support providing custom decryption keys via command line args
This commit is contained in:
liamcottle
42
src/mqtt.js
42
src/mqtt.js
@ -29,6 +29,13 @@ const options = commandLineArgs([
|
|||||||
type: Boolean,
|
type: Boolean,
|
||||||
description: "This option will save all received service envelopes to the database.",
|
description: "This option will save all received service envelopes to the database.",
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
name: "decryption-keys",
|
||||||
|
type: String,
|
||||||
|
multiple: true,
|
||||||
|
typeLabel: "<base64DecryptionKey>",
|
||||||
|
description: "Decryption keys encoded in base64 to use when decrypting service envelopes.",
|
||||||
|
},
|
||||||
]);
|
]);
|
||||||
|
|
||||||
// get options and fallback to default values
|
// get options and fallback to default values
|
||||||
@ -36,6 +43,9 @@ const mqttBrokerUrl = options["mqtt-broker-url"] ?? "mqtt://mqtt.meshtastic.org"
|
|||||||
const mqttUsername = options["mqtt-username"] ?? "meshdev";
|
const mqttUsername = options["mqtt-username"] ?? "meshdev";
|
||||||
const mqttPassword = options["mqtt-password"] ?? "large4cats";
|
const mqttPassword = options["mqtt-password"] ?? "large4cats";
|
||||||
const collectServiceEnvelopes = options["collect-service-envelopes"] ?? false;
|
const collectServiceEnvelopes = options["collect-service-envelopes"] ?? false;
|
||||||
|
const decryptionKeys = options["decryption-keys"] ?? [
|
||||||
|
"1PG7OiApB1nwvP+rz05pAQ==", // add default "AQ==" decryption key
|
||||||
|
];
|
||||||
|
|
||||||
// create mqtt client
|
// create mqtt client
|
||||||
const client = mqtt.connect(mqttBrokerUrl, {
|
const client = mqtt.connect(mqttBrokerUrl, {
|
||||||
@ -83,26 +93,32 @@ function createNonce(packetId, fromNode) {
|
|||||||
* https://github.com/pdxlocations/Meshtastic-MQTT-Connect/blob/main/meshtastic-mqtt-connect.py#L381
|
* https://github.com/pdxlocations/Meshtastic-MQTT-Connect/blob/main/meshtastic-mqtt-connect.py#L381
|
||||||
*/
|
*/
|
||||||
function decrypt(packet) {
|
function decrypt(packet) {
|
||||||
try {
|
|
||||||
|
|
||||||
// default encryption key
|
// attempt to decrypt with all available decryption keys
|
||||||
const key = Buffer.from("1PG7OiApB1nwvP+rz05pAQ==", "base64");
|
for(const decryptionKey of decryptionKeys){
|
||||||
|
try {
|
||||||
|
|
||||||
// create decryption iv/nonce for this packet
|
// convert encryption key to buffer
|
||||||
const nonceBuffer = createNonce(packet.id, packet.from);
|
const key = Buffer.from(decryptionKey, "base64");
|
||||||
|
|
||||||
// create aes-128-ctr decipher
|
// create decryption iv/nonce for this packet
|
||||||
const decipher = crypto.createDecipheriv('aes-128-ctr', key, nonceBuffer);
|
const nonceBuffer = createNonce(packet.id, packet.from);
|
||||||
|
|
||||||
// decrypt encrypted packet
|
// create aes-128-ctr decipher
|
||||||
const decryptedBuffer = Buffer.concat([decipher.update(packet.encrypted), decipher.final()]);
|
const decipher = crypto.createDecipheriv('aes-128-ctr', key, nonceBuffer);
|
||||||
|
|
||||||
// parse as data message
|
// decrypt encrypted packet
|
||||||
return Data.decode(decryptedBuffer);
|
const decryptedBuffer = Buffer.concat([decipher.update(packet.encrypted), decipher.final()]);
|
||||||
|
|
||||||
} catch(e) {
|
// parse as data message
|
||||||
return null;
|
return Data.decode(decryptedBuffer);
|
||||||
|
|
||||||
|
} catch(e){}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// couldn't decrypt
|
||||||
|
return null;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// subscribe to everything when connected
|
// subscribe to everything when connected
|
||||||
|
|||||||
Reference in New Issue
Block a user