mudhorn/meshtastic-metrics-exporter
1
0
Fork 1
mirror of https://github.com/tcivie/meshtastic-metrics-exporter.git synced 2024-12-26 06:04:22 -08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Added support for encrypted messages with the basic meshtastic key

Browse source
This commit is contained in:
Gleb Tcivie 2024-06-28 13:59:15 +03:00
parent f2d02be6d2
commit 4ebc56f57f
4 changed files with 25 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.env
View file

@ -27,4 +27,6 @@ MESH_HIDE_DESTINATION_DATA=false
## Filtered ports in the exporter (default: 1, can be a comma-separated list of ports) ## Filtered ports in the exporter (default: 1, can be a comma-separated list of ports)
FILTERED_PORTS=0 FILTERED_PORTS=0
## Hide message content in the TEXT_MESSAGE_APP packets (default: true) (Currently we only log message length, if we hide then all messages would have the same length) ## Hide message content in the TEXT_MESSAGE_APP packets (default: true) (Currently we only log message length, if we hide then all messages would have the same length)
HIDE_MESSAGE=false HIDE_MESSAGE=false
## MQTT server Key for decoding
MQTT_SERVER_KEY=1PG7OiApB1nwvP+rz05pAQ==

2
docker-compose.yml
View file

@ -9,6 +9,8 @@ services:
restart: unless-stopped restart: unless-stopped
extra_hosts: extra_hosts:
- "host.docker.internal:host-gateway" - "host.docker.internal:host-gateway"
ports:
- "9090:9090"
networks: networks:
- mesh-bridge - mesh-bridge
volumes: volumes:

20
exporter/processors.py
View file

@ -1,9 +1,12 @@
import base64
import json import json
import os import os
import redis import redis
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from meshtastic.config_pb2 import Config from meshtastic.config_pb2 import Config
from meshtastic.mesh_pb2 import MeshPacket, HardwareModel from meshtastic.mesh_pb2 import MeshPacket, HardwareModel, Data
from meshtastic.portnums_pb2 import PortNum from meshtastic.portnums_pb2 import PortNum
from prometheus_client import CollectorRegistry, Counter, Histogram, Gauge from prometheus_client import CollectorRegistry, Counter, Histogram, Gauge
@ -116,6 +119,21 @@ class MessageProcessor:
) )
def process(self, mesh_packet: MeshPacket): def process(self, mesh_packet: MeshPacket):
if getattr(mesh_packet, 'encrypted'):
key_bytes = base64.b64decode(os.getenv('MQTT_SERVER_KEY', '1PG7OiApB1nwvP+rz05pAQ==').encode('ascii'))
nonce_packet_id = getattr(mesh_packet, "id").to_bytes(8, "little")
nonce_from_node = getattr(mesh_packet, "from").to_bytes(8, "little")
# Put both parts into a single byte array.
nonce = nonce_packet_id + nonce_from_node
cipher = Cipher(algorithms.AES(key_bytes), modes.CTR(nonce), backend=default_backend())
decryptor = cipher.decryptor()
decrypted_bytes = decryptor.update(getattr(mesh_packet, "encrypted")) + decryptor.finalize()
data = Data()
data.ParseFromString(decrypted_bytes)
mesh_packet.decoded.CopyFrom(data)
port_num = int(mesh_packet.decoded.portnum) port_num = int(mesh_packet.decoded.portnum)
payload = mesh_packet.decoded.payload payload = mesh_packet.decoded.payload

2
requirements.txt
View file

@ -3,4 +3,4 @@ redis~=5.0.6
python-dotenv~=1.0.1 python-dotenv~=1.0.1
meshtastic~=2.3.11 meshtastic~=2.3.11
prometheus_client~=0.20.0 prometheus_client~=0.20.0
unishox2-py3~=1.0.0 cryptography~=42.0.8