Establish an AES-authenticated and encrypted connection
To establish an AES-authenticated and encrypted connection, you need to add the following to your code.
Define connection parameters
Hardcode the following parameters:
-
Security level
A security level defines a set of permissions that the host gets when connecting to the readers. In most cases, only level 1 is configured. However, multiple security levels may be configured if the readers are accessed by multiple applications, and each application is given different permissions.The number specified here must match the security level defined in the reader configuration.
-
Corresponding AES key
- Security mode
We recommend the default value BRP_SECMODE_STD.
#define SECURITY_LEVEL // can be 1, 2, or 3
#define KEY {AES key for the security level goes here}
#define SECURITY_MODE // we recommend the default value BRP_SECMODE_STD
Create crypto protocol
In your protocol stack, run the following commands before connecting to the reader with brp_open():
- To create an AES-authenticated and encrypted channel, run brp_create_secure_channel().
- Pass it to brp_set_crypto() to assign a crypto protocol object to your protocol stack.
brp_set_crypto(dev,brp_create_secure_channel(SECURITY_LEVEL, KEY, SECURITY_MODE));
Try it out with our app note
The app note appnotes\secure_communication
in the SDK
gives you a working example of the implementation (learn more about app notes).