pohui_pohui/firmware
1
0
Fork 0
mirror of https://github.com/meshtastic/firmware.git synced 2025-06-08 22:22:05 +00:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

Merge branch 'master' into unify-tft

Browse Source
This commit is contained in:
Jonathan Bennett 2025-06-04 12:17:13 -05:00 committed by GitHub
commit 25beabf023
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 32 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/mesh/CryptoEngine.cpp
View File

@ -3,12 +3,17 @@
#include "architecture.h" #include "architecture.h"
#if !(MESHTASTIC_EXCLUDE_PKI) #if !(MESHTASTIC_EXCLUDE_PKI)
#include "NodeDB.h"
#include "aes-ccm.h" #include "aes-ccm.h"
#include "meshUtils.h" #include "meshUtils.h"
#include <Crypto.h> #include <Crypto.h>
#include <Curve25519.h> #include <Curve25519.h>
#include <RNG.h>
#include <SHA256.h> #include <SHA256.h>
#if !(MESHTASTIC_EXCLUDE_PKI_KEYGEN) #if !(MESHTASTIC_EXCLUDE_PKI_KEYGEN)
#if !defined(ARCH_STM32WL)
#define CryptRNG RNG
#endif
/** /**
* Create a public/private key pair with Curve25519. * Create a public/private key pair with Curve25519.
@ -18,6 +23,14 @@
*/ */
void CryptoEngine::generateKeyPair(uint8_t *pubKey, uint8_t *privKey) void CryptoEngine::generateKeyPair(uint8_t *pubKey, uint8_t *privKey)
{ {
// Mix in any randomness we can, to make key generation stronger.
CryptRNG.begin(optstr(APP_VERSION));
if (myNodeInfo.device_id.size == 16) {
CryptRNG.stir(myNodeInfo.device_id.bytes, myNodeInfo.device_id.size);
}
auto noise = random();
CryptRNG.stir((uint8_t *)&noise, sizeof(noise));
LOG_DEBUG("Generate Curve25519 keypair"); LOG_DEBUG("Generate Curve25519 keypair");
Curve25519::dh1(public_key, private_key); Curve25519::dh1(public_key, private_key);
memcpy(pubKey, public_key, sizeof(public_key)); memcpy(pubKey, public_key, sizeof(public_key));

2
src/mesh/NodeDB.cpp
View File

@ -261,7 +261,7 @@ NodeDB::NodeDB()
#if !(MESHTASTIC_EXCLUDE_PKI_KEYGEN || MESHTASTIC_EXCLUDE_PKI) #if !(MESHTASTIC_EXCLUDE_PKI_KEYGEN || MESHTASTIC_EXCLUDE_PKI)
if (!owner.is_licensed) { if (!owner.is_licensed && config.lora.region != meshtastic_Config_LoRaConfig_RegionCode_UNSET) {
bool keygenSuccess = false; bool keygenSuccess = false;
if (config.security.private_key.size == 32) { if (config.security.private_key.size == 32) {
if (crypto->regeneratePublicKey(config.security.public_key.bytes, config.security.private_key.bytes)) { if (crypto->regeneratePublicKey(config.security.public_key.bytes, config.security.private_key.bytes)) {

18
src/modules/AdminModule.cpp
View File

@ -671,6 +671,24 @@ void AdminModule::handleSetConfig(const meshtastic_Config &c)
config.lora = c.payload_variant.lora; config.lora = c.payload_variant.lora;
// If we're setting region for the first time, init the region // If we're setting region for the first time, init the region
if (isRegionUnset && config.lora.region > meshtastic_Config_LoRaConfig_RegionCode_UNSET) { if (isRegionUnset && config.lora.region > meshtastic_Config_LoRaConfig_RegionCode_UNSET) {
if (!owner.is_licensed) {
bool keygenSuccess = false;
if (config.security.private_key.size == 32) {
if (crypto->regeneratePublicKey(config.security.public_key.bytes, config.security.private_key.bytes)) {
keygenSuccess = true;
}
} else {
LOG_INFO("Generate new PKI keys");
crypto->generateKeyPair(config.security.public_key.bytes, config.security.private_key.bytes);
keygenSuccess = true;
}
if (keygenSuccess) {
config.security.public_key.size = 32;
config.security.private_key.size = 32;
owner.public_key.size = 32;
memcpy(owner.public_key.bytes, config.security.public_key.bytes, 32);
}
}
config.lora.tx_enabled = true; config.lora.tx_enabled = true;
initRegion(); initRegion();
if (myRegion->dutyCycle < 100) { if (myRegion->dutyCycle < 100) {