From dd7140b7a154f50431d9a037571d7319fdc3b87f Mon Sep 17 00:00:00 2001 From: Mictronics Date: Sat, 23 Nov 2024 16:08:18 +0100 Subject: [PATCH] Fix admin key loading from userPrefs.h (#5417) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Fix LED pinout for T-Echo board marked v1.0, date 2021-6-28 * Merge PR #420 * Fixed double and missing Default class. * Use correct format specifier and fixed typo. * Removed duplicate code. * Fix error: #if with no expression * Fix warning: extra tokens at end of #endif directive. * Fix antenna switching logic. Complementary-pin control logic is required on the rp2040-lora board. * Fix deprecated macros. * Set RP2040 in dormant mode when deep sleep is triggered. * Fix array out of bounds read. * Admin key count needs to be set otherwise the key will be zero loaded after reset. * Don't reset the admin key size when loading defaults. Preserve an existing key in config if possible. * Remove log spam when reading INA voltage sensor. * Remove static declaration for admin keys from userPrefs.h. Load hard coded admin keys in case config file has empty slots. * Removed newlines from log. --------- Co-authored-by: Ben Meadors Co-authored-by: Thomas Göttgens --- src/mesh/NodeDB.cpp | 103 +++++++++++++++++++++++++++++++++++--------- userPrefs.h | 15 ++++--- 2 files changed, 91 insertions(+), 27 deletions(-) diff --git a/src/mesh/NodeDB.cpp b/src/mesh/NodeDB.cpp index bd89261a3..44a28eea2 100644 --- a/src/mesh/NodeDB.cpp +++ b/src/mesh/NodeDB.cpp @@ -61,6 +61,16 @@ meshtastic_LocalConfig config; meshtastic_LocalModuleConfig moduleConfig; meshtastic_ChannelFile channelFile; +#ifdef USERPREFS_USE_ADMIN_KEY_0 +static unsigned char userprefs_admin_key_0[] = USERPREFS_USE_ADMIN_KEY_0; +#endif +#ifdef USERPREFS_USE_ADMIN_KEY_1 +static unsigned char userprefs_admin_key_1[] = USERPREFS_USE_ADMIN_KEY_1; +#endif +#ifdef USERPREFS_USE_ADMIN_KEY_2 +static unsigned char userprefs_admin_key_2[] = USERPREFS_USE_ADMIN_KEY_2; +#endif + bool meshtastic_DeviceState_callback(pb_istream_t *istream, pb_ostream_t *ostream, const pb_field_iter_t *field) { if (ostream) { @@ -406,32 +416,37 @@ void NodeDB::installDefaultConfig(bool preserveKey = false) #else config.lora.ignore_mqtt = false; #endif -#ifdef USERPREFS_USE_ADMIN_KEY // Initialize admin_key_count to zero byte numAdminKeys = 0; +#ifdef USERPREFS_USE_ADMIN_KEY_0 // Check if USERPREFS_ADMIN_KEY_0 is non-empty - if (sizeof(USERPREFS_ADMIN_KEY_0) > 0) { - memcpy(config.security.admin_key[numAdminKeys].bytes, USERPREFS_ADMIN_KEY_0, 32); - config.security.admin_key[numAdminKeys].size = 32; + if (sizeof(userprefs_admin_key_0) > 0) { + memcpy(config.security.admin_key[0].bytes, userprefs_admin_key_0, 32); + config.security.admin_key[0].size = 32; numAdminKeys++; } - - // Check if USERPREFS_ADMIN_KEY_1 is non-empty - if (sizeof(USERPREFS_ADMIN_KEY_1) > 0) { - memcpy(config.security.admin_key[numAdminKeys].bytes, USERPREFS_ADMIN_KEY_1, 32); - config.security.admin_key[numAdminKeys].size = 32; - numAdminKeys++; - } - - // Check if USERPREFS_ADMIN_KEY_2 is non-empty - if (sizeof(USERPREFS_ADMIN_KEY_2) > 0) { - memcpy(config.security.admin_key[config.security.admin_key_count].bytes, USERPREFS_ADMIN_KEY_2, 32); - config.security.admin_key[config.security.admin_key_count].size = 32; - numAdminKeys++; - } - config.security.admin_key_count = numAdminKeys; #endif + +#ifdef USERPREFS_USE_ADMIN_KEY_1 + // Check if USERPREFS_ADMIN_KEY_1 is non-empty + if (sizeof(userprefs_admin_key_1) > 0) { + memcpy(config.security.admin_key[1].bytes, userprefs_admin_key_1, 32); + config.security.admin_key[1].size = 32; + numAdminKeys++; + } +#endif + +#ifdef USERPREFS_USE_ADMIN_KEY_2 + // Check if USERPREFS_ADMIN_KEY_2 is non-empty + if (sizeof(userprefs_admin_key_2) > 0) { + memcpy(config.security.admin_key[2].bytes, userprefs_admin_key_2, 32); + config.security.admin_key[2].size = 32; + numAdminKeys++; + } +#endif + config.security.admin_key_count = numAdminKeys; + if (shouldPreserveKey) { config.security.private_key.size = 32; memcpy(config.security.private_key.bytes, private_key_temp, config.security.private_key.size); @@ -888,6 +903,54 @@ void NodeDB::loadFromDisk() } } + // Make sure we load hard coded admin keys even when the configuration file has none. + // Initialize admin_key_count to zero + byte numAdminKeys = 0; + uint16_t sum = 0; +#ifdef USERPREFS_USE_ADMIN_KEY_0 + for (uint8_t b = 0; b < 32; b++) { + sum += config.security.admin_key[0].bytes[b]; + } + if (sum == 0) { + numAdminKeys += 1; + LOG_INFO("Admin 0 key zero. Loading hard coded key from user preferences."); + memcpy(config.security.admin_key[0].bytes, userprefs_admin_key_0, 32); + config.security.admin_key[0].size = 32; + config.security.admin_key_count = numAdminKeys; + saveToDisk(SEGMENT_CONFIG); + } +#endif + +#ifdef USERPREFS_USE_ADMIN_KEY_1 + sum = 0; + for (uint8_t b = 0; b < 32; b++) { + sum += config.security.admin_key[1].bytes[b]; + } + if (sum == 0) { + numAdminKeys += 1; + LOG_INFO("Admin 1 key zero. Loading hard coded key from user preferences."); + memcpy(config.security.admin_key[1].bytes, userprefs_admin_key_1, 32); + config.security.admin_key[1].size = 32; + config.security.admin_key_count = numAdminKeys; + saveToDisk(SEGMENT_CONFIG); + } +#endif + +#ifdef USERPREFS_USE_ADMIN_KEY_2 + sum = 0; + for (uint8_t b = 0; b < 32; b++) { + sum += config.security.admin_key[2].bytes[b]; + } + if (sum == 0) { + numAdminKeys += 1; + LOG_INFO("Admin 2 key zero. Loading hard coded key from user preferences."); + memcpy(config.security.admin_key[2].bytes, userprefs_admin_key_2, 32); + config.security.admin_key[2].size = 32; + config.security.admin_key_count = numAdminKeys; + saveToDisk(SEGMENT_CONFIG); + } +#endif + state = loadProto(moduleConfigFileName, meshtastic_LocalModuleConfig_size, sizeof(meshtastic_LocalModuleConfig), &meshtastic_LocalModuleConfig_msg, &moduleConfig); if (state != LoadFileResult::LOAD_SUCCESS) { @@ -1346,4 +1409,4 @@ void recordCriticalError(meshtastic_CriticalErrorCode code, uint32_t address, co LOG_ERROR("A critical failure occurred, portduino is exiting"); exit(2); #endif -} +} \ No newline at end of file diff --git a/userPrefs.h b/userPrefs.h index 622a491c3..00f04149a 100644 --- a/userPrefs.h +++ b/userPrefs.h @@ -72,16 +72,17 @@ static unsigned char icon_bits[] = { /* * PKI Admin keys. * If a Admin key is set with '{};' - * then it will be ignored, a PKI key must have a size of 32. + * then it will be ignored, a PKI key must have a size of 32 byte. */ /* -#define USERPREFS_USE_ADMIN_KEY 1 -static unsigned char USERPREFS_ADMIN_KEY_0[] = {0xcd, 0xc0, 0xb4, 0x3c, 0x53, 0x24, 0xdf, 0x13, 0xca, 0x5a, 0xa6, - 0x0c, 0x0d, 0xec, 0x85, 0x5a, 0x4c, 0xf6, 0x1a, 0x96, 0x04, 0x1a, - 0x3e, 0xfc, 0xbb, 0x8e, 0x33, 0x71, 0xe5, 0xfc, 0xff, 0x3c}; -static unsigned char USERPREFS_ADMIN_KEY_1[] = {}; -static unsigned char USERPREFS_ADMIN_KEY_2[] = {}; +#define USERPREFS_USE_ADMIN_KEY_0 \ + { \ + 0xcd, 0xc0, 0xb4, 0x3c, 0x53, 0x24, 0xdf, 0x13, 0xca, 0x5a, 0xa6, 0x0c, 0x0d, 0xec, 0x85, 0x5a, 0x4c, 0xf6, 0x1a, 0x96, \ + 0x04, 0x1a, 0x3e, 0xfc, 0xbb, 0x8e, 0x33, 0x71, 0xe5, 0xfc, 0xff, 0x3c \ + }; */ +// #define USERPREFS_USE_ADMIN_KEY_1 {}; +// #define USERPREFS_USE_ADMIN_KEY_2 {}; /* * USERPREF_FIXED_GPS_LAT and USERPREF_FIXED_GPS_LON must be set, USERPREF_FIXED_GPS_ALT is optional