Skip to content

feat(klaptransport): auto-detect KLAP v2 for IOT devices#1625

Open
adamjacobmuller wants to merge 1 commit intopython-kasa:masterfrom
adamjacobmuller:fix-iot-klap-v2-auth
Open

feat(klaptransport): auto-detect KLAP v2 for IOT devices#1625
adamjacobmuller wants to merge 1 commit intopython-kasa:masterfrom
adamjacobmuller:fix-iot-klap-v2-auth

Conversation

@adamjacobmuller
Copy link
Copy Markdown

@adamjacobmuller adamjacobmuller commented Dec 27, 2025

Summary

Some IOT devices (e.g., HS300 with newer firmware) use KLAP v2 authentication (sha256/sha1 hashing) despite being classified as IOT devices. Previously, IOT.KLAP was hardcoded to use KlapTransport which only supports v1 (md5) hashing, causing authentication failures with the error:

Device response did not match our challenge on ip X.X.X.X, check that your e-mail and password (both case-sensitive) are correct.

Changes

This PR modifies KlapTransport.perform_handshake1() to try v2 hashing (sha256/sha1) as a fallback when v1 (md5) doesn't match the server hash. If v2 succeeds, the transport remembers this via _uses_v2_hashing flag and uses v2 hashing for handshake2 as well.

The v2 fallback tries:

  1. User credentials with v2 hashing
  2. Default credentials with v2 hashing
  3. Blank credentials with v2 hashing

Affected devices

  • HS300 power strip (and potentially other IOT devices with updated firmware)

Testing

Tested on HS300 that was previously failing authentication. After this change, the device authenticates successfully using KLAP v2 while still being correctly classified as an IOT device.

feat(klaptransport): auto-detect KLAP v2 for IOT devices
dd92c05 
Some IOT devices (e.g., HS300 with newer firmware) use KLAP v2
authentication (sha256/sha1 hashing) despite being classified as
IOT devices. This modifies KlapTransport to try v2 hashing as a
fallback when v1 doesn't match.
@ZeliardM
Copy link
Copy Markdown
Contributor

ZeliardM commented Dec 27, 2025
edited
Loading

@adamjacobmuller Appreciate the great work here. The newer firmwares have a new flag in the device discovery process called new_klap. I created a PR already that uses this flag to determine the correct transport to use during the discovery process instead of modifying the transports themselves, PR#1580.

Your method, while it works, mixes the authentication process between the two different KLAP transports and it doesn't keep a clean line of separation between them.

I just finished it recently, had to handle some issues with the CLI and making sure that all of the other devices and tests worked correctly. Just waiting on merging and a new version to get it going.

@wheel5up wheel5up mentioned this pull request Jan 5, 2026
Open
@danielbrodie
Copy link
Copy Markdown

danielbrodie commented Jan 23, 2026

Confirmed Working ✅

Just tested this PR on two HS300 power strips that were previously failing with the "Device response did not match our challenge" error.

Environment:

  • HS300 (US) Hardware v2.0
  • Firmware 1.1.2 Build 241220
  • macOS / Python 3.14

Before this PR: Authentication failed with KLAP v1 (md5)
After this PR: Both strips connect and all 12 outlets are controllable

Test Results:

192.168.0.120: ✓ SUCCESS! TP-LINK_Power Strip_1C73 (HS300)
  Outlets: Coffee Maker, Kettle, Milk Frother, Roku TV, Apple Player, Rice Cooker

192.168.0.219: ✓ SUCCESS! TP-LINK_Power Strip_1CD6 (HS300)
  Outlets: Tripod Lamp, Plug 2-6

The auto-detection of KLAP v2 worked seamlessly. Really appreciate this fix - these strips have been unusable with Home Assistant since the October firmware update.

Hope this helps get the PR merged! 🎉

@adamjacobmuller
Copy link
Copy Markdown
Author

adamjacobmuller commented Jan 23, 2026

HS300 was exactly what I built this for (nice little gadget). Hoping it gets merged too, but, it works fine for me either way :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@adamjacobmuller @ZeliardM @danielbrodie