Skip to content

A tool designed to assist in calculating the custom TLS fingerprints expected by the Tastmota firmware

License

Notifications You must be signed in to change notification settings

issacg/tasmota-fingerprint

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

tasmota-fingerprint

Synopsis

tasmota-fingerprint is a tool designed to assist in calculating the custom TLS fingerprints expected by the Tasmota firmware since version 6.5.0.15 as documented on the Tasmota Wiki

Usage

Reading from a file

tasmota-fingerprint /path/to/server.pem

Reading from a pipe

/some/command/outputservercertificate | tasmota-fingerprint

In either case, the input is expected to be a PEM-encoded x509 certificate with an RSA public key, as is required by the Tasmota project.

Installation

If you have Go installed, simply go get github.com/issacg/tasmota-fingerprint

Otherwise, binary releases may be available.

Rationale

The current implementation of TLS in the Tasmota project, without significantly altering the source code, requires either the use of a certificate issued by LetsEncrypt, or a TOFU security model. While these are both legitimate models for many use cases, they don't cover the use cases available in previous versions of the firmware where it was trivial to pre-calculate the expected fingerprint of any key.

This software allows the expected fingerprint to be calculated in order to be configured on end-devices without needing a TOFU flow.

License

Copyright 2019 Issac Goldstand [email protected]

This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA

Having said that, the author of this software is interested in relicensing under the more permissive Apache 2.0 license. If the original author of this function reads this notice and is willing to allow such relicensing, (s)he is encouraged to open an issue on GitHub or otherwise contact the author. Thank you!

About

A tool designed to assist in calculating the custom TLS fingerprints expected by the Tastmota firmware

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages