1 /**
2 * \file ssl_ciphersuites.c
3 *
4 * \brief SSL ciphersuites for mbed TLS
5 *
6 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
7 * SPDX-License-Identifier: GPL-2.0
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22 *
23 * This file is part of mbed TLS (https://tls.mbed.org)
24 */
25
26 #if !defined(MBEDTLS_CONFIG_FILE)
27 #include "mbedtls/config.h"
28 #else
29 #include MBEDTLS_CONFIG_FILE
30 #endif
31
32 #if defined(MBEDTLS_SSL_TLS_C)
33
34 #if defined(MBEDTLS_PLATFORM_C)
35 #include "mbedtls/platform.h"
36 #else
37 #include <stdlib.h>
38 #endif
39
40 #include "mbedtls/ssl_ciphersuites.h"
41 #include "mbedtls/ssl.h"
42
43 #include <string.h>
44
45 /*
46 * Ordered from most preferred to least preferred in terms of security.
47 *
48 * Current rule (except rc4, weak and null which come last):
49 * 1. By key exchange:
50 * Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
51 * 2. By key length and cipher:
52 * ChaCha > AES-256 > Camellia-256 > ARIA-256 > AES-128 > Camellia-128 > ARIA-128 > 3DES
53 * 3. By cipher mode when relevant GCM > CCM > CBC > CCM_8
54 * 4. By hash function used when relevant
55 * 5. By key exchange/auth again: EC > non-EC
56 */
57 static const int ciphersuite_preference[] =
58 {
59 #if defined(MBEDTLS_SSL_CIPHERSUITES)
60 MBEDTLS_SSL_CIPHERSUITES,
61 #else
62 /* Chacha-Poly ephemeral suites */
63 MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
64 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
65 MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
66
67 /* All AES-256 ephemeral suites */
68 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
69 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
70 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
71 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM,
72 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
73 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
74 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
75 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
76 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
77 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
78 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
79 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,
80 MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8,
81
82 /* All CAMELLIA-256 ephemeral suites */
83 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
84 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
85 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384,
86 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
87 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
88 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
89 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
90
91 /* All ARIA-256 ephemeral suites */
92 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
93 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
94 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
95 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
96 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
97 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
98
99 /* All AES-128 ephemeral suites */
100 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
101 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
102 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
103 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
104 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
105 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
106 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
107 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
108 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
109 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
110 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
111 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
112 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
113
114 /* All CAMELLIA-128 ephemeral suites */
115 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
116 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
117 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256,
118 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
119 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
120 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
121 MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
122
123 /* All ARIA-128 ephemeral suites */
124 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
125 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
126 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
127 MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
128 MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
129 MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
130
131 /* All remaining >= 128-bit ephemeral suites */
132 MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
133 MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
134 MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
135
136 /* The PSK ephemeral suites */
137 MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
138 MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
139 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
140 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM,
141 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
142 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
143 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
144 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
145 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384,
146 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
147 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384,
148 MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8,
149 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
150 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
151 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
152
153 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
154 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM,
155 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
156 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
157 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
158 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA,
159 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256,
160 MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
161 MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256,
162 MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8,
163 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
164 MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
165 MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
166
167 MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
168 MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
169
170 /* The ECJPAKE suite */
171 MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8,
172
173 /* All AES-256 suites */
174 MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384,
175 MBEDTLS_TLS_RSA_WITH_AES_256_CCM,
176 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256,
177 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA,
178 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
179 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
180 MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
181 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
182 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
183 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
184 MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8,
185
186 /* All CAMELLIA-256 suites */
187 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384,
188 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256,
189 MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,
190 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384,
191 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384,
192 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384,
193 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
194
195 /* All ARIA-256 suites */
196 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
197 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
198 MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
199 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
200 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
201 MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
202
203 /* All AES-128 suites */
204 MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256,
205 MBEDTLS_TLS_RSA_WITH_AES_128_CCM,
206 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256,
207 MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA,
208 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
209 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
210 MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
211 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
212 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
213 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
214 MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8,
215
216 /* All CAMELLIA-128 suites */
217 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256,
218 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256,
219 MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA,
220 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256,
221 MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256,
222 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
223 MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
224
225 /* All ARIA-128 suites */
226 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
227 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
228 MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
229 MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
230 MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
231 MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
232
233 /* All remaining >= 128-bit suites */
234 MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
235 MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
236 MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
237
238 /* The RSA PSK suites */
239 MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
240 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384,
241 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
242 MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
243 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384,
244 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384,
245 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
246 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
247
248 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
249 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
250 MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
251 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256,
252 MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256,
253 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
254 MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
255
256 MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
257
258 /* The PSK suites */
259 MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
260 MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
261 MBEDTLS_TLS_PSK_WITH_AES_256_CCM,
262 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384,
263 MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA,
264 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384,
265 MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384,
266 MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8,
267 MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
268 MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
269
270 MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
271 MBEDTLS_TLS_PSK_WITH_AES_128_CCM,
272 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256,
273 MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA,
274 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256,
275 MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256,
276 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8,
277 MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
278 MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
279
280 MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
281
282 /* RC4 suites */
283 MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
284 MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA,
285 MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA,
286 MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA,
287 MBEDTLS_TLS_RSA_WITH_RC4_128_SHA,
288 MBEDTLS_TLS_RSA_WITH_RC4_128_MD5,
289 MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA,
290 MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
291 MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA,
292 MBEDTLS_TLS_PSK_WITH_RC4_128_SHA,
293
294 /* Weak suites */
295 MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA,
296 MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA,
297
298 /* NULL suites */
299 MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA,
300 MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA,
301 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384,
302 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256,
303 MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA,
304 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384,
305 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256,
306 MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA,
307
308 MBEDTLS_TLS_RSA_WITH_NULL_SHA256,
309 MBEDTLS_TLS_RSA_WITH_NULL_SHA,
310 MBEDTLS_TLS_RSA_WITH_NULL_MD5,
311 MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA,
312 MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA,
313 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384,
314 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256,
315 MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA,
316 MBEDTLS_TLS_PSK_WITH_NULL_SHA384,
317 MBEDTLS_TLS_PSK_WITH_NULL_SHA256,
318 MBEDTLS_TLS_PSK_WITH_NULL_SHA,
319
320 #endif /* MBEDTLS_SSL_CIPHERSUITES */
321 0
322 };
323
324 static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
325 {
326 #if defined(MBEDTLS_CHACHAPOLY_C) && \
327 defined(MBEDTLS_SHA256_C) && \
328 defined(MBEDTLS_SSL_PROTO_TLS1_2)
329 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
330 { MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
331 "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
332 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
333 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
334 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
335 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
336 0 },
337 #endif
338 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
339 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
340 "TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256",
341 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
342 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
343 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
344 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
345 0 },
346 #endif
347 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
348 { MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
349 "TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256",
350 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
351 MBEDTLS_KEY_EXCHANGE_DHE_RSA,
352 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
353 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
354 0 },
355 #endif
356 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
357 { MBEDTLS_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256,
358 "TLS-PSK-WITH-CHACHA20-POLY1305-SHA256",
359 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
360 MBEDTLS_KEY_EXCHANGE_PSK,
361 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
362 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
363 0 },
364 #endif
365 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
366 { MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
367 "TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
368 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
369 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
370 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
371 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
372 0 },
373 #endif
374 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
375 { MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
376 "TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256",
377 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
378 MBEDTLS_KEY_EXCHANGE_DHE_PSK,
379 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
380 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
381 0 },
382 #endif
383 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
384 { MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
385 "TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256",
386 MBEDTLS_CIPHER_CHACHA20_POLY1305, MBEDTLS_MD_SHA256,
387 MBEDTLS_KEY_EXCHANGE_RSA_PSK,
388 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
389 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
390 0 },
391 #endif
392 #endif /* MBEDTLS_CHACHAPOLY_C &&
393 MBEDTLS_SHA256_C &&
394 MBEDTLS_SSL_PROTO_TLS1_2 */
395 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
396 #if defined(MBEDTLS_AES_C)
397 #if defined(MBEDTLS_SHA1_C)
398 #if defined(MBEDTLS_CIPHER_MODE_CBC)
399 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
400 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
401 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
402 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
403 0 },
404 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
405 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
406 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
407 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
408 0 },
409 #endif /* MBEDTLS_CIPHER_MODE_CBC */
410 #endif /* MBEDTLS_SHA1_C */
411 #if defined(MBEDTLS_SHA256_C)
412 #if defined(MBEDTLS_CIPHER_MODE_CBC)
413 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
414 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
415 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
416 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
417 0 },
418 #endif /* MBEDTLS_CIPHER_MODE_CBC */
419 #if defined(MBEDTLS_GCM_C)
420 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
421 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
422 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
423 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
424 0 },
425 #endif /* MBEDTLS_GCM_C */
426 #endif /* MBEDTLS_SHA256_C */
427 #if defined(MBEDTLS_SHA512_C)
428 #if defined(MBEDTLS_CIPHER_MODE_CBC)
429 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
430 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
431 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
432 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
433 0 },
434 #endif /* MBEDTLS_CIPHER_MODE_CBC */
435 #if defined(MBEDTLS_GCM_C)
436 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
437 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
438 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
439 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
440 0 },
441 #endif /* MBEDTLS_GCM_C */
442 #endif /* MBEDTLS_SHA512_C */
443 #if defined(MBEDTLS_CCM_C)
444 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM",
445 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
446 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
447 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
448 0 },
449 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8",
450 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
451 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
452 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
453 MBEDTLS_CIPHERSUITE_SHORT_TAG },
454 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM",
455 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
456 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
457 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
458 0 },
459 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8",
460 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
461 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
462 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
463 MBEDTLS_CIPHERSUITE_SHORT_TAG },
464 #endif /* MBEDTLS_CCM_C */
465 #endif /* MBEDTLS_AES_C */
466
467 #if defined(MBEDTLS_CAMELLIA_C)
468 #if defined(MBEDTLS_CIPHER_MODE_CBC)
469 #if defined(MBEDTLS_SHA256_C)
470 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
471 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
472 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
473 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
474 0 },
475 #endif /* MBEDTLS_SHA256_C */
476 #if defined(MBEDTLS_SHA512_C)
477 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
478 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
479 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
480 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
481 0 },
482 #endif /* MBEDTLS_SHA512_C */
483 #endif /* MBEDTLS_CIPHER_MODE_CBC */
484
485 #if defined(MBEDTLS_GCM_C)
486 #if defined(MBEDTLS_SHA256_C)
487 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
488 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
489 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
490 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
491 0 },
492 #endif /* MBEDTLS_SHA256_C */
493 #if defined(MBEDTLS_SHA512_C)
494 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
495 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
496 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
497 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
498 0 },
499 #endif /* MBEDTLS_SHA512_C */
500 #endif /* MBEDTLS_GCM_C */
501 #endif /* MBEDTLS_CAMELLIA_C */
502
503 #if defined(MBEDTLS_DES_C)
504 #if defined(MBEDTLS_CIPHER_MODE_CBC)
505 #if defined(MBEDTLS_SHA1_C)
506 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
507 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
508 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
509 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
510 0 },
511 #endif /* MBEDTLS_SHA1_C */
512 #endif /* MBEDTLS_CIPHER_MODE_CBC */
513 #endif /* MBEDTLS_DES_C */
514
515 #if defined(MBEDTLS_ARC4_C)
516 #if defined(MBEDTLS_SHA1_C)
517 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
518 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
519 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
520 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
521 MBEDTLS_CIPHERSUITE_NODTLS },
522 #endif /* MBEDTLS_SHA1_C */
523 #endif /* MBEDTLS_ARC4_C */
524
525 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
526 #if defined(MBEDTLS_SHA1_C)
527 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
528 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
529 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
530 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
531 MBEDTLS_CIPHERSUITE_WEAK },
532 #endif /* MBEDTLS_SHA1_C */
533 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
534 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
535
536 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
537 #if defined(MBEDTLS_AES_C)
538 #if defined(MBEDTLS_SHA1_C)
539 #if defined(MBEDTLS_CIPHER_MODE_CBC)
540 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
541 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
542 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
543 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
544 0 },
545 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA",
546 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
547 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
548 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
549 0 },
550 #endif /* MBEDTLS_CIPHER_MODE_CBC */
551 #endif /* MBEDTLS_SHA1_C */
552 #if defined(MBEDTLS_SHA256_C)
553 #if defined(MBEDTLS_CIPHER_MODE_CBC)
554 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256",
555 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
556 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
557 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
558 0 },
559 #endif /* MBEDTLS_CIPHER_MODE_CBC */
560 #if defined(MBEDTLS_GCM_C)
561 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
562 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
563 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
564 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
565 0 },
566 #endif /* MBEDTLS_GCM_C */
567 #endif /* MBEDTLS_SHA256_C */
568 #if defined(MBEDTLS_SHA512_C)
569 #if defined(MBEDTLS_CIPHER_MODE_CBC)
570 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384",
571 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
572 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
573 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
574 0 },
575 #endif /* MBEDTLS_CIPHER_MODE_CBC */
576 #if defined(MBEDTLS_GCM_C)
577 { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384",
578 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
579 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
580 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
581 0 },
582 #endif /* MBEDTLS_GCM_C */
583 #endif /* MBEDTLS_SHA512_C */
584 #endif /* MBEDTLS_AES_C */
585
586 #if defined(MBEDTLS_CAMELLIA_C)
587 #if defined(MBEDTLS_CIPHER_MODE_CBC)
588 #if defined(MBEDTLS_SHA256_C)
589 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
590 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
591 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
592 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
593 0 },
594 #endif /* MBEDTLS_SHA256_C */
595 #if defined(MBEDTLS_SHA512_C)
596 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384",
597 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
598 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
599 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
600 0 },
601 #endif /* MBEDTLS_SHA512_C */
602 #endif /* MBEDTLS_CIPHER_MODE_CBC */
603
604 #if defined(MBEDTLS_GCM_C)
605 #if defined(MBEDTLS_SHA256_C)
606 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
607 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
608 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
609 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
610 0 },
611 #endif /* MBEDTLS_SHA256_C */
612 #if defined(MBEDTLS_SHA512_C)
613 { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
614 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
615 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
616 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
617 0 },
618 #endif /* MBEDTLS_SHA512_C */
619 #endif /* MBEDTLS_GCM_C */
620 #endif /* MBEDTLS_CAMELLIA_C */
621
622 #if defined(MBEDTLS_DES_C)
623 #if defined(MBEDTLS_CIPHER_MODE_CBC)
624 #if defined(MBEDTLS_SHA1_C)
625 { MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA",
626 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
627 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
628 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
629 0 },
630 #endif /* MBEDTLS_SHA1_C */
631 #endif /* MBEDTLS_CIPHER_MODE_CBC */
632 #endif /* MBEDTLS_DES_C */
633
634 #if defined(MBEDTLS_ARC4_C)
635 #if defined(MBEDTLS_SHA1_C)
636 { MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA",
637 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
638 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
639 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
640 MBEDTLS_CIPHERSUITE_NODTLS },
641 #endif /* MBEDTLS_SHA1_C */
642 #endif /* MBEDTLS_ARC4_C */
643
644 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
645 #if defined(MBEDTLS_SHA1_C)
646 { MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA",
647 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
648 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
649 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
650 MBEDTLS_CIPHERSUITE_WEAK },
651 #endif /* MBEDTLS_SHA1_C */
652 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
653 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
654
655 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
656 #if defined(MBEDTLS_AES_C)
657 #if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
658 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384",
659 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
660 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
661 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
662 0 },
663 #endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
664
665 #if defined(MBEDTLS_SHA256_C)
666 #if defined(MBEDTLS_GCM_C)
667 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256",
668 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
669 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
670 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
671 0 },
672 #endif /* MBEDTLS_GCM_C */
673
674 #if defined(MBEDTLS_CIPHER_MODE_CBC)
675 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256",
676 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
677 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
678 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
679 0 },
680
681 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256",
682 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
683 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
684 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
685 0 },
686 #endif /* MBEDTLS_CIPHER_MODE_CBC */
687 #endif /* MBEDTLS_SHA256_C */
688
689 #if defined(MBEDTLS_CIPHER_MODE_CBC)
690 #if defined(MBEDTLS_SHA1_C)
691 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
692 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
693 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
694 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
695 0 },
696
697 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA",
698 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
699 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
700 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
701 0 },
702 #endif /* MBEDTLS_SHA1_C */
703 #endif /* MBEDTLS_CIPHER_MODE_CBC */
704 #if defined(MBEDTLS_CCM_C)
705 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM, "TLS-DHE-RSA-WITH-AES-256-CCM",
706 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
707 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
708 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
709 0 },
710 { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8, "TLS-DHE-RSA-WITH-AES-256-CCM-8",
711 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
712 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
713 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
714 MBEDTLS_CIPHERSUITE_SHORT_TAG },
715 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM, "TLS-DHE-RSA-WITH-AES-128-CCM",
716 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
717 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
718 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
719 0 },
720 { MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8, "TLS-DHE-RSA-WITH-AES-128-CCM-8",
721 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
722 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
723 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
724 MBEDTLS_CIPHERSUITE_SHORT_TAG },
725 #endif /* MBEDTLS_CCM_C */
726 #endif /* MBEDTLS_AES_C */
727
728 #if defined(MBEDTLS_CAMELLIA_C)
729 #if defined(MBEDTLS_CIPHER_MODE_CBC)
730 #if defined(MBEDTLS_SHA256_C)
731 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256",
732 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
733 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
734 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
735 0 },
736
737 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256",
738 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
739 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
740 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
741 0 },
742 #endif /* MBEDTLS_SHA256_C */
743
744 #if defined(MBEDTLS_SHA1_C)
745 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA",
746 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
747 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
748 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
749 0 },
750
751 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA",
752 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
753 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
754 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
755 0 },
756 #endif /* MBEDTLS_SHA1_C */
757 #endif /* MBEDTLS_CIPHER_MODE_CBC */
758 #if defined(MBEDTLS_GCM_C)
759 #if defined(MBEDTLS_SHA256_C)
760 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256",
761 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
762 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
763 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
764 0 },
765 #endif /* MBEDTLS_SHA256_C */
766
767 #if defined(MBEDTLS_SHA512_C)
768 { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384",
769 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
770 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
771 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
772 0 },
773 #endif /* MBEDTLS_SHA512_C */
774 #endif /* MBEDTLS_GCM_C */
775 #endif /* MBEDTLS_CAMELLIA_C */
776
777 #if defined(MBEDTLS_DES_C)
778 #if defined(MBEDTLS_CIPHER_MODE_CBC)
779 #if defined(MBEDTLS_SHA1_C)
780 { MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA",
781 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
782 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
783 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
784 0 },
785 #endif /* MBEDTLS_SHA1_C */
786 #endif /* MBEDTLS_CIPHER_MODE_CBC */
787 #endif /* MBEDTLS_DES_C */
788 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
789
790 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
791 #if defined(MBEDTLS_AES_C)
792 #if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C)
793 { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384",
794 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
795 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
796 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
797 0 },
798 #endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */
799
800 #if defined(MBEDTLS_SHA256_C)
801 #if defined(MBEDTLS_GCM_C)
802 { MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS-RSA-WITH-AES-128-GCM-SHA256",
803 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
804 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
805 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
806 0 },
807 #endif /* MBEDTLS_GCM_C */
808
809 #if defined(MBEDTLS_CIPHER_MODE_CBC)
810 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS-RSA-WITH-AES-128-CBC-SHA256",
811 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
812 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
813 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
814 0 },
815
816 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, "TLS-RSA-WITH-AES-256-CBC-SHA256",
817 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
818 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
819 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
820 0 },
821 #endif /* MBEDTLS_CIPHER_MODE_CBC */
822 #endif /* MBEDTLS_SHA256_C */
823
824 #if defined(MBEDTLS_SHA1_C)
825 #if defined(MBEDTLS_CIPHER_MODE_CBC)
826 { MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA",
827 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
828 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
829 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
830 0 },
831
832 { MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, "TLS-RSA-WITH-AES-256-CBC-SHA",
833 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
834 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
835 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
836 0 },
837 #endif /* MBEDTLS_CIPHER_MODE_CBC */
838 #endif /* MBEDTLS_SHA1_C */
839 #if defined(MBEDTLS_CCM_C)
840 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM, "TLS-RSA-WITH-AES-256-CCM",
841 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
842 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
843 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
844 0 },
845 { MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8, "TLS-RSA-WITH-AES-256-CCM-8",
846 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
847 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
848 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
849 MBEDTLS_CIPHERSUITE_SHORT_TAG },
850 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM, "TLS-RSA-WITH-AES-128-CCM",
851 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
852 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
853 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
854 0 },
855 { MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8, "TLS-RSA-WITH-AES-128-CCM-8",
856 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
857 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
858 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
859 MBEDTLS_CIPHERSUITE_SHORT_TAG },
860 #endif /* MBEDTLS_CCM_C */
861 #endif /* MBEDTLS_AES_C */
862
863 #if defined(MBEDTLS_CAMELLIA_C)
864 #if defined(MBEDTLS_CIPHER_MODE_CBC)
865 #if defined(MBEDTLS_SHA256_C)
866 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256",
867 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
868 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
869 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
870 0 },
871
872 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256",
873 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
874 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
875 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
876 0 },
877 #endif /* MBEDTLS_SHA256_C */
878
879 #if defined(MBEDTLS_SHA1_C)
880 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA",
881 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
882 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
883 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
884 0 },
885
886 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA",
887 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
888 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
889 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
890 0 },
891 #endif /* MBEDTLS_SHA1_C */
892 #endif /* MBEDTLS_CIPHER_MODE_CBC */
893
894 #if defined(MBEDTLS_GCM_C)
895 #if defined(MBEDTLS_SHA256_C)
896 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256",
897 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
898 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
899 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
900 0 },
901 #endif /* MBEDTLS_SHA256_C */
902
903 #if defined(MBEDTLS_SHA1_C)
904 { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384",
905 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
906 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
907 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
908 0 },
909 #endif /* MBEDTLS_SHA1_C */
910 #endif /* MBEDTLS_GCM_C */
911 #endif /* MBEDTLS_CAMELLIA_C */
912
913 #if defined(MBEDTLS_DES_C)
914 #if defined(MBEDTLS_CIPHER_MODE_CBC)
915 #if defined(MBEDTLS_SHA1_C)
916 { MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA",
917 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
918 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
919 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
920 0 },
921 #endif /* MBEDTLS_SHA1_C */
922 #endif /* MBEDTLS_CIPHER_MODE_CBC */
923 #endif /* MBEDTLS_DES_C */
924
925 #if defined(MBEDTLS_ARC4_C)
926 #if defined(MBEDTLS_MD5_C)
927 { MBEDTLS_TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5",
928 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
929 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
930 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
931 MBEDTLS_CIPHERSUITE_NODTLS },
932 #endif
933
934 #if defined(MBEDTLS_SHA1_C)
935 { MBEDTLS_TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA",
936 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
937 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
938 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
939 MBEDTLS_CIPHERSUITE_NODTLS },
940 #endif
941 #endif /* MBEDTLS_ARC4_C */
942 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
943
944 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
945 #if defined(MBEDTLS_AES_C)
946 #if defined(MBEDTLS_SHA1_C)
947 #if defined(MBEDTLS_CIPHER_MODE_CBC)
948 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA",
949 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
950 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
951 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
952 0 },
953 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA",
954 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
955 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
956 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
957 0 },
958 #endif /* MBEDTLS_CIPHER_MODE_CBC */
959 #endif /* MBEDTLS_SHA1_C */
960 #if defined(MBEDTLS_SHA256_C)
961 #if defined(MBEDTLS_CIPHER_MODE_CBC)
962 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256",
963 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
964 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
965 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
966 0 },
967 #endif /* MBEDTLS_CIPHER_MODE_CBC */
968 #if defined(MBEDTLS_GCM_C)
969 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256",
970 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
971 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
972 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
973 0 },
974 #endif /* MBEDTLS_GCM_C */
975 #endif /* MBEDTLS_SHA256_C */
976 #if defined(MBEDTLS_SHA512_C)
977 #if defined(MBEDTLS_CIPHER_MODE_CBC)
978 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384",
979 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
980 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
981 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
982 0 },
983 #endif /* MBEDTLS_CIPHER_MODE_CBC */
984 #if defined(MBEDTLS_GCM_C)
985 { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384",
986 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
987 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
988 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
989 0 },
990 #endif /* MBEDTLS_GCM_C */
991 #endif /* MBEDTLS_SHA512_C */
992 #endif /* MBEDTLS_AES_C */
993
994 #if defined(MBEDTLS_CAMELLIA_C)
995 #if defined(MBEDTLS_CIPHER_MODE_CBC)
996 #if defined(MBEDTLS_SHA256_C)
997 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256",
998 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
999 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1000 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1001 0 },
1002 #endif /* MBEDTLS_SHA256_C */
1003 #if defined(MBEDTLS_SHA512_C)
1004 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384",
1005 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1006 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1007 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1008 0 },
1009 #endif /* MBEDTLS_SHA512_C */
1010 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1011
1012 #if defined(MBEDTLS_GCM_C)
1013 #if defined(MBEDTLS_SHA256_C)
1014 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256",
1015 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1016 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1017 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1018 0 },
1019 #endif /* MBEDTLS_SHA256_C */
1020 #if defined(MBEDTLS_SHA512_C)
1021 { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384",
1022 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1023 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1024 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1025 0 },
1026 #endif /* MBEDTLS_SHA512_C */
1027 #endif /* MBEDTLS_GCM_C */
1028 #endif /* MBEDTLS_CAMELLIA_C */
1029
1030 #if defined(MBEDTLS_DES_C)
1031 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1032 #if defined(MBEDTLS_SHA1_C)
1033 { MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-RSA-WITH-3DES-EDE-CBC-SHA",
1034 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1035 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1036 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1037 0 },
1038 #endif /* MBEDTLS_SHA1_C */
1039 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1040 #endif /* MBEDTLS_DES_C */
1041
1042 #if defined(MBEDTLS_ARC4_C)
1043 #if defined(MBEDTLS_SHA1_C)
1044 { MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA, "TLS-ECDH-RSA-WITH-RC4-128-SHA",
1045 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1046 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1047 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1048 MBEDTLS_CIPHERSUITE_NODTLS },
1049 #endif /* MBEDTLS_SHA1_C */
1050 #endif /* MBEDTLS_ARC4_C */
1051
1052 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1053 #if defined(MBEDTLS_SHA1_C)
1054 { MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA, "TLS-ECDH-RSA-WITH-NULL-SHA",
1055 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1056 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1057 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1058 MBEDTLS_CIPHERSUITE_WEAK },
1059 #endif /* MBEDTLS_SHA1_C */
1060 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1061 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
1062
1063 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
1064 #if defined(MBEDTLS_AES_C)
1065 #if defined(MBEDTLS_SHA1_C)
1066 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1067 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA",
1068 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1069 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1070 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1071 0 },
1072 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA",
1073 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1074 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1075 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1076 0 },
1077 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1078 #endif /* MBEDTLS_SHA1_C */
1079 #if defined(MBEDTLS_SHA256_C)
1080 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1081 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256",
1082 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1083 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1084 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1085 0 },
1086 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1087 #if defined(MBEDTLS_GCM_C)
1088 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256",
1089 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1090 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1091 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1092 0 },
1093 #endif /* MBEDTLS_GCM_C */
1094 #endif /* MBEDTLS_SHA256_C */
1095 #if defined(MBEDTLS_SHA512_C)
1096 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1097 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384",
1098 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1099 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1100 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1101 0 },
1102 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1103 #if defined(MBEDTLS_GCM_C)
1104 { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384",
1105 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1106 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1107 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1108 0 },
1109 #endif /* MBEDTLS_GCM_C */
1110 #endif /* MBEDTLS_SHA512_C */
1111 #endif /* MBEDTLS_AES_C */
1112
1113 #if defined(MBEDTLS_CAMELLIA_C)
1114 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1115 #if defined(MBEDTLS_SHA256_C)
1116 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
1117 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1118 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1119 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1120 0 },
1121 #endif /* MBEDTLS_SHA256_C */
1122 #if defined(MBEDTLS_SHA512_C)
1123 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
1124 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1125 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1126 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1127 0 },
1128 #endif /* MBEDTLS_SHA512_C */
1129 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1130
1131 #if defined(MBEDTLS_GCM_C)
1132 #if defined(MBEDTLS_SHA256_C)
1133 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256",
1134 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1135 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1136 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1137 0 },
1138 #endif /* MBEDTLS_SHA256_C */
1139 #if defined(MBEDTLS_SHA512_C)
1140 { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384",
1141 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1142 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1143 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1144 0 },
1145 #endif /* MBEDTLS_SHA512_C */
1146 #endif /* MBEDTLS_GCM_C */
1147 #endif /* MBEDTLS_CAMELLIA_C */
1148
1149 #if defined(MBEDTLS_DES_C)
1150 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1151 #if defined(MBEDTLS_SHA1_C)
1152 { MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA",
1153 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1154 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1155 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1156 0 },
1157 #endif /* MBEDTLS_SHA1_C */
1158 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1159 #endif /* MBEDTLS_DES_C */
1160
1161 #if defined(MBEDTLS_ARC4_C)
1162 #if defined(MBEDTLS_SHA1_C)
1163 { MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA, "TLS-ECDH-ECDSA-WITH-RC4-128-SHA",
1164 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1165 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1166 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1167 MBEDTLS_CIPHERSUITE_NODTLS },
1168 #endif /* MBEDTLS_SHA1_C */
1169 #endif /* MBEDTLS_ARC4_C */
1170
1171 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1172 #if defined(MBEDTLS_SHA1_C)
1173 { MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA, "TLS-ECDH-ECDSA-WITH-NULL-SHA",
1174 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
1175 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1176 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1177 MBEDTLS_CIPHERSUITE_WEAK },
1178 #endif /* MBEDTLS_SHA1_C */
1179 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1180 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
1181
1182 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1183 #if defined(MBEDTLS_AES_C)
1184 #if defined(MBEDTLS_GCM_C)
1185 #if defined(MBEDTLS_SHA256_C)
1186 { MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256, "TLS-PSK-WITH-AES-128-GCM-SHA256",
1187 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1188 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1189 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1190 0 },
1191 #endif /* MBEDTLS_SHA256_C */
1192
1193 #if defined(MBEDTLS_SHA512_C)
1194 { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384",
1195 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1196 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1197 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1198 0 },
1199 #endif /* MBEDTLS_SHA512_C */
1200 #endif /* MBEDTLS_GCM_C */
1201
1202 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1203 #if defined(MBEDTLS_SHA256_C)
1204 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, "TLS-PSK-WITH-AES-128-CBC-SHA256",
1205 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1206 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1207 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1208 0 },
1209 #endif /* MBEDTLS_SHA256_C */
1210
1211 #if defined(MBEDTLS_SHA512_C)
1212 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384",
1213 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1214 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1215 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1216 0 },
1217 #endif /* MBEDTLS_SHA512_C */
1218
1219 #if defined(MBEDTLS_SHA1_C)
1220 { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA",
1221 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1222 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1223 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1224 0 },
1225
1226 { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA, "TLS-PSK-WITH-AES-256-CBC-SHA",
1227 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1228 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1229 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1230 0 },
1231 #endif /* MBEDTLS_SHA1_C */
1232 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1233 #if defined(MBEDTLS_CCM_C)
1234 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM, "TLS-PSK-WITH-AES-256-CCM",
1235 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1236 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1237 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1238 0 },
1239 { MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, "TLS-PSK-WITH-AES-256-CCM-8",
1240 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1241 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1242 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1243 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1244 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM, "TLS-PSK-WITH-AES-128-CCM",
1245 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1246 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1247 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1248 0 },
1249 { MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, "TLS-PSK-WITH-AES-128-CCM-8",
1250 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1251 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1252 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1253 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1254 #endif /* MBEDTLS_CCM_C */
1255 #endif /* MBEDTLS_AES_C */
1256
1257 #if defined(MBEDTLS_CAMELLIA_C)
1258 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1259 #if defined(MBEDTLS_SHA256_C)
1260 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1261 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1262 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1263 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1264 0 },
1265 #endif /* MBEDTLS_SHA256_C */
1266
1267 #if defined(MBEDTLS_SHA512_C)
1268 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1269 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1270 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1271 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1272 0 },
1273 #endif /* MBEDTLS_SHA512_C */
1274 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1275
1276 #if defined(MBEDTLS_GCM_C)
1277 #if defined(MBEDTLS_SHA256_C)
1278 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1279 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1280 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1281 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1282 0 },
1283 #endif /* MBEDTLS_SHA256_C */
1284
1285 #if defined(MBEDTLS_SHA512_C)
1286 { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1287 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1288 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1289 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1290 0 },
1291 #endif /* MBEDTLS_SHA512_C */
1292 #endif /* MBEDTLS_GCM_C */
1293 #endif /* MBEDTLS_CAMELLIA_C */
1294
1295 #if defined(MBEDTLS_DES_C)
1296 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1297 #if defined(MBEDTLS_SHA1_C)
1298 { MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA",
1299 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1300 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1301 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1302 0 },
1303 #endif /* MBEDTLS_SHA1_C */
1304 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1305 #endif /* MBEDTLS_DES_C */
1306
1307 #if defined(MBEDTLS_ARC4_C)
1308 #if defined(MBEDTLS_SHA1_C)
1309 { MBEDTLS_TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA",
1310 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1311 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1312 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1313 MBEDTLS_CIPHERSUITE_NODTLS },
1314 #endif /* MBEDTLS_SHA1_C */
1315 #endif /* MBEDTLS_ARC4_C */
1316 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1317
1318 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1319 #if defined(MBEDTLS_AES_C)
1320 #if defined(MBEDTLS_GCM_C)
1321 #if defined(MBEDTLS_SHA256_C)
1322 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, "TLS-DHE-PSK-WITH-AES-128-GCM-SHA256",
1323 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1324 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1325 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1326 0 },
1327 #endif /* MBEDTLS_SHA256_C */
1328
1329 #if defined(MBEDTLS_SHA512_C)
1330 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384",
1331 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1332 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1333 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1334 0 },
1335 #endif /* MBEDTLS_SHA512_C */
1336 #endif /* MBEDTLS_GCM_C */
1337
1338 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1339 #if defined(MBEDTLS_SHA256_C)
1340 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA256",
1341 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1342 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1343 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1344 0 },
1345 #endif /* MBEDTLS_SHA256_C */
1346
1347 #if defined(MBEDTLS_SHA512_C)
1348 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384",
1349 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1350 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1351 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1352 0 },
1353 #endif /* MBEDTLS_SHA512_C */
1354
1355 #if defined(MBEDTLS_SHA1_C)
1356 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA",
1357 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1358 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1359 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1360 0 },
1361
1362 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA",
1363 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1364 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1365 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1366 0 },
1367 #endif /* MBEDTLS_SHA1_C */
1368 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1369 #if defined(MBEDTLS_CCM_C)
1370 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM, "TLS-DHE-PSK-WITH-AES-256-CCM",
1371 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1372 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1373 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1374 0 },
1375 { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8, "TLS-DHE-PSK-WITH-AES-256-CCM-8",
1376 MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1377 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1378 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1379 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1380 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM, "TLS-DHE-PSK-WITH-AES-128-CCM",
1381 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1382 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1383 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1384 0 },
1385 { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8, "TLS-DHE-PSK-WITH-AES-128-CCM-8",
1386 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1387 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1388 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1389 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1390 #endif /* MBEDTLS_CCM_C */
1391 #endif /* MBEDTLS_AES_C */
1392
1393 #if defined(MBEDTLS_CAMELLIA_C)
1394 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1395 #if defined(MBEDTLS_SHA256_C)
1396 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1397 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1398 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1399 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1400 0 },
1401 #endif /* MBEDTLS_SHA256_C */
1402
1403 #if defined(MBEDTLS_SHA512_C)
1404 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1405 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1406 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1407 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1408 0 },
1409 #endif /* MBEDTLS_SHA512_C */
1410 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1411
1412 #if defined(MBEDTLS_GCM_C)
1413 #if defined(MBEDTLS_SHA256_C)
1414 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1415 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1416 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1417 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1418 0 },
1419 #endif /* MBEDTLS_SHA256_C */
1420
1421 #if defined(MBEDTLS_SHA512_C)
1422 { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1423 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1424 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1425 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1426 0 },
1427 #endif /* MBEDTLS_SHA512_C */
1428 #endif /* MBEDTLS_GCM_C */
1429 #endif /* MBEDTLS_CAMELLIA_C */
1430
1431 #if defined(MBEDTLS_DES_C)
1432 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1433 #if defined(MBEDTLS_SHA1_C)
1434 { MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA",
1435 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1436 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1437 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1438 0 },
1439 #endif /* MBEDTLS_SHA1_C */
1440 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1441 #endif /* MBEDTLS_DES_C */
1442
1443 #if defined(MBEDTLS_ARC4_C)
1444 #if defined(MBEDTLS_SHA1_C)
1445 { MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA",
1446 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1447 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1448 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1449 MBEDTLS_CIPHERSUITE_NODTLS },
1450 #endif /* MBEDTLS_SHA1_C */
1451 #endif /* MBEDTLS_ARC4_C */
1452 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1453
1454 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1455 #if defined(MBEDTLS_AES_C)
1456
1457 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1458 #if defined(MBEDTLS_SHA256_C)
1459 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256",
1460 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1461 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1462 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1463 0 },
1464 #endif /* MBEDTLS_SHA256_C */
1465
1466 #if defined(MBEDTLS_SHA512_C)
1467 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384",
1468 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1469 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1470 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1471 0 },
1472 #endif /* MBEDTLS_SHA512_C */
1473
1474 #if defined(MBEDTLS_SHA1_C)
1475 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA",
1476 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1477 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1478 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1479 0 },
1480
1481 { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA",
1482 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1483 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1484 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1485 0 },
1486 #endif /* MBEDTLS_SHA1_C */
1487 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1488 #endif /* MBEDTLS_AES_C */
1489
1490 #if defined(MBEDTLS_CAMELLIA_C)
1491 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1492 #if defined(MBEDTLS_SHA256_C)
1493 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1494 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1495 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1496 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1497 0 },
1498 #endif /* MBEDTLS_SHA256_C */
1499
1500 #if defined(MBEDTLS_SHA512_C)
1501 { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1502 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1503 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1504 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1505 0 },
1506 #endif /* MBEDTLS_SHA512_C */
1507 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1508 #endif /* MBEDTLS_CAMELLIA_C */
1509
1510 #if defined(MBEDTLS_DES_C)
1511 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1512 #if defined(MBEDTLS_SHA1_C)
1513 { MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA",
1514 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1515 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1516 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1517 0 },
1518 #endif /* MBEDTLS_SHA1_C */
1519 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1520 #endif /* MBEDTLS_DES_C */
1521
1522 #if defined(MBEDTLS_ARC4_C)
1523 #if defined(MBEDTLS_SHA1_C)
1524 { MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA",
1525 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1526 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1527 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1528 MBEDTLS_CIPHERSUITE_NODTLS },
1529 #endif /* MBEDTLS_SHA1_C */
1530 #endif /* MBEDTLS_ARC4_C */
1531 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1532
1533 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1534 #if defined(MBEDTLS_AES_C)
1535 #if defined(MBEDTLS_GCM_C)
1536 #if defined(MBEDTLS_SHA256_C)
1537 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256, "TLS-RSA-PSK-WITH-AES-128-GCM-SHA256",
1538 MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1539 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1540 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1541 0 },
1542 #endif /* MBEDTLS_SHA256_C */
1543
1544 #if defined(MBEDTLS_SHA512_C)
1545 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384",
1546 MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1547 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1548 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1549 0 },
1550 #endif /* MBEDTLS_SHA512_C */
1551 #endif /* MBEDTLS_GCM_C */
1552
1553 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1554 #if defined(MBEDTLS_SHA256_C)
1555 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256",
1556 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1557 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1558 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1559 0 },
1560 #endif /* MBEDTLS_SHA256_C */
1561
1562 #if defined(MBEDTLS_SHA512_C)
1563 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384",
1564 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1565 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1566 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1567 0 },
1568 #endif /* MBEDTLS_SHA512_C */
1569
1570 #if defined(MBEDTLS_SHA1_C)
1571 { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA",
1572 MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1573 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1574 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1575 0 },
1576
1577 { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA",
1578 MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1579 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1580 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1581 0 },
1582 #endif /* MBEDTLS_SHA1_C */
1583 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1584 #endif /* MBEDTLS_AES_C */
1585
1586 #if defined(MBEDTLS_CAMELLIA_C)
1587 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1588 #if defined(MBEDTLS_SHA256_C)
1589 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256",
1590 MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1591 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1592 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1593 0 },
1594 #endif /* MBEDTLS_SHA256_C */
1595
1596 #if defined(MBEDTLS_SHA512_C)
1597 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384",
1598 MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1599 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1600 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1601 0 },
1602 #endif /* MBEDTLS_SHA512_C */
1603 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1604
1605 #if defined(MBEDTLS_GCM_C)
1606 #if defined(MBEDTLS_SHA256_C)
1607 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256, "TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256",
1608 MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1609 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1610 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1611 0 },
1612 #endif /* MBEDTLS_SHA256_C */
1613
1614 #if defined(MBEDTLS_SHA512_C)
1615 { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384",
1616 MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1617 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1618 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1619 0 },
1620 #endif /* MBEDTLS_SHA512_C */
1621 #endif /* MBEDTLS_GCM_C */
1622 #endif /* MBEDTLS_CAMELLIA_C */
1623
1624 #if defined(MBEDTLS_DES_C)
1625 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1626 #if defined(MBEDTLS_SHA1_C)
1627 { MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA",
1628 MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1629 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1630 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1631 0 },
1632 #endif /* MBEDTLS_SHA1_C */
1633 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1634 #endif /* MBEDTLS_DES_C */
1635
1636 #if defined(MBEDTLS_ARC4_C)
1637 #if defined(MBEDTLS_SHA1_C)
1638 { MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA",
1639 MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1640 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1641 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1642 MBEDTLS_CIPHERSUITE_NODTLS },
1643 #endif /* MBEDTLS_SHA1_C */
1644 #endif /* MBEDTLS_ARC4_C */
1645 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1646
1647 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1648 #if defined(MBEDTLS_AES_C)
1649 #if defined(MBEDTLS_CCM_C)
1650 { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, "TLS-ECJPAKE-WITH-AES-128-CCM-8",
1651 MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECJPAKE,
1652 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1653 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1654 MBEDTLS_CIPHERSUITE_SHORT_TAG },
1655 #endif /* MBEDTLS_CCM_C */
1656 #endif /* MBEDTLS_AES_C */
1657 #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1658
1659 #if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES)
1660 #if defined(MBEDTLS_CIPHER_NULL_CIPHER)
1661 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1662 #if defined(MBEDTLS_MD5_C)
1663 { MBEDTLS_TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5",
1664 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_RSA,
1665 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1666 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1667 MBEDTLS_CIPHERSUITE_WEAK },
1668 #endif
1669
1670 #if defined(MBEDTLS_SHA1_C)
1671 { MBEDTLS_TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA",
1672 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
1673 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1674 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1675 MBEDTLS_CIPHERSUITE_WEAK },
1676 #endif
1677
1678 #if defined(MBEDTLS_SHA256_C)
1679 { MBEDTLS_TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256",
1680 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1681 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1682 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1683 MBEDTLS_CIPHERSUITE_WEAK },
1684 #endif
1685 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1686
1687 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1688 #if defined(MBEDTLS_SHA1_C)
1689 { MBEDTLS_TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA",
1690 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_PSK,
1691 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1692 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1693 MBEDTLS_CIPHERSUITE_WEAK },
1694 #endif /* MBEDTLS_SHA1_C */
1695
1696 #if defined(MBEDTLS_SHA256_C)
1697 { MBEDTLS_TLS_PSK_WITH_NULL_SHA256, "TLS-PSK-WITH-NULL-SHA256",
1698 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1699 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1700 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1701 MBEDTLS_CIPHERSUITE_WEAK },
1702 #endif
1703
1704 #if defined(MBEDTLS_SHA512_C)
1705 { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384",
1706 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1707 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1708 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1709 MBEDTLS_CIPHERSUITE_WEAK },
1710 #endif
1711 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1712
1713 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
1714 #if defined(MBEDTLS_SHA1_C)
1715 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA",
1716 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1717 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1718 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1719 MBEDTLS_CIPHERSUITE_WEAK },
1720 #endif /* MBEDTLS_SHA1_C */
1721
1722 #if defined(MBEDTLS_SHA256_C)
1723 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256, "TLS-DHE-PSK-WITH-NULL-SHA256",
1724 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1725 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1726 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1727 MBEDTLS_CIPHERSUITE_WEAK },
1728 #endif
1729
1730 #if defined(MBEDTLS_SHA512_C)
1731 { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384",
1732 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
1733 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1734 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1735 MBEDTLS_CIPHERSUITE_WEAK },
1736 #endif
1737 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
1738
1739 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
1740 #if defined(MBEDTLS_SHA1_C)
1741 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA",
1742 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1743 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1744 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1745 MBEDTLS_CIPHERSUITE_WEAK },
1746 #endif /* MBEDTLS_SHA1_C */
1747
1748 #if defined(MBEDTLS_SHA256_C)
1749 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256",
1750 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1751 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1752 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1753 MBEDTLS_CIPHERSUITE_WEAK },
1754 #endif
1755
1756 #if defined(MBEDTLS_SHA512_C)
1757 { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384",
1758 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
1759 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1760 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1761 MBEDTLS_CIPHERSUITE_WEAK },
1762 #endif
1763 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
1764
1765 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1766 #if defined(MBEDTLS_SHA1_C)
1767 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA",
1768 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1769 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1770 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1771 MBEDTLS_CIPHERSUITE_WEAK },
1772 #endif /* MBEDTLS_SHA1_C */
1773
1774 #if defined(MBEDTLS_SHA256_C)
1775 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-NULL-SHA256",
1776 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1777 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1778 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1779 MBEDTLS_CIPHERSUITE_WEAK },
1780 #endif
1781
1782 #if defined(MBEDTLS_SHA512_C)
1783 { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384",
1784 MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1785 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
1786 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1787 MBEDTLS_CIPHERSUITE_WEAK },
1788 #endif
1789 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1790 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
1791
1792 #if defined(MBEDTLS_DES_C)
1793 #if defined(MBEDTLS_CIPHER_MODE_CBC)
1794 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
1795 #if defined(MBEDTLS_SHA1_C)
1796 { MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA",
1797 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
1798 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1799 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1800 MBEDTLS_CIPHERSUITE_WEAK },
1801 #endif /* MBEDTLS_SHA1_C */
1802 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
1803
1804 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1805 #if defined(MBEDTLS_SHA1_C)
1806 { MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA",
1807 MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_RSA,
1808 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
1809 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1810 MBEDTLS_CIPHERSUITE_WEAK },
1811 #endif /* MBEDTLS_SHA1_C */
1812 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1813 #endif /* MBEDTLS_CIPHER_MODE_CBC */
1814 #endif /* MBEDTLS_DES_C */
1815 #endif /* MBEDTLS_ENABLE_WEAK_CIPHERSUITES */
1816
1817 #if defined(MBEDTLS_ARIA_C)
1818
1819 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
1820
1821 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1822 { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384,
1823 "TLS-RSA-WITH-ARIA-256-GCM-SHA384",
1824 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1825 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1826 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1827 0 },
1828 #endif
1829 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1830 { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384,
1831 "TLS-RSA-WITH-ARIA-256-CBC-SHA384",
1832 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA,
1833 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1834 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1835 0 },
1836 #endif
1837 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1838 { MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256,
1839 "TLS-RSA-WITH-ARIA-128-GCM-SHA256",
1840 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1841 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1842 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1843 0 },
1844 #endif
1845 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1846 { MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256,
1847 "TLS-RSA-WITH-ARIA-128-CBC-SHA256",
1848 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA,
1849 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1850 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1851 0 },
1852 #endif
1853
1854 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */
1855
1856 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
1857
1858 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1859 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384,
1860 "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384",
1861 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1862 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1863 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1864 0 },
1865 #endif
1866 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1867 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384,
1868 "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384",
1869 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1870 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1871 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1872 0 },
1873 #endif
1874 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1875 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256,
1876 "TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256",
1877 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1878 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1879 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1880 0 },
1881 #endif
1882 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1883 { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256,
1884 "TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256",
1885 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
1886 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1887 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1888 0 },
1889 #endif
1890
1891 #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
1892
1893 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
1894
1895 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1896 { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384,
1897 "TLS-PSK-WITH-ARIA-256-GCM-SHA384",
1898 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK,
1899 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1900 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1901 0 },
1902 #endif
1903 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1904 { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384,
1905 "TLS-PSK-WITH-ARIA-256-CBC-SHA384",
1906 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK,
1907 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1908 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1909 0 },
1910 #endif
1911 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1912 { MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256,
1913 "TLS-PSK-WITH-ARIA-128-GCM-SHA256",
1914 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1915 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1916 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1917 0 },
1918 #endif
1919 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1920 { MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256,
1921 "TLS-PSK-WITH-ARIA-128-CBC-SHA256",
1922 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_PSK,
1923 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1924 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1925 0 },
1926 #endif
1927
1928 #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
1929
1930 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)
1931
1932 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1933 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384,
1934 "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384",
1935 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1936 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1937 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1938 0 },
1939 #endif
1940 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1941 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384,
1942 "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384",
1943 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1944 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1945 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1946 0 },
1947 #endif
1948 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1949 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256,
1950 "TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256",
1951 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1952 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1953 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1954 0 },
1955 #endif
1956 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1957 { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256,
1958 "TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256",
1959 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
1960 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1961 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1962 0 },
1963 #endif
1964
1965 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */
1966
1967 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
1968
1969 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
1970 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,
1971 "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384",
1972 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1973 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1974 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1975 0 },
1976 #endif
1977 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
1978 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384,
1979 "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384",
1980 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1981 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1982 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1983 0 },
1984 #endif
1985 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
1986 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,
1987 "TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256",
1988 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1989 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1990 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1991 0 },
1992 #endif
1993 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
1994 { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256,
1995 "TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256",
1996 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
1997 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1998 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
1999 0 },
2000 #endif
2001
2002 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
2003
2004 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
2005
2006 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2007 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384,
2008 "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384",
2009 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
2010 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2011 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2012 0 },
2013 #endif
2014 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2015 { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256,
2016 "TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256",
2017 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
2018 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2019 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2020 0 },
2021 #endif
2022
2023 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
2024
2025 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
2026
2027 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
2028 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384,
2029 "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384",
2030 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
2031 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2032 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2033 0 },
2034 #endif
2035 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2036 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384,
2037 "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384",
2038 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
2039 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2040 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2041 0 },
2042 #endif
2043 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2044 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256,
2045 "TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256",
2046 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
2047 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2048 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2049 0 },
2050 #endif
2051 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2052 { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256,
2053 "TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256",
2054 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
2055 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2056 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2057 0 },
2058 #endif
2059
2060 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
2061
2062 #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
2063
2064 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
2065 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384,
2066 "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384",
2067 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
2068 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2069 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2070 0 },
2071 #endif
2072 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2073 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384,
2074 "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384",
2075 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
2076 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2077 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2078 0 },
2079 #endif
2080 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2081 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256,
2082 "TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256",
2083 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
2084 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2085 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2086 0 },
2087 #endif
2088 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2089 { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256,
2090 "TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256",
2091 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
2092 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2093 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2094 0 },
2095 #endif
2096
2097 #endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
2098
2099 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
2100
2101 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
2102 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,
2103 "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384",
2104 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2105 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2106 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2107 0 },
2108 #endif
2109 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2110 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384,
2111 "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384",
2112 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2113 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2114 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2115 0 },
2116 #endif
2117 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2118 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,
2119 "TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256",
2120 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2121 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2122 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2123 0 },
2124 #endif
2125 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2126 { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256,
2127 "TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256",
2128 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
2129 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2130 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2131 0 },
2132 #endif
2133
2134 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
2135
2136 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
2137
2138 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C))
2139 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384,
2140 "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384",
2141 MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2142 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2143 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2144 0 },
2145 #endif
2146 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C))
2147 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384,
2148 "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384",
2149 MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2150 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2151 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2152 0 },
2153 #endif
2154 #if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA256_C))
2155 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256,
2156 "TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256",
2157 MBEDTLS_CIPHER_ARIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2158 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2159 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2160 0 },
2161 #endif
2162 #if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA256_C))
2163 { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256,
2164 "TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256",
2165 MBEDTLS_CIPHER_ARIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
2166 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2167 MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
2168 0 },
2169 #endif
2170
2171 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
2172
2173 #endif /* MBEDTLS_ARIA_C */
2174
2175
2176 { 0, "",
2177 MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE,
2178 0, 0, 0, 0, 0 }
2179 };
2180
2181 #if defined(MBEDTLS_SSL_CIPHERSUITES)
mbedtls_ssl_list_ciphersuites(void)2182 const int *mbedtls_ssl_list_ciphersuites( void )
2183 {
2184 return( ciphersuite_preference );
2185 }
2186 #else
2187 #define MAX_CIPHERSUITES sizeof( ciphersuite_definitions ) / \
2188 sizeof( ciphersuite_definitions[0] )
2189 static int supported_ciphersuites[MAX_CIPHERSUITES];
2190 static int supported_init = 0;
2191
mbedtls_ssl_list_ciphersuites(void)2192 const int *mbedtls_ssl_list_ciphersuites( void )
2193 {
2194 /*
2195 * On initial call filter out all ciphersuites not supported by current
2196 * build based on presence in the ciphersuite_definitions.
2197 */
2198 if( supported_init == 0 )
2199 {
2200 const int *p;
2201 int *q;
2202
2203 for( p = ciphersuite_preference, q = supported_ciphersuites;
2204 *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1;
2205 p++ )
2206 {
2207 #if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES)
2208 const mbedtls_ssl_ciphersuite_t *cs_info;
2209 if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL &&
2210 cs_info->cipher != MBEDTLS_CIPHER_ARC4_128 )
2211 #else
2212 if( mbedtls_ssl_ciphersuite_from_id( *p ) != NULL )
2213 #endif
2214 *(q++) = *p;
2215 }
2216 *q = 0;
2217
2218 supported_init = 1;
2219 }
2220
2221 return( supported_ciphersuites );
2222 }
2223 #endif /* MBEDTLS_SSL_CIPHERSUITES */
2224
mbedtls_ssl_ciphersuite_from_string(const char * ciphersuite_name)2225 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string(
2226 const char *ciphersuite_name )
2227 {
2228 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
2229
2230 if( NULL == ciphersuite_name )
2231 return( NULL );
2232
2233 while( cur->id != 0 )
2234 {
2235 if( 0 == strcmp( cur->name, ciphersuite_name ) )
2236 return( cur );
2237
2238 cur++;
2239 }
2240
2241 return( NULL );
2242 }
2243
mbedtls_ssl_ciphersuite_from_id(int ciphersuite)2244 const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite )
2245 {
2246 const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions;
2247
2248 while( cur->id != 0 )
2249 {
2250 if( cur->id == ciphersuite )
2251 return( cur );
2252
2253 cur++;
2254 }
2255
2256 return( NULL );
2257 }
2258
mbedtls_ssl_get_ciphersuite_name(const int ciphersuite_id)2259 const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id )
2260 {
2261 const mbedtls_ssl_ciphersuite_t *cur;
2262
2263 cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
2264
2265 if( cur == NULL )
2266 return( "unknown" );
2267
2268 return( cur->name );
2269 }
2270
mbedtls_ssl_get_ciphersuite_id(const char * ciphersuite_name)2271 int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name )
2272 {
2273 const mbedtls_ssl_ciphersuite_t *cur;
2274
2275 cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name );
2276
2277 if( cur == NULL )
2278 return( 0 );
2279
2280 return( cur->id );
2281 }
2282
2283 #if defined(MBEDTLS_PK_C)
mbedtls_ssl_get_ciphersuite_sig_pk_alg(const mbedtls_ssl_ciphersuite_t * info)2284 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info )
2285 {
2286 switch( info->key_exchange )
2287 {
2288 case MBEDTLS_KEY_EXCHANGE_RSA:
2289 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
2290 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2291 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2292 return( MBEDTLS_PK_RSA );
2293
2294 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2295 return( MBEDTLS_PK_ECDSA );
2296
2297 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2298 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
2299 return( MBEDTLS_PK_ECKEY );
2300
2301 default:
2302 return( MBEDTLS_PK_NONE );
2303 }
2304 }
2305
mbedtls_ssl_get_ciphersuite_sig_alg(const mbedtls_ssl_ciphersuite_t * info)2306 mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info )
2307 {
2308 switch( info->key_exchange )
2309 {
2310 case MBEDTLS_KEY_EXCHANGE_RSA:
2311 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
2312 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2313 return( MBEDTLS_PK_RSA );
2314
2315 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2316 return( MBEDTLS_PK_ECDSA );
2317
2318 default:
2319 return( MBEDTLS_PK_NONE );
2320 }
2321 }
2322
2323 #endif /* MBEDTLS_PK_C */
2324
2325 #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
mbedtls_ssl_ciphersuite_uses_ec(const mbedtls_ssl_ciphersuite_t * info)2326 int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
2327 {
2328 switch( info->key_exchange )
2329 {
2330 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
2331 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
2332 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2333 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
2334 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
2335 return( 1 );
2336
2337 default:
2338 return( 0 );
2339 }
2340 }
2341 #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */
2342
2343 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
mbedtls_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t * info)2344 int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info )
2345 {
2346 switch( info->key_exchange )
2347 {
2348 case MBEDTLS_KEY_EXCHANGE_PSK:
2349 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
2350 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
2351 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
2352 return( 1 );
2353
2354 default:
2355 return( 0 );
2356 }
2357 }
2358 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
2359
2360 #endif /* MBEDTLS_SSL_TLS_C */
2361