search

nfc-developer / sdm-backend

Backend server for Secure Dynamic Messaging (SDM). Supports decryption of PICCData, SDMENCFileData, and validation of SDMMAC. Compatible with NTAG 424 DNA (both variants). Written in Python 3 Flask. Pull requests welcome.
MIT License
75 stars 39 forks source link

Can't get NTAG 424 tag to work with the sample backend - programmed with TagXplorer #31

Closed piejanssens closed 2 years ago

piejanssens commented 2 years ago

These are the steps I took based on the instructions from an NXP TechSupport:

  1. Select tab "Mirroring features", subtab "NTAG 424 DNA Tag Tamper"
  2. Select protocol `https://´
  3. Paste target URL: sdm.nfcdeveloper.com/tag?cmac=0000000000000000&picc_data=000000000000000000000000000000
  4. Determine offsets by setting cursor behind cmac= (37) and behind picc_data= (64) and write them down
  5. Click "Write to tag"
  6. Select tab "NTAG 424 DNA Tag Tamper"
  7. Select "Security Management"
  8. Click "Authenticate First" (using default zero-key)
  9. Click "Get / Change File Settings"
  10. Change communication type to "Enciphered"
  11. Select SDM options: "SDM and Mirroring" / "SDM Read Counter" / "UID (for mirroring)"
  12. Set Meta Read Access Key: 01
  13. Set File Read Access Key: 02
  14. SDM Counter Ret Access Key: 0F (not sure what this value represents though)
  15. Set SDM MAC Input Offset: 37
  16. Set SDM Mac Offset: 37
  17. Set PICC Data Offset: 64
  18. Click "Change File Settings"

This is an example of a resulting URL after scanning the tag, which fails the signature validation. https://sdm.nfcdeveloper.com/tag?cmac=3024237ECA5E5B44&picc_data=D3754B026C37ADE1E02BF49CF491F4

piejanssens commented 2 years ago

I'm trying to understand the default offsets that are set when I program the tag with the NFCDeveloperApp, but I can't figure it out 😄

This is the URL returned from the NDEF: https://sdm.nfcdeveloper.com/tag?_____TRIAL_VERSION______NOT_FOR_PRODUCTION_____&picc_data=4AA4FB317006013DDA6F995F13E15ECC&enc=40D7C3DA6F86B07494B2707F50279423&cmac=135AFB956B4603A3

These are the offsets programmed by NFCDeveloperApp: image

This is what I would expect them to be looking at the indexes of the different URI parameters:

picc_data: 90 image

enc: 127 image

cmac: 165 image

piejanssens commented 2 years ago

This works fine. I belief I was not using the correct keys.

rizalsofyans commented 1 year ago

Hello @piejanssens , what is the link that you entered the first time in TagXplorer? Is it like this https://sdm.nfcdeveloper.com/tag?picc_data=00000000000000000000000000000000&enc=00000000000000000000000000000000&cmac=0000000000000000?

image

jTanG0506 commented 6 months ago

Any tips on how to get this working with the file_data like in this example, via TagXplorer? https://sdm.nfcdeveloper.com/tag?picc_data=FD91EC264309878BE6345CBE53BADF40&enc=CEE9A53E3E463EF1F459635736738962&cmac=ECC1E7F6C6C73BF6