tapocon 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: a429caf2dbda4dbfc26ccceb514e8970052f444bc140fa55fc47d1583afabc0d
+  data.tar.gz: 51308025fc9e4519e86b5802e60992651448a0c656616c4ade50e569899dbabc
+SHA512:
+  metadata.gz: 5deb333b1e3b74df1347c31aba89f97e78f103868a2245021dadb18a16090cd4eaa7465d465855bdd9625aa6dc8770d7fcb36410e14942e662a62f604c459f7a
+  data.tar.gz: abd21aa82394a76ef4e1d480645eee4d962e6ef866f8f3f1f25ffbf94703b2ababd1c455b296005030818ac5044e24d860795042e7a8f4f415bdbcd0f648d88d

data/.rubocop.yml

@@ -0,0 +1,8 @@
+AllCops:
+  TargetRubyVersion: 3.0
+
+Style/StringLiterals:
+  EnforcedStyle: double_quotes
+
+Style/StringLiteralsInInterpolation:
+  EnforcedStyle: double_quotes

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2024 Yoshinari Nomura
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.org

@@ -0,0 +1,73 @@
+#+TITLE: tapocon -- CLI for TAPO P105 and variants
+#+AUTHOR: Yoshinari Nomura
+#+EMAIL:
+#+DATE: 2024-12-12
+#+OPTIONS: H:3 num:2 toc:nil
+#+OPTIONS: ^:nil @:t \n:nil ::t |:t f:t TeX:t
+#+OPTIONS: skip:nil
+#+OPTIONS: author:t
+#+OPTIONS: email:nil
+#+OPTIONS: creator:nil
+#+OPTIONS: timestamp:nil
+#+OPTIONS: timestamps:nil
+#+OPTIONS: d:nil
+#+OPTIONS: tags:t
+#+TEXT:
+#+DESCRIPTION:
+#+KEYWORDS:
+#+LANGUAGE: ja
+#+LATEX_CLASS: jsarticle
+#+LATEX_CLASS_OPTIONS: [a4j]
+# #+LATEX_HEADER: \usepackage{plain-article}
+# #+LATEX_HEADER: \renewcommand\maketitle{}
+# #+LATEX_HEADER: \pagestyle{empty}
+# #+LaTeX: \thispagestyle{empty}
+
+[[file:https://badge.fury.io/rb/tapocon.svg]]
+
+* DESCRIPTION
+  tapocon is a CLI for TAPO P105 and variants.
+
+  You can get the latest version from:
+  + https://github.com/yoshinari-nomura/tapocon
+
+* INSTALL AND SETUP
+** Ruby CLI
+   tapocon CLI command can be installed from rubygems.org.
+   #+BEGIN_SRC shell-script
+     $ gem install tapocon
+   #+END_SRC
+
+   Or, if you want to install tapocon in a sandbox (recommended),
+   Bunlder would help you:
+   #+BEGIN_SRC shell-script
+     $ gem install bundler
+     $ mkdir -p /path/to/install/tapocon
+     $ cd /path/to/install/tapocon
+     $ bundle init
+     $ echo 'gem "tapocon"' >> Gemfile
+     $ bundle config set path vendor/bundle
+     $ bundle install
+     $ export PATH=/path/to/install/tapocon/exe:$PATH
+     $ tapocon -h
+   #+END_SRC
+
+* USAGE
+** Ruby CLI (tapocon)
+   #+begin_example
+     Usage: tapocon scan
+     Usage: tapocon -t TARGET -u USERNAME -p PASSWORD OPERATION
+       HOSTNAME: IP address of the Tapo device
+       USERNAME: email of TP-Link ID
+       PASSWORD: password of TP-Link ID
+       OPERATION: on, off, toggle, info
+   #+end_example
+
+* Development
+  TBD
+
+* Contributing
+  Bug reports and pull requests are welcome on GitHub at https://github.com/yoshinari-nomura/tapocon.
+
+* License
+  The gem is available as open source under the terms of the [[https://opensource.org/licenses/MIT][MIT License]]

data/Rakefile

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+require "bundler/gem_tasks"
+require "minitest/test_task"
+
+Minitest::TestTask.create
+
+require "rubocop/rake_task"
+
+RuboCop::RakeTask.new
+
+task default: %i[test rubocop]

data/exe/tapocon

@@ -0,0 +1,90 @@
+#!/usr/bin/env ruby
+
+# rbenv support:
+# If this file is a symlink, and bound to a specific ruby
+# version via rbenv (indicated by RBENV_VERSION),
+# I want to resolve the symlink and re-exec
+# the original executable respecting the .ruby-version
+# which should indicate the right version.
+#
+if File.symlink?(__FILE__) and ENV["RBENV_VERSION"]
+  ENV["RBENV_VERSION"] = nil
+  shims_path = File.expand_path("shims", ENV["RBENV_ROOT"])
+  ENV["PATH"] = shims_path + ":" + ENV["PATH"]
+  exec(File.readlink(__FILE__), *ARGV)
+end
+
+# If this file is located with Gemfile.lock,
+# require bundler/setup
+#
+gemfile = File.expand_path("../../Gemfile", __FILE__)
+
+if File.exist?(gemfile + ".lock")
+  ENV["BUNDLE_GEMFILE"] = gemfile
+  require "bundler/setup"
+end
+
+require 'tapocon'
+
+def usage
+  puts 'Usage: tapocon scan'
+  puts 'Usage: tapocon -t TARGET -u USERNAME -p PASSWORD OPERATION'
+  puts '  HOSTNAME: IP address of the Tapo device'
+  puts '  USERNAME: email of TP-Link ID'
+  puts '  PASSWORD: password of TP-Link ID'
+  puts '  OPERATION: on, off, toggle, info'
+end
+
+# Usage: tapocon -t TARGET -u USERNAME -p PASSWORD OPERATION
+#   HOSTNAME: 192.168.0.1
+#   USERNAME: from TP-Link ID (alice@example.com)
+#   PASSWORD: from TP-Link ID (password)
+#   OPERATION: on, off, toggle, info, scan
+#
+while ARGV[0] =~ /^-(.)/
+  opt, val = $1, ARGV[1]
+
+  case opt
+  when 't'; target   = val
+  when 'u'; username = val
+  when 'p'; password = val
+  else
+    puts "Unknown option: #{ARGV[0]}"
+    usage
+    exit 1
+  end
+  ARGV.shift(2)
+end
+
+if ARGV.size != 1
+  usage
+  exit 1
+end
+
+operation = ARGV.shift
+
+if operation =~ /^on|off|toggle|info$/
+  if target.nil? || username.nil? || password.nil?
+    puts 'Missing target, username or password'
+    usage
+    exit 1
+  else
+    tapo = Tapocon::Switch.new(target, username, password)
+    tapo.handshake
+    case operation
+    when 'on';     tapo.turn_on
+    when 'off';    tapo.turn_off
+    when 'toggle'; tapo.toggle
+    when 'info';   puts tapo.info.to_h
+    end
+  end
+
+elsif operation == 'scan'
+  tapo = Tapocon::Scanner.new
+  tapo.scan
+
+else
+  puts "Unknown operation: #{operation}"
+  usage
+  exit 1
+end

data/lib/tapocon/scanner.rb

@@ -0,0 +1,125 @@
+#!/usr/bin/env ruby
+
+# Find HS105 (legacy) and P105 (new)
+# https://github.com/python-kasa/python-kasa/blob/master/kasa/discover.py#L169
+
+require 'socket'
+require 'openssl'
+require 'securerandom'
+require 'json'
+require 'zlib'
+
+module Tapocon
+  class Scanner
+    def initialize
+      @socket = UDPSocket.new
+      @socket.setsockopt(Socket::SOL_SOCKET, Socket::SO_BROADCAST, true)
+    end
+
+    def scan
+      scan_new_devices(@socket)
+      scan_old_devices(@socket)
+    end
+
+    private
+
+    def scan_old_devices(socket)
+      addr, port = '255.255.255.255', 9999
+      cipher = Cipher.new
+      msg = cipher.xor_encrypt('{"system": {"get_sysinfo": null}}')
+
+      socket.send(msg, 0, addr, port)
+      socket.timeout = 3
+
+      res = nil
+      begin
+        res, sender = socket.recvfrom(1024)
+        res = cipher.xor_decrypt(res)
+        puts "Received response from #{sender}: #{res}"
+      rescue IO::WaitReadable, Errno::ETIMEDOUT
+        puts "No response received within timeout period."
+      ensure
+        # socket.close
+      end
+      return res
+    end
+
+    def scan_new_devices(socket)
+      addr, port = '255.255.255.255', 20002
+      msg = QueryGenerator.new.generate_query
+
+      socket.send(msg, 0, addr, port)
+      socket.timeout = 3
+
+      res = nil
+      begin
+        res, sender = socket.recvfrom(1024)
+        res = res[16..]
+        puts "Received response from #{sender}: #{res}"
+      rescue IO::WaitReadable, Errno::ETIMEDOUT
+        puts "No response received within timeout period."
+      ensure
+        # socket.close
+      end
+      return res
+    end
+
+    class Cipher
+      INITIAL_KEY = 171
+
+      def xor_encrypt(data, key = INITIAL_KEY)
+        data.bytes.map do |byte|
+          key = byte ^ key
+        end.pack("C*")
+      end
+
+      def xor_decrypt(data, key = INITIAL_KEY)
+        data.bytes.map do |byte|
+          result = byte ^ key
+          key = byte
+          result
+        end.pack("C*")
+      end
+    end
+
+    class QueryGenerator
+      def initialize
+        @keys = OpenSSL::PKey::RSA.new(2048)
+      end
+
+      def generate_query
+        secret = SecureRandom.random_bytes(4)
+
+        params = {params:{rsa_key: @keys.public_key.to_pem}}
+        json = JSON.generate(params).force_encoding("ASCII-8BIT")
+
+        version = 2
+        msgtype = 0
+        op_code = 1
+        msgsize = json.bytesize
+        flagchr = 17
+        padding = 0
+        serials = secret.unpack1("N")
+        crc_ini = 0x5a6b7c8d
+
+        header = [version, msgtype, op_code,
+                  msgsize, flagchr, padding,
+                  serials, crc_ini].pack("CCSSCCNN")
+        query = header + json
+
+        crc = Zlib.crc32(query).to_s(16).rjust(8, '0').scan(/../).map {
+          |x| x.to_i(16).chr
+        }.join
+
+        query[12, 4] = crc
+        query
+      end
+    end
+  end
+end
+
+# Example usage
+if __FILE__ == $PROGRAM_NAME
+  scanner = Tapocon::Scanner.new
+  scanner.scan
+end

data/lib/tapocon/switch.rb

@@ -0,0 +1,256 @@
+# frozen_string_literal: true
+
+require 'json'
+require 'logger'
+require 'net/http'
+require 'openssl'
+require 'securerandom'
+
+$LOGLEVEL = Logger::ERROR
+# $LOGLEVEL = Logger::DEBUG
+
+$DEBUG = ($LOGLEVEL == Logger::DEBUG)
+
+module Tapocon
+  def dump_hex(str)
+    str.each_byte.map{|f| "%02x" % f}.join(' ')
+  end
+
+  class Cipher
+    attr_reader :local_seed, :sequence
+
+    def initialize(username, password, logger = nil)
+      @username, @password = username, password
+      @local_seed = SecureRandom.random_bytes(16)
+      @aes_key, @aes_iv, @sequence, @signature = nil, nil, nil, nil
+      @logger = logger || Logger.new(nil)
+    end
+
+    def aes_setup(handshake_key)
+      remote_seed = handshake_key[0, 16] # 16B seed
+      server_hash = handshake_key[16..] # SHA256 (32B)
+
+      puts "remote_seed: #{dump_hex(remote_seed)}" if $DEBUG
+      puts "server_hash: #{dump_hex(server_hash)}" if $DEBUG
+
+      credentials = [
+        [@username, @password],
+        ['', ''],
+        ['kasa@tp-link.net', 'kasaSetup'],
+      ]
+
+      auth_hash = nil
+      credentials.each do |username, password|
+        @logger.debug("Try Auth: #{username}, #{password}")
+        ah = calc_auth_hash(username, password)
+        if sha256(@local_seed + remote_seed + ah) == server_hash
+          auth_hash = ah
+          @logger.debug("Authenticated with #{username}")
+          break
+        end
+      end
+      raise "Failed to authenticate" unless auth_hash
+
+      combined_seed = @local_seed + remote_seed + auth_hash
+      @aes_key = sha256("lsk".b + combined_seed)[0, 16]
+      ivseq = sha256("iv".b + combined_seed)
+      @aes_iv = ivseq[0, 12]
+      @sequence = ivseq[-4, 4].unpack1("N") # uint32 big endian
+      @signature = sha256("ldk".b + combined_seed)[0, 28]
+      @logger.debug("Initialized")
+
+      res = sha256(remote_seed + @local_seed + auth_hash)
+      return res
+    end
+
+    def encrypt(data)
+      raise "Cipher not initialized" unless @aes_key && @aes_iv && @signature
+
+      @sequence += 1
+      seq = [@sequence].pack("N")
+
+      pad_size = 16 - (data.bytesize % 16)
+      padded_data = data + (pad_size.chr * pad_size)
+
+      cipher = OpenSSL::Cipher.new('AES-128-CBC')
+      cipher.encrypt
+      cipher.key = @aes_key
+      cipher.iv = @aes_iv + seq
+
+      bin = cipher.update(padded_data) + cipher.final
+      sig = sha256(@signature + seq + bin)
+      sig + bin
+    end
+
+    def decrypt(data)
+      raise "Cipher not initialized" unless @aes_key && @aes_iv && @sequence
+
+      seq = [@sequence].pack("N")
+
+      cipher = OpenSSL::Cipher.new('AES-128-CBC')
+      cipher.decrypt
+      cipher.key = @aes_key
+      cipher.iv = @aes_iv + seq
+
+      decrypted_data = cipher.update(data[32..]) + cipher.final
+
+      if $DEBUG
+        # padding seems to be already removed
+        puts "decrypted_data size: #{decrypted_data.size}"
+        puts "pad size: #{decrypted_data[-1].ord}"
+      end
+      decrypted_data
+    end
+
+    private
+
+    def sha1(data)
+      OpenSSL::Digest::SHA1.digest(data)
+    end
+
+    def sha256(data)
+      OpenSSL::Digest::SHA256.digest(data)
+    end
+
+    def calc_auth_hash(username, password)
+      sha256(sha1(username) + sha1(password))
+    end
+  end # class Cipher
+
+  class Switch
+    def initialize(ip, username, password)
+      @logger = Logger.new(STDOUT, level: $LOGLEVEL)
+      @ip = ip
+      @cipher = Cipher.new(username, password, @logger)
+      @cookie = nil
+    end
+
+    def handshake
+      handshake1_key = rpc_raw(:handshake1, @cipher.local_seed)
+      handshake2_key = @cipher.aes_setup(handshake1_key)
+      res = rpc_raw(:handshake2, handshake2_key)
+    end
+
+    def turn_on(delay: 0)
+      turn_to(true, delay: delay)
+    end
+
+    def turn_off(delay: 0)
+      turn_to(false, delay: delay)
+    end
+
+    def toggle(delay: 0)
+      if on?
+        turn_off(delay: delay)
+      else
+        turn_on(delay: delay)
+      end
+    end
+
+    def turn_to(state, delay: 0)
+      if delay > 0
+        rpc(:add_countdown_rule,
+            delay: delay,
+            desired_states: state ? :on : :off)
+      else
+        rpc(:set_device_info,
+            device_on: state)
+      end
+    end
+
+    def on?
+      info()['device_on'] == true
+    end
+
+    def info
+      rpc(:get_device_info)
+    end
+
+    private
+
+    # XXX: WIP: connection pool for keep-alive?
+    def http_connect(uri)
+      return @connection if @connection
+      @connection = Net::HTTP.new(uri.host, uri.port, nil, nil)
+      @connection.use_ssl = (uri.scheme == 'https')
+      @connection.open_timeout = 1.5
+      @connection.read_timeout = 1.5
+      @connection.keep_alive_timeout = 5
+      @connection.start
+    end
+
+    def rpc_raw(name, data, **params)
+      uri = URI("http://#{@ip}/app/#{name}")
+      uri.query = URI.encode_www_form(params) unless params.empty?
+      connection = http_connect(uri)
+
+      req = Net::HTTP::Post.new(uri)
+      req.content_type = 'application/octet-stream'
+      req.body = data
+      req['Connection'] = 'Keep-Alive'
+      req['User-Agent'] = 'python-requests/2.25.1'
+      req['Accept-Encoding'] = 'gzip, deflate'
+      req['Accept'] = '*/*'
+
+      if @cookie
+        puts "Cookie: #{@cookie}" if $DEBUG
+        req['Cookie'] = @cookie
+      end
+
+      res = connection.request(req)
+
+      if $DEBUG
+        puts "URI: #{uri}"
+        puts "Request: #{req}"
+        puts "HTTP Method: #{req.method}"
+        puts "Headers:"
+        req.each_header { |key, value| puts "#{key}: #{value}" }
+        query_params = uri.query
+        puts "Query Parameters: '#{query_params}'"
+      end
+
+      if res['Set-Cookie']
+        @cookie = res['Set-Cookie'].sub(/;.*$/, '')
+      end
+
+      if $DEBUG
+        puts "RPC_RAW result:"
+        puts "code: #{res.code}, body-size: #{res.body.size}"
+        puts "body: #{dump_hex(res.body)}"
+        puts "body_raw: #{res.body}"
+      end
+      return res.body
+    end
+
+    def rpc(name, **params)
+      req = {method: name}
+      req.merge!(params: params) unless params.empty?
+
+      @logger.debug("Request: #{req.to_json}")
+      res = rpc_raw(:request, @cipher.encrypt(req.to_json),
+                    seq: @cipher.sequence)
+
+      data = JSON.parse(@cipher.decrypt(res))
+      @logger.debug("Response: #{data}")
+
+      if data['error_code'] != 0
+        @logger.error("Error: #{data}")
+        @aes_key = nil
+        raise "Error code: #{data['error_code']}"
+      end
+      data['result']
+    end
+  end # class P100
+end # module Tapo
+
+# Example usage
+if __FILE__ == $PROGRAM_NAME
+  tapo = Tapocon::Switch.new("192.168.11.31", "alice@example.com", "password")
+  tapo.handshake
+  puts tapo.info
+
+  while true
+    tapo.toggle
+    sleep(5)
+  end
+end

data/lib/tapocon/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Tapocon
+  VERSION = "0.1.0"
+end

data/lib/tapocon.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+# TP-Link TAPO P105 client in Ruby
+# Yoshinari Nomura 2024-12-09 nom@quickhack.net
+#
+# Original Python version:
+#   GitHub almottier/TapoP100
+#   https://github.com/almottier/TapoP100
+
+module Tapocon
+  class Error < StandardError; end
+
+  dir = File.dirname(__FILE__) + '/tapocon'
+  autoload :Scanner,      "#{dir}/scanner.rb"
+  autoload :Switch,       "#{dir}/switch.rb"
+  autoload :Version,      "#{dir}/version.rb"
+  autoload :MQTT,         "#{dir}/mqtt.rb"
+end

data/sig/tapocon.rbs

@@ -0,0 +1,4 @@
+module Tapocon
+  VERSION: String
+  # See the writing guide of rbs: https://github.com/ruby/rbs#guides
+end

metadata

@@ -0,0 +1,69 @@
+--- !ruby/object:Gem::Specification
+name: tapocon
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Yoshinari Nomura
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2024-12-12 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: mqtt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.6.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.6.0
+description: CLI for TAPO P105 and variants.
+email:
+- nom@quickhack.net
+executables:
+- tapocon
+extensions: []
+extra_rdoc_files: []
+files:
+- ".rubocop.yml"
+- LICENSE.txt
+- README.org
+- Rakefile
+- exe/tapocon
+- lib/tapocon.rb
+- lib/tapocon/scanner.rb
+- lib/tapocon/switch.rb
+- lib/tapocon/version.rb
+- sig/tapocon.rbs
+homepage: https://github.com/yoshinari-nomura/tapocon
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/yoshinari-nomura/tapocon
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.5.22
+signing_key: 
+specification_version: 4
+summary: CLI for TAPO P105 and variants
+test_files: []