TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / cccb04480410a3aebf1f4b8a6e6d8e6f621356e8 / . / library / ssl_ciphersuites.c
blob: ebfcb88725d440a93e240b3abd25d34c176d4b00 [file] [log] [blame]
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1/**
2 * \file ssl_ciphersuites.c
3 *
Manuel Pégourié-Gonnardb4fe3cb2015-01-22 16:11:05 +0000[diff] [blame]4 * \brief SSL ciphersuites for mbed TLS
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]5 *
Bence Szépkúti1e148272020-08-07 13:07:28 +0200[diff] [blame]6 * Copyright The Mbed TLS Contributors
Manuel Pégourié-Gonnard37ff1402015-09-04 14:21:07 +0200[diff] [blame]7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]20 */
21
Gilles Peskinedb09ef62020-06-03 01:43:33 +0200[diff] [blame]22#include "common.h"
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]23
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]24#if defined(MBEDTLS_SSL_TLS_C)
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]25
SimonBd5800b72016-04-26 07:43:27 +0100[diff] [blame]26#if defined(MBEDTLS_PLATFORM_C)
27#include "mbedtls/platform.h"
28#else
29#include <stdlib.h>
SimonBd5800b72016-04-26 07:43:27 +0100[diff] [blame]30#endif
31
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000[diff] [blame]32#include "mbedtls/ssl_ciphersuites.h"
33#include "mbedtls/ssl.h"
Manuel Pégourié-Gonnardcac90a12021-06-04 11:42:30 +0200[diff] [blame]34#include "ssl_misc.h"
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]35
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]36#if defined(MBEDTLS_USE_PSA_CRYPTO)
37#include "psa/crypto.h"
38#endif
39#include "legacy_or_psa.h"
40
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]41#include <string.h>
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]42
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]43/*
44 * Ordered from most preferred to least preferred in terms of security.
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]45 *
TRodziewicz75628d52021-06-18 12:56:27 +0200[diff] [blame]46 * Current rule (except weak and null which come last):
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]47 * 1. By key exchange:
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]48 * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]49 * 2. By key length and cipher:
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]50 * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128
Manuel Pégourié-Gonnard42b53742014-06-19 16:18:26 +0200[diff] [blame]51 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
Manuel Pégourié-Gonnard6768da92014-05-14 12:26:51 +0200[diff] [blame]52 * 4. By hash function used when relevant
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]53 * 5. By key exchange/auth again: EC > non-EC
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]54 */
55static const int ciphersuite_preference[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]56{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]57#if defined(MBEDTLS_SSL_CIPHERSUITES)
58 MBEDTLS_SSL_CIPHERSUITES,
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]59#else
Ronald Cron6f135e12021-12-08 16:57:54 +0100[diff] [blame]60#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]61 /* TLS 1.3 ciphersuites */
62 MBEDTLS_TLS1_3_AES_128_GCM_SHA256,
63 MBEDTLS_TLS1_3_AES_256_GCM_SHA384,
64 MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256,
65 MBEDTLS_TLS1_3_AES_128_CCM_SHA256,
66 MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256,
Ronald Cron6f135e12021-12-08 16:57:54 +0100[diff] [blame]67#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]68
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]69 /* Chacha-Poly ephemeral suites */
70 MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
71 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
72 MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
73
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]74 /* All AES-256 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]75 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
76 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
77 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
78 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
79 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
80 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
81 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
82 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
83 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
84 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
85 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
86 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
87 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]88
89 /* All CAMELLIA-256 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]90 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
91 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
92 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
93 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
94 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
95 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
96 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]97
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]98 /* All ARIA-256 ephemeral suites */
99 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
100 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
101 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
102 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
103 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
104 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
105
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]106 /* All AES-128 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]107 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
108 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
109 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
110 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
111 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
112 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
113 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
114 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
115 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
116 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
117 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
118 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
119 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]120
121 /* All CAMELLIA-128 ephemeral suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]122 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
123 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
124 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
125 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
126 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
127 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
128 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]129
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]130 /* All ARIA-128 ephemeral suites */
131 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
132 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
133 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
134 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
135 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
136 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
137
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]138 /* The PSK ephemeral suites */
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]139 MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
140 MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]141 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
142 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
143 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
144 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
145 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
146 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
147 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
148 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
149 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
150 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]151 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
152 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
153 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]154
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]155 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
156 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM,
157 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
158 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
159 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
160 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
161 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
162 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
163 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
164 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]165 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
166 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
167 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]168
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]169 /* The ECJPAKE suite */
170 MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
171
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]172 /* All AES-256 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]173 MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
174 MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
175 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
176 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
177 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
178 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
179 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
180 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
181 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
182 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
183 MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]184
185 /* All CAMELLIA-256 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]186 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
187 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
188 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
189 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
190 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
191 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
192 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]193
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]194 /* All ARIA-256 suites */
195 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
196 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
197 MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
198 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
199 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
200 MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
201
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]202 /* All AES-128 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]203 MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
204 MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
205 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
206 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
207 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
208 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
209 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
210 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
211 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
212 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
213 MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]214
215 /* All CAMELLIA-128 suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]216 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
217 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
218 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
219 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
220 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
221 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
222 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]223
Manuel Pégourié-Gonnardaf37f0f2018-02-20 11:03:40 +0100[diff] [blame]224 /* All ARIA-128 suites */
225 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
226 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
227 MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
228 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
229 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
230 MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
231
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]232 /* The RSA PSK suites */
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]233 MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]234 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
235 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
236 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
237 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
238 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]239 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
240 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]241
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]242 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
243 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
244 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
245 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
246 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]247 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
248 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]249
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]250 /* The PSK suites */
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]251 MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]252 MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
253 MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
254 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
255 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
256 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
257 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
258 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]259 MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
260 MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]261
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]262 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
263 MBEDTLS_TLS_PSK_WITH_AES_128_CCM,
264 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
265 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
266 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
267 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
268 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8,
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]269 MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
270 MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]271
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]272 /* NULL suites */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]273 MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
274 MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
275 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
276 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
277 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
278 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
279 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
280 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
Manuel Pégourié-Gonnard6fb0f742013-10-25 17:08:15 +0200[diff] [blame]281
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]282 MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
283 MBEDTLS_TLS_RSA_WITH_NULL_SHA,
284 MBEDTLS_TLS_RSA_WITH_NULL_MD5,
285 MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
286 MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
287 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
288 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
289 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
290 MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
291 MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
292 MBEDTLS_TLS_PSK_WITH_NULL_SHA,
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]293
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]294#endif /* MBEDTLS_SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]295 0
296};
297
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]298static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]299{
Ronald Cron6f135e12021-12-08 16:57:54 +0100[diff] [blame]300#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]301#if defined(MBEDTLS_AES_C)
302#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]303#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]304 { MBEDTLS_TLS1_3_AES_256_GCM_SHA384, "TLS1-3-AES-256-GCM-SHA384",
305 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384,
306 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]307 0,
308 MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]309#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]310#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]311 { MBEDTLS_TLS1_3_AES_128_GCM_SHA256, "TLS1-3-AES-128-GCM-SHA256",
312 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256,
313 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]314 0,
315 MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]316#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]317#endif /* MBEDTLS_GCM_C */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]318#if defined(MBEDTLS_CCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]319 { MBEDTLS_TLS1_3_AES_128_CCM_SHA256, "TLS1-3-AES-128-CCM-SHA256",
320 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256,
321 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]322 0,
323 MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]324 { MBEDTLS_TLS1_3_AES_128_CCM_8_SHA256, "TLS1-3-AES-128-CCM-8-SHA256",
325 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256,
326 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]327 MBEDTLS_CIPHERSUITE_SHORT_TAG,
328 MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]329#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA && MBEDTLS_CCM_C */
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]330#endif /* MBEDTLS_AES_C */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]331#if defined(MBEDTLS_CHACHAPOLY_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]332 { MBEDTLS_TLS1_3_CHACHA20_POLY1305_SHA256,
333 "TLS1-3-CHACHA20-POLY1305-SHA256",
334 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
335 MBEDTLS_KEY_EXCHANGE_NONE, /* Key exchange not part of ciphersuite in TLS 1.3 */
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]336 0,
337 MBEDTLS_SSL_VERSION_TLS1_3, MBEDTLS_SSL_VERSION_TLS1_3 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]338#endif /* MBEDTLS_CHACHAPOLY_C && MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Ronald Cron6f135e12021-12-08 16:57:54 +0100[diff] [blame]339#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
Hanno Becker8ca26922021-07-23 19:24:23 +0100[diff] [blame]340
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]341#if defined(MBEDTLS_CHACHAPOLY_C) && \
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]342 defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]343 defined(MBEDTLS_SSL_PROTO_TLS1_2)
344#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
345 { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
346 "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
347 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
348 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]349 0,
350 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]351#endif
352#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
353 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
354 "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256",
355 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
356 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]357 0,
358 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]359#endif
360#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
361 { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
362 "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
363 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
364 MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]365 0,
366 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]367#endif
368#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
369 { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
370 "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256",
371 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
372 MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]373 0,
374 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]375#endif
376#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
377 { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
378 "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
379 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
380 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]381 0,
382 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]383#endif
384#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
385 { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
386 "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
387 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
388 MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]389 0,
390 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]391#endif
392#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
393 { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
394 "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256",
395 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
396 MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]397 0,
398 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]399#endif
400#endif /* MBEDTLS_CHACHAPOLY_C &&
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]401 MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA &&
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +0200[diff] [blame]402 MBEDTLS_SSL_PROTO_TLS1_2 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]403#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
404#if defined(MBEDTLS_AES_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]405#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]406#if defined(MBEDTLS_CIPHER_MODE_CBC)
407 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
408 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]409 0,
410 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]411 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
412 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]413 0,
414 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]415#endif /* MBEDTLS_CIPHER_MODE_CBC */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]416#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]417#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]418#if defined(MBEDTLS_CIPHER_MODE_CBC)
419 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
420 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]421 0,
422 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]423#endif /* MBEDTLS_CIPHER_MODE_CBC */
424#if defined(MBEDTLS_GCM_C)
425 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
426 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]427 0,
428 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]429#endif /* MBEDTLS_GCM_C */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]430#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]431#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]432#if defined(MBEDTLS_CIPHER_MODE_CBC)
433 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
434 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]435 0,
436 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]437#endif /* MBEDTLS_CIPHER_MODE_CBC */
438#if defined(MBEDTLS_GCM_C)
439 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
440 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]441 0,
442 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]443#endif /* MBEDTLS_GCM_C */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]444#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]445#if defined(MBEDTLS_CCM_C)
446 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
447 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]448 0,
449 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]450 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
451 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]452 MBEDTLS_CIPHERSUITE_SHORT_TAG,
453 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]454 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
455 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]456 0,
457 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]458 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
459 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]460 MBEDTLS_CIPHERSUITE_SHORT_TAG,
461 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]462#endif /* MBEDTLS_CCM_C */
463#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]464
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]465#if defined(MBEDTLS_CAMELLIA_C)
466#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]467#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]468 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
469 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]470 0,
471 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]472#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]473#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]474 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
475 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]476 0,
477 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]478#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]479#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]480
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]481#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]482#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]483 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
484 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]485 0,
486 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]487#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]488#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]489 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
490 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]491 0,
492 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]493#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]494#endif /* MBEDTLS_GCM_C */
495#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]496
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]497#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]498#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]499 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
500 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]501 MBEDTLS_CIPHERSUITE_WEAK,
502 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]503#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]504#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
505#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]506
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]507#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
508#if defined(MBEDTLS_AES_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]509#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]510#if defined(MBEDTLS_CIPHER_MODE_CBC)
511 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
512 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]513 0,
514 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]515 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
516 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]517 0,
518 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]519#endif /* MBEDTLS_CIPHER_MODE_CBC */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]520#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]521#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]522#if defined(MBEDTLS_CIPHER_MODE_CBC)
523 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
524 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]525 0,
526 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]527#endif /* MBEDTLS_CIPHER_MODE_CBC */
528#if defined(MBEDTLS_GCM_C)
529 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
530 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]531 0,
532 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]533#endif /* MBEDTLS_GCM_C */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]534#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]535#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]536#if defined(MBEDTLS_CIPHER_MODE_CBC)
537 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
538 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]539 0,
540 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]541#endif /* MBEDTLS_CIPHER_MODE_CBC */
542#if defined(MBEDTLS_GCM_C)
543 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
544 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]545 0,
546 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]547#endif /* MBEDTLS_GCM_C */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]548#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]549#endif /* MBEDTLS_AES_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]550
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]551#if defined(MBEDTLS_CAMELLIA_C)
552#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]553#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]554 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
555 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]556 0,
557 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]558#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]559#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]560 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
561 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]562 0,
563 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]564#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]565#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]566
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]567#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]568#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]569 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
570 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]571 0,
572 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]573#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]574#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]575 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
576 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]577 0,
578 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]579#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]580#endif /* MBEDTLS_GCM_C */
581#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker27714b12013-04-07 23:07:12 +0200[diff] [blame]582
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]583#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]584#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]585 { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
586 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]587 MBEDTLS_CIPHERSUITE_WEAK,
588 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]589#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]590#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
591#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]592
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]593#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
594#if defined(MBEDTLS_AES_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]595#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]596 defined(MBEDTLS_GCM_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]597 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
598 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]599 0,
600 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]601#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA && MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]602
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]603#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]604#if defined(MBEDTLS_GCM_C)
605 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
606 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]607 0,
608 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]609#endif /* MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]610
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]611#if defined(MBEDTLS_CIPHER_MODE_CBC)
612 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
613 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]614 0,
615 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]616
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]617 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
618 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]619 0,
620 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]621#endif /* MBEDTLS_CIPHER_MODE_CBC */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]622#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]623
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]624#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]625#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]626 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
627 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]628 0,
629 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]630
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]631 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
632 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]633 0,
634 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]635#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]636#endif /* MBEDTLS_CIPHER_MODE_CBC */
637#if defined(MBEDTLS_CCM_C)
638 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
639 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]640 0,
641 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]642 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
643 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]644 MBEDTLS_CIPHERSUITE_SHORT_TAG,
645 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]646 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
647 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]648 0,
649 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]650 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
651 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]652 MBEDTLS_CIPHERSUITE_SHORT_TAG,
653 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]654#endif /* MBEDTLS_CCM_C */
655#endif /* MBEDTLS_AES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]656
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]657#if defined(MBEDTLS_CAMELLIA_C)
658#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]659#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]660 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
661 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]662 0,
663 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]664
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]665 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
666 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]667 0,
668 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]669#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]670
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]671#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]672 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
673 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]674 0,
675 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]676
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]677 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
678 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]679 0,
680 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]681#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]682#endif /* MBEDTLS_CIPHER_MODE_CBC */
683#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]684#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]685 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
686 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]687 0,
688 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]689#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]690
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]691#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]692 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
693 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]694 0,
695 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]696#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]697#endif /* MBEDTLS_GCM_C */
698#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]699
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]700#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]701
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]702#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
703#if defined(MBEDTLS_AES_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]704#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \
Mateusz Starzyk3352a532021-04-06 14:28:22 +0200[diff] [blame]705 defined(MBEDTLS_GCM_C)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]706 { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
707 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]708 0,
709 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]710#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA && MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]711
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]712#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]713#if defined(MBEDTLS_GCM_C)
714 { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
715 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]716 0,
717 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]718#endif /* MBEDTLS_GCM_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]719
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]720#if defined(MBEDTLS_CIPHER_MODE_CBC)
721 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
722 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]723 0,
724 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]725
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]726 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
727 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]728 0,
729 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]730#endif /* MBEDTLS_CIPHER_MODE_CBC */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]731#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]732
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]733#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]734#if defined(MBEDTLS_CIPHER_MODE_CBC)
735 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
736 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]737 0,
738 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]739
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]740 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
741 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]742 0,
743 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]744#endif /* MBEDTLS_CIPHER_MODE_CBC */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]745#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]746#if defined(MBEDTLS_CCM_C)
747 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
748 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]749 0,
750 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]751 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
752 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]753 MBEDTLS_CIPHERSUITE_SHORT_TAG,
754 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]755 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
756 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]757 0,
758 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]759 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
760 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]761 MBEDTLS_CIPHERSUITE_SHORT_TAG,
762 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]763#endif /* MBEDTLS_CCM_C */
764#endif /* MBEDTLS_AES_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]765
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]766#if defined(MBEDTLS_CAMELLIA_C)
767#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]768#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]769 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
770 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]771 0,
772 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]773
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]774 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
775 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]776 0,
777 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]778#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]779
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]780#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]781 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
782 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]783 0,
784 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]785
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]786 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
787 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]788 0,
789 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]790#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]791#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]792
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]793#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]794#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]795 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
796 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]797 0,
798 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]799#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]800
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]801#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]802 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
803 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]804 0,
805 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]806#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]807#endif /* MBEDTLS_GCM_C */
808#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]809
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]810#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]811
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]812#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
813#if defined(MBEDTLS_AES_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]814#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]815#if defined(MBEDTLS_CIPHER_MODE_CBC)
816 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
817 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]818 0,
819 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]820 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
821 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]822 0,
823 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]824#endif /* MBEDTLS_CIPHER_MODE_CBC */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]825#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]826#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]827#if defined(MBEDTLS_CIPHER_MODE_CBC)
828 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
829 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]830 0,
831 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]832#endif /* MBEDTLS_CIPHER_MODE_CBC */
833#if defined(MBEDTLS_GCM_C)
834 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
835 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]836 0,
837 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]838#endif /* MBEDTLS_GCM_C */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]839#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]840#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]841#if defined(MBEDTLS_CIPHER_MODE_CBC)
842 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
843 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]844 0,
845 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]846#endif /* MBEDTLS_CIPHER_MODE_CBC */
847#if defined(MBEDTLS_GCM_C)
848 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
849 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]850 0,
851 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]852#endif /* MBEDTLS_GCM_C */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]853#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]854#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]855
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]856#if defined(MBEDTLS_CAMELLIA_C)
857#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]858#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]859 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
860 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]861 0,
862 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]863#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]864#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]865 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
866 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]867 0,
868 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]869#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]870#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]871
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]872#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]873#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]874 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
875 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]876 0,
877 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]878#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]879#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]880 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
881 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]882 0,
883 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]884#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]885#endif /* MBEDTLS_GCM_C */
886#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]887
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]888#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]889#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]890 { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
891 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]892 MBEDTLS_CIPHERSUITE_WEAK,
893 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]894#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]895#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
896#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]897
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]898#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
899#if defined(MBEDTLS_AES_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]900#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]901#if defined(MBEDTLS_CIPHER_MODE_CBC)
902 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
903 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]904 0,
905 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]906 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
907 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]908 0,
909 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]910#endif /* MBEDTLS_CIPHER_MODE_CBC */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]911#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]912#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]913#if defined(MBEDTLS_CIPHER_MODE_CBC)
914 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
915 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]916 0,
917 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]918#endif /* MBEDTLS_CIPHER_MODE_CBC */
919#if defined(MBEDTLS_GCM_C)
920 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
921 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]922 0,
923 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]924#endif /* MBEDTLS_GCM_C */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]925#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]926#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]927#if defined(MBEDTLS_CIPHER_MODE_CBC)
928 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
929 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]930 0,
931 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]932#endif /* MBEDTLS_CIPHER_MODE_CBC */
933#if defined(MBEDTLS_GCM_C)
934 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
935 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]936 0,
937 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]938#endif /* MBEDTLS_GCM_C */
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]939#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]940#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]941
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]942#if defined(MBEDTLS_CAMELLIA_C)
943#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]944#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]945 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
946 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]947 0,
948 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]949#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]950#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]951 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
952 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]953 0,
954 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]955#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]956#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]957
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]958#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]959#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]960 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
961 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]962 0,
963 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]964#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]965#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]966 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
967 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]968 0,
969 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]970#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]971#endif /* MBEDTLS_GCM_C */
972#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]973
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]974#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]975#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]976 { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
977 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]978 MBEDTLS_CIPHERSUITE_WEAK,
979 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]980#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]981#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
982#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]983
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]984#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
985#if defined(MBEDTLS_AES_C)
986#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]987#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]988 { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
989 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]990 0,
991 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]992#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]993
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]994#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]995 { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
996 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]997 0,
998 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]999#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1000#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1001
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1002#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1003#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1004 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1005 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1006 0,
1007 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1008#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1009
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1010#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1011 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1012 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1013 0,
1014 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1015#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1016
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1017#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1018 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1019 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1020 0,
1021 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1022
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1023 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1024 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1025 0,
1026 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1027#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1028#endif /* MBEDTLS_CIPHER_MODE_CBC */
1029#if defined(MBEDTLS_CCM_C)
1030 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
1031 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1032 0,
1033 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1034 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
1035 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1036 MBEDTLS_CIPHERSUITE_SHORT_TAG,
1037 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1038 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
1039 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1040 0,
1041 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1042 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
1043 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1044 MBEDTLS_CIPHERSUITE_SHORT_TAG,
1045 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1046#endif /* MBEDTLS_CCM_C */
1047#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1048
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1049#if defined(MBEDTLS_CAMELLIA_C)
1050#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1051#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1052 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1053 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1054 0,
1055 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1056#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1057
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1058#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1059 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1060 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1061 0,
1062 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1063#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1064#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1065
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1066#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1067#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1068 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1069 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1070 0,
1071 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1072#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1073
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1074#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1075 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1076 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1077 0,
1078 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1079#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1080#endif /* MBEDTLS_GCM_C */
1081#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1082
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1083#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1084
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1085#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1086#if defined(MBEDTLS_AES_C)
1087#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1088#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1089 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1090 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1091 0,
1092 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1093#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1094
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1095#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1096 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1097 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1098 0,
1099 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1100#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1101#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1102
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1103#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1104#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1105 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1106 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1107 0,
1108 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1109#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1110
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1111#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1112 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1113 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1114 0,
1115 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1116#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1117
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1118#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1119 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1120 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1121 0,
1122 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1123
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1124 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1125 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1126 0,
1127 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1128#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1129#endif /* MBEDTLS_CIPHER_MODE_CBC */
1130#if defined(MBEDTLS_CCM_C)
1131 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
1132 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1133 0,
1134 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1135 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1136 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1137 MBEDTLS_CIPHERSUITE_SHORT_TAG,
1138 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1139 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
1140 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1141 0,
1142 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1143 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1144 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1145 MBEDTLS_CIPHERSUITE_SHORT_TAG,
1146 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1147#endif /* MBEDTLS_CCM_C */
1148#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1149
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1150#if defined(MBEDTLS_CAMELLIA_C)
1151#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1152#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1153 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1154 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1155 0,
1156 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1157#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1158
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1159#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1160 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1161 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1162 0,
1163 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1164#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1165#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1166
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1167#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1168#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1169 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1170 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1171 0,
1172 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1173#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1174
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1175#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1176 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1177 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1178 0,
1179 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1180#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1181#endif /* MBEDTLS_GCM_C */
1182#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1183
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1184#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1185
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1186#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1187#if defined(MBEDTLS_AES_C)
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1188
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1189#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1190#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1191 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1192 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1193 0,
1194 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1195#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1196
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1197#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1198 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1199 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1200 0,
1201 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1202#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1203
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1204#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1205 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1206 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1207 0,
1208 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1209
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1210 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1211 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1212 0,
1213 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1214#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1215#endif /* MBEDTLS_CIPHER_MODE_CBC */
1216#endif /* MBEDTLS_AES_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1217
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1218#if defined(MBEDTLS_CAMELLIA_C)
1219#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1220#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1221 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1222 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1223 0,
1224 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1225#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1226
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1227#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1228 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1229 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1230 0,
1231 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1232#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1233#endif /* MBEDTLS_CIPHER_MODE_CBC */
1234#endif /* MBEDTLS_CAMELLIA_C */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1235
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1236#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1237
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1238#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1239#if defined(MBEDTLS_AES_C)
1240#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1241#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1242 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1243 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1244 0,
1245 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1246#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1247
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1248#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1249 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1250 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1251 0,
1252 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1253#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1254#endif /* MBEDTLS_GCM_C */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1255
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1256#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1257#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1258 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1259 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1260 0,
1261 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1262#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1263
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1264#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1265 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1266 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1267 0,
1268 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1269#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker40afb4b2013-04-19 22:03:30 +0200[diff] [blame]1270
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1271#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1272 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1273 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1274 0,
1275 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1276
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1277 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1278 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1279 0,
1280 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1281#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1282#endif /* MBEDTLS_CIPHER_MODE_CBC */
1283#endif /* MBEDTLS_AES_C */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1284
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1285#if defined(MBEDTLS_CAMELLIA_C)
1286#if defined(MBEDTLS_CIPHER_MODE_CBC)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1287#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1288 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1289 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1290 0,
1291 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1292#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1293
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1294#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1295 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1296 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1297 0,
1298 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1299#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1300#endif /* MBEDTLS_CIPHER_MODE_CBC */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1301
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1302#if defined(MBEDTLS_GCM_C)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1303#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1304 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1305 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1306 0,
1307 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1308#endif /* MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard8d01eea2013-10-24 19:49:07 +0200[diff] [blame]1309
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1310#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1311 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1312 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1313 0,
1314 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1315#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1316#endif /* MBEDTLS_GCM_C */
1317#endif /* MBEDTLS_CAMELLIA_C */
Paul Bakker0f2f0bf2013-07-26 15:03:31 +0200[diff] [blame]1318
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1319#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
Paul Bakkerd4a56ec2013-04-16 18:05:29 +0200[diff] [blame]1320
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]1321#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1322#if defined(MBEDTLS_AES_C)
1323#if defined(MBEDTLS_CCM_C)
1324 { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8",
1325 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1326 MBEDTLS_CIPHERSUITE_SHORT_TAG,
1327 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard538cb7b2015-09-15 18:03:28 +0200[diff] [blame]1328#endif /* MBEDTLS_CCM_C */
1329#endif /* MBEDTLS_AES_C */
1330#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1331
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1332#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1333#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1334#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1335 { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1336 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1337 MBEDTLS_CIPHERSUITE_WEAK,
1338 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1339#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1340
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1341#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1342 { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1343 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1344 MBEDTLS_CIPHERSUITE_WEAK,
1345 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1346#endif
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1347
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1348#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1349 { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1350 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1351 MBEDTLS_CIPHERSUITE_WEAK,
1352 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard057e0cf2013-10-14 14:19:31 +0200[diff] [blame]1353#endif
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1354#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1355
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1356#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1357#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1358 { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1359 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1360 MBEDTLS_CIPHERSUITE_WEAK,
1361 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1362#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1363
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1364#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1365 { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1366 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1367 MBEDTLS_CIPHERSUITE_WEAK,
1368 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1369#endif
1370
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1371#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1372 { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1373 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1374 MBEDTLS_CIPHERSUITE_WEAK,
1375 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1376#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1377#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1378
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1379#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1380#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1381 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1382 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1383 MBEDTLS_CIPHERSUITE_WEAK,
1384 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1385#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1386
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1387#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1388 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1389 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1390 MBEDTLS_CIPHERSUITE_WEAK,
1391 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1392#endif
1393
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1394#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1395 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1396 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1397 MBEDTLS_CIPHERSUITE_WEAK,
1398 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1399#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1400#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1401
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1402#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1403#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1404 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1405 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1406 MBEDTLS_CIPHERSUITE_WEAK,
1407 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1408#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1409
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1410#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1411 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1412 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1413 MBEDTLS_CIPHERSUITE_WEAK,
1414 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1415#endif
1416
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1417#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1418 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1419 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1420 MBEDTLS_CIPHERSUITE_WEAK,
1421 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1422#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1423#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
Manuel Pégourié-Gonnard225d6aa2013-10-11 19:07:56 +0200[diff] [blame]1424
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1425#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1426#if defined(MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1427 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1428 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1429 MBEDTLS_CIPHERSUITE_WEAK,
1430 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1431#endif /* MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1432
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1433#if defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1434 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
1435 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1436 MBEDTLS_CIPHERSUITE_WEAK,
1437 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Manuel Pégourié-Gonnard98d9a2c2013-10-25 18:03:18 +0200[diff] [blame]1438#endif
Manuel Pégourié-Gonnardef0eb1e2013-10-14 19:29:19 +0200[diff] [blame]1439
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1440#if defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA)
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1441 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
1442 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1443 MBEDTLS_CIPHERSUITE_WEAK,
1444 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Andrzej Kurekcccb0442022-08-19 03:42:11 -0400[diff] [blame^]1445#endif /* MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1446#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1447#endif /* MBEDTLS_CIPHER_NULL_CIPHER */
Paul Bakkera1bf92d2013-04-19 19:48:45 +0200[diff] [blame]1448
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1449#if defined(MBEDTLS_ARIA_C)
1450
1451#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1452
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1453#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1454 { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
1455 "TLS-RSA-WITH-ARIA-256-GCM-SHA384",
1456 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1457 0,
1458 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1459#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1460#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1461 { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
1462 "TLS-RSA-WITH-ARIA-256-CBC-SHA384",
1463 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1464 0,
1465 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1466#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1467#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1468 { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
1469 "TLS-RSA-WITH-ARIA-128-GCM-SHA256",
1470 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1471 0,
1472 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1473#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1474#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1475 { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
1476 "TLS-RSA-WITH-ARIA-128-CBC-SHA256",
1477 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1478 0,
1479 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1480#endif
1481
1482#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1483
1484#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1485
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1486#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1487 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
1488 "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
1489 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1490 0,
1491 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1492#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1493#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1494 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
1495 "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
1496 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1497 0,
1498 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1499#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1500#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1501 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
1502 "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256",
1503 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1504 0,
1505 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1506#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1507#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1508 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
1509 "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
1510 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1511 0,
1512 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1513#endif
1514
1515#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1516
1517#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1518
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1519#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1520 { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
1521 "TLS-PSK-WITH-ARIA-256-GCM-SHA384",
1522 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1523 0,
1524 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1525#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1526#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1527 { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
1528 "TLS-PSK-WITH-ARIA-256-CBC-SHA384",
1529 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1530 0,
1531 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1532#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1533#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1534 { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
1535 "TLS-PSK-WITH-ARIA-128-GCM-SHA256",
1536 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1537 0,
1538 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1539#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1540#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1541 { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
1542 "TLS-PSK-WITH-ARIA-128-CBC-SHA256",
1543 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1544 0,
1545 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1546#endif
1547
1548#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1549
1550#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
1551
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1552#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1553 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
1554 "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384",
1555 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1556 0,
1557 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1558#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1559#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1560 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
1561 "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
1562 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1563 0,
1564 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1565#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1566#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1567 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
1568 "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256",
1569 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1570 0,
1571 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1572#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1573#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1574 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
1575 "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256",
1576 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1577 0,
1578 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1579#endif
1580
1581#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
1582
1583#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
1584
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1585#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1586 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
1587 "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
1588 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1589 0,
1590 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1591#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1592#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1593 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
1594 "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
1595 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1596 0,
1597 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1598#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1599#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1600 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
1601 "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
1602 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1603 0,
1604 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1605#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1606#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1607 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
1608 "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256",
1609 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1610 0,
1611 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1612#endif
1613
1614#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
1615
1616#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1617
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1618#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1619 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
1620 "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
1621 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1622 0,
1623 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1624#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1625#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1626 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
1627 "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256",
1628 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1629 0,
1630 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1631#endif
1632
1633#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1634
1635#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
1636
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1637#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1638 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
1639 "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
1640 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1641 0,
1642 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1643#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1644#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1645 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
1646 "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
1647 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1648 0,
1649 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1650#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1651#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1652 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
1653 "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
1654 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1655 0,
1656 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1657#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1658#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1659 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
1660 "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256",
1661 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1662 0,
1663 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1664#endif
1665
1666#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
1667
1668#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
1669
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1670#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1671 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
1672 "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384",
1673 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1674 0,
1675 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1676#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1677#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1678 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
1679 "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
1680 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1681 0,
1682 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1683#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1684#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1685 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
1686 "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256",
1687 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1688 0,
1689 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1690#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1691#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1692 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
1693 "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256",
1694 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1695 0,
1696 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1697#endif
1698
1699#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
1700
1701#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
1702
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1703#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1704 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
1705 "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
1706 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1707 0,
1708 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1709#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1710#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1711 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
1712 "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
1713 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1714 0,
1715 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1716#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1717#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1718 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
1719 "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
1720 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1721 0,
1722 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1723#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1724#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1725 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
1726 "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256",
1727 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1728 0,
1729 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1730#endif
1731
1732#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
1733
1734#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1735
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1736#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1737 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
1738 "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
1739 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1740 0,
1741 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1742#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1743#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1744 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
1745 "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
1746 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1747 0,
1748 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1749#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1750#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1751 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
1752 "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
1753 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1754 0,
1755 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1756#endif
Andrzej Kurek25f27152022-08-17 16:09:31 -0400[diff] [blame]1757#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA))
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1758 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
1759 "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256",
1760 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1761 0,
1762 MBEDTLS_SSL_VERSION_TLS1_2, MBEDTLS_SSL_VERSION_TLS1_2 },
Markku-Juhani O. Saarinenc06e1012017-12-07 11:51:13 +0000[diff] [blame]1763#endif
1764
1765#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1766
1767#endif /* MBEDTLS_ARIA_C */
1768
1769
Manuel Pégourié-Gonnarda2733712015-02-10 17:32:14 +0100[diff] [blame]1770 { 0, "",
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1771 MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
Glenn Strauss60bfe602022-03-14 19:04:24 -0400[diff] [blame]1772 0, 0, 0 }
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1773};
1774
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1775#if defined(MBEDTLS_SSL_CIPHERSUITES)
1776const int *mbedtls_ssl_list_ciphersuites( void )
Manuel Pégourié-Gonnarddfc7df02014-06-30 17:59:55 +0200[diff] [blame]1777{
1778 return( ciphersuite_preference );
1779}
1780#else
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1781#define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
1782 sizeof( ciphersuite_definitions[0] )
1783static int supported_ciphersuites[MAX_CIPHERSUITES];
1784static int supported_init = 0;
1785
Manuel Pégourié-Gonnarda3115dc2022-06-17 10:52:54 +0200[diff] [blame]1786MBEDTLS_CHECK_RETURN_CRITICAL
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]1787static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info )
1788{
1789 (void)cs_info;
1790
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]1791 return( 0 );
1792}
1793
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1794const int *mbedtls_ssl_list_ciphersuites( void )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1795{
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1796 /*
1797 * On initial call filter out all ciphersuites not supported by current
1798 * build based on presence in the ciphersuite_definitions.
1799 */
1800 if( supported_init == 0 )
1801 {
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1802 const int *p;
1803 int *q;
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1804
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1805 for( p = ciphersuite_preference, q = supported_ciphersuites;
1806 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
1807 p++ )
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1808 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1809 const mbedtls_ssl_ciphersuite_t *cs_info;
1810 if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]1811 !ciphersuite_is_removed( cs_info ) )
1812 {
Manuel Pégourié-Gonnard791684c2014-06-30 17:38:22 +0200[diff] [blame]1813 *(q++) = *p;
Andres Amaya Garcia4a512282018-10-30 18:21:41 +0000[diff] [blame]1814 }
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1815 }
Manuel Pégourié-Gonnardbc4b7f02013-09-07 15:04:26 +0200[diff] [blame]1816 *q = 0;
Manuel Pégourié-Gonnard32ea60a2013-08-17 17:39:04 +0200[diff] [blame]1817
Paul Bakker41c83d32013-03-20 14:39:14 +0100[diff] [blame]1818 supported_init = 1;
1819 }
1820
Paul Bakkerd8bb8262014-06-17 14:06:49 +0200[diff] [blame]1821 return( supported_ciphersuites );
Manuel Pégourié-Gonnardf78e4de2015-05-29 10:52:14 +0200[diff] [blame]1822}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1823#endif /* MBEDTLS_SSL_CIPHERSUITES */
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1824
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1825const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
Paul Bakkerb9e4e2c2014-05-01 14:18:25 +0200[diff] [blame]1826 const char *ciphersuite_name )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1827{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1828 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1829
1830 if( NULL == ciphersuite_name )
1831 return( NULL );
1832
1833 while( cur->id != 0 )
1834 {
Manuel Pégourié-Gonnardcb46fd82015-05-28 17:06:07 +0200[diff] [blame]1835 if( 0 == strcmp( cur->name, ciphersuite_name ) )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1836 return( cur );
1837
1838 cur++;
1839 }
1840
1841 return( NULL );
1842}
1843
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1844const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1845{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1846 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1847
1848 while( cur->id != 0 )
1849 {
1850 if( cur->id == ciphersuite )
1851 return( cur );
1852
1853 cur++;
1854 }
1855
1856 return( NULL );
1857}
1858
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1859const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1860{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1861 const mbedtls_ssl_ciphersuite_t *cur;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1862
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1863 cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1864
1865 if( cur == NULL )
1866 return( "unknown" );
1867
1868 return( cur->name );
1869}
1870
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1871int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1872{
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1873 const mbedtls_ssl_ciphersuite_t *cur;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1874
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1875 cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name );
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]1876
1877 if( cur == NULL )
1878 return( 0 );
1879
1880 return( cur->id );
1881}
1882
Glenn Strauss8f526902022-01-13 00:04:49 -0500[diff] [blame]1883size_t mbedtls_ssl_ciphersuite_get_cipher_key_bitlen( const mbedtls_ssl_ciphersuite_t *info )
1884{
Neil Armstrong801abb62022-05-04 17:38:10 +0200[diff] [blame]1885#if defined(MBEDTLS_USE_PSA_CRYPTO)
1886 psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
1887 psa_key_type_t key_type;
1888 psa_algorithm_t alg;
1889 size_t key_bits;
1890
1891 status = mbedtls_ssl_cipher_to_psa( info->cipher,
1892 info->flags & MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16,
1893 &alg, &key_type, &key_bits );
1894
1895 if( status != PSA_SUCCESS )
1896 return 0;
1897
1898 return key_bits;
Neil Armstrong689557c2022-05-12 08:30:59 +0200[diff] [blame]1899#else
Glenn Strauss8f526902022-01-13 00:04:49 -0500[diff] [blame]1900 const mbedtls_cipher_info_t * const cipher_info =
1901 mbedtls_cipher_info_from_type( info->cipher );
1902
1903 return( mbedtls_cipher_info_get_key_bitlen( cipher_info ) );
Neil Armstrong689557c2022-05-12 08:30:59 +0200[diff] [blame]1904#endif /* MBEDTLS_USE_PSA_CRYPTO */
Glenn Strauss8f526902022-01-13 00:04:49 -0500[diff] [blame]1905}
1906
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1907#if defined(MBEDTLS_PK_C)
1908mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info )
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1909{
1910 switch( info->key_exchange )
1911 {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1912 case MBEDTLS_KEY_EXCHANGE_RSA:
1913 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1914 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1915 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1916 return( MBEDTLS_PK_RSA );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1917
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1918 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1919 return( MBEDTLS_PK_ECDSA );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1920
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1921 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1922 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
1923 return( MBEDTLS_PK_ECKEY );
Manuel Pégourié-Gonnard25781b22013-12-11 16:17:10 +0100[diff] [blame]1924
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1925 default:
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1926 return( MBEDTLS_PK_NONE );
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1927 }
1928}
Hanno Becker7e5437a2017-04-28 17:15:26 +0100[diff] [blame]1929
Neil Armstrong0c9c10a2022-05-12 14:15:06 +0200[diff] [blame]1930#if defined(MBEDTLS_USE_PSA_CRYPTO)
Neil Armstrong9f4606e2022-06-24 15:00:50 +0200[diff] [blame]1931psa_algorithm_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_alg( const mbedtls_ssl_ciphersuite_t *info )
Neil Armstrong0c9c10a2022-05-12 14:15:06 +0200[diff] [blame]1932{
1933 switch( info->key_exchange )
1934 {
1935 case MBEDTLS_KEY_EXCHANGE_RSA:
1936 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1937 return( PSA_ALG_RSA_PKCS1V15_CRYPT );
1938 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1939 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1940 return( PSA_ALG_RSA_PKCS1V15_SIGN(
Manuel Pégourié-Gonnardabac0372022-07-18 13:41:11 +0200[diff] [blame]1941 mbedtls_hash_info_psa_from_md( info->mac ) ) );
Neil Armstrong0c9c10a2022-05-12 14:15:06 +0200[diff] [blame]1942
1943 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
Manuel Pégourié-Gonnardabac0372022-07-18 13:41:11 +0200[diff] [blame]1944 return( PSA_ALG_ECDSA( mbedtls_hash_info_psa_from_md( info->mac ) ) );
Neil Armstrong0c9c10a2022-05-12 14:15:06 +0200[diff] [blame]1945
1946 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1947 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
1948 return( PSA_ALG_ECDH );
1949
1950 default:
1951 return( PSA_ALG_NONE );
1952 }
1953}
1954
Neil Armstrong9f4606e2022-06-24 15:00:50 +0200[diff] [blame]1955psa_key_usage_t mbedtls_ssl_get_ciphersuite_sig_pk_psa_usage( const mbedtls_ssl_ciphersuite_t *info )
Neil Armstrong0c9c10a2022-05-12 14:15:06 +0200[diff] [blame]1956{
1957 switch( info->key_exchange )
1958 {
1959 case MBEDTLS_KEY_EXCHANGE_RSA:
1960 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1961 return( PSA_KEY_USAGE_DECRYPT );
1962 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1963 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1964 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1965 return( PSA_KEY_USAGE_SIGN_HASH );
1966
1967 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1968 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
1969 return( PSA_KEY_USAGE_DERIVE );
1970
1971 default:
1972 return( 0 );
1973 }
1974}
1975#endif /* MBEDTLS_USE_PSA_CRYPTO */
1976
Hanno Becker7e5437a2017-04-28 17:15:26 +0100[diff] [blame]1977mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info )
1978{
1979 switch( info->key_exchange )
1980 {
Hanno Becker7e5437a2017-04-28 17:15:26 +0100[diff] [blame]1981 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1982 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1983 return( MBEDTLS_PK_RSA );
1984
1985 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1986 return( MBEDTLS_PK_ECDSA );
1987
1988 default:
1989 return( MBEDTLS_PK_NONE );
1990 }
1991}
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]1992
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]1993#endif /* MBEDTLS_PK_C */
Manuel Pégourié-Gonnard09edda82013-08-19 13:50:33 +0200[diff] [blame]1994
Ron Eldor755bb6a2018-02-14 19:30:48 +0200[diff] [blame]1995#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
1996 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]1997int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
1998{
1999 switch( info->key_exchange )
2000 {
2001 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2002 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2003 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2004 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2005 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
Ron Eldor755bb6a2018-02-14 19:30:48 +0200[diff] [blame]2006 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2007 return( 1 );
2008
2009 default:
2010 return( 0 );
2011 }
2012}
Ron Eldor755bb6a2018-02-14 19:30:48 +0200[diff] [blame]2013#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2014
Gilles Peskineeccd8882020-03-10 12:19:08 +0100[diff] [blame]2015#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2016int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info )
2017{
2018 switch( info->key_exchange )
2019 {
2020 case MBEDTLS_KEY_EXCHANGE_PSK:
2021 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2022 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
2023 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2024 return( 1 );
2025
2026 default:
2027 return( 0 );
2028 }
2029}
Gilles Peskineeccd8882020-03-10 12:19:08 +0100[diff] [blame]2030#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
Hanno Beckerd300a572017-06-20 14:31:29 +0100[diff] [blame]2031
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]2032#endif /* MBEDTLS_SSL_TLS_C */