/*
Copyright (C) 2018-2019 Fredrik Öhrström
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see .
*/
#include"aes.h"
#include"util.h"
#include"wmbus.h"
#include
void decryptMode1_AES_CTR(Telegram *t, vector &aeskey)
{
vector content;
content.insert(content.end(), t->payload.begin(), t->payload.end());
debugPayload("(Mode1) decrypting", content);
size_t remaining = content.size();
if (remaining > 16) remaining = 16;
uchar iv[16];
int i=0;
// M-field
iv[i++] = t->m_field&255; iv[i++] = t->m_field>>8;
// A-field
for (int j=0; j<6; ++j) { iv[i++] = t->a_field[j]; }
// CC-field
iv[i++] = t->cc_field;
// SN-field
for (int j=0; j<4; ++j) { iv[i++] = t->sn[j]; }
// FN
iv[i++] = 0; iv[i++] = 0;
// BC
iv[i++] = 0;
vector ivv(iv, iv+16);
string s = bin2hex(ivv);
debug("(Mode1) IV %s\n", s.c_str());
uchar xordata[16];
AES_ECB_encrypt(iv, &aeskey[0], xordata, 16);
uchar decrypt[16];
xorit(xordata, &content[0], decrypt, remaining);
vector dec(decrypt, decrypt+remaining);
debugPayload("(Mode1) decrypted first block", dec);
if (content.size() > 16) {
remaining = content.size()-16;
if (remaining > 16) remaining = 16; // Should not happen.
incrementIV(iv, sizeof(iv));
vector ivv2(iv, iv+16);
string s2 = bin2hex(ivv2);
debug("(Mode1) IV+1 %s\n", s2.c_str());
AES_ECB_encrypt(iv, &aeskey[0], xordata, 16);
xorit(xordata, &content[16], decrypt, remaining);
vector dec2(decrypt, decrypt+remaining);
debugPayload("(Mode1) decrypted second block", dec2);
// Append the second decrypted block to the first.
dec.insert(dec.end(), dec2.begin(), dec2.end());
}
t->content.clear();
t->content.insert(t->content.end(), dec.begin(), dec.end());
debugPayload("(Mode1) decrypted", t->content);
}
string frameTypeKamstrupC1(int ft) {
if (ft == 0x78) return "long frame";
if (ft == 0x79) return "short frame";
return "?";
}
void decryptMode5_AES_CBC(Telegram *t, vector &aeskey)
{
vector content;
content.insert(content.end(), t->payload.begin(), t->payload.end());
debugPayload("(Mode5) decrypting", content);
// The content should be a multiple of 16 since we are using AES CBC mode.
if (content.size() % 16 != 0)
{
warning("(Mode5) warning: decryption received non-multiple of 16 bytes! "
"Got %zu bytes shrinking message to %zu bytes.\n",
content.size(), content.size() - content.size() % 16);
while (content.size() % 16 != 0)
{
content.pop_back();
}
}
uchar iv[16];
int i=0;
// M-field
iv[i++] = t->m_field&255; iv[i++] = t->m_field>>8;
// A-field
for (int j=0; j<6; ++j) { iv[i++] = t->a_field[j]; }
// ACC
for (int j=0; j<8; ++j) { iv[i++] = t->acc; }
vector ivv(iv, iv+16);
string s = bin2hex(ivv);
debug("(Mode5) IV %s\n", s.c_str());
uchar content_data[content.size()];
memcpy(content_data, &content[0], content.size());
uchar decrypted_data[content.size()];
AES_CBC_decrypt_buffer(decrypted_data, content_data, content.size(), &aeskey[0], iv);
if (decrypted_data[0] != 0x2F || decrypted_data[1] != 0x2F) {
warning("(Mode5) warning: telegram payload does not start with 2F2F (did you use the correct encryption key?)\n");
}
t->content.clear();
t->content.insert(t->content.end(), decrypted_data, decrypted_data+content.size());
debugPayload("(Mode5) decrypted", t->content);
}