Add AES-256 encryption support for cross-implementation compatibility#2
Open
ShaTie wants to merge 1 commit intoliamcottle:masterfrom
Open
Add AES-256 encryption support for cross-implementation compatibility#2ShaTie wants to merge 1 commit intoliamcottle:masterfrom
ShaTie wants to merge 1 commit intoliamcottle:masterfrom
Conversation
This commit adds AES-256-CBC encryption support to achieve full compatibility with Python Reticulum's Link.MODE_AES256_CBC. Changes: - **fernet.js**: Support both 32-byte (AES-128) and 64-byte (AES-256) keys - Split 64-byte keys: first 32 bytes for signing, last 32 for encryption - Dynamic cipher mode selection based on key length - **link.js**: Use 64-byte derivedKey for AES-256 compatibility - Update HKDF to generate 64-byte keys matching Python implementation - Add error handling in decrypt() to prevent crashes on decryption failures - Add null checks before using decrypted data - **interface.js**: Add statistics fields matching Python implementation - rxb/txb counters for received/transmitted bytes - online/OUT status flags - **websocket_client_interface.js**: Improve connection handling - Check WebSocket readyState before sending - Track rxb/txb statistics - Set online/OUT flags on connect/disconnect Tested with 11/11 E2E tests passing, including cross-implementation message delivery (Python → JavaScript).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR adds AES-256-CBC encryption support to achieve full compatibility with Python Reticulum's
Link.MODE_AES256_CBC.Changes
Core Encryption (fernet.js)
Link Encryption (link.js)
derivedKeyfor AES-256 compatibility with Pythondecrypt()to prevent crashes on decryption failuresInterface Statistics (interface.js, websocket_client_interface.js)
rxb,txb,online,OUTreadyStatebefore sending to prevent errorsTesting
Tested with 11/11 E2E tests passing, including:
Browser Compatibility
Works in browsers with standard polyfills:
crypto-browserifysupports AES-256-CBCBackwards Compatibility
Fully backwards compatible - still supports 32-byte AES-128 mode for existing implementations.