Help Signing
-
@sindrome73 use the links from the page I sent you please.
-
They used them but they brought me to the same page anyway
-
They used them but they brought me to the same page anyway
@sindrome73 I find that hard to believe. I have verified it myself. They should go to https://www.mysensors.org/apidocs-beta/group__MySigninggrpPub.html and https://www.mysensors.org/apidocs/group__MySigninggrp.html. Not ci.mysensors.org.
-
They used them but they brought me to the same page anyway
@sindrome73 https://www.mysensors.org/about/signing shows these links at the very top.
-
But is it so difficult to load an example of a gateway + node that requires signature + a node that does not require signature?
It would help many in my situation !! I try to study the whole thing again but the signature for those like me, is at the beginning of the weapon is not easy as explained
-
I copied the same code in the gateway.
For the gateway however I have to disable the debug otherwise sketch and too big !!So I loaded this code both in the Relay Node and in the Gateway:
#define MY_SIGNING_SOFT
#define MY_SIGNING_REQUEST_SIGNATURES
#define MY_SIGNING_SOFT_RANDOMSEED_PIN 7In the Knot Debug I see this:
317050 TSF:MSG:READ,0-0-3,s=1,c=3,t=16,pt=0,l=0,sg=1: 317072 TSF:MSG:SEND,3-3-0-0,s=255,c=3,t=17,pt=6,l=25,sg=1,ft=0,st=OK:FADEB1BB0B066C3F08094CC8C74FD0A63EC503598F2B14C14B 317150 TSF:MSG:READ,0-0-3,s=1,c=1,t=2,pt=0,l=1,sg=1:1 317231 TSF:MSG:ACK REQ 317234 TSF:MSG:SEND,3-3-0-0,s=1,c=1,t=2,pt=0,l=1,sg=0,ft=0,st=OK:1 Incoming change for sensor:1, New status: 1I think something is working !! Now I would like to try to mix in the network a node that does not require signing
-
I copied the same code in the gateway.
For the gateway however I have to disable the debug otherwise sketch and too big !!So I loaded this code both in the Relay Node and in the Gateway:
#define MY_SIGNING_SOFT
#define MY_SIGNING_REQUEST_SIGNATURES
#define MY_SIGNING_SOFT_RANDOMSEED_PIN 7In the Knot Debug I see this:
317050 TSF:MSG:READ,0-0-3,s=1,c=3,t=16,pt=0,l=0,sg=1: 317072 TSF:MSG:SEND,3-3-0-0,s=255,c=3,t=17,pt=6,l=25,sg=1,ft=0,st=OK:FADEB1BB0B066C3F08094CC8C74FD0A63EC503598F2B14C14B 317150 TSF:MSG:READ,0-0-3,s=1,c=1,t=2,pt=0,l=1,sg=1:1 317231 TSF:MSG:ACK REQ 317234 TSF:MSG:SEND,3-3-0-0,s=1,c=1,t=2,pt=0,l=1,sg=0,ft=0,st=OK:1 Incoming change for sensor:1, New status: 1I think something is working !! Now I would like to try to mix in the network a node that does not require signing
@sindrome73 the log looks good. You can use the log parser on the homepage to get it "translated". You can also enable verbose signing debug (look in MyConfig.h) if you want to see what the signing backend really does.
-
Another sore point !! I do not know how to edit Myconfig.H
Send me some links where I can see? -
Another sore point !! I do not know how to edit Myconfig.H
Send me some links where I can see?@sindrome73 you shouldn't edit it. Just look in it to find the names of the settings you add to your sketch before including MyConfig.h. And editing it is no different from editing any file for that matter.
-
Hi,
first of all, you have spelled a define wrong,#define MY_SIGNING_REQUEST_SIGNATUREshould be
#define MY_SIGNING_REQUEST_SIGNATURESSecondly, you have to enable signing on the gateway as well.
Thirdly, you have to personalize your devices (as per the documentation) or signing won't work at all.@anticimex said in Help Signing:
Hi,
first of all, you have spelled a define wrong,#define MY_SIGNING_REQUEST_SIGNATUREshould be
#define MY_SIGNING_REQUEST_SIGNATURESSecondly, you have to enable signing on the gateway as well.
Thirdly, you have to personalize your devices (as per the documentation) or signing won't work at all.Hello!!
I resume my discussion !! Finally after a long time, I was able to understand the "3" point that Anticimex told me. Where it is said that the device (node / gateway) must be customized through the SecureActuator.ino files.I did this way:
I loaded the scketch SecureActuator.ino, on the node or on the gateway, and I followed these steps, and we're talking about using only the Firma Software.
Enable GENERATE_KEYS_SOFT
This will generate random keys for HMAC (signing) and AES (encryption). Copy the keys generated and replace the corresponding definitions under "User defined key data", specifically MY_HMAC_KEY and MY_AES_KEY.
Disable GENERATE_KEYS_SOFT and enable PERSONALIZE_SOFT
This will store the HMAC key and the AES key to EEPROM. It will also write a checksum of the personalization data in EEPROM to be able to detect if the data is altered.
Personalization is now complete.At this point if I understand correctly I write my scketch, adding at the beginning before Config.h
How much:#define MY_SIGNING_SOFT
#define MY_SIGNING_REQUEST_SIGNATURES
#define MY_SIGNING_SOFT_RANDOMSEED_PIN 7And load everything, on the node ...... It should be all right now ?? Quite right???
Of course, loading this scketck, gate from the Sardinian SecureActuator.ino, but this is normal because however the HMAC (signing) and AES (encryption), are stored in the EEPROM of arduino !! Quite right???
At this point I'm using the Signature correctly or do I have to do anything else ???
-
@anticimex said in Help Signing:
Hi,
first of all, you have spelled a define wrong,#define MY_SIGNING_REQUEST_SIGNATUREshould be
#define MY_SIGNING_REQUEST_SIGNATURESSecondly, you have to enable signing on the gateway as well.
Thirdly, you have to personalize your devices (as per the documentation) or signing won't work at all.Hello!!
I resume my discussion !! Finally after a long time, I was able to understand the "3" point that Anticimex told me. Where it is said that the device (node / gateway) must be customized through the SecureActuator.ino files.I did this way:
I loaded the scketch SecureActuator.ino, on the node or on the gateway, and I followed these steps, and we're talking about using only the Firma Software.
Enable GENERATE_KEYS_SOFT
This will generate random keys for HMAC (signing) and AES (encryption). Copy the keys generated and replace the corresponding definitions under "User defined key data", specifically MY_HMAC_KEY and MY_AES_KEY.
Disable GENERATE_KEYS_SOFT and enable PERSONALIZE_SOFT
This will store the HMAC key and the AES key to EEPROM. It will also write a checksum of the personalization data in EEPROM to be able to detect if the data is altered.
Personalization is now complete.At this point if I understand correctly I write my scketch, adding at the beginning before Config.h
How much:#define MY_SIGNING_SOFT
#define MY_SIGNING_REQUEST_SIGNATURES
#define MY_SIGNING_SOFT_RANDOMSEED_PIN 7And load everything, on the node ...... It should be all right now ?? Quite right???
Of course, loading this scketck, gate from the Sardinian SecureActuator.ino, but this is normal because however the HMAC (signing) and AES (encryption), are stored in the EEPROM of arduino !! Quite right???
At this point I'm using the Signature correctly or do I have to do anything else ???
@sindrome73 assuming you have executed the personalizer sketch with your generated keys on both the gateway and the node(s), then yes. You can always see in the log if signing is being used. There is a parser for the log on the homepage.
