TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 4f4f271850b03dd4f9932a29c4bb7aba8ed76e5e / . / library / ssl_ciphersuites.c
blob: 402463f9d7f5ba7920ec3667529b1ee5450a7750 [file] [log] [blame]
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1/**
2 * \file ssl_ciphersuites.c
3 *
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +0000[diff] [blame]4 * \brief SSL ciphersuites for mbed TLS
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]5 *
Bence Szépkúti1e148272020-08-07 13:07:28 +0200[diff] [blame]6 * Copyright The Mbed TLS Contributors
Manuel Pégourié-Gonnard37ff1402015-09-04 14:21:07 +0200[diff] [blame]7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]20 */
21
Gilles Peskinedb09ef62020-06-03 01:43:33 +0200[diff] [blame]22#include "common.h"
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]23
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]24#if defined(MBEDTLS_SSL_TLS_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]25
SimonBd5800b72016-04-26 07:43:27 +0100[diff] [blame]26#if defined(MBEDTLS_PLATFORM_C)
27#include "mbedtls/platform.h"
28#else
29#include <stdlib.h>
SimonBd5800b72016-04-26 07:43:27 +0100[diff] [blame]30#endif
31
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]32#include "mbedtls/ssl_ciphersuites.h"
33#include "mbedtls/ssl.h"
Manuel Pégourié-Gonnardcac90a12021-06-04 11:42:30 +0200[diff] [blame]34#include "ssl_misc.h"
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]35
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]36#include <string.h>
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]37
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]38/*
39 * Ordered from most preferred to least preferred in terms of security.
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]40 *
TRodziewicz75628d52021-06-18 12:56:27 +0200[diff] [blame]41 * Current rule (except weak and null which come last):
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]42 * 1. By key exchange:
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]43 * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]44 * 2. By key length and cipher:
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]45 * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]46 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]47 * 4. By hash function used when relevant
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]48 * 5. By key exchange/auth again: EC > non-EC
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]49 */
50static const int ciphersuite_preference[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]51{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]52#if defined(MBEDTLS_SSL_CIPHERSUITES)
53 MBEDTLS_SSL_CIPHERSUITES,
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]54#else
Ronald Cron6f135e12021-12-08 16:57:54 +0100[diff] [blame]55#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]56 /* TLS 1.3 ciphersuites */
57 MBEDTLS_TLS1_3_AES_128_GCM_SHA256,
58 MBEDTLS_TLS1_3_AES_256_GCM_SHA384,
59 MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256,
60 MBEDTLS_TLS1_3_AES_128_CCM_SHA256,
61 MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256,
Ronald Cron6f135e12021-12-08 16:57:54 +0100[diff] [blame]62#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]63
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]64 /* Chacha-Poly ephemeral suites */
65 MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
66 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
67 MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
68
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]69 /* All AES-256 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]70 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
71 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
72 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
73 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
74 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
75 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
76 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
77 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
78 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
79 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
80 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
81 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
82 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]83
84 /* All CAMELLIA-256 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]85 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
86 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
87 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
88 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
89 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
90 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
91 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]92
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]93 /* All ARIA-256 ephemeral suites */
94 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
95 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
96 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
97 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
98 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
99 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
100
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]101 /* All AES-128 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]102 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
103 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
104 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
105 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
106 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
107 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
108 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
109 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
110 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
111 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
112 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
113 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
114 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]115
116 /* All CAMELLIA-128 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]117 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
118 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
119 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
120 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
121 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
122 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
123 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]124
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]125 /* All ARIA-128 ephemeral suites */
126 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
127 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
128 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
129 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
130 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
131 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
132
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]133 /* The PSK ephemeral suites */
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]134 MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
135 MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]136 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
137 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
138 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
139 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
140 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
141 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
142 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
143 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
144 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
145 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]146 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
147 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
148 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]149
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]150 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
151 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM,
152 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
153 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
154 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
155 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
156 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
157 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
158 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
159 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]160 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
161 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
162 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]163
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]164 /* The ECJPAKE suite */
165 MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
166
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]167 /* All AES-256 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]168 MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
169 MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
170 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
171 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
172 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
173 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
174 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
175 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
176 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
177 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
178 MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]179
180 /* All CAMELLIA-256 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]181 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
182 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
183 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
184 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
185 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
186 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
187 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]188
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]189 /* All ARIA-256 suites */
190 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
191 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
192 MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
193 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
194 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
195 MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
196
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]197 /* All AES-128 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]198 MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
199 MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
200 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
201 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
202 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
203 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
204 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
205 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
206 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
207 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
208 MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]209
210 /* All CAMELLIA-128 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]211 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
212 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
213 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
214 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
215 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
216 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
217 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]218
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]219 /* All ARIA-128 suites */
220 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
221 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
222 MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
223 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
224 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
225 MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
226
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]227 /* The RSA PSK suites */
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]228 MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]229 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
230 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
231 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
232 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
233 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]234 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
235 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]236
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]237 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
238 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
239 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
240 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
241 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]242 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
243 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]244
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]245 /* The PSK suites */
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]246 MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]247 MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
248 MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
249 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
250 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
251 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
252 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
253 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]254 MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
255 MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]256
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]257 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
258 MBEDTLS_TLS_PSK_WITH_AES_128_CCM,
259 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
260 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
261 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
262 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
263 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]264 MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
265 MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]266
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]267 /* NULL suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]268 MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
269 MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
270 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
271 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
272 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
273 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
274 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
275 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]276
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]277 MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
278 MBEDTLS_TLS_RSA_WITH_NULL_SHA,
279 MBEDTLS_TLS_RSA_WITH_NULL_MD5,
280 MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
281 MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
282 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
283 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
284 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
285 MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
286 MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
287 MBEDTLS_TLS_PSK_WITH_NULL_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]288
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]289#endif /* MBEDTLS_SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]290 0
291};
292
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]293static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]294{
Ronald Cron6f135e12021-12-08 16:57:54 +0100[diff] [blame]295#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]296#if defined(MBEDTLS_AES_C)
297#if defined(MBEDTLS_GCM_C)
Jerry Yu69e0ec42021-08-24 10:44:15 +0800[diff] [blame]298#if defined(MBEDTLS_SHA384_C)
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]299 { MBEDTLS_TLS1_3_AES_256_GCM_SHA384, "TLS1-3-AES-256-GCM-SHA384",
300 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384,
301 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]302 0,
303 MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
Jerry Yu69e0ec42021-08-24 10:44:15 +0800[diff] [blame]304#endif /* MBEDTLS_SHA384_C */
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]305#if defined(MBEDTLS_SHA256_C)
306 { MBEDTLS_TLS1_3_AES_128_GCM_SHA256, "TLS1-3-AES-128-GCM-SHA256",
307 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256,
308 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]309 0,
310 MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]311#endif /* MBEDTLS_SHA256_C */
312#endif /* MBEDTLS_GCM_C */
313#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_SHA256_C)
314 { MBEDTLS_TLS1_3_AES_128_CCM_SHA256, "TLS1-3-AES-128-CCM-SHA256",
315 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256,
316 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]317 0,
318 MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]319 { MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256, "TLS1-3-AES-128-CCM-8-SHA256",
320 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256,
321 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]322 MBEDTLS_CIPHERSUITE_SHORT_TAG,
323 MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]324#endif /* MBEDTLS_SHA256_C && MBEDTLS_CCM_C */
325#endif /* MBEDTLS_AES_C */
326#if defined(MBEDTLS_CHACHAPOLY_C) && defined(MBEDTLS_SHA256_C)
327 { MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256,
328 "TLS1-3-CHACHA20-POLY1305-SHA256",
329 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
330 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]331 0,
332 MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]333#endif /* MBEDTLS_CHACHAPOLY_C && MBEDTLS_SHA256_C */
Ronald Cron6f135e12021-12-08 16:57:54 +0100[diff] [blame]334#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]335
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]336#if defined(MBEDTLS_CHACHAPOLY_C) && \
337 defined(MBEDTLS_SHA256_C) && \
338 defined(MBEDTLS_SSL_PROTO_TLS1_2)
339#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
340 { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
341 "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
342 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
343 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]344 0,
345 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]346#endif
347#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
348 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
349 "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256",
350 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
351 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]352 0,
353 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]354#endif
355#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
356 { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
357 "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
358 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
359 MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]360 0,
361 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]362#endif
363#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
364 { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
365 "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256",
366 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
367 MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]368 0,
369 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]370#endif
371#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
372 { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
373 "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
374 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
375 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]376 0,
377 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]378#endif
379#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
380 { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
381 "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
382 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
383 MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]384 0,
385 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]386#endif
387#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
388 { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
389 "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256",
390 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
391 MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]392 0,
393 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]394#endif
395#endif /* MBEDTLS_CHACHAPOLY_C &&
396 MBEDTLS_SHA256_C &&
397 MBEDTLS_SSL_PROTO_TLS1_2 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]398#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
399#if defined(MBEDTLS_AES_C)
400#if defined(MBEDTLS_SHA1_C)
401#if defined(MBEDTLS_CIPHER_MODE_CBC)
402 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
403 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]404 0,
405 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]406 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
407 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]408 0,
409 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]410#endif /* MBEDTLS_CIPHER_MODE_CBC */
411#endif /* MBEDTLS_SHA1_C */
412#if defined(MBEDTLS_SHA256_C)
413#if defined(MBEDTLS_CIPHER_MODE_CBC)
414 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
415 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]416 0,
417 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]418#endif /* MBEDTLS_CIPHER_MODE_CBC */
419#if defined(MBEDTLS_GCM_C)
420 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
421 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]422 0,
423 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]424#endif /* MBEDTLS_GCM_C */
425#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]426#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]427#if defined(MBEDTLS_CIPHER_MODE_CBC)
428 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
429 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]430 0,
431 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]432#endif /* MBEDTLS_CIPHER_MODE_CBC */
433#if defined(MBEDTLS_GCM_C)
434 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
435 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]436 0,
437 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]438#endif /* MBEDTLS_GCM_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]439#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]440#if defined(MBEDTLS_CCM_C)
441 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
442 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]443 0,
444 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]445 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
446 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]447 MBEDTLS_CIPHERSUITE_SHORT_TAG,
448 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]449 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
450 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]451 0,
452 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]453 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
454 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]455 MBEDTLS_CIPHERSUITE_SHORT_TAG,
456 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]457#endif /* MBEDTLS_CCM_C */
458#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]459
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]460#if defined(MBEDTLS_CAMELLIA_C)
461#if defined(MBEDTLS_CIPHER_MODE_CBC)
462#if defined(MBEDTLS_SHA256_C)
463 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
464 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]465 0,
466 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]467#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]468#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]469 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
470 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]471 0,
472 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]473#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]474#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]475
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]476#if defined(MBEDTLS_GCM_C)
477#if defined(MBEDTLS_SHA256_C)
478 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
479 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]480 0,
481 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]482#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]483#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]484 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
485 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]486 0,
487 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]488#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]489#endif /* MBEDTLS_GCM_C */
490#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]491
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]492#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
493#if defined(MBEDTLS_SHA1_C)
494 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
495 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]496 MBEDTLS_CIPHERSUITE_WEAK,
497 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]498#endif /* MBEDTLS_SHA1_C */
499#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
500#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]501
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]502#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
503#if defined(MBEDTLS_AES_C)
504#if defined(MBEDTLS_SHA1_C)
505#if defined(MBEDTLS_CIPHER_MODE_CBC)
506 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
507 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]508 0,
509 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]510 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
511 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]512 0,
513 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]514#endif /* MBEDTLS_CIPHER_MODE_CBC */
515#endif /* MBEDTLS_SHA1_C */
516#if defined(MBEDTLS_SHA256_C)
517#if defined(MBEDTLS_CIPHER_MODE_CBC)
518 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
519 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]520 0,
521 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]522#endif /* MBEDTLS_CIPHER_MODE_CBC */
523#if defined(MBEDTLS_GCM_C)
524 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
525 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]526 0,
527 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]528#endif /* MBEDTLS_GCM_C */
529#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]530#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]531#if defined(MBEDTLS_CIPHER_MODE_CBC)
532 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
533 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]534 0,
535 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]536#endif /* MBEDTLS_CIPHER_MODE_CBC */
537#if defined(MBEDTLS_GCM_C)
538 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
539 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]540 0,
541 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]542#endif /* MBEDTLS_GCM_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]543#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]544#endif /* MBEDTLS_AES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]545
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]546#if defined(MBEDTLS_CAMELLIA_C)
547#if defined(MBEDTLS_CIPHER_MODE_CBC)
548#if defined(MBEDTLS_SHA256_C)
549 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
550 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]551 0,
552 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]553#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]554#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]555 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
556 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]557 0,
558 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]559#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]560#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]561
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]562#if defined(MBEDTLS_GCM_C)
563#if defined(MBEDTLS_SHA256_C)
564 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
565 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]566 0,
567 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]568#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]569#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]570 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
571 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]572 0,
573 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]574#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]575#endif /* MBEDTLS_GCM_C */
576#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]577
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]578#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
579#if defined(MBEDTLS_SHA1_C)
580 { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
581 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]582 MBEDTLS_CIPHERSUITE_WEAK,
583 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]584#endif /* MBEDTLS_SHA1_C */
585#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
586#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]587
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]588#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
589#if defined(MBEDTLS_AES_C)
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]590#if defined(MBEDTLS_SHA384_C) && \
591 defined(MBEDTLS_GCM_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]592 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
593 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]594 0,
595 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]596#endif /* MBEDTLS_SHA384_C && MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]597
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]598#if defined(MBEDTLS_SHA256_C)
599#if defined(MBEDTLS_GCM_C)
600 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
601 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]602 0,
603 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]604#endif /* MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]605
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]606#if defined(MBEDTLS_CIPHER_MODE_CBC)
607 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
608 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]609 0,
610 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]611
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]612 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
613 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]614 0,
615 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]616#endif /* MBEDTLS_CIPHER_MODE_CBC */
617#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]618
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]619#if defined(MBEDTLS_CIPHER_MODE_CBC)
620#if defined(MBEDTLS_SHA1_C)
621 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
622 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]623 0,
624 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]625
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]626 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
627 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]628 0,
629 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]630#endif /* MBEDTLS_SHA1_C */
631#endif /* MBEDTLS_CIPHER_MODE_CBC */
632#if defined(MBEDTLS_CCM_C)
633 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
634 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]635 0,
636 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]637 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
638 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]639 MBEDTLS_CIPHERSUITE_SHORT_TAG,
640 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]641 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
642 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]643 0,
644 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]645 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
646 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]647 MBEDTLS_CIPHERSUITE_SHORT_TAG,
648 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]649#endif /* MBEDTLS_CCM_C */
650#endif /* MBEDTLS_AES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]651
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]652#if defined(MBEDTLS_CAMELLIA_C)
653#if defined(MBEDTLS_CIPHER_MODE_CBC)
654#if defined(MBEDTLS_SHA256_C)
655 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
656 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]657 0,
658 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]659
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]660 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
661 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]662 0,
663 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]664#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]665
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]666#if defined(MBEDTLS_SHA1_C)
667 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
668 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]669 0,
670 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]671
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]672 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
673 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]674 0,
675 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]676#endif /* MBEDTLS_SHA1_C */
677#endif /* MBEDTLS_CIPHER_MODE_CBC */
678#if defined(MBEDTLS_GCM_C)
679#if defined(MBEDTLS_SHA256_C)
680 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
681 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]682 0,
683 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]684#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]685
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]686#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]687 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
688 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]689 0,
690 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]691#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]692#endif /* MBEDTLS_GCM_C */
693#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]694
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]695#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]696
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]697#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
698#if defined(MBEDTLS_AES_C)
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]699#if defined(MBEDTLS_SHA384_C) && \
700 defined(MBEDTLS_GCM_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]701 { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
702 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]703 0,
704 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]705#endif /* MBEDTLS_SHA384_C && MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]706
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]707#if defined(MBEDTLS_SHA256_C)
708#if defined(MBEDTLS_GCM_C)
709 { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
710 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]711 0,
712 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]713#endif /* MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]714
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]715#if defined(MBEDTLS_CIPHER_MODE_CBC)
716 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
717 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]718 0,
719 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]720
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]721 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
722 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]723 0,
724 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]725#endif /* MBEDTLS_CIPHER_MODE_CBC */
726#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]727
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]728#if defined(MBEDTLS_SHA1_C)
729#if defined(MBEDTLS_CIPHER_MODE_CBC)
730 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
731 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]732 0,
733 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]734
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]735 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
736 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]737 0,
738 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]739#endif /* MBEDTLS_CIPHER_MODE_CBC */
740#endif /* MBEDTLS_SHA1_C */
741#if defined(MBEDTLS_CCM_C)
742 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
743 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]744 0,
745 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]746 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
747 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]748 MBEDTLS_CIPHERSUITE_SHORT_TAG,
749 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]750 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
751 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]752 0,
753 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]754 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
755 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]756 MBEDTLS_CIPHERSUITE_SHORT_TAG,
757 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]758#endif /* MBEDTLS_CCM_C */
759#endif /* MBEDTLS_AES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]760
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]761#if defined(MBEDTLS_CAMELLIA_C)
762#if defined(MBEDTLS_CIPHER_MODE_CBC)
763#if defined(MBEDTLS_SHA256_C)
764 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
765 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]766 0,
767 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]768
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]769 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
770 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]771 0,
772 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]773#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]774
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]775#if defined(MBEDTLS_SHA1_C)
776 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
777 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]778 0,
779 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]780
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]781 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
782 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]783 0,
784 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]785#endif /* MBEDTLS_SHA1_C */
786#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]787
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]788#if defined(MBEDTLS_GCM_C)
789#if defined(MBEDTLS_SHA256_C)
790 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
791 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]792 0,
793 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]794#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]795
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]796#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]797 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
798 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]799 0,
800 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]801#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]802#endif /* MBEDTLS_GCM_C */
803#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]804
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]805#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]806
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]807#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
808#if defined(MBEDTLS_AES_C)
809#if defined(MBEDTLS_SHA1_C)
810#if defined(MBEDTLS_CIPHER_MODE_CBC)
811 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
812 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]813 0,
814 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]815 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
816 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]817 0,
818 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]819#endif /* MBEDTLS_CIPHER_MODE_CBC */
820#endif /* MBEDTLS_SHA1_C */
821#if defined(MBEDTLS_SHA256_C)
822#if defined(MBEDTLS_CIPHER_MODE_CBC)
823 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
824 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]825 0,
826 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]827#endif /* MBEDTLS_CIPHER_MODE_CBC */
828#if defined(MBEDTLS_GCM_C)
829 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
830 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]831 0,
832 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]833#endif /* MBEDTLS_GCM_C */
834#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]835#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]836#if defined(MBEDTLS_CIPHER_MODE_CBC)
837 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
838 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]839 0,
840 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]841#endif /* MBEDTLS_CIPHER_MODE_CBC */
842#if defined(MBEDTLS_GCM_C)
843 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
844 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]845 0,
846 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]847#endif /* MBEDTLS_GCM_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]848#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]849#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]850
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]851#if defined(MBEDTLS_CAMELLIA_C)
852#if defined(MBEDTLS_CIPHER_MODE_CBC)
853#if defined(MBEDTLS_SHA256_C)
854 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
855 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]856 0,
857 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]858#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]859#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]860 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
861 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]862 0,
863 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]864#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]865#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]866
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]867#if defined(MBEDTLS_GCM_C)
868#if defined(MBEDTLS_SHA256_C)
869 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
870 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]871 0,
872 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]873#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]874#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]875 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
876 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]877 0,
878 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]879#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]880#endif /* MBEDTLS_GCM_C */
881#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]882
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]883#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
884#if defined(MBEDTLS_SHA1_C)
885 { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
886 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]887 MBEDTLS_CIPHERSUITE_WEAK,
888 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]889#endif /* MBEDTLS_SHA1_C */
890#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
891#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]892
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]893#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
894#if defined(MBEDTLS_AES_C)
895#if defined(MBEDTLS_SHA1_C)
896#if defined(MBEDTLS_CIPHER_MODE_CBC)
897 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
898 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]899 0,
900 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]901 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
902 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]903 0,
904 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]905#endif /* MBEDTLS_CIPHER_MODE_CBC */
906#endif /* MBEDTLS_SHA1_C */
907#if defined(MBEDTLS_SHA256_C)
908#if defined(MBEDTLS_CIPHER_MODE_CBC)
909 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
910 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]911 0,
912 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]913#endif /* MBEDTLS_CIPHER_MODE_CBC */
914#if defined(MBEDTLS_GCM_C)
915 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
916 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]917 0,
918 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]919#endif /* MBEDTLS_GCM_C */
920#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]921#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]922#if defined(MBEDTLS_CIPHER_MODE_CBC)
923 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
924 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]925 0,
926 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]927#endif /* MBEDTLS_CIPHER_MODE_CBC */
928#if defined(MBEDTLS_GCM_C)
929 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
930 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]931 0,
932 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]933#endif /* MBEDTLS_GCM_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]934#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]935#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]936
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]937#if defined(MBEDTLS_CAMELLIA_C)
938#if defined(MBEDTLS_CIPHER_MODE_CBC)
939#if defined(MBEDTLS_SHA256_C)
940 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
941 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]942 0,
943 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]944#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]945#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]946 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
947 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]948 0,
949 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]950#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]951#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]952
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]953#if defined(MBEDTLS_GCM_C)
954#if defined(MBEDTLS_SHA256_C)
955 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
956 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]957 0,
958 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]959#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]960#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]961 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
962 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]963 0,
964 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]965#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]966#endif /* MBEDTLS_GCM_C */
967#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]968
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]969#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
970#if defined(MBEDTLS_SHA1_C)
971 { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
972 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]973 MBEDTLS_CIPHERSUITE_WEAK,
974 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]975#endif /* MBEDTLS_SHA1_C */
976#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
977#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]978
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]979#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
980#if defined(MBEDTLS_AES_C)
981#if defined(MBEDTLS_GCM_C)
982#if defined(MBEDTLS_SHA256_C)
983 { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
984 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]985 0,
986 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]987#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]988
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]989#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]990 { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
991 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]992 0,
993 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]994#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]995#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]996
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]997#if defined(MBEDTLS_CIPHER_MODE_CBC)
998#if defined(MBEDTLS_SHA256_C)
999 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1000 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1001 0,
1002 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1003#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1004
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1005#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1006 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1007 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1008 0,
1009 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1010#endif /* MBEDTLS_SHA384_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1011
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1012#if defined(MBEDTLS_SHA1_C)
1013 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1014 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1015 0,
1016 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1017
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1018 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1019 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1020 0,
1021 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1022#endif /* MBEDTLS_SHA1_C */
1023#endif /* MBEDTLS_CIPHER_MODE_CBC */
1024#if defined(MBEDTLS_CCM_C)
1025 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
1026 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1027 0,
1028 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1029 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
1030 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1031 MBEDTLS_CIPHERSUITE_SHORT_TAG,
1032 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1033 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
1034 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1035 0,
1036 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1037 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
1038 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1039 MBEDTLS_CIPHERSUITE_SHORT_TAG,
1040 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1041#endif /* MBEDTLS_CCM_C */
1042#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1043
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1044#if defined(MBEDTLS_CAMELLIA_C)
1045#if defined(MBEDTLS_CIPHER_MODE_CBC)
1046#if defined(MBEDTLS_SHA256_C)
1047 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1048 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1049 0,
1050 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1051#endif /* MBEDTLS_SHA256_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1052
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1053#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1054 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1055 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1056 0,
1057 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1058#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1059#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1060
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1061#if defined(MBEDTLS_GCM_C)
1062#if defined(MBEDTLS_SHA256_C)
1063 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1064 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1065 0,
1066 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1067#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1068
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1069#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1070 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1071 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1072 0,
1073 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1074#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1075#endif /* MBEDTLS_GCM_C */
1076#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1077
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1078#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1079
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1080#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1081#if defined(MBEDTLS_AES_C)
1082#if defined(MBEDTLS_GCM_C)
1083#if defined(MBEDTLS_SHA256_C)
1084 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1085 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1086 0,
1087 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1088#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1089
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1090#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1091 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1092 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1093 0,
1094 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1095#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1096#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1097
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1098#if defined(MBEDTLS_CIPHER_MODE_CBC)
1099#if defined(MBEDTLS_SHA256_C)
1100 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1101 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1102 0,
1103 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1104#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1105
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1106#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1107 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1108 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1109 0,
1110 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1111#endif /* MBEDTLS_SHA384_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1112
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1113#if defined(MBEDTLS_SHA1_C)
1114 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1115 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1116 0,
1117 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1118
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1119 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1120 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1121 0,
1122 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1123#endif /* MBEDTLS_SHA1_C */
1124#endif /* MBEDTLS_CIPHER_MODE_CBC */
1125#if defined(MBEDTLS_CCM_C)
1126 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
1127 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1128 0,
1129 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1130 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1131 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1132 MBEDTLS_CIPHERSUITE_SHORT_TAG,
1133 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1134 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
1135 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1136 0,
1137 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1138 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1139 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1140 MBEDTLS_CIPHERSUITE_SHORT_TAG,
1141 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1142#endif /* MBEDTLS_CCM_C */
1143#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1144
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1145#if defined(MBEDTLS_CAMELLIA_C)
1146#if defined(MBEDTLS_CIPHER_MODE_CBC)
1147#if defined(MBEDTLS_SHA256_C)
1148 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1149 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1150 0,
1151 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1152#endif /* MBEDTLS_SHA256_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1153
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1154#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1155 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1156 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1157 0,
1158 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1159#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1160#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1161
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1162#if defined(MBEDTLS_GCM_C)
1163#if defined(MBEDTLS_SHA256_C)
1164 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1165 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1166 0,
1167 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1168#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1169
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1170#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1171 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1172 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1173 0,
1174 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1175#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1176#endif /* MBEDTLS_GCM_C */
1177#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1178
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1179#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1180
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1181#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1182#if defined(MBEDTLS_AES_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1183
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1184#if defined(MBEDTLS_CIPHER_MODE_CBC)
1185#if defined(MBEDTLS_SHA256_C)
1186 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1187 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1188 0,
1189 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1190#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1191
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1192#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1193 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1194 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1195 0,
1196 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1197#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1198
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1199#if defined(MBEDTLS_SHA1_C)
1200 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1201 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1202 0,
1203 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1204
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1205 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1206 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1207 0,
1208 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1209#endif /* MBEDTLS_SHA1_C */
1210#endif /* MBEDTLS_CIPHER_MODE_CBC */
1211#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1212
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1213#if defined(MBEDTLS_CAMELLIA_C)
1214#if defined(MBEDTLS_CIPHER_MODE_CBC)
1215#if defined(MBEDTLS_SHA256_C)
1216 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1217 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1218 0,
1219 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1220#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1221
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1222#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1223 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1224 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1225 0,
1226 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1227#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1228#endif /* MBEDTLS_CIPHER_MODE_CBC */
1229#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1230
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1231#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1232
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1233#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1234#if defined(MBEDTLS_AES_C)
1235#if defined(MBEDTLS_GCM_C)
1236#if defined(MBEDTLS_SHA256_C)
1237 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1238 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1239 0,
1240 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1241#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1242
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1243#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1244 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1245 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1246 0,
1247 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1248#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1249#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1250
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1251#if defined(MBEDTLS_CIPHER_MODE_CBC)
1252#if defined(MBEDTLS_SHA256_C)
1253 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1254 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1255 0,
1256 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1257#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1258
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1259#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1260 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1261 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1262 0,
1263 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1264#endif /* MBEDTLS_SHA384_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1265
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1266#if defined(MBEDTLS_SHA1_C)
1267 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1268 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1269 0,
1270 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1271
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1272 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1273 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1274 0,
1275 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1276#endif /* MBEDTLS_SHA1_C */
1277#endif /* MBEDTLS_CIPHER_MODE_CBC */
1278#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1279
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1280#if defined(MBEDTLS_CAMELLIA_C)
1281#if defined(MBEDTLS_CIPHER_MODE_CBC)
1282#if defined(MBEDTLS_SHA256_C)
1283 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1284 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1285 0,
1286 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1287#endif /* MBEDTLS_SHA256_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1288
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1289#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1290 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1291 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1292 0,
1293 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1294#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1295#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1296
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1297#if defined(MBEDTLS_GCM_C)
1298#if defined(MBEDTLS_SHA256_C)
1299 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1300 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1301 0,
1302 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1303#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1304
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1305#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1306 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1307 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1308 0,
1309 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1310#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1311#endif /* MBEDTLS_GCM_C */
1312#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1313
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1314#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1315
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]1316#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1317#if defined(MBEDTLS_AES_C)
1318#if defined(MBEDTLS_CCM_C)
1319 { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8",
1320 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1321 MBEDTLS_CIPHERSUITE_SHORT_TAG,
1322 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]1323#endif /* MBEDTLS_CCM_C */
1324#endif /* MBEDTLS_AES_C */
1325#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1326
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1327#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1328#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1329#if defined(MBEDTLS_MD5_C)
1330 { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1331 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1332 MBEDTLS_CIPHERSUITE_WEAK,
1333 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1334#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1335
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1336#if defined(MBEDTLS_SHA1_C)
1337 { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1338 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1339 MBEDTLS_CIPHERSUITE_WEAK,
1340 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1341#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1342
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1343#if defined(MBEDTLS_SHA256_C)
1344 { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1345 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1346 MBEDTLS_CIPHERSUITE_WEAK,
1347 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1348#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1349#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1350
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1351#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1352#if defined(MBEDTLS_SHA1_C)
1353 { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1354 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1355 MBEDTLS_CIPHERSUITE_WEAK,
1356 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1357#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1358
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1359#if defined(MBEDTLS_SHA256_C)
1360 { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1361 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1362 MBEDTLS_CIPHERSUITE_WEAK,
1363 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1364#endif
1365
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1366#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1367 { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1368 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1369 MBEDTLS_CIPHERSUITE_WEAK,
1370 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1371#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1372#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1373
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1374#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1375#if defined(MBEDTLS_SHA1_C)
1376 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1377 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1378 MBEDTLS_CIPHERSUITE_WEAK,
1379 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1380#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1381
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1382#if defined(MBEDTLS_SHA256_C)
1383 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1384 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1385 MBEDTLS_CIPHERSUITE_WEAK,
1386 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1387#endif
1388
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1389#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1390 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1391 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1392 MBEDTLS_CIPHERSUITE_WEAK,
1393 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1394#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1395#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1396
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1397#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1398#if defined(MBEDTLS_SHA1_C)
1399 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1400 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1401 MBEDTLS_CIPHERSUITE_WEAK,
1402 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1403#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1404
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1405#if defined(MBEDTLS_SHA256_C)
1406 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1407 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1408 MBEDTLS_CIPHERSUITE_WEAK,
1409 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1410#endif
1411
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1412#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1413 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1414 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1415 MBEDTLS_CIPHERSUITE_WEAK,
1416 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1417#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1418#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1419
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1420#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1421#if defined(MBEDTLS_SHA1_C)
1422 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1423 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1424 MBEDTLS_CIPHERSUITE_WEAK,
1425 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1426#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1427
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1428#if defined(MBEDTLS_SHA256_C)
1429 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
1430 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1431 MBEDTLS_CIPHERSUITE_WEAK,
1432 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1433#endif
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1434
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1435#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1436 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
1437 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1438 MBEDTLS_CIPHERSUITE_WEAK,
1439 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1440#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1441#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1442#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1443
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1444#if defined(MBEDTLS_ARIA_C)
1445
1446#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1447
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1448#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1449 { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
1450 "TLS-RSA-WITH-ARIA-256-GCM-SHA384",
1451 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1452 0,
1453 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1454#endif
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1455#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1456 { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
1457 "TLS-RSA-WITH-ARIA-256-CBC-SHA384",
1458 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1459 0,
1460 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1461#endif
1462#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1463 { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
1464 "TLS-RSA-WITH-ARIA-128-GCM-SHA256",
1465 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1466 0,
1467 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1468#endif
1469#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1470 { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
1471 "TLS-RSA-WITH-ARIA-128-CBC-SHA256",
1472 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1473 0,
1474 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1475#endif
1476
1477#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1478
1479#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1480
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1481#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1482 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
1483 "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
1484 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1485 0,
1486 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1487#endif
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1488#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1489 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
1490 "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
1491 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1492 0,
1493 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1494#endif
1495#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1496 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
1497 "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256",
1498 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1499 0,
1500 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1501#endif
1502#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1503 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
1504 "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
1505 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1506 0,
1507 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1508#endif
1509
1510#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1511
1512#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1513
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1514#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1515 { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
1516 "TLS-PSK-WITH-ARIA-256-GCM-SHA384",
1517 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1518 0,
1519 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1520#endif
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1521#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1522 { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
1523 "TLS-PSK-WITH-ARIA-256-CBC-SHA384",
1524 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1525 0,
1526 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1527#endif
1528#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1529 { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
1530 "TLS-PSK-WITH-ARIA-128-GCM-SHA256",
1531 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1532 0,
1533 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1534#endif
1535#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1536 { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
1537 "TLS-PSK-WITH-ARIA-128-CBC-SHA256",
1538 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1539 0,
1540 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1541#endif
1542
1543#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1544
1545#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
1546
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1547#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1548 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
1549 "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384",
1550 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1551 0,
1552 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1553#endif
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1554#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1555 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
1556 "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
1557 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1558 0,
1559 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1560#endif
1561#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1562 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
1563 "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256",
1564 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1565 0,
1566 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1567#endif
1568#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1569 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
1570 "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256",
1571 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1572 0,
1573 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1574#endif
1575
1576#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
1577
1578#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
1579
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1580#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1581 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
1582 "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
1583 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1584 0,
1585 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1586#endif
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1587#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1588 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
1589 "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
1590 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1591 0,
1592 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1593#endif
1594#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1595 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
1596 "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
1597 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1598 0,
1599 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1600#endif
1601#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1602 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
1603 "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256",
1604 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1605 0,
1606 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1607#endif
1608
1609#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
1610
1611#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1612
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1613#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1614 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
1615 "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
1616 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1617 0,
1618 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1619#endif
1620#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1621 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
1622 "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256",
1623 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1624 0,
1625 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1626#endif
1627
1628#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1629
1630#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
1631
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1632#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1633 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
1634 "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
1635 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1636 0,
1637 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1638#endif
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1639#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1640 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
1641 "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
1642 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1643 0,
1644 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1645#endif
1646#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1647 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
1648 "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
1649 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1650 0,
1651 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1652#endif
1653#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1654 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
1655 "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256",
1656 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1657 0,
1658 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1659#endif
1660
1661#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
1662
1663#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
1664
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1665#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1666 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
1667 "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384",
1668 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1669 0,
1670 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1671#endif
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1672#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1673 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
1674 "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
1675 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1676 0,
1677 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1678#endif
1679#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1680 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
1681 "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256",
1682 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1683 0,
1684 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1685#endif
1686#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1687 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
1688 "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256",
1689 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1690 0,
1691 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1692#endif
1693
1694#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
1695
1696#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
1697
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1698#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1699 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
1700 "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
1701 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1702 0,
1703 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1704#endif
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1705#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1706 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
1707 "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
1708 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1709 0,
1710 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1711#endif
1712#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1713 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
1714 "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
1715 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1716 0,
1717 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1718#endif
1719#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1720 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
1721 "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256",
1722 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1723 0,
1724 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1725#endif
1726
1727#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
1728
1729#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1730
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1731#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1732 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
1733 "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
1734 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1735 0,
1736 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1737#endif
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1738#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1739 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
1740 "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
1741 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1742 0,
1743 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1744#endif
1745#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1746 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
1747 "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
1748 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1749 0,
1750 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1751#endif
1752#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1753 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
1754 "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256",
1755 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1756 0,
1757 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1758#endif
1759
1760#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1761
1762#endif /* MBEDTLS_ARIA_C */
1763
1764
Manuel Pégourié-Gonnarda2733712015-02-10 17:32:14 +0100[diff] [blame]1765 { 0, "",
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1766 MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1767 0, 0, 0 }
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1768};
1769
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1770#if defined(MBEDTLS_SSL_CIPHERSUITES)
1771const int *mbedtls_ssl_list_ciphersuites( void )
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]1772{
1773 return( ciphersuite_preference );
1774}
1775#else
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1776#define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
1777 sizeof( ciphersuite_definitions[0] )
1778static int supported_ciphersuites[MAX_CIPHERSUITES];
1779static int supported_init = 0;
1780
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]1781static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info )
1782{
1783 (void)cs_info;
1784
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]1785 return( 0 );
1786}
1787
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1788const int *mbedtls_ssl_list_ciphersuites( void )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1789{
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1790 /*
1791 * On initial call filter out all ciphersuites not supported by current
1792 * build based on presence in the ciphersuite_definitions.
1793 */
1794 if( supported_init == 0 )
1795 {
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1796 const int *p;
1797 int *q;
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1798
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1799 for( p = ciphersuite_preference, q = supported_ciphersuites;
1800 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
1801 p++ )
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1802 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1803 const mbedtls_ssl_ciphersuite_t *cs_info;
1804 if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]1805 !ciphersuite_is_removed( cs_info ) )
1806 {
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1807 *(q++) = *p;
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]1808 }
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1809 }
Manuel Pégourié-Gonnardbc4b7f02013-09-07 15:04:26 +0200[diff] [blame]1810 *q = 0;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1811
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1812 supported_init = 1;
1813 }
1814
Paul Bakkerd8bb8262014-06-17 14:06:49 +0200[diff] [blame]1815 return( supported_ciphersuites );
Manuel Pégourié-Gonnardf78e4de2015-05-29 10:52:14 +0200[diff] [blame]1816}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1817#endif /* MBEDTLS_SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1818
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1819const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +0200[diff] [blame]1820 const char *ciphersuite_name )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1821{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1822 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1823
1824 if( NULL == ciphersuite_name )
1825 return( NULL );
1826
1827 while( cur->id != 0 )
1828 {
Manuel Pégourié-Gonnardcb46fd82015-05-28 17:06:07 +0200[diff] [blame]1829 if( 0 == strcmp( cur->name, ciphersuite_name ) )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1830 return( cur );
1831
1832 cur++;
1833 }
1834
1835 return( NULL );
1836}
1837
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1838const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1839{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1840 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1841
1842 while( cur->id != 0 )
1843 {
1844 if( cur->id == ciphersuite )
1845 return( cur );
1846
1847 cur++;
1848 }
1849
1850 return( NULL );
1851}
1852
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1853const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1854{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1855 const mbedtls_ssl_ciphersuite_t *cur;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1856
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1857 cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1858
1859 if( cur == NULL )
1860 return( "unknown" );
1861
1862 return( cur->name );
1863}
1864
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1865int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1866{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1867 const mbedtls_ssl_ciphersuite_t *cur;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1868
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1869 cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name );
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1870
1871 if( cur == NULL )
1872 return( 0 );
1873
1874 return( cur->id );
1875}
1876
Glenn Strauss8f526902022-01-13 00:04:49 -0500[diff] [blame]1877size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen( const mbedtls_ssl_ciphersuite_t *info )
1878{
Neil Armstrong801abb62022-05-04 17:38:10 +0200[diff] [blame]1879#if defined(MBEDTLS_USE_PSA_CRYPTO)
1880 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1881 psa_key_type_t key_type;
1882 psa_algorithm_t alg;
1883 size_t key_bits;
1884
1885 status = mbedtls_ssl_cipher_to_psa( info->cipher,
1886 info->flags & MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16,
1887 &alg, &key_type, &key_bits );
1888
1889 if( status != PSA_SUCCESS )
1890 return 0;
1891
1892 return key_bits;
1893#elif defined(MBEDTLS_CIPHER_C)
Glenn Strauss8f526902022-01-13 00:04:49 -0500[diff] [blame]1894 const mbedtls_cipher_info_t * const cipher_info =
1895 mbedtls_cipher_info_from_type( info->cipher );
1896
1897 return( mbedtls_cipher_info_get_key_bitlen( cipher_info ) );
1898#else
1899 (void)info;
1900 return( 0 );
1901#endif
1902}
1903
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1904#if defined(MBEDTLS_PK_C)
1905mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info )
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1906{
1907 switch( info->key_exchange )
1908 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1909 case MBEDTLS_KEY_EXCHANGE_RSA:
1910 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1911 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1912 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1913 return( MBEDTLS_PK_RSA );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1914
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1915 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1916 return( MBEDTLS_PK_ECDSA );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1917
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1918 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1919 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
1920 return( MBEDTLS_PK_ECKEY );
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1921
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1922 default:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1923 return( MBEDTLS_PK_NONE );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1924 }
1925}
Hanno Becker7e5437a2017-04-28 17:15:26 +0100[diff] [blame]1926
1927mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info )
1928{
1929 switch( info->key_exchange )
1930 {
1931 case MBEDTLS_KEY_EXCHANGE_RSA:
1932 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1933 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1934 return( MBEDTLS_PK_RSA );
1935
1936 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1937 return( MBEDTLS_PK_ECDSA );
1938
1939 default:
1940 return( MBEDTLS_PK_NONE );
1941 }
1942}
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]1943
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1944#endif /* MBEDTLS_PK_C */
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1945
Ron Eldor755bb6a2018-02-14 19:30:48 +0200[diff] [blame]1946#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
1947 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]1948int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
1949{
1950 switch( info->key_exchange )
1951 {
1952 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1953 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1954 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
1955 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1956 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
Ron Eldor755bb6a2018-02-14 19:30:48 +0200[diff] [blame]1957 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]1958 return( 1 );
1959
1960 default:
1961 return( 0 );
1962 }
1963}
Ron Eldor755bb6a2018-02-14 19:30:48 +0200[diff] [blame]1964#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]1965
Gilles Peskineeccd8882020-03-10 12:19:08 +0100[diff] [blame]1966#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]1967int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info )
1968{
1969 switch( info->key_exchange )
1970 {
1971 case MBEDTLS_KEY_EXCHANGE_PSK:
1972 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1973 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
1974 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
1975 return( 1 );
1976
1977 default:
1978 return( 0 );
1979 }
1980}
Gilles Peskineeccd8882020-03-10 12:19:08 +0100[diff] [blame]1981#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]1982
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1983#endif /* MBEDTLS_SSL_TLS_C */