You need to change the password if you are using Low authentication. GMac is not using the password.
Check also system title if connection fails.
m_Parser->GetCiphering()->SetSystemTitle()
Connection succeeded at first. Now I am trying it again and it fails even when all data sent to meter are same.
Just little hint for better security you should make CToS more random. It seems it is same if I run program repeatedly. For your info. Because I am using C++2003 compiler i had to rewrite some parts of Gurux library to be compatible with old compiler. Maybe the behaviour is different under C++11 compiler.
[11:09:47:330] - Open port COM8 (E:\Projects\mdex\dlms\bin\dlms.exe)
[11:09:50:585] Written data (COM8)
7e a0 07 21 25 93 ec d0 7e
[11:09:50:624] Read data (COM8)
7e a0 20 25 21 73 91 eb 81 80 14 05 02 00 80 06
02 00 80 07 04 00 00 00 01 08 04 00 00 00 01 ce
6a 7e
[11:09:50:656] Written data (COM8)
7e a0 6b 21 25 10 af 68 e6 e6 00 60 5d a1 09 06
07 60 85 74 05 08 01 03 a6 0a 04 08 41 42 43 44
45 46 47 48 8a 02 07 80 8b 07 60 85 74 05 08 02
05 ac 12 80 10 5a 82 e6 42 88 cd bb 0f a4 96 2c
de f3 5f 3c 50 be 23 04 21 21 1f 30 00 00 00 00
a7 7c 98 f2 b1 e1 7f 2e 1a 30 22 fc 9b b9 2d 44
62 26 6e 6d 0f b3 86 59 49 94 55 d1 7e
Thank you for all your advices.
Re last post: Problem was that I was not setting invocation counter parameter during creation of secure connection. I had to first connect using public client (client address = 16) and read value of invocation counter from register 0.1.43.1.1.255. Then I use this value for second (secure) connection:
cl = new CGXDLMSSecureClient(true, user->GetClientAddress(), user->GetServerAddress(), user->GetServerAddressSize(), auth);
...
cl_sec->GetCiphering()->SetFrameCounter(ic);
First connection establishment was successfull because we had new meter with default value of invocation counter zero. After first connection value of invocation counter stored in meter was incremented and all other attempts were unsucesfull.
Hi Jan,
Hi Jan,
You can connect with client example.
https://github.com/Gurux/Gurux.DLMS.cpp/tree/master/GuruxDLMSClientExam…
Yo need to update keys. They are hardcoded in the current version. You can do it like this:
m_Parser->GetCiphering()->SetAuthenticationKey();
m_Parser->GetCiphering()->SetBlockCipherKey();
BR,
Mikko
Should I change also
Should I change also CGXDLMSClient::m_Settings::GetPassword() or no ?
Hi,
Hi,
You need to change the password if you are using Low authentication. GMac is not using the password.
Check also system title if connection fails.
m_Parser->GetCiphering()->SetSystemTitle()
BR,
Mikko
Connection succeeded at first
Connection succeeded at first. Now I am trying it again and it fails even when all data sent to meter are same.
Just little hint for better security you should make CToS more random. It seems it is same if I run program repeatedly. For your info. Because I am using C++2003 compiler i had to rewrite some parts of Gurux library to be compatible with old compiler. Maybe the behaviour is different under C++11 compiler.
[11:09:47:330] - Open port COM8 (E:\Projects\mdex\dlms\bin\dlms.exe)
[11:09:50:585] Written data (COM8)
7e a0 07 21 25 93 ec d0 7e
[11:09:50:624] Read data (COM8)
7e a0 20 25 21 73 91 eb 81 80 14 05 02 00 80 06
02 00 80 07 04 00 00 00 01 08 04 00 00 00 01 ce
6a 7e
[11:09:50:656] Written data (COM8)
7e a0 6b 21 25 10 af 68 e6 e6 00 60 5d a1 09 06
07 60 85 74 05 08 01 03 a6 0a 04 08 41 42 43 44
45 46 47 48 8a 02 07 80 8b 07 60 85 74 05 08 02
05 ac 12 80 10 5a 82 e6 42 88 cd bb 0f a4 96 2c
de f3 5f 3c 50 be 23 04 21 21 1f 30 00 00 00 00
a7 7c 98 f2 b1 e1 7f 2e 1a 30 22 fc 9b b9 2d 44
62 26 6e 6d 0f b3 86 59 49 94 55 d1 7e
DLMS_PDU[96] {** ApplicationAssociationRequest **}
ApplicationAssociationRequest Sequence
[1] application-context-name
ObjectIdentifier ::= SequenceOf 6 Element(s)
0: Unsigned32 = 96 (0x00000060) {** joint-iso-ccitt, country **}
1: Unsigned32 = 756 (0x000002F4) {** country-name **}
2: Unsigned32 = 5 (0x00000005) {** identified-organization **}
3: Unsigned32 = 8 (0x00000008) {** DLMS-UA **}
4: Unsigned32 = 1 (0x00000001) {** application-context **}
5: Unsigned32 = 3 (0x00000003) {** Logical_Name_Referencing_with_ciphering **}
[6] calling-AP-title
AP_Title[8] = 4142434445464748 (ABCDEFGH)
[10] sender-ACSE-Requirements
BitString[1] = 1
[11] mechanism-name
ObjectIdentifier ::= SequenceOf 6 Element(s)
0: Unsigned32 = 96 (0x00000060) {** joint-iso-ccitt, country **}
1: Unsigned32 = 756 (0x000002F4) {** country-name **}
2: Unsigned32 = 5 (0x00000005) {** identified-organization **}
3: Unsigned32 = 8 (0x00000008) {** DLMS-UA **}
4: Unsigned32 = 2 (0x00000002) {** authentication_mechanism_name **}
5: Unsigned32 = 5 (0x00000005) {** COSEM_high_level_security_mechanism_name_using_GMAC **}
[12] authentication-value
AuthenticationValue[0] {** char-string **}
VisibleString[16] = ????... (5A82E64288CDBB0FA4962CDEF35F3C50)
[30] user-information (InitiateRequest)
OctetString[33] = 211F3000000000A77C98F2B1E17F2E1A3022FC9BB92D4462266E6D0FB386594994
DLMS_PDU[33] {** Global Ciphered InitiateRequest **}
OctetString[31] = 3000000000A77C98F2B1E17F2E1A3022FC9BB92D4462266E6D0FB386594994
[11:09:50:800] Read data (COM8)
7e a0 2f 25 21 30 f7 29 e6 e7 00 61 82 00 1f a1
09 06 07 60 85 74 05 08 01 03 a2 03 02 01 01 a3
05 a1 03 02 01 0d be 06 04 04 0e 01 06 00 cf b8
7e
DLMS_PDU[97] {** ApplicationAssociationResponse **}
ApplicationAssociationResponse Sequence
[1] application-context-name
ObjectIdentifier ::= SequenceOf 6 Element(s)
0: Unsigned32 = 96 (0x00000060) {** joint-iso-ccitt, country **}
1: Unsigned32 = 756 (0x000002F4) {** country-name **}
2: Unsigned32 = 5 (0x00000005) {** identified-organization **}
3: Unsigned32 = 8 (0x00000008) {** DLMS-UA **}
4: Unsigned32 = 1 (0x00000001) {** application-context **}
5: Unsigned32 = 3 (0x00000003) {** Logical_Name_Referencing_with_ciphering **}
[2] result
AssociationResult = 1 (rejected-permanent)
[3] result-source-diagnostic
AssociateSourceDiagnostic[1] {** AcseServiceUser **}
Integer8 = 13 (0x0D) (authentication-failure)
[30] user-information (InitiateResponse)
OctetString[4] = 0E010600
DLMS_PDU[14] {** confirmedServiceError **}
ConfirmedServiceError[1] {** initiateError **}
ServiceError[6] {** initiate **}
Enumerated = 0 (Initiate service error)
Thank you for all your
Thank you for all your advices.
Re last post: Problem was that I was not setting invocation counter parameter during creation of secure connection. I had to first connect using public client (client address = 16) and read value of invocation counter from register 0.1.43.1.1.255. Then I use this value for second (secure) connection:
cl = new CGXDLMSSecureClient(true, user->GetClientAddress(), user->GetServerAddress(), user->GetServerAddressSize(), auth);
...
cl_sec->GetCiphering()->SetFrameCounter(ic);
First connection establishment was successfull because we had new meter with default value of invocation counter zero. After first connection value of invocation counter stored in meter was incremented and all other attempts were unsucesfull.
Hi Ján,
Hi Ján,
We have added -C and -v parameters for client example for this reason.
BR,
Mikko