08_MIFARE_DUOX

Implementation of SAM MIFARE DUOX commands. Has implementation for both X and S mode communication. More...

Collaboration diagram for 08_MIFARE_DUOX:

Modules
	Defines
	Definitions common for MIFARE DESFire S and X mode communication.
	S_Mode
	Implementation of SAM commands used for MIFARE DUOX communication in S-Mode.
	X_Mode
	Implementation of SAM commands used for MIFARE DUOX communication in X-Mode.

Functions
phStatus_t	phhalHw_Sam_Cmd_DUOX_MutualAuthEcc (phhalHw_Sam_DataParams_t *pDataParams, uint8_t bOption, uint8_t *pOptsA, uint8_t bOptsALen, uint8_t bDUOX_P2, uint8_t bECCKeyNo_Priv, uint8_t bCertA_FileNo, uint8_t bCertB_Options, uint8_t bECCKeyNo_CA, uint8_t **ppSamResponse, uint16_t *pSamRespLen, uint8_t *pPiccReturnCode)
	The DUOX_MutualAuthEcc supports the ECC-based Mutual and Reader-Unilateral Authentication in X-Mode. More...
phStatus_t	phhalHw_Sam_Cmd_DUOX_UnilatAuthEcc (phhalHw_Sam_DataParams_t *pDataParams, uint8_t bOption, uint8_t bECC_KeyNo, uint8_t bECC_CurveNo, uint8_t *pPiccReturnCode)
	The DUOX_MutualAuthEcc supports in X-mode the ECC-based Card-Unilateral Authentication as implemented by MIFARE DUOX with the ISOInternalAuthenticate or VDE_ECDSASign command. More...
phStatus_t	phhalHw_Sam_Cmd_DUOX_BindCertificate (phhalHw_Sam_DataParams_t *pDataParams, uint8_t bOption, uint8_t *pMKPParams, uint8_t bMKPParamsLen, uint8_t bECCKeyNo_Priv, uint8_t *pTBSCertificate, uint16_t wTBSCertLen, uint8_t **ppSamResponse, uint16_t *pSamRespLen, uint8_t *pPiccReturnCode)
	The DUOX_BindCertificate supports in X-mode a key pair generation on MIFARE DUOX with ManageKeyPair command, followed by a certificate signing by the SAM. More...
phStatus_t	phhalHw_Sam_Cmd_DUOX_ImportEccKey (phhalHw_Sam_DataParams_t *pDataParams, uint8_t bOption, uint8_t *pMKPParams, uint8_t bMKPParamsLen, uint8_t bECCKeyNo_Priv, uint8_t *pPiccReturnCode)
	The SAM_ImportEccKeyDUOX command supports the procedure to import a private ECC key stored on the SAM into the PICC in S-mode. More...

Detailed Description

Implementation of SAM MIFARE DUOX commands. Has implementation for both X and S mode communication.

Function Documentation

phhalHw_Sam_Cmd_DUOX_MutualAuthEcc()

phStatus_t phhalHw_Sam_Cmd_DUOX_MutualAuthEcc	(	phhalHw_Sam_DataParams_t *	pDataParams,
		uint8_t	bOption,
		uint8_t *	pOptsA,
		uint8_t	bOptsALen,
		uint8_t	bDUOX_P2,
		uint8_t	bECCKeyNo_Priv,
		uint8_t	bCertA_FileNo,
		uint8_t	bCertB_Options,
		uint8_t	bECCKeyNo_CA,
		uint8_t **	ppSamResponse,
		uint16_t *	pSamRespLen,
		uint8_t *	pPiccReturnCode
	)

The DUOX_MutualAuthEcc supports the ECC-based Mutual and Reader-Unilateral Authentication in X-Mode.

The command supports both the flows triggered by ISOGeneralAuthentication and ISOSelectFile as implemented by MIFARE DUOX.

Return values

PH_ERR_SUCCESS	Operation successful.
PH_ERR_SUCCESS_CHAINING	Operation successful, chaining ongoing.
PH_ERR_INVALID_DATA_PARAMS	pDataParams is NULL.
PH_ERR_INVALID_PARAMETER	bOptsA, pSamRespLen and pPiccReturnCode are NULL.
Other	Depending on implementation and underlaying component.

Parameters

[in]	pDataParams	[In] Pointer to this layer's parameter structure.
[in]	bOption	[In] Flow Option to update the P1 information and receive remaining data from SAM. ISOGeneralAuthenticate + ISOGeneralAuthenticate Part2 ISOSelectFile + ISOGeneralAuthenticateFinal Use Receive Remaining Data from SAM. Should not be merged with above option
[in]	pOptsA	[In] PCD Option (TLV). One of the following Tag : 0x80 Length : Length of Value field. Length is either 0x02 or 0x04 Value : One of the following, Auth Method 0x80: Asymmetric mutual authentication with Cert.A 0xA0: Asymmetric mutual authentication without Cert.A 0x40: Asymmetric reader-unilateral authentication with Cert.A 0x60: Asymmetric reader-unilateral authentication without Cert.A ProtocolVersion: One of the following 0x00 : Protocol version as supported by SAM Other: Other protocol version (sent to PICC but ignored by SAM) CertFileNo: Certificate File Number. Present only if AuthMethod has 0x80 or 0xA0 as values. PrivKeyNo: Private Key Number. Present only if AuthMethod has 0x80 or 0xA0 as values.
[in]	bOptsALen	[In] Length of bytes available in pOptsA buffer.
[in]	bDUOX_P2	[In] Mapped to ISOGeneralAuthenticate or ISOGeneral AuthenticateFinal P2. Refer DataSheet for more information
[in]	bECCKeyNo_Priv	[In] ECC key entry holding the private key to be used for signing. Will be 0x00 - 0x0F
[in]	bCertA_FileNo	[In] The file number of the file holding the Cert.A certificate (chain). Present in command frame only if pOptsA has AuthOptions as 0x80 or 0x40
[in]	bCertB_Options	[In] Cert.B processing options. One of the following No Msg.B processing by SAM. Return full Msg.B.Plain Sig.B and (if present) Cert.B certificate (chain) validated by SAM but there is no response from SAM. Sig.B and (if present) Cert.B certificate (chain) validated by SAM and there no response from SAM.
[in]	bECCKeyNo_CA	[In] ECC key entry holding the public key of the targeted CA Root Key for Cert.B validation. Will be 0x00 - 0x0F. Present in command frame only if bOption has one of the following, ASymmetric Mutual Authentication with Certificate.A ASymmetric Reader-Unilateral Authentication with Certificate.A
[out]	ppSamResponse	[Out] Buffer containing the information received from SAM. If AuthMethod = 0x80, 0xA0 CertB_Options = No Msg.B processing by SAM. Return full Msg.B.Plain, Mutual authentication. OptB || Cert.B || Sig.B CertB_Options = Sig.B and (if present) Cert.B certificate (chain) validated by SAM and there no response from SAM, Mutual authentication - SAM validation. OptB || TBSCert.B.parent || TBSCert.B.leaf CertB_Options = Sig.B and (if present) Cert.B certificate (chain) validated by SAM but there is no response from SAM, Mutual authentication - SAM validation - no data returned. OptB If AuthMethod = 0x80, 0xA0, Reader-unilateral authentication. OptB
[out]	pSamRespLen	[Out] Length of bytes available in ppSamResponse buffer.
[out]	pPiccReturnCode	[Out] Status code from PICC, One of the following ISO/IEC 7816-4 status bytes SW1-SW2 (2 byte) No response data, indicating unexpected length returned by PICC

phhalHw_Sam_Cmd_DUOX_UnilatAuthEcc()

phStatus_t phhalHw_Sam_Cmd_DUOX_UnilatAuthEcc	(	phhalHw_Sam_DataParams_t *	pDataParams,
		uint8_t	bOption,
		uint8_t	bECC_KeyNo,
		uint8_t	bECC_CurveNo,
		uint8_t *	pPiccReturnCode
	)

The DUOX_MutualAuthEcc supports in X-mode the ECC-based Card-Unilateral Authentication as implemented by MIFARE DUOX with the ISOInternalAuthenticate or VDE_ECDSASign command.

The actual protocol choice is provided to the SAM via the P1 parameter.

Return values

PH_ERR_SUCCESS	Operation successful.
PH_ERR_INVALID_DATA_PARAMS	pDataParams is NULL.
PH_ERR_INVALID_PARAMETER	pPiccReturnCode is NULL.
Other	Depending on implementation and underlaying component.

Parameters

[in]	pDataParams	[In] Pointer to this layer's parameter structure.
[in]	bOption	[In] Protocol Option to update the P1 information. ISO Internal Authentication VDE_ECDSA Signature generation
[in]	bECC_KeyNo	[In] The key reference number of the ECC key entry to be used for signature verification. NVM Key: 0x00 - 0x7F RAM Key: 0xE0 - 0xE3
[in]	bECC_CurveNo	[In] The curve reference number of the ECC curve entry to be used for signature verification. Will be 0x00 - 0x03
[out]	pPiccReturnCode	[Out] Status code from PICC, One of the following ISO/IEC 7816-4 status bytes SW1-SW2 (2 byte) No response data, indicating unexpected length returned by PICC

phhalHw_Sam_Cmd_DUOX_BindCertificate()

phStatus_t phhalHw_Sam_Cmd_DUOX_BindCertificate	(	phhalHw_Sam_DataParams_t *	pDataParams,
		uint8_t	bOption,
		uint8_t *	pMKPParams,
		uint8_t	bMKPParamsLen,
		uint8_t	bECCKeyNo_Priv,
		uint8_t *	pTBSCertificate,
		uint16_t	wTBSCertLen,
		uint8_t **	ppSamResponse,
		uint16_t *	pSamRespLen,
		uint8_t *	pPiccReturnCode
	)

The DUOX_BindCertificate supports in X-mode a key pair generation on MIFARE DUOX with ManageKeyPair command, followed by a certificate signing by the SAM.

Return values

PH_ERR_SUCCESS	Operation successful.
PH_ERR_SUCCESS_CHAINING	Operation successful with Chaining response.
PH_ERR_INVALID_DATA_PARAMS	pDataParams is NULL.
PH_ERR_INVALID_PARAMETER	pMKPParams and pSamRespLen are NULL.
Other	Depending on implementation and underlaying component.

Parameters

[in]	pDataParams	[In] Pointer to this layer's parameter structure.
[in]	bOption	[In] Configuration for ManageKeyPair command towards MIFARE DUOX. ISO mode selection Command will be sent to PICC using native command set Command will be sent to PICC using ISO/IEC 7816-4APDU Communication mode. To be ORed with above options. CommMode.MAC CommMode.Full Use Receive Remaining Data from SAM. Should not be merged with above option
[in]	pMKPParams	[In] MIFARE DUOX ManageKeyPair Parameters. One of the following KeyNo: Key number of the key to be managed on MIFARE DUOX Option: Targeted action: Generate Key Pair CurveID: Targeted curve on MIFARE DUOX KeyPolicy: Defines allowed crypto operations on MIFARE DUOX WriteAccess: Access right and CommMode for further updates on MIFARE DUOX KUCLimit: Defines the key usage limit of the targeted key on MIFARE DUOX
[in]	bMKPParamsLen	[In] Length of bytes available in pMKPParams buffer.
[in]	bECCKeyNo_Priv	[In] ECC key entry holding the private key to be used for certificate signing in Part 2. Will be 0x00 - 0x0F
[in]	pTBSCertificate	[In] Certificate to be signed
[in]	wTBSCertLen	[In] Length of bytes available in pTBSCertificate buffer.
[out]	ppSamResponse	[Out] Certificate signed by SAM.
[out]	pSamRespLen	[Out] Length of bytes available in ppSamResponse buffer.
[out]	pPiccReturnCode	[Out] Status code from PICC, One of the following Native return code (1 byte) if bOption has Native command ISO/IEC 7816-4 status bytes SW1-SW2 (2 byte) if bOption has ISO/IEC 7816-4 command

phhalHw_Sam_Cmd_DUOX_ImportEccKey()

phStatus_t phhalHw_Sam_Cmd_DUOX_ImportEccKey	(	phhalHw_Sam_DataParams_t *	pDataParams,
		uint8_t	bOption,
		uint8_t *	pMKPParams,
		uint8_t	bMKPParamsLen,
		uint8_t	bECCKeyNo_Priv,
		uint8_t *	pPiccReturnCode
	)

The SAM_ImportEccKeyDUOX command supports the procedure to import a private ECC key stored on the SAM into the PICC in S-mode.

The command generates and returns the cryptogram to be sent to the PICC. For the ManageKeyPair response received from the PICC, regular secure messaging processing with SAM_Remove_SM can be applied

Return values

PH_ERR_SUCCESS	Operation successful.
PH_ERR_INVALID_DATA_PARAMS	pDataParams is NULL.
PH_ERR_INVALID_PARAMETER	pMKPParams and pSamRespLen are NULL.
Other	Depending on implementation and underlaying component.

Parameters

[in]	pDataParams	[In] Pointer to this layer's parameter structure.
[in]	bOption	[In] Configuration for ManageKeyPair command towards MIFARE DUOX. ISO mode selection, Command will be sent to PICC using native command set Command will be sent to PICC using ISO/IEC 7816-4APDU
[in]	pMKPParams	[In] MIFARE DUOX ManageKeyPair Parameters. One of the following KeyNo: Key number of the key to be managed on MIFARE DUOX Option: Targeted action: Import Key Pair CurveID: Targeted curve on MIFARE DUOX KeyPolicy: Defines allowed crypto operations on MIFARE DUOX WriteAccess: Access right and CommMode for further updates on MIFARE DUOX KUCLimit: Defines the key usage limit of the targeted key on MIFARE DUOX
[in]	bMKPParamsLen	[In] Length of bytes available in pMKPParams buffer.
[in]	bECCKeyNo_Priv	[In] ECC key entry holding the private key to be imported in MIFARE DUOX. Will be of 0x00 - 0x0F
[out]	pPiccReturnCode	[Out] Status code from PICC, One of the following Native return code (1 byte) if bOption has Native command ISO/IEC 7816-4 status bytes SW1-SW2 (2 byte) if bOption has ISO/IEC 7816-4 command No response data, indicating unexpected length returned by PICC