Boopbox/POS NFC Client

This is a simple script that implements an "HTTP Client" that will send every read NFC tag to an http server. Additionally, it is possible to set the reader as "secure" and this will - other than verify the id of the tag - also try to authenticate the originality of it.

What reader?

The used reader is a raw PN532 connected through a CH430 to usb. The baud rate is immediately set to 115200 to prevent the reader from entering a "locked" state in case of connection loss with the nfcpy library. Setting the baud rate to 115200 makes sure the chip is always available to init again.

How do you generate the password?

The password is generated by hashing the NFC identifier with a SALT numerous times, and then truncating the resulting hash. The nfc cards we used (NDEF213, 215) only supported 6 byte passwords.

What is the read count?

During provisioning we enabled the read count of the NFC tags. This is a non-tearing read-only register which gets increased by 1 every time there is a successful ACTIVATE command (aka the chip is read correctly). This was used for statistical and anti-tampering purposes.