TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / af37f0f68f314bcb315ecbf8e51996dff48b050d / . / library / ssl_ciphersuites.c
blob: 2e9a0fd79286fb7a9b0a3b3a505a7912f408c56b [file] [log] [blame]
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1/**
2 * \file ssl_ciphersuites.c
3 *
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +0000[diff] [blame]4 * \brief SSL ciphersuites for mbed TLS
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]5 *
Manuel Pégourié-Gonnard6fb81872015-07-27 11:11:48 +0200[diff] [blame]6 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
Manuel Pégourié-Gonnard37ff1402015-09-04 14:21:07 +0200[diff] [blame]7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]20 *
Manuel Pégourié-Gonnardfe446432015-03-06 13:17:10 +0000[diff] [blame]21 * This file is part of mbed TLS (https://tls.mbed.org)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]22 */
23
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]24#if !defined(MBEDTLS_CONFIG_FILE)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]25#include "mbedtls/config.h"
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]26#else
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]27#include MBEDTLS_CONFIG_FILE
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]28#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]29
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]30#if defined(MBEDTLS_SSL_TLS_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]31
SimonBd5800b72016-04-26 07:43:27 +0100[diff] [blame]32#if defined(MBEDTLS_PLATFORM_C)
33#include "mbedtls/platform.h"
34#else
35#include <stdlib.h>
SimonBd5800b72016-04-26 07:43:27 +0100[diff] [blame]36#endif
37
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]38#include "mbedtls/ssl_ciphersuites.h"
39#include "mbedtls/ssl.h"
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]40
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]41#include <string.h>
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]42
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]43/*
44 * Ordered from most preferred to least preferred in terms of security.
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]45 *
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame]46 * Current rule (except rc4, weak and null which come last):
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]47 * 1. By key exchange:
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]48 * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]49 * 2. By key length and cipher:
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame^]50 * AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128 > 3DES
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]51 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]52 * 4. By hash function used when relevant
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]53 * 5. By key exchange/auth again: EC > non-EC
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]54 */
55static const int ciphersuite_preference[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]56{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]57#if defined(MBEDTLS_SSL_CIPHERSUITES)
58 MBEDTLS_SSL_CIPHERSUITES,
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]59#else
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]60 /* All AES-256 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]61 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
62 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
63 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
64 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
65 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
66 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
67 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
68 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
69 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
70 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
71 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
72 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
73 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]74
75 /* All CAMELLIA-256 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]76 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
77 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
78 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
79 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
80 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
81 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
82 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]83
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]84 /* All ARIA-256 ephemeral suites */
85 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
86 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
87 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
88 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
89 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
90 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
91
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]92 /* All AES-128 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]93 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
94 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
95 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
96 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
97 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
98 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
99 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
100 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
101 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
102 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
103 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
104 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
105 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]106
107 /* All CAMELLIA-128 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]108 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
109 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
110 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
111 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
112 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
113 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
114 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]115
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]116 /* All ARIA-128 ephemeral suites */
117 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
118 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
119 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
120 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
121 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
122 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
123
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]124 /* All remaining >= 128-bit ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]125 MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
126 MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
127 MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]128
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]129 /* The PSK ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]130 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
131 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
132 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
133 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
134 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
135 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
136 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
137 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
138 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
139 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame^]140 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
141 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
142 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]143
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]144 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
145 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM,
146 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
147 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
148 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
149 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
150 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
151 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
152 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
153 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame^]154 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
155 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
156 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]157
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]158 MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
159 MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]160
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]161 /* The ECJPAKE suite */
162 MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
163
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]164 /* All AES-256 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]165 MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
166 MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
167 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
168 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
169 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
170 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
171 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
172 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
173 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
174 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
175 MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]176
177 /* All CAMELLIA-256 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]178 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
179 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
180 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
181 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
182 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
183 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
184 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]185
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame^]186 /* All ARIA-256 suites */
187 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
188 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
189 MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
190 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
191 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
192 MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
193
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]194 /* All AES-128 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]195 MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
196 MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
197 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
198 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
199 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
200 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
201 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
202 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
203 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
204 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
205 MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]206
207 /* All CAMELLIA-128 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]208 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
209 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
210 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
211 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
212 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
213 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
214 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]215
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame^]216 /* All ARIA-128 suites */
217 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
218 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
219 MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
220 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
221 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
222 MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
223
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]224 /* All remaining >= 128-bit suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]225 MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
226 MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
227 MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]228
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]229 /* The RSA PSK suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]230 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
231 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
232 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
233 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
234 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]235 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
236 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]237
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]238 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
239 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
240 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
241 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
242 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]243 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
244 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]245
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]246 MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]247
248 /* The PSK suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]249 MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
250 MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
251 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
252 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
253 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
254 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
255 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]256 MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
257 MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]258
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]259 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
260 MBEDTLS_TLS_PSK_WITH_AES_128_CCM,
261 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
262 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
263 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
264 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
265 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]266 MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
267 MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]268
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]269 MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame]270
271 /* RC4 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]272 MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
273 MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA,
274 MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA,
275 MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA,
276 MBEDTLS_TLS_RSA_WITH_RC4_128_SHA,
277 MBEDTLS_TLS_RSA_WITH_RC4_128_MD5,
278 MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA,
279 MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
280 MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA,
281 MBEDTLS_TLS_PSK_WITH_RC4_128_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]282
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]283 /* Weak suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]284 MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA,
285 MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]286
287 /* NULL suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]288 MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
289 MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
290 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
291 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
292 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
293 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
294 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
295 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]296
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]297 MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
298 MBEDTLS_TLS_RSA_WITH_NULL_SHA,
299 MBEDTLS_TLS_RSA_WITH_NULL_MD5,
300 MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
301 MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
302 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
303 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
304 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
305 MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
306 MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
307 MBEDTLS_TLS_PSK_WITH_NULL_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]308
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]309#endif /* MBEDTLS_SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]310 0
311};
312
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]313static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]314{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]315#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
316#if defined(MBEDTLS_AES_C)
317#if defined(MBEDTLS_SHA1_C)
318#if defined(MBEDTLS_CIPHER_MODE_CBC)
319 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
320 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
321 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
322 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]323 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]324 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
325 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
326 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
327 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]328 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]329#endif /* MBEDTLS_CIPHER_MODE_CBC */
330#endif /* MBEDTLS_SHA1_C */
331#if defined(MBEDTLS_SHA256_C)
332#if defined(MBEDTLS_CIPHER_MODE_CBC)
333 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
334 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
335 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
336 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]337 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]338#endif /* MBEDTLS_CIPHER_MODE_CBC */
339#if defined(MBEDTLS_GCM_C)
340 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
341 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
342 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
343 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]344 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]345#endif /* MBEDTLS_GCM_C */
346#endif /* MBEDTLS_SHA256_C */
347#if defined(MBEDTLS_SHA512_C)
348#if defined(MBEDTLS_CIPHER_MODE_CBC)
349 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
350 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
351 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
352 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]353 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]354#endif /* MBEDTLS_CIPHER_MODE_CBC */
355#if defined(MBEDTLS_GCM_C)
356 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
357 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
358 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
359 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]360 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]361#endif /* MBEDTLS_GCM_C */
362#endif /* MBEDTLS_SHA512_C */
363#if defined(MBEDTLS_CCM_C)
364 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
365 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
366 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
367 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]368 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]369 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
370 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
371 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
372 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
373 MBEDTLS_CIPHERSUITE_SHORT_TAG },
374 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
375 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
376 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
377 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]378 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]379 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
380 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
381 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
382 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
383 MBEDTLS_CIPHERSUITE_SHORT_TAG },
384#endif /* MBEDTLS_CCM_C */
385#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]386
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]387#if defined(MBEDTLS_CAMELLIA_C)
388#if defined(MBEDTLS_CIPHER_MODE_CBC)
389#if defined(MBEDTLS_SHA256_C)
390 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
391 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
392 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
393 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]394 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]395#endif /* MBEDTLS_SHA256_C */
396#if defined(MBEDTLS_SHA512_C)
397 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
398 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
399 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
400 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]401 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]402#endif /* MBEDTLS_SHA512_C */
403#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]404
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]405#if defined(MBEDTLS_GCM_C)
406#if defined(MBEDTLS_SHA256_C)
407 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
408 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
409 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
410 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]411 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]412#endif /* MBEDTLS_SHA256_C */
413#if defined(MBEDTLS_SHA512_C)
414 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
415 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
416 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
417 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]418 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]419#endif /* MBEDTLS_SHA512_C */
420#endif /* MBEDTLS_GCM_C */
421#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]422
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]423#if defined(MBEDTLS_DES_C)
424#if defined(MBEDTLS_CIPHER_MODE_CBC)
425#if defined(MBEDTLS_SHA1_C)
426 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
427 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
428 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
429 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]430 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]431#endif /* MBEDTLS_SHA1_C */
432#endif /* MBEDTLS_CIPHER_MODE_CBC */
433#endif /* MBEDTLS_DES_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]434
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]435#if defined(MBEDTLS_ARC4_C)
436#if defined(MBEDTLS_SHA1_C)
437 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
438 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
439 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
440 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
441 MBEDTLS_CIPHERSUITE_NODTLS },
442#endif /* MBEDTLS_SHA1_C */
443#endif /* MBEDTLS_ARC4_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]444
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]445#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
446#if defined(MBEDTLS_SHA1_C)
447 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
448 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
449 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
450 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
451 MBEDTLS_CIPHERSUITE_WEAK },
452#endif /* MBEDTLS_SHA1_C */
453#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
454#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]455
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]456#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
457#if defined(MBEDTLS_AES_C)
458#if defined(MBEDTLS_SHA1_C)
459#if defined(MBEDTLS_CIPHER_MODE_CBC)
460 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
461 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
462 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
463 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]464 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]465 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
466 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
467 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
468 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]469 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]470#endif /* MBEDTLS_CIPHER_MODE_CBC */
471#endif /* MBEDTLS_SHA1_C */
472#if defined(MBEDTLS_SHA256_C)
473#if defined(MBEDTLS_CIPHER_MODE_CBC)
474 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
475 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
476 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
477 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]478 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]479#endif /* MBEDTLS_CIPHER_MODE_CBC */
480#if defined(MBEDTLS_GCM_C)
481 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
482 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
483 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
484 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]485 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]486#endif /* MBEDTLS_GCM_C */
487#endif /* MBEDTLS_SHA256_C */
488#if defined(MBEDTLS_SHA512_C)
489#if defined(MBEDTLS_CIPHER_MODE_CBC)
490 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
491 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
492 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
493 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]494 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]495#endif /* MBEDTLS_CIPHER_MODE_CBC */
496#if defined(MBEDTLS_GCM_C)
497 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
498 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
499 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
500 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]501 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]502#endif /* MBEDTLS_GCM_C */
503#endif /* MBEDTLS_SHA512_C */
504#endif /* MBEDTLS_AES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]505
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]506#if defined(MBEDTLS_CAMELLIA_C)
507#if defined(MBEDTLS_CIPHER_MODE_CBC)
508#if defined(MBEDTLS_SHA256_C)
509 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
510 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
511 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
512 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]513 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]514#endif /* MBEDTLS_SHA256_C */
515#if defined(MBEDTLS_SHA512_C)
516 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
517 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
518 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
519 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]520 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]521#endif /* MBEDTLS_SHA512_C */
522#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]523
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]524#if defined(MBEDTLS_GCM_C)
525#if defined(MBEDTLS_SHA256_C)
526 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
527 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
528 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
529 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]530 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]531#endif /* MBEDTLS_SHA256_C */
532#if defined(MBEDTLS_SHA512_C)
533 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
534 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
535 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
536 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]537 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]538#endif /* MBEDTLS_SHA512_C */
539#endif /* MBEDTLS_GCM_C */
540#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]541
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]542#if defined(MBEDTLS_DES_C)
543#if defined(MBEDTLS_CIPHER_MODE_CBC)
544#if defined(MBEDTLS_SHA1_C)
545 { MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
546 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
547 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
548 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]549 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]550#endif /* MBEDTLS_SHA1_C */
551#endif /* MBEDTLS_CIPHER_MODE_CBC */
552#endif /* MBEDTLS_DES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]553
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]554#if defined(MBEDTLS_ARC4_C)
555#if defined(MBEDTLS_SHA1_C)
556 { MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
557 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
558 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
559 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
560 MBEDTLS_CIPHERSUITE_NODTLS },
561#endif /* MBEDTLS_SHA1_C */
562#endif /* MBEDTLS_ARC4_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]563
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]564#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
565#if defined(MBEDTLS_SHA1_C)
566 { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
567 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
568 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
569 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
570 MBEDTLS_CIPHERSUITE_WEAK },
571#endif /* MBEDTLS_SHA1_C */
572#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
573#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]574
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]575#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
576#if defined(MBEDTLS_AES_C)
577#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
578 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
579 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
580 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
581 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]582 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]583#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]584
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]585#if defined(MBEDTLS_SHA256_C)
586#if defined(MBEDTLS_GCM_C)
587 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
588 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
589 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
590 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]591 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]592#endif /* MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]593
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]594#if defined(MBEDTLS_CIPHER_MODE_CBC)
595 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
596 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
597 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
598 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]599 0 },
600
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]601 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
602 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
603 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
604 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]605 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]606#endif /* MBEDTLS_CIPHER_MODE_CBC */
607#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]608
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]609#if defined(MBEDTLS_CIPHER_MODE_CBC)
610#if defined(MBEDTLS_SHA1_C)
611 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
612 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
613 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
614 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]615 0 },
616
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]617 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
618 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
619 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
620 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]621 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]622#endif /* MBEDTLS_SHA1_C */
623#endif /* MBEDTLS_CIPHER_MODE_CBC */
624#if defined(MBEDTLS_CCM_C)
625 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
626 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
627 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
628 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]629 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]630 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
631 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
632 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
633 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
634 MBEDTLS_CIPHERSUITE_SHORT_TAG },
635 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
636 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
637 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
638 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]639 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]640 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
641 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
642 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
643 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
644 MBEDTLS_CIPHERSUITE_SHORT_TAG },
645#endif /* MBEDTLS_CCM_C */
646#endif /* MBEDTLS_AES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]647
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]648#if defined(MBEDTLS_CAMELLIA_C)
649#if defined(MBEDTLS_CIPHER_MODE_CBC)
650#if defined(MBEDTLS_SHA256_C)
651 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
652 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
653 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
654 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]655 0 },
656
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]657 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
658 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
659 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
660 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]661 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]662#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]663
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]664#if defined(MBEDTLS_SHA1_C)
665 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
666 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
667 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
668 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]669 0 },
670
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]671 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
672 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
673 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
674 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]675 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]676#endif /* MBEDTLS_SHA1_C */
677#endif /* MBEDTLS_CIPHER_MODE_CBC */
678#if defined(MBEDTLS_GCM_C)
679#if defined(MBEDTLS_SHA256_C)
680 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
681 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
682 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
683 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]684 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]685#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]686
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]687#if defined(MBEDTLS_SHA512_C)
688 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
689 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
690 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
691 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]692 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]693#endif /* MBEDTLS_SHA512_C */
694#endif /* MBEDTLS_GCM_C */
695#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]696
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]697#if defined(MBEDTLS_DES_C)
698#if defined(MBEDTLS_CIPHER_MODE_CBC)
699#if defined(MBEDTLS_SHA1_C)
700 { MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
701 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
702 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
703 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]704 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]705#endif /* MBEDTLS_SHA1_C */
706#endif /* MBEDTLS_CIPHER_MODE_CBC */
707#endif /* MBEDTLS_DES_C */
708#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]709
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]710#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
711#if defined(MBEDTLS_AES_C)
712#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
713 { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
714 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
715 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
716 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]717 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]718#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]719
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]720#if defined(MBEDTLS_SHA256_C)
721#if defined(MBEDTLS_GCM_C)
722 { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
723 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
724 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
725 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]726 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]727#endif /* MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]728
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]729#if defined(MBEDTLS_CIPHER_MODE_CBC)
730 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
731 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
732 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
733 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]734 0 },
735
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]736 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
737 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
738 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
739 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]740 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]741#endif /* MBEDTLS_CIPHER_MODE_CBC */
742#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]743
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]744#if defined(MBEDTLS_SHA1_C)
745#if defined(MBEDTLS_CIPHER_MODE_CBC)
746 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
747 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
748 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
749 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]750 0 },
751
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]752 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
753 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
754 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
755 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]756 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]757#endif /* MBEDTLS_CIPHER_MODE_CBC */
758#endif /* MBEDTLS_SHA1_C */
759#if defined(MBEDTLS_CCM_C)
760 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
761 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
762 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
763 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]764 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]765 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
766 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
767 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
768 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
769 MBEDTLS_CIPHERSUITE_SHORT_TAG },
770 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
771 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
772 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
773 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]774 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]775 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
776 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
777 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
778 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
779 MBEDTLS_CIPHERSUITE_SHORT_TAG },
780#endif /* MBEDTLS_CCM_C */
781#endif /* MBEDTLS_AES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]782
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]783#if defined(MBEDTLS_CAMELLIA_C)
784#if defined(MBEDTLS_CIPHER_MODE_CBC)
785#if defined(MBEDTLS_SHA256_C)
786 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
787 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
788 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
789 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]790 0 },
791
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]792 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
793 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
794 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
795 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]796 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]797#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]798
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]799#if defined(MBEDTLS_SHA1_C)
800 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
801 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
802 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
803 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]804 0 },
805
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]806 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
807 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
808 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
809 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]810 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]811#endif /* MBEDTLS_SHA1_C */
812#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]813
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]814#if defined(MBEDTLS_GCM_C)
815#if defined(MBEDTLS_SHA256_C)
816 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
817 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
818 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
819 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]820 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]821#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]822
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]823#if defined(MBEDTLS_SHA1_C)
824 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
825 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
826 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
827 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]828 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]829#endif /* MBEDTLS_SHA1_C */
830#endif /* MBEDTLS_GCM_C */
831#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]832
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]833#if defined(MBEDTLS_DES_C)
834#if defined(MBEDTLS_CIPHER_MODE_CBC)
835#if defined(MBEDTLS_SHA1_C)
836 { MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
837 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
838 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
839 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]840 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]841#endif /* MBEDTLS_SHA1_C */
842#endif /* MBEDTLS_CIPHER_MODE_CBC */
843#endif /* MBEDTLS_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]844
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]845#if defined(MBEDTLS_ARC4_C)
846#if defined(MBEDTLS_MD5_C)
847 { MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
848 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
849 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
850 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
851 MBEDTLS_CIPHERSUITE_NODTLS },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]852#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]853
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]854#if defined(MBEDTLS_SHA1_C)
855 { MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
856 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
857 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
858 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
859 MBEDTLS_CIPHERSUITE_NODTLS },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]860#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]861#endif /* MBEDTLS_ARC4_C */
862#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]863
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]864#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
865#if defined(MBEDTLS_AES_C)
866#if defined(MBEDTLS_SHA1_C)
867#if defined(MBEDTLS_CIPHER_MODE_CBC)
868 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
869 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
870 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
871 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]872 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]873 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
874 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
875 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
876 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]877 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]878#endif /* MBEDTLS_CIPHER_MODE_CBC */
879#endif /* MBEDTLS_SHA1_C */
880#if defined(MBEDTLS_SHA256_C)
881#if defined(MBEDTLS_CIPHER_MODE_CBC)
882 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
883 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
884 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
885 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]886 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]887#endif /* MBEDTLS_CIPHER_MODE_CBC */
888#if defined(MBEDTLS_GCM_C)
889 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
890 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
891 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
892 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]893 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]894#endif /* MBEDTLS_GCM_C */
895#endif /* MBEDTLS_SHA256_C */
896#if defined(MBEDTLS_SHA512_C)
897#if defined(MBEDTLS_CIPHER_MODE_CBC)
898 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
899 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
900 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
901 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]902 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]903#endif /* MBEDTLS_CIPHER_MODE_CBC */
904#if defined(MBEDTLS_GCM_C)
905 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
906 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
907 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
908 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]909 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]910#endif /* MBEDTLS_GCM_C */
911#endif /* MBEDTLS_SHA512_C */
912#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]913
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]914#if defined(MBEDTLS_CAMELLIA_C)
915#if defined(MBEDTLS_CIPHER_MODE_CBC)
916#if defined(MBEDTLS_SHA256_C)
917 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
918 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
919 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
920 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]921 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]922#endif /* MBEDTLS_SHA256_C */
923#if defined(MBEDTLS_SHA512_C)
924 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
925 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
926 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
927 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]928 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]929#endif /* MBEDTLS_SHA512_C */
930#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]931
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]932#if defined(MBEDTLS_GCM_C)
933#if defined(MBEDTLS_SHA256_C)
934 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
935 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
936 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
937 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]938 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]939#endif /* MBEDTLS_SHA256_C */
940#if defined(MBEDTLS_SHA512_C)
941 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
942 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
943 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
944 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]945 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]946#endif /* MBEDTLS_SHA512_C */
947#endif /* MBEDTLS_GCM_C */
948#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]949
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]950#if defined(MBEDTLS_DES_C)
951#if defined(MBEDTLS_CIPHER_MODE_CBC)
952#if defined(MBEDTLS_SHA1_C)
953 { MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
954 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
955 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
956 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]957 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]958#endif /* MBEDTLS_SHA1_C */
959#endif /* MBEDTLS_CIPHER_MODE_CBC */
960#endif /* MBEDTLS_DES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]961
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]962#if defined(MBEDTLS_ARC4_C)
963#if defined(MBEDTLS_SHA1_C)
964 { MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA",
965 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
966 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
967 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
968 MBEDTLS_CIPHERSUITE_NODTLS },
969#endif /* MBEDTLS_SHA1_C */
970#endif /* MBEDTLS_ARC4_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]971
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]972#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
973#if defined(MBEDTLS_SHA1_C)
974 { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
975 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
976 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
977 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
978 MBEDTLS_CIPHERSUITE_WEAK },
979#endif /* MBEDTLS_SHA1_C */
980#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
981#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]982
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]983#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
984#if defined(MBEDTLS_AES_C)
985#if defined(MBEDTLS_SHA1_C)
986#if defined(MBEDTLS_CIPHER_MODE_CBC)
987 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
988 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
989 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
990 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]991 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]992 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
993 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
994 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
995 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]996 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]997#endif /* MBEDTLS_CIPHER_MODE_CBC */
998#endif /* MBEDTLS_SHA1_C */
999#if defined(MBEDTLS_SHA256_C)
1000#if defined(MBEDTLS_CIPHER_MODE_CBC)
1001 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
1002 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1003 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1004 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1005 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1006#endif /* MBEDTLS_CIPHER_MODE_CBC */
1007#if defined(MBEDTLS_GCM_C)
1008 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
1009 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1010 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1011 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1012 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1013#endif /* MBEDTLS_GCM_C */
1014#endif /* MBEDTLS_SHA256_C */
1015#if defined(MBEDTLS_SHA512_C)
1016#if defined(MBEDTLS_CIPHER_MODE_CBC)
1017 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
1018 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1019 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1020 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1021 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1022#endif /* MBEDTLS_CIPHER_MODE_CBC */
1023#if defined(MBEDTLS_GCM_C)
1024 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
1025 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1026 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1027 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1028 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1029#endif /* MBEDTLS_GCM_C */
1030#endif /* MBEDTLS_SHA512_C */
1031#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1032
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1033#if defined(MBEDTLS_CAMELLIA_C)
1034#if defined(MBEDTLS_CIPHER_MODE_CBC)
1035#if defined(MBEDTLS_SHA256_C)
1036 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
1037 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1038 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1039 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1040 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1041#endif /* MBEDTLS_SHA256_C */
1042#if defined(MBEDTLS_SHA512_C)
1043 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
1044 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1045 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1046 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1047 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1048#endif /* MBEDTLS_SHA512_C */
1049#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1050
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1051#if defined(MBEDTLS_GCM_C)
1052#if defined(MBEDTLS_SHA256_C)
1053 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
1054 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1055 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1056 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1057 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1058#endif /* MBEDTLS_SHA256_C */
1059#if defined(MBEDTLS_SHA512_C)
1060 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
1061 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1062 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1063 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1064 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1065#endif /* MBEDTLS_SHA512_C */
1066#endif /* MBEDTLS_GCM_C */
1067#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1068
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1069#if defined(MBEDTLS_DES_C)
1070#if defined(MBEDTLS_CIPHER_MODE_CBC)
1071#if defined(MBEDTLS_SHA1_C)
1072 { MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
1073 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1074 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1075 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1076 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1077#endif /* MBEDTLS_SHA1_C */
1078#endif /* MBEDTLS_CIPHER_MODE_CBC */
1079#endif /* MBEDTLS_DES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1080
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1081#if defined(MBEDTLS_ARC4_C)
1082#if defined(MBEDTLS_SHA1_C)
1083 { MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA",
1084 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1085 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1086 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1087 MBEDTLS_CIPHERSUITE_NODTLS },
1088#endif /* MBEDTLS_SHA1_C */
1089#endif /* MBEDTLS_ARC4_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1090
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1091#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1092#if defined(MBEDTLS_SHA1_C)
1093 { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
1094 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1095 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1096 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1097 MBEDTLS_CIPHERSUITE_WEAK },
1098#endif /* MBEDTLS_SHA1_C */
1099#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1100#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1101
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1102#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1103#if defined(MBEDTLS_AES_C)
1104#if defined(MBEDTLS_GCM_C)
1105#if defined(MBEDTLS_SHA256_C)
1106 { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
1107 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1108 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1109 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1110 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1111#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1112
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1113#if defined(MBEDTLS_SHA512_C)
1114 { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
1115 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1116 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1117 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1118 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1119#endif /* MBEDTLS_SHA512_C */
1120#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1121
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1122#if defined(MBEDTLS_CIPHER_MODE_CBC)
1123#if defined(MBEDTLS_SHA256_C)
1124 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1125 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1126 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1127 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1128 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1129#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1130
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1131#if defined(MBEDTLS_SHA512_C)
1132 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1133 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1134 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1135 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1136 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1137#endif /* MBEDTLS_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1138
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1139#if defined(MBEDTLS_SHA1_C)
1140 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1141 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1142 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1143 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1144 0 },
1145
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1146 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1147 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1148 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1149 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1150 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1151#endif /* MBEDTLS_SHA1_C */
1152#endif /* MBEDTLS_CIPHER_MODE_CBC */
1153#if defined(MBEDTLS_CCM_C)
1154 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
1155 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1156 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1157 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1158 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1159 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
1160 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1161 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1162 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1163 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1164 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
1165 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1166 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1167 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1168 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1169 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
1170 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1171 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1172 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1173 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1174#endif /* MBEDTLS_CCM_C */
1175#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1176
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1177#if defined(MBEDTLS_CAMELLIA_C)
1178#if defined(MBEDTLS_CIPHER_MODE_CBC)
1179#if defined(MBEDTLS_SHA256_C)
1180 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1181 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1182 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1183 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1184 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1185#endif /* MBEDTLS_SHA256_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1186
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1187#if defined(MBEDTLS_SHA512_C)
1188 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1189 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1190 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1191 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1192 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1193#endif /* MBEDTLS_SHA512_C */
1194#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1195
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1196#if defined(MBEDTLS_GCM_C)
1197#if defined(MBEDTLS_SHA256_C)
1198 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1199 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1200 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1201 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1202 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1203#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1204
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1205#if defined(MBEDTLS_SHA512_C)
1206 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1207 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1208 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1209 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1210 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1211#endif /* MBEDTLS_SHA512_C */
1212#endif /* MBEDTLS_GCM_C */
1213#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1214
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1215#if defined(MBEDTLS_DES_C)
1216#if defined(MBEDTLS_CIPHER_MODE_CBC)
1217#if defined(MBEDTLS_SHA1_C)
1218 { MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
1219 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1220 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1221 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1222 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1223#endif /* MBEDTLS_SHA1_C */
1224#endif /* MBEDTLS_CIPHER_MODE_CBC */
1225#endif /* MBEDTLS_DES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1226
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1227#if defined(MBEDTLS_ARC4_C)
1228#if defined(MBEDTLS_SHA1_C)
1229 { MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
1230 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1231 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1232 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1233 MBEDTLS_CIPHERSUITE_NODTLS },
1234#endif /* MBEDTLS_SHA1_C */
1235#endif /* MBEDTLS_ARC4_C */
1236#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1237
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1238#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1239#if defined(MBEDTLS_AES_C)
1240#if defined(MBEDTLS_GCM_C)
1241#if defined(MBEDTLS_SHA256_C)
1242 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1243 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1244 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1245 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1246 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1247#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1248
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1249#if defined(MBEDTLS_SHA512_C)
1250 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1251 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1252 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1253 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1254 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1255#endif /* MBEDTLS_SHA512_C */
1256#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1257
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1258#if defined(MBEDTLS_CIPHER_MODE_CBC)
1259#if defined(MBEDTLS_SHA256_C)
1260 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1261 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1262 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1263 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1264 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1265#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1266
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1267#if defined(MBEDTLS_SHA512_C)
1268 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1269 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1270 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1271 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1272 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1273#endif /* MBEDTLS_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1274
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1275#if defined(MBEDTLS_SHA1_C)
1276 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1277 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1278 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1279 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1280 0 },
1281
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1282 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1283 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1284 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1285 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1286 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1287#endif /* MBEDTLS_SHA1_C */
1288#endif /* MBEDTLS_CIPHER_MODE_CBC */
1289#if defined(MBEDTLS_CCM_C)
1290 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
1291 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1292 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1293 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1294 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1295 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1296 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1297 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1298 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1299 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1300 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
1301 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1302 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1303 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1304 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1305 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1306 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1307 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1308 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1309 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1310#endif /* MBEDTLS_CCM_C */
1311#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1312
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1313#if defined(MBEDTLS_CAMELLIA_C)
1314#if defined(MBEDTLS_CIPHER_MODE_CBC)
1315#if defined(MBEDTLS_SHA256_C)
1316 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1317 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1318 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1319 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1320 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1321#endif /* MBEDTLS_SHA256_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1322
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1323#if defined(MBEDTLS_SHA512_C)
1324 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1325 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1326 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1327 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1328 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1329#endif /* MBEDTLS_SHA512_C */
1330#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1331
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1332#if defined(MBEDTLS_GCM_C)
1333#if defined(MBEDTLS_SHA256_C)
1334 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1335 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1336 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1337 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1338 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1339#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1340
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1341#if defined(MBEDTLS_SHA512_C)
1342 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1343 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1344 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1345 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1346 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1347#endif /* MBEDTLS_SHA512_C */
1348#endif /* MBEDTLS_GCM_C */
1349#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1350
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1351#if defined(MBEDTLS_DES_C)
1352#if defined(MBEDTLS_CIPHER_MODE_CBC)
1353#if defined(MBEDTLS_SHA1_C)
1354 { MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
1355 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1356 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1357 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1358 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1359#endif /* MBEDTLS_SHA1_C */
1360#endif /* MBEDTLS_CIPHER_MODE_CBC */
1361#endif /* MBEDTLS_DES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1362
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1363#if defined(MBEDTLS_ARC4_C)
1364#if defined(MBEDTLS_SHA1_C)
1365 { MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
1366 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1367 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1368 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1369 MBEDTLS_CIPHERSUITE_NODTLS },
1370#endif /* MBEDTLS_SHA1_C */
1371#endif /* MBEDTLS_ARC4_C */
1372#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1373
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1374#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1375#if defined(MBEDTLS_AES_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1376
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1377#if defined(MBEDTLS_CIPHER_MODE_CBC)
1378#if defined(MBEDTLS_SHA256_C)
1379 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1380 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1381 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1382 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1383 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1384#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1385
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1386#if defined(MBEDTLS_SHA512_C)
1387 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1388 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1389 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1390 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1391 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1392#endif /* MBEDTLS_SHA512_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1393
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1394#if defined(MBEDTLS_SHA1_C)
1395 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1396 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1397 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1398 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1399 0 },
1400
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1401 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1402 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1403 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1404 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1405 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1406#endif /* MBEDTLS_SHA1_C */
1407#endif /* MBEDTLS_CIPHER_MODE_CBC */
1408#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1409
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1410#if defined(MBEDTLS_CAMELLIA_C)
1411#if defined(MBEDTLS_CIPHER_MODE_CBC)
1412#if defined(MBEDTLS_SHA256_C)
1413 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1414 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1415 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1416 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1417 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1418#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1419
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1420#if defined(MBEDTLS_SHA512_C)
1421 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1422 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1423 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1424 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1425 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1426#endif /* MBEDTLS_SHA512_C */
1427#endif /* MBEDTLS_CIPHER_MODE_CBC */
1428#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1429
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1430#if defined(MBEDTLS_DES_C)
1431#if defined(MBEDTLS_CIPHER_MODE_CBC)
1432#if defined(MBEDTLS_SHA1_C)
1433 { MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
1434 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1435 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1436 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1437 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1438#endif /* MBEDTLS_SHA1_C */
1439#endif /* MBEDTLS_CIPHER_MODE_CBC */
1440#endif /* MBEDTLS_DES_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1441
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1442#if defined(MBEDTLS_ARC4_C)
1443#if defined(MBEDTLS_SHA1_C)
1444 { MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
1445 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1446 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1447 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1448 MBEDTLS_CIPHERSUITE_NODTLS },
1449#endif /* MBEDTLS_SHA1_C */
1450#endif /* MBEDTLS_ARC4_C */
1451#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1452
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1453#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1454#if defined(MBEDTLS_AES_C)
1455#if defined(MBEDTLS_GCM_C)
1456#if defined(MBEDTLS_SHA256_C)
1457 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1458 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1459 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1460 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1461 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1462#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1463
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1464#if defined(MBEDTLS_SHA512_C)
1465 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1466 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1467 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1468 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1469 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1470#endif /* MBEDTLS_SHA512_C */
1471#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1472
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1473#if defined(MBEDTLS_CIPHER_MODE_CBC)
1474#if defined(MBEDTLS_SHA256_C)
1475 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1476 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1477 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1478 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1479 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1480#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1481
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1482#if defined(MBEDTLS_SHA512_C)
1483 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1484 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1485 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1486 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1487 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1488#endif /* MBEDTLS_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1489
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1490#if defined(MBEDTLS_SHA1_C)
1491 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1492 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1493 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1494 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1495 0 },
1496
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1497 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1498 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1499 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1500 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1501 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1502#endif /* MBEDTLS_SHA1_C */
1503#endif /* MBEDTLS_CIPHER_MODE_CBC */
1504#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1505
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1506#if defined(MBEDTLS_CAMELLIA_C)
1507#if defined(MBEDTLS_CIPHER_MODE_CBC)
1508#if defined(MBEDTLS_SHA256_C)
1509 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1510 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1511 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1512 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1513 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1514#endif /* MBEDTLS_SHA256_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1515
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1516#if defined(MBEDTLS_SHA512_C)
1517 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1518 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1519 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1520 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1521 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1522#endif /* MBEDTLS_SHA512_C */
1523#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1524
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1525#if defined(MBEDTLS_GCM_C)
1526#if defined(MBEDTLS_SHA256_C)
1527 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1528 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1529 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1530 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1531 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1532#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1533
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1534#if defined(MBEDTLS_SHA512_C)
1535 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1536 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1537 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1538 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1539 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1540#endif /* MBEDTLS_SHA512_C */
1541#endif /* MBEDTLS_GCM_C */
1542#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1543
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1544#if defined(MBEDTLS_DES_C)
1545#if defined(MBEDTLS_CIPHER_MODE_CBC)
1546#if defined(MBEDTLS_SHA1_C)
1547 { MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
1548 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1549 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1550 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1551 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1552#endif /* MBEDTLS_SHA1_C */
1553#endif /* MBEDTLS_CIPHER_MODE_CBC */
1554#endif /* MBEDTLS_DES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1555
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1556#if defined(MBEDTLS_ARC4_C)
1557#if defined(MBEDTLS_SHA1_C)
1558 { MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
1559 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1560 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1561 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1562 MBEDTLS_CIPHERSUITE_NODTLS },
1563#endif /* MBEDTLS_SHA1_C */
1564#endif /* MBEDTLS_ARC4_C */
1565#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1566
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]1567#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1568#if defined(MBEDTLS_AES_C)
1569#if defined(MBEDTLS_CCM_C)
1570 { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8",
1571 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE,
1572 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1573 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1574 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1575#endif /* MBEDTLS_CCM_C */
1576#endif /* MBEDTLS_AES_C */
1577#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1578
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1579#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES)
1580#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1581#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1582#if defined(MBEDTLS_MD5_C)
1583 { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1584 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
1585 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1586 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1587 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1588#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1589
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1590#if defined(MBEDTLS_SHA1_C)
1591 { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1592 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
1593 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1594 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1595 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1596#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1597
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1598#if defined(MBEDTLS_SHA256_C)
1599 { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1600 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1601 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1602 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1603 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1604#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1605#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1606
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1607#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1608#if defined(MBEDTLS_SHA1_C)
1609 { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1610 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1611 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1612 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1613 MBEDTLS_CIPHERSUITE_WEAK },
1614#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1615
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1616#if defined(MBEDTLS_SHA256_C)
1617 { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1618 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1619 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1620 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1621 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1622#endif
1623
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1624#if defined(MBEDTLS_SHA512_C)
1625 { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1626 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1627 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1628 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1629 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1630#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1631#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1632
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1633#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1634#if defined(MBEDTLS_SHA1_C)
1635 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1636 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1637 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1638 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1639 MBEDTLS_CIPHERSUITE_WEAK },
1640#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1641
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1642#if defined(MBEDTLS_SHA256_C)
1643 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1644 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1645 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1646 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1647 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1648#endif
1649
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1650#if defined(MBEDTLS_SHA512_C)
1651 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1652 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1653 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1654 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1655 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1656#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1657#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1658
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1659#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1660#if defined(MBEDTLS_SHA1_C)
1661 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1662 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1663 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1664 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1665 MBEDTLS_CIPHERSUITE_WEAK },
1666#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1667
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1668#if defined(MBEDTLS_SHA256_C)
1669 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1670 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1671 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1672 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1673 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1674#endif
1675
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1676#if defined(MBEDTLS_SHA512_C)
1677 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1678 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1679 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1680 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1681 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1682#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1683#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1684
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1685#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1686#if defined(MBEDTLS_SHA1_C)
1687 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1688 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1689 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1690 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1691 MBEDTLS_CIPHERSUITE_WEAK },
1692#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1693
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1694#if defined(MBEDTLS_SHA256_C)
1695 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
1696 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1697 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1698 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1699 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1700#endif
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1701
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1702#if defined(MBEDTLS_SHA512_C)
1703 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
1704 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1705 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1706 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1707 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1708#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1709#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1710#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1711
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1712#if defined(MBEDTLS_DES_C)
1713#if defined(MBEDTLS_CIPHER_MODE_CBC)
1714#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
1715#if defined(MBEDTLS_SHA1_C)
1716 { MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
1717 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1718 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1719 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1720 MBEDTLS_CIPHERSUITE_WEAK },
1721#endif /* MBEDTLS_SHA1_C */
1722#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1723
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1724#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1725#if defined(MBEDTLS_SHA1_C)
1726 { MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
1727 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
1728 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1729 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1730 MBEDTLS_CIPHERSUITE_WEAK },
1731#endif /* MBEDTLS_SHA1_C */
1732#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1733#endif /* MBEDTLS_CIPHER_MODE_CBC */
1734#endif /* MBEDTLS_DES_C */
1735#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1736
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1737#if defined(MBEDTLS_ARIA_C)
1738
1739#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1740
1741#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1742 { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
1743 "TLS-RSA-WITH-ARIA-256-GCM-SHA384",
1744 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1745 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1746 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1747 0 },
1748#endif
1749#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1750 { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
1751 "TLS-RSA-WITH-ARIA-256-CBC-SHA384",
1752 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1753 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1754 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1755 0 },
1756#endif
1757#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1758 { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
1759 "TLS-RSA-WITH-ARIA-128-GCM-SHA256",
1760 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1761 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1762 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1763 0 },
1764#endif
1765#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1766 { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
1767 "TLS-RSA-WITH-ARIA-128-CBC-SHA256",
1768 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1769 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1770 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1771 0 },
1772#endif
1773
1774#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1775
1776#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1777
1778#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1779 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
1780 "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
1781 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1782 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1783 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1784 0 },
1785#endif
1786#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1787 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
1788 "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
1789 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1790 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1791 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1792 0 },
1793#endif
1794#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1795 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
1796 "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256",
1797 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1798 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1799 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1800 0 },
1801#endif
1802#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1803 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
1804 "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
1805 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1806 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1807 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1808 0 },
1809#endif
1810
1811#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1812
1813#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1814
1815#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1816 { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
1817 "TLS-PSK-WITH-ARIA-256-GCM-SHA384",
1818 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK,
1819 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1820 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1821 0 },
1822#endif
1823#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1824 { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
1825 "TLS-PSK-WITH-ARIA-256-CBC-SHA384",
1826 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1827 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1828 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1829 0 },
1830#endif
1831#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1832 { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
1833 "TLS-PSK-WITH-ARIA-128-GCM-SHA256",
1834 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1835 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1836 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1837 0 },
1838#endif
1839#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1840 { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
1841 "TLS-PSK-WITH-ARIA-128-CBC-SHA256",
1842 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1843 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1844 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1845 0 },
1846#endif
1847
1848#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1849
1850#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
1851
1852#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1853 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
1854 "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384",
1855 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1856 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1857 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1858 0 },
1859#endif
1860#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1861 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
1862 "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
1863 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1864 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1865 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1866 0 },
1867#endif
1868#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1869 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
1870 "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256",
1871 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1872 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1873 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1874 0 },
1875#endif
1876#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1877 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
1878 "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256",
1879 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1880 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1881 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1882 0 },
1883#endif
1884
1885#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
1886
1887#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
1888
1889#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1890 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
1891 "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
1892 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1893 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1894 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1895 0 },
1896#endif
1897#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1898 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
1899 "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
1900 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1901 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1902 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1903 0 },
1904#endif
1905#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1906 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
1907 "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
1908 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1909 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1910 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1911 0 },
1912#endif
1913#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1914 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
1915 "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256",
1916 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1917 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1918 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1919 0 },
1920#endif
1921
1922#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
1923
1924#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1925
1926#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1927 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
1928 "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
1929 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1930 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1931 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1932 0 },
1933#endif
1934#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1935 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
1936 "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256",
1937 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1938 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1939 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1940 0 },
1941#endif
1942
1943#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1944
1945#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
1946
1947#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1948 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
1949 "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
1950 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1951 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1952 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1953 0 },
1954#endif
1955#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1956 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
1957 "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
1958 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1959 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1960 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1961 0 },
1962#endif
1963#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1964 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
1965 "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
1966 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1967 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1968 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1969 0 },
1970#endif
1971#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1972 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
1973 "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256",
1974 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1975 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1976 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1977 0 },
1978#endif
1979
1980#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
1981
1982#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
1983
1984#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1985 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
1986 "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384",
1987 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1988 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1989 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1990 0 },
1991#endif
1992#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1993 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
1994 "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
1995 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1996 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1997 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1998 0 },
1999#endif
2000#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2001 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
2002 "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256",
2003 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
2004 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2005 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2006 0 },
2007#endif
2008#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2009 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
2010 "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256",
2011 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
2012 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2013 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2014 0 },
2015#endif
2016
2017#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
2018
2019#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
2020
2021#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
2022 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
2023 "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
2024 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2025 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2026 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2027 0 },
2028#endif
2029#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2030 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
2031 "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
2032 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2033 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2034 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2035 0 },
2036#endif
2037#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2038 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2039 "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
2040 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2041 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2042 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2043 0 },
2044#endif
2045#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2046 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
2047 "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256",
2048 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2049 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2050 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2051 0 },
2052#endif
2053
2054#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
2055
2056#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
2057
2058#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
2059 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
2060 "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
2061 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2062 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2063 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2064 0 },
2065#endif
2066#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2067 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
2068 "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
2069 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2070 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2071 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2072 0 },
2073#endif
2074#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2075 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
2076 "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
2077 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2078 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2079 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2080 0 },
2081#endif
2082#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2083 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
2084 "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256",
2085 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2086 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2087 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2088 0 },
2089#endif
2090
2091#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
2092
2093#endif /* MBEDTLS_ARIA_C */
2094
2095
Manuel Pégourié-Gonnarda2733712015-02-10 17:32:14 +0100[diff] [blame]2096 { 0, "",
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2097 MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
Manuel Pégourié-Gonnarda2733712015-02-10 17:32:14 +0100[diff] [blame]2098 0, 0, 0, 0, 0 }
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2099};
2100
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2101#if defined(MBEDTLS_SSL_CIPHERSUITES)
2102const int *mbedtls_ssl_list_ciphersuites( void )
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]2103{
2104 return( ciphersuite_preference );
2105}
2106#else
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]2107#define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
2108 sizeof( ciphersuite_definitions[0] )
2109static int supported_ciphersuites[MAX_CIPHERSUITES];
2110static int supported_init = 0;
2111
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2112const int *mbedtls_ssl_list_ciphersuites( void )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2113{
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]2114 /*
2115 * On initial call filter out all ciphersuites not supported by current
2116 * build based on presence in the ciphersuite_definitions.
2117 */
2118 if( supported_init == 0 )
2119 {
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]2120 const int *p;
2121 int *q;
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]2122
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]2123 for( p = ciphersuite_preference, q = supported_ciphersuites;
2124 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
2125 p++ )
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]2126 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2127#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
2128 const mbedtls_ssl_ciphersuite_t *cs_info;
2129 if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
2130 cs_info->cipher != MBEDTLS_CIPHER_ARC4_128 )
Manuel Pégourié-Gonnard01edb102014-06-24 22:42:34 +0200[diff] [blame]2131#else
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2132 if( mbedtls_ssl_ciphersuite_from_id( *p ) != NULL )
Manuel Pégourié-Gonnard01edb102014-06-24 22:42:34 +0200[diff] [blame]2133#endif
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]2134 *(q++) = *p;
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]2135 }
Manuel Pégourié-Gonnardbc4b7f02013-09-07 15:04:26 +0200[diff] [blame]2136 *q = 0;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]2137
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]2138 supported_init = 1;
2139 }
2140
Paul Bakkerd8bb8262014-06-17 14:06:49 +0200[diff] [blame]2141 return( supported_ciphersuites );
Manuel Pégourié-Gonnardf78e4de2015-05-29 10:52:14 +0200[diff] [blame]2142}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2143#endif /* MBEDTLS_SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2144
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2145const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +0200[diff] [blame]2146 const char *ciphersuite_name )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2147{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2148 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2149
2150 if( NULL == ciphersuite_name )
2151 return( NULL );
2152
2153 while( cur->id != 0 )
2154 {
Manuel Pégourié-Gonnardcb46fd82015-05-28 17:06:07 +0200[diff] [blame]2155 if( 0 == strcmp( cur->name, ciphersuite_name ) )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2156 return( cur );
2157
2158 cur++;
2159 }
2160
2161 return( NULL );
2162}
2163
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2164const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2165{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2166 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2167
2168 while( cur->id != 0 )
2169 {
2170 if( cur->id == ciphersuite )
2171 return( cur );
2172
2173 cur++;
2174 }
2175
2176 return( NULL );
2177}
2178
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2179const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2180{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2181 const mbedtls_ssl_ciphersuite_t *cur;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2182
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2183 cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2184
2185 if( cur == NULL )
2186 return( "unknown" );
2187
2188 return( cur->name );
2189}
2190
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2191int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2192{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2193 const mbedtls_ssl_ciphersuite_t *cur;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2194
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2195 cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name );
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2196
2197 if( cur == NULL )
2198 return( 0 );
2199
2200 return( cur->id );
2201}
2202
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2203#if defined(MBEDTLS_PK_C)
2204mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info )
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]2205{
2206 switch( info->key_exchange )
2207 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2208 case MBEDTLS_KEY_EXCHANGE_RSA:
2209 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
2210 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2211 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2212 return( MBEDTLS_PK_RSA );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]2213
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2214 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2215 return( MBEDTLS_PK_ECDSA );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]2216
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2217 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2218 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
2219 return( MBEDTLS_PK_ECKEY );
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]2220
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]2221 default:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2222 return( MBEDTLS_PK_NONE );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]2223 }
2224}
Hanno Becker7e5437a2017-04-28 17:15:26 +0100[diff] [blame]2225
2226mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info )
2227{
2228 switch( info->key_exchange )
2229 {
2230 case MBEDTLS_KEY_EXCHANGE_RSA:
2231 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
2232 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2233 return( MBEDTLS_PK_RSA );
2234
2235 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2236 return( MBEDTLS_PK_ECDSA );
2237
2238 default:
2239 return( MBEDTLS_PK_NONE );
2240 }
2241}
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2242
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2243#endif /* MBEDTLS_PK_C */
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]2244
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2245#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
2246int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
2247{
2248 switch( info->key_exchange )
2249 {
2250 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2251 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2252 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2253 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2254 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
2255 return( 1 );
2256
2257 default:
2258 return( 0 );
2259 }
2260}
2261#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */
2262
2263#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
2264int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info )
2265{
2266 switch( info->key_exchange )
2267 {
2268 case MBEDTLS_KEY_EXCHANGE_PSK:
2269 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2270 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
2271 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2272 return( 1 );
2273
2274 default:
2275 return( 0 );
2276 }
2277}
2278#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
2279
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2280#endif /* MBEDTLS_SSL_TLS_C */