functionsend2GwDH()local reqinfo={}
reqinfo.type="dh"
reqinfo.sequence=devinfo.sequence
reqinfo.mac=devinfo.mac
reqinfo.data={}
local p, pub, priv=dh.gkey()
devinfo.pubkey=pub
devinfo.privkey=priv
reqinfo.data.dh_key=encodeBase64(devinfo.pubkey)
reqinfo.data.dh_p=encodeBase64(p)
reqinfo.data.dh_g=encodeBase64(string.pack('B','5'))
print("sendto gw dh")
data=json.encode(reqinfo)
print(json.encode(reqinfo))
tcpSendData(data)
print("recive from gw dh")
endfunctionreg()whiletruedolocal recdata = tcpRecivedData()
if recdata then
recjson = json.decode(recdata)
if recjson thenif recjson.type == "keyngack"then
send2GwDH() --第四,五步elseif recjson.type == "dh"then
devinfo.secret=dh.gsecret(decodeBase64(recjson.data.dh_key), devinfo.privkey)
--第六步根据网关的公钥和自己的私钥生成共享密钥(共享密钥同网关共享密钥),组网终端与智能家庭网关采用共享密钥加解密通讯参数。
send2GwReg() --发送设备注册信息return keepRun()
endendelsereturnnilendendend--第三步functionsend2GwKeyngreq()local reqinfo={}
reqinfo.type="keyngreq"
reqinfo.sequence=devinfo.sequence
reqinfo.mac=devinfo.mac
reqinfo.keymodelist={}
reqinfo.keymodelist[1]={}
reqinfo.keymodelist[1].keymode="dh"
data=json.encode(reqinfo)
print(json.encode(reqinfo))
tcpSendData(data)
print("recive from gw Keyngreq")
--print(tcpRecivedData())end--第三步whiletruedoif buildDevinfo() thenif fromSysGet("uttcli get sysConf brideg_mode_flag") == "0"thenos.execute("uttcli set sysConf sysConf brideg_mode_flag 1 ")
os.execute("elink_route_bridge.sh ")
end
send2GwKeyngreq()
reg()
tcp:close()
end
sleep(2)
end
第三步开始,如上图发送的协商密钥生成方式格式组包lua代码如下:
function send2GwKeyngreq()
local reqinfo={}
reqinfo.type="keyngreq"
reqinfo.sequence=devinfo.sequence
reqinfo.mac=devinfo.mac
reqinfo.keymodelist={}
reqinfo.keymodelist[1]={}
reqinfo.keymodelist[1].keymode="dh"
data=json.encode(reqinfo)
print(json.encode(reqinfo))
tcpSendData(data)
print("recive from gw Keyngreq")
--print(tcpRecivedData())
end
第四步,智能家庭网关完成双方密钥协商,组网终端采用DH加密算法,发送组网终端公钥给智能家庭网关:
function send2GwDH()
local reqinfo={}
reqinfo.type="dh"
reqinfo.sequence=devinfo.sequence
reqinfo.mac=devinfo.mac
reqinfo.data={}--生成公钥和私钥
local p, pub, priv=dh.gkey()
devinfo.pubkey=pub
devinfo.privkey=priv
--生成公钥和私钥--经过base64编码后根据指定格式发送数据给家庭智能网关
reqinfo.data.dh_key=encodeBase64(devinfo.pubkey)
reqinfo.data.dh_p=encodeBase64(p)
reqinfo.data.dh_g=encodeBase64(string.pack('B','5'))
print("sendto gw dh")
--经过base64编码后根据指定格式发送数据给家庭智能网关data=json.encode(reqinfo)
print(json.encode(reqinfo))
tcpSendData(data)
print("recive from gw dh")
end
functiontcpRecivedData()local data=tcp:receive(8)
if data then
flag, datalen=string.unpack('>I>I',data)
--print("tcp recive 4 byte len "..datalen)
data=tcp:receive(datalen)
return data
elsereturnnilendend
协商后发送加密数据代码:
functionsendSecretData(reqinfo)local jsondata= json.encode(reqinfo)
print("send: "..jsondata)
local aesdata= aes.encrypt_cbc(jsondata,devinfo.secret)
--私钥devinfo.secret参与加密
tcpSendData(aesdata)
end
解密收到数据代码:
functionrecivedSecretData()local data = tcpRecivedData()
if data thenlocal respjson=aes.decrypt_cbc(data, devinfo.secret)
--私钥devinfo.secret参与解密print("get:"..respjson)
local jsondata= json.decode(respjson)
return jsondata
elseprint("get rec error")
returnnilendend
流程图及数据格式如下:流程如上图:代码框架function send2GwDH() local reqinfo={} reqinfo.type="dh" reqinfo.sequence=devinfo.sequence reqinfo.mac=devinfo.mac reqinfo.data={} local