Skip to content
  • MySensors
  • OpenHardware.io
  • Categories
  • Recent
  • Tags
  • Popular
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo
  1. Home
  2. Troubleshooting
  3. Help Signing

Help Signing

Scheduled Pinned Locked Moved Troubleshooting
21 Posts 2 Posters 3.1k Views 2 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • S sindrome73

    @anticimex said in Help Signing:

    Hi,
    first of all, you have spelled a define wrong,

    #define MY_SIGNING_REQUEST_SIGNATURE

    should be

    #define MY_SIGNING_REQUEST_SIGNATURES

    Secondly, you have to enable signing on the gateway as well.
    Thirdly, you have to personalize your devices (as per the documentation) or signing won't work at all.

    Hello!!
    I resume my discussion !! Finally after a long time, I was able to understand the "3" point that Anticimex told me. Where it is said that the device (node ​​/ gateway) must be customized through the SecureActuator.ino files.

    I did this way:

    I loaded the scketch SecureActuator.ino, on the node or on the gateway, and I followed these steps, and we're talking about using only the Firma Software.

    Enable GENERATE_KEYS_SOFT
    This will generate random keys for HMAC (signing) and AES (encryption). Copy the keys generated and replace the corresponding definitions under "User defined key data", specifically MY_HMAC_KEY and MY_AES_KEY.
    Disable GENERATE_KEYS_SOFT and enable PERSONALIZE_SOFT
    This will store the HMAC key and the AES key to EEPROM. It will also write a checksum of the personalization data in EEPROM to be able to detect if the data is altered.
    Personalization is now complete.

    At this point if I understand correctly I write my scketch, adding at the beginning before Config.h
    How much:

    #define MY_SIGNING_SOFT
    #define MY_SIGNING_REQUEST_SIGNATURES
    #define MY_SIGNING_SOFT_RANDOMSEED_PIN 7

    And load everything, on the node ...... It should be all right now ?? Quite right???

    Of course, loading this scketck, gate from the Sardinian SecureActuator.ino, but this is normal because however the HMAC (signing) and AES (encryption), are stored in the EEPROM of arduino !! Quite right???

    At this point I'm using the Signature correctly or do I have to do anything else ???

    AnticimexA Offline
    AnticimexA Offline
    Anticimex
    Contest Winner
    wrote on last edited by
    #21

    @sindrome73 assuming you have executed the personalizer sketch with your generated keys on both the gateway and the node(s), then yes. You can always see in the log if signing is being used. There is a parser for the log on the homepage.

    Do you feel secure today? No? Start requiring some signatures and feel better tomorrow ;)

    1 Reply Last reply
    0
    Reply
    • Reply as topic
    Log in to reply
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes

    27

    Online

    11.7k

    Users

    11.2k

    Topics

    113.1k

    Posts


    Copyright 2025 TBD   |   Forum Guidelines   |   Privacy Policy   |   Terms of Service
    • Login
    • Don't have an account? Register
    • Login or register to search.
    • First post
      Last post
    0
    • MySensors
    • OpenHardware.io
    • Categories
    • Recent
    • Tags
    • Popular