read/write 使用哪个 APDU 记录 MIFARE Ultralight NFC 标签?
Which APDU to use to read/write records on MIFARE Ultralight NFC tag?
我正在创建一个 VBA 软件来读取和写入 NFC 标签。我设法与标签通信以获取基本数据(例如我得到了它的 ID)。但是当我为 READ RECORD 命令发送 APDU 时,它不起作用。我想我需要先发送一个 SELECT FILE 命令;但我想我需要正确的 DF。
我为 READ RECORD 命令尝试了“00 B2 01 05 00”,为 SELECT FILE 命令尝试了“00 A4 00 00 00”。
VBA
Sub test()
Dim hContext As Long
Dim hCard As Long
Dim retval As Long
Dim readers As String * 256
Dim groups As String * 256
Dim activeprotocol As Long
Dim readerlen As Long
Dim scard_protocol_t0_or_t1 As Long
Dim scard_share_shared As Long
Dim APDU() As Byte
Dim recvbuf() As Byte
Dim recvbuff(256) As ByteArray
Dim recvlen As Long
Dim iosendreq As SCARD_IO_REQUEST
Dim iorecvreq As SCARD_IO_REQUEST
Dim bytRecvAttr As ByteArray
Dim LenAPDU As Long
scard_protocol_t0_or_t1 = 1 Or 2
scard_share_shared = 2 '2 1
retval = SCardEstablishContext(SCARD_SCOPE_USER, 0, 0, hContext)
If retval <> 0 Then
MsgBox "erreur n." & CStr(retval)
End If
readerlen = 256
retval = SCardListReaders(hContext, groups, readers, readerlen)
If retval <> 0 Then
MsgBox "erreur n. " & CStr(retval)
End If
Do While hCard = 0
retval = SCardConnect(hContext, readers, scard_share_shared, scard_protocol_t0_or_t1, hCard, activeprotocol)
DoEvents
Loop
If retval <> 0 Then MsgBox "erreur n. " & CStr(retval)
recvlen = 256
Do While State < 2
retval = SCardStatus(hCard, readers, readerlen, State, scard_protocol_t0_or_t1, recvbuff(0), recvlen)
If retval <> 0 Then MsgBox "Erreur n. " & CStr(retval)
DoEvents
Loop
'retval = SCardGetAttrib(hCard, SCARD_ATTR_ICC_PRESENCE, bytRecvAttr, lRecLen)
'If retval <> 0 Then MsgBox "Erreur n. " & CStr(retval)
iosendreq.dwProtocol = activeprotocol
iosendreq.dwPciLength = Len(iosendreq)
iorecvreq.dwProtocol = activeprotocol
iorecvreq.dwPciLength = Len(iorecvreq)
'recherche de file
ReDim APDU(7)
APDU(0) = &H0 'cla 80
APDU(1) = &HA4 'INs B2-read record
APDU(2) = &H4 'P1 1-PREMIER RECORD
APDU(3) = &H0 'P2 5-tous les records
APDU(4) = &H2 'longueur de data
APDU(5) = &H0 'a changer pour trouver ID du DF
APDU(6) = &H0 'a changer pour trouver ID du DF
APDU(7) = &H0 'Le
LenAPDU = (UBound(APDU) + 1)
If APDU(LenAPDU - 1) = 0 Then
ReDim recvbuf(255)
Else
ReDim recvbuf(APDU(LenAPDU - 1) + 2)
End If
recvlen = UBound(recvbuf) + 1
'this is a loop to test the different DFs
For x = 0 To 255
For y = 1 To 255
APDU(5) = x
APDU(6) = y
retval = SCardTransmit(hCard, iosendreq, APDU(0), LenAPDU, iorecvreq, recvbuf(0), recvlen)
If recvbuf(4) > 0 Or recvlen > 2 Then Exit For
Next
Next
Debug.Print Hex(recvbuf(0)) & "-" & Hex(recvbuf(1)) & "-" & Hex(recvbuf(2)) & "-" & Hex(recvbuf(3)) & "-" & Hex(recvbuf(4)) & "-" & Hex(recvbuf(5)) & "-" & Hex(recvbuf(6)) & "-" & Hex(recvbuf(7)) & " " & recvlen & " CLA:" & APDU(0) & " INS:" & APDU(1) & " P1:" & APDU(2) & " P2:" & APDU(3)
If retval <> 0 Then MsgBox "Erreur n. " & CStr(Hex(retval))
retval = SCardDisconnect(hCard, scad_leave_card)
If retval <> 0 Then MsgBox "erreur n. " & CStr(retval)
retval = SCardReleaseContext(hContext)
If retval <> 0 Then MsgBox "erreur n. " & CStr(retval)
End Sub
MIFARE Ultralight 标签不使用 APDU 命令。因此,您不能将任何 APDU 发送到标签本身,并且标签不支持文件的概念 (EF/DF/MF)。相反,PC/SC(非接触式)智能卡 readers 通常提供一组可以发送到 reader 并且 reader 转换为 MIFARE Ultralight 命令的 APDU。这些由 reader 处理的 APDU 命令通常以 class 字节 &HFF.
开头
如果 reader 实施标准 PC/SC 扩展以访问非接触式存储卡,从 Ultralight 标签读取的 reader APDU 将如下所示:
FF B0 00XX 10
^^
\-------- Block number
因此,您的 APDU 将如下所示:
ReDim APDU(5)
APDU(0) = &HFF 'CLA 0xFF = PC/SC READER COMMAND
APDU(1) = &HB0 'INS 0xB0 = READ BINARY
APDU(2) = &H00 'P1 0x00
APDU(3) = &H00 'P2 block number (potentially also in P1 if more than 255)
APDU(4) = &H10 'Le 0x10 = 16 bytes (= 4 blocks) expected, which is the standard read size for the native Ultralight READ command
我正在创建一个 VBA 软件来读取和写入 NFC 标签。我设法与标签通信以获取基本数据(例如我得到了它的 ID)。但是当我为 READ RECORD 命令发送 APDU 时,它不起作用。我想我需要先发送一个 SELECT FILE 命令;但我想我需要正确的 DF。
我为 READ RECORD 命令尝试了“00 B2 01 05 00”,为 SELECT FILE 命令尝试了“00 A4 00 00 00”。
VBA
Sub test()
Dim hContext As Long
Dim hCard As Long
Dim retval As Long
Dim readers As String * 256
Dim groups As String * 256
Dim activeprotocol As Long
Dim readerlen As Long
Dim scard_protocol_t0_or_t1 As Long
Dim scard_share_shared As Long
Dim APDU() As Byte
Dim recvbuf() As Byte
Dim recvbuff(256) As ByteArray
Dim recvlen As Long
Dim iosendreq As SCARD_IO_REQUEST
Dim iorecvreq As SCARD_IO_REQUEST
Dim bytRecvAttr As ByteArray
Dim LenAPDU As Long
scard_protocol_t0_or_t1 = 1 Or 2
scard_share_shared = 2 '2 1
retval = SCardEstablishContext(SCARD_SCOPE_USER, 0, 0, hContext)
If retval <> 0 Then
MsgBox "erreur n." & CStr(retval)
End If
readerlen = 256
retval = SCardListReaders(hContext, groups, readers, readerlen)
If retval <> 0 Then
MsgBox "erreur n. " & CStr(retval)
End If
Do While hCard = 0
retval = SCardConnect(hContext, readers, scard_share_shared, scard_protocol_t0_or_t1, hCard, activeprotocol)
DoEvents
Loop
If retval <> 0 Then MsgBox "erreur n. " & CStr(retval)
recvlen = 256
Do While State < 2
retval = SCardStatus(hCard, readers, readerlen, State, scard_protocol_t0_or_t1, recvbuff(0), recvlen)
If retval <> 0 Then MsgBox "Erreur n. " & CStr(retval)
DoEvents
Loop
'retval = SCardGetAttrib(hCard, SCARD_ATTR_ICC_PRESENCE, bytRecvAttr, lRecLen)
'If retval <> 0 Then MsgBox "Erreur n. " & CStr(retval)
iosendreq.dwProtocol = activeprotocol
iosendreq.dwPciLength = Len(iosendreq)
iorecvreq.dwProtocol = activeprotocol
iorecvreq.dwPciLength = Len(iorecvreq)
'recherche de file
ReDim APDU(7)
APDU(0) = &H0 'cla 80
APDU(1) = &HA4 'INs B2-read record
APDU(2) = &H4 'P1 1-PREMIER RECORD
APDU(3) = &H0 'P2 5-tous les records
APDU(4) = &H2 'longueur de data
APDU(5) = &H0 'a changer pour trouver ID du DF
APDU(6) = &H0 'a changer pour trouver ID du DF
APDU(7) = &H0 'Le
LenAPDU = (UBound(APDU) + 1)
If APDU(LenAPDU - 1) = 0 Then
ReDim recvbuf(255)
Else
ReDim recvbuf(APDU(LenAPDU - 1) + 2)
End If
recvlen = UBound(recvbuf) + 1
'this is a loop to test the different DFs
For x = 0 To 255
For y = 1 To 255
APDU(5) = x
APDU(6) = y
retval = SCardTransmit(hCard, iosendreq, APDU(0), LenAPDU, iorecvreq, recvbuf(0), recvlen)
If recvbuf(4) > 0 Or recvlen > 2 Then Exit For
Next
Next
Debug.Print Hex(recvbuf(0)) & "-" & Hex(recvbuf(1)) & "-" & Hex(recvbuf(2)) & "-" & Hex(recvbuf(3)) & "-" & Hex(recvbuf(4)) & "-" & Hex(recvbuf(5)) & "-" & Hex(recvbuf(6)) & "-" & Hex(recvbuf(7)) & " " & recvlen & " CLA:" & APDU(0) & " INS:" & APDU(1) & " P1:" & APDU(2) & " P2:" & APDU(3)
If retval <> 0 Then MsgBox "Erreur n. " & CStr(Hex(retval))
retval = SCardDisconnect(hCard, scad_leave_card)
If retval <> 0 Then MsgBox "erreur n. " & CStr(retval)
retval = SCardReleaseContext(hContext)
If retval <> 0 Then MsgBox "erreur n. " & CStr(retval)
End Sub
MIFARE Ultralight 标签不使用 APDU 命令。因此,您不能将任何 APDU 发送到标签本身,并且标签不支持文件的概念 (EF/DF/MF)。相反,PC/SC(非接触式)智能卡 readers 通常提供一组可以发送到 reader 并且 reader 转换为 MIFARE Ultralight 命令的 APDU。这些由 reader 处理的 APDU 命令通常以 class 字节 &HFF.
如果 reader 实施标准 PC/SC 扩展以访问非接触式存储卡,从 Ultralight 标签读取的 reader APDU 将如下所示:
FF B0 00XX 10
^^
\-------- Block number
因此,您的 APDU 将如下所示:
ReDim APDU(5)
APDU(0) = &HFF 'CLA 0xFF = PC/SC READER COMMAND
APDU(1) = &HB0 'INS 0xB0 = READ BINARY
APDU(2) = &H00 'P1 0x00
APDU(3) = &H00 'P2 block number (potentially also in P1 if more than 255)
APDU(4) = &H10 'Le 0x10 = 16 bytes (= 4 blocks) expected, which is the standard read size for the native Ultralight READ command