1 (edited by rhodos 2012-05-30 09:33:00)

Topic: libfreefare & change_key on DesFire cards

Hello,
I recently found a problem with changing keys on DESFire cards with libfreefare.

When Ï change default key (DES 8x 0x00) to some other DES key, everything works, I am still able to change it back to default key. But as soon as I change it to 3DES key, I am not able to change It to anything else, while authentification with this key is still possible.
Documentation at my disposal doesn't say anything about this, so I think It should be possible. Can anyone try this, or tell me what's wrong?

Here's the snippet showing problem.

#include <iostream>

#include "nfc.h"
#include "freefare.h"
#include "nfc-types.h"

#ifdef _WIN32
    #include <windows.h>
#endif

int main(int argc, char *argv[])
{
    nfc_init (NULL);

    nfc_device *device = nfc_open (NULL, NULL);

    if (device == NULL) {
      qDebug() << "Unable to open NFC device.";
    }

    if (nfc_initiator_init (device) < 0) {
        qDebug() << "Initiator error.";
    }

    uint8_t full_key[16] = { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 ,
                             0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 };
    MifareDESFireKey fullkey = mifare_desfire_3des_key_new_with_version (full_key);

    uint8_t empty_key[8]  = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
    MifareDESFireKey emptykey = mifare_desfire_des_key_new_with_version (empty_key);

    //Probing for smart cards
    MifareTag *tags = freefare_get_tags (device);
    if (*tags != 0x00)
        printf("Smart card found!\n");
    else
    {
        printf("No smart cards!\n");
        return -1;
    }

    printf("Connecting to card.....");
    if(!mifare_desfire_connect (tags[0]))
        printf("successfull\n");
    else
        printf("failed\n");

    printf("Unlocking card with key ");
    for(int i = 0; i < 8; i++) printf("%.2X", empty_key[i]);
    printf(".....");
    if (!mifare_desfire_authenticate (tags[0], 0, emptykey))
        printf("successfull\n");
    else
        printf("failed\n");

    printf("Changing master key ");
    if(!mifare_desfire_change_key((tags[0]), 0, fullkey, emptykey))
        printf("successfull\n");
    else
        printf("failed\n");

    printf("Unlocking card with key ");
    for(int i = 0; i < 16; i++) printf("%.2X", full_key[i]);
    printf(".....");
    if (!mifare_desfire_authenticate (tags[0], 0, fullkey))
        printf("successfull\n");
    else
        printf("failed\n");

    printf("Changing master key ");
    if(!mifare_desfire_change_key((tags[0]), 0, emptykey, fullkey))
        printf("successfull\n");
    else
        printf("failed\n");

#ifdef _WIN32
    system("pause");
#endif

    return 0;
}

Also I first found this with about year old libnfc & libfreefare, and then I updatet my libs to most recent one - libnfc 1.6 & libfreefare from SVN.

2 (edited by pykoon 2015-03-03 23:18:59)

Re: libfreefare & change_key on DesFire cards

Hi,

Dis you find your problem ? I have the same result today.

Re: libfreefare & change_key on DesFire cards

Is there in this forum only one person who can use this libfreefare ?

With this simply code, with DESFire tag and DESFire EV1 tag I have the same result.

Re: libfreefare & change_key on DesFire cards

Many users are able to use libfreefare but this library require some skills and documentation reads.

Building secured systems needs to understand security...
Have a look to examples, man pages, etc.

Romuald Conty