c3-100 support

[kigorw]

Hi, it's so cool that you are building this library. I want to manage my c3-100 from a small raspberry. I've tried your lua project several months before but it didn't work form me. So I ended with a go wrapper around pullsdk.

Did you test c3-100? I'm gonna test it tomorrow.

[vwout]

Hi, thanks! I'm writing and testing my libraries on my C3-200 device. The test scope is kind of limited :) When you have applied a password on your C3, it won't work, since I have not found documentation on how to handle password based communication.

Verbose logging might help. What does the test cli command C3_GetDeviceParam (https://github.com/vwout/zkaccess-c3-py/blob/master/cli/C3_GetDeviceParam.py#L16) output?

[kigorw]

Got such output

Connecting to 192.168.1.250
Sending: aa01760000e02655
Receiving header: aa01c90100
Sending: aa01020000a03c55
Receiving header: f313d955

When I send

COMMAND_CONNECT = CommandStruct(0x01, 0xC8)

Connecting to 192.168.1.250
Sending: aa01010000503c55
Receiving header: aa01c80000
Receiving payload: 800255
Sending: aa01020000a03c55
Receiving header: aa01c80000
Receiving payload: 800255

Seems like c3 might have different values for commands. Any ideas how to get those?

[vwout]

Interesting. What my library does is only handle the response if it matches the expected command. You could try bypassing that check by accepting any if True: on line 108 in https://github.com/vwout/zkaccess-c3-py/blob/master/c3/core.py#L108

The payload seems to only contain one byte (byte 3 in the response aa01c90100 is 0x01). That is less than the session (2 bytes).

What I did to get to this library is sniff the traffic between C3 and the ZKAccess software using Wireshark and analyze it.

[kigorw]

Any tips/examples how to analyze. Today I captured interaction with wireshark. I think if you give me some example I’ll figure out the rest

On Fri, Apr 21, 2023 at 10:10 PM vwout @.***> wrote:

Interesting. What my library does is only handle the response if it matches the expected command. You could try bypassing that check by accepting any if True: on line 108 in https://github.com/vwout/zkaccess-c3-py/blob/master/c3/core.py#L108

The payload seems to only contain one byte (byte 3 in the response aa01c90100 is 0x01). That is less than the session (2 bytes).

What I did to get to this library is sniff the traffic between C3 and the ZKAccess software using Wireshark and analyze it.

— Reply to this email directly, view it on GitHub https://github.com/vwout/zkaccess-c3-py/issues/1#issuecomment-1518176557, or unsubscribe https://github.com/notifications/unsubscribe-auth/AACODXUJ6SSBXWSVSVSKKITXCLEQPANCNFSM6AAAAAAXF77DZ4 . You are receiving this because you authored the thread.Message ID: @.***>

[vwout]

Would you mind sharing the capture?

For the analysis, isolate requests and corresponding responses. Annotate each request/reply with the 'meaning'. Make small variations in the commands and check the results on the communication.

[kigorw]

Don't have at hand it right now. I just remember that among all the data, wireshark breaks down well structure. I remember there was part that I thought as some meaningful something like: xx xx xx xx (4 bytes) I need to understand how to transform it into proper codes.

Maybe you can quickly screen record some quick explanation on how you analyzed packets and translated them to code that sends and receives?

On Fri, 21 Apr 2023 at 22:58, vwout @.***> wrote:

Would you mind sharing the capture?

For the analysis, isolate requests and corresponding responses. Annotate each request/reply with the 'meaning'. Make small variations in the commands and check the results on the communication.

— Reply to this email directly, view it on GitHub https://github.com/vwout/zkaccess-c3-py/issues/1#issuecomment-1518226267, or unsubscribe https://github.com/notifications/unsubscribe-auth/AACODXWEZXE55KPDX4CATJ3XCLKFPANCNFSM6AAAAAAXF77DZ4 . You are receiving this because you authored the thread.Message ID: @.***>

[kigorw]

I got more understanding and managed to connect and get device params. (figured out how to read wireshark tcp packet)

This is a correct connect command.

C3_COMMAND_CONNECT = CommandStruct(0x76, 0xC9) 

The next thing is to connect with _request_nr = 1

for send receive needed to change:

return receive_data[2:], bytes_received-2

also needed to comment session validation. I'm not sure how it suppose to work. For now left session 0

Next I will play with controlling doors. After that I'll probably make a fork or PR.

[vwout]

Interesting. Do you know what firmware your controller has? However, based on some googling, I guess the 0xC9 reply indicates an error. Could it be your device is configured to use a password?

The next thing is to connect with _request_nr = 1

Do all subsequent commands use sequence number 1 in your captured traffic?

[vwout]

Have you been able to do any further testing?

[vwout]

@kigorw Were you able to do any further testing? I improved the library functions, which also may provide more clues.

[kigorw]

hi, I solved all my current needs and moved for now. Soon I will also need to integrate c3-200.

With regards to c3-100 support I'll need to understand why your values didn't work.

On Sat, 20 May 2023 at 01:31, vwout @.***> wrote:

@kigorw https://github.com/kigorw Were you able to do any further testing? I improved the library functions, which also may provide more clues.

— Reply to this email directly, view it on GitHub https://github.com/vwout/zkaccess-c3-py/issues/1#issuecomment-1555274498, or unsubscribe https://github.com/notifications/unsubscribe-auth/AACODXVGBKBWP744ZLHTQJLXG7RCLANCNFSM6AAAAAAXF77DZ4 . You are receiving this because you were mentioned.Message ID: @.***>

[vwout]

You might want to try this library again. With the help of another C3 panel owner, I managed to change the library to also make it work with another C3 panel, see vwout/hass-zkaccess_c3#1. My (current) last post also explains the data analysis.