wartana/WLED
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

use correct value for deviceString for 8266 and add comments

Browse Source
This commit is contained in:
Will Tatam
2025-11-20 00:24:24 +00:00
parent b90fbe6b1a
commit a1aac452de
1 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
wled00/util.cpp
View File

@@ -1165,10 +1165,15 @@ String getDeviceId() {
char macStr[18];
sprintf(macStr, "%02x:%02x:%02x:%02x:%02x:%02x", mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
// The device string is deterministic as it needs to be consistent for the same device, even after a full flash erase
// MAC is salted with other consistent device info to avoid rainbow table attacks.
// If the MAC address is known by malicious actors, they could precompute SHA1 hashes to impersonate devices,
// but as WLED developers are just looking at statistics and not authenticating devices, this is acceptable.
// If the usage data was exfiltrated, you could not easily determine the MAC from the device ID without brute forcing SHA1
#ifdef ESP8266
String deviceString = String(macStr) + "WLED" + ESP.getCoreVersion();
String deviceString = String(macStr) + "WLED" + ESP.getChipId();
#else
String deviceString = String(macStr) + "WLED" + ESP.getChipModel() + ESP.getChipRevision();
String deviceString = String(macStr) + "WLED" + ESP.getChipModel() + ESP.getChipRevision() + ESP.getEfuseMac();
#endif
String firstHash = computeSHA1(deviceString);