Where is the sourcecode for encryption of downlink frames?

I need some directions for where in the sourcecode downlink frames are encrypted prior to being queued up to sent to edge device. I’d like to see where that is in CS application server v 3.17.7.

It’s doing some kind of encryption on a variable length payload. I need to see it to use it as a guide for how i would DEcrypt it at the edge device.

If there is any documentation on that id be happy to see that too. Thank you.

I believe most of the v3 encryption code is abstracted to:

Other documentation includes the LoRaWAN spec itself.

1 Like

End-device reference may help.

Chirpstack uses this.

Placing an example packet in the decoder shows the fields.

The 008f and 009f are one byte of the devaddr 00 and the fctrl byte 8f or 9f. The fctrl is 4 bit flags and the size of fopts field, f = 15.

03…8c are the fopts bytes, they are unencrypted MAC commands.

Hello Jason. Thanks for the response. I have deleted my earlier post as it was littered with inaccuracies.

The data here is a portion of the frame called the PHY layer, (aka PHY Payload)


such that,

[MAC header]
[Device address]
[Frame counter]
[FRM payload]

There are a variable number of FOpts. The total number is transmitted in the lower nibble of FCtrl byte.

FRM payload can be empty. When it is, the FPort will not exist.

Since FOpts reside with FRM payload, this is sometimes called MAC commands in a piggyback configuration.