1 /* 2 * Copyright (C) 2018 BlueKitchen GmbH 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the copyright holders nor the names of 14 * contributors may be used to endorse or promote products derived 15 * from this software without specific prior written permission. 16 * 4. Any redistribution, use, or modification is done solely for 17 * personal benefit and not for any commercial purpose or for 18 * monetary gain. 19 * 20 * THIS SOFTWARE IS PROVIDED BY BLUEKITCHEN GMBH AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL MATTHIAS 24 * RINGWALD OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 27 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 30 * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * Please inquire about commercial licensing options at 34 * [email protected] 35 * 36 */ 37 38 #define __BTSTACK_FILE__ "mesh_network.c" 39 40 #include <stdint.h> 41 #include <stdio.h> 42 #include <stdlib.h> 43 #include <string.h> 44 #include "mesh/beacon.h" 45 #include "provisioning.h" 46 #include "provisioning_device.h" 47 #include "mesh_keys.h" 48 #include "mesh_foundation.h" 49 #include "btstack_util.h" 50 #include "btstack_memory.h" 51 #include "btstack_event.h" 52 53 #ifdef ENABLE_MESH_ADV_BEARER 54 #include "mesh/adv_bearer.h" 55 #endif 56 57 #ifdef ENABLE_MESH_GATT_BEARER 58 #include "mesh/gatt_bearer.h" 59 #endif 60 61 // configuration 62 #define MESH_NETWORK_CACHE_SIZE 2 63 // #define ENABLE_MESH_RELAY 64 65 // debug config 66 // #define LOG_NETWORK 67 68 // structs 69 70 // globals 71 72 static uint32_t global_iv_index; 73 static int global_iv_update_active; 74 static uint16_t mesh_network_primary_address; 75 static uint16_t mesh_network_num_elements; 76 static void (*mesh_network_higher_layer_handler)(mesh_network_callback_type_t callback_type, mesh_network_pdu_t * network_pdu); 77 static void (*mesh_network_proxy_message_handler)(mesh_network_callback_type_t callback_type, mesh_network_pdu_t * network_pdu); 78 79 #ifdef ENABLE_MESH_GATT_BEARER 80 static hci_con_handle_t gatt_bearer_con_handle; 81 #endif 82 83 // shared send/receive crypto 84 static int mesh_crypto_active; 85 86 // crypto requests 87 static union { 88 btstack_crypto_ccm_t ccm; 89 btstack_crypto_aes128_t aes128; 90 } mesh_network_crypto_request; 91 92 static const mesh_network_key_t * current_network_key; 93 94 // PECB calculation 95 static uint8_t encryption_block[16]; 96 static uint8_t obfuscation_block[16]; 97 98 // Subnets 99 static btstack_linked_list_t subnets; 100 101 // Network Nonce 102 static uint8_t network_nonce[13]; 103 104 // INCOMING // 105 106 // unprocessed network pdu - added by mesh_network_pdus_received_message 107 static btstack_linked_list_t network_pdus_received; 108 109 // in validation 110 static mesh_network_pdu_t * network_pdu_in_validation; 111 static mesh_network_key_iterator_t validation_network_key_it; 112 113 // OUTGOING // 114 115 // Network PDUs queued by mesh_network_send 116 static btstack_linked_list_t network_pdus_queued; 117 118 // Network PDUs ready to send 119 static btstack_linked_list_t network_pdus_outgoing; 120 121 #ifdef ENABLE_MESH_ADV_BEARER 122 static mesh_network_pdu_t * adv_bearer_network_pdu; 123 #endif 124 125 #ifdef ENABLE_MESH_GATT_BEARER 126 static mesh_network_pdu_t * gatt_bearer_network_pdu; 127 #endif 128 129 // mesh network cache - we use 32-bit 'hashes' 130 static uint32_t mesh_network_cache[MESH_NETWORK_CACHE_SIZE]; 131 static int mesh_network_cache_index; 132 133 // prototypes 134 135 static void mesh_network_run(void); 136 static void process_network_pdu_validate(mesh_network_pdu_t * network_pdu); 137 138 // network caching 139 static uint32_t mesh_network_cache_hash(mesh_network_pdu_t * network_pdu){ 140 // - The SEQ field is a 24-bit integer that when combined with the IV Index, 141 // shall be a unique value for each new Network PDU originated by this node (=> SRC) 142 // - IV updates only rarely 143 // => 16 bit SRC, 1 bit IVI, 15 bit SEQ 144 uint8_t ivi = network_pdu->data[0] >> 7; 145 uint16_t seq = big_endian_read_16(network_pdu->data, 3); 146 uint16_t src = big_endian_read_16(network_pdu->data, 5); 147 return (src << 16) | (ivi << 15) | (seq & 0x7fff); 148 } 149 150 static int mesh_network_cache_find(uint32_t hash){ 151 int i; 152 for (i = 0; i < MESH_NETWORK_CACHE_SIZE; i++) { 153 if (mesh_network_cache[i] == hash) { 154 return 1; 155 } 156 } 157 return 0; 158 } 159 160 static void mesh_network_cache_add(uint32_t hash){ 161 mesh_network_cache[mesh_network_cache_index++] = hash; 162 if (mesh_network_cache_index >= MESH_NETWORK_CACHE_SIZE){ 163 mesh_network_cache_index = 0; 164 } 165 } 166 167 // common helper 168 int mesh_network_address_unicast(uint16_t addr){ 169 return addr != MESH_ADDRESS_UNSASSIGNED && (addr < 0x8000); 170 } 171 172 int mesh_network_address_virtual(uint16_t addr){ 173 return (addr & 0xC000) == 0x8000; // 0b10xx xxxx xxxx xxxx 174 } 175 176 int mesh_network_address_group(uint16_t addr){ 177 return (addr & 0xC000) == 0xC000; // 0b11xx xxxx xxxx xxxx 178 } 179 180 int mesh_network_address_all_proxies(uint16_t addr){ 181 return addr == MESH_ADDRESS_ALL_PROXIES; 182 } 183 184 int mesh_network_address_all_nodes(uint16_t addr){ 185 return addr == MESH_ADDRESS_ALL_NODES; 186 } 187 188 int mesh_network_address_all_friends(uint16_t addr){ 189 return addr == MESH_ADDRESS_ALL_FRIENDS; 190 } 191 192 int mesh_network_address_all_relays(uint16_t addr){ 193 return addr == MESH_ADDRESS_ALL_RELAYS; 194 } 195 196 int mesh_network_addresses_valid(uint8_t ctl, uint16_t src, uint16_t dst){ 197 // printf("CTL: %u\n", ctl); 198 // printf("SRC: %04x\n", src); 199 // printf("DST: %04x\n", dst); 200 if (src == 0){ 201 // printf("SRC Unassigned Addr -> ignore\n"); 202 return 0; 203 } 204 if ((src & 0xC000) == 0x8000){ 205 // printf("SRC Virtual Addr -> ignore\n"); 206 return 0; 207 } 208 if ((src & 0xC000) == 0xC000){ 209 // printf("SRC Group Addr -> ignore\n"); 210 return 0; 211 } 212 if (dst == 0){ 213 // printf("DST Unassigned Addr -> ignore\n"); 214 return 0; 215 } 216 if ( ((dst & 0xC000) == 0x8000) && (ctl == 1)){ 217 // printf("DST Virtual Addr in CONTROL -> ignore\n"); 218 return 0; 219 } 220 if ( (0xFF00 <= dst) && (dst <= 0xfffb) && (ctl == 0) ){ 221 // printf("DST RFU Group Addr in MESSAGE -> ignore\n"); 222 return 0; 223 } 224 // printf("SRC + DST Addr valid\n"); 225 return 1; 226 } 227 228 static void mesh_network_create_nonce(uint8_t * nonce, const mesh_network_pdu_t * pdu, uint32_t iv_index){ 229 unsigned int pos = 0; 230 nonce[pos++] = 0x0; // Network Nonce 231 memcpy(&nonce[pos], &pdu->data[1], 6); 232 pos += 6; 233 big_endian_store_16(nonce, pos, 0); 234 pos += 2; 235 big_endian_store_32(nonce, pos, iv_index); 236 } 237 238 static void mesh_proxy_create_nonce(uint8_t * nonce, const mesh_network_pdu_t * pdu, uint32_t iv_index){ 239 unsigned int pos = 0; 240 nonce[pos++] = 0x3; // Proxy Nonce 241 nonce[pos++] = 0; 242 memcpy(&nonce[pos], &pdu->data[2], 5); 243 pos += 5; 244 big_endian_store_16(nonce, pos, 0); 245 pos += 2; 246 big_endian_store_32(nonce, pos, iv_index); 247 } 248 249 // NID/IVI | obfuscated (CTL/TTL, SEQ (24), SRC (16) ), encrypted ( DST(16), TransportPDU), MIC(32 or 64) 250 251 static void mesh_network_send_d(mesh_network_pdu_t * network_pdu){ 252 253 #ifdef LOG_NETWORK 254 printf("TX-D-NetworkPDU (%p): ", network_pdu); 255 printf_hexdump(network_pdu->data, network_pdu->len); 256 #endif 257 258 // add to queue 259 btstack_linked_list_add_tail(&network_pdus_outgoing, (btstack_linked_item_t *) network_pdu); 260 261 // go 262 mesh_network_run(); 263 } 264 265 // new 266 static void mesh_network_send_c(void *arg){ 267 mesh_network_pdu_t * network_pdu = (mesh_network_pdu_t *) arg; 268 269 // obfuscate 270 unsigned int i; 271 for (i=0;i<6;i++){ 272 network_pdu->data[1+i] ^= obfuscation_block[i]; 273 } 274 275 #ifdef LOG_NETWORK 276 printf("TX-C-NetworkPDU (%p): ", network_pdu); 277 printf_hexdump(network_pdu->data, network_pdu->len); 278 #endif 279 280 // crypto done 281 mesh_crypto_active = 0; 282 283 // done 284 (network_pdu->callback)(network_pdu); 285 } 286 287 static void mesh_network_send_b(void *arg){ 288 mesh_network_pdu_t * network_pdu = (mesh_network_pdu_t *) arg; 289 290 uint32_t iv_index = mesh_get_iv_index_for_tx(); 291 292 // store NetMIC 293 uint8_t net_mic[8]; 294 btstack_crypto_ccm_get_authentication_value(&mesh_network_crypto_request.ccm, net_mic); 295 296 // store MIC 297 uint8_t net_mic_len = network_pdu->data[1] & 0x80 ? 8 : 4; 298 memcpy(&network_pdu->data[network_pdu->len], net_mic, net_mic_len); 299 network_pdu->len += net_mic_len; 300 301 #ifdef LOG_NETWORK 302 printf("TX-B-NetworkPDU (%p): ", network_pdu); 303 printf_hexdump(network_pdu->data, network_pdu->len); 304 #endif 305 306 // calc PECB 307 memset(encryption_block, 0, 5); 308 big_endian_store_32(encryption_block, 5, iv_index); 309 memcpy(&encryption_block[9], &network_pdu->data[7], 7); 310 btstack_crypto_aes128_encrypt(&mesh_network_crypto_request.aes128, current_network_key->privacy_key, encryption_block, obfuscation_block, &mesh_network_send_c, network_pdu); 311 } 312 313 static void mesh_network_send_a(mesh_network_pdu_t * network_pdu){ 314 315 mesh_crypto_active = 1; 316 317 uint32_t iv_index = mesh_get_iv_index_for_tx(); 318 319 // lookup subnet by netkey_index 320 mesh_subnet_t * subnet = mesh_subnet_get_by_netkey_index(network_pdu->netkey_index); 321 if (!subnet) { 322 mesh_crypto_active = 0; 323 // notify upper layer 324 (*mesh_network_higher_layer_handler)(MESH_NETWORK_PDU_SENT, network_pdu); 325 // run again 326 mesh_network_run(); 327 return; 328 } 329 330 // get network key to use for sending 331 current_network_key = mesh_subnet_get_outgoing_network_key(subnet); 332 333 // get network nonce 334 if (network_pdu->flags & MESH_NETWORK_PDU_FLAGS_PROXY_CONFIGURATION){ 335 mesh_proxy_create_nonce(network_nonce, network_pdu, iv_index); 336 #ifdef LOG_NETWORK 337 printf("TX-ProxyNonce: "); 338 printf_hexdump(network_nonce, 13); 339 #endif 340 } else { 341 mesh_network_create_nonce(network_nonce, network_pdu, iv_index); 342 #ifdef LOG_NETWORK 343 printf("TX-NetworkNonce: "); 344 printf_hexdump(network_nonce, 13); 345 #endif 346 } 347 348 #ifdef LOG_NETWORK 349 printf("TX-EncryptionKey: "); 350 printf_hexdump(current_network_key->encryption_key, 16); 351 #endif 352 353 // start ccm 354 uint8_t cypher_len = network_pdu->len - 7; 355 uint8_t net_mic_len = network_pdu->data[1] & 0x80 ? 8 : 4; 356 btstack_crypto_ccm_init(&mesh_network_crypto_request.ccm, current_network_key->encryption_key, network_nonce, cypher_len, 0, net_mic_len); 357 btstack_crypto_ccm_encrypt_block(&mesh_network_crypto_request.ccm, cypher_len, &network_pdu->data[7], &network_pdu->data[7], &mesh_network_send_b, network_pdu); 358 } 359 360 #if defined(ENABLE_MESH_RELAY) || defined (ENABLE_MESH_PROXY_SERVER) 361 static void mesh_network_relay_message(mesh_network_pdu_t * network_pdu){ 362 uint8_t ctl_ttl = network_pdu->data[1]; 363 uint8_t ctl = ctl_ttl & 0x80; 364 uint8_t ttl = ctl_ttl & 0x7f; 365 uint8_t net_mic_len = ctl ? 8 : 4; 366 367 // prepare pdu for resending 368 network_pdu->len -= net_mic_len; 369 network_pdu->data[1] = (ctl << 7) | (ttl - 1); 370 network_pdu->flags |= MESH_NETWORK_PDU_FLAGS_RELAY; 371 372 // queue up 373 network_pdu->callback = &mesh_network_send_d; 374 btstack_linked_list_add_tail(&network_pdus_queued, (btstack_linked_item_t *) network_pdu); 375 } 376 #endif 377 378 void mesh_network_message_processed_by_higher_layer(mesh_network_pdu_t * network_pdu){ 379 380 #if defined(ENABLE_MESH_RELAY) || defined (ENABLE_MESH_PROXY_SERVER) 381 382 // check if address does not matches elements on our node and TTL >= 2 383 uint16_t src = mesh_network_src(network_pdu); 384 uint8_t ttl = mesh_network_ttl(network_pdu); 385 if (((src < mesh_network_primary_address) || (src > (mesh_network_primary_address + mesh_network_num_elements))) && (ttl >= 2)){ 386 387 if ((network_pdu->flags & MESH_NETWORK_PDU_FLAGS_GATT_BEARER) == 0){ 388 389 // message received via ADV bearer are relayed: 390 391 #ifdef ENABLE_MESH_RELAY 392 if (mesh_foundation_relay_get() != 0){ 393 // - to ADV bearer, if Relay supported and enabled 394 mesh_network_relay_message(network_pdu); 395 mesh_network_run(); 396 return; 397 } 398 #endif 399 400 #ifdef ENABLE_MESH_PROXY_SERVER 401 if (mesh_foundation_gatt_proxy_get() != 0){ 402 // - to GATT bearer, if Proxy supported and enabled 403 mesh_network_relay_message(network_pdu); 404 mesh_network_run(); 405 return; 406 } 407 #endif 408 409 } else { 410 411 // messages received via GATT bearer are relayed: 412 413 #ifdef ENABLE_MESH_PROXY_SERVER 414 if (mesh_foundation_gatt_proxy_get() != 0){ 415 // - to ADV bearer, if Proxy supported and enabled 416 mesh_network_relay_message(network_pdu); 417 mesh_network_run(); 418 return; 419 } 420 #endif 421 422 } 423 } 424 #endif 425 426 // otherwise, we're done 427 btstack_memory_mesh_network_pdu_free(network_pdu); 428 } 429 430 static void process_network_pdu_done(void){ 431 btstack_memory_mesh_network_pdu_free(network_pdu_in_validation); 432 network_pdu_in_validation = NULL; 433 mesh_crypto_active = 0; 434 435 mesh_network_run(); 436 } 437 438 static void process_network_pdu_validate_d(void * arg){ 439 mesh_network_pdu_t * network_pdu = (mesh_network_pdu_t *) arg; 440 441 uint8_t ctl_ttl = network_pdu->data[1]; 442 uint8_t ctl = ctl_ttl >> 7; 443 uint8_t net_mic_len = (ctl_ttl & 0x80) ? 8 : 4; 444 445 // store NetMIC 446 uint8_t net_mic[8]; 447 btstack_crypto_ccm_get_authentication_value(&mesh_network_crypto_request.ccm, net_mic); 448 #ifdef LOG_NETWORK 449 printf("RX-NetMIC: "); 450 printf_hexdump(net_mic, net_mic_len); 451 #endif 452 // store in pdu 453 memcpy(&network_pdu->data[network_pdu->len-net_mic_len], net_mic, net_mic_len); 454 455 #ifdef LOG_NETWORK 456 uint8_t cypher_len = network_pdu->len - 9 - net_mic_len; 457 printf("RX-Decrypted DST/TransportPDU: "); 458 printf_hexdump(&network_pdu->data[7], 2 + cypher_len); 459 460 printf("RX-Decrypted: "); 461 printf_hexdump(network_pdu->data, network_pdu->len); 462 #endif 463 464 // validate network mic 465 if (memcmp(net_mic, &network_pdu_in_validation->data[network_pdu->len-net_mic_len], net_mic_len) != 0){ 466 // fail 467 printf("RX-NetMIC mismatch, try next key\n"); 468 process_network_pdu_validate(network_pdu); 469 return; 470 } 471 472 // remove NetMIC from payload 473 network_pdu->len -= net_mic_len; 474 475 #ifdef LOG_NETWORK 476 // match 477 printf("RX-NetMIC matches\n"); 478 printf("RX-TTL: 0x%02x\n", network_pdu->data[1] & 0x7f); 479 #endif 480 481 // set netkey_index 482 network_pdu->netkey_index = current_network_key->netkey_index; 483 484 if (network_pdu->flags & MESH_NETWORK_PDU_FLAGS_PROXY_CONFIGURATION){ 485 486 // no additional checks for proxy messages 487 (*mesh_network_proxy_message_handler)(MESH_NETWORK_PDU_RECEIVED, network_pdu); 488 489 } else { 490 491 // validate src/dest addresses 492 uint16_t src = big_endian_read_16(network_pdu->data, 5); 493 uint16_t dst = big_endian_read_16(network_pdu->data, 7); 494 int valid = mesh_network_addresses_valid(ctl, src, dst); 495 if (!valid){ 496 printf("RX Address invalid\n"); 497 btstack_memory_mesh_network_pdu_free(network_pdu); 498 process_network_pdu_done(); 499 return; 500 } 501 502 // check cache 503 uint32_t hash = mesh_network_cache_hash(network_pdu); 504 #ifdef LOG_NETWORK 505 printf("RX-Hash: %08x\n", hash); 506 #endif 507 if (mesh_network_cache_find(hash)){ 508 // found in cache, drop 509 printf("Found in cache -> drop packet\n"); 510 btstack_memory_mesh_network_pdu_free(network_pdu); 511 process_network_pdu_done(); 512 return; 513 } 514 515 // store in network cache 516 mesh_network_cache_add(hash); 517 518 // forward to lower transport layer. message is freed by call to mesh_network_message_processed_by_upper_layer 519 (*mesh_network_higher_layer_handler)(MESH_NETWORK_PDU_RECEIVED, network_pdu); 520 } 521 522 // done 523 process_network_pdu_done(); 524 } 525 526 static uint32_t iv_index_for_pdu(const mesh_network_pdu_t * network_pdu){ 527 // get IV Index and IVI 528 uint32_t iv_index = global_iv_index; 529 int ivi = network_pdu->data[0] >> 7; 530 531 // if least significant bit differs, use previous IV Index 532 if ((iv_index & 1 ) ^ ivi){ 533 iv_index--; 534 #ifdef LOG_NETWORK 535 printf("RX-IV: IVI indicates previous IV index, using 0x%08x\n", iv_index); 536 #endif 537 } 538 return iv_index; 539 } 540 541 static void process_network_pdu_validate_b(void * arg){ 542 mesh_network_pdu_t * network_pdu = (mesh_network_pdu_t *) arg; 543 544 #ifdef LOG_NETWORK 545 printf("RX-PECB: "); 546 printf_hexdump(obfuscation_block, 6); 547 #endif 548 549 // de-obfuscate 550 unsigned int i; 551 for (i=0;i<6;i++){ 552 network_pdu->data[1+i] = network_pdu_in_validation->data[1+i] ^ obfuscation_block[i]; 553 } 554 555 uint32_t iv_index = iv_index_for_pdu(network_pdu); 556 557 if (network_pdu->flags & MESH_NETWORK_PDU_FLAGS_PROXY_CONFIGURATION){ 558 // create network nonce 559 mesh_proxy_create_nonce(network_nonce, network_pdu, iv_index); 560 #ifdef LOG_NETWORK 561 printf("RX-Proxy Nonce: "); 562 printf_hexdump(network_nonce, 13); 563 #endif 564 } else { 565 // create network nonce 566 mesh_network_create_nonce(network_nonce, network_pdu, iv_index); 567 #ifdef LOG_NETWORK 568 printf("RX-Network Nonce: "); 569 printf_hexdump(network_nonce, 13); 570 #endif 571 } 572 573 // 574 uint8_t ctl_ttl = network_pdu->data[1]; 575 uint8_t net_mic_len = (ctl_ttl & 0x80) ? 8 : 4; 576 uint8_t cypher_len = network_pdu->len - 7 - net_mic_len; 577 578 #ifdef LOG_NETWORK 579 printf("RX-Cyper len %u, mic len %u\n", cypher_len, net_mic_len); 580 581 printf("RX-Encryption Key: "); 582 printf_hexdump(current_network_key->encryption_key, 16); 583 584 #endif 585 586 btstack_crypto_ccm_init(&mesh_network_crypto_request.ccm, current_network_key->encryption_key, network_nonce, cypher_len, 0, net_mic_len); 587 btstack_crypto_ccm_decrypt_block(&mesh_network_crypto_request.ccm, cypher_len, &network_pdu_in_validation->data[7], &network_pdu->data[7], &process_network_pdu_validate_d, network_pdu); 588 } 589 590 static void process_network_pdu_validate(mesh_network_pdu_t * network_pdu){ 591 if (!mesh_network_key_nid_iterator_has_more(&validation_network_key_it)){ 592 printf("No valid network key found\n"); 593 btstack_memory_mesh_network_pdu_free(network_pdu); 594 process_network_pdu_done(); 595 return; 596 } 597 598 current_network_key = mesh_network_key_nid_iterator_get_next(&validation_network_key_it); 599 600 // calc PECB 601 uint32_t iv_index = iv_index_for_pdu(network_pdu); 602 memset(encryption_block, 0, 5); 603 big_endian_store_32(encryption_block, 5, iv_index); 604 memcpy(&encryption_block[9], &network_pdu_in_validation->data[7], 7); 605 btstack_crypto_aes128_encrypt(&mesh_network_crypto_request.aes128, current_network_key->privacy_key, encryption_block, obfuscation_block, &process_network_pdu_validate_b, network_pdu); 606 } 607 608 609 static void process_network_pdu(mesh_network_pdu_t * network_pdu){ 610 // 611 uint8_t nid_ivi = network_pdu_in_validation->data[0]; 612 613 // setup pdu object 614 network_pdu->data[0] = nid_ivi; 615 network_pdu->len = network_pdu_in_validation->len; 616 network_pdu->flags = network_pdu_in_validation->flags; 617 618 // init provisioning data iterator 619 uint8_t nid = nid_ivi & 0x7f; 620 // uint8_t iv_index = network_pdu_data[0] >> 7; 621 mesh_network_key_nid_iterator_init(&validation_network_key_it, nid); 622 623 process_network_pdu_validate(network_pdu); 624 } 625 626 // static void mesh_network_encrypt_and_obfuscate(mesh_network_pdu_t * network_pdu, void (*callback)(mesh_network_pdu_t * network_pdu)){ 627 // network_pdu->callback = callback; 628 // } 629 630 static void mesh_network_run(void){ 631 if (!btstack_linked_list_empty(&network_pdus_outgoing)){ 632 mesh_network_pdu_t * network_pdu = (mesh_network_pdu_t *) btstack_linked_list_pop(&network_pdus_outgoing); 633 634 #ifdef ENABLE_MESH_GATT_BEARER 635 // request to send via gatt if: 636 // proxy active and connected 637 // packet wasn't received via gatt bearer 638 printf("mesh_network_run: pdu %p, proxy %u, con handle %4x\n", network_pdu, mesh_foundation_gatt_proxy_get(), gatt_bearer_con_handle); 639 if (network_pdu != NULL && 640 (mesh_foundation_gatt_proxy_get() != 0) && 641 (gatt_bearer_con_handle != HCI_CON_HANDLE_INVALID) && 642 ((network_pdu->flags & MESH_NETWORK_PDU_FLAGS_GATT_BEARER) == 0) 643 ){ 644 gatt_bearer_network_pdu = network_pdu; 645 network_pdu = NULL; 646 gatt_bearer_request_can_send_now_for_network_pdu(); 647 } 648 #endif 649 #ifdef ENABLE_MESH_ADV_BEARER 650 // request to send via adv 651 if (network_pdu != NULL){ 652 adv_bearer_network_pdu = network_pdu; 653 network_pdu = NULL; 654 adv_bearer_request_can_send_now_for_network_pdu(); 655 } 656 #endif 657 if (network_pdu != NULL){ 658 // notify upper layer 659 (*mesh_network_higher_layer_handler)(MESH_NETWORK_PDU_SENT, network_pdu); 660 } 661 } 662 663 if (mesh_crypto_active) return; 664 665 if (!btstack_linked_list_empty(&network_pdus_received)){ 666 mesh_network_pdu_t * decode_pdu = mesh_network_pdu_get(); 667 if (!decode_pdu) return; 668 // get encoded network pdu and start processing 669 mesh_crypto_active = 1; 670 network_pdu_in_validation = (mesh_network_pdu_t *) btstack_linked_list_pop(&network_pdus_received); 671 process_network_pdu(decode_pdu); 672 return; 673 } 674 675 if (!btstack_linked_list_empty(&network_pdus_queued)){ 676 // get queued network pdu and start processing 677 mesh_network_pdu_t * network_pdu = (mesh_network_pdu_t *) btstack_linked_list_pop(&network_pdus_queued); 678 mesh_network_send_a(network_pdu); 679 return; 680 } 681 } 682 683 #ifdef ENABLE_MESH_ADV_BEARER 684 static void mesh_adv_bearer_handle_network_event(uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size){ 685 mesh_network_pdu_t * network_pdu; 686 687 switch (packet_type){ 688 case MESH_NETWORK_PACKET: 689 // check len. minimal transport PDU len = 1, 32 bit NetMIC -> 13 bytes 690 if (size < 13) break; 691 692 #ifdef LOG_NETWORK 693 printf("received network pdu from adv (len %u): ", size); 694 printf_hexdump(packet, size); 695 #endif 696 mesh_network_received_message(packet, size, 0); 697 break; 698 699 case HCI_EVENT_PACKET: 700 switch(packet[0]){ 701 case HCI_EVENT_MESH_META: 702 switch(packet[2]){ 703 case MESH_SUBEVENT_CAN_SEND_NOW: 704 if (adv_bearer_network_pdu == NULL) break; 705 #ifdef LOG_NETWORK 706 printf("TX-E-NetworkPDU (%p): ", adv_bearer_network_pdu); 707 printf_hexdump(adv_bearer_network_pdu->data, adv_bearer_network_pdu->len); 708 #endif 709 adv_bearer_send_network_pdu(adv_bearer_network_pdu->data, adv_bearer_network_pdu->len); 710 network_pdu = adv_bearer_network_pdu; 711 adv_bearer_network_pdu = NULL; 712 713 // notify upper layer 714 (*mesh_network_higher_layer_handler)(MESH_NETWORK_PDU_SENT, network_pdu); 715 716 // check if more to send 717 mesh_network_run(); 718 break; 719 default: 720 break; 721 } 722 break; 723 default: 724 break; 725 } 726 break; 727 } 728 } 729 #endif 730 731 #ifdef ENABLE_MESH_GATT_BEARER 732 static void mesh_network_gatt_bearer_outgoing_complete(void){ 733 734 if (gatt_bearer_network_pdu == NULL) return; 735 736 #ifdef ENABLE_MESH_ADV_BEARER 737 // forward to adv bearer 738 adv_bearer_network_pdu = gatt_bearer_network_pdu; 739 gatt_bearer_network_pdu = NULL; 740 adv_bearer_request_can_send_now_for_network_pdu(); 741 return; 742 #endif 743 744 // done, notify upper layer 745 mesh_network_pdu_t * network_pdu = gatt_bearer_network_pdu; 746 gatt_bearer_network_pdu = NULL; 747 (*mesh_network_higher_layer_handler)(MESH_NETWORK_PDU_SENT, network_pdu); 748 } 749 750 static void mesh_network_gatt_bearer_handle_network_event(uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size){ 751 switch (packet_type){ 752 case MESH_PROXY_DATA_PACKET: 753 if (mesh_foundation_gatt_proxy_get() == 0) break; 754 #ifdef LOG_NETWORK 755 printf("received network pdu from gatt (len %u): ", size); 756 printf_hexdump(packet, size); 757 #endif 758 mesh_network_received_message(packet, size, MESH_NETWORK_PDU_FLAGS_GATT_BEARER); 759 break; 760 case HCI_EVENT_PACKET: 761 switch (hci_event_packet_get_type(packet)){ 762 case HCI_EVENT_MESH_META: 763 switch (hci_event_mesh_meta_get_subevent_code(packet)){ 764 case MESH_SUBEVENT_PROXY_CONNECTED: 765 gatt_bearer_con_handle = mesh_subevent_proxy_connected_get_con_handle(packet); 766 break; 767 case MESH_SUBEVENT_PROXY_DISCONNECTED: 768 gatt_bearer_con_handle = HCI_CON_HANDLE_INVALID; 769 mesh_network_gatt_bearer_outgoing_complete(); 770 break; 771 case MESH_SUBEVENT_CAN_SEND_NOW: 772 if (gatt_bearer_network_pdu == NULL) break; 773 #ifdef LOG_NETWORK 774 printf("G-TX-E-NetworkPDU (%p): ", gatt_bearer_network_pdu); 775 printf_hexdump(gatt_bearer_network_pdu->data, gatt_bearer_network_pdu->len); 776 #endif 777 gatt_bearer_send_network_pdu(gatt_bearer_network_pdu->data, gatt_bearer_network_pdu->len); 778 break; 779 780 case MESH_SUBEVENT_MESSAGE_SENT: 781 mesh_network_gatt_bearer_outgoing_complete(); 782 break; 783 default: 784 break; 785 } 786 break; 787 default: 788 break; 789 } 790 break; 791 default: 792 break; 793 } 794 } 795 #endif 796 797 #ifdef ENABLE_MESH_GATT_BEARER 798 static void mesh_netework_gatt_bearer_handle_proxy_configuration(uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size){ 799 switch (packet_type){ 800 case MESH_PROXY_DATA_PACKET: 801 mesh_network_process_proxy_configuration_message(packet, size); 802 break; 803 case HCI_EVENT_PACKET: 804 switch (hci_event_packet_get_type(packet)){ 805 case HCI_EVENT_MESH_META: 806 switch (hci_event_mesh_meta_get_subevent_code(packet)){ 807 case MESH_SUBEVENT_CAN_SEND_NOW: 808 // forward to higher layer 809 (*mesh_network_proxy_message_handler)(MESH_NETWORK_CAN_SEND_NOW, NULL); 810 break; 811 default: 812 break; 813 } 814 break; 815 default: 816 break; 817 } 818 break; 819 default: 820 break; 821 } 822 } 823 #endif 824 825 void mesh_network_init(void){ 826 #ifdef ENABLE_MESH_ADV_BEARER 827 adv_bearer_register_for_network_pdu(&mesh_adv_bearer_handle_network_event); 828 #endif 829 #ifdef ENABLE_MESH_GATT_BEARER 830 gatt_bearer_con_handle = HCI_CON_HANDLE_INVALID; 831 gatt_bearer_register_for_network_pdu(&mesh_network_gatt_bearer_handle_network_event); 832 gatt_bearer_register_for_mesh_proxy_configuration(&mesh_netework_gatt_bearer_handle_proxy_configuration); 833 #endif 834 } 835 836 void mesh_network_set_higher_layer_handler(void (*packet_handler)(mesh_network_callback_type_t callback_type, mesh_network_pdu_t * network_pdu)){ 837 mesh_network_higher_layer_handler = packet_handler; 838 } 839 840 void mesh_network_set_proxy_message_handler(void (*packet_handler)(mesh_network_callback_type_t callback_type, mesh_network_pdu_t * network_pdu)){ 841 mesh_network_proxy_message_handler = packet_handler; 842 } 843 844 void mesh_network_set_primary_element_address(uint16_t addr){ 845 mesh_network_primary_address = addr; 846 mesh_network_num_elements = 1; 847 } 848 849 void mesh_network_received_message(const uint8_t * pdu_data, uint8_t pdu_len, uint8_t flags){ 850 // verify len 851 if (pdu_len > 29) return; 852 853 // allocate network_pdu 854 mesh_network_pdu_t * network_pdu = mesh_network_pdu_get(); 855 if (!network_pdu) return; 856 857 // store data 858 memcpy(network_pdu->data, pdu_data, pdu_len); 859 network_pdu->len = pdu_len; 860 network_pdu->flags = flags; 861 862 // add to list and go 863 btstack_linked_list_add_tail(&network_pdus_received, (btstack_linked_item_t *) network_pdu); 864 mesh_network_run(); 865 866 } 867 868 void mesh_network_process_proxy_configuration_message(const uint8_t * pdu_data, uint8_t pdu_len){ 869 // verify len 870 if (pdu_len > 29) return; 871 872 // allocate network_pdu 873 mesh_network_pdu_t * network_pdu = mesh_network_pdu_get(); 874 if (!network_pdu) return; 875 876 // store data 877 memcpy(network_pdu->data, pdu_data, pdu_len); 878 network_pdu->len = pdu_len; 879 network_pdu->flags = MESH_NETWORK_PDU_FLAGS_PROXY_CONFIGURATION; // Network PDU 880 881 // add to list and go 882 btstack_linked_list_add_tail(&network_pdus_received, (btstack_linked_item_t *) network_pdu); 883 mesh_network_run(); 884 } 885 886 void mesh_network_send_pdu(mesh_network_pdu_t * network_pdu){ 887 #ifdef LOG_NETWORK 888 printf("TX-A-NetworkPDU (%p): ", network_pdu); 889 printf_hexdump(network_pdu->data, network_pdu->len); 890 #endif 891 892 if (network_pdu->len > 29){ 893 printf("too long, %u\n", network_pdu->len); 894 return; 895 } 896 897 // setup callback 898 network_pdu->callback = &mesh_network_send_d; 899 network_pdu->flags = 0; 900 901 // queue up 902 btstack_linked_list_add_tail(&network_pdus_queued, (btstack_linked_item_t *) network_pdu); 903 904 // go 905 mesh_network_run(); 906 } 907 908 void mesh_network_encrypt_proxy_configuration_message(mesh_network_pdu_t * network_pdu, void (* callback)(mesh_network_pdu_t * callback)){ 909 printf("ProxyPDU(unencrypted): "); 910 printf_hexdump(network_pdu->data, network_pdu->len); 911 912 // setup callback 913 network_pdu->callback = callback; 914 network_pdu->flags = MESH_NETWORK_PDU_FLAGS_PROXY_CONFIGURATION; 915 916 // queue up 917 btstack_linked_list_add_tail(&network_pdus_queued, (btstack_linked_item_t *) network_pdu); 918 919 // go 920 mesh_network_run(); 921 } 922 923 /* 924 * @brief Setup network pdu header 925 * @param netkey_index 926 * @param ctl 927 * @param ttl 928 * @param seq 929 * @param dest 930 */ 931 void mesh_network_setup_pdu(mesh_network_pdu_t * network_pdu, uint16_t netkey_index, uint8_t nid, uint8_t ctl, uint8_t ttl, uint32_t seq, uint16_t src, uint16_t dest, const uint8_t * transport_pdu_data, uint8_t transport_pdu_len){ 932 memset(network_pdu, 0, sizeof(mesh_network_pdu_t)); 933 // set netkey_index 934 network_pdu->netkey_index = netkey_index; 935 // setup header 936 network_pdu->data[network_pdu->len++] = (mesh_get_iv_index_for_tx() << 7) | nid; 937 uint8_t ctl_ttl = (ctl << 7) | (ttl & 0x7f); 938 network_pdu->data[network_pdu->len++] = ctl_ttl; 939 big_endian_store_24(network_pdu->data, 2, seq); 940 network_pdu->len += 3; 941 big_endian_store_16(network_pdu->data, network_pdu->len, src); 942 network_pdu->len += 2; 943 big_endian_store_16(network_pdu->data, network_pdu->len, dest); 944 network_pdu->len += 2; 945 memcpy(&network_pdu->data[network_pdu->len], transport_pdu_data, transport_pdu_len); 946 network_pdu->len += transport_pdu_len; 947 } 948 949 /* 950 * @brief Setup network pdu header 951 * @param netkey_index 952 * @param ctl 953 * @param ttl 954 * @param seq 955 * @param dest 956 */ 957 void mesh_network_setup_pdu_header(mesh_network_pdu_t * network_pdu, uint16_t netkey_index, uint8_t nid, uint8_t ctl, uint8_t ttl, uint32_t seq, uint16_t src, uint16_t dest){ 958 // set netkey_index 959 network_pdu->netkey_index = netkey_index; 960 // setup header 961 network_pdu->data[0] = (mesh_get_iv_index_for_tx() << 7) | nid; 962 uint8_t ctl_ttl = (ctl << 7) | (ttl & 0x7f); 963 network_pdu->data[1] = ctl_ttl; 964 big_endian_store_24(network_pdu->data, 2, seq); 965 big_endian_store_16(network_pdu->data, 5, src); 966 big_endian_store_16(network_pdu->data, 7, dest); 967 } 968 969 void mesh_set_iv_index(uint32_t iv_index){ 970 global_iv_index = iv_index; 971 } 972 973 uint32_t mesh_get_iv_index(void){ 974 return global_iv_index; 975 } 976 977 uint32_t mesh_get_iv_index_for_tx(void){ 978 if (global_iv_update_active){ 979 return global_iv_index - 1; 980 } else { 981 return global_iv_index; 982 } 983 } 984 985 int mesh_iv_update_active(void){ 986 return global_iv_update_active; 987 } 988 989 void mesh_trigger_iv_update(void){ 990 if (global_iv_update_active) return; 991 992 // "A node shall not start an IV Update procedure more often than once every 192 hours." 993 // Unless triggered by user application, it will automatically triggered if sequene numbers are about to roll over 994 995 // "A node shall defer state change from IV Update in Progress to Normal Operation, as defined by this procedure, 996 // when the node has transmitted a Segmented Access message or a Segmented Control message without receiving the 997 // corresponding Segment Acknowledgment messages. The deferred change of the state shall be executed when the appropriate 998 // Segment Acknowledgment message is received or timeout for the delivery of this message is reached. 999 // 1000 // Note: This requirement is necessary because upon completing the IV Update procedure the sequence number is reset 1001 // to 0x000000 and the SeqAuth value would not be valid." 1002 1003 // set IV Update in Progress 1004 global_iv_update_active = 1; 1005 // increase IV index 1006 global_iv_index++; 1007 } 1008 1009 void mesh_iv_update_completed(void){ 1010 if (!global_iv_update_active) return; 1011 // set Normal mode 1012 global_iv_update_active = 0; 1013 } 1014 1015 // Network PDU Getter 1016 uint8_t mesh_network_nid(mesh_network_pdu_t * network_pdu){ 1017 return network_pdu->data[0] & 0x7f; 1018 } 1019 uint16_t mesh_network_control(mesh_network_pdu_t * network_pdu){ 1020 return network_pdu->data[1] & 0x80; 1021 } 1022 uint8_t mesh_network_ttl(mesh_network_pdu_t * network_pdu){ 1023 return network_pdu->data[1] & 0x7f; 1024 } 1025 uint32_t mesh_network_seq(mesh_network_pdu_t * network_pdu){ 1026 return big_endian_read_24(network_pdu->data, 2); 1027 } 1028 uint16_t mesh_network_src(mesh_network_pdu_t * network_pdu){ 1029 return big_endian_read_16(network_pdu->data, 5); 1030 } 1031 uint16_t mesh_network_dst(mesh_network_pdu_t * network_pdu){ 1032 return big_endian_read_16(network_pdu->data, 7); 1033 } 1034 int mesh_network_segmented(mesh_network_pdu_t * network_pdu){ 1035 return network_pdu->data[9] & 0x80; 1036 } 1037 uint8_t * mesh_network_pdu_data(mesh_network_pdu_t * network_pdu){ 1038 return &network_pdu->data[9]; 1039 } 1040 uint8_t mesh_network_pdu_len(mesh_network_pdu_t * network_pdu){ 1041 return network_pdu->len - 9; 1042 } 1043 1044 static void mesh_network_dump_network_pdu(mesh_network_pdu_t * network_pdu){ 1045 if (network_pdu){ 1046 printf("- %p: ", network_pdu); printf_hexdump(network_pdu->data, network_pdu->len); 1047 } 1048 } 1049 static void mesh_network_dump_network_pdus(const char * name, btstack_linked_list_t * list){ 1050 printf("List: %s:\n", name); 1051 btstack_linked_list_iterator_t it; 1052 btstack_linked_list_iterator_init(&it, list); 1053 while (btstack_linked_list_iterator_has_next(&it)){ 1054 mesh_network_pdu_t * network_pdu = (mesh_network_pdu_t*) btstack_linked_list_iterator_next(&it); 1055 mesh_network_dump_network_pdu(network_pdu); 1056 } 1057 } 1058 static void mesh_network_reset_network_pdus(btstack_linked_list_t * list){ 1059 while (!btstack_linked_list_empty(list)){ 1060 mesh_network_pdu_t * pdu = (mesh_network_pdu_t *) btstack_linked_list_pop(list); 1061 btstack_memory_mesh_network_pdu_free(pdu); 1062 } 1063 } 1064 void mesh_network_dump(void){ 1065 mesh_network_dump_network_pdus("network_pdus_received", &network_pdus_received); 1066 mesh_network_dump_network_pdus("network_pdus_queued", &network_pdus_queued); 1067 mesh_network_dump_network_pdus("network_pdus_outgoing", &network_pdus_outgoing); 1068 printf("network_pdu_in_validation: \n"); 1069 mesh_network_dump_network_pdu(network_pdu_in_validation); 1070 } 1071 void mesh_network_reset(void){ 1072 mesh_network_reset_network_pdus(&network_pdus_received); 1073 mesh_network_reset_network_pdus(&network_pdus_queued); 1074 mesh_network_reset_network_pdus(&network_pdus_outgoing); 1075 } 1076 1077 // buffer pool 1078 mesh_network_pdu_t * mesh_network_pdu_get(void){ 1079 mesh_network_pdu_t * network_pdu = btstack_memory_mesh_network_pdu_get(); 1080 if (network_pdu) { 1081 memset(network_pdu, 0, sizeof(mesh_network_pdu_t)); 1082 network_pdu->pdu_header.pdu_type = MESH_PDU_TYPE_NETWORK; 1083 } 1084 return network_pdu; 1085 } 1086 1087 void mesh_network_pdu_free(mesh_network_pdu_t * network_pdu){ 1088 btstack_memory_mesh_network_pdu_free(network_pdu); 1089 } 1090 1091 // Mesh Subnet Management 1092 1093 void mesh_subnet_add(mesh_subnet_t * subnet){ 1094 btstack_linked_list_add_tail(&subnets, (btstack_linked_item_t *) subnet); 1095 } 1096 1097 void mesh_subnet_remove(mesh_subnet_t * subnet){ 1098 btstack_linked_list_remove(&subnets, (btstack_linked_item_t *) subnet); 1099 } 1100 1101 mesh_subnet_t * mesh_subnet_get_by_netkey_index(uint16_t netkey_index){ 1102 btstack_linked_list_iterator_t it; 1103 btstack_linked_list_iterator_init(&it, &subnets); 1104 while (btstack_linked_list_iterator_has_next(&it)){ 1105 mesh_subnet_t * item = (mesh_subnet_t *) btstack_linked_list_iterator_next(&it); 1106 if (item->netkey_index == netkey_index) return item; 1107 } 1108 return NULL; 1109 } 1110 1111 int mesh_subnet_list_count(void){ 1112 return btstack_linked_list_count(&subnets); 1113 } 1114 1115 // mesh network key iterator over all keys 1116 void mesh_subnet_iterator_init(mesh_subnet_iterator_t *it){ 1117 btstack_linked_list_iterator_init(&it->it, &subnets); 1118 } 1119 1120 int mesh_subnet_iterator_has_more(mesh_subnet_iterator_t *it){ 1121 return btstack_linked_list_iterator_has_next(&it->it); 1122 } 1123 1124 mesh_subnet_t * mesh_subnet_iterator_get_next(mesh_subnet_iterator_t *it){ 1125 return (mesh_subnet_t *) btstack_linked_list_iterator_next(&it->it); 1126 } 1127 1128 mesh_network_key_t * mesh_subnet_get_outgoing_network_key(mesh_subnet_t * subnet){ 1129 switch (subnet->key_refresh){ 1130 case MESH_KEY_REFRESH_SECOND_PHASE: 1131 return subnet->new_key; 1132 case MESH_KEY_REFRESH_NOT_ACTIVE: 1133 case MESH_KEY_REFRESH_FIRST_PHASE: 1134 default: 1135 return subnet->old_key; 1136 } 1137 } 1138 1139 /** 1140 * @brief Setup subnet for given netkey index 1141 */ 1142 void mesh_subnet_setup_for_netkey_index(uint16_t netkey_index){ 1143 mesh_subnet_t * subnet = mesh_subnet_get_by_netkey_index(netkey_index); 1144 if (subnet != NULL) return; 1145 1146 // find old / new keys 1147 mesh_network_key_t * old_key = NULL; 1148 mesh_network_key_t * new_key = NULL; 1149 mesh_network_key_iterator_t it; 1150 mesh_network_key_iterator_init(&it); 1151 while (mesh_network_key_iterator_has_more(&it)){ 1152 mesh_network_key_t * network_key = mesh_network_key_iterator_get_next(&it); 1153 if (network_key->netkey_index != netkey_index) continue; 1154 if (old_key == NULL){ 1155 old_key = network_key; 1156 continue; 1157 } 1158 // assign current key depending on key version 1159 if (((int8_t) (network_key->version - new_key->version)) > 0) { 1160 new_key = network_key; 1161 } else { 1162 new_key = old_key; 1163 old_key = network_key; 1164 } 1165 } 1166 1167 // create subnet for netkey index 1168 subnet = btstack_memory_mesh_subnet_get(); 1169 if (subnet == NULL) return; 1170 subnet->netkey_index = netkey_index; 1171 mesh_subnet_add(subnet); 1172 1173 // set keys 1174 subnet->old_key = old_key; 1175 subnet->new_key = new_key; 1176 1177 // key refresh 1178 if (new_key == NULL){ 1179 // single key -> key refresh not active 1180 subnet->key_refresh = MESH_KEY_REFRESH_NOT_ACTIVE; 1181 } 1182 else { 1183 // two keys -> at least phase 1 1184 subnet->key_refresh = MESH_KEY_REFRESH_FIRST_PHASE; 1185 } 1186 } 1187