From 1a90105bd7b6e69959b01548d5c32c22a07bb9aa Mon Sep 17 00:00:00 2001
From: Seppo Takalo <seppo.takalo@arm.com>
Date: Fri, 1 Nov 2019 16:51:41 +0200
Subject: [PATCH] Remove usage of Mbed TLS internal function from DeviceKey.

DeviceKey was using mbedtls_ssl_safer_memcmp() to compare result against
buffer of equal length, but zero content. This comparison makes no sense
as the entropy function is already returning proper error, if it fails.
---
 features/device_key/source/DeviceKey.cpp | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/features/device_key/source/DeviceKey.cpp b/features/device_key/source/DeviceKey.cpp
index d8e4eb1fda7..591dac28d1e 100644
--- a/features/device_key/source/DeviceKey.cpp
+++ b/features/device_key/source/DeviceKey.cpp
@@ -270,14 +270,12 @@ int DeviceKey::generate_key_by_random(uint32_t *output, size_t size)
     }
 
 #if defined(DEVICE_TRNG) || defined(MBEDTLS_ENTROPY_NV_SEED) || defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
-    uint32_t test_buff[DEVICE_KEY_32BYTE / sizeof(int)];
     mbedtls_entropy_context *entropy = new mbedtls_entropy_context;
     mbedtls_entropy_init(entropy);
     memset(output, 0, size);
-    memset(test_buff, 0, size);
 
     ret = mbedtls_entropy_func(entropy, (unsigned char *)output, size);
-    if (ret != MBED_SUCCESS || mbedtls_ssl_safer_memcmp(test_buff, (unsigned char *)output, size) == 0) {
+    if (ret != MBED_SUCCESS) {
         ret = DEVICEKEY_GENERATE_RANDOM_ERROR;
     } else {
         ret = DEVICEKEY_SUCCESS;