From 9cbbb167db37174a60125bde251a01c6e51a76c5 Mon Sep 17 00:00:00 2001
From: "J. Nick Koston" <nick@home-assistant.io>
Date: Sun, 21 Sep 2025 11:47:15 -0600
Subject: [PATCH] preen

---
 .../components/esphome/ota/ota_esphome.cpp    | 29 +++++++++++--------
 esphome/components/esphome/ota/ota_esphome.h  |  4 ++-
 esphome/components/md5/md5.h                  |  3 --
 esphome/components/sha256/sha256.h            |  3 --
 esphome/core/hash_base.h                      |  3 --
 5 files changed, 20 insertions(+), 22 deletions(-)

diff --git a/esphome/components/esphome/ota/ota_esphome.cpp b/esphome/components/esphome/ota/ota_esphome.cpp
index ef8bbe78c9..206905d0d8 100644
--- a/esphome/components/esphome/ota/ota_esphome.cpp
+++ b/esphome/components/esphome/ota/ota_esphome.cpp
@@ -266,11 +266,13 @@ void ESPHomeOTAComponent::handle_data_() {
     // TODO: Remove this entire ifdef block in 2026.1.0
     if (client_supports_sha256) {
       sha256::SHA256 sha_hasher;
-      auth_success = this->perform_hash_auth_(&sha_hasher, this->password_, 16, ota::OTA_RESPONSE_REQUEST_SHA256_AUTH);
+      auth_success = this->perform_hash_auth_(&sha_hasher, this->password_, 16, ota::OTA_RESPONSE_REQUEST_SHA256_AUTH,
+                                              LOG_STR("SHA256"));
     } else {
       ESP_LOGW(TAG, "Using MD5 auth for compatibility (deprecated)");
       md5::MD5Digest md5_hasher;
-      auth_success = this->perform_hash_auth_(&md5_hasher, this->password_, 8, ota::OTA_RESPONSE_REQUEST_AUTH);
+      auth_success =
+          this->perform_hash_auth_(&md5_hasher, this->password_, 8, ota::OTA_RESPONSE_REQUEST_AUTH, LOG_STR("MD5"));
     }
 #else
     // Strict mode: SHA256 required on capable platforms (future default)
@@ -512,12 +514,15 @@ void ESPHomeOTAComponent::yield_and_feed_watchdog_() {
   delay(1);
 }
 
+void ESPHomeOTAComponent::log_auth_warning_(const LogString *action, const LogString *hash_name) {
+  ESP_LOGW(TAG, "Auth: %s %s failed", LOG_STR_ARG(action), LOG_STR_ARG(hash_name));
+}
+
 // Non-template function definition to reduce binary size
 bool ESPHomeOTAComponent::perform_hash_auth_(HashBase *hasher, const std::string &password, size_t nonce_size,
-                                             uint8_t auth_request) {
+                                             uint8_t auth_request, const LogString *name) {
   // Get sizes from the hasher
   const size_t hex_size = hasher->get_hex_size();
-  const char *name = hasher->get_name();
 
   // Use fixed-size buffers for the maximum possible hash size (SHA256 = 64 chars)
   // This avoids dynamic allocation overhead
@@ -560,11 +565,11 @@ bool ESPHomeOTAComponent::perform_hash_auth_(HashBase *hasher, const std::string
   // Use hex_buffer1 for nonce
   hasher->get_hex(hex_buffer1);
   hex_buffer1[hex_size] = '\0';
-  ESP_LOGV(TAG, "Auth: %s Nonce is %s", name, hex_buffer1);
+  ESP_LOGV(TAG, "Auth: %s Nonce is %s", LOG_STR_ARG(name), hex_buffer1);
 
   // Send nonce
   if (!this->writeall_(reinterpret_cast<uint8_t *>(hex_buffer1), hex_size)) {
-    ESP_LOGW(TAG, "Auth: Writing %s nonce failed", name);
+    this->log_auth_warning_(LOG_STR("Writing nonce"), name);
     return false;
   }
 
@@ -575,11 +580,11 @@ bool ESPHomeOTAComponent::perform_hash_auth_(HashBase *hasher, const std::string
 
   // Receive cnonce into hex_buffer2
   if (!this->readall_(reinterpret_cast<uint8_t *>(hex_buffer2), hex_size)) {
-    ESP_LOGW(TAG, "Auth: Reading %s cnonce failed", name);
+    this->log_auth_warning_(LOG_STR("Reading cnonce"), name);
     return false;
   }
   hex_buffer2[hex_size] = '\0';
-  ESP_LOGV(TAG, "Auth: %s CNonce is %s", name, hex_buffer2);
+  ESP_LOGV(TAG, "Auth: %s CNonce is %s", LOG_STR_ARG(name), hex_buffer2);
 
   // Add cnonce to hash
   hasher->add(hex_buffer2, hex_size);
@@ -588,21 +593,21 @@ bool ESPHomeOTAComponent::perform_hash_auth_(HashBase *hasher, const std::string
   hasher->calculate();
   hasher->get_hex(hex_buffer1);
   hex_buffer1[hex_size] = '\0';
-  ESP_LOGV(TAG, "Auth: %s Result is %s", name, hex_buffer1);
+  ESP_LOGV(TAG, "Auth: %s Result is %s", LOG_STR_ARG(name), hex_buffer1);
 
   // Receive response - reuse hex_buffer2
   if (!this->readall_(reinterpret_cast<uint8_t *>(hex_buffer2), hex_size)) {
-    ESP_LOGW(TAG, "Auth: Reading %s response failed", name);
+    this->log_auth_warning_(LOG_STR("Reading response"), name);
     return false;
   }
   hex_buffer2[hex_size] = '\0';
-  ESP_LOGV(TAG, "Auth: %s Response is %s", name, hex_buffer2);
+  ESP_LOGV(TAG, "Auth: %s Response is %s", LOG_STR_ARG(name), hex_buffer2);
 
   // Compare
   bool matches = memcmp(hex_buffer1, hex_buffer2, hex_size) == 0;
 
   if (!matches) {
-    ESP_LOGW(TAG, "Auth failed! %s passwords do not match", name);
+    ESP_LOGW(TAG, "Auth failed! %s passwords do not match", LOG_STR_ARG(name));
   }
 
   return matches;
diff --git a/esphome/components/esphome/ota/ota_esphome.h b/esphome/components/esphome/ota/ota_esphome.h
index 598f990ebd..5d806028ac 100644
--- a/esphome/components/esphome/ota/ota_esphome.h
+++ b/esphome/components/esphome/ota/ota_esphome.h
@@ -31,12 +31,14 @@ class ESPHomeOTAComponent : public ota::OTAComponent {
  protected:
   void handle_handshake_();
   void handle_data_();
-  bool perform_hash_auth_(HashBase *hasher, const std::string &password, size_t nonce_size, uint8_t auth_request);
+  bool perform_hash_auth_(HashBase *hasher, const std::string &password, size_t nonce_size, uint8_t auth_request,
+                          const LogString *name);
   bool readall_(uint8_t *buf, size_t len);
   bool writeall_(const uint8_t *buf, size_t len);
   void log_socket_error_(const LogString *msg);
   void log_read_error_(const LogString *what);
   void log_start_(const LogString *phase);
+  void log_auth_warning_(const LogString *action, const LogString *hash_name);
   void cleanup_connection_();
   void yield_and_feed_watchdog_();
 
diff --git a/esphome/components/md5/md5.h b/esphome/components/md5/md5.h
index 3951e635c8..d777d7a143 100644
--- a/esphome/components/md5/md5.h
+++ b/esphome/components/md5/md5.h
@@ -53,9 +53,6 @@ class MD5Digest : public HashBase {
   /// Get the size of the hex output (32 for MD5)
   size_t get_hex_size() const override { return 32; }
 
-  /// Get the algorithm name for logging
-  const char *get_name() const override { return "MD5"; }
-
   /// Compare the digest against a provided byte-encoded digest (16 bytes).
   bool equals_bytes(const uint8_t *expected);
 
diff --git a/esphome/components/sha256/sha256.h b/esphome/components/sha256/sha256.h
index 30121e20f2..5af4c9a417 100644
--- a/esphome/components/sha256/sha256.h
+++ b/esphome/components/sha256/sha256.h
@@ -40,9 +40,6 @@ class SHA256 : public esphome::HashBase {
   /// Get the size of the hex output (64 for SHA256)
   size_t get_hex_size() const override { return 64; }
 
-  /// Get the algorithm name for logging
-  const char *get_name() const override { return "SHA256"; }
-
   bool equals_bytes(const uint8_t *expected);
   bool equals_hex(const char *expected);
 
diff --git a/esphome/core/hash_base.h b/esphome/core/hash_base.h
index 66221083e7..ee646698d7 100644
--- a/esphome/core/hash_base.h
+++ b/esphome/core/hash_base.h
@@ -25,9 +25,6 @@ class HashBase {
 
   /// Get the size of the hex output (32 for MD5, 64 for SHA256)
   virtual size_t get_hex_size() const = 0;
-
-  /// Get the algorithm name for logging
-  virtual const char *get_name() const = 0;
 };
 
 }  // namespace esphome