TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 0f2f0bfc8756bdc20179eb35bf74ddaaf2874b47 / . / library / ssl_ciphersuites.c
blob: e714a3c3a5dec934634dc40b9249e7635dedbdc0 [file] [log] [blame]
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1/**
2 * \file ssl_ciphersuites.c
3 *
4 * \brief SSL ciphersuites for PolarSSL
5 *
6 * Copyright (C) 2006-2013, Brainspark B.V.
7 *
8 * This file is part of PolarSSL (http://www.polarssl.org)
9 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
10 *
11 * All rights reserved.
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License along
24 * with this program; if not, write to the Free Software Foundation, Inc.,
25 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 */
27
28#include "polarssl/config.h"
29
30#if defined(POLARSSL_SSL_TLS_C)
31
32#include "polarssl/ssl_ciphersuites.h"
33#include "polarssl/ssl.h"
34
35#include <stdlib.h>
36
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]37/*
38 * Ordered from most preferred to least preferred in terms of security.
39 */
40static const int ciphersuite_preference[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]41{
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]42 /* All AES-256 ephemeral suites */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]43 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]44 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]45 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]46 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]47 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]48 TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]49
50 /* All CAMELLIA-256 ephemeral suites */
51 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]52 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]53 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]54
55 /* All AES-128 ephemeral suites */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]56 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]57 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]58 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]59 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
60 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
61 TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]62
63 /* All CAMELLIA-128 ephemeral suites */
64 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]65 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]66 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]67
68 /* All remaining > 128-bit ephemeral suites */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]69 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]70 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]71 TLS_ECDHE_RSA_WITH_RC4_128_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]72
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]73 /* The PSK ephemeral suites */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]74 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]75 TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]76 TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame^]77 TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]78 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]79 TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]80 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame^]81 TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]82 TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
83 TLS_DHE_PSK_WITH_RC4_128_SHA,
84
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]85 /* All AES-256 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]86 TLS_RSA_WITH_AES_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]87 TLS_RSA_WITH_AES_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]88 TLS_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]89
90 /* All CAMELLIA-256 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]91 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]92 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]93
94 /* All AES-128 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]95 TLS_RSA_WITH_AES_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]96 TLS_RSA_WITH_AES_128_GCM_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]97 TLS_RSA_WITH_AES_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]98
99 /* All CAMELLIA-128 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]100 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]101 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]102
103 /* All remaining > 128-bit suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]104 TLS_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]105 TLS_RSA_WITH_RC4_128_SHA,
106 TLS_RSA_WITH_RC4_128_MD5,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]107
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]108 /* The RSA PSK suites */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]109 TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]110 TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]111 TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame^]112 TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]113 TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]114 TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]115 TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame^]116 TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]117 TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
118 TLS_RSA_PSK_WITH_RC4_128_SHA,
119
120 /* The PSK suites */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]121 TLS_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]122 TLS_PSK_WITH_AES_256_CBC_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]123 TLS_PSK_WITH_AES_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame^]124 TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]125 TLS_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]126 TLS_PSK_WITH_AES_128_CBC_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]127 TLS_PSK_WITH_AES_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame^]128 TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]129 TLS_PSK_WITH_3DES_EDE_CBC_SHA,
130 TLS_PSK_WITH_RC4_128_SHA,
131
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]132 /* Weak or NULL suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]133 TLS_DHE_RSA_WITH_DES_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]134 TLS_RSA_WITH_DES_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]135 TLS_ECDHE_RSA_WITH_NULL_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]136 TLS_RSA_WITH_NULL_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]137 TLS_RSA_WITH_NULL_SHA,
138 TLS_RSA_WITH_NULL_MD5,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]139 TLS_PSK_WITH_NULL_SHA384,
140 TLS_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]141 TLS_PSK_WITH_NULL_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]142 TLS_DHE_PSK_WITH_NULL_SHA384,
143 TLS_DHE_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]144 TLS_DHE_PSK_WITH_NULL_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]145 TLS_RSA_PSK_WITH_NULL_SHA384,
146 TLS_RSA_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]147 TLS_RSA_PSK_WITH_NULL_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]148
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]149 0
150};
151
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]152#define MAX_CIPHERSUITES 60
153static int supported_ciphersuites[MAX_CIPHERSUITES];
154static int supported_init = 0;
155
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]156static const ssl_ciphersuite_t ciphersuite_definitions[] =
157{
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]158#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]159#if defined(POLARSSL_AES_C)
160 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
161 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
162 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
163 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
164 POLARSSL_CIPHERSUITE_EC },
165 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
166 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
167 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
168 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
169 POLARSSL_CIPHERSUITE_EC },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]170#if defined(POLARSSL_SHA256_C)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]171 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
172 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
173 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
174 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
175 POLARSSL_CIPHERSUITE_EC },
176#if defined(POLARSSL_GCM_C)
177 { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
178 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
179 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
180 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
181 POLARSSL_CIPHERSUITE_EC },
182#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]183#endif /* POLARSSL_SHA256_C */
184#if defined(POLARSSL_SHA512_C)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]185 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
186 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
187 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
188 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
189 POLARSSL_CIPHERSUITE_EC },
190#if defined(POLARSSL_GCM_C)
191 { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
192 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
193 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
194 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
195 POLARSSL_CIPHERSUITE_EC },
196#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]197#endif /* POLARSSL_SHA512_C */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]198#endif /* POLARSSL_AES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]199
200#if defined(POLARSSL_CAMELLIA_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]201#if defined(POLARSSL_SHA256_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]202 { TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
203 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
204 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
205 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
206 POLARSSL_CIPHERSUITE_EC },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]207#endif /* POLARSSL_SHA256_C */
208#if defined(POLARSSL_SHA512_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]209 { TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
210 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
211 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
212 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
213 POLARSSL_CIPHERSUITE_EC },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]214#endif /* POLARSSL_SHA512_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]215#endif /* POLARSSL_CAMELLIA_C */
216
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]217#if defined(POLARSSL_DES_C)
218 { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
219 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
220 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
221 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
222 POLARSSL_CIPHERSUITE_EC },
223#endif /* POLARSSL_DES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]224
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]225#if defined(POLARSSL_ARC4_C)
226 { TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
227 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
228 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
229 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
230 POLARSSL_CIPHERSUITE_EC },
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]231#endif /* POLARSSL_ARC4_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]232
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]233#if defined(POLARSSL_CIPHER_NULL_CIPHER)
234 { TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
235 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
236 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
237 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
238 POLARSSL_CIPHERSUITE_EC | POLARSSL_CIPHERSUITE_WEAK },
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]239#endif /* POLARSSL_CIPHER_NULL_CIPHER */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]240#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]241
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]242#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]243#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]244#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]245 { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
246 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA,
247 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
248 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
249 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]250#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]251
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]252#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]253#if defined(POLARSSL_GCM_C)
254 { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
255 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
256 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
257 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
258 0 },
259#endif /* POLARSSL_GCM_C */
260
261 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
262 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
263 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
264 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
265 0 },
266
267 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
268 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
269 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
270 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
271 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]272#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]273
274 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
275 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
276 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
277 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
278 0 },
279
280 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
281 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
282 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
283 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
284 0 },
285#endif /* POLARSSL_AES_C */
286
287#if defined(POLARSSL_CAMELLIA_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]288#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]289 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
290 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
291 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
292 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
293 0 },
294
295 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
296 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
297 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
298 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
299 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]300#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]301
302 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
303 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
304 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
305 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
306 0 },
307
308 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
309 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
310 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
311 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
312 0 },
313#endif /* POLARSSL_CAMELLIA_C */
314
315#if defined(POLARSSL_DES_C)
316 { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
317 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
318 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
319 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
320 0 },
321#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]322#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]323
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]324#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]325#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]326#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]327 { TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
328 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
329 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
330 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
331 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]332#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]333
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]334#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]335#if defined(POLARSSL_GCM_C)
336 { TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
337 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
338 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
339 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
340 0 },
341#endif /* POLARSSL_GCM_C */
342
343 { TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
344 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
345 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
346 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
347 0 },
348
349 { TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
350 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
351 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
352 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
353 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]354#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]355
356 { TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
357 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
358 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
359 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
360 0 },
361
362 { TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
363 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
364 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
365 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
366 0 },
367#endif /* POLARSSL_AES_C */
368
369#if defined(POLARSSL_CAMELLIA_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]370#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]371 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
372 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
373 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
374 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
375 0 },
376
377 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
378 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
379 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
380 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
381 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]382#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]383
384 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
385 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
386 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
387 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
388 0 },
389
390 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
391 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
392 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
393 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
394 0 },
395#endif /* POLARSSL_CAMELLIA_C */
396
397#if defined(POLARSSL_DES_C)
398 { TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
399 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
400 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
401 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
402 0 },
403#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]404
405#if defined(POLARSSL_ARC4_C)
406 { TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
407 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
408 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
409 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
410 0 },
411
412 { TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
413 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
414 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
415 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
416 0 },
417#endif /* POLARSSL_ARC4_C */
418#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]419
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]420#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
421#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]422#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]423#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]424 { TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
425 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
426 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
427 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
428 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]429#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]430
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]431#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]432 { TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
433 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
434 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
435 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
436 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]437#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]438#endif /* POLARSSL_GCM_C */
439
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]440#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]441 { TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
442 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
443 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
444 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
445 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]446#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]447
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]448#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]449 { TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
450 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
451 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
452 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
453 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]454#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]455
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]456 { TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
457 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
458 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
459 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
460 0 },
461
462 { TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
463 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
464 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
465 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
466 0 },
467#endif /* POLARSSL_AES_C */
468
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame^]469#if defined(POLARSSL_CAMELLIA_C)
470#if defined(POLARSSL_SHA256_C)
471 { TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
472 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
473 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
474 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
475 0 },
476#endif /* POLARSSL_SHA256_C */
477
478#if defined(POLARSSL_SHA512_C)
479 { TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
480 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
481 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
482 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
483 0 },
484#endif /* POLARSSL_SHA512_C */
485#endif /* POLARSSL_CAMELLIA_C */
486
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]487#if defined(POLARSSL_DES_C)
488 { TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
489 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
490 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
491 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
492 0 },
493#endif /* POLARSSL_DES_C */
494
495#if defined(POLARSSL_ARC4_C)
496 { TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
497 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
498 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
499 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
500 0 },
501#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]502#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]503
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]504#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]505#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]506#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]507#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]508 { TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
509 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
510 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
511 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
512 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]513#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]514
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]515#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]516 { TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
517 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
518 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
519 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
520 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]521#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]522#endif /* POLARSSL_GCM_C */
523
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]524#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]525 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
526 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
527 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
528 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
529 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]530#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]531
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]532#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]533 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
534 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
535 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
536 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
537 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]538#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]539
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]540 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
541 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
542 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
543 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
544 0 },
545
546 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
547 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
548 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
549 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
550 0 },
551#endif /* POLARSSL_AES_C */
552
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame^]553#if defined(POLARSSL_CAMELLIA_C)
554#if defined(POLARSSL_SHA256_C)
555 { TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
556 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
557 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
558 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
559 0 },
560#endif /* POLARSSL_SHA256_C */
561
562#if defined(POLARSSL_SHA512_C)
563 { TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
564 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
565 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
566 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
567 0 },
568#endif /* POLARSSL_SHA512_C */
569#endif /* POLARSSL_CAMELLIA_C */
570
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]571#if defined(POLARSSL_DES_C)
572 { TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
573 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
574 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
575 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
576 0 },
577#endif /* POLARSSL_DES_C */
578
579#if defined(POLARSSL_ARC4_C)
580 { TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
581 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
582 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
583 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
584 0 },
585#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]586#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]587
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]588#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]589#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]590#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]591#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]592 { TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
593 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
594 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
595 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
596 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]597#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]598
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]599#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]600 { TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
601 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
602 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
603 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
604 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]605#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]606#endif /* POLARSSL_GCM_C */
607
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]608#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]609 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
610 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
611 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
612 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
613 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]614#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]615
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]616#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]617 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
618 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
619 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
620 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
621 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]622#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]623
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]624 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
625 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
626 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
627 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
628 0 },
629
630 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
631 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
632 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
633 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
634 0 },
635#endif /* POLARSSL_AES_C */
636
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame^]637#if defined(POLARSSL_CAMELLIA_C)
638#if defined(POLARSSL_SHA256_C)
639 { TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
640 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
641 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
642 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
643 0 },
644#endif /* POLARSSL_SHA256_C */
645
646#if defined(POLARSSL_SHA512_C)
647 { TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
648 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
649 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
650 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
651 0 },
652#endif /* POLARSSL_SHA512_C */
653#endif /* POLARSSL_CAMELLIA_C */
654
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]655#if defined(POLARSSL_DES_C)
656 { TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
657 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
658 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
659 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
660 0 },
661#endif /* POLARSSL_DES_C */
662
663#if defined(POLARSSL_ARC4_C)
664 { TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
665 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
666 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
667 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
668 0 },
669#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]670#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]671
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]672#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES)
673#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]674#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]675 { TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
676 POLARSSL_CIPHER_NULL, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
677 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
678 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
679 POLARSSL_CIPHERSUITE_WEAK },
680
681 { TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
682 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
683 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
684 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
685 POLARSSL_CIPHERSUITE_WEAK },
686
687 { TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
688 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
689 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
690 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
691 POLARSSL_CIPHERSUITE_WEAK },
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]692#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]693
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]694#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
695 { TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
696 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
697 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
698 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
699 POLARSSL_CIPHERSUITE_WEAK },
700#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
701
702#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
703 { TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
704 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
705 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
706 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
707 POLARSSL_CIPHERSUITE_WEAK },
708#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
709
710#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
711 { TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
712 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
713 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
714 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
715 POLARSSL_CIPHERSUITE_WEAK },
716#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
717#endif /* POLARSSL_CIPHER_NULL_CIPHER */
718
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]719#if defined(POLARSSL_DES_C)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]720#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]721 { TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
722 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
723 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
724 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
725 POLARSSL_CIPHERSUITE_WEAK },
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]726#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]727
728 { TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
729 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
730 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
731 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
732 POLARSSL_CIPHERSUITE_WEAK },
733#endif /* POLARSSL_DES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]734#endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */
735
736 { 0, "", 0, 0, 0, 0, 0, 0, 0, 0 }
737};
738
739const int *ssl_list_ciphersuites( void )
740{
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]741 /*
742 * On initial call filter out all ciphersuites not supported by current
743 * build based on presence in the ciphersuite_definitions.
744 */
745 if( supported_init == 0 )
746 {
747 const int *p = ciphersuite_preference;
748 int *q = supported_ciphersuites;
749
750 memset( supported_ciphersuites, 0x00, sizeof(supported_ciphersuites) );
751
752 while( *p != 0 )
753 {
754 if( ssl_ciphersuite_from_id( *p ) != NULL )
755 *(q++) = *p;
756
757 p++;
758 }
759 supported_init = 1;
760 }
761
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]762 return supported_ciphersuites;
763};
764
765const ssl_ciphersuite_t *ssl_ciphersuite_from_string( const char *ciphersuite_name )
766{
767 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
768
769 if( NULL == ciphersuite_name )
770 return( NULL );
771
772 while( cur->id != 0 )
773 {
774 if( 0 == strcasecmp( cur->name, ciphersuite_name ) )
775 return( cur );
776
777 cur++;
778 }
779
780 return( NULL );
781}
782
783const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite )
784{
785 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
786
787 while( cur->id != 0 )
788 {
789 if( cur->id == ciphersuite )
790 return( cur );
791
792 cur++;
793 }
794
795 return( NULL );
796}
797
798const char *ssl_get_ciphersuite_name( const int ciphersuite_id )
799{
800 const ssl_ciphersuite_t *cur;
801
802 cur = ssl_ciphersuite_from_id( ciphersuite_id );
803
804 if( cur == NULL )
805 return( "unknown" );
806
807 return( cur->name );
808}
809
810int ssl_get_ciphersuite_id( const char *ciphersuite_name )
811{
812 const ssl_ciphersuite_t *cur;
813
814 cur = ssl_ciphersuite_from_string( ciphersuite_name );
815
816 if( cur == NULL )
817 return( 0 );
818
819 return( cur->id );
820}
821
822#endif