Mirrors/MySensors
2
0
Fork 0
mirror of https://github.com/mysensors/MySensors.git synced 2026-03-19 06:27:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
e39b2be7aff85da586b54525def0753169a6bbf0
MySensors/examples_linux
History
Marcelo Aquino 28c4f3f19e Signing improvements package (#871) 
* Signing support with MAX_PAYLOAD>32

Support in the signing backends to handle configurations
where MAX_PAYLOAD is more than 32 bytes.

Fixes #748

* Support big message signatures

Support for signing messages larger than 32 bytes.
This is not fully testable with the current version of
the library but the change would add theoretical support
for signing any sized messages.

Fixes #749

* Have gw properly indicate whitelisting preferences

If the gateway hold a signing whitelist, inform all
nodes of this requirement and not just nodes that hold
whitelists themselves.

Fixes #806

* Harden security

The flag MY_SIGNING_GW_REQUEST_SIGNATURES_FROM_ALL
has been removed. Gateway will now request signatures
from everyone by default.
In addition to this, no nodes in the network will allow
clearing of signing/whitelisting preferences by OTA
commands by default.
If the old behaviour is needed (suitable for gradual
signing roll out and development purposes) a new flag,
MY_SIGNING_WEAK_SECURITY can be set.

Fixes #807

* Signing debug messages rewritten

All signing related debug has been rewritten to
better match other core debug printouts.
Also, backends are updated to have a smaller
implementation delta.

* Simplified signing option implemented

Enable by MY_SIGNING_SIMPLE_PASSWD. Signing, and signing requirements
will be enabled, as will encryption. Whitelisting is optional.
The value provided to MY_SIGNING_SIMPLE_PASSWD is used as HMAC and AES
key. Whitelists use the first 8 bytes of the password and the ninth
byte from the node ID as serial.
Password is required to be at least 8 characters wide. It is zero
padded if it is not long enough to cover the AES (16 bytes) and HMAC
(32 bytes) keys. It is not recommended to have a password shorter than
32 bytes, and there is no need for a password longer than 32 bytes.

* Add documentation section for signing debug

* Add nRF5 encryption to simple signing option

* Restructure MySigning documentation

* Minor fixes for Linux
2017-05-31 17:13:29 +02:00
..
mysgw.cpp
Signing improvements package (#871)
2017-05-31 17:13:29 +02:00