What I am trying to achieve is to send APDU command to MIFARE Classic 1K card to change its A and B keys.
I was able to establish a connection with the card and use a default key (FFFFFFFFFFFF) to read block 0 and block 1. I used HID MifareSamples application for it.
Now, I would like to change A key from default to something else. I found a solution here, at stackoverflow (Mifare Change KEY A and B) which suggests that I have to send this APDU:
New key A = 00 11 22 33 44 55 Access bits not overwritten Key B not
used (so FF FF FF FF FF FF)
=> Write to Sector Trailer 00 11 22 33 44 55 FF 0F 00 FF FF FF FF FF FF FF
I found a good tool JSmartCard Explorer which allows you to send APDUs to cards. Then I read PCSC specifications 3.2.2.1.4 Load Keys Command chapter and understood that the command should probably look like this:
FF 82 00 00 18 00 11 22 33 44 55 FF 0F 00 FF FF FF FF FF FF FF
But unfortunately JSmartCard tool fails with "Command not allowed (no current EF)".
What I am doing wrong? How can I change the key?
First of all, MIFARE Classic cards do not use APDU commands. Hence, you do not send APDUs to the card but to the card reader (which translates them into MIFARE Classic commands). APDU commands to be processed by the reader typically start with the class byte FF.
In MIFARE Classic cards, the keys (A and B) and the access conditions for each sector are stored in the sector trailer (the last block of each sector). A MIFARE Classic 1K card has 16 sectors with 4 blocks each.
So if you want to set the keys & access conditions for sector 0, you would need to write them to block 3 (the last block of sector 0). The PC/SC standard defines the write command (UPDATE BINARY) for storage cards as:
FF D6 XXYY 10 ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
Where XXYY is the block address and ZZ... is the data to be written to the block.
The format of the sector trailer is (see this answer for further details):
<key A> | access bits | general purpose byte | <key B>
So in order to set
key A = 00 11 22 33 44 55
key B = 66 77 88 99 AA BB
access bits = 787788 (sector trailer is writable using key B only; access bits/GPB can be read with key A or B; data blocks are writable using key B only; data blocks can be read with key A or B)
GPB is set to 69
for sector 0, you would use the following write command:
FF D6 0003 10 001122334455 787788 69 66778899AABB
Note that you cannot partially update the sector trailer, you always have to construct and write the whole sector trailer.
Related
I have been uploading effortlessly files to S3 as buffers but the source was via file Upload from the client Side either from postman or a frontend app. This is how it looks usually
{type: buffer, data: buffer} or {type: buffer, data: [buffer]}
anyways, I am able to get the desired buffer to pass to S3 and the result is an S3 url that is an actual image which is downloadable.
New Issue: I got an sql file that contains a column for images stored as MEDIUMBLOB.
This is how it looks in the table below.
I am not able to upload it as a buffer to S3.
I have fetched the content of the table via nodejs and I got data for each row as;
RowDataPacket {
employee_id: 000,
data: <Buffer ef bf bd 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 ef bf bd 00 00 00 ef bf bd 08 02 00 00 00 ef bf bd 38 58 ef bf bd 00 00 ef bf bd 00 49 ... 111181 more bytes>
}
I have this piece of code that just sends that buffer
const buff = result.data;(*data is the buffer as shown in the code snippet above*)
s3.upload(
{
Bucket: bucketName,
Body: buff,
Key: key
}
the result is an S3 url which I expect, but on downloading it, it shows the same image as shown in the screenshot above instead of a real image.
I have made some research to try find a solution, but so far, I have not managed to get a solution that works for me.
But I have tried to upload a file on postman and get a buffer and convert it to base64 then I was able to get the equivalent image. So not really sure if the image in the mysql table is corrupted or hence the buffer I am getting cannot be transformed to a proper image.
The closest to my question is this Similar Issue I had
The difference with this and mine is that the Buffer here is coming in the format which I am also used to and I won't have an issue passing that Buffer to the S3 to get the desired result. But mine is coming from mysql
I am really stuck on this and not sure how to find my way around it.
I have a microcontroller(msp430) and a smartcard(se050), and I am sending APDUs from micro controller to the smartcard using Code Composer Studio on my windows computer.
I am trying to create a secure channel (SCP03) using AES symmetry key. I have created a session using this AES key on the smart card and now to perform mutual authentication I have sent 'INITIALIZE UPDATE' command APDU to smart card
Initialize Update APDU:
80 50 00 00 08 00 00 00 00 00 00 00 00 00
And the response from the card is:
00 00 00 00 00 00 00 00 00 00 00 03 60 7E 25 31 3D BE 63 59 BE 34 AA 4B C0 F2 B9 27 B4
where
00 00 00 00 00 00 00 00 00 00 = Key Diversification Data
00 03 60 = Key information
7E 25 31 3D BE 63 59 BE = card challenge
34 AA 4B C0 F2 B9 27 B4 = card cryptogram
Now, I want to check if card cryptogram is correct or NOT? For that I need to create secret session keys (S-ENC, S-MAC, S-DEK) and the card cryptogram in order to authenticate the card.
Also I need to create 'Host Cryptogram' that I need to resend to the smart card in 'EXTERNAL AUTHENTICATE' command.
How can I generate these things in code composer? Are there any C-libraries that I can import in my codes to generate these keys and cryptograms?
I have developed a while a ago and recently updated the GlobhalPlatform C Library. Here is an Overview Page and here is the API documentation. For your problem mutual authentication is a good starting point.
Remember that you can generate also more convenient project files for Visual Studio or Eclipse with cmake -G "..." to have a good way of browsing the project.
I have a contact smartcard.(I dont know about what kind of applet installed on it. But I can authenticate, read, update and verify pin with standart APDU commands.) And I want to do some changes on PIN.
So, my question is:
If card has PIN, then update the PIN with new value. If card dont have any PIN, then set PIN.
Standart update command is not working on PIN file. I am getting 6982 response message from ICC card. So, what is the approach to success above situation.
I searched on internet about it, But I didnt find any useful Docs&Articles.
Error 6982 stands for "Security condition not satisfied".
PINs are never transmitted plain as you have mentioned in your packet. They are always encrypted for the software involved between a User and the ICC can sneak peak the packet. A public key has to be obtained using GET_CHALLENGE command and used for enciphering of the PIN.
According EMV spec, the APDU for PIN change is
CLA = 8C or 84;
INS = 24
P1 = 00
P2 = 01/ 02
Lc = Number of data bytes
Data = Enciphered PIN data component, if present, and MAC data component;
CLA and Data are to be coded according to the secure messaging specified in EMV Book 2
P2 = 01 => PIN Data Generated Using the Current PIN
P2 = 02 => PIN Data Generated Without Using the Current PIN
new PIN is encapsulated in the Data field
Finaly I found solution, and I am putting the answer here.
Firstly, we need to select PIN FILE. For this
Select MF(Master File)
Select DF(Dedicated file)
Select PIN EF (Elementry file)
Select App Master File : 00 A4 00 00 02 XX XX
Select App Dedicated File : 00 A4 00 00 02 XX XX
Select App Pin File : 00 A4 00 00 02 XX XX
Change Pin coommand: 00 24 [TM] [KN] [LN] XX XX .. ..
TM: Transfer Mode (Clear Transfer) : 00 KN: Key Number: 10 LN:
Total Pin Length(Every time 16 bytes): 10
For example (Old pin is “1234” and we want to change pin to
“5678”:
Change Pin : 00 24 00 10 10 31 32 33 34 FF FF FF FF 35 36 37 38 FF
FF FF FF (FF: padding value)
I know this question was asked before here. But the answers are useless for me.
I have pc/sc reader and contactless card(mifare card), I can connect to the card and also I can execute the getdate command successfully. However, when I want to authenticate I see this error:
"6982:Security status not satisfied"
I've tried these 4 different commands for authentication but I get the same error for all of them.
FF 88 00 00 06 FF FF FF FF FF FF
FF 88 00 00 60 12
FF 88 00 00 05 01 00 12 60 00
FF 88 00 00 60 00
How can I authenticate to this card ?
The GENERAL AUTHENTICATE instruction performs a Mifare Classic authentication (CRYPTO1).
The application must provide the index of the key to be used; this key must have been loaded into
the reader through a previous LOAD KEY instruction.
Do not invoke this function if the currently activated PICC/VICC is not a Mifare Classic!
FF 86 00 00 05 01 00 blockNo keyLocation keyIndex
Where
blockNo = is the address on the card, where we try to be authenticated.
keyLocation =
h60 for authentication using a CRYPTO1 “A” key (standard PC/SC-defined value)
h61 for authentication using a CRYPTO1 “B” key (standard PC/SC-defined value)
keyIndex = key index in the reader where you have load the key(posible value from 0x00 to 0x1f)
I have pc/sc reader which completely works with mifare 1k card I've executed "get data","load key","authenticate","read"commands and all of them work correctly.now I want to work with nfc on cell phone but when I've tried these commands on it (I have cell phone with embeded element(smartMX) which as I know it must support mifare 1k commands ) I just could execute "get data" command but for the rest of them I saw this error "6E00": "Class not supported"
Card ATR: 3B8A80010031C173C8400000900090
here is the list of the commands that I've used for mifare 1k card
GetData <FF CA 00 00 00>
LoadkeyN<FF 82 20 00 06 FF FF FF FF FF FF>
Authentication<FF 88 00 60 00>
Dose any one know which class or commands I must use?I'll be grateful for any suggestion or information.