- cb6410c Wrapper function for calling parse_certificate_verify by Hannes Tschofenig · 4 years, 8 months ago
- 1c44816 Merge pull request #3913 from jarvte/memfix_variablebuffer by Andrzej Kurek · 4 years, 8 months ago
- b89cf99 Fix possible memory leak when MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH is defined by Teppo Järvelin · 4 years, 8 months ago
- c5b0c6e fix uninitialized variables by Shelly Liberman · 4 years, 8 months ago
- 560203a Merge pull request #3853 from kjbracey-arm/m_narrowloop by Shelly Liberman · 4 years, 9 months ago
- a967a58 [baremetal] Avoid narrow loop counters etc by Kevin Bracey · 4 years, 9 months ago
- 585e9e0 Add MBEDTLS_SSL_CONF_TRANSPORT by Kevin Bracey · 4 years, 9 months ago
- d859db8 Fix MBEDTLS_SSL_CONF_ENDPOINT flagging by Kevin Bracey · 4 years, 9 months ago
- 8b0910a Merge pull request #3815 from AndrzejKurek/cipher-optim-mem-fix by Andrzej Kurek · 4 years, 9 months ago
- 28b3b29 ssl_tls.c: Fix unchecked memory allocation by Andrzej Kurek · 4 years, 9 months ago
- 2e49d07 Describe the behaviour of buffer resizing on an out-of-memory error by Andrzej Kurek · 4 years, 9 months ago
- cd9a6ff Introduce additional flags for buffer upsizing and downsizing by Andrzej Kurek · 4 years, 9 months ago
- 79db2f1 Refactor the buffer resize feature to reduce codesize by Andrzej Kurek · 4 years, 9 months ago
- f384495 Sideport the variable IO buffer size feature to baremetal by Andrzej Kurek · 4 years, 10 months ago
- ff51721 ssl_tls: reduce the complexity of encryption validation by Andrzej Kurek · 5 years ago
- 8ec9e13 ssl_tls: Add a flag indicating that encryption succeeded by Andrzej Kurek · 5 years ago
- 69bafce Improve the FI resistance in ssl_tls.c key switching by Andrzej Kurek · 4 years, 11 months ago
- f7df0d3 Reduce the size of used constant in ssl_tls.c by Andrzej Kurek · 4 years, 11 months ago
- a793237 Calculate hashes of ssl encryption and decryption keys by Andrzej Kurek · 4 years, 11 months ago
- 1175044 Merge enc/dec cipher contexts in ssl transforms by Andrzej Kurek · 4 years, 11 months ago
- 305a5ec Checking in critical places if secured memset() and memcpy() was successful by Piotr Nowicki · 5 years ago
- a6348ed Checking in critical places if the mbedtls_platform_zeroize() was successful by Piotr Nowicki · 5 years ago
- e3c4ee5 Rename mbedtls_platform_memcmp() to mbedtls_platform_memequal() by Piotr Nowicki · 5 years ago
- 3799fc1 Splitting buffers comment added by Shelly Liberman · 5 years ago
- c6a7e6b Enhancement fixes by Shelly Liberman · 5 years ago archive/fi_write_user_data fi_write_user_data
- 4062d6c Add user pointer and data size duplication to ssl context. by shelib01 · 5 years ago
- afec885 Revert a part of the sensitive information duplication changes by Andrzej Kurek · 5 years ago
- c417c78 Merge pull request #3481 from AndrzejKurek/fi_duplicate_buffers_2 by Andrzej Kurek · 5 years ago
- 45e7199 Minor formatting and cosmetic changes by Andrzej Kurek · 5 years ago
- 0919b14 Formatting changes by Andrzej Kurek · 5 years ago
- 84bde41 Add FI countermeasures to the ssl module by Andrzej Kurek · 5 years ago
- 74f7d0f Duplicate sensitive buffer and buffer length information by Andrzej Kurek · 5 years ago
- 78fc139 Add FI countermeasures for sensitive switch instructions by Piotr Nowicki · 5 years ago
- e5425a0 Merge pull request #3408 from AndrzejKurek/hamming-distance-improvements by Andrzej Kurek · 5 years ago
- e048b91 Add returning a FAULT_DETECTED error on suspected FI attacks by Piotr Nowicki · 5 years ago
- 8f52a8a Improve the Hamming distance of ssl_hs_is_proper_fragment return values by Andrzej Kurek · 5 years ago
- 478b05c Merge pull request #3355 from AndrzejKurek/fi_error_codes by Andrzej Kurek · 5 years ago
- fd56f40 Change the default value of status variables to an error by Andrzej Kurek · 5 years ago
- 13bebd0 Keep SSL context const when hw accel is disabled by Manuel Pégourié-Gonnard · 5 years ago
- 731d7c0 Fix lack of cookie check on hard reconnect by Manuel Pégourié-Gonnard · 5 years ago
- 825ebd4 Merge mbedtls 2.16.6 into baremetal by Andrzej Kurek · 5 years ago
- ae48d86 Fix bug in record decompression by Manuel Pégourié-Gonnard · 6 years ago
- 92af9a9 Fixes definition error when the deprecated MBEDTLS_ZLIB_SUPPORT and ENABLE_ZLIB_SUPPORT macro are defined/enabled for zlib support in mbedtls by jiblime · 6 years ago
- 10a2ffd Merge remote-tracking branch 'upstream/pr/2945' into baremetal by Arto Kinnunen · 6 years ago
- ac6d226 Update signature of mbedtls_platform_random_delay by Arto Kinnunen · 6 years ago
- 05ca9d4 Merge remote-tracking branch 'public/pr/2979' into baremetal by Simon Butcher · 6 years ago
- cafb6c9 Clear internal decrypted buffer after read by Teppo Järvelin · 6 years ago
- 7195571 Replace mbedtls_platform_enforce_volatile_reads 2 by Arto Kinnunen · 6 years ago
- 8f7e36f Coverity fixes, check hmac return values by Teppo Järvelin · 6 years ago
- 5aa4c07 Minor review fixes by Jarno Lamsa · 6 years ago
- 015aa44 Make authmode volatile by Jarno Lamsa · 6 years ago
- af60cd7 Protect the peer_authenticated flag more by Jarno Lamsa · 6 years ago
- 8d09e57 Increase hamming distance for session resume flag by Jarno Lamsa · 6 years ago
- 489dccd Adress review comments by Jarno Lamsa · 6 years ago
- 88db2ae Use Platform fault when double check fails by Jarno Lamsa · 6 years ago
- 0616405 Check that we have all the proper keys by Jarno Lamsa · 6 years ago
- e1621d4 Check that the peer_authenticated flag by Jarno Lamsa · 6 years ago
- ba4730f Protect setting of peer_authenticated flag by Jarno Lamsa · 6 years ago
- 4031a45 Protect key_derivation_done flag by Jarno Lamsa · 6 years ago
- 67f0a1e Protect setting of premaster_generated flag by Jarno Lamsa · 6 years ago
- acb5eb0 Add a double check to protect from glitch by Jarno Lamsa · 6 years ago
- b018009 Use invalid state by Jarno Lamsa · 6 years ago
- 2b20516 Make TLS state changes explicit by Jarno Lamsa · 6 years ago
- 9d6a535 Return and propagate UECC_FAULT_DETECTED by Manuel Pégourié-Gonnard · 6 years ago
- 1a53371 Remove curve parameter from public functions by Manuel Pégourié-Gonnard · 6 years ago
- 677b7f6 Fix direct use of struct instead of abstract type by Manuel Pégourié-Gonnard · 6 years ago
- 6f4e030 Changed mbedtls_platform_memcpy to memcpy in places which don't handle critical data by Teppo Järvelin · 6 years ago
- 91d7938 Changed every memcpy to SCA equivalent mbedtls_platform_memcpy by Teppo Järvelin · 6 years ago
- 8a8488c Fix mbedtls_ssl_check_record usage with ext buf by Arto Kinnunen · 6 years ago
- e2bf54d Merge remote-tracking branch 'public/pr/2877' into baremetal by Simon Butcher · 6 years ago
- 895454d Use plain memset() for public data in ssl_tls.c by Manuel Pégourié-Gonnard · 6 years ago
- 54526c3 Use plain memset() for freshly allocated objects by Manuel Pégourié-Gonnard · 6 years ago
- 9941933 Use plain memset() in context init functions by Manuel Pégourié-Gonnard · 6 years ago
- 7a346b8 Replace memset() with mbedtls_platform_memset() by Manuel Pégourié-Gonnard · 6 years ago
- 0efac53 Review fixes: fixed comments to be more accurate and changed one memcmp to safer version by Teppo Järvelin · 6 years ago
- 707ceb8 Replaced mbedtls_ssl_safer_memcmp with mbedtls_platform_memcmp by Teppo Järvelin · 6 years ago
- 650343c Changed mbedtls_platform_memcmp to memcmp for places that don't have critical data and are under baremetal by Teppo Järvelin · 6 years ago
- 61f412e Changed every memcmp to SCA equivalent mbedtls_platform_memcmp by Teppo Järvelin · 6 years ago
- 2829bbf Remove dependency from SSL on PK internals by Manuel Pégourié-Gonnard · 6 years ago
- e8144aa Merge remote-tracking branch 'origin/pr/657' into baremetal by Simon Butcher · 6 years ago
- 88b535a Merge remote-tracking branch 'origin/pr/654' into baremetal by Simon Butcher · 6 years ago
- 303d399 Merge remote-tracking branch 'origin/pr/609' into baremetal by Simon Butcher · 6 years ago
- 3d7439e Review corrections 6 by Arto Kinnunen · 6 years ago
- 84eeb4f Review corrections 5 by Arto Kinnunen · 6 years ago
- a3fa06e Review corrections 3 by Arto Kinnunen · 6 years ago
- 4f4849a Review corrections 2 by Arto Kinnunen · 6 years ago
- 6e3f09b Review corrections by Arto Kinnunen · 6 years ago
- 0b62ce8 Use function for 16/24/32-bit BE conversion by Arto Kinnunen · 6 years ago
- 7fce190 Merge remote-tracking branch 'origin/pr/635' into HEAD by Simon Butcher · 6 years ago
- 9ec3fe0 Introduce configuration option to remove CRT verification callbacks by Hanno Becker · 6 years ago
- a5cedbc Introduce MD handle type by Hanno Becker · 6 years ago
- 7bcf2b5 Introduce version comparing functions by Hanno Becker · 6 years ago
- 982da7e TinyCrypt ECDHE-PSK: Implement mbedtls_ssl_psk_derive_premaster() by Hanno Becker · 6 years ago
- ecf5d3f TinyCrypt SSL: Extend scope of use of TC in PMS derivation by Hanno Becker · 6 years ago
- ee902df TinyCrypt SSL: Implement mbedtls_ssl_check_curve() for TinyCrypt by Hanno Becker · 6 years ago
- 7e9c2e0 TinyCrypt SSL: Adapt ssl_parse_certificate_verify() to TinyCrypt by Hanno Becker · 6 years ago
- c64d5af Fixup: Don't use legacy ECC error code from TinyCrypt by Hanno Becker · 6 years ago
- 7cb5c11 Missing uECC ECDSA flagging by Jarno Lamsa · 6 years ago
- e1c5608 Merge remote-tracking branch 'origin/pr/650' into baremetal by Simon Butcher · 6 years ago
- 8398582 Fix SSL context deserialization by Hanno Becker · 6 years ago