1 /* 2 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"). 5 * You may not use this file except in compliance with the License. 6 * A copy of the License is located at 7 * 8 * http://aws.amazon.com/apache2.0 9 * 10 * or in the "license" file accompanying this file. This file is distributed 11 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 * express or implied. See the License for the specific language governing 13 * permissions and limitations under the License. 14 */ 15 16 #pragma once 17 18 #include <stdint.h> 19 #include "tls/s2n_cipher_suites.h" 20 #include "tls/s2n_kem.h" 21 #include "tls/s2n_tls13.h" 22 23 struct s2n_cipher_preferences { 24 uint8_t count; 25 struct s2n_cipher_suite **suites; 26 }; 27 28 extern const struct s2n_cipher_preferences cipher_preferences_20140601; 29 extern const struct s2n_cipher_preferences cipher_preferences_20141001; 30 extern const struct s2n_cipher_preferences cipher_preferences_20150202; 31 extern const struct s2n_cipher_preferences cipher_preferences_20150214; 32 extern const struct s2n_cipher_preferences cipher_preferences_20150306; 33 extern const struct s2n_cipher_preferences cipher_preferences_20160411; 34 extern const struct s2n_cipher_preferences cipher_preferences_20160804; 35 extern const struct s2n_cipher_preferences cipher_preferences_20160824; 36 extern const struct s2n_cipher_preferences cipher_preferences_20170210; 37 extern const struct s2n_cipher_preferences cipher_preferences_20170328; 38 extern const struct s2n_cipher_preferences cipher_preferences_20170328_gcm; 39 extern const struct s2n_cipher_preferences cipher_preferences_20170405; 40 extern const struct s2n_cipher_preferences cipher_preferences_20170405_gcm; 41 extern const struct s2n_cipher_preferences cipher_preferences_20170718; 42 extern const struct s2n_cipher_preferences cipher_preferences_20170718_gcm; 43 extern const struct s2n_cipher_preferences cipher_preferences_20190214; 44 extern const struct s2n_cipher_preferences cipher_preferences_20190214_gcm; 45 extern const struct s2n_cipher_preferences cipher_preferences_20190801; 46 extern const struct s2n_cipher_preferences cipher_preferences_20190120; 47 extern const struct s2n_cipher_preferences cipher_preferences_20190121; 48 extern const struct s2n_cipher_preferences cipher_preferences_20190122; 49 extern const struct s2n_cipher_preferences cipher_preferences_20210816; 50 extern const struct s2n_cipher_preferences cipher_preferences_20210816_gcm; 51 extern const struct s2n_cipher_preferences cipher_preferences_20210825; 52 extern const struct s2n_cipher_preferences cipher_preferences_20210825_gcm; 53 extern const struct s2n_cipher_preferences cipher_preferences_20210831; 54 55 extern const struct s2n_cipher_preferences cipher_preferences_test_all; 56 57 extern const struct s2n_cipher_preferences cipher_preferences_test_all_tls12; 58 extern const struct s2n_cipher_preferences cipher_preferences_test_all_fips; 59 extern const struct s2n_cipher_preferences cipher_preferences_test_all_ecdsa; 60 extern const struct s2n_cipher_preferences cipher_preferences_test_ecdsa_priority; 61 extern const struct s2n_cipher_preferences cipher_preferences_test_all_rsa_kex; 62 extern const struct s2n_cipher_preferences cipher_preferences_test_all_tls13; 63 64 /* See https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html */ 65 extern const struct s2n_cipher_preferences elb_security_policy_2015_04; 66 extern const struct s2n_cipher_preferences elb_security_policy_2016_08; 67 68 extern const struct s2n_cipher_preferences elb_security_policy_tls_1_1_2017_01; 69 extern const struct s2n_cipher_preferences elb_security_policy_tls_1_2_2017_01; 70 extern const struct s2n_cipher_preferences elb_security_policy_tls_1_2_ext_2018_06; 71 72 extern const struct s2n_cipher_preferences elb_security_policy_fs_2018_06; 73 extern const struct s2n_cipher_preferences elb_security_policy_fs_1_2_2019_08; 74 extern const struct s2n_cipher_preferences elb_security_policy_fs_1_1_2019_08; 75 extern const struct s2n_cipher_preferences elb_security_policy_fs_1_2_Res_2019_08; 76 77 /* CloudFront upstream */ 78 extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_upstream; 79 extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_upstream_tls10; 80 extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_upstream_tls11; 81 extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_upstream_tls12; 82 /* CloudFront viewer facing */ 83 extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_ssl_v_3; 84 extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_0_2014; 85 extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_0_2016; 86 extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_1_2016; 87 extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_2_2018; 88 extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_2_2019; 89 extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_2_2021; 90 91 /* CloudFront viewer facing legacy TLS 1.2 policies */ 92 extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_ssl_v_3_legacy; 93 extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_0_2014_legacy; 94 extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_0_2016_legacy; 95 extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_1_2016_legacy; 96 extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_2_2018_legacy; 97 extern const struct s2n_cipher_preferences cipher_preferences_cloudfront_tls_1_2_2019_legacy; 98 99 /* AWS Common Runtime Cipher Preferences */ 100 extern const struct s2n_cipher_preferences cipher_preferences_aws_crt_sdk_ssl_v3; 101 extern const struct s2n_cipher_preferences cipher_preferences_aws_crt_sdk_default; 102 extern const struct s2n_cipher_preferences cipher_preferences_aws_crt_sdk_tls_13; 103 104 /* AWS KMS Cipher Preferences */ 105 extern const struct s2n_cipher_preferences cipher_preferences_kms_tls_1_0_2018_10; 106 extern const struct s2n_cipher_preferences cipher_preferences_kms_tls_1_0_2021_08; 107 extern const struct s2n_cipher_preferences cipher_preferences_kms_fips_tls_1_2_2018_10; 108 extern const struct s2n_cipher_preferences cipher_preferences_kms_fips_tls_1_2_2021_08; 109 extern const struct s2n_cipher_preferences cipher_preferences_kms_pq_tls_1_0_2019_06; 110 extern const struct s2n_cipher_preferences cipher_preferences_kms_pq_tls_1_0_2020_02; 111 extern const struct s2n_cipher_preferences cipher_preferences_kms_pq_tls_1_0_2020_07; 112 extern const struct s2n_cipher_preferences cipher_preferences_pq_sike_test_tls_1_0_2019_11; 113 extern const struct s2n_cipher_preferences cipher_preferences_pq_sike_test_tls_1_0_2020_02; 114 extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2020_12; 115 extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_1_2021_05_17; 116 extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_18; 117 extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_19; 118 extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_1_2021_05_21; 119 extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_22; 120 extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_23; 121 extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_24; 122 extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_25; 123 extern const struct s2n_cipher_preferences cipher_preferences_pq_tls_1_0_2021_05_26; 124 125 extern const struct s2n_cipher_preferences cipher_preferences_null; 126 127