Smart Reader Operation NFC Templates Desfire ID
September 3, 2024 at 2:25 AMDesfire ID Template
Description
Use the Desfire ID Template to get the actual ID of an NXP Desfire PICC with Random ID enabled at protocol level. The PICC could be either a Desfire EV0 or a Desfire EV1.
Registers
This Template uses 6 configuration registers:
| Alias | Offset | Name | Description |
|---|---|---|---|
| LKL | 0 |
Lookup List | Set to 70 to use this Template |
| TOF | 1 |
Output Size and Format | See details below |
| LOC | 3 |
Location of Data | Select the Desfire AID |
| AUT | 5 |
Authentication | See details below |
| OPT | 4 |
Options | This register defines the transport protocol and the behaviour of the Reader during the handshaking. |
| PFX | 2 |
Prefix | Template-specific Prefix |
TOF - Output Size and Format
Offset : 1
Size : 2
| Bit | Role | Values |
|---|---|---|
| 7-6 | Invert the ID before transmitting? | 0 : Do not invert ID bytes (order is 040...80)3 : Invert ID bytes (order is 80...04) |
| 5 | RFU | |
| 4 | RFU | |
| 3-0 | Length and Format | 0 : Decimal, 10 digits (truncation on 4-B)1 : Raw (hex), 4 bytes (32 bits)2 : Raw (hex), 8 bytes (64 bits)3 : Raw (hex), 5 bytes (40 bits)4 : Raw (hex), 10 bytes (80 bits)5 : Raw (hex), 7 bytes (56 bits)6 : Raw (hex), 11 bytes (88 bits)7 : RFU8 : Raw (hex), 16 bytes (128 bits)9 : Raw (hex), 20 bytes (160 bits)10 : Raw (hex), 24 bytes (196 bits)11 : Raw (hex), 32 bytes (256 bits)12 : Decimal, 12 digits (truncation on 5-B)13 : Decimal, 13 digits (truncation on 5-B)14 : Decimal, variable length15 : Raw (hex), variable length |
LOC - Location of Data
Offset : 3
Size : 5
Bytes 0-2 : Desfire Application ID (AID)
Remark : Leave empty or set to 000000 to use a plain GET VERSION command.
Byte 3 : Shift Bytes
Leading bytes to suppress.
Byte 4 : Shift Bits
Leading bits to suppress; valid range is 0 to 7.
AUT - Authentication
Offset : 5
Size : 18
Byte 0 : Key and Communication Mode
| Bit | Role | Values |
|---|---|---|
| 7-6 | Communication Mode | 0 : Plain1 : MAC or CMAC2 : RFU3 : Encrypted |
| 5-4 | RFU | |
| 3-0 | Key Index inside the Desfire Application | Valid range is 0 to E |
Byte 1 : Main Parameters
| Bit | Role | Values |
|---|---|---|
| 7-5 | Location of Secret Key | 0 : Key is provided within the Template1 : Internal SAM AV, select key slot and version automatically2 : Internal SAM AV, key slot is specified3 : Internal SAM AV, key slot and version are specified5 : SAM AV in 1st slot, select key slot and version automatically6 : SAM AV in 1st slot, key slot is specified7 : SAM AV in 1st slot, key slot and version are specified |
| 4 | Use SAM for Session | 0 : Get Session Key from the SAM1 : Use the SAM as passthrough |
| 3-0 | Authentication Method | 0 : No authentication1 : Desfire EV0 DES/3DES authentication (Authenticate command)2 : Desfire EV1 DES/3DES authentication (AuthenticateIso command)3 : Desfire EV1 AES authentication (AuthenticateAes command)4 : Desfire EV2 AES authentication (AuthenticateEV2 command)15 : Ask the SAM AV |
Byte 2 : Key slot in the SAM AV
Condition : When one of the two “SAM AV, key slot specified”is selected in Byte 0, Byte 1 specifies the Key slot.
Byte 3 : Key version
Condition : When one of the two “SAM AV, key slot and version specified” options is selected in Byte 0, Byte 2 specifies the Key version.
Bytes 2-17 : Value of DES/3DES or AES Secret Key
Condition : When “Key is provided in the Template” is selected in byte 0, Bytes 1-16 store the actual Key.
OPT - Options
Offset : 4
Size : 1
This register defines the transport protocol and the behaviour of the Reader during the handshaking.
It is also possible for the Reader to add a token to its output, to tell the receiver what kind of credential has been read.
| Bit | Role | Values |
|---|---|---|
| 7 | RFU | |
| 6 | ECP2 Session closing | 0 : Normal Desfire card1 : Apple ECP2 Desfire emulation |
| 5 | Iso 7816 Wrapping | 0 : Use native Desfire command format1 : Use ISO 7816 Wrapping of Desfire commands |
| 4 | Select Application | 0 : Do not send ISO 7816 SelectApplication(Desfire)1 : Send ISO 7816 SelectApplication(Desfire) before processing |
| 3-2 | Position of the Card Type Token | 0 : Before the Prefix1 : After the Prefix, before the Data2 : After the Data (before the Suffix)3 : RFU |
| 1-0 | Add a Card Type Token to the output stream? | 0 : Do not add a Card Type Token1 : Add 70 hex value as Card Type Token2 : Add D char as Card Type Token3 : RFU |
PFX - Prefix
Offset : 2
Size : 8
A Template-specific Prefix, that is added after the Reader’s global Prefix.
Remark : Use \t for a Tab, \n for Enter, \b for Back space, \v for Vertical space.