Reverse engineering Bambu Connect: Difference between revisions
examples for what key cannot be used for |
m rephrase expiry |
||
| Line 89: | Line 89: | ||
What the key '''cannot''' be used for, contrary to many false claims on the internet: | What the key '''cannot''' be used for, contrary to many false claims on the internet: | ||
* Decrypting HTTPS traffic to the cloud | *Decrypting HTTPS traffic to the cloud | ||
* Decrypting any MQTTS or FTPS or video feed traffic | *Decrypting any MQTTS or FTPS or video feed traffic | ||
* Bypassing cloud user authentication | *Bypassing cloud user authentication | ||
* Bypassing local authentication (LAN access code) | *Bypassing local authentication (LAN access code) | ||
* Getting access to other printers | *Getting access to other printers | ||
* Signing custom firmware | *Signing custom firmware | ||
* Signing custom filament NFC tags | *Signing custom filament NFC tags | ||
* Jailbreaking | *Jailbreaking | ||
===Purpose of the certificates=== | ===Purpose of the certificates=== | ||
The private key corresponds to the public key contained in the app's certificate. This certificate is sent to the printer, allowing it to verify the authenticity of the digital signature using the public key. | The private key corresponds to the public key contained in the app's certificate. This certificate is sent to the printer, allowing it to verify the authenticity of the digital signature using the public key. | ||
Bambu Connect continues to work after these certificates expire. Because of how these certificates are used, it is also unlikely that | Bambu Connect continues to work after these certificates expire. Because of how these certificates are used, it is also unlikely that expiry causes the printer to get "bricked", but this needs to be proven through experiments or firmware analysis. | ||
===Additional security measures=== | ===Additional security measures=== | ||