Support for some newer instructions #3
Comments
|
I found most of my information from reading the libfreefare and libnfc code. They have a working implementation for most of the newer authentication commands. Then I also found a bit of an older javacard applet that implemented the older encryption schemes (TDES). Also there was a blogpost with some communication examples but the info there is a bit spread out. |
|
But I must say that the authentication step was probably the most complicated one for sure. |
|
@jekkos |
|
Thanks for the credits, it's nice to hear that this research has been useful in the end. |
and others
I have been digging through DESFire specs and documentation (that which is descriptive and I can find publicly online). It appears that there are a couple of newer
Authenticatecommands that are at least supported by the DESFire light tag versions (see NXP application note):I am trying to use Android's NFC stack built-ins to perform some testing with DESFire tags. I'm not sure if your HCE implementation works this in yet, but there is also some support of ISO7816-4 commands. These are documented near the end of the data sheet I "discovered" in issue #1.
@jekkos One thing you could help me with is to understand where the communication modes for transfer of data get encoded? I cannot seem to find a solid reference for where this assumption is made. Historically, there should be three (plaintext, 2KTDEA, 3KTDEA) and more recently there are AES communication modes in key sizes of 128/192/256. One possibility is to just attach the current communication mode to whatever the most recent
Authenticateinstruction uses, but that is probably not up to standard, and is somewhat arbitrary. How did you handle this in your HCE emulation?The text was updated successfully, but these errors were encountered: