hit counter script
  1. Manuals
  2. Brands
  3. Eccel Manuals
  4. Rfid Systems
  5. Pepper C1
  6. User manual

Eccel Pepper C1 User Manual

Rfid module
Hide thumbs Also See for Pepper C1:
Table of Contents

Advertisement

Quick Links

Download this manual
Pepper C1 RFID Module User Manual
1.
Introduction ...............................................................................................................................................................7
1.1 Device Overview ................................................................................................................................................7
2.
Electrical specification .............................................................................................................................................. 8
2.1 Absolute maximum ratings................................................................................................................................ 8
2.2 Operating conditions .........................................................................................................................................8
2.3 DC characteristics (V
2.4 Current consumption (3.3V input) ....................................................................................................................9
Getting started ........................................................................................................................................................ 10
3.
3.1 IO and peripherals ...........................................................................................................................................10
Pinout description ............................................................................................................................... 11
3.1.1
3.2 Typical connection and usage.......................................................................................................................... 12
4.
Configuration – Web interface ............................................................................................................................... 12
4.1 Network Configuration ....................................................................................................................................12
4.2 RFID.................................................................................................................................................................. 14
4.2.1
TCP client/server .................................................................................................................................14
4.3 Communication interfaces ..............................................................................................................................15
General configuration .........................................................................................................................15
4.3.1
4.3.2
UART configuration .............................................................................................................................15
4.3.3
Bluetooth............................................................................................................................................. 15
4.3.4
MQTT................................................................................................................................................... 16
REST API interface ...............................................................................................................................17
4.3.5
Web sockets ........................................................................................................................................17
4.3.6
4.4 Status ...............................................................................................................................................................18
4.5 Firmware upgrade ...........................................................................................................................................18
The newest User manual can be found on our
1
content/downloads/Pepper_C1 /C1_ User_manual.pdf
Manual version: V2.3
21/09/2023
= 25 °C) .........................................................................................................8
= 3.3V, T
DD
S
website:https://eccel.co.uk/wp-
1
1

Advertisement

Table of Contents
loading

Related Manuals for Eccel Pepper C1

Summary of Contents for Eccel Pepper C1

  • Page 1 Pepper C1 RFID Module User Manual Manual version: V2.3 21/09/2023 Introduction ................................7 1.1 Device Overview ..............................7 Electrical specification .............................. 8 2.1 Absolute maximum ratings..........................8 2.2 Operating conditions ............................8 = 25 °C) ......................8 2.3 DC characteristics (V = 3.3V, T 2.4 Current consumption (3.3V input) ........................9...
  • Page 2 4.6 Backup & Restore ............................19 Rescue mode and factory reset ..........................20 5.1 Rescue mode ..............................20 5.2 Automatic rescue mode ..........................20 5.3 Resetting module to factory defaults ......................20 Sleep mode ................................21 MQTT interface ............................... 23 7.1 Status frame ..............................23 7.2 RFID frame ...............................23 7.3 UART passthru frame............................
  • Page 3 12.1.1 Acknowledge frame (0x00) ......................... 33 12.1.2 Error response (0xFF) ..........................33 12.1.3 Dummy command (0x01) ........................35 12.1.4 Get tag count (0x02)..........................36 12.1.5 Get tag UID (0x03) ..........................36 12.1.6 Activate TAG (0x04)..........................37 12.1.7 Halt (0x05) ............................38 12.1.8 Set polling (0x06)..........................38 12.1.9 Set key (0x07) ............................38 12.1.10 Save keys (0x08) ..........................39 12.1.11 Network config (0x09).........................
  • Page 4 12.3.2 Write page (0x41) ..........................62 12.3.3 Get version (0x42) ..........................63 12.3.4 Read signature (0x43).......................... 63 12.3.5 Write signature (0x44) ........................64 12.3.6 Lock signature (0x45) ..........................64 12.3.7 Read counter (0x46) ..........................64 12.3.8 Increment counter (0x47) ........................65 12.3.9 Password auth (0x48).......................... 65 12.3.10 Ultralight-C authenticate (0x49)......................
  • Page 5 12.4.22 Write record (0x75) ..........................78 12.4.23 Read record (0x76) ..........................78 12.4.24 Clear records (0x77) ..........................79 12.4.25 Delete file (0x78) ..........................79 12.4.26 Get free memory (0x79) ........................79 12.4.27 Format memory (0x7A) ........................80 12.4.28 Commit transaction (0x7B) .........................80 12.4.29 Abort transaction (0x7C) ........................80 12.4.1 Get file settings file (0x7D) ........................81 12.4.2 Set file settings (0x7E) .........................82 12.5 ICODE (ISO15693) commands .........................83...
  • Page 6 12.5.22 Get multiple block protection status (0xA5) ..................93 12.5.23 Destroy (0xA6)............................. 93 12.5.24 Enable privacy (0xA7) ..........................94 12.5.25 Enable 64-bit password (0xA8)......................94 12.5.26 Read signature (0xA9) .........................95 12.5.27 Read config (0xAA) ..........................95 12.5.28 Write config (0xAB) ..........................96 12.5.29 Pick random ID (0xAC)......................... 96 13.
  • Page 7 • IoT interfaces: MQTT, WebSocket • High transponder read and write speed The Pepper C1 module is one of the family of Eccel Technology Ltd • -25°C to 85°C operating range (IB Technology) products with wireless connectivity by Wi-Fi 802.11b/g/n and Bluetooth SPP profile. Thanks to this, the •...
  • Page 8 Stresses beyond the absolute maximum ratings listed in the table below may cause permanent damage to the device. These are stress ratings only, and do not refer to the functional operation of the device that should follow the recommended operating conditions. Storage temperature 。C +125...
  • Page 9 RF field off (AP) PN_ RFOFF_ AP RF field on (AP) PN_ RFON_ AP RF field off (STA) PN_RFOFF_STA RF field on (STA) PN_ RFON_ STA RF field off PN_RFOFF RF field on PN_RFON Table 2-4. Current consumption...
  • Page 10 FLEX RFID antenna connector Antenna example: Pin nr 1 FLEX ANT1356 40x40 WiFi Antenna connector* Pin nr 11 *Recommended Wi-Fi antennas are MOLEXP/N: 2069940100 and 1461530250...
  • Page 11 5V regulated dc supply recommended. RFID section power supply pin. Can be left unconnected when R8 is populated. RFID RFID will be then powered from main 3.3V supply applied to pin nr 8 GPIO2 UART2 data transmit pin GPIO0 Button pin GPIO4 UART2 data receive pin UART0 data transmit pin...
  • Page 12 The Pepper C1 Module can be connected to a host (computer or another device) using UART0. In order to connect the module to a computer, a USB to UART converter will be required. By default, this UART0 interface can be used for communication using the binary protocol described below.
  • Page 13 Figure 4-1 Web interface. Network configuration - Access point. At this stage, change the Wi-Fi mode to Client, enter your SSID and the password. Change the IP, or set the Address type to Auto (DHCP Client). Optionally the user can change the Username and Password for the Web Interface. At the end of this process above, the Save &...
  • Page 14 Figure 4-2 Output console. New IP address in the client mode. The Pepper C1 is now configured as a client, connected to a TP-LINK_A734. The automatic generated IP number is 192.168.0.108. In this tab the user can change configuration for the default RFID behavior. This tab has three subcategories relating to RFID functionality and built in polling options: •...
  • Page 15 – this is optional password needed for wireless connections like TCP client/server and BLE service. On this configuration tab the user can select what will be provided on the UARTs available on the Pepper C1. Two UARTs are available •...
  • Page 16 The device has a built in MQTT client and this tab is used to configure parameters needed for this communication. When the MQTT service is enabled JSON frames with basic information about the tag is sent to the MQTT server. Please read MQTT interface description for more information about this interface and frame format.
  • Page 17 The device can also send frames in JSON format over REST API using the POST method. The user has to setup URL and authorization details if needed. This service also needs to have built in polling mode enabled. HTTPS protocol is also available but not recommended because of device performance.
  • Page 18 In the Upgrade tab, the user is able to upgrade the reader firmware. There are two options: select the binary file to upload, or make an OTA Upgrade (Over The Air), which is a powerful feature of the Pepper C1. By clicking the OTA Upgrade button, the firmware file will be downloaded directly from our websitewww.eccel.co.ukto the reader flash...
  • Page 19 In this tab the user can backup settings to the JSON file. This is a human readable format and therefore can be modified by the user. The backup file can be uploaded to any device with firmware higher than 2.0. and overwrites current settings in the device.
  • Page 20 If the user forgets the password to the module or if the settings for the Wi-Fi need to be updated, the Pepper C1 Module provides two modesto resolve this situation: the rescue mode and factory defaults reset. This mode is dedicated specifically to update Wi-Fi connection settings or to access the web interface when the Wi-Fi is disabled.
  • Page 21 The device is able to enter into sleep mode to reduce current consumption. This mode should be configured in the web interface on the Misc tab. The device can enter into sleep mode in two ways: • No TAG in the field for X seconds – the device will enter into sleep mode after this defined time. •...
  • Page 22 The device can exit from sleep mode by three methods: • After the specified timeout • After a Byte is received on the UART2 RX port – please remember that this byte will be ignored, and you have to wait at least 500ms before you can send any command over the UART interface •...
  • Page 23 When MQTT client is configured in the web configurator and it is connected to the server the Pepper C1 can send and receive frames in JSON format as described below. This frame is sent by the device to the server about the current status of the device. Currently it is only one frame with status startup.
  • Page 24 This frame requests the state on the GPIO pin (similar to CMD_GPIO). The host is limited to use only GPIO numbers 14,15,26. "event": "high", "gpio": This frame requests the toggle state on the GPIO pin (similar to CMD_GPIO) for a time specified in the field “time”. The host is limited to use only GPIO numbers 14,15,26.
  • Page 25 The Pepper C1 module can be controlled using a simple binary protocol available over UART0, the UART2 header, or a TCP IP socket. This binary protocol was designed to be as simple as possible to implement on the host side whilst still providing robust communication.
  • Page 26 CRC is a 16-bit CRC-CCITT with a polynomial equal to 0x1021. The initial value is set to 0xFFFF, the input data and the output CRC is not negated. In addition, no XOR is performed on the output value. Example C code is shown below. static const uint16_t CCITTCRCTable [256] = { 0x0000, 0x1021, 0x2042, 0x3063, 0x4084, 0x50a5, 0x60c6, 0x70e7, 0x8108, 0x9129, 0xa14a, 0xb16b,...
  • Page 27 0x95a8, 0x8589, 0xf56e, 0xe54f, 0xd52c, 0xc50d, 0x34e2, 0x24c3, 0x14a0, 0x0481, 0x7466, 0x6447, 0x5424, 0x4405, 0xa7db, 0xb7fa, 0x8799, 0x97b8, 0xe75f, 0xf77e, 0xc71d, 0xd73c, 0x26d3, 0x36f2, 0x0691, 0x16b0, 0x6657, 0x7676, 0x4615, 0x5634, 0xd94c, 0xc96d, 0xf90e, 0xe92f, 0x99c8, 0x89e9, 0xb98a, 0xa9ab, 0x5844, 0x4865, 0x7806, 0x6827, 0x18c0, 0x08e1, 0x3882, 0x28a3, 0xcb7d, 0xdb5c, 0xeb3f, 0xfb1e, 0x8bf9, 0x9bd8, 0xabbb, 0xbb9a, 0x4a75, 0x5a54, 0x6a37, 0x7a16, 0x0af1, 0x1ad0,...
  • Page 28 From firmware version 1.4 onwards, the Pepper C1 also provides Bluetooth Low Energy HID support. Thanks to this profile, the user can pair the Pepper C1 to a PC or smartphone like one would a normal keyboard and, if polling mode is enabled, the reader will send a key sequence corresponding to the UID (unique serial number) read from the TAG.
  • Page 29 To perform some operations on TAGs authority keys maybe required. The user can set these keys using the SET_KEY command anytime this is required. However it is also possible store up to 5 keys in non-volatile memory and the module will then load these keys after bootup. Storing keys in memory can be done in two ways: In the HTTP interface on the RFID tab and by using commands.
  • Page 30 In this mode the Pepper C1 device executes the continuous repeated enumerate tags UID command. Depending upon the polling settings in the web interface, the module can execute some actions as described below. Because the module has built in memory, the user can store known UIDs, and polling mode can trigger different actions depending upon whether the UID is stored in the memory or not.
  • Page 31 From firmware version 1.5 onwards, the Pepper C1 family supports reading memory content during the polling mode. This is useful if the user wants to read memory content + UID. The content of the memory is reported in two ways...
  • Page 32 This tab in the web interface is used to manage known UIDs stored in the device memory. Thanks to this, in standalone mode, the Pepper C1 can perform different actions for known and unknown UIDs. Figure 11-3 Web interface - know UID list...
  • Page 33 Commands are exchanged with the module using the protocol described above. All frames contain a command byte and command arguments. Depending upon the command, arguments can be optional, so a command length can be in the range from 1-1024 bytes. This is the response message from the module to the host.
  • Page 34 Here is the list with the most common errors: Mifare Desfire errors - layer byte 0x19 Error byte: 0x80 - MF DF Response - No changes done to backup files 0x81 - MF DF Response - Insufficient NV-Memory 0x82 - MF DF Invalid key number specified 0x83 - MF DF Current configuration/status does not allow the requested command 0x84 - MF DF Requested AID not found on PICC 0x85 - MF DF Attempt to read/write data from/to beyond the files/record's limits...
  • Page 35 Other layers errors: 0x01 - No reply received,e.g. PICC removal 0x02 - Wrong CRC or parity detected 0x03 - A collision occurred 0x04 - Attempt to write beyond buffer size 0x05 - Invalid frame format 0x06 - Received response violates protocol 0x07 - Authentication error 0x08 - A Read or Write error occurred in RAM/ROM or Flash 0x09 - The RC sensors signal over heating...
  • Page 36 The commandsend to the module to read how many TAGS are in range of the antenna no matter which technology of tag, so it returns the total amount present of all supported tag types. The maximum number for this standard discovery loop is 5.
  • Page 37 0x0S - Mifare Plus 4k sl2 0x0B - Mifare Plus 2k sl3 0x0C - Mifare Plus 4k sl3 0x0D - Mifare Desfire 0x0F - JCOP 0x10 – Mifare Mini 0x21 – ICODE Sli 0x22 – ICODE Sli-S 0x23 – ICODE Sli-L 0x24 –...
  • Page 38 C1=>HOST: 0x00 - ACK byte 0x04 - related command code ACTIVATE_TAG The Halt command takes no arguments. It halts the tag and turns off the RF field. It must be executed at the end of each operation on a tag to disable the antenna and reduce the power consumption. 0x05 HALT 0x00...
  • Page 39 Command description Argument Size Value Description Command ID 0x07 SET_KEY Key number Key number in Key Storage Memory. 0x00 - AES 128 Key. (length = 16 bytes) 0x01 - AES 192 Key. (length = 24 bytes) 0x02 - AES 256 Key. (length = 32 bytes) 0 - 6 Key type 0x03 - DES Single Key.
  • Page 40 This command should be used to setup or read network parameters. Depending upon the second byte of the command, different parameters of the network configuration can be changed. Below is the full list of possible network parameters. Also, the ACK response contains a byte detailing the parameters that have been set. To read current settings the host should send the request without parameters, the ACK response contains current settings of this requested field.
  • Page 41 Command description Argument Size Value Description Command ID 0x09 NET_CFG Subcommand ID Wi-Fi authorization mode subcommand 0x01 0x00 – Open 0x01 – WEP 0x02 – WPA PSK Mode 0x03 – WPA2_PSK 0x04 - WPA_WPA2_PSK 0x05 - WPA2_ENTERPRISE Response description 0x00 Command ID 0x09 NET_CFG...
  • Page 42 This command sets/gets the SSID for the Wi-Fi adapter. Depending upon mode configuration, this setting will be applied to Access Point or Client. 0x09 NET_CFG 0x03 Wi-Fi SSID subcommand 1-32 SSID - network name 0x00 0x09 NET_CFG 0x03 Wi-Fi SSID subcommand 1-32 SSID - network name HOST=>C1: 0x09 –...
  • Page 43 This command gets one argument to setup network address mode: DHCP client or static IP address. In the case of static IP being selected, the user needs to provide IP addresses for the module IP, netmask, gateway and DNS. 0x09 NET_CFG 0x05 IP address mode subcommand...
  • Page 44 0x0B – Web password subcommand This command requests a software reboot for the Pepper C1 module. After this command the device will not accept any protocol commands for 1 second. In case of communication over Wi-Fi this time can be longer and depends upon network configuration.
  • Page 45 TCP server on the client is selected as the main communication interface. This option can be really useful when an application requires communication with an external device, and thanks to the built in Wi-Fi interface, the Pepper C1 can act as a bidirectional Wi-Fi to UART bridge.
  • Page 46 This command requests the device to enter in to sleep mode. Please read the “Sleep mode” chapter to get more information about this feature. 0x0D SLEEP 0x00 0x0D SLEEP HOST=>C1: 0x0D – SLEEP C1=>HOST: 0x00 – ACK byte 0x0C – related command code SLEEP This command should be used to setup GPIO pins on the J1 header.
  • Page 47 Example1 - setup GPIO4 as input port with pull up enabled: HOST=>C1: 0x0E – GPIO command 0x01 – input port with PULL UP enabled 0x04 – GPIO14 C1=>HOST: 0x00 – ACK byte 0x0E – related command code GPIO Example2 - read state of GPIO port: HOST=>C1: 0x0E –...
  • Page 48 0x11 – related command code FACTORY_RESET From firmware version 1.7 onwards, the Pepper C1 reader supports protocol authorization for wireless interfaces like BLE service and TCP client and server. This option helps to protect these interfaces from unauthorized access. If this password is set in the configuration, then the user has to use this command every time in order to establish and authorize a new connection with the reader, before executing other commands.
  • Page 49 HOST=>C1: 0x12 – PROTOCOL_AUTH 0x02 – query for password C1=>HOST: 0x00 – ACK byte 0x12 – related command code PROTOCOL_AUTH 0x31 0x32 0x33 0x34 0x35 0x36 0x37 – password bytes This set of frames can be used to setup all parameters for different communication methods. The first byte is the subtype of the frame.
  • Page 50 C1=>HOST: 0x00 – ACK byte 0x13 - PROTOCOL_CONFIG 0x00 – general settings subcommand 0x00 – MDNS disabled 0x01 – UDP discovery enabled 0x10 – device name length 0x50 0x65 0x70 0x70 0x65 0x72 0x5f 0x43 0x31 0x2d 0x31 0x41 0x36 0x34 0x44 0x34 – device name bytes With this command the host can setup UART parameters.
  • Page 51 Option bytes description Protocol Size Value Description Modbus/ RS485 binary Device address on RS485 Passthru Wifi connected frame length X bytes Passthru Wifi connected frame bytes Passthru Passthru Wifi disconnected frame length X bytes Passthru Wifi disconnected frame bytes Example: HOST=>C1: 0x13 –...
  • Page 52 This command should be used to setup TCP client parameters. 0x13 PROTOCOL_CONFIG 0x03 TCP client subcommand ID 0x00 – disabled, 0x01 – enabled Port two bytes LSB first Timeout in seconds, LSB first server address as ASCII bytes 0x00 0x13 PROTOCOL_CONFIG 0x03 TCP client subcommand ID...
  • Page 53 Example: HOST=>C1: 0x13 – PROTOCOL_CONFIG 0x04 – Bluetooth subcommand ID 0x01 – SPP service enabled 0x31 0x32 0x33 0x34 – SPP pin ‘1234’ C1=>HOST: 0x00 – ACK byte 0x13 – related command code PROTOCOL_CONFIG 0x04 – Bluetooth subcommand ID This command should be used to setup MQTT parameters. Command description Argument Size...
  • Page 54 C1=>HOST: 0x00 – ACK byte 0x13 – related command code PROTOCOL_CONFIG 0x05 – MQTT subcommand ID This command should be used to set up the REST API parameters. REST API can work over HTTP and HTTPS but the secure version needs a lot of memory and therefore may not work with Bluetooth services enabled at the sametime. It is also recommended to setup “Ignore the last TAG”...
  • Page 55 This command should be used to setup Web server settings. 0x13 PROTOCOL_CONFIG Web socket subcommand ID 0x07 0x00 – disabled, 0x01 – enabled URL name length URL name as ASCII bytes 0x00 0x13 PROTOCOL_CONFIG 0x07 Web socket subcommand ID HOST=>C1: 0x13 – PROTOCOL_CONFIG 0x07 –...
  • Page 56 This set of commands should be performed on Mifare Classics tags. The read block command should be used to read data from the tag. It takes as arguments the block number of the first block to read, the number of blocks to read, the key A or B parameter, and the key number in key storage. The returned ACK answer contains data read from the specified tag memory.
  • Page 57 0x0A – Key A should be selected from key storage Key A/B parameter 0x0B – Key B should be selected from key storage Key number Key number in key storage Bytes to write. Number of this bytes must be number of requested Y*16 Bytes to write blocks multiplied by 16.
  • Page 58 C1=>HOST: 0x00 – ACK byte 0x22 – related command code MF_READ_BLOCK 0x00 0x00 0x00 0x01 – value 0x01 – address byte This command should be used to write a value to the tag. It takes as arguments the block number where the value should be stored, the key A or B parameter, the key number in key storage,a value (signed 32-bit LSB first) as 4 bytes, and an address byte (unsigned 8-bit value).
  • Page 59 Delta value Signed 32-bit value (LSB first) 0x00 – Decrement by delta value Increment/Decrement 0x01 – Increment by delta value Response description 0x00 Command ID 0x24 MF_INCREMENT_VALUE Example: HOST=>C1: 0x24 – MF_INCREMENT_VALUE 0x02 – block number 2 0x0A – key A should be selected from key storage 0x00 –...
  • Page 60 Command description Argument Size Value Description Command ID 0x26 MF_RESTORE_VALUE Block number 0x0A – Key A should be selected from key storage Key A/B parameter 0x0B – Key B should be selected from key storage Key number Key number in key storage Response description 0x00 Command ID...
  • Page 61 C1=>HOST: 0x00 – ACK byte 0x27 – related command code MF_TRANSFER_RESTORE_BLOCK...
  • Page 62 This set of commands should be performed on Mifare Ultralight tags. The read page command should be used to read data stored in tag pages. It takes as arguments the page number of the first page to be read, and the number of pages to be read. The returned ACK answer contains data read from the specified tag memory.
  • Page 63 Example: HOST=>C1: 0x41 – MFU_WRITE_PAGE 0x02 – page number 2 0x02 – two pages to write 0x31 0x35 0x3a 0x33 0x35 0x3a 0x30 0x33 – 32 bytes to write C1=>HOST: 0x00 – ACK byte 0x41 – related command code MFU_WRITE_PAGE This command requests a version string from the TAG.
  • Page 64 This command writes the signature information to the Mifare Ultralight Nano TAG. It takes as arguments relative page location of the signature part to be written and four bytes of signature value to be written. 0x44 MFU_WRITE_SIGNATURE Relative page location of the signature part to be written Bytes of signature value to be written to the specified relative page address 0x00...
  • Page 65 Command description Argument Size Value Description Command ID 0x46 MFU_READ_COUNTER Counter number Counter number Response description 0x00 Command ID 0x46 MFU_READ_COUNTER Counter value Unsigned 24-bit value, LSB first Example: HOST=>C1: 0x46 – MFU_READ_COUNTER 0x01 – counter number C1=>HOST: 0x00 – ACK byte 0x46 –...

  • Page 66: Table Of Contents

    Command ID 0x48 MFU_PASSWORD_AUTH PACK Password acknowledge bytes Example: HOST=>C1: 0x48 – MFU_PASSWORD_AUTH 0x00 0x00 0x00 0x00 – password C1=>HOST: 0x00 – ACK byte 0x48 – related command code MFU_PASSWORD_AUTH 0x00 0x00 – password acknowledge bytes This command tries to authenticate the Mifare Ultralight-C tag using the password stored in the key storage. It takes as an argument one byte with the key number in the key storage.
  • Page 67 C1=>HOST: 0x00 – ACK byte 0x49 – related command code MFU_CHECKEVENT 0x01 – tearing event occurred...
  • Page 68 This set of commands should be performed on Mifare Desfire tags. This command requests version information from the tag. The returned ACK answer contains 28-bytes with version information. 0x60 MFDF_GET_VERSION 0x00 0x60 MFDF_GET_VERSION Version bytes read from the tag HOST=>C1: 0x60 – MFDF_GET_VERSION C1=>HOST: 0x00 –...
  • Page 69 Command description Argument Size Value Description Command ID 0x62 MFDF_LIST_APP_IDS Response description 0x00 Command ID 0x62 MFDF_LIST_APP_IDS Application IDs Bytes with applications IDs Example: HOST=>C1: 0x62 – MFDF_LIST_APP_IDS – ACK byte C1=>HOST: 0x00 0x62 – related command code MFDF_LIST_APP_IDS 0x00 0x00 0x01 –...

  • Page 70: Argument Size Command Id

    Command description Argument Size Value Description Command ID 0x64 MFDF_AUTHENTICATE Key number in storage Key number in key storage Key number on card Key number on card Response description 0x00 Command ID 0x64 MFDF_AUTHENTICATE Example: HOST=>C1: 0x64 – MFDF_AUTHENTICATE 0x00 – key number C1=>HOST: 0x00 –...

  • Page 71: Command Id Example

    Response description 0x00 Command ID 0x66 MFDF_AUTHENTICATE_ISO Example: HOST=>C1: 0x66 – MFDF_AUTHENTICATE_AES 0x00 – key number C1=>HOST: 0x00 – ACK byte 0x66 – related command code MFDF_AUTHENTICATE_AES This command tries to create application on the tag. It takes three arguments: 3-bytes of application ID, the keySettings1 byte and the keySettings2 byte.

  • Page 72: Key Number In Key Storage

    HOST=>C1: 0x68 – MFDF_DELETE_APP 0x01 0x02 0x03 – application ID C1=>HOST: 0x00 – ACK byte 0x68 – related command code MFDF_DELETE_APP This command tries to change the key for the selected application. It takes three arguments: the old key number from key storage, the new key number in the key storage and the key number on the card.
  • Page 73 This command changes the key settings bytes for the selected and authorized application. It takes one argument, 2- byes long with key settings. 0x6B MFDF_CHANGE_KEY_SETTINGS Key settings bytes 0x00 0x6B MFDF_CHANGE_KEY_SETTINGS HOST=>C1: 0x6B – MFDF_GET_KEY_SETTINGS 0x01 0x02 – key settings bytes C1=>HOST: 0x00 –...
  • Page 74 This command writes data to standard data files or backup data files. It takes three arguments: the file number, the offset in the file where data should be stored, and the data bytes to be written. To store data on the TAG,a commit transaction command is required.
  • Page 75 This command creates files for the storage and manipulation of 32bit signed integer values within an existing application on the TAG. It takes seven arguments listed in the table below. 0x6F MFDF_CREATE_VALUE_FILE File number inside application Please refer to the NXP documentation for more information Low limit as 4-bytes signed value, LSB first Up limit as 4-bytes signed value, LSB first Initial value as 4-bytes signed value, LSB first...

  • Page 76: Response Description

    Example: HOST=>C1: 0x70 – MFDF_GET_VALUE 0x02 – file number C1=>HOST: 0x00 – ACK byte 0x70 – related command code MFDF_GET_VALUE 0x05 0x00 0x00 0x00 – 4 bytes signed value, LSB first This command increases a value stored in a value file on the TAG. Command description Argument Size...
  • Page 77 This command decreases a value stored in a value file on the TAG. 0x73 MFDF_DEBIT File number inside application 4 bytes signed value, LSB first 0x00 0x73 MFDF_DEBIT HOST=>C1: 0x73 – MFDF_DEBIT 0x02 – file number 0x05 0x00 0x00 0x00 – 4 bytes signed value, LSB first C1=>HOST: 0x00 –...
  • Page 78 C1=>HOST: 0x00 – ACK byte 0x74 – related command code MFDF_CREATE_VALUE_FILE This command writes data to a record file. It takes two arguments: the file number and the data bytes to be written. To store data on the TAG,a commit transaction command is required. 0x75 MFDF_WRITE_RECORD_DATA File number inside application...
  • Page 79 This command resets cyclic or lineal record files. It takes as an argument the file number. 0x77 MFDF_CLEAR_RECORDS File number inside application 0x00 0x77 MFDF_CLEAR_RECORDS HOST=>C1: 0x77 – MFDF_CLEAR_RECORDS 0x01 – file number C1=>HOST: 0x00 – ACK byte 0x77 – related command code MFDF_CLEAR_RECORDS This command permanently deactivates a file within the file directory of the currently selected application.
  • Page 80 Free memory Free memory, 4-bytes, LSB first Example: HOST=>C1: 0x79 – MFDF_GET_FREE_MEM C1=>HOST: 0x00 – ACK byte 0x79 – related command code MFDF_GET_FREE_MEM 0x00 0x08 0x00 0x00 – free memory This command releases user memory in the TAG. No arguments are required. Command description Argument Value Description...
  • Page 81 Command description Argument Size Value Description Command ID 0x7C MFDF_ABORT_TRANSACTION Response description 0x00 Command ID 0x7C MFDF_ABORT_TRANSACTION Example: HOST=>C1: 0x7C – MFDF_ABORT_TRANSACTION C1=>HOST: 0x00 – ACK byte 0x7C – related command code MFDF_ABORT_TRANSACTION This command gets settings for the selected file. The format of the settings bytes depends on the file type. Command description Argument Value Description...
  • Page 82 0xEE 0xEE – access rights 0x20 0x00 0x00 – file size 32 bytes, LSB first This command sets new access rights for the selected file. 0x7E MFDF_SET_FILE_SETTINGS File number inside application Please refer to the NXP documentation for more information 0x00 0x7E MFDF_WRITE_DATA...
  • Page 83 This set of commands should be performed on ICODE (ISO15693) TAGs. This command starts the inventory procedure on ISO 15693 TAGs. It activates the first TAG detected during collision resolution. If no TAGs are detected, then an error with a timeout flag is returned. This command takes one argument AFI - Application Family Identifier.
  • Page 84 0x00 Command ID 0x91 ICODE_INVENTORY_NEXT Unique identifier DSFID Data Storage Format Identifier 0x00 – no more cards in range of antenna More cards flag 0x01 – more cards in range of antenna Example: HOST=>C1: 0x91 – ICODE_INVENTORY_NEXT 0x00 – Application Family Identifier C1=>HOST: 0x00 –...
  • Page 85 0x00 Command ID 0x93 ICODE_READ_BLOCK Read data Bytes read from the tag. Example: HOST=>C1: 0x93 – ICODE_READ_BLOCK 0x02 – block number 2 0x01 – 1 block to read C1=>HOST: 0x00 – ACK byte 0x93 – related command code ICODE_READ_BLOCK 0x35 0x3a 0x30 0x33 – 4 bytes block data The write block command should be used to write data to the tag.
  • Page 86 Command ID 0x95 ICODE_LOCK_BLOCK Example: HOST=>C1: 0x95 – ICODE_LOCK_BLOCK 0x02 – block number 2 C1=>HOST: 0x00 – ACK byte 0x95 – related command code ICODE_LOCK_BLOCK This command performs a write to Application Family Identifier value inside the TAG memory. The command takes a one-byte argument representing the AFI value.
  • Page 87 This command performs a write to Data Storage Format Identifier value inside the TAG memory. This command takes a one-byte argument representing the DSFID value. 0x98 ICODE_WRITE_DSFID 0x00 0x98 ICODE_WRITE_DSFID HOST=>C1: 0x98 – ICODE_WRITE_DSFID 0xAA – new Data Storage Format Identifier value C1=>HOST: 0x00 –...
  • Page 88 System information System information bytes Example: HOST=>C1: 0x9A – ICODE_GET_SYSTEM_INFORMATION C1=>HOST: 0x00 – ACK byte 0x9A – related command code ICODE_GET_SYSTEM_INFORMATION 0x0F 0x04 0x8F 0x7F 0x0A 0x01 0x24 0x16 0xE0 0x00 0x00 0x33 0x03 0x02 – result bytes This command performs get multiple block security status command on the TAG. It takes as arguments the block number for which the status should be returned and the number of blocks to be used for returning the status.
  • Page 89 Example: HOST=>C1: 0x9C – ICODE_PASSWORD_PROTECT_AFI C1=>HOST: 0x00 – ACK byte 0x9C – related command code ICODE_PASSWORD_PROTECT_AFI This command reads EPC data from the TAG. The ACK response contains 12-bytes of EPC data. Please refer to the NXP documentation for more information. Command description Argument Value Description...
  • Page 90 This command requests a random number from the ICODE TAG. No arguments are required. The ACK response contains a 16-bit random number. This value should be used with ICODE_SET_PASSWORD command. 0x9F ICODE_GET_RANDOM_NUMBER 0x00 0x9F ICODE_GET_RANDOM_NUMBER 16-bits random number HOST=>C1: 0x9F – ICODE_GET_RANDOM_NUMBER C1=>HOST: 0x00 –...
  • Page 91 C1=>HOST: 0x00 – ACK byte 0xA0 – related command code ICODE_SET_PASSWORD This command writes a new password to a selected identifier. With this command, a new password is written into the related memory. Note that the old password has to be transmitted before with ICODE_SET_PASSWORD. The new password takes effect immediately which means that the new password has to be transmitted with ICODE_SET_PASSWORD to get access to the protected blocks/pages.
  • Page 92 Example: HOST=>C1: 0xA2 – ICODE_LOCK_PASSWORD 0x02 – write password C1=>HOST: 0x00 – ACK byte 0xA2 – related command code ICODE_LOCK_PASSWORD This command changes the protection status of a page. Note that the related passwords have to be transmitted before with ICODE_SET_PASSWORD if the page is not public. Please refer to the NXP documentation for more information. Command description Argument Size...
  • Page 93 Command description Argument Size Value Description Command ID 0xA4 ICODE_LOCK_PAGE_PROTECTION Page number Response description 0x00 Command ID 0xA4 ICODE_LOCK_PAGE_PROTECTION Example: HOST=>C1: 0xA4 – ICODE_LOCK_PAGE_PROTECTION 0x02 – page number C1=>HOST: 0x00 – ACK byte 0xA4 – related command code ICODE_LOCK_PAGE_PROTECTION This instructs the label to return the block protection status of the requested blocks. It takes as arguments the first block number to get the block protection status and the number of blocks.
  • Page 94 Command description Argument Size Value Description Command ID 0xA6 ICODE_DESTROY XOR password Optional XOR password Response description 0x00 Command ID 0xA6 ICODE_DESTROY Example: HOST=>C1: 0xA6 – ICODE_DESTROY C1=>HOST: 0x00 – ACK byte 0xA6 – related command code ICODE_DESTROY This command instructs the label to enter privacy mode. In privacy mode, the label will only respond to ICODE_GET_RANDOM_NUMBER and ICODE_SET_PASSWORD commands.
  • Page 95 HOST=>C1: 0xA8 – ICODE_ENABLE_64BIT_PASSWORD C1=>HOST: 0x00 – ACK byte 0xA8 – related command code ICODE_ENABLE_64BIT_PASSWORD This command reads the signature bytes from the TAG. No arguments are required. The ACK response contains bytes containing the signature bytes. Please refer to the NXP documentation for more information. 0xA9 ICODE_READ_SIGNATURE 0x00...
  • Page 96 0xAA – related command code ICODE_READ_CONFIG 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 – result bytes This command writes configuration bytes to addressed block data from the selected configuration block address. It takes three arguments: the option byte, the block number and the configuration bytes. Please refer to the NXP documentation for more information.
  • Page 97 The commands listed below can be used to perform an OTA upgrade. The latest OTA file is always available here: http://eccel.co.uk/wp-content/downloads/Pepper_C1/Pepper_C1.bin This command must be executed to start the OTA upgrade process. The device responds with an ACK frame when the command is finished.
  • Page 98 Command description Argument Size Value Description Command ID 0x0F2 OTA finish Response description 0x00 Command ID OTA finish 0xF2 Example: HOST=>READER: 0xF4 – OTA finish READER=>HOST: 0x00 – ACK byte 0xF4 – related command code OTA finish...
  • Page 99 All dimensions are in mm. Figure 14-1...
  • Page 100 This device complies with part 15 of the FCC rules. Operation is subject to the following two conditions: (1) this device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. Changes or modifications not expressly approved by the party responsible for compliance could void the user’...
  • Page 101 As long as the three conditions above are met, further transmitter testing will not be required. However, the OEM integrator is still responsible for testing their end-product for any additional compliance requirements required with this module installed. Important Note: In the event that these conditions cannot be met (for example certain laptop configurations or co-location with another transmitter), then the FCC authorization is no longer considered valid and the FCC ID cannot be used on the final product.
  • Page 102 Integration instructions for host product manufacturers according to KDB 99 63 69 D0 3 OEM Manual v01 r01 List of applicable FCC rules CFR 47 FCC PART 15 SUBPART C has been investigated. It is applicable to the modular transmitter Specific operational use conditions This module is stand-alone modular.
  • Page 103 NFC Antenna 3 RFID-ANT1356-50×50 PCB Antenna Socket 0dBi 13.56MHz (Cable -800 length:800mm) NFC Antenna 4 RFID-ANT1356-80×80 PCB Antenna Socket 0dBi 13.56MHz (Cable -300 length:300mm) NFC Antenna 5 RFID-ANT1356-80×80 PCB Antenna Socket 0dBi 13.56MHz (Cable -800 length:800mm) NFC Antenna 6 RFID-ANT1356-10×50 PCB Antenna Socket 0dBi...
  • Page 104 This device complies with Industry Canada license-exempt RSS standard(s). Operation is subject to the following two conditions: (1) This device may not cause interference, and (2) This device must accept any interference, including interference that may cause undesired operation of the device. The digital apparatus complies with Canadian CAN ICES-3 (B)/NMB-3(B).
  • Page 105 No responsibility is taken for the method of integration or final use of the C1 modules More information about the C1 module and other products can be found at the Internet site: http://www.eccel.co.uk or alternatively contact ECCEL Technology (IB Technology) bye-mail at: sales@eccel.co.uk...

Table of Contents