Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1 | /** |
| 2 | * \file ssl_ciphersuites.c |
| 3 | * |
Gilles Peskine | e820c0a | 2023-08-03 17:45:20 +0200 | [diff] [blame] | 4 | * \brief SSL ciphersuites for Mbed TLS |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 5 | * |
Bence Szépkúti | 1e14827 | 2020-08-07 13:07:28 +0200 | [diff] [blame] | 6 | * Copyright The Mbed TLS Contributors |
Dave Rodgman | 16799db | 2023-11-02 19:47:20 +0000 | [diff] [blame] | 7 | * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 8 | */ |
| 9 | |
Harry Ramsey | 0f6bc41 | 2024-10-04 10:36:54 +0100 | [diff] [blame] | 10 | #include "ssl_misc.h" |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 11 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 12 | #if defined(MBEDTLS_SSL_TLS_C) |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 13 | |
SimonB | d5800b7 | 2016-04-26 07:43:27 +0100 | [diff] [blame] | 14 | #include "mbedtls/platform.h" |
SimonB | d5800b7 | 2016-04-26 07:43:27 +0100 | [diff] [blame] | 15 | |
Manuel Pégourié-Gonnard | 7f80997 | 2015-03-09 17:05:11 +0000 | [diff] [blame] | 16 | #include "mbedtls/ssl_ciphersuites.h" |
| 17 | #include "mbedtls/ssl.h" |
Manuel Pégourié-Gonnard | cac90a1 | 2021-06-04 11:42:30 +0200 | [diff] [blame] | 18 | #include "ssl_misc.h" |
Manuel Pégourié-Gonnard | 02b10d8 | 2023-03-28 12:33:20 +0200 | [diff] [blame] | 19 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
Valerio Setti | 384fbde | 2024-01-02 13:26:40 +0100 | [diff] [blame] | 20 | #include "mbedtls/psa_util.h" |
Manuel Pégourié-Gonnard | 02b10d8 | 2023-03-28 12:33:20 +0200 | [diff] [blame] | 21 | #endif |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 22 | |
Rich Evans | 00ab470 | 2015-02-06 13:43:58 +0000 | [diff] [blame] | 23 | #include <string.h> |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 24 | |
Paul Bakker | 41c83d3 | 2013-03-20 14:39:14 +0100 | [diff] [blame] | 25 | /* |
| 26 | * Ordered from most preferred to least preferred in terms of security. |
Manuel Pégourié-Gonnard | 6fb0f74 | 2013-10-25 17:08:15 +0200 | [diff] [blame] | 27 | * |
TRodziewicz | 75628d5 | 2021-06-18 12:56:27 +0200 | [diff] [blame] | 28 | * Current rule (except weak and null which come last): |
Manuel Pégourié-Gonnard | 6fb0f74 | 2013-10-25 17:08:15 +0200 | [diff] [blame] | 29 | * 1. By key exchange: |
Manuel Pégourié-Gonnard | 538cb7b | 2015-09-15 18:03:28 +0200 | [diff] [blame] | 30 | * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK |
Manuel Pégourié-Gonnard | 6fb0f74 | 2013-10-25 17:08:15 +0200 | [diff] [blame] | 31 | * 2. By key length and cipher: |
Andres Amaya Garcia | 4a51228 | 2018-10-30 18:21:41 +0000 | [diff] [blame] | 32 | * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128 |
Manuel Pégourié-Gonnard | 42b5374 | 2014-06-19 16:18:26 +0200 | [diff] [blame] | 33 | * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8 |
Manuel Pégourié-Gonnard | 6768da9 | 2014-05-14 12:26:51 +0200 | [diff] [blame] | 34 | * 4. By hash function used when relevant |
Manuel Pégourié-Gonnard | 6fb0f74 | 2013-10-25 17:08:15 +0200 | [diff] [blame] | 35 | * 5. By key exchange/auth again: EC > non-EC |
Paul Bakker | 41c83d3 | 2013-03-20 14:39:14 +0100 | [diff] [blame] | 36 | */ |
| 37 | static const int ciphersuite_preference[] = |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 38 | { |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 39 | #if defined(MBEDTLS_SSL_CIPHERSUITES) |
| 40 | MBEDTLS_SSL_CIPHERSUITES, |
Manuel Pégourié-Gonnard | dfc7df0 | 2014-06-30 17:59:55 +0200 | [diff] [blame] | 41 | #else |
Ronald Cron | 6f135e1 | 2021-12-08 16:57:54 +0100 | [diff] [blame] | 42 | #if defined(MBEDTLS_SSL_PROTO_TLS1_3) |
Hanno Becker | 8ca2692 | 2021-07-23 19:24:23 +0100 | [diff] [blame] | 43 | /* TLS 1.3 ciphersuites */ |
Hanno Becker | 8ca2692 | 2021-07-23 19:24:23 +0100 | [diff] [blame] | 44 | MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256, |
Ronald Cron | 4bb6773 | 2023-02-16 15:51:18 +0100 | [diff] [blame] | 45 | MBEDTLS_TLS1_3_AES_256_GCM_SHA384, |
| 46 | MBEDTLS_TLS1_3_AES_128_GCM_SHA256, |
Hanno Becker | 8ca2692 | 2021-07-23 19:24:23 +0100 | [diff] [blame] | 47 | MBEDTLS_TLS1_3_AES_128_CCM_SHA256, |
| 48 | MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256, |
Ronald Cron | 6f135e1 | 2021-12-08 16:57:54 +0100 | [diff] [blame] | 49 | #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ |
Hanno Becker | 8ca2692 | 2021-07-23 19:24:23 +0100 | [diff] [blame] | 50 | |
Manuel Pégourié-Gonnard | ce66d5e | 2018-06-14 11:11:15 +0200 | [diff] [blame] | 51 | /* Chacha-Poly ephemeral suites */ |
| 52 | MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, |
| 53 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, |
| 54 | MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, |
| 55 | |
Paul Bakker | 27714b1 | 2013-04-07 23:07:12 +0200 | [diff] [blame] | 56 | /* All AES-256 ephemeral suites */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 57 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, |
| 58 | MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, |
| 59 | MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, |
| 60 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, |
| 61 | MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, |
| 62 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, |
| 63 | MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, |
| 64 | MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, |
| 65 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, |
| 66 | MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, |
| 67 | MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, |
| 68 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, |
| 69 | MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, |
Paul Bakker | 27714b1 | 2013-04-07 23:07:12 +0200 | [diff] [blame] | 70 | |
| 71 | /* All CAMELLIA-256 ephemeral suites */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 72 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, |
| 73 | MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, |
| 74 | MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, |
| 75 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, |
| 76 | MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, |
| 77 | MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, |
| 78 | MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, |
Paul Bakker | 27714b1 | 2013-04-07 23:07:12 +0200 | [diff] [blame] | 79 | |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 80 | /* All ARIA-256 ephemeral suites */ |
| 81 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, |
| 82 | MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, |
| 83 | MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, |
| 84 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, |
| 85 | MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, |
| 86 | MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, |
| 87 | |
Paul Bakker | 27714b1 | 2013-04-07 23:07:12 +0200 | [diff] [blame] | 88 | /* All AES-128 ephemeral suites */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 89 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, |
| 90 | MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, |
| 91 | MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, |
| 92 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, |
| 93 | MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, |
| 94 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, |
| 95 | MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, |
| 96 | MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, |
| 97 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, |
| 98 | MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, |
| 99 | MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, |
| 100 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, |
| 101 | MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, |
Paul Bakker | 27714b1 | 2013-04-07 23:07:12 +0200 | [diff] [blame] | 102 | |
| 103 | /* All CAMELLIA-128 ephemeral suites */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 104 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, |
| 105 | MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, |
| 106 | MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, |
| 107 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, |
| 108 | MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, |
| 109 | MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, |
| 110 | MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, |
Paul Bakker | 27714b1 | 2013-04-07 23:07:12 +0200 | [diff] [blame] | 111 | |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 112 | /* All ARIA-128 ephemeral suites */ |
| 113 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, |
| 114 | MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, |
| 115 | MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, |
| 116 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, |
| 117 | MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, |
| 118 | MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, |
| 119 | |
Paul Bakker | d4a56ec | 2013-04-16 18:05:29 +0200 | [diff] [blame] | 120 | /* The PSK ephemeral suites */ |
Manuel Pégourié-Gonnard | ce66d5e | 2018-06-14 11:11:15 +0200 | [diff] [blame] | 121 | MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, |
| 122 | MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 123 | MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, |
| 124 | MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, |
| 125 | MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, |
| 126 | MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, |
| 127 | MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, |
| 128 | MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, |
| 129 | MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, |
| 130 | MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, |
| 131 | MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, |
| 132 | MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, |
Manuel Pégourié-Gonnard | af37f0f | 2018-02-20 11:03:40 +0100 | [diff] [blame] | 133 | MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, |
| 134 | MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, |
| 135 | MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, |
Manuel Pégourié-Gonnard | 6fb0f74 | 2013-10-25 17:08:15 +0200 | [diff] [blame] | 136 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 137 | MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, |
| 138 | MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, |
| 139 | MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, |
| 140 | MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, |
| 141 | MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, |
| 142 | MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, |
| 143 | MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, |
| 144 | MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, |
| 145 | MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, |
| 146 | MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, |
Manuel Pégourié-Gonnard | af37f0f | 2018-02-20 11:03:40 +0100 | [diff] [blame] | 147 | MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, |
| 148 | MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, |
| 149 | MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, |
Manuel Pégourié-Gonnard | 6fb0f74 | 2013-10-25 17:08:15 +0200 | [diff] [blame] | 150 | |
Manuel Pégourié-Gonnard | 538cb7b | 2015-09-15 18:03:28 +0200 | [diff] [blame] | 151 | /* The ECJPAKE suite */ |
| 152 | MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, |
| 153 | |
Paul Bakker | 27714b1 | 2013-04-07 23:07:12 +0200 | [diff] [blame] | 154 | /* All AES-256 suites */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 155 | MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, |
| 156 | MBEDTLS_TLS_RSA_WITH_AES_256_CCM, |
| 157 | MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, |
| 158 | MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, |
| 159 | MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, |
| 160 | MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, |
| 161 | MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, |
| 162 | MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, |
| 163 | MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, |
| 164 | MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, |
| 165 | MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, |
Paul Bakker | 27714b1 | 2013-04-07 23:07:12 +0200 | [diff] [blame] | 166 | |
| 167 | /* All CAMELLIA-256 suites */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 168 | MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, |
| 169 | MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, |
| 170 | MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, |
| 171 | MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, |
| 172 | MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, |
| 173 | MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, |
| 174 | MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, |
Paul Bakker | 27714b1 | 2013-04-07 23:07:12 +0200 | [diff] [blame] | 175 | |
Manuel Pégourié-Gonnard | af37f0f | 2018-02-20 11:03:40 +0100 | [diff] [blame] | 176 | /* All ARIA-256 suites */ |
| 177 | MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, |
| 178 | MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, |
| 179 | MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, |
| 180 | MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, |
| 181 | MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, |
| 182 | MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, |
| 183 | |
Paul Bakker | 27714b1 | 2013-04-07 23:07:12 +0200 | [diff] [blame] | 184 | /* All AES-128 suites */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 185 | MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, |
| 186 | MBEDTLS_TLS_RSA_WITH_AES_128_CCM, |
| 187 | MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, |
| 188 | MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, |
| 189 | MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, |
| 190 | MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, |
| 191 | MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, |
| 192 | MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, |
| 193 | MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, |
| 194 | MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, |
| 195 | MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, |
Paul Bakker | 27714b1 | 2013-04-07 23:07:12 +0200 | [diff] [blame] | 196 | |
| 197 | /* All CAMELLIA-128 suites */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 198 | MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, |
| 199 | MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, |
| 200 | MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, |
| 201 | MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, |
| 202 | MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, |
| 203 | MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, |
| 204 | MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, |
Paul Bakker | 27714b1 | 2013-04-07 23:07:12 +0200 | [diff] [blame] | 205 | |
Manuel Pégourié-Gonnard | af37f0f | 2018-02-20 11:03:40 +0100 | [diff] [blame] | 206 | /* All ARIA-128 suites */ |
| 207 | MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, |
| 208 | MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, |
| 209 | MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256, |
| 210 | MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, |
| 211 | MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, |
| 212 | MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256, |
| 213 | |
Paul Bakker | d4a56ec | 2013-04-16 18:05:29 +0200 | [diff] [blame] | 214 | /* The RSA PSK suites */ |
Manuel Pégourié-Gonnard | ce66d5e | 2018-06-14 11:11:15 +0200 | [diff] [blame] | 215 | MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 216 | MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, |
| 217 | MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, |
| 218 | MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, |
| 219 | MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, |
| 220 | MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 221 | MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, |
| 222 | MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, |
Manuel Pégourié-Gonnard | 6fb0f74 | 2013-10-25 17:08:15 +0200 | [diff] [blame] | 223 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 224 | MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, |
| 225 | MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, |
| 226 | MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, |
| 227 | MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, |
| 228 | MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 229 | MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, |
| 230 | MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, |
Manuel Pégourié-Gonnard | 6fb0f74 | 2013-10-25 17:08:15 +0200 | [diff] [blame] | 231 | |
Paul Bakker | d4a56ec | 2013-04-16 18:05:29 +0200 | [diff] [blame] | 232 | /* The PSK suites */ |
Manuel Pégourié-Gonnard | ce66d5e | 2018-06-14 11:11:15 +0200 | [diff] [blame] | 233 | MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 234 | MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, |
| 235 | MBEDTLS_TLS_PSK_WITH_AES_256_CCM, |
| 236 | MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, |
| 237 | MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, |
| 238 | MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, |
| 239 | MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, |
| 240 | MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 241 | MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, |
| 242 | MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, |
Manuel Pégourié-Gonnard | 6fb0f74 | 2013-10-25 17:08:15 +0200 | [diff] [blame] | 243 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 244 | MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, |
| 245 | MBEDTLS_TLS_PSK_WITH_AES_128_CCM, |
| 246 | MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, |
| 247 | MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, |
| 248 | MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, |
| 249 | MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, |
| 250 | MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 251 | MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, |
| 252 | MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, |
Manuel Pégourié-Gonnard | 6fb0f74 | 2013-10-25 17:08:15 +0200 | [diff] [blame] | 253 | |
Manuel Pégourié-Gonnard | 225d6aa | 2013-10-11 19:07:56 +0200 | [diff] [blame] | 254 | /* NULL suites */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 255 | MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, |
| 256 | MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, |
| 257 | MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, |
| 258 | MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, |
| 259 | MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, |
| 260 | MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, |
| 261 | MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, |
| 262 | MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, |
Manuel Pégourié-Gonnard | 6fb0f74 | 2013-10-25 17:08:15 +0200 | [diff] [blame] | 263 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 264 | MBEDTLS_TLS_RSA_WITH_NULL_SHA256, |
| 265 | MBEDTLS_TLS_RSA_WITH_NULL_SHA, |
| 266 | MBEDTLS_TLS_RSA_WITH_NULL_MD5, |
| 267 | MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, |
| 268 | MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, |
| 269 | MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, |
| 270 | MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, |
| 271 | MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, |
| 272 | MBEDTLS_TLS_PSK_WITH_NULL_SHA384, |
| 273 | MBEDTLS_TLS_PSK_WITH_NULL_SHA256, |
| 274 | MBEDTLS_TLS_PSK_WITH_NULL_SHA, |
Paul Bakker | 27714b1 | 2013-04-07 23:07:12 +0200 | [diff] [blame] | 275 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 276 | #endif /* MBEDTLS_SSL_CIPHERSUITES */ |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 277 | 0 |
| 278 | }; |
| 279 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 280 | static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 281 | { |
Ronald Cron | 6f135e1 | 2021-12-08 16:57:54 +0100 | [diff] [blame] | 282 | #if defined(MBEDTLS_SSL_PROTO_TLS1_3) |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 283 | #if defined(PSA_WANT_KEY_TYPE_AES) |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 284 | #if defined(PSA_WANT_ALG_GCM) |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 285 | #if defined(PSA_WANT_ALG_SHA_384) |
Hanno Becker | 8ca2692 | 2021-07-23 19:24:23 +0100 | [diff] [blame] | 286 | { MBEDTLS_TLS1_3_AES_256_GCM_SHA384, "TLS1-3-AES-256-GCM-SHA384", |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 287 | MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, |
| 288 | MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ |
| 289 | 0, |
| 290 | MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 291 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 292 | #if defined(PSA_WANT_ALG_SHA_256) |
Hanno Becker | 8ca2692 | 2021-07-23 19:24:23 +0100 | [diff] [blame] | 293 | { MBEDTLS_TLS1_3_AES_128_GCM_SHA256, "TLS1-3-AES-128-GCM-SHA256", |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 294 | MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, |
| 295 | MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ |
| 296 | 0, |
| 297 | MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 298 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 299 | #endif /* PSA_WANT_ALG_GCM */ |
Elena Uziunaite | c256172 | 2024-07-05 11:37:33 +0100 | [diff] [blame] | 300 | #if defined(PSA_WANT_ALG_CCM) && defined(PSA_WANT_ALG_SHA_256) |
Hanno Becker | 8ca2692 | 2021-07-23 19:24:23 +0100 | [diff] [blame] | 301 | { MBEDTLS_TLS1_3_AES_128_CCM_SHA256, "TLS1-3-AES-128-CCM-SHA256", |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 302 | MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, |
| 303 | MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ |
| 304 | 0, |
| 305 | MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, |
Hanno Becker | 8ca2692 | 2021-07-23 19:24:23 +0100 | [diff] [blame] | 306 | { MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256, "TLS1-3-AES-128-CCM-8-SHA256", |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 307 | MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, |
| 308 | MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ |
| 309 | MBEDTLS_CIPHERSUITE_SHORT_TAG, |
| 310 | MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, |
Elena Uziunaite | c256172 | 2024-07-05 11:37:33 +0100 | [diff] [blame] | 311 | #endif /* PSA_WANT_ALG_SHA_256 && PSA_WANT_ALG_CCM */ |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 312 | #endif /* PSA_WANT_KEY_TYPE_AES */ |
Elena Uziunaite | 5c70c30 | 2024-07-05 11:44:44 +0100 | [diff] [blame] | 313 | #if defined(PSA_WANT_ALG_CHACHA20_POLY1305) && defined(PSA_WANT_ALG_SHA_256) |
Hanno Becker | 8ca2692 | 2021-07-23 19:24:23 +0100 | [diff] [blame] | 314 | { MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256, |
| 315 | "TLS1-3-CHACHA20-POLY1305-SHA256", |
| 316 | MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, |
| 317 | MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */ |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 318 | 0, |
| 319 | MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 }, |
Elena Uziunaite | 5c70c30 | 2024-07-05 11:44:44 +0100 | [diff] [blame] | 320 | #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 && PSA_WANT_ALG_SHA_256 */ |
Ronald Cron | 6f135e1 | 2021-12-08 16:57:54 +0100 | [diff] [blame] | 321 | #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ |
Hanno Becker | 8ca2692 | 2021-07-23 19:24:23 +0100 | [diff] [blame] | 322 | |
Elena Uziunaite | 5c70c30 | 2024-07-05 11:44:44 +0100 | [diff] [blame] | 323 | #if defined(PSA_WANT_ALG_CHACHA20_POLY1305) && \ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 324 | defined(PSA_WANT_ALG_SHA_256) && \ |
Manuel Pégourié-Gonnard | ce66d5e | 2018-06-14 11:11:15 +0200 | [diff] [blame] | 325 | defined(MBEDTLS_SSL_PROTO_TLS1_2) |
| 326 | #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) |
| 327 | { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, |
| 328 | "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256", |
| 329 | MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, |
| 330 | MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 331 | 0, |
| 332 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | ce66d5e | 2018-06-14 11:11:15 +0200 | [diff] [blame] | 333 | #endif |
| 334 | #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) |
| 335 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, |
| 336 | "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256", |
| 337 | MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, |
| 338 | MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 339 | 0, |
| 340 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | ce66d5e | 2018-06-14 11:11:15 +0200 | [diff] [blame] | 341 | #endif |
| 342 | #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) |
| 343 | { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, |
| 344 | "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256", |
| 345 | MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, |
| 346 | MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 347 | 0, |
| 348 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | ce66d5e | 2018-06-14 11:11:15 +0200 | [diff] [blame] | 349 | #endif |
| 350 | #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) |
| 351 | { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256, |
| 352 | "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256", |
| 353 | MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, |
| 354 | MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 355 | 0, |
| 356 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | ce66d5e | 2018-06-14 11:11:15 +0200 | [diff] [blame] | 357 | #endif |
| 358 | #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) |
| 359 | { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, |
| 360 | "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256", |
| 361 | MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, |
| 362 | MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 363 | 0, |
| 364 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | ce66d5e | 2018-06-14 11:11:15 +0200 | [diff] [blame] | 365 | #endif |
| 366 | #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) |
| 367 | { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256, |
| 368 | "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256", |
| 369 | MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, |
| 370 | MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 371 | 0, |
| 372 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | ce66d5e | 2018-06-14 11:11:15 +0200 | [diff] [blame] | 373 | #endif |
Elena Uziunaite | 5c70c30 | 2024-07-05 11:44:44 +0100 | [diff] [blame] | 374 | #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 && |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 375 | PSA_WANT_ALG_SHA_256 && |
Manuel Pégourié-Gonnard | ce66d5e | 2018-06-14 11:11:15 +0200 | [diff] [blame] | 376 | MBEDTLS_SSL_PROTO_TLS1_2 */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 377 | #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 378 | #if defined(PSA_WANT_KEY_TYPE_AES) |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 379 | #if defined(PSA_WANT_ALG_SHA_1) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 380 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 381 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA", |
| 382 | MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 383 | 0, |
| 384 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 385 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA", |
| 386 | MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 387 | 0, |
| 388 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 389 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 390 | #endif /* PSA_WANT_ALG_SHA_1 */ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 391 | #if defined(PSA_WANT_ALG_SHA_256) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 392 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 393 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256", |
| 394 | MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 395 | 0, |
| 396 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 397 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 398 | #if defined(PSA_WANT_ALG_GCM) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 399 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256", |
| 400 | MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 401 | 0, |
| 402 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 403 | #endif /* PSA_WANT_ALG_GCM */ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 404 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 405 | #if defined(PSA_WANT_ALG_SHA_384) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 406 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 407 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384", |
| 408 | MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 409 | 0, |
| 410 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 411 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 412 | #if defined(PSA_WANT_ALG_GCM) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 413 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", |
| 414 | MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 415 | 0, |
| 416 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 417 | #endif /* PSA_WANT_ALG_GCM */ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 418 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | c256172 | 2024-07-05 11:37:33 +0100 | [diff] [blame] | 419 | #if defined(PSA_WANT_ALG_CCM) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 420 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM", |
| 421 | MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 422 | 0, |
| 423 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 424 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8", |
| 425 | MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 426 | MBEDTLS_CIPHERSUITE_SHORT_TAG, |
| 427 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 428 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM", |
| 429 | MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 430 | 0, |
| 431 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 432 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8", |
| 433 | MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 434 | MBEDTLS_CIPHERSUITE_SHORT_TAG, |
| 435 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | c256172 | 2024-07-05 11:37:33 +0100 | [diff] [blame] | 436 | #endif /* PSA_WANT_ALG_CCM */ |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 437 | #endif /* PSA_WANT_KEY_TYPE_AES */ |
Manuel Pégourié-Gonnard | 32ea60a | 2013-08-17 17:39:04 +0200 | [diff] [blame] | 438 | |
Elena Uziunaite | da41b60 | 2024-07-05 11:27:21 +0100 | [diff] [blame] | 439 | #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 440 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 441 | #if defined(PSA_WANT_ALG_SHA_256) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 442 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, |
| 443 | "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 444 | MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 445 | 0, |
| 446 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 447 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 448 | #if defined(PSA_WANT_ALG_SHA_384) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 449 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, |
| 450 | "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 451 | MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 452 | 0, |
| 453 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 454 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 455 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Manuel Pégourié-Gonnard | 8d01eea | 2013-10-24 19:49:07 +0200 | [diff] [blame] | 456 | |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 457 | #if defined(PSA_WANT_ALG_GCM) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 458 | #if defined(PSA_WANT_ALG_SHA_256) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 459 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, |
| 460 | "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 461 | MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 462 | 0, |
| 463 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 464 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 465 | #if defined(PSA_WANT_ALG_SHA_384) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 466 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, |
| 467 | "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 468 | MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 469 | 0, |
| 470 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 471 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 472 | #endif /* PSA_WANT_ALG_GCM */ |
Elena Uziunaite | da41b60 | 2024-07-05 11:27:21 +0100 | [diff] [blame] | 473 | #endif /* PSA_WANT_KEY_TYPE_CAMELLIA */ |
Manuel Pégourié-Gonnard | 32ea60a | 2013-08-17 17:39:04 +0200 | [diff] [blame] | 474 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 475 | #if defined(MBEDTLS_CIPHER_NULL_CIPHER) |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 476 | #if defined(PSA_WANT_ALG_SHA_1) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 477 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA", |
| 478 | MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 479 | MBEDTLS_CIPHERSUITE_WEAK, |
| 480 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 481 | #endif /* PSA_WANT_ALG_SHA_1 */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 482 | #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ |
| 483 | #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ |
Manuel Pégourié-Gonnard | 32ea60a | 2013-08-17 17:39:04 +0200 | [diff] [blame] | 484 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 485 | #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 486 | #if defined(PSA_WANT_KEY_TYPE_AES) |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 487 | #if defined(PSA_WANT_ALG_SHA_1) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 488 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 489 | { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA", |
| 490 | MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 491 | 0, |
| 492 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 493 | { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA", |
| 494 | MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 495 | 0, |
| 496 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 497 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 498 | #endif /* PSA_WANT_ALG_SHA_1 */ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 499 | #if defined(PSA_WANT_ALG_SHA_256) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 500 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 501 | { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256", |
| 502 | MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 503 | 0, |
| 504 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 505 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 506 | #if defined(PSA_WANT_ALG_GCM) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 507 | { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256", |
| 508 | MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 509 | 0, |
| 510 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 511 | #endif /* PSA_WANT_ALG_GCM */ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 512 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 513 | #if defined(PSA_WANT_ALG_SHA_384) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 514 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 515 | { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384", |
| 516 | MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 517 | 0, |
| 518 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 519 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 520 | #if defined(PSA_WANT_ALG_GCM) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 521 | { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384", |
| 522 | MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 523 | 0, |
| 524 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 525 | #endif /* PSA_WANT_ALG_GCM */ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 526 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 527 | #endif /* PSA_WANT_KEY_TYPE_AES */ |
Paul Bakker | 27714b1 | 2013-04-07 23:07:12 +0200 | [diff] [blame] | 528 | |
Elena Uziunaite | da41b60 | 2024-07-05 11:27:21 +0100 | [diff] [blame] | 529 | #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 530 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 531 | #if defined(PSA_WANT_ALG_SHA_256) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 532 | { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, |
| 533 | "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 534 | MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 535 | 0, |
| 536 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 537 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 538 | #if defined(PSA_WANT_ALG_SHA_384) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 539 | { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, |
| 540 | "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384", |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 541 | MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 542 | 0, |
| 543 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 544 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 545 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Manuel Pégourié-Gonnard | 8d01eea | 2013-10-24 19:49:07 +0200 | [diff] [blame] | 546 | |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 547 | #if defined(PSA_WANT_ALG_GCM) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 548 | #if defined(PSA_WANT_ALG_SHA_256) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 549 | { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, |
| 550 | "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 551 | MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 552 | 0, |
| 553 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 554 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 555 | #if defined(PSA_WANT_ALG_SHA_384) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 556 | { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, |
| 557 | "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 558 | MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 559 | 0, |
| 560 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 561 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 562 | #endif /* PSA_WANT_ALG_GCM */ |
Elena Uziunaite | da41b60 | 2024-07-05 11:27:21 +0100 | [diff] [blame] | 563 | #endif /* PSA_WANT_KEY_TYPE_CAMELLIA */ |
Paul Bakker | 27714b1 | 2013-04-07 23:07:12 +0200 | [diff] [blame] | 564 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 565 | #if defined(MBEDTLS_CIPHER_NULL_CIPHER) |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 566 | #if defined(PSA_WANT_ALG_SHA_1) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 567 | { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA", |
| 568 | MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 569 | MBEDTLS_CIPHERSUITE_WEAK, |
| 570 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 571 | #endif /* PSA_WANT_ALG_SHA_1 */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 572 | #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ |
| 573 | #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ |
Paul Bakker | 41c83d3 | 2013-03-20 14:39:14 +0100 | [diff] [blame] | 574 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 575 | #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 576 | #if defined(PSA_WANT_KEY_TYPE_AES) |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 577 | #if defined(PSA_WANT_ALG_SHA_384) && \ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 578 | defined(PSA_WANT_ALG_GCM) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 579 | { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384", |
| 580 | MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 581 | 0, |
| 582 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 583 | #endif /* PSA_WANT_ALG_SHA_384 && PSA_WANT_ALG_GCM */ |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 584 | |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 585 | #if defined(PSA_WANT_ALG_SHA_256) |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 586 | #if defined(PSA_WANT_ALG_GCM) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 587 | { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256", |
| 588 | MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 589 | 0, |
| 590 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 591 | #endif /* PSA_WANT_ALG_GCM */ |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 592 | |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 593 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 594 | { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256", |
| 595 | MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 596 | 0, |
| 597 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 598 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 599 | { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256", |
| 600 | MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 601 | 0, |
| 602 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 603 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 604 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 605 | |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 606 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 607 | #if defined(PSA_WANT_ALG_SHA_1) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 608 | { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA", |
| 609 | MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 610 | 0, |
| 611 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 612 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 613 | { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA", |
| 614 | MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 615 | 0, |
| 616 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 617 | #endif /* PSA_WANT_ALG_SHA_1 */ |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 618 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | c256172 | 2024-07-05 11:37:33 +0100 | [diff] [blame] | 619 | #if defined(PSA_WANT_ALG_CCM) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 620 | { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM", |
| 621 | MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 622 | 0, |
| 623 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 624 | { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8", |
| 625 | MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 626 | MBEDTLS_CIPHERSUITE_SHORT_TAG, |
| 627 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 628 | { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM", |
| 629 | MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 630 | 0, |
| 631 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 632 | { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8", |
| 633 | MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 634 | MBEDTLS_CIPHERSUITE_SHORT_TAG, |
| 635 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | c256172 | 2024-07-05 11:37:33 +0100 | [diff] [blame] | 636 | #endif /* PSA_WANT_ALG_CCM */ |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 637 | #endif /* PSA_WANT_KEY_TYPE_AES */ |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 638 | |
Elena Uziunaite | da41b60 | 2024-07-05 11:27:21 +0100 | [diff] [blame] | 639 | #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 640 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 641 | #if defined(PSA_WANT_ALG_SHA_256) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 642 | { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", |
| 643 | MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 644 | 0, |
| 645 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 646 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 647 | { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256", |
| 648 | MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 649 | 0, |
| 650 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 651 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 652 | |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 653 | #if defined(PSA_WANT_ALG_SHA_1) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 654 | { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA", |
| 655 | MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 656 | 0, |
| 657 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 658 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 659 | { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA", |
| 660 | MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 661 | 0, |
| 662 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 663 | #endif /* PSA_WANT_ALG_SHA_1 */ |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 664 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 665 | #if defined(PSA_WANT_ALG_GCM) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 666 | #if defined(PSA_WANT_ALG_SHA_256) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 667 | { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", |
| 668 | MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 669 | 0, |
| 670 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 671 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Manuel Pégourié-Gonnard | 8d01eea | 2013-10-24 19:49:07 +0200 | [diff] [blame] | 672 | |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 673 | #if defined(PSA_WANT_ALG_SHA_384) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 674 | { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", |
| 675 | MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 676 | 0, |
| 677 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 678 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 679 | #endif /* PSA_WANT_ALG_GCM */ |
Elena Uziunaite | da41b60 | 2024-07-05 11:27:21 +0100 | [diff] [blame] | 680 | #endif /* PSA_WANT_KEY_TYPE_CAMELLIA */ |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 681 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 682 | #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 683 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 684 | #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 685 | #if defined(PSA_WANT_KEY_TYPE_AES) |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 686 | #if defined(PSA_WANT_ALG_SHA_384) && \ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 687 | defined(PSA_WANT_ALG_GCM) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 688 | { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384", |
| 689 | MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 690 | 0, |
| 691 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 692 | #endif /* PSA_WANT_ALG_SHA_384 && PSA_WANT_ALG_GCM */ |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 693 | |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 694 | #if defined(PSA_WANT_ALG_SHA_256) |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 695 | #if defined(PSA_WANT_ALG_GCM) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 696 | { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256", |
| 697 | MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 698 | 0, |
| 699 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 700 | #endif /* PSA_WANT_ALG_GCM */ |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 701 | |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 702 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 703 | { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256", |
| 704 | MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 705 | 0, |
| 706 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 707 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 708 | { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256", |
| 709 | MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 710 | 0, |
| 711 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 712 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 713 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 714 | |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 715 | #if defined(PSA_WANT_ALG_SHA_1) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 716 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 717 | { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA", |
| 718 | MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 719 | 0, |
| 720 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 721 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 722 | { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA", |
| 723 | MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 724 | 0, |
| 725 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 726 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 727 | #endif /* PSA_WANT_ALG_SHA_1 */ |
Elena Uziunaite | c256172 | 2024-07-05 11:37:33 +0100 | [diff] [blame] | 728 | #if defined(PSA_WANT_ALG_CCM) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 729 | { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM", |
| 730 | MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 731 | 0, |
| 732 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 733 | { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8", |
| 734 | MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 735 | MBEDTLS_CIPHERSUITE_SHORT_TAG, |
| 736 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 737 | { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM", |
| 738 | MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 739 | 0, |
| 740 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 741 | { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8", |
| 742 | MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 743 | MBEDTLS_CIPHERSUITE_SHORT_TAG, |
| 744 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | c256172 | 2024-07-05 11:37:33 +0100 | [diff] [blame] | 745 | #endif /* PSA_WANT_ALG_CCM */ |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 746 | #endif /* PSA_WANT_KEY_TYPE_AES */ |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 747 | |
Elena Uziunaite | da41b60 | 2024-07-05 11:27:21 +0100 | [diff] [blame] | 748 | #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 749 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 750 | #if defined(PSA_WANT_ALG_SHA_256) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 751 | { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256", |
| 752 | MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 753 | 0, |
| 754 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 755 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 756 | { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256", |
| 757 | MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 758 | 0, |
| 759 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 760 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 761 | |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 762 | #if defined(PSA_WANT_ALG_SHA_1) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 763 | { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA", |
| 764 | MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 765 | 0, |
| 766 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 767 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 768 | { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA", |
| 769 | MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 770 | 0, |
| 771 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 772 | #endif /* PSA_WANT_ALG_SHA_1 */ |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 773 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Manuel Pégourié-Gonnard | 8d01eea | 2013-10-24 19:49:07 +0200 | [diff] [blame] | 774 | |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 775 | #if defined(PSA_WANT_ALG_GCM) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 776 | #if defined(PSA_WANT_ALG_SHA_256) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 777 | { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256", |
| 778 | MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 779 | 0, |
| 780 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 781 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Manuel Pégourié-Gonnard | 8d01eea | 2013-10-24 19:49:07 +0200 | [diff] [blame] | 782 | |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 783 | #if defined(PSA_WANT_ALG_SHA_384) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 784 | { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384", |
| 785 | MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 786 | 0, |
| 787 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 788 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 789 | #endif /* PSA_WANT_ALG_GCM */ |
Elena Uziunaite | da41b60 | 2024-07-05 11:27:21 +0100 | [diff] [blame] | 790 | #endif /* PSA_WANT_KEY_TYPE_CAMELLIA */ |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 791 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 792 | #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 793 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 794 | #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 795 | #if defined(PSA_WANT_KEY_TYPE_AES) |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 796 | #if defined(PSA_WANT_ALG_SHA_1) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 797 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 798 | { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA", |
| 799 | MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 800 | 0, |
| 801 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 802 | { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA", |
| 803 | MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 804 | 0, |
| 805 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 806 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 807 | #endif /* PSA_WANT_ALG_SHA_1 */ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 808 | #if defined(PSA_WANT_ALG_SHA_256) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 809 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 810 | { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256", |
| 811 | MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 812 | 0, |
| 813 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 814 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 815 | #if defined(PSA_WANT_ALG_GCM) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 816 | { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256", |
| 817 | MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 818 | 0, |
| 819 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 820 | #endif /* PSA_WANT_ALG_GCM */ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 821 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 822 | #if defined(PSA_WANT_ALG_SHA_384) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 823 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 824 | { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384", |
| 825 | MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 826 | 0, |
| 827 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 828 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 829 | #if defined(PSA_WANT_ALG_GCM) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 830 | { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384", |
| 831 | MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 832 | 0, |
| 833 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 834 | #endif /* PSA_WANT_ALG_GCM */ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 835 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 836 | #endif /* PSA_WANT_KEY_TYPE_AES */ |
Manuel Pégourié-Gonnard | 25781b2 | 2013-12-11 16:17:10 +0100 | [diff] [blame] | 837 | |
Elena Uziunaite | da41b60 | 2024-07-05 11:27:21 +0100 | [diff] [blame] | 838 | #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 839 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 840 | #if defined(PSA_WANT_ALG_SHA_256) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 841 | { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, |
| 842 | "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256", |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 843 | MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 844 | 0, |
| 845 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 846 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 847 | #if defined(PSA_WANT_ALG_SHA_384) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 848 | { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, |
| 849 | "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384", |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 850 | MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 851 | 0, |
| 852 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 853 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 854 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Manuel Pégourié-Gonnard | 25781b2 | 2013-12-11 16:17:10 +0100 | [diff] [blame] | 855 | |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 856 | #if defined(PSA_WANT_ALG_GCM) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 857 | #if defined(PSA_WANT_ALG_SHA_256) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 858 | { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, |
| 859 | "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256", |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 860 | MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 861 | 0, |
| 862 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 863 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 864 | #if defined(PSA_WANT_ALG_SHA_384) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 865 | { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, |
| 866 | "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384", |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 867 | MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 868 | 0, |
| 869 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 870 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 871 | #endif /* PSA_WANT_ALG_GCM */ |
Elena Uziunaite | da41b60 | 2024-07-05 11:27:21 +0100 | [diff] [blame] | 872 | #endif /* PSA_WANT_KEY_TYPE_CAMELLIA */ |
Manuel Pégourié-Gonnard | 25781b2 | 2013-12-11 16:17:10 +0100 | [diff] [blame] | 873 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 874 | #if defined(MBEDTLS_CIPHER_NULL_CIPHER) |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 875 | #if defined(PSA_WANT_ALG_SHA_1) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 876 | { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA", |
| 877 | MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 878 | MBEDTLS_CIPHERSUITE_WEAK, |
| 879 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 880 | #endif /* PSA_WANT_ALG_SHA_1 */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 881 | #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ |
| 882 | #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ |
Manuel Pégourié-Gonnard | 25781b2 | 2013-12-11 16:17:10 +0100 | [diff] [blame] | 883 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 884 | #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 885 | #if defined(PSA_WANT_KEY_TYPE_AES) |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 886 | #if defined(PSA_WANT_ALG_SHA_1) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 887 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 888 | { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA", |
| 889 | MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 890 | 0, |
| 891 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 892 | { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA", |
| 893 | MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 894 | 0, |
| 895 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 896 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 897 | #endif /* PSA_WANT_ALG_SHA_1 */ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 898 | #if defined(PSA_WANT_ALG_SHA_256) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 899 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 900 | { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256", |
| 901 | MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 902 | 0, |
| 903 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 904 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 905 | #if defined(PSA_WANT_ALG_GCM) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 906 | { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256", |
| 907 | MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 908 | 0, |
| 909 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 910 | #endif /* PSA_WANT_ALG_GCM */ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 911 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 912 | #if defined(PSA_WANT_ALG_SHA_384) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 913 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 914 | { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384", |
| 915 | MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 916 | 0, |
| 917 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 918 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 919 | #if defined(PSA_WANT_ALG_GCM) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 920 | { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384", |
| 921 | MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 922 | 0, |
| 923 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 924 | #endif /* PSA_WANT_ALG_GCM */ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 925 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 926 | #endif /* PSA_WANT_KEY_TYPE_AES */ |
Manuel Pégourié-Gonnard | 25781b2 | 2013-12-11 16:17:10 +0100 | [diff] [blame] | 927 | |
Elena Uziunaite | da41b60 | 2024-07-05 11:27:21 +0100 | [diff] [blame] | 928 | #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 929 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 930 | #if defined(PSA_WANT_ALG_SHA_256) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 931 | { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, |
| 932 | "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 933 | MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 934 | 0, |
| 935 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 936 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 937 | #if defined(PSA_WANT_ALG_SHA_384) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 938 | { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, |
| 939 | "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 940 | MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 941 | 0, |
| 942 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 943 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 944 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Manuel Pégourié-Gonnard | 25781b2 | 2013-12-11 16:17:10 +0100 | [diff] [blame] | 945 | |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 946 | #if defined(PSA_WANT_ALG_GCM) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 947 | #if defined(PSA_WANT_ALG_SHA_256) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 948 | { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, |
| 949 | "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 950 | MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 951 | 0, |
| 952 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 953 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 954 | #if defined(PSA_WANT_ALG_SHA_384) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 955 | { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, |
| 956 | "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 957 | MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 958 | 0, |
| 959 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 960 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 961 | #endif /* PSA_WANT_ALG_GCM */ |
Elena Uziunaite | da41b60 | 2024-07-05 11:27:21 +0100 | [diff] [blame] | 962 | #endif /* PSA_WANT_KEY_TYPE_CAMELLIA */ |
Manuel Pégourié-Gonnard | 25781b2 | 2013-12-11 16:17:10 +0100 | [diff] [blame] | 963 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 964 | #if defined(MBEDTLS_CIPHER_NULL_CIPHER) |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 965 | #if defined(PSA_WANT_ALG_SHA_1) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 966 | { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA", |
| 967 | MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 968 | MBEDTLS_CIPHERSUITE_WEAK, |
| 969 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 970 | #endif /* PSA_WANT_ALG_SHA_1 */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 971 | #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ |
| 972 | #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ |
Manuel Pégourié-Gonnard | 25781b2 | 2013-12-11 16:17:10 +0100 | [diff] [blame] | 973 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 974 | #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 975 | #if defined(PSA_WANT_KEY_TYPE_AES) |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 976 | #if defined(PSA_WANT_ALG_GCM) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 977 | #if defined(PSA_WANT_ALG_SHA_256) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 978 | { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256", |
| 979 | MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 980 | 0, |
| 981 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 982 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Paul Bakker | 40afb4b | 2013-04-19 22:03:30 +0200 | [diff] [blame] | 983 | |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 984 | #if defined(PSA_WANT_ALG_SHA_384) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 985 | { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384", |
| 986 | MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 987 | 0, |
| 988 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 989 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 990 | #endif /* PSA_WANT_ALG_GCM */ |
Paul Bakker | 40afb4b | 2013-04-19 22:03:30 +0200 | [diff] [blame] | 991 | |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 992 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 993 | #if defined(PSA_WANT_ALG_SHA_256) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 994 | { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256", |
| 995 | MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 996 | 0, |
| 997 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 998 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Paul Bakker | 40afb4b | 2013-04-19 22:03:30 +0200 | [diff] [blame] | 999 | |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1000 | #if defined(PSA_WANT_ALG_SHA_384) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1001 | { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384", |
| 1002 | MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1003 | 0, |
| 1004 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1005 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Paul Bakker | 40afb4b | 2013-04-19 22:03:30 +0200 | [diff] [blame] | 1006 | |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 1007 | #if defined(PSA_WANT_ALG_SHA_1) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1008 | { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA", |
| 1009 | MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1010 | 0, |
| 1011 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Paul Bakker | d4a56ec | 2013-04-16 18:05:29 +0200 | [diff] [blame] | 1012 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1013 | { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA", |
| 1014 | MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1015 | 0, |
| 1016 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 1017 | #endif /* PSA_WANT_ALG_SHA_1 */ |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1018 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | c256172 | 2024-07-05 11:37:33 +0100 | [diff] [blame] | 1019 | #if defined(PSA_WANT_ALG_CCM) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1020 | { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM", |
| 1021 | MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1022 | 0, |
| 1023 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1024 | { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8", |
| 1025 | MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1026 | MBEDTLS_CIPHERSUITE_SHORT_TAG, |
| 1027 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1028 | { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM", |
| 1029 | MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1030 | 0, |
| 1031 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1032 | { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8", |
| 1033 | MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1034 | MBEDTLS_CIPHERSUITE_SHORT_TAG, |
| 1035 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | c256172 | 2024-07-05 11:37:33 +0100 | [diff] [blame] | 1036 | #endif /* PSA_WANT_ALG_CCM */ |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 1037 | #endif /* PSA_WANT_KEY_TYPE_AES */ |
Paul Bakker | d4a56ec | 2013-04-16 18:05:29 +0200 | [diff] [blame] | 1038 | |
Elena Uziunaite | da41b60 | 2024-07-05 11:27:21 +0100 | [diff] [blame] | 1039 | #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1040 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1041 | #if defined(PSA_WANT_ALG_SHA_256) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1042 | { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256", |
| 1043 | MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1044 | 0, |
| 1045 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1046 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Paul Bakker | 0f2f0bf | 2013-07-26 15:03:31 +0200 | [diff] [blame] | 1047 | |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1048 | #if defined(PSA_WANT_ALG_SHA_384) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1049 | { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384", |
| 1050 | MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1051 | 0, |
| 1052 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1053 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1054 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Manuel Pégourié-Gonnard | 8d01eea | 2013-10-24 19:49:07 +0200 | [diff] [blame] | 1055 | |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1056 | #if defined(PSA_WANT_ALG_GCM) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1057 | #if defined(PSA_WANT_ALG_SHA_256) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1058 | { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256", |
| 1059 | MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1060 | 0, |
| 1061 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1062 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Manuel Pégourié-Gonnard | 8d01eea | 2013-10-24 19:49:07 +0200 | [diff] [blame] | 1063 | |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1064 | #if defined(PSA_WANT_ALG_SHA_384) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1065 | { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384", |
| 1066 | MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1067 | 0, |
| 1068 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1069 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1070 | #endif /* PSA_WANT_ALG_GCM */ |
Elena Uziunaite | da41b60 | 2024-07-05 11:27:21 +0100 | [diff] [blame] | 1071 | #endif /* PSA_WANT_KEY_TYPE_CAMELLIA */ |
Paul Bakker | 0f2f0bf | 2013-07-26 15:03:31 +0200 | [diff] [blame] | 1072 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1073 | #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ |
Paul Bakker | d4a56ec | 2013-04-16 18:05:29 +0200 | [diff] [blame] | 1074 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1075 | #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 1076 | #if defined(PSA_WANT_KEY_TYPE_AES) |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1077 | #if defined(PSA_WANT_ALG_GCM) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1078 | #if defined(PSA_WANT_ALG_SHA_256) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1079 | { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256", |
| 1080 | MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1081 | 0, |
| 1082 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1083 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Paul Bakker | 40afb4b | 2013-04-19 22:03:30 +0200 | [diff] [blame] | 1084 | |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1085 | #if defined(PSA_WANT_ALG_SHA_384) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1086 | { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384", |
| 1087 | MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1088 | 0, |
| 1089 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1090 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1091 | #endif /* PSA_WANT_ALG_GCM */ |
Paul Bakker | 40afb4b | 2013-04-19 22:03:30 +0200 | [diff] [blame] | 1092 | |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1093 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1094 | #if defined(PSA_WANT_ALG_SHA_256) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1095 | { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256", |
| 1096 | MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1097 | 0, |
| 1098 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1099 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Paul Bakker | 40afb4b | 2013-04-19 22:03:30 +0200 | [diff] [blame] | 1100 | |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1101 | #if defined(PSA_WANT_ALG_SHA_384) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1102 | { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384", |
| 1103 | MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1104 | 0, |
| 1105 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1106 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Paul Bakker | 40afb4b | 2013-04-19 22:03:30 +0200 | [diff] [blame] | 1107 | |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 1108 | #if defined(PSA_WANT_ALG_SHA_1) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1109 | { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA", |
| 1110 | MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1111 | 0, |
| 1112 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Paul Bakker | d4a56ec | 2013-04-16 18:05:29 +0200 | [diff] [blame] | 1113 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1114 | { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA", |
| 1115 | MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1116 | 0, |
| 1117 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 1118 | #endif /* PSA_WANT_ALG_SHA_1 */ |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1119 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | c256172 | 2024-07-05 11:37:33 +0100 | [diff] [blame] | 1120 | #if defined(PSA_WANT_ALG_CCM) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1121 | { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM", |
| 1122 | MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1123 | 0, |
| 1124 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1125 | { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8", |
| 1126 | MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1127 | MBEDTLS_CIPHERSUITE_SHORT_TAG, |
| 1128 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1129 | { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM", |
| 1130 | MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1131 | 0, |
| 1132 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1133 | { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8", |
| 1134 | MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1135 | MBEDTLS_CIPHERSUITE_SHORT_TAG, |
| 1136 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | c256172 | 2024-07-05 11:37:33 +0100 | [diff] [blame] | 1137 | #endif /* PSA_WANT_ALG_CCM */ |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 1138 | #endif /* PSA_WANT_KEY_TYPE_AES */ |
Paul Bakker | d4a56ec | 2013-04-16 18:05:29 +0200 | [diff] [blame] | 1139 | |
Elena Uziunaite | da41b60 | 2024-07-05 11:27:21 +0100 | [diff] [blame] | 1140 | #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1141 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1142 | #if defined(PSA_WANT_ALG_SHA_256) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1143 | { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", |
| 1144 | MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1145 | 0, |
| 1146 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1147 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Paul Bakker | 0f2f0bf | 2013-07-26 15:03:31 +0200 | [diff] [blame] | 1148 | |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1149 | #if defined(PSA_WANT_ALG_SHA_384) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1150 | { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", |
| 1151 | MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1152 | 0, |
| 1153 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1154 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1155 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Manuel Pégourié-Gonnard | 8d01eea | 2013-10-24 19:49:07 +0200 | [diff] [blame] | 1156 | |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1157 | #if defined(PSA_WANT_ALG_GCM) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1158 | #if defined(PSA_WANT_ALG_SHA_256) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1159 | { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256", |
| 1160 | MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1161 | 0, |
| 1162 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1163 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Manuel Pégourié-Gonnard | 8d01eea | 2013-10-24 19:49:07 +0200 | [diff] [blame] | 1164 | |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1165 | #if defined(PSA_WANT_ALG_SHA_384) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1166 | { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384", |
| 1167 | MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1168 | 0, |
| 1169 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1170 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1171 | #endif /* PSA_WANT_ALG_GCM */ |
Elena Uziunaite | da41b60 | 2024-07-05 11:27:21 +0100 | [diff] [blame] | 1172 | #endif /* PSA_WANT_KEY_TYPE_CAMELLIA */ |
Paul Bakker | 0f2f0bf | 2013-07-26 15:03:31 +0200 | [diff] [blame] | 1173 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1174 | #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ |
Paul Bakker | d4a56ec | 2013-04-16 18:05:29 +0200 | [diff] [blame] | 1175 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1176 | #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 1177 | #if defined(PSA_WANT_KEY_TYPE_AES) |
Manuel Pégourié-Gonnard | 225d6aa | 2013-10-11 19:07:56 +0200 | [diff] [blame] | 1178 | |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1179 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1180 | #if defined(PSA_WANT_ALG_SHA_256) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1181 | { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256", |
| 1182 | MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1183 | 0, |
| 1184 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1185 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Manuel Pégourié-Gonnard | 225d6aa | 2013-10-11 19:07:56 +0200 | [diff] [blame] | 1186 | |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1187 | #if defined(PSA_WANT_ALG_SHA_384) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1188 | { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384", |
| 1189 | MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1190 | 0, |
| 1191 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1192 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Manuel Pégourié-Gonnard | 225d6aa | 2013-10-11 19:07:56 +0200 | [diff] [blame] | 1193 | |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 1194 | #if defined(PSA_WANT_ALG_SHA_1) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1195 | { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA", |
| 1196 | MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1197 | 0, |
| 1198 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 225d6aa | 2013-10-11 19:07:56 +0200 | [diff] [blame] | 1199 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1200 | { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA", |
| 1201 | MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1202 | 0, |
| 1203 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 1204 | #endif /* PSA_WANT_ALG_SHA_1 */ |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1205 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 1206 | #endif /* PSA_WANT_KEY_TYPE_AES */ |
Manuel Pégourié-Gonnard | 225d6aa | 2013-10-11 19:07:56 +0200 | [diff] [blame] | 1207 | |
Elena Uziunaite | da41b60 | 2024-07-05 11:27:21 +0100 | [diff] [blame] | 1208 | #if defined(PSA_WANT_KEY_TYPE_CAMELLIA) |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1209 | #if defined(PSA_WANT_ALG_CBC_NO_PADDING) |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1210 | #if defined(PSA_WANT_ALG_SHA_256) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1211 | { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, |
| 1212 | "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1213 | MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1214 | 0, |
| 1215 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1216 | #endif /* PSA_WANT_ALG_SHA_256 */ |
Manuel Pégourié-Gonnard | 225d6aa | 2013-10-11 19:07:56 +0200 | [diff] [blame] | 1217 | |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1218 | #if defined(PSA_WANT_ALG_SHA_384) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1219 | { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, |
| 1220 | "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1221 | MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1222 | 0, |
| 1223 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1224 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1225 | #endif /* PSA_WANT_ALG_CBC_NO_PADDING */ |
Elena Uziunaite | da41b60 | 2024-07-05 11:27:21 +0100 | [diff] [blame] | 1226 | #endif /* PSA_WANT_KEY_TYPE_CAMELLIA */ |
Manuel Pégourié-Gonnard | 225d6aa | 2013-10-11 19:07:56 +0200 | [diff] [blame] | 1227 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1228 | #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ |
Manuel Pégourié-Gonnard | 225d6aa | 2013-10-11 19:07:56 +0200 | [diff] [blame] | 1229 | |
Manuel Pégourié-Gonnard | 538cb7b | 2015-09-15 18:03:28 +0200 | [diff] [blame] | 1230 | #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 1231 | #if defined(PSA_WANT_KEY_TYPE_AES) |
Elena Uziunaite | c256172 | 2024-07-05 11:37:33 +0100 | [diff] [blame] | 1232 | #if defined(PSA_WANT_ALG_CCM) |
Manuel Pégourié-Gonnard | 538cb7b | 2015-09-15 18:03:28 +0200 | [diff] [blame] | 1233 | { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8", |
| 1234 | MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1235 | MBEDTLS_CIPHERSUITE_SHORT_TAG, |
| 1236 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | c256172 | 2024-07-05 11:37:33 +0100 | [diff] [blame] | 1237 | #endif /* PSA_WANT_ALG_CCM */ |
Elena Uziunaite | 6121a34 | 2024-07-05 11:16:53 +0100 | [diff] [blame] | 1238 | #endif /* PSA_WANT_KEY_TYPE_AES */ |
Manuel Pégourié-Gonnard | 538cb7b | 2015-09-15 18:03:28 +0200 | [diff] [blame] | 1239 | #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ |
| 1240 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1241 | #if defined(MBEDTLS_CIPHER_NULL_CIPHER) |
| 1242 | #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) |
Elena Uziunaite | b66a991 | 2024-05-10 14:25:58 +0100 | [diff] [blame] | 1243 | #if defined(PSA_WANT_ALG_MD5) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1244 | { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5", |
| 1245 | MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1246 | MBEDTLS_CIPHERSUITE_WEAK, |
| 1247 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 057e0cf | 2013-10-14 14:19:31 +0200 | [diff] [blame] | 1248 | #endif |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1249 | |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 1250 | #if defined(PSA_WANT_ALG_SHA_1) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1251 | { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA", |
| 1252 | MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1253 | MBEDTLS_CIPHERSUITE_WEAK, |
| 1254 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 057e0cf | 2013-10-14 14:19:31 +0200 | [diff] [blame] | 1255 | #endif |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1256 | |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1257 | #if defined(PSA_WANT_ALG_SHA_256) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1258 | { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256", |
| 1259 | MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1260 | MBEDTLS_CIPHERSUITE_WEAK, |
| 1261 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 057e0cf | 2013-10-14 14:19:31 +0200 | [diff] [blame] | 1262 | #endif |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1263 | #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1264 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1265 | #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 1266 | #if defined(PSA_WANT_ALG_SHA_1) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1267 | { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA", |
| 1268 | MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1269 | MBEDTLS_CIPHERSUITE_WEAK, |
| 1270 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 1271 | #endif /* PSA_WANT_ALG_SHA_1 */ |
Manuel Pégourié-Gonnard | 98d9a2c | 2013-10-25 18:03:18 +0200 | [diff] [blame] | 1272 | |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1273 | #if defined(PSA_WANT_ALG_SHA_256) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1274 | { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256", |
| 1275 | MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1276 | MBEDTLS_CIPHERSUITE_WEAK, |
| 1277 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 98d9a2c | 2013-10-25 18:03:18 +0200 | [diff] [blame] | 1278 | #endif |
| 1279 | |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1280 | #if defined(PSA_WANT_ALG_SHA_384) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1281 | { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384", |
| 1282 | MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1283 | MBEDTLS_CIPHERSUITE_WEAK, |
| 1284 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1285 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1286 | #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ |
Paul Bakker | a1bf92d | 2013-04-19 19:48:45 +0200 | [diff] [blame] | 1287 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1288 | #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 1289 | #if defined(PSA_WANT_ALG_SHA_1) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1290 | { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA", |
| 1291 | MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1292 | MBEDTLS_CIPHERSUITE_WEAK, |
| 1293 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 1294 | #endif /* PSA_WANT_ALG_SHA_1 */ |
Manuel Pégourié-Gonnard | 98d9a2c | 2013-10-25 18:03:18 +0200 | [diff] [blame] | 1295 | |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1296 | #if defined(PSA_WANT_ALG_SHA_256) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1297 | { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256", |
| 1298 | MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1299 | MBEDTLS_CIPHERSUITE_WEAK, |
| 1300 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 98d9a2c | 2013-10-25 18:03:18 +0200 | [diff] [blame] | 1301 | #endif |
| 1302 | |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1303 | #if defined(PSA_WANT_ALG_SHA_384) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1304 | { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384", |
| 1305 | MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1306 | MBEDTLS_CIPHERSUITE_WEAK, |
| 1307 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1308 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1309 | #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ |
Paul Bakker | a1bf92d | 2013-04-19 19:48:45 +0200 | [diff] [blame] | 1310 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1311 | #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 1312 | #if defined(PSA_WANT_ALG_SHA_1) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1313 | { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA", |
| 1314 | MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1315 | MBEDTLS_CIPHERSUITE_WEAK, |
| 1316 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | 9fc5be0 | 2024-09-04 18:12:59 +0100 | [diff] [blame] | 1317 | #endif /* PSA_WANT_ALG_SHA_1 */ |
Manuel Pégourié-Gonnard | 225d6aa | 2013-10-11 19:07:56 +0200 | [diff] [blame] | 1318 | |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1319 | #if defined(PSA_WANT_ALG_SHA_256) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1320 | { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256", |
| 1321 | MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1322 | MBEDTLS_CIPHERSUITE_WEAK, |
| 1323 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Manuel Pégourié-Gonnard | 225d6aa | 2013-10-11 19:07:56 +0200 | [diff] [blame] | 1324 | #endif |
| 1325 | |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1326 | #if defined(PSA_WANT_ALG_SHA_384) |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1327 | { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384", |
| 1328 | MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1329 | MBEDTLS_CIPHERSUITE_WEAK, |
| 1330 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1331 | #endif /* PSA_WANT_ALG_SHA_384 */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1332 | #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1333 | #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ |
Paul Bakker | a1bf92d | 2013-04-19 19:48:45 +0200 | [diff] [blame] | 1334 | |
Elena Uziunaite | 51c85a0 | 2024-07-05 11:20:17 +0100 | [diff] [blame] | 1335 | #if defined(PSA_WANT_KEY_TYPE_ARIA) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1336 | |
| 1337 | #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) |
| 1338 | |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1339 | #if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_384)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1340 | { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1341 | "TLS-RSA-WITH-ARIA-256-GCM-SHA384", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1342 | MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1343 | 0, |
| 1344 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1345 | #endif |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1346 | #if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1347 | defined(PSA_WANT_ALG_SHA_384)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1348 | { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1349 | "TLS-RSA-WITH-ARIA-256-CBC-SHA384", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1350 | MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1351 | 0, |
| 1352 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1353 | #endif |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1354 | #if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_256)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1355 | { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1356 | "TLS-RSA-WITH-ARIA-128-GCM-SHA256", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1357 | MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1358 | 0, |
| 1359 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1360 | #endif |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1361 | #if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1362 | defined(PSA_WANT_ALG_SHA_256)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1363 | { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1364 | "TLS-RSA-WITH-ARIA-128-CBC-SHA256", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1365 | MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1366 | 0, |
| 1367 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1368 | #endif |
| 1369 | |
| 1370 | #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ |
| 1371 | |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1372 | #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) |
| 1373 | |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1374 | #if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_384)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1375 | { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1376 | "TLS-PSK-WITH-ARIA-256-GCM-SHA384", |
| 1377 | MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1378 | 0, |
| 1379 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1380 | #endif |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1381 | #if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1382 | defined(PSA_WANT_ALG_SHA_384)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1383 | { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1384 | "TLS-PSK-WITH-ARIA-256-CBC-SHA384", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1385 | MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1386 | 0, |
| 1387 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1388 | #endif |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1389 | #if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_256)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1390 | { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1391 | "TLS-PSK-WITH-ARIA-128-GCM-SHA256", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1392 | MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1393 | 0, |
| 1394 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1395 | #endif |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1396 | #if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1397 | defined(PSA_WANT_ALG_SHA_256)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1398 | { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1399 | "TLS-PSK-WITH-ARIA-128-CBC-SHA256", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1400 | MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1401 | 0, |
| 1402 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1403 | #endif |
| 1404 | |
| 1405 | #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ |
| 1406 | |
| 1407 | #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) |
| 1408 | |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1409 | #if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_384)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1410 | { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1411 | "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1412 | MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1413 | 0, |
| 1414 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1415 | #endif |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1416 | #if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1417 | defined(PSA_WANT_ALG_SHA_384)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1418 | { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1419 | "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1420 | MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1421 | 0, |
| 1422 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1423 | #endif |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1424 | #if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_256)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1425 | { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1426 | "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1427 | MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1428 | 0, |
| 1429 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1430 | #endif |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1431 | #if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1432 | defined(PSA_WANT_ALG_SHA_256)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1433 | { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1434 | "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1435 | MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1436 | 0, |
| 1437 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1438 | #endif |
| 1439 | |
| 1440 | #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ |
| 1441 | |
| 1442 | #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) |
| 1443 | |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1444 | #if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_384)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1445 | { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1446 | "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1447 | MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1448 | 0, |
| 1449 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1450 | #endif |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1451 | #if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1452 | defined(PSA_WANT_ALG_SHA_384)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1453 | { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1454 | "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1455 | MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1456 | 0, |
| 1457 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1458 | #endif |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1459 | #if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_256)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1460 | { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1461 | "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1462 | MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1463 | 0, |
| 1464 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1465 | #endif |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1466 | #if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1467 | defined(PSA_WANT_ALG_SHA_256)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1468 | { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1469 | "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1470 | MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1471 | 0, |
| 1472 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1473 | #endif |
| 1474 | |
| 1475 | #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ |
| 1476 | |
| 1477 | #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) |
| 1478 | |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1479 | #if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1480 | defined(PSA_WANT_ALG_SHA_384)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1481 | { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1482 | "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1483 | MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1484 | 0, |
| 1485 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1486 | #endif |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1487 | #if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1488 | defined(PSA_WANT_ALG_SHA_256)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1489 | { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1490 | "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1491 | MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1492 | 0, |
| 1493 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1494 | #endif |
| 1495 | |
| 1496 | #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ |
| 1497 | |
| 1498 | #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) |
| 1499 | |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1500 | #if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_384)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1501 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1502 | "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1503 | MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1504 | 0, |
| 1505 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1506 | #endif |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1507 | #if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1508 | defined(PSA_WANT_ALG_SHA_384)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1509 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1510 | "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1511 | MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1512 | 0, |
| 1513 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1514 | #endif |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1515 | #if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_256)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1516 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1517 | "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1518 | MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1519 | 0, |
| 1520 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1521 | #endif |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1522 | #if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1523 | defined(PSA_WANT_ALG_SHA_256)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1524 | { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1525 | "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1526 | MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1527 | 0, |
| 1528 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1529 | #endif |
| 1530 | |
| 1531 | #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ |
| 1532 | |
| 1533 | #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) |
| 1534 | |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1535 | #if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_384)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1536 | { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1537 | "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1538 | MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1539 | 0, |
| 1540 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1541 | #endif |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1542 | #if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1543 | defined(PSA_WANT_ALG_SHA_384)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1544 | { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1545 | "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1546 | MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1547 | 0, |
| 1548 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1549 | #endif |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1550 | #if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_256)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1551 | { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1552 | "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1553 | MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1554 | 0, |
| 1555 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1556 | #endif |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1557 | #if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1558 | defined(PSA_WANT_ALG_SHA_256)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1559 | { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1560 | "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1561 | MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1562 | 0, |
| 1563 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1564 | #endif |
| 1565 | |
| 1566 | #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ |
| 1567 | |
| 1568 | #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) |
| 1569 | |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1570 | #if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_384)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1571 | { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1572 | "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1573 | MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1574 | 0, |
| 1575 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1576 | #endif |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1577 | #if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1578 | defined(PSA_WANT_ALG_SHA_384)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1579 | { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1580 | "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1581 | MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1582 | 0, |
| 1583 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1584 | #endif |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1585 | #if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_256)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1586 | { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1587 | "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1588 | MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1589 | 0, |
| 1590 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1591 | #endif |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1592 | #if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1593 | defined(PSA_WANT_ALG_SHA_256)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1594 | { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1595 | "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1596 | MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1597 | 0, |
| 1598 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1599 | #endif |
| 1600 | |
| 1601 | #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ |
| 1602 | |
| 1603 | #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) |
| 1604 | |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1605 | #if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_384)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1606 | { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1607 | "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1608 | MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1609 | 0, |
| 1610 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1611 | #endif |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1612 | #if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ |
Elena Uziunaite | b476d4b | 2024-05-23 15:33:41 +0100 | [diff] [blame] | 1613 | defined(PSA_WANT_ALG_SHA_384)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1614 | { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1615 | "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1616 | MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1617 | 0, |
| 1618 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1619 | #endif |
Elena Uziunaite | 83a0d9d | 2024-07-05 11:41:22 +0100 | [diff] [blame] | 1620 | #if (defined(PSA_WANT_ALG_GCM) && defined(PSA_WANT_ALG_SHA_256)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1621 | { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1622 | "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1623 | MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1624 | 0, |
| 1625 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1626 | #endif |
Elena Uziunaite | 74342c7 | 2024-07-05 11:31:29 +0100 | [diff] [blame] | 1627 | #if (defined(PSA_WANT_ALG_CBC_NO_PADDING) && \ |
Elena Uziunaite | 0916cd7 | 2024-05-23 17:01:07 +0100 | [diff] [blame] | 1628 | defined(PSA_WANT_ALG_SHA_256)) |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1629 | { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1630 | "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256", |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1631 | MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1632 | 0, |
| 1633 | MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 }, |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1634 | #endif |
| 1635 | |
| 1636 | #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ |
| 1637 | |
Elena Uziunaite | 51c85a0 | 2024-07-05 11:20:17 +0100 | [diff] [blame] | 1638 | #endif /* PSA_WANT_KEY_TYPE_ARIA */ |
Markku-Juhani O. Saarinen | c06e101 | 2017-12-07 11:51:13 +0000 | [diff] [blame] | 1639 | |
| 1640 | |
Manuel Pégourié-Gonnard | a273371 | 2015-02-10 17:32:14 +0100 | [diff] [blame] | 1641 | { 0, "", |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1642 | MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE, |
Glenn Strauss | 60bfe60 | 2022-03-14 19:04:24 -0400 | [diff] [blame] | 1643 | 0, 0, 0 } |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1644 | }; |
| 1645 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1646 | #if defined(MBEDTLS_SSL_CIPHERSUITES) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1647 | const int *mbedtls_ssl_list_ciphersuites(void) |
Manuel Pégourié-Gonnard | dfc7df0 | 2014-06-30 17:59:55 +0200 | [diff] [blame] | 1648 | { |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1649 | return ciphersuite_preference; |
Manuel Pégourié-Gonnard | dfc7df0 | 2014-06-30 17:59:55 +0200 | [diff] [blame] | 1650 | } |
| 1651 | #else |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1652 | #define MAX_CIPHERSUITES sizeof(ciphersuite_definitions) / \ |
| 1653 | sizeof(ciphersuite_definitions[0]) |
Manuel Pégourié-Gonnard | 791684c | 2014-06-30 17:38:22 +0200 | [diff] [blame] | 1654 | static int supported_ciphersuites[MAX_CIPHERSUITES]; |
| 1655 | static int supported_init = 0; |
| 1656 | |
Manuel Pégourié-Gonnard | a3115dc | 2022-06-17 10:52:54 +0200 | [diff] [blame] | 1657 | MBEDTLS_CHECK_RETURN_CRITICAL |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1658 | static int ciphersuite_is_removed(const mbedtls_ssl_ciphersuite_t *cs_info) |
Andres Amaya Garcia | 4a51228 | 2018-10-30 18:21:41 +0000 | [diff] [blame] | 1659 | { |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1660 | (void) cs_info; |
Andres Amaya Garcia | 4a51228 | 2018-10-30 18:21:41 +0000 | [diff] [blame] | 1661 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1662 | return 0; |
Andres Amaya Garcia | 4a51228 | 2018-10-30 18:21:41 +0000 | [diff] [blame] | 1663 | } |
| 1664 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1665 | const int *mbedtls_ssl_list_ciphersuites(void) |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1666 | { |
Paul Bakker | 41c83d3 | 2013-03-20 14:39:14 +0100 | [diff] [blame] | 1667 | /* |
| 1668 | * On initial call filter out all ciphersuites not supported by current |
| 1669 | * build based on presence in the ciphersuite_definitions. |
| 1670 | */ |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1671 | if (supported_init == 0) { |
Manuel Pégourié-Gonnard | 791684c | 2014-06-30 17:38:22 +0200 | [diff] [blame] | 1672 | const int *p; |
| 1673 | int *q; |
Paul Bakker | 41c83d3 | 2013-03-20 14:39:14 +0100 | [diff] [blame] | 1674 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1675 | for (p = ciphersuite_preference, q = supported_ciphersuites; |
Manuel Pégourié-Gonnard | 791684c | 2014-06-30 17:38:22 +0200 | [diff] [blame] | 1676 | *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1; |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1677 | p++) { |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1678 | const mbedtls_ssl_ciphersuite_t *cs_info; |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1679 | if ((cs_info = mbedtls_ssl_ciphersuite_from_id(*p)) != NULL && |
| 1680 | !ciphersuite_is_removed(cs_info)) { |
Manuel Pégourié-Gonnard | 791684c | 2014-06-30 17:38:22 +0200 | [diff] [blame] | 1681 | *(q++) = *p; |
Andres Amaya Garcia | 4a51228 | 2018-10-30 18:21:41 +0000 | [diff] [blame] | 1682 | } |
Paul Bakker | 41c83d3 | 2013-03-20 14:39:14 +0100 | [diff] [blame] | 1683 | } |
Manuel Pégourié-Gonnard | bc4b7f0 | 2013-09-07 15:04:26 +0200 | [diff] [blame] | 1684 | *q = 0; |
Manuel Pégourié-Gonnard | 32ea60a | 2013-08-17 17:39:04 +0200 | [diff] [blame] | 1685 | |
Paul Bakker | 41c83d3 | 2013-03-20 14:39:14 +0100 | [diff] [blame] | 1686 | supported_init = 1; |
| 1687 | } |
| 1688 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1689 | return supported_ciphersuites; |
Manuel Pégourié-Gonnard | f78e4de | 2015-05-29 10:52:14 +0200 | [diff] [blame] | 1690 | } |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1691 | #endif /* MBEDTLS_SSL_CIPHERSUITES */ |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1692 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1693 | const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1694 | const char *ciphersuite_name) |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1695 | { |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1696 | const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1697 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1698 | if (NULL == ciphersuite_name) { |
| 1699 | return NULL; |
| 1700 | } |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1701 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1702 | while (cur->id != 0) { |
| 1703 | if (0 == strcmp(cur->name, ciphersuite_name)) { |
| 1704 | return cur; |
| 1705 | } |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1706 | |
| 1707 | cur++; |
| 1708 | } |
| 1709 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1710 | return NULL; |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1711 | } |
| 1712 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1713 | const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id(int ciphersuite) |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1714 | { |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1715 | const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1716 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1717 | while (cur->id != 0) { |
| 1718 | if (cur->id == ciphersuite) { |
| 1719 | return cur; |
| 1720 | } |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1721 | |
| 1722 | cur++; |
| 1723 | } |
| 1724 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1725 | return NULL; |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1726 | } |
| 1727 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1728 | const char *mbedtls_ssl_get_ciphersuite_name(const int ciphersuite_id) |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1729 | { |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1730 | const mbedtls_ssl_ciphersuite_t *cur; |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1731 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1732 | cur = mbedtls_ssl_ciphersuite_from_id(ciphersuite_id); |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1733 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1734 | if (cur == NULL) { |
| 1735 | return "unknown"; |
| 1736 | } |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1737 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1738 | return cur->name; |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1739 | } |
| 1740 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1741 | int mbedtls_ssl_get_ciphersuite_id(const char *ciphersuite_name) |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1742 | { |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1743 | const mbedtls_ssl_ciphersuite_t *cur; |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1744 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1745 | cur = mbedtls_ssl_ciphersuite_from_string(ciphersuite_name); |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1746 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1747 | if (cur == NULL) { |
| 1748 | return 0; |
| 1749 | } |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1750 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1751 | return cur->id; |
Paul Bakker | 68884e3 | 2013-01-07 18:20:04 +0100 | [diff] [blame] | 1752 | } |
| 1753 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1754 | size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen(const mbedtls_ssl_ciphersuite_t *info) |
Glenn Strauss | 8f52690 | 2022-01-13 00:04:49 -0500 | [diff] [blame] | 1755 | { |
Neil Armstrong | 801abb6 | 2022-05-04 17:38:10 +0200 | [diff] [blame] | 1756 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
| 1757 | psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; |
| 1758 | psa_key_type_t key_type; |
| 1759 | psa_algorithm_t alg; |
| 1760 | size_t key_bits; |
| 1761 | |
Dave Rodgman | 2eab462 | 2023-10-05 13:30:37 +0100 | [diff] [blame] | 1762 | status = mbedtls_ssl_cipher_to_psa((mbedtls_cipher_type_t) info->cipher, |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1763 | info->flags & MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16, |
| 1764 | &alg, &key_type, &key_bits); |
Neil Armstrong | 801abb6 | 2022-05-04 17:38:10 +0200 | [diff] [blame] | 1765 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1766 | if (status != PSA_SUCCESS) { |
Neil Armstrong | 801abb6 | 2022-05-04 17:38:10 +0200 | [diff] [blame] | 1767 | return 0; |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1768 | } |
Neil Armstrong | 801abb6 | 2022-05-04 17:38:10 +0200 | [diff] [blame] | 1769 | |
| 1770 | return key_bits; |
Neil Armstrong | 689557c | 2022-05-12 08:30:59 +0200 | [diff] [blame] | 1771 | #else |
Glenn Strauss | 8f52690 | 2022-01-13 00:04:49 -0500 | [diff] [blame] | 1772 | const mbedtls_cipher_info_t * const cipher_info = |
Agathiyan Bragadeesh | 8b52b88 | 2023-07-13 13:12:40 +0100 | [diff] [blame] | 1773 | mbedtls_cipher_info_from_type((mbedtls_cipher_type_t) info->cipher); |
Glenn Strauss | 8f52690 | 2022-01-13 00:04:49 -0500 | [diff] [blame] | 1774 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1775 | return mbedtls_cipher_info_get_key_bitlen(cipher_info); |
Neil Armstrong | 689557c | 2022-05-12 08:30:59 +0200 | [diff] [blame] | 1776 | #endif /* MBEDTLS_USE_PSA_CRYPTO */ |
Glenn Strauss | 8f52690 | 2022-01-13 00:04:49 -0500 | [diff] [blame] | 1777 | } |
| 1778 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1779 | #if defined(MBEDTLS_PK_C) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1780 | mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t *info) |
Manuel Pégourié-Gonnard | 09edda8 | 2013-08-19 13:50:33 +0200 | [diff] [blame] | 1781 | { |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1782 | switch (info->key_exchange) { |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1783 | case MBEDTLS_KEY_EXCHANGE_RSA: |
| 1784 | case MBEDTLS_KEY_EXCHANGE_DHE_RSA: |
| 1785 | case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: |
| 1786 | case MBEDTLS_KEY_EXCHANGE_RSA_PSK: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1787 | return MBEDTLS_PK_RSA; |
Manuel Pégourié-Gonnard | 09edda8 | 2013-08-19 13:50:33 +0200 | [diff] [blame] | 1788 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1789 | case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1790 | return MBEDTLS_PK_ECDSA; |
Manuel Pégourié-Gonnard | 09edda8 | 2013-08-19 13:50:33 +0200 | [diff] [blame] | 1791 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1792 | case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: |
| 1793 | case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1794 | return MBEDTLS_PK_ECKEY; |
Manuel Pégourié-Gonnard | 25781b2 | 2013-12-11 16:17:10 +0100 | [diff] [blame] | 1795 | |
Manuel Pégourié-Gonnard | 09edda8 | 2013-08-19 13:50:33 +0200 | [diff] [blame] | 1796 | default: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1797 | return MBEDTLS_PK_NONE; |
Manuel Pégourié-Gonnard | 09edda8 | 2013-08-19 13:50:33 +0200 | [diff] [blame] | 1798 | } |
| 1799 | } |
Hanno Becker | 7e5437a | 2017-04-28 17:15:26 +0100 | [diff] [blame] | 1800 | |
Neil Armstrong | 0c9c10a | 2022-05-12 14:15:06 +0200 | [diff] [blame] | 1801 | #if defined(MBEDTLS_USE_PSA_CRYPTO) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1802 | psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg(const mbedtls_ssl_ciphersuite_t *info) |
Neil Armstrong | 0c9c10a | 2022-05-12 14:15:06 +0200 | [diff] [blame] | 1803 | { |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1804 | switch (info->key_exchange) { |
Neil Armstrong | 0c9c10a | 2022-05-12 14:15:06 +0200 | [diff] [blame] | 1805 | case MBEDTLS_KEY_EXCHANGE_RSA: |
| 1806 | case MBEDTLS_KEY_EXCHANGE_RSA_PSK: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1807 | return PSA_ALG_RSA_PKCS1V15_CRYPT; |
Neil Armstrong | 0c9c10a | 2022-05-12 14:15:06 +0200 | [diff] [blame] | 1808 | case MBEDTLS_KEY_EXCHANGE_DHE_RSA: |
| 1809 | case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1810 | return PSA_ALG_RSA_PKCS1V15_SIGN( |
Dave Rodgman | 2eab462 | 2023-10-05 13:30:37 +0100 | [diff] [blame] | 1811 | mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) info->mac)); |
Neil Armstrong | 0c9c10a | 2022-05-12 14:15:06 +0200 | [diff] [blame] | 1812 | |
| 1813 | case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: |
Dave Rodgman | 2eab462 | 2023-10-05 13:30:37 +0100 | [diff] [blame] | 1814 | return PSA_ALG_ECDSA(mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) info->mac)); |
Neil Armstrong | 0c9c10a | 2022-05-12 14:15:06 +0200 | [diff] [blame] | 1815 | |
| 1816 | case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: |
| 1817 | case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1818 | return PSA_ALG_ECDH; |
Neil Armstrong | 0c9c10a | 2022-05-12 14:15:06 +0200 | [diff] [blame] | 1819 | |
| 1820 | default: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1821 | return PSA_ALG_NONE; |
Neil Armstrong | 0c9c10a | 2022-05-12 14:15:06 +0200 | [diff] [blame] | 1822 | } |
| 1823 | } |
| 1824 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1825 | psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage(const mbedtls_ssl_ciphersuite_t *info) |
Neil Armstrong | 0c9c10a | 2022-05-12 14:15:06 +0200 | [diff] [blame] | 1826 | { |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1827 | switch (info->key_exchange) { |
Neil Armstrong | 0c9c10a | 2022-05-12 14:15:06 +0200 | [diff] [blame] | 1828 | case MBEDTLS_KEY_EXCHANGE_RSA: |
| 1829 | case MBEDTLS_KEY_EXCHANGE_RSA_PSK: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1830 | return PSA_KEY_USAGE_DECRYPT; |
Neil Armstrong | 0c9c10a | 2022-05-12 14:15:06 +0200 | [diff] [blame] | 1831 | case MBEDTLS_KEY_EXCHANGE_DHE_RSA: |
| 1832 | case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: |
| 1833 | case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1834 | return PSA_KEY_USAGE_SIGN_HASH; |
Neil Armstrong | 0c9c10a | 2022-05-12 14:15:06 +0200 | [diff] [blame] | 1835 | |
| 1836 | case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: |
| 1837 | case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1838 | return PSA_KEY_USAGE_DERIVE; |
Neil Armstrong | 0c9c10a | 2022-05-12 14:15:06 +0200 | [diff] [blame] | 1839 | |
| 1840 | default: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1841 | return 0; |
Neil Armstrong | 0c9c10a | 2022-05-12 14:15:06 +0200 | [diff] [blame] | 1842 | } |
| 1843 | } |
| 1844 | #endif /* MBEDTLS_USE_PSA_CRYPTO */ |
| 1845 | |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1846 | mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t *info) |
Hanno Becker | 7e5437a | 2017-04-28 17:15:26 +0100 | [diff] [blame] | 1847 | { |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1848 | switch (info->key_exchange) { |
Hanno Becker | 7e5437a | 2017-04-28 17:15:26 +0100 | [diff] [blame] | 1849 | case MBEDTLS_KEY_EXCHANGE_DHE_RSA: |
| 1850 | case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1851 | return MBEDTLS_PK_RSA; |
Hanno Becker | 7e5437a | 2017-04-28 17:15:26 +0100 | [diff] [blame] | 1852 | |
| 1853 | case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1854 | return MBEDTLS_PK_ECDSA; |
Hanno Becker | 7e5437a | 2017-04-28 17:15:26 +0100 | [diff] [blame] | 1855 | |
| 1856 | default: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1857 | return MBEDTLS_PK_NONE; |
Hanno Becker | 7e5437a | 2017-04-28 17:15:26 +0100 | [diff] [blame] | 1858 | } |
| 1859 | } |
Hanno Becker | d300a57 | 2017-06-20 14:31:29 +0100 | [diff] [blame] | 1860 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1861 | #endif /* MBEDTLS_PK_C */ |
Manuel Pégourié-Gonnard | 09edda8 | 2013-08-19 13:50:33 +0200 | [diff] [blame] | 1862 | |
Valerio Setti | 7aeec54 | 2023-07-05 18:57:21 +0200 | [diff] [blame] | 1863 | #if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED) || \ |
Valerio Setti | e9646ec | 2023-08-02 20:02:28 +0200 | [diff] [blame] | 1864 | defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) || \ |
Ron Eldor | 755bb6a | 2018-02-14 19:30:48 +0200 | [diff] [blame] | 1865 | defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1866 | int mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t *info) |
Hanno Becker | d300a57 | 2017-06-20 14:31:29 +0100 | [diff] [blame] | 1867 | { |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1868 | switch (info->key_exchange) { |
Hanno Becker | d300a57 | 2017-06-20 14:31:29 +0100 | [diff] [blame] | 1869 | case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: |
| 1870 | case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: |
| 1871 | case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: |
| 1872 | case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: |
| 1873 | case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: |
Ron Eldor | 755bb6a | 2018-02-14 19:30:48 +0200 | [diff] [blame] | 1874 | case MBEDTLS_KEY_EXCHANGE_ECJPAKE: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1875 | return 1; |
Hanno Becker | d300a57 | 2017-06-20 14:31:29 +0100 | [diff] [blame] | 1876 | |
| 1877 | default: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1878 | return 0; |
Hanno Becker | d300a57 | 2017-06-20 14:31:29 +0100 | [diff] [blame] | 1879 | } |
| 1880 | } |
Valerio Setti | 7aeec54 | 2023-07-05 18:57:21 +0200 | [diff] [blame] | 1881 | #endif /* MBEDTLS_KEY_EXCHANGE_SOME_ECDH_OR_ECDHE_1_2_ENABLED || |
Valerio Setti | e9646ec | 2023-08-02 20:02:28 +0200 | [diff] [blame] | 1882 | * MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED || |
Valerio Setti | 45d56f3 | 2023-07-13 17:23:20 +0200 | [diff] [blame] | 1883 | * MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/ |
Hanno Becker | d300a57 | 2017-06-20 14:31:29 +0100 | [diff] [blame] | 1884 | |
Gilles Peskine | eccd888 | 2020-03-10 12:19:08 +0100 | [diff] [blame] | 1885 | #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1886 | int mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info) |
Hanno Becker | d300a57 | 2017-06-20 14:31:29 +0100 | [diff] [blame] | 1887 | { |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1888 | switch (info->key_exchange) { |
Hanno Becker | d300a57 | 2017-06-20 14:31:29 +0100 | [diff] [blame] | 1889 | case MBEDTLS_KEY_EXCHANGE_PSK: |
| 1890 | case MBEDTLS_KEY_EXCHANGE_RSA_PSK: |
| 1891 | case MBEDTLS_KEY_EXCHANGE_DHE_PSK: |
| 1892 | case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1893 | return 1; |
Hanno Becker | d300a57 | 2017-06-20 14:31:29 +0100 | [diff] [blame] | 1894 | |
| 1895 | default: |
Gilles Peskine | 449bd83 | 2023-01-11 14:50:10 +0100 | [diff] [blame] | 1896 | return 0; |
Hanno Becker | d300a57 | 2017-06-20 14:31:29 +0100 | [diff] [blame] | 1897 | } |
| 1898 | } |
Gilles Peskine | eccd888 | 2020-03-10 12:19:08 +0100 | [diff] [blame] | 1899 | #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ |
Hanno Becker | d300a57 | 2017-06-20 14:31:29 +0100 | [diff] [blame] | 1900 | |
Manuel Pégourié-Gonnard | 2cf5a7c | 2015-04-08 12:49:31 +0200 | [diff] [blame] | 1901 | #endif /* MBEDTLS_SSL_TLS_C */ |