Merge pull request #326 from padelsbach/she-server-compareconst

bigbrett · web-flow · commit f8cdd52133fb · 2026-03-25T08:42:58.000-06:00
Use ConstantCompare instead of memcmp in wh_server_she.c
diff --git a/src/wh_server_she.c b/src/wh_server_she.c
@@ -43,6 +43,7 @@
 #include "wolfssl/wolfcrypt/wc_port.h"
 #include "wolfssl/wolfcrypt/aes.h"
 #include "wolfssl/wolfcrypt/cmac.h"
+#include "wolfssl/wolfcrypt/misc.h"
 #include "wolfhsm/wh_server_keystore.h"
 #endif /* !WOLFHSM_CFG_NO_CRYPTO */
 
@@ -404,7 +405,7 @@ static int _SecureBootFinish(whServerContext* server, uint16_t magic,
     }
     if (ret == 0) {
         /* compare and set either success or failure */
-        ret = memcmp(cmacOutput, macDigest, field);
+        ret = ConstantCompare(cmacOutput, macDigest, field);
         if (ret == 0) {
             server->she->sbState = WH_SHE_SB_SUCCESS;
             resp.status          = WH_SHE_ERC_NO_ERROR;
@@ -532,7 +533,7 @@ static int _LoadKey(whServerContext* server, uint16_t magic, uint16_t req_size,
             sizeof(cmacInput), tmpKey, WH_SHE_KEY_SZ, NULL, server->devId);
     }
     /* compare digest to M3 */
-    if (ret == 0 && memcmp(req.messageThree, cmacOutput, field) != 0) {
+    if (ret == 0 && ConstantCompare(req.messageThree, cmacOutput, field) != 0) {
         ret = WH_SHE_ERC_KEY_UPDATE_ERROR;
     }
     /* make K1 using AES-MP(authKey | WH_SHE_KEY_UPDATE_ENC_C) */
@@ -585,7 +586,7 @@ static int _LoadKey(whServerContext* server, uint16_t magic, uint16_t req_size,
         }
     }
     /* compare to UID */
-    else if (ret == 0 && memcmp(req.messageOne, server->she->uid,
+    else if (ret == 0 && ConstantCompare(req.messageOne, server->she->uid,
                                 sizeof(server->she->uid)) != 0) {
         ret = WH_SHE_ERC_KEY_UPDATE_ERROR;
     }

Original file line number	Diff line number	Diff line change
`@@ -43,6 +43,7 @@`
`43`	`43`	`#include "wolfssl/wolfcrypt/wc_port.h"`
`44`	`44`	`#include "wolfssl/wolfcrypt/aes.h"`
`45`	`45`	`#include "wolfssl/wolfcrypt/cmac.h"`
	`46`	`+#include "wolfssl/wolfcrypt/misc.h"`
`46`	`47`	`#include "wolfhsm/wh_server_keystore.h"`
`47`	`48`	`#endif /* !WOLFHSM_CFG_NO_CRYPTO */`
`48`	`49`
`@@ -404,7 +405,7 @@ static int _SecureBootFinish(whServerContext* server, uint16_t magic,`
`404`	`405`	`}`
`405`	`406`	`if (ret == 0) {`
`406`	`407`	`/* compare and set either success or failure */`
`407`		`- ret = memcmp(cmacOutput, macDigest, field);`
	`408`	`+ ret = ConstantCompare(cmacOutput, macDigest, field);`
`408`	`409`	`if (ret == 0) {`
`409`	`410`	`server->she->sbState = WH_SHE_SB_SUCCESS;`
`410`	`411`	`resp.status = WH_SHE_ERC_NO_ERROR;`
`@@ -532,7 +533,7 @@ static int _LoadKey(whServerContext* server, uint16_t magic, uint16_t req_size,`
`532`	`533`	`sizeof(cmacInput), tmpKey, WH_SHE_KEY_SZ, NULL, server->devId);`
`533`	`534`	`}`
`534`	`535`	`/* compare digest to M3 */`
`535`		`- if (ret == 0 && memcmp(req.messageThree, cmacOutput, field) != 0) {`
	`536`	`+ if (ret == 0 && ConstantCompare(req.messageThree, cmacOutput, field) != 0) {`
`536`	`537`	`ret = WH_SHE_ERC_KEY_UPDATE_ERROR;`
`537`	`538`	`}`
`538`	`539`	`/* make K1 using AES-MP(authKey \| WH_SHE_KEY_UPDATE_ENC_C) */`
`@@ -585,7 +586,7 @@ static int _LoadKey(whServerContext* server, uint16_t magic, uint16_t req_size,`
`585`	`586`	`}`
`586`	`587`	`}`
`587`	`588`	`/* compare to UID */`
`588`		`- else if (ret == 0 && memcmp(req.messageOne, server->she->uid,`
	`589`	`+ else if (ret == 0 && ConstantCompare(req.messageOne, server->she->uid,`
`589`	`590`	`sizeof(server->she->uid)) != 0) {`
`590`	`591`	`ret = WH_SHE_ERC_KEY_UPDATE_ERROR;`
`591`	`592`	`}`