Add random delay to enforce_volatile_reads

Add a random delay to mbedtls_platform_enforce_volatile_reads() as a countermeasure to fault injection attacks.
2026-05-11 06:28:17 +02:00 · 2019-12-09 14:39:51 +02:00
parent 9a506e7424
commit 0490485be5
2 changed files with 8 additions and 8 deletions
--- a/include/mbedtls/platform_util.h
+++ b/include/mbedtls/platform_util.h
@@ -260,9 +260,12 @@ uint32_t mbedtls_platform_random_in_range( size_t num );
 int mbedtls_platform_random_delay( size_t num );

 /**
- * \brief       This function does nothing, but can be inserted between
- *              successive reads to a volatile local variable to prevent
- *              compilers from optimizing them away.
+ * \brief       This function can be inserted between successive reads to a
+ *              volatile local variable to prevent compilers from optimizing
+ *              them away. In addition, this function will spent a small random
+ *              time in a busy loop as a counter-measure to fault injection
+ *              attack.
+ *
 */
 void mbedtls_platform_enforce_volatile_reads( void );