0

I'm trying to authenticate to ultralight c and I'm stuck for a few days on the following: (using OK5321)

I'm able to open the generic session:

-> FFA0000703010001
<- 90 00

Authenticate:

->FFA00005080100F30000641A0000
<-00 00 AF 92 11 26 10 8C 1B 8E 3F 90 00

The third step I have tried the following: //random rndbA: 0xA8, 0xAF, 0x3B, 0x25, 0x6C, 0xC7, 0x5E, 0x40

`-> FFA00005180100F30000640078C4B4CC65D91E62AFA8AF3B256CC75E40` //combined the first authenticate result with the rndbA and I get this result:

<- 08 04 00 90 00

Then when I try to read I receive an error.

Am I doing any step wrong?

Nimantha
  • 6,405
  • 6
  • 28
  • 69
RPDF
  • 76
  • 8
  • 1
    Does this answer your question? [Android: Authenticating with NXP MiFare Ultralight C](https://stackoverflow.com/questions/19438554/android-authenticating-with-nxp-mifare-ultralight-c). With generic session [here](https://stackoverflow.com/a/44660223/5128464) – vlp Dec 06 '19 at 17:05
  • Thanks for your answer, unfortunately I have looked into both of those Q&A and I did not understand from where it coming the rndbA if it's a random value that we add or is something that the reader answers. Another thing is I can send the A1 00 mentioned there to the reader even using the HID tool to do it I receive always an error: PC/SC Error: Unable to send command (0x001F)! – RPDF Dec 06 '19 at 17:22
  • 1
    `rndA` is a random nonce generated by terminal (your code). `rndB` is a random nonce generated by the card. See section "3DES authentication" in the MF0ICU2 document. Your second frame seems malformed -- it does not have the correct structure (i.e. -- AFh || ek(RndA || RndB') ). See example log trace in [the answer](https://stackoverflow.com/a/44660223/5128464) linked above... – vlp Dec 06 '19 at 21:14
  • @vlp, I'm able to come to OPEN GENERIC SESSION -> FFA0000703010001 <- 9000 AUTHENTICATE => 1A00 -> FFA00005080100F30000641A0000 <- 0000AF4BDA4E34B5D04A019000 Then I can't understand which is the next APDU command that I must send. As far as I understand when reading the MF0ICU2 document, section 7.5.55 (3DES Auth). I need to concatenate the RndA with RndB and enciphered with the Key. Now, how can I get the RndA? Is rotating the RndB left by 8 bits. Thanks – RPDF Dec 09 '19 at 11:53
  • 1
    `RndA` is a [random nonce](https://en.wikipedia.org/wiki/Cryptographic_nonce) **you** generate. In the linked code it is generated by a SecureRandom instance. For test purposes (and only for test purposes, not for production) you can make something up -- e.g. `0011223344556677` – vlp Dec 09 '19 at 13:19
  • Thanks, this should be a "secure static" string on the code and is nothing that is generated as the RndB, correct? So the third command, should be the concatenation of RndA and RndB? – RPDF Dec 09 '19 at 14:22
  • 1
    Both `RndA` and `RndB` are randomly generated nonces. `RndA` is generated by your code and `RndB` is generated by the card. What should be in the >third command< is clearly written in the abovementioned document and implemented in the linked answer...Good luck with your project! – vlp Dec 09 '19 at 15:01
  • Thanks for your help authentication is done correctly now @vlp! I'm trying to form the write command FFA2. Which is always giving me an error related with function not supported. Can you help me with an example? thanks – RPDF Dec 11 '19 at 11:46

0 Answers0