Add private key export support

- Add PRIVATE_KEY and DISABLED event types - Add packet parsing for private key export responses - Add export_private_key() method to DeviceCommands - Add comprehensive unit tests - Add BLE private key export example - Update documentation with security notes
2026-04-20 22:13:49 +00:00 · 2025-10-12 18:23:32 -07:00 · 2025-10-12 18:23:32 -07:00 · e0f71482c6
commit e0f71482c6
parent c697c960a6
6 changed files with 305 additions and 0 deletions
--- a/src/meshcore/commands/device.py
+++ b/src/meshcore/commands/device.py
@ -202,3 +202,7 @@ class DeviceCommands(CommandHandlerBase):

        data = b"\x20" + channel_idx.to_bytes(1, "little") + name_bytes + channel_secret
        return await self.send(data, [EventType.OK, EventType.ERROR])
+
+    async def export_private_key(self) -> Event:
+        logger.debug("Requesting private key export")
+        return await self.send(b"\x17", [EventType.PRIVATE_KEY, EventType.DISABLED, EventType.ERROR])
--- a/src/meshcore/events.py
+++ b/src/meshcore/events.py
@ -41,6 +41,8 @@ class EventType(Enum):
    CUSTOM_VARS = "custom_vars"
    CHANNEL_INFO = "channel_info"
    PATH_RESPONSE = "path_response"
+    PRIVATE_KEY = "private_key"
+    DISABLED = "disabled"

    # Command response types
    OK = "command_ok"
--- a/src/meshcore/reader.py
+++ b/src/meshcore/reader.py
@ -569,6 +569,20 @@ class MessageReader:
                Event(EventType.PATH_RESPONSE, res, attributes)
            )

+        elif packet_type_value == PacketType.PRIVATE_KEY.value:
+            logger.debug(f"Received private key response: {data.hex()}")
+            if len(data) >= 65:  # 1 byte response code + 64 bytes private key
+                private_key = data[1:65]  # Extract 64-byte private key
+                res = {"private_key": private_key}
+                await self.dispatcher.dispatch(Event(EventType.PRIVATE_KEY, res))
+            else:
+                logger.error(f"Invalid private key response length: {len(data)}")
+
+        elif packet_type_value == PacketType.DISABLED.value:
+            logger.debug("Received disabled response")
+            res = {"reason": "private_key_export_disabled"}
+            await self.dispatcher.dispatch(Event(EventType.DISABLED, res))
+
        else:
            logger.debug(f"Unhandled data received {data}")
            logger.debug(f"Unhandled packet type: {packet_type_value}")