chore: init commit

Author: Lash-L

decode.py

@@ -0,0 +1,152 @@
+import json
+
+from roborock.protocol import MessageParser
+
+LOCAL_KEY = "0geZKM8gZkySDz8O"
+
+STORAGE = {"methods": {}}
+
+
+def compare_dicts(dict1, dict2):
+    changed_vars = {}
+    # print(dict1)
+    # print(dict2)
+    try:
+        IGNORE_KEYs = {"msg_seq", "id"}
+        if isinstance(dict1, dict) and isinstance(dict2, dict):
+            for key, value in dict1.items():
+                if key not in IGNORE_KEYs:
+                    if dict2.get(key) != value:
+                        print(f"Status change: {key} changed to {dict2.get(key)}")
+        else:
+            if dict1 != dict2:
+                print(f"{dict1} != {dict2}")
+    except Exception:
+        print(dict1)
+        print(dict2)
+
+
+def decode(message):
+    global STORAGE
+    parsed_message = MessageParser.parse(message, LOCAL_KEY)
+    if parsed_message[0]:
+        if parsed_message[0][0]:
+            payload = parsed_message[0][0]
+            if b"abc" in payload.payload:
+                print("map")
+                return "Map update"
+            json_payload = json.loads(payload.payload.decode())
+            print(json_payload)
+            # print(json_payload)
+            data_point_number, data_point = list(json_payload.get("dps").items())[0]
+            method = payload.get_method()
+            if isinstance(data_point, str):
+                data_point_response = json.loads(data_point)
+
+                params = data_point_response.get("params")
+                result = data_point_response.get("result")
+                dp_id = data_point_response.get("id")
+            else:
+                dp_id = None
+                params = None
+                result = None
+            dumped_result = None
+            if result is not None:
+                dumped_result = json.dumps(result, indent=4)
+            # print(result)
+            dumped_result = f"Result: \n{dumped_result}\n" if dumped_result else ""
+            final_response = (
+                f"Protocol: {parsed_message[0][0].protocol}\n"
+                f"Method: {method}\n"
+                f"Params: {params}\n"
+                f"{dumped_result}"
+                f"DPS: {data_point_number}\n"
+                f"ID:  {dp_id}\n"
+            )
+            response_dict = {
+                "method": method,
+                "params": params,
+                "result": result,
+                "dps": data_point_number,
+                "id": dp_id,
+            }
+            # if method != "get_prop":
+            #     print(response_dict)
+            if dp_id not in STORAGE:
+                STORAGE[dp_id] = {"outgoing": response_dict}
+            else:
+                STORAGE[dp_id]["incoming"] = response_dict
+                method = STORAGE[dp_id]["outgoing"]["method"]
+                if method != "get_prop" and method != "get_dynamic_map_diff":
+                    print(STORAGE[dp_id])
+                if method in STORAGE["methods"] and result != ["ok"]:
+                    last_res = STORAGE["methods"][method]
+                    # if result is not None and last_res is not None:
+                        # changes = compare_dicts(last_res[0], result[0])
+                    STORAGE["methods"][method] = result
+                    # if changes:
+                    #     print(changes)
+                    # else:
+                    #     print("No changes")
+                    # print(last_res)
+                    # print(result)
+                if result != ["ok"]:
+                    STORAGE["methods"][method] = result
+                else:
+                    print(result)
+            return final_response
+    return parsed_message
+
+
+from mitmproxy import contentviews
+from mitmproxy.addonmanager import Loader
+from mitmproxy.contentviews import base, mqtt
+from mitmproxy.utils import strutils
+
+
+class RoborockControlPacket(mqtt.MQTTControlPacket):
+    def __init__(self, packet):
+        super().__init__(packet)
+
+    def pprint(self):
+        s = f"[{self.Names[self.packet_type]}]"
+        if self.packet_type == self.PUBLISH:
+            if not self.payload:
+                return "Empty payload"
+            topic_name = strutils.bytes_to_escaped_str(self.topic_name)
+            payload = strutils.bytes_to_escaped_str(self.payload)
+            try:
+                payload = decode(self.payload)
+
+            except Exception as ex:
+                raise ex
+            s += f" {payload} \n" f"Topic: '{topic_name}'"
+            return s
+        else:
+            return super().pprint()
+
+
+class Roborock(mqtt.ViewMQTT):
+    name = "Roborock"
+
+    def __call__(self, data, **metadata):
+        mqtt_packet = RoborockControlPacket(data)
+        text = mqtt_packet.pprint()
+        return "Roborock", base.format_text(text)
+
+
+view = Roborock()
+
+
+def load(loader: Loader):
+    contentviews.add(view)
+
+
+def tcp_message(flow):
+    message = flow.messages[-1]
+    if b"rr/m/" in message.content:
+        RoborockControlPacket(message.content).pprint()
+
+
+def done():
+    contentviews.remove(view)

reverse_engineerer.py

@@ -0,0 +1,33 @@
+import asyncio
+import subprocess
+
+from roborock.web_api import RoborockApiClient
+
+
+class ReverseEngineerer:
+    def __init__(self, username: str, password: str):
+        self.username = username
+        self.password = password
+
+    async def setup(self):
+        web_api = RoborockApiClient(username=self.username)
+        user_data = await web_api.pass_login(self.password)
+        home_data = await web_api.get_home_data_v2(user_data)
+
+        print()
+        device_selection = ""
+        for i, device in enumerate(home_data.devices):
+            device_selection += f"{i}) {device.name}\n"
+        selected_id = input("Which device would you like to work with? Please select the number.\n" + device_selection)
+
+        device = home_data.devices[int(selected_id)]
+        local_key = device.local_key
+        print(f"Local key is: {local_key}")
+        with open("key.txt", "w") as f:
+            f.write(local_key)
+        print("Running mitmproxy...")
+        subprocess.run(["mitmweb", "--mode", "wireguard", "-s", "decode.py", "-q"])
+
+
+re = ReverseEngineerer("conway220@gmail.com", "1h!M7yb29mX")
+asyncio.run(re.setup())

reverse_engineering.md

@@ -0,0 +1,22 @@
+# Reverse Engineering
+My hope with this guide is that contributing to this project becomes easier for those not familiar with reverse engineering.
+To start, download this repository by cloning it or just downloading the zip in github.
+
+## Pre-requisites
+1) You'll need python on your system.
+2) You need to download [mitm](https://mitmproxy.org/)
+3) You need python-roborock accessible wherever you run this code
+   ```bash
+   pip install python-roborock
+   ```
+4) I have tested this with a iPhone, it will likely work on Android, but i cannot be 100% sure.
+5) Your computer and phone should be on the same WiFi network as your vacuum
+6) You need the WireGuard app on your phone.
+
+## Getting Started.
+1) Add your username and password to reverse_engineerer.py
+2) Run the code
+3) Select the device you want to work with
+4) open the Wireguard app and scan the QR code that was opened in the web browser that opened after selecting your device.
+5) Navigate to mitm.it on your phones browser and follow the instructions there to install the certificate.
+6)

roborock/mqtt_manager.py

@@ -0,0 +1,113 @@
+from __future__ import annotations
+
+import asyncio
+import dataclasses
+import logging
+from collections.abc import Coroutine
+from typing import Callable, Self
+from urllib.parse import urlparse
+
+import aiomqtt
+from aiomqtt import TLSParameters
+
+from roborock import RoborockException, UserData
+from roborock.protocol import MessageParser, md5hex
+
+from .containers import DeviceData
+
+LOGGER = logging.getLogger(__name__)
+
+
+@dataclasses.dataclass
+class ClientWrapper:
+    publish_function: Coroutine[None]
+    unsubscribe_function: Coroutine[None]
+    subscribe_function: Coroutine[None]
+
+
+class RoborockMqttManager:
+    client_wrappers: dict[str, ClientWrapper] = {}
+    _instance: Self = None
+
+    def __new__(cls) -> RoborockMqttManager:
+        if cls._instance is None:
+            cls._instance = super().__new__(cls)
+        return cls._instance
+
+    async def connect(self, user_data: UserData):
+        # Add some kind of lock so we don't try to connect if we are already trying to connect the same account.
+        if user_data.rriot.u not in self.client_wrappers:
+            loop = asyncio.get_event_loop()
+            loop.create_task(self._new_connect(user_data))
+
+    async def _new_connect(self, user_data: UserData):
+        rriot = user_data.rriot
+        mqtt_user = rriot.u
+        hashed_user = md5hex(mqtt_user + ":" + rriot.k)[2:10]
+        url = urlparse(rriot.r.m)
+        if not isinstance(url.hostname, str):
+            raise RoborockException("Url parsing returned an invalid hostname")
+        mqtt_host = str(url.hostname)
+        mqtt_port = url.port
+
+        mqtt_password = rriot.s
+        hashed_password = md5hex(mqtt_password + ":" + rriot.k)[16:]
+        LOGGER.debug("Connecting to %s for %s", mqtt_host, mqtt_user)
+
+        async with aiomqtt.Client(
+            hostname=mqtt_host,
+            port=mqtt_port,
+            username=hashed_user,
+            password=hashed_password,
+            keepalive=60,
+            tls_params=TLSParameters(),
+        ) as client:
+            # TODO: Handle logic for when client loses connection
+            LOGGER.info("Connected to %s for %s", mqtt_host, mqtt_user)
+            callbacks: dict[str, Callable] = {}
+            device_map = {}
+
+            async def publish(device: DeviceData, payload: bytes):
+                await client.publish(f"rr/m/i/{mqtt_user}/{hashed_user}/{device.device.duid}", payload=payload)
+
+            async def subscribe(device: DeviceData, callback):
+                LOGGER.debug(f"Subscribing to rr/m/o/{mqtt_user}/{hashed_user}/{device.device.duid}")
+                await client.subscribe(f"rr/m/o/{mqtt_user}/{hashed_user}/{device.device.duid}")
+                LOGGER.debug(f"Subscribed to rr/m/o/{mqtt_user}/{hashed_user}/{device.device.duid}")
+                callbacks[device.device.duid] = callback
+                device_map[device.device.duid] = device
+                return
+
+            async def unsubscribe(device: DeviceData):
+                await client.unsubscribe(f"rr/m/o/{mqtt_user}/{hashed_user}/{device.device.duid}")
+
+            self.client_wrappers[user_data.rriot.u] = ClientWrapper(
+                publish_function=publish, unsubscribe_function=unsubscribe, subscribe_function=subscribe
+            )
+            async for message in client.messages:
+                try:
+                    device_id = message.topic.value.split("/")[-1]
+                    device = device_map[device_id]
+                    message = MessageParser.parse(message.payload, device.device.local_key)
+                    callbacks[device_id](message)
+                except Exception:
+                    ...
+
+    async def disconnect(self, user_data: UserData):
+        await self.client_wrappers[user_data.rriot.u].disconnect()
+
+    async def subscribe(self, user_data: UserData, device: DeviceData, callback):
+        if user_data.rriot.u not in self.client_wrappers:
+            await self.connect(user_data)
+        # add some kind of lock to make sure we don't subscribe until the connection is successful
+        await asyncio.sleep(2)
+        await self.client_wrappers[user_data.rriot.u].subscribe_function(device, callback)
+
+    async def unsubscribe(self):
+        pass
+
+    async def publish(self, user_data: UserData, device, payload: bytes):
+        LOGGER.debug("Publishing topic for %s, Message: %s", device.device.duid, payload)
+        if user_data.rriot.u not in self.client_wrappers:
+            await self.connect(user_data)
+        await self.client_wrappers[user_data.rriot.u].publish_function(device, payload)