ATMEL contact IC card and development example

table of Contents

Chapter 1 Storage Structure and Secrecy Characteristics of Several Common ATMEL Contact IC Cards 2
1. AT24C01A, AT24C02, AT24C04, AT24C08, AT24C16, AT24C32, AT24C64 2
Second, AT88SC102, AT88SC1604, AT88SC1608, AT88SC153 3
1. AT88SC102 encryption card 3
2. AT88SC1604 encryption card 5
3. AT88SC1608 encryption card 8
4. AT88SC153 encryption card 12
Third, AT45D041 16
Chapter 2 Interface Function of Contact IC Card 19
First, the function list (function name, simple description) 19
1. General function 19
2. ATMEL AT88SC102/AT88SC1604 encryption card special function 19
3. ATMEL AT88SC1608 and AT88SC153 encryption card special function 20
4. ATMEL AT45D041 Flash memory card dedicated function 20
Second, the function description 21
Appendix 1: Card Type Predefined 29
Appendix II: ICFOX.PLB Test Routine 30
Chapter III Underlying IC Card Development Example 31
First, the IC card operation of the underlying function 31
1. IC card operation low-level function description: 31
2. IC card low-level communication header file (Base.h) 32
Second, AT24C64 card application example 32
1. AT24C64 card function header file (AT24C64.h) 32
2. AT24C64 card function 33
3. AT24C64 Card Application Routine (App24C64.c) 35

Chapter 1 Storage Structure and Secrecy Features of Several Common ATMEL Contact IC Cards In order to enable IC cards to be applied to their own systems, engineers of system development companies should understand the basic technical information of some cards. The following is the production of ATMEL. The contact IC card is a simple introduction to the models that are common in applications and with better performance. It is hoped that it will help in the selection and development of IC cards.
??1 AT24C01A, AT24C02, AT24C04, AT24C08, AT24C16, AT24C32, AT24C64
These types of IC cards are ATMEL memory cards, which are EEPROM cards that do not have encryption function. The AT24C is the serial number, and the digital part is the K-bit capacity, which are 1K, 2K, 4K, 8K, 16K, 32K, 64K. Bit. It is used in the same way as EEPROM. It has a simple storage structure and only has two functions of reading and writing. It is mainly used to store some data with less confidentiality requirements.
AT24C series operating frequency is 1MHz (5V), 1MHz (2.7V), 400KHz (1.8V); operating voltage is 5V ± 10%, according to requirements can be as low as 1.8V; Icc current reading is up to 1mA, write maximum is 3mA The number of write/erase times is 1 million times; the data is kept for 100 years; the operating temperature is 0-70 °C, and the specified operating temperature can be exceeded according to requirements; the communication protocol conforms to the ISO/IEC 7816-3 synchronization protocol, and the two-wire serial interface.

Storage structure:

The last two digits of the AT24C series model are the maximum K digits of this model (1K=1024), 8 bits are 1 byte, and the algorithm for the maximum byte storage capacity is K digits × 1024 ÷ 8. For example, the maximum storage capacity of AT24C01A is 1×1024÷8=128, and its byte address space is 0—127 (hexadecimal is 0x00—0x7F).

The following pseudo-code program starts writing LEN bytes at the ADDR address of the AT24C series card and reads the proof.
Open(AT24Cxxx)
Write (ADDR, LEN, WDATA)
RDATA = Read(ADDR, LEN)
Close()
IF WDATA = RDATA THEN Write Successful ELSE Write Failed

The following pseudocode program starts reading LEN bytes at the ADDR address of the AT24C series card.
Open(AT24Cxxx)
RDATA = Read(ADDR, LEN)
Close()
Second, AT88SC102, AT88SC1604, AT88SC1608, AT88SC153
These types of IC cards are ATMEL encryption cards, which use CMOS low-power technology and have security protection functions such as transmission code, production code, password and error counter, and fuse protection. The storage space is divided into two major functional areas: the setup area and the application area. The application area can be divided into different partitions, each of which has its own independent security function. From the model point of view, AT88SC is the serial number, the last digit is the number of application zone partitions, which are 2, 4, 8, and 3 partitions respectively. The middle digits 10, 160, and 15 are K-bit capacity, respectively 1K, 16K. , 16K, 1.5K bits. Different application partitions have their own partition password. AT88SC1604 can be divided into two types: equal partition card and unequal partition card.
1. AT88SC102 encryption card
The access time of the AT88SC102 encryption card is read as 2us/bit, written as 5ms/bit; the working voltage is 5V±10%; the number of write/erase times is 100,000 times; the data is kept for 100 years; the working temperature is -25-70°C; The communication protocol complies with the ISO/IEC 7816-3 synchronization protocol.

Storage structure:
Storage partition bit address number byte address byte number
FZ manufacturer code area 0-15 16 0-1 2
IZ Issuer Area 16-79 64 2-9 8
SC master password area 80-95 16 10-11 2
SCAC Master Password Error Counting Area 96-111 16 12-13 2
CPZ Code Protected Area 112-175 64 14-21 8
AZ1 application area 176-687 512 22-85 64
EZ1 area erasure password 688-735 48 86-91 6
AZ2 Application Area 2736-1247 512 92-155 64
EZ2 two-zone erasure password 1248-1279 32 156-159 4
EAC2 two-zone erasure password error count 1280-1407 128 160-175 16
MTZ test area 1408-1423 16 176-177 2
Note: Wipe and write are two different operations. Wipe is a bit write 1 operation, and write is a bit write 0 operation. When modifying data, you can only write data before erasing it.
Its confidentiality is different before the fuse is blown (FUSE2) and after the fuse is blown.

Confidentiality before fuse blowing:
FZ: Set by the ATMEL factory (FUSE1), read-only cannot be changed. ATMEL can customize this code for bulk users to ensure card uniqueness.
IZ: Readable. The SC check is correct, and the IZ can be erased repeatedly.
SC: When the SC check is correct, the SC can be read and erased. When the SC check is incorrect, the SC cannot read and erase.
SCAC: The initial value is 4, the SC check is reduced by 1 for each SCAC, and when the SCAC is equal to 0, the card self-destructs. If the SC check corrects the correct SCAC to return to the initial value of 4. SCAC is always readable.
CPZ: It is marked for the user and is used to mark the operation process of the information in the card. It is always readable. After the SC check is correct, it can be erased.
AZ1, AZ2; the first 2 bits are write-protected bits, that is, 176 bits are AZ1 write protection bits (1PR), 177 bits are AZ1 read protection bits (1RD), 736 bits are AZ2 write protection bits (2PR), and 737 bits are AZ2 read protection bit (2RD). When the SC check is correct, AZn is readable (n stands for 1 or 2, the same below). If the SC check is incorrect, nRD controls the readability of AZn, that is, if nRD=1, AZn is readable; if nRD=0 When AZn is not readable.
Before the fuse blows (FUSE2), nPR does not work, as long as the SC check is correct, AZn can be erased.
EZ1, EZ2: When the SC check is incorrect, EZn cannot read and erase. When the SC check is correct, the EZn can be read and erased. EZn does not work until the fuse is blown (FUSE2).
EAC2: EAC2 has no effect before fuse blow (FUSE2).
MTZ: Used to test the card's erasing performance. Can be tested under any conditions.

Confidentiality after fuse blowing:
FZ: Set by the ATMEL factory (FUSE1), read-only cannot be changed. ATMEL can customize this code for bulk users to ensure card uniqueness.
IZ: Always readable. However, after the fuse is blown (FUSE2), the IZ content is solidified and the IZ will never be changed.
SC: Unreadable. When the SC check is correct, the SC can be erased. When the SC check is incorrect, the SC cannot be erased.
SCAC: The initial value is 4, the SC check is reduced by 1 for each SCAC, and when the SCAC is equal to 0, the card self-destructs. If the SC check corrects the correct SCAC to return to the initial value of 4. SCAC is always readable.
CPZ: It is marked for the user and is used to mark the operation process of the information in the card. It is always readable. After the SC check is correct, it can be erased.
AZ1, AZ2; the first 2 bits are write-protected bits, that is, 176 bits are AZ1 write protection bits (1PR), 177 bits are AZ1 read protection bits (1RD), 736 bits are AZ2 write protection bits (2PR), and 737 bits are AZ2 read protection bit (2RD). When the SC check is correct, AZn is readable (n stands for 1 or 2, the same below). If the SC check is incorrect, nRD protects the readability of AZn, that is, if nRD=1, AZn is readable; if nRD=0 When AZn is not readable.
After the fuse is blown (FUSE2), even if the SC check is correct, it depends on whether nPR is 1. If it is 0, AZn is write-protected and can never be written.
EZ1, EZ2: When the SC check is incorrect, EZn cannot read and erase. When the SC check is correct, the EZn can be read and erased. After the fuse fuse is blown (FUSE2), only the EZn check is correct, the AZn can be erased, and it is impossible to read and erase the EZn.
EAC2: After the fuse is blown (FUSE2), AZ2 has only 128 erasure opportunities, and the count is reduced by one for each wipe.
MTZ: Used to test the card's erasing performance. Can be tested under any conditions.

The following pseudo-code program completes the initialization operation on the AT88SC102 card and begins writing LEN bytes in an application area ADDR address, and reads the proofreading.
Open(AT88SC102)
IF CheckSC(Pwd) = OK THEN Continue ELSE illegal card
WriteCPZ (CPZ); can write some system identification
UpdateSC (NewPwd)
SetZone(1)
UpdateEZ (NewEZ)
Erase (ADDR, LEN)
Write (ADDR, LEN, WDATA)
RDATA = Read(ADDR, LEN)
IF WDATA = RDATA THEN Write Successful ELSE Write Failed
Fuse()
Close()

The following pseudo-code program determines whether the AT88SC102 card is a card supported by the system and performs some operation on LEN bytes starting from an ADDR address of an application area.
Open(AT88SC102)
ReadCPZ (CPZ); read system identification
If CPZ = system ID THEN Continue ELSE illegal card
IF CheckSC(Pwd) = OK THEN Continue ELSE illegal card
SetZone(1)
RDATA = Read(ADDR, LEN)
<some other operations>
IF CheckEZ(Pwd) = OK THEN Continue ELSE illegal card
Erase (ADDR, LEN)
Write (ADDR, LEN, WDATA)
RDATA = Read(ADDR, LEN)
IF WDATA = RDATA THEN Write Successful ELSE Write Failed
Close()
2. AT88SC1604 encryption card
The access time of the AT88SC1604 encryption card is read as 2us/bit, written as 5ms/bit; the working voltage is 5V±10%; the number of write/erase times is 100,000 times; the data is kept for 10 years; the working temperature is 0-70°C; The protocol complies with the ISO/IEC 7816-3 synchronization protocol.
AT88SC1604 can be divided into two types: equal partition card and unequal partition card, and their respective regions and fuse addresses are different. The second, third, and fourth application areas are not equal to the partition card. There is no area password error count, and the same partition card has, and the performance of the partition card is obviously more emphasis on the first area. When selecting the AT88SC1604 card, you should pay attention to whether it is not a partition card or a partition card.

The storage structure of the partition card is not equal: (the second, third, and fourth application areas have no area password error count)
Storage partition bit address number byte address byte number
FZ manufacturer code area 0-15 16 0-1 2
IZ Issuer Area 16-79 64 2-9 8
SC master password area 80-95 16 10-11 2
SCAC Master Password Error Counting Area 96-103 8 12 1
CPZ code protection zone 104-167 64 13-20 8
SC1 area password 168-183 16 21-22 2
S1AC area password error count 184-191 8 23 1
EZ1 area erasure password 192-207 16 24-25 2
E1AC one area erasure password error count 208-215 8 26 1
AZ1 application area 216-9775 9560 27-1221 1195
SC2 two-zone password 9776-9791 16 1222-1223 2
EZ2 two-zone erasure password 9792-9807 16 1224-1225 2
E2AC two-zone erasure password error count 9808-9815 8 1226 1
AZ2 application area two 9816-11863 2048 1227-1482 256
SC3 three-zone password 11864-11879 16 1483-1484 2
EZ3 three-zone erasure password 11880-11895 16 1485-1486 2
E3AC three-zone erasure password error count 11896-11903 8 1487 1
AZ3 application area three 11904-13951 2048 1488-1743 256
SC4 four-zone password 13952-13967 16 1744-1745 2
EZ4 four-zone erasure password 13968-13983 16 1746-1747 2
E4AC four-zone erasure password error count 13984-13991 8 1748 1
AZ4 application area four 13992-16039 2048 1749-2004 256
MTZ test area 16040-16055 16 2005-2006 2
FUSE fuse 16288-16303
Last address 16383 2047
Storage structure of the partition card: (two, three, four application areas have zone password error count)
Storage partition bit address number byte address byte number
FZ manufacturer code area 0-15 16 0-1 2
IZ Issuer Area 16-79 64 2-9 8
SC master password area 80-95 16 10-11 2
SCAC Master Password Error Counting Area 96-103 8 12 1
CPZ code protection zone 104-167 64 13-20 8
SC1 area password 168-183 16 21-22 2
S1AC area password error count 184-191 8 23 1
EZ1 area erasure password 192-207 16 24-25 2
E1AC one area erasure password error count 208-215 8 26 1
AZ1 application area one 216-4311 4096 27-538 512
SC2 second district password 4312-4327 16 539-540 2
S2AC two-zone password error count 4328-4335 8 541 1
EZ2 two-zone erasure password 4336-4351 16 542-543 2
E2AC two-zone erasure password error count 4352-4359 8 544 1
AZ2 application area 2 4360-8455 4096 545-1056 512
SC3 three-zone password 8546-8471 16 1057-1058 2
S3AC three-zone password error count 8472-8479 8 1059 1
EZ3 three-zone erasure password 8480-8495 16 1060-1061 2
E3AC three-zone erasure password error count 8496-8503 8 1062 1
AZ3 application area three 8504-12599 4096 1063-1574 512
SC4 four-zone password 12600-12615 16 1575-1576 2
S4AC four-zone password error count 12616-12623 8 1577 1
EZ4 four-zone erasure password 12624-12639 16 1578-1579 2
E4AC four-zone erasure password error count 12640-12647 8 1580 1
AZ4 application area four 12648-16303 3656 1581-2037 457
MTZ test area 16304-16319 16 2038-2039 2
FUSE fuse 16352-16367
Last address 16383 2047
Note: Wipe and write are two different operations. Wipe is a bit write 1 operation, and write is a bit write 0 operation. When modifying data, you can only write data before erasing it.
Its confidentiality is different before the fuse is blown (FUSE2) and after the fuse is blown.

Confidentiality before fuse blowing:
FZ: It is set by the ATMEL factory (FUSE1), read-only cannot be changed, the unequal card is generally 0F0F, and the aliquot is generally 7156. ATMEL can customize this code for bulk users to ensure card uniqueness.
IZ: Readable. The SC check is correct, and the IZ can be erased repeatedly.
SC: When the SC check is correct, the SC can be read and erased. When the SC check is incorrect, the SC cannot read and erase.
SCAC: The initial value is 8, the SC check is reduced by 1 for each SCAC, and when the SCAC is equal to 0, the card self-destructs. If the SC check corrects the correct SCAC to return to the initial value of 8. SCAC is always readable.
CPZ: It is marked for the user and is used to mark the operation process of the information in the card. It is always readable. After the SC check is correct, it can be erased.
SC1, SC2, SC3, SC4, EZ1, EZ2, EZ3, EZ4: Before fuse blowing (FUSE2), it does not work. When the SC check is correct, SCn and EZn are readable and erasable (n stands for 1 or 2 or 3 or 4, the same below).
S1AC, S2AC, S3AC, S4AC, E1AC, E2AC, E3AC, E4AC: Always readable, fuse blown (FUSE2), no effect. When the SC check is correct, SnAC and EnAC can be erased.
AZ1, AZ2, AZ3, AZ4; the first two bits are the write-protection bits of AZn, namely the write protection bit (nPR) and the read protection bit (nRD). When the SC check is correct, AZn is readable. If the SC check is incorrect, nRD controls the readability of AZn, that is, if nRD=1, AZn is readable; if nRD=0, AZn is unreadable.
Before the fuse blows (FUSE2), nPR does not work, as long as the SC check is correct, AZn can be erased.
MTZ: Used to test the card's erasing performance. Can be tested under any conditions. Confidentiality after fuse blowing:
FZ: It is set by the ATMEL factory (FUSE1), read-only cannot be changed, the unequal card is generally 0F0F, and the aliquot is generally 7156. ATMEL can customize this code for bulk users to ensure card uniqueness.
IZ: Always readable. However, after the fuse is blown (FUSE2), the IZ content is solidified and the IZ will never be changed.
SC: Unreadable. When the SC check is correct, the SC can be erased. When the SC check is incorrect, the SC cannot be erased.
SCAC: The initial value is 8, the SC check is reduced by 1 for each SCAC, and when the SCAC is equal to 0, the card self-destructs. If the SC check corrects the correct SCAC to return to the initial value of 8. SCAC is always readable.
CPZ: It is marked for the user and is used to mark the operation process of the information in the card. It is always readable. After the SC check is correct, it can be erased.
SC1, SC2, SC3, SC4: Unreadable. When the SC check is correct, SCn can be proofed. When the SC check is incorrect, SCn cannot be proofread. When SCn is checked correctly, SCn is rewritable.
S1AC, S2AC, S3AC, S4AC: The initial value is 8, the SCn check is minus 1 for each error of SnAC, and when the SnAC is equal to 0, the n region self-destructs. If the SCn check corrects the correct SnAC to return to the initial value of 8. SnAC is always readable.
EZ1, EZ2, EZ3, EZ4: Unreadable, EZn can be proofed when SCn is checked correctly, and EZn cannot be proofed when SCn is checked incorrectly. When EZn is checked correctly, EZn can be erased.
E1AC, E2AC, E3AC, E4AC: The initial value is 8, EZn checks that EnAC is decremented by 1 per error, and when EnAC is equal to 0, the n-zone self-destructs. If the EZn check corrects the EnAC to return to the initial value of 8. EnAC is always readable.
AZ1, AZ2, AZ3, AZ4; the first two bits are the write-protection bits of AZn, namely the write protection bit (nPR) and the read protection bit (nRD). When SCn is checked correctly, AZn is readable. If SCn is checked incorrectly, nRD controls the readability of AZn, that is, if nRD=1, AZn is readable; if nRD=0, AZn is unreadable.
When EZn is correct, AZn can be rubbed. When EZn is not correct, Azn is not rubbed.
After the fuse is blown (FUSE2), even if the SCn check is correct, it depends on whether nPR is 1. If it is 0, AZ is write-protected and can never be written. At the same time, it is impossible to read and erase the EZ1.
MTZ: Used to test the card's erasing performance. Can be tested under any conditions.

The following pseudo-code program completes the initialization operation on the AT88SC1604 card and starts writing LEN bytes in an application area ADDR address, and reads the proofreading.
Open(AT88SC1604)
IF CheckSC(Pwd) = OK THEN Continue ELSE illegal card
WriteCPZ (CPZ); can write some system identification
UpdateSC (NewPwd)
SetZone(1)
UpdateSC (NewPwd)
UpdateEZ (NewEZ)
Erase (ADDR, LEN)
Write (ADDR, LEN, WDATA)
RDATA = Read(ADDR, LEN)
IF WDATA = RDATA THEN Write Successful ELSE Write Failed
Fuse()
Close()
The following pseudo-code program determines whether the AT88SC1604 card is a card supported by the system and performs some operation on the LEN bytes starting from the ADDR address of an application area.
Open(AT88SC1604)
ReadCPZ (CPZ); read system identification
If CPZ = system ID THEN Continue ELSE illegal card
IF CheckSC(Pwd) = OK THEN Continue ELSE illegal card
SetZone(1)
RDATA = Read(ADDR, LEN)
<some other operations>
IF CheckSC(Pwd) = OK THEN Continue ELSE illegal card
IF CheckEZ(Pwd) = OK THEN Continue ELSE illegal card
Erase (ADDR, LEN)
Write (ADDR, LEN, WDATA)
RDATA = Read(ADDR, LEN)
IF WDATA = RDATA THEN Write Successful ELSE Write Failed
Close()
3. AT88SC1608 encryption card If the AT88SC1064 is based on the AT88SC102, AT24C16 based on some improvements, then the AT88SC1608 is a mature and stable leap of the contact IC card, more in a card more to reflect its strengths, its confidentiality High performance, fast read and write speed, and can be written without first erasing.
AT88SC1608 encryption card clock frequency is 1MHz, support page write mode (16 bytes / page), if accessed by page write, access time is 10ms (maximum) / page; working voltage is 2.7V-5.5V; write / wipe The number of divisions is 100,000 times; the data is kept for 100 years; the operating temperature is 0-70 °C; the communication protocol complies with the ISO/IEC 7816-3 synchronization protocol.
In particular, the high security performance of the AT88SC1608 encryption card is outstanding. In addition to the encryption logic, it also has high security authentication and anti-intercept tracking technology, 64-bit mutual authentication and authentication error counter, and the error count is 8 times.
The AT88SC1608 has one 128-byte setting area and eight 256-byte application partitions. The eight areas can be freely combined and controlled by the read password and the write password (16 sets of passwords, each 3 bytes), and the error count is 8 times.
The AT88SC1608 has a total of 17408 bits (2176 bytes) of memory, of which the first 16K bits (2K bytes) are the application areas, and the last 1K bits (128 bytes) are the setting areas.

Storage structure: (byte address is expressed in hexadecimal)
Storage partition $0 $1 $2 $3 $4 $5 $6 $7 Address application partition 0 (User0) 256 bytes $000
Application Partition 1 (User1) 256 bytes $100
Application Partition 2 (User2) 256 bytes $200
Application Partition 3 (User3) 256 bytes $300
Application Partition 4 (User4) 256 bytes $400
Application Partition 5 (User5) 256 bytes $500
Application Partition 6 (User6) 256 bytes $600
Application Partition 7 (User7) 256 bytes $700
Setting area 128 bytes $800

The setting area storage structure: (byte address is expressed in hexadecimal)
$0 $1 $2 $3 $4 $5 $6 $7 Address Vendor Information Reset Answer (ATR) History Code (HC) $00
Vendor Code (FZ) Retention Card Vendor Code (CMC) $08
Access rights AR0 AR1 AR2 AR3 AR4 AR5 AR6 AR7 $10
Keep $18
Certification Area AAC Identification Number (Nc) $20
Ciphertext (Ci) $28
Key Key (Gc) $30
Test Area Test Area (MTZ) $38
Password area PAC write password 0 (WP0) PAC read password 0 (RP0) $40
PAC Write Password 1 (WP1) PAC Read Password 1 (RP1) $48
PAC Write Password 2 (WP2) PAC Read Password 2 (RP2) $50
PAC Write Password 3 (WP3) PAC Read Password 3 (RP3) $58
PAC Write Password 4 (WP4) PAC Read Password 4 (RP4) $60
PAC write password 5 (WP5) PAC read password 5 (RP5) $68
PAC Write Password 6 (WP6) PAC Read Password 6 (RP6) $70
PAC Write Password 7 (WP7/SC) PAC Read Password 7 (RP7) $78
Note: Which zone uses which password or whether to be authenticated is determined by access rights AR0-AR7.

ATR: Reset response, defined by ATMEL, cannot be changed.
HC: History code, defined by ATMEL, cannot be changed.
FZ: Vendor code, defined by ATMEL, cannot be changed.
CMC: Card supplier code, defined by the card factory, cannot be changed.
AR0-7: Access rights. Defined before personalization. (See the access rights for detailed usage)
Nc: The identification code, usually used as the unique identifier of the card - the card number. Defined before personalization.
Ci: Ciphertext, you can write a random number before personalization, use it when you authenticate the card, and each authentication will be automatically rewritten.
Gc: Key, 64-bit secret seed, calculated by Nc through the F1 formula, written into the card before personalization. It is not accessible after personalization, and it is used as the parameter of the F2 formula of the card during authentication. (See the authentication protocol for detailed usage)
AAC: is the authentication error counter. The initial value is 8.
MTZ: Used to test the read and write performance of the card. Can be tested under any conditions.
WP0-WP7, RP0-RP7: 8 sets of read and write password sets, each partition can point to a unique set of passwords, or can point to the same set of passwords, so that you can check only one set of passwords and enter multiple partitions. The partitions are combined into one large partition. The default WP7 and RP7 are read and write passwords. Write Password 7 (WP7) also acts as a Transfer Password (SC). In addition, if you need to modify the read and write password, you must also check the write password of the same set of passwords.
SC: Transfer password. The initial value is determined by ATMEL and sent to each card factory. Can be modified, always use SC before personalization, other passwords will be used after personalization.
PAC: is the partition password error counter. The initial value is 8.

Fuse mark (FUSE)
The fuse flag is located at the $80 address in the setup area, and the storage structure: (address is expressed in hexadecimal)
Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 Address
0 0 0 0 0 PER CMA FAB $80
Note: FAB, CMA, FAB are the three-level fuse protection mark of the EEPROM of AT88SC1608, and “0” means that it is blown. All memory spaces are readable when the fuse flag is all "1". Every step of the fuse operation cannot be returned.
FAB is the fuse flag of the ATMEL chip when it leaves the factory.
The CMA is the fuse flag of the card factory's factory.
PER is the fuse flag when the application system is personalized before startup.

Before we deliver the AT88SC1608 card, the card information should have been completed as follows:
ATMEL writes the manufacturer information (except the card vendor code) and the transmission password (SC), writes the rest of the storage space as "1", and performs the FAB fuse operation to make FAB=0.
After the card factory writes its own card supplier code, it performs CMA fuse operation to make CMA=0.
The system provider initializes the card, or the card is initialized by the system before being issued, and then performs a PER blow operation to make CMA=0.

Access rights table before and after access authority fuses:
District access FAB=0 CMA=0 Per=0
Vendor information (except card vendor code) Read can be written to prohibit prohibition Prohibited card vendor code read can be written to transmit password (SC) Prohibited access denied read can be written to transmit password (SC) Transfer password (SC) Prohibit authentication Area read can be either write transfer password (SC) transfer password (SC) disable key read transfer password (SC) transfer password (SC) write write transfer password (SC) transfer password (SC) disable test area read can be written It can be password-readable transfer password (SC) transfer password (SC) write password (WP)
Write Transfer Password (SC) Transfer Password (SC) Write Password (WP)
PAC (counter) read can be written to transfer password (SC) transfer password (SC) write password (WP)
Application Area Read Access (AR) Access Rights (AR) Access Rights (AR)
Write access (AR) access (AR) access (AR)

Storage structure of access rights AR0-AR7: (enabled as "0", default is "1")
Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0
WPE RPE ATE PW2 PW1 PW0 MDF PGO
WPE: Write password enable flag. When the value is 0, the password must be written by writing to the application partition. After personalization, verifying the write password also determines whether the password can be changed and the password can be written.
RPE: is the read password enable flag. When the value is 0, an application partition can be read by reading the password or writing the password. If the password is checked incorrectly, the fuse status bit will be returned.
ATE: Authentication enable flag. When 0, the authentication must pass to operate the current application partition.
PW2, PW1, PW0: These 3 bits specify which set of passwords the current application partition uses. Each partition can point to a unique set of passwords or to the same set of passwords, so that you can check only one set of passwords and enter multiple partitions, so that multiple partitions can be combined into one large partition.
MDF: It is forbidden to modify the operation flag. When the value is 0, the current application partition is write-protected, and the contents of the protected area must be written before personalization.
PGO: Write only the logo. If it is 0, each bit of the current application partition can only be written as "0" from "1", but not changed from "0" to "1".

The authentication protocol outputs a random number Nc (often regarded as a card number) and Ci, calculates Gc=F1(Ks, Nc), and writes Nc, Ci, and Gc into the card Nc Gc Ci authentication protocol reader Ks Q0 (random number)
Identification code: Nc Ci Ci+1=F2(Gc,Ci,Q0); if(Ci+1==Q1) Ci+2=F2(Gc,C1+1); Ci=Ci+2; //Modify Ci Authentication is correct; else Ci=Ci; authentication error; Ci (using read command) (initializing authentication command) (checking authentication command) (reading command) Gc=F1(Ks,Nc); Q0 Q1=F2(Gc,Ci, Q0); Q1 Q2=F2(Gc,Q1); if(Q2=Ci) authentication is correct; else authentication error;
F1 algorithm: 64BIT user-defined algorithm.
F2 algorithm: In-card 64BIT algorithm (a variant of the Des algorithm that provides C language and 51 assembly language programs)
The protocol includes mutual authentication of the card and reader CPU (ELVA patent), and the authentication data is encrypted and transmitted to prevent the communication data from being stolen.

The following pseudo-code program completes the initialization operation on the AT88SC1608 card and starts writing LEN bytes in an application area ADDR address, and reads the proofreading.
Open(AT88SC1608)
IF CheckSC(Pwd) = OK THEN Continue ELSE illegal card
InitAuth(Nc,Ci,Gc)
SetZone(1)
SetAR(AR)
UpdateWP(NewWP)
UpdateRP (NewRP)
Write (ADDR, LEN, WDATA)
RDATA = Read(ADDR, LEN)
IF WDATA = RDATA THEN Write Successful ELSE Write Failed
Fuse()
Close()
The following pseudo-code program determines whether the AT88SC1608 card is a card supported by the system and performs some operation on the LEN bytes starting from the ADDR address of an application area.
Open(AT88SC1608)
CheckAuth(Gc)
SetZone(1)
IF CheckRP(Pwd) = OK THEN Continue ELSE illegal card
RDATA = Read(ADDR, LEN)
<some other operations>
IF CheckWP(Pwd) = OK THEN Continue ELSE illegal card
Write (ADDR, LEN, WDATA)
RDATA = Read(ADDR, LEN)
IF WDATA = RDATA THEN Write Successful ELSE Write Failed
Close()
4. AT88SC153 encryption card
AT88SC153 is a new card type after ATMEL following AT88SC1068. It inherits all the advantages of AT88SC1608, but the storage capacity and number of partitions have changed. It can basically be understood as small capacity AT88SC1608.
AT88SC153 encryption card clock frequency is 1MHz, support page write mode (8 bytes / page), if accessed by page write, access time is 10ms (maximum) / page; working voltage is 2.7V-5.5V; write / wipe The number of divisions is 100,000 times; the data is kept for 100 years; the operating temperature is 0-70 °C; the communication protocol complies with the ISO/IEC 7816-3 synchronization protocol.
Like the AT88SC1608, the high security performance of the AT88SC153 encryption card is outstanding. In addition to the encryption logic, it also has high security authentication and anti-intercept tracking technology, 64-bit mutual authentication and authentication error counter, and the error count is 8 times.
AT88SC153 has one 64-byte setting area and three 64-byte application partitions. The three areas can be freely combined, controlled by read password and write password (4 sets of passwords, each 3 bytes), and the error count is 4/8. Times.
The AT88SC153 has a total of 2048 bits (256 bytes) of storage space, of which the first 1536 bits (192 bytes) are the application area, and the last 512 bits (64 bytes) are the setting areas.

Storage structure: (byte address is expressed in hexadecimal)
Storage partition $0 $1 $2 $3 $4 $5 $6 $7 Address application partition 0 (User0) 64 bytes $00
Application Partition 1 (User1) 64 bytes $40
Application Partition 2 (User2) 64 bytes $80
Set area 64 bytes $C0

The setting area storage structure: (byte address is expressed in hexadecimal)
$0 $1 $2 $3 $4 $5 $6 $7 Address Vendor Information Reset Answer (ATR) History Code (HC) $00
Manufacturer Code (FZ) Card Merchant Code (CMC) AR0 AR1 AR2 MTZ $08
Identification Area Release Number (IC) $10
DCR Identification Number (Nc) $18
AAC ciphertext (Ci) $20
Key Key (Gc) $28
Password area PAC write password 0 (WP0) PAC read password 0 (RP0) $30
PAC Write Password 1 (WP1/SC) PAC Read Password 1 (RP1) $38
Note: Which zone uses which password or whether to authenticate is determined by access rights AR0-AR2.
The address $20 can also be used as a checksum authentication register (CAR) when using the checksum authentication method.

ATR: Reset response, defined by ATMEL, cannot be changed.
HC: History code, defined by ATMEL, cannot be changed.
FZ: Vendor code, defined by ATMEL, cannot be changed.
CMC: Card supplier code, defined by the card factory, cannot be changed.
AR0-2: Access rights. Defined before personalization. (See the access rights for detailed usage)
MTZ: Used to test the read and write performance of the card. Can be tested under any conditions.
IC: Release number. Defined before personalization. .
DCR: Device Settings Register.
Nc: The identification code, usually used as the unique identifier of the card - the card number. Defined before personalization.
Ci: Ciphertext, you can write a random number before personalization, use it when you authenticate the card, and each authentication will be automatically rewritten.
Gc: Key, 64-bit secret seed, calculated by Nc through the F1 formula, written into the card before personalization. It is not accessible after personalization, and it is used as the parameter of the F2 formula of the card during authentication. (See the authentication protocol for detailed usage)
AAC: is the authentication error counter. The initial value is 8, but each time the verification error is decremented by 2, there are a total of 4 consecutive verification errors, which can be expanded to 8 times (see the DCR setting method). Also used as part of Ci, note that if AAC is modified, it will affect the Ci value for the next authentication.
CAR: Checksum Authentication Register. It is only useful when the authentication is completed. The checksum mode is activated for each write operation, and the checksum of the write or continuous write is automatically written to the CAR. At this time, the checksum can be read to determine whether the write operation is completed. Any read operation will end the checksum mode.
WP0, WP1, RP0, RP1: 2 sets of read and write password sets, each partition can point to a unique set of passwords, or can point to the same set of passwords, so that you can check only one set of passwords and enter multiple partitions. The partitions are combined into one large partition. The default WP1 and RP1 are read and write passwords. Write Password 1 (WP1) also acts as a Transfer Password (SC). In addition, if you need to modify the read and write password, you must also check the write password of the same set of passwords.
SC: Transfer password. The initial value is determined by ATMEL and sent to each card factory. Can be modified, always use SC before personalization, other passwords will be used after personalization.
PAC: is the partition password error counter. The initial value is 8, but each time the check error is decremented by 2, there are a total of 4 consecutive verification errors. Can be expanded to 8 times. (See the DCR setting method)

Fuse mark (FUSE)
The fuse flag is located at the $40 address in the setup area, and the storage structure: (address is expressed in hexadecimal)
Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 Address
0 0 0 0 0 PER CMA FAB $40
Note: FAB, CMA, FAB are the three-level fuse protection mark of the EEPROM of AT88SC153, and “0” means that it is blown. All memory spaces are readable when the fuse flag is all "1". Every step of the fuse operation cannot be returned.
FAB is the fuse flag of the ATMEL chip when it leaves the factory.
The CMA is the fuse flag of the card factory's factory.
PER is the fuse flag when the application system is personalized before startup.

Before we deliver the AT88SC153 card, the card information should have been completed as follows:
ATMEL writes the manufacturer information (except the card vendor code, access rights and test area), the transmission password (SC), writes the rest of the storage space as "1", and performs the FAB fuse operation to make FAB=0.
After the card factory writes its own card supplier code, it performs CMA fuse operation to make CMA=0.
The system provider initializes the card, or the card is initialized by the system before being issued, and then performs a PER blow operation to make CMA=0.

Access rights table before and after access authority fuses:
District access FAB=0 CMA=0 Per=0
Vendor information (except CMC, AR, MTZ) Read can be written to prohibit prohibition Prohibited card vendor code read can be written to transmit password (SC) Prohibited access denied read can be written to transmit password (SC) Transfer password (SC) Forbidden test zone read can be written or can be recognized. Zone read can be written or transmitted password (SC) Transfer password (SC) Prohibited key read transfer password (SC) Transfer password (SC) Disable write transfer password (SC) transfer Password (SC) Prohibited Password Read Transfer Password (SC) Transfer Password (SC) Write Password (WP)
Write Transfer Password (SC) Transfer Password (SC) Write Password (WP)
PAC (counter) read can be written to transfer password (SC) transfer password (SC) write password (WP)
Application Area Read Access (AR) Access Rights (AR) Access Rights (AR)
Write access (AR) access (AR) access (AR)

Storage structure of access rights AR0-AR2: (enabled as "0", default is "1")
Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0
WPE RPE ATE AOW PWS WLM MDF PGO
WPE: Write password enable flag. When the value is 0, the password must be written by writing to the application partition. After personalization, verifying the write password also determines whether the password can be changed and the password can be written.
RPE: is the read password enable flag. When the value is 0, an application partition can be read by reading the password or writing the password. If the password is checked incorrectly, the fuse status bit will be returned.
ATE: Authentication enable flag. When 0, the authentication must pass to operate the current application partition.
AOW: The certification mark is required only when writing. Authentication is only required for write operations, and no authentication is required for reading. If ATE=0, AOW is ignored.
PWS: Specify which set of passwords to use for the current application partition. Each partition can point to a unique set of passwords or to the same set of passwords, so that you can check only one set of passwords and enter multiple partitions, so that multiple partitions can be combined into one large partition.
WLM: Write lock mode is enabled. The 8 bytes of each zone are one page. If WLM=0, each bit of the first byte (byte0) of each page is the write lock flag of 8 bytes of the page, and 0 is the write lock (that is, it can only be written as "0" from "1". , but can't change from "0" to "1"), 1 is unlocked.
MDF: It is forbidden to modify the operation flag. When the value is 0, the current application partition is write-protected, and the contents of the protected area must be written before personalization.
PGO: Write only the logo.如果为0,当前应用分区的每一位只能从“1”写成“0”,而不能从“0”改回为“1”。


设备设置寄存器(DCR)
设备设置寄存器位于设置区的$18地址,存储结构:(使能为“0”,默认为“1”)
位7 位6 位5 位4 位3 位2 位1 位0
SME UCR UAT ETA CS3 CS2 CS1 CS0
CS0-CS3:可编程片选。ATMEL出厂时写为$B(即1011)。它为访问卡的所有命令字的高4位。
ETA:8次计数使能。ETA=0,可以使AAC和PAC的计数次数为8,否则为4。
UAT:使认证错误计数无校标志。UAT=0,AAC无校,否则AAC有校。
UCR:不限制读校验和次数标志。UCR=1时,每次认证只能读校验和方式一次(默认),UCR=0时,没有次数限制。
SME:超级管理方式。SME=0时,通过1WP校验,就可以读写全部的读写密码及密码错误计数器。

认证协议产出随机数Nc(往往当作卡号)和Ci,计算出Gc=F1(Ks,Nc),把Nc、Ci、Gc写入卡中卡Nc Gc Ci 认证协议读写器Ks Q0(随机数)
识别码: Nc Ci Ci+1=F2(Gc,Ci,Q0); if(Ci+1==Q1) Ci+2=F2(Gc,C1+1); Ci=Ci+2; //修改Ci 认证正确; else Ci=Ci; 认证错误; Ci (使用读命令) (初始化认证命令) (校验认证命令) (读命令) Gc=F1(Ks,Nc); Q0 Q1=F2(Gc,Ci,Q0); Q1 Q2=F2(Gc,Q1); if(Q2=Ci) 认证正确; else 认证错误;
F1算法:64BIT 用户自定义算法。
F2算法:卡内64BIT 算法(Des 算法的变种,提供C语言和51汇编语言程序)
该协议包括卡和读写器CPU的互相认证(ELVA专利),而且认证数据加密传送,可以防止通讯数据被窃取。

下面的伪码程序在AT88SC153卡完成初始化操作和在一应用区ADDR地址开始写LEN个字节,并读出校对。
Open(AT88SC153)
IF CheckSC(Pwd) = OK THEN 继续ELSE 非法卡
WriteIC(IC) ;写发布号
WriteDCR(DCR)
InitAuth(Nc,Ci,Gc)
SetZone(1)
SetAR(AR)
UpdateWP(NewWP)
UpdateRP(NewRP)
Write(ADDR,LEN,WDATA)
RDATA = Read(ADDR,LEN)
IF WDATA = RDATA THEN 写成功ELSE 写失败
Fuse()
Close()

下面的伪码程序判断AT88SC153卡是否是本系统支持的卡和对一应用区ADDR地址开始的LEN个字节完成某种操作。
Open(AT88SC153)
ReadIC(IC) ;读出发布号
if IC = 发布号THEN 继续ELSE 非法卡
CheckAuth(Gc)
SetZone(1)
IF CheckRP(Pwd) = OK THEN 继续ELSE 非法卡
RDATA = Read(ADDR,LEN)
<一些其它操作>
IF CheckWP(Pwd) = OK THEN 继续ELSE 非法卡
Write(ADDR,LEN,WDATA)
RDATA = Read(ADDR,LEN)
IF WDATA = RDATA THEN 写成功ELSE 写失败
Close()
三、AT45D041
这种型号的IC卡为ATMEL存储卡,是一种不具备加密功能大容量的FLASH 存储卡,存储容量为4M位,主存储区有2048页(每页容量为264字节),同时还提供两个独立双向的数据缓存区(每个数据缓存区容量为264字节),页写方式为264字节,页写入时间为7ms。存储结构简单,主要用于存放一些保密性要求不高、数据量极大的数据,如声音、图像或数据。
AT45D041的工作频率为10MHz(最大);工作电压为5V±10%;工作电流读为25mA,写为50mA;数据保持100年;工作温度为0—70℃,根据要求可超过指定工作温度;通讯协议为SPI串行接口方式0和方式3。

缓存区1、缓存区2和主存储区的读写方式如上图所示,分别为:
1. 直接从主存储区的某页读数据;
2. 把主存储区的某页数据写入缓存区1或缓存区2;
3. 把主存储区的某页数据和缓存区1或缓存区2的数据进行比较;
4. 把缓存区1或缓存区2的数据写入主存储区的某页(带内建式擦除);
5. 把缓存区1或缓存区2的数据写入主存储区的某页(不6. 带内建式擦除);
7. 把数据写入主存储区的某页;
8. 自动页回写;
9. 读缓存区1、缓存区2;
10. 写缓存区1、缓存区2;
11. 读状态位。

状态位结构:
位7 位6 位5 位4 位3 位2 位1 位0
忙闲比较0 1 1 xxx
注:位7为0表示忙;为1表示闲,可以接收下一条指令。
位6为0表示主存储区数据与缓存区比较匹配,否则为不匹配。
位5、位4、位3对于AT45D041为“011”(二进制)。

下面的伪码程序通过AT45D041卡的缓存1更新主存储区的页1的某些数据:
OpenCard(AT45D041)
SetPage(1)
SetBuff(1)
PageToBuff()
WHILE ReadStatus() = Busy LOOP
WriteBuff(Addr,Len,cData)
BuffToPage()
WHILE ReadStatus() = Busy LOOP
AutoRWrite()
WHILE ReadStatus() = Busy LOOP
Close()
或
OpenCard(AT45D041)
SetPage(1)
SetBuff(1)
WritePage(Addr,Len.cData)
WHILE ReadStatus() = Busy LOOP
AutoRWrite()
WHILE ReadStatus() = Busy LOOP
Close()

下面的伪码程序通过AT45D041卡的缓存1页写主存储区的页1:
OpenCard(AT45D041)
SetPage(1)
SetBuff(1)
WriteBuff(0,264,cData)
BuffToPage()
WHILE ReadStatus() = Busy LOOP
Close()
或
OpenCard(AT45D041)
SetPage(1)
SetBuff(1)
WritePage(0,264.cData)
WHILE ReadStatus() = Busy LOOP
Close()

注:本章内容可为用户在接触式IC卡选型时参考。


第二章接触式IC卡的接口函数
IC卡软件应用系统的开发是在读写器提供的接口函数基础上进行软件开发的。每个系统公司的接口函数虽有不同,但大同小异。下面以德诚系统有限公司的MCS-C接触式IC卡通用读写器提供的FoxPro for DOS的PLB接口函数为例,用户由此可基本上对接触式IC卡接口函数有所了解。
在FoxPro程序执行开始前,先执行语句SET LIBRARY TO ICFOX.PBL。FoxPro将会自动登录库ICFOX.PLB中的IC卡函数,您可以象使用FoxPro的内部函数一样的使用接口函数。编译成EXE文件时,将ICFOX.PLB链入。
1、 函数列表(函数名2? , 简单说明)
1.通用函数
InitComm 初始化指定的串口并连接读写设备
ExitComm 退出串口连接
ErrorMsg 返回错误信息
GetInfo 获取设备的版本号

TestCard 测试读写器内是否插卡
OpenCard 打开对某种型号卡的操作
ReadChr 从卡上指定地址读取指定长度的字符串
WriteChr 向卡内指定地址写入指定长度的字符串
ReadInt 从卡上指定地址读取一个双精度数
WriteInt 向卡内指定地址写入一个双精度数
CloseCard 关闭卡操作
2? ATMEL AT88SC102/AT88SC1604加密卡专用函数
ReadFZ 读厂商代码
ReadIZ 读卡商代码
ReadCPZ 读代码保护区
WriteCPZ 写代码保护区
ReadMTZ 读测试区
WriteMTZ 写测试区

SetZone 选择应用区
CheckSC 比较密码(或区密码)
UpdateSC 更新密码(或区密码)
ReadSCAC 读密码(或区密码)校验错误计数
CheckEZ 比较区擦除密码
UpdateEZ 更新区擦除密码
ReadEAC 读区擦除密码校验错误计数
Erase 从卡内指定位置起擦除指定长度字节

Fuse 烧断卡上熔丝
3? ATMEL AT88SC1608及AT88SC153加密卡专用函数
ReadFZ 读厂商代码
ReadIZ 读卡商代码
ReadIC 读发布号(AT88SC153专用)
WriteIC 写发布号(AT88SC153专用)
ReadDCR 读设备设置寄存器(AT88SC153专用)
WriteDCR 写设备设置寄存器(AT88SC153专用)
ReadMTZ 读测试区
WriteMTZ 写测试区

InitAuth 初始化认证状态
CheckAuth 认证校验
ReadAAC 读认证错误计数

CheckSC 比较传输密码
UpdateSC 更新传输密码
ReadSCAC 读传输密码校验错误计数

SetZone 选择应用区
ReadAR 读应用区的访问权限
WriteAR 设置应用区的访问权限

CheckWP 比较写密码
UpdateWP 更新写密码
ReadWPAC 读写密码校验错误计数
CheckRP 比较读密码
UpdateRP 更新写密码
ReadRPAC 读读密码校验错误计数

FuseStatus 读取卡内熔丝状态
Fuse 烧断卡上熔丝
4? ATMEL AT45D041 Flash存储卡专用函数
SetPage 选择主存储区的当前页
SetBuff 选择缓冲区
ReadPage 读取主存储区页内的字符
ReadBuff 读取缓冲区1/缓冲区2内的字符
WritePage 写字符到主存储区页
WriteBuff 写字符到缓冲区1/缓冲区2
CompPB 比较主存储区页与缓冲区1/缓冲区2的内容
PageToBuff 从主存储区页提取数据到缓冲区1/缓冲区2
BuffToPage 从缓冲区1/缓冲区2写数据到主存储区页
ReadStatus 读状态字(忙闲)
AutoRWrite 自动回写
3、 函数说明
InitComm(Port)
说明:初始化指定的串口并连接读写设备。
参数:Port----串口标号,整数0,1分别代表串口1,串口2。
返回值: =0,正确。
<>0,出错。返回值代表错误号。
举例:Ret = InitComm(0) 初始化串口1。

ExitComm()
说明:退出串口连接。
参数:无。
返回值: =0,正确。
<>0,出错。返回值代表错误号。
举例:Ret = ExitComm() 退出串口。

ErrorMsg(ErrNo)
说明:返回错误信息。
参数:错误号。
返回值: 错误信息。
举例:Msg = ErrorMsg(0) 返回“成功”。

GetInfo()
说明:获取设备的版本号。
参数:无。
返回值: 设备的版本号。
举例:Vno = GetInfo()。

TestCard()
说明:测试读写器内是否插卡。
参数:无。
返回值: =0,正确。
<0,读写器内没有插卡。返回值代表错误号。
举例:Ret = TestCard()

OpenCard(CardType)
说明:打开对某种型号卡的操作参数:CardType----IC卡类型。具体值参见附录一。
返回值: =0,正确。
<>0,出错。返回值代表错误号。
举例:Ret = OpenCard(AT24C01A) 选择卡型为AT24C01A。

ReadChr(Addr,Len)
说明:从卡上指定地址读取指定长度的字符串。
参数:Addr----读操作的卡内起始地址。
Len----字符串长度。
返回值:从卡上读取的字符串。
读操作出错。返回""。
举例:cData = ReadChr(0, 10) 从卡上应用区地址0读取10个字符。

WriteChr(Addr,Len,cData)
说明:将指定长度的字符串写入到卡片的指定起始地址上。
参数:Addr----写操作的卡内起始地址。
Len----字符串长度。
cData----要向卡片写入的字符串。
返回值: =0,正确。
<0,写操作出错。返回值代表错误号。
举例:Ret = WriteChr(0, 14, "Testing MCS-C!") 将字符串写入卡地址0处。

ReadInt(Addr)
说明:从卡上指定的起始地址读取一个双精度数。
参数:Addr----读操作的卡内起始地址。
返回值:从卡上读取的双精度数。
举例:iData = ReadInt(0) 从卡上应用区地址0读取双精度数。

WriteInt(Addr,iData)
说明:将一个双精度数写入到卡内指定起始地址处。
参数:Addr----写操作的卡内起始地址。
iData----要向卡内写入的双精度数。
返回值: =0,正确。
<0,写操作出错。返回值代表错误号。
举例:Ret = WriteInt(0, 12345.6789) 将12345.6789写入到卡内地址0处。

CloseCard()
说明:关闭卡操作参数:无。
返回值: =0,正确。
<>0,出错。返回值代表错误号。
举例:Ret = CloseCard()

ReadFZ()
说明:读厂商代码。
参数:无。
返回值:从卡上读取厂商代码(16进制字符串)。
读操作出错。返回""。
举例:FZ = ReadFZ()

ReadIZ()
说明:读卡商代码。
参数:无。
返回值:从卡上读取卡商代码(16进制字符串)。
读操作出错。返回""。
举例:IZ = ReadIZ()

ReadCPZ()
说明:读代码保护区。
参数:无。
返回值:从卡上读取代码保护区(16进制字符串)。
读操作出错。返回""。
举例:CPZ = ReadCPZ()

WriteCPZ(CPZ)
说明:写代码保护区。
参数:长度为为16个字节的字符串(16进制字符串)。
返回值: =0,正确。
<>0,出错。返回值代表错误号。
举例:Ret = WriteCPZ("0123456789ABCDEF")

ReadMTZ()
说明:读测试区。
参数:无。
返回值:从卡上读取代码保护区(16进制字符串)。
读操作出错。返回""。
举例:MTZ = ReadMTZ()

WriteMTZ(MTZ)
说明:写测试区。
参数:字符串(16进制字符串)。
返回值: =0,正确。
<>0,出错。返回值代表错误号。
举例:Ret = WriteMTZ("ABCDEF")

SetZone(Zone)
说明:选择应用区。
参数:Zone----要选择的应用区号。0-n代表应用区0至应用区n。
返回值: =0,正确。
<0,出错。返回值代表错误号。
举例:Ret = SetZone(1)

CheckSC(SC)
说明:比较密码(或区密码)。
参数:字符串(16进制字符串)。
返回值: =0,正确。
<0,出错。返回值代表错误号。
举例:Ret = CheckSC("FFFF")

UpdateSC(SC)
说明:更新密码(或区密码)。
参数:字符串(16进制字符串)。
返回值: =0,正确。
<0,出错。返回值代表错误号。
举例:Ret = UpdateSC("9999")

ReadSCAC()
说明:读密码(或区密码)校验错误计数。
参数:无。
返回值:密码校验错误计数值。
举例:SCAC = ReadSCAC()

CheckEZ(EZ)
说明:比较擦除密码(或区擦除密码)。
参数:字符串(16进制字符串)。
返回值: =0,正确。
<0,出错。返回值代表错误号。
举例:Ret = CheckEZ("FFFF")

UpdateEZ(EZ)
说明:更新擦除密码(或区擦除密码)。
参数:字符串(16进制字符串)。
返回值: =0,正确。
<0,出错。返回值代表错误号。
举例:Ret = UpdateEZ("9999")

ReadEZAC()
说明:读擦除密码(或区擦除密码)校验错误计数。
参数:无。
返回值:密码校验错误计数值。
举例:EZAC = ReadEZAC()

Erase(Addr,Len)
说明:从指定位置起擦除指定长度的字节。
参数:Addr----要擦除的起始地址。
Len----要擦除的长度。
返回值: =0,正确。
<0,出错。返回值代表错误号。
举例:Ret = Erase(0, 10)

Fuse()
说明:烧断卡上熔丝。
参数:无。
返回值: =0,正确。
<0,出错。返回值代表错误号。
举例:Ret = Fuse()

ReadIC()
说明:读发布号(AT88SC153专用)。
参数:无。
返回值:发布号(16进制字符串)。
举例:Ret = ReadIC()

WriteIC(IC)
说明:写发布号(AT88SC153专用)。
参数:字符串(16进制字符串)。
返回值: =0,正确。
<0,出错。返回值代表错误号。
举例:Ret = WriteIC("012456789ABCDEF")

ReadDCR()
说明:读设备设置寄存器(AT88SC153专用)。
参数:无。
返回值:设备设置寄存器的值(16进制字符串)。
举例:Ret = ReadDCR()

WriteDCR(DCR)
说明:写设备设置寄存器(AT88SC153专用)。
参数:字符串(16进制字符串)。
返回值: =0,正确。
<0,出错。返回值代表错误号。
举例:Ret = WriteDCR("FF")

InitAuth(Nc,Ci,Gc)
说明:初始化认证协议。
参数:Nc----识别码。
Ci----密文。
Gc----密钥。
返回值: =0,正确。
<0,出错。返回值代表错误号。
举例:Ret = InitAuth(Nc,Ci,Gc)

CheckAuth(Gc)
说明:认证协议。
参数:Gc----密钥。
返回值: =0,正确。
<0,出错。返回值代表错误号。
举例:Ret = CheckAuth(Gc)

ReadAAC()
说明:读认证错误计数。
参数:无。
返回值:认证校验错误计数值。
举例:AAC = ReadAAC()

ReadAR()
说明:读应用区的访问权限。
参数:无。
返回值:当前访问区权限字节(16进制字符串)。
举例:AR = ReadAR()

WriteAR(AR)
说明:设置应用区的访问权限。
参数:AR----当前访问区权限字节(16进制字符串)。
返回值: =0,正确。
<0,出错。返回值代表错误号。
举例:Ret = WriteAR("FF")

CheckWP(WP)
说明:比较当前区写密码。
参数:字符串(16进制字符串)。
返回值: =0,正确。
<0,出错。返回值代表错误号。
举例:Ret = CheckWP("FFFFFF")

UpdateWP(WP)
说明:更新当前区写密码。
参数:字符串(16进制字符串)。
返回值: =0,正确。
<0,出错。返回值代表错误号。
举例:Ret = UpdateWP("999999")

ReadWPAC()
说明:读当前区写密码校验错误计数。
参数:无。
返回值:当前区写密码校验错误计数值。
举例:WPAC = ReadWPAC()

CheckRP(RP)
说明:比较当前区读密码。
参数:字符串(16进制字符串)。
返回值: =0,正确。
<0,出错。返回值代表错误号。
举例:Ret = CheckRP("FFFFFF")

UpdateRP(RP)
说明:更新当前区读密码。
参数:字符串(16进制字符串)。
返回值: =0,正确。
<0,出错。返回值代表错误号。
举例:Ret = UpdateRP("999999")

ReadRPAC()
说明:读当前区读密码校验错误计数。
参数:无。
返回值:当前区读密码校验错误计数值。
举例:RPAC = ReadRPAC()

FuseStatus()
说明:读取卡内熔丝状态参数:无。
返回值: =0,已熔。
=1,未熔。
举例:PER = FuseStatus()

SetPage(Page)
说明:选择主存储区的当前页。
参数:Page----要选择的页号。1-n代表页1至页n。
返回值: =0,正确。
<0,出错。返回值代表错误号。
举例:Ret = SetPage(1)

SetBuff(Buff)
说明:选择缓冲区。
参数:Buff----要选择的缓冲区。1,2代表缓冲区1,缓冲区2。
返回值: =0,正确。
<0,出错。返回值代表错误号。
举例:Ret = SetBuff(1)

ReadPage(Addr,Len)
说明:读取主存储区页内的字符。
参数:Addr----要读取的起始字节地址。
Len----要读取的长度。
返回值:返回的数据字符串。
举例:cData = ReadPage(0,10)

ReadBuff(Addr,Len)
说明:读取缓冲区内的字符。
参数:Addr----要读取的起始字节地址。
Len----要读取的长度。
返回值:返回的数据字符串。
举例:cData = ReadBuff(0,10)

WritePage(Addr,Len,cData)
说明:写字符到主存储区页。
参数:Addr----要写入的起始字节地址。
Len----要写入的长度。
cData----用于存放写入卡片的数据的字符串。
返回值: =0,正确。
<0,返回值代表错误号。
举例:Ret = WritePage(0,10,"1234567890")

WriteBuff(Addr,Len,cData)
说明:写字符到缓冲区。
参数:Addr----要写入的起始字节地址。
Len----要写入的长度。
cData----用于存放写入缓冲区的数据的字符串。
返回值: =0,正确。
<0,返回值代表错误号。
举例:Ret = WriteBuff(0,10,"1234567890")

CompPB()
说明:比较主存储区页与缓冲区的内容。
参数:无。
返回值: =0,正确。
<0,返回值代表错误号。
举例:Ret = CompPB()

PageToBuff()
说明:主存储区内容向缓冲区传送。
参数:无。
返回值: =0,正确。
<0,返回值代表错误号。
举例:Ret = PageToBuff()

BuffToPage()
说明:从缓冲区写数据到主存储区页。
参数:无。
返回值: =0,正确。
<0,返回值代表错误号。
举例:Ret = BuffToPage()

ReadStatus()
说明:读状态字(忙闲)
参数:无。
返回值: =0,闲。
<0,返回值代表忙或错误号。
举例:Ret = ReadStatus()

AutoRWrite()
说明:自动回写。
参数:无。
返回值: =0,正确。
<0,返回值代表错误号。
举例:Ret = AutoRWrite()
附录一:卡类型预定义
AT24C01 = 0
AT24C01A = 1
AT24C02 = 2
AT24C04 = 3
AT24C08 = 4
AT24C16 = 5
AT24C32 = 6
AT24C64 = 7
AT24C128 = 8
AT24C256 = 9

AT88SC102 = 12
AT88SC1604_E = 15
AT88SC6603 = 15
AT88SC1604_N = 16
AT88SC6601 = 16
AT88SC1608 = 17
AT88SC153 = 18

AT45D041 = 23
附录二:ICFOX.PLB测试例程
SET TALK OFF
SET LIBR TO ICFOX
? ErrorMsg(InitComm(0))
? ErrorMsg(TestCard(0))
? ErrorMsg(OpenCard(1))
? ErrorMsg(WriteChr(0,10,”0123456789”))
rData=ReadChr(0,10)
=Close()
IF rData <> “0123456789”
? “读卡错误”
ELSE
? “测试正常”
ENDIF
RETURN
第三章接触式IC卡底层软件开发实例对了更好地说明接触式IC卡读写器是如果工作的,本章公布了部分德诚系统有限公司MCS-C读写器低层CPU的C51程序,包括了IC卡操作底层函数,以AT24C64卡为例的实例程序。这些程序是根据德诚系统有限公司实际使用的函数向用户公开的,也可供其它打算生产接触式IC卡读写器的厂家参考,以便开发自已的IC卡驱动函数。
??2 IC卡操作底层函数
1? IC卡操作底层函数说明:
IC卡座的引脚定义示意图如下:

VCC [C1] [C5] GND
RESET [C2] [C6] No Use
CLK [C3] [C7] I / O
FUS [C4] [C8] PGM

void _CardSetPower(uchar Level);
功能:将IC卡读写器Vcc段上电或下电。
输入:Level
当Level=1,给IC卡读写器上电。
当Level=0,给IC卡读写器下电。
输出:无

void _CardSetReset(uchar Level);
功能:置IC卡读写器Reset高或低。
输入:Level
当Level=1,给IC卡读写器Reset端置高。
当Level=0,给IC卡读写器Reset端置低。
输出:无

void _CardSetClock(uchar Level);
功能:置IC卡读写器Clock高或低。
输入:Level
当Level=1,给IC卡读写器Clock置高。
当Level=0,给IC卡读写器Clock置低。
输出:无

void _CardSetPGM(uchar Level);
功能:置IC卡读写器PGM高或低。

Outdoor Side Tables

Outdoor Side Tables,White Table Side Tables,Outdoor Side Table,Aluminum Plate Side Tables

INCHEE FURNITURE CO.,LTD , https://www.incheehome.com

Posted on