commit ac6d2269393f699a303e858913586b731630c6bf
author Arto Kinnunen <arto.kinnunen@arm.com> Thu Jan 09 10:11:20 2020 +0200
committer Arto Kinnunen <arto.kinnunen@arm.com> Thu Jan 09 10:19:07 2020 +0200
tree 25dbe398101867f4b40e4eead4a74106fb834aa5
parent 7195571681ec4793f04758ee0ec55de418d2bb69

Update signature of mbedtls_platform_random_delay

Skip parameter and return value from mbedtls_platform_random_delay
to make it more resistant for FI attacks.

library/ssl_cli.c

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 88d609b..3c59923 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -717,7 +717,7 @@
             ( mbedtls_ssl_conf_get_prng( ssl->conf ), p, 28 );
     if( ret == 0 )
     {
-        mbedtls_platform_random_delay(50);
+        mbedtls_platform_random_delay();
         if( ret == 0 )
         {
             ssl->handshake->hello_random_set = MBEDTLS_SSL_FI_FLAG_SET;
@@ -2369,7 +2369,7 @@
 
     if( ret == 0 )
     {
-        mbedtls_platform_random_delay(50);
+        mbedtls_platform_random_delay();
         if( ret == 0 )
         {
             ssl->handshake->premaster_generated = MBEDTLS_SSL_FI_FLAG_SET;
@@ -2442,7 +2442,7 @@
 
     if( ret == 0 )
     {
-        mbedtls_platform_random_delay(50);
+        mbedtls_platform_random_delay();
         if( ret == 0 )
         {
             ssl->handshake->premaster_generated = MBEDTLS_SSL_FI_FLAG_SET;
@@ -3071,7 +3071,7 @@
 
         if( ret == 0 )
         {
-            mbedtls_platform_random_delay(50);
+            mbedtls_platform_random_delay();
 
             if( ret == 0 )
             {