Skip to content

Mixed signing 2 #208

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Sep 22, 2015
Merged

Mixed signing 2 #208

merged 2 commits into from
Sep 22, 2015

Conversation

fleinze
Copy link
Contributor

@fleinze fleinze commented Sep 22, 2015

to match the description in http://forum.mysensors.org/topic/1021/security-introducing-signing-support-to-mysensors :

However, the difference is that the gateway will only require signed messages from nodes it knows in turn require signed messages.

@fleinze
Update MySensor.cpp
7858825 
only verify signature from nodes that require signing
@fleinze
Update MySensor.cpp
518ed6a 
Gateway only expects signing only from nodes it knows in turn require signed messages.
@mysensors-jenkins
Copy link

As the author of this pull request is not in my whitelist, I may not build this PR automatically.
A member of the MySensors core team can ask me to verify this pull request by telling me "jenkins, build this please".
The author can be whitelisted to get future PR:s automatically verified by telling me "jenkins, add author to whitelist please".
But remember that I will only listen if you name me with a capital 'J'.
If you would like to submit a PR and not have Jenkins build it for you, you can add "[skip ci]" to your PR "body".

@fallberg
Copy link
Contributor

@fleinze Have you tested this change with a GW that require signatures, and two nodes (on that is "secure" and one that is "insecure")?
Expected behavior:
GW<->"secure node": all messages are signed in both directions
GW<->"insecure node": no messages are signed at all

I cannot currently verify the change myself I am afraid. But this is at least how it is supposed to work.

Also, you should be able to set the GW to not require signatures, then the behavior should be like this:
GW<->"secure node": all messages to the node is signed, no messages to the GW is signed
GW<->"insecure node": no messages are signed at all
It would be great if you could test this usecase as well.

@fallberg
Copy link
Contributor

Jenkins, build this please

@fleinze
Copy link
Contributor Author

fleinze commented Sep 22, 2015

thank you fallberg, I did test the usecases:
"insecure" GW -> "secure" node: messages to gateway are not signed, messages to node are signed
"insecure" GW -> "insecure" node: no signing at all

@mysensors-jenkins
Copy link

Congratulations! I found no problems building this pull request for any of the supported boards or examples.
You can see the result of the build(s) here: http://ci.mysensors.org/job/MySensorsArduinoPR/103/

@fallberg
Copy link
Contributor

@fleinze Ok, so all testcases did pass as expected?

@fleinze
Copy link
Contributor Author

fleinze commented Sep 22, 2015

I just did final tests with a clean copy: (true means requires signing, false means doesn't require signing, as in the MySigning constructor)
GW(true) -> node(true): all messages signed
GW(true) -> node(false): no messages signed
GW(false) -> node(false): no messages signed
GW(false) -> node(true): messages to the gw are not signed, messages to the node are signed
So, all testcases as expected.

fallberg added a commit that referenced this pull request Sep 22, 2015
@fallberg
Merge pull request #208 from fleinze/mixed-signing-2
3ce3c6e 
Gateway now correctly handles message signing
@fallberg fallberg merged commit 3ce3c6e into mysensors:development Sep 22, 2015
@fallberg
Copy link
Contributor

Thanks @fleinze for finding and fixing this!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@fleinze @mysensors-jenkins @fallberg