[Solved] Soft signing issue



  • Hello,

    I followed the signing post to enable soft signing between a serial gateway and one temperature node.

    I first started by simply enabling MY_SIGNING_FEATUREand changing MY_HMAC_KEYin config.h. The result seems working correctly (I saw nonce and sign messages in MYSController).

    I then try to set a soft_serialto the gateway using the example giving in the signing post:

    // Change the soft_serial value to an arbitrary value for proper security
    uint8_t soft_serial[SHA204_SERIAL_SZ] = {0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09};
    MySigningAtsha204Soft signer(true, soft_serial);  // Select SW ATSHA signing backend
    

    I got the following compilation error:

    SerialGateway:54: error: invalid conversion from 'uint8_t* {aka unsigned char*}' to 'uint8_t {aka unsigned char}' [-fpermissive]
    In file included from SerialGateway.ino:34:0:
    /Users/carlierd/Arduino/libraries/MySensors/MySigningAtsha204Soft.h:57:2: error:   initializing argument 2 of 'MySigningAtsha204Soft::MySigningAtsha204Soft(bool, uint8_t)' [-fpermissive]
      MySigningAtsha204Soft(bool requestSignatures=true,
      ^
    invalid conversion from 'uint8_t* {aka unsigned char*}' to 'uint8_t {aka unsigned char}' [-fpermissive]
    

    If I add a '*' before soft_serial in MySigningAtsha204Soft signer(true, *soft_serial); it's compiling correctly.

    Why ? And is it correct with the '*' in the constructor ?

    Thanks,

    David.

    P.S.: For the moment I don't use the whitlist (I do step-by-step).



  • I tried to use the signer constructor with the '*' : MySigningAtsha204Soft signer(true, *soft_serial)but it's not working. I need to use the ClearEepromConfig sketch to clean both gateway and node.

    No it's working but without the soft_serial function ...


  • Contest Winner

    You are not supposed to provide a soft_serial without using whitelisting. The argument you pass is directed to the randomseedPin for the software backend. It is optional to pass and if not passed, will default to MY_RANDOMSEED_PIN.
    So simply don't enter and pass a soft_serial if you do not intend to use whitelisting and it should work.
    You can see the software backends API here:
    https://github.com/mysensors/Arduino/blob/master/libraries/MySensors/MySigningAtsha204Soft.h



  • Ok ! It's clear !

    So I enable MY_SECURE_NODE_WHITELISTING in MyConfig.h.

    I tried to compile the following code from your intial post:

    MyTransportRFM69 transport;
    uint8_t soft_serial[SHA204_SERIAL_SZ] = {bla bla bla};
    MySigningAtsha204Soft signer(true, 0, NULL, soft_serial);
    

    I got the following error:

    In file included from SerialGateway.ino:34:0:
    /Users/carlierd/Arduino/libraries/MySensors/MySigningAtsha204.h:40:3: error: conflicting declaration 'typedef struct whitelist_entry_t whitelist_entry_t'
     } whitelist_entry_t;
       ^
    In file included from SerialGateway.ino:33:0:
    /Users/carlierd/Arduino/libraries/MySensors/MySigningAtsha204Soft.h:44:3: error: 'whitelist_entry_t' has a previous declaration as 'typedef struct whitelist_entry_t whitelist_entry_t'
     } whitelist_entry_t;
       ^
    Erreur lors de la compilation.
    

    I don't want to have a whitelist on the gateway. I think it's correct ?

    Thanks !


  • Contest Winner

    @carlierd if you don't want whitelisting I suggest you don't enable MY_SECURE_NODE_WHITELISTING and don't use the arguments for whitelisting. See the github link I posted for details on how the api changes based on the MY_SECURE_NODE_WHITELISTING flag.



  • It's probably not clear for me.

    I understood that the whitelisting could be enable on node to only accept data from trust gateway (identified by the soft_serial).
    So:

    • I set a soft_serial on the gateway and give a null withelist as I don't want to recompile the gateway for adding soft_serial of a new node.
    • I will set a soft_serial on the node and give a whitelist with the soft_serial of the gateway.

    I misunderstood ?


  • Contest Winner

    @carlierd if you have not compiled your gw with whitelisting and given it a serial number, it will not salt the signature with that data, and signature will therefore not contain the necessary components for you node to identify your gw as a trusted sender, so if you want to use whitelisting, all nodes involved need to support this. I do believe this was stated on my topic on signatures but if it is missing, I will add that.


  • Contest Winner

    @carlierd that said, your understanding is correct. But you have to supply the proper constructor arguments.



  • I tried to compile the gw with the following code but it failed:

    MyTransportRFM69 transport;
    uint8_t soft_serial[SHA204_SERIAL_SZ] = {bla bla bla};
    MySigningAtsha204Soft signer(true, 0, NULL, soft_serial);
    

    It's not good ? What is wrong ?


  • Contest Winner

    @carlierd from the errors you listed above, it looks like you include two signing backends. Try only including the soft signing backend header since the backends declare conflicting whitelist structure types. They cannot be used simultaneously in the same sketch.



  • So simple as soon as you give me the answer 😉

    Thanks a lot !


  • Contest Winner

    @carlierd no problem. I am on a phone so it is difficult to read the code formatting ok a small screen so I did not see the complete error message until now. Good to hear that it works now! 🙂



  • Thanks to take time ! Especially on your phone 🙂


Log in to reply
 

Suggested Topics

15
Online

11.2k
Users

11.1k
Topics

112.5k
Posts