Merge branch 'development-proposed' into development-restricted-proposed

Resolve merge conflict in ecp.h, where `mbedtls_ecp_keypair` was moved.
2018-04-24 17:15:38 +01:00 · 2018-04-24 17:15:38 +01:00 · 8945343a51
commit 8945343a51
parent 5450d1f597 1afdec1812
7 changed files with 751 additions and 620 deletions
--- a/include/mbedtls/ccm.h
+++ b/include/mbedtls/ccm.h
@ -1,8 +1,11 @@
 /**
 * \file ccm.h
 *
- * \brief CCM combines Counter mode encryption with CBC-MAC authentication
- *        for 128-bit block ciphers.
+ * \brief This file provides an API for the CCM authenticated encryption
+ *        mode for block ciphers.
+ *
+ * CCM combines Counter mode encryption with CBC-MAC authentication
+ * for 128-bit block ciphers.
 *
 * Input to CCM includes the following elements:
 * <ul><li>Payload - data that is both authenticated and encrypted.</li>
@ -80,7 +83,8 @@ void mbedtls_ccm_init( mbedtls_ccm_context *ctx );
 * \param key       The encryption key.
 * \param keybits   The key size in bits. This must be acceptable by the cipher.
 *
- * \return          \c 0 on success, or a cipher-specific error code.
+ * \return          \c 0 on success.
+ * \return          A CCM or cipher-specific error code on failure.
 */
 int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
                        mbedtls_cipher_id_t cipher,
@ -98,6 +102,13 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx );
 /**
 * \brief           This function encrypts a buffer using CCM.
 *
+ *
+ * \note            The tag is written to a separate buffer. To concatenate
+ *                  the \p tag with the \p output, as done in <em>RFC-3610:
+ *                  Counter with CBC-MAC (CCM)</em>, use
+ *                  \p tag = \p output + \p length, and make sure that the
+ *                  output buffer is at least \p length + \p tag_len wide.
+ *
 * \param ctx       The CCM context to use for encryption.
 * \param length    The length of the input data in Bytes.
 * \param iv        Initialization vector (nonce).
@ -112,13 +123,8 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx );
 * \param tag_len   The length of the tag to generate in Bytes:
 *                  4, 6, 8, 10, 12, 14 or 16.
 *
- * \note            The tag is written to a separate buffer. To concatenate
- *                  the \p tag with the \p output, as done in <em>RFC-3610:
- *                  Counter with CBC-MAC (CCM)</em>, use
- *                  \p tag = \p output + \p length, and make sure that the
- *                  output buffer is at least \p length + \p tag_len wide.
- *
 * \return          \c 0 on success.
+ * \return          A CCM or cipher-specific error code on failure.
 */
 int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
                         const unsigned char *iv, size_t iv_len,
@ -144,8 +150,9 @@ int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
 * \param tag_len   The length of the tag in Bytes.
 *                  4, 6, 8, 10, 12, 14 or 16.
 *
- * \return          0 if successful and authenticated, or
- *                  #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.
+ * \return          \c 0 on success. This indicates that the message is authentic.
+ * \return          #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.
+ * \return          A cipher-specific error code on calculation failure.
 */
 int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
                      const unsigned char *iv, size_t iv_len,
@ -158,7 +165,8 @@ int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
 /**
 * \brief          The CCM checkup routine.
 *
- * \return         \c 0 on success, or \c 1 on failure.
+ * \return         \c 0 on success.
+ * \return         \c 1 on failure.
 */
 int mbedtls_ccm_self_test( int verbose );
 #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */