Forum / MIFARE SDK / DesFire EV1 reading "Enciphered" data with "readdata"
-
Hi there,
My scenario is a DesFire EV1 card fully AES encrypted.
Also reading the data requires authentication.
I have the AES key, and I do next:
step 1 - I list first the application IDs: desFireEV1.getApplicationIDs(); //and I get here a seven digit number
step 2 - I take the only application ID that is listed with the function above and I use it for selection: desFireEV1.selectApplication(*a seven digit
number here listed in the step 1*);
step 3 - I need to authenticate first otherwise I cannot use readdata. It literally returns me a "Need authentication" message.
So then I replace the default AES key from the "SampleAppKeys" file from the SDK with my AES key and I succesfully authenticate
using my own AES key:
desFireEV1.authenticate(1, IDESFireEV1.AuthType.AES, KeyType.AES128, objKEY_AES128);
step 4 - I now try to read data. I presume I must use "readdata" method like this(this was the only was that I manage to get some data back):
byte [] encrypted_rd = desFireEV1.readData(1, 0, 16, CommunicationType.Enciphered, 128);
So the big problem is next:
Each time when I use readdata just like in my line above, I get different data as response.
Clear example:
// I just call it twice consecutively
byte [] encrypted_rd = desFireEV1.readData(1, 0, 16, CommunicationType.Enciphered, 128); // I an 16bytes result
// now I call it again right after
byte [] encrypted_rd2 = desFireEV1.readData(1, 0, 16, CommunicationType.Enciphered, 128); // I get another 16bytes result(!)
Question1: So I was presuming the data comes encrypted. But if is encrypted, why the results differ each time I read data on the same place ?
Question(s)2: How can I decrypt that data, is there a session key or something that I must use ? and if yes, how do I get it ? Or maybe I must use my original key that was required for the authentication - but if I must do so, why is the readdata result always different ?
Big thanks for your time and patience of reading this.
J.
+ 0 | - 0
One more important thing, I use TapLinx version 1.1.
+ 0 | - 0
Hi John Junior,
There is an error in step 1. The command
int[] IDESFireEV1.getApplicationIDs()
returns an array of ints. An AID can have only six bytes length—not seven! This are the existing AIDs on the card. The AID 000000 is always available and is not return in getApplicatinIDs().
Regards,
The TapLinx Team
+ 0 | - 0
Hi Support,
Thank you so much for your answer. Everything helps me in this moment, as I got completely stuck.
So, it looks like when I list the applications with desFireEV1.getApplicationIDs() I get in return an array [0] => 1234567 -> a seven digit number each time.
And it works further(also to AES authenticate) only IF I select application desFireEV1.selectApplication(1234567).
If I try to desFireEV1.selectApplication(0) the AES authentication doesn't work anymore. So only when I select that 7 digit number.
OK. Let's say I get back and I select a SIX digit application id. Still there is the big question:
How should one be able to decrypt the AES data that comes from:
byte [] encrypted_rd2 = desFireEV1.readData(1, 0, 16, CommunicationType.Enciphered, 128);
Is there a session key available ?
Thank you in advance.
+ 0 | - 0
Hi John Junior,
Yesterday I analyzed an issue to read data from a file in encrypted mode. It is exact the same as in your issue! Several read commands return different data!
A bug report is created.
Thank you,
The TapLinx Team
+ 0 | - 0
Thank you,
I realized is related with https://www.mifare.net/support/forum/topic/authentication-problem-desfire-ev1-with-aes/
I am checking the forum often and I am following this issue and the other related threads close and with great interest!
Hope your dev will find a solution soon, as I must say I am completely stuck.
Big thanks to your dev team support for taking care of this.
J.
+ 0 | - 0
Hi John Junior,
I got a feedback from the development team. They fixed the bug “reading data in encrypted mode”.
Please update to TapLinx version 1.2.
Regards,
The TapLinx team.
+ 0 | - 0
-
AuthorPosts
Viewing 7 posts - 1 through 7 (of 7 total)
You must be logged in to reply to this topic.