Skip to main content
Topic: Macro (1) and (2) in 2WIRE protocol. (Read 4539 times) previous topic - next topic

Macro (1) and (2) in 2WIRE protocol.

Hi there,
playing around with Bus Pirate and SLE4442 smart cards I have found macro (1) only works in firmware 4.2, upper revisions suffer of MSB/LSB inverted order.
I could be wrong because I'm not tried all the firmware between 4.2 and last 6.3beta.
Surely 5.10 which was the stock firmware in my unit it doesn't work as well like almost all else I have tried, but pretty sure.
So I downgrade my Bus Pirate v3.6 to 4.2 firmware release and start to play with 4442 smart cards.
Now macro (1) works like a charm:
 
RAW2WIRE>(1)
ISO 7816-3 ATR (RESET on CS)
RESET HIGH, CLOCK TICK, RESET LOW
ISO 7816-3 reply (uses current LSB setting): 0xA2 0x13 0x10 0x91
Protocol: 2 wire
Read type: to end
Data units: 256
Data unit length (bits): 8
 
I know it's the ATR (ISO 7816-3 “answer to reset” response).
 
Performing macro (2) I get:
 
RAW2WIRE>(2)
ISO 7816-3 reply (uses current LSB setting): 0xFF 0xFF 0xFF 0xFF
Protocol: RFU
Read type: variable length
Data units: RFU
Data unit length (bits): 128
 
which is the same I get with latest firmware's release v6.3-r2151.
The problem is I don't understand clearly what the command does mean so I can't understand if what I get is right or no.
Hence the question is what does it mean "ISO7816-3 parse only"?
Last but not least, I found source code for the old v4.2 firmware release but sadly finally I can't find the v6.3-r2151 which I suppose to be the last one.
It seems to me there aren't anything more new.
Is in here anybody who know anything about that?
Thanks in advance.
 
Kindest regards,
sre71

Re: Macro (1) and (2) in 2WIRE protocol.

Reply #1
[quote author="sre71"]
Last but not least, I found source code for the old v4.2 firmware release but sadly finally I can't find the v6.3-r2151 which I suppose to be the last one.[/quote]


I think you'll find it here or somewhere near here
http://http://code.google.com/p/dangerous-prototypes-open-hardware/source/browse/#svn%2Ftrunk%2FBus_Pirate%2FFirmware%253Fstate%253Dclosed

and the firmware (which you probably have by the sound of it)  should be around here
http://http://code.google.com/p/dangerous-prototypes-open-hardware/source/browse/#svn%2Ftrunk%2FBus_Pirate%2Fpackage%2FBPv3-firmware

Hope that's of help

Re: Macro (1) and (2) in 2WIRE protocol.

Reply #2
Hi Sleepwalker3,
thanks for the kind reply.
I already know those two link because I retrieved there the v4.2 revision and some more recent scripts.
Thanks anyway.
Sadly I can't find there the source of what it's for me, I guess, the latest version although beta.
Even I'm not a software architect my purpose it's to take a look at the code in order to try to fix something which annoys me, but already I know I'll not able.
Groped does not harm, though!
Read the scripts and compare among them could help me to understand how fix the things, may be!
However some ones seems to me a kinda old, so I'm looking for a new ones although perhaps actually newer releases use some of them also.
Some of the same scripts compared among them they are write in different way, I means as style and I don't understand if it's because improvements between them or if it's in order to add corrections.
For the matter I'm talking about, 2WIRE protocol, seems to me it has stopped working properly since v4.2 release long time ago.
I'd like find the culprit of that behaviour in order to fix it.
That's why my questions.
Thank you again for the kind reply Sleepwalker3, surely it's help for me!
 
Kindest regards,
sre71

Re: Macro (1) and (2) in 2WIRE protocol.

Reply #4
Hi Mick M,
thank you for the kind reply.
Yes, it is.
It is, as it was the same posted by Sleepwalker3 and that I found myself.
Slowly I'm realizing actually firmware's releases are made of various parts which they aren't all released in the same date.
Something it's new while other it's still old because it don't affected by changes.
I'm looking at some script, expecially those which are related with 2WIRE protocol.
Sadly however it's difficult for me retrieve the right informations.
For instance I wrote about macro (1) and (2) of the 2 WIRE protocol.
Now in the raw2wire.c script for macro (1) i see the sequence "a0%255@^a" so I understand how perform it.
On the Bus Pirate I have to send that sequence follow by repetition command for each byte I want to read, hence:
2WIRE>a0%255@^arrrr
I get:
READ: 0xA2
READ: 0x13
READ: 0x10
READ: 0x91
which it's the ISO7816-3 ATR, I get it!
Ok, that have to be parsed, but I already know this.
While for the macro number (2) I can't understand much.
I guess it should be just the parsing of the previous ones macro, though I see four bytes which aren't the same as before and no sequence and command are explicitly mentioned.
Weird for me, but I'm not a software architect, maybe for somebody else it's normal and easy to understand, don't me though.
I need to see what is wrong in order to change it using the right one which I found reading the working script.
Simply I can compare the working script against the not working one putting in the first what is right in the second while remove what is wrong.
This is my purpose.
Going ahead, seems to me recent firmware are more based on standard preconfigured messages than the early releases and for me were more understandable the last ones than the first ones.
But again I'm not a software architect or somebody who is related with that kind of matter.
Thank you again for the kind help MickM!
 
Kindest regards,
sre71

Re: Macro (1) and (2) in 2WIRE protocol.

Reply #5
Hy guys.
Sorry for hijack this old thread.
Only one question.
Is somebody who know the exact purpose of macro(2) still around?
Seems that macro(2) does have not trigger so it is likely that it exists to listen for data on the bus when the ATR signal is being sent from something else rather than the Bus Pirate itself.
But how it is supposed to work?
I mean apparently it does not works like sniffer so it should need some signal for synchronization and start.
Which could be a way to test its exact expected functioning?
Hope that somebody, maybe Ian or whoever wrote it, can do an answer.
Thanks!
 
Be seeing you.
 
U.Sb