Integrity Error on sending command with MAC

amrin-hexondata · ‎05-16-2024

Hello, I'm trying to communicate with desfire ev3 after auth using authenticateEV2First function.
The key has been changed to AES, and I believe I manage to authenticate using the authenticateEV2First.

However I'm stuck at sending new command with MAC. In my example I try to get version (0x60) but I keep getting Integrity Error. I have CMAC function to calculate the values needed, and according to examples i found on the internet my function does calculate correctly.

I'm though not sure if my sessionkeys are generated the right way or not.
authenticateEV2First - Pastebin.com
Functions that relates to mac - Pastebin.com
Output - Pastebin.com

I include my auth function, MAC related function and whole output. All code is written in Javascript.

Thank you.

Fabian_R · ‎05-16-2024

This is Fabian, I've been assigned to support your case.

I appreciate your interest in our products.

Could you please clarify if you have an NDA and, access to the MIFARE DESFire EV3 secure files?

Unfortunately, I'm not able to provide full support for a javascript-based application, but the issue you are having may be related to the endianness of the frames.

Best Regards,
Fabian

amrin-hexondata · ‎05-16-2024

Hi Fabian, yup I do have access to desfire ev3 nda file DS487033.
In my app, i first create the app, create files, then I change the key.
Should I change the key first just then create the files?

Fabian_R · ‎05-17-2024

Hello sir,
There is a document called: MIFARE DESFire EV3 features and hints, which has some examples of particular use cases. Please take a look at section 4.1.3.1 which shows a similar use case of yours.
Unfortunately, I'm, not able to publish further information since this is a public community thread, and the information is secured.

Best Regards,
Fabian