I think I can help with those questions:
- the encryption key is channel specific and shared as part of the channel āURLā.
- the default channel key is well known (therefore not particularly secure) it is
/// 16 bytes of random PSK for our _public_ default channel that all devices power up on (AES128)
static const uint8_t defaultpsk[] = {0xd4, 0xf1, 0xbb, 0x3a, 0x20, 0x29, 0x07, 0x59,
0xf0, 0xbc, 0xff, 0xab, 0xcf, 0x4e, 0x69, 0xbf};
- The algorithm for the crypto is described here https://github.com/meshtastic/Meshtastic-device/blob/master/docs/software/crypto.md
- aes_wrap.h comes in from the ESP32 toolchain. That toolchain gets fetched automatically into ~/.platformio when you do āpio runā. On the ESP32 processors I use their hardware AES implementation, on the NRF52 processors I use a ARM library that implements AES-CTR.
- The keys for a channel can be set with the python tool or the android app. If the key is 16 bytes long we use AES128, if 32 bytes long AES256. ** if zero bytes long ** we turn off encryption. This might be useful for you. I think "meshtastic --setchan psk āā " should do this.
Oh yes, I forgot to record your request to support totally opaque payloads. Iāll put that in the wiki to do soonish.
Does that help?