After several attempts,I’ve got it!!!
Plaintext: {
“statusDWash”:{
“StatoWiFi”:“0”,
“CodiceErrore”:“E0”,
“StatoDWash”:“3”,
“MetaCarico”:“0”,
“StartStop”:“0”,
“TreinUno”:“0”,
“Eco”:“0”,
“Program”:“P19”,
“ExtraDry”:“0”,
“OpenDoorOpt”:“0”,
“DelayStart”:“0”,
“RemTime”:“27”,
“MissSalt”:“0”,
“MissRinse”:“0”,
“OpenDoor”:“0”,
“Reset”:“0”,
“CheckUp”:“0”,
“r1”:“5”,
“r2”:“2”,
“r3”:“2”,
“r4”:“1”,
“r5”:“0”,
“r6”:“1”,
“r7”:“3”,
“r8”:“0”,
“r9”:“NULL”,
“r15”:“1”
}
}
1 Like
Hi all, i’ve started a litte project here: https://github.com/MelvinGr/CandySimplyFi-tool
At the moment it can be used to retreive the key, and multiple stats.
Please feel free to use and / or contribute 
2 Likes
Many thanks for the hints in this thread on how to get the encryption key. I’d already got as far querying http-read and thought that the encryption did not look very sophisticated. However this thread allowed me to actually get the key and finally decrypt the data.
I have a Hoover tumble dryer which is supposed to use the ‘hOn’ app. However after sending a tcpdump to their technical support after it refused to enrol they found that it had the wrong firmware installed and was actually compatible with the ‘Hoover Wizard’ app instead. In any case all of theses apps/brands by the same parent company appear to be strongly related!
I’ve made a little AppDaemon app that pulls all of the data returned by http-read and http-getStatistics into Home Assistant. Maybe it’s useful for others (once you’ve obtained your key of course!).
Thanks a lot for the work you’ve done. Run on my HassOS for my Hoover washing and drying machine with some personalization. Though, if I use “OneFI Extra” mode the JSON output is always the same.
By the way Haier is the owner of both Candy and Hoover and actually it is possible to use SimplyFi app with Hoover machines
Ok I was taking care about other priorities and kind of left this thread sorry. Good to see that new people made some progress since April and even made a few working HASS integration! It’s a pity my Postman collection wasn’t used/understand haha ; I should have posted API url directly here.
So regarding the encryption key, one local API url I defined on Postman in April and I didn’t found on this recent thread post / new github projects is the one to change the wifi parameters and encryption key (even if you don’t know the current encryption key so it may be a way to avoid the XOR tries, and to ‘disconnect’ the device from Candy cloud):
http://{{PRODUCT_IP}}/http-config.json?encrypted=0&NTW_MODE={{NETWORD_SECURITY}}&SSID={{NETWORK_SSID}}&PASSWORD={{NETWORD_PASSWORD}}&ENCRYPT_KEY={{NEW_PRODUCT_ENCRYPTIONKEY}}
Where for {{NETWORD_SECURITY}}, 2 means WEP and 3 means WPA.
Or simply change the encryption key and keep wifi settings with:
http://{{PRODUCT_IP}}/http-config.json?encrypted=0&ENCRYPT_KEY={{NEW_PRODUCT_ENCRYPTIONKEY}}
You will get a response “{“response”:“BAD REQUEST”}” but the Wifi settings (after device reset) and encryption key (no reset required) would have been changed. Hope it helps
I’m unable to configure a sensor with the information I obtain of my dishwasher and get it into HA. I’ve tried :
sensor:
- platform: command_line
name: Dishwasher
scan_interval: 30
command: ‘xortool-xor -h $(curl -sf http://[diswasherIP]/http-read.json?encrypted=1") -s [KEY] | jq -cerM .statusDwash’
value_template: “{% if value_json.StatoWiFi | int == 1 -%}on{%- else -%}off{% endif %}”
also removing the jq part…
…and everything that came up into my mind…but nothing worked. I always obtained an error on the command line.
any help is always appreciated.
I have a Candy washer-dryer. I never used the app to setup it. In theory this model support bluetooth to setup the wifi. I haven’t looked at that.
Here are some notes:
I’ve configured the machine with @afterster instructions. I got the response {"response":"SUCCESS"} instead of {“response”:“BAD REQUEST”}. If I try to set just the encrpytion key (without the ssid and password) I get '{"response":"NO GET"}'.
By setting the key to all zeros (ENCRYPT_KEY=%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00). You don’t need the xor. But you still need to convert from the hexadecimal representation.
On my machine, using encrypted=0 works and you directly get the json. At least to read values, I didn’t try to control the machine yet. Maybe this works on most machine and this whole xor things can be forgotten?
The default key before I connected it to my wifi was the same as the last 8 char of the ssid of the wifi generated by the machine repeated two times: the ssid is ssid WIFIWASHMACHINE-abcd and the key is INE-abcdINE-abcd. The end of the ssid (abcd in this example), is the two last bytes of the mac address of the machine, in lowercase hexadecimal.
The host name the machine send to the dhcp server is “espressif” and the mac address is from espressif. This means that the machine likely use an esp32.
I can confirm that the machine send a regular udp broadcast. I can see this message include the mac address and ip address of the machine. And a bunch of zeros.
There is an extra api/v1 in the postman urls. If you try to use them and get a 404, that maybe the reason.
The android app seems reasonably easy to reverse if necessary.
There is a “RecipeId” field in the status of this washer. Maybe Candy want me to use it to cook something ? 
(more seriously, I thing they just reused the same field name from the firmware of an hob or oven for something else).
If you’re using HassOS the command_line sensor will not work as XOR tool is not available within it.
One of the easiest ways is to go through AppDaemon and the app made by jezcooke so it calls all the necessary libraries and gives you de-XORed JSON.
I do not know how all the appliances work but for the combined washing and drying machine, as it is off during standby, it is enough to go through command_line with a ping request if its ip.
Whithin my config (PI4 with HassOS) I tried the following methods:
command_line for ping
python sandbox (impossible to import requests and binaries)
HACS with pyscript (some issues with GET requests, I gave up trying what was the issue)
actual working solution is AppDaemon (no stats sensor) but pretty happy with it.
I’m running HA in raspbian buster. I’m afraid I’m not able to understand how to use jezcooke’s app. the same had happenned to me with Maxime’s Postman. I’m sorry, but without step by step instructions, my knowledge doesn’t allow me to go further. thanks any way, I’ll stay tuned to your advances…
As for rasp buster, it is important to understand how the HA is installed. Is it a Docker container or VENV?
And the most important stuff is what is the real purpose of integrating in the HA? I guess it will help anyone with a future development.
Mine should be obtaining the remaining time for the washing cycle and getting an alert when it is about to end as my machine is placed outside and it is impossible to hear any noice or sound alert from it and there is no notification inside the official app.
pyscript can certainly make GET requests. I have a couple of scripts that do so without issue. But I’m glad you found a working solution with AppDaemon.
1 Like
Tried with encrypted=0 and got the plain text reply. So, yes the washer use encrypting to communicate with the app, but is this xor thing really necessary for our purpose?
Does anyone have any idea what all these parameters mean?
{
"statusLavatrice":{
"WiFiStatus":"0",
"Err":"0",
"MachMd":"1",
"Pr":"1",
"PrPh":"0",
"PrCode":"136",
"SLevel":"0",
"Temp":"30",
"SpinSp":"4",
"Opt1":"0",
"Opt2":"0",
"Opt3":"0",
"Opt4":"0",
"Opt5":"0",
"Opt6":"0",
"Opt7":"0",
"Opt8":"0",
"Opt9":"0",
"Steam":"0",
"DryT":"0",
"DelVal":"29",
"RemTime":"2340",
"RecipeId":"0",
"Lang":"0",
"FillR":"0",
"DisTestOn":"0",
"DisTestRes":"0",
"CheckUpState":"0",
"T0W":"0",
"TIW":"0",
"T0R":"0",
"numF":"0",
"unbF":"0",
"unbC":"0",
"NtcW":"136",
"NtcD":"7",
"motS":"0",
"APSoff":"0",
"APSfreq":"61967",
"chartL":"0"
}
}
If setting the encrypted flag to 0 gives you a plain text reply then there is no need to find the key and XOR the output. But it must depend in the machine, this was the first thing I tried before even discovering this thread (as I imagine most would have done) but in my case it returns ‘Bad request’ if this flag is set to zero.
Don’t know all of the parameters, some are easy enough to work out from the names but others are not so obvious. You may be able to see if some correspond to values presented in the official app. Personally I could work out all the one that I cared about (basically is it running or not, how long is remaining and is the door open or closed) and didn’t bother much about the rest.
I am trying to see if I can communicate with Candy dish washer CDIMN 4S622PS.
I registered the device in Candy simply-Fi app. And I have checked on the router IP address of the washer.
But when I try postman GET http://192.168.x.x/http-read.json?encrypted=0
I am getting “Error: socket hang up”
Any advice what i am doing wrong ?
Thanx,
D
Do you get a response if using encrypted=1? Mine does not allow encrypted=0 (although it returns {"response":"BAD REQUEST"} rather than just dropping the connection).
In addition to @jezcooke suggestion, you may try with curl -v instead of postman. The output may be more useful.
I saw your postman collection and tried it but with no luck. I removed the extra api/v1 in the path and made the request.
It was working fine but suddenly my hob does not connect to my wifi anymore.
I tried to enroll it again using your request but if I set encrypted=0 I get 401. If I set encrypted=1 it does not work. I get 200 but it does not connect to the wifi
Hi Everyone,
Just got myself a Hoover tumble dryer which uses the hOn app.
Hoover and Candy are both owned by Haier so I was hoping they are the same however I followed some of the above examples (tried postman, Curl) and I keep getting “connection refused”
Tried also MelvinGR’s tool but I get
error: connect
error: get_candySimplify_data, could not get data from server
can anyone point me best way to start trying to identify if there is any local api available ?
2 Likes
Hi all,
Candy ROW 4964DXHS\1-S washer-drier here, connected to an SSID network with no internet access.
This request:
get sometimes data, sometimes request fails with:
curl: (7) Failed to connect to 192.168.xx.yy port 80: Connection refused
Maybe is it some request rate limit?
Complete results:
{
"statusLavatrice":{
"WiFiStatus":"0",
"Err":"0",
"MachMd":"7",
"Pr":"10",
"PrPh":"0",
"PrCode":"0",
"SLevel":"3",
"Temp":"40",
"SpinSp":"10",
"Opt1":"0",
"Opt2":"0",
"Opt3":"0",
"Opt4":"0",
"Opt5":"0",
"Opt6":"0",
"Opt7":"0",
"Opt8":"0",
"Opt9":"0",
"Steam":"0",
"DryT":"0",
"DelVal":"18",
"RemTime":"60",
"RecipeId":"0",
"Lang":"0",
"FillR":"26",
"DisTestOn":"0",
"DisTestRes":"0",
"CheckUpState":"0",
"T0W":"61",
"TIW":"0",
"T0R":"50",
"numF":"0",
"unbF":"158",
"unbC":"250",
"NtcW":"148",
"NtcD":"274",
"motS":"0",
"APSoff":"0",
"APSfreq":"62460",
"chartL":"153562"
}
It would be great to understand parameters… Maybe one of these is the countdown of the running program, useful for trigger a notification?
Program countdown on the washer-drier display is unreliable.
-f
I have a similar appliances. I made an appdaemon script based on jezcooke code: https://gist.github.com/dzamlo/8b301e950927ef73d41eaffda086b123
With that can then get a notification for the end of the program when the state transition to finished using an automation. You also get the estimated time of the end of the program.
Unfortunately, this is very unreliable. At some point, the machine stop responding and the only way to talk to it again is to unplug the machine.
But I found that the machine send its state to simplyfimgmt.candy-hoover.com at a regular interval and do that reliably, as long as you don’t send request to the machine. My plan is to setup my dns so that this name resolve to my home assistant IP and somehow make it listen for these update. Unfortunately, it seems I cannot do that with appdaemon (the port 80 of the host is not exposed to the container). I’m trying to understand how to implement a custom integration to do that.