Sec.SetKey
Sets a key and the appropriate Authorization Mode bits for a specified Security Level.
If one or more of the SessionKey, MACed, Encrypted or ContinuousIV bits are set, it is not possible to authenticate without the corresponding authentication mode setting.
Properties
- Command code: 0x0703
- Command timeout: 1000 ms
- Possible status codes: General status codes, Sec.ErrCrypto
Parameters (request frame)
| Name | Type/Size | Description | |
|---|---|---|---|
| - | Bit mask (8 bits) | - | |
| ContinuousIV | Boolean (bit 0x80) |
If true, encryption/MACing will use Cipher Block Chaining (CBC). In this case, a continuous initial vector (IV) will be used. If this bit is not set, CBC is not used, i.e. the IV will be reset to all zeros (00 00 ... 00) before every command or response is encrypted/MACed. |
|
| Encrypted | Boolean (bit 0x40) |
Requires that commands running in this security level always have to be encrypted. This flag cannot be set at the same time as the MACed flag. |
|
| MACed | Boolean (bit 0x20) |
Requires that commands running in this security level always have to be MACed. This flag cannot be set at the same time as the Encrypted flag. |
|
| SessionKey | Boolean (bit 0x10) | Requires a two-phase authentication to be able to enter a security level. This two-phase authentication process needs to be performed using the Sec.AuthPhase1 and Sec.AuthPhase2 commands. | |
| DeriveKey | Integer (bit mask area 0x0C) |
This value is not used and must be 0. Until firmware v2.14.00, this value referenced the key of the security level, which was used to derive Key. Since firmware v2.20.00, this feature is no longer supported. |
|
| SecLevel | Integer (bit mask area 0x03) | The security level for which the key has to be set. | |
| Key | Raw data (length 16 Bytes) | Key/Password for authentication of security level SecLevel. | |
Returned values (response frame)
None