View Source Grizzly.ZWave.Security (grizzly v8.6.6)

Helpers for security

Summary

Types

key()
key_byte()
key_exchange_fail_type()

Possible key exchange failures

s2_key()

Functions

byte_to_keys(granted_keys_byte)
failed_type_from_byte(int)

Decode a byte representation of the key exchanged failed type

failed_type_to_byte(atom)
get_highest_level(keys)

Gets the highest security level key from a key list

key_from_byte(int)

Get the key represented by the given byte.

key_to_byte(atom)

Get the byte representation of a key.

keys()

Get the list of available security keys

keys_to_byte(keys)
validate_user_input_pin_length(n)

Validate the user input pin length, should be a 16 bit number

Types

key()

@type key() :: s2_key() | :s0

key_byte()

@type key_byte() :: 1 | 2 | 4 | 128

key_exchange_fail_type()

@type key_exchange_fail_type() ::
  :none
  | :key
  | :scheme
  | :curves
  | :decrypt
  | :cancel
  | :auth
  | :get
  | :verify
  | :report

Possible key exchange failures

  • :none - Bootstrapping was successful
  • :key - No match between requested and granted keys
  • :scheme - no scheme is supported by the controller or joining node
  • :decrypt - joining node failed to decrypt the input pin from the value. Wrong input value/DSK from user
  • :cancel - user has canceled the S2 bootstrapping
  • :auth - the echo kex change frame does not match the earlier exchanged frame
  • :get - the joining node requested a key that was not granted by the controller at an earlier stage
  • :verify - the joining node cannot verify and decrypt the exchanged key
  • :report - the including node transmitted a frame containing a different key than what was currently being exchanged

s2_key()

@type s2_key() :: :s2_unauthenticated | :s2_authenticated | :s2_access_control

Functions

byte_to_keys(granted_keys_byte)

@spec byte_to_keys(byte()) :: [key()]

failed_type_from_byte(int)

@spec failed_type_from_byte(byte()) :: key_exchange_fail_type()

Decode a byte representation of the key exchanged failed type

failed_type_to_byte(atom)

@spec failed_type_to_byte(key_exchange_fail_type()) :: byte()

get_highest_level(keys)

@spec get_highest_level([key()]) :: key() | :none

Gets the highest security level key from a key list

Since Z-Wave will work at the highest S2 security group available on a node, if multiple groups are in a list of keys it will assume that highest level is the security level of the node who provided this list.

If the node S0 security Z-Wave will response with granted keys with the lone key being S0.

key_from_byte(int)

@spec key_from_byte(key_byte()) :: key()

Get the key represented by the given byte.

key_to_byte(atom)

@spec key_to_byte(key()) :: key_byte()

Get the byte representation of a key.

The key :none is an invalid key to encode to, so this function does not support encoding to that key.

keys()

@spec keys() :: [key()]

Get the list of available security keys

keys_to_byte(keys)

@spec keys_to_byte([key()]) :: byte()

validate_user_input_pin_length(n)

@spec validate_user_input_pin_length(non_neg_integer()) :: :valid | :invalid

Validate the user input pin length, should be a 16 bit number