使用APDU C#设置自己的身份验证密钥MiFare Classic [英] Set own authentication keys MiFare Classic with APDU C#
问题描述
我正在使用CardWerk的SMARTCARD API。
I'm using the SMARTCARD API from CardWerk.
如何更改默认密钥((字节)0xFF,(字节) 0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF,(字节)0xFF
)使用APDU?
How can I change the default key ((byte)0xFF, (byte)0xFF, (byte)0xFF, (byte)0xFF, (byte)0xFF, (byte)0xFF
) using an APDU?
APDU由CLASS,指令P1,P2组成。
我一直在阅读文档,但无法找到将实际密钥更改为新密钥所需的参数。
The APDU consits of a CLASS, an INSTRUCTION, P1, P2. I have been reading documentation but I'm unable to find what parameters do I need to change the actual key to a new one.
推荐答案
更改MIFARE Classic卡的密钥的过程如下:
The process for changing the keys of a MIFARE Classic card is like this:
- 对您要为其解密的证券进行身份验证要更改密钥。
- 使用常规读取操作读取扇区尾部(或生成包含所需访问字节的新扇区尾部)。扇区尾部是该扇区的最后一个块(例如,对于MF Classic 1K,每个扇区的块3)。
- 用新密钥填充扇区尾部。请注意,您将无法在步骤2中读取当前键,因此即使您希望它们保持与以前相同,也必须填写键A和键B(如果存在)!
- 使用正常的写操作写扇区尾部。
- 对另一个扇区进行身份验证(如果您希望更改立即生效)。
- Authenticate to the secor for which you want to change the key.
- Read the sector trailer using normal read operation (or generate a new sector trailer containing the access bytes you want). The sector trailer is the last block of the sector (i.e. for MF Classic 1K, block 3 of each sector).
- Fill the sector trailer with the new key(s). Note that you won't be able to read the current keys in step 2, so you have to fill in key A and key B (if it exists) even if you want them to stay the same as before!)
- Write the sector trailer using normal write operation.
- Authenticate to another sector (if you want the change to take effect immediately).
行业预告片的格式如下:
The sector trailer is formatted like this:
xx xx xx xx xx xx zz zz zz gg yy yy yy yy yy yy
其中 xx xx xx xx xx
是键A, yy yy yy yy yy yy
是键B和 zz zz zz
是强制执行基于密钥的访问权限的访问字节。 gg
是通用字节,没有特殊含义,除非您使用MIFARE应用程序目录或NXP的NDEF映射(将MIFARE Classic用作NFC标签)。
Where xx xx xx xx xx xx
is key A, yy yy yy yy yy yy
is key B and zz zz zz
are the access bytes that enforce key-based access permissions. gg
is a general-purpose byte with no specific meaning unless you use a MIFARE application directory or NXP's NDEF mapping for using MIFARE Classic as NFC tag).
警告:将访问字节设置为无效值将使卡无法访问!
Be warned that setting the access bytes to an invalid value will render the card inaccessible!
一个示例部门预告片如下所示:
An example sector trailer could look like this:
FF FF FF FF FF FF 78 77 88 00 FF FF FF FF FF FF
访问条件意味着您可以用键A读取和用键B读/写。
The access conditions meaning that you can read with key A and read/write with key B.
由于MIFARE Classic卡不讲APDU,因此很难为您提供现成的APDU命令。 (MIFARE Classic卡是非接触式存储卡,使用它们自己专有的非接触式协议,并且PC / SC兼容的智能卡读取器通常仅将这些专有的存储访问命令映射到APDU。)
As MIFARE Classic cards do not speak APDU, it's difficult to give you a ready-made APDU command for this. (MIFARE Classic cards are contactless memory cards and use their own proprietary contactless protocol and PC/SC-compliant smartcard readers usually only map these proprietary memory access commands to APDUs.)
但是,如果您的阅读器支持PC / SC 2.01存储卡命令,则命令可能如下所示:
However, if your reader supports PC/SC 2.01 commands for storage cards, commands could look like this:
-
加载密钥
xxxxxxxxxxxx
到关键插槽0(取决于您的阅读器,您可能需要在P2中编码不同的插槽编号;在这种情况下,请记住使用authenticate命令):
Load a key
xxxxxxxxxxxx
to key slot 0 (depending on your reader you might need to encode a different slot numer in P2; remember to adapt the authenticate command in that case):
FF 82 2000 06 xxxxxxxxxxxx
使用该密钥作为密钥A验证扇区0:
Authenticate sector 0 using that key as key A:
FF 86 0000 05 01 0000 60 00
或使用该密钥作为密钥B来验证扇区0:
Or authenticate sector 0 using that key as key B:
FF 86 0000 05 01 0000 61 00
为扇区0(在第3块中)编写新的扇区预告片:
Write new sector trailer for sector 0 (in block 3):
FF D6 0003 10 xxxxxxxxxxxx zzzzzz gg yyyyyyyyyyyy
这篇关于使用APDU C#设置自己的身份验证密钥MiFare Classic的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!