Hello everyone,
for getting correct information from payload, I need to do decryption with AES in JS. However, it seems that I could not direcktly import library from js. So, does someone know how to do it?
Thank you very much!
The TTN decoders are a convenience feature that can do simple decoding. A script can run for a very limited time and with limited facilities. The kind of thing you want should be done on your on server(s), not on shared infrastructure.
You can not import those libraries on TTN.
Something else:
LoRaWAN already encrypts the payload. If you use only the default LoRaWAN encryption TTN will decrypt the data for you. If you need to use additional AES encryption for data safety you should not be decrypting the data in TTN anyway because that will compromise the additional security.
Thank you for you reply.
The uplink, which I received from TTN, is correct but it is also encrypted by AES 128 from sencor. So, I need to decrypt this uplink and get information. In this situation, I could only decrypt this uplink in my own server, right?
Best wishes.
If there is additional encryption added to the standard LoRaWAN encryption you will need to decrypt on your own server. It would take too many resources on the shared TTN servers.
Hello, may I ask a further question concerning that topic?
I am using a LoraWAN Gateway to send data from a senor to TTN and to another device where I want to store the data. The packets that are being send are the same (the payload looks something like that “data”:“ABgyh3J4iIVDRMAE0H7Vs3DJROV0IOM=”).
For TTN it works perfectly fine and I receive the data just as I want but I can not manage to get the same output for the second deveice. Can you tell me how I can get the sensor data out of the payload?
Encryption is not the problem because data like the e.g. Received Signal Strength Indication is send in plain text.
What I assumed that the data is base64 encoded. So I converted the payload to Hex-data and put it in the TTN-payload-formatter, but the resulting values make no sense.
I am stuck on that now for a few days and would be very thankful for a helpful advice!
What is the device - if it’s not identical, the payload formatter is not going to know the format for this other device!
Thanks for the quick response!! The other device is just a Raspberry and the sensor is a pysense from pycom.
To be a bit more precise, the Lorawan Gateway sends the data to TTN and to the raspi. Thus the excal same payload the send to TTN and to the raspi, but I do not manage to decode the data I receive on my raspi like TTN does it. That is why I tried to understand how the data is processed by TTN and the payload formatter.
Is this a custom device?
The uplink coming out of the device on LoRaWAN is encrypted. The payload formatter is given the decrypted packet encoded as Base64.
So it depends on what your device is sending to the Pi - which I guess only you can answer.
Okay maybe I am messing things up then.
What I did is I copied the data in hex that I received on TTN-console which looks something like “17 00 7d 00 2a 00 03 12 fe 03 07 00” and from what I get data like temperature and stuff like that.
So I took the hex-data and encoded it as Base64 which give me something like “FyAAIH0gACAqIAAgAyASIP4gAyAHIAA=”.
Then I compared that with what I see what goes to TTN which looks something like “ABgyh3J4iIVDRMAE0H7Vs3DJROV0IOM=”. The exact same data is also send to my raspi. So in order to decode it and get e.g. the temperature I need to understand how to derive
“FyAAIH0gACAqIAAgAyASIP4gAyAHIAA=” out of
“ABgyh3J4iIVDRMAE0H7Vs3DJROV0IOM=”.
As I see it, it is not encrypted, because I see data like the following in the packets that is not encrypted:
“codr”:“4/5”, “lsnr”:8.8, “rssi”:-81 .
Or am I wrong here? If so I would research with what standard and what key the data is encrypted and all my problems are solved.
Many thanks for your answers and I hope I made my problem clear. I really appreciate it!!
The metadata is not encrypted, the payload is. You can not decrypt a LoRaWAN packet as received by the gateway without the keys that are in the network server (TTN in this case).
Okay I understand, thank you very much!
Sorry I have to ask again (I would be equally happy for a link with a similar discussion, I did not found one). Maybe some sees my mistake, because I do not get the correct data:
I forward the data that I receive correctly in TTN to another device.
Her I decrypt the data. I use AES128 in EBC-Mode with the AppSKey which should give the same data I receive in TTN.
(Conferring to this page https://www.thethingsnetwork.org/docs/lorawan/security I use the right and only needed key.)
Am I mistaken somewhere? If not I will challenge the implementation of my decryption-code.
Many thanks in advance!
Have you turned off decryption for the device?
From where are you forwarding the data? From TTN? From a gateway? From a node?
What data are you forwarding? The entire LoRaWAN transmission? Just the application payload?
Is the device still using the same key you got? Or has it rejoined and is there a new key?
It’s really not clear what you mean here. If the gateway log shows an uplink that says “RMAE0H7V=” and you are forwarding it to the Pi, you need to check that it’s getting “RMAE0H7V=” as well.
There are many possibilities for you to choose on the console, so it’s hard to tell if you are comparing the right Base64 information and I’m not even sure how helpful it is to do that as we don’t get to see the encrypted packets (normally).
Can you not receive the uplink via TTN using MQTT or a Webhooks on the Pi and bypass the decryption issue?
Thanks for your answers, I really appreaciate it!!
I guess it is way more easy to just use a webhook and there should not occur problems like I have right now.