TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 07018f97d200a8238b566a9a5e6ff5322e2ab6a1 / . / library / ssl_ciphersuites.c
blob: 808aa9e9ebfe7546086b1d877198ebe8db43e8f3 [file] [log] [blame]
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1/**
2 * \file ssl_ciphersuites.c
3 *
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +0000[diff] [blame]4 * \brief SSL ciphersuites for mbed TLS
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]5 *
Bence Szépkúti1e148272020-08-07 13:07:28 +0200[diff] [blame]6 * Copyright The Mbed TLS Contributors
Manuel Pégourié-Gonnard37ff1402015-09-04 14:21:07 +0200[diff] [blame]7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]20 */
21
Gilles Peskinedb09ef62020-06-03 01:43:33 +0200[diff] [blame]22#include "common.h"
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]23
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]24#if defined(MBEDTLS_SSL_TLS_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]25
SimonBd5800b72016-04-26 07:43:27 +0100[diff] [blame]26#if defined(MBEDTLS_PLATFORM_C)
27#include "mbedtls/platform.h"
28#else
29#include <stdlib.h>
SimonBd5800b72016-04-26 07:43:27 +0100[diff] [blame]30#endif
31
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]32#include "mbedtls/ssl_ciphersuites.h"
33#include "mbedtls/ssl.h"
Manuel Pégourié-Gonnardcac90a12021-06-04 11:42:30 +0200[diff] [blame]34#include "ssl_misc.h"
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]35
Manuel Pégourié-Gonnard07018f92022-09-15 11:29:35 +0200[diff] [blame^]36#include "mbedtls/legacy_or_psa.h"
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]37
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]38#include <string.h>
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]39
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]40/*
41 * Ordered from most preferred to least preferred in terms of security.
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]42 *
TRodziewicz75628d52021-06-18 12:56:27 +0200[diff] [blame]43 * Current rule (except weak and null which come last):
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]44 * 1. By key exchange:
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]45 * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]46 * 2. By key length and cipher:
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]47 * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]48 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]49 * 4. By hash function used when relevant
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]50 * 5. By key exchange/auth again: EC > non-EC
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]51 */
52static const int ciphersuite_preference[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]53{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]54#if defined(MBEDTLS_SSL_CIPHERSUITES)
55 MBEDTLS_SSL_CIPHERSUITES,
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]56#else
Ronald Cron6f135e12021-12-08 16:57:54 +0100[diff] [blame]57#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]58 /* TLS 1.3 ciphersuites */
59 MBEDTLS_TLS1_3_AES_128_GCM_SHA256,
60 MBEDTLS_TLS1_3_AES_256_GCM_SHA384,
61 MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256,
62 MBEDTLS_TLS1_3_AES_128_CCM_SHA256,
63 MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256,
Ronald Cron6f135e12021-12-08 16:57:54 +0100[diff] [blame]64#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]65
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]66 /* Chacha-Poly ephemeral suites */
67 MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
68 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
69 MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
70
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]71 /* All AES-256 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]72 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
73 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
74 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
75 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
76 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
77 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
78 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
79 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
80 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
81 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
82 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
83 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
84 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]85
86 /* All CAMELLIA-256 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]87 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
88 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
89 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
90 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
91 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
92 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
93 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]94
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]95 /* All ARIA-256 ephemeral suites */
96 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
97 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
98 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
99 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
100 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
101 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
102
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]103 /* All AES-128 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]104 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
105 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
106 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
107 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
108 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
109 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
110 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
111 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
112 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
113 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
114 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
115 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
116 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]117
118 /* All CAMELLIA-128 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]119 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
120 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
121 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
122 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
123 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
124 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
125 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]126
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]127 /* All ARIA-128 ephemeral suites */
128 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
129 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
130 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
131 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
132 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
133 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
134
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]135 /* The PSK ephemeral suites */
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]136 MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
137 MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]138 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
139 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
140 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
141 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
142 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
143 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
144 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
145 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
146 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
147 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]148 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
149 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
150 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]151
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]152 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
153 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM,
154 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
155 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
156 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
157 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
158 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
159 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
160 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
161 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]162 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
163 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
164 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]165
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]166 /* The ECJPAKE suite */
167 MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
168
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]169 /* All AES-256 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]170 MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
171 MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
172 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
173 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
174 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
175 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
176 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
177 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
178 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
179 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
180 MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]181
182 /* All CAMELLIA-256 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]183 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
184 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
185 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
186 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
187 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
188 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
189 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]190
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]191 /* All ARIA-256 suites */
192 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
193 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
194 MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
195 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
196 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
197 MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
198
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]199 /* All AES-128 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]200 MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
201 MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
202 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
203 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
204 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
205 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
206 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
207 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
208 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
209 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
210 MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]211
212 /* All CAMELLIA-128 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]213 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
214 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
215 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
216 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
217 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
218 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
219 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]220
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]221 /* All ARIA-128 suites */
222 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
223 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
224 MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
225 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
226 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
227 MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
228
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]229 /* The RSA PSK suites */
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]230 MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]231 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
232 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
233 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
234 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
235 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]236 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
237 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]238
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]239 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
240 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
241 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
242 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
243 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]244 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
245 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]246
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]247 /* The PSK suites */
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]248 MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]249 MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
250 MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
251 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
252 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
253 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
254 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
255 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]256 MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
257 MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]258
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]259 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
260 MBEDTLS_TLS_PSK_WITH_AES_128_CCM,
261 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
262 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
263 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
264 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
265 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]266 MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
267 MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]268
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]269 /* NULL suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]270 MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
271 MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
272 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
273 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
274 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
275 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
276 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
277 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]278
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]279 MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
280 MBEDTLS_TLS_RSA_WITH_NULL_SHA,
281 MBEDTLS_TLS_RSA_WITH_NULL_MD5,
282 MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
283 MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
284 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
285 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
286 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
287 MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
288 MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
289 MBEDTLS_TLS_PSK_WITH_NULL_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]290
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]291#endif /* MBEDTLS_SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]292 0
293};
294
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]295static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]296{
Ronald Cron6f135e12021-12-08 16:57:54 +0100[diff] [blame]297#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]298#if defined(MBEDTLS_AES_C)
299#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]300#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]301 { MBEDTLS_TLS1_3_AES_256_GCM_SHA384, "TLS1-3-AES-256-GCM-SHA384",
302 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384,
303 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]304 0,
305 MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]306#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]307#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]308 { MBEDTLS_TLS1_3_AES_128_GCM_SHA256, "TLS1-3-AES-128-GCM-SHA256",
309 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256,
310 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]311 0,
312 MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]313#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]314#endif /* MBEDTLS_GCM_C */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]315#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]316 { MBEDTLS_TLS1_3_AES_128_CCM_SHA256, "TLS1-3-AES-128-CCM-SHA256",
317 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256,
318 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]319 0,
320 MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]321 { MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256, "TLS1-3-AES-128-CCM-8-SHA256",
322 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256,
323 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]324 MBEDTLS_CIPHERSUITE_SHORT_TAG,
325 MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]326#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA && MBEDTLS_CCM_C */
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]327#endif /* MBEDTLS_AES_C */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]328#if defined(MBEDTLS_CHACHAPOLY_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]329 { MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256,
330 "TLS1-3-CHACHA20-POLY1305-SHA256",
331 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
332 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]333 0,
334 MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]335#endif /* MBEDTLS_CHACHAPOLY_C && MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Ronald Cron6f135e12021-12-08 16:57:54 +0100[diff] [blame]336#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]337
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]338#if defined(MBEDTLS_CHACHAPOLY_C) && \
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]339 defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]340 defined(MBEDTLS_SSL_PROTO_TLS1_2)
341#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
342 { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
343 "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
344 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
345 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]346 0,
347 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]348#endif
349#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
350 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
351 "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256",
352 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
353 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]354 0,
355 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]356#endif
357#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
358 { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
359 "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
360 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
361 MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]362 0,
363 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]364#endif
365#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
366 { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
367 "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256",
368 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
369 MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]370 0,
371 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]372#endif
373#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
374 { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
375 "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
376 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
377 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]378 0,
379 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]380#endif
381#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
382 { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
383 "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
384 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
385 MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]386 0,
387 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]388#endif
389#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
390 { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
391 "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256",
392 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
393 MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]394 0,
395 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]396#endif
397#endif /* MBEDTLS_CHACHAPOLY_C &&
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]398 MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA &&
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]399 MBEDTLS_SSL_PROTO_TLS1_2 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]400#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
401#if defined(MBEDTLS_AES_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]402#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]403#if defined(MBEDTLS_CIPHER_MODE_CBC)
404 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
405 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]406 0,
407 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]408 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
409 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]410 0,
411 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]412#endif /* MBEDTLS_CIPHER_MODE_CBC */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]413#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]414#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]415#if defined(MBEDTLS_CIPHER_MODE_CBC)
416 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
417 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]418 0,
419 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]420#endif /* MBEDTLS_CIPHER_MODE_CBC */
421#if defined(MBEDTLS_GCM_C)
422 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
423 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]424 0,
425 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]426#endif /* MBEDTLS_GCM_C */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]427#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]428#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]429#if defined(MBEDTLS_CIPHER_MODE_CBC)
430 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
431 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]432 0,
433 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]434#endif /* MBEDTLS_CIPHER_MODE_CBC */
435#if defined(MBEDTLS_GCM_C)
436 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
437 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]438 0,
439 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]440#endif /* MBEDTLS_GCM_C */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]441#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]442#if defined(MBEDTLS_CCM_C)
443 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
444 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]445 0,
446 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]447 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
448 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]449 MBEDTLS_CIPHERSUITE_SHORT_TAG,
450 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]451 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
452 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]453 0,
454 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]455 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
456 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]457 MBEDTLS_CIPHERSUITE_SHORT_TAG,
458 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]459#endif /* MBEDTLS_CCM_C */
460#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]461
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]462#if defined(MBEDTLS_CAMELLIA_C)
463#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]464#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]465 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
466 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]467 0,
468 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]469#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]470#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]471 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
472 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]473 0,
474 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]475#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]476#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]477
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]478#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]479#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]480 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
481 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]482 0,
483 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]484#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]485#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]486 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
487 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]488 0,
489 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]490#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]491#endif /* MBEDTLS_GCM_C */
492#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]493
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]494#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]495#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]496 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
497 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]498 MBEDTLS_CIPHERSUITE_WEAK,
499 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]500#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]501#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
502#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]503
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]504#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
505#if defined(MBEDTLS_AES_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]506#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]507#if defined(MBEDTLS_CIPHER_MODE_CBC)
508 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
509 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]510 0,
511 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]512 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
513 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]514 0,
515 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]516#endif /* MBEDTLS_CIPHER_MODE_CBC */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]517#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]518#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]519#if defined(MBEDTLS_CIPHER_MODE_CBC)
520 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
521 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]522 0,
523 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]524#endif /* MBEDTLS_CIPHER_MODE_CBC */
525#if defined(MBEDTLS_GCM_C)
526 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
527 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]528 0,
529 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]530#endif /* MBEDTLS_GCM_C */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]531#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]532#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]533#if defined(MBEDTLS_CIPHER_MODE_CBC)
534 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
535 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]536 0,
537 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]538#endif /* MBEDTLS_CIPHER_MODE_CBC */
539#if defined(MBEDTLS_GCM_C)
540 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
541 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]542 0,
543 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]544#endif /* MBEDTLS_GCM_C */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]545#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]546#endif /* MBEDTLS_AES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]547
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]548#if defined(MBEDTLS_CAMELLIA_C)
549#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]550#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]551 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
552 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]553 0,
554 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]555#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]556#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]557 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
558 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]559 0,
560 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]561#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]562#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]563
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]564#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]565#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]566 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
567 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]568 0,
569 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]570#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]571#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]572 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
573 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]574 0,
575 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]576#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]577#endif /* MBEDTLS_GCM_C */
578#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]579
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]580#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]581#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]582 { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
583 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]584 MBEDTLS_CIPHERSUITE_WEAK,
585 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]586#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]587#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
588#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]589
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]590#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
591#if defined(MBEDTLS_AES_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]592#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]593 defined(MBEDTLS_GCM_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]594 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
595 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]596 0,
597 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]598#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA && MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]599
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]600#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]601#if defined(MBEDTLS_GCM_C)
602 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
603 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]604 0,
605 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]606#endif /* MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]607
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]608#if defined(MBEDTLS_CIPHER_MODE_CBC)
609 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
610 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]611 0,
612 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]613
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]614 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
615 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]616 0,
617 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]618#endif /* MBEDTLS_CIPHER_MODE_CBC */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]619#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]620
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]621#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]622#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]623 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
624 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]625 0,
626 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]627
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]628 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
629 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]630 0,
631 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]632#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]633#endif /* MBEDTLS_CIPHER_MODE_CBC */
634#if defined(MBEDTLS_CCM_C)
635 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
636 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]637 0,
638 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]639 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
640 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]641 MBEDTLS_CIPHERSUITE_SHORT_TAG,
642 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]643 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
644 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]645 0,
646 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]647 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
648 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]649 MBEDTLS_CIPHERSUITE_SHORT_TAG,
650 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]651#endif /* MBEDTLS_CCM_C */
652#endif /* MBEDTLS_AES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]653
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]654#if defined(MBEDTLS_CAMELLIA_C)
655#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]656#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]657 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
658 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]659 0,
660 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]661
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]662 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
663 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]664 0,
665 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]666#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]667
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]668#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]669 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
670 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]671 0,
672 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]673
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]674 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
675 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]676 0,
677 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]678#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]679#endif /* MBEDTLS_CIPHER_MODE_CBC */
680#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]681#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]682 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
683 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]684 0,
685 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]686#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]687
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]688#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]689 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
690 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]691 0,
692 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]693#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]694#endif /* MBEDTLS_GCM_C */
695#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]696
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]697#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]698
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]699#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
700#if defined(MBEDTLS_AES_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]701#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]702 defined(MBEDTLS_GCM_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]703 { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
704 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]705 0,
706 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]707#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA && MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]708
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]709#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]710#if defined(MBEDTLS_GCM_C)
711 { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
712 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]713 0,
714 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]715#endif /* MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]716
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]717#if defined(MBEDTLS_CIPHER_MODE_CBC)
718 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
719 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]720 0,
721 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]722
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]723 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
724 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]725 0,
726 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]727#endif /* MBEDTLS_CIPHER_MODE_CBC */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]728#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]729
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]730#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]731#if defined(MBEDTLS_CIPHER_MODE_CBC)
732 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
733 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]734 0,
735 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]736
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]737 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
738 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]739 0,
740 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]741#endif /* MBEDTLS_CIPHER_MODE_CBC */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]742#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]743#if defined(MBEDTLS_CCM_C)
744 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
745 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]746 0,
747 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]748 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
749 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]750 MBEDTLS_CIPHERSUITE_SHORT_TAG,
751 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]752 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
753 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]754 0,
755 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]756 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
757 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]758 MBEDTLS_CIPHERSUITE_SHORT_TAG,
759 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]760#endif /* MBEDTLS_CCM_C */
761#endif /* MBEDTLS_AES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]762
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]763#if defined(MBEDTLS_CAMELLIA_C)
764#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]765#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]766 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
767 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]768 0,
769 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]770
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]771 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
772 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]773 0,
774 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]775#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]776
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]777#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]778 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
779 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]780 0,
781 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]782
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]783 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
784 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]785 0,
786 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]787#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]788#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]789
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]790#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]791#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]792 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
793 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]794 0,
795 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]796#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]797
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]798#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]799 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
800 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]801 0,
802 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]803#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]804#endif /* MBEDTLS_GCM_C */
805#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]806
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]807#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]808
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]809#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
810#if defined(MBEDTLS_AES_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]811#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]812#if defined(MBEDTLS_CIPHER_MODE_CBC)
813 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
814 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]815 0,
816 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]817 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
818 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]819 0,
820 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]821#endif /* MBEDTLS_CIPHER_MODE_CBC */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]822#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]823#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]824#if defined(MBEDTLS_CIPHER_MODE_CBC)
825 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
826 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]827 0,
828 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]829#endif /* MBEDTLS_CIPHER_MODE_CBC */
830#if defined(MBEDTLS_GCM_C)
831 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
832 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]833 0,
834 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]835#endif /* MBEDTLS_GCM_C */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]836#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]837#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]838#if defined(MBEDTLS_CIPHER_MODE_CBC)
839 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
840 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]841 0,
842 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]843#endif /* MBEDTLS_CIPHER_MODE_CBC */
844#if defined(MBEDTLS_GCM_C)
845 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
846 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]847 0,
848 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]849#endif /* MBEDTLS_GCM_C */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]850#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]851#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]852
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]853#if defined(MBEDTLS_CAMELLIA_C)
854#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]855#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]856 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
857 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]858 0,
859 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]860#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]861#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]862 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
863 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]864 0,
865 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]866#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]867#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]868
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]869#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]870#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]871 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
872 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]873 0,
874 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]875#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]876#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]877 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
878 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]879 0,
880 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]881#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]882#endif /* MBEDTLS_GCM_C */
883#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]884
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]885#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]886#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]887 { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
888 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]889 MBEDTLS_CIPHERSUITE_WEAK,
890 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]891#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]892#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
893#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]894
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]895#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
896#if defined(MBEDTLS_AES_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]897#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]898#if defined(MBEDTLS_CIPHER_MODE_CBC)
899 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
900 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]901 0,
902 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]903 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
904 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]905 0,
906 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]907#endif /* MBEDTLS_CIPHER_MODE_CBC */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]908#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]909#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]910#if defined(MBEDTLS_CIPHER_MODE_CBC)
911 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
912 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]913 0,
914 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]915#endif /* MBEDTLS_CIPHER_MODE_CBC */
916#if defined(MBEDTLS_GCM_C)
917 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
918 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]919 0,
920 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]921#endif /* MBEDTLS_GCM_C */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]922#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]923#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]924#if defined(MBEDTLS_CIPHER_MODE_CBC)
925 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
926 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]927 0,
928 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]929#endif /* MBEDTLS_CIPHER_MODE_CBC */
930#if defined(MBEDTLS_GCM_C)
931 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
932 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]933 0,
934 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]935#endif /* MBEDTLS_GCM_C */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]936#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]937#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]938
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]939#if defined(MBEDTLS_CAMELLIA_C)
940#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]941#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]942 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
943 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]944 0,
945 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]946#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]947#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]948 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
949 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]950 0,
951 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]952#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]953#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]954
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]955#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]956#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]957 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
958 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]959 0,
960 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]961#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]962#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]963 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
964 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]965 0,
966 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]967#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]968#endif /* MBEDTLS_GCM_C */
969#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]970
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]971#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]972#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]973 { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
974 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]975 MBEDTLS_CIPHERSUITE_WEAK,
976 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]977#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]978#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
979#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]980
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]981#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
982#if defined(MBEDTLS_AES_C)
983#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]984#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]985 { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
986 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]987 0,
988 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]989#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]990
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]991#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]992 { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
993 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]994 0,
995 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]996#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]997#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]998
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]999#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1000#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1001 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1002 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1003 0,
1004 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1005#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1006
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1007#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1008 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1009 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1010 0,
1011 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1012#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1013
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1014#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1015 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1016 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1017 0,
1018 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1019
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1020 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1021 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1022 0,
1023 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1024#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1025#endif /* MBEDTLS_CIPHER_MODE_CBC */
1026#if defined(MBEDTLS_CCM_C)
1027 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
1028 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1029 0,
1030 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1031 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
1032 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1033 MBEDTLS_CIPHERSUITE_SHORT_TAG,
1034 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1035 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
1036 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1037 0,
1038 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1039 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
1040 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1041 MBEDTLS_CIPHERSUITE_SHORT_TAG,
1042 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1043#endif /* MBEDTLS_CCM_C */
1044#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1045
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1046#if defined(MBEDTLS_CAMELLIA_C)
1047#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1048#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1049 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1050 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1051 0,
1052 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1053#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1054
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1055#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1056 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1057 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1058 0,
1059 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1060#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1061#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1062
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1063#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1064#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1065 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1066 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1067 0,
1068 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1069#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1070
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1071#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1072 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1073 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1074 0,
1075 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1076#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1077#endif /* MBEDTLS_GCM_C */
1078#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1079
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1080#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1081
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1082#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1083#if defined(MBEDTLS_AES_C)
1084#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1085#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1086 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1087 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1088 0,
1089 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1090#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1091
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1092#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1093 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1094 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1095 0,
1096 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1097#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1098#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1099
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1100#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1101#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1102 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1103 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1104 0,
1105 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1106#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1107
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1108#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1109 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1110 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1111 0,
1112 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1113#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1114
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1115#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1116 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1117 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1118 0,
1119 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1120
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1121 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1122 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1123 0,
1124 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1125#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1126#endif /* MBEDTLS_CIPHER_MODE_CBC */
1127#if defined(MBEDTLS_CCM_C)
1128 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
1129 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1130 0,
1131 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1132 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1133 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1134 MBEDTLS_CIPHERSUITE_SHORT_TAG,
1135 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1136 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
1137 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1138 0,
1139 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1140 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1141 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1142 MBEDTLS_CIPHERSUITE_SHORT_TAG,
1143 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1144#endif /* MBEDTLS_CCM_C */
1145#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1146
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1147#if defined(MBEDTLS_CAMELLIA_C)
1148#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1149#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1150 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1151 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1152 0,
1153 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1154#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1155
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1156#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1157 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1158 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1159 0,
1160 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1161#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1162#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1163
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1164#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1165#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1166 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1167 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1168 0,
1169 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1170#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1171
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1172#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1173 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1174 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1175 0,
1176 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1177#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1178#endif /* MBEDTLS_GCM_C */
1179#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1180
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1181#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1182
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1183#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1184#if defined(MBEDTLS_AES_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1185
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1186#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1187#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1188 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1189 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1190 0,
1191 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1192#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1193
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1194#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1195 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1196 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1197 0,
1198 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1199#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1200
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1201#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1202 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1203 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1204 0,
1205 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1206
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1207 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1208 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1209 0,
1210 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1211#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1212#endif /* MBEDTLS_CIPHER_MODE_CBC */
1213#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1214
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1215#if defined(MBEDTLS_CAMELLIA_C)
1216#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1217#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1218 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1219 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1220 0,
1221 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1222#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1223
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1224#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1225 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1226 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1227 0,
1228 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1229#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1230#endif /* MBEDTLS_CIPHER_MODE_CBC */
1231#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1232
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1233#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1234
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1235#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1236#if defined(MBEDTLS_AES_C)
1237#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1238#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1239 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1240 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1241 0,
1242 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1243#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1244
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1245#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1246 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1247 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1248 0,
1249 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1250#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1251#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1252
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1253#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1254#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1255 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1256 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1257 0,
1258 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1259#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1260
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1261#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1262 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1263 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1264 0,
1265 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1266#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1267
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1268#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1269 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1270 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1271 0,
1272 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1273
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1274 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1275 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1276 0,
1277 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1278#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1279#endif /* MBEDTLS_CIPHER_MODE_CBC */
1280#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1281
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1282#if defined(MBEDTLS_CAMELLIA_C)
1283#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1284#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1285 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1286 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1287 0,
1288 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1289#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1290
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1291#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1292 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1293 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1294 0,
1295 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1296#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1297#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1298
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1299#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1300#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1301 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1302 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1303 0,
1304 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1305#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1306
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1307#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1308 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1309 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1310 0,
1311 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1312#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1313#endif /* MBEDTLS_GCM_C */
1314#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1315
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1316#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1317
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]1318#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1319#if defined(MBEDTLS_AES_C)
1320#if defined(MBEDTLS_CCM_C)
1321 { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8",
1322 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1323 MBEDTLS_CIPHERSUITE_SHORT_TAG,
1324 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]1325#endif /* MBEDTLS_CCM_C */
1326#endif /* MBEDTLS_AES_C */
1327#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1328
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1329#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1330#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1331#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1332 { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1333 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1334 MBEDTLS_CIPHERSUITE_WEAK,
1335 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1336#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1337
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1338#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1339 { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1340 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1341 MBEDTLS_CIPHERSUITE_WEAK,
1342 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1343#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1344
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1345#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1346 { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1347 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1348 MBEDTLS_CIPHERSUITE_WEAK,
1349 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1350#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1351#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1352
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1353#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1354#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1355 { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1356 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1357 MBEDTLS_CIPHERSUITE_WEAK,
1358 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1359#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1360
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1361#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1362 { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1363 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1364 MBEDTLS_CIPHERSUITE_WEAK,
1365 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1366#endif
1367
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1368#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1369 { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1370 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1371 MBEDTLS_CIPHERSUITE_WEAK,
1372 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1373#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1374#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1375
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1376#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1377#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1378 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1379 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1380 MBEDTLS_CIPHERSUITE_WEAK,
1381 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1382#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1383
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1384#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1385 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1386 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1387 MBEDTLS_CIPHERSUITE_WEAK,
1388 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1389#endif
1390
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1391#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1392 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1393 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1394 MBEDTLS_CIPHERSUITE_WEAK,
1395 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1396#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1397#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1398
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1399#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1400#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1401 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1402 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1403 MBEDTLS_CIPHERSUITE_WEAK,
1404 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1405#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1406
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1407#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1408 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1409 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1410 MBEDTLS_CIPHERSUITE_WEAK,
1411 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1412#endif
1413
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1414#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1415 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1416 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1417 MBEDTLS_CIPHERSUITE_WEAK,
1418 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1419#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1420#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1421
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1422#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1423#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1424 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1425 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1426 MBEDTLS_CIPHERSUITE_WEAK,
1427 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1428#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1429
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1430#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1431 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
1432 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1433 MBEDTLS_CIPHERSUITE_WEAK,
1434 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1435#endif
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1436
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1437#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1438 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
1439 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1440 MBEDTLS_CIPHERSUITE_WEAK,
1441 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame]1442#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1443#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1444#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1445
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1446#if defined(MBEDTLS_ARIA_C)
1447
1448#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1449
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1450#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1451 { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
1452 "TLS-RSA-WITH-ARIA-256-GCM-SHA384",
1453 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1454 0,
1455 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1456#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1457#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1458 { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
1459 "TLS-RSA-WITH-ARIA-256-CBC-SHA384",
1460 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1461 0,
1462 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1463#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1464#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1465 { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
1466 "TLS-RSA-WITH-ARIA-128-GCM-SHA256",
1467 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1468 0,
1469 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1470#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1471#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1472 { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
1473 "TLS-RSA-WITH-ARIA-128-CBC-SHA256",
1474 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1475 0,
1476 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1477#endif
1478
1479#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1480
1481#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1482
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1483#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1484 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
1485 "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
1486 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1487 0,
1488 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1489#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1490#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1491 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
1492 "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
1493 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1494 0,
1495 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1496#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1497#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1498 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
1499 "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256",
1500 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1501 0,
1502 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1503#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1504#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1505 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
1506 "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
1507 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1508 0,
1509 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1510#endif
1511
1512#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1513
1514#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1515
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1516#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1517 { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
1518 "TLS-PSK-WITH-ARIA-256-GCM-SHA384",
1519 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1520 0,
1521 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1522#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1523#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1524 { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
1525 "TLS-PSK-WITH-ARIA-256-CBC-SHA384",
1526 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1527 0,
1528 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1529#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1530#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1531 { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
1532 "TLS-PSK-WITH-ARIA-128-GCM-SHA256",
1533 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1534 0,
1535 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1536#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1537#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1538 { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
1539 "TLS-PSK-WITH-ARIA-128-CBC-SHA256",
1540 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1541 0,
1542 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1543#endif
1544
1545#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1546
1547#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
1548
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1549#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1550 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
1551 "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384",
1552 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1553 0,
1554 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1555#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1556#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1557 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
1558 "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
1559 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1560 0,
1561 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1562#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1563#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1564 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
1565 "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256",
1566 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1567 0,
1568 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1569#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1570#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1571 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
1572 "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256",
1573 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1574 0,
1575 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1576#endif
1577
1578#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
1579
1580#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
1581
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1582#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1583 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
1584 "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
1585 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1586 0,
1587 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1588#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1589#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1590 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
1591 "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
1592 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1593 0,
1594 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1595#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1596#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1597 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
1598 "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
1599 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1600 0,
1601 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1602#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1603#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1604 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
1605 "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256",
1606 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1607 0,
1608 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1609#endif
1610
1611#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
1612
1613#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1614
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1615#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1616 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
1617 "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
1618 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1619 0,
1620 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1621#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1622#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1623 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
1624 "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256",
1625 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1626 0,
1627 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1628#endif
1629
1630#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1631
1632#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
1633
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1634#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1635 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
1636 "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
1637 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1638 0,
1639 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1640#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1641#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1642 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
1643 "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
1644 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1645 0,
1646 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1647#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1648#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1649 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
1650 "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
1651 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1652 0,
1653 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1654#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1655#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1656 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
1657 "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256",
1658 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1659 0,
1660 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1661#endif
1662
1663#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
1664
1665#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
1666
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1667#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1668 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
1669 "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384",
1670 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1671 0,
1672 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1673#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1674#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1675 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
1676 "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
1677 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1678 0,
1679 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1680#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1681#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1682 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
1683 "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256",
1684 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1685 0,
1686 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1687#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1688#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1689 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
1690 "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256",
1691 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1692 0,
1693 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1694#endif
1695
1696#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
1697
1698#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
1699
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1700#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1701 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
1702 "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
1703 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1704 0,
1705 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1706#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1707#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1708 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
1709 "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
1710 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1711 0,
1712 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1713#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1714#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1715 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
1716 "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
1717 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1718 0,
1719 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1720#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1721#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1722 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
1723 "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256",
1724 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1725 0,
1726 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1727#endif
1728
1729#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
1730
1731#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1732
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1733#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1734 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
1735 "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
1736 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1737 0,
1738 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1739#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1740#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1741 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
1742 "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
1743 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1744 0,
1745 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1746#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1747#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1748 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
1749 "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
1750 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1751 0,
1752 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1753#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1754#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1755 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
1756 "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256",
1757 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1758 0,
1759 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1760#endif
1761
1762#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1763
1764#endif /* MBEDTLS_ARIA_C */
1765
1766
Manuel Pégourié-Gonnarda2733712015-02-10 17:32:14 +0100[diff] [blame]1767 { 0, "",
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1768 MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1769 0, 0, 0 }
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1770};
1771
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1772#if defined(MBEDTLS_SSL_CIPHERSUITES)
1773const int *mbedtls_ssl_list_ciphersuites( void )
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]1774{
1775 return( ciphersuite_preference );
1776}
1777#else
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1778#define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
1779 sizeof( ciphersuite_definitions[0] )
1780static int supported_ciphersuites[MAX_CIPHERSUITES];
1781static int supported_init = 0;
1782
Manuel Pégourié-Gonnarda3115dc2022-06-17 10:52:54 +0200[diff] [blame]1783MBEDTLS_CHECK_RETURN_CRITICAL
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]1784static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info )
1785{
1786 (void)cs_info;
1787
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]1788 return( 0 );
1789}
1790
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1791const int *mbedtls_ssl_list_ciphersuites( void )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1792{
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1793 /*
1794 * On initial call filter out all ciphersuites not supported by current
1795 * build based on presence in the ciphersuite_definitions.
1796 */
1797 if( supported_init == 0 )
1798 {
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1799 const int *p;
1800 int *q;
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1801
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1802 for( p = ciphersuite_preference, q = supported_ciphersuites;
1803 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
1804 p++ )
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1805 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1806 const mbedtls_ssl_ciphersuite_t *cs_info;
1807 if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]1808 !ciphersuite_is_removed( cs_info ) )
1809 {
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1810 *(q++) = *p;
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]1811 }
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1812 }
Manuel Pégourié-Gonnardbc4b7f02013-09-07 15:04:26 +0200[diff] [blame]1813 *q = 0;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1814
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1815 supported_init = 1;
1816 }
1817
Paul Bakkerd8bb8262014-06-17 14:06:49 +0200[diff] [blame]1818 return( supported_ciphersuites );
Manuel Pégourié-Gonnardf78e4de2015-05-29 10:52:14 +0200[diff] [blame]1819}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1820#endif /* MBEDTLS_SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1821
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1822const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +0200[diff] [blame]1823 const char *ciphersuite_name )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1824{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1825 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1826
1827 if( NULL == ciphersuite_name )
1828 return( NULL );
1829
1830 while( cur->id != 0 )
1831 {
Manuel Pégourié-Gonnardcb46fd82015-05-28 17:06:07 +0200[diff] [blame]1832 if( 0 == strcmp( cur->name, ciphersuite_name ) )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1833 return( cur );
1834
1835 cur++;
1836 }
1837
1838 return( NULL );
1839}
1840
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1841const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1842{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1843 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1844
1845 while( cur->id != 0 )
1846 {
1847 if( cur->id == ciphersuite )
1848 return( cur );
1849
1850 cur++;
1851 }
1852
1853 return( NULL );
1854}
1855
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1856const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1857{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1858 const mbedtls_ssl_ciphersuite_t *cur;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1859
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1860 cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1861
1862 if( cur == NULL )
1863 return( "unknown" );
1864
1865 return( cur->name );
1866}
1867
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1868int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1869{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1870 const mbedtls_ssl_ciphersuite_t *cur;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1871
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1872 cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name );
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1873
1874 if( cur == NULL )
1875 return( 0 );
1876
1877 return( cur->id );
1878}
1879
Glenn Strauss8f526902022-01-13 00:04:49 -0500[diff] [blame]1880size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen( const mbedtls_ssl_ciphersuite_t *info )
1881{
Neil Armstrong801abb62022-05-04 17:38:10 +0200[diff] [blame]1882#if defined(MBEDTLS_USE_PSA_CRYPTO)
1883 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1884 psa_key_type_t key_type;
1885 psa_algorithm_t alg;
1886 size_t key_bits;
1887
1888 status = mbedtls_ssl_cipher_to_psa( info->cipher,
1889 info->flags & MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16,
1890 &alg, &key_type, &key_bits );
1891
1892 if( status != PSA_SUCCESS )
1893 return 0;
1894
1895 return key_bits;
Neil Armstrong689557c2022-05-12 08:30:59 +0200[diff] [blame]1896#else
Glenn Strauss8f526902022-01-13 00:04:49 -0500[diff] [blame]1897 const mbedtls_cipher_info_t * const cipher_info =
1898 mbedtls_cipher_info_from_type( info->cipher );
1899
1900 return( mbedtls_cipher_info_get_key_bitlen( cipher_info ) );
Neil Armstrong689557c2022-05-12 08:30:59 +0200[diff] [blame]1901#endif /* MBEDTLS_USE_PSA_CRYPTO */
Glenn Strauss8f526902022-01-13 00:04:49 -0500[diff] [blame]1902}
1903
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1904#if defined(MBEDTLS_PK_C)
1905mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info )
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1906{
1907 switch( info->key_exchange )
1908 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1909 case MBEDTLS_KEY_EXCHANGE_RSA:
1910 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1911 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1912 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1913 return( MBEDTLS_PK_RSA );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1914
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1915 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1916 return( MBEDTLS_PK_ECDSA );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1917
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1918 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1919 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
1920 return( MBEDTLS_PK_ECKEY );
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1921
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1922 default:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1923 return( MBEDTLS_PK_NONE );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1924 }
1925}
Hanno Becker7e5437a2017-04-28 17:15:26 +0100[diff] [blame]1926
Neil Armstrong0c9c10a2022-05-12 14:15:06 +0200[diff] [blame]1927#if defined(MBEDTLS_USE_PSA_CRYPTO)
Neil Armstrong9f4606e2022-06-24 15:00:50 +0200[diff] [blame]1928psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg( const mbedtls_ssl_ciphersuite_t *info )
Neil Armstrong0c9c10a2022-05-12 14:15:06 +0200[diff] [blame]1929{
1930 switch( info->key_exchange )
1931 {
1932 case MBEDTLS_KEY_EXCHANGE_RSA:
1933 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1934 return( PSA_ALG_RSA_PKCS1V15_CRYPT );
1935 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1936 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1937 return( PSA_ALG_RSA_PKCS1V15_SIGN(
Manuel Pégourié-Gonnardabac0372022-07-18 13:41:11 +0200[diff] [blame]1938 mbedtls_hash_info_psa_from_md( info->mac ) ) );
Neil Armstrong0c9c10a2022-05-12 14:15:06 +0200[diff] [blame]1939
1940 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
Manuel Pégourié-Gonnardabac0372022-07-18 13:41:11 +0200[diff] [blame]1941 return( PSA_ALG_ECDSA( mbedtls_hash_info_psa_from_md( info->mac ) ) );
Neil Armstrong0c9c10a2022-05-12 14:15:06 +0200[diff] [blame]1942
1943 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1944 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
1945 return( PSA_ALG_ECDH );
1946
1947 default:
1948 return( PSA_ALG_NONE );
1949 }
1950}
1951
Neil Armstrong9f4606e2022-06-24 15:00:50 +0200[diff] [blame]1952psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage( const mbedtls_ssl_ciphersuite_t *info )
Neil Armstrong0c9c10a2022-05-12 14:15:06 +0200[diff] [blame]1953{
1954 switch( info->key_exchange )
1955 {
1956 case MBEDTLS_KEY_EXCHANGE_RSA:
1957 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1958 return( PSA_KEY_USAGE_DECRYPT );
1959 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1960 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1961 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1962 return( PSA_KEY_USAGE_SIGN_HASH );
1963
1964 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1965 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
1966 return( PSA_KEY_USAGE_DERIVE );
1967
1968 default:
1969 return( 0 );
1970 }
1971}
1972#endif /* MBEDTLS_USE_PSA_CRYPTO */
1973
Hanno Becker7e5437a2017-04-28 17:15:26 +0100[diff] [blame]1974mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info )
1975{
1976 switch( info->key_exchange )
1977 {
Hanno Becker7e5437a2017-04-28 17:15:26 +0100[diff] [blame]1978 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1979 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1980 return( MBEDTLS_PK_RSA );
1981
1982 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1983 return( MBEDTLS_PK_ECDSA );
1984
1985 default:
1986 return( MBEDTLS_PK_NONE );
1987 }
1988}
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]1989
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1990#endif /* MBEDTLS_PK_C */
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1991
Ron Eldor755bb6a2018-02-14 19:30:48 +0200[diff] [blame]1992#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
1993 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]1994int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
1995{
1996 switch( info->key_exchange )
1997 {
1998 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1999 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2000 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2001 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2002 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
Ron Eldor755bb6a2018-02-14 19:30:48 +0200[diff] [blame]2003 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2004 return( 1 );
2005
2006 default:
2007 return( 0 );
2008 }
2009}
Ron Eldor755bb6a2018-02-14 19:30:48 +0200[diff] [blame]2010#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2011
Gilles Peskineeccd8882020-03-10 12:19:08 +0100[diff] [blame]2012#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2013int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info )
2014{
2015 switch( info->key_exchange )
2016 {
2017 case MBEDTLS_KEY_EXCHANGE_PSK:
2018 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2019 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
2020 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2021 return( 1 );
2022
2023 default:
2024 return( 0 );
2025 }
2026}
Gilles Peskineeccd8882020-03-10 12:19:08 +0100[diff] [blame]2027#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2028
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2029#endif /* MBEDTLS_SSL_TLS_C */