Results matching “RFID”

Mifare Application Directory - what is stored on RFID card in your wallet?

touchatag.png I have been playing with RFID cards for a while, but recently I borrowed touchatag reader which supports Mifare cards to take a look what is stored on public transit card which I carry in my wallet.

Mifare Classic weak crypto was reverse-engineered and recently Harald Welte took a look at one such payment system and had interesting observations about it's security.

So, reading your Mifare card isn't hard. If you have libnfc supported reader you can run Mifare Classic Offline Cracker to dump data. But then, you are presented with dumps which you don't understand.

Mifare Application Directory (MAD) documents directory-like structure that describes how sectors on card are used. It took me a while to figure out that pdf file called Mifare address book is authoritative source of data about card issuers.

But, browsing pdf and watching hex numers is not fun, so I wrote perl-Mifare-MAD - simple script which decodes card data in format similar to following: 

manufacturer block
Serial number: 7ef11d7f
CB: ed
manufacturer data: 880400465976525d103308
ADV (MAD version code): 1
MA (multiapplication): yes
DA (MAD available): yes
Info byte (publisher sector): 0
0000 7ef11d7fed880400465976525d103308 010 R:AB W:-- I:-- DTR:--
0010 b100040015007b887b887b887b886220 100 R:AB W:-B I:-- DTR:--
0020 62200000000000000000000000000000 100 R:AB W:-B I:-- DTR:--
0030 a0a1a2a3a4a5696789c1a7a2676192a6 011 R/W: KEYSECXA:-/B ACCESS COND:AB/B KEYSECXB:-/B
KEY A:a0a1a2a3a4a5 | 696789 GDP: c1 | B:a7a2676192a6

MAD sector 1 @12 0004 [miscellaneous applications]
sector contains card holder information in ASCII format.
surname     1 
given name 18 Vrijednosna karta
any         5 0x09200901
0040 0100525672696a65646e6f736e61206b 110 R:AB W:-B I:-B DTR:AB
0050 6172746100c509200901000000000000 110 R:AB W:-B I:-B DTR:AB
0060 00000000000000000000000000000000 110 R:AB W:-B I:-B DTR:AB
0070 269d97f5a18508778f000f0dabf8179a 011 R/W: KEYSECXA:-/B ACCESS COND:AB/B KEYSECXB:-/B
KEY A:269d97f5a185 | 08778f GDP: 00 | B:0f0dabf8179a

MAD sector 2 @14 0015 [miscellaneous applications]
- card administration MIKROELEKTRONIKA spol.s.v.MIKROELEKTRONIKA spol.s.v.o. worldwide 1 01.02.2007 Card publisher info
Card number: 000040067318
0080 0326898400000460378177277382e134 110 R:AB W:-B I:-B DTR:AB
0090 13ee921ab8f5f6120000000000000036 110 R:AB W:-B I:-B DTR:AB
00a0 0000000000000000000000000000000b 110 R:AB W:-B I:-B DTR:AB
00b0 a0a1a2a3a4a508778f00969185651f84 011 R/W: KEYSECXA:-/B ACCESS COND:AB/B KEYSECXB:-/B
KEY A:a0a1a2a3a4a5 | 08778f GDP: 00 | B:969185651f84
...and so on, for all 16 sectors of Mifare Classic card. It uses data from publicly available sources (created using copy/paste from pdf files to end of script) and decodes all bits from documentation that I understand so far.

Only other information about Miface Class format is on mfuck wiki but it doesn't really explain MAD.

Last year, we had podcast about RFID in Croatian so if you want to learn more take a look!

27C3: recommended watching

It's that time of year again: 27C3 was a blast, and here is a quick list of interesting lectures I managed to watch so far.

This is about a limit of video material I can watch in 4 days. I will probably update this post will more recommendations, as I go through rest of material.

One hint: in pre-release video material, so manual aspect ratio is required: 

mplayer -aspect 16:9 http://27c3.hightech-lowlife.net/...

Update: links are now to official mirror in webm

EVOLIS Dualys pixel exact printing without cups

Dualys3.jpg As you know by now, I'm working pure free software implementation of RFID support for our library. This time, I decided to tackle problem of printing RFID cards using EVOLIS Dualys printer.

This is experimental support for EVOLIS Dualys 3 printer with black ribbon (K) to provide pixel-exact driver with support for two-side printing.

Existing cups driver is available at

http://www.evolis.com/eng/Drivers-Support/Product-support/Dualys-3

but I haven't been able to make it print on both sides of cards, partly because using duplex option in cups seems to segfault GhostScript and/or rastertoevolis cups filter depending on combination of duplex options.

I also needed pixel perfect transfer to printer, and cups bitmap format is always in color, leaving final pixel modifications down to cups filter which always produced differences between file sent to printer and perfect black and white rendition of it.

SCRIPTS

Current toolset consists of following scripts:

  • inkscape-render.pl card/template.svg 201008159999 login Name Surname

    Generate pdf files from Inkscape SVG template in card/ using print-front and print-back object IDs. Layers doesn't work since we can't toggle visilbity easily. To print more than one object gruop them and change ID of group.

    After pdf files are created, GhostScript is used to rasterize them into pbm (monochrome) bitmaps.

  • evolis-driver.pl front.pbm back.pbm > evolis.commands

    Provides driver which generates printer command stream to print two-sided card from pbm files.

  • evolis-simulator.pl evolis

    Simulator for EVOLIS printer commands which is useful for development. It creates one pbm file per page printed.

  • scripts/evolis-command.pl

    Command-line interface to send commands to printer and receive responses. Supports readline for editing and history. Requires local parallel port connection, probably to USB parallel device.

EXAMPLE

Following is simple walk-through from svg image in Inkscape to evolis command stream which can be executed in top-level directory of this distribution:

  ./scripts/inkscape-render.pl card/ffzg-2010.svg 201008159999 Ime Prezime
  ./scripts/evolis-driver.pl out/201008159999.front.pbm out/201008159999.back.pbm > evolis
  ./scripts/evolis-simulator.pl evolis
  qiv evolis*.pbm

Biblio::RFID - write RFID applications in perl

Allmost two years ago, I began my experiments with RFID, writing support for 3M 810 RFID Reader. Then I tried to make web interface for RFID it in Koha.

Comet: ETOOMUCH This woked, but having separate Comet server was too much complexity for me, so I decided to implement JSONP directly in RFID driver code. Hack, I allready had HTTP server, and local JavaScript interface, so why not?

Move to JSONP allowed me to use original Koha web interface, and just overlay RFID information and form submission code as simple jQuery snippet.

But, two years of development and trying out different approaches produced not-quite-production-quality code. So, I began rewrite called Biblio::RFID. It splits RFID reader support from HTTP and JSONP servers and couples this with documentation and tests. I have production use for it this summer, involving programming of RFID cards as they are printed out, so expect it to change during next few weeks. After that I will push it to CPAN, but I would love to get feedback and comments before that.

Update: It's also availale at CPAN.

OmniKey CardMan 5321 supported by librfid

CardMan-5321_free.jpg I had OmniKey CardMan 5321 reader sitting on my desk for quite some time. First time I tried it, I had problem with propitiatory binary driver which expected pcscd to be compiled without hal support to make it work.

Fortunately, we now have pcsc-omnikey package in Debian which should make usage of this reader much easier. But, I really wanted more low-level implementation, allowing me to muck with cards without need to pass through whole smart card stack (since I'm really only interested in RFID part of this reader).

So, I did some searching and found out that librfid - A Free Software RFID stack implements support for this reader, so here is a quick overview of how to get started: 

# build dependency
dpavlin@klin:/rest/cvs/librfid$ sudo apt-get install libusb-dev

# checkout source
dpavlin@klin:/rest/cvs$ svn co https://svn.gnumonks.org/trunk/librfid/
dpavlin@klin:/rest/cvs$ cd librfid/
dpavlin@klin:/rest/cvs/librfid$ ./autogen.sh

# build
dpavlin@klin:/rest/cvs/librfid$ ./configure --enable-ccid
dpavlin@klin:/rest/cvs/librfid$ make
Now we can test if our reader is working: 
dpavlin@klin:/rest/cvs/librfid$ sudo ./utils/librfid-tool -s
lt-librfid-tool - (C) 2005-2008 by Harald Welte
This program is Free Software and has ABSOLUTELY NO WARRANTY

initializing librfid
opening reader handle OpenPCD, CM5x21
No OpenPCD found
scanning for RFID token...
Layer 2 success (ISO 15693):  eb 6e 77 1f 00 01 04 e0
And, that's not all. We can also read content of our tag: 
dpavlin@klin:/rest/cvs/librfid$ sudo ./utils/librfid-tool -r -1
lt-librfid-tool - (C) 2005-2008 by Harald Welte
This program is Free Software and has ABSOLUTELY NO WARRANTY

initializing librfid
opening reader handle OpenPCD, CM5x21
No OpenPCD found
Layer2 init ok
Layer 2 success (ISO 15693)[8]: ' eb 6e 77 1f 00 01 04 e0'
block[  0:00]sec:0x8 data(4):  04 11 00 01
block[  1:01]sec:0x8 data(4):  31 33 30 32
block[  2:02]sec:0x8 data(4):  30 32 39 37
block[  3:03]sec:0x8 data(4):  31 30 00 00
block[  4:04]sec:0x8 data(4):  00 00 00 00
...
block[ 26:1a]sec:0x8 data(4):  00 00 00 00
block[ 27:1b]sec:0x8 data(4):  57 5f 4f 4b
no data(read_block(28)>> -1)
It's exactly what I was looking for: ability to do low-level block transfer with RFID card.

This is great news since I don't have to carry bulky 3M reader and antenna with me to conferences to demonstrate RFID. Since I didn't find librfid first time I searched for software to drive this reader, I hope that this post will be helpful to someone.If you intend to buy RFID reader, take a look at OpenPCD instead of this one :-)

Presentations with video clips in x11

I wanted to have full-screen presentation with two video files in-between slides. And I didn't really want to depend on network to present it. I even wanted to use properly scaled video depending on projector resolution.

In my expirience, best way to preserve presentation format is to export it into pdf. And than with a little bit of shell scripting... 

xpdf -fullscreen /home/dpavlin/Desktop/sf3-2009_oslobodimo_hardware.pdf
mplayer -fs /home/dpavlin/llin/RFID/ffzg-promo-knjiznica.avi
xpdf -fullscreen /home/dpavlin/Desktop/sf3-2009_oslobodimo_hardware.pdf 3
mplayer -fs /home/dpavlin/llin/RFID/comet-meteor-koha-rfid.ogv
xpdf -fullscreen /home/dpavlin/Desktop/sf3-2009_oslobodimo_hardware.pdf 6
I got exactly what I needed. Both xpdf and mplayer have full screen options and xpdf can jump to specific slide. Even keyboard shortcut to exit programs (q) are the same!

So, I just flip first two slides, press q and play first video in full screen. When it ends, I will be on next slide in xpdf. You will see background for a bit (so switch to empty virtual desktop or something), but other than that it works nicely and predictably.

Slobodni festival 3

Ovaj vikend bili smo u Čakovcu na Slobodnom Festivalu 3 veoma zanimljivom druženju u Čakovcu.

Oslobodimo Hardware

Ovo je lista linkova je na neke nije moguće kliknuti jer je sladeshare strgan i lijeva/desna margina prekiraju kratke linkove na kraju:

DORS/CLUC 2009 - materijali sa prezentacija

Izgleda da me svake godine malo iznenadi, ali DORS/CLUC je i ove godine bio ponešto različit od prošle. Ako to moram svesti u jednu rečenicu: postoji određen broj ljudi u Hrvatskoj koji stvarno razumiju teme o kojima se priča na ovoj konferenciji. Jedini problem je da se zapravo svi slažemo, pa su diskusije možda premalo kritične :-)

Ove godine imali smo seriju zanimljivih lightning talk-ova od kojih sam ja održao Sve što ste htjeli znati o RFID-u a niste se usudili pitati... u 5 min.

Slijdeći dan sam pokušao zainteresirati publiku da oslobode neki komadić hardware-a. Ako vam je moje predavanje bilo zanimljivo, vjerojatno će Vam se svidjeti i predavanje sa ovogodišnjeg FOSDEM-a o tome kako je napisan Gnash (slobodan flash player).

Comet experiment: RFID reader with Koha data in browser

I already blogged about RFID readers but now I really need to replace antique 3M software with something better. So, basically, I started with specification:

User should put RFID tag on reader and get output from Koha
Nice and simple. However, readers are connected to Windows machine. And we need some way for reader to push data about new tag to browser. Hmmm... push? Sound like Comet, doesn't it?

Let's see what we need:

  1. Comet server to display page in web browser and push updates
  2. RFID reader program installable on Windows to communicate with serial port and push messages to Comet server
  3. User with a browser
Again, seems somewhat reasonable. Can perl do it? It seems it can:
  1. Meteor server provides perl comet server which required one additional file to provide integration with Koha.
    I needed comet server to deliver Koha data because of single origin security in browsers which doesn't allow me to make AJAX requests to Koha directly. On the other hand, this gave me excuse to try out HTML::Query to extract part of page which I needed on server.
    I liked this split between Koha and Comet server (even on different boxes and/or network segments), but it came with a price: every page generated in Koha took more than 2 seconds, which was just too slow for nice interactive demo. So, I implemented on-disk caching which is also really nice for debugging. In production version, requests for Koha data might be implemented as forkers (since browser uses AJAX request for it, it makes sense) or I will issue queries directly over Koha's database.
  2. Next step was to add push from my perl RFID reader to Meteor.
    This also turned out to be simple: one socket connection to Meteor, and few revisions later I had more or less following protocol which reader could push to comet server as pipe | encoded string: 
    meteor( 'info', "Found reader hardware $hw_ver" );
meteor( 'info-none-in-range' );
meteor( 'info-in-range', join(' ',@tags));
meteor( 'in-range', $tag );
meteor( 'read', $tag ); 
meteor( 'removed', $tag );
  3. I also needed web interface in browser.
    When I need to do something quickly I often turn to jQuery as long time readers of my blog already know. One additional javascript file in Meteor's public_html directory and we have a working interface.
    At first, I created JavaScript object (like hash in perl :-) to keep track of visible tags on screen. But, since each tag is div which has id set to SID of tag, it was easier (and shorter) to just use jQuery to ask DOM if there is element on page. KISS wins again...

So how does it look, you might ask? (You might want to turn volume down, because AudioSwap feature of YouTube should be really considered harmful :-)

This might help solve question is perl dead. Only if it means dead easy. it's 4k of perl code, 4k of JavaScript and 4k of CSS.

Integrating systems using Net::LDAP::Server and RDBMS

Let's assume that we have two systems, one which support LDAP user accounts and other system, based on relational database (Koha, in this example) which has user information which you would like to expose using LDAP for first system.

We could export all data required into institution LDAP, but that would push a lot of junk which is really required only by one application. Worse yet, some of that data is somewhat sensitive because it include serial numbers (SID) and data from RFID cards.

But, since application supports LDAP and we have Net::LDAP::Server it should be easy! And it really is.

LDAP server accessing Koha database using DBI is really converter of LDAP search query into SQL where syntax which is than appended to initial select which returns attribute values for LDAP entry which will be returned for search request.

This small example will hopefully be useful to other people who would like to integrate two systems by exposing user data via LDAP protocol. Just remember that pushing real valid usable data back to LDAP always makes more sense if that data is useful for current or future systems...

PerlMonks has node with this annoucement, so you might want to comment there if it's in interest of general perl comunity