New Application Default Key

Forum / MIFARE SDK / New Application Default Key

  • 31. May 2016 at 6:48

    onyekachi
    Please help me comprehend the expected behavior in this scenario

    First, I have taking a Blank Desfire card and formats it.
    2. I change the default key from DESFIRE_DEFAULT_KEY to COMP_DEFAULT_KEY
    objDESFireEV1.changeKey( 0, DESFIRE_DEFAULT_KEY, (byte)0x00, COMP_DEFAULT_KEY, (byte)0, DESFireEV1.KeyType.TWOK3DES,
    
                                 IKeyConstants.DIV_OPTION_NODIVERSIFICATION,IKeyConstants.DIV_OPTION_NODIVERSIFICATION, null );

    3. I authenticate the new Master Key(COMP_DEFAULT_KEY) and it was successful

    4. I create a new Application with a new AppID(NewAppID) as shown below
    objDESFireEV1.createApplication(NewAppId, getKeySettings(objDESFireEV1), 2, DESFireEV1.KeyType.TWOK3DES);


    Question
    To authenticate the new Application ID should one use the default Desfire Key as shown below

     objDESFireEV1.selectApplication(newAppId);
    
  objDESFireEV1.authenticate(AuthType.Native, DESFIRE_DEFAULT_KEY  , (byte) 0, 0, (byte) 0, null);


    or the COMP_DEFAULT_KEY as shown below

    objDESFireEV1.selectApplication(newAppId);
    
   objDESFireEV1.authenticate(AuthType.Native, COMP_DEFAULT_KEY , (byte) 0, 0, (byte) 0, null);


    I thought the later with COMP_DEFAULT_KEY sice its now the cards new default master key, but its falling

    + 0  |  - 0

    Re: New Application Default Key

    31. May 2016 at 10:12

    mifaresdk
    Hi Onyekachi,

    Changing the master key #0 is independent of the pre-loaded values for the other keys. If you want to change key #1 you have to authenticate with the default key (00…000) before changing key #1 to another value.

    Kind regards,
    The MIFARE Team
    + 0  |  - 0

    Re: New Application Default Key

    31. May 2016 at 17:50

    onyekachi
    Thank you very much for the prompt response,

    With the information you provided in-mind, is it possible to prevent one from adding an application to a Desfire card, if they know its a Desfire card and has knowledge of adding application to a card, How does changing the Masterkey prevent one from adding application to the card in anyway?
    + 0  |  - 0

    Re: New Application Default Key

    1. June 2016 at 13:16

    mifaresdk

    Hi Onyekachi,

    Yes you can prevent users from creating new applications. This is part of the PICC Master Key setting. Please keep in mind, if you select AID=000000 and authenticate with key #0 it is the PICC Master Key and if AID!=000000 it is the Application Master Key.

    This is coded as part of the ChangeKeySettings() command. You can set options for “configuration is changeable yes/no”, “CreateApplication/DeleteApplication is permitted only with PICC Master Key authentication”, “Successful PICC Master Key authentication is required for GatApplications() and GetKeySettings()” etc.

    The MIFARE Team
    + 0  |  - 0
  • Author
    Posts
Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.