Node inclusion

To include a node start inclusion mode in the controller with Adapter.addNode(). Status about the inclusion are sent as NetworkManagementInclusion.NodeAddStatus messages

zipgateway send back secure inclusion callback using messages NetworkManagementInclusion.NodeAddKeysReport and NetworkManagementInclusion.NodeAddDSKReport

Non secure inclusion

To force the node to be included non secure respond to NodeAddKeysReport with a NodeAddKeysSet message with the attributes set to:

grantCSA = False
accept = False
grantedKeys = 0

await adapter.addNodeKeysSet(False, False, 0)

S0 inclusion

To force S0 inclusion respond to NodeAddKeysReport with the key set to SECURITY_0_NETWORK_KEY:

await adapter.addNodeKeysSet(False, True, NetworkManagementInclusion.Keys.SECURITY_0_NETWORK_KEY)

S2 inclusion

To continue with S2 bootstrapping respond the requested keys from the node to the controller:

async def messageReceived(self, _sender, message: Message):
  if isinstance(message, NodeAddKeysReport):
    await adapter.addNodeKeysSet(False, True, message.requestedKeys)

Depending on the security class requested the user may or may not complete the input of the DSK (device specific key). The controller uses the NetworkManagementInclusion.NodeAddDSKReport message for this. Example:

async def messageReceived(self, _sender, message: Message):
  if isinstance(message, NodeAddDSKReport):
    if message.inputDSKLength == 0:
       # Unauthenticated S2. No input from the user needed.
       # User may confirm the dsk in message.dsk is the same
       # as the label in the including node
       if await confirmDSK(message.dsk):
         await adapter.addNodeDSKSet(True, 0, b'')
       else:
         await adapter.addNodeDSKSet(False, 0, b'')
    else:
       # Let the user enter the missing section from the dsk
       # to finish S2 bootstrapping
       userInput = await requestUserInput(message)
       await adapter.addNodeDSKSet(True, message.inputDSKLength, userInput)