Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MIFARE Classic example is misleading #80

Closed
michaelroland opened this issue Apr 16, 2019 · 1 comment
Closed

MIFARE Classic example is misleading #80

michaelroland opened this issue Apr 16, 2019 · 1 comment
Assignees
@pokusew
Labels
bug documentation

Comments

@michaelroland
Copy link

Note that this issue is also discussed on StackOverflow: Error 6800 on reading 2nd sector and more of a MIFARE Classic card.

The current example for MIFARE Classic is misleading with regard to authentication. The example file currently suggests to do authentication for multiple sectors (and possible with multiple keys) before doing actual read/write operations:

nfc-pcsc/examples/mifare-classic.js

Lines 87 to 92 in d743ef6

await Promise.all([
reader.authenticate(4, keyType, key),
// reader.authenticate(8, keyType, key), // add other lines to authenticate more blocks, resp. sectors
]);
// Note: writing might require to authenticate with a different key (based on the sector access rights)

However, this is not how MIFARE Classic authentication works. MIFARE Classic will only grant permissions based on the last authentication attempt. Consequently, if multiple reader.authenticate(...) commands are used, only the last one has an effect on all subsequent read/write operations.

Therefore, you would first authenticate to a specific sector. You can then read from/write to the blocks of that sector (subject to access conditions for the authenticated key). Only after that, you would want to authenticate to the next sector with a specific key to be able to read from/write to the blocks of that other sector.

E.g. like this:

const key_a = 'FFFFFFFFFFFF'; 
const keyTypeA = KEY_TYPE_A;
await reader.authenticate(4, keyTypeA, key_a);
pretty.info(`sector authenticated`);
const data1 = await reader.read(4, 48, 16);
pretty.info(`data read for sector 1`, data1);
await reader.authenticate(8, keyTypeA, key_a);
const data2 = await reader.read(8, 48, 16);
pretty.info(`data read for sector 2`, data2);
pokusew added a commit that referenced this issue Apr 17, 2019
@pokusew
Fix misleading information in mifare-classic example (#80)
78a9e45
@pokusew
Copy link
Owner

pokusew commented Apr 17, 2019

Hi @michaelroland,

thank you very much for reporting the issue here and for answering the question on Stack Overflow.
I really appreciate that. 👍

I've rewritten the MIFARE Classic example to remove all the misleading information and to clarify how the MIFARE Classic authentication works.

Here is the current version: https://github.com/pokusew/nfc-pcsc/blob/master/examples/mifare-classic.js

Feel free to post your thoughts or suggestions here.

Thank you very much for your time. 🙂

@pokusew pokusew self-assigned this Apr 17, 2019
@pokusew pokusew closed this as completed Apr 18, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pokusew pokusew

Labels
bug documentation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pokusew @michaelroland