TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 7f8099773edc34ac29e01ee0da6960526f41bcb2 / . / library / ssl_ciphersuites.c
blob: 11c46a590d2f93105c55070e7e700979f296cf38 [file] [log] [blame]
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1/**
2 * \file ssl_ciphersuites.c
3 *
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +0000[diff] [blame]4 * \brief SSL ciphersuites for mbed TLS
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]5 *
Manuel Pégourié-Gonnarda658a402015-01-23 09:45:19 +0000[diff] [blame]6 * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]7 *
Manuel Pégourié-Gonnardfe446432015-03-06 13:17:10 +0000[diff] [blame]8 * This file is part of mbed TLS (https://tls.mbed.org)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License along
21 * with this program; if not, write to the Free Software Foundation, Inc.,
22 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23 */
24
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]25#if !defined(POLARSSL_CONFIG_FILE)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame^]26#include "mbedtls/config.h"
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]27#else
28#include POLARSSL_CONFIG_FILE
29#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]30
31#if defined(POLARSSL_SSL_TLS_C)
32
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame^]33#include "mbedtls/ssl_ciphersuites.h"
34#include "mbedtls/ssl.h"
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]35
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]36// #include <stdlib.h>
37#include <string.h>
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]38
Paul Bakker6edcd412013-10-29 15:22:54 +0100[diff] [blame]39#if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \
40 !defined(EFI32)
Manuel Pégourié-Gonnard9654fb12013-10-03 11:53:05 +0200[diff] [blame]41#define strcasecmp _stricmp
42#endif
43
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]44/*
45 * Ordered from most preferred to least preferred in terms of security.
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]46 *
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame]47 * Current rule (except rc4, weak and null which come last):
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]48 * 1. By key exchange:
49 * Forward-secure non-PSK > forward-secure PSK > other non-PSK > other PSK
50 * 2. By key length and cipher:
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame]51 * AES-256 > Camellia-256 > AES-128 > Camellia-128 > 3DES
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]52 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]53 * 4. By hash function used when relevant
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]54 * 5. By key exchange/auth again: EC > non-EC
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]55 */
56static const int ciphersuite_preference[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]57{
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]58#if defined(SSL_CIPHERSUITES)
59 SSL_CIPHERSUITES,
60#else
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]61 /* All AES-256 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]62 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]63 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]64 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]65 TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
66 TLS_DHE_RSA_WITH_AES_256_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]67 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
68 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
69 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]70 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]71 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]72 TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]73 TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
74 TLS_DHE_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]75
76 /* All CAMELLIA-256 ephemeral suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]77 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
78 TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
79 TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]80 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]81 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]82 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]83 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]84
85 /* All AES-128 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]86 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]87 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]88 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]89 TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
90 TLS_DHE_RSA_WITH_AES_128_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]91 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
92 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
93 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]94 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]95 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
96 TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]97 TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
98 TLS_DHE_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]99
100 /* All CAMELLIA-128 ephemeral suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]101 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
102 TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
103 TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]104 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]105 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]106 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]107 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]108
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]109 /* All remaining >= 128-bit ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]110 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]111 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]112 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]113
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]114 /* The PSK ephemeral suites */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]115 TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]116 TLS_DHE_PSK_WITH_AES_256_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]117 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
118 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
119 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
120 TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]121 TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]122 TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]123 TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]124 TLS_DHE_PSK_WITH_AES_256_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]125
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]126 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]127 TLS_DHE_PSK_WITH_AES_128_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]128 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
129 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
130 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
131 TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]132 TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]133 TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]134 TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]135 TLS_DHE_PSK_WITH_AES_128_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]136
137 TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]138 TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]139
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]140 /* All AES-256 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]141 TLS_RSA_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]142 TLS_RSA_WITH_AES_256_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]143 TLS_RSA_WITH_AES_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]144 TLS_RSA_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]145 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
146 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
147 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
148 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
149 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
150 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]151 TLS_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]152
153 /* All CAMELLIA-256 suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]154 TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]155 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]156 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]157 TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
158 TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
159 TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
160 TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]161
162 /* All AES-128 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]163 TLS_RSA_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]164 TLS_RSA_WITH_AES_128_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]165 TLS_RSA_WITH_AES_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]166 TLS_RSA_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]167 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
168 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
169 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
170 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
171 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
172 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]173 TLS_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]174
175 /* All CAMELLIA-128 suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]176 TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]177 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]178 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]179 TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
180 TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
181 TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
182 TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]183
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]184 /* All remaining >= 128-bit suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]185 TLS_RSA_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]186 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]187 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]188
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]189 /* The RSA PSK suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]190 TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]191 TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]192 TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]193 TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]194 TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]195
196 TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]197 TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]198 TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]199 TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]200 TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]201
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]202 TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]203
204 /* The PSK suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]205 TLS_PSK_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]206 TLS_PSK_WITH_AES_256_CCM,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]207 TLS_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]208 TLS_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]209 TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]210 TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]211 TLS_PSK_WITH_AES_256_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]212
213 TLS_PSK_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]214 TLS_PSK_WITH_AES_128_CCM,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]215 TLS_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]216 TLS_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]217 TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]218 TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]219 TLS_PSK_WITH_AES_128_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]220
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]221 TLS_PSK_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame]222
223 /* RC4 suites */
224 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
225 TLS_ECDHE_RSA_WITH_RC4_128_SHA,
226 TLS_ECDHE_PSK_WITH_RC4_128_SHA,
227 TLS_DHE_PSK_WITH_RC4_128_SHA,
228 TLS_RSA_WITH_RC4_128_SHA,
229 TLS_RSA_WITH_RC4_128_MD5,
230 TLS_ECDH_RSA_WITH_RC4_128_SHA,
231 TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
232 TLS_RSA_PSK_WITH_RC4_128_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]233 TLS_PSK_WITH_RC4_128_SHA,
234
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]235 /* Weak suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]236 TLS_DHE_RSA_WITH_DES_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]237 TLS_RSA_WITH_DES_CBC_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]238
239 /* NULL suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]240 TLS_ECDHE_ECDSA_WITH_NULL_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]241 TLS_ECDHE_RSA_WITH_NULL_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]242 TLS_ECDHE_PSK_WITH_NULL_SHA384,
243 TLS_ECDHE_PSK_WITH_NULL_SHA256,
244 TLS_ECDHE_PSK_WITH_NULL_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]245 TLS_DHE_PSK_WITH_NULL_SHA384,
246 TLS_DHE_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]247 TLS_DHE_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]248
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]249 TLS_RSA_WITH_NULL_SHA256,
250 TLS_RSA_WITH_NULL_SHA,
251 TLS_RSA_WITH_NULL_MD5,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]252 TLS_ECDH_RSA_WITH_NULL_SHA,
253 TLS_ECDH_ECDSA_WITH_NULL_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]254 TLS_RSA_PSK_WITH_NULL_SHA384,
255 TLS_RSA_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]256 TLS_RSA_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]257 TLS_PSK_WITH_NULL_SHA384,
258 TLS_PSK_WITH_NULL_SHA256,
259 TLS_PSK_WITH_NULL_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]260
Paul Bakker82788fb2014-10-20 13:59:19 +0200[diff] [blame]261#endif /* SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]262 0
263};
264
265static const ssl_ciphersuite_t ciphersuite_definitions[] =
266{
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]267#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
268#if defined(POLARSSL_AES_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]269#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]270#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]271 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
272 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
273 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
274 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]275 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]276 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
277 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
278 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
279 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]280 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]281#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]282#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]283#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]284#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]285 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
286 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
287 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
288 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]289 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]290#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]291#if defined(POLARSSL_GCM_C)
292 { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
293 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
294 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
295 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]296 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]297#endif /* POLARSSL_GCM_C */
298#endif /* POLARSSL_SHA256_C */
299#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]300#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]301 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
302 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
303 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
304 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]305 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]306#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]307#if defined(POLARSSL_GCM_C)
308 { TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
309 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
310 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
311 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]312 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]313#endif /* POLARSSL_GCM_C */
314#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]315#if defined(POLARSSL_CCM_C)
316 { TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
317 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
318 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
319 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
320 0 },
321 { TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
322 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
323 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
324 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
325 POLARSSL_CIPHERSUITE_SHORT_TAG },
326 { TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
327 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
328 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
329 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
330 0 },
331 { TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
332 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
333 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
334 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
335 POLARSSL_CIPHERSUITE_SHORT_TAG },
336#endif /* POLARSSL_CCM_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]337#endif /* POLARSSL_AES_C */
338
339#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]340#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]341#if defined(POLARSSL_SHA256_C)
342 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
343 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]344 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]345 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]346 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]347#endif /* POLARSSL_SHA256_C */
348#if defined(POLARSSL_SHA512_C)
349 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
350 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]351 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]352 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]353 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]354#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]355#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]356
357#if defined(POLARSSL_GCM_C)
358#if defined(POLARSSL_SHA256_C)
359 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
360 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
361 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
362 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
363 0 },
364#endif /* POLARSSL_SHA256_C */
365#if defined(POLARSSL_SHA512_C)
366 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
367 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
368 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
369 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
370 0 },
371#endif /* POLARSSL_SHA512_C */
372#endif /* POLARSSL_GCM_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]373#endif /* POLARSSL_CAMELLIA_C */
374
375#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]376#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]377#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]378 { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
379 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
380 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
381 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]382 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]383#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]384#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]385#endif /* POLARSSL_DES_C */
386
387#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]388#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]389 { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
390 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
391 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
392 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnardd6664512014-02-06 13:26:57 +0100[diff] [blame]393 POLARSSL_CIPHERSUITE_NODTLS },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]394#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]395#endif /* POLARSSL_ARC4_C */
396
397#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]398#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]399 { TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
400 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
401 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
402 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]403 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]404#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]405#endif /* POLARSSL_CIPHER_NULL_CIPHER */
406#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
407
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]408#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]409#if defined(POLARSSL_AES_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]410#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]411#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]412 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
413 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
414 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
415 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]416 0 },
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]417 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
418 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
419 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
420 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]421 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]422#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]423#endif /* POLARSSL_SHA1_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]424#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]425#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]426 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
427 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
428 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
429 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]430 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]431#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]432#if defined(POLARSSL_GCM_C)
433 { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
434 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
435 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
436 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]437 0 },
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]438#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]439#endif /* POLARSSL_SHA256_C */
440#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]441#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]442 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
443 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
444 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
445 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]446 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]447#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]448#if defined(POLARSSL_GCM_C)
449 { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
450 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
451 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
452 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]453 0 },
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]454#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]455#endif /* POLARSSL_SHA512_C */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]456#endif /* POLARSSL_AES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]457
458#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]459#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]460#if defined(POLARSSL_SHA256_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]461 { TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
462 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]463 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]464 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]465 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]466#endif /* POLARSSL_SHA256_C */
467#if defined(POLARSSL_SHA512_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]468 { TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
469 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]470 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]471 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]472 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]473#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]474#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]475
476#if defined(POLARSSL_GCM_C)
477#if defined(POLARSSL_SHA256_C)
478 { TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
479 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
480 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
481 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
482 0 },
483#endif /* POLARSSL_SHA256_C */
484#if defined(POLARSSL_SHA512_C)
485 { TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
486 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
487 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
488 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
489 0 },
490#endif /* POLARSSL_SHA512_C */
491#endif /* POLARSSL_GCM_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]492#endif /* POLARSSL_CAMELLIA_C */
493
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]494#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]495#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]496#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]497 { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
498 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
499 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
500 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]501 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]502#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]503#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]504#endif /* POLARSSL_DES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]505
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]506#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]507#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]508 { TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
509 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
510 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
511 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnardd6664512014-02-06 13:26:57 +0100[diff] [blame]512 POLARSSL_CIPHERSUITE_NODTLS },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]513#endif /* POLARSSL_SHA1_C */
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]514#endif /* POLARSSL_ARC4_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]515
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]516#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]517#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]518 { TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
519 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
520 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
521 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]522 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]523#endif /* POLARSSL_SHA1_C */
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]524#endif /* POLARSSL_CIPHER_NULL_CIPHER */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]525#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]526
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]527#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]528#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]529#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]530 { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
531 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA,
532 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
533 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
534 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]535#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]536
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]537#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]538#if defined(POLARSSL_GCM_C)
539 { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
540 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
541 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
542 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
543 0 },
544#endif /* POLARSSL_GCM_C */
545
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]546#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]547 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
548 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
549 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
550 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
551 0 },
552
553 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
554 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
555 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
556 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
557 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]558#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]559#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]560
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]561#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]562#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]563 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
564 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
565 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
566 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
567 0 },
568
569 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
570 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
571 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
572 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
573 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]574#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]575#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]576#if defined(POLARSSL_CCM_C)
577 { TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
578 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
579 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
580 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
581 0 },
582 { TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
583 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
584 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
585 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
586 POLARSSL_CIPHERSUITE_SHORT_TAG },
587 { TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
588 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
589 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
590 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
591 0 },
592 { TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
593 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
594 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
595 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
596 POLARSSL_CIPHERSUITE_SHORT_TAG },
597#endif /* POLARSSL_CCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]598#endif /* POLARSSL_AES_C */
599
600#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]601#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]602#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]603 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
604 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
605 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
606 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
607 0 },
608
609 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
610 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
611 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
612 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
613 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]614#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]615
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]616#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]617 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
618 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
619 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
620 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
621 0 },
622
623 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
624 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
625 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
626 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
627 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]628#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]629#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]630#if defined(POLARSSL_GCM_C)
631#if defined(POLARSSL_SHA256_C)
632 { TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
633 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
634 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
635 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
636 0 },
637#endif /* POLARSSL_SHA256_C */
638
639#if defined(POLARSSL_SHA512_C)
640 { TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
641 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA,
642 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
643 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
644 0 },
645#endif /* POLARSSL_SHA512_C */
646#endif /* POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]647#endif /* POLARSSL_CAMELLIA_C */
648
649#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]650#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]651#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]652 { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
653 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
654 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
655 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
656 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]657#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]658#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]659#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]660#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]661
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]662#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]663#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]664#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]665 { TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
666 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
667 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
668 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
669 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]670#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]671
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]672#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]673#if defined(POLARSSL_GCM_C)
674 { TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
675 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
676 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
677 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
678 0 },
679#endif /* POLARSSL_GCM_C */
680
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]681#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]682 { TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
683 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
684 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
685 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
686 0 },
687
688 { TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
689 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
690 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
691 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
692 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]693#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]694#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]695
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]696#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]697#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]698 { TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
699 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
700 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
701 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
702 0 },
703
704 { TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
705 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
706 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
707 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
708 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]709#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]710#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]711#if defined(POLARSSL_CCM_C)
712 { TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
713 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
714 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
715 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
716 0 },
717 { TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
718 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
719 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
720 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
721 POLARSSL_CIPHERSUITE_SHORT_TAG },
722 { TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
723 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
724 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
725 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
726 0 },
727 { TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
728 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
729 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
730 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
731 POLARSSL_CIPHERSUITE_SHORT_TAG },
732#endif /* POLARSSL_CCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]733#endif /* POLARSSL_AES_C */
734
735#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]736#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]737#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]738 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
739 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
740 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
741 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
742 0 },
743
744 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
745 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
746 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
747 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
748 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]749#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]750
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]751#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]752 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
753 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
754 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
755 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
756 0 },
757
758 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
759 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
760 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
761 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
762 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]763#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]764#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]765
766#if defined(POLARSSL_GCM_C)
767#if defined(POLARSSL_SHA256_C)
768 { TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
769 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
770 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
771 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
772 0 },
773#endif /* POLARSSL_SHA256_C */
774
775#if defined(POLARSSL_SHA1_C)
776 { TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
777 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
778 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
779 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
780 0 },
781#endif /* POLARSSL_SHA1_C */
782#endif /* POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]783#endif /* POLARSSL_CAMELLIA_C */
784
785#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]786#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]787#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]788 { TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
789 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
790 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
791 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
792 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]793#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]794#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]795#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]796
797#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]798#if defined(POLARSSL_MD5_C)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]799 { TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
800 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
801 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
802 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnardd6664512014-02-06 13:26:57 +0100[diff] [blame]803 POLARSSL_CIPHERSUITE_NODTLS },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]804#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]805
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]806#if defined(POLARSSL_SHA1_C)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]807 { TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
808 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
809 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
810 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnardd6664512014-02-06 13:26:57 +0100[diff] [blame]811 POLARSSL_CIPHERSUITE_NODTLS },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]812#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]813#endif /* POLARSSL_ARC4_C */
814#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]815
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]816#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED)
817#if defined(POLARSSL_AES_C)
818#if defined(POLARSSL_SHA1_C)
819#if defined(POLARSSL_CIPHER_MODE_CBC)
820 { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
821 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
822 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
823 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
824 0 },
825 { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
826 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
827 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
828 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
829 0 },
830#endif /* POLARSSL_CIPHER_MODE_CBC */
831#endif /* POLARSSL_SHA1_C */
832#if defined(POLARSSL_SHA256_C)
833#if defined(POLARSSL_CIPHER_MODE_CBC)
834 { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
835 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
836 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
837 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
838 0 },
839#endif /* POLARSSL_CIPHER_MODE_CBC */
840#if defined(POLARSSL_GCM_C)
841 { TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
842 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
843 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
844 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
845 0 },
846#endif /* POLARSSL_GCM_C */
847#endif /* POLARSSL_SHA256_C */
848#if defined(POLARSSL_SHA512_C)
849#if defined(POLARSSL_CIPHER_MODE_CBC)
850 { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
851 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
852 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
853 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
854 0 },
855#endif /* POLARSSL_CIPHER_MODE_CBC */
856#if defined(POLARSSL_GCM_C)
857 { TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
858 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
859 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
860 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
861 0 },
862#endif /* POLARSSL_GCM_C */
863#endif /* POLARSSL_SHA512_C */
864#endif /* POLARSSL_AES_C */
865
866#if defined(POLARSSL_CAMELLIA_C)
867#if defined(POLARSSL_CIPHER_MODE_CBC)
868#if defined(POLARSSL_SHA256_C)
869 { TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
870 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
871 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
872 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
873 0 },
874#endif /* POLARSSL_SHA256_C */
875#if defined(POLARSSL_SHA512_C)
876 { TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
877 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
878 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
879 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
880 0 },
881#endif /* POLARSSL_SHA512_C */
882#endif /* POLARSSL_CIPHER_MODE_CBC */
883
884#if defined(POLARSSL_GCM_C)
885#if defined(POLARSSL_SHA256_C)
886 { TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
887 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
888 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
889 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
890 0 },
891#endif /* POLARSSL_SHA256_C */
892#if defined(POLARSSL_SHA512_C)
893 { TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
894 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
895 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
896 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
897 0 },
898#endif /* POLARSSL_SHA512_C */
899#endif /* POLARSSL_GCM_C */
900#endif /* POLARSSL_CAMELLIA_C */
901
902#if defined(POLARSSL_DES_C)
903#if defined(POLARSSL_CIPHER_MODE_CBC)
904#if defined(POLARSSL_SHA1_C)
905 { TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
906 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
907 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
908 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
909 0 },
910#endif /* POLARSSL_SHA1_C */
911#endif /* POLARSSL_CIPHER_MODE_CBC */
912#endif /* POLARSSL_DES_C */
913
914#if defined(POLARSSL_ARC4_C)
915#if defined(POLARSSL_SHA1_C)
916 { TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA",
917 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
918 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
919 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnardd6664512014-02-06 13:26:57 +0100[diff] [blame]920 POLARSSL_CIPHERSUITE_NODTLS },
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]921#endif /* POLARSSL_SHA1_C */
922#endif /* POLARSSL_ARC4_C */
923
924#if defined(POLARSSL_CIPHER_NULL_CIPHER)
925#if defined(POLARSSL_SHA1_C)
926 { TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
927 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
928 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
929 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
930 POLARSSL_CIPHERSUITE_WEAK },
931#endif /* POLARSSL_SHA1_C */
932#endif /* POLARSSL_CIPHER_NULL_CIPHER */
933#endif /* POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED */
934
935#if defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
936#if defined(POLARSSL_AES_C)
937#if defined(POLARSSL_SHA1_C)
938#if defined(POLARSSL_CIPHER_MODE_CBC)
939 { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
940 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
941 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
942 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
943 0 },
944 { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
945 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
946 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
947 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
948 0 },
949#endif /* POLARSSL_CIPHER_MODE_CBC */
950#endif /* POLARSSL_SHA1_C */
951#if defined(POLARSSL_SHA256_C)
952#if defined(POLARSSL_CIPHER_MODE_CBC)
953 { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
954 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
955 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
956 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
957 0 },
958#endif /* POLARSSL_CIPHER_MODE_CBC */
959#if defined(POLARSSL_GCM_C)
960 { TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
961 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
962 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
963 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
964 0 },
965#endif /* POLARSSL_GCM_C */
966#endif /* POLARSSL_SHA256_C */
967#if defined(POLARSSL_SHA512_C)
968#if defined(POLARSSL_CIPHER_MODE_CBC)
969 { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
970 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
971 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
972 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
973 0 },
974#endif /* POLARSSL_CIPHER_MODE_CBC */
975#if defined(POLARSSL_GCM_C)
976 { TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
977 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
978 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
979 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
980 0 },
981#endif /* POLARSSL_GCM_C */
982#endif /* POLARSSL_SHA512_C */
983#endif /* POLARSSL_AES_C */
984
985#if defined(POLARSSL_CAMELLIA_C)
986#if defined(POLARSSL_CIPHER_MODE_CBC)
987#if defined(POLARSSL_SHA256_C)
988 { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
989 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
990 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
991 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
992 0 },
993#endif /* POLARSSL_SHA256_C */
994#if defined(POLARSSL_SHA512_C)
995 { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
996 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
997 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
998 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
999 0 },
1000#endif /* POLARSSL_SHA512_C */
1001#endif /* POLARSSL_CIPHER_MODE_CBC */
1002
1003#if defined(POLARSSL_GCM_C)
1004#if defined(POLARSSL_SHA256_C)
1005 { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
1006 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1007 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1008 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1009 0 },
1010#endif /* POLARSSL_SHA256_C */
1011#if defined(POLARSSL_SHA512_C)
1012 { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
1013 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1014 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1015 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1016 0 },
1017#endif /* POLARSSL_SHA512_C */
1018#endif /* POLARSSL_GCM_C */
1019#endif /* POLARSSL_CAMELLIA_C */
1020
1021#if defined(POLARSSL_DES_C)
1022#if defined(POLARSSL_CIPHER_MODE_CBC)
1023#if defined(POLARSSL_SHA1_C)
1024 { TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
1025 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1026 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
1027 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1028 0 },
1029#endif /* POLARSSL_SHA1_C */
1030#endif /* POLARSSL_CIPHER_MODE_CBC */
1031#endif /* POLARSSL_DES_C */
1032
1033#if defined(POLARSSL_ARC4_C)
1034#if defined(POLARSSL_SHA1_C)
1035 { TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA",
1036 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1037 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
1038 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnardd6664512014-02-06 13:26:57 +0100[diff] [blame]1039 POLARSSL_CIPHERSUITE_NODTLS },
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1040#endif /* POLARSSL_SHA1_C */
1041#endif /* POLARSSL_ARC4_C */
1042
1043#if defined(POLARSSL_CIPHER_NULL_CIPHER)
1044#if defined(POLARSSL_SHA1_C)
1045 { TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
1046 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1047 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
1048 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1049 POLARSSL_CIPHERSUITE_WEAK },
1050#endif /* POLARSSL_SHA1_C */
1051#endif /* POLARSSL_CIPHER_NULL_CIPHER */
1052#endif /* POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
1053
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1054#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
1055#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1056#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1057#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1058 { TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
1059 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
1060 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1061 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1062 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1063#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1064
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1065#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1066 { TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
1067 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
1068 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1069 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1070 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1071#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1072#endif /* POLARSSL_GCM_C */
1073
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1074#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1075#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1076 { TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1077 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1078 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1079 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1080 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1081#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1082
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1083#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1084 { TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1085 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1086 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1087 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1088 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1089#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1090
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1091#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1092 { TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1093 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1094 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1095 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1096 0 },
1097
1098 { TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1099 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1100 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1101 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1102 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1103#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1104#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1105#if defined(POLARSSL_CCM_C)
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1106 { TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
1107 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1108 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1109 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1110 0 },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1111 { TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
1112 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1113 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1114 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1115 POLARSSL_CIPHERSUITE_SHORT_TAG },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1116 { TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
1117 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1118 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1119 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1120 0 },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1121 { TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
1122 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1123 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1124 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1125 POLARSSL_CIPHERSUITE_SHORT_TAG },
1126#endif /* POLARSSL_CCM_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1127#endif /* POLARSSL_AES_C */
1128
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1129#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1130#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1131#if defined(POLARSSL_SHA256_C)
1132 { TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1133 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1134 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1135 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1136 0 },
1137#endif /* POLARSSL_SHA256_C */
1138
1139#if defined(POLARSSL_SHA512_C)
1140 { TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1141 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1142 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1143 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1144 0 },
1145#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1146#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1147
1148#if defined(POLARSSL_GCM_C)
1149#if defined(POLARSSL_SHA256_C)
1150 { TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1151 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
1152 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1153 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1154 0 },
1155#endif /* POLARSSL_SHA256_C */
1156
1157#if defined(POLARSSL_SHA512_C)
1158 { TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1159 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
1160 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1161 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1162 0 },
1163#endif /* POLARSSL_SHA512_C */
1164#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1165#endif /* POLARSSL_CAMELLIA_C */
1166
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1167#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1168#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1169#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1170 { TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
1171 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1172 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1173 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1174 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1175#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1176#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1177#endif /* POLARSSL_DES_C */
1178
1179#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1180#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1181 { TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
1182 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1183 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1184 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnardd6664512014-02-06 13:26:57 +0100[diff] [blame]1185 POLARSSL_CIPHERSUITE_NODTLS },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1186#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1187#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1188#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1189
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1190#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1191#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1192#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1193#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1194 { TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1195 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1196 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1197 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1198 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1199#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1200
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1201#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1202 { TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1203 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1204 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1205 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1206 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1207#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1208#endif /* POLARSSL_GCM_C */
1209
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1210#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1211#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1212 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1213 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1214 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1215 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1216 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1217#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1218
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1219#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1220 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1221 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1222 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1223 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1224 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1225#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1226
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1227#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1228 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1229 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1230 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1231 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1232 0 },
1233
1234 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1235 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1236 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1237 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1238 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1239#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1240#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1241#if defined(POLARSSL_CCM_C)
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1242 { TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
1243 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1244 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1245 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1246 0 },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1247 { TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1248 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1249 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1250 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1251 POLARSSL_CIPHERSUITE_SHORT_TAG },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1252 { TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
1253 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1254 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1255 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1256 0 },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1257 { TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1258 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1259 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1260 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1261 POLARSSL_CIPHERSUITE_SHORT_TAG },
1262#endif /* POLARSSL_CCM_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1263#endif /* POLARSSL_AES_C */
1264
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1265#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1266#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1267#if defined(POLARSSL_SHA256_C)
1268 { TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1269 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1270 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1271 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1272 0 },
1273#endif /* POLARSSL_SHA256_C */
1274
1275#if defined(POLARSSL_SHA512_C)
1276 { TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1277 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1278 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1279 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1280 0 },
1281#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1282#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1283
1284#if defined(POLARSSL_GCM_C)
1285#if defined(POLARSSL_SHA256_C)
1286 { TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1287 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1288 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1289 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1290 0 },
1291#endif /* POLARSSL_SHA256_C */
1292
1293#if defined(POLARSSL_SHA512_C)
1294 { TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1295 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1296 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1297 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1298 0 },
1299#endif /* POLARSSL_SHA512_C */
1300#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1301#endif /* POLARSSL_CAMELLIA_C */
1302
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1303#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1304#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1305#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1306 { TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
1307 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1308 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1309 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1310 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1311#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1312#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1313#endif /* POLARSSL_DES_C */
1314
1315#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1316#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1317 { TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
1318 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1319 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1320 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnardd6664512014-02-06 13:26:57 +0100[diff] [blame]1321 POLARSSL_CIPHERSUITE_NODTLS },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1322#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1323#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1324#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1325
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1326#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1327#if defined(POLARSSL_AES_C)
1328
1329#if defined(POLARSSL_CIPHER_MODE_CBC)
1330#if defined(POLARSSL_SHA256_C)
1331 { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1332 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1333 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1334 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1335 0 },
1336#endif /* POLARSSL_SHA256_C */
1337
1338#if defined(POLARSSL_SHA512_C)
1339 { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1340 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1341 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1342 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1343 0 },
1344#endif /* POLARSSL_SHA512_C */
1345
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1346#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1347 { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1348 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1349 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1350 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1351 0 },
1352
1353 { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1354 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1355 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1356 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1357 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1358#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1359#endif /* POLARSSL_CIPHER_MODE_CBC */
1360#endif /* POLARSSL_AES_C */
1361
1362#if defined(POLARSSL_CAMELLIA_C)
1363#if defined(POLARSSL_CIPHER_MODE_CBC)
1364#if defined(POLARSSL_SHA256_C)
1365 { TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1366 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1367 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1368 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1369 0 },
1370#endif /* POLARSSL_SHA256_C */
1371
1372#if defined(POLARSSL_SHA512_C)
1373 { TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1374 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1375 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1376 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1377 0 },
1378#endif /* POLARSSL_SHA512_C */
1379#endif /* POLARSSL_CIPHER_MODE_CBC */
1380#endif /* POLARSSL_CAMELLIA_C */
1381
1382#if defined(POLARSSL_DES_C)
1383#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1384#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1385 { TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
1386 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1387 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1388 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1389 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1390#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1391#endif /* POLARSSL_CIPHER_MODE_CBC */
1392#endif /* POLARSSL_DES_C */
1393
1394#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1395#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1396 { TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
1397 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1398 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1399 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnardd6664512014-02-06 13:26:57 +0100[diff] [blame]1400 POLARSSL_CIPHERSUITE_NODTLS },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1401#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1402#endif /* POLARSSL_ARC4_C */
1403#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1404
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1405#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1406#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1407#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1408#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1409 { TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1410 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1411 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1412 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1413 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1414#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1415
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1416#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1417 { TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1418 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1419 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1420 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1421 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1422#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1423#endif /* POLARSSL_GCM_C */
1424
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1425#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1426#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1427 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1428 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1429 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1430 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1431 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1432#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1433
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1434#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1435 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1436 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1437 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1438 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1439 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1440#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1441
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1442#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1443 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1444 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda04fa4f2014-07-13 16:16:44 +0200[diff] [blame]1445 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1446 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1447 0 },
1448
1449 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1450 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda04fa4f2014-07-13 16:16:44 +0200[diff] [blame]1451 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1452 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1453 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1454#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1455#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1456#endif /* POLARSSL_AES_C */
1457
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1458#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1459#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1460#if defined(POLARSSL_SHA256_C)
1461 { TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1462 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1463 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1464 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1465 0 },
1466#endif /* POLARSSL_SHA256_C */
1467
1468#if defined(POLARSSL_SHA512_C)
1469 { TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1470 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1471 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1472 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1473 0 },
1474#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1475#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1476
1477#if defined(POLARSSL_GCM_C)
1478#if defined(POLARSSL_SHA256_C)
1479 { TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1480 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1481 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1482 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1483 0 },
1484#endif /* POLARSSL_SHA256_C */
1485
1486#if defined(POLARSSL_SHA512_C)
1487 { TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1488 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1489 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1490 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1491 0 },
1492#endif /* POLARSSL_SHA512_C */
1493#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1494#endif /* POLARSSL_CAMELLIA_C */
1495
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1496#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1497#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1498#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1499 { TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
1500 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda04fa4f2014-07-13 16:16:44 +0200[diff] [blame]1501 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1502 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1503 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1504#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1505#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1506#endif /* POLARSSL_DES_C */
1507
1508#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1509#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1510 { TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
1511 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda04fa4f2014-07-13 16:16:44 +0200[diff] [blame]1512 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1513 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnardd6664512014-02-06 13:26:57 +0100[diff] [blame]1514 POLARSSL_CIPHERSUITE_NODTLS },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1515#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1516#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1517#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1518
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1519#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES)
1520#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1521#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1522#if defined(POLARSSL_MD5_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1523 { TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1524 POLARSSL_CIPHER_NULL, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
1525 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1526 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1527 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1528#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1529
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1530#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1531 { TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1532 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
1533 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1534 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1535 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1536#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1537
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1538#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1539 { TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1540 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1541 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1542 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1543 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1544#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1545#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1546
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1547#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1548#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1549 { TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1550 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1551 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1552 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1553 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1554#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1555
1556#if defined(POLARSSL_SHA256_C)
1557 { TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1558 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1559 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1560 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1561 POLARSSL_CIPHERSUITE_WEAK },
1562#endif
1563
1564#if defined(POLARSSL_SHA512_C)
1565 { TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1566 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1567 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1568 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1569 POLARSSL_CIPHERSUITE_WEAK },
1570#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1571#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
1572
1573#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1574#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1575 { TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1576 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1577 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1578 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1579 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1580#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1581
1582#if defined(POLARSSL_SHA256_C)
1583 { TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1584 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1585 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1586 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1587 POLARSSL_CIPHERSUITE_WEAK },
1588#endif
1589
1590#if defined(POLARSSL_SHA512_C)
1591 { TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1592 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1593 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1594 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1595 POLARSSL_CIPHERSUITE_WEAK },
1596#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1597#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
1598
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1599#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1600#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1601 { TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1602 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1603 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1604 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1605 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1606#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1607
1608#if defined(POLARSSL_SHA256_C)
1609 { TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1610 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1611 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1612 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1613 POLARSSL_CIPHERSUITE_WEAK },
1614#endif
1615
1616#if defined(POLARSSL_SHA512_C)
1617 { TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1618 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1619 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1620 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1621 POLARSSL_CIPHERSUITE_WEAK },
1622#endif
1623#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1624
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1625#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1626#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1627 { TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1628 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda04fa4f2014-07-13 16:16:44 +0200[diff] [blame]1629 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1630 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1631 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1632#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1633
1634#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1635 { TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1636 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1637 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1638 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1639 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1640#endif
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1641
1642#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1643 { TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1644 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1645 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1646 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1647 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1648#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1649#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
1650#endif /* POLARSSL_CIPHER_NULL_CIPHER */
1651
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1652#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1653#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1654#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1655#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1656 { TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
1657 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
1658 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1659 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1660 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1661#endif /* POLARSSL_SHA1_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1662#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1663
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1664#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1665#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1666 { TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
1667 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
1668 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1669 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1670 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1671#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1672#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
1673#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1674#endif /* POLARSSL_DES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1675#endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */
1676
Manuel Pégourié-Gonnarda2733712015-02-10 17:32:14 +0100[diff] [blame]1677 { 0, "",
1678 POLARSSL_CIPHER_NONE, POLARSSL_MD_NONE, POLARSSL_KEY_EXCHANGE_NONE,
1679 0, 0, 0, 0, 0 }
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1680};
1681
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]1682#if defined(SSL_CIPHERSUITES)
1683const int *ssl_list_ciphersuites( void )
1684{
1685 return( ciphersuite_preference );
1686}
1687#else
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1688#define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
1689 sizeof( ciphersuite_definitions[0] )
1690static int supported_ciphersuites[MAX_CIPHERSUITES];
1691static int supported_init = 0;
1692
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1693const int *ssl_list_ciphersuites( void )
1694{
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1695 /*
1696 * On initial call filter out all ciphersuites not supported by current
1697 * build based on presence in the ciphersuite_definitions.
1698 */
1699 if( supported_init == 0 )
1700 {
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1701 const int *p;
1702 int *q;
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1703
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1704 for( p = ciphersuite_preference, q = supported_ciphersuites;
1705 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
1706 p++ )
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1707 {
Manuel Pégourié-Gonnard01edb102014-06-24 22:42:34 +0200[diff] [blame]1708#if defined(POLARSSL_REMOVE_ARC4_CIPHERSUITES)
1709 const ssl_ciphersuite_t *cs_info;
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1710 if( ( cs_info = ssl_ciphersuite_from_id( *p ) ) != NULL &&
Manuel Pégourié-Gonnard01edb102014-06-24 22:42:34 +0200[diff] [blame]1711 cs_info->cipher != POLARSSL_CIPHER_ARC4_128 )
1712#else
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1713 if( ssl_ciphersuite_from_id( *p ) != NULL )
Manuel Pégourié-Gonnard01edb102014-06-24 22:42:34 +0200[diff] [blame]1714#endif
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1715 *(q++) = *p;
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1716 }
Manuel Pégourié-Gonnardbc4b7f02013-09-07 15:04:26 +0200[diff] [blame]1717 *q = 0;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1718
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1719 supported_init = 1;
1720 }
1721
Paul Bakkerd8bb8262014-06-17 14:06:49 +0200[diff] [blame]1722 return( supported_ciphersuites );
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1723};
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]1724#endif /* SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1725
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +0200[diff] [blame]1726const ssl_ciphersuite_t *ssl_ciphersuite_from_string(
1727 const char *ciphersuite_name )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1728{
1729 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1730
1731 if( NULL == ciphersuite_name )
1732 return( NULL );
1733
1734 while( cur->id != 0 )
1735 {
1736 if( 0 == strcasecmp( cur->name, ciphersuite_name ) )
1737 return( cur );
1738
1739 cur++;
1740 }
1741
1742 return( NULL );
1743}
1744
1745const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite )
1746{
1747 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1748
1749 while( cur->id != 0 )
1750 {
1751 if( cur->id == ciphersuite )
1752 return( cur );
1753
1754 cur++;
1755 }
1756
1757 return( NULL );
1758}
1759
1760const char *ssl_get_ciphersuite_name( const int ciphersuite_id )
1761{
1762 const ssl_ciphersuite_t *cur;
1763
1764 cur = ssl_ciphersuite_from_id( ciphersuite_id );
1765
1766 if( cur == NULL )
1767 return( "unknown" );
1768
1769 return( cur->name );
1770}
1771
1772int ssl_get_ciphersuite_id( const char *ciphersuite_name )
1773{
1774 const ssl_ciphersuite_t *cur;
1775
1776 cur = ssl_ciphersuite_from_string( ciphersuite_name );
1777
1778 if( cur == NULL )
1779 return( 0 );
1780
1781 return( cur->id );
1782}
1783
Manuel Pégourié-Gonnard1a483832013-09-20 12:29:15 +0200[diff] [blame]1784#if defined(POLARSSL_PK_C)
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1785pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info )
1786{
1787 switch( info->key_exchange )
1788 {
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1789 case POLARSSL_KEY_EXCHANGE_RSA:
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1790 case POLARSSL_KEY_EXCHANGE_DHE_RSA:
1791 case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1792 case POLARSSL_KEY_EXCHANGE_RSA_PSK:
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1793 return( POLARSSL_PK_RSA );
1794
1795 case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
1796 return( POLARSSL_PK_ECDSA );
1797
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1798 case POLARSSL_KEY_EXCHANGE_ECDH_RSA:
1799 case POLARSSL_KEY_EXCHANGE_ECDH_ECDSA:
1800 return( POLARSSL_PK_ECKEY );
1801
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1802 default:
1803 return( POLARSSL_PK_NONE );
1804 }
1805}
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1806#endif /* POLARSSL_PK_C */
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1807
Manuel Pégourié-Gonnard280f95b2014-01-18 18:28:58 +0100[diff] [blame]1808#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C)
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1809int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info )
1810{
1811 switch( info->key_exchange )
1812 {
1813 case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
1814 case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1815 case POLARSSL_KEY_EXCHANGE_ECDHE_PSK:
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1816 case POLARSSL_KEY_EXCHANGE_ECDH_RSA:
1817 case POLARSSL_KEY_EXCHANGE_ECDH_ECDSA:
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1818 return( 1 );
1819
1820 default:
1821 return( 0 );
1822 }
1823}
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1824#endif /* POLARSSL_ECDH_C || POLARSSL_ECDSA_C */
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1825
Manuel Pégourié-Gonnard280f95b2014-01-18 18:28:58 +0100[diff] [blame]1826#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
Manuel Pégourié-Gonnard21ef42f2013-10-27 14:47:25 +0100[diff] [blame]1827int ssl_ciphersuite_uses_psk( const ssl_ciphersuite_t *info )
1828{
1829 switch( info->key_exchange )
1830 {
1831 case POLARSSL_KEY_EXCHANGE_PSK:
1832 case POLARSSL_KEY_EXCHANGE_RSA_PSK:
1833 case POLARSSL_KEY_EXCHANGE_DHE_PSK:
1834 case POLARSSL_KEY_EXCHANGE_ECDHE_PSK:
1835 return( 1 );
1836
1837 default:
1838 return( 0 );
1839 }
1840}
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1841#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */
Manuel Pégourié-Gonnard21ef42f2013-10-27 14:47:25 +0100[diff] [blame]1842
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1843#endif /* POLARSSL_SSL_TLS_C */