public static byte[] DecryptPayload(byte[] externalNonce, byte[] internalNonce, byte[] securityKey, byte[] message) { ZWaveAES AES = new ZWaveAES(); byte[] _authKey = new byte[16]; byte[] _encKey = new byte[16]; SecurityS0Utils.LoadKeys(AES, securityKey, out _authKey, out _encKey); byte[] _IV = new byte[16]; Array.Copy(internalNonce, 0, _IV, 0, internalNonce.Length); Array.Copy(externalNonce, 0, _IV, 8, externalNonce.Length); SecurityS0Utils.Decrypt(AES, _encKey, _IV, ref message); return(message); }
private byte[] Decrypt(COMMAND_CLASS_SECURITY.SECURITY_MESSAGE_ENCAPSULATION cmd, byte cmdId, byte senderNodeId, byte receivedNodeId, out byte decryptedProperties) { decryptedProperties = 0; byte[] ret = null; byte[] internalNonce = NonceS0Storage.Find(new OrdinalPeerNodeId(senderNodeId, receivedNodeId), cmd.receiversNonceIdentifier); if (internalNonce != null) { byte[] IV = new byte[16]; Array.Copy(cmd.initializationVectorByte.ToArray(), 0, IV, 0, 8); Array.Copy(internalNonce, 0, IV, 8, 8); int len = 1; if (cmd.commandByte != null) { len += cmd.commandByte.Count; } byte[] payload = new byte[len]; payload[0] = cmd.properties1; for (int i = 0; i < len - 1; i++) { payload[i + 1] = cmd.commandByte[i]; } byte[] header = new byte[20]; Array.Copy(IV, 0, header, 0, IV.Length); header[16] = cmdId; header[17] = senderNodeId; header[18] = receivedNodeId; header[19] = (byte)payload.Length; if (SecurityS0Utils.VerifyAuthTag(AesEngine, _authKey, header, payload, cmd.messageAuthenticationCodeByte.ToArray())) { SecurityS0Utils.Decrypt(AesEngine, _encKey, IV, ref payload); ret = new byte[payload.Length - 1]; // exclude properties Array.Copy(payload, 1, ret, 0, ret.Length); decryptedProperties = payload[0]; } else { "^{0} <<|<< {1} {2}"._DLOG(0, "N/D", internalNonce.GetHex()); } } else { "^{0} <<|<< {1} {2}"._DLOG(0, "N/D", "N/Nonce"); } return(ret); }