Abnormal behavior with 2K3DES Taplinx Desktop

Tagged: 3DES, DESFireEV1

18. March 2021 at 15:03
Jean-Pierre Clair
I use the TapLinx version 1.7 (Java Desktop version and Android Version) for read and write on DESFire EV1 cards for an Android App and from a Kotlin Desktop Application (tested with several PCSC readers: Springcard Prox'n'roll, Springcard Puck, ACR122)

For the AES part, everything works fine (read and write are ok), but I still have a DesFire EV1 application which needs to be 2K3DES (the readers needing to read data are not compatible with AES)

I have the exact same Kotlin code for Desktop and Android
- A method “Write”:
- Authenticate to PICC Master
- Format card if needed
- Create application
- Create file
- Write file
- Change key 0 of App
A method “Read”:
- Authenticate to app
- Read file
And the result is:

Android App
Write method: OK
Read "Android created App": OK
Read "Java Desktop created App": OK

Java App
Write method: OK
Read "Android created App": KO com.nxp.nfclib.exceptions.SecurityException : Wrong key size
Read "Java Desktop created App": KO com.nxp.nfclib.exceptions.SecurityException : Wrong key size

From my Android App, I can read a card written with the Desktop Taplinx SDK and with the Android Taplinx SDK
From my Desktop App, I can’t read a card at all but the write part is working well

Can you explain me why it’s impossible for me to read 2K3DES file with the Desktop SDK but I can read it without problem with the Android SDK?
Sample code:

`
fun readDes(): String {

this.initDesfire()
this.desfireEV1 ?: throw Exception("Library init problem")

this.desfireEV1?.let { desFire ->
val KEY_TEST = byteArrayOf(
0x00.toByte(), 0x69.toByte(), 0x38.toByte(), 0xF5.toByte(),
0x34.toByte(), 0x95.toByte(), 0x80.toByte(), 0x8F.toByte(),
0x48.toByte(), 0x56.toByte(), 0x8E.toByte(), 0x29.toByte(),
0x77.toByte(), 0xbc.toByte(), 0xAD.toByte(), 0xF0.toByte()
)

val APP_TEST_ID = byteArrayOf(0x12.toByte(), 0x34.toByte(), 0x56.toByte())

try {

desFire.selectApplication(APP_TEST_ID)
val keyData = KeyData()
val key = SecretKeySpec(KEY_TEST, "DESede")
keyData.key = key
desFire.authenticate(0, IDESFireEV1.AuthType.Native, KeyType.TWO_KEY_THREEDES, keyData)

val datas = byteArrayToHexString(desFire.readData(0, 0, 16, IDESFireEV1.CommunicationType.Plain, 16))

println(datas)

// clé booking : YYbbbbbbb
} catch (se: SecurityException) {
se.printStackTrace()
this.transceive(colorInactive)
throw se
} catch (se: Exception) {
this.transceive(colorInactive)
se.printStackTrace()
throw se
}
}

return ""
}

fun testDes() {

this.initDesfire()
this.desfireEV1 ?: throw Exception("Library init problem")

this.desfireEV1?.let { desFire ->

val KEY_2KTDES_DEFAULT = byteArrayOf(
0x00.toByte(), 0x00.toByte(), 0x00.toByte(), 0x00.toByte(),
0x00.toByte(), 0x00.toByte(), 0x00.toByte(), 0x00.toByte(),
0x00.toByte(), 0x00.toByte(), 0x00.toByte(), 0x00.toByte(),
0x00.toByte(), 0x00.toByte(), 0x00.toByte(), 0x00.toByte(),
0x00.toByte(), 0x00.toByte(), 0x00.toByte(), 0x00.toByte(),
0x00.toByte(), 0x00.toByte(), 0x00.toByte(), 0x00.toByte()
)

val KEY_TEST = byteArrayOf(
0x00.toByte(), 0x69.toByte(), 0x38.toByte(), 0xF5.toByte(),
0x34.toByte(), 0x95.toByte(), 0x80.toByte(), 0x8F.toByte(),
0x48.toByte(), 0x56.toByte(), 0x8E.toByte(), 0x29.toByte(),
0x77.toByte(), 0xbc.toByte(), 0xAD.toByte(), 0xF0.toByte()
)

val APP_MASTER_ID = byteArrayOf(0x00.toByte(), 0x00.toByte(), 0x00.toByte())
val APP_TEST_ID = byteArrayOf(0x12.toByte(), 0x34.toByte(), 0x56.toByte())

try {
val keyDefault = SecretKeySpec(KEY_2KTDES_DEFAULT, "DESede")
val keyDataDefault = KeyData()
keyDataDefault.key = keyDefault

desFire.selectApplication(APP_MASTER_ID)
desFire.authenticate(0, IDESFireEV1.AuthType.Native, KeyType.THREEDES, keyDataDefault)
if (desFire.applicationIDs.isNotEmpty()) {
desFire.format() // DELETE ALL
}

// 0) création configuration PVCP
val appBuilder = EV1ApplicationKeySettings.Builder()
val app = appBuilder
.setAppKeySettingsChangeable(true)
.setAppMasterKeyChangeable(true)
.setAuthenticationRequiredForFileManagement(false)
.setAuthenticationRequiredForDirectoryConfigurationData(false)
.setMaxNumberOfApplicationKeys(1)
.setKeyTypeOfApplicationKeys(KeyType.TWO_KEY_THREEDES)
.build()

desFire.selectApplication(APP_MASTER_ID)
desFire.createApplication(APP_TEST_ID, app)
desFire.selectApplication(APP_TEST_ID)
desFire.authenticate(0, IDESFireEV1.AuthType.Native, KeyType.THREEDES, keyDataDefault)

desFire.createFile(
0, DESFireFile.StdDataFileSettings(
IDESFireEV1.CommunicationType.Plain,
0x0f.toByte(),
0x0f.toByte(),
0x00.toByte(),
0xf.toByte(),
16
)
)

val uuid = "12345678901234567890123456789012"
desFire.writeData(0, 0, hexStringToByteArray(uuid))
desFire.changeKey(
0,
KeyType.TWO_KEY_THREEDES,
KEY_2KTDES_DEFAULT,
KEY_TEST,
1
)
} catch (se: SecurityException) {
se.printStackTrace()
throw se
} catch (se: Exception) {
this.transceive(colorInactive)
throw se
}
}
}`

+ 0 | - 0
Author

Posts

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

Explore the latest MIFARE news

Discover our brand

Contact us

MIFARE 2GO is our new cloud service that manages digitized MIFARE product-based credentials

TapLinx SDK: Your way to cool apps

Become a MIFARE Partner

Our MIFARE Premium Partners

Learn more about our MIFARE Advanced Partners

More than 40 applications rely on our MIFARE product technologies

Submit your MIstory and share it with the community

Find out why MIFARE is a natural fit for Smart Cities

Register now and become part of our MIcommunity

Find answers and interesting topics in our Forum

Watch MIFARE webinars on demand or register for live sessions

Abnormal behavior with 2K3DES Taplinx Desktop