TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 07a1edd590370495251e51917abeff7af6eb2ba7 / . / library / ssl_ciphersuites_internal.h
blob: 802318bc922e4ce187bc655742cb6f2ff5034798 [file] [log] [blame]
Valerio Settid9291062024-01-17 09:48:06 +0100[diff] [blame]1/**
2 * \file ssl_ciphersuites_internal.h
3 *
4 * \brief Internal part of the public "ssl_ciphersuites.h".
5 */
6/*
7 * Copyright The Mbed TLS Contributors
8 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
9 */
10#ifndef MBEDTLS_SSL_CIPHERSUITES_INTERNAL_H
11#define MBEDTLS_SSL_CIPHERSUITES_INTERNAL_H
12
13#include "mbedtls/pk.h"
14
15#if defined(MBEDTLS_PK_C)
16mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info);
Valerio Settid9291062024-01-17 09:48:06 +0100[diff] [blame]17psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg(const mbedtls_ssl_ciphersuite_t *info);
18psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage(const mbedtls_ssl_ciphersuite_t *info);
Valerio Settid9291062024-01-17 09:48:06 +0100[diff] [blame]19mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info);
20#endif /* MBEDTLS_PK_C */
21
22int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info);
23int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info);
24
25#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED)
26static inline int mbedtls_ssl_ciphersuite_has_pfs(const mbedtls_ssl_ciphersuite_t *info)
27{
28 switch (info->MBEDTLS_PRIVATE(key_exchange)) {
29 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
Valerio Settid9291062024-01-17 09:48:06 +0100[diff] [blame]30 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
31 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
32 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
33 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
34 return 1;
35
36 default:
37 return 0;
38 }
39}
40#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED */
41
42#if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED)
43static inline int mbedtls_ssl_ciphersuite_no_pfs(const mbedtls_ssl_ciphersuite_t *info)
44{
45 switch (info->MBEDTLS_PRIVATE(key_exchange)) {
46 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
47 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
48 case MBEDTLS_KEY_EXCHANGE_RSA:
49 case MBEDTLS_KEY_EXCHANGE_PSK:
Valerio Settid9291062024-01-17 09:48:06 +0100[diff] [blame]50 return 1;
51
52 default:
53 return 0;
54 }
55}
56#endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */
57
58#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED)
59static inline int mbedtls_ssl_ciphersuite_uses_ecdh(const mbedtls_ssl_ciphersuite_t *info)
60{
61 switch (info->MBEDTLS_PRIVATE(key_exchange)) {
62 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
63 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
64 return 1;
65
66 default:
67 return 0;
68 }
69}
70#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */
71
72static inline int mbedtls_ssl_ciphersuite_cert_req_allowed(const mbedtls_ssl_ciphersuite_t *info)
73{
74 switch (info->MBEDTLS_PRIVATE(key_exchange)) {
75 case MBEDTLS_KEY_EXCHANGE_RSA:
76 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
77 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
78 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
79 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
80 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
81 return 1;
82
83 default:
84 return 0;
85 }
86}
87
88static inline int mbedtls_ssl_ciphersuite_uses_srv_cert(const mbedtls_ssl_ciphersuite_t *info)
89{
90 switch (info->MBEDTLS_PRIVATE(key_exchange)) {
91 case MBEDTLS_KEY_EXCHANGE_RSA:
Valerio Settid9291062024-01-17 09:48:06 +0100[diff] [blame]92 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
93 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
94 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
95 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
96 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
97 return 1;
98
99 default:
100 return 0;
101 }
102}
103
104#if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED)
105static inline int mbedtls_ssl_ciphersuite_uses_dhe(const mbedtls_ssl_ciphersuite_t *info)
106{
107 switch (info->MBEDTLS_PRIVATE(key_exchange)) {
108 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
Valerio Settid9291062024-01-17 09:48:06 +0100[diff] [blame]109 return 1;
110
111 default:
112 return 0;
113 }
114}
115#endif /* MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) */
116
117#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
118static inline int mbedtls_ssl_ciphersuite_uses_ecdhe(const mbedtls_ssl_ciphersuite_t *info)
119{
120 switch (info->MBEDTLS_PRIVATE(key_exchange)) {
121 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
122 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
123 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
124 return 1;
125
126 default:
127 return 0;
128 }
129}
130#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) */
131
132#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
133static inline int mbedtls_ssl_ciphersuite_uses_server_signature(
134 const mbedtls_ssl_ciphersuite_t *info)
135{
136 switch (info->MBEDTLS_PRIVATE(key_exchange)) {
137 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
138 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
139 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
140 return 1;
141
142 default:
143 return 0;
144 }
145}
146#endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */
147
148#endif /* MBEDTLS_SSL_CIPHERSUITES_INTERNAL_H */