manualshive.com logo in svg

Sunricher SR-SBP2801-BLE-E, Instructions Manual

The Sunricher SR-SBP2801-BLE-E user manual is available for free download from manualshive.com. This manual provides detailed instructions on how to use and set up the product, ensuring a seamless experience for all users. Get your manual today and unlock the full potential of your Sunricher device.

Share
Download
background image

X_1 = AES128(49B819000015E2620400000000000000, 3DDA31AD44767AE3CE56DCE2B3CE2ABB) X_1 = 
dc8d685f968e795b23f4370b3091f33f

X_1A = XOR(X_1, B_1)
X_1A = XOR(dc8d685f968e795b23f4370b3091f33f, 000A0DFFDA0362040000101200000000) X_1A = 
dc8765a04c8d1b5f23f427193091f33f

X_2 = AES128(X1A, Key)
X_2 = AES128(dc8765a04c8d1b5f23f427193091f33f, 3DDA31AD44767AE3CE56DCE2B3CE2ABB)
X_2 = 231be2ff54ca62fb38d32eaaaf1b447d

S_0 = AES128(A0, Key)
S_0 = AES128(01B819000015E2620400000000000000, 3DDA31AD44767AE3CE56DCE2B3CE2ABB) S_0 = 
9ae54e3e95de9f91a0c279537bc25b00

T_0 = XOR(X_2, S_0)
T_0 = XOR(231be2ff54ca62fb38d32eaaaf1b447d, 9ae54e3e95de9f91a0c279537bc25b00) T_0 = 
b9feacc1c114fd6a981157f9d4d91f7d

The calculated signature is formed by the first four bytes of T_0, i.e. it is B9 FE AC C1.

C.3.3 Data telegram with 2 byte optional data

For this example, we consider the following telegram payload received from a SR-SBP2801-BLE-E
with the source address E2801000019B8 and security key 3DDA31AD44767AE3CE56DCE2B3CE2ABB:

0E FF DA 03 63 04 00 00 11 12 34 52 E0 51 16

The last four bytes of this payload (52 E0 51 16) are the sender-provided signature which has to be 
authenticated. The variable input parameters are therefore the following:

Parameter

Source Address

Input Data

Input Length

Sequence Counter

Security Key

In this example

B819000015E2 (little endian representation of E2801000019B8)

0EFFDA0363040000111234

0x000B

62040000

3DDA31AD44767AE3CE56DCE2B3CE2ABB

Based on variable input data and constant internal algorithm parameters, we can now de- rive the following 
variable internal parameters:

Parameter

Nonce

A0

B0

B1

In this example

B819000015E263040000000000

01B819000015E2630400000000000000

49B819000015E2630400000000000000

000B0EFFDA0363040000111234000000

X_2 = AES128(ab55ccb430bffedaeb73640e4334cc64, 3DDA31AD44767AE3CE56DCE2B3CE2ABB)
X_2 = d33e96d7a105c4e8543207f9e75e6cfe

S_0 = AES128(A0, Key)
S_0 = AES128(01B819000015E2630400000000000000, 3DDA31AD44767AE3CE56DCE2B3CE2ABB)
S_0 = 81dec7c16915c6647d92b0668f65e9c9

The execution sequence would then be as follows:

X_1 = AES128(B0, Key)
X_1 = AES128(49B819000015E2630400000000000000, 3DDA31AD44767AE3CE56DCE2B3CE2ABB)
X_1 = ab5ec24beabc9ddeeb73751c7734cc64

X_1A = XOR(X_1, B_1)
X_1A = XOR(ab5ec24beabc9ddeeb73751c7734cc64, 000B0EFFDA0363040000111234000000) X_1A = 
ab55ccb430bffedaeb73640e4334cc64

X_2 = AES128(X1A, Key)

T_0 = XOR(X_2, S_0)
T_0 = XOR(d33e96d7a105c4e8543207f9e75e6cfe, 81dec7c16915c6647d92b0668f65e9c9) T_0 = 
52e05116c810028c29a0b79f683b8537

The calculated signature is formed by the first four bytes of T_0, i.e. it is 52 E5 11 16.
 
C.3.4 Data telegram with 4 byte optional data

For this example, we consider the following telegram payload received from a SR-SBP2801-BLE-E
with the source address E2801000019B8 and security key 3DDA31AD44767AE3CE56DCE2B3CE2ABB:

10 FF DA 03 6A 04 00 00 10 12 34 56 78 2C 9E 10 95

The last four bytes of this payload (2C 9E 10 95) are the sender-provided signature which has to be 
authenticated. The variable input parameters are therefore the following:

Parameter

Nonce

A0

B0

B1

In this example

B819000015E26A040000000000

01B819000015E26A0400000000000000

49B819000015E26A0400000000000000

000D10FFDA036A040000101234567800

Parameter

Source Address

Input Data

Input Length

Sequence Counter

Security Key

In this example

B819000015E2 (little endian representation of E2801000019B8)

10FFDA036A0400001012345678

0x000D

6A040000

3DDA31AD44767AE3CE56DCE2B3CE2ABB

Based on variable input data and constant internal algorithm parameters, we can now de- rive the following 
variable internal parameters:

The execution sequence would then be as follows:

X_1 = AES128(B0, Key)
X_1 = AES128(49B819000015E26A0400000000000000, 3DDA31AD44767AE3CE56DCE2B3CE2ABB) X_1 = 
434fa5855b8a8a8ae99bf1cb114a51b7

X_1A = XOR(X_1, B_1)
X_1A = XOR(434fa5855b8a8a8ae99bf1cb114a51b7, 000D10FFDA036A040000101234567800)
X_1A = 4342b57a8189e08ee99be1d9251c29b7

X_2 = AES128(X1A, Key)
X_2 = AES128(4344b57a8189e08ee99be1d9251c29b7, 3DDA31AD44767AE3CE56DCE2B3CE2ABB)
X_2 = 12c78b85a4ecb6f34daff7651db8e386

S_0 = AES128(A0, Key)
S_0 = AES128(01B819000015E2630400000000000000, 3DDA31AD44767AE3CE56DCE2B3CE2ABB) S_0 = 
3e599b103f33447e6b46eec4a042d0bc

T_0 = XOR(X_2, S_0)
T_0 = XOR(12c78b85a4ecb6f34daff7651db8e386, 3e599b103f33447e6b46eec4a042d0bc) T_0 = 
2c9e10959bdff28d26e919a1bdfa333a

The calculated signature is formed by the first four bytes of T_0, i.e. it is 2C 9E 10 95.

Summary of Contents for SR-SBP2801-BLE-E

Page 1: ...Wall Switches and US style rocker pads 1 2 Technical data Dimensions Weight Security Power Supply Button Inputs Communication Range guidance only Max transmit power measured Antenna Communication Sta...

Page 2: ...o channels Channel A and Channel B each containing two button contacts State O and State I The state of all four button contacts pressed or not pressed is transmitted together with a unique device ide...

Page 3: ...he two channel radio transmission sequence removes transmission on the third radio channel selected by TX_CHANNEL3 and instead repeats the transmission once more four times in total The SR SBP2801 BLE...

Page 4: ...key as identity resolution key This key can be modified if needed via the NFC configuration interface as described in chapter 6 7 5 For each data telegram transmitted by SR SBP2801 BLE E i e for every...

Page 5: ...lease Action then this is indicated by the according status bit set to 1 Note that all contacts that were pressed during Press Action will be released during Release Action The case of continuing to h...

Page 6: ...key as part of the NFC based commissioning process To do so follow the procedure outlined in chapter 6 7 5 For additional security NFC read out of the new security key can be disabled by setting the P...

Page 7: ...ssioning mode Button_X is pressed or released again 5 3 3 Exit from commissioning mode Pressing any key except the button used for entry into commissioning mode Button_X will cause SR SBP2801 BLE E to...

Page 8: ...e Any other data received by the NFC tag while in IDLE state is discarded and the NFC tag will remain in IDLE state 6 2 3 READY 1 state READY 1 is the first UID resolving state where the NFC tag resol...

Page 9: ...ID of such tag This should always be used as first operation ahead of any read write authenticate actions Example SearchTag 32 2 NTAG_PwdAuth 32 bit password as hex bytes 16 bit password_ack as hex b...

Page 10: ...FC Data SR SBP2801 BLE E reserves 64 byte for customer specific NFC data see chapter 6 7 11 specific security measures are used to restrict read access to this data The following items are located in...

Page 11: ...and release the button of SR SBP2801 BLE E SR SBP2801 BLE E will determine that it should modify the security key based on the setting of the Update Security Key flag and copy the value of the Securit...

Page 12: ...ngs 6 7 9 2 Interval selection Starting with version DC 06 it is possible to reduce the transmission interval from the default setting of 20 ms to 10 ms by setting bit 3 of the Variant register Settin...

Page 13: ...product label encodes key product parameter according to the ANSI MH10 8 2 2013 industry standard The QR code shown in Figure 32 above encodes the following string 30SE280101500100 Z0123456789ABCDEF0...

Page 14: ...estricting transmission range include Switch mounting on metal surfaces up to 30 loss of transmission range Hollow lightweight walls filled with insulating wool on metal foil False ceilings with panel...

Page 15: ...advertising intervals then the scan interval has to be less than the time between the end of the first advertising event and the begin of the third advertising event 2 10 ms 20 ms minus 0 5 ms telegra...

Page 16: ...ules Operation is subject to the following two conditions 1 this device may not cause harmful interference and 2 this device must accept any interference received including interference that may cause...

Page 17: ...essage shown above can be parsed into the following components keep in mind the little endian byte order BLE Access Address 4 byte 0x8E89BED6 BLE Frame Control 2 byte 0x2442 Size of source address pay...

Page 18: ...rameter Comment Description Example Length Field Size Size in bytes of the field used to encode the input length 2 always minimum permissible size Desired size in byte of the signa ture generated by t...

Page 19: ...for a description of the commission telegram structure The location of the security key is for reference highlighted above This means that the security key of this red device is 3DDA31AD44767AE3CE56D...

Page 20: ...table XOR calculator could be found here http xor pw The execution sequence would then be as follows X_1 AES128 B0 Key X_1 AES128 49B819000015E25D0400000000000000 3DDA31AD44767AE3CE56DCE2B3CE2ABB X_1...

Page 21: ...15E2630400000000000000 3DDA31AD44767AE3CE56DCE2B3CE2ABB X_1 ab5ec24beabc9ddeeb73751c7734cc64 X_1A XOR X_1 B_1 X_1A XOR ab5ec24beabc9ddeeb73751c7734cc64 000B0EFFDA0363040000111234000000 X_1A ab55ccb430...

Reviews:

No comments

Related manuals for SR-SBP2801-BLE-E

Kapriol 27977 Manufacturer'S Instruction And Information preview
27977
Brand: Kapriol Pages: 32
JABO 4236 Installation Manual preview
4236
Brand: JABO Pages: 4
Febco 860 Series Maintenance Manual preview
860 Series
Brand: Febco Pages: 12
Yetter 5500 Series Owner'S Manual, Part Identification preview
5500 Series
Brand: Yetter Pages: 16
Raymarine P70 User Reference preview
P70
Brand: Raymarine Pages: 70
Harbor Freight Tools 40052 Operating Instructions preview
40052
Brand: Harbor Freight Tools Pages: 4
4iiii FLiiiight Owner'S Manual preview
FLiiiight
Brand: 4iiii Pages: 36
4iiii FLiiiight User Manual preview
FLiiiight
Brand: 4iiii Pages: 34
4EVAC IMPACT Reference Manual preview
IMPACT
Brand: 4EVAC Pages: 27
IDS Dual Product Manual preview
Dual
Brand: IDS Pages: 2
MAHA MBT Series Operating Instructions Manual preview
MBT Series
Brand: MAHA Pages: 21
MAGUIRE PRS-20 Installation Operation & Maintenance preview
PRS-20
Brand: MAGUIRE Pages: 47
Naked NKD1 Installation & Operating Manual preview
NKD1
Brand: Naked Pages: 36
Yamaha MagicStomp Effect List preview
MagicStomp
Brand: Yamaha Pages: 31
HAMPTON BAY C7116-BN Use And Care Manual preview
C7116-BN
Brand: HAMPTON BAY Pages: 6
Allen-Bradley DeviceNet CompactPCI 1784-CPCIDS Installation Instructions Manual preview
DeviceNet CompactPCI 1784-CPCIDS
Brand: Allen-Bradley Pages: 36
Exmark ARS180KA21 Operator'S Manual preview
ARS180KA21
Brand: Exmark Pages: 36
Manley NU MU Owner'S Manual preview
NU MU
Brand: Manley Pages: 18

Brands by name

Popular brands

Load more brands