Foreword
For about 2 years I have been a Home Assistant user and have gradually settled in with devices that I want to integrate there. One of these devices was my relatively recent acquisition: a convector from Electrolux.
Initially, I considered a conventional convector, which I planned to control through a smart socket. In the process of studying convector models, my interest shifted to modern models that can be controlled via the Internet out of the box. Although they are more expensive than a solution with a "socket", curiosity prevailed and the choice settled on a modular convector from Electrolux, which, against the background of competitors, attracted the design.
The convector coped with its task as a device perfectly in winter. I am very pleased with it.
Pain and first attempt at control outside the application
But the management through the mobile application only brought chagrin.
Long connection to the server, sometimes from the Nth time. Frequent unavailability of the device and concerns about safety. Another fly in the ointment was the lack of solutions for integration into smart homes.
After some time, interest arose in studying the possibility of managing through third-party solutions. It was not possible to google something sensible to control the convector. Therefore, I decided to study the traffic of the mobile application, since the device is far away, and the application is always at hand.
After studying the materials on the analysis of traffic of applications and in due to lack of experience, all I was able to find out is what data and where is transferred for authorization, and that further communication takes place over TCP in encrypted form. And I also found out what an android application looks like after disassembling)
At this my hands dropped, hoping to try again later.
Second experience
, - . .
, .
2 ,
PHP ( ) Python.
In the process, I found out that each language has its own nuances in the encryption functions. Had to write solutions in Java, Python and PHP to make sure the encryption / decryption works as expected. For example, an application uses PKCS7Padding, while other languages โโneed PKCS5Padding or write your own implementation.
<?php
// ...
public function decrypt(string $message): string
{
$hash = hash('sha384', $this->key, true);
$iv = substr($hash, 32, 16);
$key = substr($hash, 0, 32);
$message = substr($message, 0, -32);
$result = (string) openssl_decrypt(
(string) base64_decode($message, true),
'AES-256-CBC',
$key,
OPENSSL_CIPHER_AES_256_CBC,
$iv
);
return CleanHelper::clean($result);
}
def decode(message, key):
digest = hashlib.sha384(key.encode()).digest()
iv = digest[-16:]
key = digest[:32]
message = message[:-32]
message = b64decode(message)
cipher = Cipher(algorithms.AES(key), modes.CBC(iv))
decryptor = cipher.decryptor()
decrypted = decryptor.update(message) + decryptor.finalize()
unpadder = padding.PKCS7(128).unpadder()
decrypted = unpadder.update(decrypted) + unpadder.finalize()
return decrypted.decode()
Thus, after a few evenings there was already a client in PHP , which allowed you to log in and communicate via TCP with the server.
In my opinion, the resulting MVP could be considered a success. Part 2
Link to the repository and telegram