Load sensitive data from the SPIFFS
Sensitive data are WiFi Logins and authentication data. This is done in preparation for the OTA update, where the firmware image will be transferred unencrypted and therefore passwords could be extracted from a dumped image.bnb
parent
8a1a17bb07
commit
24ba2242a4
@ -0,0 +1,36 @@
|
||||
#pragma once
|
||||
|
||||
#include <vector>
|
||||
#include <string>
|
||||
|
||||
class Config
|
||||
{
|
||||
public:
|
||||
struct WLAN
|
||||
{
|
||||
std::string ssid;
|
||||
std::string password;
|
||||
};
|
||||
|
||||
typedef std::vector<WLAN> WLANList;
|
||||
|
||||
static Config &instance()
|
||||
{
|
||||
static Config theConfig;
|
||||
return theConfig;
|
||||
}
|
||||
|
||||
void load(void);
|
||||
|
||||
const WLANList& getWLANList(void) { return m_wlans; }
|
||||
|
||||
const std::string& getCRPassword(void) { return m_crPassword; }
|
||||
const std::string& getCRSalt(void) { return m_crSalt; }
|
||||
|
||||
private:
|
||||
Config();
|
||||
|
||||
WLANList m_wlans;
|
||||
std::string m_crPassword;
|
||||
std::string m_crSalt;
|
||||
};
|
@ -1,8 +0,0 @@
|
||||
#pragma once
|
||||
|
||||
namespace crypto
|
||||
{
|
||||
// replace these with your own values!
|
||||
static const char * const HTTP_PASSWORD = "secure!1";
|
||||
static const char * const SALT = "1234567890abcdefghijklmnopqrstuv";
|
||||
}
|
@ -1,13 +0,0 @@
|
||||
#pragma once
|
||||
|
||||
#include <array>
|
||||
|
||||
struct NetInfo {
|
||||
const char *ssid;
|
||||
const char *password;
|
||||
};
|
||||
|
||||
const std::array<NetInfo, 2> NETWORKS {
|
||||
NetInfo{"SomeNetwork", "ThePassword"},
|
||||
NetInfo{"SomeOtherNetwork", "TheOtherPassword"}
|
||||
};
|
@ -0,0 +1,44 @@
|
||||
#include <SPIFFS.h>
|
||||
|
||||
#include "Config.h"
|
||||
|
||||
Config::Config()
|
||||
{}
|
||||
|
||||
void Config::load(void)
|
||||
{
|
||||
// load WLANs
|
||||
File wlanFile = SPIFFS.open("/etc/wlan", "r");
|
||||
|
||||
while(wlanFile.available()) {
|
||||
String ssid = wlanFile.readStringUntil('\n');
|
||||
|
||||
if(!wlanFile.available()) {
|
||||
Serial.println("/etc/wlan terminated early. Last entry ignored.");
|
||||
break;
|
||||
}
|
||||
|
||||
String passwd = wlanFile.readStringUntil('\n');
|
||||
|
||||
m_wlans.emplace_back(WLAN{ssid.c_str(), passwd.c_str()});
|
||||
}
|
||||
|
||||
wlanFile.close();
|
||||
|
||||
// load Challenge-Response data
|
||||
File authFile = SPIFFS.open("/etc/auth", "r");
|
||||
|
||||
if(authFile.available()) {
|
||||
String passwd = authFile.readStringUntil('\n');
|
||||
m_crPassword = passwd.c_str();
|
||||
|
||||
if(!authFile.available()) {
|
||||
m_crSalt = "";
|
||||
} else {
|
||||
String salt = authFile.readStringUntil('\n');
|
||||
m_crSalt = salt.c_str();
|
||||
}
|
||||
}
|
||||
|
||||
authFile.close();
|
||||
}
|
Loading…
Reference in New Issue