Difference between revisions of "Doorbot"

From Technologia Incognita
Jump to: navigation, search
(UR HID RFID Fobs)
m (New Keypad)
 
(61 intermediate revisions by 10 users not shown)
Line 1: Line 1:
 
{{Project
 
{{Project
|ProjectSkills=access control
+
|ProjectStatus=Finished
|ProjectStatus=Active
+
|ProjectNiche=Mechanics
|ProjectNiche=Electronics
 
 
|ProjectPurpose=Infrastructure
 
|ProjectPurpose=Infrastructure
 
}}
 
}}
We need a door control system. Preferably one that works with the RFID fobs handed out by UR for the main door at ACTA, since otherwise we'd need two parallel fob administrations and have added cost for our own fobs.
+
==Usage==
 +
[[File:Doorbot instructions.svg|thumb]]
 +
=== Entering the space: (normally) ===
  
In addition we have outlined the need for two-factor auth, so we want to add a keypad to this, where you type your PIN.
+
# scan your fob
 +
# enter your pin
 +
# press the bell button
  
= UR HID RFID Fobs =
+
=== Opening the door when in Open mode (RFID Reader LED is green) ===
The fob is the Proxkey IIII which operates at 125kHz: http://www.hidglobal.com/main/documents/proxkeyIII_ds_en.pdf
 
  
We should only need to read the fob-identifier from the card, which means activating it at the right frequency and reading it's output (which hopefully already contains the id).
+
# press bell
  
 +
=== Changing your pin: ===
  
'''Readers that were tried:'''
+
# scan your fob
* [[AuthenTec-RFID-reader]]
+
# enter 999
* Leser 6 - owned by [[User:Ultratux|ultratux]] ([http://www.conrad.nl/ce/nl/product/751242/ Link to vendor] [http://www.codatex.com/index.php?en_Leser_6plus link to 'plus' version])
+
# press bell
 +
# enter your current pin
 +
# press bell
 +
# <b>wait for the doorbot to make the the 'success' double beep</b>
 +
# enter your new pin (min 4 characters)
 +
# press bell
 +
# repeat new pin
 +
# press bell
  
 +
=== Resetting your pin when you have forgotten: ===
  
We should study the '''HID ProxkeyIII''' documentation (if available) to find out why it might be incompatible. There may be general crypto stopping non-HID devices talking to HID devices. In that case we could solve it by acquiring a HID ProxkeyIII reader off ebay. However, there may even be a crypto key inside the UR reader that was created unique to UR, in which case all our attempts will fail.
+
# Ask a doorbot maintainer (brainsmoke for now) to trigger a pin reset
 +
# scan your fob
 +
# enter your new pin (min 4 characters)
 +
# press bell
 +
# repeat new pin
 +
# press bell
  
Other possible ideas to test compatibility without purchasing a HID proxkey III:
+
=== Add a fob: ===
  
1) Acquire a HID tag and ask if UR can enable that tag instead of a UR-provided tag. If that is possible, UR having unique crypto can be all but ruled out. Unless installing that crypto key is an integral part of the activation process.
+
# Trick a doorbot maintainer into starting an addkey procedure
 +
# scan your fob
 +
# enter your new pin (min 4 characters)
 +
# press bell
 +
# repeat new pin
 +
# press bell
  
2) If someone knows the right people at a place the HID ProxkeyIII is deployed, it may be possible to bring a UR fob to them and ask if they can try to add it to their system. Obviously one needs to be an a very friendly basis with such a person, otherwise this would simply not be allowed for a whole range of reasons. But maybe someone knows a friendly datacenter operator or some other place such systems are in use... 
+
==Administration==
  
An rfid reader could be made using an arduino, a simple circuit, and winding our own antenna: http://arduino.cc/playground/Main/DIYRFIDReader
+
===doorbot shell (doorsh.py)===
  
= Door access system =
+
ssh doorbot@doorbot
  
* Embedded hardware so it won't be bluescreening or some such. This is critical infra, people.
+
Administration:
* Queries internal LDAP server for auth
 
Above requirement collides with Justa's voiced requirement that it is linked to the UR fob membership administration.
 
So I think we should forget about the LDAP. Please comment.
 
* Discuss whether the lock must be normally-open or normally-closed. In the latter case the space stays secure at the time of a power failure. In the normally-open case either the space unlocks, or we need to invest in a no-break / UPS...
 
* Ultratux has a normally-closed electronic lock he is willing to donate.
 
  
= PIN systems =
+
doorbot> list
 +
doorbot> enable <fobid>
 +
doorbot> disable <fobid>
 +
doorbot> delete <fobid>
 +
doorbot> addkey                  # add key using key reader + pinpad
 +
doorbot> addkey <fobid> <pin>    # add key using doorbot shell only
 +
doorbot> resetpin                # reset pin using reader + pinpad
 +
doorbot> resetpin <fobid> <pin>  # reset pin using shell
 +
doorbot> authmode                # put doorbot in authentication mode (default at startup)
 +
doorbot> openmode                # put doorbot in open mode
  
Several vendors have integrated RFID + PIN systems for little money. The reason we rejected such systems (aside from a possible HID fob incompatibility) was that all logic is in one box and that box unavoidably sits on the outside of the door since it has the keypad. This is unacceptable, if you tear it off the wall you not only can power actuate the lock, but you potentially also have a data leak if they can read out which fobs are allowed in (and therefore, into UR too).
+
===doorctl.py===
  
So we need a separate system where the keypad does not house the RFID data. It probably is acceptable that you can circumvent the PIN by tearing the keypad off the wall; you'd then still need a fob. The people breaking in through violence usually aren't the same people breaking in through cloning of the fobs... Or: Let's discuss this.
+
python doorctl.py initdb
 +
 +
# import fob db using plain-text pin
 +
# rfid authorised pin
 +
python doorctl.py import-plain << EOF
 +
5431553 1 12345
 +
5431554 1 12345
 +
5431555 1 12345
 +
5431556 1 12345
 +
EOF
 +
 +
python doorctl.py export    # export fob db
 +
 +
python doorctl.py import    # import fob db
 +
 +
python doorctl.py rfidlisten # print fob IDs of fobs being scanned
  
= The case we want to avoid: a UR-independent system =
+
==Design==
  
If for whatever reason we cannot re-use the fobs of UR main door for our own space we might have other options like the aforementioned wish to link members to [[SpaceFED|SpaceFED / LDAP]]. I have looked at cheap systems but most all have a limited number of fobs (20 or 50) which is directly or in the short run insufficient. After more digging I've found a system that has no attainable limit (500), and can interface with a PC for logging. http://www.conrad.nl/ce/nl/product/750782/
+
 
This system has the obvious drawback of not being able to use the UR fobs, but if that fails anyway OR if we feel that linking to LDAP has strong advantages maybe this becomes a feasible system.
+
        5V 2A
In the case we go for this option we'd have to buy our own rfid fobs, which adds [amount of members] x 6 euro which is a lot. However: maybe we can add generic fobs people already own (their work, home or garage) to our reader, thereby avoiding the purchase of a fob. This could present a security risk for those people so they must make the choice.
+
    _____||_____        [door sensor]          5V  ___12V____
 +
    |            |            |                ||  |          |
 +
    |            |--usb--[Lock arduino]--opto--[relay]  [door lock]
 +
    | Cubieboard |                                  |__________|
 +
    |            |--usb--[Auth arduino]
 +
    |____________|        |        |
 +
          |          [HID reader] [keypad]
 +
        Earth
 +
    (for keypad)
 +
 
 +
==Hardware==
 +
 
 +
==Software==
 +
 
 +
=== Cubieboard ===
 +
 
 +
==== udev persistence rules ====
 +
 
 +
To get identifiable arributes:
 +
 
 +
udevadm info -p /class/tty/ttyUSB0 -a
 +
 
 +
 
 +
SUBSYSTEMS=="usb", KERNEL=="ttyUSB*", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6001", ATTRS{serial}=="XXXXXXXX", SYMLINK+="ttyAUTH"
 +
SUBSYSTEMS=="usb", KERNEL=="ttyUSB*", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6001", ATTRS{serial}=="XXXXXXXX", SYMLINK+="ttyLOCK"
 +
 
 +
 
 +
==== doorbotd.py / doorctl.py / doorsh.py ====
 +
 
 +
https://github.com/techinc/doorbot
 +
 
 +
=== Authentication arduino ===
 +
 
 +
==== source ====
 +
 
 +
https://github.com/techinc/doorbot/blob/master/doorauth/doorauth.ino
 +
 
 +
==== protocol ====
 +
 
 +
Serial, 9600 baud
 +
 +
send:
 +
 +
LED ON\n
 +
LED OFF\n
 +
LED BLINK\n
 +
BEEP\n        (short beep)
 +
DENIED\n      (distorted sound)
 +
GRANTED\n    (double short beep)
 +
 +
receive:
 +
 +
RESET\n      (arduino has reset)
 +
KEY [0-9]\n  (keypad press)
 +
RFID [01]*\n  (rfid scanned)
 +
 
 +
=== Lock arduino ===
 +
 
 +
==== source  ====
 +
 
 +
https://github.com/techinc/doorbot/blob/master/doorlock/doorlock.ino
 +
 
 +
==== protocol ====
 +
 
 +
Serial, 9600 baud
 +
 +
send:
 +
 +
UNLOCK\n
 +
LOCK\n
 +
 +
receive:
 +
 +
RESET\n        (arduino has reset)
 +
OPEN\n        (door has opened)
 +
CLOSED\n      (door has closed)
 +
 
 +
=== New Keypad ===
 +
[[File:mechpad1.jpg|thumb]]
 +
 
 +
Project page: [[mechpad]]
 +
 
 +
Serial, 9600 baud
 +
 +
keypad -> arduino
 +
[0123456789CB]  (keypresses)
 +
[XYZW]          (unused buttons to the right)
 +
 +
arduino -> keypad:
 +
 +
R    (red swirl)
 +
G    (green swirl)
 +
B    (blue swirl)
 +
S    (sleep animation)
 +
P    (party mode / color wheel swirl)
 +
 
 +
==== source ====
 +
 
 +
https://github.com/techinc/mechpad
 +
 
 +
=== Old Keypad ===
 +
 
 +
The old keypad was replaced due to glitching :-(
 +
Project page: [[matrixpad]]
 +
 
 +
==== source ====
 +
 
 +
https://github.com/techinc/matrixpad
 +
 
 +
=== Temp. replacement keypad ===
 +
 
 +
the new keypad code is:
 +
made by beatskip, will post a schematic later this week
 +
 
 +
<pre>
 +
#include <Arduino.h>
 +
#include <Wire.h>
 +
#include <Adafruit_TCA8418.h>
 +
 
 +
#define I2C_SDA 19
 +
#define I2C_SCL 18
 +
 
 +
Adafruit_TCA8418 keypad;
 +
 
 +
#define ROWS 4
 +
#define COLS 3
 +
 
 +
char keymap[COLS][ROWS] = {{'1', '4', '7', 'C'},
 +
                          {'2', '5', '8', '0'},
 +
                          {'3', '6', '9', 'B'}};
 +
 
 +
void setup() {
 +
  Serial.begin(9600);
 +
    pinMode(10, OUTPUT);
 +
    pinMode(7, OUTPUT);
 +
  digitalWrite(10, HIGH);
 +
  digitalWrite(7, HIGH);
 +
  Wire.begin(I2C_SDA, I2C_SCL);
 +
  //run_i2c_scanner();
 +
 
 +
 +
  if (! keypad.begin(TCA8418_DEFAULT_ADDR, &Wire)) {
 +
    Serial.println("keypad not found, check wiring & pullups!");
 +
    while (1);
 +
  }
 +
 
 +
  // configure the size of the keypad matrix.
 +
  // all other pins will be inputs
 +
  keypad.matrix(ROWS, COLS);
 +
 
 +
  // flush the internal buffer
 +
  keypad.flush();
 +
  Serial.println();
 +
 
 +
}
 +
 
 +
 
 +
void loop()
 +
{
 +
 
 +
  if (keypad.available() > 0)
 +
  {
 +
    //  datasheet page 15 - Table 1
 +
    int k = keypad.getEvent();
 +
    bool pressed = k & 0x80;
 +
    k &= 0x7F;
 +
    k--;
 +
    uint8_t row = k / 10;
 +
    uint8_t col = k % 10;
 +
 
 +
    if (pressed)
 +
      Serial.write(keymap[col][row]);
 +
 
 +
   
 +
  }
 +
}
 +
</pre>

Latest revision as of 20:12, 15 December 2023

Projects
Participants Brainsmoke
Skills
Status Finished
Niche Mechanics
Purpose Infrastructure

Usage

Doorbot instructions.svg

Entering the space: (normally)

  1. scan your fob
  2. enter your pin
  3. press the bell button

Opening the door when in Open mode (RFID Reader LED is green)

  1. press bell

Changing your pin:

  1. scan your fob
  2. enter 999
  3. press bell
  4. enter your current pin
  5. press bell
  6. wait for the doorbot to make the the 'success' double beep
  7. enter your new pin (min 4 characters)
  8. press bell
  9. repeat new pin
  10. press bell

Resetting your pin when you have forgotten:

  1. Ask a doorbot maintainer (brainsmoke for now) to trigger a pin reset
  2. scan your fob
  3. enter your new pin (min 4 characters)
  4. press bell
  5. repeat new pin
  6. press bell

Add a fob:

  1. Trick a doorbot maintainer into starting an addkey procedure
  2. scan your fob
  3. enter your new pin (min 4 characters)
  4. press bell
  5. repeat new pin
  6. press bell

Administration

doorbot shell (doorsh.py)

ssh doorbot@doorbot

Administration:

doorbot> list
doorbot> enable <fobid>
doorbot> disable <fobid>
doorbot> delete <fobid>
doorbot> addkey                  # add key using key reader + pinpad
doorbot> addkey <fobid> <pin>    # add key using doorbot shell only
doorbot> resetpin                # reset pin using reader + pinpad
doorbot> resetpin <fobid> <pin>  # reset pin using shell
doorbot> authmode                # put doorbot in authentication mode (default at startup)
doorbot> openmode                # put doorbot in open mode

doorctl.py

python doorctl.py initdb

# import fob db using plain-text pin
# rfid authorised pin
python doorctl.py import-plain << EOF
5431553 1 12345
5431554 1 12345
5431555 1 12345
5431556 1 12345
EOF

python doorctl.py export     # export fob db

python doorctl.py import     # import fob db

python doorctl.py rfidlisten # print fob IDs of fobs being scanned

Design

       5V 2A
    _____||_____        [door sensor]          5V   ___12V____
   |            |             |                ||  |          |
   |            |--usb--[Lock arduino]--opto--[relay]   [door lock]
   | Cubieboard |                                  |__________|
   |            |--usb--[Auth arduino]
   |____________|         |         |
         |          [HID reader] [keypad]
       Earth
    (for keypad)

Hardware

Software

Cubieboard

udev persistence rules

To get identifiable arributes:

udevadm info -p /class/tty/ttyUSB0 -a


SUBSYSTEMS=="usb", KERNEL=="ttyUSB*", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6001", ATTRS{serial}=="XXXXXXXX", SYMLINK+="ttyAUTH"
SUBSYSTEMS=="usb", KERNEL=="ttyUSB*", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6001", ATTRS{serial}=="XXXXXXXX", SYMLINK+="ttyLOCK"


doorbotd.py / doorctl.py / doorsh.py

https://github.com/techinc/doorbot

Authentication arduino

source

https://github.com/techinc/doorbot/blob/master/doorauth/doorauth.ino

protocol

Serial, 9600 baud

send:

LED ON\n
LED OFF\n
LED BLINK\n
BEEP\n        (short beep)
DENIED\n      (distorted sound)
GRANTED\n     (double short beep)

receive:

RESET\n       (arduino has reset)
KEY [0-9]\n   (keypad press)
RFID [01]*\n  (rfid scanned)

Lock arduino

source

https://github.com/techinc/doorbot/blob/master/doorlock/doorlock.ino

protocol

Serial, 9600 baud

send:

UNLOCK\n
LOCK\n

receive:

RESET\n        (arduino has reset) 
OPEN\n         (door has opened)
CLOSED\n       (door has closed)

New Keypad

Mechpad1.jpg

Project page: mechpad

Serial, 9600 baud

keypad -> arduino
[0123456789CB]   (keypresses)
[XYZW]           (unused buttons to the right)

arduino -> keypad:

R     (red swirl) 
G     (green swirl)
B     (blue swirl)
S     (sleep animation)
P     (party mode / color wheel swirl)

source

https://github.com/techinc/mechpad

Old Keypad

The old keypad was replaced due to glitching :-( Project page: matrixpad

source

https://github.com/techinc/matrixpad

Temp. replacement keypad

the new keypad code is: made by beatskip, will post a schematic later this week

#include <Arduino.h>
#include <Wire.h>
#include <Adafruit_TCA8418.h>

#define I2C_SDA 19
#define I2C_SCL 18

Adafruit_TCA8418 keypad;

#define ROWS 4
#define COLS 3

char keymap[COLS][ROWS] = {{'1', '4', '7', 'C'},
                           {'2', '5', '8', '0'},
                           {'3', '6', '9', 'B'}};

void setup() {
   Serial.begin(9600);
    pinMode(10, OUTPUT);
    pinMode(7, OUTPUT);
  digitalWrite(10, HIGH);
  digitalWrite(7, HIGH);
  Wire.begin(I2C_SDA, I2C_SCL);
   //run_i2c_scanner();

 
  if (! keypad.begin(TCA8418_DEFAULT_ADDR, &Wire)) {
    Serial.println("keypad not found, check wiring & pullups!");
    while (1);
  }

  // configure the size of the keypad matrix.
  // all other pins will be inputs
  keypad.matrix(ROWS, COLS);

  // flush the internal buffer
  keypad.flush();
  Serial.println();
  
}


void loop()
{
  
  if (keypad.available() > 0)
  {
    //  datasheet page 15 - Table 1
    int k = keypad.getEvent();
    bool pressed = k & 0x80;
    k &= 0x7F;
    k--;
    uint8_t row = k / 10;
    uint8_t col = k % 10;

    if (pressed) 
      Serial.write(keymap[col][row]);

    
  }
}