 |
MySensors Library & Examples
2.3.2
|
|
MySensors Library & Examples
2.3.2
|
Collaboration diagram for Signing:These options control signing related configurations.
Macros | |
| #define | MY_DEBUG_VERBOSE_SIGNING |
| Define this for verbose debug prints related to signing. | |
| #define | MY_SIGNING_SIMPLE_PASSWD |
| Enables SW backed signing functionality in library and uses provided password as key. More... | |
| #define | MY_SIGNING_ATSHA204 |
| Enables HW backed signing functionality in library. | |
| #define | MY_SIGNING_SOFT |
| Enables SW backed signing functionality in library. | |
| #define | MY_SIGNING_REQUEST_SIGNATURES |
| Enable this to inform gateway to sign all messages sent to this node. More... | |
| #define | MY_SIGNING_WEAK_SECURITY |
| Enable this to permit downgrade of security preferences and relaxed gateway signing requirements. More... | |
| #define | MY_VERIFICATION_TIMEOUT_MS (5*1000ul) |
| Define a suitable timeout for a signature verification session. More... | |
| #define | MY_SIGNING_NODE_WHITELISTING |
| Define to turn on whitelisting. More... | |
| #define | MY_SIGNING_ATSHA204_PIN (17) |
| Atsha204a default pin setting. Set it to match the pin the device is attached to. | |
| #define | MY_SIGNING_SOFT_RANDOMSEED_PIN (7) |
| Pin used for random seed generation in soft signing. More... | |
| #define | MY_LOCK_DEVICE |
| Enable read back protection. More... | |
| #define MY_LOCK_DEVICE |
Enable read back protection.
Enable read back protection feature. Currently only supported by NRF51+NRF52. Use this flag to protect signing and encryption keys stored in the MCU.
Set this flag, when you use softsigning in MySensors. Don't set this in SecurityPersonalizer.
Definition at line 2271 of file MyConfig.h.
| #define MY_SIGNING_NODE_WHITELISTING |
Define to turn on whitelisting.
When defined, a verifying node will look up the sender in the whitelist and salt the received signature with that information before validating the result. It will also inform GW (or other node) through the signing presentation message about this requirement.
The signing node will check the presentaiton lists to determine if the recipient require whitelisting and salt the signature with it's unique signature and nodeId before transmitting the signed message.
It is legal to only have one node with a whitelist for this reason but it is not required.
Example:
Definition at line 2317 of file MyConfig.h.
| #define MY_SIGNING_REQUEST_SIGNATURES |
Enable this to inform gateway to sign all messages sent to this node.
If used for a gateway, gateway will by default require signatures from ALL nodes. This behavior can be disabled by weakening security.
Definition at line 2315 of file MyConfig.h.
| #define MY_SIGNING_SIMPLE_PASSWD |
Enables SW backed signing functionality in library and uses provided password as key.
This flag is automatically set if MY_SECURITY_SIMPLE_PASSWD is used.
This flag will enable signing and signature requests. It has to be identical on ALL nodes in the network.
Whitelisting is supported and serial will be the first 8 characters of the password, the ninth character will be the node ID (to make each node have a unique serial).
As with the regular signing modes, whitelisting is only activated if a whitelist is specified in the sketch.
No personalization is required for this mode.
It is allowed to set MY_SIGNING_WEAK_SECURITY for deployment purposes in this mode as it is with the regular software and ATSHA204A based modes.
If the provided password is shorter than the size of the HMAC key, it will be null-padded to accommodate the key size in question. A 32 character password is the maximum length. Any password longer than that will be truncated.
Example:
Definition at line 2311 of file MyConfig.h.
| #define MY_SIGNING_SOFT_RANDOMSEED_PIN (7) |
Pin used for random seed generation in soft signing.
Definition at line 1853 of file MyConfig.h.
| #define MY_SIGNING_WEAK_SECURITY |
Enable this to permit downgrade of security preferences and relaxed gateway signing requirements.
Use this for evaluating security. It allows for gradual introduction of signing requirements in a network. Nodes that present themselves as not requiring signing or whitelisting will be cleared of this requirement at the receiving end. A gateway which require signatures will only do so from nodes that in turn require signatures.
When not set, any node that has presented themselves as a node that require signatures or whitelisting, will be permanently remembered as doing so at the receiver until EEPROM is cleared or the receiver is reconfigured with this flag set or has signing disabled alltogether.
Definition at line 2316 of file MyConfig.h.
| #define MY_VERIFICATION_TIMEOUT_MS (5*1000ul) |
Define a suitable timeout for a signature verification session.
Consider the turnaround from a nonce being generated to a signed message being received which might vary, especially in networks with many hops.
Shorter time gives less time for an attacker to figure a way to hijack the nonce and attempt to brute force attack the node. Longer time permits more network hops and node or GW processing time. 5s ought to be enough for anyone.
Definition at line 1817 of file MyConfig.h.
