Signing_Soft in dev branch - How to do?
-
Hey there,
I was thinking to add signing to my setup, but don't know how. I had a look at the SecureActuator sketch and read Anticimexs explanation a few times.
I'm going to use soft signing in my gateway (ESP8266) and my nodes. Maybe future nodes will include an atsha204.
In Anticimexs text he said to need a hmac key to use this, but in the new sketch there is none. Only the random seed pin is selected. Is the hmac not necessary anymore? But that wouldn't make sense to me as this is kind of the preshared key. I also looked in the MyConfig but didn't found anything. Would be realy nice if someone can point me to the right direction.
Another point I thought about with signing and ota updates: isn't that a little senseless? If you transfer the sketch in plain text OTA then the hmac key is visible to an attacked too. Signing the Update request is good for the security of this node, but the whole network will be kind of exposed afterwards... or am I missing something? -
Hey there,
I was thinking to add signing to my setup, but don't know how. I had a look at the SecureActuator sketch and read Anticimexs explanation a few times.
I'm going to use soft signing in my gateway (ESP8266) and my nodes. Maybe future nodes will include an atsha204.
In Anticimexs text he said to need a hmac key to use this, but in the new sketch there is none. Only the random seed pin is selected. Is the hmac not necessary anymore? But that wouldn't make sense to me as this is kind of the preshared key. I also looked in the MyConfig but didn't found anything. Would be realy nice if someone can point me to the right direction.
Another point I thought about with signing and ota updates: isn't that a little senseless? If you transfer the sketch in plain text OTA then the hmac key is visible to an attacked too. Signing the Update request is good for the security of this node, but the whole network will be kind of exposed afterwards... or am I missing something?@Anduril I'm by no means an expert on this. But I studied the signing tutorial this week, because I'm planning the same thing as you are. I think you need to define the HMAC in the MySensors config.h file.
It sounds logic to me anyway, because there you define it once. And it'll be available in all sketch and gateway nodes. Good luck and let me know if it worked.
-
@TheoL only problem is there is no config.h.
@Anticimex I checked everything again and compared to the 1.5 lib still in my download folder. There is an option#define MY_HMAC_KEYin the MyConfig.h which is not present in the version of the dev branch. Is that intended or only a mistake? -
@TheoL only problem is there is no config.h.
@Anticimex I checked everything again and compared to the 1.5 lib still in my download folder. There is an option#define MY_HMAC_KEYin the MyConfig.h which is not present in the version of the dev branch. Is that intended or only a mistake? -
On development branch, all secrets are either stored in the atsha204 or on eeprom/nonvolatile memory. They are not exposed in the sketch. The documentation is updated to reflect this. My signing forum post has a link to doxygen where this is explained. Please let me know if anything remain unclear.
-
I'm not able to get the signing to work on the ethernet gateway. The sketch is getting to big. I'll continue tomorrow.
-
Thanks a lot @Anticimex for your explanation, I tried to personalize one of my arduinos, but only got serial output of FFFFFF.... as keys for HMAC, Serial and AES. I have nothing connected to this Arduino Nano, so the seedpin should be floating. Anything I did wrong? I only activated
#define USE_SOFT_SIGNINGand nothing else. As far as I read your doxygen this should generate random key but not store them in eeprom. -
Thanks a lot @Anticimex for your explanation, I tried to personalize one of my arduinos, but only got serial output of FFFFFF.... as keys for HMAC, Serial and AES. I have nothing connected to this Arduino Nano, so the seedpin should be floating. Anything I did wrong? I only activated
#define USE_SOFT_SIGNINGand nothing else. As far as I read your doxygen this should generate random key but not store them in eeprom.@Anduril i am not sure the personolizer supports random key generation for sw signing as I consider it too predictable (I cannot as a sketch designer guarantee that you use a good seed for the rng). I suggest you fantasize together a key or generate it using some other tool when using soft signing and then store it in eeprom using the personalizer. FFFF:s looks a lot like eeprom reset values indicating nothing has been written.
-
Oh, and if you have that configuration, yes, you select not to store anything in eeprom. So naturally, the keys read out are FFFF:s as you have not stored any data.
-
@Anticimex I completely agree with you that this would not garantee a good random number. Thanks for explaining all this to me.
One point still open to me is the AES key. Is it only used for encryption (which does not give a real security in our case)? I suppose it should be also kind of pre shared key, so same value on all nodes? I don't want to enable encryption at the moment, but might be good to already write keys to all nodes in case I want to use it in future. -
@Anticimex I completely agree with you that this would not garantee a good random number. Thanks for explaining all this to me.
One point still open to me is the AES key. Is it only used for encryption (which does not give a real security in our case)? I suppose it should be also kind of pre shared key, so same value on all nodes? I don't want to enable encryption at the moment, but might be good to already write keys to all nodes in case I want to use it in future. -
@Anticimex I completely agree with you that this would not garantee a good random number. Thanks for explaining all this to me.
One point still open to me is the AES key. Is it only used for encryption (which does not give a real security in our case)? I suppose it should be also kind of pre shared key, so same value on all nodes? I don't want to enable encryption at the moment, but might be good to already write keys to all nodes in case I want to use it in future. -
@Anticimex of course they should be different. I will use my password safe to create independent and strong keys.
What length should the keys have? And how to add them in sketch? I tried with a 64 character hex key. But when adding it in as pure string or with 0x01,0x02,... the serial says all to be 0x00. -
@Anticimex of course they should be different. I will use my password safe to create independent and strong keys.
What length should the keys have? And how to add them in sketch? I tried with a 64 character hex key. But when adding it in as pure string or with 0x01,0x02,... the serial says all to be 0x00. -
@Anticimex yeah first flash the personalizer and afterwards my own sketch. But where in the personalizer.ino to add the key? I tried in line 162, but serial monitor shows only
#define MY_SOFT_HMAC_KEY 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 EEPROM configuration: SOFT_HMAC_KEY | 0000000000000000000000000000000000000000000000000000000000000000#define USER_SOFT_KEY 0xDC, 0x59, 0x84, 0xC0, 0x5E, 0xDA, 0xD3, 0x2C, 0x59, 0x12, 0xB0, 0xE3, 0x55, 0x75, 0x7C, 0x51, 0xDC, 0x59, 0x84, 0xC0, 0x5E, 0xDA, 0xD3, 0x2C, 0x59, 0x12, 0xB0, 0xE3, 0x55, 0x75, 0x7C, 0x51with this definition (only arbitrary key). Is that correct?
-
@Anticimex yeah first flash the personalizer and afterwards my own sketch. But where in the personalizer.ino to add the key? I tried in line 162, but serial monitor shows only
#define MY_SOFT_HMAC_KEY 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 EEPROM configuration: SOFT_HMAC_KEY | 0000000000000000000000000000000000000000000000000000000000000000#define USER_SOFT_KEY 0xDC, 0x59, 0x84, 0xC0, 0x5E, 0xDA, 0xD3, 0x2C, 0x59, 0x12, 0xB0, 0xE3, 0x55, 0x75, 0x7C, 0x51, 0xDC, 0x59, 0x84, 0xC0, 0x5E, 0xDA, 0xD3, 0x2C, 0x59, 0x12, 0xB0, 0xE3, 0x55, 0x75, 0x7C, 0x51with this definition (only arbitrary key). Is that correct?
-
OK i found the problem, I misunderstood something. I thought I have to add the keys to the enabling command of USER_SOFT_KEY. but there are the real keys some lines below that with correct example how to look like. Now it works and I personalized my first node. Thanks a lot @Anticimex
-
OK i found the problem, I misunderstood something. I thought I have to add the keys to the enabling command of USER_SOFT_KEY. but there are the real keys some lines below that with correct example how to look like. Now it works and I personalized my first node. Thanks a lot @Anticimex
-
@Anticimex Does this also work with a nodeMCU? I tried to personalize my ESP today and got an error:
C:\Dropbox\Projekt-Micha\Arduino Sketch\libraries\sha204\sha204_library.cpp: In constructor 'atsha204Class::atsha204Class(uint8_t)': C:\Dropbox\Projekt-Micha\Arduino Sketch\libraries\sha204\sha204_library.cpp:16:18: error: cannot convert 'volatile uint32_t* {aka volatile unsigned int*}' to 'volatile uint8_t* {aka volatile unsigned char*}' in assignment device_port_DDR = portModeRegister(port); ^ C:\Dropbox\Projekt-Micha\Arduino Sketch\libraries\sha204\sha204_library.cpp:18:18: error: cannot convert 'volatile uint32_t* {aka volatile unsigned int*}' to 'volatile uint8_t* {aka volatile unsigned char*}' in assignment device_port_OUT = portOutputRegister(port); ^ C:\Dropbox\Projekt-Micha\Arduino Sketch\libraries\sha204\sha204_library.cpp:20:17: error: cannot convert 'volatile uint32_t* {aka volatile unsigned int*}' to 'volatile uint8_t* {aka volatile unsigned char*}' in assignment device_port_IN = portInputRegister(port); ^ Bibliothek sha204 im Ordner: C:\Dropbox\Projekt-Micha\Arduino Sketch\libraries\sha204 (legacy) wird verwendet Bibliothek MySensors in Version 2.0.0-beta im Ordner: C:\Dropbox\Projekt-Micha\Arduino Sketch\libraries\MySensors wird verwendet Bibliothek EEPROM in Version 1.0 im Ordner: C:\Users\Mat\AppData\Local\Arduino15\packages\esp8266\hardware\esp8266\2.1.0\libraries\EEPROM wird verwendet exit status 1 Fehler beim Kompilieren. -
@Anticimex Does this also work with a nodeMCU? I tried to personalize my ESP today and got an error:
C:\Dropbox\Projekt-Micha\Arduino Sketch\libraries\sha204\sha204_library.cpp: In constructor 'atsha204Class::atsha204Class(uint8_t)': C:\Dropbox\Projekt-Micha\Arduino Sketch\libraries\sha204\sha204_library.cpp:16:18: error: cannot convert 'volatile uint32_t* {aka volatile unsigned int*}' to 'volatile uint8_t* {aka volatile unsigned char*}' in assignment device_port_DDR = portModeRegister(port); ^ C:\Dropbox\Projekt-Micha\Arduino Sketch\libraries\sha204\sha204_library.cpp:18:18: error: cannot convert 'volatile uint32_t* {aka volatile unsigned int*}' to 'volatile uint8_t* {aka volatile unsigned char*}' in assignment device_port_OUT = portOutputRegister(port); ^ C:\Dropbox\Projekt-Micha\Arduino Sketch\libraries\sha204\sha204_library.cpp:20:17: error: cannot convert 'volatile uint32_t* {aka volatile unsigned int*}' to 'volatile uint8_t* {aka volatile unsigned char*}' in assignment device_port_IN = portInputRegister(port); ^ Bibliothek sha204 im Ordner: C:\Dropbox\Projekt-Micha\Arduino Sketch\libraries\sha204 (legacy) wird verwendet Bibliothek MySensors in Version 2.0.0-beta im Ordner: C:\Dropbox\Projekt-Micha\Arduino Sketch\libraries\MySensors wird verwendet Bibliothek EEPROM in Version 1.0 im Ordner: C:\Users\Mat\AppData\Local\Arduino15\packages\esp8266\hardware\esp8266\2.1.0\libraries\EEPROM wird verwendet exit status 1 Fehler beim Kompilieren.@Anduril that's an error from the atsha driver. It is not adapted for "exotic" architectures. I recommend soft signing (or that you create a or with necessary adjustments that are backwards compatible with the Arduino boards currently in use).
