All geek questions in one place

NTAG212 Ultralight Mifare with Authentication

I'm new to NFC Android, and I have been stuck for several days trying to get the NTAG212 Mifare Ultralight authentication page . I already have PWD and PACK to do PWD_AUTH based on NTAG212 docs .

I am doing this approach ...

//assume password as array of bytes
//assume pack as array of bytes
try{
nfc.connect();
byte[] cmd1 = nfc.transceive(new byte[]{ (byte) 0x30, (byte) 0x00 }); //read the page 0     to make the NFC active
nfc.transceive(new byte[]{
   (byte) 0x1B, //command for PWD_AUTH
   pass[0],
   pass[1],
   pass[2],
   pass[3]
});
byte[] cmd4 = nfc.transceive(new byte[]{ (byte) 0x30, (byte) 0x04 }); //read the page 4
}catch(TagLostException e){
  e.printStackTrace();
}catch(IOException e){
  e.printStachTrace();
}finally{
    try{
        nfc.close();
    }catch(Exception e){
      //display failed to close
    }
}

I always get an error android.nfc.TagLostException: Tag was lost.after sending the PWD_AUTH command to NFC. Can someone tell me what I am doing wrong? Is my approach right? Please, help.

NOTE. I read NTAG212 docs many times, searched google, stackoverflow and all possible resources.

TIA,
Kenster

+1
1

PWD_AUTH, , .

PWD_AUTH , (4- ) (PACK) (2- ), . PACK "" .

, :

byte[] response = nfc.transceive(new byte[] {
    (byte) 0x1B, // PWD_AUTH
    pass[0], pass[1], pass[2], pass[3]
});
if ((response != null) && (response.length >= 2)) {
   byte[] pack = Arrays.copyOf(response, 2);
   // TODO: verify PACK to confirm that tag is authentic (not really,
   // but that whole PWD_AUTH/PACK authentication mechanism was not
   // really meant to bring much security, I hope; same with the
   // NTAG signature btw.)
}

, ( NTAG212):

  • PWD (. 39) ( 0xFFFFFFFF).

    byte[] response = nfc.transceive(new byte[] {
    (byte) 0xA2, // WRITE
    (byte) 39,   // page address
    pass[0], pass[1], pass[2], pass[3]
});

  • PACK (. 40, 0-1) ( 0x0000).

    byte[] response = nfc.transceive(new byte[] {
    (byte) 0xA2, // WRITE
    (byte) 40,   // page address
    pack[0], pack[1],   // bytes 0-1 are PACK value
    (byte) 0, (byte) 0  // other bytes are RFU and must be written as 0
});

  • AUTHLIM (. 38, 0, 2-0) ( 0 PWD_AUTH).

  • PROT (. 38, 0, 7) (0 = PWD_AUTH , 1 = PWD_AUTH ).

    byte[] response = nfc.transceive(new byte[] {
    (byte) 0x30, // READ
    (byte) 38    // page address
});
if ((response != null) && (response.length >= 16)) {  // read always returns 4 pages
    boolean prot = false;  // false = PWD_AUTH for write only, true = PWD_AUTH for read and write
    int authlim = 0; // value between 0 and 7
    response = nfc.transceive(new byte[] {
        (byte) 0xA2, // WRITE
        (byte) 38,   // page address
        (byte) ((response[0] & 0x078) | (prot ? 0x080 : 0x000) | (authlim & 0x007)),
        response[1], response[2], response[3]  // keep old value for bytes 1-3, you could also simply set them to 0 as they are currently RFU and must always be written as 0 (response[1], response[2], response[3] will contain 0 too as they contain the read RFU value)
    });
}

  • AUTH0 ( 37, 3) , .

    byte[] response = nfc.transceive(new byte[] {
    (byte) 0x30, // READ
    (byte) 37    // page address
});
if ((response != null) && (response.length >= 16)) {  // read always returns 4 pages
    boolean prot = false;  // false = PWD_AUTH for write only, true = PWD_AUTH for read and write
    int auth0 = 0; // first page to be protected, set to a value between 0 and 37 for NTAG212
    response = nfc.transceive(new byte[] {
        (byte) 0xA2, // WRITE
        (byte) 37,   // page address
        response[0], // keep old value for byte 0
        response[1], // keep old value for byte 1
        response[2], // keep old value for byte 2
        (byte) (auth0 & 0x0ff)
    });
}

MifareUltralight, transceive, readPages writePage:

  • READ

    byte[] response = nfc.transceive(new byte[] {
    (byte) 0x30,                  // READ
    (byte) (pageAddress & 0x0ff)  // page address
});


    byte[] response = nfc.readPages(pageAddress);

  • WRITE

    byte[] data = { (byte)..., (byte)..., (byte)..., (byte)... };
byte[] response = nfc.transceive(new byte[] {
    (byte) 0xA2,                  // WRITE
    (byte) (pageAddress & 0x0ff), // page address
    data[0], data[1], data[2], data[3]
});


    nfc.writePage(pageAddress, data);
+6

Source: https://habr.com/ru/post/1620277/

More articles:


All Articles