fix key sequence issues when keys are rotated

Created function to calculate prev key
Used key generation functions in all places that keys are calculated
When device is started after boot all keys are calculated prev,current,next

Removed function to get MLE keys with KeyID as it is not supported

Fixed key rotation time to be hours according to specification

When ED attaches using link sync guard time is not used as timer is lost
When router attaches using link sync key sequence is learned

Author: Mika Tervonen

source/6LoWPAN/Thread/thread_bootstrap.c

@@ -563,9 +563,6 @@ void thread_set_link_local_address(protocol_interface_info_entry_t *cur)
 
 static int thread_configuration_security_activate(protocol_interface_info_entry_t *cur, link_configuration_s *linkConfiguration)
 {
-    uint8_t key_material[32];
-    uint8_t key_index;
-
     tr_debug("MAC SET Security Mode");
 
     if (!(cur->lowpan_info & INTERFACE_NWK_ACTIVE) || !(cur->configure_flags & INTERFACE_BOOTSTRAP_DEFINED)) {
@@ -580,16 +577,11 @@ static int thread_configuration_security_activate(protocol_interface_info_entry_
     cur->thread_info->masterSecretMaterial.historyKeyValid = false;
     cur->thread_info->masterSecretMaterial.valid_Info = true;
     // Update the guard timer value
-    thread_calculate_key_guard_timer(cur, linkConfiguration, true);
+    thread_key_guard_timer_calculate(cur, linkConfiguration, true);
     //Define KEY's
-    thread_key_get(linkConfiguration->master_key, key_material, linkConfiguration->key_sequence);
-    key_index = THREAD_KEY_INDEX(linkConfiguration->key_sequence);
-    //Set Keys
-    mac_helper_security_default_key_set(cur, &key_material[16], key_index, MAC_KEY_ID_MODE_IDX);
-    //Add Security to MLE service
-    mle_service_security_set_security_key(cur->id, key_material, key_index, true);
-    //Gen also Next Key
-    thread_security_next_key_generate(cur, linkConfiguration->master_key, linkConfiguration->key_sequence);
+    thread_security_prev_key_generate(cur,linkConfiguration->master_key,linkConfiguration->key_sequence);
+    thread_security_key_generate(cur,linkConfiguration->master_key,linkConfiguration->key_sequence);
+    thread_security_next_key_generate(cur,linkConfiguration->master_key,linkConfiguration->key_sequence);
     return 0;
 }
 

source/6LoWPAN/Thread/thread_common.c

@@ -154,33 +154,37 @@ uint8_t *thread_management_key_request_with_sequence(int8_t interface_id, uint8_
     if (!linkConfiguration) {
         return NULL;
     }
+    //tr_debug("MLE key request by sequence id %"PRIu8" seq %"PRIu32, keyId, keySequnce);
 
     cur = protocol_stack_interface_info_get_by_id(interface_id);
-    if (cur && cur->thread_info) {
-        if (cur->thread_info->masterSecretMaterial.valid_Info) {
-            if (keySequnce == linkConfiguration->key_sequence) {
-                if (mle_service_security_default_key_id_get(interface_id) == keyId) {
-                    keyPtr =  mle_service_security_default_key_get(interface_id);
-                }
-            } else if (keySequnce == (linkConfiguration->key_sequence + 1)) {
-                if (mle_service_security_next_key_id_get(interface_id) == keyId) {
-                    keyPtr =  mle_service_security_next_key_get(interface_id);
-                }
-            }
-
-            if (!keyPtr) {
-                tr_debug("Gen temporary key id %"PRIu8" seq %"PRIu32, keyId, keySequnce);
-                thread_key_get(linkConfiguration->master_key, cur->thread_info->masterSecretMaterial.historyKey, keySequnce);
-                cur->thread_info->masterSecretMaterial.historyKeyId = keyId;
-                cur->thread_info->masterSecretMaterial.historyKeyValid = false;
-                keyPtr = cur->thread_info->masterSecretMaterial.historyKey;
-            }
+    if (!cur || !cur->thread_info) {
+        return NULL;
+    }
+    if (!cur->thread_info->masterSecretMaterial.valid_Info) {
+        return NULL;
+    }
+    if (keySequnce == linkConfiguration->key_sequence) {
+        if (mle_service_security_default_key_id_get(interface_id) == keyId) {
+            keyPtr =  mle_service_security_default_key_get(interface_id);
+        }
+    } else if (keySequnce == (linkConfiguration->key_sequence + 1)) {
+        if (mle_service_security_next_key_id_get(interface_id) == keyId) {
+            keyPtr =  mle_service_security_next_key_get(interface_id);
         }
     }
+
+    if (!keyPtr) {
+        tr_debug("Gen temporary key id %"PRIu8" seq %"PRIu32, keyId, keySequnce);
+        thread_key_get(linkConfiguration->master_key, cur->thread_info->masterSecretMaterial.historyKey, keySequnce);
+        cur->thread_info->masterSecretMaterial.historyKeyId = keyId;
+        cur->thread_info->masterSecretMaterial.historyKeyValid = false;
+        keyPtr = cur->thread_info->masterSecretMaterial.historyKey;
+    }
     return keyPtr;
 }
 uint8_t * thread_mle_service_security_notify_cb(int8_t interface_id, mle_security_event_t event, uint8_t keyId)
 {
+    (void)keyId;
     protocol_interface_info_entry_t *interface = protocol_stack_interface_info_get_by_id(interface_id);
     if (!interface) {
         return NULL;
@@ -199,7 +203,7 @@ uint8_t * thread_mle_service_security_notify_cb(int8_t interface_id, mle_securit
             break;
 
         case MLE_SEC_UNKNOWN_KEY:
-            return thread_management_key_request(interface_id,keyId);
+            return NULL;
     }
     return NULL;
 }
@@ -362,17 +366,22 @@ bool thread_connectivity_tlv_parse(uint8_t *ptr, uint16_t dataLength, thread_con
     return false;
 }
 
-void thread_calculate_key_guard_timer(protocol_interface_info_entry_t *cur, link_configuration_s *linkConfiguration, bool is_init)
+void thread_key_guard_timer_calculate(protocol_interface_info_entry_t *cur, link_configuration_s *linkConfiguration, bool is_init)
 {
     uint32_t key_rotation = linkConfiguration ? linkConfiguration->key_rotation : 0;
 
-    if (is_init && key_rotation < 3600) {
+    if (is_init && key_rotation < 1) {
         tr_warn("Attempted to set key rotation time smaller than 1 hour.");
-        key_rotation = 3600;
+        key_rotation = 1;
     }
 
-    cur->thread_info->masterSecretMaterial.keyRotation = key_rotation;
-    cur->thread_info->masterSecretMaterial.keySwitchGuardTimer = is_init ? 0 : (key_rotation * 0.93);
+    cur->thread_info->masterSecretMaterial.keyRotation = key_rotation * 3600; // setting value is hours converting to seconds
+    cur->thread_info->masterSecretMaterial.keySwitchGuardTimer = is_init ? 0 : (key_rotation * 3600 * 0.93);
+}
+
+void thread_key_guard_timer_reset(protocol_interface_info_entry_t *cur)
+{
+    cur->thread_info->masterSecretMaterial.keySwitchGuardTimer = 0;
 }
 
 thread_leader_data_t *thread_leader_data_generate(void)
@@ -932,7 +941,7 @@ static void thread_key_switch_timer(protocol_interface_info_entry_t *cur, uint16
 
         tr_debug("thrKeyRotation == 0: sync key material by %"PRIu32, linkConfiguration->key_sequence + 1);
         thread_management_key_sets_calc(cur, linkConfiguration, linkConfiguration->key_sequence + 1);
-        thread_calculate_key_guard_timer(cur, linkConfiguration, false);
+        thread_key_guard_timer_calculate(cur, linkConfiguration, false);
     }
 }
 

source/6LoWPAN/Thread/thread_common.h

@@ -432,7 +432,8 @@ uint8_t *thread_pending_operational_dataset_write(protocol_interface_info_entry_
 bool thread_pending_operational_dataset_process(protocol_interface_info_entry_t *cur, uint64_t mle_pending_timestamp, uint8_t *ptr, uint16_t len);
 /*Write optional thread leader data TLV if leader data is known*/
 uint8_t thread_pending_timestamp_tlv_size(protocol_interface_info_entry_t *cur);
-void thread_calculate_key_guard_timer(protocol_interface_info_entry_t *cur, link_configuration_s *linkConfiguration, bool is_init);
+void thread_key_guard_timer_calculate(protocol_interface_info_entry_t *cur, link_configuration_s *linkConfiguration, bool is_init);
+void thread_key_guard_timer_reset(protocol_interface_info_entry_t *cur);
 void thread_set_link_local_address(protocol_interface_info_entry_t *cur);
 void thread_mcast_group_change(struct protocol_interface_info_entry *interface, struct if_group_entry *group, bool group_added);
 void thread_partition_data_purge(protocol_interface_info_entry_t *cur);

source/6LoWPAN/Thread/thread_host_bootstrap.c

@@ -172,7 +172,7 @@ static bool thread_parent_discover_timeout_cb(int8_t interface_id, uint16_t msgI
         mle_service_frame_counter_entry_add(interface_id, entry_temp->index, parent->mleFrameCounter);
 
         thread_management_key_sets_calc(cur, linkConfiguration, cur->thread_info->thread_attach_scanned_parent->keySequence);
-        thread_calculate_key_guard_timer(cur, linkConfiguration, true);
+        thread_key_guard_timer_calculate(cur, linkConfiguration, true);
 
         mlme_device_descriptor_t device_desc;
         mac_helper_device_description_write(cur, &device_desc, entry_temp->mac64, entry_temp->mac16,parent->linLayerFrameCounter, false);
@@ -331,6 +331,8 @@ static int thread_end_device_synch_response_validate(protocol_interface_info_ent
 
     if (securityHeader->KeyIdMode == MAC_KEY_ID_MODE_SRC4_IDX) {
         thread_management_key_synch_req(cur->id, common_read_32_bit(securityHeader->Keysource));
+        // if learning key sequence from link sync actual guard timer value is not known
+        thread_key_guard_timer_reset(cur);
     } else {
         tr_debug("Key ID Mode 2 not used; dropped.");
         return -3;

source/6LoWPAN/Thread/thread_joiner_application.c

@@ -778,8 +778,8 @@ static bool thread_joiner_application_validate_settings(thread_joiner_t *this)
         new_value_generated = 1;
         tr_info("Generating Random ML-EID");
     }
-    if (this->configuration_ptr->key_rotation < 3600) {
-        this->configuration_ptr->key_rotation = 3600;
+    if (this->configuration_ptr->key_rotation < 1) {
+        this->configuration_ptr->key_rotation = 1;
     }
     return new_value_generated;
 }
@@ -967,17 +967,12 @@ static int thread_joiner_application_nvm_link_config_read(thread_joiner_t *this)
     this->configuration_valid = true;
     link_configuration_trace(this->configuration_ptr);
 
+    protocol_interface_info_entry_t *cur = protocol_stack_interface_info_get_by_id(this->interface_id);
     //Add Security to MLE service
-    uint8_t key_material[32];
-    uint8_t key_index;
-    //Define KEY's
+    thread_security_prev_key_generate(cur,this->configuration_ptr->master_key,this->configuration_ptr->key_sequence);
+    thread_security_key_generate(cur,this->configuration_ptr->master_key,this->configuration_ptr->key_sequence);
+    thread_security_next_key_generate(cur,this->configuration_ptr->master_key,this->configuration_ptr->key_sequence);
 
-    thread_key_get(this->configuration_ptr->master_key, key_material, this->configuration_ptr->key_sequence);
-    key_index = THREAD_KEY_INDEX(this->configuration_ptr->key_sequence);
-    //Set Keys
-    protocol_interface_info_entry_t *cur = protocol_stack_interface_info_get_by_id(this->interface_id);
-    mac_helper_security_default_key_set(cur, &key_material[16], key_index, MAC_KEY_ID_MODE_IDX);
-    mle_service_security_set_security_key(this->interface_id, key_material, key_index, true);
     // update counters
     mle_service_security_set_frame_counter(this->interface_id, fast_data.mle_frame_counter);
     mac_helper_link_frame_counter_set(this->interface_id, fast_data.mac_frame_counter);

source/6LoWPAN/Thread/thread_leader_service.c

@@ -414,7 +414,7 @@ static int thread_leader_service_active_set_cb(int8_t service_id, uint8_t source
         }
     }
     if (3 <= thread_meshcop_tlv_find(request_ptr->payload_ptr, request_ptr->payload_len, MESHCOP_TLV_SECURITY_POLICY, &ptr)) {
-        if (common_read_16_bit(ptr) < 3600) {
+        if (common_read_16_bit(ptr) < 1) {
             tr_warn("invalid security policy");
             ret = -1;
             goto send_response;