Eun0us/espilon-source
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
d1b89f6fd5
espilon-source/tools/C3PO/commands/reboot.py
Eun0us 8b6c1cd53d ε - ChaCha20-Poly1305 AEAD + HKDF crypto upgrade + C3PO rewrite + docs 
Crypto:
- Replace broken ChaCha20 (static nonce) with ChaCha20-Poly1305 AEAD
- HKDF-SHA256 key derivation from per-device factory NVS master keys
- Random 12-byte nonce per message (ESP32 hardware RNG)
- crypto_init/encrypt/decrypt API with mbedtls legacy (ESP-IDF v5.3.2)
- Custom partition table with factory NVS (fctry at 0x10000)

Firmware:
- crypto.c full rewrite, messages.c device_id prefix + AEAD encrypt
- crypto_init() at boot with esp_restart() on failure
- Fix command_t initializations across all modules (sub/help fields)
- Clean CMakeLists dependencies for ESP-IDF v5.3.2

C3PO (C2):
- Rename tools/c2 + tools/c3po -> tools/C3PO
- Per-device CryptoContext with HKDF key derivation
- KeyStore (keys.json) for master key management
- Transport parses device_id:base64(...) wire format

Tools:
- New tools/provisioning/provision.py for factory NVS key generation
- Updated flasher with mbedtls config for v5.3.2

Docs:
- Update all READMEs for new crypto, C3PO paths, provisioning
- Update roadmap, architecture diagrams, security sections
- Update CONTRIBUTING.md project structure
2026-02-10 21:28:45 +01:00

28 lines
1.1 KiB
Python
Raw Blame History

import os
import sys
# Add tools/c2/ to sys.path to import c2_pb2
sys.path.insert(0, os.path.abspath('./tools/c2'))
from commands.base import CommandHandler
from proto import c2_pb2
class RebootCommand(CommandHandler):
name = "reboot"
description = "Reboot ESP"
def build(self, args):
# For the new c2_pb2.Command, we need device_id and request_id.
# These will be filled by the CLI's _send_command method.
# Here, we just prepare the command_name and argv.
# The actual c2_pb2.Command object will be constructed in NewCLI._send_command
# and then serialized, encrypted, and sent.
# This build method is now primarily for command validation and argument parsing
# if the command had specific arguments. For reboot, it's simple.
# The build method in the old CLI was expected to return serialized bytes.
# In the new design, the CLI will construct the full c2_pb2.Command.
# For now, we'll return the command name and args, which NewCLI will use.
return {"command_name": self.name, "argv": args}
Reference in New Issue View Git Blame Copy Permalink