I am able to connect to the Bluetooth HID device successfully and able to control the paired device home button and navigation buttons.
But unable to send Keyboard key events properly to the HID device. When I am typing something in the host device, the HID device responding with random actions.
I have the following code for the connection with descriptors array,
override fun onServiceConnected(profile: Int, proxy: BluetoothProfile?) {
if (profile == BluetoothProfile.HID_DEVICE) {
mBtHidDevice = proxy as BluetoothHidDevice
val sdp = BluetoothHidDeviceAppSdpSettings(
"HidControl",
"Android HID Joystick",
"Android",
0xC0.toByte(),
descriptor
)
}
}
The descriptor array is as below,
private val descriptor = byteArrayOf( // HID descriptor
0x09, // bLength
0x21, // bDescriptorType - HID
0x11, 0x01, // bcdHID (little endian - 1.11)
0x00, // bCountryCode
0x01, // bNumDescriptors (min 1)
0x22, // bDescriptorType - Report
0x30, 0x00, // wDescriptorLength (48)
// Report descriptor
0x05, 0x01, // USAGE_PAGE (Generic Desktop)
0x09, 0x06, // USAGE (Key board)
0xa1.toByte(), 0x01, // COLLECTION (Application)
0xa1.toByte(), 0x00, // COLLECTION (Physical)
0x05, 0x09, // USAGE_PAGE (Button)
0x19, 0x01, // USAGE_MINIMUM (Button 1)
0x29, 0x04, // USAGE_MAXIMUM (Button 4)
0x15, 0x00, // LOGICAL_MINIMUM (0)
0x25, 0x01, // LOGICAL_MAXIMUM (1)
0x75, 0x01, // REPORT_SIZE (1)
0x95.toByte(), 0x04, // REPORT_COUNT (4)
0x81.toByte(), 0x02, // INPUT (Data,Var,Abs)
0x75, 0x04, // REPORT_SIZE (4)
0x95.toByte(), 0x01, // REPORT_COUNT (1)
0x81.toByte(), 0x03, // INPUT (Cnst,Var,Abs)
0x05, 0x01, // USAGE_PAGE (Generic Desktop)
0x09, 0x30, // USAGE (X)
0x09, 0x31, // USAGE (Y)
0x15, 0x81.toByte(), // LOGICAL_MINIMUM (-127)
0x25, 0x7f, // LOGICAL_MAXIMUM (127)
0x75, 0x08, // REPORT_SIZE (8)
0x95.toByte(), 0x02, // REPORT_COUNT (2)
0x81.toByte(), 0x02, // INPUT (Data,Var,Abs)
0xc0.toByte(), // END_COLLECTION
0xc0.toByte() // END_COLLECTION
)
Code to send keyboard events to the target device is below
override fun onKeyUp(keyCode: Int, event: KeyEvent?): Boolean {
Log.d("Key Codes ", "$keyCode + event: $event")
for (btDev in mBtHidDevice!!.connectedDevices) {
mBtHidDevice!!.sendReport(
btDev, 0, byteArrayOf(event!!.keyCode.toByte())
)
mBtHidDevice!!.sendReport(
btDev, 0, byteArrayOf(
0
)
)
}
return super.onKeyUp(keyCode, event)
}
Please suggest if I am missing anything here. Thanks for the help!
You need to use Keyboard Usage Page.
The logical minimum and logical maximum that I see is only from 1 to 4. You wanted those USAGEs alone?
Refer to HID usage table https://www.usb.org/document-library/hid-usage-tables-122
There is a Keyboard use case in the appendix. You can refer to that.
Related
i tried to send extended APDU command into Desfire card on Android.
i was select the application on the card and success.
but when i tried to authentication process and send this command, i got response 67 00 (wrong length)
i send data :
00820000288C9D8E3837E8E47514E9010801C1615E65E677A21DC40E07B32DF6DE24EED3D6CD950BA8CB5E738528
where:
CLA : 0x00
INS : 0x82
P1 : 0x00
P2 : 0x00
Lc : 0x28 //(40 bytes)
data :
0x8C, 0x9D, 0x8E, 0x38, 0x37, 0xE8, 0xE4, 0x75, 0x14, 0xE9, 0x01, 0x08, 0x01, 0xC1
, 0x61, 0x5E, 0x65, 0xE6, 0x77, 0xA2, 0x1D, 0xC4, 0x0E, 0x07, 0xB3, 0x2D, 0xF6, 0xDE
, 0x24, 0xEE, 0xD3, 0xD6, 0xCD, 0x95, 0x0B, 0xA8, 0xCB, 0x5E, 0x73, 0x85
**Le : 0x28 (expected return length)**
i think there is nothing wrong with the command structure, but why the response is 67 00
i am using isodep library.
please some one help me..
I am using Arduino UNO with elechouse's library and a PN532 module connected through SPI.
I am trying to emulate a card using the emulate_tag_ndef example in that library, but when I try to read the emulated card with the NFC Tools app on my Samsung Galaxy S7, I get an empty serial number and I don't get the Ndef message similarly to this.
When I try to change the command array in the library according to the post lower on the linked issue on GitHub, then the emulated card cannot be detected by my phone at all.
The PN532 works alright in all other NFC modes (read/write, peer-to-peer) for me.
After trying a lot of possible workarounds, I can bravely claim that Android only works in HCE mode with PN532 and iOS only works with NDEF.
Give a look to this issue on Seeeds studio:
https://github.com/Seeed-Studio/PN532/issues/88
Android phones will only accept Felica Cards. If you put some random IDs, it will not be detected as NDEF card.
To emulate it right, you have to set the card ID in this way:
uint8_t command[] = {
PN532_COMMAND_TGINITASTARGET,
0x05, // MODE: 0x04 = PICC only, 0x01 = Passive only (0x02 = DEP only)
// MIFARE PARAMS
0x04, 0x00, // SENS_RES (seeeds studio set it to 0x04, nxp to 0x08)
0x00, 0x00, 0x00, // NFCID1t (is set over sketch with setUID())
0x20, // SEL_RES (0x20=Mifare DelFire, 0x60=custom)
// FELICA PARAMS
0x01, 0xFE, // NFCID2t (8 bytes) https://github.com/adafruit/Adafruit-PN532/blob/master/Adafruit_PN532.cpp FeliCa NEEDS TO BEGIN WITH 0x01 0xFE!
0x05, 0x01, 0x86,
0x04, 0x02, 0x02,
0x03, 0x00, // PAD (8 bytes)
0x4B, 0x02, 0x4F,
0x49, 0x8A, 0x00,
0xFF, 0xFF, // System code (2 bytes)
0x01, 0x01, 0x66, // NFCID3t (10 bytes)
0x6D, 0x01, 0x01, 0x10,
0x02, 0x00, 0x00,
0x00, // length of general bytes
0x00 // length of historical bytes
};
NFCID1t is the card UID, you can set something on your sketch.
NFCID2t has to be exactly how I wrote in the code above => Felica card
NFCID3t can be some random numbers.
You will see that there will be other issues with your sketch and sometimes it is impossible to debug or see why it does not work (for example if you have multiple NDEF Tags).
So, the most important tool to test your PN532 is this one from NXP:
https://play.google.com/store/apps/details?id=com.nxp.taginfolite
This will give you a lot of info. This app can also read your card, even if it is not formatted in the right way.
Edit: This is how I updated the emulatetag.cpp from PN532 library:
bool EmulateTag::emulate(const uint16_t tgInitAsTargetTimeout){
// https://www.nxp.com/docs/en/nxp/application-notes/AN133910.pdf
// Doc:
// Mode: 0x00 any command is accepted. 0x02 only ATR_REQ. 0x04 only RATS (ISO1443-4)
// Mifare: SENS_RES => bit 6 and 7 must be 0!
// NFCID1t => first byte must be 0x08 according to the ISO
// SEL_RES => bit 6 must be 1, to enable NFC protocol (example 0x40)
// FeliCa: NFCID2t => first 2 bytes must be 0x01 and 0xFE
//
uint8_t command[] = {
PN532_COMMAND_TGINITASTARGET,
0x05, // MODE: 0x04 = PICC only, 0x01 = Passive only (0x02 = DEP only)
// MIFARE PARAMS
0x04, 0x00, // SENS_RES (seeeds studio set it to 0x04, nxp to 0x08)
0x00, 0x00, 0x00, // NFCID1t (is set over sketch with setUID())
0x20, // SEL_RES (0x20=Mifare DelFire, 0x60=custom)
// FELICA PARAMS
0x01, 0xFE, // NFCID2t (8 bytes) https://github.com/adafruit/Adafruit-PN532/blob/master/Adafruit_PN532.cpp FeliCa NEEDS TO BEGIN WITH 0x01 0xFE!
0x05, 0x01, 0x86,
0x04, 0x02, 0x02,
0x03, 0x00, // PAD (8 bytes)
0x4B, 0x02, 0x4F,
0x49, 0x8A, 0x00,
0xFF, 0xFF, // System code (2 bytes)
0x01, 0x01, 0x66, // NFCID3t (10 bytes)
0x6D, 0x01, 0x01, 0x10,
0x02, 0x00, 0x00,
0x00, // length of general bytes
0x00 // length of historical bytes
};
if(uidPtr != 0){ // if uid is set copy 3 bytes to nfcid1
memcpy(command + 4, uidPtr, 3);
}
switch(pn532.tgInitAsTarget(command,sizeof(command), tgInitAsTargetTimeout))
{
case 1: break;
case 0: DMSG("tgInitAsTarget timed out!"); return false; break;
case -2: DMSG("tgInitAsTarget failed!"); return false; break;
}
uint8_t compatibility_container[] = {
0, 0x0F,
0x20,
0, 0x54,
0, 0xFF,
0x04, // T
0x06, // L
0xE1, 0x04, // File identifier
((NDEF_MAX_LENGTH & 0xFF00) >> 8), (NDEF_MAX_LENGTH & 0xFF), // maximum NDEF file size
0x00, // read access 0x0 = granted
0x00 // write access 0x0 = granted | 0xFF = deny
};
if(tagWriteable == false){
compatibility_container[14] = 0xFF;
}
tagWrittenByInitiator = false;
uint8_t rwbuf[128];
uint8_t sendlen;
int16_t status;
int16_t totalReads = 0;
tag_file currentFile = NONE;
uint16_t cc_size = sizeof(compatibility_container);
bool runLoop = true;
while(runLoop){
status = pn532.tgGetData(rwbuf, sizeof(rwbuf));
if(status < 0){
if (status == -2)
{
if (totalReads == 0)
{
if (pn532.tgInitAsTarget(command, sizeof(command), 1000) == 1) continue;
}
else
{
DMSG("Transmission over.\n");
pn532.inRelease();
return true;
}
}
DMSG("tgGetData failed!\n");
pn532.inRelease();
return false;
}
totalReads++;
uint8_t p1 = rwbuf[C_APDU_P1];
uint8_t p2 = rwbuf[C_APDU_P2];
uint8_t lc = rwbuf[C_APDU_LC];
uint16_t p1p2_length = ((int16_t) p1 << 8) + p2;
switch(rwbuf[C_APDU_INS]){
case ISO7816_SELECT_FILE:
switch(p1){
case C_APDU_P1_SELECT_BY_ID:
if(p2 != 0x0c){
DMSG("C_APDU_P2 != 0x0c\n");
setResponse(COMMAND_COMPLETE, rwbuf, &sendlen);
} else if(lc == 2 && rwbuf[C_APDU_DATA] == 0xE1 && (rwbuf[C_APDU_DATA+1] == 0x03 || rwbuf[C_APDU_DATA+1] == 0x04)){
setResponse(COMMAND_COMPLETE, rwbuf, &sendlen);
if(rwbuf[C_APDU_DATA+1] == 0x03){
currentFile = CC;
} else if(rwbuf[C_APDU_DATA+1] == 0x04){
currentFile = NDEF;
}
} else {
setResponse(TAG_NOT_FOUND, rwbuf, &sendlen);
}
break;
case C_APDU_P1_SELECT_BY_NAME:
const uint8_t ndef_tag_application_name_v2[] = {0, 0x07, 0xD2, 0x76, 0x00, 0x00, 0x85, 0x01, 0x01 };
if(0 == memcmp(ndef_tag_application_name_v2, rwbuf + C_APDU_P2, sizeof(ndef_tag_application_name_v2))){
setResponse(COMMAND_COMPLETE, rwbuf, &sendlen);
} else{
DMSG("function not supported\n");
setResponse(FUNCTION_NOT_SUPPORTED, rwbuf, &sendlen);
}
break;
}
break;
case ISO7816_READ_BINARY:
switch(currentFile){
case NONE:
setResponse(TAG_NOT_FOUND, rwbuf, &sendlen);
break;
case CC:
if( p1p2_length > NDEF_MAX_LENGTH){
setResponse(END_OF_FILE_BEFORE_REACHED_LE_BYTES, rwbuf, &sendlen);
}else {
memcpy(rwbuf,compatibility_container + p1p2_length, lc);
setResponse(COMMAND_COMPLETE, rwbuf + lc, &sendlen, lc);
}
break;
case NDEF:
if( p1p2_length > NDEF_MAX_LENGTH){
setResponse(END_OF_FILE_BEFORE_REACHED_LE_BYTES, rwbuf, &sendlen);
}else {
memcpy(rwbuf, ndef_file + p1p2_length, lc);
setResponse(COMMAND_COMPLETE, rwbuf + lc, &sendlen, lc);
}
break;
}
break;
case ISO7816_UPDATE_BINARY:
if(!tagWriteable){
setResponse(FUNCTION_NOT_SUPPORTED, rwbuf, &sendlen);
} else{
if( p1p2_length > NDEF_MAX_LENGTH){
setResponse(MEMORY_FAILURE, rwbuf, &sendlen);
}
else{
memcpy(ndef_file + p1p2_length, rwbuf + C_APDU_DATA, lc);
setResponse(COMMAND_COMPLETE, rwbuf, &sendlen);
tagWrittenByInitiator = true;
uint16_t ndef_length = (ndef_file[0] << 8) + ndef_file[1];
if ((ndef_length > 0) && (updateNdefCallback != 0)) {
updateNdefCallback(ndef_file + 2, ndef_length);
}
}
}
break;
default:
DMSG("Command not supported!");
DMSG_HEX(rwbuf[C_APDU_INS]);
DMSG("\n");
setResponse(FUNCTION_NOT_SUPPORTED, rwbuf, &sendlen);
}
status = pn532.tgSetData(rwbuf, sendlen);
if(status < 0){
DMSG("tgSetData failed\n!");
pn532.inRelease();
return true;
}
}
pn532.inRelease();
return true;
}
just uncomment some stuff like I did and it should work.
void setup()
{
Serial.begin(115200);
Serial.println("------- Emulate Tag --------");
message = NdefMessage();
message.addUriRecord("http://www.elechouse.com");
messageSize = message.getEncodedSize();
if (messageSize > sizeof(ndefBuf)) {
Serial.println("ndefBuf is too small");
while (1) { }
}
Serial.print("Ndef encoded message size: ");
Serial.println(messageSize);
message.encode(ndefBuf);
// comment out this command for no ndef message
nfc.setNdefFile(ndefBuf, messageSize);
// uid must be 3 bytes!
nfc.setUid(uid);
nfc.init();
}
void loop(){
// uncomment for overriding ndef in case a write to this tag occured
nfc.setNdefFile(ndefBuf, messageSize);
// start emulation (blocks)
nfc.emulate();
// or start emulation with timeout
if(!nfc.emulate(1000)){ // timeout 1 second
Serial.println("timed out");
}
// deny writing to the tag
// nfc.setTagWriteable(false);
if(nfc.writeOccured()){
Serial.println("\nWrite occured !");
uint8_t* tag_buf;
uint16_t length;
nfc.getContent(&tag_buf, &length);
NdefMessage msg = NdefMessage(tag_buf, length);
msg.print();
}
I have this USB Relay and I'd like to control from an Android phone.
(There is a similar post here but it explains how do it from a Linux shell. By looking at that code i figured i'd be able to solve it - apparently not.)
The device lists in lsusb:
Bus 002 Device 011: ID 16c0:05df VOTI
Device Descriptor:
bLength 18
bDescriptorType 1
bcdUSB 1.10
bDeviceClass 0 (Defined at Interface level)
bDeviceSubClass 0
bDeviceProtocol 0
bMaxPacketSize0 8
idVendor 0x16c0 VOTI
idProduct 0x05df
bcdDevice 1.00
iManufacturer 1
iProduct 2
iSerial 0
bNumConfigurations 1
Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength 34
bNumInterfaces 1
bConfigurationValue 1
iConfiguration 0
bmAttributes 0x80
(Bus Powered)
MaxPower 20mA
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 0
bAlternateSetting 0
bNumEndpoints 1
bInterfaceClass 3 Human Interface Device
bInterfaceSubClass 0 No Subclass
bInterfaceProtocol 0 None
iInterface 0
HID Device Descriptor:
bLength 9
bDescriptorType 33
bcdHID 1.01
bCountryCode 0 Not supported
bNumDescriptors 1
bDescriptorType 34 Report
wDescriptorLength 22
Report Descriptors:
** UNAVAILABLE **
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x81 EP 1 IN
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x0008 1x 8 bytes
bInterval 20
I find it strange that the end point is defined as "EP IN". In my mind it should be "EP OUT" since the direction should be "host->device".
Anyway, I use the Android USB manager to create a connection and then initialize the USbRequest for an interrupt based end point. Android permissions and all that is handled so the device is connected successfully.
Snippet for sending data. It runs in a separate thread following the Android guidelines:
UsbRequest request = new UsbRequest();
synchronized (mUsbLock) {
if (mUsbConnection != null && mUsbEndPointIn != null) {
if (!request.initialize(mUsbConnection, mUsbEndPointIn)) {
Log.e(TAG, "Unable to initialize UsbRequest. Thread exits");
return;
} else {
if (DEBUG) {
Log.d(TAG, String.format("Usb request is initialized"));
}
}
} else {
Log.e(TAG, "Usb communication is not up and running. The worker thread should never be started.");
return;
}
}
mRunning.set(true);
while (mRunning.get()) {
if (DEBUG) {
Log.d(TAG, String.format("Waiting for data to be sent to end point"));
}
WorkPackage wp = mWorkQueue.take();
// send the package.
byte[] data = wp.getData();
if (!request.queue(ByteBuffer.wrap(data), data.length)) {
Log.e(TAG, "Unable to queue to send data on UsbRequest.");
continue;
} else {
if (DEBUG) {
Log.d(TAG, String.format("Usb request is queued on end point, ep=%s", printUsbEndpoint(mUsbEndPointIn)));
}
}
}
It seems everything is fine, no errors occur and the request is queued on the end point but then nothing happens at all. I don't get any message back that the request has been handled.
Since the supplier won't release the on/off commands I tried variants based on the Linux post (above). None seem to work though. Supplier only release Windows binary lib.
Sending 8 byte packages (according to max package):
public static byte[] SET_RELAY_ON = {(byte) 0xff, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00};
public static byte[] SET_RELAY_OFF = {(byte) 0xfd, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00};
Help appreciated.
So, i figured out how to do this. I will write the solution here in case someone else is having a similar problem.
I had to snoop the USB traffic to understand what to actually send. It turned out that the defined interrupt end point was not used at all. So, the communication with the device was not interrupt based but instead using the control transfer type on end point 0.
So, using the Android USB API this translates into:
Open device (device->host direction):
int r = mUsbConnection.controlTransfer(0xa1, 0x01, 0x0300, 0x00, buffer, buffer.length, 500);
Open relay '1' (host->device direction).
byte[] buffer = {(byte) 0xff, (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00};
int r = mUsbConnection.controlTransfer(0x21, 0x09, 0x0300, 0x00, buffer, buffer.length, 500);
Note, the second parameter in the buffer (0x01) is the relay number (in case you have >1 relay on the board). I only had one.
close relay '1' (host->device direction):
byte[] buffer = {(byte) 0xfd, (byte) 0x01, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00};
int r = mUsbConnection.controlTransfer(0x21, 0x09, 0x0300, 0x00, buffer, buffer.length, 500);
I have found the project in Github which is similar with this it (for who is looking it)
https://github.com/gigacycle/AndroidHidUsbRelayControl
I have tested this code and I can confirm that it works well with the USB relay board.
I am trying to use the AOA 2.0 protocol and libusb to send key presses to an Android device. I am able to put the device accessory mode and and able to register the HID device. However whenever I send an event I get the error:
libusb: debug [handle_control_completion] unsupported control request
I think my problem may be the hid descriptor that I am sending, however I found one online that should work.
Here is my relevant code with the descriptor:
char DESC[] = {
0x05, 0x01, /* Usage Page (Generic Desktop) */
0x09, 0x06, /* Usage (Keyboard) */
0xA1, 0x01, /* Collection (Application) */
0x05, 0x07, /* Usage Page (Keyboard) */
0x19, 224, /* Usage Minimum (224) */
0x29, 231, /* Usage Maximum (231) */
0x15, 0x00, /* Logical Minimum (0) */
0x25, 0x01, /* Logical Maximum (1) */
0x75, 0x01, /* Report Size (1) */
0x95, 0x08, /* Report Count (8) */
0x81, 0x02, /* Input (Data, Variable, Absolute) */
0x81, 0x01, /* Input (Constant) */
0x19, 0x00, /* Usage Minimum (0) */
0x29, 101, /* Usage Maximum (101) */
0x15, 0x00, /* Logical Minimum (0) */
0x25, 101, /* Logical Maximum (101) */
0x75, 0x08, /* Report Size (8) */
0x95, 0x06, /* Report Count (6) */
0x81, 0x00, /* Input (Data, Array) */
0x05, 0x08, /* Usage Page (LED) */
0x19, 0x01, /* Usage Minimum (1) */
0x29, 0x05, /* Usage Maximum (5) */
0x15, 0x00, /* Logical Minimum (0) */
0x25, 0x01, /* Logical Maximum (1) */
0x75, 0x01, /* Report Size (1) */
0x95, 0x05, /* Report Count (5) */
0x91, 0x02, /* Output (Data, Variable, Absolute) */
0x95, 0x03, /* Report Count (3) */
0x91, 0x01, /* Output (Constant) */
0xC0 /* End Collection */
};
int response;
//Register the HID device
response = libusb_control_transfer(handle, 0x40, 54, 1, sizeof(DESC), NULL, 0, 0);
if (response < 0) {error(response); return -1;}
// Send the device descriptor
response = libusb_control_transfer(handle, 0x40, 56, 1, 0, DESC, sizeof(DESC), 0);
if (response < 0) {error(response); return -1;}
usleep(1000);
// OK so here is the problem, this request should just send the next song ket
// However I am getting unsupported control request.
char report[] = {0x07,0x00,0xEC,0x00,0x00,0x00,0x00,0x00};
response = libusb_control_transfer(handle, 0x40, 57, 1, 0, report, sizeof(report), 0);
if (response < 0) {error(response); return -1;}
return 0;
EDIT: Ok so I did some more digging around in the android adk code and I found a generic keyboard descriptor with some sample code. Now it seems to not fail like one out of every 10ish attempts which is very weird? I updated the code as well.
My problem was that I did not sleep long enough after sending the device descriptor.
usleep(100000);
Fixed it
I am communicating between PN532 on Arduino Uno with Nexus 7 running Kitkat 4.4.2,
The HCE program I had from here:
https://github.com/grundid/host-card-emulation-sample
I run the sample program on Nexus 7, and on Arduino I try to send APDU command:
uint8_t PN532::APDU ()
{
uint8_t message[] = {
0x00, /* CLA */
0xA4, /* INS */
0x04, /* P1 */
0x00, /* P2 */
0x07, /* Lc */
0xF0, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
0x00 /* Le */ };
/* Prepare the first command */
/* Send the command */
if (HAL(writeCommand)(message, 13)) {
Serial.println(F("Go here 1"));
return 0;
}
Serial.println(F("Go here 2"));
/* Read the response packet */
return (0 < HAL(readResponse)(message, sizeof(message)));}
Here is my APDU service file: apduservice.html
<host-apdu-service xmlns:android="http://schemas.android.com/apk/res/android"
android:description="#string/servicedesc"
android:requireDeviceUnlock="false" >
<aid-group
android:category="other"
android:description="#string/aiddescription" >
<aid-filter android:name="F0010203040506" />
</aid-group>
but I cannot get any response from the Nexus 7, and from Nexus 7 I also didn't record any signals? Does anyone know what I am missing here? Thanks
Using the Seeed-Studio PN532 library, you shouldn't need to create your own commands within the library (ie. what you did with uint8_t PN532::APDU () {...}.
Instead, you can use the methods that are already there. To establish a connection with a tag/contactless smartcard (or rather to enumerate the available tags/cards), you would start with inListPassiveTarget(). If the tag/smartcard supports APDUs, it will later automatically be activated for APDU-based communcation. Then you can use inDataExchange() to send and receive APDUs.
So, if you included the PN532 library like this:
PN532_xxx pn532hal(...);
PN532 nfc(pn532hal);
You could then use the library like this:
bool success = nfc.inListPassiveTarget();
if (success) {
uint8_t apdu = {
0x00, /* CLA */
0xA4, /* INS */
0x04, /* P1 */
0x00, /* P2 */
0x07, /* Lc */
0xF0, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
0x00 /* Le */
};
uint8_t response[255];
uint8_t responseLength = 255;
success = nfc.inDataExchange(apdu, sizeof(apdu), response, &responseLength);
if (success) {
// response should now contain the R-APDU you received in response to the above C-APDU (responseLength data bytes)
}
}