espressif/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2026-04-27 19:13:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(esp_http_client): fix incorrect digest calculation for SHA256 auth digest

Browse Source 
According to RFC 7616, nonce-prime and cnonce-prime is used for SHA-256-sess only and not for SHA-256.
This commit updates the check and uses nonce only for "-sess" algorithms.

Regression from 66995965e7
This commit is contained in:
Ashish Sharma
2026-01-06 16:19:31 +08:00
parent 4fbcab88f8
commit 1c74bf57dd
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
components/esp_http_client/lib/http_auth.c
+1 -2
View File
@@ -157,8 +157,7 @@ char *http_auth_digest(const char *username, const char *password, esp_http_auth
ESP_LOGD(TAG, "%s %s %s %s", "Digest", username, auth_data->realm, password);
if ((strcasecmp(auth_data->algorithm, "md5-sess") == 0) ||
(strcasecmp(auth_data->algorithm, "SHA256") == 0) ||
(strcasecmp(auth_data->algorithm, "SHA-256") == 0)) {
(strcasecmp(auth_data->algorithm, "SHA-256-sess") == 0)) {
if (digest_func(ha1, "%s:%s:%016llx", ha1, auth_data->nonce, auth_data->cnonce) <= 0) {
goto _digest_exit;
}