ESP now encrypted communications

[mischmerz]

Weird phenomenon (ESP now) :

I am setting the kok for both units, and am using the keys for add_peer() as well as set_peer_key(). Roles are set properly. Problem is, it kinda works too well :D

a) Controller (no crypto configured) -> Slave (no crypto configured) : OK
b) Controller (valid crypto key) -> Slave (valid crypto key) : OK
c) Controller (invalid crypto key) -> Slave (valid crypto key) :FAIL
d) Controller(valid crypto key) -> Slave (no crypto configured) : FAIL

.. so far .. so good. BUT:

e) Controller (no crypto key configured) -> Slave (valid crypto key) :OK

Seems the controller accepts un-encrypted messages even if a kok has been configured and a crypto key has been set for the peer. This is obviously bad as it doesn't allow the slave to authenticate the controller. It seems to be impossible to determine if the controller used a valid key or no key at all.

Any ideas?

Michaela

[devyte]

That's a good finding. Howeve, this core doesn't support ESP now. There is a wrapper lib implementation offered in #2227 .
I think that your question is best directed at Espressif, probably in their NONOS ESP8266 repo. It certainly sounds like a security hole to me.
Closing.

[barrystaes]

Link to issue at espressif: espressif/ESP8266_NONOS_SDK#141