TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 5224e29f0ee9cc55cce4e87b74b4d8e89e9b795c / . / library / ssl_ciphersuites.c
blob: 8d0d088fef31dde162df3ae874188f868d3f3d1c [file] [log] [blame]
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1/**
2 * \file ssl_ciphersuites.c
3 *
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +0000[diff] [blame]4 * \brief SSL ciphersuites for mbed TLS
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]5 *
Bence Szépkúti1e148272020-08-07 13:07:28 +0200[diff] [blame]6 * Copyright The Mbed TLS Contributors
Manuel Pégourié-Gonnard37ff1402015-09-04 14:21:07 +0200[diff] [blame]7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]20 */
21
Gilles Peskinedb09ef62020-06-03 01:43:33 +0200[diff] [blame]22#include "common.h"
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]23
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]24#if defined(MBEDTLS_SSL_TLS_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]25
SimonBd5800b72016-04-26 07:43:27 +0100[diff] [blame]26#if defined(MBEDTLS_PLATFORM_C)
27#include "mbedtls/platform.h"
28#else
29#include <stdlib.h>
SimonBd5800b72016-04-26 07:43:27 +0100[diff] [blame]30#endif
31
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]32#include "mbedtls/ssl_ciphersuites.h"
33#include "mbedtls/ssl.h"
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]34
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]35#include <string.h>
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]36
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]37/*
38 * Ordered from most preferred to least preferred in terms of security.
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]39 *
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]40 * Current rule (except RC4 and 3DES, weak and null which come last):
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]41 * 1. By key exchange:
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]42 * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]43 * 2. By key length and cipher:
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]44 * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]45 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]46 * 4. By hash function used when relevant
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]47 * 5. By key exchange/auth again: EC > non-EC
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]48 */
49static const int ciphersuite_preference[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]50{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]51#if defined(MBEDTLS_SSL_CIPHERSUITES)
52 MBEDTLS_SSL_CIPHERSUITES,
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]53#else
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]54 /* Chacha-Poly ephemeral suites */
55 MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
56 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
57 MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
58
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]59 /* All AES-256 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]60 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
61 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
62 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
63 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
64 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
65 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
66 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
67 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
68 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
69 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
70 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
71 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
72 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]73
74 /* All CAMELLIA-256 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]75 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
76 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
77 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
78 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
79 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
80 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
81 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]82
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]83 /* All ARIA-256 ephemeral suites */
84 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
85 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
86 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
87 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
88 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
89 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
90
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]91 /* All AES-128 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]92 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
93 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
94 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
95 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
96 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
97 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
98 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
99 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
100 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
101 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
102 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
103 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
104 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]105
106 /* All CAMELLIA-128 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]107 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
108 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
109 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
110 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
111 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
112 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
113 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]114
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]115 /* All ARIA-128 ephemeral suites */
116 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
117 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
118 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
119 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
120 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
121 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
122
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]123 /* The PSK ephemeral suites */
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]124 MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
125 MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]126 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
127 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
128 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
129 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
130 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
131 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
132 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
133 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
134 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
135 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]136 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
137 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
138 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]139
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]140 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
141 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM,
142 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
143 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
144 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
145 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
146 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
147 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
148 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
149 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]150 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
151 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
152 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]153
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]154 /* The ECJPAKE suite */
155 MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
156
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]157 /* All AES-256 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]158 MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
159 MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
160 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
161 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
162 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
163 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
164 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
165 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
166 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
167 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
168 MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]169
170 /* All CAMELLIA-256 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]171 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
172 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
173 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
174 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
175 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
176 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
177 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]178
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]179 /* All ARIA-256 suites */
180 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
181 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
182 MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
183 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
184 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
185 MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
186
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]187 /* All AES-128 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]188 MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
189 MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
190 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
191 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
192 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
193 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
194 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
195 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
196 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
197 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
198 MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]199
200 /* All CAMELLIA-128 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]201 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
202 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
203 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
204 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
205 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
206 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
207 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]208
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]209 /* All ARIA-128 suites */
210 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
211 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
212 MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
213 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
214 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
215 MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
216
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]217 /* The RSA PSK suites */
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]218 MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]219 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
220 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
221 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
222 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
223 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]224 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
225 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]226
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]227 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
228 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
229 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
230 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
231 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]232 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
233 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]234
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]235 /* The PSK suites */
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]236 MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]237 MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
238 MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
239 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
240 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
241 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
242 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
243 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]244 MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
245 MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]246
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]247 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
248 MBEDTLS_TLS_PSK_WITH_AES_128_CCM,
249 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
250 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
251 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
252 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
253 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]254 MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
255 MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]256
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]257 /* 3DES suites */
258 MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
259 MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
260 MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
261 MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
262 MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
263 MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
264 MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
265 MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
266 MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]267 MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame]268
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]269 /* Weak suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]270 MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA,
271 MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]272
273 /* NULL suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]274 MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
275 MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
276 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
277 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
278 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
279 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
280 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
281 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]282
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]283 MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
284 MBEDTLS_TLS_RSA_WITH_NULL_SHA,
285 MBEDTLS_TLS_RSA_WITH_NULL_MD5,
286 MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
287 MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
288 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
289 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
290 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
291 MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
292 MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
293 MBEDTLS_TLS_PSK_WITH_NULL_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]294
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]295#endif /* MBEDTLS_SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]296 0
297};
298
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]299static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]300{
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]301#if defined(MBEDTLS_CHACHAPOLY_C) && \
302 defined(MBEDTLS_SHA256_C) && \
303 defined(MBEDTLS_SSL_PROTO_TLS1_2)
304#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
305 { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
306 "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
307 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
308 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
309 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
310 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
311 0 },
312#endif
313#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
314 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
315 "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256",
316 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
317 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
318 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
319 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
320 0 },
321#endif
322#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
323 { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
324 "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
325 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
326 MBEDTLS_KEY_EXCHANGE_DHE_RSA,
327 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
328 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
329 0 },
330#endif
331#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
332 { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
333 "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256",
334 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
335 MBEDTLS_KEY_EXCHANGE_PSK,
336 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
337 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
338 0 },
339#endif
340#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
341 { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
342 "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
343 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
344 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
345 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
346 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
347 0 },
348#endif
349#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
350 { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
351 "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
352 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
353 MBEDTLS_KEY_EXCHANGE_DHE_PSK,
354 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
355 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
356 0 },
357#endif
358#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
359 { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
360 "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256",
361 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
362 MBEDTLS_KEY_EXCHANGE_RSA_PSK,
363 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
364 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
365 0 },
366#endif
367#endif /* MBEDTLS_CHACHAPOLY_C &&
368 MBEDTLS_SHA256_C &&
369 MBEDTLS_SSL_PROTO_TLS1_2 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]370#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
371#if defined(MBEDTLS_AES_C)
372#if defined(MBEDTLS_SHA1_C)
373#if defined(MBEDTLS_CIPHER_MODE_CBC)
374 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
375 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
376 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
377 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]378 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]379 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
380 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
381 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
382 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]383 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]384#endif /* MBEDTLS_CIPHER_MODE_CBC */
385#endif /* MBEDTLS_SHA1_C */
386#if defined(MBEDTLS_SHA256_C)
387#if defined(MBEDTLS_CIPHER_MODE_CBC)
388 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
389 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
390 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
391 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]392 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]393#endif /* MBEDTLS_CIPHER_MODE_CBC */
394#if defined(MBEDTLS_GCM_C)
395 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
396 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
397 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
398 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]399 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]400#endif /* MBEDTLS_GCM_C */
401#endif /* MBEDTLS_SHA256_C */
402#if defined(MBEDTLS_SHA512_C)
403#if defined(MBEDTLS_CIPHER_MODE_CBC)
404 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
405 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
406 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
407 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]408 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]409#endif /* MBEDTLS_CIPHER_MODE_CBC */
410#if defined(MBEDTLS_GCM_C)
411 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
412 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
413 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
414 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]415 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]416#endif /* MBEDTLS_GCM_C */
417#endif /* MBEDTLS_SHA512_C */
418#if defined(MBEDTLS_CCM_C)
419 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
420 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
421 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
422 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]423 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]424 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
425 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
426 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
427 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
428 MBEDTLS_CIPHERSUITE_SHORT_TAG },
429 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
430 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
431 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
432 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]433 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]434 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
435 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
436 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
437 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
438 MBEDTLS_CIPHERSUITE_SHORT_TAG },
439#endif /* MBEDTLS_CCM_C */
440#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]441
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]442#if defined(MBEDTLS_CAMELLIA_C)
443#if defined(MBEDTLS_CIPHER_MODE_CBC)
444#if defined(MBEDTLS_SHA256_C)
445 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
446 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
447 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
448 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]449 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]450#endif /* MBEDTLS_SHA256_C */
451#if defined(MBEDTLS_SHA512_C)
452 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
453 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
454 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
455 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]456 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]457#endif /* MBEDTLS_SHA512_C */
458#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]459
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]460#if defined(MBEDTLS_GCM_C)
461#if defined(MBEDTLS_SHA256_C)
462 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
463 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
464 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
465 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]466 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]467#endif /* MBEDTLS_SHA256_C */
468#if defined(MBEDTLS_SHA512_C)
469 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
470 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
471 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
472 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]473 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]474#endif /* MBEDTLS_SHA512_C */
475#endif /* MBEDTLS_GCM_C */
476#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]477
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]478#if defined(MBEDTLS_DES_C)
479#if defined(MBEDTLS_CIPHER_MODE_CBC)
480#if defined(MBEDTLS_SHA1_C)
481 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
482 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
483 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
484 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]485 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]486#endif /* MBEDTLS_SHA1_C */
487#endif /* MBEDTLS_CIPHER_MODE_CBC */
488#endif /* MBEDTLS_DES_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]489
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]490#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
491#if defined(MBEDTLS_SHA1_C)
492 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
493 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
494 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
495 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
496 MBEDTLS_CIPHERSUITE_WEAK },
497#endif /* MBEDTLS_SHA1_C */
498#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
499#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]500
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]501#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
502#if defined(MBEDTLS_AES_C)
503#if defined(MBEDTLS_SHA1_C)
504#if defined(MBEDTLS_CIPHER_MODE_CBC)
505 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
506 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
507 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
508 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]509 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]510 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
511 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
512 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
513 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]514 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]515#endif /* MBEDTLS_CIPHER_MODE_CBC */
516#endif /* MBEDTLS_SHA1_C */
517#if defined(MBEDTLS_SHA256_C)
518#if defined(MBEDTLS_CIPHER_MODE_CBC)
519 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
520 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
521 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
522 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]523 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]524#endif /* MBEDTLS_CIPHER_MODE_CBC */
525#if defined(MBEDTLS_GCM_C)
526 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
527 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
528 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
529 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]530 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]531#endif /* MBEDTLS_GCM_C */
532#endif /* MBEDTLS_SHA256_C */
533#if defined(MBEDTLS_SHA512_C)
534#if defined(MBEDTLS_CIPHER_MODE_CBC)
535 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
536 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
537 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
538 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]539 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]540#endif /* MBEDTLS_CIPHER_MODE_CBC */
541#if defined(MBEDTLS_GCM_C)
542 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
543 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
544 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
545 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]546 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]547#endif /* MBEDTLS_GCM_C */
548#endif /* MBEDTLS_SHA512_C */
549#endif /* MBEDTLS_AES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]550
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]551#if defined(MBEDTLS_CAMELLIA_C)
552#if defined(MBEDTLS_CIPHER_MODE_CBC)
553#if defined(MBEDTLS_SHA256_C)
554 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
555 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
556 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
557 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]558 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]559#endif /* MBEDTLS_SHA256_C */
560#if defined(MBEDTLS_SHA512_C)
561 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
562 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
563 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
564 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]565 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]566#endif /* MBEDTLS_SHA512_C */
567#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]568
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]569#if defined(MBEDTLS_GCM_C)
570#if defined(MBEDTLS_SHA256_C)
571 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
572 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
573 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
574 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]575 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]576#endif /* MBEDTLS_SHA256_C */
577#if defined(MBEDTLS_SHA512_C)
578 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
579 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
580 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
581 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]582 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]583#endif /* MBEDTLS_SHA512_C */
584#endif /* MBEDTLS_GCM_C */
585#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]586
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]587#if defined(MBEDTLS_DES_C)
588#if defined(MBEDTLS_CIPHER_MODE_CBC)
589#if defined(MBEDTLS_SHA1_C)
590 { MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
591 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
592 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
593 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]594 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]595#endif /* MBEDTLS_SHA1_C */
596#endif /* MBEDTLS_CIPHER_MODE_CBC */
597#endif /* MBEDTLS_DES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]598
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]599#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
600#if defined(MBEDTLS_SHA1_C)
601 { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
602 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
603 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
604 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
605 MBEDTLS_CIPHERSUITE_WEAK },
606#endif /* MBEDTLS_SHA1_C */
607#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
608#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]609
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]610#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
611#if defined(MBEDTLS_AES_C)
612#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
613 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
614 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
615 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
616 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]617 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]618#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]619
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]620#if defined(MBEDTLS_SHA256_C)
621#if defined(MBEDTLS_GCM_C)
622 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
623 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
624 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
625 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]626 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]627#endif /* MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]628
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]629#if defined(MBEDTLS_CIPHER_MODE_CBC)
630 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
631 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
632 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
633 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]634 0 },
635
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]636 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
637 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
638 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
639 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]640 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]641#endif /* MBEDTLS_CIPHER_MODE_CBC */
642#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]643
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]644#if defined(MBEDTLS_CIPHER_MODE_CBC)
645#if defined(MBEDTLS_SHA1_C)
646 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
647 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]648 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]649 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]650 0 },
651
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]652 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
653 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]654 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]655 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]656 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]657#endif /* MBEDTLS_SHA1_C */
658#endif /* MBEDTLS_CIPHER_MODE_CBC */
659#if defined(MBEDTLS_CCM_C)
660 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
661 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
662 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
663 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]664 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]665 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
666 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
667 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
668 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
669 MBEDTLS_CIPHERSUITE_SHORT_TAG },
670 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
671 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
672 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
673 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]674 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]675 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
676 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
677 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
678 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
679 MBEDTLS_CIPHERSUITE_SHORT_TAG },
680#endif /* MBEDTLS_CCM_C */
681#endif /* MBEDTLS_AES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]682
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]683#if defined(MBEDTLS_CAMELLIA_C)
684#if defined(MBEDTLS_CIPHER_MODE_CBC)
685#if defined(MBEDTLS_SHA256_C)
686 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
687 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
688 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
689 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]690 0 },
691
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]692 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
693 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
694 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
695 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]696 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]697#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]698
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]699#if defined(MBEDTLS_SHA1_C)
700 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
701 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]702 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]703 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]704 0 },
705
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]706 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
707 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]708 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]709 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]710 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]711#endif /* MBEDTLS_SHA1_C */
712#endif /* MBEDTLS_CIPHER_MODE_CBC */
713#if defined(MBEDTLS_GCM_C)
714#if defined(MBEDTLS_SHA256_C)
715 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
716 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
717 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
718 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]719 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]720#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]721
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]722#if defined(MBEDTLS_SHA512_C)
723 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
724 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
725 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
726 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]727 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]728#endif /* MBEDTLS_SHA512_C */
729#endif /* MBEDTLS_GCM_C */
730#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]731
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]732#if defined(MBEDTLS_DES_C)
733#if defined(MBEDTLS_CIPHER_MODE_CBC)
734#if defined(MBEDTLS_SHA1_C)
735 { MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
736 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]737 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]738 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]739 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]740#endif /* MBEDTLS_SHA1_C */
741#endif /* MBEDTLS_CIPHER_MODE_CBC */
742#endif /* MBEDTLS_DES_C */
743#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]744
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]745#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
746#if defined(MBEDTLS_AES_C)
747#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
748 { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
749 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
750 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
751 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]752 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]753#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]754
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]755#if defined(MBEDTLS_SHA256_C)
756#if defined(MBEDTLS_GCM_C)
757 { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
758 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
759 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
760 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]761 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]762#endif /* MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]763
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]764#if defined(MBEDTLS_CIPHER_MODE_CBC)
765 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
766 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
767 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
768 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]769 0 },
770
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]771 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
772 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
773 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
774 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]775 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]776#endif /* MBEDTLS_CIPHER_MODE_CBC */
777#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]778
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]779#if defined(MBEDTLS_SHA1_C)
780#if defined(MBEDTLS_CIPHER_MODE_CBC)
781 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
782 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]783 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]784 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]785 0 },
786
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]787 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
788 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]789 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]790 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]791 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]792#endif /* MBEDTLS_CIPHER_MODE_CBC */
793#endif /* MBEDTLS_SHA1_C */
794#if defined(MBEDTLS_CCM_C)
795 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
796 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
797 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
798 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]799 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]800 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
801 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
802 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
803 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
804 MBEDTLS_CIPHERSUITE_SHORT_TAG },
805 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
806 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
807 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
808 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]809 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]810 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
811 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
812 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
813 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
814 MBEDTLS_CIPHERSUITE_SHORT_TAG },
815#endif /* MBEDTLS_CCM_C */
816#endif /* MBEDTLS_AES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]817
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]818#if defined(MBEDTLS_CAMELLIA_C)
819#if defined(MBEDTLS_CIPHER_MODE_CBC)
820#if defined(MBEDTLS_SHA256_C)
821 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
822 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
823 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
824 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]825 0 },
826
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]827 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
828 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
829 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
830 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]831 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]832#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]833
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]834#if defined(MBEDTLS_SHA1_C)
835 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
836 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]837 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]838 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]839 0 },
840
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]841 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
842 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]843 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]844 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]845 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]846#endif /* MBEDTLS_SHA1_C */
847#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]848
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]849#if defined(MBEDTLS_GCM_C)
850#if defined(MBEDTLS_SHA256_C)
851 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
852 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
853 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
854 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]855 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]856#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]857
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]858#if defined(MBEDTLS_SHA1_C)
859 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
860 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
861 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
862 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]863 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]864#endif /* MBEDTLS_SHA1_C */
865#endif /* MBEDTLS_GCM_C */
866#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]867
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]868#if defined(MBEDTLS_DES_C)
869#if defined(MBEDTLS_CIPHER_MODE_CBC)
870#if defined(MBEDTLS_SHA1_C)
871 { MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
872 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]873 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]874 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]875 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]876#endif /* MBEDTLS_SHA1_C */
877#endif /* MBEDTLS_CIPHER_MODE_CBC */
878#endif /* MBEDTLS_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]879
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]880#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]881
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]882#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
883#if defined(MBEDTLS_AES_C)
884#if defined(MBEDTLS_SHA1_C)
885#if defined(MBEDTLS_CIPHER_MODE_CBC)
886 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
887 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
888 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
889 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]890 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]891 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
892 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
893 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
894 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]895 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]896#endif /* MBEDTLS_CIPHER_MODE_CBC */
897#endif /* MBEDTLS_SHA1_C */
898#if defined(MBEDTLS_SHA256_C)
899#if defined(MBEDTLS_CIPHER_MODE_CBC)
900 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
901 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
902 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
903 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]904 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]905#endif /* MBEDTLS_CIPHER_MODE_CBC */
906#if defined(MBEDTLS_GCM_C)
907 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
908 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
909 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
910 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]911 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]912#endif /* MBEDTLS_GCM_C */
913#endif /* MBEDTLS_SHA256_C */
914#if defined(MBEDTLS_SHA512_C)
915#if defined(MBEDTLS_CIPHER_MODE_CBC)
916 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
917 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
918 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
919 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]920 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]921#endif /* MBEDTLS_CIPHER_MODE_CBC */
922#if defined(MBEDTLS_GCM_C)
923 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
924 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
925 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
926 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]927 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]928#endif /* MBEDTLS_GCM_C */
929#endif /* MBEDTLS_SHA512_C */
930#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]931
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]932#if defined(MBEDTLS_CAMELLIA_C)
933#if defined(MBEDTLS_CIPHER_MODE_CBC)
934#if defined(MBEDTLS_SHA256_C)
935 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
936 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
937 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
938 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]939 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]940#endif /* MBEDTLS_SHA256_C */
941#if defined(MBEDTLS_SHA512_C)
942 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
943 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
944 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
945 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]946 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]947#endif /* MBEDTLS_SHA512_C */
948#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]949
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]950#if defined(MBEDTLS_GCM_C)
951#if defined(MBEDTLS_SHA256_C)
952 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
953 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
954 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
955 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]956 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]957#endif /* MBEDTLS_SHA256_C */
958#if defined(MBEDTLS_SHA512_C)
959 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
960 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
961 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
962 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]963 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]964#endif /* MBEDTLS_SHA512_C */
965#endif /* MBEDTLS_GCM_C */
966#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]967
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]968#if defined(MBEDTLS_DES_C)
969#if defined(MBEDTLS_CIPHER_MODE_CBC)
970#if defined(MBEDTLS_SHA1_C)
971 { MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
972 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
973 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
974 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]975 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]976#endif /* MBEDTLS_SHA1_C */
977#endif /* MBEDTLS_CIPHER_MODE_CBC */
978#endif /* MBEDTLS_DES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]979
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]980#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
981#if defined(MBEDTLS_SHA1_C)
982 { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
983 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
984 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
985 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
986 MBEDTLS_CIPHERSUITE_WEAK },
987#endif /* MBEDTLS_SHA1_C */
988#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
989#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]990
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]991#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
992#if defined(MBEDTLS_AES_C)
993#if defined(MBEDTLS_SHA1_C)
994#if defined(MBEDTLS_CIPHER_MODE_CBC)
995 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
996 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
997 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
998 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]999 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1000 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
1001 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1002 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1003 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1004 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1005#endif /* MBEDTLS_CIPHER_MODE_CBC */
1006#endif /* MBEDTLS_SHA1_C */
1007#if defined(MBEDTLS_SHA256_C)
1008#if defined(MBEDTLS_CIPHER_MODE_CBC)
1009 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
1010 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1011 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1012 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1013 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1014#endif /* MBEDTLS_CIPHER_MODE_CBC */
1015#if defined(MBEDTLS_GCM_C)
1016 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
1017 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1018 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1019 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1020 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1021#endif /* MBEDTLS_GCM_C */
1022#endif /* MBEDTLS_SHA256_C */
1023#if defined(MBEDTLS_SHA512_C)
1024#if defined(MBEDTLS_CIPHER_MODE_CBC)
1025 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
1026 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1027 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1028 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1029 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1030#endif /* MBEDTLS_CIPHER_MODE_CBC */
1031#if defined(MBEDTLS_GCM_C)
1032 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
1033 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1034 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1035 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1036 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1037#endif /* MBEDTLS_GCM_C */
1038#endif /* MBEDTLS_SHA512_C */
1039#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1040
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1041#if defined(MBEDTLS_CAMELLIA_C)
1042#if defined(MBEDTLS_CIPHER_MODE_CBC)
1043#if defined(MBEDTLS_SHA256_C)
1044 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
1045 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1046 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1047 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1048 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1049#endif /* MBEDTLS_SHA256_C */
1050#if defined(MBEDTLS_SHA512_C)
1051 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
1052 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1053 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1054 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1055 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1056#endif /* MBEDTLS_SHA512_C */
1057#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1058
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1059#if defined(MBEDTLS_GCM_C)
1060#if defined(MBEDTLS_SHA256_C)
1061 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
1062 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1063 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1064 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1065 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1066#endif /* MBEDTLS_SHA256_C */
1067#if defined(MBEDTLS_SHA512_C)
1068 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
1069 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1070 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1071 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1072 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1073#endif /* MBEDTLS_SHA512_C */
1074#endif /* MBEDTLS_GCM_C */
1075#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1076
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1077#if defined(MBEDTLS_DES_C)
1078#if defined(MBEDTLS_CIPHER_MODE_CBC)
1079#if defined(MBEDTLS_SHA1_C)
1080 { MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
1081 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1082 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1083 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1084 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1085#endif /* MBEDTLS_SHA1_C */
1086#endif /* MBEDTLS_CIPHER_MODE_CBC */
1087#endif /* MBEDTLS_DES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1088
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1089#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1090#if defined(MBEDTLS_SHA1_C)
1091 { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
1092 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1093 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1094 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1095 MBEDTLS_CIPHERSUITE_WEAK },
1096#endif /* MBEDTLS_SHA1_C */
1097#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1098#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1099
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1100#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1101#if defined(MBEDTLS_AES_C)
1102#if defined(MBEDTLS_GCM_C)
1103#if defined(MBEDTLS_SHA256_C)
1104 { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
1105 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1106 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1107 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1108 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1109#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1110
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1111#if defined(MBEDTLS_SHA512_C)
1112 { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
1113 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1114 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1115 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1116 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1117#endif /* MBEDTLS_SHA512_C */
1118#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1119
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1120#if defined(MBEDTLS_CIPHER_MODE_CBC)
1121#if defined(MBEDTLS_SHA256_C)
1122 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1123 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1124 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1125 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1126 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1127#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1128
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1129#if defined(MBEDTLS_SHA512_C)
1130 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1131 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1132 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1133 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1134 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1135#endif /* MBEDTLS_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1136
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1137#if defined(MBEDTLS_SHA1_C)
1138 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1139 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]1140 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1141 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1142 0 },
1143
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1144 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1145 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]1146 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1147 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1148 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1149#endif /* MBEDTLS_SHA1_C */
1150#endif /* MBEDTLS_CIPHER_MODE_CBC */
1151#if defined(MBEDTLS_CCM_C)
1152 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
1153 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1154 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1155 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1156 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1157 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
1158 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1159 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1160 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1161 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1162 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
1163 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1164 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1165 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1166 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1167 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
1168 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1169 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1170 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1171 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1172#endif /* MBEDTLS_CCM_C */
1173#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1174
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1175#if defined(MBEDTLS_CAMELLIA_C)
1176#if defined(MBEDTLS_CIPHER_MODE_CBC)
1177#if defined(MBEDTLS_SHA256_C)
1178 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1179 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1180 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1181 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1182 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1183#endif /* MBEDTLS_SHA256_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1184
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1185#if defined(MBEDTLS_SHA512_C)
1186 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1187 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1188 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1189 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1190 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1191#endif /* MBEDTLS_SHA512_C */
1192#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1193
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1194#if defined(MBEDTLS_GCM_C)
1195#if defined(MBEDTLS_SHA256_C)
1196 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1197 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1198 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1199 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1200 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1201#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1202
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1203#if defined(MBEDTLS_SHA512_C)
1204 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1205 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1206 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1207 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1208 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1209#endif /* MBEDTLS_SHA512_C */
1210#endif /* MBEDTLS_GCM_C */
1211#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1212
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1213#if defined(MBEDTLS_DES_C)
1214#if defined(MBEDTLS_CIPHER_MODE_CBC)
1215#if defined(MBEDTLS_SHA1_C)
1216 { MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
1217 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]1218 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1219 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1220 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1221#endif /* MBEDTLS_SHA1_C */
1222#endif /* MBEDTLS_CIPHER_MODE_CBC */
1223#endif /* MBEDTLS_DES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1224
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1225#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1226
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1227#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1228#if defined(MBEDTLS_AES_C)
1229#if defined(MBEDTLS_GCM_C)
1230#if defined(MBEDTLS_SHA256_C)
1231 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1232 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1233 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1234 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1235 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1236#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1237
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1238#if defined(MBEDTLS_SHA512_C)
1239 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1240 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1241 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1242 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1243 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1244#endif /* MBEDTLS_SHA512_C */
1245#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1246
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1247#if defined(MBEDTLS_CIPHER_MODE_CBC)
1248#if defined(MBEDTLS_SHA256_C)
1249 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1250 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1251 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1252 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1253 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1254#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1255
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1256#if defined(MBEDTLS_SHA512_C)
1257 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1258 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1259 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1260 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1261 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1262#endif /* MBEDTLS_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1263
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1264#if defined(MBEDTLS_SHA1_C)
1265 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1266 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]1267 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1268 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1269 0 },
1270
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1271 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1272 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]1273 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1274 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1275 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1276#endif /* MBEDTLS_SHA1_C */
1277#endif /* MBEDTLS_CIPHER_MODE_CBC */
1278#if defined(MBEDTLS_CCM_C)
1279 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
1280 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1281 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1282 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1283 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1284 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1285 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1286 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1287 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1288 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1289 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
1290 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1291 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1292 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1293 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1294 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1295 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1296 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1297 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1298 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1299#endif /* MBEDTLS_CCM_C */
1300#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1301
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1302#if defined(MBEDTLS_CAMELLIA_C)
1303#if defined(MBEDTLS_CIPHER_MODE_CBC)
1304#if defined(MBEDTLS_SHA256_C)
1305 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1306 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1307 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1308 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1309 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1310#endif /* MBEDTLS_SHA256_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1311
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1312#if defined(MBEDTLS_SHA512_C)
1313 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1314 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1315 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1316 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1317 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1318#endif /* MBEDTLS_SHA512_C */
1319#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1320
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1321#if defined(MBEDTLS_GCM_C)
1322#if defined(MBEDTLS_SHA256_C)
1323 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1324 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1325 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1326 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1327 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1328#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1329
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1330#if defined(MBEDTLS_SHA512_C)
1331 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1332 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1333 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1334 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1335 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1336#endif /* MBEDTLS_SHA512_C */
1337#endif /* MBEDTLS_GCM_C */
1338#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1339
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1340#if defined(MBEDTLS_DES_C)
1341#if defined(MBEDTLS_CIPHER_MODE_CBC)
1342#if defined(MBEDTLS_SHA1_C)
1343 { MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
1344 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]1345 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1346 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1347 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1348#endif /* MBEDTLS_SHA1_C */
1349#endif /* MBEDTLS_CIPHER_MODE_CBC */
1350#endif /* MBEDTLS_DES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1351
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1352#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1353
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1354#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1355#if defined(MBEDTLS_AES_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1356
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1357#if defined(MBEDTLS_CIPHER_MODE_CBC)
1358#if defined(MBEDTLS_SHA256_C)
1359 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1360 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1361 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1362 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1363 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1364#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1365
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1366#if defined(MBEDTLS_SHA512_C)
1367 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1368 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1369 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1370 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1371 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1372#endif /* MBEDTLS_SHA512_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1373
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1374#if defined(MBEDTLS_SHA1_C)
1375 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1376 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1377 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1378 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1379 0 },
1380
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1381 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1382 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1383 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1384 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1385 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1386#endif /* MBEDTLS_SHA1_C */
1387#endif /* MBEDTLS_CIPHER_MODE_CBC */
1388#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1389
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1390#if defined(MBEDTLS_CAMELLIA_C)
1391#if defined(MBEDTLS_CIPHER_MODE_CBC)
1392#if defined(MBEDTLS_SHA256_C)
1393 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1394 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1395 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1396 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1397 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1398#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1399
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1400#if defined(MBEDTLS_SHA512_C)
1401 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1402 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1403 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1404 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1405 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1406#endif /* MBEDTLS_SHA512_C */
1407#endif /* MBEDTLS_CIPHER_MODE_CBC */
1408#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1409
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1410#if defined(MBEDTLS_DES_C)
1411#if defined(MBEDTLS_CIPHER_MODE_CBC)
1412#if defined(MBEDTLS_SHA1_C)
1413 { MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
1414 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1415 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1416 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1417 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1418#endif /* MBEDTLS_SHA1_C */
1419#endif /* MBEDTLS_CIPHER_MODE_CBC */
1420#endif /* MBEDTLS_DES_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1421
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1422#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1423
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1424#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1425#if defined(MBEDTLS_AES_C)
1426#if defined(MBEDTLS_GCM_C)
1427#if defined(MBEDTLS_SHA256_C)
1428 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1429 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1430 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1431 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1432 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1433#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1434
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1435#if defined(MBEDTLS_SHA512_C)
1436 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1437 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1438 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1439 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1440 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1441#endif /* MBEDTLS_SHA512_C */
1442#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1443
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1444#if defined(MBEDTLS_CIPHER_MODE_CBC)
1445#if defined(MBEDTLS_SHA256_C)
1446 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1447 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1448 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1449 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1450 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1451#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1452
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1453#if defined(MBEDTLS_SHA512_C)
1454 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1455 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1456 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1457 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1458 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1459#endif /* MBEDTLS_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1460
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1461#if defined(MBEDTLS_SHA1_C)
1462 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1463 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1464 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1465 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1466 0 },
1467
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1468 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1469 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1470 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1471 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1472 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1473#endif /* MBEDTLS_SHA1_C */
1474#endif /* MBEDTLS_CIPHER_MODE_CBC */
1475#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1476
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1477#if defined(MBEDTLS_CAMELLIA_C)
1478#if defined(MBEDTLS_CIPHER_MODE_CBC)
1479#if defined(MBEDTLS_SHA256_C)
1480 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1481 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1482 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1483 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1484 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1485#endif /* MBEDTLS_SHA256_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1486
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1487#if defined(MBEDTLS_SHA512_C)
1488 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1489 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1490 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1491 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1492 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1493#endif /* MBEDTLS_SHA512_C */
1494#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1495
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1496#if defined(MBEDTLS_GCM_C)
1497#if defined(MBEDTLS_SHA256_C)
1498 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1499 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1500 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1501 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1502 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1503#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1504
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1505#if defined(MBEDTLS_SHA512_C)
1506 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1507 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1508 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1509 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1510 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1511#endif /* MBEDTLS_SHA512_C */
1512#endif /* MBEDTLS_GCM_C */
1513#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1514
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1515#if defined(MBEDTLS_DES_C)
1516#if defined(MBEDTLS_CIPHER_MODE_CBC)
1517#if defined(MBEDTLS_SHA1_C)
1518 { MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
1519 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1520 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1521 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1522 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1523#endif /* MBEDTLS_SHA1_C */
1524#endif /* MBEDTLS_CIPHER_MODE_CBC */
1525#endif /* MBEDTLS_DES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1526
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1527#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1528
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]1529#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1530#if defined(MBEDTLS_AES_C)
1531#if defined(MBEDTLS_CCM_C)
1532 { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8",
1533 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE,
1534 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1535 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1536 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1537#endif /* MBEDTLS_CCM_C */
1538#endif /* MBEDTLS_AES_C */
1539#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1540
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1541#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES)
1542#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1543#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1544#if defined(MBEDTLS_MD5_C)
1545 { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1546 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]1547 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1548 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1549 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1550#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1551
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1552#if defined(MBEDTLS_SHA1_C)
1553 { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1554 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]1555 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1556 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1557 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1558#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1559
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1560#if defined(MBEDTLS_SHA256_C)
1561 { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1562 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1563 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1564 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1565 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1566#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1567#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1568
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1569#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1570#if defined(MBEDTLS_SHA1_C)
1571 { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1572 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]1573 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1574 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1575 MBEDTLS_CIPHERSUITE_WEAK },
1576#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1577
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1578#if defined(MBEDTLS_SHA256_C)
1579 { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1580 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1581 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1582 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1583 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1584#endif
1585
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1586#if defined(MBEDTLS_SHA512_C)
1587 { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1588 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1589 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1590 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1591 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1592#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1593#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1594
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1595#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1596#if defined(MBEDTLS_SHA1_C)
1597 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1598 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]1599 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1600 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1601 MBEDTLS_CIPHERSUITE_WEAK },
1602#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1603
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1604#if defined(MBEDTLS_SHA256_C)
1605 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1606 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1607 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1608 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1609 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1610#endif
1611
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1612#if defined(MBEDTLS_SHA512_C)
1613 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1614 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1615 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1616 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1617 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1618#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1619#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1620
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1621#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1622#if defined(MBEDTLS_SHA1_C)
1623 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1624 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1625 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1626 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1627 MBEDTLS_CIPHERSUITE_WEAK },
1628#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1629
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1630#if defined(MBEDTLS_SHA256_C)
1631 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1632 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1633 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1634 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1635 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1636#endif
1637
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1638#if defined(MBEDTLS_SHA512_C)
1639 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1640 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1641 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1642 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1643 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1644#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1645#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1646
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1647#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1648#if defined(MBEDTLS_SHA1_C)
1649 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1650 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1651 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1652 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1653 MBEDTLS_CIPHERSUITE_WEAK },
1654#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1655
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1656#if defined(MBEDTLS_SHA256_C)
1657 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
1658 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1659 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1660 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1661 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1662#endif
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1663
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1664#if defined(MBEDTLS_SHA512_C)
1665 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
1666 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1667 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1668 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1669 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1670#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1671#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1672#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1673
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1674#if defined(MBEDTLS_DES_C)
1675#if defined(MBEDTLS_CIPHER_MODE_CBC)
1676#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
1677#if defined(MBEDTLS_SHA1_C)
1678 { MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
1679 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]1680 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1681 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1682 MBEDTLS_CIPHERSUITE_WEAK },
1683#endif /* MBEDTLS_SHA1_C */
1684#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1685
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1686#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1687#if defined(MBEDTLS_SHA1_C)
1688 { MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
1689 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Mateusz Starzyk06b07fb2021-02-18 13:55:21 +0100[diff] [blame]1690 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1691 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1692 MBEDTLS_CIPHERSUITE_WEAK },
1693#endif /* MBEDTLS_SHA1_C */
1694#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1695#endif /* MBEDTLS_CIPHER_MODE_CBC */
1696#endif /* MBEDTLS_DES_C */
1697#endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1698
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1699#if defined(MBEDTLS_ARIA_C)
1700
1701#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1702
1703#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1704 { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
1705 "TLS-RSA-WITH-ARIA-256-GCM-SHA384",
1706 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1707 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1708 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1709 0 },
1710#endif
1711#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1712 { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
1713 "TLS-RSA-WITH-ARIA-256-CBC-SHA384",
1714 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1715 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1716 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1717 0 },
1718#endif
1719#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1720 { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
1721 "TLS-RSA-WITH-ARIA-128-GCM-SHA256",
1722 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1723 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1724 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1725 0 },
1726#endif
1727#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1728 { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
1729 "TLS-RSA-WITH-ARIA-128-CBC-SHA256",
1730 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1731 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1732 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1733 0 },
1734#endif
1735
1736#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1737
1738#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1739
1740#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1741 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
1742 "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
1743 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1744 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1745 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1746 0 },
1747#endif
1748#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1749 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
1750 "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
1751 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1752 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1753 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1754 0 },
1755#endif
1756#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1757 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
1758 "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256",
1759 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1760 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1761 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1762 0 },
1763#endif
1764#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1765 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
1766 "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
1767 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1768 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1769 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1770 0 },
1771#endif
1772
1773#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1774
1775#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1776
1777#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1778 { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
1779 "TLS-PSK-WITH-ARIA-256-GCM-SHA384",
1780 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK,
1781 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1782 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1783 0 },
1784#endif
1785#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1786 { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
1787 "TLS-PSK-WITH-ARIA-256-CBC-SHA384",
1788 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1789 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1790 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1791 0 },
1792#endif
1793#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1794 { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
1795 "TLS-PSK-WITH-ARIA-128-GCM-SHA256",
1796 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1797 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1798 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1799 0 },
1800#endif
1801#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1802 { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
1803 "TLS-PSK-WITH-ARIA-128-CBC-SHA256",
1804 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1805 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1806 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1807 0 },
1808#endif
1809
1810#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1811
1812#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
1813
1814#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1815 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
1816 "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384",
1817 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1818 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1819 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1820 0 },
1821#endif
1822#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1823 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
1824 "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
1825 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1826 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1827 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1828 0 },
1829#endif
1830#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1831 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
1832 "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256",
1833 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1834 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1835 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1836 0 },
1837#endif
1838#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1839 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
1840 "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256",
1841 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1842 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1843 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1844 0 },
1845#endif
1846
1847#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
1848
1849#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
1850
1851#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1852 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
1853 "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
1854 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1855 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1856 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1857 0 },
1858#endif
1859#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1860 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
1861 "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
1862 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1863 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1864 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1865 0 },
1866#endif
1867#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1868 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
1869 "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
1870 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1871 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1872 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1873 0 },
1874#endif
1875#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1876 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
1877 "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256",
1878 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1879 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1880 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1881 0 },
1882#endif
1883
1884#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
1885
1886#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1887
1888#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1889 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
1890 "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
1891 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1892 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1893 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1894 0 },
1895#endif
1896#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1897 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
1898 "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256",
1899 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1900 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1901 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1902 0 },
1903#endif
1904
1905#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1906
1907#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
1908
1909#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1910 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
1911 "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
1912 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1913 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1914 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1915 0 },
1916#endif
1917#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1918 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
1919 "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
1920 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1921 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1922 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1923 0 },
1924#endif
1925#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1926 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
1927 "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
1928 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1929 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1930 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1931 0 },
1932#endif
1933#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1934 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
1935 "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256",
1936 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1937 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1938 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1939 0 },
1940#endif
1941
1942#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
1943
1944#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
1945
1946#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1947 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
1948 "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384",
1949 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1950 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1951 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1952 0 },
1953#endif
1954#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1955 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
1956 "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
1957 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1958 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1959 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1960 0 },
1961#endif
1962#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1963 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
1964 "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256",
1965 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1966 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1967 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1968 0 },
1969#endif
1970#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1971 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
1972 "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256",
1973 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1974 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1975 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1976 0 },
1977#endif
1978
1979#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
1980
1981#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
1982
1983#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1984 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
1985 "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
1986 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1987 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1988 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1989 0 },
1990#endif
1991#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1992 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
1993 "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
1994 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1995 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1996 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1997 0 },
1998#endif
1999#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2000 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2001 "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
2002 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2003 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2004 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2005 0 },
2006#endif
2007#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2008 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
2009 "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256",
2010 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2011 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2012 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2013 0 },
2014#endif
2015
2016#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
2017
2018#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
2019
2020#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
2021 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
2022 "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
2023 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2024 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2025 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2026 0 },
2027#endif
2028#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2029 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
2030 "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
2031 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2032 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2033 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2034 0 },
2035#endif
2036#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2037 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
2038 "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
2039 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2040 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2041 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2042 0 },
2043#endif
2044#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2045 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
2046 "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256",
2047 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2048 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2049 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2050 0 },
2051#endif
2052
2053#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
2054
2055#endif /* MBEDTLS_ARIA_C */
2056
2057
Manuel Pégourié-Gonnarda2733712015-02-10 17:32:14 +0100[diff] [blame]2058 { 0, "",
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2059 MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
Manuel Pégourié-Gonnarda2733712015-02-10 17:32:14 +0100[diff] [blame]2060 0, 0, 0, 0, 0 }
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2061};
2062
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2063#if defined(MBEDTLS_SSL_CIPHERSUITES)
2064const int *mbedtls_ssl_list_ciphersuites( void )
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]2065{
2066 return( ciphersuite_preference );
2067}
2068#else
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]2069#define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
2070 sizeof( ciphersuite_definitions[0] )
2071static int supported_ciphersuites[MAX_CIPHERSUITES];
2072static int supported_init = 0;
2073
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]2074static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info )
2075{
2076 (void)cs_info;
2077
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]2078#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES)
2079 if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB ||
2080 cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC )
2081 {
2082 return( 1 );
2083 }
2084#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */
2085
2086 return( 0 );
2087}
2088
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2089const int *mbedtls_ssl_list_ciphersuites( void )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2090{
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]2091 /*
2092 * On initial call filter out all ciphersuites not supported by current
2093 * build based on presence in the ciphersuite_definitions.
2094 */
2095 if( supported_init == 0 )
2096 {
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]2097 const int *p;
2098 int *q;
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]2099
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]2100 for( p = ciphersuite_preference, q = supported_ciphersuites;
2101 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
2102 p++ )
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]2103 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2104 const mbedtls_ssl_ciphersuite_t *cs_info;
2105 if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]2106 !ciphersuite_is_removed( cs_info ) )
2107 {
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]2108 *(q++) = *p;
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]2109 }
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]2110 }
Manuel Pégourié-Gonnardbc4b7f02013-09-07 15:04:26 +0200[diff] [blame]2111 *q = 0;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]2112
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]2113 supported_init = 1;
2114 }
2115
Paul Bakkerd8bb8262014-06-17 14:06:49 +0200[diff] [blame]2116 return( supported_ciphersuites );
Manuel Pégourié-Gonnardf78e4de2015-05-29 10:52:14 +0200[diff] [blame]2117}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2118#endif /* MBEDTLS_SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2119
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2120const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +0200[diff] [blame]2121 const char *ciphersuite_name )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2122{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2123 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2124
2125 if( NULL == ciphersuite_name )
2126 return( NULL );
2127
2128 while( cur->id != 0 )
2129 {
Manuel Pégourié-Gonnardcb46fd82015-05-28 17:06:07 +0200[diff] [blame]2130 if( 0 == strcmp( cur->name, ciphersuite_name ) )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2131 return( cur );
2132
2133 cur++;
2134 }
2135
2136 return( NULL );
2137}
2138
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2139const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2140{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2141 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2142
2143 while( cur->id != 0 )
2144 {
2145 if( cur->id == ciphersuite )
2146 return( cur );
2147
2148 cur++;
2149 }
2150
2151 return( NULL );
2152}
2153
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2154const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2155{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2156 const mbedtls_ssl_ciphersuite_t *cur;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2157
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2158 cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2159
2160 if( cur == NULL )
2161 return( "unknown" );
2162
2163 return( cur->name );
2164}
2165
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2166int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2167{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2168 const mbedtls_ssl_ciphersuite_t *cur;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2169
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2170 cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name );
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2171
2172 if( cur == NULL )
2173 return( 0 );
2174
2175 return( cur->id );
2176}
2177
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2178#if defined(MBEDTLS_PK_C)
2179mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info )
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]2180{
2181 switch( info->key_exchange )
2182 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2183 case MBEDTLS_KEY_EXCHANGE_RSA:
2184 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
2185 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2186 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2187 return( MBEDTLS_PK_RSA );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]2188
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2189 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2190 return( MBEDTLS_PK_ECDSA );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]2191
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2192 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2193 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
2194 return( MBEDTLS_PK_ECKEY );
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]2195
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]2196 default:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2197 return( MBEDTLS_PK_NONE );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]2198 }
2199}
Hanno Becker7e5437a2017-04-28 17:15:26 +0100[diff] [blame]2200
2201mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info )
2202{
2203 switch( info->key_exchange )
2204 {
2205 case MBEDTLS_KEY_EXCHANGE_RSA:
2206 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
2207 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2208 return( MBEDTLS_PK_RSA );
2209
2210 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2211 return( MBEDTLS_PK_ECDSA );
2212
2213 default:
2214 return( MBEDTLS_PK_NONE );
2215 }
2216}
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2217
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2218#endif /* MBEDTLS_PK_C */
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]2219
Ron Eldor755bb6a2018-02-14 19:30:48 +0200[diff] [blame]2220#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
2221 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2222int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
2223{
2224 switch( info->key_exchange )
2225 {
2226 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2227 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2228 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2229 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2230 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
Ron Eldor755bb6a2018-02-14 19:30:48 +0200[diff] [blame]2231 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2232 return( 1 );
2233
2234 default:
2235 return( 0 );
2236 }
2237}
Ron Eldor755bb6a2018-02-14 19:30:48 +0200[diff] [blame]2238#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2239
Gilles Peskineeccd8882020-03-10 12:19:08 +0100[diff] [blame]2240#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2241int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info )
2242{
2243 switch( info->key_exchange )
2244 {
2245 case MBEDTLS_KEY_EXCHANGE_PSK:
2246 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2247 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
2248 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2249 return( 1 );
2250
2251 default:
2252 return( 0 );
2253 }
2254}
Gilles Peskineeccd8882020-03-10 12:19:08 +0100[diff] [blame]2255#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2256
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2257#endif /* MBEDTLS_SSL_TLS_C */