|
static private EncryptAesGcm ( |
||
| param | ||
| plainText | byte | |
| 리턴 | byte[] | |
internal static byte[] Encrypt(AesGcmParameter p, byte[] data)
{
if (p.Security != Security.None)
{
return(GXDLMSChippering.EncryptAesGcm(p, data));
}
return(data);
}
internal static byte[] Encrypt(AesGcmParameter p, byte[] data)
{
if (p.Security != Gurux.DLMS.Enums.Security.None)
{
byte[] tmp = GXDLMSChippering.EncryptAesGcm(p, data);
return(tmp);
}
return(data);
}
/// <summary>
/// Generate GMAC password from given challenge.
/// </summary>
/// <param name="challenge"></param>
/// <returns></returns>
public byte[] GenerateGmacPassword(byte[] challenge)
{
AesGcmParameter p = new AesGcmParameter(0x10, Gurux.DLMS.Enums.Security.Authentication, InvocationCounter,
systemTitle, BlockCipherKey, AuthenticationKey);
GXByteBuffer bb = new GXByteBuffer();
GXDLMSChippering.EncryptAesGcm(p, challenge);
bb.SetUInt8(0x10);
bb.SetUInt32(InvocationCounter);
bb.Set(p.CountTag);
return(bb.Array());
}
byte[] GXICipher.Encrypt(byte tag, byte[] title, byte[] data)
{
if (Security != Security.None)
{
AesGcmParameter p = new AesGcmParameter(tag, Security, FrameCounter,
title, BlockCipherKey, AuthenticationKey);
byte[] tmp = GXDLMSChippering.EncryptAesGcm(p, data);
++FrameCounter;
return(tmp);
}
return(data);
}
///<summary>
/// Chipher text.
///</summary>
///<param name="settings">
///DLMS settings.
///</param>
///<param name="cipher">
///Cipher.
///</param>
///<param name="ic">
///Invocation counter.
///</param>
///<param name="data">
///Text to chipher.
///</param>
///<param name="secret">
///Secret.
///</param>
///<returns>
///Chiphered text.
///</returns>
public static byte[] Secure(GXDLMSSettings settings, GXICipher cipher, uint ic, byte[] data, byte[] secret)
{
byte[] tmp;
if (settings.Authentication == Authentication.High)
{
int len = secret.Length;
if (len % 16 != 0)
{
len += 16 - (secret.Length % 16);
}
byte[] p = new byte[len];
byte[] s = new byte[16];
byte[] x = new byte[16];
int i;
data.CopyTo(p, 0);
secret.CopyTo(s, 0);
for (i = 0; i < p.Length; i += 16)
{
Buffer.BlockCopy(p, i, x, 0, 16);
GXAes128.Encrypt(x, s);
Buffer.BlockCopy(x, 0, p, i, 16);
}
Buffer.BlockCopy(p, 0, x, 0, 16);
return(x);
}
// Get server Challenge.
GXByteBuffer challenge = new GXByteBuffer();
// Get shared secret
if (settings.Authentication == Authentication.HighGMAC)
{
challenge.Set(data);
}
else
{
challenge.Set(data);
challenge.Set(secret);
}
tmp = challenge.Array();
if (settings.Authentication == Authentication.HighMD5)
{
#if !WINDOWS_UWP
using (MD5 md5Hash = MD5.Create())
{
tmp = md5Hash.ComputeHash(tmp);
return(tmp);
}
#endif
}
else if (settings.Authentication == Authentication.HighSHA1)
{
#if !WINDOWS_UWP
using (SHA1 sha = new SHA1CryptoServiceProvider())
{
tmp = sha.ComputeHash(tmp);
return(tmp);
}
#endif
}
else if (settings.Authentication == Authentication.HighGMAC)
{
//SC is always Security.Authentication.
AesGcmParameter p = new AesGcmParameter(0, Security.Authentication, ic,
secret, cipher.BlockCipherKey, cipher.AuthenticationKey);
p.Type = CountType.Tag;
challenge.Clear();
challenge.SetUInt8((byte)Security.Authentication);
challenge.SetUInt32(p.InvocationCounter);
challenge.Set(GXDLMSChippering.EncryptAesGcm(p, tmp));
tmp = challenge.Array();
return(tmp);
}
return(data);
}
///<summary>
/// Chipher text.
///</summary>
///<param name="settings">
///DLMS settings.
///</param>
///<param name="cipher">
///Cipher.
///</param>
///<param name="ic">
///Invocation counter.
///</param>
///<param name="data">
///Text to chipher.
///</param>
///<param name="secret">
///Secret.
///</param>
///<returns>
///Chiphered text.
///</returns>
internal static byte[] Secure(GXDLMSSettings settings, GXICipher cipher, UInt32 ic, byte[] data, byte[] secret)
{
byte[] tmp;
if (settings.Authentication == Authentication.High)
{
int len = secret.Length;
if (len % 16 != 0)
{
len += 16 - (secret.Length % 16);
}
byte[] p = new byte[len];
byte[] s = new byte[16];
byte[] x = new byte[16];
int i;
data.CopyTo(p, 0);
secret.CopyTo(s, 0);
for (i = 0; i < p.Length; i += 16)
{
Buffer.BlockCopy(p, i, x, 0, 16);
GXAes128.Encrypt(x, s);
Buffer.BlockCopy(x, 0, p, i, 16);
}
Buffer.BlockCopy(p, 0, x, 0, 16);
return(x);
}
// Get server Challenge.
GXByteBuffer challenge = new GXByteBuffer();
// Get shared secret
if (settings.Authentication == Authentication.HighGMAC ||
settings.Authentication == Authentication.HighECDSA)
{
challenge.Set(data);
}
else if (settings.Authentication == Authentication.HighSHA256)
{
challenge.Set(secret);
}
else
{
challenge.Set(data);
challenge.Set(secret);
}
tmp = challenge.Array();
if (settings.Authentication == Authentication.HighMD5)
{
#if !WINDOWS_UWP
using (MD5 md5Hash = MD5.Create())
{
tmp = md5Hash.ComputeHash(tmp);
return(tmp);
}
#endif
}
else if (settings.Authentication == Authentication.HighSHA1)
{
#if !WINDOWS_UWP
using (SHA1 sha = new SHA1CryptoServiceProvider())
{
tmp = sha.ComputeHash(tmp);
return(tmp);
}
#endif
}
else if (settings.Authentication == Authentication.HighSHA256)
{
//Windows UWP, IOS ad Android don't support this.
#if !WINDOWS_UWP && !__IOS__ && !__ANDROID__
using (SHA256 sha = new SHA256CryptoServiceProvider())
{
tmp = sha.ComputeHash(tmp);
return(tmp);
}
#endif
}
else if (settings.Authentication == Authentication.HighGMAC)
{
//SC is always Security.Authentication.
AesGcmParameter p = new AesGcmParameter(0, Security.Authentication,
cipher.SecuritySuite,
ic,
secret,
cipher.BlockCipherKey,
cipher.AuthenticationKey);
p.Type = CountType.Tag;
challenge.Clear();
//Security suite is 0.
challenge.SetUInt8((byte)Security.Authentication);
challenge.SetUInt32((UInt32)p.InvocationCounter);
challenge.Set(GXDLMSChippering.EncryptAesGcm(p, tmp));
tmp = challenge.Array();
return(tmp);
}
else if (settings.Authentication == Authentication.HighECDSA)
{
if (cipher.SigningKeyPair.Key == null)
{
throw new ArgumentNullException("SigningKeyPair is not set.");
}
GXEcdsa sig = new GXEcdsa(cipher.SigningKeyPair.Key);
GXByteBuffer bb = new GXByteBuffer();
bb.Set(settings.Cipher.SystemTitle);
bb.Set(settings.SourceSystemTitle);
if (settings.IsServer)
{
bb.Set(settings.CtoSChallenge);
bb.Set(settings.StoCChallenge);
}
else
{
bb.Set(settings.StoCChallenge);
bb.Set(settings.CtoSChallenge);
}
data = sig.Sign(bb.Array());
}
return(data);
}