SLE4442 Smart Card adapter (KF-011C)

General
61

Congratulations!

How would it be formatted in the file? All three memory regions or just the data? Binary or ascii? Do you hope to reprogram from the same file?

62

My preference is binary so one may view it later with hexviewer. If the dump is full card. As we always may read. Then all three memory regions please. Thank you! I owe you some coffee

63

bus_pirate5_rev10-SLE4442-filedump.zip (173.4 KB)

I didnā€™t test it. It has no help. I reused the dump command, add a -f filename.bin flag. Format is
MEM: 256 bytes
SECMEM: 4 bytes
PROTMEM: 4 bytes

Iā€™m pushing to a new branch if you need to trouble shoot. its in /commands/2wire/sle4442.c line 313-ish.

Iā€™ll flesh it out when I have a chance.

1 Like
64

Iā€™ve got your SLE4442 board. Itā€™s not finding any cards. Just to make sure, what do I need to set up on the BP to test things? I enter 2-wire mode and then try sle4442 init and [0x30 0 0] r:256

Are the switches on or off? Power? What voltage?
Iā€™ve tried both the old SIM adapter and the full card slot. I buzzed the connections and I think they are good.
Any debug tips.

BPsim
BPsim1245Ɨ938 195 KB

I have a few SIM cards lying aroundā€¦ :slight_smile:

SIM
SIM706Ɨ938 197 KB

65

p.s. The LEDā€™s never light up. I oriented the arrows in the direction you said. My meter in diode test mode lights them up.

66

Looking good!

The switches should be set towards the Bus Pirate for normal use.

be sure to enable power with W and usually also a pullup resistor with P.

For a SIM card:

  • Use HLFDPLXUART mode (whatever itā€™s called, its an unfortunate abbreviation)
  • set to 9600buad, Even parity, 2 stop bits
  • W 3.3; P for power and pullups
  • G 1 - to generate a clock frequency on IO1/clock
  • set to 3.5712MHz, 50%
  • type { to open the uart with live view
  • a 2; @ 2 lower and raise IO2/RST
  • The ART should come out. Usually starting with 3B
  • Decoder

For SLE4442 (big chip card, six pins, usually used in hotel room keys):

  • Use 2WIRE mode
  • speed 20-50khz
  • W 3.3; P for power and pullups
  • L for least significant bit mode.
  • } D { ^ } r:4 this should fetch the ATR
  • 0xa2 0x13 0x10 0x91 should be the ATR. If it starts with 0x45 check that you set LSB mode with L command.
  • also check out sle4442 -h
1 Like
67

Your board might need some flux cleaningšŸ˜‰

68

I just tested that firmware. I managed to dump one card that had some data on it.

2WIRE> sle4442 dump -f card.bin
--SLE44xx decoder--
ATR: 0xa2 0x13 0x10 0x91
Protocol Type: S 10
Structure Identifier: General Purpose (Structure 1)
Read: Read to end
Data Units: 256
Data Units Bits: 8
Security memory: 0x07 0x00 0x00 0x00
Remaining attempts: 3 (0x7)
Dumping to card.bin...
Dump complete

2WIRE> ls
       333 bpconfig.bp
        34 bp2wire.bp
       264 card.bin
0 dirs, 3 files

But empty card gave me this:


2WIRE> sle4442 dump -f cardempty
--SLE44xx decoder--
ATR: 0xa2 0x13 0x10 0x91
Protocol Type: S 10
Structure Identifier: General Purpose (Structure 1)
Read: Read to end
Data Units: 256
Data Units Bits: 8
Security memory: 0x07 0x00 0x00 0x00
Remaining attempts: 3 (0x7)
Dumping to cardempty...
Error: invalid path

Then I did # restart and it worked two times in a row on the same card.

2WIRE> sle4442 dump -f empty
--SLE44xx decoder--
ATR: 0xa2 0x13 0x10 0x91
Protocol Type: S 10
Structure Identifier: General Purpose (Structure 1)
Read: Read to end
Data Units: 256
Data Units Bits: 8
Security memory: 0x07 0x00 0x00 0x00
Remaining attempts: 3 (0x7)
Dumping to empty...
Dump complete

2WIRE> sle4442 dump -f empty2
--SLE44xx decoder--
ATR: 0xa2 0x13 0x10 0x91
Protocol Type: S 10
Structure Identifier: General Purpose (Structure 1)
Read: Read to end
Data Units: 256
Data Units Bits: 8
Security memory: 0x07 0x00 0x00 0x00
Remaining attempts: 3 (0x7)
Dumping to empty2...
Dump complete

When is Error: invalid path triggered?

EDIT: I see it now. The error is triggered when i used hypen (-) in the filename. Then one need to reset BP5 to be able to dump afterwords.
And after reset and using filename without hypen it works again.

EDIT2: Nope I was wrong its not hypen its filename longer than 8 chars.

69

Yup, that is it. It shouldnā€™t hang though. Iā€™ll look into that. Long File Names are not supported, so everything needs to be old 8.3 dos format.

1 Like
70

Owww please dont look here why it hangs it doesnt hang i just didnt post the full outputšŸ˜… It throws an error but hangs not.

1 Like
71

So the dump to file works but I think it should also be able to dump to screen. Maybe if -f is added then dump to file. And if not then dump to screen.

72

Yeah, I need to add a new verb (dump/read?) and help and options.

73

Also write from -f would be usefulšŸ˜†

74

I never would have come up with this sequence.
Iā€™m having trouble with this step.

When I type

HDPLXUART> G
Generate frequency
Choose available pin:
 2. IO2
 3. IO3
 4. IO4
 5. IO5
 6. IO6
 7. IO7
 x. Exit

I cannot choose IO1
I also get this response when I input ā€œG 1ā€

75

Is this on your rev8 board?

76 
Bus Pirate 5 REV10
Firmware main branch (2024-04-13T13:41:55Z)

Iā€™m updating the firmware to the latest as we speak. Aha! Todayā€™s version doesn;t have this issue. Continuingā€¦

77

I used some iso alcohol this time. It looks better now. Thanks.

78

Sorry for being confused, but I tried your syntax and had problems.

2WIRE> L
Bitorder: LSB 0b00000001
2WIRE> a.2 D A.2 ^ a.2 r:4
Invalid command: a.2. Type ? for help.
2WIRE> a 2 ; D ; A 2 ^ a 2; r:4
Error: IO2 is in use by RST
Invalid command: D. Type ? for help.
2WIRE> a 2
Error: IO2 is in use by RST
WIRE> > a.2 D A.2 ^ a.2 r:4 
Error: at position 3 IO2 is already in use
Syntax compile error
79

Sorry! My fault, I copied and pasted from above, and I actually added a method to control RST on IO2:

} D { ^ } r:4

  • } RST (IO2) low to start
  • D delay
  • { RST high
  • ^ one clock tick
  • } RST low
  • r:4 read the 4 byte ATR
80

I get

2WIRE> } D { ^ } r:4

RST LOW
Delay: 1ms
RST HIGH
Tick clock: 1
RST LOW
RX: 0xA2 0x13 0x10 0x91