Merge branch 'development' into iotssl-2257-chacha-poly-primitives

* development: (182 commits) Change the library version to 2.11.0 Fix version in ChangeLog for fix for #552 Add ChangeLog entry for clang version fix. Issue #1072 Compilation warning fixes on 32b platfrom with IAR Revert "Turn on MBEDTLS_SSL_ASYNC_PRIVATE by default" Fix for missing len var when XTS config'd and CTR not ssl_server2: handle mbedtls_x509_dn_gets failure Fix harmless use of uninitialized memory in ssl_parse_encrypted_pms SSL async tests: add a few test cases for error in decrypt Fix memory leak in ssl_server2 with SNI + async callback SNI + SSL async callback: make all keys async ssl_async_resume: free the operation context on error ssl_server2: get op_name from context in ssl_async_resume as well Clarify "as directed here" in SSL async callback documentation SSL async callbacks documentation: clarify resource cleanup Async callback: use mbedtls_pk_check_pair to compare keys Rename mbedtls_ssl_async_{get,set}_data for clarity Fix copypasta in the async callback documentation SSL async callback: cert is not always from mbedtls_ssl_conf_own_cert ssl_async_set_key: detect if ctx->slots overflows ...
2018-06-19 11:11:15 +02:00 · 2018-06-19 11:11:15 +02:00 · 0dadba2b58
commit 0dadba2b58
parent c7bc9e122f 8266acacc8
55 changed files with 4659 additions and 266 deletions
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@ -165,6 +165,11 @@ typedef enum {
    MBEDTLS_CIPHER_ARIA_128_CCM,         /**< Aria cipher with 128-bit key and CCM mode. */
    MBEDTLS_CIPHER_ARIA_192_CCM,         /**< Aria cipher with 192-bit key and CCM mode. */
    MBEDTLS_CIPHER_ARIA_256_CCM,         /**< Aria cipher with 256-bit key and CCM mode. */
+    MBEDTLS_CIPHER_AES_128_OFB,          /**< AES 128-bit cipher in OFB mode. */
+    MBEDTLS_CIPHER_AES_192_OFB,          /**< AES 192-bit cipher in OFB mode. */
+    MBEDTLS_CIPHER_AES_256_OFB,          /**< AES 256-bit cipher in OFB mode. */
+    MBEDTLS_CIPHER_AES_128_XTS,          /**< AES 128-bit cipher in XTS block mode. */
+    MBEDTLS_CIPHER_AES_256_XTS,          /**< AES 256-bit cipher in XTS block mode. */
    MBEDTLS_CIPHER_CHACHA20,             /**< ChaCha20 stream cipher. */
    MBEDTLS_CIPHER_CHACHA20_POLY1305,    /**< ChaCha20-Poly1305 AEAD cipher. */
 } mbedtls_cipher_type_t;
@ -175,11 +180,12 @@ typedef enum {
    MBEDTLS_MODE_ECB,                    /**< The ECB cipher mode. */
    MBEDTLS_MODE_CBC,                    /**< The CBC cipher mode. */
    MBEDTLS_MODE_CFB,                    /**< The CFB cipher mode. */
-    MBEDTLS_MODE_OFB,                    /**< The OFB cipher mode - unsupported. */
+    MBEDTLS_MODE_OFB,                    /**< The OFB cipher mode. */
    MBEDTLS_MODE_CTR,                    /**< The CTR cipher mode. */
    MBEDTLS_MODE_GCM,                    /**< The GCM cipher mode. */
    MBEDTLS_MODE_STREAM,                 /**< The stream cipher mode. */
    MBEDTLS_MODE_CCM,                    /**< The CCM cipher mode. */
+    MBEDTLS_MODE_XTS,                    /**< The XTS cipher mode. */
 } mbedtls_cipher_mode_t;

 /** Supported cipher padding types. */
@ -295,7 +301,8 @@ typedef struct {
    /** Number of Bytes that have not been processed yet. */
    size_t unprocessed_len;

-    /** Current IV or NONCE_COUNTER for CTR-mode. */
+    /** Current IV or NONCE_COUNTER for CTR-mode, data unit (or sector) number
+     * for XTS-mode. */
    unsigned char iv[MBEDTLS_MAX_IV_LENGTH];

    /** IV size in Bytes, for ciphers with variable-length IVs. */