Network Creator Security#
API and Callbacks for the Network Creator Security Component.
This component performs the necessary security initialization to form a Zigbee 3.0-compliant network. To enable "Allow Trust Center rejoin with well known key", the "emberAfPluginEzspSecurityTrustCenterJoinCallback()" function (on the NCP side) may need to be implemented. For more details about this callback function, see "https://www.silabs.com/community/wireless/zigbee-and-thread/knowledge-base.entry.html/2018/12/26/how_to_allow_unsecur-sa3C". If the link does not work, go to our community website and search "How to allow unsecure rejoins on the Ember ZNet stack".
API#
Initialize the security needed for forming and then operating on a network.
Open a network for joining.
Close the network.
Set the network to accept the install code only.
Set the insecure rejoin policy for devices using the well-known key.
Variables#
Macros#
API Documentation#
emberAfPluginNetworkCreatorSecurityStart#
EmberStatus emberAfPluginNetworkCreatorSecurityStart (bool centralizedNetwork)
Initialize the security needed for forming and then operating on a network.
N/A | centralizedNetwork | Whether or not the network that the caller plans to form will use centralized or distributed security. |
The centralizedNetwork parameter allows the caller to specify whether or not the network that they plan to form will use centralized or distributed security.
Returns
Status of the commencement of the network creator process.
70
of file app/framework/plugin/network-creator-security/network-creator-security.h
emberAfPluginNetworkCreatorSecurityOpenNetwork#
EmberStatus emberAfPluginNetworkCreatorSecurityOpenNetwork (void )
Open a network for joining.
N/A |
This API broadcasts a permit join to the network and adds a transient link key of ZigBeeAlliance09 if this device is a trust center.
Returns
An ::EmberStatus value describing the success or failure of the network opening procedure. If this node is not currently on a network, this will return ::EMBER_ERR_FATAL.
82
of file app/framework/plugin/network-creator-security/network-creator-security.h
emberAfPluginNetworkCreatorSecurityCloseNetwork#
EmberStatus emberAfPluginNetworkCreatorSecurityCloseNetwork (void )
Close the network.
N/A |
This API closes the network for joining. It broadcasts a permit join to the network with time 0, as well as clears any transient link keys in the stack.
Returns
An ::EmberStatus value describing closing the network. If this node is not currently on a network, this will return ::EMBER_ERR_FATAL. This API will also return an error code based on the success or failure of the broadcast permit join.
95
of file app/framework/plugin/network-creator-security/network-creator-security.h
emberAfPluginNetworkCreatorSecurityOpenNetworkWithKeyPair#
EmberStatus emberAfPluginNetworkCreatorSecurityOpenNetworkWithKeyPair (EmberEUI64 eui64, EmberKeyData keyData)
Set the network to accept the install code only.
N/A | eui64 | EUI 64 of the joining node. |
N/A | keyData | the link key to be used by the joining node. |
This API opens a network for joining. It broadcasts a permit join to the network and adds a specified EUI64 and transient key pair if this device is a trust center. Only the node that matches the specified key pair is allowed to join the network.
Returns
An ::EmberStatus value describing the success or failure of the network opening procedure. If this node is not currently on a network, this will return ::EMBER_ERR_FATAL.
112
of file app/framework/plugin/network-creator-security/network-creator-security.h
emberAfPluginNetworkCreatorSecuritySetAllowRejoinsWithWellKnownKey#
EmberStatus emberAfPluginNetworkCreatorSecuritySetAllowRejoinsWithWellKnownKey (bool allow)
Set the insecure rejoin policy for devices using the well-known key.
N/A | allow |
This API sets the policy for Trust Center (insecure) rejoins for devices using the well-known key. Sending a network key to devices using the well- known key is a security risk and the default policy of the stack is to deny such rejoins. Calling this function to allow rejoins with the well-known key will allow the rejoins for a period of emAllowTcRejoinsUsingWellKnownKeyTimeoutSec seconds.
Returns
An ::EmberStatus value describing the success or failure of the policy change. If this node is not currently on a network, this will return ::EMBER_ERR_FATAL.
128
of file app/framework/plugin/network-creator-security/network-creator-security.h