堆栈内存溢出
  繁体   English   中英

带有ISO 7816-4 APDU的DESFire卡中的外部身份验证

[英]External authentication in DESFire card with ISO 7816-4 APDUs

 原文  2015-12-22 22:27:30       android/ authentication/ nfc/ mifare/ apdu

问题描述

我尝试使用ISO 7816-4 APDU在DESFire卡(居民卡)上进行身份验证过程。 但是它总是失败。 我想念什么吗?

>>> 00 84 00 00 00 (挑战请求-5个字节)

<<< 15 29 84 E3 6A AA A6 B7 90 00 (挑战10字节的响应-确定)

>>> 00 82 00 00 10 B5 02 0B 80 4F 95 CB E7 8C A6 4D E9 C1 B1 23 A7 00 (外部身份验证请求-22字节)

<<< 67 00 (外部身份验证的响应-检查错误:长度错误)

码: 

// STEP Authentication
// send initial authentication request
byte[] reqRnbEnc = new byte[]{
        (byte) 0x00,
        (byte) 0x84,
        (byte) 0x00, (byte) 0x00,
        (byte) 0x00};

// get encrypted RndB
byte[] resRnbEnc = _isoDep.transceive(reqRnbEnc);
_responseTextView.append(String.format("reqRnbEnc: %s length:%d\n", BytesToHexStr(reqRnbEnc), reqRnbEnc.length));
_responseTextView.append(String.format("resRnbEnc: %s length:%d\n", BytesToHexStr(resRnbEnc), resRnbEnc.length));

// remove 2 last characters
byte[] resRnbEncT = new byte[8];
System.arraycopy(resRnbEnc, 0, resRnbEncT, 0, 8);
_responseTextView.append(String.format("-resRnbEncT: %s length:%d\n", BytesToHexStr(resRnbEncT), resRnbEncT.length));

// decrypt RndB
byte[] resRnbDec = MyDES.decrypt(resRnbEncT);
_responseTextView.append(String.format("-resRnbDec: %s length:%d\n", BytesToHexStr(resRnbDec), resRnbDec.length));

// generate RndA
byte[] Rna = new byte[8];
new SecureRandom().nextBytes(Rna);
_responseTextView.append(String.format("-Rna: %s length:%d\n", BytesToHexStr(Rna), Rna.length));

// plain = concate RndA with resRnbDec
byte[] plain = new byte[16];
System.arraycopy(Rna, 0, plain, 0, 8);
System.arraycopy(resRnbDec, 0, plain, 8, 8);
_responseTextView.append(String.format("-plain: %s length:%d\n", BytesToHexStr(plain), plain.length));

//  cipher = encrypt plain
byte[] cipher = MyDES.encrypt(plain);
_responseTextView.append(String.format("-cipher: %s length:%d\n", BytesToHexStr(cipher), cipher.length));

// send cipher request
byte[] reqCipher = new byte[22];
reqCipher[0] = (byte) 0x00;
reqCipher[1] = (byte) 0x82;
reqCipher[2] = (byte) 0x00;
reqCipher[3] = (byte) 0x00;
reqCipher[4] = (byte) cipher.length;
System.arraycopy(cipher, 0, reqCipher, 5, cipher.length);
reqCipher[21] = (byte) 0x00;

// get response
byte[] resCipher = _isoDep.transceive(reqCipher);
_responseTextView.append(String.format("reqCipher: %s length:%d\n", BytesToHexStr(reqCipher), reqCipher.length));
_responseTextView.append(String.format("resCipher: %s length:%d\n", BytesToHexStr(resCipher), resCipher.length));

加密货币: 

public class MyDES {
private static String ENCRYPTION_KEY_TYPE = "DESede";
private static String ENCRYPTION_ALGORITHM = "DESede/CBC/NoPadding";

private static byte[] key = new byte[]{
        (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00,
        (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00};

private static byte[] iv = new byte[]{
        (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00};

public static byte[] encrypt(byte[] plainText) {
    try {
        IvParameterSpec ivSpec = new IvParameterSpec(iv);
        SecretKey secretKey = new SecretKeySpec(key, ENCRYPTION_KEY_TYPE);
        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
        cipher.init(Cipher.ENCRYPT_MODE, secretKey, ivSpec);
        byte[] encrypted = cipher.doFinal(plainText);
        return encrypted;
    } catch (InvalidKeyException e) {
        e.printStackTrace();
    } catch (InvalidAlgorithmParameterException e) {
        e.printStackTrace();
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    } catch (NoSuchPaddingException e) {
        e.printStackTrace();
    } catch (BadPaddingException e) {
        e.printStackTrace();
    } catch (IllegalBlockSizeException e) {
        e.printStackTrace();
    }
    return null;
}

public static byte[] decrypt(byte[] cipherText) {
    try {
        IvParameterSpec ivSpec = new IvParameterSpec(iv);
        SecretKey secretKey = new SecretKeySpec(key, ENCRYPTION_KEY_TYPE);
        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
        cipher.init(Cipher.DECRYPT_MODE, secretKey, ivSpec);
        byte[] decrypted = cipher.doFinal(cipherText);
        return decrypted;
    } catch (InvalidKeyException e) {
        e.printStackTrace();
    } catch (InvalidAlgorithmParameterException e) {
        e.printStackTrace();
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    } catch (NoSuchPaddingException e) {
        e.printStackTrace();
    } catch (BadPaddingException e) {
        e.printStackTrace();
    } catch (IllegalBlockSizeException e) {
        e.printStackTrace();
    }
    return null;
}

1 个解决方案

解决方案1
 0 已采纳  2015-12-23 10:22:35

外部身份验证命令不得包含Le字段。 当您包含Le字段(最后一个字节编码为0x00 )时,您收到错误的长度错误。 因此,您的命令应如下所示: 

00 82 00 00 10 B5 02 0B 80 4F 95 CB E7 8C A6 4D E9 C1 B1 23 A7

并在代码中: 

byte[] reqCipher = new byte[5 + cipher.length];
reqCipher[0] = (byte) 0x00;
reqCipher[1] = (byte) 0x82;
reqCipher[2] = (byte) 0x00;
reqCipher[3] = (byte) 0x00;
reqCipher[4] = (byte) (cipher.length & 0x0ff);
System.arraycopy(cipher, 0, reqCipher, 5, cipher.length);

Aslo在开始使用PICC主密钥(P2 = 0)进行身份验证之前,请确保已选择主文件(主应用程序)。 特别是因为Android可能已预先选择了另一个应用程序。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 与NFC设备通信 - 安卓设备 - ISO 7816-4 ISO 7816-4 APDU命令选择文件和写入记录 通过 APDU 命令获取 Visa 卡的卡号和过期数据(ISO 7816) 存取MIFARE DESFire卡 了解主机卡仿真和APDU背后的代码 DESFire EV1卡仿真 是否可以捕获 Android 手机 SIM 卡 APDU? 锁定desfire卡和ndef消息的Android 在Mifare DESFire卡上格式化PICC会使它失效吗? 使用NXP SDK的Desfire EV1卡
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM