* Re-implement PKI from #1509
co-authored-by: edinnen <ethanjdinnen@protonmail.com>
* Set the key lengnth to actually make PKI work.
* Remove unused variable and initialize keys to null
* move printBytes() to meshUtils
* Don't reset PKI key son reboot unless needed.
* Remove double encryption for PKI messages
* Cleanup encrypt logic
* Add the MESHTASTIC_EXCLUDE_PKI option, and set it for minimal builds. Required for STM32 targets for now.
* Use SHA-256 for PKI key hashing, and add MESHTASTIC_EXCLUDE_PKI_KEYGEN for STM32
* Fix a crash when node is null
* Don't send PKI encrypted packets while licensed
* use chIndex 8 for PKI
* Don't be so clever, that you corrupt incoming packets
* Pass on channel 8 for now
* Typo
* Lock keys once non-zero
* We in fact need 2 scratch buffers, to store the encrypted bytes, unencrypted bytes, and decoded protobuf.
* Lighter approach to retaining known key
* Attach the public key to PKI decrypted packets in device memory
* Turn PKI back off for STM32 :(
* Don't just memcp over a protobuf
* Don't PKI encrypt nodeinfo packets
* Add a bit more memory logging around nodeDB
* Use the proper macro to refer to NODENUM_BROADCAST
* Typo fix
* Don't PKI encrypt ROUTING (naks and acks)
* Adds SecurityConfig protobuf
* Add admin messages over PKI
* Disable PKI for the WIO-e5
* Add MINIMUM_SAFE_FREE_HEAP macro and set to safe 1.5k
* Add missed "has_security"
* Add the admin_channel_enabled option
* STM32 again
* add missed configuration.h at the top of files
* Add EXCLUDE_TZ and RTC
* Enable PKI build on STM32 once again
* Attempt 1 at moving PKI to aes-ccm
* Fix buffers for encrypt/decrypt
* Eliminate unused aes variable
* Add debugging lines
* Set hash to 0 for PKI
* Fix debug lines so they don't print pointers.
* logic fix and more debug
* Rather important typo
* Check for short packets before attempting decrypt
* Don't forget to give cryptoEngine the keys!
* Use the right scratch buffer
* Cleanup
* moar cleanups
* Minor hardening
* Remove some in-progress stuff
* Turn PKI back off on STM32
* Return false
* 2.5 protos
* Sync up protos
* Add initial cryptography test vector tests
* re-add MINIMUM_SAFE_FREE_HEAP
* Housekeeping and comment fixes
* Add explanatory comment about weak dh25519 keys
---------
Co-authored-by: Ben Meadors <benmmeadors@gmail.com>
* bug #4184: fix config file loss due to filesystem write errors
* Use SafeFile for atomic file writing (with xor checksum readback)
* Write db.proto last because it could be the largest file on the FS (and less critical)
* Don't keep a tmp file around while writing db.proto (because too big to fit two files in the filesystem)
* generate a new critial fault if we encounter errors writing to flash
either CriticalErrorCode_FLASH_CORRUPTION_RECOVERABLE or CriticalErrorCode_FLASH_CORRUPTION_UNRECOVERABLE
(depending on if the second write attempt worked)
* reformat the filesystem if we detect it is corrupted (then rewrite our config files) (only on nrf52 - not sure
yet if we should bother on ESP32)
* If we have to format the FS, make sure to preserve the oem.proto if it exists
* add logLegacy() so old C code in libs can log via our logging
* move filesList() to a better location (used only in developer builds)
* Reformat with "trunk fmt" to match our coding conventions
* for #4395: don't use .exists() to before attempting file open
If a LFS filesystem is corrupted, .exists() can fail when a mere .open()
attempt would have succeeded. Therefore better to do the .open() in hopes that
we can read the file (in case we need to reformat to fix the FS).
(Seen and confirmed in stress testing)
* for #4395 more fixes, see below for details:
* check for LFS assertion failures during file operations (needs customized lfs_util.h to provide suitable hooks)
* Remove fsCheck() because checking filesystem by writing to it is very high risk, it makes likelyhood that we will
be able to read the config protobufs quite low.
* Update the LFS inside of adafruitnrf52 to 1.7.2 (from their old 1.6.1) to get the following fix:
97d8d5e96a
* use disable_adafruit_usb.py now that we are (temporarily?) using a forked adafruit lib
We need to reach inside the adafruit project and turn off USE_TINYUSB, just doing that
from platformio.ini is no longer sufficient.
Tested on a wio-sdk-wm1110 board (which is the only board that had this problem)
---------
Co-authored-by: Ben Meadors <benmmeadors@gmail.com>
* add bootloader install script for wio tracker 1110 board
Mostly for documentation purposes for future devs.
* Generalize nrf52 hw debugging support so it works on all nrf52 targets
* Fix type of nodeNum
Type of nodeNum is NodeNum, not uint
* typo
fixed typo "resumeAdverising()"
* fix missing #include "time.h"
Missing include breaks compilation with gccnoneeabi 12.3.1 for nrf52 targets on windows hosts.
* change type uint to unsigned int
uint is not a standard type. Using uint breaks compilation with gccnoneeabi 12.3.1 for nRF52 targets on windows hosts.
* fix type of channel_num
Type of channel_num should be uint32_t (as this is the type of hash() and numChannels).
Using uint non-standard type uint breaks compilation with gccnoneeabi 12.3.1 for nRF52 targets on windows hosts.
* Update nrf52.ini
Default build type should be "release" as this is the default of platformio.
* Update GPS.cpp
uint to unsigned int
* Added WebServer/WebServices for Native Linux Meshtastic and web gui
* Fix bug in login functionality
* Added customized config of portdunio.ini with LovyannGFX from marelab repro
* Compile Problem resolved with developer version of LovyanGFX.git
* Compile against dev version
* Fixes to fit into main branch
* Update variant.h, main.cpp, .gitignore, WebServer.cpp, esp32s2.ini, WebServer.h, ContentHandler.cpp, rp2040.ini, nrf52.ini, ContentHelper.cpp, Dockerfile, ContentHandler.h, esp32.ini, stm32wl5e.ini
* Added linux pi std /usr/include dir
* Adding /usr/innclude for Linux compile against native libs that are not hadled by platformio
* Review log level changes & translation
* Update Dockerfile
* Fix Typo & VFS ref. Part1
* Fix Typo & VFS ref.
* Dev Version for ulfius web lib
* Update platformio.ini
* Free VFS path string
* Remove unintended changes
* More unintentional changes
* Make the HTTP server optional on native
* Tune-up for Native web defaults
* Don't modify build system yet
* Remove more unneeded changes
---------
Co-authored-by: marc hammermann <marchammermann@googlemail.com>
Co-authored-by: Ben Meadors <benmmeadors@gmail.com>
Co-authored-by: Thomas Göttgens <tgoettgens@gmail.com>
* Pico W: Initial WiFi support: connects, but freezes after a while
* Update arduino-pico core to fix hang with Wi-Fi
* Add `picow` to workflow since it's different from `pico` now
* Bump RadioLib to 6.1.0
* RP2040
* More excludes
* Jan added a lot of stuff apparently
* Stay back a version on portduino for now
* It wasn't this. I need to remove the docker build from ci
* 6.1.0
* Update libs
* Update nrf52 while we're at it
* Remove temporary heltec platform packages
* Update install scripts to flash s3 ota partition bin
- Skip a lot of duplicate code
- add a hexDump output - might come in handy
- refactor directory names
- remove unused debugOut that was generating template errors
