Hello,
Some of our meters take invocation/Frame counter very seriously :( and we can't establish an HLS connection if the counter is less than what is already stored in the meter. For other meters, it's not a problem (both different manufacturers).
How can we set the invocation counter while creating a secure client? I couldn't find any method to set it while creating an instance of GXDLMSSecureClient.
Below is the code we are using:
GXDLMSSecureClient client = new GXDLMSSecureClient();
client.setInterfaceType(InterfaceType.WRAPPER);
client.setUseLogicalNameReferencing(true);
client.setAuthentication(authentication); //HIGH_GMAC
client.setClientAddress(clientAddress); //1
client.setServerAddress(logicalDeviceAddress); //1
client.setUserId(userId); //1
client.setPassword(Util.hexStringToByteArray(hexPassword)); //12345678
client.getCiphering().setSecurity(security); //Authentication_Encryption
client.getCiphering().setAuthenticationKey(Util.hexStringToByteArray(hexAuthenticationKey)); //D0D1D2D3D4D5D6D7D8D9DADBDCDDDEDF
client.getCiphering().setBlockCipherKey(Util.hexStringToByteArray(hexBlockCipherKey)); //000102030405060708090A0B0C0D0E0F
client.getCiphering().setSecuritySuite(SecuritySuite.AES_GCM_128);
The above code works for meter simulators from DNV-GL but not the actual meter from for example Elster. With some trial and error with the Gurux director, I could identify that the DNV-GL meter simulator would work with even an improper invocation counter but the Elster meter.
Is there any way to pass the invocation/frame counter ot specify it to read automatically from the meter.
GXDLMSDirector reads the invocation counter automatically from the meter. You need to read the data object where the invocation counter is saved and update it to the client.
We'll update example clients for this. In the meantime, you need to do it by yourself.
Check GXDLMSCommunication.cs and find:
//Read frame counter if GeneralProtection is used.
Hi Mikko,
Could you please do let me know in which project the file is in. Using the find file GitHub feature I have looked in all the Gurux projects in GitHub, but I couldn't find any file name GXDLMSCommunication.cs
BR
Pramod
Dear Mikko,
I tried to establish the connection as per the example and some other trial and errors. Unfortunately, I was unable to establish the connection using the Gurux Java Library. I have translated the messages and apart from the encrypted content and cypher I have observed two differences:
a. While sending the first AARQ message there is <CallingAEInvocationId Value="1" /> which is not present in the AARQ created by the Gurux director.
b. In the reply from the meter for the AARQ message(2nd message), under ResultSourceDiagnostic the value of ACSEServiceUser is 0E( <ACSEServiceUser Value="0E" />) incase of the java library and 14 incase of Gurux director. Will these make a difference while establishing the connection.
I am using the latest version of the libraries available in the Maven central repository.
Below is the communication trace from the Gurux Director:
Sent 00 01 00 01 00 01 00 5F 60 5D A1 09 06 07 60 85 74 05 08 01 03 A6 0A 04 08 43 4C 49 45 4E 54 00 00 8A 02 07 80 8B 07 60 85 74 05 08 02 05 AC 12 80 10 33 6A 4F 36 3A 56 14 5F 0D 43 44 3D 1F 62 72 53 BE 23 04 21 21 1F 30 00 00 75 84 A3 E2 66 9F 41 24 C0 B0 D8 89 4B E2 C0 1D 04 6B 3E A3 A4 DE 49 16 38 37 FA 9C
Received 00 01 00 01 00 01 00 6B 61 69 A1 09 06 07 60 85 74 05 08 01 03 A2 03 02 01 00 A3 05 A1 03 02 01 0E A4 0A 04 08 73 65 72 76 65 72 30 31 88 02 07 80 89 07 60 85 74 05 08 02 05 AA 12 80 10 E6 83 E9 B7 84 E8 13 DC 39 19 E3 29 A0 E7 43 B1 BE 23 04 21 28 1F 30 00 00 03 B6 0B AB 55 01 C1 D7 C3 E5 1B 97 14 00 75 52 B9 E4 0A BF 13 3A 5D 09 DC E4 2C D2
Sent 00 01 00 01 00 01 00 33 CB 31 30 00 00 75 85 AB A1 BA 98 53 36 F7 38 79 A2 73 07 B3 DB A0 87 24 23 F5 FC C1 C1 AA 40 BD 34 0C 1E 7C 4F A8 89 C5 29 6D 04 06 7F 9A EF 75 FB D0 79
Received 00 01 00 01 00 01 00 2C CF 2A 30 00 00 03 B7 A3 1A 87 78 38 53 EA D6 90 30 F8 FB 69 C4 48 CE D8 4F 6C 76 8F 3C 66 D1 B2 93 73 93 F7 7B D2 4F 22 03 C8 A1 69
Code I am using for creating HLS connection:
GXDLMSSecureClient client = new GXDLMSSecureClient();
client.setInterfaceType(InterfaceType.WRAPPER);
client.setUseLogicalNameReferencing(true);
client.setAuthentication(authentication); //HIGH_GMAC
client.setClientAddress(clientAddress); //1
client.setServerAddress(logicalDeviceAddress); //1
client.setUserId(userId); //1
client.setMaxReceivePDUSize(MAX_PDU_SIZE); //512
client.setPassword(Util.hexStringToByteArray(hexPassword)); //12345678 in Hex
client.getCiphering().setSystemTitle(GXCommon.hexToBytes("434C49454E540000"));
client.getCiphering().setSecurity(security); //AUTHENTICATION_ENCRYPTION
client.getCiphering().setAuthenticationKey(Util.hexStringToByteArray(hexAuthenticationKey)); //D0D1D2D3D4D5D6D7D8D9DADBDCDDDEDF
client.getCiphering().setBlockCipherKey(Util.hexStringToByteArray(hexBlockCipherKey)); //000102030405060708090A0B0C0D0E0F
client.getCiphering().setInvocationCounter(30105); //This value is higher then the framecounter in the meter.
client.getCiphering().setSecuritySuite(SecuritySuite.AES_GCM_128);
I have attached my Gurux director configuration
I am sorry for the long reply. I tried all the possible ways I could think of but no success.
Thank You
Best Regards
Pramod
Hi Mikko, Could you please do provide input on making the HLS work. I have provided the diferences b/w Gurux director and the Java code above.
Thank You
BR
Pramod
There is a new version available from Java example client where are two new parameters.
-C describes the security level. (None, Authentication, Encrypted, AuthenticationEncryption)
-v Invocation counter data object Logical Name. Ex. 0.0.43.1.1.255
Hi,
Hi,
GXDLMSDirector reads the invocation counter automatically from the meter. You need to read the data object where the invocation counter is saved and update it to the client.
We'll update example clients for this. In the meantime, you need to do it by yourself.
Check GXDLMSCommunication.cs and find:
//Read frame counter if GeneralProtection is used.
That does what you need.
BR,
Mikko
Hi Mikko,
Hi Mikko,
Could you please do let me know in which project the file is in. Using the find file GitHub feature I have looked in all the Gurux projects in GitHub, but I couldn't find any file name GXDLMSCommunication.cs
BR
Pramod
Hi,
Hi,
https://github.com/Gurux/GXDLMSDirector/blob/11f8de5b6656b0203c702ac2e2…
BR,
Mikko
Thanks, Mikko. I will try
Thanks, Mikko. I will try this.
Dear Mikko,
Dear Mikko,
I tried to establish the connection as per the example and some other trial and errors. Unfortunately, I was unable to establish the connection using the Gurux Java Library. I have translated the messages and apart from the encrypted content and cypher I have observed two differences:
a. While sending the first AARQ message there is <CallingAEInvocationId Value="1" /> which is not present in the AARQ created by the Gurux director.
b. In the reply from the meter for the AARQ message(2nd message), under ResultSourceDiagnostic the value of ACSEServiceUser is 0E( <ACSEServiceUser Value="0E" />) incase of the java library and 14 incase of Gurux director. Will these make a difference while establishing the connection.
I am using the latest version of the libraries available in the Maven central repository.
Below is the communication trace from the Gurux Director:
Sent 00 01 00 01 00 01 00 5F 60 5D A1 09 06 07 60 85 74 05 08 01 03 A6 0A 04 08 43 4C 49 45 4E 54 00 00 8A 02 07 80 8B 07 60 85 74 05 08 02 05 AC 12 80 10 33 6A 4F 36 3A 56 14 5F 0D 43 44 3D 1F 62 72 53 BE 23 04 21 21 1F 30 00 00 75 84 A3 E2 66 9F 41 24 C0 B0 D8 89 4B E2 C0 1D 04 6B 3E A3 A4 DE 49 16 38 37 FA 9C
Received 00 01 00 01 00 01 00 6B 61 69 A1 09 06 07 60 85 74 05 08 01 03 A2 03 02 01 00 A3 05 A1 03 02 01 0E A4 0A 04 08 73 65 72 76 65 72 30 31 88 02 07 80 89 07 60 85 74 05 08 02 05 AA 12 80 10 E6 83 E9 B7 84 E8 13 DC 39 19 E3 29 A0 E7 43 B1 BE 23 04 21 28 1F 30 00 00 03 B6 0B AB 55 01 C1 D7 C3 E5 1B 97 14 00 75 52 B9 E4 0A BF 13 3A 5D 09 DC E4 2C D2
Sent 00 01 00 01 00 01 00 33 CB 31 30 00 00 75 85 AB A1 BA 98 53 36 F7 38 79 A2 73 07 B3 DB A0 87 24 23 F5 FC C1 C1 AA 40 BD 34 0C 1E 7C 4F A8 89 C5 29 6D 04 06 7F 9A EF 75 FB D0 79
Received 00 01 00 01 00 01 00 2C CF 2A 30 00 00 03 B7 A3 1A 87 78 38 53 EA D6 90 30 F8 FB 69 C4 48 CE D8 4F 6C 76 8F 3C 66 D1 B2 93 73 93 F7 7B D2 4F 22 03 C8 A1 69
Communication trace from the Java library:
Sent: 00 01 00 01 00 01 00 64 60 62 A1 09 06 07 60 85 74 05 08 01 03 A6 0A 04 08 43 4C 49 45 4E 54 00 00 A9 03 02 01 01 8A 02 07 80 8B 07 60 85 74 05 08 02 05 AC 12 80 10 60 11 64 41 2D 56 12 27 0B 02 1F 4B 1E 4D 1A 64 BE 23 04 21 21 1F 30 00 00 75 94 80 0B 3C D2 F3 E2 8E 69 77 6C B7 80 5C BD 37 10 68 C2 48 8B 67 EF FE A2 DD F5
Received(PDU): 61 69 A1 09 06 07 60 85 74 05 08 01 03 A2 03 02 01 00 A3 05 A1 03 02 01 0E A4 0A 04 08 73 65 72 76 65 72 30 31 88 02 07 80 89 07 60 85 74 05 08 02 05 AA 12 80 10 64 DF 1B 2C 23 2A 05 9A B1 BD 3C 25 F2 CE F2 1B BE 23 04 21 28 1F 30 00 00 03 B8 8F 36 77 79 C1 49 31 77 AD CB 35 00 91 40 95 C4 BD F2 BB 08 41 E9 7D 69 E0 4C
Sent: 00 01 00 01 00 01 00 33 CB 31 30 00 00 75 94 42 0A FD D2 FA BD 91 45 77 6C 56 9C 5E 5C 4E 0B BD 6B EF 8F 72 C8 EA 40 0D 45 24 EE 0C 52 96 3B 3C CA FC 18 88 06 23 B4 74 94 35 48
Received: 00 01 00 01 00 01 00 17 CF 15 30 00 00 03 B9 41 E6 50 3B 14 54 0C AD 23 32 8E 08 9D EC 85 DE
Code I am using for creating HLS connection:
GXDLMSSecureClient client = new GXDLMSSecureClient();
client.setInterfaceType(InterfaceType.WRAPPER);
client.setUseLogicalNameReferencing(true);
client.setAuthentication(authentication); //HIGH_GMAC
client.setClientAddress(clientAddress); //1
client.setServerAddress(logicalDeviceAddress); //1
client.setUserId(userId); //1
client.setMaxReceivePDUSize(MAX_PDU_SIZE); //512
client.setPassword(Util.hexStringToByteArray(hexPassword)); //12345678 in Hex
client.getCiphering().setSystemTitle(GXCommon.hexToBytes("434C49454E540000"));
client.getCiphering().setSecurity(security); //AUTHENTICATION_ENCRYPTION
client.getCiphering().setAuthenticationKey(Util.hexStringToByteArray(hexAuthenticationKey)); //D0D1D2D3D4D5D6D7D8D9DADBDCDDDEDF
client.getCiphering().setBlockCipherKey(Util.hexStringToByteArray(hexBlockCipherKey)); //000102030405060708090A0B0C0D0E0F
client.getCiphering().setInvocationCounter(30105); //This value is higher then the framecounter in the meter.
client.getCiphering().setSecuritySuite(SecuritySuite.AES_GCM_128);
I have attached my Gurux director configuration
I am sorry for the long reply. I tried all the possible ways I could think of but no success.
Thank You
Best Regards
Pramod
Adding the security
Adding the security parameters as i could upload only one image.
Hi Mikko, Could you please do
Hi Mikko, Could you please do provide input on making the HLS work. I have provided the diferences b/w Gurux director and the Java code above.
Thank You
BR
Pramod
Hi Pramod,
Hi Pramod,
There is a new version available from Java example client where are two new parameters.
-C describes the security level. (None, Authentication, Encrypted, AuthenticationEncryption)
-v Invocation counter data object Logical Name. Ex. 0.0.43.1.1.255
I hope this helps you to read your meter.
BR,
Mikko