Changes

Jump to navigation Jump to search
438 bytes added ,  17:07, 15 April 2015
no edit summary
Line 7: Line 7:  
[[File:Amiibonfctaginfo.png|500px]]
 
[[File:Amiibonfctaginfo.png|500px]]
   −
Most of the NFC pages are [[Process_Services_PXI|encrypted]]. This includes the actual Mii data for the owner, an UTF-16 string for the Amiibo nickname, etc.
+
See here regarding the Amiibo [[Process_Services_PXI|encryption]].
    
The NFC tag for Amiibo is NTAG215.
 
The NFC tag for Amiibo is NTAG215.
    +
=== AUTH_PWD ===
 
The NFC 32bit password for the PWD_AUTH command(for enabling write-access to the encrypted NFC pages / etc), appears to be generated from unknown data that doesn't change when the Amiibo data pages are being updated.
 
The NFC 32bit password for the PWD_AUTH command(for enabling write-access to the encrypted NFC pages / etc), appears to be generated from unknown data that doesn't change when the Amiibo data pages are being updated.
   −
The following NTAG215 commands are used when reading an Amiibo:
+
=== NTAG215 commands ===
 +
==== Amiibo reading ====
 
* GET_VERSION
 
* GET_VERSION
 
* READ, startpage=0x03
 
* READ, startpage=0x03
Line 23: Line 25:  
Therefore, *all* pages from the Amiibo NFC tag are read, including the configuration pages at the end.
 
Therefore, *all* pages from the Amiibo NFC tag are read, including the configuration pages at the end.
   −
Each page is 4-bytes, the following is the structure of the NFC pages:
+
==== Amiibo writing ====
 +
* Use the same commands under the above reading section, then use those first 3 commands again.
 +
* Multiple WRITE commands for writing to pages 0x04..0x0C. The first byte for page[4] is zero here.
 +
* Multiple WRITE commands for writing to pages 0x20..0x81.
 +
* Use the last 3 commands from the above reading section.
 +
* WRITE: page=0x04, same data as before except first byte is 0xA5 this time.
 +
* FAST_READ: startpage=0x04, endpage=0x04
 +
 
 +
=== NFC pages ===
 +
Each page is 4-bytes, there is a total of 0x87/135 pages. The following is the structure of the NFC pages:
 
{| class="wikitable" border="1"
 
{| class="wikitable" border="1"
 
|-
 
|-
Line 44: Line 55:  
| SHA256-HMAC over 0x1DF-bytes: first 3-bytes are from the last 3-bytes of page[12], the rest is over the first 0x1DC-bytes of the plaintext data following this hash(see page[13]).
 
| SHA256-HMAC over 0x1DF-bytes: first 3-bytes are from the last 3-bytes of page[12], the rest is over the first 0x1DC-bytes of the plaintext data following this hash(see page[13]).
 
|-
 
|-
| 12
+
| 12/0x0C
 
| 1
 
| 1
 
| 0x30
 
| 0x30
Line 50: Line 61:  
| Unknown. Last 3-bytes here are used with the above HMAC.
 
| Unknown. Last 3-bytes here are used with the above HMAC.
 
|-
 
|-
| 13
+
| 13/0x0D
 
|  
 
|  
 
| 0x34
 
| 0x34
Line 57: Line 68:  
|}
 
|}
   −
=== Structure of plaintext data from page13 ===
+
==== Structure of plaintext data from page13 ====
 
{| class="wikitable" border="1"
 
{| class="wikitable" border="1"
 
|-
 
|-
Line 77: Line 88:  
|}
 
|}
   −
=== Structure of Amiibo settings ===
+
==== Structure of Amiibo settings ====
 
{| class="wikitable" border="1"
 
{| class="wikitable" border="1"
 
|-
 
|-

Navigation menu