reading type 4 tag broken due to response length limit in inDataExchange()

I'm trying to read a RuuviTag to fetch configuration (ie MAC address)

the tag is recognized, but the code crashes in NfcTag NTAGType4::read() while parsing the NDEF content. The crash happens during the third record, when trying to parse unread content.

The reason is that the isoReadNTAGType4NdefFile method assumes the NDEF message can be read in one go by one inDataExchange() call

however inDataExchange() is limited to below 64 bytes (60 or so) actual return buffer size is limited to 64 bytes including overhead, see the pn532_packetbuffer definition

I see two ways of dealing with the issue:

in isoReadNTAGType4NdefFile loop over 60byte chunks until the whole file is read
consider implementing Extended Frame support

nfc-tools implemented extended frames

with Adafruit-PN532, there has been an attempt io address the issue: https://github.com/adafruit/Adafruit-PN532/issues/38 but that never was merged

so for a start the chunked read variant looks easier to do while at it, it might make sense to factor out a generic file reading method (file id->(buffer, length)

this is what NXP Tag Info has to say about it:

** TagInfo Scan (version 4.28.0) 04-Dez.-23 18:58:39 **
Report Type: -- IC INFO ------------------------------

# IC Manufacturer:
Nordic Semiconductor

# IC Type:
Unknown IC implementing ISO/IEC 14443-4

# NFC Forum NDEF-compliant tag:
Type 4 Tag

# Application information:
Type 4 Tag v2 application present

-- NDEF ------------------------------

# NFC data set information:
NDEF message containing 4 records
Current message size: 129 bytes
Maximum message size: 238 bytes
NFC data set access: Read & Write

# Record #1: Text record:
Type Name Format: NFC Forum well-known type
Short Record
type: "T"
encoding: UTF-8
lang: "id"
text: "ID: C5:5A:B4:FC:52:5C:F4:B2"
Payload length: 30 bytes
Payload data:

[00] 02 69 64 49 44 3A 20 43 35 3A 35 41 3A 42 34 3A |.idID: C5:5A:B4:|

[10] 46 43 3A 35 32 3A 35 43 3A 46 34 3A 42 32       |FC:52:5C:F4:B2  |

# Record #2: Text record:
Type Name Format: NFC Forum well-known type
Short Record
type: "T"
encoding: UTF-8
lang: "ad"
text: "MAC: C2:6E:D1:70:2B:44"
Payload length: 25 bytes
Payload data:

[00] 02 61 64 4D 41 43 3A 20 43 32 3A 36 45 3A 44 31 |.adMAC: C2:6E:D1|

[10] 3A 37 30 3A 32 42 3A 34 34                      |:70:2B:44       |

# Record #3: Text record:
Type Name Format: NFC Forum well-known type
Short Record
type: "T"
encoding: UTF-8
lang: "sw"
text: "SW: Ruuvi FW v3.31.1+default"
Payload length: 31 bytes
Payload data:

[00] 02 73 77 53 57 3A 20 52 75 75 76 69 20 46 57 20 |.swSW: Ruuvi FW |

[10] 76 33 2E 33 31 2E 31 2B 64 65 66 61 75 6C 74    |v3.31.1+default |

# Record #4: Text record:
Type Name Format: NFC Forum well-known type
Short Record
type: "T"
encoding: UTF-8
lang: "dt"
text: "`A����$}V�n�p+D"
Payload length: 27 bytes
Payload data:

[00] 02 64 74 05 16 60 41 87 FF FF 03 10 FE 14 02 24 |.dt..`A........$|

[10] 7D 56 1A 00 0B C2 6E D1 70 2B 44                |}V....n.p+D     |

# NDEF message:
[00] 91 01 1E 54 02 69 64 49 44 3A 20 43 35 3A 35 41 |...T.idID: C5:5A|

[10] 3A 42 34 3A 46 43 3A 35 32 3A 35 43 3A 46 34 3A |:B4:FC:52:5C:F4:|

[20] 42 32 11 01 19 54 02 61 64 4D 41 43 3A 20 43 32 |B2...T.adMAC: C2|

[30] 3A 36 45 3A 44 31 3A 37 30 3A 32 42 3A 34 34 11 |:6E:D1:70:2B:44.|

[40] 01 1F 54 02 73 77 53 57 3A 20 52 75 75 76 69 20 |..T.swSW: Ruuvi |

[50] 46 57 20 76 33 2E 33 31 2E 31 2B 64 65 66 61 75 |FW v3.31.1+defau|

[60] 6C 74 51 01 1B 54 02 64 74 05 16 60 41 87 FF FF |ltQ..T.dt..`A...|

[70] 03 10 FE 14 02 24 7D 56 1A 00 0B C2 6E D1 70 2B |.....$}V....n.p+|

[80] 44                                              |D               |

# Capability Container (CC) file content:
Mapping version 2.0
CC length: 15 bytes
Maximum Le value: 248 bytes
Maximum Lc value: 248 bytes
NDEF File Control TLV:
* Length: 6 bytes
* NDEF file ID: 0xE104
* Maximum NDEF data size: 240 bytes
* NDEF access: Read & Write
[0] 00 0F 20 00 F8 00 F8 04 06 E1 04 00 F0 00 00    |.. ............ |

# Type 4 Tag File Control Information (FCI):
Type 4 Tag v2 application FCI: [none]
CC file FCI: [none]
NDEF file FCI: [none]

# NDEF file contents:
[00] 00 8D 81 01 00 00 00 1E 54 02 69 64 49 44 3A 20 |........T.idID: |

[10] 43 35 3A 35 41 3A 42 34 3A 46 43 3A 35 32 3A 35 |C5:5A:B4:FC:52:5|

[20] 43 3A 46 34 3A 42 32 01 01 00 00 00 19 54 02 61 |C:F4:B2......T.a|

[30] 64 4D 41 43 3A 20 43 32 3A 36 45 3A 44 31 3A 37 |dMAC: C2:6E:D1:7|

[40] 30 3A 32 42 3A 34 34 01 01 00 00 00 1F 54 02 73 |0:2B:44......T.s|

[50] 77 53 57 3A 20 52 75 75 76 69 20 46 57 20 76 33 |wSW: Ruuvi FW v3|

[60] 2E 33 31 2E 31 2B 64 65 66 61 75 6C 74 41 01 00 |.31.1+defaultA..|

[70] 00 00 1B 54 02 64 74 05 16 60 41 87 FF FF 03 10 |...T.dt..`A.....|

[80] FE 14 02 24 7D 56 1A 00 0B C2 6E D1 70 2B 44    |...$}V....n.p+D |

-- EXTRA ------------------------------

# TagInfo Version:
Version :4.28.0

# Device Info:
Device Model :samsung ( SM-A136B )
Android OS Version :13

-- FULL SCAN ------------------------------

--------------------------------------

actually the problem is more trivial: the Adafruit_PN532 library is plain wrong with respect to the maximum size of the reply buffer - when I increase this value to 255 the Ruuvi reading just works:

#define PN532_PACKBUFFSIZ 64

record 0: type 1 typelen 1 idlen 0 payloadlen 30
record 1: type 1 typelen 1 idlen 0 payloadlen 25
record 2: type 1 typelen 1 idlen 0 payloadlen 31
record 3: type 1 typelen 1 idlen 0 payloadlen 27
4
UID: 5F 3E 20 3F 0E AE 5E

This NFC Tag contains an NDEF Message with 4 NDEF Records.

NDEF Record 1
  TNF: 1
  Type: TxV����?,
  Payload (HEX): 02 69 64 49 44 3A 20 43 35 3A 35 41 3A 42 34 3A 46 43 3A 35 32 3A 35 43 3A 46 34 3A 42 32  .idID: C5:5A:B4:FC:52:5C:F4:B2
  Payload (as String): idID: C5:5A:B4:FC:52:5C:F4:B2

NDEF Record 2
  TNF: 1
  Type: TxV����?(
  Payload (HEX): 02 61 64 4D 41 43 3A 20 43 32 3A 36 45 3A 44 31 3A 37 30 3A 32 42 3A 34 34  .adMAC: C2:6E:D1:70:2B:44
  Payload (as String): adMAC: C2:6E:D1:70:2B:44

NDEF Record 3
  TNF: 1
  Type: TxV����?,
  Payload (HEX): 02 73 77 53 57 3A 20 52 75 75 76 69 20 46 57 20 76 33 2E 33 31 2E 31 2B 64 65 66 61 75 6C 74  .swSW: Ruuvi FW v3.31.1+default
  Payload (as String): swSW: Ruuvi FW v3.31.1+default

NDEF Record 4
  TNF: 1
  Type: TxV����?(
  Payload (HEX): 02 64 74 05 11 00 80 80 80 80 80 80 80 80 80 80 80 80 80 80 80 80 80 80 80 80 80  .dt...���������������������
  Payload (as String): dt���������������������

this seems to be a mixup between FIFO size (64) and the maximum extended frame size (262) as clarified in the accepted answer.

so this needs a patch of Adafruit_PN532 library unfortunately the strange "optimizations" taken there (uint8_t for what should be a size_t) come to roost

anyway will try to patch this up and post a PR

steefst33f / NDEF

reading type 4 tag broken due to response length limit in inDataExchange() #1