aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorShelly Liberman <shelly.liberman@arm.com>2020-08-05 15:26:10 +0300
committerShelly Liberman <shelly.liberman@arm.com>2020-08-05 15:40:15 +0300
commitc6a7e6b0c4f9028c56b124be3f879f20247fb0eb (patch)
tree84a2ad66a5b4bec339316463733573ba6aa02fbc
parent4062d6ca6848c0b4d3fdc82077bc970c174d7115 (diff)
downloadmbed-tls-fi_write_user_data.tar.gz
Enhancement fixesfi_write_user_data
Co-authored-by: Andrzej Kurek <andrzej.kurek@arm.com> Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>
-rw-r--r--configs/baremetal.h2
-rw-r--r--include/mbedtls/config.h6
-rw-r--r--library/ssl_tls.c18
3 files changed, 13 insertions, 13 deletions
diff --git a/configs/baremetal.h b/configs/baremetal.h
index 6ed4b8410..c93f53af9 100644
--- a/configs/baremetal.h
+++ b/configs/baremetal.h
@@ -146,7 +146,7 @@
#define MBEDTLS_DEPRECATED_REMOVED
-/* Fault Injection Countermesures */
+/* Fault Injection Countermeasures */
#define MBEDTLS_FI_COUNTERMEASURES
#if defined(MBEDTLS_USER_CONFIG_FILE)
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 4ac141ef9..9b885973b 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -657,10 +657,10 @@
/**
* \def MBEDTLS_FI_COUNTERMEASURES
*
- * Add countermeasures against possible FI attack.
+ * Add countermeasures against a possible FI attack.
*
- * Uncommenting this macro inrease sode size and slow performence,
- * it peforms double calls and double result checks of some crypto functions
+ * Uncommenting this macro increases code size and slows performance,
+ * it performs double calls and double result checks of some crypto functions
*/
//#define MBEDTLS_FI_COUNTERMEASURES
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index a4508197c..3f4ac749a 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -11269,36 +11269,36 @@ static int ssl_write_real( mbedtls_ssl_context *ssl,
*/
ssl->out_msglen = len;
ssl->out_msgtype = MBEDTLS_SSL_MSG_APPLICATION_DATA;
- mbedtls_platform_memcpy(ssl->out_msg, buf, len);
+ mbedtls_platform_memcpy( ssl->out_msg, buf, len );
#if defined(MBEDTLS_FI_COUNTERMEASURES) && !defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
/* Secure against buffer substitution */
if (buf == ssl->out_msg_dup &&
ssl->out_msglen == ssl->out_msglen_dup &&
- ssl->out_msg_dup[0] == ssl->out_msg[0])
+ ssl->out_msg_dup[0] == ssl->out_msg[0] )
{/*write record only if data was copied from correct user pointer */
#endif
- if ((ret = mbedtls_ssl_write_record(ssl, SSL_FORCE_FLUSH)) != 0)
+ if ( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 )
{
- MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_record", ret);
- return(ret);
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret );
+ return( ret );
}
#if defined(MBEDTLS_FI_COUNTERMEASURES) && !defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
}
else
{
- return(MBEDTLS_ERR_PLATFORM_FAULT_DETECTED);
+ return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
}
#endif
}
- if (ret == 0)
+ if ( ret == 0 )
{
- return((int)len);
+ return( (int) len );
}
else
{
- return(MBEDTLS_ERR_PLATFORM_FAULT_DETECTED);
+ return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED );
}
}