It looks like you do have to send the write password with the verify command before calling the enable or disable verification commands when modifying either the read or write permissions. You can then change the password with the change reference data command for either permission after verifying the write password again. If I understand correctly, the only time you would need to send the read password via the verify command is when accessing a NDEF file that has the read permission verification enabled. Hopefully someone can clarify this.
The only other issue I am experiencing is that even when read and write verification is disabled (CC file reports 0x00 for both), the M24SR Demo android application says that a password is required when trying to lock read or write access under tools within the application, but not when actually reading or writing to the NFC tag. Strangely, when trying this with another M24SR that has never had file permissions modified, the app locks and unlocks read and write access without a problem. Is this a bug within the app or is there a way to clear this password?
--------- Old: Kept for reference--------
I am having trouble enabling the read protection of an NDEF file through I2C. Interestingly, I can enable the write protection without any problem. Below is my series of commands for enabling the read protection. Note that the CRC values are omitted because they are generated at runtime.
NDEF Tag Application Select
Result 0x90 0x00
NDEF File Select
Result 0x90 00
Check whether or not read verification is required using the "Verify" command.
0x02, 0x00, 0x20, 0x00, 0x01, 0x00
Result 0x90 0x00 //no read verification required
Send test read password
0x02, 0x00, 0x20, 0x00, 0x01, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
Result 0x90, 0x00 //Success or password matches
Enable Verification Requirement
0x02, 0x00, 0x28, 0x00, 0x01
Result: 0x69 0x82 //Security status not satisfied
These same series of commands work for setting the write password without a problem, in which I can then successfully modify it using the change reference data command. On page 44 of the datasheet regarding the "Enable Verification Requirement" command , it says "Before sending this command, the verify command with the correct NDEF write password shall be issued." What I dont understand is how are you supposed to apply a read password using the verify command when it is required to send the write password using the same command before you can call the "Enable Verification" command. Has anyone had any success with this?