TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 791684c058ce7d9eba7accc06c03eb714f18b60d / . / library / ssl_ciphersuites.c
blob: ea12146ef4c9f274964fa2f1f1a6b7a49b2578dc [file] [log] [blame]
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1/**
2 * \file ssl_ciphersuites.c
3 *
4 * \brief SSL ciphersuites for PolarSSL
5 *
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]6 * Copyright (C) 2006-2014, Brainspark B.V.
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]7 *
8 * This file is part of PolarSSL (http://www.polarssl.org)
9 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
10 *
11 * All rights reserved.
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License along
24 * with this program; if not, write to the Free Software Foundation, Inc.,
25 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 */
27
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]28#if !defined(POLARSSL_CONFIG_FILE)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]29#include "polarssl/config.h"
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]30#else
31#include POLARSSL_CONFIG_FILE
32#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]33
34#if defined(POLARSSL_SSL_TLS_C)
35
36#include "polarssl/ssl_ciphersuites.h"
37#include "polarssl/ssl.h"
38
39#include <stdlib.h>
40
Paul Bakker6edcd412013-10-29 15:22:54 +0100[diff] [blame]41#if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \
42 !defined(EFI32)
Manuel Pégourié-Gonnard9654fb12013-10-03 11:53:05 +0200[diff] [blame]43#define strcasecmp _stricmp
44#endif
45
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]46/*
47 * Ordered from most preferred to least preferred in terms of security.
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]48 *
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame]49 * Current rule (except rc4, weak and null which come last):
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]50 * 1. By key exchange:
51 * Forward-secure non-PSK > forward-secure PSK > other non-PSK > other PSK
52 * 2. By key length and cipher:
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame]53 * AES-256 > Camellia-256 > AES-128 > Camellia-128 > 3DES
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]54 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]55 * 4. By hash function used when relevant
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]56 * 5. By key exchange/auth again: EC > non-EC
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]57 */
58static const int ciphersuite_preference[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]59{
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]60 /* All AES-256 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]61 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]62 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]63 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]64 TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
65 TLS_DHE_RSA_WITH_AES_256_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]66 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
67 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
68 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]69 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]70 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]71 TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]72 TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
73 TLS_DHE_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]74
75 /* All CAMELLIA-256 ephemeral suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]76 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
77 TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
78 TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]79 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]80 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]81 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]82 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]83
84 /* All AES-128 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]85 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]86 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]87 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]88 TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
89 TLS_DHE_RSA_WITH_AES_128_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]90 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
91 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
92 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]93 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]94 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
95 TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]96 TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
97 TLS_DHE_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]98
99 /* All CAMELLIA-128 ephemeral suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]100 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
101 TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
102 TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]103 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]104 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]105 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]106 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]107
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]108 /* All remaining >= 128-bit ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]109 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]110 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]111 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]112
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]113 /* The PSK ephemeral suites */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]114 TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]115 TLS_DHE_PSK_WITH_AES_256_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]116 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
117 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
118 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
119 TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]120 TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]121 TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]122 TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]123 TLS_DHE_PSK_WITH_AES_256_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]124
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]125 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]126 TLS_DHE_PSK_WITH_AES_128_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]127 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
128 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
129 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
130 TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]131 TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]132 TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]133 TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]134 TLS_DHE_PSK_WITH_AES_128_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]135
136 TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]137 TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]138
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]139 /* All AES-256 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]140 TLS_RSA_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]141 TLS_RSA_WITH_AES_256_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]142 TLS_RSA_WITH_AES_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]143 TLS_RSA_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]144 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
145 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
146 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
147 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
148 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
149 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]150 TLS_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]151
152 /* All CAMELLIA-256 suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]153 TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]154 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]155 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]156 TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
157 TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
158 TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
159 TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]160
161 /* All AES-128 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]162 TLS_RSA_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]163 TLS_RSA_WITH_AES_128_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]164 TLS_RSA_WITH_AES_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]165 TLS_RSA_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]166 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
167 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
168 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
169 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
170 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
171 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]172 TLS_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]173
174 /* All CAMELLIA-128 suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]175 TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]176 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]177 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]178 TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
179 TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
180 TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
181 TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]182
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]183 /* All remaining >= 128-bit suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]184 TLS_RSA_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]185 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]186 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]187
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]188 /* The RSA PSK suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]189 TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]190 TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]191 TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]192 TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]193 TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]194
195 TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]196 TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]197 TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]198 TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]199 TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]200
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]201 TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]202
203 /* The PSK suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]204 TLS_PSK_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]205 TLS_PSK_WITH_AES_256_CCM,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]206 TLS_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]207 TLS_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]208 TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]209 TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]210 TLS_PSK_WITH_AES_256_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]211
212 TLS_PSK_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]213 TLS_PSK_WITH_AES_128_CCM,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]214 TLS_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]215 TLS_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]216 TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]217 TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]218 TLS_PSK_WITH_AES_128_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]219
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]220 TLS_PSK_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame]221
222 /* RC4 suites */
223 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
224 TLS_ECDHE_RSA_WITH_RC4_128_SHA,
225 TLS_ECDHE_PSK_WITH_RC4_128_SHA,
226 TLS_DHE_PSK_WITH_RC4_128_SHA,
227 TLS_RSA_WITH_RC4_128_SHA,
228 TLS_RSA_WITH_RC4_128_MD5,
229 TLS_ECDH_RSA_WITH_RC4_128_SHA,
230 TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
231 TLS_RSA_PSK_WITH_RC4_128_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]232 TLS_PSK_WITH_RC4_128_SHA,
233
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]234 /* Weak suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]235 TLS_DHE_RSA_WITH_DES_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]236 TLS_RSA_WITH_DES_CBC_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]237
238 /* NULL suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]239 TLS_ECDHE_ECDSA_WITH_NULL_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]240 TLS_ECDHE_RSA_WITH_NULL_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]241 TLS_ECDHE_PSK_WITH_NULL_SHA384,
242 TLS_ECDHE_PSK_WITH_NULL_SHA256,
243 TLS_ECDHE_PSK_WITH_NULL_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]244 TLS_DHE_PSK_WITH_NULL_SHA384,
245 TLS_DHE_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]246 TLS_DHE_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]247
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]248 TLS_RSA_WITH_NULL_SHA256,
249 TLS_RSA_WITH_NULL_SHA,
250 TLS_RSA_WITH_NULL_MD5,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]251 TLS_ECDH_RSA_WITH_NULL_SHA,
252 TLS_ECDH_ECDSA_WITH_NULL_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]253 TLS_RSA_PSK_WITH_NULL_SHA384,
254 TLS_RSA_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]255 TLS_RSA_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]256 TLS_PSK_WITH_NULL_SHA384,
257 TLS_PSK_WITH_NULL_SHA256,
258 TLS_PSK_WITH_NULL_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]259
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]260 0
261};
262
263static const ssl_ciphersuite_t ciphersuite_definitions[] =
264{
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]265#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
266#if defined(POLARSSL_AES_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]267#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]268#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]269 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
270 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
271 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
272 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]273 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]274 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
275 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
276 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
277 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]278 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]279#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]280#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]281#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]282#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]283 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
284 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
285 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
286 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]287 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]288#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]289#if defined(POLARSSL_GCM_C)
290 { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
291 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
292 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
293 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]294 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]295#endif /* POLARSSL_GCM_C */
296#endif /* POLARSSL_SHA256_C */
297#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]298#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]299 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
300 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
301 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
302 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]303 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]304#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]305#if defined(POLARSSL_GCM_C)
306 { TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
307 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
308 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
309 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]310 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]311#endif /* POLARSSL_GCM_C */
312#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]313#if defined(POLARSSL_CCM_C)
314 { TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
315 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
316 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
317 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
318 0 },
319 { TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
320 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
321 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
322 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
323 POLARSSL_CIPHERSUITE_SHORT_TAG },
324 { TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
325 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
326 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
327 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
328 0 },
329 { TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
330 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
331 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
332 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
333 POLARSSL_CIPHERSUITE_SHORT_TAG },
334#endif /* POLARSSL_CCM_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]335#endif /* POLARSSL_AES_C */
336
337#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]338#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]339#if defined(POLARSSL_SHA256_C)
340 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
341 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]342 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]343 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]344 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]345#endif /* POLARSSL_SHA256_C */
346#if defined(POLARSSL_SHA512_C)
347 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
348 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]349 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]350 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]351 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]352#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]353#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]354
355#if defined(POLARSSL_GCM_C)
356#if defined(POLARSSL_SHA256_C)
357 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
358 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
359 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
360 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
361 0 },
362#endif /* POLARSSL_SHA256_C */
363#if defined(POLARSSL_SHA512_C)
364 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
365 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
366 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
367 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
368 0 },
369#endif /* POLARSSL_SHA512_C */
370#endif /* POLARSSL_GCM_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]371#endif /* POLARSSL_CAMELLIA_C */
372
373#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]374#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]375#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]376 { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
377 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
378 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
379 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]380 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]381#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]382#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]383#endif /* POLARSSL_DES_C */
384
385#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]386#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]387 { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
388 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
389 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
390 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]391 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]392#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]393#endif /* POLARSSL_ARC4_C */
394
395#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]396#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]397 { TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
398 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
399 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
400 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]401 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]402#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]403#endif /* POLARSSL_CIPHER_NULL_CIPHER */
404#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
405
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]406#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]407#if defined(POLARSSL_AES_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]408#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]409#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]410 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
411 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
412 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
413 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]414 0 },
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]415 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
416 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
417 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
418 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]419 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]420#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]421#endif /* POLARSSL_SHA1_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]422#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]423#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]424 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
425 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
426 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
427 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]428 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]429#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]430#if defined(POLARSSL_GCM_C)
431 { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
432 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
433 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
434 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]435 0 },
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]436#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]437#endif /* POLARSSL_SHA256_C */
438#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]439#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]440 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
441 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
442 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
443 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]444 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]445#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]446#if defined(POLARSSL_GCM_C)
447 { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
448 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
449 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
450 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]451 0 },
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]452#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]453#endif /* POLARSSL_SHA512_C */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]454#endif /* POLARSSL_AES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]455
456#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]457#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]458#if defined(POLARSSL_SHA256_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]459 { TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
460 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]461 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]462 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]463 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]464#endif /* POLARSSL_SHA256_C */
465#if defined(POLARSSL_SHA512_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]466 { TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
467 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]468 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]469 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]470 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]471#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]472#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]473
474#if defined(POLARSSL_GCM_C)
475#if defined(POLARSSL_SHA256_C)
476 { TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
477 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
478 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
479 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
480 0 },
481#endif /* POLARSSL_SHA256_C */
482#if defined(POLARSSL_SHA512_C)
483 { TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
484 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
485 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
486 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
487 0 },
488#endif /* POLARSSL_SHA512_C */
489#endif /* POLARSSL_GCM_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]490#endif /* POLARSSL_CAMELLIA_C */
491
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]492#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]493#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]494#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]495 { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
496 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
497 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
498 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]499 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]500#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]501#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]502#endif /* POLARSSL_DES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]503
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]504#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]505#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]506 { TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
507 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
508 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
509 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]510 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]511#endif /* POLARSSL_SHA1_C */
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]512#endif /* POLARSSL_ARC4_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]513
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]514#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]515#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]516 { TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
517 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
518 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
519 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]520 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]521#endif /* POLARSSL_SHA1_C */
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]522#endif /* POLARSSL_CIPHER_NULL_CIPHER */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]523#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]524
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]525#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]526#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]527#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]528 { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
529 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA,
530 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
531 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
532 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]533#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]534
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]535#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]536#if defined(POLARSSL_GCM_C)
537 { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
538 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
539 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
540 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
541 0 },
542#endif /* POLARSSL_GCM_C */
543
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]544#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]545 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
546 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
547 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
548 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
549 0 },
550
551 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
552 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
553 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
554 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
555 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]556#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]557#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]558
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]559#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]560#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]561 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
562 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
563 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
564 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
565 0 },
566
567 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
568 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
569 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
570 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
571 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]572#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]573#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]574#if defined(POLARSSL_CCM_C)
575 { TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
576 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
577 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
578 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
579 0 },
580 { TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
581 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
582 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
583 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
584 POLARSSL_CIPHERSUITE_SHORT_TAG },
585 { TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
586 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
587 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
588 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
589 0 },
590 { TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
591 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
592 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
593 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
594 POLARSSL_CIPHERSUITE_SHORT_TAG },
595#endif /* POLARSSL_CCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]596#endif /* POLARSSL_AES_C */
597
598#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]599#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]600#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]601 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
602 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
603 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
604 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
605 0 },
606
607 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
608 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
609 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
610 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
611 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]612#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]613
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]614#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]615 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
616 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
617 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
618 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
619 0 },
620
621 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
622 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
623 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
624 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
625 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]626#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]627#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]628#if defined(POLARSSL_GCM_C)
629#if defined(POLARSSL_SHA256_C)
630 { TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
631 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
632 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
633 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
634 0 },
635#endif /* POLARSSL_SHA256_C */
636
637#if defined(POLARSSL_SHA512_C)
638 { TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
639 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA,
640 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
641 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
642 0 },
643#endif /* POLARSSL_SHA512_C */
644#endif /* POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]645#endif /* POLARSSL_CAMELLIA_C */
646
647#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]648#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]649#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]650 { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
651 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
652 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
653 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
654 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]655#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]656#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]657#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]658#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]659
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]660#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]661#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]662#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]663 { TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
664 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
665 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
666 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
667 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]668#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]669
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]670#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]671#if defined(POLARSSL_GCM_C)
672 { TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
673 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
674 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
675 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
676 0 },
677#endif /* POLARSSL_GCM_C */
678
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]679#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]680 { TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
681 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
682 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
683 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
684 0 },
685
686 { TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
687 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
688 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
689 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
690 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]691#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]692#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]693
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]694#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]695#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]696 { TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
697 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
698 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
699 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
700 0 },
701
702 { TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
703 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
704 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
705 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
706 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]707#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]708#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]709#if defined(POLARSSL_CCM_C)
710 { TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
711 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
712 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
713 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
714 0 },
715 { TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
716 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
717 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
718 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
719 POLARSSL_CIPHERSUITE_SHORT_TAG },
720 { TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
721 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
722 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
723 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
724 0 },
725 { TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
726 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
727 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
728 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
729 POLARSSL_CIPHERSUITE_SHORT_TAG },
730#endif /* POLARSSL_CCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]731#endif /* POLARSSL_AES_C */
732
733#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]734#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]735#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]736 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
737 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
738 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
739 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
740 0 },
741
742 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
743 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
744 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
745 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
746 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]747#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]748
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]749#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]750 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
751 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
752 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
753 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
754 0 },
755
756 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
757 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
758 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
759 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
760 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]761#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]762#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]763
764#if defined(POLARSSL_GCM_C)
765#if defined(POLARSSL_SHA256_C)
766 { TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
767 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
768 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
769 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
770 0 },
771#endif /* POLARSSL_SHA256_C */
772
773#if defined(POLARSSL_SHA1_C)
774 { TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
775 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
776 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
777 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
778 0 },
779#endif /* POLARSSL_SHA1_C */
780#endif /* POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]781#endif /* POLARSSL_CAMELLIA_C */
782
783#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]784#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]785#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]786 { TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
787 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
788 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
789 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
790 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]791#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]792#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]793#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]794
795#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]796#if defined(POLARSSL_MD5_C)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]797 { TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
798 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
799 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
800 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
801 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]802#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]803
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]804#if defined(POLARSSL_SHA1_C)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]805 { TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
806 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
807 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
808 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
809 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]810#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]811#endif /* POLARSSL_ARC4_C */
812#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]813
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]814#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED)
815#if defined(POLARSSL_AES_C)
816#if defined(POLARSSL_SHA1_C)
817#if defined(POLARSSL_CIPHER_MODE_CBC)
818 { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
819 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
820 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
821 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
822 0 },
823 { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
824 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
825 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
826 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
827 0 },
828#endif /* POLARSSL_CIPHER_MODE_CBC */
829#endif /* POLARSSL_SHA1_C */
830#if defined(POLARSSL_SHA256_C)
831#if defined(POLARSSL_CIPHER_MODE_CBC)
832 { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
833 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
834 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
835 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
836 0 },
837#endif /* POLARSSL_CIPHER_MODE_CBC */
838#if defined(POLARSSL_GCM_C)
839 { TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
840 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
841 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
842 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
843 0 },
844#endif /* POLARSSL_GCM_C */
845#endif /* POLARSSL_SHA256_C */
846#if defined(POLARSSL_SHA512_C)
847#if defined(POLARSSL_CIPHER_MODE_CBC)
848 { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
849 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
850 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
851 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
852 0 },
853#endif /* POLARSSL_CIPHER_MODE_CBC */
854#if defined(POLARSSL_GCM_C)
855 { TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
856 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
857 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
858 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
859 0 },
860#endif /* POLARSSL_GCM_C */
861#endif /* POLARSSL_SHA512_C */
862#endif /* POLARSSL_AES_C */
863
864#if defined(POLARSSL_CAMELLIA_C)
865#if defined(POLARSSL_CIPHER_MODE_CBC)
866#if defined(POLARSSL_SHA256_C)
867 { TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
868 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
869 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
870 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
871 0 },
872#endif /* POLARSSL_SHA256_C */
873#if defined(POLARSSL_SHA512_C)
874 { TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
875 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
876 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
877 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
878 0 },
879#endif /* POLARSSL_SHA512_C */
880#endif /* POLARSSL_CIPHER_MODE_CBC */
881
882#if defined(POLARSSL_GCM_C)
883#if defined(POLARSSL_SHA256_C)
884 { TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
885 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
886 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
887 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
888 0 },
889#endif /* POLARSSL_SHA256_C */
890#if defined(POLARSSL_SHA512_C)
891 { TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
892 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
893 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
894 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
895 0 },
896#endif /* POLARSSL_SHA512_C */
897#endif /* POLARSSL_GCM_C */
898#endif /* POLARSSL_CAMELLIA_C */
899
900#if defined(POLARSSL_DES_C)
901#if defined(POLARSSL_CIPHER_MODE_CBC)
902#if defined(POLARSSL_SHA1_C)
903 { TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
904 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
905 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
906 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
907 0 },
908#endif /* POLARSSL_SHA1_C */
909#endif /* POLARSSL_CIPHER_MODE_CBC */
910#endif /* POLARSSL_DES_C */
911
912#if defined(POLARSSL_ARC4_C)
913#if defined(POLARSSL_SHA1_C)
914 { TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA",
915 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
916 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
917 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
918 0 },
919#endif /* POLARSSL_SHA1_C */
920#endif /* POLARSSL_ARC4_C */
921
922#if defined(POLARSSL_CIPHER_NULL_CIPHER)
923#if defined(POLARSSL_SHA1_C)
924 { TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
925 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
926 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
927 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
928 POLARSSL_CIPHERSUITE_WEAK },
929#endif /* POLARSSL_SHA1_C */
930#endif /* POLARSSL_CIPHER_NULL_CIPHER */
931#endif /* POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED */
932
933#if defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
934#if defined(POLARSSL_AES_C)
935#if defined(POLARSSL_SHA1_C)
936#if defined(POLARSSL_CIPHER_MODE_CBC)
937 { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
938 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
939 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
940 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
941 0 },
942 { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
943 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
944 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
945 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
946 0 },
947#endif /* POLARSSL_CIPHER_MODE_CBC */
948#endif /* POLARSSL_SHA1_C */
949#if defined(POLARSSL_SHA256_C)
950#if defined(POLARSSL_CIPHER_MODE_CBC)
951 { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
952 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
953 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
954 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
955 0 },
956#endif /* POLARSSL_CIPHER_MODE_CBC */
957#if defined(POLARSSL_GCM_C)
958 { TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
959 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
960 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
961 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
962 0 },
963#endif /* POLARSSL_GCM_C */
964#endif /* POLARSSL_SHA256_C */
965#if defined(POLARSSL_SHA512_C)
966#if defined(POLARSSL_CIPHER_MODE_CBC)
967 { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
968 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
969 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
970 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
971 0 },
972#endif /* POLARSSL_CIPHER_MODE_CBC */
973#if defined(POLARSSL_GCM_C)
974 { TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
975 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
976 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
977 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
978 0 },
979#endif /* POLARSSL_GCM_C */
980#endif /* POLARSSL_SHA512_C */
981#endif /* POLARSSL_AES_C */
982
983#if defined(POLARSSL_CAMELLIA_C)
984#if defined(POLARSSL_CIPHER_MODE_CBC)
985#if defined(POLARSSL_SHA256_C)
986 { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
987 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
988 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
989 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
990 0 },
991#endif /* POLARSSL_SHA256_C */
992#if defined(POLARSSL_SHA512_C)
993 { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
994 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
995 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
996 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
997 0 },
998#endif /* POLARSSL_SHA512_C */
999#endif /* POLARSSL_CIPHER_MODE_CBC */
1000
1001#if defined(POLARSSL_GCM_C)
1002#if defined(POLARSSL_SHA256_C)
1003 { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
1004 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1005 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1006 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1007 0 },
1008#endif /* POLARSSL_SHA256_C */
1009#if defined(POLARSSL_SHA512_C)
1010 { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
1011 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1012 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1013 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1014 0 },
1015#endif /* POLARSSL_SHA512_C */
1016#endif /* POLARSSL_GCM_C */
1017#endif /* POLARSSL_CAMELLIA_C */
1018
1019#if defined(POLARSSL_DES_C)
1020#if defined(POLARSSL_CIPHER_MODE_CBC)
1021#if defined(POLARSSL_SHA1_C)
1022 { TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
1023 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1024 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
1025 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1026 0 },
1027#endif /* POLARSSL_SHA1_C */
1028#endif /* POLARSSL_CIPHER_MODE_CBC */
1029#endif /* POLARSSL_DES_C */
1030
1031#if defined(POLARSSL_ARC4_C)
1032#if defined(POLARSSL_SHA1_C)
1033 { TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA",
1034 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1035 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
1036 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1037 0 },
1038#endif /* POLARSSL_SHA1_C */
1039#endif /* POLARSSL_ARC4_C */
1040
1041#if defined(POLARSSL_CIPHER_NULL_CIPHER)
1042#if defined(POLARSSL_SHA1_C)
1043 { TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
1044 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1045 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
1046 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1047 POLARSSL_CIPHERSUITE_WEAK },
1048#endif /* POLARSSL_SHA1_C */
1049#endif /* POLARSSL_CIPHER_NULL_CIPHER */
1050#endif /* POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
1051
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1052#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
1053#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1054#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1055#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1056 { TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
1057 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
1058 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1059 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1060 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1061#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1062
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1063#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1064 { TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
1065 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
1066 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1067 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1068 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1069#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1070#endif /* POLARSSL_GCM_C */
1071
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1072#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1073#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1074 { TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1075 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1076 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1077 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1078 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1079#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1080
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1081#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1082 { TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1083 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1084 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1085 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1086 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1087#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1088
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1089#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1090 { TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1091 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1092 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1093 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1094 0 },
1095
1096 { TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1097 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1098 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1099 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1100 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1101#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1102#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1103#if defined(POLARSSL_CCM_C)
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1104 { TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
1105 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1106 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1107 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1108 0 },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1109 { TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
1110 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1111 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1112 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1113 POLARSSL_CIPHERSUITE_SHORT_TAG },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1114 { TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
1115 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1116 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1117 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1118 0 },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1119 { TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
1120 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1121 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1122 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1123 POLARSSL_CIPHERSUITE_SHORT_TAG },
1124#endif /* POLARSSL_CCM_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1125#endif /* POLARSSL_AES_C */
1126
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1127#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1128#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1129#if defined(POLARSSL_SHA256_C)
1130 { TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1131 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1132 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1133 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1134 0 },
1135#endif /* POLARSSL_SHA256_C */
1136
1137#if defined(POLARSSL_SHA512_C)
1138 { TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1139 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1140 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1141 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1142 0 },
1143#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1144#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1145
1146#if defined(POLARSSL_GCM_C)
1147#if defined(POLARSSL_SHA256_C)
1148 { TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1149 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
1150 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1151 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1152 0 },
1153#endif /* POLARSSL_SHA256_C */
1154
1155#if defined(POLARSSL_SHA512_C)
1156 { TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1157 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
1158 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1159 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1160 0 },
1161#endif /* POLARSSL_SHA512_C */
1162#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1163#endif /* POLARSSL_CAMELLIA_C */
1164
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1165#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1166#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1167#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1168 { TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
1169 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1170 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1171 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1172 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1173#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1174#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1175#endif /* POLARSSL_DES_C */
1176
1177#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1178#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1179 { TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
1180 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1181 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1182 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1183 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1184#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1185#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1186#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1187
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1188#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1189#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1190#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1191#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1192 { TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1193 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1194 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1195 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1196 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1197#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1198
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1199#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1200 { TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1201 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1202 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1203 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1204 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1205#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1206#endif /* POLARSSL_GCM_C */
1207
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1208#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1209#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1210 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1211 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1212 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1213 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1214 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1215#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1216
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1217#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1218 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1219 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1220 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1221 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1222 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1223#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1224
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1225#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1226 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1227 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1228 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1229 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1230 0 },
1231
1232 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1233 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1234 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1235 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1236 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1237#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1238#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1239#if defined(POLARSSL_CCM_C)
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1240 { TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
1241 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1242 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1243 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1244 0 },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1245 { TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1246 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1247 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1248 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1249 POLARSSL_CIPHERSUITE_SHORT_TAG },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1250 { TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
1251 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1252 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1253 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1254 0 },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1255 { TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1256 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1257 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1258 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1259 POLARSSL_CIPHERSUITE_SHORT_TAG },
1260#endif /* POLARSSL_CCM_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1261#endif /* POLARSSL_AES_C */
1262
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1263#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1264#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1265#if defined(POLARSSL_SHA256_C)
1266 { TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1267 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1268 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1269 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1270 0 },
1271#endif /* POLARSSL_SHA256_C */
1272
1273#if defined(POLARSSL_SHA512_C)
1274 { TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1275 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1276 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1277 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1278 0 },
1279#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1280#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1281
1282#if defined(POLARSSL_GCM_C)
1283#if defined(POLARSSL_SHA256_C)
1284 { TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1285 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1286 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1287 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1288 0 },
1289#endif /* POLARSSL_SHA256_C */
1290
1291#if defined(POLARSSL_SHA512_C)
1292 { TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1293 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1294 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1295 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1296 0 },
1297#endif /* POLARSSL_SHA512_C */
1298#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1299#endif /* POLARSSL_CAMELLIA_C */
1300
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1301#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1302#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1303#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1304 { TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
1305 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1306 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1307 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1308 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1309#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1310#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1311#endif /* POLARSSL_DES_C */
1312
1313#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1314#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1315 { TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
1316 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1317 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1318 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1319 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1320#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1321#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1322#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1323
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1324#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1325#if defined(POLARSSL_AES_C)
1326
1327#if defined(POLARSSL_CIPHER_MODE_CBC)
1328#if defined(POLARSSL_SHA256_C)
1329 { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1330 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1331 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1332 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1333 0 },
1334#endif /* POLARSSL_SHA256_C */
1335
1336#if defined(POLARSSL_SHA512_C)
1337 { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1338 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1339 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1340 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1341 0 },
1342#endif /* POLARSSL_SHA512_C */
1343
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1344#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1345 { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1346 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1347 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1348 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1349 0 },
1350
1351 { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1352 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1353 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1354 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1355 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1356#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1357#endif /* POLARSSL_CIPHER_MODE_CBC */
1358#endif /* POLARSSL_AES_C */
1359
1360#if defined(POLARSSL_CAMELLIA_C)
1361#if defined(POLARSSL_CIPHER_MODE_CBC)
1362#if defined(POLARSSL_SHA256_C)
1363 { TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1364 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1365 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1366 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1367 0 },
1368#endif /* POLARSSL_SHA256_C */
1369
1370#if defined(POLARSSL_SHA512_C)
1371 { TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1372 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1373 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1374 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1375 0 },
1376#endif /* POLARSSL_SHA512_C */
1377#endif /* POLARSSL_CIPHER_MODE_CBC */
1378#endif /* POLARSSL_CAMELLIA_C */
1379
1380#if defined(POLARSSL_DES_C)
1381#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1382#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1383 { TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
1384 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1385 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1386 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1387 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1388#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1389#endif /* POLARSSL_CIPHER_MODE_CBC */
1390#endif /* POLARSSL_DES_C */
1391
1392#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1393#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1394 { TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
1395 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1396 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1397 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1398 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1399#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1400#endif /* POLARSSL_ARC4_C */
1401#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1402
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1403#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1404#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1405#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1406#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1407 { TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1408 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1409 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1410 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1411 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1412#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1413
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1414#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1415 { TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1416 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1417 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1418 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1419 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1420#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1421#endif /* POLARSSL_GCM_C */
1422
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1423#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1424#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1425 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1426 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1427 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1428 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1429 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1430#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1431
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1432#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1433 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1434 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1435 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1436 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1437 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1438#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1439
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1440#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1441 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1442 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1443 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1444 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1445 0 },
1446
1447 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1448 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1449 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1450 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1451 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1452#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1453#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1454#endif /* POLARSSL_AES_C */
1455
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1456#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1457#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1458#if defined(POLARSSL_SHA256_C)
1459 { TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1460 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1461 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1462 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1463 0 },
1464#endif /* POLARSSL_SHA256_C */
1465
1466#if defined(POLARSSL_SHA512_C)
1467 { TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1468 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1469 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1470 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1471 0 },
1472#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1473#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1474
1475#if defined(POLARSSL_GCM_C)
1476#if defined(POLARSSL_SHA256_C)
1477 { TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1478 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1479 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1480 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1481 0 },
1482#endif /* POLARSSL_SHA256_C */
1483
1484#if defined(POLARSSL_SHA512_C)
1485 { TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1486 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1487 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1488 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1489 0 },
1490#endif /* POLARSSL_SHA512_C */
1491#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1492#endif /* POLARSSL_CAMELLIA_C */
1493
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1494#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1495#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1496#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1497 { TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
1498 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1499 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1500 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1501 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1502#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1503#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1504#endif /* POLARSSL_DES_C */
1505
1506#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1507#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1508 { TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
1509 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1510 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1511 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1512 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1513#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1514#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1515#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1516
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1517#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES)
1518#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1519#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1520#if defined(POLARSSL_MD5_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1521 { TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1522 POLARSSL_CIPHER_NULL, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
1523 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1524 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1525 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1526#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1527
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1528#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1529 { TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1530 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
1531 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1532 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1533 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1534#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1535
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1536#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1537 { TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1538 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
1539 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1540 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1541 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1542#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1543#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1544
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1545#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1546#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1547 { TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1548 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1549 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1550 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1551 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1552#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1553
1554#if defined(POLARSSL_SHA256_C)
1555 { TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1556 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1557 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1558 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1559 POLARSSL_CIPHERSUITE_WEAK },
1560#endif
1561
1562#if defined(POLARSSL_SHA512_C)
1563 { TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1564 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1565 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1566 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1567 POLARSSL_CIPHERSUITE_WEAK },
1568#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1569#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
1570
1571#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1572#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1573 { TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1574 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1575 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1576 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1577 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1578#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1579
1580#if defined(POLARSSL_SHA256_C)
1581 { TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1582 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1583 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1584 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1585 POLARSSL_CIPHERSUITE_WEAK },
1586#endif
1587
1588#if defined(POLARSSL_SHA512_C)
1589 { TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1590 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1591 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1592 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1593 POLARSSL_CIPHERSUITE_WEAK },
1594#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1595#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
1596
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1597#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1598#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1599 { TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1600 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1601 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1602 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1603 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1604#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1605
1606#if defined(POLARSSL_SHA256_C)
1607 { TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1608 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1609 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1610 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1611 POLARSSL_CIPHERSUITE_WEAK },
1612#endif
1613
1614#if defined(POLARSSL_SHA512_C)
1615 { TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1616 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1617 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1618 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1619 POLARSSL_CIPHERSUITE_WEAK },
1620#endif
1621#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1622
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1623#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1624#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1625 { TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1626 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1627 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1628 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1629 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1630#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1631
1632#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1633 { TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1634 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1635 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1636 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1637 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1638#endif
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1639
1640#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1641 { TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1642 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1643 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1644 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1645 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1646#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1647#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
1648#endif /* POLARSSL_CIPHER_NULL_CIPHER */
1649
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1650#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1651#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1652#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1653#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1654 { TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
1655 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
1656 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1657 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1658 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1659#endif /* POLARSSL_SHA1_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1660#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1661
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1662#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1663#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1664 { TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
1665 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
1666 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1667 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1668 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1669#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1670#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
1671#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1672#endif /* POLARSSL_DES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1673#endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */
1674
1675 { 0, "", 0, 0, 0, 0, 0, 0, 0, 0 }
1676};
1677
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame^]1678#define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
1679 sizeof( ciphersuite_definitions[0] )
1680static int supported_ciphersuites[MAX_CIPHERSUITES];
1681static int supported_init = 0;
1682
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1683const int *ssl_list_ciphersuites( void )
1684{
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1685 /*
1686 * On initial call filter out all ciphersuites not supported by current
1687 * build based on presence in the ciphersuite_definitions.
1688 */
1689 if( supported_init == 0 )
1690 {
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame^]1691 const int *p;
1692 int *q;
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1693
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame^]1694 for( p = ciphersuite_preference, q = supported_ciphersuites;
1695 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
1696 p++ )
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1697 {
Manuel Pégourié-Gonnard01edb102014-06-24 22:42:34 +0200[diff] [blame]1698#if defined(POLARSSL_REMOVE_ARC4_CIPHERSUITES)
1699 const ssl_ciphersuite_t *cs_info;
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame^]1700 if( ( cs_info = ssl_ciphersuite_from_id( *p ) ) != NULL &&
Manuel Pégourié-Gonnard01edb102014-06-24 22:42:34 +0200[diff] [blame]1701 cs_info->cipher != POLARSSL_CIPHER_ARC4_128 )
1702#else
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame^]1703 if( ssl_ciphersuite_from_id( *p ) != NULL )
Manuel Pégourié-Gonnard01edb102014-06-24 22:42:34 +0200[diff] [blame]1704#endif
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame^]1705 *(q++) = *p;
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1706 }
Manuel Pégourié-Gonnardbc4b7f02013-09-07 15:04:26 +0200[diff] [blame]1707 *q = 0;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1708
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1709 supported_init = 1;
1710 }
1711
Paul Bakkerd8bb8262014-06-17 14:06:49 +0200[diff] [blame]1712 return( supported_ciphersuites );
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1713};
1714
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +0200[diff] [blame]1715const ssl_ciphersuite_t *ssl_ciphersuite_from_string(
1716 const char *ciphersuite_name )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1717{
1718 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1719
1720 if( NULL == ciphersuite_name )
1721 return( NULL );
1722
1723 while( cur->id != 0 )
1724 {
1725 if( 0 == strcasecmp( cur->name, ciphersuite_name ) )
1726 return( cur );
1727
1728 cur++;
1729 }
1730
1731 return( NULL );
1732}
1733
1734const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite )
1735{
1736 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1737
1738 while( cur->id != 0 )
1739 {
1740 if( cur->id == ciphersuite )
1741 return( cur );
1742
1743 cur++;
1744 }
1745
1746 return( NULL );
1747}
1748
1749const char *ssl_get_ciphersuite_name( const int ciphersuite_id )
1750{
1751 const ssl_ciphersuite_t *cur;
1752
1753 cur = ssl_ciphersuite_from_id( ciphersuite_id );
1754
1755 if( cur == NULL )
1756 return( "unknown" );
1757
1758 return( cur->name );
1759}
1760
1761int ssl_get_ciphersuite_id( const char *ciphersuite_name )
1762{
1763 const ssl_ciphersuite_t *cur;
1764
1765 cur = ssl_ciphersuite_from_string( ciphersuite_name );
1766
1767 if( cur == NULL )
1768 return( 0 );
1769
1770 return( cur->id );
1771}
1772
Manuel Pégourié-Gonnard1a483832013-09-20 12:29:15 +0200[diff] [blame]1773#if defined(POLARSSL_PK_C)
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1774pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info )
1775{
1776 switch( info->key_exchange )
1777 {
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1778 case POLARSSL_KEY_EXCHANGE_RSA:
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1779 case POLARSSL_KEY_EXCHANGE_DHE_RSA:
1780 case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1781 case POLARSSL_KEY_EXCHANGE_RSA_PSK:
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1782 return( POLARSSL_PK_RSA );
1783
1784 case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
1785 return( POLARSSL_PK_ECDSA );
1786
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1787 case POLARSSL_KEY_EXCHANGE_ECDH_RSA:
1788 case POLARSSL_KEY_EXCHANGE_ECDH_ECDSA:
1789 return( POLARSSL_PK_ECKEY );
1790
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1791 default:
1792 return( POLARSSL_PK_NONE );
1793 }
1794}
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1795#endif /* POLARSSL_PK_C */
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1796
Manuel Pégourié-Gonnard280f95b2014-01-18 18:28:58 +0100[diff] [blame]1797#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C)
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1798int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info )
1799{
1800 switch( info->key_exchange )
1801 {
1802 case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
1803 case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1804 case POLARSSL_KEY_EXCHANGE_ECDHE_PSK:
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1805 case POLARSSL_KEY_EXCHANGE_ECDH_RSA:
1806 case POLARSSL_KEY_EXCHANGE_ECDH_ECDSA:
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1807 return( 1 );
1808
1809 default:
1810 return( 0 );
1811 }
1812}
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1813#endif /* POLARSSL_ECDH_C || POLARSSL_ECDSA_C */
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1814
Manuel Pégourié-Gonnard280f95b2014-01-18 18:28:58 +0100[diff] [blame]1815#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
Manuel Pégourié-Gonnard21ef42f2013-10-27 14:47:25 +0100[diff] [blame]1816int ssl_ciphersuite_uses_psk( const ssl_ciphersuite_t *info )
1817{
1818 switch( info->key_exchange )
1819 {
1820 case POLARSSL_KEY_EXCHANGE_PSK:
1821 case POLARSSL_KEY_EXCHANGE_RSA_PSK:
1822 case POLARSSL_KEY_EXCHANGE_DHE_PSK:
1823 case POLARSSL_KEY_EXCHANGE_ECDHE_PSK:
1824 return( 1 );
1825
1826 default:
1827 return( 0 );
1828 }
1829}
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1830#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */
Manuel Pégourié-Gonnard21ef42f2013-10-27 14:47:25 +0100[diff] [blame]1831
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1832#endif /* POLARSSL_SSL_TLS_C */