TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 057e0cf2636c56a56c08cc3dc75d59795449e83b / . / library / ssl_ciphersuites.c
blob: 7de532238e70e5ea2b459f459a8712d87bfe0c8c [file] [log] [blame]
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1/**
2 * \file ssl_ciphersuites.c
3 *
4 * \brief SSL ciphersuites for PolarSSL
5 *
6 * Copyright (C) 2006-2013, Brainspark B.V.
7 *
8 * This file is part of PolarSSL (http://www.polarssl.org)
9 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
10 *
11 * All rights reserved.
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License along
24 * with this program; if not, write to the Free Software Foundation, Inc.,
25 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 */
27
28#include "polarssl/config.h"
29
30#if defined(POLARSSL_SSL_TLS_C)
31
32#include "polarssl/ssl_ciphersuites.h"
33#include "polarssl/ssl.h"
34
35#include <stdlib.h>
36
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]37/*
38 * Ordered from most preferred to least preferred in terms of security.
39 */
40static const int ciphersuite_preference[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]41{
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]42 /* All AES-256 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]43 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]44 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]45 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]46 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]47 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]48 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]49 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]50 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]51 TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]52
53 /* All CAMELLIA-256 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]54 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]55 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]56 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]57 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]58
59 /* All AES-128 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]60 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]61 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]62 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]63 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]64 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]65 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]66 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]67 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
68 TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]69
70 /* All CAMELLIA-128 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]71 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]72 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]73 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]74 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]75
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]76 /* All remaining >= 128-bit ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]77 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]78 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]79 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]80 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]81 TLS_ECDHE_RSA_WITH_RC4_128_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]82
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]83 /* The PSK ephemeral suites */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]84 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
85 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
86 TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
87 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
88 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
89 TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
90 TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
91 TLS_ECDHE_PSK_WITH_RC4_128_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]92 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]93 TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]94 TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]95 TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]96 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]97 TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]98 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]99 TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]100 TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
101 TLS_DHE_PSK_WITH_RC4_128_SHA,
102
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]103 /* All AES-256 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]104 TLS_RSA_WITH_AES_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]105 TLS_RSA_WITH_AES_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]106 TLS_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]107
108 /* All CAMELLIA-256 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]109 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]110 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]111
112 /* All AES-128 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]113 TLS_RSA_WITH_AES_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]114 TLS_RSA_WITH_AES_128_GCM_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]115 TLS_RSA_WITH_AES_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]116
117 /* All CAMELLIA-128 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]118 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]119 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]120
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]121 /* All remaining >= 128-bit suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]122 TLS_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]123 TLS_RSA_WITH_RC4_128_SHA,
124 TLS_RSA_WITH_RC4_128_MD5,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]125
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]126 /* The RSA PSK suites */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]127 TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]128 TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]129 TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]130 TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]131 TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]132 TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]133 TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]134 TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]135 TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
136 TLS_RSA_PSK_WITH_RC4_128_SHA,
137
138 /* The PSK suites */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]139 TLS_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]140 TLS_PSK_WITH_AES_256_CBC_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]141 TLS_PSK_WITH_AES_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]142 TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]143 TLS_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]144 TLS_PSK_WITH_AES_128_CBC_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]145 TLS_PSK_WITH_AES_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]146 TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]147 TLS_PSK_WITH_3DES_EDE_CBC_SHA,
148 TLS_PSK_WITH_RC4_128_SHA,
149
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]150 /* Weak suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]151 TLS_DHE_RSA_WITH_DES_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]152 TLS_RSA_WITH_DES_CBC_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]153
154 /* NULL suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]155 TLS_ECDHE_ECDSA_WITH_NULL_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]156 TLS_ECDHE_RSA_WITH_NULL_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]157 TLS_ECDHE_PSK_WITH_NULL_SHA384,
158 TLS_ECDHE_PSK_WITH_NULL_SHA256,
159 TLS_ECDHE_PSK_WITH_NULL_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]160 TLS_DHE_PSK_WITH_NULL_SHA384,
161 TLS_DHE_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]162 TLS_DHE_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]163 TLS_RSA_WITH_NULL_SHA256,
164 TLS_RSA_WITH_NULL_SHA,
165 TLS_RSA_WITH_NULL_MD5,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]166 TLS_RSA_PSK_WITH_NULL_SHA384,
167 TLS_RSA_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]168 TLS_RSA_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]169 TLS_PSK_WITH_NULL_SHA384,
170 TLS_PSK_WITH_NULL_SHA256,
171 TLS_PSK_WITH_NULL_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]172
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]173 0
174};
175
Manuel Pégourié-Gonnard57a87832013-08-27 16:13:54 +0200[diff] [blame]176#define MAX_CIPHERSUITES 128
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]177static int supported_ciphersuites[MAX_CIPHERSUITES];
178static int supported_init = 0;
179
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]180static const ssl_ciphersuite_t ciphersuite_definitions[] =
181{
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]182#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
183#if defined(POLARSSL_AES_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]184#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]185#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]186 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
187 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
188 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
189 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]190 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]191 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
192 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
193 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
194 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]195 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]196#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]197#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]198#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]199#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]200 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
201 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
202 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
203 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]204 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]205#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]206#if defined(POLARSSL_GCM_C)
207 { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
208 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
209 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
210 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]211 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]212#endif /* POLARSSL_GCM_C */
213#endif /* POLARSSL_SHA256_C */
214#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]215#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]216 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
217 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
218 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
219 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]220 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]221#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]222#if defined(POLARSSL_GCM_C)
223 { TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
224 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
225 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
226 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]227 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]228#endif /* POLARSSL_GCM_C */
229#endif /* POLARSSL_SHA512_C */
230#endif /* POLARSSL_AES_C */
231
232#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]233#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]234#if defined(POLARSSL_SHA256_C)
235 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
236 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
237 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
238 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]239 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]240#endif /* POLARSSL_SHA256_C */
241#if defined(POLARSSL_SHA512_C)
242 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
243 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
244 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
245 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]246 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]247#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]248#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]249#endif /* POLARSSL_CAMELLIA_C */
250
251#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]252#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]253#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]254 { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
255 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
256 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
257 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]258 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]259#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]260#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]261#endif /* POLARSSL_DES_C */
262
263#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]264#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]265 { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
266 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
267 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
268 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]269 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]270#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]271#endif /* POLARSSL_ARC4_C */
272
273#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]274#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]275 { TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
276 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
277 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
278 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]279 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]280#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]281#endif /* POLARSSL_CIPHER_NULL_CIPHER */
282#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
283
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]284#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]285#if defined(POLARSSL_AES_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]286#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]287#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]288 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
289 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
290 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
291 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]292 0 },
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]293 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
294 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
295 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
296 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]297 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]298#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]299#endif /* POLARSSL_SHA1_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]300#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]301#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]302 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
303 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
304 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
305 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]306 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]307#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]308#if defined(POLARSSL_GCM_C)
309 { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
310 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
311 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
312 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]313 0 },
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]314#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]315#endif /* POLARSSL_SHA256_C */
316#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]317#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]318 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
319 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
320 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
321 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]322 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]323#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]324#if defined(POLARSSL_GCM_C)
325 { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
326 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
327 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
328 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]329 0 },
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]330#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]331#endif /* POLARSSL_SHA512_C */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]332#endif /* POLARSSL_AES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]333
334#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]335#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]336#if defined(POLARSSL_SHA256_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]337 { TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
338 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
339 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
340 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]341 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]342#endif /* POLARSSL_SHA256_C */
343#if defined(POLARSSL_SHA512_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]344 { TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
345 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
346 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
347 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]348 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]349#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]350#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]351#endif /* POLARSSL_CAMELLIA_C */
352
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]353#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]354#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]355#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]356 { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
357 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
358 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
359 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]360 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]361#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]362#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]363#endif /* POLARSSL_DES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]364
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]365#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]366#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]367 { TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
368 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
369 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
370 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]371 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]372#endif /* POLARSSL_SHA1_C */
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]373#endif /* POLARSSL_ARC4_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]374
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]375#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]376#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]377 { TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
378 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
379 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
380 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]381 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]382#endif /* POLARSSL_SHA1_C */
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]383#endif /* POLARSSL_CIPHER_NULL_CIPHER */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]384#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]385
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]386#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]387#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]388#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]389 { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
390 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA,
391 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
392 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
393 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]394#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]395
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]396#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]397#if defined(POLARSSL_GCM_C)
398 { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
399 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
400 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
401 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
402 0 },
403#endif /* POLARSSL_GCM_C */
404
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]405#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]406 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
407 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
408 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
409 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
410 0 },
411
412 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
413 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
414 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
415 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
416 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]417#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]418#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]419
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]420#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]421#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]422 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
423 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
424 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
425 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
426 0 },
427
428 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
429 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
430 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
431 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
432 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]433#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]434#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]435#endif /* POLARSSL_AES_C */
436
437#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]438#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]439#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]440 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
441 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
442 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
443 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
444 0 },
445
446 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
447 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
448 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
449 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
450 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]451#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]452
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]453#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]454 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
455 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
456 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
457 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
458 0 },
459
460 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
461 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
462 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
463 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
464 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]465#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]466#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]467#endif /* POLARSSL_CAMELLIA_C */
468
469#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]470#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]471#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]472 { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
473 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
474 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
475 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
476 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]477#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]478#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]479#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]480#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]481
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]482#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]483#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]484#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]485 { TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
486 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
487 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
488 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
489 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]490#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]491
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]492#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]493#if defined(POLARSSL_GCM_C)
494 { TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
495 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
496 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
497 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
498 0 },
499#endif /* POLARSSL_GCM_C */
500
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]501#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]502 { TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
503 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
504 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
505 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
506 0 },
507
508 { TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
509 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
510 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
511 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
512 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]513#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]514#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]515
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]516#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]517#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]518 { TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
519 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
520 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
521 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
522 0 },
523
524 { TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
525 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
526 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
527 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
528 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]529#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]530#endif /* POLARSSL_SHA1_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]531#endif /* POLARSSL_AES_C */
532
533#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]534#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]535#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]536 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
537 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
538 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
539 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
540 0 },
541
542 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
543 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
544 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
545 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
546 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]547#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]548
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]549#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]550 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
551 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
552 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
553 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
554 0 },
555
556 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
557 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
558 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
559 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
560 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]561#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]562#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]563#endif /* POLARSSL_CAMELLIA_C */
564
565#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]566#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]567#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]568 { TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
569 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
570 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
571 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
572 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]573#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]574#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]575#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]576
577#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]578#if defined(POLARSSL_MD5_C)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]579 { TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
580 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
581 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
582 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
583 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]584#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]585
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]586#if defined(POLARSSL_SHA1_C)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]587 { TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
588 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
589 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
590 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
591 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]592#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]593#endif /* POLARSSL_ARC4_C */
594#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]595
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]596#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
597#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]598#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]599#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]600 { TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
601 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
602 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
603 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
604 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]605#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]606
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]607#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]608 { TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
609 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
610 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
611 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
612 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]613#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]614#endif /* POLARSSL_GCM_C */
615
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]616#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]617#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]618 { TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
619 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
620 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
621 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
622 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]623#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]624
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]625#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]626 { TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
627 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
628 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
629 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
630 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]631#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]632
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]633#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]634 { TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
635 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
636 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
637 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
638 0 },
639
640 { TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
641 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
642 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
643 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
644 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]645#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]646#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]647#endif /* POLARSSL_AES_C */
648
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]649#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]650#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]651#if defined(POLARSSL_SHA256_C)
652 { TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
653 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
654 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
655 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
656 0 },
657#endif /* POLARSSL_SHA256_C */
658
659#if defined(POLARSSL_SHA512_C)
660 { TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
661 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
662 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
663 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
664 0 },
665#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]666#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]667#endif /* POLARSSL_CAMELLIA_C */
668
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]669#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]670#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]671#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]672 { TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
673 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
674 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
675 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
676 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]677#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]678#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]679#endif /* POLARSSL_DES_C */
680
681#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]682#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]683 { TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
684 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
685 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
686 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
687 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]688#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]689#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]690#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]691
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]692#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]693#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]694#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]695#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]696 { TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
697 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
698 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
699 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
700 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]701#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]702
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]703#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]704 { TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
705 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
706 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
707 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
708 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]709#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]710#endif /* POLARSSL_GCM_C */
711
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]712#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]713#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]714 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
715 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
716 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
717 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
718 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]719#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]720
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]721#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]722 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
723 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
724 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
725 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
726 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]727#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]728
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]729#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]730 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
731 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
732 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
733 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
734 0 },
735
736 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
737 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
738 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
739 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
740 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]741#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]742#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]743#endif /* POLARSSL_AES_C */
744
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]745#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]746#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]747#if defined(POLARSSL_SHA256_C)
748 { TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
749 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
750 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
751 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
752 0 },
753#endif /* POLARSSL_SHA256_C */
754
755#if defined(POLARSSL_SHA512_C)
756 { TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
757 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
758 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
759 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
760 0 },
761#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]762#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]763#endif /* POLARSSL_CAMELLIA_C */
764
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]765#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]766#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]767#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]768 { TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
769 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
770 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
771 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
772 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]773#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]774#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]775#endif /* POLARSSL_DES_C */
776
777#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]778#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]779 { TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
780 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
781 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
782 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
783 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]784#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]785#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]786#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]787
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]788#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
789#if defined(POLARSSL_AES_C)
790
791#if defined(POLARSSL_CIPHER_MODE_CBC)
792#if defined(POLARSSL_SHA256_C)
793 { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
794 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
795 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
796 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
797 0 },
798#endif /* POLARSSL_SHA256_C */
799
800#if defined(POLARSSL_SHA512_C)
801 { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
802 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
803 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
804 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
805 0 },
806#endif /* POLARSSL_SHA512_C */
807
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]808#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]809 { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
810 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
811 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
812 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
813 0 },
814
815 { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
816 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
817 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
818 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
819 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]820#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]821#endif /* POLARSSL_CIPHER_MODE_CBC */
822#endif /* POLARSSL_AES_C */
823
824#if defined(POLARSSL_CAMELLIA_C)
825#if defined(POLARSSL_CIPHER_MODE_CBC)
826#if defined(POLARSSL_SHA256_C)
827 { TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
828 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
829 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
830 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
831 0 },
832#endif /* POLARSSL_SHA256_C */
833
834#if defined(POLARSSL_SHA512_C)
835 { TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
836 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
837 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
838 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
839 0 },
840#endif /* POLARSSL_SHA512_C */
841#endif /* POLARSSL_CIPHER_MODE_CBC */
842#endif /* POLARSSL_CAMELLIA_C */
843
844#if defined(POLARSSL_DES_C)
845#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]846#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]847 { TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
848 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
849 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
850 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
851 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]852#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]853#endif /* POLARSSL_CIPHER_MODE_CBC */
854#endif /* POLARSSL_DES_C */
855
856#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]857#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]858 { TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
859 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
860 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
861 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
862 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]863#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]864#endif /* POLARSSL_ARC4_C */
865#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
866
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]867#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]868#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]869#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]870#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]871 { TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
872 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
873 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
874 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
875 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]876#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]877
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]878#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]879 { TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
880 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
881 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
882 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
883 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]884#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]885#endif /* POLARSSL_GCM_C */
886
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]887#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]888#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]889 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
890 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
891 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
892 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
893 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]894#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]895
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]896#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]897 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
898 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
899 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
900 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
901 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]902#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]903
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]904#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]905 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
906 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
907 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
908 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
909 0 },
910
911 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
912 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
913 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
914 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
915 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]916#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]917#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]918#endif /* POLARSSL_AES_C */
919
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]920#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]921#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]922#if defined(POLARSSL_SHA256_C)
923 { TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
924 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
925 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
926 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
927 0 },
928#endif /* POLARSSL_SHA256_C */
929
930#if defined(POLARSSL_SHA512_C)
931 { TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
932 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
933 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
934 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
935 0 },
936#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]937#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]938#endif /* POLARSSL_CAMELLIA_C */
939
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]940#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]941#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]942#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]943 { TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
944 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
945 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
946 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
947 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]948#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]949#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]950#endif /* POLARSSL_DES_C */
951
952#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]953#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]954 { TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
955 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
956 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
957 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
958 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]959#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]960#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]961#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]962
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]963#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES)
964#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]965#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]966#if defined(POLARSSL_MD5_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]967 { TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
968 POLARSSL_CIPHER_NULL, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
969 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
970 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
971 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]972#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]973
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]974#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]975 { TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
976 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
977 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
978 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
979 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]980#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]981
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]982#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]983 { TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
984 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
985 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
986 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
987 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]988#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]989#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]990
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]991#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]992#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]993 { TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
994 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
995 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
996 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
997 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]998#endif /* POLARSSL_SHA1_C */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]999#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
1000
1001#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]1002#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1003 { TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1004 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1005 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1006 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1007 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]1008#endif /* POLARSSL_SHA1_C */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1009#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
1010
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1011#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]1012#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1013 { TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1014 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
1015 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1016 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1017 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]1018#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1019
1020#if defined(POLARSSL_SHA256_C)
1021 { TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1022 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
1023 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1024 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1025 POLARSSL_CIPHERSUITE_WEAK },
1026#endif
1027
1028#if defined(POLARSSL_SHA512_C)
1029 { TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1030 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
1031 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1032 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1033 POLARSSL_CIPHERSUITE_WEAK },
1034#endif
1035#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1036
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1037#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]1038#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1039 { TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1040 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1041 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1042 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1043 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]1044#endif /* POLARSSL_SHA1_C */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1045#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
1046#endif /* POLARSSL_CIPHER_NULL_CIPHER */
1047
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1048#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1049#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1050#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]1051#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1052 { TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
1053 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
1054 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1055 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1056 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]1057#endif /* POLARSSL_SHA1_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1058#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1059
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1060#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]1061#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1062 { TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
1063 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
1064 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1065 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1066 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame^]1067#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1068#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
1069#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1070#endif /* POLARSSL_DES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1071#endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */
1072
1073 { 0, "", 0, 0, 0, 0, 0, 0, 0, 0 }
1074};
1075
1076const int *ssl_list_ciphersuites( void )
1077{
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1078 /*
1079 * On initial call filter out all ciphersuites not supported by current
1080 * build based on presence in the ciphersuite_definitions.
1081 */
1082 if( supported_init == 0 )
1083 {
1084 const int *p = ciphersuite_preference;
1085 int *q = supported_ciphersuites;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1086 size_t i;
1087 size_t max = sizeof(supported_ciphersuites) / sizeof(int);
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1088
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1089 for( i = 0; i < max - 1 && p[i] != 0; i++ )
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1090 {
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1091 if( ssl_ciphersuite_from_id( p[i] ) != NULL )
1092 *(q++) = p[i];
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1093 }
Manuel Pégourié-Gonnardbc4b7f02013-09-07 15:04:26 +0200[diff] [blame]1094 *q = 0;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1095
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1096 supported_init = 1;
1097 }
1098
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1099 return supported_ciphersuites;
1100};
1101
1102const ssl_ciphersuite_t *ssl_ciphersuite_from_string( const char *ciphersuite_name )
1103{
1104 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1105
1106 if( NULL == ciphersuite_name )
1107 return( NULL );
1108
1109 while( cur->id != 0 )
1110 {
1111 if( 0 == strcasecmp( cur->name, ciphersuite_name ) )
1112 return( cur );
1113
1114 cur++;
1115 }
1116
1117 return( NULL );
1118}
1119
1120const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite )
1121{
1122 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1123
1124 while( cur->id != 0 )
1125 {
1126 if( cur->id == ciphersuite )
1127 return( cur );
1128
1129 cur++;
1130 }
1131
1132 return( NULL );
1133}
1134
1135const char *ssl_get_ciphersuite_name( const int ciphersuite_id )
1136{
1137 const ssl_ciphersuite_t *cur;
1138
1139 cur = ssl_ciphersuite_from_id( ciphersuite_id );
1140
1141 if( cur == NULL )
1142 return( "unknown" );
1143
1144 return( cur->name );
1145}
1146
1147int ssl_get_ciphersuite_id( const char *ciphersuite_name )
1148{
1149 const ssl_ciphersuite_t *cur;
1150
1151 cur = ssl_ciphersuite_from_string( ciphersuite_name );
1152
1153 if( cur == NULL )
1154 return( 0 );
1155
1156 return( cur->id );
1157}
1158
Manuel Pégourié-Gonnard1a483832013-09-20 12:29:15 +0200[diff] [blame]1159#if defined(POLARSSL_PK_C)
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1160pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info )
1161{
1162 switch( info->key_exchange )
1163 {
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1164 case POLARSSL_KEY_EXCHANGE_RSA:
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1165 case POLARSSL_KEY_EXCHANGE_DHE_RSA:
1166 case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1167 case POLARSSL_KEY_EXCHANGE_RSA_PSK:
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1168 return( POLARSSL_PK_RSA );
1169
1170 case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
1171 return( POLARSSL_PK_ECDSA );
1172
1173 default:
1174 return( POLARSSL_PK_NONE );
1175 }
1176}
Manuel Pégourié-Gonnard1a483832013-09-20 12:29:15 +0200[diff] [blame]1177#endif
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1178
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1179int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info )
1180{
1181 switch( info->key_exchange )
1182 {
1183 case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
1184 case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1185 case POLARSSL_KEY_EXCHANGE_ECDHE_PSK:
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1186 return( 1 );
1187
1188 default:
1189 return( 0 );
1190 }
1191}
1192
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1193#endif