TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / b4fe3cb1fa91c69907a1685cc21ea21007633798 / . / library / ssl_ciphersuites.c
blob: 912af072eb35f763ed42e159aff4e503d4e440d6 [file] [log] [blame]
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1/**
2 * \file ssl_ciphersuites.c
3 *
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +0000[diff] [blame^]4 * \brief SSL ciphersuites for mbed TLS
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]5 *
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]6 * Copyright (C) 2006-2014, Brainspark B.V.
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]7 *
Manuel Pégourié-Gonnard967a2a52015-01-22 14:28:16 +0000[diff] [blame]8 * This file is part of mbed TLS (http://www.polarssl.org)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]9 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
10 *
11 * All rights reserved.
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License along
24 * with this program; if not, write to the Free Software Foundation, Inc.,
25 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 */
27
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]28#if !defined(POLARSSL_CONFIG_FILE)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]29#include "polarssl/config.h"
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]30#else
31#include POLARSSL_CONFIG_FILE
32#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]33
34#if defined(POLARSSL_SSL_TLS_C)
35
36#include "polarssl/ssl_ciphersuites.h"
37#include "polarssl/ssl.h"
38
39#include <stdlib.h>
40
Paul Bakker6edcd412013-10-29 15:22:54 +0100[diff] [blame]41#if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \
42 !defined(EFI32)
Manuel Pégourié-Gonnard9654fb12013-10-03 11:53:05 +0200[diff] [blame]43#define strcasecmp _stricmp
44#endif
45
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]46/*
47 * Ordered from most preferred to least preferred in terms of security.
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]48 *
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame]49 * Current rule (except rc4, weak and null which come last):
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]50 * 1. By key exchange:
51 * Forward-secure non-PSK > forward-secure PSK > other non-PSK > other PSK
52 * 2. By key length and cipher:
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame]53 * AES-256 > Camellia-256 > AES-128 > Camellia-128 > 3DES
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]54 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]55 * 4. By hash function used when relevant
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]56 * 5. By key exchange/auth again: EC > non-EC
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]57 */
58static const int ciphersuite_preference[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]59{
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]60#if defined(SSL_CIPHERSUITES)
61 SSL_CIPHERSUITES,
62#else
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]63 /* All AES-256 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]64 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]65 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]66 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]67 TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
68 TLS_DHE_RSA_WITH_AES_256_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]69 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
70 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
71 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]72 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]73 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]74 TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]75 TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
76 TLS_DHE_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]77
78 /* All CAMELLIA-256 ephemeral suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]79 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
80 TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
81 TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]82 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]83 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]84 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]85 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]86
87 /* All AES-128 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]88 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]89 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]90 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]91 TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
92 TLS_DHE_RSA_WITH_AES_128_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]93 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
94 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
95 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]96 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]97 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
98 TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]99 TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
100 TLS_DHE_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]101
102 /* All CAMELLIA-128 ephemeral suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]103 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
104 TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
105 TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]106 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]107 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]108 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]109 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]110
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]111 /* All remaining >= 128-bit ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]112 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]113 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]114 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]115
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]116 /* The PSK ephemeral suites */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]117 TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]118 TLS_DHE_PSK_WITH_AES_256_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]119 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
120 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
121 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
122 TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]123 TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]124 TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]125 TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]126 TLS_DHE_PSK_WITH_AES_256_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]127
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]128 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]129 TLS_DHE_PSK_WITH_AES_128_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]130 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
131 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
132 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
133 TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]134 TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]135 TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]136 TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]137 TLS_DHE_PSK_WITH_AES_128_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]138
139 TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]140 TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]141
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]142 /* All AES-256 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]143 TLS_RSA_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]144 TLS_RSA_WITH_AES_256_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]145 TLS_RSA_WITH_AES_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]146 TLS_RSA_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]147 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
148 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
149 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
150 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
151 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
152 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]153 TLS_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]154
155 /* All CAMELLIA-256 suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]156 TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]157 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]158 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]159 TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
160 TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
161 TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
162 TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]163
164 /* All AES-128 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]165 TLS_RSA_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]166 TLS_RSA_WITH_AES_128_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]167 TLS_RSA_WITH_AES_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]168 TLS_RSA_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]169 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
170 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
171 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
172 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
173 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
174 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]175 TLS_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]176
177 /* All CAMELLIA-128 suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]178 TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]179 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]180 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]181 TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
182 TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
183 TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
184 TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]185
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]186 /* All remaining >= 128-bit suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]187 TLS_RSA_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]188 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]189 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]190
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]191 /* The RSA PSK suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]192 TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]193 TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]194 TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]195 TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]196 TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]197
198 TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]199 TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]200 TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]201 TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]202 TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]203
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]204 TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]205
206 /* The PSK suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]207 TLS_PSK_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]208 TLS_PSK_WITH_AES_256_CCM,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]209 TLS_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]210 TLS_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]211 TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]212 TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]213 TLS_PSK_WITH_AES_256_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]214
215 TLS_PSK_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]216 TLS_PSK_WITH_AES_128_CCM,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]217 TLS_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]218 TLS_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]219 TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]220 TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]221 TLS_PSK_WITH_AES_128_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]222
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]223 TLS_PSK_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame]224
225 /* RC4 suites */
226 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
227 TLS_ECDHE_RSA_WITH_RC4_128_SHA,
228 TLS_ECDHE_PSK_WITH_RC4_128_SHA,
229 TLS_DHE_PSK_WITH_RC4_128_SHA,
230 TLS_RSA_WITH_RC4_128_SHA,
231 TLS_RSA_WITH_RC4_128_MD5,
232 TLS_ECDH_RSA_WITH_RC4_128_SHA,
233 TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
234 TLS_RSA_PSK_WITH_RC4_128_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]235 TLS_PSK_WITH_RC4_128_SHA,
236
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]237 /* Weak suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]238 TLS_DHE_RSA_WITH_DES_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]239 TLS_RSA_WITH_DES_CBC_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]240
241 /* NULL suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]242 TLS_ECDHE_ECDSA_WITH_NULL_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]243 TLS_ECDHE_RSA_WITH_NULL_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]244 TLS_ECDHE_PSK_WITH_NULL_SHA384,
245 TLS_ECDHE_PSK_WITH_NULL_SHA256,
246 TLS_ECDHE_PSK_WITH_NULL_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]247 TLS_DHE_PSK_WITH_NULL_SHA384,
248 TLS_DHE_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]249 TLS_DHE_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]250
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]251 TLS_RSA_WITH_NULL_SHA256,
252 TLS_RSA_WITH_NULL_SHA,
253 TLS_RSA_WITH_NULL_MD5,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]254 TLS_ECDH_RSA_WITH_NULL_SHA,
255 TLS_ECDH_ECDSA_WITH_NULL_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]256 TLS_RSA_PSK_WITH_NULL_SHA384,
257 TLS_RSA_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]258 TLS_RSA_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]259 TLS_PSK_WITH_NULL_SHA384,
260 TLS_PSK_WITH_NULL_SHA256,
261 TLS_PSK_WITH_NULL_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]262
Paul Bakker82788fb2014-10-20 13:59:19 +0200[diff] [blame]263#endif /* SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]264 0
265};
266
267static const ssl_ciphersuite_t ciphersuite_definitions[] =
268{
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]269#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
270#if defined(POLARSSL_AES_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]271#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]272#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]273 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
274 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
275 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
276 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]277 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]278 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
279 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
280 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
281 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]282 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]283#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]284#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]285#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]286#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]287 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
288 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
289 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
290 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]291 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]292#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]293#if defined(POLARSSL_GCM_C)
294 { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
295 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
296 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
297 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]298 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]299#endif /* POLARSSL_GCM_C */
300#endif /* POLARSSL_SHA256_C */
301#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]302#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]303 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
304 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
305 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
306 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]307 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]308#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]309#if defined(POLARSSL_GCM_C)
310 { TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
311 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
312 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
313 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]314 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]315#endif /* POLARSSL_GCM_C */
316#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]317#if defined(POLARSSL_CCM_C)
318 { TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
319 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
320 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
321 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
322 0 },
323 { TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
324 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
325 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
326 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
327 POLARSSL_CIPHERSUITE_SHORT_TAG },
328 { TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
329 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
330 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
331 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
332 0 },
333 { TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
334 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
335 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
336 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
337 POLARSSL_CIPHERSUITE_SHORT_TAG },
338#endif /* POLARSSL_CCM_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]339#endif /* POLARSSL_AES_C */
340
341#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]342#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]343#if defined(POLARSSL_SHA256_C)
344 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
345 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]346 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]347 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]348 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]349#endif /* POLARSSL_SHA256_C */
350#if defined(POLARSSL_SHA512_C)
351 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
352 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]353 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]354 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]355 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]356#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]357#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]358
359#if defined(POLARSSL_GCM_C)
360#if defined(POLARSSL_SHA256_C)
361 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
362 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
363 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
364 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
365 0 },
366#endif /* POLARSSL_SHA256_C */
367#if defined(POLARSSL_SHA512_C)
368 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
369 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
370 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
371 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
372 0 },
373#endif /* POLARSSL_SHA512_C */
374#endif /* POLARSSL_GCM_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]375#endif /* POLARSSL_CAMELLIA_C */
376
377#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]378#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]379#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]380 { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
381 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
382 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
383 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]384 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]385#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]386#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]387#endif /* POLARSSL_DES_C */
388
389#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]390#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]391 { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
392 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
393 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
394 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]395 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]396#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]397#endif /* POLARSSL_ARC4_C */
398
399#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]400#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]401 { TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
402 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
403 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
404 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]405 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]406#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]407#endif /* POLARSSL_CIPHER_NULL_CIPHER */
408#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
409
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]410#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]411#if defined(POLARSSL_AES_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]412#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]413#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]414 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
415 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
416 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
417 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]418 0 },
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]419 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
420 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
421 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
422 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]423 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]424#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]425#endif /* POLARSSL_SHA1_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]426#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]427#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]428 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
429 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
430 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
431 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]432 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]433#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]434#if defined(POLARSSL_GCM_C)
435 { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
436 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
437 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
438 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]439 0 },
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]440#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]441#endif /* POLARSSL_SHA256_C */
442#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]443#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]444 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
445 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
446 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
447 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]448 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]449#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]450#if defined(POLARSSL_GCM_C)
451 { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
452 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
453 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
454 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]455 0 },
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]456#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]457#endif /* POLARSSL_SHA512_C */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]458#endif /* POLARSSL_AES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]459
460#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]461#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]462#if defined(POLARSSL_SHA256_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]463 { TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
464 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]465 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]466 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]467 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]468#endif /* POLARSSL_SHA256_C */
469#if defined(POLARSSL_SHA512_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]470 { TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
471 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]472 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]473 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]474 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]475#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]476#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]477
478#if defined(POLARSSL_GCM_C)
479#if defined(POLARSSL_SHA256_C)
480 { TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
481 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
482 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
483 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
484 0 },
485#endif /* POLARSSL_SHA256_C */
486#if defined(POLARSSL_SHA512_C)
487 { TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
488 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
489 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
490 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
491 0 },
492#endif /* POLARSSL_SHA512_C */
493#endif /* POLARSSL_GCM_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]494#endif /* POLARSSL_CAMELLIA_C */
495
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]496#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]497#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]498#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]499 { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
500 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
501 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
502 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]503 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]504#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]505#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]506#endif /* POLARSSL_DES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]507
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]508#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]509#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]510 { TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
511 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
512 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
513 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]514 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]515#endif /* POLARSSL_SHA1_C */
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]516#endif /* POLARSSL_ARC4_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]517
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]518#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]519#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]520 { TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
521 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
522 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
523 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]524 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]525#endif /* POLARSSL_SHA1_C */
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]526#endif /* POLARSSL_CIPHER_NULL_CIPHER */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]527#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]528
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]529#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]530#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]531#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]532 { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
533 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA,
534 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
535 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
536 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]537#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]538
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]539#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]540#if defined(POLARSSL_GCM_C)
541 { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
542 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
543 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
544 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
545 0 },
546#endif /* POLARSSL_GCM_C */
547
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]548#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]549 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
550 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
551 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
552 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
553 0 },
554
555 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
556 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
557 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
558 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
559 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]560#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]561#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]562
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]563#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]564#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]565 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
566 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
567 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
568 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
569 0 },
570
571 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
572 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
573 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
574 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
575 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]576#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]577#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]578#if defined(POLARSSL_CCM_C)
579 { TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
580 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
581 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
582 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
583 0 },
584 { TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
585 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
586 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
587 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
588 POLARSSL_CIPHERSUITE_SHORT_TAG },
589 { TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
590 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
591 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
592 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
593 0 },
594 { TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
595 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
596 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
597 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
598 POLARSSL_CIPHERSUITE_SHORT_TAG },
599#endif /* POLARSSL_CCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]600#endif /* POLARSSL_AES_C */
601
602#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]603#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]604#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]605 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
606 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
607 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
608 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
609 0 },
610
611 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
612 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
613 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
614 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
615 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]616#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]617
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]618#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]619 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
620 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
621 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
622 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
623 0 },
624
625 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
626 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
627 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
628 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
629 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]630#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]631#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]632#if defined(POLARSSL_GCM_C)
633#if defined(POLARSSL_SHA256_C)
634 { TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
635 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
636 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
637 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
638 0 },
639#endif /* POLARSSL_SHA256_C */
640
641#if defined(POLARSSL_SHA512_C)
642 { TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
643 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA,
644 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
645 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
646 0 },
647#endif /* POLARSSL_SHA512_C */
648#endif /* POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]649#endif /* POLARSSL_CAMELLIA_C */
650
651#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]652#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]653#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]654 { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
655 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
656 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
657 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
658 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]659#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]660#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]661#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]662#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]663
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]664#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]665#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]666#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]667 { TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
668 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
669 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
670 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
671 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]672#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]673
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]674#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]675#if defined(POLARSSL_GCM_C)
676 { TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
677 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
678 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
679 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
680 0 },
681#endif /* POLARSSL_GCM_C */
682
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]683#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]684 { TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
685 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
686 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
687 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
688 0 },
689
690 { TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
691 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
692 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
693 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
694 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]695#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]696#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]697
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]698#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]699#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]700 { TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
701 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
702 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
703 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
704 0 },
705
706 { TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
707 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
708 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
709 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
710 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]711#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]712#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]713#if defined(POLARSSL_CCM_C)
714 { TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
715 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
716 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
717 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
718 0 },
719 { TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
720 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
721 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
722 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
723 POLARSSL_CIPHERSUITE_SHORT_TAG },
724 { TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
725 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
726 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
727 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
728 0 },
729 { TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
730 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
731 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
732 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
733 POLARSSL_CIPHERSUITE_SHORT_TAG },
734#endif /* POLARSSL_CCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]735#endif /* POLARSSL_AES_C */
736
737#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]738#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]739#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]740 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
741 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
742 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
743 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
744 0 },
745
746 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
747 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
748 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
749 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
750 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]751#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]752
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]753#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]754 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
755 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
756 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
757 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
758 0 },
759
760 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
761 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
762 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
763 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
764 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]765#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]766#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]767
768#if defined(POLARSSL_GCM_C)
769#if defined(POLARSSL_SHA256_C)
770 { TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
771 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
772 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
773 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
774 0 },
775#endif /* POLARSSL_SHA256_C */
776
777#if defined(POLARSSL_SHA1_C)
778 { TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
779 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
780 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
781 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
782 0 },
783#endif /* POLARSSL_SHA1_C */
784#endif /* POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]785#endif /* POLARSSL_CAMELLIA_C */
786
787#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]788#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]789#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]790 { TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
791 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
792 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
793 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
794 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]795#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]796#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]797#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]798
799#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]800#if defined(POLARSSL_MD5_C)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]801 { TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
802 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
803 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
804 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
805 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]806#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]807
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]808#if defined(POLARSSL_SHA1_C)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]809 { TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
810 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
811 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
812 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
813 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]814#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]815#endif /* POLARSSL_ARC4_C */
816#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]817
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]818#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED)
819#if defined(POLARSSL_AES_C)
820#if defined(POLARSSL_SHA1_C)
821#if defined(POLARSSL_CIPHER_MODE_CBC)
822 { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
823 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
824 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
825 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
826 0 },
827 { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
828 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
829 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
830 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
831 0 },
832#endif /* POLARSSL_CIPHER_MODE_CBC */
833#endif /* POLARSSL_SHA1_C */
834#if defined(POLARSSL_SHA256_C)
835#if defined(POLARSSL_CIPHER_MODE_CBC)
836 { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
837 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
838 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
839 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
840 0 },
841#endif /* POLARSSL_CIPHER_MODE_CBC */
842#if defined(POLARSSL_GCM_C)
843 { TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
844 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
845 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
846 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
847 0 },
848#endif /* POLARSSL_GCM_C */
849#endif /* POLARSSL_SHA256_C */
850#if defined(POLARSSL_SHA512_C)
851#if defined(POLARSSL_CIPHER_MODE_CBC)
852 { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
853 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
854 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
855 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
856 0 },
857#endif /* POLARSSL_CIPHER_MODE_CBC */
858#if defined(POLARSSL_GCM_C)
859 { TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
860 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
861 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
862 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
863 0 },
864#endif /* POLARSSL_GCM_C */
865#endif /* POLARSSL_SHA512_C */
866#endif /* POLARSSL_AES_C */
867
868#if defined(POLARSSL_CAMELLIA_C)
869#if defined(POLARSSL_CIPHER_MODE_CBC)
870#if defined(POLARSSL_SHA256_C)
871 { TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
872 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
873 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
874 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
875 0 },
876#endif /* POLARSSL_SHA256_C */
877#if defined(POLARSSL_SHA512_C)
878 { TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
879 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
880 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
881 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
882 0 },
883#endif /* POLARSSL_SHA512_C */
884#endif /* POLARSSL_CIPHER_MODE_CBC */
885
886#if defined(POLARSSL_GCM_C)
887#if defined(POLARSSL_SHA256_C)
888 { TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
889 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
890 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
891 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
892 0 },
893#endif /* POLARSSL_SHA256_C */
894#if defined(POLARSSL_SHA512_C)
895 { TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
896 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
897 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
898 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
899 0 },
900#endif /* POLARSSL_SHA512_C */
901#endif /* POLARSSL_GCM_C */
902#endif /* POLARSSL_CAMELLIA_C */
903
904#if defined(POLARSSL_DES_C)
905#if defined(POLARSSL_CIPHER_MODE_CBC)
906#if defined(POLARSSL_SHA1_C)
907 { TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
908 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
909 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
910 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
911 0 },
912#endif /* POLARSSL_SHA1_C */
913#endif /* POLARSSL_CIPHER_MODE_CBC */
914#endif /* POLARSSL_DES_C */
915
916#if defined(POLARSSL_ARC4_C)
917#if defined(POLARSSL_SHA1_C)
918 { TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA",
919 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
920 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
921 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
922 0 },
923#endif /* POLARSSL_SHA1_C */
924#endif /* POLARSSL_ARC4_C */
925
926#if defined(POLARSSL_CIPHER_NULL_CIPHER)
927#if defined(POLARSSL_SHA1_C)
928 { TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
929 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
930 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
931 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
932 POLARSSL_CIPHERSUITE_WEAK },
933#endif /* POLARSSL_SHA1_C */
934#endif /* POLARSSL_CIPHER_NULL_CIPHER */
935#endif /* POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED */
936
937#if defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
938#if defined(POLARSSL_AES_C)
939#if defined(POLARSSL_SHA1_C)
940#if defined(POLARSSL_CIPHER_MODE_CBC)
941 { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
942 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
943 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
944 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
945 0 },
946 { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
947 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
948 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
949 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
950 0 },
951#endif /* POLARSSL_CIPHER_MODE_CBC */
952#endif /* POLARSSL_SHA1_C */
953#if defined(POLARSSL_SHA256_C)
954#if defined(POLARSSL_CIPHER_MODE_CBC)
955 { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
956 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
957 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
958 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
959 0 },
960#endif /* POLARSSL_CIPHER_MODE_CBC */
961#if defined(POLARSSL_GCM_C)
962 { TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
963 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
964 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
965 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
966 0 },
967#endif /* POLARSSL_GCM_C */
968#endif /* POLARSSL_SHA256_C */
969#if defined(POLARSSL_SHA512_C)
970#if defined(POLARSSL_CIPHER_MODE_CBC)
971 { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
972 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
973 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
974 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
975 0 },
976#endif /* POLARSSL_CIPHER_MODE_CBC */
977#if defined(POLARSSL_GCM_C)
978 { TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
979 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
980 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
981 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
982 0 },
983#endif /* POLARSSL_GCM_C */
984#endif /* POLARSSL_SHA512_C */
985#endif /* POLARSSL_AES_C */
986
987#if defined(POLARSSL_CAMELLIA_C)
988#if defined(POLARSSL_CIPHER_MODE_CBC)
989#if defined(POLARSSL_SHA256_C)
990 { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
991 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
992 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
993 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
994 0 },
995#endif /* POLARSSL_SHA256_C */
996#if defined(POLARSSL_SHA512_C)
997 { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
998 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
999 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
1000 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1001 0 },
1002#endif /* POLARSSL_SHA512_C */
1003#endif /* POLARSSL_CIPHER_MODE_CBC */
1004
1005#if defined(POLARSSL_GCM_C)
1006#if defined(POLARSSL_SHA256_C)
1007 { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
1008 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1009 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1010 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1011 0 },
1012#endif /* POLARSSL_SHA256_C */
1013#if defined(POLARSSL_SHA512_C)
1014 { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
1015 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1016 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1017 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1018 0 },
1019#endif /* POLARSSL_SHA512_C */
1020#endif /* POLARSSL_GCM_C */
1021#endif /* POLARSSL_CAMELLIA_C */
1022
1023#if defined(POLARSSL_DES_C)
1024#if defined(POLARSSL_CIPHER_MODE_CBC)
1025#if defined(POLARSSL_SHA1_C)
1026 { TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
1027 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1028 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
1029 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1030 0 },
1031#endif /* POLARSSL_SHA1_C */
1032#endif /* POLARSSL_CIPHER_MODE_CBC */
1033#endif /* POLARSSL_DES_C */
1034
1035#if defined(POLARSSL_ARC4_C)
1036#if defined(POLARSSL_SHA1_C)
1037 { TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA",
1038 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1039 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
1040 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1041 0 },
1042#endif /* POLARSSL_SHA1_C */
1043#endif /* POLARSSL_ARC4_C */
1044
1045#if defined(POLARSSL_CIPHER_NULL_CIPHER)
1046#if defined(POLARSSL_SHA1_C)
1047 { TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
1048 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1049 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
1050 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1051 POLARSSL_CIPHERSUITE_WEAK },
1052#endif /* POLARSSL_SHA1_C */
1053#endif /* POLARSSL_CIPHER_NULL_CIPHER */
1054#endif /* POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
1055
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1056#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
1057#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1058#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1059#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1060 { TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
1061 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
1062 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1063 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1064 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1065#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1066
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1067#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1068 { TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
1069 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
1070 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1071 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1072 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1073#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1074#endif /* POLARSSL_GCM_C */
1075
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1076#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1077#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1078 { TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1079 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1080 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1081 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1082 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1083#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1084
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1085#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1086 { TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1087 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1088 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1089 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1090 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1091#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1092
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1093#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1094 { TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1095 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1096 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1097 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1098 0 },
1099
1100 { TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1101 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1102 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1103 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1104 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1105#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1106#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1107#if defined(POLARSSL_CCM_C)
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1108 { TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
1109 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1110 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1111 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1112 0 },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1113 { TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
1114 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1115 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1116 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1117 POLARSSL_CIPHERSUITE_SHORT_TAG },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1118 { TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
1119 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1120 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1121 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1122 0 },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1123 { TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
1124 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1125 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1126 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1127 POLARSSL_CIPHERSUITE_SHORT_TAG },
1128#endif /* POLARSSL_CCM_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1129#endif /* POLARSSL_AES_C */
1130
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1131#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1132#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1133#if defined(POLARSSL_SHA256_C)
1134 { TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1135 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1136 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1137 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1138 0 },
1139#endif /* POLARSSL_SHA256_C */
1140
1141#if defined(POLARSSL_SHA512_C)
1142 { TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1143 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1144 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1145 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1146 0 },
1147#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1148#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1149
1150#if defined(POLARSSL_GCM_C)
1151#if defined(POLARSSL_SHA256_C)
1152 { TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1153 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
1154 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1155 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1156 0 },
1157#endif /* POLARSSL_SHA256_C */
1158
1159#if defined(POLARSSL_SHA512_C)
1160 { TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1161 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
1162 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1163 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1164 0 },
1165#endif /* POLARSSL_SHA512_C */
1166#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1167#endif /* POLARSSL_CAMELLIA_C */
1168
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1169#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1170#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1171#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1172 { TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
1173 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1174 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1175 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1176 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1177#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1178#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1179#endif /* POLARSSL_DES_C */
1180
1181#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1182#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1183 { TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
1184 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1185 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1186 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1187 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1188#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1189#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1190#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1191
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1192#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1193#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1194#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1195#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1196 { TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1197 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1198 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1199 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1200 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1201#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1202
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1203#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1204 { TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1205 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1206 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1207 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1208 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1209#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1210#endif /* POLARSSL_GCM_C */
1211
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1212#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1213#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1214 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1215 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1216 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1217 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1218 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1219#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1220
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1221#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1222 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1223 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1224 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1225 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1226 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1227#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1228
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1229#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1230 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1231 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1232 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1233 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1234 0 },
1235
1236 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1237 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1238 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1239 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1240 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1241#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1242#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1243#if defined(POLARSSL_CCM_C)
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1244 { TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
1245 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1246 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1247 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1248 0 },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1249 { TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1250 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1251 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1252 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1253 POLARSSL_CIPHERSUITE_SHORT_TAG },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1254 { TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
1255 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1256 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1257 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1258 0 },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1259 { TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1260 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1261 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1262 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1263 POLARSSL_CIPHERSUITE_SHORT_TAG },
1264#endif /* POLARSSL_CCM_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1265#endif /* POLARSSL_AES_C */
1266
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1267#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1268#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1269#if defined(POLARSSL_SHA256_C)
1270 { TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1271 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1272 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1273 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1274 0 },
1275#endif /* POLARSSL_SHA256_C */
1276
1277#if defined(POLARSSL_SHA512_C)
1278 { TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1279 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1280 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1281 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1282 0 },
1283#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1284#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1285
1286#if defined(POLARSSL_GCM_C)
1287#if defined(POLARSSL_SHA256_C)
1288 { TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1289 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1290 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1291 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1292 0 },
1293#endif /* POLARSSL_SHA256_C */
1294
1295#if defined(POLARSSL_SHA512_C)
1296 { TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1297 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1298 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1299 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1300 0 },
1301#endif /* POLARSSL_SHA512_C */
1302#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1303#endif /* POLARSSL_CAMELLIA_C */
1304
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1305#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1306#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1307#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1308 { TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
1309 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1310 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1311 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1312 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1313#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1314#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1315#endif /* POLARSSL_DES_C */
1316
1317#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1318#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1319 { TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
1320 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1321 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1322 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1323 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1324#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1325#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1326#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1327
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1328#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1329#if defined(POLARSSL_AES_C)
1330
1331#if defined(POLARSSL_CIPHER_MODE_CBC)
1332#if defined(POLARSSL_SHA256_C)
1333 { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1334 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1335 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1336 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1337 0 },
1338#endif /* POLARSSL_SHA256_C */
1339
1340#if defined(POLARSSL_SHA512_C)
1341 { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1342 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1343 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1344 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1345 0 },
1346#endif /* POLARSSL_SHA512_C */
1347
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1348#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1349 { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1350 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1351 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1352 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1353 0 },
1354
1355 { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1356 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1357 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1358 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1359 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1360#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1361#endif /* POLARSSL_CIPHER_MODE_CBC */
1362#endif /* POLARSSL_AES_C */
1363
1364#if defined(POLARSSL_CAMELLIA_C)
1365#if defined(POLARSSL_CIPHER_MODE_CBC)
1366#if defined(POLARSSL_SHA256_C)
1367 { TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1368 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1369 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1370 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1371 0 },
1372#endif /* POLARSSL_SHA256_C */
1373
1374#if defined(POLARSSL_SHA512_C)
1375 { TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1376 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1377 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1378 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1379 0 },
1380#endif /* POLARSSL_SHA512_C */
1381#endif /* POLARSSL_CIPHER_MODE_CBC */
1382#endif /* POLARSSL_CAMELLIA_C */
1383
1384#if defined(POLARSSL_DES_C)
1385#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1386#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1387 { TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
1388 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1389 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1390 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1391 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1392#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1393#endif /* POLARSSL_CIPHER_MODE_CBC */
1394#endif /* POLARSSL_DES_C */
1395
1396#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1397#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1398 { TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
1399 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1400 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1401 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1402 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1403#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1404#endif /* POLARSSL_ARC4_C */
1405#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1406
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1407#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1408#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1409#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1410#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1411 { TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1412 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1413 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1414 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1415 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1416#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1417
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1418#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1419 { TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1420 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1421 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1422 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1423 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1424#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1425#endif /* POLARSSL_GCM_C */
1426
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1427#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1428#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1429 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1430 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1431 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1432 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1433 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1434#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1435
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1436#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1437 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1438 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1439 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1440 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1441 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1442#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1443
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1444#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1445 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1446 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda04fa4f2014-07-13 16:16:44 +0200[diff] [blame]1447 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1448 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1449 0 },
1450
1451 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1452 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda04fa4f2014-07-13 16:16:44 +0200[diff] [blame]1453 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1454 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1455 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1456#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1457#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1458#endif /* POLARSSL_AES_C */
1459
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1460#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1461#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1462#if defined(POLARSSL_SHA256_C)
1463 { TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1464 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1465 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1466 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1467 0 },
1468#endif /* POLARSSL_SHA256_C */
1469
1470#if defined(POLARSSL_SHA512_C)
1471 { TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1472 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1473 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1474 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1475 0 },
1476#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1477#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1478
1479#if defined(POLARSSL_GCM_C)
1480#if defined(POLARSSL_SHA256_C)
1481 { TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1482 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1483 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1484 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1485 0 },
1486#endif /* POLARSSL_SHA256_C */
1487
1488#if defined(POLARSSL_SHA512_C)
1489 { TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1490 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1491 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1492 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1493 0 },
1494#endif /* POLARSSL_SHA512_C */
1495#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1496#endif /* POLARSSL_CAMELLIA_C */
1497
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1498#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1499#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1500#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1501 { TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
1502 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda04fa4f2014-07-13 16:16:44 +0200[diff] [blame]1503 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1504 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1505 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1506#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1507#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1508#endif /* POLARSSL_DES_C */
1509
1510#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1511#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1512 { TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
1513 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda04fa4f2014-07-13 16:16:44 +0200[diff] [blame]1514 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1515 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1516 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1517#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1518#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1519#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1520
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1521#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES)
1522#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1523#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1524#if defined(POLARSSL_MD5_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1525 { TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1526 POLARSSL_CIPHER_NULL, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
1527 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1528 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1529 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1530#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1531
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1532#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1533 { TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1534 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
1535 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1536 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1537 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1538#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1539
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1540#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1541 { TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1542 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1543 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1544 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1545 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1546#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1547#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1548
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1549#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1550#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1551 { TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1552 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1553 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1554 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1555 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1556#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1557
1558#if defined(POLARSSL_SHA256_C)
1559 { TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1560 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1561 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1562 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1563 POLARSSL_CIPHERSUITE_WEAK },
1564#endif
1565
1566#if defined(POLARSSL_SHA512_C)
1567 { TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1568 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1569 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1570 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1571 POLARSSL_CIPHERSUITE_WEAK },
1572#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1573#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
1574
1575#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1576#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1577 { TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1578 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1579 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1580 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1581 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1582#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1583
1584#if defined(POLARSSL_SHA256_C)
1585 { TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1586 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1587 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1588 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1589 POLARSSL_CIPHERSUITE_WEAK },
1590#endif
1591
1592#if defined(POLARSSL_SHA512_C)
1593 { TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1594 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1595 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1596 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1597 POLARSSL_CIPHERSUITE_WEAK },
1598#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1599#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
1600
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1601#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1602#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1603 { TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1604 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1605 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1606 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1607 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1608#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1609
1610#if defined(POLARSSL_SHA256_C)
1611 { TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1612 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1613 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1614 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1615 POLARSSL_CIPHERSUITE_WEAK },
1616#endif
1617
1618#if defined(POLARSSL_SHA512_C)
1619 { TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1620 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1621 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1622 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1623 POLARSSL_CIPHERSUITE_WEAK },
1624#endif
1625#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1626
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1627#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1628#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1629 { TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1630 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda04fa4f2014-07-13 16:16:44 +0200[diff] [blame]1631 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1632 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1633 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1634#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1635
1636#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1637 { TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1638 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1639 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1640 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1641 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1642#endif
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1643
1644#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1645 { TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1646 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1647 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1648 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1649 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1650#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1651#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
1652#endif /* POLARSSL_CIPHER_NULL_CIPHER */
1653
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1654#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1655#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1656#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1657#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1658 { TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
1659 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
1660 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1661 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1662 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1663#endif /* POLARSSL_SHA1_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1664#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1665
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1666#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1667#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1668 { TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
1669 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
1670 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1671 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1672 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1673#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1674#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
1675#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1676#endif /* POLARSSL_DES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1677#endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */
1678
1679 { 0, "", 0, 0, 0, 0, 0, 0, 0, 0 }
1680};
1681
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]1682#if defined(SSL_CIPHERSUITES)
1683const int *ssl_list_ciphersuites( void )
1684{
1685 return( ciphersuite_preference );
1686}
1687#else
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1688#define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
1689 sizeof( ciphersuite_definitions[0] )
1690static int supported_ciphersuites[MAX_CIPHERSUITES];
1691static int supported_init = 0;
1692
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1693const int *ssl_list_ciphersuites( void )
1694{
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1695 /*
1696 * On initial call filter out all ciphersuites not supported by current
1697 * build based on presence in the ciphersuite_definitions.
1698 */
1699 if( supported_init == 0 )
1700 {
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1701 const int *p;
1702 int *q;
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1703
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1704 for( p = ciphersuite_preference, q = supported_ciphersuites;
1705 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
1706 p++ )
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1707 {
Manuel Pégourié-Gonnard01edb102014-06-24 22:42:34 +0200[diff] [blame]1708#if defined(POLARSSL_REMOVE_ARC4_CIPHERSUITES)
1709 const ssl_ciphersuite_t *cs_info;
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1710 if( ( cs_info = ssl_ciphersuite_from_id( *p ) ) != NULL &&
Manuel Pégourié-Gonnard01edb102014-06-24 22:42:34 +0200[diff] [blame]1711 cs_info->cipher != POLARSSL_CIPHER_ARC4_128 )
1712#else
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1713 if( ssl_ciphersuite_from_id( *p ) != NULL )
Manuel Pégourié-Gonnard01edb102014-06-24 22:42:34 +0200[diff] [blame]1714#endif
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1715 *(q++) = *p;
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1716 }
Manuel Pégourié-Gonnardbc4b7f02013-09-07 15:04:26 +0200[diff] [blame]1717 *q = 0;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1718
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1719 supported_init = 1;
1720 }
1721
Paul Bakkerd8bb8262014-06-17 14:06:49 +0200[diff] [blame]1722 return( supported_ciphersuites );
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1723};
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]1724#endif /* SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1725
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +0200[diff] [blame]1726const ssl_ciphersuite_t *ssl_ciphersuite_from_string(
1727 const char *ciphersuite_name )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1728{
1729 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1730
1731 if( NULL == ciphersuite_name )
1732 return( NULL );
1733
1734 while( cur->id != 0 )
1735 {
1736 if( 0 == strcasecmp( cur->name, ciphersuite_name ) )
1737 return( cur );
1738
1739 cur++;
1740 }
1741
1742 return( NULL );
1743}
1744
1745const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite )
1746{
1747 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1748
1749 while( cur->id != 0 )
1750 {
1751 if( cur->id == ciphersuite )
1752 return( cur );
1753
1754 cur++;
1755 }
1756
1757 return( NULL );
1758}
1759
1760const char *ssl_get_ciphersuite_name( const int ciphersuite_id )
1761{
1762 const ssl_ciphersuite_t *cur;
1763
1764 cur = ssl_ciphersuite_from_id( ciphersuite_id );
1765
1766 if( cur == NULL )
1767 return( "unknown" );
1768
1769 return( cur->name );
1770}
1771
1772int ssl_get_ciphersuite_id( const char *ciphersuite_name )
1773{
1774 const ssl_ciphersuite_t *cur;
1775
1776 cur = ssl_ciphersuite_from_string( ciphersuite_name );
1777
1778 if( cur == NULL )
1779 return( 0 );
1780
1781 return( cur->id );
1782}
1783
Manuel Pégourié-Gonnard1a483832013-09-20 12:29:15 +0200[diff] [blame]1784#if defined(POLARSSL_PK_C)
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1785pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info )
1786{
1787 switch( info->key_exchange )
1788 {
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1789 case POLARSSL_KEY_EXCHANGE_RSA:
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1790 case POLARSSL_KEY_EXCHANGE_DHE_RSA:
1791 case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1792 case POLARSSL_KEY_EXCHANGE_RSA_PSK:
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1793 return( POLARSSL_PK_RSA );
1794
1795 case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
1796 return( POLARSSL_PK_ECDSA );
1797
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1798 case POLARSSL_KEY_EXCHANGE_ECDH_RSA:
1799 case POLARSSL_KEY_EXCHANGE_ECDH_ECDSA:
1800 return( POLARSSL_PK_ECKEY );
1801
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1802 default:
1803 return( POLARSSL_PK_NONE );
1804 }
1805}
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1806#endif /* POLARSSL_PK_C */
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1807
Manuel Pégourié-Gonnard280f95b2014-01-18 18:28:58 +0100[diff] [blame]1808#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C)
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1809int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info )
1810{
1811 switch( info->key_exchange )
1812 {
1813 case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
1814 case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1815 case POLARSSL_KEY_EXCHANGE_ECDHE_PSK:
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1816 case POLARSSL_KEY_EXCHANGE_ECDH_RSA:
1817 case POLARSSL_KEY_EXCHANGE_ECDH_ECDSA:
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1818 return( 1 );
1819
1820 default:
1821 return( 0 );
1822 }
1823}
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1824#endif /* POLARSSL_ECDH_C || POLARSSL_ECDSA_C */
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1825
Manuel Pégourié-Gonnard280f95b2014-01-18 18:28:58 +0100[diff] [blame]1826#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
Manuel Pégourié-Gonnard21ef42f2013-10-27 14:47:25 +0100[diff] [blame]1827int ssl_ciphersuite_uses_psk( const ssl_ciphersuite_t *info )
1828{
1829 switch( info->key_exchange )
1830 {
1831 case POLARSSL_KEY_EXCHANGE_PSK:
1832 case POLARSSL_KEY_EXCHANGE_RSA_PSK:
1833 case POLARSSL_KEY_EXCHANGE_DHE_PSK:
1834 case POLARSSL_KEY_EXCHANGE_ECDHE_PSK:
1835 return( 1 );
1836
1837 default:
1838 return( 0 );
1839 }
1840}
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1841#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */
Manuel Pégourié-Gonnard21ef42f2013-10-27 14:47:25 +0100[diff] [blame]1842
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1843#endif /* POLARSSL_SSL_TLS_C */