Hi Brian, >On Thu, 2020-04-02 at 21:30 +0530, Anupam Roy wrote: >> Hi Brian, >> >> > You are correct in finding this bug... It was found in paralell by Przemysław Fierek, and should be fixed >> > as >> > of this commit: >> > >> > commit 84a9b6ce4b66a2ba21cce8e4b0c3c6e097a5493a >> > Author: Przemysław Fierek <przemyslaw.fierek@xxxxxxxxxxx> >> > Date: Tue Mar 31 14:09:08 2020 +0200 >> > >> > mesh: Add net key index to sar structure >> > >> > This patch adds net key index to struct mesh_sar. This fixes problem with >> > using invalid network key to encrypt application messages. >> > >> > >> > If you check out the current tip, hopefully it will solve the problem you found where the incorrect >> > (primary >> > subnet) key was used instead of the requested net key. >> > >> Okay, got it, thanks. >> Since we plan to use the net key index, will the below sanity check stand valid(in case of app_idx == >> APP_IDX_DEV_REMOTE)? >> As it may save some un-necesary processing of the message payload in case net key index is *Not* valid or >> *subnet* is deleted by Config Client. Please share your opinion. Thanks > >If the App uses DevKeySend() with remote == true, but the node does not have the device key for that remote >node in it's keyring, the method will silently fail, and no message will be sent Over-the-Air. > Okay, I got that, deleting the keyring (by subnet-delete <net idx>) should not have any effect for remote DevKeySend messages, as net idx would be used just to pick up Network Encryption Key from the node->net->subnet. Thanks for clarification. >If the App wants to *respond* to an incoming command received with the local nodes device key, it should >respond using DevKeySend() with remote==false, and net_index == the net_index from the cooresponding >DevKeyMessageReceived().
