Blame - library/ssl_ciphersuites_internal.h - mirror/mbed-tls

blob: 4f71bc063003dabea79949eeabc202e13b3c4efa [file] [log] [blame]

Valerio Setti	d929106	2024-01-17 09:48:06 +0100	[diff] [blame]	1	/**
				2	* \file ssl_ciphersuites_internal.h
				3	*
				4	* \brief Internal part of the public "ssl_ciphersuites.h".
				5	*/
				6	/*
				7	* Copyright The Mbed TLS Contributors
				8	* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
				9	*/
				10	#ifndef MBEDTLS_SSL_CIPHERSUITES_INTERNAL_H
				11	#define MBEDTLS_SSL_CIPHERSUITES_INTERNAL_H
				12
				13	#include "mbedtls/pk.h"
				14
				15	#if defined(MBEDTLS_PK_C)
				16	mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info);
				17	#if defined(MBEDTLS_USE_PSA_CRYPTO)
				18	psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg(const mbedtls_ssl_ciphersuite_t *info);
				19	psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage(const mbedtls_ssl_ciphersuite_t *info);
				20	#endif /* MBEDTLS_USE_PSA_CRYPTO */
				21	mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info);
				22	#endif /* MBEDTLS_PK_C */
				23
				24	int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info);
				25	int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info);
				26
				27	#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED)
				28	static inline int mbedtls_ssl_ciphersuite_has_pfs(const mbedtls_ssl_ciphersuite_t *info)
				29	{
				30	switch (info->MBEDTLS_PRIVATE(key_exchange)) {
				31	case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
				32	case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
				33	case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
				34	case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
				35	case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
				36	case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
				37	return 1;
				38
				39	default:
				40	return 0;
				41	}
				42	}
				43	#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED */
				44
				45	#if defined(MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED)
				46	static inline int mbedtls_ssl_ciphersuite_no_pfs(const mbedtls_ssl_ciphersuite_t *info)
				47	{
				48	switch (info->MBEDTLS_PRIVATE(key_exchange)) {
				49	case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
				50	case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
				51	case MBEDTLS_KEY_EXCHANGE_RSA:
				52	case MBEDTLS_KEY_EXCHANGE_PSK:
Valerio Setti	d929106	2024-01-17 09:48:06 +0100	[diff] [blame]	53	return 1;
				54
				55	default:
				56	return 0;
				57	}
				58	}
				59	#endif /* MBEDTLS_KEY_EXCHANGE_SOME_NON_PFS_ENABLED */
				60
				61	#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED)
				62	static inline int mbedtls_ssl_ciphersuite_uses_ecdh(const mbedtls_ssl_ciphersuite_t *info)
				63	{
				64	switch (info->MBEDTLS_PRIVATE(key_exchange)) {
				65	case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
				66	case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
				67	return 1;
				68
				69	default:
				70	return 0;
				71	}
				72	}
				73	#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED */
				74
				75	static inline int mbedtls_ssl_ciphersuite_cert_req_allowed(const mbedtls_ssl_ciphersuite_t *info)
				76	{
				77	switch (info->MBEDTLS_PRIVATE(key_exchange)) {
				78	case MBEDTLS_KEY_EXCHANGE_RSA:
				79	case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
				80	case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
				81	case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
				82	case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
				83	case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
				84	return 1;
				85
				86	default:
				87	return 0;
				88	}
				89	}
				90
				91	static inline int mbedtls_ssl_ciphersuite_uses_srv_cert(const mbedtls_ssl_ciphersuite_t *info)
				92	{
				93	switch (info->MBEDTLS_PRIVATE(key_exchange)) {
				94	case MBEDTLS_KEY_EXCHANGE_RSA:
Valerio Setti	d929106	2024-01-17 09:48:06 +0100	[diff] [blame]	95	case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
				96	case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
				97	case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
				98	case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
				99	case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
				100	return 1;
				101
				102	default:
				103	return 0;
				104	}
				105	}
				106
				107	#if defined(MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED)
				108	static inline int mbedtls_ssl_ciphersuite_uses_dhe(const mbedtls_ssl_ciphersuite_t *info)
				109	{
				110	switch (info->MBEDTLS_PRIVATE(key_exchange)) {
				111	case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
				112	case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
				113	return 1;
				114
				115	default:
				116	return 0;
				117	}
				118	}
				119	#endif /* MBEDTLS_KEY_EXCHANGE_SOME_DHE_ENABLED) */
				120
				121	#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
				122	static inline int mbedtls_ssl_ciphersuite_uses_ecdhe(const mbedtls_ssl_ciphersuite_t *info)
				123	{
				124	switch (info->MBEDTLS_PRIVATE(key_exchange)) {
				125	case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
				126	case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
				127	case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
				128	return 1;
				129
				130	default:
				131	return 0;
				132	}
				133	}
				134	#endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED) */
				135
				136	#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
				137	static inline int mbedtls_ssl_ciphersuite_uses_server_signature(
				138	const mbedtls_ssl_ciphersuite_t *info)
				139	{
				140	switch (info->MBEDTLS_PRIVATE(key_exchange)) {
				141	case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
				142	case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
				143	case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
				144	return 1;
				145
				146	default:
				147	return 0;
				148	}
				149	}
				150	#endif /* MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED */
				151
				152	#endif /* MBEDTLS_SSL_CIPHERSUITES_INTERNAL_H */