1 /** 2 * \file ssl_ciphersuites.c 3 * 4 * \brief SSL ciphersuites for mbed TLS 5 * 6 * Copyright The Mbed TLS Contributors 7 * SPDX-License-Identifier: Apache-2.0 8 * 9 * Licensed under the Apache License, Version 2.0 (the "License"); you may 10 * not use this file except in compliance with the License. 11 * You may obtain a copy of the License at 12 * 13 * http://www.apache.org/licenses/LICENSE-2.0 14 * 15 * Unless required by applicable law or agreed to in writing, software 16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 18 * See the License for the specific language governing permissions and 19 * limitations under the License. 20 */ 21 22 #include "common.h" 23 24 #if defined(MBEDTLS_SSL_TLS_C) 25 26 #if defined(MBEDTLS_PLATFORM_C) 27 #include "mbedtls/platform.h" 28 #else 29 #include <stdlib.h> 30 #endif 31 32 #include "mbedtls/ssl_ciphersuites.h" 33 #include "mbedtls/ssl.h" 34 35 #include <string.h> 36 37 #undef HAVE_SHA384 38 #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) 39 #define HAVE_SHA384 40 #endif 41 42 /* 43 * Ordered from most preferred to least preferred in terms of security. 44 * 45 * Current rule (except RC4 and 3DES, weak and null which come last): 46 * 1. By key exchange: 47 * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK 48 * 2. By key length and cipher: 49 * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128 50 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8 51 * 4. By hash function used when relevant 52 * 5. By key exchange/auth again: EC > non-EC 53 */ 54 static const int ciphersuite_preference[] = 55 { 56 #if defined(MBEDTLS_SSL_CIPHERSUITES) 57 MBEDTLS_SSL_CIPHERSUITES, 58 #else 59 /* Chacha-Poly ephemeral suites */ 60 MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, 61 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, 62 MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, 63 64 /* All AES-256 ephemeral suites */ 65 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 66 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 67 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, 68 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, 69 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, 70 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, 71 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, 72 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, 73 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 74 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 75 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, 76 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, 77 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, 78 79 /* All CAMELLIA-256 ephemeral suites */ 80 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, 81 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, 82 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, 83 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, 84 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, 85 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, 86 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 87 88 /* All ARIA-256 ephemeral suites */ 89 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, 90 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, 91 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, 92 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, 93 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, 94 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, 95 96 /* All AES-128 ephemeral suites */ 97 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 98 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 99 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, 100 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, 101 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, 102 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 103 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 104 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, 105 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 106 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 107 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, 108 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, 109 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, 110 111 /* All CAMELLIA-128 ephemeral suites */ 112 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, 113 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, 114 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, 115 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, 116 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, 117 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, 118 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 119 120 /* All ARIA-128 ephemeral suites */ 121 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, 122 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, 123 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, 124 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, 125 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, 126 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, 127 128 /* The PSK ephemeral suites */ 129 MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, 130 MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256, 131 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, 132 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, 133 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, 134 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, 135 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, 136 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, 137 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, 138 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 139 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 140 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, 141 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, 142 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, 143 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, 144 145 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, 146 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, 147 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 148 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, 149 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, 150 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, 151 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, 152 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 153 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 154 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, 155 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, 156 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, 157 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, 158 159 /* The ECJPAKE suite */ 160 MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, 161 162 /* All AES-256 suites */ 163 MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, 164 MBEDTLS_TLS_RSA_WITH_AES_256_CCM, 165 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, 166 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, 167 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, 168 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, 169 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, 170 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 171 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, 172 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 173 MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, 174 175 /* All CAMELLIA-256 suites */ 176 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, 177 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, 178 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, 179 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, 180 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, 181 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, 182 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, 183 184 /* All ARIA-256 suites */ 185 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, 186 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, 187 MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, 188 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, 189 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, 190 MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, 191 192 /* All AES-128 suites */ 193 MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, 194 MBEDTLS_TLS_RSA_WITH_AES_128_CCM, 195 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, 196 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, 197 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, 198 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, 199 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, 200 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 201 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, 202 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 203 MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, 204 205 /* All CAMELLIA-128 suites */ 206 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, 207 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, 208 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, 209 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, 210 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, 211 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, 212 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, 213 214 /* All ARIA-128 suites */ 215 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, 216 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, 217 MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256, 218 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, 219 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, 220 MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256, 221 222 /* The RSA PSK suites */ 223 MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256, 224 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, 225 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, 226 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, 227 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, 228 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, 229 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, 230 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, 231 232 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, 233 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, 234 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, 235 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, 236 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, 237 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, 238 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, 239 240 /* The PSK suites */ 241 MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256, 242 MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, 243 MBEDTLS_TLS_PSK_WITH_AES_256_CCM, 244 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, 245 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, 246 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, 247 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, 248 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, 249 MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, 250 MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, 251 252 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, 253 MBEDTLS_TLS_PSK_WITH_AES_128_CCM, 254 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, 255 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, 256 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, 257 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, 258 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, 259 MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, 260 MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, 261 262 /* 3DES suites */ 263 MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, 264 MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 265 MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, 266 MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, 267 MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, 268 MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, 269 MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, 270 MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, 271 MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, 272 MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, 273 274 /* RC4 suites */ 275 MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, 276 MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, 277 MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, 278 MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, 279 MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, 280 MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, 281 MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, 282 MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, 283 MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, 284 MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, 285 286 /* Weak suites */ 287 MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, 288 MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, 289 290 /* NULL suites */ 291 MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, 292 MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, 293 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, 294 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, 295 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, 296 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, 297 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, 298 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, 299 300 MBEDTLS_TLS_RSA_WITH_NULL_SHA256, 301 MBEDTLS_TLS_RSA_WITH_NULL_SHA, 302 MBEDTLS_TLS_RSA_WITH_NULL_MD5, 303 MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, 304 MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, 305 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, 306 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, 307 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, 308 MBEDTLS_TLS_PSK_WITH_NULL_SHA384, 309 MBEDTLS_TLS_PSK_WITH_NULL_SHA256, 310 MBEDTLS_TLS_PSK_WITH_NULL_SHA, 311 312 #endif /* MBEDTLS_SSL_CIPHERSUITES */ 313 0 314 }; 315 316 static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 317 { 318 #if defined(MBEDTLS_CHACHAPOLY_C) && \ 319 defined(MBEDTLS_SHA256_C) && \ 320 defined(MBEDTLS_SSL_PROTO_TLS1_2) 321 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) 322 { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, 323 "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256", 324 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 325 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 326 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 327 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 328 0 }, 329 #endif 330 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) 331 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, 332 "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256", 333 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 334 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 335 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 336 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 337 0 }, 338 #endif 339 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) 340 { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, 341 "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256", 342 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 343 MBEDTLS_KEY_EXCHANGE_DHE_RSA, 344 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 345 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 346 0 }, 347 #endif 348 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) 349 { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256, 350 "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256", 351 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 352 MBEDTLS_KEY_EXCHANGE_PSK, 353 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 354 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 355 0 }, 356 #endif 357 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) 358 { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, 359 "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256", 360 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 361 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 362 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 363 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 364 0 }, 365 #endif 366 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) 367 { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256, 368 "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256", 369 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 370 MBEDTLS_KEY_EXCHANGE_DHE_PSK, 371 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 372 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 373 0 }, 374 #endif 375 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) 376 { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256, 377 "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256", 378 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 379 MBEDTLS_KEY_EXCHANGE_RSA_PSK, 380 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 381 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 382 0 }, 383 #endif 384 #endif /* MBEDTLS_CHACHAPOLY_C && 385 MBEDTLS_SHA256_C && 386 MBEDTLS_SSL_PROTO_TLS1_2 */ 387 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) 388 #if defined(MBEDTLS_AES_C) 389 #if defined(MBEDTLS_SHA1_C) 390 #if defined(MBEDTLS_CIPHER_MODE_CBC) 391 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA", 392 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 393 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 394 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 395 0 }, 396 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA", 397 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 398 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 399 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 400 0 }, 401 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 402 #endif /* MBEDTLS_SHA1_C */ 403 #if defined(MBEDTLS_SHA256_C) 404 #if defined(MBEDTLS_CIPHER_MODE_CBC) 405 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256", 406 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 407 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 408 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 409 0 }, 410 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 411 #if defined(MBEDTLS_GCM_C) 412 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256", 413 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 414 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 415 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 416 0 }, 417 #endif /* MBEDTLS_GCM_C */ 418 #endif /* MBEDTLS_SHA256_C */ 419 #if defined(HAVE_SHA384) 420 #if defined(MBEDTLS_CIPHER_MODE_CBC) 421 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384", 422 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 423 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 424 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 425 0 }, 426 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 427 #if defined(MBEDTLS_GCM_C) 428 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", 429 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 430 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 431 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 432 0 }, 433 #endif /* MBEDTLS_GCM_C */ 434 #endif /* HAVE_SHA384 */ 435 #if defined(MBEDTLS_CCM_C) 436 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM", 437 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 438 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 439 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 440 0 }, 441 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8", 442 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 443 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 444 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 445 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 446 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM", 447 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 448 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 449 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 450 0 }, 451 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8", 452 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 453 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 454 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 455 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 456 #endif /* MBEDTLS_CCM_C */ 457 #endif /* MBEDTLS_AES_C */ 458 459 #if defined(MBEDTLS_CAMELLIA_C) 460 #if defined(MBEDTLS_CIPHER_MODE_CBC) 461 #if defined(MBEDTLS_SHA256_C) 462 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", 463 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 464 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 465 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 466 0 }, 467 #endif /* MBEDTLS_SHA256_C */ 468 #if defined(HAVE_SHA384) 469 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", 470 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 471 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 472 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 473 0 }, 474 #endif /* HAVE_SHA384 */ 475 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 476 477 #if defined(MBEDTLS_GCM_C) 478 #if defined(MBEDTLS_SHA256_C) 479 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", 480 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 481 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 482 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 483 0 }, 484 #endif /* MBEDTLS_SHA256_C */ 485 #if defined(HAVE_SHA384) 486 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", 487 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 488 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 489 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 490 0 }, 491 #endif /* HAVE_SHA384 */ 492 #endif /* MBEDTLS_GCM_C */ 493 #endif /* MBEDTLS_CAMELLIA_C */ 494 495 #if defined(MBEDTLS_DES_C) 496 #if defined(MBEDTLS_CIPHER_MODE_CBC) 497 #if defined(MBEDTLS_SHA1_C) 498 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA", 499 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 500 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 501 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 502 0 }, 503 #endif /* MBEDTLS_SHA1_C */ 504 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 505 #endif /* MBEDTLS_DES_C */ 506 507 #if defined(MBEDTLS_ARC4_C) 508 #if defined(MBEDTLS_SHA1_C) 509 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA", 510 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 511 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 512 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 513 MBEDTLS_CIPHERSUITE_NODTLS }, 514 #endif /* MBEDTLS_SHA1_C */ 515 #endif /* MBEDTLS_ARC4_C */ 516 517 #if defined(MBEDTLS_CIPHER_NULL_CIPHER) 518 #if defined(MBEDTLS_SHA1_C) 519 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA", 520 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 521 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 522 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 523 MBEDTLS_CIPHERSUITE_WEAK }, 524 #endif /* MBEDTLS_SHA1_C */ 525 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ 526 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ 527 528 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) 529 #if defined(MBEDTLS_AES_C) 530 #if defined(MBEDTLS_SHA1_C) 531 #if defined(MBEDTLS_CIPHER_MODE_CBC) 532 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA", 533 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 534 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 535 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 536 0 }, 537 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA", 538 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 539 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 540 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 541 0 }, 542 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 543 #endif /* MBEDTLS_SHA1_C */ 544 #if defined(MBEDTLS_SHA256_C) 545 #if defined(MBEDTLS_CIPHER_MODE_CBC) 546 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256", 547 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 548 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 549 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 550 0 }, 551 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 552 #if defined(MBEDTLS_GCM_C) 553 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256", 554 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 555 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 556 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 557 0 }, 558 #endif /* MBEDTLS_GCM_C */ 559 #endif /* MBEDTLS_SHA256_C */ 560 #if defined(HAVE_SHA384) 561 #if defined(MBEDTLS_CIPHER_MODE_CBC) 562 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384", 563 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 564 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 565 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 566 0 }, 567 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 568 #if defined(MBEDTLS_GCM_C) 569 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384", 570 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 571 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 572 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 573 0 }, 574 #endif /* MBEDTLS_GCM_C */ 575 #endif /* HAVE_SHA384 */ 576 #endif /* MBEDTLS_AES_C */ 577 578 #if defined(MBEDTLS_CAMELLIA_C) 579 #if defined(MBEDTLS_CIPHER_MODE_CBC) 580 #if defined(MBEDTLS_SHA256_C) 581 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", 582 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 583 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 584 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 585 0 }, 586 #endif /* MBEDTLS_SHA256_C */ 587 #if defined(HAVE_SHA384) 588 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384", 589 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 590 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 591 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 592 0 }, 593 #endif /* HAVE_SHA384 */ 594 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 595 596 #if defined(MBEDTLS_GCM_C) 597 #if defined(MBEDTLS_SHA256_C) 598 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", 599 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 600 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 601 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 602 0 }, 603 #endif /* MBEDTLS_SHA256_C */ 604 #if defined(HAVE_SHA384) 605 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", 606 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 607 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 608 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 609 0 }, 610 #endif /* HAVE_SHA384 */ 611 #endif /* MBEDTLS_GCM_C */ 612 #endif /* MBEDTLS_CAMELLIA_C */ 613 614 #if defined(MBEDTLS_DES_C) 615 #if defined(MBEDTLS_CIPHER_MODE_CBC) 616 #if defined(MBEDTLS_SHA1_C) 617 { MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA", 618 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 619 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 620 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 621 0 }, 622 #endif /* MBEDTLS_SHA1_C */ 623 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 624 #endif /* MBEDTLS_DES_C */ 625 626 #if defined(MBEDTLS_ARC4_C) 627 #if defined(MBEDTLS_SHA1_C) 628 { MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA", 629 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 630 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 631 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 632 MBEDTLS_CIPHERSUITE_NODTLS }, 633 #endif /* MBEDTLS_SHA1_C */ 634 #endif /* MBEDTLS_ARC4_C */ 635 636 #if defined(MBEDTLS_CIPHER_NULL_CIPHER) 637 #if defined(MBEDTLS_SHA1_C) 638 { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA", 639 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 640 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 641 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 642 MBEDTLS_CIPHERSUITE_WEAK }, 643 #endif /* MBEDTLS_SHA1_C */ 644 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ 645 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ 646 647 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) 648 #if defined(MBEDTLS_AES_C) 649 #if defined(HAVE_SHA384) && defined(MBEDTLS_GCM_C) 650 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384", 651 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 652 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 653 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 654 0 }, 655 #endif /* HAVE_SHA384 && MBEDTLS_GCM_C */ 656 657 #if defined(MBEDTLS_SHA256_C) 658 #if defined(MBEDTLS_GCM_C) 659 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256", 660 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 661 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 662 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 663 0 }, 664 #endif /* MBEDTLS_GCM_C */ 665 666 #if defined(MBEDTLS_CIPHER_MODE_CBC) 667 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256", 668 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 669 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 670 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 671 0 }, 672 673 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256", 674 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 675 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 676 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 677 0 }, 678 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 679 #endif /* MBEDTLS_SHA256_C */ 680 681 #if defined(MBEDTLS_CIPHER_MODE_CBC) 682 #if defined(MBEDTLS_SHA1_C) 683 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA", 684 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 685 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 686 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 687 0 }, 688 689 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA", 690 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 691 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 692 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 693 0 }, 694 #endif /* MBEDTLS_SHA1_C */ 695 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 696 #if defined(MBEDTLS_CCM_C) 697 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM", 698 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 699 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 700 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 701 0 }, 702 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8", 703 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 704 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 705 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 706 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 707 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM", 708 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 709 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 710 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 711 0 }, 712 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8", 713 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 714 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 715 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 716 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 717 #endif /* MBEDTLS_CCM_C */ 718 #endif /* MBEDTLS_AES_C */ 719 720 #if defined(MBEDTLS_CAMELLIA_C) 721 #if defined(MBEDTLS_CIPHER_MODE_CBC) 722 #if defined(MBEDTLS_SHA256_C) 723 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", 724 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 725 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 726 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 727 0 }, 728 729 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256", 730 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 731 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 732 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 733 0 }, 734 #endif /* MBEDTLS_SHA256_C */ 735 736 #if defined(MBEDTLS_SHA1_C) 737 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA", 738 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 739 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 740 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 741 0 }, 742 743 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA", 744 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 745 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 746 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 747 0 }, 748 #endif /* MBEDTLS_SHA1_C */ 749 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 750 #if defined(MBEDTLS_GCM_C) 751 #if defined(MBEDTLS_SHA256_C) 752 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", 753 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 754 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 755 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 756 0 }, 757 #endif /* MBEDTLS_SHA256_C */ 758 759 #if defined(HAVE_SHA384) 760 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", 761 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 762 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 763 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 764 0 }, 765 #endif /* HAVE_SHA384 */ 766 #endif /* MBEDTLS_GCM_C */ 767 #endif /* MBEDTLS_CAMELLIA_C */ 768 769 #if defined(MBEDTLS_DES_C) 770 #if defined(MBEDTLS_CIPHER_MODE_CBC) 771 #if defined(MBEDTLS_SHA1_C) 772 { MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA", 773 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 774 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 775 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 776 0 }, 777 #endif /* MBEDTLS_SHA1_C */ 778 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 779 #endif /* MBEDTLS_DES_C */ 780 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ 781 782 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) 783 #if defined(MBEDTLS_AES_C) 784 #if defined(HAVE_SHA384) && defined(MBEDTLS_GCM_C) 785 { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384", 786 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 787 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 788 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 789 0 }, 790 #endif /* HAVE_SHA384 && MBEDTLS_GCM_C */ 791 792 #if defined(MBEDTLS_SHA256_C) 793 #if defined(MBEDTLS_GCM_C) 794 { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256", 795 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 796 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 797 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 798 0 }, 799 #endif /* MBEDTLS_GCM_C */ 800 801 #if defined(MBEDTLS_CIPHER_MODE_CBC) 802 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256", 803 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 804 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 805 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 806 0 }, 807 808 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256", 809 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 810 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 811 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 812 0 }, 813 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 814 #endif /* MBEDTLS_SHA256_C */ 815 816 #if defined(MBEDTLS_SHA1_C) 817 #if defined(MBEDTLS_CIPHER_MODE_CBC) 818 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA", 819 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 820 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 821 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 822 0 }, 823 824 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA", 825 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 826 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 827 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 828 0 }, 829 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 830 #endif /* MBEDTLS_SHA1_C */ 831 #if defined(MBEDTLS_CCM_C) 832 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM", 833 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 834 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 835 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 836 0 }, 837 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8", 838 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 839 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 840 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 841 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 842 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM", 843 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 844 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 845 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 846 0 }, 847 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8", 848 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 849 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 850 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 851 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 852 #endif /* MBEDTLS_CCM_C */ 853 #endif /* MBEDTLS_AES_C */ 854 855 #if defined(MBEDTLS_CAMELLIA_C) 856 #if defined(MBEDTLS_CIPHER_MODE_CBC) 857 #if defined(MBEDTLS_SHA256_C) 858 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256", 859 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 860 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 861 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 862 0 }, 863 864 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256", 865 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 866 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 867 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 868 0 }, 869 #endif /* MBEDTLS_SHA256_C */ 870 871 #if defined(MBEDTLS_SHA1_C) 872 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA", 873 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 874 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 875 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 876 0 }, 877 878 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA", 879 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 880 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 881 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 882 0 }, 883 #endif /* MBEDTLS_SHA1_C */ 884 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 885 886 #if defined(MBEDTLS_GCM_C) 887 #if defined(MBEDTLS_SHA256_C) 888 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256", 889 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 890 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 891 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 892 0 }, 893 #endif /* MBEDTLS_SHA256_C */ 894 895 #if defined(HAVE_SHA384) 896 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384", 897 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 898 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 899 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 900 0 }, 901 #endif /* HAVE_SHA384 */ 902 #endif /* MBEDTLS_GCM_C */ 903 #endif /* MBEDTLS_CAMELLIA_C */ 904 905 #if defined(MBEDTLS_DES_C) 906 #if defined(MBEDTLS_CIPHER_MODE_CBC) 907 #if defined(MBEDTLS_SHA1_C) 908 { MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA", 909 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 910 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 911 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 912 0 }, 913 #endif /* MBEDTLS_SHA1_C */ 914 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 915 #endif /* MBEDTLS_DES_C */ 916 917 #if defined(MBEDTLS_ARC4_C) 918 #if defined(MBEDTLS_MD5_C) 919 { MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5", 920 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA, 921 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 922 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 923 MBEDTLS_CIPHERSUITE_NODTLS }, 924 #endif 925 926 #if defined(MBEDTLS_SHA1_C) 927 { MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA", 928 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 929 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 930 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 931 MBEDTLS_CIPHERSUITE_NODTLS }, 932 #endif 933 #endif /* MBEDTLS_ARC4_C */ 934 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ 935 936 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) 937 #if defined(MBEDTLS_AES_C) 938 #if defined(MBEDTLS_SHA1_C) 939 #if defined(MBEDTLS_CIPHER_MODE_CBC) 940 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA", 941 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 942 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 943 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 944 0 }, 945 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA", 946 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 947 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 948 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 949 0 }, 950 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 951 #endif /* MBEDTLS_SHA1_C */ 952 #if defined(MBEDTLS_SHA256_C) 953 #if defined(MBEDTLS_CIPHER_MODE_CBC) 954 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256", 955 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 956 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 957 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 958 0 }, 959 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 960 #if defined(MBEDTLS_GCM_C) 961 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256", 962 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 963 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 964 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 965 0 }, 966 #endif /* MBEDTLS_GCM_C */ 967 #endif /* MBEDTLS_SHA256_C */ 968 #if defined(HAVE_SHA384) 969 #if defined(MBEDTLS_CIPHER_MODE_CBC) 970 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384", 971 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 972 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 973 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 974 0 }, 975 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 976 #if defined(MBEDTLS_GCM_C) 977 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384", 978 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 979 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 980 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 981 0 }, 982 #endif /* MBEDTLS_GCM_C */ 983 #endif /* HAVE_SHA384 */ 984 #endif /* MBEDTLS_AES_C */ 985 986 #if defined(MBEDTLS_CAMELLIA_C) 987 #if defined(MBEDTLS_CIPHER_MODE_CBC) 988 #if defined(MBEDTLS_SHA256_C) 989 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256", 990 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 991 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 992 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 993 0 }, 994 #endif /* MBEDTLS_SHA256_C */ 995 #if defined(HAVE_SHA384) 996 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384", 997 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 998 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 999 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1000 0 }, 1001 #endif /* HAVE_SHA384 */ 1002 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1003 1004 #if defined(MBEDTLS_GCM_C) 1005 #if defined(MBEDTLS_SHA256_C) 1006 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256", 1007 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1008 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1009 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1010 0 }, 1011 #endif /* MBEDTLS_SHA256_C */ 1012 #if defined(HAVE_SHA384) 1013 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384", 1014 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1015 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1016 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1017 0 }, 1018 #endif /* HAVE_SHA384 */ 1019 #endif /* MBEDTLS_GCM_C */ 1020 #endif /* MBEDTLS_CAMELLIA_C */ 1021 1022 #if defined(MBEDTLS_DES_C) 1023 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1024 #if defined(MBEDTLS_SHA1_C) 1025 { MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA", 1026 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1027 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1028 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1029 0 }, 1030 #endif /* MBEDTLS_SHA1_C */ 1031 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1032 #endif /* MBEDTLS_DES_C */ 1033 1034 #if defined(MBEDTLS_ARC4_C) 1035 #if defined(MBEDTLS_SHA1_C) 1036 { MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA", 1037 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1038 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1039 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1040 MBEDTLS_CIPHERSUITE_NODTLS }, 1041 #endif /* MBEDTLS_SHA1_C */ 1042 #endif /* MBEDTLS_ARC4_C */ 1043 1044 #if defined(MBEDTLS_CIPHER_NULL_CIPHER) 1045 #if defined(MBEDTLS_SHA1_C) 1046 { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA", 1047 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1048 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1049 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1050 MBEDTLS_CIPHERSUITE_WEAK }, 1051 #endif /* MBEDTLS_SHA1_C */ 1052 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ 1053 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ 1054 1055 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) 1056 #if defined(MBEDTLS_AES_C) 1057 #if defined(MBEDTLS_SHA1_C) 1058 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1059 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA", 1060 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1061 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1062 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1063 0 }, 1064 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA", 1065 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1066 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1067 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1068 0 }, 1069 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1070 #endif /* MBEDTLS_SHA1_C */ 1071 #if defined(MBEDTLS_SHA256_C) 1072 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1073 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256", 1074 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1075 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1076 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1077 0 }, 1078 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1079 #if defined(MBEDTLS_GCM_C) 1080 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256", 1081 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1082 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1083 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1084 0 }, 1085 #endif /* MBEDTLS_GCM_C */ 1086 #endif /* MBEDTLS_SHA256_C */ 1087 #if defined(HAVE_SHA384) 1088 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1089 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384", 1090 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1091 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1092 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1093 0 }, 1094 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1095 #if defined(MBEDTLS_GCM_C) 1096 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384", 1097 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1098 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1099 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1100 0 }, 1101 #endif /* MBEDTLS_GCM_C */ 1102 #endif /* HAVE_SHA384 */ 1103 #endif /* MBEDTLS_AES_C */ 1104 1105 #if defined(MBEDTLS_CAMELLIA_C) 1106 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1107 #if defined(MBEDTLS_SHA256_C) 1108 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", 1109 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1110 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1111 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1112 0 }, 1113 #endif /* MBEDTLS_SHA256_C */ 1114 #if defined(HAVE_SHA384) 1115 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", 1116 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1117 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1118 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1119 0 }, 1120 #endif /* HAVE_SHA384 */ 1121 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1122 1123 #if defined(MBEDTLS_GCM_C) 1124 #if defined(MBEDTLS_SHA256_C) 1125 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", 1126 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1127 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1128 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1129 0 }, 1130 #endif /* MBEDTLS_SHA256_C */ 1131 #if defined(HAVE_SHA384) 1132 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", 1133 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1134 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1135 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1136 0 }, 1137 #endif /* HAVE_SHA384 */ 1138 #endif /* MBEDTLS_GCM_C */ 1139 #endif /* MBEDTLS_CAMELLIA_C */ 1140 1141 #if defined(MBEDTLS_DES_C) 1142 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1143 #if defined(MBEDTLS_SHA1_C) 1144 { MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA", 1145 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1146 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1147 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1148 0 }, 1149 #endif /* MBEDTLS_SHA1_C */ 1150 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1151 #endif /* MBEDTLS_DES_C */ 1152 1153 #if defined(MBEDTLS_ARC4_C) 1154 #if defined(MBEDTLS_SHA1_C) 1155 { MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA", 1156 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1157 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1158 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1159 MBEDTLS_CIPHERSUITE_NODTLS }, 1160 #endif /* MBEDTLS_SHA1_C */ 1161 #endif /* MBEDTLS_ARC4_C */ 1162 1163 #if defined(MBEDTLS_CIPHER_NULL_CIPHER) 1164 #if defined(MBEDTLS_SHA1_C) 1165 { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA", 1166 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1167 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1168 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1169 MBEDTLS_CIPHERSUITE_WEAK }, 1170 #endif /* MBEDTLS_SHA1_C */ 1171 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ 1172 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ 1173 1174 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) 1175 #if defined(MBEDTLS_AES_C) 1176 #if defined(MBEDTLS_GCM_C) 1177 #if defined(MBEDTLS_SHA256_C) 1178 { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256", 1179 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1180 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1181 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1182 0 }, 1183 #endif /* MBEDTLS_SHA256_C */ 1184 1185 #if defined(HAVE_SHA384) 1186 { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384", 1187 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 1188 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1189 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1190 0 }, 1191 #endif /* HAVE_SHA384 */ 1192 #endif /* MBEDTLS_GCM_C */ 1193 1194 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1195 #if defined(MBEDTLS_SHA256_C) 1196 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256", 1197 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1198 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1199 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1200 0 }, 1201 #endif /* MBEDTLS_SHA256_C */ 1202 1203 #if defined(HAVE_SHA384) 1204 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384", 1205 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 1206 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1207 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1208 0 }, 1209 #endif /* HAVE_SHA384 */ 1210 1211 #if defined(MBEDTLS_SHA1_C) 1212 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA", 1213 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, 1214 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1215 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1216 0 }, 1217 1218 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA", 1219 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, 1220 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1221 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1222 0 }, 1223 #endif /* MBEDTLS_SHA1_C */ 1224 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1225 #if defined(MBEDTLS_CCM_C) 1226 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM", 1227 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1228 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1229 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1230 0 }, 1231 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8", 1232 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1233 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1234 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1235 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 1236 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM", 1237 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1238 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1239 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1240 0 }, 1241 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8", 1242 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1243 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1244 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1245 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 1246 #endif /* MBEDTLS_CCM_C */ 1247 #endif /* MBEDTLS_AES_C */ 1248 1249 #if defined(MBEDTLS_CAMELLIA_C) 1250 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1251 #if defined(MBEDTLS_SHA256_C) 1252 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256", 1253 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1254 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1255 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1256 0 }, 1257 #endif /* MBEDTLS_SHA256_C */ 1258 1259 #if defined(HAVE_SHA384) 1260 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384", 1261 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 1262 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1263 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1264 0 }, 1265 #endif /* HAVE_SHA384 */ 1266 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1267 1268 #if defined(MBEDTLS_GCM_C) 1269 #if defined(MBEDTLS_SHA256_C) 1270 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256", 1271 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1272 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1273 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1274 0 }, 1275 #endif /* MBEDTLS_SHA256_C */ 1276 1277 #if defined(HAVE_SHA384) 1278 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384", 1279 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 1280 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1281 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1282 0 }, 1283 #endif /* HAVE_SHA384 */ 1284 #endif /* MBEDTLS_GCM_C */ 1285 #endif /* MBEDTLS_CAMELLIA_C */ 1286 1287 #if defined(MBEDTLS_DES_C) 1288 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1289 #if defined(MBEDTLS_SHA1_C) 1290 { MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA", 1291 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, 1292 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1293 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1294 0 }, 1295 #endif /* MBEDTLS_SHA1_C */ 1296 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1297 #endif /* MBEDTLS_DES_C */ 1298 1299 #if defined(MBEDTLS_ARC4_C) 1300 #if defined(MBEDTLS_SHA1_C) 1301 { MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA", 1302 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, 1303 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1304 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1305 MBEDTLS_CIPHERSUITE_NODTLS }, 1306 #endif /* MBEDTLS_SHA1_C */ 1307 #endif /* MBEDTLS_ARC4_C */ 1308 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ 1309 1310 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) 1311 #if defined(MBEDTLS_AES_C) 1312 #if defined(MBEDTLS_GCM_C) 1313 #if defined(MBEDTLS_SHA256_C) 1314 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256", 1315 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1316 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1317 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1318 0 }, 1319 #endif /* MBEDTLS_SHA256_C */ 1320 1321 #if defined(HAVE_SHA384) 1322 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384", 1323 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1324 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1325 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1326 0 }, 1327 #endif /* HAVE_SHA384 */ 1328 #endif /* MBEDTLS_GCM_C */ 1329 1330 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1331 #if defined(MBEDTLS_SHA256_C) 1332 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256", 1333 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1334 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1335 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1336 0 }, 1337 #endif /* MBEDTLS_SHA256_C */ 1338 1339 #if defined(HAVE_SHA384) 1340 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384", 1341 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1342 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1343 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1344 0 }, 1345 #endif /* HAVE_SHA384 */ 1346 1347 #if defined(MBEDTLS_SHA1_C) 1348 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA", 1349 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1350 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1351 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1352 0 }, 1353 1354 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA", 1355 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1356 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1357 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1358 0 }, 1359 #endif /* MBEDTLS_SHA1_C */ 1360 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1361 #if defined(MBEDTLS_CCM_C) 1362 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM", 1363 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1364 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1365 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1366 0 }, 1367 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8", 1368 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1369 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1370 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1371 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 1372 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM", 1373 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1374 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1375 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1376 0 }, 1377 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8", 1378 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1379 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1380 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1381 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 1382 #endif /* MBEDTLS_CCM_C */ 1383 #endif /* MBEDTLS_AES_C */ 1384 1385 #if defined(MBEDTLS_CAMELLIA_C) 1386 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1387 #if defined(MBEDTLS_SHA256_C) 1388 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", 1389 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1390 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1391 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1392 0 }, 1393 #endif /* MBEDTLS_SHA256_C */ 1394 1395 #if defined(HAVE_SHA384) 1396 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", 1397 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1398 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1399 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1400 0 }, 1401 #endif /* HAVE_SHA384 */ 1402 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1403 1404 #if defined(MBEDTLS_GCM_C) 1405 #if defined(MBEDTLS_SHA256_C) 1406 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256", 1407 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1408 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1409 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1410 0 }, 1411 #endif /* MBEDTLS_SHA256_C */ 1412 1413 #if defined(HAVE_SHA384) 1414 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384", 1415 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1416 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1417 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1418 0 }, 1419 #endif /* HAVE_SHA384 */ 1420 #endif /* MBEDTLS_GCM_C */ 1421 #endif /* MBEDTLS_CAMELLIA_C */ 1422 1423 #if defined(MBEDTLS_DES_C) 1424 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1425 #if defined(MBEDTLS_SHA1_C) 1426 { MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA", 1427 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1428 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1429 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1430 0 }, 1431 #endif /* MBEDTLS_SHA1_C */ 1432 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1433 #endif /* MBEDTLS_DES_C */ 1434 1435 #if defined(MBEDTLS_ARC4_C) 1436 #if defined(MBEDTLS_SHA1_C) 1437 { MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA", 1438 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1439 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1440 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1441 MBEDTLS_CIPHERSUITE_NODTLS }, 1442 #endif /* MBEDTLS_SHA1_C */ 1443 #endif /* MBEDTLS_ARC4_C */ 1444 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ 1445 1446 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) 1447 #if defined(MBEDTLS_AES_C) 1448 1449 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1450 #if defined(MBEDTLS_SHA256_C) 1451 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256", 1452 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1453 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1454 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1455 0 }, 1456 #endif /* MBEDTLS_SHA256_C */ 1457 1458 #if defined(HAVE_SHA384) 1459 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384", 1460 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1461 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1462 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1463 0 }, 1464 #endif /* HAVE_SHA384 */ 1465 1466 #if defined(MBEDTLS_SHA1_C) 1467 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA", 1468 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1469 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1470 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1471 0 }, 1472 1473 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA", 1474 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1475 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1476 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1477 0 }, 1478 #endif /* MBEDTLS_SHA1_C */ 1479 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1480 #endif /* MBEDTLS_AES_C */ 1481 1482 #if defined(MBEDTLS_CAMELLIA_C) 1483 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1484 #if defined(MBEDTLS_SHA256_C) 1485 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", 1486 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1487 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1488 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1489 0 }, 1490 #endif /* MBEDTLS_SHA256_C */ 1491 1492 #if defined(HAVE_SHA384) 1493 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", 1494 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1495 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1496 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1497 0 }, 1498 #endif /* HAVE_SHA384 */ 1499 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1500 #endif /* MBEDTLS_CAMELLIA_C */ 1501 1502 #if defined(MBEDTLS_DES_C) 1503 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1504 #if defined(MBEDTLS_SHA1_C) 1505 { MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA", 1506 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1507 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1508 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1509 0 }, 1510 #endif /* MBEDTLS_SHA1_C */ 1511 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1512 #endif /* MBEDTLS_DES_C */ 1513 1514 #if defined(MBEDTLS_ARC4_C) 1515 #if defined(MBEDTLS_SHA1_C) 1516 { MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA", 1517 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1518 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1519 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1520 MBEDTLS_CIPHERSUITE_NODTLS }, 1521 #endif /* MBEDTLS_SHA1_C */ 1522 #endif /* MBEDTLS_ARC4_C */ 1523 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ 1524 1525 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) 1526 #if defined(MBEDTLS_AES_C) 1527 #if defined(MBEDTLS_GCM_C) 1528 #if defined(MBEDTLS_SHA256_C) 1529 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256", 1530 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1531 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1532 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1533 0 }, 1534 #endif /* MBEDTLS_SHA256_C */ 1535 1536 #if defined(HAVE_SHA384) 1537 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384", 1538 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1539 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1540 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1541 0 }, 1542 #endif /* HAVE_SHA384 */ 1543 #endif /* MBEDTLS_GCM_C */ 1544 1545 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1546 #if defined(MBEDTLS_SHA256_C) 1547 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256", 1548 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1549 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1550 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1551 0 }, 1552 #endif /* MBEDTLS_SHA256_C */ 1553 1554 #if defined(HAVE_SHA384) 1555 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384", 1556 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1557 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1558 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1559 0 }, 1560 #endif /* HAVE_SHA384 */ 1561 1562 #if defined(MBEDTLS_SHA1_C) 1563 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA", 1564 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1565 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1566 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1567 0 }, 1568 1569 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA", 1570 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1571 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1572 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1573 0 }, 1574 #endif /* MBEDTLS_SHA1_C */ 1575 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1576 #endif /* MBEDTLS_AES_C */ 1577 1578 #if defined(MBEDTLS_CAMELLIA_C) 1579 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1580 #if defined(MBEDTLS_SHA256_C) 1581 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256", 1582 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1583 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1584 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1585 0 }, 1586 #endif /* MBEDTLS_SHA256_C */ 1587 1588 #if defined(HAVE_SHA384) 1589 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384", 1590 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1591 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1592 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1593 0 }, 1594 #endif /* HAVE_SHA384 */ 1595 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1596 1597 #if defined(MBEDTLS_GCM_C) 1598 #if defined(MBEDTLS_SHA256_C) 1599 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256", 1600 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1601 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1602 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1603 0 }, 1604 #endif /* MBEDTLS_SHA256_C */ 1605 1606 #if defined(HAVE_SHA384) 1607 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384", 1608 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1609 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1610 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1611 0 }, 1612 #endif /* HAVE_SHA384 */ 1613 #endif /* MBEDTLS_GCM_C */ 1614 #endif /* MBEDTLS_CAMELLIA_C */ 1615 1616 #if defined(MBEDTLS_DES_C) 1617 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1618 #if defined(MBEDTLS_SHA1_C) 1619 { MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA", 1620 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1621 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1622 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1623 0 }, 1624 #endif /* MBEDTLS_SHA1_C */ 1625 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1626 #endif /* MBEDTLS_DES_C */ 1627 1628 #if defined(MBEDTLS_ARC4_C) 1629 #if defined(MBEDTLS_SHA1_C) 1630 { MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA", 1631 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1632 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1633 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1634 MBEDTLS_CIPHERSUITE_NODTLS }, 1635 #endif /* MBEDTLS_SHA1_C */ 1636 #endif /* MBEDTLS_ARC4_C */ 1637 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ 1638 1639 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) 1640 #if defined(MBEDTLS_AES_C) 1641 #if defined(MBEDTLS_CCM_C) 1642 { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8", 1643 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE, 1644 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1645 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1646 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 1647 #endif /* MBEDTLS_CCM_C */ 1648 #endif /* MBEDTLS_AES_C */ 1649 #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ 1650 1651 #if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES) 1652 #if defined(MBEDTLS_CIPHER_NULL_CIPHER) 1653 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) 1654 #if defined(MBEDTLS_MD5_C) 1655 { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5", 1656 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA, 1657 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1658 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1659 MBEDTLS_CIPHERSUITE_WEAK }, 1660 #endif 1661 1662 #if defined(MBEDTLS_SHA1_C) 1663 { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA", 1664 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 1665 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1666 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1667 MBEDTLS_CIPHERSUITE_WEAK }, 1668 #endif 1669 1670 #if defined(MBEDTLS_SHA256_C) 1671 { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256", 1672 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 1673 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1674 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1675 MBEDTLS_CIPHERSUITE_WEAK }, 1676 #endif 1677 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ 1678 1679 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) 1680 #if defined(MBEDTLS_SHA1_C) 1681 { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA", 1682 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, 1683 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1684 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1685 MBEDTLS_CIPHERSUITE_WEAK }, 1686 #endif /* MBEDTLS_SHA1_C */ 1687 1688 #if defined(MBEDTLS_SHA256_C) 1689 { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256", 1690 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1691 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1692 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1693 MBEDTLS_CIPHERSUITE_WEAK }, 1694 #endif 1695 1696 #if defined(HAVE_SHA384) 1697 { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384", 1698 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 1699 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1700 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1701 MBEDTLS_CIPHERSUITE_WEAK }, 1702 #endif 1703 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ 1704 1705 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) 1706 #if defined(MBEDTLS_SHA1_C) 1707 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA", 1708 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1709 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1710 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1711 MBEDTLS_CIPHERSUITE_WEAK }, 1712 #endif /* MBEDTLS_SHA1_C */ 1713 1714 #if defined(MBEDTLS_SHA256_C) 1715 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256", 1716 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1717 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1718 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1719 MBEDTLS_CIPHERSUITE_WEAK }, 1720 #endif 1721 1722 #if defined(HAVE_SHA384) 1723 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384", 1724 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1725 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1726 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1727 MBEDTLS_CIPHERSUITE_WEAK }, 1728 #endif 1729 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ 1730 1731 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) 1732 #if defined(MBEDTLS_SHA1_C) 1733 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA", 1734 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1735 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1736 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1737 MBEDTLS_CIPHERSUITE_WEAK }, 1738 #endif /* MBEDTLS_SHA1_C */ 1739 1740 #if defined(MBEDTLS_SHA256_C) 1741 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256", 1742 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1743 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1744 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1745 MBEDTLS_CIPHERSUITE_WEAK }, 1746 #endif 1747 1748 #if defined(HAVE_SHA384) 1749 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384", 1750 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1751 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1752 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1753 MBEDTLS_CIPHERSUITE_WEAK }, 1754 #endif 1755 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ 1756 1757 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) 1758 #if defined(MBEDTLS_SHA1_C) 1759 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA", 1760 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1761 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1762 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1763 MBEDTLS_CIPHERSUITE_WEAK }, 1764 #endif /* MBEDTLS_SHA1_C */ 1765 1766 #if defined(MBEDTLS_SHA256_C) 1767 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256", 1768 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1769 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1770 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1771 MBEDTLS_CIPHERSUITE_WEAK }, 1772 #endif 1773 1774 #if defined(HAVE_SHA384) 1775 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384", 1776 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1777 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1778 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1779 MBEDTLS_CIPHERSUITE_WEAK }, 1780 #endif 1781 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ 1782 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ 1783 1784 #if defined(MBEDTLS_DES_C) 1785 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1786 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) 1787 #if defined(MBEDTLS_SHA1_C) 1788 { MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA", 1789 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 1790 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1791 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1792 MBEDTLS_CIPHERSUITE_WEAK }, 1793 #endif /* MBEDTLS_SHA1_C */ 1794 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ 1795 1796 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) 1797 #if defined(MBEDTLS_SHA1_C) 1798 { MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA", 1799 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 1800 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1801 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1802 MBEDTLS_CIPHERSUITE_WEAK }, 1803 #endif /* MBEDTLS_SHA1_C */ 1804 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ 1805 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1806 #endif /* MBEDTLS_DES_C */ 1807 #endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */ 1808 1809 #if defined(MBEDTLS_ARIA_C) 1810 1811 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) 1812 1813 #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) 1814 { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, 1815 "TLS-RSA-WITH-ARIA-256-GCM-SHA384", 1816 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 1817 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1818 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1819 0 }, 1820 #endif 1821 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) 1822 { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, 1823 "TLS-RSA-WITH-ARIA-256-CBC-SHA384", 1824 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 1825 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1826 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1827 0 }, 1828 #endif 1829 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 1830 { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256, 1831 "TLS-RSA-WITH-ARIA-128-GCM-SHA256", 1832 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 1833 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1834 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1835 0 }, 1836 #endif 1837 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 1838 { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256, 1839 "TLS-RSA-WITH-ARIA-128-CBC-SHA256", 1840 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 1841 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1842 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1843 0 }, 1844 #endif 1845 1846 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ 1847 1848 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) 1849 1850 #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) 1851 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, 1852 "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384", 1853 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1854 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1855 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1856 0 }, 1857 #endif 1858 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) 1859 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, 1860 "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384", 1861 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1862 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1863 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1864 0 }, 1865 #endif 1866 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 1867 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, 1868 "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256", 1869 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1870 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1871 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1872 0 }, 1873 #endif 1874 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 1875 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, 1876 "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256", 1877 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1878 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1879 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1880 0 }, 1881 #endif 1882 1883 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ 1884 1885 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) 1886 1887 #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) 1888 { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, 1889 "TLS-PSK-WITH-ARIA-256-GCM-SHA384", 1890 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK, 1891 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1892 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1893 0 }, 1894 #endif 1895 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) 1896 { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, 1897 "TLS-PSK-WITH-ARIA-256-CBC-SHA384", 1898 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 1899 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1900 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1901 0 }, 1902 #endif 1903 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 1904 { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, 1905 "TLS-PSK-WITH-ARIA-128-GCM-SHA256", 1906 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1907 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1908 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1909 0 }, 1910 #endif 1911 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 1912 { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, 1913 "TLS-PSK-WITH-ARIA-128-CBC-SHA256", 1914 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1915 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1916 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1917 0 }, 1918 #endif 1919 1920 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ 1921 1922 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) 1923 1924 #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) 1925 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, 1926 "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384", 1927 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1928 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1929 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1930 0 }, 1931 #endif 1932 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) 1933 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, 1934 "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384", 1935 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1936 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1937 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1938 0 }, 1939 #endif 1940 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 1941 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, 1942 "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256", 1943 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1944 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1945 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1946 0 }, 1947 #endif 1948 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 1949 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, 1950 "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256", 1951 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1952 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1953 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1954 0 }, 1955 #endif 1956 1957 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ 1958 1959 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) 1960 1961 #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) 1962 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, 1963 "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384", 1964 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 1965 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1966 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1967 0 }, 1968 #endif 1969 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) 1970 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, 1971 "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384", 1972 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 1973 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1974 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1975 0 }, 1976 #endif 1977 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 1978 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, 1979 "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256", 1980 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 1981 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1982 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1983 0 }, 1984 #endif 1985 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 1986 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, 1987 "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256", 1988 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 1989 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1990 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1991 0 }, 1992 #endif 1993 1994 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ 1995 1996 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) 1997 1998 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) 1999 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, 2000 "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384", 2001 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 2002 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2003 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2004 0 }, 2005 #endif 2006 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 2007 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, 2008 "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256", 2009 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 2010 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2011 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2012 0 }, 2013 #endif 2014 2015 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ 2016 2017 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) 2018 2019 #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) 2020 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, 2021 "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384", 2022 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 2023 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2024 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2025 0 }, 2026 #endif 2027 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) 2028 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, 2029 "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384", 2030 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 2031 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2032 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2033 0 }, 2034 #endif 2035 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 2036 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, 2037 "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256", 2038 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 2039 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2040 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2041 0 }, 2042 #endif 2043 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 2044 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, 2045 "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256", 2046 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 2047 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2048 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2049 0 }, 2050 #endif 2051 2052 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ 2053 2054 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) 2055 2056 #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) 2057 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, 2058 "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384", 2059 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 2060 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2061 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2062 0 }, 2063 #endif 2064 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) 2065 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, 2066 "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384", 2067 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 2068 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2069 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2070 0 }, 2071 #endif 2072 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 2073 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, 2074 "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256", 2075 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 2076 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2077 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2078 0 }, 2079 #endif 2080 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 2081 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, 2082 "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256", 2083 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 2084 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2085 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2086 0 }, 2087 #endif 2088 2089 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ 2090 2091 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) 2092 2093 #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) 2094 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, 2095 "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384", 2096 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 2097 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2098 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2099 0 }, 2100 #endif 2101 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) 2102 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, 2103 "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384", 2104 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 2105 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2106 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2107 0 }, 2108 #endif 2109 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 2110 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, 2111 "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256", 2112 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 2113 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2114 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2115 0 }, 2116 #endif 2117 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 2118 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, 2119 "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256", 2120 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 2121 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2122 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2123 0 }, 2124 #endif 2125 2126 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ 2127 2128 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) 2129 2130 #if (defined(MBEDTLS_GCM_C) && defined(HAVE_SHA384)) 2131 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, 2132 "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384", 2133 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 2134 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2135 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2136 0 }, 2137 #endif 2138 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(HAVE_SHA384)) 2139 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, 2140 "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384", 2141 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 2142 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2143 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2144 0 }, 2145 #endif 2146 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 2147 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, 2148 "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256", 2149 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 2150 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2151 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2152 0 }, 2153 #endif 2154 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 2155 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, 2156 "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256", 2157 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 2158 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2159 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2160 0 }, 2161 #endif 2162 2163 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ 2164 2165 #endif /* MBEDTLS_ARIA_C */ 2166 2167 2168 { 0, "", 2169 MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE, 2170 0, 0, 0, 0, 0 } 2171 }; 2172 2173 #if defined(MBEDTLS_SSL_CIPHERSUITES) 2174 const int *mbedtls_ssl_list_ciphersuites( void ) 2175 { 2176 return( ciphersuite_preference ); 2177 } 2178 #else 2179 #define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \ 2180 sizeof( ciphersuite_definitions[0] ) 2181 static int supported_ciphersuites[MAX_CIPHERSUITES]; 2182 static int supported_init = 0; 2183 2184 MBEDTLS_CHECK_RETURN_CRITICAL 2185 static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info ) 2186 { 2187 (void)cs_info; 2188 2189 #if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES) 2190 if( cs_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) 2191 return( 1 ); 2192 #endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */ 2193 2194 #if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) 2195 if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB || 2196 cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC ) 2197 { 2198 return( 1 ); 2199 } 2200 #endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */ 2201 2202 return( 0 ); 2203 } 2204 2205 const int *mbedtls_ssl_list_ciphersuites( void ) 2206 { 2207 /* 2208 * On initial call filter out all ciphersuites not supported by current 2209 * build based on presence in the ciphersuite_definitions. 2210 */ 2211 if( supported_init == 0 ) 2212 { 2213 const int *p; 2214 int *q; 2215 2216 for( p = ciphersuite_preference, q = supported_ciphersuites; 2217 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1; 2218 p++ ) 2219 { 2220 const mbedtls_ssl_ciphersuite_t *cs_info; 2221 if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL && 2222 !ciphersuite_is_removed( cs_info ) ) 2223 { 2224 *(q++) = *p; 2225 } 2226 } 2227 *q = 0; 2228 2229 supported_init = 1; 2230 } 2231 2232 return( supported_ciphersuites ); 2233 } 2234 #endif /* MBEDTLS_SSL_CIPHERSUITES */ 2235 2236 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( 2237 const char *ciphersuite_name ) 2238 { 2239 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; 2240 2241 if( NULL == ciphersuite_name ) 2242 return( NULL ); 2243 2244 while( cur->id != 0 ) 2245 { 2246 if( 0 == strcmp( cur->name, ciphersuite_name ) ) 2247 return( cur ); 2248 2249 cur++; 2250 } 2251 2252 return( NULL ); 2253 } 2254 2255 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite ) 2256 { 2257 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; 2258 2259 while( cur->id != 0 ) 2260 { 2261 if( cur->id == ciphersuite ) 2262 return( cur ); 2263 2264 cur++; 2265 } 2266 2267 return( NULL ); 2268 } 2269 2270 const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ) 2271 { 2272 const mbedtls_ssl_ciphersuite_t *cur; 2273 2274 cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id ); 2275 2276 if( cur == NULL ) 2277 return( "unknown" ); 2278 2279 return( cur->name ); 2280 } 2281 2282 int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ) 2283 { 2284 const mbedtls_ssl_ciphersuite_t *cur; 2285 2286 cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name ); 2287 2288 if( cur == NULL ) 2289 return( 0 ); 2290 2291 return( cur->id ); 2292 } 2293 2294 #if defined(MBEDTLS_PK_C) 2295 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ) 2296 { 2297 switch( info->key_exchange ) 2298 { 2299 case MBEDTLS_KEY_EXCHANGE_RSA: 2300 case MBEDTLS_KEY_EXCHANGE_DHE_RSA: 2301 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: 2302 case MBEDTLS_KEY_EXCHANGE_RSA_PSK: 2303 return( MBEDTLS_PK_RSA ); 2304 2305 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: 2306 return( MBEDTLS_PK_ECDSA ); 2307 2308 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: 2309 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: 2310 return( MBEDTLS_PK_ECKEY ); 2311 2312 default: 2313 return( MBEDTLS_PK_NONE ); 2314 } 2315 } 2316 2317 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info ) 2318 { 2319 switch( info->key_exchange ) 2320 { 2321 case MBEDTLS_KEY_EXCHANGE_RSA: 2322 case MBEDTLS_KEY_EXCHANGE_DHE_RSA: 2323 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: 2324 return( MBEDTLS_PK_RSA ); 2325 2326 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: 2327 return( MBEDTLS_PK_ECDSA ); 2328 2329 default: 2330 return( MBEDTLS_PK_NONE ); 2331 } 2332 } 2333 2334 #endif /* MBEDTLS_PK_C */ 2335 2336 #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ 2337 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) 2338 int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ) 2339 { 2340 switch( info->key_exchange ) 2341 { 2342 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: 2343 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: 2344 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: 2345 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: 2346 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: 2347 case MBEDTLS_KEY_EXCHANGE_ECJPAKE: 2348 return( 1 ); 2349 2350 default: 2351 return( 0 ); 2352 } 2353 } 2354 #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/ 2355 2356 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) 2357 int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ) 2358 { 2359 switch( info->key_exchange ) 2360 { 2361 case MBEDTLS_KEY_EXCHANGE_PSK: 2362 case MBEDTLS_KEY_EXCHANGE_RSA_PSK: 2363 case MBEDTLS_KEY_EXCHANGE_DHE_PSK: 2364 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: 2365 return( 1 ); 2366 2367 default: 2368 return( 0 ); 2369 } 2370 } 2371 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ 2372 2373 #endif /* MBEDTLS_SSL_TLS_C */ 2374