TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / c16f4e1f788b36064d9461727f432ddab1d248b7 / . / library / ssl_ciphersuites.c
blob: 25d192b7a6df69d7f270f9ca6033c0be861f839c [file] [log] [blame]
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1/**
2 * \file ssl_ciphersuites.c
3 *
4 * \brief SSL ciphersuites for PolarSSL
5 *
6 * Copyright (C) 2006-2013, Brainspark B.V.
7 *
8 * This file is part of PolarSSL (http://www.polarssl.org)
9 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
10 *
11 * All rights reserved.
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License along
24 * with this program; if not, write to the Free Software Foundation, Inc.,
25 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 */
27
28#include "polarssl/config.h"
29
30#if defined(POLARSSL_SSL_TLS_C)
31
32#include "polarssl/ssl_ciphersuites.h"
33#include "polarssl/ssl.h"
34
35#include <stdlib.h>
36
Paul Bakker6edcd412013-10-29 15:22:54 +0100[diff] [blame]37#if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \
38 !defined(EFI32)
Manuel Pégourié-Gonnard9654fb12013-10-03 11:53:05 +0200[diff] [blame]39#define strcasecmp _stricmp
40#endif
41
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]42/*
43 * Ordered from most preferred to least preferred in terms of security.
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]44 *
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame^]45 * Current rule (except rc4, weak and null which come last):
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]46 * 1. By key exchange:
47 * Forward-secure non-PSK > forward-secure PSK > other non-PSK > other PSK
48 * 2. By key length and cipher:
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame^]49 * AES-256 > Camellia-256 > AES-128 > Camellia-128 > 3DES
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]50 * 3. By cipher mode when relevant GCM > CBC
51 * 4. By hash function used
52 * 5. By key exchange/auth again: EC > non-EC
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]53 */
54static const int ciphersuite_preference[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]55{
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]56 /* All AES-256 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]57 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]58 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]59 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]60 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
61 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
62 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]63 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]64 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]65 TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]66
67 /* All CAMELLIA-256 ephemeral suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]68 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
69 TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
70 TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]71 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]72 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]73 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]74 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]75
76 /* All AES-128 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]77 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]78 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]79 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]80 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
81 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
82 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]83 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]84 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
85 TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]86
87 /* All CAMELLIA-128 ephemeral suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]88 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
89 TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
90 TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]91 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]92 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]93 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]94 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]95
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]96 /* All remaining >= 128-bit ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]97 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]98 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]99 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]100
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]101 /* The PSK ephemeral suites */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]102 TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]103 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
104 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
105 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
106 TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]107 TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]108 TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]109 TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]110
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]111 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]112 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
113 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
114 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
115 TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]116 TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]117 TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]118 TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
119
120 TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]121 TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]122
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]123 /* All AES-256 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]124 TLS_RSA_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]125 TLS_RSA_WITH_AES_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]126 TLS_RSA_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]127 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
128 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
129 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
130 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
131 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
132 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]133
134 /* All CAMELLIA-256 suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]135 TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]136 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]137 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]138 TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
139 TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
140 TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
141 TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]142
143 /* All AES-128 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]144 TLS_RSA_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]145 TLS_RSA_WITH_AES_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]146 TLS_RSA_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]147 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
148 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
149 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
150 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
151 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
152 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]153
154 /* All CAMELLIA-128 suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]155 TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]156 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]157 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]158 TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
159 TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
160 TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
161 TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]162
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]163 /* All remaining >= 128-bit suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]164 TLS_RSA_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]165 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]166 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]167
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]168 /* The RSA PSK suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]169 TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]170 TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]171 TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]172 TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]173 TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]174
175 TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]176 TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]177 TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]178 TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]179 TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]180
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]181 TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]182
183 /* The PSK suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]184 TLS_PSK_WITH_AES_256_GCM_SHA384,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]185 TLS_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]186 TLS_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]187 TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]188 TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]189
190 TLS_PSK_WITH_AES_128_GCM_SHA256,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]191 TLS_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]192 TLS_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]193 TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]194 TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]195
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]196 TLS_PSK_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame^]197
198 /* RC4 suites */
199 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
200 TLS_ECDHE_RSA_WITH_RC4_128_SHA,
201 TLS_ECDHE_PSK_WITH_RC4_128_SHA,
202 TLS_DHE_PSK_WITH_RC4_128_SHA,
203 TLS_RSA_WITH_RC4_128_SHA,
204 TLS_RSA_WITH_RC4_128_MD5,
205 TLS_ECDH_RSA_WITH_RC4_128_SHA,
206 TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
207 TLS_RSA_PSK_WITH_RC4_128_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]208 TLS_PSK_WITH_RC4_128_SHA,
209
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]210 /* Weak suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]211 TLS_DHE_RSA_WITH_DES_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]212 TLS_RSA_WITH_DES_CBC_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]213
214 /* NULL suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]215 TLS_ECDHE_ECDSA_WITH_NULL_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]216 TLS_ECDHE_RSA_WITH_NULL_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]217 TLS_ECDHE_PSK_WITH_NULL_SHA384,
218 TLS_ECDHE_PSK_WITH_NULL_SHA256,
219 TLS_ECDHE_PSK_WITH_NULL_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]220 TLS_DHE_PSK_WITH_NULL_SHA384,
221 TLS_DHE_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]222 TLS_DHE_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]223
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]224 TLS_RSA_WITH_NULL_SHA256,
225 TLS_RSA_WITH_NULL_SHA,
226 TLS_RSA_WITH_NULL_MD5,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]227 TLS_ECDH_RSA_WITH_NULL_SHA,
228 TLS_ECDH_ECDSA_WITH_NULL_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]229 TLS_RSA_PSK_WITH_NULL_SHA384,
230 TLS_RSA_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]231 TLS_RSA_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]232 TLS_PSK_WITH_NULL_SHA384,
233 TLS_PSK_WITH_NULL_SHA256,
234 TLS_PSK_WITH_NULL_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]235
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]236 0
237};
238
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]239#define MAX_CIPHERSUITES 160
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]240static int supported_ciphersuites[MAX_CIPHERSUITES];
241static int supported_init = 0;
242
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]243static const ssl_ciphersuite_t ciphersuite_definitions[] =
244{
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]245#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
246#if defined(POLARSSL_AES_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]247#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]248#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]249 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
250 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
251 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
252 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]253 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]254 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
255 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
256 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
257 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]258 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]259#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]260#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]261#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]262#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]263 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
264 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
265 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
266 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]267 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]268#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]269#if defined(POLARSSL_GCM_C)
270 { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
271 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
272 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
273 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]274 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]275#endif /* POLARSSL_GCM_C */
276#endif /* POLARSSL_SHA256_C */
277#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]278#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]279 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
280 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
281 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
282 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]283 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]284#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]285#if defined(POLARSSL_GCM_C)
286 { TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
287 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
288 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
289 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]290 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]291#endif /* POLARSSL_GCM_C */
292#endif /* POLARSSL_SHA512_C */
293#endif /* POLARSSL_AES_C */
294
295#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]296#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]297#if defined(POLARSSL_SHA256_C)
298 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
299 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]300 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]301 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]302 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]303#endif /* POLARSSL_SHA256_C */
304#if defined(POLARSSL_SHA512_C)
305 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
306 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]307 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]308 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]309 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]310#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]311#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]312
313#if defined(POLARSSL_GCM_C)
314#if defined(POLARSSL_SHA256_C)
315 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
316 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
317 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
318 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
319 0 },
320#endif /* POLARSSL_SHA256_C */
321#if defined(POLARSSL_SHA512_C)
322 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
323 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
324 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
325 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
326 0 },
327#endif /* POLARSSL_SHA512_C */
328#endif /* POLARSSL_GCM_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]329#endif /* POLARSSL_CAMELLIA_C */
330
331#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]332#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]333#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]334 { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
335 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
336 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
337 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]338 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]339#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]340#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]341#endif /* POLARSSL_DES_C */
342
343#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]344#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]345 { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
346 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
347 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
348 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]349 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]350#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]351#endif /* POLARSSL_ARC4_C */
352
353#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]354#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]355 { TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
356 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
357 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
358 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]359 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]360#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]361#endif /* POLARSSL_CIPHER_NULL_CIPHER */
362#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
363
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]364#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]365#if defined(POLARSSL_AES_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]366#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]367#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]368 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
369 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
370 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
371 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]372 0 },
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]373 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
374 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
375 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
376 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]377 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]378#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]379#endif /* POLARSSL_SHA1_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]380#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]381#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]382 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
383 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
384 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
385 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]386 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]387#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]388#if defined(POLARSSL_GCM_C)
389 { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
390 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
391 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
392 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]393 0 },
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]394#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]395#endif /* POLARSSL_SHA256_C */
396#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]397#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]398 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
399 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
400 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
401 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]402 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]403#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]404#if defined(POLARSSL_GCM_C)
405 { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
406 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
407 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
408 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]409 0 },
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]410#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]411#endif /* POLARSSL_SHA512_C */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]412#endif /* POLARSSL_AES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]413
414#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]415#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]416#if defined(POLARSSL_SHA256_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]417 { TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
418 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]419 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]420 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]421 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]422#endif /* POLARSSL_SHA256_C */
423#if defined(POLARSSL_SHA512_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]424 { TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
425 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]426 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]427 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]428 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]429#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]430#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]431
432#if defined(POLARSSL_GCM_C)
433#if defined(POLARSSL_SHA256_C)
434 { TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
435 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
436 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
437 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
438 0 },
439#endif /* POLARSSL_SHA256_C */
440#if defined(POLARSSL_SHA512_C)
441 { TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
442 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
443 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
444 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
445 0 },
446#endif /* POLARSSL_SHA512_C */
447#endif /* POLARSSL_GCM_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]448#endif /* POLARSSL_CAMELLIA_C */
449
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]450#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]451#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]452#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]453 { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
454 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
455 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
456 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]457 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]458#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]459#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]460#endif /* POLARSSL_DES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]461
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]462#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]463#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]464 { TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
465 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
466 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
467 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]468 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]469#endif /* POLARSSL_SHA1_C */
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]470#endif /* POLARSSL_ARC4_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]471
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]472#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]473#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]474 { TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
475 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
476 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
477 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]478 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]479#endif /* POLARSSL_SHA1_C */
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]480#endif /* POLARSSL_CIPHER_NULL_CIPHER */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]481#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]482
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]483#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]484#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]485#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]486 { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
487 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA,
488 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
489 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
490 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]491#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]492
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]493#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]494#if defined(POLARSSL_GCM_C)
495 { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
496 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
497 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
498 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
499 0 },
500#endif /* POLARSSL_GCM_C */
501
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]502#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]503 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
504 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
505 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
506 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
507 0 },
508
509 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
510 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
511 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
512 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
513 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]514#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]515#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]516
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]517#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]518#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]519 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
520 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
521 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
522 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
523 0 },
524
525 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
526 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
527 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
528 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
529 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]530#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]531#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]532#endif /* POLARSSL_AES_C */
533
534#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]535#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]536#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]537 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
538 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
539 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
540 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
541 0 },
542
543 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
544 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
545 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
546 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
547 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]548#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]549
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]550#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]551 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
552 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
553 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
554 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
555 0 },
556
557 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
558 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
559 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
560 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
561 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]562#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]563#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]564#if defined(POLARSSL_GCM_C)
565#if defined(POLARSSL_SHA256_C)
566 { TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
567 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
568 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
569 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
570 0 },
571#endif /* POLARSSL_SHA256_C */
572
573#if defined(POLARSSL_SHA512_C)
574 { TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
575 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA,
576 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
577 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
578 0 },
579#endif /* POLARSSL_SHA512_C */
580#endif /* POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]581#endif /* POLARSSL_CAMELLIA_C */
582
583#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]584#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]585#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]586 { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
587 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
588 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
589 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
590 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]591#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]592#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]593#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]594#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]595
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]596#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]597#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]598#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]599 { TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
600 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
601 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
602 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
603 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]604#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]605
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]606#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]607#if defined(POLARSSL_GCM_C)
608 { TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
609 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
610 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
611 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
612 0 },
613#endif /* POLARSSL_GCM_C */
614
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]615#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]616 { TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
617 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
618 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
619 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
620 0 },
621
622 { TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
623 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
624 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
625 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
626 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]627#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]628#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]629
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]630#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]631#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]632 { TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
633 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
634 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
635 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
636 0 },
637
638 { TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
639 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
640 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
641 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
642 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]643#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]644#endif /* POLARSSL_SHA1_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]645#endif /* POLARSSL_AES_C */
646
647#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]648#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]649#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]650 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
651 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
652 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
653 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
654 0 },
655
656 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
657 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
658 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
659 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
660 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]661#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]662
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]663#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]664 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
665 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
666 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
667 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
668 0 },
669
670 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
671 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
672 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
673 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
674 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]675#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]676#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]677
678#if defined(POLARSSL_GCM_C)
679#if defined(POLARSSL_SHA256_C)
680 { TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
681 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
682 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
683 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
684 0 },
685#endif /* POLARSSL_SHA256_C */
686
687#if defined(POLARSSL_SHA1_C)
688 { TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
689 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
690 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
691 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
692 0 },
693#endif /* POLARSSL_SHA1_C */
694#endif /* POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]695#endif /* POLARSSL_CAMELLIA_C */
696
697#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]698#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]699#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]700 { TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
701 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
702 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
703 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
704 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]705#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]706#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]707#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]708
709#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]710#if defined(POLARSSL_MD5_C)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]711 { TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
712 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
713 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
714 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
715 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]716#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]717
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]718#if defined(POLARSSL_SHA1_C)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]719 { TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
720 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
721 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
722 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
723 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]724#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]725#endif /* POLARSSL_ARC4_C */
726#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]727
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]728#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED)
729#if defined(POLARSSL_AES_C)
730#if defined(POLARSSL_SHA1_C)
731#if defined(POLARSSL_CIPHER_MODE_CBC)
732 { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
733 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
734 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
735 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
736 0 },
737 { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
738 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
739 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
740 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
741 0 },
742#endif /* POLARSSL_CIPHER_MODE_CBC */
743#endif /* POLARSSL_SHA1_C */
744#if defined(POLARSSL_SHA256_C)
745#if defined(POLARSSL_CIPHER_MODE_CBC)
746 { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
747 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
748 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
749 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
750 0 },
751#endif /* POLARSSL_CIPHER_MODE_CBC */
752#if defined(POLARSSL_GCM_C)
753 { TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
754 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
755 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
756 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
757 0 },
758#endif /* POLARSSL_GCM_C */
759#endif /* POLARSSL_SHA256_C */
760#if defined(POLARSSL_SHA512_C)
761#if defined(POLARSSL_CIPHER_MODE_CBC)
762 { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
763 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
764 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
765 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
766 0 },
767#endif /* POLARSSL_CIPHER_MODE_CBC */
768#if defined(POLARSSL_GCM_C)
769 { TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
770 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
771 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
772 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
773 0 },
774#endif /* POLARSSL_GCM_C */
775#endif /* POLARSSL_SHA512_C */
776#endif /* POLARSSL_AES_C */
777
778#if defined(POLARSSL_CAMELLIA_C)
779#if defined(POLARSSL_CIPHER_MODE_CBC)
780#if defined(POLARSSL_SHA256_C)
781 { TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
782 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
783 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
784 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
785 0 },
786#endif /* POLARSSL_SHA256_C */
787#if defined(POLARSSL_SHA512_C)
788 { TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
789 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
790 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
791 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
792 0 },
793#endif /* POLARSSL_SHA512_C */
794#endif /* POLARSSL_CIPHER_MODE_CBC */
795
796#if defined(POLARSSL_GCM_C)
797#if defined(POLARSSL_SHA256_C)
798 { TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
799 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
800 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
801 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
802 0 },
803#endif /* POLARSSL_SHA256_C */
804#if defined(POLARSSL_SHA512_C)
805 { TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
806 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
807 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
808 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
809 0 },
810#endif /* POLARSSL_SHA512_C */
811#endif /* POLARSSL_GCM_C */
812#endif /* POLARSSL_CAMELLIA_C */
813
814#if defined(POLARSSL_DES_C)
815#if defined(POLARSSL_CIPHER_MODE_CBC)
816#if defined(POLARSSL_SHA1_C)
817 { TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
818 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
819 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
820 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
821 0 },
822#endif /* POLARSSL_SHA1_C */
823#endif /* POLARSSL_CIPHER_MODE_CBC */
824#endif /* POLARSSL_DES_C */
825
826#if defined(POLARSSL_ARC4_C)
827#if defined(POLARSSL_SHA1_C)
828 { TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA",
829 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
830 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
831 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
832 0 },
833#endif /* POLARSSL_SHA1_C */
834#endif /* POLARSSL_ARC4_C */
835
836#if defined(POLARSSL_CIPHER_NULL_CIPHER)
837#if defined(POLARSSL_SHA1_C)
838 { TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
839 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
840 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
841 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
842 POLARSSL_CIPHERSUITE_WEAK },
843#endif /* POLARSSL_SHA1_C */
844#endif /* POLARSSL_CIPHER_NULL_CIPHER */
845#endif /* POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED */
846
847#if defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
848#if defined(POLARSSL_AES_C)
849#if defined(POLARSSL_SHA1_C)
850#if defined(POLARSSL_CIPHER_MODE_CBC)
851 { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
852 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
853 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
854 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
855 0 },
856 { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
857 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
858 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
859 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
860 0 },
861#endif /* POLARSSL_CIPHER_MODE_CBC */
862#endif /* POLARSSL_SHA1_C */
863#if defined(POLARSSL_SHA256_C)
864#if defined(POLARSSL_CIPHER_MODE_CBC)
865 { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
866 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
867 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
868 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
869 0 },
870#endif /* POLARSSL_CIPHER_MODE_CBC */
871#if defined(POLARSSL_GCM_C)
872 { TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
873 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
874 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
875 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
876 0 },
877#endif /* POLARSSL_GCM_C */
878#endif /* POLARSSL_SHA256_C */
879#if defined(POLARSSL_SHA512_C)
880#if defined(POLARSSL_CIPHER_MODE_CBC)
881 { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
882 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
883 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
884 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
885 0 },
886#endif /* POLARSSL_CIPHER_MODE_CBC */
887#if defined(POLARSSL_GCM_C)
888 { TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
889 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
890 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
891 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
892 0 },
893#endif /* POLARSSL_GCM_C */
894#endif /* POLARSSL_SHA512_C */
895#endif /* POLARSSL_AES_C */
896
897#if defined(POLARSSL_CAMELLIA_C)
898#if defined(POLARSSL_CIPHER_MODE_CBC)
899#if defined(POLARSSL_SHA256_C)
900 { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
901 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
902 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
903 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
904 0 },
905#endif /* POLARSSL_SHA256_C */
906#if defined(POLARSSL_SHA512_C)
907 { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
908 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
909 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
910 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
911 0 },
912#endif /* POLARSSL_SHA512_C */
913#endif /* POLARSSL_CIPHER_MODE_CBC */
914
915#if defined(POLARSSL_GCM_C)
916#if defined(POLARSSL_SHA256_C)
917 { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
918 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
919 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
920 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
921 0 },
922#endif /* POLARSSL_SHA256_C */
923#if defined(POLARSSL_SHA512_C)
924 { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
925 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
926 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
927 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
928 0 },
929#endif /* POLARSSL_SHA512_C */
930#endif /* POLARSSL_GCM_C */
931#endif /* POLARSSL_CAMELLIA_C */
932
933#if defined(POLARSSL_DES_C)
934#if defined(POLARSSL_CIPHER_MODE_CBC)
935#if defined(POLARSSL_SHA1_C)
936 { TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
937 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
938 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
939 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
940 0 },
941#endif /* POLARSSL_SHA1_C */
942#endif /* POLARSSL_CIPHER_MODE_CBC */
943#endif /* POLARSSL_DES_C */
944
945#if defined(POLARSSL_ARC4_C)
946#if defined(POLARSSL_SHA1_C)
947 { TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA",
948 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
949 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
950 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
951 0 },
952#endif /* POLARSSL_SHA1_C */
953#endif /* POLARSSL_ARC4_C */
954
955#if defined(POLARSSL_CIPHER_NULL_CIPHER)
956#if defined(POLARSSL_SHA1_C)
957 { TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
958 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
959 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
960 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
961 POLARSSL_CIPHERSUITE_WEAK },
962#endif /* POLARSSL_SHA1_C */
963#endif /* POLARSSL_CIPHER_NULL_CIPHER */
964#endif /* POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
965
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]966#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
967#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]968#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]969#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]970 { TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
971 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
972 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
973 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
974 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]975#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]976
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]977#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]978 { TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
979 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
980 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
981 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
982 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]983#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]984#endif /* POLARSSL_GCM_C */
985
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]986#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]987#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]988 { TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
989 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]990 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]991 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
992 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]993#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]994
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]995#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]996 { TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
997 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]998 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]999 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1000 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1001#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1002
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1003#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1004 { TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1005 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1006 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1007 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1008 0 },
1009
1010 { TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1011 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1012 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1013 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1014 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1015#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1016#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1017#endif /* POLARSSL_AES_C */
1018
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1019#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1020#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1021#if defined(POLARSSL_SHA256_C)
1022 { TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1023 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1024 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1025 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1026 0 },
1027#endif /* POLARSSL_SHA256_C */
1028
1029#if defined(POLARSSL_SHA512_C)
1030 { TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1031 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1032 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1033 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1034 0 },
1035#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1036#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1037
1038#if defined(POLARSSL_GCM_C)
1039#if defined(POLARSSL_SHA256_C)
1040 { TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1041 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
1042 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1043 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1044 0 },
1045#endif /* POLARSSL_SHA256_C */
1046
1047#if defined(POLARSSL_SHA512_C)
1048 { TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1049 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
1050 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1051 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1052 0 },
1053#endif /* POLARSSL_SHA512_C */
1054#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1055#endif /* POLARSSL_CAMELLIA_C */
1056
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1057#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1058#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1059#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1060 { TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
1061 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1062 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1063 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1064 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1065#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1066#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1067#endif /* POLARSSL_DES_C */
1068
1069#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1070#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1071 { TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
1072 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1073 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1074 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1075 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1076#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1077#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1078#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1079
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1080#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1081#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1082#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1083#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1084 { TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1085 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1086 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1087 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1088 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1089#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1090
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1091#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1092 { TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1093 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1094 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1095 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1096 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1097#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1098#endif /* POLARSSL_GCM_C */
1099
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1100#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1101#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1102 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1103 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1104 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1105 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1106 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1107#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1108
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1109#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1110 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1111 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1112 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1113 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1114 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1115#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1116
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1117#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1118 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1119 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1120 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1121 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1122 0 },
1123
1124 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1125 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1126 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1127 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1128 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1129#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1130#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1131#endif /* POLARSSL_AES_C */
1132
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1133#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1134#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1135#if defined(POLARSSL_SHA256_C)
1136 { TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1137 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1138 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1139 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1140 0 },
1141#endif /* POLARSSL_SHA256_C */
1142
1143#if defined(POLARSSL_SHA512_C)
1144 { TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1145 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1146 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1147 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1148 0 },
1149#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1150#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1151
1152#if defined(POLARSSL_GCM_C)
1153#if defined(POLARSSL_SHA256_C)
1154 { TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1155 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1156 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1157 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1158 0 },
1159#endif /* POLARSSL_SHA256_C */
1160
1161#if defined(POLARSSL_SHA512_C)
1162 { TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1163 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1164 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1165 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1166 0 },
1167#endif /* POLARSSL_SHA512_C */
1168#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1169#endif /* POLARSSL_CAMELLIA_C */
1170
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1171#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1172#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1173#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1174 { TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
1175 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1176 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1177 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1178 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1179#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1180#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1181#endif /* POLARSSL_DES_C */
1182
1183#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1184#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1185 { TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
1186 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1187 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1188 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1189 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1190#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1191#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1192#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1193
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1194#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1195#if defined(POLARSSL_AES_C)
1196
1197#if defined(POLARSSL_CIPHER_MODE_CBC)
1198#if defined(POLARSSL_SHA256_C)
1199 { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1200 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1201 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1202 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1203 0 },
1204#endif /* POLARSSL_SHA256_C */
1205
1206#if defined(POLARSSL_SHA512_C)
1207 { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1208 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1209 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1210 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1211 0 },
1212#endif /* POLARSSL_SHA512_C */
1213
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1214#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1215 { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1216 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1217 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1218 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1219 0 },
1220
1221 { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1222 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1223 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1224 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1225 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1226#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1227#endif /* POLARSSL_CIPHER_MODE_CBC */
1228#endif /* POLARSSL_AES_C */
1229
1230#if defined(POLARSSL_CAMELLIA_C)
1231#if defined(POLARSSL_CIPHER_MODE_CBC)
1232#if defined(POLARSSL_SHA256_C)
1233 { TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1234 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1235 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1236 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1237 0 },
1238#endif /* POLARSSL_SHA256_C */
1239
1240#if defined(POLARSSL_SHA512_C)
1241 { TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1242 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1243 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1244 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1245 0 },
1246#endif /* POLARSSL_SHA512_C */
1247#endif /* POLARSSL_CIPHER_MODE_CBC */
1248#endif /* POLARSSL_CAMELLIA_C */
1249
1250#if defined(POLARSSL_DES_C)
1251#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1252#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1253 { TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
1254 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1255 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1256 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1257 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1258#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1259#endif /* POLARSSL_CIPHER_MODE_CBC */
1260#endif /* POLARSSL_DES_C */
1261
1262#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1263#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1264 { TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
1265 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1266 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1267 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1268 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1269#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1270#endif /* POLARSSL_ARC4_C */
1271#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1272
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1273#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1274#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1275#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1276#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1277 { TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1278 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1279 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1280 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1281 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1282#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1283
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1284#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1285 { TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1286 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1287 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1288 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1289 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1290#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1291#endif /* POLARSSL_GCM_C */
1292
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1293#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1294#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1295 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1296 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1297 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1298 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1299 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1300#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1301
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1302#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1303 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1304 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1305 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1306 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1307 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1308#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1309
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1310#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1311 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1312 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1313 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1314 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1315 0 },
1316
1317 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1318 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1319 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1320 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1321 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1322#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1323#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1324#endif /* POLARSSL_AES_C */
1325
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1326#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1327#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1328#if defined(POLARSSL_SHA256_C)
1329 { TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1330 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1331 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1332 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1333 0 },
1334#endif /* POLARSSL_SHA256_C */
1335
1336#if defined(POLARSSL_SHA512_C)
1337 { TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1338 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1339 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1340 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1341 0 },
1342#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1343#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1344
1345#if defined(POLARSSL_GCM_C)
1346#if defined(POLARSSL_SHA256_C)
1347 { TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1348 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1349 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1350 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1351 0 },
1352#endif /* POLARSSL_SHA256_C */
1353
1354#if defined(POLARSSL_SHA512_C)
1355 { TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1356 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1357 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1358 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1359 0 },
1360#endif /* POLARSSL_SHA512_C */
1361#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1362#endif /* POLARSSL_CAMELLIA_C */
1363
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1364#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1365#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1366#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1367 { TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
1368 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1369 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1370 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1371 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1372#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1373#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1374#endif /* POLARSSL_DES_C */
1375
1376#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1377#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1378 { TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
1379 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1380 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1381 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1382 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1383#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1384#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1385#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1386
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1387#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES)
1388#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1389#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1390#if defined(POLARSSL_MD5_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1391 { TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1392 POLARSSL_CIPHER_NULL, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
1393 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1394 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1395 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1396#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1397
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1398#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1399 { TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1400 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
1401 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1402 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1403 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1404#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1405
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1406#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1407 { TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1408 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
1409 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1410 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1411 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1412#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1413#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1414
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1415#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1416#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1417 { TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1418 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1419 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1420 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1421 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1422#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1423
1424#if defined(POLARSSL_SHA256_C)
1425 { TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1426 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1427 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1428 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1429 POLARSSL_CIPHERSUITE_WEAK },
1430#endif
1431
1432#if defined(POLARSSL_SHA512_C)
1433 { TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1434 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1435 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1436 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1437 POLARSSL_CIPHERSUITE_WEAK },
1438#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1439#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
1440
1441#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1442#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1443 { TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1444 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1445 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1446 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1447 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1448#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1449
1450#if defined(POLARSSL_SHA256_C)
1451 { TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1452 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1453 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1454 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1455 POLARSSL_CIPHERSUITE_WEAK },
1456#endif
1457
1458#if defined(POLARSSL_SHA512_C)
1459 { TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1460 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1461 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1462 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1463 POLARSSL_CIPHERSUITE_WEAK },
1464#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1465#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
1466
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1467#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1468#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1469 { TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1470 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1471 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1472 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1473 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1474#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1475
1476#if defined(POLARSSL_SHA256_C)
1477 { TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1478 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1479 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1480 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1481 POLARSSL_CIPHERSUITE_WEAK },
1482#endif
1483
1484#if defined(POLARSSL_SHA512_C)
1485 { TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1486 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1487 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1488 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1489 POLARSSL_CIPHERSUITE_WEAK },
1490#endif
1491#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1492
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1493#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1494#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1495 { TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1496 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1497 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1498 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1499 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1500#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1501
1502#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1503 { TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1504 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1505 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1506 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1507 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1508#endif
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1509
1510#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1511 { TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1512 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1513 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1514 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1515 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1516#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1517#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
1518#endif /* POLARSSL_CIPHER_NULL_CIPHER */
1519
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1520#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1521#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1522#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1523#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1524 { TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
1525 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
1526 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1527 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1528 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1529#endif /* POLARSSL_SHA1_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1530#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1531
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1532#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1533#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1534 { TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
1535 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
1536 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1537 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1538 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1539#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1540#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
1541#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1542#endif /* POLARSSL_DES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1543#endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */
1544
1545 { 0, "", 0, 0, 0, 0, 0, 0, 0, 0 }
1546};
1547
1548const int *ssl_list_ciphersuites( void )
1549{
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1550 /*
1551 * On initial call filter out all ciphersuites not supported by current
1552 * build based on presence in the ciphersuite_definitions.
1553 */
1554 if( supported_init == 0 )
1555 {
1556 const int *p = ciphersuite_preference;
1557 int *q = supported_ciphersuites;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1558 size_t i;
1559 size_t max = sizeof(supported_ciphersuites) / sizeof(int);
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1560
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1561 for( i = 0; i < max - 1 && p[i] != 0; i++ )
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1562 {
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1563 if( ssl_ciphersuite_from_id( p[i] ) != NULL )
1564 *(q++) = p[i];
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1565 }
Manuel Pégourié-Gonnardbc4b7f02013-09-07 15:04:26 +0200[diff] [blame]1566 *q = 0;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1567
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1568 supported_init = 1;
1569 }
1570
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1571 return supported_ciphersuites;
1572};
1573
1574const ssl_ciphersuite_t *ssl_ciphersuite_from_string( const char *ciphersuite_name )
1575{
1576 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1577
1578 if( NULL == ciphersuite_name )
1579 return( NULL );
1580
1581 while( cur->id != 0 )
1582 {
1583 if( 0 == strcasecmp( cur->name, ciphersuite_name ) )
1584 return( cur );
1585
1586 cur++;
1587 }
1588
1589 return( NULL );
1590}
1591
1592const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite )
1593{
1594 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1595
1596 while( cur->id != 0 )
1597 {
1598 if( cur->id == ciphersuite )
1599 return( cur );
1600
1601 cur++;
1602 }
1603
1604 return( NULL );
1605}
1606
1607const char *ssl_get_ciphersuite_name( const int ciphersuite_id )
1608{
1609 const ssl_ciphersuite_t *cur;
1610
1611 cur = ssl_ciphersuite_from_id( ciphersuite_id );
1612
1613 if( cur == NULL )
1614 return( "unknown" );
1615
1616 return( cur->name );
1617}
1618
1619int ssl_get_ciphersuite_id( const char *ciphersuite_name )
1620{
1621 const ssl_ciphersuite_t *cur;
1622
1623 cur = ssl_ciphersuite_from_string( ciphersuite_name );
1624
1625 if( cur == NULL )
1626 return( 0 );
1627
1628 return( cur->id );
1629}
1630
Manuel Pégourié-Gonnard1a483832013-09-20 12:29:15 +0200[diff] [blame]1631#if defined(POLARSSL_PK_C)
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1632pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info )
1633{
1634 switch( info->key_exchange )
1635 {
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1636 case POLARSSL_KEY_EXCHANGE_RSA:
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1637 case POLARSSL_KEY_EXCHANGE_DHE_RSA:
1638 case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1639 case POLARSSL_KEY_EXCHANGE_RSA_PSK:
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1640 return( POLARSSL_PK_RSA );
1641
1642 case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
1643 return( POLARSSL_PK_ECDSA );
1644
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1645 case POLARSSL_KEY_EXCHANGE_ECDH_RSA:
1646 case POLARSSL_KEY_EXCHANGE_ECDH_ECDSA:
1647 return( POLARSSL_PK_ECKEY );
1648
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1649 default:
1650 return( POLARSSL_PK_NONE );
1651 }
1652}
Manuel Pégourié-Gonnard1a483832013-09-20 12:29:15 +0200[diff] [blame]1653#endif
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1654
Manuel Pégourié-Gonnard280f95b2014-01-18 18:28:58 +0100[diff] [blame]1655#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C)
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1656int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info )
1657{
1658 switch( info->key_exchange )
1659 {
1660 case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
1661 case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1662 case POLARSSL_KEY_EXCHANGE_ECDHE_PSK:
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1663 case POLARSSL_KEY_EXCHANGE_ECDH_RSA:
1664 case POLARSSL_KEY_EXCHANGE_ECDH_ECDSA:
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1665 return( 1 );
1666
1667 default:
1668 return( 0 );
1669 }
1670}
Manuel Pégourié-Gonnard280f95b2014-01-18 18:28:58 +0100[diff] [blame]1671#endif
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1672
Manuel Pégourié-Gonnard280f95b2014-01-18 18:28:58 +0100[diff] [blame]1673#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
Manuel Pégourié-Gonnard21ef42f2013-10-27 14:47:25 +0100[diff] [blame]1674int ssl_ciphersuite_uses_psk( const ssl_ciphersuite_t *info )
1675{
1676 switch( info->key_exchange )
1677 {
1678 case POLARSSL_KEY_EXCHANGE_PSK:
1679 case POLARSSL_KEY_EXCHANGE_RSA_PSK:
1680 case POLARSSL_KEY_EXCHANGE_DHE_PSK:
1681 case POLARSSL_KEY_EXCHANGE_ECDHE_PSK:
1682 return( 1 );
1683
1684 default:
1685 return( 0 );
1686 }
1687}
Manuel Pégourié-Gonnard280f95b2014-01-18 18:28:58 +0100[diff] [blame]1688#endif
Manuel Pégourié-Gonnard21ef42f2013-10-27 14:47:25 +0100[diff] [blame]1689
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1690#endif