Use APDU to set Privacy mode or Password Protected

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Use APDU to set Privacy mode or Password Protected

1,093 Views
g20500178
Contributor I

I have a SL2S2602 TAG  then i use APDU commands to read UID 、block and write block are OK. but i don't know how to set the Tag to privacy mode or how to set the Password protected to managent read/write rights of TAG.

UID command => FF CA 00 00 00
Read Block      => FF B0 01 00 04 

Update block   => FF D6 01 00 04 01 02 03 04

0 Kudos
1 Reply

959 Views
nxf54945
NXP Employee
NXP Employee

Hello Chen GuangJian,

I hope you are doing well.

 

 

Before setting a password or entering "privacy mode" you should first select your TAG:

  1. Perform TAG detection (anti-collision).
  2. Select your TAG (set your TAG's state into "selected").

 

Once you have successfully selected your TAG, you may begin sending it commands.

 

 

 

 

 

The procedure to change a "read/write" password is the following:

  1. Use the GET RANDOM NUMBER command (B2h).
  2. Authenticate with the current "read/write" password through the command SET PASSWORD (B3h)
    1. Note: select which password are you authenticating to with the corresponding password ID (see Table 13 of the SL2S2602 datasheet).
  3.  Use the command WRITE PASSWORD (B4h) to define the new "read/write" password.
  4. Authenticate the new password to verify operation success. Use the command SET PASSWORD (B3h) to authenticate.
  5. Now you will need to authenticate with your new password before being able to read/write on the TAG, depending on which action you protected under password.

 

For example:

I generated the number 24069 through the GET RANDOM NUMBER command:

[pTxBuffer=B2   ->   ppRnd=5E05]

Then, I authenticated with my current (default) "read" password: 00000000

[pTxBuffer=B3015E055E05]

Once I have authenticated, I write my new "read" password: 01234567

[pTxBuffer=B40101234567]

Finally, I authenticate myself with my new "read" password:

[pXorPwd=5F261B62   ->   pTxBuffer=B3015F261B62]

Now I am able to read user memory locations. For example, I read the block 00, which contains 686F6C61

[pTxBuffer=2000   ->   ppData=686F6C61]

 

 

 

 

 

The procedure to enter "privacy mode" is the following:

 

  1. Use the GET RANDOM NUMBER command (B2h).
  2. Authenticate with the current "privacy" password through the command SET PASSWORD (B3h)
    1. Note: select which password are you authenticating to with the corresponding password ID (see Table 13 of the SL2S2602 datasheet).
  3. Enter into "privacy mode" through the command ENABLE PRIVACY (BAh).

 

Now your TAG has entered privacy mode. It will not respond to any command other than GENERATE RANDOM NUMBER or SET PASSWORD (only for "privacy" password). You can verify this by trying to execute any other command. The result must be a failure.

 

For example:

I generated the number 05834 through the GET RANDOM NUMBER command:

[pTxBuffer=B2   ->   ppRnd=16CA]

Then, I authenticated with my current (default) "privacy" password: 0F0F0F0F

[pTxBuffer=B30419C519C5]

Now, I enter the "privacy mode":

[pXorPwd=19C519C5   ->   pTxBuffer=BA19C519C5]

I checked this by attempting to authenticate into my "read" password. As expected, it did not allow me.

 

 

 

 

 

The procedure to exit the privacy mode is the following:

 

  1. Use the GET RANDOM NUMBER command (B2h).
  2. Authenticate with the current "privacy" password through the command SET PASSWORD (B3h)
    1. Note: select which password are you authenticating to with the corresponding password ID (see Table 13 of the SL2S2602 datasheet).

 

Now your TAG has exited privacy mode. You can confirm this by executing a read/write operation. The result should be a success if you have read/write permissions.

 

For example:

I generated the number 10495 through the GET RANDOM NUMBER command:

[pTxBuffer=B2   ->   ppRnd=28FF]

Then, I authenticated with my current (default) "privacy" password: 0F0F0F0F

[pTxBuffer=B30427F027F0]

Now I am allowed authenticate under my "read" password (01234567).

[pXorPwd=29DC6D98   ->   pTxBuffer=B30129DC6D98]

 

 

 

 

 

I recommend you trying our RFID Discover software. There you will be able to test your TAG and observe the log session generated by the reader.

 

I hope this information helps. Please let us know if you have any doubts or concerns and we will be glad to assist you.

 

 

Best regards,

Javier

0 Kudos