NTAG212的Mifare超轻与认证 [英] NTAG212 Mifare Ultralight with Authentication
问题描述
我是新来的NFC Android和我一直在坚持了几天试图获得第4页至第7页的 NTAG212的Mifare超轻与认证,我已经有PWD和包装做< STRONG> PWD_AUTH 根据 NTAG212 文档。
我做到这一点的方法...
//假设密码字节数组
//假设包作为字节数组
尝试{
nfc.connect();
byte []的CMD1 = nfc.transceive(新的byte [] {(字节)为0x30,(字节)为0x00}); //读取页面0,使NFC活跃
nfc.transceive(新的byte [] {
对于PWD_AUTH(字节)0x1B,//命令
通过[0],
通过[1],
通过[2],
通过[3]
});
byte []的CMD4 = nfc.transceive(新的byte [] {(字节)为0x30,(字节)0×04}); //读取第4页
}赶上(TagLostException E){
e.printStackTrace();
}赶上(IOException异常E){
e.printStachTrace();
}最后{
尝试{
nfc.close();
}赶上(例外五){
//显示无法关闭
}
}
发送PWD_AUTH命令将NFC标签后失去错误:
我总是收到一个 android.nfc.TagLostException。谁能告诉我什么,我做错了什么?是我的方法正确吗?请大家帮帮忙。
注:我已看过NTAG212很多次的文档,谷歌搜索,计算器和一切可能的资源。
TIA,
Kenster
您发送给标签没有多大意义的PWD_AUTH命令。</ P>
在PWD_AUTH命令的想法是,你把你的密码(4字节值),该标签与它的密码响应确认(PACK)值(2字节的值),如果你使用正确的密码进行身份验证。然后,您可以验证与预期密码PACK值确认为认证的标签。
所以,正确的命令是:
字节[]响应= nfc.transceive(新的byte [] {
(字节)0x1B,// PWD_AUTH
通过[0],通过[1],通过[2],通过[3]
});
如果((响应=空)及!及(response.length&GT; = 2)){
byte []的包= Arrays.copyOf(响应,2);
// TODO:验证PACK,以确认该标签是真实的(不是真的,
//但整个PWD_AUTH /包的认证机制不
//真正的意思带来多大的安全性,我希望;同样与
// NTAG签名BTW)。
}
您需要,以启用密码保护(在NTAG212)是什么:
-
设置PWD(第39页),以您想要的密码(默认值为
0xFFFFFFFF的)。字节[]响应= nfc.transceive(新的byte [] { (字节)0xA2,//写 (字节)39,//网页地址 通过[0],通过[1],通过[2],通过[3] }); -
设置组(第40,字节0-1)到您想要的密码应答(默认值为
0×0000)。字节[]响应= nfc.transceive(新的byte [] { (字节)0xA2,//写 (字节)40,//网页地址 包[0],包[1],//字节0-1是PACK值 (字节)0,(字节)0 //其它字节为RFU,必须写为0 }); -
设置AUTHLIM(第38页,字节0,位2-0),以失败的密码验证尝试(此值设置为0,将允许无限数量PWD_AUTH尝试)的最大数量。
-
设置PROT(第38页,字节0,第7位),到你想要的值(0 = PWD_AUTH只写访问需要,1 = PWD_AUTH是必要的读写访问)。
字节[]响应= nfc.transceive(新的byte [] { (字节)为0x30,//读取 (字节)38 //网页地址 }); 如果((响应= NULL)及!及(response.length&GT; = 16)){//读取始终返回4页 布尔PROT = FALSE; //虚假= PWD_AUTH写而已,真正= PWD_AUTH的读取和写入 INT authlim = 0; // 0到7之间的值 响应= nfc.transceive(新的byte [] { (字节)0xA2,//写 (字节)38,//网页地址 (字节)((反应[0]&安培; 0x078)|(PROT 0x080:量0x000)|(authlim&安培; 0x007)), 响应[1],响应[2],应答[3] //保存旧值字节1-3,你也可以简单地将其设置为0,因为它们是目前俄罗斯足协,必须始终写为0(响应[1] ,响应[2],响应[3]将包含0太,因为它们含有的读RFU值) }); } -
设置AUTH0(第37页,字节3)应该要求密码验证的第一页。
字节[]响应= nfc.transceive(新的byte [] { (字节)为0x30,//读取 (字节)37 //网页地址 }); 如果((响应= NULL)及!及(response.length&GT; = 16)){//读取始终返回4页 布尔PROT = FALSE; //虚假= PWD_AUTH写而已,真正= PWD_AUTH的读取和写入 INT auth0 = 0; //第一页被保护,设置为从0到37的数值为NTAG212 响应= nfc.transceive(新的byte [] { (字节)0xA2,//写 (字节)37,//网页地址 响应[0],//保存旧值字节0 响应[1],//保存旧值字节1 响应[2],//保存旧值字节2 (字节)(auth0&安培; 0x0ff) }); }
如果您使用,而不是直接使用收发方法 MifareUltralight 标签技术,你也可以使用 readPages 和 writePage 方法:
-
在读命令
字节[]响应= nfc.transceive(新的byte [] { (字节)为0x30,//读取 (字节)(pageAddress&安培; 0x0ff)//网页地址 });被equvalent到
字节[]响应= nfc.readPages(pageAddress); -
写命令
字节[]数据= {(字节)...,(字节)...,(字节)...,(字节)...}; byte []的响应= nfc.transceive(新的byte [] { (字节)0xA2,//写 (字节)(pageAddress&安培; 0x0ff),//网页地址 数据[0],数据[1],数据[2],数据[2] });被equvalent到
nfc.writePage(pageAddress,数据);
I am new to NFC Android and I have been stuck for days trying to get the Page 4 to page 7 of NTAG212 Mifare Ultralight with Authentication, I already have the PWD and PACK to do the PWD_AUTH based on the NTAG212 Docs.
I do this approach...
//assume password as array of bytes
//assume pack as array of bytes
try{
nfc.connect();
byte[] cmd1 = nfc.transceive(new byte[]{ (byte) 0x30, (byte) 0x00 }); //read the page 0 to make the NFC active
nfc.transceive(new byte[]{
(byte) 0x1B, //command for PWD_AUTH
pass[0],
pass[1],
pass[2],
pass[3]
});
byte[] cmd4 = nfc.transceive(new byte[]{ (byte) 0x30, (byte) 0x04 }); //read the page 4
}catch(TagLostException e){
e.printStackTrace();
}catch(IOException e){
e.printStachTrace();
}finally{
try{
nfc.close();
}catch(Exception e){
//display failed to close
}
}
I always receive a android.nfc.TagLostException: Tag was lost. Error after sending the PWD_AUTH command to the NFC. Can someone tell me what I am doing wrong? Is my approach correct? Please help.
NOTE: I have read the docs of NTAG212 many times, searched google, stackoverflow and all possible resources.
TIA,
Kenster
The PWD_AUTH command that you send to the tag does not make much sense.
The idea of the PWD_AUTH command is that you send your password (a 4-byte value) and that the tag responds with its password acknowledge (PACK) value (a 2-byte value) if you authenticated with the correct password. You can then verify the PACK value against the expected password acknowledge to "authenticate" the tag.
So the correct command would be:
byte[] response = nfc.transceive(new byte[] {
(byte) 0x1B, // PWD_AUTH
pass[0], pass[1], pass[2], pass[3]
});
if ((response != null) && (response.length >= 2)) {
byte[] pack = Arrays.copyOf(response, 2);
// TODO: verify PACK to confirm that tag is authentic (not really,
// but that whole PWD_AUTH/PACK authentication mechanism was not
// really meant to bring much security, I hope; same with the
// NTAG signature btw.)
}
What you need in order to enable password protection (on NTAG212):
Set PWD (page 39) to your desired password (default value is
0xFFFFFFFF).byte[] response = nfc.transceive(new byte[] { (byte) 0xA2, // WRITE (byte) 39, // page address pass[0], pass[1], pass[2], pass[3] });Set PACK (page 40, bytes 0-1) to your desired password acknowledge (default value is
0x0000).byte[] response = nfc.transceive(new byte[] { (byte) 0xA2, // WRITE (byte) 40, // page address pack[0], pack[1], // bytes 0-1 are PACK value (byte) 0, (byte) 0 // other bytes are RFU and must be written as 0 });Set AUTHLIM (page 38, byte 0, bits 2-0) to the maximum number of failed password verification attempts (setting this value to 0 will permit an unlimited number of PWD_AUTH attempts).
Set PROT (page 38, byte 0, bit 7) to your desired value (0 = PWD_AUTH in needed only for write access, 1 = PWD_AUTH is necessary for read and write access).
byte[] response = nfc.transceive(new byte[] { (byte) 0x30, // READ (byte) 38 // page address }); if ((response != null) && (response.length >= 16)) { // read always returns 4 pages boolean prot = false; // false = PWD_AUTH for write only, true = PWD_AUTH for read and write int authlim = 0; // value between 0 and 7 response = nfc.transceive(new byte[] { (byte) 0xA2, // WRITE (byte) 38, // page address (byte) ((response[0] & 0x078) | (prot ? 0x080 : 0x000) | (authlim & 0x007)), response[1], response[2], response[3] // keep old value for bytes 1-3, you could also simply set them to 0 as they are currently RFU and must always be written as 0 (response[1], response[2], response[3] will contain 0 too as they contain the read RFU value) }); }Set AUTH0 (page 37, byte 3) to the first page that should require password authentication.
byte[] response = nfc.transceive(new byte[] { (byte) 0x30, // READ (byte) 37 // page address }); if ((response != null) && (response.length >= 16)) { // read always returns 4 pages boolean prot = false; // false = PWD_AUTH for write only, true = PWD_AUTH for read and write int auth0 = 0; // first page to be protected, set to a value between 0 and 37 for NTAG212 response = nfc.transceive(new byte[] { (byte) 0xA2, // WRITE (byte) 37, // page address response[0], // keep old value for byte 0 response[1], // keep old value for byte 1 response[2], // keep old value for byte 2 (byte) (auth0 & 0x0ff) }); }
If you use MifareUltralight tag technology, instead of using the transceive method directly, you could also use the readPages and writePage methods:
The READ command
byte[] response = nfc.transceive(new byte[] { (byte) 0x30, // READ (byte) (pageAddress & 0x0ff) // page address });is equvalent to
byte[] response = nfc.readPages(pageAddress);The WRITE command
byte[] data = { (byte)..., (byte)..., (byte)..., (byte)... }; byte[] response = nfc.transceive(new byte[] { (byte) 0xA2, // WRITE (byte) (pageAddress & 0x0ff), // page address data[0], data[1], data[2], data[3] });is equvalent to
nfc.writePage(pageAddress, data);
这篇关于NTAG212的Mifare超轻与认证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
