Add user pointer and data size duplication to ssl context.

Signed-off-by: Shelly Liberman <shelly.liberman@arm.com>

include/mbedtls/config.h

@@ -654,6 +654,16 @@
  */
 //#define MBEDTLS_AES_SCA_COUNTERMEASURES
 
+/**
+ * \def MBEDTLS_FI_COUNTERMEASURES
+ *
+ * Add countermeasures against possible  FI attack.
+ *
+ * Uncommenting this macro inrease sode size and slow performence,
+ * it peforms double calls and double result checks of some crypto functions
+ */
+//#define MBEDTLS_FI_COUNTERMEASURES
+
 /**
  * \def MBEDTLS_CAMELLIA_SMALL_MEMORY
  *

include/mbedtls/ssl.h

@@ -1460,6 +1460,10 @@ struct mbedtls_ssl_context
      *  after an initial handshake. */
     unsigned char own_cid[ MBEDTLS_SSL_CID_IN_LEN_MAX ];
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+#if defined(MBEDTLS_FI_COUNTERMEASURES)
+    unsigned char *out_msg_dup;     /*!< out msg ptr duplication  */
+    size_t out_msglen_dup;          /*!< out msg size duplication */
+#endif
 };
 
 #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)