homebridge-midea-platform 1.1.1-beta.1 → 1.1.2-beta.1

package/dist/core/MideaSecurity.d.ts

@@ -1,64 +1,64 @@
-/// <reference types="node" />
-import { TCPMessageType } from './MideaConstants';
-export type KeyToken = Buffer | undefined;
-export declare abstract class CloudSecurity {
-    protected readonly LOGIN_KEY: string;
-    readonly IOT_KEY?: string;
-    readonly HMAC_KEY?: string;
-    constructor(login_key: string, iot_key?: bigint, hmac_key?: bigint);
-    sign(data: string, random: string): string;
-    encrpytPassword(loginId: string, password: string): string;
-    static getUDPID(device_id_buf: Uint8Array): string;
-}
-export declare abstract class ProxiedSecurity extends CloudSecurity {
-    abstract readonly APP_KEY: string;
-    abstract encrpytIAMPassword(loginId: string, password: string): string;
-    getAppKeyAndIv(): {
-        appKey: Buffer;
-        iv: Buffer;
-    };
-    encryptAESAppKey(data: Buffer): Buffer;
-    decryptAESAppKey(data: Buffer): Buffer;
-}
-export declare class MSmartHomeCloudSecurity extends ProxiedSecurity {
-    static readonly _LOGIN_KEY = "ac21b9f9cbfe4ca5a88562ef25e2b768";
-    readonly APP_KEY = "ac21b9f9cbfe4ca5a88562ef25e2b768";
-    constructor();
-    encrpytIAMPassword(loginId: string, password: string): string;
-}
-export declare class MeijuCloudSecurity extends ProxiedSecurity {
-    static readonly _LOGIN_KEY = "ad0ee21d48a64bf49f4fb583ab76e799";
-    readonly APP_KEY = "ac21b9f9cbfe4ca5a88562ef25e2b768";
-    constructor();
-    encrpytIAMPassword(_loginId: string, password: string): string;
-}
-export declare class SimpleSecurity extends CloudSecurity {
-    constructor(login_key: string);
-    encrpytIAMPassword(): string;
-    sign(url: string, query: string): string;
-}
-export declare class NetHomePlusSecurity extends SimpleSecurity {
-    static readonly _LOGIN_KEY = "3742e9e5842d4ad59c2db887e12449f9";
-    constructor();
-}
-export declare class ArtisonClimaSecurity extends SimpleSecurity {
-    static readonly _LOGIN_KEY = "434a209a5ce141c3b726de067835d7f0";
-    constructor();
-}
-export declare class LocalSecurity {
-    private readonly aes_key;
-    private readonly salt;
-    private readonly iv;
-    private request_count;
-    private response_count;
-    private tcp_key?;
-    private aes_cbc_encrpyt;
-    private aes_cbc_decrypt;
-    aes_encrypt(data: Buffer): Buffer;
-    aes_decrypt(data: Buffer): Buffer;
-    encode32_data(raw: Buffer): Buffer;
-    tcp_key_from_resp(response: Buffer, key: Buffer): Buffer;
-    encode_8370(data: Buffer, message_type: TCPMessageType): Buffer;
-    decode_8370(data: Buffer): any;
-}
+/// <reference types="node" />
+import { TCPMessageType } from './MideaConstants';
+export type KeyToken = Buffer | undefined;
+export declare abstract class CloudSecurity {
+    protected readonly LOGIN_KEY: string;
+    readonly IOT_KEY?: string;
+    readonly HMAC_KEY?: string;
+    constructor(login_key: string, iot_key?: bigint, hmac_key?: bigint);
+    sign(data: string, random: string): string;
+    encrpytPassword(loginId: string, password: string): string;
+    static getUDPID(device_id_buf: Uint8Array): string;
+}
+export declare abstract class ProxiedSecurity extends CloudSecurity {
+    abstract readonly APP_KEY: string;
+    abstract encrpytIAMPassword(loginId: string, password: string): string;
+    getAppKeyAndIv(): {
+        appKey: Buffer;
+        iv: Buffer;
+    };
+    encryptAESAppKey(data: Buffer): Buffer;
+    decryptAESAppKey(data: Buffer): Buffer;
+}
+export declare class MSmartHomeCloudSecurity extends ProxiedSecurity {
+    static readonly _LOGIN_KEY = "ac21b9f9cbfe4ca5a88562ef25e2b768";
+    readonly APP_KEY = "ac21b9f9cbfe4ca5a88562ef25e2b768";
+    constructor();
+    encrpytIAMPassword(loginId: string, password: string): string;
+}
+export declare class MeijuCloudSecurity extends ProxiedSecurity {
+    static readonly _LOGIN_KEY = "ad0ee21d48a64bf49f4fb583ab76e799";
+    readonly APP_KEY = "ac21b9f9cbfe4ca5a88562ef25e2b768";
+    constructor();
+    encrpytIAMPassword(_loginId: string, password: string): string;
+}
+export declare class SimpleSecurity extends CloudSecurity {
+    constructor(login_key: string);
+    encrpytIAMPassword(): string;
+    sign(url: string, query: string): string;
+}
+export declare class NetHomePlusSecurity extends SimpleSecurity {
+    static readonly _LOGIN_KEY = "3742e9e5842d4ad59c2db887e12449f9";
+    constructor();
+}
+export declare class ArtisonClimaSecurity extends SimpleSecurity {
+    static readonly _LOGIN_KEY = "434a209a5ce141c3b726de067835d7f0";
+    constructor();
+}
+export declare class LocalSecurity {
+    private readonly aes_key;
+    private readonly salt;
+    private readonly iv;
+    private request_count;
+    private response_count;
+    private tcp_key?;
+    private aes_cbc_encrpyt;
+    private aes_cbc_decrypt;
+    aes_encrypt(data: Buffer): Buffer;
+    aes_decrypt(data: Buffer): Buffer;
+    encode32_data(raw: Buffer): Buffer;
+    tcp_key_from_resp(response: Buffer, key: Buffer): Buffer;
+    encode_8370(data: Buffer, message_type: TCPMessageType): Buffer;
+    decode_8370(data: Buffer): any;
+}
 //# sourceMappingURL=MideaSecurity.d.ts.map

package/dist/core/MideaSecurity.js

@@ -1,243 +1,243 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.LocalSecurity = exports.ArtisonClimaSecurity = exports.NetHomePlusSecurity = exports.SimpleSecurity = exports.MeijuCloudSecurity = exports.MSmartHomeCloudSecurity = exports.ProxiedSecurity = exports.CloudSecurity = void 0;
-const crypto_1 = require("crypto");
-const MideaConstants_1 = require("./MideaConstants");
-const MideaUtils_1 = require("./MideaUtils");
-const querystring_1 = require("querystring");
-function unescape_plus(str) {
-    return (0, querystring_1.unescape)(str.replace(/\+/g, ' '));
-}
-class CloudSecurity {
-    constructor(login_key, iot_key, hmac_key) {
-        this.LOGIN_KEY = login_key;
-        if (hmac_key) {
-            this.HMAC_KEY = Buffer.from(hmac_key.toString(16), 'hex').toString();
-        }
-        if (iot_key) {
-            this.IOT_KEY = Buffer.from(iot_key.toString(16), 'hex').toString();
-        }
-    }
-    // Generate a HMAC signature for the provided data and random data.
-    sign(data, random) {
-        const message = `${this.IOT_KEY}${data}${random}`;
-        return (0, crypto_1.createHmac)('sha256', this.HMAC_KEY).update(message).digest('hex');
-    }
-    // Encrypt the password for cloud API password.
-    encrpytPassword(loginId, password) {
-        const m1 = (0, crypto_1.createHash)('sha256').update(password);
-        const login_hash = `${loginId}${m1.digest('hex')}${this.LOGIN_KEY}`;
-        const m2 = (0, crypto_1.createHash)('sha256').update(login_hash);
-        return m2.digest('hex');
-    }
-    static getUDPID(device_id_buf) {
-        const data = (0, crypto_1.createHash)('sha256').update(device_id_buf).digest();
-        const output = Buffer.alloc(16);
-        for (let i = 0; i < 16; i++) {
-            output[i] = data[i] ^ data[i + 16];
-        }
-        return output.toString('hex');
-    }
-}
-exports.CloudSecurity = CloudSecurity;
-class ProxiedSecurity extends CloudSecurity {
-    getAppKeyAndIv() {
-        const hash = (0, crypto_1.createHash)('sha256').update(Buffer.from(this.APP_KEY, 'utf8')).digest('hex');
-        return {
-            appKey: Buffer.from(hash.substring(0, 16)),
-            iv: Buffer.from(hash.substring(16, 32)),
-        };
-    }
-    encryptAESAppKey(data) {
-        const { appKey, iv } = this.getAppKeyAndIv();
-        const cipher = (0, crypto_1.createCipheriv)('aes-128-cbc', appKey, iv);
-        return Buffer.concat([cipher.update(data), cipher.final()]);
-    }
-    decryptAESAppKey(data) {
-        const { appKey, iv } = this.getAppKeyAndIv();
-        const decipher = (0, crypto_1.createDecipheriv)('aes-128-cbc', appKey, iv);
-        return Buffer.concat([decipher.update(data), decipher.final()]);
-    }
-}
-exports.ProxiedSecurity = ProxiedSecurity;
-class MSmartHomeCloudSecurity extends ProxiedSecurity {
-    constructor() {
-        super(MSmartHomeCloudSecurity._LOGIN_KEY, BigInt('7882822598523843940'), BigInt('117390035944627627450677220413733956185864939010425'));
-        this.APP_KEY = 'ac21b9f9cbfe4ca5a88562ef25e2b768';
-    }
-    encrpytIAMPassword(loginId, password) {
-        const m1 = (0, crypto_1.createHash)('md5').update(password);
-        const m2 = (0, crypto_1.createHash)('md5').update(m1.digest('hex'));
-        const login_hash = `${loginId}${m2.digest('hex')}${this.LOGIN_KEY}`;
-        const sha = (0, crypto_1.createHash)('sha256').update(login_hash);
-        return sha.digest('hex');
-    }
-}
-exports.MSmartHomeCloudSecurity = MSmartHomeCloudSecurity;
-MSmartHomeCloudSecurity._LOGIN_KEY = 'ac21b9f9cbfe4ca5a88562ef25e2b768';
-class MeijuCloudSecurity extends ProxiedSecurity {
-    constructor() {
-        super(MeijuCloudSecurity._LOGIN_KEY, BigInt('9795516279659324117647275084689641883661667'), BigInt('117390035944627627450677220413733956185864939010425'));
-        this.APP_KEY = 'ac21b9f9cbfe4ca5a88562ef25e2b768';
-    }
-    encrpytIAMPassword(_loginId, password) {
-        const m1 = (0, crypto_1.createHash)('md5').update(password);
-        const m2 = (0, crypto_1.createHash)('md5').update(m1.digest('hex'));
-        return m2.digest('hex');
-    }
-}
-exports.MeijuCloudSecurity = MeijuCloudSecurity;
-MeijuCloudSecurity._LOGIN_KEY = 'ad0ee21d48a64bf49f4fb583ab76e799';
-class SimpleSecurity extends CloudSecurity {
-    constructor(login_key) {
-        super(login_key);
-    }
-    encrpytIAMPassword() {
-        return '';
-    }
-    sign(url, query) {
-        const parsedUrl = new URL(url);
-        const path = parsedUrl.pathname;
-        return (0, crypto_1.createHash)('sha256')
-            .update(Buffer.from(`${path}${unescape_plus(query)}${this.LOGIN_KEY}`, 'ascii'))
-            .digest('hex');
-    }
-}
-exports.SimpleSecurity = SimpleSecurity;
-class NetHomePlusSecurity extends SimpleSecurity {
-    constructor() {
-        super(NetHomePlusSecurity._LOGIN_KEY);
-    }
-}
-exports.NetHomePlusSecurity = NetHomePlusSecurity;
-NetHomePlusSecurity._LOGIN_KEY = '3742e9e5842d4ad59c2db887e12449f9';
-class ArtisonClimaSecurity extends SimpleSecurity {
-    constructor() {
-        super(ArtisonClimaSecurity._LOGIN_KEY);
-    }
-}
-exports.ArtisonClimaSecurity = ArtisonClimaSecurity;
-ArtisonClimaSecurity._LOGIN_KEY = '434a209a5ce141c3b726de067835d7f0';
-class LocalSecurity {
-    constructor() {
-        this.aes_key = Buffer.from(BigInt('141661095494369103254425781617665632877').toString(16), 'hex');
-        this.salt = Buffer.from(BigInt('233912452794221312800602098970898185176935770387238278451789080441632479840061417076563').toString(16), 'hex');
-        this.iv = Buffer.alloc(16);
-        this.request_count = 0;
-        this.response_count = 0;
-    }
-    aes_cbc_encrpyt(raw, key) {
-        const cipher = (0, crypto_1.createCipheriv)('aes-256-cbc', key, this.iv);
-        cipher.setAutoPadding(false);
-        return Buffer.concat([cipher.update(raw), cipher.final()]);
-    }
-    aes_cbc_decrypt(raw, key) {
-        const decipher = (0, crypto_1.createDecipheriv)('aes-256-cbc', key, this.iv);
-        decipher.setAutoPadding(false);
-        return Buffer.concat([decipher.update(raw), decipher.final()]);
-    }
-    aes_encrypt(data) {
-        const cipher = (0, crypto_1.createCipheriv)('aes-128-ecb', this.aes_key, null);
-        return Buffer.concat([cipher.update(data), cipher.final()]);
-    }
-    aes_decrypt(data) {
-        const decipher = (0, crypto_1.createDecipheriv)('aes-128-ecb', this.aes_key, null);
-        return Buffer.concat([decipher.update(data), decipher.final()]);
-    }
-    encode32_data(raw) {
-        return (0, crypto_1.createHash)('md5')
-            .update(Buffer.concat([raw, this.salt]))
-            .digest();
-    }
-    tcp_key_from_resp(response, key) {
-        if (response.toString() === 'ERROR') {
-            throw Error('Authentication response is ERROR, cannot get TCP key.');
-        }
-        if (response.length !== 64) {
-            throw Error('Authentication response has unexpected data length, cannot get TCP key..');
-        }
-        const payload = response.subarray(0, 32);
-        const sign = response.subarray(32, response.length);
-        const plain = this.aes_cbc_decrypt(payload, key);
-        if ((0, crypto_1.createHash)('sha256').update(plain).digest().compare(sign) !== 0) {
-            throw Error('Authentication sign does not match, cannot get TCP key.');
-        }
-        this.tcp_key = (0, MideaUtils_1.strxor)(plain, key);
-        this.request_count = 0;
-        this.response_count = 0;
-        return this.tcp_key;
-    }
-    encode_8370(data, message_type) {
-        let header = Buffer.from([0x83, 0x70]);
-        let size = data.length;
-        let padding = 0;
-        if (message_type === MideaConstants_1.TCPMessageType.ENCRYPTED_REQUEST || message_type === MideaConstants_1.TCPMessageType.ENCRYPTED_RESPONSE) {
-            if ((size + 2) % 16 !== 0) {
-                padding = 16 - ((size + 2) & 0xf);
-                size += padding + 32;
-                data = Buffer.concat([data, (0, crypto_1.randomBytes)(padding)]);
-            }
-        }
-        header = Buffer.concat([header, (0, MideaUtils_1.numberToUint8Array)(size, 2, MideaConstants_1.Endianness.Big)]);
-        header = Buffer.concat([header, Buffer.from([0x20, (padding << 4) | message_type])]);
-        data = Buffer.concat([(0, MideaUtils_1.numberToUint8Array)(this.request_count, 2, MideaConstants_1.Endianness.Big), data]);
-        this.request_count += 1;
-        if (this.request_count >= 0xffff) {
-            this.request_count = 0;
-        }
-        if (message_type === MideaConstants_1.TCPMessageType.ENCRYPTED_REQUEST || message_type === MideaConstants_1.TCPMessageType.ENCRYPTED_RESPONSE) {
-            const sign = (0, crypto_1.createHash)('sha256')
-                .update(Buffer.concat([header, data]))
-                .digest();
-            data = Buffer.concat([this.aes_cbc_encrpyt(data, this.tcp_key), sign]);
-        }
-        return Buffer.concat([header, data]);
-    }
-    decode_8370(data) {
-        if (data.length < 6) {
-            return [[], data];
-        }
-        const header = data.subarray(0, 6);
-        if (header[0] !== 0x83 || header[1] !== 0x70) {
-            throw new Error('Not an 8370 message.');
-        }
-        const size = header.subarray(2, 4).readUInt16BE() + 8;
-        let leftover = Buffer.alloc(0);
-        if (data.length < size) {
-            return [[], data];
-        }
-        else if (data.length > size) {
-            leftover = data.subarray(size, data.length);
-            data = data.subarray(0, size);
-        }
-        if (header[4] !== 0x20) {
-            throw new Error('Missing byte 4');
-        }
-        const padding = header[5] >> 4;
-        const message_type_received = header[5] & 0xf;
-        data = data.subarray(6, data.length);
-        if ([MideaConstants_1.TCPMessageType.ENCRYPTED_RESPONSE, MideaConstants_1.TCPMessageType.ENCRYPTED_REQUEST].includes(message_type_received)) {
-            const sign = data.subarray(data.length - 32, data.length);
-            data = data.subarray(0, data.length - 32);
-            data = this.aes_cbc_decrypt(data, this.tcp_key);
-            if ((0, crypto_1.createHash)('sha256')
-                .update(Buffer.concat([header, data]))
-                .digest()
-                .compare(sign) !== 0) {
-                throw new Error('Sign does not match');
-            }
-            if (padding) {
-                data = data.subarray(0, data.length - padding);
-            }
-        }
-        this.response_count = data.subarray(0, 2).readUInt16BE();
-        data = data.subarray(2, data.length);
-        if (leftover.length > 0) {
-            const [packets, incomplete] = this.decode_8370(leftover);
-            return [[data, ...packets], incomplete];
-        }
-        return [[data], leftover];
-    }
-}
-exports.LocalSecurity = LocalSecurity;
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LocalSecurity = exports.ArtisonClimaSecurity = exports.NetHomePlusSecurity = exports.SimpleSecurity = exports.MeijuCloudSecurity = exports.MSmartHomeCloudSecurity = exports.ProxiedSecurity = exports.CloudSecurity = void 0;
+const crypto_1 = require("crypto");
+const MideaConstants_1 = require("./MideaConstants");
+const MideaUtils_1 = require("./MideaUtils");
+const querystring_1 = require("querystring");
+function unescape_plus(str) {
+    return (0, querystring_1.unescape)(str.replace(/\+/g, ' '));
+}
+class CloudSecurity {
+    constructor(login_key, iot_key, hmac_key) {
+        this.LOGIN_KEY = login_key;
+        if (hmac_key) {
+            this.HMAC_KEY = Buffer.from(hmac_key.toString(16), 'hex').toString();
+        }
+        if (iot_key) {
+            this.IOT_KEY = Buffer.from(iot_key.toString(16), 'hex').toString();
+        }
+    }
+    // Generate a HMAC signature for the provided data and random data.
+    sign(data, random) {
+        const message = `${this.IOT_KEY}${data}${random}`;
+        return (0, crypto_1.createHmac)('sha256', this.HMAC_KEY).update(message).digest('hex');
+    }
+    // Encrypt the password for cloud API password.
+    encrpytPassword(loginId, password) {
+        const m1 = (0, crypto_1.createHash)('sha256').update(password);
+        const login_hash = `${loginId}${m1.digest('hex')}${this.LOGIN_KEY}`;
+        const m2 = (0, crypto_1.createHash)('sha256').update(login_hash);
+        return m2.digest('hex');
+    }
+    static getUDPID(device_id_buf) {
+        const data = (0, crypto_1.createHash)('sha256').update(device_id_buf).digest();
+        const output = Buffer.alloc(16);
+        for (let i = 0; i < 16; i++) {
+            output[i] = data[i] ^ data[i + 16];
+        }
+        return output.toString('hex');
+    }
+}
+exports.CloudSecurity = CloudSecurity;
+class ProxiedSecurity extends CloudSecurity {
+    getAppKeyAndIv() {
+        const hash = (0, crypto_1.createHash)('sha256').update(Buffer.from(this.APP_KEY, 'utf8')).digest('hex');
+        return {
+            appKey: Buffer.from(hash.substring(0, 16)),
+            iv: Buffer.from(hash.substring(16, 32)),
+        };
+    }
+    encryptAESAppKey(data) {
+        const { appKey, iv } = this.getAppKeyAndIv();
+        const cipher = (0, crypto_1.createCipheriv)('aes-128-cbc', appKey, iv);
+        return Buffer.concat([cipher.update(data), cipher.final()]);
+    }
+    decryptAESAppKey(data) {
+        const { appKey, iv } = this.getAppKeyAndIv();
+        const decipher = (0, crypto_1.createDecipheriv)('aes-128-cbc', appKey, iv);
+        return Buffer.concat([decipher.update(data), decipher.final()]);
+    }
+}
+exports.ProxiedSecurity = ProxiedSecurity;
+class MSmartHomeCloudSecurity extends ProxiedSecurity {
+    constructor() {
+        super(MSmartHomeCloudSecurity._LOGIN_KEY, BigInt('7882822598523843940'), BigInt('117390035944627627450677220413733956185864939010425'));
+        this.APP_KEY = 'ac21b9f9cbfe4ca5a88562ef25e2b768';
+    }
+    encrpytIAMPassword(loginId, password) {
+        const m1 = (0, crypto_1.createHash)('md5').update(password);
+        const m2 = (0, crypto_1.createHash)('md5').update(m1.digest('hex'));
+        const login_hash = `${loginId}${m2.digest('hex')}${this.LOGIN_KEY}`;
+        const sha = (0, crypto_1.createHash)('sha256').update(login_hash);
+        return sha.digest('hex');
+    }
+}
+exports.MSmartHomeCloudSecurity = MSmartHomeCloudSecurity;
+MSmartHomeCloudSecurity._LOGIN_KEY = 'ac21b9f9cbfe4ca5a88562ef25e2b768';
+class MeijuCloudSecurity extends ProxiedSecurity {
+    constructor() {
+        super(MeijuCloudSecurity._LOGIN_KEY, BigInt('9795516279659324117647275084689641883661667'), BigInt('117390035944627627450677220413733956185864939010425'));
+        this.APP_KEY = 'ac21b9f9cbfe4ca5a88562ef25e2b768';
+    }
+    encrpytIAMPassword(_loginId, password) {
+        const m1 = (0, crypto_1.createHash)('md5').update(password);
+        const m2 = (0, crypto_1.createHash)('md5').update(m1.digest('hex'));
+        return m2.digest('hex');
+    }
+}
+exports.MeijuCloudSecurity = MeijuCloudSecurity;
+MeijuCloudSecurity._LOGIN_KEY = 'ad0ee21d48a64bf49f4fb583ab76e799';
+class SimpleSecurity extends CloudSecurity {
+    constructor(login_key) {
+        super(login_key);
+    }
+    encrpytIAMPassword() {
+        return '';
+    }
+    sign(url, query) {
+        const parsedUrl = new URL(url);
+        const path = parsedUrl.pathname;
+        return (0, crypto_1.createHash)('sha256')
+            .update(Buffer.from(`${path}${unescape_plus(query)}${this.LOGIN_KEY}`, 'ascii'))
+            .digest('hex');
+    }
+}
+exports.SimpleSecurity = SimpleSecurity;
+class NetHomePlusSecurity extends SimpleSecurity {
+    constructor() {
+        super(NetHomePlusSecurity._LOGIN_KEY);
+    }
+}
+exports.NetHomePlusSecurity = NetHomePlusSecurity;
+NetHomePlusSecurity._LOGIN_KEY = '3742e9e5842d4ad59c2db887e12449f9';
+class ArtisonClimaSecurity extends SimpleSecurity {
+    constructor() {
+        super(ArtisonClimaSecurity._LOGIN_KEY);
+    }
+}
+exports.ArtisonClimaSecurity = ArtisonClimaSecurity;
+ArtisonClimaSecurity._LOGIN_KEY = '434a209a5ce141c3b726de067835d7f0';
+class LocalSecurity {
+    constructor() {
+        this.aes_key = Buffer.from(BigInt('141661095494369103254425781617665632877').toString(16), 'hex');
+        this.salt = Buffer.from(BigInt('233912452794221312800602098970898185176935770387238278451789080441632479840061417076563').toString(16), 'hex');
+        this.iv = Buffer.alloc(16);
+        this.request_count = 0;
+        this.response_count = 0;
+    }
+    aes_cbc_encrpyt(raw, key) {
+        const cipher = (0, crypto_1.createCipheriv)('aes-256-cbc', key, this.iv);
+        cipher.setAutoPadding(false);
+        return Buffer.concat([cipher.update(raw), cipher.final()]);
+    }
+    aes_cbc_decrypt(raw, key) {
+        const decipher = (0, crypto_1.createDecipheriv)('aes-256-cbc', key, this.iv);
+        decipher.setAutoPadding(false);
+        return Buffer.concat([decipher.update(raw), decipher.final()]);
+    }
+    aes_encrypt(data) {
+        const cipher = (0, crypto_1.createCipheriv)('aes-128-ecb', this.aes_key, null);
+        return Buffer.concat([cipher.update(data), cipher.final()]);
+    }
+    aes_decrypt(data) {
+        const decipher = (0, crypto_1.createDecipheriv)('aes-128-ecb', this.aes_key, null);
+        return Buffer.concat([decipher.update(data), decipher.final()]);
+    }
+    encode32_data(raw) {
+        return (0, crypto_1.createHash)('md5')
+            .update(Buffer.concat([raw, this.salt]))
+            .digest();
+    }
+    tcp_key_from_resp(response, key) {
+        if (response.toString() === 'ERROR') {
+            throw Error('Authentication response is ERROR, cannot get TCP key.');
+        }
+        if (response.length !== 64) {
+            throw Error('Authentication response has unexpected data length, cannot get TCP key..');
+        }
+        const payload = response.subarray(0, 32);
+        const sign = response.subarray(32, response.length);
+        const plain = this.aes_cbc_decrypt(payload, key);
+        if ((0, crypto_1.createHash)('sha256').update(plain).digest().compare(sign) !== 0) {
+            throw Error('Authentication sign does not match, cannot get TCP key.');
+        }
+        this.tcp_key = (0, MideaUtils_1.strxor)(plain, key);
+        this.request_count = 0;
+        this.response_count = 0;
+        return this.tcp_key;
+    }
+    encode_8370(data, message_type) {
+        let header = Buffer.from([0x83, 0x70]);
+        let size = data.length;
+        let padding = 0;
+        if (message_type === MideaConstants_1.TCPMessageType.ENCRYPTED_REQUEST || message_type === MideaConstants_1.TCPMessageType.ENCRYPTED_RESPONSE) {
+            if ((size + 2) % 16 !== 0) {
+                padding = 16 - ((size + 2) & 0xf);
+                size += padding + 32;
+                data = Buffer.concat([data, (0, crypto_1.randomBytes)(padding)]);
+            }
+        }
+        header = Buffer.concat([header, (0, MideaUtils_1.numberToUint8Array)(size, 2, MideaConstants_1.Endianness.Big)]);
+        header = Buffer.concat([header, Buffer.from([0x20, (padding << 4) | message_type])]);
+        data = Buffer.concat([(0, MideaUtils_1.numberToUint8Array)(this.request_count, 2, MideaConstants_1.Endianness.Big), data]);
+        this.request_count += 1;
+        if (this.request_count >= 0xffff) {
+            this.request_count = 0;
+        }
+        if (message_type === MideaConstants_1.TCPMessageType.ENCRYPTED_REQUEST || message_type === MideaConstants_1.TCPMessageType.ENCRYPTED_RESPONSE) {
+            const sign = (0, crypto_1.createHash)('sha256')
+                .update(Buffer.concat([header, data]))
+                .digest();
+            data = Buffer.concat([this.aes_cbc_encrpyt(data, this.tcp_key), sign]);
+        }
+        return Buffer.concat([header, data]);
+    }
+    decode_8370(data) {
+        if (data.length < 6) {
+            return [[], data];
+        }
+        const header = data.subarray(0, 6);
+        if (header[0] !== 0x83 || header[1] !== 0x70) {
+            throw new Error('Not an 8370 message.');
+        }
+        const size = header.subarray(2, 4).readUInt16BE() + 8;
+        let leftover = Buffer.alloc(0);
+        if (data.length < size) {
+            return [[], data];
+        }
+        else if (data.length > size) {
+            leftover = data.subarray(size, data.length);
+            data = data.subarray(0, size);
+        }
+        if (header[4] !== 0x20) {
+            throw new Error('Missing byte 4');
+        }
+        const padding = header[5] >> 4;
+        const message_type_received = header[5] & 0xf;
+        data = data.subarray(6, data.length);
+        if ([MideaConstants_1.TCPMessageType.ENCRYPTED_RESPONSE, MideaConstants_1.TCPMessageType.ENCRYPTED_REQUEST].includes(message_type_received)) {
+            const sign = data.subarray(data.length - 32, data.length);
+            data = data.subarray(0, data.length - 32);
+            data = this.aes_cbc_decrypt(data, this.tcp_key);
+            if ((0, crypto_1.createHash)('sha256')
+                .update(Buffer.concat([header, data]))
+                .digest()
+                .compare(sign) !== 0) {
+                throw new Error('Sign does not match');
+            }
+            if (padding) {
+                data = data.subarray(0, data.length - padding);
+            }
+        }
+        this.response_count = data.subarray(0, 2).readUInt16BE();
+        data = data.subarray(2, data.length);
+        if (leftover.length > 0) {
+            const [packets, incomplete] = this.decode_8370(leftover);
+            return [[data, ...packets], incomplete];
+        }
+        return [[data], leftover];
+    }
+}
+exports.LocalSecurity = LocalSecurity;
 //# sourceMappingURL=MideaSecurity.js.map