TEST/ZStack-2.5.1a/Components/stack/zdo/ZDSecMgr.c

/******************************************************************************
  Filename:       ZDSecMgr.c
  Revised:        $Date: 2012-02-16 13:22:48 -0800 (Thu, 16 Feb 2012) $
  Revision:       $Revision: 29339 $

  Description:    The ZigBee Device Security Manager.


  Copyright 2005-2012 Texas Instruments Incorporated. All rights reserved.

  IMPORTANT: Your use of this Software is limited to those specific rights
  granted under the terms of a software license agreement between the user
  who downloaded the software, his/her employer (which must be your employer)
  and Texas Instruments Incorporated (the "License"). You may not use this
  Software unless you agree to abide by the terms of the License. The License
  limits your use, and you acknowledge, that the Software may not be modified,
  copied or distributed unless embedded on a Texas Instruments microcontroller
  or used solely and exclusively in conjunction with a Texas Instruments radio
  frequency transceiver, which is integrated into your product. Other than for
  the foregoing purpose, you may not use, reproduce, copy, prepare derivative
  works of, modify, distribute, perform, display or sell this Software and/or
  its documentation for any purpose.

  YOU FURTHER ACKNOWLEDGE AND AGREE THAT THE SOFTWARE AND DOCUMENTATION ARE
  PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED,
  INCLUDING WITHOUT LIMITATION, ANY WARRANTY OF MERCHANTABILITY, TITLE,
  NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL
  TEXAS INSTRUMENTS OR ITS LICENSORS BE LIABLE OR OBLIGATED UNDER CONTRACT,
  NEGLIGENCE, STRICT LIABILITY, CONTRIBUTION, BREACH OF WARRANTY, OR OTHER
  LEGAL EQUITABLE THEORY ANY DIRECT OR INDIRECT DAMAGES OR EXPENSES
  INCLUDING BUT NOT LIMITED TO ANY INCIDENTAL, SPECIAL, INDIRECT, PUNITIVE
  OR CONSEQUENTIAL DAMAGES, LOST PROFITS OR LOST DATA, COST OF PROCUREMENT
  OF SUBSTITUTE GOODS, TECHNOLOGY, SERVICES, OR ANY CLAIMS BY THIRD PARTIES
  (INCLUDING BUT NOT LIMITED TO ANY DEFENSE THEREOF), OR OTHER SIMILAR COSTS.

  Should you have any questions regarding your right to use this Software,
  contact Texas Instruments Incorporated at www.TI.com.
******************************************************************************/

#ifdef __cplusplus
extern "C"
{
#endif

/******************************************************************************
 * INCLUDES
 */
#include "ZComdef.h"
#include "OSAL.h"
#include "OSAL_NV.h"
#include "ZGlobals.h"
#include "ssp.h"
#include "nwk_globals.h"
#include "nwk.h"
#include "NLMEDE.h"
#include "AddrMgr.h"
#include "AssocList.h"
#include "APSMEDE.h"
#include "ZDConfig.h"
#include "ZDSecMgr.h"

/******************************************************************************
 * CONSTANTS
 */
// maximum number of devices managed by this Security Manager
#if !defined ( ZDSECMGR_DEVICE_MAX )
  #define ZDSECMGR_DEVICE_MAX 3
#endif

// total number of preconfigured devices (EXT address, MASTER key)
//devtag.pro.security
//#define ZDSECMGR_PRECONFIG_MAX ZDSECMGR_DEVICE_MAX
#define ZDSECMGR_PRECONFIG_MAX 0

// maximum number of MASTER keys this device may hold
#define ZDSECMGR_MASTERKEY_MAX ZDSECMGR_DEVICE_MAX

// maximum number of LINK keys this device may store
#define ZDSECMGR_ENTRY_MAX ZDSECMGR_DEVICE_MAX

// total number of devices under control - authentication, SKKE, etc.
#define ZDSECMGR_CTRL_MAX ZDSECMGR_DEVICE_MAX

// total number of stored devices
#if !defined ( ZDSECMGR_STORED_DEVICES )
  #define ZDSECMGR_STORED_DEVICES 3
#endif

// Total number of preconfigured trust center link key
#if !defined ( ZDSECMGR_TC_DEVICE_MAX )
  #define ZDSECMGR_TC_DEVICE_MAX 1
#endif

#if ( ZDSECMGR_TC_DEVICE_MAX < 1 ) || ( ZDSECMGR_TC_DEVICE_MAX > 255 )
  #error "ZDSECMGR_TC_DEVICE_MAX shall be between 1 and 255 !"
#endif

#define ZDSECMGR_CTRL_NONE       0
#define ZDSECMGR_CTRL_INIT       1
#define ZDSECMGR_CTRL_TK_MASTER  2
#define ZDSECMGR_CTRL_SKKE_INIT  3
#define ZDSECMGR_CTRL_SKKE_WAIT  4
#define ZDSECMGR_CTRL_SKKE_DONE  5
#define ZDSECMGR_CTRL_SKKE_FAIL  6
#define ZDSECMGR_CTRL_TK_NWK     7

#define ZDSECMGR_CTRL_BASE_CNTR      1
#define ZDSECMGR_CTRL_SKKE_INIT_CNTR 1
#define ZDSECMGR_CTRL_TK_NWK_CNTR    1

// set SKA slot maximum
#define ZDSECMGR_SKA_SLOT_MAX 1

// APSME Stub Implementations
#define ZDSecMgrMasterKeyGet   APSME_MasterKeyGet
#define ZDSecMgrLinkKeySet     APSME_LinkKeySet
#define ZDSecMgrLinkKeyNVIdGet APSME_LinkKeyNVIdGet
#define ZDSecMgrKeyFwdToChild  APSME_KeyFwdToChild
#define ZDSecMgrIsLinkKeyValid APSME_IsLinkKeyValid

/******************************************************************************
 * TYPEDEFS
 */
typedef struct
{
  uint8 extAddr[Z_EXTADDR_LEN];
  uint8 key[SEC_KEY_LEN];
} ZDSecMgrPreConfigData_t;

typedef struct
{
  uint16 ami;
  uint8  key[SEC_KEY_LEN];
} ZDSecMgrMasterKeyData_t;

typedef struct
{
  uint16            ami;
  uint16            keyNvId;   // index to the Link Key table in NV
  ZDSecMgr_Authentication_Option authenticateOption;
} ZDSecMgrEntry_t;

typedef struct
{
  ZDSecMgrEntry_t* entry;
  uint16           parentAddr;
  uint8            secure;
  uint8            state;
  uint8            cntr;
} ZDSecMgrCtrl_t;

typedef struct
{
  uint16          nwkAddr;
  uint8*          extAddr;
  uint16          parentAddr;
  uint8           secure;
  uint8           devStatus;
  ZDSecMgrCtrl_t* ctrl;
} ZDSecMgrDevice_t;

/******************************************************************************
 * LOCAL VARIABLES
 */
#if 0 // Taken out because the following functionality is only used for test
      // purpose. A more efficient (above) way is used. It can be put
      // back in if customers request for a white/black list feature.
uint8 ZDSecMgrStoredDeviceList[ZDSECMGR_STORED_DEVICES][Z_EXTADDR_LEN] =
{
  { 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
  { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
  { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
};
#endif

uint8 ZDSecMgrTCExtAddr[Z_EXTADDR_LEN]=
  { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };

// Key data is put in CONST area for security reasons
CONST uint8 ZDSecMgrTCMasterKey[SEC_KEY_LEN] =
  {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
   0x89,0x67,0x45,0x23,0x01,0xEF,0xCD,0xAB};

uint8 ZDSecMgrTCAuthenticated = FALSE;

//devtag.pro.security - remove this
#if ( ZDSECMGR_PRECONFIG_MAX != 0 )
const ZDSecMgrPreConfigData_t ZDSecMgrPreConfigData[ZDSECMGR_PRECONFIG_MAX] =
{
  //---------------------------------------------------------------------------
  // DEVICE A
  //---------------------------------------------------------------------------
  {
    // extAddr
    {0x7C,0x01,0x12,0x13,0x14,0x15,0x16,0x17},

    // key
    {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
     0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}
  },
  //---------------------------------------------------------------------------
  // DEVICE B
  //---------------------------------------------------------------------------
  {
    // extAddr
    {0x84,0x03,0x00,0x00,0x00,0x4B,0x12,0x00},

    // key
    {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
     0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}
  },
  //---------------------------------------------------------------------------
  // DEVICE C
  //---------------------------------------------------------------------------
  {
    // extAddr
    {0x3E,0x01,0x12,0x13,0x14,0x15,0x16,0x17},

    // key
    {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
     0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}
  },
};
#endif // ( ZDSECMGR_PRECONFIG_MAX != 0 )

ZDSecMgrEntry_t* ZDSecMgrEntries  = NULL;
ZDSecMgrCtrl_t*  ZDSecMgrCtrlData = NULL;
void ZDSecMgrAddrMgrUpdate( uint16 ami, uint16 nwkAddr );
void ZDSecMgrAddrMgrCB( uint8 update, AddrMgrEntry_t* newEntry, AddrMgrEntry_t* oldEntry );

uint8 ZDSecMgrPermitJoiningEnabled;
uint8 ZDSecMgrPermitJoiningTimed;

APSME_TCLinkKey_t TrustCenterLinkKey;

APSME_ApsLinkKeyFrmCntr_t ApsLinkKeyFrmCntr[ZDSECMGR_ENTRY_MAX];
APSME_TCLinkKeyFrmCntr_t TCLinkKeyFrmCntr[ZDSECMGR_TC_DEVICE_MAX];

/******************************************************************************
 * PRIVATE FUNCTIONS
 *
 *   ZDSecMgrMasterKeyInit
 *   ZDSecMgrAddrStore
 *   ZDSecMgrExtAddrStore
 *   ZDSecMgrExtAddrLookup
 *   ZDSecMgrMasterKeyLookup
 *   ZDSecMgrMasterKeyStore
 *   ZDSecMgrEntryInit
 *   ZDSecMgrEntryLookup
 *   ZDSecMgrEntryLookupAMI
 *   ZDSecMgrEntryLookupExt
 *   ZDSecMgrEntryLookupExtGetIndex
 *   ZDSecMgrEntryFree
 *   ZDSecMgrEntryNew
 *   ZDSecMgrCtrlInit
 *   ZDSecMgrCtrlRelease
 *   ZDSecMgrCtrlLookup
 *   ZDSecMgrCtrlSet
 *   ZDSecMgrCtrlAdd
 *   ZDSecMgrCtrlTerm
 *   ZDSecMgrCtrlReset
 *   ZDSecMgrMasterKeyLoad
 *   ZDSecMgrAppKeyGet
 *   ZDSecMgrAppKeyReq
 *   ZDSecMgrEstablishKey
 *   ZDSecMgrSendMasterKey
 *   ZDSecMgrSendNwkKey
 *   ZDSecMgrDeviceEntryRemove
 *   ZDSecMgrDeviceEntryAdd
 *   ZDSecMgrDeviceCtrlHandler
 *   ZDSecMgrDeviceCtrlSetup
 *   ZDSecMgrDeviceCtrlUpdate
 *   ZDSecMgrDeviceRemove
 *   ZDSecMgrDeviceValidateSKKE
 *   ZDSecMgrDeviceValidateRM
 *   ZDSecMgrDeviceValidateCM
 *   ZDSecMgrDeviceValidate
 *   ZDSecMgrDeviceJoin
 *   ZDSecMgrDeviceJoinDirect
 *   ZDSecMgrDeviceJoinFwd
 *   ZDSecMgrDeviceNew
 *   ZDSecMgrAssocDeviceAuth
 *   ZDSecMgrAuthInitiate
 *   ZDSecMgrAuthNwkKey
 *   APSME_TCLinkKeyInit
 *   APSME_IsDefaultTCLK
 */
//-----------------------------------------------------------------------------
// master key data
//-----------------------------------------------------------------------------
void ZDSecMgrMasterKeyInit( void );

//-----------------------------------------------------------------------------
// address management
//-----------------------------------------------------------------------------
ZStatus_t ZDSecMgrAddrStore( uint16 nwkAddr, uint8* extAddr, uint16* ami );
ZStatus_t ZDSecMgrExtAddrStore( uint16 nwkAddr, uint8* extAddr, uint16* ami );
ZStatus_t ZDSecMgrExtAddrLookup( uint8* extAddr, uint16* ami );

//-----------------------------------------------------------------------------
// Trust Center management
//-----------------------------------------------------------------------------
uint8 ZDSecMgrTCExtAddrCheck( uint8* extAddr );
void ZDSecMgrTCDataLoad( uint8* extAddr );

//-----------------------------------------------------------------------------
// MASTER key data
//-----------------------------------------------------------------------------
ZStatus_t ZDSecMgrMasterKeyLookup( uint16 ami, uint16* pKeyNvId );
ZStatus_t ZDSecMgrMasterKeyStore( uint16 ami, uint8* key );

//-----------------------------------------------------------------------------
// entry data
//-----------------------------------------------------------------------------
void ZDSecMgrEntryInit(uint8 state);
ZStatus_t ZDSecMgrEntryLookup( uint16 nwkAddr, ZDSecMgrEntry_t** entry );
ZStatus_t ZDSecMgrEntryLookupAMI( uint16 ami, ZDSecMgrEntry_t** entry );
ZStatus_t ZDSecMgrEntryLookupExt( uint8* extAddr, ZDSecMgrEntry_t** entry );
ZStatus_t ZDSecMgrEntryLookupExtGetIndex( uint8* extAddr, ZDSecMgrEntry_t** entry, uint16* entryIndex );
ZStatus_t ZDSecMgrEntryLookupAMIGetIndex( uint16 ami, uint16* entryIndex );
void ZDSecMgrEntryFree( ZDSecMgrEntry_t* entry );
ZStatus_t ZDSecMgrEntryNew( ZDSecMgrEntry_t** entry );
ZStatus_t ZDSecMgrAuthenticationSet( uint8* extAddr, ZDSecMgr_Authentication_Option option );
void ZDSecMgrApsLinkKeyInit(void);
#if defined ( NV_RESTORE )
static void ZDSecMgrWriteNV(void);
static void ZDSecMgrRestoreFromNV(void);
static void ZDSecMgrUpdateNV( uint16 index );
#endif

//-----------------------------------------------------------------------------
// control data
//-----------------------------------------------------------------------------
void ZDSecMgrCtrlInit( void );
void ZDSecMgrCtrlRelease( ZDSecMgrCtrl_t* ctrl );
void ZDSecMgrCtrlLookup( ZDSecMgrEntry_t* entry, ZDSecMgrCtrl_t** ctrl );
void ZDSecMgrCtrlSet( ZDSecMgrDevice_t* device,
                      ZDSecMgrEntry_t*  entry,
                      ZDSecMgrCtrl_t*   ctrl );
ZStatus_t ZDSecMgrCtrlAdd( ZDSecMgrDevice_t* device, ZDSecMgrEntry_t*  entry );
void ZDSecMgrCtrlTerm( ZDSecMgrEntry_t* entry );
ZStatus_t ZDSecMgrCtrlReset( ZDSecMgrDevice_t* device,
                             ZDSecMgrEntry_t*  entry );

//-----------------------------------------------------------------------------
// key support
//-----------------------------------------------------------------------------
ZStatus_t ZDSecMgrMasterKeyLoad( uint8* extAddr, uint8* key );
ZStatus_t ZDSecMgrAppKeyGet( uint16  initNwkAddr,
                             uint8*  initExtAddr,
                             uint16  partNwkAddr,
                             uint8*  partExtAddr,
                             uint8** key,
                             uint8*  keyType );
void ZDSecMgrAppKeyReq( ZDO_RequestKeyInd_t* ind );
ZStatus_t ZDSecMgrEstablishKey( ZDSecMgrDevice_t* device );
ZStatus_t ZDSecMgrSendMasterKey( ZDSecMgrDevice_t* device );
ZStatus_t ZDSecMgrSendNwkKey( ZDSecMgrDevice_t* device );
void ZDSecMgrNwkKeyInit(uint8 setDefault);

//-----------------------------------------------------------------------------
// device entry
//-----------------------------------------------------------------------------
void ZDSecMgrDeviceEntryRemove( ZDSecMgrEntry_t* entry );
ZStatus_t ZDSecMgrDeviceEntryAdd( ZDSecMgrDevice_t* device, uint16 ami );

//-----------------------------------------------------------------------------
// device control
//-----------------------------------------------------------------------------
void ZDSecMgrDeviceCtrlHandler( ZDSecMgrDevice_t* device );
void ZDSecMgrDeviceCtrlSetup( ZDSecMgrDevice_t* device );
void ZDSecMgrDeviceCtrlUpdate( uint8* extAddr, uint8 state );

//-----------------------------------------------------------------------------
// device management
//-----------------------------------------------------------------------------
void ZDSecMgrDeviceRemove( ZDSecMgrDevice_t* device );
ZStatus_t ZDSecMgrDeviceValidateSKKE( ZDSecMgrDevice_t* device );
ZStatus_t ZDSecMgrDeviceValidateRM( ZDSecMgrDevice_t* device );
ZStatus_t ZDSecMgrDeviceValidateCM( ZDSecMgrDevice_t* device );
ZStatus_t ZDSecMgrDeviceValidate( ZDSecMgrDevice_t* device );
ZStatus_t ZDSecMgrDeviceJoin( ZDSecMgrDevice_t* device );
ZStatus_t ZDSecMgrDeviceJoinDirect( ZDSecMgrDevice_t* device );
ZStatus_t ZDSecMgrDeviceJoinFwd( ZDSecMgrDevice_t* device );
ZStatus_t ZDSecMgrDeviceNew( ZDSecMgrDevice_t* device );

//-----------------------------------------------------------------------------
// association management
//-----------------------------------------------------------------------------
void ZDSecMgrAssocDeviceAuth( associated_devices_t* assoc );

//-----------------------------------------------------------------------------
// authentication management
//-----------------------------------------------------------------------------
void ZDSecMgrAuthInitiate( uint8* responder );
void ZDSecMgrAuthNwkKey( void );

//-----------------------------------------------------------------------------
// APSME function
//-----------------------------------------------------------------------------
void APSME_TCLinkKeyInit( uint8 setDefault );
uint8 APSME_IsDefaultTCLK( uint8 *extAddr );

/******************************************************************************
 * @fn          ZDSecMgrMasterKeyInit                     ]
 *
 * @brief       Initialize master key data in NV
 *
 * @param       none
 *
 * @return      none
 */
void ZDSecMgrMasterKeyInit( void )
{
  uint16 index;
  ZDSecMgrMasterKeyData_t   masterKeyData;

  masterKeyData.ami = INVALID_NODE_ADDR;

  osal_memset( &masterKeyData.key, 0x00, SEC_KEY_LEN );

  for ( index = 0; index < ZDSECMGR_MASTERKEY_MAX; index++ )
  {
    if ( osal_nv_item_init( (ZCD_NV_MASTER_KEY_DATA_START + index),
                       sizeof(ZDSecMgrMasterKeyData_t), &masterKeyData) == SUCCESS)
    {
      // the item already exists in NV just needs to be set to default values
      osal_nv_write( (ZCD_NV_MASTER_KEY_DATA_START + index), 0,
                      sizeof(ZDSecMgrMasterKeyData_t), &masterKeyData );
    }
  }
}

/******************************************************************************
 * @fn          ZDSecMgrAddrStore
 *
 * @brief       Store device addresses.
 *
 * @param       nwkAddr - [in] NWK address
 * @param       extAddr - [in] EXT address
 * @param       ami     - [out] Address Manager index
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrAddrStore( uint16 nwkAddr, uint8* extAddr, uint16* ami )
{
  ZStatus_t      status;
  AddrMgrEntry_t entry;


  // add entry
  entry.user    = ADDRMGR_USER_SECURITY;
  entry.nwkAddr = nwkAddr;
  AddrMgrExtAddrSet( entry.extAddr, extAddr );

  if ( AddrMgrEntryUpdate( &entry ) == TRUE )
  {
    // return successful results
    *ami   = entry.index;
    status = ZSuccess;
  }
  else
  {
    // return failed results
    *ami   = entry.index;
    status = ZNwkUnknownDevice;
  }

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrExtAddrStore
 *
 * @brief       Store EXT address.
 *
 * @param       extAddr - [in] EXT address
 * @param       ami     - [out] Address Manager index
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrExtAddrStore( uint16 nwkAddr, uint8* extAddr, uint16* ami )
{
  ZStatus_t      status;
  AddrMgrEntry_t entry;


  // add entry
  entry.user    = ADDRMGR_USER_SECURITY;
  entry.nwkAddr = nwkAddr;
  AddrMgrExtAddrSet( entry.extAddr, extAddr );

  if ( AddrMgrEntryUpdate( &entry ) == TRUE )
  {
    // return successful results
    *ami   = entry.index;
    status = ZSuccess;
  }
  else
  {
    // return failed results
    *ami   = entry.index;
    status = ZNwkUnknownDevice;
  }

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrExtAddrLookup
 *
 * @brief       Lookup index for specified EXT address.
 *
 * @param       extAddr - [in] EXT address
 * @param       ami     - [out] Address Manager index
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrExtAddrLookup( uint8* extAddr, uint16* ami )
{
  ZStatus_t      status;
  AddrMgrEntry_t entry;


  // lookup entry
  entry.user = ADDRMGR_USER_SECURITY;
  AddrMgrExtAddrSet( entry.extAddr, extAddr );

  if ( AddrMgrEntryLookupExt( &entry ) == TRUE )
  {
    // return successful results
    *ami   = entry.index;
    status = ZSuccess;
  }
  else
  {
    // return failed results
    *ami   = entry.index;
    status = ZNwkUnknownDevice;
  }

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrAddrClear
 *
 * @brief       Clear security bit from Address Manager for specific device.
 *
 * @param       extAddr - [in] EXT address
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrAddrClear( uint8* extAddr )
{
  ZStatus_t status;
  uint16 entryAmi;

  // get Address Manager Index
  status = ZDSecMgrExtAddrLookup( extAddr, &entryAmi );

  if ( status == ZSuccess )
  {
    AddrMgrEntry_t addrEntry;

    // Clear SECURITY User bit from the address manager
    addrEntry.user = ADDRMGR_USER_SECURITY;
    addrEntry.index = entryAmi;

    if ( AddrMgrEntryRelease( &addrEntry ) != TRUE )
    {
      // return failure results
      status = ZFailure;
    }
  }

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrMasterKeyLookup
 *
 * @brief       Lookup MASTER key for specified address index.
 *
 * @param       ami - [in] Address Manager index
 * @param       pKeyNvId - [out] MASTER key NV ID
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrMasterKeyLookup( uint16 ami, uint16* pKeyNvId )
{
  uint16 index;
  ZDSecMgrMasterKeyData_t masterKeyData;


  for ( index = 0; index < ZDSECMGR_MASTERKEY_MAX ; index++ )
  {
    // Read entry index of the Master key table from NV
    osal_nv_read( (ZCD_NV_MASTER_KEY_DATA_START + index), 0,
                  sizeof(ZDSecMgrMasterKeyData_t), &masterKeyData );

    if ( masterKeyData.ami == ami )
    {
      // return successful results
      *pKeyNvId   = ZCD_NV_MASTER_KEY_DATA_START + index;

      // clear copy of key in RAM
      osal_memset(&masterKeyData, 0x00, sizeof(ZDSecMgrMasterKeyData_t));

      return ZSuccess;
    }
  }

  *pKeyNvId = SEC_NO_KEY_NV_ID;

  // clear copy of key in RAM
  osal_memset(&masterKeyData, 0x00, sizeof(ZDSecMgrMasterKeyData_t));

  return ZNwkUnknownDevice;
}

/******************************************************************************
 * @fn          ZDSecMgrMasterKeyStore
 *
 * @brief       Store MASTER key for specified address index.
 *
 * @param       ami - [in] Address Manager index
 * @param       key - [in] valid key to store
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrMasterKeyStore( uint16 ami, uint8* key )
{
  uint16    index;
  ZDSecMgrMasterKeyData_t   masterKeyData;


  for ( index = 0; index < ZDSECMGR_MASTERKEY_MAX ; index++ )
  {
    // Read entry index of the Master key table from NV
    osal_nv_read( (ZCD_NV_MASTER_KEY_DATA_START + index), 0,
                   sizeof(ZDSecMgrMasterKeyData_t), &masterKeyData );

    if ( masterKeyData.ami == INVALID_NODE_ADDR )
    {
      // store EXT address index
      masterKeyData.ami = ami;

      if ( key != NULL )
      {
        osal_memcpy( masterKeyData.key, key,  SEC_KEY_LEN );
      }
      else
      {
        osal_memset( masterKeyData.key, 0, SEC_KEY_LEN );
      }

      // set new values in NV
      osal_nv_write( (ZCD_NV_MASTER_KEY_DATA_START + index), 0,
                      sizeof(ZDSecMgrMasterKeyData_t), &masterKeyData );

      // clear copy of key in RAM
      osal_memset( &masterKeyData, 0x00, sizeof(ZDSecMgrMasterKeyData_t) );

      // return successful results
      return ZSuccess;
    }
  }

  // clear copy of key in RAM
  osal_memset( &masterKeyData, 0x00, sizeof(ZDSecMgrMasterKeyData_t) );

  return ZNwkUnknownDevice;
}

/******************************************************************************
 * @fn          ZDSecMgrEntryInit
 *
 * @brief       Initialize entry sub module
 *
 * @param       state - device initialization state
 *
 * @return      none
 */
void ZDSecMgrEntryInit(uint8 state)
{
  if (ZDSecMgrEntries == NULL)
  {
    uint16 index;

    if ((ZDSecMgrEntries = osal_mem_alloc(sizeof(ZDSecMgrEntry_t) * ZDSECMGR_ENTRY_MAX)) == NULL)
    {
      return;
    }

    for (index = 0; index < ZDSECMGR_ENTRY_MAX; index++)
    {
      ZDSecMgrEntries[index].ami = INVALID_NODE_ADDR;

      ZDSecMgrEntries[index].keyNvId = SEC_NO_KEY_NV_ID;
    }
  }

#if defined NV_RESTORE
  if (state == ZDO_INITDEV_RESTORED_NETWORK_STATE)
  {
    ZDSecMgrRestoreFromNV();
  }
#else
  (void)state;
#endif
}

/******************************************************************************
 * @fn          ZDSecMgrEntryLookup
 *
 * @brief       Lookup entry index using specified NWK address.
 *
 * @param       nwkAddr - [in] NWK address
 * @param       entry   - [out] valid entry
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrEntryLookup( uint16 nwkAddr, ZDSecMgrEntry_t** entry )
{
  uint16         index;
  AddrMgrEntry_t addrMgrEntry;

  // initialize results
  *entry = NULL;

  // verify data is available
  if ( ZDSecMgrEntries != NULL )
  {
    addrMgrEntry.user    = ADDRMGR_USER_SECURITY;
    addrMgrEntry.nwkAddr = nwkAddr;

    if ( AddrMgrEntryLookupNwk( &addrMgrEntry ) == TRUE )
    {
      for ( index = 0; index < ZDSECMGR_ENTRY_MAX ; index++ )
      {
        if ( addrMgrEntry.index == ZDSecMgrEntries[index].ami )
        {
          // return successful results
          *entry = &ZDSecMgrEntries[index];

          // break from loop
          return ZSuccess;
        }
      }
    }
  }

  return ZNwkUnknownDevice;
}

/******************************************************************************
 * @fn          ZDSecMgrEntryLookupAMI
 *
 * @brief       Lookup entry using specified address index
 *
 * @param       ami   - [in] Address Manager index
 * @param       entry - [out] valid entry
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrEntryLookupAMI( uint16 ami, ZDSecMgrEntry_t** entry )
{
  uint16 index;

  // initialize results
  *entry = NULL;

  // verify data is available
  if ( ZDSecMgrEntries != NULL )
  {
    for ( index = 0; index < ZDSECMGR_ENTRY_MAX ; index++ )
    {
      if ( ZDSecMgrEntries[index].ami == ami )
      {
        // return successful results
        *entry = &ZDSecMgrEntries[index];

        // break from loop
        return ZSuccess;
      }
    }
  }

  return ZNwkUnknownDevice;
}

/******************************************************************************
 * @fn          ZDSecMgrEntryLookupExt
 *
 * @brief       Lookup entry index using specified EXT address.
 *
 * @param       extAddr - [in] EXT address
 * @param       entry   - [out] valid entry
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrEntryLookupExt( uint8* extAddr, ZDSecMgrEntry_t** entry )
{
  ZStatus_t status;
  uint16    ami;

  // initialize results
  *entry = NULL;
  status = ZNwkUnknownDevice;

  // lookup address index
  if ( ZDSecMgrExtAddrLookup( extAddr, &ami ) == ZSuccess )
  {
    status = ZDSecMgrEntryLookupAMI( ami, entry );
  }

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrEntryLookupExtGetIndex
 *
 * @brief       Lookup entry index using specified EXT address.
 *
 * @param       extAddr - [in] EXT address
 * @param       entryIndex - [out] valid index to the entry table
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrEntryLookupExtGetIndex( uint8* extAddr, ZDSecMgrEntry_t** entry, uint16* entryIndex )
{
  uint16 ami;
  uint16 index;

  // lookup address index
  if ( ZDSecMgrExtAddrLookup( extAddr, &ami ) == ZSuccess )
  {
    // verify data is available
    if ( ZDSecMgrEntries != NULL )
    {
      for ( index = 0; index < ZDSECMGR_ENTRY_MAX ; index++ )
      {
        if ( ZDSecMgrEntries[index].ami == ami )
        {
          // return successful results
          *entry = &ZDSecMgrEntries[index];
          *entryIndex = index;

          // break from loop
          return ZSuccess;
        }
      }
    }
  }

  return ZNwkUnknownDevice;
}

/******************************************************************************
 * @fn          ZDSecMgrEntryLookupAMIGetIndex
 *
 * @brief       Lookup entry using specified address index
 *
 * @param       ami   - [in] Address Manager index
 * @param       entryIndex - [out] valid index to the entry table
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrEntryLookupAMIGetIndex( uint16 ami, uint16* entryIndex )
{
  uint16 index;

  // verify data is available
  if ( ZDSecMgrEntries != NULL )
  {
    for ( index = 0; index < ZDSECMGR_ENTRY_MAX ; index++ )
    {
      if ( ZDSecMgrEntries[index].ami == ami )
      {
        // return successful results
        *entryIndex = index;

        // break from loop
        return ZSuccess;
      }
    }
  }

  return ZNwkUnknownDevice;
}

/******************************************************************************
 * @fn          ZDSecMgrEntryFree
 *
 * @brief       Free entry.
 *
 * @param       entry - [in] valid entry
 *
 * @return      ZStatus_t
 */
void ZDSecMgrEntryFree( ZDSecMgrEntry_t* entry )
{
  APSME_LinkKeyData_t   *pApsLinkKey = NULL;

#if defined ( NV_RESTORE )
  ZStatus_t status;
  uint16 entryIndex;

  status = ZDSecMgrEntryLookupAMIGetIndex( entry->ami, &entryIndex );
#endif

  pApsLinkKey = (APSME_LinkKeyData_t *)osal_mem_alloc(sizeof(APSME_LinkKeyData_t));

  if (pApsLinkKey != NULL)
  {
    osal_memset( pApsLinkKey, 0x00, sizeof(APSME_LinkKeyData_t) );

    // Clear the APS Link key in NV
    osal_nv_write( entry->keyNvId, 0,
                        sizeof(APSME_LinkKeyData_t), pApsLinkKey);

    // set entry to invalid Key
    entry->keyNvId = SEC_NO_KEY_NV_ID;

    osal_mem_free(pApsLinkKey);
  }

  // marking the entry as INVALID_NODE_ADDR
  entry->ami = INVALID_NODE_ADDR;

  // set to default value
  entry->authenticateOption = ZDSecMgr_Not_Authenticated;

#if defined ( NV_RESTORE )
  if ( status == ZSuccess )
  {
    ZDSecMgrUpdateNV(entryIndex);
  }
#endif
}

/******************************************************************************
 * @fn          ZDSecMgrEntryNew
 *
 * @brief       Get a new entry.
 *
 * @param       entry - [out] valid entry
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrEntryNew( ZDSecMgrEntry_t** entry )
{
  uint16 index;

  // initialize results
  *entry = NULL;

  // verify data is available
  if ( ZDSecMgrEntries != NULL )
  {
    // find available entry
    for ( index = 0; index < ZDSECMGR_ENTRY_MAX ; index++ )
    {
      if ( ZDSecMgrEntries[index].ami == INVALID_NODE_ADDR )
      {
        // return successful result
        *entry = &ZDSecMgrEntries[index];

        // Set the authentication option to default
        ZDSecMgrEntries[index].authenticateOption = ZDSecMgr_Not_Authenticated;

        // break from loop
        return ZSuccess;
      }
    }
  }

  return ZNwkUnknownDevice;
}

/******************************************************************************
 * @fn          ZDSecMgrCtrlInit
 *
 * @brief       Initialize control sub module
 *
 * @param       none
 *
 * @return      none
 */
void ZDSecMgrCtrlInit( void )
{
  uint16 size;
  uint16 index;

  // allocate entry data
  size = (short)( sizeof(ZDSecMgrCtrl_t) * ZDSECMGR_CTRL_MAX );

  ZDSecMgrCtrlData = osal_mem_alloc( size );

  // initialize data
  if ( ZDSecMgrCtrlData != NULL )
  {
    for( index = 0; index < ZDSECMGR_CTRL_MAX; index++ )
    {
      ZDSecMgrCtrlData[index].state = ZDSECMGR_CTRL_NONE;
    }
  }
}

/******************************************************************************
 * @fn          ZDSecMgrCtrlRelease
 *
 * @brief       Release control data.
 *
 * @param       ctrl - [in] valid control data
 *
 * @return      none
 */
void ZDSecMgrCtrlRelease( ZDSecMgrCtrl_t* ctrl )
{
  // should always be enough entry control data
  ctrl->state = ZDSECMGR_CTRL_NONE;
}

/******************************************************************************
 * @fn          ZDSecMgrCtrlLookup
 *
 * @brief       Lookup control data.
 *
 * @param       entry - [in] valid entry data
 * @param       ctrl  - [out] control data - NULL if not found
 *
 * @return      none
 */
void ZDSecMgrCtrlLookup( ZDSecMgrEntry_t* entry, ZDSecMgrCtrl_t** ctrl )
{
  uint16 index;

  // initialize search results
  *ctrl = NULL;

  // verify data is available
  if ( ZDSecMgrCtrlData != NULL )
  {
    for ( index = 0; index < ZDSECMGR_CTRL_MAX; index++ )
    {
      // make sure control data is in use
      if ( ZDSecMgrCtrlData[index].state != ZDSECMGR_CTRL_NONE )
      {
        // check for entry match
        if ( ZDSecMgrCtrlData[index].entry == entry )
        {
          // return this control data
          *ctrl = &ZDSecMgrCtrlData[index];

          // break from loop
          return;
        }
      }
    }
  }
}

/******************************************************************************
 * @fn          ZDSecMgrCtrlSet
 *
 * @brief       Set control data.
 *
 * @param       device - [in] valid device data
 * @param       entry  - [in] valid entry data
 * @param       ctrl   - [in] valid control data
 *
 * @return      none
 */
void ZDSecMgrCtrlSet( ZDSecMgrDevice_t* device,
                      ZDSecMgrEntry_t*  entry,
                      ZDSecMgrCtrl_t*   ctrl )
{
  // set control date
  ctrl->parentAddr = device->parentAddr;
  ctrl->secure     = device->secure;
  ctrl->entry      = entry;
  ctrl->state      = ZDSECMGR_CTRL_INIT;
  ctrl->cntr       = 0;

  // set device pointer
  device->ctrl = ctrl;
}

/******************************************************************************
 * @fn          ZDSecMgrCtrlAdd
 *
 * @brief       Add control data.
 *
 * @param       device - [in] valid device data
 * @param       entry  - [in] valid entry data
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrCtrlAdd( ZDSecMgrDevice_t* device, ZDSecMgrEntry_t*  entry )
{
  uint16 index;

  // verify data is available
  if ( ZDSecMgrCtrlData != NULL )
  {
    // look for an empty slot
    for ( index = 0; index < ZDSECMGR_CTRL_MAX; index++ )
    {
      if ( ZDSecMgrCtrlData[index].state == ZDSECMGR_CTRL_NONE )
      {
        // return successful results
        ZDSecMgrCtrlSet( device, entry, &ZDSecMgrCtrlData[index] );

        // break from loop
        return ZSuccess;
      }
    }
  }

  return ZNwkUnknownDevice;
}

/******************************************************************************
 * @fn          ZDSecMgrCtrlTerm
 *
 * @brief       Terminate device control.
 *
 * @param       entry - [in] valid entry data
 *
 * @return      none
 */
void ZDSecMgrCtrlTerm( ZDSecMgrEntry_t* entry )
{
  ZDSecMgrCtrl_t* ctrl;

  // remove device from control data
  ZDSecMgrCtrlLookup ( entry, &ctrl );

  if ( ctrl != NULL )
  {
    ZDSecMgrCtrlRelease ( ctrl );
  }
}

/******************************************************************************
 * @fn          ZDSecMgrCtrlReset
 *
 * @brief       Reset control data.
 *
 * @param       device - [in] valid device data
 * @param       entry  - [in] valid entry data
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrCtrlReset( ZDSecMgrDevice_t* device, ZDSecMgrEntry_t* entry )
{
  ZStatus_t       status;
  ZDSecMgrCtrl_t* ctrl;

  // initialize results
  status = ZNwkUnknownDevice;

  // look for a match for the entry
  ZDSecMgrCtrlLookup( entry, &ctrl );

  if ( ctrl != NULL )
  {
    ZDSecMgrCtrlSet( device, entry, ctrl );

    status = ZSuccess;
  }
  else
  {
    status = ZDSecMgrCtrlAdd( device, entry );
  }

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrMasterKeyLoad
 *
 * @brief       Load the MASTER key for device with specified EXT
 *              address.
 *
 * @param       extAddr - [in] EXT address of device
 * @param       key     - [in] MASTER key shared with device
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrMasterKeyLoad( uint8* extAddr, uint8* key )
{
  ZStatus_t status;
  uint16 ami;
  uint16 keyNvId;

  // set status based on policy
  status = ZDSecMgrExtAddrLookup( extAddr, &ami );

  if ( status == ZSuccess )
  {
    // get the address NV ID
    if ( ZDSecMgrMasterKeyLookup( ami, &keyNvId ) == ZSuccess )
    {
      // overwrite old key in NV
      osal_nv_write( keyNvId, osal_offsetof(ZDSecMgrMasterKeyData_t, key),
                     SEC_KEY_LEN, key );
    }
    else
    {
      // store new key -- NULL will zero key
      status = ZDSecMgrMasterKeyStore( ami, key );
    }
  }

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrAppKeyGet
 *
 * @brief       get an APP key - option APP(MASTER or LINK) key
 *
 * @param       initNwkAddr - [in] NWK address of initiator device
 * @param       initExtAddr - [in] EXT address of initiator device
 * @param       partNwkAddr - [in] NWK address of partner device
 * @param       partExtAddr - [in] EXT address of partner device
 * @param       key         - [out] APP(MASTER or LINK) key
 * @param       keyType     - [out] APP(MASTER or LINK) key type
 *
 * @return      ZStatus_t
 */
uint8 ZDSecMgrAppKeyType = KEY_TYPE_APP_LINK;    // Set the default key type
                                                 // to KEY_TYPE_APP_LINK since
                                                 // only specific requirement
                                                 // right now comes from SE profile

ZStatus_t ZDSecMgrAppKeyGet( uint16  initNwkAddr,
                             uint8*  initExtAddr,
                             uint16  partNwkAddr,
                             uint8*  partExtAddr,
                             uint8** key,
                             uint8*  keyType )
{
  // Intentionally unreferenced parameters
  (void)initNwkAddr;
  (void)initExtAddr;
  (void)partNwkAddr;
  (void)partExtAddr;

  //---------------------------------------------------------------------------
  // note:
  // should use a robust mechanism to generate keys, for example
  // combine EXT addresses and call a hash function
  //---------------------------------------------------------------------------
  SSP_GetTrueRand( SEC_KEY_LEN, *key );

  *keyType = ZDSecMgrAppKeyType;

  return ZSuccess;
}

/******************************************************************************
 * @fn          ZDSecMgrAppKeyReq
 *
 * @brief       Process request for APP key between two devices.
 *
 * @param       device - [in] ZDO_RequestKeyInd_t, request info
 *
 * @return      none
 */
void ZDSecMgrAppKeyReq( ZDO_RequestKeyInd_t* ind )
{
  APSME_TransportKeyReq_t req;
  uint8                   initExtAddr[Z_EXTADDR_LEN];
  uint16                  partNwkAddr;
  uint8                   key[SEC_KEY_LEN];


  // validate initiator and partner
  if ( ( APSME_LookupNwkAddr( ind->partExtAddr, &partNwkAddr ) == TRUE ) &&
       ( APSME_LookupExtAddr( ind->srcAddr, initExtAddr ) == TRUE      )   )
  {
    // point the key to some memory
    req.key = key;

    // get an APP key - option APP (MASTER or LINK) key
    if ( ZDSecMgrAppKeyGet( ind->srcAddr,
                            initExtAddr,
                            partNwkAddr,
                            ind->partExtAddr,
                            &req.key,
                            &req.keyType ) == ZSuccess )
    {
      // always secure
      req.nwkSecure = TRUE;
      req.apsSecure = TRUE;
      req.tunnel    = NULL;

      // send key to initiator device
      req.dstAddr   = ind->srcAddr;
      req.extAddr   = ind->partExtAddr;
      req.initiator = TRUE;
      APSME_TransportKeyReq( &req );

      // send key to partner device
      req.dstAddr   = partNwkAddr;
      req.extAddr   = initExtAddr;
      req.initiator = FALSE;

      APSME_TransportKeyReq( &req );

      // clear copy of key in RAM
      osal_memset( key, 0x00, SEC_KEY_LEN);

    }
  }
}

/******************************************************************************
 * @fn          ZDSecMgrEstablishKey
 *
 * @brief       Start SKKE with device joining network.
 *
 * @param       device - [in] ZDSecMgrDevice_t, device info
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrEstablishKey( ZDSecMgrDevice_t* device )
{
  ZStatus_t               status;
  APSME_EstablishKeyReq_t req;


  req.respExtAddr = device->extAddr;
  req.method      = APSME_SKKE_METHOD;

  if ( device->parentAddr == NLME_GetShortAddr() )
  {
    req.dstAddr   = device->nwkAddr;
    //devtag.0604.todo - remove obsolete
    req.apsSecure = FALSE;
    req.nwkSecure = FALSE;
  }
  else
  {
    req.dstAddr   = device->parentAddr;
    //devtag.0604.todo - remove obsolete
    req.apsSecure = TRUE;
    req.nwkSecure = TRUE;
  }

  status = APSME_EstablishKeyReq( &req );

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrSendMasterKey
 *
 * @brief       Send MASTER key to device joining network.
 *
 * @param       device - [in] ZDSecMgrDevice_t, device info
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrSendMasterKey( ZDSecMgrDevice_t* device )
{
  ZStatus_t status;
  APSME_TransportKeyReq_t req;
  uint16 keyNvId;
  uint8 masterKey[SEC_KEY_LEN];


  req.keyType = KEY_TYPE_TC_MASTER;
  req.extAddr = device->extAddr;
  req.tunnel  = NULL;

  if ( ZDSecMgrMasterKeyLookup( device->ctrl->entry->ami, &keyNvId ) == ZSuccess )
  {
    osal_nv_read( keyNvId, osal_offsetof(ZDSecMgrMasterKeyData_t, key),
                  SEC_KEY_LEN, masterKey );
  }
  else
  {
    // in case read from NV fails
    osal_memset( masterKey, 0x00, SEC_KEY_LEN);
  }

  req.key = masterKey;

  //check if using secure hop to to parent
  if ( device->parentAddr != NLME_GetShortAddr() )
  {
    //send to parent with security
    req.dstAddr   = device->parentAddr;
    req.nwkSecure = TRUE;
    req.apsSecure = TRUE;
  }
  else
  {
    //direct with no security
    req.dstAddr   = device->nwkAddr;
    req.nwkSecure = FALSE;
    req.apsSecure = FALSE;
  }

  status = APSME_TransportKeyReq( &req );

  // clear copy of key in RAM
  osal_memset( masterKey, 0x00, SEC_KEY_LEN);

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrSendNwkKey
 *
 * @brief       Send NWK key to device joining network.
 *
 * @param       device - [in] ZDSecMgrDevice_t, device info
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrSendNwkKey( ZDSecMgrDevice_t* device )
{
  ZStatus_t status;
  APSME_TransportKeyReq_t req;
  APSDE_FrameTunnel_t tunnel;
  nwkKeyDesc tmpKey;

  req.dstAddr   = device->nwkAddr;
  req.extAddr   = device->extAddr;

  if ( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_PRO_HIGH )
  {
    req.keyType   = KEY_TYPE_NWK_HIGH;
  }
  else
  {
    req.keyType   = KEY_TYPE_NWK;
  }

  // get the Active Key into a local variable
  if( NLME_ReadNwkKeyInfo( 0, sizeof(tmpKey), &tmpKey,
                           ZCD_NV_NWK_ACTIVE_KEY_INFO ) != SUCCESS )
  {
    // set key data to all 0s if NV read fails
    osal_memset(&tmpKey, 0x00, sizeof(tmpKey));
  }

  if ( (ZG_CHECK_SECURITY_MODE == ZG_SECURITY_PRO_HIGH)
      || (ZG_CHECK_SECURITY_MODE == ZG_SECURITY_SE_STANDARD) )
  {
    // set values
    req.keySeqNum = tmpKey.keySeqNum;
    req.key       = tmpKey.key;

    //devtag.pro.security.todo - make sure that if there is no link key the NWK
    //key isn't used to secure the frame at the APS layer -- since the receiving
    //device may not have a NWK key yet
    req.apsSecure = TRUE;

    // check if using secure hop to to parent
    if ( device->parentAddr == NLME_GetShortAddr() )
    {
      req.nwkSecure = FALSE;
      req.tunnel    = NULL;
    }
    else
    {
      req.nwkSecure   = TRUE;
      req.tunnel      = &tunnel;
      req.tunnel->tna = device->parentAddr;
      req.tunnel->dea = device->extAddr;
    }
  }
  else
  {
    // default values
    //devtag.0604.verify
    req.nwkSecure = TRUE;
    req.apsSecure = FALSE;
    req.tunnel    = NULL;

    if ( device->parentAddr != NLME_GetShortAddr() )
    {
      req.dstAddr = device->parentAddr;
    }

    // special cases
    //devtag.0604.todo - modify to preconfig flag
    if ( device->secure == FALSE )
    {
      req.keySeqNum = tmpKey.keySeqNum;
      req.key       = tmpKey.key;

      // check if using secure hop to to parent
      if ( device->parentAddr == NLME_GetShortAddr() )
      {
        req.nwkSecure = FALSE;
      }
    }
    else
    {
      req.key       = NULL;
      req.keySeqNum = 0;
    }
  }

  status = APSME_TransportKeyReq( &req );

  // clear copy of key in RAM before return
  osal_memset( &tmpKey, 0x00, sizeof(nwkKeyDesc) );

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrDeviceEntryRemove
 *
 * @brief       Remove device entry.
 *
 * @param       entry - [in] valid entry
 *
 * @return      none
 */
void ZDSecMgrDeviceEntryRemove( ZDSecMgrEntry_t* entry )
{
  // terminate device control
  if ( ( ZG_BUILD_COORDINATOR_TYPE ) && ( ZG_DEVICE_COORDINATOR_TYPE ) )
  {
    ZDSecMgrCtrlTerm( entry );
  }

  // remove device from entry data
  ZDSecMgrEntryFree( entry );

}

/******************************************************************************
 * @fn          ZDSecMgrDeviceRemoveByExtAddr
 *
 * @brief       Remove device entry by its ext address.
 *
 * @param       pAddr - pointer to the extended address
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrDeviceRemoveByExtAddr( uint8 *pAddr )
{
  ZDSecMgrEntry_t *pEntry;
  uint8           retValue;

  retValue = (uint8)ZDSecMgrEntryLookupExt( pAddr, &pEntry );

  if( retValue == ZSuccess )
  {
    ZDSecMgrDeviceEntryRemove( pEntry );
  }

  return retValue;
}

/******************************************************************************
 * @fn          ZDSecMgrDeviceEntryAdd
 *
 * @brief       Add entry.
 *
 * @param       device - [in] ZDSecMgrDevice_t, device info
 * @param       ami    - [in] Address Manager index
 *
 * @return      ZStatus_t
 */
void ZDSecMgrAddrMgrUpdate( uint16 ami, uint16 nwkAddr )
{
  AddrMgrEntry_t entry;

  // get the ami data
  entry.user  = ADDRMGR_USER_SECURITY;
  entry.index = ami;

  AddrMgrEntryGet( &entry );

  // check if NWK address is same
  if ( entry.nwkAddr != nwkAddr )
  {
    // update NWK address
    entry.nwkAddr = nwkAddr;

    AddrMgrEntryUpdate( &entry );
  }
}

ZStatus_t ZDSecMgrDeviceEntryAdd( ZDSecMgrDevice_t* device, uint16 ami )
{
  ZStatus_t        status;
  ZDSecMgrEntry_t* entry;

  // initialize as unknown until completion
  status = ZNwkUnknownDevice;

  device->ctrl = NULL;

  // make sure not already registered
  if ( ZDSecMgrEntryLookup( device->nwkAddr, &entry ) == ZSuccess )
  {
    // verify that address index is same
    if ( entry->ami != ami )
    {
      // remove conflicting entry
      ZDSecMgrDeviceEntryRemove( entry );

      if ( ZDSecMgrEntryLookupAMI( ami, &entry ) == ZSuccess )
      {
        // update NWK address
        ZDSecMgrAddrMgrUpdate( ami, device->nwkAddr );
      }
    }
  }
  else if ( ZDSecMgrEntryLookupAMI( ami, &entry ) == ZSuccess )
  {
    // update NWK address
    ZDSecMgrAddrMgrUpdate( ami, device->nwkAddr );
  }

  // check if a new entry needs to be created
  if ( entry == NULL )
  {
    // get new entry
    if ( ZDSecMgrEntryNew( &entry ) == ZSuccess )
    {
      // reset entry lkd

      // finish setting up entry
      entry->ami = ami;

      // update NWK address
      ZDSecMgrAddrMgrUpdate( ami, device->nwkAddr );

      // enter new device into device control
      if ( ( ZG_BUILD_COORDINATOR_TYPE ) && ( ZG_DEVICE_COORDINATOR_TYPE ) )
      {
        status = ZDSecMgrCtrlAdd( device, entry );
      }
      else
      {
        status = ZSuccess;
      }
    }
  }
  else
  {
    // reset entry lkd

    // reset entry in entry control
    if ( ( ZG_BUILD_COORDINATOR_TYPE ) && ( ZG_DEVICE_COORDINATOR_TYPE ) )
    {
      status = ZDSecMgrCtrlReset( device, entry );
    }
    else
    {
      status = ZSuccess;
    }
  }

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrDeviceCtrlHandler
 *
 * @brief       Device control handler.
 *
 * @param       device - [in] ZDSecMgrDevice_t, device info
 *
 * @return      none
 */
void ZDSecMgrDeviceCtrlHandler( ZDSecMgrDevice_t* device )
{
  uint8 state;
  uint8 cntr;

  state = device->ctrl->state;
  cntr  = ZDSECMGR_CTRL_BASE_CNTR;

  switch ( state )
  {
    case ZDSECMGR_CTRL_TK_MASTER:
      if ( ZDSecMgrSendMasterKey( device ) == ZSuccess )
      {
        state = ZDSECMGR_CTRL_SKKE_INIT;
        cntr  = ZDSECMGR_CTRL_SKKE_INIT_CNTR;
      }
      break;

    case ZDSECMGR_CTRL_SKKE_INIT:
      if ( ZDSecMgrEstablishKey( device ) == ZSuccess )
      {
        state = ZDSECMGR_CTRL_SKKE_WAIT;
      }
      break;

    case ZDSECMGR_CTRL_SKKE_WAIT:
      // continue to wait for SKA control timeout
      break;

    case ZDSECMGR_CTRL_TK_NWK:
      if ( ZDSecMgrSendNwkKey( device ) == ZSuccess )
      {
        state = ZDSECMGR_CTRL_NONE;
      }
      break;

    default:
      state = ZDSECMGR_CTRL_NONE;
      break;
  }

  if ( state != ZDSECMGR_CTRL_NONE )
  {
    device->ctrl->state = state;
    device->ctrl->cntr  = cntr;

    osal_start_timerEx(ZDAppTaskID, ZDO_SECMGR_EVENT, 100 );
  }
  else
  {
    ZDSecMgrCtrlRelease( device->ctrl );
  }
}

/******************************************************************************
 * @fn          ZDSecMgrDeviceCtrlSetup
 *
 * @brief       Setup device control.
 *
 * @param       device - [in] ZDSecMgrDevice_t, device info
 *
 * @return      ZStatus_t
 */
void ZDSecMgrDeviceCtrlSetup( ZDSecMgrDevice_t* device )
{
  if ( device->ctrl != NULL )
  {
    if ( device->secure == FALSE )
    {
      // send the master key data to the joining device
      device->ctrl->state = ZDSECMGR_CTRL_TK_MASTER;
    }
    else
    {
      // start SKKE
      device->ctrl->state = ZDSECMGR_CTRL_SKKE_INIT;
    }

    ZDSecMgrDeviceCtrlHandler( device );
  }
}

/******************************************************************************
 * @fn          ZDSecMgrDeviceCtrlUpdate
 *
 * @brief       Update control data.
 *
 * @param       extAddr - [in] EXT address
 * @param       state   - [in] new control state
 *
 * @return      none
 */
void ZDSecMgrDeviceCtrlUpdate( uint8* extAddr, uint8 state )
{
  ZDSecMgrEntry_t* entry;
  ZDSecMgrCtrl_t*  ctrl;

  // lookup device entry data
  (void)ZDSecMgrEntryLookupExt( extAddr, &entry );

  if ( entry != NULL )
  {
    // lookup device control data
    ZDSecMgrCtrlLookup( entry, &ctrl );

    // make sure control data is valid
    if ( ctrl != NULL )
    {
      // possible state transitions
      if ( ctrl->state == ZDSECMGR_CTRL_SKKE_WAIT )
      {
        if ( state == ZDSECMGR_CTRL_SKKE_DONE )
        {
          // send the network key
          ctrl->state = ZDSECMGR_CTRL_TK_NWK;
          ctrl->cntr  = ZDSECMGR_CTRL_TK_NWK_CNTR;
        }
        else if ( state == ZDSECMGR_CTRL_SKKE_FAIL )
        {
          // force default timeout in order to cleanup control logic
          ctrl->state = ZDSECMGR_CTRL_SKKE_FAIL;
          ctrl->cntr  = ZDSECMGR_CTRL_BASE_CNTR;
        }
      }
      // timer should be active
    }
  }
}

void APSME_SKA_TimerExpired( uint8 initiator, uint8* partExtAddr );
void APSME_SKA_TimerExpired( uint8 initiator, uint8* partExtAddr )
{
  if ( ( ZG_BUILD_COORDINATOR_TYPE ) && ( ZG_DEVICE_COORDINATOR_TYPE ) )
  {
    if ( initiator == TRUE )
    {
      ZDSecMgrDeviceCtrlUpdate( partExtAddr, ZDSECMGR_CTRL_SKKE_FAIL );
    }
  }
}

/******************************************************************************
 * @fn          ZDSecMgrDeviceRemove
 *
 * @brief       Remove device from network.
 *
 * @param       device - [in] ZDSecMgrDevice_t, device info
 *
 * @return      none
 */
void ZDSecMgrDeviceRemove( ZDSecMgrDevice_t* device )
{
  APSME_RemoveDeviceReq_t remDevReq;
  NLME_LeaveReq_t         leaveReq;
  associated_devices_t*   assoc;

  // check if parent, remove the device
  if ( device->parentAddr == NLME_GetShortAddr() )
  {
    // this is the parent of the device
    leaveReq.extAddr        = device->extAddr;
    leaveReq.removeChildren = FALSE;
    leaveReq.rejoin         = FALSE;

    // find child association
    assoc = AssocGetWithExt( device->extAddr );

    if ( ( assoc != NULL                            ) &&
         ( assoc->nodeRelation >= CHILD_RFD         ) &&
         ( assoc->nodeRelation <= CHILD_FFD_RX_IDLE )    )
    {
      // check if associated device is authenticated
      if ( assoc->devStatus & DEV_SEC_AUTH_STATUS )
      {
        leaveReq.silent = FALSE;
      }
      else
      {
        leaveReq.silent = TRUE;
      }

      NLME_LeaveReq( &leaveReq );
    }
  }
  else
  {
    // this is not the parent of the device
    remDevReq.parentAddr   = device->parentAddr;
    remDevReq.childExtAddr = device->extAddr;

    APSME_RemoveDeviceReq( &remDevReq );
  }
}

/******************************************************************************
 * @fn          ZDSecMgrDeviceValidateSKKE
 *
 * @brief       Decide whether device is allowed for SKKE.
 *
 * @param       device - [in] ZDSecMgrDevice_t, device info
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrDeviceValidateSKKE( ZDSecMgrDevice_t* device )
{
  ZStatus_t status;
  uint16 ami;
  uint16 keyNvId;

  // get EXT address
  status = ZDSecMgrExtAddrLookup( device->extAddr, &ami );

  if ( status == ZSuccess )
  {
    // get MASTER key
    status = ZDSecMgrMasterKeyLookup( ami, &keyNvId );

    if ( status == ZSuccess )
    {
      status = ZDSecMgrDeviceEntryAdd( device, ami );
    }
  }

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrDeviceValidateRM (RESIDENTIAL MODE)
 *
 * @brief       Decide whether device is allowed.
 *
 * @param       device - [in] ZDSecMgrDevice_t, device info
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrDeviceValidateRM( ZDSecMgrDevice_t* device )
{
  ZStatus_t status;

  status = ZSuccess;

  (void)device;  // Intentionally unreferenced parameter

  // For test purpose, turning off the zgSecurePermitJoin flag will force
  // the trust center to reject any newly joining devices by sending
  // Remove-device to the parents.
  if ( zgSecurePermitJoin == FALSE )
  {
    status = ZNwkUnknownDevice;
  }



#if 0  // Taken out because the following functionality is only used for test
       // purpose. A more efficient (above) way is used. It can be put
       // back in if customers request for a white/black list feature.
       // ZDSecMgrStoredDeviceList[] is defined in ZDSecMgr.c

  // The following code processes the device black list (stored device list)
  // If the joining device is not part of the forbidden device list
  // Return ZSuccess. Otherwise, return ZNwkUnknownDevice. The trust center
  // will send Remove-device and ban the device from joining.

  uint8     index;
  uint8*    restricted;

  // Look through the stored device list - used for restricted devices
  for ( index = 0; index < ZDSECMGR_STORED_DEVICES; index++ )
  {
    restricted = ZDSecMgrStoredDeviceList[index];

    if ( AddrMgrExtAddrEqual( restricted, device->extAddr )  == TRUE )
    {
      // return as unknown device in regards to validation
      status = ZNwkUnknownDevice;

      // break from loop
      index = ZDSECMGR_STORED_DEVICES;
    }
  }

#endif

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrDeviceValidateCM (COMMERCIAL MODE)
 *
 * @brief       Decide whether device is allowed.
 *
 * @param       device - [in] ZDSecMgrDevice_t, device info
 *
 * @return      ZStatus_t
 */
//devtag.pro.security
ZStatus_t ZDSecMgrDeviceValidateCM( ZDSecMgrDevice_t* device )
{
  ZStatus_t status;
  uint16    ami;
  uint8     key[SEC_KEY_LEN];

  // implement EXT address and MASTER key policy here -- the total number of
  // Security Manager entries should never exceed the number of EXT addresses
  // and MASTER keys available

  // set status based on policy
  //status = ZNwkUnknownDevice;

  // set status based on policy
  status = ZSuccess; // ZNwkUnknownDevice;

  // get key based on policy
  osal_memcpy( key, ZDSecMgrTCMasterKey, SEC_KEY_LEN);

  // if policy, store new EXT address
  status = ZDSecMgrAddrStore( device->nwkAddr, device->extAddr, &ami );

  // set the key
  ZDSecMgrMasterKeyLoad( device->extAddr, key );

  // if EXT address and MASTER key available -- add device
  if ( status == ZSuccess )
  {
    // add device to internal data - with control
    status = ZDSecMgrDeviceEntryAdd( device, ami );
  }

  // remove copy of key in RAM
  osal_memset( key, 0x00, SEC_KEY_LEN );

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrDeviceValidate
 *
 * @brief       Decide whether device is allowed.
 *
 * @param       device - [in] ZDSecMgrDevice_t, device info
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrDeviceValidate( ZDSecMgrDevice_t* device )
{
  ZStatus_t status;


  if ( ZDSecMgrPermitJoiningEnabled == TRUE )
  {
    // device may be joining with a secure flag but it is ultimately the Trust
    // Center that decides -- check if expected pre configured device --
    // override settings
    if ( zgPreConfigKeys == TRUE )
    {
      device->secure = TRUE;
    }
    else
    {
      device->secure = FALSE;
    }

    if ( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_PRO_HIGH )
    {
      status = ZDSecMgrDeviceValidateCM( device );
    }
    else // ( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_RESIDENTIAL )
    {
      status = ZDSecMgrDeviceValidateRM( device );
    }
  }
  else
  {
    status = ZNwkUnknownDevice;
  }

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrDeviceJoin
 *
 * @brief       Try to join this device.
 *
 * @param       device - [in] ZDSecMgrDevice_t, device info
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrDeviceJoin( ZDSecMgrDevice_t* device )
{
  ZStatus_t status;
  uint16    ami;

  // attempt to validate device
  status = ZDSecMgrDeviceValidate( device );

  if ( status == ZSuccess )
  {
    if ( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_PRO_HIGH )
    {
      ZDSecMgrDeviceCtrlSetup( device );
    }
    else // ( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_RESIDENTIAL )
    {
      // Add the device to the address manager
      ZDSecMgrAddrStore( device->nwkAddr, device->extAddr, &ami );
      //send the nwk key data to the joining device
      status = ZDSecMgrSendNwkKey( device );
    }
  }
  else
  {
    // not allowed, remove the device
    ZDSecMgrDeviceRemove( device );
  }

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrDeviceJoinDirect
 *
 * @brief       Try to join this device as a direct child.
 *
 * @param       device - [in] ZDSecMgrDevice_t, device info
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrDeviceJoinDirect( ZDSecMgrDevice_t* device )
{
  ZStatus_t status;

  status = ZDSecMgrDeviceJoin( device );

  if ( status == ZSuccess )
  {
    // set association status to authenticated
    ZDSecMgrAssocDeviceAuth( AssocGetWithShort( device->nwkAddr ) );
  }

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrDeviceJoinFwd
 *
 * @brief       Forward join to Trust Center.
 *
 * @param       device - [in] ZDSecMgrDevice_t, device info
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrDeviceJoinFwd( ZDSecMgrDevice_t* device )
{
  ZStatus_t               status;
  APSME_UpdateDeviceReq_t req;

  // forward any joining device to the Trust Center -- the Trust Center will
  // decide if the device is allowed to join
  status = ZSuccess;

  // forward authorization to the Trust Center
  req.dstAddr    = APSME_TRUSTCENTER_NWKADDR;
  req.devAddr    = device->nwkAddr;
  req.devExtAddr = device->extAddr;

  // set security status, option for router to reject if policy set
  if ( (device->devStatus & DEV_HIGH_SEC_STATUS) )
  {
    if ( device->devStatus & DEV_REJOIN_STATUS )
    {
      if ( device->secure == TRUE )
      {
        req.status = APSME_UD_HIGH_SECURED_REJOIN;
      }
      else
      {
        req.status = APSME_UD_HIGH_UNSECURED_REJOIN;
      }
    }
    else
    {
      req.status = APSME_UD_HIGH_UNSECURED_JOIN;
    }
  }
  else
  {
    if ( device->devStatus & DEV_REJOIN_STATUS )
    {
      if ( device->secure == TRUE )
      {
        req.status = APSME_UD_STANDARD_SECURED_REJOIN;
      }
      else
      {
        req.status = APSME_UD_STANDARD_UNSECURED_REJOIN;
      }
    }
    else
    {
      req.status = APSME_UD_STANDARD_UNSECURED_JOIN;
    }
  }

  if ( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_PRO_HIGH )
  {
    req.apsSecure = TRUE;
  }
  else
  {
    req.apsSecure = FALSE;
  }

  // send and APSME_UPDATE_DEVICE request to the trust center
  status = APSME_UpdateDeviceReq( &req );

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrDeviceNew
 *
 * @brief       Process a new device.
 *
 * @param       device - [in] ZDSecMgrDevice_t, device info
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrDeviceNew( ZDSecMgrDevice_t* joiner )
{
  ZStatus_t status;

  if ( ( ZG_BUILD_COORDINATOR_TYPE ) && ( ZG_DEVICE_COORDINATOR_TYPE ) )
  {
    // try to join this device
    status = ZDSecMgrDeviceJoinDirect( joiner );
  }
  else
  {
    status = ZDSecMgrDeviceJoinFwd( joiner );
  }

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrAssocDeviceAuth
 *
 * @brief       Set associated device status to authenticated
 *
 * @param       assoc - [in, out] associated_devices_t
 *
 * @return      none
 */
void ZDSecMgrAssocDeviceAuth( associated_devices_t* assoc )
{
  if ( assoc != NULL )
  {
    assoc->devStatus |= DEV_SEC_AUTH_STATUS;
  }
}

/******************************************************************************
 * @fn          ZDSecMgrAuthInitiate
 *
 * @brief       Initiate entity authentication
 *
 * @param       responder - [in] responder EXT address
 *
 * @return      none
 */
void ZDSecMgrAuthInitiate( uint8* responder )
{
  APSME_AuthenticateReq_t req;


  // make sure NWK address is available
  if ( APSME_LookupNwkAddr( responder, &req.nwkAddr ) )
  {
    // set request fields
    req.extAddr   = responder;
    req.action    = APSME_EA_INITIATE;
    req.challenge = NULL;

    // start EA processing
    APSME_AuthenticateReq( &req );
  }
}

/******************************************************************************
 * @fn          ZDSecMgrAuthNwkKey
 *
 * @brief       Handle next step in authentication process
 *
 * @param       none
 *
 * @return      none
 */
void ZDSecMgrAuthNwkKey()
{
  if ( devState == DEV_END_DEVICE_UNAUTH )
  {
    if ( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_PRO_HIGH )
    {
      uint8 parent[Z_EXTADDR_LEN];

      // get parent's EXT address
      NLME_GetCoordExtAddr( parent );

      // begin entity authentication with parent
      ZDSecMgrAuthInitiate( parent );
    }
    else
    {
      // inform ZDO that device has been authenticated
      osal_set_event ( ZDAppTaskID, ZDO_DEVICE_AUTH );
    }
  }
}

/******************************************************************************
 * PUBLIC FUNCTIONS
 */
/******************************************************************************
 * @fn          ZDSecMgrInit
 *
 * @brief       Initialize ZigBee Device Security Manager.
 *
 * @param       state - device initialization state
 *
 * @return      none
 */
#if ( ADDRMGR_CALLBACK_ENABLED == 1 )
void ZDSecMgrAddrMgrCB( uint8 update, AddrMgrEntry_t* newEntry, AddrMgrEntry_t* oldEntry );
void ZDSecMgrAddrMgrCB( uint8           update,
                        AddrMgrEntry_t* newEntry,
                        AddrMgrEntry_t* oldEntry )
{
  (void)update;
  (void)newEntry;
  (void)oldEntry;
}
#endif // ( ADDRMGR_CALLBACK_ENABLED == 1 )

void ZDSecMgrInit(uint8 state)
{
  if ( (ZG_CHECK_SECURITY_MODE == ZG_SECURITY_PRO_HIGH)
      || (ZG_CHECK_SECURITY_MODE == ZG_SECURITY_SE_STANDARD) )
  {
    // initialize sub modules
    ZDSecMgrEntryInit(state);

    if ( ( ZG_BUILD_COORDINATOR_TYPE ) && ( ZG_DEVICE_COORDINATOR_TYPE ) )
    {
      ZDSecMgrCtrlInit();
    }

    // register with Address Manager
#if ( ADDRMGR_CALLBACK_ENABLED == 1 )
    AddrMgrRegister( ADDRMGR_REG_SECURITY, ZDSecMgrAddrMgrCB );
#endif
  }

  if ( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_PRO_HIGH )
  {
    // configure SKA slot data
    APSME_SKA_SlotInit( ZDSECMGR_SKA_SLOT_MAX );
  }

  if ( ZG_SECURE_ENABLED )
  {
    if ( ( ZG_BUILD_COORDINATOR_TYPE ) && ( ZG_DEVICE_COORDINATOR_TYPE ) )
    {
      // setup joining permissions
      ZDSecMgrPermitJoiningEnabled = TRUE;
      ZDSecMgrPermitJoiningTimed   = FALSE;
    }
  }

  // configure security based on security mode and type of device
  ZDSecMgrConfig();
}

/******************************************************************************
 * @fn          ZDSecMgrConfig
 *
 * @brief       Configure ZigBee Device Security Manager.
 *
 * @param       none
 *
 * @return      none
 */
void ZDSecMgrConfig( void )
{
  if ( ZG_SECURE_ENABLED )
  {
    SSP_Init();

    if ( (ZG_CHECK_SECURITY_MODE == ZG_SECURITY_PRO_HIGH)
        || (ZG_CHECK_SECURITY_MODE == ZG_SECURITY_SE_STANDARD) )
    {
      if ( ( ZG_BUILD_COORDINATOR_TYPE ) && ( ZG_DEVICE_COORDINATOR_TYPE ) )
      {
        // COMMERCIAL MODE - COORDINATOR DEVICE
        APSME_SecurityCM_CD();
      }
      else if ( ZSTACK_ROUTER_BUILD )
      {
        // COMMERCIAL MODE - ROUTER DEVICE
        APSME_SecurityCM_RD();
      }
      else
      {
        // COMMERCIAL MODE - END DEVICE
        APSME_SecurityCM_ED();
      }
    }
    else // ( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_RESIDENTIAL )
    {
      if ( ( ZG_BUILD_COORDINATOR_TYPE ) && ( ZG_DEVICE_COORDINATOR_TYPE ) )
      {
        // RESIDENTIAL MODE - COORDINATOR DEVICE
        APSME_SecurityRM_CD();
      }
      else if ( ZSTACK_ROUTER_BUILD )
      {
        // RESIDENTIAL MODE - ROUTER DEVICE
        APSME_SecurityRM_RD();
      }
      else
      {
        // RESIDENTIAL MODE - END DEVICE
        APSME_SecurityRM_ED();
      }
    }
  }
  else
  {
    // NO SECURITY
    APSME_SecurityNM();
  }
}

/******************************************************************************
 * @fn          ZDSecMgrPermitJoining
 *
 * @brief       Process request to change joining permissions.
 *
 * @param       duration - [in] timed duration for join in seconds
 *                         - 0x00 not allowed
 *                         - 0xFF allowed without timeout
 *
 * @return      uint8 - success(TRUE:FALSE)
 */
uint8 ZDSecMgrPermitJoining( uint8 duration )
{
  uint8 accept;

  ZDSecMgrPermitJoiningTimed = FALSE;

  if ( duration > 0 )
  {
    ZDSecMgrPermitJoiningEnabled = TRUE;

    if ( duration != 0xFF )
    {
      ZDSecMgrPermitJoiningTimed = TRUE;
    }
  }
  else
  {
    ZDSecMgrPermitJoiningEnabled = FALSE;
  }

  accept = TRUE;

  return accept;
}

/******************************************************************************
 * @fn          ZDSecMgrPermitJoiningTimeout
 *
 * @brief       Process permit joining timeout
 *
 * @param       none
 *
 * @return      none
 */
void ZDSecMgrPermitJoiningTimeout( void )
{
  if ( ZDSecMgrPermitJoiningTimed == TRUE )
  {
    ZDSecMgrPermitJoiningEnabled = FALSE;
    ZDSecMgrPermitJoiningTimed   = FALSE;
  }
}

/******************************************************************************
 * @fn          ZDSecMgrNewDeviceEvent
 *
 * @brief       Process a the new device event, if found reset new device
 *              event/timer.
 *
 * @param       none
 *
 * @return      uint8 - found(TRUE:FALSE)
 */
uint8 ZDSecMgrNewDeviceEvent( void )
{
  uint8                 found;
  ZDSecMgrDevice_t      device;
  AddrMgrEntry_t        addrEntry;
  associated_devices_t* assoc;
  ZStatus_t             status;

  // initialize return results
  found = FALSE;

  // look for device in the security init state
  assoc = AssocMatchDeviceStatus( DEV_SEC_INIT_STATUS );

  if ( assoc != NULL )
  {
    // device found
    found = TRUE;

    // check for preconfigured security
    if ( zgPreConfigKeys == TRUE )
    {
      // set association status to authenticated
      ZDSecMgrAssocDeviceAuth( assoc );
    }

    // set up device info
    addrEntry.user  = ADDRMGR_USER_DEFAULT;
    addrEntry.index = assoc->addrIdx;
    AddrMgrEntryGet( &addrEntry );

    device.nwkAddr    = assoc->shortAddr;
    device.extAddr    = addrEntry.extAddr;
    device.parentAddr = NLME_GetShortAddr();
    device.secure     = FALSE;
    device.devStatus  = assoc->devStatus;

    // process new device
    status = ZDSecMgrDeviceNew( &device );

    if ( status == ZSuccess )
    {
      assoc->devStatus &= ~DEV_SEC_INIT_STATUS;
    }
    else if ( status == ZNwkUnknownDevice )
    {
      AssocRemove( addrEntry.extAddr );
    }
  }

  return found;
}

/******************************************************************************
 * @fn          ZDSecMgrEvent
 *
 * @brief       Handle ZDO Security Manager event/timer(ZDO_SECMGR_EVENT).
 *
 * @param       none
 *
 * @return      none
 */
void ZDSecMgrEvent( void )
{
  uint8            action;
  uint8            restart;
  uint16           index;
  AddrMgrEntry_t   entry;
  ZDSecMgrDevice_t device;

  // verify data is available
  if ( ZDSecMgrCtrlData != NULL )
  {
    action  = FALSE;
    restart = FALSE;

    // update all the counters
    for ( index = 0; index < ZDSECMGR_ENTRY_MAX; index++ )
    {
      if ( ZDSecMgrCtrlData[index].state !=  ZDSECMGR_CTRL_NONE )
      {
        if ( ZDSecMgrCtrlData[index].cntr != 0 )
        {
          ZDSecMgrCtrlData[index].cntr--;
        }

        if ( ( action == FALSE ) && ( ZDSecMgrCtrlData[index].cntr == 0 ) )
        {
          action = TRUE;

          // update from control data
          device.parentAddr = ZDSecMgrCtrlData[index].parentAddr;
          device.secure     = ZDSecMgrCtrlData[index].secure;
          device.ctrl       = &ZDSecMgrCtrlData[index];

          // set the user and address index
          entry.user  = ADDRMGR_USER_SECURITY;
          entry.index = ZDSecMgrCtrlData[index].entry->ami;

          // get the address data
          AddrMgrEntryGet( &entry );

          // set device address data
          device.nwkAddr = entry.nwkAddr;
          device.extAddr = entry.extAddr;

          // update from entry data
          ZDSecMgrDeviceCtrlHandler( &device );
        }
        else
        {
          restart = TRUE;
        }
      }
    }

    // check for timer restart
    if ( restart == TRUE )
    {
      osal_start_timerEx(ZDAppTaskID, ZDO_SECMGR_EVENT, 100 );
    }
  }
}

/******************************************************************************
 * @fn          ZDSecMgrEstablishKeyCfm
 *
 * @brief       Process the ZDO_EstablishKeyCfm_t message.
 *
 * @param       cfm - [in] ZDO_EstablishKeyCfm_t confirmation
 *
 * @return      none
 */
void ZDSecMgrEstablishKeyCfm( ZDO_EstablishKeyCfm_t* cfm )
{
  // send the NWK key
  if ( ( ZG_BUILD_COORDINATOR_TYPE ) && ( ZG_DEVICE_COORDINATOR_TYPE ) )
  {
    // update control for specified EXT address
    ZDSecMgrDeviceCtrlUpdate( cfm->partExtAddr, ZDSECMGR_CTRL_SKKE_DONE );
  }
  else
  {
    // this should be done when receiving the NWK key
    // if devState ==
    //if ( devState == DEV_END_DEVICE_UNAUTH )
        //osal_set_event( ZDAppTaskID, ZDO_DEVICE_AUTH );

    // if not in joining state -- this should trigger an event for an
    // end point that requested SKKE
    // if ( devState == DEV_END_DEVICE )
   //       devState == DEV_ROUTER;

  }
}

/******************************************************************************
 * @fn          ZDSecMgrTCExtAddrCheck
 *
 * @brief       Verifies if received ext. address matches TC ext. address.
 *
 * @param       extAddr - Extended address to be verified.
 *
 * @return      TRUE - extended address matches
 *              FALSE - otherwise
 */
uint8 ZDSecMgrTCExtAddrCheck( uint8* extAddr )
{
  uint8  match;
  uint8  lookup[Z_EXTADDR_LEN];

  match = FALSE;

  if ( AddrMgrExtAddrLookup( APSME_TRUSTCENTER_NWKADDR, lookup ) )
  {
    match = AddrMgrExtAddrEqual( lookup, extAddr );
  }

  return match;
}

/******************************************************************************
 * @fn          ZDSecMgrTCDataLoad
 *
 * @brief       Stores the address of TC into address manager and stores the
 *              preconfigured ZDSecMgrTCMasterKey to NV if zgPreConfigKeys
 *              is set to TRUE.
 *
 * @param       extAddr - Extended address to be verified.
 *
 * @return      none
 */
void ZDSecMgrTCDataLoad( uint8* extAddr )
{
  uint16 ami;
  uint16 keyNvId;
  uint8 masterKey[SEC_KEY_LEN];
  AddrMgrEntry_t entry;

  // lookup using TC short address
  entry.user    = ADDRMGR_USER_DEFAULT;
  entry.nwkAddr = zgTrustCenterAddr;

  // Verify if TC address has been added to Address Manager
  if ( AddrMgrEntryLookupNwk( &entry ) != TRUE )
  {
    if ( ZDSecMgrAddrStore( zgTrustCenterAddr, extAddr, &ami ) == ZSuccess )
    {
      // if preconfigured load key
      if ( zgPreConfigKeys == TRUE )
      {
        if ( ZDSecMgrMasterKeyLookup( ami, &keyNvId ) != ZSuccess )
        {
          // temporary copy
          osal_memcpy( masterKey, ZDSecMgrTCMasterKey, SEC_KEY_LEN);

          ZDSecMgrMasterKeyStore( ami, masterKey );

          // remove copy of key in RAM
          osal_memset( masterKey, 0x00, SEC_KEY_LEN );
        }
      }
    }
  }
}

/******************************************************************************
 * @fn          ZDSecMgrEstablishKeyInd
 *
 * @brief       Process the ZDO_EstablishKeyInd_t message.
 *
 * @param       ind - [in] ZDO_EstablishKeyInd_t indication
 *
 * @return      none
 */
void ZDSecMgrEstablishKeyInd( ZDO_EstablishKeyInd_t* ind )
{
  ZDSecMgrDevice_t        device;
  APSME_EstablishKeyRsp_t rsp;


  // load Trust Center data if needed
  ZDSecMgrTCDataLoad( ind->initExtAddr );

  if ( ZDSecMgrTCExtAddrCheck( ind->initExtAddr ) )
  {
    //IF (ind->srcAddr == APSME_TRUSTCENTER_NWKADDR)
    //OR
    //!ZDSecMgrTCAuthenticated
    //devtag.0604.critical
        //how is the parentAddr used here

    // initial SKKE from Trust Center via parent
    device.nwkAddr    = APSME_TRUSTCENTER_NWKADDR;
    device.parentAddr = ind->srcAddr;
  }
  else
  {
    // Trust Center direct or E2E SKKE
    device.nwkAddr    = ind->srcAddr;
    device.parentAddr = INVALID_NODE_ADDR;
  }

  device.extAddr = ind->initExtAddr;
  //devtag.pro.security.0724.todo - verify usage
  device.secure  = ind->nwkSecure;

  // validate device for SKKE
  if ( ZDSecMgrDeviceValidateSKKE( &device ) == ZSuccess )
  {
    rsp.accept = TRUE;
  }
  else
  {
    rsp.accept = FALSE;
  }

  rsp.dstAddr     = ind->srcAddr;
  rsp.initExtAddr = &ind->initExtAddr[0];
  //devtag.0604.todo - remove obsolete
  rsp.apsSecure   = ind->apsSecure;
  rsp.nwkSecure   = ind->nwkSecure;

  APSME_EstablishKeyRsp( &rsp );
}

//devtag.pro.security
#if 0
void ZDSecMgrEstablishKeyInd( ZDO_EstablishKeyInd_t* ind )
{
  ZDSecMgrDevice_t        device;
  APSME_EstablishKeyRsp_t rsp;


  device.extAddr = ind->initExtAddr;
  device.secure  = ind->secure;

  if ( ind->secure == FALSE )
  {
    // SKKE from Trust Center is not secured between child and parent
    device.nwkAddr    = APSME_TRUSTCENTER_NWKADDR;
    device.parentAddr = ind->srcAddr;
  }
  else
  {
    // SKKE from initiator should be secured
    device.nwkAddr    = ind->srcAddr;
    device.parentAddr = INVALID_NODE_ADDR;
  }

  rsp.dstAddr     = ind->srcAddr;
  rsp.initExtAddr = &ind->initExtAddr[0];
  rsp.secure      = ind->secure;

  // validate device for SKKE
  if ( ZDSecMgrDeviceValidateSKKE( &device ) == ZSuccess )
  {
    rsp.accept = TRUE;
  }
  else
  {
    rsp.accept = FALSE;
  }

  APSME_EstablishKeyRsp( &rsp );
}
#endif

/******************************************************************************
 * @fn          ZDSecMgrTransportKeyInd
 *
 * @brief       Process the ZDO_TransportKeyInd_t message.
 *
 * @param       ind - [in] ZDO_TransportKeyInd_t indication
 *
 * @return      none
 */
void ZDSecMgrTransportKeyInd( ZDO_TransportKeyInd_t* ind )
{
  uint8 index;
  uint8 zgPreConfigKey[SEC_KEY_LEN];

  // load Trust Center data if needed
  ZDSecMgrTCDataLoad( ind->srcExtAddr );

  if ( ind->keyType == KEY_TYPE_TC_MASTER )
  {
    if ( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_PRO_HIGH )
    //ZDSecMgrTCMasterKey( ind );
    {
      if ( zgPreConfigKeys != TRUE )
      {
        // devtag.pro.security.todo - check if Trust Center address is configured and correct
        ZDSecMgrMasterKeyLoad( ind->srcExtAddr, ind->key );
      }
      else
      {
        // error condition - reject key
      }
    }
  }
  else if ( ( ind->keyType == KEY_TYPE_NWK      ) ||
            ( ind->keyType == 6                 ) ||
            ( ind->keyType == KEY_TYPE_NWK_HIGH )    )
  {
    // check for dummy NWK key (all zeros)
    for ( index = 0;
          ( (index < SEC_KEY_LEN) && (ind->key[index] == 0) );
          index++ );

    if ( index == SEC_KEY_LEN )
    {
      // load preconfigured key - once!!
      if ( !_NIB.nwkKeyLoaded )
      {
        ZDSecMgrReadKeyFromNv(ZCD_NV_PRECFGKEY, zgPreConfigKey);
        SSP_UpdateNwkKey( zgPreConfigKey, 0 );
        SSP_SwitchNwkKey( 0 );

        // clear local copy of key
        osal_memset(zgPreConfigKey, 0x00, SEC_KEY_LEN);
      }
    }
    else
    {
      SSP_UpdateNwkKey( ind->key, ind->keySeqNum );
      if ( !_NIB.nwkKeyLoaded )
      {
        SSP_SwitchNwkKey( ind->keySeqNum );
      }
    }

    // handle next step in authentication process
    ZDSecMgrAuthNwkKey();
  }
  else if ( ind->keyType == KEY_TYPE_TC_LINK )
  {
    if ( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_PRO_HIGH )
    {
      // This should not happen because TCLK should not be Tx
    }
  }
  else if ( ind->keyType == KEY_TYPE_APP_MASTER )
  {
    if ( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_PRO_HIGH )
    {
      uint16           ami;
      AddrMgrEntry_t   entry;
      ZDSecMgrEntry_t* entryZD;

      ZDSecMgrExtAddrLookup( ind->srcExtAddr, &ami );

      if ( ind->initiator == TRUE )
      {
        // get the ami data
        entry.user  = ADDRMGR_USER_SECURITY;
        entry.index = ami;
        AddrMgrEntryGet( &entry );

        if ( entry.nwkAddr != INVALID_NODE_ADDR )
        {
          APSME_EstablishKeyReq_t req;
          ZDSecMgrMasterKeyLoad( ind->srcExtAddr, ind->key );

          ZDSecMgrEntryLookupAMI( ami, &entryZD );

          if ( entryZD == NULL )
          {
            // get new entry
            if ( ZDSecMgrEntryNew( &entryZD ) == ZSuccess )
            {
              // finish setting up entry
              entryZD->ami = ami;
            }
          }

          req.respExtAddr = ind->srcExtAddr;
          req.method      = APSME_SKKE_METHOD;
          req.dstAddr     = entry.nwkAddr;
          req.apsSecure   = FALSE;
          req.nwkSecure   = TRUE;
          APSME_EstablishKeyReq( &req );
        }
      }
      else
      {
        if ( ami == INVALID_NODE_ADDR )
        {
          // store new EXT address
          ZDSecMgrAddrStore( INVALID_NODE_ADDR, ind->srcExtAddr, &ami );
        }

        ZDSecMgrMasterKeyLoad( ind->srcExtAddr, ind->key );
      }
    }
  }
  else if ( ind->keyType == KEY_TYPE_APP_LINK )
  {
    if ( ( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_PRO_HIGH ) ||
         ( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_SE_STANDARD ) )
    {
      uint16           ami;
      ZDSecMgrEntry_t* entry;

      // get the address index
      if ( ZDSecMgrExtAddrLookup( ind->srcExtAddr, &ami ) != ZSuccess )
      {
        // store new EXT address
        ZDSecMgrAddrStore( INVALID_NODE_ADDR, ind->srcExtAddr, &ami );
        ZDP_NwkAddrReq( ind->srcExtAddr, ZDP_ADDR_REQTYPE_SINGLE, 0, 0 );
      }

      ZDSecMgrEntryLookupAMI( ami, &entry );

      if ( entry == NULL )
      {
        // get new entry
        if ( ZDSecMgrEntryNew( &entry ) == ZSuccess )
        {
          // finish setting up entry
          entry->ami = ami;
        }
      }

      ZDSecMgrLinkKeySet( ind->srcExtAddr, ind->key );

#if defined NV_RESTORE
      ZDSecMgrWriteNV();  // Write the control record for the new established link key to NV.
#endif
    }
  }
}

/******************************************************************************
 * @fn          ZDSecMgrUpdateDeviceInd
 *
 * @brief       Process the ZDO_UpdateDeviceInd_t message.
 *
 * @param       ind - [in] ZDO_UpdateDeviceInd_t indication
 *
 * @return      none
 */
void ZDSecMgrUpdateDeviceInd( ZDO_UpdateDeviceInd_t* ind )
{
  ZDSecMgrDevice_t device;

  device.nwkAddr    = ind->devAddr;
  device.extAddr    = ind->devExtAddr;
  device.parentAddr = ind->srcAddr;

  //if ( ( ind->status == APSME_UD_SECURED_JOIN   ) ||
  //     ( ind->status == APSME_UD_UNSECURED_JOIN )   )
  //{
  //  if ( ind->status == APSME_UD_SECURED_JOIN )
  //  {
  //    device.secure = TRUE;
  //  }
  //  else
  //  {
  //    device.secure = FALSE;
  //  }

    // try to join this device
    ZDSecMgrDeviceJoin( &device );
  //}
}

/******************************************************************************
 * @fn          ZDSecMgrRemoveDeviceInd
 *
 * @brief       Process the ZDO_RemoveDeviceInd_t message.
 *
 * @param       ind - [in] ZDO_RemoveDeviceInd_t indication
 *
 * @return      none
 */
void ZDSecMgrRemoveDeviceInd( ZDO_RemoveDeviceInd_t* ind )
{
  ZDSecMgrDevice_t device;

  // only accept from Trust Center
  if ( ind->srcAddr == APSME_TRUSTCENTER_NWKADDR )
  {
    // look up NWK address
    if ( APSME_LookupNwkAddr( ind->childExtAddr, &device.nwkAddr ) == TRUE )
    {
      device.parentAddr = NLME_GetShortAddr();
      device.extAddr    = ind->childExtAddr;

      // remove device
      ZDSecMgrDeviceRemove( &device );
    }
  }
}

/******************************************************************************
 * @fn          ZDSecMgrRequestKeyInd
 *
 * @brief       Process the ZDO_RequestKeyInd_t message.
 *
 * @param       ind - [in] ZDO_RequestKeyInd_t indication
 *
 * @return      none
 */
void ZDSecMgrRequestKeyInd( ZDO_RequestKeyInd_t* ind )
{
  if ( ind->keyType == KEY_TYPE_NWK )
  {
  }
  else if ( ind->keyType == KEY_TYPE_APP_MASTER )
  {
    ZDSecMgrAppKeyReq( ind );
  }
  else if ( ind->keyType == KEY_TYPE_TC_LINK )
  {
  }
  //else ignore
}

/******************************************************************************
 * @fn          ZDSecMgrSwitchKeyInd
 *
 * @brief       Process the ZDO_SwitchKeyInd_t message.
 *
 * @param       ind - [in] ZDO_SwitchKeyInd_t indication
 *
 * @return      none
 */
void ZDSecMgrSwitchKeyInd( ZDO_SwitchKeyInd_t* ind )
{
  SSP_SwitchNwkKey( ind->keySeqNum );

  // Save if nv
  ZDApp_NVUpdate();
}

/******************************************************************************
 * @fn          ZDSecMgrAuthenticateInd
 *
 * @brief       Process the ZDO_AuthenticateInd_t message.
 *
 * @param       ind - [in] ZDO_AuthenticateInd_t indication
 *
 * @return      none
 */
void ZDSecMgrAuthenticateInd( ZDO_AuthenticateInd_t* ind )
{
  APSME_AuthenticateReq_t req;
  AddrMgrEntry_t          entry;

  // update the address manager
  //---------------------------------------------------------------------------
  // note:
  // required for EA processing, but ultimately EA logic could also use the
  // neighbor table to look up addresses -- also(IF using EA) the neighbor
  // table is supposed to have authentication states for neighbors
  //---------------------------------------------------------------------------
  entry.user    = ADDRMGR_USER_SECURITY;
  entry.nwkAddr = ind->aps.initNwkAddr;
  AddrMgrExtAddrSet( entry.extAddr, ind->aps.initExtAddr );

  if ( AddrMgrEntryUpdate( &entry ) == TRUE )
  {
    // set request fields
    req.nwkAddr   = ind->aps.initNwkAddr;
    req.extAddr   = ind->aps.initExtAddr;
    req.action    = APSME_EA_ACCEPT;
    req.challenge = ind->aps.challenge;

    // start EA processing
    APSME_AuthenticateReq( &req );
  }
}

/******************************************************************************
 * @fn          ZDSecMgrAuthenticateCfm
 *
 * @brief       Process the ZDO_AuthenticateCfm_t message.
 *
 * @param       cfm - [in] ZDO_AuthenticateCfm_t confirmation
 *
 * @return      none
 */
void ZDSecMgrAuthenticateCfm( ZDO_AuthenticateCfm_t* cfm )
{
  if ( cfm->aps.status == ZSuccess )
  {
    if ( ( cfm->aps.initiator == TRUE ) && ( devState == DEV_END_DEVICE_UNAUTH ) )
    {
      // inform ZDO that device has been authenticated
      osal_set_event ( ZDAppTaskID, ZDO_DEVICE_AUTH );
    }
  }
}

#if ( ZG_BUILD_COORDINATOR_TYPE )
/******************************************************************************
 * @fn          ZDSecMgrUpdateNwkKey
 *
 * @brief       Load a new NWK key and trigger a network wide update.
 *
 * @param       key       - [in] new NWK key
 * @param       keySeqNum - [in] new NWK key sequence number
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrUpdateNwkKey( uint8* key, uint8 keySeqNum, uint16 dstAddr )
{
  ZStatus_t               status;
  APSME_TransportKeyReq_t req;

  // initialize common elements of local variables
  if ( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_PRO_HIGH )
  {
    req.keyType   = KEY_TYPE_NWK_HIGH;
  }
  else
  {
    req.keyType   = KEY_TYPE_NWK;
  }

  req.dstAddr   = dstAddr;
  req.keySeqNum = keySeqNum;
  req.key       = key;
  req.extAddr   = NULL;
  req.nwkSecure = TRUE;
  req.apsSecure = TRUE;
  req.tunnel    = NULL;

  if (( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_PRO_HIGH ) ||
      ( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_SE_STANDARD ))
  {
    ZDSecMgrEntry_t*        entry;
    uint16                  index;
    AddrMgrEntry_t          addrEntry;

    addrEntry.user = ADDRMGR_USER_SECURITY;

    status = ZFailure;

    // verify data is available
    if ( ZDSecMgrEntries != NULL )
    {
      // find available entry
      for ( index = 0; index < ZDSECMGR_ENTRY_MAX ; index++ )
      {
        if ( ZDSecMgrEntries[index].ami != INVALID_NODE_ADDR )
        {
          // return successful result
          entry = &ZDSecMgrEntries[index];

          // get NWK address
          addrEntry.index = entry->ami;
          if ( AddrMgrEntryGet( &addrEntry ) == TRUE )
          {
            req.dstAddr = addrEntry.nwkAddr;
            req.extAddr = addrEntry.extAddr;
            status = APSME_TransportKeyReq( &req );
          }
        }
      }
    }
  }
  else // ( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_RESIDENTIAL )
  {
    status = APSME_TransportKeyReq( &req );
  }

  SSP_UpdateNwkKey( key, keySeqNum );

  // Save if nv
  ZDApp_NVUpdate();

  return status;
}
#endif // ( ZG_BUILD_COORDINATOR_TYPE )

#if ( ZG_BUILD_COORDINATOR_TYPE )
/******************************************************************************
 * @fn          ZDSecMgrSwitchNwkKey
 *
 * @brief       Causes the NWK key to switch via a network wide command.
 *
 * @param       keySeqNum - [in] new NWK key sequence number
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrSwitchNwkKey( uint8 keySeqNum, uint16 dstAddr )
{
  ZStatus_t            status;
  APSME_SwitchKeyReq_t req;

  // initialize common elements of local variables
  req.dstAddr = dstAddr;
  req.keySeqNum = keySeqNum;

  if (( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_PRO_HIGH ) ||
      ( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_SE_STANDARD ))
  {
    ZDSecMgrEntry_t*     entry;
    uint16               index;
    AddrMgrEntry_t       addrEntry;

    addrEntry.user = ADDRMGR_USER_SECURITY;

    status = ZFailure;

    // verify data is available
    if ( ZDSecMgrEntries != NULL )
    {
      // find available entry
      for ( index = 0; index < ZDSECMGR_ENTRY_MAX ; index++ )
      {
        if ( ZDSecMgrEntries[index].ami != INVALID_NODE_ADDR )
        {
          // return successful result
          entry = &ZDSecMgrEntries[index];

          // get NWK address
          addrEntry.index = entry->ami;

          if ( AddrMgrEntryGet( &addrEntry ) == TRUE )
          {
            req.dstAddr = addrEntry.nwkAddr;
            status = APSME_SwitchKeyReq( &req );
          }
        }
      }
    }
  }
  else // ( ZG_CHECK_SECURITY_MODE == ZG_SECURITY_RESIDENTIAL )
  {
    status = APSME_SwitchKeyReq( &req );
  }

  SSP_SwitchNwkKey( keySeqNum );

  // Save if nv
  ZDApp_NVUpdate();

  return status;
}
#endif // ( ZG_BUILD_COORDINATOR_TYPE )

/******************************************************************************
 * @fn          ZDSecMgrRequestAppKey
 *
 * @brief       Request an application key with partner.
 *
 * @param       partExtAddr - [in] partner extended address
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrRequestAppKey( uint8 *partExtAddr )
{
  ZStatus_t status;
  APSME_RequestKeyReq_t req;

  req.dstAddr = 0;
  req.keyType = KEY_TYPE_APP_MASTER;

  req.partExtAddr = partExtAddr;
  status = APSME_RequestKeyReq( &req );

  return status;
}

#if ( ZG_BUILD_JOINING_TYPE )
/******************************************************************************
 * @fn          ZDSecMgrSetupPartner
 *
 * @brief       Setup for application key partner.
 *
 * @param       partNwkAddr - [in] partner network address
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrSetupPartner( uint16 partNwkAddr, uint8* partExtAddr )
{
  AddrMgrEntry_t entry;
  ZStatus_t      status;

  status = ZFailure;

  // update the address manager
  entry.user    = ADDRMGR_USER_SECURITY;
  entry.nwkAddr = partNwkAddr;
  AddrMgrExtAddrSet( entry.extAddr, partExtAddr );

  if ( AddrMgrEntryUpdate( &entry ) == TRUE )
  {
    status = ZSuccess;

    // check for address discovery
    if ( partNwkAddr == INVALID_NODE_ADDR )
    {
      status = ZDP_NwkAddrReq( partExtAddr, ZDP_ADDR_REQTYPE_SINGLE, 0, 0 );
    }
    else if ( !AddrMgrExtAddrValid( partExtAddr ) )
    {
      status = ZDP_IEEEAddrReq( partNwkAddr, ZDP_ADDR_REQTYPE_SINGLE, 0, 0 );
    }
  }

  return status;
}
#endif // ( ZG_BUILD_JOINING_TYPE )

#if ( ZG_BUILD_COORDINATOR_TYPE )
/******************************************************************************
 * @fn          ZDSecMgrAppKeyTypeSet
 *
 * @brief       Set application key type.
 *
 * @param       keyType - [in] application key type (KEY_TYPE_APP_MASTER@2 or
 *                                                   KEY_TYPE_APP_LINK@3
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrAppKeyTypeSet( uint8 keyType )
{
  if ( keyType == KEY_TYPE_APP_LINK )
  {
    ZDSecMgrAppKeyType = KEY_TYPE_APP_LINK;
  }
  else
  {
    ZDSecMgrAppKeyType = KEY_TYPE_APP_MASTER;
  }

  return ZSuccess;
}
#endif

/******************************************************************************
 * ZigBee Device Security Manager - Stub Implementations
 */
/******************************************************************************
 * @fn          ZDSecMgrMasterKeyGet (stubs APSME_MasterKeyGet)
 *
 * @brief       Get MASTER key for specified EXT address.
 *
 * @param       extAddr - [in] EXT address
 * @param       pKeyNvId - [out] MASTER key NV ID
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrMasterKeyGet( uint8* extAddr, uint16* pKeyNvId )
{
  ZStatus_t status;
  uint16 ami;

  // lookup entry for specified EXT address
  status = ZDSecMgrExtAddrLookup( extAddr, &ami );

  if ( status == ZSuccess )
  {
    ZDSecMgrMasterKeyLookup( ami, pKeyNvId );
  }
  else
  {
    *pKeyNvId = SEC_NO_KEY_NV_ID;
  }

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrLinkKeySet (stubs APSME_LinkKeySet)
 *
 * @brief       Set <APSME_LinkKeyData_t> for specified NWK address.
 *
 * @param       extAddr - [in] EXT address
 * @param       data    - [in] APSME_LinkKeyData_t
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrLinkKeySet( uint8* extAddr, uint8* key )
{
  ZStatus_t status;
  ZDSecMgrEntry_t* entry;
  APSME_LinkKeyData_t *pApsLinkKey = NULL;
  uint16 Index;

  // lookup entry index for specified EXT address
  status = ZDSecMgrEntryLookupExtGetIndex( extAddr, &entry, &Index );

  if ( status == ZSuccess )
  {
    // point to NV item
    entry->keyNvId = ZCD_NV_APS_LINK_KEY_DATA_START + Index;

    pApsLinkKey = (APSME_LinkKeyData_t *)osal_mem_alloc(sizeof(APSME_LinkKeyData_t));

    if (pApsLinkKey != NULL)
    {
      // read the key form NV, keyNvId must be ZCD_NV_APS_LINK_KEY_DATA_START based
      osal_nv_read( entry->keyNvId, 0,
                   sizeof(APSME_LinkKeyData_t), pApsLinkKey );

      // set new values of the key
      osal_memcpy( pApsLinkKey->key, key, SEC_KEY_LEN );
      pApsLinkKey->rxFrmCntr = 0;
      pApsLinkKey->txFrmCntr = 0;

      osal_nv_write( entry->keyNvId, 0,
                    sizeof(APSME_LinkKeyData_t), pApsLinkKey );

      // clear copy of key in RAM
      osal_memset(pApsLinkKey, 0x00, sizeof(APSME_LinkKeyData_t));

      osal_mem_free(pApsLinkKey);

      // set initial values for counters in RAM
      ApsLinkKeyFrmCntr[entry->keyNvId - ZCD_NV_APS_LINK_KEY_DATA_START].txFrmCntr = 0;
      ApsLinkKeyFrmCntr[entry->keyNvId - ZCD_NV_APS_LINK_KEY_DATA_START].rxFrmCntr = 0;
    }
  }

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrAuthenticationSet
 *
 * @brief       Mark the specific device as authenticated or not
 *
 * @param       extAddr - [in] EXT address
 * @param       option  - [in] authenticated or not
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrAuthenticationSet( uint8* extAddr, ZDSecMgr_Authentication_Option option )
{
  ZStatus_t        status;
  ZDSecMgrEntry_t* entry;


  // lookup entry index for specified EXT address
  status = ZDSecMgrEntryLookupExt( extAddr, &entry );

  if ( status == ZSuccess )
  {
    entry->authenticateOption = option;
  }

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrAuthenticationCheck
 *
 * @brief       Check if the specific device has been authenticated or not
 *              For non-trust center device, always return TRUE
 *
 * @param       shortAddr - [in] short address
 *
 * @return      TRUE @ authenticated with CBKE
 *              FALSE @ not authenticated
 */

uint8 ZDSecMgrAuthenticationCheck( uint16 shortAddr )
{
#if defined (TC_LINKKEY_JOIN)

  ZDSecMgrEntry_t* entry;
  uint8 extAddr[Z_EXTADDR_LEN];

  // If the local device is not the trust center, always return TRUE
  if ( NLME_GetShortAddr() != zgTrustCenterAddr )
  {
    return TRUE;
  }
  // Otherwise, check the authentication option
  else if ( AddrMgrExtAddrLookup( shortAddr, extAddr ) )
  {
    // lookup entry index for specified EXT address
    if ( ZDSecMgrEntryLookupExt( extAddr, &entry ) == ZSuccess )
    {
      if ( entry->authenticateOption != ZDSecMgr_Not_Authenticated )
      {
        return TRUE;
      }
      else
      {
        return FALSE;
      }
    }
  }
  return FALSE;

#else
  (void)shortAddr;  // Intentionally unreferenced parameter

  // For non AMI/SE Profile, perform no check and always return TRUE.
  return TRUE;

#endif // TC_LINKKEY_JOIN
}

/******************************************************************************
 * @fn          ZDSecMgrLinkKeyNVIdGet (stubs APSME_LinkKeyNVIdGet)
 *
 * @brief       Get Key NV ID for specified NWK address.
 *
 * @param       extAddr - [in] EXT address
 * @param       keyNvId - [out] NV ID
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrLinkKeyNVIdGet(uint8* extAddr, uint16 *pKeyNvId)
{
  ZStatus_t status;
  ZDSecMgrEntry_t* entry;

  // lookup entry index for specified NWK address
  status = ZDSecMgrEntryLookupExt( extAddr, &entry );

  if ( status == ZSuccess )
  {
    // return the index to the NV table
    *pKeyNvId = entry->keyNvId;
  }
  else
  {
    *pKeyNvId = SEC_NO_KEY_NV_ID;
  }

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrIsLinkKeyValid (stubs APSME_IsLinkKeyValid)
 *
 * @brief       Verifies if Link Key in NV has been set.
 *
 * @param       extAddr - [in] EXT address
 *
 * @return      TRUE - Link Key has been established
 *              FALSE - Link Key in NV has default value.
 */
uint8 ZDSecMgrIsLinkKeyValid(uint8* extAddr)
{
  APSME_LinkKeyData_t *pKeyData;
  uint16 apsLinkKeyNvId;
  uint8 nullKey[SEC_KEY_LEN];
  uint8 status = FALSE;

  // initialize default vealue to compare to
  osal_memset(nullKey, 0x00, SEC_KEY_LEN);

  // check for APS link NV ID
  APSME_LinkKeyNVIdGet( extAddr, &apsLinkKeyNvId );

  if (apsLinkKeyNvId != SEC_NO_KEY_NV_ID )
  {
    pKeyData = (APSME_LinkKeyData_t *)osal_mem_alloc(sizeof(APSME_LinkKeyData_t));

    if (pKeyData != NULL)
    {
      // retrieve key from NV
      if ( osal_nv_read( apsLinkKeyNvId, 0,
                        sizeof(APSME_LinkKeyData_t), pKeyData) == ZSUCCESS)
      {
        // if stored key is different than default value, then a key has been established
        if (!osal_memcmp(pKeyData, nullKey, SEC_KEY_LEN))
        {
          status = TRUE;
        }
      }

      // clear copy of key in RAM
      osal_memset(pKeyData, 0x00, sizeof(APSME_LinkKeyData_t));

      osal_mem_free(pKeyData);
    }
  }

  return status;
}

/******************************************************************************
 * @fn          ZDSecMgrKeyFwdToChild (stubs APSME_KeyFwdToChild)
 *
 * @brief       Verify and process key transportation to child.
 *
 * @param       ind - [in] APSME_TransportKeyInd_t
 *
 * @return      uint8 - success(TRUE:FALSE)
 */
uint8 ZDSecMgrKeyFwdToChild( APSME_TransportKeyInd_t* ind )
{
  // verify from Trust Center
  if ( ind->srcAddr == APSME_TRUSTCENTER_NWKADDR )
  {
    // check for initial NWK key
    if ( ( ind->keyType == KEY_TYPE_NWK      ) ||
         ( ind->keyType == 6                 ) ||
         ( ind->keyType == KEY_TYPE_NWK_HIGH )    )
    {
      // set association status to authenticated
      ZDSecMgrAssocDeviceAuth( AssocGetWithExt( ind->dstExtAddr ) );
    }

    return TRUE;
  }

  return FALSE;
}

/******************************************************************************
 * @fn          ZDSecMgrAddLinkKey
 *
 * @brief       Add the application link key to ZDSecMgr. Also mark the device
 *              as authenticated in the authenticateOption. Note that this function
 *              is hardwared to CBKE right now.
 *
 * @param       shortAddr - short address of the partner device
 * @param       extAddr - extended address of the partner device
 * @param       key - link key
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrAddLinkKey( uint16 shortAddr, uint8 *extAddr, uint8 *key)
{
  uint16           ami;
  ZDSecMgrEntry_t* entry;

  /* Store the device address in the addr manager */
  if( ZDSecMgrAddrStore( shortAddr, extAddr, &ami ) != ZSuccess )
  {
    /* Adding to Addr Manager fails */
    return ZFailure;
  }

  /* Lookup entry using specified address index */
  ZDSecMgrEntryLookupAMI( ami, &entry );

  // If no existing entry, create one
  if ( entry == NULL )
  {
    if ( ZDSecMgrEntryNew( &entry ) == ZSuccess )
    {
      entry->ami = ami;
    }
    else
    {
      /* Security Manager full */
      return ZBufferFull;
    }
  }
  // Write the link key
  APSME_LinkKeySet( extAddr, key );

#if defined (TC_LINKKEY_JOIN)
  // Mark the device as authenticated.
  ZDSecMgrAuthenticationSet( extAddr, ZDSecMgr_Authenticated_CBCK );
#endif

#if defined NV_RESTORE
  ZDSecMgrWriteNV();  // Write the new established link key to NV.
#endif

  return ZSuccess;
}

#if defined ( NV_RESTORE )
/******************************************************************************
 * @fn          ZDSecMgrInitNV
 *
 * @brief       Initialize the SecMgr entry data in NV with all values set to 0
 *
 * @param       none
 *
 * @return      uint8 - <osal_nv_item_init> return codes
 */
uint8 ZDSecMgrInitNV(void)
{

  uint8 rtrn = osal_nv_item_init(ZCD_NV_APS_LINK_KEY_TABLE,
                (sizeof(nvDeviceListHdr_t) + (sizeof(ZDSecMgrEntry_t) * ZDSECMGR_ENTRY_MAX)), NULL);

  // If the item does not already exist, set all values to 0
  if (rtrn != SUCCESS)
  {
    nvDeviceListHdr_t hdr;
    hdr.numRecs = 0;
    osal_nv_write(ZCD_NV_APS_LINK_KEY_TABLE, 0, sizeof(nvDeviceListHdr_t), &hdr);
  }

  return rtrn;
}
#endif // NV_RESTORE

#if defined ( NV_RESTORE )
/*********************************************************************
 * @fn      ZDSecMgrWriteNV()
 *
 * @brief   Save off the APS link key list to NV
 *
 * @param   none
 *
 * @return  none
 */
static void ZDSecMgrWriteNV( void )
{
  uint16 i;
  nvDeviceListHdr_t hdr;

  hdr.numRecs = 0;

  if (ZDSecMgrEntries != NULL)
  {
    for ( i = 0; i < ZDSECMGR_ENTRY_MAX; i++ )
    {
      // Save off the record
      osal_nv_write( ZCD_NV_APS_LINK_KEY_TABLE,
                    (uint16)((sizeof(nvDeviceListHdr_t)) + (i * sizeof(ZDSecMgrEntry_t))),
                    sizeof(ZDSecMgrEntry_t), &ZDSecMgrEntries[i] );

      if ( ZDSecMgrEntries[i].ami != INVALID_NODE_ADDR )
      {
        hdr.numRecs++;
      }
    }
  }

  // Save off the header
  osal_nv_write( ZCD_NV_APS_LINK_KEY_TABLE, 0, sizeof( nvDeviceListHdr_t ), &hdr );
}
#endif // NV_RESTORE

#if defined ( NV_RESTORE )
/******************************************************************************
 * @fn          ZDSecMgrRestoreFromNV
 *
 * @brief       Restore the APS Link Key entry data from NV. It does not restore
 *              the key data itself as they remain in NV until they are used.
 *              Only list data is restored.
 *
 * @param       none
 *
 * @return      None.
 */
static void ZDSecMgrRestoreFromNV( void )
{
  nvDeviceListHdr_t hdr;
  APSME_LinkKeyData_t *pApsLinkKey = NULL;

  if ((osal_nv_read(ZCD_NV_APS_LINK_KEY_TABLE, 0, sizeof(nvDeviceListHdr_t), &hdr) == ZSUCCESS) &&
      ((hdr.numRecs > 0) && (hdr.numRecs <= ZDSECMGR_ENTRY_MAX)))
  {
    uint8 x;

    pApsLinkKey = (APSME_LinkKeyData_t *)osal_mem_alloc(sizeof(APSME_LinkKeyData_t));

    for (x = 0; x < ZDSECMGR_ENTRY_MAX; x++)
    {
      if ( osal_nv_read( ZCD_NV_APS_LINK_KEY_TABLE,
                        (uint16)(sizeof(nvDeviceListHdr_t) + (x * sizeof(ZDSecMgrEntry_t))),
                        sizeof(ZDSecMgrEntry_t), &ZDSecMgrEntries[x] ) == SUCCESS )
      {
        // update data only for valid entries
        if ( ZDSecMgrEntries[x].ami != INVALID_NODE_ADDR )
        {
          if (pApsLinkKey != NULL)
          {
            // read the key form NV, keyNvId must be ZCD_NV_APS_LINK_KEY_DATA_START based
            osal_nv_read( ZDSecMgrEntries[x].keyNvId, 0,
                         sizeof(APSME_LinkKeyData_t), pApsLinkKey );

            // set new values for the counter
            pApsLinkKey->txFrmCntr += ( MAX_APS_FRAMECOUNTER_CHANGES + 1 );

            // restore values for counters in RAM
            ApsLinkKeyFrmCntr[ZDSecMgrEntries[x].keyNvId - ZCD_NV_APS_LINK_KEY_DATA_START].txFrmCntr =
                                            pApsLinkKey->txFrmCntr;

            ApsLinkKeyFrmCntr[ZDSecMgrEntries[x].keyNvId - ZCD_NV_APS_LINK_KEY_DATA_START].rxFrmCntr =
                                            pApsLinkKey->rxFrmCntr;

            osal_nv_write( ZDSecMgrEntries[x].keyNvId, 0,
                          sizeof(APSME_LinkKeyData_t), pApsLinkKey );

            // clear copy of key in RAM
            osal_memset(pApsLinkKey, 0x00, sizeof(APSME_LinkKeyData_t));
          }
        }
      }
    }

    if (pApsLinkKey != NULL)
    {
      osal_mem_free(pApsLinkKey);
    }
  }
}
#endif // NV_RESTORE

/*********************************************************************
 * @fn          ZDSecMgrSetDefaultNV
 *
 * @brief       Write the defaults to NV for Entry table and for APS key data table
 *
 * @param       none
 *
 * @return      none
 */
void ZDSecMgrSetDefaultNV( void )
{
  uint16 i;
  nvDeviceListHdr_t hdr;
  ZDSecMgrEntry_t secMgrEntry;
  APSME_LinkKeyData_t *pApsLinkKey = NULL;

  // Initialize the header
  hdr.numRecs = 0;

  // clear the header
  osal_nv_write(ZCD_NV_APS_LINK_KEY_TABLE, 0, sizeof(nvDeviceListHdr_t), &hdr);

  osal_memset( &secMgrEntry, 0x00, sizeof(ZDSecMgrEntry_t) );

  for ( i = 0; i < ZDSECMGR_ENTRY_MAX; i++ )
  {
    // Clear the record
    osal_nv_write( ZCD_NV_APS_LINK_KEY_TABLE,
                (uint16)((sizeof(nvDeviceListHdr_t)) + (i * sizeof(ZDSecMgrEntry_t))),
                        sizeof(ZDSecMgrEntry_t), &secMgrEntry );
  }

  pApsLinkKey = (APSME_LinkKeyData_t *)osal_mem_alloc(sizeof(APSME_LinkKeyData_t));

  if (pApsLinkKey != NULL)
  {
    osal_memset( pApsLinkKey, 0x00, sizeof(APSME_LinkKeyData_t) );

    for ( i = 0; i < ZDSECMGR_ENTRY_MAX; i++ )
    {
      // Clear the record
      osal_nv_write( (ZCD_NV_APS_LINK_KEY_DATA_START + i), 0,
                    sizeof(APSME_LinkKeyData_t), pApsLinkKey);
    }

    osal_mem_free(pApsLinkKey);
  }
}

#if defined ( NV_RESTORE )
/*********************************************************************
 * @fn      ZDSecMgrUpdateNV()
 *
 * @brief   Updates one entry of the APS link key table to NV
 *
 * @param   index - to the entry in security manager table
 *
 * @return  none
 */
static void ZDSecMgrUpdateNV( uint16 index )
{
  nvDeviceListHdr_t hdr;

  if (ZDSecMgrEntries != NULL)
  {
    // Save off the record
    osal_nv_write( ZCD_NV_APS_LINK_KEY_TABLE,
                   (uint16)((sizeof(nvDeviceListHdr_t)) + (index * sizeof(ZDSecMgrEntry_t))),
                   sizeof(ZDSecMgrEntry_t), &ZDSecMgrEntries[index] );
  }

  if (osal_nv_read(ZCD_NV_APS_LINK_KEY_TABLE, 0, sizeof(nvDeviceListHdr_t), &hdr) == ZSUCCESS)
  {
    if ( ZDSecMgrEntries[index].ami == INVALID_NODE_ADDR )
    {
      if (hdr.numRecs > 0)
      {
        hdr.numRecs--;
      }
    }
    else
    {
      hdr.numRecs++;
    }

    // Save off the header
    osal_nv_write( ZCD_NV_APS_LINK_KEY_TABLE, 0, sizeof( nvDeviceListHdr_t ), &hdr );
  }
}
#endif // NV_RESTORE

/******************************************************************************
 * @fn          ZDSecMgrAPSRemove
 *
 * @brief       Remove device from network.
 *
 * @param       nwkAddr - device's NWK address
 * @param       extAddr - device's Extended address
 * @param       parentAddr - parent's NWK address
 *
 * @return      ZStatus_t
 */
ZStatus_t ZDSecMgrAPSRemove( uint16 nwkAddr, uint8 *extAddr, uint16 parentAddr )
{
  ZDSecMgrDevice_t device;

  if ( ( nwkAddr == INVALID_NODE_ADDR ) ||
       ( extAddr == NULL )              ||
       ( parentAddr == INVALID_NODE_ADDR ) )
  {
    return ( ZFailure );
  }

  device.nwkAddr = nwkAddr;
  device.extAddr = extAddr;
  device.parentAddr = parentAddr;

  // remove device
  ZDSecMgrDeviceRemove( &device );

  return ( ZSuccess );
}

/******************************************************************************
 * @fn          APSME_TCLinkKeyInit
 *
 * @brief       Initialize the NV table for preconfigured TC link key
 *
 *              When zgUseDefaultTCL is set to TRUE, the default preconfig
 *              Trust Center Link Key is written to NV. A single tclk is used
 *              by all devices joining the network.
 *
 * @param       setDefault - TRUE to set default values
 *
 * @return      none
 */
void APSME_TCLinkKeyInit(uint8 setDefault)
{
  uint8             i;
  APSME_TCLinkKey_t tcLinkKey;
  uint8             rtrn;

  // Initialize all NV items for preconfigured TCLK
  for( i = 0; i < ZDSECMGR_TC_DEVICE_MAX; i++ )
  {
    // Making sure data is cleared for every key all the time
    osal_memset( &tcLinkKey, 0x00, sizeof(APSME_TCLinkKey_t) );

    // Initialize first element of the table with the default TCLK
    if((i == 0) && ( zgUseDefaultTCLK == TRUE ))
    {
      osal_memset( tcLinkKey.extAddr, 0xFF, Z_EXTADDR_LEN );
      osal_memcpy( tcLinkKey.key, defaultTCLinkKey, SEC_KEY_LEN);
    }

    // If the item doesn't exist in NV memory, create and initialize
    // it with the default value passed in, either defaultTCLK or 0
    rtrn = osal_nv_item_init( (ZCD_NV_TCLK_TABLE_START + i),
                               sizeof(APSME_TCLinkKey_t), &tcLinkKey);

    if (rtrn == SUCCESS)
    {
      // set the Frame counters to 0 to existing keys in NV
      osal_nv_read( ( ZCD_NV_TCLK_TABLE_START + i), 0,
                     sizeof(APSME_TCLinkKey_t), &tcLinkKey );

#if defined ( NV_RESTORE )
      if (setDefault == TRUE)
      {
        // clear the value stored in NV
        tcLinkKey.txFrmCntr = 0;
      }
      else
      {
        // increase the value stored in NV
        tcLinkKey.txFrmCntr += ( MAX_TCLK_FRAMECOUNTER_CHANGES + 1 );
      }
#else
      // Clear the counters if NV_RESTORE is not enabled and this NV item
      // already existed in the NV memory
      tcLinkKey.txFrmCntr = 0;
      tcLinkKey.rxFrmCntr = 0;
#endif  // NV_RESTORE

      osal_nv_write( ( ZCD_NV_TCLK_TABLE_START + i), 0,
                      sizeof(APSME_TCLinkKey_t), &tcLinkKey );

      // set initial values for counters in RAM
      TCLinkKeyFrmCntr[i].txFrmCntr = tcLinkKey.txFrmCntr;
      TCLinkKeyFrmCntr[i].rxFrmCntr = tcLinkKey.rxFrmCntr;
    }
  }

  // clear copy of key in RAM
  osal_memset( &tcLinkKey, 0x00, sizeof(APSME_TCLinkKey_t) );

}

/******************************************************************************
 * @fn          APSME_TCLinkKeySync
 *
 * @brief       Sync Trust Center LINK key data.
 *
 * @param       srcAddr - [in] srcAddr
 * @param       si      - [in, out] SSP_Info_t
 *
 * @return      ZStatus_t
 */
ZStatus_t APSME_TCLinkKeySync( uint16 srcAddr, SSP_Info_t* si )
{
  uint8 i;
  ZStatus_t status = ZSecNoKey;
  APSME_TCLinkKey_t tcLinkKey;
  uint32 *tclkRxFrmCntr;

  // Look up the IEEE address of the trust center if it's available
  if ( AddrMgrExtAddrValid( si->extAddr ) == FALSE )
  {
    APSME_LookupExtAddr( srcAddr, si->extAddr );
  }

  // Look up the TC link key associated with the device
  // or the default TC link key (extAddr is all FFs), whichever is found
  for( i = 0; i < ZDSECMGR_TC_DEVICE_MAX; i++ )
  {
    // Read entry i of the TC link key table from NV
    osal_nv_read( (ZCD_NV_TCLK_TABLE_START + i), 0,
                 sizeof(APSME_TCLinkKey_t), &tcLinkKey );

    if( AddrMgrExtAddrEqual(si->extAddr, tcLinkKey.extAddr) ||
        APSME_IsDefaultTCLK(tcLinkKey.extAddr))
    {
      tclkRxFrmCntr = &TCLinkKeyFrmCntr[i].rxFrmCntr;

      // verify that the incoming frame counter is valid
      if ( si->frmCntr >= *tclkRxFrmCntr )
      {
        // set the keyNvId to use
        si->keyNvId = (ZCD_NV_TCLK_TABLE_START + i);

        // update the rx frame counter
        *tclkRxFrmCntr = si->frmCntr + 1;

        status = ZSuccess;
      }
      else
      {
        status = ZSecOldFrmCount;
      }
      // break from the loop
      break;
    }
  }

  // clear copy of key in RAM
  osal_memset( &tcLinkKey, 0x00, sizeof(APSME_TCLinkKey_t) );

  return status;
}

/******************************************************************************
 * @fn          APSME_TCLinkKeyLoad
 *
 * @brief       Load Trust Center LINK key data.
 *
 * @param       dstAddr - [in] dstAddr
 * @param       si      - [in, out] SSP_Info_t
 *
 * @return      ZStatus_t
 */
ZStatus_t APSME_TCLinkKeyLoad( uint16 dstAddr, SSP_Info_t* si )
{
  uint8 i;
  ZStatus_t status = ZSecNoKey;
  APSME_TCLinkKey_t tcLinkKey;
  AddrMgrEntry_t addrEntry;
  uint32 *tclkTxFrmCntr;
  uint8 extAddrFound;
  uint8 defaultTCLKIdx = ZDSECMGR_TC_DEVICE_MAX;

  // Look up the ami of the srcAddr if available
  addrEntry.user    = ADDRMGR_USER_DEFAULT;
  addrEntry.nwkAddr = dstAddr;

  APSME_LookupExtAddr( dstAddr, si->extAddr );

  extAddrFound = AddrMgrExtAddrValid( si->extAddr );

  // Look up the TC link key associated with the device
  // or the master TC link key (ami = 0xFFFF), whichever is found
  for( i = 0; i < ZDSECMGR_TC_DEVICE_MAX; i++ )
  {
    // Read entry i of the TC link key table from NV
    osal_nv_read( (ZCD_NV_TCLK_TABLE_START + i), 0,
                 sizeof(APSME_TCLinkKey_t), &tcLinkKey );

    if( extAddrFound && AddrMgrExtAddrEqual(si->extAddr, tcLinkKey.extAddr) )
    {
      status = ZSuccess;

      break; // break from the loop
    }

    if ( APSME_IsDefaultTCLK(tcLinkKey.extAddr) )
    {
      if ( !extAddrFound )
      {
        status = ZSuccess;

        break; // break from the loop
      }

      // Remember the default TCLK index
      defaultTCLKIdx = i;
    }
  }

  if ( (status != ZSuccess) && (defaultTCLKIdx < ZDSECMGR_TC_DEVICE_MAX) )
  {
    // Exact match was not found; use the default TC Link Key
    i = defaultTCLKIdx;
    status = ZSuccess;
  }

  if ( status == ZSuccess )
  {
    tclkTxFrmCntr = &TCLinkKeyFrmCntr[i].txFrmCntr;

    // set the keyNvId to use
    si->keyNvId = (ZCD_NV_TCLK_TABLE_START + i);

    // update link key related fields
    si->keyID   = SEC_KEYID_LINK;
    si->frmCntr = *tclkTxFrmCntr;

    // update outgoing frame counter
    (*tclkTxFrmCntr)++;

#if defined ( NV_RESTORE )
    // write periodically to NV
    if ( !(*tclkTxFrmCntr % MAX_TCLK_FRAMECOUNTER_CHANGES) )
    {
      // set the flag to write key to NV
      TCLinkKeyFrmCntr[i].pendingFlag = TRUE;

      // Notify the ZDApp that the frame counter has changed.
      osal_set_event( ZDAppTaskID, ZDO_TCLK_FRAMECOUNTER_CHANGE );
    }
#endif
  }

  // If no TC link key found, remove the device from the address manager
  if ( (status != ZSuccess) && (AddrMgrEntryLookupNwk(&addrEntry) == TRUE) )
  {
    AddrMgrEntryRelease( &addrEntry );
  }

    // clear copy of key in RAM
  osal_memset( &tcLinkKey, 0x00, sizeof(APSME_TCLinkKey_t) );

  return status;
}

/******************************************************************************
 * @fn          APSME_IsDefaultTCLK
 *
 * @brief       Return TRUE or FALSE based on the extended address.  If the
 *              input ext address is all FFs, it means the trust center link
 *              assoiciated with the address is the default trust center link key
 *
 * @param       extAddr - [in] extended address
 *
 * @return      uint8 TRUE/FALSE
 */
uint8 APSME_IsDefaultTCLK( uint8 *extAddr )
{
  uint8 i = 0;

  if( extAddr == NULL )
  {
    return FALSE;
  }

  while( i++ < Z_EXTADDR_LEN )
  {
    if( *extAddr++ != 0xFF )
    {
      return FALSE;
    }
  }

  return TRUE;
}

/******************************************************************************
 * @fn          ZDSecMgrNwkKeyInit
 *
 * @brief       Initialize the NV items for
 *                  ZCD_NV_NWKKEY,
 *                  ZCD_NV_NWK_ACTIVE_KEY_INFO and
 *                  ZCD_NV_NWK_ALTERN_KEY_INFO
 *
 * @param       setDefault
 *
 * @return      none
 */
void ZDSecMgrNwkKeyInit(uint8 setDefault)
{
  uint8 status;
  nwkKeyDesc nwkKey;

  // Initialize NV items for NWK key, this structure contains the frame counter
  // and is only used when NV_RESTORE is enabled
  nwkActiveKeyItems keyItems;

  osal_memset( &keyItems, 0, sizeof( nwkActiveKeyItems ) );

  status = osal_nv_item_init( ZCD_NV_NWKKEY, sizeof(nwkActiveKeyItems), (void *)&keyItems );

#if defined ( NV_RESTORE )
  // reset the values of NV items if NV_RESTORE is not enabled
  if ((status == SUCCESS) && (setDefault == TRUE))
  {
    // clear NV data to default values
    osal_nv_write( ZCD_NV_NWKKEY, 0, sizeof(nwkActiveKeyItems), &keyItems );
  }
#else
  (void)setDefault;   // to eliminate compiler warning

  // reset the values of NV items if NV_RESTORE is not enabled
  if (status == SUCCESS)
  {
    osal_nv_write( ZCD_NV_NWKKEY, 0, sizeof(nwkActiveKeyItems), &keyItems );
  }
#endif // defined (NV_RESTORE)

  // Initialize NV items for NWK Active and Alternate keys. These items are used
  // all the time, independently of NV_RESTORE being set or not
  osal_memset( &nwkKey, 0x00, sizeof(nwkKey) );

  status = osal_nv_item_init( ZCD_NV_NWK_ACTIVE_KEY_INFO, sizeof(nwkKey), &nwkKey);

#if defined ( NV_RESTORE )
  // reset the values of NV items if NV_RESTORE is not enabled
  if ((status == SUCCESS) && (setDefault == TRUE))
  {
    // clear NV data to default values
    osal_nv_write( ZCD_NV_NWK_ACTIVE_KEY_INFO, 0, sizeof(nwkKey), &nwkKey );
  }
#else
  // reset the values of NV items if NV_RESTORE is not enabled
  if (status == SUCCESS)
  {
    osal_nv_write( ZCD_NV_NWK_ACTIVE_KEY_INFO, 0, sizeof(nwkKey), &nwkKey );
  }
#endif // defined (NV_RESTORE)

  status = osal_nv_item_init( ZCD_NV_NWK_ALTERN_KEY_INFO, sizeof(nwkKey), &nwkKey );

#if defined ( NV_RESTORE )
  // reset the values of NV items if NV_RESTORE is not enabled
  if ((status == SUCCESS) && (setDefault == TRUE))
  {
    // clear NV data to default values
    osal_nv_write( ZCD_NV_NWK_ALTERN_KEY_INFO, 0, sizeof(nwkKey), &nwkKey );
  }
#else
  // reset the values of NV items if NV_RESTORE is not enabled
  if (status == SUCCESS)
  {
    osal_nv_write( ZCD_NV_NWK_ALTERN_KEY_INFO, 0, sizeof(nwkKey), &nwkKey );
  }
#endif // defined (NV_RESTORE)

}

/*********************************************************************
 * @fn          ZDSecMgrReadKeyFromNv
 *
 * @brief       Looks for a specific key in NV based on Index value
 *
 * @param   keyNvId - Index of key to look in NV
 *                    valid values are:
 *                    ZCD_NV_NWK_ACTIVE_KEY_INFO
 *                    ZCD_NV_NWK_ALTERN_KEY_INFO
 *                    ZCD_NV_TCLK_TABLE_START + <offset_in_table>
 *                    ZCD_NV_APS_LINK_KEY_DATA_START + <offset_in_table>
 *                    ZCD_NV_MASTER_KEY_DATA_START + <offset_in_table>
 *                    ZCD_NV_PRECFGKEY
 *
 * @param  *keyinfo - Data is read into this buffer.
 *
 * @return  SUCCESS if NV data was copied to the keyinfo parameter .
 *          Otherwise, NV_OPER_FAILED for failure.
 */
ZStatus_t ZDSecMgrReadKeyFromNv(uint16 keyNvId, void *keyinfo)
{
  if ((keyNvId == ZCD_NV_NWK_ACTIVE_KEY_INFO) ||
      (keyNvId == ZCD_NV_NWK_ALTERN_KEY_INFO))
  {
    // get NWK active or alternate key from NV
    return (osal_nv_read(keyNvId,
                         osal_offsetof(nwkKeyDesc, key),
                         SEC_KEY_LEN,
                         keyinfo));
  }
  else if ((keyNvId >= ZCD_NV_TCLK_TABLE_START) &&
           (keyNvId < (ZCD_NV_TCLK_TABLE_START + ZDSECMGR_TC_DEVICE_MAX)))
  {
    // Read entry keyNvId of the TC link key table from NV. keyNvId should be
    // ZCD_NV_TCLK_TABLE_START + <offset_in_table>
    return (osal_nv_read(keyNvId,
                         osal_offsetof(APSME_TCLinkKey_t, key),
                         SEC_KEY_LEN,
                         keyinfo));
  }
  else if ((keyNvId >= ZCD_NV_APS_LINK_KEY_DATA_START) &&
           (keyNvId < (ZCD_NV_APS_LINK_KEY_DATA_START + ZDSECMGR_ENTRY_MAX)))
  {
    // Read entry keyNvId of the APS link key table from NV. keyNvId should be
    // ZCD_NV_APS_LINK_KEY_DATA_START + <offset_in_table>
    return (osal_nv_read(keyNvId,
                         osal_offsetof(APSME_LinkKeyData_t, key),
                         SEC_KEY_LEN,
                         keyinfo));
  }
  else if ((keyNvId >= ZCD_NV_MASTER_KEY_DATA_START) &&
           (keyNvId < (ZCD_NV_MASTER_KEY_DATA_START + ZDSECMGR_MASTERKEY_MAX)))
  {
    // Read entry keyNvId of the MASTER key table from NV. keyNvId should be
    // ZCD_NV_MASTER_KEY_DATA_START + <offset_in_table>
    return (osal_nv_read(keyNvId,
                         osal_offsetof(ZDSecMgrMasterKeyData_t, key),
                         SEC_KEY_LEN,
                         keyinfo));
  }
  else if (keyNvId == ZCD_NV_PRECFGKEY)
  {
    // Read entry keyNvId of the Preconfig key from NV.
    return (osal_nv_read(keyNvId,
                         0,
                         SEC_KEY_LEN,
                         keyinfo));
  }

  return NV_OPER_FAILED;
}

/******************************************************************************
 * @fn          ZDSecMgrApsLinkKeyInit
 *
 * @brief       Initialize the NV table for Application link keys
 *
 * @param       none
 *
 * @return      none
 */
void ZDSecMgrApsLinkKeyInit(void)
{
  APSME_LinkKeyData_t pApsLinkKey;
  uint8 i;
  uint8 status;

  // Initialize all NV items for APS link key, if not exist already.
  osal_memset( &pApsLinkKey, 0x00, sizeof(APSME_LinkKeyData_t) );

  for( i = 0; i < ZDSECMGR_ENTRY_MAX; i++ )
  {
    status = osal_nv_item_init( (ZCD_NV_APS_LINK_KEY_DATA_START + i),
                               sizeof(APSME_LinkKeyData_t), &pApsLinkKey );

#if defined ( NV_RESTORE )
    (void)status;   // to eliminate compiler warning
#else
    // reset the values of NV items if NV_RESTORE is not enabled
    if (status == SUCCESS)
    {
      osal_nv_write( (ZCD_NV_APS_LINK_KEY_DATA_START + i), 0,
                    sizeof(APSME_LinkKeyData_t), &pApsLinkKey );

    }
#endif // defined (NV_RESTORE)
  }
}

/******************************************************************************
 * @fn          ZDSecMgrInitNVKeyTables
 *
 * @brief       Initialize the NV table for All keys: NWK, Master, TCLK and APS
 *
 * @param       setDefault - TRUE to set default values
 *
 * @return      none
 */
void ZDSecMgrInitNVKeyTables(uint8 setDefault)
{
  ZDSecMgrNwkKeyInit(setDefault);
  ZDSecMgrMasterKeyInit();
  ZDSecMgrApsLinkKeyInit();
  APSME_TCLinkKeyInit(setDefault);
}

/******************************************************************************
 * @fn          ZDSecMgrSaveApsLinkKey
 *
 * @brief       Save APS Link Key to NV. It will loop through all the keys
 *              to see which one to save.
 *
 * @param       none
 *
 * @return      none
 */
void ZDSecMgrSaveApsLinkKey(void)
{
  APSME_LinkKeyData_t *pKeyData = NULL;
  int i;

  pKeyData = (APSME_LinkKeyData_t *)osal_mem_alloc(sizeof(APSME_LinkKeyData_t));

  if (pKeyData != NULL)
  {
    // checks all pending flags to know which one to save
    for (i = 0; i < ZDSECMGR_ENTRY_MAX; i++)
    {
      if (ApsLinkKeyFrmCntr[i].pendingFlag == TRUE)
      {
        // retrieve key from NV
        if (osal_nv_read(ZCD_NV_APS_LINK_KEY_DATA_START + i, 0,
                         sizeof(APSME_LinkKeyData_t), pKeyData) == SUCCESS)
        {
          pKeyData->txFrmCntr = ApsLinkKeyFrmCntr[i].txFrmCntr;
          pKeyData->rxFrmCntr = ApsLinkKeyFrmCntr[i].rxFrmCntr;

          // Write the APS link key back to the NV
          osal_nv_write(ZCD_NV_APS_LINK_KEY_DATA_START + i, 0,
                        sizeof(APSME_LinkKeyData_t), pKeyData);

          // clear the pending write flag
          ApsLinkKeyFrmCntr[i].pendingFlag = FALSE;
        }
      }
    }

    // clear copy of key in RAM
    osal_memset( pKeyData, 0x00, sizeof(APSME_LinkKeyData_t) );

    osal_mem_free(pKeyData);
  }
}

/******************************************************************************
 * @fn          ZDSecMgrSaveTCLinkKey
 *
 * @brief       Save TC Link Key to NV. It will loop through all the keys
 *              to see which one to save.
 *
 * @param       none
 *
 * @return      none
 */
void ZDSecMgrSaveTCLinkKey(void)
{
  APSME_TCLinkKey_t *pKeyData = NULL;
  uint16 i;

  pKeyData = (APSME_TCLinkKey_t *)osal_mem_alloc(sizeof(APSME_TCLinkKey_t));

  if (pKeyData != NULL)
  {
    for( i = 0; i < ZDSECMGR_TC_DEVICE_MAX; i++ )
    {
      if (TCLinkKeyFrmCntr[i].pendingFlag == TRUE)
      {
        if (osal_nv_read(ZCD_NV_TCLK_TABLE_START + i, 0,
                         sizeof(APSME_TCLinkKey_t), pKeyData) == SUCCESS)
        {
          pKeyData->txFrmCntr = TCLinkKeyFrmCntr[i].txFrmCntr;
          pKeyData->rxFrmCntr = TCLinkKeyFrmCntr[i].rxFrmCntr;

          // Write the TC link key back to the NV
          osal_nv_write(ZCD_NV_TCLK_TABLE_START + i, 0,
                        sizeof(APSME_TCLinkKey_t), pKeyData);

          // clear the pending write flag
          TCLinkKeyFrmCntr[i].pendingFlag = FALSE;
        }
      }
    }
      // clear copy of key in RAM
    osal_memset( pKeyData, 0x00, sizeof(APSME_TCLinkKey_t) );

    osal_mem_free(pKeyData);
  }
}

#if defined ( ZBA_FALLBACK_NWKKEY )
/******************************************************************************
 * @fn          ZDSecMgrFallbackNwkKey
 *
 * @brief       Use the ZBA fallback network key.
 *
 * @param       none
 *
 * @return      none
 */
void ZDSecMgrFallbackNwkKey( void )
{
  if ( !_NIB.nwkKeyLoaded )
  {
    uint8 fallbackKey[SEC_KEY_LEN];

    ZDSecMgrReadKeyFromNv( ZCD_NV_PRECFGKEY, fallbackKey );
    SSP_UpdateNwkKey( fallbackKey, 0);
    SSP_SwitchNwkKey( 0 );

    // clear local copy of key
    osal_memset( fallbackKey, 0x00, SEC_KEY_LEN );

    // handle next step in authentication process
    ZDSecMgrAuthNwkKey();
  }
}
#endif // defined ( ZBA_FALLBACK_NWKKEY )

#if defined ( NV_RESTORE )
/******************************************************************************
 * @fn          ZDSecMgrClearNVKeyValues
 *
 * @brief       If NV_RESTORE is enabled and the status of the network needs
 *              default values this fuction clears ZCD_NV_NWKKEY,
 *              ZCD_NV_NWK_ACTIVE_KEY_INFO and ZCD_NV_NWK_ALTERN_KEY_INFO link
 *
 * @param       none
 *
 * @return      none
 */
void ZDSecMgrClearNVKeyValues(void)
{
  nwkActiveKeyItems keyItems;
  nwkKeyDesc nwkKey;

  osal_memset(&keyItems, 0x00, sizeof(nwkActiveKeyItems));

  osal_nv_write(ZCD_NV_NWKKEY, 0, sizeof(nwkActiveKeyItems), &keyItems);

  // Initialize NV items for NWK Active and Alternate keys.
  osal_memset( &nwkKey, 0x00, sizeof(nwkKeyDesc) );

  osal_nv_write(ZCD_NV_NWK_ACTIVE_KEY_INFO, 0, sizeof(nwkKeyDesc), &nwkKey);

  osal_nv_write(ZCD_NV_NWK_ALTERN_KEY_INFO, 0, sizeof(nwkKeyDesc), &nwkKey);
}
#endif // defined ( NV_RESTORE )

/******************************************************************************
******************************************************************************/