* fix: add null check for getMeshNode() in NodeInfoModule
getMeshNode() can return nullptr for unknown nodes. Dereferencing
without a check crashes the firmware when receiving NodeInfo from
a node not yet in the database.
* fix: enforce XEdDSA signature verification and prevent stripping
Previously, failed signature verification still allowed the packet
through, making signatures purely cosmetic. Now:
- Failed verification drops the packet (DECODE_FAILURE)
- Successfully verified nodes get HAS_XEDDSA_SIGNED bitfield set
- Unsigned packets from previously-signing nodes are rejected
- Log levels reduced from WARN/ERROR to DEBUG/WARN as appropriate
* fix: include packet metadata in XEdDSA signature
The signature now covers [fromNode | packetId | portnum | payload]
instead of just the payload bytes. This prevents:
- Replay attacks (different packetId fails verification)
- Reattribution (different fromNode fails verification)
- Portnum redirection (different portnum fails verification)
Also adds a key initialization check to xeddsa_sign (returns false
if XEdDSA keys are all zeros) and checks the return value in the
encode path.
* fix: handle existing key pair in AdminModule security config
When a user provides both a valid private key and public key via
admin config, the crypto engine's DH private key and owner public
key were never loaded. DMs and XEdDSA signing would silently break.
Add an else branch to load both keys into the crypto engine.
* perf: cache Ed25519 public key conversion in xeddsa_verify
curve_to_ed_pub() performs field element parsing, inversion, and
multiplication on every call. Since packets from the same node
tend to arrive in bursts, a single-entry cache avoids repeating
this expensive conversion for consecutive packets from one sender.
* fix: skip identity cleanup when node number is unchanged
createNewIdentity() was called on every generateCryptoKeyPair(),
including normal boots where the same key is regenerated. This
caused unnecessary NodeDB writes and old-node cleanup logic to
run when the node number hadn't actually changed.
Also fixes only zeroing byte[0] of the old node's public key
instead of clearing the entire array.
* fix: replace hardcoded 120 with derived XEDDSA_SIGNATURE_SIZE constant
The payload size check for XEdDSA signing used a magic number (120).
Replace with a derivation from DATA_PAYLOAD_LEN and XEDDSA_SIGNATURE_SIZE
so the limit adjusts automatically if constants change. This also
increases the max signable payload from 120 to 169 bytes, which is
still safe since the actual encoded size is checked after pb_encode.
* fix: add const qualifiers to XEdDSA verify and curve_to_ed_pub inputs
pubKey, payload, and signature parameters in xeddsa_verify are
input-only and should not be modified. Same for curve_pubkey in
curve_to_ed_pub.
* chore: remove commented-out old Crypto dependency in portduino.ini
* Leave out the admin module change for now
---------
Co-authored-by: Jonathan Bennett <jbennett@incomsystems.biz>
* First addition of __has_include for sensor support
* Add __has_include blocks for sensors
* Put BMP and BME back in the right sensors
* Make TelemetrySensor::setup() a pure virtual finction
* Split environmental_base to environmental_extra, to compile the working sensor libs for Native
* Remove hard-coded checks for ARCH_PORTDUINO
* Un-clobber bmx160
* Move BusIO to environmental_extra due to Armv7 compile error
* Move to forked BusIO for the moment
* Enable HAS_SENSOR for Portduino
* Move back to Adafruit BusIO after patch
* cleanup UdpMulticastThread.h preprocessor rules a tiny bit
* bump platform-native to allow for multiple multicast listeners on the same machine
---------
Co-authored-by: Ben Meadors <benmmeadors@gmail.com>
* Add UDP multicast support on linux.
Closes#6326
We tested it an it works.
This is really hacky to say the least.
* Add libuv to Linux packaging
* Trunkadunk
* Correct ref
* Add libuv1-dev to setup-native
---------
Co-authored-by: vidplace7 <vidplace7@gmail.com>
Co-authored-by: Ben Meadors <benmmeadors@gmail.com>
* [WIP] Attempt upgrade to LovyanGFX 1.1.16
This is the version most used by the TFT branch.
I wonder if this will work with our existing code? :)
* Update Portduino to LovyanGFX 1.20.0
Manuel says it's good to go.
* Update unPhone platformio.ini
---------
Co-authored-by: Manuel <71137295+mverch67@users.noreply.github.com>
* Very hacky first attempt at usermod ech341
* Fixes and debug printfs
* Move to library version of libpinedio-usb
* Add spidev: ch341 option in meshtasticd config.yaml
* Only check settingsStrings on native
* Use new CH341 code
* Bump ch341 lib
* Cleanup USBHal
* Add ch341 config.d files
* Remove ch341quirk
* Bump to most recent spi-userspace driver
* Add handling for ch341 serial, pid, and vid
* Minor fixes from pio check
* Trunk
* Add include for musl compliance
* Point to upstream libch341
* Add MACAddress to config.yaml
* Better error handling on native, including failing to launch with blank MAC Address and real hardware.
* Re-arrange Mac Address handling and add MACAddressSource
* Bump portduino to remove macaddr function there
---------
Co-authored-by: Ben Meadors <benmmeadors@gmail.com>
* update radiolib to 7.1.0
* stay at 7.0.2 for STM32, also remove unused board from ESP32 arch
---------
Co-authored-by: Ben Meadors <benmmeadors@gmail.com>
* uclibc compatibility
Adds compatibility with uclibc, the officially supported toolchain of the luckfox pico
* Explicitly link stdc++fs for std::filesystem
Bringing this over from buildroot-meshtastic
