From d32b69a8100baefe04adf0e48843b6539dca0a50 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fredrik=20=C3=96hrstr=C3=B6m?= <oehrstroem@gmail.com>
Date: Sat, 6 Nov 2021 21:41:36 +0100
Subject: [PATCH] Do not accept non-encrypted telegrams when a key is
 specified.

---
 simulations/simulation_aes_removed.msg |  3 +++
 src/wmbus.cc                           | 29 ++++++++++++++++++++------
 tests/test_aes.sh                      | 26 +++++++++++++++++++++++
 tests/test_key_warnings.sh             |  4 ++--
 tests/test_wrongkeys.sh                |  6 +++---
 5 files changed, 57 insertions(+), 11 deletions(-)
 create mode 100644 simulations/simulation_aes_removed.msg

diff --git a/simulations/simulation_aes_removed.msg b/simulations/simulation_aes_removed.msg
new file mode 100644
index 0000000..16827fa
--- /dev/null
+++ b/simulations/simulation_aes_removed.msg
@@ -0,0 +1,3 @@
+telegram=|6E4401068888888805077A850060852F2F|80C84AFD9308020043820183000A5415586302FCA91510F01200007B01F0120000C91200006D110000D20E0000F5090000B30400006D0000002B0000002B0000002B0000002B0000002B000000A085D9A103FFFFFFFFFFFFFFFFFFFF0A8D|
+telegram=|2A442D2C998734761B168D2091D37CAC21576C78|02FF207100041308190000441308190000615B7F616713|
+telegram=|AE44EE4D777777773C077A4400A0252F2F|6D142F570000426C01014C130000000082046C41218C0413000000008D04931E3A3CFE0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000046D030C6F2303FD6C401F0082206C6B210BFD0F0200018C4079000000008310FD31E0040082106C6F238110FD610102FD66030002FD1700012F2F2F2F2F2F2F2F2F2F|
diff --git a/src/wmbus.cc b/src/wmbus.cc
index e828bd8..90d898e 100644
--- a/src/wmbus.cc
+++ b/src/wmbus.cc
@@ -1010,7 +1010,7 @@ bool Telegram::parseELL(vector<uchar>::iterator &pos)
                 if (isVerboseEnabled() || isDebugEnabled() || !warned_for_telegram_before(this, dll_a))
                 {
                     // Print this warning only once! Unless you are using verbose or debug.
-                    warning("(wmbus) decrypted payload crc failed check, did you use the correct decryption key? "
+                    warning("(wmbus) WARNING! decrypted payload crc failed check, did you use the correct decryption key? "
                             "%02x%02x payload crc (calculated %02x%02x) "
                             "Permanently ignoring telegrams from id: %02x%02x%02x%02x mfct: (%s) %s (0x%02x) type: %s (0x%02x) ver: 0x%02x\n",
                             ell_pl_crc_b[0], ell_pl_crc_b[1],
@@ -1134,7 +1134,7 @@ bool Telegram::parseAFL(vector<uchar>::iterator &pos)
             len != 12 &&
             len != 16)
         {
-            warning("(wmbus) bad length of mac\n");
+            warning("(wmbus) WARNING! bad length of mac\n");
             return false;
         }
         afl_mac_b.clear();
@@ -1415,7 +1415,24 @@ bool Telegram::potentiallyDecrypt(vector<uchar>::iterator &pos)
 {
     if (tpl_sec_mode == TPLSecurityMode::AES_CBC_IV)
     {
-        if (alreadyDecryptedCBC(pos)) return true;
+        if (alreadyDecryptedCBC(pos))
+        {
+            if (meter_keys && meter_keys->hasConfidentialityKey())
+            {
+                // Oups! There this telegram is already decrypted, but
+                // we have specified a key! Do not accept this telegram!
+                warning("(wmbus) WARNING! telegram should have been encrypted, but was not! "
+                        "id: %02x%02x%02x%02x mfct: (%s) %s (0x%02x) type: %s (0x%02x) ver: 0x%02x\n",
+                            dll_id_b[3], dll_id_b[2], dll_id_b[1], dll_id_b[0],
+                            manufacturerFlag(dll_mfct).c_str(),
+                            manufacturer(dll_mfct).c_str(),
+                            dll_mfct,
+                            mediaType(dll_type, dll_mfct).c_str(), dll_type,
+                            dll_version);
+                return false;
+            }
+            return true;
+        }
         if (!meter_keys) return false;
         if (!meter_keys->hasConfidentialityKey())
         {
@@ -1433,7 +1450,7 @@ bool Telegram::potentiallyDecrypt(vector<uchar>::iterator &pos)
                 if (isVerboseEnabled() || isDebugEnabled() || !warned_for_telegram_before(this, dll_a))
                 {
                     // Print this warning only once! Unless you are using verbose or debug.
-                    warning("(wmbus) decrypted content failed check, did you use the correct decryption key? "
+                    warning("(wmbus) WARNING! decrypted content failed check, did you use the correct decryption key? "
                             "Permanently ignoring telegrams from id: %02x%02x%02x%02x mfct: (%s) %s (0x%02x) type: %s (0x%02x) ver: 0x%02x\n",
                             dll_id_b[3], dll_id_b[2], dll_id_b[1], dll_id_b[0],
                             manufacturerFlag(dll_mfct).c_str(),
@@ -1466,7 +1483,7 @@ bool Telegram::potentiallyDecrypt(vector<uchar>::iterator &pos)
                 if (isVerboseEnabled() || isDebugEnabled() || !warned_for_telegram_before(this, dll_a))
                 {
                     // Print this warning only once! Unless you are using verbose or debug.
-                    warning("(wmbus) telegram mac check failed, did you use the correct decryption key? "
+                    warning("(wmbus) WARNING! telegram mac check failed, did you use the correct decryption key? "
                             "Permanently ignoring telegrams from id: %02x%02x%02x%02x mfct: (%s) %s (0x%02x) type: %s (0x%02x) ver: 0x%02x\n",
                             dll_id_b[3], dll_id_b[2], dll_id_b[1], dll_id_b[0],
                             manufacturerFlag(dll_mfct).c_str(),
@@ -1491,7 +1508,7 @@ bool Telegram::potentiallyDecrypt(vector<uchar>::iterator &pos)
                 if (isVerboseEnabled() || isDebugEnabled() || !warned_for_telegram_before(this, dll_a))
                 {
                     // Print this warning only once! Unless you are using verbose or debug.
-                    warning("(wmbus) decrypted content failed check, did you use the correct decryption key? "
+                    warning("(wmbus) WARNING! decrypted content failed check, did you use the correct decryption key? "
                             "Permanently ignoring telegrams from id: %02x%02x%02x%02x mfct: (%s) %s (0x%02x) type: %s (0x%02x) ver: 0x%02x\n",
                             dll_id_b[3], dll_id_b[2], dll_id_b[1], dll_id_b[0],
                             manufacturerFlag(dll_mfct).c_str(),
diff --git a/tests/test_aes.sh b/tests/test_aes.sh
index d2c9cf7..3eafc65 100755
--- a/tests/test_aes.sh
+++ b/tests/test_aes.sh
@@ -26,3 +26,29 @@ then
 fi
 
 if [ "$TESTRESULT" = "ERROR" ]; then echo ERROR: $TESTNAME;  exit 1; fi
+
+TESTNAME="Test that telegram really is encrypted"
+TESTRESULT="ERROR"
+
+cat > $TEST/test_expected.txt <<EOF
+(wmbus) WARNING! telegram should have been encrypted, but was not! id: 88888888 mfct: (APA) Apator, Poland (0x601) type: Water meter (0x07) ver: 0x05
+(meter) newly created meter (ApWater 88888888 apator162) did not handle telegram!
+(wmbus) WARNING! decrypted payload crc failed check, did you use the correct decryption key? e1d6 payload crc (calculated a528) Permanently ignoring telegrams from id: 76348799 mfct: (KAM) Kamstrup Energi (0x2c2d) type: Cold water meter (0x16) ver: 0x1b
+(meter) newly created meter (Vatten 76348799 multical21) did not handle telegram!
+(wmbus) WARNING! telegram should have been encrypted, but was not! id: 77777777 mfct: (SON) Sontex, Switzerland (0x4dee) type: Water meter (0x07) ver: 0x3c
+(meter) newly created meter (Wasser 77777777 supercom587) did not handle telegram!
+EOF
+
+$PROG --format=json simulations/simulation_aes_removed.msg \
+      ApWater apator162   88888888 00000000000000000000000000000000 \
+      Vatten  multical21  76348799 28F64A24988064A079AA2C807D6102AE \
+      Wasser  supercom587 77777777 5065747220486F6C79737A6577736B69 > $TEST/test_output.txt 2>&1
+
+diff $TEST/test_expected.txt $TEST/test_output.txt
+if [ "$?" = "0" ]
+then
+    echo "OK: $TESTNAME"
+    TESTRESULT="OK"
+fi
+
+if [ "$TESTRESULT" = "ERROR" ]; then echo ERROR: $TESTNAME;  exit 1; fi
diff --git a/tests/test_key_warnings.sh b/tests/test_key_warnings.sh
index a9e5b6d..7ad10a1 100755
--- a/tests/test_key_warnings.sh
+++ b/tests/test_key_warnings.sh
@@ -13,7 +13,7 @@ $PROG --format=json simulations/simulation_bad_keys.txt room fhkvdataiii 0306571
 cat > $TEST/expected_err.txt <<EOF
 (meter) room: meter detection did not match the selected driver fhkvdataiii! correct driver is: fhkvdataiv
 (meter) Not printing this warning again for id: 03065716 mfct: (TCH) Techem Service (0x5068) type: Heat Cost Allocator (0x08) ver: 0x94
-(wmbus) decrypted content failed check, did you use the correct decryption key? Permanently ignoring telegrams from id: 03065716 mfct: (TCH) Techem Service (0x5068) type: Heat Cost Allocator (0x08) ver: 0x94
+(wmbus) WARNING! decrypted content failed check, did you use the correct decryption key? Permanently ignoring telegrams from id: 03065716 mfct: (TCH) Techem Service (0x5068) type: Heat Cost Allocator (0x08) ver: 0x94
 EOF
 
 diff $TEST/test_stderr.txt $TEST/expected_err.txt
@@ -28,7 +28,7 @@ $PROG --format=json simulations/simulation_bad_keys.txt room fhkvdataiv 03065716
 cat > $TEST/expected_err.txt <<EOF
 (meter) room: meter detection did not match the selected driver fhkvdataiv! correct driver is: fhkvdataiii
 (meter) Not printing this warning again for id: 03065716 mfct: (TCH) Techem Service (0x5068) type: Heat Cost Allocator (0x80) ver: 0x94
-(wmbus) decrypted content failed check, did you use the correct decryption key? Permanently ignoring telegrams from id: 03065716 mfct: (TCH) Techem Service (0x5068) type: Heat Cost Allocator (0x08) ver: 0x94
+(wmbus) WARNING! decrypted content failed check, did you use the correct decryption key? Permanently ignoring telegrams from id: 03065716 mfct: (TCH) Techem Service (0x5068) type: Heat Cost Allocator (0x08) ver: 0x94
 EOF
 
 diff $TEST/test_stderr.txt $TEST/expected_err.txt
diff --git a/tests/test_wrongkeys.sh b/tests/test_wrongkeys.sh
index 0fb986d..622672a 100755
--- a/tests/test_wrongkeys.sh
+++ b/tests/test_wrongkeys.sh
@@ -28,11 +28,11 @@ fi
 
 cat <<EOF > $TEST/test_expected.txt
 Started config rtlwmbus on stdin listening on any
-(wmbus) decrypted content failed check, did you use the correct decryption key? Permanently ignoring telegrams from id: 88888888 mfct: (APA) Apator, Poland (0x601) type: Water meter (0x07) ver: 0x05
+(wmbus) WARNING! decrypted content failed check, did you use the correct decryption key? Permanently ignoring telegrams from id: 88888888 mfct: (APA) Apator, Poland (0x601) type: Water meter (0x07) ver: 0x05
 (meter) newly created meter (ApWater 88888888 apator162) did not handle telegram!
-(wmbus) decrypted payload crc failed check, did you use the correct decryption key? 979f payload crc (calculated 3431) Permanently ignoring telegrams from id: 76348799 mfct: (KAM) Kamstrup Energi (0x2c2d) type: Cold water meter (0x16) ver: 0x1b
+(wmbus) WARNING! decrypted payload crc failed check, did you use the correct decryption key? 979f payload crc (calculated 3431) Permanently ignoring telegrams from id: 76348799 mfct: (KAM) Kamstrup Energi (0x2c2d) type: Cold water meter (0x16) ver: 0x1b
 (meter) newly created meter (Vatten 76348799 multical21) did not handle telegram!
-(wmbus) decrypted content failed check, did you use the correct decryption key? Permanently ignoring telegrams from id: 77777777 mfct: (SON) Sontex, Switzerland (0x4dee) type: Water meter (0x07) ver: 0x3c
+(wmbus) WARNING! decrypted content failed check, did you use the correct decryption key? Permanently ignoring telegrams from id: 77777777 mfct: (SON) Sontex, Switzerland (0x4dee) type: Water meter (0x07) ver: 0x3c
 (meter) newly created meter (Wasser 77777777 supercom587) did not handle telegram!
 EOF