Search code examples
pythonnfcrfidmifareadafruit

Byte array gets truncated when writing to memory of RFID tag using Adafruit PN532 library


I'm trying to write a byte array that was converted from a hex string into the memory of an NTAG203 RFID tag. I'm using a Raspberry Pi 3, a PN532 chip and the Adafruit PN532 python library.

hex_string = '59e7168f267df300018e15b0'
formatted_hex = bytearray.fromhex(hex_string)

byte_data = bytearray(16)
byte_data[3:15] = formatted_hex

if not pn532.mifare_classic_write_block(4, byte_data):
    print('Error! Failed to write to the card.')
    sys.exit(-1)

When I do pn532.mifare_classic_read_block(4) to read the value from memory again it comes out like this:

print '0x{0}'.format(binascii.hexlify(<function call result>))
>>> 0x00000059440300fe0000000000000000

The value is chopped off and has trailing and leading zeroes. What is happening here?

I would like to be able to convert the value back into hex again to use it to search a database.


Solution

  • First of all, functions named mifare_classic_* might not be well suited for accessing NTAG203 tags since MIFARE Classic and NTAG203 use deviating framing and command sets.

    However, the PN532 abstracts access to MIFARE Classic tags using a command set that is somewhat supported by NTAG203 tags. More specifically,

    • the READ commands are identical (both read 16 bytes of data starting at a given block number). The only difference is the memory organization on NTAG203 compared to MIFARE Classic. While MIFARE Classic has 16 bytes per block, NTAG203 only has 4 bytes per block. As a result, the READ command returns 4 consecutive blocks.

    • the MIFARE Classic WRITE command is supported as COMPATIBILITY WRITE c command by NTAG203. The only difference is that you can only write 4 bytes (one block) on NTAG203. Thus, since you still have to provide 16 bytes of data in the write command, only the first 4 bytes are written.

    And this is exactly what you observed: pn532.mifare_classic_write_block(4, byte_data) writes only the first 4 bytes of byte_data to block 4. Note that the first 4 bytes are 00 00 00 59 since you copy formatted_hex to the slice 3:15 and leave bytes 0..2 at their default value of 0. Since the READ command reads 16 bytes (4 blocks with 4 bytes each), the read data also contains some old memory content for blocks 5..7: 440300fe0000000000000000. That value looks reasonable since that matches the initial memory contents that's factory programmed on NTAG203.