search

emsec / ChameleonMini

The ChameleonMini is a versatile contactless smartcard emulator compliant to NFC. The ChameleonMini was developed by https://kasper-oswald.de. The device is available at https://shop.kasper.it. For further information see the Getting Started Page https://rawgit.com/emsec/ChameleonMini/master/Doc/Doxygen/html/_page__getting_started.html or the Wiki tab above.
Other
1.72k stars 391 forks source link

DESfire emulation support: Updated support for PM3 and better compatibility with external USB readers #323

Closed maxieds closed 2 years ago

maxieds commented 2 years ago

The main changes are to the way the anticollision (CL1/CL2) UID bytes are handled (see source code modifications for precise details). There are references to NXP application notes that show how to exchange the 7-byte UID data prefixed with 0x88. The PM3 hf mfdes info and hf mfdes list commands work better now.

The documentation is also updated with changes that show enhanced support for external USB readers: 

$ sudo pcsc_scan -v
Using reader plug'n play mechanism
Scanning present readers...
Waiting for the first reader...found one
Scanning present readers...
0: ACS ACR122U PICC Interface 00 00

Mon Jul 25 19:26:28 2022
 Reader 0: ACS ACR122U PICC Interface 00 00
  Event number: 3
  Card state: Card removed, 

Mon Jul 25 19:26:37 2022
 Reader 0: ACS ACR122U PICC Interface 00 00
  Event number: 4
  Card state: Card inserted, 
  ATR: 3B 81 80 01 80 80

ATR: 3B 81 80 01 80 80
+ TS = 3B --> Direct Convention
+ T0 = 81, Y(1): 1000, K: 1 (historical bytes)
  TD(1) = 80 --> Y(i+1) = 1000, Protocol T = 0 
-----
  TD(2) = 01 --> Y(i+1) = 0000, Protocol T = 1 
-----
+ Historical bytes: 80
  Category indicator byte: 80 (compact TLV data object)
+ TCK = 80 (correct checksum)

Possibly identified card (using /usr/share/pcsc/smartcard_list.txt):
3B 81 80 01 80 80
    RFID - ISO 14443 Type A - NXP DESFire or DESFire EV1 or EV2
    "Reiner LoginCard" (or "OWOK", how they name it) - they have been distributed by a german computer magazine ("Computer BILD")
    https://cardlogin.reiner-sct.com/
    Belgium A-kaart (Antwerp citycard)
    Oyster card - Transport for London (second-gen "D")
    https://en.wikipedia.org/wiki/Oyster_card
    Kaba Legic Advant 4k
    Sydney Opal card public transport ticket (Transport)
    https://www.opal.com.au
    TH Köln (University of Applied Sciences Cologne) - Student Identity Card
    https://www.th-koeln.de/en/academics/multica_5893.php
    German red cross blood donation service
    http://www.blutspende-nordost.de/
    Greater Toronto/Hamilton/Ottawa PRESTO contactless fare card
    http://en.wikipedia.org/wiki/Presto_card
    Electic vehicle charging card of the EMSP EnBW Energie Baden-Württemberg AG, Tarif ADAC e-Charge, Germany

Mon Jul 25 19:26:37 2022
 Reader 0: ACS ACR122U PICC Interface 00 00
  Event number: 5
  Card state: Card removed,

The last post in #321 notes that support for the HID Omnikey 5022CL reader is still missing. Similarly, the LibFreeFare mifare-desfire-info command still does not produce any output. I am happy enough that the ACS ACR-122U reader outputs a DESFire tag with pcsc_spy -v to close the issue for now. The missing mifare-desfire-info command support is a task in the DESFire project.

maxieds commented 2 years ago

@fptrs @david-oswald Any chance this PR can get merged this weekend?