Hi.
I have tried to change ATS on MIFARE EV3 card while authenticate with default DES key and was not successful. Not using SAM AV3 nor by manually calculating session keys.
After successful authentication, I have constructed required ATS, added CRC16 and padding according to documentation (at least I think so:) ). But when sending to SAM I got wrong CRC or padding error if using decryption method or the command is rejected by the card if using encription method.
I have pegoda reader and RFIDDiscover and when I use SAM the result is the same. The only way that I managed to change ATS is by using key store (without SAM).
I have even tried some reverse engineering and try to decrypt encrypted message with session key provided in pegoda log (using online calculators or self coding algorithms), which successfully decrypted only first 8 bytes. The next 8 bytes are scrambled (instead of other part of CRC and padding).
I guess I'm missing one step or some key settings that would enable generation of properly encrypted/decrypted D40 messages with SAM AV3. Any suggestions how this should be implemented if using SAM AV3?
BTW, changing ATS using EV2 authentication works like a charm. At least with desfire EV2 cards (unfortunately not with EV3 -> still waiting for docs).
Best regards
Vojko
