1 /**
2 * \file ssl_ciphersuites.c
3 *
4 * \brief SSL ciphersuites for mbed TLS
5 *
6 * Copyright The Mbed TLS Contributors
7 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
8 *
9 * This file is provided under the Apache License 2.0, or the
10 * GNU General Public License v2.0 or later.
11 *
12 * **********
13 * Apache License 2.0:
14 *
15 * Licensed under the Apache License, Version 2.0 (the "License"); you may
16 * not use this file except in compliance with the License.
17 * You may obtain a copy of the License at
18 *
19 * http://www.apache.org/licenses/LICENSE-2.0
20 *
21 * Unless required by applicable law or agreed to in writing, software
22 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
23 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
24 * See the License for the specific language governing permissions and
25 * limitations under the License.
26 *
27 * **********
28 *
29 * **********
30 * GNU General Public License v2.0 or later:
31 *
32 * This program is free software; you can redistribute it and/or modify
33 * it under the terms of the GNU General Public License as published by
34 * the Free Software Foundation; either version 2 of the License, or
35 * (at your option) any later version.
36 *
37 * This program is distributed in the hope that it will be useful,
38 * but WITHOUT ANY WARRANTY; without even the implied warranty of
39 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
40 * GNU General Public License for more details.
41 *
42 * You should have received a copy of the GNU General Public License along
43 * with this program; if not, write to the Free Software Foundation, Inc.,
44 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
45 *
46 * **********
47 */
48
49 #if !defined(MBEDTLS_CONFIG_FILE)
50 #include "mbedtls/config.h"
51 #else
52 #include MBEDTLS_CONFIG_FILE
53 #endif
54
55 #if defined(MBEDTLS_SSL_TLS_C)
56
57 #if defined(MBEDTLS_PLATFORM_C)
58 #include "mbedtls/platform.h"
59 #else
60 #include <stdlib.h>
61 #endif
62
63 #include "mbedtls/ssl_ciphersuites.h"
64 #include "mbedtls/ssl.h"
65
66 #include <string.h>
67
68 /*
69 * Ordered from most preferred to least preferred in terms of security.
70 *
71 * Current rule (except RC4 and 3DES, weak and null which come last):
72 * 1. By key exchange:
73 * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
74 * 2. By key length and cipher:
75 * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128
76 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
77 * 4. By hash function used when relevant
78 * 5. By key exchange/auth again: EC > non-EC
79 */
80 static const int ciphersuite_preference[] =
81 {
82 #if defined(MBEDTLS_SSL_CIPHERSUITES)
83 MBEDTLS_SSL_CIPHERSUITES,
84 #else
85 /* Chacha-Poly ephemeral suites */
86 MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
87 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
88 MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
89
90 /* All AES-256 ephemeral suites */
91 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
92 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
93 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
94 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
95 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
96 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
97 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
98 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
99 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
100 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
101 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
102 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
103 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8,
104
105 /* All CAMELLIA-256 ephemeral suites */
106 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
107 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
108 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
109 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
110 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
111 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
112 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
113
114 /* All ARIA-256 ephemeral suites */
115 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
116 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
117 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
118 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
119 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
120 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
121
122 /* All AES-128 ephemeral suites */
123 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
124 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
125 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
126 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
127 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
128 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
129 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
130 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
131 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
132 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
133 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
134 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
135 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
136
137 /* All CAMELLIA-128 ephemeral suites */
138 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
139 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
140 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
141 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
142 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
143 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
144 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
145
146 /* All ARIA-128 ephemeral suites */
147 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
148 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
149 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
150 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
151 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
152 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
153
154 /* The PSK ephemeral suites */
155 MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
156 MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
157 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
158 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
159 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
160 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
161 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
162 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
163 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
164 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
165 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
166 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
167 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
168 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
169 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
170
171 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
172 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM,
173 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
174 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
175 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
176 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
177 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
178 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
179 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
180 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
181 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
182 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
183 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
184
185 /* The ECJPAKE suite */
186 MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
187
188 /* All AES-256 suites */
189 MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
190 MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
191 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
192 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
193 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
194 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
195 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
196 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
197 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
198 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
199 MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
200
201 /* All CAMELLIA-256 suites */
202 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
203 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
204 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
205 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
206 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
207 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
208 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
209
210 /* All ARIA-256 suites */
211 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
212 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
213 MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
214 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
215 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
216 MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
217
218 /* All AES-128 suites */
219 MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
220 MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
221 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
222 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
223 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
224 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
225 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
226 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
227 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
228 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
229 MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
230
231 /* All CAMELLIA-128 suites */
232 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
233 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
234 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
235 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
236 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
237 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
238 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
239
240 /* All ARIA-128 suites */
241 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
242 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
243 MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
244 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
245 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
246 MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
247
248 /* The RSA PSK suites */
249 MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
250 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
251 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
252 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
253 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
254 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
255 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
256 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
257
258 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
259 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
260 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
261 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
262 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
263 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
264 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
265
266 /* The PSK suites */
267 MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
268 MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
269 MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
270 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
271 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
272 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
273 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
274 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,
275 MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
276 MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
277
278 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
279 MBEDTLS_TLS_PSK_WITH_AES_128_CCM,
280 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
281 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
282 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
283 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
284 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8,
285 MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
286 MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
287
288 /* 3DES suites */
289 MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
290 MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
291 MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
292 MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
293 MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
294 MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
295 MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
296 MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
297 MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
298 MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
299
300 /* RC4 suites */
301 MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
302 MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA,
303 MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA,
304 MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA,
305 MBEDTLS_TLS_RSA_WITH_RC4_128_SHA,
306 MBEDTLS_TLS_RSA_WITH_RC4_128_MD5,
307 MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA,
308 MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
309 MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA,
310 MBEDTLS_TLS_PSK_WITH_RC4_128_SHA,
311
312 /* Weak suites */
313 MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA,
314 MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA,
315
316 /* NULL suites */
317 MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
318 MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
319 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
320 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
321 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
322 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
323 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
324 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
325
326 MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
327 MBEDTLS_TLS_RSA_WITH_NULL_SHA,
328 MBEDTLS_TLS_RSA_WITH_NULL_MD5,
329 MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
330 MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
331 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
332 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
333 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
334 MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
335 MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
336 MBEDTLS_TLS_PSK_WITH_NULL_SHA,
337
338 #endif /* MBEDTLS_SSL_CIPHERSUITES */
339 0
340 };
341
342 static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
343 {
344 #if defined(MBEDTLS_CHACHAPOLY_C) && \
345 defined(MBEDTLS_SHA256_C) && \
346 defined(MBEDTLS_SSL_PROTO_TLS1_2)
347 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
348 { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
349 "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
350 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
351 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
352 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
353 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
354 0 },
355 #endif
356 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
357 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
358 "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256",
359 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
360 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
361 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
362 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
363 0 },
364 #endif
365 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
366 { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
367 "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
368 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
369 MBEDTLS_KEY_EXCHANGE_DHE_RSA,
370 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
371 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
372 0 },
373 #endif
374 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
375 { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
376 "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256",
377 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
378 MBEDTLS_KEY_EXCHANGE_PSK,
379 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
380 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
381 0 },
382 #endif
383 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
384 { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
385 "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
386 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
387 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
388 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
389 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
390 0 },
391 #endif
392 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
393 { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
394 "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
395 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
396 MBEDTLS_KEY_EXCHANGE_DHE_PSK,
397 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
398 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
399 0 },
400 #endif
401 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
402 { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
403 "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256",
404 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
405 MBEDTLS_KEY_EXCHANGE_RSA_PSK,
406 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
407 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
408 0 },
409 #endif
410 #endif /* MBEDTLS_CHACHAPOLY_C &&
411 MBEDTLS_SHA256_C &&
412 MBEDTLS_SSL_PROTO_TLS1_2 */
413 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
414 #if defined(MBEDTLS_AES_C)
415 #if defined(MBEDTLS_SHA1_C)
416 #if defined(MBEDTLS_CIPHER_MODE_CBC)
417 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
418 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
419 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
420 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
421 0 },
422 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
423 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
424 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
425 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
426 0 },
427 #endif /* MBEDTLS_CIPHER_MODE_CBC */
428 #endif /* MBEDTLS_SHA1_C */
429 #if defined(MBEDTLS_SHA256_C)
430 #if defined(MBEDTLS_CIPHER_MODE_CBC)
431 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
432 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
433 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
434 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
435 0 },
436 #endif /* MBEDTLS_CIPHER_MODE_CBC */
437 #if defined(MBEDTLS_GCM_C)
438 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
439 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
440 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
441 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
442 0 },
443 #endif /* MBEDTLS_GCM_C */
444 #endif /* MBEDTLS_SHA256_C */
445 #if defined(MBEDTLS_SHA512_C)
446 #if defined(MBEDTLS_CIPHER_MODE_CBC)
447 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
448 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
449 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
450 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
451 0 },
452 #endif /* MBEDTLS_CIPHER_MODE_CBC */
453 #if defined(MBEDTLS_GCM_C)
454 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
455 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
456 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
457 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
458 0 },
459 #endif /* MBEDTLS_GCM_C */
460 #endif /* MBEDTLS_SHA512_C */
461 #if defined(MBEDTLS_CCM_C)
462 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
463 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
464 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
465 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
466 0 },
467 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
468 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
469 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
470 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
471 MBEDTLS_CIPHERSUITE_SHORT_TAG },
472 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
473 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
474 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
475 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
476 0 },
477 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
478 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
479 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
480 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
481 MBEDTLS_CIPHERSUITE_SHORT_TAG },
482 #endif /* MBEDTLS_CCM_C */
483 #endif /* MBEDTLS_AES_C */
484
485 #if defined(MBEDTLS_CAMELLIA_C)
486 #if defined(MBEDTLS_CIPHER_MODE_CBC)
487 #if defined(MBEDTLS_SHA256_C)
488 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
489 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
490 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
491 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
492 0 },
493 #endif /* MBEDTLS_SHA256_C */
494 #if defined(MBEDTLS_SHA512_C)
495 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
496 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
497 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
498 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
499 0 },
500 #endif /* MBEDTLS_SHA512_C */
501 #endif /* MBEDTLS_CIPHER_MODE_CBC */
502
503 #if defined(MBEDTLS_GCM_C)
504 #if defined(MBEDTLS_SHA256_C)
505 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
506 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
507 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
508 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
509 0 },
510 #endif /* MBEDTLS_SHA256_C */
511 #if defined(MBEDTLS_SHA512_C)
512 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
513 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
514 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
515 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
516 0 },
517 #endif /* MBEDTLS_SHA512_C */
518 #endif /* MBEDTLS_GCM_C */
519 #endif /* MBEDTLS_CAMELLIA_C */
520
521 #if defined(MBEDTLS_DES_C)
522 #if defined(MBEDTLS_CIPHER_MODE_CBC)
523 #if defined(MBEDTLS_SHA1_C)
524 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
525 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
526 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
527 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
528 0 },
529 #endif /* MBEDTLS_SHA1_C */
530 #endif /* MBEDTLS_CIPHER_MODE_CBC */
531 #endif /* MBEDTLS_DES_C */
532
533 #if defined(MBEDTLS_ARC4_C)
534 #if defined(MBEDTLS_SHA1_C)
535 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
536 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
537 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
538 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
539 MBEDTLS_CIPHERSUITE_NODTLS },
540 #endif /* MBEDTLS_SHA1_C */
541 #endif /* MBEDTLS_ARC4_C */
542
543 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
544 #if defined(MBEDTLS_SHA1_C)
545 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
546 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
547 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
548 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
549 MBEDTLS_CIPHERSUITE_WEAK },
550 #endif /* MBEDTLS_SHA1_C */
551 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
552 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
553
554 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
555 #if defined(MBEDTLS_AES_C)
556 #if defined(MBEDTLS_SHA1_C)
557 #if defined(MBEDTLS_CIPHER_MODE_CBC)
558 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
559 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
560 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
561 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
562 0 },
563 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
564 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
565 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
566 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
567 0 },
568 #endif /* MBEDTLS_CIPHER_MODE_CBC */
569 #endif /* MBEDTLS_SHA1_C */
570 #if defined(MBEDTLS_SHA256_C)
571 #if defined(MBEDTLS_CIPHER_MODE_CBC)
572 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
573 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
574 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
575 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
576 0 },
577 #endif /* MBEDTLS_CIPHER_MODE_CBC */
578 #if defined(MBEDTLS_GCM_C)
579 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
580 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
581 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
582 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
583 0 },
584 #endif /* MBEDTLS_GCM_C */
585 #endif /* MBEDTLS_SHA256_C */
586 #if defined(MBEDTLS_SHA512_C)
587 #if defined(MBEDTLS_CIPHER_MODE_CBC)
588 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
589 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
590 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
591 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
592 0 },
593 #endif /* MBEDTLS_CIPHER_MODE_CBC */
594 #if defined(MBEDTLS_GCM_C)
595 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
596 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
597 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
598 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
599 0 },
600 #endif /* MBEDTLS_GCM_C */
601 #endif /* MBEDTLS_SHA512_C */
602 #endif /* MBEDTLS_AES_C */
603
604 #if defined(MBEDTLS_CAMELLIA_C)
605 #if defined(MBEDTLS_CIPHER_MODE_CBC)
606 #if defined(MBEDTLS_SHA256_C)
607 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
608 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
609 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
610 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
611 0 },
612 #endif /* MBEDTLS_SHA256_C */
613 #if defined(MBEDTLS_SHA512_C)
614 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
615 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
616 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
617 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
618 0 },
619 #endif /* MBEDTLS_SHA512_C */
620 #endif /* MBEDTLS_CIPHER_MODE_CBC */
621
622 #if defined(MBEDTLS_GCM_C)
623 #if defined(MBEDTLS_SHA256_C)
624 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
625 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
626 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
627 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
628 0 },
629 #endif /* MBEDTLS_SHA256_C */
630 #if defined(MBEDTLS_SHA512_C)
631 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
632 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
633 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
634 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
635 0 },
636 #endif /* MBEDTLS_SHA512_C */
637 #endif /* MBEDTLS_GCM_C */
638 #endif /* MBEDTLS_CAMELLIA_C */
639
640 #if defined(MBEDTLS_DES_C)
641 #if defined(MBEDTLS_CIPHER_MODE_CBC)
642 #if defined(MBEDTLS_SHA1_C)
643 { MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
644 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
645 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
646 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
647 0 },
648 #endif /* MBEDTLS_SHA1_C */
649 #endif /* MBEDTLS_CIPHER_MODE_CBC */
650 #endif /* MBEDTLS_DES_C */
651
652 #if defined(MBEDTLS_ARC4_C)
653 #if defined(MBEDTLS_SHA1_C)
654 { MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
655 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
656 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
657 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
658 MBEDTLS_CIPHERSUITE_NODTLS },
659 #endif /* MBEDTLS_SHA1_C */
660 #endif /* MBEDTLS_ARC4_C */
661
662 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
663 #if defined(MBEDTLS_SHA1_C)
664 { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
665 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
666 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
667 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
668 MBEDTLS_CIPHERSUITE_WEAK },
669 #endif /* MBEDTLS_SHA1_C */
670 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
671 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
672
673 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
674 #if defined(MBEDTLS_AES_C)
675 #if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
676 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
677 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
678 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
679 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
680 0 },
681 #endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
682
683 #if defined(MBEDTLS_SHA256_C)
684 #if defined(MBEDTLS_GCM_C)
685 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
686 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
687 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
688 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
689 0 },
690 #endif /* MBEDTLS_GCM_C */
691
692 #if defined(MBEDTLS_CIPHER_MODE_CBC)
693 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
694 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
695 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
696 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
697 0 },
698
699 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
700 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
701 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
702 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
703 0 },
704 #endif /* MBEDTLS_CIPHER_MODE_CBC */
705 #endif /* MBEDTLS_SHA256_C */
706
707 #if defined(MBEDTLS_CIPHER_MODE_CBC)
708 #if defined(MBEDTLS_SHA1_C)
709 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
710 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
711 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
712 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
713 0 },
714
715 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
716 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
717 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
718 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
719 0 },
720 #endif /* MBEDTLS_SHA1_C */
721 #endif /* MBEDTLS_CIPHER_MODE_CBC */
722 #if defined(MBEDTLS_CCM_C)
723 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
724 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
725 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
726 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
727 0 },
728 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
729 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
730 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
731 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
732 MBEDTLS_CIPHERSUITE_SHORT_TAG },
733 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
734 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
735 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
736 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
737 0 },
738 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
739 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
740 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
741 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
742 MBEDTLS_CIPHERSUITE_SHORT_TAG },
743 #endif /* MBEDTLS_CCM_C */
744 #endif /* MBEDTLS_AES_C */
745
746 #if defined(MBEDTLS_CAMELLIA_C)
747 #if defined(MBEDTLS_CIPHER_MODE_CBC)
748 #if defined(MBEDTLS_SHA256_C)
749 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
750 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
751 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
752 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
753 0 },
754
755 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
756 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
757 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
758 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
759 0 },
760 #endif /* MBEDTLS_SHA256_C */
761
762 #if defined(MBEDTLS_SHA1_C)
763 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
764 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
765 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
766 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
767 0 },
768
769 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
770 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
771 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
772 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
773 0 },
774 #endif /* MBEDTLS_SHA1_C */
775 #endif /* MBEDTLS_CIPHER_MODE_CBC */
776 #if defined(MBEDTLS_GCM_C)
777 #if defined(MBEDTLS_SHA256_C)
778 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
779 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
780 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
781 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
782 0 },
783 #endif /* MBEDTLS_SHA256_C */
784
785 #if defined(MBEDTLS_SHA512_C)
786 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
787 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
788 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
789 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
790 0 },
791 #endif /* MBEDTLS_SHA512_C */
792 #endif /* MBEDTLS_GCM_C */
793 #endif /* MBEDTLS_CAMELLIA_C */
794
795 #if defined(MBEDTLS_DES_C)
796 #if defined(MBEDTLS_CIPHER_MODE_CBC)
797 #if defined(MBEDTLS_SHA1_C)
798 { MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
799 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
800 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
801 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
802 0 },
803 #endif /* MBEDTLS_SHA1_C */
804 #endif /* MBEDTLS_CIPHER_MODE_CBC */
805 #endif /* MBEDTLS_DES_C */
806 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
807
808 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
809 #if defined(MBEDTLS_AES_C)
810 #if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
811 { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
812 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
813 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
814 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
815 0 },
816 #endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
817
818 #if defined(MBEDTLS_SHA256_C)
819 #if defined(MBEDTLS_GCM_C)
820 { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
821 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
822 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
823 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
824 0 },
825 #endif /* MBEDTLS_GCM_C */
826
827 #if defined(MBEDTLS_CIPHER_MODE_CBC)
828 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
829 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
830 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
831 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
832 0 },
833
834 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
835 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
836 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
837 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
838 0 },
839 #endif /* MBEDTLS_CIPHER_MODE_CBC */
840 #endif /* MBEDTLS_SHA256_C */
841
842 #if defined(MBEDTLS_SHA1_C)
843 #if defined(MBEDTLS_CIPHER_MODE_CBC)
844 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
845 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
846 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
847 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
848 0 },
849
850 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
851 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
852 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
853 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
854 0 },
855 #endif /* MBEDTLS_CIPHER_MODE_CBC */
856 #endif /* MBEDTLS_SHA1_C */
857 #if defined(MBEDTLS_CCM_C)
858 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
859 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
860 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
861 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
862 0 },
863 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
864 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
865 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
866 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
867 MBEDTLS_CIPHERSUITE_SHORT_TAG },
868 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
869 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
870 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
871 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
872 0 },
873 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
874 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
875 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
876 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
877 MBEDTLS_CIPHERSUITE_SHORT_TAG },
878 #endif /* MBEDTLS_CCM_C */
879 #endif /* MBEDTLS_AES_C */
880
881 #if defined(MBEDTLS_CAMELLIA_C)
882 #if defined(MBEDTLS_CIPHER_MODE_CBC)
883 #if defined(MBEDTLS_SHA256_C)
884 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
885 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
886 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
887 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
888 0 },
889
890 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
891 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
892 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
893 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
894 0 },
895 #endif /* MBEDTLS_SHA256_C */
896
897 #if defined(MBEDTLS_SHA1_C)
898 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
899 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
900 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
901 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
902 0 },
903
904 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
905 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
906 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
907 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
908 0 },
909 #endif /* MBEDTLS_SHA1_C */
910 #endif /* MBEDTLS_CIPHER_MODE_CBC */
911
912 #if defined(MBEDTLS_GCM_C)
913 #if defined(MBEDTLS_SHA256_C)
914 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
915 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
916 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
917 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
918 0 },
919 #endif /* MBEDTLS_SHA256_C */
920
921 #if defined(MBEDTLS_SHA512_C)
922 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
923 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
924 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
925 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
926 0 },
927 #endif /* MBEDTLS_SHA512_C */
928 #endif /* MBEDTLS_GCM_C */
929 #endif /* MBEDTLS_CAMELLIA_C */
930
931 #if defined(MBEDTLS_DES_C)
932 #if defined(MBEDTLS_CIPHER_MODE_CBC)
933 #if defined(MBEDTLS_SHA1_C)
934 { MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
935 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
936 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
937 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
938 0 },
939 #endif /* MBEDTLS_SHA1_C */
940 #endif /* MBEDTLS_CIPHER_MODE_CBC */
941 #endif /* MBEDTLS_DES_C */
942
943 #if defined(MBEDTLS_ARC4_C)
944 #if defined(MBEDTLS_MD5_C)
945 { MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
946 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
947 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
948 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
949 MBEDTLS_CIPHERSUITE_NODTLS },
950 #endif
951
952 #if defined(MBEDTLS_SHA1_C)
953 { MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
954 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
955 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
956 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
957 MBEDTLS_CIPHERSUITE_NODTLS },
958 #endif
959 #endif /* MBEDTLS_ARC4_C */
960 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
961
962 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
963 #if defined(MBEDTLS_AES_C)
964 #if defined(MBEDTLS_SHA1_C)
965 #if defined(MBEDTLS_CIPHER_MODE_CBC)
966 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
967 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
968 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
969 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
970 0 },
971 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
972 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
973 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
974 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
975 0 },
976 #endif /* MBEDTLS_CIPHER_MODE_CBC */
977 #endif /* MBEDTLS_SHA1_C */
978 #if defined(MBEDTLS_SHA256_C)
979 #if defined(MBEDTLS_CIPHER_MODE_CBC)
980 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
981 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
982 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
983 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
984 0 },
985 #endif /* MBEDTLS_CIPHER_MODE_CBC */
986 #if defined(MBEDTLS_GCM_C)
987 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
988 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
989 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
990 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
991 0 },
992 #endif /* MBEDTLS_GCM_C */
993 #endif /* MBEDTLS_SHA256_C */
994 #if defined(MBEDTLS_SHA512_C)
995 #if defined(MBEDTLS_CIPHER_MODE_CBC)
996 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
997 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
998 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
999 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1000 0 },
1001 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1002 #if defined(MBEDTLS_GCM_C)
1003 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
1004 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1005 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1006 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1007 0 },
1008 #endif /* MBEDTLS_GCM_C */
1009 #endif /* MBEDTLS_SHA512_C */
1010 #endif /* MBEDTLS_AES_C */
1011
1012 #if defined(MBEDTLS_CAMELLIA_C)
1013 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1014 #if defined(MBEDTLS_SHA256_C)
1015 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
1016 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1017 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1018 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1019 0 },
1020 #endif /* MBEDTLS_SHA256_C */
1021 #if defined(MBEDTLS_SHA512_C)
1022 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
1023 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1024 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1025 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1026 0 },
1027 #endif /* MBEDTLS_SHA512_C */
1028 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1029
1030 #if defined(MBEDTLS_GCM_C)
1031 #if defined(MBEDTLS_SHA256_C)
1032 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
1033 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1034 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1035 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1036 0 },
1037 #endif /* MBEDTLS_SHA256_C */
1038 #if defined(MBEDTLS_SHA512_C)
1039 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
1040 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1041 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1042 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1043 0 },
1044 #endif /* MBEDTLS_SHA512_C */
1045 #endif /* MBEDTLS_GCM_C */
1046 #endif /* MBEDTLS_CAMELLIA_C */
1047
1048 #if defined(MBEDTLS_DES_C)
1049 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1050 #if defined(MBEDTLS_SHA1_C)
1051 { MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
1052 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1053 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1054 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1055 0 },
1056 #endif /* MBEDTLS_SHA1_C */
1057 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1058 #endif /* MBEDTLS_DES_C */
1059
1060 #if defined(MBEDTLS_ARC4_C)
1061 #if defined(MBEDTLS_SHA1_C)
1062 { MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA",
1063 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1064 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1065 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1066 MBEDTLS_CIPHERSUITE_NODTLS },
1067 #endif /* MBEDTLS_SHA1_C */
1068 #endif /* MBEDTLS_ARC4_C */
1069
1070 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1071 #if defined(MBEDTLS_SHA1_C)
1072 { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
1073 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1074 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1075 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1076 MBEDTLS_CIPHERSUITE_WEAK },
1077 #endif /* MBEDTLS_SHA1_C */
1078 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1079 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
1080
1081 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
1082 #if defined(MBEDTLS_AES_C)
1083 #if defined(MBEDTLS_SHA1_C)
1084 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1085 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
1086 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1087 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1088 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1089 0 },
1090 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
1091 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1092 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1093 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1094 0 },
1095 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1096 #endif /* MBEDTLS_SHA1_C */
1097 #if defined(MBEDTLS_SHA256_C)
1098 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1099 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
1100 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1101 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1102 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1103 0 },
1104 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1105 #if defined(MBEDTLS_GCM_C)
1106 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
1107 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1108 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1109 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1110 0 },
1111 #endif /* MBEDTLS_GCM_C */
1112 #endif /* MBEDTLS_SHA256_C */
1113 #if defined(MBEDTLS_SHA512_C)
1114 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1115 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
1116 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1117 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1118 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1119 0 },
1120 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1121 #if defined(MBEDTLS_GCM_C)
1122 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
1123 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1124 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1125 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1126 0 },
1127 #endif /* MBEDTLS_GCM_C */
1128 #endif /* MBEDTLS_SHA512_C */
1129 #endif /* MBEDTLS_AES_C */
1130
1131 #if defined(MBEDTLS_CAMELLIA_C)
1132 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1133 #if defined(MBEDTLS_SHA256_C)
1134 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
1135 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1136 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1137 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1138 0 },
1139 #endif /* MBEDTLS_SHA256_C */
1140 #if defined(MBEDTLS_SHA512_C)
1141 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
1142 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1143 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1144 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1145 0 },
1146 #endif /* MBEDTLS_SHA512_C */
1147 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1148
1149 #if defined(MBEDTLS_GCM_C)
1150 #if defined(MBEDTLS_SHA256_C)
1151 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
1152 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1153 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1154 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1155 0 },
1156 #endif /* MBEDTLS_SHA256_C */
1157 #if defined(MBEDTLS_SHA512_C)
1158 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
1159 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1160 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1161 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1162 0 },
1163 #endif /* MBEDTLS_SHA512_C */
1164 #endif /* MBEDTLS_GCM_C */
1165 #endif /* MBEDTLS_CAMELLIA_C */
1166
1167 #if defined(MBEDTLS_DES_C)
1168 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1169 #if defined(MBEDTLS_SHA1_C)
1170 { MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
1171 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1172 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1173 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1174 0 },
1175 #endif /* MBEDTLS_SHA1_C */
1176 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1177 #endif /* MBEDTLS_DES_C */
1178
1179 #if defined(MBEDTLS_ARC4_C)
1180 #if defined(MBEDTLS_SHA1_C)
1181 { MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA",
1182 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1183 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1184 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1185 MBEDTLS_CIPHERSUITE_NODTLS },
1186 #endif /* MBEDTLS_SHA1_C */
1187 #endif /* MBEDTLS_ARC4_C */
1188
1189 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1190 #if defined(MBEDTLS_SHA1_C)
1191 { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
1192 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1193 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1194 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1195 MBEDTLS_CIPHERSUITE_WEAK },
1196 #endif /* MBEDTLS_SHA1_C */
1197 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1198 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
1199
1200 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1201 #if defined(MBEDTLS_AES_C)
1202 #if defined(MBEDTLS_GCM_C)
1203 #if defined(MBEDTLS_SHA256_C)
1204 { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
1205 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1206 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1207 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1208 0 },
1209 #endif /* MBEDTLS_SHA256_C */
1210
1211 #if defined(MBEDTLS_SHA512_C)
1212 { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
1213 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1214 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1215 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1216 0 },
1217 #endif /* MBEDTLS_SHA512_C */
1218 #endif /* MBEDTLS_GCM_C */
1219
1220 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1221 #if defined(MBEDTLS_SHA256_C)
1222 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1223 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1224 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1225 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1226 0 },
1227 #endif /* MBEDTLS_SHA256_C */
1228
1229 #if defined(MBEDTLS_SHA512_C)
1230 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1231 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1232 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1233 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1234 0 },
1235 #endif /* MBEDTLS_SHA512_C */
1236
1237 #if defined(MBEDTLS_SHA1_C)
1238 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1239 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1240 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1241 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1242 0 },
1243
1244 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1245 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1246 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1247 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1248 0 },
1249 #endif /* MBEDTLS_SHA1_C */
1250 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1251 #if defined(MBEDTLS_CCM_C)
1252 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
1253 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1254 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1255 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1256 0 },
1257 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
1258 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1259 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1260 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1261 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1262 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
1263 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1264 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1265 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1266 0 },
1267 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
1268 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1269 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1270 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1271 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1272 #endif /* MBEDTLS_CCM_C */
1273 #endif /* MBEDTLS_AES_C */
1274
1275 #if defined(MBEDTLS_CAMELLIA_C)
1276 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1277 #if defined(MBEDTLS_SHA256_C)
1278 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1279 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1280 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1281 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1282 0 },
1283 #endif /* MBEDTLS_SHA256_C */
1284
1285 #if defined(MBEDTLS_SHA512_C)
1286 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1287 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1288 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1289 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1290 0 },
1291 #endif /* MBEDTLS_SHA512_C */
1292 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1293
1294 #if defined(MBEDTLS_GCM_C)
1295 #if defined(MBEDTLS_SHA256_C)
1296 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1297 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1298 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1299 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1300 0 },
1301 #endif /* MBEDTLS_SHA256_C */
1302
1303 #if defined(MBEDTLS_SHA512_C)
1304 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1305 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1306 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1307 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1308 0 },
1309 #endif /* MBEDTLS_SHA512_C */
1310 #endif /* MBEDTLS_GCM_C */
1311 #endif /* MBEDTLS_CAMELLIA_C */
1312
1313 #if defined(MBEDTLS_DES_C)
1314 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1315 #if defined(MBEDTLS_SHA1_C)
1316 { MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
1317 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1318 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1319 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1320 0 },
1321 #endif /* MBEDTLS_SHA1_C */
1322 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1323 #endif /* MBEDTLS_DES_C */
1324
1325 #if defined(MBEDTLS_ARC4_C)
1326 #if defined(MBEDTLS_SHA1_C)
1327 { MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
1328 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1329 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1330 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1331 MBEDTLS_CIPHERSUITE_NODTLS },
1332 #endif /* MBEDTLS_SHA1_C */
1333 #endif /* MBEDTLS_ARC4_C */
1334 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1335
1336 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1337 #if defined(MBEDTLS_AES_C)
1338 #if defined(MBEDTLS_GCM_C)
1339 #if defined(MBEDTLS_SHA256_C)
1340 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1341 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1342 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1343 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1344 0 },
1345 #endif /* MBEDTLS_SHA256_C */
1346
1347 #if defined(MBEDTLS_SHA512_C)
1348 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1349 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1350 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1351 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1352 0 },
1353 #endif /* MBEDTLS_SHA512_C */
1354 #endif /* MBEDTLS_GCM_C */
1355
1356 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1357 #if defined(MBEDTLS_SHA256_C)
1358 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1359 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1360 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1361 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1362 0 },
1363 #endif /* MBEDTLS_SHA256_C */
1364
1365 #if defined(MBEDTLS_SHA512_C)
1366 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1367 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1368 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1369 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1370 0 },
1371 #endif /* MBEDTLS_SHA512_C */
1372
1373 #if defined(MBEDTLS_SHA1_C)
1374 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1375 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1376 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1377 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1378 0 },
1379
1380 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1381 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1382 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1383 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1384 0 },
1385 #endif /* MBEDTLS_SHA1_C */
1386 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1387 #if defined(MBEDTLS_CCM_C)
1388 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
1389 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1390 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1391 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1392 0 },
1393 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1394 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1395 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1396 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1397 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1398 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
1399 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1400 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1401 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1402 0 },
1403 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1404 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1405 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1406 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1407 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1408 #endif /* MBEDTLS_CCM_C */
1409 #endif /* MBEDTLS_AES_C */
1410
1411 #if defined(MBEDTLS_CAMELLIA_C)
1412 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1413 #if defined(MBEDTLS_SHA256_C)
1414 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1415 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1416 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1417 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1418 0 },
1419 #endif /* MBEDTLS_SHA256_C */
1420
1421 #if defined(MBEDTLS_SHA512_C)
1422 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1423 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1424 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1425 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1426 0 },
1427 #endif /* MBEDTLS_SHA512_C */
1428 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1429
1430 #if defined(MBEDTLS_GCM_C)
1431 #if defined(MBEDTLS_SHA256_C)
1432 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1433 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1434 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1435 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1436 0 },
1437 #endif /* MBEDTLS_SHA256_C */
1438
1439 #if defined(MBEDTLS_SHA512_C)
1440 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1441 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1442 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1443 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1444 0 },
1445 #endif /* MBEDTLS_SHA512_C */
1446 #endif /* MBEDTLS_GCM_C */
1447 #endif /* MBEDTLS_CAMELLIA_C */
1448
1449 #if defined(MBEDTLS_DES_C)
1450 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1451 #if defined(MBEDTLS_SHA1_C)
1452 { MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
1453 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1454 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1455 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1456 0 },
1457 #endif /* MBEDTLS_SHA1_C */
1458 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1459 #endif /* MBEDTLS_DES_C */
1460
1461 #if defined(MBEDTLS_ARC4_C)
1462 #if defined(MBEDTLS_SHA1_C)
1463 { MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
1464 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1465 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1466 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1467 MBEDTLS_CIPHERSUITE_NODTLS },
1468 #endif /* MBEDTLS_SHA1_C */
1469 #endif /* MBEDTLS_ARC4_C */
1470 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1471
1472 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1473 #if defined(MBEDTLS_AES_C)
1474
1475 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1476 #if defined(MBEDTLS_SHA256_C)
1477 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1478 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1479 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1480 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1481 0 },
1482 #endif /* MBEDTLS_SHA256_C */
1483
1484 #if defined(MBEDTLS_SHA512_C)
1485 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1486 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1487 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1488 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1489 0 },
1490 #endif /* MBEDTLS_SHA512_C */
1491
1492 #if defined(MBEDTLS_SHA1_C)
1493 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1494 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1495 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1496 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1497 0 },
1498
1499 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1500 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1501 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1502 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1503 0 },
1504 #endif /* MBEDTLS_SHA1_C */
1505 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1506 #endif /* MBEDTLS_AES_C */
1507
1508 #if defined(MBEDTLS_CAMELLIA_C)
1509 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1510 #if defined(MBEDTLS_SHA256_C)
1511 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1512 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1513 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1514 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1515 0 },
1516 #endif /* MBEDTLS_SHA256_C */
1517
1518 #if defined(MBEDTLS_SHA512_C)
1519 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1520 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1521 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1522 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1523 0 },
1524 #endif /* MBEDTLS_SHA512_C */
1525 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1526 #endif /* MBEDTLS_CAMELLIA_C */
1527
1528 #if defined(MBEDTLS_DES_C)
1529 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1530 #if defined(MBEDTLS_SHA1_C)
1531 { MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
1532 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1533 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1534 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1535 0 },
1536 #endif /* MBEDTLS_SHA1_C */
1537 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1538 #endif /* MBEDTLS_DES_C */
1539
1540 #if defined(MBEDTLS_ARC4_C)
1541 #if defined(MBEDTLS_SHA1_C)
1542 { MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
1543 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1544 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1545 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1546 MBEDTLS_CIPHERSUITE_NODTLS },
1547 #endif /* MBEDTLS_SHA1_C */
1548 #endif /* MBEDTLS_ARC4_C */
1549 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1550
1551 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1552 #if defined(MBEDTLS_AES_C)
1553 #if defined(MBEDTLS_GCM_C)
1554 #if defined(MBEDTLS_SHA256_C)
1555 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1556 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1557 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1558 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1559 0 },
1560 #endif /* MBEDTLS_SHA256_C */
1561
1562 #if defined(MBEDTLS_SHA512_C)
1563 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1564 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1565 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1566 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1567 0 },
1568 #endif /* MBEDTLS_SHA512_C */
1569 #endif /* MBEDTLS_GCM_C */
1570
1571 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1572 #if defined(MBEDTLS_SHA256_C)
1573 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1574 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1575 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1576 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1577 0 },
1578 #endif /* MBEDTLS_SHA256_C */
1579
1580 #if defined(MBEDTLS_SHA512_C)
1581 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1582 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1583 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1584 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1585 0 },
1586 #endif /* MBEDTLS_SHA512_C */
1587
1588 #if defined(MBEDTLS_SHA1_C)
1589 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1590 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1591 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1592 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1593 0 },
1594
1595 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1596 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1597 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1598 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1599 0 },
1600 #endif /* MBEDTLS_SHA1_C */
1601 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1602 #endif /* MBEDTLS_AES_C */
1603
1604 #if defined(MBEDTLS_CAMELLIA_C)
1605 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1606 #if defined(MBEDTLS_SHA256_C)
1607 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1608 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1609 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1610 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1611 0 },
1612 #endif /* MBEDTLS_SHA256_C */
1613
1614 #if defined(MBEDTLS_SHA512_C)
1615 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1616 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1617 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1618 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1619 0 },
1620 #endif /* MBEDTLS_SHA512_C */
1621 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1622
1623 #if defined(MBEDTLS_GCM_C)
1624 #if defined(MBEDTLS_SHA256_C)
1625 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1626 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1627 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1628 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1629 0 },
1630 #endif /* MBEDTLS_SHA256_C */
1631
1632 #if defined(MBEDTLS_SHA512_C)
1633 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1634 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1635 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1636 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1637 0 },
1638 #endif /* MBEDTLS_SHA512_C */
1639 #endif /* MBEDTLS_GCM_C */
1640 #endif /* MBEDTLS_CAMELLIA_C */
1641
1642 #if defined(MBEDTLS_DES_C)
1643 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1644 #if defined(MBEDTLS_SHA1_C)
1645 { MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
1646 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1647 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1648 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1649 0 },
1650 #endif /* MBEDTLS_SHA1_C */
1651 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1652 #endif /* MBEDTLS_DES_C */
1653
1654 #if defined(MBEDTLS_ARC4_C)
1655 #if defined(MBEDTLS_SHA1_C)
1656 { MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
1657 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1658 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1659 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1660 MBEDTLS_CIPHERSUITE_NODTLS },
1661 #endif /* MBEDTLS_SHA1_C */
1662 #endif /* MBEDTLS_ARC4_C */
1663 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1664
1665 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1666 #if defined(MBEDTLS_AES_C)
1667 #if defined(MBEDTLS_CCM_C)
1668 { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8",
1669 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE,
1670 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1671 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1672 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1673 #endif /* MBEDTLS_CCM_C */
1674 #endif /* MBEDTLS_AES_C */
1675 #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1676
1677 #if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES)
1678 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1679 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1680 #if defined(MBEDTLS_MD5_C)
1681 { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1682 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
1683 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1684 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1685 MBEDTLS_CIPHERSUITE_WEAK },
1686 #endif
1687
1688 #if defined(MBEDTLS_SHA1_C)
1689 { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1690 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
1691 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1692 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1693 MBEDTLS_CIPHERSUITE_WEAK },
1694 #endif
1695
1696 #if defined(MBEDTLS_SHA256_C)
1697 { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1698 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1699 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1700 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1701 MBEDTLS_CIPHERSUITE_WEAK },
1702 #endif
1703 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1704
1705 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1706 #if defined(MBEDTLS_SHA1_C)
1707 { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1708 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1709 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1710 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1711 MBEDTLS_CIPHERSUITE_WEAK },
1712 #endif /* MBEDTLS_SHA1_C */
1713
1714 #if defined(MBEDTLS_SHA256_C)
1715 { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1716 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1717 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1718 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1719 MBEDTLS_CIPHERSUITE_WEAK },
1720 #endif
1721
1722 #if defined(MBEDTLS_SHA512_C)
1723 { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1724 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1725 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1726 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1727 MBEDTLS_CIPHERSUITE_WEAK },
1728 #endif
1729 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1730
1731 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1732 #if defined(MBEDTLS_SHA1_C)
1733 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1734 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1735 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1736 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1737 MBEDTLS_CIPHERSUITE_WEAK },
1738 #endif /* MBEDTLS_SHA1_C */
1739
1740 #if defined(MBEDTLS_SHA256_C)
1741 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1742 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1743 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1744 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1745 MBEDTLS_CIPHERSUITE_WEAK },
1746 #endif
1747
1748 #if defined(MBEDTLS_SHA512_C)
1749 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1750 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1751 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1752 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1753 MBEDTLS_CIPHERSUITE_WEAK },
1754 #endif
1755 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1756
1757 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1758 #if defined(MBEDTLS_SHA1_C)
1759 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1760 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1761 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1762 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1763 MBEDTLS_CIPHERSUITE_WEAK },
1764 #endif /* MBEDTLS_SHA1_C */
1765
1766 #if defined(MBEDTLS_SHA256_C)
1767 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1768 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1769 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1770 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1771 MBEDTLS_CIPHERSUITE_WEAK },
1772 #endif
1773
1774 #if defined(MBEDTLS_SHA512_C)
1775 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1776 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1777 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1778 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1779 MBEDTLS_CIPHERSUITE_WEAK },
1780 #endif
1781 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1782
1783 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1784 #if defined(MBEDTLS_SHA1_C)
1785 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1786 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1787 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1788 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1789 MBEDTLS_CIPHERSUITE_WEAK },
1790 #endif /* MBEDTLS_SHA1_C */
1791
1792 #if defined(MBEDTLS_SHA256_C)
1793 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
1794 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1795 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1796 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1797 MBEDTLS_CIPHERSUITE_WEAK },
1798 #endif
1799
1800 #if defined(MBEDTLS_SHA512_C)
1801 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
1802 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1803 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1804 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1805 MBEDTLS_CIPHERSUITE_WEAK },
1806 #endif
1807 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1808 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1809
1810 #if defined(MBEDTLS_DES_C)
1811 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1812 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
1813 #if defined(MBEDTLS_SHA1_C)
1814 { MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
1815 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1816 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1817 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1818 MBEDTLS_CIPHERSUITE_WEAK },
1819 #endif /* MBEDTLS_SHA1_C */
1820 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
1821
1822 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1823 #if defined(MBEDTLS_SHA1_C)
1824 { MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
1825 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
1826 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1827 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1828 MBEDTLS_CIPHERSUITE_WEAK },
1829 #endif /* MBEDTLS_SHA1_C */
1830 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1831 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1832 #endif /* MBEDTLS_DES_C */
1833 #endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */
1834
1835 #if defined(MBEDTLS_ARIA_C)
1836
1837 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1838
1839 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1840 { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
1841 "TLS-RSA-WITH-ARIA-256-GCM-SHA384",
1842 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1843 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1844 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1845 0 },
1846 #endif
1847 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1848 { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
1849 "TLS-RSA-WITH-ARIA-256-CBC-SHA384",
1850 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1851 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1852 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1853 0 },
1854 #endif
1855 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1856 { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
1857 "TLS-RSA-WITH-ARIA-128-GCM-SHA256",
1858 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1859 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1860 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1861 0 },
1862 #endif
1863 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1864 { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
1865 "TLS-RSA-WITH-ARIA-128-CBC-SHA256",
1866 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1867 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1868 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1869 0 },
1870 #endif
1871
1872 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1873
1874 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1875
1876 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1877 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
1878 "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
1879 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1880 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1881 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1882 0 },
1883 #endif
1884 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1885 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
1886 "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
1887 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1888 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1889 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1890 0 },
1891 #endif
1892 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1893 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
1894 "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256",
1895 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1896 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1897 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1898 0 },
1899 #endif
1900 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1901 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
1902 "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
1903 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1904 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1905 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1906 0 },
1907 #endif
1908
1909 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1910
1911 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1912
1913 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1914 { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
1915 "TLS-PSK-WITH-ARIA-256-GCM-SHA384",
1916 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK,
1917 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1918 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1919 0 },
1920 #endif
1921 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1922 { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
1923 "TLS-PSK-WITH-ARIA-256-CBC-SHA384",
1924 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1925 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1926 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1927 0 },
1928 #endif
1929 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1930 { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
1931 "TLS-PSK-WITH-ARIA-128-GCM-SHA256",
1932 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1933 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1934 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1935 0 },
1936 #endif
1937 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1938 { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
1939 "TLS-PSK-WITH-ARIA-128-CBC-SHA256",
1940 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1941 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1942 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1943 0 },
1944 #endif
1945
1946 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1947
1948 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
1949
1950 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1951 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
1952 "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384",
1953 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1954 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1955 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1956 0 },
1957 #endif
1958 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1959 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
1960 "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
1961 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1962 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1963 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1964 0 },
1965 #endif
1966 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1967 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
1968 "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256",
1969 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1970 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1971 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1972 0 },
1973 #endif
1974 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1975 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
1976 "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256",
1977 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1978 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1979 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1980 0 },
1981 #endif
1982
1983 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
1984
1985 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
1986
1987 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1988 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
1989 "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
1990 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1991 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1992 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1993 0 },
1994 #endif
1995 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1996 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
1997 "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
1998 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1999 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2000 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2001 0 },
2002 #endif
2003 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2004 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
2005 "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
2006 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
2007 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2008 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2009 0 },
2010 #endif
2011 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2012 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
2013 "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256",
2014 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
2015 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2016 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2017 0 },
2018 #endif
2019
2020 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
2021
2022 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
2023
2024 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2025 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
2026 "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
2027 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
2028 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2029 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2030 0 },
2031 #endif
2032 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2033 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
2034 "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256",
2035 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
2036 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2037 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2038 0 },
2039 #endif
2040
2041 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
2042
2043 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
2044
2045 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
2046 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
2047 "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
2048 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
2049 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2050 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2051 0 },
2052 #endif
2053 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2054 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
2055 "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
2056 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
2057 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2058 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2059 0 },
2060 #endif
2061 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2062 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
2063 "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
2064 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
2065 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2066 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2067 0 },
2068 #endif
2069 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2070 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
2071 "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256",
2072 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
2073 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2074 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2075 0 },
2076 #endif
2077
2078 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
2079
2080 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
2081
2082 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
2083 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
2084 "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384",
2085 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
2086 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2087 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2088 0 },
2089 #endif
2090 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2091 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
2092 "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
2093 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
2094 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2095 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2096 0 },
2097 #endif
2098 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2099 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
2100 "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256",
2101 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
2102 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2103 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2104 0 },
2105 #endif
2106 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2107 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
2108 "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256",
2109 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
2110 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2111 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2112 0 },
2113 #endif
2114
2115 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
2116
2117 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
2118
2119 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
2120 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
2121 "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
2122 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2123 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2124 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2125 0 },
2126 #endif
2127 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2128 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
2129 "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
2130 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2131 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2132 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2133 0 },
2134 #endif
2135 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2136 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2137 "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
2138 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2139 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2140 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2141 0 },
2142 #endif
2143 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2144 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
2145 "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256",
2146 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2147 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2148 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2149 0 },
2150 #endif
2151
2152 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
2153
2154 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
2155
2156 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
2157 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
2158 "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
2159 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2160 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2161 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2162 0 },
2163 #endif
2164 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2165 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
2166 "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
2167 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2168 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2169 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2170 0 },
2171 #endif
2172 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2173 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
2174 "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
2175 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2176 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2177 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2178 0 },
2179 #endif
2180 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2181 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
2182 "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256",
2183 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2184 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2185 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2186 0 },
2187 #endif
2188
2189 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
2190
2191 #endif /* MBEDTLS_ARIA_C */
2192
2193
2194 { 0, "",
2195 MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
2196 0, 0, 0, 0, 0 }
2197 };
2198
2199 #if defined(MBEDTLS_SSL_CIPHERSUITES)
mbedtls_ssl_list_ciphersuites(void)2200 const int *mbedtls_ssl_list_ciphersuites( void )
2201 {
2202 return( ciphersuite_preference );
2203 }
2204 #else
2205 #define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
2206 sizeof( ciphersuite_definitions[0] )
2207 static int supported_ciphersuites[MAX_CIPHERSUITES];
2208 static int supported_init = 0;
2209
ciphersuite_is_removed(const mbedtls_ssl_ciphersuite_t * cs_info)2210 static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info )
2211 {
2212 (void)cs_info;
2213
2214 #if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
2215 if( cs_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
2216 return( 1 );
2217 #endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */
2218
2219 #if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES)
2220 if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB ||
2221 cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC )
2222 {
2223 return( 1 );
2224 }
2225 #endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */
2226
2227 return( 0 );
2228 }
2229
mbedtls_ssl_list_ciphersuites(void)2230 const int *mbedtls_ssl_list_ciphersuites( void )
2231 {
2232 /*
2233 * On initial call filter out all ciphersuites not supported by current
2234 * build based on presence in the ciphersuite_definitions.
2235 */
2236 if( supported_init == 0 )
2237 {
2238 const int *p;
2239 int *q;
2240
2241 for( p = ciphersuite_preference, q = supported_ciphersuites;
2242 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
2243 p++ )
2244 {
2245 const mbedtls_ssl_ciphersuite_t *cs_info;
2246 if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
2247 !ciphersuite_is_removed( cs_info ) )
2248 {
2249 *(q++) = *p;
2250 }
2251 }
2252 *q = 0;
2253
2254 supported_init = 1;
2255 }
2256
2257 return( supported_ciphersuites );
2258 }
2259 #endif /* MBEDTLS_SSL_CIPHERSUITES */
2260
mbedtls_ssl_ciphersuite_from_string(const char * ciphersuite_name)2261 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
2262 const char *ciphersuite_name )
2263 {
2264 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
2265
2266 if( NULL == ciphersuite_name )
2267 return( NULL );
2268
2269 while( cur->id != 0 )
2270 {
2271 if( 0 == strcmp( cur->name, ciphersuite_name ) )
2272 return( cur );
2273
2274 cur++;
2275 }
2276
2277 return( NULL );
2278 }
2279
mbedtls_ssl_ciphersuite_from_id(int ciphersuite)2280 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite )
2281 {
2282 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
2283
2284 while( cur->id != 0 )
2285 {
2286 if( cur->id == ciphersuite )
2287 return( cur );
2288
2289 cur++;
2290 }
2291
2292 return( NULL );
2293 }
2294
mbedtls_ssl_get_ciphersuite_name(const int ciphersuite_id)2295 const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
2296 {
2297 const mbedtls_ssl_ciphersuite_t *cur;
2298
2299 cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
2300
2301 if( cur == NULL )
2302 return( "unknown" );
2303
2304 return( cur->name );
2305 }
2306
mbedtls_ssl_get_ciphersuite_id(const char * ciphersuite_name)2307 int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
2308 {
2309 const mbedtls_ssl_ciphersuite_t *cur;
2310
2311 cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name );
2312
2313 if( cur == NULL )
2314 return( 0 );
2315
2316 return( cur->id );
2317 }
2318
2319 #if defined(MBEDTLS_PK_C)
mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t * info)2320 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info )
2321 {
2322 switch( info->key_exchange )
2323 {
2324 case MBEDTLS_KEY_EXCHANGE_RSA:
2325 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
2326 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2327 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2328 return( MBEDTLS_PK_RSA );
2329
2330 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2331 return( MBEDTLS_PK_ECDSA );
2332
2333 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2334 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
2335 return( MBEDTLS_PK_ECKEY );
2336
2337 default:
2338 return( MBEDTLS_PK_NONE );
2339 }
2340 }
2341
mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t * info)2342 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info )
2343 {
2344 switch( info->key_exchange )
2345 {
2346 case MBEDTLS_KEY_EXCHANGE_RSA:
2347 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
2348 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2349 return( MBEDTLS_PK_RSA );
2350
2351 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2352 return( MBEDTLS_PK_ECDSA );
2353
2354 default:
2355 return( MBEDTLS_PK_NONE );
2356 }
2357 }
2358
2359 #endif /* MBEDTLS_PK_C */
2360
2361 #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
2362 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t * info)2363 int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
2364 {
2365 switch( info->key_exchange )
2366 {
2367 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2368 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2369 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2370 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2371 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
2372 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
2373 return( 1 );
2374
2375 default:
2376 return( 0 );
2377 }
2378 }
2379 #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/
2380
2381 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t * info)2382 int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info )
2383 {
2384 switch( info->key_exchange )
2385 {
2386 case MBEDTLS_KEY_EXCHANGE_PSK:
2387 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2388 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
2389 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2390 return( 1 );
2391
2392 default:
2393 return( 0 );
2394 }
2395 }
2396 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
2397
2398 #endif /* MBEDTLS_SSL_TLS_C */
2399