Add CID field to internal structure representing TLS records

This commit adds a static array `cid` to the internal structure
`mbedtls_record` representing encrypted and decrypted TLS records.

The expected evolution of state of this field is as follows:
- When handling an incoming record, the caller of `mbedtls_decrypt_buf()`
  has to make sure the CID array field in `mbedtls_record` has been
  properly set. Concretely, it will be copied from the CID from the record
  header during record parsing.
- During decryption in `mbedtls_decrypt_buf()`, the transforms
  incoming CID is compared to the CID in the `mbedtls_record`
  structure representing the record to be decrypted.
- For an outgoing TLS record, the caller of `mbedtls_encrypt_buf()`
  clears the CID in the `mbedtls_record` structure.
- During encryption in `mbedtls_encrypt_buf()`, the CID field in
  `mbedtls_record` will be copied from the out-CID in the transform.

include/mbedtls/ssl_internal.h

@@ -645,6 +645,12 @@ struct mbedtls_ssl_transform
  * make space for the fixed IV.
  *
  */
+#if MBEDTLS_SSL_CID_OUT_LEN_MAX > MBEDTLS_SSL_CID_IN_LEN_MAX
+#define SSL_CID_LEN_MAX MBEDTLS_SSL_CID_OUT_LEN_MAX
+#else
+#define SSL_CID_LEN_MAX MBEDTLS_SSL_CID_IN_LEN_MAX
+#endif
+
 typedef struct
 {
     uint8_t ctr[8];         /*!< Record sequence number        */
@@ -656,6 +662,11 @@ typedef struct
     size_t data_offset;     /*!< Offset of record content */
     size_t data_len;        /*!< Length of record content */
 
+#if defined(MBEDTLS_SSL_CID)
+    uint8_t cid_len;
+    unsigned char cid[ SSL_CID_LEN_MAX ];
+#endif /* MBEDTLS_SSL_CID */
+
 } mbedtls_record;
 
 #if defined(MBEDTLS_X509_CRT_PARSE_C)