Symmetric Ciphering

Oh, that's interesting. But can you tell, what main difference between server with TCP and optical port connection? I only have to use GXSerial instead GXNet and use special initializing method with serial settings or do something else? Can you, if it's not difficult, show important part of code in this case. Thank you very much.

Hello Mr Mikko,

In example of server we have only password checking method for low level of authentication and a comment about hige level, which will be checking on next step. Either this step is what we define in client or we have to describe the high authentication functionality in special method in server class?

Thank you

Hello, Mr Mikko,

I've implemented secured server and initialized it like this:

public void initializer(String portName) throws Exception{

media = new GXSerial();
media.setPortName(portName); //the same port that client has
media.setBaudRate(gurux.io.BaudRate.BAUD_RATE_9600);
media.setDataBits(8);
media.setParity(Parity.NONE);
media.setStopBits(StopBits.ONE);
media.setWriteTimeout(5000);

media.setTrace(TraceLevel.VERBOSE);
media.addListener(this);
media.open();

addAutoAnswer();
addFrameCounter();
addLogicalDeviceName();
addMacAddressSetup();
addClock();
addRegister();

super.initialize();
}

Then I ran my server and my client an Server wrote smth like this:
18:16:54 INFO OPENING
18:16:54 INFO Settings: Port: /dev/ttyUSB0 Baud Rate: BAUD_RATE_9600 Data Bits: 8 Parity: NONE Stop Bits: ONE Eop:None
18:16:54 INFO OPEN
Public server on port
18:16:57 RECEIVED 7E
18:16:57 RECEIVED 7E
18:16:57 RECEIVED A0 54 07 03 30 A7 15 E6 E7
18:18:37 RECEIVED 7E
18:18:37 RECEIVED A0 07 07 03 73 E3 95 7E
18:19:27 RECEIVED 7E
18:19:27 RECEIVED A0 07 07 03 73 E3 95

And client wrote:

Client address: 0x3
TestServer address: 0x1
Authentication: HighGMac
Security Suite: AES_GCM_128
TestServer System Title []
Security: AUTHENTICATION_ENCRYPTION
Client system Title: []
Data send failed. Try to resend 1/3
Data send failed. Try to resend 2/3
Data send failed. Try to resend 3/3
Failed to receive reply from the device in given time.

Help me, please. What can be wrong?
Thank you.

Hello, Mr. Mikko,

Thank you a lot, I've got the correct data (three allowed objects) with public client.

But I still have an issue with realization of General glo ciphering with Gurux library for Installer/Maintainer client. My manufacturer sent me an example of request but if even I send it to meter directly and get correct response, I can't to parse this reply with parseAareResponse method because I get an error "Invalid tag". The same with aarqRequest method, I get response from meter with tag, that not parse with the corresponding method, because, as I think, it has tag that not to realized.

My manufacturer writes me that I must send AARQ with APDU which in xml looks like this:
<GeneralGloCiphering>
<SystemTitle Value="" />
<CipheredService Value="3000000002D......" />(31 bytes value)
</GeneralGloCiphering>
And then it must be decripted with system like next one:
01 00 00 00 06 5F 1F 04 00 40 10 19 FF FF
It is possible to realized it with Gurux Library?
Is there a possibility to add the new tag <GeneralGloCiphering> for correct parsing?

Thank you

Hello, Mr. Mikko

Yes, I call GXDLMSClient.GetData to get PDU from recived bytes. I've checked key and it's correct, then I checked system title(client title) and recepient title(server title) and there're correct too. And finally I've checked invocation (frame) counter and its value is correct. But when I send AARQ with gurux library method like this:

reply.clear();
curClient.readDLMSPacket(secureClient.aarqRequest()[0], reply);
secureClient.parseAareResponse(reply.getData());

I get "null" error with next trace:
<- 12:05:41 7E A0 07 03 07 93 EC 76 7E
-> 12:05:41 7E A0 07 07 03 73 E3 95 7E
<- 12:05:41 7E A0 6B 03 07 10 AF CE E6 E6 00 60 5D A1 09 06 07 60 85 74 05 08 01 03 A6 0A 04 08 49 4E 53 54 41 4C 4C 45 8A 02 07 80 8B 07 60 85 74 05 08 02 05 AC 12 80 10 5B 50 07 2C 5C 2E 46 34 4B 2D 69 37 3F 09 53 27 BE 23 04 21 21 1F 30 00 00 00 03 09 32 61 AE 46 ED 29 D2 59 88 C3 0F 3B 42 9D 06 69 14 2A FE D9 85 D3 4B 06 F9 67 80 7E
-> 12:05:41 7E A0 54 07 03 30 A7 15 E6 E7 00 61 46 A1 09 06 07 60 85 74 05 08 01 03 A2 03 02 01 01 A3 05 A1 03 02 01 06 89 07 60 85 74 05 08 02 05 AA 12 80 10 F6 72 4B 5B B9 99 47 C4 81 09 12 66 FE 40 95 96 BE 10 04 0E 08 00 06 5F 1F 04 00 40 02 9D 00 E5 00 07 30 27 7E

If I send request in hex that looks like my manufacturer want to:

reply.clear();
curClient.readDLMSPacket(request, reply);// request is copy of necessary hex request converted to bytes
secureClient.parseAareResponse(reply.getData());

I get "Connection is permanently rejected. No reason is given."

And next trace:
<- 12:18:18 7E A0 07 03 07 93 EC 76 7E
-> 12:18:18 7E A0 07 07 03 73 E3 95 7E
<- 12:18:18 7E A0 67 03 07 10 9B 59 E6 E6 00 60 59 A1 09 06 07 60 85 74 05 08 01 03 A6 0A 04 08 49 4E 53 54 41 4C 4C 45 89 01 64 8A 02 07 80 8B 07 60 85 74 05 08 02 05 AC 0A 80 08 99 36 61 18 3D D0 2C E8 BE 24 04 22 DB 00 1F 30 00 00 00 02 D0 F5 2D F6 14 FC B2 A2 64 7E 28 68 8F D7 44 DB C4 A3 87 50 67 8D 75 FD 22 D6 E0 E0 7E
-> 12:18:19 7E A0 64 07 03 30 55 59 E6 E7 00 61 56 A1 09 06 07 60 85 74 05 08 01 03 A2 03 02 01 00 A3 05 A1 03 02 01 00 88 02 07 80 89 07 60 85 74 05 08 02 05 AA 0A 80 08 42 90 14 2A F1 61 6B 8D BE 24 04 22 DB 00 1F 30 00 00 00 49 70 68 18 BF BF A6 80 E2 75 AA 5C 04 85 DB 14 8A 43 2D 13 7A 86 96 7D 60 71 D2 D8 C2 7E

I think, maybe it could be sent ciphered APDU for AARQ. Or ciphered service value is wrong. I don't sure, what to do next.

Can this issue be solved?

Thank you very much.