This feature makes it possible to implement end-to-end encryption between the end-device and end-application. On OTAA join, the join-server will provide Chirpstack with the encrypted
AppSKey, which will be forwarded on every uplink to the end-application (integration events). The end-application then first decrypts the
AppSKey with the KEK key shared between the JS and end-application, and then uses the decrypted
AppSKey to decrypt the application payload.
On enqueue downlink, the end-application encrypts the application payload before enqueue. As well, it must set the
is_encrypted fields such that ChirpStack knows that the payload is already encrypted and which downlink frame-counter was used during the encryption of the payload.
Note: This feature requires an external join-server.
chirpstack_integration crate can be used to build external integrations using the Redis Streams that are exposed by ChirpStack. An example implementation is the ChirpStack Pulsar Integration.
This adds tags (like already can be found on device-profiles and devices) to tenants and applications. Note that the integration events will contain the aggregation of application + device-profile + device tags. Integration events will not contain the tenant tags.
This makes it possible to configure a JoinEUI prefix when configuring a join-server, to forward a range of JoinEUI to a single join-server without the need to add multiple join-server configuration blocks. As well, this makes it possible to configure a ‘catch-all’ join-server, using a JoinEUI prefix that would match all JoinEUIs.
This moves some of the API:
If you are using these messages in your application, then you might need to update the import paths when updating the API SDK.
As well, this adds a new Redis Stream exposing the Backend Interfaces requests and responses (Passive Roaming + Join Server).
skip_f_cntand device variables to ADR plugins.
- Reset uplink ADR history table in case of DR / TxPower / NbTrans change.
- Do not fail in case of corrupted mac-commands.
- Use region default RX2 frequency if device-session RX2 frequency == 0.
- Make it explicit that TX Power is in EIRP + update region configuration from ERP to EIRP.
- Refactor device-lock /
- Ignore unknown JSON fields when decoding JSON to API structures in Rust.
ns_timeto the gateway rx-info struct.
- Speed up API authorization validation queries (SQL).
- Improve log output (better log messages + adding better correlation identifiers to each message).
LoraModulationInfo(this is not used
by ChirpStack, but it can be used by applications directly interacting with
nullfields in Backend Interfaces JSON output. (#316)
- Reduce dependencies for AWS SNS integration by replacing
aws-sign-v4+ REST call.
- Make device metric name optional. (#313)
- Get all device-data in a single query to improve performance.
- Debian package: Fix
postinstto only run on install. (#295)
- Fix setting initial tags in tenant form (UI).
- Use unbounded MQTT client channels / fix dropping MQTT messages under high load.
- Add misspelled
ResultCodein Backend Interfaces (this is a typo in the specifications). (#317)
- Reload device on change event. (#319)
testing channel instead of
sudo echo "deb https://artifacts.chirpstack.io/packages/4.x/deb testing main" | sudo tee /etc/apt/sources.list.d/chirpstack.list
chirpstack/chirpstack:4.6.0-test.3 image and tag.