Calculate hashes of ssl encryption and decryption keys Optimize the key switching mechanism to set the key only if a different operation is performed with the context. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>

commit: a793237998d9f52f21049b5339da9ece2ffd3394 [log] [tgz]
author: Andrzej Kurek <andrzej.kurek@arm.com> Sat Sep 19 07:56:06 2020 +0200
committer: Andrzej Kurek <andrzej.kurek@arm.com> Sat Sep 19 08:04:05 2020 +0200
tree: 45ba1c39aa7c714b93a37462c712089c1e1b0787
parent: d81351b047a3ffc0ed7d7102673e76ac65c34916 [diff] [blame]
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 1cf868f..06cdde9 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h

@@ -2740,6 +2740,18 @@
 //#define MBEDTLS_CRC_C
 
 /**
+ * \def MBEDTLS_VALIDATE_SSL_KEYS_INTEGRITY
+ *
+ * Enable validation of ssl keys by checking their hash
+ * during every encryption/decryption.
+ *
+ * Module:  library/ssl_tls.c
+ *
+ * Requires: MBEDTLS_SSL_TRANSFORM_OPTIMIZE_CIPHERS
+ */
+//#define MBEDTLS_VALIDATE_SSL_KEYS_INTEGRITY
+
+/**
  * \def MBEDTLS_VALIDATE_AES_KEYS_INTEGRITY
  *
  * Enable validation of AES keys by checking their hash
commit	a793237998d9f52f21049b5339da9ece2ffd3394	[log] [tgz]
author	Andrzej Kurek <andrzej.kurek@arm.com>	Sat Sep 19 07:56:06 2020 +0200
committer	Andrzej Kurek <andrzej.kurek@arm.com>	Sat Sep 19 08:04:05 2020 +0200
tree	45ba1c39aa7c714b93a37462c712089c1e1b0787
parent	d81351b047a3ffc0ed7d7102673e76ac65c34916 [diff] [blame]