http with encryption almost works

Cargo.lock

@@ -105,12 +105,6 @@ dependencies = [
  "rustc-demangle",
 ]
 
-[[package]]
-name = "base64"
-version = "0.21.7"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567"
-
 [[package]]
 name = "base64ct"
 version = "1.6.0"
@@ -123,12 +117,6 @@ version = "1.3.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
 
-[[package]]
-name = "bitflags"
-version = "2.4.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ed570934406eb16438a4e976b1b4500774099c13b8cb96eec99f620f05090ddf"
-
 [[package]]
 name = "block-buffer"
 version = "0.10.4"
@@ -138,12 +126,6 @@ dependencies = [
  "generic-array",
 ]
 
-[[package]]
-name = "bumpalo"
-version = "3.14.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7f30e7476521f6f8af1a1c4c0b8cc94f0bee37d91763d0ca2665f299b6cd8aec"
-
 [[package]]
 name = "bytes"
 version = "1.5.0"
@@ -252,22 +234,6 @@ version = "0.9.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8"
 
-[[package]]
-name = "core-foundation"
-version = "0.9.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "91e195e091a93c46f7102ec7818a2aa394e1e1771c3ab4825963fa03e45afb8f"
-dependencies = [
- "core-foundation-sys",
- "libc",
-]
-
-[[package]]
-name = "core-foundation-sys"
-version = "0.8.6"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "06ea2b9bc92be3c2baa9334a323ebca2d6f074ff852cd1d7b11064035cd3868f"
-
 [[package]]
 name = "cpufeatures"
 version = "0.2.12"
@@ -361,15 +327,6 @@ dependencies = [
  "zeroize",
 ]
 
-[[package]]
-name = "encoding_rs"
-version = "0.8.33"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7268b386296a025e474d5140678f75d6de9493ae55a5d709eeb9dd08149945e1"
-dependencies = [
- "cfg-if",
-]
-
 [[package]]
 name = "env_filter"
 version = "0.1.0"
@@ -393,28 +350,6 @@ dependencies = [
  "log",
 ]
 
-[[package]]
-name = "equivalent"
-version = "1.0.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5"
-
-[[package]]
-name = "errno"
-version = "0.3.8"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a258e46cdc063eb8519c00b9fc845fc47bcfca4130e2f08e88665ceda8474245"
-dependencies = [
- "libc",
- "windows-sys 0.52.0",
-]
-
-[[package]]
-name = "fastrand"
-version = "2.0.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "25cbce373ec4653f1a01a31e8a5e5ec0c622dc27ff9c4e6606eefef5cbbed4a5"
-
 [[package]]
 name = "fiat-crypto"
 version = "0.2.6"
@@ -427,69 +362,6 @@ version = "1.0.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1"
 
-[[package]]
-name = "foreign-types"
-version = "0.3.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1"
-dependencies = [
- "foreign-types-shared",
-]
-
-[[package]]
-name = "foreign-types-shared"
-version = "0.1.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b"
-
-[[package]]
-name = "form_urlencoded"
-version = "1.2.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e13624c2627564efccf4934284bdd98cbaa14e79b0b5a141218e507b3a823456"
-dependencies = [
- "percent-encoding",
-]
-
-[[package]]
-name = "futures-channel"
-version = "0.3.30"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "eac8f7d7865dcb88bd4373ab671c8cf4508703796caa2b1985a9ca867b3fcb78"
-dependencies = [
- "futures-core",
-]
-
-[[package]]
-name = "futures-core"
-version = "0.3.30"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "dfc6580bb841c5a68e9ef15c77ccc837b40a7504914d52e47b8b0e9bbda25a1d"
-
-[[package]]
-name = "futures-sink"
-version = "0.3.30"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9fb8e00e87438d937621c1c6269e53f536c14d3fbd6a042bb24879e57d474fb5"
-
-[[package]]
-name = "futures-task"
-version = "0.3.30"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "38d84fa142264698cdce1a9f9172cf383a0c82de1bddcf3092901442c4097004"
-
-[[package]]
-name = "futures-util"
-version = "0.3.30"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3d6401deb83407ab3da39eba7e33987a73c3df0c82b4bb5813ee871c19c41d48"
-dependencies = [
- "futures-core",
- "futures-task",
- "pin-project-lite",
- "pin-utils",
-]
-
 [[package]]
 name = "generic-array"
 version = "0.14.7"
@@ -517,31 +389,6 @@ version = "0.28.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "4271d37baee1b8c7e4b708028c57d816cf9d2434acb33a549475f78c181f6253"
 
-[[package]]
-name = "h2"
-version = "0.3.24"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bb2c4422095b67ee78da96fbb51a4cc413b3b25883c7717ff7ca1ab31022c9c9"
-dependencies = [
- "bytes",
- "fnv",
- "futures-core",
- "futures-sink",
- "futures-util",
- "http",
- "indexmap",
- "slab",
- "tokio",
- "tokio-util",
- "tracing",
-]
-
-[[package]]
-name = "hashbrown"
-version = "0.14.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "290f1a1d9242c78d09ce40a5e87e7554ee637af1351968159f4952f028f75604"
-
 [[package]]
 name = "heck"
 version = "0.4.1"
@@ -589,11 +436,13 @@ dependencies = [
  "ed25519-dalek",
  "hex",
  "hkdf",
+ "http",
+ "httparse",
  "log",
- "reqwest",
  "serde",
  "serde_json",
  "sha2",
+ "socket2",
  "thiserror",
  "x25519-dalek",
 ]
@@ -611,101 +460,27 @@ dependencies = [
 
 [[package]]
 name = "http"
-version = "0.2.11"
+version = "1.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8947b1a6fad4393052c7ba1f4cd97bed3e953a95c79c92ad9b051a04611d9fbb"
+checksum = "b32afd38673a8016f7c9ae69e5af41a58f81b1d31689040f2f1959594ce194ea"
 dependencies = [
  "bytes",
  "fnv",
  "itoa",
 ]
 
-[[package]]
-name = "http-body"
-version = "0.4.6"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7ceab25649e9960c0311ea418d17bee82c0dcec1bd053b5f9a66e265a693bed2"
-dependencies = [
- "bytes",
- "http",
- "pin-project-lite",
-]
-
 [[package]]
 name = "httparse"
 version = "1.8.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d897f394bad6a705d5f4104762e116a75639e470d80901eed05a860a95cb1904"
 
-[[package]]
-name = "httpdate"
-version = "1.0.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9"
-
 [[package]]
 name = "humantime"
 version = "2.1.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9a3a5bfb195931eeb336b2a7b4d761daec841b97f947d34394601737a7bba5e4"
 
-[[package]]
-name = "hyper"
-version = "0.14.28"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bf96e135eb83a2a8ddf766e426a841d8ddd7449d5f00d34ea02b41d2f19eef80"
-dependencies = [
- "bytes",
- "futures-channel",
- "futures-core",
- "futures-util",
- "h2",
- "http",
- "http-body",
- "httparse",
- "httpdate",
- "itoa",
- "pin-project-lite",
- "socket2",
- "tokio",
- "tower-service",
- "tracing",
- "want",
-]
-
-[[package]]
-name = "hyper-tls"
-version = "0.5.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d6183ddfa99b85da61a140bea0efc93fdf56ceaa041b37d553518030827f9905"
-dependencies = [
- "bytes",
- "hyper",
- "native-tls",
- "tokio",
- "tokio-native-tls",
-]
-
-[[package]]
-name = "idna"
-version = "0.5.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "634d9b1461af396cad843f47fdba5597a4f9e6ddd4bfb6ff5d85028c25cb12f6"
-dependencies = [
- "unicode-bidi",
- "unicode-normalization",
-]
-
-[[package]]
-name = "indexmap"
-version = "2.2.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "233cf39063f058ea2caae4091bf4a3ef70a653afbc026f5c4a4135d114e3c177"
-dependencies = [
- "equivalent",
- "hashbrown",
-]
-
 [[package]]
 name = "inout"
 version = "0.1.3"
@@ -715,45 +490,18 @@ dependencies = [
  "generic-array",
 ]
 
-[[package]]
-name = "ipnet"
-version = "2.9.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8f518f335dce6725a761382244631d86cf0ccb2863413590b31338feb467f9c3"
-
 [[package]]
 name = "itoa"
 version = "1.0.10"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b1a46d1a171d865aa5f83f92695765caa047a9b4cbae2cbf37dbd613a793fd4c"
 
-[[package]]
-name = "js-sys"
-version = "0.3.68"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "406cda4b368d531c842222cf9d2600a9a4acce8d29423695379c6868a143a9ee"
-dependencies = [
- "wasm-bindgen",
-]
-
-[[package]]
-name = "lazy_static"
-version = "1.4.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
-
 [[package]]
 name = "libc"
 version = "0.2.153"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9c198f91728a82281a64e1f4f9eeb25d82cb32a5de251c6bd1b5154d63a8e7bd"
 
-[[package]]
-name = "linux-raw-sys"
-version = "0.4.13"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "01cda141df6706de531b6c46c3a33ecca755538219bd484262fa09410c13539c"
-
 [[package]]
 name = "lock_api"
 version = "0.4.11"
@@ -776,12 +524,6 @@ version = "2.7.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "523dc4f511e55ab87b694dc30d0f820d60906ef06413f93d4d7a1385599cc149"
 
-[[package]]
-name = "mime"
-version = "0.3.17"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a"
-
 [[package]]
 name = "miniz_oxide"
 version = "0.7.2"
@@ -802,24 +544,6 @@ dependencies = [
  "windows-sys 0.48.0",
 ]
 
-[[package]]
-name = "native-tls"
-version = "0.2.11"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "07226173c32f2926027b63cce4bcd8076c3552846cbe7925f3aaffeac0a3b92e"
-dependencies = [
- "lazy_static",
- "libc",
- "log",
- "openssl",
- "openssl-probe",
- "openssl-sys",
- "schannel",
- "security-framework",
- "security-framework-sys",
- "tempfile",
-]
-
 [[package]]
 name = "num_cpus"
 version = "1.16.0"
@@ -839,62 +563,12 @@ dependencies = [
  "memchr",
 ]
 
-[[package]]
-name = "once_cell"
-version = "1.19.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92"
-
 [[package]]
 name = "opaque-debug"
 version = "0.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
 
-[[package]]
-name = "openssl"
-version = "0.10.63"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "15c9d69dd87a29568d4d017cfe8ec518706046a05184e5aea92d0af890b803c8"
-dependencies = [
- "bitflags 2.4.2",
- "cfg-if",
- "foreign-types",
- "libc",
- "once_cell",
- "openssl-macros",
- "openssl-sys",
-]
-
-[[package]]
-name = "openssl-macros"
-version = "0.1.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c"
-dependencies = [
- "proc-macro2",
- "quote",
- "syn",
-]
-
-[[package]]
-name = "openssl-probe"
-version = "0.1.5"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf"
-
-[[package]]
-name = "openssl-sys"
-version = "0.9.99"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "22e1bf214306098e4832460f797824c05d25aacdf896f64a985fb0fd992454ae"
-dependencies = [
- "cc",
- "libc",
- "pkg-config",
- "vcpkg",
-]
-
 [[package]]
 name = "parking_lot"
 version = "0.12.1"
@@ -918,24 +592,12 @@ dependencies = [
  "windows-targets 0.48.5",
 ]
 
-[[package]]
-name = "percent-encoding"
-version = "2.3.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e"
-
 [[package]]
 name = "pin-project-lite"
 version = "0.2.13"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8afb450f006bf6385ca15ef45d71d2288452bc3683ce2e2cacc0d18e4be60b58"
 
-[[package]]
-name = "pin-utils"
-version = "0.1.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184"
-
 [[package]]
 name = "pkcs8"
 version = "0.10.2"
@@ -946,12 +608,6 @@ dependencies = [
  "spki",
 ]
 
-[[package]]
-name = "pkg-config"
-version = "0.3.30"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d231b230927b5e4ad203db57bbcbee2802f6bce620b1e4a9024a07d94e2907ec"
-
 [[package]]
 name = "platforms"
 version = "3.3.0"
@@ -1002,7 +658,7 @@ version = "0.4.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "4722d768eff46b75989dd134e5c353f0d6296e5aaa3132e776cbdb56be7731aa"
 dependencies = [
- "bitflags 1.3.2",
+ "bitflags",
 ]
 
 [[package]]
@@ -1034,46 +690,6 @@ version = "0.8.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c08c74e62047bb2de4ff487b251e4a92e24f48745648451635cec7d591162d9f"
 
-[[package]]
-name = "reqwest"
-version = "0.11.24"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c6920094eb85afde5e4a138be3f2de8bbdf28000f0029e72c45025a56b042251"
-dependencies = [
- "base64",
- "bytes",
- "encoding_rs",
- "futures-core",
- "futures-util",
- "h2",
- "http",
- "http-body",
- "hyper",
- "hyper-tls",
- "ipnet",
- "js-sys",
- "log",
- "mime",
- "native-tls",
- "once_cell",
- "percent-encoding",
- "pin-project-lite",
- "rustls-pemfile",
- "serde",
- "serde_json",
- "serde_urlencoded",
- "sync_wrapper",
- "system-configuration",
- "tokio",
- "tokio-native-tls",
- "tower-service",
- "url",
- "wasm-bindgen",
- "wasm-bindgen-futures",
- "web-sys",
- "winreg",
-]
-
 [[package]]
 name = "rustc-demangle"
 version = "0.1.23"
@@ -1089,72 +705,18 @@ dependencies = [
  "semver",
 ]
 
-[[package]]
-name = "rustix"
-version = "0.38.31"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6ea3e1a662af26cd7a3ba09c0297a31af215563ecf42817c98df621387f4e949"
-dependencies = [
- "bitflags 2.4.2",
- "errno",
- "libc",
- "linux-raw-sys",
- "windows-sys 0.52.0",
-]
-
-[[package]]
-name = "rustls-pemfile"
-version = "1.0.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1c74cae0a4cf6ccbbf5f359f08efdf8ee7e1dc532573bf0db71968cb56b1448c"
-dependencies = [
- "base64",
-]
-
 [[package]]
 name = "ryu"
 version = "1.0.16"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f98d2aa92eebf49b69786be48e4477826b256916e84a57ff2a4f21923b48eb4c"
 
-[[package]]
-name = "schannel"
-version = "0.1.23"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fbc91545643bcf3a0bbb6569265615222618bdf33ce4ffbbd13c4bbd4c093534"
-dependencies = [
- "windows-sys 0.52.0",
-]
-
 [[package]]
 name = "scopeguard"
 version = "1.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49"
 
-[[package]]
-name = "security-framework"
-version = "2.9.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "05b64fb303737d99b81884b2c63433e9ae28abebe5eb5045dcdd175dc2ecf4de"
-dependencies = [
- "bitflags 1.3.2",
- "core-foundation",
- "core-foundation-sys",
- "libc",
- "security-framework-sys",
-]
-
-[[package]]
-name = "security-framework-sys"
-version = "2.9.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e932934257d3b408ed8f30db49d85ea163bfe74961f017f405b025af298f0c7a"
-dependencies = [
- "core-foundation-sys",
- "libc",
-]
-
 [[package]]
 name = "semver"
 version = "1.0.21"
@@ -1192,18 +754,6 @@ dependencies = [
  "serde",
 ]
 
-[[package]]
-name = "serde_urlencoded"
-version = "0.7.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d3491c14715ca2294c4d6a88f15e84739788c1d030eed8c110436aafdaa2f3fd"
-dependencies = [
- "form_urlencoded",
- "itoa",
- "ryu",
- "serde",
-]
-
 [[package]]
 name = "sha2"
 version = "0.10.8"
@@ -1233,15 +783,6 @@ dependencies = [
  "rand_core",
 ]
 
-[[package]]
-name = "slab"
-version = "0.4.9"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8f92a496fb766b417c996b9c5e57daf2f7ad3b0bebe1ccfca4856390e3d3bb67"
-dependencies = [
- "autocfg",
-]
-
 [[package]]
 name = "smallvec"
 version = "1.13.1"
@@ -1276,9 +817,9 @@ checksum = "5ee073c9e4cd00e28217186dbe12796d692868f432bf2e97ee73bed0c56dfa01"
 
 [[package]]
 name = "subtle"
-version = "2.5.0"
+version = "2.4.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc"
+checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601"
 
 [[package]]
 name = "syn"
@@ -1291,45 +832,6 @@ dependencies = [
  "unicode-ident",
 ]
 
-[[package]]
-name = "sync_wrapper"
-version = "0.1.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2047c6ded9c721764247e62cd3b03c09ffc529b2ba5b10ec482ae507a4a70160"
-
-[[package]]
-name = "system-configuration"
-version = "0.5.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ba3a3adc5c275d719af8cb4272ea1c4a6d668a777f37e115f6d11ddbc1c8e0e7"
-dependencies = [
- "bitflags 1.3.2",
- "core-foundation",
- "system-configuration-sys",
-]
-
-[[package]]
-name = "system-configuration-sys"
-version = "0.5.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a75fb188eb626b924683e3b95e3a48e63551fcfb51949de2f06a9d91dbee93c9"
-dependencies = [
- "core-foundation-sys",
- "libc",
-]
-
-[[package]]
-name = "tempfile"
-version = "3.10.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a365e8cd18e44762ef95d87f284f4b5cd04107fec2ff3052bd6a3e6069669e67"
-dependencies = [
- "cfg-if",
- "fastrand",
- "rustix",
- "windows-sys 0.52.0",
-]
-
 [[package]]
 name = "thiserror"
 version = "1.0.57"
@@ -1350,21 +852,6 @@ dependencies = [
  "syn",
 ]
 
-[[package]]
-name = "tinyvec"
-version = "1.6.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "87cc5ceb3875bb20c2890005a4e226a4651264a5c75edb2421b52861a0a0cb50"
-dependencies = [
- "tinyvec_macros",
-]
-
-[[package]]
-name = "tinyvec_macros"
-version = "0.1.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
-
 [[package]]
 name = "tokio"
 version = "1.36.0"
@@ -1395,88 +882,18 @@ dependencies = [
  "syn",
 ]
 
-[[package]]
-name = "tokio-native-tls"
-version = "0.3.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bbae76ab933c85776efabc971569dd6119c580d8f5d448769dec1764bf796ef2"
-dependencies = [
- "native-tls",
- "tokio",
-]
-
-[[package]]
-name = "tokio-util"
-version = "0.7.10"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5419f34732d9eb6ee4c3578b7989078579b7f039cbbb9ca2c4da015749371e15"
-dependencies = [
- "bytes",
- "futures-core",
- "futures-sink",
- "pin-project-lite",
- "tokio",
- "tracing",
-]
-
-[[package]]
-name = "tower-service"
-version = "0.3.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b6bc1c9ce2b5135ac7f93c72918fc37feb872bdc6a5533a8b85eb4b86bfdae52"
-
-[[package]]
-name = "tracing"
-version = "0.1.40"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c3523ab5a71916ccf420eebdf5521fcef02141234bbc0b8a49f2fdc4544364ef"
-dependencies = [
- "pin-project-lite",
- "tracing-core",
-]
-
-[[package]]
-name = "tracing-core"
-version = "0.1.32"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c06d3da6113f116aaee68e4d601191614c9053067f9ab7f6edbcb161237daa54"
-dependencies = [
- "once_cell",
-]
-
-[[package]]
-name = "try-lock"
-version = "0.2.5"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e421abadd41a4225275504ea4d6566923418b7f05506fbc9c0fe86ba7396114b"
-
 [[package]]
 name = "typenum"
 version = "1.17.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825"
 
-[[package]]
-name = "unicode-bidi"
-version = "0.3.15"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "08f95100a766bf4f8f28f90d77e0a5461bbdb219042e7679bebe79004fed8d75"
-
 [[package]]
 name = "unicode-ident"
 version = "1.0.12"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b"
 
-[[package]]
-name = "unicode-normalization"
-version = "0.1.22"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5c5713f0fc4b5db668a2ac63cdb7bb4469d8c9fed047b1d0292cc7b0ce2ba921"
-dependencies = [
- "tinyvec",
-]
-
 [[package]]
 name = "universal-hash"
 version = "0.5.1"
@@ -1487,126 +904,24 @@ dependencies = [
  "subtle",
 ]
 
-[[package]]
-name = "url"
-version = "2.5.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "31e6302e3bb753d46e83516cae55ae196fc0c309407cf11ab35cc51a4c2a4633"
-dependencies = [
- "form_urlencoded",
- "idna",
- "percent-encoding",
-]
-
 [[package]]
 name = "utf8parse"
 version = "0.2.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "711b9620af191e0cdc7468a8d14e709c3dcdb115b36f838e601583af800a370a"
 
-[[package]]
-name = "vcpkg"
-version = "0.2.15"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426"
-
 [[package]]
 name = "version_check"
 version = "0.9.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f"
 
-[[package]]
-name = "want"
-version = "0.3.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bfa7760aed19e106de2c7c0b581b509f2f25d3dacaf737cb82ac61bc6d760b0e"
-dependencies = [
- "try-lock",
-]
-
 [[package]]
 name = "wasi"
 version = "0.11.0+wasi-snapshot-preview1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
 
-[[package]]
-name = "wasm-bindgen"
-version = "0.2.91"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c1e124130aee3fb58c5bdd6b639a0509486b0338acaaae0c84a5124b0f588b7f"
-dependencies = [
- "cfg-if",
- "wasm-bindgen-macro",
-]
-
-[[package]]
-name = "wasm-bindgen-backend"
-version = "0.2.91"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c9e7e1900c352b609c8488ad12639a311045f40a35491fb69ba8c12f758af70b"
-dependencies = [
- "bumpalo",
- "log",
- "once_cell",
- "proc-macro2",
- "quote",
- "syn",
- "wasm-bindgen-shared",
-]
-
-[[package]]
-name = "wasm-bindgen-futures"
-version = "0.4.41"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "877b9c3f61ceea0e56331985743b13f3d25c406a7098d45180fb5f09bc19ed97"
-dependencies = [
- "cfg-if",
- "js-sys",
- "wasm-bindgen",
- "web-sys",
-]
-
-[[package]]
-name = "wasm-bindgen-macro"
-version = "0.2.91"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b30af9e2d358182b5c7449424f017eba305ed32a7010509ede96cdc4696c46ed"
-dependencies = [
- "quote",
- "wasm-bindgen-macro-support",
-]
-
-[[package]]
-name = "wasm-bindgen-macro-support"
-version = "0.2.91"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "642f325be6301eb8107a83d12a8ac6c1e1c54345a7ef1a9261962dfefda09e66"
-dependencies = [
- "proc-macro2",
- "quote",
- "syn",
- "wasm-bindgen-backend",
- "wasm-bindgen-shared",
-]
-
-[[package]]
-name = "wasm-bindgen-shared"
-version = "0.2.91"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4f186bd2dcf04330886ce82d6f33dd75a7bfcf69ecf5763b89fcde53b6ac9838"
-
-[[package]]
-name = "web-sys"
-version = "0.3.68"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "96565907687f7aceb35bc5fc03770a8a0471d82e479f25832f54a0e3f4b28446"
-dependencies = [
- "js-sys",
- "wasm-bindgen",
-]
-
 [[package]]
 name = "windows-sys"
 version = "0.48.0"
@@ -1739,16 +1054,6 @@ version = "0.52.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "dff9641d1cd4be8d1a070daf9e3773c5f67e78b4d9d42263020c057706765c04"
 
-[[package]]
-name = "winreg"
-version = "0.50.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "524e57b2c537c0f9b1e69f1965311ec12182b4122e45035b1508cd24d2adadb1"
-dependencies = [
- "cfg-if",
- "windows-sys 0.48.0",
-]
-
 [[package]]
 name = "x25519-dalek"
 version = "2.0.1"

homekit-controller/Cargo.toml

@@ -10,10 +10,12 @@ serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
 thiserror = "1.0"
 log = "0.4"
-reqwest = "0.11"
 x25519-dalek = { version = "2", features = ["getrandom"] }
 ed25519-dalek = { version = "2" }
 chacha20poly1305 = "0.10.1"
 hkdf = "0.12.4"
 sha2 = "0.10"
 hex = { version = "0.4", features = ["serde"] }
+http = "1.0"
+httparse = "1.8"
+socket2 = "0.5"

homekit-controller/src/homekit_http.rs

@@ -0,0 +1,287 @@
+use std::{
+    io::{Read, Write},
+    net::SocketAddr,
+    time::Duration,
+};
+
+use chacha20poly1305::{
+    aead::generic_array::GenericArray, AeadInPlace, ChaCha20Poly1305, KeyInit, Nonce,
+};
+use http::{Method, Request};
+use socket2::Socket;
+
+use crate::{tlv8::TlvEncode, HomekitError};
+
+pub(super) struct AccessorySocket {
+    socket: Socket,
+    address: SocketAddr,
+    ip: String,
+    port: usize,
+    socket_encryption: Option<SocketEncryption>,
+}
+
+struct SocketEncryption {
+    controller_to_accessory_key: [u8; 32],
+    controller_to_accessory_counter: u64,
+    accessory_to_controller_key: [u8; 32],
+    accessory_to_controller_counter: u64,
+}
+
+impl SocketEncryption {
+    fn new(controller_to_accessory_key: [u8; 32], accessory_to_controller_key: [u8; 32]) -> Self {
+        Self {
+            controller_to_accessory_key,
+            controller_to_accessory_counter: 0,
+            accessory_to_controller_key,
+            accessory_to_controller_counter: 0,
+        }
+    }
+}
+
+impl AccessorySocket {
+    pub async fn new(ip: &str, port: usize) -> Result<Self, HomekitError> {
+        let socket = Socket::new(
+            socket2::Domain::IPV4,
+            socket2::Type::STREAM,
+            Some(socket2::Protocol::TCP),
+        )?;
+        socket.set_reuse_port(true)?;
+        socket.set_keepalive(true)?;
+        socket.set_linger(Some(Duration::from_secs(10)))?;
+
+        let address: SocketAddr = format!("{ip}:{port}").parse()?;
+        let host: SocketAddr = "192.168.50.187:12345".parse()?;
+
+        socket.bind(&host.into())?;
+        socket.connect(&address.into())?;
+
+        Ok(Self {
+            socket,
+            address,
+            ip: ip.into(),
+            port,
+            socket_encryption: None,
+        })
+    }
+
+    pub fn set_encryption(
+        &mut self,
+        controller_to_accessory_key: [u8; 32],
+        accessory_to_controller_key: [u8; 32],
+    ) {
+        self.socket_encryption = Some(SocketEncryption::new(
+            controller_to_accessory_key,
+            accessory_to_controller_key,
+        ))
+    }
+
+    pub async fn verify_request(
+        &mut self,
+        data: &[(u8, Vec<u8>)],
+    ) -> Result<Vec<u8>, HomekitError> {
+        let encoded = data.encode();
+        self.req(
+            "/pair-verify",
+            Method::POST,
+            Some(vec![
+                (
+                    String::from("Content-Type"),
+                    String::from("application/pairing+tlv8"),
+                ),
+                (String::from("Content-Length"), format!("{}", encoded.len())),
+            ]),
+            &encoded,
+        )
+        .await
+    }
+
+    pub async fn get_accessories(&mut self) -> Result<(), HomekitError> {
+        let response = self.req("/accessories", Method::GET, None, &[]).await?;
+        log::info!("response: {response:?}");
+        Ok(())
+    }
+
+    pub async fn get_characteristics(
+        &mut self,
+        characteristics: &[String],
+    ) -> Result<(), HomekitError> {
+        let characteristic_request = characteristics.join(",");
+        let url =
+            format!("/characteristics?id={characteristic_request}&meta=1&perms=1&type=1&ev=1");
+        let response = self.req(&url, Method::GET, None, &[]).await?;
+        if let Ok(string) = String::from_utf8(response.clone()) {
+            log::info!("got as string: {string}")
+        } else {
+            log::info!("got: {response:?}");
+        }
+
+        Ok(())
+    }
+
+    pub async fn req(
+        &mut self,
+        url: &str,
+        method: Method,
+        headers: Option<Vec<(String, String)>>,
+        body: &[u8],
+    ) -> Result<Vec<u8>, HomekitError> {
+        let mut request_builder = Request::builder()
+            .uri(url)
+            .method(method)
+            .header("host", format!("{}:{}", self.ip, self.port));
+
+        if let Some(headers) = headers {
+            for (key, value) in headers {
+                request_builder = request_builder.header(key, value);
+            }
+        }
+
+        let request: Request<Vec<u8>> = request_builder.body(body.to_vec())?;
+
+        let (parts, body) = request.into_parts();
+
+        let mut send_data = format!("{} {} HTTP/1.1\r\n", parts.method, parts.uri)
+            .as_bytes()
+            .to_vec();
+        for (name, value) in parts.headers {
+            if let Some(name) = name {
+                if name == "host" {
+                    send_data.extend_from_slice("Host: ".to_string().as_bytes());
+                } else {
+                    send_data.extend_from_slice(format!("{name}: ").as_bytes());
+                }
+                send_data.extend_from_slice(value.as_bytes());
+                send_data.extend_from_slice("\r\n".as_bytes());
+            } else {
+                send_data.extend_from_slice(value.as_bytes());
+                send_data.extend_from_slice("\r\n".as_bytes());
+            }
+        }
+        send_data.extend_from_slice("\r\n".as_bytes());
+        send_data.extend_from_slice(&body);
+        let mut visible = String::new();
+        for b in &send_data {
+            let part: Vec<u8> = std::ascii::escape_default(*b).collect();
+            visible.push_str(std::str::from_utf8(&part).unwrap());
+        }
+        log::info!("data as string: {visible}");
+
+        if let Some(encryption) = self.socket_encryption.as_mut() {
+            let mut packets = Vec::new();
+            let mut i = 0;
+
+            for packet in send_data.chunks(1024) {
+                i += 1;
+
+                let mut nonce = [0; 12];
+                nonce[4..]
+                    .copy_from_slice(&encryption.controller_to_accessory_counter.to_le_bytes());
+                encryption.controller_to_accessory_counter += 1;
+
+                let associated_data = (packet.len() as u16).to_le_bytes();
+
+                let chacha = ChaCha20Poly1305::new(GenericArray::from_slice(
+                    &encryption.controller_to_accessory_key,
+                ));
+                let mut buffer = packet.to_vec();
+
+                buffer.reserve(16);
+
+                chacha.encrypt_in_place(
+                    Nonce::from_slice(&nonce),
+                    &associated_data,
+                    &mut buffer,
+                )?;
+
+                let data = [&associated_data[..], &buffer[..] /*, &tag[..]*/].concat();
+
+                packets.extend_from_slice(&data);
+            }
+            send_data = packets;
+            log::info!("encrypted {i} chunks!");
+        }
+
+        log::info!("data: {send_data:X?}");
+        log::info!("data len: {}", send_data.len());
+
+        self.socket.write_all(&send_data)?;
+
+        let mut buf = [0; 1024];
+
+        log::info!("about to read");
+        let mut read_num = self.socket.read(&mut buf)?;
+
+        log::info!("read {read_num} bytes");
+        while read_num == 0 {
+            std::thread::sleep(std::time::Duration::from_millis(200));
+            self.socket.flush()?;
+
+            log::warn!("reconnecting...");
+            self.socket = Socket::new(
+                socket2::Domain::IPV4,
+                socket2::Type::STREAM,
+                Some(socket2::Protocol::TCP),
+            )?;
+            self.socket.set_reuse_port(true)?;
+            self.socket.set_keepalive(true)?;
+            self.socket.set_linger(Some(Duration::from_secs(10)))?;
+            self.socket.connect(&self.address.into())?;
+
+            self.socket.write_all(&send_data)?;
+            self.socket.flush()?;
+
+            read_num = self.socket.read(&mut buf)?;
+            log::info!("read {read_num} bytes");
+        }
+
+        let mut headers = [httparse::EMPTY_HEADER; 4];
+        let mut resp = httparse::Response::new(&mut headers);
+
+        // if let Some(encryption) = self.socket_encryption.as_mut() {
+        //     log::info!("read num: {read_num}");
+        //     log::info!("got {buf:?}");
+        //     let length = u16::from_le_bytes(buf[..2].try_into()?);
+        //     log::info!("alleged length: {length}");
+        //     let associated_data: [u8; 16] = length
+        //         .to_le_bytes()
+        //         .iter()
+        //         .chain([0; 14].iter())
+        //         .copied()
+        //         .collect::<Vec<_>>()
+        //         .try_into()?;
+        //     let authtag: [u8; 16] = buf[2..(2 + 16)].try_into()?;
+        //     let mut data = buf[(2/*+ 16*/)..].to_vec();
+        //     let counter_bytes = encryption.accessory_to_controller_counter.to_le_bytes();
+        //     encryption.accessory_to_controller_counter += 1;
+        //     log::info!("pebis number 1");
+        //     let nonce: [u8; 12] = [0; 4]
+        //         .iter()
+        //         .chain(counter_bytes.iter())
+        //         .copied()
+        //         .collect::<Vec<_>>()
+        //         .try_into()?;
+        //     encryption.chacha.decrypt_in_place_detached(
+        //         GenericArray::from_slice(&nonce),
+        //         &associated_data,
+        //         &mut data,
+        //         GenericArray::from_slice(&authtag),
+        //     )?;
+
+        //     log::info!("pebios 2");
+        //     let res = resp.parse(&data)?;
+        //     match res {
+        //         httparse::Status::Complete(header_size) => {
+        //             Ok(data[header_size..(read_num - (2 + 16))].to_vec())
+        //         }
+        //         httparse::Status::Partial => panic!("LOL"),
+        //     }
+        // } else {
+        let res = resp.parse(&buf)?;
+        log::info!("response:\n{resp:#?}");
+        match res {
+            httparse::Status::Complete(header_size) => Ok(buf[header_size..read_num].to_vec()),
+            httparse::Status::Partial => panic!("LOL"),
+        }
+        // }
+    }
+}

homekit-controller/src/lib.rs

@@ -1,7 +1,6 @@
 use chacha20poly1305::{aead::generic_array::GenericArray, AeadInPlace, ChaCha20Poly1305, KeyInit};
 use ed25519_dalek::{Signer, Verifier};
 use hkdf::Hkdf;
-use reqwest::{Client, Method};
 use sha2::Sha512;
 use std::{collections::HashMap, path::PathBuf};
 use thiserror::Error;
@@ -10,14 +9,16 @@ use x25519_dalek::{EphemeralSecret, PublicKey};
 
 use pairing_data::DevicePairingData;
 
-use crate::tlv8::{decode, TlvEncodableData};
+use crate::{
+    homekit_http::AccessorySocket,
+    tlv8::{decode, FormatTlv, TlvEncodableData},
+};
 
 mod pairing_data;
 mod tlv8;
 
 #[derive(Debug, Clone)]
 pub struct HomekitController {
-    client: Client,
     devices: HashMap<String, DevicePairingData>,
 }
 
@@ -25,36 +26,39 @@ impl HomekitController {
     pub fn load(pairing_data: PathBuf) -> Result<Self, HomekitError> {
         let devices: HashMap<String, DevicePairingData> =
             serde_json::from_str(&std::fs::read_to_string(pairing_data)?)?;
-        let client = Client::builder().build()?;
+
-        Ok(Self { client, devices })
+        Ok(Self { devices })
     }
 
     pub async fn connect_to(&self, device_name: &str) -> Result<(), HomekitError> {
         if let Some(device) = self.devices.get(device_name) {
-            device.connect(&self.client).await
+            device.connect().await
         } else {
             Err(HomekitError::NoPairingData)
         }
     }
 }
 
+mod homekit_http;
+
 impl DevicePairingData {
-    pub async fn connect(&self, client: &Client) -> Result<(), HomekitError> {
+    pub async fn connect(&self) -> Result<(), HomekitError> {
         let key = EphemeralSecret::random();
         let pubkey = PublicKey::from(&key);
-        let step1_response = verify_request(
+        let mut socket = AccessorySocket::new(&self.accessory_ip, self.accessory_port).await?;
-            &self.accessory_ip,
+
-            self.accessory_port,
+        // 5.7.1 M1: iOS Device -> Accessory – 'Verify Start Request'
-            &[
+        let step1_response = decode(
-                (
+            &socket
-                    TlvType::State.into(),
+                .verify_request(&[
-                    (HomekitState::M1 as u8).encode_value(),
+                    (
-                ),
+                        TlvType::State.into(),
-                (TlvType::PublicKey.into(), pubkey.as_bytes().encode_value()),
+                        (HomekitState::M1 as u8).encode_value(),
-            ],
+                    ),
-            client,
+                    (TlvType::PublicKey.into(), pubkey.as_bytes().encode_value()),
-        )
+                ])
-        .await?;
+                .await?,
+        )?;
 
         if step1_response
             .get(&TlvType::State.into())
@@ -64,6 +68,8 @@ impl DevicePairingData {
             return Err(HomekitError::StateMismatch);
         }
 
+        // 5.7.3 M3: iOS Device -> Accessory – 'Verify Finish Request'
+
         let response_pubkey = step1_response
             .get(&TlvType::PublicKey.into())
             .ok_or(HomekitError::TlvNotFound)?;
@@ -75,14 +81,14 @@ impl DevicePairingData {
         let accessory_pubkey_bytes: Box<[u8; 32]> =
             response_pubkey.clone().into_boxed_slice().try_into()?;
         let accessory_pubkey = x25519_dalek::PublicKey::from(*accessory_pubkey_bytes);
+        // 1. Generate the shared secret, SharedSecret, from its Curve25519 secret key and the accessory's Curve25519 public key.
         let shared_secret = key.diffie_hellman(&accessory_pubkey);
 
-        let hk: Hkdf<Sha512> = Hkdf::<Sha512>::new(
+        let hk: Hkdf<Sha512> =
-            Some("Pair-Verify-Encrypt-Salt".as_bytes()),
+            Hkdf::<Sha512>::new(Some(b"Pair-Verify-Encrypt-Salt"), shared_secret.as_bytes());
-            shared_secret.as_bytes(),
-        );
         let mut session_key = [0; 32];
-        hk.expand("Pair-Verify-Encrypt-Info".as_bytes(), &mut session_key)?;
+        // 2. Derive the symmetric session encryption key, SessionKey, in the same manner as the accessory
+        hk.expand(b"Pair-Verify-Encrypt-Info", &mut session_key)?;
 
         let (encrypted, authtag) =
             response_encrypted_data.split_at((response_encrypted_data.len()) - 16);
@@ -91,11 +97,12 @@ impl DevicePairingData {
         let chacha = ChaCha20Poly1305::new_from_slice(&session_key)?;
         let nonce: [u8; 12] = [0; 4]
             .iter()
-            .chain("PV-Msg02".as_bytes())
+            .chain(b"PV-Msg02")
             .copied()
             .collect::<Vec<_>>()
             .try_into()?;
 
+        // 3. Verify authtag against received encrypted data
         chacha.decrypt_in_place_detached(
             GenericArray::from_slice(&nonce),
             &[],
@@ -103,6 +110,7 @@ impl DevicePairingData {
             authtag.into(),
         )?;
 
+        // 4. Decrypt sub-TLV
         let decrypted = decode(&encrypted)?;
 
         let accessory_identifier = decrypted
@@ -116,28 +124,35 @@ impl DevicePairingData {
             return Err(HomekitError::Auth);
         }
 
+        // 5. Get accessory LTPK
         let accessory_ltpk = ed25519_dalek::VerifyingKey::from_bytes(&self.accessory_ltpk)?;
         let mut accessory_info = accessory_pubkey_bytes.to_vec();
         accessory_info.extend_from_slice(accessory_identifier);
         accessory_info.extend_from_slice(pubkey.as_bytes());
-        log::info!("info len: {}", accessory_info.len());
 
         let accessory_signature_bytes: Box<[u8; 64]> =
             accessory_signature.clone().into_boxed_slice().try_into()?;
+
+        // 6. Use Ed25519 to verify AccessorySignature using AccessoryLTPK against AccessoryInfo
         accessory_ltpk.verify(
             &accessory_info,
             &ed25519_dalek::Signature::from_bytes(&accessory_signature_bytes),
         )?;
 
+        // 7. Construct iOSDeviceInfo
         let ios_device_info = {
             let mut buf = pubkey.as_bytes().to_vec();
             buf.extend_from_slice(self.ios_pairing_id.as_bytes());
             buf.extend_from_slice(pubkey.as_bytes());
             buf
         };
-        let signing_key = ed25519_dalek::SigningKey::from_bytes(&self.ios_device_ltsk);
+        // 8. Use Ed25519 togenerate iOSDeviceSignature by signing iOSDeviceInfo with its long-term secret key, iOSDeviceLTSK
+        let mut keypair = self.ios_device_ltsk.to_vec();
+        keypair.extend_from_slice(&self.ios_device_ltpk);
+        let signing_key = ed25519_dalek::SigningKey::from_keypair_bytes(&keypair.try_into()?)?;
         let signature = signing_key.sign(&ios_device_info);
 
+        // 9. Construct sub-TLV
         let mut encrypted_tlv = //tlv8::encode(&);
         ([
             (
@@ -150,34 +165,30 @@ impl DevicePairingData {
             ),
         ]).encode();
 
+        // 10. Encrypt sub-TLV: encryptedData, authTag = ChaCha20-Poly1305(SessionKey, Nonce=”PV-Msg03”, AAD=<none>, Msg=<Sub-TLV>)
         let nonce: [u8; 12] = [0; 4]
             .iter()
-            .chain("PV-Msg03".as_bytes())
+            .chain(b"PV-Msg03")
             .copied()
             .collect::<Vec<_>>()
             .try_into()?;
-        chacha.encrypt_in_place_detached(
+        chacha.encrypt_in_place(GenericArray::from_slice(&nonce), &[], &mut encrypted_tlv)?;
-            GenericArray::from_slice(&nonce),
-            &[],
-            &mut encrypted_tlv,
-        )?;
 
-        let step3_response = verify_request(
+        // 11/12 Construct TLV response and send to accessory
-            &self.accessory_ip,
+        let step3_response = decode(
-            self.accessory_port,
+            &socket
-            &[
+                .verify_request(&[
-                (
+                    (
-                    TlvType::State.into(),
+                        TlvType::State.into(),
-                    (HomekitState::M3 as u8).encode_value(),
+                        (HomekitState::M3 as u8).encode_value(),
-                ),
+                    ),
-                (
+                    (
-                    TlvType::EncryptedData.into(),
+                        TlvType::EncryptedData.into(),
-                    (&encrypted_tlv as &[u8]).encode_value(),
+                        (&encrypted_tlv as &[u8]).encode_value(),
-                ),
+                    ),
-            ],
+                ])
-            client,
+                .await?,
-        )
+        )?;
-        .await?;
 
         if step3_response
             .get(&TlvType::State.into())
@@ -187,88 +198,73 @@ impl DevicePairingData {
             return Err(HomekitError::StateMismatch);
         }
 
-        let hk: Hkdf<Sha512> =
+        log::info!("step3 response: {}", step3_response.as_tlv_string());
-            Hkdf::<Sha512>::new(Some("Control-Salt".as_bytes()), shared_secret.as_bytes());
+
+        // 5.7.4 M4: Accessory -> iOS Device – ‘Verify Finish Responseʼ
+        // When the accessory receives <M3>, it must perform the following steps:
+        //
+        // 1.	Verify the iOS deviceʼs authTag, which is appended to the encryptedData and
+        //      contained within the kTLVType_EncryptedData TLV item, against encryptedData.
+        //      If verification fails, the accessory must respond with the following TLV items:
+        //          kTLVType_State <M4>
+        //          kTLVType_Error kTLVError_Authentication
+        //
+        // 2.	Decrypt the sub-TLV in encryptedData.
+        //      If decryption fails, the accessory must respond with the following TLV items:
+        //          kTLVType_State <M4>
+        //          kTLVType_Error kTLVError_Authentication
+        //
+        // 3.	Use the iOS deviceʼs Pairing Identifier, iOSDevicePairingID, to look up the iOS deviceʼs
+        //      long-term public key, iOSDeviceLTPK, in its list of paired controllers.
+        //      If not found, the accessory must respond with the following TLV items:
+        //          kTLVType_State <M4>
+        //          kTLVType_Error kTLVError_Authentication
+        //
+        // 4.	Use Ed25519 to verify iOSDeviceSignature using iOSDeviceLTPK against iOSDeviceInfo contained
+        //      in the decrypted sub-TLV. If decryption fails, the accessory must respond with the following TLV items:
+        //          kTLVType_State <M4>
+        //          kTLVType_Error kTLVError_Authentication
+        //
+        // 5.   Send the response to the iOS device with the following TLV items:
+        //          kTLVType_State <M4>
+
         let mut controller_to_accessory_key = [0; 32];
-        hk.expand(
+        Hkdf::<Sha512>::new(Some(b"Control-Salt"), shared_secret.as_bytes()).expand(
-            "Control-Write-Encryption-Key".as_bytes(),
+            b"Control-Write-Encryption-Key",
             &mut controller_to_accessory_key,
         )?;
-        let hk: Hkdf<Sha512> =
+        log::info!("c2a key: {controller_to_accessory_key:?}");
-            Hkdf::<Sha512>::new(Some("Control-Salt".as_bytes()), shared_secret.as_bytes());
+
         let mut accessory_to_controller_key = [0; 32];
-        hk.expand(
+        Hkdf::<Sha512>::new(Some(b"Control-Salt"), shared_secret.as_bytes()).expand(
-            "Control-Read-Encryption-Key".as_bytes(),
+            b"Control-Read-Encryption-Key",
             &mut accessory_to_controller_key,
         )?;
+        log::info!("a2c key: {accessory_to_controller_key:?}");
+
+        socket.set_encryption(controller_to_accessory_key, accessory_to_controller_key);
+
+        socket.get_accessories().await?;
 
         // now get characteristics
-        get_characteristics(
+        socket
-            &self.accessory_ip,
+            .get_characteristics(
-            self.accessory_port,
+                &self
-            &self
+                    .accessories
-                .accessories
+                    .as_ref()
-                .iter()
+                    .map(|a| {
-                .flat_map(|v| v.get_service_ids())
+                        a.iter()
-                .collect::<Vec<_>>(),
+                            .flat_map(|v| v.get_service_ids())
-            client,
+                            .collect::<Vec<_>>()
-        )
+                    })
-        .await?;
+                    .unwrap_or_default(),
+            )
+            .await?;
+
         Ok(())
     }
 }
 
-async fn verify_request(
-    ip: &str,
-    port: usize,
-    data: &[(u8, Vec<u8>)],
-    client: &Client,
-) -> Result<HashMap<u8, Vec<u8>>, HomekitError> {
-    let uri = format!("http://{ip}:{port}/pair-verify");
-    log::info!("request uri: {uri}");
-    let encoded = data.encode();
-    let request = client
-        .post(uri)
-        .header("Content-Type", "application/pairing+tlv8")
-        .header("Content-Length", encoded.len())
-        .body(encoded)
-        .build()?;
-
-    match client.execute(request).await {
-        Ok(val) => Ok(tlv8::decode(val.bytes().await?.as_ref())?),
-        Err(e) => Err(e.into()),
-    }
-}
-
-async fn get_characteristics(
-    ip: &str,
-    port: usize,
-    characteristics: &[String],
-    client: &Client,
-) -> Result<(), HomekitError> {
-    let characteristic_request = characteristics.join(",");
-    let uri = format!(
-        "http://{ip}:{port}/characteristics?id={characteristic_request}&meta=1&perms=1&type=1&ev=1"
-    );
-    let request = client.request(Method::GET, uri).build()?;
-
-    log::info!("request: {request:?}");
-    match client.execute(request).await {
-        Ok(val) => {
-            log::info!("characteristic get request successful:\n{val:#?}");
-            let bytes = val.bytes().await?.to_vec();
-            log::info!(
-                "str: {:?}, bytes: {bytes:?}",
-                String::from_utf8(bytes.clone())
-            );
-            log::info!("parsed: {:#?}", tlv8::decode(&bytes));
-        }
-
-        Err(e) => log::error!("characteristic get request error {e:?}"),
-    }
-    Ok(())
-}
-
 pub enum HomekitState {
     M1 = 1,
     M2 = 2,
@@ -286,8 +282,6 @@ pub enum HomekitError {
     SerdeJson(#[from] serde_json::Error),
     #[error("no device pairing data stored")]
     NoPairingData,
-    #[error("http transport error")]
-    Http(#[from] reqwest::Error),
     #[error("tlv error")]
     Tlv(#[from] tlv8::TlvError),
     #[error("mismatch with state response")]
@@ -308,6 +302,24 @@ pub enum HomekitError {
     Auth,
     #[error("ed25519")]
     Ed25519(#[from] ed25519_dalek::ed25519::Error),
+    #[error("building request")]
+    HttpRequest(#[from] http::Error),
+    #[error("invalid uri")]
+    InvalidUri(#[from] http::uri::InvalidUri),
+    #[error("parsing response")]
+    ResponseParse(#[from] httparse::Error),
+    #[error("http")]
+    Http,
+    #[error("something else")]
+    SomethingElse(String),
+    #[error("addr parse")]
+    AddrParse(#[from] std::net::AddrParseError),
+}
+
+impl From<String> for HomekitError {
+    fn from(value: String) -> Self {
+        Self::SomethingElse(value)
+    }
 }
 
 impl From<chacha20poly1305::Error> for HomekitError {

homekit-exporter/Cargo.toml

@@ -4,7 +4,7 @@ version = "0.1.0"
 edition = "2021"
 
 [dependencies]
-tokio = { version = "1.35.1", features = ["full"] }
+tokio = { version = "1.36", features = ["full"] }
 env_logger = "0.11"
 log = "0.4"
 clap = { version = "4.0", features = ["derive"] }