Forum Replies Created
-
Re: Reply To: Switch from DES to AES authentication
20. August 2015 at 16:28 in reply to: Switch from DES to AES authenticationHi Adnan,
Thanks for your reply.
I use AES mode. I've already change the PICC master key to use the AES mode, and I manage AES authentication and I think my change key command is good. I really don't understand what is wrong in my procedure. I send you all my logs for authentication and change key and I hope you could help me :
AES key : 00 … 00
Authentication with the PICC master key (00) and 0xAA command :
Ciphered RndB (received from the PICC) :
76 A4 40 10 FE A9 DE F6 42 CE CB 0B C7 9F 1C 5C
Deciphered RndB :
17 26 6E C6 18 03 EE D1 23 45 FE E6 02 31 E6 FB
RndB’:
26 6E C6 18 03 EE D1 23 45 FE E6 02 31 E6 FB 17
RndA (generated by the PCD):
82 F6 C3 29 C0 00 50 07 B1 A7 5F 0B D8 37 5B CD
RndA and RndB’ concatenation :
82 F6 C3 29 C0 00 50 07 B1 A7 5F 0B D8 37 5B CD 26 6E C6 18 03 EE D1 23 45 FE E6 02 31 E6 FB 17
Ciphered datas to send:
C3 95 0F 45 1D 25 84 D8 FB 3A 52 79 E7 D2 36 D3 F5 A6 65 79 7F D6 D2 57 24 03 97 F9 CE 26 BF 1D
Datas received from PICC with successful code :
4B 98 54 6C BC 27 99 7E B2 E0 58 AD 3A A8 5D EE
Session key : 82 F6 C3 29 17 26 6E C6 D8 37 5B CD 02 31 E6 FB
Authentication OK!
Change key :
New AES key = 01 … 01
CRC calculate over:
C4 80 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 00
CRC value:
BC 71 57 FB
Datas to ciphered:
01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 00 BC 71 57 FB 00 00 00 00 00 00 00 00 00 00 00
Ciphered datas:
8A 6B 2D 2C 58 33 40 64 BC 8C 95 7C 5A 90 E4 B6 C1 E9 64 E9 22 AF 60 8D E4 20 A1 E6 6C 8C 1E 9C
Datas to send (without command byte):
80 8A 6B 2D 2C 58 33 40 64 BC 8C 95 7C 5A 90 E4 B6 C1 E9 64 E9 22 AF 60 8D E4 20 A1 E6 6C 8C 1E 9C
Complete sent APDU buffer as input of the ScardTransmit method:
0 C4 00 00 21 80 8A 6B 2D 2C 58 33 40 64 BC 8C 95 7C 5A 90 E4 B6 C1 E9 64 E9 22 AF 60 8D E4 20 A1 E6 6C 8C 1E 9C 00
PICC always return 0x911E
Note I work in PICC level and get key settings command returns 0x0F01
Samuel
+ 0 | - 1
Re: Reply To: Switch from DES to AES authentication
19. August 2015 at 11:47 in reply to: Switch from DES to AES authenticationHi Adnan,
Thanks for your help. I have two cards (MFC3ICD41 and MFC3ICD81).
Since I posted this topic, I was able to authenticate me. My problem is now to execute others functionalities (ChangeKey, ChangeKeySettings, etc) because it seems that I have a bad CRC32 calculation. I use this :
https://community.oracle.com/thread/3603633
But I have always a 0x911E error.
According to you, what is wrong in my CRC32 implementation ?
Thanks
+ 0 | - 0
Re: Reply To: Mifare Desfire EV1 ChangeKey 0x1E error
4. August 2015 at 17:12 in reply to: Mifare Desfire EV1 ChangeKey 0x1E errorHi,
This problem is solved. The error is in my CRC algorithm. The preset value must be 0x6363.
+ 1 | - 0
Re: Reply To: Mifare Desfire EV1 ChangeKey 0x1E error
3. August 2015 at 17:54 in reply to: Mifare Desfire EV1 ChangeKey 0x1E errorHi all,
I'm new with desfire. I can authenticate me without any problem. But, I have a 0x1E error with ChangeKey command (and the same error with change key settings command).
Here is what I do in detail :
MASTER KEY = 00 00 00 00 00 00 00 00
INIT VECTOR = 00 00 00 00 00 00 00 00
Authenticate : (with key number 0x00)
command: 90 0A 00 00 01 00 00
response: 91 AF 57 B0 C3 5A 08 0A E6 08
RndB = D6 F7 79 68 D2 76 7E A3
RndB' = F7 79 68 D2 76 7E A3 D6
Generated RndA = B0 A6 40 5F 57 79 4A 93
After cipher operations :
command: 90 AF 00 00 10 5B D8 9F 65 31 76 AE 3A 7A 11 28 C9 D4 03 51 29 00
response 90 00 B5 3B F4 99 FE AC 13 E4
After cipher operations :
Received datas = A6 40 5F 57 79 4A 93 B0
Session key : B0 A6 40 5F D6 F7 79 68
AUTHENTICATION OK!
After this I try to send the change key settings command (for example) :
New setting value : 0F
CRC = 70 F7
After cipher operations :
command: 90 54 00 00 08 C5 E6 52 C9 D6 D0 F4 39 00
response: 91 1E
I think the problem is my CRC or my session key but I don't known what is wrong in my procedure.
In addition, here is my crc calulation code (in C#) :
public static byte[] ComputeCrc16(byte[] data, int len)
{
ushort polynomial = 0x8408;
ushort preset = 0xFFFF;
int i, j;
int current_crc_value = preset;
for (i = 0; i < len; i++)
{
current_crc_value = current_crc_value ^ data;
for (j = 0; j > 1) ^ polynomial;
}
else
{
current_crc_value = (current_crc_value >> 1);
}
}
}
data = (byte)(current_crc_value & 0x00ff);
data = (byte)((current_crc_value >> 8) & 0x00ff);
return data;
}
+ 0 | - 0
-
AuthorPosts
Viewing 4 posts - 1 through 4 (of 4 total)