for authentication of the plus card, I am using the following method signature as provided in nxp javadoc
public void authenticateSL3(boolean firstAuth,
int blockNo,
int keyNo,
byte keyVersion,
byte[] divInput,
byte[] pcdCap2In)
Parameters:
firstAuth - false: Following Authentication; true: First Authentication
blockNo - address of the AES authentication key. please check the MIFARE Plus datasheet for the sector AES key addresses.
keyNo - Key Storage number
keyVersion - Key Version number
divInput - Diversification Input used to diversify the key
pcdCap2In - Capabilities of PCD, which define what PCD is capable to do.(00H to 06H)
javadoc link
https://www.mifare.net/files/advanced_javadoc/
for example
byte[] divInput = null;
byte[] pcdCap2In = new byte[0];
objMfPlusNfcCard.authenticateSL3(true, block_no, 3, (byte) 0, divInput,
pcdCap2In);
In the above method third parameter value (3) and 4th parameter value ((byte) 0) are the index of the AES_key and version of AES_key consequently, as added in the keystore object as follows
private IKeyStore ks= KeyStoreFactory.getInstance().getSoftwareKeyStore();
ks.formatKeyEntry(3, IKeyConstants.KeyType.KEYSTORE_KEY_TYPE_AES128);
ks.setKey(3, (byte) 0,IKeyConstants.KeyType.KEYSTORE_KEY_TYPE_AES128, MIFARE_PLUS_KEY_AES128);
I am facing the problem in figuring out the what could be the block_no parameter value in objMfPlusNfcCard.authenticateSL3 method
I also did a search for AES key addresses in the MIFARE Plus datasheet for the sector, but did not find any such information.
MIFARE Plus datasheet link provided below
http://www.nxp.com/documents/short_data_sheet/MF1SPLUSX0Y1_SDS.pdf
I ran to the same question while trying to activate Security Level 3 with First Authenticate command. I knew that the end result for the command that needed to be sent to the MF Plus card was "70 03 90 00"(hex). So trial and error led me to the solution:
So for me the block number is actually the sector number for the "Security Level 3 Switch Key". Otherwise it would be following the method above: