Consolidate PKI key generation logic into ensurePkiKeys method

Author: thebentern

protobufs

@@ -163,28 +163,9 @@ void menuHandler::LoraRegionPicker(uint32_t duration)
             config.lora.region = selectedRegion;
             auto changes = SEGMENT_CONFIG;
 
-        // FIXME: This should be a method consolidated with the same logic in the admin message as well
-        // This is needed as we wait til picking the LoRa region to generate keys for the first time.
 #if !(MESHTASTIC_EXCLUDE_PKI_KEYGEN || MESHTASTIC_EXCLUDE_PKI)
-            if (!owner.is_licensed) {
-                bool keygenSuccess = false;
-                if (config.security.private_key.size == 32) {
-                    // public key is derived from private, so this will always have the same result.
-                    if (crypto->regeneratePublicKey(config.security.public_key.bytes, config.security.private_key.bytes)) {
-                        keygenSuccess = true;
-                    }
-
-                } else {
-                    LOG_INFO("Generate new PKI keys");
-                    crypto->generateKeyPair(config.security.public_key.bytes, config.security.private_key.bytes);
-                    keygenSuccess = true;
-                }
-                if (keygenSuccess) {
-                    config.security.public_key.size = 32;
-                    config.security.private_key.size = 32;
-                    owner.public_key.size = 32;
-                    memcpy(owner.public_key.bytes, config.security.public_key.bytes, 32);
-                }
+            if (crypto) {
+                crypto->ensurePkiKeys(config.security, owner);
             }
 #endif
             config.lora.tx_enabled = true;

src/graphics/draw/MenuHandler.cpp

@@ -177,24 +177,8 @@ static void applyLoRaRegion(meshtastic_Config_LoRaConfig_RegionCode region)
     auto changes = SEGMENT_CONFIG;
 
 #if !(MESHTASTIC_EXCLUDE_PKI_KEYGEN || MESHTASTIC_EXCLUDE_PKI)
-    if (!owner.is_licensed) {
-        bool keygenSuccess = false;
-
-        if (config.security.private_key.size == 32) {
-            if (crypto->regeneratePublicKey(config.security.public_key.bytes, config.security.private_key.bytes)) {
-                keygenSuccess = true;
-            }
-        } else {
-            crypto->generateKeyPair(config.security.public_key.bytes, config.security.private_key.bytes);
-            keygenSuccess = true;
-        }
-
-        if (keygenSuccess) {
-            config.security.public_key.size = 32;
-            config.security.private_key.size = 32;
-            owner.public_key.size = 32;
-            memcpy(owner.public_key.bytes, config.security.public_key.bytes, 32);
-        }
+    if (crypto) {
+        crypto->ensurePkiKeys(config.security, owner);
     }
 #endif
 

src/graphics/niche/InkHUD/Applets/System/Menu/MenuApplet.cpp

@@ -61,6 +61,33 @@ bool CryptoEngine::regeneratePublicKey(uint8_t *pubKey, uint8_t *privKey)
     }
     return true;
 }
+
+bool CryptoEngine::ensurePkiKeys(meshtastic_Config_SecurityConfig &security, meshtastic_User &user)
+{
+    if (user.is_licensed) {
+        return false;
+    }
+
+    bool keygenSuccess = false;
+    if (security.private_key.size == 32) {
+        if (regeneratePublicKey(security.public_key.bytes, security.private_key.bytes)) {
+            keygenSuccess = true;
+        }
+    } else {
+        LOG_INFO("Generate new PKI keys");
+        generateKeyPair(security.public_key.bytes, security.private_key.bytes);
+        keygenSuccess = true;
+    }
+
+    if (keygenSuccess) {
+        security.public_key.size = 32;
+        security.private_key.size = 32;
+        user.public_key.size = 32;
+        memcpy(user.public_key.bytes, security.public_key.bytes, 32);
+    }
+
+    return keygenSuccess;
+}
 #endif
 
 /**

src/mesh/CryptoEngine.cpp

@@ -36,6 +36,7 @@ class CryptoEngine
 #if !(MESHTASTIC_EXCLUDE_PKI_KEYGEN)
     virtual void generateKeyPair(uint8_t *pubKey, uint8_t *privKey);
     virtual bool regeneratePublicKey(uint8_t *pubKey, uint8_t *privKey);
+    virtual bool ensurePkiKeys(meshtastic_Config_SecurityConfig &security, meshtastic_User &user);
 
 #endif
     void setDHPrivateKey(uint8_t *_private_key);

src/mesh/CryptoEngine.h

@@ -776,24 +776,8 @@ void AdminModule::handleSetConfig(const meshtastic_Config &c, bool fromOthers)
                 // If we're setting region for the first time, init the region and regenerate the keys
                 if (isRegionUnset && validatedLora.region > meshtastic_Config_LoRaConfig_RegionCode_UNSET) {
 #if !(MESHTASTIC_EXCLUDE_PKI_KEYGEN || MESHTASTIC_EXCLUDE_PKI)
-                    if (!owner.is_licensed) {
-                        bool keygenSuccess = false;
-                        if (config.security.private_key.size == 32) {
-                            if (crypto->regeneratePublicKey(config.security.public_key.bytes,
-                                                            config.security.private_key.bytes)) {
-                                keygenSuccess = true;
-                            }
-                        } else {
-                            LOG_INFO("Generate new PKI keys");
-                            crypto->generateKeyPair(config.security.public_key.bytes, config.security.private_key.bytes);
-                            keygenSuccess = true;
-                        }
-                        if (keygenSuccess) {
-                            config.security.public_key.size = 32;
-                            config.security.private_key.size = 32;
-                            owner.public_key.size = 32;
-                            memcpy(owner.public_key.bytes, config.security.public_key.bytes, 32);
-                        }
+                    if (crypto) {
+                        crypto->ensurePkiKeys(config.security, owner);
                     }
 #endif
                     // new region is valid and we're coming from an unset region, so enable tx