Sensebender Micro
-
What is the easiest and fastest way to sign and verify? I don't have a gateway set up quite yet.
(And, is any part of setting this up dependent on serial integrity? If so I might have to adjust baud quite a bit) -
Yes, you have to personalize it. What is failing? I don't have an Uno myself, but according to Jenkins the personalizer compiles ok for Uno on both master and development. You don't have any local changes?
-
The personalization fails to compile for my sensebender micro. There's a few undeclared:
Personalizer:225: error: 'EEPROM_SIGNING_SOFT_HMAC_KEY_ADDRESS' was not declared in this scope
Personalizer:225: error: 'hwReadConfigBlock' was not declared in this scope
Personalizer:236: error: 'EEPROM_SIGNING_SOFT_SERIAL_ADDRESS' was not declared in this scope
Personalizer:247: error: 'EEPROM_RF_ENCRYPTION_AES_KEY_ADDRESS' was not declared in this scope
Personalizer:697: error: 'hwMillis' was not declared in this scopeI'm trying to compile this against master however. Do I have to have dev branch to compile that sketch?
-
@ximinez and you are certain you have no local changes to the code? Jenkins builds both master and development branches every night for both the SenseBender and the uno and it builds all examples, including the personalizer without issues.
-
If memory serves me, some of the errors you get seem to originate from code on development branch. The eeprom addresses are to my knowledge not yet available on master.
-
Ok, moved from master to dev. Sketch compiled. Not quite the output I expected however.
EEPROM configuration:
SOFT_HMAC_KEY | FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
SOFT_SERIAL | FFFFFFFFFFFFFFFFFF
AES_KEY | FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF -
Ok, moved from master to dev. Sketch compiled. Not quite the output I expected however.
EEPROM configuration:
SOFT_HMAC_KEY | FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
SOFT_SERIAL | FFFFFFFFFFFFFFFFFF
AES_KEY | FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF@ximinez it is the output I expected. You have gone for soft signing, and you see the reset values of the eeprom. You need to pick atsha settings. The link I gave you gives the exact settings to personalize both for software and atsha backends.
-
:thumbsup:
I'm rusty on the gateways. But on development branch, configuring signing is easier than on master branch. My link gives the details on signing configuration for both nodes and gateways with examples. -
Yeah, I'm struggling a bit with those instructions. I've set up my gateway with soft signing, and got sane values written to EEPROM.
Now, do I need any of the three values to personalize the sensebender?
SOFT_HMAC_KEY?@ximinez the SenseBender you have patched/cut needs atsha personalization, so no SOFT anything. But you need to have the same hmac key stored on the atsha on the SenseBender as you have picked as soft hmac key in eeprom of your gateway (the node you have personalized for soft signing).
Do you feel secure today? No? Start requiring some signatures and feel better tomorrow ;)
-
@ximinez the SenseBender you have patched/cut needs atsha personalization, so no SOFT anything. But you need to have the same hmac key stored on the atsha on the SenseBender as you have picked as soft hmac key in eeprom of your gateway (the node you have personalized for soft signing).
-
@Anticimex Yeah, that's what I asked ;)
I get:
Writing key to slot 0...
Data lock failed. Response: D3 -
Writing key to slot 0...
Data not locked. Define LOCK_DATA to lock for real.Personalization is now complete.
Configuration is LOCKED
Data is UNLOCKED@ximinez looks good. You should be done with personalization. Remember to require signatures from the SenseBender in addition to "enabling" it. You can also require signature on the GW, thus forcing all communications between them to be signed. The serial console will reveal how it goes. You can enable verbose debug (MY_DEBUG_VERBOSE_SIGNING) for the signing if you want more details on the signing parts.
-
I have the sensor sketch mostly done, but I'll have to do some soldering again tomorrow. It looks like D7 got burnt when I plugged in my ESP8266, giving ~0,5v out on that pin. Will have to work around that:
Sôártinç óensor (RÎONA-, 2.0.0-beta)
Raäio init æáiìåd. Ãèeck wiring.When that is OK, I'll look at the GW sketch.
-
I have the sensor sketch mostly done, but I'll have to do some soldering again tomorrow. It looks like D7 got burnt when I plugged in my ESP8266, giving ~0,5v out on that pin. Will have to work around that:
Sôártinç óensor (RÎONA-, 2.0.0-beta)
Raäio init æáiìåd. Ãèeck wiring.When that is OK, I'll look at the GW sketch.
Sounds good. Bedtime here too.
