[NFC NTAG 424 DNA] AuthenticateEV2First on iOS 15 with Swift

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

[NFC NTAG 424 DNA] AuthenticateEV2First on iOS 15 with Swift

Jump to solution
2,376 Views
SilverLtech
Contributor II

Hi everyone,

i apologize in advance if this question is duplicated but I cannot managed to find answers to this problem.

I am developing an app for iOS with Swift, to read and write data from an NFC NTAG 424 DNA with authentication.

My colleague wrote the respective app for Android and he used the package com.nxp.nfclib.desfire using the method authenticateEV2First from the class INTAG424DNA.

I wish to know if there is some NXP (or third party) library to write/read tag with authentication or if it needs to use APDU commands.

In case of using APDU commands, someone has some example on how to do that?

Thank you in advance.

0 Kudos
1 Solution
2,364 Views
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @SilverLtech ,

 

Thanks for the update! It is great to know you have solved this issue already! For the further question regarding authentication procedure, actually such topic is not allowed to discuss here to avoid security risk, but you may create a private ticket according to https://www.nxp.com/video/tutorial-for-nxp-support-case-portal:NCP-VIDEO .

 

Thanks for your patience and understanding!

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

View solution in original post

0 Kudos
4 Replies
2,371 Views
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @SilverLtech ,

 

We recommend developing NTAG/Mifare application based on Taplinx(https://www.mifare.net/en/products/tools/taplinx/ ), but so far the iOS version is not available yet, and I was told this version will be released by the end of this year, but at this moment, the main challenge for you might be that “only” AES in GCB mode is supported with Apple’s CryptoKit and no CMAC-AES as well. For NTAG 424 DNA you would need AES in CBC mode. One option is to build a wrapper around it (like described here: https://developer.apple.com/forums/thread/687212) or to use some other framework to create iOS app rather than native Swift.

 

Hope that makes sense,

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 Kudos
2,368 Views
SilverLtech
Contributor II

Hi @Kan_Li ,

thank you for your reply.

I managed to perform the authentication using ADPU commands.

I successfully made the first part or the AuthenticateEV2First.

I found this framework that seems to support che CBC mode on AES: https://github.com/krzyzanowskim/CryptoSwift

So, just for clarity, when the AuthenticateEV2First - part 1 is performed, what it returns in the data is the RndB AES-CBC encrypted with a symmetric key, right?

So the part 2 is about encrypting using AES-CBC the concatenation of RndA and RndB rotated by 1 byte left using the same symmetric key, right?

So the RndA is made by 16 byte totally random generated from the app, correct?

Thank you very much!

0 Kudos
2,365 Views
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @SilverLtech ,

 

Thanks for the update! It is great to know you have solved this issue already! For the further question regarding authentication procedure, actually such topic is not allowed to discuss here to avoid security risk, but you may create a private ticket according to https://www.nxp.com/video/tutorial-for-nxp-support-case-portal:NCP-VIDEO .

 

Thanks for your patience and understanding!

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 Kudos
2,341 Views
SilverLtech
Contributor II

Hi @Kan_Li 

Sorry for the late reply.

Ok, i will try to manage the authentication by myself; otherwise i will open a ticket.

Thank you very much!

0 Kudos