Provisioning without "pop" (MEGH-4873)

espressif / esp-rainmaker

ESP RainMaker Agent for firmware development

Apache License 2.0

431 stars 145 forks source link

Provisioning without "pop" (MEGH-4873) #278

Closed hackintoshlover closed 10 months ago

hackintoshlover commented 10 months ago

Answers checklist.

[X] I have read the Rainmaker documentation and the issue is not addressed there.
[X] I have updated my IDF branch (release/vX.Y) to the latest version and checked that the issue is present there. This is not applicable if you are using Rainmaker with Arduino.
[X] I have searched the Rainmaker forum and issue tracker for a similar issue and not found a similar issue.

General issue report

While provisioning over ble or wifi, rainmaker app asks for "proof of possesion key". Is there a way to provision without proof of possesion key? How to disable pop in arduino ide. Would be really helpful.

shahpiyushv commented 10 months ago

Even though we recommend to not use it, considering the security implications, you can pass POP_TYPE_NONE to app_wifi_start for provisioning without PoP.

hackintoshlover commented 10 months ago

"POP_TYPE_NONE" results in undeclared error during compulation in arduino ide. It works only with vscode / esp-idf. Anyway of doing it with arduino ide? Also nova home app does not discover devices over ble or softap, need to manually scan qrcode whereas rainmaker app has no problem in discovering devices on any method.

shahpiyushv commented 10 months ago

For Arduino, you can simply pass NULL as the pop to WiFiProv.beginProvision call.

If the Nova Home app issue is the same as in https://github.com/espressif/esp-rainmaker/issues/277, we will check it and answer there separately.

hackintoshlover commented 10 months ago

Passing NULL as the pop to WiFiProv.beginProvision call worked. Thanks. Nova Home app issue is same as #277. Is there a way to auto enter "pop" details over ble and wifi as it happens with scanning qrcode since it will increase the user experience and remove the hassle of finding the "pop" details in an event when "pop" is unavailable.

shahpiyushv commented 10 months ago

The QR code has the name, PoP (Proof of Possession pin) and transport info (BLE/SoftAP) which is the used to establish a secure session with the device for provisioning and that is akin to an "Auto enter". If the PoP is not available and yet you want to proceed for "better user experience" , it defeats the purpose of having a PoP in the first place. Having no PoP is the only option then.

hackintoshlover commented 10 months ago

Understood. Thanks.