a special Mifare interface; both |
||
|
have the same functionality with different parameter |
|
|
settings. |
|
|
|
|
MIFARE® Commands with calling compatible |
MIFARE® authentication procedure compatible to the |
|
Interface |
old reader devices |
|
|
|
|
ISO 14443A Low Level Commands |
Specific ISO14443A commands not included in the |
|
|
MIFARE® classic command set |
|
|
|
|
Transparent Communication Channel between Host |
Allows setting and resetting all registers and |
|
exchanging a byte or bit stream with the tag. |
||
and Reader IC |
|
|
|
|
|
Utility Functions |
Collection of utility functions for the microcontroller |
|
environment |
||
|
||
|
|
|
Self Test Functions |
MF RD700 Test Functions |
|
|
|
Table 3-1. Modules
General return values for the described functions are listed in chapter 4. Only specific return values for the explained functions are mentioned, the description does not cover all general communication related errors.
11
Philips Semiconductors |
User Manual Rev. 3.0 June 2005 |
|
|
Command Set |
MF RD 700 |
3.1 Administration Command Set
The Administration Command Set covers several Commands for reader IC administration and configuration.
3.1.1 INCLUDED FUNCTIONS
Function name |
|
Function call |
|
|
|
PCDReset |
|
signed char PcdReset (void) |
|
|
|
PCDSetTmo |
|
signed char PcdSetTmo (unsigned long numberOfEtus) |
|
|
|
PCDGetSnr |
|
signed char PcdGetSnr (unsigned char *snr) |
|
|
|
PCDGetRICVersion |
|
signed char PcdGetRICVersion(unsigned char* version) |
|
|
|
PCDReadE2 |
|
signed char PcdReadE2 (unsigned short startaddr, |
|
|
unsigned char length, |
|
|
unsigned char *data) |
PCDWriteE2 |
|
signed char PcdWriteE2 (unsigned short startaddr, |
|
|
unsigned char length, |
|
|
unsigned char *data) |
PCDRFReset |
|
signed char PcdRfReset (unsigned short ms |
|
|
|
|
Table 3-2. Administration Commands |
|
Note: In case of an error, the appropriate error code is set. Nevertheless, all received data are returned. This feature helps to debug the errors. Even if all data seems to be received correctly (data is filled up with reasonable values), a CRC, parity or other error could be reported.
3.1.2 FUNCTION DESRIPTION
3.1.2.1 PcdGetRICVersion
signed char PcdGetRICVersion (unsigned char * version)
Cmd-Code: 0x64
IN
OUT version (5)
Parameters:
snr (OUT) 5 bytes reader type ID
Returns:
MI_OK
The reader type ID depends on the current used reader IC. Please refer to the reader ICs data sheet.
12
Philips Semiconductors |
User Manual Rev. 3.0 June 2005 |
||
|
|
|
|
Command Set |
MF RD 700 |
||
|
|
|
|
3.1.2.2 PcdGetSnr |
|
||
|
|
||
signed char PcdGetSnr (unsigned char * snr) |
|||
|
Cmd-Code: 0x22 |
|
|
|
IN |
|
|
|
OUT |
snr (4) |
|
|
Parameters: |
|
|
|
snr |
(OUT) |
4 bytes serial number of the reader IC |
Returns:
MI_OK
This function reads out 4 bytes serial number of the reader IC. The serial number is unique for all delivered readers.
3.1.2.3 PcdReadE2
signed char PcdReadE2 (unsigned short startaddr, unsigned char length,
unsigned char * data)
Cmd-Code: 0x23
IN startaddr (2) length (1)
OUT data (length)
Parameters:
startaddr |
(IN) EEPROM memory start address, Defines the start address for the read |
|
operation |
length |
(IN) number of data bytes to read |
data |
(OUT) is a pointer to the length bytes long data buffer, to store the read data. |
Returns: |
|
CRRC |
|
This function reads out data stored in the reader IC’s EERPOM beginning at the address ‘startaddr’. The number of bytes to be read is given by the variable length and the read out data are stored in the provided data buffer.
13
Philips Semiconductors |
User Manual Rev. 3.0 June 2005 |
|
|
|
|
Command Set |
MF RD 700 |
|
|
|
|
3.1.2.4 PcdReset |
|
|
|
|
|
signed char PcdReset (void) |
|
|
|
Cmd-Code: 0x21 |
|
|
IN |
|
|
OUT |
|
|
Parameters: none |
|
|
Returns: |
|
|
MI_OK |
|
|
MI_RESETERR error while resetting the reader IC |
|
The MF RC500 reset pin is connected to the microcontroller and a reset can be performed. After each reset, the automatic interface recognition of the reader IC is activated. Both, resetting the reader IC and determining the interface is done by this function.
3.1.2.5 PcdRfReset
signed char PcdRfReset (unsigned short ms)
Cmd-Code: 0x20
IN ms (2)
OUT
Parameters:
ms (IN) time period in milliseconds. Defines the switch off time of the reader IC's RF-field in milliseconds.
Returns:
MI_OK always
This function turns off the RF-field for a specified time in milliseconds by setting the variable ms. Elapsing this time the RF-field is turned on approximately 1 millisecond later.
If the time variable ms is set to 0, the RF-field is turned off.
14
Philips Semiconductors |
User Manual Rev. 3.0 June 2005 |
|
|
Command Set |
MF RD 700 |
|
|
3.1.2.6 PcdSetTmo |
|
signed char PcdSetTmo (unsigned long numberOfEtus)
Cmd-Code: 0x27
IN numberOfEtus (4)
OUT
Parameters:
numberOfEtus (IN) Range [1..4294000] timeout period calculated in etu's of 9.44 us
Returns:
MI_OK always
This function sets a RF communication time out value. Every communication between the reader IC and the card is controlled by a timeout value.
The timeout value is measured between the last bit sent to the tag and the first bit received from the tag.
3.1.2.7 PcdWriteE2
signed char PcdWriteE2 (unsigned short startaddr, unsigned char length,
unsigned char * data)
Cmd-Code: 0x24
IN startaddr (2) length (1)data (length)
OUT
Parameters:
startaddr (IN) EEPROM memory start address. Defines the start address for the write operation
length (IN) number of data bytes to write
data (IN) is a pointer to the length bytes long data buffer containing the data to be written to the EEPROM.
Returns:
CRRC
This function writes a given length of data bytes stored in the data buffer to the reader IC's EEPROM beginning at address startaddr.
15
Philips Semiconductors |
User Manual Rev. 3.0 June 2005 |
|
|
Command Set |
MF RD 700 |
3.2 MIFARE® Classic Command Set
In order to support Mifare and ISO 14443-4 Command set, some of the Commands are split in a general interface and a special Mifare interface; both have the same functionality with different parameter settings.
3.3 Handling the MIFARE® Classic World
Cards of the MIFARE® Classic family (MIFARE® Standard, MIFARE® Light) support a defined set of instructions. The MF RC500 fully supports communication with these cards. Using the functions in this library MIFARE® Classic instructions have to be sent to the card in correct sequences. To apply these sequences in the appropriate way is the responsibility of the application software.
For further information on the cards command set please refer to the according product description of the MIFARE Standard or the MIFARE Light IC.
The MIFARE® Classic command set can be divided in to 2 parts. The identification and selection procedure of the MIFARE® protocol is implemented in an ISO14443A compliant way. These commands are marked with a grey background in the following table. Having identified and selected the MIFARE® card the MIFARE® specific authentication procedure can be started. Finally, having passed the authentication procedure memory operations are allowed. In the following table the MIFARE® command set is named according to the MIFARE® card IC specification.
Command |
Abbr. |
Code |
Argument |
Response |
Possible After |
|
|
|
|
|
|
Request ALL |
ATR |
52 |
None |
Tag Type (ATQ) |
card's POR, HALT, |
|
|
|
|
|
communication failure |
Request IDLE |
ATR |
26 |
None |
Tag Type (ATQ) |
card's POR, communication |
|
|
|
|
|
failure |
Anticollision |
AC |
93,95, |
(optional parts of the |
(rest of) card's |
ATR, AC |
|
|
97 |
card's serial number) |
serial number |
|
Select |
SEL |
93,95, |
Card serial number |
Answer to select |
ATR, AC |
|
|
97 |
|
(ATS) |
|
Authentication |
AUT |
60 |
Block address |
Acknowledge |
SEL, AUT, RD, WR, TRANS |
|
|
61 |
|
|
|
|
|
|
|
|
|
Read |
RD |
30 |
Block address |
16 byte data |
SEL*), AUT, RD, WR, |
|
|
|
|
block |
TRANS |
Write |
WR |
A0 |
Block address and |
Acknowledge |
SEL*), AUT, RD, WR, |
|
|
|
16 byte data block |
|
TRANS |
|
|
|
|
|
|
Decrement |
DEC |
C0 |
Block address and |
Acknowledge |
SEL*), AUT, RD, WR, |
|
|
|
4 byte value |
|
TRANS |
|
|
|
|
|
|
Increment |
INC |
C1 |
Block address and |
Acknowledge |
SEL*), AUT, RD, WR, |
|
|
|
4 byte value |
|
TRANS |
Restore |
REST |
C2 |
Block address and |
Acknowledge |
SEL*), AUT, RD, WR, |
|
|
|
4 byte dummy value |
|
TRANS |
Transfer |
TRANS |
B0 |
Block address |
Acknowledge |
DEC, INC, REST |
|
|
|
|
|
|
Halt |
HALT |
50 |
Dummy address |
None |
SEL, AUT, RD, WR, TRANS |
|
|
|
|
|
|
Table 3-3. MIFARE® Classic Command Set
16
Philips Semiconductors |
User Manual Rev. 3.0 June 2005 |
|
|
Command Set |
MF RD 700 |
|
|
A command can be executed successfully only if it is carried out after a function listed in the column 'Possible After'. Otherwise a failure is returned and the card falls back into the initial state.
*) Although the command might be executed after a SEL command, it will fail since the card is not authenticated.
3.3.1 INCLUDED FUNCTIONS
Function name |
Function call |
|
|
MfPcdConfig |
signed char Mf500PcdConfig (void) |
|
|
|
|
Mf500ActiveAntennaSlaveConfig |
signed char Mf500ActiveAntennaSlaveConfig (void) |
|
|
|
|
Mf500ActiveAntennaMasterConfig |
signed char Mf500ActiveAntennaMasterConfig (void |
|
|
|
|
Mf500PiccRequest |
signed char Mf500PiccRequest (unsigned char req_code, |
|
unsigned char *atq) |
Mf500PiccAnticoll |
signed char Mf500PiccAnticoll (unsigned char bcnt, |
|
unsigned char *snr) |
Mf500PiccSelect |
signed char Mf500PiccSelect (unsigned char *snr, |
|
unsigned char *sak) |
Mf500PiccRead |
signed char Mf500PiccRead (unsigned char addr, |
|
unsigned char *data) |
|
signed char Mf500PiccCommonRead (unsigned char cmd, |
Mf500PiccCommonRead |
unsigned char addr, |
|
unsigned char datalen, |
|
unsigned char *data) |
Mf500PiccWrite |
signed char Mf500PiccWrite (unsigned char addr, |
|
unsigned char *data) |
Mf500PiccWrite4 |
signed char Mf500PiccWrite4 (unsigned char addr, |
|
unsigned char *data) |
|
signed char Mf500PiccCommonWrite (unsigned char cmd, |
Mf500PiccCommonWrite |
unsigned char addr, |
|
unsigned char datalen, |
|
unsigned char *data) |
|
signed char Mf500PiccValue (unsigned char dd_mode, |
char Mf500PiccValue |
unsigned char addr, |
|
unsigned char *value, |
|
unsigned char trans_addr) |
Mf500PiccValueDebit |
signed char Mf500PiccValueDebit (unsigned char dd_mode, |
unsigned char addr, |
|
|
unsigned char *value) |
Mf500PiccHalt |
signed char Mf500PiccHalt (void) |
|
|
|
|
|
Table 3-4, MIFARE® Commands |
17
Philips Semiconductors |
User Manual Rev. 3.0 June 2005 |
|
|
|
|
Command Set |
MF RD 700 |
|
|
|
|
3.3.2 FUNCTION DESCRIPTION |
|
|
3.3.2.1 Mf500PcdConfig |
|
|
|
|
|
signed char Mf500PcdConfig (void) |
|
|
|
Cmd-Code: 0x10 |
|
|
IN |
|
|
OUT |
|
|
Parameters: none |
|
|
Returns: |
|
|
MI_OK |
|
|
MI_RESETERR |
|
|
MI_INTERFACEERR |
|
This function has to be called before the first data is written to the MF RC500 in order to perform the internal configuration. A reset of the reader IC is done and several registers are set.
3.3.2.2 Mf500ActiveAntennaMasterConfig
signed char Mf500ActiveAntennaMasterConfig(void)
Cmd-Code: 0x2A
IN
OUT
Parameters: none
Returns:
MI_OK always
This function initializes the master reader IC to use it in an active antenna configuration.
This function is additional to the standard configuration Mf500PcdConfig.
The MF RC500 reader IC configured in the master configuration is able to communicate with another MF RC500 configured in the slave configuration via the digital MFin and MFout pins. The corresponding slave configuration routine for the slave MF RC 500 can be initialized by the function
MF500ActiveAntennaSlaveConfig.
The active antenna configuration itself is described in the datasheet for the MF RC500.
18
Philips Semiconductors |
User Manual Rev. 3.0 June 2005 |
|
|
|
|
Command Set |
MF RD 700 |
|
|
|
|
3.3.2.3 Mf500ActiveAntennaSlaveConfig |
|
|
|
|
|
signed char Mf500ActiveAntennaSlaveConfig(void) |
|
|
|
Cmd-Code: 0x2B |
|
|
IN |
|
|
OUT |
|
|
Parameters: none |
|
|
Returns: |
|
|
CRRC |
|
The MF RC500 reader IC configured in the slave configuration is able to communicate with another MF RC500 configured in the master configuration via the digital MFIn and MFOut pins.
The master MF RC500 reader IC sends commands and data using the MFOut pin. The slave reader IC receives the data via MFIn pin. Sending data back from the slave IC is done connecting the MFOut for the slave IC and MFIn for the master MF RC500.
In this configuration the slave module can not be initialized by the microcontroller because only the MF In/Out interface is connected between both MF RC500's. The slave module has to be initialized before the connection is established. During this initialization the appropriate parameter settings are written to the E2PROM. After POR (power on reset) the IC reads these settings and initializes itself automatically as a slave IC.
Additionally, it is possible to connect the slave reader IC to the µC to have the possibility to change the setting in the application later. ´
3.3.2.4 Mf500PiccAnticoll
signed char Mf500PiccAnticoll (unsigned char bcnt, unsigned char * snr)
Cmd-Code: 0x12
IN |
bcnt (1) |
IN/OUT |
snr (4) |
OUT
Parameters:
bcnt (IN) Range: [0..32] Number of SNR-bits that are known (default value is 0);
snr (IN/OUT) 4 bytes serial number (number of bits, which are known and indicated by bcnt
Returns: |
|
CRRC |
|
MI_BITCOUNTERR |
16 bits expected, wrong number received |
MI_SERNRERR |
SNR Check byte does not correspond to SNR |
19
Philips Semiconductors |
User Manual Rev. 3.0 June 2005 |
|
|
Command Set |
MF RD 700 |
This function calls MF500PiccCascAnticoll with a select_code 0x93 to perform the anticollision for MIFARE® Classic card ICs.
3.3.2.5 Mf500PiccCommonRead
signed char Mf500PiccCommonRead (unsigned char cmd, unsigned char addr,
unsigned char datalen, unsigned char * data)
Cmd-Code: 0x28
IN cmd (1) addr (1) datalen (1)
OUT data (datalen)
Parameters:
cmd read command byte
PICC_READ16
addr (IN) Range [0..dep.card type]. Addresses the card's block address from which data shall be read. For MIFARE® Standard cards, addr can take a value from 0 to 63 (255 for Mifare Pro), for other card types refer to the according product description.
datalen length of data bytes array
data (OUT) is a pointer to the datalen byte data block read from the card's memory
Returns:
MI_OK
CRRC
MI_NOTAUTHERR not authenticated for this sector
MI_CODINGERR wrong coding of 8 bit ack/nack
MI_CODEERR
MI_BYTECOUNTERR wrong number of bytes received
This function directly reads out a datalen block from the specified card's blockaddress addr.
20
Philips Semiconductors |
|
|
User Manual Rev. 3.0 June 2005 |
|
|
|
|
|
|
Command Set |
|
|
MF RD 700 |
|
|
|
|
|
|
3.3.2.6 Mf500PiccCommonWrite |
|
|
||
|
|
|||
signed char Mf500PiccCommonWrite (unsigned char cmd, |
||||
|
|
unsigned char addr, |
|
|
|
|
unsigned char datalen, |
||
|
|
unsigned char * data) |
||
|
Cmd-Code: 0x1F |
|
|
|
|
IN cmd (1) |
addr (1) |
datalen (1) |
data (datalen) |
|
OUT |
|
|
|
|
Parameters: |
|
|
|
cmd write command byte
PICC_WRITE16
PICC_WRITE4
addr (IN) Range [0..dep.card type] Addresses the card's block address to which data shall be written. For MIFARE® Standard cards, addr can take values from 0 to 63 (255 for Mifare Pro), for other card types please refer to the according product description.
datalen length of data bytes array
data (OUT) is a pointer to the datalen bytes data block, which should be written to the card
Returns:
MI_OK
CRRC
MI_BITCOUNTERR wrong number of bits received
MI_NOTAUTHERR not authenticated for this sector
MI_WRITEERR error while writing data
MI_CODINGERR wrong coding of 8 bit ack/nack
MI_CODEERR
This function writes a datalen bytes block to the specified card's block address addr. Having sent the command the card indicates with an ACK, that the direct memory access is possible. Having received the ACK, the MF RC500 sends the datalen bytes data block and waits for an ACK again. In case of an error a return code according to the MF RC500's error flags is generated.
Note:
The card type has to support the selected datalen e.g. Mifare® UltraLight for a 4 bytes write
21
Loading...