1 /**
2 * \file ssl_ciphersuites.c
3 *
4 * \brief SSL ciphersuites for mbed TLS
5 *
6 * Copyright The Mbed TLS Contributors
7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
20 */
21
22 #include "common.h"
23
24 #if defined(MBEDTLS_SSL_TLS_C)
25
26 #if defined(MBEDTLS_PLATFORM_C)
27 #include "mbedtls/platform.h"
28 #else
29 #include <stdlib.h>
30 #endif
31
32 #include "mbedtls/ssl_ciphersuites.h"
33 #include "mbedtls/ssl.h"
34
35 #include <string.h>
36
37 /*
38 * Ordered from most preferred to least preferred in terms of security.
39 *
40 * Current rule (except RC4 and 3DES, weak and null which come last):
41 * 1. By key exchange:
42 * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
43 * 2. By key length and cipher:
44 * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128
45 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
46 * 4. By hash function used when relevant
47 * 5. By key exchange/auth again: EC > non-EC
48 */
49 static const int ciphersuite_preference[] =
50 {
51 #if defined(MBEDTLS_SSL_CIPHERSUITES)
52 MBEDTLS_SSL_CIPHERSUITES,
53 #else
54 /* Chacha-Poly ephemeral suites */
55 MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
56 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
57 MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
58
59 /* All AES-256 ephemeral suites */
60 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
61 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
62 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
63 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
64 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
65 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
66 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
67 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
68 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
69 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
70 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
71 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
72 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8,
73
74 /* All CAMELLIA-256 ephemeral suites */
75 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
76 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
77 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
78 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
79 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
80 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
81 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
82
83 /* All ARIA-256 ephemeral suites */
84 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
85 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
86 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
87 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
88 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
89 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
90
91 /* All AES-128 ephemeral suites */
92 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
93 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
94 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
95 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
96 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
97 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
98 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
99 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
100 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
101 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
102 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
103 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
104 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
105
106 /* All CAMELLIA-128 ephemeral suites */
107 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
108 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
109 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
110 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
111 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
112 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
113 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
114
115 /* All ARIA-128 ephemeral suites */
116 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
117 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
118 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
119 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
120 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
121 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
122
123 /* The PSK ephemeral suites */
124 MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
125 MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
126 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
127 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
128 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
129 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
130 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
131 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
132 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
133 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
134 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
135 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
136 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
137 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
138 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
139
140 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
141 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM,
142 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
143 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
144 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
145 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
146 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
147 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
148 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
149 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
150 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
151 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
152 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
153
154 /* The ECJPAKE suite */
155 MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
156
157 /* All AES-256 suites */
158 MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
159 MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
160 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
161 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
162 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
163 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
164 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
165 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
166 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
167 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
168 MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
169
170 /* All CAMELLIA-256 suites */
171 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
172 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
173 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
174 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
175 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
176 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
177 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
178
179 /* All ARIA-256 suites */
180 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
181 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
182 MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
183 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
184 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
185 MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
186
187 /* All AES-128 suites */
188 MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
189 MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
190 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
191 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
192 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
193 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
194 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
195 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
196 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
197 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
198 MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
199
200 /* All CAMELLIA-128 suites */
201 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
202 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
203 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
204 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
205 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
206 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
207 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
208
209 /* All ARIA-128 suites */
210 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
211 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
212 MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
213 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
214 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
215 MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
216
217 /* The RSA PSK suites */
218 MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
219 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
220 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
221 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
222 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
223 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
224 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
225 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
226
227 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
228 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
229 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
230 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
231 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
232 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
233 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
234
235 /* The PSK suites */
236 MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
237 MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
238 MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
239 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
240 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
241 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
242 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
243 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,
244 MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
245 MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
246
247 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
248 MBEDTLS_TLS_PSK_WITH_AES_128_CCM,
249 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
250 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
251 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
252 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
253 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8,
254 MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
255 MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
256
257 /* 3DES suites */
258 MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
259 MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
260 MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
261 MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
262 MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
263 MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
264 MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
265 MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
266 MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
267 MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
268
269 /* RC4 suites */
270 MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
271 MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA,
272 MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA,
273 MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA,
274 MBEDTLS_TLS_RSA_WITH_RC4_128_SHA,
275 MBEDTLS_TLS_RSA_WITH_RC4_128_MD5,
276 MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA,
277 MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
278 MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA,
279 MBEDTLS_TLS_PSK_WITH_RC4_128_SHA,
280
281 /* Weak suites */
282 MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA,
283 MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA,
284
285 /* NULL suites */
286 MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
287 MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
288 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
289 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
290 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
291 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
292 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
293 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
294
295 MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
296 MBEDTLS_TLS_RSA_WITH_NULL_SHA,
297 MBEDTLS_TLS_RSA_WITH_NULL_MD5,
298 MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
299 MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
300 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
301 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
302 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
303 MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
304 MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
305 MBEDTLS_TLS_PSK_WITH_NULL_SHA,
306
307 #endif /* MBEDTLS_SSL_CIPHERSUITES */
308 0
309 };
310
311 static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
312 {
313 #if defined(MBEDTLS_CHACHAPOLY_C) && \
314 defined(MBEDTLS_SHA256_C) && \
315 defined(MBEDTLS_SSL_PROTO_TLS1_2)
316 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
317 { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
318 "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
319 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
320 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
321 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
322 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
323 0 },
324 #endif
325 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
326 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
327 "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256",
328 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
329 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
330 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
331 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
332 0 },
333 #endif
334 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
335 { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
336 "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
337 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
338 MBEDTLS_KEY_EXCHANGE_DHE_RSA,
339 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
340 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
341 0 },
342 #endif
343 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
344 { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
345 "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256",
346 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
347 MBEDTLS_KEY_EXCHANGE_PSK,
348 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
349 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
350 0 },
351 #endif
352 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
353 { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
354 "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
355 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
356 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
357 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
358 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
359 0 },
360 #endif
361 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
362 { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
363 "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
364 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
365 MBEDTLS_KEY_EXCHANGE_DHE_PSK,
366 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
367 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
368 0 },
369 #endif
370 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
371 { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
372 "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256",
373 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
374 MBEDTLS_KEY_EXCHANGE_RSA_PSK,
375 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
376 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
377 0 },
378 #endif
379 #endif /* MBEDTLS_CHACHAPOLY_C &&
380 MBEDTLS_SHA256_C &&
381 MBEDTLS_SSL_PROTO_TLS1_2 */
382 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
383 #if defined(MBEDTLS_AES_C)
384 #if defined(MBEDTLS_SHA1_C)
385 #if defined(MBEDTLS_CIPHER_MODE_CBC)
386 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
387 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
388 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
389 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
390 0 },
391 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
392 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
393 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
394 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
395 0 },
396 #endif /* MBEDTLS_CIPHER_MODE_CBC */
397 #endif /* MBEDTLS_SHA1_C */
398 #if defined(MBEDTLS_SHA256_C)
399 #if defined(MBEDTLS_CIPHER_MODE_CBC)
400 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
401 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
402 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
403 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
404 0 },
405 #endif /* MBEDTLS_CIPHER_MODE_CBC */
406 #if defined(MBEDTLS_GCM_C)
407 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
408 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
409 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
410 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
411 0 },
412 #endif /* MBEDTLS_GCM_C */
413 #endif /* MBEDTLS_SHA256_C */
414 #if defined(MBEDTLS_SHA512_C)
415 #if defined(MBEDTLS_CIPHER_MODE_CBC)
416 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
417 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
418 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
419 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
420 0 },
421 #endif /* MBEDTLS_CIPHER_MODE_CBC */
422 #if defined(MBEDTLS_GCM_C)
423 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
424 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
425 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
426 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
427 0 },
428 #endif /* MBEDTLS_GCM_C */
429 #endif /* MBEDTLS_SHA512_C */
430 #if defined(MBEDTLS_CCM_C)
431 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
432 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
433 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
434 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
435 0 },
436 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
437 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
438 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
439 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
440 MBEDTLS_CIPHERSUITE_SHORT_TAG },
441 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
442 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
443 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
444 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
445 0 },
446 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
447 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
448 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
449 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
450 MBEDTLS_CIPHERSUITE_SHORT_TAG },
451 #endif /* MBEDTLS_CCM_C */
452 #endif /* MBEDTLS_AES_C */
453
454 #if defined(MBEDTLS_CAMELLIA_C)
455 #if defined(MBEDTLS_CIPHER_MODE_CBC)
456 #if defined(MBEDTLS_SHA256_C)
457 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
458 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
459 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
460 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
461 0 },
462 #endif /* MBEDTLS_SHA256_C */
463 #if defined(MBEDTLS_SHA512_C)
464 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
465 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
466 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
467 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
468 0 },
469 #endif /* MBEDTLS_SHA512_C */
470 #endif /* MBEDTLS_CIPHER_MODE_CBC */
471
472 #if defined(MBEDTLS_GCM_C)
473 #if defined(MBEDTLS_SHA256_C)
474 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
475 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
476 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
477 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
478 0 },
479 #endif /* MBEDTLS_SHA256_C */
480 #if defined(MBEDTLS_SHA512_C)
481 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
482 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
483 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
484 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
485 0 },
486 #endif /* MBEDTLS_SHA512_C */
487 #endif /* MBEDTLS_GCM_C */
488 #endif /* MBEDTLS_CAMELLIA_C */
489
490 #if defined(MBEDTLS_DES_C)
491 #if defined(MBEDTLS_CIPHER_MODE_CBC)
492 #if defined(MBEDTLS_SHA1_C)
493 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
494 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
495 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
496 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
497 0 },
498 #endif /* MBEDTLS_SHA1_C */
499 #endif /* MBEDTLS_CIPHER_MODE_CBC */
500 #endif /* MBEDTLS_DES_C */
501
502 #if defined(MBEDTLS_ARC4_C)
503 #if defined(MBEDTLS_SHA1_C)
504 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
505 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
506 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
507 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
508 MBEDTLS_CIPHERSUITE_NODTLS },
509 #endif /* MBEDTLS_SHA1_C */
510 #endif /* MBEDTLS_ARC4_C */
511
512 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
513 #if defined(MBEDTLS_SHA1_C)
514 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
515 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
516 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
517 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
518 MBEDTLS_CIPHERSUITE_WEAK },
519 #endif /* MBEDTLS_SHA1_C */
520 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
521 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
522
523 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
524 #if defined(MBEDTLS_AES_C)
525 #if defined(MBEDTLS_SHA1_C)
526 #if defined(MBEDTLS_CIPHER_MODE_CBC)
527 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
528 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
529 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
530 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
531 0 },
532 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
533 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
534 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
535 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
536 0 },
537 #endif /* MBEDTLS_CIPHER_MODE_CBC */
538 #endif /* MBEDTLS_SHA1_C */
539 #if defined(MBEDTLS_SHA256_C)
540 #if defined(MBEDTLS_CIPHER_MODE_CBC)
541 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
542 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
543 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
544 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
545 0 },
546 #endif /* MBEDTLS_CIPHER_MODE_CBC */
547 #if defined(MBEDTLS_GCM_C)
548 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
549 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
550 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
551 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
552 0 },
553 #endif /* MBEDTLS_GCM_C */
554 #endif /* MBEDTLS_SHA256_C */
555 #if defined(MBEDTLS_SHA512_C)
556 #if defined(MBEDTLS_CIPHER_MODE_CBC)
557 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
558 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
559 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
560 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
561 0 },
562 #endif /* MBEDTLS_CIPHER_MODE_CBC */
563 #if defined(MBEDTLS_GCM_C)
564 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
565 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
566 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
567 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
568 0 },
569 #endif /* MBEDTLS_GCM_C */
570 #endif /* MBEDTLS_SHA512_C */
571 #endif /* MBEDTLS_AES_C */
572
573 #if defined(MBEDTLS_CAMELLIA_C)
574 #if defined(MBEDTLS_CIPHER_MODE_CBC)
575 #if defined(MBEDTLS_SHA256_C)
576 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
577 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
578 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
579 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
580 0 },
581 #endif /* MBEDTLS_SHA256_C */
582 #if defined(MBEDTLS_SHA512_C)
583 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
584 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
585 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
586 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
587 0 },
588 #endif /* MBEDTLS_SHA512_C */
589 #endif /* MBEDTLS_CIPHER_MODE_CBC */
590
591 #if defined(MBEDTLS_GCM_C)
592 #if defined(MBEDTLS_SHA256_C)
593 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
594 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
595 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
596 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
597 0 },
598 #endif /* MBEDTLS_SHA256_C */
599 #if defined(MBEDTLS_SHA512_C)
600 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
601 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
602 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
603 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
604 0 },
605 #endif /* MBEDTLS_SHA512_C */
606 #endif /* MBEDTLS_GCM_C */
607 #endif /* MBEDTLS_CAMELLIA_C */
608
609 #if defined(MBEDTLS_DES_C)
610 #if defined(MBEDTLS_CIPHER_MODE_CBC)
611 #if defined(MBEDTLS_SHA1_C)
612 { MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
613 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
614 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
615 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
616 0 },
617 #endif /* MBEDTLS_SHA1_C */
618 #endif /* MBEDTLS_CIPHER_MODE_CBC */
619 #endif /* MBEDTLS_DES_C */
620
621 #if defined(MBEDTLS_ARC4_C)
622 #if defined(MBEDTLS_SHA1_C)
623 { MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
624 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
625 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
626 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
627 MBEDTLS_CIPHERSUITE_NODTLS },
628 #endif /* MBEDTLS_SHA1_C */
629 #endif /* MBEDTLS_ARC4_C */
630
631 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
632 #if defined(MBEDTLS_SHA1_C)
633 { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
634 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
635 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
636 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
637 MBEDTLS_CIPHERSUITE_WEAK },
638 #endif /* MBEDTLS_SHA1_C */
639 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
640 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
641
642 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
643 #if defined(MBEDTLS_AES_C)
644 #if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
645 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
646 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
647 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
648 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
649 0 },
650 #endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
651
652 #if defined(MBEDTLS_SHA256_C)
653 #if defined(MBEDTLS_GCM_C)
654 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
655 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
656 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
657 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
658 0 },
659 #endif /* MBEDTLS_GCM_C */
660
661 #if defined(MBEDTLS_CIPHER_MODE_CBC)
662 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
663 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
664 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
665 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
666 0 },
667
668 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
669 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
670 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
671 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
672 0 },
673 #endif /* MBEDTLS_CIPHER_MODE_CBC */
674 #endif /* MBEDTLS_SHA256_C */
675
676 #if defined(MBEDTLS_CIPHER_MODE_CBC)
677 #if defined(MBEDTLS_SHA1_C)
678 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
679 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
680 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
681 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
682 0 },
683
684 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
685 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
686 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
687 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
688 0 },
689 #endif /* MBEDTLS_SHA1_C */
690 #endif /* MBEDTLS_CIPHER_MODE_CBC */
691 #if defined(MBEDTLS_CCM_C)
692 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
693 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
694 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
695 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
696 0 },
697 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
698 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
699 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
700 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
701 MBEDTLS_CIPHERSUITE_SHORT_TAG },
702 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
703 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
704 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
705 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
706 0 },
707 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
708 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
709 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
710 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
711 MBEDTLS_CIPHERSUITE_SHORT_TAG },
712 #endif /* MBEDTLS_CCM_C */
713 #endif /* MBEDTLS_AES_C */
714
715 #if defined(MBEDTLS_CAMELLIA_C)
716 #if defined(MBEDTLS_CIPHER_MODE_CBC)
717 #if defined(MBEDTLS_SHA256_C)
718 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
719 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
720 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
721 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
722 0 },
723
724 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
725 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
726 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
727 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
728 0 },
729 #endif /* MBEDTLS_SHA256_C */
730
731 #if defined(MBEDTLS_SHA1_C)
732 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
733 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
734 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
735 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
736 0 },
737
738 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
739 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
740 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
741 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
742 0 },
743 #endif /* MBEDTLS_SHA1_C */
744 #endif /* MBEDTLS_CIPHER_MODE_CBC */
745 #if defined(MBEDTLS_GCM_C)
746 #if defined(MBEDTLS_SHA256_C)
747 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
748 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
749 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
750 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
751 0 },
752 #endif /* MBEDTLS_SHA256_C */
753
754 #if defined(MBEDTLS_SHA512_C)
755 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
756 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
757 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
758 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
759 0 },
760 #endif /* MBEDTLS_SHA512_C */
761 #endif /* MBEDTLS_GCM_C */
762 #endif /* MBEDTLS_CAMELLIA_C */
763
764 #if defined(MBEDTLS_DES_C)
765 #if defined(MBEDTLS_CIPHER_MODE_CBC)
766 #if defined(MBEDTLS_SHA1_C)
767 { MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
768 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
769 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
770 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
771 0 },
772 #endif /* MBEDTLS_SHA1_C */
773 #endif /* MBEDTLS_CIPHER_MODE_CBC */
774 #endif /* MBEDTLS_DES_C */
775 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
776
777 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
778 #if defined(MBEDTLS_AES_C)
779 #if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
780 { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
781 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
782 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
783 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
784 0 },
785 #endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
786
787 #if defined(MBEDTLS_SHA256_C)
788 #if defined(MBEDTLS_GCM_C)
789 { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
790 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
791 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
792 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
793 0 },
794 #endif /* MBEDTLS_GCM_C */
795
796 #if defined(MBEDTLS_CIPHER_MODE_CBC)
797 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
798 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
799 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
800 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
801 0 },
802
803 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
804 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
805 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
806 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
807 0 },
808 #endif /* MBEDTLS_CIPHER_MODE_CBC */
809 #endif /* MBEDTLS_SHA256_C */
810
811 #if defined(MBEDTLS_SHA1_C)
812 #if defined(MBEDTLS_CIPHER_MODE_CBC)
813 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
814 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
815 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
816 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
817 0 },
818
819 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
820 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
821 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
822 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
823 0 },
824 #endif /* MBEDTLS_CIPHER_MODE_CBC */
825 #endif /* MBEDTLS_SHA1_C */
826 #if defined(MBEDTLS_CCM_C)
827 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
828 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
829 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
830 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
831 0 },
832 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
833 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
834 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
835 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
836 MBEDTLS_CIPHERSUITE_SHORT_TAG },
837 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
838 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
839 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
840 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
841 0 },
842 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
843 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
844 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
845 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
846 MBEDTLS_CIPHERSUITE_SHORT_TAG },
847 #endif /* MBEDTLS_CCM_C */
848 #endif /* MBEDTLS_AES_C */
849
850 #if defined(MBEDTLS_CAMELLIA_C)
851 #if defined(MBEDTLS_CIPHER_MODE_CBC)
852 #if defined(MBEDTLS_SHA256_C)
853 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
854 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
855 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
856 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
857 0 },
858
859 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
860 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
861 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
862 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
863 0 },
864 #endif /* MBEDTLS_SHA256_C */
865
866 #if defined(MBEDTLS_SHA1_C)
867 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
868 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
869 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
870 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
871 0 },
872
873 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
874 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
875 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
876 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
877 0 },
878 #endif /* MBEDTLS_SHA1_C */
879 #endif /* MBEDTLS_CIPHER_MODE_CBC */
880
881 #if defined(MBEDTLS_GCM_C)
882 #if defined(MBEDTLS_SHA256_C)
883 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
884 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
885 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
886 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
887 0 },
888 #endif /* MBEDTLS_SHA256_C */
889
890 #if defined(MBEDTLS_SHA1_C)
891 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
892 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
893 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
894 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
895 0 },
896 #endif /* MBEDTLS_SHA1_C */
897 #endif /* MBEDTLS_GCM_C */
898 #endif /* MBEDTLS_CAMELLIA_C */
899
900 #if defined(MBEDTLS_DES_C)
901 #if defined(MBEDTLS_CIPHER_MODE_CBC)
902 #if defined(MBEDTLS_SHA1_C)
903 { MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
904 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
905 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
906 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
907 0 },
908 #endif /* MBEDTLS_SHA1_C */
909 #endif /* MBEDTLS_CIPHER_MODE_CBC */
910 #endif /* MBEDTLS_DES_C */
911
912 #if defined(MBEDTLS_ARC4_C)
913 #if defined(MBEDTLS_MD5_C)
914 { MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
915 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
916 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
917 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
918 MBEDTLS_CIPHERSUITE_NODTLS },
919 #endif
920
921 #if defined(MBEDTLS_SHA1_C)
922 { MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
923 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
924 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
925 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
926 MBEDTLS_CIPHERSUITE_NODTLS },
927 #endif
928 #endif /* MBEDTLS_ARC4_C */
929 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
930
931 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
932 #if defined(MBEDTLS_AES_C)
933 #if defined(MBEDTLS_SHA1_C)
934 #if defined(MBEDTLS_CIPHER_MODE_CBC)
935 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
936 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
937 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
938 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
939 0 },
940 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
941 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
942 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
943 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
944 0 },
945 #endif /* MBEDTLS_CIPHER_MODE_CBC */
946 #endif /* MBEDTLS_SHA1_C */
947 #if defined(MBEDTLS_SHA256_C)
948 #if defined(MBEDTLS_CIPHER_MODE_CBC)
949 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
950 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
951 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
952 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
953 0 },
954 #endif /* MBEDTLS_CIPHER_MODE_CBC */
955 #if defined(MBEDTLS_GCM_C)
956 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
957 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
958 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
959 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
960 0 },
961 #endif /* MBEDTLS_GCM_C */
962 #endif /* MBEDTLS_SHA256_C */
963 #if defined(MBEDTLS_SHA512_C)
964 #if defined(MBEDTLS_CIPHER_MODE_CBC)
965 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
966 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
967 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
968 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
969 0 },
970 #endif /* MBEDTLS_CIPHER_MODE_CBC */
971 #if defined(MBEDTLS_GCM_C)
972 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
973 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
974 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
975 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
976 0 },
977 #endif /* MBEDTLS_GCM_C */
978 #endif /* MBEDTLS_SHA512_C */
979 #endif /* MBEDTLS_AES_C */
980
981 #if defined(MBEDTLS_CAMELLIA_C)
982 #if defined(MBEDTLS_CIPHER_MODE_CBC)
983 #if defined(MBEDTLS_SHA256_C)
984 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
985 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
986 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
987 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
988 0 },
989 #endif /* MBEDTLS_SHA256_C */
990 #if defined(MBEDTLS_SHA512_C)
991 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
992 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
993 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
994 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
995 0 },
996 #endif /* MBEDTLS_SHA512_C */
997 #endif /* MBEDTLS_CIPHER_MODE_CBC */
998
999 #if defined(MBEDTLS_GCM_C)
1000 #if defined(MBEDTLS_SHA256_C)
1001 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
1002 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1003 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1004 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1005 0 },
1006 #endif /* MBEDTLS_SHA256_C */
1007 #if defined(MBEDTLS_SHA512_C)
1008 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
1009 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1010 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1011 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1012 0 },
1013 #endif /* MBEDTLS_SHA512_C */
1014 #endif /* MBEDTLS_GCM_C */
1015 #endif /* MBEDTLS_CAMELLIA_C */
1016
1017 #if defined(MBEDTLS_DES_C)
1018 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1019 #if defined(MBEDTLS_SHA1_C)
1020 { MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
1021 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1022 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1023 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1024 0 },
1025 #endif /* MBEDTLS_SHA1_C */
1026 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1027 #endif /* MBEDTLS_DES_C */
1028
1029 #if defined(MBEDTLS_ARC4_C)
1030 #if defined(MBEDTLS_SHA1_C)
1031 { MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA",
1032 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1033 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1034 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1035 MBEDTLS_CIPHERSUITE_NODTLS },
1036 #endif /* MBEDTLS_SHA1_C */
1037 #endif /* MBEDTLS_ARC4_C */
1038
1039 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1040 #if defined(MBEDTLS_SHA1_C)
1041 { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
1042 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1043 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1044 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1045 MBEDTLS_CIPHERSUITE_WEAK },
1046 #endif /* MBEDTLS_SHA1_C */
1047 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1048 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
1049
1050 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
1051 #if defined(MBEDTLS_AES_C)
1052 #if defined(MBEDTLS_SHA1_C)
1053 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1054 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
1055 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1056 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1057 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1058 0 },
1059 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
1060 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1061 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1062 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1063 0 },
1064 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1065 #endif /* MBEDTLS_SHA1_C */
1066 #if defined(MBEDTLS_SHA256_C)
1067 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1068 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
1069 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1070 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1071 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1072 0 },
1073 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1074 #if defined(MBEDTLS_GCM_C)
1075 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
1076 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1077 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1078 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1079 0 },
1080 #endif /* MBEDTLS_GCM_C */
1081 #endif /* MBEDTLS_SHA256_C */
1082 #if defined(MBEDTLS_SHA512_C)
1083 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1084 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
1085 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1086 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1087 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1088 0 },
1089 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1090 #if defined(MBEDTLS_GCM_C)
1091 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
1092 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1093 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1094 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1095 0 },
1096 #endif /* MBEDTLS_GCM_C */
1097 #endif /* MBEDTLS_SHA512_C */
1098 #endif /* MBEDTLS_AES_C */
1099
1100 #if defined(MBEDTLS_CAMELLIA_C)
1101 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1102 #if defined(MBEDTLS_SHA256_C)
1103 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
1104 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1105 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1106 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1107 0 },
1108 #endif /* MBEDTLS_SHA256_C */
1109 #if defined(MBEDTLS_SHA512_C)
1110 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
1111 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1112 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1113 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1114 0 },
1115 #endif /* MBEDTLS_SHA512_C */
1116 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1117
1118 #if defined(MBEDTLS_GCM_C)
1119 #if defined(MBEDTLS_SHA256_C)
1120 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
1121 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1122 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1123 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1124 0 },
1125 #endif /* MBEDTLS_SHA256_C */
1126 #if defined(MBEDTLS_SHA512_C)
1127 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
1128 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1129 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1130 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1131 0 },
1132 #endif /* MBEDTLS_SHA512_C */
1133 #endif /* MBEDTLS_GCM_C */
1134 #endif /* MBEDTLS_CAMELLIA_C */
1135
1136 #if defined(MBEDTLS_DES_C)
1137 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1138 #if defined(MBEDTLS_SHA1_C)
1139 { MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
1140 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1141 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1142 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1143 0 },
1144 #endif /* MBEDTLS_SHA1_C */
1145 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1146 #endif /* MBEDTLS_DES_C */
1147
1148 #if defined(MBEDTLS_ARC4_C)
1149 #if defined(MBEDTLS_SHA1_C)
1150 { MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA",
1151 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1152 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1153 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1154 MBEDTLS_CIPHERSUITE_NODTLS },
1155 #endif /* MBEDTLS_SHA1_C */
1156 #endif /* MBEDTLS_ARC4_C */
1157
1158 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1159 #if defined(MBEDTLS_SHA1_C)
1160 { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
1161 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1162 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1163 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1164 MBEDTLS_CIPHERSUITE_WEAK },
1165 #endif /* MBEDTLS_SHA1_C */
1166 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1167 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
1168
1169 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1170 #if defined(MBEDTLS_AES_C)
1171 #if defined(MBEDTLS_GCM_C)
1172 #if defined(MBEDTLS_SHA256_C)
1173 { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
1174 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1175 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1176 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1177 0 },
1178 #endif /* MBEDTLS_SHA256_C */
1179
1180 #if defined(MBEDTLS_SHA512_C)
1181 { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
1182 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1183 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1184 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1185 0 },
1186 #endif /* MBEDTLS_SHA512_C */
1187 #endif /* MBEDTLS_GCM_C */
1188
1189 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1190 #if defined(MBEDTLS_SHA256_C)
1191 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1192 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1193 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1194 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1195 0 },
1196 #endif /* MBEDTLS_SHA256_C */
1197
1198 #if defined(MBEDTLS_SHA512_C)
1199 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1200 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1201 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1202 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1203 0 },
1204 #endif /* MBEDTLS_SHA512_C */
1205
1206 #if defined(MBEDTLS_SHA1_C)
1207 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1208 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1209 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1210 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1211 0 },
1212
1213 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1214 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1215 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1216 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1217 0 },
1218 #endif /* MBEDTLS_SHA1_C */
1219 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1220 #if defined(MBEDTLS_CCM_C)
1221 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
1222 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1223 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1224 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1225 0 },
1226 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
1227 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1228 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1229 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1230 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1231 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
1232 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1233 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1234 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1235 0 },
1236 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
1237 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1238 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1239 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1240 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1241 #endif /* MBEDTLS_CCM_C */
1242 #endif /* MBEDTLS_AES_C */
1243
1244 #if defined(MBEDTLS_CAMELLIA_C)
1245 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1246 #if defined(MBEDTLS_SHA256_C)
1247 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1248 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1249 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1250 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1251 0 },
1252 #endif /* MBEDTLS_SHA256_C */
1253
1254 #if defined(MBEDTLS_SHA512_C)
1255 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1256 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1257 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1258 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1259 0 },
1260 #endif /* MBEDTLS_SHA512_C */
1261 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1262
1263 #if defined(MBEDTLS_GCM_C)
1264 #if defined(MBEDTLS_SHA256_C)
1265 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1266 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1267 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1268 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1269 0 },
1270 #endif /* MBEDTLS_SHA256_C */
1271
1272 #if defined(MBEDTLS_SHA512_C)
1273 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1274 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1275 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1276 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1277 0 },
1278 #endif /* MBEDTLS_SHA512_C */
1279 #endif /* MBEDTLS_GCM_C */
1280 #endif /* MBEDTLS_CAMELLIA_C */
1281
1282 #if defined(MBEDTLS_DES_C)
1283 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1284 #if defined(MBEDTLS_SHA1_C)
1285 { MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
1286 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1287 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1288 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1289 0 },
1290 #endif /* MBEDTLS_SHA1_C */
1291 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1292 #endif /* MBEDTLS_DES_C */
1293
1294 #if defined(MBEDTLS_ARC4_C)
1295 #if defined(MBEDTLS_SHA1_C)
1296 { MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
1297 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1298 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1299 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1300 MBEDTLS_CIPHERSUITE_NODTLS },
1301 #endif /* MBEDTLS_SHA1_C */
1302 #endif /* MBEDTLS_ARC4_C */
1303 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1304
1305 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1306 #if defined(MBEDTLS_AES_C)
1307 #if defined(MBEDTLS_GCM_C)
1308 #if defined(MBEDTLS_SHA256_C)
1309 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1310 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1311 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1312 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1313 0 },
1314 #endif /* MBEDTLS_SHA256_C */
1315
1316 #if defined(MBEDTLS_SHA512_C)
1317 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1318 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1319 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1320 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1321 0 },
1322 #endif /* MBEDTLS_SHA512_C */
1323 #endif /* MBEDTLS_GCM_C */
1324
1325 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1326 #if defined(MBEDTLS_SHA256_C)
1327 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1328 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1329 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1330 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1331 0 },
1332 #endif /* MBEDTLS_SHA256_C */
1333
1334 #if defined(MBEDTLS_SHA512_C)
1335 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1336 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1337 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1338 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1339 0 },
1340 #endif /* MBEDTLS_SHA512_C */
1341
1342 #if defined(MBEDTLS_SHA1_C)
1343 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1344 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1345 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1346 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1347 0 },
1348
1349 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1350 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1351 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1352 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1353 0 },
1354 #endif /* MBEDTLS_SHA1_C */
1355 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1356 #if defined(MBEDTLS_CCM_C)
1357 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
1358 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1359 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1360 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1361 0 },
1362 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1363 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1364 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1365 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1366 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1367 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
1368 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1369 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1370 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1371 0 },
1372 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1373 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1374 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1375 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1376 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1377 #endif /* MBEDTLS_CCM_C */
1378 #endif /* MBEDTLS_AES_C */
1379
1380 #if defined(MBEDTLS_CAMELLIA_C)
1381 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1382 #if defined(MBEDTLS_SHA256_C)
1383 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1384 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1385 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1386 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1387 0 },
1388 #endif /* MBEDTLS_SHA256_C */
1389
1390 #if defined(MBEDTLS_SHA512_C)
1391 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1392 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1393 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1394 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1395 0 },
1396 #endif /* MBEDTLS_SHA512_C */
1397 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1398
1399 #if defined(MBEDTLS_GCM_C)
1400 #if defined(MBEDTLS_SHA256_C)
1401 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1402 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1403 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1404 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1405 0 },
1406 #endif /* MBEDTLS_SHA256_C */
1407
1408 #if defined(MBEDTLS_SHA512_C)
1409 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1410 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1411 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1412 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1413 0 },
1414 #endif /* MBEDTLS_SHA512_C */
1415 #endif /* MBEDTLS_GCM_C */
1416 #endif /* MBEDTLS_CAMELLIA_C */
1417
1418 #if defined(MBEDTLS_DES_C)
1419 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1420 #if defined(MBEDTLS_SHA1_C)
1421 { MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
1422 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1423 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1424 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1425 0 },
1426 #endif /* MBEDTLS_SHA1_C */
1427 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1428 #endif /* MBEDTLS_DES_C */
1429
1430 #if defined(MBEDTLS_ARC4_C)
1431 #if defined(MBEDTLS_SHA1_C)
1432 { MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
1433 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1434 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1435 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1436 MBEDTLS_CIPHERSUITE_NODTLS },
1437 #endif /* MBEDTLS_SHA1_C */
1438 #endif /* MBEDTLS_ARC4_C */
1439 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1440
1441 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1442 #if defined(MBEDTLS_AES_C)
1443
1444 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1445 #if defined(MBEDTLS_SHA256_C)
1446 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1447 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1448 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1449 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1450 0 },
1451 #endif /* MBEDTLS_SHA256_C */
1452
1453 #if defined(MBEDTLS_SHA512_C)
1454 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1455 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1456 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1457 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1458 0 },
1459 #endif /* MBEDTLS_SHA512_C */
1460
1461 #if defined(MBEDTLS_SHA1_C)
1462 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1463 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1464 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1465 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1466 0 },
1467
1468 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1469 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1470 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1471 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1472 0 },
1473 #endif /* MBEDTLS_SHA1_C */
1474 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1475 #endif /* MBEDTLS_AES_C */
1476
1477 #if defined(MBEDTLS_CAMELLIA_C)
1478 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1479 #if defined(MBEDTLS_SHA256_C)
1480 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1481 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1482 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1483 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1484 0 },
1485 #endif /* MBEDTLS_SHA256_C */
1486
1487 #if defined(MBEDTLS_SHA512_C)
1488 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1489 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1490 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1491 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1492 0 },
1493 #endif /* MBEDTLS_SHA512_C */
1494 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1495 #endif /* MBEDTLS_CAMELLIA_C */
1496
1497 #if defined(MBEDTLS_DES_C)
1498 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1499 #if defined(MBEDTLS_SHA1_C)
1500 { MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
1501 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1502 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1503 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1504 0 },
1505 #endif /* MBEDTLS_SHA1_C */
1506 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1507 #endif /* MBEDTLS_DES_C */
1508
1509 #if defined(MBEDTLS_ARC4_C)
1510 #if defined(MBEDTLS_SHA1_C)
1511 { MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
1512 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1513 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1514 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1515 MBEDTLS_CIPHERSUITE_NODTLS },
1516 #endif /* MBEDTLS_SHA1_C */
1517 #endif /* MBEDTLS_ARC4_C */
1518 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1519
1520 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1521 #if defined(MBEDTLS_AES_C)
1522 #if defined(MBEDTLS_GCM_C)
1523 #if defined(MBEDTLS_SHA256_C)
1524 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1525 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1526 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1527 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1528 0 },
1529 #endif /* MBEDTLS_SHA256_C */
1530
1531 #if defined(MBEDTLS_SHA512_C)
1532 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1533 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1534 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1535 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1536 0 },
1537 #endif /* MBEDTLS_SHA512_C */
1538 #endif /* MBEDTLS_GCM_C */
1539
1540 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1541 #if defined(MBEDTLS_SHA256_C)
1542 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1543 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1544 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1545 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1546 0 },
1547 #endif /* MBEDTLS_SHA256_C */
1548
1549 #if defined(MBEDTLS_SHA512_C)
1550 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1551 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1552 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1553 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1554 0 },
1555 #endif /* MBEDTLS_SHA512_C */
1556
1557 #if defined(MBEDTLS_SHA1_C)
1558 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1559 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1560 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1561 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1562 0 },
1563
1564 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1565 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1566 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1567 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1568 0 },
1569 #endif /* MBEDTLS_SHA1_C */
1570 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1571 #endif /* MBEDTLS_AES_C */
1572
1573 #if defined(MBEDTLS_CAMELLIA_C)
1574 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1575 #if defined(MBEDTLS_SHA256_C)
1576 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1577 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1578 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1579 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1580 0 },
1581 #endif /* MBEDTLS_SHA256_C */
1582
1583 #if defined(MBEDTLS_SHA512_C)
1584 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1585 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1586 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1587 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1588 0 },
1589 #endif /* MBEDTLS_SHA512_C */
1590 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1591
1592 #if defined(MBEDTLS_GCM_C)
1593 #if defined(MBEDTLS_SHA256_C)
1594 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1595 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1596 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1597 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1598 0 },
1599 #endif /* MBEDTLS_SHA256_C */
1600
1601 #if defined(MBEDTLS_SHA512_C)
1602 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1603 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1604 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1605 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1606 0 },
1607 #endif /* MBEDTLS_SHA512_C */
1608 #endif /* MBEDTLS_GCM_C */
1609 #endif /* MBEDTLS_CAMELLIA_C */
1610
1611 #if defined(MBEDTLS_DES_C)
1612 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1613 #if defined(MBEDTLS_SHA1_C)
1614 { MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
1615 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1616 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1617 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1618 0 },
1619 #endif /* MBEDTLS_SHA1_C */
1620 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1621 #endif /* MBEDTLS_DES_C */
1622
1623 #if defined(MBEDTLS_ARC4_C)
1624 #if defined(MBEDTLS_SHA1_C)
1625 { MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
1626 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1627 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1628 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1629 MBEDTLS_CIPHERSUITE_NODTLS },
1630 #endif /* MBEDTLS_SHA1_C */
1631 #endif /* MBEDTLS_ARC4_C */
1632 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1633
1634 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1635 #if defined(MBEDTLS_AES_C)
1636 #if defined(MBEDTLS_CCM_C)
1637 { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8",
1638 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE,
1639 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1640 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1641 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1642 #endif /* MBEDTLS_CCM_C */
1643 #endif /* MBEDTLS_AES_C */
1644 #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1645
1646 #if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES)
1647 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1648 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1649 #if defined(MBEDTLS_MD5_C)
1650 { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1651 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
1652 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1653 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1654 MBEDTLS_CIPHERSUITE_WEAK },
1655 #endif
1656
1657 #if defined(MBEDTLS_SHA1_C)
1658 { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1659 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
1660 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1661 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1662 MBEDTLS_CIPHERSUITE_WEAK },
1663 #endif
1664
1665 #if defined(MBEDTLS_SHA256_C)
1666 { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1667 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1668 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1669 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1670 MBEDTLS_CIPHERSUITE_WEAK },
1671 #endif
1672 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1673
1674 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1675 #if defined(MBEDTLS_SHA1_C)
1676 { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1677 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1678 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1679 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1680 MBEDTLS_CIPHERSUITE_WEAK },
1681 #endif /* MBEDTLS_SHA1_C */
1682
1683 #if defined(MBEDTLS_SHA256_C)
1684 { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1685 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1686 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1687 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1688 MBEDTLS_CIPHERSUITE_WEAK },
1689 #endif
1690
1691 #if defined(MBEDTLS_SHA512_C)
1692 { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1693 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1694 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1695 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1696 MBEDTLS_CIPHERSUITE_WEAK },
1697 #endif
1698 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1699
1700 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1701 #if defined(MBEDTLS_SHA1_C)
1702 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1703 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1704 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1705 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1706 MBEDTLS_CIPHERSUITE_WEAK },
1707 #endif /* MBEDTLS_SHA1_C */
1708
1709 #if defined(MBEDTLS_SHA256_C)
1710 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1711 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1712 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1713 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1714 MBEDTLS_CIPHERSUITE_WEAK },
1715 #endif
1716
1717 #if defined(MBEDTLS_SHA512_C)
1718 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1719 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1720 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1721 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1722 MBEDTLS_CIPHERSUITE_WEAK },
1723 #endif
1724 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1725
1726 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1727 #if defined(MBEDTLS_SHA1_C)
1728 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1729 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1730 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1731 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1732 MBEDTLS_CIPHERSUITE_WEAK },
1733 #endif /* MBEDTLS_SHA1_C */
1734
1735 #if defined(MBEDTLS_SHA256_C)
1736 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1737 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1738 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1739 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1740 MBEDTLS_CIPHERSUITE_WEAK },
1741 #endif
1742
1743 #if defined(MBEDTLS_SHA512_C)
1744 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1745 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1746 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1747 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1748 MBEDTLS_CIPHERSUITE_WEAK },
1749 #endif
1750 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1751
1752 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1753 #if defined(MBEDTLS_SHA1_C)
1754 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1755 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1756 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1757 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1758 MBEDTLS_CIPHERSUITE_WEAK },
1759 #endif /* MBEDTLS_SHA1_C */
1760
1761 #if defined(MBEDTLS_SHA256_C)
1762 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
1763 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1764 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1765 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1766 MBEDTLS_CIPHERSUITE_WEAK },
1767 #endif
1768
1769 #if defined(MBEDTLS_SHA512_C)
1770 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
1771 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1772 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1773 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1774 MBEDTLS_CIPHERSUITE_WEAK },
1775 #endif
1776 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1777 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1778
1779 #if defined(MBEDTLS_DES_C)
1780 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1781 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
1782 #if defined(MBEDTLS_SHA1_C)
1783 { MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
1784 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1785 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1786 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1787 MBEDTLS_CIPHERSUITE_WEAK },
1788 #endif /* MBEDTLS_SHA1_C */
1789 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
1790
1791 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1792 #if defined(MBEDTLS_SHA1_C)
1793 { MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
1794 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
1795 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1796 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1797 MBEDTLS_CIPHERSUITE_WEAK },
1798 #endif /* MBEDTLS_SHA1_C */
1799 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1800 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1801 #endif /* MBEDTLS_DES_C */
1802 #endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */
1803
1804 #if defined(MBEDTLS_ARIA_C)
1805
1806 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1807
1808 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1809 { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
1810 "TLS-RSA-WITH-ARIA-256-GCM-SHA384",
1811 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1812 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1813 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1814 0 },
1815 #endif
1816 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1817 { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
1818 "TLS-RSA-WITH-ARIA-256-CBC-SHA384",
1819 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1820 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1821 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1822 0 },
1823 #endif
1824 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1825 { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
1826 "TLS-RSA-WITH-ARIA-128-GCM-SHA256",
1827 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1828 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1829 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1830 0 },
1831 #endif
1832 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1833 { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
1834 "TLS-RSA-WITH-ARIA-128-CBC-SHA256",
1835 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1836 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1837 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1838 0 },
1839 #endif
1840
1841 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1842
1843 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1844
1845 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1846 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
1847 "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
1848 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1849 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1850 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1851 0 },
1852 #endif
1853 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1854 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
1855 "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
1856 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1857 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1858 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1859 0 },
1860 #endif
1861 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1862 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
1863 "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256",
1864 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1865 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1866 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1867 0 },
1868 #endif
1869 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1870 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
1871 "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
1872 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1873 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1874 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1875 0 },
1876 #endif
1877
1878 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1879
1880 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1881
1882 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1883 { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
1884 "TLS-PSK-WITH-ARIA-256-GCM-SHA384",
1885 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK,
1886 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1887 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1888 0 },
1889 #endif
1890 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1891 { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
1892 "TLS-PSK-WITH-ARIA-256-CBC-SHA384",
1893 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1894 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1895 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1896 0 },
1897 #endif
1898 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1899 { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
1900 "TLS-PSK-WITH-ARIA-128-GCM-SHA256",
1901 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1902 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1903 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1904 0 },
1905 #endif
1906 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1907 { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
1908 "TLS-PSK-WITH-ARIA-128-CBC-SHA256",
1909 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1910 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1911 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1912 0 },
1913 #endif
1914
1915 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1916
1917 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
1918
1919 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1920 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
1921 "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384",
1922 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1923 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1924 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1925 0 },
1926 #endif
1927 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1928 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
1929 "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
1930 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1931 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1932 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1933 0 },
1934 #endif
1935 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1936 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
1937 "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256",
1938 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1939 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1940 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1941 0 },
1942 #endif
1943 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1944 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
1945 "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256",
1946 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1947 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1948 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1949 0 },
1950 #endif
1951
1952 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
1953
1954 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
1955
1956 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1957 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
1958 "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
1959 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1960 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1961 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1962 0 },
1963 #endif
1964 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1965 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
1966 "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
1967 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1968 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1969 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1970 0 },
1971 #endif
1972 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1973 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
1974 "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
1975 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1976 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1977 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1978 0 },
1979 #endif
1980 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1981 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
1982 "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256",
1983 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1984 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1985 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1986 0 },
1987 #endif
1988
1989 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
1990
1991 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1992
1993 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1994 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
1995 "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
1996 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1997 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1998 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1999 0 },
2000 #endif
2001 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2002 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
2003 "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256",
2004 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
2005 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2006 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2007 0 },
2008 #endif
2009
2010 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
2011
2012 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
2013
2014 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
2015 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
2016 "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
2017 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
2018 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2019 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2020 0 },
2021 #endif
2022 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2023 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
2024 "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
2025 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
2026 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2027 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2028 0 },
2029 #endif
2030 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2031 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
2032 "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
2033 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
2034 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2035 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2036 0 },
2037 #endif
2038 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2039 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
2040 "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256",
2041 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
2042 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2043 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2044 0 },
2045 #endif
2046
2047 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
2048
2049 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
2050
2051 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
2052 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
2053 "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384",
2054 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
2055 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2056 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2057 0 },
2058 #endif
2059 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2060 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
2061 "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
2062 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
2063 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2064 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2065 0 },
2066 #endif
2067 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2068 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
2069 "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256",
2070 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
2071 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2072 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2073 0 },
2074 #endif
2075 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2076 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
2077 "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256",
2078 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
2079 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2080 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2081 0 },
2082 #endif
2083
2084 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
2085
2086 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
2087
2088 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
2089 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
2090 "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
2091 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2092 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2093 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2094 0 },
2095 #endif
2096 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2097 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
2098 "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
2099 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2100 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2101 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2102 0 },
2103 #endif
2104 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2105 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2106 "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
2107 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2108 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2109 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2110 0 },
2111 #endif
2112 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2113 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
2114 "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256",
2115 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2116 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2117 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2118 0 },
2119 #endif
2120
2121 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
2122
2123 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
2124
2125 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
2126 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
2127 "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
2128 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2129 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2130 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2131 0 },
2132 #endif
2133 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2134 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
2135 "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
2136 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2137 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2138 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2139 0 },
2140 #endif
2141 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2142 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
2143 "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
2144 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2145 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2146 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2147 0 },
2148 #endif
2149 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2150 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
2151 "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256",
2152 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2153 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2154 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2155 0 },
2156 #endif
2157
2158 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
2159
2160 #endif /* MBEDTLS_ARIA_C */
2161
2162
2163 { 0, "",
2164 MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
2165 0, 0, 0, 0, 0 }
2166 };
2167
2168 #if defined(MBEDTLS_SSL_CIPHERSUITES)
mbedtls_ssl_list_ciphersuites(void)2169 const int *mbedtls_ssl_list_ciphersuites( void )
2170 {
2171 return( ciphersuite_preference );
2172 }
2173 #else
2174 #define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
2175 sizeof( ciphersuite_definitions[0] )
2176 static int supported_ciphersuites[MAX_CIPHERSUITES];
2177 static int supported_init = 0;
2178
ciphersuite_is_removed(const mbedtls_ssl_ciphersuite_t * cs_info)2179 static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info )
2180 {
2181 (void)cs_info;
2182
2183 #if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
2184 if( cs_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
2185 return( 1 );
2186 #endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */
2187
2188 #if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES)
2189 if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB ||
2190 cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC )
2191 {
2192 return( 1 );
2193 }
2194 #endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */
2195
2196 return( 0 );
2197 }
2198
mbedtls_ssl_list_ciphersuites(void)2199 const int *mbedtls_ssl_list_ciphersuites( void )
2200 {
2201 /*
2202 * On initial call filter out all ciphersuites not supported by current
2203 * build based on presence in the ciphersuite_definitions.
2204 */
2205 if( supported_init == 0 )
2206 {
2207 const int *p;
2208 int *q;
2209
2210 for( p = ciphersuite_preference, q = supported_ciphersuites;
2211 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
2212 p++ )
2213 {
2214 const mbedtls_ssl_ciphersuite_t *cs_info;
2215 if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
2216 !ciphersuite_is_removed( cs_info ) )
2217 {
2218 *(q++) = *p;
2219 }
2220 }
2221 *q = 0;
2222
2223 supported_init = 1;
2224 }
2225
2226 return( supported_ciphersuites );
2227 }
2228 #endif /* MBEDTLS_SSL_CIPHERSUITES */
2229
mbedtls_ssl_ciphersuite_from_string(const char * ciphersuite_name)2230 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
2231 const char *ciphersuite_name )
2232 {
2233 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
2234
2235 if( NULL == ciphersuite_name )
2236 return( NULL );
2237
2238 while( cur->id != 0 )
2239 {
2240 if( 0 == strcmp( cur->name, ciphersuite_name ) )
2241 return( cur );
2242
2243 cur++;
2244 }
2245
2246 return( NULL );
2247 }
2248
mbedtls_ssl_ciphersuite_from_id(int ciphersuite)2249 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite )
2250 {
2251 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
2252
2253 while( cur->id != 0 )
2254 {
2255 if( cur->id == ciphersuite )
2256 return( cur );
2257
2258 cur++;
2259 }
2260
2261 return( NULL );
2262 }
2263
mbedtls_ssl_get_ciphersuite_name(const int ciphersuite_id)2264 const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
2265 {
2266 const mbedtls_ssl_ciphersuite_t *cur;
2267
2268 cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
2269
2270 if( cur == NULL )
2271 return( "unknown" );
2272
2273 return( cur->name );
2274 }
2275
mbedtls_ssl_get_ciphersuite_id(const char * ciphersuite_name)2276 int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
2277 {
2278 const mbedtls_ssl_ciphersuite_t *cur;
2279
2280 cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name );
2281
2282 if( cur == NULL )
2283 return( 0 );
2284
2285 return( cur->id );
2286 }
2287
2288 #if defined(MBEDTLS_PK_C)
mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t * info)2289 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info )
2290 {
2291 switch( info->key_exchange )
2292 {
2293 case MBEDTLS_KEY_EXCHANGE_RSA:
2294 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
2295 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2296 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2297 return( MBEDTLS_PK_RSA );
2298
2299 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2300 return( MBEDTLS_PK_ECDSA );
2301
2302 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2303 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
2304 return( MBEDTLS_PK_ECKEY );
2305
2306 default:
2307 return( MBEDTLS_PK_NONE );
2308 }
2309 }
2310
mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t * info)2311 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info )
2312 {
2313 switch( info->key_exchange )
2314 {
2315 case MBEDTLS_KEY_EXCHANGE_RSA:
2316 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
2317 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2318 return( MBEDTLS_PK_RSA );
2319
2320 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2321 return( MBEDTLS_PK_ECDSA );
2322
2323 default:
2324 return( MBEDTLS_PK_NONE );
2325 }
2326 }
2327
2328 #endif /* MBEDTLS_PK_C */
2329
2330 #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
2331 defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t * info)2332 int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
2333 {
2334 switch( info->key_exchange )
2335 {
2336 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2337 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2338 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2339 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2340 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
2341 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
2342 return( 1 );
2343
2344 default:
2345 return( 0 );
2346 }
2347 }
2348 #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/
2349
2350 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t * info)2351 int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info )
2352 {
2353 switch( info->key_exchange )
2354 {
2355 case MBEDTLS_KEY_EXCHANGE_PSK:
2356 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2357 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
2358 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2359 return( 1 );
2360
2361 default:
2362 return( 0 );
2363 }
2364 }
2365 #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
2366
2367 #endif /* MBEDTLS_SSL_TLS_C */
2368