An example of Flask application which can decrypt data contained in NDEF "mirrors" and validate their AES-CMAC cryptographic signature. Implemented according to AN12196 "NTAG 424 DNA and NTAG 424 DNA TagTamper features and hints".
Pull requests welcome.
Note: NTAG — is a trademark of NXP B.V.
Note: This GitHub project is not affiliated with NXP B.V. in any way. Product names are mentioned here in order to inform about compatibility.
Check out the demo at sdm.nfcdeveloper.com. This server is using blank authentication keys (all-zeros, factory default). You can use this server for testing and should work fine until you change the default factory keys on your tags.
We suggest using NFC Developer App for Android/iOS in order to configure the tags. This application will do most things "under the hood" and your tags will work out-of-the-box with this project.
Feel free to reach me at [email protected] if you have any questions concerning this topic.
- Clone the repository
apt install -y git git clone https://github.com/nfc-developer/sdm-backend.git cd sdm-backend
- Setup the virtualenv
apt install -y python3 python3-pip python3-venv python3 -m venv venv source venv/bin/activate
- Install the required dependencies and copy example config:
pip3 install -r requirements.txt cp config.dist.py config.py
- Run Flask development server:
python3 app.py --host 0.0.0.0 --port 5000
- Visit localhost:5000 and check out the examples.
- Launch sdm-backend on port 5000:
# ensure to delete old version, if it exists docker rmi icedevml/sdm-backend:latest || true # run sdm-backend docker run \ -p 5000:80 \ -e MASTER_KEY=00000000000000000000000000000000 \ icedevml/sdm-backend:latest
- Visit localhost:5000 and check out the examples.
Note: If you are running production instance, the MASTER_KEY
should be an unique 16 byte value (hex encoded). However, all-zeros key is perfectly fine for testing.
- Michał Leszczyński ([email protected])
Feel free to contact if you have any questions.