39 Commits

Author	SHA1	Message	Date
Jonathan Bennett	55b2bbf937	Generate keys when Lora Region is set (#6951) ... * Generate keys when Lora Region changes * Nest the ifs * Even more entropy * Namespacing	2025-06-04 12:16:37 -05:00
Tom Fifield	1e4a0134e6	Remove unnecessary null pointer check (#6370) ... Further pointed out by @elfring, this patch removes one more unnecessary null pointer check. https://github.com/meshtastic/firmware/issues/6170#issuecomment-2744002798	2025-03-21 19:55:11 -05:00
Tom Fifield	ae27aaaf43	Remove unnecessary null pointer checks (#6358) ... As reported by @elfring, we had several points in our code where it was unnecessary to check pointers were non-null before deleting them. Fixes https://github.com/meshtastic/firmware/issues/6170	2025-03-21 05:54:42 -05:00
lizthedeveloper	4a6a0efcfd	log the nonce value at DEBUG instead of INFO (#6001) ... you're leaking the nonce to stdout, if your logs are routed to a folder, this logs the nonce every time, leading to replay attack surface area being higher. Changed to debug.	2025-02-07 08:29:48 +08:00
Eric Severance	e1de439a7f	Remove unnecessary memcpy for PKI crypto (#5608) ... * Remove unnecessary memcpy for PKI crypto * Update comment s/packet_id/id/ * Create a copy of bytes for each channel decrypt --------- Co-authored-by: Jonathan Bennett <jbennett@incomsystems.biz>	2024-12-19 19:14:27 -06:00
Ben Meadors	f769c50fa5	More reduction (#5256) ... * Now with even fewer ings * Ye * Mo * QMA6100PSensor	2024-11-04 19:15:59 -06:00
Ben Meadors	50dac38a1b	Pass#2: Lots more savings in logs and string reduction surgery (#5251) ... * Pass#2: Lots more savings in logs and string reduction surgery * Don't need Thread suffix either * Warn	2024-11-04 12:16:25 -06:00
Tom Fifield	276067065e	Log cleanups (#5135) ... * Log cleanups change log levels, shorten log messages, delete commented out logs * Address comments from review * Remove full stops * EDEBUG --> DEBUG	2024-11-04 06:09:23 -06:00
Thomas Göttgens	05e4a639a1	remove newline from logging statements. (#5022) ... remove newline from logging statements in code. The LOG_* functions will now magically add it at the end. --------- Co-authored-by: Ben Meadors <benmmeadors@gmail.com>	2024-10-14 15:11:43 +11:00
Jonathan Bennett	7ff4bafe22	Disentangle NodeDB from the CryptoEngine (#5013)	2024-10-10 18:14:11 +08:00
Jonathan Bennett	7e946d15ca	Move ifndef to fix test (#4950)	2024-10-04 22:59:00 -05:00
Thomas Göttgens	0d175a918c	misc library updates and compiler warnings, trunk upgrade	2024-10-01 16:02:10 +02:00
Ben Meadors	dc55d7dd98	Trunk it	2024-09-30 18:07:11 -05:00
TheMalkavien	553514e3b7	Fix #4911 : Partially rework some code to remove warnings about potential non-aligned memory accesses (#4912) ... * * Adding the -Wcast-align compilation flag for the rp2040. * * Some rework to use a struct to access radio data * Buffer will not be accessed by arithmetic pointer anymore * * Remplace arithmetic pointer to avoid Warning * * Avoid 2 little artitmetic pointer --------- Co-authored-by: Ben Meadors <benmmeadors@gmail.com>	2024-09-30 17:56:29 -05:00
Ben Meadors	30356dcd97	Retroactive trunkinate	2024-09-26 19:46:17 -05:00
Jonathan Bennett	5f6d9c3e27	Add pkc test (#4878) ... * Add a second delay() to get the unit tests running on Rak4631 * Add test_PKC_Decrypt * Remove cruft from test case	2024-09-26 19:33:08 -05:00
TheMalkavien	4794cdb120	Fix (some ?) memory alignment issues on the crypto part - resulting in crashes or strange behavior (#4867) ... * Replace multiple potentially non aligned pointer dereference (#4855) First step to fix some Crypto crashes or strange behaviors * Makes the two Crypto byte buffers aligned (#4855) Fix #4855, and probably multiple Crypto problems depending on hardware --------- Co-authored-by: Ben Meadors <benmmeadors@gmail.com> Co-authored-by: GUVWAF <78759985+GUVWAF@users.noreply.github.com>	2024-09-26 17:44:11 -05:00
Thomas Göttgens	12481b568a	fix a lot of nuisances reported by cppcheck (#4872) ... * fix a lot of nuisances reported by cppcheck * fix portduino	2024-09-25 19:09:06 -05:00
Jonathan Bennett	a967dd52f3	More useful PKC logging (#4742)	2024-09-17 06:31:39 -05:00
Jonathan Bennett	5bc17a9911	Key regen and MQTT fix (#4585) ... * Add public key regen * Properly label and handle PKI MQTT packets * Extra debug message to indicate PKI_UNKNOWN_PUBKEY * Ternary! * Don't call non-existant function on stm32 * Actually fix STM32 compilation	2024-08-29 16:28:03 -05:00
Jonathan Bennett	273beef148	Re-set the extra-nonce value	2024-08-18 22:25:08 -05:00
Jonathan Bennett	23e3e6db92	Add 4 bytes of random nonce to PKI (#4493)	2024-08-18 07:23:56 -05:00
Jonathan Bennett	1cfd5d12d2	Refactor platform cryptography, add tests	2024-08-10 22:38:05 -05:00
Jonathan Bennett	b573e0eacc	Fix compile on STM32	2024-08-10 20:04:38 -05:00
Jonathan Bennett	8ca884bafd	Add DH25519 unit test	2024-08-10 15:45:29 -05:00
Jonathan Bennett	74afd13171	Re-implement PKI from #1509 (#4379) ... * Re-implement PKI from #1509 co-authored-by: edinnen <ethanjdinnen@protonmail.com> * Set the key lengnth to actually make PKI work. * Remove unused variable and initialize keys to null * move printBytes() to meshUtils * Don't reset PKI key son reboot unless needed. * Remove double encryption for PKI messages * Cleanup encrypt logic * Add the MESHTASTIC_EXCLUDE_PKI option, and set it for minimal builds. Required for STM32 targets for now. * Use SHA-256 for PKI key hashing, and add MESHTASTIC_EXCLUDE_PKI_KEYGEN for STM32 * Fix a crash when node is null * Don't send PKI encrypted packets while licensed * use chIndex 8 for PKI * Don't be so clever, that you corrupt incoming packets * Pass on channel 8 for now * Typo * Lock keys once non-zero * We in fact need 2 scratch buffers, to store the encrypted bytes, unencrypted bytes, and decoded protobuf. * Lighter approach to retaining known key * Attach the public key to PKI decrypted packets in device memory * Turn PKI back off for STM32 :( * Don't just memcp over a protobuf * Don't PKI encrypt nodeinfo packets * Add a bit more memory logging around nodeDB * Use the proper macro to refer to NODENUM_BROADCAST * Typo fix * Don't PKI encrypt ROUTING (naks and acks) * Adds SecurityConfig protobuf * Add admin messages over PKI * Disable PKI for the WIO-e5 * Add MINIMUM_SAFE_FREE_HEAP macro and set to safe 1.5k * Add missed "has_security" * Add the admin_channel_enabled option * STM32 again * add missed configuration.h at the top of files * Add EXCLUDE_TZ and RTC * Enable PKI build on STM32 once again * Attempt 1 at moving PKI to aes-ccm * Fix buffers for encrypt/decrypt * Eliminate unused aes variable * Add debugging lines * Set hash to 0 for PKI * Fix debug lines so they don't print pointers. * logic fix and more debug * Rather important typo * Check for short packets before attempting decrypt * Don't forget to give cryptoEngine the keys! * Use the right scratch buffer * Cleanup * moar cleanups * Minor hardening * Remove some in-progress stuff * Turn PKI back off on STM32 * Return false * 2.5 protos * Sync up protos * Add initial cryptography test vector tests * re-add MINIMUM_SAFE_FREE_HEAP * Housekeeping and comment fixes * Add explanatory comment about weak dh25519 keys --------- Co-authored-by: Ben Meadors <benmmeadors@gmail.com>	2024-08-10 13:45:41 -05:00
Thomas Göttgens	320bf57687	tryfix #2416 - lock some guards.	2023-04-10 17:00:15 +02:00
Thomas Göttgens	51b2c431d9	trunk roundhouse kick	2023-01-21 21:23:24 +01:00
Ben Meadors	0b5cae5393	Log levels refactoring	2022-12-29 20:41:37 -06:00
Thomas Göttgens	7bd07db2a8	Remove nRF Crypt Debug	2022-06-12 23:35:59 +02:00
Thomas Göttgens	df9e9bc223	Bugfix for nRF Crypto 90% done, includes heavy debug code, do not merge for now.	2022-06-04 10:37:24 +02:00
Sacha Weatherstone	285413c68c	Rename packetNum to packetId	2022-03-20 11:40:13 +11:00
Kevin Hester	2fe11d4fe8	don't break strict-aliasing rules	2021-08-02 10:50:28 -07:00
Kevin Hester	17a1262382	pull in new epaper lib (which required importing configuration.h everywhere ... for dumb reasons)	2021-06-27 10:56:28 -07:00
Kevin Hester	49b1f4c5af	oops - fix failed text message rx	2021-03-06 14:21:20 +08:00
Kevin Hester	2761c85564	clean up the crypto api	2021-02-23 10:10:35 +08:00
geeksville	3e356e5866	Crypto works!	2020-05-09 19:08:04 -07:00
geeksville	1cc24de787	stub encryptor seems nicely backwards compatible with old devices and apps	2020-05-09 17:51:20 -07:00
geeksville	28d21ecdcc	begin work on crypto	2020-05-09 16:15:01 -07:00