Added Pymesh secret key param in initializer

content/firmwareapi/micropython/ucrypto.md

@@ -22,9 +22,7 @@ According to the **ESP32 Technical Reference Manual**, such bits "... can be use
 
 The parameter `bits` is rounded upwards to the nearest multiple of 32 bits.
 
-{{% hint style="danger" %}}
-Cryptography is not a trivial business. Doing things the wrong way could quickly result in decreased or no security. Please document yourself in the subject if you are depending on encryption to secure important information.
-{{% /hint %}}
+{{% hint style="danger" %}}Cryptography is not a trivial business. Doing things the wrong way could quickly result in decreased or no security. Please document yourself in the subject if you are depending on encryption to secure important information. {{% /hint %}}
 
 #### crypto.generate\_rsa\_signature(message, private_key, \*, pers="esp32-tls")
 
@@ -46,3 +44,61 @@ pk = f.read()
 # Generate the signature
 signature = crypto.generate_rsa_signature(header_payload, pk, pers="my_pers_string")
 ```
+
+#### crypto.rsa_encrypt\(message, public_key)
+
+Encrypts the `message` with the `public_key` of the recipient, so it will be decrypted only by the real destination.
+
+The `message` is Bytes object.
+
+The `public_key` is RSA 2048bits, it is the content of the key file (not the path to it) and it needs to be in PKCS8 format. An `openssl` example of how this key was generated is bellow.
+
+Returns the Bytes object containing the encrypted message.
+
+The usage example is at the method `crypto.rsa_decrypt()`.
+
+#### crypto.rsa_decrypt\(message, private_key)
+
+Decrypts the `message` with the `private_key`.
+
+The `message` is Bytes object.
+
+The `private_key` is RSA 2048bits, it is the content of the key file (not the path to it) and it needs to be in PKCS8 format. An `openssl` example of how this key was generated is bellow.
+
+Returns the Bytes object containing the decrypted message.
+
+```python
+# generating the public-private keys pair in a single PEM file
+$ openssl genrsa -des3 -out private.pem 2048
+# export the RSA public key to a file
+$ openssl rsa -in private.pem -outform PEM -pubout -out public.pem
+# export the RSA private key to a file
+$ openssl rsa -in private.pem -out private_unencrypted.pem -outform PEM
+
+# Example of message
+message = "this is a secret message, it needs to be encrypted"
+
+# read the key from file
+f = open("cert/public.pem")
+pk = f.read()
+f.close()
+
+# Encrypt the message
+message_encrypted = crypto.rsa_encrypt(payload, pk)
+
+# adding a SHA checksum (`uhashlib.sha()`) is encouraged,
+# so when message is decrypted consistency can be checked
+
+# ... next send the message_encrypted on the network (LoRa, Wifi, BLE, Cellular)
+
+# on the receiver try to decrypt
+
+# read the key from file
+f = open("cert/private_unencrypted.pem")
+pub = f.read()
+f.close()
+
+message_decrypted = crypto.rsa_decrypt(message_encrypted, pub)
+# additionally, the consistency should be checked (usage of `uhashlib.sha()``)
+# as the message could have been altered (attacker, network issues)
+```

content/firmwareapi/pycom/network/lora/pymesh.md

@@ -37,15 +37,26 @@ For various other complete Pymesh examples, check Tutorials & Examples section (
 
 ## Constructors
 
-#### class network.LoRa.Mesh()
+#### class network.LoRa.Mesh(*, key=masterkey)
 
 Create and configure the Mesh object.
 
-```python
+By default, the key is `0134C0DE1AB51234C0DE1AB5CA1A110F`.
 
+The current Master key can be found using: `print("Masterkey:", pymesh.cli("masterkey"))`.
+
+```python
+import ubinascii
 from network import LoRa
+
 lora = LoRa(mode=LoRa.LORAWAN, region=LoRa.EU868)
+masterkey = ubinascii.unhexlify("112233")
+mesh = lora.Mesh(key=masterkey)
 pymesh = lora.Mesh()
+
+# as test, the Masterkey can be printed
+>>> print("Masterkey:", mesh.cli("masterkey"))
+Masterkey: 11223300000000000000000000000000
 ```
 
 ## Methods

content/pymesh/security.md

@@ -24,7 +24,7 @@ This encryption can be used even for communicating between Nodes that are not in
 
 The challenge is in distributing the keys used for encryption(decryption), this is
 
-![](../../.gitbook/assets/pymesh_security.png)
+<img src="/gitbook/assets/pymesh/security.png" alt="Pymesh Security" width="400"/>
 
 ### Symmetric encryption