History: ip_tls_base

This page describes all changes made to the ip_tls_base package, TLS and DTLS base, since its release.


1.9 (2021-03-08, 13:26)

  • Unread data can be accessed after the peer sent the request to close the connection.
  • F      (IP_NTF_DCON_WAIT state).

1.8 (2021-03-02, 10:00)

  • Corrected compilation warnings for TLS_1_3 disabled

1.7 (2021-02-12, 10:10)

  • Corrected Signature extension handling for TLS 1.2.
  • Corrected mapping of verify flag in case of RAW interface.

1.6 (2021-02-04, 16:00)

  • Added SCAD mappings.

1.5 (2021-02-04, 15:25)

  • Compilation issue fixed when only TLS 1.2 and DTLS 1.2 enabled with AEAD support disabled.
  • Configuration updated for TLS 1.3 in config_tls.h file.
  • MISRA-2004 warnings fixed and report updated.

1.4 (2021-02-01, 16:10)

  • Compilation issues fixed when TLS 1.2 compiled without TLS 1.3 files.

1.3 (2020-12-29, 10:30)

  • Corrected data signature check.
  • Corrected handling of change cipher in case of TLS 1.3 and mutual verification.

1.2r1 (2020-12-11, 17:45)

  • DTLS file inclusion path corrected after ip_dtls_1_2 package creation.

1.2 (2020-11-30, 15:40)

  • Moved ECC point format extension related macros to TLS_1_2 package and added TLS version check flag for checking ECC point format extension.
  • Added check for ChangeCipherSpec message for server when HelloRetryRequest is False while decoding PDU.
  • Warning removed if only TLS 1.3 was enabled.

1.1 (2020-11-03, 12:40)

  • Initial release of ip_tls_base package due to addition of TLS 1.3 support along with TLS 1.2 protocol.  

This package contains common functionalities shared between TLS 1.2 and TLS 1.3 protocols.

The ip_tls_1_2 package includes all original ip_tls package functionality and the change history can be referred to below:


Original TLS Change history

4.13 (2020-10-30, 18:32):

  • psp_memmove() used instead of psp_memcpy() in case of overlapping source and destination memory regions.

4.12 (2020-10-01, 09:00)

  • Corrected compilation error in case TLS_CONTEXT_MAX_COUNT = 0.

4.11 (2020-09-24, 11:50)

  • Fixed handling of Signature extension.
  • Fixed RAW interface handling of incoming data when moved to OPEN state. It could get to an endless loop if DATA packet was received just after handshake when used without an OS.        

4.10 (2020-09-17, 9:45)

  • Added support for for flag TLS_TCP_CONN_INF_FLAG_OWN_ENC, that allows connection to allocate an encryption driver instance (instead of using TLS main instance).
  • Cleared compiler warnings.      

4.9 (2020-06-17, 10:05):

  • Corrected TLS task to prevent infinite loop when DTLS retransmit event occurs.
  • tls_hdlr_alert() now returns an error code TLS_PEER_FATAL_ERR ored with Fatal error. This fixes a problem that tls_server/client_handshake_socket() did not return an error when peer sent a FATAL error.
  • Removed return value from tls_conn_timeout_hdlr as it always returned the same value.    

4.8 (2020-06-15, 11:05):

  •  Corrected Server ciphersuite select that allowed to select a ciphersuite even there was no matching device certificate.   

4.7 (2020-06-12, 08:45):

  • Added missing tls_crl_init to tls_init.
  • Removed 'extern' on CA certificates definition, which caused compilation warnings on some compilers.

4.6 (2020-06-10, 13:05):

  • Fixed tls_select_socket deadlock problem (function doesn't use TLS main resource mutex anymore).
  • Corrected search for certificate by signature index (wrong conversion was used to convert signature index to signature algorithm type).        

4.5 (2020-06-03, 10:25):

  • Added support for CRL files to add revocation list basing on issuer and certificate serial number.

                              - CRL is checked for correct signature (can be disabled by using TLS_CRL_FLAGS_DO_NOT_VERIFY flag).
                              - Only new entries are added.
                              - Support for DELTA CRL's.
4.4 (2020-05-25, 11:45):

  • Added context for Certificates that allows use of different certificates for different connections.
  • Corrected search of connection to prevent blocking on other connection mutex.   

4.3 (2020-03-19, 12:00):

  • Added function for dynamic enable/disable certificate checks
  • Added certificates are now checked if they did not expired.    

4.2 (2019-11-12, 12:00):

  • Modified server Key exchange mechanism to support mixed modes ECDHE_RSA, DHE_RSA.        

4.1 (2019-10-30, 9:00):

  • Modified DTLS to work with stacks other than HCC.
  • Fixed sending of TLS PDU which to use memmove when moving encrypted data.
  • Fixed dtls_server_handshake_socket that could reference a NULL pointer.
  • DTLS client does not reset the sequence number when sending client hello without a cookie.    

3.52r4 (2020-03-13, 15:48):

  • Certificate management document added.    

3.52r3 (2020-02-20, 12:48):

  • ip_tls_test package added to the dependencies in the INFO file.

3.52r2 (2019-11-11, 10:57):

  • Missing ENC packages added to the dependency list in the info file.     

3.52 (2019-10-15, 15:51):

  • During TLS handshake the Timer could have been held up for several seconds, impacting timeout handling of other modules using mutil_timer package. (tls_rf_timer() could wait for mutex locked for several seconds during the handshake process).       

3.51 (2019-10-11, 15:00):

  • Added clearing of tlsc_hs_buf_used at initialization.
  • Cipher suites without certificate are now not selected by server.
  • Corrected handling of hello extension supported Signatures.
  • Updated Geotrust Global CA as previous one expired.

3.50r2 (2019-11-08, 18:20):

  • Inherited the TLS 1.2 version info. Future development to the TLS base will be independent. From now on, the TLS Base package will be maintained independently.

3.50 (2019-10-09, 12:18):

  • Added checking of local CA certificate in the middle of the certificates chain received. This change was triggered by an issue in the sequence of the CA cert sent from the Amazon server. Usually the server sends the CA cert at the end of the chain, but Amazon sent it in the middle of the chain.

3.49 (2019-09-26, 13:00):

  • Added Server Name Indication (SNI) extension for client.

3.48 (2019-04-09, 12:00):

  • Corrected extraction of Public key from Client certificate ( messages handled in server handshake handler are now parsed from Handshake buffer which is consistent during whole handshake process).

3.47 (2019-01-24, 09:15):

  • Added missing return of TLS_OK to the function tls_set_host_ca_chain().

3.46 (2019-01-18, 09:30):

  • Corrected includes and calls for psp_alloc.h.

3.45 (2018-09-27, 14:30):

  • Fixed compiler warnings.
  • Code aligned with company's coding convention.

3.44 (2018-09-17, 08:00):

  • Added new interfaces to limit the simultaneous connections of a DTLS server.
  • Added new interfaces to query IP and port information related to DTLS connections.
  • Fix for DTLS server handling colliding client connections.

3.43r2 (2018-08-29, 18:21):

  • Document HTML link added to the documentation folder.
  • History and document files renamed to the package name.

3.43 (2018-8-08, 14:00):

  • Fix for DTLS server handshake (client could not connect to it).
  • Removed EPA leftovers.

3.42 (2018-7-05, 13:00):

  • Fix for DTLS client handshake.

3.41 (2018-4-30, 13:00):

  • Added multiple connection handling for DTLS sockets.
  • Added dtls_get_srv_conn_socket() to get new connections that were received during other connection execution.
  • dtls_server_handshake_socket() returns TLS_DTLS_NEW_CONN when a new connection is detected but does not change the handle.
  • dtls_receive_socket() returns TLS_DTLS_NEW_CONN when a new connection is detected.

3.40 (2018-3-26, 12:45):

  • Added checking of subject's alternative name when common name in certificate does not match.

3.39 (2018-01-26 15:00):

  • Added renegotiation mechanism to the TLS.

Added config macros:

  •     TLS_RENEGOTIATION_ENABLE (1) - enables code responsible for renegotiation.
  •     TLS_REN_UNSEC_ENABLE (0) enables insecure renegotiation.
  •     TLS_REN_CLIENT_DETECT_ENABLE (1) - enables detecting if client supports renegotiation.

Added configuration flags to control the renegotiation mechanism:

  •     TLS_TCP_CONN_INF_FLAG_DIS_REN - disables renegotiation for given connection.
  •     TLS_TCP_CONN_INF_FLAG_REN_FATAL - If this flag is set, renegotiation failure (peer sends ALERT_NO_RENEGOTIATION) will lead to a connection FATAL error (closing of connection). In other cases such an error will stop renegotiation without an error.
  • added API functions:

      - tls_renegotiate_tcp() - tries to start renegotiation on an open connection (native interface).

      - t_tls_ret tls_renegotiate_socket() - tries to start renegotiation on an open connection (socket interface).

      - tls_server_handshake_socket_ext() - executes server handshake for socket connection with extension to pass renegotiation flags.

      - tls_client_handshake_socket_ext() - executes client handshake for socket connection with extension to pass renegotiation flags.

  • Session keys are now calculated when changing cipher suite for read and write (key calculation is made twice, this needed by renegotiation mechanism to prevent overwriting already existing keys).
  • Renegotiation for DTLS is not working so disabled it for such connections.
  • Corrected TLS_AEAD_ENABLE code inclusion.

3.38 (2018-01-22 13:05)r2:

  • Corrected function description of tls_get_randoms_raw().

3.38 (2018-01-19 10:00):

  • Separated EAP-TLS from main TLS module.
  • Added RAW interface that is used by EAP-TLS module to communicate with EAP-TLS stack.

3.37 (2018-01-16 16:00):

  • Added handling of certificates without the subject field. They are accepted when TLS_TRUST_NO_SUBJECT_CERT is set to 1 and the peer name during connection is configured to be empty.
  • Added handling of extended time in certificate validation time field.

3.36 (2017-11-14 12:00):

  • Added missing mutex release in tls_eap_hdl_msg_cb().

3.35 (2017-11-09 09:00):

  • Added enable macros for MD5, SHA1, SHA256, AES, and TDES.
  • MD5 can be disabled when using only TLS1.2 and with no DSA certificate used.
  • SHA1 can be disabled if only TLS1.2 is enabled.
  • SHA256 can be disabled if TLS1.2 is used with a cipher suite that uses SHA384/SHA512 for its pseudorandom function.
  • Added const attribute to EDH parameters and hash configuration.

3.34 (2017-11-08 09:00):

  • Added EAP-TLS functionality
  •  tls_send_rem_msg() now returns TLS_WAIT in case connection type is not TCP or Socket. TLS_WAIT must be returned in case of EAP connections.
  • Added CRESUME flag to indicate a client connection that has a valid resume session.
  • Corrected session reference count when obtaining new session (previous session reference count is now decremented).
  • Added interface for external certificate store and validation.
  • tls_create_conn() takes a void parameter as connection handler (previously there were two parameters for socket and TCP handle).
  • Corrected Heartbeat behavior (for send/receive Heartbeat timeout should be set only if peer allows it to send Heartbeat).

3.33 (2017-10-20 12:00):

  • Last certificate is now checked if it was signed with CA certificate (in the case where CA certificate is not sent by peer).
  • Corrected handling of Hello extension: allowed signing/hash pairs.

3.32 (2017-10-12 10:20):

  • Corrected config_tls.c to use correct CA certificate with given cipher suite.
  • DTLS UDP server: corrected dtls_udp_srv_receive() overflow table. dtls_srv_udp_tab size is DTLS_UDP_MAX_PORT_SRV_CNT (not TLS_MAX_CONN_SIZE).

3.31 (2017-10-10, 12:42):

  • UDP version check was fixed.

3.30 (2017-10-05, 08:10):

  • udp_open() call was changed according to new API.

3.29 (2017-09-14, 08:00):

  • Server certificate organization name comparison now recognizes wildcard '*'. (Will recognize server names like "*.example.com" and "something*.example.com".)
  • Added checking of peer_name length in tls_tcp_connect().
  • Corrected infinite loop in the tls_handshake in case of preemptive OS and receiving TLS alert.
  • Corrected use of PSP_RTC in certificate expiration check. Minimal value of year date is PSP_RTC_YEAR_MIN (not 0).

3.28r3 (2017-06-08, 9:30):

  • Updated incorrect config_tls.h file.

3.28r2 (2017-06-08, 9:00):

  • Updated history file with release date.

3.28 (2017-06-07, 14:00):

  • Added AEAD support.
  • Added signature_algorithm extension to Hello message.
  • Added support for HASH384 in cipher suites.
  • Added support for AES_GCM cipher suites.
  • Added example of configuration for TLS 1.2 suite B (hcc\src\config_template\config_suite_b).
  • Corrected function comments in api_tls.h.


  • Connection mutexes are now created in tls_init, not during connection create.
  • Corrected use of connection mutex (connection search functions take connection mutex if they succeed).
  • Client verify mechanism corrected (open issue: Client verify does not work for SSL3.0 connection with DSA signature).
  • TLS now forwards IP_NTF_* to the user application if more than one notify is set.
  • Corrected use of PSP_RTC related to change of API to 2.1.
  • Use of malloc is now configurable (TLS_CONN_BUF_DYNALLOC).


  • Version check of RTC was fixed.


  • Corrected compilation warnings.


  • Replaced HCC sockets calls with psp_sockets wrapper.
  • Corrected mutex protection for connection data.

3.23 r2:

  • Added missing macro in configuration file.


  • Added functions tls_select_socket(), tls_poll_socket(), tls_rx_ready_tcp().
  • tls_receive_socket() can read data for any given block length.
  • Corrected receiving of TLS data PDUs.
  • Corrected checking of DSS signed certificates.
  • Corrected behavior when there are no available buffers.
  • Added macros for enabling supported TLS protocols.
  • Added support for cipher suites ECDHE_RSA/DHE_RSA in client mode.
  • Corrected certificate time expiration check (month value read from RTC is in range 0-11, not 1-12).
  • Added PSP version checks.


  • Correct config file to use new RSA module.
  • Corrected signature check of DSA signed certificate.


  • Corrected compilation warnings.
  • Get random bytes uses now RTc for generating seed value, not the psp_tick.


  • Corrected tls_delete() (previously it always returned error code).
  • Corrected setting of FIONBIO option in case of socket interface.
  • Added checking of invalid connection handler in functions tls_search_conn_tcp() and tls_search_conn_socket().


  • Added support for Elliptic Curve Cryptography.
  • Corrected EDH key exchange mechanism and added DSA certificate check.
  • Corrected situation in which TLS timeout and data was received simultaneously (this was causing an infinite loop in TLS task).


  • Updated code to use standardized PSP RTC functions.


  • Added support to use TLS with LwIP stack.
  • Corrected issues related with enabling interfaces with different configuration.
  • Added second certificate that uses RSA_WITH_AES_128_CBC_SHA. First certificate uses RSA_WITH_AES_128_CBC_SHA256, that is not always supported by peers.


  • Added example TLS configuration with a demo CA certificate and device certificate (peer name 'HCC demo'). Added certificates have expiration date written in comment to regenerate them when they expire.


  • Updated to work with IP protocol version 6.
  • Removed restriction no to use Cipher-suite RSA_AESCBC_SHA256.
  • Added fix not to run out of IP buffers in case of DTLS native connection.
  • Corrected resetting of retransmission timeout in case of last DTLS flight.
  • In case of sending DLT client hello message (that contains a cookie) random number is not regenerated.


  • Updated TLS to work with new IPStack version 6.02.


  • Updated TLS to work with new IPStack.


  • Added support for multiple handshake messages in RecordLayer.
  • Fixed handling of multiple RecordLayer blocks in a single PDU.
  • Cleaned up configuration template by setting values to default.
  • Added authorization certificates:

      - Geotrust Global CA (expire date: 2018-08-21 04:00:00 (UTC))

      - GlobalSign Organization Validation CA - G2 (expire date: 2022-04-13 10:00:00 (UTC))

      - VeriSign Class 3 Public Primary Certification (expire date: 2021-11-07 23:59:59 (UTC))

 Known issues:

  •   TLS uses psp_mallock() which violates MISRA rules.
  •   If TLS fails to get IP buffer connection to peer is closed (applies only to platforms without operating system).
  •   Client verify mechanism is not working.
  •   Cipher-suite that are based on DSA are not working.
  •   Cipher-suite RSA_AESCBC_SHA256 is not working as decryption algorithm (this cipher suite is optional).
  •   DTLS: If TLS:finished message is lost, connection is not established. Specification says that server finished message should not be repeated by retransmit mechanism.
  •   DTLS: Retransmit mechanism sends whole flight (example 3 messages). It is possible that not all messages will be send during retransmit, if we won't have enough free IP buffers (applies only to platforms without operating system)
  •   Receive packet function for TLS/DTSL socket interface is non blocking.


  • Added DTLS1.0 and DTLS 1.2 support.
  • Found Bug: Client certificate Verification does not work.


 - Corrected mutex use.

 - Corrected TCP interface to work under RTOS.


 - Added version rollback detection.

 - Added detection of RSA512 keys (they are rejected).

 - Added tls_start_tcp to enable starting handshake in any time, not only on connection establishment (needed by SMTP STARTTTLS).

 - encapsulated connection parameters into a structure to reduce function parameters.


 - Corrected function declaration.

 - Change tls_tcp_get_buf() to always allocate a buffer it is available and return allocated buffer size.

 - TCP interface generates IP_NTF_TX_RDY notifications. Previously these notifications were not passed to the user.


 - Compression method is now checked

 - Corrected message size checking in client/server hello message handler

 - Corrected handling of fragmented PDUs in application data mode


 - Corrected error handling for socket_recv(), socket_send().

 - Corrected TCP notify callback to handle cases when multiple flags are set.

 - Corrected incorrect comments.

 - Corrected Releasing of IP buffers.

 - Corrected obtaining session in resume mechanism.


 - Updated to be compatible with IP stack 4.11.

 - Corrected TCP notify callback to handle cases when multiple flags are set.


 - Added client resume mechanism.

 - Added heartbeat extension.

 - TCP/socket interface can be used simultaneously.

 - TCP interface for TLS is non blocking.

 - Added Timeout mechanism for TLS TCP connection (there is generated notification to the user).

 - Added interface to the encryption module (encryption algorithms are now not part of TLS).


 - Release from 03 July 2012.