Class: MIFARE::DESFire
Defined Under Namespace
Classes: CARD_VERSION, FILE_PERMISSION, FILE_SETTING, KEY_SETTING
Constant Summary collapse
- CMD_DES_AUTH =
Security Related Commands
0x1A
- CMD_AES_AUTH =
Authenticate with DES, 2K3DES, 3K3DES key
0xAA
- CMD_GET_KEY_SETTING =
Authenticate with AES-128 key
0x45
- CMD_CHANGE_KEY_SETTING =
Gets information on the PICC and application master key settings. In addition it returns the maximum number of keys which can be stored within the selected application.
0x54
- CMD_GET_KEY_VERSION =
Changes the master key settings on PICC and application level.
0x64
- CMD_CHANGE_KEY =
Reads out the current key version of any key stored on the PICC.
0xC4
- CMD_SET_CONFIGURATION =
Changes any key stored on the PICC.
0x5C
- CMD_CREATE_APP =
PICC Level Commands
0xCA
- CMD_DELETE_APP =
Creates new applications on the PICC.
0xDA
- CMD_GET_APP_IDS =
Permanently deactivates applications on the PICC.
0x6A
- CMD_SELECT_APP =
Returns the Application IDentifiers of all applications on a PICC.
0x5A
- CMD_FREE_MEMORY =
Selects one specific application for further access.
0x6E
- CMD_GET_DF_NAMES =
Returns the free memory available on the card
0x6D
- CMD_GET_CARD_VERSION =
Returns the DF names
0x60
- CMD_FORMAT_CARD =
Returns manufacturing related data of the PICC.
0xFC
- CMD_GET_CARD_UID =
Releases the PICC user memory.
0x51
- CMD_GET_FILE_IDS =
Application Level Commands
0x6F
- CMD_GET_FILE_SETTING =
Returns the File IDentifiers of all active files within the currently selected application.
0xF5
- CMD_CHANGE_FILE_SETTING =
Get information on the properties of a specific file.
0x5F
- CMD_CREATE_STD_DATA_FILE =
Changes the access parameters of an existing file.
0xCD
- CMD_CREATE_BACKUP_DATA_FILE =
Creates files for the storage of plain unformatted user data within an existing application on the PICC.
0xCB
- CMD_CREATE_VALUE_FILE =
Creates files for the storage of plain unformatted user data within an existing application on the PICC, additionally supporting the feature of an integrated backup mechanism.
0xCC
- CMD_CREATE_LINEAR_RECORD_FILE =
Creates files for the storage and manipulation of 32bit signed integer values within an existing application on the PICC.
0xC1
- CMD_CREATE_CYCLIC_RECORD_FILE =
Creates files for multiple storage of structural similar data, for example for loyalty programs, within an existing application on the PICC. Once the file is filled completely with data records, further writing to the file is not possible unless it is cleared.
0xC0
- CMD_DELETE_FILE =
Creates files for multiple storage of structural similar data within an existing application on the PICC. Once the file is filled completely with data records, the PICC automatically overwrites the oldest record with the latest written one.
0xDF
- CMD_READ_DATA =
Data Manipulation Commands
0xBD
- CMD_WRITE_DATA =
Reads data from Standard Data Files or Backup Data Files.
0x3D
- CMD_GET_VALUE =
Writes data to Standard Data Files or Backup Data Files.
0x6C
- CMD_CREDIT =
Reads the currently stored value from Value Files.
0x0C
- CMD_DEBIT =
Increases a value stored in a Value File.
0xDC
- CMD_LIMITED_CREDIT =
Decreases a value stored in a Value File.
0x1C
- CMD_WRITE_RECORD =
Allows a limited increase of a value stored in a Value File without having full Credit permissions to the file.
0x3B
- CMD_READ_RECORDS =
Writes data to a record in a Cyclic or Linear Record File.
0xBB
- CMD_CLEAR_RECORD_FILE =
Reads out a set of complete records from a Cyclic or Linear Record File.
0xEB
- CMD_COMMIT_TRANSACTION =
Resets a Cyclic or Linear Record File to empty state.
0xC7
- CMD_ABORT_TRANSACTION =
Validates all previous write access’ on Backup Data Files, Value Files and Record Files within one application.
0xA7
- ST_SUCCESS =
Status code returned by DESFire
0x00
- ST_NO_CHANGES =
0x0C
- ST_OUT_OF_MEMORY =
0x0E
- ST_ILLEGAL_COMMAND =
0x1C
- ST_INTEGRITY_ERROR =
0x1E
- ST_KEY_NOT_EXIST =
0x40
- ST_WRONG_COMMAND_LEN =
0x7E
- ST_PERMISSION_DENIED =
0x9D
- ST_INCORRECT_PARAM =
0x9E
- ST_APP_NOT_FOUND =
0xA0
- ST_APPL_INTEGRITY_ERROR =
0xA1
- ST_AUTHENTICATION_ERROR =
0xAE
- ST_ADDITIONAL_FRAME =
0xAF
- ST_BOUNDARY_ERROR =
0xBE
- ST_PICC_INTEGRITY_ERROR =
0xC1
- ST_COMMAND_ABORTED =
0xCA
- ST_PICC_DISABLED_ERROR =
0xCD
- ST_COUNT_ERROR =
0xCE
- ST_DUPLICATE_ERROR =
0xDE
- ST_EEPROM_ERROR =
0xEE
- ST_FILE_NOT_FOUND =
0xF0
- ST_FILE_INTEGRITY_ERROR =
0xF1
- KEY_TYPE =
{'des-ede-cbc' => 0x00, 'des-ede3-cbc' => 0x40, 'aes-128-cbc' => 0x80}
- FILE_TYPE =
{ std_data_file: 0x00, backup_data_file: 0x01, value_file: 0x02, linear_record_file: 0x03, cyclic_record_file: 0x04 }
- FILE_COMMUNICATION =
{plain: 0x00, mac: 0x01, encrypt: 0x03}
Constants inherited from PICC
PICC::CMD_ADDITIONAL_FRAME, PICC::CMD_DESELECT, PICC::CMD_PPS, PICC::CMD_RATS, PICC::FSCI_to_FSC
Instance Attribute Summary collapse
-
#selected_app ⇒ Object
readonly
Returns the value of attribute selected_app.
Attributes inherited from PICC
Instance Method Summary collapse
- #abort_transaction ⇒ Object
- #app_exist?(id) ⇒ Boolean
- #auth(key_number, auth_key) ⇒ Object
- #authed? ⇒ Boolean
- #change_file_setting(id, file_setting) ⇒ Object
- #change_key(key_number, new_key, curr_key = nil) ⇒ Object
- #change_key_setting(key_setting) ⇒ Object
- #clear_record(id) ⇒ Object
- #commit_transaction ⇒ Object
- #create_app(id, key_setting, key_count, cipher_suite) ⇒ Object
- #create_file(id, file_setting) ⇒ Object
- #credit_value(id, delta) ⇒ Object
- #debit_value(id, delta) ⇒ Object
- #delete_app(id) ⇒ Object
- #delete_file(id) ⇒ Object
- #deselect ⇒ Object
- #file_exist?(id) ⇒ Boolean
- #format_card ⇒ Object
- #get_app_ids ⇒ Object
- #get_card_uid ⇒ Object
- #get_card_version ⇒ Object
- #get_df_names ⇒ Object
- #get_file_ids ⇒ Object
- #get_file_setting(id) ⇒ Object
- #get_free_memory ⇒ Object
- #get_key_setting ⇒ Object
- #get_key_version(key_number) ⇒ Object
-
#initialize(pcd, uid, sak) ⇒ DESFire
constructor
A new instance of DESFire.
- #limited_credit_value(id, delta) ⇒ Object
- #read_data(id, offset, length) ⇒ Object
- #read_file(id, cmd, data, length) ⇒ Object
- #read_records(id, offset, length) ⇒ Object
- #read_value(id) ⇒ Object
- #select ⇒ Object
- #select_app(id) ⇒ Object
- #set_ats(ats) ⇒ Object
- #set_configuration_byte(disable_format, enable_random_uid) ⇒ Object
- #set_default_key(key) ⇒ Object
- #transceive(cmd:, plain_data: [], data: [], tx: nil, rx: nil, expect: nil, return_data: nil, receive_length: nil, encrypt_padding: nil) ⇒ Object
- #write_data(id, offset, data) ⇒ Object
- #write_file(id, cmd, plain_data, data) ⇒ Object
- #write_record(id, offset, data) ⇒ Object
Methods inherited from PICC
#halt, identify_model, #iso_deselect, #iso_select, #iso_transceive, #picc_transceive, #restart_communication
Constructor Details
#initialize(pcd, uid, sak) ⇒ DESFire
Returns a new instance of DESFire.
166 167 168 169 170 |
# File 'lib/mifare/des_fire.rb', line 166 def initialize(pcd, uid, sak) super invalid_auth @selected_app = false end |
Instance Attribute Details
#selected_app ⇒ Object (readonly)
Returns the value of attribute selected_app.
164 165 166 |
# File 'lib/mifare/des_fire.rb', line 164 def selected_app @selected_app end |
Instance Method Details
#abort_transaction ⇒ Object
620 621 622 |
# File 'lib/mifare/des_fire.rb', line 620 def abort_transaction transceive(cmd: CMD_ABORT_TRANSACTION) end |
#app_exist?(id) ⇒ Boolean
326 327 328 |
# File 'lib/mifare/des_fire.rb', line 326 def app_exist?(id) get_app_ids.include?(id) end |
#auth(key_number, auth_key) ⇒ Object
264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 |
# File 'lib/mifare/des_fire.rb', line 264 def auth(key_number, auth_key) cmd = (auth_key.type == :des) ? CMD_DES_AUTH : CMD_AES_AUTH rand_size = (auth_key.cipher_suite == 'des-ede-cbc') ? 8 : 16 auth_key.clear_iv auth_key.padding_mode(1) # Ask for authentication received_data = transceive(cmd: cmd, data: key_number, expect: ST_ADDITIONAL_FRAME, tx: :none, rx: :none) # Receive challenge from DESFire challenge = auth_key.decrypt(received_data, data_length: rand_size) challenge_rot = challenge.rotate # Generate random number and encrypt it with rotated challenge random_number = SecureRandom.random_bytes(rand_size).bytes response = auth_key.encrypt(random_number + challenge_rot) # Send challenge response received_data = transceive(cmd: CMD_ADDITIONAL_FRAME, data: response, tx: :none, rx: :none) # Check if verification matches rotated random_number verification = auth_key.decrypt(received_data, data_length: rand_size) if random_number.rotate != verification halt @authed = false raise ReceiptIntegrityError, 'Authentication Failed' end # Generate session key from generated random number(RndA) and challenge(RndB) session_key = random_number[0..3] + challenge[0..3] if auth_key.key_size > 8 if auth_key.cipher_suite == 'des-ede-cbc' session_key.concat(random_number[4..7] + challenge[4..7]) elsif auth_key.cipher_suite == 'des-ede3-cbc' session_key.concat(random_number[6..9] + challenge[6..9]) session_key.concat(random_number[12..15] + challenge[12..15]) elsif auth_key.cipher_suite == 'aes-128-cbc' session_key.concat(random_number[12..15] + challenge[12..15]) end end @session_key = Key.new(auth_key.type, session_key) @session_key.generate_cmac_subkeys @authed = key_number authed? end |
#authed? ⇒ Boolean
172 173 174 |
# File 'lib/mifare/des_fire.rb', line 172 def authed? @authed.is_a? Numeric end |
#change_file_setting(id, file_setting) ⇒ Object
499 500 501 502 503 504 505 |
# File 'lib/mifare/des_fire.rb', line 499 def change_file_setting(id, file_setting) buffer = [] buffer.append_uint(FILE_COMMUNICATION.fetch(file_setting.communication), 1) buffer.append_uint(file_setting..export, 2) transceive(cmd: CMD_CHANGE_FILE_SETTING, plain_data: id, data: buffer, tx: :encrypt) end |
#change_key(key_number, new_key, curr_key = nil) ⇒ Object
415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 |
# File 'lib/mifare/des_fire.rb', line 415 def change_key(key_number, new_key, curr_key = nil) raise UnauthenticatedError unless @authed raise UsageError, 'Invalid key number' if key_number > 13 cryptogram = new_key.key same_key = (key_number == @authed) # Only Master Key can change its key type key_number |= KEY_TYPE.fetch(new_key.cipher_suite) if @selected_app == 0 # XOR new key if we're using different one unless same_key cryptogram = cryptogram.xor(curr_key.key) end # AES stores key version separately if new_key.type == :aes cryptogram.append_uint(new_key.version, 1) end cryptogram.append_uint(crc32([CMD_CHANGE_KEY, key_number], cryptogram), 4) unless same_key cryptogram.append_uint(crc32(new_key.key), 4) end # Encrypt cryptogram @session_key.padding_mode(1) buffer = [key_number] + @session_key.encrypt(cryptogram) transceive(cmd: CMD_CHANGE_KEY, data: buffer, tx: :none, rx: :mac) # Change current used key will revoke authentication invalid_auth if same_key end |
#change_key_setting(key_setting) ⇒ Object
460 461 462 463 464 |
# File 'lib/mifare/des_fire.rb', line 460 def change_key_setting(key_setting) raise UnauthenticatedError unless @authed transceive(cmd: CMD_CHANGE_KEY_SETTING, data: key_setting.export, tx: :encrypt, rx: :mac) end |
#clear_record(id) ⇒ Object
612 613 614 |
# File 'lib/mifare/des_fire.rb', line 612 def clear_record(id) transceive(cmd: CMD_CLEAR_RECORD_FILE, data: id) end |
#commit_transaction ⇒ Object
616 617 618 |
# File 'lib/mifare/des_fire.rb', line 616 def commit_transaction transceive(cmd: CMD_COMMIT_TRANSACTION) end |
#create_app(id, key_setting, key_count, cipher_suite) ⇒ Object
337 338 339 340 341 342 343 344 |
# File 'lib/mifare/des_fire.rb', line 337 def create_app(id, key_setting, key_count, cipher_suite) raise UnauthenticatedError unless @authed raise UsageError, 'An application can only hold up to 14 keys.' if key_count > 14 buffer = convert_app_id(id) + [key_setting.export, KEY_TYPE.fetch(cipher_suite) | key_count] transceive(cmd: CMD_CREATE_APP, data: buffer, rx: :mac) end |
#create_file(id, file_setting) ⇒ Object
507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 |
# File 'lib/mifare/des_fire.rb', line 507 def create_file(id, file_setting) buffer = [id] buffer.append_uint(FILE_COMMUNICATION.fetch(file_setting.communication), 1) buffer.append_uint(file_setting..export, 2) case file_setting.type when :std_data_file, :backup_data_file buffer.append_uint(file_setting.size, 3) # PICC will allocate n * 32 bytes memory internally when :value_file buffer.append_sint(file_setting.lower_limit, 4) buffer.append_sint(file_setting.upper_limit, 4) buffer.append_sint(file_setting.limited_credit_value, 4) buffer.append_uint(file_setting.limited_credit, 1) when :linear_record_file, :cyclic_record_file buffer.append_uint(file_setting.record_size, 3) buffer.append_uint(file_setting.max_record_number, 3) end cmd = self.class.const_get("CMD_CREATE_#{file_setting.type.to_s.upcase}") transceive(cmd: cmd, data: buffer) end |
#credit_value(id, delta) ⇒ Object
567 568 569 570 571 572 573 574 |
# File 'lib/mifare/des_fire.rb', line 567 def credit_value(id, delta) raise UsageError, 'Negative number is not allowed.' if delta < 0 buffer = [] buffer.append_sint(delta, 4) write_file(id, CMD_CREDIT, id, buffer) end |
#debit_value(id, delta) ⇒ Object
576 577 578 579 580 581 582 583 |
# File 'lib/mifare/des_fire.rb', line 576 def debit_value(id, delta) raise UsageError, 'Negative number is not allowed.' if delta < 0 buffer = [] buffer.append_sint(delta, 4) write_file(id, CMD_DEBIT, id, buffer) end |
#delete_app(id) ⇒ Object
346 347 348 349 350 |
# File 'lib/mifare/des_fire.rb', line 346 def delete_app(id) raise UnauthenticatedError unless @authed transceive(cmd: CMD_DELETE_APP, data: convert_app_id(id)) end |
#delete_file(id) ⇒ Object
530 531 532 |
# File 'lib/mifare/des_fire.rb', line 530 def delete_file(id) transceive(cmd: CMD_DELETE_FILE, data: id) end |
#deselect ⇒ Object
180 181 182 183 |
# File 'lib/mifare/des_fire.rb', line 180 def deselect invalid_auth iso_deselect end |
#file_exist?(id) ⇒ Boolean
470 471 472 |
# File 'lib/mifare/des_fire.rb', line 470 def file_exist?(id) get_file_ids.include?(id) end |
#format_card ⇒ Object
378 379 380 381 382 |
# File 'lib/mifare/des_fire.rb', line 378 def format_card raise UnauthenticatedError unless @authed transceive(cmd: CMD_FORMAT_CARD) end |
#get_app_ids ⇒ Object
315 316 317 318 319 320 321 322 323 324 |
# File 'lib/mifare/des_fire.rb', line 315 def get_app_ids ids = transceive(cmd: CMD_GET_APP_IDS, rx: :mac) return ids if ids.empty? ids = ids.each_slice(3).to_a ids.map do |id| id.to_uint end end |
#get_card_uid ⇒ Object
372 373 374 375 376 |
# File 'lib/mifare/des_fire.rb', line 372 def get_card_uid raise UnauthenticatedError unless @authed transceive(cmd: CMD_GET_CARD_UID, rx: :encrypt, receive_length: 7) end |
#get_card_version ⇒ Object
352 353 354 355 356 357 358 359 360 |
# File 'lib/mifare/des_fire.rb', line 352 def get_card_version version = transceive(cmd: CMD_GET_CARD_VERSION) CARD_VERSION.new( version[0], version[1], version[2], version[3], version[4], 1 << (version[5] / 2), version[6], version[7], version[8], version[9], version[10], version[11], 1 << (version[12] / 2), version[13], version[14..20], version[21..25], version[26].to_s(16).to_i, 2000 + version[27].to_s(16).to_i ) end |
#get_df_names ⇒ Object
366 367 368 369 370 |
# File 'lib/mifare/des_fire.rb', line 366 def get_df_names raise UsageError, 'App 0 should be selected before calling' unless @selected_app == 0 transceive(cmd: CMD_GET_DF_NAMES) end |
#get_file_ids ⇒ Object
466 467 468 |
# File 'lib/mifare/des_fire.rb', line 466 def get_file_ids transceive(cmd: CMD_GET_FILE_IDS) end |
#get_file_setting(id) ⇒ Object
474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 |
# File 'lib/mifare/des_fire.rb', line 474 def get_file_setting(id) received_data = transceive(cmd: CMD_GET_FILE_SETTING, data: id) file_setting = FILE_SETTING.new file_setting.type = FILE_TYPE.key(received_data.shift) file_setting.communication = FILE_COMMUNICATION.key(received_data.shift) file_setting. = FILE_PERMISSION.import(received_data.shift(2).to_uint) case file_setting.type when :std_data_file, :backup_data_file file_setting.size = received_data.shift(3).to_uint when :value_file file_setting.lower_limit = received_data.shift(4).to_uint file_setting.upper_limit = received_data.shift(4).to_uint file_setting.limited_credit_value = received_data.shift(4).to_uint file_setting.limited_credit = received_data.shift & 0x01 when :linear_record_file, :cyclic_record_file file_setting.record_size = received_data.shift(3).to_uint file_setting.max_record_number = received_data.shift(3).to_uint file_setting.current_record_number = received_data.shift(3).to_uint end file_setting end |
#get_free_memory ⇒ Object
362 363 364 |
# File 'lib/mifare/des_fire.rb', line 362 def get_free_memory transceive(cmd: CMD_FREE_MEMORY) end |
#get_key_setting ⇒ Object
452 453 454 455 456 457 458 |
# File 'lib/mifare/des_fire.rb', line 452 def get_key_setting received_data = transceive(cmd: CMD_GET_KEY_SETTING) { key_setting: KEY_SETTING.import(received_data[0]), key_count: received_data[1] & 0x0F, key_type: KEY_TYPE.key(received_data[1] & 0xF0) } end |
#get_key_version(key_number) ⇒ Object
409 410 411 412 413 |
# File 'lib/mifare/des_fire.rb', line 409 def get_key_version(key_number) received_data = transceive(cmd: CMD_GET_KEY_VERSION, data: key_number, rx: :mac) received_data[0] end |
#limited_credit_value(id, delta) ⇒ Object
585 586 587 588 589 590 591 592 |
# File 'lib/mifare/des_fire.rb', line 585 def limited_credit_value(id, delta) raise UsageError, 'Negative number is not allowed.' if delta < 0 buffer = [] buffer.append_sint(delta, 4) write_file(id, CMD_LIMITED_CREDIT, id, buffer) end |
#read_data(id, offset, length) ⇒ Object
545 546 547 548 549 550 551 552 |
# File 'lib/mifare/des_fire.rb', line 545 def read_data(id, offset, length) buffer = [] buffer.append_uint(id, 1) buffer.append_uint(offset, 3) buffer.append_uint(length, 3) read_file(id, CMD_READ_DATA, buffer, length) end |
#read_file(id, cmd, data, length) ⇒ Object
534 535 536 537 538 |
# File 'lib/mifare/des_fire.rb', line 534 def read_file(id, cmd, data, length) file_setting = get_file_setting(id) length *= file_setting.record_size if file_setting.record_size transceive(cmd: cmd, data: data, rx: file_setting.communication, receive_length: length) end |
#read_records(id, offset, length) ⇒ Object
594 595 596 597 598 599 600 601 |
# File 'lib/mifare/des_fire.rb', line 594 def read_records(id, offset, length) buffer = [] buffer.append_uint(id, 1) buffer.append_uint(offset, 3) buffer.append_uint(length, 3) read_file(id, CMD_READ_RECORDS, buffer, length) end |
#read_value(id) ⇒ Object
563 564 565 |
# File 'lib/mifare/des_fire.rb', line 563 def read_value(id) read_file(id, CMD_GET_VALUE, id, 4).to_sint end |
#select ⇒ Object
176 177 178 |
# File 'lib/mifare/des_fire.rb', line 176 def select iso_select end |
#select_app(id) ⇒ Object
330 331 332 333 334 335 |
# File 'lib/mifare/des_fire.rb', line 330 def select_app(id) transceive(cmd: CMD_SELECT_APP, data: convert_app_id(id)) invalid_auth @selected_app = id end |
#set_ats(ats) ⇒ Object
403 404 405 406 407 |
# File 'lib/mifare/des_fire.rb', line 403 def set_ats(ats) raise UnauthenticatedError unless @authed transceive(cmd: CMD_SET_CONFIGURATION, plain_data: 0x02, data: ats, tx: :encrypt, encrypt_padding: 2) end |
#set_configuration_byte(disable_format, enable_random_uid) ⇒ Object
384 385 386 387 388 389 390 391 392 |
# File 'lib/mifare/des_fire.rb', line 384 def set_configuration_byte(disable_format, enable_random_uid) raise UnauthenticatedError unless @authed flag = 0 flag |= 0x01 if disable_format flag |= 0x02 if enable_random_uid transceive(cmd: CMD_SET_CONFIGURATION, plain_data: 0x00, data: [flag], tx: :encrypt) end |
#set_default_key(key) ⇒ Object
394 395 396 397 398 399 400 401 |
# File 'lib/mifare/des_fire.rb', line 394 def set_default_key(key) raise UnauthenticatedError unless @authed buffer = key.key buffer.append_uint(key.version, 1) transceive(cmd: CMD_SET_CONFIGURATION, plain_data: 0x01, data: buffer, tx: :encrypt) end |
#transceive(cmd:, plain_data: [], data: [], tx: nil, rx: nil, expect: nil, return_data: nil, receive_length: nil, encrypt_padding: nil) ⇒ Object
185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 |
# File 'lib/mifare/des_fire.rb', line 185 def transceive(cmd: , plain_data: [], data: [], tx: nil, rx: nil, expect: nil, return_data: nil, receive_length: nil, encrypt_padding: nil) # Session key is needed for encryption if (tx == :encrypt || rx == :encrypt) && !@authed raise UnauthenticatedError end # Separate objects and be compatable with single byte input plain_data = plain_data.is_a?(Array) ? plain_data.dup : [plain_data] data = data.is_a?(Array) ? data.dup : [data] buffer = [cmd] + plain_data if @authed @session_key.padding_mode(encrypt_padding || 1) end if tx == :encrypt # Calculate CRC on whole frame data.append_uint(crc32(buffer, data), 4) # Encrypt data only data = @session_key.encrypt(data) end buffer.concat(data) if tx != :encrypt && tx != :none && cmd != CMD_ADDITIONAL_FRAME && @authed cmac = @session_key.calculate_cmac(buffer) # Only first 8 bytes of CMAC are transmitted buffer.concat(cmac[0..7]) if tx == :mac end received_data = [] card_status = nil loop do receive_buffer = iso_transceive(buffer.shift(@max_inf_size)) card_status = receive_buffer.shift received_data.concat(receive_buffer) break if card_status != ST_ADDITIONAL_FRAME || (buffer.empty? && expect == ST_ADDITIONAL_FRAME) buffer.unshift(CMD_ADDITIONAL_FRAME) end error_msg = check_status_code(card_status) unless error_msg.empty? invalid_auth raise ReceiptStatusError, "0x#{card_status.to_bytehex} - #{error_msg}" end if expect && expect != card_status raise UnexpectedDataError, 'Card status does not match expected value' end if rx == :encrypt if receive_length.nil? raise UsageError, 'Lack of receive length for removing padding' end @session_key.padding_mode((receive_length > 0) ? 1 : 2) receive_length += 4 # CRC32 received_data = @session_key.decrypt(received_data, data_length: receive_length) received_crc = received_data.pop(4).to_uint crc = crc32(received_data, card_status) if crc != received_crc raise ReceiptIntegrityError end elsif rx != :none && @authed && received_data.size >= 8 && card_status == ST_SUCCESS received_cmac = received_data.pop(8) cmac = @session_key.calculate_cmac(received_data + [card_status]) # Only first 8 bytes of CMAC are transmitted if rx == :mac && cmac[0..7] != received_cmac raise ReceiptIntegrityError end end received_data end |
#write_data(id, offset, data) ⇒ Object
554 555 556 557 558 559 560 561 |
# File 'lib/mifare/des_fire.rb', line 554 def write_data(id, offset, data) buffer = [] buffer.append_uint(id, 1) buffer.append_uint(offset, 3) buffer.append_uint(data.size, 3) write_file(id, CMD_WRITE_DATA, buffer, data) end |
#write_file(id, cmd, plain_data, data) ⇒ Object
540 541 542 543 |
# File 'lib/mifare/des_fire.rb', line 540 def write_file(id, cmd, plain_data, data) file_setting = get_file_setting(id) transceive(cmd: cmd, plain_data: plain_data, data: data, tx: file_setting.communication) end |
#write_record(id, offset, data) ⇒ Object
603 604 605 606 607 608 609 610 |
# File 'lib/mifare/des_fire.rb', line 603 def write_record(id, offset, data) buffer = [] buffer.append_uint(id, 1) buffer.append_uint(offset, 3) buffer.append_uint(data.size, 3) write_file(id, CMD_WRITE_RECORD, buffer, data) end |