commit fb9f66149170426fa45ee6bcf72129efc0e0e88b
author Simon Butcher <simonb@redtangent.net> Sun Apr 22 22:57:27 2018 +0100
committer Simon Butcher <simonb@redtangent.net> Sun Apr 29 11:36:38 2018 +0100
tree a0171a3bcbbfc6caeb3571d74b81765067ecb93e
parent 84a1107818aaddfd2abe4c5a3478cf84ab2e26b4

Add OFB block mode to AES-128/192/256

Adds a new configuration of MBEDTLS_CIPHER_MODE_OFB and OFB mode to AES.

include/mbedtls/aes.h

diff --git a/include/mbedtls/aes.h b/include/mbedtls/aes.h
index 3c5b133..da22722 100644
--- a/include/mbedtls/aes.h
+++ b/include/mbedtls/aes.h
@@ -291,6 +291,46 @@
                     unsigned char *output );
 #endif /*MBEDTLS_CIPHER_MODE_CFB */
 
+#if defined(MBEDTLS_CIPHER_MODE_OFB)
+/**
+ * \brief This function performs an AES-OFB (Output Feedback Mode) encryption
+ *        or decryption operation.
+ *
+ *        For OFB, you must set up the context with mbedtls_aes_setkey_enc(),
+ *        regardless of whether you are performing an encryption or decryption
+ *        operation. This is because OFB mode uses the same key schedule for
+ *        encryption and decryption.
+ *
+ *        The OFB operation is identical for encryption or decryption, therefore
+ *        no operation mode needs to be specified.
+ *
+ * \note  Upon exit, the content of the IV is updated so that you can
+ *        call the same function again on the next
+ *        block(s) of data and get the same result as if it was
+ *        encrypted in one call. This allows a "streaming" usage.
+ *        If you need to retain the contents of the
+ *        IV, you must either save it manually or use the cipher
+ *        module instead.
+ *
+ *
+ * \param ctx      The AES context to use for encryption or decryption.
+ * \param length   The length of the input data.
+ * \param iv_off   The offset in IV (updated after use).
+ * \param iv       The initialization vector (updated after use).
+ * \param input    The buffer holding the input data.
+ * \param output   The buffer holding the output data.
+ *
+ * \return         \c 0 on success.
+ */
+int mbedtls_aes_crypt_ofb( mbedtls_aes_context *ctx,
+                       size_t length,
+                       size_t *iv_off,
+                       unsigned char iv[16],
+                       const unsigned char *input,
+                       unsigned char *output );
+
+#endif /* MBEDTLS_CIPHER_MODE_OFB */
+
 #if defined(MBEDTLS_CIPHER_MODE_CTR)
 /**
  * \brief      This function performs an AES-CTR encryption or decryption

include/mbedtls/config.h

diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 9585e69..1b4bee3 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -496,6 +496,13 @@
 #define MBEDTLS_CIPHER_MODE_CBC
 
 /**
+ * \def MBEDTLS_CIPHER_MODE_OFB
+ *
+ * Enable Output Feedback mode (OFB) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_OFB
+
+/**
  * \def MBEDTLS_CIPHER_MODE_CFB
  *
  * Enable Cipher Feedback mode (CFB) for symmetric ciphers.