Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Difference between revisions of "Mihini/Security"
(New page: == How to activate security with M3DA protocol? == Firstly, you need to compile a module which is not compiled by default. After you build.sh, you must do this command: $ make all agen...) |
(→FAQ/Good Practices) |
||
(8 intermediate revisions by one other user not shown) | |||
Line 1: | Line 1: | ||
− | + | Don't hesitate to make a test by running Mihini on your local computer. | |
== How to activate security with M3DA protocol? == | == How to activate security with M3DA protocol? == | ||
Firstly, you need to compile a module which is not compiled by default. After you build.sh, you must do this command: | Firstly, you need to compile a module which is not compiled by default. After you build.sh, you must do this command: | ||
+ | <source lang="bash"> | ||
$ make all agent_provisioning | $ make all agent_provisioning | ||
+ | </source> | ||
+ | |||
+ | ''Note'': Here the following list you can define for encryption and authentication: | ||
+ | * AUTHENTICATION_TYPE = hmac-md5 or hmac-sha1 or none (if you select none for authentication, you must select none for encryption) | ||
+ | * ENCRYPTION_TYPE = aes-cbc-128 or aes-cbc-256 or aes-ctr-128 or aes-ctr-256 or none | ||
− | |||
− | |||
− | |||
1. Choose the authentication algorithm : | 1. Choose the authentication algorithm : | ||
+ | <source lang="lua"> | ||
agent.config.server.authentication ='hmac-sha1' | agent.config.server.authentication ='hmac-sha1' | ||
+ | </source> | ||
2. Choose the encryption algorithm : | 2. Choose the encryption algorithm : | ||
+ | <source lang="lua"> | ||
agent.config.server.encryption ='aes-cbc-128' | agent.config.server.encryption ='aes-cbc-128' | ||
+ | </source> | ||
− | 3. Generate the keys by using Registration password (shareKey) (=> Compute and store the keys) | + | 3. Do not forget to set deviceId (first): |
+ | <source lang="lua"> | ||
+ | agent.config.agent.deviceId = "tototo" | ||
+ | </source> | ||
+ | |||
+ | 4. Generate the keys by using Registration password (shareKey) (=> Compute and store the keys) | ||
+ | <source lang="lua"> | ||
require 'agent.provisioning'.registration_password 'xxxx' (needs "make all agent_provisioning" to be executed before) | require 'agent.provisioning'.registration_password 'xxxx' (needs "make all agent_provisioning" to be executed before) | ||
+ | </source> | ||
== Usefull commands == | == Usefull commands == | ||
If you want to remove the authentication: | If you want to remove the authentication: | ||
− | > agent.config.server.authentication = nil | + | <source lang="lua"> |
+ | agent.config.server.authentication = nil | ||
+ | </source> | ||
To remove the encryption: | To remove the encryption: | ||
− | > agent.config.server.encryption = nil | + | <source lang="lua"> |
+ | agent.config.server.encryption = nil | ||
+ | </source> | ||
To change the password : | To change the password : | ||
− | > require 'agent.provisioning'.password ='xxxx' (needs "make all agent_provisioning" to be executed before) | + | <source lang="lua"> |
+ | require 'agent.provisioning'.password ='xxxx' (needs "make all agent_provisioning" to be executed before) | ||
+ | </source> | ||
To remove the password : | To remove the password : | ||
− | Keys are stored in : | + | * Keys are stored in: /readyagent/build.default/runtime/crypto |
− | Remove the file : crypto.key | + | * Remove the file: crypto.key |
+ | |||
+ | ''Note'': If you do a reset factory on your device, the keys are not deleted. | ||
Create a connection: | Create a connection: | ||
− | > airvantage=require "airvantage" | + | <source lang="lua"> |
− | + | airvantage=require "airvantage" | |
+ | airvantage.connecttoserver() | ||
+ | </source> | ||
+ | |||
+ | == FAQ/Good Practices == | ||
+ | |||
+ | <em>Q</em>: I get timeout when I try to contact the server.<br/> | ||
+ | <em>A</em>: | ||
+ | Check that port 44900 is opened. |
Revision as of 10:32, 5 April 2013
Don't hesitate to make a test by running Mihini on your local computer.
How to activate security with M3DA protocol?
Firstly, you need to compile a module which is not compiled by default. After you build.sh, you must do this command:
$ make all agent_provisioning
Note: Here the following list you can define for encryption and authentication:
- AUTHENTICATION_TYPE = hmac-md5 or hmac-sha1 or none (if you select none for authentication, you must select none for encryption)
- ENCRYPTION_TYPE = aes-cbc-128 or aes-cbc-256 or aes-ctr-128 or aes-ctr-256 or none
1. Choose the authentication algorithm :
agent.config.server.authentication ='hmac-sha1'
2. Choose the encryption algorithm :
agent.config.server.encryption ='aes-cbc-128'
3. Do not forget to set deviceId (first):
agent.config.agent.deviceId = "tototo"
4. Generate the keys by using Registration password (shareKey) (=> Compute and store the keys)
require 'agent.provisioning'.registration_password 'xxxx' (needs "make all agent_provisioning" to be executed before)
Usefull commands
If you want to remove the authentication:
agent.config.server.authentication = nil
To remove the encryption:
agent.config.server.encryption = nil
To change the password :
require 'agent.provisioning'.password ='xxxx' (needs "make all agent_provisioning" to be executed before)
To remove the password :
* Keys are stored in: /readyagent/build.default/runtime/crypto * Remove the file: crypto.key
Note: If you do a reset factory on your device, the keys are not deleted.
Create a connection:
airvantage=require "airvantage" airvantage.connecttoserver()
FAQ/Good Practices
Q: I get timeout when I try to contact the server.
A:
Check that port 44900 is opened.