chirpstack-application-server icon indicating copy to clipboard operation
chirpstack-application-server copied to clipboard

Published 20 hours ago verified publisher icon brocaar

Incorrect key derivation for Rejoin01

Open jamesl-dm opened this issue 6 years ago • 1 comments

Is this a bug or a feature request?

Bug

What did you expect?

After receiving a Rejoin0 request, the session keys for the new pending security context should be derived using the 1.1 scheme.

What happened?

Both the join and the rejoin code paths in /internal/join/join.go trigger the same setSessionKeys(), which references the join (never the rejoin), payload. So setSessionKeys looks at the OptNeg bit in the uninitialized join payload, and thinks the rejoin OptNeg is false. The keys are then derived using the 1.0 scheme.

What version are your using?

2.4.1

As a side note, I also noticed that the rejoin code path doesn't support MIC validation yet. Not sure if that is on the TODO list or forgotten?

jamesl-dm avatar Jan 24 '19 06:01 jamesl-dm

I'm aware that there might be some issues with rejoin-requests. I hope to test this asap when I have a device available / setup which can reproduce this issue.

brocaar avatar Feb 13 '19 14:02 brocaar