问题
The procedure of Mifare Classic 1K is
- Polling for tags
- Authenticate those tags
- If authentication succeded then read/write.
I already completed those procedures and also read and write data from specific sectors.
Command for Polling for tags is
new byte[] { (byte) 0xFF, (byte) 0x00, (byte) 0x00,
(byte) 0x00, (byte) 0x04, (byte) 0xD4, (byte) 0x4A,
(byte) 0x01, (byte) 0x00 }
Authentication command is
new byte[] { (byte) 0xFF, (byte) 0x86, (byte) 0x00,
(byte) 0x00, (byte) 0x05, (byte) 0x01,(byte) 0x00, (byte) 0x04,
(byte) 0x60,(byte) 0x00 };
Here "(byte) 0x01" is the Sector 1
And Write on Sector 1, block 5 is
new byte[] { (byte) 0xFF, (byte) 0x00, (byte) 0x00,(byte) 0x00, (byte) 0x15, (byte) 0xD4,
(byte) 0x40,(byte) 0x01, (byte) 0xA0, (byte) 0x05,(byte) 0x01, (byte) 0x02,
(byte) 0x03,(byte) 0x04, (byte) 0x05, (byte) 0x06, (byte) 0x07,(byte) 0x08,
(byte) 0x09,(byte) 0x0A,(byte) 0x0B, (byte) 0x0C, (byte) 0x0D,(byte) 0x0E,
(byte) 0x0F, (byte) 0x10};
Here
(byte) 0x01, (byte) 0x02, (byte) 0x03,(byte) 0x04, (byte) 0x05, (byte) 0x06, (byte) 0x07,(byte) 0x08,(byte) 0x09,(byte) 0x0A,(byte) 0x0B, (byte) 0x0C, (byte) 0x0D,(byte) 0x0E,(byte) 0x0F,(byte) 0x10
is data those are writing on block 5 on Sector 1.
Read From Sector 1 and Block 5 Command is
new byte[] { (byte) 0xFF, (byte) 0x00, (byte) 0x00,
(byte) 0x00, (byte) 0x05, (byte) 0xD4, (byte) 0x40,
(byte) 0x01, (byte) 0x30, (byte) 0x05 };
My Related Complete Code is here...
My Problem is how can I "Lock/make read only" a block from a specific sector?
回答1:
The authentication keys and the access conditions for each sector of a MIFARE card are located in the last block of that sector (the sector trailer). You can update this block with new access conditions and authentication keys using a regular write command.
The sector trailer looks like this:
+-----------------------------+--------------+----+-----------------------------+
| 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 |
+-----------------------------+--------------+----+-----------------------------+
| Key A | Access Bits | GP | Key B |
| (6 bytes) | (3 bytes) | B | (6 bytes) |
+-----------------------------+--------------+----+-----------------------------+
So the access bits are located in byte 6-8 and look like this:
+-------+-------+-------+-------+-------+-------+-------+-------+
| Bit 0 | Bit 1 | Bit 2 | Bit 3 | Bit 4 | Bit 5 | Bit 6 | Bit 7 |
+-------+-------+-------+-------+-------+-------+-------+-------+
Byte 6: | nC2_3 | nC2_2 | nC2_1 | nC2_0 | nC1_3 | nC1_2 | nC1_1 | nC1_0 |
+-------+-------+-------+-------+-------+-------+-------+-------+
Byte 7: | C1_3 | C1_2 | C1_1 | C1_0 | nC3_3 | nC3_2 | nC3_1 | nC3_0 |
+-------+-------+-------+-------+-------+-------+-------+-------+
Byte 8: | C3_3 | C3_2 | C3_1 | C3_0 | C2_3 | C2_2 | C2_1 | C2_0 |
+-------+-------+-------+-------+-------+-------+-------+-------+
Where nCx_y = not Cx_y and "C1_x, C2_x, C3_x" is the access condition for block x:
- C1_3, C2_3, C3_3: sector trailer (block 3 in this sector)
- C1_2, C2_2, C3_2: block 2 in this sector
- C1_1, C2_1, C3_1: block 1 in this sector
- C1_0, C2_0, C3_0: block 0 in this sector
You can find a detailed list of possible access conditions in the MIFARE 1K datasheet: https://www.nxp.com/docs/en/data-sheet/MF1S50YYX_V1.pdf
来源:https://stackoverflow.com/questions/27885861/locking-mechanism-of-mifare-classic-1k