Add support for KNX data secure (#66)

* initial comic

* save work

* Handle SystemBroadcast and Broadcast for TP and IP

* Rework

* Fix comment

* save work

* save work

* save work

* save work

* save work

* Restore old broadcast structure

* Readd systembroadcast methods

* Make sure that services from SystemBroadcast are also available from Broadcast on closed media

* save work

* Save work

* save work

* Save work

* save work

* save work

* save work

* save work

* save work

* Change maximum number of elements for the key tables, etc.

* save work

* First working seqno sync with ETS

* save work

* save work

* save work

* save work

* save work

* save work

* Remove magic value and add comment

* save work

* Extend restart and masterreset for factory reset

* save work

* First working secure broadcast mode with IA programming

* Add FunctionPropertyExt* AL services

* Fix FunctionPropertyExt*. Working T_DATA_CONNECTED with FunctionPropertyExt*.

* Add PropertyValueExt* AL services. Handle master reset in AL service RESTART.

* Fix FunctionPropertyExtStateRead, fix restart. MILESTONE: Working physical programming of IA and toolkey with confirmed restart. Reading deviceinfos working.

* Handle PDT_CONTROL in FunctionPropertyExt*

* Fix FunctionPropertyExt* and FunctionProperty for PDT_CONTROL

* Change comment.

* save work

* save work

* Add group object security handling

* Move map to own file

* use simple_map

* Include simple_map.h in CmakeFile

* Move code from header to source file

* Remove obsolete code

* MILESTONE: working programming of secure device with IA and tables

* cleanup

* bugfix

* flashSize must be big enough. Security IF object contains a lot more data.

* Merge master into feat_datasecure

* Revert "Merge master into feat_datasecure"

This reverts commit 0c8358692a.

* Revert "Revert "Merge master into feat_datasecure""

This reverts commit aa59253785.

* Bugfixes

* cleanup

* cleanup

* Add printing of uint64_t

* Don't compile secapplayer if data secure not enabled

* pin platform for ESP8266 to specific version

* SecIfObject: save/restore required for persisting STATE. Bugfix: use correct PID for group key table

* Cleanup comment and debug output

* Further cleanup.

* Refactor master reset

* Remove unused IP data link layer test code

* Only reset TOOL kkey to FDSK on factory reset

* Modify .gitignore and remove vscode config file

* Correct comment

* Handle SBC flag (systembroadcast) in SCF field. Couplers between open and closed media need this.

* Remove code that slipped in.

examples/knx-demo/.gitignore

@@ -1,5 +1,2 @@
 .pio
-.vscode/.browse.c_cpp.db*
-.vscode/c_cpp_properties.json
-.vscode/launch.json
-.vscode/ipch
+.vscode

examples/knx-demo/.vscode/extensions.json

@@ -1,7 +0,0 @@
-{
-	// See http://go.microsoft.com/fwlink/?LinkId=827846
-	// for the documentation about the extensions.json format
-	"recommendations": [
-		"platformio.platformio-ide"
-	]
-}

examples/knx-demo/platformio-ci.ini

@@ -26,7 +26,7 @@ build_flags =
 
 ;--- ESP8266 -----------------------------------------------
 [env:nodemcuv2]
-platform = espressif8266
+platform = espressif8266@2.2.3
 board = nodemcuv2
 framework = arduino
 lib_deps =

examples/knx-demo/platformio.ini

@@ -35,7 +35,7 @@ build_flags =
 
 ;--- ESP8266 -----------------------------------------------
 [env:nodemcuv2]
-platform = espressif8266
+platform = espressif8266@2.2.3
 board = nodemcuv2
 framework = arduino
 ; We consider that the this projects is opened within its project directory
@@ -43,7 +43,7 @@ framework = arduino
 lib_extra_dirs = ../../../
 
 lib_deps =
-  WifiManager
+  WifiManager@0.15.0
   knx
 
 build_flags =

examples/knx-linux/CMakeLists.txt

@@ -4,7 +4,10 @@ set(LIBRARIES_FROM_REFERENCES "")
 add_executable(knx-linux 
 	../../src/knx/address_table_object.cpp 
 	../../src/knx/address_table_object.h
-	../../src/knx/apdu.cpp 
+        ../../src/knx/aes.c
+        ../../src/knx/aes.h
+        ../../src/knx/aes.hpp
+        ../../src/knx/apdu.cpp
 	../../src/knx/apdu.h
 	../../src/knx/application_layer.cpp 
 	../../src/knx/application_layer.h
@@ -42,7 +45,8 @@ add_executable(knx-linux
 	../../src/knx/dpt.h
 	../../src/knx/dptconvert.cpp
 	../../src/knx/dptconvert.h
-	../../src/knx/group_object.cpp 
+        ../../src/knx/function_property.h
+        ../../src/knx/group_object.cpp
 	../../src/knx/group_object.h
 	../../src/knx/group_object_table_object.cpp 
 	../../src/knx/group_object_table_object.h
@@ -87,6 +91,12 @@ add_executable(knx-linux
 	../../src/knx/rf_medium_object.h
 	../../src/knx/rf_physical_layer.cpp
 	../../src/knx/rf_physical_layer.h
+        ../../src/knx/secure_application_layer.cpp
+        ../../src/knx/secure_application_layer.h
+        ../../src/knx/security_interface_object.cpp
+        ../../src/knx/security_interface_object.h
+        ../../src/knx/simple_map.h
+        ../../src/knx/table_object.cpp
         ../../src/knx/save_restore.h
 	../../src/knx/table_object.cpp
 	../../src/knx/table_object.h
@@ -102,6 +112,8 @@ add_executable(knx-linux
 	../../src/knx_facade.h
 	../../src/linux_platform.cpp 
 	../../src/linux_platform.h
+        fdsk.cpp
+        fdsk.h
 	main.cpp)
 target_link_libraries(knx-linux  "${LIBRARIES_FROM_REFERENCES}")
 include_directories(../../src)

examples/knx-linux/fdsk.cpp

@@ -0,0 +1,196 @@
+#include "fdsk.h"
+
+#include <string.h>
+
+// CRC-4 generator polynom: 10011 (x^4+x+1)
+const uint8_t FdskCalculator::crc4_tab[16] =
+{
+    0x0, 0x3, 0x6, 0x5, 0xc, 0xf, 0xa, 0x9,
+    0xb, 0x8, 0xd, 0xe, 0x7, 0x4, 0x1, 0x2
+};
+
+int FdskCalculator::snprintFdsk(char* str, int strSize, uint8_t* serialNumber, uint8_t* key)
+{
+    char* tmpStr = generateFdskString(serialNumber, key);
+    int written = 0;
+
+    for (int i = 0; i < 36; i++)
+    {
+        if (((i % 6) == 0) && (i!=0))
+        {
+            *(str+written++) = '-';
+            if (written >= strSize-1)
+                break;
+        }
+        *(str+written++) = tmpStr[i];
+        if (written >= strSize-1)
+            break;
+    }
+
+    *(str+written++) = '\0';
+
+    delete[] tmpStr;
+
+    return written;
+}
+
+char* FdskCalculator::generateFdskString(uint8_t* serialNumber, uint8_t* key)
+{
+    uint8_t buffer[6 + 16 + 1]; // 6 bytes serialnumber + 16 bytes key + 1 byte placeholder for crc-4
+    memcpy(&buffer[0], serialNumber, 6);
+    memcpy(&buffer[6], key, 16);
+    buffer[22] = (crc4Array(buffer, sizeof(buffer)-1)<<4) &0xFF;
+
+    uint8_t* outEncoded = nullptr;
+    toBase32(buffer, sizeof(buffer), outEncoded, false);
+
+    return (char*)outEncoded;
+}
+
+int FdskCalculator::ceil(float num)
+{
+    int inum = (int)num;
+    if (num == (float)inum) {
+        return inum;
+    }
+    return inum + 1;
+}
+
+int FdskCalculator::toBase32(uint8_t* in, long length, uint8_t*& out, bool usePadding)
+{
+  char base32StandardAlphabet[] = {"ABCDEFGHIJKLMNOPQRSTUVWXYZ234567"};
+  char standardPaddingChar = '=';
+
+  int result = 0;
+  int count = 0;
+  int bufSize = 8;
+  int index = 0;
+  int size = 0; // size of temporary array
+  uint8_t* temp = nullptr;
+
+  if (length < 0 || length > 268435456LL)
+  {
+    return 0;
+  }
+
+  size = 8 * ceil(length / 4.0); // Calculating size of temporary array. Not very precise.
+  temp = new uint8_t[size];
+
+  if (length > 0)
+  {
+    int buffer = in[0];
+    int next = 1;
+    int bitsLeft = 8;
+
+    while (count < bufSize && (bitsLeft > 0 || next < length))
+    {
+      if (bitsLeft < 5)
+      {
+        if (next < length)
+        {
+          buffer <<= 8;
+          buffer |= in[next] & 0xFF;
+          next++;
+          bitsLeft += 8;
+        }
+        else
+        {
+          int pad = 5 - bitsLeft;
+          buffer <<= pad;
+          bitsLeft += pad;
+        }
+      }
+      index = 0x1F & (buffer >> (bitsLeft -5));
+
+      bitsLeft -= 5;
+      temp[result] = (uint8_t)base32StandardAlphabet[index];
+      result++;
+    }
+  }
+
+  if (usePadding)
+  {
+    int pads = (result % 8);
+    if (pads > 0)
+    {
+      pads = (8 - pads);
+      for (int i = 0; i < pads; i++)
+      {
+        temp[result] = standardPaddingChar;
+        result++;
+      }
+    }
+  }
+
+  out = new uint8_t[result];
+
+  memcpy(out, temp, result);
+  delete [] temp;
+
+  return result;
+}
+
+int FdskCalculator::fromBase32(uint8_t* in, long length, uint8_t*& out)
+{
+  int result = 0; // Length of the array of decoded values.
+  int buffer = 0;
+  int bitsLeft = 0;
+  uint8_t* temp = NULL;
+
+  temp = new uint8_t[length]; // Allocating temporary array.
+
+  for (int i = 0; i < length; i++)
+  {
+    uint8_t ch = in[i];
+
+    // ignoring some characters: ' ', '\t', '\r', '\n', '='
+    if (ch == 0xA0 || ch == 0x09 || ch == 0x0A || ch == 0x0D || ch == 0x3D)
+        continue;
+
+    // recovering mistyped: '0' -> 'O', '1' -> 'L', '8' -> 'B'
+    if (ch == 0x30)
+    {
+        ch = 0x4F;
+    }
+    else if (ch == 0x31)
+    {
+        ch = 0x4C;
+    }
+    else if (ch == 0x38)
+    {
+        ch = 0x42;
+    }
+
+
+    // look up one base32 symbols: from 'A' to 'Z' or from 'a' to 'z' or from '2' to '7'
+    if ((ch >= 0x41 && ch <= 0x5A) || (ch >= 0x61 && ch <= 0x7A))
+    {
+        ch = ((ch & 0x1F) - 1);
+    }
+    else if (ch >= 0x32 && ch <= 0x37)
+    {
+        ch -= (0x32 - 26);
+    }
+    else {
+        delete [] temp;
+        return 0;
+    }
+
+    buffer <<= 5;
+    buffer |= ch;
+    bitsLeft += 5;
+    if (bitsLeft >= 8)
+    {
+      temp[result] = (unsigned char)((unsigned int)(buffer >> (bitsLeft - 8)) & 0xFF);
+      result++;
+      bitsLeft -= 8;
+    }
+  }
+
+  out = new uint8_t[result];
+  memcpy(out, temp, result);
+  delete [] temp;
+
+  return result;
+}
+

examples/knx-linux/fdsk.h

@@ -0,0 +1,37 @@
+#pragma once
+
+#include <stdint.h>
+
+class FdskCalculator
+{
+  public:
+    int snprintFdsk(char* str, int strSize, uint8_t* serialNumber, uint8_t* key);
+
+  private:
+    char* generateFdskString(uint8_t* serialNumber, uint8_t* key);
+
+    int toBase32(uint8_t* in, long length, uint8_t*& out, bool usePadding);
+    int fromBase32(uint8_t* in, long length, uint8_t*& out);
+
+    uint8_t crc4Array(uint8_t* data, uint8_t len) {
+        uint8_t start = 0;
+        for (uint8_t i = 0; i <len; i++)
+        {
+            start = crc4(start, data[i]);
+        }
+        return start;
+    }
+
+    uint8_t crc4(uint8_t c, uint8_t x) {
+        uint8_t low4Bits = x & 0x0F;
+        uint8_t high4Bits = x >> 4;
+        c = crc4_tab[c ^ high4Bits];
+        c = crc4_tab[c ^ low4Bits];
+
+        return c;
+    }
+
+    int ceil(float num);
+
+    static const uint8_t crc4_tab[16];
+};

examples/knx-linux/main.cpp

@@ -14,6 +14,8 @@
 #include <sched.h>
 #include <sys/mman.h>
 
+#include "fdsk.h"
+
 volatile sig_atomic_t loopActive = 1;
 void signalHandler(int sig)
 {
@@ -119,6 +121,14 @@ int main(int argc, char **argv)
 {
     printf("main() start.\n");
 
+    uint8_t serialNumber[] = { 0x00, 0xFA, 0x01, 0x02, 0x03, 0x04};
+    uint8_t key[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F};
+
+    FdskCalculator calc;
+    char fdskString[42]; // 6 * 6 chars + 5 dashes + nullbyte = 42
+    calc.snprintFdsk(fdskString, sizeof(fdskString), serialNumber, key);
+    printf("FDSK: %s\n", fdskString);
+
     // Prevent swapping of this process
     struct sched_param sp;
     memset(&sp, 0, sizeof(sp));