FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Tag Emulation not going to ACTIVE

Go to solution
LltWc
Associate III

‎2024-09-25 12:31 PM - edited ‎2024-09-26 05:07 AM

I've been working on implementing tag emulation on my device with an ST25R3916 and have run into a problem. First - the code is currently completely separate from the tag reader code, including init, so it's not a matter of not changing modes properly. And this is with my own codebase, not the RFAL. I'm using a Flipper Zero (which actually uses an ST25R3916) to test with since I read other posts about a phone being too fast, and it is specifically in the ISO-14443-4A mode. The Flipper Zero works with the NUCLEO-L476RG + X-NUCLEO-NFC08A1 tag emulation.

I have been closely following the RFAL as I implement my own version, and it only gets part of the way through anticollision. When I put a reader over the antenna, I see EON and RXE_PTA without any issues, but I never get a WU_A interrupt. I have PT_MEM populated with the same values as the RFAL (see pic 1), and follow all the same configurations except for the repeats since the RFAL is doing a lot of mode switching. When I do get an RXE_PTA, I get all the register values I would expect (see pic 2), so I don't understand why it isn't moving to ACTIVE through the automatic responses.

The main part where I diverge from the RFAL is that I'm not doing bitrate detection. Is this mandatory for some reason? Everything on the device is 106 kbit/s NFC-A, so I figured it was unnecessary.

LltWc_0-1727292213281.png

LltWc_1-1727292316338.png

Additionally, when I take the NUCLEO-L476RG + X-NUCLEO-NFC08A1 and place its antenna over my device's, it doesn't even read the NFCID (I added a log right where it obtains the NFCID for a working tag), so it seems like it's not even getting through the SDD_RES.

0 Kudos
This discussion has been locked for participation. If you have a question, please start a new topic in order to ask your question
1 ACCEPTED SOLUTION

Accepted Solutions
Go to solution
LltWc
Associate III

‎2024-09-26 12:27 PM

This one's all me—I wrote the ISO14443A register wrong and set antcl = 1, which must be set to 0 for anything but reader mode. Problem solved, I haven't implemented any read commands yet but I can recognize the NFCID, ATQA, and SAK from the Flipper Zero and from my phone.

View solution in original post

2 REPLIES 2
Go to solution
LltWc
Associate III

‎2024-09-26 09:27 AM

As I've continued debugging today, I found that the NFCID is being transmitted properly, but RFAL is returning a timeout error (see pic 1 below). 

LltWc_0-1727361818322.png

I switched from the values directly in the RFAL when it's in Listen Mode, and these SENS RES values: {0x01, 0x00}, {0x10, 0x00}, (0x08, 0x00}, {0x04, 0x00}, {0x02, 0x00}, {0x01, 0x00}.

So far as I can tell, there's some problem with the ST25R3916 causing it to successfully send a SENS_RES and SDD_RES, but not the SEL_RES. My next step will be to comb through RFAL configurations and registers again before I just go and implement anti-collision manually.

0 Kudos
Go to solution
LltWc
Associate III

‎2024-09-26 12:27 PM

This one's all me—I wrote the ISO14443A register wrong and set antcl = 1, which must be set to 0 for anything but reader mode. Problem solved, I haven't implemented any read commands yet but I can recognize the NFCID, ATQA, and SAK from the Flipper Zero and from my phone.

Top