• State Verified Answer
  • Replies 9 replies
  • Subscribers 73 subscribers
  • Views 5582 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 200728
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

How to acquire Mesh keys API

Dash

I would like to use a Bluetooth protocol analyzer for sniffing traffic in my Mesh network. I need to input the devkey(s), netkey, and appkey to the protocol analyzer software so it can decode the mesh messages. What is the best way to acquire the keys being used by a mesh node? Is there an API in the mesh SDK that will allow me to read the desired keys so I can log and capture them? I am using Mesh SDK 1.0. 

Parents
  • +1

    Hi,

    Keys are stored by the Device State Manager, and can be read using the dsm_tx_secmat_get() and dsm_net_secmat_from_keyindex_get() API calls.

    Regards,
    Terje

  • 0 in reply to tesc

    The calls provided above get the netkey and appkey. The protocol analyzer also needs the devkey. I have found calls to get the devkey handle but nothing for the actual devkey. Please let me know how I can obtain the devkey.

  • +1 in reply to Dash

    Hello,

    My understanding is that the devkey (device key) is simply a special form of appkey (application key) known only between each specific node and the provisioner.

    I believe that the nrf_mesh_application_secmat_t struct has a boolean indicating whether the stored key in that index is an appkey or devkey. So traversing through should yield the correct devkey (either on the node and/or provisioner)

    /**
 * Application security material structure.
 *
 * This structure is required for the encryption of the application data.
 *
 * @note This is intended to be managed by the device_state_manager.c, and the setters and getters
 * in that module should be used and no direct accesses should be made to this structure.
 */
typedef struct
{
    /** Indicates whether the device key or the application is used. */
    bool is_device_key;
    /** Application ID. Calculated and used internally. */
    uint8_t aid;
    /** Application or device key storage. */
    uint8_t key[NRF_MESH_KEY_SIZE];
} nrf_mesh_application_secmat_t;

    Notwithstanding the above, it would be good for confirmation of this from Nordic to ascertain whether there is/they plan a direct API to obtain the devkey.

    (Also, as a matter of interest, do you mind mentioning which Bluetooth protocol analyzer you are using, we're looking at one from Sodera/Frontline but haven't decided as yet, Thanks in advance)

    Regards,

  • 0 in reply to leonwj

    Yes. The DevKey is stored with the AppKeys.

    You can use dsm_devkey_handle_get() for getting the handle, then fetch the DevKey using dsm_tx_secmat_get(). No need to traverse on your own.

Reply Children
Related
Terms of service