NTAG212 Mifare Ultralight 带身份验证 [英] NTAG212 Mifare Ultralight with Authentication
问题描述
我是 NFC Android 的新手,我已经被困了好几天试图让 NTAG212 Mifare Ultralight with Authentication 的第 4 页到第 7 页,我已经有了 PWD 和 PACK 来执行 strong>PWD_AUTH 基于 NTAG212 文档.
I am new to NFC Android and I have been stuck for days trying to get the Page 4 to page 7 of NTAG212 Mifare Ultralight with Authentication, I already have the PWD and PACK to do the PWD_AUTH based on the NTAG212 Docs.
我采用这种方法...
//assume password as array of bytes
//assume pack as array of bytes
try{
nfc.connect();
byte[] cmd1 = nfc.transceive(new byte[]{ (byte) 0x30, (byte) 0x00 }); //read the page 0 to make the NFC active
nfc.transceive(new byte[]{
(byte) 0x1B, //command for PWD_AUTH
pass[0],
pass[1],
pass[2],
pass[3]
});
byte[] cmd4 = nfc.transceive(new byte[]{ (byte) 0x30, (byte) 0x04 }); //read the page 4
}catch(TagLostException e){
e.printStackTrace();
}catch(IOException e){
e.printStachTrace();
}finally{
try{
nfc.close();
}catch(Exception e){
//display failed to close
}
}
我总是收到 android.nfc.TagLostException: Tag was lost. 向 NFC 发送 PWD_AUTH 命令后出错.有人可以告诉我我做错了什么吗?我的方法正确吗?请帮忙.
I always receive a android.nfc.TagLostException: Tag was lost. Error after sending the PWD_AUTH command to the NFC. Can someone tell me what I am doing wrong? Is my approach correct? Please help.
注意:我已多次阅读 NTAG212 的文档,搜索了 google、stackoverflow 和所有可能的资源.
TIA,
肯斯特
NOTE: I have read the docs of NTAG212 many times, searched google, stackoverflow and all possible resources.
TIA,
Kenster
推荐答案
您发送到标签的 PWD_AUTH 命令没有多大意义.
The PWD_AUTH command that you send to the tag does not make much sense.
PWD_AUTH 命令的想法是您发送密码(一个 4 字节值),如果您使用正确的密码进行身份验证,则标签会以其密码确认 (PACK) 值(一个 2 字节值)进行响应.然后,您可以根据预期的密码确认 PACK 值,确认验证"标签.
The idea of the PWD_AUTH command is that you send your password (a 4-byte value) and that the tag responds with its password acknowledge (PACK) value (a 2-byte value) if you authenticated with the correct password. You can then verify the PACK value against the expected password acknowledge to "authenticate" the tag.
所以正确的命令是:
byte[] response = nfc.transceive(new byte[] {
(byte) 0x1B, // PWD_AUTH
pass[0], pass[1], pass[2], pass[3]
});
if ((response != null) && (response.length >= 2)) {
byte[] pack = Arrays.copyOf(response, 2);
// TODO: verify PACK to confirm that tag is authentic (not really,
// but that whole PWD_AUTH/PACK authentication mechanism was not
// really meant to bring much security, I hope; same with the
// NTAG signature btw.)
}
启用密码保护所需的条件(在 NTAG212 上):
What you need in order to enable password protection (on NTAG212):
将 PWD(第 39 页)设置为您想要的密码(默认值为
0xFFFFFFFF).
byte[] response = nfc.transceive(new byte[] {
(byte) 0xA2, // WRITE
(byte) 39, // page address
pass[0], pass[1], pass[2], pass[3]
});
将 PACK(第 40 页,字节 0-1)设置为您想要的密码确认(默认值为 0x0000).
byte[] response = nfc.transceive(new byte[] {
(byte) 0xA2, // WRITE
(byte) 40, // page address
pack[0], pack[1], // bytes 0-1 are PACK value
(byte) 0, (byte) 0 // other bytes are RFU and must be written as 0
});
将 AUTHLIM(第 38 页,字节 0,位 2-0)设置为密码验证尝试失败的最大次数(将此值设置为 0 将允许无限次数的 PWD_AUTH 尝试).
Set AUTHLIM (page 38, byte 0, bits 2-0) to the maximum number of failed password verification attempts (setting this value to 0 will permit an unlimited number of PWD_AUTH attempts).
将 PROT(第 38 页,字节 0,位 7)设置为您想要的值(0 = PWD_AUTH 仅用于写访问,1 = PWD_AUTH 用于读写访问).
Set PROT (page 38, byte 0, bit 7) to your desired value (0 = PWD_AUTH in needed only for write access, 1 = PWD_AUTH is necessary for read and write access).
byte[] response = nfc.transceive(new byte[] {
(byte) 0x30, // READ
(byte) 38 // page address
});
if ((response != null) && (response.length >= 16)) { // read always returns 4 pages
boolean prot = false; // false = PWD_AUTH for write only, true = PWD_AUTH for read and write
int authlim = 0; // value between 0 and 7
response = nfc.transceive(new byte[] {
(byte) 0xA2, // WRITE
(byte) 38, // page address
(byte) ((response[0] & 0x078) | (prot ? 0x080 : 0x000) | (authlim & 0x007)),
response[1], response[2], response[3] // keep old value for bytes 1-3, you could also simply set them to 0 as they are currently RFU and must always be written as 0 (response[1], response[2], response[3] will contain 0 too as they contain the read RFU value)
});
}
将 AUTH0(第 37 页,字节 3)设置为需要密码验证的第一页.
Set AUTH0 (page 37, byte 3) to the first page that should require password authentication.
byte[] response = nfc.transceive(new byte[] {
(byte) 0x30, // READ
(byte) 37 // page address
});
if ((response != null) && (response.length >= 16)) { // read always returns 4 pages
boolean prot = false; // false = PWD_AUTH for write only, true = PWD_AUTH for read and write
int auth0 = 0; // first page to be protected, set to a value between 0 and 37 for NTAG212
response = nfc.transceive(new byte[] {
(byte) 0xA2, // WRITE
(byte) 37, // page address
response[0], // keep old value for byte 0
response[1], // keep old value for byte 1
response[2], // keep old value for byte 2
(byte) (auth0 & 0x0ff)
});
}
如果使用MifareUltralight标签技术,不直接使用transceive方法,也可以使用readPages和writePage 方法:
If you use MifareUltralight tag technology, instead of using the transceive method directly, you could also use the readPages and writePage methods:
读取命令
The READ command
byte[] response = nfc.transceive(new byte[] {
(byte) 0x30, // READ
(byte) (pageAddress & 0x0ff) // page address
});
相当于
byte[] response = nfc.readPages(pageAddress);
WRITE 命令
The WRITE command
byte[] data = { (byte)..., (byte)..., (byte)..., (byte)... };
byte[] response = nfc.transceive(new byte[] {
(byte) 0xA2, // WRITE
(byte) (pageAddress & 0x0ff), // page address
data[0], data[1], data[2], data[3]
});
相当于
nfc.writePage(pageAddress, data);
这篇关于NTAG212 Mifare Ultralight 带身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
