带有JewelTopaz512 NFC标签的ACR122U读写器发出 "超时,目标未应答"

问题描述 投票:0回答:1

我正在构建一个WindowsJava程序(使用 javax.smartcardio)与JewelTopaz512标签(来自InnovisionBroadcom)进行通信,使用ACR122U设备(内部有PN532 NFC控制器芯片)。

我实现了Topaz512协议(来自 本数据表)但 我的命令只有一半能用.

  • 一些有效的命令。RID, RALL, READ, WRITE-NE, RSEG
  • 一些不工作的命令。WRITE-E, READ8, WRITE-E8, WRITE-NE8

以WRITE-NO-ERASE命令为例。

例如,当我发送一个WRITE-NO-ERASE命令时,得到的结果是这样的。

命令: FF:00:00:00:0C:D4:40:01:1A:7F:42:38:01:9A:00:17:E8

其中:

  • D4:40:01 是InDataExchange命令。
  • 1A:7F:42 是WRITE-NO-ERASE命令(值:0x42,块0x0F,字节7)。
  • 38:01:9A:00 是4个字节的标签UID。
  • 17:E8 是《儿童权利公约》。

响应。D5:41:00:42:90:00

这里的回答是正确的。0x42. 状态字节(0x00)通知一切顺利。

使用WRITE-WITH-ERASE命令的例子。

下面是我发送WRITE-WITH-ERASE命令时的结果。

命令: FF:00:00:00:0C:D4:40:01:53:7F:42:38:01:9A:00:28:6E

其中:

  • D4:40:01 是InDataExchange命令。
  • 53:7F:42 是WRITE-WITH-ERASE命令(值:0x42,块0x0F,字节7)。
  • 38:01:9A:00 是4个字节的标签UID。
  • 28:6E 是《儿童权利公约》。

响应。D5:41:01:90:00

这里,状态字节(0x01)通知PN532检测到的超时。(从 PN532文件 (p67): "超时,目标未应答 - 0x01")

此外,当我删除PN532超时(用的是 FF:00:00:00:06:D4:32:02:00:00:00)非工作指令不响应 D5:41:01:90:00,但等的时间长了,那我就得不到回应了。

编辑2020-04-20

我刚刚尝试使用gscriptor执行命令(从 pcsc-tools 套装),我得到了同样的行为。

脚本:

FF 00 00 00 06 D4 32 05 02 02 02

# SAMConfiguration
FF 00 00 00 04 D4 14 01 00

# SetParameters
FF 00 00 00 03 D4 12 04

# InListPassiveTarget: Jewel mode
FF 00 00 00 04 D4 4A 01 04

# InDataExchange: RID
FF 00 00 00 04 D4 40 01 78

# InDataExchange: RALL
FF 00 00 00 04 D4 40 01 00

# InDataExchange: RSEG 0-3
FF 00 00 00 05 D4 40 01 10 00
FF 00 00 00 05 D4 40 01 10 20
FF 00 00 00 05 D4 40 01 10 40
FF 00 00 00 05 D4 40 01 10 60

##########

# GetFirmwareVersion
FF 00 00 00 02 D4 02

# GetGeneralStatus
FF 00 00 00 02 D4 04

##########

# RFConfiguration: No timeout
FF 00 00 00 06 D4 32 02 00 00 00

# InDataExchange: READ-1
FF 00 00 00 05 D4 40 01 01 7F

# InDataExchange: READ-8
FF 00 00 00 05 D4 40 01 02 00

# InDataExchange: WRITE-E-1
FF 00 00 00 06 D4 40 01 53 7F 42

# InDataExchange: WRITE-E-8
FF 00 00 00 0C D4 40 01 55 02 01 02 03 04 05 06 07 08

# InDataExchange: WRITE-NE-1
FF 00 00 00 06 D4 40 01 1A 7F 42

# InDataExchange: WRITE-NE-8
FF 00 00 00 0C D4 40 01 1B 02 01 02 03 04 05 06 07 08

结果:


Sending: FF 00 00 00 06 D4 32 05 02 02 02
Received: D5 33 90 00
Normal processing.

Sending: FF 00 00 00 04 D4 14 01 00
Received: D5 15 90 00
Normal processing.

Sending: FF 00 00 00 03 D4 12 04
Received: D5 13 90 00
Normal processing.

Sending: FF 00 00 00 04 D4 4A 01 04
Received: D5 4B 01 01 0C 00 38 01 9A 00 90 00
Normal processing.

Sending: FF 00 00 00 04 D4 40 01 78
Received: D5 41 00 12 4C 38 01 9A 00 90 00
Normal processing.

Sending: FF 00 00 00 04 D4 40 01 00
Received: D5 41 00 12 4C 38 01 9A 00 00 10 25 00 00 10 3F
00 01 03 F2 30 33 02 03 F0 02 03 03 E3 D1 01 DF
54 02 65 6E 30 31 32 33 34 35 36 37 38 39 30 30
31 32 33 34 35 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 55 55 AA
AA 12 4C 06 00 01 E0 00 00 00 00 00 00 90 00
Normal processing.

Sending: FF 00 00 00 05 D4 40 01 10 00
Received: D5 41 00 38 01 9A 00 00 10 25 00 00 10 3F 00 01
03 F2 30 33 02 03 F0 02 03 03 E3 D1 01 DF 54 02
65 6E 30 31 32 33 34 35 36 37 38 39 30 30 31 32
33 34 35 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 55 55 AA AA 12
4C 06 00 01 E0 00 00 00 00 00 00 00 00 00 00 00
00 00 47 90 00
Normal processing.

Sending: FF 00 00 00 05 D4 40 01 10 20
Received: D5 41 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 90 00
Normal processing.

Sending: FF 00 00 00 05 D4 40 01 10 40
Received: D5 41 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 90 00
Normal processing.

Sending: FF 00 00 00 05 D4 40 01 10 60
Received: D5 41 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 90 00
Normal processing.

Sending: FF 00 00 00 02 D4 02
Received: D5 03 32 01 06 07 90 00
Normal processing.

Sending: FF 00 00 00 02 D4 04
Received: D5 05 01 00 01 01 00 00 02 80 90 00
Normal processing.

Sending: FF 00 00 00 06 D4 32 02 00 00 00
Received: D5 33 90 00
Normal processing.

Sending: FF 00 00 00 05 D4 40 01 01 7F
Received: D5 41 00 47 90 00
Normal processing.

Sending: FF 00 00 00 05 D4 40 01 02 00
Received:
wrong SW size for:

Sending: FF 00 00 00 06 D4 40 01 53 7F 42
Received:
wrong SW size for:

Sending: FF 00 00 00 0C D4 40 01 55 02 01 02 03 04 05 06
07 08
Received:
wrong SW size for:

Sending: FF 00 00 00 06 D4 40 01 1A 7F 42
Received: D5 41 00 47 90 00
Normal processing.

Sending: FF 00 00 00 0C D4 40 01 1B 02 01 02 03 04 05 06
07 08
Received:
wrong SW size for:

Script was executed without error...
java nfc acr122 lib-nfc pn532
1个回答
1
投票

前段时间我详细研究了一下,得出的结论是:恩智浦的PN532 NFC控制器芯片的固件存在问题,使其无法成功地与NFC论坛1型标签(TopazJewel品牌)进行一些命令的收发。 如上所述,ACR122U就是基于这款芯片的。

当我试着用该芯片一次写入8个字节块时,我的 WRITE-E8 (0x54) 命令,收到的响应是 0x01,超时等待标签响应。

我试过的东西,都没有用。

将UID回声加入到 InDataExchange我甚至玩过UID回声的endianness,结果还是一样。

使用 inCommunicateThru 命令而不是 InDataExchange 并计算应用层的CRC1和CRC2值(结果相同)。

最后我得出的结论是。

PN532不能写入页面 0x10 和更大的Type 1标签上,这使得Topaz 512等热门机型无法写入全部内存。

建议:这个问题与2012年有关,当时Topaz 512是一个很好的低价而高内存的NFC产品。

这个问题在2012年的时候就有了,当时Topaz 512是一款低成本高内存的NFC标签。 现在有了NAG215和NTAG216型号,我建议使用那些具有高内存和普遍兼容NFC阅读器的型号。

© www.soinside.com 2019 - 2024. All rights reserved.