Reply To: Mifare Desfire EV1 ChangeKey 0x1E error

[Samuel LIOULT]

Hi all,

I'm new with desfire. I can authenticate me without any problem. But, I have a 0x1E error with ChangeKey command (and the same error with change key settings command).

Here is what I do in detail :

MASTER KEY = 00 00 00 00 00 00 00 00
INIT VECTOR = 00 00 00 00 00 00 00 00

Authenticate : (with key number 0x00)

command: 90 0A 00 00 01 00 00
response: 91 AF 57 B0 C3 5A 08 0A E6 08

RndB = D6 F7 79 68 D2 76 7E A3
RndB' = F7 79 68 D2 76 7E A3 D6

Generated RndA = B0 A6 40 5F 57 79 4A 93

After cipher operations :

command: 90 AF 00 00 10 5B D8 9F 65 31 76 AE 3A 7A 11 28 C9 D4 03 51 29 00
response 90 00 B5 3B F4 99 FE AC 13 E4

After cipher operations :
Received datas = A6 40 5F 57 79 4A 93 B0

Session key : B0 A6 40 5F D6 F7 79 68

AUTHENTICATION OK!

After this I try to send the change key settings command (for example) :

New setting value : 0F

CRC = 70 F7

After cipher operations :

command: 90 54 00 00 08 C5 E6 52 C9 D6 D0 F4 39 00
response: 91 1E

I think the problem is my CRC or my session key but I don't known what is wrong in my procedure.


In addition, here is my crc calulation code (in C#) :

public static byte[] ComputeCrc16(byte[] data, int len)

{

    ushort polynomial = 0x8408;

    ushort preset = 0xFFFF;



    int i, j;

    int current_crc_value = preset;



    for (i = 0; i < len; i++)

    {

        current_crc_value = current_crc_value ^ data;



        for (j = 0; j > 1) ^ polynomial;

            }

            else

            {

                current_crc_value = (current_crc_value >> 1);

            }

        }

    }



    data = (byte)(current_crc_value & 0x00ff);

    data = (byte)((current_crc_value >> 8) & 0x00ff);



    return data;

}

---

+ 0  |  - 0