tplinkrouterc6u 5.10.3__py3-none-any.whl → 5.12.0__py3-none-any.whl

test/test_client_re330.py

@@ -0,0 +1,296 @@
+from unittest import main, TestCase
+from ipaddress import IPv4Address
+from macaddress import EUI48
+from tplinkrouterc6u.common.dataclass import Firmware, Status, Device
+from tplinkrouterc6u.common.dataclass import IPv4Status, IPv4Reservation, IPv4DHCPLease
+from tplinkrouterc6u import Connection, ClientException
+from tplinkrouterc6u.client.re330 import TplinkRE330Router
+
+
+IPV4_STATUS_RESPONSE = ('00000\r\nid 1|1,0,0\r\noldAuthKey \r\nsetWzd 1\r\nmode 3\r\nlogLevel 3\r\nfastpath 1\r\n'
+                        'mac 0 00-00-00-00-00-01\r\nmac 1 00-00-00-00-00-02\r\nauthKey keykeykey\r\nid 4|1,0,0\r\n'
+                        'ip 2.2.2.2\r\nmask 255.255.255.0\r\ngateway 3.3.3.3\r\ndns 0 1.1.1.1\r\n'
+                        'dns 1 8.8.8.8\r\nmode 0\r\nid 8|1,0,0\r\nmode 2\r\npoolStart 192.168.1.100\r\n'
+                        'poolEnd 192.168.1.199\r\n'
+                        'leaseTime 120\r\ndns 0 0.0.0.0\r\ndns 1 0.0.0.0\r\ngateway 0.0.0.0\r\nhostName \r\n'
+                        'id 22|1,0,0\r\nenable 1\r\nwirelessWanNoUsed 0\r\nlinkMode 0\r\nlinkType 0\r\nid 23|1,0,0\r\n'
+                        'ip 4.4.4.4\r\nmask 255.255.252.0\r\ngateway 5.5.5.5\r\ndns 0 1.1.1.1\r\ndns 1 8.8.8.8\r\n'
+                        'status 1\r\ncode 0\r\nupTime 0\r\ninPkts 0\r\ninOctets 0\r\noutPkts 0\r\noutOctets 0\r\n'
+                        'inRates 0\r\noutRates 0\r\ndualMode 0\r\ndualIp 0.0.0.0\r\ndualMask 0.0.0.0\r\n'
+                        'dualGateway 0.0.0.0\r\ndualDns 0 0.0.0.0\r\ndualDns 1 0.0.0.0\r\ndualCode 0\r\ndualStatus 0')
+
+STATUS_RESPONSE_TEXT = ('00000\r\nid 1|1,0,0\r\noldAuthKey \r\nsetWzd 1\r\nmode 3\r\nlogLevel 3\r\nfastpath 1\r\n'
+                        'mac 0 00-00-00-00-00-01\r\nmac 1 00-00-00-00-00-02\r\nauthKey keykeykey\r\nid 4|1,0,0\r\n'
+                        'ip 2.2.2.2\r\nmask 255.255.255.0\r\ngateway 3.3.3.3\r\ndns 0 1.1.1.1\r\ndns 1 8.8.8.8\r\n'
+                        'mode 0\r\nid 23|1,0,0\r\nip 4.4.4.4\r\nmask 255.255.255.0\r\ngateway 5.5.5.5\r\n'
+                        'dns 0 1.1.1.1\r\ndns 1 8.8.8.8\r\nstatus 1\r\ncode 0\r\nupTime 0\r\ninPkts 0\r\ninOctets 0\r\n'
+                        'outPkts 0\r\noutOctets 0\r\ninRates 0\r\noutRates 0\r\ndualMode 0\r\ndualIp 0.0.0.0\r\n'
+                        'dualMask 0.0.0.0\r\ndualGateway 0.0.0.0\r\ndualDns 0 0.0.0.0\r\ndualDns 1 0.0.0.0\r\n'
+                        'dualCode 0\r\ndualStatus 0\r\nid 13|1,0,0\r\nip 0 10.10.10.10\r\nip 1 11.11.11.11\r\n'
+                        'ip 2 0.0.0.0\r\nip 3 0.0.0.0\r\nip 4 0.0.0.0\r\nip 5 0.0.0.0\r\nmac 0 00-00-00-00-00-03\r\n'
+                        'mac 1 00-00-00-00-00-04\r\nmac 2 00-00-00-00-00-00\r\nmac 3 00-00-00-00-00-00\r\n'
+                        'mac 4 00-00-00-00-00-00\r\nmac 5 00-00-00-00-00-00\r\n'
+                        'reserved 0 \r\nreserved 1 \r\nreserved 2 \r\nreserved 3 \r\nreserved 4 \r\nreserved 5 \r\n'
+                        'bindEntry 0 0\r\nbindEntry 1 0\r\nbindEntry 2 0\r\nbindEntry 3 0\r\nbindEntry 4 0\r\n'
+                        'bindEntry 5 0\r\nstaMgtEntry 0 0\r\nstaMgtEntry 1 0\r\nstaMgtEntry 2 0\r\nstaMgtEntry 3 0\r\n'
+                        'staMgtEntry 4 0\r\nstaMgtEntry 5 0\r\ntype 0 3\r\ntype 1 1\r\ntype 2 0\r\ntype 3 0\r\n'
+                        'type 4 0\r\ntype 5 0\r\nonline 0 1\r\nonline 1 1\r\nonline 2 0\r\nonline 3 0\r\nonline 4 0\r\n'
+                        'online 5 0\r\nname 0 ANONYMOUS\r\nname 1 BANANA-12\r\nname 2 \r\nname 3 \r\nname 4 \r\n'
+                        'name 5 \r\nDevType 0 OTHER\r\nDevType 1 OTHER\r\nDevType 2 \r\nDevType 3 \r\nDevType 4 \r\n'
+                        'DevType 5 \r\nid 33|1,1,0\r\nuUnit 0\r\ncSsidPrefix \r\nuRadiusIp 0.0.0.0\r\n'
+                        'uRadiusGKUpdateIntvl 0\r\nuPskGKUpdateIntvl 0\r\nuKeyLength 0 0\r\nuKeyLength 1 0\r\n'
+                        'uKeyLength 2 0\r\nuKeyLength 3 0\r\ncKeyVal 0 \r\ncKeyVal 1 \r\ncKeyVal 2 \r\ncKeyVal 3 \r\n'
+                        'uRadiusPort 1812\r\nuKeyType 1\r\nuDefaultKey 1\r\nbEnable 1\r\nbBcastSsid 1\r\n'
+                        'cSsid SuperWifi\r\nbSecurityEnable 1\r\nuAuthType 3\r\nuWEPSecOpt 3\r\nuRadiusSecOpt 3\r\n'
+                        'uPSKSecOpt 2\r\nuRadiusEncryptType 4\r\nuPSKEncryptType 3\r\ncRadiusSecret \r\n'
+                        'cPskSecret YouThoughtIdForgetMyKey?\r\nbSecCheck 0\r\nbEnabled 1\r\nbPinEnabled 0\r\n'
+                        'cUsrPIN 11100111\r\nbConfigured 0\r\nbIsLocked 0\r\nid 33|2,1,0\r\nuUnit 0\r\ncSsidPrefix \r\n'
+                        'uRadiusIp 0.0.0.0\r\nuRadiusGKUpdateIntvl 0\r\nuPskGKUpdateIntvl 0\r\nuKeyLength 0 0\r\n'
+                        'uKeyLength 1 0\r\nuKeyLength 2 0\r\nuKeyLength 3 0\r\ncKeyVal 0 \r\ncKeyVal 1 \r\n'
+                        'cKeyVal 2 \r\ncKeyVal 3 \r\nuRadiusPort 1812\r\nuKeyType 1\r\nuDefaultKey 1\r\nbEnable 1\r\n'
+                        'bBcastSsid 1\r\ncSsid SuperWifi\r\nbSecurityEnable 1\r\nuAuthType 3\r\nuWEPSecOpt 3\r\n'
+                        'uRadiusSecOpt 3\r\nuPSKSecOpt 2\r\nuRadiusEncryptType 4\r\nuPSKEncryptType 3\r\n'
+                        'cRadiusSecret \r\ncPskSecret YouThoughtIdForgetMyKey?\r\nbSecCheck 0\r\n'
+                        'bEnabled 1\r\nbPinEnabled 0\r\ncUsrPIN 11100111\r\nbConfigured 0\r\nbIsLocked 0')
+
+
+class ResponseMock():
+    def __init__(self, text, status_code=0):
+        self.text = text
+        self.status_code = status_code
+
+
+class TplinkRE330RouterTest(TplinkRE330Router):
+    response = ''
+
+    def _init_session(self) -> None:
+        pass
+
+    def request(self, code: int, asyn: int, use_token: bool = False, data: str = None) -> dict | None:
+
+        # Responses
+        if code == 2 and (asyn == 0 or asyn == 1):
+            if use_token is False:
+                if data == '50|1,0,0':
+                    # Supports
+                    return ResponseMock(self.response, 200)
+                else:
+                    # Authorization
+                    return ResponseMock('blabla\r\nblabla\r\nblabla\r\nauthinfo1\r\nauthinfo2')
+            elif use_token is True:
+                return ResponseMock(self.response)
+        if code == 7 and asyn == 1:
+            if use_token is False:
+                # Authorization
+                return ResponseMock('00007\r\n00004\r\n00002\r\n'
+                                    'BC97577E65233B3E1137C61091D64176C334E52AD78FFBDDABC826B685435E'
+                                    '9D3DE83FE70C2AC62D6B13BD8EADA10B5623F9354DA0E99636A4F5519CA2DC2DC3\r\n'
+                                    '12345656\r\n00000')
+            elif use_token is True:
+                return ResponseMock('00000')
+        elif code == 16 and asyn == 0:
+            if use_token is False:
+                # Authorization
+                return ResponseMock('00000\r\n010001\r\nBC97577E65233B3E1137C61091D64176C334E52AD78FFBDDABC826B685435E'
+                                    '9D3DE83FE70C2AC62D6B13BD8EADA10B5623F9354DA0E99636A4F5519CA2DC2DC3\r\n12345656')
+            elif use_token is True:
+                # Authorization
+                return ResponseMock('00000')
+        elif code == 7 and asyn == 0:
+            return ResponseMock('00000')
+
+        raise ClientException()
+
+    def set_encrypted_response(self, response_text) -> None:
+        self.response = self._encrypt_body(response_text).split('data=')[1]
+
+
+class TestTPLinkClient(TestCase):
+
+    def test_supports(self) -> None:
+        response = ('00000\r\nid 50|1,0,0\r\ncurrentLanguage\r\n'
+                    'languageList bg_BG,cs_CZ,de_DE,en_US,es_ES,es_LA,fr_FR,hu_HU,it_IT,ja_JP,ko_KR,nl_NL,pl_PL,pt_BR,'
+                    'pt_PT,ro_RO,ru_RU,sk_SK,tr_TR,uk_UA,vi_VN,zh_TW\r\nsetByUser 0')
+
+        client = TplinkRE330RouterTest('', '')
+        client.response = response
+        supports = client.supports()
+        self.assertTrue(supports)
+
+    def test_authorize(self) -> None:
+        client = TplinkRE330RouterTest('', '')
+        client.authorize()
+
+        encryption = client._encryption
+        self.assertEqual(encryption.ee_rsa, '010001')
+        self.assertEqual(encryption.nn_rsa, 'BC97577E65233B3E1137C61091D64176C334E52AD78FFBDDABC826B685435E9D3DE83FE70C'
+                                            '2AC62D6B13BD8EADA10B5623F9354DA0E99636A4F5519CA2DC2DC3')
+        self.assertEqual(encryption.seq, '12345656')
+
+    def test_get_firmware(self) -> None:
+        response = ('00000\r\nid 0|1,0,0\r\nfullName TP-Link%20Wireless%20Extender%20RE330\r\nfacturer TP-Link\r\n'
+                    'modelName RE330\r\nmodelVer 1\r\nsoftVer 1.0.23%20Build%20230418%20Rel.60395n\r\n'
+                    'hardVer %20RE330%201.0\r\nprodId 0x3300001\r\ncloudShouldActive 1\r\ncountryId 0x0\r\n'
+                    'specialId 0x5545\r\ncountryCode 0x4544\r\nmainVer 0x5a010017\r\nminorVer 0x1\r\noemId 0x1\r\n'
+                    'deviceId 8002A1F018FA0C879DB62FA981FB0D1D231D490F\r\n'
+                    'hardwareId 5E055ADC85F0800C6C3044E5A3180E2A\r\nfirmwareId FFFFFFFFFFFFFFFFFFFF033001004555\r\n'
+                    'oem_id B30DDAF6C31C08B9C50A48B0B9168003\r\nfacturerType 0')
+
+        client = TplinkRE330RouterTest('', '')
+        client.authorize()
+
+        client.set_encrypted_response(response)
+
+        firmware = client.get_firmware()
+
+        self.assertIsInstance(firmware, Firmware)
+        self.assertEqual(firmware.hardware_version, ' RE330 1.0')
+        self.assertEqual(firmware.model, 'RE330')
+        self.assertEqual(firmware.firmware_version, '1.0.23 Build 230418 Rel.60395n')
+
+    def test_get_ipv4_status(self) -> None:
+
+        client = TplinkRE330RouterTest('', '')
+        client.authorize()
+
+        client.set_encrypted_response(IPV4_STATUS_RESPONSE)
+
+        ipv4_status: IPv4Status = client.get_ipv4_status()
+
+        self.assertIsInstance(ipv4_status, IPv4Status)
+        self.assertEqual(ipv4_status.wan_macaddress, EUI48('00-00-00-00-00-02'))
+        self.assertEqual(ipv4_status._wan_ipv4_ipaddr, IPv4Address('4.4.4.4'))
+        self.assertEqual(ipv4_status._wan_ipv4_gateway, IPv4Address('5.5.5.5'))
+        self.assertEqual(ipv4_status._wan_ipv4_conntype, 'Dynamic IP')
+        self.assertEqual(ipv4_status._wan_ipv4_netmask, IPv4Address('255.255.252.0'))
+        self.assertEqual(ipv4_status._wan_ipv4_pridns, IPv4Address('1.1.1.1'))
+        self.assertEqual(ipv4_status._wan_ipv4_snddns, IPv4Address('8.8.8.8'))
+        self.assertEqual(ipv4_status._lan_macaddr, EUI48('00-00-00-00-00-01'))
+        self.assertEqual(ipv4_status._lan_ipv4_ipaddr, IPv4Address('2.2.2.2'))
+        self.assertEqual(ipv4_status.lan_ipv4_dhcp_enable, False)
+        self.assertEqual(ipv4_status._lan_ipv4_netmask, IPv4Address('255.255.255.0'))
+
+    def test_get_ipv4_reservations(self) -> None:
+        response = ('00000\r\nid 12|1,0,0\r\nip 0 192.168.0.112\r\nip 1 0.0.0.0\r\nmac 0 00-00-00-00-00-00\r\n'
+                    'mac 1 00-00-00-00-00-01\r\nreserved 0\r\nreserved 1\r\nbindEntry 0 0\r\nbindEntry 1 0\r\n'
+                    'staMgtEntry 0 0\r\nstaMgtEntry 1 1\r\nname 0 Galaxy-S21\r\nname 1 Camera\r\nreserved_name 0\r\n'
+                    'reserved_name 1\r\nblocked 0 0\r\nblocked 1 0\r\nupLimit 0 0\r\nupLimit 1 0\r\ndownLimit 0 0'
+                    '\r\ndownLimit 1 0\r\nqosEntry 0 0\r\nqosEntry 1 0\r\npriTime 0 0\r\npriTime 1 0\r\n'
+                    'dhcpsEntry 0 1\r\ndhcpsEntry 1 0\r\ndhcpsEnable 0 1\r\ndhcpsEnable 1 0\r\nslEnable 0 0\r\n'
+                    'slEnable 1 0\r\nstart 0 0\r\nstart 1 0\r\nend 0 0\r\nend 1 0\r\nday 0 0\r\nday 1 0\r\n'
+                    'startMin 0 0\r\nstartMin 1 0\r\nendMin 0 0\r\nendMin 1 0\r\ndevType 0 0\r\ndevType 1 0\r\n'
+                    'reserved2 0 0\r\nreserved2 1 0\r\ndisable 1')
+
+        client = TplinkRE330RouterTest('', '')
+        client.authorize()
+
+        client.set_encrypted_response(response)
+
+        ipv4_reservations: list[IPv4Reservation] = client.get_ipv4_reservations()
+        ipv4_reservation: IPv4Reservation = ipv4_reservations[0]
+
+        self.assertIsInstance(ipv4_reservation, IPv4Reservation)
+        self.assertEqual(ipv4_reservation.macaddress, EUI48('00-00-00-00-00-00'))
+        self.assertEqual(ipv4_reservation.ipaddress, IPv4Address('192.168.0.112'))
+        self.assertEqual(ipv4_reservation.hostname, 'Galaxy-S21')
+        self.assertEqual(ipv4_reservation.enabled, True)
+
+    def test_get_dhcp_leases(self) -> None:
+        response = ('00000\r\nid 9|1,0,0\r\nhostName 0 Galaxy-S21\r\nhostName 1 iPhone\r\nhostName 2 PC\r\n'
+                    'hostName 3 Laptop\r\nmac 0 00-00-00-00-00-00\r\nmac 1 00-00-00-00-00-01\r\n'
+                    'mac 2 00-00-00-00-00-02\r\nmac 3 00-00-00-00-00-03\r\nreserved 0\r\nreserved 1'
+                    '\r\nreserved 2\r\nreserved 3\r\nstate 0 5\r\nstate 1 5\r\nstate 2 5\r\nstate 3 5'
+                    '\r\nip 0 192.168.0.112\r\nip 1 192.168.0.101\r\nip 2 192.168.0.245\r\nip 3 192.168.0.186'
+                    '\r\nexpires 0 4294967295\r\nexpires 1 3669\r\nexpires 2 4025\r\nexpires 3 4202')
+
+        client = TplinkRE330RouterTest('', '')
+        client.authorize()
+
+        client.set_encrypted_response(response)
+
+        dhcp_leases: list[IPv4DHCPLease] = client.get_dhcp_leases()
+
+        self.assertIsInstance(dhcp_leases[0], IPv4DHCPLease)
+        self.assertEqual(dhcp_leases[0].macaddress, EUI48('00-00-00-00-00-00'))
+        self.assertEqual(dhcp_leases[0].ipaddress, IPv4Address('192.168.0.112'))
+        self.assertEqual(dhcp_leases[0].hostname, 'Galaxy-S21')
+        self.assertEqual(dhcp_leases[0].lease_time, 'expires 4294967295')
+
+        self.assertIsInstance(dhcp_leases[1], IPv4DHCPLease)
+        self.assertEqual(dhcp_leases[1].macaddress, EUI48('00-00-00-00-00-01'))
+        self.assertEqual(dhcp_leases[1].ipaddress, IPv4Address('192.168.0.101'))
+        self.assertEqual(dhcp_leases[1].hostname, 'iPhone')
+        self.assertEqual(dhcp_leases[1].lease_time, 'expires 3669')
+
+    def test_get_status(self) -> None:
+        client = TplinkRE330RouterTest('', '')
+        client.authorize()
+
+        client.set_encrypted_response(STATUS_RESPONSE_TEXT)
+        status = client.get_status()
+
+        self.assertIsInstance(status, Status)
+        self.assertEqual(status.wan_macaddr, '00-00-00-00-00-02')
+        self.assertIsInstance(status.wan_macaddress, EUI48)
+        self.assertEqual(status.lan_macaddr, '00-00-00-00-00-01')
+        self.assertIsInstance(status.lan_macaddress, EUI48)
+        self.assertEqual(status.wan_ipv4_addr, '4.4.4.4')
+        self.assertIsInstance(status.lan_ipv4_address, IPv4Address)
+        self.assertEqual(status.lan_ipv4_addr, '2.2.2.2')
+        self.assertEqual(status.wan_ipv4_gateway, '5.5.5.5')
+        self.assertIsInstance(status.wan_ipv4_address, IPv4Address)
+        self.assertEqual(status.wired_total, 0)
+        self.assertEqual(status.wifi_clients_total, 2)
+        self.assertEqual(status.guest_clients_total, 0)
+        self.assertEqual(status.clients_total, 2)
+        self.assertEqual(status.iot_clients_total, 0)
+        self.assertFalse(status.guest_2g_enable)
+        self.assertFalse(status.guest_5g_enable)
+        self.assertFalse(status.iot_2g_enable)
+        self.assertFalse(status.iot_5g_enable)
+        self.assertTrue(status.wifi_2g_enable)
+        self.assertTrue(status.wifi_5g_enable)
+        self.assertEqual(status.wan_ipv4_uptime, 0)
+        self.assertEqual(status.mem_usage, None)
+        self.assertEqual(status.cpu_usage, None)
+        self.assertEqual(len(status.devices), 2)
+
+        device = status.devices[0]
+        self.assertIsInstance(device, Device)
+        self.assertEqual(device.type, Connection.HOST_5G)
+        self.assertEqual(device.macaddr, '00-00-00-00-00-03')
+        self.assertIsInstance(device.macaddress, EUI48)
+        self.assertEqual(device.ipaddr, '10.10.10.10')
+        self.assertIsInstance(device.ipaddress, IPv4Address)
+        self.assertEqual(device.hostname, 'ANONYMOUS')
+        self.assertEqual(device.up_speed, 0)
+        self.assertEqual(device.down_speed, 0)
+        self.assertEqual(device.active, True)
+
+        device = status.devices[1]
+        self.assertIsInstance(device, Device)
+        self.assertEqual(device.type, Connection.HOST_2G)
+        self.assertEqual(device.macaddr, '00-00-00-00-00-04')
+        self.assertIsInstance(device.macaddress, EUI48)
+        self.assertEqual(device.ipaddr, '11.11.11.11')
+        self.assertIsInstance(device.ipaddress, IPv4Address)
+        self.assertEqual(device.hostname, 'BANANA-12')
+        self.assertEqual(device.up_speed, 0)
+        self.assertEqual(device.down_speed, 0)
+        self.assertEqual(device.active, True)
+
+    def test_get_led_status(self) -> None:
+        client = TplinkRE330RouterTest('', '')
+        client.authorize()
+
+        client.set_encrypted_response('00000\r\nid 112|1,0,0\r\nenable 1')
+        led_status = client.get_led_status()
+        self.assertEqual(led_status, True)
+
+        client.set_encrypted_response('00000\r\nid 112|1,0,0\r\nenable 0')
+        led_status = client.get_led_status()
+        self.assertEqual(led_status, False)
+
+
+if __name__ == '__main__':
+    main()

tplinkrouterc6u/__init__.py

@@ -1,15 +1,16 @@
 from tplinkrouterc6u.client.c6u import TplinkRouter
 from tplinkrouterc6u.client.deco import TPLinkDecoClient
 from tplinkrouterc6u.client_abstract import AbstractRouter
-from tplinkrouterc6u.client.mr import TPLinkMRClient
+from tplinkrouterc6u.client.mr import TPLinkMRClient, TPLinkMRClientGCM
 from tplinkrouterc6u.client.mr200 import TPLinkMR200Client
-from tplinkrouterc6u.client.ex import TPLinkEXClient
+from tplinkrouterc6u.client.ex import TPLinkEXClient, TPLinkEXClientGCM
 from tplinkrouterc6u.client.vr import TPLinkVRClient
 from tplinkrouterc6u.client.c80 import TplinkC80Router
 from tplinkrouterc6u.client.c5400x import TplinkC5400XRouter
 from tplinkrouterc6u.client.c1200 import TplinkC1200Router
 from tplinkrouterc6u.client.xdr import TPLinkXDRClient
 from tplinkrouterc6u.client.wdr import TplinkWDRRouter
+from tplinkrouterc6u.client.re330 import TplinkRE330Router
 from tplinkrouterc6u.provider import TplinkRouterProvider
 from tplinkrouterc6u.common.package_enum import Connection, VPN
 from tplinkrouterc6u.common.dataclass import (

tplinkrouterc6u/client/c80.py

@@ -1,12 +1,9 @@
 from dataclasses import dataclass
 from logging import Logger
 from urllib import parse
-from base64 import b64encode, b64decode
 from collections import defaultdict
 from ipaddress import IPv4Address
 import re
-from Crypto.Cipher import AES
-from Crypto.Util.Padding import pad, unpad
 from macaddress import EUI48
 import requests
 from requests import Session
@@ -21,7 +18,6 @@ from tplinkrouterc6u.client_abstract import AbstractRouter
 class RouterConstants:
     AUTH_TOKEN_INDEX1 = 3
     AUTH_TOKEN_INDEX2 = 4
-    DEFAULT_AES_VALUE = "0000000000000000"
 
     HOST_WIFI_2G_REQUEST = '33|1,1,0'
     HOST_WIFI_5G_REQUEST = '33|2,1,0'
@@ -64,9 +60,7 @@ class EncryptionState:
         self.nn_rsa = ''
         self.ee_rsa = ''
         self.seq = ''
-        self.key_aes = ''
-        self.iv_aes = ''
-        self.aes_string = ''
+        self.aes = EncryptionWrapper()
         self.token = ''
 
 
@@ -105,14 +99,11 @@ class TplinkC80Router(AbstractRouter):
         self._encryption.nn_rsa = responseText[2]
         self._encryption.seq = responseText[3]
 
-        # Generate key and initialization vector
-        self._encryption.key_aes = RouterConstants.DEFAULT_AES_VALUE
-        self._encryption.iv_aes = RouterConstants.DEFAULT_AES_VALUE
-        self._encryption.aes_string = f'k={self._encryption.key_aes}&i={self._encryption.iv_aes}'
-
         # Encrypt AES string
-        aes_string_encrypted = EncryptionWrapper.rsa_encrypt(self._encryption.aes_string, self._encryption.nn_rsa,
+        aes_string_encrypted = EncryptionWrapper.rsa_encrypt(self._encryption.aes._get_aes_string(),
+                                                             self._encryption.nn_rsa,
                                                              self._encryption.ee_rsa)
+
         # Register AES string for decryption on server side
         self.request(16, 0, True, data=f'set {aes_string_encrypted}')
         # Some auth request, might be redundant
@@ -368,7 +359,7 @@ class TplinkC80Router(AbstractRouter):
 
     def _get_signature(self, datalen: int) -> str:
         encryption = self._encryption
-        r = f'{encryption.aes_string}&s={str(int(encryption.seq) + datalen)}'
+        r = f'{encryption.aes._get_aes_string()}&s={str(int(encryption.seq) + datalen)}'
         e = ''
         n = 0
         while n < len(r):
@@ -377,24 +368,12 @@ class TplinkC80Router(AbstractRouter):
         return e
 
     def _encrypt_body(self, text: str) -> str:
-        encryption = self._encryption
-
-        key_bytes = encryption.key_aes.encode("utf-8")
-        iv_bytes = encryption.iv_aes.encode("utf-8")
-
-        cipher = AES.new(key_bytes, AES.MODE_CBC, iv_bytes)
-        data = b64encode(cipher.encrypt(pad(text.encode("utf-8"), AES.block_size))).decode()
-
+        data = self._encryption.aes.aes_encrypt(text)
         sign = self._get_signature(len(data))
         return f'sign={sign}\r\ndata={data}'
 
     def _decrypt_data(self, encrypted_text: str) -> str:
-        key_bytes = self._encryption.key_aes.encode("utf-8")
-        iv_bytes = self._encryption.iv_aes.encode("utf-8")
-
-        cipher = AES.new(key_bytes, AES.MODE_CBC, iv_bytes)
-        decrypted_padded = cipher.decrypt(b64decode(encrypted_text))
-        return unpad(decrypted_padded, AES.block_size).decode("utf-8")
+        return self._encryption.aes.aes_decrypt(encrypted_text)
 
     def _extract_value(self, response_list, prefix):
         return next((s.split(prefix, 1)[1] for s in response_list if s.startswith(prefix)), None)

tplinkrouterc6u/client/ex.py

@@ -15,9 +15,10 @@ from tplinkrouterc6u.common.dataclass import (
     IPv4Status,
     VPNStatus)
 from tplinkrouterc6u.common.exception import ClientException, ClientError
-from tplinkrouterc6u.client.mr import TPLinkMRClientBase
+from tplinkrouterc6u.client.mr import TPLinkMRClientBase, TPLinkMRClientBaseGCM
 
 
+# Class for EX series routers which supports old firmwares with AES cipher CBC mode
 class TPLinkEXClient(TPLinkMRClientBase):
     WIFI_SET = {
         Connection.HOST_2G: '1,0,0,0,0,0',
@@ -331,3 +332,39 @@ class TPLinkEXClient(TPLinkMRClientBase):
         ]
 
         self.req_act(acts)
+
+
+# Class for EX series routers which supports AES cipher GCM mode
+class TPLinkEXClientGCM(TPLinkMRClientBaseGCM, TPLinkEXClient):
+
+    def _req_login(self) -> None:
+        login_data = ('{"data":{"UserName":"%s","Passwd":"%s","Action": "1","stack":"0,0,0,0,0,0",'
+                      '"pstack":"0,0,0,0,0,0"},"operation":"cgi","oid":"/cgi/login"}') % (
+            b64encode(bytes(self.username, "utf-8")).decode("utf-8"),
+            b64encode(bytes(self.password, "utf-8")).decode("utf-8")
+        )
+
+        sign, data, tag = self._prepare_data(login_data, True)
+        assert len(sign) == 256
+
+        request_data = f"sign={sign}\r\ndata={data}\r\ntag={tag}\r\n"
+
+        url = f"{self.host}/cgi_gdpr?9"
+        (code, response) = self._request(url, data_str=request_data)
+        response = self._encryption.aes_decrypt(response)
+
+        # parse and match return code
+        ret_code = self._parse_ret_val(response)
+        error = ''
+        if ret_code == self.HTTP_ERR_USER_PWD_NOT_CORRECT:
+            error = ('TplinkRouter - EX - Login failed, wrong user or password. '
+                     'Try to pass user instead of admin in username')
+        elif ret_code == self.HTTP_ERR_USER_BAD_REQUEST:
+            error = 'TplinkRouter - EX - Login failed. Generic error code: {}'.format(ret_code)
+        elif ret_code != self.HTTP_RET_OK:
+            error = 'TplinkRouter - EX - Login failed. Unknown error code: {}'.format(ret_code)
+
+        if error:
+            if self._logger:
+                self._logger.debug(error)
+            raise ClientException(error)

tplinkrouterc6u/client/mr.py

@@ -8,7 +8,7 @@ from macaddress import EUI48
 from ipaddress import IPv4Address
 from logging import Logger
 from tplinkrouterc6u.common.helper import get_ip, get_mac, get_value
-from tplinkrouterc6u.common.encryption import EncryptionWrapperMR
+from tplinkrouterc6u.common.encryption import EncryptionWrapperMR, EncryptionWrapperMRGCM
 from tplinkrouterc6u.common.package_enum import Connection, VPN
 from tplinkrouterc6u.common.dataclass import (
     Firmware,
@@ -80,6 +80,7 @@ class TPLinkMRClientBase(AbstractRouter):
         if self._verify_ssl is False:
             self.req.verify = False
         self._token = None
+        self._authorized_at = None
         self._hash = md5(f"{self.username}{self.password}".encode()).hexdigest()
         self._nn = None
         self._ee = None
@@ -96,10 +97,9 @@ class TPLinkMRClientBase(AbstractRouter):
             return False
 
     def authorize(self) -> None:
-        '''
-        Establishes a login session to the host using provided credentials
-        '''
-        # hash the password
+        if self._token is not None and self._authorized_at >= (datetime.now() - timedelta(seconds=3)):
+            return
+        self._token = None
 
         # request the RSA public key from the host
         self._nn, self._ee, self._seq = self._req_rsa_key()
@@ -109,6 +109,7 @@ class TPLinkMRClientBase(AbstractRouter):
 
         # request TokenID
         self._token = self._req_token()
+        self._authorized_at = datetime.now()
 
     def reboot(self) -> None:
         acts = [
@@ -587,6 +588,71 @@ class TPLinkMRClientBase(AbstractRouter):
         return signature, encrypted_data
 
 
+class TPLinkMRClientBaseGCM(TPLinkMRClientBase):
+    def __init__(self, host: str, password: str, username: str = 'admin', logger: Logger = None,
+                 verify_ssl: bool = True, timeout: int = 30) -> None:
+        super().__init__(host, password, username, logger, verify_ssl, timeout)
+
+        self._encryption = EncryptionWrapperMRGCM()
+
+    def supports(self) -> bool:
+        try:
+            self.authorize()
+            return True
+        except Exception:
+            pass
+
+        return False
+
+    def _request(self, url, method='POST', data_str=None, encrypt=False, is_login=False):
+        headers = self.HEADERS
+        headers['Referer'] = self.host
+
+        if self._token is not None:
+            headers['TokenID'] = self._token
+
+        if encrypt:
+            sign, data, tag = self._prepare_data(data_str, is_login)
+            data = 'sign={}\r\ndata={}\r\ntag={}\r\n'.format(sign, data, tag)
+        else:
+            data = data_str
+
+        retry = 0
+        while retry < self.REQUEST_RETRIES:
+            # send the request
+            if method == 'POST':
+                r = self.req.post(url, data=data, headers=headers, timeout=self.timeout, verify=self._verify_ssl)
+            elif method == 'GET':
+                r = self.req.get(url, data=data, headers=headers, timeout=self.timeout, verify=self._verify_ssl)
+            else:
+                raise Exception('Unsupported method ' + str(method))
+
+            # sometimes we get 500 here, not sure why... just retry the request
+            if (r.status_code not in [500, 406]
+                    and '<title>500 Internal Server Error</title>' not in r.text
+                    and '<title>406 Not Acceptable</title>' not in r.text):
+                break
+
+            sleep(0.1)
+            retry += 1
+
+        # decrypt the response, if needed
+        if encrypt and (r.status_code == 200) and (r.text != ''):
+            return r.status_code, self._encryption.aes_decrypt(r.text)
+        else:
+            return r.status_code, r.text
+
+    def _prepare_data(self, data: str, is_login: bool) -> tuple[str, str, str]:
+        encrypted_data, tag = self._encryption.aes_encrypt(data)
+        data_len = len(encrypted_data)
+        # get encrypted signature
+        signature = self._encryption.get_signature(int(self._seq) + data_len, is_login, self._hash, self._nn, self._ee)
+
+        # format expected raw request data
+        return signature, encrypted_data, tag
+
+
+# Class for MR series routers which supports old firmwares with AES cipher CBC mode
 class TPLinkMRClient(TPLinkMRClientBase):
 
     def logout(self) -> None:
@@ -716,3 +782,8 @@ class TPLinkMRClient(TPLinkMRClientBase):
         status.isp_name = values['3']['ispName']
 
         return status
+
+
+# Class for MR series routers which supports AES cipher GCM mode
+class TPLinkMRClientGCM(TPLinkMRClientBaseGCM, TPLinkMRClient):
+    pass