- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- NXP Tech Blogs
- Home
- :
- RFID / NFC
- :
- TapLinx SDK, TagWriter and TagInfo
- :
- TapLinx DesfireEV2.format() fails with exception Length Error SW2 = 126
TapLinx DesfireEV2.format() fails with exception Length Error SW2 = 126
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
TapLinx DesfireEV2.format() fails with exception Length Error SW2 = 126
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm trying to modify the TapLinx for Android sample app to add the facility to format an EV2 card,.
My app is registered to use the TapLinx (3.1.0) library, built and the vanilla read/write functions of the sample app work as expected.
I understand that prior to using desFireEV2.format() method that you must authenticate with the PICC master key and selected application has to be 0.
My EV2 cards have a non-default AES PICC master key, therefore my code is similar to this:
// Select Application 0
desFireEV2.selectApplication(0);
// Authenticate with the AES PICC MASTER KEY
KeyData aesKeyData = new KeyData();
Key keyDefault = new SecretKeySpec(MY_AES128_KEY, "AES");
aesKeyData.setKey(keyDefault);
desFireEV2.authenticateEV2First(0, aesKeyData, null);
// Format
desFireEV2.format();
The selection of application 0 and AES authentication works, but the format method always fails with the Exception message "Length Error SW2 = 126".
Please can someone enlighten me as to where I'm going wrong.
Thanks.
Florian_Mikulik
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello!
Thanks for reaching out! From what you describe, i can not see any issue, as this is how it should normally work. However, it is possible that the Format command is disabled for. Do you know or can influence the exact configuration of this card?
A length error however usually does point into the direction of a failing authentication. The Format command requires to be sent in MACed communication mode, and if the authentication is for some reason not successful, the MAC cant be calculated.
As a next step i would test the same code but with an intentional wrong key, to check if the Authentication would then properly fail. Another thing to try is to give instead of "null" as third parameter a proper byte array with six bytes of "00" ( 00 00 00 00 00 00 )
Please let us know the outcomes!
regards,
Florian
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Florian,
Thank you for your suggestions.
I know the exact configuration of the EV2 card and can influence it.
TagInfo says:
Application ID 0x000000 (PICC)
Key configuration: (0x0B81)
AES Key
1 AES Key
Key type of active keyset: AES
Master key changeable
Master key required for
- directory list access: no
- create/delete files: yes
Configuration changeable
Master key version: 174
When I test the same code with an intentional wrong key (KEY_AES128-ZEROS), I instead get the exception "Authentication Failed".
When I change the third authenticate parameter, it makes no difference, as format still fails with exception Length Error SW2 = 126
byte[] pCDcap2 = {(byte) 0x00, (byte) 0x00,
(byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00};
desFireEV2.authenticateEV2First(0, aesKeyData, pCDcap2);
I'm also pretty sure that PICC authentication is successful, because when I replace the format method with the original WriteActivity code, this works correctly adding a new application (ID:120000) to the card.
Any other suggestions?
Florian_Mikulik
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Eddy!
Thanks for following the proposed steps! Indeed, there seems to be something wrong possibly inside TapLinx. I have reported this internally to our R&D and will come back as soon as i get some news!
Thanks for staying patient!
regards,
Florian
Florian_Mikulik
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Eddy,
we have checked your issue, but are unable to reproduce on a fresh card. What we did:
mIDESFireEV2.selectApplication(0);
mIDESFireEV2.authenticateEV2First(0, DESFireKeys.aesKeyDataDefault, null);
mIDESFireEV2.format();
basically, this is using a fresh card and runs the format command, no issue can be observed.
As the error reported is 126, this indicates a length error, it seems that the phone is transmitting the command wrongly. Do you have the possibility to provide an APDU log, meaning what data is sent between the card and the phone via NFC?
And: Do you have a possibility to verify with a fresh card without any settings made? It is possible to deactivate the format command on MIFARE DESFire EV2, in which case the card would reply with only one byte error code, and not with the expected 1 byte success code + 8 byte CMAC. So pleas verify that Format is allowed on the card you are using.
Br,
Florian
