blob: 9ad5cf9ce256ea5d2b3eb451815699badc9cf008 [file] [log] [blame]
Paul Bakker68884e32013-01-07 18:20:04 +01001/**
2 * \file ssl_ciphersuites.c
3 *
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +00004 * \brief SSL ciphersuites for mbed TLS
Paul Bakker68884e32013-01-07 18:20:04 +01005 *
Manuel Pégourié-Gonnard6fb81872015-07-27 11:11:48 +02006 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
Bence Szépkúti4e9f7122020-06-05 13:02:18 +02007 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
8 *
9 * This file is provided under the Apache License 2.0, or the
10 * GNU General Public License v2.0 or later.
11 *
12 * **********
13 * Apache License 2.0:
Manuel Pégourié-Gonnard37ff1402015-09-04 14:21:07 +020014 *
15 * Licensed under the Apache License, Version 2.0 (the "License"); you may
16 * not use this file except in compliance with the License.
17 * You may obtain a copy of the License at
18 *
19 * http://www.apache.org/licenses/LICENSE-2.0
20 *
21 * Unless required by applicable law or agreed to in writing, software
22 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
23 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
24 * See the License for the specific language governing permissions and
25 * limitations under the License.
Paul Bakker68884e32013-01-07 18:20:04 +010026 *
Bence Szépkúti4e9f7122020-06-05 13:02:18 +020027 * **********
28 *
29 * **********
30 * GNU General Public License v2.0 or later:
31 *
32 * This program is free software; you can redistribute it and/or modify
33 * it under the terms of the GNU General Public License as published by
34 * the Free Software Foundation; either version 2 of the License, or
35 * (at your option) any later version.
36 *
37 * This program is distributed in the hope that it will be useful,
38 * but WITHOUT ANY WARRANTY; without even the implied warranty of
39 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
40 * GNU General Public License for more details.
41 *
42 * You should have received a copy of the GNU General Public License along
43 * with this program; if not, write to the Free Software Foundation, Inc.,
44 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
45 *
46 * **********
47 *
Manuel Pégourié-Gonnardfe446432015-03-06 13:17:10 +000048 * This file is part of mbed TLS (https://tls.mbed.org)
Paul Bakker68884e32013-01-07 18:20:04 +010049 */
50
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020051#if !defined(MBEDTLS_CONFIG_FILE)
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +000052#include "mbedtls/config.h"
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +020053#else
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020054#include MBEDTLS_CONFIG_FILE
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +020055#endif
Paul Bakker68884e32013-01-07 18:20:04 +010056
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020057#if defined(MBEDTLS_SSL_TLS_C)
Paul Bakker68884e32013-01-07 18:20:04 +010058
SimonBd5800b72016-04-26 07:43:27 +010059#if defined(MBEDTLS_PLATFORM_C)
60#include "mbedtls/platform.h"
61#else
62#include <stdlib.h>
SimonBd5800b72016-04-26 07:43:27 +010063#endif
64
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +000065#include "mbedtls/ssl_ciphersuites.h"
66#include "mbedtls/ssl.h"
Paul Bakker68884e32013-01-07 18:20:04 +010067
Rich Evans00ab4702015-02-06 13:43:58 +000068#include <string.h>
Paul Bakker68884e32013-01-07 18:20:04 +010069
Paul Bakker41c83d32013-03-20 14:39:14 +010070/*
71 * Ordered from most preferred to least preferred in terms of security.
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +020072 *
Andres Amaya Garcia21ade062018-10-30 18:21:41 +000073 * Current rule (except RC4 and 3DES, weak and null which come last):
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +020074 * 1. By key exchange:
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +020075 * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +020076 * 2. By key length and cipher:
Andres Amaya Garcia21ade062018-10-30 18:21:41 +000077 * AES-256 > Camellia-256 > AES-128 > Camellia-128
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +020078 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +020079 * 4. By hash function used when relevant
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +020080 * 5. By key exchange/auth again: EC > non-EC
Paul Bakker41c83d32013-03-20 14:39:14 +010081 */
82static const int ciphersuite_preference[] =
Paul Bakker68884e32013-01-07 18:20:04 +010083{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020084#if defined(MBEDTLS_SSL_CIPHERSUITES)
85 MBEDTLS_SSL_CIPHERSUITES,
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +020086#else
Paul Bakker27714b12013-04-07 23:07:12 +020087 /* All AES-256 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +020088 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
89 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
90 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
91 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
92 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
93 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
94 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
95 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
96 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
97 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
98 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
99 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
100 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200101
102 /* All CAMELLIA-256 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200103 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
104 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
105 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
106 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
107 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
108 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
109 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200110
111 /* All AES-128 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200112 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
113 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
114 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
115 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
116 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
117 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
118 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
119 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
120 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
121 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
122 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
123 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
124 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200125
126 /* All CAMELLIA-128 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200127 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
128 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
129 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
130 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
131 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
132 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
133 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200134
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200135 /* The PSK ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200136 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
137 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
138 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
139 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
140 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
141 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
142 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
143 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
144 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
145 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200146
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200147 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
148 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM,
149 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
150 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
151 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
152 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
153 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
154 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
155 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
156 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200157
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200158 /* The ECJPAKE suite */
159 MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
160
Paul Bakker27714b12013-04-07 23:07:12 +0200161 /* All AES-256 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200162 MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
163 MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
164 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
165 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
166 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
167 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
168 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
169 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
170 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
171 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
172 MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200173
174 /* All CAMELLIA-256 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200175 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
176 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
177 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
178 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
179 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
180 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
181 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200182
183 /* All AES-128 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200184 MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
185 MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
186 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
187 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
188 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
189 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
190 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
191 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
192 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
193 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
194 MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200195
196 /* All CAMELLIA-128 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200197 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
198 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
199 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
200 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
201 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
202 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
203 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200204
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200205 /* The RSA PSK suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200206 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
207 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
208 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
209 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
210 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200211
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200212 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
213 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
214 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
215 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
216 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200217
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200218 /* The PSK suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200219 MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
220 MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
221 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
222 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
223 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
224 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
225 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200226
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200227 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
228 MBEDTLS_TLS_PSK_WITH_AES_128_CCM,
229 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
230 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
231 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
232 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
233 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200234
Andres Amaya Garcia21ade062018-10-30 18:21:41 +0000235 /* 3DES suites */
236 MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
237 MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
238 MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
239 MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
240 MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
241 MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
242 MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
243 MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
244 MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200245 MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200246
247 /* RC4 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200248 MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
249 MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA,
250 MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA,
251 MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA,
252 MBEDTLS_TLS_RSA_WITH_RC4_128_SHA,
253 MBEDTLS_TLS_RSA_WITH_RC4_128_MD5,
254 MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA,
255 MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
256 MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA,
257 MBEDTLS_TLS_PSK_WITH_RC4_128_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200258
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200259 /* Weak suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200260 MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA,
261 MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200262
263 /* NULL suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200264 MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
265 MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
266 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
267 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
268 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
269 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
270 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
271 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200272
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200273 MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
274 MBEDTLS_TLS_RSA_WITH_NULL_SHA,
275 MBEDTLS_TLS_RSA_WITH_NULL_MD5,
276 MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
277 MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
278 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
279 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
280 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
281 MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
282 MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
283 MBEDTLS_TLS_PSK_WITH_NULL_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200284
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200285#endif /* MBEDTLS_SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100286 0
287};
288
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200289static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100290{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200291#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
292#if defined(MBEDTLS_AES_C)
293#if defined(MBEDTLS_SHA1_C)
294#if defined(MBEDTLS_CIPHER_MODE_CBC)
295 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
296 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
297 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
298 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200299 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200300 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
301 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
302 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
303 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200304 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200305#endif /* MBEDTLS_CIPHER_MODE_CBC */
306#endif /* MBEDTLS_SHA1_C */
307#if defined(MBEDTLS_SHA256_C)
308#if defined(MBEDTLS_CIPHER_MODE_CBC)
309 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
310 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
311 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
312 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200313 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200314#endif /* MBEDTLS_CIPHER_MODE_CBC */
315#if defined(MBEDTLS_GCM_C)
316 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
317 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
318 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
319 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200320 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200321#endif /* MBEDTLS_GCM_C */
322#endif /* MBEDTLS_SHA256_C */
323#if defined(MBEDTLS_SHA512_C)
324#if defined(MBEDTLS_CIPHER_MODE_CBC)
325 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
326 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
327 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
328 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200329 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200330#endif /* MBEDTLS_CIPHER_MODE_CBC */
331#if defined(MBEDTLS_GCM_C)
332 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
333 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
334 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
335 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200336 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200337#endif /* MBEDTLS_GCM_C */
338#endif /* MBEDTLS_SHA512_C */
339#if defined(MBEDTLS_CCM_C)
340 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
341 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
342 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
343 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200344 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200345 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
346 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
347 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
348 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
349 MBEDTLS_CIPHERSUITE_SHORT_TAG },
350 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
351 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
352 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
353 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200354 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200355 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
356 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
357 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
358 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
359 MBEDTLS_CIPHERSUITE_SHORT_TAG },
360#endif /* MBEDTLS_CCM_C */
361#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200362
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200363#if defined(MBEDTLS_CAMELLIA_C)
364#if defined(MBEDTLS_CIPHER_MODE_CBC)
365#if defined(MBEDTLS_SHA256_C)
366 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
367 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
368 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
369 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200370 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200371#endif /* MBEDTLS_SHA256_C */
372#if defined(MBEDTLS_SHA512_C)
373 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
374 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
375 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
376 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200377 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200378#endif /* MBEDTLS_SHA512_C */
379#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200380
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200381#if defined(MBEDTLS_GCM_C)
382#if defined(MBEDTLS_SHA256_C)
383 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
384 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
385 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
386 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200387 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200388#endif /* MBEDTLS_SHA256_C */
389#if defined(MBEDTLS_SHA512_C)
390 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
391 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
392 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
393 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200394 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200395#endif /* MBEDTLS_SHA512_C */
396#endif /* MBEDTLS_GCM_C */
397#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200398
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200399#if defined(MBEDTLS_DES_C)
400#if defined(MBEDTLS_CIPHER_MODE_CBC)
401#if defined(MBEDTLS_SHA1_C)
402 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
403 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
404 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
405 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200406 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200407#endif /* MBEDTLS_SHA1_C */
408#endif /* MBEDTLS_CIPHER_MODE_CBC */
409#endif /* MBEDTLS_DES_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200410
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200411#if defined(MBEDTLS_ARC4_C)
412#if defined(MBEDTLS_SHA1_C)
413 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
414 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
415 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
416 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
417 MBEDTLS_CIPHERSUITE_NODTLS },
418#endif /* MBEDTLS_SHA1_C */
419#endif /* MBEDTLS_ARC4_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200420
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200421#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
422#if defined(MBEDTLS_SHA1_C)
423 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
424 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
425 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
426 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
427 MBEDTLS_CIPHERSUITE_WEAK },
428#endif /* MBEDTLS_SHA1_C */
429#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
430#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200431
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200432#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
433#if defined(MBEDTLS_AES_C)
434#if defined(MBEDTLS_SHA1_C)
435#if defined(MBEDTLS_CIPHER_MODE_CBC)
436 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
437 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
438 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
439 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200440 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200441 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
442 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
443 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
444 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200445 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200446#endif /* MBEDTLS_CIPHER_MODE_CBC */
447#endif /* MBEDTLS_SHA1_C */
448#if defined(MBEDTLS_SHA256_C)
449#if defined(MBEDTLS_CIPHER_MODE_CBC)
450 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
451 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
452 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
453 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200454 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200455#endif /* MBEDTLS_CIPHER_MODE_CBC */
456#if defined(MBEDTLS_GCM_C)
457 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
458 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
459 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
460 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200461 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200462#endif /* MBEDTLS_GCM_C */
463#endif /* MBEDTLS_SHA256_C */
464#if defined(MBEDTLS_SHA512_C)
465#if defined(MBEDTLS_CIPHER_MODE_CBC)
466 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
467 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
468 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
469 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200470 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200471#endif /* MBEDTLS_CIPHER_MODE_CBC */
472#if defined(MBEDTLS_GCM_C)
473 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
474 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
475 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
476 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200477 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200478#endif /* MBEDTLS_GCM_C */
479#endif /* MBEDTLS_SHA512_C */
480#endif /* MBEDTLS_AES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200481
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200482#if defined(MBEDTLS_CAMELLIA_C)
483#if defined(MBEDTLS_CIPHER_MODE_CBC)
484#if defined(MBEDTLS_SHA256_C)
485 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
486 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
487 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
488 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200489 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200490#endif /* MBEDTLS_SHA256_C */
491#if defined(MBEDTLS_SHA512_C)
492 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
493 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
494 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
495 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200496 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200497#endif /* MBEDTLS_SHA512_C */
498#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200499
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200500#if defined(MBEDTLS_GCM_C)
501#if defined(MBEDTLS_SHA256_C)
502 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
503 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
504 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
505 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200506 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200507#endif /* MBEDTLS_SHA256_C */
508#if defined(MBEDTLS_SHA512_C)
509 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
510 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
511 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
512 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200513 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200514#endif /* MBEDTLS_SHA512_C */
515#endif /* MBEDTLS_GCM_C */
516#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200517
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200518#if defined(MBEDTLS_DES_C)
519#if defined(MBEDTLS_CIPHER_MODE_CBC)
520#if defined(MBEDTLS_SHA1_C)
521 { MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
522 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
523 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
524 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200525 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200526#endif /* MBEDTLS_SHA1_C */
527#endif /* MBEDTLS_CIPHER_MODE_CBC */
528#endif /* MBEDTLS_DES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200529
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200530#if defined(MBEDTLS_ARC4_C)
531#if defined(MBEDTLS_SHA1_C)
532 { MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
533 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
534 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
535 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
536 MBEDTLS_CIPHERSUITE_NODTLS },
537#endif /* MBEDTLS_SHA1_C */
538#endif /* MBEDTLS_ARC4_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200539
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200540#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
541#if defined(MBEDTLS_SHA1_C)
542 { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
543 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
544 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
545 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
546 MBEDTLS_CIPHERSUITE_WEAK },
547#endif /* MBEDTLS_SHA1_C */
548#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
549#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
Paul Bakker41c83d32013-03-20 14:39:14 +0100550
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200551#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
552#if defined(MBEDTLS_AES_C)
553#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
554 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
555 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
556 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
557 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100558 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200559#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100560
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200561#if defined(MBEDTLS_SHA256_C)
562#if defined(MBEDTLS_GCM_C)
563 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
564 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
565 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
566 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100567 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200568#endif /* MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100569
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200570#if defined(MBEDTLS_CIPHER_MODE_CBC)
571 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
572 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
573 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
574 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100575 0 },
576
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200577 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
578 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
579 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
580 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100581 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200582#endif /* MBEDTLS_CIPHER_MODE_CBC */
583#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100584
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200585#if defined(MBEDTLS_CIPHER_MODE_CBC)
586#if defined(MBEDTLS_SHA1_C)
587 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
588 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
589 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
590 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100591 0 },
592
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200593 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
594 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
595 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
596 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100597 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200598#endif /* MBEDTLS_SHA1_C */
599#endif /* MBEDTLS_CIPHER_MODE_CBC */
600#if defined(MBEDTLS_CCM_C)
601 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
602 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
603 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
604 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200605 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200606 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
607 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
608 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
609 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
610 MBEDTLS_CIPHERSUITE_SHORT_TAG },
611 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
612 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
613 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
614 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200615 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200616 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
617 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
618 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
619 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
620 MBEDTLS_CIPHERSUITE_SHORT_TAG },
621#endif /* MBEDTLS_CCM_C */
622#endif /* MBEDTLS_AES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100623
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200624#if defined(MBEDTLS_CAMELLIA_C)
625#if defined(MBEDTLS_CIPHER_MODE_CBC)
626#if defined(MBEDTLS_SHA256_C)
627 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
628 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
629 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
630 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100631 0 },
632
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200633 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
634 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
635 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
636 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100637 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200638#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100639
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200640#if defined(MBEDTLS_SHA1_C)
641 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
642 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
643 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
644 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100645 0 },
646
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200647 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
648 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
649 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
650 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100651 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200652#endif /* MBEDTLS_SHA1_C */
653#endif /* MBEDTLS_CIPHER_MODE_CBC */
654#if defined(MBEDTLS_GCM_C)
655#if defined(MBEDTLS_SHA256_C)
656 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
657 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
658 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
659 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200660 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200661#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200662
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200663#if defined(MBEDTLS_SHA512_C)
664 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
665 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
666 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
667 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200668 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200669#endif /* MBEDTLS_SHA512_C */
670#endif /* MBEDTLS_GCM_C */
671#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100672
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200673#if defined(MBEDTLS_DES_C)
674#if defined(MBEDTLS_CIPHER_MODE_CBC)
675#if defined(MBEDTLS_SHA1_C)
676 { MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
677 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
678 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
679 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100680 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200681#endif /* MBEDTLS_SHA1_C */
682#endif /* MBEDTLS_CIPHER_MODE_CBC */
683#endif /* MBEDTLS_DES_C */
684#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100685
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200686#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
687#if defined(MBEDTLS_AES_C)
688#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
689 { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
690 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
691 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
692 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100693 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200694#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100695
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200696#if defined(MBEDTLS_SHA256_C)
697#if defined(MBEDTLS_GCM_C)
698 { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
699 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
700 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
701 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100702 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200703#endif /* MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100704
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200705#if defined(MBEDTLS_CIPHER_MODE_CBC)
706 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
707 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
708 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
709 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100710 0 },
711
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200712 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
713 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
714 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
715 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100716 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200717#endif /* MBEDTLS_CIPHER_MODE_CBC */
718#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100719
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200720#if defined(MBEDTLS_SHA1_C)
721#if defined(MBEDTLS_CIPHER_MODE_CBC)
722 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
723 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
724 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
725 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100726 0 },
727
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200728 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
729 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
730 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
731 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100732 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200733#endif /* MBEDTLS_CIPHER_MODE_CBC */
734#endif /* MBEDTLS_SHA1_C */
735#if defined(MBEDTLS_CCM_C)
736 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
737 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
738 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
739 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200740 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200741 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
742 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
743 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
744 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
745 MBEDTLS_CIPHERSUITE_SHORT_TAG },
746 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
747 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
748 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
749 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200750 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200751 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
752 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
753 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
754 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
755 MBEDTLS_CIPHERSUITE_SHORT_TAG },
756#endif /* MBEDTLS_CCM_C */
757#endif /* MBEDTLS_AES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100758
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200759#if defined(MBEDTLS_CAMELLIA_C)
760#if defined(MBEDTLS_CIPHER_MODE_CBC)
761#if defined(MBEDTLS_SHA256_C)
762 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
763 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
764 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
765 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100766 0 },
767
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200768 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
769 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
770 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
771 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100772 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200773#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100774
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200775#if defined(MBEDTLS_SHA1_C)
776 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
777 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
778 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
779 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100780 0 },
781
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200782 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
783 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
784 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
785 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100786 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200787#endif /* MBEDTLS_SHA1_C */
788#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200789
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200790#if defined(MBEDTLS_GCM_C)
791#if defined(MBEDTLS_SHA256_C)
792 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
793 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
794 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
795 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200796 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200797#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200798
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200799#if defined(MBEDTLS_SHA1_C)
800 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
801 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
802 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
803 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200804 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200805#endif /* MBEDTLS_SHA1_C */
806#endif /* MBEDTLS_GCM_C */
807#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100808
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200809#if defined(MBEDTLS_DES_C)
810#if defined(MBEDTLS_CIPHER_MODE_CBC)
811#if defined(MBEDTLS_SHA1_C)
812 { MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
813 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
814 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
815 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100816 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200817#endif /* MBEDTLS_SHA1_C */
818#endif /* MBEDTLS_CIPHER_MODE_CBC */
819#endif /* MBEDTLS_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200820
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200821#if defined(MBEDTLS_ARC4_C)
822#if defined(MBEDTLS_MD5_C)
823 { MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
824 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
825 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
826 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
827 MBEDTLS_CIPHERSUITE_NODTLS },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200828#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200829
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200830#if defined(MBEDTLS_SHA1_C)
831 { MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
832 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
833 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
834 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
835 MBEDTLS_CIPHERSUITE_NODTLS },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200836#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200837#endif /* MBEDTLS_ARC4_C */
838#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100839
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200840#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
841#if defined(MBEDTLS_AES_C)
842#if defined(MBEDTLS_SHA1_C)
843#if defined(MBEDTLS_CIPHER_MODE_CBC)
844 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
845 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
846 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
847 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100848 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200849 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
850 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
851 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
852 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100853 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200854#endif /* MBEDTLS_CIPHER_MODE_CBC */
855#endif /* MBEDTLS_SHA1_C */
856#if defined(MBEDTLS_SHA256_C)
857#if defined(MBEDTLS_CIPHER_MODE_CBC)
858 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
859 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
860 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
861 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100862 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200863#endif /* MBEDTLS_CIPHER_MODE_CBC */
864#if defined(MBEDTLS_GCM_C)
865 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
866 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
867 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
868 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100869 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200870#endif /* MBEDTLS_GCM_C */
871#endif /* MBEDTLS_SHA256_C */
872#if defined(MBEDTLS_SHA512_C)
873#if defined(MBEDTLS_CIPHER_MODE_CBC)
874 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
875 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
876 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
877 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100878 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200879#endif /* MBEDTLS_CIPHER_MODE_CBC */
880#if defined(MBEDTLS_GCM_C)
881 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
882 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
883 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
884 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100885 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200886#endif /* MBEDTLS_GCM_C */
887#endif /* MBEDTLS_SHA512_C */
888#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100889
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200890#if defined(MBEDTLS_CAMELLIA_C)
891#if defined(MBEDTLS_CIPHER_MODE_CBC)
892#if defined(MBEDTLS_SHA256_C)
893 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
894 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
895 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
896 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100897 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200898#endif /* MBEDTLS_SHA256_C */
899#if defined(MBEDTLS_SHA512_C)
900 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
901 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
902 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
903 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100904 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200905#endif /* MBEDTLS_SHA512_C */
906#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100907
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200908#if defined(MBEDTLS_GCM_C)
909#if defined(MBEDTLS_SHA256_C)
910 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
911 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
912 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
913 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100914 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200915#endif /* MBEDTLS_SHA256_C */
916#if defined(MBEDTLS_SHA512_C)
917 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
918 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
919 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
920 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100921 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200922#endif /* MBEDTLS_SHA512_C */
923#endif /* MBEDTLS_GCM_C */
924#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100925
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200926#if defined(MBEDTLS_DES_C)
927#if defined(MBEDTLS_CIPHER_MODE_CBC)
928#if defined(MBEDTLS_SHA1_C)
929 { MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
930 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
931 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
932 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100933 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200934#endif /* MBEDTLS_SHA1_C */
935#endif /* MBEDTLS_CIPHER_MODE_CBC */
936#endif /* MBEDTLS_DES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100937
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200938#if defined(MBEDTLS_ARC4_C)
939#if defined(MBEDTLS_SHA1_C)
940 { MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA",
941 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
942 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
943 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
944 MBEDTLS_CIPHERSUITE_NODTLS },
945#endif /* MBEDTLS_SHA1_C */
946#endif /* MBEDTLS_ARC4_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100947
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200948#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
949#if defined(MBEDTLS_SHA1_C)
950 { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
951 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
952 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
953 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
954 MBEDTLS_CIPHERSUITE_WEAK },
955#endif /* MBEDTLS_SHA1_C */
956#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
957#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100958
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200959#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
960#if defined(MBEDTLS_AES_C)
961#if defined(MBEDTLS_SHA1_C)
962#if defined(MBEDTLS_CIPHER_MODE_CBC)
963 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
964 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
965 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
966 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100967 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200968 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
969 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
970 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
971 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100972 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200973#endif /* MBEDTLS_CIPHER_MODE_CBC */
974#endif /* MBEDTLS_SHA1_C */
975#if defined(MBEDTLS_SHA256_C)
976#if defined(MBEDTLS_CIPHER_MODE_CBC)
977 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
978 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
979 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
980 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100981 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200982#endif /* MBEDTLS_CIPHER_MODE_CBC */
983#if defined(MBEDTLS_GCM_C)
984 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
985 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
986 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
987 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100988 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200989#endif /* MBEDTLS_GCM_C */
990#endif /* MBEDTLS_SHA256_C */
991#if defined(MBEDTLS_SHA512_C)
992#if defined(MBEDTLS_CIPHER_MODE_CBC)
993 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
994 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
995 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
996 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100997 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200998#endif /* MBEDTLS_CIPHER_MODE_CBC */
999#if defined(MBEDTLS_GCM_C)
1000 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
1001 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1002 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1003 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001004 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001005#endif /* MBEDTLS_GCM_C */
1006#endif /* MBEDTLS_SHA512_C */
1007#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001008
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001009#if defined(MBEDTLS_CAMELLIA_C)
1010#if defined(MBEDTLS_CIPHER_MODE_CBC)
1011#if defined(MBEDTLS_SHA256_C)
1012 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
1013 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1014 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1015 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001016 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001017#endif /* MBEDTLS_SHA256_C */
1018#if defined(MBEDTLS_SHA512_C)
1019 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
1020 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1021 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1022 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001023 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001024#endif /* MBEDTLS_SHA512_C */
1025#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001026
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001027#if defined(MBEDTLS_GCM_C)
1028#if defined(MBEDTLS_SHA256_C)
1029 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
1030 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1031 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1032 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001033 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001034#endif /* MBEDTLS_SHA256_C */
1035#if defined(MBEDTLS_SHA512_C)
1036 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
1037 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1038 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1039 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001040 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001041#endif /* MBEDTLS_SHA512_C */
1042#endif /* MBEDTLS_GCM_C */
1043#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001044
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001045#if defined(MBEDTLS_DES_C)
1046#if defined(MBEDTLS_CIPHER_MODE_CBC)
1047#if defined(MBEDTLS_SHA1_C)
1048 { MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
1049 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1050 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1051 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001052 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001053#endif /* MBEDTLS_SHA1_C */
1054#endif /* MBEDTLS_CIPHER_MODE_CBC */
1055#endif /* MBEDTLS_DES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001056
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001057#if defined(MBEDTLS_ARC4_C)
1058#if defined(MBEDTLS_SHA1_C)
1059 { MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA",
1060 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1061 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1062 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1063 MBEDTLS_CIPHERSUITE_NODTLS },
1064#endif /* MBEDTLS_SHA1_C */
1065#endif /* MBEDTLS_ARC4_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001066
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001067#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1068#if defined(MBEDTLS_SHA1_C)
1069 { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
1070 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1071 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1072 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1073 MBEDTLS_CIPHERSUITE_WEAK },
1074#endif /* MBEDTLS_SHA1_C */
1075#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1076#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001077
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001078#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1079#if defined(MBEDTLS_AES_C)
1080#if defined(MBEDTLS_GCM_C)
1081#if defined(MBEDTLS_SHA256_C)
1082 { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
1083 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1084 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1085 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +02001086 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001087#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +02001088
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001089#if defined(MBEDTLS_SHA512_C)
1090 { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
1091 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1092 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1093 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +02001094 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001095#endif /* MBEDTLS_SHA512_C */
1096#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +02001097
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001098#if defined(MBEDTLS_CIPHER_MODE_CBC)
1099#if defined(MBEDTLS_SHA256_C)
1100 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1101 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1102 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1103 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +02001104 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001105#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +02001106
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001107#if defined(MBEDTLS_SHA512_C)
1108 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1109 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1110 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1111 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +02001112 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001113#endif /* MBEDTLS_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +02001114
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001115#if defined(MBEDTLS_SHA1_C)
1116 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1117 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1118 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1119 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +02001120 0 },
1121
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001122 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1123 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1124 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1125 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +02001126 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001127#endif /* MBEDTLS_SHA1_C */
1128#endif /* MBEDTLS_CIPHER_MODE_CBC */
1129#if defined(MBEDTLS_CCM_C)
1130 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
1131 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1132 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1133 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +02001134 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001135 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
1136 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1137 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1138 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1139 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1140 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
1141 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1142 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1143 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +02001144 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001145 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
1146 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1147 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1148 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1149 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1150#endif /* MBEDTLS_CCM_C */
1151#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +02001152
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001153#if defined(MBEDTLS_CAMELLIA_C)
1154#if defined(MBEDTLS_CIPHER_MODE_CBC)
1155#if defined(MBEDTLS_SHA256_C)
1156 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1157 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1158 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1159 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +02001160 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001161#endif /* MBEDTLS_SHA256_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +02001162
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001163#if defined(MBEDTLS_SHA512_C)
1164 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1165 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1166 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1167 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +02001168 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001169#endif /* MBEDTLS_SHA512_C */
1170#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +02001171
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001172#if defined(MBEDTLS_GCM_C)
1173#if defined(MBEDTLS_SHA256_C)
1174 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1175 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1176 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1177 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +02001178 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001179#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +02001180
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001181#if defined(MBEDTLS_SHA512_C)
1182 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1183 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1184 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1185 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +02001186 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001187#endif /* MBEDTLS_SHA512_C */
1188#endif /* MBEDTLS_GCM_C */
1189#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +02001190
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001191#if defined(MBEDTLS_DES_C)
1192#if defined(MBEDTLS_CIPHER_MODE_CBC)
1193#if defined(MBEDTLS_SHA1_C)
1194 { MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
1195 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1196 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1197 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +02001198 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001199#endif /* MBEDTLS_SHA1_C */
1200#endif /* MBEDTLS_CIPHER_MODE_CBC */
1201#endif /* MBEDTLS_DES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +02001202
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001203#if defined(MBEDTLS_ARC4_C)
1204#if defined(MBEDTLS_SHA1_C)
1205 { MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
1206 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1207 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1208 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1209 MBEDTLS_CIPHERSUITE_NODTLS },
1210#endif /* MBEDTLS_SHA1_C */
1211#endif /* MBEDTLS_ARC4_C */
1212#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +02001213
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001214#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1215#if defined(MBEDTLS_AES_C)
1216#if defined(MBEDTLS_GCM_C)
1217#if defined(MBEDTLS_SHA256_C)
1218 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1219 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1220 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1221 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +02001222 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001223#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +02001224
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001225#if defined(MBEDTLS_SHA512_C)
1226 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1227 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1228 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1229 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +02001230 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001231#endif /* MBEDTLS_SHA512_C */
1232#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +02001233
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001234#if defined(MBEDTLS_CIPHER_MODE_CBC)
1235#if defined(MBEDTLS_SHA256_C)
1236 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1237 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1238 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1239 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +02001240 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001241#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +02001242
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001243#if defined(MBEDTLS_SHA512_C)
1244 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1245 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1246 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1247 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +02001248 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001249#endif /* MBEDTLS_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +02001250
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001251#if defined(MBEDTLS_SHA1_C)
1252 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1253 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1254 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1255 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +02001256 0 },
1257
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001258 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1259 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1260 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1261 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +02001262 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001263#endif /* MBEDTLS_SHA1_C */
1264#endif /* MBEDTLS_CIPHER_MODE_CBC */
1265#if defined(MBEDTLS_CCM_C)
1266 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
1267 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1268 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1269 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +02001270 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001271 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1272 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1273 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1274 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1275 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1276 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
1277 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1278 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1279 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +02001280 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001281 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1282 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1283 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1284 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1285 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1286#endif /* MBEDTLS_CCM_C */
1287#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +02001288
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001289#if defined(MBEDTLS_CAMELLIA_C)
1290#if defined(MBEDTLS_CIPHER_MODE_CBC)
1291#if defined(MBEDTLS_SHA256_C)
1292 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1293 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1294 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1295 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +02001296 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001297#endif /* MBEDTLS_SHA256_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +02001298
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001299#if defined(MBEDTLS_SHA512_C)
1300 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1301 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1302 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1303 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +02001304 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001305#endif /* MBEDTLS_SHA512_C */
1306#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +02001307
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001308#if defined(MBEDTLS_GCM_C)
1309#if defined(MBEDTLS_SHA256_C)
1310 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1311 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1312 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1313 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +02001314 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001315#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +02001316
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001317#if defined(MBEDTLS_SHA512_C)
1318 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1319 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1320 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1321 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +02001322 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001323#endif /* MBEDTLS_SHA512_C */
1324#endif /* MBEDTLS_GCM_C */
1325#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +02001326
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001327#if defined(MBEDTLS_DES_C)
1328#if defined(MBEDTLS_CIPHER_MODE_CBC)
1329#if defined(MBEDTLS_SHA1_C)
1330 { MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
1331 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1332 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1333 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +02001334 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001335#endif /* MBEDTLS_SHA1_C */
1336#endif /* MBEDTLS_CIPHER_MODE_CBC */
1337#endif /* MBEDTLS_DES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +02001338
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001339#if defined(MBEDTLS_ARC4_C)
1340#if defined(MBEDTLS_SHA1_C)
1341 { MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
1342 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1343 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1344 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1345 MBEDTLS_CIPHERSUITE_NODTLS },
1346#endif /* MBEDTLS_SHA1_C */
1347#endif /* MBEDTLS_ARC4_C */
1348#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +02001349
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001350#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1351#if defined(MBEDTLS_AES_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +02001352
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001353#if defined(MBEDTLS_CIPHER_MODE_CBC)
1354#if defined(MBEDTLS_SHA256_C)
1355 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1356 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1357 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1358 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +02001359 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001360#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +02001361
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001362#if defined(MBEDTLS_SHA512_C)
1363 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1364 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1365 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1366 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +02001367 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001368#endif /* MBEDTLS_SHA512_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +02001369
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001370#if defined(MBEDTLS_SHA1_C)
1371 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1372 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1373 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1374 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +02001375 0 },
1376
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001377 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1378 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1379 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1380 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +02001381 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001382#endif /* MBEDTLS_SHA1_C */
1383#endif /* MBEDTLS_CIPHER_MODE_CBC */
1384#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +02001385
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001386#if defined(MBEDTLS_CAMELLIA_C)
1387#if defined(MBEDTLS_CIPHER_MODE_CBC)
1388#if defined(MBEDTLS_SHA256_C)
1389 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1390 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1391 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1392 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +02001393 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001394#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +02001395
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001396#if defined(MBEDTLS_SHA512_C)
1397 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1398 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1399 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1400 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +02001401 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001402#endif /* MBEDTLS_SHA512_C */
1403#endif /* MBEDTLS_CIPHER_MODE_CBC */
1404#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +02001405
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001406#if defined(MBEDTLS_DES_C)
1407#if defined(MBEDTLS_CIPHER_MODE_CBC)
1408#if defined(MBEDTLS_SHA1_C)
1409 { MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
1410 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1411 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1412 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +02001413 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001414#endif /* MBEDTLS_SHA1_C */
1415#endif /* MBEDTLS_CIPHER_MODE_CBC */
1416#endif /* MBEDTLS_DES_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +02001417
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001418#if defined(MBEDTLS_ARC4_C)
1419#if defined(MBEDTLS_SHA1_C)
1420 { MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
1421 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1422 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1423 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1424 MBEDTLS_CIPHERSUITE_NODTLS },
1425#endif /* MBEDTLS_SHA1_C */
1426#endif /* MBEDTLS_ARC4_C */
1427#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +02001428
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001429#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1430#if defined(MBEDTLS_AES_C)
1431#if defined(MBEDTLS_GCM_C)
1432#if defined(MBEDTLS_SHA256_C)
1433 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1434 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1435 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1436 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +02001437 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001438#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +02001439
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001440#if defined(MBEDTLS_SHA512_C)
1441 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1442 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1443 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1444 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +02001445 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001446#endif /* MBEDTLS_SHA512_C */
1447#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +02001448
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001449#if defined(MBEDTLS_CIPHER_MODE_CBC)
1450#if defined(MBEDTLS_SHA256_C)
1451 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1452 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1453 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1454 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +02001455 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001456#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +02001457
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001458#if defined(MBEDTLS_SHA512_C)
1459 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1460 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1461 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1462 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +02001463 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001464#endif /* MBEDTLS_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +02001465
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001466#if defined(MBEDTLS_SHA1_C)
1467 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1468 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1469 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1470 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +02001471 0 },
1472
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001473 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1474 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1475 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1476 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +02001477 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001478#endif /* MBEDTLS_SHA1_C */
1479#endif /* MBEDTLS_CIPHER_MODE_CBC */
1480#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +02001481
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001482#if defined(MBEDTLS_CAMELLIA_C)
1483#if defined(MBEDTLS_CIPHER_MODE_CBC)
1484#if defined(MBEDTLS_SHA256_C)
1485 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1486 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1487 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1488 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +02001489 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001490#endif /* MBEDTLS_SHA256_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +02001491
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001492#if defined(MBEDTLS_SHA512_C)
1493 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1494 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1495 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1496 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +02001497 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001498#endif /* MBEDTLS_SHA512_C */
1499#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +02001500
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001501#if defined(MBEDTLS_GCM_C)
1502#if defined(MBEDTLS_SHA256_C)
1503 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1504 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1505 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1506 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +02001507 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001508#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +02001509
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001510#if defined(MBEDTLS_SHA512_C)
1511 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1512 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1513 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1514 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +02001515 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001516#endif /* MBEDTLS_SHA512_C */
1517#endif /* MBEDTLS_GCM_C */
1518#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +02001519
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001520#if defined(MBEDTLS_DES_C)
1521#if defined(MBEDTLS_CIPHER_MODE_CBC)
1522#if defined(MBEDTLS_SHA1_C)
1523 { MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
1524 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1525 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1526 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +02001527 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001528#endif /* MBEDTLS_SHA1_C */
1529#endif /* MBEDTLS_CIPHER_MODE_CBC */
1530#endif /* MBEDTLS_DES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +02001531
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001532#if defined(MBEDTLS_ARC4_C)
1533#if defined(MBEDTLS_SHA1_C)
1534 { MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
1535 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1536 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1537 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1538 MBEDTLS_CIPHERSUITE_NODTLS },
1539#endif /* MBEDTLS_SHA1_C */
1540#endif /* MBEDTLS_ARC4_C */
1541#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +02001542
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +02001543#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1544#if defined(MBEDTLS_AES_C)
1545#if defined(MBEDTLS_CCM_C)
1546 { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8",
1547 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE,
1548 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1549 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1550 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1551#endif /* MBEDTLS_CCM_C */
1552#endif /* MBEDTLS_AES_C */
1553#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1554
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001555#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES)
1556#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1557#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1558#if defined(MBEDTLS_MD5_C)
1559 { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1560 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
1561 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1562 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1563 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +02001564#endif
Paul Bakker68884e32013-01-07 18:20:04 +01001565
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001566#if defined(MBEDTLS_SHA1_C)
1567 { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1568 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
1569 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1570 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1571 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +02001572#endif
Paul Bakker68884e32013-01-07 18:20:04 +01001573
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001574#if defined(MBEDTLS_SHA256_C)
1575 { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1576 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1577 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1578 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1579 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +02001580#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001581#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +01001582
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001583#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1584#if defined(MBEDTLS_SHA1_C)
1585 { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1586 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1587 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1588 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1589 MBEDTLS_CIPHERSUITE_WEAK },
1590#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +02001591
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001592#if defined(MBEDTLS_SHA256_C)
1593 { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1594 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1595 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1596 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1597 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +02001598#endif
1599
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001600#if defined(MBEDTLS_SHA512_C)
1601 { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1602 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1603 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1604 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1605 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +02001606#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001607#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkera1bf92d2013-04-19 19:48:45 +02001608
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001609#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1610#if defined(MBEDTLS_SHA1_C)
1611 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1612 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1613 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1614 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1615 MBEDTLS_CIPHERSUITE_WEAK },
1616#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +02001617
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001618#if defined(MBEDTLS_SHA256_C)
1619 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1620 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1621 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1622 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1623 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +02001624#endif
1625
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001626#if defined(MBEDTLS_SHA512_C)
1627 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1628 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1629 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1630 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1631 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +02001632#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001633#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkera1bf92d2013-04-19 19:48:45 +02001634
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001635#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1636#if defined(MBEDTLS_SHA1_C)
1637 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1638 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1639 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1640 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1641 MBEDTLS_CIPHERSUITE_WEAK },
1642#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +02001643
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001644#if defined(MBEDTLS_SHA256_C)
1645 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1646 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1647 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1648 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1649 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +02001650#endif
1651
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001652#if defined(MBEDTLS_SHA512_C)
1653 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1654 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1655 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1656 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1657 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +02001658#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001659#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +02001660
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001661#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1662#if defined(MBEDTLS_SHA1_C)
1663 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1664 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1665 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1666 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1667 MBEDTLS_CIPHERSUITE_WEAK },
1668#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +02001669
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001670#if defined(MBEDTLS_SHA256_C)
1671 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
1672 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1673 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1674 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1675 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +02001676#endif
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +02001677
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001678#if defined(MBEDTLS_SHA512_C)
1679 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
1680 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1681 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1682 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1683 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +02001684#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001685#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1686#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
Paul Bakkera1bf92d2013-04-19 19:48:45 +02001687
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001688#if defined(MBEDTLS_DES_C)
1689#if defined(MBEDTLS_CIPHER_MODE_CBC)
1690#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
1691#if defined(MBEDTLS_SHA1_C)
1692 { MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
1693 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1694 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1695 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1696 MBEDTLS_CIPHERSUITE_WEAK },
1697#endif /* MBEDTLS_SHA1_C */
1698#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +01001699
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001700#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1701#if defined(MBEDTLS_SHA1_C)
1702 { MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
1703 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
1704 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1705 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1706 MBEDTLS_CIPHERSUITE_WEAK },
1707#endif /* MBEDTLS_SHA1_C */
1708#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1709#endif /* MBEDTLS_CIPHER_MODE_CBC */
1710#endif /* MBEDTLS_DES_C */
1711#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +01001712
Manuel Pégourié-Gonnarda2733712015-02-10 17:32:14 +01001713 { 0, "",
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001714 MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
Manuel Pégourié-Gonnarda2733712015-02-10 17:32:14 +01001715 0, 0, 0, 0, 0 }
Paul Bakker68884e32013-01-07 18:20:04 +01001716};
1717
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001718#if defined(MBEDTLS_SSL_CIPHERSUITES)
1719const int *mbedtls_ssl_list_ciphersuites( void )
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +02001720{
1721 return( ciphersuite_preference );
1722}
1723#else
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +02001724#define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
1725 sizeof( ciphersuite_definitions[0] )
1726static int supported_ciphersuites[MAX_CIPHERSUITES];
1727static int supported_init = 0;
1728
Andres Amaya Garcia21ade062018-10-30 18:21:41 +00001729static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info )
1730{
1731 (void)cs_info;
1732
1733#if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
1734 if( cs_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
1735 return( 1 );
1736#endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */
1737
1738#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES)
1739 if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB ||
1740 cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC )
1741 {
1742 return( 1 );
1743 }
1744#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */
1745
1746 return( 0 );
1747}
1748
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001749const int *mbedtls_ssl_list_ciphersuites( void )
Paul Bakker68884e32013-01-07 18:20:04 +01001750{
Paul Bakker41c83d32013-03-20 14:39:14 +01001751 /*
1752 * On initial call filter out all ciphersuites not supported by current
1753 * build based on presence in the ciphersuite_definitions.
1754 */
1755 if( supported_init == 0 )
1756 {
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +02001757 const int *p;
1758 int *q;
Paul Bakker41c83d32013-03-20 14:39:14 +01001759
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +02001760 for( p = ciphersuite_preference, q = supported_ciphersuites;
1761 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
1762 p++ )
Paul Bakker41c83d32013-03-20 14:39:14 +01001763 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001764 const mbedtls_ssl_ciphersuite_t *cs_info;
1765 if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
Andres Amaya Garcia21ade062018-10-30 18:21:41 +00001766 !ciphersuite_is_removed( cs_info ) )
1767 {
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +02001768 *(q++) = *p;
Andres Amaya Garcia21ade062018-10-30 18:21:41 +00001769 }
Paul Bakker41c83d32013-03-20 14:39:14 +01001770 }
Manuel Pégourié-Gonnardbc4b7f02013-09-07 15:04:26 +02001771 *q = 0;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +02001772
Paul Bakker41c83d32013-03-20 14:39:14 +01001773 supported_init = 1;
1774 }
1775
Paul Bakkerd8bb8262014-06-17 14:06:49 +02001776 return( supported_ciphersuites );
Manuel Pégourié-Gonnardf78e4de2015-05-29 10:52:14 +02001777}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001778#endif /* MBEDTLS_SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +01001779
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001780const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +02001781 const char *ciphersuite_name )
Paul Bakker68884e32013-01-07 18:20:04 +01001782{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001783 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
Paul Bakker68884e32013-01-07 18:20:04 +01001784
1785 if( NULL == ciphersuite_name )
1786 return( NULL );
1787
1788 while( cur->id != 0 )
1789 {
Manuel Pégourié-Gonnardcb46fd82015-05-28 17:06:07 +02001790 if( 0 == strcmp( cur->name, ciphersuite_name ) )
Paul Bakker68884e32013-01-07 18:20:04 +01001791 return( cur );
1792
1793 cur++;
1794 }
1795
1796 return( NULL );
1797}
1798
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001799const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite )
Paul Bakker68884e32013-01-07 18:20:04 +01001800{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001801 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
Paul Bakker68884e32013-01-07 18:20:04 +01001802
1803 while( cur->id != 0 )
1804 {
1805 if( cur->id == ciphersuite )
1806 return( cur );
1807
1808 cur++;
1809 }
1810
1811 return( NULL );
1812}
1813
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001814const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
Paul Bakker68884e32013-01-07 18:20:04 +01001815{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001816 const mbedtls_ssl_ciphersuite_t *cur;
Paul Bakker68884e32013-01-07 18:20:04 +01001817
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001818 cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
Paul Bakker68884e32013-01-07 18:20:04 +01001819
1820 if( cur == NULL )
1821 return( "unknown" );
1822
1823 return( cur->name );
1824}
1825
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001826int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
Paul Bakker68884e32013-01-07 18:20:04 +01001827{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001828 const mbedtls_ssl_ciphersuite_t *cur;
Paul Bakker68884e32013-01-07 18:20:04 +01001829
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001830 cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name );
Paul Bakker68884e32013-01-07 18:20:04 +01001831
1832 if( cur == NULL )
1833 return( 0 );
1834
1835 return( cur->id );
1836}
1837
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001838#if defined(MBEDTLS_PK_C)
1839mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info )
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +02001840{
1841 switch( info->key_exchange )
1842 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001843 case MBEDTLS_KEY_EXCHANGE_RSA:
1844 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1845 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1846 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1847 return( MBEDTLS_PK_RSA );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +02001848
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001849 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1850 return( MBEDTLS_PK_ECDSA );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +02001851
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001852 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1853 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
1854 return( MBEDTLS_PK_ECKEY );
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +01001855
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +02001856 default:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001857 return( MBEDTLS_PK_NONE );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +02001858 }
1859}
Hanno Becker7e5437a2017-04-28 17:15:26 +01001860
1861mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info )
1862{
1863 switch( info->key_exchange )
1864 {
1865 case MBEDTLS_KEY_EXCHANGE_RSA:
1866 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1867 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1868 return( MBEDTLS_PK_RSA );
1869
1870 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1871 return( MBEDTLS_PK_ECDSA );
1872
1873 default:
1874 return( MBEDTLS_PK_NONE );
1875 }
1876}
Hanno Beckerd300a572017-06-20 14:31:29 +01001877
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001878#endif /* MBEDTLS_PK_C */
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +02001879
Ron Eldorc32b3b72018-02-14 19:30:48 +02001880#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
1881 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
Hanno Beckerd300a572017-06-20 14:31:29 +01001882int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
1883{
1884 switch( info->key_exchange )
1885 {
1886 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1887 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1888 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
1889 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1890 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
Ron Eldorc32b3b72018-02-14 19:30:48 +02001891 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
Hanno Beckerd300a572017-06-20 14:31:29 +01001892 return( 1 );
1893
1894 default:
1895 return( 0 );
1896 }
1897}
Ron Eldorc32b3b72018-02-14 19:30:48 +02001898#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/
Hanno Beckerd300a572017-06-20 14:31:29 +01001899
1900#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
1901int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info )
1902{
1903 switch( info->key_exchange )
1904 {
1905 case MBEDTLS_KEY_EXCHANGE_PSK:
1906 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1907 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
1908 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
1909 return( 1 );
1910
1911 default:
1912 return( 0 );
1913 }
1914}
1915#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
1916
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02001917#endif /* MBEDTLS_SSL_TLS_C */