Thanks for the input @anon3825968, too bad that the x-series won’t work -.- "
Then I’ll just see what I get done before the M1flex is released, then see if I feel up for swaping out the x- for a flex.
I’d like not to do this as I want the servo to write to lock, then write back to a middle position, thus entabeling the lock cylinder functional and as a backup solution.
Just got a reply from Danalock:
Sooo… scratch the Danalock 
It looks more and more like I’m gonna have to go full DIY to open my front door with RFID…
Dammit I won’t be undone!
Tonight I’m gonna go buy the Oviku Nero at my local hardware store, and I’ll take a punt on Tasker being able to control the Oviku app with Autoinput. I’ll report if it works 
Aaaand… it’s going back to the store tomorrow. Why? Because the app is terrible: only an older version runs on my older Android phone. But it requires the internet. Why does it require the internet - as opposed to using the internet when it’s there but you can do without when it ain’t? God only knows… And what happens when I enable the wifi? It halts, tells me a new version is available, then locks up (since the new version isn’t compatible).
In short:
1/ if you don’t buy a newer telephone, you’re left with a brick. If I had a working product before, that suddenly stopped working when the manufacturer released their newer update and forced it down my throat without checking whether it’d work, I’d be livid - not to mention, locked out of my home. Right now I’m only pissed off because I bought a useless product that didn’t work from the get-go. Still, I’m REALLY pissed off because I rode my bike 20 miles to the store and parted with EUR 250 of my hard-earned cash to get that turd.
2/ If your internet goes down, you can’t open your fucking door and you’re locked out. Seriously? How dumb is that?
God I hate the internet of things
Incidentally @amal: this is exactly why I wanted to know if I could make use of Vivokey products without software from Vivokey the other day. See here, I have an EUR 250 product that’s completely useless because I’m held hostage by the the manufacturer’s stupidity, and there ain’t nothing I can do about it because the crappy app is closed-source. See why I insist on open-source?
I’m nothing if not persistent!
So, I went back to the store with the DT RFID Diagnostic Card, I taped it to the demontration Yale Doorman V2N lock, then I tried methodically to find a sweet spot to get the damn thing to read my implant. Then, after 45 minutes under the suspicious eyes of the salescritters… success! Check this out:
Once you know where it is and you know how to “make the right hand” for it, it’s even fairly easily repeatable. And to make extra sure, I tried it on the other demonstration lock they had in the store, and it worked on that one rightaway also.
Of course, it doesn’t solve the main issues, which are that it’s apparently difficult to clone a working card and make the clone working also, and that it’ll overwrite my NDEF data if I do, and that it’ll write to the chip each time I unlock the door - which I don’t much like. But at least the Doorman isn’t a totally lost cause.
So… progress at last
Okay, I took the plunge and purchased a Yale Doorman V2N today. If no hacking is happening, someone’s gotta pick up the slack I’m thinking, even if I can’t get my implant to work, it has a keypad, and entering a code beats goofing around with stupid Finnish-standard keys when it’s freezing cold outside any day. Getting in with my implant would be the best case scenario, but punching a keycode is also an improvement - albeit an expensive one at EUR 350.
The thing comes with 3 “authorized” Yale Mifare Classic tags. So my plan is this:
I’ve already created a clone of tag #1 in the magic Chinese card. It took a while, to make sure the entire card matches the original byte to byte - UID, manufacturer block on the second half of block zero, keys and all - but now the clone is indistinguisable from the original. The only way to tell them apart is to test if the magic Chinese command works - which, to my knowledge, the lock doesn’t do. But I’ll see soon enough.
So, stay tuned to see if I manage to make something out of the damned thing
Great minds think alike (read: Scandinavians with stupid door & lock standards think alike) @anon3825968
I’ll grab my own Yale doorman V2N tomorrow, the local Coop OBS has a sale this week, 270€👍
I’ll try and clone one key to the M1flex that hopefully ships out Wednesday and see how that works out 
That’s almost annoying
Heres hoping it works and isn’t a issue with the antenna not being big enough
If there is any chance the FlexM1 will be it
FlexM1 hasnt been available for a while now though no?
They are “on their way” soon
FlexM1 gen1a and gen2
Not readily available no @CanuckCold I got to buy a pre production unit from Amal for testing on this perticular project, a Gen1A for that matter 
If you return yours @anon3825968 could buy one for you and ship it of you’d like?
hmmm, I was going to put xM1 in the back of my wrist anyway… might as well go with one of those when they are available.
The flex units will be available in some months when the kung flu dies down a bit
Either really good word play or not so great choice of words you be the judge 
07:00 me is not the brightest, but let’s say it was a planned wordplay
The Doorman is on the door. Note to self: don’t install a fucking door lock when it’s -10C outside and the sun has gone down…
I’ve presented the cloned M1k card to the reader for registration as a working key, and it seems to be accepted. But I let the registration process time out, to see if the lock wrote anything into the tag just by presenting it once. And then I quit playing with it for now, because it’s 8:30pm and the missus is starting to get mad at me for letting the cold air in, and because the Doorman is friggin’ loud…
-10 sounds like shorts weather after I was monkeying around in -38 trying to get frozen water lines running.
Aaand… I finally have me an NFC-enabled door lock that works with my implant. Woohoo!
I couldn’t resist: I found the command to lower the lock’s volume, and nevermind the cold: I really wanted to get that thing going. I couldn’t wait for tomorrow.
So, the lock does write to my implant each time I open the door - always the same bytes on the same sector, which bothers the hell out of me. But, well, there really isn’t anything I can do about it if I want a door that I unlocks with my implant. I suppose that sector will go dead in 273 years (=100,000 write)
As planned, I have real Yale tag #1 cloned into a gen1a magic Chinese card, and real Yale tag #2 cloned into my implant. Both clones work perfectly, but the originals are now off-limit from the lock: normally they should just be rejected, but I don’t want to risk the clones being struck off the list of working tag in the lock’s memory. Real Yale tag #3 is registered with the lock normally, and will be the missus’ key to get into the house.
I also have a full log of the magic Chinese card and my implant (keys and data) in the following states:
1/ Blank (transport configuration)
2/ After cloning (exact clone, byte-to-byte)
3/ After presenting the clone to the lock for registration, but letting the process time out (1st time)
4/ After presenting the clone to the lock for registration, but letting the process time out (2nd time)
5/ After presenting the clone to the lock for registration, completing the registration
6/ After unlocking the door, 1st time
7/ After unlocking the door, 2nd time
8/ After unlocking the door, 3rd time
9/ After unlocking the door, 4th time
10/ After unlocking the door, 5th time
At no point after cloning do the M1k keys change (A nor B, any sector/block). The lock does not rewrite the keys at all, apparently. But interestingly, it does change 3 bytes to in sector 0 / block 2 just by presenting the card for registration, even if the process isn’t carried out all the way:
I’m not sure why it does that. But in theory, it means another lock is able to know that the tag is not entirely “virgin”. What it does with that information, I don’t know.
Once the tag is registered, the lock writes to sector 2 / block 1 (first and only registered lock, out of 6 possible registered locks for a given tag) each time the tag is presented and the lock opens. But again interestingly, at the very first opening, the lock also writes again to sector 0 / block 2:
I assume it’s some sort of flag set by the lock to know the working sector / block has been written to after the first opening, so it rotates the keys - or whatever it does - in there instead of resetting it to the same value over and over as if it was the first opening each time the tag is presented. But I don’t think it needs that to properly “follow” a tag’s encrypted sequence in sector 2 / block 1. So maybe not.
I’ll goof around some more with it when I have time. But at least right now I finally have a friggin’ NFC lock on my door, and that’s something. At long last!
Finally, a thought occurred to me: maybe Iceman’s hacking effort isn’t terribly useful after all: if his ultimate goal is to be able to create cheap-ass tags that work with Doorman locks instead of getting ripped off by Yale for genuine tags, the only thing a lock owner needs is a dump of a genuine, unused tag that hasn’t been registered with their lock yet. Since those things aren’t connected, even if one million locks around the world share the same tag, neither the locks nor Yale would able to know that.
And it’s perfectly secure too: even if my neighbor had a Doorman lock and used a cloned tag based on one of mine, as soon as it’s registered with his lock and one of us uses their tag at least once more than the other, his tag couldn’t be used with my lock, nor mine with his.
So, if a few of us posted, say, a dozen unused Yale tag dumps, each and every Doorman owner in the world could create a dozen cheap tags for themselves with that pool of dumps.
Ergo, no need for hacking. Unless of course the hacking effort is for its own sake - for the beauty of it - which is a perfectly valid justification also