[TapLink SDK iOS] Authentication with AES 128 not working

SamanaGG · ‎02-27-2026

Hello, I have read your guide UG10045 and I have successfully integrated the Taplink iOS SDK in a demo Project.

In section 6.1 you describe an authenticationFlow with EV2 Card.

I have to use EV3 Cards, so I replicated that flow using a DesEV3Instance

Here my code:

private func authenticateWithCustomOrZero(_ desfire: TL_DESFireEV3, completion: @escaping (Bool, Bool) -> Void) {

        desfire.authenticate(withCardKeyNo: 0, withAuthenticationType: .native, withAuthKeyType: .THREEDES, withCommandSetForAuth: .Native, withAuthkey: threeDESZero) { firstAuth3D in

            os_log("Internal Log  - %{public}@", log: OSLog(subsystem: Bundle.main.bundleIdentifier!, category: "DemoLog"), type: .error, "firstAuth3D: \(firstAuth3D)")

            

            desfire.changeKey(withCardKeyNo: 0, withAuthKeyType: .AES128, withFromKey: threeDESZero, withToKey: aesZero) { firstChangeAES in

                os_log("Internal Log  - %{public}@", log: OSLog(subsystem: Bundle.main.bundleIdentifier!, category: "DemoLog"), type: .error, "firstChangeAES: \(firstChangeAES)")

                

                desfire.authenticate(withCardKeyNo: 0, withAuthenticationType: .AES, withAuthKeyType: .AES128, withCommandSetForAuth: .Native, withAuthkey: aesZero) { firstAuthAES in

                    os_log("Internal Log  - %{public}@", log: OSLog(subsystem: Bundle.main.bundleIdentifier!, category: "DemoLog"), type: .error, "firstAuthAES: \(firstAuthAES)")

                    

                    desfire.changeKey(withCardKeyNo: 0, withAuthKeyType: .THREEDES, withFromKey: aesZero, withToKey: threeDESZero) { lastChange3D in

                        os_log("Internal Log  - %{public}@", log: OSLog(subsystem: Bundle.main.bundleIdentifier!, category: "DemoLog"), type: .error, "lastChange3D: \(lastChange3D)")

                        

                        desfire.authenticate(withCardKeyNo: 0, withAuthenticationType: .native, withAuthKeyType: .THREEDES, withCommandSetForAuth: .Native, withAuthkey: threeDESZero) { lastAuth3D in

                            os_log("Internal Log  - %{public}@", log: OSLog(subsystem: Bundle.main.bundleIdentifier!, category: "DemoLog"), type: .error, "lastAuth3D: \(lastAuth3D)")

                        }

                    }

                }

            }

        }

    }

The first authentication with 3DES, the change to aes key and then the authentication with Aes key works perfectly.

Then when I tried to change to old 3DES key I received a error and now the card is still "authenticated" with AES key

For completism, the keys are

private let aesZero = Data(repeating: 0x00, count: 16)

private let threeDESZero = Data(repeating: 0x00, count: 24)

I received this error from SDK logs (see the attachments).

Exception Caught: com.nxp.nfclib.exceptions.PICCException: Integrity Error SW2 = 30

Before doing others tests, I hope to know from you if my implementation is working as expected and what that error means.

Thanks in advance

Fabian_R · ‎03-19-2026

Hello sir,

Thank you for sharing your code. My apologies for the delay.

I believe the root cause is very likely to be due to the threeDESZero odd parity per byte. After authenticating with an AES key and, the changing to the 3DES

You could quickly test this instead of using a 0x00, try a non-zero key to ensure odd parity byte.

If this still fails, please try changing from 3DES -> AES -> 3DES in two separated sessions but, please try using non-zero keys.

I hope this helps

Best Regards,
Fabian

[TapLink SDK iOS] Authentication with AES 128 not working

[TapLink SDK iOS] Authentication with AES 128 not working

Code examples

Example code