From 4aaa34c03fa03124830460995bd61e976da28b7d Mon Sep 17 00:00:00 2001
From: Piotr Nowicki <piotr.nowicki@arm.com>
Date: Wed, 20 May 2020 13:57:38 +0200
Subject: [PATCH] Add flow monitor protection to mbedtls_platform_memcmp()

Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
---
 library/platform_util.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/library/platform_util.c b/library/platform_util.c
index 2c22b3c64..2b8eb5672 100644
--- a/library/platform_util.c
+++ b/library/platform_util.c
@@ -125,22 +125,25 @@ int mbedtls_platform_memcmp( const void *buf1, const void *buf2, size_t num )
     volatile unsigned char diff = 0;
 
     size_t i = num;
-
+    size_t flow_counter = 0;
     size_t start_offset = (size_t) mbedtls_platform_random_in_range( num );
 
     for( i = start_offset; i < num; i++ )
     {
         unsigned char x = A[i], y = B[i];
+        flow_counter++;
         diff |= x ^ y;
     }
 
     for( i = 0; i < start_offset; i++ )
     {
         unsigned char x = A[i], y = B[i];
+        flow_counter++;
         diff |= x ^ y;
     }
 
-    return( diff );
+    /* Return 0 only when diff is 0 and flow_counter is equal to num */
+    return( (int) diff | (int) ( flow_counter ^ num ) );
 }
 
 uint32_t mbedtls_platform_random_in_range( size_t num )