DESFire authentification decipher

2020-07-27 16:39发布

问题:

I am currently working with DESFire EV1 contactless cards. I am trying to decipher a DES/CBC enciphered random_b with masterkey: "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00".

I am using this code:

byte[] encipheredCodeRandomB = { (byte)0xEA ,(byte)0x18 ,(byte)0xDE ,(byte)0xFF
     ,(byte)0x52 ,(byte)0x0E,(byte)0xCD, (byte) 90};
byte[] masterKeyBytes = "0000000000000000".getBytes();
byte[] ivBytes = "00000000".getBytes();

DESKeySpec desKeySpec = new DESKeySpec(masterKeyBytes);  
SecretKeyFactory desKeyFact = SecretKeyFactory.getInstance("DES");
SecretKey s = desKeyFact.generateSecret(desKeySpec);
aliceCipher = Cipher.getInstance("DES/CBC/NoPadding");
aliceCipher.init(Cipher.DECRYPT_MODE, s, new IvParameterSpec(ivBytes));

byte[] decipheredCodeRandomB = aliceCipher.doFinal(encipheredCodeRandomB);

but this code doesnt decipher correctly. Im getting this invalid result: "4B 9D 5A 91 AE 93 F8 ED" the correct one is: "A4 2F 3E 84 2C 5A 29 68"

回答1:

If your master key bytes are meant to be all zeroes, then this is incorrect:

byte[] masterKeyBytes = "0000000000000000".getBytes();

That will get you the text-encoded form of "0000000000000000" in the platform default encoding - most likely { 0x30, 0x30, 0x30 ... }

Getting an array full of zeroes is simple though:

byte[] masterKeyBytes = new byte[16];

Ditto for the IV (with the appropriate length, of course).

That still doesn't give you the result you're looking for, admittedly... but it is using an "all zeroes" key/IV.