PCSC Operation APDU Interpreter Standard instructions GENERAL AUTHENTICATE
April 13, 2023 at 2:39 AMGENERAL AUTHENTICATE instruction
This command asks the SpringCore device to initiate a secure transaction with a contactless card (PICC).
Supported cards are Mifare Classic, Desfire, Mifare Plus, and Mifare UltraLight C.
The authentication key must have been loaded earlier using the LOAD KEY instruction.
Command format
| Field | Value | Remark |
|---|---|---|
| CLA | FF |
|
| INS | 86 |
|
| P1 | Key Structure | See table below |
| P2 | Key Index | See details below |
| Lc | Length of DataIn | 1, 2, 4, 5 or more (only the 5-B form and for Mifare Classic is described in the PC/SC standard) |
| DataIn | Authentication Data or Authentication Data || Diversifier Input |
See details below |
| Le | - |
Key Structure (P1)
| Bit | Values |
|---|---|
| 7-6 | Must be 00 |
| 5 | 0 : the key comes from the volatile memory1 : the key comes from the SAM AV |
| 4-0 | Must be 00000 |
Key Index (P2)
Volatile memory
The device has 32 volatile key slots numbered 00 to 1F. The slots are emptied when the device is reset.
SAM AV
The SAM AV may store up to 128 keys, with some restrictions detailed in SAM AV : Key mapping.
Keys numbered 20 to 2F are valid for Mifare Classic operation.
Keys numbered 30 to 3F and 40 to 7F are valid for operation with other PICC technologies.
Keys numbered 00 to 1F shall not be used with this instruction.
Authentication Data
The length and the understanding of DataIn (Authentication Data) depends on the type of card the authentication is to be performed on.
Mifare Classic
For Mifare Classic authentication (including Mifare Plus in security level 1), the DataIn field contains the following bytes:
(only this form is described in the PC/SC standard)
| Byte | Value / Field | Remark |
|---|---|---|
| 0 | 01 |
Constant version = 1.0 |
| 1-2 | Address | Block number to get authenticated on (MSB-first) |
| 3 | Auth. mode | 60 : key A authentication61 : key B authentication |
| 4 | RFU | Must be 00 |
Response
| Field | Value | Remark |
|---|---|---|
| SW | 9000 on success |
See specific error codes below; other values are documented in Status Words |
Specific error codes
| SW | Reason |
|---|---|
6300 |
General error |
6382 |
Security status not satisfied - A host/device authentication must be performed first |
6383 |
Authentication with the PICC failed |
6384 |
The selected key is not valid for this type of PICC |
6386 |
The type of key is not supported |
6388 |
Key index is not valid The selected key is not valid for this PICC |
6389 |
Key length is not valid The selected key is not valid for this PICC |
6581 |
The key addressed by P1-P2 does not exist |