2

Whole update1: see question again.

I recently am working with DESFire cards .I now decide to change defult master key of PICC.

(I already could authenticate with master key all 8 byte 0x00 successfully)

1- Defult master key is 8 byte of zero.It is 00 00 00 00 00 00 00 00.

2-New master key that I choosed is 16 byte.

It is: 

byte[] newPICCKey= new byte[]{(byte)0x11, (byte)0x22, (byte)0x33, (byte)0x44,       
                                 (byte)0x55, (byte)0x66, (byte)0x77 ,(byte)0x88, 
                                 (byte)0x12, (byte)0x23, (byte)0x34 ,(byte)0x45 ,
                                 (byte)0x56, (byte)0x67, (byte)0x78 ,(byte)0x89};

3- I authenticate with old master key( Still it is not changed and still it is 8 byte of zero.) successfully. Random numbers is :

Random A = a 8 byte number

Random B = a 8 byte number

4 - I create the Session key each time by using Random A and Random B : Session key = first 4 byte of Random A + first 4 byte of Random B

//fill sessionKey with RandomA and RandomB
                for(int i=0; i<4; i++)
                    sessionKey[i] = randomA[i];
                for(int i=4; i<8; i++)

                    sessionKey[i] = randomB[i-4];

5 - i create CRC16 for new master key with bellow method . The result is : D8 EC (The new PICC master key could be 16 byte? or it must be 8 byte? By the way I choosed a 16 byte value for new master key)

 public class CRC16 
{
public static short Crc16(byte[] buffer, short offset, short len) 
    {
short crcTmp = 0x6363;
        for (int i = 0; i < len; ++i) 
        {
            short temp = (short)(buffer[offset + i] ^ crcTmp); 
            temp = (short)((temp ^ (temp << 4)) & 0xff); 
            crcTmp = (short)(((crcTmp >> 8) & 0xff) ^ (temp << 8) ^ (temp << 3) ^ (temp >> 4));
        }
        return crcTmp;
    }

}

6 - I create ew PICC key with crc and with padding(deciphered) 

byte[] newPICCKey_deciphered = new byte[]{(byte)0x11, (byte)0x22, (byte)0x33, (byte)0x44, 
                        (byte)0x55, (byte)0x66, (byte)0x77 ,(byte)0x88, 
                        (byte)0x12, (byte)0x23, (byte)0x34 ,(byte)0x45 ,
                        (byte)0x56, (byte)0x67, (byte)0x78 ,(byte)0x89,
                        (byte)0x00 , (byte)0x00,
                        (byte)0x00 ,(byte)0x00 ,(byte)0x00 ,
                        (byte)0x00 ,(byte)0x00 ,(byte)0x00 };
                txtNewPICCKeyDeciphered.setText(Utils.bytesToHex(newPICCKey_deciphered));

7- I calculate crc16 and add it to my new key:

short res = CRC16_3.Crc16(newPICCKey, (short)0, (short)16); 
                newPICCKey_deciphered[16] = (byte) (res & 0xFF); 
                newPICCKey_deciphered[17] = (byte) ((res >> 8) & 0xFF);

8 - I enciphered above new master key by bellow method and I got a 24 byte enciphered :

 byte[] iv1=new byte[]{(byte)0x00 , (byte)0x00 , (byte)0x00 , (byte)0x00 ,
                        (byte)0x00 , (byte)0x00 , (byte)0x00 , (byte)0x00 };
                byte[] newPICCKeyEnciphered = new byte[24];
                //..............................
                byte[] block1 = new byte[]{(byte)0x11, (byte)0x22, (byte)0x33, (byte)0x44, 
                        (byte)0x55, (byte)0x66, (byte)0x77 ,(byte)0x88};
                byte[] block2 = new byte[]{
                (byte)0x11, (byte)0x22, (byte)0x33 ,(byte)0x44 ,
                (byte)0x55, (byte)0x66, (byte)0x77 ,(byte)0x88};
                byte[] block3 = new byte[]{(byte)0x00 , (byte)0x00,
                        (byte)0x00 ,(byte)0x00 ,(byte)0x00 ,
                        (byte)0x00 ,(byte)0x00 ,(byte)0x00};
                block3[0] = newPICCKey_deciphered[16];
                block3[1] = newPICCKey_deciphered[17];

   try
                {
                    Cipher cipher = Cipher.getInstance("DES/ECB/NoPadding");
                SecretKeyFactory desKeyFact = SecretKeyFactory.getInstance("DES");
                DESKeySpec desKeySpec = new DESKeySpec(sessionKey);  
                SecretKey s = desKeyFact.generateSecret(desKeySpec);
                cipher.init(Cipher.DECRYPT_MODE, s);

                byte[] r1 = new byte[8];
                r1 =Utils.doXorTwoByteArray(block1, iv1);

                byte[] r2 = new byte[8];
                r2 = cipher.doFinal(r1, 0, 8);
                //...............
                byte[] r3 = new byte[8];
                r3 =Utils.doXorTwoByteArray(block2, r2);

                byte[] r4 = new byte[8];
                r4 =cipher.doFinal(r3, 0, 8);
                //................
                byte[] r5 = new byte[8];
                r5 =Utils.doXorTwoByteArray(block3, r4);

                byte[] r6 = new byte[8];
                r6 =cipher.doFinal(r5, 0, 8);
                for(int i=0; i<8;i++)
                    newPICCKeyEnciphered[i] = r2[i];
                for(int i=8; i<16;i++)
                    newPICCKeyEnciphered[i] = r4[i-8];
                for(int i=16; i<24;i++)
                    newPICCKeyEnciphered[i] = r6[i-16];
                }
                catch(Exception e)
                {
                    e.printStackTrace();
                }

Here is Class DES used at enciphering :

public class DES {
    public static byte[] doDecryptData(byte[] OriginalData,byte[]key , int sizeKey , byte[] iv , int sizeIV)
    {
    byte[] masterKeyBytes =new byte[sizeKey];
    masterKeyBytes = key;
        byte[] ivBytes = new byte[sizeIV];
     ivBytes = iv;
        byte[] encipheredData=new byte[sizeIV];

        try{

            DESKeySpec desKeySpec = new DESKeySpec(masterKeyBytes);  
            SecretKeyFactory desKeyFact = SecretKeyFactory.getInstance("DES");
            SecretKey s = desKeyFact.generateSecret(desKeySpec);
            Cipher aliceCipher = Cipher.getInstance("DES/CBC/NoPadding");
            aliceCipher.init(Cipher.DECRYPT_MODE, s, new IvParameterSpec(ivBytes));

            encipheredData= aliceCipher.doFinal(OriginalData);
            return encipheredData;
        }
        catch(Exception e)
            {
                Log.e("error", "111"+e.toString());
            }
        return null;
    }

9- And finally I fill parameter byte array and send it with instruction(c4) to the 

byte[] cmd = new byte[]{(byte)0x00 ,
                         (byte)0x00 ,(byte)0x00 ,(byte)0x00 ,(byte)0x00 
                         ,(byte)0x00 ,(byte)0x00 ,(byte)0x00 ,(byte)0x00 
                         ,(byte)0x00 ,(byte)0x00 ,(byte)0x00 ,(byte)0x00 
                         ,(byte)0x00 ,(byte)0x00 ,(byte)0x00 ,(byte)0x00 
                         ,(byte)0x00 ,(byte)0x00 ,(byte)0x00 ,(byte)0x00 
                         ,(byte)0x00 ,(byte)0x00 ,(byte)0x00 ,(byte)0x00 };
                //fill cmd
                for(int i=1 ;i<cmd.length ; i++)
                    cmd[i] = newPICCKeyEnciphered[i -1];

try {
responseChangeKey = isodep.transceive(Utils.wrapMessage((byte)0xC4, cmd));
            } catch (IOException e1) {
                // TODO Auto-generated catch block
                e1.printStackTrace();
            } catch (Exception e1) {
                // TODO Auto-generated catch block
                e1.printStackTrace();
            }

And here is Utils class:

public class Utils {    
    public static byte[] wrapMessage (byte command, byte[] parameters) throws Exception {
        ByteArrayOutputStream stream = new ByteArrayOutputStream();

        stream.write((byte) 0x90);
        stream.write(command);
        stream.write((byte) 0x00);
        stream.write((byte) 0x00);
        if (parameters != null) {
            stream.write((byte) parameters.length);
            stream.write(parameters);
        }
        stream.write((byte) 0x00);

        byte[] b = stream.toByteArray();
        return b;
    }
}

I at the last step (sending apdu for changing master key to the card) recieved Exception 0x1E Error, that means Integrity error :CRC or MAC does not match data Padding bytes not valid. How can I do perform changing key correctly ? it is necessaryfor me.thanks.

setare ab
  • 183
  • 1
  • 12

1 Answers1

3
  1. DESFire cards uses a little different CRC16 from yours. Your initial value for CRC16 is 0xFFFF, but DESFire expects 0x6363. This may cause your troubles with the integrity error.
  2. I see no DEC/CBC encryption using decryption of your newPICCKey_deciphered array. You really have to use DECRYPTION MODE instead of ENCRYPTION MODE when encrypting (although it seems weird). That means:

aliceCipher.init(Cipher.DECRYPT_MODE, s, new IvParameterSpec(ivBytes));

and because of the fact, that CBC mode of decryption is different from CBC mode for encryption, you have to implement your own CBC mode and use the aliceCipher always for one block only with the correct IV.

vojta
  • 5,591
  • 2
  • 24
  • 64
  • Comments are not for extended discussion; this conversation has been [moved to chat](http://chat.stackoverflow.com/rooms/77896/discussion-on-answer-by-vojta-i-got-0x1e-error-integrity-error-while-change-de). – Taryn May 15 '15 at 12:09
  • @setareab Please don't use comments to refer the answerer to your new question. Or simply delete them after receiving your answer. stackoverflow is not supposed to have a lot of reference to other questions of questioner below the answers. so please remove all three above comments. they don't help to future viewer.Thank you. :) (I'll delete my comment also.) – Jean May 27 '15 at 05:06