I'm using a HID Omnikey 5321 reader to communicate with Mifare DESFire EV1 tag. I'using WinSCard DLL (in C++) to wrap Native DESFire Command in ISO 7816 APDU message structure. On the tag, I have an application with 3 keys. As the Key Settings are set to 0x0B, I authenticate with application master key to change keys values.
I manage to change application master key but not key 1 and 2.
After AES authentication with application master key, I try to change key 2 :
Old Key 2 = 00...00
New Key 2 = 22...22
I calculate CRC over (Old Key 2) XOR (New Key 2)
CRCxor = F1 4A D1 C0
I calculate CRC over Native Command
Native Command = C4 02 (New Key 2)
CRCnc = C9 1F 03 80
Then I encipher with the session key and IV set to 00
32 bytes data to encipher : (New Key 2 XOR Old Key 2) (CRCxor) (CRCnc) 00...00
APDU sended
90 C4 00 00 21 02 (enciphered data) 00
In response I get "1E" status code which mean CRC or padding error.
I also try without XORing data. I just append CRC calculated over Native Command, like I did to successfully change Master key, but I still have the same error.
I don't know where the problem is.
