Raspberry Gateway 2.1.1 + signing



  • The Gateway code on Raspberry seems to work only when signing is not used.
    Is that something known?

    In addition, I had to explicitly name the architecture and comment out one line in core/MySigningAtsha204Soft.cpp to get the debug signing output working:

    #ifdef linux
    #define __FlashStringHelper char
    // #define MY_SERIALDEVICE.print debug
    #endif

    My configure options were:
    ./configure --my-gateway=ethernet
    --soc=BCM2836
    --my-transport=nrf24
    --my-rf24-ce-pin=22
    --my-rf24-cs-pin=24
    --my-rf24-irq-pin=15
    --my-rf24-pa-level=RF24_PA_LOW
    --my-leds-err-pin=12
    --my-leds-rx-pin=16
    --my-leds-tx-pin=18
    --my-signing=software
    --my-signing-request-signatures
    --my-signing-request-gw-signatures-from-all
    --my-rf24-encryption-enabled
    --my-rf24-channel=70
    --my-debug=enable
    --my-signing-debug

    Tested with a Raspberry 1 and 2.


  • Contest Winner

    @t3chie hi, this is not known (at least to me). I don't have a rPi setup so I have not been able to verify. @marceloaqno do you know what the current status is? If I remember correctly, you tested the latest signing improvements package successfully on rPi, right?


  • Contest Winner

    @t3chie btw, the option my-signing-request-gw-signatures-from-all is obsolete. It is the default behavior now. At least if you are on latest development branch.



  • @Anticimex I am happy to test whatever you want me to do. I "think" my wiring is correct as it works when signing is not used. I can post debug output from the Gateway for both (signed and unsigned) if that helps.
    Should I give the dev branch a try?


  • Contest Winner

    @t3chie ah you are on master? That's interesting because that should work. Yes, please give the devel branch a try. Could be that full signing support for rPi never made it in the latest release.



  • @Anticimex That is different but still not working. The architecture autodetection works. The signing debug does compile, too. But when I am starting up a node the gateway reports:

    mysgw: Starting gateway...
    mysgw: Protocol version - 2.2.0-beta
    mysgw: MCO:BGN:INIT GW,CP=RNNG-SQX,VER=2.2.0-beta
    mysgw: !SGN:PER:TAMPERED
    mysgw: !SGN:INI:BND FAIL
    mysgw: TSF:LRT:OK
    mysgw: TSM:INIT
    mysgw: TSF:WUR:MS=0
    mysgw: TSM:INIT:TSP OK
    mysgw: TSM:INIT:GW MODE
    mysgw: TSM:READY:ID=0,PAR=0,DIS=0
    mysgw: MCO:REG:NOT NEEDED
    mysgw: Listening for connections on 0.0.0.0:5003
    mysgw: MCO:BGN:STP
    mysgw: MCO:BGN:INIT OK,TSP=1
    mysgw: TSF:MSG:READ,118-205-14,s=1,c=2,t=118,pt=6,l=0,sg=1:
    mysgw: TSF:MSG:REL MSG
    mysgw: !TSF:RTE:14 UNKNOWN
    mysgw: SGN:SGN:118!=0 NUS
    mysgw: !TSF:MSG:SEND,118-0-14-14,s=1,c=2,t=118,pt=6,l=0,sg=1,ft=0,st=NACK:
    mysgw: TSF:MSG:READ,138-29-188,s=181,c=6,t=66,pt=5,l=16,sg=0:3636023473
    mysgw: TSF:MSG:REL MSG
    mysgw: !TSF:RTE:188 UNKNOWN
    mysgw: SGN:SGN:138!=0 NUS
    mysgw: !TSF:MSG:SEND,138-0-188-188,s=181,c=6,t=66,pt=5,l=16,sg=0,ft=0,st=NACK:3636023473
    mysgw: TSF:MSG:READ,184-237-134,s=214,c=0,t=229,pt=6,l=13,sg=1:5A403EDF050D2265DF00000000
    mysgw: !TSF:MSG:PVER,3=2
    mysgw: TSF:MSG:READ,233-187-65,s=93,c=1,t=52,pt=1,l=1,sg=1:222
    mysgw: !TSF:MSG:PVER,1=2
    mysgw: TSF:MSG:READ,177-160-211,s=159,c=6,t=135,pt=4,l=11,sg=1:-2047481336
    mysgw: !TSF:MSG:PVER,0=2
    mysgw: TSF:MSG:READ,166-111-53,s=187,c=3,t=196,pt=5,l=9,sg=0:204581490
    mysgw: TSF:MSG:REL MSG
    mysgw: !TSF:RTE:53 UNKNOWN
    mysgw: SGN:SGN:166!=0 NUS
    mysgw: !TSF:MSG:SEND,166-0-53-53,s=187,c=3,t=196,pt=5,l=9,sg=0,ft=0,st=NACK:204581490

    The only node on that radio channel is ID 100 and if I disable signing, the same setup is reporting:

    mysgw: Starting gateway...
    mysgw: Protocol version - 2.2.0-beta
    mysgw: MCO:BGN:INIT GW,CP=RNNG--Q-,VER=2.2.0-beta
    mysgw: TSF:LRT:OK
    mysgw: TSM:INIT
    mysgw: TSF:WUR:MS=0
    mysgw: TSM:INIT:TSP OK
    mysgw: TSM:INIT:GW MODE
    mysgw: TSM:READY:ID=0,PAR=0,DIS=0
    mysgw: MCO:REG:NOT NEEDED
    mysgw: Listening for connections on 0.0.0.0:5003
    mysgw: MCO:BGN:STP
    mysgw: MCO:BGN:INIT OK,TSP=1
    mysgw: TSF:MSG:READ,100-100-255,s=255,c=3,t=7,pt=0,l=0,sg=0:
    mysgw: TSF:MSG:BC
    mysgw: TSF:MSG:FPAR REQ,ID=100
    mysgw: TSF:CKU:OK,FCTRL
    mysgw: TSF:MSG:GWL OK
    mysgw: TSF:MSG:SEND,0-0-100-100,s=255,c=3,t=8,pt=1,l=1,sg=0,ft=0,st=OK:0
    mysgw: TSF:MSG:READ,100-100-0,s=255,c=3,t=24,pt=1,l=1,sg=0:1
    mysgw: TSF:MSG:PINGED,ID=100,HP=1
    mysgw: TSF:MSG:SEND,0-0-100-100,s=255,c=3,t=25,pt=1,l=1,sg=0,ft=0,st=OK:1
    mysgw: TSF:MSG:READ,100-100-0,s=255,c=3,t=15,pt=6,l=2,sg=0:0101
    mysgw: TSF:MSG:SEND,0-0-100-100,s=255,c=3,t=15,pt=6,l=2,sg=0,ft=0,st=OK:0100
    mysgw: TSF:MSG:READ,100-100-0,s=255,c=0,t=17,pt=0,l=5,sg=0:2.1.1
    mysgw: TSF:MSG:READ,100-100-0,s=255,c=3,t=6,pt=1,l=1,sg=0:0
    mysgw: TSF:MSG:READ,100-100-0,s=255,c=3,t=11,pt=0,l=13,sg=0:Motion Sensor
    mysgw: TSF:MSG:READ,100-100-0,s=255,c=3,t=12,pt=0,l=3,sg=0:1.0
    mysgw: TSF:MSG:READ,100-100-0,s=1,c=0,t=1,pt=0,l=0,sg=0:
    mysgw: TSF:MSG:READ,100-100-0,s=255,c=3,t=26,pt=1,l=1,sg=0:2
    mysgw: TSF:MSG:SEND,0-0-100-100,s=255,c=3,t=27,pt=1,l=1,sg=0,ft=0,st=OK:1


  • Contest Winner

    @t3chie looks like the personalization has not finished successfully. How do you store the hmac key to the rPi? If you don't use the personalizer sketch you either need to write the checksum yourself or disable the checksum validation. It could be that the method for personalizing on rPi does not calculate and store a checksum. So either that has to change, or the checksum check should be disabled on rPi/Linux.



  • @Anticimex Sorry for that - when I changed Pi's I forgot to personalize the GW. But that didn't made it working:
    mysgw: Starting gateway...
    mysgw: Protocol version - 2.2.0-beta
    mysgw: MCO:BGN:INIT GW,CP=RNNG-SQX,VER=2.2.0-beta
    mysgw: !SGN:PER:TAMPERED
    mysgw: !SGN:INI:BND FAIL
    mysgw: TSF:LRT:OK
    mysgw: TSM:INIT
    mysgw: TSF:WUR:MS=0
    mysgw: TSM:INIT:TSP OK
    mysgw: TSM:INIT:GW MODE
    mysgw: TSM:READY:ID=0,PAR=0,DIS=0
    mysgw: MCO:REG:NOT NEEDED
    mysgw: Listening for connections on 0.0.0.0:5003
    mysgw: MCO:BGN:STP
    mysgw: MCO:BGN:INIT OK,TSP=1
    mysgw: TSF:MSG:READ,118-205-14,s=1,c=2,t=118,pt=6,l=0,sg=1:
    mysgw: TSF:MSG:REL MSG
    mysgw: !TSF:RTE:14 UNKNOWN
    mysgw: SGN:SGN:118!=0 NUS
    mysgw: !TSF:MSG:SEND,118-0-14-14,s=1,c=2,t=118,pt=6,l=0,sg=1,ft=0,st=NACK:
    mysgw: TSF:MSG:READ,138-29-188,s=181,c=6,t=66,pt=5,l=16,sg=0:3636023473
    mysgw: TSF:MSG:REL MSG
    mysgw: !TSF:RTE:188 UNKNOWN
    mysgw: SGN:SGN:138!=0 NUS
    mysgw: !TSF:MSG:SEND,138-0-188-188,s=181,c=6,t=66,pt=5,l=16,sg=0,ft=0,st=NACK:3636023473
    mysgw: TSF:MSG:READ,184-237-134,s=214,c=0,t=229,pt=6,l=13,sg=1:5A403EDF050D2265DF00000000
    mysgw: !TSF:MSG:PVER,3=2
    mysgw: TSF:MSG:READ,233-187-65,s=93,c=1,t=52,pt=1,l=1,sg=1:222
    mysgw: !TSF:MSG:PVER,1=2
    mysgw: TSF:MSG:READ,177-160-211,s=159,c=6,t=135,pt=4,l=11,sg=1:-2047481336
    mysgw: !TSF:MSG:PVER,0=2
    mysgw: TSF:MSG:READ,166-111-53,s=187,c=3,t=196,pt=5,l=9,sg=0:204581490
    mysgw: TSF:MSG:REL MSG
    mysgw: !TSF:RTE:53 UNKNOWN
    mysgw: SGN:SGN:166!=0 NUS
    mysgw: !TSF:MSG:SEND,166-0-53-53,s=187,c=3,t=196,pt=5,l=9,sg=0,ft=0,st=NACK:204581490
    mysgw: TSF:MSG:READ,223-72-13,s=199,c=4,t=110,pt=5,l=4,sg=0:3736138177
    mysgw: !TSF:MSG:PVER,1=2
    mysgw: TSF:MSG:READ,151-70-68,s=120,c=3,t=166,pt=0,l=15,sg=1:?rQ?0??
    mysgw: !TSF:MSG:PVER,0=2

    Isn't the Node ID reported changing between random values although it should only see ID 100 ?


  • Contest Winner

    @t3chie it still reports !SGN:PER:TAMPERED so my original question(s) are still valid :)



  • @Anticimex I use:

    ./bin/mysgw --set-soft-hmac-key D94AB9BF54D266CA517C23C870FF7A6...
    ./bin/mysgw --set-soft-serial-key 2200002200...

    How can I calculate the checksum or disable it?


  • Contest Winner

    @t3chie just comment https://github.com/mysensors/MySensors/blob/development/core/MySigningAtsha204Soft.cpp#L127

    I'm pretty sure the problem is that on Linux, a checksum is never calculated, so I will patch the init function of the software signing backend to ignore that calculation on Linux.
    I do also note that you seem to get NACKs. I can already now say that those have to go away for signing to work. See here.



  • @Anticimex Have tried to comment out line 127, but as you said no joy. I know that the radio I am using is not the best but I am still not sure if the HW is the culprit here.

    I have put that RF24 module onto a Nano with itead RF Shield and loaded a 2.1.1 Gateway Sketch including signing - that works against the same node I am testing the Pi.
    I am using the interrupt variant of the Pi cabling - could that be the problem?


  • Contest Winner

    @t3chie if you read the troubleshooting guide which I linked to, the topmost and most common issue is radio problems and these are not signing related. They are because you have a flaky radio connection (reasons could be many, and there are a ton of threads on the forum that discuss these). You see these when you enable signing because then full size messages are transmitted and not the relatively small messages you typically transmit.



  • @Anticimex Well, I have read all troubleshooting material many times and agree that mostly it is HW. This time however it was stupidity on my side!
    I mixed up signing with encryption on the Pi compile time flags.
    To summarize:
    On 2.1.1, the architecture needs to be set and signing works (have not tested encryption yet).
    On dev, architecture needs to be left alone (not set) and checksum calculation needs to be commented out (line 127 of MySigningAtsha204Soft.cpp).


  • Contest Winner

    @t3chie ah, ok. Yes, those NUS messages indicated that something was really mixed up :)
    I will file a pull request to fix the checksum issue. Thanks for reporting!


  • Contest Winner

    @t3chie Could I ask you a big favour to test my PR on your linux gw and node?
    https://github.com/mysensors/MySensors/pull/885



  • @Anticimex Sure, can do.
    Would you refresh my memory - how can I check out the tree with that pullrequest?


  • Contest Winner

    @t3chie thanks!
    git checkout -b fallberg-signing development
    git pull https://github.com/fallberg/MySensors.git signing



  • @Anticimex I did:
    git clone https://github.com/mysensors/MySensors.git --branch development
    cd MySensors
    git pull https://github.com/fallberg/MySensors.git signing

    Then compile with:
    ./configure --my-gateway=ethernet
    --my-transport=nrf24
    --my-rf24-ce-pin=22
    --my-rf24-cs-pin=24
    --my-rf24-irq-pin=15
    --my-rf24-pa-level=RF24_PA_LOW
    --my-leds-err-pin=12
    --my-leds-rx-pin=16
    --my-leds-tx-pin=18
    --my-rf24-channel=76
    --my-debug=enable
    --my-signing=software
    --my-signing-request-signatures
    --my-signing-request-gw-signatures-from-all
    --my-signing-debug

    Result with one node restarting while others are already running:

    mysgw: TSF:MSG:READ,100-100-255,s=255,c=3,t=7,pt=0,l=0,sg=0:
    mysgw: TSF:MSG:BC
    mysgw: TSF:MSG:FPAR REQ,ID=100
    mysgw: TSF:PNG:SEND,TO=0
    mysgw: TSF:CKU:OK
    mysgw: TSF:MSG:GWL OK
    mysgw: SGN:SKP:MSG CMD=3,TYPE=8
    mysgw: TSF:MSG:SEND,0-0-100-100,s=255,c=3,t=8,pt=1,l=1,sg=1,ft=0,st=OK:0
    mysgw: TSF:MSG:READ,100-100-0,s=255,c=3,t=24,pt=1,l=1,sg=0:1
    mysgw: SGN:SKP:MSG CMD=3,TYPE=24
    mysgw: TSF:MSG:PINGED,ID=100,HP=1
    mysgw: SGN:SKP:MSG CMD=3,TYPE=25
    mysgw: TSF:MSG:SEND,0-0-100-100,s=255,c=3,t=25,pt=1,l=1,sg=1,ft=0,st=OK:1
    mysgw: TSF:MSG:READ,100-100-0,s=255,c=3,t=15,pt=6,l=2,sg=0:0101
    mysgw: SGN:SKP:MSG CMD=3,TYPE=15
    mysgw: SGN:PRE:SGN REQ,FROM=100
    mysgw: !SGN:PRE:WHI NREQ,FROM=100 REJ
    mysgw: SGN:PRE:SGN REQ,TO=100
    mysgw: SGN:PRE:WHI NREQ,TO=100
    mysgw: SGN:SKP:MSG CMD=3,TYPE=15
    mysgw: TSF:MSG:SEND,0-0-100-100,s=255,c=3,t=15,pt=6,l=2,sg=0,ft=0,st=OK:0101
    mysgw: SGN:PRE:XMT,TO=100
    mysgw: TSF:MSG:READ,100-100-0,s=255,c=3,t=16,pt=0,l=0,sg=0:
    mysgw: SGN:SKP:MSG CMD=3,TYPE=16
    mysgw: !SGN:NCE:GEN
    mysgw: TSF:MSG:READ,100-100-0,s=255,c=3,t=16,pt=0,l=0,sg=0:
    mysgw: SGN:SKP:MSG CMD=3,TYPE=16
    mysgw: !SGN:NCE:GEN
    mysgw: TSF:MSG:READ,100-100-0,s=255,c=3,t=16,pt=0,l=0,sg=0:
    mysgw: SGN:SKP:MSG CMD=3,TYPE=16
    mysgw: !SGN:NCE:GEN
    mysgw: TSF:MSG:READ,100-100-0,s=255,c=3,t=16,pt=0,l=0,sg=0:
    mysgw: SGN:SKP:MSG CMD=3,TYPE=16
    mysgw: !SGN:NCE:GEN
    mysgw: TSF:MSG:READ,100-100-0,s=1,c=3,t=16,pt=0,l=0,sg=0:
    mysgw: SGN:SKP:MSG CMD=3,TYPE=16
    mysgw: !SGN:NCE:GEN
    mysgw: TSF:MSG:READ,100-100-0,s=255,c=3,t=26,pt=1,l=1,sg=0:2
    mysgw: SGN:SKP:MSG CMD=3,TYPE=26
    mysgw: SGN:SKP:MSG CMD=3,TYPE=16
    mysgw: TSF:MSG:SEND,0-0-100-100,s=255,c=3,t=16,pt=0,l=0,sg=1,ft=0,st=OK:
    mysgw: SGN:SGN:NCE REQ,TO=100
    mysgw: TSF:MSG:READ,100-100-0,s=255,c=3,t=17,pt=6,l=25,sg=1:<NONCE>
    mysgw: SGN:SKP:MSG CMD=3,TYPE=17
    mysgw: SGN:NCE:FROM=100
    mysgw: SGN:BND:NONCE=4BD28D2B47813291B354D4A856B07E7A6B496CF86FA2FF969D7C2D115FAC09DF
    mysgw: SGN:BND:HMAC=07FF305FFEB4D1489C3C9BA63A281890DDD850573B406FB691C09C23DC12DD00
    mysgw: SGN:BND:SIG WHI,ID=0
    mysgw: SGN:BND:SIG WHI,SERIAL=000000000000000000
    mysgw: SGN:SGN:SGN
    mysgw: TSF:MSG:SEND,0-0-100-100,s=255,c=3,t=27,pt=1,l=1,sg=1,ft=0,st=OK:1

    Looks OK for me, right?


  • Contest Winner

    @t3chie I think so. There are a few errors in the log though but I am not sure if that is due to other nodes on your network not being configured properly.


Log in to reply
 

Looks like your connection to MySensors Forum was lost, please wait while we try to reconnect.