1 // SPDX-License-Identifier: Apache-2.0 2 /** 3 * \file ssl_ciphersuites.c 4 * 5 * \brief SSL ciphersuites for mbed TLS 6 * 7 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved 8 * 9 * Licensed under the Apache License, Version 2.0 (the "License"); you may 10 * not use this file except in compliance with the License. 11 * You may obtain a copy of the License at 12 * 13 * http://www.apache.org/licenses/LICENSE-2.0 14 * 15 * Unless required by applicable law or agreed to in writing, software 16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 18 * See the License for the specific language governing permissions and 19 * limitations under the License. 20 * 21 * This file is part of mbed TLS (https://tls.mbed.org) 22 */ 23 24 #if !defined(MBEDTLS_CONFIG_FILE) 25 #include "mbedtls/config.h" 26 #else 27 #include MBEDTLS_CONFIG_FILE 28 #endif 29 30 #if defined(MBEDTLS_SSL_TLS_C) 31 32 #if defined(MBEDTLS_PLATFORM_C) 33 #include "mbedtls/platform.h" 34 #else 35 #include <stdlib.h> 36 #endif 37 38 #include "mbedtls/ssl_ciphersuites.h" 39 #include "mbedtls/ssl.h" 40 41 #include <string.h> 42 43 /* 44 * Ordered from most preferred to least preferred in terms of security. 45 * 46 * Current rule (except RC4 and 3DES, weak and null which come last): 47 * 1. By key exchange: 48 * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK 49 * 2. By key length and cipher: 50 * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128 51 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8 52 * 4. By hash function used when relevant 53 * 5. By key exchange/auth again: EC > non-EC 54 */ 55 static const int ciphersuite_preference[] = 56 { 57 #if defined(MBEDTLS_SSL_CIPHERSUITES) 58 MBEDTLS_SSL_CIPHERSUITES, 59 #else 60 /* Chacha-Poly ephemeral suites */ 61 MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, 62 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, 63 MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, 64 65 /* All AES-256 ephemeral suites */ 66 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 67 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 68 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, 69 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, 70 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, 71 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, 72 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, 73 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, 74 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 75 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 76 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, 77 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, 78 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, 79 80 /* All CAMELLIA-256 ephemeral suites */ 81 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, 82 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, 83 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, 84 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, 85 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, 86 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, 87 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, 88 89 /* All ARIA-256 ephemeral suites */ 90 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, 91 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, 92 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, 93 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, 94 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, 95 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, 96 97 /* All AES-128 ephemeral suites */ 98 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 99 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 100 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, 101 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, 102 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, 103 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 104 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 105 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, 106 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 107 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 108 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, 109 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, 110 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, 111 112 /* All CAMELLIA-128 ephemeral suites */ 113 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, 114 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, 115 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, 116 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, 117 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, 118 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, 119 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, 120 121 /* All ARIA-128 ephemeral suites */ 122 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, 123 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, 124 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, 125 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, 126 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, 127 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, 128 129 /* The PSK ephemeral suites */ 130 MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, 131 MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256, 132 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, 133 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, 134 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, 135 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, 136 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, 137 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, 138 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, 139 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 140 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, 141 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, 142 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, 143 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, 144 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, 145 146 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, 147 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, 148 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 149 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, 150 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, 151 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, 152 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, 153 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 154 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, 155 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, 156 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, 157 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, 158 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, 159 160 /* The ECJPAKE suite */ 161 MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, 162 163 /* All AES-256 suites */ 164 MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, 165 MBEDTLS_TLS_RSA_WITH_AES_256_CCM, 166 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, 167 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, 168 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, 169 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, 170 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, 171 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, 172 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, 173 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 174 MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, 175 176 /* All CAMELLIA-256 suites */ 177 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, 178 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, 179 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, 180 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, 181 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, 182 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, 183 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, 184 185 /* All ARIA-256 suites */ 186 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, 187 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, 188 MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, 189 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, 190 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, 191 MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, 192 193 /* All AES-128 suites */ 194 MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, 195 MBEDTLS_TLS_RSA_WITH_AES_128_CCM, 196 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, 197 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, 198 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, 199 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, 200 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, 201 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, 202 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, 203 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, 204 MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, 205 206 /* All CAMELLIA-128 suites */ 207 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, 208 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, 209 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, 210 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, 211 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, 212 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, 213 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, 214 215 /* All ARIA-128 suites */ 216 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, 217 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, 218 MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256, 219 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, 220 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, 221 MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256, 222 223 /* The RSA PSK suites */ 224 MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256, 225 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, 226 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, 227 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, 228 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, 229 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, 230 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, 231 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, 232 233 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, 234 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, 235 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, 236 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, 237 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, 238 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, 239 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, 240 241 /* The PSK suites */ 242 MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256, 243 MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, 244 MBEDTLS_TLS_PSK_WITH_AES_256_CCM, 245 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, 246 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, 247 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, 248 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, 249 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, 250 MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, 251 MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, 252 253 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, 254 MBEDTLS_TLS_PSK_WITH_AES_128_CCM, 255 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, 256 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, 257 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, 258 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, 259 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, 260 MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, 261 MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, 262 263 /* 3DES suites */ 264 MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, 265 MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 266 MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, 267 MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, 268 MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, 269 MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, 270 MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, 271 MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, 272 MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, 273 MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, 274 275 /* RC4 suites */ 276 MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, 277 MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, 278 MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, 279 MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, 280 MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, 281 MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, 282 MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, 283 MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, 284 MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, 285 MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, 286 287 /* Weak suites */ 288 MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, 289 MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, 290 291 /* NULL suites */ 292 MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, 293 MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, 294 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, 295 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, 296 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, 297 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, 298 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, 299 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, 300 301 MBEDTLS_TLS_RSA_WITH_NULL_SHA256, 302 MBEDTLS_TLS_RSA_WITH_NULL_SHA, 303 MBEDTLS_TLS_RSA_WITH_NULL_MD5, 304 MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, 305 MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, 306 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, 307 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, 308 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, 309 MBEDTLS_TLS_PSK_WITH_NULL_SHA384, 310 MBEDTLS_TLS_PSK_WITH_NULL_SHA256, 311 MBEDTLS_TLS_PSK_WITH_NULL_SHA, 312 313 #endif /* MBEDTLS_SSL_CIPHERSUITES */ 314 0 315 }; 316 317 static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 318 { 319 #if defined(MBEDTLS_CHACHAPOLY_C) && \ 320 defined(MBEDTLS_SHA256_C) && \ 321 defined(MBEDTLS_SSL_PROTO_TLS1_2) 322 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) 323 { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, 324 "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256", 325 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 326 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 327 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 328 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 329 0 }, 330 #endif 331 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) 332 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, 333 "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256", 334 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 335 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 336 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 337 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 338 0 }, 339 #endif 340 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) 341 { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, 342 "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256", 343 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 344 MBEDTLS_KEY_EXCHANGE_DHE_RSA, 345 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 346 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 347 0 }, 348 #endif 349 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) 350 { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256, 351 "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256", 352 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 353 MBEDTLS_KEY_EXCHANGE_PSK, 354 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 355 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 356 0 }, 357 #endif 358 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) 359 { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, 360 "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256", 361 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 362 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 363 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 364 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 365 0 }, 366 #endif 367 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) 368 { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256, 369 "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256", 370 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 371 MBEDTLS_KEY_EXCHANGE_DHE_PSK, 372 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 373 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 374 0 }, 375 #endif 376 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) 377 { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256, 378 "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256", 379 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256, 380 MBEDTLS_KEY_EXCHANGE_RSA_PSK, 381 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 382 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 383 0 }, 384 #endif 385 #endif /* MBEDTLS_CHACHAPOLY_C && 386 MBEDTLS_SHA256_C && 387 MBEDTLS_SSL_PROTO_TLS1_2 */ 388 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) 389 #if defined(MBEDTLS_AES_C) 390 #if defined(MBEDTLS_SHA1_C) 391 #if defined(MBEDTLS_CIPHER_MODE_CBC) 392 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA", 393 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 394 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 395 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 396 0 }, 397 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA", 398 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 399 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 400 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 401 0 }, 402 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 403 #endif /* MBEDTLS_SHA1_C */ 404 #if defined(MBEDTLS_SHA256_C) 405 #if defined(MBEDTLS_CIPHER_MODE_CBC) 406 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256", 407 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 408 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 409 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 410 0 }, 411 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 412 #if defined(MBEDTLS_GCM_C) 413 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256", 414 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 415 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 416 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 417 0 }, 418 #endif /* MBEDTLS_GCM_C */ 419 #endif /* MBEDTLS_SHA256_C */ 420 #if defined(MBEDTLS_SHA512_C) 421 #if defined(MBEDTLS_CIPHER_MODE_CBC) 422 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384", 423 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 424 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 425 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 426 0 }, 427 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 428 #if defined(MBEDTLS_GCM_C) 429 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384", 430 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 431 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 432 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 433 0 }, 434 #endif /* MBEDTLS_GCM_C */ 435 #endif /* MBEDTLS_SHA512_C */ 436 #if defined(MBEDTLS_CCM_C) 437 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM", 438 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 439 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 440 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 441 0 }, 442 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8", 443 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 444 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 445 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 446 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 447 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM", 448 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 449 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 450 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 451 0 }, 452 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8", 453 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 454 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 455 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 456 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 457 #endif /* MBEDTLS_CCM_C */ 458 #endif /* MBEDTLS_AES_C */ 459 460 #if defined(MBEDTLS_CAMELLIA_C) 461 #if defined(MBEDTLS_CIPHER_MODE_CBC) 462 #if defined(MBEDTLS_SHA256_C) 463 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", 464 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 465 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 466 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 467 0 }, 468 #endif /* MBEDTLS_SHA256_C */ 469 #if defined(MBEDTLS_SHA512_C) 470 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", 471 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 472 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 473 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 474 0 }, 475 #endif /* MBEDTLS_SHA512_C */ 476 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 477 478 #if defined(MBEDTLS_GCM_C) 479 #if defined(MBEDTLS_SHA256_C) 480 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", 481 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 482 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 483 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 484 0 }, 485 #endif /* MBEDTLS_SHA256_C */ 486 #if defined(MBEDTLS_SHA512_C) 487 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", 488 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 489 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 490 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 491 0 }, 492 #endif /* MBEDTLS_SHA512_C */ 493 #endif /* MBEDTLS_GCM_C */ 494 #endif /* MBEDTLS_CAMELLIA_C */ 495 496 #if defined(MBEDTLS_DES_C) 497 #if defined(MBEDTLS_CIPHER_MODE_CBC) 498 #if defined(MBEDTLS_SHA1_C) 499 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA", 500 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 501 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 502 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 503 0 }, 504 #endif /* MBEDTLS_SHA1_C */ 505 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 506 #endif /* MBEDTLS_DES_C */ 507 508 #if defined(MBEDTLS_ARC4_C) 509 #if defined(MBEDTLS_SHA1_C) 510 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA", 511 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 512 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 513 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 514 MBEDTLS_CIPHERSUITE_NODTLS }, 515 #endif /* MBEDTLS_SHA1_C */ 516 #endif /* MBEDTLS_ARC4_C */ 517 518 #if defined(MBEDTLS_CIPHER_NULL_CIPHER) 519 #if defined(MBEDTLS_SHA1_C) 520 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA", 521 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 522 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 523 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 524 MBEDTLS_CIPHERSUITE_WEAK }, 525 #endif /* MBEDTLS_SHA1_C */ 526 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ 527 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ 528 529 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) 530 #if defined(MBEDTLS_AES_C) 531 #if defined(MBEDTLS_SHA1_C) 532 #if defined(MBEDTLS_CIPHER_MODE_CBC) 533 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA", 534 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 535 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 536 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 537 0 }, 538 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA", 539 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 540 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 541 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 542 0 }, 543 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 544 #endif /* MBEDTLS_SHA1_C */ 545 #if defined(MBEDTLS_SHA256_C) 546 #if defined(MBEDTLS_CIPHER_MODE_CBC) 547 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256", 548 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 549 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 550 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 551 0 }, 552 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 553 #if defined(MBEDTLS_GCM_C) 554 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256", 555 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 556 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 557 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 558 0 }, 559 #endif /* MBEDTLS_GCM_C */ 560 #endif /* MBEDTLS_SHA256_C */ 561 #if defined(MBEDTLS_SHA512_C) 562 #if defined(MBEDTLS_CIPHER_MODE_CBC) 563 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384", 564 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 565 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 566 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 567 0 }, 568 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 569 #if defined(MBEDTLS_GCM_C) 570 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384", 571 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 572 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 573 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 574 0 }, 575 #endif /* MBEDTLS_GCM_C */ 576 #endif /* MBEDTLS_SHA512_C */ 577 #endif /* MBEDTLS_AES_C */ 578 579 #if defined(MBEDTLS_CAMELLIA_C) 580 #if defined(MBEDTLS_CIPHER_MODE_CBC) 581 #if defined(MBEDTLS_SHA256_C) 582 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", 583 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 584 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 585 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 586 0 }, 587 #endif /* MBEDTLS_SHA256_C */ 588 #if defined(MBEDTLS_SHA512_C) 589 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384", 590 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 591 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 592 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 593 0 }, 594 #endif /* MBEDTLS_SHA512_C */ 595 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 596 597 #if defined(MBEDTLS_GCM_C) 598 #if defined(MBEDTLS_SHA256_C) 599 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", 600 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 601 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 602 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 603 0 }, 604 #endif /* MBEDTLS_SHA256_C */ 605 #if defined(MBEDTLS_SHA512_C) 606 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", 607 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 608 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 609 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 610 0 }, 611 #endif /* MBEDTLS_SHA512_C */ 612 #endif /* MBEDTLS_GCM_C */ 613 #endif /* MBEDTLS_CAMELLIA_C */ 614 615 #if defined(MBEDTLS_DES_C) 616 #if defined(MBEDTLS_CIPHER_MODE_CBC) 617 #if defined(MBEDTLS_SHA1_C) 618 { MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA", 619 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 620 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 621 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 622 0 }, 623 #endif /* MBEDTLS_SHA1_C */ 624 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 625 #endif /* MBEDTLS_DES_C */ 626 627 #if defined(MBEDTLS_ARC4_C) 628 #if defined(MBEDTLS_SHA1_C) 629 { MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA", 630 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 631 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 632 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 633 MBEDTLS_CIPHERSUITE_NODTLS }, 634 #endif /* MBEDTLS_SHA1_C */ 635 #endif /* MBEDTLS_ARC4_C */ 636 637 #if defined(MBEDTLS_CIPHER_NULL_CIPHER) 638 #if defined(MBEDTLS_SHA1_C) 639 { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA", 640 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 641 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 642 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 643 MBEDTLS_CIPHERSUITE_WEAK }, 644 #endif /* MBEDTLS_SHA1_C */ 645 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ 646 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ 647 648 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) 649 #if defined(MBEDTLS_AES_C) 650 #if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C) 651 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384", 652 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 653 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 654 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 655 0 }, 656 #endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */ 657 658 #if defined(MBEDTLS_SHA256_C) 659 #if defined(MBEDTLS_GCM_C) 660 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256", 661 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 662 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 663 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 664 0 }, 665 #endif /* MBEDTLS_GCM_C */ 666 667 #if defined(MBEDTLS_CIPHER_MODE_CBC) 668 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256", 669 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 670 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 671 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 672 0 }, 673 674 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256", 675 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 676 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 677 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 678 0 }, 679 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 680 #endif /* MBEDTLS_SHA256_C */ 681 682 #if defined(MBEDTLS_CIPHER_MODE_CBC) 683 #if defined(MBEDTLS_SHA1_C) 684 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA", 685 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 686 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 687 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 688 0 }, 689 690 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA", 691 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 692 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 693 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 694 0 }, 695 #endif /* MBEDTLS_SHA1_C */ 696 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 697 #if defined(MBEDTLS_CCM_C) 698 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM", 699 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 700 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 701 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 702 0 }, 703 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8", 704 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 705 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 706 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 707 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 708 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM", 709 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 710 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 711 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 712 0 }, 713 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8", 714 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 715 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 716 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 717 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 718 #endif /* MBEDTLS_CCM_C */ 719 #endif /* MBEDTLS_AES_C */ 720 721 #if defined(MBEDTLS_CAMELLIA_C) 722 #if defined(MBEDTLS_CIPHER_MODE_CBC) 723 #if defined(MBEDTLS_SHA256_C) 724 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256", 725 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 726 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 727 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 728 0 }, 729 730 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256", 731 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 732 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 733 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 734 0 }, 735 #endif /* MBEDTLS_SHA256_C */ 736 737 #if defined(MBEDTLS_SHA1_C) 738 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA", 739 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 740 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 741 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 742 0 }, 743 744 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA", 745 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 746 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 747 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 748 0 }, 749 #endif /* MBEDTLS_SHA1_C */ 750 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 751 #if defined(MBEDTLS_GCM_C) 752 #if defined(MBEDTLS_SHA256_C) 753 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256", 754 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 755 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 756 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 757 0 }, 758 #endif /* MBEDTLS_SHA256_C */ 759 760 #if defined(MBEDTLS_SHA512_C) 761 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", 762 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 763 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 764 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 765 0 }, 766 #endif /* MBEDTLS_SHA512_C */ 767 #endif /* MBEDTLS_GCM_C */ 768 #endif /* MBEDTLS_CAMELLIA_C */ 769 770 #if defined(MBEDTLS_DES_C) 771 #if defined(MBEDTLS_CIPHER_MODE_CBC) 772 #if defined(MBEDTLS_SHA1_C) 773 { MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA", 774 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 775 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 776 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 777 0 }, 778 #endif /* MBEDTLS_SHA1_C */ 779 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 780 #endif /* MBEDTLS_DES_C */ 781 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ 782 783 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) 784 #if defined(MBEDTLS_AES_C) 785 #if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C) 786 { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384", 787 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 788 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 789 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 790 0 }, 791 #endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */ 792 793 #if defined(MBEDTLS_SHA256_C) 794 #if defined(MBEDTLS_GCM_C) 795 { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256", 796 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 797 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 798 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 799 0 }, 800 #endif /* MBEDTLS_GCM_C */ 801 802 #if defined(MBEDTLS_CIPHER_MODE_CBC) 803 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256", 804 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 805 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 806 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 807 0 }, 808 809 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256", 810 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 811 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 812 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 813 0 }, 814 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 815 #endif /* MBEDTLS_SHA256_C */ 816 817 #if defined(MBEDTLS_SHA1_C) 818 #if defined(MBEDTLS_CIPHER_MODE_CBC) 819 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA", 820 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 821 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 822 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 823 0 }, 824 825 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA", 826 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 827 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 828 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 829 0 }, 830 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 831 #endif /* MBEDTLS_SHA1_C */ 832 #if defined(MBEDTLS_CCM_C) 833 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM", 834 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 835 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 836 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 837 0 }, 838 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8", 839 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 840 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 841 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 842 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 843 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM", 844 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 845 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 846 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 847 0 }, 848 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8", 849 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 850 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 851 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 852 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 853 #endif /* MBEDTLS_CCM_C */ 854 #endif /* MBEDTLS_AES_C */ 855 856 #if defined(MBEDTLS_CAMELLIA_C) 857 #if defined(MBEDTLS_CIPHER_MODE_CBC) 858 #if defined(MBEDTLS_SHA256_C) 859 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256", 860 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 861 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 862 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 863 0 }, 864 865 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256", 866 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 867 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 868 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 869 0 }, 870 #endif /* MBEDTLS_SHA256_C */ 871 872 #if defined(MBEDTLS_SHA1_C) 873 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA", 874 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 875 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 876 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 877 0 }, 878 879 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA", 880 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 881 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 882 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 883 0 }, 884 #endif /* MBEDTLS_SHA1_C */ 885 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 886 887 #if defined(MBEDTLS_GCM_C) 888 #if defined(MBEDTLS_SHA256_C) 889 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256", 890 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 891 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 892 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 893 0 }, 894 #endif /* MBEDTLS_SHA256_C */ 895 896 #if defined(MBEDTLS_SHA1_C) 897 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384", 898 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 899 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 900 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 901 0 }, 902 #endif /* MBEDTLS_SHA1_C */ 903 #endif /* MBEDTLS_GCM_C */ 904 #endif /* MBEDTLS_CAMELLIA_C */ 905 906 #if defined(MBEDTLS_DES_C) 907 #if defined(MBEDTLS_CIPHER_MODE_CBC) 908 #if defined(MBEDTLS_SHA1_C) 909 { MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA", 910 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 911 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 912 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 913 0 }, 914 #endif /* MBEDTLS_SHA1_C */ 915 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 916 #endif /* MBEDTLS_DES_C */ 917 918 #if defined(MBEDTLS_ARC4_C) 919 #if defined(MBEDTLS_MD5_C) 920 { MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5", 921 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA, 922 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 923 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 924 MBEDTLS_CIPHERSUITE_NODTLS }, 925 #endif 926 927 #if defined(MBEDTLS_SHA1_C) 928 { MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA", 929 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 930 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 931 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 932 MBEDTLS_CIPHERSUITE_NODTLS }, 933 #endif 934 #endif /* MBEDTLS_ARC4_C */ 935 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ 936 937 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) 938 #if defined(MBEDTLS_AES_C) 939 #if defined(MBEDTLS_SHA1_C) 940 #if defined(MBEDTLS_CIPHER_MODE_CBC) 941 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA", 942 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 943 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 944 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 945 0 }, 946 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA", 947 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 948 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 949 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 950 0 }, 951 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 952 #endif /* MBEDTLS_SHA1_C */ 953 #if defined(MBEDTLS_SHA256_C) 954 #if defined(MBEDTLS_CIPHER_MODE_CBC) 955 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256", 956 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 957 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 958 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 959 0 }, 960 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 961 #if defined(MBEDTLS_GCM_C) 962 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256", 963 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 964 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 965 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 966 0 }, 967 #endif /* MBEDTLS_GCM_C */ 968 #endif /* MBEDTLS_SHA256_C */ 969 #if defined(MBEDTLS_SHA512_C) 970 #if defined(MBEDTLS_CIPHER_MODE_CBC) 971 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384", 972 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 973 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 974 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 975 0 }, 976 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 977 #if defined(MBEDTLS_GCM_C) 978 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384", 979 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 980 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 981 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 982 0 }, 983 #endif /* MBEDTLS_GCM_C */ 984 #endif /* MBEDTLS_SHA512_C */ 985 #endif /* MBEDTLS_AES_C */ 986 987 #if defined(MBEDTLS_CAMELLIA_C) 988 #if defined(MBEDTLS_CIPHER_MODE_CBC) 989 #if defined(MBEDTLS_SHA256_C) 990 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256", 991 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 992 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 993 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 994 0 }, 995 #endif /* MBEDTLS_SHA256_C */ 996 #if defined(MBEDTLS_SHA512_C) 997 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384", 998 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 999 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1000 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1001 0 }, 1002 #endif /* MBEDTLS_SHA512_C */ 1003 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1004 1005 #if defined(MBEDTLS_GCM_C) 1006 #if defined(MBEDTLS_SHA256_C) 1007 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256", 1008 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1009 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1010 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1011 0 }, 1012 #endif /* MBEDTLS_SHA256_C */ 1013 #if defined(MBEDTLS_SHA512_C) 1014 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384", 1015 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1016 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1017 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1018 0 }, 1019 #endif /* MBEDTLS_SHA512_C */ 1020 #endif /* MBEDTLS_GCM_C */ 1021 #endif /* MBEDTLS_CAMELLIA_C */ 1022 1023 #if defined(MBEDTLS_DES_C) 1024 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1025 #if defined(MBEDTLS_SHA1_C) 1026 { MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA", 1027 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1028 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1029 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1030 0 }, 1031 #endif /* MBEDTLS_SHA1_C */ 1032 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1033 #endif /* MBEDTLS_DES_C */ 1034 1035 #if defined(MBEDTLS_ARC4_C) 1036 #if defined(MBEDTLS_SHA1_C) 1037 { MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA", 1038 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1039 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1040 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1041 MBEDTLS_CIPHERSUITE_NODTLS }, 1042 #endif /* MBEDTLS_SHA1_C */ 1043 #endif /* MBEDTLS_ARC4_C */ 1044 1045 #if defined(MBEDTLS_CIPHER_NULL_CIPHER) 1046 #if defined(MBEDTLS_SHA1_C) 1047 { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA", 1048 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1049 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1050 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1051 MBEDTLS_CIPHERSUITE_WEAK }, 1052 #endif /* MBEDTLS_SHA1_C */ 1053 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ 1054 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ 1055 1056 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) 1057 #if defined(MBEDTLS_AES_C) 1058 #if defined(MBEDTLS_SHA1_C) 1059 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1060 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA", 1061 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1062 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1063 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1064 0 }, 1065 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA", 1066 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1067 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1068 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1069 0 }, 1070 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1071 #endif /* MBEDTLS_SHA1_C */ 1072 #if defined(MBEDTLS_SHA256_C) 1073 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1074 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256", 1075 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1076 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1077 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1078 0 }, 1079 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1080 #if defined(MBEDTLS_GCM_C) 1081 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256", 1082 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1083 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1084 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1085 0 }, 1086 #endif /* MBEDTLS_GCM_C */ 1087 #endif /* MBEDTLS_SHA256_C */ 1088 #if defined(MBEDTLS_SHA512_C) 1089 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1090 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384", 1091 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1092 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1093 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1094 0 }, 1095 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1096 #if defined(MBEDTLS_GCM_C) 1097 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384", 1098 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1099 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1100 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1101 0 }, 1102 #endif /* MBEDTLS_GCM_C */ 1103 #endif /* MBEDTLS_SHA512_C */ 1104 #endif /* MBEDTLS_AES_C */ 1105 1106 #if defined(MBEDTLS_CAMELLIA_C) 1107 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1108 #if defined(MBEDTLS_SHA256_C) 1109 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256", 1110 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1111 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1112 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1113 0 }, 1114 #endif /* MBEDTLS_SHA256_C */ 1115 #if defined(MBEDTLS_SHA512_C) 1116 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", 1117 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1118 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1119 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1120 0 }, 1121 #endif /* MBEDTLS_SHA512_C */ 1122 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1123 1124 #if defined(MBEDTLS_GCM_C) 1125 #if defined(MBEDTLS_SHA256_C) 1126 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256", 1127 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1128 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1129 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1130 0 }, 1131 #endif /* MBEDTLS_SHA256_C */ 1132 #if defined(MBEDTLS_SHA512_C) 1133 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", 1134 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1135 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1136 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1137 0 }, 1138 #endif /* MBEDTLS_SHA512_C */ 1139 #endif /* MBEDTLS_GCM_C */ 1140 #endif /* MBEDTLS_CAMELLIA_C */ 1141 1142 #if defined(MBEDTLS_DES_C) 1143 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1144 #if defined(MBEDTLS_SHA1_C) 1145 { MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA", 1146 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1147 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1148 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1149 0 }, 1150 #endif /* MBEDTLS_SHA1_C */ 1151 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1152 #endif /* MBEDTLS_DES_C */ 1153 1154 #if defined(MBEDTLS_ARC4_C) 1155 #if defined(MBEDTLS_SHA1_C) 1156 { MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA", 1157 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1158 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1159 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1160 MBEDTLS_CIPHERSUITE_NODTLS }, 1161 #endif /* MBEDTLS_SHA1_C */ 1162 #endif /* MBEDTLS_ARC4_C */ 1163 1164 #if defined(MBEDTLS_CIPHER_NULL_CIPHER) 1165 #if defined(MBEDTLS_SHA1_C) 1166 { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA", 1167 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 1168 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1169 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1170 MBEDTLS_CIPHERSUITE_WEAK }, 1171 #endif /* MBEDTLS_SHA1_C */ 1172 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ 1173 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ 1174 1175 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) 1176 #if defined(MBEDTLS_AES_C) 1177 #if defined(MBEDTLS_GCM_C) 1178 #if defined(MBEDTLS_SHA256_C) 1179 { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256", 1180 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1181 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1182 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1183 0 }, 1184 #endif /* MBEDTLS_SHA256_C */ 1185 1186 #if defined(MBEDTLS_SHA512_C) 1187 { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384", 1188 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 1189 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1190 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1191 0 }, 1192 #endif /* MBEDTLS_SHA512_C */ 1193 #endif /* MBEDTLS_GCM_C */ 1194 1195 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1196 #if defined(MBEDTLS_SHA256_C) 1197 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256", 1198 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1199 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1200 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1201 0 }, 1202 #endif /* MBEDTLS_SHA256_C */ 1203 1204 #if defined(MBEDTLS_SHA512_C) 1205 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384", 1206 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 1207 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1208 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1209 0 }, 1210 #endif /* MBEDTLS_SHA512_C */ 1211 1212 #if defined(MBEDTLS_SHA1_C) 1213 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA", 1214 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, 1215 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1216 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1217 0 }, 1218 1219 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA", 1220 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, 1221 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1222 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1223 0 }, 1224 #endif /* MBEDTLS_SHA1_C */ 1225 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1226 #if defined(MBEDTLS_CCM_C) 1227 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM", 1228 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1229 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1230 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1231 0 }, 1232 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8", 1233 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1234 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1235 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1236 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 1237 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM", 1238 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1239 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1240 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1241 0 }, 1242 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8", 1243 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1244 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1245 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1246 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 1247 #endif /* MBEDTLS_CCM_C */ 1248 #endif /* MBEDTLS_AES_C */ 1249 1250 #if defined(MBEDTLS_CAMELLIA_C) 1251 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1252 #if defined(MBEDTLS_SHA256_C) 1253 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256", 1254 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1255 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1256 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1257 0 }, 1258 #endif /* MBEDTLS_SHA256_C */ 1259 1260 #if defined(MBEDTLS_SHA512_C) 1261 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384", 1262 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 1263 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1264 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1265 0 }, 1266 #endif /* MBEDTLS_SHA512_C */ 1267 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1268 1269 #if defined(MBEDTLS_GCM_C) 1270 #if defined(MBEDTLS_SHA256_C) 1271 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256", 1272 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1273 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1274 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1275 0 }, 1276 #endif /* MBEDTLS_SHA256_C */ 1277 1278 #if defined(MBEDTLS_SHA512_C) 1279 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384", 1280 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 1281 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1282 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1283 0 }, 1284 #endif /* MBEDTLS_SHA512_C */ 1285 #endif /* MBEDTLS_GCM_C */ 1286 #endif /* MBEDTLS_CAMELLIA_C */ 1287 1288 #if defined(MBEDTLS_DES_C) 1289 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1290 #if defined(MBEDTLS_SHA1_C) 1291 { MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA", 1292 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, 1293 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1294 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1295 0 }, 1296 #endif /* MBEDTLS_SHA1_C */ 1297 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1298 #endif /* MBEDTLS_DES_C */ 1299 1300 #if defined(MBEDTLS_ARC4_C) 1301 #if defined(MBEDTLS_SHA1_C) 1302 { MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA", 1303 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, 1304 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1305 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1306 MBEDTLS_CIPHERSUITE_NODTLS }, 1307 #endif /* MBEDTLS_SHA1_C */ 1308 #endif /* MBEDTLS_ARC4_C */ 1309 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ 1310 1311 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) 1312 #if defined(MBEDTLS_AES_C) 1313 #if defined(MBEDTLS_GCM_C) 1314 #if defined(MBEDTLS_SHA256_C) 1315 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256", 1316 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1317 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1318 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1319 0 }, 1320 #endif /* MBEDTLS_SHA256_C */ 1321 1322 #if defined(MBEDTLS_SHA512_C) 1323 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384", 1324 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1325 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1326 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1327 0 }, 1328 #endif /* MBEDTLS_SHA512_C */ 1329 #endif /* MBEDTLS_GCM_C */ 1330 1331 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1332 #if defined(MBEDTLS_SHA256_C) 1333 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256", 1334 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1335 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1336 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1337 0 }, 1338 #endif /* MBEDTLS_SHA256_C */ 1339 1340 #if defined(MBEDTLS_SHA512_C) 1341 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384", 1342 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1343 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1344 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1345 0 }, 1346 #endif /* MBEDTLS_SHA512_C */ 1347 1348 #if defined(MBEDTLS_SHA1_C) 1349 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA", 1350 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1351 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1352 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1353 0 }, 1354 1355 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA", 1356 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1357 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1358 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1359 0 }, 1360 #endif /* MBEDTLS_SHA1_C */ 1361 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1362 #if defined(MBEDTLS_CCM_C) 1363 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM", 1364 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1365 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1366 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1367 0 }, 1368 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8", 1369 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1370 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1371 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1372 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 1373 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM", 1374 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1375 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1376 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1377 0 }, 1378 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8", 1379 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1380 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1381 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1382 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 1383 #endif /* MBEDTLS_CCM_C */ 1384 #endif /* MBEDTLS_AES_C */ 1385 1386 #if defined(MBEDTLS_CAMELLIA_C) 1387 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1388 #if defined(MBEDTLS_SHA256_C) 1389 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", 1390 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1391 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1392 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1393 0 }, 1394 #endif /* MBEDTLS_SHA256_C */ 1395 1396 #if defined(MBEDTLS_SHA512_C) 1397 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", 1398 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1399 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1400 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1401 0 }, 1402 #endif /* MBEDTLS_SHA512_C */ 1403 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1404 1405 #if defined(MBEDTLS_GCM_C) 1406 #if defined(MBEDTLS_SHA256_C) 1407 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256", 1408 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1409 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1410 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1411 0 }, 1412 #endif /* MBEDTLS_SHA256_C */ 1413 1414 #if defined(MBEDTLS_SHA512_C) 1415 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384", 1416 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1417 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1418 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1419 0 }, 1420 #endif /* MBEDTLS_SHA512_C */ 1421 #endif /* MBEDTLS_GCM_C */ 1422 #endif /* MBEDTLS_CAMELLIA_C */ 1423 1424 #if defined(MBEDTLS_DES_C) 1425 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1426 #if defined(MBEDTLS_SHA1_C) 1427 { MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA", 1428 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1429 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1430 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1431 0 }, 1432 #endif /* MBEDTLS_SHA1_C */ 1433 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1434 #endif /* MBEDTLS_DES_C */ 1435 1436 #if defined(MBEDTLS_ARC4_C) 1437 #if defined(MBEDTLS_SHA1_C) 1438 { MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA", 1439 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1440 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1441 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1442 MBEDTLS_CIPHERSUITE_NODTLS }, 1443 #endif /* MBEDTLS_SHA1_C */ 1444 #endif /* MBEDTLS_ARC4_C */ 1445 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ 1446 1447 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) 1448 #if defined(MBEDTLS_AES_C) 1449 1450 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1451 #if defined(MBEDTLS_SHA256_C) 1452 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256", 1453 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1454 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1455 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1456 0 }, 1457 #endif /* MBEDTLS_SHA256_C */ 1458 1459 #if defined(MBEDTLS_SHA512_C) 1460 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384", 1461 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1462 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1463 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1464 0 }, 1465 #endif /* MBEDTLS_SHA512_C */ 1466 1467 #if defined(MBEDTLS_SHA1_C) 1468 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA", 1469 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1470 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1471 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1472 0 }, 1473 1474 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA", 1475 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1476 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1477 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1478 0 }, 1479 #endif /* MBEDTLS_SHA1_C */ 1480 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1481 #endif /* MBEDTLS_AES_C */ 1482 1483 #if defined(MBEDTLS_CAMELLIA_C) 1484 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1485 #if defined(MBEDTLS_SHA256_C) 1486 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", 1487 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1488 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1489 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1490 0 }, 1491 #endif /* MBEDTLS_SHA256_C */ 1492 1493 #if defined(MBEDTLS_SHA512_C) 1494 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", 1495 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1496 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1497 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1498 0 }, 1499 #endif /* MBEDTLS_SHA512_C */ 1500 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1501 #endif /* MBEDTLS_CAMELLIA_C */ 1502 1503 #if defined(MBEDTLS_DES_C) 1504 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1505 #if defined(MBEDTLS_SHA1_C) 1506 { MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA", 1507 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1508 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1509 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1510 0 }, 1511 #endif /* MBEDTLS_SHA1_C */ 1512 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1513 #endif /* MBEDTLS_DES_C */ 1514 1515 #if defined(MBEDTLS_ARC4_C) 1516 #if defined(MBEDTLS_SHA1_C) 1517 { MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA", 1518 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1519 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1520 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1521 MBEDTLS_CIPHERSUITE_NODTLS }, 1522 #endif /* MBEDTLS_SHA1_C */ 1523 #endif /* MBEDTLS_ARC4_C */ 1524 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ 1525 1526 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) 1527 #if defined(MBEDTLS_AES_C) 1528 #if defined(MBEDTLS_GCM_C) 1529 #if defined(MBEDTLS_SHA256_C) 1530 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256", 1531 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1532 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1533 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1534 0 }, 1535 #endif /* MBEDTLS_SHA256_C */ 1536 1537 #if defined(MBEDTLS_SHA512_C) 1538 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384", 1539 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1540 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1541 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1542 0 }, 1543 #endif /* MBEDTLS_SHA512_C */ 1544 #endif /* MBEDTLS_GCM_C */ 1545 1546 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1547 #if defined(MBEDTLS_SHA256_C) 1548 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256", 1549 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1550 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1551 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1552 0 }, 1553 #endif /* MBEDTLS_SHA256_C */ 1554 1555 #if defined(MBEDTLS_SHA512_C) 1556 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384", 1557 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1558 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1559 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1560 0 }, 1561 #endif /* MBEDTLS_SHA512_C */ 1562 1563 #if defined(MBEDTLS_SHA1_C) 1564 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA", 1565 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1566 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1567 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1568 0 }, 1569 1570 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA", 1571 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1572 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1573 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1574 0 }, 1575 #endif /* MBEDTLS_SHA1_C */ 1576 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1577 #endif /* MBEDTLS_AES_C */ 1578 1579 #if defined(MBEDTLS_CAMELLIA_C) 1580 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1581 #if defined(MBEDTLS_SHA256_C) 1582 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256", 1583 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1584 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1585 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1586 0 }, 1587 #endif /* MBEDTLS_SHA256_C */ 1588 1589 #if defined(MBEDTLS_SHA512_C) 1590 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384", 1591 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1592 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1593 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1594 0 }, 1595 #endif /* MBEDTLS_SHA512_C */ 1596 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1597 1598 #if defined(MBEDTLS_GCM_C) 1599 #if defined(MBEDTLS_SHA256_C) 1600 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256", 1601 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1602 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1603 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1604 0 }, 1605 #endif /* MBEDTLS_SHA256_C */ 1606 1607 #if defined(MBEDTLS_SHA512_C) 1608 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384", 1609 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1610 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1611 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1612 0 }, 1613 #endif /* MBEDTLS_SHA512_C */ 1614 #endif /* MBEDTLS_GCM_C */ 1615 #endif /* MBEDTLS_CAMELLIA_C */ 1616 1617 #if defined(MBEDTLS_DES_C) 1618 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1619 #if defined(MBEDTLS_SHA1_C) 1620 { MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA", 1621 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1622 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1623 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1624 0 }, 1625 #endif /* MBEDTLS_SHA1_C */ 1626 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1627 #endif /* MBEDTLS_DES_C */ 1628 1629 #if defined(MBEDTLS_ARC4_C) 1630 #if defined(MBEDTLS_SHA1_C) 1631 { MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA", 1632 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1633 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1634 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1635 MBEDTLS_CIPHERSUITE_NODTLS }, 1636 #endif /* MBEDTLS_SHA1_C */ 1637 #endif /* MBEDTLS_ARC4_C */ 1638 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ 1639 1640 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) 1641 #if defined(MBEDTLS_AES_C) 1642 #if defined(MBEDTLS_CCM_C) 1643 { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8", 1644 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE, 1645 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1646 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1647 MBEDTLS_CIPHERSUITE_SHORT_TAG }, 1648 #endif /* MBEDTLS_CCM_C */ 1649 #endif /* MBEDTLS_AES_C */ 1650 #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ 1651 1652 #if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES) 1653 #if defined(MBEDTLS_CIPHER_NULL_CIPHER) 1654 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) 1655 #if defined(MBEDTLS_MD5_C) 1656 { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5", 1657 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA, 1658 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1659 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1660 MBEDTLS_CIPHERSUITE_WEAK }, 1661 #endif 1662 1663 #if defined(MBEDTLS_SHA1_C) 1664 { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA", 1665 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 1666 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1667 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1668 MBEDTLS_CIPHERSUITE_WEAK }, 1669 #endif 1670 1671 #if defined(MBEDTLS_SHA256_C) 1672 { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256", 1673 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 1674 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1675 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1676 MBEDTLS_CIPHERSUITE_WEAK }, 1677 #endif 1678 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ 1679 1680 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) 1681 #if defined(MBEDTLS_SHA1_C) 1682 { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA", 1683 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK, 1684 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1685 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1686 MBEDTLS_CIPHERSUITE_WEAK }, 1687 #endif /* MBEDTLS_SHA1_C */ 1688 1689 #if defined(MBEDTLS_SHA256_C) 1690 { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256", 1691 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1692 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1693 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1694 MBEDTLS_CIPHERSUITE_WEAK }, 1695 #endif 1696 1697 #if defined(MBEDTLS_SHA512_C) 1698 { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384", 1699 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 1700 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1701 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1702 MBEDTLS_CIPHERSUITE_WEAK }, 1703 #endif 1704 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ 1705 1706 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) 1707 #if defined(MBEDTLS_SHA1_C) 1708 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA", 1709 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1710 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1711 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1712 MBEDTLS_CIPHERSUITE_WEAK }, 1713 #endif /* MBEDTLS_SHA1_C */ 1714 1715 #if defined(MBEDTLS_SHA256_C) 1716 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256", 1717 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1718 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1719 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1720 MBEDTLS_CIPHERSUITE_WEAK }, 1721 #endif 1722 1723 #if defined(MBEDTLS_SHA512_C) 1724 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384", 1725 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 1726 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1727 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1728 MBEDTLS_CIPHERSUITE_WEAK }, 1729 #endif 1730 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ 1731 1732 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) 1733 #if defined(MBEDTLS_SHA1_C) 1734 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA", 1735 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1736 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1737 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1738 MBEDTLS_CIPHERSUITE_WEAK }, 1739 #endif /* MBEDTLS_SHA1_C */ 1740 1741 #if defined(MBEDTLS_SHA256_C) 1742 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256", 1743 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1744 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1745 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1746 MBEDTLS_CIPHERSUITE_WEAK }, 1747 #endif 1748 1749 #if defined(MBEDTLS_SHA512_C) 1750 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384", 1751 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 1752 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1753 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1754 MBEDTLS_CIPHERSUITE_WEAK }, 1755 #endif 1756 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ 1757 1758 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) 1759 #if defined(MBEDTLS_SHA1_C) 1760 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA", 1761 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1762 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1763 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1764 MBEDTLS_CIPHERSUITE_WEAK }, 1765 #endif /* MBEDTLS_SHA1_C */ 1766 1767 #if defined(MBEDTLS_SHA256_C) 1768 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256", 1769 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1770 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1771 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1772 MBEDTLS_CIPHERSUITE_WEAK }, 1773 #endif 1774 1775 #if defined(MBEDTLS_SHA512_C) 1776 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384", 1777 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1778 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, 1779 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1780 MBEDTLS_CIPHERSUITE_WEAK }, 1781 #endif 1782 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ 1783 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ 1784 1785 #if defined(MBEDTLS_DES_C) 1786 #if defined(MBEDTLS_CIPHER_MODE_CBC) 1787 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) 1788 #if defined(MBEDTLS_SHA1_C) 1789 { MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA", 1790 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 1791 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1792 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1793 MBEDTLS_CIPHERSUITE_WEAK }, 1794 #endif /* MBEDTLS_SHA1_C */ 1795 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ 1796 1797 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) 1798 #if defined(MBEDTLS_SHA1_C) 1799 { MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA", 1800 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA, 1801 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0, 1802 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1803 MBEDTLS_CIPHERSUITE_WEAK }, 1804 #endif /* MBEDTLS_SHA1_C */ 1805 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ 1806 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 1807 #endif /* MBEDTLS_DES_C */ 1808 #endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */ 1809 1810 #if defined(MBEDTLS_ARIA_C) 1811 1812 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) 1813 1814 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) 1815 { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, 1816 "TLS-RSA-WITH-ARIA-256-GCM-SHA384", 1817 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 1818 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1819 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1820 0 }, 1821 #endif 1822 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 1823 { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, 1824 "TLS-RSA-WITH-ARIA-256-CBC-SHA384", 1825 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, 1826 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1827 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1828 0 }, 1829 #endif 1830 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 1831 { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256, 1832 "TLS-RSA-WITH-ARIA-128-GCM-SHA256", 1833 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 1834 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1835 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1836 0 }, 1837 #endif 1838 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 1839 { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256, 1840 "TLS-RSA-WITH-ARIA-128-CBC-SHA256", 1841 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA, 1842 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1843 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1844 0 }, 1845 #endif 1846 1847 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ 1848 1849 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) 1850 1851 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) 1852 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, 1853 "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384", 1854 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1855 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1856 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1857 0 }, 1858 #endif 1859 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 1860 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, 1861 "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384", 1862 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1863 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1864 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1865 0 }, 1866 #endif 1867 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 1868 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256, 1869 "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256", 1870 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1871 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1872 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1873 0 }, 1874 #endif 1875 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 1876 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256, 1877 "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256", 1878 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK, 1879 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1880 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1881 0 }, 1882 #endif 1883 1884 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ 1885 1886 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) 1887 1888 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) 1889 { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, 1890 "TLS-PSK-WITH-ARIA-256-GCM-SHA384", 1891 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK, 1892 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1893 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1894 0 }, 1895 #endif 1896 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 1897 { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, 1898 "TLS-PSK-WITH-ARIA-256-CBC-SHA384", 1899 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, 1900 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1901 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1902 0 }, 1903 #endif 1904 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 1905 { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256, 1906 "TLS-PSK-WITH-ARIA-128-GCM-SHA256", 1907 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1908 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1909 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1910 0 }, 1911 #endif 1912 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 1913 { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256, 1914 "TLS-PSK-WITH-ARIA-128-CBC-SHA256", 1915 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK, 1916 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1917 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1918 0 }, 1919 #endif 1920 1921 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ 1922 1923 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) 1924 1925 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) 1926 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, 1927 "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384", 1928 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1929 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1930 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1931 0 }, 1932 #endif 1933 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 1934 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, 1935 "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384", 1936 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1937 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1938 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1939 0 }, 1940 #endif 1941 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 1942 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256, 1943 "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256", 1944 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1945 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1946 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1947 0 }, 1948 #endif 1949 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 1950 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256, 1951 "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256", 1952 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, 1953 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1954 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1955 0 }, 1956 #endif 1957 1958 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ 1959 1960 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) 1961 1962 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) 1963 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, 1964 "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384", 1965 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 1966 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1967 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1968 0 }, 1969 #endif 1970 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 1971 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, 1972 "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384", 1973 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 1974 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1975 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1976 0 }, 1977 #endif 1978 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 1979 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256, 1980 "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256", 1981 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 1982 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1983 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1984 0 }, 1985 #endif 1986 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 1987 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256, 1988 "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256", 1989 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, 1990 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1991 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 1992 0 }, 1993 #endif 1994 1995 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ 1996 1997 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) 1998 1999 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 2000 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, 2001 "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384", 2002 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 2003 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2004 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2005 0 }, 2006 #endif 2007 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 2008 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256, 2009 "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256", 2010 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, 2011 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2012 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2013 0 }, 2014 #endif 2015 2016 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ 2017 2018 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) 2019 2020 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) 2021 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, 2022 "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384", 2023 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 2024 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2025 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2026 0 }, 2027 #endif 2028 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 2029 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, 2030 "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384", 2031 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 2032 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2033 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2034 0 }, 2035 #endif 2036 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 2037 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, 2038 "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256", 2039 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 2040 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2041 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2042 0 }, 2043 #endif 2044 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 2045 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256, 2046 "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256", 2047 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, 2048 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2049 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2050 0 }, 2051 #endif 2052 2053 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ 2054 2055 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) 2056 2057 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) 2058 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, 2059 "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384", 2060 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 2061 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2062 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2063 0 }, 2064 #endif 2065 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 2066 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, 2067 "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384", 2068 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 2069 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2070 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2071 0 }, 2072 #endif 2073 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 2074 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256, 2075 "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256", 2076 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 2077 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2078 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2079 0 }, 2080 #endif 2081 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 2082 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256, 2083 "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256", 2084 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, 2085 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2086 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2087 0 }, 2088 #endif 2089 2090 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ 2091 2092 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) 2093 2094 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) 2095 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, 2096 "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384", 2097 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 2098 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2099 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2100 0 }, 2101 #endif 2102 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 2103 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, 2104 "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384", 2105 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 2106 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2107 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2108 0 }, 2109 #endif 2110 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 2111 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256, 2112 "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256", 2113 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 2114 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2115 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2116 0 }, 2117 #endif 2118 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 2119 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256, 2120 "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256", 2121 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA, 2122 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2123 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2124 0 }, 2125 #endif 2126 2127 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ 2128 2129 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) 2130 2131 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) 2132 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, 2133 "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384", 2134 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 2135 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2136 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2137 0 }, 2138 #endif 2139 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) 2140 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, 2141 "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384", 2142 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 2143 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2144 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2145 0 }, 2146 #endif 2147 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C)) 2148 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256, 2149 "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256", 2150 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 2151 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2152 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2153 0 }, 2154 #endif 2155 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C)) 2156 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256, 2157 "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256", 2158 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK, 2159 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2160 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 2161 0 }, 2162 #endif 2163 2164 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ 2165 2166 #endif /* MBEDTLS_ARIA_C */ 2167 2168 2169 { 0, "", 2170 MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE, 2171 0, 0, 0, 0, 0 } 2172 }; 2173 2174 #if defined(MBEDTLS_SSL_CIPHERSUITES) 2175 const int *mbedtls_ssl_list_ciphersuites( void ) 2176 { 2177 return( ciphersuite_preference ); 2178 } 2179 #else 2180 #define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \ 2181 sizeof( ciphersuite_definitions[0] ) 2182 static int supported_ciphersuites[MAX_CIPHERSUITES]; 2183 static int supported_init = 0; 2184 2185 static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info ) 2186 { 2187 (void)cs_info; 2188 2189 #if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES) 2190 if( cs_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) 2191 return( 1 ); 2192 #endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */ 2193 2194 #if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) 2195 if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB || 2196 cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC ) 2197 { 2198 return( 1 ); 2199 } 2200 #endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */ 2201 2202 return( 0 ); 2203 } 2204 2205 const int *mbedtls_ssl_list_ciphersuites( void ) 2206 { 2207 /* 2208 * On initial call filter out all ciphersuites not supported by current 2209 * build based on presence in the ciphersuite_definitions. 2210 */ 2211 if( supported_init == 0 ) 2212 { 2213 const int *p; 2214 int *q; 2215 2216 for( p = ciphersuite_preference, q = supported_ciphersuites; 2217 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1; 2218 p++ ) 2219 { 2220 const mbedtls_ssl_ciphersuite_t *cs_info; 2221 if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL && 2222 !ciphersuite_is_removed( cs_info ) ) 2223 { 2224 *(q++) = *p; 2225 } 2226 } 2227 *q = 0; 2228 2229 supported_init = 1; 2230 } 2231 2232 return( supported_ciphersuites ); 2233 } 2234 #endif /* MBEDTLS_SSL_CIPHERSUITES */ 2235 2236 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( 2237 const char *ciphersuite_name ) 2238 { 2239 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; 2240 2241 if( NULL == ciphersuite_name ) 2242 return( NULL ); 2243 2244 while( cur->id != 0 ) 2245 { 2246 if( 0 == strcmp( cur->name, ciphersuite_name ) ) 2247 return( cur ); 2248 2249 cur++; 2250 } 2251 2252 return( NULL ); 2253 } 2254 2255 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite ) 2256 { 2257 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; 2258 2259 while( cur->id != 0 ) 2260 { 2261 if( cur->id == ciphersuite ) 2262 return( cur ); 2263 2264 cur++; 2265 } 2266 2267 return( NULL ); 2268 } 2269 2270 const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ) 2271 { 2272 const mbedtls_ssl_ciphersuite_t *cur; 2273 2274 cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id ); 2275 2276 if( cur == NULL ) 2277 return( "unknown" ); 2278 2279 return( cur->name ); 2280 } 2281 2282 int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ) 2283 { 2284 const mbedtls_ssl_ciphersuite_t *cur; 2285 2286 cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name ); 2287 2288 if( cur == NULL ) 2289 return( 0 ); 2290 2291 return( cur->id ); 2292 } 2293 2294 #if defined(MBEDTLS_PK_C) 2295 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ) 2296 { 2297 switch( info->key_exchange ) 2298 { 2299 case MBEDTLS_KEY_EXCHANGE_RSA: 2300 case MBEDTLS_KEY_EXCHANGE_DHE_RSA: 2301 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: 2302 case MBEDTLS_KEY_EXCHANGE_RSA_PSK: 2303 return( MBEDTLS_PK_RSA ); 2304 2305 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: 2306 return( MBEDTLS_PK_ECDSA ); 2307 2308 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: 2309 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: 2310 return( MBEDTLS_PK_ECKEY ); 2311 2312 default: 2313 return( MBEDTLS_PK_NONE ); 2314 } 2315 } 2316 2317 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info ) 2318 { 2319 switch( info->key_exchange ) 2320 { 2321 case MBEDTLS_KEY_EXCHANGE_RSA: 2322 case MBEDTLS_KEY_EXCHANGE_DHE_RSA: 2323 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: 2324 return( MBEDTLS_PK_RSA ); 2325 2326 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: 2327 return( MBEDTLS_PK_ECDSA ); 2328 2329 default: 2330 return( MBEDTLS_PK_NONE ); 2331 } 2332 } 2333 2334 #endif /* MBEDTLS_PK_C */ 2335 2336 #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ 2337 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) 2338 int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ) 2339 { 2340 switch( info->key_exchange ) 2341 { 2342 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: 2343 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: 2344 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: 2345 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: 2346 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: 2347 case MBEDTLS_KEY_EXCHANGE_ECJPAKE: 2348 return( 1 ); 2349 2350 default: 2351 return( 0 ); 2352 } 2353 } 2354 #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/ 2355 2356 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) 2357 int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ) 2358 { 2359 switch( info->key_exchange ) 2360 { 2361 case MBEDTLS_KEY_EXCHANGE_PSK: 2362 case MBEDTLS_KEY_EXCHANGE_RSA_PSK: 2363 case MBEDTLS_KEY_EXCHANGE_DHE_PSK: 2364 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: 2365 return( 1 ); 2366 2367 default: 2368 return( 0 ); 2369 } 2370 } 2371 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ 2372 2373 #endif /* MBEDTLS_SSL_TLS_C */ 2374