BTCPayServer.NTag424.PCSC 1.0.1

There is a newer version of this package available.
See the version list below for details.
dotnet add package BTCPayServer.NTag424.PCSC --version 1.0.1                
NuGet\Install-Package BTCPayServer.NTag424.PCSC -Version 1.0.1                
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="BTCPayServer.NTag424.PCSC" Version="1.0.1" />                
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add BTCPayServer.NTag424.PCSC --version 1.0.1                
#r "nuget: BTCPayServer.NTag424.PCSC, 1.0.1"                
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install BTCPayServer.NTag424.PCSC as a Cake Addin
#addin nuget:?package=BTCPayServer.NTag424.PCSC&version=1.0.1

// Install BTCPayServer.NTag424.PCSC as a Cake Tool
#tool nuget:?package=BTCPayServer.NTag424.PCSC&version=1.0.1                

BTCPayServer.BoltCardTools

Introduction

This repository hosts tools that help with the creation of Bolt Cards.

Content:

Examples

How to read the UID of an NTag 424 smart card

Plug in a smart card reader, such as the identiv utrust 3700 f, and place an NTag 424 smart card on it.

Reference the nuget package BTCPayServer.NTag424.PCSC in your project.

dotnet add package BTCPayServer.NTag424.PCSC

Then to use it:

using BTCPayServer.NTag424.PCSC;
using System;

using var ctx = PCSCContext.Create();
var ntag = ctx.CreateNTag424();
var key = new AESKey(new byte[16]);
await ntag.AuthenticateEV2First(0, key);

var id = await ntag.GetCardUID();
var idStr = Convert.ToHexString(id, 0, id.Length).ToLowerInvariant();
Console.WriteLine($"Card UID: {idStr}");

How to read the NDEF message of an NTag 424 smart card

using BTCPayServer.NTag424.PCSC;
using System;
using NdefLibrary.Ndef;

using var ctx = PCSCContext.Create();
var ntag = ctx.CreateNTag424();
var message = await ntag.ReadNDef();
var uri = new NdefUriRecord(message[0]).Uri;
Console.WriteLine($"Card URI: {uri}");

How to verify the signature of an NTag 424 smart card

BoltCards involve the cooperation of three types of agents:

  • Card Issuer: This agent configures the cards for lightning payments. This includes setting up the card to use a specific LNUrl Withdraw Service and generating the access keys.
  • Payment processor: This agent reads the card and forwards the payment request to the LNUrl Withdraw Service.
  • LNUrl Withdraw Service: This service authenticates the card and completes the payment.

BoltCards setup involves three different type of access keys:

  • The IssuerKey: Owned by the Card Issuer, this key is used to configure the card.
  • The EncryptionKey: This key can either be unique to each card or shared among multiple cards. It must be known by the LNUrl Withdraw Service.
  • The AuthenticationKey: This key should be unique and is used to authenticate the card. It must also be known by the LNUrl Withdraw Service.

If you are the LNURL Withdraw Service, here how to authenticate the card:

using BTCPayServer.NTag424;
using BTCPayServer.NTag424.PCSC;
using System;
using System.Collections;
using NdefLibrary.Ndef;

// Set keys have you have setup the card
var encryptionKey = AESKey.Default;

using var ctx = PCSCContext.Create();
var ntag = ctx.CreateNTag424();
var message = await ntag.ReadNDef();
var uri = new NdefUriRecord(message[0]).Uri;
var p = Regex.Match(uri, "p=(.*?)&").Groups[1].Value;
var c = Regex.Match(uri, "c=(.*)").Groups[1].Value;

var piccData = PICCData.Create(encryptionKey.Decrypt(p));

// Note that the `piccData.Uid` contains the UID of the card which can be used to fetch
// the proper real `authenticationKey` of the card.
var authenticationKey = AESKey.Default;

var expectedMac = authenticationKey.GetSunMac(piccData);
var expectedMacStr = Convert.ToHexString(expectedMac, 0, expectedMac.Length);

var actualMacStr = c;
if (expectedMacStr != c)
{
    throw new Exception("Invalid card");
}

// The LNUrlw service should also check `piccData.Counter` is always increasing between payments to avoid replay attacks.

How to setup a bolt card

using BTCPayServer.NTag424;
using BTCPayServer.NTag424.PCSC;
using System;
using System.Collections;

using var ctx = PCSCContext.Create();
var ntag = ctx.CreateNTag424();

// Example with hard coded keys
var keys = new BoltcardKeys(
    IssuerKey: new AESKey("00000000000000000000000000000001".HexToBytes()),
    EncryptionKey: new AESKey("00000000000000000000000000000002".HexToBytes()),
    AuthenticationKey: new AESKey("00000000000000000000000000000002".HexToBytes()));
var lnurlwService = "lnurlw://test.com";

// Note `BoltcardKeys.Default` assumes the card hasn't been setup yet.
// If it was not the case, you would need to provide the access keys you provided during the last setup.
await ntag.SetupBoltcard(lnurlwService, BoltcardKeys.Default, keys);

// You can reset the card to its factory state with `await ntag.ResetCard(keys);`

License

MIT

Product Compatible and additional computed target framework versions.
.NET net6.0 is compatible.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories (1)

Showing the top 1 popular GitHub repositories that depend on BTCPayServer.NTag424.PCSC:

Repository Stars
btcpayserver/BTCPayServer.Vault
Sign with software or hardware wallets
Version Downloads Last updated
1.0.21 102 9/4/2024
1.0.20 134 4/24/2024
1.0.19 137 2/8/2024
1.0.18 430 12/21/2023
1.0.17 122 12/21/2023
1.0.16 226 12/8/2023
1.0.15 228 10/25/2023
1.0.14 155 10/24/2023
1.0.13 162 10/24/2023
1.0.12 146 10/24/2023
1.0.11 212 10/23/2023
1.0.10 161 10/22/2023
1.0.9 148 10/22/2023
1.0.8 158 10/21/2023
1.0.7 132 10/20/2023
1.0.6 136 10/20/2023
1.0.5 150 10/20/2023
1.0.4 145 10/20/2023
1.0.3 140 10/20/2023
1.0.1 152 10/6/2023
1.0.0 126 10/4/2023