4

Say I want to authenticate to Mifare Classic.

How do I know the exact kind of APDU to send to the card?

Example.

This code:

bcla = 0xFF;
bins = 0x86;
bp1 =  0x0;
bp2 =  0x0; // currentBlock
len =  0x5;

sendBuffer[0] = bcla;
sendBuffer[1] = bins;
sendBuffer[2] = bp1;
sendBuffer[3] = bp2;
sendBuffer[4] = len;
sendBuffer[5] = 0x1;                // Version
sendBuffer[6] = 0x0;                // Address MSB
sendBuffer[7] = currentBlock;
if(keyradioButton->Checked==true)   // Address LSB
     sendBuffer[8] = 0x60;              // Key Type A
else if(keynumberradioButton->Checked ==true)
    sendBuffer[8] = 0x61;               // Key Type B
sendBuffer[9] = keynumber;          // Key Number

sendbufferlen = 0xA;
receivebufferlen = 255;

//Invoke the Transmit command
retval = SCardTransmit(hCard,  // A reference value returned from the SCardConnect function.
                                 &sioreq, 
                              sendBuffer,  // Send buffer
                           sendbufferlen,  // Send buffer length
                                 &rioreq, 
                           receiveBuffer,  // Receive butter
                      &receivebufferlen);  // Length of received buffer

is a sample program which tries to authenticate to Mifare Classic. My question is basically, how do I know what kind of APDU to send to the card? e.g., how do I know what should be in the sendBuffer?

  • Sorry to say,but I am not able to understand the question......Can you describe the problem. – jiten Sep 16 '13 at 11:16
  • @vikky: hey vikky, please see the edit –  Sep 16 '13 at 11:22
  • MIFARE Classic itself does not use APDUs. The use of APDUs is an extension of the card reader: internally it translates the APDU to the actual MIFARE Classic command. To clarify the question, I suggest you add the brand and type of the card reader you are using – NFC guy Sep 16 '13 at 11:39
  • @NFCguy: I was surprised to hear Classic doesn't use APDU. Can you refer me to some docs which explain this? and also what you mentioned that reader translates APDU to Classic commands? I would like to learn more about this. –  Oct 02 '13 at 09:15
  • @NFCguy: Yes I looked at it. Indeed there are no full APDU commands mentioned which I use for authentication for example. The doc just says for example 60h is *command* for authentication with Key A. Is it like this with other type of Mifare Cards too (e.g., Plus, etc.)? They don't accept APDU's? –  Oct 02 '13 at 11:43
  • MIFARE products have a long history, so the resulting situation is complicated. Short answer: MIFARE Ultralight is similar to Classic (but without the encryption); both communicate on ISO 14443-3. MIFARE Plus can be configured compatible to Classic. Otherwise, it uses ISO 14443-4 communication, but does not support ISO 7816-4 APDUs. MIFARE DESFire uses always ISO 14443-4 communication. It can use its own "native" commands, which could be "wrapped" inside ISO 7816-4 APDUs (CLA byte = 0x90). It also supports a number of standard APDU commands, such as SELECT FILE and READ BINARY, etc. – NFC guy Oct 02 '13 at 13:07
  • @NFCguy: maybe you could be kind to look at this: http://stackoverflow.com/questions/19153173/standards-for-smartcard-communication –  Oct 03 '13 at 07:24

2 Answers2

6

In Mifare Classic 1K tags There are 16 Sectors and each Sectors contains 4 Blocks and each block contains 16 bytes.

  1. Sector 0 contains Block (0,1,2,3)
  2. Sector 1 contains Block (4,5,6,7)
  3. Sector 2 contains Block (8,9,10,11)
  4. Sector 3 contains Block (12,13,14,15)....

Before Reading or writing from a block You must have to Authenticate its corresponding Sector using Key A or Key B of that sector. When Authentication is complete then you can read or write. using this command you can authenticate sector 0 using KEY A(60)

byte[] authenticationByte = new byte[10];  

authenticationByte = new byte[] { (byte) 0xFF, (byte) 0x86, (byte) 0x00,
 (byte) 0x00, (byte) 0x05, (byte) 0x00,(byte) 0x00, (byte) 0x04, 
                                    (byte) 0x60,(byte) 0x00 };

When Authentication is succes then you will get 90 00. That is Success message. Else response is 63 00 , that means authentication failed. When Authentication complete then you can read block (0,1,2,3) cause sector 0 contains 4 block and those are block (0,1,2,3).

For more details you can read this Answer. Sorry for bad English

Community
  • 1
  • 1
Md. Sajedul Karim
  • 6,749
  • 3
  • 61
  • 87
3

Read this Article.Here you will find the APDU structure to communicate with Mifare card...

jiten
  • 5,128
  • 4
  • 44
  • 73
  • Thanks vikky. It seems the keys are stored *on* the reader also? –  Sep 16 '13 at 12:00
  • yes before Authentication,you must Load the key in the reader. – jiten Sep 16 '13 at 12:02
  • thanks. Also look at NFC guys response, I was surprised when he said Mifare Classic doesn't use APDU .... –  Sep 16 '13 at 12:11