TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 65fc6a886a8df5e850e60f5d408ee1985fcbd3aa / . / library / ssl_ciphersuites.c
blob: 6d1828db6c81dac0eaf9a6e9f42c7a9c67d6d46d [file] [log] [blame]
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1/**
2 * \file ssl_ciphersuites.c
3 *
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +0000[diff] [blame]4 * \brief SSL ciphersuites for mbed TLS
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]5 *
Manuel Pégourié-Gonnarda658a402015-01-23 09:45:19 +0000[diff] [blame]6 * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]7 *
Manuel Pégourié-Gonnard085ab042015-01-23 11:06:27 +0000[diff] [blame]8 * This file is part of mbed TLS (https://www.polarssl.org)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]9 *
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License along
21 * with this program; if not, write to the Free Software Foundation, Inc.,
22 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23 */
24
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]25#if !defined(POLARSSL_CONFIG_FILE)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]26#include "polarssl/config.h"
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]27#else
28#include POLARSSL_CONFIG_FILE
29#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]30
31#if defined(POLARSSL_SSL_TLS_C)
32
33#include "polarssl/ssl_ciphersuites.h"
34#include "polarssl/ssl.h"
35
36#include <stdlib.h>
37
Paul Bakker6edcd412013-10-29 15:22:54 +0100[diff] [blame]38#if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \
39 !defined(EFI32)
Manuel Pégourié-Gonnard9654fb12013-10-03 11:53:05 +0200[diff] [blame]40#define strcasecmp _stricmp
41#endif
42
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]43/*
44 * Ordered from most preferred to least preferred in terms of security.
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]45 *
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame]46 * Current rule (except rc4, weak and null which come last):
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]47 * 1. By key exchange:
48 * Forward-secure non-PSK > forward-secure PSK > other non-PSK > other PSK
49 * 2. By key length and cipher:
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame]50 * AES-256 > Camellia-256 > AES-128 > Camellia-128 > 3DES
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]51 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]52 * 4. By hash function used when relevant
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]53 * 5. By key exchange/auth again: EC > non-EC
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]54 */
55static const int ciphersuite_preference[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]56{
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]57#if defined(SSL_CIPHERSUITES)
58 SSL_CIPHERSUITES,
59#else
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]60 /* All AES-256 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]61 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]62 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]63 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]64 TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
65 TLS_DHE_RSA_WITH_AES_256_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]66 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
67 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
68 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]69 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]70 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]71 TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]72 TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
73 TLS_DHE_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]74
75 /* All CAMELLIA-256 ephemeral suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]76 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
77 TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
78 TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]79 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]80 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]81 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]82 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]83
84 /* All AES-128 ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]85 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]86 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]87 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]88 TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
89 TLS_DHE_RSA_WITH_AES_128_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]90 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
91 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
92 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]93 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]94 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
95 TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]96 TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
97 TLS_DHE_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]98
99 /* All CAMELLIA-128 ephemeral suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]100 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
101 TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
102 TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]103 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]104 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]105 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]106 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]107
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]108 /* All remaining >= 128-bit ephemeral suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]109 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]110 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]111 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]112
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]113 /* The PSK ephemeral suites */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]114 TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]115 TLS_DHE_PSK_WITH_AES_256_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]116 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
117 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
118 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
119 TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]120 TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]121 TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]122 TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]123 TLS_DHE_PSK_WITH_AES_256_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]124
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]125 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]126 TLS_DHE_PSK_WITH_AES_128_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]127 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
128 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
129 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
130 TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]131 TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]132 TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]133 TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]134 TLS_DHE_PSK_WITH_AES_128_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]135
136 TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]137 TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]138
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]139 /* All AES-256 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]140 TLS_RSA_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]141 TLS_RSA_WITH_AES_256_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]142 TLS_RSA_WITH_AES_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]143 TLS_RSA_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]144 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
145 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
146 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
147 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
148 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
149 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]150 TLS_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]151
152 /* All CAMELLIA-256 suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]153 TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]154 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]155 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]156 TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
157 TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
158 TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
159 TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]160
161 /* All AES-128 suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]162 TLS_RSA_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]163 TLS_RSA_WITH_AES_128_CCM,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]164 TLS_RSA_WITH_AES_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]165 TLS_RSA_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]166 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
167 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
168 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
169 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
170 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
171 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]172 TLS_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]173
174 /* All CAMELLIA-128 suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]175 TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]176 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]177 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]178 TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
179 TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
180 TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
181 TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]182
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]183 /* All remaining >= 128-bit suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]184 TLS_RSA_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]185 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]186 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]187
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]188 /* The RSA PSK suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]189 TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]190 TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]191 TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]192 TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]193 TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]194
195 TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]196 TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]197 TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]198 TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]199 TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]200
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]201 TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]202
203 /* The PSK suites */
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]204 TLS_PSK_WITH_AES_256_GCM_SHA384,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]205 TLS_PSK_WITH_AES_256_CCM,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]206 TLS_PSK_WITH_AES_256_CBC_SHA384,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]207 TLS_PSK_WITH_AES_256_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]208 TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]209 TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]210 TLS_PSK_WITH_AES_256_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]211
212 TLS_PSK_WITH_AES_128_GCM_SHA256,
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]213 TLS_PSK_WITH_AES_128_CCM,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]214 TLS_PSK_WITH_AES_128_CBC_SHA256,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]215 TLS_PSK_WITH_AES_128_CBC_SHA,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]216 TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]217 TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]218 TLS_PSK_WITH_AES_128_CCM_8,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]219
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]220 TLS_PSK_WITH_3DES_EDE_CBC_SHA,
Manuel Pégourié-Gonnardc16f4e12014-04-29 18:23:07 +0200[diff] [blame]221
222 /* RC4 suites */
223 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
224 TLS_ECDHE_RSA_WITH_RC4_128_SHA,
225 TLS_ECDHE_PSK_WITH_RC4_128_SHA,
226 TLS_DHE_PSK_WITH_RC4_128_SHA,
227 TLS_RSA_WITH_RC4_128_SHA,
228 TLS_RSA_WITH_RC4_128_MD5,
229 TLS_ECDH_RSA_WITH_RC4_128_SHA,
230 TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
231 TLS_RSA_PSK_WITH_RC4_128_SHA,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]232 TLS_PSK_WITH_RC4_128_SHA,
233
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]234 /* Weak suites */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]235 TLS_DHE_RSA_WITH_DES_CBC_SHA,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]236 TLS_RSA_WITH_DES_CBC_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]237
238 /* NULL suites */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]239 TLS_ECDHE_ECDSA_WITH_NULL_SHA,
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]240 TLS_ECDHE_RSA_WITH_NULL_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]241 TLS_ECDHE_PSK_WITH_NULL_SHA384,
242 TLS_ECDHE_PSK_WITH_NULL_SHA256,
243 TLS_ECDHE_PSK_WITH_NULL_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]244 TLS_DHE_PSK_WITH_NULL_SHA384,
245 TLS_DHE_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]246 TLS_DHE_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]247
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]248 TLS_RSA_WITH_NULL_SHA256,
249 TLS_RSA_WITH_NULL_SHA,
250 TLS_RSA_WITH_NULL_MD5,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]251 TLS_ECDH_RSA_WITH_NULL_SHA,
252 TLS_ECDH_ECDSA_WITH_NULL_SHA,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]253 TLS_RSA_PSK_WITH_NULL_SHA384,
254 TLS_RSA_PSK_WITH_NULL_SHA256,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]255 TLS_RSA_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]256 TLS_PSK_WITH_NULL_SHA384,
257 TLS_PSK_WITH_NULL_SHA256,
258 TLS_PSK_WITH_NULL_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]259
Paul Bakker82788fb2014-10-20 13:59:19 +0200[diff] [blame]260#endif /* SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]261 0
262};
263
264static const ssl_ciphersuite_t ciphersuite_definitions[] =
265{
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]266#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
267#if defined(POLARSSL_AES_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]268#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]269#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]270 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
271 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
272 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
273 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]274 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]275 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
276 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
277 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
278 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]279 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]280#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]281#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]282#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]283#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]284 { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
285 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
286 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
287 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]288 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]289#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]290#if defined(POLARSSL_GCM_C)
291 { TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
292 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
293 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
294 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]295 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]296#endif /* POLARSSL_GCM_C */
297#endif /* POLARSSL_SHA256_C */
298#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]299#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]300 { TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
301 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
302 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
303 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]304 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]305#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]306#if defined(POLARSSL_GCM_C)
307 { TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
308 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
309 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
310 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]311 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]312#endif /* POLARSSL_GCM_C */
313#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]314#if defined(POLARSSL_CCM_C)
315 { TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
316 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
317 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
318 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
319 0 },
320 { TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
321 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
322 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
323 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
324 POLARSSL_CIPHERSUITE_SHORT_TAG },
325 { TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
326 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
327 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
328 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
329 0 },
330 { TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
331 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
332 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
333 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
334 POLARSSL_CIPHERSUITE_SHORT_TAG },
335#endif /* POLARSSL_CCM_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]336#endif /* POLARSSL_AES_C */
337
338#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]339#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]340#if defined(POLARSSL_SHA256_C)
341 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
342 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]343 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]344 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]345 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]346#endif /* POLARSSL_SHA256_C */
347#if defined(POLARSSL_SHA512_C)
348 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
349 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]350 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]351 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]352 0 },
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]353#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]354#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]355
356#if defined(POLARSSL_GCM_C)
357#if defined(POLARSSL_SHA256_C)
358 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
359 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
360 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
361 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
362 0 },
363#endif /* POLARSSL_SHA256_C */
364#if defined(POLARSSL_SHA512_C)
365 { TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
366 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
367 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
368 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
369 0 },
370#endif /* POLARSSL_SHA512_C */
371#endif /* POLARSSL_GCM_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]372#endif /* POLARSSL_CAMELLIA_C */
373
374#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]375#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]376#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]377 { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
378 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
379 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
380 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]381 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]382#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]383#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]384#endif /* POLARSSL_DES_C */
385
386#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]387#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]388 { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
389 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
390 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
391 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]392 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]393#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]394#endif /* POLARSSL_ARC4_C */
395
396#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]397#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]398 { TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
399 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
400 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
401 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]402 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]403#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]404#endif /* POLARSSL_CIPHER_NULL_CIPHER */
405#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
406
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]407#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]408#if defined(POLARSSL_AES_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]409#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]410#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]411 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
412 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
413 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
414 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]415 0 },
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]416 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
417 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
418 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
419 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]420 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]421#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]422#endif /* POLARSSL_SHA1_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]423#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]424#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]425 { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
426 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
427 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
428 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]429 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]430#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]431#if defined(POLARSSL_GCM_C)
432 { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
433 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
434 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
435 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]436 0 },
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]437#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]438#endif /* POLARSSL_SHA256_C */
439#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]440#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]441 { TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
442 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
443 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
444 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]445 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]446#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]447#if defined(POLARSSL_GCM_C)
448 { TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
449 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
450 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
451 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]452 0 },
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]453#endif /* POLARSSL_GCM_C */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]454#endif /* POLARSSL_SHA512_C */
Paul Bakkera54e4932013-03-20 15:31:54 +0100[diff] [blame]455#endif /* POLARSSL_AES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]456
457#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]458#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]459#if defined(POLARSSL_SHA256_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]460 { TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
461 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]462 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]463 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]464 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]465#endif /* POLARSSL_SHA256_C */
466#if defined(POLARSSL_SHA512_C)
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]467 { TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
468 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]469 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]470 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]471 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]472#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]473#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]474
475#if defined(POLARSSL_GCM_C)
476#if defined(POLARSSL_SHA256_C)
477 { TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
478 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
479 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
480 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
481 0 },
482#endif /* POLARSSL_SHA256_C */
483#if defined(POLARSSL_SHA512_C)
484 { TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
485 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
486 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
487 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
488 0 },
489#endif /* POLARSSL_SHA512_C */
490#endif /* POLARSSL_GCM_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]491#endif /* POLARSSL_CAMELLIA_C */
492
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]493#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]494#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]495#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]496 { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
497 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
498 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
499 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]500 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]501#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]502#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]503#endif /* POLARSSL_DES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]504
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]505#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]506#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]507 { TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
508 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
509 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
510 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]511 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]512#endif /* POLARSSL_SHA1_C */
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]513#endif /* POLARSSL_ARC4_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]514
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]515#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]516#if defined(POLARSSL_SHA1_C)
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]517 { TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
518 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
519 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
520 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]521 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]522#endif /* POLARSSL_SHA1_C */
Paul Bakkered27a042013-04-18 22:46:23 +0200[diff] [blame]523#endif /* POLARSSL_CIPHER_NULL_CIPHER */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]524#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]525
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]526#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]527#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]528#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]529 { TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
530 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA,
531 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
532 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
533 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]534#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]535
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]536#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]537#if defined(POLARSSL_GCM_C)
538 { TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
539 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
540 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
541 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
542 0 },
543#endif /* POLARSSL_GCM_C */
544
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]545#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]546 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
547 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
548 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
549 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
550 0 },
551
552 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
553 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
554 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
555 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
556 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]557#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]558#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]559
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]560#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]561#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]562 { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
563 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
564 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
565 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
566 0 },
567
568 { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
569 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
570 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
571 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
572 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]573#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]574#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]575#if defined(POLARSSL_CCM_C)
576 { TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
577 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
578 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
579 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
580 0 },
581 { TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
582 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
583 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
584 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
585 POLARSSL_CIPHERSUITE_SHORT_TAG },
586 { TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
587 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
588 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
589 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
590 0 },
591 { TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
592 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
593 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
594 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
595 POLARSSL_CIPHERSUITE_SHORT_TAG },
596#endif /* POLARSSL_CCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]597#endif /* POLARSSL_AES_C */
598
599#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]600#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]601#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]602 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
603 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
604 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
605 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
606 0 },
607
608 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
609 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
610 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
611 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
612 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]613#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]614
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]615#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]616 { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
617 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
618 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
619 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
620 0 },
621
622 { TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
623 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
624 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
625 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
626 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]627#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]628#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]629#if defined(POLARSSL_GCM_C)
630#if defined(POLARSSL_SHA256_C)
631 { TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
632 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_RSA,
633 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
634 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
635 0 },
636#endif /* POLARSSL_SHA256_C */
637
638#if defined(POLARSSL_SHA512_C)
639 { TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
640 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_RSA,
641 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
642 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
643 0 },
644#endif /* POLARSSL_SHA512_C */
645#endif /* POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]646#endif /* POLARSSL_CAMELLIA_C */
647
648#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]649#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]650#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]651 { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
652 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
653 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
654 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
655 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]656#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]657#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]658#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]659#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]660
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]661#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]662#if defined(POLARSSL_AES_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]663#if defined(POLARSSL_SHA512_C) && defined(POLARSSL_GCM_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]664 { TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
665 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
666 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
667 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
668 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]669#endif /* POLARSSL_SHA512_C && POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]670
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]671#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]672#if defined(POLARSSL_GCM_C)
673 { TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
674 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
675 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
676 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
677 0 },
678#endif /* POLARSSL_GCM_C */
679
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]680#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]681 { TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
682 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
683 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
684 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
685 0 },
686
687 { TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
688 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
689 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
690 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
691 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]692#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]693#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]694
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]695#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]696#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]697 { TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
698 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
699 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
700 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
701 0 },
702
703 { TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
704 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
705 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
706 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
707 0 },
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]708#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]709#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]710#if defined(POLARSSL_CCM_C)
711 { TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
712 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
713 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
714 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
715 0 },
716 { TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
717 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
718 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
719 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
720 POLARSSL_CIPHERSUITE_SHORT_TAG },
721 { TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
722 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
723 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
724 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
725 0 },
726 { TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
727 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
728 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
729 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
730 POLARSSL_CIPHERSUITE_SHORT_TAG },
731#endif /* POLARSSL_CCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]732#endif /* POLARSSL_AES_C */
733
734#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]735#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]736#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]737 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
738 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
739 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
740 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
741 0 },
742
743 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
744 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
745 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
746 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
747 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]748#endif /* POLARSSL_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]749
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]750#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]751 { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
752 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
753 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
754 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
755 0 },
756
757 { TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
758 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
759 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
760 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
761 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]762#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]763#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]764
765#if defined(POLARSSL_GCM_C)
766#if defined(POLARSSL_SHA256_C)
767 { TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
768 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
769 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
770 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
771 0 },
772#endif /* POLARSSL_SHA256_C */
773
774#if defined(POLARSSL_SHA1_C)
775 { TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
776 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA,
777 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
778 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
779 0 },
780#endif /* POLARSSL_SHA1_C */
781#endif /* POLARSSL_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]782#endif /* POLARSSL_CAMELLIA_C */
783
784#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]785#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]786#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]787 { TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
788 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
789 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
790 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
791 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]792#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]793#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]794#endif /* POLARSSL_DES_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]795
796#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]797#if defined(POLARSSL_MD5_C)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]798 { TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
799 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
800 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
801 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
802 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]803#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]804
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]805#if defined(POLARSSL_SHA1_C)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]806 { TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
807 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
808 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
809 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
810 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]811#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]812#endif /* POLARSSL_ARC4_C */
813#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]814
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]815#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED)
816#if defined(POLARSSL_AES_C)
817#if defined(POLARSSL_SHA1_C)
818#if defined(POLARSSL_CIPHER_MODE_CBC)
819 { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
820 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
821 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
822 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
823 0 },
824 { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
825 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
826 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
827 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
828 0 },
829#endif /* POLARSSL_CIPHER_MODE_CBC */
830#endif /* POLARSSL_SHA1_C */
831#if defined(POLARSSL_SHA256_C)
832#if defined(POLARSSL_CIPHER_MODE_CBC)
833 { TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
834 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
835 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
836 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
837 0 },
838#endif /* POLARSSL_CIPHER_MODE_CBC */
839#if defined(POLARSSL_GCM_C)
840 { TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
841 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
842 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
843 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
844 0 },
845#endif /* POLARSSL_GCM_C */
846#endif /* POLARSSL_SHA256_C */
847#if defined(POLARSSL_SHA512_C)
848#if defined(POLARSSL_CIPHER_MODE_CBC)
849 { TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
850 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
851 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
852 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
853 0 },
854#endif /* POLARSSL_CIPHER_MODE_CBC */
855#if defined(POLARSSL_GCM_C)
856 { TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
857 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
858 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
859 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
860 0 },
861#endif /* POLARSSL_GCM_C */
862#endif /* POLARSSL_SHA512_C */
863#endif /* POLARSSL_AES_C */
864
865#if defined(POLARSSL_CAMELLIA_C)
866#if defined(POLARSSL_CIPHER_MODE_CBC)
867#if defined(POLARSSL_SHA256_C)
868 { TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
869 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
870 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
871 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
872 0 },
873#endif /* POLARSSL_SHA256_C */
874#if defined(POLARSSL_SHA512_C)
875 { TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
876 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
877 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
878 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
879 0 },
880#endif /* POLARSSL_SHA512_C */
881#endif /* POLARSSL_CIPHER_MODE_CBC */
882
883#if defined(POLARSSL_GCM_C)
884#if defined(POLARSSL_SHA256_C)
885 { TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
886 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
887 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
888 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
889 0 },
890#endif /* POLARSSL_SHA256_C */
891#if defined(POLARSSL_SHA512_C)
892 { TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
893 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
894 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
895 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
896 0 },
897#endif /* POLARSSL_SHA512_C */
898#endif /* POLARSSL_GCM_C */
899#endif /* POLARSSL_CAMELLIA_C */
900
901#if defined(POLARSSL_DES_C)
902#if defined(POLARSSL_CIPHER_MODE_CBC)
903#if defined(POLARSSL_SHA1_C)
904 { TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
905 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
906 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
907 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
908 0 },
909#endif /* POLARSSL_SHA1_C */
910#endif /* POLARSSL_CIPHER_MODE_CBC */
911#endif /* POLARSSL_DES_C */
912
913#if defined(POLARSSL_ARC4_C)
914#if defined(POLARSSL_SHA1_C)
915 { TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA",
916 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
917 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
918 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
919 0 },
920#endif /* POLARSSL_SHA1_C */
921#endif /* POLARSSL_ARC4_C */
922
923#if defined(POLARSSL_CIPHER_NULL_CIPHER)
924#if defined(POLARSSL_SHA1_C)
925 { TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
926 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_RSA,
927 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
928 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
929 POLARSSL_CIPHERSUITE_WEAK },
930#endif /* POLARSSL_SHA1_C */
931#endif /* POLARSSL_CIPHER_NULL_CIPHER */
932#endif /* POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED */
933
934#if defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
935#if defined(POLARSSL_AES_C)
936#if defined(POLARSSL_SHA1_C)
937#if defined(POLARSSL_CIPHER_MODE_CBC)
938 { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
939 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
940 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
941 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
942 0 },
943 { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
944 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
945 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
946 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
947 0 },
948#endif /* POLARSSL_CIPHER_MODE_CBC */
949#endif /* POLARSSL_SHA1_C */
950#if defined(POLARSSL_SHA256_C)
951#if defined(POLARSSL_CIPHER_MODE_CBC)
952 { TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
953 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
954 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
955 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
956 0 },
957#endif /* POLARSSL_CIPHER_MODE_CBC */
958#if defined(POLARSSL_GCM_C)
959 { TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
960 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
961 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
962 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
963 0 },
964#endif /* POLARSSL_GCM_C */
965#endif /* POLARSSL_SHA256_C */
966#if defined(POLARSSL_SHA512_C)
967#if defined(POLARSSL_CIPHER_MODE_CBC)
968 { TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
969 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
970 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
971 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
972 0 },
973#endif /* POLARSSL_CIPHER_MODE_CBC */
974#if defined(POLARSSL_GCM_C)
975 { TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
976 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
977 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
978 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
979 0 },
980#endif /* POLARSSL_GCM_C */
981#endif /* POLARSSL_SHA512_C */
982#endif /* POLARSSL_AES_C */
983
984#if defined(POLARSSL_CAMELLIA_C)
985#if defined(POLARSSL_CIPHER_MODE_CBC)
986#if defined(POLARSSL_SHA256_C)
987 { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
988 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
989 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
990 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
991 0 },
992#endif /* POLARSSL_SHA256_C */
993#if defined(POLARSSL_SHA512_C)
994 { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
995 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
996 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
997 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
998 0 },
999#endif /* POLARSSL_SHA512_C */
1000#endif /* POLARSSL_CIPHER_MODE_CBC */
1001
1002#if defined(POLARSSL_GCM_C)
1003#if defined(POLARSSL_SHA256_C)
1004 { TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
1005 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1006 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1007 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1008 0 },
1009#endif /* POLARSSL_SHA256_C */
1010#if defined(POLARSSL_SHA512_C)
1011 { TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
1012 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1013 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1014 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1015 0 },
1016#endif /* POLARSSL_SHA512_C */
1017#endif /* POLARSSL_GCM_C */
1018#endif /* POLARSSL_CAMELLIA_C */
1019
1020#if defined(POLARSSL_DES_C)
1021#if defined(POLARSSL_CIPHER_MODE_CBC)
1022#if defined(POLARSSL_SHA1_C)
1023 { TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
1024 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1025 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
1026 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1027 0 },
1028#endif /* POLARSSL_SHA1_C */
1029#endif /* POLARSSL_CIPHER_MODE_CBC */
1030#endif /* POLARSSL_DES_C */
1031
1032#if defined(POLARSSL_ARC4_C)
1033#if defined(POLARSSL_SHA1_C)
1034 { TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA",
1035 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1036 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
1037 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1038 0 },
1039#endif /* POLARSSL_SHA1_C */
1040#endif /* POLARSSL_ARC4_C */
1041
1042#if defined(POLARSSL_CIPHER_NULL_CIPHER)
1043#if defined(POLARSSL_SHA1_C)
1044 { TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
1045 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
1046 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
1047 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1048 POLARSSL_CIPHERSUITE_WEAK },
1049#endif /* POLARSSL_SHA1_C */
1050#endif /* POLARSSL_CIPHER_NULL_CIPHER */
1051#endif /* POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
1052
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1053#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
1054#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1055#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1056#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1057 { TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
1058 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
1059 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1060 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1061 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1062#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1063
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1064#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1065 { TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
1066 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
1067 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1068 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1069 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1070#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1071#endif /* POLARSSL_GCM_C */
1072
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1073#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1074#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1075 { TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1076 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1077 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1078 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1079 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1080#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1081
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1082#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1083 { TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1084 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1085 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1086 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1087 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1088#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1089
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1090#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1091 { TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1092 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1093 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1094 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1095 0 },
1096
1097 { TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1098 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1099 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1100 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1101 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1102#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1103#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1104#if defined(POLARSSL_CCM_C)
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1105 { TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
1106 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1107 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1108 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1109 0 },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1110 { TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
1111 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1112 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1113 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1114 POLARSSL_CIPHERSUITE_SHORT_TAG },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1115 { TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
1116 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1117 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1118 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1119 0 },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1120 { TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
1121 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1122 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1123 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1124 POLARSSL_CIPHERSUITE_SHORT_TAG },
1125#endif /* POLARSSL_CCM_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1126#endif /* POLARSSL_AES_C */
1127
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1128#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1129#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1130#if defined(POLARSSL_SHA256_C)
1131 { TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1132 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1133 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1134 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1135 0 },
1136#endif /* POLARSSL_SHA256_C */
1137
1138#if defined(POLARSSL_SHA512_C)
1139 { TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1140 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1141 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1142 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1143 0 },
1144#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1145#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1146
1147#if defined(POLARSSL_GCM_C)
1148#if defined(POLARSSL_SHA256_C)
1149 { TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1150 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
1151 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1152 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1153 0 },
1154#endif /* POLARSSL_SHA256_C */
1155
1156#if defined(POLARSSL_SHA512_C)
1157 { TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1158 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
1159 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1160 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1161 0 },
1162#endif /* POLARSSL_SHA512_C */
1163#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1164#endif /* POLARSSL_CAMELLIA_C */
1165
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1166#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1167#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1168#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1169 { TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
1170 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1171 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1172 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1173 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1174#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1175#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1176#endif /* POLARSSL_DES_C */
1177
1178#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1179#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1180 { TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
1181 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1182 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1183 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1184 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1185#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1186#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1187#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1188
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1189#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1190#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1191#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1192#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1193 { TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1194 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1195 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1196 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1197 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1198#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1199
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1200#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1201 { TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1202 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1203 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1204 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1205 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1206#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1207#endif /* POLARSSL_GCM_C */
1208
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1209#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1210#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1211 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1212 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1213 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1214 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1215 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1216#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1217
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1218#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1219 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1220 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1221 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1222 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1223 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1224#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1225
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1226#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1227 { TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1228 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1229 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1230 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1231 0 },
1232
1233 { TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1234 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1235 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1236 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1237 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1238#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1239#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1240#if defined(POLARSSL_CCM_C)
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1241 { TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
1242 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1243 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1244 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1245 0 },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1246 { TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1247 POLARSSL_CIPHER_AES_256_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1248 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1249 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1250 POLARSSL_CIPHERSUITE_SHORT_TAG },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1251 { TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
1252 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1253 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1254 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1255 0 },
Manuel Pégourié-Gonnardac2ccf82014-06-24 15:48:01 +0200[diff] [blame]1256 { TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1257 POLARSSL_CIPHER_AES_128_CCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1258 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1259 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1260 POLARSSL_CIPHERSUITE_SHORT_TAG },
1261#endif /* POLARSSL_CCM_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1262#endif /* POLARSSL_AES_C */
1263
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1264#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1265#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1266#if defined(POLARSSL_SHA256_C)
1267 { TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1268 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1269 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1270 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1271 0 },
1272#endif /* POLARSSL_SHA256_C */
1273
1274#if defined(POLARSSL_SHA512_C)
1275 { TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1276 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1277 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1278 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1279 0 },
1280#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1281#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1282
1283#if defined(POLARSSL_GCM_C)
1284#if defined(POLARSSL_SHA256_C)
1285 { TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1286 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1287 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1288 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1289 0 },
1290#endif /* POLARSSL_SHA256_C */
1291
1292#if defined(POLARSSL_SHA512_C)
1293 { TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1294 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1295 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1296 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1297 0 },
1298#endif /* POLARSSL_SHA512_C */
1299#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1300#endif /* POLARSSL_CAMELLIA_C */
1301
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1302#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1303#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1304#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1305 { TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
1306 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1307 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1308 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1309 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1310#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1311#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1312#endif /* POLARSSL_DES_C */
1313
1314#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1315#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1316 { TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
1317 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1318 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1319 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1320 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1321#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1322#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1323#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1324
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1325#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1326#if defined(POLARSSL_AES_C)
1327
1328#if defined(POLARSSL_CIPHER_MODE_CBC)
1329#if defined(POLARSSL_SHA256_C)
1330 { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1331 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1332 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1333 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1334 0 },
1335#endif /* POLARSSL_SHA256_C */
1336
1337#if defined(POLARSSL_SHA512_C)
1338 { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1339 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1340 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1341 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1342 0 },
1343#endif /* POLARSSL_SHA512_C */
1344
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1345#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1346 { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1347 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1348 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1349 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1350 0 },
1351
1352 { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1353 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1354 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1355 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1356 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1357#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1358#endif /* POLARSSL_CIPHER_MODE_CBC */
1359#endif /* POLARSSL_AES_C */
1360
1361#if defined(POLARSSL_CAMELLIA_C)
1362#if defined(POLARSSL_CIPHER_MODE_CBC)
1363#if defined(POLARSSL_SHA256_C)
1364 { TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1365 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1366 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1367 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1368 0 },
1369#endif /* POLARSSL_SHA256_C */
1370
1371#if defined(POLARSSL_SHA512_C)
1372 { TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1373 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1374 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1375 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1376 0 },
1377#endif /* POLARSSL_SHA512_C */
1378#endif /* POLARSSL_CIPHER_MODE_CBC */
1379#endif /* POLARSSL_CAMELLIA_C */
1380
1381#if defined(POLARSSL_DES_C)
1382#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1383#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1384 { TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
1385 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1386 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1387 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1388 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1389#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1390#endif /* POLARSSL_CIPHER_MODE_CBC */
1391#endif /* POLARSSL_DES_C */
1392
1393#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1394#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1395 { TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
1396 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1397 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1398 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1399 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1400#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1401#endif /* POLARSSL_ARC4_C */
1402#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1403
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1404#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1405#if defined(POLARSSL_AES_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1406#if defined(POLARSSL_GCM_C)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1407#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1408 { TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1409 POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1410 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1411 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1412 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1413#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1414
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1415#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1416 { TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1417 POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1418 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1419 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1420 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1421#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1422#endif /* POLARSSL_GCM_C */
1423
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1424#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1425#if defined(POLARSSL_SHA256_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1426 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1427 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1428 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1429 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1430 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1431#endif /* POLARSSL_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1432
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1433#if defined(POLARSSL_SHA512_C)
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1434 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1435 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1436 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1437 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1438 0 },
Paul Bakker9e36f042013-06-30 14:34:05 +0200[diff] [blame]1439#endif /* POLARSSL_SHA512_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1440
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1441#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1442 { TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1443 POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda04fa4f2014-07-13 16:16:44 +0200[diff] [blame]1444 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1445 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1446 0 },
1447
1448 { TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1449 POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda04fa4f2014-07-13 16:16:44 +0200[diff] [blame]1450 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1451 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1452 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1453#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1454#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1455#endif /* POLARSSL_AES_C */
1456
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1457#if defined(POLARSSL_CAMELLIA_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1458#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1459#if defined(POLARSSL_SHA256_C)
1460 { TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1461 POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1462 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1463 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1464 0 },
1465#endif /* POLARSSL_SHA256_C */
1466
1467#if defined(POLARSSL_SHA512_C)
1468 { TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1469 POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1470 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1471 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1472 0 },
1473#endif /* POLARSSL_SHA512_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1474#endif /* POLARSSL_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1475
1476#if defined(POLARSSL_GCM_C)
1477#if defined(POLARSSL_SHA256_C)
1478 { TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1479 POLARSSL_CIPHER_CAMELLIA_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1480 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1481 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1482 0 },
1483#endif /* POLARSSL_SHA256_C */
1484
1485#if defined(POLARSSL_SHA512_C)
1486 { TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1487 POLARSSL_CIPHER_CAMELLIA_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
1488 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1489 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1490 0 },
1491#endif /* POLARSSL_SHA512_C */
1492#endif /* POLARSSL_GCM_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1493#endif /* POLARSSL_CAMELLIA_C */
1494
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1495#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1496#if defined(POLARSSL_CIPHER_MODE_CBC)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1497#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1498 { TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
1499 POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda04fa4f2014-07-13 16:16:44 +0200[diff] [blame]1500 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1501 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1502 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1503#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1504#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1505#endif /* POLARSSL_DES_C */
1506
1507#if defined(POLARSSL_ARC4_C)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1508#if defined(POLARSSL_SHA1_C)
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1509 { TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
1510 POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda04fa4f2014-07-13 16:16:44 +0200[diff] [blame]1511 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1512 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1513 0 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1514#endif /* POLARSSL_SHA1_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1515#endif /* POLARSSL_ARC4_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1516#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1517
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1518#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES)
1519#if defined(POLARSSL_CIPHER_NULL_CIPHER)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1520#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1521#if defined(POLARSSL_MD5_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1522 { TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1523 POLARSSL_CIPHER_NULL, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA,
1524 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1525 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1526 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1527#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1528
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1529#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1530 { TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1531 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
1532 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1533 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1534 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1535#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1536
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1537#if defined(POLARSSL_SHA256_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1538 { TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1539 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1540 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1541 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1542 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1543#endif
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1544#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1545
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1546#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1547#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1548 { TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1549 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK,
1550 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1551 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1552 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1553#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1554
1555#if defined(POLARSSL_SHA256_C)
1556 { TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1557 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1558 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1559 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1560 POLARSSL_CIPHERSUITE_WEAK },
1561#endif
1562
1563#if defined(POLARSSL_SHA512_C)
1564 { TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1565 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1566 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1567 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1568 POLARSSL_CIPHERSUITE_WEAK },
1569#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1570#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
1571
1572#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1573#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1574 { TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1575 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK,
1576 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1577 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1578 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1579#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1580
1581#if defined(POLARSSL_SHA256_C)
1582 { TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1583 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1584 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1585 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1586 POLARSSL_CIPHERSUITE_WEAK },
1587#endif
1588
1589#if defined(POLARSSL_SHA512_C)
1590 { TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1591 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_DHE_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1592 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1593 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1594 POLARSSL_CIPHERSUITE_WEAK },
1595#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1596#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
1597
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1598#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1599#if defined(POLARSSL_SHA1_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1600 { TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1601 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnard20b9af72013-11-26 14:31:44 +0100[diff] [blame]1602 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1603 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1604 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1605#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1606
1607#if defined(POLARSSL_SHA256_C)
1608 { TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1609 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1610 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1611 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1612 POLARSSL_CIPHERSUITE_WEAK },
1613#endif
1614
1615#if defined(POLARSSL_SHA512_C)
1616 { TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1617 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
Manuel Pégourié-Gonnarda5bdfcd2013-11-26 13:27:45 +0100[diff] [blame]1618 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1619 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1620 POLARSSL_CIPHERSUITE_WEAK },
1621#endif
1622#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1623
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1624#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1625#if defined(POLARSSL_SHA1_C)
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1626 { TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1627 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnarda04fa4f2014-07-13 16:16:44 +0200[diff] [blame]1628 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1629 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1630 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1631#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1632
1633#if defined(POLARSSL_SHA256_C)
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1634 { TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1635 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1636 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1637 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1638 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1639#endif
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1640
1641#if defined(POLARSSL_SHA512_C)
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1642 { TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1643 POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK,
Manuel Pégourié-Gonnard8d4ad072014-07-13 14:43:28 +0200[diff] [blame]1644 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1645 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1646 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1647#endif
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1648#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
1649#endif /* POLARSSL_CIPHER_NULL_CIPHER */
1650
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1651#if defined(POLARSSL_DES_C)
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1652#if defined(POLARSSL_CIPHER_MODE_CBC)
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1653#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1654#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1655 { TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
1656 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA,
1657 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1658 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1659 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1660#endif /* POLARSSL_SHA1_C */
Paul Bakkere07f41d2013-04-19 09:08:57 +0200[diff] [blame]1661#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1662
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1663#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1664#if defined(POLARSSL_SHA1_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1665 { TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
1666 POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA,
1667 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0,
1668 SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
1669 POLARSSL_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1670#endif /* POLARSSL_SHA1_C */
Manuel Pégourié-Gonnardf7dc3782013-09-13 14:10:44 +0200[diff] [blame]1671#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
1672#endif /* POLARSSL_CIPHER_MODE_CBC */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1673#endif /* POLARSSL_DES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1674#endif /* POLARSSL_ENABLE_WEAK_CIPHERSUITES */
1675
1676 { 0, "", 0, 0, 0, 0, 0, 0, 0, 0 }
1677};
1678
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]1679#if defined(SSL_CIPHERSUITES)
1680const int *ssl_list_ciphersuites( void )
1681{
1682 return( ciphersuite_preference );
1683}
1684#else
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1685#define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
1686 sizeof( ciphersuite_definitions[0] )
1687static int supported_ciphersuites[MAX_CIPHERSUITES];
1688static int supported_init = 0;
1689
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1690const int *ssl_list_ciphersuites( void )
1691{
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1692 /*
1693 * On initial call filter out all ciphersuites not supported by current
1694 * build based on presence in the ciphersuite_definitions.
1695 */
1696 if( supported_init == 0 )
1697 {
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1698 const int *p;
1699 int *q;
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1700
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1701 for( p = ciphersuite_preference, q = supported_ciphersuites;
1702 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
1703 p++ )
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1704 {
Manuel Pégourié-Gonnard01edb102014-06-24 22:42:34 +0200[diff] [blame]1705#if defined(POLARSSL_REMOVE_ARC4_CIPHERSUITES)
1706 const ssl_ciphersuite_t *cs_info;
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1707 if( ( cs_info = ssl_ciphersuite_from_id( *p ) ) != NULL &&
Manuel Pégourié-Gonnard01edb102014-06-24 22:42:34 +0200[diff] [blame]1708 cs_info->cipher != POLARSSL_CIPHER_ARC4_128 )
1709#else
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1710 if( ssl_ciphersuite_from_id( *p ) != NULL )
Manuel Pégourié-Gonnard01edb102014-06-24 22:42:34 +0200[diff] [blame]1711#endif
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1712 *(q++) = *p;
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1713 }
Manuel Pégourié-Gonnardbc4b7f02013-09-07 15:04:26 +0200[diff] [blame]1714 *q = 0;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1715
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1716 supported_init = 1;
1717 }
1718
Paul Bakkerd8bb8262014-06-17 14:06:49 +0200[diff] [blame]1719 return( supported_ciphersuites );
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1720};
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]1721#endif /* SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1722
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +0200[diff] [blame]1723const ssl_ciphersuite_t *ssl_ciphersuite_from_string(
1724 const char *ciphersuite_name )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1725{
1726 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1727
1728 if( NULL == ciphersuite_name )
1729 return( NULL );
1730
1731 while( cur->id != 0 )
1732 {
1733 if( 0 == strcasecmp( cur->name, ciphersuite_name ) )
1734 return( cur );
1735
1736 cur++;
1737 }
1738
1739 return( NULL );
1740}
1741
1742const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite )
1743{
1744 const ssl_ciphersuite_t *cur = ciphersuite_definitions;
1745
1746 while( cur->id != 0 )
1747 {
1748 if( cur->id == ciphersuite )
1749 return( cur );
1750
1751 cur++;
1752 }
1753
1754 return( NULL );
1755}
1756
1757const char *ssl_get_ciphersuite_name( const int ciphersuite_id )
1758{
1759 const ssl_ciphersuite_t *cur;
1760
1761 cur = ssl_ciphersuite_from_id( ciphersuite_id );
1762
1763 if( cur == NULL )
1764 return( "unknown" );
1765
1766 return( cur->name );
1767}
1768
1769int ssl_get_ciphersuite_id( const char *ciphersuite_name )
1770{
1771 const ssl_ciphersuite_t *cur;
1772
1773 cur = ssl_ciphersuite_from_string( ciphersuite_name );
1774
1775 if( cur == NULL )
1776 return( 0 );
1777
1778 return( cur->id );
1779}
1780
Manuel Pégourié-Gonnard1a483832013-09-20 12:29:15 +0200[diff] [blame]1781#if defined(POLARSSL_PK_C)
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1782pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info )
1783{
1784 switch( info->key_exchange )
1785 {
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1786 case POLARSSL_KEY_EXCHANGE_RSA:
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1787 case POLARSSL_KEY_EXCHANGE_DHE_RSA:
1788 case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1789 case POLARSSL_KEY_EXCHANGE_RSA_PSK:
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1790 return( POLARSSL_PK_RSA );
1791
1792 case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
1793 return( POLARSSL_PK_ECDSA );
1794
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1795 case POLARSSL_KEY_EXCHANGE_ECDH_RSA:
1796 case POLARSSL_KEY_EXCHANGE_ECDH_ECDSA:
1797 return( POLARSSL_PK_ECKEY );
1798
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1799 default:
1800 return( POLARSSL_PK_NONE );
1801 }
1802}
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1803#endif /* POLARSSL_PK_C */
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1804
Manuel Pégourié-Gonnard280f95b2014-01-18 18:28:58 +0100[diff] [blame]1805#if defined(POLARSSL_ECDH_C) || defined(POLARSSL_ECDSA_C)
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1806int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info )
1807{
1808 switch( info->key_exchange )
1809 {
1810 case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
1811 case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1812 case POLARSSL_KEY_EXCHANGE_ECDHE_PSK:
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1813 case POLARSSL_KEY_EXCHANGE_ECDH_RSA:
1814 case POLARSSL_KEY_EXCHANGE_ECDH_ECDSA:
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1815 return( 1 );
1816
1817 default:
1818 return( 0 );
1819 }
1820}
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1821#endif /* POLARSSL_ECDH_C || POLARSSL_ECDSA_C */
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]1822
Manuel Pégourié-Gonnard280f95b2014-01-18 18:28:58 +0100[diff] [blame]1823#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
Manuel Pégourié-Gonnard21ef42f2013-10-27 14:47:25 +0100[diff] [blame]1824int ssl_ciphersuite_uses_psk( const ssl_ciphersuite_t *info )
1825{
1826 switch( info->key_exchange )
1827 {
1828 case POLARSSL_KEY_EXCHANGE_PSK:
1829 case POLARSSL_KEY_EXCHANGE_RSA_PSK:
1830 case POLARSSL_KEY_EXCHANGE_DHE_PSK:
1831 case POLARSSL_KEY_EXCHANGE_ECDHE_PSK:
1832 return( 1 );
1833
1834 default:
1835 return( 0 );
1836 }
1837}
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1838#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */
Manuel Pégourié-Gonnard21ef42f2013-10-27 14:47:25 +0100[diff] [blame]1839
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]1840#endif /* POLARSSL_SSL_TLS_C */