Merge branch 'development' into iotssl-2257-chacha-poly-primitives

* development: (182 commits) Change the library version to 2.11.0 Fix version in ChangeLog for fix for #552 Add ChangeLog entry for clang version fix. Issue #1072 Compilation warning fixes on 32b platfrom with IAR Revert "Turn on MBEDTLS_SSL_ASYNC_PRIVATE by default" Fix for missing len var when XTS config'd and CTR not ssl_server2: handle mbedtls_x509_dn_gets failure Fix harmless use of uninitialized memory in ssl_parse_encrypted_pms SSL async tests: add a few test cases for error in decrypt Fix memory leak in ssl_server2 with SNI + async callback SNI + SSL async callback: make all keys async ssl_async_resume: free the operation context on error ssl_server2: get op_name from context in ssl_async_resume as well Clarify "as directed here" in SSL async callback documentation SSL async callbacks documentation: clarify resource cleanup Async callback: use mbedtls_pk_check_pair to compare keys Rename mbedtls_ssl_async_{get,set}_data for clarity Fix copypasta in the async callback documentation SSL async callback: cert is not always from mbedtls_ssl_conf_own_cert ssl_async_set_key: detect if ctx->slots overflows ...
2025-11-25 23:43:17 +03:00 · 2018-06-19 11:11:15 +02:00
parent c7bc9e122f 8266acacc8
commit 0dadba2b58
55 changed files with 4659 additions and 266 deletions
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -8,7 +8,7 @@
 *  memory footprint.
 */
 /*
- *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  Copyright (C) 2006-2018, ARM Limited, All Rights Reserved
 *  SPDX-License-Identifier: Apache-2.0
 *
 *  Licensed under the Apache License, Version 2.0 (the "License"); you may
@@ -540,6 +540,20 @@
 */
 #define MBEDTLS_CIPHER_MODE_CTR

+/**
+ * \def MBEDTLS_CIPHER_MODE_OFB
+ *
+ * Enable Output Feedback mode (OFB) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_OFB
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_XTS
+ *
+ * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES.
+ */
+#define MBEDTLS_CIPHER_MODE_XTS
+
 /**
 * \def MBEDTLS_CIPHER_NULL_CIPHER
 *
@@ -1159,6 +1173,17 @@
 */
 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES

+/**
+ * \def MBEDTLS_SSL_ASYNC_PRIVATE
+ *
+ * Enable asynchronous external private key operations in SSL. This allows
+ * you to configure an SSL connection to call an external cryptographic
+ * module to perform private key operations instead of performing the
+ * operation inside the library.
+ *
+ */
+//#define MBEDTLS_SSL_ASYNC_PRIVATE
+
 /**
 * \def MBEDTLS_SSL_DEBUG_ALL
 *
@@ -2194,6 +2219,21 @@
 */
 //#define MBEDTLS_HAVEGE_C

+/**
+ * \def MBEDTLS_HKDF_C
+ *
+ * Enable the HKDF algorithm (RFC 5869).
+ *
+ * Module:  library/hkdf.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_MD_C
+ *
+ * This module adds support for the Hashed Message Authentication Code
+ * (HMAC)-based key derivation function (HKDF).
+ */
+#define MBEDTLS_HKDF_C
+
 /**
 * \def MBEDTLS_HMAC_DRBG_C
 *