Peter Woolery
2226c1b4ca
--hmac-secret accepted any string and passed it through to NVS, silently producing a device that cannot authenticate to the server. Reject anything that isn't exactly 64 hex characters (32 bytes) before generating the NVS image. Auto-generated secrets are validated too as a defensive check. Found via adversarial review (both reviewers, run 2026-05-01-192928). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>