Android NFC API 对 Mifare Desfire 的支持程度如何?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/11523765/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How well does the Android NFC API support Mifare Desfire?
提问by Ollie C
I'm likely to be working on a project where existing Desfire cards (used to access paid services) will be replaced with an NFC-capable mobile device. Can anyone point me to any resources to help me understand what's involved in a) replicating a Desfire card's data onto a mobile device so it can take the place of a card, and b) for the app to deliver NFC data in order to present to the reader as if it were a card. All relevant keys and access will be provided by the card issuer (if the project goes ahead) but I'm keen to understand the process in advance.
我可能正在从事一个项目,现有的 Desfire 卡(用于访问付费服务)将被具有 NFC 功能的移动设备取代。任何人都可以向我指出任何资源来帮助我了解 a) 将 Desfire 卡的数据复制到移动设备上以便它可以代替卡,以及 b) 应用程序提供 NFC 数据以呈现给我读卡器就像一张卡片。所有相关的密钥和访问权限将由发卡机构提供(如果项目继续进行),但我很想提前了解这个过程。
I also need to understand how well the Android NFC API supports Desfire, because as far as I can see it only properly support Classic. http://developer.android.com/reference/android/nfc/tech/package-summary.html
我还需要了解 Android NFC API 对 Desfire 的支持程度,因为据我所知,它只能正确支持 Classic。http://developer.android.com/reference/android/nfc/tech/package-summary.html
回答by NFC guy
MIFARE DESFire is ISO 14443-4 compliant. Support in Android for ISO 14443-4 (and therefore MIFARE DESFire) is done by the IsoDepclass. You can send any DESFire command using the transceive()method of that class.
MIFARE DESFire 符合 ISO 14443-4 标准。Android 中对 ISO 14443-4(以及 MIFARE DESFire)的支持由IsoDep该类完成。您可以使用transceive()该类的方法发送任何 DESFire 命令。
Besides that, DESFire can be configured to be NFC Forum type 4 Tag compliant. In which case Android will read out automatically any NDEF messages from the tag and dispatch it in an intent. So you can make your app start automatically when a specific tag is scanned. (Android can also format a DESFire chip to contain NDEF and write NDEF data to it.)
除此之外,DESFire 可以配置为符合 NFC 论坛类型 4 标签。在这种情况下,Android 会自动从标签中读出任何 NDEF 消息并在一个意图中分派它。因此,您可以在扫描特定标签时使您的应用程序自动启动。(Android 还可以将 DESFire 芯片格式化为包含 NDEF 并将 NDEF 数据写入其中。)
Replacing a DESFire card by a mobile NFC device is another matter. Card emulation on currently available Android devices is done by an embedded Secure Element connected to the NFC chip. An Android app cannot emulate a card (there is also no API for this) and the Secure Element cannot emulate a DESFire chip. Furthermore, there is no open API to access the Secure Element from an app.
用移动 NFC 设备替换 DESFire 卡是另一回事。当前可用的 Android 设备上的卡模拟是由连接到 NFC 芯片的嵌入式安全元件完成的。Android 应用程序无法模拟卡(也没有用于此的 API)并且安全元件无法模拟 DESFire 芯片。此外,没有用于从应用程序访问安全元件的开放 API。
The only way an Android NFC app can communicate via NFC to another device (that is not a card) is using Android Beam. This is, however, a different protocol than that used between card and reader.
Android NFC 应用程序可以通过 NFC 与另一台设备(不是卡)进行通信的唯一方法是使用Android Beam。然而,这是与卡和读卡器之间使用的协议不同的协议。
回答by Lorenzo Dematté
NFC guy answer is excellent, but a bit outdated, so I decided to add an update.
NFC 家伙的回答很好,但有点过时,所以我决定添加更新。
Starting with KitKat (4.4), you can now emulate cards without a secure element.
从 KitKat (4.4) 开始,您现在可以在没有安全元素的情况下模拟卡片。
It is called Host-based Card Emulation (Hce) and with that you can emulate a ISO 14443 type A card.. Like a desfire card.
它被称为基于主机的卡模拟 ( Hce),您可以使用它来模拟 ISO 14443 A 型卡。就像一个 desfire 卡。
There are two small caveats:
有两个小警告:
your reader must issues, just after polling the "card", a ISO SELECT (aid), with a fixed application id (aid) of your choice. This AID must be registered in your app manifest. Android will intercept this ISO SELECT, read the aid, and call you only if it matches with the one in your manifest. Then you can exchange anything, it does not even have to be ISO APDUs (ISO 14443 encapsulation is done by android). So, for example, if you want to, you can even emulate the challenge response authentication of desfire (0xA0 key_num, 0xAF challenge, 0xAF response, 0x00 session_key)
you cannot rely on the UID (but you don't, right? This is a bad practice anyway, so no-one does it... right? :) ) because it is random, and it changes constantly (not inside a single session, of course, but...)
在轮询“卡”之后,您的阅读器必须发出一个 ISO SELECT (aid),带有您选择的固定应用程序 ID (aid)。此 AID 必须在您的应用清单中注册。Android 将拦截此 ISO SELECT,读取帮助信息,并仅在它与您的清单中的匹配时才调用您。然后你可以交换任何东西,它甚至不必是 ISO APDU(ISO 14443 封装是由 android 完成的)。所以,例如,如果你想,你甚至可以模拟desfire的challenge response认证(0xA0 key_num, 0xAF Challenge, 0xAF response, 0x00 session_key)
你不能依赖 UID(但你不依赖,对吗?无论如何这是一个不好的做法,所以没有人这样做......对吗?:))因为它是随机的,并且它不断变化(不在单个内部)会话,当然,但是......)
We are emulating our desfire cards, and the only change we had to do was to switch from our initial desfire select application (0x5A) to a ISO SELECT (0x00 0xA4 0x04).
我们正在模拟我们的 desfire 卡,唯一需要做的改变是从我们最初的 desfire 选择应用程序 (0x5A) 切换到 ISO SELECT (0x00 0xA4 0x04)。
Emulating authentication (the challenge-response thing) can be tricky, but we had already done it "the other way around" (using NFC to read desfire cards), so it was easy for us.
模拟身份验证(质询-响应)可能很棘手,但我们已经“以相反的方式”完成了它(使用 NFC 读取 desfire 卡),因此对我们来说很容易。
And if you rely on the card UID for authentication.. it's a good time to change it :)
如果您依靠卡 UID 进行身份验证......现在是更改它的好时机:)
回答by gaara87
Given your situation, i would say Android SDK is more than sufficient to solve your problem. There are two parts to your case:
鉴于您的情况,我会说 Android SDK 足以解决您的问题。您的案例有两个部分:
- Reading the information from the existing cards.
- Making an app with the information you have read from the cards.
- 从现有卡片中读取信息。
- 使用您从卡片中读取的信息制作应用程序。
Part 1:
第1部分:
Your only worry has to be in reading the DESFire card. If the information in the DESFire card is stored in NDEF format, it makes things even more easy.
您唯一需要担心的是读取 DESFire 卡。如果 DESFire 卡中的信息以 NDEF 格式存储,则事情会变得更加容易。
Ndefis a class in the SDK which can be used to retrieve the information in NdefMessagetype which you can then use to save the retrieved information into your storage facility, be it a local database, or a remote database, or just in the application memory.
Ndef是 SDK 中的一个类,可用于检索NdefMessage类型信息,然后您可以使用该类将检索到的信息保存到您的存储设施中,无论是本地数据库,远程数据库,还是仅在应用程序内存中。
The above is under the assumption the card is not protected. If it is, then you have to use transceivefunction to interact using raw byte communication. This would unlock for the rest of the information to be read. From here you can read the NDEF records.
以上是在卡不受保护的假设下。如果是,那么您必须使用transceive函数来使用原始字节通信进行交互。这将为要读取的其余信息解锁。从这里您可以读取 NDEF 记录。
Part 2: My suggestion is skip the card emulation aspect of it. You are going to hit a wall at some point in time.
第 2 部分:我的建议是跳过它的卡片模拟方面。您将在某个时间点撞墙。
If the device that has been reading the card in the existing solution is attached to an android device, then Android Beam is the way to go. Which is nothing but Android App to Android App communication! Android already does the heavy lifting, so most of your work is going to be easy.
如果将现有方案中已经读卡的设备连接到安卓设备,那么Android Beam 是不二之选。这不过是Android App到Android App的通信!Android 已经完成了繁重的工作,因此您的大部分工作都将变得轻松。
The information on the card can be stored as ndef messages and sent through beam, or you can simply create a custom object and send it through.
卡上的信息可以存储为 ndef 消息并通过光束发送,或者您可以简单地创建一个自定义对象并通过它发送。
回答by mpclark
You may want to look at Mifare4Mobile, the initiative set up to transition from Mifare cards to NFC devices:
您可能需要查看 Mifare4Mobile,该计划旨在从 Mifare 卡过渡到 NFC 设备:
