Is there anyway to access the WiFi credentials stored on a Photon? It appears that there is no public API for this but curious if there is a way for me via the Firmware to directly access it either via some globals, flash, or something else… A callback when initially set would also do.
You can access the stored SSIDs via WiFi.getCredentials() but nobody who cares about security should want an API that allows anybody to read back any stored passwords in clear text.
2 Likes
Certainly you do not understand my use case so it’s understandable you feel I don’t care about security. We have a need to pass WiFi credentials from one p0 to another. We have no need to know what these credentials are. If we could pass the encrypted versions from one to the other that would suffice. We have no intention, however, of having a user setup WiFi on both p0’s as this would present a usability nightmare. It is very clear looking through the main firmware code that at some point these credentials are unencrypted in the setCredentials function so given that I could compile the firmware myself, I could clearly get these credentials and pass them to the second chip where both chips could then store them securely. I would prefer to not have to create a custom version of the system firmware if I don’t have to but perhaps that is what this will take. I was just merely hoping for an easier way to do this, like using memcpy to grab the securely stored and encrpyted credentials and just do a memset on the other device with the same creds.
You could write your own wrapper and method for setting the credentials and then you have full control. I don’t think compromising security for everyone else would be good in this case.
I also don’t even know if you can access them later on a Photon. On the older Core product, for instance, there was no physical way to read out the credentials from the CC3000 WiFi chip after they were put in.
2 Likes
I agree with @bko. Besides, the encryption is probably tied to a hardware ID/key so copying the encrypted data to another device will likely not work.
2 Likes
@bko I’m trying to write a wrapper class around the listening functionality. My working theory is that by subclassing the WiFiNetworkInterface I can define my own callback functions in the WiFiSetupConsoleConfig and use those callbacks to access the password before it is set in hardware. This would mean I’d call my own start_listening function instead of the build in one. My current code looks like:
class MyNetworkInterface: public WiFiNetworkInterface {
public:
MyNetworkInterface();
void start_listening();
};
MyNetworkInterface::MyNetworkInterface() {}
void MyNetworkInterface::start_listening() {
WiFiSetupConsoleConfig config;
WiFiSetupConsole console(config);
config.connect_callback = wifi_add_profile_callback;
config.connect_callback_data = this;
ManagedNetworkInterface::start_listening(console);
}
The idea is to mimic the start_listening functionality in system_network_wif.h. It seems that this code passes compiling but does not link… I’m trying to figure out if I’m on the right track here and whether I could hope to ultimately succeed here. Any thoughts?
You code would probably link in monolithic mode. I don’t think the HAL layer brings out the symbols you want.
If you are not already compiling locally using GCC, you probably should for this project. You can then try monolithic build and see if your overloads work there.