Wipy flash/source code security.

[beyonlo]

Hi all!

1. Is possible to run .pyo to wipy instead a .py? To be more secure - imagine I put in the source code some keys to do something or so on.
2. How is flash protection if someone steal my wipy and try to get the data and/or read my python scripts? I would like that will be not possible to get my python files, for the same reason of item 1. Becouse .pyo still easy to broken.

I would like to use wipy for a security systems for access control.

Thanks.

[dhylands]

Most MCUs have one time programmable bits that allow you to protect things like code and stuff, but its generally rather tricky to get right. Especially if you want to be able to update things.

.pyo files are no more secure than source code (it's essentially trivial to get a disassembly of the bytecode).

I know when someone asked about the pyboard and this same topic, it basically boiled down that its up to you do the work if you want that kind of functionality. The required information is normally in the datasheet.

[danicampora]

Hi,

Such mechanism is on the roadmap for the WiPy. At the end, your .py files will be AES encrypted with a key that you can save in a special register of the MCU (via an MP API call) that no body will be able to read. The encrypted file could have a .pyx (or whatever) extension that is detected by the lexer (mp_lexer_new_from_file) so that it knows that the file needs to be decrypted. The WiPy has a built-in hardware AES engine. You would store the key in the device once during manufacturing (via the REPL for example). Does this make sense to you?

[beyonlo]

Hello,

Yes, that make sense.

What is the roadmap for this feature will be ready?

[beyonlo]

Hello danicampora,

Yes, that make sense. So, when that feature will be ready?

[danicampora]

Hi,

Sorry for the late reply. Early next year, I hope.

[beyonlo]

Hi danicampora,

Thank you.