Changelog for firmware 1100 v2.00

2.00.10 (2023-03-22)

Bug fixes

• Under certain circumstances firmware uploads could fail, requiring the reader to be disconnected and reconnected to repeat the upload. Currently, only the internal production process is affected.

• Downgrading a LEGIC reader firmware to version 2.00.09 or below using a BEC2 or BF3 file fails if the version you downgrade from loads SM-4200 OS v4.7.0.0 or above.

  Note: All reader firmware versions released so far load SM-4200 OS v4.4.0.0 or below. Thus, this bug will only take effect when a reader firmware version to be released in the future loads SM-4200 OS v4.7.0.0 or above. Then, downgrading from that reader firmware version to version 2.00.09 or below using a BEC2 or BF3 file will fail.

2.00.09 (2022-08-08)

• Updated LEGIC SM-4200 OS to v4.4.0.0. This has improved read reliability, especially when used in metal environments with cards that have their antennas placed close to the edge.

2.00.08 (2022-04-13)

Bug fixes

• In rare cases, a firmware update could cause Bluetooth to stop working, indicated by the Bluetooth boot status being set. Subsequent updates to firmware versions below 2.00.08 terminated with an error, although the firmware was deployed correctly. This error state could only be left by upgrading to firmware version 2.00.08 or above; downgrades to older firmware versions were then possible again.

• Running VHL.Read after VHL.IsSelected resulted in an authentication error VHL_AUTH_ERR when the following setup was used:

  • Reader from the LEGIC product line
  • MIFARE DESFire EV1 cards

2.00.07 (2022-03-02)

This version also includes all features and bugfixes of the stable version v1.xx up to and including v1.25.00.

Features

• Added support for the new BEC2 file format for configurations. This allows you to use wireless upload, create ConfigCards in BALTECH Uploader, and package configurations with a firmware.

• Added support for emulating an ISO 14443-4 card with a reader. For this purpose, the Iso14CE command group is used. This allows you to use a reader as a transfer reader for wireless upload in BALTECH Uploader.

• Added support for uploading BEC2 configuration files via NFC. This allows you to use wireless upload in BALTECH Uploader.
  The firmware also supports NFC upload apps for mobile phones to be developed in the future.

• To protect a reader with a configured RFID interface against unauthorized firmware updates, the new configuration value Device / Run / DenyUnauthFwUploadViaBrp has been introduced: If this value is set, the reader blocks the upload of a firmware in BF2/BF3 format, i.e. a firmware can only be uploaded if it's packaged with a newer version of the configuration deployed to the reader (alternatively, a factory reset can be performed).

• If the reader firmware is incomplete after a failed firmware update, you can now still perform a factory reset. This ensures the reader won't be left in a corrupted state if a firmware update has been aborted due to an RFID interface configuration that has the Device / Run / DenyUnauthFwUploadViaBrp bit set (see previous bullet point).

• Incomplete firmware no longer returns a special ID (1053 for USB readers, 1075 for Ethernet readers), but the ID and version of the firmware you tried to upload. Thus, you can infer to the intended firmware state after an aborted update. So that you can still recognize when a firmware is incomplete, Sys.GetBootStatus now returns the new boot status IncompleteFirmware.

• Added support for setting a bus address via NFC (implementation in our software tools is planned). Setting a bus address will be permitted either in the course of uploading a BEC2 file or when the reader housing is open (i.e. a tamper alarm is triggered).
  For very high security requirements, the new parameter GreaterVersion (see Device / Run / AuthReqUploadViaBrp and Device / Run / AuthReqUploadViaIso14443) can be set: Then, the bus address can only be set if a newer version of the existing configuration is deployed. This ensures that the bus address can't be changed arbitrarily by deploying the same configuration version again.

• Added support for retrieving reader information via NFC (implementation in our software tools is planned).

• Added support for MIFARE DESFire EV3.

• Added VHL.Read and VHL.Write support for MIFARE Ultralight, Ultralight-C, and Ultralight-EV1 cards.

• Added low-level commands for encrypted communication with Ultralight-C and Ultralight-EV1 cards:

  • Ultralight-C: Authentication with a 3DES key
  • Ultralight-EV1: Password authentication according to AN12694 as well as password check and verification

• Added an alive check for keypad components to further increase reliability of ACCESS200 keypad readers.

• Increased the timeout for VHL.ExchangeAPDU to 60 seconds to cater for complex crypto operations.

• LEGIC readers with security module SM-4500 are supported now.

• You can now check if your reader's LED can be customized: If yes, Sys.GetFeatures will return the feature ID RgbLed or RgbLedLimited respectively.

• Changed the default setting for OSDP: By default, the reader now uses SCBK-D without diversification.

• OSDP now supports a tri-color LED (red/green/blue).

• Added the OnPinEntry event, which is fired when a PIN code has been entered via the keypad. Now you can configure a custom action, e.g. to give visual or acoustic feedback when PIN entry is completed.

• The SNET protocol now supports DKR readers.

• You can now configure an individual transition time for each VLED definition .

• Added support for MIFARE Plus values in security level 3. For this purpose, the Mif.ValueSL3 command has been added.

• Added support for NXP AV3 SAM ( low level and VHL commands)

• Added support for the following card types:

  • DESFire EV2 ( low level and VHL commands)
  • MIFARE Plus EV1 ( low level and VHL commands)

• For readers that support OSDP, Sys.GetFeatures will now return the feature ID OsdpV217.

• When you use LED customization to illuminate only 1 side of an ACCESS200 housing, the LEDs on the other side will be disabled.

Bug fixes

• When a programmed card number (PCN) was truncated via the host interface component for virtual COM port undirectional, RS-232/UART undirectional, or keyboard emulation, it was truncated at the end. Now it's truncated at the front.

• The I/O port protocol, which e.g. allows you to use a UART pin as a GPIO, wasn't supported by ID-engine Z.

• Reading an ISO 14443 type A card without an iClass container was very slow if the reader configuration contained Autoread components for both iClass and ISO 14443 type A.

• When setting beeper off time to 0 via the OSDP command osdp_BUZ, the beeper was still on after command execution. Now, the beeper is switched off afterwards.

• LEGIC readers could hang if an ISO 15693 or ISO 14443 card was presented at the edge of the antenna field.

• VHL.Select handled random IDs returned by Felica and ISO 14443 type B cards incorrectly: The command returned the card multiple times, each time as a new card with a new ID, even if the Reselect parameter was set to false. Now, the card is returned only once as long as it remains in the antenna field.

• On MIFARE Plus S and MIFARE PLus L3 cards, authentication with SAM key only worked with SAM key 0.

• Combo cards MIFARE DESFire/Classic were occasionally not detected.

• Desfire.GetDfNames only worked when there was 1 application programmed onto the card.

• Desfire.Authenticate terminated in an error.

• VHL.IsSelected didn't work with FeliCa cards.

• Since version 1.21.00, OSDP authentication was still possible with SCBK-D after installing SCBK.

• LED signalization during AdrCard, ConfigCard, or LicenseCard presentation wasn't correct if a VLED transition time was configured.

• Updating the reader via OSDP protocol did not work since version 1.05.00.

• Reintroduced Iso14a.TransparentCmdBitlen. In rare cases this is still needed.

• WTX was not supported by ISO 7816 T=1 protocol.

• Encoding conversion, e.g. used by certain Autoread components in BALTECH ConfigEditor, didn't work properly when the data to convert had been cut out of the original data stream.

• To enhance security, manipulation on the software level via the RFID interface now triggers a tamper alarm. This includes, e.g. the use of a ConfigCard, an AdrCard, or a wireless upload via NFC.

• If deploying a configuration via Sys.GfgLoadBlock was blocked by the reader due to missing permissions, the reader returned the error Sys.ErrCfgAccess, which suggested an issue with the memory. Now, the error ErrAccessDenied is returned.

• The timeout for SAM detection has been reduced to speed up initialization.

• When a Prox license is missing, the low-level commands HID.ProxRead, HID.Prox32Read, and HID.IndalaRead now return the new error code HID.ErrLicense.

• Unencrypted configurations can now only be deployed to legacy devices for which this is a requirement.

• For MIFARE DESFire EV1 cards, read reliability has been improved for slow card presentation.

• On ID-engine Z readers, handling multiple cards presented at the same time (anti-collision) resulted in an error for certain combinations of ISO 14443 Type A cards.

• Minor bugs in LED customization feature fixed.