Navigation

    • Register
    • Login
    • OpenHardware.io
    • Categories
    • Recent
    • Tags
    • Popular
    1. Home
    2. macvictor
    • Profile
    • Following
    • Followers
    • Topics
    • Posts
    • Best
    • Groups

    macvictor

    @macvictor

    4
    Reputation
    8
    Posts
    406
    Profile views
    0
    Followers
    0
    Following
    Joined Last Online

    macvictor Follow

    Best posts made by macvictor

    • RE: 💬 Building a Raspberry Pi Gateway

      @gohan edit configure file and add this code:

      --my-mqtt-user=*)
          CPPFLAGS="-DMY_MQTT_USER=\\\"${optarg}\\\" $CPPFLAGS"
          ;;
      --my-mqtt-password=*)
          CPPFLAGS="-DMY_MQTT_PASSWORD=\\\"${optarg}\\\" $CPPFLAGS"
          ;;
      

      after this code:

      --my-signing-request-gw-signatures-from-all*)
              signing_request_signatures=true
              CPPFLAGS="-DMY_SIGNING_GW_REQUEST_SIGNATURES_FROM_ALL $CPPFLAGS"
              ;;
      

      this is about 408 number line and use flag --my-mqtt-password and --my-mqtt-client-id when you run configure, thats all. 😃

      posted in Announcements
      macvictor
      macvictor
    • RE: 💬 Building a Raspberry Pi Gateway

      @marceloaqno Thanks for help 👍 This was my problem 😀

      posted in Announcements
      macvictor
      macvictor
    • RE: 💬 Building a Raspberry Pi Gateway

      @Teknor I use RPI III as GW and all node connect with gw used nRF24L01. My CPU now usage 5-10%, but I installed "Home Assistance" + homebridge + some plugins.

      posted in Announcements
      macvictor
      macvictor

    Latest posts made by macvictor

    • RE: 💬 Building a Raspberry Pi Gateway

      @Teknor I use RPI III as GW and all node connect with gw used nRF24L01. My CPU now usage 5-10%, but I installed "Home Assistance" + homebridge + some plugins.

      posted in Announcements
      macvictor
      macvictor
    • RE: 💬 Building a Raspberry Pi Gateway

      @gohan edit configure file and add this code:

      --my-mqtt-user=*)
          CPPFLAGS="-DMY_MQTT_USER=\\\"${optarg}\\\" $CPPFLAGS"
          ;;
      --my-mqtt-password=*)
          CPPFLAGS="-DMY_MQTT_PASSWORD=\\\"${optarg}\\\" $CPPFLAGS"
          ;;
      

      after this code:

      --my-signing-request-gw-signatures-from-all*)
              signing_request_signatures=true
              CPPFLAGS="-DMY_SIGNING_GW_REQUEST_SIGNATURES_FROM_ALL $CPPFLAGS"
              ;;
      

      this is about 408 number line and use flag --my-mqtt-password and --my-mqtt-client-id when you run configure, thats all. 😃

      posted in Announcements
      macvictor
      macvictor
    • RE: 💬 Building a Raspberry Pi Gateway

      @marceloaqno Thanks for help 👍 This was my problem 😀

      posted in Announcements
      macvictor
      macvictor
    • RE: 💬 Building a Raspberry Pi Gateway

      @marceloaqno Thank's for you help. I have other question.. general I try configure my gateway to work with security & signing, but they doesn't work. Where is problem? On the bottom i send point what it do it:

      Gateway:

      1. ./configure --my-gateway=mqtt --my-controller-ip-address=127.0.0.1 --my-mqtt-publish-topic-prefix=mysensors-out --my-mqtt-subscribe-topic-prefix=mysensors-in --my-mqtt-client-id=mygateway1 --my-mqtt-password=PASS --my-mqtt-user=USER --my-rf24-encryption-enabled --my-signing=software --my-signing-request-signatures --my-signing-request-gw-signatures-from-all
      2. make
      3. sudo make install
      4. sudo systemctl enable mysgw.service
      5. sudo systemctl start mysgw.service
      6. sudo mysgw --gen-soft-hmac-key
      7. sudo mysgw --set-soft-hmac-key=02417628BC1573CC380...
      8. sudo mysgw --gen-soft-serial-key
      9. sudo mysgw --set-soft-serial-key=00762CD152B868F7EB
      10. sudo mysgw --gen-aes-key
      11. sudo mysgw --set-aes-key= A790AD78B2D8B4DBBB5B2C4B9DD6DAF3

      Node:

      1. Load script SecurityPersonalizer.ino
      2. Uncomment and send sketch to arduino
      #define USE_SOFT_SIGNING
      #define STORE_SOFT_KEY
      #define USER_SOFT_KEY
      #define STORE_SOFT_SERIAL
      #define STORE_AES_KEY
      #define USER_AES_KEY
      
      #define MY_SOFT_HMAC_KEY 0X2,0X41,0X76,0X28,0XBC,0X15,0X73,0XCC,0X38...
      #define MY_AES_KEY 0XA7,0X90,0XAD,0X78,0XB2,0XD8...
      
      1. Read all value from EPROM (test save):
      Personalization sketch for MySensors usage.
      -------------------------------------------
      EEPROM configuration:
      SOFT_HMAC_KEY | 02417628BC1573CC380DE0FADF7C87D7D3C77272A783E6E438786A07C3A8C6CF
      SOFT_SERIAL   | 39BB1370C289643251
      AES_KEY       | A790AD78B2D8B4DBBB5B2C4B9DD6DAF3
      --------------------------------
      Personalization is now complete.
      
      1. Send sample sketch to arduino:
      //!< Enable debug prints to serial monitor
      #define MY_DEBUG
      //!< Enable signing related debug prints to serial monitor
      #define MY_DEBUG_VERBOSE_SIGNING
      // Enable NRF24L01 radio type
      #define MY_RADIO_NRF24
      
      // Select soft signing
      #define MY_SIGNING_SOFT
      
      // Enable lockdown of node if suspicious activity is detected
      //-->> #define MY_NODE_LOCK_FEATURE
      
      // Enable node whitelisting
      //#define MY_SIGNING_NODE_WHITELISTING {{.nodeId = GATEWAY_ADDRESS,.serial = {0x09,0x08,0x07,0x06,0x05,0x04,0x03,0x02,0x01}}}
      
      // Enable this if you want destination node to sign all messages sent to this node.
      #define MY_SIGNING_REQUEST_SIGNATURES
      
      // SETTINGS FOR MY_SIGNING_SOFT
      #define MY_SIGNING_SOFT_RANDOMSEED_PIN 7 //!< Unconnected analog pin for random seed
      
      // Add repeater function to this sensor
      #define MY_REPEATER_FEATURE
      
      
      #include <SPI.h>
      #include <MySensors.h>
      #include <Bounce2.h>
      
      #define RELAY_PIN  4    // Arduino Digital I/O pin number for relay 
      #define BUTTON_PIN  3   // Arduino Digital I/O pin number for button 
      #define CHILD_ID 1      // Id of the sensor child
      #define RELAY_ON 1
      #define RELAY_OFF 0
      
      Bounce debouncer = Bounce();
      int oldValue = 0;
      bool state;
      
      MyMessage msg(CHILD_ID, V_LIGHT);
      
      void setup()
      {
        // Setup the button
        pinMode(BUTTON_PIN, INPUT);
        // Activate internal pull-up
        digitalWrite(BUTTON_PIN, HIGH);
      
        // After setting up the button, setup debouncer
        debouncer.attach(BUTTON_PIN);
        debouncer.interval(5);
      
        // Make sure relays are off when starting up
        digitalWrite(RELAY_PIN, RELAY_OFF);
        // Then set relay pins in output mode
        pinMode(RELAY_PIN, OUTPUT);
      
        // Set relay to last known state (using eeprom storage)
        state = loadState(CHILD_ID);
        digitalWrite(RELAY_PIN, state ? RELAY_ON : RELAY_OFF);
      }
      
      void presentation()  {
        // Send the sketch version information to the gateway and Controller
        sendSketchInfo("Relay & Button", "1.0");
        
        // Register all sensors to gw (they will be created as child devices)
        present(CHILD_ID, S_LIGHT, "Switch Secure Sensor", false);
      }
      
      /*
         Example on how to asynchronously check for new messages from gw
      */
      void loop()
      {
        debouncer.update();
        // Get the update value
        int value = debouncer.read();
      //  if (value != oldValue && value == 0) {
          send(msg.set(state ? false : true), true); // Send new state and request ack back
      //  }
      //  oldValue = value;
        delay(5000);
      }
      
      void receive(const MyMessage &message) {
        // We only expect one type of message from controller. But we better check anyway.
        if (message.isAck()) {
          Serial.println("This is an ack from gateway");
        }
      
        if (message.type == V_LIGHT) {
          // Change relay state
          state = message.getBool();
          digitalWrite(RELAY_PIN, state ? RELAY_ON : RELAY_OFF);
          // Store state in eeprom
          // saveState(CHILD_ID, state);
      
          // Write some debug info
          Serial.print("Incoming change for sensor:");
          Serial.print(message.sensor);
          Serial.print(", New status: ");
          Serial.println(message.getBool());
        }
      }
      

      And finally in Arduino Serial Monitor I see:

      0 MCO:BGN:INIT REPEATER,CP=RNNRAS-,VER=2.1.1
      4 TSM:INIT
      5 TSF:WUR:MS=0
      11 TSM:INIT:TSP OK
      13 TSF:SID:OK,ID=105
      15 TSM:FPAR
      16 Will not sign message for destination 255 as it does not require it
      58 TSF:MSG:SEND,105-105-255-255,s=255,c=3,t=7,pt=0,l=0,sg=0,ft=0,st=OK:
      2065 !TSM:FPAR:NO REPLY
      2067 TSM:FPAR
      2068 Will not sign message for destination 255 as it does not require it
      2110 TSF:MSG:SEND,105-105-255-255,s=255,c=3,t=7,pt=0,l=0,sg=0,ft=0,st=OK:
      4117 !TSM:FPAR:NO REPLY
      4119 TSM:FPAR
      4120 Will not sign message for destination 255 as it does not require it
      4162 TSF:MSG:SEND,105-105-255-255,s=255,c=3,t=7,pt=0,l=0,sg=0,ft=0,st=OK:
      6169 !TSM:FPAR:NO REPLY
      6171 TSM:FPAR
      6172 Will not sign message for destination 255 as it does not require it
      6214 TSF:MSG:SEND,105-105-255-255,s=255,c=3,t=7,pt=0,l=0,sg=0,ft=0,st=OK:
      8221 !TSM:FPAR:FAIL
      8222 TSM:FAIL:CNT=1
      8224 TSM:FAIL:PDT
      

      and in gateway i see:

      sudo mysgw -d
      mysgw: Starting gateway...
      mysgw: Protocol version - 2.1.1
      mysgw: MCO:BGN:INIT GW,CP=RNNG-S-,VER=2.1.1
      mysgw: TSF:LRT:OK
      mysgw: TSM:INIT
      mysgw: TSF:WUR:MS=0
      mysgw: TSM:INIT:TSP OK
      mysgw: TSM:INIT:GW MODE
      mysgw: TSM:READY:ID=0,PAR=0,DIS=0
      mysgw: MCO:REG:NOT NEEDED
      mysgw: MCO:BGN:STP
      mysgw: MCO:BGN:INIT OK,TSP=1
      mysgw: Attempting MQTT connection...
      mysgw: connected to 127.0.0.1
      mysgw: MQTT connected
      mysgw: Sending message on topic: mysensors-out/0/255/0/0/18
      mysgw: TSF:MSG:READ,171-107-54,s=221,c=2,t=131,pt=4,l=25,sg=0:-1418183441
      mysgw: !TSF:MSG:PVER,3=2
      mysgw: TSF:MSG:READ,135-23-172,s=20,c=3,t=200,pt=7,l=25,sg=0:-0.00000178
      mysgw: !TSF:MSG:PVER,1=2
      mysgw: TSF:MSG:READ,34-66-89,s=168,c=1,t=9,pt=1,l=25,sg=0:56
      mysgw: !TSF:MSG:PVER,1=2
      mysgw: TSF:MSG:READ,223-46-240,s=112,c=5,t=192,pt=5,l=11,sg=1:1407647670
      mysgw: TSF:MSG:REL MSG
      mysgw: !TSF:RTE:240 UNKNOWN
      mysgw: !TSF:MSG:SEND,223-0-240-240,s=112,c=5,t=192,pt=5,l=11,sg=1,ft=0,st=NACK:1407647670
      mysgw: TSF:MSG:READ,183-139-129,s=37,c=6,t=155,pt=1,l=21,sg=0:48
      mysgw: !TSF:MSG:PVER,0=2
      mysgw: TSF:MSG:READ,139-214-233,s=61,c=3,t=193,pt=7,l=0,sg=1:0.00000000
      mysgw: TSF:MSG:REL MSG
      mysgw: !TSF:RTE:233 UNKNOWN
      mysgw: !TSF:MSG:SEND,139-0-233-233,s=61,c=3,t=193,pt=7,l=0,sg=1,ft=0,st=NACK:0.00000000
      mysgw: TSF:MSG:READ,83-33-7,s=179,c=2,t=27,pt=4,l=25,sg=1:-2057270722
      mysgw: !TSF:MSG:PVER,3=2
      mysgw: TSF:MSG:READ,110-148-67,s=113,c=0,t=158,pt=1,l=9,sg=1:251
      mysgw: !TSF:MSG:PVER,1=2
      mysgw: TSF:MSG:READ,75-209-102,s=204,c=7,t=25,pt=1,l=11,sg=1:52
      mysgw: !TSF:MSG:PVER,0=2
      mysgw: TSF:MSG:READ,184-209-235,s=58,c=1,t=140,pt=6,l=23,sg=1:1DC404A5401119FACF0000000000000000000000000000
      mysgw: !TSF:MSG:PVER,3=2
      mysgw: TSF:MSG:READ,172-203-51,s=140,c=2,t=173,pt=0,l=1,sg=1:?
      mysgw: TSF:MSG:REL MSG
      mysgw: !TSF:RTE:51 UNKNOWN
      mysgw: !TSF:MSG:SEND,172-0-51-51,s=140,c=2,t=173,pt=0,l=1,sg=1,ft=0,st=NACK:?
      

      Where is problem?

      posted in Announcements
      macvictor
      macvictor
    • RE: 💬 Building a Raspberry Pi Gateway

      Hi 🙂 Does anybody know how to use MY_SIGNING_NODE_WHITELISTING in gateway raspbery pi? Where I must create/edit white list with my nodes?

      posted in Announcements
      macvictor
      macvictor
    • RE: 💬 Security & Signing

      @Anticimex Ok. I read again this text. I have next question..

      1. I generated SOFT_HMAC_KEY, SOFT_SERIAL, AES_KEY in my gateway, so when I run SecurityPersonalizer.ino i must save this value from gw in MY_SOFT_HMAC_KEY, MY_SOFT_SERIAL, MY_AES_KEY or generate other value and save? Probably AES must by the same.. MY_SOFT_SERIAL is 'serial' in WHITELISTING so i think this must by different in node and gateway, and what with HMAC? I think that the HMAC must be the same..
      2. I looked for information where save whitelist in gw but i didn't found.. can you help my find solution?
      3. If I use for example 2 nodes-relays, 2 nodes-temperature and gateway. All relays communicate only with gateway but all are repeater. All node-temperature sensor connect with relay, so in nodes-relay in white list i must add temperature serial and gw serial. In temperature I does't add white list, in gateway I add relay and temperature nodes serial. That is all?

      PS. Thank you for you help 🙂

      posted in Announcements
      macvictor
      macvictor
    • RE: 💬 Security & Signing

      @Anticimex I read all text and I understand that I have add forth line to all my sensors.:
      #define MY_SIGNING_SOFT
      #define MY_SIGNING_SOFT_RANDOMSEED_PIN 7
      #define MY_SIGNING_REQUEST_SIGNATURES
      #define MY_SIGNING_NODE_WHITELISTING {{.nodeId = MOTION_SENSOR_ID,.serial = {0x12,0x34,0x56,0x78,0x90,0x12,0x34,0x56,0x78}}}

      In my gateway i must use this comand:
      ./configure --my-gateway=mqtt --my-controller-ip-address=127.0.0.1 --my-mqtt-publish-topic-prefix=mysensors-out --my-mqtt-subscribe-topic-prefix=mysensors-in --my-mqtt-client-id=mygateway1 --my-signing=software --my-signing-debug --my-signing-request-gw-signatures-from-all --my-mqtt-password=PASSWORD --my-mqtt-user=USER

      1. but I do not understand wher I create white list in gateway?
      2. how create serial for my mensors (eg. {0x12,0x34,0x56,0x78,0x90,0x12,0x34,0x56,0x78})?
      3. how to check if everything is working?
      4. how to use HMAC (how to create in my sensor, where save)?
      posted in Announcements
      macvictor
      macvictor
    • RE: 💬 Security & Signing

      Hi everybody 🙂
      Where I find information step by step how to run signing/security with one sensor and raspbery pi gateway and use mqtt (software signing without chip ATSHA)? I try understand this post, but I have problem.. I test example code but always my gw get normal information..

      posted in Announcements
      macvictor
      macvictor