OCMF unverified due to Identification Level value.

[VictorVanWeyenberg]

Description

OCMF messages with Identification Level "MISMATCH", "INVALID", "OUTDATED" or "UNKNOWN" are unverified by Transparenz. Transparenz simply gives the error "Your Data could not be verified." "Meter clock was not synchronized."

However, when I change the Identification Level and use the same generation, the OCMF message is verified.
I found this snippet in OCMFVerifiedData.java.

Expectation

Identification Level "MISMATCH", "INVALID", "OUTDATED" and "UNKNOWN" are valid Identification Level values for an OCMF message. If these values are present in an OCMF message, then transparenz should not error and say it could not verify the message.

Transparenz should say the message was able to be verified.

Motivation

Certification agencies require our OCMF messages to pass the Transparenz Software in order for us to get the Mess und Eichrecht certification.
Because of this bug, manufacturers have to send false IdentificationLevels when a "MISMATCH", "INVALID", "OUTDATED" Identification Level occurs in order to get certified.

Reproduction

Open Transparenz (v1.2.0).

First try an OCMF message with Identification Level TRUSTED. This message should get verified.

<values><value context="Transaction.Begin" transactionId="49"><signedData format="OCMF" encoding="plain">OCMF|{"FV":"1.0","GI":"chargepoint_vendor:chargepoint_model","GS":"schargepoint_erial","GV":"firmware_version","MV":"meter_vendor","MM":"meter_model","MS":"meter_serial","MF":"meter_firmware","IS":false,"IL":"TRUSTED","IF":["OCPP_WHITELIST"],"IT":"LOCAL","ID":"4445414442454546","CT":"EVSEID","CI":"chargepoint_id","PG":"T1","RD":[{"TM":"2024-03-13T12:59:41,337+0200 S","TX":"B","RV":0.072,"RI":"1-0:1.8.0*255","RU":"kWh","RT":"AC","EF":"","ST":"G"}]}|{"SA":"ECDSA-secp256r1-SHA256","SE":"hex","SM":"application/x-der","SD":"304402205098f558bbd6601b17a51b64ad3da61747521e3beea4e0fb9a919a1bbb86ee8702206b41ff6145bb1a16a1be1637f176344d8740c658b5506516341ba7dfd2db479d"}</signedData><publicKey encoding="hex">3059301306072a8648ce3d020106082a8648ce3d03010703420004e0dd74dbfe0f25962c5d6c048cad181b16e7f763ea607b99cd7d233e44cb7ad0bcb4f6bb371155ec776ca4022a98daa960e020165f1274da369b0e9666245a6d</publicKey></value><value context="Transaction.End" transactionId="49"><signedData format="OCMF" encoding="plain">OCMF|{"FV":"1.0","GI":"chargepoint_vendor:chargepoint_model","GS":"schargepoint_erial","GV":"firmware_version","MV":"meter_vendor","MM":"meter_model","MS":"meter_serial","MF":"meter_firmware","CT":"EVSEID","CI":"chargepoint_id","PG":"T2","RD":[{"TM":"2024-03-13T16:59:41,340+0200 S","TX":"E","RV":0.086,"RI":"1-0:1.8.0*255","RU":"kWh","RT":"AC","EF":"","ST":"G"}]}|{"SA":"ECDSA-secp256r1-SHA256","SE":"hex","SM":"application/x-der","SD":"30460221009696c0bdd4412df4fabd4cc4656fc3e3b11e408dd93a3795980d58f0c1cc46bd022100d9bbf023f57a5c32f441c8be421c310dd3688ad03b8aef72475fbd1dfee98b6b"}</signedData><publicKey encoding="hex">3059301306072a8648ce3d020106082a8648ce3d03010703420004e0dd74dbfe0f25962c5d6c048cad181b16e7f763ea607b99cd7d233e44cb7ad0bcb4f6bb371155ec776ca4022a98daa960e020165f1274da369b0e9666245a6d</publicKey></value></values>

Then try an OCMF message with Identification Level OUTDATED. This message should throw the error.

<values><value context="Transaction.Begin" transactionId="49"><signedData format="OCMF" encoding="plain">OCMF|{"FV":"1.0","GI":"chargepoint_vendor:chargepoint_model","GS":"schargepoint_erial","GV":"firmware_version","MV":"meter_vendor","MM":"meter_model","MS":"meter_serial","MF":"meter_firmware","IS":false,"IL":"OUTDATED","IF":["OCPP_WHITELIST"],"IT":"LOCAL","ID":"4445414442454546","CT":"EVSEID","CI":"chargepoint_id","PG":"T1","RD":[{"TM":"2024-03-13T13:13:06,524+0200 S","TX":"B","RV":0.072,"RI":"1-0:1.8.0*255","RU":"kWh","RT":"AC","EF":"","ST":"G"}]}|{"SA":"ECDSA-secp256r1-SHA256","SE":"hex","SM":"application/x-der","SD":"30460221009662a265da65183683e531d6f59bf4a12dfa96a9aac840c5bec8fd0ff1bd9166022100fbe01c5b0212abd8254fe169893cba6c59525a07cabde6279bedc9ee463cfa49"}</signedData><publicKey encoding="hex">3059301306072a8648ce3d020106082a8648ce3d030107034200046612b23fed179516713049bfb79afbcf1c2a298450100740589b00a467734f12c79302ea916c9b525c16cf705c568f5046de0a0b0f6f0d904c5a1f201ae63f9f</publicKey></value><value context="Transaction.End" transactionId="49"><signedData format="OCMF" encoding="plain">OCMF|{"FV":"1.0","GI":"chargepoint_vendor:chargepoint_model","GS":"schargepoint_erial","GV":"firmware_version","MV":"meter_vendor","MM":"meter_model","MS":"meter_serial","MF":"meter_firmware","CT":"EVSEID","CI":"chargepoint_id","PG":"T2","RD":[{"TM":"2024-03-13T17:13:06,527+0200 S","TX":"E","RV":0.086,"RI":"1-0:1.8.0*255","RU":"kWh","RT":"AC","EF":"","ST":"G"}]}|{"SA":"ECDSA-secp256r1-SHA256","SE":"hex","SM":"application/x-der","SD":"3046022100c38ae1dd2555f70243cd070638a2374fdc1e4844fd21dfa313bacb70bad97723022100944392761f96243732bb9e3e7f7e9a863f1b7e743f3284f0c028f2ea2214d6cd"}</signedData><publicKey encoding="hex">3059301306072a8648ce3d020106082a8648ce3d030107034200046612b23fed179516713049bfb79afbcf1c2a298450100740589b00a467734f12c79302ea916c9b525c16cf705c568f5046de0a0b0f6f0d904c5a1f201ae63f9f</publicKey></value></values>

[VictorVanWeyenberg]

Issue still occurs on version 1.3.0.

I used the same two messages as shown under reproduction in the original bugreport for testing.

[VictorVanWeyenberg]

Tested yet again in version 1.4.0 and the message from the original bug report that passed the verification now gives an error.

nov 18, 2024 12:10:49 P.M. de.safe_ev.transparenzsoftware.verification.VerificationLogger log
INFO: publicKey:    3059301306072a8648ce3d020106082a8648ce3d030107034200046612b23fed179516713049bfb79afbcf1c2a298450100740589b00a467734f12c79302ea916c9b525c16cf705c568f5046de0a0b0f6f0d904c5a1f201ae63f9f
nov 18, 2024 12:10:49 P.M. de.safe_ev.transparenzsoftware.verification.VerificationLogger log
INFO: hashData:     31852f825dc7c781bf50e613cddc130a457ab22d6329ef043fc07232dc7a13a3
nov 18, 2024 12:10:49 P.M. de.safe_ev.transparenzsoftware.verification.VerificationLogger log
INFO: derSignature: 30460221009662a265da65183683e531d6f59bf4a12dfa96a9aac840c5bec8fd0ff1bd9166022100fbe01c5b0212abd8254fe169893cba6c59525a07cabde6279bedc9ee463cfa49
OUT: java.awt.EventDispatchThread.run(): OCMF/ECDSA pubkey:728 hash:256 sign:576 => true
12:10:50.270 DEBUG de.safe_ev.transparenzsoftware.verification.EncryptedDataDecoder - Could not decode de.safe_ev.transparenzsoftware.verification.xml.Value@797a4ad9-
javax.crypto.BadPaddingException: null
        at com.metabit.custom.safe.safeseal.SAFESealRevealer.reveal(SAFESealRevealer.java:101) ~[transparenzsoftware-1.4.0.jar:?]
        at de.safe_ev.transparenzsoftware.verification.EncryptedDataDecoder.decode(EncryptedDataDecoder.java:58) ~[transparenzsoftware-1.4.0.jar:?]
        at de.safe_ev.transparenzsoftware.verification.Verifier.verifyUnknown(Verifier.java:378) ~[transparenzsoftware-1.4.0.jar:?]
        at de.safe_ev.transparenzsoftware.gui.views.MainView.verify_(MainView.java:192) ~[transparenzsoftware-1.4.0.jar:?]
        at de.safe_ev.transparenzsoftware.gui.views.MainView.verify(MainView.java:84) ~[transparenzsoftware-1.4.0.jar:?]
        at de.safe_ev.transparenzsoftware.gui.views.MainView.lambda$new$0(MainView.java:78) ~[transparenzsoftware-1.4.0.jar:?]
        at javax.swing.Timer.fireActionPerformed(Timer.java:311) ~[?:?]
        at javax.swing.Timer$DoPostEvent.run(Timer.java:243) ~[?:?]
        at java.awt.event.InvocationEvent.dispatch(InvocationEvent.java:318) ~[?:?]
        at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:773) ~[?:?]
        at java.awt.EventQueue$4.run(EventQueue.java:720) ~[?:?]
        at java.awt.EventQueue$4.run(EventQueue.java:714) ~[?:?]
        at java.security.AccessController.doPrivileged(AccessController.java:400) ~[?:?]
        at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:87) ~[?:?]
        at java.awt.EventQueue.dispatchEvent(EventQueue.java:742) ~[?:?]
        at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:203) ~[?:?]
        at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:124) ~[?:?]
        at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:113) ~[?:?]
        at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:109) ~[?:?]
        at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101) ~[?:?]
        at java.awt.EventDispatchThread.run(EventDispatchThread.java:90) ~[?:?]

This also results in a verification error in the frontend.
The second message from the original bug report results in the same error message as above.

On one hand, for the message with the OUTDATED Identification Level, this is a new bug.
On the other, for the message with the TRUSTED Identification Level, I'm counting this as a regression.

I wasn't able to determine if the original bug is fixed since v1.4.0 code is not on Github so I'll keep this issue open for now.