From a29c70dfbcdbccd723e62fa693444669f3a149bb Mon Sep 17 00:00:00 2001
From: Felipe Moura <moura.fmo@gmail.com>
Date: Mon, 8 Jun 2026 10:16:42 -0300
Subject: [PATCH] boards/esp32c3-devkit/crypto: add Dropbear SSH server support

Add a new `dropbear` defconfig for the ESP32-C3 DevKit board that brings
up an SSH server over Wi-Fi using the Dropbear application, and expose
the ChaCha20 stream-cipher helpers required by Dropbear's
chacha20-poly1305@openssh.com cipher.

boards/risc-v/esp32c3/esp32c3-devkit/configs/dropbear:
- Enable Wi-Fi STA mode with DHCP client; include WAPI tooling so the
  link comes up at boot.
- Mount SPIFFS on SPI flash at /data to persist the ECDSA host key
  (/data/dropbear_ecdsa_host_key) and the password database
  (FSUTILS_PASSWD at /data/passwd).
- Autostart the dropbear task from NSH on every boot.
- Enable PTY support and Ctrl-C signal delivery for interactive
  sessions.
- Pin CONFIG_NETUTILS_DROPBEAR_STACKSIZE to 65536; the 32 KiB default
  overflows during key exchange on this RISC-V target.
- Set CONFIG_NETUTILS_DROPBEAR_LISTEN_RETRY_MAX=120 so the daemon
  retries until the Wi-Fi link is fully up.

crypto/chachapoly: add struct chacha20_stream_ctx and three helpers
(chacha20_stream_setkey, chacha20_stream_ivctr64, chacha20_stream_crypt)
that wrap the existing chacha_* primitives to provide a stateful,
multi-call stream interface. No new algorithm code is introduced.
---
 .../esp32c3-devkit/configs/dropbear/defconfig | 104 ++++++++++++++++++
 crypto/chachapoly.c                           |  30 +++++
 include/crypto/chachapoly.h                   |  13 +++
 3 files changed, 147 insertions(+)
 create mode 100644 boards/risc-v/esp32c3/esp32c3-devkit/configs/dropbear/defconfig

diff --git a/boards/risc-v/esp32c3/esp32c3-devkit/configs/dropbear/defconfig b/boards/risc-v/esp32c3/esp32c3-devkit/configs/dropbear/defconfig
new file mode 100644
index 0000000000000..dfd8affb922c8
--- /dev/null
+++ b/boards/risc-v/esp32c3/esp32c3-devkit/configs/dropbear/defconfig
@@ -0,0 +1,104 @@
+#
+# This file is autogenerated: PLEASE DO NOT EDIT IT.
+#
+# You can use "make menuconfig" to make any modifications to the installed .config file.
+# You can then do "make savedefconfig" to generate a new defconfig file that includes your
+# modifications.
+#
+# CONFIG_NDEBUG is not set
+# CONFIG_NSH_ARGCAT is not set
+# CONFIG_NSH_CMDOPT_HEXDUMP is not set
+CONFIG_ALLOW_BSD_COMPONENTS=y
+CONFIG_ARCH="risc-v"
+CONFIG_ARCH_BOARD="esp32c3-devkit"
+CONFIG_ARCH_BOARD_COMMON=y
+CONFIG_ARCH_BOARD_ESP32C3_DEVKIT=y
+CONFIG_ARCH_CHIP="esp32c3"
+CONFIG_ARCH_CHIP_ESP32C3=y
+CONFIG_ARCH_INTERRUPTSTACK=2048
+CONFIG_ARCH_IRQ_TO_NDX=y
+CONFIG_ARCH_MINIMAL_VECTORTABLE_DYNAMIC=y
+CONFIG_ARCH_NUSER_INTERRUPTS=17
+CONFIG_ARCH_RISCV=y
+CONFIG_ARCH_STACKDUMP=y
+CONFIG_BOARD_LOOPSPERMSEC=15000
+CONFIG_BUILTIN=y
+CONFIG_DEV_URANDOM=y
+CONFIG_DRIVERS_IEEE80211=y
+CONFIG_DRIVERS_WIRELESS=y
+CONFIG_ESPRESSIF_SPIFLASH=y
+CONFIG_ESPRESSIF_SPIFLASH_SPIFFS=y
+CONFIG_ESPRESSIF_WIFI=y
+CONFIG_EXAMPLES_RANDOM=y
+CONFIG_FS_PROCFS=y
+CONFIG_FSUTILS_PASSWD=y
+CONFIG_FSUTILS_PASSWD_PATH="/data/passwd"
+CONFIG_IDLETHREAD_STACKSIZE=2048
+CONFIG_INIT_ENTRYPOINT="nsh_main"
+CONFIG_INIT_STACKSIZE=8192
+CONFIG_INTELHEX_BINARY=y
+CONFIG_IOB_BUFSIZE=128
+CONFIG_IOB_NBUFFERS=160
+CONFIG_IOB_THROTTLE=24
+CONFIG_LIBC_PERROR_STDOUT=y
+CONFIG_LIBC_STRERROR=y
+CONFIG_NETDB_DNSCLIENT=y
+CONFIG_NETDEV_LATEINIT=y
+CONFIG_NETDEV_PHY_IOCTL=y
+CONFIG_NETDEV_WIRELESS_IOCTL=y
+CONFIG_NETUTILS_DROPBEAR=y
+CONFIG_NETUTILS_DROPBEAR_HOSTKEY_PATH="/data/dropbear_ecdsa_host_key"
+CONFIG_NETUTILS_DROPBEAR_LISTEN_RETRY_MAX=120
+CONFIG_NETUTILS_DROPBEAR_LISTEN_RETRIES=0
+CONFIG_NETUTILS_DROPBEAR_STACKSIZE=65536
+CONFIG_NSH_DROPBEAR=y
+CONFIG_PSEUDOTERM=y
+CONFIG_PSEUDOTERM_SUSV1=y
+CONFIG_PSEUDOTERM_RXBUFSIZE=1024
+CONFIG_PSEUDOTERM_TXBUFSIZE=2048
+CONFIG_NETINIT_DHCPC=y
+CONFIG_NETINIT_WAPI_ALG_CCMP=y
+CONFIG_NETINIT_WAPI_AUTHWPA_WPA2=y
+CONFIG_NETINIT_WAPI_CIPHERMODE_CCMP=y
+CONFIG_NETINIT_WAPI_PASSPHRASE="mypasswd"
+CONFIG_NETINIT_WAPI_SSID="myssid"
+CONFIG_NETINIT_WAPI_STAMODE_INFRA=y
+CONFIG_NETUTILS_IPERF=y
+CONFIG_NETUTILS_NETINIT=y
+CONFIG_NET_BROADCAST=y
+CONFIG_NET_ETH_PKTSIZE=1514
+CONFIG_NET_ICMP_SOCKET=y
+CONFIG_NET_TCP=y
+CONFIG_NET_TCP_DELAYED_ACK=y
+CONFIG_NET_TCP_WRITE_BUFFERS=y
+CONFIG_NET_UDP=y
+CONFIG_NFILE_DESCRIPTORS_PER_BLOCK=6
+CONFIG_NSH_ARCHINIT=y
+CONFIG_NSH_BUILTIN_APPS=y
+CONFIG_NSH_FILEIOSIZE=512
+CONFIG_NSH_READLINE=y
+CONFIG_NSH_STRERROR=y
+CONFIG_PREALLOC_TIMERS=0
+CONFIG_PTHREAD_MUTEX_TYPES=y
+CONFIG_RR_INTERVAL=200
+CONFIG_SCHED_BACKTRACE=y
+CONFIG_SCHED_LPWORK=y
+CONFIG_SCHED_WAITPID=y
+CONFIG_SIG_DEFAULT=y
+CONFIG_START_DAY=29
+CONFIG_START_MONTH=11
+CONFIG_START_YEAR=2019
+CONFIG_SYSTEM_DHCPC_RENEW=y
+CONFIG_SYSTEM_DUMPSTACK=y
+CONFIG_SYSTEM_NSH=y
+CONFIG_SYSTEM_PING=y
+CONFIG_TESTING_GETPRIME=y
+CONFIG_TESTING_OSTEST=y
+CONFIG_TLS_TASK_NELEM=4
+CONFIG_TTY_SIGINT=y
+CONFIG_TTY_SIGINT_CHAR=0x03
+CONFIG_UART0_SERIAL_CONSOLE=y
+CONFIG_WIRELESS=y
+CONFIG_WIRELESS_WAPI=y
+CONFIG_WIRELESS_WAPI_CMDTOOL=y
+CONFIG_WIRELESS_WAPI_INITCONF=y
diff --git a/crypto/chachapoly.c b/crypto/chachapoly.c
index c03bf8fac18dd..6c00a530fe24f 100644
--- a/crypto/chachapoly.c
+++ b/crypto/chachapoly.c
@@ -72,6 +72,36 @@ void chacha20_crypt(caddr_t key, FAR uint8_t *data)
                        CHACHA20_BLOCK_LEN);
 }
 
+void chacha20_stream_setkey(FAR struct chacha20_stream_ctx *ctx,
+                            FAR const uint8_t *key)
+{
+  chacha_keysetup((FAR chacha_ctx *)ctx, key, CHACHA20_KEYSIZE * 8);
+}
+
+void chacha20_stream_ivctr64(FAR struct chacha20_stream_ctx *ctx,
+                             FAR const uint8_t *iv, uint64_t counter)
+{
+  uint8_t ctr[8];
+
+  ctr[0] = counter;
+  ctr[1] = counter >> 8;
+  ctr[2] = counter >> 16;
+  ctr[3] = counter >> 24;
+  ctr[4] = counter >> 32;
+  ctr[5] = counter >> 40;
+  ctr[6] = counter >> 48;
+  ctr[7] = counter >> 56;
+
+  chacha_ivsetup((FAR chacha_ctx *)ctx, iv, ctr);
+}
+
+void chacha20_stream_crypt(FAR struct chacha20_stream_ctx *ctx,
+                           FAR const uint8_t *in, FAR uint8_t *out,
+                           size_t len)
+{
+  chacha_encrypt_bytes((FAR chacha_ctx *)ctx, in, out, len);
+}
+
 void chacha20_poly1305_init(FAR void *xctx)
 {
   FAR CHACHA20_POLY1305_CTX *ctx = xctx;
diff --git a/include/crypto/chachapoly.h b/include/crypto/chachapoly.h
index 49221058daf71..4d1079156c8f2 100644
--- a/include/crypto/chachapoly.h
+++ b/include/crypto/chachapoly.h
@@ -32,10 +32,23 @@ struct chacha20_ctx
   uint8_t nonce[CHACHA20_NONCE];
 };
 
+struct chacha20_stream_ctx
+{
+  uint32_t input[16];
+};
+
 int chacha20_setkey(FAR void *, FAR uint8_t *, int);
 void chacha20_reinit(caddr_t, FAR uint8_t *);
 void chacha20_crypt(caddr_t, FAR uint8_t *);
 
+void chacha20_stream_setkey(FAR struct chacha20_stream_ctx *ctx,
+                            FAR const uint8_t *key);
+void chacha20_stream_ivctr64(FAR struct chacha20_stream_ctx *ctx,
+                             FAR const uint8_t *iv, uint64_t counter);
+void chacha20_stream_crypt(FAR struct chacha20_stream_ctx *ctx,
+                           FAR const uint8_t *in, FAR uint8_t *out,
+                           size_t len);
+
 #define POLY1305_KEYLEN 32
 #define POLY1305_TAGLEN 16
 #define POLY1305_BLOCK_LEN 16