Hi ,
Presently, I am trying to check *Key Refreshment Procedure* from Mesh Config client.
For checking the operation, I did following steps
- Create Subnet in Config client at Net index 1
- Add SubNetKey to Local Node at Net Index 1
- Add SubNetKey to Remote Node at Net Index 1
- Update Netkey to remote Node in Net index 1
After updating the Netkey, I believe, config client has to either send out SNB with KeyRefreshment(KR) Flag=1 & secured with updated NetKey (i.e by subnet->net_key_upd id)
or send out "Config Key Refresh Phase Set" with transition parameter, set to 2. I could not find the later provision in cfgclient menu.
However, Config Client seems to be not sending out Secure Network Beacon as well. So KR procedure seems to be not progressing at my setup at present.
Any hint of what could be missing will be really helpful! Thank You.
BR,
-Anupam Roy
Hi Anupam,
On Thu, 2020-03-26 at 20:22 +0530, Anupam Roy wrote:
> Hi ,
> Presently, I am trying to check *Key Refreshment Procedure* from Mesh Config client.
>
> For checking the operation, I did following steps
> - Create Subnet in Config client at Net index 1
> - Add SubNetKey to Local Node at Net Index 1
> - Add SubNetKey to Remote Node at Net Index 1
>
Please try to add two steps more here:
- Update Subnet 1 (subnet-update command in main menu)
- Update NetKey 1 for a local node (switch to config menu)
> - Update Netkey to remote Node in Net index 1
>
> After updating the Netkey, I believe, config client has to either send out SNB with KeyRefreshment(KR) Flag=1 & secured with updated NetKey (i.e by subnet->net_key_upd id)
> or send out "Config Key Refresh Phase Set" with transition parameter, set to 2. I could not find the later provision in cfgclient menu.
> However, Config Client seems to be not sending out Secure Network Beacon as well. So KR procedure seems to be not progressing at my setup at present.
>
> Any hint of what could be missing will be really helpful! Thank You.
>
Best Regards,
Inga
Hi Inga,
>
>Hi Anupam,
>
>On Thu, 2020-03-26 at 20:22 +0530, Anupam Roy wrote:
>> Hi ,
>> Presently, I am trying to check *Key Refreshment Procedure* from Mesh Config client.
>>
>> For checking the operation, I did following steps
>> - Create Subnet in Config client at Net index 1
>> - Add SubNetKey to Local Node at Net Index 1
>> - Add SubNetKey to Remote Node at Net Index 1
>>
>
>Please try to add two steps more here:
> - Update Subnet 1 (subnet-update command in main menu)
I missed mentioning above step in my email. Actually, before updating netkey to remote, I did update local subnet.
But yes, I missed out below step (Updating netkey to local node). Will give it a try now. Much thanks!
> - Update NetKey 1 for a local node (switch to config menu)
>
>> - Update Netkey to remote Node in Net index 1
>>
>> After updating the Netkey, I believe, config client has to either send out SNB with KeyRefreshment(KR) Flag=1 & secured with updated NetKey (i.e by subnet->net_key_upd id)
>> or send out "Config Key Refresh Phase Set" with transition parameter, set to 2. I could not find the later provision in cfgclient menu.
>> However, Config Client seems to be not sending out Secure Network Beacon as well. So KR procedure seems to be not progressing at my setup at present.
>>
>> Any hint of what could be missing will be really helpful! Thank You.
>>
>
>Best Regards,
>Inga
Hi Inga,
>--------- Original Message ---------
>Sender : Anupam Roy <[email protected]> Staff Engineer/Application S/W Group /SRI-Delhi/Samsung Electronics
>Date : 2020-03-27 11:07 (GMT+5:30)
>Title : RE: Re: Mesh Key Refreshment procedure from Config client
>
>Hi Inga,
>
>>
>>Hi Anupam,
>>
>>On Thu, 2020-03-26 at 20:22 +0530, Anupam Roy wrote:
>>> Hi ,
>>> Presently, I am trying to check *Key Refreshment Procedure* from Mesh Config client.
>>>
>>> For checking the operation, I did following steps
>>> - Create Subnet in Config client at Net index 1
>>> - Add SubNetKey to Local Node at Net Index 1
>>> - Add SubNetKey to Remote Node at Net Index 1
>>>
>>
>>Please try to add two steps more here:
>> - Update Subnet 1 (subnet-update command in main menu)
>I missed mentioning above step in my email. Actually, before updating netkey to remote, I did update local subnet.
>But yes, I missed out below step (Updating netkey to local node). Will give it a try now. Much thanks!
>
After updating the Netkey to the local node(config client) and then to the remote node, I monitored the beaconing key used by local config client.
Please note that since, only two netkeys are at presently configured in both the nodes, therefore, the key ID's are 1 (for primary netkey at index 0), 2(For Netkey at index 1) & 3(For new NetKey at index 1).
After NetKey update, The KR phase in both sides are set to 1, but it seems, the new key id (which is 3 in this case) is still *NOT used for beaconing, by the 'Config Client node'
Config Client still keeps on beaconing with key ID 1 & 2. Sharing a bit of logs for your reference.
During NetKey Update-
mesh/cfgmod-server.c:cfg_srv_pkt() CONFIG-SRV-opcode 0x8045 size 18 idx 000
key refresh phase 1: Key ID 3
Beacon Keys after NetKey update on remote Node -
mesh/net-keys.c:snb_timeout() beacon 2 for 1 nodes, period 30, obs 2, exp 3
mesh/net-keys.c:snb_timeout() beacon 1 for 1 nodes, period 20, obs 2, exp 2
Please share your opinion to check the issue further. Thank You
>> - Update NetKey 1 for a local node (switch to config menu)
>>
>>> - Update Netkey to remote Node in Net index 1
>>>
>>> After updating the Netkey, I believe, config client has to either send out SNB with KeyRefreshment(KR) Flag=1 & secured with updated NetKey (i.e by subnet->net_key_upd id)
>>> or send out "Config Key Refresh Phase Set" with transition parameter, set to 2. I could not find the later provision in cfgclient menu.
>>> However, Config Client seems to be not sending out Secure Network Beacon as well. So KR procedure seems to be not progressing at my setup at present.
>>>
>>> Any hint of what could be missing will be really helpful! Thank You.
>>>
>>
>>Best Regards,
>>Inga
BR,
-Anupam Roy
Hi Anupam,
On Fri, 2020-03-27 at 19:17 +0530, Anupam Roy wrote:
>
> Hi Inga,
>
> > --------- Original Message ---------
> > Sender : Anupam Roy <
> > [email protected]
> > > Staff Engineer/Application S/W Group /SRI-Delhi/Samsung
> > Electronics
> > Date : 2020-03-27 11:07 (GMT+5:30)
> > Title : RE: Re: Mesh Key Refreshment procedure from Config client
> >
> > Hi Inga,
> >
> > > Hi Anupam,
> > >
> > > On Thu, 2020-03-26 at 20:22 +0530, Anupam Roy wrote:
> > > > Hi ,
> > > > Presently, I am trying to check *Key Refreshment Procedure*
> > > > from Mesh Config client.
> > > >
> > > > For checking the operation, I did following steps
> > > > - Create Subnet in Config client at Net index 1
> > > > - Add SubNetKey to Local Node at Net Index 1
> > > > - Add SubNetKey to Remote Node at Net Index 1
> > > >
> > >
> > > Please try to add two steps more here:
> > > - Update Subnet 1 (subnet-update command in main menu)
> >
> > I missed mentioning above step in my email. Actually, before
> > updating netkey to remote, I did update local subnet.
> > But yes, I missed out below step (Updating netkey to local node).
> > Will give it a try now. Much thanks!
> >
>
> After updating the Netkey to the local node(config client) and then
> to the remote node, I monitored the beaconing key used by local
> config client.
> Please note that since, only two netkeys are at presently configured
> in both the nodes, therefore, the key ID's are 1 (for primary netkey
> at index 0), 2(For Netkey at index 1) & 3(For new NetKey at index 1).
>
> After NetKey update, The KR phase in both sides are set to 1, but it
> seems, the new key id (which is 3 in this case) is still *NOT used
> for beaconing, by the 'Config Client node'
> Config Client still keeps on beaconing with key ID 1 & 2. Sharing a
> bit of logs for your reference.
>
> During NetKey Update-
> mesh/cfgmod-server.c:cfg_srv_pkt() CONFIG-SRV-opcode 0x8045 size 18
> idx 000
> key refresh phase 1: Key ID 3
>
> Beacon Keys after NetKey update on remote Node -
> mesh/net-keys.c:snb_timeout() beacon 2 for 1 nodes, period 30, obs 2,
> exp 3
> mesh/net-keys.c:snb_timeout() beacon 1 for 1 nodes, period 20, obs 2,
> exp 2
>
> Please share your opinion to check the issue further. Thank You
Indeed, there's a missing functionality in mesh-cfgclient tool: key
refresh phase commands.
The patch set that I posted today should address the issue:
[PATCH BlueZ 1/2] tools/mesh-cfgclient: Save subnet key refresh phase
[PATCH BlueZ 2/2] tools/mesh-cfgclient: Add commands for Key Refresh
Phase
The beaconing will start updated network key once the Key Refresh
procedure advances to phase 2:
1. "subnet-set_phase <net_index> 2" from the main menu
2. "kr_phase_set <net_index> 2" from the config menu (sent to either
local or remote node or both).
The transition to phase 2 can happen either as a result of a
directly setting a phase on a node or by
detecting a beacon with KR bit set (which, of course assumes that
at least one node got it's phase set
directly and that that node has beaconing enabled) .
Similar steps to finish Key Refresh procedure: set phase 3 for subnet
and send phase command to node(s)
>
> > > - Update NetKey 1 for a local node (switch to config menu)
> > >
> > > > - Update Netkey to remote Node in Net index 1
> > > >
> > > > After updating the Netkey, I believe, config client has to
> > > > either send out SNB with KeyRefreshment(KR) Flag=1 & secured
> > > > with updated NetKey (i.e by subnet->net_key_upd id)
> > > > or send out "Config Key Refresh Phase Set" with transition
> > > > parameter, set to 2. I could not find the later provision in
> > > > cfgclient menu.
> > > > However, Config Client seems to be not sending out Secure
> > > > Network Beacon as well. So KR procedure seems to be not
> > > > progressing at my setup at present.
> > > >
> > > > Any hint of what could be missing will be really helpful! Thank
> > > > You.
> > > >
> > >
> > > Best Regards,
> > > Inga
>
> BR,
> -Anupam Roy
Hi Inga,
>--------- Original Message ---------
>Sender : Stotland, Inga <[email protected]>
>Date : 2020-03-30 11:35 (GMT+5:30)
>Title : Re: RE: Re: Mesh Key Refreshment procedure from Config client
>
>Hi Anupam,
>
>On Fri, 2020-03-27 at 19:17 +0530, Anupam Roy wrote:
>>
>> Hi Inga,
>>
>> > --------- Original Message ---------
>> > Sender : Anupam Roy <
>> > [email protected]
>> > > Staff Engineer/Application S/W Group /SRI-Delhi/Samsung
>> > Electronics
>> > Date : 2020-03-27 11:07 (GMT+5:30)
>> > Title : RE: Re: Mesh Key Refreshment procedure from Config client
>> >
>> > Hi Inga,
>> >
>> > > Hi Anupam,
>> > >
>> > > On Thu, 2020-03-26 at 20:22 +0530, Anupam Roy wrote:
>> > > > Hi ,
>> > > > Presently, I am trying to check *Key Refreshment Procedure*
>> > > > from Mesh Config client.
>> > > >
>> > > > For checking the operation, I did following steps
>> > > > - Create Subnet in Config client at Net index 1
>> > > > - Add SubNetKey to Local Node at Net Index 1
>> > > > - Add SubNetKey to Remote Node at Net Index 1
>> > > >
>> > >
>> > > Please try to add two steps more here:
>> > > - Update Subnet 1 (subnet-update command in main menu)
>> >
>> > I missed mentioning above step in my email. Actually, before
>> > updating netkey to remote, I did update local subnet.
>> > But yes, I missed out below step (Updating netkey to local node).
>> > Will give it a try now. Much thanks!
>> >
>>
>> After updating the Netkey to the local node(config client) and then
>> to the remote node, I monitored the beaconing key used by local
>> config client.
>> Please note that since, only two netkeys are at presently configured
>> in both the nodes, therefore, the key ID's are 1 (for primary netkey
>> at index 0), 2(For Netkey at index 1) & 3(For new NetKey at index 1).
>>
>> After NetKey update, The KR phase in both sides are set to 1, but it
>> seems, the new key id (which is 3 in this case) is still *NOT used
>> for beaconing, by the 'Config Client node'
>> Config Client still keeps on beaconing with key ID 1 & 2. Sharing a
>> bit of logs for your reference.
>>
>> During NetKey Update-
>> mesh/cfgmod-server.c:cfg_srv_pkt() CONFIG-SRV-opcode 0x8045 size 18
>> idx 000
>> key refresh phase 1: Key ID 3
>>
>> Beacon Keys after NetKey update on remote Node -
>> mesh/net-keys.c:snb_timeout() beacon 2 for 1 nodes, period 30, obs 2,
>> exp 3
>> mesh/net-keys.c:snb_timeout() beacon 1 for 1 nodes, period 20, obs 2,
>> exp 2
>>
>> Please share your opinion to check the issue further. Thank You
>
>Indeed, there's a missing functionality in mesh-cfgclient tool: key
>refresh phase commands.
>The patch set that I posted today should address the issue:
>[PATCH BlueZ 1/2] tools/mesh-cfgclient: Save subnet key refresh phase
>[PATCH BlueZ 2/2] tools/mesh-cfgclient: Add commands for Key Refresh
>Phase
>
>The beaconing will start updated network key once the Key Refresh
>procedure advances to phase 2:
>1. "subnet-set_phase <net_index> 2" from the main menu
>2. "kr_phase_set <net_index> 2" from the config menu (sent to either
>local or remote node or both).
> The transition to phase 2 can happen either as a result of a
>directly setting a phase on a node or by
> detecting a beacon with KR bit set (which, of course assumes that
>at least one node got it's phase set
> directly and that that node has beaconing enabled) .
>
>Similar steps to finish Key Refresh procedure: set phase 3 for subnet
>and send phase command to node(s)
>
Sure, will try this. Thanks for the update & detailed response.
>
>>
>> > > - Update NetKey 1 for a local node (switch to config menu)
>> > >
>> > > > - Update Netkey to remote Node in Net index 1
>> > > >
>> > > > After updating the Netkey, I believe, config client has to
>> > > > either send out SNB with KeyRefreshment(KR) Flag=1 & secured
>> > > > with updated NetKey (i.e by subnet->net_key_upd id)
>> > > > or send out "Config Key Refresh Phase Set" with transition
>> > > > parameter, set to 2. I could not find the later provision in
>> > > > cfgclient menu.
>> > > > However, Config Client seems to be not sending out Secure
>> > > > Network Beacon as well. So KR procedure seems to be not
>> > > > progressing at my setup at present.
>> > > >
>> > > > Any hint of what could be missing will be really helpful! Thank
>> > > > You.
>> > > >
>> > >
>> > > Best Regards,
>> > > Inga
>>
>> BR,
>> -Anupam Roy