Allows all 3 PKI keys to be added to userPrefs.h (#4969) and a tool. (#5368)

* more userPrefs.h Added PKI Admin keys to userPrefs.h * Update userPrefs.h Allows all 3 PKI keys to be added to userPrefs.h (#4969) * Update NodeDB.cpp Trunk * Update userPrefs.h Changed wording * Create base64_to_hex.py A little tool for converting base64 PKI Keys to decoded byte that userPrefs.h can understand. * more userPrefs.h Added PKI Admin keys to userPrefs.h * Update userPrefs.h Allows all 3 PKI keys to be added to userPrefs.h (#4969) * Update NodeDB.cpp Trunk * Update userPrefs.h Changed wording * Create base64_to_hex.py A little tool for converting base64 PKI Keys to decoded byte that userPrefs.h can understand.
2025-02-26 22:33:24 +00:00 · 2024-11-17 19:36:41 +01:00 · 2024-11-17 19:36:41 +01:00 · 89469fcb88
commit 89469fcb88
parent a8357ebd52
3 changed files with 68 additions and 6 deletions
--- a/bin/base64_to_hex.py
+++ b/bin/base64_to_hex.py
@ -0,0 +1,33 @@
+import sys
+import base64
+
+def base64_to_hex_string(b64_string):
+    try:
+        # Decode the Base64 string to raw bytes
+        decoded_bytes = base64.b64decode(b64_string)
+    except Exception as e:
+        raise ValueError(f"Invalid Base64 input: {e}")
+    
+    # Check if the decoded result is exactly 32 bytes
+    if len(decoded_bytes) != 32:
+        raise ValueError("Decoded Base64 input must be exactly 32 bytes.")
+    
+    # Convert each byte to its hex representation
+    hex_values = [f"0x{byte:02x}" for byte in decoded_bytes]
+    
+    # Join the formatted hex values with commas
+    formatted_output = "{ " + ", ".join(hex_values) + " };"
+    return formatted_output
+
+if __name__ == "__main__":
+    # Check if a Base64 string was provided in command line arguments
+    if len(sys.argv) != 2:
+        print("Usage: python script.py <base64-string>")
+        sys.exit(1)
+    
+    b64_string = sys.argv[1]
+    try:
+        formatted_hex = base64_to_hex_string(b64_string)
+        print(formatted_hex)
+    except ValueError as e:
+        print(e)
--- a/src/mesh/NodeDB.cpp
+++ b/src/mesh/NodeDB.cpp
@ -407,9 +407,30 @@ void NodeDB::installDefaultConfig(bool preserveKey = false)
    config.lora.ignore_mqtt = false;
 #endif
 #ifdef USERPREFS_USE_ADMIN_KEY
-    memcpy(config.security.admin_key[0].bytes, USERPREFS_ADMIN_KEY, 32);
-    config.security.admin_key[0].size = 32;
-    config.security.admin_key_count = 1;
+    // Initialize admin_key_count to zero
+    byte numAdminKeys = 0;
+
+    // Check if USERPREFS_ADMIN_KEY_0 is non-empty
+    if (sizeof(USERPREFS_ADMIN_KEY_0) > 0) {
+        memcpy(config.security.admin_key[numAdminKeys].bytes, USERPREFS_ADMIN_KEY_0, 32);
+        config.security.admin_key[numAdminKeys].size = 32;
+        numAdminKeys++;
+    }
+
+    // Check if USERPREFS_ADMIN_KEY_1 is non-empty
+    if (sizeof(USERPREFS_ADMIN_KEY_1) > 0) {
+        memcpy(config.security.admin_key[numAdminKeys].bytes, USERPREFS_ADMIN_KEY_1, 32);
+        config.security.admin_key[numAdminKeys].size = 32;
+        numAdminKeys++;
+    }
+
+    // Check if USERPREFS_ADMIN_KEY_2 is non-empty
+    if (sizeof(USERPREFS_ADMIN_KEY_2) > 0) {
+        memcpy(config.security.admin_key[config.security.admin_key_count].bytes, USERPREFS_ADMIN_KEY_2, 32);
+        config.security.admin_key[config.security.admin_key_count].size = 32;
+        numAdminKeys++;
+    }
+    config.security.admin_key_count = numAdminKeys;
 #endif
    if (shouldPreserveKey) {
        config.security.private_key.size = 32;
--- a/userPrefs.h
+++ b/userPrefs.h
@ -68,11 +68,19 @@ static unsigned char icon_bits[] = {
    0x98, 0x3F, 0xF0, 0x23, 0x00, 0xFC, 0x0F, 0xE0, 0x7F, 0x00, 0xFC, 0x03, 0x80, 0xFF, 0x01, 0xFC, 0x00, 0x00, 0x3E, 0x00, 0x70,
    0x00, 0x00, 0x1C, 0x00, 0x70, 0x00, 0x00, 0x1C, 0x00, 0x70, 0x00, 0x00, 0x1C, 0x00, 0x70, 0x00, 0x00, 0x1C, 0x00};
 */
+
+/*
+ * PKI Admin keys.
+ * If a Admin key is set with '{};'
+ * then it will be ignored, a PKI key must have a size of 32.
+ */
 /*
 #define USERPREFS_USE_ADMIN_KEY 1
-static unsigned char USERPREFS_ADMIN_KEY[] = {0xcd, 0xc0, 0xb4, 0x3c, 0x53, 0x24, 0xdf, 0x13, 0xca, 0x5a, 0xa6,
+static unsigned char USERPREFS_ADMIN_KEY_0[] = {0xcd, 0xc0, 0xb4, 0x3c, 0x53, 0x24, 0xdf, 0x13, 0xca, 0x5a, 0xa6,
                                                0x0c, 0x0d, 0xec, 0x85, 0x5a, 0x4c, 0xf6, 0x1a, 0x96, 0x04, 0x1a,
                                                0x3e, 0xfc, 0xbb, 0x8e, 0x33, 0x71, 0xe5, 0xfc, 0xff, 0x3c};
+static unsigned char USERPREFS_ADMIN_KEY_1[] = {};
+static unsigned char USERPREFS_ADMIN_KEY_2[] = {};
 */

 /*