Works
This commit is contained in:
@@ -9,22 +9,22 @@ dependencies:
|
|||||||
path: .
|
path: .
|
||||||
type: git
|
type: git
|
||||||
version: d9792119ebaec0c54839e6605acd3f11dd937205
|
version: d9792119ebaec0c54839e6605acd3f11dd937205
|
||||||
esp-idf-ssh-client:
|
|
||||||
component_hash: d6f7b468c951d78e17e7a9b6911768c807729776338aad447f5c5dcd23642ee4
|
|
||||||
dependencies: []
|
|
||||||
source:
|
|
||||||
git: https://gitlab.com/ch405labs/ch405labs_esp_libssh2.git
|
|
||||||
path: .
|
|
||||||
type: git
|
|
||||||
version: 8b136ec9ee4ff26f19fad36e23062a0a79a32619
|
|
||||||
idf:
|
idf:
|
||||||
source:
|
source:
|
||||||
type: idf
|
type: idf
|
||||||
version: 5.5.2
|
version: 5.5.2
|
||||||
|
libssh2_esp:
|
||||||
|
component_hash: 75612f8fe15b7793de2d9d2eba920e66a7aab7424963012282a419cdb86399ad
|
||||||
|
dependencies: []
|
||||||
|
source:
|
||||||
|
git: https://github.com/skuodi/libssh2_esp.git
|
||||||
|
path: .
|
||||||
|
type: git
|
||||||
|
version: 378f0bd47900bffacbf29cac328c6e9b5391c886
|
||||||
direct_dependencies:
|
direct_dependencies:
|
||||||
- esp-cryptoauthlib
|
- esp-cryptoauthlib
|
||||||
- esp-idf-ssh-client
|
|
||||||
- idf
|
- idf
|
||||||
manifest_hash: c0dd2805d23d2f57e818e665712d10a21c7d820835cc0b907c812de71ec4daa7
|
- libssh2_esp
|
||||||
|
manifest_hash: a6766e71931c845fac37dab1b735cded43d414aa83e5ce0443ba4285e1980180
|
||||||
target: esp32c6
|
target: esp32c6
|
||||||
version: 2.0.0
|
version: 2.0.0
|
||||||
|
|||||||
@@ -4,5 +4,5 @@ dependencies:
|
|||||||
version: ">=4.1.0"
|
version: ">=4.1.0"
|
||||||
esp-cryptoauthlib:
|
esp-cryptoauthlib:
|
||||||
git: https://github.com/espressif/esp-cryptoauthlib.git
|
git: https://github.com/espressif/esp-cryptoauthlib.git
|
||||||
esp-idf-ssh-client:
|
libssh2_esp:
|
||||||
git: https://gitlab.com/ch405labs/ch405labs_esp_libssh2.git
|
git: https://github.com/skuodi/libssh2_esp.git
|
||||||
|
|||||||
@@ -125,62 +125,26 @@ public:
|
|||||||
uint8_t digest[32];
|
uint8_t digest[32];
|
||||||
uint8_t raw_sig[64];
|
uint8_t raw_sig[64];
|
||||||
|
|
||||||
printf("\n--- SSH SIGNATURE DIAGNOSTICS ---\n");
|
// 1. Hash the fully assembled challenge buffer provided by libssh2
|
||||||
|
mbedtls_sha256(data, data_len, digest, 0);
|
||||||
|
|
||||||
// 1. Hash the challenge and strictly check for failure
|
// 2. Request signature from the ATECC608B
|
||||||
int hash_err = mbedtls_sha256(data, data_len, digest, 0);
|
if (atcab_sign(0x0, digest, raw_sig) != ATCA_SUCCESS) {
|
||||||
if (hash_err != 0) {
|
|
||||||
printf("CRITICAL: mbedtls_sha256 failed with code %d\n", hash_err);
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
printf("SHA-256 Digest: ");
|
|
||||||
for (int i = 0; i < 32; i++)
|
|
||||||
printf("%02x", digest[i]);
|
|
||||||
printf("\n");
|
|
||||||
|
|
||||||
// 2. Request the signature from the secure element
|
|
||||||
if (atcab_sign(0, digest, raw_sig) != ATCA_SUCCESS) {
|
|
||||||
printf("CRITICAL: ATECC608B Signing Failed!\n");
|
printf("CRITICAL: ATECC608B Signing Failed!\n");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
printf("Raw Sig R: ");
|
// 3. Allocate memory JUST for the two mathematical integers (max ~74 bytes)
|
||||||
for (int i = 0; i < 32; i++)
|
unsigned char *buf = (unsigned char *)malloc(80);
|
||||||
printf("%02x", raw_sig[i]);
|
|
||||||
printf("\nRaw Sig S: ");
|
|
||||||
for (int i = 32; i < 64; i++)
|
|
||||||
printf("%02x", raw_sig[i]);
|
|
||||||
printf("\n---------------------------------\n");
|
|
||||||
|
|
||||||
// 3. Allocate and format (Identical to previous step)
|
|
||||||
unsigned char *buf = (unsigned char *)malloc(150);
|
|
||||||
if (!buf)
|
if (!buf)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
|
// 4. Format strictly as [mpint R] [mpint S]. NO outer strings!
|
||||||
uint32_t offset = 0;
|
uint32_t offset = 0;
|
||||||
const char *type = "ecdsa-sha2-nistp256";
|
offset += write_mpint(&buf[offset], &raw_sig[0], 32); // Format R
|
||||||
uint32_t type_len = 19;
|
offset += write_mpint(&buf[offset], &raw_sig[32], 32); // Format S
|
||||||
|
|
||||||
buf[offset++] = (type_len >> 24) & 0xFF;
|
|
||||||
buf[offset++] = (type_len >> 16) & 0xFF;
|
|
||||||
buf[offset++] = (type_len >> 8) & 0xFF;
|
|
||||||
buf[offset++] = type_len & 0xFF;
|
|
||||||
memcpy(&buf[offset], type, type_len);
|
|
||||||
offset += type_len;
|
|
||||||
|
|
||||||
uint32_t inner_len_idx = offset;
|
|
||||||
offset += 4;
|
|
||||||
|
|
||||||
offset += write_mpint(&buf[offset], &raw_sig[0], 32); // R
|
|
||||||
offset += write_mpint(&buf[offset], &raw_sig[32], 32); // S
|
|
||||||
|
|
||||||
uint32_t inner_len = offset - inner_len_idx - 4;
|
|
||||||
buf[inner_len_idx] = (inner_len >> 24) & 0xFF;
|
|
||||||
buf[inner_len_idx + 1] = (inner_len >> 16) & 0xFF;
|
|
||||||
buf[inner_len_idx + 2] = (inner_len >> 8) & 0xFF;
|
|
||||||
buf[inner_len_idx + 3] = inner_len & 0xFF;
|
|
||||||
|
|
||||||
|
// Hand ownership to libssh2
|
||||||
*sig = buf;
|
*sig = buf;
|
||||||
*sig_len = offset;
|
*sig_len = offset;
|
||||||
|
|
||||||
|
|||||||
4
partitions.csv
Normal file
4
partitions.csv
Normal file
@@ -0,0 +1,4 @@
|
|||||||
|
# Name, Type, SubType, Offset, Size, Flags
|
||||||
|
nvs, data, nvs, 0x9000, 0x6000,
|
||||||
|
phy_init, data, phy, 0xf000, 0x1000,
|
||||||
|
factory, app, factory, 0x10000, 2M,
|
||||||
|
Reference in New Issue
Block a user