使用 ACR1252 和 pyscard 更改尾随块中的密钥的 Mifare 4K 返回错误“99”
[英]Mifare 4K change of keys in trailing block returns error "99" using ACR1252 and pyscard
问题描述
We receive Mifare 4k cards from a supplier who pre-encodes each sector trailer as follows:
我们从供应商处收到 Mifare 4k 卡,该供应商按如下方式对每个扇区尾部进行预编码:
FFFFFFFFFFFFFF078069FFFFFFFFFFFF
In doing so, the supplier sets the access bit to FF0780 and the read key (Key A) and write key (Key B) remain the factory default FFFFFFFFFFFF这样做时,供应商将访问位设置为FF0780 ,读取密钥(密钥 A)和写入密钥(密钥 B)保持出厂默认值FFFFFFFFFFFF
When attempting to write a new read key(Key A) and write key (Key B) and access bit using pyscard and encoder ACR1252, I'm getting response code "99" which is an undocumented error code.当尝试使用 pyscard 和编码器 ACR1252 写入新的读取密钥(密钥 A)和写入密钥(密钥 B)和访问位时,我收到响应代码“99”,这是一个未记录的错误代码。 I assume this is happening because the access bit has been changed as blank cards directly from the factory do not generate this error.我假设发生这种情况是因为访问位已更改,因为直接从工厂购买的空白卡不会产生此错误。
In this example we update the trailer block such that Key A and Key B are FFFFFFFFFFFF and the access bit is 787788 :在此示例中,我们更新尾部块,使密钥 A 和密钥 B 为FFFFFFFFFFFF并且访问位为787788 :
write_data = [0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x78, 0x77, 0x88, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF]
write_key = [0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF]
# load write key
_, response_code, _ = cardservice.connection.transmit([0xFF, 0x82, 0x00, 0x01, 0x06, *write_key])
# authenticate write key
_, response_code, _ = cardservice.connection.transmit([0xFF, 0x86, 0x00, 0x00, 0x05, 0x01, 0x00, block, 0x61, 0x01])
# write data
_, response_code, _ = cardservice.connection.transmit([0xFF, 0xD6, 0x00, block, 0x10, *write_data])
Any idea why response code 99 is returned for card where the supplier has set the access bit?知道为什么供应商设置了访问位的卡会返回响应代码 99 吗?
Note: the authentication works ok, it's just the write step that fails.注意:身份验证工作正常,只是失败的写入步骤。
1 个解决方案
解决方案1
1 已采纳 2021-10-07 18:31:35
Turns out the access bit subsequently set by the supplier ff0780 means you need to authenticate the read_key (Key A) in order to write to the trailer block.事实证明,供应商ff0780随后设置的访问位意味着您需要验证 read_key(密钥 A)才能写入尾部块。 Very counterintuitive, but works for Mifare 4K card where the access bit was previously set to ff0780 :非常违反直觉,但适用于访问位先前设置为ff0780的 Mifare 4K 卡:
write_data = [0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x78, 0x77, 0x88, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF]
read_key = [0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF]
# load read key
_, response_code, _ = cardservice.connection.transmit([0xFF, 0x82, 0x00, 0x00, 0x06, *read_key])
# authenticate read key
_, response_code, _ = cardservice.connection.transmit([0xFF, 0x86, 0x00, 0x00, 0x05, 0x01, 0x00, block, 0x60, 0x00])
# write data
_, response_code, _ = cardservice.connection.transmit([0xFF, 0xD6, 0x00, block, 0x10, *write_data])
I also found you need to authenticate the key immediately prior to writing.我还发现您需要在写入之前立即验证密钥。 Authenticating both keys, reading then writing returned the same 99 response code.验证两个密钥,读取然后写入返回相同的99响应代码。 Also, it appears the error code 99 is being cascaded up from the Mifare IC, as opposed to the card reader, which is why error code 99 does not appear in the ACR1252 documentation.此外,错误代码99似乎是从 Mifare IC 级联而来的,而不是读卡器,这就是错误代码99没有出现在 ACR1252 文档中的原因。
I found the following documents helpful:我发现以下文档很有帮助:
- ACR1252 application programming interface https://www.acs.com.hk/en/products/342/acr1252u-usb-nfc-reader-iii-nfc-forum-certified-reader/ ACR1252应用程序编程接口https://www.acs.com.hk/en/products/342/acr1252u-usb-nfc-reader-iii-nfc-forum-certified-reader/
- Mifare 4K Application Notes https://www.nxp.com/products/rfid-nfc/mifare-hf/mifare-classic/mifare-classic-ev1-1k-4k:MF1S50YYX_V1?tab=Documentation_Tab Mifare 4K 应用说明https://www.nxp.com/products/rfid-nfc/mifare-hf/mifare-classic/mifare-classic-ev1-1k-4k:MF1S50YYX_V1?tab=Documentation_Tab
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.