search

ParadoxAlarmInterface / pai

Paradox Magellan, Spectra and EVO, with MQTT, Signal, Pushbullet, Pushover and others
https://gitter.im/paradox-alarm-interface
Eclipse Public License 2.0
340 stars 91 forks source link

EVO192 v.7.50.000+ with 307USB #335

Closed lpaolini closed 1 year ago

lpaolini commented 1 year ago

Alarm system

EVO192 256k 7.70.01

Question

Changelog for version 7.50.011, as shown in #272, says:

Would this mean that we can use 307USB for communicating with firmware versions >=7.50.000 ? Also, If I understand correctly, communication over IP150 introduces a noticeable delay. Could this be a solution?

Thanks.

yozik04 commented 1 year ago

PAI does not support serial encryption yet. IP150 does encryption/decryption for us, this is why it still works. Nobody has yet reported that FW 7.50+ is not working with PAI serial connection. But we assume that it won't.

lpaolini commented 1 year ago

I see, but when it says "the serial output will be operational only with Paradox devices (IP150/+, PCS250/260/265/265LTE, USB307)" I think it means that 307USB will handle the encryption/decryption, as the IP150 does. Doesn't it?

lpaolini commented 1 year ago

By the way, I've just tried my panel running version 7.70.01 with PAI using a PL2303 usb-serial converter and here's the log.

pai  | 2022-12-21 20:11:58,019 - INFO     - PAI - Starting Paradox Alarm Interface 3.1.0
pai  | 2022-12-21 20:11:58,019 - INFO     - PAI - Config loaded from /etc/pai/pai.conf
pai  | 2022-12-21 20:11:58,020 - INFO     - PAI - Console Log level set to 20
pai  | 2022-12-21 20:11:58,022 - INFO     - PAI - Starting...
pai  | 2022-12-21 20:11:58,022 - INFO     - PAI.paradox.paradox - Connecting to interface
pai  | 2022-12-21 20:11:58,023 - INFO     - PAI.paradox.paradox - Using Serial Connection
pai  | 2022-12-21 20:11:58,032 - INFO     - PAI.paradox.connections.serial_connection - Connecting to serial port /dev/ttyUSB0
pai  | 2022-12-21 20:11:58,042 - INFO     - PAI.paradox.connections.serial_connection - Serial port open
pai  | 2022-12-21 20:11:58,043 - INFO     - PAI.paradox.paradox - Connecting to Panel
pai  | 2022-12-21 20:11:58,063 - INFO     - PAI.paradox.paradox - Panel Identified EVO192  version 7.70 build 1
pai  | 2022-12-21 20:11:58,063 - INFO     - PAI.paradox.paradox - Initiating panel connection
pai  | 2022-12-21 20:12:03,076 - ERROR    - PAI.paradox.paradox - Timeout while connecting to panel. Is an other connection active?
pai  | 2022-12-21 20:12:03,077 - ERROR    - PAI - Unable to connect to alarm
pai  | 2022-12-21 20:12:06,080 - INFO     - PAI - Starting...
pai  | 2022-12-21 20:12:06,081 - INFO     - PAI.paradox.paradox - Disconnecting from the Alarm Panel
pai  | 2022-12-21 20:12:06,081 - INFO     - PAI.paradox.paradox - Clean Session
pai  | 2022-12-21 20:12:06,082 - INFO     - PAI.paradox.paradox - Cleaning previous session. Closing connection
pai  | 2022-12-21 20:12:06,085 - ERROR    - PAI.paradox.connections.protocols - Connection was closed: None
pai  | 2022-12-21 20:12:06,086 - ERROR    - PAI.paradox.connections.serial_connection - Connection to panel was lost
pai  | 2022-12-21 20:12:06,192 - INFO     - PAI.paradox.paradox - Disconnected from the Alarm Panel
pai  | 2022-12-21 20:12:06,193 - INFO     - PAI.paradox.paradox - Connecting to interface
pai  | 2022-12-21 20:12:06,193 - INFO     - PAI.paradox.connections.serial_connection - Connecting to serial port /dev/ttyUSB0
pai  | 2022-12-21 20:12:06,203 - INFO     - PAI.paradox.connections.serial_connection - Serial port open
pai  | 2022-12-21 20:12:06,204 - INFO     - PAI.paradox.paradox - Connecting to Panel
pai  | 2022-12-21 20:12:06,224 - INFO     - PAI.paradox.paradox - Panel Identified EVO192  version 7.70 build 1
pai  | 2022-12-21 20:12:06,225 - INFO     - PAI.paradox.paradox - Initiating panel connection
pai  | 2022-12-21 20:12:11,240 - ERROR    - PAI.paradox.paradox - Timeout while connecting to panel. Is an other connection active?
pai  | 2022-12-21 20:12:11,241 - ERROR    - PAI - Unable to connect to alarm
pai  | 2022-12-21 20:12:11,244 - INFO     - PAI - Starting...
...

So, it's detecting the panel and the firmware version, but then it doesn't seem to be able talk to it. Please let me know if there's anything I can try.

lpaolini commented 1 year ago

I'm thinking, how can a panel running firmware 7.50+ work with an old IP150 running outdated firmware? This makes me think the panel somehow recognizes it and switches to unencrypted communication over serial. Would that make sense?

yozik04 commented 1 year ago

I see, but when it says "the serial output will be operational only with Paradox devices (IP150/+, PCS250/260/265/265LTE, USB307)" I think it means that 307USB will handle the encryption/decryption, as the IP150 does. Doesn't it?

307USB can not handle encryption/decryption. It is just an USB to serial cable.

yozik04 commented 1 year ago

I'm thinking, how can a panel running firmware 7.50+ work with an old IP150 running outdated firmware? This makes me think the panel somehow recognizes it and switches to unencrypted communication over serial. Would that make sense?

Maybe they had that serial encryption in the firmware for a long time and made it default just now. You can be right as well, makes sense. You can try to connect with Babyware using your PL2303 cable and capture the traffic. But I won't have time to dig it myself.

yozik04 commented 1 year ago

This maybe related https://github.com/ParadoxAlarmInterface/pai/issues/334

lpaolini commented 1 year ago

I see, but when it says "the serial output will be operational only with Paradox devices (IP150/+, PCS250/260/265/265LTE, USB307)" I think it means that 307USB will handle the encryption/decryption, as the IP150 does. Doesn't it?

307USB can not handle encryption/decryption. It is just an USB to serial cable.

Yeah, that's what I thought, but I'm not convinced anymore, as that changelog is quite unclear. I think I'll get a 307USB and give it a shot. If anyone has already tried that please let me know.

lpaolini commented 1 year ago

I'm thinking, how can a panel running firmware 7.50+ work with an old IP150 running outdated firmware? This makes me think the panel somehow recognizes it and switches to unencrypted communication over serial. Would that make sense?

Maybe they had that serial encryption in the firmware for a long time and made it default just now. You can be right as well, makes sense. You can try to connect with Babyware using your PL2303 cable and capture the traffic. But I won't have time to dig it myself.

I really doubt they had encryption ready in old IP150 firmware versions... Instead, I think it's one of following options:

I would almost exclude the second one. It would be very risky as it could break TCP/IP connection with the panel should anything go wrong during the firmware update. I'll try to get an old IP150 with outdated firmware and capture serial traffic.

lpaolini commented 1 year ago

@yozik04

I've captured a full conversation, from connection to disconnection, with a test panel v.7.70.01 running factory configuration. I would be grateful if you could have a quick look, at least at packet lengths, and see if you notice anything different from a cleartext conversation with an older firmware version.

Actually, It doesn't look properly encrypted to me, as there's a lot of repetitions. If packet lengths match, they might be just scrambled, like XOR'd with a key.

In any case, I've ordered an IP150. With a simultaneous packet capture, using Wireshark on the IP side and Logic on the serial side, it should be easy to spot the differences.

yozik04 commented 1 year ago

Looks like same story as with #334.

yozik04 commented 1 year ago

I agree that having regular serial connection and an IP150 connection captures it will be easier to decrypt.

Let's continue in #337 PR.