问题
How can I make authenticate and read data from a MIFARE Classic card that is formatted with the MIFARE Application Directory structure? I'm using Android.
回答1:
See NXP's application note on the MIFARE Application Directory. Typically, in order to read data from a MIFARE Classic card that makes use of the MAD, you would do something like the following:
- Authenticate to sector 0 (MAD sector) using key A
A0 A1 A2 A3 A4 A5(the public MAD read key). - Read block 3.
- Based on the general purpose byte (byte 9 read from block 3), you can determine
- if the card uses the MAD (bit 7 = 1),
- if the card supports multiple applications (bit 6 = 1), and
- the MAD version (bits 1-0).
Read blocks 1 and 2, these blocks have the following format (where
AIDxis the application ID assigned to sector number x):+----+----+----+----+----+----+----+----+----+----+----+----+----+----+----+----+ Byte | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | +----+----+----+----+----+----+----+----+----+----+----+----+----+----+----+----+ Block 1 |CRC |INFO| AID01 | AID02 | AID03 | AID04 | AID05 | AID06 | AID07 | +----+----+----+----+----+----+----+----+----+----+----+----+----+----+----+----+ Block 2 | AID08 | AID09 | AID10 | AID11 | AID12 | AID13 | AID14 | AID15 | +----+----+----+----+----+----+----+----+----+----+----+----+----+----+----+----+Verify the CRC (block 1, byte 0).
- Browse through the AID list (as generated from the data of blocks 1 and 2) to find your application AIDs (and consequently to find the sectors that contain your application data).
If MAD version 2 is used, authenticate to sector 16 and read blocks 0 (64), 1 (65), and 2 (66) in order to get the extended AID list. The format of these blocks is:
+----+----+----+----+----+----+----+----+----+----+----+----+----+----+----+----+ Byte | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | +----+----+----+----+----+----+----+----+----+----+----+----+----+----+----+----+ Block 0 |CRC |INFO| AID17 | AID18 | AID19 | AID20 | AID21 | AID22 | AID23 | +----+----+----+----+----+----+----+----+----+----+----+----+----+----+----+----+ Block 1 | AID24 | AID25 | AID26 | AID27 | AID28 | AID29 | AID30 | AID31 | +----+----+----+----+----+----+----+----+----+----+----+----+----+----+----+----+ Block 2 | AID32 | AID33 | AID34 | AID35 | AID36 | AID37 | AID38 | AID39 | +----+----+----+----+----+----+----+----+----+----+----+----+----+----+----+----+Authenticate to the sectors of your application (as discovered through the AID list) and read/write the data of your application.
来源:https://stackoverflow.com/questions/32778061/how-to-access-a-mifare-classic-card-that-uses-the-mifare-application-directory-s