Protocols / HttpsClient / InitialEncryptedAuthToken Value

Project-specific, encrypted authentication token for the server specified in AuthUrl.

The token will be used on the first successful connection to replace the authentication token with a token individual to the reader.

The key for encrypting the initial token is:

Sample
-----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE3mEEb/cQw5uyR3o9sv2LfXAbNs2a lyzKx30YeXSzqpcKv6P9Zjst1HleRn4YKTMVdNpqBms+EvG7ckeEHQ128Q== -----END PUBLIC KEY-----

When using an IF Converter development image, the key is:

Sample
-----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEeV6InxoTLA1uWvoikxksU/XkfDeh xztawfX/tBEdOaVNx5i8QVhDxqfQUMns1VCIeIb5DFkRWGG+E7xKjUOFIw== -----END PUBLIC KEY-----

Properties

Value ID: 0x0128/0x08

Format

Name	Type/Size	Description
Token	Raw data (until end of frame)	ASCII string (up to 16 characters) encrypted using ECC P-256. It consists of the following components: Header byte 1 byte Default value `0x00` For IF Converter development images: `0x64` ( `100` in decimal) Ephemeral public key A random, DER-encoded ECC P-256 public key used for encrypting the token Format: Length-prefixed byte sequence First byte: Length of the DER-encoded public key Following bytes: DER-encoded key itself PKCS#7-padded and AES-256-CBC encrypted version of the initial token. Encryption key: Derived by computing the SHA-256 hash of the ECDH shared secret, which is generated using the random ephemeral public key and the IF Converter's public key (see above). Initialization vector (IV): The first 16 bytes of the SHA-256 hash of the SHA-256 hash of the same ECDH shared secret. Format: Stored as a length-prefixed byte sequence, where the first byte indicates the length of the encrypted data, followed by the encrypted content.