Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Secure session with Mifare Plus 2K fails #13

Open
yldrmali opened this issue Mar 28, 2024 · 0 comments
Open

Secure session with Mifare Plus 2K fails #13

yldrmali opened this issue Mar 28, 2024 · 0 comments

Comments

@yldrmali
Copy link

Reader: HID OMNIKEY 5022
Card: MIFARE Plus 2k "S" (Other)

Issue Description:

I'm using the ExampleWithiClass.cs class to connect to a MIFARE Plus 2k "S" card.
Here's my card diagnostic.
image

After running the console program, I follow these steps for a default card.

Smart Card Readers>PCSC Reader Name: ... > Contactless Card Examples > iClass Examples > Load iClass and Secure Session keys Example

I receive a "Security Error" after choosing Load iClass and Secure Session keys Example. I've tried default keys for EncKey and MacKey (all "FF" or all "00"), but they don't work.
Here' s the SS I've received.
image

I read the OMNIKEY® 5022 SOFTWARE DEVELOPER GUIDE but I've not been able to fix this issue.

Questions:

What are the correct keys/steps for establishing the secure session?

I added my comments in the code snippet as well.

        public class LoadKeyToPcScContainerExample
        {
            private const byte KeyRelatedAccessRight = (byte)SessionAccessKeyType.UserAdminCipherKey;
           // What are the default values for these keys
            private const string EncKey = "";
            private const string MacKey = ""; 
            private void LoadKeyCommand(ISecureChannel session, string description, byte keySlot, LoadKeyCommand.KeyType keyType, LoadKeyCommand.Persistence persistence, LoadKeyCommand.Transmission transmission, LoadKeyCommand.KeyLength keyLength, string key)
           ...
            public void Run(string readerName)
            {
                var reader = new SmartCardReader(readerName);
                var secureChannel = new Readers.SecureSession.SecureChannel(reader);
                try
                {
                    ConsoleWriter.Instance.PrintSplitter();
                    ConsoleWriter.Instance.PrintTask("Establishing SAM Secure Session");

                    if (!IsValidSessionKeyFormat(EncKey) || !IsValidSessionKeyFormat(MacKey))
                        throw new ArgumentException("Secure session key format is incorrect, correct format of session key string is 32 character long hexadecimal string without hex specifier. Example: \"00000000000000000000000000000000\"");
                   // I expect functions here to load cipher key and mac key to reader before establishing session.
                   // This part also confuses me.
                    secureChannel.Establish(EncKey + MacKey, KeyRelatedAccessRight);
                    ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@yldrmali