1
edit
Changes
Jump to navigation
Jump to search
Line 3:
Line 3: − A total of 6 sessions can be open simultaneously for all of these services combined.+ Line 33:
Line 33: − + Line 102:
Line 102: − This service seems to be intended for use only on dev-units(or at least some of the command(s)).+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Line 118:
Line 219: + + + + Line 141:
Line 246: + Line 147:
Line 253: − + − + + − + − + − + + − + + − + − + + − + − + − + + − + + Line 183:
Line 295: − + − + − + + − + − + − + + − + − + − + + + Line 207:
Line 323: − + + − + − + − + + − + − + − + + − + − + − + − + + − + − + − + + − + − + − + + − + − + − + − + + − + − + − + + + − + − + + − + − + + − + − + + Line 279:
Line 407: + Line 285:
Line 414: − + − + − + − + + + Line 297:
Line 428: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Line 425:
Line 606: + + + + + + + + + + − + + + Line 497:
Line 690: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
→NFC management service "nfc:m": Added information about 0x402 coommand in nfc:m.
On New3DS NFC module uses the [[I2C_Registers|NFC]] hardware via the [[I2C_Services|i2c::NFC]] and [[GPIO_Services|gpio:NFC]] services. On Old3DS NFC module communicates with a NFC peripheral via IR with the IRUSER service.
On New3DS NFC module uses the [[I2C_Registers|NFC]] hardware via the [[I2C_Services|i2c::NFC]] and [[GPIO_Services|gpio:NFC]] services. On Old3DS NFC module communicates with a NFC peripheral via IR with the IRUSER service.
Only 1 session can be open for all of these services combined. Commands for each service are handled by the main-thread.
=NFC services=
=NFC services=
| void
| void
| s32 result, u32 unknownA[16]
| s32 result, u32 unknownA[16]
| Output seems to be a struct
| Output seems to be a struct. unknownA[2]'s value is the AppID of the Amiibo.
|-
|-
| 0x04030000
| 0x04030000
==NFC development service "nfc:dev"==
==NFC development service "nfc:dev"==
{| class="wikitable" border="1"
|-
! Command header
! Available since system-version
! Description
|-
| 0x00110100
|
| [[NFCDEV:ReadRawPages|ReadRawPages]]
|-
| 0x001200C0
|
| [[NFCDEV:WriteRawPage|WriteRawPage]]
|}
Some of these commands seems to be intended for use only on dev-units.
Unlike the New3DS NFC-module, at least some of these commands are stubbed in the Old3DS NFC-module(only returns an error).
Unlike the New3DS NFC-module, at least some of these commands are stubbed in the Old3DS NFC-module(only returns an error).
==NFC service "nfc:p"==
==NFC service "nfc:p"==
{| class="wikitable" border="1"
|-
! Command header
! Available since system-version
! Description
|-
| 0x00010000
|
| Initialize
|-
| 0x00020000
|
| Shutdown
|-
| 0x00030080
|
| (unk0, unk1) ?
|-
| 0x00040000
|
| ?
|-
| 0x000500C2
|
| [[NFCP:SendTagCommand|SendTagCommand]]
|-
| 0x00060000
|
| GetTagInfo
|-
| 0x00070000
|
| GetTagState maybe? Writes an output value to cmdreply[2].
|-
| 0x00080000
|
| Writes a handle to cmdreply[3].
|-
| 0x00090000
|
| Writes a handle to cmdreply[3].
|-
| 0x000A0000
|
| Unknown. Writes an output value to cmdreply[2].
|-
| 0x000B0000
|
| Unknown. Writes 0x60-bytes of output starting at cmdreply[2]. u16 +0 is the size of the data at +4, +2 is not initialized, u8 +3 is loaded from state, u32 +0x2C is loaded from state, and the data at +4 with the previously mentioned size is copied from state.
|-
| 0x000C0040
|
| (u32 outputsize) Writes output to static_buf_id=0, outputsize 1 is used when it's >=1.
|-
| 0x000D0040
|
| (u32 outputsize) Writes output to static_buf_id=0, outputsize 1 is used when it's >=1.
|-
| 0x000E0080
|
| (u8 unk, u32 outputsize) Writes output to static_buf_id=0, outputsize 2 is used when it's >=2.
|-
| 0x000F0040
|
| (u32 outputsize) Writes output to static_buf_id=0, outputsize 2 is used when it's >=2.
|-
| 0x00100000
|
| Unknown.
|-
| 0x00110000
|
| Unknown.
|-
| 0x00120000
|
| Unknown. Writes an output u32 to cmdreply[2].
|-
| 0x00130000
|
| Unknown. Writes an output u32 to cmdreply[2].
|}
This service is used by the mint library-applet, starting with [[9.3.0-21]]. This service was added to the mint service-access-control list with [[9.0.0-20]].
This service is used by the mint library-applet, starting with [[9.3.0-21]]. This service was added to the mint service-access-control list with [[9.0.0-20]].
The mint process is the only known eShop-related process using this service([[eShop]]-application and NIM-module don't use it). Used for NFC card payments in JPN [[eShop]](the v16384 mint title is ''identical'' for USA/JPN besides programIDs in the NCCH header/exheader).
JPN eShop game "Megami Meguri" uses these same JPN NFC cards. The only accessible NFC service is nfcu.
==NFC service "nfc:r"==
==NFC service "nfc:r"==
! Available since system-version
! Available since system-version
! Description
! Description
|-
| 0x00130102
|
| [[NFCS:SendTagCommand|SendTagCommand]]
|-
|-
| 0x00230000
| 0x00230000
|-
|-
! Command Header
! Command Header
! Available since system-version
! Name
! Name
! Input
! Input
|-
|-
| 0x00010040
| 0x00010040
| nfcInit
|
| u8 unknownA, can be 1 or 2.
| [[NFC:Initialize|Initialize]]
| u8 inputval
| s32 result
| s32 result
| The two input values appear have the same result, except in addition NFC module will call some more functions with value 2. NFC module will eventually execute the savedata writing code referenced in the below savedata section with this command.
|
|-
|-
| 0x00020040
| 0x00020040
| nfcStop
|
| u8 unknownA
| [[NFC:Shutdown|Shutdown]]
| u8 inputval
| s32 result
| s32 result
|
|
|-
|-
| 0x00030000
| 0x00030000
| ???
|
| [[NFC:StartCommunication|StartCommunication]]
| void
| void
| s32 result
| s32 result
|
|
|-
|-
| 0x00040000
| 0x00040000
| ???
|
| [[NFC:StopCommunication|StopCommunication]]
| void
| void
| s32 result
| s32 result
|
|
|-
|-
| 0x00050040
| 0x00050040
| ???
|
| u16 unknownA
| [[NFC:StartTagScanning|StartTagScanning]]
| u16 inval
| s32 result
| s32 result
|
|
|-
|-
| 0x00060000
| 0x00060000
| ???
|
| [[NFC:StopTagScanning|StopTagScanning]]
| void
| void
| s32 result
| s32 result
|-
|-
| 0x00070000
| 0x00070000
| ???
|
| void
| [[NFC:LoadAmiiboData|LoadAmiiboData]]
| s32 result
|
|
|
|
|-
|-
| 0x00080000
| 0x00080000
| ???
|
| void
| [[NFC:ResetTagScanState|ResetTagScanState]]
| s32 result
|
|
|
|
|-
|-
| 0x00090002
| 0x00090002
| ???
|
| u32 pid, u32 pidPlaceholder
| [[NFC:UpdateStoredAmiiboData|UpdateStoredAmiiboData]]
| s32 result
|
|
|
|
|-
|-
| 0x000A0000
| 0x000A0000
|
| ???
| ???
| void
| void
|-
|-
| 0x000B0000
| 0x000B0000
| ???
|
| GetTagInRangeEvent(?)
| void
| void
| s32 result, u32 unknownA, u32 unknownB
| s32 result, u32 copy handle descriptor, Handle event
| amiibo applet ignores value unknownA. It doesn't even read it from the command buffer.
| amiibo applet ignores value 'descriptor'. It doesn't even read it from the command buffer.
|-
|-
| 0x000C0000
| 0x000C0000
| ???
|
| GetTagOutOfRangeEvent(?)
| void
| void
| s32 result, u32 unknownA, u32 unknownB
| s32 result, u32 copy handle descriptor, Handle event
| amiibo applet also ignores value unknownA for this command.
| amiibo applet also ignores value 'descriptor' for this command.
|-
|-
| 0x000D0000
| 0x000D0000
| ???
|
| [[NFC:GetTagState|GetTagState]]
| void
| void
| s32 result, u8 unknownA
| s32 result, u8 outval
|
|
|-
|-
| 0x000F0000
| 0x000F0000
| ???
|
| void
| [[NFC:CommunicationGetStatus|CommunicationGetStatus]]
| u32 result, u32 unknownA
|
|
|
|
|-
|-
| 0x00100000
| 0x00100000
| ???
|
| void
| [[NFC:GetTagInfo2|GetTagInfo2]]
| s32 result, u32 unknownA[24]
|
|
|
|
|-
|-
| 0x00110000
| 0x00110000
| ???
|
| void
| [[NFC:GetTagInfo|GetTagInfo]]
| s32 result, u32 unknownA[8], u32 unknownB[2], u32 unknownC
|
|
|
|
|-
|-
| 0x00120000
| 0x00120000
| ???
|
| void
| [[NFC:CommunicationGetResult|CommunicationGetResult]]
| s32 result, u32 unknownA
|
|
|
|
|-
|-
| 0x00130040
| 0x00130040
| ???
|
| u32 unknownA
| [[NFC:OpenAppData|OpenAppData]]
| s32 result
|
|
|
|
|-
|-
| 0x00140384
| 0x00140384
|
| [[NFC:InitializeWriteAppData|InitializeWriteAppData]]
| [[NFC:InitializeWriteAppData|InitializeWriteAppData]]
| u32 unknownA, u32 unknownB, u8 unknownB[48], u32 pid, u32 pidPlaceholder, u32 (buffer_size << 14) <nowiki>|</nowiki> 0x00000002, void * buffer
|
| s32 result
|
|
|
|-
|-
| 0x00150040
| 0x00150040
|
| [[NFC:ReadAppData|ReadAppData]]
| [[NFC:ReadAppData|ReadAppData]]
| u32 unknownA
|
| s32 result
|
|
|
|-
|-
| 0x00160242
| 0x00160242
|
| [[NFC:WriteAppData|WriteAppData]]
| [[NFC:WriteAppData|WriteAppData]]
| u32 unknownA, u8 unknownB[32], u32 (buffer_size << 14) <nowiki>|</nowiki> 0x00000002, void * buffer
|
| s32 result
|
|
|
|-
|-
| 0x00170000
| 0x00170000
|
| [[NFC:GetAmiiboSettings|GetAmiiboSettings]]
| [[NFC:GetAmiiboSettings|GetAmiiboSettings]]
|
|
|-
|-
| 0x00180000
| 0x00180000
|
| [[NFC:GetAmiiboConfig|GetAmiiboConfig]]
| [[NFC:GetAmiiboConfig|GetAmiiboConfig]]
|
|
|-
|-
| 0x00190000
| 0x00190000
| ???
|
| void
| [[NFC:GetAppDataInitStruct|GetAppDataInitStruct]]
| s32 result, u32 unknownA[8], u32 unknownB[4], u64 unknownC, u32 unknownD
|
| Apparently output is a struct
|
|
|-
|-
| 0x001A0000
| 0x001A0000
|
|
|
| None
| None
|-
|-
| 0x001B0000
| 0x001B0000
|
|
|
| None
| None
| 0x36-byte output structure starting at cmdreply[2].
| 0x36-byte output structure starting at cmdreply[2].
|
|
|-
| 0x001C0040
| [[9.6.0-24|9.6.0-X]]
|
| u8 inputval
| No additional output.
| ?
|-
| 0x001D0040
| [[9.6.0-24|9.6.0-X]]
|
| u32 inputval
| No additional output.
| ?
|-
| 0x001E0040
| [[9.6.0-24|9.6.0-X]]
|
| u8 inputval
| u8 outval at cmdreply[2].
| ?
|-
| 0x001F0080
| [[10.0.0-27|10.0.0-X]]
| [[NFC:StartOtherTagScanning|StartOtherTagScanning]]
|
|
| Used by JPN eShop app "Megami Meguri".
|-
| 0x00200102
| [[10.0.0-27|10.0.0-X]]
| [[NFC:SendTagCommand|SendTagCommand]]
|
|
|
|-
| 0x00210000
| [[10.0.0-27|10.0.0-X]]
| ?
|
|
| Used by JPN eShop app "Megami Meguri". This can only be used when [[NFC:Initialize|initialized]] with type3, and when the [[NFC:GetTagState|TagState]] is 3.
|-
| 0x00220000
| [[10.0.0-27|10.0.0-X]]
| ?
|
|
| This can only be used when [[NFC:Initialize|initialized]] with type3, and when the [[NFC:GetTagState|TagState]] is 3.
|}
|}
| [[8.1.0-0_New3DS]]
| [[8.1.0-0_New3DS]]
|
|
|}
=NFC services error codes=
{| class="wikitable" border="1"
|-
! Error-code
! Description
|-
| 0xc8a17600
| The current NFC tag [[NFC:GetTagState|state]], or other NFC state, is invalid with the NFC command which was used.
|}
|}
=NFC module savedata=
=NFC module savedata=
* "/nfp_backup.dat" This contains raw data from the [[Amiibo]] NFC data pages. The filesize is 0x001fbd20-bytes. Certain service cmds will trigger writing to this savedata. This entire file is read during [[amiibo Settings]] startup, it's unknown what command(s) actually triggers that. It seems the Amiibo data here is updated each time the Amiibo NFC data is updated, and read each time the Amiibo NFC data is read.
* "/nfp_backup.dat" This contains raw data from the [[Amiibo]] NFC data pages. The filesize is 0x001fbd20-bytes. Certain service cmds will trigger writing to this savedata. This entire file is read during [[amiibo Settings]] startup, it's unknown what command(s) actually triggers that. It seems the Amiibo data here is updated each time the Amiibo NFC data is updated, and read each time the Amiibo NFC data is read. Data is written into this savedata when the Amiibo was never scanned on this system before. The data here is probably also updated when the scanned Amiibo NFC data doesn't match the data stored here.
During NFC writing, the NFC data being written can become corrupted if the Amiibo figure is moved outside of range during writing. When this happens, this nfp_backup data can be used to restore a previous version of that data prior to the last failed write.
==nfp_backup.dat structure==
==nfp_backup.dat structure==
| 0x4
| 0x4
| Unknown. CRC32 / checksum maybe?
| Unknown. CRC32 / checksum maybe?
|}
=NFC module versions=
{| class="wikitable" border="1"
|-
! System version
! New3DS title-version
! Old3DS title-version
! Changes
|-
| [[9.6.0-24|9.6.0-X]]
| v4102
| v4106
| New3DS and Old3DS: the only changes regarding new commands is that new commands were added for the nfcu/nfcm command-set and new commands for an unknown cmd-handler were added. It's unknown if there's other changes.
|}
=Errors=
{| class="wikitable" border="1"
|-
! Error code
! Description
|-
| 0xC8A17600
| This is returned when the current state is invalid for this command.
|-
| 0xC8A17620
| This is returned by [[NFC:OpenAppData]] when the appdata is uninitialized since [[NFC:InitializeWriteAppData]] wasn't used previously.
|-
| 0xC8A17628
| This is returned by [[NFC:GetAmiiboSettings]] when the amiibo wasn't setup by the amiibo Settings applet.
|-
| 0xC8A17638
| This is returned by [[NFC:OpenAppData]] when the input AppID doesn't match the actual Amiibo AppID.
|-
| 0xC8C1760C
| Returned for HMAC-hash mismatch(data corruption), with HMAC-calculation input_buffer_size=0x34.
|-
| 0xC8A17618
| HMAC-hash mismatch with input_buffer_size=0x1DF(see [[Amiibo|here]]).
|}
|}