11

I'm looking for a way to send the unlock sequence from an Android phone to a Mifare tag from the Chinese manufacturer that makes the ones with a writable block 0.

I've been trying the connect + transceive methods, sending the 50 00 + 40 + 43 byte sequences. But that won't work.

I've tried the private transceive function (to get around error checking), but that won't work either. I get errors from the nfc service.

Has anyone successfully been able to send the unlock sequence to unlock block0?

4ZM
  • 1,333
  • 1
  • 10
  • 20
  • 4
    I don't understand why this question was closed. – 4ZM Feb 22 '13 at 15:54
  • I voted to reopen, but you might want to consider adding some of your code, or exactly what errors you're receiving. The specific type of Mifare tag would help, too. – Geobits Feb 22 '13 at 16:57
  • 3
    I think the comment from https://developer.android.com/reference/android/nfc/tech/NfcA.html#transceive(byte[]) about "full bytes" is relevant here, as in libnfc the unlock command is sent in bits (7 bits, to be precise) and this is not possible with the public API of Android. I'm looking for the same thing, maybe there's a possibility to bypass something and make use of internal/private interfaces. – Martin Paljak Mar 01 '13 at 15:47
  • I'll do some more reflection-reversing of the private API. If I find anything I'll post it here. – 4ZM Mar 13 '13 at 09:44

1 Answers1

6

This is not possible on an Android device. The proprietary commands for the Chinese MIFARE clone are 7 bits long, not a complete byte. The NFC implementations in Android devices (both the older with proprietary interface and the newer NFC Forum NCI compliant ones) work on payload buffers of complete bytes.

NFC guy
  • 9,972
  • 3
  • 25
  • 57
  • I was afraid of that answer :/ Any chance some guy write a patch for android ? seems a bit too hard for me ... – oleveau Mar 26 '13 at 08:55
  • For the older devices, the limitation is in the NFC hardware, so no software patch will fix that. I am not sure about the NCI compliant NFC hardware, but I expect that the situation there may be the same. – NFC guy Mar 26 '13 at 14:53
  • I believe that the NFC hardware you refer to is the nxp PN544 chip, I don't think there is a limitation with the chip itself. – oleveau Mar 29 '13 at 15:47
  • The PN544 has the software stack with the older proprietary interface, yes. However, the limitation is also in the PN544 itself: the firmware does not allow you to send 7-bit commands. Only complete bytes can be offered as command payload. – NFC guy Mar 29 '13 at 15:55
  • What might be the reason that the Chinese Guys chose 7bit commands? Maybe they can update their design to include 8 bit commands, for the sake of Android adoption ? :) – Martin Paljak Jun 01 '13 at 12:32