Below is the command sequence that should be used in order to read/write DESFire cards. example attached here. DesFire Example.txt
- Enable Pass-Through Mode
- Poll For Token Command
- Sequential APDU Desfire Commands for Select AID, Read and Write with 2C-03 Command.
- Internal Card Authentication .
- On Card Authentication - Sequential APDU Desfire Commands for Select AID, Read and Write with 2C-03 Command .
Notice that each card has a different RandB value returned from Get RandA command. You will need to implement an algorithm to calculate a new session key based on the returned RandB data. It requires the correct session key to be able to read/write the card. Furthermore, a new session key will be generated per each transaction. The algorithm has to be implemented in a host application, to calculate session key. The transaction flow is shown on page9 of spec.
The online tool that helps to calculate the key (using encrypt mode = DES-CBC). Cipher block chaining (CBC) is a mode of operation for a block cipher (one in which a sequence of bits are encrypted as a single unit or block with a cipher key applied to the entire block). Cipher block chaining uses what is known as an initialization vector (IV) of a certain length.