From ba73061a4f8a948d518328d19a35804d97ac9efb Mon Sep 17 00:00:00 2001 From: "J. Nick Koston" Date: Thu, 25 Sep 2025 20:36:04 -0500 Subject: [PATCH] random_bytes --- esphome/components/esphome/ota/ota_esphome.cpp | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/esphome/components/esphome/ota/ota_esphome.cpp b/esphome/components/esphome/ota/ota_esphome.cpp index 405633b990..6ffeeedb1a 100644 --- a/esphome/components/esphome/ota/ota_esphome.cpp +++ b/esphome/components/esphome/ota/ota_esphome.cpp @@ -15,6 +15,7 @@ #include "esphome/components/ota/ota_backend_esp_idf.h" #include "esphome/core/application.h" #include "esphome/core/hal.h" +#include "esphome/core/helpers.h" #include "esphome/core/log.h" #include "esphome/core/util.h" @@ -528,14 +529,6 @@ void ESPHomeOTAComponent::log_auth_warning_(const LogString *action, const LogSt ESP_LOGW(TAG, "Auth: %s %s failed", LOG_STR_ARG(action), LOG_STR_ARG(hash_name)); } -// Helper to convert uint32 to big-endian bytes -static inline void uint32_to_bytes(uint32_t value, uint8_t *bytes) { - bytes[0] = (value >> 24) & 0xFF; - bytes[1] = (value >> 16) & 0xFF; - bytes[2] = (value >> 8) & 0xFF; - bytes[3] = value & 0xFF; -} - // Non-template function definition to reduce binary size bool ESPHomeOTAComponent::perform_hash_auth_(HashBase *hasher, const std::string &password, uint8_t auth_request, const LogString *name, char *buf) { @@ -553,10 +546,10 @@ bool ESPHomeOTAComponent::perform_hash_auth_(HashBase *hasher, const std::string hasher->init(); - // Generate nonce seed bytes - uint32_to_bytes(random_uint32(), nonce_bytes); - if (nonce_len > 4) { - uint32_to_bytes(random_uint32(), nonce_bytes + 4); + // Generate nonce seed bytes using random_bytes + if (!random_bytes(nonce_bytes, nonce_len)) { + this->log_auth_warning_(LOG_STR("Random bytes generation failed"), name); + return false; } hasher->add(nonce_bytes, nonce_len); hasher->calculate();