Skip to content

Establish an AES-authenticated and encrypted connection

To establish an AES-authenticated and encrypted connection, you need to add the following to your code.

Define connection parameters

Hardcode the following parameters:

  • Security level
    A security level defines a set of permissions that the host gets when connecting to the readers. In most cases, only level 1 is configured. However, multiple security levels may be configured if the readers are accessed by multiple applications, and each application is given different permissions.

    The number specified here must match the security level defined in the reader configuration.

  • Corresponding AES key

  • Security mode
    We recommend the default value BRP_SECMODE_STD.
#define SECURITY_LEVEL // can be 1, 2, or 3
#define KEY {AES key for the security level goes here} 
#define SECURITY_MODE // we recommend the default value BRP_SECMODE_STD

Create crypto protocol

In your protocol stack, run the following commands before connecting to the reader with brp_open():

brp_set_crypto(dev,brp_create_secure_channel(SECURITY_LEVEL, KEY, SECURITY_MODE));

Try it out with our app note

The app note appnotes\secure_communication in the SDK gives you a working example of the implementation (learn more about app notes).