Topic: MIFARE UltraLight C 3DES authentication APDUs
I try to perform authentication to a MIFARE UltraLight C card, but I am stuck. I have already made some Google queries, the only thing that I found were an IEEE conference document (that contains test vectors) and the libfreefare sources that I could use.
The libfreefare, as a low-level tool seemed to be very good for first sight, but I found a thing that I do not understand: the sources contain DES_ecb_encrypt() function calls of OpenSSL to encrypt/decrypt data, but the MIFARE UltraLight C public document (MF0ICU2) says, that "ek() is 2 key 3DES encryption [...] in Cipher-Block Chaining (CBC) mode", and not in ECB mode!
The publicly available IEEE study ("Studying the Pseudo Random Number Generator of a low-cost RFID tag" for IEEE conference) that I also found contains some cute test vectors:
With the demo keys and OpenSSL I could decrypt ek(RndB) - retrieved from Auth1_resp -, converted RndB to RndB', concatenated RndA with RndB', and encrypted the whole data with the same parameters (keys, IV etc.), but I could not get the same value for Auth2_apdu (and also for my value I got an authentication error from the card).
Is there any other step before encrypting that is still have to be performed (e.g. I found an XOR-operation for some cases in libfreefare sources, but this did not even help).
Thanks in advance!