Node with encryption asking for ID in loop

Hey there,

I hope someone can help. I have a simple test setup with only one gateway and one node at the moment. I want them to communication with encryption enabled. As one of them has no easy access to serial lines I want to first set it up with #define MY_ENCRYPTION_SIMPLE_PASSWD "Test" I have this activated in both sketches.
The result is the node asking for an ID in loop all the time, but with different sensor numbers (why is there a sensor number in the ID_REQUEST, shouldn't it be 255?). But there is a pattern (tried multiple time with reboot on node and gateway), so it's not random... first I see 6 requests for ID with sensor 102, followed by sensor 4, 163, 67, 12, 176 (6 times each). My controller (MYSController) answers them all the time and I see the sending messages in the serial console of the gateway...
here the complete gateway log:

dhcp client start...
ip:192.168.38.131,mask:255.255.255.0,gw:192.168.38.1
7778 GWT:TIN:CONNECTING...
7939 GWT:TIN:IP: 192.168.38.131
7973 MCO:BGN:STP
7991 MCO:BGN:INIT OK,TSP=1
8019 TSM:READY:NWD REQ
8048 ?TSF:MSG:SEND,0-0-255-255,s=255,c=3,t=20,pt=0,l=0,sg=0,ft=0,st=OK:
pm open,type:2 0
107269 GWT:TSA:C=0,CONNECTED
186214 TSF:MSG:READ,255-255-255,s=255,c=3,t=7,pt=0,l=0,sg=0:
186278 TSF:MSG:BC
186297 TSF:MSG:FPAR REQ,ID=255
186329 TSF:PNG:SEND,TO=0
186355 TSF:CKU:OK
186374 TSF:MSG:GWL OK
186431 ?TSF:MSG:SEND,0-0-255-255,s=255,c=3,t=8,pt=1,l=1,sg=0,ft=0,st=OK:0
202842 TSF:MSG:READ,255-255-0,s=102,c=3,t=3,pt=0,l=0,sg=0:
202912 GWT:RFC:C=0,MSG=255;102;3;0;4;2
202958 ?TSF:MSG:SEND,0-0-255-255,s=102,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
204480 TSF:MSG:READ,255-255-0,s=102,c=3,t=3,pt=0,l=0,sg=0:
204546 GWT:RFC:C=0,MSG=255;102;3;0;4;2
204592 ?TSF:MSG:SEND,0-0-255-255,s=102,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
206120 TSF:MSG:READ,255-255-0,s=102,c=3,t=3,pt=0,l=0,sg=0:
206187 GWT:RFC:C=0,MSG=255;102;3;0;4;2
206233 ?TSF:MSG:SEND,0-0-255-255,s=102,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
207760 TSF:MSG:READ,255-255-0,s=102,c=3,t=3,pt=0,l=0,sg=0:
207826 GWT:RFC:C=0,MSG=255;102;3;0;4;2
207872 ?TSF:MSG:SEND,0-0-255-255,s=102,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
209399 TSF:MSG:READ,255-255-0,s=102,c=3,t=3,pt=0,l=0,sg=0:
209467 GWT:RFC:C=0,MSG=255;102;3;0;4;2
209512 ?TSF:MSG:SEND,0-0-255-255,s=102,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
211041 TSF:MSG:READ,255-255-0,s=102,c=3,t=3,pt=0,l=0,sg=0:
211108 GWT:RFC:C=0,MSG=255;102;3;0;4;2
211153 ?TSF:MSG:SEND,0-0-255-255,s=102,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
229260 TSF:MSG:READ,255-255-0,s=4,c=3,t=3,pt=0,l=0,sg=0:
229325 GWT:RFC:C=0,MSG=255;4;3;0;4;2
229369 ?TSF:MSG:SEND,0-0-255-255,s=4,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
230903 TSF:MSG:READ,255-255-0,s=4,c=3,t=3,pt=0,l=0,sg=0:
230968 GWT:RFC:C=0,MSG=255;4;3;0;4;2
231012 ?TSF:MSG:SEND,0-0-255-255,s=4,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
232543 TSF:MSG:READ,255-255-0,s=4,c=3,t=3,pt=0,l=0,sg=0:
232608 GWT:RFC:C=0,MSG=255;4;3;0;4;2
232652 ?TSF:MSG:SEND,0-0-255-255,s=4,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
234183 TSF:MSG:READ,255-255-0,s=4,c=3,t=3,pt=0,l=0,sg=0:
234250 GWT:RFC:C=0,MSG=255;4;3;0;4;2
234294 ?TSF:MSG:SEND,0-0-255-255,s=4,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
235823 TSF:MSG:READ,255-255-0,s=4,c=3,t=3,pt=0,l=0,sg=0:
235890 GWT:RFC:C=0,MSG=255;4;3;0;4;2
235934 ?TSF:MSG:SEND,0-0-255-255,s=4,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
237463 TSF:MSG:READ,255-255-0,s=4,c=3,t=3,pt=0,l=0,sg=0:
237530 GWT:RFC:C=0,MSG=255;4;3;0;4;2
237573 ?TSF:MSG:SEND,0-0-255-255,s=4,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
255671 TSF:MSG:READ,255-255-0,s=163,c=3,t=3,pt=0,l=0,sg=0:
255740 GWT:RFC:C=0,MSG=255;163;3;0;4;2
255786 ?TSF:MSG:SEND,0-0-255-255,s=163,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
257312 TSF:MSG:READ,255-255-0,s=163,c=3,t=3,pt=0,l=0,sg=0:
257379 GWT:RFC:C=0,MSG=255;163;3;0;4;2
257425 ?TSF:MSG:SEND,0-0-255-255,s=163,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
258952 TSF:MSG:READ,255-255-0,s=163,c=3,t=3,pt=0,l=0,sg=0:
259022 GWT:RFC:C=0,MSG=255;163;3;0;4;2
259067 ?TSF:MSG:SEND,0-0-255-255,s=163,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
260592 TSF:MSG:READ,255-255-0,s=163,c=3,t=3,pt=0,l=0,sg=0:
260660 GWT:RFC:C=0,MSG=255;163;3;0;4;2
260705 ?TSF:MSG:SEND,0-0-255-255,s=163,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
262234 TSF:MSG:READ,255-255-0,s=163,c=3,t=3,pt=0,l=0,sg=0:
262301 GWT:RFC:C=0,MSG=255;163;3;0;4;2
262346 ?TSF:MSG:SEND,0-0-255-255,s=163,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
263875 TSF:MSG:READ,255-255-0,s=163,c=3,t=3,pt=0,l=0,sg=0:
263944 GWT:RFC:C=0,MSG=255;163;3;0;4;2
263990 ?TSF:MSG:SEND,0-0-255-255,s=163,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
282098 TSF:MSG:READ,255-255-0,s=67,c=3,t=3,pt=0,l=0,sg=0:
282165 GWT:RFC:C=0,MSG=255;67;3;0;4;2
282210 ?TSF:MSG:SEND,0-0-255-255,s=67,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
283735 TSF:MSG:READ,255-255-0,s=67,c=3,t=3,pt=0,l=0,sg=0:
283803 GWT:RFC:C=0,MSG=255;67;3;0;4;2
283848 ?TSF:MSG:SEND,0-0-255-255,s=67,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
285377 TSF:MSG:READ,255-255-0,s=67,c=3,t=3,pt=0,l=0,sg=0:
285443 GWT:RFC:C=0,MSG=255;67;3;0;4;2
285488 ?TSF:MSG:SEND,0-0-255-255,s=67,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
287018 TSF:MSG:READ,255-255-0,s=67,c=3,t=3,pt=0,l=0,sg=0:
287085 GWT:RFC:C=0,MSG=255;67;3;0;4;2
287129 ?TSF:MSG:SEND,0-0-255-255,s=67,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
288659 TSF:MSG:READ,255-255-0,s=67,c=3,t=3,pt=0,l=0,sg=0:
288725 GWT:RFC:C=0,MSG=255;67;3;0;4;2
288770 ?TSF:MSG:SEND,0-0-255-255,s=67,c=3,t=4,pt=0,l=1,sg=0,ft=0,st=OK:2
290300 TSF:MSG:READ,255-255-0,s=67,c=3,t=3,pt=0,l=0,sg=0:
290366 GWT:RFC:C=0,MSG=255;67;3;0;4;2

If I set the node ID in sketch, it seems to play "ping-pong" all the time... I don't understand why...

953628 TSF:MSG:READ,10-10-0,s=255,c=3,t=24,pt=1,l=1,sg=0:1
953689 TSF:MSG:PINGED,ID=10,HP=1
954954 !TSF:MSG:SEND,0-0-10-10,s=255,c=3,t=25,pt=1,l=1,sg=0,ft=0,st=NACK:1
955267 TSF:MSG:READ,10-10-0,s=255,c=3,t=24,pt=1,l=1,sg=0:1
955328 TSF:MSG:PINGED,ID=10,HP=1
956593 !TSF:MSG:SEND,0-0-10-10,s=255,c=3,t=25,pt=1,l=1,sg=0,ft=0,st=NACK:1
956906 TSF:MSG:READ,10-10-0,s=255,c=3,t=24,pt=1,l=1,sg=0:1
956967 TSF:MSG:PINGED,ID=10,HP=1
958232 !TSF:MSG:SEND,0-0-10-10,s=255,c=3,t=25,pt=1,l=1,sg=0,ft=0,st=NACK:1
958545 TSF:MSG:READ,10-10-0,s=255,c=3,t=24,pt=1,l=1,sg=0:1
958607 TSF:MSG:PINGED,ID=10,HP=1
959871 !TSF:MSG:SEND,0-0-10-10,s=255,c=3,t=25,pt=1,l=1,sg=0,ft=0,st=NACK:1
976723 TSF:MSG:READ,10-10-0,s=255,c=3,t=24,pt=1,l=1,sg=0:1
976784 TSF:MSG:PINGED,ID=10,HP=1
978048 !TSF:MSG:SEND,0-0-10-10,s=255,c=3,t=25,pt=1,l=1,sg=0,ft=0,st=NACK:1
978361 TSF:MSG:READ,10-10-0,s=255,c=3,t=24,pt=1,l=1,sg=0:1
978423 TSF:MSG:PINGED,ID=10,HP=1
979687 !TSF:MSG:SEND,0-0-10-10,s=255,c=3,t=25,pt=1,l=1,sg=0,ft=0,st=NACK:1

@SuperNinja you only need #define MY_SECURITY_SIMPLE_PASSWD "testpass". The other one would be needed for encryption wih personalization (so keys saved in eeprom or atsha-chip)

@Anticimex is there a way to give the SIMPLE_PASSWD in hex? As far as I understand the AES key in the personalizer sketch is a hex and the password in sketch would be ASCII. Therefor even if looking identical they would not match. Or do I have to create a password first and convert that to hex to be used in personalization...

wow... to be honest I didn't expected it to be so easy... what flags are those "under the hood" settings?

@Anticimex is there a way to use both methods in one network? So to personalize nodes with the AES key (0x12; 0x34; 0x56; 0x00;...) and use SIMPLE_PASSWD "123456" (or some other derivativ)?

@mfalkvidd I mean the two options #define MY_ENCRYPTION_SIMPLE_PASSWD and #define MY_RFM69_ENABLE_ENCRYPTION (with personalization before)

@Anticimex thank you for your answer. In my case I want to implement OTA with the online version with DualOptibootloader. This way, the node will be able to decrypt and store the new firmware in external flash. With the MYS Bootloader that would not be possible as far as I understood the thing...

@TRS-80 signing will also be added. But I want to be able to send messages unseen from the 'public' to my nodes... some of them are text-based and I don't want to be sniffed...

Hey there,

is there any significant difference between the two options for encryption? Does the simple one consumes more flash? Is it safe to use with OTA updates (should be, as all communication is encrypted)? Why should you bother with personalization in the first place or is it only the 'old grown' method?

Thanks for any contribution in advance,
Anduril

Just in the rare case I want to use it later (and I have encryption enabled in the whole mysensors network) I could theoretically write a sketch inspired by the personalizer to read the serial and send this as a payload to the gateway without anyone out there able to read.

I understand that. Two questions:
what about updating via OTA with whitelisting enabled? Everyone could sniff the new hexfile and read the serial of the whitelisted node, correct?
what about activating encryption? Would that prevent both of these cases? No one could read the hexfile or the send serial without knowing the AES key before.

that's sad.
Maybe it would be possible to write a sketch to read out the atsha serial and transmit it via mysensors... I will be looking into this further when in need of whitelisting. Until then I will just leave it as it is and only use signing and maybe encryption.

@Anticimex still the question: is there a way to find out a nodes whitelist serial later?

I think that's a little beyond my skills :-)

that might be true... so it's kind of impossible I think to merge those.
So I have to first upload the personalizer and directly after that the sketch with security enabled and OTA. Is the personalizer sketch the only way to find out its serial for whitelisting? Maybe I need this feature down the road so it's good to know how to get it later

I have not yet enabled signing or encryption on the node that was running the personalizer with radio activated. Therefor I would expect it to give serial output mysensors started, find parent and so on. Nothing on the output after that security Execution result SUCCESS
The gateway also has no security activated for now, as this node was the first one to test the personalizer with radio and OTA

well I did a first test, without result. Maybe someone can help:
I did run the Personalizer with #define GENERATE_KEYS_ATSHA204A and generated some keys. I added those to the #define MY_XXX_KEY and got a confirmation. But it seems to not start up the radio, there is no output in the node or the gateway.

sketch:

/*
 * The MySensors Arduino library handles the wireless radio link and protocol
 * between your home built sensors/actuators and HA controller of choice.
 * The sensors forms a self healing radio network with optional repeaters. Each
 * repeater and gateway builds a routing tables in EEPROM which keeps track of the
 * network topology allowing messages to be routed to nodes.
 *
 * Created by Henrik Ekblad <henrik.ekblad@mysensors.org>
 * Copyright (C) 2013-2019 Sensnology AB
 * Full contributor list: https://github.com/mysensors/MySensors/graphs/contributors
 *
 * Documentation: http://www.mysensors.org
 * Support Forum: http://forum.mysensors.org
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * version 2 as published by the Free Software Foundation.
 *
 */
/**
 * @ingroup MySigninggrp
 * @{
 * @file SecurityPersonalizer.ino
 * @brief Security personalization sketch
 *
 * REVISION HISTORY
 *  - See git log (git log libraries/MySensors/examples/SecurityPersonalizer/SecurityPersonalizer.ino)
 */

/**
 * @example SecurityPersonalizer.ino
 * This sketch will personalize either none-volatile memory or ATSHA204A for security functions
 * available in the MySensors library.<br>
 * Details on personalization procedure is given in @ref personalization.<br>
 * This sketch will when executed without modifications also print a guided workflow on the UART.
 */

#include "sha204_library.h"
#include "sha204_lib_return_codes.h"
/** @brief Make use of the MySensors framework without invoking the entire system */
//#define MY_CORE_ONLY
#define MY_RADIO_RFM69
#define MY_OTA_FIRMWARE_FEATURE
#define MY_BAUD_RATE      38400
#include <MySensors.h>

/************************************ User defined key data ***************************************/

/** @brief The user-defined HMAC key to use unless @ref GENERATE_HMAC_KEY is set */
#define MY_HMAC_KEY 0x01,0x02,0x03,0x04,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00

/** @brief The user-defined AES key to store in EEPROM unless @ref GENERATE_AES_KEY is set */
#define MY_AES_KEY 0x06,0x07,0x08,0x09,0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00

/** @brief The user-defined soft serial to use for soft signing unless @ref GENERATE_SOFT_SERIAL is set */
#define MY_SOFT_SERIAL 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF

/***************************** Flags for guided personalization flow ******************************/

/**
 * @def GENERATE_KEYS_ATSHA204A
 * @brief Default settings for generating keys using ATSHA204A
 *
 * @note The generated keys displayed in the serial log with this setting needs to be written down
 *       and transferred to all nodes this gateway will communicate with. This is mandatory for ALL
 *       nodes for encryption (AES key). For signing (HMAC key) it is only required for nodes that
 *       use signing. Typically you set the values for @ref MY_HMAC_KEY and @ref MY_AES_KEY.
 */
//#define GENERATE_KEYS_ATSHA204A

/**
 * @def GENERATE_KEYS_SOFT
 * @brief Default settings for generating keys using software
 *
 * @b Important<br>
 * You will need to ensure @ref MY_SIGNING_SOFT_RANDOMSEED_PIN is set to an unconnected analog pin
 * in order to provide entropy to the software RNG if your hardware has no HWRNG.
 *
 * @note The generated keys displayed in the serial log with this setting needs to be written down
 *       and transferred to all nodes this gateway will communicate with. This is mandatory for ALL
 *       nodes for encryption (AES key). For signing (HMAC key) it is only required for nodes that
 *       use signing. Typically you set the values for @ref MY_HMAC_KEY and @ref MY_AES_KEY.
 */
//#define GENERATE_KEYS_SOFT

/**
 * @def PERSONALIZE_ATSHA204A
 * @brief Default settings for personalizing an ATSHA204A
 *
 * It is assumed that you have updated @ref MY_HMAC_KEY and @ref MY_AES_KEY with the keys displayed
 * when executing this sketch with @ref GENERATE_KEYS_ATSHA204A or @ref GENERATE_KEYS_SOFT defined.
 */
#define PERSONALIZE_ATSHA204A

/**
 * @def PERSONALIZE_SOFT
 * @brief Default settings for personalizing EEPROM for software signing
 *
 * It is assumed that you have updated @ref MY_HMAC_KEY and @ref MY_AES_KEY with the keys displayed
 * when executing this sketch with @ref GENERATE_KEYS_ATSHA204A or @ref GENERATE_KEYS_SOFT defined.
 */
//#define PERSONALIZE_SOFT

/**
 * @def PERSONALIZE_SOFT_RANDOM_SERIAL
 * @brief This is an alternative to @ref PERSONALIZE_SOFT which will also store a randomly generated
 * serial to EEPROM in addition to the actions performed by @ref PERSONALIZE_SOFT. Take note of the
 * generated soft serial as it will be needed if you plan to use whitelisting. It should be
 * unique for each node.
 *
 * @note This is only needed for targets that lack unique device IDs. The sketch will inform you if
 *       there is a need for generating a random serial or not. Check the "Hardware security
 *       peripherals" listing. If a target has a unique device ID and a serial in EEPROM, the serial
 *       in EEPROM will be used. If erased (replaced with FF:es) the unique device ID will be used
 *       instead.
 */
//#define PERSONALIZE_SOFT_RANDOM_SERIAL

/*************************** The settings below are for advanced users ****************************/
/**
 * @def USE_SOFT_SIGNING
 * @brief Uncomment this to generate keys by software and store them to EEPROM instead of ATSHA204A
 */
//#define USE_SOFT_SIGNING

/**
 * @def LOCK_ATSHA204A_CONFIGURATION
 * @brief Uncomment this to enable locking the ATSHA204A configuration zone
 *
 * It is still possible to change the key, and this also enable random key generation.
 * @warning BE AWARE THAT THIS PREVENTS ANY FUTURE CONFIGURATION CHANGE TO THE CHIP
 */
//#define LOCK_ATSHA204A_CONFIGURATION

/**
 * @def SKIP_UART_CONFIRMATION
 * @brief Uncomment this for boards that lack UART
 *
 * This will disable additional confirmation for actions that are non-reversible.
 *
 * @b Important<br> For ATSHA204A, no confirmation will be required for locking any zones with this
 * configuration! Also, if you generate keys on a board without UART, you have no way of determining
 * what the key is unless it is stored in EEPROM.
 */
//#define SKIP_UART_CONFIRMATION

/**
 * @def GENERATE_HMAC_KEY
 * @brief Uncomment this to generate a random HMAC key using ATSHA204A or software depending on
 *        @ref USE_SOFT_SIGNING
 * @note If not enabled, key defined by @ref MY_HMAC_KEY will be used instead.
 */
//#define GENERATE_HMAC_KEY

/**
 * @def STORE_HMAC_KEY
 * @brief Uncomment this to store HMAC key to ATSHA204A or EEPROM depending on @ref USE_SOFT_SIGNING
 */
//#define STORE_HMAC_KEY

/**
 * @def GENERATE_AES_KEY
 * @brief Uncomment this to generate a random AES key using ATSHA204A or software depending on
 * @ref USE_SOFT_SIGNING
 * @note If not enabled, key defined by @ref MY_AES_KEY will be used instead.
 */
//#define GENERATE_AES_KEY

/**
 * @def STORE_AES_KEY
 * @brief Uncomment this to store AES key to EEPROM
 */
//#define STORE_AES_KEY

/**
 * @def GENERATE_SOFT_SERIAL
 * @brief Uncomment this to generate a random serial number for software signing
 * @note If not enabled, serial defined by @ref MY_SOFT_SERIAL will be used instead.
 */
//#define GENERATE_SOFT_SERIAL

/**
 * @def STORE_SOFT_SERIAL
 * @brief Uncomment this to store the serial number to EEPROM
 */
//#define STORE_SOFT_SERIAL

/**
 * @def PRINT_DETAILED_ATSHA204A_CONFIG
 * @brief Uncomment to print the detailed ATSHA204A configuration
 */
#define PRINT_DETAILED_ATSHA204A_CONFIG

/**
 * @def RESET_EEPROM_PERSONALIZATION
 * @brief Uncomment to reset the personalization data in EEPROM to 0xFF:es
 */
//#define RESET_EEPROM_PERSONALIZATION

/********************* Guided mode flag configurations (don't change these) ***********************/
#ifdef GENERATE_KEYS_ATSHA204A
#define LOCK_ATSHA204A_CONFIGURATION // We have to lock configuration to enable random number generation
#define GENERATE_HMAC_KEY // Generate random HMAC key
#define GENERATE_AES_KEY // Generate random AES key
#define SKIP_UART_CONFIRMATION // This is an automated mode
#endif

#ifdef GENERATE_KEYS_SOFT
#define USE_SOFT_SIGNING // Use software backend
#define GENERATE_HMAC_KEY // Generate random HMAC key
#define GENERATE_AES_KEY // Generate random AES key
#define SKIP_UART_CONFIRMATION // This is an automated mode
#endif

#ifdef PERSONALIZE_ATSHA204A
#define LOCK_ATSHA204A_CONFIGURATION // We have to lock configuration to enable random number generation
#define STORE_HMAC_KEY // Store the HMAC key
#define STORE_AES_KEY // Store the AES key
#define SKIP_UART_CONFIRMATION // This is an automated mode
#endif

#ifdef PERSONALIZE_SOFT_RANDOM_SERIAL
#define GENERATE_SOFT_SERIAL // Generate a soft serial number
#define PERSONALIZE_SOFT // Do the rest as PERSONALIZE_SOFT
#endif

#ifdef PERSONALIZE_SOFT
#define USE_SOFT_SIGNING // Use software backend
#define STORE_HMAC_KEY // Store the HMAC key
#define STORE_AES_KEY // Store the AES key
#define STORE_SOFT_SERIAL // Store the soft serial number
#define SKIP_UART_CONFIRMATION // This is an automated mode
#endif

#if defined(GENERATE_HMAC_KEY) || defined(GENERATE_AES_KEY) || defined(GENERATE_SOFT_SERIAL)
#define GENERATE_SOMETHING
#endif

#if defined(MY_LOCK_MCU)
#undefine MY_LOCK_MCU  // The Sketch after SecurityPersonaliter should lock the MCU
#endif

/********************************** Preprocessor sanitychecks *************************************/
#if defined(GENERATE_SOFT_SERIAL) && !defined(USE_SOFT_SIGNING)
#error Cannot generate soft serial using ATSHA204A, use USE_SOFT_SINGING for this
#endif
#if defined(STORE_SOFT_SERIAL) && !defined(USE_SOFT_SIGNING)
#error Cannot store soft serial to ATSHA204A, use USE_SOFT_SINGING for this
#endif
#if defined(PRINT_DETAILED_ATSHA204A_CONFIG) && defined(USE_SOFT_SIGNING)
#error Cannot print ATSHA204A config using software signing flag, disable USE_SOFT_SINGING for this
#endif
#if defined(LOCK_ATSHA204A_CONFIGURATION) && defined(USE_SOFT_SIGNING)
#error Cannot lock ATSHA204A config using software signing flag, disable USE_SOFT_SINGING for this
#endif
#ifdef GENERATE_KEYS_ATSHA204A
#ifdef USE_SOFT_SIGNING
#error You cannot select soft signing if you want to generate keys using ATSHA204A
#endif
#ifdef STORE_HMAC_KEY
#error Disable STORE_SOFT_KEY, you should not store keys in this mode
#endif
#ifdef STORE_SOFT_SERIAL
#error Disable STORE_SOFT_SERIAL, you should not store serial in this mode
#endif
#ifdef STORE_AES_KEY
#error Disable STORE_AES_KEY, you should not store keys in this mode
#endif
#if defined(GENERATE_KEYS_SOFT) ||\
		defined (PERSONALIZE_ATSHA204A) ||\
		defined (PERSONALIZE_SOFT) ||\
		defined (PERSONALIZE_SOFT_RANDOM_SERIAL)
#error You can not enable GENERATE_KEYS_ATSHA204A together with other guided modes
#endif
#endif // GENERATE_KEYS_ATSHA204A
#ifdef GENERATE_KEYS_SOFT
#ifdef STORE_HMAC_KEY
#error Disable STORE_SOFT_KEY, you should not store keys in this mode
#endif
#ifdef STORE_SOFT_SERIAL
#error Disable STORE_SOFT_SERIAL, you should not store serial in this mode
#endif
#ifdef STORE_AES_KEY
#error Disable STORE_AES_KEY, you should not store keys in this mode
#endif
#ifndef MY_SIGNING_SOFT_RANDOMSEED_PIN
#error You have to set MY_SIGNING_SOFT_RANDOMSEED_PIN to a suitable value in this mode
#endif
#if defined(GENERATE_KEYS_ATSHA204A) ||\
		defined (PERSONALIZE_ATSHA204A) ||\
		defined (PERSONALIZE_SOFT) ||\
		defined (PERSONALIZE_SOFT_RANDOM_SERIAL)
#error You can not enable GENERATE_KEYS_SOFT together with other guided modes
#endif
#endif // GENERATE_KEYS_SOFT
#ifdef PERSONALIZE_ATSHA204A
#ifdef USE_SOFT_SIGNING
#error You cannot select soft signing if you want to personalize an ATSHA204A
#endif
#if defined(GENERATE_KEYS_ATSHA204A) ||\
		defined (GENERATE_KEYS_SOFT) ||\
		defined (PERSONALIZE_SOFT) ||\
		defined (PERSONALIZE_SOFT_RANDOM_SERIAL)
#error You can not enable PERSONALIZE_ATSHA204A together with other guided modes
#endif
#ifdef RESET_EEPROM_PERSONALIZATION
#error You cannot reset EEPROM personalization when personalizing a device
#endif
#endif // PERSONALIZE_ATSHA204A
#ifdef PERSONALIZE_SOFT
#if defined(GENERATE_KEYS_ATSHA204A) ||\
		defined (GENERATE_KEYS_SOFT) ||\
		defined (PERSONALIZE_ATSHA204A)
#error You can not enable PERSONALIZE_SOFT together with other guided modes
#endif
#ifdef RESET_EEPROM_PERSONALIZATION
#error You cannot reset EEPROM personalization when personalizing a device
#endif
#endif // PERSONALIZE_SOFT
#ifdef PERSONALIZE_SOFT_RANDOM_SERIAL
#if defined(GENERATE_KEYS_SOFT) ||\
		defined (PERSONALIZE_ATSHA204A) ||\
		defined (GENERATE_KEYS_ATSHA204A)
#error You can only enable one of the guided modes at a time
#endif
#ifdef RESET_EEPROM_PERSONALIZATION
#error You cannot reset EEPROM personalization when personalizing a device
#endif
#endif // PERSONALIZE_SOFT_RANDOM_SERIAL

#if !defined(GENERATE_KEYS_ATSHA204A) &&\
		!defined(GENERATE_KEYS_SOFT) &&\
		!defined(PERSONALIZE_ATSHA204A) &&\
		!defined(PERSONALIZE_SOFT) &&\
		!defined(PERSONALIZE_SOFT_RANDOM_SERIAL) &&\
		!defined(USE_SOFT_SIGNING) &&\
		!defined(LOCK_ATSHA204A_CONFIGURATION) &&\
		!defined(SKIP_UART_CONFIRMATION) &&\
		!defined(GENERATE_HMAC_KEY) &&\
		!defined(STORE_HMAC_KEY) &&\
		!defined(GENERATE_SOFT_SERIAL) &&\
		!defined(STORE_SOFT_SERIAL) &&\
		!defined(GENERATE_AES_KEY) &&\
		!defined(STORE_AES_KEY) &&\
		!defined(PRINT_DETAILED_ATSHA204A_CONFIG) &&\
		!defined(RESET_EEPROM_PERSONALIZATION)
/** @brief Set when there are no config flags defined */
#define NO_SETTINGS_DEFINED
#endif

#if defined(GENERATE_KEYS_ATSHA204A) ||\
		defined(GENERATE_KEYS_SOFT) ||\
		defined(PERSONALIZE_ATSHA204A) ||\
		defined(PERSONALIZE_SOFT) ||\
		defined(PERSONALIZE_SOFT_RANDOM_SERIAL)
/** @brief Set when there is a guided mode flag defined */
#define GUIDED_MODE
#endif

/************************************* Function declarations ***************************************/
static void halt(bool success);
#ifdef GENERATE_SOMETHING
static bool generate_random_data(uint8_t* data, size_t sz);
#endif
static void generate_keys(void);
static void store_keys(void);
static void print_hex_buffer(uint8_t* data, size_t sz);
static void print_c_friendly_hex_buffer(uint8_t* data, size_t sz);
#ifdef STORE_HMAC_KEY
static bool store_hmac_key_data(uint8_t* data, size_t sz);
#endif
#ifdef STORE_AES_KEY
static bool store_aes_key_data(uint8_t* data, size_t sz);
#endif
#ifdef STORE_SOFT_SERIAL
static bool store_soft_serial_data(uint8_t* data, size_t sz);
#endif
#ifndef USE_SOFT_SIGNING
static void init_atsha204a_state(void);
#ifdef LOCK_ATSHA204A_CONFIGURATION
static void	lock_atsha204a_config(void);
static uint16_t write_atsha204a_config_and_get_crc(void);
#endif
static bool get_atsha204a_serial(uint8_t* data);
#ifdef STORE_HMAC_KEY
static bool write_atsha204a_key(uint8_t* key);
#endif
#endif // not USE_SOFT_SIGNING
static void print_greeting(void);
static void print_ending(void);
static void	probe_and_print_peripherals(void);
static void print_eeprom_data(void);
static void print_whitelisting_entry(void);
#ifdef PRINT_DETAILED_ATSHA204A_CONFIG
static void dump_detailed_atsha204a_configuration(void);
#endif
#ifdef RESET_EEPROM_PERSONALIZATION
static void reset_eeprom(void);
#endif
static void write_eeprom_checksum(void);

/**************************************** File local data *****************************************/
#if defined(GENERATE_HMAC_KEY) || defined(STORE_HMAC_KEY)
/** @brief The data to store as HAMC key in ATSHA204A or EEPROM */
static uint8_t user_hmac_key[32] = {MY_HMAC_KEY};
#endif

#if defined(GENERATE_SOFT_SERIAL) || defined(STORE_SOFT_SERIAL)
/** @brief The data to store as soft serial in EEPROM */
static uint8_t user_soft_serial[9] = {MY_SOFT_SERIAL};
#endif

#if defined(GENERATE_AES_KEY) || defined(STORE_AES_KEY)
/* @brief The data to store as AES key in EEPROM */
static uint8_t user_aes_key[16] = {MY_AES_KEY};
#endif

#ifndef USE_SOFT_SIGNING
const int sha204Pin = MY_SIGNING_ATSHA204_PIN; //!< The IO pin to use for ATSHA204A
atsha204Class sha204(sha204Pin);
static uint8_t tx_buffer[SHA204_CMD_SIZE_MAX];
static uint8_t rx_buffer[SHA204_RSP_SIZE_MAX];
static uint8_t ret_code;
static uint8_t lockConfig = 0;
static uint8_t lockValue = 0;
#endif
static bool has_device_unique_id = false;
static const uint8_t reset_buffer[32] = {
	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
};

/******************************************* Functions ********************************************/

void presentation() {
  sendSketchInfo("Secure Startup","1.0");
}

/** @brief Sketch setup code (all personalization is done here as it is a run-once sketch) */
void setup()
{
	// Delay startup a bit for serial consoles to catch up
	uint32_t enter = hwMillis();
	while (hwMillis() - enter < (uint32_t)500);
#ifdef USE_SOFT_SIGNING
	// initialize pseudo-RNG
	hwRandomNumberInit();
#endif

	while(!Serial); // For USB enabled devices, wait for USB enumeration before continuing

	print_greeting();

#ifndef USE_SOFT_SIGNING
	init_atsha204a_state();
	// Lock configuration now if requested to enable RNG in ATSHA
#ifdef LOCK_ATSHA204A_CONFIGURATION
	lock_atsha204a_config();
#endif
#endif
	// Generate the requested keys (if any)
	generate_keys();

#ifdef RESET_EEPROM_PERSONALIZATION
	// If requested, reset EEPROM before storing keys
	reset_eeprom();
#endif

	// Store the keys (if configured to do so)
	store_keys();

	// Write a checksum on the EEPROM data
	write_eeprom_checksum();

	// Print current EEPROM
	print_eeprom_data();
	print_whitelisting_entry();
	Serial.println();

	print_ending();
	halt(true);
}

/** @brief Sketch execution code (unused) */
void loop()
{
  
}

[had to make it shorter, but I didn't change anything below here]

node serial monitor:

+------------------------------------------------------------------------------------+
|                                  WHAT TO DO NEXT?                                  |
+------------------------------------------------------------------------------------+
| This device has now been personalized. Run this sketch with its current settings   |
| on all the devices in your network that have security enabled.                     |
+------------------------------------------------------------------------------------+

+------------------------------------------------------------------------------------+
|                                  Execution result                                  |
+------------------------------------------------------------------------------------+
| SUCCESS                                                                            |
+------------------------------------------------------------------------------------+

ohh sorry, I was not completely clear: I will use RFM96 with DualOptiboot bootloader. I can upload the SecurityPersonalizer followed by the correct sketch. But it takes some effort, as I need to connect ISP/FTDI. Therefore I thought about compiling a hex file with DualOptibootloader, Personalizer sketch with running MySensors (not only core) and #define MY_OTA_FIRMWARE_FEATURE

Hey there,

I am about to deploy a few different types of nodes around my new house (temp, movement, rollershutter,...). As I have them on PCBs, they do not have easy USB connectivity.
I want to have them all signing enabled, maybe also hardware encryption of the rfm96. And I want them to be OTA programmable, as some of them will be behind walls (rollershutter nodes) or are otherwise hard to reach (ceiling in stairway).
Is it possible to modify the SecurityPersonalizer Sketch from the examples to be able to write the keys to the eeprom (or atsha) and boot up mysensors to be able to programm them over the air? Has anyone done this before?
This way I could simply burn a hex file with the bootloader and the initial sketch to all of them. Later I could install and start them one by one and change their sketches to the appropriate one for their purpose.

Thanks in advance,
Anduril

thanks a lot

Hey there,

I am building a node that can display some information on a connected DMD. As I want to build at least two of them I wanted to have a simple way to identify them. I thought of a way to make them show their own ID. Is it possible to read this during programm operation with let's say intID=node.ID()?

Regards,
Anduril

For this special application I use MyController. In the controller the string is displayed correctly, but in the serial monitor of the node I only see this distorted version (But sending them by sketch works, so it's not a problem of the serial monitor in general).
I will ask at the MyController forum, maybe the dev can help.

Hey there,

I'm building a Display where I want to show some information. As I live in germany, some of the strings I want to display contain the special characters ä, ö or ü (and maybe ß) Is there a way of sending them without bigger problems? In normal transmission I receive M⸮ller when sending Müller