2

I need some help communicating with Desfire EV1 card. The library (winscard.dll) seems to be automatically handling all responses from the card that have an ADDITIONAL_FRAME (AF) byte so that the application receives already processed data. For example, I send the GetVersion command as follows:

[out] 90 60 00 00 00, and the response is:
[ in ] 04 01 01 01 00 18 05 04 01 01 01 04 18 05 04 83 71 2A 9F 43 80 BA 64 17 8F A0 07 15 91 00

Note: I wrapped the command data in ISO 7816 headers.

I expected the communication to be something like this:

[out] 90 60 00 00 00
[ in ] 04 01 01 01 00 18 05 91 AF

[out] 90 AF 00 00 00
[ in ] 04 01 01 01 04 18 05 91 AF

[out] 90 AF 00 00 00
[ in ] 04 83 71 2A 9F 43 80 BA 64 17 8F A0 07 15 91 00.

The same thing happens during card authentication so when I send

[out] 90 0A 00 00 01 00 00, I get back
[ in ] 91 00
instead of a card challenge.

Is there a way to disable this behaviour?

Thanks.

Lewis Munene
  • 134
  • 7
  • 1
    I have seen a reader doing the ANOTHER FRAME automagically (maybe Omnikey, not sure)....but not for the authentication (even stranger is that the reader succeeds -- are you authenticated to the card after this command?) – vlp Jan 12 '16 at 23:31
  • Yes I am. I get authenticated to new cards and I can even create applications, but not to any card whose keys I have changed myself. I'm assuming it's because new cards have default keys of all 0's. So I guess the reader stores the keys somewhere and does the authentication itself. Maybe now I should find a way to communicate the keys to the reader and then send the authenticate command and see what happens. – Lewis Munene Jan 13 '16 at 15:35
  • Interesting, I would recommend to check the reader documentation regarding DESFire cards. Quite often the PC/SC command `Load keys` is used to store keys into the reader (see PC/SC, part 3, section 3.2.2.1.4 [here](http://www.pcscworkgroup.com/specifications/files/pcsc3_v2.01.09.pdf)). But these keys are usually used with the associated storage card functionality commands. Good Luck and please let us know about your results! – vlp Jan 13 '16 at 16:19
  • What reader are you using? Have you tried a different one? – Paul Bastian Jan 15 '16 at 09:55
  • I am using an Elyctis Reader that has been embedded within an Evolis printer. According to the documentation I am supposed to load keys to the reader's EEPROM in this format: **FF 00 00 00 1F 07 01 PCDKeyNo AID PICCKeyNo Key1 Key2 Key3** This works well, however I can't figure out how the printer performs card authentication as the document does not talk about it. I have tried various combinations to no avail. – Lewis Munene Jan 16 '16 at 17:14

0 Answers0