Android NFC IsoDep reads file contents

Question

Android NFC IsoDep reads file contents

I am trying to read some information from an ISO / IEC 14443 Type A card.

After analyzing the map using the Android NFC TagInfo application , I found out that the application (AID: 15845F) has the specific file (File ID: 01) that I need.

I have already managed to connect to the map and select the application.

String action = getIntent().getAction(); if (NfcAdapter.ACTION_TECH_DISCOVERED.equals(action)) { Tag tagFromIntent = getIntent().getParcelableExtra(NfcAdapter.EXTRA_TAG); Log.i(TAG, Arrays.toString(tagFromIntent.getTechList())); IsoDep isoDep = IsoDep.get(tagFromIntent); try { isoDep.connect(); byte[] SELECT = { (byte) 0x00, // CLA = 00 (first interindustry command set) (byte) 0xA4, // INS = A4 (SELECT) (byte) 0x04, // P1 = 04 (select file by DF name) (byte) 0x0C, // P2 = 0C (first or only file; no FCI) (byte) 0x06, // Lc = 6 (data/AID has 6 bytes) (byte) 0x31, (byte) 0x35,(byte) 0x38,(byte) 0x34,(byte) 0x35,(byte) 0x46 // AID = 15845F }; byte[] result = isoDep.transceive(SELECT); Log.i(TAG, "SELECT: " + bin2hex(result)); if (!(result[0] == (byte) 0x90 && result[1] == (byte) 0x00)) throw new IOException("could not select application"); byte[] GET_STRING = { (byte) 0x00, // CLA Class (byte) 0xB0, // INS Instruction (byte) 0x00, // P1 Parameter 1 (byte) 0x00, // P2 Parameter 2 (byte) 0x04 // LE maximal number of bytes expected in result }; result = isoDep.transceive(GET_STRING); Log.i(TAG, "GET_STRING: " + bin2hex(result)); } }

But my second request is not with error code: 6A86 (invalid parameters P1-P2). I already googled a lot and found different documents (for example: http://bit.ly/180b6tB ), but I just could not understand how I can implement the right value for P1 and P2 .

EDIT

Card Tag Type Using NFC TagInfo : ISO / IEC 14443-4 Smart Card, Mifare DESFire EV1 (MF3ICD81)

The SELECT command used in the source code didn’t really work, but instead it returned the answer 9000. Therefore, I assumed that everything was working fine.

You mentioned that NFC TagInfo does not contain the correct values for DF names, etc. Is the value 0x313538343546 correct and how did you recognize it?

Can you give me a brief description of how I can get the data I need? Are there other Android apps that I can use to read the correct DF, AID, etc. names? I basically need to get ONE file from the ONE application. I could also provide some screenshots of the information collected using NFC TagInfo , if necessary.

EDIT 2

I rewrote the commands, but (as you suggested) saved them in the APDU wrapper. Therefore, I had two different commands: one to select the application , and the other to select the file .

 private final byte[] NATIVE_SELECT_APP_COMMAND = new byte[] { (byte) 0x90, (byte) 0x5A, (byte) 0x00, (byte) 0x00, 3, // SELECT (byte) 0x5F, (byte) 0x84, (byte) 0x15, (byte) 0x00 // APPLICATION ID }; private final byte[] NATIVE_SELECT_FILE_COMMAND = new byte[] { (byte) 0x90, (byte) 0xBD, (byte) 0x00, (byte) 0x00, 7, // READ (byte) 0x01, // FILE ID (byte) 0x00, (byte) 0x00, (byte) 0x00, // OFFSET (byte) 0x00, (byte) 0x00, (byte) 0x00, // LENGTH (byte) 0x00 };

Finding a tutorial for your own Mifire-Desfire teams was not successful, so I stick to the following tutorial: http://noobstah.blogspot.de/2013/04/mifare-desfire-ev1-and-android.html p>

This tutorial introduces the authentication of a card that I turned off, as well as the transceive method, which for my understanding is not the right way to execute my own commands? Which method, possibly even snippit code, is used to execute its own commands? Which Android class should I use?

I rewrote the class specified in the tutorial and loaded it into pastebin . After running the class, I have the following results.

 Select APPLICATION: 9100 Read DATA: 91AE

At this moment, I am pretty stuck and do not know what steps I should take next. Was it really a mistake, or rather, what changes in the queries should I make in order to get the necessary data?

+6

android nfc mifare apdu contactless-smartcard

Vilius Oct 10 '13 at 13:06

source share

1 answer

Michael Roland · Accepted Answer · 2013-10-10T14:54:13+0000

Given the information you extracted from the NFC TagInfo and the commands you are trying to use, I assume that the card is a MIFARE DESFire EV1. Right?

Regarding your pick command: NFC TagInfo does not currently read the DF name value used in the ISO command for DESFire EV1. Thus, I assume that the DF name set for this application is actually 0x313538343546, otherwise the SELECT command should fail. Please note, however, that this value is in no way derived from the DESFire AID shown in the NFC TagInfo! In fact, the DF name is a single value defined when the application was created. (This is different from the previous version of DESFire.)

Regarding your READ BINARY command: the command you used means that you previously selected the file. However, you selected only the application. Thus, you need to either issue the SELECT command for the data file, or use the short file identifier in the READ BINARY command:

 byte[] READ_BINARY = { (byte) 0x00, // CLA Class (byte) 0xB0, // INS Instruction (byte) 0x80, // P1 (indicate use of SFI) (byte) 0x01, // P2 (SFI = 0x01) (byte) 0x04 // LE maximal number of bytes expected in result };

However, when it comes to DESFire (EV1), I suggest you rather use your own DESFire instruction set (straight or wrapped) instead of using the ISO 7816-4 APDU.

With the built-in command set, you get the full functionality of MIFARE DESFire. Team packaging is accomplished by embedding native DESFire commands in the APDU ISO 7816-4 framework. The wrapping command is as follows:

 0x90 CMD 0x00 0x00 LEN CMD-PARAM 0x00

Where CMD is the native DESFire command, and CMD-PARAM are command parameters. Answer:

 [DATA] 0x91 STATUS

Where status is the status code of the native DESFire. If STATUS is 0xAF, you can get the remaining response data by running the following command:

 0x90 0xAF 0x00 0x00 0x00

So, in your case, you will select the application command for the application 0x15845F (pay attention to the byte order!):

 0x90 0x5A 0x00 0x00 3 0x5F 0x84 0x15 0x00 |SELECT| |APPLICATION ID|

Then you want to read the data file 0x01 (the whole file, starting at offset 0):

 0x90 0xBD 0x00 0x00 7 0x01 0x00 0x00 0x00 0x00 0x00 0x00 0x00 |READ| |FILE| OFFSET | LENGTH |

As for your question, how to get the ISO DF and ISO FID names for your application, you can try the following commands:

Select the main application:

 905A00000300000000

Get applications, including DF names:

906D000000

Select your application:

 905A0000035F841500

Get DESFire FID:

906F000000

Get ISO FID:

9061000000

You can always use the transceive () method for an IsoDep object. IsoDep (i.e., ISO / IEC 14443-4) is used in any case (for native DESFire commands, for wrapped native commands, and for ISO 7816-4 commands).

The error code received from the card (0xAE) indicates an authentication error (for more information, see this technical data sheet: DESFire ). Thus, the file only allows authentication (see the Access Conditions specified in NFC TagInfo).

Thus, in order to read this file, you will need to perform the authentication procedure.

Android NFC IsoDep reads file contents

More articles: