From 1555ec4b762f7871755c04331170c0b2a1ef5786 Mon Sep 17 00:00:00 2001
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
Date: Fri, 6 Mar 2026 08:51:37 +0100
Subject: [PATCH 1/2] Replace `XMEMCMP` with `ConstantCompare` when validating
 secure renegotiation (SCR) verify data

F-16
---
 src/tls.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/tls.c b/src/tls.c
index d5cb43ec42..0a5032c57c 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -6047,7 +6047,7 @@ static int TLSX_SecureRenegotiation_Parse(WOLFSSL* ssl, const byte* input,
                     input++; /* get past size */
 
                     /* validate client verify data */
-                    if (XMEMCMP(input,
+                    if (ConstantCompare(input,
                             ssl->secure_renegotiation->client_verify_data,
                             TLS_FINISHED_SZ) == 0) {
                         WOLFSSL_MSG("SCR client verify data match");
@@ -6075,10 +6075,10 @@ static int TLSX_SecureRenegotiation_Parse(WOLFSSL* ssl, const byte* input,
                 input++;  /* get past size */
 
                 /* validate client and server verify data */
-                if (XMEMCMP(input,
+                if (ConstantCompare(input,
                             ssl->secure_renegotiation->client_verify_data,
                             TLS_FINISHED_SZ) == 0 &&
-                    XMEMCMP(input + TLS_FINISHED_SZ,
+                    ConstantCompare(input + TLS_FINISHED_SZ,
                             ssl->secure_renegotiation->server_verify_data,
                             TLS_FINISHED_SZ) == 0) {
                     WOLFSSL_MSG("SCR client and server verify data match");

From 479de5a211b440edaafc0ff7ebd4a052f1b29215 Mon Sep 17 00:00:00 2001
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
Date: Fri, 6 Mar 2026 17:56:33 +0100
Subject: [PATCH 2/2] Always eval both ConstantCompare statements

---
 src/tls.c | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/src/tls.c b/src/tls.c
index 0a5032c57c..fb5b766dd3 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -6072,15 +6072,16 @@ static int TLSX_SecureRenegotiation_Parse(WOLFSSL* ssl, const byte* input,
             }
             else if (*input == 2 * TLS_FINISHED_SZ &&
                      length == 2 * TLS_FINISHED_SZ + OPAQUE8_LEN) {
+                int cmpRes = 0;
                 input++;  /* get past size */
-
+                cmpRes |= ConstantCompare(input,
+                        ssl->secure_renegotiation->client_verify_data,
+                        TLS_FINISHED_SZ);
+                cmpRes |= ConstantCompare(input + TLS_FINISHED_SZ,
+                        ssl->secure_renegotiation->server_verify_data,
+                        TLS_FINISHED_SZ);
                 /* validate client and server verify data */
-                if (ConstantCompare(input,
-                            ssl->secure_renegotiation->client_verify_data,
-                            TLS_FINISHED_SZ) == 0 &&
-                    ConstantCompare(input + TLS_FINISHED_SZ,
-                            ssl->secure_renegotiation->server_verify_data,
-                            TLS_FINISHED_SZ) == 0) {
+                if (cmpRes == 0) {
                     WOLFSSL_MSG("SCR client and server verify data match");
                     ret = 0;  /* verified */
                 }