ecubus
diff --git a/‎resources/examples/doip_gateway/node.ts
Lines changed: 6 additions & 3 deletions b/‎resources/examples/doip_gateway/node.ts
Lines changed: 6 additions & 3 deletions
diff --git a/‎resources/examples/uds_0x29/ecu.ts
Lines changed: 68 additions & 1 deletion b/‎resources/examples/uds_0x29/ecu.ts
Lines changed: 68 additions & 1 deletion
diff --git a/‎resources/examples/uds_0x29/test.txt
Lines changed: 1 addition & 0 deletions b/‎resources/examples/uds_0x29/test.txt
Lines changed: 1 addition & 0 deletions
diff --git a/‎resources/examples/uds_0x29/tester.ts
Lines changed: 89 additions & 2 deletions b/‎resources/examples/uds_0x29/tester.ts
Lines changed: 89 additions & 2 deletions
@@ -1,12 +1,15 @@
 import { DiagResponse, output } from 'ECB'
 
+let requestAddrName: string | undefined
+
 Util.On('Tester_eth_1.*.send', async (req) => {
+  requestAddrName = req.getUdsAddress()?.ethAddr?.name
   console.log('Received DOIP Diag request', req.getUdsAddress().ethAddr?.name)
   req.testerName = 'Tester_can_0'
-  await req.outputDiag('SIMULATE_1', req.getUdsAddress().ethAddr?.name)
+  await req.outputDiag('SIMULATE_1', requestAddrName)
 })
 Util.On('Tester_can_0.*.recv', async (resp) => {
-  console.log('Received CANTP Diag response', resp.getUdsAddress().canAddr?.name)
+  console.log('Received CANTP Diag response')
   resp.testerName = 'Tester_eth_1'
-  await resp.outputDiag('SIMULATE_0', resp.getUdsAddress().ethAddr?.name)
+  await resp.outputDiag('SIMULATE_0', requestAddrName)
 })
@@ -15,7 +15,19 @@ Util.On('Tester_can_0.authenticationConfiguration.send', async (req) => {
   resp.diagSetParameter('returnValue', 0x2) //ACPE
   await resp.outputDiag()
 })
+let memorySize: number
+Util.On('Tester_can_0.RequestDownload520.send', async (req) => {
+  const resp = DiagResponse.fromDiagRequest(req)
+  memorySize = Number(req.diagGetParameter('memorySize'))
+  console.log(`memorySize:${memorySize}`)
+  resp.diagSetRaw(Buffer.from([0x74, 0x40, 0, 0, 0, 0x81]))
+  await resp.outputDiag()
+})
+const ecdh = crypto.createECDH('prime256v1')
+ecdh.generateKeys()
+const publicKeyGen = ecdh.getPublicKey()
 
+let challengeTester: Buffer
 Util.On('Tester_can_0.verifyCertificateUnidirectional.send', async (req) => {
   const resp = DiagResponse.fromDiagRequest(req)
 
@@ -33,17 +45,28 @@ Util.On('Tester_can_0.verifyCertificateUnidirectional.send', async (req) => {
   const verifyResult = cert.verify(ca.publicKey)
   console.log(`verify result:${verifyResult}`)
   if (verifyResult) {
+    const cLen = data.readUint16BE(5 + lengthOfCertificateClient)
+    console.log(`challenge length:${cLen}`)
+    //challenge
+    challengeTester = data.subarray(
+      7 + lengthOfCertificateClient,
+      7 + lengthOfCertificateClient + cLen
+    )
+
     //client cert verify ok
     // resp.diagSetParameter('lengthOfChallengeServer',32)
     // resp.diagSetParameterSize('challengeServer',32*8)
     resp.diagSetParameterRaw('challengeServer', challenge)
     resp.diagSetParameter('returnValue', 0x11) //certificate ok, verify ownership
+
+    resp.diagSetParameterRaw('ephemeralPublicKeyServer', publicKeyGen)
+    resp.diagSetParameter('lengthOfEphemeralPublicKeyServer', publicKeyGen.length)
     await resp.outputDiag()
   } else {
     throw new Error('client cert verify failed')
   }
 })
-
+let realKey: Buffer
 Util.On('Tester_can_0.proofOfOwnership.send', async (req) => {
   const resp = DiagResponse.fromDiagRequest(req)
   const data = req.diagGetRaw()
@@ -56,9 +79,53 @@ Util.On('Tester_can_0.proofOfOwnership.send', async (req) => {
   const verifyResult = crypto.verify('RSA-SHA256', challenge, publicKey, sign)
   console.log(`verify result:${verifyResult}`)
   if (verifyResult) {
+    const lengthOfEphemeralPublicKeyClient = data.readUint16BE(4 + lengthOfProofOfOwnershipClient)
+    console.log(`ephemeralPublicKeyClient length:${lengthOfEphemeralPublicKeyClient}`)
+    //ephemeralPublicKeyClient
+    const ephemeralPublicKeyClient = data.subarray(
+      6 + lengthOfProofOfOwnershipClient,
+      6 + lengthOfProofOfOwnershipClient + lengthOfEphemeralPublicKeyClient
+    )
+    const sharedSecret = ecdh.computeSecret(ephemeralPublicKeyClient)
+
+    console.log(`sharedSecret in ecu:${sharedSecret.toString('hex')}`)
+
+    //hkdf
+    const salt = Buffer.concat([challengeTester, challenge])
+    realKey = Buffer.from(crypto.hkdfSync('sha256', sharedSecret, salt, '', 32))
+    console.log(`realKey in ecu:${realKey.toString('hex')}`)
     resp.diagSetParameter('returnValue', 0x12) //authentication ok
     await resp.outputDiag()
   } else {
     throw new Error('client sign verify failed')
   }
 })
+let fwContent: Buffer = Buffer.alloc(0)
+let decipher: crypto.DecipherGCM
+
+Util.On('Tester_can_0.TransferData540.send', async (req) => {
+  const raw = req.diagGetRaw()
+  if (!decipher) {
+    decipher = crypto.createDecipheriv('aes-256-gcm', realKey, Buffer.alloc(12, 0))
+  }
+  const transferRequestParameterRecord = raw.subarray(2)
+  const decrypted = decipher.update(transferRequestParameterRecord)
+  if (fwContent.length < memorySize) {
+    fwContent = Buffer.concat([fwContent, decrypted])
+    if (fwContent.length >= memorySize) {
+      console.log(`decrypted content :${fwContent.subarray(0, memorySize).toString('ascii')}`)
+    }
+  }
+  const resp = DiagResponse.fromDiagRequest(req)
+  resp.diagSetRaw(Buffer.from([0x76, Number(req.diagGetParameter('blockSequenceCounter'))]))
+  await resp.outputDiag()
+})
+
+Util.On('Tester_can_0.RequestTransferExit550.send', async (req) => {
+  const raw = req.diagGetRaw()
+  decipher.setAuthTag(raw.subarray(2))
+  decipher.final()
+  const resp = DiagResponse.fromDiagRequest(req)
+  resp.diagSetRaw(Buffer.from([0x77]))
+  await resp.outputDiag()
+})
@@ -0,0 +1 @@
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
@@ -3,11 +3,12 @@ import fs from 'fs/promises'
 import path from 'path'
 import crypto from 'crypto'
 
-const challenge = Buffer.from(
+const challengeSelf = Buffer.from(
   Array(32)
     .fill(0)
     .map(() => Math.floor(Math.random() * 256))
 )
+let fwContent: Buffer
 Util.Init(async () => {
   // reader client.crt
   const cert = await fs.readFile(path.join(process.env.PROJECT_ROOT, 'client.crt'), 'utf-8')
@@ -25,11 +26,23 @@ Util.Init(async () => {
   //random challenge 32 bytes
   verifyCertificateUnidirectional.diagSetParameter('lengthOfChallengeClient', 32)
   verifyCertificateUnidirectional.diagSetParameterSize('challengeClient', 32 * 8)
-  verifyCertificateUnidirectional.diagSetParameterRaw('challengeClient', challenge)
+  verifyCertificateUnidirectional.diagSetParameterRaw('challengeClient', challengeSelf)
   //save
   await verifyCertificateUnidirectional.changeService()
+
+  //read fwContent
+  fwContent = await fs.readFile(path.join(process.env.PROJECT_ROOT, 'test.txt'))
+  //setup 0x34 size
+  const RequestDownload520 = DiagRequest.from('Tester_can_0.RequestDownload520')
+  RequestDownload520.diagSetParameter('memorySize', fwContent.length)
+  await RequestDownload520.changeService()
 })
 
+const ecdh = crypto.createECDH('prime256v1')
+ecdh.generateKeys()
+const publicKey = ecdh.getPublicKey()
+let realKey: Buffer
+
 Util.On('Tester_can_0.verifyCertificateUnidirectional.recv', async (resp) => {
   const data = resp.diagGetRaw()
   // 69 11 11 lengthOfCertificateClient(2)
@@ -47,6 +60,80 @@ Util.On('Tester_can_0.verifyCertificateUnidirectional.recv', async (resp) => {
   proofOfOwnership.diagSetParameterSize('proofOfOwnershipClient', sign.length * 8)
   proofOfOwnership.diagSetParameterRaw('proofOfOwnershipClient', sign)
   proofOfOwnership.diagSetParameter('lengthOfProofOfOwnershipClient', sign.length)
+
+  proofOfOwnership.diagSetParameter('lengthOfEphemeralPublicKeyClient', publicKey.length)
+  proofOfOwnership.diagSetParameterSize('ephemeralPublicKeyClient', publicKey.length * 8)
+  proofOfOwnership.diagSetParameterRaw('ephemeralPublicKeyClient', publicKey)
   //save
   await proofOfOwnership.changeService()
+
+  const lengthOfPeerKey = data.readUint16BE(5 + lengthOfCertificateClient)
+  const peerPublicKey = data.subarray(
+    5 + lengthOfCertificateClient + 2,
+    5 + lengthOfCertificateClient + 2 + lengthOfPeerKey
+  )
+  console.log(`peerPublicKey length:${lengthOfPeerKey}`)
+  const sharedSecret = ecdh.computeSecret(peerPublicKey)
+  console.log(`sharedSecret in tester:${sharedSecret.toString('hex')}`)
+  //hkdf
+  const salt = Buffer.concat([challengeSelf, challenge])
+  realKey = Buffer.from(crypto.hkdfSync('sha256', sharedSecret, salt, '', 32))
+  console.log(`realKey in tester:${realKey.toString('hex')}`)
+})
+
+let maxChunkSize = 0
+Util.On('Tester_can_0.RequestDownload520.recv', (resp) => {
+  maxChunkSize = resp.diagGetParameterRaw('maxNumberOfBlockLength').readUint32BE(0)
+})
+
+//aes-gcm encrypt
+
+Util.Register('Tester_can_0.SecureDownload', async () => {
+  if (maxChunkSize <= 2) {
+    throw new Error('maxNumberOfBlockLength is undefined or too small')
+  }
+  if (fwContent) {
+    const cipher = crypto.createCipheriv('aes-256-gcm', realKey, Buffer.alloc(12, 0))
+    maxChunkSize -= 2
+    if (maxChunkSize & 0x07) {
+      maxChunkSize -= maxChunkSize & 0x07
+    }
+    const numChunks = Math.ceil(fwContent.length / maxChunkSize)
+    const list = []
+    for (let i = 0; i < numChunks; i++) {
+      const start = i * maxChunkSize
+      const end = Math.min(start + maxChunkSize, fwContent.length)
+      console.log(`chunk ${i + 1}/${numChunks} start: ${start}, end: ${end}`)
+      const chunk = fwContent.subarray(start, end)
+
+      const transferRequest = DiagRequest.from('Tester_can_0.TransferData540')
+
+      const encrypt = cipher.update(chunk)
+      console.log(
+        `chunk ${i + 1}/${numChunks} size: ${chunk.length}, encrypted size: ${encrypt.length}`
+      )
+      transferRequest.diagSetParameterSize('transferRequestParameterRecord', encrypt.length * 8)
+      // 设置传输请求参数记录
+      transferRequest.diagSetParameterRaw('transferRequestParameterRecord', encrypt)
+
+      // 计算块序号 (从1开始)
+      const blockSequenceCounter = Buffer.alloc(1)
+      blockSequenceCounter.writeUInt8((i + 1) & 0xff) // 使用循环计数 1-255
+      transferRequest.diagSetParameterRaw('blockSequenceCounter', blockSequenceCounter)
+
+      list.push(transferRequest)
+    }
+    //set auth tag
+    cipher.final()
+    const authTag = cipher.getAuthTag()
+    const RequestTransferExit550 = DiagRequest.from('Tester_can_0.RequestTransferExit550')
+    RequestTransferExit550.diagSetParameterSize('auth', authTag.length * 8)
+    // 设置传输请求参数记录
+    RequestTransferExit550.diagSetParameterRaw('auth', authTag)
+    await RequestTransferExit550.changeService()
+    // 发送所有块
+    return list
+  } else {
+    return []
+  }
 })
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA`