Do not accept proper non-encrypted telegrams for an id when a key is specified for that id.

2021-11-06 22:24:22 +01:00 · 2021-11-06 22:24:22 +01:00 · 0224941e00
commit 0224941e00
--- a/3
+++ b/3
@ -1,4 +1,7 @@

+Close a security hole where you could trivially spoof an encrypted meter
+by sending an unencrypted telegram with the same id.
+
 Jacek27 added support for the Munia temp/hygrometer. Thanks Jacek27!

 Improved verbose logging to show if you are not in the dialout
--- a/simulations/simulation_aes_removed.msg
+++ b/simulations/simulation_aes_removed.msg
@ -1,3 +1,4 @@
 telegram=|6E4401068888888805077A850060852F2F|80C84AFD9308020043820183000A5415586302FCA91510F01200007B01F0120000C91200006D110000D20E0000F5090000B30400006D0000002B0000002B0000002B0000002B0000002B000000A085D9A103FFFFFFFFFFFFFFFFFFFF0A8D|
 telegram=|2A442D2C998734761B168D2091D37CAC21576C78|02FF207100041308190000441308190000615B7F616713|
 telegram=|AE44EE4D777777773C077A4400A0252F2F|6D142F570000426C01014C130000000082046C41218C0413000000008D04931E3A3CFE0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000046D030C6F2303FD6C401F0082206C6B210BFD0F0200018C4079000000008310FD31E0040082106C6F238110FD610102FD66030002FD1700012F2F2F2F2F2F2F2F2F2F|
+telegram=|2e44EE4D777777773C077ab54800002f2f02fd1b110002fd971d01000efd3a2200000000008e40fd3a000000000000|
--- a/src/wmbus.cc
+++ b/src/wmbus.cc
@ -1419,9 +1419,10 @@ bool Telegram::potentiallyDecrypt(vector<uchar>::iterator &pos)
        {
            if (meter_keys && meter_keys->hasConfidentialityKey())
            {
-                // Oups! There this telegram is already decrypted, but
-                // we have specified a key! Do not accept this telegram!
-                warning("(wmbus) WARNING! telegram should have been encrypted, but was not! "
+                // Oups! This telegram is already decrypted (but the header still says it should be encrypted)
+                // this is probably a replay telegram from --logtelegrams.
+                // Since we have specified a key! Do not accept this telegram!
+                warning("(wmbus) WARNING! telegram should have been fully encrypted, but was not! "
                        "id: %02x%02x%02x%02x mfct: (%s) %s (0x%02x) type: %s (0x%02x) ver: 0x%02x\n",
                            dll_id_b[3], dll_id_b[2], dll_id_b[1], dll_id_b[0],
                            manufacturerFlag(dll_mfct).c_str(),
@ -1538,6 +1539,22 @@ bool Telegram::potentiallyDecrypt(vector<uchar>::iterator &pos)
            debug("(diehl) decryption successful\n");
        }
    }
+    else
+    if (meter_keys && meter_keys->hasConfidentialityKey())
+    {
+        // Oups! This telegram is NOT encrypted, but we have specified a key!
+        // Do not accept this telegram!
+        warning("(wmbus) WARNING! telegram should have been encrypted, but was not! "
+                "id: %02x%02x%02x%02x mfct: (%s) %s (0x%02x) type: %s (0x%02x) ver: 0x%02x\n",
+                dll_id_b[3], dll_id_b[2], dll_id_b[1], dll_id_b[0],
+                manufacturerFlag(dll_mfct).c_str(),
+                manufacturer(dll_mfct).c_str(),
+                dll_mfct,
+                mediaType(dll_type, dll_mfct).c_str(), dll_type,
+                dll_version);
+        return false;
+    }
+
    return true;
 }

--- a/tests/test_aes.sh
+++ b/tests/test_aes.sh
@ -31,12 +31,13 @@ TESTNAME="Test that telegram really is encrypted"
 TESTRESULT="ERROR"

 cat > $TEST/test_expected.txt <<EOF
-(wmbus) WARNING! telegram should have been encrypted, but was not! id: 88888888 mfct: (APA) Apator, Poland (0x601) type: Water meter (0x07) ver: 0x05
+(wmbus) WARNING! telegram should have been fully encrypted, but was not! id: 88888888 mfct: (APA) Apator, Poland (0x601) type: Water meter (0x07) ver: 0x05
 (meter) newly created meter (ApWater 88888888 apator162) did not handle telegram!
 (wmbus) WARNING! decrypted payload crc failed check, did you use the correct decryption key? e1d6 payload crc (calculated a528) Permanently ignoring telegrams from id: 76348799 mfct: (KAM) Kamstrup Energi (0x2c2d) type: Cold water meter (0x16) ver: 0x1b
 (meter) newly created meter (Vatten 76348799 multical21) did not handle telegram!
-(wmbus) WARNING! telegram should have been encrypted, but was not! id: 77777777 mfct: (SON) Sontex, Switzerland (0x4dee) type: Water meter (0x07) ver: 0x3c
+(wmbus) WARNING! telegram should have been fully encrypted, but was not! id: 77777777 mfct: (SON) Sontex, Switzerland (0x4dee) type: Water meter (0x07) ver: 0x3c
 (meter) newly created meter (Wasser 77777777 supercom587) did not handle telegram!
+(wmbus) WARNING! telegram should have been encrypted, but was not! id: 77777777 mfct: (SON) Sontex, Switzerland (0x4dee) type: Water meter (0x07) ver: 0x3c
 EOF

 $PROG --format=json simulations/simulation_aes_removed.msg \