NT4H NTAG® 424 DNA Tag Read/Write Software

Source code examples in C programming language

The software source code examples explained on this page refer to NFC NTAG® DNA technology solutions. Its primary purpose is to write and read NTAG® 413 DNA and NTAG® 424 DNA tags, i.e., NXP NTAG® Type 4 Tag.

These tags are fully compliant to: 

  • ISO/IEC 14443, all parts 1 to 4, ISO/IEC 7816-4 file selection and APDU handling, and passive target compliant to ISO/IEC18092
  • 7-byte UID (according to ISO/IEC 14443 – 3)
  • NFC Forum Tag 4 Type technical and NDEF data structure configuration

However, the main reason to choose the NTAG® 424 DNA tags among all NTAG family types is its advanced security support. NTAG® 424 DNA tags offer advanced security methods, such as:

  • Standard AES-128 cryptography for authentication/secure messaging, or LRP wrapped AES operation for even stronger attack resistance
  • 3-pass mutual authentication to access the protected data file
  • Secure Unique NFC Message (SUN)
  • Incremental NFC taps Counter
  • Plain, CMAC, and Encrypted communication (configurable)
  • ECC-based NXP originality signature
  • On-chip assembly of item URLs with flexible ASCII mirrors.

Accordingly, our software example includes the functions for all NTAG® 424 DNA security protocols and options implementation.

Docs & Software Download

Software overview

Software functions:

  • Get and edit file settings
  • Get UID
  • Set random ID
  • Change AES key
  • Linear read/write (ASCII & HEX)
  • Three-level authentication mode
  • SDM (secure dynamic message) read/write
  • Get SDM reading counter
  • Store AES key into the Reader
  • Lock/unlock the reader
  • Advanced reader options (specify the Reader COM port, IP address, SN, etc.)

Available programming languages:

  • C (console)
  • C# (GUI)

Supported operating systems, platforms, and environments:

  • Cross-platform

Supported tags, labels, cards:

  • NXP NTAG® 21x (210, 213, 215, 216, Tag Tamper)
  • NXP NTAG® 4xx DNA (413, 424)

Recommended hardware:

  • µFR Nano
  • µFR Nano Online
  • µFR Classic
  • µFR Classic CS
  • µFR Advance
  • µFR XL

 

Software respiratoryDescription
ufr-examples-c-nt4h

Console C source code example of nt4h tags implementation with µFR Series NFC RFID readers.  

ufr-examples-c_sharp-nt4h

GUI C# source code example f nt4h tags implementation with µFR Series NFC RFID readers.

Software manual

1. NT4H Software – C console – Reader Open

Download: ufr-examples-c-nt4h

The NT4H is intended for an NXP NTAG® new tags series manipulation. This series includes NTAG® 413 DNA and NTAG ®424 DNA. NTAG® 424 DNA is fully compliant with the NFC Forum Type 4 Tag IC. It supports AES-128 cryptographic operation and a new Secure Unique NFC (SUN) Message. NXP doesn’t recommend using  NTAG® 413 DNA tags for new projects since the available NTAG® 424 DNA offers better security features.

Launching the application opens a console with a printout of the home menu.
If you have installed your hardware drivers properly, you will be able to open the reader port by selecting one of the available options:

  • Option 1 – Reader port opens using default (auto-detect) options (usually used for single USB reader attached to the host)
  • Option 2 – Reader port opens using manually configurable parameters: reader_type, port_name, port_interface, and argument. 

2. NT4H Software – C console – Main menu

Here is the Simple Reader Open mode showcase. 
Selecting the menu option 1. will open the reader port and establish communication with the device. When the communication is established, the console displays the main menu with all the software functions listed. 

2.1 NT4H Software – C console – Get file settings

The first function, Get File Settings, displays the selected file settings. Depending on the tag you use, type 1 -2 for NTAG413 and 1-3 for NTAG 424.

The NTAG413 has two standard data files:

  • File number 1 refers to Capability Container file (32 bytes),
  • File number 2 refers to the NDEF file (128 bytes).

The NTAG424 has three standard data files:

  • File number 1 refers to Capability Container file (32 bytes),
  • File number 2 refers to NDEF file (256 bytes),
  • File number 3 refers to the proprietary file (128 bytes),
  • The number of returned parameters is variable.

If the current file is a standard data file with AES secure messaging, the following applies:

  • File type
  • Communication mode
  • File access rights.

EXAMPLE 1

File size example:

  • File number = 3 (NTAG424 proprietary file)
  • Communication mode status enciphered (0x03)
  • Secure Dynamic Messaging is disabled
  • The Key number for reading is 2, the Key number for write is 3,
  • The Key number for reading/write is 3,
  • The Key number for Change File settings is 0,
  • The File size is 128 bytes.

EXAMPLE 2

If the current file is a standard data file with secure dynamic messaging, it contains more data.

Example:

  • the File number is 2 (NDEF file),
  • Secure Dynamic Messaging is enabled,
  • reading and writing access is free (key 0x0E),
  • the File size is 256 bytes,
  • UID Mirroring is enabled,
  • SDM Reading Counter is enabled,
  • SDM Reading Counter Limit is disabled,
  • the Encrypted Data Part of the File is activated,
  • the Key number for SDM Meta Read is 2 (UID, SDM reading counter, PICC data, MAC),
  • the Encrypted Data Part of the File Key number is 2.
  • SDM Reading Counter can read without authentication,
  • PICC Data Offset (Encrypted UID and SDM Reading Counter) is 49,
  • the MAC Input Offset is 86,
  • the Encrypted Data Part of the File Offset is 86,
  • the Encrypted Data Part of the File Length is 32,
  • MAC Offset is 124.

2.2 NT4H Software – C console – Set file settings

To add the file settings, select the second menu option. Due to a large number of parameters, there are two functions for file parameter settings.

EXAMPLE 1

Standard data file:

  • File number 3 (Proprietary file),
  • current Communication mode is enciphered,
  • Change Key value is 0.

New settings are:

  • Plain Communication mode,
  • Read Key 2,
  • Write Key 3,
  • Read/Write Key 3,
  • Change Key 0,
  • the Provided Key Authentication mode.

 

 

 

 

 

 

EXAMPLE 2

Secure Dynamic Messaging file:

  • the File number is 2,
  • Communication mode Plain,
  • Read Key is 14, 
  • Write Key is 14,
  • Read/Write Key is 14,
  • Change Key value is 0,
  • UID Mirroring is enabled,
  • SDM Reading Counter is enabled,
  • SDM Reading Counter is disabled,
  • the Encrypted Data Part of the File is activated,
  • SDM Meta Read Key is 2,
  • SDM File Read is 2,
  • SDM Reading Counter Key is 2,
  • Encrypted PICC Data Offset 49,
  • MAC Input Data Offset 86,
  • the Encrypted Data Part Offset 86,
  • MAC Offset 124.

2.3 NT4H Software – C console – Get UID (NTAG 424 only)

If you use NTAG® 424 tags with authentication security mode enabled, the menu option 3. will display the tag UID.

The function returns the card 7-byte UID. It is useful if the Random ID options are activated. Valid authentication with any card key is required.

2.4 NT4H Software – C console – Set random UID (NTAG®  424 only)

NTAG® 424 DNA allows additional tag security by the random UID setting (menu option 4).
Set Random UID function replaces the 7-byte unique UID with the 4-byte random UID. Consequently, the tag returns 4-byte random UID on every reading. The tag now returns 4-byte random ID instead of a 7-byte unique ID.
This function requires the Master Key authentication (number 0).

Warning: this operation is irreversible!

2.5 NT4H Software – C console – Change AES key 

 

Menu option 5 allows the AES key change.
This function requires the Master Key authentication (number 0).
Enter the new AES key by typing the 16 hexadecimal bytes.
If the key to be changed is not a Master Key, the previous Key value is mandatory. 
 
 
 
 

EXAMPLE 1

AES Key change example:

  • Key number 4.
  • Application Master Key value 0x00000000000000000000000000000000
  • Old Key 4 value 0x00000000000000000000000000000000
  • New Key 4 value 0x11111111111111111111111111111111.

2.6 NT4H Software – C console – Linear Read 

The Linear Read function includes plain, macked, and enciphered reading mode. Also, the content reading authentication in Provided key mode and the Internal key mode allows the content access if the tag is protected. Otherwise, unlocked tag content can be read without entering the key (option: No authentification). The console will display the content readable in the selected authentication mode as hexadecimal and the ASCI notation.

2.6.1 NT4H Software – C console – Linear Read 

Linear Read function includes plain, mac (Message Authentication Code), and enciphered reading mode. Also, the content reading authentication in Provided Key mode and the Internal Key mode allows the content access if the tag is protected. Otherwise, unlocked tag content is accessible without entering the key (option: No authentication). The console will display the content readable in the selected authentication mode as hexadecimal and the ASCI notation.

The function reads file recorded data. Required parameters are:

  • File number,
  • The reading or read/write Access Key,
  • Communication mode,
  • Authentication mode (if Read Key is 14, select the No Authentication option),
  • Start Address (0 – max address),
  • Data Length.

2.7 NT4H Software – C console – Linear Write

As with the Linear Read function, the Linear Write function allows three communication modes and hexadecimal or ASCII format for content writing, too. Also, the selected Authentication mode applies to the recorded content. 

The function writes data into the file. Required parameters are:

  • File number,
  • The reading or read/write Access Key,
  • Communication mode,
  • Authentication mode (if read Key is 14, select the No Authentication option ),
  • Start address (0 – max address),
  • Enter the data in ASCII or hexadecimal format.

2.8 NT4H Software – C console – Secure Dynamic Message Read

The Secure Dynamic Messaging (SDM) on NT4H DNA tags enables the SUN feature. It refers to the text (ASCII) in the NDEF message.
To apply Secure Dynamic Message Read function, enable the file Secure Dynamic Message. Also, set the Read Access to free (Key 14 – No Authentication option).

2.9 NT4H Software – C console – Secure Dynamic Message Write

As with the Secure Dynamic Message Read, for the Secure Dynamic Message Write function, enable the file Secure Dynamic Message. Also, set the Read Access to free (Key 14 – No Authentication option).

2.10 NT4H Software – C console – Get SDM Reading Counter

The Secure Dynamic Message Reading Counter exists only if the file SDM is enabled. The authentication is or isn’t required, depending on the file SDM Reading Counter access setting.

 

2.11 NT4H Software – C console – Store AES Key into the reader

The Reader device can store 16 AES Keys with index values 0-15. This means that the Key index may be any value between 0 and 15.

EXAMPLE 1

The example shows how to store the Key with a value 0 x 00000000000000000000000000000000 into the reader at address 1.

EXAMPLE 2

AES Key stored in the reader is unlocked by default. You can lock the stored Key by any 8-byte password.

Example:
Password is 12345678

EXAMPLE 3

In case the stored Key is password protected (locked), you need to unlock it by providing its 8-byte password.

Example:
Password is 12345678

This manual presents the software example in the C programming language. Still, all the related source code software in other programming languages contains the same functions. Where attainable, a GUI has been developed.
Please, check our GitLab repository for available source code examples in other programming languages.