Security#

EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_CHANGEKEY_LINK#

#define EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_CHANGEKEY_LINK

changekey link [key:-1]

• Change the link key to the one provided in the 16 byte array argument for this command.

  • key - OCTET_STRING - The link key provided as a 16 byte array

EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_CHANGEKEY_NETWORK#

#define EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_CHANGEKEY_NETWORK

changekey network [key:-1]

• Change the network key to the 16 byte array provided as an argument to this command.

  • key - OCTET_STRING - The network key provided as a 16 byte array

EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_KEYS_CLEAR#

#define EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_KEYS_CLEAR

keys clear

• Clear all security keys

EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_KEYS_DELETE#

#define EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_KEYS_DELETE

keys delete [index:1]

• Delete a security key from a given index

  • index - INT8U - index into the security key table

EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_KEYS_PRINT#

#define EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_KEYS_PRINT

keys print

• Print all security keys out to the command line.

EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_OPTION_INSTALL_CODE#

#define EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_OPTION_INSTALL_CODE

option install-code [keyTableIndex:1] [ieeeAddress:8] [installCode:-1]

• Derives a link key from an install code, sets it in the transient key table for Z3 applications or sets it in the link key table for SE applications.

  • keyTableIndex - INT8U - index into the link key table

  • ieeeAddress - IEEE_ADDRESS - IEEE address to enter into the link key table

  • installCode - OCTET_STRING - install code including two-byte, little-endian CRC

EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_OPTION_LINK#

#define EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_OPTION_LINK

option link [keyTableIndex:1] [ieeeAddress:8] [linkKey:-1]

• Sets a link key in the link key table. Example: option link 0x00 { 06 00 ab 41 64 30 00 0a } {aa bb cc dd ee ff aa bb cc dd ee ff aa bb cc dd}

  • keyTableIndex - INT8U - index into the link key table

  • ieeeAddress - IEEE_ADDRESS - IEEE address to enter into the link key table

  • linkKey - OCTET_STRING - link key to enter into the table

EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_OPTION_REGISTER#

#define EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_OPTION_REGISTER

option register

• Initiates Smart Energy Registration including Key Establishment. This command expects that the device has already joined a smart energy network.

EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_OPTION_SECURITY_APS_OFF#

#define EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_OPTION_SECURITY_APS_OFF

option security aps off

• Turns aps security off

EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_OPTION_SECURITY_APS_ON#

#define EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_OPTION_SECURITY_APS_ON

option security aps on

• Turns aps security on

EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_OPTION_SECURITY_SET_ALLOW_TRUST_CENTER_REJOIN_USING_WELL_KNOWN_KEY#

#define EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_OPTION_SECURITY_SET_ALLOW_TRUST_CENTER_REJOIN_USING_WELL_KNOWN_KEY

option security set-allow-trust-center-rejoin-using-well-known-key [allowTrustCenterRejoinUsingWellKnownKey:1]

• Set whether or not a Trust Center application will allow trust center rejoins for devices using the well-known key.

  • allowTrustCenterRejoinUsingWellKnownKey - BOOLEAN - Whether or not the Trust Center should allow trust center rejoins for devices using the well-known key.

EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_OPTION_SECURITY_SET_ALLOW_TRUST_CENTER_REJOIN_USING_WELL_KNOWN_KEY_TIMEOUT#

#define EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_OPTION_SECURITY_SET_ALLOW_TRUST_CENTER_REJOIN_USING_WELL_KNOWN_KEY_TIMEOUT

option security set-allow-trust-center-rejoin-using-well-known-key-timeout [trustCenterRejoinUsingWellKnownKeyTimeout:2]

• Sets the number of seconds to allow trust center rejoins for devices using the well-known key. A value of 0 means the policy should not be changed after a timeout. This must be called prior to forming or joining a network.

  • trustCenterRejoinUsingWellKnownKeyTimeout - INT16U - The number of seconds that trust center rejoins will be responded to using the well-known link key.

EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_OPTION_SECURITY_SET_KEY_REQUEST_POLICY#

#define EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_OPTION_SECURITY_SET_KEY_REQUEST_POLICY

option security set-key-request-policy [tcLinkKeyRequestPolicy:1] [appLinkKeyRequestPolicy:1]

• Sets the local policy for handling TC link key requests and application link key requests. This command sets the emberTrustCenterLinkKeyRequestPolicy and emberAppLinkKeyRequestPolicy attributes. This command should only be entered on the trust center.

  • tcLinkKeyRequestPolicy - INT8U - The value to assign to emberTrustCenterLinkKeyRequestPolicy

  • appLinkKeyRequestPolicy - INT8U - The value to assign to emberAppLinkKeyRequestPolicy

EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_SECURITY_MFG_TOKEN_GET#

#define EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_SECURITY_MFG_TOKEN_GET

security mfg-token get

EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_SECURITY_MFG_TOKEN_SET#

#define EMBER_AF_DOXYGEN_CLI_COMMAND_SECURITY_SECURITY_MFG_TOKEN_SET

security mfg-token set [magicNumber:4] [value:2]

• • magicNumber - INT32U

  • value - INT16U

EMBER_AF_DOXYGEN_CLI__SECURITY_MFG_TOKEN_COMMANDS#

#define EMBER_AF_DOXYGEN_CLI__SECURITY_MFG_TOKEN_COMMANDS

Commands used for security.

security mfg-token getsecurity mfg-token set <Magic number> <EmberKeySettings value>

• Magic number - uint32_t. The 4-byte magic number EMBER_MFG_SECURITY_CONFIG_MAGIC_NUMBER to prevent accidental execution.

• EmberKeySettings value - uint16_t. The 2-byte value for EmberKeySettings indicating key permissions.