use of org.openmuc.jdlms.SecuritySuite in project open-smart-grid-platform by OSGP.
the class Hls5Connector method setSecurity.
@Override
protected void setSecurity(final MessageMetadata messageMetadata, final DlmsDevice device, final SecurityKeyProvider provider, final TcpConnectionBuilder tcpConnectionBuilder) throws FunctionalException {
final Map<SecurityKeyType, byte[]> encryptedKeys = provider.getKeys(messageMetadata, device.getDeviceIdentification(), Arrays.asList(E_METER_AUTHENTICATION, E_METER_ENCRYPTION));
final byte[] dlmsAuthenticationKey = encryptedKeys.get(E_METER_AUTHENTICATION);
final byte[] dlmsEncryptionKey = encryptedKeys.get(E_METER_ENCRYPTION);
// Validate keys before JDLMS does and throw a FunctionalException if
// necessary
this.validateKeys(dlmsAuthenticationKey, dlmsEncryptionKey);
this.configureIvData(tcpConnectionBuilder, device);
final SecuritySuite securitySuite = SecuritySuite.builder().setAuthenticationKey(dlmsAuthenticationKey).setAuthenticationMechanism(AuthenticationMechanism.HLS5_GMAC).setGlobalUnicastEncryptionKey(dlmsEncryptionKey).setEncryptionMechanism(EncryptionMechanism.AES_GCM_128).build();
tcpConnectionBuilder.setSecuritySuite(securitySuite).setClientId(this.clientId);
}
use of org.openmuc.jdlms.SecuritySuite in project open-smart-grid-platform by OSGP.
the class Lls1Connector method setSecurity.
@Override
protected void setSecurity(final MessageMetadata messageMetadata, final DlmsDevice device, final SecurityKeyProvider keyProvider, final TcpConnectionBuilder tcpConnectionBuilder) throws OsgpException {
final byte[] password;
try {
password = keyProvider.getKeys(messageMetadata, device.getDeviceIdentification(), Collections.singletonList(SecurityKeyType.PASSWORD)).get(SecurityKeyType.PASSWORD);
} catch (final EncrypterException e) {
LOGGER.error("Error determining DLMS password setting up LLS1 connection", e);
throw new FunctionalException(FunctionalExceptionType.INVALID_DLMS_KEY_ENCRYPTION, ComponentType.PROTOCOL_DLMS);
}
if (password == null) {
LOGGER.error("There is no password available for device {}", device.getDeviceIdentification());
throw new FunctionalException(FunctionalExceptionType.INVALID_DLMS_KEY_ENCRYPTION, ComponentType.PROTOCOL_DLMS);
}
final SecuritySuite securitySuite = SecuritySuite.builder().setAuthenticationMechanism(AuthenticationMechanism.LOW).setPassword(password).build();
tcpConnectionBuilder.setSecuritySuite(securitySuite).setClientId(this.clientId);
}
use of org.openmuc.jdlms.SecuritySuite in project open-smart-grid-platform by OSGP.
the class LogicalDeviceBuilder method build.
public LogicalDevice build() throws IOException {
final LogicalDevice logicalDevice = new LogicalDevice(this.logicalDeviceId, this.logicalDeviceName, this.manufacturer, this.deviceId);
if (this.authenticationKeyPath != null && this.encryptionKeyPath != null && this.masterKeyPath != null) {
final byte[] auth = Files.readAllBytes(new File(this.authenticationKeyPath).toPath());
final byte[] enc = Files.readAllBytes(new File(this.encryptionKeyPath).toPath());
final byte[] master = Files.readAllBytes(new File(this.masterKeyPath).toPath());
final SecuritySuite securitySuite = SecuritySuite.builder().setAuthenticationKey(auth).setAuthenticationMechanism(AuthenticationMechanism.HLS5_GMAC).setGlobalUnicastEncryptionKey(enc).setEncryptionMechanism(EncryptionMechanism.AES_GCM_128).build();
logicalDevice.addRestriction(this.clientId, securitySuite);
logicalDevice.setMasterKey(master);
} else if (1 == this.securityLevel) {
final SecuritySuite securitySuite = SecuritySuite.builder().setPassword("11111111".getBytes(StandardCharsets.UTF_8)).setAuthenticationMechanism(AuthenticationMechanism.LOW).setEncryptionMechanism(EncryptionMechanism.NONE).build();
logicalDevice.addRestriction(this.clientId, securitySuite);
}
if (this.clientId != PUBLIC_CLIENT_CLIENT_ID && this.securityLevel != 0) {
// When creating a logical device with a secured non-public interface, add a public client.
// This ensures that such devices always have a public client interface in addition to the
// configured
// interface (usually: management interface).
// Not that this approach is not realistic in the sense that the public client should not
// expose the same
// objects as the secured interface, but for the purposes of a simulator this simplification
// should be ok.
this.addPublicClientTo(logicalDevice);
}
logicalDevice.registerCosemObject(this.cosemClasses);
return logicalDevice;
}
Aggregations