OTAA Join Accept message

ChirpStack Application Server
1

Hi everyone!

I’m new to Lora world and thank you brocaar for this amazing lora server.

I’m not clear using which key, the join accept payload is encrypted (according to the specification its the AppKey isn’t it?) But I get a MIC validation error when I decrypt the received join accept payload and validate MIC using AppKey.

In the loraserver logs, records of a successful join request and the join accept message record sent for the request can be seen.

image
image.png2610×800 394 KB

I’m using Lorhammer by ITK, here is my modified code,

if (resp && incomingJoinResponses){ //Ensure its a response and a response for a join request

	var pullRespPacket loraserver_structs.PullRespPacket
	err := pullRespPacket.UnmarshalBinary(res)
	if err != nil {
		loggerGateway.WithError(err).Error("Error phy unmarshalling")
	}

	payloadBytes, err := base64.StdEncoding.DecodeString(pullRespPacket.Payload.TXPK.Data)

	phyPayload := lorawan.PHYPayload{MACPayload: &lorawan.JoinAcceptPayload{}}

	err = phyPayload.UnmarshalBinary(payloadBytes)
	if err != nil {
		loggerGateway.WithError(err).Error("Error phy payload unmarshalling")
	}

	err = phyPayload.DecryptJoinAcceptPayload(gateway.Nodes[nodeCount].AppKey)
	if err != nil {
		loggerGateway.WithError(err).Error("Error decrypting join accept payload")
	}

	joinAcceptPayload, ok := phyPayload.MACPayload.(*lorawan.JoinAcceptPayload)

	ok, err = phyPayload.ValidateMIC(gateway.Nodes[nodeCount].AppKey)

	fmt.Println("Join response MIC validation: ", ok)

	newAppSKey := lorawan.DeriveAppSKey(gateway.Nodes[nodeCount].AppKey, joinAcceptPayload.AppNonce, joinAcceptPayload.NetID, gateway.Nodes[nodeCount].DevNonce)

	newNwSKey := lorawan.DeriveNwkSKey(gateway.Nodes[nodeCount].AppKey, joinAcceptPayload.AppNonce, joinAcceptPayload.NetID, gateway.Nodes[nodeCount].DevNonce)

	gateway.Nodes[nodeCount].DevAddr = joinAcceptPayload.DevAddr //As device address generated in the server is not as same as device address made by lorhammer, replace it
	gateway.Nodes[nodeCount].AppSKey = newAppSKey
	gateway.Nodes[nodeCount].NwSKey = newNwSKey 
}

I have set the Device-profile’s SupportJoin enabled in the respective loraserver structure in Lorhammer.

I used this with lorawan-server by gotthardp and the OTAA worked afterwards.

Please help me to implement OTAA with loraserver.io too!

Thank you in advance! :slight_smile:

2

A common mistake is setting the LoRaWAN mac version wrong in the Device Profile (e.g. to 1.1.0 while the device supports 1.0.x). Note that there is a difference in the encryption scheme between 1.0 and 1.1.

2 Likes
3

Thank you very much!