search

libretiny-eu / libretiny

PlatformIO development platform for IoT modules
http://docs.libretiny.eu/
MIT License
383 stars 55 forks source link

[realtek-ambz] Enable Mbed-TLS for MD5 hashing, remove Polar SSL #156

Closed hn closed 11 months ago

hn commented 11 months ago

Set Mbed-TLS as default for MD5 hashing, remove Polar SSL. The latter has given wrong results on at least one MCU and is generally deprecated.

Closes issue #142.

kuba2k2 commented 11 months ago

Well, I think I found the issue. The PolarSSL MD5 context in LT is defined as follows:

typedef struct {
    unsigned long total[2];   /*!< number of bytes processed  */
    unsigned long state[4];   /*!< intermediate digest state  */
    unsigned char buffer[64]; /*!< data block being processed */
} md5_context;

whereas the context in PolarSSL library is this:

typedef struct
{
    uint32_t total[2];          /*!< number of bytes processed  */
    uint32_t state[4];          /*!< intermediate digest state  */
    unsigned char buffer[64];   /*!< data block being processed */

    unsigned char ipad[64];     /*!< HMAC: inner padding        */
    unsigned char opad[64];     /*!< HMAC: outer padding        */
}
md5_context;

Notice the missing ipad and opad fields, which make the structure smaller (thus, esphome allocates less memory for the context, and we have a memory corruption).