Eun0us/espilon-source
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8b6c1cd53d
espilon-source/.gitignore
Eun0us 8b6c1cd53d ε - ChaCha20-Poly1305 AEAD + HKDF crypto upgrade + C3PO rewrite + docs 
Crypto:
- Replace broken ChaCha20 (static nonce) with ChaCha20-Poly1305 AEAD
- HKDF-SHA256 key derivation from per-device factory NVS master keys
- Random 12-byte nonce per message (ESP32 hardware RNG)
- crypto_init/encrypt/decrypt API with mbedtls legacy (ESP-IDF v5.3.2)
- Custom partition table with factory NVS (fctry at 0x10000)

Firmware:
- crypto.c full rewrite, messages.c device_id prefix + AEAD encrypt
- crypto_init() at boot with esp_restart() on failure
- Fix command_t initializations across all modules (sub/help fields)
- Clean CMakeLists dependencies for ESP-IDF v5.3.2

C3PO (C2):
- Rename tools/c2 + tools/c3po -> tools/C3PO
- Per-device CryptoContext with HKDF key derivation
- KeyStore (keys.json) for master key management
- Transport parses device_id:base64(...) wire format

Tools:
- New tools/provisioning/provision.py for factory NVS key generation
- Updated flasher with mbedtls config for v5.3.2

Docs:
- Update all READMEs for new crypto, C3PO paths, provisioning
- Update roadmap, architecture diagrams, security sections
- Update CONTRIBUTING.md project structure
2026-02-10 21:28:45 +01:00

112 lines
1.6 KiB
Plaintext
Raw Blame History

# ESP-IDF Build System
espilon_bot/build/
espilon_bot/sdkconfig
espilon_bot/sdkconfig.old
espilon_bot/.config
espilon_bot/.config.old
# Managed Components (downloaded dependencies)
espilon_bot/managed_components/
espilon_bot/dependencies.lock
# Firmware binaries
espilon_bot/firmware/
*.bin
*.elf
*.map
# Python
__pycache__/
*.py[cod]
*$py.class
*.so
.Python
*.egg-info/
dist/
build/
venv/
env/
ENV/
.venv
# Tools - Python dependencies
tools/C3PO/__pycache__/
tools/flasher/__pycache__/
*.pyc
# Configuration files with secrets
tools/flasher/devices.json
tools/flasher/devices.*.json
tools/C3PO/config.json
**/config.local.json
# C3PO runtime / secrets
tools/C3PO/keys.json
tools/C3PO/*.db
# Logs
*.log
logs/
espilon_bot/logs/
sdkconfig
# C2 Runtime files (camera streams, recordings)
tools/C3PO/static/streams/*.jpg
tools/C3PO/static/recordings/*.avi
*.avi
# IDE and Editor
.vscode/
!.vscode/settings.json
!.vscode/tasks.json
!.vscode/launch.json
!.vscode/extensions.json
.idea/
*.swp
*.swo
*~
.DS_Store
# OS
Thumbs.db
.DS_Store
*.bak
# Credentials and Secrets
*.pem
*.key
*.crt
*.p12
secrets/
credentials/
.env
.env.local
# Temporary files
*.tmp
*.temp
.cache/
# Documentation build
docs/_build/
docs/.doctrees/
site/
# Test coverage
.coverage
htmlcov/
.pytest_cache/
# nanoPB generated files (if you want to regenerate them)
# Uncomment if you want to track generated .pb.c/.pb.h files
# espilon_bot/components/core/nanoPB/*.pb.c
# espilon_bot/components/core/nanoPB/*.pb.h
# Backup files
*.backup
*_backup
# Hardware-specific configs (optional)
# Uncomment if you don't want to track these
# espilon_bot/partitions.csv
Reference in New Issue View Git Blame Copy Permalink