Sec.SetKey

Sets a key and the appropriate Authorization Mode bits for a specified Security Level.

Please note that if DeriveKey is not 0, Sec.SetKey will not use the Key parameter as a new key value for the authentication of security level SecLevel directly. Instead, it encrypts the key specified in DeriveKey with the key specified in Key (via AES), and uses this encrypted key as a new key value for the authentication of security level SecLevel.

If one or more of the SessionKey, MACed, Encrypted or ContinuousIV bits are set, it is not possible to authenticate without the corresponding authentication mode setting.

Properties

Parameters (request frame)

Name Type/Size Description
- Bit mask (8 bits) -
ContinuousIV Integer (bit 0x80)

If this bit is set, encryption/MACing will use Cipher Block Chaining (CBC). In this case, a continuous initial vector (IV) will be used.

If this bit is not set, CBC is not used, i.e. the IV will be reset to all zeros (00 00 ... 00) before every command or response is encrypted/MACed.

Encrypted Integer (bit 0x40)

Requires that commands running in this security level always have to be encrypted.

This flag cannot be set at the same time as the MACed flag.
MACed Integer (bit 0x20)

Requires that commands running in this security level always have to be MACed.

This flag cannot be set at the same time as the Encrypted flag.
SessionKey Integer (bit 0x10) Requires a two-phase authentication to be able to enter a security level. This two-phase authentication process needs to be performed using the Sec.AuthPhase1 and Sec.AuthPhase2 commands.
DeriveKey Integer (bit mask area 0x0C) This value specifies a key which will be encrypted by the Key value and used as authentication key for security level SecLevel . If this parameter is 0, the authentication key is directly set by the Key parameter.
SecLevel Integer (bit mask area 0x03) The security level for which the key has to be set.
Key Raw data (length 16 Bytes) Key/Password for authentication of security level SecLevel.

Returned values (response frame)

None