Re-org some settings into a new SecurityConfig proto

meshtastic/config.options

@@ -15,3 +15,7 @@
 *LoRaConfig.channel_num int_size:16
 
 *PowerConfig.device_battery_ina_address int_size:8
+
+*SecurityConfig.public_key max_size:32
+*SecurityConfig.private_key max_size:32
+*SecurityConfig.admin_key max_size:32

meshtastic/config.proto

@@ -135,14 +135,16 @@ message Config {
 
     /*
      * Disabling this will disable the SerialConsole by not initilizing the StreamAPI
+     * Moved to SecurityConfig
      */
-    bool serial_enabled = 2;
+    bool serial_enabled = 2[deprecated = true];
 
     /*
      * By default we turn off logging as soon as an API client connects (to keep shared serial link quiet).
      * Set this to true to leave the debug log outputting even when API is active.
+     * Moved to SecurityConfig
      */
-    bool debug_log_enabled = 3;
+    bool debug_log_enabled = 3[deprecated = true];
 
     /*
      * For boards without a hard wired button, this is the pin number that will be used
@@ -175,8 +177,9 @@ message Config {
     /*
      * If true, device is considered to be "managed" by a mesh administrator
      * Clients should then limit available configuration and administrative options inside the user interface
+     * Moved to SecurityConfig
      */
-    bool is_managed = 9;
+    bool is_managed = 9[deprecated = true];
 
     /*
      * Disables the triple-press of user button to enable or disable GPS
@@ -1018,6 +1021,44 @@ message Config {
     bool device_logging_enabled = 4;
   }
 
+  message SecurityConfig {
+
+  /*
+   * The public key of the user's device.
+   * This is sent out to other nodes on the mesh to allow them to compute a shared secret key.
+   */
+    bytes public_key = 1;
+
+  /*
+   * The private key of the device.
+   * This is used to create a shared key with a remote device.
+   */
+    bytes private_key = 2;
+
+    /*
+     * This is the public key authorized to send admin messages to this node
+     */
+    bytes admin_key = 3;
+
+    /*
+     * If true, device is considered to be "managed" by a mesh administrator
+     * Clients should then limit available configuration and administrative options inside the user interface
+     */
+    bool is_managed = 4;
+
+    /*
+     * Disabling this will disable the SerialConsole by not initilizing the StreamAPI
+     */
+    bool serial_enabled = 5;
+
+    /*
+     * By default we turn off logging as soon as an API client connects (to keep shared serial link quiet).
+     * Set this to true to leave the debug log outputting even when API is active.
+     */
+    bool debug_log_enabled = 6;
+
+  }
+
   /*
    * Payload Variant
    */
@@ -1029,5 +1070,6 @@ message Config {
     DisplayConfig display = 5;
     LoRaConfig lora = 6;
     BluetoothConfig bluetooth = 7;
+    SecurityConfig security = 8;
   }
 }

meshtastic/mesh.options

@@ -4,7 +4,6 @@
 *macaddr max_size:6 fixed_length:true # macaddrs
 *id max_size:16 # node id strings
 *public_key max_size:32 # public key
-*private_key max_size:32 # private key
 
 *User.long_name max_size:40
 *User.short_name max_size:5

meshtastic/mesh.proto

@@ -1361,12 +1361,6 @@ message MyNodeInfo {
    * Phone/PC apps should compare this to their build number and if too low tell the user they must update their app
    */
   uint32 min_app_version = 11;
-
-  /*
-   * The private key of the device.
-   * This is used to create a shared key with a remote device.
-   */
-  bytes private_key = 12;
 }
 
 /*