Switching MiFare Plus to S3

Forum / MIFARE SDK / Switching MiFare Plus to S3

  • 11. October 2016 at 1:03
    Hello, I am having an issue when trying to upgrade a MiFare Plus S 2K from S1 to S3, everytime I call switchToSL3 I get the error:

    com.nxp.nfclib.exceptions.SecurityException: error:1e00006a:Cipher functions:OPENSSL_internal:DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH

    As per the documentation my understanding is that the Plus uses an 128 Bit Key using AES Encryption, since this a demo application I am storing the key as binary directly on a public folder in Android and then reading it back.


    This is the code that generates the key:
    // Generate AES 128-Bit Key and save to File on first run
    /*
    final int keyLength = 128;
    SecureRandom secureRandom = new SecureRandom();
    KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
    keyGenerator.init(keyLength, secureRandom);
    SecretKey aesKey = keyGenerator.generateKey();*/

    File keyFileBin = new File(Environment.getExternalStoragePublicDirectory(Environment.DIRECTORY_DOWNLOADS), "key.bin");
    // Save Key to Disk
    BufferedOutputStream bos = new BufferedOutputStream(new FileOutputStream(keyFileBin));
    bos.write(aesKey.getEncoded());
    bos.flush();*/

    I am using part of the code you had on the application notes.

    And this is the code that reads it back


    else if (CardType.PlusSL1 == m_cardType)
    {
    Log.d( TAG, "Plus SL1 found" );
    m_objPlusSL1 = PlusSL1Factory.getInstance()
    .getPlusSL1(m_libInstance.getCustomModules());

    try
    {
    m_objPlusSL1.getReader().connect();
    // Timeout to prevent exceptions in authenticate
    m_objPlusSL1.getReader().setTimeout( 2000 );

    File keyFile = new File(Environment.getExternalStoragePublicDirectory(Environment.DIRECTORY_DOWNLOADS), "key,bin");

    BufferedInputStream bis = new BufferedInputStream(new FileInputStream(keyFile));

    // Read Key
    byte[] keyMaterial = new byte[(int)keyFile.length()];

    bis.read(keyMaterial);
    bis.close();

    // Build Key form ByteArray
    SecretKey aesKey = new SecretKeySpec(keyMaterial,0, 16, "AES");
    KeyData keyData = new KeyData();

    keyData.setKey(aesKey);
    String size = String.valueOf(keyMaterial.length);

    m_objPlusSL1.switchToSL3(keyData);
    m_objPlusSL0.commitPerso();
    }
    catch( Throwable t )
    {
    t.printStackTrace();
    }
    }

    Thanks for any help.
    + 1  |  - 0

    Re: Switching MiFare Plus to S3

    11. October 2016 at 16:39
    Hi Rafael,

    The error message says that the data block used is not a multiple of the block length. For AES128 this is 16 bytes. If your data block is less than 16 bytes you have to fill it up. You can do it automatically if you use “padding”.

    Regards,
    The TapLinx Team

    + 0  |  - 0

    Re: Switching MiFare Plus to S3

    11. October 2016 at 17:21
    Hi and thanks for the reply.

    I realize that but my key is 16 Bytes in length if you take a look at my code which I posted before. I am not encrypting anything, I don't know exactly what happens when I use the command m_objPlusSL1.switchToSL3(keyData) from your library but I suspect it is doing something else since the only thing that I pass to it is my key (128 Bit AES) inside the KeyData instance that comes from your library.

    This is the code that generates the key:

    // Generate AES 128-Bit Key and save to File on first run
    /*
    final int keyLength = 128;
    SecureRandom secureRandom = new SecureRandom();
    KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
    keyGenerator.init(keyLength, secureRandom);
    SecretKey aesKey = keyGenerator.generateKey();*/

    File keyFileBin = new File(Environment.getExternalStoragePublicDirectory(Environment.DIRECTORY_DOWNLOADS), "key.bin");
    // Save Key to Disk
    BufferedOutputStream bos = new BufferedOutputStream(new FileOutputStream(keyFileBin));
    bos.write(aesKey.getEncoded());
    bos.flush();*/


    + 1  |  - 0

    Re: Switching MiFare Plus to S3

    11. October 2016 at 23:22
    Hello,

    I have the same exact problem reported here.


    byte[] key = new byte[16]{0x4b, 0x2c, 0xf0, 0xbb, 0x69, 0x5e, 0xb4, 0xdd, 0x80, 0x42, 0xd4, 0x24, 0x64, 0x71, 0x5e, 0x5c};
    KeyData keyData = new KeyData();
    keyData.setKey(new SecretKeySpec(key, "AES"));

    // later on, when a card detection intent is received:
    IPlusEV1SL1 card = PlusSL1Factory.getInstance().getPlusEV1SL1(mifare.getCustomModules());
    card.switchToSL3(keyData);


    This fails with
    com.nxp.nfclib.exceptions.SecurityException: error:1e06b06a:Cipher functions:EVP_DecryptFinal_ex:DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH


    But my key clearly has exactly 16 bytes. I'm using TapLinx 1.0. What is wrong here?
    + 0  |  - 0

    Re: Switching MiFare Plus to S3

    13. October 2016 at 9:18
    Hi all,

    This is an open topic and addressed to the development team. I will come back when they have a fix.

    Regards,
    The TapLinx Team
    + 0  |  - 0

    Re: Switching MiFare Plus to S3

    14. November 2016 at 15:06
    Any news on this? This is critical to our setup.
    + 0  |  - 0

    Re: Switching MiFare Plus to S3

    15. November 2016 at 15:38
    Hi Guilherme,

    no, I am also waiting for the update.

    Sorry,
    The TapLinx Team
    + 0  |  - 0

    Re: Switching MiFare Plus to S3

    7. January 2017 at 12:07
    Any news here? I'm still waiting for this...
    + 0  |  - 0

    Re: Switching MiFare Plus to S3

    10. January 2017 at 17:46
    Hi Guilherme,

    Did you update to TapLinx version 1.1?
    In this version many bugs are fixed.

    Regards,
    The TapLinx Team

    + 0  |  - 0

    Re: Switching MiFare Plus to S3

    10. January 2017 at 17:54
    How to update?
    + 0  |  - 0

    Re: Switching MiFare Plus to S3

    11. January 2017 at 9:30
    Hi Guilherme,

    Please have a look in the startup guide. You will find this snippet from the Gradle file:



    Change the library reference from
    compile('taplinx-android:nxpnfcandroidlib:1.0@aar') { transitive = true }

    to
    compile('taplinx-android:nxpnfcandroidlib:1.1@aar') { transitive = true }


    Regards,
    The TapLinx Team
    Attachments:
    You must be logged in to view attached files.

    + 0  |  - 0

    Re: Switching MiFare Plus to S3

    13. October 2017 at 14:15
    Hi there,

    Is this issue "EVP_DecryptFinal_ex:data not multiple of block length" resolved ? If yes, what was the resolution? Any pointers to check / resolution ?

    I am facing this issue on some devices, so need a resolution if available as early.

    Thanks and Regards
    Santosh
    + 0  |  - 0

    Re: Switching MiFare Plus to S3

    14. October 2020 at 3:10
    I'm using the latest lib (1.7) and the problem still occurs on Samsung Galaxy S10+ and Honor 10 (both Android 10, if that matters). Any solutions?
    + 0  |  - 0

    Re: Switching MiFare Plus to S3

    14. October 2020 at 11:29
    Hi there. This topic is pretty old, but I encountered the same issue. I am using latest Android TapLinx 1.7. Calling IPlusSL1.switchToSL3(keyData) causes this output (I also enabled TapLinx debug output to get extra info if it is useful):


    D/TapLinxDebug: KeyFactory DIV KEY : 0xA50D36A70FF24D190C810CD50E05B6D7
    D/TapLinxDebug: AbstractPlus send to card : 70039000
    D/TapLinxDebug: AbstractPlusSL1 0x0270039000
    D/TapLinxDebug: AbstractPlusSL1 0x029077B875E8078F6DDD8C77B8422E0A
    D/TapLinxDebug: AbstractPlus Recv from Card : 9077B875E8078F6DDD8C77B8422E0A
    D/TapLinxDebug: AbstractPlus Recv from card without response code: 77B875E8078F6DDD8C77B8422E0A
    D/TapLinxDebug: AbstractPlus IV : 00000000000000000000000000000000
    D/TapLinxDebug: AbstractPlus PICC-to->PCD E(Kx, RNDB) : 77B875E8078F6DDD8C77B8422E0A
    E/NxpNfcLibException: Error processing card
    com.nxp.nfclib.exceptions.SecurityException: error:1e00006a:Cipher functions:OPENSSL_internal:DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH
    at com.nxp.nfclib.defaultimpl.if.decrypt(:186)
    at com.nxp.nfclib.plus.ˊ.ॱ(:1584)
    at com.nxp.nfclib.plus.ˊ.ˋ(:1415)
    at com.nxp.nfclib.plus.if.switchToSL3(:109)


    As you may see, the latest message "PICC-to->PCD E" contains some value with 28 hex symbols, so it is 14 bytes long instead of probably expected 16 bytes long, which may be the source of this issue. According to the code above that, this value is received from the card as 15 bytes, then first byte is removed because it probably contains some 'response code'.
    This value comes somewhere from the depths of 'trancieve' functions, but everything there is pretty much obfuscated and hard to understand. Maybe some wrong truncation happens there.

    Any clues about how to workaround this issue?
    + 0  |  - 0

    Re: Switching MiFare Plus to S3

    14. October 2020 at 11:45
    Hi all,

    This post is quite old, but the switch from SL1 to SL3 with an Android phone is still a current topic. It needs a little bit of an explanation, because a side effect needs to consider.

    First, if you tap a card on a NFC reader in Android devices, the firmware starts and tries to detect which kind of card is present. This dispatch mechanism can be controlled with ACTION_NDEF_DISCOVERED, ACTION_TECH_DISCOVERED and ACTION_TAG_DISCOVERED. However, this action tags does not help in this case of selecting SL1 or SL3 cards. Check the link below for a detailed explanation of Android dispatch mechanism. But if an ISO 14443-3 or an ISO 14443-4 card is detected it cannot be controlled by user. A MIFARE Classic or a MIFARE Plus SL1 is an ISO 14443-3 and a MIFARE Plus SL3 is an ISO 14443-4 card.

    A switch of a MIFARE Plus from SL1 to SL3 is also always a change of protocol type of the card (this is what the “-3” and “-4” describes). This might succeed by writing the perso data, commit and remove the card from reader and tap it again. But the dispatch mechanism in Android firmware is always in between and cannot be overruled from user software. The NFC firmware is not part of the Android package, but part of the software implementation of the device manufacturer.

    The MIFARE Plus EV1 can be used in a so called “mixed mode” where some blocks using SL1 mode and other blocks SL3 mode. There is no way to force Android to start SL1 communication mode or SL3 communication mode for such cards. This depends always from the firmware and which card type and protocol was detected. It is even worse, this cards shows that they are an ISO 14443-3 AND an ISO 14443-4 an card!

    Sorry for this elaborated explanation. But it is required to understand why the switch might fail on Android devices. My recommendation is to do the switch with a stationary USB reader on a desktop system where the card type can be defined always by software.  

    Now some words to the listings above. The MIFARE Plus S has some limitations. The Plus S allows communication mode “data in plain” and “MAC on command” and “MAC on response” only! Communication modes “data encrypted” and “no MAC” is possible only with MIFARE Plus X! Therefore, in the post from Rafael Kemish where a MIFARE Plus S is used in encrypted mode will not work. I recommend to go to MIFARE Plus EV1 to skip this limitations.

    For any user who want to report an issue, please let us know which card type is used and what operation failed. This more helpful instead of dozen lines of log output.

    The TapLinx team

    Android Developer pages of NFC:

    https://developer.android.com/guide/topics/connectivity/nfc/nfc
    + 0  |  - 0
Viewing 15 posts - 1 through 15 (of 20 total)

You must be logged in to reply to this topic.