11.12.3.4.74. Function Se05x_API_DFChangeKeyPart1¶
Defined in File se05x_APDU_apis.h
11.12.3.4.74.1. Function Documentation¶
-
smStatus_t
Se05x_API_DFChangeKeyPart1
(pSe05xSession_t session_ctx, uint32_t oldObjectID, uint32_t newObjectID, uint8_t keySetNr, uint8_t keyNoDESFire, uint8_t keyVer, uint8_t *KeyData, size_t *pKeyDataLen)¶ Se05x_API_DFChangeKeyPart1
The DFChangeKeyPart1 command is supporting the function to change keys on the DESFire PICC. The command generates the cryptogram required to perform such operation.
The new key and, if used, the current (or old) key must be stored in the SE05X and have the POLICY_OBJ_ALLOW_DESFIRE_AUTHENTICATION associated to execute this command. This means the new PICC key must have been loaded into the SE05X prior to issuing this command.
The 1-byte key set number indicates whether DESFire ChangeKey or DESFire ChangeKeyEV2 is used. When key set equals 0xFF, ChangeKey is used.
Command to Applet
Field
Value
Description
CLA
0x80
INS
INS_CRYPTO
P1
P1_DEFAULT
See
SE05x_P1_t
P2
P2_CHANGE_KEY_PART1
See
SE05x_P2_t
Lc
#(Payload)
TLV[TAG_1]
4-byte identifier of the old key. [Optional: if the authentication key is the same as the key to be replaced, this TAG should not be present].
TLV[TAG_2]
4-byte identifier of the new key.
TLV[TAG_3]
1-byte key set number [Optional: default = 0xC6]
TLV[TAG_4]
1-byte DESFire key number to be targeted.
TLV[TAG_5]
1-byte key version
Le
0x00
R-APDU Body
Value
Description
TLV[TAG_1]
Cryptogram holding key data
R-APDU Trailer
SW
Description
SW_NO_ERROR
The command is handled successfully.
- Parameters
[in] session_ctx
: Session Context [0:kSE05x_pSession][in] oldObjectID
: oldObjectID [1:kSE05x_TAG_1][in] newObjectID
: newObjectID [2:kSE05x_TAG_2][in] keySetNr
: keySetNr [3:kSE05x_TAG_3][in] keyNoDESFire
: keyNoDESFire [4:kSE05x_TAG_4][in] keyVer
: keyVer [5:kSE05x_TAG_5][out] KeyData
: [0:kSE05x_TAG_1][inout] pKeyDataLen
: Length for KeyData