/// <summary> /// Decrypt data. /// </summary> /// <param name="p">Decryption parameters</param> /// <returns>Decrypted data.</returns> public static byte[] DecryptAesGcm(AesGcmParameter p, GXByteBuffer data) { if (data == null || data.Size < 2) { throw new ArgumentOutOfRangeException("cryptedData"); } byte[] tmp; int len; Command cmd = (Command)data.GetUInt8(); switch (cmd) { case Command.GeneralGloCiphering: case Command.GeneralDedCiphering: len = GXCommon.GetObjectCount(data); if (len != 0) { p.SystemTitle = new byte[len]; data.Get(p.SystemTitle); if (p.Xml != null && p.Xml.Comments) { p.Xml.AppendComment(GXCommon.SystemTitleToString(Standard.DLMS, p.SystemTitle)); } } if (p.SystemTitle == null || p.SystemTitle.Length != 8) { if (p.Xml == null) { throw new ArgumentNullException("Invalid sender system title."); } else { p.Xml.AppendComment("Invalid sender system title."); } } break; case Command.GeneralCiphering: case Command.GloInitiateRequest: case Command.GloInitiateResponse: case Command.GloReadRequest: case Command.GloReadResponse: case Command.GloWriteRequest: case Command.GloWriteResponse: case Command.GloGetRequest: case Command.GloGetResponse: case Command.GloSetRequest: case Command.GloSetResponse: case Command.GloMethodRequest: case Command.GloMethodResponse: case Command.GloEventNotification: case Command.DedInitiateRequest: case Command.DedInitiateResponse: case Command.DedGetRequest: case Command.DedGetResponse: case Command.DedSetRequest: case Command.DedSetResponse: case Command.DedMethodRequest: case Command.DedMethodResponse: case Command.DedEventNotification: case Command.DedReadRequest: case Command.DedReadResponse: case Command.DedWriteRequest: case Command.DedWriteResponse: case Command.GloConfirmedServiceError: case Command.DedConfirmedServiceError: break; default: throw new ArgumentOutOfRangeException("cryptedData"); } int value = 0; UInt64 transactionId = 0; if (cmd == Command.GeneralCiphering) { len = GXCommon.GetObjectCount(data); tmp = new byte[len]; data.Get(tmp); GXByteBuffer t = new GXByteBuffer(tmp); transactionId = t.GetUInt64(); len = GXCommon.GetObjectCount(data); if (len != 0) { tmp = new byte[len]; data.Get(tmp); p.SystemTitle = tmp; } if (p.SystemTitle == null || p.SystemTitle.Length != 8) { if (p.Xml == null) { throw new ArgumentNullException("Invalid sender system title."); } else { p.Xml.AppendComment("Invalid sender system title."); } } len = GXCommon.GetObjectCount(data); tmp = new byte[len]; data.Get(tmp); p.RecipientSystemTitle = tmp; // Get date time. len = GXCommon.GetObjectCount(data); if (len != 0) { tmp = new byte[len]; data.Get(tmp); p.DateTime = tmp; } // other-information len = data.GetUInt8(); if (len != 0) { tmp = new byte[len]; data.Get(tmp); p.OtherInformation = tmp; } // KeyInfo OPTIONAL len = data.GetUInt8(); // AgreedKey CHOICE tag. data.GetUInt8(); // key-parameters len = data.GetUInt8(); value = data.GetUInt8(); p.KeyParameters = value; if (value == 1) { // KeyAgreement.ONE_PASS_DIFFIE_HELLMAN // key-ciphered-data len = GXCommon.GetObjectCount(data); tmp = new byte[len]; data.Get(tmp); p.KeyCipheredData = tmp; } else if (value == 2) { // KeyAgreement.STATIC_UNIFIED_MODEL len = GXCommon.GetObjectCount(data); if (len != 0) { throw new ArgumentException("Invalid key parameters"); } } else { throw new ArgumentException("key-parameters"); } } len = GXCommon.GetObjectCount(data); p.CipheredContent = data.Remaining(); byte sc = (byte)data.GetUInt8(); Enums.Security security = (Enums.Security)(sc & 0x30); if ((sc & 0x80) != 0) { System.Diagnostics.Debug.WriteLine("Compression is used."); } if ((sc & 0x40) != 0) { System.Diagnostics.Debug.WriteLine("Error: Key_Set is used."); } if ((sc & 0x20) != 0) { System.Diagnostics.Debug.WriteLine("Encryption is applied."); } SecuritySuite ss = (SecuritySuite)(sc & 0x3); p.Security = (byte)security; UInt32 invocationCounter = data.GetUInt32(); p.InvocationCounter = invocationCounter; if (ss == SecuritySuite.Version2) { throw new NotImplementedException("Security Suite 2 is not implemented."); } System.Diagnostics.Debug.WriteLine("Decrypt settings: " + p.ToString()); System.Diagnostics.Debug.WriteLine("Encrypted: " + GXCommon.ToHex(data.Data, false, data.Position, data.Size - data.Position)); byte[] tag = new byte[12]; byte[] encryptedData; int length; if (security == Enums.Security.Authentication) { length = data.Size - data.Position - 12; encryptedData = new byte[length]; data.Get(encryptedData); data.Get(tag); // Check tag. EncryptAesGcm(p, encryptedData); if (!GXDLMSChipperingStream.TagsEquals(tag, p.CountTag)) { if (transactionId != 0) { p.InvocationCounter = transactionId; } if (p.Xml == null) { throw new GXDLMSException("Decrypt failed. Invalid tag."); } else { p.Xml.AppendComment("Decrypt failed. Invalid tag."); } } return(encryptedData); } byte[] ciphertext = null; if (security == Enums.Security.Encryption) { length = data.Size - data.Position; ciphertext = new byte[length]; data.Get(ciphertext); } else if (security == Enums.Security.AuthenticationEncryption) { length = data.Size - data.Position - 12; ciphertext = new byte[length]; data.Get(ciphertext); data.Get(tag); } byte[] aad = GetAuthenticatedData(p, ciphertext), iv = GetNonse(invocationCounter, p.SystemTitle); GXDLMSChipperingStream gcm = new GXDLMSChipperingStream((byte)security, true, p.BlockCipherKey, aad, iv, tag); gcm.Write(ciphertext); if (transactionId != 0) { p.InvocationCounter = transactionId; } return(gcm.FlushFinalBlock()); }
/// <summary> /// Decrypt data. /// </summary> /// <param name="p">Decryption parameters</param> /// <returns>Decrypted data.</returns> public static byte[] DecryptAesGcm(AesGcmParameter p, GXByteBuffer data) { if (data == null || data.Size < 2) { throw new ArgumentOutOfRangeException("cryptedData"); } byte[] tmp; int len; Command cmd = (Command)data.GetUInt8(); switch (cmd) { case Command.GeneralGloCiphering: len = GXCommon.GetObjectCount(data); if (len != 0) { p.SystemTitle = new byte[len]; data.Get(p.SystemTitle); } break; case Command.GeneralCiphering: case Command.GloInitiateRequest: case Command.GloInitiateResponse: case Command.GloReadRequest: case Command.GloReadResponse: case Command.GloWriteRequest: case Command.GloWriteResponse: case Command.GloGetRequest: case Command.GloGetResponse: case Command.GloSetRequest: case Command.GloSetResponse: case Command.GloMethodRequest: case Command.GloMethodResponse: case Command.GloEventNotificationRequest: break; default: throw new ArgumentOutOfRangeException("cryptedData"); } int value = 0; UInt64 transactionId = 0; if (cmd == Command.GeneralCiphering) { len = GXCommon.GetObjectCount(data); tmp = new byte[len]; data.Get(tmp); GXByteBuffer t = new GXByteBuffer(tmp); transactionId = t.GetUInt64(); len = GXCommon.GetObjectCount(data); tmp = new byte[len]; data.Get(tmp); p.SystemTitle = tmp; len = GXCommon.GetObjectCount(data); tmp = new byte[len]; data.Get(tmp); p.RecipientSystemTitle = tmp; // Get date time. len = GXCommon.GetObjectCount(data); if (len != 0) { tmp = new byte[len]; data.Get(tmp); p.DateTime = tmp; } // other-information len = data.GetUInt8(); if (len != 0) { tmp = new byte[len]; data.Get(tmp); p.OtherInformation = tmp; } // KeyInfo OPTIONAL len = data.GetUInt8(); // AgreedKey CHOICE tag. data.GetUInt8(); // key-parameters len = data.GetUInt8(); value = data.GetUInt8(); p.KeyParameters = value; if (value == 1) { // KeyAgreement.ONE_PASS_DIFFIE_HELLMAN // key-ciphered-data len = GXCommon.GetObjectCount(data); tmp = new byte[len]; data.Get(tmp); p.KeyCipheredData = tmp; } else if (value == 2) { // KeyAgreement.STATIC_UNIFIED_MODEL len = GXCommon.GetObjectCount(data); if (len != 0) { throw new ArgumentException("Invalid key parameters"); } } else { throw new ArgumentException("key-parameters"); } } len = GXCommon.GetObjectCount(data); p.CipheredContent = data.Remaining(); byte sc = (byte)data.GetUInt8(); Enums.Security security = (Enums.Security)(sc & 0x30); SecuritySuite ss = (SecuritySuite)(sc & 0x3); p.Security = security; UInt32 invocationCounter = data.GetUInt32(); p.InvocationCounter = invocationCounter; if (ss != SecuritySuite.AesGcm128) { throw new NotImplementedException("Security Suite 1 is not implemented."); } System.Diagnostics.Debug.WriteLine("Decrypt settings: " + p.ToString()); System.Diagnostics.Debug.WriteLine("Encrypted: " + GXCommon.ToHex(data.Data, false, data.Position, data.Size - data.Position)); byte[] tag = new byte[12]; byte[] encryptedData; int length; if (security == Enums.Security.Authentication) { length = data.Size - data.Position - 12; encryptedData = new byte[length]; data.Get(encryptedData); data.Get(tag); // Check tag. EncryptAesGcm(p, encryptedData); if (!GXDLMSChipperingStream.TagsEquals(tag, p.CountTag)) { if (transactionId != 0) { p.InvocationCounter = transactionId; } throw new GXDLMSException("Decrypt failed. Invalid tag."); } return(encryptedData); } byte[] ciphertext = null; if (security == Enums.Security.Encryption) { length = data.Size - data.Position; ciphertext = new byte[length]; data.Get(ciphertext); } else if (security == Enums.Security.AuthenticationEncryption) { length = data.Size - data.Position - 12; ciphertext = new byte[length]; data.Get(ciphertext); data.Get(tag); } byte[] aad = GetAuthenticatedData(p, ciphertext), iv = GetNonse(invocationCounter, p.SystemTitle); GXDLMSChipperingStream gcm = new GXDLMSChipperingStream(security, true, p.BlockCipherKey, aad, iv, tag); gcm.Write(ciphertext); if (transactionId != 0) { p.InvocationCounter = transactionId; } return(gcm.FlushFinalBlock()); /* * len = Gurux.DLMS.Internal.GXCommon.GetObjectCount(data); * p.Security = (Gurux.DLMS.Enums.Security)data.GetUInt8(); * p.InvocationCounter = data.GetUInt32(); * System.Diagnostics.Debug.WriteLine("Decrypt settings: " + p.ToString()); * System.Diagnostics.Debug.WriteLine("Encrypted: " + GXCommon.ToHex(data.Array(), true)); * * byte[] tag = new byte[12]; * byte[] encryptedData; * int length; * if (p.Security == Gurux.DLMS.Enums.Security.Authentication) * { * length = data.Size - data.Position - 12; * encryptedData = new byte[length]; * data.Get(encryptedData); * data.Get(tag); * // Check tag. * EncryptAesGcm(p, encryptedData); * if (!GXDLMSChipperingStream.TagsEquals(tag, p.CountTag)) * { * throw new GXDLMSException("Decrypt failed. Invalid tag."); * } * return encryptedData; * } * byte[] ciphertext = null; * if (p.Security == Gurux.DLMS.Enums.Security.Encryption) * { * length = data.Size - data.Position; * ciphertext = new byte[length]; * data.Get(ciphertext); * } * else if (p.Security == Gurux.DLMS.Enums.Security.AuthenticationEncryption) * { * length = data.Size - data.Position - 12; * ciphertext = new byte[length]; * data.Get(ciphertext); * data.Get(tag); * } * byte[] aad = GetAuthenticatedData(p.Security, p.AuthenticationKey, ciphertext); * byte[] iv = GetNonse(p.InvocationCounter, p.SystemTitle); * GXDLMSChipperingStream gcm = new GXDLMSChipperingStream(p.Security, true, p.BlockCipherKey, aad, iv, tag); * gcm.Write(ciphertext); * ciphertext = gcm.FlushFinalBlock(); * if (p.Security == Gurux.DLMS.Enums.Security.AuthenticationEncryption) * { * // Check tag. * EncryptAesGcm(p, ciphertext); * if (!GXDLMSChipperingStream.TagsEquals(tag, p.CountTag)) * { * // throw new GXDLMSException("Decrypt failed. Invalid tag."); * } * } * return ciphertext; */ }