PruteanuVlad opened a new pull request, #18425: URL: https://github.com/apache/nuttx/pull/18425
Hi, This is just a porting of this fix (https://github.com/apache/nuttx/pull/18138) to the esp32. ## Summary Using HMAC-SHA with keys longer than the SHA block size results in a failed test. If a key is larger than the algorithm's block size, the key should first be hashed before using. ([2.Definition of HMAC](https://datatracker.ietf.org/doc/html/rfc2104#section-2)) The fix is fairly straightforward, it reuses the `hw_ictx` context to hash the keys when needed. Updated values for auth_hash.keysize are also included. ## Modified files: arch/xtensa/src/esp32/esp32_crypto.c - adds operation for hashing keys that are too long ## Impact The bug affects the ESP32 HMAC-SHA implementation, resulting in incorrect values when a key that is too long is used. ## Testing Development was done using ESP32 DevkitC. Building was done on Ubuntu 24.04 VM. For testing, I ran the official crypto HMAC test. ``` nsh> hmac hmac sha1 success hmac sha1 success hmac sha1 success hmac sha1 success hmac sha1 success hmac sha256 success hmac sha256 success hmac sha256 success hmac sha256 success hmac sha256 success ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
