-
-
Save hardillb/4ce9fc493b792806e39f7fae4b7c28a7 to your computer and use it in GitHub Desktop.
Basic MQTT bridge can be found here: | |
https://github.com/hardillb/TRADFRI2MQTT | |
Bridge adds a mDNS entry for a COAP sever: | |
Service Type: _coap._udp | |
Service Name: gw:b0-72-bf-25-bf-59 | |
Domain Name: local | |
Interface: wlan0 IPv4 | |
Address: gw\058b0-72-bf-25-bf-59.local/192.168.1.111:5684 | |
TXT version = 1.0.0008 | |
Wireshark trace shows evidence of DTSL setup for the matching port: | |
3 8.838970 192.168.1.58 192.168.1.111 DTLSv1.2 111 Client Hello | |
Internet Protocol Version 4, Src: 192.168.1.58 (192.168.1.58), Dst: 192.168.1.111 (192.168.1.111) | |
User Datagram Protocol, Src Port: 36237 (36237), Dst Port: coaps (5684) | |
nodejs node | |
https://github.com/neustar/node-coap-dtls | |
Stuggling to get this to connect. | |
Looks like CoAP can be self describing, which is nice... | |
https://bitsex.net/software/2017/coap-endpoints-on-ikea-tradfri/ | |
<//15001/reset>;ct=0, | |
<//15001>;ct=0;obs, | |
[65536,65537] | |
<//15001/65537>;ct=0;obs, | |
{"9001":"Living Room Light","3":{"0":"IKEA of Sweden","1":"TRADFRI bulb E27 opal 1000lm","2":"","3":"1.1.1.0-5.7.2.0","6":1},"9002":1491158817,"9020":1491327551,"9003":65537,"9054":1,"5750":2,"9019":1,"3311":[{"5850":1,"5851":5,"9003":0}]} | |
<//15001/65536>;ct=0;obs, | |
{"9001":"Living Room Dimmer","3":{"0":"IKEA of Sweden","1":"TRADFRI wireless dimmer","2":"","3":"1.1.1.1-5.7.2.0","6":3,"9":16},"9002":1491156042,"9020":1491331077,"9003":65536,"9054":0,"5750":0,"9019":1,"15009":[{"9003":0}]} | |
<//15004>;ct=0;obs, | |
<//15004/add>;ct=0, | |
<//15004/remove>;ct=0, | |
<//15004/138191>;ct=0;obs, | |
{"9001":"Living Room","9002":1491158740,"9003":138191,"5850":1,"5851":0,"9039":215546,"9018":{"15002":{"9003":[65536,65537]}}} | |
<//15005>;ct=0;obs, | |
<//15005/138191>;ct=0;obs, | |
[197802,215546,197100] | |
<//15005/138191/197802>;ct=0;obs, | |
{"9057":0,"9001":"EVERYDAY","9068":1,"9002":1491158740,"9003":197802,"15013":[{"5850":1,"5851":203,"9003":65537}]} | |
<//15005/138191/215546>;ct=0;obs, | |
{"9057":1,"9001":"RELAX","9068":1,"9002":1491158740,"9003":215546,"15013":[{"5850":1,"5851":25,"9003":65537}]} | |
<//15005/138191/197100>;ct=0;obs, | |
{"9057":2,"9001":"FOCUS","9068":1,"9002":1491158740,"9003":197100,"15013":[{"5850":1,"5851":254,"9003":65537}]} | |
<//status>;ct=0;obs, | |
{} | |
<//15006>;ct=0;obs, | |
[{"9002":1491247648,"9014":0,"9015":5001},{"9002":1491330758,"9014":0,"9015":1004}] | |
<//15011/15012>;ct=0;obs, | |
{"9023":"pool.ntp.org","9029":"1.1.0015","9059":1491333388,"9081":"7e1151520440017d","9060":"2017-04-04T19:16:28.004712Z","9062":0,"9061":0,"9054":0,"9055":0,"9079":0,"9066":5,"9069":1491246077,"9080":0,"9071":1,"9077":0,"9072":0,"9073":0,"9074":0,"9076":0,"9075":0,"9078":0} | |
<//15011/9030>;ct=0, | |
<//15011/9031>;ct=0, | |
<//15011/9033>;ct=0, | |
<//15011/9034>;ct=0, | |
<//15011/9063>;ct=0, | |
<//15010>;ct=0;obs | |
[] | |
java -jar cf-client-1.1.0-SNAPSHOT.jar -psk GET coaps://192.168.1.111//15001/65537 | |
{"9001":"Living Room Light","9002":1491158817,"5750":2,"9020":1491232251,"3":{"0":"IKEA of Sweden","1":"TRADFRI bulb E27 opal 1000lm","3":"1.1.1.0-5.7.2.0","2":"","6":1},"9054":0,"9003":65537,"9019":1,"3311":[{"5850":0,"5851":1,"9003":0}]} | |
java -jar cf-client-1.1.0-SNAPSHOT.jar -psk PUT coaps://192.168.1.111//15001/65537 '{"9001":"Living Room Light","9002":1491158817,"5750":2,"9020":1491232251,"3":{"0":"IKEA of Sweden","1":"TRADFRI bulb E27 opal 1000lm","3":"1.1.1.0-5.7.2.0","2":"","6":1},"9054":0,"9003":65537,"9019":1,"3311":[{"5850":1,"5851":1,"9003":0}]}' | |
Turned on the light |
Hi there
You mentioned wireshark - the traffic is really easy to decrypt just by entering the preshared key in Preferences -> Protocol -> DTLS -> preshared key (must be entered as hex)
Also, i think it is required with a somewhat new build of wireshark - im using wireshark 2.3.0~rc0 where it decrypts perfectly just by entering the preshared key from the box
Edit: i also think you need to have the entire conversation captured in wireshark at least from the start where the ssl/dtls handshaking takes place... :)
@fasmide my version of wireshark (on Ubuntu 14.04) is too old for DTSL decoding, I need to upgrade at some point, but I'm doing ok with out it.
FYI, looks like ha-bridge issue 570 have become a collective point for links and notes about progress around different integrations and implementations
Some of the new links to code implementations in different programming languages include:
https://github.com/stenehall/homebridge-ikea
https://gist.github.com/hvanderlaan/3d8e11869f86ba94d9d6df1c815af3aa
https://github.com/ggravlingen/home-assistant/blob/master/extraconfig/python_code/ikea.py
https://gist.github.com/r41d/65be2c7a111ac6c32f24d762ba38612c
r41d found an intersting class in the Android App, after decompliling with apktool, it is located in
com/ikea/tradfri/lighting/ipso/IPSOObjects.java.
Here's his upload: http://sprunge.us/CCQF
DTLS-CoAP wireshark dissector -> https://github.com/msangoi/dtls-coap-dissector
Yeah, I'm really looking for a working nodejs dtls/coap client but I've not found one that actually works yet.
It looks like native DTLS may be on it's way to NodeJS
nodejs/node#2398