TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 9654fb156f8c70927ec32f08bce2b3913efe9198 / . / library / ssl_ciphersuites.c
blob: ba28b3ffdf6771f1dee35dc5c2cd092d1b3bf50d [file] [log] [blame]
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1/**
2 * \file ssl_ciphersuites.c
3 *
4 * \brief SSL ciphersuites for PolarSSL
5 *
6 * Copyright (C) 2006-2013, Brainspark B.V.
7 *
8 * This file is part of PolarSSL (http://www.polarssl.org)
9 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
10 *
11 * All rights reserved.
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License along
24 * with this program; if not, write to the Free Software Foundation, Inc.,
25 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 */
27
28#include "polarssl/config.h"
29
30#if defined(POLARSSL_SSL_TLS_C)
31
32#include "polarssl/ssl_ciphersuites.h"
33#include "polarssl/ssl.h"
34
35#include <stdlib.h>
36
Manuel Pégourié-Gonnard9654fb12013-10-03 11:53:05 +0200[diff] [blame^]37#if defined _MSC_VER && !defined strcasecmp
38#define strcasecmp _stricmp
39#endif
40
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]41/*
42 * Ordered from most preferred to least preferred in terms of security.
43 */
44static const int ciphersuite_preference[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]45{
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]46 /* All AES-256 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]47 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]48 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]49 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]50 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]51 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]52 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]53 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]54 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]55 TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]56
57 /* All CAMELLIA-256 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]58 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]59 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]60 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]61 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]62
63 /* All AES-128 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]64 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]65 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]66 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]67 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]68 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]69 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]70 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]71 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
72 TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]73
74 /* All CAMELLIA-128 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]75 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]76 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]77 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]78 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]79
80 /* All remaining > 128-bit ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]81 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]82 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]83 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]84 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]85 TLS_ECDHE_RSA_WITH_RC4_128_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]86
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]87 /* The PSK ephemeral suites */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]88 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]89 TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]90 TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]91 TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]92 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]93 TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]94 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]95 TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]96 TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
97 TLS_DHE_PSK_WITH_RC4_128_SHA,
98
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]99 /* All AES-256 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]100 TLS_RSA_WITH_AES_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]101 TLS_RSA_WITH_AES_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]102 TLS_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]103
104 /* All CAMELLIA-256 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]105 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]106 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]107
108 /* All AES-128 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]109 TLS_RSA_WITH_AES_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]110 TLS_RSA_WITH_AES_128_GCM_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]111 TLS_RSA_WITH_AES_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]112
113 /* All CAMELLIA-128 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]114 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]115 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]116
117 /* All remaining > 128-bit suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]118 TLS_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]119 TLS_RSA_WITH_RC4_128_SHA,
120 TLS_RSA_WITH_RC4_128_MD5,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]121
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]122 /* The RSA PSK suites */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]123 TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]124 TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]125 TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]126 TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]127 TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]128 TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]129 TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]130 TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]131 TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
132 TLS_RSA_PSK_WITH_RC4_128_SHA,
133
134 /* The PSK suites */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]135 TLS_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]136 TLS_PSK_WITH_AES_256_CBC_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]137 TLS_PSK_WITH_AES_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]138 TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]139 TLS_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]140 TLS_PSK_WITH_AES_128_CBC_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]141 TLS_PSK_WITH_AES_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]142 TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]143 TLS_PSK_WITH_3DES_EDE_CBC_SHA,
144 TLS_PSK_WITH_RC4_128_SHA,
145
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]146 /* Weak or NULL suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]147 TLS_DHE_RSA_WITH_DES_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]148 TLS_RSA_WITH_DES_CBC_SHA,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]149 TLS_ECDHE_ECDSA_WITH_NULL_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]150 TLS_ECDHE_RSA_WITH_NULL_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]151 TLS_RSA_WITH_NULL_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]152 TLS_RSA_WITH_NULL_SHA,
153 TLS_RSA_WITH_NULL_MD5,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]154 TLS_PSK_WITH_NULL_SHA384,
155 TLS_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]156 TLS_PSK_WITH_NULL_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]157 TLS_DHE_PSK_WITH_NULL_SHA384,
158 TLS_DHE_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]159 TLS_DHE_PSK_WITH_NULL_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]160 TLS_RSA_PSK_WITH_NULL_SHA384,
161 TLS_RSA_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]162 TLS_RSA_PSK_WITH_NULL_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]163
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]164 0
165};
166
Manuel Pégourié-Gonnard57a87832013-08-27 16:13:54 +0200[diff] [blame]167#define MAX_CIPHERSUITES 128
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]168static int supported_ciphersuites[MAX_CIPHERSUITES];
169static int supported_init = 0;
170
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]171static const ssl_ciphersuite_t ciphersuite_definitions[] =
172{
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]173#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
174#if defined(POLARSSL_AES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]175#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]176 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
177 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
178 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
179 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]180 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]181 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
182 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
183 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
184 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]185 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]186#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]187#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]188#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]189 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
190 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
191 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
192 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]193 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]194#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]195#if defined(POLARSSL_GCM_C)
196 { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
197 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
198 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
199 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]200 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]201#endif /* POLARSSL_GCM_C */
202#endif /* POLARSSL_SHA256_C */
203#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]204#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]205 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
206 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
207 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
208 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]209 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]210#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]211#if defined(POLARSSL_GCM_C)
212 { TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
213 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
214 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
215 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]216 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]217#endif /* POLARSSL_GCM_C */
218#endif /* POLARSSL_SHA512_C */
219#endif /* POLARSSL_AES_C */
220
221#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]222#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]223#if defined(POLARSSL_SHA256_C)
224 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
225 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
226 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
227 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]228 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]229#endif /* POLARSSL_SHA256_C */
230#if defined(POLARSSL_SHA512_C)
231 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
232 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
233 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
234 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]235 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]236#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]237#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]238#endif /* POLARSSL_CAMELLIA_C */
239
240#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]241#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]242 { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
243 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
244 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
245 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]246 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]247#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]248#endif /* POLARSSL_DES_C */
249
250#if defined(POLARSSL_ARC4_C)
251 { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
252 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
253 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
254 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]255 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]256#endif /* POLARSSL_ARC4_C */
257
258#if defined(POLARSSL_CIPHER_NULL_CIPHER)
259 { TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
260 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
261 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
262 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]263 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]264#endif /* POLARSSL_CIPHER_NULL_CIPHER */
265#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
266
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]267#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]268#if defined(POLARSSL_AES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]269#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]270 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
271 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
272 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
273 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]274 0 },
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]275 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
276 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
277 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
278 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]279 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]280#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]281#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]282#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]283 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
284 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
285 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
286 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]287 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]288#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]289#if defined(POLARSSL_GCM_C)
290 { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
291 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
292 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
293 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]294 0 },
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]295#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]296#endif /* POLARSSL_SHA256_C */
297#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]298#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]299 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
300 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
301 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
302 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]303 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]304#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]305#if defined(POLARSSL_GCM_C)
306 { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
307 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
308 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
309 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]310 0 },
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]311#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]312#endif /* POLARSSL_SHA512_C */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]313#endif /* POLARSSL_AES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]314
315#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]316#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]317#if defined(POLARSSL_SHA256_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]318 { TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
319 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
320 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
321 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]322 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]323#endif /* POLARSSL_SHA256_C */
324#if defined(POLARSSL_SHA512_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]325 { TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
326 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
327 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
328 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]329 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]330#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]331#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]332#endif /* POLARSSL_CAMELLIA_C */
333
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]334#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]335#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]336 { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
337 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
338 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
339 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]340 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]341#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]342#endif /* POLARSSL_DES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]343
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]344#if defined(POLARSSL_ARC4_C)
345 { TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
346 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
347 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
348 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]349 0 },
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]350#endif /* POLARSSL_ARC4_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]351
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]352#if defined(POLARSSL_CIPHER_NULL_CIPHER)
353 { TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
354 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
355 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
356 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]357 POLARSSL_CIPHERSUITE_WEAK },
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]358#endif /* POLARSSL_CIPHER_NULL_CIPHER */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]359#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]360
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]361#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]362#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]363#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]364 { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
365 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA,
366 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
367 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
368 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]369#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]370
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]371#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]372#if defined(POLARSSL_GCM_C)
373 { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
374 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
375 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
376 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
377 0 },
378#endif /* POLARSSL_GCM_C */
379
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]380#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]381 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
382 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
383 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
384 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
385 0 },
386
387 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
388 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
389 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
390 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
391 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]392#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]393#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]394
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]395#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]396 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
397 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
398 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
399 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
400 0 },
401
402 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
403 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
404 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
405 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
406 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]407#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]408#endif /* POLARSSL_AES_C */
409
410#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]411#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]412#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]413 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
414 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
415 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
416 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
417 0 },
418
419 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
420 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
421 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
422 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
423 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]424#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]425
426 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
427 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
428 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
429 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
430 0 },
431
432 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
433 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
434 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
435 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
436 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]437#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]438#endif /* POLARSSL_CAMELLIA_C */
439
440#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]441#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]442 { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
443 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
444 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
445 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
446 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]447#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]448#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]449#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]450
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]451#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]452#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]453#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]454 { TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
455 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
456 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
457 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
458 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]459#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]460
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]461#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]462#if defined(POLARSSL_GCM_C)
463 { TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
464 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
465 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
466 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
467 0 },
468#endif /* POLARSSL_GCM_C */
469
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]470#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]471 { TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
472 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
473 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
474 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
475 0 },
476
477 { TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
478 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
479 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
480 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
481 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]482#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]483#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]484
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]485#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]486 { TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
487 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
488 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
489 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
490 0 },
491
492 { TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
493 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
494 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
495 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
496 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]497#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]498#endif /* POLARSSL_AES_C */
499
500#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]501#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]502#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]503 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
504 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
505 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
506 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
507 0 },
508
509 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
510 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
511 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
512 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
513 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]514#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]515
516 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
517 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
518 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
519 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
520 0 },
521
522 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
523 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
524 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
525 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
526 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]527#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]528#endif /* POLARSSL_CAMELLIA_C */
529
530#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]531#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]532 { TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
533 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
534 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
535 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
536 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]537#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]538#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]539
540#if defined(POLARSSL_ARC4_C)
541 { TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
542 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
543 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
544 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
545 0 },
546
547 { TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
548 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
549 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
550 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
551 0 },
552#endif /* POLARSSL_ARC4_C */
553#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]554
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]555#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
556#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]557#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]558#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]559 { TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
560 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
561 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
562 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
563 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]564#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]565
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]566#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]567 { TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
568 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
569 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
570 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
571 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]572#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]573#endif /* POLARSSL_GCM_C */
574
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]575#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]576#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]577 { TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
578 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
579 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
580 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
581 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]582#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]583
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]584#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]585 { TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
586 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
587 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
588 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
589 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]590#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]591
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]592 { TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
593 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
594 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
595 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
596 0 },
597
598 { TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
599 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
600 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
601 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
602 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]603#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]604#endif /* POLARSSL_AES_C */
605
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]606#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]607#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]608#if defined(POLARSSL_SHA256_C)
609 { TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
610 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
611 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
612 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
613 0 },
614#endif /* POLARSSL_SHA256_C */
615
616#if defined(POLARSSL_SHA512_C)
617 { TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
618 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
619 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
620 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
621 0 },
622#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]623#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]624#endif /* POLARSSL_CAMELLIA_C */
625
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]626#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]627#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]628 { TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
629 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
630 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
631 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
632 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]633#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]634#endif /* POLARSSL_DES_C */
635
636#if defined(POLARSSL_ARC4_C)
637 { TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
638 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
639 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
640 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
641 0 },
642#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]643#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]644
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]645#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]646#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]647#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]648#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]649 { TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
650 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
651 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
652 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
653 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]654#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]655
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]656#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]657 { TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
658 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
659 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
660 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
661 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]662#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]663#endif /* POLARSSL_GCM_C */
664
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]665#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]666#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]667 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
668 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
669 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
670 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
671 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]672#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]673
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]674#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]675 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
676 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
677 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
678 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
679 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]680#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]681
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]682 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
683 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
684 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
685 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
686 0 },
687
688 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
689 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
690 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
691 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
692 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]693#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]694#endif /* POLARSSL_AES_C */
695
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]696#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]697#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]698#if defined(POLARSSL_SHA256_C)
699 { TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
700 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
701 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
702 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
703 0 },
704#endif /* POLARSSL_SHA256_C */
705
706#if defined(POLARSSL_SHA512_C)
707 { TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
708 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
709 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
710 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
711 0 },
712#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]713#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]714#endif /* POLARSSL_CAMELLIA_C */
715
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]716#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]717#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]718 { TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
719 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
720 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
721 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
722 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]723#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]724#endif /* POLARSSL_DES_C */
725
726#if defined(POLARSSL_ARC4_C)
727 { TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
728 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
729 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
730 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
731 0 },
732#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]733#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]734
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]735#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]736#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]737#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]738#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]739 { TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
740 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
741 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
742 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
743 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]744#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]745
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]746#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]747 { TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
748 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
749 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
750 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
751 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]752#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]753#endif /* POLARSSL_GCM_C */
754
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]755#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]756#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]757 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
758 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
759 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
760 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
761 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]762#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]763
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]764#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]765 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
766 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
767 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
768 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
769 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]770#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]771
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]772 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
773 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
774 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
775 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
776 0 },
777
778 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
779 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
780 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
781 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
782 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]783#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]784#endif /* POLARSSL_AES_C */
785
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]786#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]787#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]788#if defined(POLARSSL_SHA256_C)
789 { TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
790 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
791 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
792 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
793 0 },
794#endif /* POLARSSL_SHA256_C */
795
796#if defined(POLARSSL_SHA512_C)
797 { TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
798 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
799 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
800 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
801 0 },
802#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]803#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]804#endif /* POLARSSL_CAMELLIA_C */
805
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]806#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]807#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]808 { TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
809 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
810 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
811 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
812 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]813#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]814#endif /* POLARSSL_DES_C */
815
816#if defined(POLARSSL_ARC4_C)
817 { TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
818 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
819 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
820 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
821 0 },
822#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]823#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]824
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]825#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES)
826#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]827#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]828 { TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
829 POLARSSL_CIPHER_NULL, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
830 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
831 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
832 POLARSSL_CIPHERSUITE_WEAK },
833
834 { TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
835 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
836 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
837 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
838 POLARSSL_CIPHERSUITE_WEAK },
839
840 { TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
841 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
842 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
843 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
844 POLARSSL_CIPHERSUITE_WEAK },
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]845#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]846
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]847#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
848 { TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
849 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
850 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
851 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
852 POLARSSL_CIPHERSUITE_WEAK },
853#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
854
855#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
856 { TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
857 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
858 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
859 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
860 POLARSSL_CIPHERSUITE_WEAK },
861#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
862
863#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
864 { TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
865 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
866 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
867 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
868 POLARSSL_CIPHERSUITE_WEAK },
869#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
870#endif /* POLARSSL_CIPHER_NULL_CIPHER */
871
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]872#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]873#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]874#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]875 { TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
876 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
877 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
878 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
879 POLARSSL_CIPHERSUITE_WEAK },
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]880#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]881
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]882#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]883 { TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
884 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
885 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
886 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
887 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]888#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
889#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]890#endif /* POLARSSL_DES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]891#endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */
892
893 { 0, "", 0, 0, 0, 0, 0, 0, 0, 0 }
894};
895
896const int *ssl_list_ciphersuites( void )
897{
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]898 /*
899 * On initial call filter out all ciphersuites not supported by current
900 * build based on presence in the ciphersuite_definitions.
901 */
902 if( supported_init == 0 )
903 {
904 const int *p = ciphersuite_preference;
905 int *q = supported_ciphersuites;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]906 size_t i;
907 size_t max = sizeof(supported_ciphersuites) / sizeof(int);
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]908
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]909 for( i = 0; i < max - 1 && p[i] != 0; i++ )
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]910 {
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]911 if( ssl_ciphersuite_from_id( p[i] ) != NULL )
912 *(q++) = p[i];
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]913 }
Manuel Pégourié-Gonnardbc4b7f02013-09-07 15:04:26 +0200[diff] [blame]914 *q = 0;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]915
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]916 supported_init = 1;
917 }
918
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]919 return supported_ciphersuites;
920};
921
922const ssl_ciphersuite_t *ssl_ciphersuite_from_string( const char *ciphersuite_name )
923{
924 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
925
926 if( NULL == ciphersuite_name )
927 return( NULL );
928
929 while( cur->id != 0 )
930 {
931 if( 0 == strcasecmp( cur->name, ciphersuite_name ) )
932 return( cur );
933
934 cur++;
935 }
936
937 return( NULL );
938}
939
940const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite )
941{
942 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
943
944 while( cur->id != 0 )
945 {
946 if( cur->id == ciphersuite )
947 return( cur );
948
949 cur++;
950 }
951
952 return( NULL );
953}
954
955const char *ssl_get_ciphersuite_name( const int ciphersuite_id )
956{
957 const ssl_ciphersuite_t *cur;
958
959 cur = ssl_ciphersuite_from_id( ciphersuite_id );
960
961 if( cur == NULL )
962 return( "unknown" );
963
964 return( cur->name );
965}
966
967int ssl_get_ciphersuite_id( const char *ciphersuite_name )
968{
969 const ssl_ciphersuite_t *cur;
970
971 cur = ssl_ciphersuite_from_string( ciphersuite_name );
972
973 if( cur == NULL )
974 return( 0 );
975
976 return( cur->id );
977}
978
Manuel Pégourié-Gonnard1a483832013-09-20 12:29:15 +0200[diff] [blame]979#if defined(POLARSSL_PK_C)
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]980pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info )
981{
982 switch( info->key_exchange )
983 {
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]984 case POLARSSL_KEY_EXCHANGE_RSA:
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]985 case POLARSSL_KEY_EXCHANGE_DHE_RSA:
986 case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]987 case POLARSSL_KEY_EXCHANGE_RSA_PSK:
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]988 return( POLARSSL_PK_RSA );
989
990 case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
991 return( POLARSSL_PK_ECDSA );
992
993 default:
994 return( POLARSSL_PK_NONE );
995 }
996}
Manuel Pégourié-Gonnard1a483832013-09-20 12:29:15 +0200[diff] [blame]997#endif
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]998
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]999int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info )
1000{
1001 switch( info->key_exchange )
1002 {
1003 case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
1004 case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
1005 return( 1 );
1006
1007 default:
1008 return( 0 );
1009 }
1010}
1011
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1012#endif