lhespress
commented
1 year ago @grodansparadis Good idea!! We'll think about whether all components support it by default.
Closed grodansparadis closed 1 year ago
lhespress
commented
1 year ago @grodansparadis Good idea!! We'll think about whether all components support it by default.
lhespress
commented
1 year ago @grodansparadis Please add the patch as the attachment which support security for all components. security_components.zip
grodansparadis
commented
1 year ago @lhespress It's a good friday. :) Now have a very good weekend.
grodansparadis
commented
1 year ago @lhespress For me this patch breaks the key exchange, the security initiator does no longer find any clients expecting keys. I am investigating this so I have't introduced something in my code that make this fail but are a bit delayed in this by other things so I think I mention it here in case you see something obvious
grodansparadis
commented
1 year ago @lhespress If I understand this correctly both "protocomm_espnow_initiator_start" and "espnow_sec_initiator_scan" should have a frame_header with .security=false But I am tired now and it's late so I may very well be dead wrong... ;-)
lhespress
commented
1 year ago @grodansparadis Yeah, your understand is correct, security should have a frame_header with .security=false for negotiation keys.
grodansparadis
commented
1 year ago @lhespress Sorry for this one. I messed up in my own code (as usual :) ). The patch works perfect. Thanks for your good work and kind responses/help as always..
lhespress
commented
1 year ago @grodansparadis It doesn't matter. BTW, Would you mind sharing some information about your project?
grodansparadis
commented
1 year ago @lhespress I am the maintainer of an open and free protocol called VSCP that has been around for many (MANY) years. It is a common way for IoT/m2m nodes to communicate with each other and can be used over different media such as Ethernet/CAN/RS-232/422/485/BLE etc etc Some quick info is here describing level I of VSCP.
I am working with some code that use VSCP over espnow at the moment as they match very well together. There is some initial info on what I try to do here https://github.com/grodansparadis/vscp-espnow Very early stuff.
I will release some open hardware later that demonstrate and use this (like this module).
Cheers /Ake
lhespress
commented
1 year ago @grodansparadis Thanks for your sharing, it's a great job.
I can solve this in other ways but it would have been nice if espnow remote logging could be encrypted as well. This due to sensitive information that often is shared in the logs. If remote log frames are encrypted one can safely diagnose a remote device by enabling logging on it in a live environment.
It is only a change in espnow_log_send_task at https://github.com/espressif/esp-now/blob/a90570c9be583f2b9b2dfc102a7736d90c64e206/src/debug/src/espnow_log.c#L81
that is needed using the espnow_frame_head_t as in other places of the code and add a "secure flag" in the log config. If this switch is false it should not break existing code.
But as I sad, this is more of a feature request and I can solve this by other means. I have probably reached my feature requests limit by now ... :)