search

zwave-js / node-red-contrib-zwave-js

The most powerful, high performing and highly polished Z-Wave node for Node-RED based on Z-Wave JS. If you want a fully featured Z-Wave framework in your Node-RED instance, you have found it.
MIT License
47 stars 6 forks source link

[Feature]: Storage of encryption keys #264

Open ReziioAdmin opened 1 year ago

ReziioAdmin commented 1 year ago

What is your idea?

I have had a few issues where I have copied a template set of updated NR flows onto an existing NR installation and the Zwave encryption keys were overwritten with the flows update. This meant that all secure Zwave devices had to be reset and re-joined to the controller.

It would be really useful if the encryption keys were stored in a separate file somewhere in the base Node-Red directory. This way the integrity of the Zwave controller can be maintained regardless of the NR flows file.

Version

8.0

Node-RED Version

3.02

What hardware are you using?

Raspberry Pi

Any code to add?

No response

marcus-j-davies commented 1 year ago

Hi @ReziioAdmin

The configuration data is managed by Node RED - So to store data in a separate file, will require the core of Node RED to do so, responsibility of storing the config values is deep within in Node RED - not the nodes in your low.

The config values (this includes encryption keys) are stored within the flows file as you know - and this is Node RED doing that.

However, All is not lost: I am working on V9 - and V9 is a huge refactor to the software.

With V9 I am planning on marking the keys as credentials and Node RED manages these differently. I am in hope when V9 reaches the public next year, this sort of persistence will be built in.

The separate file may relate to a different set of nodes if importing - but it should be a lot easier to recovery the values if importing new flows (that has different ID's compared to what the creds file is tying to match) - i'm just not sure how Node RED allocates the creds to the correct nodes, and if it depends on some matching Node ID (which is an internal identifier Node RED uses)

It may also be worth nothing, V9 will start to use config nodes - so if you only import the visible flow portion, then the config nodes won't be overwritten.

See here for V9 disucssions https://github.com/zwave-js/node-red-contrib-zwave-js/discussions/259

And here for the Credential API - I am hoping will resolve this. https://nodered.org/docs/creating-nodes/credentials