How to check NXP signature on NTAG413

daniele_ferro · ‎02-01-2019

Hello,

I'm trying to check the NTAG413 originality signature. Unfortunately the document “an260412 - AN11350 NTAG Originality Signature Validation (1.2)” concerns only the 32-byte signature validation, provided by other NXP tags.

I have the public key (57 bytes long), the tag’s UID (7 bytes long) and the signature (56 bytes long). I want to check the signature on a microchip based on easy-ecc library, so I should choose a ECC_CURVE (and hence the ECC_BYTES value, among 16, 24, 32, 48), but no value is compatible with my data to correct call this function:

int ecdsa_verify(const uint8_t p_publicKey[ECC_BYTES+1], const uint8_t p_hash[ECC_BYTES], const uint8_t p_signature[ECC_BYTES*2]);

Maybe the easy-ecc is not the proper way to check the signature ?

Regards,

Jonathan_Iglesias · ‎02-19-2019

Dear Daniele Ferro, are you using a Microchip reader ? library ? I cannot tell the problem the one I sent on the message and the ones on the application notes are the ones that we may help you with, from now I think that also you should look this application note it explains in a better way how to check orginality signature in both asymmetric and symmetric it is the same for 413 the new product NTAG 424 offers the same features as 413 and more.

https://www.nxp.com/docs/en/application-note/AN12196.pdf please check section 8.2. my apologies for the delay !

BR

Jonathan

daniele_ferro · ‎03-01-2019

Thank you, with the document AN12196 I am able to verify the signature (with openssl) !

Best regards and thank you again for the help !

yosuf · ‎05-05-2024

Hey @daniele_ferro ,

I know its been a long time you posted this. But could you brief on the steps you followed to verify the signature with OpenSSL?

Jonathan_Iglesias · ‎02-07-2019

Dear Daniele Ferro,

Hope you are doing great, as you may know there are two procedures for originality check,

Symmetric procedure
- which needs the originality key and knowledge of symmetric encryption.
Asymmetric procedure
- this can be done by verifying an asymmetric signature from the card using the (Read.Sig) command.
- Public Key is available in Appnote ( which I believe you already have)

What I need to know is what library are you using and if you are able to verify this using one of the NXP readers and NXP libraries for NFC.

Please confirm this and please check the section of the datasheet 9.16 which explains the command to read the signature. the Full Datasheet is secured under NDA ( Non Disclosure Agreement) this means all information abotu the confidential information and support should be done using secured communication channels. if you already have an NDA please request the full datasheet from Docstore if not please contact your closest NXP so they can guide you through the process to sign an NDA.

BR

Jonathan.

daniele_ferro · ‎02-08-2019

Hi Jonathan,

I have the full datasheet, but under chapter 9.16 it refers to "an260412 - AN11350 NTAG Originality Signature Validation (1.2)” in order to complete the procedure.

I already implemented command "Read.Sig" using NFC library, moreover I have the public key, but what I miss is more details about the symmetric o asymmetric procedure to check the signature.

Thank you for help,

BR

Jonathan_Iglesias · ‎02-08-2019

Dear Daniele Ferro,

I am going to answer you in a direct message due to the confidentiality of the information, I have confirmed the NDA from your company so I will reply to you using direct messages.

BR

Jonathan.

NFCDev · ‎10-06-2025

So is it not possible to make things work without the top secret documentation?

Please see: https://community.nxp.com/t5/Other-NXP-Products/NTAG-424-Originality-Check-In-iOS/td-p/2180593

How to check NXP signature on NTAG413

How to check NXP signature on NTAG413

Contact Smart Card Reader ICs