From 1510c42f4a610cf53ce90b4863a3e1ffea631820 Mon Sep 17 00:00:00 2001 From: Florent de Lamotte Date: Mon, 3 Nov 2025 11:13:53 +0100 Subject: [PATCH] verify channel against mac --- src/meshcore_cli/meshcore_cli.py | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/src/meshcore_cli/meshcore_cli.py b/src/meshcore_cli/meshcore_cli.py index c25c78d..cc672d7 100644 --- a/src/meshcore_cli/meshcore_cli.py +++ b/src/meshcore_cli/meshcore_cli.py @@ -26,13 +26,14 @@ from prompt_toolkit.completion.word_completer import WordCompleter from prompt_toolkit.document import Document from hashlib import sha256 from Crypto.Cipher import AES +from Crypto.Hash import HMAC, SHA256 import re from meshcore import MeshCore, EventType, logger # Version -VERSION = "v1.2.2" +VERSION = "v1.2.3" # default ble address is stored in a config file MCCLI_CONFIG_DIR = str(Path.home()) + "/.config/meshcore/" @@ -213,9 +214,17 @@ async def handle_log_rx(event): path_len = pkt[1] path = pkt[2:path_len+2].hex() chan_hash = pkt[path_len+2:path_len+3].hex() - cipher_mac = int.from_bytes(pkt[path_len+3:path_len+5], byteorder="little") + cipher_mac = pkt[path_len+3:path_len+5] msg = pkt[path_len+5:] - channel = await get_channel_by_hash(mc, chan_hash) + channel = None + for c in await get_channels(mc): + if c["channel_hash"] == chan_hash : # validate against MAC + h = HMAC.new(bytes.fromhex(c["channel_secret"]), digestmod=SHA256) + h.update(msg) + if h.digest()[0:2] == cipher_mac: + channel = c + break + if channel is None : chan_name = chan_hash message = msg.hex() @@ -1223,16 +1232,6 @@ async def get_channel_by_name (mc, name): return None -async def get_channel_by_hash (mc, hash): - if not hasattr(mc, 'channels') : - await get_channels(mc) - - for c in mc.channels: - if c['channel_hash'] == hash: - return c - - return None - async def get_contacts (mc, anim=False, lastomod=0, timeout=5) : if mc._contacts: return