feat: Migrate binary settings to json (#920)
## Summary
* This PR introduces a migration from binary file storage to JSON-based
storage for application settings, state, and various credential stores.
This improves readability, maintainability, and allows for easier manual
configuration editing.
* Benefits:
- Settings files are now JSON and can be easily read/edited manually
- Easier to inspect application state and settings during development
- JSON structure is more flexible for future changes
* Drawback: around 15k of additional flash usage
* Compatibility: Seamless migration preserves existing user data
## Additional Context
1. New JSON I/O Infrastructure files:
- JsonSettingsIO: Core JSON serialization/deserialization logic using
ArduinoJson library
- ObfuscationUtils: XOR-based password obfuscation for sensitive data
2. Migrated Components (now use JSON storage with automatic binary
migration):
- CrossPointSettings (settings.json): Main application settings
- CrossPointState (state.json): Application state (open book, sleep
mode, etc.)
- WifiCredentialStore (wifi.json): WiFi network credentials (Password
Obfuscation: Sensitive data like WiFi passwords, uses XOR encryption
with fixed keys. Note: This is obfuscation, not cryptographic security -
passwords can be recovered with the key)
- KOReaderCredentialStore (koreader.json): KOReader sync credentials
- RecentBooksStore (recent.json): Recently opened books list
3. Migration Logic
- Forward Compatibility: New installations use JSON format
- Backward Compatibility: Existing binary files are automatically
migrated to JSON on first load
- Backup Safety: Original binary files are renamed with .bak extension
after successful migration
- Fallback Handling: If JSON parsing fails, system falls back to binary
loading
4. Infrastructure Updates
- HalStorage: Added rename() method for backup operations
---
### AI Usage
While CrossPoint doesn't have restrictions on AI tools in contributing,
please be transparent about their usage as it
helps set the right context for reviewers.
Did you use AI tools to help write this code? _** YES**_
---------
Co-authored-by: Dave Allie <dave@daveallie.com>
This commit is contained in:
jpirnay
98
lib/Serialization/ObfuscationUtils.cpp
Normal file
98
lib/Serialization/ObfuscationUtils.cpp
Normal file
@@ -0,0 +1,98 @@
|
||||
#include "ObfuscationUtils.h"
|
||||
|
||||
#include <Logging.h>
|
||||
#include <base64.h>
|
||||
#include <esp_mac.h>
|
||||
#include <mbedtls/base64.h>
|
||||
|
||||
#include <cstring>
|
||||
|
||||
namespace obfuscation {
|
||||
|
||||
namespace {
|
||||
constexpr size_t HW_KEY_LEN = 6;
|
||||
|
||||
// Simple lazy init — no thread-safety concern on single-core ESP32-C3.
|
||||
const uint8_t* getHwKey() {
|
||||
static uint8_t key[HW_KEY_LEN] = {};
|
||||
static bool initialized = false;
|
||||
if (!initialized) {
|
||||
esp_efuse_mac_get_default(key);
|
||||
initialized = true;
|
||||
}
|
||||
return key;
|
||||
}
|
||||
} // namespace
|
||||
|
||||
void xorTransform(std::string& data) {
|
||||
const uint8_t* key = getHwKey();
|
||||
for (size_t i = 0; i < data.size(); i++) {
|
||||
data[i] ^= key[i % HW_KEY_LEN];
|
||||
}
|
||||
}
|
||||
|
||||
void xorTransform(std::string& data, const uint8_t* key, size_t keyLen) {
|
||||
if (keyLen == 0 || key == nullptr) return;
|
||||
for (size_t i = 0; i < data.size(); i++) {
|
||||
data[i] ^= key[i % keyLen];
|
||||
}
|
||||
}
|
||||
|
||||
String obfuscateToBase64(const std::string& plaintext) {
|
||||
if (plaintext.empty()) return "";
|
||||
std::string temp = plaintext;
|
||||
xorTransform(temp);
|
||||
return base64::encode(reinterpret_cast<const uint8_t*>(temp.data()), temp.size());
|
||||
}
|
||||
|
||||
std::string deobfuscateFromBase64(const char* encoded, bool* ok) {
|
||||
if (encoded == nullptr || encoded[0] == '\0') {
|
||||
if (ok) *ok = false;
|
||||
return "";
|
||||
}
|
||||
if (ok) *ok = true;
|
||||
size_t encodedLen = strlen(encoded);
|
||||
// First call: get required output buffer size
|
||||
size_t decodedLen = 0;
|
||||
int ret = mbedtls_base64_decode(nullptr, 0, &decodedLen, reinterpret_cast<const unsigned char*>(encoded), encodedLen);
|
||||
if (ret != 0 && ret != MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL) {
|
||||
LOG_ERR("OBF", "Base64 decode size query failed (ret=%d)", ret);
|
||||
if (ok) *ok = false;
|
||||
return "";
|
||||
}
|
||||
std::string result(decodedLen, '\0');
|
||||
ret = mbedtls_base64_decode(reinterpret_cast<unsigned char*>(&result[0]), decodedLen, &decodedLen,
|
||||
reinterpret_cast<const unsigned char*>(encoded), encodedLen);
|
||||
if (ret != 0) {
|
||||
LOG_ERR("OBF", "Base64 decode failed (ret=%d)", ret);
|
||||
if (ok) *ok = false;
|
||||
return "";
|
||||
}
|
||||
result.resize(decodedLen);
|
||||
xorTransform(result);
|
||||
return result;
|
||||
}
|
||||
|
||||
void selfTest() {
|
||||
const char* testInputs[] = {"", "hello", "WiFi P@ssw0rd!", "a"};
|
||||
bool allPassed = true;
|
||||
for (const char* input : testInputs) {
|
||||
String encoded = obfuscateToBase64(std::string(input));
|
||||
std::string decoded = deobfuscateFromBase64(encoded.c_str());
|
||||
if (decoded != input) {
|
||||
LOG_ERR("OBF", "FAIL: \"%s\" -> \"%s\" -> \"%s\"", input, encoded.c_str(), decoded.c_str());
|
||||
allPassed = false;
|
||||
}
|
||||
}
|
||||
// Verify obfuscated form differs from plaintext
|
||||
String enc = obfuscateToBase64("test123");
|
||||
if (enc == "test123") {
|
||||
LOG_ERR("OBF", "FAIL: obfuscated output identical to plaintext");
|
||||
allPassed = false;
|
||||
}
|
||||
if (allPassed) {
|
||||
LOG_DBG("OBF", "Obfuscation self-test PASSED");
|
||||
}
|
||||
}
|
||||
|
||||
} // namespace obfuscation
|
||||
35
lib/Serialization/ObfuscationUtils.h
Normal file
35
lib/Serialization/ObfuscationUtils.h
Normal file
@@ -0,0 +1,35 @@
|
||||
#pragma once
|
||||
|
||||
#include <Arduino.h>
|
||||
|
||||
#include <cstddef>
|
||||
#include <cstdint>
|
||||
#include <string>
|
||||
|
||||
/**
|
||||
* Credential obfuscation utilities using the ESP32's unique hardware MAC address.
|
||||
*
|
||||
* XOR-based obfuscation with the 6-byte eFuse MAC as key. Not cryptographically
|
||||
* secure, but prevents casual reading of credentials on the SD card and ties
|
||||
* obfuscated data to the specific device (cannot be decoded on another chip or PC).
|
||||
*
|
||||
*/
|
||||
namespace obfuscation {
|
||||
|
||||
// XOR obfuscate/deobfuscate in-place using hardware MAC key (symmetric operation)
|
||||
void xorTransform(std::string& data);
|
||||
|
||||
// Legacy overload for binary migration (uses the old per-store hardcoded keys)
|
||||
void xorTransform(std::string& data, const uint8_t* key, size_t keyLen);
|
||||
|
||||
// Obfuscate a plaintext string: XOR with hardware key, then base64-encode for JSON storage
|
||||
String obfuscateToBase64(const std::string& plaintext);
|
||||
|
||||
// Decode base64 and de-obfuscate back to plaintext.
|
||||
// Returns empty string on invalid base64 input; sets *ok to false if decode fails.
|
||||
std::string deobfuscateFromBase64(const char* encoded, bool* ok = nullptr);
|
||||
|
||||
// Self-test: verifies round-trip obfuscation with hardware key. Logs PASS/FAIL.
|
||||
void selfTest();
|
||||
|
||||
} // namespace obfuscation
|
||||
Reference in New Issue
Block a user