ESP8266HTTPClient: optionally skip validation when using https #3933
Conversation
|
I wonder if this logic would be more useful if moved to WiFiClientSecure? |
|
Often a certificate is not available (using ip adresses / no dns). Additionally, not all types of certificates are recognized by the ESP8266 and these do expire and are changed. It would be a nice addition to add this because authentication and encrypting are two separate things and this change will make it easier to use https. I vote for this commit (after fixing)! |
|
@rzeldent what do you think needs fixing? |
|
@igrr I don't use this, so I don't know enough to form an opinion. What are your thoughts about this? |
|
Hi Develo,
Thanks for asking! The point is that https has two functions: Encryption
and Authentication.
When *Authenticating*, the DNS is verified with the certificate. This is
not completely implemented on the ESP8266 so another technique is used:
Certificate pinning.
Certificate pinning checks if the certificate is identical to the
fingerprint of the remote certificate when it was developed. It has a few
downsides; if an certificate expires, a provider has multiple certificates
for the same domain or the certificate cannot be decoded by the ESP8266,
the verification fails.This happens quite often by mistake because of
upgrading of the certificates from SHA1 to SHA2. It also shortens the
lifetime of the application because it works until a certificate is
renewed.
When the authentication mentioned above fails, the https connection cannot
be made. Untilll full certificate support is offered (never certificates
can be verified and parsed using a DNS) there should be a fallback to allow
a connection anyway.
If such a fallback is implemented the other function *Encryption* can be
used and this is a requirement for connecting to cloud services like Azure,
Google and Amazon. The developers should have a choice if they want to use
certificate pinning or not. This is what the patch is about: a fingerprint
string with an star (*) means any fingerprint, effectively bypassing
certificate checking.
I hope this explanation helps, please get back if you have any more
questions,
Kind regards,
Rene
…On Sat, Dec 16, 2017 at 4:17 AM, Develo ***@***.***> wrote:
@igrr <https://github.com/igrr> I don't use this, so I don't know enough
to form an opinion. What are your thoughts about this?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#3933 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AHRGhzrH1UtANIyXaTaF1ZJ09vAPNhcXks5tAzY5gaJpZM4Q6YFL>
.
|
|
I agree with @devyte. This patch must not be merged. The patch introduces nothing else then a big security issue. Why should a developer implement certificate pinning if it could maybe fail in future and make trouble? (devs are always lazy ;))
@liebman No, WiFiClientSecure is "low" level (in the arduino environment). If you call there
@rzeldent This enables Man in the Middle attacks. In other words the "security" is useless and nothing else than snake oil. Then you can use unencrypted connection. Iot devices need updates anyway, so why not update your pinned certificate with your regular updates? Also WiFiClientSecure supports now (in rc) certificate chain verification. It would be more useful to implement this for I used My conclusion: |
|
@Rotzbua Ok, I'll have to agree on your comment about not enabling developers to write insecure code.
Yes, I was unaware it was implemented and a quick look at it shows it should be easy to implement. Maybe even auto-detecting 'https:' in I'm still concerned about how to deal with root cert expiration & update for long running embedded devices. |
Originally HTTPClient would do such auto-detection. But the downside was that HTTPS code (including axTLS) was linked into the final program even if the program would never use HTTPS. That increased flash usage and also reduced the amount of available heap. Then the decision was made to split this functionality into two different APIs, so that the linker could eliminate unused code and data in case HTTPS was not used.
That might not be necessary — ESP8266HTTPClient allows access to the underlying WiFiClientSecure object (with type cast to WiFiClient). So in theory we could call
In any case, root cert expiration would be a lousy excuse to skip certificate verification step. One can perform OTA updates, or filesystem updates (if certificates are stored on the filesystem), or even just update one file on the filesystem (which contains root certificate). If your device connects to some web services, you will need some mechanism to update API endpoints (URLs) anyway. CA certificate can be considered another such "setting" which could be updated. FYI, i'm going to close this PR, as I also do not want to enable easy ways of writing insecure code. For anyone who would like to use this change, please feel free to grab this PR branch. |
|
Hi Ivan,
A suggestion; maybe you can look at the source code of MongooseOS where
there are no certificate problems and supports the ESP8266.
There is support for all the main cloud providers and implements correctly
the certificate validation: https://github.com/cesanta/mongoose-os.
Kind regards,
Rene
…On Thu, Dec 21, 2017 at 3:31 AM, Ivan Grokhotkov ***@***.***> wrote:
Maybe even auto-detecting 'https:' in begin() so that one does not need a
different api for https vs http
Originally HTTPClient would do such auto-detection. But the downside was
that HTTPS code (including axTLS) was linked into the final program even if
the program would never use HTTPS. That increased flash usage and also
reduced the amount of available heap. Then the decision was made to split
this functionality into two different APIs, so that the linker could
eliminate unused code and data in case HTTPS was not used.
We need a implementation of chain verification for ESP8266HTTPClient.
That might not be necessary — ESP8266HTTPClient allows access to the
underlying WiFiClientSecure object (with type cast to WiFiClient). So in
theory we could call httpclient.beginHTTPS(host, port), then call
httpclient.getClientSecure()->loadCACert(cert_pgm_string), and then
finally call httpclient.GET(). The only issue, i think, is that the
WiFiClientSecure object doesn't get created until the sendRequest (GET,
POST, etc) call. So HTTPClient has to be modified a bit to create the
client early, allowing certificate to be set before the connection.
I'm still concerned about how to deal with root cert expiration & update
for long running embedded devices.
In any case, root cert expiration would be a lousy excuse to skip
certificate verification step. One can perform OTA updates, or filesystem
updates (if certificates are stored on the filesystem), or even just update
one file on the filesystem (which contains root certificate). If your
device connects to some web services, you will need some mechanism to
update API endpoints (URLs) anyway. CA certificate can be considered
another such "setting" which could be updated.
FYI, i'm going to close this PR, as I also do not want to enable easy ways
of writing insecure code. For anyone who would like to use this change,
please feel free to grab this PR branch.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#3933 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AHRGh4hYI3Fjkw5-8_iD0IqOfJ7HAEkoks5tCcMGgaJpZM4Q6YFL>
.
|
|
I would like to make a case against this decision @igrr
|
Why do you think do they force SSL connections? If they would not care about security or api keys they would still offer unencrypted HTTP.
Well, then use HTTP. If it is not possible: set up a proxy.
Browser == micro controller?? Nothing to add to this compare....
I believe in hobby projects. They took the burden of programming so they can take the burden to do it right.
That is wrong. Encryption != secure. Encryption + authentication = secure. |
if fingerprint is specified as '*' then skip validation.