commit | c66d91bdd7268e81402c1064d0e0a87002c7d4f6 | [log] [tgz] |
---|---|---|
author | Abtin Keshavarzian <abtink@google.com> | Thu Mar 07 21:39:52 2024 -0800 |
committer | GitHub <noreply@github.com> | Thu Mar 07 21:39:52 2024 -0800 |
tree | e2ee858b15b3c75ee6e968b14b201d88d16835e8 | |
parent | 5b88759da951d3aaa799ca7119ea03bf443418e4 [diff] |
[key-manager] update how key guard time is determined and applied (#9871) This commit makes changes/fixes to `KeyManager` regarding key switch guard time. Key Rotation Time updates: - When the Key Rotation Time changes (due to security policy updates), the key switch guard time (`mKeySwitchGuardTime`) is also adjusted. It's set to 93% of the Rotation Time (rounded down). - Immediately checks if the new rotation time indicates a rotation is due and keys are rotated. New variable `mKeySwitchGuardTimer`: - This is reset to the current guard time whenever the key sequence is updated. - It decrements hourly until reaching zero. - Key switch guard comparison is made with this value, aligning the implementation with the Thread specification. `SetCurrentKeySequence()` modification: - Now accepts a new input parameter that determines whether to apply or ignore the key switch guard when updating the key sequence. - During a key rotation check (when the rotation time has passed), the key switch guard is ignored and we always move to the next key sequence number. Other changes: - Variables handling guard and rotation time now use `uint16_t` instead of `uint32_t` to align with security policy definitions. - API and CLI command documentation for setting the "key switch guard time" emphasize that they are intended for testing purposes.
OpenThread released by Google is...
...an open-source implementation of the Thread networking protocol. Google Nest has released OpenThread to make the technology used in Nest products more broadly available to developers to accelerate the development of products for the connected home.
...OS and platform agnostic, with a narrow platform abstraction layer and a small memory footprint, making it highly portable. It supports both system-on-chip (SoC) and network co-processor (NCP) designs.
...a Thread Certified Component, implementing all features defined in the Thread 1.3.0 specification, including all Thread networking layers (IPv6, 6LoWPAN, IEEE 802.15.4 with MAC security, Mesh Link Establishment, Mesh Routing) and device roles, as well as Border Router support.
More information about Thread can be found at threadgroup.org. Thread is a registered trademark of the Thread Group, Inc.
All end-user documentation and guides are located at openthread.io. If you're looking to do things like...
...then openthread.io is the place for you.
Note: For users in China, end-user documentation is available at openthread.google.cn.
If you're interested in contributing to OpenThread, read on.
We would love for you to contribute to OpenThread and help make it even better than it is today! See our Contributing Guidelines for more information.
Contributors are required to abide by our Code of Conduct and Coding Conventions and Style Guide.
OpenThread is released under the BSD 3-Clause license. See the LICENSE
file for more information.
Please only use the OpenThread name and marks when accurately referencing this software distribution. Do not use the marks in a way that suggests you are endorsed by or otherwise affiliated with Nest, Google, or The Thread Group.
OpenThread support is available on GitHub: