/// <summary>
/// Decrypt data.
/// </summary>
/// <param name="p">Decryption parameters</param>
/// <returns>Decrypted data.</returns>
public static byte[] DecryptAesGcm(AesGcmParameter p, GXByteBuffer data)
{
if (data == null || data.Size < 2)
{
throw new ArgumentOutOfRangeException("cryptedData");
}
byte[] tmp;
int len;
Command cmd = (Command)data.GetUInt8();
switch (cmd)
{
case Command.GeneralGloCiphering:
case Command.GeneralDedCiphering:
len = GXCommon.GetObjectCount(data);
if (len != 0)
{
p.SystemTitle = new byte[len];
data.Get(p.SystemTitle);
if (p.Xml != null && p.Xml.Comments)
{
p.Xml.AppendComment(GXCommon.SystemTitleToString(Standard.DLMS, p.SystemTitle));
}
}
if (p.SystemTitle == null || p.SystemTitle.Length != 8)
{
if (p.Xml == null)
{
throw new ArgumentNullException("Invalid sender system title.");
}
else
{
p.Xml.AppendComment("Invalid sender system title.");
}
}
break;
case Command.GeneralCiphering:
case Command.GloInitiateRequest:
case Command.GloInitiateResponse:
case Command.GloReadRequest:
case Command.GloReadResponse:
case Command.GloWriteRequest:
case Command.GloWriteResponse:
case Command.GloGetRequest:
case Command.GloGetResponse:
case Command.GloSetRequest:
case Command.GloSetResponse:
case Command.GloMethodRequest:
case Command.GloMethodResponse:
case Command.GloEventNotification:
case Command.DedInitiateRequest:
case Command.DedInitiateResponse:
case Command.DedGetRequest:
case Command.DedGetResponse:
case Command.DedSetRequest:
case Command.DedSetResponse:
case Command.DedMethodRequest:
case Command.DedMethodResponse:
case Command.DedEventNotification:
case Command.DedReadRequest:
case Command.DedReadResponse:
case Command.DedWriteRequest:
case Command.DedWriteResponse:
case Command.GloConfirmedServiceError:
case Command.DedConfirmedServiceError:
break;
default:
throw new ArgumentOutOfRangeException("cryptedData");
}
int value = 0;
UInt64 transactionId = 0;
if (cmd == Command.GeneralCiphering)
{
len = GXCommon.GetObjectCount(data);
tmp = new byte[len];
data.Get(tmp);
GXByteBuffer t = new GXByteBuffer(tmp);
transactionId = t.GetUInt64();
len = GXCommon.GetObjectCount(data);
if (len != 0)
{
tmp = new byte[len];
data.Get(tmp);
p.SystemTitle = tmp;
}
if (p.SystemTitle == null || p.SystemTitle.Length != 8)
{
if (p.Xml == null)
{
throw new ArgumentNullException("Invalid sender system title.");
}
else
{
p.Xml.AppendComment("Invalid sender system title.");
}
}
len = GXCommon.GetObjectCount(data);
tmp = new byte[len];
data.Get(tmp);
p.RecipientSystemTitle = tmp;
// Get date time.
len = GXCommon.GetObjectCount(data);
if (len != 0)
{
tmp = new byte[len];
data.Get(tmp);
p.DateTime = tmp;
}
// other-information
len = data.GetUInt8();
if (len != 0)
{
tmp = new byte[len];
data.Get(tmp);
p.OtherInformation = tmp;
}
// KeyInfo OPTIONAL
len = data.GetUInt8();
// AgreedKey CHOICE tag.
data.GetUInt8();
// key-parameters
len = data.GetUInt8();
value = data.GetUInt8();
p.KeyParameters = value;
if (value == 1)
{
// KeyAgreement.ONE_PASS_DIFFIE_HELLMAN
// key-ciphered-data
len = GXCommon.GetObjectCount(data);
tmp = new byte[len];
data.Get(tmp);
p.KeyCipheredData = tmp;
}
else if (value == 2)
{
// KeyAgreement.STATIC_UNIFIED_MODEL
len = GXCommon.GetObjectCount(data);
if (len != 0)
{
throw new ArgumentException("Invalid key parameters");
}
}
else
{
throw new ArgumentException("key-parameters");
}
}
len = GXCommon.GetObjectCount(data);
p.CipheredContent = data.Remaining();
byte sc = (byte)data.GetUInt8();
Enums.Security security = (Enums.Security)(sc & 0x30);
if ((sc & 0x80) != 0)
{
System.Diagnostics.Debug.WriteLine("Compression is used.");
}
if ((sc & 0x40) != 0)
{
System.Diagnostics.Debug.WriteLine("Error: Key_Set is used.");
}
if ((sc & 0x20) != 0)
{
System.Diagnostics.Debug.WriteLine("Encryption is applied.");
}
SecuritySuite ss = (SecuritySuite)(sc & 0x3);
p.Security = (byte)security;
UInt32 invocationCounter = data.GetUInt32();
p.InvocationCounter = invocationCounter;
if (ss == SecuritySuite.Version2)
{
throw new NotImplementedException("Security Suite 2 is not implemented.");
}
System.Diagnostics.Debug.WriteLine("Decrypt settings: " + p.ToString());
System.Diagnostics.Debug.WriteLine("Encrypted: " + GXCommon.ToHex(data.Data,
false, data.Position, data.Size - data.Position));
byte[] tag = new byte[12];
byte[] encryptedData;
int length;
if (security == Enums.Security.Authentication)
{
length = data.Size - data.Position - 12;
encryptedData = new byte[length];
data.Get(encryptedData);
data.Get(tag);
// Check tag.
EncryptAesGcm(p, encryptedData);
if (!GXDLMSChipperingStream.TagsEquals(tag, p.CountTag))
{
if (transactionId != 0)
{
p.InvocationCounter = transactionId;
}
if (p.Xml == null)
{
throw new GXDLMSException("Decrypt failed. Invalid tag.");
}
else
{
p.Xml.AppendComment("Decrypt failed. Invalid tag.");
}
}
return(encryptedData);
}
byte[] ciphertext = null;
if (security == Enums.Security.Encryption)
{
length = data.Size - data.Position;
ciphertext = new byte[length];
data.Get(ciphertext);
}
else if (security == Enums.Security.AuthenticationEncryption)
{
length = data.Size - data.Position - 12;
ciphertext = new byte[length];
data.Get(ciphertext);
data.Get(tag);
}
byte[] aad = GetAuthenticatedData(p, ciphertext),
iv = GetNonse(invocationCounter, p.SystemTitle);
GXDLMSChipperingStream gcm = new GXDLMSChipperingStream((byte)security, true,
p.BlockCipherKey, aad, iv, tag);
gcm.Write(ciphertext);
if (transactionId != 0)
{
p.InvocationCounter = transactionId;
}
return(gcm.FlushFinalBlock());
}
/// <summary>
/// Decrypt data.
/// </summary>
/// <param name="p">Decryption parameters</param>
/// <returns>Decrypted data.</returns>
public static byte[] DecryptAesGcm(AesGcmParameter p, GXByteBuffer data)
{
if (data == null || data.Size < 2)
{
throw new ArgumentOutOfRangeException("cryptedData");
}
byte[] tmp;
int len;
Command cmd = (Command)data.GetUInt8();
switch (cmd)
{
case Command.GeneralGloCiphering:
len = GXCommon.GetObjectCount(data);
if (len != 0)
{
p.SystemTitle = new byte[len];
data.Get(p.SystemTitle);
}
break;
case Command.GeneralCiphering:
case Command.GloInitiateRequest:
case Command.GloInitiateResponse:
case Command.GloReadRequest:
case Command.GloReadResponse:
case Command.GloWriteRequest:
case Command.GloWriteResponse:
case Command.GloGetRequest:
case Command.GloGetResponse:
case Command.GloSetRequest:
case Command.GloSetResponse:
case Command.GloMethodRequest:
case Command.GloMethodResponse:
case Command.GloEventNotificationRequest:
break;
default:
throw new ArgumentOutOfRangeException("cryptedData");
}
int value = 0;
UInt64 transactionId = 0;
if (cmd == Command.GeneralCiphering)
{
len = GXCommon.GetObjectCount(data);
tmp = new byte[len];
data.Get(tmp);
GXByteBuffer t = new GXByteBuffer(tmp);
transactionId = t.GetUInt64();
len = GXCommon.GetObjectCount(data);
tmp = new byte[len];
data.Get(tmp);
p.SystemTitle = tmp;
len = GXCommon.GetObjectCount(data);
tmp = new byte[len];
data.Get(tmp);
p.RecipientSystemTitle = tmp;
// Get date time.
len = GXCommon.GetObjectCount(data);
if (len != 0)
{
tmp = new byte[len];
data.Get(tmp);
p.DateTime = tmp;
}
// other-information
len = data.GetUInt8();
if (len != 0)
{
tmp = new byte[len];
data.Get(tmp);
p.OtherInformation = tmp;
}
// KeyInfo OPTIONAL
len = data.GetUInt8();
// AgreedKey CHOICE tag.
data.GetUInt8();
// key-parameters
len = data.GetUInt8();
value = data.GetUInt8();
p.KeyParameters = value;
if (value == 1)
{
// KeyAgreement.ONE_PASS_DIFFIE_HELLMAN
// key-ciphered-data
len = GXCommon.GetObjectCount(data);
tmp = new byte[len];
data.Get(tmp);
p.KeyCipheredData = tmp;
}
else if (value == 2)
{
// KeyAgreement.STATIC_UNIFIED_MODEL
len = GXCommon.GetObjectCount(data);
if (len != 0)
{
throw new ArgumentException("Invalid key parameters");
}
}
else
{
throw new ArgumentException("key-parameters");
}
}
len = GXCommon.GetObjectCount(data);
p.CipheredContent = data.Remaining();
byte sc = (byte)data.GetUInt8();
Enums.Security security = (Enums.Security)(sc & 0x30);
SecuritySuite ss = (SecuritySuite)(sc & 0x3);
p.Security = security;
UInt32 invocationCounter = data.GetUInt32();
p.InvocationCounter = invocationCounter;
if (ss != SecuritySuite.AesGcm128)
{
throw new NotImplementedException("Security Suite 1 is not implemented.");
}
System.Diagnostics.Debug.WriteLine("Decrypt settings: " + p.ToString());
System.Diagnostics.Debug.WriteLine("Encrypted: " + GXCommon.ToHex(data.Data,
false, data.Position, data.Size - data.Position));
byte[] tag = new byte[12];
byte[] encryptedData;
int length;
if (security == Enums.Security.Authentication)
{
length = data.Size - data.Position - 12;
encryptedData = new byte[length];
data.Get(encryptedData);
data.Get(tag);
// Check tag.
EncryptAesGcm(p, encryptedData);
if (!GXDLMSChipperingStream.TagsEquals(tag, p.CountTag))
{
if (transactionId != 0)
{
p.InvocationCounter = transactionId;
}
throw new GXDLMSException("Decrypt failed. Invalid tag.");
}
return(encryptedData);
}
byte[] ciphertext = null;
if (security == Enums.Security.Encryption)
{
length = data.Size - data.Position;
ciphertext = new byte[length];
data.Get(ciphertext);
}
else if (security == Enums.Security.AuthenticationEncryption)
{
length = data.Size - data.Position - 12;
ciphertext = new byte[length];
data.Get(ciphertext);
data.Get(tag);
}
byte[] aad = GetAuthenticatedData(p, ciphertext),
iv = GetNonse(invocationCounter, p.SystemTitle);
GXDLMSChipperingStream gcm = new GXDLMSChipperingStream(security, true,
p.BlockCipherKey, aad, iv, tag);
gcm.Write(ciphertext);
if (transactionId != 0)
{
p.InvocationCounter = transactionId;
}
return(gcm.FlushFinalBlock());
/*
* len = Gurux.DLMS.Internal.GXCommon.GetObjectCount(data);
* p.Security = (Gurux.DLMS.Enums.Security)data.GetUInt8();
* p.InvocationCounter = data.GetUInt32();
* System.Diagnostics.Debug.WriteLine("Decrypt settings: " + p.ToString());
* System.Diagnostics.Debug.WriteLine("Encrypted: " + GXCommon.ToHex(data.Array(), true));
*
* byte[] tag = new byte[12];
* byte[] encryptedData;
* int length;
* if (p.Security == Gurux.DLMS.Enums.Security.Authentication)
* {
* length = data.Size - data.Position - 12;
* encryptedData = new byte[length];
* data.Get(encryptedData);
* data.Get(tag);
* // Check tag.
* EncryptAesGcm(p, encryptedData);
* if (!GXDLMSChipperingStream.TagsEquals(tag, p.CountTag))
* {
* throw new GXDLMSException("Decrypt failed. Invalid tag.");
* }
* return encryptedData;
* }
* byte[] ciphertext = null;
* if (p.Security == Gurux.DLMS.Enums.Security.Encryption)
* {
* length = data.Size - data.Position;
* ciphertext = new byte[length];
* data.Get(ciphertext);
* }
* else if (p.Security == Gurux.DLMS.Enums.Security.AuthenticationEncryption)
* {
* length = data.Size - data.Position - 12;
* ciphertext = new byte[length];
* data.Get(ciphertext);
* data.Get(tag);
* }
* byte[] aad = GetAuthenticatedData(p.Security, p.AuthenticationKey, ciphertext);
* byte[] iv = GetNonse(p.InvocationCounter, p.SystemTitle);
* GXDLMSChipperingStream gcm = new GXDLMSChipperingStream(p.Security, true, p.BlockCipherKey, aad, iv, tag);
* gcm.Write(ciphertext);
* ciphertext = gcm.FlushFinalBlock();
* if (p.Security == Gurux.DLMS.Enums.Security.AuthenticationEncryption)
* {
* // Check tag.
* EncryptAesGcm(p, ciphertext);
* if (!GXDLMSChipperingStream.TagsEquals(tag, p.CountTag))
* {
* // throw new GXDLMSException("Decrypt failed. Invalid tag.");
* }
* }
* return ciphertext;
*/
}
