TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 8ca26923eb71d7ea9615c468bac6f75fa5341eaa / . / library / ssl_ciphersuites.c
blob: 1df1b26b2c62754af16cf2639359c19b85daa988 [file] [log] [blame]
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1/**
2 * \file ssl_ciphersuites.c
3 *
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +0000[diff] [blame]4 * \brief SSL ciphersuites for mbed TLS
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]5 *
Bence Szépkúti1e148272020-08-07 13:07:28 +0200[diff] [blame]6 * Copyright The Mbed TLS Contributors
Manuel Pégourié-Gonnard37ff1402015-09-04 14:21:07 +0200[diff] [blame]7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]20 */
21
Gilles Peskinedb09ef62020-06-03 01:43:33 +0200[diff] [blame]22#include "common.h"
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]23
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]24#if defined(MBEDTLS_SSL_TLS_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]25
SimonBd5800b72016-04-26 07:43:27 +0100[diff] [blame]26#if defined(MBEDTLS_PLATFORM_C)
27#include "mbedtls/platform.h"
28#else
29#include <stdlib.h>
SimonBd5800b72016-04-26 07:43:27 +0100[diff] [blame]30#endif
31
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]32#include "mbedtls/ssl_ciphersuites.h"
33#include "mbedtls/ssl.h"
Manuel Pégourié-Gonnardcac90a12021-06-04 11:42:30 +0200[diff] [blame]34#include "ssl_misc.h"
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]35
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]36#include <string.h>
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]37
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]38/*
39 * Ordered from most preferred to least preferred in terms of security.
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]40 *
TRodziewicz75628d52021-06-18 12:56:27 +0200[diff] [blame]41 * Current rule (except weak and null which come last):
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]42 * 1. By key exchange:
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]43 * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]44 * 2. By key length and cipher:
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]45 * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]46 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]47 * 4. By hash function used when relevant
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]48 * 5. By key exchange/auth again: EC > non-EC
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]49 */
50static const int ciphersuite_preference[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]51{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]52#if defined(MBEDTLS_SSL_CIPHERSUITES)
53 MBEDTLS_SSL_CIPHERSUITES,
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]54#else
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame^]55#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
56 /* TLS 1.3 ciphersuites */
57 MBEDTLS_TLS1_3_AES_128_GCM_SHA256,
58 MBEDTLS_TLS1_3_AES_256_GCM_SHA384,
59 MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256,
60 MBEDTLS_TLS1_3_AES_128_CCM_SHA256,
61 MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256,
62#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
63
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]64 /* Chacha-Poly ephemeral suites */
65 MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
66 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
67 MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
68
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]69 /* All AES-256 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]70 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
71 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
72 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
73 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
74 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
75 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
76 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
77 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
78 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
79 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
80 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
81 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
82 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]83
84 /* All CAMELLIA-256 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]85 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
86 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
87 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
88 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
89 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
90 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
91 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]92
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]93 /* All ARIA-256 ephemeral suites */
94 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
95 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
96 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
97 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
98 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
99 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
100
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]101 /* All AES-128 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]102 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
103 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
104 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
105 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
106 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
107 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
108 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
109 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
110 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
111 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
112 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
113 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
114 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]115
116 /* All CAMELLIA-128 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]117 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
118 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
119 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
120 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
121 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
122 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
123 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]124
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]125 /* All ARIA-128 ephemeral suites */
126 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
127 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
128 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
129 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
130 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
131 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
132
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]133 /* The PSK ephemeral suites */
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]134 MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
135 MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]136 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
137 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
138 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
139 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
140 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
141 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
142 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
143 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
144 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
145 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]146 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
147 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
148 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]149
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]150 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
151 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM,
152 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
153 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
154 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
155 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
156 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
157 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
158 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
159 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]160 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
161 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
162 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]163
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]164 /* The ECJPAKE suite */
165 MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
166
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]167 /* All AES-256 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]168 MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
169 MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
170 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
171 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
172 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
173 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
174 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
175 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
176 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
177 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
178 MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]179
180 /* All CAMELLIA-256 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]181 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
182 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
183 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
184 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
185 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
186 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
187 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]188
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]189 /* All ARIA-256 suites */
190 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
191 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
192 MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
193 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
194 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
195 MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
196
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]197 /* All AES-128 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]198 MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
199 MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
200 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
201 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
202 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
203 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
204 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
205 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
206 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
207 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
208 MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]209
210 /* All CAMELLIA-128 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]211 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
212 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
213 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
214 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
215 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
216 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
217 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]218
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]219 /* All ARIA-128 suites */
220 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
221 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
222 MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
223 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
224 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
225 MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
226
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]227 /* The RSA PSK suites */
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]228 MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]229 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
230 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
231 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
232 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
233 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]234 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
235 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]236
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]237 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
238 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
239 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
240 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
241 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]242 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
243 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]244
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]245 /* The PSK suites */
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]246 MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]247 MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
248 MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
249 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
250 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
251 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
252 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
253 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]254 MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
255 MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]256
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]257 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
258 MBEDTLS_TLS_PSK_WITH_AES_128_CCM,
259 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
260 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
261 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
262 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
263 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]264 MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
265 MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]266
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]267 /* NULL suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]268 MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
269 MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
270 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
271 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
272 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
273 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
274 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
275 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]276
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]277 MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
278 MBEDTLS_TLS_RSA_WITH_NULL_SHA,
279 MBEDTLS_TLS_RSA_WITH_NULL_MD5,
280 MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
281 MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
282 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
283 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
284 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
285 MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
286 MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
287 MBEDTLS_TLS_PSK_WITH_NULL_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]288
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]289#endif /* MBEDTLS_SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]290 0
291};
292
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]293static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]294{
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame^]295#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
296#if defined(MBEDTLS_AES_C)
297#if defined(MBEDTLS_GCM_C)
298#if defined(MBEDTLS_SHA512_C)
299 { MBEDTLS_TLS1_3_AES_256_GCM_SHA384, "TLS1-3-AES-256-GCM-SHA384",
300 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384,
301 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
302 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
303 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
304 0 },
305#endif /* MBEDTLS_SHA512_C */
306#if defined(MBEDTLS_SHA256_C)
307 { MBEDTLS_TLS1_3_AES_128_GCM_SHA256, "TLS1-3-AES-128-GCM-SHA256",
308 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256,
309 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
310 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
311 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
312 0 },
313#endif /* MBEDTLS_SHA256_C */
314#endif /* MBEDTLS_GCM_C */
315#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_SHA256_C)
316 { MBEDTLS_TLS1_3_AES_128_CCM_SHA256, "TLS1-3-AES-128-CCM-SHA256",
317 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256,
318 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
319 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
320 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
321 0 },
322 { MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256, "TLS1-3-AES-128-CCM-8-SHA256",
323 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256,
324 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
325 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
326 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
327 MBEDTLS_CIPHERSUITE_SHORT_TAG },
328#endif /* MBEDTLS_SHA256_C && MBEDTLS_CCM_C */
329#endif /* MBEDTLS_AES_C */
330#if defined(MBEDTLS_CHACHAPOLY_C) && defined(MBEDTLS_SHA256_C)
331 { MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256,
332 "TLS1-3-CHACHA20-POLY1305-SHA256",
333 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
334 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
335 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
336 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4,
337 0 // field not used in TLS 1.3 implementation
338 },
339#endif /* MBEDTLS_CHACHAPOLY_C && MBEDTLS_SHA256_C */
340#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
341
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]342#if defined(MBEDTLS_CHACHAPOLY_C) && \
343 defined(MBEDTLS_SHA256_C) && \
344 defined(MBEDTLS_SSL_PROTO_TLS1_2)
345#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
346 { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
347 "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
348 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
349 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
350 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
351 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
352 0 },
353#endif
354#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
355 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
356 "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256",
357 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
358 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
359 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
360 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
361 0 },
362#endif
363#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
364 { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
365 "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
366 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
367 MBEDTLS_KEY_EXCHANGE_DHE_RSA,
368 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
369 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
370 0 },
371#endif
372#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
373 { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
374 "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256",
375 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
376 MBEDTLS_KEY_EXCHANGE_PSK,
377 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
378 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
379 0 },
380#endif
381#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
382 { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
383 "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
384 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
385 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
386 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
387 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
388 0 },
389#endif
390#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
391 { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
392 "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
393 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
394 MBEDTLS_KEY_EXCHANGE_DHE_PSK,
395 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
396 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
397 0 },
398#endif
399#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
400 { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
401 "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256",
402 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
403 MBEDTLS_KEY_EXCHANGE_RSA_PSK,
404 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
405 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
406 0 },
407#endif
408#endif /* MBEDTLS_CHACHAPOLY_C &&
409 MBEDTLS_SHA256_C &&
410 MBEDTLS_SSL_PROTO_TLS1_2 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]411#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
412#if defined(MBEDTLS_AES_C)
413#if defined(MBEDTLS_SHA1_C)
414#if defined(MBEDTLS_CIPHER_MODE_CBC)
415 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
416 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]417 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]418 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]419 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]420 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
421 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]422 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]423 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]424 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]425#endif /* MBEDTLS_CIPHER_MODE_CBC */
426#endif /* MBEDTLS_SHA1_C */
427#if defined(MBEDTLS_SHA256_C)
428#if defined(MBEDTLS_CIPHER_MODE_CBC)
429 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
430 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
431 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
432 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]433 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]434#endif /* MBEDTLS_CIPHER_MODE_CBC */
435#if defined(MBEDTLS_GCM_C)
436 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
437 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
438 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
439 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]440 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]441#endif /* MBEDTLS_GCM_C */
442#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]443#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]444#if defined(MBEDTLS_CIPHER_MODE_CBC)
445 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
446 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
447 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
448 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]449 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]450#endif /* MBEDTLS_CIPHER_MODE_CBC */
451#if defined(MBEDTLS_GCM_C)
452 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
453 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
454 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
455 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]456 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]457#endif /* MBEDTLS_GCM_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]458#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]459#if defined(MBEDTLS_CCM_C)
460 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
461 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
462 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
463 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]464 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]465 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
466 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
467 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
468 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
469 MBEDTLS_CIPHERSUITE_SHORT_TAG },
470 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
471 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
472 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
473 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]474 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]475 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
476 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
477 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
478 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
479 MBEDTLS_CIPHERSUITE_SHORT_TAG },
480#endif /* MBEDTLS_CCM_C */
481#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]482
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]483#if defined(MBEDTLS_CAMELLIA_C)
484#if defined(MBEDTLS_CIPHER_MODE_CBC)
485#if defined(MBEDTLS_SHA256_C)
486 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
487 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]488 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]489 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]490 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]491#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]492#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]493 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
494 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]495 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]496 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]497 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]498#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]499#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]500
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]501#if defined(MBEDTLS_GCM_C)
502#if defined(MBEDTLS_SHA256_C)
503 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
504 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
505 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
506 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]507 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]508#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]509#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]510 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
511 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
512 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
513 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]514 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]515#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]516#endif /* MBEDTLS_GCM_C */
517#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]518
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]519#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
520#if defined(MBEDTLS_SHA1_C)
521 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
522 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]523 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]524 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
525 MBEDTLS_CIPHERSUITE_WEAK },
526#endif /* MBEDTLS_SHA1_C */
527#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
528#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]529
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]530#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
531#if defined(MBEDTLS_AES_C)
532#if defined(MBEDTLS_SHA1_C)
533#if defined(MBEDTLS_CIPHER_MODE_CBC)
534 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
535 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]536 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]537 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]538 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]539 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
540 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]541 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]542 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]543 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]544#endif /* MBEDTLS_CIPHER_MODE_CBC */
545#endif /* MBEDTLS_SHA1_C */
546#if defined(MBEDTLS_SHA256_C)
547#if defined(MBEDTLS_CIPHER_MODE_CBC)
548 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
549 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
550 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
551 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]552 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]553#endif /* MBEDTLS_CIPHER_MODE_CBC */
554#if defined(MBEDTLS_GCM_C)
555 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
556 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
557 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
558 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]559 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]560#endif /* MBEDTLS_GCM_C */
561#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]562#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]563#if defined(MBEDTLS_CIPHER_MODE_CBC)
564 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
565 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
566 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
567 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]568 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]569#endif /* MBEDTLS_CIPHER_MODE_CBC */
570#if defined(MBEDTLS_GCM_C)
571 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
572 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
573 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
574 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]575 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]576#endif /* MBEDTLS_GCM_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]577#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]578#endif /* MBEDTLS_AES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]579
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]580#if defined(MBEDTLS_CAMELLIA_C)
581#if defined(MBEDTLS_CIPHER_MODE_CBC)
582#if defined(MBEDTLS_SHA256_C)
583 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
584 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]585 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]586 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]587 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]588#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]589#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]590 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
591 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]592 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]593 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard51451f82013-09-17 12:06:25 +0200[diff] [blame]594 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]595#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]596#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]597
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]598#if defined(MBEDTLS_GCM_C)
599#if defined(MBEDTLS_SHA256_C)
600 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
601 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
602 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
603 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]604 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]605#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]606#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]607 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
608 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
609 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
610 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]611 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]612#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]613#endif /* MBEDTLS_GCM_C */
614#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]615
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]616#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
617#if defined(MBEDTLS_SHA1_C)
618 { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
619 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]620 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]621 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
622 MBEDTLS_CIPHERSUITE_WEAK },
623#endif /* MBEDTLS_SHA1_C */
624#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
625#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]626
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]627#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
628#if defined(MBEDTLS_AES_C)
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]629#if defined(MBEDTLS_SHA384_C) && \
630 defined(MBEDTLS_GCM_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]631 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
632 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
633 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
634 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]635 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]636#endif /* MBEDTLS_SHA384_C && MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]637
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]638#if defined(MBEDTLS_SHA256_C)
639#if defined(MBEDTLS_GCM_C)
640 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
641 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
642 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
643 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]644 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]645#endif /* MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]646
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]647#if defined(MBEDTLS_CIPHER_MODE_CBC)
648 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
649 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
650 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
651 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]652 0 },
653
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]654 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
655 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
656 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
657 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]658 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]659#endif /* MBEDTLS_CIPHER_MODE_CBC */
660#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]661
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]662#if defined(MBEDTLS_CIPHER_MODE_CBC)
663#if defined(MBEDTLS_SHA1_C)
664 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
665 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]666 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]667 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]668 0 },
669
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]670 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
671 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]672 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]673 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]674 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]675#endif /* MBEDTLS_SHA1_C */
676#endif /* MBEDTLS_CIPHER_MODE_CBC */
677#if defined(MBEDTLS_CCM_C)
678 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
679 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
680 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
681 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]682 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]683 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
684 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
685 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
686 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
687 MBEDTLS_CIPHERSUITE_SHORT_TAG },
688 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
689 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
690 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
691 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]692 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]693 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
694 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
695 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
696 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
697 MBEDTLS_CIPHERSUITE_SHORT_TAG },
698#endif /* MBEDTLS_CCM_C */
699#endif /* MBEDTLS_AES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]700
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]701#if defined(MBEDTLS_CAMELLIA_C)
702#if defined(MBEDTLS_CIPHER_MODE_CBC)
703#if defined(MBEDTLS_SHA256_C)
704 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
705 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
706 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
707 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]708 0 },
709
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]710 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
711 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
712 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
713 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]714 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]715#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]716
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]717#if defined(MBEDTLS_SHA1_C)
718 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
719 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]720 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]721 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]722 0 },
723
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]724 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
725 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]726 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]727 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]728 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]729#endif /* MBEDTLS_SHA1_C */
730#endif /* MBEDTLS_CIPHER_MODE_CBC */
731#if defined(MBEDTLS_GCM_C)
732#if defined(MBEDTLS_SHA256_C)
733 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
734 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
735 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
736 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]737 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]738#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]739
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]740#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]741 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
742 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
743 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
744 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]745 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]746#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]747#endif /* MBEDTLS_GCM_C */
748#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]749
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]750#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]751
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]752#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
753#if defined(MBEDTLS_AES_C)
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]754#if defined(MBEDTLS_SHA384_C) && \
755 defined(MBEDTLS_GCM_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]756 { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
757 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
758 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
759 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]760 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]761#endif /* MBEDTLS_SHA384_C && MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]762
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]763#if defined(MBEDTLS_SHA256_C)
764#if defined(MBEDTLS_GCM_C)
765 { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
766 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
767 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
768 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]769 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]770#endif /* MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]771
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]772#if defined(MBEDTLS_CIPHER_MODE_CBC)
773 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
774 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
775 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
776 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]777 0 },
778
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]779 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
780 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
781 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
782 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]783 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]784#endif /* MBEDTLS_CIPHER_MODE_CBC */
785#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]786
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]787#if defined(MBEDTLS_SHA1_C)
788#if defined(MBEDTLS_CIPHER_MODE_CBC)
789 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
790 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]791 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]792 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]793 0 },
794
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]795 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
796 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]797 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]798 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]799 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]800#endif /* MBEDTLS_CIPHER_MODE_CBC */
801#endif /* MBEDTLS_SHA1_C */
802#if defined(MBEDTLS_CCM_C)
803 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
804 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
805 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
806 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]807 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]808 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
809 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
810 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
811 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
812 MBEDTLS_CIPHERSUITE_SHORT_TAG },
813 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
814 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
815 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
816 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]817 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]818 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
819 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
820 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
821 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
822 MBEDTLS_CIPHERSUITE_SHORT_TAG },
823#endif /* MBEDTLS_CCM_C */
824#endif /* MBEDTLS_AES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]825
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]826#if defined(MBEDTLS_CAMELLIA_C)
827#if defined(MBEDTLS_CIPHER_MODE_CBC)
828#if defined(MBEDTLS_SHA256_C)
829 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
830 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
831 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
832 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]833 0 },
834
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]835 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
836 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
837 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
838 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]839 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]840#endif /* MBEDTLS_SHA256_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]841
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]842#if defined(MBEDTLS_SHA1_C)
843 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
844 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]845 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]846 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]847 0 },
848
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]849 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
850 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]851 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]852 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]853 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]854#endif /* MBEDTLS_SHA1_C */
855#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]856
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]857#if defined(MBEDTLS_GCM_C)
858#if defined(MBEDTLS_SHA256_C)
859 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
860 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
861 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
862 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]863 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]864#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]865
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]866#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]867 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
868 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
869 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
870 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]871 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]872#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]873#endif /* MBEDTLS_GCM_C */
874#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]875
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]876#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]877
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]878#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
879#if defined(MBEDTLS_AES_C)
880#if defined(MBEDTLS_SHA1_C)
881#if defined(MBEDTLS_CIPHER_MODE_CBC)
882 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
883 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]884 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]885 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]886 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]887 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
888 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]889 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]890 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]891 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]892#endif /* MBEDTLS_CIPHER_MODE_CBC */
893#endif /* MBEDTLS_SHA1_C */
894#if defined(MBEDTLS_SHA256_C)
895#if defined(MBEDTLS_CIPHER_MODE_CBC)
896 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
897 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
898 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
899 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]900 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]901#endif /* MBEDTLS_CIPHER_MODE_CBC */
902#if defined(MBEDTLS_GCM_C)
903 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
904 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
905 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
906 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]907 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]908#endif /* MBEDTLS_GCM_C */
909#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]910#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]911#if defined(MBEDTLS_CIPHER_MODE_CBC)
912 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
913 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
914 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
915 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]916 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]917#endif /* MBEDTLS_CIPHER_MODE_CBC */
918#if defined(MBEDTLS_GCM_C)
919 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
920 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
921 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
922 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]923 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]924#endif /* MBEDTLS_GCM_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]925#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]926#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]927
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]928#if defined(MBEDTLS_CAMELLIA_C)
929#if defined(MBEDTLS_CIPHER_MODE_CBC)
930#if defined(MBEDTLS_SHA256_C)
931 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
932 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]933 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]934 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]935 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]936#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]937#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]938 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
939 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]940 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]941 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]942 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]943#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]944#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]945
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]946#if defined(MBEDTLS_GCM_C)
947#if defined(MBEDTLS_SHA256_C)
948 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
949 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
950 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
951 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]952 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]953#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]954#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]955 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
956 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
957 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
958 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]959 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]960#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]961#endif /* MBEDTLS_GCM_C */
962#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]963
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]964#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
965#if defined(MBEDTLS_SHA1_C)
966 { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
967 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]968 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]969 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
970 MBEDTLS_CIPHERSUITE_WEAK },
971#endif /* MBEDTLS_SHA1_C */
972#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
973#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]974
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]975#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
976#if defined(MBEDTLS_AES_C)
977#if defined(MBEDTLS_SHA1_C)
978#if defined(MBEDTLS_CIPHER_MODE_CBC)
979 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
980 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]981 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]982 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]983 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]984 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
985 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]986 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]987 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]988 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]989#endif /* MBEDTLS_CIPHER_MODE_CBC */
990#endif /* MBEDTLS_SHA1_C */
991#if defined(MBEDTLS_SHA256_C)
992#if defined(MBEDTLS_CIPHER_MODE_CBC)
993 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
994 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
995 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
996 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]997 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]998#endif /* MBEDTLS_CIPHER_MODE_CBC */
999#if defined(MBEDTLS_GCM_C)
1000 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
1001 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1002 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1003 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1004 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1005#endif /* MBEDTLS_GCM_C */
1006#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1007#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1008#if defined(MBEDTLS_CIPHER_MODE_CBC)
1009 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
1010 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1011 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1012 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1013 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1014#endif /* MBEDTLS_CIPHER_MODE_CBC */
1015#if defined(MBEDTLS_GCM_C)
1016 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
1017 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1018 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1019 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1020 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1021#endif /* MBEDTLS_GCM_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1022#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1023#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1024
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1025#if defined(MBEDTLS_CAMELLIA_C)
1026#if defined(MBEDTLS_CIPHER_MODE_CBC)
1027#if defined(MBEDTLS_SHA256_C)
1028 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
1029 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1030 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1031 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1032 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1033#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1034#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1035 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
1036 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1037 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1038 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1039 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1040#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1041#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1042
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1043#if defined(MBEDTLS_GCM_C)
1044#if defined(MBEDTLS_SHA256_C)
1045 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
1046 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1047 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1048 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1049 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1050#endif /* MBEDTLS_SHA256_C */
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1051#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1052 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
1053 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1054 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1055 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1056 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1057#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1058#endif /* MBEDTLS_GCM_C */
1059#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1060
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1061#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1062#if defined(MBEDTLS_SHA1_C)
1063 { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
1064 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1065 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1066 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1067 MBEDTLS_CIPHERSUITE_WEAK },
1068#endif /* MBEDTLS_SHA1_C */
1069#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1070#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1071
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1072#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1073#if defined(MBEDTLS_AES_C)
1074#if defined(MBEDTLS_GCM_C)
1075#if defined(MBEDTLS_SHA256_C)
1076 { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
1077 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1078 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1079 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1080 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1081#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1082
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1083#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1084 { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
1085 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1086 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1087 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1088 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1089#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1090#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1091
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1092#if defined(MBEDTLS_CIPHER_MODE_CBC)
1093#if defined(MBEDTLS_SHA256_C)
1094 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1095 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1096 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1097 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1098 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1099#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1100
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1101#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1102 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1103 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1104 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1105 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1106 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1107#endif /* MBEDTLS_SHA384_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1108
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1109#if defined(MBEDTLS_SHA1_C)
1110 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1111 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1112 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1113 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1114 0 },
1115
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1116 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1117 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1118 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1119 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1120 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1121#endif /* MBEDTLS_SHA1_C */
1122#endif /* MBEDTLS_CIPHER_MODE_CBC */
1123#if defined(MBEDTLS_CCM_C)
1124 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
1125 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1126 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1127 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1128 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1129 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
1130 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1131 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1132 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1133 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1134 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
1135 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1136 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1137 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1138 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1139 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
1140 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1141 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1142 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1143 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1144#endif /* MBEDTLS_CCM_C */
1145#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1146
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1147#if defined(MBEDTLS_CAMELLIA_C)
1148#if defined(MBEDTLS_CIPHER_MODE_CBC)
1149#if defined(MBEDTLS_SHA256_C)
1150 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1151 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1152 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1153 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1154 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1155#endif /* MBEDTLS_SHA256_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1156
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1157#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1158 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1159 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1160 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1161 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1162 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1163#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1164#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1165
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1166#if defined(MBEDTLS_GCM_C)
1167#if defined(MBEDTLS_SHA256_C)
1168 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1169 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1170 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1171 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1172 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1173#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1174
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1175#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1176 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1177 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1178 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1179 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1180 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1181#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1182#endif /* MBEDTLS_GCM_C */
1183#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1184
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1185#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1186
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1187#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1188#if defined(MBEDTLS_AES_C)
1189#if defined(MBEDTLS_GCM_C)
1190#if defined(MBEDTLS_SHA256_C)
1191 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1192 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1193 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1194 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1195 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1196#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1197
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1198#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1199 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1200 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1201 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1202 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1203 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1204#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1205#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1206
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1207#if defined(MBEDTLS_CIPHER_MODE_CBC)
1208#if defined(MBEDTLS_SHA256_C)
1209 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1210 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1211 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1212 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1213 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1214#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1215
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1216#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1217 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1218 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1219 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1220 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1221 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1222#endif /* MBEDTLS_SHA384_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1223
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1224#if defined(MBEDTLS_SHA1_C)
1225 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1226 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1227 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1228 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1229 0 },
1230
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1231 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1232 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1233 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1234 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1235 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1236#endif /* MBEDTLS_SHA1_C */
1237#endif /* MBEDTLS_CIPHER_MODE_CBC */
1238#if defined(MBEDTLS_CCM_C)
1239 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
1240 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1241 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1242 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1243 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1244 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1245 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1246 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1247 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1248 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1249 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
1250 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1251 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1252 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]1253 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1254 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1255 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1256 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1257 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1258 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1259#endif /* MBEDTLS_CCM_C */
1260#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1261
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1262#if defined(MBEDTLS_CAMELLIA_C)
1263#if defined(MBEDTLS_CIPHER_MODE_CBC)
1264#if defined(MBEDTLS_SHA256_C)
1265 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1266 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1267 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1268 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1269 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1270#endif /* MBEDTLS_SHA256_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1271
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1272#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1273 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1274 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1275 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1276 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1277 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1278#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1279#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1280
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1281#if defined(MBEDTLS_GCM_C)
1282#if defined(MBEDTLS_SHA256_C)
1283 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1284 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1285 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1286 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1287 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1288#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1289
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1290#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1291 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1292 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1293 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1294 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1295 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1296#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1297#endif /* MBEDTLS_GCM_C */
1298#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1299
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1300#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1301
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1302#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1303#if defined(MBEDTLS_AES_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1304
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1305#if defined(MBEDTLS_CIPHER_MODE_CBC)
1306#if defined(MBEDTLS_SHA256_C)
1307 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1308 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1309 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1310 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1311 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1312#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1313
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1314#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1315 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1316 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1317 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1318 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1319 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1320#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1321
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1322#if defined(MBEDTLS_SHA1_C)
1323 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1324 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1325 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1326 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1327 0 },
1328
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1329 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1330 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1331 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1332 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1333 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1334#endif /* MBEDTLS_SHA1_C */
1335#endif /* MBEDTLS_CIPHER_MODE_CBC */
1336#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1337
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1338#if defined(MBEDTLS_CAMELLIA_C)
1339#if defined(MBEDTLS_CIPHER_MODE_CBC)
1340#if defined(MBEDTLS_SHA256_C)
1341 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1342 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1343 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1344 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1345 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1346#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1347
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1348#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1349 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1350 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1351 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1352 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1353 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1354#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1355#endif /* MBEDTLS_CIPHER_MODE_CBC */
1356#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1357
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1358#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1359
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1360#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1361#if defined(MBEDTLS_AES_C)
1362#if defined(MBEDTLS_GCM_C)
1363#if defined(MBEDTLS_SHA256_C)
1364 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1365 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1366 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1367 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1368 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1369#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1370
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1371#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1372 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1373 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1374 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1375 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1376 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1377#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1378#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1379
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1380#if defined(MBEDTLS_CIPHER_MODE_CBC)
1381#if defined(MBEDTLS_SHA256_C)
1382 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1383 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1384 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1385 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1386 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1387#endif /* MBEDTLS_SHA256_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1388
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1389#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1390 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1391 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1392 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1393 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1394 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1395#endif /* MBEDTLS_SHA384_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1396
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1397#if defined(MBEDTLS_SHA1_C)
1398 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1399 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1400 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1401 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1402 0 },
1403
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1404 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1405 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1406 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1407 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1408 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1409#endif /* MBEDTLS_SHA1_C */
1410#endif /* MBEDTLS_CIPHER_MODE_CBC */
1411#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1412
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1413#if defined(MBEDTLS_CAMELLIA_C)
1414#if defined(MBEDTLS_CIPHER_MODE_CBC)
1415#if defined(MBEDTLS_SHA256_C)
1416 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1417 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1418 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1419 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1420 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1421#endif /* MBEDTLS_SHA256_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1422
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1423#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1424 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1425 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1426 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1427 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1428 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1429#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1430#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1431
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1432#if defined(MBEDTLS_GCM_C)
1433#if defined(MBEDTLS_SHA256_C)
1434 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1435 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1436 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1437 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1438 0 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1439#endif /* MBEDTLS_SHA256_C */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1440
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1441#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1442 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1443 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1444 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1445 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1446 0 },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1447#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1448#endif /* MBEDTLS_GCM_C */
1449#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1450
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1451#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1452
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]1453#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1454#if defined(MBEDTLS_AES_C)
1455#if defined(MBEDTLS_CCM_C)
1456 { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8",
1457 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE,
1458 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1459 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1460 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1461#endif /* MBEDTLS_CCM_C */
1462#endif /* MBEDTLS_AES_C */
1463#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1464
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1465#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1466#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1467#if defined(MBEDTLS_MD5_C)
1468 { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1469 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1470 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1471 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1472 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1473#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1474
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1475#if defined(MBEDTLS_SHA1_C)
1476 { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1477 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1478 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1479 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1480 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1481#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1482
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1483#if defined(MBEDTLS_SHA256_C)
1484 { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1485 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1486 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1487 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1488 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1489#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1490#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1491
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1492#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1493#if defined(MBEDTLS_SHA1_C)
1494 { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1495 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1496 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1497 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1498 MBEDTLS_CIPHERSUITE_WEAK },
1499#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1500
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1501#if defined(MBEDTLS_SHA256_C)
1502 { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1503 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1504 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1505 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1506 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1507#endif
1508
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1509#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1510 { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1511 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1512 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1513 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1514 MBEDTLS_CIPHERSUITE_WEAK },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1515#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1516#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1517
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1518#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1519#if defined(MBEDTLS_SHA1_C)
1520 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1521 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1522 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1523 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1524 MBEDTLS_CIPHERSUITE_WEAK },
1525#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1526
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1527#if defined(MBEDTLS_SHA256_C)
1528 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1529 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1530 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1531 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1532 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1533#endif
1534
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1535#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1536 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1537 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1538 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1539 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1540 MBEDTLS_CIPHERSUITE_WEAK },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1541#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1542#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1543
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1544#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1545#if defined(MBEDTLS_SHA1_C)
1546 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1547 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1548 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1549 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1550 MBEDTLS_CIPHERSUITE_WEAK },
1551#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1552
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1553#if defined(MBEDTLS_SHA256_C)
1554 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1555 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1556 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1557 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1558 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1559#endif
1560
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1561#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1562 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1563 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1564 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1565 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1566 MBEDTLS_CIPHERSUITE_WEAK },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1567#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1568#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1569
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1570#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1571#if defined(MBEDTLS_SHA1_C)
1572 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1573 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1574 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1575 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1576 MBEDTLS_CIPHERSUITE_WEAK },
1577#endif /* MBEDTLS_SHA1_C */
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1578
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1579#if defined(MBEDTLS_SHA256_C)
1580 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
1581 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1582 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1583 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1584 MBEDTLS_CIPHERSUITE_WEAK },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1585#endif
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1586
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1587#if defined(MBEDTLS_SHA384_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1588 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
1589 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
TRodziewicz2abf03c2021-06-25 14:40:09 +0200[diff] [blame]1590 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1591 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1592 MBEDTLS_CIPHERSUITE_WEAK },
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]1593#endif /* MBEDTLS_SHA384_C */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1594#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1595#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1596
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1597#if defined(MBEDTLS_ARIA_C)
1598
1599#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1600
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1601#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1602 { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
1603 "TLS-RSA-WITH-ARIA-256-GCM-SHA384",
1604 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1605 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1606 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1607 0 },
1608#endif
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1609#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1610 { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
1611 "TLS-RSA-WITH-ARIA-256-CBC-SHA384",
1612 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1613 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1614 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1615 0 },
1616#endif
1617#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1618 { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
1619 "TLS-RSA-WITH-ARIA-128-GCM-SHA256",
1620 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1621 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1622 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1623 0 },
1624#endif
1625#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1626 { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
1627 "TLS-RSA-WITH-ARIA-128-CBC-SHA256",
1628 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1629 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1630 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1631 0 },
1632#endif
1633
1634#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1635
1636#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1637
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1638#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1639 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
1640 "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
1641 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1642 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1643 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1644 0 },
1645#endif
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1646#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1647 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
1648 "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
1649 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1650 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1651 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1652 0 },
1653#endif
1654#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1655 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
1656 "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256",
1657 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1658 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1659 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1660 0 },
1661#endif
1662#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1663 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
1664 "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
1665 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1666 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1667 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1668 0 },
1669#endif
1670
1671#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1672
1673#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1674
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1675#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1676 { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
1677 "TLS-PSK-WITH-ARIA-256-GCM-SHA384",
1678 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK,
1679 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1680 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1681 0 },
1682#endif
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1683#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1684 { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
1685 "TLS-PSK-WITH-ARIA-256-CBC-SHA384",
1686 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1687 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1688 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1689 0 },
1690#endif
1691#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1692 { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
1693 "TLS-PSK-WITH-ARIA-128-GCM-SHA256",
1694 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1695 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1696 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1697 0 },
1698#endif
1699#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1700 { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
1701 "TLS-PSK-WITH-ARIA-128-CBC-SHA256",
1702 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1703 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1704 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1705 0 },
1706#endif
1707
1708#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1709
1710#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
1711
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1712#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1713 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
1714 "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384",
1715 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1716 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1717 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1718 0 },
1719#endif
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1720#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1721 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
1722 "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
1723 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1724 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1725 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1726 0 },
1727#endif
1728#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1729 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
1730 "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256",
1731 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1732 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1733 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1734 0 },
1735#endif
1736#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1737 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
1738 "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256",
1739 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1740 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1741 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1742 0 },
1743#endif
1744
1745#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
1746
1747#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
1748
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1749#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1750 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
1751 "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
1752 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1753 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1754 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1755 0 },
1756#endif
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1757#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1758 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
1759 "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
1760 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1761 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1762 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1763 0 },
1764#endif
1765#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1766 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
1767 "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
1768 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1769 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1770 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1771 0 },
1772#endif
1773#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1774 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
1775 "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256",
1776 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1777 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1778 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1779 0 },
1780#endif
1781
1782#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
1783
1784#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1785
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1786#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1787 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
1788 "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
1789 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1790 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1791 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1792 0 },
1793#endif
1794#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1795 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
1796 "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256",
1797 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1798 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1799 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1800 0 },
1801#endif
1802
1803#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1804
1805#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
1806
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1807#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1808 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
1809 "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
1810 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1811 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1812 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1813 0 },
1814#endif
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1815#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1816 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
1817 "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
1818 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1819 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1820 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1821 0 },
1822#endif
1823#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1824 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
1825 "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
1826 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1827 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1828 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1829 0 },
1830#endif
1831#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1832 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
1833 "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256",
1834 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
1835 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1836 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1837 0 },
1838#endif
1839
1840#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
1841
1842#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
1843
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1844#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1845 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
1846 "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384",
1847 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1848 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1849 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1850 0 },
1851#endif
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1852#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1853 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
1854 "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
1855 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1856 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1857 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1858 0 },
1859#endif
1860#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1861 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
1862 "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256",
1863 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1864 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1865 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1866 0 },
1867#endif
1868#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1869 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
1870 "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256",
1871 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1872 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1873 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1874 0 },
1875#endif
1876
1877#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
1878
1879#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
1880
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1881#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1882 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
1883 "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
1884 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1885 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1886 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1887 0 },
1888#endif
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1889#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1890 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
1891 "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
1892 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1893 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1894 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1895 0 },
1896#endif
1897#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1898 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
1899 "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
1900 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1901 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1902 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1903 0 },
1904#endif
1905#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1906 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
1907 "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256",
1908 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1909 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1910 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1911 0 },
1912#endif
1913
1914#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
1915
1916#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1917
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1918#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1919 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
1920 "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
1921 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1922 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1923 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1924 0 },
1925#endif
Mateusz Starzyk6326a8d2021-05-10 13:51:53 +0200[diff] [blame]1926#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1927 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
1928 "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
1929 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1930 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1931 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1932 0 },
1933#endif
1934#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1935 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
1936 "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
1937 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1938 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1939 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1940 0 },
1941#endif
1942#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1943 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
1944 "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256",
1945 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1946 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1947 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1948 0 },
1949#endif
1950
1951#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1952
1953#endif /* MBEDTLS_ARIA_C */
1954
1955
Manuel Pégourié-Gonnarda2733712015-02-10 17:32:14 +0100[diff] [blame]1956 { 0, "",
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1957 MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
Manuel Pégourié-Gonnarda2733712015-02-10 17:32:14 +0100[diff] [blame]1958 0, 0, 0, 0, 0 }
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1959};
1960
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1961#if defined(MBEDTLS_SSL_CIPHERSUITES)
1962const int *mbedtls_ssl_list_ciphersuites( void )
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]1963{
1964 return( ciphersuite_preference );
1965}
1966#else
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1967#define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
1968 sizeof( ciphersuite_definitions[0] )
1969static int supported_ciphersuites[MAX_CIPHERSUITES];
1970static int supported_init = 0;
1971
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]1972static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info )
1973{
1974 (void)cs_info;
1975
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]1976 return( 0 );
1977}
1978
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1979const int *mbedtls_ssl_list_ciphersuites( void )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1980{
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1981 /*
1982 * On initial call filter out all ciphersuites not supported by current
1983 * build based on presence in the ciphersuite_definitions.
1984 */
1985 if( supported_init == 0 )
1986 {
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1987 const int *p;
1988 int *q;
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1989
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1990 for( p = ciphersuite_preference, q = supported_ciphersuites;
1991 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
1992 p++ )
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1993 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1994 const mbedtls_ssl_ciphersuite_t *cs_info;
1995 if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]1996 !ciphersuite_is_removed( cs_info ) )
1997 {
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1998 *(q++) = *p;
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]1999 }
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]2000 }
Manuel Pégourié-Gonnardbc4b7f02013-09-07 15:04:26 +0200[diff] [blame]2001 *q = 0;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]2002
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]2003 supported_init = 1;
2004 }
2005
Paul Bakkerd8bb8262014-06-17 14:06:49 +0200[diff] [blame]2006 return( supported_ciphersuites );
Manuel Pégourié-Gonnardf78e4de2015-05-29 10:52:14 +0200[diff] [blame]2007}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2008#endif /* MBEDTLS_SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2009
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2010const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +0200[diff] [blame]2011 const char *ciphersuite_name )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2012{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2013 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2014
2015 if( NULL == ciphersuite_name )
2016 return( NULL );
2017
2018 while( cur->id != 0 )
2019 {
Manuel Pégourié-Gonnardcb46fd82015-05-28 17:06:07 +0200[diff] [blame]2020 if( 0 == strcmp( cur->name, ciphersuite_name ) )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2021 return( cur );
2022
2023 cur++;
2024 }
2025
2026 return( NULL );
2027}
2028
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2029const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2030{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2031 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2032
2033 while( cur->id != 0 )
2034 {
2035 if( cur->id == ciphersuite )
2036 return( cur );
2037
2038 cur++;
2039 }
2040
2041 return( NULL );
2042}
2043
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2044const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2045{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2046 const mbedtls_ssl_ciphersuite_t *cur;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2047
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2048 cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2049
2050 if( cur == NULL )
2051 return( "unknown" );
2052
2053 return( cur->name );
2054}
2055
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2056int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2057{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2058 const mbedtls_ssl_ciphersuite_t *cur;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2059
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2060 cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name );
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]2061
2062 if( cur == NULL )
2063 return( 0 );
2064
2065 return( cur->id );
2066}
2067
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2068#if defined(MBEDTLS_PK_C)
2069mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info )
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]2070{
2071 switch( info->key_exchange )
2072 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2073 case MBEDTLS_KEY_EXCHANGE_RSA:
2074 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
2075 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2076 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2077 return( MBEDTLS_PK_RSA );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]2078
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2079 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2080 return( MBEDTLS_PK_ECDSA );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]2081
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2082 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2083 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
2084 return( MBEDTLS_PK_ECKEY );
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]2085
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]2086 default:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2087 return( MBEDTLS_PK_NONE );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]2088 }
2089}
Hanno Becker7e5437a2017-04-28 17:15:26 +0100[diff] [blame]2090
2091mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info )
2092{
2093 switch( info->key_exchange )
2094 {
2095 case MBEDTLS_KEY_EXCHANGE_RSA:
2096 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
2097 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2098 return( MBEDTLS_PK_RSA );
2099
2100 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2101 return( MBEDTLS_PK_ECDSA );
2102
2103 default:
2104 return( MBEDTLS_PK_NONE );
2105 }
2106}
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2107
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2108#endif /* MBEDTLS_PK_C */
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]2109
Ron Eldor755bb6a2018-02-14 19:30:48 +0200[diff] [blame]2110#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
2111 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2112int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
2113{
2114 switch( info->key_exchange )
2115 {
2116 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2117 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2118 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2119 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2120 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
Ron Eldor755bb6a2018-02-14 19:30:48 +0200[diff] [blame]2121 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2122 return( 1 );
2123
2124 default:
2125 return( 0 );
2126 }
2127}
Ron Eldor755bb6a2018-02-14 19:30:48 +0200[diff] [blame]2128#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2129
Gilles Peskineeccd8882020-03-10 12:19:08 +0100[diff] [blame]2130#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2131int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info )
2132{
2133 switch( info->key_exchange )
2134 {
2135 case MBEDTLS_KEY_EXCHANGE_PSK:
2136 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2137 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
2138 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2139 return( 1 );
2140
2141 default:
2142 return( 0 );
2143 }
2144}
Gilles Peskineeccd8882020-03-10 12:19:08 +0100[diff] [blame]2145#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2146
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2147#endif /* MBEDTLS_SSL_TLS_C */