I am currently researching the possibility to emulate other cards like mifare etc via a javacard. Is that actually possible? Right now I haven't found anything about this topic via google. I found a little project for Mifare DESFire, but that was discontinued and is not working.
Anyone got any inside on this? Links to other projects regarding this topic would be ok for an answer, too. Thanks in advance!
From the small amount of research I have heard about, the short answer is:
Mifare classic: I don't think so
DESFire EV1: Maybe (if the reader supports DESFire in the optional ISO7816-4 command mode)
The longer answer:
There is little information out there as a lot of this is proprietary to NXP. There are some brief descriptions in things like the Gemalto guide below. Most T=CL readers that can support Mifare commands take driver specific APDU's that the reader driver converts into Mifare commands. These would then be received by the Mifare card. If these are sent to a regular Java Card they would not match the ISO7816-4 commands it expects and would fail.
This is all from my understanding and I may be a little off with the details though.
Both authentication and cryptography of Mifare Classic were broken by now, so the problem would rather be if it is possible to make the reader select the right application. As far as I see it, when talking to a javacard, the read first must authenticate himself to the card and then sends a select apdu to select the applet inside the card. I currently have no idea how it could be acchieved that the reader selects the applet without ever sending the select apdu. That alone seems to pose a problem for me. Once the initial stuff was done it would actually be no problem to emulate another card, as far as I understand it.
You might be right there, too. Thats another problematic factor.
As far as I see it, when talking to a javacard, the read first must authenticate himself to the card and then sends a select apdu to select the applet inside the card
applet can be selected by default and authentication is not mandatory
for mifare classic there is problem that it works on another protocol. Mifare classic supports ISO 14443-3, while contactless java cards ISO 14443-4.
for desfire there is no such problem because desfire works on 14443-4, so i think it is more or less possible. Though, to fully emulate it is needed to change ATQA and SAK, described in 14443-3. I doubt it is possible.