michaelh/zephyr
1
0
Fork 0
Code Releases Activity

mesh: Fix key refresh procedure

Browse source 
Key refresh procedure was ignored on non-primary subnet.

Mesh Profile Specification v1.0.1:
3.10.4 Key Refresh procedure
"This procedure is used when the security of one or more network
keys and/or one or more of the application keys has been compromised
or could be compromised."

"It is possible to update each NetKey independently of all other
NetKeys. A Key Refresh procedure for one NetKey can be in a different
phase to another Key Refresh procedure for other NetKeys."

Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
This commit is contained in:
Michał Narajowski 2020-06-22 13:29:04 +02:00 committed by Johan Hedberg
commit addbdb0d00
1 changed files with 7 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

15
subsys/bluetooth/mesh/beacon.c
View file

@ -334,6 +334,13 @@ static void secure_beacon_recv(struct net_buf_simple *buf)
cache_add(data, sub);
kr_change = bt_mesh_kr_update(sub, BT_MESH_KEY_REFRESH(flags), new_key);
if (kr_change) {
bt_mesh_net_beacon_update(sub);
/* Key Refresh without IV Update only impacts one subnet */
bt_mesh_net_sec_update(sub);
}
/* If we have NetKey0 accept initiation only from it */
if (bt_mesh_subnet_get(BT_MESH_KEY_PRIMARY) &&
sub->net_idx != BT_MESH_KEY_PRIMARY) {
@ -352,17 +359,9 @@ static void secure_beacon_recv(struct net_buf_simple *buf)
iv_change = bt_mesh_net_iv_update(iv_index, BT_MESH_IV_UPDATE(flags));
kr_change = bt_mesh_kr_update(sub, BT_MESH_KEY_REFRESH(flags), new_key);
if (kr_change) {
bt_mesh_net_beacon_update(sub);
}
if (iv_change) {
/* Update all subnets */
bt_mesh_net_sec_update(NULL);
} else if (kr_change) {
/* Key Refresh without IV Update only impacts one subnet */
bt_mesh_net_sec_update(sub);
}
update_stats: