TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / b9e4e2c97a2e448090ff3fcc0f99b8f6dbc08897 / . / library / ssl_ciphersuites.c
blob: e88c5d4c59fca7ace379c3c942950020ff48f6af [file] [log] [blame]
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1/**
2 * \file ssl_ciphersuites.c
3 *
4 * \brief SSL ciphersuites for PolarSSL
5 *
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]6 * Copyright (C) 2006-2014, Brainspark B.V.
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]7 *
8 * This file is part of PolarSSL (http://www.polarssl.org)
9 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
10 *
11 * All rights reserved.
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License along
24 * with this program; if not, write to the Free Software Foundation, Inc.,
25 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 */
27
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]28#if !defined(POLARSSL_CONFIG_FILE)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]29#include "polarssl/config.h"
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]30#else
31#include POLARSSL_CONFIG_FILE
32#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]33
34#if defined(POLARSSL_SSL_TLS_C)
35
36#include "polarssl/ssl_ciphersuites.h"
37#include "polarssl/ssl.h"
38
39#include <stdlib.h>
40
Paul Bakker6edcd412013-10-29 15:22:54 +0100[diff] [blame]41#if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \
42 !defined(EFI32)
Manuel Pégourié-Gonnard9654fb12013-10-03 11:53:05 +0200[diff] [blame]43#define strcasecmp _stricmp
44#endif
45
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]46/*
47 * Ordered from most preferred to least preferred in terms of security.
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]48 *
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame]49 * Current rule (except rc4, weak and null which come last):
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]50 * 1. By key exchange:
51 * Forward-secure non-PSK > forward-secure PSK > other non-PSK > other PSK
52 * 2. By key length and cipher:
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame]53 * AES-256 > Camellia-256 > AES-128 > Camellia-128 > 3DES
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]54 * 3. By cipher mode when relevant GCM > CBC
55 * 4. By hash function used
56 * 5. By key exchange/auth again: EC > non-EC
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]57 */
58static const int ciphersuite_preference[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]59{
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]60 /* All AES-256 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]61 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]62 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]63 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]64 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
65 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
66 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]67 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]68 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]69 TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]70
71 /* All CAMELLIA-256 ephemeral suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]72 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
73 TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
74 TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]75 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]76 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]77 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]78 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]79
80 /* All AES-128 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]81 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]82 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]83 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]84 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
85 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
86 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]87 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]88 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
89 TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]90
91 /* All CAMELLIA-128 ephemeral suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]92 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
93 TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
94 TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]95 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]96 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]97 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]98 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]99
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]100 /* All remaining >= 128-bit ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]101 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]102 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]103 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]104
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]105 /* The PSK ephemeral suites */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]106 TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]107 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
108 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
109 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
110 TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]111 TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]112 TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]113 TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]114
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]115 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]116 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
117 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
118 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
119 TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]120 TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]121 TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]122 TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
123
124 TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]125 TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]126
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]127 /* All AES-256 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]128 TLS_RSA_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]129 TLS_RSA_WITH_AES_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]130 TLS_RSA_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]131 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
132 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
133 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
134 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
135 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
136 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]137
138 /* All CAMELLIA-256 suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]139 TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]140 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]141 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]142 TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
143 TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
144 TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
145 TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]146
147 /* All AES-128 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]148 TLS_RSA_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]149 TLS_RSA_WITH_AES_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]150 TLS_RSA_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]151 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
152 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
153 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
154 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
155 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
156 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]157
158 /* All CAMELLIA-128 suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]159 TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]160 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]161 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]162 TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
163 TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
164 TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
165 TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]166
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]167 /* All remaining >= 128-bit suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]168 TLS_RSA_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]169 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]170 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]171
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]172 /* The RSA PSK suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]173 TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]174 TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]175 TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]176 TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]177 TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]178
179 TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]180 TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]181 TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]182 TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]183 TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]184
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]185 TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]186
187 /* The PSK suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]188 TLS_PSK_WITH_AES_256_GCM_SHA384,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]189 TLS_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]190 TLS_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]191 TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]192 TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]193
194 TLS_PSK_WITH_AES_128_GCM_SHA256,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]195 TLS_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]196 TLS_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]197 TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]198 TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]199
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]200 TLS_PSK_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame]201
202 /* RC4 suites */
203 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
204 TLS_ECDHE_RSA_WITH_RC4_128_SHA,
205 TLS_ECDHE_PSK_WITH_RC4_128_SHA,
206 TLS_DHE_PSK_WITH_RC4_128_SHA,
207 TLS_RSA_WITH_RC4_128_SHA,
208 TLS_RSA_WITH_RC4_128_MD5,
209 TLS_ECDH_RSA_WITH_RC4_128_SHA,
210 TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
211 TLS_RSA_PSK_WITH_RC4_128_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]212 TLS_PSK_WITH_RC4_128_SHA,
213
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]214 /* Weak suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]215 TLS_DHE_RSA_WITH_DES_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]216 TLS_RSA_WITH_DES_CBC_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]217
218 /* NULL suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]219 TLS_ECDHE_ECDSA_WITH_NULL_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]220 TLS_ECDHE_RSA_WITH_NULL_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]221 TLS_ECDHE_PSK_WITH_NULL_SHA384,
222 TLS_ECDHE_PSK_WITH_NULL_SHA256,
223 TLS_ECDHE_PSK_WITH_NULL_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]224 TLS_DHE_PSK_WITH_NULL_SHA384,
225 TLS_DHE_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]226 TLS_DHE_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]227
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]228 TLS_RSA_WITH_NULL_SHA256,
229 TLS_RSA_WITH_NULL_SHA,
230 TLS_RSA_WITH_NULL_MD5,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]231 TLS_ECDH_RSA_WITH_NULL_SHA,
232 TLS_ECDH_ECDSA_WITH_NULL_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]233 TLS_RSA_PSK_WITH_NULL_SHA384,
234 TLS_RSA_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]235 TLS_RSA_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]236 TLS_PSK_WITH_NULL_SHA384,
237 TLS_PSK_WITH_NULL_SHA256,
238 TLS_PSK_WITH_NULL_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]239
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]240 0
241};
242
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]243#define MAX_CIPHERSUITES 160
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]244static int supported_ciphersuites[MAX_CIPHERSUITES];
245static int supported_init = 0;
246
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]247static const ssl_ciphersuite_t ciphersuite_definitions[] =
248{
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]249#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
250#if defined(POLARSSL_AES_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]251#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]252#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]253 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
254 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
255 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
256 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]257 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]258 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
259 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
260 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
261 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]262 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]263#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]264#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]265#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]266#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]267 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
268 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
269 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
270 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]271 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]272#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]273#if defined(POLARSSL_GCM_C)
274 { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
275 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
276 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
277 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]278 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]279#endif /* POLARSSL_GCM_C */
280#endif /* POLARSSL_SHA256_C */
281#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]282#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]283 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
284 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
285 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
286 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]287 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]288#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]289#if defined(POLARSSL_GCM_C)
290 { TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
291 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
292 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
293 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]294 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]295#endif /* POLARSSL_GCM_C */
296#endif /* POLARSSL_SHA512_C */
297#endif /* POLARSSL_AES_C */
298
299#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]300#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]301#if defined(POLARSSL_SHA256_C)
302 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
303 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]304 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]305 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]306 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]307#endif /* POLARSSL_SHA256_C */
308#if defined(POLARSSL_SHA512_C)
309 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
310 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]311 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]312 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]313 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]314#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]315#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]316
317#if defined(POLARSSL_GCM_C)
318#if defined(POLARSSL_SHA256_C)
319 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
320 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
321 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
322 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
323 0 },
324#endif /* POLARSSL_SHA256_C */
325#if defined(POLARSSL_SHA512_C)
326 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
327 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
328 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
329 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
330 0 },
331#endif /* POLARSSL_SHA512_C */
332#endif /* POLARSSL_GCM_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]333#endif /* POLARSSL_CAMELLIA_C */
334
335#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]336#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]337#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]338 { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
339 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
340 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
341 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]342 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]343#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]344#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]345#endif /* POLARSSL_DES_C */
346
347#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]348#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]349 { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
350 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
351 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
352 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]353 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]354#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]355#endif /* POLARSSL_ARC4_C */
356
357#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]358#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]359 { TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
360 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
361 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
362 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]363 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]364#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]365#endif /* POLARSSL_CIPHER_NULL_CIPHER */
366#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
367
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]368#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]369#if defined(POLARSSL_AES_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]370#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]371#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]372 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
373 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
374 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
375 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]376 0 },
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]377 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
378 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
379 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
380 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]381 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]382#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]383#endif /* POLARSSL_SHA1_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]384#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]385#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]386 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
387 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
388 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
389 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]390 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]391#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]392#if defined(POLARSSL_GCM_C)
393 { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
394 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
395 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
396 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]397 0 },
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]398#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]399#endif /* POLARSSL_SHA256_C */
400#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]401#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]402 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
403 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
404 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
405 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]406 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]407#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]408#if defined(POLARSSL_GCM_C)
409 { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
410 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
411 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
412 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]413 0 },
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]414#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]415#endif /* POLARSSL_SHA512_C */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]416#endif /* POLARSSL_AES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]417
418#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]419#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]420#if defined(POLARSSL_SHA256_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]421 { TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
422 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]423 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]424 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]425 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]426#endif /* POLARSSL_SHA256_C */
427#if defined(POLARSSL_SHA512_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]428 { TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
429 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]430 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]431 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]432 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]433#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]434#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]435
436#if defined(POLARSSL_GCM_C)
437#if defined(POLARSSL_SHA256_C)
438 { TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
439 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
440 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
441 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
442 0 },
443#endif /* POLARSSL_SHA256_C */
444#if defined(POLARSSL_SHA512_C)
445 { TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
446 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
447 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
448 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
449 0 },
450#endif /* POLARSSL_SHA512_C */
451#endif /* POLARSSL_GCM_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]452#endif /* POLARSSL_CAMELLIA_C */
453
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]454#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]455#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]456#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]457 { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
458 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
459 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
460 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]461 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]462#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]463#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]464#endif /* POLARSSL_DES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]465
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]466#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]467#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]468 { TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
469 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
470 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
471 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]472 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]473#endif /* POLARSSL_SHA1_C */
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]474#endif /* POLARSSL_ARC4_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]475
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]476#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]477#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]478 { TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
479 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
480 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
481 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]482 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]483#endif /* POLARSSL_SHA1_C */
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]484#endif /* POLARSSL_CIPHER_NULL_CIPHER */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]485#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]486
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]487#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]488#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]489#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]490 { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
491 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA,
492 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
493 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
494 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]495#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]496
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]497#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]498#if defined(POLARSSL_GCM_C)
499 { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
500 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
501 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
502 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
503 0 },
504#endif /* POLARSSL_GCM_C */
505
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]506#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]507 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
508 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
509 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
510 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
511 0 },
512
513 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
514 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
515 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
516 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
517 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]518#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]519#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]520
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]521#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]522#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]523 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
524 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
525 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
526 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
527 0 },
528
529 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
530 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
531 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
532 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
533 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]534#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]535#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]536#endif /* POLARSSL_AES_C */
537
538#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]539#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]540#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]541 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
542 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
543 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
544 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
545 0 },
546
547 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
548 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
549 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
550 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
551 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]552#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]553
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]554#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]555 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
556 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
557 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
558 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
559 0 },
560
561 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
562 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
563 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
564 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
565 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]566#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]567#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]568#if defined(POLARSSL_GCM_C)
569#if defined(POLARSSL_SHA256_C)
570 { TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
571 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
572 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
573 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
574 0 },
575#endif /* POLARSSL_SHA256_C */
576
577#if defined(POLARSSL_SHA512_C)
578 { TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
579 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA,
580 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
581 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
582 0 },
583#endif /* POLARSSL_SHA512_C */
584#endif /* POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]585#endif /* POLARSSL_CAMELLIA_C */
586
587#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]588#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]589#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]590 { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
591 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
592 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
593 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
594 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]595#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]596#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]597#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]598#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]599
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]600#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]601#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]602#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]603 { TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
604 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
605 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
606 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
607 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]608#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]609
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]610#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]611#if defined(POLARSSL_GCM_C)
612 { TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
613 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
614 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
615 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
616 0 },
617#endif /* POLARSSL_GCM_C */
618
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]619#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]620 { TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
621 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
622 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
623 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
624 0 },
625
626 { TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
627 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
628 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
629 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
630 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]631#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]632#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]633
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]634#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]635#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]636 { TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
637 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
638 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
639 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
640 0 },
641
642 { TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
643 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
644 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
645 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
646 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]647#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]648#endif /* POLARSSL_SHA1_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]649#endif /* POLARSSL_AES_C */
650
651#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]652#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]653#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]654 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
655 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
656 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
657 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
658 0 },
659
660 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
661 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
662 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
663 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
664 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]665#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]666
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]667#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]668 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
669 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
670 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
671 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
672 0 },
673
674 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
675 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
676 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
677 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
678 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]679#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]680#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]681
682#if defined(POLARSSL_GCM_C)
683#if defined(POLARSSL_SHA256_C)
684 { TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
685 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
686 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
687 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
688 0 },
689#endif /* POLARSSL_SHA256_C */
690
691#if defined(POLARSSL_SHA1_C)
692 { TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
693 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
694 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
695 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
696 0 },
697#endif /* POLARSSL_SHA1_C */
698#endif /* POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]699#endif /* POLARSSL_CAMELLIA_C */
700
701#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]702#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]703#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]704 { TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
705 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
706 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
707 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
708 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]709#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]710#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]711#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]712
713#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]714#if defined(POLARSSL_MD5_C)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]715 { TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
716 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
717 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
718 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
719 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]720#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]721
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]722#if defined(POLARSSL_SHA1_C)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]723 { TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
724 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
725 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
726 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
727 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]728#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]729#endif /* POLARSSL_ARC4_C */
730#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]731
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]732#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED)
733#if defined(POLARSSL_AES_C)
734#if defined(POLARSSL_SHA1_C)
735#if defined(POLARSSL_CIPHER_MODE_CBC)
736 { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
737 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
738 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
739 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
740 0 },
741 { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
742 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
743 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
744 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
745 0 },
746#endif /* POLARSSL_CIPHER_MODE_CBC */
747#endif /* POLARSSL_SHA1_C */
748#if defined(POLARSSL_SHA256_C)
749#if defined(POLARSSL_CIPHER_MODE_CBC)
750 { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
751 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
752 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
753 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
754 0 },
755#endif /* POLARSSL_CIPHER_MODE_CBC */
756#if defined(POLARSSL_GCM_C)
757 { TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
758 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
759 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
760 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
761 0 },
762#endif /* POLARSSL_GCM_C */
763#endif /* POLARSSL_SHA256_C */
764#if defined(POLARSSL_SHA512_C)
765#if defined(POLARSSL_CIPHER_MODE_CBC)
766 { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
767 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
768 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
769 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
770 0 },
771#endif /* POLARSSL_CIPHER_MODE_CBC */
772#if defined(POLARSSL_GCM_C)
773 { TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
774 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
775 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
776 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
777 0 },
778#endif /* POLARSSL_GCM_C */
779#endif /* POLARSSL_SHA512_C */
780#endif /* POLARSSL_AES_C */
781
782#if defined(POLARSSL_CAMELLIA_C)
783#if defined(POLARSSL_CIPHER_MODE_CBC)
784#if defined(POLARSSL_SHA256_C)
785 { TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
786 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
787 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
788 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
789 0 },
790#endif /* POLARSSL_SHA256_C */
791#if defined(POLARSSL_SHA512_C)
792 { TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
793 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
794 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
795 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
796 0 },
797#endif /* POLARSSL_SHA512_C */
798#endif /* POLARSSL_CIPHER_MODE_CBC */
799
800#if defined(POLARSSL_GCM_C)
801#if defined(POLARSSL_SHA256_C)
802 { TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
803 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
804 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
805 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
806 0 },
807#endif /* POLARSSL_SHA256_C */
808#if defined(POLARSSL_SHA512_C)
809 { TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
810 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
811 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
812 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
813 0 },
814#endif /* POLARSSL_SHA512_C */
815#endif /* POLARSSL_GCM_C */
816#endif /* POLARSSL_CAMELLIA_C */
817
818#if defined(POLARSSL_DES_C)
819#if defined(POLARSSL_CIPHER_MODE_CBC)
820#if defined(POLARSSL_SHA1_C)
821 { TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
822 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
823 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
824 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
825 0 },
826#endif /* POLARSSL_SHA1_C */
827#endif /* POLARSSL_CIPHER_MODE_CBC */
828#endif /* POLARSSL_DES_C */
829
830#if defined(POLARSSL_ARC4_C)
831#if defined(POLARSSL_SHA1_C)
832 { TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA",
833 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
834 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
835 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
836 0 },
837#endif /* POLARSSL_SHA1_C */
838#endif /* POLARSSL_ARC4_C */
839
840#if defined(POLARSSL_CIPHER_NULL_CIPHER)
841#if defined(POLARSSL_SHA1_C)
842 { TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
843 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
844 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
845 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
846 POLARSSL_CIPHERSUITE_WEAK },
847#endif /* POLARSSL_SHA1_C */
848#endif /* POLARSSL_CIPHER_NULL_CIPHER */
849#endif /* POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED */
850
851#if defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
852#if defined(POLARSSL_AES_C)
853#if defined(POLARSSL_SHA1_C)
854#if defined(POLARSSL_CIPHER_MODE_CBC)
855 { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
856 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
857 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
858 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
859 0 },
860 { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
861 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
862 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
863 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
864 0 },
865#endif /* POLARSSL_CIPHER_MODE_CBC */
866#endif /* POLARSSL_SHA1_C */
867#if defined(POLARSSL_SHA256_C)
868#if defined(POLARSSL_CIPHER_MODE_CBC)
869 { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
870 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
871 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
872 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
873 0 },
874#endif /* POLARSSL_CIPHER_MODE_CBC */
875#if defined(POLARSSL_GCM_C)
876 { TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
877 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
878 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
879 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
880 0 },
881#endif /* POLARSSL_GCM_C */
882#endif /* POLARSSL_SHA256_C */
883#if defined(POLARSSL_SHA512_C)
884#if defined(POLARSSL_CIPHER_MODE_CBC)
885 { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
886 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
887 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
888 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
889 0 },
890#endif /* POLARSSL_CIPHER_MODE_CBC */
891#if defined(POLARSSL_GCM_C)
892 { TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
893 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
894 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
895 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
896 0 },
897#endif /* POLARSSL_GCM_C */
898#endif /* POLARSSL_SHA512_C */
899#endif /* POLARSSL_AES_C */
900
901#if defined(POLARSSL_CAMELLIA_C)
902#if defined(POLARSSL_CIPHER_MODE_CBC)
903#if defined(POLARSSL_SHA256_C)
904 { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
905 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
906 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
907 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
908 0 },
909#endif /* POLARSSL_SHA256_C */
910#if defined(POLARSSL_SHA512_C)
911 { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
912 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
913 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
914 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
915 0 },
916#endif /* POLARSSL_SHA512_C */
917#endif /* POLARSSL_CIPHER_MODE_CBC */
918
919#if defined(POLARSSL_GCM_C)
920#if defined(POLARSSL_SHA256_C)
921 { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
922 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
923 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
924 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
925 0 },
926#endif /* POLARSSL_SHA256_C */
927#if defined(POLARSSL_SHA512_C)
928 { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
929 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
930 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
931 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
932 0 },
933#endif /* POLARSSL_SHA512_C */
934#endif /* POLARSSL_GCM_C */
935#endif /* POLARSSL_CAMELLIA_C */
936
937#if defined(POLARSSL_DES_C)
938#if defined(POLARSSL_CIPHER_MODE_CBC)
939#if defined(POLARSSL_SHA1_C)
940 { TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
941 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
942 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
943 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
944 0 },
945#endif /* POLARSSL_SHA1_C */
946#endif /* POLARSSL_CIPHER_MODE_CBC */
947#endif /* POLARSSL_DES_C */
948
949#if defined(POLARSSL_ARC4_C)
950#if defined(POLARSSL_SHA1_C)
951 { TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA",
952 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
953 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
954 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
955 0 },
956#endif /* POLARSSL_SHA1_C */
957#endif /* POLARSSL_ARC4_C */
958
959#if defined(POLARSSL_CIPHER_NULL_CIPHER)
960#if defined(POLARSSL_SHA1_C)
961 { TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
962 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
963 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
964 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
965 POLARSSL_CIPHERSUITE_WEAK },
966#endif /* POLARSSL_SHA1_C */
967#endif /* POLARSSL_CIPHER_NULL_CIPHER */
968#endif /* POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
969
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]970#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
971#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]972#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]973#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]974 { TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
975 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
976 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
977 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
978 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]979#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]980
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]981#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]982 { TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
983 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
984 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
985 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
986 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]987#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]988#endif /* POLARSSL_GCM_C */
989
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]990#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]991#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]992 { TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
993 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]994 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]995 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
996 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]997#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]998
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]999#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1000 { TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1001 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1002 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1003 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1004 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1005#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1006
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1007#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1008 { TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1009 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1010 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1011 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1012 0 },
1013
1014 { TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1015 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1016 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1017 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1018 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1019#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1020#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1021#endif /* POLARSSL_AES_C */
1022
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1023#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1024#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1025#if defined(POLARSSL_SHA256_C)
1026 { TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1027 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1028 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1029 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1030 0 },
1031#endif /* POLARSSL_SHA256_C */
1032
1033#if defined(POLARSSL_SHA512_C)
1034 { TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1035 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1036 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1037 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1038 0 },
1039#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1040#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1041
1042#if defined(POLARSSL_GCM_C)
1043#if defined(POLARSSL_SHA256_C)
1044 { TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1045 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
1046 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1047 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1048 0 },
1049#endif /* POLARSSL_SHA256_C */
1050
1051#if defined(POLARSSL_SHA512_C)
1052 { TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1053 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
1054 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1055 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1056 0 },
1057#endif /* POLARSSL_SHA512_C */
1058#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1059#endif /* POLARSSL_CAMELLIA_C */
1060
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1061#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1062#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1063#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1064 { TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
1065 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1066 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1067 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1068 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1069#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1070#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1071#endif /* POLARSSL_DES_C */
1072
1073#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1074#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1075 { TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
1076 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1077 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1078 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1079 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1080#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1081#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1082#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1083
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1084#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1085#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1086#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1087#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1088 { TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1089 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1090 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1091 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1092 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1093#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1094
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1095#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1096 { TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1097 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1098 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1099 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1100 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1101#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1102#endif /* POLARSSL_GCM_C */
1103
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1104#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1105#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1106 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1107 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1108 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1109 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1110 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1111#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1112
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1113#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1114 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1115 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1116 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1117 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1118 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1119#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1120
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1121#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1122 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1123 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1124 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1125 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1126 0 },
1127
1128 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1129 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1130 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1131 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1132 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1133#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1134#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1135#endif /* POLARSSL_AES_C */
1136
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1137#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1138#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1139#if defined(POLARSSL_SHA256_C)
1140 { TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1141 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1142 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1143 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1144 0 },
1145#endif /* POLARSSL_SHA256_C */
1146
1147#if defined(POLARSSL_SHA512_C)
1148 { TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1149 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1150 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1151 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1152 0 },
1153#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1154#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1155
1156#if defined(POLARSSL_GCM_C)
1157#if defined(POLARSSL_SHA256_C)
1158 { TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1159 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1160 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1161 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1162 0 },
1163#endif /* POLARSSL_SHA256_C */
1164
1165#if defined(POLARSSL_SHA512_C)
1166 { TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1167 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1168 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1169 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1170 0 },
1171#endif /* POLARSSL_SHA512_C */
1172#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1173#endif /* POLARSSL_CAMELLIA_C */
1174
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1175#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1176#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1177#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1178 { TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
1179 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1180 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1181 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1182 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1183#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1184#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1185#endif /* POLARSSL_DES_C */
1186
1187#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1188#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1189 { TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
1190 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1191 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1192 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1193 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1194#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1195#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1196#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1197
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1198#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1199#if defined(POLARSSL_AES_C)
1200
1201#if defined(POLARSSL_CIPHER_MODE_CBC)
1202#if defined(POLARSSL_SHA256_C)
1203 { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1204 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1205 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1206 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1207 0 },
1208#endif /* POLARSSL_SHA256_C */
1209
1210#if defined(POLARSSL_SHA512_C)
1211 { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1212 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1213 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1214 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1215 0 },
1216#endif /* POLARSSL_SHA512_C */
1217
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1218#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1219 { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1220 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1221 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1222 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1223 0 },
1224
1225 { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1226 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1227 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1228 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1229 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1230#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1231#endif /* POLARSSL_CIPHER_MODE_CBC */
1232#endif /* POLARSSL_AES_C */
1233
1234#if defined(POLARSSL_CAMELLIA_C)
1235#if defined(POLARSSL_CIPHER_MODE_CBC)
1236#if defined(POLARSSL_SHA256_C)
1237 { TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1238 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1239 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1240 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1241 0 },
1242#endif /* POLARSSL_SHA256_C */
1243
1244#if defined(POLARSSL_SHA512_C)
1245 { TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1246 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1247 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1248 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1249 0 },
1250#endif /* POLARSSL_SHA512_C */
1251#endif /* POLARSSL_CIPHER_MODE_CBC */
1252#endif /* POLARSSL_CAMELLIA_C */
1253
1254#if defined(POLARSSL_DES_C)
1255#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1256#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1257 { TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
1258 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1259 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1260 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1261 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1262#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1263#endif /* POLARSSL_CIPHER_MODE_CBC */
1264#endif /* POLARSSL_DES_C */
1265
1266#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1267#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1268 { TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
1269 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1270 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1271 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1272 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1273#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1274#endif /* POLARSSL_ARC4_C */
1275#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1276
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1277#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1278#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1279#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1280#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1281 { TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1282 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1283 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1284 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1285 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1286#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1287
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1288#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1289 { TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1290 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1291 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1292 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1293 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1294#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1295#endif /* POLARSSL_GCM_C */
1296
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1297#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1298#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1299 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1300 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1301 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1302 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1303 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1304#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1305
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1306#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1307 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1308 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1309 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1310 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1311 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1312#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1313
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1314#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1315 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1316 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1317 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1318 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1319 0 },
1320
1321 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1322 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1323 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1324 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1325 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1326#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1327#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1328#endif /* POLARSSL_AES_C */
1329
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1330#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1331#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1332#if defined(POLARSSL_SHA256_C)
1333 { TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1334 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1335 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1336 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1337 0 },
1338#endif /* POLARSSL_SHA256_C */
1339
1340#if defined(POLARSSL_SHA512_C)
1341 { TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1342 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1343 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1344 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1345 0 },
1346#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1347#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1348
1349#if defined(POLARSSL_GCM_C)
1350#if defined(POLARSSL_SHA256_C)
1351 { TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1352 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1353 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1354 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1355 0 },
1356#endif /* POLARSSL_SHA256_C */
1357
1358#if defined(POLARSSL_SHA512_C)
1359 { TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1360 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1361 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1362 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1363 0 },
1364#endif /* POLARSSL_SHA512_C */
1365#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1366#endif /* POLARSSL_CAMELLIA_C */
1367
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1368#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1369#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1370#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1371 { TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
1372 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1373 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1374 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1375 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1376#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1377#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1378#endif /* POLARSSL_DES_C */
1379
1380#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1381#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1382 { TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
1383 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1384 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1385 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1386 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1387#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1388#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1389#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1390
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1391#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES)
1392#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1393#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1394#if defined(POLARSSL_MD5_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1395 { TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1396 POLARSSL_CIPHER_NULL, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
1397 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1398 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1399 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1400#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1401
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1402#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1403 { TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1404 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
1405 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1406 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1407 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1408#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1409
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1410#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1411 { TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1412 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
1413 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1414 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1415 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1416#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1417#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1418
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1419#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1420#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1421 { TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1422 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1423 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1424 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1425 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1426#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1427
1428#if defined(POLARSSL_SHA256_C)
1429 { TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1430 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1431 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1432 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1433 POLARSSL_CIPHERSUITE_WEAK },
1434#endif
1435
1436#if defined(POLARSSL_SHA512_C)
1437 { TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1438 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1439 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1440 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1441 POLARSSL_CIPHERSUITE_WEAK },
1442#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1443#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
1444
1445#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1446#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1447 { TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1448 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1449 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1450 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1451 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1452#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1453
1454#if defined(POLARSSL_SHA256_C)
1455 { TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1456 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1457 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1458 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1459 POLARSSL_CIPHERSUITE_WEAK },
1460#endif
1461
1462#if defined(POLARSSL_SHA512_C)
1463 { TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1464 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1465 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1466 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1467 POLARSSL_CIPHERSUITE_WEAK },
1468#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1469#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
1470
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1471#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1472#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1473 { TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1474 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1475 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1476 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1477 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1478#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1479
1480#if defined(POLARSSL_SHA256_C)
1481 { TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1482 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1483 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1484 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1485 POLARSSL_CIPHERSUITE_WEAK },
1486#endif
1487
1488#if defined(POLARSSL_SHA512_C)
1489 { TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1490 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1491 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1492 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1493 POLARSSL_CIPHERSUITE_WEAK },
1494#endif
1495#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1496
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1497#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1498#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1499 { TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1500 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1501 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1502 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1503 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1504#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1505
1506#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1507 { TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1508 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1509 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1510 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1511 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1512#endif
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1513
1514#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1515 { TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1516 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1517 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1518 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1519 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1520#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1521#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
1522#endif /* POLARSSL_CIPHER_NULL_CIPHER */
1523
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1524#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1525#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1526#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1527#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1528 { TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
1529 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
1530 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1531 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1532 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1533#endif /* POLARSSL_SHA1_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1534#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1535
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1536#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1537#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1538 { TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
1539 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
1540 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1541 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1542 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1543#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1544#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
1545#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1546#endif /* POLARSSL_DES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1547#endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */
1548
1549 { 0, "", 0, 0, 0, 0, 0, 0, 0, 0 }
1550};
1551
1552const int *ssl_list_ciphersuites( void )
1553{
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1554 /*
1555 * On initial call filter out all ciphersuites not supported by current
1556 * build based on presence in the ciphersuite_definitions.
1557 */
1558 if( supported_init == 0 )
1559 {
1560 const int *p = ciphersuite_preference;
1561 int *q = supported_ciphersuites;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1562 size_t i;
1563 size_t max = sizeof(supported_ciphersuites) / sizeof(int);
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1564
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1565 for( i = 0; i < max - 1 && p[i] != 0; i++ )
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1566 {
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1567 if( ssl_ciphersuite_from_id( p[i] ) != NULL )
1568 *(q++) = p[i];
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1569 }
Manuel Pégourié-Gonnardbc4b7f02013-09-07 15:04:26 +0200[diff] [blame]1570 *q = 0;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1571
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1572 supported_init = 1;
1573 }
1574
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1575 return supported_ciphersuites;
1576};
1577
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +0200[diff] [blame^]1578const ssl_ciphersuite_t *ssl_ciphersuite_from_string(
1579 const char *ciphersuite_name )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1580{
1581 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1582
1583 if( NULL == ciphersuite_name )
1584 return( NULL );
1585
1586 while( cur->id != 0 )
1587 {
1588 if( 0 == strcasecmp( cur->name, ciphersuite_name ) )
1589 return( cur );
1590
1591 cur++;
1592 }
1593
1594 return( NULL );
1595}
1596
1597const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite )
1598{
1599 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1600
1601 while( cur->id != 0 )
1602 {
1603 if( cur->id == ciphersuite )
1604 return( cur );
1605
1606 cur++;
1607 }
1608
1609 return( NULL );
1610}
1611
1612const char *ssl_get_ciphersuite_name( const int ciphersuite_id )
1613{
1614 const ssl_ciphersuite_t *cur;
1615
1616 cur = ssl_ciphersuite_from_id( ciphersuite_id );
1617
1618 if( cur == NULL )
1619 return( "unknown" );
1620
1621 return( cur->name );
1622}
1623
1624int ssl_get_ciphersuite_id( const char *ciphersuite_name )
1625{
1626 const ssl_ciphersuite_t *cur;
1627
1628 cur = ssl_ciphersuite_from_string( ciphersuite_name );
1629
1630 if( cur == NULL )
1631 return( 0 );
1632
1633 return( cur->id );
1634}
1635
Manuel Pégourié-Gonnard1a483832013-09-20 12:29:15 +0200[diff] [blame]1636#if defined(POLARSSL_PK_C)
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1637pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info )
1638{
1639 switch( info->key_exchange )
1640 {
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1641 case POLARSSL_KEY_EXCHANGE_RSA:
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1642 case POLARSSL_KEY_EXCHANGE_DHE_RSA:
1643 case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1644 case POLARSSL_KEY_EXCHANGE_RSA_PSK:
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1645 return( POLARSSL_PK_RSA );
1646
1647 case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
1648 return( POLARSSL_PK_ECDSA );
1649
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1650 case POLARSSL_KEY_EXCHANGE_ECDH_RSA:
1651 case POLARSSL_KEY_EXCHANGE_ECDH_ECDSA:
1652 return( POLARSSL_PK_ECKEY );
1653
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1654 default:
1655 return( POLARSSL_PK_NONE );
1656 }
1657}
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1658#endif /* POLARSSL_PK_C */
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1659
Manuel Pégourié-Gonnard280f95b2014-01-18 18:28:58 +0100[diff] [blame]1660#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C)
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1661int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info )
1662{
1663 switch( info->key_exchange )
1664 {
1665 case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
1666 case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1667 case POLARSSL_KEY_EXCHANGE_ECDHE_PSK:
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1668 case POLARSSL_KEY_EXCHANGE_ECDH_RSA:
1669 case POLARSSL_KEY_EXCHANGE_ECDH_ECDSA:
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1670 return( 1 );
1671
1672 default:
1673 return( 0 );
1674 }
1675}
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1676#endif /* POLARSSL_ECDH_C || POLARSSL_ECDSA_C */
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1677
Manuel Pégourié-Gonnard280f95b2014-01-18 18:28:58 +0100[diff] [blame]1678#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
Manuel Pégourié-Gonnard21ef42f2013-10-27 14:47:25 +0100[diff] [blame]1679int ssl_ciphersuite_uses_psk( const ssl_ciphersuite_t *info )
1680{
1681 switch( info->key_exchange )
1682 {
1683 case POLARSSL_KEY_EXCHANGE_PSK:
1684 case POLARSSL_KEY_EXCHANGE_RSA_PSK:
1685 case POLARSSL_KEY_EXCHANGE_DHE_PSK:
1686 case POLARSSL_KEY_EXCHANGE_ECDHE_PSK:
1687 return( 1 );
1688
1689 default:
1690 return( 0 );
1691 }
1692}
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1693#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */
Manuel Pégourié-Gonnard21ef42f2013-10-27 14:47:25 +0100[diff] [blame]1694
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1695#endif /* POLARSSL_SSL_TLS_C */