Invalid ICD counter offset prevents check-ins (CON-1994)

[tomasmcguinness]

I have been developing a controller that connects to ICD devices. One of my strategies for maintaining active subscriptions is to use the ICD CheckInMessage to create subscriptions. This works very reliably.

However, I have recently noticed two of my ICD devices can no longer maintain active subscriptions. When they check-in, the controller rejects the message with this error:

A duplicate check-in message was received and discarded

I found the cause and it's related to the check-in counters. Both of the devices that cannot reconnect have huge counter offset values stored in the ICD Storage table; 1358378982 and 761539048 respectively.

icd_client:   +------------------------------------------------------------------------------------------------------+
icd_client:   | 0000000000002721 | 000000000001B669 |    1952497120 |     1358378982 | 000000000001B669 |          0 |
icd_client:   | aes key:                              f454daede77ce3920000000000000000                               |
icd_client:   | hmac key:                             f454daede77ce3920000000000000000                               |
icd_client:   +------------------------------------------------------------------------------------------------------+
icd_client:   | 0000000000002735 | 000000000001B669 |    2045614102 |      761539048 | 000000000001B669 |          0 |
icd_client:   | aes key:                              e344c556e700006a0000000000000000                               |
icd_client:   | hmac key:                             e344c556e700006a0000000000000000                               |
icd_client:   +------------------------------------------------------------------------------------------------------+

When I cycled the power of Device 0x2721, it sent a check-in with counter offset of just 1101. I confirmed this by adding additional logging.

chip[EM]: >>> [E:45987r S:0 M:255894650] (U) Msg RX from 0:DF0858E2B0B25D14 [0000] to 0000000000000000 --- Type 0000:50 (SecureChannel:ICD_CheckInMessage) (B:57)
chip[CR]: mbedTLS error: CCM - Authenticated decryption failed
chip[CR]: mbedTLS error: CCM - Authenticated decryption failed
chip[CR]: mbedTLS error: CCM - Authenticated decryption failed
chip[ICD]: receivedCheckInCounterOffset: 1101, clientInfo.offset: 1358378982
chip[ICD]: A duplicate check-in message was received and discarded

Somehow, the ICD record for these devices has been corrupted. This means that my devices will never be able to successfully check-in.

There is no delegate available for failed check-ins, so my controller cannot take any action to fix the ICD storage record.

At this point, the only option is the reset the devices and commission them again.