From c6a7e6b0c4f9028c56b124be3f879f20247fb0eb Mon Sep 17 00:00:00 2001 From: Shelly Liberman Date: Wed, 5 Aug 2020 15:26:10 +0300 Subject: [PATCH] Enhancement fixes Co-authored-by: Andrzej Kurek Signed-off-by: Shelly Liberman --- configs/baremetal.h | 2 +- include/mbedtls/config.h | 6 +++--- library/ssl_tls.c | 18 +++++++++--------- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/configs/baremetal.h b/configs/baremetal.h index 6ed4b8410..c93f53af9 100644 --- a/configs/baremetal.h +++ b/configs/baremetal.h @@ -146,7 +146,7 @@ #define MBEDTLS_DEPRECATED_REMOVED -/* Fault Injection Countermesures */ +/* Fault Injection Countermeasures */ #define MBEDTLS_FI_COUNTERMEASURES #if defined(MBEDTLS_USER_CONFIG_FILE) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 4ac141ef9..9b885973b 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -657,10 +657,10 @@ /** * \def MBEDTLS_FI_COUNTERMEASURES * - * Add countermeasures against possible FI attack. + * Add countermeasures against a possible FI attack. * - * Uncommenting this macro inrease sode size and slow performence, - * it peforms double calls and double result checks of some crypto functions + * Uncommenting this macro increases code size and slows performance, + * it performs double calls and double result checks of some crypto functions */ //#define MBEDTLS_FI_COUNTERMEASURES diff --git a/library/ssl_tls.c b/library/ssl_tls.c index a4508197c..3f4ac749a 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -11269,36 +11269,36 @@ static int ssl_write_real( mbedtls_ssl_context *ssl, */ ssl->out_msglen = len; ssl->out_msgtype = MBEDTLS_SSL_MSG_APPLICATION_DATA; - mbedtls_platform_memcpy(ssl->out_msg, buf, len); + mbedtls_platform_memcpy( ssl->out_msg, buf, len ); #if defined(MBEDTLS_FI_COUNTERMEASURES) && !defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) /* Secure against buffer substitution */ if (buf == ssl->out_msg_dup && ssl->out_msglen == ssl->out_msglen_dup && - ssl->out_msg_dup[0] == ssl->out_msg[0]) + ssl->out_msg_dup[0] == ssl->out_msg[0] ) {/*write record only if data was copied from correct user pointer */ #endif - if ((ret = mbedtls_ssl_write_record(ssl, SSL_FORCE_FLUSH)) != 0) + if ( ( ret = mbedtls_ssl_write_record( ssl, SSL_FORCE_FLUSH ) ) != 0 ) { - MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_write_record", ret); - return(ret); + MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_write_record", ret ); + return( ret ); } #if defined(MBEDTLS_FI_COUNTERMEASURES) && !defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) } else { - return(MBEDTLS_ERR_PLATFORM_FAULT_DETECTED); + return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED ); } #endif } - if (ret == 0) + if ( ret == 0 ) { - return((int)len); + return( (int) len ); } else { - return(MBEDTLS_ERR_PLATFORM_FAULT_DETECTED); + return( MBEDTLS_ERR_PLATFORM_FAULT_DETECTED ); } }