diff --git a/esphome/components/esphome/ota/ota_esphome.cpp b/esphome/components/esphome/ota/ota_esphome.cpp index 7272f1d208..872a8be8f4 100644 --- a/esphome/components/esphome/ota/ota_esphome.cpp +++ b/esphome/components/esphome/ota/ota_esphome.cpp @@ -734,11 +734,14 @@ bool ESPHomeOTAComponent::prepare_auth_nonce_(HashBase *hasher) { // Calculate required buffer size using the hasher const size_t hex_size = hasher->get_size() * 2; const size_t nonce_len = hasher->get_size() / 4; - // Buffer layout: - // - auth_type (1 byte) + nonce (hex_size) - sent in AUTH_SEND - // - cnonce (hex_size) + response (hex_size) - read in AUTH_READ at offset 1+hex_size - // Total: 1 + hex_size + (hex_size * 2) - const size_t auth_buf_size = 1 + hex_size + hex_size * 2; + + // Buffer layout after AUTH_READ completes: + // [0]: auth_type (1 byte) + // [1...hex_size]: nonce (hex_size bytes) - our random nonce sent in AUTH_SEND + // [1+hex_size...1+2*hex_size-1]: cnonce (hex_size bytes) - client's nonce + // [1+2*hex_size...1+3*hex_size-1]: response (hex_size bytes) - client's hash + // Total: 1 + 3*hex_size + const size_t auth_buf_size = 1 + 3 * hex_size; this->auth_buf_ = std::make_unique(auth_buf_size); this->auth_buf_pos_ = 0; @@ -770,13 +773,7 @@ bool ESPHomeOTAComponent::prepare_auth_nonce_(HashBase *hasher) { } bool ESPHomeOTAComponent::verify_hash_auth_(HashBase *hasher, size_t hex_size) { - // Buffer layout after AUTH_READ completes: - // [0]: auth_type (1 byte) - // [1...hex_size]: nonce (hex_size bytes) - our random nonce sent in AUTH_SEND - // [1+hex_size...1+2*hex_size-1]: cnonce (hex_size bytes) - client's nonce - // [1+2*hex_size...1+3*hex_size-1]: response (hex_size bytes) - client's hash - - // Get pointers to the data in the buffer + // Get pointers to the data in the buffer (see prepare_auth_nonce_ for buffer layout) char *nonce = reinterpret_cast(this->auth_buf_.get() + 1); // Skip auth_type byte size_t cnonce_offset = 1 + hex_size; // Offset where cnonce starts in buffer char *cnonce = reinterpret_cast(this->auth_buf_.get() + cnonce_offset);