Add PKI channel for MQTT (#4464)

* Add PKI channel for MQTT
2025-04-26 09:59:01 +00:00 · 2024-08-14 19:32:45 -05:00 · 2024-08-14 19:32:45 -05:00 · ced87596cb
commit ced87596cb
parent 1be635a797
1 changed files with 35 additions and 8 deletions
--- a/src/mqtt/MQTT.cpp
+++ b/src/mqtt/MQTT.cpp
@ -152,7 +152,8 @@ void MQTT::onReceive(char *topic, byte *payload, size_t length)
                    LOG_INFO("Ignoring downlink message we originally sent.\n");
            } else {
                // Find channel by channel_id and check downlink_enabled
-                if (strcmp(e.channel_id, channels.getGlobalId(ch.index)) == 0 && e.packet && ch.settings.downlink_enabled) {
+                if ((strcmp(e.channel_id, "PKI") && e.packet) ||
+                    (strcmp(e.channel_id, channels.getGlobalId(ch.index)) == 0 && e.packet && ch.settings.downlink_enabled)) {
                    LOG_INFO("Received MQTT topic %s, len=%u\n", topic, length);
                    meshtastic_MeshPacket *p = packetPool.allocCopy(*e.packet);
                    p->via_mqtt = true; // Mark that the packet was received via MQTT
@ -161,8 +162,11 @@ void MQTT::onReceive(char *topic, byte *payload, size_t length)
                        p->channel = ch.index;
                    }

+                    // PKI messages get accepted even if we can't decrypt
+                    if (router && p->which_payload_variant == meshtastic_MeshPacket_encrypted_tag && p->channel == 0)
+                        router->enqueueReceivedMessage(p);
                    // ignore messages if we don't have the channel key
-                    if (router && perhapsDecode(p))
+                    else if (router && perhapsDecode(p))
                        router->enqueueReceivedMessage(p);
                    else
                        packetPool.release(p);
@ -377,6 +381,11 @@ void MQTT::sendSubscriptions()
 #endif // ARCH_NRF52
        }
    }
+#if !MESHTASTIC_EXCLUDE_PKI
+    std::string topic = cryptTopic + "PKI/#";
+    LOG_INFO("Subscribing to %s\n", topic.c_str());
+    pubSub.subscribe(topic.c_str(), 1);
+#endif
 #endif
 }

@ -452,8 +461,12 @@ void MQTT::publishQueuedMessages()
        meshtastic_ServiceEnvelope *env = mqttQueue.dequeuePtr(0);
        static uint8_t bytes[meshtastic_MeshPacket_size + 64];
        size_t numBytes = pb_encode_to_bytes(bytes, sizeof(bytes), &meshtastic_ServiceEnvelope_msg, env);
-
-        std::string topic = cryptTopic + env->channel_id + "/" + owner.id;
+        std::string topic;
+        if (env->packet->pki_encrypted) {
+            topic = cryptTopic + "PKI/" + owner.id;
+        } else {
+            topic = cryptTopic + env->channel_id + "/" + owner.id;
+        }
        LOG_INFO("publish %s, %u bytes from queue\n", topic.c_str(), numBytes);

        publish(topic.c_str(), bytes, numBytes, false);
@ -463,7 +476,12 @@ void MQTT::publishQueuedMessages()
            // handle json topic
            auto jsonString = MeshPacketSerializer::JsonSerialize(env->packet);
            if (jsonString.length() != 0) {
-                std::string topicJson = jsonTopic + env->channel_id + "/" + owner.id;
+                std::string topicJson;
+                if (env->packet->pki_encrypted) {
+                    topicJson = jsonTopic + "PKI/" + owner.id;
+                } else {
+                    topicJson = jsonTopic + env->channel_id + "/" + owner.id;
+                }
                LOG_INFO("JSON publish message to %s, %u bytes: %s\n", topicJson.c_str(), jsonString.length(),
                         jsonString.c_str());
                publish(topicJson.c_str(), jsonString.c_str(), false);
@ -513,8 +531,12 @@ void MQTT::onSend(const meshtastic_MeshPacket &mp, const meshtastic_MeshPacket &
            // FIXME - this size calculation is super sloppy, but it will go away once we dynamically alloc meshpackets
            static uint8_t bytes[meshtastic_MeshPacket_size + 64];
            size_t numBytes = pb_encode_to_bytes(bytes, sizeof(bytes), &meshtastic_ServiceEnvelope_msg, env);
-
-            std::string topic = cryptTopic + channelId + "/" + owner.id;
+            std::string topic;
+            if (mp.pki_encrypted) {
+                topic = cryptTopic + "PKI/" + owner.id;
+            } else {
+                topic = cryptTopic + channelId + "/" + owner.id;
+            }
            LOG_DEBUG("MQTT Publish %s, %u bytes\n", topic.c_str(), numBytes);

            publish(topic.c_str(), bytes, numBytes, false);
@ -524,7 +546,12 @@ void MQTT::onSend(const meshtastic_MeshPacket &mp, const meshtastic_MeshPacket &
                // handle json topic
                auto jsonString = MeshPacketSerializer::JsonSerialize((meshtastic_MeshPacket *)&mp_decoded);
                if (jsonString.length() != 0) {
-                    std::string topicJson = jsonTopic + channelId + "/" + owner.id;
+                    std::string topicJson;
+                    if (mp.pki_encrypted) {
+                        topicJson = jsonTopic + "PKI/" + owner.id;
+                    } else {
+                        topicJson = jsonTopic + channelId + "/" + owner.id;
+                    }
                    LOG_INFO("JSON publish message to %s, %u bytes: %s\n", topicJson.c_str(), jsonString.length(),
                             jsonString.c_str());
                    publish(topicJson.c_str(), jsonString.c_str(), false);