From 7afb7efea42212892a6bd052542e87debcbeb9e3 Mon Sep 17 00:00:00 2001 From: Federico Cerutti Date: Tue, 18 Aug 2020 19:04:57 +0200 Subject: sle44xx: add smart card dumps for the SLE4442 chip Each dump file contains the capture of a single operation. Dumps were performed with a generic fx2lafw device @ 500kHz [ gsi: rephrase the commit message's caption ] --- sle44xx/sle4442/README | 38 +++++++++++++++++++++ sle44xx/sle4442/sle4442_atr.sr | Bin 0 -> 497 bytes sle44xx/sle4442/sle4442_psc_correct.sr | Bin 0 -> 988 bytes sle44xx/sle4442/sle4442_psc_wrong.sr | Bin 0 -> 1024 bytes sle44xx/sle4442/sle4442_read_main_memory.sr | Bin 0 -> 1048 bytes .../sle4442/sle4442_write_cafe1337_offset_30.sr | Bin 0 -> 1760 bytes 6 files changed, 38 insertions(+) create mode 100644 sle44xx/sle4442/README create mode 100644 sle44xx/sle4442/sle4442_atr.sr create mode 100644 sle44xx/sle4442/sle4442_psc_correct.sr create mode 100644 sle44xx/sle4442/sle4442_psc_wrong.sr create mode 100644 sle44xx/sle4442/sle4442_read_main_memory.sr create mode 100644 sle44xx/sle4442/sle4442_write_cafe1337_offset_30.sr diff --git a/sle44xx/sle4442/README b/sle44xx/sle4442/README new file mode 100644 index 0000000..7930c40 --- /dev/null +++ b/sle44xx/sle4442/README @@ -0,0 +1,38 @@ +------------------------------------------------------------------------------- +Siemens SLE4442 Chip Card protocol capture +------------------------------------------------------------------------------- + +This is a collection of reader-card communication dumps. + + +Logic analyzer setup +-------------------- + +The logic analyzer used was a Cypress FX2 no-brand device (at 500kHz): + + Probe SLE4442 pin + ----------------------- + 1 I/O + 2 CLK + 3 RST + + +sle4442_atr.sr +-------------- +ATR issued by reader and response by card + +sle4442_psc_correct.sr +---------------------- +Reader reset, PSC sent by reader to the card and accepted + +sle4442_psc_wrong.sr +-------------------- +Reader reset, PSC sent by reader to the card and refused + +sle4442_read_main_memory.sr +--------------------------- +Full read of main memory + +sle4442_write_cafe1337_offset_30.sr +----------------------------------- +Write 0xCA 0xFE 0x13 0x37 to main memory at offset 0x30, then main memory read diff --git a/sle44xx/sle4442/sle4442_atr.sr b/sle44xx/sle4442/sle4442_atr.sr new file mode 100644 index 0000000..f5ab712 Binary files /dev/null and b/sle44xx/sle4442/sle4442_atr.sr differ diff --git a/sle44xx/sle4442/sle4442_psc_correct.sr b/sle44xx/sle4442/sle4442_psc_correct.sr new file mode 100644 index 0000000..d9c6087 Binary files /dev/null and b/sle44xx/sle4442/sle4442_psc_correct.sr differ diff --git a/sle44xx/sle4442/sle4442_psc_wrong.sr b/sle44xx/sle4442/sle4442_psc_wrong.sr new file mode 100644 index 0000000..09477d3 Binary files /dev/null and b/sle44xx/sle4442/sle4442_psc_wrong.sr differ diff --git a/sle44xx/sle4442/sle4442_read_main_memory.sr b/sle44xx/sle4442/sle4442_read_main_memory.sr new file mode 100644 index 0000000..28b88b4 Binary files /dev/null and b/sle44xx/sle4442/sle4442_read_main_memory.sr differ diff --git a/sle44xx/sle4442/sle4442_write_cafe1337_offset_30.sr b/sle44xx/sle4442/sle4442_write_cafe1337_offset_30.sr new file mode 100644 index 0000000..ea1a6ac Binary files /dev/null and b/sle44xx/sle4442/sle4442_write_cafe1337_offset_30.sr differ -- cgit v1.2.3-54-g00ecf