Signing ATSHA Key?
-
No Prob, i hate phone typing too :-)
I know it is possible to mix hard and soft. In my way i want to use hand signing only on my new nodes . . . i will not change all nodes yet.
If i understood you right i have to generate the Key on my node (Lock Data is optional / i dont want to do that).
Now i have a HARD Signing node, but Sign failed. So in my opinion i have to generate a Key on my GW too?! Right? Use this points, this the Random Key if i generate before?:
If you do not have the ATSHA204A device and need to generate random keys:
Enable USE_SOFT_SIGNINGIf you want to review existing EEPROM configuration to determine if anything needs to be updated:
Make sure to disable any ATSHA204A update features if you use it (enable SKIP_KEY_STORAGE, disable LOCK_CONFIGURATION and LOCK_DATA)
Disable STORE_SOFT_KEY
Disable STORE_SOFT_SERIAL
Disable STORE_AES_KEYAfter this, it it possible to communicate with the "old" Soft_Signing Nodes?
-
No Prob, i hate phone typing too :-)
I know it is possible to mix hard and soft. In my way i want to use hand signing only on my new nodes . . . i will not change all nodes yet.
If i understood you right i have to generate the Key on my node (Lock Data is optional / i dont want to do that).
Now i have a HARD Signing node, but Sign failed. So in my opinion i have to generate a Key on my GW too?! Right? Use this points, this the Random Key if i generate before?:
If you do not have the ATSHA204A device and need to generate random keys:
Enable USE_SOFT_SIGNINGIf you want to review existing EEPROM configuration to determine if anything needs to be updated:
Make sure to disable any ATSHA204A update features if you use it (enable SKIP_KEY_STORAGE, disable LOCK_CONFIGURATION and LOCK_DATA)
Disable STORE_SOFT_KEY
Disable STORE_SOFT_SERIAL
Disable STORE_AES_KEYAfter this, it it possible to communicate with the "old" Soft_Signing Nodes?
@Takero Firstly, using debug for signing is a must to understand what's going on.
In order to have signing you must have the same key on a node and the GW. For the first time, you can generate it, but later you have to put it in the sketch and use with every node or GW.
If you do not have it on your GW signing will fail!!! -
After you generated the keys and did your first node, do the following for soft signing:
Enable USE_SOFT_SIGNING
Enable LOCK_CONFIGURATION
Enable STORE_SOFT_KEY - must be the same
Enable STORE_SOFT_SERIAL - must be individual for each node/GW
Enable STORE_AES_KEY - must be the sameBelow the options above you have to insert your keys.
EDIT: just corrected what you should enable
-
Thanks! Now i am on the right way :-D
Finaly i'f got a HMAC_KEY.
On my Soft_Signing GW i have to enable USE_SOFT_SIGNING and STORE_SOFT_KEY (with the HMAC_KEY) and run the SercurePersonalizer.ino on my GW? Right?
-
ATSHA204A and soft signing are very similar in the sketch. You have to enable/disable corresponding options
-
Works :+1:
-
I'd like to ask a follow up question to this old topic:
I have been able to create a set of keys using my GW on a Moteino (16MHz).
Now I'd like to program the keys into a some nodes. A few of these are running a bare 328p at 1MHz as a battery sensor, but a baudrate of 115k is a bit high. I only get garbage in the serial window, so no checking if the keys are stored properly.
Wouldn't it be wise to lower the baudrate of that sketch to be able to accomodate slow battery sensors. I have looked to try to do it myself, but was unable to find where. -
I'd like to ask a follow up question to this old topic:
I have been able to create a set of keys using my GW on a Moteino (16MHz).
Now I'd like to program the keys into a some nodes. A few of these are running a bare 328p at 1MHz as a battery sensor, but a baudrate of 115k is a bit high. I only get garbage in the serial window, so no checking if the keys are stored properly.
Wouldn't it be wise to lower the baudrate of that sketch to be able to accomodate slow battery sensors. I have looked to try to do it myself, but was unable to find where. -
I had already tried that (I just did again, to be absolutely certain) but even at 4800 I still get garbage. I know 9600 baud works because of a test I had running before I tried the personalization sketch. I added the
#define MY_BAUD_RATE 4800before the inclusion of the MySensors.h file. -
I had already tried that (I just did again, to be absolutely certain) but even at 4800 I still get garbage. I know 9600 baud works because of a test I had running before I tried the personalization sketch. I added the
#define MY_BAUD_RATE 4800before the inclusion of the MySensors.h file. -
Thanks a bunch! That did it! I always forget to use the "find" when I'm doing things like this. And the
serial.beginwas in line 881, I didn't expect it to be that far down.
