Hi, I played with this a little more. I wrote quick&dirty prototype based on aes2501 (1). You can download it from [2], it contains also some of the logs I posted previously and some additional logs. I also guessed some of the codes in the communication - they are described in "codes.txt" file.
Now, I am able to make the prototype wait (functions aesStartScan() and aesDetectFinger()) until the a finger is attached to sensor and actually receive (function aesReadFingerprint()) fingerprint data (but the sensor must be left initialized from virtualized Windows). The main issue now, is to determine, the format of fingerprint data. You can get the data from "logs/output.txt" (log from my prototype) or "logs/08ff:1680.usblog" (log from Wireshark) files. The fingerprint data are transfered in few (~4) packages 16384 bytes long, first package is always beginning with the header 4954020d. The fingerprints are not transfered in stripes (unlike in other sensors) and might be encrypted. I was also experimenting with initialization of the sensor. I was able to follow (file 1u-my_module-best.txt) the communication along with the original schema (file 1u-init-and-reading.txt). The device successfully went to state "7050080 1625011e", but then it is starting to differ. I am not able to follow it further probably because the communication uses some kind of encryption tokens or so (see "vimdiff 1u-init-and-reading-1.txt 1u-init-and-reading.txt"). The question is, whether I am able to encrypt the tokens same as the original software. Please have look at the fingerprint data, and try to guess, what is their format. PS: I have found, what type of the sensor I have - I probably have AES1660 (3). [1] http://aes2501-wy.sourcearchive.com/ [2] http://www.uloz.to/8365105/aes1660-prototype-tar-bz2 [3] http://www.authentec.com/a/Production/smartsensors_pc/AES1660.aspx Dne Sat, 19 Mar 2011 23:25:53 +0100 Petr Dlouhý <[email protected]> napsal(a): > Hi, > > the files probably didn't went through the mailing list - you can > download > them at <http://www.uloz.to/8352470/fprint-logs-tar-bz2>, I also included > one log from usbmon (from different session than the Wireshark log). > > The log captures connection of the device to VirtualBox machine and > reading of fingerprints. The individual actions could be separated by the > time stamp. > > I started to look on the log to find more about what happening. I have > found, that the large portion of data comes from the device after the > package with following data is released from the computer: > > 13204c01 00004b04 00785634 12550700 8042007f 00001449 03002000 c8 > > After this follows response with few (~3) packages with size 16384 B > (=128x128), and the last package is smaller, but still has significantly > more data than other responses. I highly suspect this part of > communication to be actual receiving of the fingerprint. Although, ff the > data are really the fingerprint, then it is surprising, that the > fingerprint is transfered in once, not by strips as in other sensors. > > There is another thing, that confuses me highly. During all the > communication, there are few repeating sequences of lots of packages with > larger portion of data (~200 B) transfered _from_ computer _to_ the > device. They are usually confirmed with "42010001" from the device. > > I would like to know, what is purpose of those packages. I think, there > is > too much of data transfered to be just control sequences. I was thinking > about encryption keys, or firmware, or fingerprint patterns or something > like that. > > > Dne Sat, 19 Mar 2011 17:35:21 +0100 Petr Dlouhý <[email protected]> > napsal(a): > -- Petr Dlouhý _______________________________________________ fprint mailing list [email protected] http://lists.reactivated.net/mailman/listinfo/fprint
