Address chunk size issue in wh_Client_SheSecureBoot

padelsbach · padelsbach · commit 6a0629959d1d · 2026-03-01T23:39:11.000-08:00
diff --git a/src/wh_client_she.c b/src/wh_client_she.c
@@ -156,6 +156,9 @@ int wh_Client_SheSecureBoot(whClientContext* c, uint8_t* bootloader,
     while (ret == 0 && bootloaderSent < bootloaderLen) {
         uint8_t* in;
         uint32_t justSent;
+        uint32_t remaining;
+        static const uint32_t maxChunk =
+            WOLFHSM_CFG_COMM_DATA_LEN - sizeof(*updateReq);
 
         if (initResp->rc != WH_SHE_ERC_NO_ERROR) {
             return initResp->rc;
@@ -168,8 +171,8 @@ int wh_Client_SheSecureBoot(whClientContext* c, uint8_t* bootloader,
         in = (uint8_t*)(updateReq + 1);
 
         /* send what's left in the size available */
-        updateReq->sz = ((bootloaderLen - bootloaderSent) %
-                         (WOLFHSM_CFG_COMM_DATA_LEN - sizeof(*updateReq)));
+        remaining = bootloaderLen - bootloaderSent;
+        updateReq->sz = (remaining > maxChunk) ? maxChunk : remaining;
 
         justSent = updateReq->sz;
         memcpy(in, bootloader + bootloaderSent, updateReq->sz);
diff --git a/src/wh_server_nvm.c b/src/wh_server_nvm.c
@@ -43,6 +43,10 @@
 #include "wolfhsm/wh_server.h"
 #include "wolfhsm/wh_server_nvm.h"
 
+#if !defined(WOLFHSM_CFG_NO_CRYPTO)
+#include "wolfhsm/wh_server_keystore.h"
+#endif
+
 /* Handle NVM read, do access checking and clamping */
 static int _HandleNvmRead(whServerContext* server, uint8_t* out_data,
                           whNvmSize offset, whNvmSize len, whNvmSize* out_len,
@@ -290,6 +294,17 @@ int wh_Server_HandleNvmRequest(whServerContext* server,
                     /* Process the DestroyObjects action */
                     rc = wh_Nvm_DestroyObjectsChecked(server->nvm,
                                                       req.list_count, req.list);
+#if !defined(WOLFHSM_CFG_NO_CRYPTO)
+                    if (rc == WH_ERROR_OK) {
+                        whNvmId i;
+                        for (i = 0; i < req.list_count; i++) {
+                            /* Best-effort cache invalidation to prevent stale
+                             * key material after object destroy/recreate. */
+                            (void)wh_Server_KeystoreEvictKey(server,
+                                                             req.list[i]);
+                        }
+                    }
+#endif
 
                     (void)WH_SERVER_NVM_UNLOCK(server);
                 } /* WH_SERVER_NVM_LOCK() */
diff --git a/src/wh_server_she.c b/src/wh_server_she.c
@@ -232,13 +232,18 @@ static int _SecureBootInit(whServerContext* server, uint16_t magic,
 
     (void)wh_MessageShe_TranslateSecureBootInitRequest(magic, req_packet, &req);
 
-    /* if we aren't looking for init return error */
-    if (server->she->sbState != WH_SHE_SB_INIT) {
+    /* Allow a new secure-boot session after a completed prior session.
+     * Only reject init while an active session is in progress.
+     */
+    if (server->she->sbState == WH_SHE_SB_UPDATE ||
+        server->she->sbState == WH_SHE_SB_FINISH) {
         ret = WH_SHE_ERC_SEQUENCE_ERROR;
     }
     if (ret == 0) {
         /* set the expected size */
         server->she->blSize = req.sz;
+        server->she->blSizeReceived = 0;
+        server->she->cmacKeyFound = 0;
         /* check if the boot mac key is empty */
         keySz = sizeof(macKey);
         ret   = wh_Server_KeystoreReadKey(server,
diff --git a/test/wh_test_she.c b/test/wh_test_she.c
@@ -37,6 +37,7 @@
 
 #include "wolfhsm/wh_comm.h"
 #include "wolfhsm/wh_message.h"
+#include "wolfhsm/wh_message_she.h"
 
 #ifdef WOLFHSM_CFG_ENABLE_SERVER
 #include "wolfhsm/wh_server.h"
@@ -74,7 +75,8 @@
 enum {
         REQ_SIZE = 32,
         RESP_SIZE = 64,
-        BUFFER_SIZE = 4096,
+        BUFFER_SIZE = sizeof(whTransportMemCsr) + sizeof(whCommHeader) +
+                      WOLFHSM_CFG_COMM_DATA_LEN,
     };
 
 #define FLASH_RAM_SIZE (1024 * 1024) /* 1MB */
@@ -122,6 +124,9 @@ int whTest_SheClientConfig(whClientConfig* config)
         0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a};
     uint8_t zeros[WH_SHE_BOOT_MAC_PREFIX_LEN] = {0};
     uint8_t bootloader[512];
+    uint8_t bootloaderBoundary[
+        WOLFHSM_CFG_COMM_DATA_LEN -
+        sizeof(whMessageShe_SecureBootUpdateRequest)];
     uint8_t bootMacDigest[16] = {0};
     uint8_t vectorMasterEcuKey[16] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
         0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f};
@@ -155,6 +160,10 @@ int whTest_SheClientConfig(whClientConfig* config)
     uint8_t messageFive[WH_SHE_M5_SZ];
     uint32_t outClientId = 0;
     uint32_t outServerId = 0;
+    uint32_t serverCommDataLen = WOLFHSM_CFG_COMM_DATA_LEN;
+    uint32_t maxBoundaryUpdateChunk =
+        WOLFHSM_CFG_COMM_DATA_LEN -
+        sizeof(whMessageShe_SecureBootUpdateRequest);
     const uint32_t SHE_TEST_VECTOR_KEY_ID = 4;
 
     if (config == NULL) {
@@ -163,6 +172,20 @@ int whTest_SheClientConfig(whClientConfig* config)
 
     WH_TEST_RETURN_ON_FAIL(wh_Client_Init(client, config));
     WH_TEST_RETURN_ON_FAIL(wh_Client_CommInit(client, &outClientId, &outServerId));
+    WH_TEST_RETURN_ON_FAIL(wh_Client_CommInfo(client, NULL, NULL,
+        &serverCommDataLen, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+        NULL, NULL, NULL, NULL));
+
+    if (serverCommDataLen <= sizeof(whMessageShe_SecureBootUpdateRequest)) {
+        WH_ERROR_PRINT("Invalid server cfg_comm_data_len %u\n",
+                       (unsigned int)serverCommDataLen);
+        ret = WH_ERROR_ABORTED;
+        goto exit;
+    }
+    if (serverCommDataLen < WOLFHSM_CFG_COMM_DATA_LEN) {
+        maxBoundaryUpdateChunk =
+            serverCommDataLen - sizeof(whMessageShe_SecureBootUpdateRequest);
+    }
 
     {
         int32_t  server_rc       = 0;
@@ -196,6 +219,11 @@ int whTest_SheClientConfig(whClientConfig* config)
         WH_ERROR_PRINT("Failed to wc_RNG_GenerateBlock %d\n", ret);
         goto exit;
     }
+    if ((ret = wc_RNG_GenerateBlock(rng, bootloaderBoundary,
+                                    maxBoundaryUpdateChunk)) != 0) {
+        WH_ERROR_PRINT("Failed to wc_RNG_GenerateBlock %d\n", ret);
+        goto exit;
+    }
     /* Done generating test data, free RNG */
     wc_FreeRng(rng);
     /* cmac 0..0 | size | bootloader */
@@ -253,6 +281,68 @@ int whTest_SheClientConfig(whClientConfig* config)
         goto exit;
     }
     WH_TEST_PRINT("SHE secure boot SUCCESS\n");
+
+    /* verify bootloader at exact max update chunk boundary */
+    bootloaderSz = maxBoundaryUpdateChunk;
+    memset(bootMacDigest, 0, sizeof(bootMacDigest));
+    if ((ret = wc_InitCmac(cmac, key, sizeof(key), WC_CMAC_AES, NULL)) != 0) {
+        WH_ERROR_PRINT("Failed to wc_InitCmac %d\n", ret);
+        goto exit;
+    }
+    if ((ret = wc_CmacUpdate(cmac, zeros, sizeof(zeros))) != 0) {
+        WH_ERROR_PRINT("Failed to wc_CmacUpdate %d\n", ret);
+        goto exit;
+    }
+    if ((ret = wc_CmacUpdate(cmac, (uint8_t*)&bootloaderSz,
+                             sizeof(bootloaderSz))) != 0) {
+        WH_ERROR_PRINT("Failed to wc_CmacUpdate %d\n", ret);
+        goto exit;
+    }
+    if ((ret = wc_CmacUpdate(cmac, bootloaderBoundary,
+                             bootloaderSz)) != 0) {
+        WH_ERROR_PRINT("Failed to wc_CmacUpdate %d\n", ret);
+        goto exit;
+    }
+    digestSz = AES_BLOCK_SIZE;
+    if ((ret = wc_CmacFinal(cmac, bootMacDigest, (word32*)&digestSz)) != 0) {
+        WH_ERROR_PRINT("Failed to wc_CmacFinal %d\n", ret);
+        goto exit;
+    }
+    if ((ret = _destroySheKey(client, WH_SHE_BOOT_MAC_KEY_ID)) != 0) {
+        WH_ERROR_PRINT("Failed to _destroySheKey, ret=%d\n", ret);
+        goto exit;
+    }
+    if ((ret = _destroySheKey(client, WH_SHE_BOOT_MAC)) != 0) {
+        WH_ERROR_PRINT("Failed to _destroySheKey, ret=%d\n", ret);
+        goto exit;
+    }
+    if ((ret = wh_Client_ShePreProgramKey(client, WH_SHE_BOOT_MAC_KEY_ID, 0,
+                                          key, sizeof(key))) != 0) {
+        WH_ERROR_PRINT("Failed to wh_Client_ShePreProgramKey %d\n", ret);
+        goto exit;
+    }
+    if ((ret = wh_Client_ShePreProgramKey(client, WH_SHE_BOOT_MAC, 0,
+                                          bootMacDigest,
+                                          sizeof(bootMacDigest))) != 0) {
+        WH_ERROR_PRINT("Failed to wh_Client_ShePreProgramKey %d\n", ret);
+        goto exit;
+    }
+    if ((ret = wh_Client_SheSecureBoot(client, bootloaderBoundary,
+                                       bootloaderSz)) != 0) {
+        WH_ERROR_PRINT("Failed to wh_Client_SheSecureBoot boundary %d\n", ret);
+        goto exit;
+    }
+    if ((ret = wh_Client_SheGetStatus(client, &sreg)) != 0) {
+        WH_ERROR_PRINT("Failed to wh_Client_SheGetStatus %d\n", ret);
+        goto exit;
+    }
+    if ((sreg & WH_SHE_SREG_BOOT_OK) == 0 ||
+        (sreg & WH_SHE_SREG_BOOT_FINISHED) == 0 ||
+        (sreg & WH_SHE_SREG_SECURE_BOOT) == 0) {
+        WH_ERROR_PRINT("Failed secureBoot boundary with SHE CMAC\n");
+        goto exit;
+    }
+    WH_TEST_PRINT("SHE secure boot boundary SUCCESS\n");
     /* load the secret key using pre program */
     if ((ret = wh_Client_ShePreProgramKey(client, WH_SHE_SECRET_KEY_ID, 0, secretKey, sizeof(secretKey))) != 0) {
         WH_ERROR_PRINT("Failed to wh_Client_ShePreProgramKey %d\n", ret);
