Hello,
I am trying to use the NTAG 424 chip for my anti-tamper application. For this I implemented the AES authentication and cryptographie for sending and receiving commands.
However when I am trying to issue the writeData command with some dummy data, I get the error: 917E: "Length Error"".
The data I am trying to send is the following
cmd_header = 02000000040000
cmd_data = 00D1FF00 (before padding)
cmd_data = 00D1FF00800000000000000000000000 (after padding)
now the complete command which I send looks like this:
cla cmd P1&2| Lc |ISO Header          | encrypted Data |
90 8D 00 00    1F 02 000000 040000 6688A4D75482FC972C2447A1A20F0AC9C073C1CF506B2BD3 00
I dont think that I made errors in the encryption, because I implemented a unit test which replicates the results of the example in the AN12196 application note (Table 17). Also, the PICC returns an Length error, which according to the Documentation means "Command size not allow". I do not understand this error, but I dont think it has something to do with my encryption.
So does anyone know what I am doing wrong? 
Best regards,
Phil
Update: So I can definitely say that the fault has nothing to do with my encryption, because I can correctly parse the response from the chips for commands like the GetTTStatus and the GetCardUID. Additionally I can correctly encrypt and send the SetConfiguration command, which tells me that I definitly send the correct command.
Hi, I know this message was from a while ago, but I'm curious to know how you run the APDU commands on your NTAG424. I'm having issues with running commands.
thanks.
Hello Jonathan,
thank you for your answer.
you are right if we are in plain mode. If we are in plain mode, and I want to write the bytes (6688A4D75482FC972C2447A1A20F0AC9C073C1CF506B2BD3), then I have to have a length of 24 in my header.
If, however, I want to write the 4 bytes as specified in my question (in encrypted communication mode), then it does not work to put a length of 24 (18h) in the header.
So my workaround for the moment is to write the 4 bytes in plain communciation mode (in which I dont have to perform the encryption) and then to lock the file with the desired key.
However I would like to know how to write in encrypted mode? The Data-sheet is a bit unspecific in this term, and the application note is just plainly wrong (the application note has also a couple of other errors see for example)
Thanks for
 
					
				
		
 Jonathan_Iglesi
		
			Jonathan_IglesiHi
Please check the following :
-----------ISO 14443-3 ACTIVATION------------------
phpalI14443p3a_ActivateCard--------ENTRY-------- 
Send to card: 26
Recv from card: 4403
Send to card: 9320
Recv from card: 88046F0FEC
Send to card: 937088046F0FEC
Recv from card: 04
Send to card: 9520
Recv from card: 2AAA618061
Send to card: 95702AAA618061
Recv from card: 20
phpalI14443p3a_ActivateCard--------LEAVE-------- pUidOut=046F0F2AAA6180 pSak=20 pMoreCardsAvailable=00 [STATUS = SUCCESS]
--------------------ISO 14443-4---------------------------------
phpalI14443p4a_ActivateCard--------ENTRY-------- bFsdi=08 bCid=00 bDri=03 bDsi=03 
Send to card: E080
Recv from card: 067777710280
Send to card: D0110F
Recv from card: D0
phpalI14443p4a_ActivateCard--------LEAVE-------- pAts=067777710280 [STATUS = SUCCESS]
-----------------ISO FILE SELECT-------------------------------
phalMfNtag42XDna_IsoSelectFile--------ENTRY-------- bOption=0C bSelector=04 pFid=10E1 pFid=10E1 bDFnameLen=07 pDFname=D2760000850101
phpalI14443p4_Exchange--------ENTRY-------- wOption=8000 pTxBuffer=00A4040C07
phpalI14443p4_Exchange--------LEAVE-------- [STATUS = SUCCESS]
phpalI14443p4_Exchange--------ENTRY-------- wOption=C000 pTxBuffer=D2760000850101
phpalI14443p4_Exchange--------LEAVE-------- [STATUS = SUCCESS]
Send to card: 00A4040C07D276000085010100
phpalI14443p4_Exchange--------ENTRY-------- wOption=4000 pTxBuffer=00
phpalI14443p4_Exchange--------LEAVE-------- ppRxBuffer=9000 [STATUS = SUCCESS]
Recv from card: 9000
phalMfNtag42XDna_IsoSelectFile--------LEAVE-------- [STATUS = SUCCESS]
-------------------AUTHENTICATION TO KEY 00--------------------------
phalMfNtag42XDna_AuthenticatEv2--------ENTRY-------- bAuthOption=01 wOption=FFFF wKeyNo=0000 wKeyVer=0000 bKeyNoCard=00
phpalI14443p4_Exchange--------ENTRY-------- wOption=8000 pTxBuffer=9071000002
phpalI14443p4_Exchange--------LEAVE-------- [STATUS = SUCCESS]
phpalI14443p4_Exchange--------ENTRY-------- wOption=C000 pTxBuffer=0000
phpalI14443p4_Exchange--------LEAVE-------- [STATUS = SUCCESS]
Send to card: 9071000002000000
phpalI14443p4_Exchange--------ENTRY-------- wOption=4000 pTxBuffer=00
phpalI14443p4_Exchange--------LEAVE-------- ppRxBuffer=E21768618E1FDB9D93F596551CE06E6B91AF [STATUS = SUCCESS]
Recv from card: E21768618E1FDB9D93F596551CE06E6B91AF
 PICC-to->PCD E(Kx, RNDB): E21768618E1FDB9D93F596551CE06E6B
 Plain RNDB = CE86E6E968F45458B6762D28D91764B8
 Plain RNDA = D5D29FF822CD1A158E59A42AA74AA245
 Encrypted (RndA || RndB') = 7B57022C027C5124E19AC54D5E38A10A732F64C98AA63F80F9536F4D889C257F
phpalI14443p4_Exchange--------ENTRY-------- wOption=8000 pTxBuffer=90AF000020
phpalI14443p4_Exchange--------LEAVE-------- [STATUS = SUCCESS]
phpalI14443p4_Exchange--------ENTRY-------- wOption=C000 pTxBuffer=7B57022C027C5124E19AC54D5E38A10A732F64C98AA63F80F9536F4D889C257F
phpalI14443p4_Exchange--------LEAVE-------- [STATUS = SUCCESS]
Send to card: 90AF0000207B57022C027C5124E19AC54D5E38A10A732F64C98AA63F80F9536F4D889C257F00
phpalI14443p4_Exchange--------ENTRY-------- wOption=4000 pTxBuffer=00
phpalI14443p4_Exchange--------LEAVE-------- ppRxBuffer=1820F5BC0D050F4CAA73E388C86BE03188B85535D1B7682A9818ACEDA8D2A9E59100 [STATUS = SUCCESS]
Recv from card: 1820F5BC0D050F4CAA73E388C86BE03188B85535D1B7682A9818ACEDA8D2A9E59100
 PICC-to->PCD E(Kx, TI||RndA'||PDcap2||PCDcap2): 1820F5BC0D050F4CAA73E388C86BE03188B85535D1B7682A9818ACEDA8D2A9E5
 MAC Input Data = Cmd||CmdCtr||TI||CmdHeader||E(CmdData) 
 MAC Input Data = A55A00010080D5D2517EC42472E15458B6762D28D91764B88E59A42AA74AA245
 MAC = 9E2BC594A132DD9FA2C236A7900BC709
 MAC Input Data = Cmd||CmdCtr||TI||CmdHeader||E(CmdData) 
 MAC Input Data = 5AA500010080D5D2517EC42472E15458B6762D28D91764B88E59A42AA74AA245
 MAC = 13930ABCFB85B996262109D34C08726E
 Encrypted SessionKeyEnc KSesAuthENC = 9E2BC594A132DD9FA2C236A7900BC709
 Session KeyType ENC = 0000
 Encrypted SessionKeyMAC KSesAuthMAC = 13930ABCFB85B996262109D34C08726E
 Session KeyType MAC = 0000
 Transaction Identifier = 9092A1C6
phalMfNtag42XDna_AuthenticatEv2--------LEAVE-------- bPcdCapsOut=000000000000 bPdCapsOut=000000000000 [STATUS = SUCCESS] AUTHENTICATED
----------------------WRITE DATA TO FILE----------------------------
phalMfNtag42XDna_WriteData--------ENTRY-------- bOption=30 bIns=01 bFileNo=02 pOffset=000000 pTxData=6688A4D75482FC972C2447A1A20F0AC9C073C1CF506B2BD3 pTxDataLen=180000 
 Encrypted (RndA || RndB') = 007D004AD1DF8F85B07D9CF17000DE2A
 Encrypted (RndA || RndB') = 75B2F5DDC646CA4C70B9A64F9D7888C2
 Encrypted (RndA || RndB') = 3BA4362223091B1BFFE940229FA36A67
 MAC Input Data = Cmd||CmdCtr||TI||CmdHeader||E(CmdData) 
 MAC Input Data = 8D00009092A1C60200000018000075B2
 MAC = 5B85393206D2041DEEF7AA344C0FAB66
 MAC Input Data = Cmd||CmdCtr||TI||CmdHeader||E(CmdData) 
 MAC Input Data = F5DDC646CA4C70B9A64F9D7888C23BA4362223091B1BFFE940229FA36A67
 MAC = 43153DFF079B421A4A8E31AA92407AE5
phpalI14443p4_Exchange--------ENTRY-------- wOption=8000 pTxBuffer=908D00002F
phpalI14443p4_Exchange--------LEAVE-------- [STATUS = SUCCESS]
phpalI14443p4_Exchange--------ENTRY-------- wOption=C000 pTxBuffer=02000000180000
phpalI14443p4_Exchange--------LEAVE-------- [STATUS = SUCCESS]
phpalI14443p4_Exchange--------ENTRY-------- wOption=C000 pTxBuffer=75B2F5DDC646CA4C70B9A64F9D7888C2
phpalI14443p4_Exchange--------LEAVE-------- [STATUS = SUCCESS]
phpalI14443p4_Exchange--------ENTRY-------- wOption=C000 pTxBuffer=3BA4362223091B1BFFE940229FA36A6715FF9B1A8EAA40E5
phpalI14443p4_Exchange--------LEAVE-------- [STATUS = SUCCESS]
Send to card: 908D00002F0200000018000075B2F5DDC646CA4C70B9A64F9D7888C23BA4362223091B1BFFE940229FA36A6715FF9B1A8EAA40E500
phpalI14443p4_Exchange--------ENTRY-------- wOption=4000 pTxBuffer=00
phpalI14443p4_Exchange--------LEAVE-------- ppRxBuffer=87E6C1369D4C9F019100 [STATUS = SUCCESS]
Recv from card: 87E6C1369D4C9F019100
 MAC Input Data = Cmd||CmdCtr||TI||CmdHeader||E(CmdData) 
 MAC Input Data = 0001009092A1C6
 MAC = 568770E6F1C1E5362D9D844CCF9FA301
phalMfNtag42XDna_WriteData--------LEAVE-------- [STATUS = SUCCESS]
Please check this process, this is the entire process I used, please check that you have changed the file settings so it supports encrypted communication and which keys are allowed to perform this actions. and check the LC of the APDU command.
if you have more questions please let me know.
Have a great day !
BR
Jonathan
 
					
				
		
 Jonathan_Iglesi
		
			Jonathan_IglesiHi Philippe Petit,
Please let me know if my answer above was helpful.
Looking forward to your answer.
Have a great day !
BR
Jonathan
 
					
				
		
 Jonathan_Iglesi
		
			Jonathan_IglesiHope you are doing great,
I believe the problem is thar the lenght inside the CMD header is incorrectly please check datasheet Figure 27
the number of bytes to be written should be 24 bytes (6688A4D75482FC972C2447A1A20F0AC9C073C1CF506B2BD3)
BR
Jonathan
