Changed every memcmp to SCA equivalent mbedtls_platform_memcmp
This makes physical attacks more difficult.
Selftest memcmp functions were not changed.
diff --git a/library/ssl_cache.c b/library/ssl_cache.c
index 90e2a81..468273d 100644
--- a/library/ssl_cache.c
+++ b/library/ssl_cache.c
@@ -93,7 +93,7 @@
continue;
}
- if( memcmp( session->id, entry->session.id,
+ if( mbedtls_platform_memcmp( session->id, entry->session.id,
entry->session.id_len ) != 0 )
continue;
@@ -179,7 +179,7 @@
}
#endif
- if( memcmp( session->id, cur->session.id, cur->session.id_len ) == 0 )
+ if( mbedtls_platform_memcmp( session->id, cur->session.id, cur->session.id_len ) == 0 )
break; /* client reconnected, keep timestamp for session id */
#if defined(MBEDTLS_HAVE_TIME)