Update signature of mbedtls_platform_random_delay Skip parameter and return value from mbedtls_platform_random_delay to make it more resistant for FI attacks.

commit: ac6d2269393f699a303e858913586b731630c6bf [log] [tgz]
author: Arto Kinnunen <arto.kinnunen@arm.com> Thu Jan 09 10:11:20 2020 +0200
committer: Arto Kinnunen <arto.kinnunen@arm.com> Thu Jan 09 10:19:07 2020 +0200
tree: 25dbe398101867f4b40e4eead4a74106fb834aa5
parent: 7195571681ec4793f04758ee0ec55de418d2bb69 [diff] [blame]
diff --git a/library/x509_crt.c b/library/x509_crt.c
index e624c6d..af8f1d6 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c

@@ -3043,7 +3043,7 @@
 
         if( ret_fi == 0 )
         {
-            mbedtls_platform_random_delay( 50 );
+            mbedtls_platform_random_delay();
             if( ret_fi == 0 )
                 signature_is_good = X509_SIGNATURE_IS_GOOD;
         }
@@ -3549,7 +3549,7 @@
         if( signature_is_good_fi != X509_SIGNATURE_IS_GOOD )
             *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED | X509_BADCERT_FI_EXTRA;
 
-        mbedtls_platform_random_delay( 50 );
+        mbedtls_platform_random_delay();
         if( signature_is_good_fi != X509_SIGNATURE_IS_GOOD )
             *flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED | X509_BADCERT_FI_EXTRA;
 
@@ -3861,7 +3861,7 @@
     flags_fi = *flags;
     if( flags_fi == 0 )
     {
-        mbedtls_platform_random_delay( 50 );
+        mbedtls_platform_random_delay();
         if( flags_fi == 0 )
             return( 0 );
     }
commit	ac6d2269393f699a303e858913586b731630c6bf	[log] [tgz]
author	Arto Kinnunen <arto.kinnunen@arm.com>	Thu Jan 09 10:11:20 2020 +0200
committer	Arto Kinnunen <arto.kinnunen@arm.com>	Thu Jan 09 10:19:07 2020 +0200
tree	25dbe398101867f4b40e4eead4a74106fb834aa5
parent	7195571681ec4793f04758ee0ec55de418d2bb69 [diff] [blame]