Huawei Modem/Router sending encrypted requests

This relates to my Huawei python API here.

I'm adding a dedicated post on this as I expect it may be useful for others.
This took me quite a while to get working and I couldn't find any working solutions online.

This implements the javascript RSA encryption used for encrypting requests to be sent to the modem's underlying API in python.

The javascript code is:

function RSAEncrypt(text) {
var m = pkcs1pad2(text,(this.n.bitLength()+7)>>3);
if(m == null)
return null;
var c = this.doPublic(m);
if(c == null)
return null;
var h = c.toString(16);
if((h.length & 1) == 0)
return h;
else
return "0" + h;
}

The python code I got working is:
import uuid
import hashlib
import hmac
from binascii import hexlify
import math
import base64
from Crypto.Cipher import PKCS1_v1_5
from Crypto.PublicKey.RSA import construct

def rsa_encrypt(rsae, rsan, data):
    if (data is None or data == ''): return ''
    N = long(rsan,16)
    E = long(rsae,16)
    b64data = base64.b64encode(data)
    pubkey = construct((N, E))
    cipher = PKCS1_v1_5.new(pubkey)
    blocks = int(math.ceil(len(b64data) / 245.0))
    result = []
    for i in range(blocks):
        block = b64data[i*245:(i+1)*245]
        d = cipher.encrypt(block)
        result.append(d)
    result = hexlify(''.join(result))
    if ((len(result) & 1) == 0):
        return result
    else:
        return '0'+result

RSAE and RSAN tokens are returned by the router on a successful login.
The content type on the encrypted call also needs to be:

headers['Content-type'] = 'application/x-www-form-urlencoded; charset=UTF-8;enc'


Comments

Post a Comment

Popular posts from this blog

Experience with Optus 4G wireless broadband

Image
Some background, where I try not to gripe about NBN... O NBN!, wherefore art thou NBN! That pretty much sums up my experience over the last year, having relocated from Sydney with a decent NBN connection, to an ADSL1 connection in the Gold Coast. I was then left waiting for either an ADSL2 port to free up (not likely to happen) or NBN to finally arrive. NBN was expected here in Dec-18 and is now due in Dec-19.... So with NBN delayed another year, I was well and truly over my current connection. For the record I had 6 Mbps download and 0.3 Mbps upload. So uploading a picture to facebook would kill my internet. It's hard to believe this can be sold in Australia as an adequate service.... right not griping, moving on. Thankfully this is all behind me with the introduction of Optus's 4G wireless broadband plans, which were released in November 2018 replacing the Vividwireless service. Based on our usage of around 380 GB per month, I selected the the $80 500 GB plan. The ...
Read more

Port Forwarding on Optus 4G B525 router

Image
The port forwarding or "Virtual Server" settings are not available in the Optus customised web UI. However the underlying XML based API of the router still supports the function, at least for my B525s 65a model. So I've documented a couple of ways you can interact with the router API and set up port forwarding. Important!: Port forwarding will only work when the other device can access the private 10.*.*.* Optus IP Address of the router. I use it so my Optus mobile can access my home network. If you wanted to expose a service to the general internet then this likely won't work. Option 1 - Use the python API I've developed at  https://github.com/jinxo13/HuaweiB525Route r For those with scripting or programming experience Option 2 - Use Chrome and the Servistate plugin to interact with the B525's API directly I've provided a step by step guide - no programming experience is required Option 1 - Use the Python API Step 1 - Check the curre...
Read more