I have been digging through DESFire specs and documentation (that which is descriptive and I can find publicly online). It appears that there are a couple of newer Authenticate commands that are at least supported by the DESFire light tag versions (see NXP application note):
CMD_AUTHENTICATE_EV2_FIRST = 0x71, /* See page 32 of AN12343.pdf */
CMD_AUTHENTICATE_EV2_NONFIRST = 0x77, /* See page 32 of AN12343.pdf */
I am trying to use Android's NFC stack built-ins to perform some testing with DESFire tags. I'm not sure if your HCE implementation works this in yet, but there is also some support of ISO7816-4 commands. These are documented near the end of the data sheet I "discovered" in issue #1.
@jekkos One thing you could help me with is to understand where the communication modes for transfer of data get encoded? I cannot seem to find a solid reference for where this assumption is made. Historically, there should be three (plaintext, 2KTDEA, 3KTDEA) and more recently there are AES communication modes in key sizes of 128/192/256. One possibility is to just attach the current communication mode to whatever the most recent Authenticate instruction uses, but that is probably not up to standard, and is somewhat arbitrary. How did you handle this in your HCE emulation?
I have been digging through DESFire specs and documentation (that which is descriptive and I can find publicly online). It appears that there are a couple of newer
Authenticatecommands that are at least supported by the DESFire light tag versions (see NXP application note):I am trying to use Android's NFC stack built-ins to perform some testing with DESFire tags. I'm not sure if your HCE implementation works this in yet, but there is also some support of ISO7816-4 commands. These are documented near the end of the data sheet I "discovered" in issue #1.
@jekkos One thing you could help me with is to understand where the communication modes for transfer of data get encoded? I cannot seem to find a solid reference for where this assumption is made. Historically, there should be three (plaintext, 2KTDEA, 3KTDEA) and more recently there are AES communication modes in key sizes of 128/192/256. One possibility is to just attach the current communication mode to whatever the most recent
Authenticateinstruction uses, but that is probably not up to standard, and is somewhat arbitrary. How did you handle this in your HCE emulation?