NTAG212 Mifare Ultralight带认证
我是NFC Android的新手,我已经坚持了几天试图通过身份validation获得NTAG212 Mifare Ultralight的第7页,我已经有了PWD和PACK来完成基于NTAG212 Docs的PWD_AUTH 。
我这样做…
//assume password as array of bytes //assume pack as array of bytes try{ nfc.connect(); byte[] cmd1 = nfc.transceive(new byte[]{ (byte) 0x30, (byte) 0x00 }); //read the page 0 to make the NFC active nfc.transceive(new byte[]{ (byte) 0x1B, //command for PWD_AUTH pass[0], pass[1], pass[2], pass[3] }); byte[] cmd4 = nfc.transceive(new byte[]{ (byte) 0x30, (byte) 0x04 }); //read the page 4 }catch(TagLostException e){ e.printStackTrace(); }catch(IOException e){ e.printStachTrace(); }finally{ try{ nfc.close(); }catch(Exception e){ //display failed to close } } 我总是收到android.nfc.TagLostException: Tag was lost. 将PWD_AUTH命令发送到NFC后出错。 有人能告诉我我做错了什么吗? 我的方法是否正确? 请帮忙。
注意:我已多次阅读NTAG212的文档,搜索了google,stackoverflow和所有可能的资源。
TIA,
Kenster
您发送给标记的PWD_AUTH命令没有多大意义。
PWD_AUTH命令的想法是,如果使用正确的密码进行身份validation,则发送密码(4字节值)并且标签以其密码确认(PACK)值(2字节值)进行响应。 然后,您可以根据预期的密码确认来validationPACK值以“validation”标签。
所以正确的命令是:
byte[] response = nfc.transceive(new byte[] { (byte) 0x1B, // PWD_AUTH pass[0], pass[1], pass[2], pass[3] }); if ((response != null) && (response.length >= 2)) { byte[] pack = Arrays.copyOf(response, 2); // TODO: verify PACK to confirm that tag is authentic (not really, // but that whole PWD_AUTH/PACK authentication mechanism was not // really meant to bring much security, I hope; same with the // NTAG signature btw.) }
您需要什么才能启用密码保护(在NTAG212上):
-
将PWD(第39页)设置为所需的密码(默认值为
0xFFFFFFFF)。byte[] response = nfc.transceive(new byte[] { (byte) 0xA2, // WRITE (byte) 39, // page address pass[0], pass[1], pass[2], pass[3] }); -
将PACK(第40页,字节0-1)设置为所需的密码确认(默认值为
0x0000)。byte[] response = nfc.transceive(new byte[] { (byte) 0xA2, // WRITE (byte) 40, // page address pack[0], pack[1], // bytes 0-1 are PACK value (byte) 0, (byte) 0 // other bytes are RFU and must be written as 0 }); -
将AUTHLIM(第38页,字节0,位2-0)设置为最大失败密码validation尝试次数(将此值设置为0将允许无限次数的PWD_AUTH尝试)。
-
将PROT(第38页,字节0,位7)设置为所需的值(0 =仅在写访问时需要PWD_AUTH,1 =读和写访问需要PWD_AUTH)。
byte[] response = nfc.transceive(new byte[] { (byte) 0x30, // READ (byte) 38 // page address }); if ((response != null) && (response.length >= 16)) { // read always returns 4 pages boolean prot = false; // false = PWD_AUTH for write only, true = PWD_AUTH for read and write int authlim = 0; // value between 0 and 7 response = nfc.transceive(new byte[] { (byte) 0xA2, // WRITE (byte) 38, // page address (byte) ((response[0] & 0x078) | (prot ? 0x080 : 0x000) | (authlim & 0x007)), response[1], response[2], response[3] // keep old value for bytes 1-3, you could also simply set them to 0 as they are currently RFU and must always be written as 0 (response[1], response[2], response[3] will contain 0 too as they contain the read RFU value) }); } -
将AUTH0(第37页,字节3)设置为应该要求密码validation的第一页。
byte[] response = nfc.transceive(new byte[] { (byte) 0x30, // READ (byte) 37 // page address }); if ((response != null) && (response.length >= 16)) { // read always returns 4 pages boolean prot = false; // false = PWD_AUTH for write only, true = PWD_AUTH for read and write int auth0 = 0; // first page to be protected, set to a value between 0 and 37 for NTAG212 response = nfc.transceive(new byte[] { (byte) 0xA2, // WRITE (byte) 37, // page address response[0], // keep old value for byte 0 response[1], // keep old value for byte 1 response[2], // keep old value for byte 2 (byte) (auth0 & 0x0ff) }); }
如果您使用MifareUltralight标记技术,而不是直接使用transceive方法,您还可以使用readPages和writePage方法:
-
READ命令
byte[] response = nfc.transceive(new byte[] { (byte) 0x30, // READ (byte) (pageAddress & 0x0ff) // page address });是等价的
byte[] response = nfc.readPages(pageAddress); -
WRITE命令
byte[] data = { (byte)..., (byte)..., (byte)..., (byte)... }; byte[] response = nfc.transceive(new byte[] { (byte) 0xA2, // WRITE (byte) (pageAddress & 0x0ff), // page address data[0], data[1], data[2], data[3] });是等价的
nfc.writePage(pageAddress, data);