public static byte[] DecryptPayload(byte[] externalNonce, byte[] internalNonce, byte[] securityKey, byte[] message)
{
ZWaveAES AES = new ZWaveAES();
byte[] _authKey = new byte[16];
byte[] _encKey = new byte[16];
SecurityS0Utils.LoadKeys(AES, securityKey, out _authKey, out _encKey);
byte[] _IV = new byte[16];
Array.Copy(internalNonce, 0, _IV, 0, internalNonce.Length);
Array.Copy(externalNonce, 0, _IV, 8, externalNonce.Length);
SecurityS0Utils.Decrypt(AES, _encKey, _IV, ref message);
return(message);
}
private byte[] Decrypt(COMMAND_CLASS_SECURITY.SECURITY_MESSAGE_ENCAPSULATION cmd, byte cmdId, byte senderNodeId, byte receivedNodeId, out byte decryptedProperties)
{
decryptedProperties = 0;
byte[] ret = null;
byte[] internalNonce = NonceS0Storage.Find(new OrdinalPeerNodeId(senderNodeId, receivedNodeId), cmd.receiversNonceIdentifier);
if (internalNonce != null)
{
byte[] IV = new byte[16];
Array.Copy(cmd.initializationVectorByte.ToArray(), 0, IV, 0, 8);
Array.Copy(internalNonce, 0, IV, 8, 8);
int len = 1;
if (cmd.commandByte != null)
{
len += cmd.commandByte.Count;
}
byte[] payload = new byte[len];
payload[0] = cmd.properties1;
for (int i = 0; i < len - 1; i++)
{
payload[i + 1] = cmd.commandByte[i];
}
byte[] header = new byte[20];
Array.Copy(IV, 0, header, 0, IV.Length);
header[16] = cmdId;
header[17] = senderNodeId;
header[18] = receivedNodeId;
header[19] = (byte)payload.Length;
if (SecurityS0Utils.VerifyAuthTag(AesEngine, _authKey, header, payload, cmd.messageAuthenticationCodeByte.ToArray()))
{
SecurityS0Utils.Decrypt(AesEngine, _encKey, IV, ref payload);
ret = new byte[payload.Length - 1]; // exclude properties
Array.Copy(payload, 1, ret, 0, ret.Length);
decryptedProperties = payload[0];
}
else
{
"^{0} <<|<< {1} {2}"._DLOG(0, "N/D", internalNonce.GetHex());
}
}
else
{
"^{0} <<|<< {1} {2}"._DLOG(0, "N/D", "N/Nonce");
}
return(ret);
}