Update signature of mbedtls_platform_random_delay
Skip parameter and return value from mbedtls_platform_random_delay
to make it more resistant for FI attacks.
diff --git a/library/x509_crt.c b/library/x509_crt.c
index e624c6d..af8f1d6 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -3043,7 +3043,7 @@
if( ret_fi == 0 )
{
- mbedtls_platform_random_delay( 50 );
+ mbedtls_platform_random_delay();
if( ret_fi == 0 )
signature_is_good = X509_SIGNATURE_IS_GOOD;
}
@@ -3549,7 +3549,7 @@
if( signature_is_good_fi != X509_SIGNATURE_IS_GOOD )
*flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED | X509_BADCERT_FI_EXTRA;
- mbedtls_platform_random_delay( 50 );
+ mbedtls_platform_random_delay();
if( signature_is_good_fi != X509_SIGNATURE_IS_GOOD )
*flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED | X509_BADCERT_FI_EXTRA;
@@ -3861,7 +3861,7 @@
flags_fi = *flags;
if( flags_fi == 0 )
{
- mbedtls_platform_random_delay( 50 );
+ mbedtls_platform_random_delay();
if( flags_fi == 0 )
return( 0 );
}