Create base64_to_hex.py

A little tool for converting base64 PKI Keys to decoded byte that userPrefs.h can understand.
Update userPrefs.h
2025-10-02 21:47:15 +00:00 · 2024-11-17 09:44:43 +08:00 · 2024-11-17 09:44:43 +08:00 · 2024-11-17 09:44:43 +08:00 · 2024-11-17 09:44:43 +08:00 · 2024-11-17 09:44:43 +08:00
4 changed files with 69 additions and 6 deletions
--- a/.github/workflows/main_matrix.yml
+++ b/.github/workflows/main_matrix.yml
@ -203,6 +203,7 @@ jobs:
            ./device-*.sh
            ./device-*.bat
            ./littlefs-*.bin
+            ./littlefswebui-*.bin
            ./bleota*bin
            ./Meshtastic_nRF52_factory_erase*.uf2
          retention-days: 30
--- a/bin/base64_to_hex.py
+++ b/bin/base64_to_hex.py
@ -0,0 +1,33 @@
+import sys
+import base64
+
+def base64_to_hex_string(b64_string):
+    try:
+        # Decode the Base64 string to raw bytes
+        decoded_bytes = base64.b64decode(b64_string)
+    except Exception as e:
+        raise ValueError(f"Invalid Base64 input: {e}")
+    
+    # Check if the decoded result is exactly 32 bytes
+    if len(decoded_bytes) != 32:
+        raise ValueError("Decoded Base64 input must be exactly 32 bytes.")
+    
+    # Convert each byte to its hex representation
+    hex_values = [f"0x{byte:02x}" for byte in decoded_bytes]
+    
+    # Join the formatted hex values with commas
+    formatted_output = "{ " + ", ".join(hex_values) + " };"
+    return formatted_output
+
+if __name__ == "__main__":
+    # Check if a Base64 string was provided in command line arguments
+    if len(sys.argv) != 2:
+        print("Usage: python script.py <base64-string>")
+        sys.exit(1)
+    
+    b64_string = sys.argv[1]
+    try:
+        formatted_hex = base64_to_hex_string(b64_string)
+        print(formatted_hex)
+    except ValueError as e:
+        print(e)
--- a/src/mesh/NodeDB.cpp
+++ b/src/mesh/NodeDB.cpp
@ -407,9 +407,30 @@ void NodeDB::installDefaultConfig(bool preserveKey = false)
    config.lora.ignore_mqtt = false;
 #endif
 #ifdef USERPREFS_USE_ADMIN_KEY
-    memcpy(config.security.admin_key[0].bytes, USERPREFS_ADMIN_KEY, 32);
-    config.security.admin_key[0].size = 32;
-    config.security.admin_key_count = 1;
+    // Initialize admin_key_count to zero
+    byte numAdminKeys = 0;
+
+    // Check if USERPREFS_ADMIN_KEY_0 is non-empty
+    if (sizeof(USERPREFS_ADMIN_KEY_0) > 0) {
+        memcpy(config.security.admin_key[numAdminKeys].bytes, USERPREFS_ADMIN_KEY_0, 32);
+        config.security.admin_key[numAdminKeys].size = 32;
+        numAdminKeys++;
+    }
+
+    // Check if USERPREFS_ADMIN_KEY_1 is non-empty
+    if (sizeof(USERPREFS_ADMIN_KEY_1) > 0) {
+        memcpy(config.security.admin_key[numAdminKeys].bytes, USERPREFS_ADMIN_KEY_1, 32);
+        config.security.admin_key[numAdminKeys].size = 32;
+        numAdminKeys++;
+    }
+
+    // Check if USERPREFS_ADMIN_KEY_2 is non-empty
+    if (sizeof(USERPREFS_ADMIN_KEY_2) > 0) {
+        memcpy(config.security.admin_key[config.security.admin_key_count].bytes, USERPREFS_ADMIN_KEY_2, 32);
+        config.security.admin_key[config.security.admin_key_count].size = 32;
+        numAdminKeys++;
+    }
+    config.security.admin_key_count = numAdminKeys;
 #endif
    if (shouldPreserveKey) {
        config.security.private_key.size = 32;
--- a/userPrefs.h
+++ b/userPrefs.h
@ -68,11 +68,19 @@ static unsigned char icon_bits[] = {
    0x98, 0x3F, 0xF0, 0x23, 0x00, 0xFC, 0x0F, 0xE0, 0x7F, 0x00, 0xFC, 0x03, 0x80, 0xFF, 0x01, 0xFC, 0x00, 0x00, 0x3E, 0x00, 0x70,
    0x00, 0x00, 0x1C, 0x00, 0x70, 0x00, 0x00, 0x1C, 0x00, 0x70, 0x00, 0x00, 0x1C, 0x00, 0x70, 0x00, 0x00, 0x1C, 0x00};
 */
+
+/*
+ * PKI Admin keys.
+ * If a Admin key is set with '{};'
+ * then it will be ignored, a PKI key must have a size of 32.
+ */
 /*
 #define USERPREFS_USE_ADMIN_KEY 1
-static unsigned char USERPREFS_ADMIN_KEY[] = {0xcd, 0xc0, 0xb4, 0x3c, 0x53, 0x24, 0xdf, 0x13, 0xca, 0x5a, 0xa6,
-                                       0x0c, 0x0d, 0xec, 0x85, 0x5a, 0x4c, 0xf6, 0x1a, 0x96, 0x04, 0x1a,
-                                       0x3e, 0xfc, 0xbb, 0x8e, 0x33, 0x71, 0xe5, 0xfc, 0xff, 0x3c};
+static unsigned char USERPREFS_ADMIN_KEY_0[] = {0xcd, 0xc0, 0xb4, 0x3c, 0x53, 0x24, 0xdf, 0x13, 0xca, 0x5a, 0xa6,
+                                                0x0c, 0x0d, 0xec, 0x85, 0x5a, 0x4c, 0xf6, 0x1a, 0x96, 0x04, 0x1a,
+                                                0x3e, 0xfc, 0xbb, 0x8e, 0x33, 0x71, 0xe5, 0xfc, 0xff, 0x3c};
+static unsigned char USERPREFS_ADMIN_KEY_1[] = {};
+static unsigned char USERPREFS_ADMIN_KEY_2[] = {};
 */

 /*
Author	SHA1	Message	Date
gjelsoe	4711eedf16	Create base64_to_hex.py A little tool for converting base64 PKI Keys to decoded byte that userPrefs.h can understand.	2024-11-17 09:44:43 +08:00
gjelsoe	108fb1f809	Update userPrefs.h Changed wording	2024-11-17 09:44:43 +08:00
gjelsoe	65f91b8d14	Update NodeDB.cpp Trunk	2024-11-17 09:44:43 +08:00
gjelsoe	4b0fc47359	Update userPrefs.h Allows all 3 PKI keys to be added to userPrefs.h (#4969)	2024-11-17 09:44:43 +08:00
gjelsoe	19e563f9ca	more userPrefs.h Added PKI Admin keys to userPrefs.h	2024-11-17 09:44:43 +08:00
Ben Meadors	37b29f6899	Add littlefswebui Some checks are pending CI / setup (rp2040) (push) Waiting to run Details CI / setup (stm32) (push) Waiting to run Details CI / check (push) Blocked by required conditions Details CI / build-esp32 (push) Blocked by required conditions Details CI / build-esp32-s3 (push) Blocked by required conditions Details CI / build-esp32-c3 (push) Blocked by required conditions Details CI / build-esp32-c6 (push) Blocked by required conditions Details CI / build-nrf52 (push) Blocked by required conditions Details CI / build-rpi2040 (push) Blocked by required conditions Details CI / build-stm32 (push) Blocked by required conditions Details CI / package-raspbian (push) Waiting to run Details CI / package-raspbian-armv7l (push) Waiting to run Details CI / package-native (push) Waiting to run Details CI / after-checks (push) Blocked by required conditions Details CI / gather-artifacts (esp32) (push) Blocked by required conditions Details CI / gather-artifacts (esp32c3) (push) Blocked by required conditions Details CI / gather-artifacts (esp32c6) (push) Blocked by required conditions Details CI / gather-artifacts (esp32s3) (push) Blocked by required conditions Details CI / gather-artifacts (nrf52840) (push) Blocked by required conditions Details CI / gather-artifacts (rp2040) (push) Blocked by required conditions Details CI / gather-artifacts (stm32) (push) Blocked by required conditions Details CI / release-artifacts (push) Blocked by required conditions Details CI / release-firmware (esp32) (push) Blocked by required conditions Details CI / release-firmware (esp32c3) (push) Blocked by required conditions Details CI / release-firmware (esp32c6) (push) Blocked by required conditions Details CI / release-firmware (esp32s3) (push) Blocked by required conditions Details CI / release-firmware (nrf52840) (push) Blocked by required conditions Details CI / release-firmware (rp2040) (push) Blocked by required conditions Details CI / release-firmware (stm32) (push) Blocked by required conditions Details Flawfinder Scan / Flawfinder (push) Waiting to run Details	2024-11-16 19:36:55 -06:00