@Teknor I use RPI III as GW and all node connect with gw used nRF24L01. My CPU now usage 5-10%, but I installed "Home Assistance" + homebridge + some plugins.
Posts made by macvictor
-
RE: 💬 Building a Raspberry Pi Gateway
-
RE: 💬 Building a Raspberry Pi Gateway
@gohan edit configure file and add this code:
--my-mqtt-user=*) CPPFLAGS="-DMY_MQTT_USER=\\\"${optarg}\\\" $CPPFLAGS" ;; --my-mqtt-password=*) CPPFLAGS="-DMY_MQTT_PASSWORD=\\\"${optarg}\\\" $CPPFLAGS" ;;
after this code:
--my-signing-request-gw-signatures-from-all*) signing_request_signatures=true CPPFLAGS="-DMY_SIGNING_GW_REQUEST_SIGNATURES_FROM_ALL $CPPFLAGS" ;;
this is about 408 number line and use flag
--my-mqtt-password
and--my-mqtt-client-id
when you run configure, thats all. -
RE: 💬 Building a Raspberry Pi Gateway
@marceloaqno Thanks for help This was my problem
-
RE: 💬 Building a Raspberry Pi Gateway
@marceloaqno Thank's for you help. I have other question.. general I try configure my gateway to work with security & signing, but they doesn't work. Where is problem? On the bottom i send point what it do it:
Gateway:
./configure --my-gateway=mqtt --my-controller-ip-address=127.0.0.1 --my-mqtt-publish-topic-prefix=mysensors-out --my-mqtt-subscribe-topic-prefix=mysensors-in --my-mqtt-client-id=mygateway1 --my-mqtt-password=PASS --my-mqtt-user=USER --my-rf24-encryption-enabled --my-signing=software --my-signing-request-signatures --my-signing-request-gw-signatures-from-all
make
sudo make install
sudo systemctl enable mysgw.service
sudo systemctl start mysgw.service
sudo mysgw --gen-soft-hmac-key
sudo mysgw --set-soft-hmac-key=02417628BC1573CC380...
sudo mysgw --gen-soft-serial-key
sudo mysgw --set-soft-serial-key=00762CD152B868F7EB
sudo mysgw --gen-aes-key
sudo mysgw --set-aes-key= A790AD78B2D8B4DBBB5B2C4B9DD6DAF3
Node:
- Load script
SecurityPersonalizer.ino
- Uncomment and send sketch to arduino
#define USE_SOFT_SIGNING #define STORE_SOFT_KEY #define USER_SOFT_KEY #define STORE_SOFT_SERIAL #define STORE_AES_KEY #define USER_AES_KEY #define MY_SOFT_HMAC_KEY 0X2,0X41,0X76,0X28,0XBC,0X15,0X73,0XCC,0X38... #define MY_AES_KEY 0XA7,0X90,0XAD,0X78,0XB2,0XD8...
- Read all value from EPROM (test save):
Personalization sketch for MySensors usage. ------------------------------------------- EEPROM configuration: SOFT_HMAC_KEY | 02417628BC1573CC380DE0FADF7C87D7D3C77272A783E6E438786A07C3A8C6CF SOFT_SERIAL | 39BB1370C289643251 AES_KEY | A790AD78B2D8B4DBBB5B2C4B9DD6DAF3 -------------------------------- Personalization is now complete.
- Send sample sketch to arduino:
//!< Enable debug prints to serial monitor #define MY_DEBUG //!< Enable signing related debug prints to serial monitor #define MY_DEBUG_VERBOSE_SIGNING // Enable NRF24L01 radio type #define MY_RADIO_NRF24 // Select soft signing #define MY_SIGNING_SOFT // Enable lockdown of node if suspicious activity is detected //-->> #define MY_NODE_LOCK_FEATURE // Enable node whitelisting //#define MY_SIGNING_NODE_WHITELISTING {{.nodeId = GATEWAY_ADDRESS,.serial = {0x09,0x08,0x07,0x06,0x05,0x04,0x03,0x02,0x01}}} // Enable this if you want destination node to sign all messages sent to this node. #define MY_SIGNING_REQUEST_SIGNATURES // SETTINGS FOR MY_SIGNING_SOFT #define MY_SIGNING_SOFT_RANDOMSEED_PIN 7 //!< Unconnected analog pin for random seed // Add repeater function to this sensor #define MY_REPEATER_FEATURE #include <SPI.h> #include <MySensors.h> #include <Bounce2.h> #define RELAY_PIN 4 // Arduino Digital I/O pin number for relay #define BUTTON_PIN 3 // Arduino Digital I/O pin number for button #define CHILD_ID 1 // Id of the sensor child #define RELAY_ON 1 #define RELAY_OFF 0 Bounce debouncer = Bounce(); int oldValue = 0; bool state; MyMessage msg(CHILD_ID, V_LIGHT); void setup() { // Setup the button pinMode(BUTTON_PIN, INPUT); // Activate internal pull-up digitalWrite(BUTTON_PIN, HIGH); // After setting up the button, setup debouncer debouncer.attach(BUTTON_PIN); debouncer.interval(5); // Make sure relays are off when starting up digitalWrite(RELAY_PIN, RELAY_OFF); // Then set relay pins in output mode pinMode(RELAY_PIN, OUTPUT); // Set relay to last known state (using eeprom storage) state = loadState(CHILD_ID); digitalWrite(RELAY_PIN, state ? RELAY_ON : RELAY_OFF); } void presentation() { // Send the sketch version information to the gateway and Controller sendSketchInfo("Relay & Button", "1.0"); // Register all sensors to gw (they will be created as child devices) present(CHILD_ID, S_LIGHT, "Switch Secure Sensor", false); } /* Example on how to asynchronously check for new messages from gw */ void loop() { debouncer.update(); // Get the update value int value = debouncer.read(); // if (value != oldValue && value == 0) { send(msg.set(state ? false : true), true); // Send new state and request ack back // } // oldValue = value; delay(5000); } void receive(const MyMessage &message) { // We only expect one type of message from controller. But we better check anyway. if (message.isAck()) { Serial.println("This is an ack from gateway"); } if (message.type == V_LIGHT) { // Change relay state state = message.getBool(); digitalWrite(RELAY_PIN, state ? RELAY_ON : RELAY_OFF); // Store state in eeprom // saveState(CHILD_ID, state); // Write some debug info Serial.print("Incoming change for sensor:"); Serial.print(message.sensor); Serial.print(", New status: "); Serial.println(message.getBool()); } }
And finally in Arduino Serial Monitor I see:
0 MCO:BGN:INIT REPEATER,CP=RNNRAS-,VER=2.1.1 4 TSM:INIT 5 TSF:WUR:MS=0 11 TSM:INIT:TSP OK 13 TSF:SID:OK,ID=105 15 TSM:FPAR 16 Will not sign message for destination 255 as it does not require it 58 TSF:MSG:SEND,105-105-255-255,s=255,c=3,t=7,pt=0,l=0,sg=0,ft=0,st=OK: 2065 !TSM:FPAR:NO REPLY 2067 TSM:FPAR 2068 Will not sign message for destination 255 as it does not require it 2110 TSF:MSG:SEND,105-105-255-255,s=255,c=3,t=7,pt=0,l=0,sg=0,ft=0,st=OK: 4117 !TSM:FPAR:NO REPLY 4119 TSM:FPAR 4120 Will not sign message for destination 255 as it does not require it 4162 TSF:MSG:SEND,105-105-255-255,s=255,c=3,t=7,pt=0,l=0,sg=0,ft=0,st=OK: 6169 !TSM:FPAR:NO REPLY 6171 TSM:FPAR 6172 Will not sign message for destination 255 as it does not require it 6214 TSF:MSG:SEND,105-105-255-255,s=255,c=3,t=7,pt=0,l=0,sg=0,ft=0,st=OK: 8221 !TSM:FPAR:FAIL 8222 TSM:FAIL:CNT=1 8224 TSM:FAIL:PDT
and in gateway i see:
sudo mysgw -d mysgw: Starting gateway... mysgw: Protocol version - 2.1.1 mysgw: MCO:BGN:INIT GW,CP=RNNG-S-,VER=2.1.1 mysgw: TSF:LRT:OK mysgw: TSM:INIT mysgw: TSF:WUR:MS=0 mysgw: TSM:INIT:TSP OK mysgw: TSM:INIT:GW MODE mysgw: TSM:READY:ID=0,PAR=0,DIS=0 mysgw: MCO:REG:NOT NEEDED mysgw: MCO:BGN:STP mysgw: MCO:BGN:INIT OK,TSP=1 mysgw: Attempting MQTT connection... mysgw: connected to 127.0.0.1 mysgw: MQTT connected mysgw: Sending message on topic: mysensors-out/0/255/0/0/18 mysgw: TSF:MSG:READ,171-107-54,s=221,c=2,t=131,pt=4,l=25,sg=0:-1418183441 mysgw: !TSF:MSG:PVER,3=2 mysgw: TSF:MSG:READ,135-23-172,s=20,c=3,t=200,pt=7,l=25,sg=0:-0.00000178 mysgw: !TSF:MSG:PVER,1=2 mysgw: TSF:MSG:READ,34-66-89,s=168,c=1,t=9,pt=1,l=25,sg=0:56 mysgw: !TSF:MSG:PVER,1=2 mysgw: TSF:MSG:READ,223-46-240,s=112,c=5,t=192,pt=5,l=11,sg=1:1407647670 mysgw: TSF:MSG:REL MSG mysgw: !TSF:RTE:240 UNKNOWN mysgw: !TSF:MSG:SEND,223-0-240-240,s=112,c=5,t=192,pt=5,l=11,sg=1,ft=0,st=NACK:1407647670 mysgw: TSF:MSG:READ,183-139-129,s=37,c=6,t=155,pt=1,l=21,sg=0:48 mysgw: !TSF:MSG:PVER,0=2 mysgw: TSF:MSG:READ,139-214-233,s=61,c=3,t=193,pt=7,l=0,sg=1:0.00000000 mysgw: TSF:MSG:REL MSG mysgw: !TSF:RTE:233 UNKNOWN mysgw: !TSF:MSG:SEND,139-0-233-233,s=61,c=3,t=193,pt=7,l=0,sg=1,ft=0,st=NACK:0.00000000 mysgw: TSF:MSG:READ,83-33-7,s=179,c=2,t=27,pt=4,l=25,sg=1:-2057270722 mysgw: !TSF:MSG:PVER,3=2 mysgw: TSF:MSG:READ,110-148-67,s=113,c=0,t=158,pt=1,l=9,sg=1:251 mysgw: !TSF:MSG:PVER,1=2 mysgw: TSF:MSG:READ,75-209-102,s=204,c=7,t=25,pt=1,l=11,sg=1:52 mysgw: !TSF:MSG:PVER,0=2 mysgw: TSF:MSG:READ,184-209-235,s=58,c=1,t=140,pt=6,l=23,sg=1:1DC404A5401119FACF0000000000000000000000000000 mysgw: !TSF:MSG:PVER,3=2 mysgw: TSF:MSG:READ,172-203-51,s=140,c=2,t=173,pt=0,l=1,sg=1:? mysgw: TSF:MSG:REL MSG mysgw: !TSF:RTE:51 UNKNOWN mysgw: !TSF:MSG:SEND,172-0-51-51,s=140,c=2,t=173,pt=0,l=1,sg=1,ft=0,st=NACK:?
Where is problem?
-
RE: 💬 Building a Raspberry Pi Gateway
Hi Does anybody know how to use MY_SIGNING_NODE_WHITELISTING in gateway raspbery pi? Where I must create/edit white list with my nodes?
-
RE: 💬 Security & Signing
@Anticimex Ok. I read again this text. I have next question..
- I generated SOFT_HMAC_KEY, SOFT_SERIAL, AES_KEY in my gateway, so when I run SecurityPersonalizer.ino i must save this value from gw in MY_SOFT_HMAC_KEY, MY_SOFT_SERIAL, MY_AES_KEY or generate other value and save? Probably AES must by the same.. MY_SOFT_SERIAL is 'serial' in WHITELISTING so i think this must by different in node and gateway, and what with HMAC? I think that the HMAC must be the same..
- I looked for information where save whitelist in gw but i didn't found.. can you help my find solution?
- If I use for example 2 nodes-relays, 2 nodes-temperature and gateway. All relays communicate only with gateway but all are repeater. All node-temperature sensor connect with relay, so in nodes-relay in white list i must add temperature serial and gw serial. In temperature I does't add white list, in gateway I add relay and temperature nodes serial. That is all?
PS. Thank you for you help
-
RE: 💬 Security & Signing
@Anticimex I read all text and I understand that I have add forth line to all my sensors.:
#define MY_SIGNING_SOFT
#define MY_SIGNING_SOFT_RANDOMSEED_PIN 7
#define MY_SIGNING_REQUEST_SIGNATURES
#define MY_SIGNING_NODE_WHITELISTING {{.nodeId = MOTION_SENSOR_ID,.serial = {0x12,0x34,0x56,0x78,0x90,0x12,0x34,0x56,0x78}}}In my gateway i must use this comand:
./configure --my-gateway=mqtt --my-controller-ip-address=127.0.0.1 --my-mqtt-publish-topic-prefix=mysensors-out --my-mqtt-subscribe-topic-prefix=mysensors-in --my-mqtt-client-id=mygateway1 --my-signing=software --my-signing-debug --my-signing-request-gw-signatures-from-all --my-mqtt-password=PASSWORD --my-mqtt-user=USER- but I do not understand wher I create white list in gateway?
- how create serial for my mensors (eg. {0x12,0x34,0x56,0x78,0x90,0x12,0x34,0x56,0x78})?
- how to check if everything is working?
- how to use HMAC (how to create in my sensor, where save)?
-
RE: 💬 Security & Signing
Hi everybody
Where I find information step by step how to run signing/security with one sensor and raspbery pi gateway and use mqtt (software signing without chip ATSHA)? I try understand this post, but I have problem.. I test example code but always my gw get normal information..