1 /******************************************************************************
2 *
3 * Copyright (C) 2010-2014 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19
20 /******************************************************************************
21 *
22 * This file contains the implementation for Type 1 tag NDEF operation in
23 * Reader/Writer mode.
24 *
25 ******************************************************************************/
26 #include <string.h>
27 #include "nfc_target.h"
28
29 #if (NFC_INCLUDED == TRUE)
30 #include "nfc_api.h"
31 #include "nci_hmsgs.h"
32 #include "rw_api.h"
33 #include "rw_int.h"
34 #include "nfc_int.h"
35 #include "gki.h"
36
37 #if (defined (RW_NDEF_INCLUDED) && (RW_NDEF_INCLUDED == TRUE))
38
39 /* Local Functions */
40 static tNFC_STATUS rw_t1t_handle_rall_rsp (BOOLEAN *p_notify,UINT8 *p_data);
41 static tNFC_STATUS rw_t1t_handle_dyn_read_rsp (BOOLEAN *p_notify, UINT8 *p_data);
42 static tNFC_STATUS rw_t1t_handle_write_rsp (BOOLEAN *p_notify, UINT8 *p_data);
43 static tNFC_STATUS rw_t1t_handle_read_rsp (BOOLEAN *p_callback, UINT8 *p_data);
44 static tNFC_STATUS rw_t1t_handle_tlv_detect_rsp (UINT8 *p_data);
45 static tNFC_STATUS rw_t1t_handle_ndef_read_rsp (UINT8 *p_data);
46 static tNFC_STATUS rw_t1t_handle_ndef_write_rsp (UINT8 *p_data);
47 static tNFC_STATUS rw_t1t_handle_ndef_rall_rsp (void);
48 static tNFC_STATUS rw_t1t_ndef_write_first_block (void);
49 static tNFC_STATUS rw_t1t_next_ndef_write_block (void);
50 static tNFC_STATUS rw_t1t_send_ndef_byte (UINT8 data, UINT8 block, UINT8 index, UINT8 msg_len);
51 static tNFC_STATUS rw_t1t_send_ndef_block (UINT8 *p_data, UINT8 block);
52 static UINT8 rw_t1t_prepare_ndef_bytes (UINT8 *p_data, UINT8 *p_length_field, UINT8 *p_index, BOOLEAN b_one_byte, UINT8 block, UINT8 lengthfield_len);
53 static UINT8 rw_t1t_get_ndef_flags (void);
54 static UINT16 rw_t1t_get_ndef_max_size (void);
55 static BOOLEAN rw_t1t_is_lock_reserved_otp_byte (UINT16 index);
56 static BOOLEAN rw_t1t_is_read_only_byte (UINT16 index);
57 static UINT8 rw_t1t_get_lock_bits_for_segment (UINT8 segment,UINT8 *p_start_byte, UINT8 *p_start_bit,UINT8 *p_end_byte);
58 static void rw_t1t_update_attributes (void);
59 static void rw_t1t_update_lock_attributes (void);
60 static void rw_t1t_extract_lock_bytes (UINT8 *p_data);
61 static void rw_t1t_update_tag_state (void);
62
63 const UINT8 rw_t1t_mask_bits[8] =
64 {0x01,0x02,0x04,0x08,0x10,0x20,0x40,0x80};
65
66 /*******************************************************************************
67 **
68 ** Function rw_t1t_handle_rsp
69 **
70 ** Description This function handles the response received for all commands
71 ** sent to tag
72 **
73 ** Returns event to be sent to application
74 **
75 *******************************************************************************/
rw_t1t_handle_rsp(const tT1T_CMD_RSP_INFO * p_info,BOOLEAN * p_notify,UINT8 * p_data,tNFC_STATUS * p_status)76 tRW_EVENT rw_t1t_handle_rsp (const tT1T_CMD_RSP_INFO * p_info, BOOLEAN *p_notify, UINT8 *p_data, tNFC_STATUS *p_status)
77 {
78 tRW_EVENT rw_event;
79 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
80 UINT8 adds;
81
82 if( (p_t1t->state == RW_T1T_STATE_READ)
83 ||(p_t1t->state == RW_T1T_STATE_WRITE) )
84 {
85 return t1t_info_to_evt (p_info);
86 }
87
88 rw_event = rw_t1t_info_to_event (p_info);
89
90 if (p_info->opcode == T1T_CMD_RALL)
91 {
92 *p_status = rw_t1t_handle_rall_rsp (p_notify,p_data);
93 }
94 else if (p_info->opcode == T1T_CMD_RSEG)
95 {
96 adds = *p_data;
97 if (adds == 0)
98 {
99 p_t1t->b_rseg = TRUE;
100 rw_t1t_update_tag_state ();
101 rw_t1t_update_attributes ();
102 rw_t1t_update_lock_attributes ();
103 memcpy (p_t1t->mem, (UINT8 *) (p_data + T1T_ADD_LEN), T1T_SEGMENT_SIZE);
104 }
105 *p_status = rw_t1t_handle_dyn_read_rsp (p_notify,p_data);
106 }
107 else if (p_info->opcode == T1T_CMD_READ8)
108 {
109 *p_status = rw_t1t_handle_dyn_read_rsp (p_notify,p_data);
110 }
111 else
112 {
113 *p_status = rw_t1t_handle_write_rsp (p_notify,p_data);
114 }
115 return rw_event;
116 }
117
118 /*******************************************************************************
119 **
120 ** Function rw_t1t_info_to_event
121 **
122 ** Description This function returns RW event code based on the current state
123 **
124 ** Returns RW event code
125 **
126 *******************************************************************************/
rw_t1t_info_to_event(const tT1T_CMD_RSP_INFO * p_info)127 tRW_EVENT rw_t1t_info_to_event (const tT1T_CMD_RSP_INFO * p_info)
128 {
129 tRW_EVENT rw_event;
130 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
131
132 switch (p_t1t->state)
133 {
134 case RW_T1T_STATE_TLV_DETECT:
135 if (p_t1t->tlv_detect == TAG_NDEF_TLV)
136 rw_event = RW_T1T_NDEF_DETECT_EVT;
137 else
138 rw_event = RW_T1T_TLV_DETECT_EVT;
139 break;
140
141 case RW_T1T_STATE_READ_NDEF:
142 rw_event = RW_T1T_NDEF_READ_EVT;
143 break;
144
145 case RW_T1T_STATE_WRITE_NDEF:
146 rw_event = RW_T1T_NDEF_WRITE_EVT;
147 break;
148
149 case RW_T1T_STATE_SET_TAG_RO:
150 rw_event = RW_T1T_SET_TAG_RO_EVT;
151 break;
152
153 case RW_T1T_STATE_CHECK_PRESENCE:
154 rw_event = RW_T1T_PRESENCE_CHECK_EVT;
155 break;
156
157 case RW_T1T_STATE_FORMAT_TAG:
158 rw_event = RW_T1T_FORMAT_CPLT_EVT;
159 break;
160
161 default:
162 rw_event = t1t_info_to_evt (p_info);
163 break;
164 }
165 return rw_event;
166 }
167
168 /*******************************************************************************
169 **
170 ** Function rw_t1t_extract_lock_bytes
171 **
172 ** Description This function will extract lock bytes if any present in the
173 ** response data
174 **
175 ** Parameters p_data: Data bytes in the response of RSEG/READ8/RALL command
176 **
177 ** Returns None
178 **
179 *******************************************************************************/
rw_t1t_extract_lock_bytes(UINT8 * p_data)180 void rw_t1t_extract_lock_bytes (UINT8 *p_data)
181 {
182 UINT16 end;
183 UINT16 start;
184 UINT8 num_locks;
185 UINT16 lock_offset = 0;
186 UINT16 offset;
187 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
188 tT1T_CMD_RSP_INFO *p_cmd_rsp_info = (tT1T_CMD_RSP_INFO *) rw_cb.tcb.t1t.p_cmd_rsp_info;
189
190 num_locks = 0;
191 /* Based on the Command used to read Tag, calculate the offset of the tag read */
192 if (p_cmd_rsp_info->opcode == T1T_CMD_RSEG)
193 {
194 start = p_t1t->segment * T1T_SEGMENT_SIZE;
195 end = start + T1T_SEGMENT_SIZE;
196 }
197 else if (p_cmd_rsp_info->opcode == T1T_CMD_READ8)
198 {
199 start = p_t1t->block_read * T1T_BLOCK_SIZE;
200 end = start + T1T_BLOCK_SIZE;
201 }
202 else if (p_cmd_rsp_info->opcode == T1T_CMD_RALL)
203 {
204 start = 0;
205 end = T1T_STATIC_SIZE;
206 }
207 else
208 return;
209
210 /* Collect lock bytes that are present in the part of the data read from Tag */
211 while (num_locks < p_t1t->num_lockbytes)
212 {
213 if (p_t1t->lockbyte[num_locks].b_lock_read == FALSE)
214 {
215 /* Get the exact offset of the dynamic lock byte in the tag */
216 offset = p_t1t->lock_tlv[p_t1t->lockbyte[num_locks].tlv_index].offset + p_t1t->lockbyte[num_locks].byte_index;
217 if ( (offset < end)
218 &&(offset >= start) )
219
220 {
221 /* This dynamic lock byte is in the response */
222 if (p_cmd_rsp_info->opcode == T1T_CMD_RSEG)
223 {
224 lock_offset = (offset % T1T_SEGMENT_SIZE);
225 }
226 else if (p_cmd_rsp_info->opcode == T1T_CMD_READ8)
227 {
228 lock_offset = (offset % T1T_BLOCK_SIZE);
229 }
230 else if (p_cmd_rsp_info->opcode == T1T_CMD_RALL)
231 {
232 lock_offset = offset;
233 }
234
235 p_t1t->lockbyte[num_locks].lock_byte = p_data[lock_offset];
236 p_t1t->lockbyte[num_locks].b_lock_read = TRUE;
237 }
238 else
239 break;
240 }
241 num_locks++;
242 }
243 }
244
245 /*******************************************************************************
246 **
247 ** Function rw_t1t_update_tag_attributes
248 **
249 ** Description This function will update tag attributes based on cc, ndef
250 ** message length
251 **
252 ** Returns None
253 **
254 *******************************************************************************/
rw_t1t_update_tag_state(void)255 void rw_t1t_update_tag_state (void)
256 {
257 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
258
259 /* Set Tag state based on CC value and NDEF Message length */
260 if ( ((p_t1t->mem[T1T_CC_NMN_BYTE] == T1T_CC_NMN) || (p_t1t->mem[T1T_CC_NMN_BYTE] == 0))
261 &&((p_t1t->mem[T1T_CC_VNO_BYTE] == T1T_CC_VNO) || (p_t1t->mem[T1T_CC_VNO_BYTE] == T1T_CC_LEGACY_VNO))
262 &&((p_t1t->mem[T1T_CC_RWA_BYTE] == T1T_CC_RWA_RW) || (p_t1t->mem[T1T_CC_RWA_BYTE] == T1T_CC_RWA_RO)) )
263 {
264 /* Valid CC value, so Tag is initialized */
265 if (p_t1t->ndef_msg_len > 0)
266 {
267 if (p_t1t->mem[T1T_CC_RWA_BYTE] == T1T_CC_RWA_RO)
268 {
269 /* NDEF Message presence, CC indication sets Tag as READ ONLY */
270 p_t1t->tag_attribute = RW_T1_TAG_ATTRB_READ_ONLY;
271 }
272 else if (p_t1t->mem[T1T_CC_RWA_BYTE] == T1T_CC_RWA_RW)
273 {
274 /* NDEF Message presence, CC indication sets Tag as READ WRITE */
275 p_t1t->tag_attribute = RW_T1_TAG_ATTRB_READ_WRITE;
276 }
277 }
278 else
279 {
280 /* If NDEF is not yet detected then Tag remains in Initialized state
281 * after NDEF Detection the Tag state may be updated */
282 p_t1t->tag_attribute = RW_T1_TAG_ATTRB_INITIALIZED;
283 }
284 }
285 else
286 {
287 p_t1t->tag_attribute = RW_T1_TAG_ATTRB_UNKNOWN;
288 }
289 }
290
291 /*******************************************************************************
292 **
293 ** Function rw_t1t_read_locks
294 **
295 ** Description This function will send command to read next unread locks
296 **
297 ** Returns NFC_STATUS_OK, if all locks are read successfully
298 ** NFC_STATUS_FAILED, if reading locks failed
299 ** NFC_STATUS_CONTINUE, if reading locks is in progress
300 **
301 *******************************************************************************/
rw_t1t_read_locks(void)302 tNFC_STATUS rw_t1t_read_locks (void)
303 {
304 UINT8 num_locks = 0;
305 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
306 tNFC_STATUS status = NFC_STATUS_CONTINUE;
307 UINT16 offset;
308
309 while (num_locks < p_t1t->num_lockbytes)
310 {
311 if (p_t1t->lockbyte[num_locks].b_lock_read == FALSE)
312 {
313 offset = p_t1t->lock_tlv[p_t1t->lockbyte[num_locks].tlv_index].offset + p_t1t->lockbyte[num_locks].byte_index;
314 if (offset < T1T_STATIC_SIZE)
315 {
316 p_t1t->lockbyte[num_locks].lock_byte = p_t1t->mem[offset];
317 p_t1t->lockbyte[num_locks].b_lock_read = TRUE;
318 }
319 else if (offset < (p_t1t->mem[T1T_CC_TMS_BYTE] + 1) * T1T_BLOCK_SIZE)
320 {
321 /* send READ8 command */
322 p_t1t->block_read = (UINT8) (offset/T1T_BLOCK_SIZE);
323 if ((status = rw_t1t_send_dyn_cmd (T1T_CMD_READ8, p_t1t->block_read, NULL)) == NFC_STATUS_OK)
324 {
325 /* Reading Locks */
326 status = NFC_STATUS_CONTINUE;
327 p_t1t->substate = RW_T1T_SUBSTATE_WAIT_READ_LOCKS;
328 }
329 break;
330 }
331 else
332 {
333 /* Read locks failed */
334 status = NFC_STATUS_FAILED;
335 break;
336 }
337 }
338 num_locks++;
339 }
340 if (num_locks == p_t1t->num_lockbytes)
341 {
342 /* All locks are read */
343 status = NFC_STATUS_OK;
344 }
345
346 return status;
347 }
348
349 /*******************************************************************************
350 **
351 ** Function rw_t1t_handle_write_rsp
352 **
353 ** Description This function handles response received for WRITE_E8,
354 ** WRITE_NE8, WRITE_E, WRITE_NE commands
355 **
356 ** Returns status of the current NDEF/TLV Operation
357 **
358 *******************************************************************************/
rw_t1t_handle_write_rsp(BOOLEAN * p_notify,UINT8 * p_data)359 static tNFC_STATUS rw_t1t_handle_write_rsp (BOOLEAN *p_notify, UINT8 *p_data)
360 {
361 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
362 tNFC_STATUS status = NFC_STATUS_OK;
363 UINT8 num_locks;
364 UINT8 lock_count;
365 UINT8 value;
366 UINT8 addr;
367 UINT8 write_block[T1T_BLOCK_SIZE];
368 UINT16 offset;
369 UINT16 next_offset;
370 UINT8 num_bits;
371 UINT8 next_num_bits;
372
373 *p_notify = FALSE;
374
375 switch (p_t1t->state)
376 {
377 case RW_T1T_STATE_WRITE:
378 *p_notify = TRUE;
379 break;
380
381 case RW_T1T_STATE_FORMAT_TAG:
382 if (p_t1t->substate == RW_T1T_SUBSTATE_WAIT_SET_NULL_NDEF)
383 {
384 if (rw_cb.tcb.t1t.hr[0] != T1T_STATIC_HR0 || rw_cb.tcb.t1t.hr[1] >= RW_T1T_HR1_MIN)
385 *p_notify = TRUE;
386 else
387 {
388 if (p_t1t->work_offset < (T1T_BLOCK_SIZE - 1))
389 {
390 p_t1t->work_offset++;
391 /* send WRITE-E command */
392 RW_T1T_BLD_ADD ((addr), 1, (UINT8) p_t1t->work_offset);
393
394 if ((status = rw_t1t_send_static_cmd (T1T_CMD_WRITE_E, addr, p_t1t->ndef_first_block[(UINT8) p_t1t->work_offset])) != NFC_STATUS_OK)
395 *p_notify = TRUE;
396 }
397 else
398 *p_notify = TRUE;
399 }
400
401 }
402 else
403 {
404 /* send WRITE-E8 command */
405 if ((status = rw_t1t_send_dyn_cmd (T1T_CMD_WRITE_E8, 2, p_t1t->ndef_final_block)) != NFC_STATUS_OK)
406 *p_notify = TRUE;
407 else
408 p_t1t->substate = RW_T1T_SUBSTATE_WAIT_SET_NULL_NDEF;
409 }
410 break;
411
412 case RW_T1T_STATE_SET_TAG_RO:
413 switch (p_t1t->substate)
414 {
415 case RW_T1T_SUBSTATE_WAIT_SET_CC_RWA_RO:
416
417 if (!p_t1t->b_hard_lock)
418 {
419 status = NFC_STATUS_OK;
420 *p_notify = TRUE;
421 break;
422 }
423
424 if ((p_t1t->hr[0] & 0x0F) != 1)
425 {
426 memset (write_block,0,T1T_BLOCK_SIZE);
427 write_block[0] = 0xFF;
428 write_block[1] = 0xFF;
429
430 /* send WRITE-NE8 command */
431 if ((status = rw_t1t_send_dyn_cmd (T1T_CMD_WRITE_NE8, T1T_LOCK_BLOCK, write_block)) != NFC_STATUS_OK)
432 *p_notify = TRUE;
433 else
434 p_t1t->substate = RW_T1T_SUBSTATE_WAIT_SET_DYN_LOCK_BITS;
435 }
436 else
437 {
438 /* send WRITE-NE command */
439 RW_T1T_BLD_ADD ((addr), (T1T_LOCK_BLOCK), (0));
440 if ((status = rw_t1t_send_static_cmd (T1T_CMD_WRITE_NE, addr, 0xFF)) != NFC_STATUS_OK)
441 *p_notify = TRUE;
442 else
443 p_t1t->substate = RW_T1T_SUBSTATE_WAIT_SET_ST_LOCK_BITS;
444 }
445 break;
446
447 case RW_T1T_SUBSTATE_WAIT_SET_ST_LOCK_BITS:
448
449 /* send WRITE-NE command */
450 RW_T1T_BLD_ADD ((addr), (T1T_LOCK_BLOCK), (1));
451 if ((status = rw_t1t_send_static_cmd (T1T_CMD_WRITE_NE, addr, 0xFF)) != NFC_STATUS_OK)
452 *p_notify = TRUE;
453 else
454 p_t1t->substate = RW_T1T_SUBSTATE_WAIT_SET_DYN_LOCK_BITS;
455
456 break;
457
458 case RW_T1T_SUBSTATE_WAIT_SET_DYN_LOCK_BITS:
459 num_locks = 0;
460 while (num_locks < p_t1t->num_lockbytes)
461 {
462 if (p_t1t->lockbyte[num_locks].lock_status == RW_T1T_LOCK_UPDATE_INITIATED)
463 {
464 p_t1t->lockbyte[num_locks].lock_status = RW_T1T_LOCK_UPDATED;
465 }
466 num_locks++;
467 }
468
469 num_locks = 0;
470 while (num_locks < p_t1t->num_lockbytes)
471 {
472 if (p_t1t->lockbyte[num_locks].lock_status == RW_T1T_LOCK_NOT_UPDATED)
473 {
474 offset = p_t1t->lock_tlv[p_t1t->lockbyte[num_locks].tlv_index].offset + p_t1t->lockbyte[num_locks].byte_index;
475 num_bits = ((p_t1t->lockbyte[num_locks].byte_index + 1)* 8 <= p_t1t->lock_tlv[p_t1t->lockbyte[num_locks].tlv_index].num_bits) ? 8 : p_t1t->lock_tlv[p_t1t->lockbyte[num_locks].tlv_index].num_bits % 8;
476
477 if ((p_t1t->hr[0] & 0x0F) != 1)
478 {
479 memset (write_block,0,T1T_BLOCK_SIZE);
480
481 write_block[(UINT8) (offset%T1T_BLOCK_SIZE)] |= tags_pow (2,num_bits) - 1;
482 lock_count = num_locks + 1;
483 while (lock_count < p_t1t->num_lockbytes)
484 {
485 next_offset = p_t1t->lock_tlv[p_t1t->lockbyte[lock_count].tlv_index].offset + p_t1t->lockbyte[lock_count].byte_index;
486 next_num_bits = ((p_t1t->lockbyte[lock_count].byte_index + 1)* 8 <= p_t1t->lock_tlv[p_t1t->lockbyte[lock_count].tlv_index].num_bits) ? 8 : p_t1t->lock_tlv[p_t1t->lockbyte[lock_count].tlv_index].num_bits % 8;
487
488 if (next_offset/T1T_BLOCK_SIZE == offset/T1T_BLOCK_SIZE)
489 {
490 write_block[(UINT8) (next_offset%T1T_BLOCK_SIZE)] |= tags_pow (2,next_num_bits) - 1;
491 }
492 else
493 break;
494 lock_count ++;
495 }
496
497 /* send WRITE-NE8 command */
498 if ((status = rw_t1t_send_dyn_cmd (T1T_CMD_WRITE_NE8, (UINT8) (offset/T1T_BLOCK_SIZE), write_block)) == NFC_STATUS_OK)
499 {
500 p_t1t->substate = RW_T1T_SUBSTATE_WAIT_SET_DYN_LOCK_BITS;
501 while (lock_count > num_locks)
502 {
503 p_t1t->lockbyte[lock_count - 1].lock_status = RW_T1T_LOCK_UPDATE_INITIATED;
504 lock_count --;
505 }
506 }
507 else
508 *p_notify = TRUE;
509 }
510 else
511 {
512 /* send WRITE-NE command */
513 RW_T1T_BLD_ADD ((addr), ((UINT8) (offset/T1T_BLOCK_SIZE)), ((UINT8) (offset%T1T_BLOCK_SIZE)));
514 value = (UINT8) (tags_pow (2,num_bits) - 1);
515 if ((status = rw_t1t_send_static_cmd (T1T_CMD_WRITE_NE, addr, value)) == NFC_STATUS_OK)
516 {
517 p_t1t->substate = RW_T1T_SUBSTATE_WAIT_SET_DYN_LOCK_BITS;
518 p_t1t->lockbyte[num_locks].lock_status = RW_T1T_LOCK_UPDATE_INITIATED;
519 }
520 else
521 *p_notify = TRUE;
522 }
523 break;
524 }
525 num_locks++;
526 }
527 if (num_locks == p_t1t->num_lockbytes)
528 {
529 rw_t1t_update_lock_attributes ();
530 status = NFC_STATUS_OK;
531 *p_notify = TRUE;
532 }
533 break;
534 }
535 break;
536
537 case RW_T1T_STATE_WRITE_NDEF:
538 switch (p_t1t->substate)
539 {
540 case RW_T1T_SUBSTATE_WAIT_VALIDATE_NDEF:
541 p_t1t->ndef_msg_len = p_t1t->new_ndef_msg_len;
542 p_t1t->tag_attribute = RW_T1_TAG_ATTRB_READ_WRITE;
543 *p_notify = TRUE;
544 break;
545
546 case RW_T1T_SUBSTATE_WAIT_NDEF_UPDATED:
547 status = rw_t1t_handle_ndef_write_rsp (p_data);
548 if (status == NFC_STATUS_OK)
549 {
550 p_t1t->substate = RW_T1T_SUBSTATE_WAIT_VALIDATE_NDEF;
551 }
552 else if (status == NFC_STATUS_FAILED)
553 {
554 /* Send Negative response to upper layer */
555 *p_notify = TRUE;
556 }
557 break;
558
559 case RW_T1T_SUBSTATE_WAIT_NDEF_WRITE:
560 status = rw_t1t_handle_ndef_write_rsp (p_data);
561
562 if (status == NFC_STATUS_FAILED)
563 {
564 /* Send Negative response to upper layer */
565 *p_notify = TRUE;
566 }
567 else if (status == NFC_STATUS_OK)
568 {
569 p_t1t->substate = RW_T1T_SUBSTATE_WAIT_NDEF_UPDATED;
570 }
571 break;
572
573 case RW_T1T_SUBSTATE_WAIT_INVALIDATE_NDEF:
574 status = rw_t1t_handle_ndef_write_rsp (p_data);
575 if (status == NFC_STATUS_FAILED)
576 {
577 /* Send Negative response to upper layer */
578 *p_notify = TRUE;
579 }
580 else if (status == NFC_STATUS_CONTINUE)
581 {
582 p_t1t->substate = RW_T1T_SUBSTATE_WAIT_NDEF_WRITE;
583 }
584 else
585 {
586 p_t1t->substate = RW_T1T_SUBSTATE_WAIT_NDEF_UPDATED;
587 }
588 break;
589 }
590 break;
591 }
592 return status;
593 }
594
595 /*******************************************************************************
596 **
597 ** Function rw_t1t_handle_read_rsp
598 **
599 ** Description This function handle the data bytes excluding ADD(S)/ADD8 field
600 ** received as part of RSEG, RALL, READ8 command response
601 **
602 ** Returns status of the current NDEF/TLV Operation
603 **
604 *******************************************************************************/
rw_t1t_handle_read_rsp(BOOLEAN * p_notify,UINT8 * p_data)605 tNFC_STATUS rw_t1t_handle_read_rsp (BOOLEAN *p_notify, UINT8 *p_data)
606 {
607 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
608 tNFC_STATUS status = NFC_STATUS_OK;
609 tRW_DETECT_NDEF_DATA ndef_data;
610 tRW_DETECT_TLV_DATA tlv_data;
611 UINT8 count;
612 tRW_READ_DATA evt_data;
613
614 *p_notify = FALSE;
615 /* Handle the response based on the current state */
616 switch (p_t1t->state)
617 {
618 case RW_T1T_STATE_READ:
619 *p_notify = TRUE;
620 break;
621
622 case RW_T1T_STATE_READ_NDEF:
623 status = rw_t1t_handle_ndef_rall_rsp ();
624 if (status != NFC_STATUS_CONTINUE)
625 {
626 evt_data.status = status;
627 evt_data.p_data = NULL;
628 rw_t1t_handle_op_complete ();
629 (*rw_cb.p_cback) (RW_T1T_NDEF_READ_EVT, (tRW_DATA *) &evt_data);
630 }
631 break;
632
633 case RW_T1T_STATE_TLV_DETECT:
634 switch (p_t1t->substate)
635 {
636 case RW_T1T_SUBSTATE_WAIT_READ_LOCKS:
637 status = rw_t1t_read_locks ();
638 if (status != NFC_STATUS_CONTINUE)
639 {
640 rw_t1t_update_lock_attributes ();
641 /* Send positive response to upper layer */
642 if (p_t1t->tlv_detect == TAG_LOCK_CTRL_TLV)
643 {
644 tlv_data.protocol = NFC_PROTOCOL_T1T;
645 tlv_data.num_bytes = p_t1t->num_lockbytes;
646 tlv_data.status = status;
647 rw_t1t_handle_op_complete ();
648 (*rw_cb.p_cback) (RW_T1T_TLV_DETECT_EVT, (tRW_DATA *) &tlv_data);
649 }
650 else if (p_t1t->tlv_detect == TAG_NDEF_TLV)
651 {
652 ndef_data.protocol = NFC_PROTOCOL_T1T;
653 ndef_data.flags = rw_t1t_get_ndef_flags ();
654 ndef_data.flags |= RW_NDEF_FL_FORMATED;
655 ndef_data.max_size = (UINT32) rw_t1t_get_ndef_max_size ();
656 ndef_data.cur_size = p_t1t->ndef_msg_len;
657
658 if (ndef_data.max_size < ndef_data.cur_size)
659 {
660 ndef_data.flags |= RW_NDEF_FL_READ_ONLY;
661 ndef_data.max_size = ndef_data.cur_size;
662 }
663
664 if (!(ndef_data.flags & RW_NDEF_FL_READ_ONLY))
665 {
666 ndef_data.flags |= RW_NDEF_FL_SOFT_LOCKABLE;
667 if (status == NFC_STATUS_OK)
668 ndef_data.flags |= RW_NDEF_FL_HARD_LOCKABLE;
669 }
670 ndef_data.status = status;
671 rw_t1t_handle_op_complete ();
672 (*rw_cb.p_cback) (RW_T1T_NDEF_DETECT_EVT, (tRW_DATA *)&ndef_data);
673 }
674 }
675 break;
676
677 case RW_T1T_SUBSTATE_NONE:
678 if (p_t1t->tlv_detect == TAG_MEM_CTRL_TLV)
679 {
680 tlv_data.status = rw_t1t_handle_tlv_detect_rsp (p_t1t->mem);
681 tlv_data.protocol = NFC_PROTOCOL_T1T;
682 tlv_data.num_bytes = 0;
683 count = 0;
684 while (count < p_t1t->num_mem_tlvs)
685 {
686 tlv_data.num_bytes += p_t1t->mem_tlv[p_t1t->num_mem_tlvs].num_bytes;
687 count++;
688 }
689 rw_t1t_handle_op_complete ();
690 /* Send response to upper layer */
691 (*rw_cb.p_cback) (RW_T1T_TLV_DETECT_EVT, (tRW_DATA *) &tlv_data);
692 }
693 else if (p_t1t->tlv_detect == TAG_LOCK_CTRL_TLV)
694 {
695 tlv_data.status = rw_t1t_handle_tlv_detect_rsp (p_t1t->mem);
696 tlv_data.protocol = NFC_PROTOCOL_T1T;
697 tlv_data.num_bytes = p_t1t->num_lockbytes;
698
699 if (tlv_data.status == NFC_STATUS_FAILED)
700 {
701 rw_t1t_handle_op_complete ();
702
703 /* Send Negative response to upper layer */
704 (*rw_cb.p_cback) (RW_T1T_TLV_DETECT_EVT, (tRW_DATA *)&tlv_data);
705 }
706 else
707 {
708 rw_t1t_extract_lock_bytes (p_data);
709 status = rw_t1t_read_locks ();
710 if (status != NFC_STATUS_CONTINUE)
711 {
712 /* Send positive response to upper layer */
713 tlv_data.status = status;
714 rw_t1t_handle_op_complete ();
715
716 (*rw_cb.p_cback) (RW_T1T_TLV_DETECT_EVT, (tRW_DATA *) &tlv_data);
717 }
718 }
719 }
720 else if (p_t1t->tlv_detect == TAG_NDEF_TLV)
721 {
722 ndef_data.protocol = NFC_PROTOCOL_T1T;
723 ndef_data.flags = rw_t1t_get_ndef_flags ();
724
725 if (p_t1t->mem[T1T_CC_NMN_BYTE] == T1T_CC_NMN)
726 {
727 ndef_data.status = rw_t1t_handle_tlv_detect_rsp (p_t1t->mem);
728
729 ndef_data.cur_size = p_t1t->ndef_msg_len;
730 if (ndef_data.status == NFC_STATUS_FAILED)
731 {
732 ndef_data.max_size = (UINT32) rw_t1t_get_ndef_max_size ();
733 if (ndef_data.max_size < ndef_data.cur_size)
734 {
735 ndef_data.flags |= RW_NDEF_FL_READ_ONLY;
736 ndef_data.max_size = ndef_data.cur_size;
737 }
738 if (!(ndef_data.flags & RW_NDEF_FL_READ_ONLY))
739 {
740 ndef_data.flags |= RW_NDEF_FL_SOFT_LOCKABLE;
741 }
742 /* Send Negative response to upper layer */
743 rw_t1t_handle_op_complete ();
744
745 (*rw_cb.p_cback) (RW_T1T_NDEF_DETECT_EVT, (tRW_DATA *) &ndef_data);
746 }
747 else
748 {
749 ndef_data.flags |= RW_NDEF_FL_FORMATED;
750 rw_t1t_extract_lock_bytes (p_data);
751 status = rw_t1t_read_locks ();
752 if (status != NFC_STATUS_CONTINUE)
753 {
754 ndef_data.max_size = (UINT32) rw_t1t_get_ndef_max_size ();
755 if (ndef_data.max_size < ndef_data.cur_size)
756 {
757 ndef_data.flags |= RW_NDEF_FL_READ_ONLY;
758 ndef_data.max_size = ndef_data.cur_size;
759 }
760
761 if (!(ndef_data.flags & RW_NDEF_FL_READ_ONLY))
762 {
763 ndef_data.flags |= RW_NDEF_FL_SOFT_LOCKABLE;
764 if (status == NFC_STATUS_OK)
765 ndef_data.flags |= RW_NDEF_FL_HARD_LOCKABLE;
766 }
767 /* Send positive response to upper layer */
768 ndef_data.status = status;
769 rw_t1t_handle_op_complete ();
770
771 (*rw_cb.p_cback) (RW_T1T_NDEF_DETECT_EVT, (tRW_DATA *)&ndef_data);
772 }
773 }
774 }
775 else
776 {
777 /* Send Negative response to upper layer */
778 ndef_data.status = NFC_STATUS_FAILED;
779 ndef_data.max_size = (UINT32) rw_t1t_get_ndef_max_size ();
780 ndef_data.cur_size = p_t1t->ndef_msg_len;
781 if (ndef_data.max_size < ndef_data.cur_size)
782 {
783 ndef_data.flags |= RW_NDEF_FL_READ_ONLY;
784 ndef_data.max_size = ndef_data.cur_size;
785 }
786 if (!(ndef_data.flags & RW_NDEF_FL_READ_ONLY))
787 {
788 ndef_data.flags |= RW_NDEF_FL_SOFT_LOCKABLE;
789 ndef_data.flags |= RW_NDEF_FL_SOFT_LOCKABLE;
790 }
791 rw_t1t_handle_op_complete ();
792
793 (*rw_cb.p_cback) (RW_T1T_NDEF_DETECT_EVT, (tRW_DATA *) &ndef_data);
794 }
795 }
796 break;
797 }
798 break;
799 }
800 return status;
801 }
802
803 /*******************************************************************************
804 **
805 ** Function rw_t1t_handle_dyn_read_rsp
806 **
807 ** Description This function handles response received for READ8, RSEG
808 ** commands based on the current state
809 **
810 ** Returns status of the current NDEF/TLV Operation
811 **
812 *******************************************************************************/
rw_t1t_handle_dyn_read_rsp(BOOLEAN * p_notify,UINT8 * p_data)813 static tNFC_STATUS rw_t1t_handle_dyn_read_rsp (BOOLEAN *p_notify, UINT8 *p_data)
814 {
815 tNFC_STATUS status = NFC_STATUS_OK;
816 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
817
818 *p_notify = FALSE;
819
820 p_data += T1T_ADD_LEN;
821
822 rw_t1t_extract_lock_bytes (p_data);
823
824 if (p_t1t->state == RW_T1T_STATE_READ_NDEF)
825 {
826 status = rw_t1t_handle_ndef_read_rsp (p_data);
827 if ( (status == NFC_STATUS_FAILED)
828 ||(status == NFC_STATUS_OK) )
829 {
830 /* Send response to upper layer */
831 *p_notify = TRUE;
832 }
833 }
834 else if (p_t1t->state == RW_T1T_STATE_WRITE_NDEF)
835 {
836 status = rw_t1t_handle_ndef_write_rsp (p_data);
837 if (status == NFC_STATUS_FAILED)
838 {
839 /* Send response to upper layer */
840 *p_notify = TRUE;
841 }
842 else if (status == NFC_STATUS_CONTINUE)
843 {
844 p_t1t->substate = RW_T1T_SUBSTATE_WAIT_INVALIDATE_NDEF;
845 }
846 }
847 else
848 {
849 status = rw_t1t_handle_read_rsp (p_notify, p_data);
850 }
851 return status;
852 }
853
854 /*****************************************************************************
855 **
856 ** Function rw_t1t_handle_rall_rsp
857 **
858 ** Description Handle response to RALL - Collect CC, set Tag state
859 **
860 ** Returns None
861 **
862 *****************************************************************************/
rw_t1t_handle_rall_rsp(BOOLEAN * p_notify,UINT8 * p_data)863 static tNFC_STATUS rw_t1t_handle_rall_rsp (BOOLEAN *p_notify,UINT8 *p_data)
864 {
865 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
866
867 p_data += T1T_HR_LEN; /* skip HR */
868 memcpy (p_t1t->mem, (UINT8 *) p_data, T1T_STATIC_SIZE);
869 p_t1t->segment = 0;
870 rw_t1t_extract_lock_bytes (p_data);
871
872 p_data += T1T_UID_LEN + T1T_RES_BYTE_LEN; /* skip Block 0, UID and Reserved byte */
873
874 RW_TRACE_DEBUG0 ("rw_t1t_handle_rall_rsp ()");
875
876 rw_t1t_update_tag_state ();
877 rw_t1t_update_attributes ();
878 rw_t1t_update_lock_attributes ();
879 p_t1t->b_update = TRUE;
880 return (rw_t1t_handle_read_rsp (p_notify, p_t1t->mem));
881 }
882
883 /*******************************************************************************
884 **
885 ** Function rw_t1t_handle_tlv_detect_rsp
886 **
887 ** Description Handle response to the last command sent while
888 ** detecting tlv
889 **
890 ** Returns NFC_STATUS_OK, if tlv detect is complete & success
891 ** NFC_STATUS_FAILED,if tlv detect failed
892 **
893 *******************************************************************************/
rw_t1t_handle_tlv_detect_rsp(UINT8 * p_data)894 static tNFC_STATUS rw_t1t_handle_tlv_detect_rsp (UINT8 *p_data)
895 {
896 UINT16 offset;
897 UINT16 len;
898 UINT8 xx;
899 UINT8 *p_readbytes;
900 UINT8 index;
901 UINT8 tlv_detect_state = RW_T1T_SUBSTATE_WAIT_TLV_DETECT;
902 UINT8 found_tlv = TAG_NULL_TLV;
903 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
904 BOOLEAN failed = FALSE;
905 BOOLEAN found = FALSE;
906 UINT8 count = 0;
907 tNFC_STATUS status = NFC_STATUS_FAILED;
908 UINT8 start_offset = T1T_UID_LEN + T1T_CC_LEN + T1T_RES_BYTE_LEN;
909 UINT8 end_offset = T1T_STATIC_SIZE - (2*T1T_BLOCK_SIZE);
910 UINT8 bytes_read = T1T_STATIC_SIZE;
911 UINT8 tlv_value[T1T_DEFAULT_TLV_LEN];
912 UINT16 bytes_count = 0;
913
914 p_readbytes = p_data;
915
916 for (offset = start_offset; offset < end_offset && !failed && !found;)
917 {
918 if (rw_t1t_is_lock_reserved_otp_byte ((UINT16) (offset)) == TRUE)
919 {
920 offset++;
921 continue;
922 }
923 switch (tlv_detect_state)
924 {
925 case RW_T1T_SUBSTATE_WAIT_TLV_DETECT:
926 /* Search for the tag */
927 found_tlv = p_readbytes[offset++];
928 switch (found_tlv)
929 {
930 case TAG_NULL_TLV: /* May be used for padding. SHALL ignore this */
931 break;
932
933 case TAG_NDEF_TLV:
934 if (p_t1t->tlv_detect == TAG_NDEF_TLV)
935 {
936 index = (offset % T1T_BLOCK_SIZE);
937 /* Backup ndef first block */
938 memcpy (&p_t1t->ndef_first_block[0],&p_readbytes[offset-index],index);
939 memcpy (&p_t1t->ndef_first_block[index],&p_readbytes[offset],T1T_BLOCK_SIZE - index);
940 tlv_detect_state = RW_T1T_SUBSTATE_WAIT_FIND_LEN_FIELD_LEN;
941 }
942 else if (p_t1t->tlv_detect == TAG_PROPRIETARY_TLV)
943 {
944 tlv_detect_state = RW_T1T_SUBSTATE_WAIT_FIND_LEN_FIELD_LEN;
945 }
946 else if ( ((p_t1t->tlv_detect == TAG_LOCK_CTRL_TLV) && (p_t1t->num_lockbytes > 0))
947 ||((p_t1t->tlv_detect == TAG_MEM_CTRL_TLV) && (p_t1t->num_mem_tlvs > 0)) )
948 {
949 found = TRUE;
950 }
951 else
952 {
953 failed = TRUE;
954 }
955 break;
956
957 case TAG_LOCK_CTRL_TLV:
958 case TAG_MEM_CTRL_TLV:
959 tlv_detect_state = RW_T1T_SUBSTATE_WAIT_READ_TLV_LEN0;
960 break;
961
962 case TAG_PROPRIETARY_TLV:
963 if (p_t1t->tlv_detect == TAG_PROPRIETARY_TLV)
964 {
965 index = (offset % T1T_BLOCK_SIZE);
966 /* Backup ndef first block */
967 tlv_detect_state = RW_T1T_SUBSTATE_WAIT_FIND_LEN_FIELD_LEN;
968 }
969 else
970 {
971 /* NDEF/LOCK/MEM TLV can exist after Proprietary Tlv so we continue searching, skiping proprietary tlv */
972 tlv_detect_state = RW_T1T_SUBSTATE_WAIT_FIND_LEN_FIELD_LEN;
973 }
974 break;
975
976 case TAG_TERMINATOR_TLV: /* Last TLV block in the data area. Must be no NDEF nessage */
977 if ( ((p_t1t->tlv_detect == TAG_LOCK_CTRL_TLV) && (p_t1t->num_lockbytes > 0))
978 ||((p_t1t->tlv_detect == TAG_MEM_CTRL_TLV) && (p_t1t->num_mem_tlvs > 0)) )
979 {
980 found = TRUE;
981 }
982 else
983 {
984 failed = TRUE;
985 }
986 break;
987 default:
988 failed = TRUE;
989 }
990 break;
991
992 case RW_T1T_SUBSTATE_WAIT_FIND_LEN_FIELD_LEN:
993 len = p_readbytes[offset];
994 switch (found_tlv)
995 {
996 case TAG_NDEF_TLV:
997 p_t1t->ndef_header_offset = offset + p_t1t->work_offset;
998 if (len == T1T_LONG_NDEF_LEN_FIELD_BYTE0)
999 {
1000 /* The next two bytes constitute length bytes */
1001 tlv_detect_state = RW_T1T_SUBSTATE_WAIT_READ_TLV_LEN0;
1002 }
1003 else
1004 {
1005 /* one byte length field */
1006 p_t1t->ndef_msg_len = len;
1007 bytes_count = p_t1t->ndef_msg_len;
1008 tlv_detect_state = RW_T1T_SUBSTATE_WAIT_READ_TLV_VALUE;
1009 }
1010 break;
1011
1012 case TAG_PROPRIETARY_TLV:
1013 if (len == 0xFF)
1014 {
1015 /* The next two bytes constitute length bytes */
1016 tlv_detect_state = RW_T1T_SUBSTATE_WAIT_READ_TLV_LEN0;
1017 }
1018 else
1019 {
1020 /* one byte length field */
1021 bytes_count = len;
1022 tlv_detect_state = RW_T1T_SUBSTATE_WAIT_READ_TLV_VALUE;
1023 }
1024 break;
1025 }
1026 offset++;
1027 break;
1028
1029 case RW_T1T_SUBSTATE_WAIT_READ_TLV_LEN0:
1030 switch (found_tlv)
1031 {
1032 case TAG_LOCK_CTRL_TLV:
1033 case TAG_MEM_CTRL_TLV:
1034
1035 len = p_readbytes[offset];
1036 if (len == T1T_DEFAULT_TLV_LEN)
1037 {
1038 /* Valid Lock control TLV */
1039 tlv_detect_state = RW_T1T_SUBSTATE_WAIT_READ_TLV_VALUE;
1040 bytes_count = T1T_DEFAULT_TLV_LEN;
1041 }
1042 else if ( ((p_t1t->tlv_detect == TAG_LOCK_CTRL_TLV) && (p_t1t->num_lockbytes > 0))
1043 ||((p_t1t->tlv_detect == TAG_MEM_CTRL_TLV) && (p_t1t->num_mem_tlvs > 0)) )
1044 {
1045 found = TRUE;
1046 }
1047 else
1048 {
1049 failed = TRUE;
1050 }
1051 break;
1052
1053 case TAG_NDEF_TLV:
1054 case TAG_PROPRIETARY_TLV:
1055 /* The first length byte */
1056 bytes_count = (UINT8) p_readbytes[offset];
1057 tlv_detect_state = RW_T1T_SUBSTATE_WAIT_READ_TLV_LEN1;
1058 break;
1059 }
1060 offset++;
1061 break;
1062
1063 case RW_T1T_SUBSTATE_WAIT_READ_TLV_LEN1:
1064 bytes_count = (bytes_count << 8) + p_readbytes[offset];
1065 if (found_tlv == TAG_NDEF_TLV)
1066 {
1067 p_t1t->ndef_msg_len = bytes_count;
1068 }
1069 tlv_detect_state = RW_T1T_SUBSTATE_WAIT_READ_TLV_VALUE;
1070 offset++;
1071 break;
1072
1073 case RW_T1T_SUBSTATE_WAIT_READ_TLV_VALUE:
1074 switch (found_tlv)
1075 {
1076 case TAG_NDEF_TLV:
1077 if ((bytes_count == p_t1t->ndef_msg_len) && (p_t1t->tlv_detect == TAG_NDEF_TLV))
1078 {
1079 /* The first byte offset after length field */
1080 p_t1t->ndef_msg_offset = offset + p_t1t->work_offset;
1081 }
1082 if (bytes_count > 0)
1083 bytes_count--;
1084
1085 if (p_t1t->tlv_detect == TAG_NDEF_TLV)
1086 {
1087 if (p_t1t->ndef_msg_len > 0)
1088 {
1089 rw_t1t_update_tag_state ();
1090 }
1091 else
1092 {
1093 p_t1t->tag_attribute = RW_T1_TAG_ATTRB_INITIALIZED_NDEF;
1094 }
1095 found = TRUE;
1096 }
1097 else if (bytes_count == 0)
1098 {
1099 tlv_detect_state = RW_T1T_SUBSTATE_WAIT_TLV_DETECT;
1100 }
1101 break;
1102
1103 case TAG_LOCK_CTRL_TLV:
1104 bytes_count--;
1105 if ( (p_t1t->tlv_detect == TAG_LOCK_CTRL_TLV)
1106 ||(p_t1t->tlv_detect == TAG_NDEF_TLV) )
1107 {
1108 tlv_value[2 - bytes_count] = p_readbytes[offset];
1109 if (bytes_count == 0)
1110 {
1111 if (p_t1t->num_lock_tlvs < RW_T1T_MAX_LOCK_TLVS)
1112 {
1113 p_t1t->lock_tlv[p_t1t->num_lock_tlvs].offset = (tlv_value[0] >> 4) & 0x0F;
1114 p_t1t->lock_tlv[p_t1t->num_lock_tlvs].offset *= (UINT8) tags_pow (2, tlv_value[2] & 0x0F);
1115 p_t1t->lock_tlv[p_t1t->num_lock_tlvs].offset += tlv_value[0] & 0x0F;
1116 p_t1t->lock_tlv[p_t1t->num_lock_tlvs].bytes_locked_per_bit = (UINT8) tags_pow (2, ((tlv_value[2] & 0xF0) >> 4));
1117 p_t1t->lock_tlv[p_t1t->num_lock_tlvs].num_bits = tlv_value[1];
1118 count = tlv_value[1] / 8 + ((tlv_value[1] % 8 != 0)? 1:0);
1119 xx = 0;
1120 while (xx < count)
1121 {
1122 if (p_t1t->num_lockbytes < RW_T1T_MAX_LOCK_BYTES)
1123 {
1124 p_t1t->lockbyte[p_t1t->num_lockbytes].tlv_index = p_t1t->num_lock_tlvs;
1125 p_t1t->lockbyte[p_t1t->num_lockbytes].byte_index = xx;
1126 p_t1t->lockbyte[p_t1t->num_lockbytes].b_lock_read = FALSE;
1127 p_t1t->num_lockbytes++;
1128 }
1129 else
1130 RW_TRACE_ERROR1 ("T1T Buffer overflow error. Max supported lock bytes=0x%02X", RW_T1T_MAX_LOCK_BYTES);
1131 xx++;
1132 }
1133 p_t1t->num_lock_tlvs++;
1134 rw_t1t_update_attributes ();
1135 }
1136 else
1137 RW_TRACE_ERROR1 ("T1T Buffer overflow error. Max supported lock tlvs=0x%02X", RW_T1T_MAX_LOCK_TLVS);
1138
1139 tlv_detect_state = RW_T1T_SUBSTATE_WAIT_TLV_DETECT;
1140 }
1141 }
1142 else
1143 {
1144 if (bytes_count == 0)
1145 {
1146 tlv_detect_state = RW_T1T_SUBSTATE_WAIT_TLV_DETECT;
1147 }
1148 }
1149 break;
1150
1151 case TAG_MEM_CTRL_TLV:
1152 bytes_count--;
1153 if ( (p_t1t->tlv_detect == TAG_MEM_CTRL_TLV)
1154 ||(p_t1t->tlv_detect == TAG_NDEF_TLV) )
1155 {
1156 tlv_value[2 - bytes_count] = p_readbytes[offset];
1157 if (bytes_count == 0)
1158 {
1159 if (p_t1t->num_mem_tlvs >= RW_T1T_MAX_MEM_TLVS)
1160 {
1161 RW_TRACE_ERROR0 ("rw_t1t_handle_tlv_detect_rsp - Maximum buffer allocated for Memory tlv has reached");
1162 failed = TRUE;
1163 }
1164 else
1165 {
1166 /* Extract dynamic reserved bytes */
1167 p_t1t->mem_tlv[p_t1t->num_mem_tlvs].offset = (tlv_value[0] >> 4) & 0x0F;
1168 p_t1t->mem_tlv[p_t1t->num_mem_tlvs].offset *= (UINT8) tags_pow (2, tlv_value[2] & 0x0F);
1169 p_t1t->mem_tlv[p_t1t->num_mem_tlvs].offset += tlv_value[0] & 0x0F;
1170 p_t1t->mem_tlv[p_t1t->num_mem_tlvs].num_bytes = tlv_value[1];
1171 p_t1t->num_mem_tlvs++;
1172 rw_t1t_update_attributes ();
1173 tlv_detect_state = RW_T1T_SUBSTATE_WAIT_TLV_DETECT;
1174 }
1175 }
1176 }
1177 else
1178 {
1179 if (bytes_count == 0)
1180 {
1181 tlv_detect_state = RW_T1T_SUBSTATE_WAIT_TLV_DETECT;
1182 }
1183 }
1184 break;
1185
1186 case TAG_PROPRIETARY_TLV:
1187 bytes_count--;
1188 if (p_t1t->tlv_detect == TAG_PROPRIETARY_TLV)
1189 found = TRUE;
1190 else
1191 {
1192 if (bytes_count == 0)
1193 {
1194 tlv_detect_state = RW_T1T_SUBSTATE_WAIT_TLV_DETECT;
1195 }
1196 }
1197 break;
1198 }
1199 offset++;
1200 break;
1201 }
1202 }
1203
1204 p_t1t->work_offset += bytes_read;
1205
1206 /* NDEF/Lock/Mem TLV to be found in segment 0, if not assume detection failed */
1207 if (!found && !failed)
1208 {
1209 if ( ((p_t1t->tlv_detect == TAG_LOCK_CTRL_TLV) && (p_t1t->num_lockbytes > 0))
1210 ||((p_t1t->tlv_detect == TAG_MEM_CTRL_TLV) && (p_t1t->num_mem_tlvs > 0)) )
1211 {
1212 found = TRUE;
1213 }
1214 else
1215 {
1216 if (p_t1t->tlv_detect == TAG_NDEF_TLV)
1217 {
1218 p_t1t->tag_attribute = RW_T1_TAG_ATTRB_INITIALIZED;
1219 }
1220 failed = TRUE;
1221 }
1222 }
1223
1224
1225 status = failed ? NFC_STATUS_FAILED : NFC_STATUS_OK;
1226 return status;
1227 }
1228
1229 /*******************************************************************************
1230 **
1231 ** Function rw_t1t_handle_ndef_rall_rsp
1232 **
1233 ** Description Handle response to RALL command sent while reading an
1234 ** NDEF message
1235 **
1236 ** Returns NFC_STATUS_CONTINUE, if NDEF read operation is not complete
1237 ** NFC_STATUS_OK, if NDEF read is successfull
1238 ** NFC_STATUS_FAILED,if NDEF read failed
1239 **
1240 *******************************************************************************/
rw_t1t_handle_ndef_rall_rsp(void)1241 static tNFC_STATUS rw_t1t_handle_ndef_rall_rsp (void)
1242 {
1243 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
1244 tNFC_STATUS status = NFC_STATUS_CONTINUE;
1245 UINT8 count;
1246 UINT8 adds;
1247
1248 count = (UINT8) p_t1t->ndef_msg_offset;
1249 p_t1t->work_offset = 0;
1250 p_t1t->segment = 0;
1251
1252 while (count < T1T_STATIC_SIZE && p_t1t->work_offset < p_t1t->ndef_msg_len)
1253 {
1254 if (rw_t1t_is_lock_reserved_otp_byte (count) == FALSE)
1255 {
1256 p_t1t->p_ndef_buffer[p_t1t->work_offset] = p_t1t->mem[count];
1257 p_t1t->work_offset++;
1258 }
1259 count++;
1260 }
1261 if (p_t1t->work_offset != p_t1t->ndef_msg_len)
1262 {
1263 if ((p_t1t->hr[0] & 0x0F) != 1)
1264 {
1265 if (p_t1t->work_offset == 0)
1266 return NFC_STATUS_FAILED;
1267
1268 else
1269 {
1270 p_t1t->block_read = T1T_STATIC_BLOCKS + 1;
1271 p_t1t->segment++;
1272 }
1273 if (p_t1t->ndef_msg_len - p_t1t->work_offset <= 8)
1274 {
1275 if ((status = rw_t1t_send_dyn_cmd (T1T_CMD_READ8, p_t1t->block_read, NULL)) == NFC_STATUS_OK)
1276 {
1277 p_t1t->tlv_detect = TAG_NDEF_TLV;
1278 p_t1t->state = RW_T1T_STATE_READ_NDEF;
1279 status = NFC_STATUS_CONTINUE;
1280 }
1281 }
1282 else
1283 {
1284 /* send RSEG command */
1285 RW_T1T_BLD_ADDS ((adds), (p_t1t->segment));
1286 if ((status = rw_t1t_send_dyn_cmd (T1T_CMD_RSEG, adds, NULL)) == NFC_STATUS_OK)
1287 {
1288 p_t1t->state = RW_T1T_STATE_READ_NDEF;
1289 status = NFC_STATUS_CONTINUE;
1290 }
1291 }
1292 }
1293 else
1294 {
1295 RW_TRACE_ERROR1 ("RW_T1tReadNDef - Invalid NDEF len: %u or NDEF corrupted", p_t1t->ndef_msg_len);
1296 status = NFC_STATUS_FAILED;
1297 }
1298 }
1299 else
1300 {
1301 status = NFC_STATUS_OK;
1302 }
1303 return status;
1304 }
1305
1306 /*******************************************************************************
1307 **
1308 ** Function rw_t1t_handle_ndef_read_rsp
1309 **
1310 ** Description Handle response to commands sent while reading an
1311 ** NDEF message
1312 **
1313 ** Returns NFC_STATUS_CONTINUE, if tlv read is not yet complete
1314 ** NFC_STATUS_OK, if tlv read is complete & success
1315 ** NFC_STATUS_FAILED,if tlv read failed
1316 **
1317 *******************************************************************************/
rw_t1t_handle_ndef_read_rsp(UINT8 * p_data)1318 static tNFC_STATUS rw_t1t_handle_ndef_read_rsp (UINT8 *p_data)
1319 {
1320 tNFC_STATUS ndef_status = NFC_STATUS_CONTINUE;
1321 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
1322 UINT8 index;
1323 UINT8 adds;
1324 tT1T_CMD_RSP_INFO *p_cmd_rsp_info = (tT1T_CMD_RSP_INFO *) rw_cb.tcb.t1t.p_cmd_rsp_info;
1325
1326 /* The Response received could be for Read8 or Read Segment command */
1327 switch(p_cmd_rsp_info->opcode)
1328 {
1329 case T1T_CMD_READ8:
1330 if (p_t1t->work_offset == 0)
1331 {
1332 index = p_t1t->ndef_msg_offset % T1T_BLOCK_SIZE;
1333 }
1334 else
1335 {
1336 index = 0;
1337 }
1338 p_t1t->segment = (p_t1t->block_read * T1T_BLOCK_SIZE)/T1T_SEGMENT_SIZE;
1339 while (index < T1T_BLOCK_SIZE && p_t1t->work_offset < p_t1t->ndef_msg_len)
1340 {
1341 if (rw_t1t_is_lock_reserved_otp_byte ((UINT16) ((p_t1t->block_read * T1T_BLOCK_SIZE) + index)) == FALSE)
1342 {
1343 p_t1t->p_ndef_buffer[p_t1t->work_offset] = p_data[index];
1344 p_t1t->work_offset++;
1345 }
1346 index++;
1347 }
1348 break;
1349
1350 case T1T_CMD_RSEG:
1351 if (p_t1t->work_offset == 0)
1352 {
1353 index = p_t1t->ndef_msg_offset % T1T_SEGMENT_SIZE;
1354 }
1355 else
1356 {
1357 index = 0;
1358 }
1359 p_t1t->block_read = ((p_t1t->segment + 1) * T1T_BLOCKS_PER_SEGMENT) - 1;
1360
1361 while (index < T1T_SEGMENT_SIZE && p_t1t->work_offset < p_t1t->ndef_msg_len)
1362 {
1363 if (rw_t1t_is_lock_reserved_otp_byte ((UINT16) (index)) == FALSE)
1364 {
1365 p_t1t->p_ndef_buffer[p_t1t->work_offset] = p_data[index];
1366 p_t1t->work_offset++;
1367 }
1368 index++;
1369 }
1370 break;
1371
1372 default:
1373 break;
1374 }
1375 if (p_t1t->work_offset < p_t1t->ndef_msg_len)
1376 {
1377 if ((p_t1t->hr[0] & 0x0F) != 1)
1378 {
1379 if ((p_t1t->ndef_msg_len - p_t1t->work_offset) <= T1T_BLOCK_SIZE)
1380 {
1381 p_t1t->block_read++;
1382 if ((ndef_status = rw_t1t_send_dyn_cmd (T1T_CMD_READ8, (UINT8) (p_t1t->block_read), NULL)) == NFC_STATUS_OK)
1383 {
1384 ndef_status = NFC_STATUS_CONTINUE;
1385 }
1386 }
1387 else
1388 {
1389 p_t1t->segment++;
1390 /* send RSEG command */
1391 RW_T1T_BLD_ADDS ((adds), (p_t1t->segment));
1392 if ((ndef_status = rw_t1t_send_dyn_cmd (T1T_CMD_RSEG, adds, NULL)) == NFC_STATUS_OK)
1393 {
1394 ndef_status = NFC_STATUS_CONTINUE;
1395 }
1396 }
1397 }
1398 }
1399 else
1400 {
1401 ndef_status = NFC_STATUS_OK;
1402 }
1403 return ndef_status;
1404 }
1405
1406 /*******************************************************************************
1407 **
1408 ** Function rw_t1t_next_ndef_write_block
1409 **
1410 ** Description This function prepare and writes ndef blocks
1411 **
1412 ** Returns NFC_STATUS_CONTINUE, if tlv write is not yet complete
1413 ** NFC_STATUS_OK, if tlv write is complete & success
1414 ** NFC_STATUS_FAILED,if tlv write failed
1415 **
1416 *******************************************************************************/
rw_t1t_next_ndef_write_block(void)1417 static tNFC_STATUS rw_t1t_next_ndef_write_block (void)
1418 {
1419 BOOLEAN b_block_write_cmd = FALSE;
1420 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
1421 tNFC_STATUS ndef_status = NFC_STATUS_CONTINUE;
1422 UINT8 write_block[8];
1423 UINT8 block;
1424 UINT8 index;
1425 UINT8 new_lengthfield_len;
1426 UINT8 length_field[3];
1427 UINT16 initial_offset;
1428 UINT8 count;
1429 /* Write NDEF Message */
1430 new_lengthfield_len = p_t1t->new_ndef_msg_len > 254 ? 3:1;
1431
1432 /* Identify the command to use for NDEF write operation */
1433 if ((p_t1t->hr[0] & 0x0F) != 1)
1434 {
1435 /* Dynamic memory structure */
1436 b_block_write_cmd = FALSE;
1437 block = p_t1t->ndef_block_written + 1;
1438 p_t1t->segment = (block * T1T_BLOCK_SIZE) /T1T_SEGMENT_SIZE;
1439
1440 count = 0;
1441 while (block <= p_t1t->mem[T1T_CC_TMS_BYTE])
1442 {
1443 index = 0;
1444 if (block == p_t1t->num_ndef_finalblock)
1445 {
1446 /* T1T_CMD_WRITE_E8 Command */
1447 b_block_write_cmd = TRUE;
1448 break;
1449 }
1450 while (index < T1T_BLOCK_SIZE && p_t1t->work_offset < (p_t1t->new_ndef_msg_len + new_lengthfield_len))
1451 {
1452 if (rw_t1t_is_lock_reserved_otp_byte ((UINT16) ((block * T1T_BLOCK_SIZE) + index)) == FALSE)
1453 {
1454 count++;
1455 }
1456 index++;
1457 }
1458 if (count == T1T_BLOCK_SIZE)
1459 {
1460 /* T1T_CMD_WRITE_E8 Command */
1461 b_block_write_cmd = TRUE;
1462 break;
1463 }
1464 else if (count == 0)
1465 {
1466 index = 0;
1467 block++;
1468 if (p_t1t->segment != (block * T1T_BLOCK_SIZE) /T1T_SEGMENT_SIZE)
1469 {
1470 p_t1t->segment = (block * T1T_BLOCK_SIZE) /T1T_SEGMENT_SIZE;
1471 }
1472 }
1473 else
1474 {
1475 /* T1T_CMD_WRITE_E Command */
1476 b_block_write_cmd = FALSE;
1477 break;
1478 }
1479 }
1480 }
1481 else
1482 {
1483 /* Static memory structure */
1484 block = p_t1t->ndef_block_written;
1485 b_block_write_cmd = FALSE;
1486 }
1487
1488 new_lengthfield_len = p_t1t->new_ndef_msg_len > 254 ? 3:1;
1489 if (new_lengthfield_len == 3)
1490 {
1491 length_field[0] = T1T_LONG_NDEF_LEN_FIELD_BYTE0;
1492 length_field[1] = (UINT8) (p_t1t->new_ndef_msg_len >> 8);
1493 length_field[2] = (UINT8) (p_t1t->new_ndef_msg_len);
1494 }
1495 else
1496 {
1497 length_field[0] = (UINT8) (p_t1t->new_ndef_msg_len);
1498 }
1499
1500 if (b_block_write_cmd)
1501 {
1502 /* Dynamic memory structure */
1503 index = 0;
1504 p_t1t->segment = (block * T1T_BLOCK_SIZE) /T1T_SEGMENT_SIZE;
1505
1506 initial_offset = p_t1t->work_offset;
1507 block = rw_t1t_prepare_ndef_bytes (write_block, length_field, &index, FALSE, block, new_lengthfield_len);
1508 if (p_t1t->work_offset == initial_offset)
1509 {
1510 ndef_status = NFC_STATUS_FAILED;
1511 }
1512 else
1513 {
1514 /* Send WRITE_E8 command */
1515 ndef_status = rw_t1t_send_ndef_block (write_block, block);
1516 }
1517 }
1518 else
1519 {
1520 /* Static memory structure */
1521 if (p_t1t->write_byte + 1 >= T1T_BLOCK_SIZE)
1522 {
1523 index = 0;
1524 block++;
1525 }
1526 else
1527 {
1528 index = p_t1t->write_byte + 1;
1529 }
1530 initial_offset = p_t1t->work_offset;
1531 block = rw_t1t_prepare_ndef_bytes (write_block, length_field, &index, TRUE, block, new_lengthfield_len);
1532 if (p_t1t->work_offset == initial_offset)
1533 {
1534 ndef_status = NFC_STATUS_FAILED;
1535 }
1536 else
1537 {
1538 /* send WRITE-E command */
1539 ndef_status = rw_t1t_send_ndef_byte (write_block[index], block, index, new_lengthfield_len);
1540 }
1541 }
1542 return ndef_status;
1543
1544 }
1545
1546 /*******************************************************************************
1547 **
1548 ** Function rw_t1t_ndef_write_first_block
1549 **
1550 ** Description This function writes ndef first block
1551 **
1552 ** Returns NFC_STATUS_CONTINUE, if tlv write is not yet complete
1553 ** NFC_STATUS_OK, if tlv write is complete & success
1554 ** NFC_STATUS_FAILED,if tlv write failed
1555 **
1556 *******************************************************************************/
rw_t1t_ndef_write_first_block(void)1557 static tNFC_STATUS rw_t1t_ndef_write_first_block (void)
1558 {
1559 tNFC_STATUS ndef_status = NFC_STATUS_CONTINUE;
1560 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
1561 UINT8 block;
1562 UINT8 index;
1563 UINT8 new_lengthfield_len;
1564 UINT8 length_field[3];
1565 UINT8 write_block[8];
1566
1567 /* handle positive response to invalidating existing NDEF Message */
1568 p_t1t->work_offset = 0;
1569 new_lengthfield_len = p_t1t->new_ndef_msg_len > 254 ? 3:1;
1570 if (new_lengthfield_len == 3)
1571 {
1572 length_field[0] = T1T_LONG_NDEF_LEN_FIELD_BYTE0;
1573 length_field[1] = (UINT8) (p_t1t->new_ndef_msg_len >> 8);
1574 length_field[2] = (UINT8) (p_t1t->new_ndef_msg_len);
1575 }
1576 else
1577 {
1578 length_field[0] = (UINT8) (p_t1t->new_ndef_msg_len);
1579 }
1580 /* updating ndef_first_block with new ndef message */
1581 memcpy(write_block,p_t1t->ndef_first_block,T1T_BLOCK_SIZE);
1582 index = p_t1t->ndef_header_offset % T1T_BLOCK_SIZE;
1583 block = (UINT8) (p_t1t->ndef_header_offset / T1T_BLOCK_SIZE);
1584 p_t1t->segment = (UINT8) (p_t1t->ndef_header_offset/T1T_SEGMENT_SIZE);
1585
1586 if ((p_t1t->hr[0] & 0x0F) != 1)
1587 {
1588 /* Dynamic Memory structure */
1589 block = rw_t1t_prepare_ndef_bytes (write_block, length_field, &index, FALSE, block, new_lengthfield_len);
1590
1591 if (p_t1t->work_offset == 0)
1592 {
1593 ndef_status = NFC_STATUS_FAILED;
1594 }
1595 else
1596 {
1597 /* Send WRITE-E8 command based on the prepared write_block */
1598 ndef_status = rw_t1t_send_ndef_block (write_block, block);
1599 }
1600 }
1601 else
1602 {
1603 /* Static Memory structure */
1604 block = rw_t1t_prepare_ndef_bytes (write_block, length_field, &index, TRUE, block, new_lengthfield_len);
1605 if (p_t1t->work_offset == 0)
1606 {
1607 ndef_status = NFC_STATUS_FAILED;
1608 }
1609 else
1610 {
1611 /* send WRITE-E command */
1612 ndef_status = rw_t1t_send_ndef_byte (write_block[index], block, index, new_lengthfield_len);
1613 }
1614 }
1615
1616 return ndef_status;
1617 }
1618
1619 /*******************************************************************************
1620 **
1621 ** Function rw_t1t_send_ndef_byte
1622 **
1623 ** Description Sends ndef message or length field byte and update
1624 ** status
1625 **
1626 ** Returns NFC_STATUS_CONTINUE, if tlv write is not yet complete
1627 ** NFC_STATUS_OK, if tlv write is complete & success
1628 ** NFC_STATUS_FAILED,if tlv write failed
1629 **
1630 *******************************************************************************/
rw_t1t_send_ndef_byte(UINT8 data,UINT8 block,UINT8 index,UINT8 msg_len)1631 static tNFC_STATUS rw_t1t_send_ndef_byte (UINT8 data, UINT8 block, UINT8 index, UINT8 msg_len)
1632 {
1633 tNFC_STATUS ndef_status = NFC_STATUS_CONTINUE;
1634 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
1635 UINT8 addr;
1636
1637 /* send WRITE-E command */
1638 RW_T1T_BLD_ADD ((addr), (block), (index));
1639 if (NFC_STATUS_OK == rw_t1t_send_static_cmd (T1T_CMD_WRITE_E, addr, data))
1640 {
1641 p_t1t->write_byte = index;
1642 p_t1t->ndef_block_written = block;
1643 if (p_t1t->work_offset == p_t1t->new_ndef_msg_len + msg_len)
1644 {
1645 ndef_status = NFC_STATUS_OK;
1646 }
1647 else
1648 {
1649 ndef_status = NFC_STATUS_CONTINUE;
1650 }
1651 }
1652 else
1653 {
1654 ndef_status = NFC_STATUS_FAILED;
1655 }
1656 return ndef_status;
1657 }
1658
1659 /*******************************************************************************
1660 **
1661 ** Function rw_t1t_prepare_ndef_bytes
1662 **
1663 ** Description prepares ndef block to write
1664 **
1665 ** Returns block number where to write
1666 **
1667 *******************************************************************************/
rw_t1t_prepare_ndef_bytes(UINT8 * p_data,UINT8 * p_length_field,UINT8 * p_index,BOOLEAN b_one_byte,UINT8 block,UINT8 lengthfield_len)1668 static UINT8 rw_t1t_prepare_ndef_bytes (UINT8 *p_data, UINT8 *p_length_field, UINT8 *p_index, BOOLEAN b_one_byte, UINT8 block, UINT8 lengthfield_len)
1669 {
1670 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
1671 UINT8 first_block = (UINT8) (p_t1t->ndef_header_offset / T1T_BLOCK_SIZE);
1672 UINT16 initial_offset = p_t1t->work_offset;
1673
1674 while (p_t1t->work_offset == initial_offset && block <= p_t1t->mem[T1T_CC_TMS_BYTE])
1675 {
1676 if ( (block == p_t1t->num_ndef_finalblock)
1677 &&(block != first_block) )
1678 {
1679 memcpy (p_data,p_t1t->ndef_final_block,T1T_BLOCK_SIZE);
1680 }
1681 /* Update length field */
1682 while ( (*p_index < T1T_BLOCK_SIZE)
1683 &&(p_t1t->work_offset < lengthfield_len) )
1684 {
1685 if (rw_t1t_is_lock_reserved_otp_byte ((UINT16) ((block * T1T_BLOCK_SIZE) + *p_index)) == FALSE)
1686 {
1687 p_data[*p_index] = p_length_field[p_t1t->work_offset];
1688 p_t1t->work_offset++;
1689 if (b_one_byte)
1690 return block;
1691 }
1692 (*p_index)++;
1693 if (p_t1t->work_offset == lengthfield_len)
1694 {
1695 break;
1696 }
1697 }
1698 /* Update ndef message field */
1699 while (*p_index < T1T_BLOCK_SIZE && p_t1t->work_offset < (p_t1t->new_ndef_msg_len + lengthfield_len))
1700 {
1701 if (rw_t1t_is_lock_reserved_otp_byte ((UINT16) ((block * T1T_BLOCK_SIZE) + *p_index)) == FALSE)
1702 {
1703 p_data[*p_index] = p_t1t->p_ndef_buffer[p_t1t->work_offset - lengthfield_len];
1704 p_t1t->work_offset++;
1705 if (b_one_byte)
1706 return block;
1707 }
1708 (*p_index)++;
1709 }
1710 if (p_t1t->work_offset == initial_offset)
1711 {
1712 *p_index = 0;
1713 block++;
1714 if (p_t1t->segment != (block * T1T_BLOCK_SIZE) /T1T_SEGMENT_SIZE)
1715 {
1716 p_t1t->segment = (block * T1T_BLOCK_SIZE) /T1T_SEGMENT_SIZE;
1717 }
1718 }
1719 }
1720 return block;
1721 }
1722
1723 /*******************************************************************************
1724 **
1725 ** Function rw_t1t_send_ndef_block
1726 **
1727 ** Description Sends ndef block and update status
1728 **
1729 ** Returns NFC_STATUS_CONTINUE, if tlv write is not yet complete
1730 ** NFC_STATUS_OK, if tlv write is complete & success
1731 ** NFC_STATUS_FAILED,if tlv write failed
1732 **
1733 *******************************************************************************/
rw_t1t_send_ndef_block(UINT8 * p_data,UINT8 block)1734 static tNFC_STATUS rw_t1t_send_ndef_block (UINT8 *p_data, UINT8 block)
1735 {
1736 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
1737 tNFC_STATUS ndef_status = NFC_STATUS_CONTINUE;
1738
1739 if (NFC_STATUS_OK == rw_t1t_send_dyn_cmd (T1T_CMD_WRITE_E8, block, p_data))
1740 {
1741 p_t1t->ndef_block_written = block;
1742 if (p_t1t->ndef_block_written == p_t1t->num_ndef_finalblock)
1743 {
1744 ndef_status = NFC_STATUS_OK;
1745 }
1746 else
1747 {
1748 ndef_status = NFC_STATUS_CONTINUE;
1749 }
1750 }
1751 else
1752 {
1753 ndef_status = NFC_STATUS_FAILED;
1754 }
1755 return ndef_status;
1756 }
1757
1758 /*******************************************************************************
1759 **
1760 ** Function rw_t1t_get_ndef_flags
1761 **
1762 ** Description Prepare NDEF Flags
1763 **
1764 ** Returns NDEF Flag value
1765 **
1766 *******************************************************************************/
rw_t1t_get_ndef_flags(void)1767 static UINT8 rw_t1t_get_ndef_flags (void)
1768 {
1769 UINT8 flags = 0;
1770 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
1771
1772 if ((p_t1t->hr[0] & 0xF0) == T1T_NDEF_SUPPORTED)
1773 flags |= RW_NDEF_FL_SUPPORTED;
1774
1775 if (t1t_tag_init_data (p_t1t->hr[0]) != NULL)
1776 flags |= RW_NDEF_FL_FORMATABLE;
1777
1778 if ((p_t1t->mem[T1T_CC_RWA_BYTE] & 0x0F) == T1T_CC_RWA_RO)
1779 flags |=RW_NDEF_FL_READ_ONLY;
1780
1781 return flags;
1782 }
1783
1784 /*******************************************************************************
1785 **
1786 ** Function rw_t1t_get_ndef_max_size
1787 **
1788 ** Description Calculate maximum size of NDEF message that can be written
1789 ** on to the tag
1790 **
1791 ** Returns Maximum size of NDEF Message
1792 **
1793 *******************************************************************************/
rw_t1t_get_ndef_max_size(void)1794 static UINT16 rw_t1t_get_ndef_max_size (void)
1795 {
1796 UINT16 offset;
1797 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
1798 UINT16 tag_size = (p_t1t->mem[T1T_CC_TMS_BYTE] +1)* T1T_BLOCK_SIZE;
1799 const tT1T_INIT_TAG *p_ret;
1800 UINT8 init_segment = p_t1t->segment;
1801
1802 p_t1t->max_ndef_msg_len = 0;
1803 offset = p_t1t->ndef_msg_offset;
1804 p_t1t->segment = (UINT8) (p_t1t->ndef_msg_offset/T1T_SEGMENT_SIZE);
1805
1806 if ( (tag_size < T1T_STATIC_SIZE)
1807 ||(tag_size > (T1T_SEGMENT_SIZE * T1T_MAX_SEGMENTS))
1808 ||((p_t1t->mem[T1T_CC_NMN_BYTE] != T1T_CC_NMN) && (p_t1t->mem[T1T_CC_NMN_BYTE] != 0)) )
1809 {
1810 /* Tag not formated, determine maximum NDEF size from HR */
1811 if ( ((p_t1t->hr[0] & 0xF0) == T1T_NDEF_SUPPORTED)
1812 &&((p_ret = t1t_tag_init_data (p_t1t->hr[0])) != NULL) )
1813 {
1814 p_t1t->max_ndef_msg_len = ((p_ret->tms +1)* T1T_BLOCK_SIZE) - T1T_OTP_LOCK_RES_BYTES - T1T_UID_LEN - T1T_ADD_LEN - T1T_CC_LEN - T1T_TLV_TYPE_LEN - T1T_SHORT_NDEF_LEN_FIELD_LEN;
1815 if (p_ret->b_dynamic)
1816 {
1817 p_t1t->max_ndef_msg_len -= (T1T_TLV_TYPE_LEN + T1T_DEFAULT_TLV_LEN_FIELD_LEN + T1T_DEFAULT_TLV_LEN + T1T_TLV_TYPE_LEN + T1T_DEFAULT_TLV_LEN_FIELD_LEN + T1T_DEFAULT_TLV_LEN);
1818 p_t1t->max_ndef_msg_len -= T1T_DYNAMIC_LOCK_BYTES;
1819 }
1820 offset = tag_size;
1821 }
1822 else
1823 {
1824 p_t1t->segment = init_segment;
1825 return p_t1t->max_ndef_msg_len;
1826 }
1827 }
1828
1829 /* Starting from NDEF Message offset find the first locked data byte */
1830 while (offset < tag_size)
1831 {
1832 if (rw_t1t_is_lock_reserved_otp_byte ((UINT16) (offset)) == FALSE)
1833 {
1834 if (rw_t1t_is_read_only_byte ((UINT16) offset) == TRUE)
1835 break;
1836 p_t1t->max_ndef_msg_len++;
1837 }
1838 offset++;
1839 if (offset % T1T_SEGMENT_SIZE == 0)
1840 {
1841 p_t1t->segment = (UINT8) (offset / T1T_SEGMENT_SIZE);
1842 }
1843 }
1844 /* NDEF Length field length changes based on NDEF size */
1845 if ( (p_t1t->max_ndef_msg_len >= T1T_LONG_NDEF_LEN_FIELD_BYTE0)
1846 &&((p_t1t->ndef_msg_offset - p_t1t->ndef_header_offset) == T1T_SHORT_NDEF_LEN_FIELD_LEN) )
1847 {
1848 p_t1t->max_ndef_msg_len -= (p_t1t->max_ndef_msg_len == T1T_LONG_NDEF_LEN_FIELD_BYTE0)? 1 : (T1T_LONG_NDEF_LEN_FIELD_LEN - T1T_SHORT_NDEF_LEN_FIELD_LEN);
1849 }
1850
1851 p_t1t->segment = init_segment;
1852 return p_t1t->max_ndef_msg_len;
1853 }
1854
1855 /*******************************************************************************
1856 **
1857 ** Function rw_t1t_handle_ndef_write_rsp
1858 **
1859 ** Description Handle response to commands sent while writing an
1860 ** NDEF message
1861 **
1862 ** Returns NFC_STATUS_CONTINUE, if tlv write is not yet complete
1863 ** NFC_STATUS_OK, if tlv write is complete & success
1864 ** NFC_STATUS_FAILED,if tlv write failed
1865 **
1866 *******************************************************************************/
rw_t1t_handle_ndef_write_rsp(UINT8 * p_data)1867 static tNFC_STATUS rw_t1t_handle_ndef_write_rsp (UINT8 *p_data)
1868 {
1869 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
1870 tNFC_STATUS ndef_status = NFC_STATUS_CONTINUE;
1871 UINT8 addr;
1872
1873 switch (p_t1t->substate)
1874 {
1875 case RW_T1T_SUBSTATE_WAIT_READ_NDEF_BLOCK:
1876 /* Backup ndef_final_block */
1877 memcpy (p_t1t->ndef_final_block, p_data, T1T_BLOCK_SIZE);
1878 /* Invalidate existing NDEF Message */
1879 RW_T1T_BLD_ADD ((addr), (T1T_CC_BLOCK), (T1T_CC_NMN_OFFSET));
1880 if (NFC_STATUS_OK == rw_t1t_send_static_cmd (T1T_CMD_WRITE_E, addr, 0))
1881 {
1882 ndef_status = NFC_STATUS_CONTINUE;
1883 p_t1t->state = RW_T1T_STATE_WRITE_NDEF;
1884 p_t1t->substate = RW_T1T_SUBSTATE_WAIT_INVALIDATE_NDEF;
1885 }
1886 else
1887 {
1888 ndef_status = NFC_STATUS_FAILED;
1889 }
1890 break;
1891
1892 case RW_T1T_SUBSTATE_WAIT_INVALIDATE_NDEF:
1893 ndef_status = rw_t1t_ndef_write_first_block ();
1894 break;
1895
1896 case RW_T1T_SUBSTATE_WAIT_NDEF_WRITE:
1897 ndef_status = rw_t1t_next_ndef_write_block ();
1898 break;
1899
1900 case RW_T1T_SUBSTATE_WAIT_NDEF_UPDATED:
1901 /* Validate new NDEF Message */
1902 RW_T1T_BLD_ADD ((addr), (T1T_CC_BLOCK), (T1T_CC_NMN_OFFSET));
1903 if (NFC_STATUS_OK == rw_t1t_send_static_cmd (T1T_CMD_WRITE_E, addr, T1T_CC_NMN))
1904 {
1905 ndef_status = NFC_STATUS_OK;
1906 }
1907 else
1908 {
1909 ndef_status = NFC_STATUS_FAILED;
1910 }
1911 break;
1912 default:
1913 break;
1914 }
1915
1916 return ndef_status;
1917 }
1918
1919 /*******************************************************************************
1920 **
1921 ** Function rw_t1t_update_attributes
1922 **
1923 ** Description This function will prepare attributes for the current
1924 ** segment. Every bit in the attribute refers to one byte of
1925 ** tag content.The bit corresponding to a tag byte will be set
1926 ** to '1' when the Tag byte is read only,otherwise will be set
1927 ** to '0'
1928 **
1929 ** Returns None
1930 **
1931 *******************************************************************************/
rw_t1t_update_attributes(void)1932 static void rw_t1t_update_attributes (void)
1933 {
1934 UINT8 count = 0;
1935 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
1936 UINT16 lower_offset;
1937 UINT16 upper_offset;
1938 UINT8 num_bytes;
1939 UINT16 offset;
1940 UINT8 bits_per_byte = 8;
1941
1942 count = 0;
1943 while (count < T1T_BLOCKS_PER_SEGMENT)
1944 {
1945 p_t1t->attr[count] = 0x00;
1946 count++;
1947 }
1948
1949 lower_offset = p_t1t->segment * T1T_SEGMENT_SIZE;
1950 upper_offset = (p_t1t->segment + 1)* T1T_SEGMENT_SIZE;
1951
1952 if (p_t1t->segment == 0)
1953 {
1954 /* UID/Lock/Reserved/OTP bytes */
1955 p_t1t->attr[0x00] = 0xFF; /* Uid bytes */
1956 p_t1t->attr[0x0D] = 0xFF; /* Reserved bytes */
1957 p_t1t->attr[0x0E] = 0xFF; /* lock/otp bytes */
1958 p_t1t->attr[0x0F] = 0xFF; /* lock/otp bytes */
1959 }
1960
1961 /* update attr based on lock control and mem control tlvs */
1962 count = 0;
1963 while (count < p_t1t->num_lockbytes)
1964 {
1965 offset = p_t1t->lock_tlv[p_t1t->lockbyte[count].tlv_index].offset + p_t1t->lockbyte[count].byte_index;
1966 if (offset >= lower_offset && offset < upper_offset)
1967 {
1968 /* Set the corresponding bit in attr to indicate - lock byte */
1969 p_t1t->attr[(offset % T1T_SEGMENT_SIZE) / bits_per_byte] |= rw_t1t_mask_bits[(offset % T1T_SEGMENT_SIZE) % bits_per_byte];
1970 }
1971 count++;
1972 }
1973 count = 0;
1974 while (count < p_t1t->num_mem_tlvs)
1975 {
1976 num_bytes = 0;
1977 while (num_bytes < p_t1t->mem_tlv[count].num_bytes)
1978 {
1979 offset = p_t1t->mem_tlv[count].offset + num_bytes;
1980 if (offset >= lower_offset && offset < upper_offset)
1981 {
1982 /* Set the corresponding bit in attr to indicate - reserved byte */
1983 p_t1t->attr[(offset % T1T_SEGMENT_SIZE) / bits_per_byte] |= rw_t1t_mask_bits[(offset % T1T_SEGMENT_SIZE) % bits_per_byte];
1984 }
1985 num_bytes++;
1986 }
1987 count++;
1988 }
1989 }
1990
1991 /*******************************************************************************
1992 **
1993 ** Function rw_t1t_get_lock_bits_for_segment
1994 **
1995 ** Description This function will identify the index of the dynamic lock
1996 ** byte that covers the current segment
1997 **
1998 ** Parameters: segment, segment number
1999 ** p_start_byte, pointer to hold the first lock byte index
2000 ** p_start_bit, pointer to hold the first lock bit index
2001 ** p_end_byte, pointer to hold the last lock byte index
2002 **
2003 ** Returns Total lock bits that covers the specified segment
2004 **
2005 *******************************************************************************/
rw_t1t_get_lock_bits_for_segment(UINT8 segment,UINT8 * p_start_byte,UINT8 * p_start_bit,UINT8 * p_end_byte)2006 static UINT8 rw_t1t_get_lock_bits_for_segment (UINT8 segment,UINT8 *p_start_byte, UINT8 *p_start_bit,UINT8 *p_end_byte)
2007 {
2008 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
2009 UINT16 byte_count = T1T_SEGMENT_SIZE;
2010 UINT8 total_bits = 0;
2011 UINT8 num_dynamic_locks = 0;
2012 UINT8 bit_count = 0;
2013 UINT16 tag_size = (p_t1t->mem[T1T_CC_TMS_BYTE] +1) * T1T_BLOCK_SIZE;
2014 UINT16 lower_offset;
2015 UINT16 upper_offset;
2016 BOOLEAN b_all_bits_are_locks = TRUE;
2017 UINT8 bytes_locked_per_bit;
2018 UINT8 num_bits;
2019
2020 upper_offset = (segment + 1) * T1T_SEGMENT_SIZE;
2021
2022 if (upper_offset > tag_size)
2023 upper_offset = tag_size;
2024
2025 lower_offset = segment * T1T_SEGMENT_SIZE;
2026 *p_start_byte = num_dynamic_locks;
2027 *p_start_bit = 0;
2028
2029 while ( (byte_count <= lower_offset)
2030 &&(num_dynamic_locks < p_t1t->num_lockbytes) )
2031 {
2032 bytes_locked_per_bit = p_t1t->lock_tlv[p_t1t->lockbyte[num_dynamic_locks].tlv_index].bytes_locked_per_bit;
2033 /* Number of bits in the current lock byte */
2034 b_all_bits_are_locks = ((p_t1t->lockbyte[num_dynamic_locks].byte_index + 1) * TAG_BITS_PER_BYTE <= p_t1t->lock_tlv[p_t1t->lockbyte[num_dynamic_locks].tlv_index].num_bits);
2035 num_bits = b_all_bits_are_locks ? TAG_BITS_PER_BYTE : p_t1t->lock_tlv[p_t1t->lockbyte[num_dynamic_locks].tlv_index].num_bits % TAG_BITS_PER_BYTE;
2036
2037 /* Skip lock bits that covers all previous segments */
2038 if (bytes_locked_per_bit * num_bits + byte_count <= lower_offset)
2039 {
2040 byte_count += bytes_locked_per_bit * num_bits;
2041 num_dynamic_locks++;
2042 }
2043 else
2044 {
2045 /* The first lock bit that covers this segment is present in this segment */
2046 bit_count = 0;
2047 while (bit_count < num_bits)
2048 {
2049 byte_count += bytes_locked_per_bit;
2050 if (byte_count > lower_offset)
2051 {
2052 *p_start_byte = num_dynamic_locks;
2053 *p_end_byte = num_dynamic_locks;
2054 *p_start_bit = bit_count;
2055 bit_count++;
2056 total_bits = 1;
2057 break;
2058 }
2059 bit_count++;
2060 }
2061 }
2062 }
2063 if (num_dynamic_locks == p_t1t->num_lockbytes)
2064 {
2065 return 0;
2066 }
2067 while ( (byte_count < upper_offset)
2068 &&(num_dynamic_locks < p_t1t->num_lockbytes) )
2069 {
2070 bytes_locked_per_bit = p_t1t->lock_tlv[p_t1t->lockbyte[num_dynamic_locks].tlv_index].bytes_locked_per_bit;
2071
2072 /* Number of bits in the current lock byte */
2073 b_all_bits_are_locks = ((p_t1t->lockbyte[num_dynamic_locks].byte_index + 1) * TAG_BITS_PER_BYTE <= p_t1t->lock_tlv[p_t1t->lockbyte[num_dynamic_locks].tlv_index].num_bits);
2074 num_bits = b_all_bits_are_locks ? TAG_BITS_PER_BYTE : p_t1t->lock_tlv[p_t1t->lockbyte[num_dynamic_locks].tlv_index].num_bits % TAG_BITS_PER_BYTE;
2075
2076 /* Collect all lock bits that covers the current segment */
2077 if ((bytes_locked_per_bit * (num_bits - bit_count)) + byte_count < upper_offset)
2078 {
2079 byte_count += bytes_locked_per_bit * (num_bits - bit_count);
2080 total_bits += num_bits - bit_count;
2081 bit_count = 0;
2082 *p_end_byte = num_dynamic_locks;
2083 num_dynamic_locks++;
2084 }
2085 else
2086 {
2087 /* The last lock byte that covers the current segment */
2088 bit_count = 0;
2089 while (bit_count < num_bits)
2090 {
2091 byte_count += bytes_locked_per_bit;
2092 if (byte_count >= upper_offset)
2093 {
2094 *p_end_byte = num_dynamic_locks;
2095 total_bits += (bit_count + 1);
2096 break;
2097 }
2098 bit_count++;
2099 }
2100 }
2101 }
2102 return total_bits;
2103 }
2104
2105 /*******************************************************************************
2106 **
2107 ** Function rw_t1t_update_lock_attributes
2108 **
2109 ** Description This function will check if the tag index passed as
2110 ** argument is a locked byte and return
2111 ** TRUE or FALSE
2112 **
2113 ** Parameters: index, the index of the byte in the tag
2114 **
2115 **
2116 ** Returns TRUE, if the specified index in the tag is a locked or
2117 ** reserved or otp byte
2118 ** FALSE, otherwise
2119 **
2120 *******************************************************************************/
rw_t1t_update_lock_attributes(void)2121 static void rw_t1t_update_lock_attributes (void)
2122 {
2123 UINT8 xx = 0;
2124 UINT8 bytes_locked_per_lock_bit;
2125 UINT8 num_static_lock_bytes = 0;
2126 UINT8 num_dynamic_lock_bytes = 0;
2127 UINT8 bits_covered = 0;
2128 UINT8 bytes_covered = 0;
2129 UINT8 block_count = 0;
2130 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
2131 UINT8 start_lock_byte;
2132 UINT8 start_lock_bit;
2133 UINT8 end_lock_byte;
2134 UINT8 num_lock_bits;
2135 UINT8 total_bits;
2136
2137
2138 block_count = 0;
2139 while (block_count < T1T_BLOCKS_PER_SEGMENT)
2140 {
2141 p_t1t->lock_attr[block_count] = 0x00;
2142 block_count++;
2143 }
2144
2145 /* update lock_attr based on static lock bytes */
2146 if (p_t1t->segment == 0)
2147 {
2148 xx = 0;
2149 num_static_lock_bytes = 0;
2150 block_count = 0;
2151 num_lock_bits = 8;
2152
2153 while (num_static_lock_bytes < T1T_NUM_STATIC_LOCK_BYTES)
2154 {
2155 /* Update lock attribute based on 2 static locks */
2156 while (xx < num_lock_bits)
2157 {
2158 p_t1t->lock_attr[block_count] = 0x00;
2159
2160 if (p_t1t->mem[T1T_LOCK_0_OFFSET + num_static_lock_bytes] & rw_t1t_mask_bits[xx++])
2161 {
2162 /* If the bit is set then 1 block is locked */
2163 p_t1t->lock_attr[block_count] = 0xFF;
2164 }
2165
2166 block_count++;
2167 }
2168 num_static_lock_bytes++;
2169 xx = 0;
2170 }
2171 /* Locked bytes */
2172 p_t1t->lock_attr[0x00] = 0xFF;
2173 p_t1t->lock_attr[0x0D] = 0xFF;
2174 }
2175 else
2176 {
2177 /* update lock_attr based on segment and using dynamic lock bytes */
2178 if ((total_bits = rw_t1t_get_lock_bits_for_segment (p_t1t->segment,&start_lock_byte, &start_lock_bit,&end_lock_byte)) != 0)
2179 {
2180 xx = start_lock_bit;
2181 num_dynamic_lock_bytes = start_lock_byte;
2182 bits_covered = 0;
2183 bytes_covered = 0;
2184 block_count = 0;
2185 num_lock_bits = 8;
2186
2187 p_t1t->lock_attr[block_count] = 0;
2188
2189 while (num_dynamic_lock_bytes <= end_lock_byte)
2190 {
2191 bytes_locked_per_lock_bit = p_t1t->lock_tlv[p_t1t->lockbyte[num_dynamic_lock_bytes].tlv_index].bytes_locked_per_bit;
2192 if (num_dynamic_lock_bytes == end_lock_byte)
2193 {
2194 num_lock_bits = (total_bits % 8 == 0)? 8:total_bits % 8;
2195 }
2196 while (xx < num_lock_bits)
2197 {
2198 bytes_covered = 0;
2199 while (bytes_covered < bytes_locked_per_lock_bit)
2200 {
2201 /* Set/clear lock_attr byte bits based on whether a particular lock bit is set or not
2202 * each bit in lock_attr represents one byte in Tag read only attribute */
2203 if ((p_t1t->lockbyte[num_dynamic_lock_bytes].lock_byte & rw_t1t_mask_bits[xx]) && (block_count < T1T_BLOCKS_PER_SEGMENT))
2204 {
2205 p_t1t->lock_attr[block_count] |= 0x01 << bits_covered;
2206 }
2207 bytes_covered++;
2208 bits_covered++;
2209 if (bits_covered == 8)
2210 {
2211 bits_covered = 0;
2212 block_count++;
2213 if (block_count < T1T_BLOCKS_PER_SEGMENT)
2214 p_t1t->lock_attr[block_count] = 0;
2215 }
2216 }
2217 xx++;
2218 }
2219 num_dynamic_lock_bytes++;
2220 xx = 0;
2221 }
2222 }
2223 }
2224 }
2225
2226 /*******************************************************************************
2227 **
2228 ** Function rw_t1t_is_lock_reserved_otp_byte
2229 **
2230 ** Description This function will check if the tag index passed as
2231 ** argument is a lock or reserved or otp byte
2232 **
2233 ** Parameters: index, the index of the byte in the tag's current segment
2234 **
2235 **
2236 ** Returns TRUE, if the specified index in the tag is a locked or
2237 ** reserved or otp byte
2238 ** FALSE, otherwise
2239 **
2240 *******************************************************************************/
rw_t1t_is_lock_reserved_otp_byte(UINT16 index)2241 static BOOLEAN rw_t1t_is_lock_reserved_otp_byte (UINT16 index)
2242 {
2243 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
2244
2245 if (p_t1t->attr_seg != p_t1t->segment)
2246 {
2247 /* Update p_t1t->attr to reflect the current segment */
2248 rw_t1t_update_attributes ();
2249 p_t1t->attr_seg = p_t1t->segment;
2250 }
2251 index = index % T1T_SEGMENT_SIZE;
2252
2253 /* Every bit in p_t1t->attr indicates one specific byte of the tag is either a lock/reserved/otp byte or not
2254 * So, each array element in p_t1t->attr covers one block in the tag as T1 block size and array element size is 8
2255 * Find the block and offset for the index (passed as argument) and Check if the offset bit in the
2256 * p_t1t->attr[block] is set or not. If the bit is set then it is a lock/reserved/otp byte, otherwise not */
2257
2258 return ((p_t1t->attr[index /8] & rw_t1t_mask_bits[index % 8]) == 0) ? FALSE:TRUE;
2259 }
2260
2261 /*******************************************************************************
2262 **
2263 ** Function rw_t1t_is_read_only_byte
2264 **
2265 ** Description This function will check if the tag index passed as
2266 ** argument is a read only byte
2267 **
2268 ** Parameters: index, the index of the byte in the tag's current segment
2269 **
2270 **
2271 ** Returns TRUE, if the specified index in the tag is a locked or
2272 ** reserved or otp byte
2273 ** FALSE, otherwise
2274 **
2275 *******************************************************************************/
rw_t1t_is_read_only_byte(UINT16 index)2276 static BOOLEAN rw_t1t_is_read_only_byte (UINT16 index)
2277 {
2278 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
2279
2280 if (p_t1t->lock_attr_seg != p_t1t->segment)
2281 {
2282 /* Update p_t1t->lock_attr to reflect the current segment */
2283 rw_t1t_update_lock_attributes ();
2284 p_t1t->lock_attr_seg = p_t1t->segment;
2285 }
2286
2287 index = index % T1T_SEGMENT_SIZE;
2288 /* Every bit in p_t1t->lock_attr indicates one specific byte of the tag is a read only byte or read write byte
2289 * So, each array element in p_t1t->lock_attr covers one block in the tag as T1 block size and array element size is 8
2290 * Find the block and offset for the index (passed as argument) and Check if the offset bit in the
2291 * p_t1t->lock_attr[block] is set or not. If the bit is set then it is a read only byte, otherwise read write byte */
2292
2293 return ((p_t1t->lock_attr[index /8] & rw_t1t_mask_bits[index % 8]) == 0) ? FALSE:TRUE;
2294 }
2295
2296 /*****************************************************************************
2297 **
2298 ** Function RW_T1tFormatNDef
2299 **
2300 ** Description
2301 ** Format Tag content
2302 **
2303 ** Returns
2304 ** NFC_STATUS_OK, Command sent to format Tag
2305 ** NFC_STATUS_REJECTED: Invalid HR0 and cannot format the tag
2306 ** NFC_STATUS_FAILED: other error
2307 **
2308 *****************************************************************************/
RW_T1tFormatNDef(void)2309 tNFC_STATUS RW_T1tFormatNDef (void)
2310 {
2311 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
2312 tNFC_STATUS status = NFC_STATUS_FAILED;
2313 const tT1T_INIT_TAG *p_ret;
2314 UINT8 addr;
2315 UINT8 *p;
2316
2317 if (p_t1t->state != RW_T1T_STATE_IDLE)
2318 {
2319 RW_TRACE_WARNING1 ("RW_T1tFormatNDef - Tag not initialized/ Busy! State: %u", p_t1t->state);
2320 return (NFC_STATUS_FAILED);
2321 }
2322
2323 if ((p_t1t->hr[0] & 0xF0) != T1T_NDEF_SUPPORTED)
2324 {
2325 RW_TRACE_WARNING1 ("RW_T1tFormatNDef - Cannot format tag as NDEF not supported. HR0: %u", p_t1t->hr[0]);
2326 return (NFC_STATUS_REJECTED);
2327 }
2328
2329 if ((p_ret = t1t_tag_init_data (p_t1t->hr[0])) == NULL)
2330 {
2331 RW_TRACE_WARNING2 ("RW_T1tFormatNDef - Invalid HR - HR0: %u, HR1: %u", p_t1t->hr[0], p_t1t->hr[1]);
2332 return (NFC_STATUS_REJECTED);
2333 }
2334
2335 memset (p_t1t->ndef_first_block, 0, T1T_BLOCK_SIZE);
2336 memset (p_t1t->ndef_final_block, 0, T1T_BLOCK_SIZE);
2337 p = p_t1t->ndef_first_block;
2338
2339 /* Prepare Capability Container */
2340 UINT8_TO_BE_STREAM (p, T1T_CC_NMN);
2341 UINT8_TO_BE_STREAM (p, T1T_CC_VNO);
2342 UINT8_TO_BE_STREAM (p, p_ret->tms);
2343 UINT8_TO_BE_STREAM (p, T1T_CC_RWA_RW);
2344 if (p_ret->b_dynamic)
2345 {
2346 /* Prepare Lock and Memory TLV */
2347 UINT8_TO_BE_STREAM (p, TAG_LOCK_CTRL_TLV);
2348 UINT8_TO_BE_STREAM (p, T1T_DEFAULT_TLV_LEN);
2349 UINT8_TO_BE_STREAM (p, p_ret->lock_tlv[0]);
2350 UINT8_TO_BE_STREAM (p, p_ret->lock_tlv[1]);
2351 p = p_t1t->ndef_final_block;
2352 UINT8_TO_BE_STREAM (p, p_ret->lock_tlv[2]);
2353 UINT8_TO_BE_STREAM (p, TAG_MEM_CTRL_TLV);
2354 UINT8_TO_BE_STREAM (p, T1T_DEFAULT_TLV_LEN);
2355 UINT8_TO_BE_STREAM (p, p_ret->mem_tlv[0]);
2356 UINT8_TO_BE_STREAM (p, p_ret->mem_tlv[1]);
2357 UINT8_TO_BE_STREAM (p, p_ret->mem_tlv[2]);
2358 }
2359 /* Prepare NULL NDEF TLV */
2360 UINT8_TO_BE_STREAM (p, TAG_NDEF_TLV);
2361 UINT8_TO_BE_STREAM (p, 0);
2362
2363 if (rw_cb.tcb.t1t.hr[0] != T1T_STATIC_HR0 || rw_cb.tcb.t1t.hr[1] >= RW_T1T_HR1_MIN)
2364 {
2365 /* send WRITE-E8 command */
2366 if ((status = rw_t1t_send_dyn_cmd (T1T_CMD_WRITE_E8, 1, p_t1t->ndef_first_block)) == NFC_STATUS_OK)
2367 {
2368 p_t1t->state = RW_T1T_STATE_FORMAT_TAG;
2369 p_t1t->b_update = FALSE;
2370 p_t1t->b_rseg = FALSE;
2371 if (p_ret->b_dynamic)
2372 p_t1t->substate = RW_T1T_SUBSTATE_WAIT_SET_CC;
2373 else
2374 p_t1t->substate = RW_T1T_SUBSTATE_WAIT_SET_NULL_NDEF;
2375 }
2376 }
2377 else
2378 {
2379 /* send WRITE-E command */
2380 RW_T1T_BLD_ADD ((addr), 1, 0);
2381
2382 if ((status = rw_t1t_send_static_cmd (T1T_CMD_WRITE_E, addr, p_t1t->ndef_first_block[0])) == NFC_STATUS_OK)
2383 {
2384 p_t1t->work_offset = 0;
2385 p_t1t->state = RW_T1T_STATE_FORMAT_TAG;
2386 p_t1t->substate = RW_T1T_SUBSTATE_WAIT_SET_NULL_NDEF;
2387 p_t1t->b_update = FALSE;
2388 p_t1t->b_rseg = FALSE;
2389 }
2390 }
2391
2392 return status;
2393 }
2394
2395 /*******************************************************************************
2396 **
2397 ** Function RW_T1tLocateTlv
2398 **
2399 ** Description This function is called to find the start of the given TLV
2400 **
2401 ** Parameters: tlv_type, Type of TLV to find
2402 **
2403 ** Returns NCI_STATUS_OK, if detection was started. Otherwise, error status.
2404 **
2405 *******************************************************************************/
RW_T1tLocateTlv(UINT8 tlv_type)2406 tNFC_STATUS RW_T1tLocateTlv (UINT8 tlv_type)
2407 {
2408 tNFC_STATUS status = NFC_STATUS_FAILED;
2409 tRW_T1T_CB *p_t1t= &rw_cb.tcb.t1t;
2410 UINT8 adds;
2411
2412 if (p_t1t->state != RW_T1T_STATE_IDLE)
2413 {
2414 RW_TRACE_WARNING1 ("RW_T1tLocateTlv - Busy - State: %u", p_t1t->state);
2415 return (NFC_STATUS_FAILED);
2416 }
2417 p_t1t->tlv_detect = tlv_type;
2418
2419 if( (p_t1t->tlv_detect == TAG_NDEF_TLV)
2420 &&(((p_t1t->hr[0]) & 0xF0) != T1T_NDEF_SUPPORTED) )
2421 {
2422 RW_TRACE_ERROR0 ("RW_T1tLocateTlv - Error: NDEF not supported by the tag");
2423 return (NFC_STATUS_REFUSED);
2424 }
2425
2426 if ( (p_t1t->tlv_detect == TAG_MEM_CTRL_TLV)
2427 ||(p_t1t->tlv_detect == TAG_NDEF_TLV) )
2428 {
2429 p_t1t->num_mem_tlvs = 0;
2430 }
2431
2432 if ( (p_t1t->tlv_detect == TAG_LOCK_CTRL_TLV)
2433 ||(p_t1t->tlv_detect == TAG_NDEF_TLV) )
2434 {
2435 p_t1t->num_lockbytes = 0;
2436 p_t1t->num_lock_tlvs = 0;
2437 }
2438
2439 /* Start reading memory, looking for the TLV */
2440 p_t1t->segment = 0;
2441 if ((p_t1t->hr[0] & 0x0F) != 1)
2442 {
2443 /* send RSEG command */
2444 RW_T1T_BLD_ADDS ((adds), (p_t1t->segment));
2445 status = rw_t1t_send_dyn_cmd (T1T_CMD_RSEG, adds, NULL);
2446 }
2447 else
2448 {
2449 status = rw_t1t_send_static_cmd (T1T_CMD_RALL, 0, 0);
2450 }
2451 if (status == NFC_STATUS_OK)
2452 {
2453 p_t1t->tlv_detect = tlv_type;
2454 p_t1t->work_offset = 0;
2455 p_t1t->state = RW_T1T_STATE_TLV_DETECT;
2456 p_t1t->substate = RW_T1T_SUBSTATE_NONE;
2457 }
2458
2459 return status;
2460 }
2461
2462 /*****************************************************************************
2463 **
2464 ** Function RW_T1tDetectNDef
2465 **
2466 ** Description
2467 ** This function is used to perform NDEF detection on a Type 1 tag, and
2468 ** retrieve the tag's NDEF attribute information (block 0).
2469 **
2470 ** Before using this API, the application must call RW_SelectTagType to
2471 ** indicate that a Type 1 tag has been activated.
2472 **
2473 ** Returns
2474 ** NFC_STATUS_OK: ndef detection procedure started
2475 ** NFC_STATUS_WRONG_PROTOCOL: type 1 tag not activated
2476 ** NFC_STATUS_BUSY: another command is already in progress
2477 ** NFC_STATUS_FAILED: other error
2478 **
2479 *****************************************************************************/
RW_T1tDetectNDef(void)2480 tNFC_STATUS RW_T1tDetectNDef (void)
2481 {
2482 return RW_T1tLocateTlv (TAG_NDEF_TLV);
2483 }
2484
2485 /*******************************************************************************
2486 **
2487 ** Function RW_T1tReadNDef
2488 **
2489 ** Description This function can be called to read the NDEF message on the tag.
2490 **
2491 ** Parameters: p_buffer: The buffer into which to read the NDEF message
2492 ** buf_len: The length of the buffer
2493 **
2494 ** Returns NCI_STATUS_OK, if read was started. Otherwise, error status.
2495 **
2496 *******************************************************************************/
RW_T1tReadNDef(UINT8 * p_buffer,UINT16 buf_len)2497 tNFC_STATUS RW_T1tReadNDef (UINT8 *p_buffer, UINT16 buf_len)
2498 {
2499 tNFC_STATUS status = NFC_STATUS_FAILED;
2500 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
2501 BOOLEAN b_notify;
2502 UINT8 adds;
2503 const tT1T_CMD_RSP_INFO *p_cmd_rsp_info_rall = t1t_cmd_to_rsp_info (T1T_CMD_RALL);
2504 const tT1T_CMD_RSP_INFO *p_cmd_rsp_info_rseg = t1t_cmd_to_rsp_info (T1T_CMD_RSEG);
2505
2506
2507
2508 if (p_t1t->state != RW_T1T_STATE_IDLE)
2509 {
2510 RW_TRACE_WARNING1 ("RW_T1tReadNDef - Busy - State: %u", p_t1t->state);
2511 return (NFC_STATUS_FAILED);
2512 }
2513
2514 /* Check HR0 if NDEF supported by the tag */
2515 if (((p_t1t->hr[0]) & 0xF0) != T1T_NDEF_SUPPORTED)
2516 {
2517 RW_TRACE_ERROR0 ("RW_T1tReadNDef - Error: NDEF not supported by the tag");
2518 return (NFC_STATUS_REFUSED);
2519 }
2520
2521 if (p_t1t->tag_attribute == RW_T1_TAG_ATTRB_INITIALIZED_NDEF)
2522 {
2523 RW_TRACE_WARNING1 ("RW_T1tReadNDef - NDEF Message length is zero, NDEF Length : %u ", p_t1t->ndef_msg_len);
2524 return (NFC_STATUS_NOT_INITIALIZED);
2525 }
2526
2527 if ( (p_t1t->tag_attribute != RW_T1_TAG_ATTRB_READ_WRITE)
2528 &&(p_t1t->tag_attribute != RW_T1_TAG_ATTRB_READ_ONLY) )
2529 {
2530 RW_TRACE_ERROR0 ("RW_T1tReadNDef - Error: NDEF detection not performed yet/ Tag is in Initialized state");
2531 return (NFC_STATUS_FAILED);
2532 }
2533
2534 if (buf_len < p_t1t->ndef_msg_len)
2535 {
2536 RW_TRACE_WARNING2 ("RW_T1tReadNDef - buffer size: %u less than NDEF msg sise: %u", buf_len, p_t1t->ndef_msg_len);
2537 return (NFC_STATUS_FAILED);
2538 }
2539 p_t1t->p_ndef_buffer = p_buffer;
2540
2541 if (p_t1t->b_rseg == TRUE)
2542 {
2543 /* If already got response to RSEG 0 */
2544 p_t1t->state = RW_T1T_STATE_READ_NDEF;
2545 p_t1t->p_cmd_rsp_info = (tT1T_CMD_RSP_INFO *)p_cmd_rsp_info_rseg;
2546
2547 rw_t1t_handle_read_rsp (&b_notify,p_t1t->mem);
2548 status = NFC_STATUS_OK;
2549 }
2550 else if (p_t1t->b_update == TRUE)
2551 {
2552 /* If already got response to RALL */
2553 p_t1t->state = RW_T1T_STATE_READ_NDEF;
2554 p_t1t->p_cmd_rsp_info = (tT1T_CMD_RSP_INFO *) p_cmd_rsp_info_rall;
2555
2556 rw_t1t_handle_read_rsp (&b_notify,p_t1t->mem);
2557 status = NFC_STATUS_OK;
2558
2559 }
2560 else
2561 {
2562 p_t1t->segment = 0;
2563 p_t1t->work_offset = 0;
2564 if ((p_t1t->hr[0] & 0x0F) != 1)
2565 {
2566 /* send RSEG command */
2567 RW_T1T_BLD_ADDS ((adds), (p_t1t->segment));
2568 status = rw_t1t_send_dyn_cmd (T1T_CMD_RSEG, adds, NULL);
2569 }
2570 else
2571 {
2572 status = rw_t1t_send_static_cmd (T1T_CMD_RALL, 0, 0);
2573 }
2574 if (status == NFC_STATUS_OK)
2575 p_t1t->state = RW_T1T_STATE_READ_NDEF;
2576
2577 }
2578
2579 return status;
2580 }
2581
2582 /*******************************************************************************
2583 **
2584 ** Function RW_T1tWriteNDef
2585 **
2586 ** Description This function can be called to write an NDEF message to the tag.
2587 **
2588 ** Parameters: msg_len: The length of the buffer
2589 ** p_msg: The NDEF message to write
2590 **
2591 ** Returns NCI_STATUS_OK, if write was started. Otherwise, error status.
2592 **
2593 *******************************************************************************/
RW_T1tWriteNDef(UINT16 msg_len,UINT8 * p_msg)2594 tNFC_STATUS RW_T1tWriteNDef (UINT16 msg_len, UINT8 *p_msg)
2595 {
2596 tNFC_STATUS status = NFC_STATUS_FAILED;
2597 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
2598 UINT16 num_ndef_bytes;
2599 UINT16 offset;
2600 UINT8 addr;
2601 UINT8 init_lengthfield_len;
2602 UINT8 new_lengthfield_len;
2603 UINT16 init_ndef_msg_offset;
2604
2605 if (p_t1t->state != RW_T1T_STATE_IDLE)
2606 {
2607 RW_TRACE_WARNING1 ("RW_T1tWriteNDef - Busy - State: %u", p_t1t->state);
2608 return (NFC_STATUS_FAILED);
2609 }
2610
2611 /* Check HR0 if NDEF supported by the tag */
2612 if (((p_t1t->hr[0]) & 0xF0) != T1T_NDEF_SUPPORTED)
2613 {
2614 RW_TRACE_ERROR0 ("RW_T1tWriteNDef - Error: NDEF not supported by the tag");
2615 return (NFC_STATUS_REFUSED);
2616 }
2617
2618 if ( (p_t1t->tag_attribute != RW_T1_TAG_ATTRB_READ_WRITE)
2619 &&(p_t1t->tag_attribute != RW_T1_TAG_ATTRB_INITIALIZED_NDEF) )
2620 {
2621 RW_TRACE_ERROR0 ("RW_T1tWriteNDef - Tag cannot update NDEF");
2622 return (NFC_STATUS_REFUSED);
2623 }
2624
2625 if (msg_len > p_t1t->max_ndef_msg_len)
2626 {
2627 RW_TRACE_ERROR1 ("RW_T1tWriteNDef - Cannot write NDEF of size greater than %u bytes", p_t1t->max_ndef_msg_len);
2628 return (NFC_STATUS_REFUSED);
2629 }
2630
2631 p_t1t->p_ndef_buffer = p_msg;
2632 p_t1t->new_ndef_msg_len = msg_len;
2633 new_lengthfield_len = p_t1t->new_ndef_msg_len > 254 ? 3:1;
2634 init_lengthfield_len = (UINT8) (p_t1t->ndef_msg_offset - p_t1t->ndef_header_offset);
2635 init_ndef_msg_offset = p_t1t->ndef_msg_offset;
2636
2637 /* ndef_msg_offset should reflect the new ndef message offset */
2638 if (init_lengthfield_len > new_lengthfield_len)
2639 {
2640 p_t1t->ndef_msg_offset = init_ndef_msg_offset - (T1T_LONG_NDEF_LEN_FIELD_LEN - T1T_SHORT_NDEF_LEN_FIELD_LEN);
2641 }
2642 else if (init_lengthfield_len < new_lengthfield_len)
2643 {
2644 p_t1t->ndef_msg_offset = init_ndef_msg_offset + (T1T_LONG_NDEF_LEN_FIELD_LEN - T1T_SHORT_NDEF_LEN_FIELD_LEN);
2645 }
2646
2647 num_ndef_bytes = 0;
2648 offset = p_t1t->ndef_msg_offset;
2649 p_t1t->segment = (UINT8) (p_t1t->ndef_msg_offset/T1T_SEGMENT_SIZE);
2650
2651 /* Locate NDEF final block based on the size of new NDEF Message */
2652 while (num_ndef_bytes < p_t1t->new_ndef_msg_len)
2653 {
2654 if (rw_t1t_is_lock_reserved_otp_byte ((UINT16) offset) == FALSE)
2655 num_ndef_bytes++;
2656
2657 offset++;
2658 if (offset % T1T_SEGMENT_SIZE == 0)
2659 {
2660 p_t1t->segment = (UINT8) (offset / T1T_SEGMENT_SIZE);
2661 }
2662 }
2663
2664 p_t1t->b_update = FALSE;
2665 p_t1t->b_rseg = FALSE;
2666
2667 if ((p_t1t->hr[0] & 0x0F) != 1)
2668 {
2669 /* Dynamic data structure */
2670 p_t1t->block_read = (UINT8) ((offset - 1)/T1T_BLOCK_SIZE);
2671 /* Read NDEF final block before updating */
2672 if ((status = rw_t1t_send_dyn_cmd (T1T_CMD_READ8, p_t1t->block_read, NULL)) == NFC_STATUS_OK)
2673 {
2674 p_t1t->num_ndef_finalblock = p_t1t->block_read;
2675 p_t1t->state = RW_T1T_STATE_WRITE_NDEF;
2676 p_t1t->substate = RW_T1T_SUBSTATE_WAIT_READ_NDEF_BLOCK;
2677 }
2678 }
2679 else
2680 {
2681 /* NDEF detected and Static memory structure so send WRITE-E command */
2682 RW_T1T_BLD_ADD ((addr), (T1T_CC_BLOCK), (T1T_CC_NMN_OFFSET));
2683 if ((status = rw_t1t_send_static_cmd (T1T_CMD_WRITE_E, addr, 0)) == NFC_STATUS_OK)
2684 {
2685 p_t1t->state = RW_T1T_STATE_WRITE_NDEF;
2686 p_t1t->substate = RW_T1T_SUBSTATE_WAIT_INVALIDATE_NDEF;
2687 }
2688
2689 }
2690
2691 if (status != NFC_STATUS_OK)
2692 {
2693 /* if status failed, reset ndef_msg_offset to initial message */
2694 p_t1t->ndef_msg_offset = init_ndef_msg_offset;
2695 }
2696 return status;
2697 }
2698
2699 /*******************************************************************************
2700 **
2701 ** Function RW_T1tSetTagReadOnly
2702 **
2703 ** Description This function can be called to set t1 tag as read only.
2704 **
2705 ** Parameters: None
2706 **
2707 ** Returns NCI_STATUS_OK, if setting tag as read only was started.
2708 ** Otherwise, error status.
2709 **
2710 *******************************************************************************/
RW_T1tSetTagReadOnly(BOOLEAN b_hard_lock)2711 tNFC_STATUS RW_T1tSetTagReadOnly (BOOLEAN b_hard_lock)
2712 {
2713 tNFC_STATUS status = NFC_STATUS_FAILED;
2714 tRW_T1T_CB *p_t1t = &rw_cb.tcb.t1t;
2715 UINT8 addr;
2716 UINT8 num_locks;
2717
2718 if (p_t1t->state != RW_T1T_STATE_IDLE)
2719 {
2720 RW_TRACE_WARNING1 ("RW_T1tSetTagReadOnly - Busy - State: %u", p_t1t->state);
2721 return (NFC_STATUS_BUSY);
2722 }
2723
2724 p_t1t->b_hard_lock = b_hard_lock;
2725
2726 if ( (p_t1t->tag_attribute == RW_T1_TAG_ATTRB_READ_WRITE)
2727 ||(p_t1t->tag_attribute == RW_T1_TAG_ATTRB_INITIALIZED)
2728 ||(p_t1t->tag_attribute == RW_T1_TAG_ATTRB_INITIALIZED_NDEF) )
2729 {
2730 /* send WRITE-NE command */
2731 RW_T1T_BLD_ADD ((addr), (T1T_CC_BLOCK), (T1T_CC_RWA_OFFSET));
2732 if ((status = rw_t1t_send_static_cmd (T1T_CMD_WRITE_NE, addr, 0x0F)) == NFC_STATUS_OK)
2733 {
2734 p_t1t->b_update = FALSE;
2735 p_t1t->b_rseg = FALSE;
2736
2737 if (p_t1t->b_hard_lock)
2738 {
2739 num_locks = 0;
2740 while (num_locks < p_t1t->num_lockbytes)
2741 {
2742 p_t1t->lockbyte[num_locks].lock_status = RW_T1T_LOCK_NOT_UPDATED;
2743 num_locks++;
2744 }
2745 }
2746 p_t1t->state = RW_T1T_STATE_SET_TAG_RO;
2747 p_t1t->substate = RW_T1T_SUBSTATE_WAIT_SET_CC_RWA_RO;
2748 }
2749 }
2750
2751 return status;
2752 }
2753
2754 #if (BT_TRACE_VERBOSE == TRUE)
2755 /*******************************************************************************
2756 **
2757 ** Function rw_t1t_get_sub_state_name
2758 **
2759 ** Description This function returns the sub_state name.
2760 **
2761 ** NOTE conditionally compiled to save memory.
2762 **
2763 ** Returns pointer to the name
2764 **
2765 *******************************************************************************/
rw_t1t_get_sub_state_name(UINT8 sub_state)2766 static char *rw_t1t_get_sub_state_name (UINT8 sub_state)
2767 {
2768 switch (sub_state)
2769 {
2770 case RW_T1T_SUBSTATE_NONE:
2771 return ("NONE");
2772 case RW_T1T_SUBSTATE_WAIT_READ_TLV_VALUE:
2773 return ("EXTRACT_TLV_VALUE");
2774 case RW_T1T_SUBSTATE_WAIT_READ_LOCKS:
2775 return ("READING_LOCKS");
2776 case RW_T1T_SUBSTATE_WAIT_READ_NDEF_BLOCK:
2777 return ("READ_NDEF_FINAL_BLOCK");
2778 case RW_T1T_SUBSTATE_WAIT_INVALIDATE_NDEF:
2779 return ("INVALIDATING_NDEF");
2780 case RW_T1T_SUBSTATE_WAIT_NDEF_WRITE:
2781 return ("WRITE_NDEF_TLV_MESSAGE");
2782 case RW_T1T_SUBSTATE_WAIT_NDEF_UPDATED:
2783 return ("WAITING_RSP_FOR_LAST_NDEF_WRITE");
2784 case RW_T1T_SUBSTATE_WAIT_VALIDATE_NDEF:
2785 return ("VALIDATING_NDEF");
2786 case RW_T1T_SUBSTATE_WAIT_SET_CC_RWA_RO:
2787 return ("SET_RWA_RO");
2788 case RW_T1T_SUBSTATE_WAIT_SET_ST_LOCK_BITS:
2789 return ("SET_STATIC_LOCK_BITS");
2790 case RW_T1T_SUBSTATE_WAIT_SET_DYN_LOCK_BITS:
2791 return ("SET_DYNAMIC_LOCK_BITS");
2792
2793 default:
2794 return ("???? UNKNOWN SUBSTATE");
2795 }
2796 }
2797 #endif /* (BT_TRACE_VERBOSE == TRUE) */
2798
2799 #endif /* (defined ((RW_NDEF_INCLUDED) && (RW_NDEF_INCLUDED == TRUE)) */
2800
2801 #endif /* (NFC_INCLUDED == TRUE) */
2802