zwave-js / zwave-js-ui

Full featured Z-Wave Control Panel UI and MQTT gateway. Built using Nodejs, and Vue/Vuetify
https://zwave-js.github.io/zwave-js-ui
MIT License
969 stars 204 forks source link

[feat] Support .hec firmware format from Aeotec devices #37

Closed larstobi closed 3 years ago

larstobi commented 3 years ago

Is your feature request related to a problem? Please describe. A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] When I try to update Aeotec Smart Switch 6 ZW096 with firmware downloaded from Aeotec n .hec format, I get the error message:

Error while calling api beginFirmwareUpdate: Unable to extract firmware from file: could not detect firmware format

Describe the solution you'd like Correctly detecting the format and converting it to a usable format, and begin FW upgrade process.

Describe alternatives you've considered None.

Additional context EU firmware downloaded from link at the bottom of this page: https://aeotec.freshdesk.com/support/solutions/articles/6000205150-update-smart-switch-6-firmware-via-homeseer-

robertsLando commented 3 years ago

@AlCalzone This is for you :) Also I suggest to move the guessFirmwareFormat function in zwave-js

AlCalzone commented 3 years ago

*.hec files are firmware files that were encrypted with the Homeseer encryption utility. Both the utility and the code to decrypt that is closed source. I've seen threads where it has been speculated that they use a simple encryption with a fixed key, but no hard evidence. So in short: nothing we can do until someone reverse-engineers the encryption.

You can however ask the Aeotec support for their updater utility (which we can extract the firmware from).

robertsLando commented 3 years ago

You can however ask the Aeotec support for their updater utility (which we can extract the firmware from).

Or ask them to give us the docs to do it :smile:

AlCalzone commented 3 years ago

Except Homeseer !== Aeotec. As far as I understand, they provide manufacturers with an encryption utility so they can upload encrypted firmware. Only the Homeseer software can decrypt these files. From my experience, they'll give you the updater exe when you ask for it. In my case I wanted to update my WallMote but didn't find the files to do that.

roflmao commented 3 years ago

The exe is bundled here: https://aeotec.freshdesk.com/support/solutions/articles/6000134294-smart-switch-6-firmware-update-3-26-2018-

robertsLando commented 3 years ago

I think that we can close this so?

larstobi commented 3 years ago

@AlCalzone I asked Aeotec for the unencrypted firmware files, but they don't wish to give access to those files, because that will expose the source code, they say, and it's confidention to Aeotec.

I'm not sure how firmware upgrade is implemented on the devices, but I would think there at least should exist a public key in the devices that can verify a signature on the firmware code in order to verify it's publisher. In that case, exposing the code would not really be a problem, unless they are worried about competition looking at the disassembled machine code and picking up trade secrets. Which I guess is what they are most worried about.

From looking inside the .exe file in the source of for instance the Smart Switch 6 firmware updater tool, I found a string saying "ZW096_Smart_Switch_6_EU_V1_04_hexTargetZwave". Maybe that means we should be able to extract the firmware?

AlCalzone commented 3 years ago

If you have an updater exe, you can probably just plop it into the zwave-js update method. It will try and extract the firmware for you.

robertsLando commented 3 years ago

@AlCalzone What if he just rename the .hec to .exe?

larstobi commented 3 years ago

@robertsLando Probably not, since it's encrypted, or at least obfuscated.

@AlCalzone so, you mean the format guesser will search through and look for the start of the Intel Hex file? I decompiled the .exe and found lots of references to Intel hex.

AlCalzone commented 3 years ago

Yes, the format guesser will check if the exe file has two markers we expect and extractFirmware will then look for the firmware where it usually is in the file. @robertsLando That won't work as the exe file needs to have a specific structure.

larstobi commented 3 years ago

@robertsLando @AlCalzone I tried to update the Aeotec Smart Dimmer 6 right now and just dropped the SmartDimmer_6_EU_C_V1_07.exe file directly to the "Begin firmware upgrade" function. It Just Worked. Wow. :-D

larstobi commented 3 years ago

However, ZW096_Smart_Switch_6_EU_V1_04.exe does not work. I get "Error while calling api beginFirmwareUpdate: Unable to extract firmware from file: could not detect firmware format"

AlCalzone commented 3 years ago

Could you send me that file please?

larstobi commented 3 years ago

https://aeotec.freshdesk.com/helpdesk/attachments/6107410725

larstobi commented 3 years ago

@AlCalzone you can easily get it from the above link, but if there are problems, I can send it to you on Slack. :-)

larstobi commented 3 years ago

Link for other countries as well, in the bottom of this page https://aeotec.freshdesk.com/support/solutions/articles/6000235856-how-to-update-smart-switch-6-z-wave-firmware-

AlCalzone commented 3 years ago

@larstobi the failing exe files should be handled by zwave-js/node-zwave-js#1194. Since that branch depends on the GBL one, I'll either have to merge them without waiting for your test or just wait for confirmation.

AlCalzone commented 3 years ago

I've merged the branches, so the current zwave-js master should work.

psarossy commented 3 years ago

I'm trying to use this method do update my MultiSensor 6 US units, but nothing happens after I select the .exe file, the picker window disappears, and there's nothing in the log with that node, even with DEBUG level logging enabled.., Any ideas?

@AlCalzone the encryption has been reverse engineered, but not sure if it's ok to post it here...

AlCalzone commented 3 years ago

@psarossy you can contact me via the email in my profile if you have some info to share.