Current command:
hf mfdes createmacfile --help
Create Transaction MAC file in the application. Application master key needs to be provided or flag --no-auth set (depend on application settings). usage: hf mfdes createmacfile [-hav] [-n <dec>] [-t <DES|2TDEA|3TDEA|AES>] [-k <hex>] [--kdf <none|AN10922|gallagher>] options: -h, --help This help -a, --apdu Show APDU requests and responses -v, --verbose Verbose output -n, --keyno <dec> Key number -t, --algo <DES|2TDEA|3TDEA|AES> Crypt algo -k, --key <hex> Key for authenticate (HEX 8(DES), 16(2TDEA or AES) or 24(3TDEA) bytes) --kdf <none|AN10922|gallagher> Key Derivation Function (KDF) -i, --kdfi <hex> KDF input (1-31 hex bytes) -m, --cmode <plain|mac|encrypt> Communicaton mode -c, --ccset <native|niso|iso> Communicaton command set --schann <d40|ev1|ev2|lrp> Secure channel --aid <hex> Application ID (3 hex bytes, big endian) --isoid <hex> Application ISO ID (ISO DF ID) (2 hex bytes, big endian) --fid <hex> File ID (1 hex byte) --amode <plain|mac|encrypt> File access mode --rawrights <hex> Access rights for file (2 hex bytes) R/W/RW/Chg, 0x0 - 0xD Key, 0xE Free, 0xF Denied --rrights <key0..key13|free|deny> Read file access mode: the specified key, free, deny --wrights <key0..key13|free|deny> Write file access mode: the specified key, free, deny --rwrights <key0..key13|free|deny> Read/Write file access mode: the specified key, free, deny --chrights <key0..key13|free|deny> Change file settings access mode: the specified key, free, deny --no-auth Execute without authentication --mackey <hex> AES-128 key for MAC (16 hex bytes, big endian). (def: all zeros) --mackeyver <hex> AES key version for MAC (1 hex byte). (def: 0x0) examples/notes: --rawrights have priority over the separate rights settings. Key/mode/etc of the authentication depends on application settings Write right should be always 0xF. Read-write right should be 0xF if you not need to submit CommitReaderID command each time transaction starts