Exemplo n.º 1
0
 protected virtual byte[] GetPersonalizationArray(SinglecastKey sckey, SpanContainer spanContainer)
 {
     byte[] senderNonce = null;
     if (spanContainer.SpanState == SpanStates.ReceiversNonce)
     {
         senderNonce = GetRandomData(); // Generate sender nonce.
         spanContainer.InstantiateWithSenderNonce(senderNonce, sckey.Personalization);
     }
     return(senderNonce);
 }
Exemplo n.º 2
0
        public static byte[] EncryptPayload(byte senderId, byte receiverId, byte[] homeId, byte sequenceNumber, byte[] receiverNonce,
                                            byte[] senderNonce, byte[] networkKey, byte[] textToEncrypt, int generationCount, bool isRealKey)
        {
            var ret = new COMMAND_CLASS_SECURITY_2.SECURITY_2_MESSAGE_ENCAPSULATION {
                sequenceNumber = sequenceNumber
            };
            InvariantPeerNodeId peerNodeId = new InvariantPeerNodeId(0);
            var mpanKey         = new byte[SecurityS2Utils.KEY_SIZE];
            var ccmKey          = new byte[SecurityS2Utils.KEY_SIZE];
            var personalization = new byte[SecurityS2Utils.PERSONALIZATION_SIZE];

            if (isRealKey)
            {
                SecurityS2Utils.NetworkKeyExpand(networkKey, ccmKey, personalization, mpanKey);
            }
            else
            {
                SecurityS2Utils.TempKeyExpand(networkKey, ccmKey, personalization, mpanKey);
            }
            SpanTable spanTable = new SpanTable();

            spanTable.Add(peerNodeId, receiverNonce, 0, 0);
            SpanContainer spanContainer = spanTable.GetContainer(peerNodeId);

            spanContainer.InstantiateWithSenderNonce(senderNonce, personalization);
            for (int i = 0; i < generationCount; i++)
            {
                spanContainer.NextNonce();
            }

            AAD aad = new AAD
            {
                SenderNodeId   = senderId,
                ReceiverNodeId = receiverId,
                HomeId         = homeId,
                PayloadLength  = (ushort)(textToEncrypt.Length + SecurityS2Utils.AUTH_DATA_HEADER_LENGTH),
                SequenceNumber = sequenceNumber
            };

            aad.PayloadLength += (ushort)((byte[])ret).Length;
            var cipherData = SecurityS2Utils.CcmEncryptAndAuth(ccmKey, spanContainer.Span, aad, textToEncrypt);

            if (cipherData != null && cipherData.Length > 0)
            {
                ret.ccmCiphertextObject = new List <byte>(cipherData);
            }
            else
            {
                ret = null;
            }
            return(ret);
        }
Exemplo n.º 3
0
        public static bool DecryptSinglecastFrame(
            SpanContainer spanContainer,
            SinglecastKey singlecastKey,
            byte sourceNodeId,
            byte destNodeId,
            byte[] homeId,
            COMMAND_CLASS_SECURITY_2.SECURITY_2_MESSAGE_ENCAPSULATION cmd,
            out byte[] data,
            out Extensions extensions)
        {
            List <COMMAND_CLASS_SECURITY_2.SECURITY_2_MESSAGE_ENCAPSULATION.TVG1> encryptedExtensionsList = new List <COMMAND_CLASS_SECURITY_2.SECURITY_2_MESSAGE_ENCAPSULATION.TVG1>();
            List <COMMAND_CLASS_SECURITY_2.SECURITY_2_MESSAGE_ENCAPSULATION.TVG1> extensionsList          = new List <COMMAND_CLASS_SECURITY_2.SECURITY_2_MESSAGE_ENCAPSULATION.TVG1>();

            extensions = null;
            data       = null;
            bool ret = false;
            bool isDecryptSucceeded        = false;
            InvariantPeerNodeId peerNodeId = new InvariantPeerNodeId(destNodeId, sourceNodeId);

            extensionsList = cmd.vg1;
            if (spanContainer != null && singlecastKey != null)
            {
                spanContainer.RxSequenceNumber = cmd.sequenceNumber;
                if (spanContainer.SpanState == SpanStates.ReceiversNonce)
                {
                    #region SpanStates.ReceiversNonce
                    // Establish nonce synchronization.
                    byte[] senderEntropyInput = null;
                    if (cmd.properties1.extension == 1)
                    {
                        foreach (var extData in cmd.vg1)
                        {
                            if (extData.properties1.type == (byte)ExtensionTypes.Span &&
                                extData.extensionLength == 18 &&
                                extData.extension.Count == 16)
                            {
                                senderEntropyInput = extData.extension.ToArray();
                                break;
                            }
                        }
                    }

                    if (senderEntropyInput != null)
                    {
                        var receiverEntropyInput = spanContainer.ReceiversNonce;
                        spanContainer.InstantiateWithSenderNonce(senderEntropyInput, singlecastKey.Personalization);
                        byte[] plainData;
                        spanContainer.NextNonce();
                        isDecryptSucceeded = DecryptS2(singlecastKey.CcmKey,
                                                       spanContainer.Span,
                                                       sourceNodeId,
                                                       destNodeId,
                                                       homeId,
                                                       cmd,
                                                       out plainData,
                                                       out encryptedExtensionsList);
                        if (isDecryptSucceeded)
                        {
                            extensions = new Extensions
                            {
                                ExtensionsList          = extensionsList ?? new List <COMMAND_CLASS_SECURITY_2.SECURITY_2_MESSAGE_ENCAPSULATION.TVG1>(),
                                EncryptedExtensionsList = encryptedExtensionsList ?? new List <COMMAND_CLASS_SECURITY_2.SECURITY_2_MESSAGE_ENCAPSULATION.TVG1>()
                            };
                            ret  = true;
                            data = plainData;
                        }
                        else
                        {
                            extensions = new Extensions
                            {
                                ExtensionsList          = extensionsList ?? new List <COMMAND_CLASS_SECURITY_2.SECURITY_2_MESSAGE_ENCAPSULATION.TVG1>(),
                                EncryptedExtensionsList = new List <COMMAND_CLASS_SECURITY_2.SECURITY_2_MESSAGE_ENCAPSULATION.TVG1>()
                            };
                            spanContainer.SetReceiversNonceState();
                        }
                    }

                    #endregion
                }
                else if (spanContainer.SpanState == SpanStates.Span)
                {
                    #region SpanStates.Span
                    // Check nonce synchronization.
                    int    attemptsCount = 5;
                    byte[] plainData     = null;
                    while (!isDecryptSucceeded && attemptsCount > 0)
                    {
                        spanContainer.NextNonce();
                        attemptsCount--;
                        if (spanContainer != null)
                        {
                            isDecryptSucceeded = DecryptS2(singlecastKey.CcmKey,
                                                           spanContainer.Span,
                                                           sourceNodeId,
                                                           destNodeId,
                                                           homeId,
                                                           cmd,
                                                           out plainData,
                                                           out encryptedExtensionsList);
                        }
                    }
                    if (isDecryptSucceeded)
                    {
                        extensions = new Extensions
                        {
                            ExtensionsList          = extensionsList ?? new List <COMMAND_CLASS_SECURITY_2.SECURITY_2_MESSAGE_ENCAPSULATION.TVG1>(),
                            EncryptedExtensionsList = encryptedExtensionsList ?? new List <COMMAND_CLASS_SECURITY_2.SECURITY_2_MESSAGE_ENCAPSULATION.TVG1>()
                        };
                        ret  = true;
                        data = plainData;
                    }
                    #endregion
                }
                else
                {
                    throw new InvalidOperationException("Unexpected nonce state");
                }
            }
            return(ret);
        }
Exemplo n.º 4
0
        public static byte[] DecryptPayload(byte senderId, byte receiverId, byte[] homeId, byte sequenceNumber, byte[] receiverNonce,
                                            byte[] senderNonce, byte[] networkKey, int generationCount, bool isRealKey, byte[] fullMessageS2, out int currentGenerationCount)
        {
            byte[] ret = null;
            currentGenerationCount = 0;
            if (fullMessageS2 != null && fullMessageS2.Length > 2)
            {
                var msgEncap = (COMMAND_CLASS_SECURITY_2.SECURITY_2_MESSAGE_ENCAPSULATION)fullMessageS2;

                var peerNodeId      = new InvariantPeerNodeId(0);
                var mpanKey         = new byte[SecurityS2Utils.KEY_SIZE];
                var ccmKey          = new byte[SecurityS2Utils.KEY_SIZE];
                var personalization = new byte[SecurityS2Utils.PERSONALIZATION_SIZE];
                if (isRealKey)
                {
                    SecurityS2Utils.NetworkKeyExpand(networkKey, ccmKey, personalization, mpanKey);
                }
                else
                {
                    SecurityS2Utils.TempKeyExpand(networkKey, ccmKey, personalization, mpanKey);
                }
                SpanTable spanTable = new SpanTable();
                spanTable.Add(peerNodeId, receiverNonce, 0, 0);
                SpanContainer spanContainer = spanTable.GetContainer(peerNodeId);
                spanContainer.InstantiateWithSenderNonce(senderNonce, personalization);


                var messageLength = (ushort)fullMessageS2.Length;
                AAD aad           = new AAD
                {
                    SenderNodeId   = senderId,
                    ReceiverNodeId = receiverId,
                    HomeId         = homeId,
                    PayloadLength  = messageLength,
                    SequenceNumber = sequenceNumber,
                    StatusByte     = msgEncap.properties1
                };
                if (msgEncap.properties1.extension == 1)
                {
                    var dataList = new List <byte>();
                    foreach (var vg1 in msgEncap.vg1)
                    {
                        dataList.AddRange(new byte[] { vg1.extensionLength, vg1.properties1 });
                        dataList.AddRange(vg1.extension);
                    }
                    aad.ExtensionData = dataList.ToArray();
                }

                for (int i = 0; i < generationCount; i++)
                {
                    spanContainer.NextNonce();
                    ret = SecurityS2Utils.CcmDecryptAndAuth(ccmKey, spanContainer.Span, aad, msgEncap.ccmCiphertextObject.ToArray());
                    if (ret != null && ret.Length > 0)
                    {
                        currentGenerationCount = i + 1;
                        break;
                    }
                }
            }
            return(ret);
        }