EnOcean EASYFIT EDRPB Скачать руководство пользователя страница 39

Страница: 39 / 68

USER MANUAL

ESRPB / EDRPB - EASYFIT BLUETOOTH® SINGLE / DOUBLE ROCKER PAD

F-710-017, V1.0

ESRPB / EDRPB User Manual | v1.3 | Jan 2018 | Page 39/68

6.7.3

Security Key Write register

The

Security Key Write

security key.

The factory programmed key can be replaced with a user defined key by following these
steps:

Write new security key into the

Security Key Write

Note that for security reasons, setting the Security Key to the following values is not

possible:



0x00000000000000000000000000000000



0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

If the

Security Key Write

the Security Key will occur.

Set the

Update Security Key

flag in the Configuration register to

0b1

If the key should be write-only (not readable after the key update) then set the

Pri-

vate Security Key

flag in the

Configuration

0b1

Actuate (press and release) one rocker of ESRPB / EDRPB

ExRPB will determine that it should modify the security key based on the setting of the

Up-

date Security Key

flag and copy the value of the

Security Key Write

Secu-

rity Key

After successful execution, ExRPB will clear the

Update Security Key

flag to 0b0.

If the

Private Key

flag in the Configuration register is set to

0b0

then the content of the

Security Key Write

cases where the security key shall be readable for users having the correct PIN code.

If the

Private Key

flag in the

Configuration

0b1

then the content of the

Security Key Write

0x00000000000000000000000000000000

after

successful execution. This addresses use cases where the security key shall never be read-
able (even for users having the correct PIN code).

The

Security Key Write

x00000000000000000000000000000000

even if the

Private Key

flag in the

Configuration

reg-

ister is subsequently cleared to

0b0.

This ensures that it is not possible to read a security

key which was written with the

Private Key

flag in the

Configuration

Note that it is not possible to read the current security key via NFC if the

Security Key

Write

necessary to write a new security key (as described above) or to reset the device to its de-

fault security key by means of a factory reset.

The protected memory is designed to support 1000 modifications of the security key.

Содержание EASYFIT EDRPB

Страница 1: ...PB User Manual v1 3 Jan 2018 Page 1 68 Patent protected WO98 36395 DE 100 25 561 DE 101 50 128 WO 2004 051591 DE 103 01 678 A1 DE 10309334 WO 04 109236 WO 05 096482 WO 02 095707 US 6 747 573 US 7 019 241 Observe precautions Electrostatic sensitive devices ESRPB EDRPB EASYFIT Bluetooth Single Double Rocker Pad 09 01 2018 ...

Страница 2: ...ssible omissions or inaccuracies Circuitry and specifications are subject to change without notice For the latest product specifica tions refer to the EnOcean website http www enocean com As far as patents or other rights of third parties are concerned liability is only assumed for modules not for the described applications processes and circuits EnOcean does not assume responsibility for use of m...

Страница 3: ...1 Three channel sequence 11 3 3 2 Two channel sequence 12 3 3 3 Single channel sequence 12 4 Telegram format 13 4 1 Preamble 13 4 2 Access Address 13 4 3 Header 13 4 4 Source address 14 4 4 1 Static source address mode 14 4 4 2 Private resolvable source address mode 15 4 5 Check Sum 16 4 6 Payload 17 4 7 Switch status encoding 18 4 8 ExRPB telegram authentication 19 4 8 1 Authentication implementa...

Страница 4: ...ter 39 6 7 4 Product ID and Manufacturer ID Write register 40 6 7 5 Optional Data register 40 6 7 6 Configuration register 41 6 7 7 Custom Channel Mode register 42 6 7 8 Radio Channel Selection registers 43 6 7 9 Customer Data 44 6 8 Private Data 45 6 8 1 Security Key 45 6 8 2 Default Settings 45 7 Device Label 46 8 APPLICATION INFORMATION 47 8 1 Transmission range 47 8 2 External magnets 47 8 3 R...

Страница 5: ... 59 B 1 3 Obtaining the security key 60 B 1 3 1 Obtaining the security key via NFC interface 60 B 1 3 2 Obtaining the security key via the product DMC code 61 B 1 3 3 Obtaining the security key via a commissioning telegram 61 B 2 Internal parameters 62 B 3 Constant internal parameters 62 B 4 Variable internal parameters 63 B 5 Algorithm execution sequence 63 B 6 Examples 64 B 6 1 Data telegram wit...

Страница 6: ...energy transducer which is actuated by the ExRPB rocker movement Whenever a rocker is pushed down or released electrical energy is cre ated and a set of Bluetooth advertising frames is transmitted by the PTM 215B radio trans mitter which identifies the rocker status pushed or released ExRPB radio telegrams are protected with AES 128 security based on a device unique pri vate key Long or Short rock...

Страница 7: ...Tag ISO IEC 14443 Part 2 and 3 Device Identification Unique 48 Bit Device ID factory programmed Security AES128 CBC Mode with Sequence Code Power Supply Integrated Kinetic Energy Harvester Inputs Single ESRPB or Double Rocker EDRPB 1 4 Physical dimensions and mounting options Dimensions of Single Rocker Pad 4 95 H x 3 21 W x 0 74 D 126mm x 82mm x 19mm Dimensions of Double Rocker Pad 4 95 H x 4 52 ...

Страница 8: ...ergy BLE standard The PTM 215B module provides four button contacts which are actuated by one single rocker ESRPB or two double rockers EDRPB The button contacts of the PTM 215B module are grouped into two channels Channel A and Channel B with each channel con taining two button contacts State O and State I For the double rocker variant EDRPB each channel is actuated by one of the two rockers In c...

Страница 9: ...is possible see chapter 6 7 8 The initialization value for data whitening is set as follows For BLE channels is set according to specification value radio channel For the custom radio channels the initialization value is equal to the offset from 2400 MHz e g value 3 for 2403 MHz Table 1 below summarizes radio channels supported by ExRPB Radio Channel Frequency Channel Type BLE Radio Channels 37 24...

Страница 10: ...dio transmission sequences In certain situations it might be desirable to transmit radio telegrams on channels other than the three advertising channels ExRPB therefore allows to select the radio channels to be used for the transmission of data telegrams and commissioning telegrams The following transmission modes are supported Both commissioning telegrams and data telegrams are transmitted on the...

Страница 11: ...issions on one radio channel It is described in chapter 3 3 3 below 3 3 1 Three channel sequence The three channel radio transmission sequence is similar to the default transmission se quence The difference is that the radio channels BLE Channel 37 38 and 39 in the default transmission sequence can be selected using the Radio Channel Selection registers CH_REG1 CH_REG2 and CH_REG3 The ExRPB advert...

Страница 12: ...lect ed by CH_REG2 This transmission sequence will be sent four times in total with pauses of 20 ms in between as shown in Figure 6 below Figure 6 Two channel radio transmission sequence The format of CH_REG1 and CH_REG2 is described in chapter 6 7 8 3 3 3 Single channel sequence The single channel radio transmission sequence removes transmission on the second and third radio channel selected by C...

Страница 13: ...izes the BLE frame structure Figure 8 BLE frame structure The content of these fields is described in more detail below 4 1 Preamble The BLE Preamble is 1 byte long and identifies the start of the BLE frame The value of the BLE Preamble is always set to 0xAA 4 2 Access Address The 4 byte BLE Access Address identifies the radio telegram type For advertising frames the value of the Access Address is...

Страница 14: ... flag in the Configuration register see chapter 6 7 6 to 0b0 These two address modes are described in the following chapters 4 4 1 Static source address mode By default ExRPB uses static source addresses meaning that the source address is constant during normal operation The static source address can be read and configured written via NFC as described in chapter 6 The structure of ExRPB static add...

Страница 15: ...andom key as identity resolution key This key can be configured via the NFC con figuration interface as described in chapter 6 For resolvable private addresses the 48 bit address field is split into two sub fields prand This field contains a random number which always starts two most significant bits with 0b10 The prand value is changed for each telegram that is transmitted Indi vidual advertising...

Страница 16: ...quentially using the IRK of each device that it has been learned into it If an IRK matches i e when prand is encoded with this specific IRK then the result match es hash then the receiver has established the identity of the transmitter So conceptually the IRK takes the role of the device source address while prand and hash provide a mechanism to select the correct IRK among a set of IRK This mecha...

Страница 17: ...s based on assigned numbers EnOcean has been assigned 0x03DA as manufacturer ID code The Manufacturer ID can be changed via the NFC configuration interface as de scribed in chapter 6 7 4 Sequence Counter 4 byte The Sequence Counter is a continuously incrementing counter used for security processing It is initialized to 0 at the time of production and incremented for each telegram data telegram or ...

Страница 18: ... Action is indicated by Bit 0 Energy Bar If a button contact has been actuated during Press Action or Release Action then this is indicated by the according status bit set to 1 Note that all contacts that were pressed during Press Action will be released during Release Action The case of continuing to hold one or several button contacts during Release Ac tion is mechanically not possible The switc...

Страница 19: ...source address and the telegram payload Changing any of these three parame ters will therefore result in a different signature The receiver performs the same signature calculation based on sequence counter source address and the remaining telegram data of the received telegram using the security key it received from ExRPB during commissioning The receiver then compares the signature reported as pa...

Страница 20: ... Source Address 4 byte Sequence Counter and 3 bytes of value 0x00 for padding Note that both Source Address and Sequence Counter use little endian format least signifi cant byte first Figure 16 below shows the structure of the AES128 Nonce Figure 16 AES128 Nonce structure The AES128 Nonce and the 128 bit device unique security key are then used to calculate a 32 bit signature of the authenticated ...

Страница 21: ...thenticate its radio telegrams ExRPB provides the following options for these tasks NFC based commissioning The ExRPB parameters are read by a suitable commissioning tool e g NFC smartphone with suitable software which is already part of the network into which ExRPB will be commissioned The commissioning tool then communicates these pa rameters to the intended receiver of ExRPB radio telegrams NFC...

Страница 22: ... security NFC read out of the new security key can be disabled by set ting the Private Security Key flag in the Configuration register before setting the new security key This ensures that even persons knowing the correct PIN code to configure this spe cific switch cannot read out the programmed new security key Please verify that you have properly documented the new security key as there is no po...

Страница 23: ...d security key and send them parameters to the intended receiver of ExRPB radio telegrams The QR code shown in Figure 18 above encodes the following text 30SE21501234567 Z0123456789ABCDEF0123456789ABCDEF 30PESRPB 2PDA01 S03123456 The structure of the QR code content is described below 5 2 1 QR code format The commissioning QR code provided by ExRPB products encodes the product parameters based on ...

Страница 24: ...ning mode start by selecting one button one side of one rocker of ESRPB or EDRPB For the dual rocker EDRPB case this button can be either upper side of left rocker lower side of left rocker upper side of right rocker or lower side of right rocker For the single rocker ESRPB case this can be either upper side of the rocker or lower side of the rocker This selected button is referred to as Button_X ...

Страница 25: ...BLE devices based on assigned numbers By default this field is set to 0x03DA EnOcean GmbH This field can be changed via the NFC configuration interface as described in chapter 6 7 4 Sequence Counter 4 byte The Sequence Counter is a continuously incrementing counter used for security pro cessing It is initialized to 0 at the time of production and incremented for each tele gram data telegram or com...

Страница 26: ...four button contacts A0 A1 B0 and B1 have to be pressed at the same time while the energy bow of the ExRPB module is pressed down The energy bow must then be held at the down position for at least 10 seconds before be ing released The button contacts A0 A1 B0 and B1 can be released at any time after pressing the energy bow down i e it is no requirement to hold them as well for at least 10 seconds ...

Страница 27: ...s the following NFC reader either PC USB accessory or suitable smartphone tablet NFC SW with read write PIN lock PIN unlock and PIN change functionality EnOcean recommends TWN4 from Elatec RFID Systems https www elatec rfid com en as USB NFC reader This reader is shown in Figure 21 below Figure 21 Elatec TWN4 MultiTech Desktop NFC Reader TWN4 can be configured as CDC Virtual COM port and can then ...

Страница 28: ...14443 standard For specific implementation aspects related to the NXP implementation in NT3H2111 please refer to the NXP documentation which at the time of writing was available under this link http cache nxp com documents data_sheet NT3H2111_2211 pdf The following chapters summarize the different functions for reference purposes 6 2 1 NFC interface state machine Figure 22 below shows the overall ...

Страница 29: ...e UID using the ANTICOLLISION or SELECT commands for cascade level 1 READY 1 state is exited after the SELECT command from cascade level 1 with the matching complete first part of the UID has been executed The NFC tag then proceeds into READY 2 state where the second part of the UID is resolved 6 2 4 READY 2 state READY 2 is the second UID resolving state where the NFC tag resolves the remaining 4...

Страница 30: ... is 4 byte in size For example if the specified address is 03h then pages 03h 04h 05h 06h are returned Spe cial conditions apply if the READ command address is near the end of the accessible memory area Figure 23 below shows the read command sequence Figure 23 NFC read command sequence 6 2 7 Write command The WRITE command requires a start page address and returns writes 4 bytes of data into that ...

Страница 31: ...fication via the PWD_AUTH command The PWD_AUTH command takes the password as parameter and if successful returns the password authentication acknowledge PACK Figure 25 below shows the password authentication sequence Figure 25 Password authentication sequence After successful authentication the password can be changed by writing the new password to memory page 0xE5 Note that a read access to page ...

Страница 32: ...oftware sup port package At the time of writing this was available from this address https www elatec rfid com en download center contact form twn4 devpack sdk Figure 26 below shows the user interface of this software Figure 26 User interface of TWN4 Director By using this software it is easily possible to generate the required serial commands that have to be sent via CDC Virtual COM port to TWN4 ...

Страница 33: ...0x00 0xE2 0x15 0x00 0x00 NTAG_Read page Used to read one page of data Example NTAG_Read 0x04 NTAG_Write page data Used to write one page of data Example NTAG_Write 0x40 0x12 0x34 0x56 0x78 NTAG_Write 0xE5 PIN Code Used to set a new pin code by writing to page 0xE5 Example NTAG_Write 0xE5 0x12 0x34 0x56 0x78 6 3 2 Translation into binary data In order to use these commands within a user application...

Страница 34: ...tion The ExRPB configuration memory is divided into the following areas Public data Protected data In addition to that ExRPB maintains a private configuration memory region used to store default parameters and confidential information which is not accessible to the user Figure 29 below illustrates the configuration memory organization used by ExRPB Figure 29 Configuration memory organization ...

Страница 35: ...0x07 28 Public 8 0x08 32 NFC Revision Manufacturer ID Public 9 0x09 36 Reserved Public 10 0x0A 40 Hardware Revision Public 11 0x0B 44 Software Revision Public 12 0x0C 48 Static Source Address Public 13 0x0D 52 Sequence Counter Protected Memory Area Protected 14 0x0E 56 Configuration Custom CH Mode Reserved Protected 15 0x0F 60 Opt Data 0 Opt Data 1 Opt Data 2 Opt Data 3 Protected 16 0x10 64 Produc...

Страница 36: ...nOcean GmbH Product ID and Manufacturer ID can be configured by the customer as required to identify his products see chapter 6 7 4 Static Source Address This is a 4 byte field used to identify the static source address used by ExRPB see chapter 4 4 1 Each ExRPB is pre programmed with an individual static source ad dress The Static Source Address can be configured by the customer as required to id...

Страница 37: ... security key used by ExRPB see chapter 6 7 3 Optional Data register This 4 byte register contains optional data that can be transmitted as part of all data telegrams see chapter 4 6 Optional Data 0 is sent first Optional Data 3 last Configuration register This 1 byte register is used to configure the functional behavior of ExRPB see chap ter 6 7 6 Custom Channel Mode register This 1 byte register...

Страница 38: ...urce Address Write Product ID Write Manufacturer ID Write and Security Key Write in the protected data area and set the according Update flag in the Configuration register After that the user has to push and release one rocker of ESRPB or EDRPB 6 7 2 Source Address Write register The Source Address Write register is 4 byte wide and can be used to modify the lower 32 bit of the Static Source Addres...

Страница 39: ...te memory After successful execution ExRPB will clear the Update Security Key flag to 0b0 If the Private Key flag in the Configuration register is set to 0b0 then the content of the Security Key Write register will be maintained at its current value This addresses use cases where the security key shall be readable for users having the correct PIN code If the Private Key flag in the Configuration r...

Страница 40: ...Set the Update Product and Manufacturer ID flag in the Configuration register to 0b1 4 Actuate press and release one rocker of ESRPB EDRPB ExRPB will determine that it should update the Product ID and Manufacturer ID based on the setting of the Update Product and Manufacturer ID flag and copy any non zero value of the Product ID Write register to the Product ID register and any non zero value of t...

Страница 41: ...nocean com F 710 017 V1 0 ESRPB EDRPB User Manual v1 3 Jan 2018 Page 41 68 6 7 6 Configuration register The Configuration register is 1 byte wide and contains configuration flags Figure 30 below shows the structure of the Configuration register Figure 30 Configuration register structure ...

Страница 42: ...9 Note This is equivalent to setting Custom Channel Mode 0x04 in con junction with CH_REG1 0x25 CH_REG2 0x26 and CH_REG3 0x27 0x01 Commissioning telegrams in standard Advertising Mode Data telegrams on 3 user defined radio channels 0x02 Commissioning telegrams in standard Advertising Mode Data telegrams on 2 user defined radio channels 0x03 Commissioning telegrams in standard Advertising Mode Data...

Страница 43: ...ls BLE Channel 0 BLE Channel 39 using the even fre quencies from 2402 MHz to 2480 MHz as described in chapter 3 Custom radio channels in between the standard BLE channels odd frequencies from 2403 MHz to 2479 MHz CH_REGn Value Frequency Channel Type BLE Radio Channels 37 2402 MHz BLE Advertising Channel 0 2404 MHz BLE Data Channel 1 2406 MHz BLE Data Channel 10 2424 MHz BLE Data Channel 38 2426 MH...

Страница 44: ...EM specific information such as product type revi sion date code or similar There is however no restriction other than the maximum size of 256 byte on the type of content that can be stored in this memory region ExRPB will not access or modify this memory region Users should keep in mind that the content of this memory region will not be affected by a factory reset This means that after a factory ...

Страница 45: ...ity Key field contains the 128 bit private key used for authenticating ExRPB tele grams and for resolving private source addresses This register is programmed with a random value during manufacturing It can be changed using the Security Key Write feature described in chapter 6 7 3 6 8 2 Default Settings The Default Settings field contains a backup of the following PTM 215B factory settings Static ...

Страница 46: ...n Figure 31 below Figure 31 ESRPB EDRPB product label This device label identifies the following parameters 1 Frequency and radio standard 2 4 GHz BLE in above example 2 Product revision DA 01 in above example 3 Manufacturing date week 35 2016 in above example 4 QR code for automated reading of all information see chapter 5 2 1 5 Static Source Address E21501234567 in above example 6 Manufacturer a...

Страница 47: ...gh max 2 walls Ferro concrete walls ceilings Typically 5 m range through max 1 ceiling depending on thickness Fire safety walls elevator shafts staircases and similar areas should be considered as shielded The angle at which the transmitted signal hits the wall is very important The effective wall thickness and with it the signal attenuation varies according to this angle Signals should be transmi...

Страница 48: ...approximately 3 ms in total when using 3 radio channels which means that the total time between the start of two advertising events is approximately 23 ms Considering that the receiver might start scanning directly after the start of one transmis sion we can therefore determine that it should remain active scan duration for at least 23 ms to check for the start of the next transmission Likewise we...

Страница 49: ...anufacturer to demonstrate compliance to all applicable EU directives and standards The attestation of conformity for PTM 215B serves as input to the declaration of conformity for the full product At the time of writing guidance on the implementation of EU product rules the so called Blue Guide was available from this link http ec europa eu DocsRoom documents 18027 Specifically within the new RED ...

Страница 50: ...USER MANUAL ESRPB EDRPB EASYFIT BLUETOOTH SINGLE DOUBLE ROCKER PAD 2018 EnOcean www enocean com F 710 017 V1 0 ESRPB EDRPB User Manual v1 3 Jan 2018 Page 50 68 9 2 FCC United States Certificate ...

Страница 51: ...v1 3 Jan 2018 Page 51 68 9 2 1 FCC United States Regulatory Statement This device complies with part 15 of the FCC Rules Operation is subject to the following two conditions 1 this device may not cause harmful interference and 2 this device must accept any interference received including interference that may cause undesired operation ...

Страница 52: ...USER MANUAL ESRPB EDRPB EASYFIT BLUETOOTH SINGLE DOUBLE ROCKER PAD 2018 EnOcean www enocean com F 710 017 V1 0 ESRPB EDRPB User Manual v1 3 Jan 2018 Page 52 68 9 3 IC Industry Canada Certificate ...

Страница 53: ...this device may not cause interference and 2 this device must accept any interference including interference that may cause unde sired operation of the device Le présent appareil est conforme aux CNR d Industrie Canada applicables aux appareils radio exempts de licence L exploitation est autorisée aux deux conditions suivantes 1 l appareil ne doit pas produire de brouillage et 2 l utilisateur de l...

Страница 54: ...SER MANUAL ESRPB EDRPB EASYFIT BLUETOOTH SINGLE DOUBLE ROCKER PAD 2018 EnOcean www enocean com F 710 017 V1 0 ESRPB EDRPB User Manual v1 3 Jan 2018 Page 54 68 9 4 ACMA Australia Declaration of Conformity ...

Страница 55: ...USER MANUAL ESRPB EDRPB EASYFIT BLUETOOTH SINGLE DOUBLE ROCKER PAD 2018 EnOcean www enocean com F 710 017 V1 0 ESRPB EDRPB User Manual v1 3 Jan 2018 Page 55 68 ...

Страница 56: ...7E 16 EE 23 A 1 1 BLE frame structure The message shown above can be parsed into the following components keep in mind the little endian byte order BLE Access Address 4 byte 0x8E89BED6 BLE Frame Control 2 byte 0x1342 Size of source address payload 0x13 19 byte Telegram type Non connectable Advertising BLE Source Address 6 byte 0xE21500001B9F Length of payload 1 byte 0x0C 12 byte Type of payload 1 ...

Страница 57: ...e little endian byte order BLE Access Address 4 byte 0x8E89BED6 BLE Frame Control 2 byte 0x2442 Size of source address payload 0x24 36 byte Telegram type Non connectable Advertising BLE Source Address 6 byte 0xE21500001B9F Length of payload 1 byte 0x1E 30 byte Type of payload 1 byte 0xFF manufacturer specific data Manufacturer ID 2 byte 0x03DA EnOcean GmbH EnOcean Payload 27 byte 71 01 00 00 AB 4B...

Страница 58: ... algorithm parameters are required Constant algorithm input parameters These parameters identify high level algorithm and telegram properties and are the same for any PTM 215B telegram Variable algorithm input parameters These parameters identify telegram specific parameters and therefore depend on the specifics of the transmitted telegram B 1 1 Constant input parameters The RFC3610 implementation...

Страница 59: ...is sent The sequence counter is transmitted as part of the input data The receiver of PTM 215B telegrams keeps track of this counter and will accept only telegrams with counter values higher than the highest previously used value This eliminates the possibility of reusing previously transmitted telegrams Note that the individual identical advertising telegrams used to encode the same data telegram...

Страница 60: ...he key via the product DMC code Obtaining the key via a dedicated commissioning telegram Each option is described now in detail B 1 3 1 Obtaining the security key via NFC interface Using the Elatec TWN4 reader as described in chapter 6 3 the security key can be read using the following command sequence SearchTag 32 NTAG_PwdAuth 0x00 0x00 0xE2 0x15 0x00 0x00 NTAG_Read 0x14 This is equivalent to the...

Страница 61: ...key Transmission of such commissioning telegrams can be triggered by means of a specific button sequence as described in chapter 5 3 Note that this feature can be disabled via the NFC commissioning interface by setting the Disable Radio Commissioning flag in the Configuration register to 0b1 see chapter 6 7 6 The resulting commissioning telegram has the following payload 1D FF DA 03 56 04 00 00 3D...

Страница 62: ... on the telegram specific parameters and therefore de pend on the specifics of the transmitted telegram B 3 Constant internal parameters The RFC3610 implementation in PTM 215B derives two internal parameters M and L based on the input data and uses them to construct A0_Flag and B_0_Flag which togeth er with the iteration counter i are required for subsequent processing The value of these internal ...

Страница 63: ...unter and padding see 4 8 1 FE19000015E2D00A0000000000 A0 A0_Flag followed by Nonce followed by 2 byte 0x00 01FE19000015E2D00A00000000000000 B0 B0_Flag followed by Nonce followed by 2 byte 0x00 no message to encode 49FE19000015E2D00A00000000000000 B1 Input Length followed by Input Data fol lowed by 5 4 3 1 byte of 0x00 padding for optional data size 0 1 2 4 byte 00090CFFDA03D00A0000030000000000 Ta...

Страница 64: ...A 88 FF The last four bytes of this payload B2 FA 88 FF are the sender provided signature which has to be authenticated compared against the signature the receiver calculates based on its own security key The variable input parameters are therefore the following Parameter In this example Source Address B819000015E2 little endian representation of E215000019B8 Input Data 0CFFDA035D04000011 Input Le...

Страница 65: ...ES128 X1A Key X_2 AES128 41e60586f0e20faa52c660435c1f247d 3DDA31AD44767AE3CE56DCE2B3CE2ABB X_2 8d89e733da516ae3e08f9e30184909fc S_0 AES128 A0 Key S_0 AES128 01B819000015E25D0400000000000000 3DDA31AD44767AE3CE56DCE2B3CE2ABB S_0 3f736fcc8bcaf2d4aabca0260fab7976 T_0 XOR X_2 S_0 T_0 XOR 8d89e733da516ae3e08f9e30184909fc 3f736fcc8bcaf2d4aabca0260fab7976 T_0 b2fa88ff519b98374a333e1617e2708a The calculate...

Страница 66: ...ant internal algorithm parameters we can now de rive the following variable internal parameters 4 Parameter In this example Nonce B819000015E262040000000000 A0 01B819000015E2620400000000000000 B0 49B819000015E2620400000000000000 B1 000A0DFFDA0362040000101200000000 We can now calculate the signature as follows X_1 AES128 B0 Key X_1 AES128 49B819000015E2620400000000000000 3DDA31AD44767AE3CE56DCE2B3C...

Страница 67: ...onstant internal algorithm parameters we can now de rive the following variable internal parameters Parameter In this example Nonce B819000015E263040000000000 A0 01B819000015E2630400000000000000 B0 49B819000015E2630400000000000000 B1 000B0EFFDA0363040000111234000000 We can now calculate the signature as follows X_1 AES128 B0 Key X_1 AES128 49B819000015E2630400000000000000 3DDA31AD44767AE3CE56DCE2B...

Страница 68: ...and constant internal algorithm parameters we can now de rive the following variable internal parameters Parameter In this example Nonce B819000015E26A040000000000 A0 01B819000015E26A0400000000000000 B0 49B819000015E26A0400000000000000 B1 000D10FFDA036A040000101234567800 We can now calculate the signature as follows X_1 AES128 B0 Key X_1 AES128 49B819000015E26A0400000000000000 3DDA31AD44767AE3CE56...

Результаты поиска

Содержание EASYFIT EDRPB

Отзывы:

Похожие инструкции для EASYFIT EDRPB

Бренды по названию

Популярные бренды

EnOcean EASYFIT EDRPB, Руководство пользователя

Результаты поиска

Содержание EASYFIT EDRPB

Отзывы:

Похожие инструкции для EASYFIT EDRPB

Бренды по названию

Популярные бренды