Skip to content

Conversation

JordanYates
Copy link
Contributor

Instead of supplying 0x00 as the proof of identity, populate the
hardware ID of the device. This is just as secure as some arbitrary
random number that we generate on the server and flash to the device
(not very). It does mean that physical JTAG access is required to each
device in order to successfully impersonate the device to the server
(or a breach of server device information).

Don't override the `device_root_key` variable when using test
credentials.

Signed-off-by: Jordan Yates <[email protected]>
Always use the device key when transmitting on UDP, as there is no
ability for devices to hear each other on this interface.

Signed-off-by: Jordan Yates <[email protected]>
Feed the watchdog immediately after a command finishes executing and
before the server goes back to waiting for new commands. This prevents
watchdog timeouts if a command takes longer than a second to execute.

Signed-off-by: Jordan Yates <[email protected]>
Let command implementations feed the watchdog if they are executing long
running implementations.

Signed-off-by: Jordan Yates <[email protected]>
Instead of supplying 0x00 as the proof of identity, populate the
hardware ID of the device. This is just as secure as some arbitrary
random number that we generate on the server and flash to the device
(not very). It does mean that physical JTAG access is required to each
device in order to successfully impersonate the device to the server
(or a breach of server device information).

Signed-off-by: Jordan Yates <[email protected]>
Copy link

codecov bot commented Oct 9, 2024

Codecov Report

Attention: Patch coverage is 62.50000% with 3 lines in your changes missing coverage. Please review.

Project coverage is 90.82%. Comparing base (3bb8764) to head (9da1bdb).
Report is 17 commits behind head on main.

Files with missing lines Patch % Lines
subsys/rpc/server.c 33.33% 2 Missing ⚠️
lib/security.c 50.00% 1 Missing ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##             main     #277      +/-   ##
==========================================
- Coverage   91.31%   90.82%   -0.50%     
==========================================
  Files         107      107              
  Lines        4146     4185      +39     
  Branches      655      661       +6     
==========================================
+ Hits         3786     3801      +15     
- Misses        194      201       +7     
- Partials      166      183      +17     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@JordanYates JordanYates merged commit 1cbd06f into main Oct 9, 2024
11 checks passed
@JordanYates JordanYates deleted the feature/identity_validate branch October 15, 2024 06:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant