• State Resolved
  • Locked Locked
  • Replies 20 replies
  • Subscribers 56 subscribers
  • Views 2773 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

CC2538: CC2538

Xian Wang42
Expert 1010 points
Part Number: CC2538
Other Parts Discussed in Thread: Z-STACK

Hi all,

    I am learning the Zigbee security now and want to know the process of the network key and link key exchange between ZC and ZED during commissioning. Is there any sentence in the sample start commissioning function that mentioned the network key sending? I cannot find it.

   Further more, the network key should be sent to the end device along with the network address by the coordinator, right?

Thank you very much

   Xian Wang

  • 0
    TI__Expert 8950 points
    Hi,

    For Zigbee 3.0 commissioning, you can refer to the image on this wiki page:

    processors.wiki.ti.com/.../What's_New_in_ZigBee_3.0

    "R21 TC Link Key update procedure"
  • 0 in reply to JasonB
    Expert 1010 points
    Dear Jason,
    Thank you for the reply.
    Yeah, I am asking about this graph, I just want to know which sentence or function indicates the second sentence from router to the end device, which means the router send the network key to the end device by link key encryption. Is there any sentence in BDB_Startcommissioning?

    Best Regards
    Xian Wang
  • 0 in reply to Xian Wang42
    TI__Expert 8950 points

    Ah, okay. The BDB layer is not directly responsible for device authentication. When a new device joins the network, your ZC/ZR will execute ZDO_JoinIndicationCB, which sets the event ZDO_NEW_DEVICE, which then calls this chain of functions:

    If device is joining directly to Trust Center/Network Leader (ZC for centralized network, ZR for distributed network):
    1. ZDSecMgrNewDeviceEvent
    2. ZDSecMgrDeviceNew
    3. ZDSecMgrDeviceJoinDirect
    4. ZDSecMgrDeviceJoin
    5. ZDSecMgrSendNwkKey

    If device is joining ZR in a centralized network, i.e. it is not Network Leader:
    1. ZDSecMgrNewDeviceEvent
    2. ZDSecMgrDeviceNew
    3. ZDSecMgrDeviceJoinFwd
    4. APSME_UpdateDeviceReq (this is a packet from ZR to ZC to tell ZC/Trust Center to send network key to joining device)

  • 0 in reply to JasonB
    Expert 1010 points
    Dear Jason,
    Thank you for the reply.
    I can understand the process and logic you mentioned. However, I cannot understand the logic from the code view, how could it sets the event ZDO_NEW_DEVICE and then calls the chain of functions you mentioned?

    Furthermore, how does this chain function process in sample applications? Say in sample light and switch application, when I press the commission set, it starts to find the network in ZED and ZC enables the joining process. Does the chain functions operate in ZDApp_event_loop?

    Best Regards
    Xian Wang
  • 0 in reply to Xian Wang42
    TI__Expert 8950 points
    Are you familiar with how OSAL works in Z-Stack? If not, I'd recommend you read through our the Z-Stack Developer's Guide to better understand how the event setting and processing works. Basically, each OSAL task within Z-Stack has a Task ID and an event processing function which is served by OSAL in a round-robin fashion, and the each task within OSAL can notify each other by setting events defined for each task.

    To better understand my post above, I would recommend you search for the function ZDO_JoinIndicationCB() in the code. You can then see at the end of this function that an event is set using the osal_start_timerEx API (sets a timer which triggers an event after expiration). To see where this event is processed in the code, search for "if ( events & ZDO_NEW_DEVICE )", this is the code that is executed after the timer expires. Then you can see in this event processing code the ZDSecMgrNewDeviceEvent() API is called, which then leads you through the chain of functions above.
  • 0 in reply to JasonB
    Expert 1010 points
    Dear Jason,
    Thank you for your reply.
    I have got the whole process where the network key coming from. Actually it is from the ZDSecMgrSendNwkKey function, status = APSME_TransportKeyReq( &req ) to let the APS to send transport key to the End device.

    I still have question about the ZDO_NEW_DEVICE. I mean when does the ZDO_JoinIndicationCB function process? Since the parameters of ZDSecMgrNewDeviceEvent function is new device list's short address. So before ZDO_NEW_DEVICE event, the joining device should already got the short address from the coordinator, and I can watch the appropriate short address application process packets through packet sniffer. In such logic, when does the joining device got the short address? I think the process of short address should be ZDP_NwkAddrReq() and ZDP_NWKAddrRsp(), but I still do not get where does the system trigger this function (may be some event or function) during the joining stage (There are some other calls but it seems not like joining the network).

    Besides, how does the end device parse the message got from the coordinator within network key inside? It seems like that there is no network key parsing function in API.

    Best Regards
    Xian Wang
  • 0 in reply to JasonB
    Expert 1010 points
    Dear Jason,
    Thank you for your reply.
    I have got the whole process where the network key coming from. Actually it is from the ZDSecMgrSendNwkKey function, status = APSME_TransportKeyReq( &req ) to let the APS to send transport key to the End device.

    I still have question about the ZDO_NEW_DEVICE. I mean when does the ZDO_JoinIndicationCB function process? Since the parameters of ZDSecMgrNewDeviceEvent function is new device list's short address. So before ZDO_NEW_DEVICE event, the joining device should already got the short address from the coordinator, and I can watch the appropriate short address application process packets through packet sniffer. In such logic, when does the joining device got the short address? I think the process of short address should be ZDP_NwkAddrReq() and ZDP_NWKAddrRsp(), but I still do not get where does the system trigger this function (may be some event or function) during the joining stage (There are some other calls but it seems not like joining the network).

    Besides, how does the end device parse the message got from the coordinator within network key inside? It seems like that there is no network key parsing function in API.

    Best Regards
    Xian Wang
  • 0 in reply to Xian Wang42
    Guru 735685 points
    The short address is assigned by Z-Stack library and send to device in association response message.
  • 0 in reply to YiKai Chen
    Expert 1010 points
    Could you please explain it in more details?
    During the packet sniffer response, the first communication packet is beacon request, and then get the beacon response from 0x0000, get the PANID, and then the end device send the associate request ask about the short address and then the coordinator(0x0000) replies. I am wondering about these two packets' coming from. Can you please explain how does it process in these two packets? I can find beacon request in ZDApp, but cannot get these two steps. How does the end device send the associate request? And how does the coordinator response? It would be better in code point of view.

    Best Regards
    Xian Wang
  • 0 in reply to Xian Wang42
    Guru 735685 points
    Those association response and transport key transmitting are handled by Z-Stack core library and not available for application programmer so you won't be able to find them in your Z-Stack application code.
  • 0 in reply to YiKai Chen
    Expert 1010 points
    Dear YK Chen,
    Thank you for the reply.

    If the association response is not available, can I get the info of the network request by the End Device, which means in which time the end device will send the request to the coordinator it just got the Beacon response from.

    Furthermore, the network key transmitting is not available by the Z-stack library, but how does the end device know it has got the key and then transmit the broadcast message to the rest of the network to announce its presence in the network. Is there any parsing step for the end device to parse the network key from the receiving message and which is the function or event to do this? Or is it still controlled inside the core library and cannot be seen?

    Best Regards
    Xian Wang
  • 0 in reply to Xian Wang42
    Guru 735685 points
    All these parts are done and handled by Z-Stack kernel and are not available for application programmer. You can only register callback that allowed by Z-Stack to get ZDO, APS, or ZCL messages in your application.
  • 0 in reply to YiKai Chen
    Expert 1010 points
    So it is not being processed as the SYS_EVENT_MSG, and then processed by ZDO or APS?

    Best Regards
    Xian Wang
  • 0 in reply to Xian Wang42
    Guru 735685 points
    No, association and transport key are network layer and won't be processed in SYS_EVENT_MSG.
  • 0 in reply to YiKai Chen
    Expert 1010 points
    Dear YK Chen,
    Thank you for your reply.
    One more question about this part is about the notification of LED light. When does the LED light turn on? Say one end device or router join the coordinator network being initialized, at which point does the light turn on to notify its network presence in the network? After it has got the network key? Or after it has got the network address? Or after it has broadcast its presence to the rest of the network.

    Best Regards
    Xian Wang
  • 0 in reply to Xian Wang42
    Guru 735685 points
    If I remember correctly, Z-Stack Example doesn’t toggle LED for network join. If you need it, you can do it in your application.
  • 0 in reply to YiKai Chen
    Expert 1010 points
    Dear YK Chen,
    In samplelight and sampleswitch example, LED 2 can indicate whether the device is connected to the network as end device(constantly on), router (blinking in 4 sec period, 95% duty cycle) or coordinator(blinking in 4 sec period, 75% duty cycle). The expriment shows that the LED2 is really on or blink after commission.

    Through the code reading, I found that the LED blink is from the HalLedBlink ( UI_LED_DEVICE_STATE, 0, LedDutyCycle, UI_LED_DEVICE_STATE_FLASH_TIME ) and UI_LED_DEVICE_STATE indicates LED2. and this function coming from zclSampleLight_event_loop(SYS_EVENT_MSG)->UI_DeviceStateUpdated. So I was confused about this part of logic, when should the device got this system event set and then update LED2 in HalLedBlink function?

    Best Regards
    Xian Wang
  • 0 in reply to Xian Wang42
    Guru 735685 points
    When device joins a Zigbee network, it will trigger ZDO_STATE_CHANGE event which would be processed in zclSampleLight_event_loop to call UI_DeviceStateUpdated and UI_DeviceStateUpdated will do LED blink according to device type.
  • 0 in reply to YiKai Chen
    Expert 1010 points
    Dear YK Chen,
    Thanks for your reply.
    So you mean the LED update because they think it has already been in the network. And my question is when is the point that the device is being considered in the network? From the protocol description I thought that it should be after the broadcast of the new device's presence, but I cannot get my answer from the code point of view. Could you please tell the point the network think it is in the network?

    Best Regards
    Xian Wang
  • 0 in reply to Xian Wang42
    Guru 735685 points
    When device goes to ZDO_STATE_CHANGE event and status is router or device, it means device joins successfully and already send end node announcement.