/
msg.py
363 lines (333 loc) · 16 KB
/
msg.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
# SolarEdge message protocol
import struct
import os
import time
import logging
import datetime
import se.logutils
import binascii
from builtins import bytes
from Crypto.Cipher import AES
from Crypto.Random import random
logger = logging.getLogger(__name__)
sleepInterval = .1
# Hard coded last0503.msg file. os module used to find full path to calling msg.py file, then removes the se part so it's essentially the root of solaredge (where semonitor.py lives)
LAST0503FILE = os.path.dirname(os.path.realpath(__file__)).replace('/'+ __name__.split(".")[0], '') + "/last0503.msg"
class SECrypto:
def __init__(self, key, msg0503):
"""
Initialise a SolarEdge communication decryption object.
key: a 16-byte string which consists of the values of
parameters 0239, 023a, 023b, and 023c.
msg0503: a 34-byte string with the contents of a 0503 message.
"""
# Get the current time in human readable form so a human can ready the last0503.msg file and know when it was last updated
curtime = datetime.datetime.now()
mystrtime = curtime.strftime("%Y-%m-%d %H:%M:%S")
# Create a key by encrypting the data from Solar Edge with our key)
enkey1 = bytes(AES.new(key).encrypt(msg0503[:16]))
# Store the 0503 message in a hex string
hex_msg0503 = binascii.hexlify(msg0503)
# Format the line in the last0503.msg file
# Format is: String Timestamp (for us humans),Epoch in seconds (for easy math),hex encoded previous message
outstr = mystrtime + "," + str(int(time.time())) + "," + str(hex_msg0503)
# Write the outstr to the last0503.msg file, clobbering the previous (hence 'w' write mode)
ko = open(LAST0503FILE, "w")
ko.write(outstr)
ko.close
# self.cipher is an AES object
self.cipher = AES.new(bytes(list((enkey1[i] ^ msg0503[i + 16] for i in range(16)))))
self.encrypt_seq = random.randint(0, 0xffff)
def crypt(self, msg003d):
"""
msg003d: the contents of the 003d message to crypt, as bytes.
Returns the new list
"""
msg003d = list(msg003d)
rand1 = list(msg003d[:16])
pos = 16
while pos < len(msg003d):
if not pos % 16:
rand = bytes(self.cipher.encrypt(bytes(rand1)))
for posc in range(15, -1, -1):
rand1[posc] = (rand1[posc] + 1) & 0xff
if rand1[posc]:
break
msg003d[pos] ^= rand[pos % 16]
pos += 1
return msg003d
def decrypt(self, msg003d):
"""
msg003d: the contents of the 003d message to decrypt, as string.
Returns a tuple(int(sequenceNumber), bytes(data)).
"""
msg003d = self.crypt(msg003d)
for i in range(len(msg003d) - 22):
msg003d[i + 22] ^= msg003d[18 + (i & 3)]
return (msg003d[16] + (msg003d[17] << 8), bytes(msg003d[22:]))
def encrypt(self, msg):
"""
msg: the contents of the data to encrypt, as string.
Returns the data encrypted.
"""
self.encrypt_seq = (self.encrypt_seq + 1) & 0xffff
rand1 = [random.randint(0, 255) for x in range(16)]
rand2 = [random.randint(0, 255) for x in range(4)]
seqnr = [self.encrypt_seq & 0xff, self.encrypt_seq >> 8 & 0xff]
msg003d = rand1 + seqnr + rand2 + msg
for i in range(len(msg)):
msg003d[i + 22] ^= msg003d[18 + (i & 3)]
return self.crypt(msg003d)
# cryptography object variable and global indicator if the load of last0503.msg was attempted
cipher = None
bcipher = False
# message constants
magic = b"\x12\x34\x56\x79"
magicLen = len(magic)
msgHdrLen = 16
checksumLen = 2
# message debugging sequence numbers
dataInSeq = 0
dataOutSeq = 0
# return the next message
def readMsg(inFile, recFile, mode):
global dataInSeq
dataInSeq += 1
msg = b""
eof = False
if not (mode.passiveMode or (mode.serialType == 4)):
# active mode that is not rs485
# read the magic number and header
msg = readBytes(inFile, recFile, magicLen + msgHdrLen, mode)
if not msg: # end of file
return (msg, True)
(dataLen, dataLenInv, msgSeq, fromAddr, toAddr, function) = \
struct.unpack("<HHHLLH", msg[magicLen:])
# read the data and checksum
msg += readBytes(inFile, recFile, dataLen + checksumLen, mode)
msg = msg[magicLen:] # strip the magic number from the beginning
else:
# passive mode or rs485
# read 1 byte at a time until the next magic number
while msg[-magicLen:] != magic:
nextByte = readBytes(inFile, recFile, 1, mode)
if not nextByte: # end of file
eof = True
msg += magic # append a magic number to end the loop
else:
msg += nextByte
msg = msg[:-magicLen] # strip the magic number from the end
if len(msg) > 0: # don't log zero length messages
logger.message("-->", dataInSeq, magic + msg, inFile.name)
return (msg, eof)
# return the specified number of bytes
def readBytes(inFile, recFile, length, mode):
try:
inBuf = bytes(inFile.read(length))
if not inBuf: # end of file
if mode.following:
# wait for more data
while not inBuf:
time.sleep(sleepInterval)
inBuf = inFile.read(length)
recordMsg(inBuf, recFile)
return inBuf
# treat exceptions as end of file
except Exception as ex:
logger.info("Exception while reading data: "+str(ex))
return b""
# A function to attempt to load the the rotating key from the last0503.msg file
def loadRotKey(keyStr):
global cipher
mydata = ""
# First try the file operation, if this doesn't work, no big deal, we just don't load the key, but we do log the attempt
try:
ki = open(LAST0503FILE, "r")
mydata = ki.read()
ki.close()
except:
logger.data("Could not open last0503.msg file, not loading")
# If the try block doing the file operation was successful, mydata will now not be blank, so we try to operate on it.
if mydata:
# These are the variables where we keep the last load time and the last key data
lastsave = 0
lastkey = b""
# We attempt to load the file and split the contents. If this try fails, we assume the file to have been corrupted (manual edit etc) and we give up, not loading the key
try:
lastsave = int(mydata.split(",")[1])
lastkey = mydata.split(",")[2].strip()
except:
logger.data("last0503.msg not in proper format - not loading")
# If we have both a last load time and data in our variables, we assume the try block succeeded and we do some more validation
if lastsave != 0 and lastkey:
# First we check the time, if the last load time is more than 24 hours ago, we give up. No point in trying decryption with an old key
curtime = int(time.time())
if curtime - lastsave <= 86400: #86400 seconds is 24 hours 60 secs * 60 min * 24 hours
# Now we check that our key is indeed 68 characters. If it is not we give up and don't load
if len(lastkey) == 68: # Check to ensure its 68 characters
logger.data("Attempting to load data from last0503.msg")
# Our last try if this fails, we log an unknown error
try:
cipher = SECrypto(binascii.unhexlify(keyStr), binascii.unhexlify(lastkey))
logger.data("Rotated key from last0503.msg loaded successfully!")
except:
logger.data("Unknown error in loading rotating key. Not using")
else:
logger.data("Saved rotating key length not correct. Not using")
else:
logger.data("No data read from last0503.msg. Not loading")
# This function, since it works on the global cipher object, always returns true
# This return basically sets bcipher and tells the application we've already attempted to load the last0503.msg
# So even if cipher is still None, don't try to load from file again. There's no point. This should resolve itselve the next 0503 message that is loaded/saved
return True
# parse a message
def parseMsg(msg, keyStr=""):
global cipher
global bcipher
# If bcipher is False then we've not attempted to load the rotating key from the last0503.msg file.
# Also, we don't want to load from file if for some reason cipher is not None (it shouldn't be if bcipher is False)
# If bcipher is False and cipher is None, then try to load the rotating key. The result of the "attempt" to load the rotating key is stored in bcipher. The attempt is ALWAYS true
# The idea here is that we make one attempt to the load the file, and if it works, then cipher is no longer None and we can move on. Else, don't try loading again.
if bcipher == False and cipher is None:
bcipher = loadRotKey(keyStr)
if len(msg) < msgHdrLen + checksumLen: # throw out messages that are too short
logger.data("Threw out a message that was too short")
return (0, 0, 0, 0, b"")
else:
(msgSeq, fromAddr, toAddr, function, data) = validateMsg(msg)
# encryption key
if function == 0x0503:
if keyStr:
logger.data("Creating cipher object with key", keyStr)
cipher = SECrypto(binascii.unhexlify(keyStr), data)
return (msgSeq, fromAddr, toAddr, function, b"")
# encrypted message
elif function == 0x003d:
if cipher:
# decrypt the data and validate that as a message
logger.data("Decrypting message")
(seq, dataMsg) = cipher.decrypt(data)
if dataMsg[0:4] != magic:
logger.data("Invalid decryption key - Clearing Cipher")
cipher = None
return (0, 0, 0, 0, b"")
else:
(msgSeq, fromAddr, toAddr, function, data) = validateMsg(dataMsg[4:])
else: # don't have a key yet
logger.data("Decryption key not yet available")
return (0, 0, 0, 0, b"")
return (msgSeq, fromAddr, toAddr, function, data)
# parse the header and validate the message
def validateMsg(msg):
# message must be at least a header and checksum
if len(msg) < msgHdrLen + checksumLen:
logger.error("Message too short")
for l in se.logutils.format_data(msg):
logger.data(l)
return (0, 0, 0, 0, b"")
# parse the message header
(dataLen, dataLenInv, msgSeq, fromAddr, toAddr, function) = struct.unpack("<HHHLLH", msg[0:msgHdrLen])
logMsgHdr(dataLen, dataLenInv, msgSeq, fromAddr, toAddr, function)
# header + data + checksum can't be longer than the message
if msgHdrLen + dataLen + checksumLen > len(msg):
logger.error("Data length is too big for the message")
for l in se.logutils.format_data(msg):
logger.data(l)
return (0, 0, 0, 0, b"")
# data length must match inverse length
if dataLen != ~dataLenInv & 0xffff:
logger.error("Data length doesn't match inverse length")
for l in se.logutils.format_data(msg):
logger.data(l)
return (0, 0, 0, 0, b"")
data = msg[msgHdrLen:msgHdrLen + dataLen]
# discard extra bytes after the message
extraLen = len(msg) - (msgHdrLen + dataLen + checksumLen)
if extraLen != 0:
logger.data("Discarding %s extra bytes", extraLen)
for l in se.logutils.format_data(msg[-extraLen:]):
logger.data(l)
# validate the checksum
checksum = struct.unpack("<H", msg[msgHdrLen + dataLen:msgHdrLen + dataLen + checksumLen])[0]
calcsum = calcCrc(
struct.pack(">HLLH", msgSeq, fromAddr, toAddr, function) + data)
if calcsum != checksum:
logger.error("Checksum error. Expected 0x%04x, got 0x%04x" % (checksum, calcsum))
for l in se.logutils.format_data(msg):
logger.data(l)
return (0, 0, 0, 0, b"")
return (msgSeq, fromAddr, toAddr, function, data)
# format a message
def formatMsg(msgSeq, fromAddr, toAddr, function, data=b"", encrypt=True):
checksum = calcCrc(struct.pack(">HLLH", msgSeq, fromAddr, toAddr, function) + data)
msg = struct.pack("<HHHLLH", len(data), ~len(data) & 0xffff, msgSeq,
fromAddr, toAddr, function) + data + struct.pack("<H", checksum)
logMsgHdr(len(data), ~len(data) & 0xffff, msgSeq, fromAddr, toAddr, function)
if cipher and encrypt:
# encrypt the data and format that as a message
logger.data("Encrypting message")
msg = formatMsg((cipher.encrypt_seq+1000) & 0xffff,
0xfffffffd, 0xffffffff, 0x003d, cipher.encrypt(magic + msg), False)
return msg
# send a message
def sendMsg(dataFile, msg, recFile):
global dataOutSeq
dataOutSeq += 1
logger.message("<--", dataOutSeq, magic + msg, dataFile.name)
dataFile.write(magic + msg)
dataFile.flush()
recordMsg(magic + msg, recFile)
# write a message to the record file
def recordMsg(msg, recFile):
if recFile:
recFile.write(msg)
recFile.flush()
# crc calculation
#
# CRC-16 with the following parameters:
#
# width=16 poly=0x8005 init=0x5a5a refin=true refout=true xorout=0x0000
crcTable = [
0x0000, 0xc0c1, 0xc181, 0x0140, 0xc301, 0x03c0, 0x0280, 0xc241, 0xc601,
0x06c0, 0x0780, 0xc741, 0x0500, 0xc5c1, 0xc481, 0x0440, 0xcc01, 0x0cc0,
0x0d80, 0xcd41, 0x0f00, 0xcfc1, 0xce81, 0x0e40, 0x0a00, 0xcac1, 0xcb81,
0x0b40, 0xc901, 0x09c0, 0x0880, 0xc841, 0xd801, 0x18c0, 0x1980, 0xd941,
0x1b00, 0xdbc1, 0xda81, 0x1a40, 0x1e00, 0xdec1, 0xdf81, 0x1f40, 0xdd01,
0x1dc0, 0x1c80, 0xdc41, 0x1400, 0xd4c1, 0xd581, 0x1540, 0xd701, 0x17c0,
0x1680, 0xd641, 0xd201, 0x12c0, 0x1380, 0xd341, 0x1100, 0xd1c1, 0xd081,
0x1040, 0xf001, 0x30c0, 0x3180, 0xf141, 0x3300, 0xf3c1, 0xf281, 0x3240,
0x3600, 0xf6c1, 0xf781, 0x3740, 0xf501, 0x35c0, 0x3480, 0xf441, 0x3c00,
0xfcc1, 0xfd81, 0x3d40, 0xff01, 0x3fc0, 0x3e80, 0xfe41, 0xfa01, 0x3ac0,
0x3b80, 0xfb41, 0x3900, 0xf9c1, 0xf881, 0x3840, 0x2800, 0xe8c1, 0xe981,
0x2940, 0xeb01, 0x2bc0, 0x2a80, 0xea41, 0xee01, 0x2ec0, 0x2f80, 0xef41,
0x2d00, 0xedc1, 0xec81, 0x2c40, 0xe401, 0x24c0, 0x2580, 0xe541, 0x2700,
0xe7c1, 0xe681, 0x2640, 0x2200, 0xe2c1, 0xe381, 0x2340, 0xe101, 0x21c0,
0x2080, 0xe041, 0xa001, 0x60c0, 0x6180, 0xa141, 0x6300, 0xa3c1, 0xa281,
0x6240, 0x6600, 0xa6c1, 0xa781, 0x6740, 0xa501, 0x65c0, 0x6480, 0xa441,
0x6c00, 0xacc1, 0xad81, 0x6d40, 0xaf01, 0x6fc0, 0x6e80, 0xae41, 0xaa01,
0x6ac0, 0x6b80, 0xab41, 0x6900, 0xa9c1, 0xa881, 0x6840, 0x7800, 0xb8c1,
0xb981, 0x7940, 0xbb01, 0x7bc0, 0x7a80, 0xba41, 0xbe01, 0x7ec0, 0x7f80,
0xbf41, 0x7d00, 0xbdc1, 0xbc81, 0x7c40, 0xb401, 0x74c0, 0x7580, 0xb541,
0x7700, 0xb7c1, 0xb681, 0x7640, 0x7200, 0xb2c1, 0xb381, 0x7340, 0xb101,
0x71c0, 0x7080, 0xb041, 0x5000, 0x90c1, 0x9181, 0x5140, 0x9301, 0x53c0,
0x5280, 0x9241, 0x9601, 0x56c0, 0x5780, 0x9741, 0x5500, 0x95c1, 0x9481,
0x5440, 0x9c01, 0x5cc0, 0x5d80, 0x9d41, 0x5f00, 0x9fc1, 0x9e81, 0x5e40,
0x5a00, 0x9ac1, 0x9b81, 0x5b40, 0x9901, 0x59c0, 0x5880, 0x9841, 0x8801,
0x48c0, 0x4980, 0x8941, 0x4b00, 0x8bc1, 0x8a81, 0x4a40, 0x4e00, 0x8ec1,
0x8f81, 0x4f40, 0x8d01, 0x4dc0, 0x4c80, 0x8c41, 0x4400, 0x84c1, 0x8581,
0x4540, 0x8701, 0x47c0, 0x4680, 0x8641, 0x8201, 0x42c0, 0x4380, 0x8341,
0x4100, 0x81c1, 0x8081, 0x4040
]
def calcCrc(data):
crc = 0x5a5a # initial value
for d in data:
crc = crcTable[(crc ^ d) & 0xff] ^ (crc >> 8)
return crc
# formatted print a message header
def logMsgHdr(dataLen, dataLenInv, msgSeq, fromAddr, toAddr, function):
logger.data("dataLen: %04x", dataLen)
logger.data("dataLenInv: %04x", dataLenInv)
logger.data("sequence: %04x", msgSeq)
logger.data("source: %08x", fromAddr)
logger.data("dest: %08x", toAddr)
logger.data("function: %04x", function)