This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

reading ntag213 with trf797a above page 15

Prodigy 30 points

Replies: 3

Views: 1590

Hello,

I'm trying to read NTAG213. The read is successful for pages below 16.

I'm reading 4 pages block with READ (0x30) command. If I read a block starting from page 15, page 15 is read correctly and then the rest of the data is from page 0, 1, 2.

If I try to start reading from page 16 and above, I don't get any reply from trf7970a, and reading timeouts.

The function that reads block sends the following sequence:

8F  91 3D  00 20  30  [BLOCK_ADDRESS]

8F  91 3D  00 20  30 0C ------------------> OK

8F  91 3D  00 20  30 10 ------------------> NOT OK

For pages bellow 16 I get write interrupt after ~0.53 ms, send command to reset FIFO, and then get read interrupt after ~1.5 ms

I don't get read interrupt if BLOCK_ADDRESS >= 16

I have two tags, and I can read the content of a tag with NFC TagInfo app, thus I think it means no pages are under password.

We are using custom board and tms320C28xx microcontroller.

3 Replies

  • Hello Oleksandr,

    I am researching this since I do not have any of these tags currently.  I also ordered some tags to work with, but won't receive them until Friday.  When you read using the NFC TagInfo app, can you confirm it reads all pages of the tag?  I also have a sniffer, so when I receive the tags, I can sniff the communication between the phone and tag to determine exactly what commands are being used.

    Best Regards,

    Eddie

    Don't forget to verify answers to your forum questions by using the  Verify Answer  button.

  • In reply to Eddie LaCost:

    Hello Eddie,

    Yes, TagInfo reads all the pages.
    Bellow is the TagInfo ouput:

    ** TagInfo scan (version 3.0) 2015-08-28 16:03:05 **

    -- INFO ------------------------------

    # IC manufacturer:
    NXP Semiconductors

    # IC type:
    NTAG213

    -- NDEF ------------------------------

    # No NFC data set available:

    # NDEF Capability Container (CC):
    Mapping version: 1.0
    Maximum NDEF data size: 144 bytes (0x12)
    NDEF access: Read & Write (0x00)
    E1 10 12 00 |.... |

    # Control TLVs:
    Lock Control TLV at address 0x04, offset 0
    * Dynamic lock bytes at address 0x28, offset 0
    - 12 lock bits (0x0C)
    - 8 bytes locked per lock bit (0x3)
    - Address calculation:
    ~ page address: 0xA
    ~ byte offset: 0x0
    ~ 16 bytes per page (1<<0x4)
    01 03 A0 0C 34 |....4 |

    -- EXTRA ------------------------------

    # Memory size:
    144 bytes user memory
    * 36 pages, with 4 bytes per page

    # IC detailed information:
    Full product name: NT2H1311G0DUx
    Capacitance: 50 pF

    # Version information:
    Vendor ID: NXP (0x04)
    Type: NTAG (0x04)
    Subtype: 50 pF (0x02)
    Major version: 1 (0x01)
    Minor version: V0 (0x00)
    Storage size: 144 bytes (0x0F)
    Protocol: ISO/IEC 14443-3 (0x03)

    # Configuration information:
    ASCII mirror disabled
    NFC counter: disabled
    No limit on wrong password attempts
    Strong load modulation enabled

    # Originality check:
    Signature verified with NXP public key
    Public key:
    * 0x04494E1A386D3D3CFE3DC10E5DE68A499B1C202DB5B132393E89ED19FE5BE8BC61
    ECDSA signature:
    * r: 0x2610A0A8FC533FDCCF908340B80D0791
    * s: 0xD50D2A5D9B0C1EBEFE8351DEBA2880D2

    -- TECH ------------------------------

    # Technologies supported:
    ISO/IEC 14443-3 (Type A) compatible
    ISO/IEC 14443-2 (Type A) compatible

    # Android technology information:
    Tag description:
    * TAG: Tech [android.nfc.tech.NfcA, android.nfc.tech.MifareUltralight,
    android.nfc.tech.Ndef]
    android.nfc.tech.Ndef
    android.nfc.tech.MifareUltralight
    android.nfc.tech.NfcA
    * Maximum transceive length: 253 bytes
    * Default maximum transceive time-out: 618 ms
    No MIFARE Classic support present in Android

    # Detailed protocol information:
    ID: 04:5E:76:4A:9A:3D:80
    ATQA: 0x4400
    SAK: 0x00

    # Memory content:
    [00] * 04:5E:76 A4 (UID0-UID2, BCC0)
    [01] * 4A:9A:3D:80 (UID3-UID6)
    [02] . 6D 48 00 00 (BCC1, INT, LOCK0-LOCK1)
    [03] . E1:10:12:00 (OTP0-OTP3)
    [04] . 01 03 A0 0C |....|
    [05] . 34 03 00 FE |4...|
    [06] . 00 00 00 00 |....|
    [07] . 00 00 00 00 |....|
    [08] . 00 00 00 00 |....|
    [09] . 00 00 00 00 |....|
    [0A] . 00 00 00 00 |....|
    [0B] . 00 00 00 00 |....|
    [0C] . 00 00 00 00 |....|
    [0D] . 00 00 00 00 |....|
    [0E] . 00 00 00 00 |....|
    [0F] . 00 00 00 00 |....|
    [10] . 00 00 00 00 |....|
    [11] . 00 00 00 00 |....|
    [12] . 00 00 00 00 |....|
    [13] . 00 00 00 00 |....|
    [14] . 00 00 00 00 |....|
    [15] . 00 00 00 00 |....|
    [16] . 00 00 00 00 |....|
    [17] . 00 00 00 00 |....|
    [18] . 00 00 00 00 |....|
    [19] . 00 00 00 00 |....|
    [1A] . 00 00 00 00 |....|
    [1B] . 00 00 00 00 |....|
    [1C] . 00 00 00 00 |....|
    [1D] . 00 00 00 00 |....|
    [1E] . 00 00 00 00 |....|
    [1F] . 00 00 00 00 |....|
    [20] . 00 00 00 00 |....|
    [21] . 00 00 00 00 |....|
    [22] . 00 00 00 00 |....|
    [23] . 00 00 00 00 |....|
    [24] . 00 00 00 00 |....|
    [25] . 00 00 00 00 |....|
    [26] . 00 00 00 00 |....|
    [27] . 00 00 00 00 |....|
    [28] . 00 00 00 BD (LOCK2-LOCK4, CHK)
    [29] . 04 00 00 FF (CFG, MIRROR, AUTH0)
    [2A] . 00 05 -- -- (ACCESS)
    [2B] +P FF FF FF FF (PWD0-PWD3)
    [2C] +P 00 00 -- -- (PACK0-PACK1)

    *:locked & blocked, x:locked,
    +:blocked, .:un(b)locked, ?:unknown
    r:readable (write-protected),
    p:password protected, -:write-only
    P:password protected write-only

    --
    Regards,
    Sasha
  • In reply to Oleksandr Kozaruk78:

    This was resolved outside of the e2e forums with Sasha.  I have attached the Saleae logic analyzer shots of the correct reading of NTAG213.  ntag213_read_39_blocks_of_data.logicdata

    Best Regards,

    Eddie

    Don't forget to verify answers to your forum questions by using the  Verify Answer  button.

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.