Skip to content

feat(hash): Add hashing library and new algorithms #11676

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

feat(hash): Add hashing library and new algorithms #11676

wants to merge 1 commit into from
+1,894 −73

Conversation

lucasssvaz
Copy link
Member

@lucasssvaz lucasssvaz commented Jul 30, 2025
edited
Loading

Description of Change

Move hashing algorithms and examples into a Hash library. Some files are required to stay in the core as they are used by core files. The inner structure of the base class was also revised.

Also, all the available algorithms in the repo have some flaw and are not considered secure. To address that, this PR also adds support for the SHA2, SHA3 and PBKDF2_HMAC algorithms.

This will be required to fix some vulnerabilities found by CodeQL.

Tests scenarios

Tested locally

@lucasssvaz lucasssvaz self-assigned this Jul 30, 2025
@lucasssvaz lucasssvaz added the Area: Libraries Issue is related to Library support. label Jul 30, 2025
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jul 30, 2025
edited
Loading

Messages
📖 This PR seems to be quite large (total lines of code: 1967), you might consider splitting it into smaller PRs

👋 Hello lucasssvaz, we appreciate your contribution to this project!

📘 Please review the project's Contributions Guide for key guidelines on code, documentation, testing, and more.
🖊️ Please also make sure you have read and signed the Contributor License Agreement for this project.
Click to see more instructions ...


This automated output is generated by the PR linter DangerJS, which checks if your Pull Request meets the project's requirements and helps you fix potential issues.

DangerJS is triggered with each push event to a Pull Request and modify the contents of this comment.

Please consider the following:
- Danger mainly focuses on the PR structure and formatting and can't understand the meaning behind your code or changes.
- Danger is not a substitute for human code reviews; it's still important to request a code review from your colleagues.
- Addressing info messages (📖) is strongly recommended; they're less critical but valuable.
- To manually retry these Danger checks, please navigate to the Actions tab and re-run last Danger workflow.

Review and merge process you can expect ...


We do welcome contributions in the form of bug reports, feature requests and pull requests.

1. An internal issue has been created for the PR, we assign it to the relevant engineer.
2. They review the PR and either approve it or ask you for changes or clarifications.
3. Once the GitHub PR is approved we do the final review, collect approvals from core owners and make sure all the automated tests are passing.
- At this point we may do some adjustments to the proposed change, or extend it by adding tests or documentation.
4. If the change is approved and passes the tests it is merged into the default branch.

Generated by 🚫 dangerJS against a07d589

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jul 30, 2025
edited
Loading

Test Results

 76 files   76 suites   13m 12s ⏱️
 38 tests  38 ✅ 0 💤 0 ❌
241 runs  241 ✅ 0 💤 0 ❌

Results for commit a07d589.

♻️ This comment has been updated with latest results.

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jul 31, 2025
edited
Loading

Memory usage test (comparing PR against master branch)

The table below shows the summary of memory usage change (decrease - increase) in bytes and percentage for each target.

MemoryFLASH [bytes]FLASH [%]RAM [bytes]RAM [%]
TargetDECINCDECINCDECINCDECINC
ESP32C5💚 -5120💚 -0.110.00000.000.00
ESP32P4💚 -5120💚 -0.100.00000.000.00
ESP32S3💚 -364⚠️ +496💚 -0.08⚠️ +0.05000.000.00
ESP32S2💚 -360⚠️ +496💚 -0.09⚠️ +0.06000.000.00
ESP32C3💚 -5120💚 -0.110.00000.000.00
ESP32C6💚 -5120💚 -0.130.00000.000.00
ESP32H2💚 -4200💚 -0.110.00000.000.00
ESP32💚 -356⚠️ +492💚 -0.09⚠️ +0.05000.000.00
Click to expand the detailed deltas report [usage change in BYTES]
TargetESP32C5ESP32P4ESP32S3ESP32S2ESP32C3ESP32C6ESP32H2ESP32
ExampleFLASHRAMFLASHRAMFLASHRAMFLASHRAMFLASHRAMFLASHRAMFLASHRAMFLASHRAM
ArduinoOTA/examples/BasicOTA💚 -3440💚 -3360💚 -2080💚 -1960💚 -3440💚 -3360--💚 -1840
AsyncUDP/examples/AsyncUDPClient000000000000--00
AsyncUDP/examples/AsyncUDPMulticastServer000000000000--00
AsyncUDP/examples/AsyncUDPServer000000000000--00
BLE/examples/Beacon_Scanner00--00--00000000
BLE/examples/Client00--00--00000000
BLE/examples/EddystoneTLM_Beacon00--00--00000000
BLE/examples/EddystoneURL_Beacon00--00--00000000
BLE/examples/Notify00--00--00000000
BLE/examples/Scan00--00--00000000
BLE/examples/Server00--00--00000000
BLE/examples/Server_multiconnect00--00--00000000
BLE/examples/UART00--00--00000000
BLE/examples/Write00--00--00000000
BLE/examples/iBeacon00--00--00000000
DNSServer/examples/CaptivePortal0000⚠️ +4800⚠️ +49600000--⚠️ +4920
EEPROM/examples/eeprom_class0000💚 -960💚 -960000000💚 -960
EEPROM/examples/eeprom_extra0000💚 -960💚 -960000000💚 -960
EEPROM/examples/eeprom_write0000000000000000
ESP32/examples/AnalogOut/LEDCFade0000000000000000
ESP32/examples/AnalogOut/LEDCGammaFade0000------0000--
ESP32/examples/AnalogOut/LEDCSingleChannel0000000000000000
ESP32/examples/AnalogOut/LEDCSoftwareFade0000000000000000
ESP32/examples/AnalogOut/SigmaDelta0000000000000000
ESP32/examples/AnalogOut/ledcFrequency0000000000000000
ESP32/examples/AnalogOut/ledcWrite_RGB0000000000000000
ESP32/examples/AnalogRead0000000000000000
ESP32/examples/AnalogReadContinuous0000000000000000
ESP32/examples/ArduinoStackSize0000000000000000
ESP32/examples/CI/CIBoardsTest0000000000000000
ESP32/examples/ChipID/GetChipID0000💚 -960💚 -960000000💚 -960
ESP32/examples/DeepSleep/TimerWakeUp000000000000--00
ESP32/examples/FreeRTOS/BasicMultiThreading0000000000000000
ESP32/examples/FreeRTOS/Mutex0000000000000000
ESP32/examples/FreeRTOS/Queue0000000000000000
ESP32/examples/FreeRTOS/Semaphore0000000000000000
ESP32/examples/GPIO/BlinkRGB0000000000000000
ESP32/examples/GPIO/FunctionalInterrupt0000000000000000
ESP32/examples/GPIO/FunctionalInterruptLambda0000000000000000
ESP32/examples/GPIO/FunctionalInterruptStruct0000000000000000
ESP32/examples/GPIO/GPIOInterrupt0000000000000000
ESP32/examples/HWCDC_Events000000--000000--
ESP32/examples/MacAddress/GetMacAddress0000000000000000
ESP32/examples/RMT/Legacy_RMT_Driver_Compatible0000000000000000
ESP32/examples/RMT/RMTCallback0000000000000000
ESP32/examples/RMT/RMTLoopback0000000000000000
ESP32/examples/RMT/RMTReadXJT0000000000000000
ESP32/examples/RMT/RMTWrite_RGB_LED0000000000000000
ESP32/examples/RMT/RMT_CPUFreq_Test0000000000000000
ESP32/examples/RMT/RMT_EndOfTransmissionState0000000000000000
ESP32/examples/RMT/RMT_LED_Blink0000000000000000
ESP32/examples/ResetReason/ResetReason0000000000000000
ESP32/examples/ResetReason/ResetReason20000000000000000
ESP32/examples/Serial/BaudRateDetect_Demo0000000000000000
ESP32/examples/Serial/OnReceiveError_BREAK_Demo0000000000000000
ESP32/examples/Serial/OnReceive_Demo0000000000000000
ESP32/examples/Serial/RS485_Echo_Demo0000000000000000
ESP32/examples/Serial/RxFIFOFull_Demo0000000000000000
ESP32/examples/Serial/RxTimeout_Demo0000000000000000
ESP32/examples/Serial/Serial_All_CPU_Freqs0000000000000000
ESP32/examples/Serial/Serial_STD_Func_OnReceive0000000000000000
ESP32/examples/Serial/onReceiveExample0000000000000000
ESP32/examples/Template/ExampleTemplate0000000000000000
ESP32/examples/Time/SimpleTime000000000000--00
ESP32/examples/Timer/RepeatTimer0000000000000000
ESP32/examples/Timer/WatchdogTimer0000000000000000
ESP_I2S/examples/ES8388_loopback0000000000000000
ESP_I2S/examples/Simple_tone0000000000000000
ESP_NOW/examples/ESP_NOW_Broadcast_Master00--💚 -960💚 -9600000--💚 -960
ESP_NOW/examples/ESP_NOW_Broadcast_Slave00--💚 -960💚 -9600000--💚 -960
ESP_NOW/examples/ESP_NOW_Network00--💚 -960💚 -9600000--💚 -960
ESP_NOW/examples/ESP_NOW_Serial00--00000000--00
ESPmDNS/examples/mDNS-SD_Extended000000000000--00
ESPmDNS/examples/mDNS_Web_Server000000000000--00
Ethernet/examples/ETH_W5500_Arduino_SPI0000000000000000
Ethernet/examples/ETH_W5500_IDF_SPI0000000000000000
Ethernet/examples/ETH_WIFI_BRIDGE000000000000--00
FFat/examples/FFat_Test0000000000000000
FFat/examples/FFat_time000000000000--00
HTTPClient/examples/Authorization000000000000--00
HTTPClient/examples/BasicHttpClient000000000000--00
HTTPClient/examples/BasicHttpsClient000000000000--00
HTTPClient/examples/HTTPClientEnterprise00--💚 -960💚 -9600000--💚 -960
HTTPClient/examples/ReuseConnection000000000000--00
HTTPClient/examples/StreamHttpClient000000000000--00
HTTPUpdate/examples/httpUpdate💚 -4200💚 -4280💚 -3640💚 -3560💚 -4280💚 -4280--💚 -3440
HTTPUpdate/examples/httpUpdateSPIFFS💚 -4200💚 -4280💚 -3640💚 -3560💚 -4280💚 -4280--💚 -3280
HTTPUpdate/examples/httpUpdateSecure💚 -4200💚 -4200💚 -3440💚 -3320💚 -4280💚 -4280--💚 -3560
HTTPUpdateServer/examples/WebUpdater💚 -3380💚 -3380⚠️ +2480⚠️ +2680💚 -3380💚 -3380--⚠️ +2520
Hash/examples/HEX----------------
Hash/examples/MD5----------------
Hash/examples/PBKDF2_HMAC----------------
Hash/examples/SHA1----------------
Hash/examples/SHA2----------------
Hash/examples/SHA3----------------
Hash/examples/SHA3Stream----------------
Insights/examples/DiagnosticsSmokeTest00--00000000--00
Insights/examples/MinimalDiagnostics00--00000000--00
LittleFS/examples/LITTLEFS_test0000000000000000
LittleFS/examples/LITTLEFS_time000000000000--00
Matter/examples/MatterColorLight00--000000000000
Matter/examples/MatterCommissionTest00--000000000000
Matter/examples/MatterComposedLights00--000000000000
Matter/examples/MatterContactSensor00--000000000000
Matter/examples/MatterDimmableLight00--000000000000
Matter/examples/MatterEnhancedColorLight00--000000000000
Matter/examples/MatterEvents00--000000000000
Matter/examples/MatterFan00--000000000000
Matter/examples/MatterHumiditySensor00--000000000000
Matter/examples/MatterLambdaSingleCallbackManyEPs00--000000000000
Matter/examples/MatterMinimum00--000000000000
Matter/examples/MatterOccupancySensor00--000000000000
Matter/examples/MatterOnIdentify00--0000000000⚠️ +160
Matter/examples/MatterOnOffLight00--000000000000
Matter/examples/MatterOnOffPlugin00--000000000000
Matter/examples/MatterPressureSensor00--000000000000
Matter/examples/MatterSmartButon00--000000000000
Matter/examples/MatterTemperatureLight00--000000000000
Matter/examples/MatterTemperatureSensor00--000000000000
Matter/examples/MatterThermostat00--000000000000
NetBIOS/examples/ESP_NBNST000000000000--00
NetworkClientSecure/examples/WiFiClientInsecure000000000000--00
NetworkClientSecure/examples/WiFiClientPSK000000000000--00
NetworkClientSecure/examples/WiFiClientSecure000000000000--00
NetworkClientSecure/examples/WiFiClientSecureEnterprise00--💚 -960💚 -9600000--💚 -960
NetworkClientSecure/examples/WiFiClientSecureProtocolUpgrade000000000000--00
NetworkClientSecure/examples/WiFiClientShowPeerCredentials0000💚 -960💚 -9600000--💚 -960
NetworkClientSecure/examples/WiFiClientTrustOnFirstUse0000💚 -960💚 -9600000--💚 -960
OpenThread/examples/CLI/COAP/coap_lamp00--------0000--
OpenThread/examples/CLI/COAP/coap_switch00--------0000--
OpenThread/examples/CLI/SimpleCLI00--------0000--
OpenThread/examples/CLI/SimpleNode00--------0000--
OpenThread/examples/CLI/SimpleThreadNetwork/ExtendedRouterNode00--------0000--
OpenThread/examples/CLI/SimpleThreadNetwork/LeaderNode00--------0000--
OpenThread/examples/CLI/SimpleThreadNetwork/RouterNode00--------0000--
OpenThread/examples/CLI/ThreadScan00--------0000--
OpenThread/examples/CLI/onReceive00--------0000--
OpenThread/examples/Native/SimpleThreadNetwork/LeaderNode00--------0000--
OpenThread/examples/Native/SimpleThreadNetwork/RouterNode00--------0000--
PPP/examples/PPP_Basic0000000000000000
PPP/examples/PPP_WIFI_BRIDGE000000000000--00
Preferences/examples/Prefs2Struct0000000000000000
Preferences/examples/StartCounter0000💚 -960💚 -960000000💚 -960
RainMaker/examples/RMakerCustom00--00000000----
RainMaker/examples/RMakerCustomAirCooler00--00000000----
RainMaker/examples/RMakerSonoffDualR300--💚 -960💚 -9600000----
RainMaker/examples/RMakerSwitch00--00000000----
SD/examples/SD_Test0000💚 -3200000000000
SD/examples/SD_time000000000000--00
SPI/examples/SPI_Multiple_Buses0000000000000000
SPIFFS/examples/SPIFFS_Test0000000000000000
SPIFFS/examples/SPIFFS_time000000000000--00
TFLiteMicro/examples/hello_world0000000000000000
Ticker/examples/Blinker0000000000000000
Ticker/examples/TickerBasic0000000000000000
Ticker/examples/TickerParameter0000000000000000
Update/examples/AWS_S3_OTA_Update💚 -4200💚 -4280💚 -3560💚 -3600💚 -4280💚 -4280--💚 -3560
Update/examples/HTTPS_OTA_Update💚 -4200💚 -4200💚 -3560💚 -3520💚 -4280💚 -4280--💚 -3520
Update/examples/HTTP_Client_AES_OTA_Update💚 -4280💚 -4280💚 -3560💚 -3440💚 -4200💚 -4200--💚 -3000
Update/examples/HTTP_Server_AES_OTA_Update💚 -4280💚 -4280⚠️ +2320⚠️ +2400💚 -4280💚 -4280--⚠️ +2400
Update/examples/OTAWebUpdater💚 -3380💚 -3380⚠️ +2560⚠️ +2560💚 -3380💚 -3380--⚠️ +2640
Update/examples/SD_Update💚 -4280💚 -4200💚 -3360💚 -3360💚 -4200💚 -4200💚 -4200💚 -3440
WebServer/examples/AdvancedWebServer0000⚠️ +4960⚠️ +49600000--⚠️ +4920
WebServer/examples/FSBrowser0000⚠️ +4960⚠️ +49600000--⚠️ +4920
WebServer/examples/Filters0000⚠️ +4960⚠️ +49600000--⚠️ +4920
WebServer/examples/HelloServer0000⚠️ +4960⚠️ +49600000--⚠️ +4920
WebServer/examples/HttpAdvancedAuth💚 -3620💚 -3620⚠️ +2480⚠️ +2560💚 -3620💚 -3700--⚠️ +2480
WebServer/examples/HttpAuthCallback💚 -3700💚 -3700⚠️ +2480⚠️ +2480💚 -3700💚 -3620--⚠️ +2520
WebServer/examples/HttpAuthCallbackInline💚 -3700💚 -3700⚠️ +2440⚠️ +2480💚 -3700💚 -3620--⚠️ +2480
WebServer/examples/HttpBasicAuth💚 -3700💚 -3700⚠️ +2480⚠️ +2640💚 -3700💚 -3620--⚠️ +2520
WebServer/examples/HttpBasicAuthSHA1💚 -5120💚 -5120⚠️ +1800⚠️ +1760💚 -5120💚 -5120--⚠️ +1880
WebServer/examples/HttpBasicAuthSHA1orBearerToken💚 -3740💚 -3740⚠️ +2880⚠️ +3000💚 -3740💚 -3740--⚠️ +3160
WebServer/examples/Middleware💚 -4920--⚠️ +2040⚠️ +2040💚 -4920💚 -4920--⚠️ +2000
WebServer/examples/MultiHomedServers0000⚠️ +4960⚠️ +49600000--⚠️ +4920
WebServer/examples/PathArgServer0000⚠️ +4960⚠️ +49600000--⚠️ +4920
WebServer/examples/SDWebServer0000⚠️ +4960⚠️ +49600000--⚠️ +4920
WebServer/examples/SimpleAuthentification0000⚠️ +4960⚠️ +49600000--⚠️ +4920
WebServer/examples/UploadHugeFile0000⚠️ +4960⚠️ +49600000--⚠️ +4920
WebServer/examples/WebServer💚 -4280💚 -4280⚠️ +2320⚠️ +2280💚 -4280💚 -4200--⚠️ +2520
WebServer/examples/WebUpdate💚 -3380💚 -3380⚠️ +2600⚠️ +2720💚 -3380💚 -3380--⚠️ +2600
WiFi/examples/FTM/FTM_Initiator000000000000--00
WiFi/examples/FTM/FTM_Responder000000000000--00
WiFi/examples/SimpleWiFiServer000000000000--00
WiFi/examples/WPS00--00000000--00
WiFi/examples/WiFiAccessPoint000000000000--00
WiFi/examples/WiFiBlueToothSwitch00--💚 -960--0000--💚 -960
WiFi/examples/WiFiClient000000000000--00
WiFi/examples/WiFiClientBasic000000000000--00
WiFi/examples/WiFiClientConnect000000000000--00
WiFi/examples/WiFiClientEnterprise00--💚 -960💚 -9600000--💚 -960
WiFi/examples/WiFiClientEvents000000000000--00
WiFi/examples/WiFiClientStaticIP000000000000--00
WiFi/examples/WiFiExtender000000000000--00
WiFi/examples/WiFiIPv6000000000000--00
WiFi/examples/WiFiMulti000000000000--00
WiFi/examples/WiFiMultiAdvanced000000000000--00
WiFi/examples/WiFiScan000000000000--00
WiFi/examples/WiFiScanAsync000000000000--00
WiFi/examples/WiFiScanDualAntenna000000000000--00
WiFi/examples/WiFiScanTime000000000000--00
WiFi/examples/WiFiSmartConfig00--00000000--00
WiFi/examples/WiFiTelnetToSerial0000💚 -960💚 -9600000--💚 -960
WiFi/examples/WiFiUDPClient000000000000--00
WiFiProv/examples/WiFiProv00--00000000--00
Wire/examples/WireMaster0000000000000000
Wire/examples/WireScan0000000000000000
Wire/examples/WireSlave0000000000000000
Wire/examples/WireSlaveFunctionalCallback0000000000000000
Zigbee/examples/Zigbee_Analog_Input_Output00--💚 -960💚 -960000000💚 -960
Zigbee/examples/Zigbee_Binary_Input00--------0000--
Zigbee/examples/Zigbee_CarbonDioxide_Sensor00--------0000--
Zigbee/examples/Zigbee_Color_Dimmable_Light00--------0000--
Zigbee/examples/Zigbee_Color_Dimmer_Switch00--💚 -960💚 -960000000💚 -960
Zigbee/examples/Zigbee_Contact_Switch00--------0000--
Zigbee/examples/Zigbee_Dimmable_Light00--------0000--
Zigbee/examples/Zigbee_Electrical_AC_Sensor00--💚 -960💚 -960000000💚 -960
Zigbee/examples/Zigbee_Electrical_AC_Sensor_MultiPhase00--💚 -960💚 -960000000💚 -960
Zigbee/examples/Zigbee_Electrical_DC_Sensor00--------0000--
Zigbee/examples/Zigbee_Fan_Control00--💚 -960💚 -960000000💚 -960
Zigbee/examples/Zigbee_Gateway00--💚 -960💚 -96000----💚 -960
Zigbee/examples/Zigbee_Illuminance_Sensor00--------0000--
Zigbee/examples/Zigbee_OTA_Client00--------0000--
Zigbee/examples/Zigbee_Occupancy_Sensor00--------0000--
Zigbee/examples/Zigbee_On_Off_Light00--------0000--
Zigbee/examples/Zigbee_On_Off_MultiSwitch00--💚 -960💚 -960000000💚 -960
Zigbee/examples/Zigbee_On_Off_Switch00--💚 -960💚 -960000000💚 -960
Zigbee/examples/Zigbee_PM25_Sensor00--------0000--
Zigbee/examples/Zigbee_Power_Outlet00--💚 -960💚 -960000000💚 -960
Zigbee/examples/Zigbee_Pressure_Flow_Sensor00--------0000--
Zigbee/examples/Zigbee_Range_Extender00--💚 -960💚 -960000000💚 -960
Zigbee/examples/Zigbee_Scan_Networks00--------0000--
Zigbee/examples/Zigbee_Temp_Hum_Sensor_Sleepy00--------0000--
Zigbee/examples/Zigbee_Temperature_Sensor00--------0000--
Zigbee/examples/Zigbee_Thermostat00--💚 -960💚 -960000000💚 -960
Zigbee/examples/Zigbee_Vibration_Sensor00--------0000--
Zigbee/examples/Zigbee_Wind_Speed_Sensor00--------0000--
Zigbee/examples/Zigbee_Window_Covering00--------0000--
ESP32/examples/DeepSleep/TouchWakeUp--000000------00
ESP32/examples/TWAI/TWAIreceive--00000000000000
ESP32/examples/TWAI/TWAItransmit--00000000000000
ESP32/examples/Touch/TouchInterrupt--000000------00
ESP32/examples/Touch/TouchRead--000000------00
ESP_I2S/examples/Record_to_WAV--0000--------00
Ethernet/examples/ETH_TLK110--00----------00
SD_MMC/examples/SD2USBMSC--0000----------
SD_MMC/examples/SDMMC_Test--0000--------00
SD_MMC/examples/SDMMC_time--0000--------00
USB/examples/CompositeDevice--000000--------
USB/examples/ConsumerControl--000000--------
USB/examples/CustomHIDDevice--000000--------
USB/examples/FirmwareMSC--000000--------
USB/examples/Gamepad--000000--------
USB/examples/HIDVendor--000000--------
USB/examples/Keyboard/KeyboardLogout--000000--------
USB/examples/Keyboard/KeyboardMessage--000000--------
USB/examples/Keyboard/KeyboardReprogram--000000--------
USB/examples/Keyboard/KeyboardSerial--000000--------
USB/examples/KeyboardAndMouseControl--000000--------
USB/examples/MIDI/MidiController--000000--------
USB/examples/MIDI/MidiInterface--000000--------
USB/examples/MIDI/MidiMusicBox--000000--------
USB/examples/MIDI/ReceiveMidi--000000--------
USB/examples/Mouse/ButtonMouseControl--000000--------
USB/examples/SystemControl--000000--------
USB/examples/USBMSC--000000--------
USB/examples/USBSerial--000000--------
USB/examples/USBVendor--000000--------
ESP32/examples/Camera/CameraWebServer (1)----0000------00
ESP32/examples/Camera/CameraWebServer (2)----0000------00
ESP32/examples/Camera/CameraWebServer (3)----00----------
ESP32/examples/DeepSleep/ExternalWakeUp----0000------00
ESP_SR/examples/Basic----00----------
BluetoothSerial/examples/DiscoverConnect--------------00
BluetoothSerial/examples/GetLocalMAC--------------00
BluetoothSerial/examples/SerialToSerialBT--------------00
BluetoothSerial/examples/SerialToSerialBTM--------------00
BluetoothSerial/examples/SerialToSerialBT_Legacy--------------00
BluetoothSerial/examples/SerialToSerialBT_SSP--------------00
BluetoothSerial/examples/bt_classic_device_discovery--------------00
BluetoothSerial/examples/bt_remove_paired_devices--------------00
ESP32/examples/DeepSleep/SmoothBlink_ULP_Code--------------00
Ethernet/examples/ETH_LAN8720--------------00
SimpleBLE/examples/SimpleBleDevice--------------💚 -960

@lucasssvaz lucasssvaz marked this pull request as ready for review July 31, 2025 02:45
@lucasssvaz lucasssvaz mentioned this pull request Aug 1, 2025
Open
@lucasssvaz lucasssvaz force-pushed the feat/hashing branch 3 times, most recently from e10fe12 to 1038921 Compare August 1, 2025 21:15
@lucasssvaz lucasssvaz changed the title feat(hash): Add hashing library and SHA3 algorithm feat(hash): Add hashing library and new algorithms Aug 1, 2025
@me-no-dev
Copy link
Member

Since you renamed HEXBuilder to HexBuilder, I suggest adding a header HEXBuilder.h that includes the new name for backward compatibility

@lucasssvaz
Copy link
Member Author

Since you renamed HEXBuilder to HexBuilder, I suggest adding a header HEXBuilder.h that includes the new name for backward compatibility

Now that I see the full PR I think I should revert this renaming to keep it consistent with the others.

@lucasssvaz lucasssvaz added the Status: Review needed Issue or PR is awaiting review label Aug 21, 2025
@SuGlider SuGlider requested a review from Copilot August 27, 2025 15:22
Copilot
Copilot AI reviewed Aug 27, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR introduces a new Hash library containing secure cryptographic algorithms and refactors the existing hash infrastructure. The primary purpose is to move hashing functionality into a dedicated library while adding support for modern secure algorithms (SHA2, SHA3, PBKDF2_HMAC) to address security vulnerabilities.

Key changes:

  • Refactored HashBuilder base class to provide common functionality
  • Moved SHA1Builder to the Hash library while keeping core files intact
  • Added new secure hash algorithms: SHA2 (224/256/384/512), SHA3 (224/256/384/512), and PBKDF2_HMAC

Reviewed Changes

Copilot reviewed 22 out of 24 changed files in this pull request and generated 5 comments.

Show a summary per file
File Description
libraries/Hash/src/SHA3Builder.h Header file defining SHA3 variants and implementation class
libraries/Hash/src/SHA3Builder.cpp Implementation of SHA3 Keccak algorithm with proper padding
libraries/Hash/src/SHA2Builder.h Header file defining SHA2 variants and implementation class
libraries/Hash/src/SHA2Builder.cpp Implementation of SHA2 family algorithms (SHA-224/256/384/512)
libraries/Hash/src/SHA1Builder.h Updated SHA1 header to match new HashBuilder interface
libraries/Hash/src/SHA1Builder.cpp Updated SHA1 implementation with license changes
libraries/Hash/src/PBKDF2_HMACBuilder.h Header for password-based key derivation function
libraries/Hash/src/PBKDF2_HMACBuilder.cpp Implementation of PBKDF2-HMAC algorithm
libraries/Hash/library.properties Library metadata and configuration
libraries/Hash/keywords.txt Arduino IDE syntax highlighting definitions
libraries/Hash/examples/ Example sketches demonstrating usage of new algorithms
cores/esp32/HashBuilder.h Refactored base class with common hash functionality
cores/esp32/HashBuilder.cpp Implementation of common HashBuilder methods
cores/esp32/MD5Builder.h Updated MD5 header to match new interface
cores/esp32/MD5Builder.cpp Updated MD5 implementation removing duplicate code
cores/esp32/HEXBuilder.h Added documentation comment
cores/esp32/HEXBuilder.cpp Cleaned up includes
CMakeLists.txt Updated build configuration for new Hash library

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

libraries/Hash/src/SHA2Builder.cpp
}

// Pad with zeros to make room for the length
while (buffer_size + 8 < block_size) {
Copy link
Preview

Copilot AI Aug 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The condition should use <= instead of < to ensure proper padding space. The current condition may leave insufficient space for the length field in edge cases.

Suggested change
while (buffer_size + 8 < block_size) {
while (buffer_size + 8 <= block_size) {

Copilot uses AI. Check for mistakes.

libraries/Hash/src/PBKDF2_HMACBuilder.cpp
Comment on lines +151 to +153
for (size_t i = 0; i < derivedKeyLen; i++) {
output[i] = (char)derivedKey[i];
}
Copy link
Preview

Copilot AI Aug 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The getChars method is casting bytes to chars, which can result in data loss for non-printable bytes. This method should use hex encoding like other hash builders or be documented as returning binary data.

Suggested change
for (size_t i = 0; i < derivedKeyLen; i++) {
output[i] = (char)derivedKey[i];
}
// Hex-encode the derived key
const char hexDigits[] = "0123456789abcdef";
for (size_t i = 0; i < derivedKeyLen; i++) {
output[i * 2] = hexDigits[(derivedKey[i] >> 4) & 0xF];
output[i * 2 + 1] = hexDigits[derivedKey[i] & 0xF];
}
// Optionally null-terminate if used as a C string
output[derivedKeyLen * 2] = '\0';

Copilot uses AI. Check for mistakes.

libraries/Hash/src/PBKDF2_HMACBuilder.cpp
Comment on lines +173 to +181
void PBKDF2_HMACBuilder::setPassword(const uint8_t* password, size_t len) {
if (this->password != nullptr) {
delete[] this->password;
}
this->password = new uint8_t[len];
memcpy(this->password, password, len);
this->passwordLen = len;
calculated = false;
}
Copy link
Preview

Copilot AI Aug 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Password data should be securely cleared from memory before deallocation to prevent sensitive data from remaining in memory. Consider using memset_s or explicit_bzero before delete[].

Copilot uses AI. Check for mistakes.

libraries/Hash/src/PBKDF2_HMACBuilder.cpp
Comment on lines +191 to +199
void PBKDF2_HMACBuilder::setSalt(const uint8_t* salt, size_t len) {
if (this->salt != nullptr) {
delete[] this->salt;
}
this->salt = new uint8_t[len];
memcpy(this->salt, salt, len);
this->saltLen = len;
calculated = false;
}
Copy link
Preview

Copilot AI Aug 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Salt data should be securely cleared from memory before deallocation to prevent sensitive data from remaining in memory. Consider using memset_s or explicit_bzero before delete[].

Copilot uses AI. Check for mistakes.

libraries/Hash/src/PBKDF2_HMACBuilder.cpp
Comment on lines +48 to +55
void PBKDF2_HMACBuilder::clearData() {
if (derivedKey != nullptr) {
delete[] derivedKey;
derivedKey = nullptr;
}
derivedKeyLen = 0;
calculated = false;
}
Copy link
Preview

Copilot AI Aug 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Derived key data should be securely cleared from memory before deallocation. Consider using memset_s or explicit_bzero before delete[] to prevent sensitive key material from remaining in memory.

Copilot uses AI. Check for mistakes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@SuGlider SuGlider Awaiting requested review from SuGlider SuGlider is a code owner

@me-no-dev me-no-dev Awaiting requested review from me-no-dev me-no-dev is a code owner

@P-R-O-C-H-Y P-R-O-C-H-Y Awaiting requested review from P-R-O-C-H-Y

At least 0 approving reviews are required to merge this pull request.

Assignees

@lucasssvaz lucasssvaz

Labels
Area: Libraries Issue is related to Library support. Status: Review needed Issue or PR is awaiting review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lucasssvaz @me-no-dev