From e0b97f6d525d1b723933ab10279241c2de5e5060 Mon Sep 17 00:00:00 2001 From: Jonathan Bennett Date: Tue, 20 May 2025 23:41:46 -0500 Subject: [PATCH] Add the transport messages for a key validation protocol --- meshtastic/admin.proto | 55 ++++++++++++++++++++++++++++ meshtastic/mesh.proto | 75 +++++++++++++++++++++++++++++++++++++++ meshtastic/portnums.proto | 5 +++ 3 files changed, 135 insertions(+) diff --git a/meshtastic/admin.proto b/meshtastic/admin.proto index b6fc552..93e259c 100644 --- a/meshtastic/admin.proto +++ b/meshtastic/admin.proto @@ -402,6 +402,11 @@ message AdminMessage { */ SharedContact add_contact = 66; + /* + * Initiate or respond to a key verification request + */ + KeyVerification key_verification = 67; + /* * Tell the node to factory reset config everything; all device state and configuration will be returned to factory defaults and BLE bonds will be cleared. */ @@ -488,4 +493,54 @@ message SharedContact { * The User of the contact */ User user = 2; +} + + /* + * This message is used by a client to initiate or complete a key verification + */ +message KeyVerification { + /* + * Three stages of this request. + */ + enum MessageType { + + /* + * This is the first stage, where a client initiates + */ + INITIATE_VERIFICATION = 0; + + /* + * After the nonce has been returned over the mesh, the client prompts for the security number + * And uses this message to provide it to the node. + */ + PROVIDE_SECURITY_NUMBER = 1; + + /* + * Once the user has compared the verification message, this message notifies the node. + */ + DO_VERIFY = 2; + + /* + * This is the cancel path, can be taken at any point + */ + DO_NOT_VERIFY = 3; + + } + + MessageType message_type = 1; + + /* + * The nodenum we're requesting + */ + uint32 remote_nodenum = 2; + + /* + * The nonce is used to track the connection + */ + uint64 nonce = 3; + + /* + * The 4 digit code generated by the remote node, and communicated outside the mesh + */ + optional uint32 security_number = 4; } \ No newline at end of file diff --git a/meshtastic/mesh.proto b/meshtastic/mesh.proto index 74898c3..dde7b8c 100644 --- a/meshtastic/mesh.proto +++ b/meshtastic/mesh.proto @@ -1011,6 +1011,23 @@ message Data { optional uint32 bitfield = 9; } +/* + * The actual over-the-mesh message doing KeyVerification + */ +message KeyVerification { + + /* + * random value Selected by the requesting node + */ + uint64 nonce = 1; + + /* + * Will be omitted on the initial request, and included on the response + */ + optional uint32 security_number = 2; + +} + /* * Waypoint message, used to share arbitrary locations across the mesh */ @@ -1772,6 +1789,11 @@ message FromRadio { * Persistent data for device-ui */ DeviceUIConfig deviceuiConfig = 17; + + /* + * Key Verification Message + */ + KeyVerificationRequest keyverificationrequest = 18; } } @@ -1802,6 +1824,59 @@ message ClientNotification { string message = 4; } +/* + * This is the messages the node uses to inform a client of a key verification process + */ +message keyverificationrequest { + + /* + * Tracks the phase of connection + */ + enum MessageType { + /* + * First response sent to the local client, requests the security number + */ + number_request = 0; + + /* + * Message containing the hash to compare and the security number + * Indicates this is the node that is receiving the verification request + */ + final_receiver = 1; + + /* + * Message containing the hash to compare and the security number + * Indicates this is the node that is sending the verification request + */ + final_sender = 2; + } + + /* + * Phase of connection + */ + MessageType message_type = 1; + + /* + * Display the remote node to the local user + */ + string remote_longname = 2; + + /* + * To be displayed on the final verification screen on both ends + */ + optional uint32 security_number = 3; + + /* + * The actual 6 character hash to be compared + */ + string verification_characters = 4; + + /* + * The nonce, used to track the connection state + */ + uint64 nonce = 5; +} + /* * Individual File info for the device */ diff --git a/meshtastic/portnums.proto b/meshtastic/portnums.proto index 76df5db..0203392 100644 --- a/meshtastic/portnums.proto +++ b/meshtastic/portnums.proto @@ -110,6 +110,11 @@ enum PortNum { */ ALERT_APP = 11; + /* + * Module/port for handling key verification requests. + */ + KEY_VERIFICATION_APP = 12; + /* * Provides a 'ping' service that replies to any packet it receives. * Also serves as a small example module.