Encryption Details¶
This page documents the complete cryptographic material found in the Bluetti APK, including all hardcoded keys, AES-128-CBC cipher parameters, IV chaining behavior, and key derivation formulas.
15.8 Complete Crypto Material¶
All keys are hardcoded in the APK and identical across all installations.
Key |
Value |
Source File |
|---|---|---|
|
|
|
|
|
|
|
|
|
Key derivation formulas:
# Legacy challenge-response:
random_bytes = data[4:8] # from device hello packet
randomMd5 = MD5(reverse(random_bytes)) # 32 hex chars
bleConnAESKey = XOR(randomMd5, LOCAL_AES_KEY) # 32 hex chars → 16 bytes
# ECDH (protocol v2+):
ecdh_shared_secret = ECDH_secp256r1(app_ephemeral_privkey, device_iot_pubkey)
bleConnShareKey = ecdh_shared_secret # 32 hex chars → 16 bytes
Cipher: AES-128-CBC, IV chained from MD5(randomMd5), 16-byte blocks, no padding.