Put XEDDSA on the right bit

2026-06-01 04:35:14 -04:00 · 2026-05-13 16:46:42 -05:00
parent aa9ffe2c4b
commit 546db5fda6
3 changed files with 12 additions and 10 deletions
--- a/src/mesh/NodeDB.h
+++ b/src/mesh/NodeDB.h
@@ -493,6 +493,8 @@ extern uint32_t error_address;
 #define NODEINFO_BITFIELD_IS_UNMESSAGABLE_MASK (1u << NODEINFO_BITFIELD_IS_UNMESSAGABLE_SHIFT)
 #define NODEINFO_BITFIELD_HAS_IS_UNMESSAGABLE_SHIFT 8
 #define NODEINFO_BITFIELD_HAS_IS_UNMESSAGABLE_MASK (1u << NODEINFO_BITFIELD_HAS_IS_UNMESSAGABLE_SHIFT)
+#define NODEINFO_BITFIELD_HAS_XEDDSA_SIGNED_SHIFT 9
+#define NODEINFO_BITFIELD_HAS_XEDDSA_SIGNED_MASK (1u << NODEINFO_BITFIELD_HAS_XEDDSA_SIGNED_SHIFT)
 // Bits 9..31 reserved for future single-bit flags.

 // Convenience accessors so call sites read like the old struct fields.
@@ -532,6 +534,10 @@ inline bool nodeInfoLiteIsKeyManuallyVerified(const meshtastic_NodeInfoLite *n)
 {
    return n && (n->bitfield & NODEINFO_BITFIELD_IS_KEY_MANUALLY_VERIFIED_MASK);
 }
+inline bool nodeInfoLiteHasXeddsaSigned(const meshtastic_NodeInfoLite *n)
+{
+    return n && (n->bitfield & NODEINFO_BITFIELD_HAS_XEDDSA_SIGNED_MASK);
+}

 inline void nodeInfoLiteSetBit(meshtastic_NodeInfoLite *n, uint32_t mask, bool value)
 {
@@ -543,9 +549,6 @@ inline void nodeInfoLiteSetBit(meshtastic_NodeInfoLite *n, uint32_t mask, bool v
        n->bitfield &= ~mask;
 }

-#define NODEINFO_BITFIELD_HAS_XEDDSA_SIGNED_SHIFT 1
-#define NODEINFO_BITFIELD_HAS_XEDDSA_SIGNED_MASK (1 << NODEINFO_BITFIELD_HAS_XEDDSA_SIGNED_SHIFT)
-
 #define Module_Config_size                                                                                                       \
    (ModuleConfig_CannedMessageConfig_size + ModuleConfig_ExternalNotificationConfig_size + ModuleConfig_MQTTConfig_size +       \
     ModuleConfig_RangeTestConfig_size + ModuleConfig_SerialConfig_size + ModuleConfig_StoreForwardConfig_size +                 \
--- a/src/mesh/Router.cpp
+++ b/src/mesh/Router.cpp
@@ -523,12 +523,12 @@ DecodeState perhapsDecode(meshtastic_MeshPacket *p)
        if (p->decoded.has_bitfield)
            p->decoded.want_response |= p->decoded.bitfield & BITFIELD_WANT_RESPONSE_MASK;

-        if (p->decoded.has_xeddsa_signature) {
+        if (p->decoded.xeddsa_signature.size == XEDDSA_SIGNATURE_SIZE) {
            meshtastic_NodeInfoLite *node = nodeDB->getMeshNode(p->from);
-            if (node && node->user.public_key.size == 32) {
+            if (node && node->public_key.size == 32) {
                p->xeddsa_signed =
-                    crypto->xeddsa_verify(node->user.public_key.bytes, p->from, p->id, p->decoded.portnum,
-                                          p->decoded.payload.bytes, p->decoded.payload.size, p->decoded.xeddsa_signature.bytes);
+                    crypto->xeddsa_verify(node->public_key.bytes, p->from, p->id, p->decoded.portnum, p->decoded.payload.bytes,
+                                          p->decoded.payload.size, p->decoded.xeddsa_signature.bytes);
                if (p->xeddsa_signed) {
                    // Mark this node as a signer so future unsigned packets from it are rejected
                    node->bitfield |= NODEINFO_BITFIELD_HAS_XEDDSA_SIGNED_MASK;
@@ -543,7 +543,7 @@ DecodeState perhapsDecode(meshtastic_MeshPacket *p)
        } else {
            // Unsigned packet — reject if this node previously sent signed packets
            meshtastic_NodeInfoLite *node = nodeDB->getMeshNode(p->from);
-            if (node && (node->bitfield & NODEINFO_BITFIELD_HAS_XEDDSA_SIGNED_MASK)) {
+            if (node && nodeInfoLiteHasXeddsaSigned(node)) {
                LOG_WARN("Dropping unsigned packet from 0x%08x that previously signed", p->from);
                return DecodeState::DECODE_FAILURE;
            }
@@ -628,7 +628,6 @@ meshtastic_Routing_Error perhapsEncode(meshtastic_MeshPacket *p)
                if (crypto->xeddsa_sign(p->from, p->id, p->decoded.portnum, p->decoded.payload.bytes, p->decoded.payload.size,
                                        p->decoded.xeddsa_signature.bytes)) {
                    p->decoded.xeddsa_signature.size = XEDDSA_SIGNATURE_SIZE;
-                    p->decoded.has_xeddsa_signature = true;
                    LOG_DEBUG("XEdDSA signed packet 0x%08x", p->id);
                }
            }
--- a/src/mesh/TypeConversions.cpp
+++ b/src/mesh/TypeConversions.cpp
@@ -18,7 +18,7 @@ meshtastic_NodeInfo TypeConversions::ConvertToNodeInfo(const meshtastic_NodeInfo
    info.is_ignored = nodeInfoLiteIsIgnored(lite);
    info.is_key_manually_verified = nodeInfoLiteIsKeyManuallyVerified(lite);
    info.is_muted = nodeInfoLiteIsMuted(lite);
-    info.has_xeddsa_signed = lite->bitfield & NODEINFO_BITFIELD_HAS_XEDDSA_SIGNED_MASK;
+    info.has_xeddsa_signed = nodeInfoLiteHasXeddsaSigned(lite);

    if (lite->has_hops_away) {
        info.has_hops_away = true;