TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / refs/heads/development / . / library / ssl_ciphersuites_internal.h
blob: a7981dbdf6871b6bfa4df5406daec0f736bef7d2 [file] [log] [blame]
Valerio Settid9291062024-01-17 09:48:06 +0100[diff] [blame]1/**
2 * \file ssl_ciphersuites_internal.h
3 *
4 * \brief Internal part of the public "ssl_ciphersuites.h".
5 */
6/*
7 * Copyright The Mbed TLS Contributors
8 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
9 */
10#ifndef MBEDTLS_SSL_CIPHERSUITES_INTERNAL_H
11#define MBEDTLS_SSL_CIPHERSUITES_INTERNAL_H
12
13#include "mbedtls/pk.h"
14
15#if defined(MBEDTLS_PK_C)
16mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info);
Valerio Settid9291062024-01-17 09:48:06 +0100[diff] [blame]17psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg(const mbedtls_ssl_ciphersuite_t *info);
18psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage(const mbedtls_ssl_ciphersuite_t *info);
Valerio Settid9291062024-01-17 09:48:06 +0100[diff] [blame]19mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info);
20#endif /* MBEDTLS_PK_C */
21
22int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info);
23int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info);
24
25#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED)
26static inline int mbedtls_ssl_ciphersuite_has_pfs(const mbedtls_ssl_ciphersuite_t *info)
27{
28 switch (info->MBEDTLS_PRIVATE(key_exchange)) {
Valerio Settid9291062024-01-17 09:48:06 +0100[diff] [blame]29 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
30 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
31 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
32 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
33 return 1;
34
35 default:
36 return 0;
37 }
38}
39#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED */
40
41#if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED)
42static inline int mbedtls_ssl_ciphersuite_no_pfs(const mbedtls_ssl_ciphersuite_t *info)
43{
44 switch (info->MBEDTLS_PRIVATE(key_exchange)) {
45 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
46 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
Valerio Settid9291062024-01-17 09:48:06 +0100[diff] [blame]47 case MBEDTLS_KEY_EXCHANGE_PSK:
Valerio Settid9291062024-01-17 09:48:06 +0100[diff] [blame]48 return 1;
49
50 default:
51 return 0;
52 }
53}
54#endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */
55
56#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED)
57static inline int mbedtls_ssl_ciphersuite_uses_ecdh(const mbedtls_ssl_ciphersuite_t *info)
58{
59 switch (info->MBEDTLS_PRIVATE(key_exchange)) {
60 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
61 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
62 return 1;
63
64 default:
65 return 0;
66 }
67}
68#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */
69
70static inline int mbedtls_ssl_ciphersuite_cert_req_allowed(const mbedtls_ssl_ciphersuite_t *info)
71{
72 switch (info->MBEDTLS_PRIVATE(key_exchange)) {
Valerio Settid9291062024-01-17 09:48:06 +0100[diff] [blame]73 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
74 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
75 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
76 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
77 return 1;
78
79 default:
80 return 0;
81 }
82}
83
84static inline int mbedtls_ssl_ciphersuite_uses_srv_cert(const mbedtls_ssl_ciphersuite_t *info)
85{
86 switch (info->MBEDTLS_PRIVATE(key_exchange)) {
Valerio Settid9291062024-01-17 09:48:06 +0100[diff] [blame]87 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
88 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
89 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
90 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
91 return 1;
92
93 default:
94 return 0;
95 }
96}
97
Valerio Settid9291062024-01-17 09:48:06 +0100[diff] [blame]98#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
99static inline int mbedtls_ssl_ciphersuite_uses_ecdhe(const mbedtls_ssl_ciphersuite_t *info)
100{
101 switch (info->MBEDTLS_PRIVATE(key_exchange)) {
102 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
103 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
104 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
105 return 1;
106
107 default:
108 return 0;
109 }
110}
111#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) */
112
113#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
114static inline int mbedtls_ssl_ciphersuite_uses_server_signature(
115 const mbedtls_ssl_ciphersuite_t *info)
116{
117 switch (info->MBEDTLS_PRIVATE(key_exchange)) {
Valerio Settid9291062024-01-17 09:48:06 +0100[diff] [blame]118 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
119 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
120 return 1;
121
122 default:
123 return 0;
124 }
125}
126#endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */
127
128#endif /* MBEDTLS_SSL_CIPHERSUITES_INTERNAL_H */