SIGNING issues with ACK on 2.3.1



  • Hi,

    I have quite a MySensor network running, but all with old software. Now, in preparation to do software upgrades, I have a small test setup here with one gateway and one test node and this signing now gives me some headaches.

    (beside bugs with presentation(x,x,true) and the store_xx_key_data in SecurityPersonalizer befing inconsistent between declaration and implementation)

    So, here is this setup.

    1. GW on ESP8266 with NRF24L01+
      Personalized with HMAC, AES and Serial not used.
    #define MY_SIGNING_SOFT
    #define MY_SIGNING_REQUEST_SIGNATURES
    

    This is the output after boot:

    51 SGN:PER:OK
    53 SGN:INI:BND OK
    55 TSF:LRT:OK
    56 TSM:INIT
    57 TSF:WUR:MS=0
    64 TSM:INIT:TSP OK
    66 TSM:INIT:GW MODE
    68 TSM:READY:ID=0,PAR=0,DIS=0
    70 MCO:REG:NOT NEEDED
    scandone
    78 TSM:READY:NWD REQ
    81 SGN:SGN:NREQ=255
    111 TSF:MSG:SEND,0-0-255-255,s=255,c=3,t=20,pt=0,l=0,sg=0,ft=0,st=OK:
    
    scandone
    state: 0 -> 2 (b0)
    state: 2 -> 3 (0)
    state: 3 -> 5 (10)
    add 0
    aid 1
    cnt
    
    connected with MSHOME, channel 6
    dhcp client start...
    578 GWT:TPC:CONNECTING...
    1080 GWT:TPC:CONNECTING...
    1582 GWT:TPC:CONNECTING...
    2084 GWT:TPC:CONNECTING...
    2586 GWT:TPC:CONNECTING...
    ip:192.168.0.209,mask:255.255.255.0,gw:192.168.0.1
    3088 GWT:TPC:CONNECTING...
    3090 GWT:TPC:IP=192.168.0.209
    3093 MCO:BGN:STP
    3095 MCO:BGN:INIT OK,TSP=1
    3097 GWT:TPC:IP=192.168.0.209
    3100 GWT:RMQ:MQTT RECONNECT
    3116 GWT:RMQ:MQTT CONNECTED
    3119 GWT:TPS:TOPIC=sensorgw3/0/255/0/0/18,MSG SENT
    3124 GWT:TPS:TOPIC=sensorgw3/0/255/3/0/11,MSG SENT
    3129 GWT:TPS:TOPIC=sensorgw3/0/255/3/0/12,MSG SENT
    3134 GWT:TPS:TOPIC=sensorgw3/0/10/0/0/20,MSG SENT
    pm open,type:2 0
    

    Now starting a test node (Testnode example) with same HMAC personalized and signing request configured, the gateway throws this out:

    171436 TSF:MSG:READ,11-11-0,s=1,c=3,t=16,pt=0,l=0,sg=1:
    171441 SGN:SKP:MSG CMD=3,TYPE=16
    171445 SGN:SKP:MSG CMD=3,TYPE=17
    171449 TSF:MSG:SEND,0-0-11-11,s=255,c=3,t=17,pt=6,l=25,sg=1,ft=0,st=OK:<NONCE>
    171456 SGN:NCE:XMT,TO=0
    171500 TSF:MSG:READ,11-11-0,s=1,c=1,t=0,pt=7,l=5,sg=1:27.60
    171505 SGN:BND:NONCE=F3E1CCE7E2378EF0EA2F68918358CA79EE390857981324F47EAAAAAAAAAAAAAA
    171514 SGN:BND:HMAC=289313013D106B2F1645B73284843953F80D23E663C37906BCD4D433339CA760
    171521 SGN:VER:OK
    171523 TSF:MSG:ACK REQ
    171525 SGN:SKP:ACK CMD=1,TYPE=0
    171556 !TSF:MSG:SEND,0-0-11-11,s=1,c=1,t=0,pt=7,l=5,sg=0,ft=0,st=NACK:27.60
    171563 GWT:TPS:TOPIC=sensorgw3/11/1/1/0/0,MSG SENT
    181770 TSF:MSG:READ,11-11-0,s=1,c=3,t=16,pt=0,l=0,sg=1:
    181775 SGN:SKP:MSG CMD=3,TYPE=16
    181779 SGN:SKP:MSG CMD=3,TYPE=17
    181783 TSF:MSG:SEND,0-0-11-11,s=255,c=3,t=17,pt=6,l=25,sg=1,ft=0,st=OK:<NONCE>
    181790 SGN:NCE:XMT,TO=0
    181834 TSF:MSG:READ,11-11-0,s=1,c=1,t=0,pt=7,l=5,sg=1:27.30
    181839 SGN:BND:NONCE=4ABD55D7A58D5C496030C98FDDE3307FF6C2EBEFAF4BADE133AAAAAAAAAAAAAA
    181848 SGN:BND:HMAC=880BE3BE6DFF6B64BC451C9E186C112A940F825A48272EEB8AD585F0A21C61BD
    181855 SGN:VER:OK
    181857 TSF:MSG:ACK REQ
    181859 SGN:SKP:ACK CMD=1,TYPE=0
    181890 !TSF:MSG:SEND,0-0-11-11,s=1,c=1,t=0,pt=7,l=5,sg=0,ft=0,st=NACK:27.30
    181897 GWT:TPS:TOPIC=sensorgw3/11/1/1/0/0,MSG SENT
    

    So, messages from the node arrive, are verified, forwarded via MQTT but the ACK is never sent back. Signer says, ACKs are not signed (SGN:SKP:ACK), but why is it then not sent plain text?

    Am I missing something here?


 

195
Online

8.6k
Users

9.4k
Topics

99.0k
Posts