An example of Flask application which can decrypt data contained in NDEF "mirrors" and validate their AES-CMAC cryptographic signature. Implemented according to AN12196 "NTAG 424 DNA and NTAG 424 DNA TagTamper features and hints".
Pull requests welcome.
Note: NTAG — is a trademark of NXP B.V.
Note: This GitHub project is not affiliated with NXP B.V. in any way. Product names are mentioned here in order to inform about compatibility.
Feel free to reach me at [email protected] if you have any questions concerning this topic.
We suggest using NFC Developer App for Android/iOS in order to configure the tags. This application will do most things "under the hood" and your tags will work out-of-the-box with this project.
Check out the demo at sdm.nfcdeveloper.com. This server is using blank authentication keys (all-zeros, factory default). You can use this server for testing and should work fine until you change the default factory keys on your tags.
- Clone the repository
apt install -y git git clone https://github.com/icedevml/sdm-backend.git cd sdm-backend - Setup the virtualenv
apt install -y python3 python3-pip python3-venv python3 -m venv venv source venv/bin/activate - Install the required dependencies and copy example config:
pip3 install -r requirements.txt cp config.dist.py config.py - Run Flask development server:
python3 app.py --host 0.0.0.0 --port 5000 - Visit localhost:5000 and check out the examples.
- Launch sdm-backend on port 5000:
docker run \ -p 5000:80 \ -e SDM_MASTER_KEY=00000000000000000000000000000000 \ icedevml/sdm-backend:build20220111-v2 - Visit localhost:5000 and check out the examples.
Note: If you are running production instance, the SDM_MASTER_KEY should be an unique 16 byte value (hex encoded). However, all-zeros key is perfectly fine for testing.
- Michał Leszczyński ([email protected])
Feel free to contact if you have any questions.