Krolken
commented
3 years ago Current implementation assumes that if we have added an encryption and authenication key all responses should be in GeneralGlobalCiphering APDU. It will give error on alla else.
Instead of giving errors on non GeneralGlobalCiphering Apdus we should maybe just let it pass through. We have asked the meter to encrypt traffic and if it doesn't it should be fine.
We should also add handling for Exception response in all waiting states.
There seems to be no documentation stating that ExceptionsResponses should be encrypted when you have entered an encrypted/protected context via association negotiation. It has been seen that meters send unencrypted ExceptionsResponses for a GET service if the inparameters are wrong.