ionic framework - NFC Mifare Ultralight bogus response data

Question

I am using PhoneGap-NFC with Ionic/Capacitor and am trying to lock a NXP NTAG213.

According to the datasheet (https://www.nxp.com/docs/en/data-sheet/NTAG213_215_216.pdf) I have to write to page 0x2B to set the PWD, page 0x2C for the PACK.

const set_password_cmd = Uint8Array.from([
    0xA2, //WRITE
    0x2B, //address 2B
    1, 2, 3, 4//pwd
]);
let res = await nfc.transceive(set_password_cmd);

const set_pack_cmd = Uint8Array.from([
    0xA2, //WRITE
    0x2C, //address 2C
    2, 7, 0, 0//pack
]);
res = await nfc.transceive(set_pack_cmd);

Password should be 1234, pack should be 27.

Problem is I keep getting 0xA (LF) as a response to both commands and the tag does not lock itself.

PS. I am calling .connect(tech) and .close() afterwards inside a addTagDiscoveredListener call, sending a GET_VERSION command works as expected and returns correct data.

question from:https://stackoverflow.com/questions/65860973/nfc-mifare-ultralight-bogus-response-data

Answer 1

Remember that just setting a Password and Pack does not enable password protection by default, you also need to tell it what parts of the card to protect.

The default value of the AUTH0 byte (the fourth byte of page 0x29h on ntag213) is set to 0xFFh which means no pages are protected by the set password (See table 11 in Section 8.5.7 in the datasheet)

AUTH0 defines the page address from which the password verification is required. Valid address range for byte AUTH0 is from 00h to FFh. If AUTH0 is set to a page address which is higher than the last page from the user configuration, the password protection is effectively disabled

So you probably want to set the AUTH0 byte to a value of at least 0x4h (start of the user data area) or lower to enable password protection.

You should also check that that PROP access bits on page 0x2Ah for ntag 213 are set to your needs as the default is only to password protect write access