Add random delay to enforce_volatile_reads
Add a random delay to mbedtls_platform_enforce_volatile_reads() as a
countermeasure to fault injection attacks.
diff --git a/include/mbedtls/platform_util.h b/include/mbedtls/platform_util.h
index 96c96a3..3bad559 100644
--- a/include/mbedtls/platform_util.h
+++ b/include/mbedtls/platform_util.h
@@ -260,9 +260,12 @@
int mbedtls_platform_random_delay( size_t num );
/**
- * \brief This function does nothing, but can be inserted between
- * successive reads to a volatile local variable to prevent
- * compilers from optimizing them away.
+ * \brief This function can be inserted between successive reads to a
+ * volatile local variable to prevent compilers from optimizing
+ * them away. In addition, this function will spent a small random
+ * time in a busy loop as a counter-measure to fault injection
+ * attack.
+ *
*/
void mbedtls_platform_enforce_volatile_reads( void );
diff --git a/library/platform_util.c b/library/platform_util.c
index 6384d29..acb0ee6 100644
--- a/library/platform_util.c
+++ b/library/platform_util.c
@@ -189,13 +189,10 @@
#endif /* !MBEDTLS_ENTROPY_HARDWARE_ALT */
}
-/* Some compilers (armcc 5 for example) optimize away successive reads from a
- * volatile local variable (which we use as a counter-measure to fault
- * injection attacks), unless there is a call to an external function between
- * them. This functions doesn't need to do anything, it just needs to be
- * in another compilation unit. So here's a function that does nothing. */
void mbedtls_platform_enforce_volatile_reads( void )
{
+ // Add a small random delay as a counter-measure to fault injection attack.
+ mbedtls_platform_random_delay( 50 );
}
#if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_PLATFORM_GMTIME_R_ALT)