TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / e07f41d4be8ab80c3f9dad6111fc1a6ab5b8b064 / . / library / ssl_ciphersuites.c
blob: d4d96bfcf48a10b482f358eb446926d3ba45e6ea [file] [log] [blame]
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1/**
2 * \file ssl_ciphersuites.c
3 *
4 * \brief SSL ciphersuites for PolarSSL
5 *
6 * Copyright (C) 2006-2013, Brainspark B.V.
7 *
8 * This file is part of PolarSSL (http://www.polarssl.org)
9 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
10 *
11 * All rights reserved.
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License along
24 * with this program; if not, write to the Free Software Foundation, Inc.,
25 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 */
27
28#include "polarssl/config.h"
29
30#if defined(POLARSSL_SSL_TLS_C)
31
32#include "polarssl/ssl_ciphersuites.h"
33#include "polarssl/ssl.h"
34
35#include <stdlib.h>
36
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]37/*
38 * Ordered from most preferred to least preferred in terms of security.
39 */
40static const int ciphersuite_preference[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]41{
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]42 /* All AES-256 ephemeral suites */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]43 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]44 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]45 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]46 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]47 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]48 TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]49
50 /* All CAMELLIA-256 ephemeral suites */
51 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]52 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]53 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]54
55 /* All AES-128 ephemeral suites */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]56 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]57 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]58 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]59 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
60 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
61 TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]62
63 /* All CAMELLIA-128 ephemeral suites */
64 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]65 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]66 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]67
68 /* All remaining > 128-bit ephemeral suites */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]69 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]70 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]71 TLS_ECDHE_RSA_WITH_RC4_128_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]72
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]73 /* The PSK ephemeral suites */
74 TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
75 TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
76 TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
77 TLS_DHE_PSK_WITH_RC4_128_SHA,
78
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]79 /* All AES-256 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]80 TLS_RSA_WITH_AES_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]81 TLS_RSA_WITH_AES_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]82 TLS_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]83
84 /* All CAMELLIA-256 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]85 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]86 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]87
88 /* All AES-128 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]89 TLS_RSA_WITH_AES_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]90 TLS_RSA_WITH_AES_128_GCM_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]91 TLS_RSA_WITH_AES_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]92
93 /* All CAMELLIA-128 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]94 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]95 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]96
97 /* All remaining > 128-bit suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]98 TLS_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]99 TLS_RSA_WITH_RC4_128_SHA,
100 TLS_RSA_WITH_RC4_128_MD5,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]101
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]102 /* The RSA PSK suites */
103 TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
104 TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
105 TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
106 TLS_RSA_PSK_WITH_RC4_128_SHA,
107
108 /* The PSK suites */
109 TLS_PSK_WITH_AES_256_CBC_SHA,
110 TLS_PSK_WITH_AES_128_CBC_SHA,
111 TLS_PSK_WITH_3DES_EDE_CBC_SHA,
112 TLS_PSK_WITH_RC4_128_SHA,
113
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]114 /* Weak or NULL suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]115 TLS_DHE_RSA_WITH_DES_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]116 TLS_RSA_WITH_DES_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]117 TLS_ECDHE_RSA_WITH_NULL_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]118 TLS_RSA_WITH_NULL_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]119 TLS_RSA_WITH_NULL_SHA,
120 TLS_RSA_WITH_NULL_MD5,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]121
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]122 0
123};
124
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]125#define MAX_CIPHERSUITES 60
126static int supported_ciphersuites[MAX_CIPHERSUITES];
127static int supported_init = 0;
128
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]129static const ssl_ciphersuite_t ciphersuite_definitions[] =
130{
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame^]131#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]132#if defined(POLARSSL_AES_C)
133 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
134 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
135 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
136 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
137 POLARSSL_CIPHERSUITE_EC },
138 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
139 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
140 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
141 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
142 POLARSSL_CIPHERSUITE_EC },
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]143#if defined(POLARSSL_SHA2_C)
144 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
145 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
146 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
147 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
148 POLARSSL_CIPHERSUITE_EC },
149#if defined(POLARSSL_GCM_C)
150 { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
151 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
152 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
153 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
154 POLARSSL_CIPHERSUITE_EC },
155#endif /* POLARSSL_GCM_C */
156#endif /* POLARSSL_SHA2_C */
157#if defined(POLARSSL_SHA4_C)
158 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
159 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
160 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
161 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
162 POLARSSL_CIPHERSUITE_EC },
163#if defined(POLARSSL_GCM_C)
164 { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
165 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
166 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
167 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
168 POLARSSL_CIPHERSUITE_EC },
169#endif /* POLARSSL_GCM_C */
170#endif /* POLARSSL_SHA4_C */
171#endif /* POLARSSL_AES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]172
173#if defined(POLARSSL_CAMELLIA_C)
174#if defined(POLARSSL_SHA2_C)
175 { TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
176 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
177 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
178 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
179 POLARSSL_CIPHERSUITE_EC },
180#endif /* POLARSSL_SHA2_C */
181#if defined(POLARSSL_SHA4_C)
182 { TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
183 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
184 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
185 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
186 POLARSSL_CIPHERSUITE_EC },
187#endif /* POLARSSL_SHA4_C */
188#endif /* POLARSSL_CAMELLIA_C */
189
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]190#if defined(POLARSSL_DES_C)
191 { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
192 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
193 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
194 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
195 POLARSSL_CIPHERSUITE_EC },
196#endif /* POLARSSL_DES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]197
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]198#if defined(POLARSSL_ARC4_C)
199 { TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
200 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
201 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
202 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
203 POLARSSL_CIPHERSUITE_EC },
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]204#endif /* POLARSSL_ARC4_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]205
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]206#if defined(POLARSSL_CIPHER_NULL_CIPHER)
207 { TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
208 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
209 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
210 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
211 POLARSSL_CIPHERSUITE_EC | POLARSSL_CIPHERSUITE_WEAK },
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]212#endif /* POLARSSL_CIPHER_NULL_CIPHER */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame^]213#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]214
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame^]215#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]216#if defined(POLARSSL_AES_C)
217#if defined(POLARSSL_SHA4_C) && defined(POLARSSL_GCM_C)
218 { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
219 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA,
220 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
221 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
222 0 },
223#endif /* POLARSSL_SHA4_C && POLARSSL_GCM_C */
224
225#if defined(POLARSSL_SHA2_C)
226#if defined(POLARSSL_GCM_C)
227 { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
228 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
229 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
230 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
231 0 },
232#endif /* POLARSSL_GCM_C */
233
234 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
235 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
236 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
237 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
238 0 },
239
240 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
241 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
242 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
243 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
244 0 },
245#endif /* POLARSSL_SHA2_C */
246
247 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
248 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
249 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
250 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
251 0 },
252
253 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
254 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
255 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
256 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
257 0 },
258#endif /* POLARSSL_AES_C */
259
260#if defined(POLARSSL_CAMELLIA_C)
261#if defined(POLARSSL_SHA2_C)
262 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
263 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
264 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
265 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
266 0 },
267
268 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
269 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
270 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
271 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
272 0 },
273#endif /* POLARSSL_SHA2_C */
274
275 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
276 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
277 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
278 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
279 0 },
280
281 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
282 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
283 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
284 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
285 0 },
286#endif /* POLARSSL_CAMELLIA_C */
287
288#if defined(POLARSSL_DES_C)
289 { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
290 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
291 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
292 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
293 0 },
294#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame^]295#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]296
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame^]297#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]298#if defined(POLARSSL_AES_C)
299#if defined(POLARSSL_SHA4_C) && defined(POLARSSL_GCM_C)
300 { TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
301 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
302 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
303 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
304 0 },
305#endif /* POLARSSL_SHA4_C && POLARSSL_GCM_C */
306
307#if defined(POLARSSL_SHA2_C)
308#if defined(POLARSSL_GCM_C)
309 { TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
310 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
311 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
312 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
313 0 },
314#endif /* POLARSSL_GCM_C */
315
316 { TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
317 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
318 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
319 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
320 0 },
321
322 { TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
323 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
324 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
325 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
326 0 },
327#endif /* POLARSSL_SHA2_C */
328
329 { TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
330 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
331 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
332 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
333 0 },
334
335 { TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
336 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
337 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
338 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
339 0 },
340#endif /* POLARSSL_AES_C */
341
342#if defined(POLARSSL_CAMELLIA_C)
343#if defined(POLARSSL_SHA2_C)
344 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
345 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
346 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
347 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
348 0 },
349
350 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
351 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
352 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
353 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
354 0 },
355#endif /* POLARSSL_SHA2_C */
356
357 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
358 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
359 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
360 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
361 0 },
362
363 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
364 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
365 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
366 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
367 0 },
368#endif /* POLARSSL_CAMELLIA_C */
369
370#if defined(POLARSSL_DES_C)
371 { TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
372 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
373 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
374 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
375 0 },
376#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame^]377
378#if defined(POLARSSL_ARC4_C)
379 { TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
380 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
381 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
382 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
383 0 },
384
385 { TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
386 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
387 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
388 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
389 0 },
390#endif /* POLARSSL_ARC4_C */
391#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]392
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]393#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
394#if defined(POLARSSL_AES_C)
395 { TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
396 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
397 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
398 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
399 0 },
400
401 { TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
402 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
403 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
404 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
405 0 },
406#endif /* POLARSSL_AES_C */
407
408#if defined(POLARSSL_DES_C)
409 { TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
410 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
411 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
412 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
413 0 },
414#endif /* POLARSSL_DES_C */
415
416#if defined(POLARSSL_ARC4_C)
417 { TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
418 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
419 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
420 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
421 0 },
422#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame^]423#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]424
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame^]425#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]426#if defined(POLARSSL_AES_C)
427 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
428 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
429 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
430 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
431 0 },
432
433 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
434 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
435 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
436 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
437 0 },
438#endif /* POLARSSL_AES_C */
439
440#if defined(POLARSSL_DES_C)
441 { TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
442 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
443 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
444 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
445 0 },
446#endif /* POLARSSL_DES_C */
447
448#if defined(POLARSSL_ARC4_C)
449 { TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
450 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
451 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
452 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
453 0 },
454#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame^]455#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]456
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame^]457#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]458#if defined(POLARSSL_AES_C)
459 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
460 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
461 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
462 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
463 0 },
464
465 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
466 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
467 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
468 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
469 0 },
470#endif /* POLARSSL_AES_C */
471
472#if defined(POLARSSL_DES_C)
473 { TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
474 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
475 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
476 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
477 0 },
478#endif /* POLARSSL_DES_C */
479
480#if defined(POLARSSL_ARC4_C)
481 { TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
482 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
483 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
484 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
485 0 },
486#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame^]487#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]488
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]489#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame^]490#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]491#if defined(POLARSSL_CIPHER_NULL_CIPHER)
492 { TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
493 POLARSSL_CIPHER_NULL, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
494 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
495 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
496 POLARSSL_CIPHERSUITE_WEAK },
497
498 { TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
499 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
500 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
501 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
502 POLARSSL_CIPHERSUITE_WEAK },
503
504 { TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
505 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
506 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
507 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
508 POLARSSL_CIPHERSUITE_WEAK },
509#endif /* POLARSSL_CIPHER_NULL_CIPHER */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame^]510#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]511
512#if defined(POLARSSL_DES_C)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame^]513#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]514 { TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
515 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
516 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
517 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
518 POLARSSL_CIPHERSUITE_WEAK },
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame^]519#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]520
521 { TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
522 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
523 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
524 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
525 POLARSSL_CIPHERSUITE_WEAK },
526#endif /* POLARSSL_DES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]527#endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */
528
529 { 0, "", 0, 0, 0, 0, 0, 0, 0, 0 }
530};
531
532const int *ssl_list_ciphersuites( void )
533{
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]534 /*
535 * On initial call filter out all ciphersuites not supported by current
536 * build based on presence in the ciphersuite_definitions.
537 */
538 if( supported_init == 0 )
539 {
540 const int *p = ciphersuite_preference;
541 int *q = supported_ciphersuites;
542
543 memset( supported_ciphersuites, 0x00, sizeof(supported_ciphersuites) );
544
545 while( *p != 0 )
546 {
547 if( ssl_ciphersuite_from_id( *p ) != NULL )
548 *(q++) = *p;
549
550 p++;
551 }
552 supported_init = 1;
553 }
554
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]555 return supported_ciphersuites;
556};
557
558const ssl_ciphersuite_t *ssl_ciphersuite_from_string( const char *ciphersuite_name )
559{
560 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
561
562 if( NULL == ciphersuite_name )
563 return( NULL );
564
565 while( cur->id != 0 )
566 {
567 if( 0 == strcasecmp( cur->name, ciphersuite_name ) )
568 return( cur );
569
570 cur++;
571 }
572
573 return( NULL );
574}
575
576const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite )
577{
578 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
579
580 while( cur->id != 0 )
581 {
582 if( cur->id == ciphersuite )
583 return( cur );
584
585 cur++;
586 }
587
588 return( NULL );
589}
590
591const char *ssl_get_ciphersuite_name( const int ciphersuite_id )
592{
593 const ssl_ciphersuite_t *cur;
594
595 cur = ssl_ciphersuite_from_id( ciphersuite_id );
596
597 if( cur == NULL )
598 return( "unknown" );
599
600 return( cur->name );
601}
602
603int ssl_get_ciphersuite_id( const char *ciphersuite_name )
604{
605 const ssl_ciphersuite_t *cur;
606
607 cur = ssl_ciphersuite_from_string( ciphersuite_name );
608
609 if( cur == NULL )
610 return( 0 );
611
612 return( cur->id );
613}
614
615#endif