Unable to parse the MLE Announce messages

[GhitaRk]

Hello,
I am using the OTNS simulator to create a network, then I take the pcap capture to parse it using the tools provided in "openthread-main\tests\scripts\thread-cert".
Here is the code :
def display_parsed_thread_packets(pcapng_path):
message_factory = config.create_default_thread_message_factory(network_key=config.DEFAULT_NETWORK_KEY)

capture = pyshark.FileCapture(pcapng_path, use_json=True, include_raw=True)
for i, packet in enumerate(capture):
    print(f"\nPacket #{i+1}:")
    packet_data = packet.get_raw_packet()
    message = message_factory.create(BytesIO(packet_data))
    [...]

Knowing that the network key in the otns is the default netkey, and this code parses all the other packets (all MLE, all ICMPv6 all coaps etc).
While it akes an error with the MLE announce packets :
Packet #1:
Traceback (most recent call last):
File "\TestParseurThread.py", line 113, in
display_parsed_thread_packets(pcapng_path)
File "\TestParseurThread.py", line 35, in display_parsed_thread_packets
message = message_factory.create(BytesIO(packet_data))
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "\openthread-main\tests\scripts\thread-cert\message.py", line 604, in create
mac_frame = self._parse_mac_frame(data)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "\openthread-main\tests\scripts\thread-cert\message.py", line 591, in _parse_mac_frame
mac_frame.parse(data)
File "\openthread-main\tests\scripts\thread-cert\mac802154.py", line 372, in parse
self.payload = MacPayload(bytearray(open_payload) + sec_obj.decrypt(private_payload, mic, message_info))
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "\openthread-main\tests\scripts\thread-cert\net_crypto.py", line 91, in decrypt
dec_data = cipher.decrypt_and_verify(bytes(enc_data), bytes(mic))
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Applications\Lib\site-packages\Crypto\Cipher_mode_ccm.py", line 597, in decrypt_and_verify
self.verify(received_mac_tag)
File "C:\Applications\Lib\site-packages\Crypto\Cipher_mode_ccm.py", line 538, in verify
raise ValueError("MAC check failed")
ValueError: MAC check failed

This error occurs eighter if the key is incorrect (which is not the case here), or if the mac part of the packet is not correctly parsed.

Do you have any idea of what might be the problem here please ?

[jwhui]

MLE Announce messages are protected using a different key than what is used to protect all other MLE messages.

[GhitaRk]

Thank you for the answer.
Could you please indicate me how this key is formed, or indicate me where to find more infos in the src/core files.

[jwhui]

See Thread Specification Section 7.2.2 for text specifically around "MAC Key ID Mode 2".

In the source code:

openthread/src/core/mac/mac.cpp

Line 903 in 8a8a4d8

case Frame::kKeyIdMode2:

[GhitaRk]

Thank you !
From what i understand, the key that should be passed in args is this :

message_factory = config.create_default_thread_message_factory(network_key=config.DEFAULT_NETWORK_KEY)
sec_obj = CryptoEngine(MacCryptoMaterialCreator(config.DEFAULT_NETWORK_KEY))

for all the packets. The difference is that for announces, the keyId mode 2 is used to generate the
key, nonce, auth_data = self._crypto_material_creator.create_key_and_nonce_and_authenticated_data(message_info)

I am right ? or the key that should be passed in the args of config.create_default_thread_message_factory() and CryptoEngine(MacCryptoMaterialCreator()) is a complete different one ?

[jwhui]

If you follow the code that I referenced above, it uses this key material:

openthread/src/core/mac/mac.cpp

Line 907 in 8a8a4d8

aFrame.SetAesKey(mMode2KeyMaterial);

Which is initialized with this key:

openthread/src/core/mac/mac.cpp

Lines 114 to 115 in 8a8a4d8

	static const otMacKey sMode2Key = {
	{0x78, 0x58, 0x16, 0x86, 0xfd, 0xb4, 0x58, 0x0f, 0xb0, 0x92, 0x54, 0x6a, 0xec, 0xbd, 0x15, 0x66}};

This is the same key that is specified in Thread Specification Section 7.2.2.