New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ESP now encrypted communications #4897

Closed
mischmerz opened this Issue Jul 6, 2018 · 1 comment

Comments

Projects
None yet
2 participants
@mischmerz
Copy link

mischmerz commented Jul 6, 2018

Weird phenomenon (ESP now) :

I am setting the kok for both units, and am using the keys for add_peer() as well as set_peer_key(). Roles are set properly. Problem is, it kinda works too well :D

a) Controller (no crypto configured) -> Slave (no crypto configured) : OK
b) Controller (valid crypto key) -> Slave (valid crypto key) : OK
c) Controller (invalid crypto key) -> Slave (valid crypto key) :FAIL
d) Controller(valid crypto key) -> Slave (no crypto configured) : FAIL

.. so far .. so good. BUT:

e) Controller (no crypto key configured) -> Slave (valid crypto key) :OK

Seems the controller accepts un-encrypted messages even if a kok has been configured and a crypto key has been set for the peer. This is obviously bad as it doesn't allow the slave to authenticate the controller. It seems to be impossible to determine if the controller used a valid key or no key at all.

Any ideas?

Michaela

@devyte

This comment has been minimized.

Copy link
Collaborator

devyte commented Jul 6, 2018

That's a good finding. Howeve, this core doesn't support ESP now. There is a wrapper lib implementation offered in #2227 .
I think that your question is best directed at Espressif, probably in their NONOS ESP8266 repo. It certainly sounds like a security hole to me.
Closing.

@devyte devyte closed this Jul 6, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment