Replace mbedtls_platform_enforce_volatile_reads
Replace function mbedtls_platform_enforce_volatile_reads() with
mbedtls_platform_random_delay().
diff --git a/library/pk.c b/library/pk.c
index 27276a8..1e991c5 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -597,7 +597,7 @@
if( ret_fi == UECC_SUCCESS )
{
- mbedtls_platform_enforce_volatile_reads();
+ mbedtls_platform_random_delay( 50 );
if( ret_fi == UECC_SUCCESS )
return( 0 );
else
diff --git a/library/platform_util.c b/library/platform_util.c
index 691af71..6c5bd3e 100644
--- a/library/platform_util.c
+++ b/library/platform_util.c
@@ -198,12 +198,6 @@
#endif /* !MBEDTLS_ENTROPY_HARDWARE_ALT */
}
-void mbedtls_platform_enforce_volatile_reads( void )
-{
- // Add a small random delay as a counter-measure to fault injection attack.
- mbedtls_platform_random_delay( 50 );
-}
-
#if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_PLATFORM_GMTIME_R_ALT)
#include <time.h>
#if !defined(_WIN32) && (defined(unix) || \
diff --git a/library/x509_crt.c b/library/x509_crt.c
index fd3fa1a..e624c6d 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -3043,7 +3043,7 @@
if( ret_fi == 0 )
{
- mbedtls_platform_enforce_volatile_reads();
+ mbedtls_platform_random_delay( 50 );
if( ret_fi == 0 )
signature_is_good = X509_SIGNATURE_IS_GOOD;
}
@@ -3549,7 +3549,7 @@
if( signature_is_good_fi != X509_SIGNATURE_IS_GOOD )
*flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED | X509_BADCERT_FI_EXTRA;
- mbedtls_platform_enforce_volatile_reads();
+ mbedtls_platform_random_delay( 50 );
if( signature_is_good_fi != X509_SIGNATURE_IS_GOOD )
*flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED | X509_BADCERT_FI_EXTRA;
@@ -3861,7 +3861,7 @@
flags_fi = *flags;
if( flags_fi == 0 )
{
- mbedtls_platform_enforce_volatile_reads();
+ mbedtls_platform_random_delay( 50 );
if( flags_fi == 0 )
return( 0 );
}