MySensors Library & Examples  2.3.1
Macros
+ Collaboration diagram for Signing:

Detailed Description

These options control signing related configurations.

See also
Message signing

Macros

#define MY_DEBUG_VERBOSE_SIGNING
 Define this for verbose debug prints related to signing.
 
#define MY_SIGNING_SIMPLE_PASSWD
 Enables SW backed signing functionality in library and uses provided password as key. More...
 
#define MY_SIGNING_ATSHA204
 Enables HW backed signing functionality in library.
 
#define MY_SIGNING_SOFT
 Enables SW backed signing functionality in library.
 
#define MY_SIGNING_REQUEST_SIGNATURES
 Enable this to inform gateway to sign all messages sent to this node. More...
 
#define MY_SIGNING_WEAK_SECURITY
 Enable this to permit downgrade of security preferences and relaxed gateway signing requirements. More...
 
#define MY_VERIFICATION_TIMEOUT_MS   (5*1000ul)
 Define a suitable timeout for a signature verification session. More...
 
#define MY_SIGNING_NODE_WHITELISTING
 Define to turn on whitelisting. More...
 
#define MY_SIGNING_ATSHA204_PIN   (17)
 Atsha204a default pin setting. Set it to match the pin the device is attached to.
 
#define MY_SIGNING_SOFT_RANDOMSEED_PIN   (7)
 Pin used for random seed generation in soft signing. More...
 
#define MY_LOCK_DEVICE
 Enable read back protection. More...
 

Macro Definition Documentation

#define MY_LOCK_DEVICE

Enable read back protection.

Enable read back protection feature. Currently only supported by NRF51+NRF52. Use this flag to protect signing and encryption keys stored in the MCU.

Set this flag, when you use softsigning in MySensors. Don't set this in SecurityPersonalizer.

Warning
YOU CAN BRICK YOUR DEVICE!!! Don't set this flag without having an boot loader, OTA firmware update and an Gateway connection. To reset an device, you can try >> openocd -f interface/cmsis-dap.cfg -f target/nrf52.cfg -c "program dap apreg 1 0x04 0x01"
#define MY_SIGNING_NODE_WHITELISTING

Define to turn on whitelisting.

When defined, a verifying node will look up the sender in the whitelist and salt the received signature with that information before validating the result. It will also inform GW (or other node) through the signing presentation message about this requirement.

The signing node will check the presentaiton lists to determine if the recipient require whitelisting and salt the signature with it's unique signature and nodeId before transmitting the signed message.

It is legal to only have one node with a whitelist for this reason but it is not required.

Example:

1 #define MY_SIGNING_NODE_WHITELISTING {{.nodeId = GATEWAY_ADDRESS,.serial = {0x09,0x08,0x07,0x06,0x05,0x04,0x03,0x02,0x01}}}
#define MY_SIGNING_REQUEST_SIGNATURES

Enable this to inform gateway to sign all messages sent to this node.

If used for a gateway, gateway will by default require signatures from ALL nodes. This behavior can be disabled by weakening security.

See also
MY_SIGNING_WEAK_SECURITY
#define MY_SIGNING_SIMPLE_PASSWD

Enables SW backed signing functionality in library and uses provided password as key.

This flag is automatically set if MY_SECURITY_SIMPLE_PASSWD is used.

This flag will enable signing and signature requests. It has to be identical on ALL nodes in the network.

Whitelisting is supported and serial will be the first 8 characters of the password, the ninth character will be the node ID (to make each node have a unique serial).

As with the regular signing modes, whitelisting is only activated if a whitelist is specified in the sketch.

No personalization is required for this mode.

It is allowed to set MY_SIGNING_WEAK_SECURITY for deployment purposes in this mode as it is with the regular software and ATSHA204A based modes.

If the provided password is shorter than the size of the HMAC key, it will be null-padded to accommodate the key size in question. A 32 character password is the maximum length. Any password longer than that will be truncated.

Example:

1 #define MY_SIGNING_SIMPLE_PASSWD "MyInsecurePassword"
See also
MY_SECURITY_SIMPLE_PASSWD
#define MY_SIGNING_SOFT_RANDOMSEED_PIN   (7)

Pin used for random seed generation in soft signing.

Note
Do not connect anything to this when soft signing is enabled, or the seed will be predictable.
#define MY_SIGNING_WEAK_SECURITY

Enable this to permit downgrade of security preferences and relaxed gateway signing requirements.

Use this for evaluating security. It allows for gradual introduction of signing requirements in a network. Nodes that present themselves as not requiring signing or whitelisting will be cleared of this requirement at the receiving end. A gateway which require signatures will only do so from nodes that in turn require signatures.

When not set, any node that has presented themselves as a node that require signatures or whitelisting, will be permanently remembered as doing so at the receiver until EEPROM is cleared or the receiver is reconfigured with this flag set or has signing disabled alltogether.

Warning
This flag when set will weaken security significantly
#define MY_VERIFICATION_TIMEOUT_MS   (5*1000ul)

Define a suitable timeout for a signature verification session.

Consider the turnaround from a nonce being generated to a signed message being received which might vary, especially in networks with many hops.

Shorter time gives less time for an attacker to figure a way to hijack the nonce and attempt to brute force attack the node. Longer time permits more network hops and node or GW processing time. 5s ought to be enough for anyone.