Encryption Clarification

jfirwin · May 27, 2021, 6:48pm

Note: I posted this basically verbatim on slack, but moved it here for wider viewability.

Question about the setting encryption. I’m on v1.2.33 with device firmware v1.2.30.

I’m writing the section on preshared keys for the docs. When I run 0-10 (from the protobufs), I get the following results. So I assume this is not how I want to change encryption.

~ $ meshtastic --ch-set psk 1
Connected to radio
Aborting due to: Cannot set ChannelSettings.psk to 1: 1 has type <class 'int'>, but expected one of: (<class 'bytes'>,)

When I run none/default/random documented on the Meshtastic-python README I have mixed results

When I run none I get the following results

~ $ meshtastic --ch-set psk none
Connected to radio
Writing modified channels to device
~ $ meshtastic --info
[...]
Channels:
  PRIMARY psk=unencrypted { "modemConfig": "Bw125Cr48Sf4096", "psk": "AA==" }

When I run default I get the following results

~ $ meshtastic --ch-set psk default
Connected to radio
Writing modified channels to device
~ $ meshtastic --info
[...]
Channels:
  PRIMARY psk=default { "modemConfig": "Bw125Cr48Sf4096", "psk": "AQ==" }

And lastly when i run random I get the following results (I think I found a bug here @geeksville, if it is, I’ll file an issue on the repo)

~ $ meshtastic --ch-set psk random
Connected to radio
Aborting due to: name 'genPSK256' is not defined

Can anyone shed some light on setting the psk value so i can correctly document it? Can a person enter a custom AES key manually using the CLI?

claesg · May 27, 2021, 7:31pm

I think you should specify the 1 in byte notation. That is what the error msg says.

On a python prompt i can do this

>>>bytes.decode(b'1')
'1'

try
~ $ meshtastic --ch-set psk b'1'

It could work…

jfirwin · May 27, 2021, 8:26pm

Thanks for the example, I’ll do a little more digging. The result was:

~ $ meshtastic --ch-set psk b'1'
Connected to radio
Aborting due to: 'b1' has type str, but expected one of: bytes

I’m not sure the protobuf definitions are mapped out in the CLI tool, and that’s what I’m coming across. I think I’m trying to get to the bottom of two definitions for encryption and what is the user actually going to have access to.

jfirwin · May 27, 2021, 8:42pm

Looking through the source code is what I should have done first!

~ $ meshtastic --ch-set simple1
Connected to radio
Writing modified channels to device
~ $ meshtastic -- info
[...]
Channels:
   Primary psk=simple1 {"modemConfig":.....}

simple0 (default) - simple254 are allowed variables.

random is still giving me the error though, so I believe there may be a bug which I’ve filed.

geeksville · May 28, 2021, 2:37am

OOPS! That looks like a bug I must have introduced that broke that feature. Would you mind putting a bug in for meshtastic-python and linking to this thread. I can fix it tonight?

Topic		Replies	Views
Encryption - Default vs Random PSK Support	4	1288	June 20, 2022
1.2.10 python tool - adds support for ham radio users Alpha Testers	2	796	May 15, 2022
Encryption / Secondary Channels Android	39	4647	February 4, 2024
Encryption/security issues review Development	19	3778	January 5, 2023
2.0.6 Encryption Support	7	816	December 27, 2022

Encryption Clarification

Related topics