The Psion Link Protocol
Information Sources
I am trying to understand the Psion Link protocol in order to implement a free implementation for UNIX, especially for LINUX systems. Lacking documentation I had to do it the hard way.First source of Information:
I installed rcom in dosemu running linux. Using the strace utility I looked for system calls twiddling the serial port. (It is simple to patch dosmu to write down the information). Here is a perl script for analysing the output
Second source:
The Information in the prcdsk.zip File downloadable from http://www.epocworld.com for free. It is the documentation of a win16 API for Psion remote communication.
Layers
There seems to be different layers which make up the Psion Link Protocol:
lowest Level
An error correction protocoll (PRCSDK: A variant of the MNP Modem protocoll)
Data is encapsulted in packets. Each packet has a sequence number and a CRC checksum. Each packet has to be acknowledged.
If a packet is not ack it is transferred again.
[All Bytes written down are in hex.]
Each packet has the form
16 10 02 SEQUENCE DATA 10 03 CRC
SEQUENCE (BYTE) The sequence id of commands are of the form 3x (0<=x<=7). The ack of the command is of the sequence (ID & 0f) . The sequence ID 20 is special. It resets the sequence numbers back to 00.
DATA: A strem of data. If DATA contains a byte 10, it will be escaped by 0x10.
CRC (WORD) The checksum is the CCITT Checksum (GenCRC) of the builtin EPOC. It is the 16 Bit Checksum with poly x^16+x^12+x^5+x^1.
Example:
PC: 16 10 02 31 .... 10 03 ?? ??
Psion: 16 10 02 01 10 03 21 01
This protocol seems to build up a reliable connection between PC and Psion.
The first byte 16 may be the revisiion of the protocol.
Higher Level Protocol
There seems to be a couple of Client/Server Protocols/processes working when the link is activated. Most of them are simply unclear to me.
One of the first messages sent both from psion and pc:
00 00 06 03 TIME
TIME (DWORD)
and
00 00 06 02 TIME
Fileserver Protocoll
File operations sent from the PC are prefixed by 02 02 01. Most of the commands are of the form:
PC: 02 02 01 COMMAND SIZE DATA
Answer from Psion: 02 02 01 1a 00 SIZE DATA.
COMMAND (WORD).
002a
Reply0000
Open0002
Close0006
Read dir entry000a
Write000c
Delete??0016
get file attr0018
set file attr001a
get info001c
Mkdir0028
Set file time0020
??SIZE (WORD) The size of the whole command incl. DATA
DATA
Many commands simply return an error code (WORD) or 00 00 (no error). The error codes seem to be identical to the error codes in the prcsdk documentation.
All numbers are in little endian.
For each command decrypted: what is contained in DATA:
----------------------------------------
==================================
Open
ATTRIB (WORD) prcsdk: prcfileopen.
NAME (String) File/DirName
Reply:
STATUS (WORD)
HANDLE (WORD) file handle foraccess to ths file object.
==================================
Write
LENGTH (WORD)
HANDLE (WORD)
DATA
Reply:
STATUS (WORD)
==================================
Close
LENGTH (WORD)
HANDLE (WORd)
Reply:
STATUS (WORD)
==================================
Set time
TIME (DWORD)
NAME (STRING) file name
Reply:
STATUS (WORD)
==================================
set file attr
value (WORD)
mask (WORD)
Reply:
WORD status
==================================
mkdir
STRING file name
Reply:
WORD status
==================================
Read dir
WORD length
WORD handle
Reply: (directory listing:)
WORD 02 00 (Version 2?)
WORD status see PrcDirRead (prcsdk docu)
DWORD size
DWORD modst (Sec since 1970 typo in docu!)
BYTE[4] fc eb 0f 8b (PRCDSK Docu: reserved)
STRING name
==================================
get file attr
WORD length
STRING file name
Reply:
00 00
WORD (version) 02 00
WORD status
DWORD size
DWORD time
BYTE[4] spare 69 6c 65 54