internal SetLearnModeS2Operation(SecurityManagerInfo securityManagerInfo)
: base(false, null, false)
{
_securityManagerInfo = securityManagerInfo;
_prevHomeId = _securityManagerInfo.Network.HomeId;
_securityTestSettingsService = new SecurityTestSettingsService(_securityManagerInfo, true);
}
internal SetLearnModeS0Operation(SecurityManagerInfo securityManagerInfo, byte nodeId, byte supportedSecuritySchemes)
: base(false, null, false)
{
_securityManagerInfo = securityManagerInfo;
NodeId = nodeId;
SupportedSecuritySchemes = supportedSecuritySchemes;
prevHomeId = _securityManagerInfo.Network.HomeId;
}
private SetLearnModeSecureOperation(SecurityManagerInfo securityManagerInfo, ApiOperation learnMode, Action resetSecurityCallback, int timeoutMs)
: base(false, learnMode.SerialApiCommands, false)
{
_timeoutMs = timeoutMs;
_securityManagerInfo = securityManagerInfo;
_learnMode = learnMode;
_resetSecurityCallback = resetSecurityCallback;
_previousHomeId = _securityManagerInfo.Network.HomeId;
}
internal SendDataFragmentedSecureTask(SecurityManagerInfo securityManagerInfo, SecurityS0CryptoProvider securityS0CryptoProvider, byte nodeId, byte[] data, TransmitOptions txOptions)
: base(false, null, false)
{
_securityManagerInfo = securityManagerInfo;
_securityS0CryptoProvider = securityS0CryptoProvider;
SubstituteSettings.SetFlag(SubstituteFlags.DenySecurity);
CommandToSecureSend = data;
NodeId = nodeId;
TxOptions = txOptions;
}
internal SecurityS2ReportTask(SecurityManagerInfo securityManagerInfo,
SecurityS2CryptoProvider securityS2CryptoProvider, SpanTable spanTable, MpanTable mpanTable)
: base(0, 0, new ByteIndex(COMMAND_CLASS_SECURITY_2.ID))
{
_securityManagerInfo = securityManagerInfo;
_securityS2CryptoProvider = securityS2CryptoProvider;
_spanTable = spanTable;
_mpanTable = mpanTable;
_securityTestSettingsService = new SecurityTestSettingsService(_securityManagerInfo, false);
}
protected override void SetStateCompleted(ActionUnit ou)
{
byte[] res = ((DataReceivedUnit)ou).DataFrame.Payload;
if (res != null && res.Length > 2)
{
SpecificResult.SecurityKeysMask = res[2];
SpecificResult.SecuritySchemes = SecurityManagerInfo.ConvertToSecuritySchemes((NetworkKeyS2Flags)SpecificResult.SecurityKeysMask);
}
base.SetStateCompleted(ou);
}
public InclusionControllerSecureSupport(SecurityManagerInfo securityManagerInfo, Action <ActionResult> updateCallback,
Action <ActionToken, bool> inclusionControllerStatusUpdateCallback)
: base(0, 0, new ByteIndex(COMMAND_CLASS_INCLUSION_CONTROLLER.ID))
{
_updateCallback = updateCallback;
_securityManagerInfo = securityManagerInfo;
_inclusionControllerStatusUpdateCallback = inclusionControllerStatusUpdateCallback;
TxOptions = _securityManagerInfo.TxOptions;
TxOptions2 = TransmitOptions2.TRANSMIT_OPTION_2_TRANSPORT_SERVICE;
TxSecOptions = TransmitSecurityOptions.S2_TXOPTION_VERIFY_DELIVERY;
}
internal SendDataSecureS2Task(SecurityManagerInfo securityManagerInfo,
SecurityS2CryptoProvider securityS2CryptoProvider, SinglecastKey sckey, SpanTable spanTable, MpanTable mpanTable,
byte nodeId,
byte[] data,
TransmitOptions txOptions)
: base(false, null, false)
{
_securityManagerInfo = securityManagerInfo;
_securityS2CryptoProvider = securityS2CryptoProvider;
_mpanTable = mpanTable;
_spanTable = spanTable;
_sckey = sckey;
SubstituteSettings.SetFlag(SubstituteFlags.DenySecurity);
CommandToSecureSend = data;
NodeId = nodeId;
_peerNodeId = new InvariantPeerNodeId(_securityManagerInfo.Network.NodeId, NodeId);
TxOptions = txOptions;
_securityTestSettingsService = new SecurityTestSettingsService(_securityManagerInfo, false);
}
public InclusionControllerSecureSupport(SecurityManagerInfo securityManagerInfo)
: this(securityManagerInfo, null, null)
{
}
public Complete(SecurityManagerInfo securityManagerInfo)
: base(false, null, false)
{
_securityManagerInfo = securityManagerInfo;
_securityTestSettingsService = new SecurityTestSettingsService(_securityManagerInfo, true);
}
protected override byte[] CreateInputParameters()
{
byte mask = (byte)SecurityManagerInfo.ConvertToNetworkKeyMask(SecuritySchemes);
return(new byte[] { 0x05, 0x01, mask });
}
public SetLearnModeSecureOperation(SecurityManagerInfo securityManagerInfo, SetSlaveLearnModeOperation learnMode, Action resetSecurityCallback)
: this(securityManagerInfo, learnMode, resetSecurityCallback, learnMode.TimeoutMs)
{
}
internal SecurityReportTask(SecurityManagerInfo securityManagerInfo, SecurityS0CryptoProvider securityS0CryptoProvider)
: base(0, 0, new ByteIndex(COMMAND_CLASS_SECURITY.ID))
{
_securityManagerInfo = securityManagerInfo;
_securityS0CryptoProvider = securityS0CryptoProvider;
}
internal AddNodeS0Operation(SecurityManagerInfo securityManagerInfo)
: base(false, null, false)
{
SecurityManagerInfo = securityManagerInfo;
}
public RequestNodeInfoSecureTask(SecurityManagerInfo securityManagerInfo, RequestNodeInfoOperation action, bool isInclusionTask)
{
_allowFailed = true;
_securityManagerInfo = securityManagerInfo;
_nodeInfo = action;
_isInclusionTask = isInclusionTask;
var tm = CMD_SUPPORTED;
if (securityManagerInfo.Network.IsFlirs(_nodeInfo.NodeId)) //skip only for ENTRY
{
tm = CMD_SUPPORTED_FLIRS;
}
_delayBeforeStart = new DelayOperation(START_DELAY);
_supportedS0 = new RequestDataExOperation(0, 0,
new COMMAND_CLASS_SECURITY.SECURITY_COMMANDS_SUPPORTED_GET(), _txOptions,
TransmitSecurityOptions.S2_TXOPTION_VERIFY_DELIVERY, SecuritySchemes.S0, TransmitOptions2.NONE,
COMMAND_CLASS_SECURITY.ID, COMMAND_CLASS_SECURITY.SECURITY_COMMANDS_SUPPORTED_REPORT.ID, tm);
_supportedS2_ACCESS = new RequestDataExOperation(0, 0,
new COMMAND_CLASS_SECURITY_2.SECURITY_2_COMMANDS_SUPPORTED_GET(), _txOptions,
TransmitSecurityOptions.S2_TXOPTION_VERIFY_DELIVERY, SecuritySchemes.S2_ACCESS, TransmitOptions2.NONE,
COMMAND_CLASS_SECURITY_2.ID, COMMAND_CLASS_SECURITY_2.SECURITY_2_COMMANDS_SUPPORTED_REPORT.ID, tm);
_supportedS2_AUTHENTICATED = new RequestDataExOperation(0, 0,
new COMMAND_CLASS_SECURITY_2.SECURITY_2_COMMANDS_SUPPORTED_GET(), _txOptions,
TransmitSecurityOptions.S2_TXOPTION_VERIFY_DELIVERY, SecuritySchemes.S2_AUTHENTICATED, TransmitOptions2.NONE,
COMMAND_CLASS_SECURITY_2.ID, COMMAND_CLASS_SECURITY_2.SECURITY_2_COMMANDS_SUPPORTED_REPORT.ID, tm);
_supportedS2_UNAUTHENTICATED = new RequestDataExOperation(0, 0,
new COMMAND_CLASS_SECURITY_2.SECURITY_2_COMMANDS_SUPPORTED_GET(), _txOptions,
TransmitSecurityOptions.S2_TXOPTION_VERIFY_DELIVERY, SecuritySchemes.S2_UNAUTHENTICATED, TransmitOptions2.NONE,
COMMAND_CLASS_SECURITY_2.ID, COMMAND_CLASS_SECURITY_2.SECURITY_2_COMMANDS_SUPPORTED_REPORT.ID, tm);
List <ActionBase> list = new List <ActionBase>();
list.Add(_delayBeforeStart);
list.Add(_nodeInfo);
if (_securityManagerInfo.Network.HasSecurityScheme(SecuritySchemeSet.ALLS2))
{
if (_securityManagerInfo.Network.IsSecuritySchemesSpecified(_nodeInfo.NodeId))
{
if (_securityManagerInfo.Network.HasSecurityScheme(SecuritySchemes.S2_ACCESS))
{
if (!_isInclusionTask || _securityManagerInfo.Network.HasSecurityScheme(_nodeInfo.NodeId, SecuritySchemes.S2_ACCESS))
{
list.Add(_supportedS2_ACCESS);
}
}
if (_securityManagerInfo.Network.HasSecurityScheme(SecuritySchemes.S2_AUTHENTICATED))
{
if (!_isInclusionTask || _securityManagerInfo.Network.HasSecurityScheme(_nodeInfo.NodeId, SecuritySchemes.S2_AUTHENTICATED))
{
list.Add(_supportedS2_AUTHENTICATED);
}
}
if (_securityManagerInfo.Network.HasSecurityScheme(SecuritySchemes.S2_UNAUTHENTICATED))
{
if (!_isInclusionTask || _securityManagerInfo.Network.HasSecurityScheme(_nodeInfo.NodeId, SecuritySchemes.S2_UNAUTHENTICATED))
{
list.Add(_supportedS2_UNAUTHENTICATED);
}
}
if (_securityManagerInfo.Network.HasSecurityScheme(SecuritySchemes.S0))
{
if (!_isInclusionTask || _securityManagerInfo.Network.HasSecurityScheme(_nodeInfo.NodeId, SecuritySchemes.S0))
{
if (!list.Contains(_supportedS0))
{
list.Add(_supportedS0);
}
}
}
}
else
{
if (_securityManagerInfo.Network.HasSecurityScheme(SecuritySchemes.S2_ACCESS))
{
list.Add(_supportedS2_ACCESS);
}
if (_securityManagerInfo.Network.HasSecurityScheme(SecuritySchemes.S2_AUTHENTICATED))
{
list.Add(_supportedS2_AUTHENTICATED);
}
if (_securityManagerInfo.Network.HasSecurityScheme(SecuritySchemes.S2_UNAUTHENTICATED))
{
list.Add(_supportedS2_UNAUTHENTICATED);
}
}
}
if (_securityManagerInfo.Network.HasSecurityScheme(SecuritySchemes.S0))
{
if (_securityManagerInfo.Network.IsSecuritySchemesSpecified(_nodeInfo.NodeId))
{
if (_securityManagerInfo.Network.HasSecurityScheme(_nodeInfo.NodeId, SecuritySchemes.S0) &&
!_securityManagerInfo.Network.HasSecurityScheme(_nodeInfo.NodeId, SecuritySchemeSet.ALLS2))
{
if (!list.Contains(_supportedS0))
{
list.Add(_supportedS0);
}
}
}
else
{
if (!list.Contains(_supportedS0))
{
list.Add(_supportedS0);
}
}
}
Actions = list.ToArray();
}
private void OnTransferEnd(ActionCompletedUnit ou)
{
if (_NKVerifyTransferEnd.Result)
{
if (_NKVerifyTransferEnd.SpecificResult.RxSecurityScheme == SecuritySchemes.S2_TEMP)
{
COMMAND_CLASS_SECURITY_2.SECURITY_2_TRANSFER_END rpt = _NKVerifyTransferEnd.SpecificResult.Command;
if (rpt.properties1.keyVerified > 0)
{
if (_grantedKeys.Count > 0)
{
_NKGetNKReport.NewToken();
var cmd = new COMMAND_CLASS_SECURITY_2.SECURITY_2_NETWORK_KEY_GET();
var key = _grantedKeys.Dequeue();
cmd.requestedKey = (byte)key;
_NKGetNKReport.Data = cmd;
#region TestFrame Section
var scheme = SecurityManagerInfo.ConvertToSecurityScheme(key);
switch (scheme)
{
case SecuritySchemes.S0:
#region NetworkKeyGet
_securityTestSettingsService.ActivateTestPropertiesForFrame(SecurityS2TestFrames.NetworkKeyGet_S0, _NKGetNKReport);
#endregion
break;
case SecuritySchemes.S2_UNAUTHENTICATED:
#region NetworkKeyGet
_securityTestSettingsService.ActivateTestPropertiesForFrame(SecurityS2TestFrames.NetworkKeyGet_S2Unauthenticated, _NKGetNKReport);
#endregion
break;
case SecuritySchemes.S2_AUTHENTICATED:
#region NetworkKeyGet
_securityTestSettingsService.ActivateTestPropertiesForFrame(SecurityS2TestFrames.NetworkKeyGet_S2Authenticated, _NKGetNKReport);
#endregion
break;
case SecuritySchemes.S2_ACCESS:
#region NetworkKeyGet
_securityTestSettingsService.ActivateTestPropertiesForFrame(SecurityS2TestFrames.NetworkKeyGet_S2Access, _NKGetNKReport);
#endregion
break;
}
#endregion
ou.SetNextActionItems(_NKGetNKReport);
}
else
{
_TransferEnd.NodeId = NodeId;
_TransferEnd.BridgeNodeId = VirtualNodeId;
var cmd = new COMMAND_CLASS_SECURITY_2.SECURITY_2_TRANSFER_END();
cmd.properties1.keyRequestComplete = 1;
cmd.properties1.keyVerified = 0;
_TransferEnd.Data = cmd;
#region TransferEndB
_securityTestSettingsService.ActivateTestPropertiesForFrame(SecurityS2TestFrames.TransferEndB, _TransferEnd);
#endregion
ou.SetNextActionItems(_TransferEnd);
}
}
else
{
SetStateCompletedSecurityFailed(ou);
}
}
else
{
_securityManagerInfo.ActivateNetworkKeyS2TempForNode(_peerNodeId);
_KexFail.SubstituteSettings.ClearFlag(SubstituteFlags.DenySecurity);
_KexFail.Data = new COMMAND_CLASS_SECURITY_2.KEX_FAIL {
kexFailType = 0x07
}; // KEX_FAIL_AUTH
_KexFail.NodeId = NodeId;
_KexFail.BridgeNodeId = VirtualNodeId;
ou.SetNextActionItems(_KexFail);
}
}
else
{
SetStateCompletedSecurityFailed(ou);
}
}
private void OnNKReport(ActionCompletedUnit ou)
{
if (_NKGetNKReport.Result)
{
if (_NKGetNKReport.SpecificResult.RxSecurityScheme == SecuritySchemes.S2_TEMP)
{
COMMAND_CLASS_SECURITY_2.SECURITY_2_NETWORK_KEY_GET get = _NKGetNKReport.Data;
COMMAND_CLASS_SECURITY_2.SECURITY_2_NETWORK_KEY_REPORT rpt = _NKGetNKReport.SpecificResult.Command;
if (rpt.grantedKey == get.requestedKey && rpt.networkKey != null && rpt.networkKey.Length == 16)
{
NetworkKeyS2Flags verifyKey = (NetworkKeyS2Flags)rpt.grantedKey;
var scheme = SecurityManagerInfo.ConvertToSecurityScheme(verifyKey);
if (scheme != SecuritySchemes.NONE)
{
_grantedSchemes.Add(scheme);
SpecificResult.SecuritySchemes = _grantedSchemes.ToArray();
_securityManagerInfo.SetNetworkKey(rpt.networkKey, scheme);
if (scheme == SecuritySchemes.S0)
{
_securityManagerInfo.ActivateNetworkKeyS0();
}
_securityManagerInfo.ActivateNetworkKeyS2ForNode(_peerNodeId, scheme);
_NKVerifyTransferEnd.NewToken();
_NKVerifyTransferEnd.DestNodeId = NodeId;
_NKVerifyTransferEnd.SrcNodeId = VirtualNodeId;
var cmd = new COMMAND_CLASS_SECURITY_2.SECURITY_2_NETWORK_KEY_VERIFY();
_NKVerifyTransferEnd.Data = cmd;
#region TestFrame Section
switch (scheme)
{
case SecuritySchemes.S0:
#region NetworkKeyVerify_S0
_securityTestSettingsService.ActivateTestPropertiesForFrame(SecurityS2TestFrames.NetworkKeyVerify_S0, _NKVerifyTransferEnd);
#endregion
break;
case SecuritySchemes.S2_UNAUTHENTICATED:
#region NetworkKeyVerify_S2Unauthenticated
_securityTestSettingsService.ActivateTestPropertiesForFrame(SecurityS2TestFrames.NetworkKeyVerify_S2Unauthenticated, _NKVerifyTransferEnd);
#endregion
break;
case SecuritySchemes.S2_AUTHENTICATED:
#region NetworkKeyVerify_S2Authenticated
_securityTestSettingsService.ActivateTestPropertiesForFrame(SecurityS2TestFrames.NetworkKeyVerify_S2Authenticated, _NKVerifyTransferEnd);
#endregion
break;
case SecuritySchemes.S2_ACCESS:
#region NetworkKeyVerify_S2Access
_securityTestSettingsService.ActivateTestPropertiesForFrame(SecurityS2TestFrames.NetworkKeyVerify_S2Access, _NKVerifyTransferEnd);
#endregion
break;
}
#endregion
_NKVerifyTransferEnd.SendDataSubstituteCallback = () =>
{
_securityManagerInfo.ActivateNetworkKeyS2TempForNode(_peerNodeId);
};
}
else
{
_securityManagerInfo.ActivateNetworkKeyS2TempForNode(_peerNodeId);
_KexFail.SubstituteSettings.ClearFlag(SubstituteFlags.DenySecurity);
_KexFail.Data = new COMMAND_CLASS_SECURITY_2.KEX_FAIL {
kexFailType = 0x0A
}; // KEX_FAIL_KEY_REPORT
_KexFail.NodeId = NodeId;
_KexFail.BridgeNodeId = VirtualNodeId;
ou.SetNextActionItems(_KexFail);
}
}
else
{
_securityManagerInfo.ActivateNetworkKeyS2TempForNode(_peerNodeId);
_KexFail.SubstituteSettings.ClearFlag(SubstituteFlags.DenySecurity);
_KexFail.Data = new COMMAND_CLASS_SECURITY_2.KEX_FAIL {
kexFailType = 0x0A
}; // KEX_FAIL_KEY_REPORT
_KexFail.NodeId = NodeId;
_KexFail.BridgeNodeId = VirtualNodeId;
ou.SetNextActionItems(_KexFail);
}
}
else
{
_securityManagerInfo.ActivateNetworkKeyS2TempForNode(_peerNodeId);
_KexFail.SubstituteSettings.ClearFlag(SubstituteFlags.DenySecurity);
_KexFail.Data = new COMMAND_CLASS_SECURITY_2.KEX_FAIL {
kexFailType = 0x07
}; // KEX_FAIL_AUTH
_KexFail.NodeId = NodeId;
_KexFail.BridgeNodeId = VirtualNodeId;
ou.SetNextActionItems(_KexFail);
}
}
else
{
SetStateCompletedSecurityFailed(ou);
}
}
private void OnKEXReportEcho(ActionCompletedUnit ou)
{
if (_KEXSetEchoKEXReportEcho.Result)
{
_isWaitingForKexReportEcho = false;
if (_KEXSetEchoKEXReportEcho.SpecificResult.RxSecurityScheme == SecuritySchemes.S2_TEMP)
{
if (ValidateKexReportEcho(_KEXSetEchoKEXReportEcho.SpecificResult.Command))
{
_NKGetNKReport.DestNodeId = NodeId;
_NKGetNKReport.SrcNodeId = VirtualNodeId;
if (_grantedKeys.Count > 0)
{
var cmd = new COMMAND_CLASS_SECURITY_2.SECURITY_2_NETWORK_KEY_GET();
var key = _grantedKeys.Dequeue();
cmd.requestedKey = (byte)key;
_NKGetNKReport.Data = cmd;
ou.SetNextActionItems(_NKGetNKReport);
#region TestFrame Section
var scheme = SecurityManagerInfo.ConvertToSecurityScheme(key);
switch (scheme)
{
case SecuritySchemes.S0:
#region NetworkKeyGet
_securityTestSettingsService.ActivateTestPropertiesForFrame(SecurityS2TestFrames.NetworkKeyGet_S0, _NKGetNKReport);
#endregion
break;
case SecuritySchemes.S2_UNAUTHENTICATED:
#region NetworkKeyGet
_securityTestSettingsService.ActivateTestPropertiesForFrame(SecurityS2TestFrames.NetworkKeyGet_S2Unauthenticated, _NKGetNKReport);
#endregion
break;
case SecuritySchemes.S2_AUTHENTICATED:
#region NetworkKeyGet
_securityTestSettingsService.ActivateTestPropertiesForFrame(SecurityS2TestFrames.NetworkKeyGet_S2Authenticated, _NKGetNKReport);
#endregion
break;
case SecuritySchemes.S2_ACCESS:
#region NetworkKeyGet
_securityTestSettingsService.ActivateTestPropertiesForFrame(SecurityS2TestFrames.NetworkKeyGet_S2Access, _NKGetNKReport);
#endregion
break;
}
#endregion
}
else
{
_TransferEnd.NodeId = NodeId;
_TransferEnd.BridgeNodeId = VirtualNodeId;
var cmd = new COMMAND_CLASS_SECURITY_2.SECURITY_2_TRANSFER_END();
cmd.properties1.keyRequestComplete = 1;
cmd.properties1.keyVerified = 0;
_TransferEnd.Data = cmd;
#region TransferEndB
_securityTestSettingsService.ActivateTestPropertiesForFrame(SecurityS2TestFrames.TransferEndB, _TransferEnd);
#endregion
ou.SetNextActionItems(_TransferEnd);
}
}
else
{
_KexFail.SubstituteSettings.ClearFlag(SubstituteFlags.DenySecurity);
_KexFail.Data = new COMMAND_CLASS_SECURITY_2.KEX_FAIL {
kexFailType = 0x07
}; // KEX_FAIL_AUTH
_KexFail.NodeId = NodeId;
_KexFail.BridgeNodeId = VirtualNodeId;
ou.SetNextActionItems(_KexFail);
}
}
else
{
_KexFail.SubstituteSettings.ClearFlag(SubstituteFlags.DenySecurity);
_KexFail.Data = new COMMAND_CLASS_SECURITY_2.KEX_FAIL {
kexFailType = 0x07
}; // KEX_FAIL_AUTH
_KexFail.NodeId = NodeId;
_KexFail.BridgeNodeId = VirtualNodeId;
ou.SetNextActionItems(_KexFail);
}
}
else if (_isClientSideAuthGranted)
{
_KexFail.Data = new COMMAND_CLASS_SECURITY_2.KEX_FAIL {
kexFailType = 0x06
}; // KEX_FAIL_CANCEL
_KexFail.NodeId = NodeId;
_KexFail.BridgeNodeId = VirtualNodeId;
ou.SetNextActionItems(_KexFail);
}
else if ((DateTime.Now - _PkReportReceivedTimeStamp).TotalMilliseconds < InclusionS2TimeoutConstants.Including.UserInputDsk)
{
_KEXSetEchoKEXReportEcho.NewToken();
ou.SetNextActionItems(_KEXSetEchoKEXReportEcho);
}
else
{
SetStateCompletedSecurityFailed(ou);
}
}
