问题
I would like to authenticate with a desfire card in native mode. Here are my current steps:
- I select the master application
(AID = 0×00 0×00 0×00) - I receive the response (a "challenge", randB) from the card
- Then, in the second Step, I generate a response (randA); I concatenate the 8 bytes rand A with the 8 bytes decrypted and rotated rand B
- I encrypt it, sending it back to the card.
I receive a 91 ae answer, and I don't know why. Here is the sequence of messages:
- to card: 90 0A 00 00 01 00 00
- from card 5B 57 69 C7 CE 4B 16 7B 91 AF
- enciphered RandB = 5B 57 69 C7 CE 4B 16 7B
- deciphered RandB' = 17 8D 23 57 10 C9 32 D5
- one byte lshitf RandB' = 8D 23 57 10 C9 32 D5 17
- Generated Rand A = 43 9D 17 8E 9A 5F BA 70
- concatenate Rand A With Rand B'' = 43 9D 17 8E 9A 5F BA 70 8D 23 57 10 C9 32 D5 17
- enciphered Rand A + Rand B'' = 9E ED DC 4F BC E7 BE BD 09 02 CF 99 F7 40 34 7B
- to card: 90 AF 00 00 10 43 9D 17 8E 9A 5F BA 70 8D 23 57 10 C9 32 D5 17 00
- from card: 91 AE
Please, can you point out if you see anything wrong? Which problems may I have?
回答1:
I know the reply is a bit late, but answering it anyways - I myself was able to get the authentication right only yesterday. 91 ae stands for authentication error. That means the RandB' which you are sending to with RandA after concatination and enciphering is not as expected by the PICC (Ev1). Problem could be in the enciphering. Can you cross check your enciphering your logic with the examples in the EV1 datasheet?
Hope it helps ( if you were not able to resolve the problems already by yourself)
回答2:
Master key and other application authentications work with the same logic. Here is my question and answer in the subject DesFire Authentication in Android. Hope it helps.
Your problem here must be in en/deciphering. You should do CBC with 3DES or AES with no-padding.
回答3:
In my experience, most of the time is the encryption which is done in the wrong way. Are you using the correct mode to encrypt the response? (BTW, are you using DES, TDES, or AES?). If you use DES, are you using CBC in reverse mode? IIRC, to encrypt the response you need to use the "inverse" algorithm (the one you usually do for chipering). Also, check if the keys need parity.
来源:https://stackoverflow.com/questions/14319321/how-can-i-do-native-authentication-in-desfire-ev1